Patch to suppress spurious "no user in db" errors

Ken Lalonde ken at globalremit.com
Wed Aug 10 14:51:42 EDT 2005


Further to my previous message, here is a better fix:

Omitting the cmusaslsecretPLAIN property lookup fixes the spurious
errors, but of course affects only PLAIN and LOGIN authentication.
The real problem is that the NDBM sasldb code (unlike GDBM and BDB)
considers the "user not found" error condition to be loggable.

This patch to cyrus-sasl-2.1.21/sasldb/db_ndbm.c fixes the problem,
and improves a couple of error messages:

--- sasldb/db_ndbm.c.orig	Wed Aug 10 14:09:53 2005
+++ sasldb/db_ndbm.c	Wed Aug 10 14:34:24 2005
@@ -101,7 +101,7 @@
   }
   db = dbm_open(path, O_RDONLY, S_IRUSR | S_IWUSR);
   if (! db) {
-      utils->seterror(cntxt, 0, "Could not open db");
+      utils->seterror(cntxt, 0, "Could not open NDBM db %s", path);
       result = SASL_FAIL;
       goto cleanup;
   }
@@ -109,7 +109,9 @@
   dkey.dsize = key_len;
   dvalue = dbm_fetch(db, dkey);
   if (! dvalue.dptr) {
-      utils->seterror(cntxt, 0, "no user in db");
+      utils->seterror(cntxt, SASL_NOLOG,
+         "user: %s@%s property: %s not found in NDBM db %s",
+         authid, realm, propName, path);
       result = SASL_NOUSER;
       goto cleanup;
   }


--
Ken Lalonde
Global Remittance Network Inc., Toronto


More information about the Cyrus-sasl mailing list