Passwords containing backslash - problem.
Dan White
dwhite at olp.net
Tue Jul 19 17:54:16 EDT 2011
On 19/07/11 16:50 -0300, Lauro Costa G. Borges wrote:
>
> Hi,
>
> I am using
>
>-----
>libsasl2-2 v2.1.23.dfsg1-5ubuntu1
>libsasl2-modules v2.1.23.dfsg1-5ubuntu1
>libsasl2-modules-ldap v2.1.23.dfsg1-5ubuntu1
>sasl2-bin v2.1.23.dfsg1-5ubuntu1
>-----
>
> and I noticed that when users have a password containing a backslash
>or a double backslash, it is not correctly handled by saslauthd (I think).
>
> My 1st scenario is: users connect to Webmail, which connects to
>imapproxy, and then, imap server. This works ok, saslauthd is not used.
>
> My 2nd scenario is: users try to send mails using Roundcube, which
>connects to smtp server (Postfix), and Postfix uses saslauthd. This
>does not work.
>
> The same password works when connecting directly to imapproxy or
>imap, or even to webmail (just to check mails, not to send them).
>
> Even testsaslauthd -u -p does not work. I tried:
>
> testsaslauthd -u username -p "somechars\morechars" (user has a pw
>with 1 backslash)
>
> testsaslauthd -u username -p "somechars\\morechars" (user has a pw
>with 1 backslash)
>
> testsaslauthd -u username -p somechars\\morechars (user has a pw
>with 1 backslash)
>
> testsaslauthd -u username -p somechars\\morechars (user has a pw
>with 2 backslashes)
>
>
> Does saslauthd handle backslashes ok for the rest of you? Cause it
>doesn't seem to handle it with testsaslauthd or as a Postfix auth daemon.
I can't reproduce this problem while using the PAM backend. Which saslauthd
backend are you using? If relevant, what sasl configuration is your imap
server using?
Both of these work for me:
testsaslauthd -u username -p 'test\1234'
testsaslauthd -u username -p test\\1234
Where the password is:
test\1234
--
Dan White
More information about the Cyrus-sasl
mailing list