SASL_IP(LOCAL|REMOTE)PORT broken in imapd 2.2.2beta?

Igor Brezac igor at ipass.net
Wed Dec 17 09:32:14 EST 2003 

After you run configure (cyrus-imapd) edit config.h and replace

#ifndef NI_WITHSCOPEID
#define NI_WITHSCOPEID  0
#endif

with

#define NI_WITHSCOPEID  0

You will need to do the same when you build sendmail and possibly other
sasl enabled apps.

The permanent fix would be to pass NI_WITHSCOPEID to getnameinfo() only
when ipv6 is used.

-Igor


On Wed, 17 Dec 2003, Roland Rosenfeld wrote:

> Hi!
>
> I installed cyrus imapd 2.2.2beta on a SPARC Solaris 9 system and
> noted two auth-messages in the syslog on every pop3 and imap4 connect:
>
> Dec 17 11:22:06 b3 pop3[14471]: [ID 702911 auth.notice] Bad IPLOCALPORT value
> Dec 17 11:22:06 b3 pop3[14471]: [ID 702911 auth.notice] Bad IPREMOTEPORT value
>
> When digging in the code, I noticed that this message comes from SASL,
> but it is triggered in imap/pop3d.c:377:
>
>     if(iptostring((struct sockaddr *)&popd_localaddr,
>                   salen, localip, 60) == 0) {
>         sasl_setprop(popd_saslconn, SASL_IPLOCALPORT, localip);
>         saslprops.iplocalport = xstrdup(localip);
>     }
>
> I'd expect that localip would be the IP or <IP>;<Port> of the system
> in the {...} part of the above statement, but when I add a
> syslog(LOG_ERR,localip), I get "\377\277\352H;" in the logfile, which
> is (in decimal) 255 191 234 72 and no port given.  I get this value as
> localip and as remoteip, while both IPs are different and don't have
> to do anything with the above decimal numbers.
>
> Maybe I'm a little bit blind, but I don't see, what's going on here.
> Does anyone know this problem or know how to solve it?  I installed
> similar systems (also Solaris 9) with cyrus imapd 2.1.15 and didn't
> notice these error messages on the other systems.
>
> Except the annoying auth.notice messages (which fill our
> authentication log file) I didn't see any disadvantages or problems
> with this, but I'd like to get rid of the base of this problem.
>
> Where does SASL use these IPs for?  Maybe a solution would be to
> comment out the above cited code...
>
> Tschoeeee
>
>         Roland
>

-- 
Igor

More information about the Info-cyrus mailing list