Date: Mon, 19 Apr 2004 04:03:34 -0700 (PDT) From: Marko <marko@oblo.com> To: freebsd-gnats-submit@FreeBSD.org Subject: ports/65759: cyrus-sasl2 from version 2.1.17 drops realms from usernames Message-ID: <200404191103.i3JB3YeH062774@www.freebsd.org> Resent-Message-ID: <200404191110.i3JBAG1e011568@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 65759 >Category: ports >Synopsis: cyrus-sasl2 from version 2.1.17 drops realms from usernames >Confidential: no >Severity: critical >Priority: high >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Mon Apr 19 04:10:15 PDT 2004 >Closed-Date: >Last-Modified: >Originator: Marko >Release: 4.8 >Organization: Oblo >Environment: FreeBSD op-fi1.oblo.com 4.8-RELEASE FreeBSD 4.8-RELEASE #0: Wed Jun 4 03:17:05 CEST 2003 root@op_fi1:/usr/obj/usr/src/sys/GENERIC i386 >Description: From version 2.1.17 of cyrus-sasl2, realms are dropped from usernames. This means that when authenticating against an SQL with usernames in the format "user@example.com", SMTP-AUTH will never authenticate because saslauthd will only pass it the "user" part without "@example.com". A good discussion on this subject: http://groups.google.com/groups?hl=en&lr=&ie=UTF-8&oe=UTF-8&c2coff=1&safe=off&threadm=c4pfnm%242s4b%241%40FreeBSD.csie.NCTU.edu.tw&rnum=1&prev=/groups%3Fq%3Dsaslauthd%2Brealm%2B2.1.18%26hl%3Den%26lr%3D%26ie%3DUTF-8%26oe%3DUTF-8%26c2coff%3D1%26safe%3Doff%26selm%3Dc4pfnm%25242s4b%25241%2540FreeBSD.csie.NCTU.edu.tw%26rnum%3D >How-To-Repeat: Using cyrus-sasl2 v 2.1.17 and later try authenticating against SMTP-AUTH using a "user@example.com" username format, and watch the SQL logs for what is being passed. >Fix: Possible options: - Don't allow cyrus-sasl2 v 2.1.17 or 2.1.18 to be installed? - Put --with-authdaemond option as available to the port so that a workaround can be quickly installed? - Get some more blurb into the compile process so that admin is aware of the changes as opposed to blindly nuking his install (and this was not a fun thing to debug!) >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200404191103.i3JB3YeH062774>