ports/65759: cyrus-sasl2 from version 2.1.17 drops realms from usernames
Marko
marko at oblo.com
Mon Apr 19 11:10:16 UTC 2004
>Number: 65759
>Category: ports
>Synopsis: cyrus-sasl2 from version 2.1.17 drops realms from usernames
>Confidential: no
>Severity: critical
>Priority: high
>Responsible: freebsd-ports-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Mon Apr 19 04:10:15 PDT 2004
>Closed-Date:
>Last-Modified:
>Originator: Marko
>Release: 4.8
>Organization:
Oblo
>Environment:
FreeBSD op-fi1.oblo.com 4.8-RELEASE FreeBSD 4.8-RELEASE #0: Wed Jun 4 03:17:05 CEST 2003 root at op_fi1:/usr/obj/usr/src/sys/GENERIC i386
>Description:
From version 2.1.17 of cyrus-sasl2, realms are dropped from usernames. This means that when authenticating against an SQL with usernames in the format "user at example.com", SMTP-AUTH will never authenticate because saslauthd will only pass it the "user" part without "@example.com".
A good discussion on this subject:
http://groups.google.com/groups?hl=en&lr=&ie=UTF-8&oe=UTF-8&c2coff=1&safe=off&threadm=c4pfnm%242s4b%241%40FreeBSD.csie.NCTU.edu.tw&rnum=1&prev=/groups%3Fq%3Dsaslauthd%2Brealm%2B2.1.18%26hl%3Den%26lr%3D%26ie%3DUTF-8%26oe%3DUTF-8%26c2coff%3D1%26safe%3Doff%26selm%3Dc4pfnm%25242s4b%25241%2540FreeBSD.csie.NCTU.edu.tw%26rnum%3D
>How-To-Repeat:
Using cyrus-sasl2 v 2.1.17 and later try authenticating against SMTP-AUTH using a "user at example.com" username format, and watch the SQL logs for what is being passed.
>Fix:
Possible options:
- Don't allow cyrus-sasl2 v 2.1.17 or 2.1.18 to be installed?
- Put --with-authdaemond option as available to the port so that a workaround can be quickly installed?
- Get some more blurb into the compile process so that admin is aware of the changes as opposed to blindly nuking his install (and this was not a fun thing to debug!)
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-ports-bugs
mailing list