ports/104502: mail/mailscanner binds to base dn

Danijel Tasov danielt at pilgerer.org
Tue Oct 17 17:21:02 UTC 2006 

>Number:         104502
>Category:       ports
>Synopsis:       mail/mailscanner binds to base dn
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-ports-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Tue Oct 17 17:20:13 GMT 2006
>Closed-Date:
>Last-Modified:
>Originator:     Danijel Tasov
>Release:        FreeBSD 6.2-PRERELEASE i386
>Organization:
Pilgerer.Org
>Environment:
System: FreeBSD malvolio.pilgerer.org 6.2-PRERELEASE FreeBSD 6.2-PRERELEASE #1: Mon Oct 2 19:16:34 CEST 2006 benny at trial.pilgerer.de:/usr/obj/export/usr/src/sys/TRIAL i386


	
>Description:

MailScanner should connect anonymously as described in the config file:

>From MailScanner.conf:
  # If you are using an LDAP server to read the configuration, these
  # are the details required for the LDAP connection. The connection
  # is anonymous.
  LDAP Server = somehost.pilgerer.de
  LDAP Base   = o=pilgerer,c=de
  LDAP Site   = PilgererMTA

When MailSanner is started the following error occurs:

  unauthenticated bind (DN with no password) disallowed at /usr/local/lib/MailScanner/MailScanner/Config.pm line 668

Well, this is because MailScanner binds to the "LDAP Base":

  $binding = $connection->bind($ldapbase, anonymous=>1);

which doesn't make much sense. So a simple anonymous bind should be used:

  $binding = $connection->bind();

>How-To-Repeat:

Configure MailScanner for use with LDAP and start it.

>Fix:

--- lib/MailScanner/Config.pm.orig	Tue Oct 17 18:31:40 2006
+++ lib/MailScanner/Config.pm	Tue Oct 17 18:31:54 2006
@@ -665,7 +665,7 @@
     # Connect and bind
     $connection = Net::LDAP->new($ldapserver, onerror=>'warn') or
       print STDERR "Making LDAP connection error: $@\n";
-    $binding = $connection->bind($ldapbase, anonymous=>1);
+    $binding = $connection->bind();
     $binding->code and
       print STDERR "LDAP binding error: $@\n";
>Release-Note:
>Audit-Trail:
>Unformatted:

More information about the freebsd-ports-bugs mailing list