Re: [Dovecot] Wrong credential caching
* Timo Sirainen t...@iki.fi: Here again it looks like the user is logging in a second later as Loser. Maybe the user has multiple clients? Or the client is just messed up and used both. He changed it back and forth I think the auth cache may work case-insensitive, It's case-sensitive. I also tried and couldn't reproduce the problem. OK. I hate my users :) -- Ralf Hildebrandt Geschäftsbereich IT | Abteilung Netzwerk Charité - Universitätsmedizin Berlin Campus Benjamin Franklin Hindenburgdamm 30 | D-12203 Berlin Tel. +49 30 450 570 155 | Fax: +49 30 450 570 962 ralf.hildebra...@charite.de | http://www.charite.de
[Dovecot] Wrong credential caching
A user logged in with a captial L for his username: Jul 7 12:30:31 postamt dovecot: auth(default): cache(Loser,10.47.64.227): miss Jul 7 12:30:31 postamt dovecot: auth(default): shadow(Loser,10.47.64.227): lookup Jul 7 12:30:31 postamt dovecot: auth(default): shadow(Loser,10.47.64.227): unknown user Jul 7 12:30:31 postamt dovecot: auth(default): cache(Loser,10.47.64.227): miss Jul 7 12:30:31 postamt dovecot: auth-worker(default): pam(Loser,10.47.64.227): lookup service=dovecot Jul 7 12:30:31 postamt dovecot: auth-worker(default): pam(Loser,10.47.64.227): #1/1 style=1 msg=Password: Jul 7 12:30:33 postamt dovecot: auth-worker(default): pam(Loser,10.47.64.227): unknown user Then I told him that he's supposed to use an l instead of L but: Jul 7 12:42:01 postamt dovecot: imap-login: Login: user=loser, method=PLAIN, rip=10.47.64.227, lip=141.42.4.250, TLS Jul 7 12:42:02 postamt dovecot: auth(default): client in: ... Jul 7 12:42:02 postamt dovecot: auth(default): cache(Loser,10.47.64.227): hit: Jul 7 12:42:02 postamt dovecot: auth(default): cache(Loser,10.47.64.227): User unknown Jul 7 12:42:02 postamt dovecot: auth(default): cache(Loser,10.47.64.227): hit: Jul 7 12:42:02 postamt dovecot: auth(default): cache(Loser,10.47.64.227): User unknown Jul 7 12:43:50 postamt dovecot: imap-login: Disconnected (auth failed, 1 attempts): user=Loser, method=PLAIN, rip=10.47.64.227, lip=141.42.4.250, TLS: Disconnected I think the auth cache may work case-insensitive, thus making the User invalid response for Loser also valid for loser (which is the valid and correct username!) -- Ralf Hildebrandt Geschäftsbereich IT | Abteilung Netzwerk Charité - Universitätsmedizin Berlin Campus Benjamin Franklin Hindenburgdamm 30 | D-12203 Berlin Tel. +49 30 450 570 155 | Fax: +49 30 450 570 962 ralf.hildebra...@charite.de | http://www.charite.de
Re: [Dovecot] Wrong credential caching
On Tue, 2009-07-07 at 12:50 +0200, Ralf Hildebrandt wrote: Then I told him that he's supposed to use an l instead of L but: Jul 7 12:42:01 postamt dovecot: imap-login: Login: user=loser, method=PLAIN, rip=10.47.64.227, lip=141.42.4.250, TLS This is a successful login as loser. This is logged only after authentication, and I guess there should have been some auth lines before that? Jul 7 12:42:02 postamt dovecot: auth(default): client in: ... Jul 7 12:42:02 postamt dovecot: auth(default): cache(Loser,10.47.64.227): hit: Jul 7 12:42:02 postamt dovecot: auth(default): cache(Loser,10.47.64.227): User unknown Jul 7 12:42:02 postamt dovecot: auth(default): cache(Loser,10.47.64.227): hit: Jul 7 12:42:02 postamt dovecot: auth(default): cache(Loser,10.47.64.227): User unknown Jul 7 12:43:50 postamt dovecot: imap-login: Disconnected (auth failed, 1 attempts): user=Loser, method=PLAIN, rip=10.47.64.227, lip=141.42.4.250, TLS: Disconnected Here again it looks like the user is logging in a second later as Loser. Maybe the user has multiple clients? Or the client is just messed up and used both. I think the auth cache may work case-insensitive, It's case-sensitive. I also tried and couldn't reproduce the problem. signature.asc Description: This is a digitally signed message part