2.2-rc3 critique: FAILS '"' CONTAINING PASSWORDS!!!!

Johannes Graumann johannes_graumann at web.de
Thu Jun 19 08:47:28 CEST 2008


I was indeed using a password with a double quote - shouldn't there be input
sanitizing escaping all of this and making all special characters available
for secure passwording?

Thanks for the sasl pointer ... will report back tonight.

Joh

Alain Spineux wrote:

> On Wed, Jun 18, 2008 at 11:17 PM, Johannes Graumann
> <johannes_graumann at web.de> wrote:
>> Hi,
>>
>> 1) Completely fresh openpkg install/bootstrap
>> 2) Create a new user
>> 3) Try to use new user:
>>        a) admin interface works
> 
> I thing the webadmin use simple_bind not SASL !
> 
>>        b) horde doesn't
> 
> use IMAP then SASL
> 
>>        c) kontact doesn't
> 
> use IMAP to
> 
>> 4) Investigate:
>>        a) manually bind to openldap:
>>        root# /kolab/bin/ldapsearch -b dc=graumanage,dc=net -s base -D
>>        'cn=Johannes Graumann,dc=graumanage,dc=net' -h 127.0.0.1 -x -w
>>        '<MYPASSWD>'
>>
> 
> then simple bind works
> 
>>        Output in the shell:
>>         # extended LDIF
>>        #
>>        # LDAPv3
>>        # base <dc=graumanage,dc=net> with scope baseObject
>>        # filter: (objectclass=*)
>>        # requesting: ALL
>>        #
>>
>>        # graumanage.net
>>        dn: dc=graumanage,dc=net
>>        dc: graumanage
>>        objectClass: top
>>        objectClass: domain
>>
>>        # search result
>>        search: 2
>>        result: 0 Success
>>
>>        # numResponses: 2
>>        # numEntries: 1
>>        b) equivalent output when observing slapd debugging (as advised
>>        here:
>>       
http://wiki.kolab.org/index.php/Kolab2_Server_Troubleshooting_-_LDAP)
>>        c) appropriate slapd debugging output when logging into admin
>>        interface d) NO slapd output when attempting to use horde
> 
> Look like SASL cannot even communicate with LDAP
> 
>>        e) only trace of horde login:
>>                tail /kolab/var/apache/log/horde/horde.log
>>                Jun 18 22:14:05 HORDE [error] [horde] FAILED LOGIN for
>>                Johannes Graumann
>>                [192.168.0.2] to Horde [pid 25084 on line 157
>>                of "/kolab/var/kolab/www/horde/login.php"]
>>        ==> this looked up somewhere that the email given was linked to my
>>        name,
>>                but still fails ...
>>        f) /kolab/bin/cyradm --user johannes.graumann at graumanage.net
>>        localhost
>>                  Password ...
>>                  IMAP password ...
>>        FAILS
> 
> IMAP then SASL again
> 
>> 5) Partial solution to cyrus based problems:
>>        USE PASSWORD WITHOUT '"' and imap-based stuff just works!!!!?????
> 
> I dont understand , without what ?
> 
>>        ==> cyradmin login works (also with explicitly escaped '"')
> 
> Did you use double or simple quote in your password ?
> 
>>        ==> much of kontact functionality therefore works
> 
>> 6) Remaining problems:
>>        a) No horde login - pointers for better troubleshooting?
>>        b) LDAP lookup from within kontact: still NO TLS or SSL
>>        c) call up contact: still one stalling progress bar for an
>>        unidentifiable connection to the server - what might this be?
> 
> My first idea (before the " or ' stuff) was to troubleshot SASL
> 
> http://wiki.kolab.org/index.php/Kolab2_Server_Troubleshooting_-_SASL
> 
> 
>>
>> Comments? Joh
>>
>> _______________________________________________
>> Kolab-users mailing list
>> Kolab-users at kolab.org
>> https://kolab.org/mailman/listinfo/kolab-users
>>
> 
> 
> 





More information about the users mailing list