Dovecot 1.2.4 introduced some checking for NUL characters in usernames. The test was picking up the NUL string-terminator on the user principal name returned by GSSAPI and forcing authentication failure. The Dovecot author has provided a patch which I have incorporated into the mail/dovecot port. http://hg.dovecot.org/dovecot-1.2/rev/a37fa30b0072 I have not incremented PORTREVISION because this will only affect sites which use GSSAPI authentication. This was discussed on the Dovecot mailing list: http://dovecot.org/pipermail/dovecot/2009-August/042468.html How-To-Repeat: - Attempt to authenticate to Dovecot 1.2.4 via GSSAPI - auth_debug log shows: auth(default): gssapi(john@EXAMPLE.COM,192.0.2.168): authz_name has NULs auth(default): client out: FAIL 1 user=john@EXAMPLE.COM - Mail client reports login failure
Maintainer of mail/dovecot, Please note that PR ports/138300 has just been submitted. If it contains a patch for an upgrade, an enhancement or a bug fix you agree on, reply to this email stating that you approve the patch and a committer will take care of it. The full text of the PR can be found at: http://www.freebsd.org/cgi/query-pr.cgi?pr=ports/138300 -- Edwin Groothuis via the GNATS Auto Assign Tool edwin@FreeBSD.org
State Changed From-To: open->feedback Awaiting maintainers feedback (via the GNATS Auto Assign Tool)
Responsible Changed From-To: freebsd-ports-bugs->wxs I'll take it.
wxs 2009-09-03 13:42:09 UTC FreeBSD ports repository Modified files: mail/dovecot Makefile Added files: mail/dovecot/files patch-src-auth-mech-gssapi.c Log: - Fix a bug where GSSAPI authentication was always failing. [1] - Flip MANAGESIEVE option to on (this makes the mail/managesieve package useful). [2] PR: [1]: ports/138300 [2]: ports@ list Submitted by: John Marshall <john.marshall@riverwillow.com.au> Approved by: Yarema <yds@CoolRat.org> (maintainer) Revision Changes Path 1.110 +2 -1 ports/mail/dovecot/Makefile 1.1 +13 -0 ports/mail/dovecot/files/patch-src-auth-mech-gssapi.c (new) _______________________________________________ cvs-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/cvs-all To unsubscribe, send any mail to "cvs-all-unsubscribe@freebsd.org"
State Changed From-To: feedback->closed Committed. Thanks!