Maciej Paczesny
2008-Jan-28 12:46 UTC
[Dovecot] dovecot-auth: sockbuf.c:91: ber_sockbuf_ctrl: Assertion `( (sb)->sb_opts.lbo_valid == 0x3 )' failed.
2008/1/28, Maciej Paczesny <maciunio2 at gmail.com>:> Hello, > > I'm almost sure that all topics and problems mentioned below were > separately posted to this list already. But after spending 4 days on > searching, I did'n find a compilation similar to my case. So maybe > some of you guys, are able to answer to help me solve this: > > 1. I'd like to use userdb and passdb of Dovetcot to work with Windows AD. > 2. I have to use them both because I'd like to use LDA to serve for my Postfix. > 3. I DO NOT want tou use any external programs (ie PAM) to talk to AD server. > 4. I was able to make my system partially running - I CAN bind to AD > database, and confirm user/password. > 5. I want to get follownig attributes: home directory (OK, I could put > it statically), uid/gid (OK, it could be static too) and MAIL QUOTA > (my users have different values - no 'statics'). > > To help you on this subject, here are my configs/data: > OS => > Gentoo Linux > > uname -a => > 2.6.15-gentoo-r7 #1 SMP PREEMPT Tue Mar 21 18:08:57 CET 2006 i686 > Intel(R) Xeon(TM) CPU 2.40GHz GenuineIntel GNU/Linux > > dovecot --version => > 1.1.beta14 > > dovecot -n => > protocols: imaps > ssl_listen: *:993 > ssl_cert_file: /etc/ssl/dovecot/newcert.pem > ssl_key_file: /etc/ssl/dovecot/newkey.pem > ssl_parameters_regenerate: 0 > ssl_cipher_list: ALL:!LOW:!SSLv2 > disable_plaintext_auth: no > verbose_ssl: yes > login_dir: /var/run/dovecot/login > login_executable: /usr/libexec/dovecot/imap-login > verbose_proctitle: yes > mail_uid: 5000 > mail_gid: 5000 > mail_location: maildir:~/.Maildir/ > mail_debug: yes > mail_executable: /usr/libexec/dovecot/var > mail_plugins: quota imap_quota > auth default: > mechanisms: login plain > username_format: %Lu > verbose: yes > debug: yes > debug_passwords: yes > passdb: > driver: ldap > args: /etc/dovecot/dovecot-ldap.conf > userdb: > driver: ldap > args: /etc/dovecot/dovecot-ldap.conf > socket: > type: listen > client: > path: /var/spool/postfix/private/auth > mode: 438 > user: postfix > group: postfix > master: > path: /var/run/dovecot/auth-master > mode: 384 > user: vmail > group: vmail > plugin: > quota: maildir:storage=10240000000:ignore=Trash > sieve: /var/vmail/lpr/%u/.Maildir/.dovecot.sieve > > grep -v '^ *\(#.*\)\?$' dovecot-ldap.conf > hosts = 10.10.10.8:3268 > uris = ldap://10.10.10.8:3268 > dn = lpr\Administrator > dnpass = *** > auth_bind = yes > auth_bind_userdn = lpr\%u > base = dc=lpr,dc=com,dc=pl > ldap_version = 3 > user_attrs = uidNumber=uid,gidNumber=gid,postOfficeBox=home,carLicense=quota > user_filter = (&(cn=%u)) > pass_attrs = cn=user,userPasword=password > pass_filter = (&(cn=%u)) > > Windows AD => > Windows 2003 R2 PL > > ----------------------- > Logs: > > Jan 28 00:37:40 gentoo dovecot: auth(default): client in: AUTH 1 > PLAIN service=imap secured lip=10.10.10.2 rip=10.10.10.29 > Jan 28 00:37:40 gentoo dovecot: auth(default): client out: CONT 1 > Jan 28 00:37:40 gentoo dovecot: auth(default): client in: CONT 1 > AG1wYWN6ZXNueQBOZGYxNjEzODI> Jan 28 00:37:40 gentoo dovecot: auth(default): client out: OK 1 user=xxx > Jan 28 00:37:40 gentoo dovecot: auth(default): master in: REQUEST > 1 16026 1 > Jan 28 00:37:40 gentoo dovecot: auth(default): ldap(xxx,10.10.10.29): > user search: base=dc=lpr,dc=com,dc=pl scope=subtree filter=(&(cn=xxx)) > fields=uidNumber,gidNumber,postOfficeBox,carLicense > Jan 28 00:37:40 gentoo dovecot: auth(default): master out: USER 1 xxx > Jan 28 00:37:40 gentoo dovecot: imap-login: Login: user=<xxx>, > method=PLAIN, rip=10.10.10.29, lip=10.10.10.2, TLS > Jan 28 00:37:40 gentoo dovecot: IMAP(xxx): Loading modules from > directory: /usr/lib/dovecot/imap > Jan 28 00:37:40 gentoo dovecot: IMAP(xxx): Module loaded: > /usr/lib/dovecot/imap/lib10_quota_plugin.so > Jan 28 00:37:40 gentoo dovecot: IMAP(xxx): Module loaded: > /usr/lib/dovecot/imap/lib11_imap_quota_plugin.so > Jan 28 00:37:40 gentoo dovecot: IMAP(xxx): Effective uid=5000, gid=5000, home> Jan 28 00:37:40 gentoo dovecot: IMAP(xxx): Quota root: > name=storage=10240000000 backend=maildir args=ignore=Trash > > Jan 28 00:37:41 gentoo dovecot: IMAP(xxx): Namespace: type=private, > prefix=INBOX., sep=., inbox=yes, hidden=no, list=yes, > subscriptions=yes > Jan 28 00:37:41 gentoo dovecot: IMAP(xxx): maildir: > data=/HOME_DIRECTORY_USED_BUT_NOT_GIVEN_BY_USERDB/.Maildir/ > Jan 28 00:37:41 gentoo dovecot: IMAP(xxx): maildir++: > root=/HOME_DIRECTORY_USED_BUT_NOT_GIVEN_BY_USERDB/.Maildir, index=, > control=, inbox=/HOME_DIRECTORY_USED_BUT_NOT_GIVEN_BY_USERDB/.Maildir > Jan 28 00:37:41 gentoo dovecot: IMAP(xxx): > mkdir(/HOME_DIRECTORY_USED_BUT_NOT_GIVEN_BY_USERDB/.Maildir/cur) > failed: Permission denied > > > > the second case is that i receive following errors in log file: > Jan 28 00:47:31 gentoo dovecot: auth(default): client in: AUTH 1 > PLAIN service=imap secured lip=10.10.10.2 rip=10.10.10.29 > Jan 28 00:47:31 gentoo dovecot: auth(default): client out: CONT 1 > Jan 28 00:47:31 gentoo dovecot: auth(default): client in: CONT 1 > AG1wYCN6ZXNuew9OZGYxxAEzODIe> Jan 28 00:47:31 gentoo dovecot: auth(default): client out: OK 1 user=xxx > Jan 28 00:47:31 gentoo dovecot: auth(default): master in: REQUEST > 1 16170 1 > Jan 28 00:47:31 gentoo dovecot: auth(default): > prefetch(xxx,10.10.10.29): passdb didn't return userdb entries > Jan 28 00:47:31 gentoo dovecot: auth(default): > userdb(xxx,10.10.10.29): user not found from userdb > Jan 28 00:47:31 gentoo dovecot: auth(default): master out: NOTFOUND 1 > > when i use prefetch driver and with change like this one below to > ldap.conf file: > pass_attrs = uid=user, userPassword=password, > postOfficeBox=userdb_home, uidNumber=userdb_uid, gidNumber=userdb_gid, > carLicense=userdb_quota > > > (and, yes, i know about the home directory path. it is easy to make it > real and working (change mail_location) - it is not a problem.) > > the case and question is: how can i get a QUOTA (in my case - > carLicense) attribute from AD/LDAP? is it shown somewhere? how can it > be verified? the value "storage=10240000000 " is a static one written > in config and the same for all users. > is there any kind of manual on how to make AD and Dovecot running and > returning uid, gid, home, quota etc attributes without PAM? >ok, I did manage to step ahead a bit. using passdb and userdb gives me some progress - sniffit gives me the proof that i'm receiving proper data from AD LDAP. but there is another problem: Jan 28 13:11:13 gentoo dovecot: imap-login: file client-authenticate.c: line 200 (sasl_callback): assertion failed: (!client->destroyed || reply == SASL_SERVER_REPLY_CLIENT_ERROR || reply == SASL_SERVER_REPLY_MASTER_FAILED) [...] Jan 28 13:36:50 gentoo dovecot: auth(default): dovecot-auth: sockbuf.c:91: ber_sockbuf_ctrl: Assertion `( (sb)->sb_opts.lbo_valid == 0x3 )' failed. it seems that Dovecot cannot insert received data into the environment variables (???) -- Maciej Paczesny maciunio2 at gmail.com ***Gdyby nie wymy?lono elektryczno?ci, siedzia?bym przed kompem przy ?wieczkach***
Timo Sirainen
2008-Jan-28 14:02 UTC
[Dovecot] dovecot-auth: sockbuf.c:91: ber_sockbuf_ctrl: Assertion `( (sb)->sb_opts.lbo_valid == 0x3 )' failed.
On Mon, 2008-01-28 at 13:46 +0100, Maciej Paczesny wrote:> Jan 28 13:11:13 gentoo dovecot: imap-login: file > client-authenticate.c: line 200 (sasl_callback): assertion failed: > (!client->destroyed || reply == SASL_SERVER_REPLY_CLIENT_ERROR || > reply == SASL_SERVER_REPLY_MASTER_FAILED)I should fix this some day.. But this is caused by dovecot-auth crashing:> Jan 28 13:36:50 gentoo dovecot: auth(default): dovecot-auth: > sockbuf.c:91: ber_sockbuf_ctrl: Assertion `( (sb)->sb_opts.lbo_valid > == 0x3 )' failed.This assert-crash comes from OpenLDAP library. I don't know why. Maybe it doesn't like something AD sends it? -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 189 bytes Desc: This is a digitally signed message part URL: <http://dovecot.org/pipermail/dovecot/attachments/20080128/772534c1/attachment-0002.bin>
Jean-Michel Smith
2008-Feb-12 09:55 UTC
[Dovecot] dovecot-auth: sockbuf.c:91: ber_sockbuf_ctrl: Assertion`((sb)->sb_opts.lbo_valid == 0x3 )' failed.
Timo Sirainen <tss <at> iki.fi> writes:> > On Mon, 2008-01-28 at 13:46 +0100, Maciej Paczesny wrote: > > Jan 28 13:36:50 gentoo dovecot: auth(default): dovecot-auth: > > sockbuf.c:91: ber_sockbuf_ctrl: Assertion `( (sb)->sb_opts.lbo_valid > > == 0x3 )' failed. > > This assert-crash comes from OpenLDAP library. I don't know why. Maybe > it doesn't like something AD sends it? > >Any news on this? I'm getting the exact same errors, on Centos 4.6, Fedora7, and Fedora8, all authenticating against AD 2003.
Reasonably Related Threads
- Dovecot + Windows AD + Postfix + quota
- (userdb/ldap) Set home dovecot variable - How?
- how to deliver when username and email differ
- Homedir permissions problems with LDAP
- net: ../../../libraries/liblber/decode.c:644: ber_scanf: Assertion `((ber)->ber_opts.lbo_valid==0x2)' failed.