A user logged in with a captial "L" for his username: Jul 7 12:30:31 postamt dovecot: auth(default): cache(Loser,10.47.64.227): miss Jul 7 12:30:31 postamt dovecot: auth(default): shadow(Loser,10.47.64.227): lookup Jul 7 12:30:31 postamt dovecot: auth(default): shadow(Loser,10.47.64.227): unknown user Jul 7 12:30:31 postamt dovecot: auth(default): cache(Loser,10.47.64.227): miss Jul 7 12:30:31 postamt dovecot: auth-worker(default): pam(Loser,10.47.64.227): lookup service=dovecot Jul 7 12:30:31 postamt dovecot: auth-worker(default): pam(Loser,10.47.64.227): #1/1 style=1 msg=Password: Jul 7 12:30:33 postamt dovecot: auth-worker(default): pam(Loser,10.47.64.227): unknown user Then I told him that he's supposed to use an "l" instead of "L" but: Jul 7 12:42:01 postamt dovecot: imap-login: Login: user=<loser>, method=PLAIN, rip=10.47.64.227, lip=141.42.4.250, TLS Jul 7 12:42:02 postamt dovecot: auth(default): client in: ... Jul 7 12:42:02 postamt dovecot: auth(default): cache(Loser,10.47.64.227): hit: Jul 7 12:42:02 postamt dovecot: auth(default): cache(Loser,10.47.64.227): User unknown Jul 7 12:42:02 postamt dovecot: auth(default): cache(Loser,10.47.64.227): hit: Jul 7 12:42:02 postamt dovecot: auth(default): cache(Loser,10.47.64.227): User unknown Jul 7 12:43:50 postamt dovecot: imap-login: Disconnected (auth failed, 1 attempts): user=<Loser>, method=PLAIN, rip=10.47.64.227, lip=141.42.4.250, TLS: Disconnected I think the auth cache may work case-insensitive, thus making the "User invalid" response for "Loser" also valid for "loser" (which is the valid and correct username!) -- Ralf Hildebrandt Gesch?ftsbereich IT | Abteilung Netzwerk Charit? - Universit?tsmedizin Berlin Campus Benjamin Franklin Hindenburgdamm 30 | D-12203 Berlin Tel. +49 30 450 570 155 | Fax: +49 30 450 570 962 ralf.hildebrandt at charite.de | http://www.charite.de
On Tue, 2009-07-07 at 12:50 +0200, Ralf Hildebrandt wrote:> Then I told him that he's supposed to use an "l" instead of "L" but: > > Jul 7 12:42:01 postamt dovecot: imap-login: Login: user=<loser>, method=PLAIN, rip=10.47.64.227, lip=141.42.4.250, TLSThis is a successful login as "loser". This is logged only after authentication, and I guess there should have been some auth lines before that?> Jul 7 12:42:02 postamt dovecot: auth(default): client in: ... > Jul 7 12:42:02 postamt dovecot: auth(default): cache(Loser,10.47.64.227): hit: > Jul 7 12:42:02 postamt dovecot: auth(default): cache(Loser,10.47.64.227): User unknown > Jul 7 12:42:02 postamt dovecot: auth(default): cache(Loser,10.47.64.227): hit: > Jul 7 12:42:02 postamt dovecot: auth(default): cache(Loser,10.47.64.227): User unknown > Jul 7 12:43:50 postamt dovecot: imap-login: Disconnected (auth failed, 1 attempts): user=<Loser>, method=PLAIN, rip=10.47.64.227, lip=141.42.4.250, TLS: DisconnectedHere again it looks like the user is logging in a second later as "Loser". Maybe the user has multiple clients? Or the client is just messed up and used both.> I think the auth cache may work case-insensitive,It's case-sensitive. I also tried and couldn't reproduce the problem. -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 197 bytes Desc: This is a digitally signed message part Url : http://dovecot.org/pipermail/dovecot/attachments/20090707/5ced4df9/attachment.bin
* Timo Sirainen <tss at iki.fi>:> Here again it looks like the user is logging in a second later as > "Loser". Maybe the user has multiple clients? Or the client is just > messed up and used both.He changed it back and forth> > I think the auth cache may work case-insensitive, > > It's case-sensitive. > > I also tried and couldn't reproduce the problem.OK. I hate my users :) -- Ralf Hildebrandt Gesch?ftsbereich IT | Abteilung Netzwerk Charit? - Universit?tsmedizin Berlin Campus Benjamin Franklin Hindenburgdamm 30 | D-12203 Berlin Tel. +49 30 450 570 155 | Fax: +49 30 450 570 962 ralf.hildebrandt at charite.de | http://www.charite.de