Christian Wiese
2011-Jan-12 18:23 UTC
[Dovecot] [PATCH] auth: Fixed mech_winbind_ntlm by using mech_winbind_auth_initial()
Hi folks, attached is a trivial patch which is fixing Winbind/NTLM authentication in dovecot 2.0 series. The patch was made against 2.0.8 sources, but there should be no problem applying it onto HEAD, because 'src/auth/mech-winbind.c' wasn't touched for quite some time now ;) I tested the patch with a dovecot 2.0.8 running on linux, authenticating against a WindowsServer 2008R2 Enterprise using ntlm_auth/winbind (from current stable samba 3.5.6). I successfully tested NTLM authentication for IMAP and POP3 (with and without STARTTLS) using following MUAs for the test: - Thunderbird 3.1.7 (Linux X86-64) - Outlook Express 6.00 (Windows XP Pro Qemu-KVM) Cheers, Chris Patch Description: In changeset 9002 a new function named mech_winbind_auth_initial() was introduced, but only the mech_winbind_spnego module part was changed to finally use this function. The mech_winbind_ntlm module part was not properly adapted which leads to a non functioning NTLM authentication mechanism while using winbind, because it will never call the `ntlm_auth` helper. The simple fix is to replace mech_generic_auth_initial() with mech_winbind_auth_initial() as auth_initial "hook" when setting up the mech_winbind_ntlm module, like it is done in the mech_winbind_spnego module. References: - Changeset 9002: http://hg.dovecot.org/dovecot-2.0/diff/9d0037a997f4/src/auth/mech-winbind.c -------------- next part -------------- A non-text attachment was scrubbed... Name: 0001-auth-mech_winbind_ntlm-use-mech_winbind_auth_initial.patch Type: text/x-patch Size: 1362 bytes Desc: not available URL: <http://dovecot.org/pipermail/dovecot/attachments/20110112/6858cb50/attachment-0002.bin>
Timo Sirainen
2011-Jan-16 19:48 UTC
[Dovecot] [PATCH] auth: Fixed mech_winbind_ntlm by using mech_winbind_auth_initial()
On Wed, 2011-01-12 at 18:23 +0000, Christian Wiese wrote:> attached is a trivial patch which is fixing Winbind/NTLM authentication in > dovecot 2.0 > series.Committed, thanks. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 198 bytes Desc: This is a digitally signed message part URL: <http://dovecot.org/pipermail/dovecot/attachments/20110116/708237aa/attachment-0002.bin>
Apparently Analagous Threads
- [Patch] Samba's proposed "ntlm_auth + winbind" support for dovecot-auth
- [PATCH] add some const's
- [PATCH] add LOGIN authentication mechanism
- [Bug 550] building ulogd2 fails due to missing 'autoheader' in autogen.sh
- [Bug 551] gcc warning: assignment discards qualifiers from pointer target type