SASL auth - mailbox possible bug?

Discussion in 'General' started by andyb2000, Apr 15, 2012.

  1. andyb2000

    andyb2000 New Member

    Hi folks,
    Trying to track down an unusual problem so thought I'd post here what I've tested and found as somebody might be able to shed some light on it/confirm what I've found.

    Changing the password to a mailbox by going "Email Mailbox", clicking on a mailbox and typing a new password in.

    Firstly tried changing it to a 'xxxxxxxxx1' length password.
    Password hash in database appeared to change.
    Tried an auth using perl encoding:

    perl -MMIME::Base64 -e 'print encode_base64("user\\0user\\0xxxxxxxxx1");'
    And pushed that to SMTP:

    telnet localhost 25
    EHLO me
    AUTH PLAIN xxx
    (Where xxx is obviously the hash I got from the perl Base64 encode). And the password worked.

    I then changed the password again to 'tester1'.
    Again encoded it and tested via SMTP, password failure.
    I then tried the first password again, and to my surprise that authenticated.

    It seems to take 2 attempts via the web interface to force a password change, even though the DB appears to change each time.

    Am I missing something here?

    Basic setup: Ubuntu 11.04 server with postfix/SASL auth via mysql (standard setup). Pretty much base setup.
  2. andyb2000

    andyb2000 New Member

    You know what. I think I've just found it. saslauthd uses caching

    /usr/sbin/saslauthd -a pam -c -m /var/spool/postfix/var/run/saslauthd -r -n 5
    Which the man page states:
    So that could be the issue here, if so apologies for the wasted time here! I'll continue debugging but think thats it!

Share This Page