Univention Bugzilla – Bug 39317
pam_univentionmailcyrus.so ignores univentionMailHomeServer
Last modified: 2019-01-03 07:16:22 CET
+++ This bug was initially created as a clone of Bug #38387 +++ univentionmailcyrus.so does not honor univentionMailHomeServer. This results with Dovecot in an "Internal login failure", because for a user with a homeServer!=self PAM authentication succeeds, but the LDAP lookup fails. Dovecot interprets this as his own fault. This is not a problem for the functioning of Dovecot, just a ugly log message. ----- message to imap client: imaplib.error: [UNAVAILABLE] Internal error occurred. Refer to server log for more information. ----- ----- message in dovecot server log: dovecot: imap: Error: Authenticated user not found from userdb ----- Authentication should only succeed if the user has a mail account on the local server (univentionMailHomeServer=FQDN) or univentionMailHomeServer is empty. --------------------------- Until solved, the test 40_mail/29_mail_related_modifications_of_user_objects treats the error "[UNAVAILABLE] Internal error occurred" as an (expected) login error.
It defines also the search filter without escaping the values: 152 snprintf(filter, BUFSIZ, "(&(%s=%s)(%s=*))", fromattr, fromuser, toattr); where fromuser is a not ldap-filter-escaped string given by user input which e.g. could be '*' or '*)(foo=bar'.
This issue has been filled against UCS 4.0. The maintenance with bug and security fixes for UCS 4.0 has ended on 31st of May 2016. Customers still on UCS 4.0 are encouraged to update to UCS 4.3. Please contact your partner or Univention for any questions. If this issue still occurs in newer UCS versions, please use "Clone this bug" or simply reopen the issue. In this case please provide detailed information on how this issue is affecting you.