| Subject: | duplicate request id bug |
Hi there,
There is a bug with this module - it always uses the same CPID and the
same request ID for every authentication request that is made.
CPID identifies a connection and request ID only needs to be unique
within that connection. So basically the duplet (CPID, request ID) is
unique.
I attach a patch that a) increments the request ID for each new request
within the process b) uses the new "nologin" parameter to say that there
will be no request from the master process to pick up the data from the
auth request and c) removes newline from the base64 encoded data.
The patch does not address the issue that all connections from the same
process share the same CPID. You should probably look into this.
| Subject: | authd.diff.txt |
*** Authd.orig.pm Thu Jan 3 11:08:39 2008
--- Authd.pm Fri Jan 4 10:33:19 2008
***************
*** 6,18 ****
use IO::Select;
use MIME::Base64 qw(encode_base64);
! our($VERSION, @EXPORT, @EXPORT_OK, @ISA);
require Exporter;
@ISA = qw(Exporter);
@EXPORT_OK = qw(auth_cyrus auth_dovecot user_dovecot);
$VERSION = "0.04";
sub auth_cyrus {
--- 6,19 ----
use IO::Select;
use MIME::Base64 qw(encode_base64);
! our($VERSION, @EXPORT, @EXPORT_OK, @ISA, $DOVECOT_REQID);
require Exporter;
@ISA = qw(Exporter);
@EXPORT_OK = qw(auth_cyrus auth_dovecot user_dovecot);
$VERSION = "0.04";
+ $DOVECOT_REQID = 0;
sub auth_cyrus {
***************
*** 53,59 ****
my $sock = new IO::Socket::UNIX(Type => SOCK_STREAM, Peer => $socket) or
die "Can't open socket. Check dovecot is running and $socket is readable.";
!
my $handshake = read_until($sock, '^DONE$', $timeout);
die "Unsupported protocol version"
unless $handshake =~ /^VERSION\t1\t\d+$/m;
--- 54,60 ----
my $sock = new IO::Socket::UNIX(Type => SOCK_STREAM, Peer => $socket) or
die "Can't open socket. Check dovecot is running and $socket is readable.";
! $DOVECOT_REQID++;
my $handshake = read_until($sock, '^DONE$', $timeout);
die "Unsupported protocol version"
unless $handshake =~ /^VERSION\t1\t\d+$/m;
***************
*** 61,68 ****
die "PLAIN mechanism is not supported by the authentication daemon"
unless $handshake =~ /^MECH\tPLAIN/m;
! my $base64 = encode_base64("\0$login\0$passwd");
! $sock->send("VERSION\t1\t0\nCPID\t$$\nAUTH\t1\tPLAIN\tservice=$service\tresp=$base64\n") or
die "Can't write to $socket";
my $result = read_until($sock, '\n', $timeout);
--- 62,69 ----
die "PLAIN mechanism is not supported by the authentication daemon"
unless $handshake =~ /^MECH\tPLAIN/m;
! my $base64 = encode_base64("\0$login\0$passwd", ''); # '' to strip newline
! $sock->send("VERSION\t1\t0\nCPID\t$$\nAUTH\t$DOVECOT_REQID\tPLAIN\tservice=$service\tnologin\tresp=$base64\n") or
die "Can't write to $socket";
my $result = read_until($sock, '\n', $timeout);
***************
*** 85,95 ****
my $sock = new IO::Socket::UNIX(Type => SOCK_STREAM, Peer => $socket) or
die "Can't open socket. Check dovecot is running and $socket is readable.";
my $handshake = read_until($sock, '^VERSION\t\d+\t', $timeout);
die "Unsupported protocol version"
unless $handshake =~ /^VERSION\t1\t\d+$/m;
! $sock->send("VERSION\t1\t0\nUSER\t1\t$login\tservice=$service\n") or
die "Can't write to $socket";
my $result = read_until($sock, '\n', $timeout);
--- 86,97 ----
my $sock = new IO::Socket::UNIX(Type => SOCK_STREAM, Peer => $socket) or
die "Can't open socket. Check dovecot is running and $socket is readable.";
+ $DOVECOT_REQID++;
my $handshake = read_until($sock, '^VERSION\t\d+\t', $timeout);
die "Unsupported protocol version"
unless $handshake =~ /^VERSION\t1\t\d+$/m;
! $sock->send("VERSION\t1\t0\nUSER\t$DOVECOT_REQID\t$login\tservice=$service\n") or
die "Can't write to $socket";
my $result = read_until($sock, '\n', $timeout);