View Issue Details

IDProjectCategoryView StatusLast Update
0003899SOGoWeb Generalpublic2016-11-18 11:52
Reporterlabnet Assigned Toludovic  
PriorityhighSeverityblockReproducibilityalways
Status resolvedResolutionfixed 
Platform[Server] LinuxOSDebianOS Version7 (Wheezy)
Product Version3.2.1 
Fixed in Version3.2.2 
Summary0003899: SQL authentication
Description

After Upgrade to the actual nightly build. The authentication din't work:

SOGO LOG
Nov 14 18:21:57 sogod [16773]: SOGoRootPage Login from 'xxxxx' for user 'xxx@xxx.com' might not have worked - password policy: 65535 grace: -1 expire: -1 bound: 0

SOGo Config
SOGoUserSources =
(
{
type = sql;
id = directory;
viewURL="mysql://postfixadmin:xxxxx@127.0.0.1:3306/postfixadmin/sogo_auth";
canAuthenticate = YES;
isAddressBook = YES;
userPasswordAlgorithm = md5-crypt;
}
);

Steps To Reproduce

Standard Login on on the Web-Groupware.
Also the CalDAV and CardDAV authentication connections do not work.

Tagsauthentication, mysql, passwordPolicy

Activities

labnet

labnet

2016-11-14 20:37

reporter   ~0010849

I don't know why the password policy produce the error, due to the authentication credentials are used from the postfix mailbox?

ludovic

ludovic

2016-11-14 20:59

administrator   ~0010850

Show a sample of a user password from the db.

We recently modified that code to also support sha256/512-crypt.

labnet

labnet

2016-11-14 21:22

reporter  

SQL-Result.html (3,409 bytes)   
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<!-- saved from url=(0227)https://moebes.info/phpmyadmin/sql.php?db=postfixadmin&table=sogo_auth&printview=1&sql_query=SELECT+%2A+%0AFROM++%60sogo_auth%60+%0AWHERE+c_uid+%3D++%27test%40moebes.info%27&display_text=F&token=e6c6b74c5746c0e8d35e98cd48dacd31 -->
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="de" lang="de" dir="ltr"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8">

<link rel="icon" href="https://moebes.info/phpmyadmin/favicon.ico" type="image/x-icon">
<link rel="shortcut icon" href="https://moebes.info/phpmyadmin/favicon.ico" type="image/x-icon">
<title>SQL-Abfrageergebnis - phpMyAdmin 3.4.11.1deb2+deb7u6</title>
<link rel="stylesheet" type="text/css" href="./SQL-Result_files/phpmyadmin.css.php">
</head>

<body bgcolor="#ffffff">
<h1>SQL-Abfrageergebnis</h1>
<p>
    <strong>Host:</strong> localhost<br>
    <strong>Datenbank:</strong> postfixadmin<br>
    <strong>Erstellungszeit:</strong> 14. Nov 2016 um 22:19<br>
    <strong>Erstellt von:</strong> phpMyAdmin&nbsp;3.4.11.1deb2+deb7u6&nbsp;/ MySQL&nbsp;5.5.52-0+deb7u1<br>
    <strong>SQL-Befehl:</strong> SELECT * 
FROM  `sogo_auth` 
WHERE c_uid =  'test@moebes.info'
 LIMIT 0, 30 ;
    <br>
    <strong>Datensätze:</strong> 1    </p>


<div id="sqlqueryresults" class="ajax"><table id="table_results" class="data ajax">
<thead><tr>
<th class="condition">c_uid
</th><th>c_name
</th><th>c_password
</th><th>c_cn
</th><th>mail
</th></tr>
</thead>
        <tbody>
<tr class="odd"><td class="data inline_edit not_null odd  condition ">test@moebes.info</td>
<td class="data inline_edit not_null odd  ">test@moebes.info</td>
<td class="data inline_edit not_null odd  ">$1$a6d5abcc$gQQKOOLIpwb/4Nuw4kDdS.</td>
<td class="data inline_edit not_null odd  ">test</td>
<td class="data inline_edit not_null odd  ">test@moebes.info</td>
</tr>
            
</tbody>
</table>

    <script type="text/javascript">
//<![CDATA[
// Do print the page
window.onload = function()
{
    if (typeof(window.print) != 'undefined') {
        window.print();
    }
}
//]]>
</script>
        </div><script type="text/javascript">
//<![CDATA[
$(document).ready(function(){
// updates current settings
if (window.parent.setAll) {
    window.parent.setAll('de', 'utf8_general_ci', '1', 'postfixadmin', 'sogo_auth', 'e6c6b74c5746c0e8d35e98cd48dacd31');
}
    // set current db, table and sql query in the querywindow
if (window.parent.reload_querywindow) {
    window.parent.reload_querywindow(
        'postfixadmin',
        'sogo_auth',
        '');
}
    
if (window.parent.frame_content) {
    // reset content frame name, as querywindow needs to set a unique name
    // before submitting form data, and navigation frame needs the original name
    if (typeof(window.parent.frame_content.name) != 'undefined'
     && window.parent.frame_content.name != 'frame_content') {
        window.parent.frame_content.name = 'frame_content';
    }
    if (typeof(window.parent.frame_content.id) != 'undefined'
     && window.parent.frame_content.id != 'frame_content') {
        window.parent.frame_content.id = 'frame_content';
    }
    //window.parent.frame_content.setAttribute('name', 'frame_content');
    //window.parent.frame_content.setAttribute('id', 'frame_content');
}
});

//]]>
</script>


</body></html>
SQL-Result.html (3,409 bytes)   
labnet

labnet

2016-11-15 18:45

reporter   ~0010864

Last edited: 2016-11-15 18:45

Test with sha512 password scheme, we get the same error. Is it possible to deactivate this password policy?

Nov 15 19:40:18 sogod [28343]: SOGoRootPage Login from '2a02:1205:506a:da80:f057:e5a2:4ed:86b5' for user 'test@xxxx.info' might not have worked - password policy: 65535 grace: -1 expire: -1 bound: 0

ludovic

ludovic

2016-11-15 18:46

administrator   ~0010865

Password policy has nothing to do with this, it's used only for LDAP.

ludovic

ludovic

2016-11-15 19:13

administrator   ~0010866

I think I fixed the issue but I would need a sample password you have in your c_password column. Copy/paste the value AS IS.

labnet

labnet

2016-11-15 19:28

reporter   ~0010867

Test Password "q1w2e3r4t5_test" (without quote)

c_password
$1$0ed624b4$v9DuuC7u8TZvPHr.aVcn21

(when is the fix in the next daily build to test it?)

ludovic

ludovic

2016-11-15 19:29

administrator   ~0010868

in 16 hours from now

labnet

labnet

2016-11-16 13:45

reporter   ~0010872

After update to the nightly build, again the same problem:
Setting up sogo:amd64 (3.2.1.20161115-1) ...
======= Important SOGo post-installation note =======

SOGo database schemas are not automatically upgraded by
the packaging system.

Please check the list of database schema upgrade scripts
inside /usr/share/doc/sogo/ and apply them if needed.

[ ok ] Restarting SOGo: sogo.
Setting up sudo (1.8.5p2-1+nmu3+deb7u2) ...

Nov 16 14:43:20 sogod [11355]: SOGoRootPage Login from 'xxxx' for user 'xxx@xxxx.com' might not have worked - password policy: 65535 grace: -1 expire: -1 bound: 0

ludovic

ludovic

2016-11-16 13:53

administrator   ~0010873

There was no nightly builds generated last night - we'll generate a new one tonight so the fix is NOT in 20161115.

labnet

labnet

2016-11-17 15:58

reporter   ~0010887

I have tried to update, but no new build was available. when can I test the fixed version? Thanks.

francis

francis

2016-11-17 20:35

administrator   ~0010888

New nightly builds are now available.

labnet

labnet

2016-11-18 05:30

reporter   ~0010889

Great work the login is working as before - Thanks!!

Related Changesets

sogo: master bf42f225

2016-11-15 14:18

ludovic


Details Diff
(fix) fixed broken string initializations (fixes 0003899) Affected Issues
0003899
mod - SoObjects/SOGo/NSData+Crypto.m Diff File

sogo: v2 53b1cc54

2016-11-15 14:18

ludovic


Details Diff
(fix) fixed broken string initializations (fixes 0003899) Affected Issues
0003899
mod - SoObjects/SOGo/NSData+Crypto.m Diff File

Issue History

Date Modified Username Field Change
2016-11-14 20:32 labnet New Issue
2016-11-14 20:33 labnet Tag Attached: authentication
2016-11-14 20:33 labnet Tag Attached: Baikal
2016-11-14 20:33 labnet Tag Attached: mysql
2016-11-14 20:34 labnet Tag Detached: Baikal
2016-11-14 20:34 labnet Tag Attached: passwordPolicy
2016-11-14 20:37 labnet Note Added: 0010849
2016-11-14 20:59 ludovic Note Added: 0010850
2016-11-14 21:22 labnet File Added: SQL-Result.html
2016-11-15 18:45 labnet Note Added: 0010864
2016-11-15 18:45 labnet Note Edited: 0010864
2016-11-15 18:46 ludovic Note Added: 0010865
2016-11-15 19:13 ludovic Note Added: 0010866
2016-11-15 19:19 ludovic Changeset attached => sogo master bf42f225
2016-11-15 19:19 ludovic Assigned To => ludovic
2016-11-15 19:19 ludovic Resolution open => fixed
2016-11-15 19:23 ludovic Changeset attached => sogo v2 53b1cc54
2016-11-15 19:28 labnet Note Added: 0010867
2016-11-15 19:29 ludovic Note Added: 0010868
2016-11-16 13:45 labnet Note Added: 0010872
2016-11-16 13:53 ludovic Note Added: 0010873
2016-11-17 15:58 labnet Note Added: 0010887
2016-11-17 20:35 francis Note Added: 0010888
2016-11-18 05:30 labnet Note Added: 0010889
2016-11-18 11:52 ludovic Status new => resolved
2016-11-18 11:52 ludovic Fixed in Version => 3.2.2