User filed upstream bug at https://github.com/cyrusimap/cyrus- sasl/issues/427
** Bug watch added: github.com/cyrusimap/cyrus-sasl/issues #427 https://github.com/cyrusimap/cyrus-sasl/issues/427 -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to cyrus-sasl2 in Ubuntu. https://bugs.launchpad.net/bugs/1188475 Title: ldap group doesn't work Status in cyrus-sasl2 package in Ubuntu: Triaged Bug description: Hello! I wrote almost the same mail to sasl mail list, but , I guess, it is good to fix in 12.04... This bug exists in 2.1.26 , and in 2.1.25 which is in 12.04 Problem is that after user is authentificated with ldap bind , ldap connection for checking user in group ( lak_group_member function ) is made with this user's bind, not bind parameters from config file. User can not ( and have not in our case- I don't know why , but this is not real problem ) have access to ldap groups. And so, authentication is always fail. I added unbind and anonymous bind ( enough in our case): /var/local/files/sasl/cyrus-sasl-2.1.26/saslauthd# diff -ur lak.c.orig lak.c --- lak.c.orig 2013-06-07 09:15:20.098788278 +0400 +++ lak.c 2013-06-07 09:22:31.504774185 +0400 @@ -1342,6 +1342,10 @@ if (rc != LAK_OK) goto done; + lak_unbind (lak ); + rc = lak_bind(lak, ""); + + rc = ldap_search_st(lak->ld, group_search_base, lak->conf->group_scope, group_filter, (char **) group_attrs, 0, &(lak->conf->timeout), &res); switch (rc) { case LDAP_SUCCESS: but, it is obvoius that rebind should be done with credintials from config, but this is over my head :-( Could you, please, fix this bug correctly? Thank you! To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/cyrus-sasl2/+bug/1188475/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
