Your message dated Sat, 09 Nov 2019 20:35:50 +0000 with message-id <[email protected]> and subject line Bug#941411: fixed in shelldap 1.4.0-4+deb10u1 has caused the Debian Bug report #941411, regarding shelldap: sometimes falls back to simple auth when it should do sasl to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact [email protected] immediately.) -- 941411: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=941411 Debian Bug Tracking System Contact [email protected] with problems
--- Begin Message ---Package: shelldap Version: 1.4.0-4 Severity: normal Hello, when calling shelldap repeatedly it sometimes fails for me and sometimes succeeds in entering the shell: user@host:~# shelldap LDAP bind error: No password, did you mean noauth or anonymous ? user@host:~# shelldap ~ > The problem is that in /usr/share/perl5/Net/LDAP.pm in the bind() method the iteration through %ptype happens in different orderings. If password => simple is hit first it dies with the above error message. If however sasl => sasl is tried first, it succeeds. The following patch makes it work for me: diff --git a/shelldap b/shelldap index 68dde20cc8de..5a18f23799f0 100755 --- a/shelldap +++ b/shelldap @@ -770,7 +770,6 @@ You may try connecting insecurely, or install the module and try again.\n} if $@ # if ( $sasl_conn ) { $rv = $ldap->bind( $conf->{'binddn'}, - password => $conf->{'bindpass'}, sasl => $sasl_conn ); } I *think* you never need a password when using sasl, but I'm not 100% confident, so I'm not tagging with "patch". I didn't try with shelldap 1.5.0-2 from sid, but there also both sasl and password are passed, so I expect the problem to still exist there. Best regards Uwe -- System Information: Debian Release: 10.0 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 4.19.0-5-amd64 (SMP w/2 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) Versions of packages shelldap depends on: ii libalgorithm-diff-perl 1.19.03-2 ii libnet-ldap-perl 1:0.6500+dfsg-1 ii libterm-readkey-perl 2.38-1 ii libterm-readline-gnu-perl 1.36-1 ii libterm-shell-perl 0.10-1 ii libyaml-syck-perl 1.31-1+b1 ii perl 5.28.1-6 Versions of packages shelldap recommends: pn libio-socket-ssl-perl <none> Versions of packages shelldap suggests: ii libauthen-sasl-perl 2.1600-1 -- no debconf information
--- End Message ---
--- Begin Message ---Source: shelldap Source-Version: 1.4.0-4+deb10u1 We believe that the bug you reported is fixed in the latest version of shelldap, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to [email protected], and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Salvatore Bonaccorso <[email protected]> (supplier of updated shelldap package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing [email protected]) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Thu, 17 Oct 2019 08:41:57 +0200 Source: shelldap Architecture: source Version: 1.4.0-4+deb10u1 Distribution: buster Urgency: medium Maintainer: Salvatore Bonaccorso <[email protected]> Changed-By: Salvatore Bonaccorso <[email protected]> Closes: 941411 Changes: shelldap (1.4.0-4+deb10u1) buster; urgency=medium . * Repair SASL authentications, add a 'sasluser' option (Closes: #941411) + Don't provide a password for sasl authentication + Fix sasl for DIGEST-MD5, PLAIN, and LOGIN mechanisms Checksums-Sha1: db6ec39bf31b49f7611352e2001fa56503e2416e 2063 shelldap_1.4.0-4+deb10u1.dsc 180a09ff0af7b4c2ab80d72d774667d6ea0f10c9 6532 shelldap_1.4.0-4+deb10u1.debian.tar.xz Checksums-Sha256: 0ff9dbd4aa0ef9b037151a9352e97c4d224cc8a837b7d92bcae8b153d51b4735 2063 shelldap_1.4.0-4+deb10u1.dsc 2a7b345a2f5b248006c5767aa6239bcfee08307ef4becae92ca9f29534603f51 6532 shelldap_1.4.0-4+deb10u1.debian.tar.xz Files: 23e52c07a114eb17c4c652b810fa2c60 2063 utils optional shelldap_1.4.0-4+deb10u1.dsc b18e06dd06f17fbd080658a9251a4211 6532 utils optional shelldap_1.4.0-4+deb10u1.debian.tar.xz -----BEGIN PGP SIGNATURE----- iQKmBAEBCgCQFiEERkRAmAjBceBVMd3uBUy48xNDz0QFAl3F91lfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQSHGNhcm5pbEBk ZWJpYW4ub3JnAAoJEAVMuPMTQ89EJL8P/jP8XXkuzOL9L5hZzBMgfh47qxYfhbUx m9XsQUphVRJjwF4Y6iYCNyG3YFv9Ovta4N5m3rkPsg8iReOZ5uizWynalgWgMeu9 OUq+YWuZXPK8LRwvNj0cD5MhgKkbU5wMzTmau8BWqlbdIpa7uzJn8LOP+m1CNZsz zDdk8cv9c+iucZpiCFPk9xG9BnVelCT6ph1AiFkbO7LCBHV4fLT1FrZDAQndHrVY ajjiD5YMYHK123cXF2JoOkhGPUTxHfNfNuS9HIixcBrNMoW5hXUqTnzNZHokkF2D TOI3wbrISGsbwQ0ZQaY20ZG7zOImJ5AbjbvusBPKAY3Vn1FqyQcSbb58+80uMnII IDiXmPxWpjJN/hQNPPF6NvsLFhuyPgHT8cGTLyGegEEfaclCmIEkiDTdEOXxsn/j BfLsk5dfj1gdUUdbC8q3V9J1CGLxHn3FyqaqloVWT46nHHC3gYX6Zl/W6k23p+jb YOBRZ4u/+qRaV+vPkn1timvuVdDdRefN19qkbTOKZHJcxtG4dz59xLtf3aO2VjJd rb5ZvOiEpRqEZAe8Y75NTAyDbgzJu1Jn+Aa+ySmaR7uxQrLQnfDQc/kvwkLllTVQ srdCpUm/jUyGJrc6ou5HyCGRmEdpFaYWyZ0HVaVAidsscw79aXKzNahZ2c/Kouyc AP7eoFD9Tino =4EV9 -----END PGP SIGNATURE-----
--- End Message ---
