Hello!
After upgrading a perfectly working SOGo 2.3.1 installation to 2.3.10 I
noticed,
that logging in using the web interface randomly fails.
Login using dav seems to be OK.
The config is multi domain using PostgreSQL based authentication backend
without OpenChange.
Examining the log files I noticed the following things:
Failed login 1:
2016-05-04 22:56:20.215 sogod[28160] PG0x0x7f23a2caae40 SQL: SELECT
c_password FROM sogo_users_domain WHERE c_uid =
'u...@domain.name@domain.name'
May 04 22:56:20 sogod [28160]: <0x0x7f23a2a28ee0[SOGoWebAuthenticator]>
tried wrong password for user
'5HaHe1hMoTq80GJdBm2FTVPSO1Re2JgaaHiEltvdUYURmRzVmRAWcax6Vdf/Op3uSS8DjrGwW34qejK8jT32k3u10UvX794/7HBp2yox7lvt5RLerZ4MAE8MCXPsvCsHCmON89fk3JU4VkxFzbVMyL9RdYGaYlqeAu0QyGnq2vMHigm8f0vReLU4kxJfALAkfJhCFzTmgYT2CUHCTs0VYg=='!
The domain name is used twice in the SQL query, and the user name in the
error message is not normal
In this case the user is not gets error message, the login page displays
again.
Failed login 2:
2016-05-04 23:17:40.360 sogod[30587] PG0x0x7fcd79841030 SQL: SELECT
c_password FROM sogo_users_domain WHERE c_uid = 'user'
May 04 23:17:40 sogod [30587]: SOGoRootPage Login from '91.83.203.83'
for user 'u...@domain.name' might not have worked - password policy:
65535 grace: -1 expire: -1 bound: 0
The domain name is not used in the SQL query, but correct in the error
message
Then user get error message
Succesful login:
2016-05-04 23:22:39.907 sogod[30587] PG0x0x7fcd79d465d0 SQL: SELECT
c_password FROM sogo_users_domain WHERE c_uid = 'u...@domain.name'
May 04 23:22:39 sogod [30587]: SOGoRootPage successful login from
'ip.ip.ip.ip' for user 'u...@domain.name' - expire = -1 grace = -1
The above 3 login attempt used the same user credentials (full e-mail
address + password).
May I missed something during the upgrade (Wheezy x64 package)?
(memcached was restarted)
If I can't resolve the problem using the current version, is there any
way to downgrade to 2.3.1?
Can I find the deb packages of the older versions somewhere?
Thanks,
Gabor
--
users@sogo.nu
https://inverse.ca/sogo/lists