Public bug reported:
Dovecot authentication over IMAP fails when mysql driver configuration
"connect= host=127.0.0.1 ..." where dovecot and mysql are on the same
workstation.
Dovecot appears to work without issue when connecting over a socket, or using
the driver where connect= host=IP where IP is any address not 127.0.0.1.
(confirmed by standup separate isolated components connected over a network)
Testing connection for a 'user'@'127.0.0.1' via mysql using "mysql -u
user -p -h 127.0.0.1 --database mailserver" succeeds.
Dovecot logging initially indicated the authentication failure between
dovecot and mysql during IMAP login. Testing IMAP/Authentication
included the following commands.
openssl s_client -connect 127.0.0.1:993 -crlf
IMAP> a login user password
OK WAITING FOR AUTHENTICATION PROCESS
TEMPORARY AUTHENTICATION FAILURE
The logs indicate a connection is made to mysql at 127.0.0.1 using the
specified mysql user. It shows authentication failure for
'user'@'localhost' where the 'localhost' domain portion appears to be
immutable and somehow appended.
This logging prompted some significant research into a way of explicitly
setting the domain portion i.e. undocumented option_file located in the
source code. The research yielded no usable results; and it was
ultimately a red herring.
Further tests show even with the appropriate 'user'@'localhost'
credential set in mysql with proper permissions, this authentication
still fails. The cause for the failure is unclear.
This issue is present in the current package available with Bionic,
dovecot vers 2.2.33.2, mysql .
mysql Ver 15.1 Distrib 10.1.40-MariaDB, for debian-linux-gnu (x86_64) using
readline 5.2
Not being able to use a tcp connection over loopback between services is
problematic since sockets are not always available (i.e. chroot jails).
I reached out to several places for assistance including the dovecot
mailing list regarding the problem. The only response from the dovecot
mailing list that I received indicated the issue was a mysql issue not a
dovecot issue because of mysql's special use of localhost which I was
already familiar with (socket vs tcp).
This will likely need more investigation into the root cause but at this
point its outside my expertise. Its a weird one.
I'm thinking if it were a simple matter of mysql resolving the host
incorrectly (i.e setting the connecting client to 'user'@'localhost')
then setting an appropriate credential for 'user'@'localhost' in mysql
should have resolved the matter; and it didn't.
So there's something more going on here.
** Affects: dovecot (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1834813
Title:
dovecot mysql driver connection fails when connection string host is
set to 127.0.0.1
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/dovecot/+bug/1834813/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
