Opened 3 years ago

Closed 3 years ago

#1486373 closed Bugs (fixed)

Unable to login after upgrade

Reported by: zerovice Owned by:
Priority: 5 Milestone: 0.4-beta
Component: Core functionality Version: git-master
Severity: normal Keywords:
Cc:

Description

I upgraded from 0.2 to 0.3.1 manually and am having a curious issue. I used the installer via the web.

I log in successfully as seen in /var/log/maillog

Dec 15 18:52:28 dovecot: imap-login: Login: user=<testuser>, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, TLS
Dec 15 18:52:28 dovecot: IMAP(testuser): Disconnected: Logged out bytes=8/306

and am sent to this page

http://.../wm/?_task=mail

although am only presented with the login page again.

Setting the debug level to 13 all I receive in output is the following which seems fine, afaict.

  • OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE AUTH=PLAIN] Dovecot ready. AUTH PLAIN: Resource id #42

Thanks for any assistance...

Change History (8)

comment:1 follow-up: Changed 3 years ago by alec

  • Component changed from Addressbook to IMAP connection
  • Resolution set to invalid
  • Status changed from new to closed

Probably config issue, set debug_level to 1. You should have something in the log.

comment:2 in reply to: ↑ 1 Changed 3 years ago by zerovice

  • Resolution invalid deleted
  • Status changed from closed to reopened

Replying to alec:

Probably config issue, set debug_level to 1. You should have something in the log.

Setting debug_level to 1 doesn't result in any log being created. I have verified this facility does work though by enabling the sql, imap, and userlogin logging by setting it to true and there are resulting logs. There are not errors in these logs and again no generic log showing any issues.

  • James

comment:3 Changed 3 years ago by zerovice

  • Component changed from IMAP connection to Website

I've also checked the mysqld.log as well as enabled php logging in php.ini and am not seeing any errors.

  • James

comment:4 Changed 3 years ago by zerovice

Right, so checking out trunk (3183) and running through the installer allows me to login! Looks like there may be a bug somewhere. How can I tell the build of 0.3.1 or is that good enough to look through the changelog between these builds to see if there is anything obvious?

  • James

comment:5 Changed 3 years ago by alec

  • Milestone changed from later to 0.4-beta
  • Resolution set to fixed
  • Status changed from reopened to closed

I don't know, but if works with svn-trunk I'm closing the ticket.

comment:6 Changed 3 years ago by DimShadoWWW

  • Resolution fixed deleted
  • Status changed from closed to reopened
  • Version changed from 0.3.1 to svn-trunk

I installed the revision 3184, and still have this problem

comment:7 Changed 3 years ago by DimShadoWWW

the problem is when mod_security is enabled, it reports:

SecAction? "phase:1,t:none,pass,nolog,initcol:global=global,initcol:ip=%{remote_addr}"
SecRule? "REQUEST_METHOD" "@rx (?:GET|HEAD)$" "phase:2,chain,t:none,block,nolog,auditlog,status:400,msg:'GET or HEAD requests with bodies',severity:2,id:960011,tag:PROTOCOL_VIOLATION/EVASION"
SecRule? "&REQUEST_HEADERS:Content-Type" "@eq 0" "phase:2,pass,chain,t:none,nolog,auditlog,msg:'Request Containing Content, but Missing Content-Type header',id:960904,severity:5"
SecRule? "REQUEST_HEADERS:Host" "@rx [
d.:]+$" "phase:2,t:none,block,nolog,auditlog,status:400,msg:'Host header is a numeric IP address',severity:2,id:960017,tag:PROTOCOL_VIOLATION/IP_HOST,setvar:tx.msg=%{rule.msg},setvar:tx.anomaly_score=+5,setvar:tx.policy_score=+1,setvar:tx.%{rule.id}-POLICY/IP_HOST-%{matched_var_name}=%{matched_var}'"
SecRule? "REQUEST_URI|REQUEST_BODY|REQUEST_HEADERS|XML:/*|!REQUEST_HEADERS:Referer" "@pmFromFile modsecurity_40_generic_attacks.data" "phase:2,t:none,t:urlDecodeUni,t:htmlEntityDecode,t:compressWhiteSpace,t:lowercase,nolog,pass,setvar:tx.pm_score=+1,setvar:tx.pm_data_%{matched_var_name}=%{matched_var}"
SecRule? "&TX:/SQL_INJECTION/" "@eq 0" "phase:2,t:none,nolog,skipAfter:END_SQL_INJECTION_WEAK"
SecRule? "REQUEST_URI|REQUEST_BODY|REQUEST_HEADERS|XML:/*|!REQUEST_HEADERS:Referer" "@pm jscript onsubmit copyparentfolder javascript meta onchange onmove onkeydown onkeyup activexobject onerror onmouseup ecmascript bexpression onmouseover vbscript: <![cdata[ http: .innerhtml settimeout shell: onabort asfunction: onkeypress onmousedown onclick .fromcharcode background-image: .cookie x-javascript ondragdrop onblur mocha: javascript: onfocus lowsrc getparentfolder onresize @import alert script onselect onmouseout application onmousemove background .execscript livescript: vbscript getspecialfolder .addimport iframe onunload createtextrange <input onload" "phase:2,t:none,t:urlDecodeUni,t:htmlEntityDecode,t:compressWhiteSpace,t:lowercase,nolog,skip:1,setvar:tx.pm_xss_data_%{matched_var_name}=%{matched_var}"
SecRule? "REQUEST_FILENAME" "!@pmFromFile modsecurity_46_et_sql_injection.data" "phase:2,nolog,t:none,t:urlDecodeUni,t:htmlEntityDecode,t:normalisePathWin,skipAfter:END_ET_SQLI_RULES"
SecRule? "REQUEST_FILENAME" "!@pmFromFile modsecurity_46_et_web_rules.data" "phase:2,nolog,t:none,t:urlDecodeUni,t:htmlEntityDecode,t:normalisePathWin,skipAfter:END_SNORT_RULES"
SecRule? "TX:ANOMALY_SCORE" "@ge 5" "phase:5,t:none,log,noauditlog,pass,msg:'Transactional Anomaly Score (score %{TX.ANOMALY_SCORE}): %{tx.msg}'"

comment:8 Changed 3 years ago by alec

  • Component changed from Website to Core functionality
  • Resolution set to fixed
  • Status changed from reopened to closed

Some modsecurity rules are too restrictive, e.g.960017. Please open a new ticket, it's not the same issue.

Note: See TracTickets for help on using tickets.