Thanks to visit codestin.com
Credit goes to github.com

Skip to content

bug report: OAUTH2 auth results in eventual client IP ban if fail2ban enabledΒ #3801

New issue
New issue
Closed
#3812
Closed
bug report: OAUTH2 auth results in eventual client IP ban if fail2ban enabled#3801
#3812
Assignees
polarathene
Labels
area/securityarea/testsbug/confirmedA bug report whose bug is confirmedbug/solution proposedA bug report, whose bug is confirmed, and an unverified solution was proposedkind/bug/reportA report about a bugservice/dovecotservice/security/fail2ban
Milestone
v13.3.1
@benniekiss

Description

@benniekiss
benniekiss
opened on Jan 21, 2024

πŸ“ Preliminary Checks

  • I tried searching for an existing issue and followed the debugging docs advice, but still need assistance.

πŸ‘€ What Happened?

with OAUTH2 enabled, sign-in with Roundcube is successful, however, the client IP is eventually banned by fail2ban.

The reason is because !include auth-oauth2.conf.ext comes after !include auth-passwdfile.inc.

Simply moving !include auth-oauth2.conf.ext above !include auth-passwdfile.inc is enough to prevent a ban, however, there was some discussion on the PR related to other issues with the ordering.

πŸ‘Ÿ Reproduction Steps

enable OAUTH2, enable fail2ban, sign in to account with OAUTH2, wait for fail2ban to trigger because regular passdb lookup fails before oauth2 is used.

πŸ‹ DMS Version

v13.3.0

πŸ’» Operating System and Architecture

Fedora CoreOS

βš™οΈ Container configuration files

No response

πŸ“œ Relevant log output

No response

Improvements to this form?

No response

Metadata

Metadata

Assignees

Labels

area/securityarea/testsbug/confirmedA bug report whose bug is confirmedbug/solution proposedA bug report, whose bug is confirmed, and an unverified solution was proposedkind/bug/reportA report about a bugservice/dovecotservice/security/fail2ban

Type

No type

Projects

No projects

Milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions