6258b3
diff -up cyrus-imapd-2.4.14/lib/auth_unix.c.authid_normalize cyrus-imapd-2.4.14/lib/auth_unix.c
6258b3
--- cyrus-imapd-2.4.14/lib/auth_unix.c.authid_normalize	2012-03-12 12:47:51.000000000 +0100
6258b3
+++ cyrus-imapd-2.4.14/lib/auth_unix.c	2012-03-14 10:49:50.679822894 +0100
6e3d99
@@ -156,10 +156,12 @@ const char *identifier;
9e566a
 size_t len;
9e566a
 {
9e566a
     static char retbuf[81];
9e566a
+    char backup[81];
9e566a
     struct group *grp;
9e566a
     char sawalpha;
9e566a
     char *p;
9e566a
     int username_tolower = 0;
9e566a
+    int ic,rbc;
9e566a
 
9e566a
     if(!len) len = strlen(identifier);
9e566a
     if(len >= sizeof(retbuf)) return NULL;
6e3d99
@@ -211,6 +213,22 @@ size_t len;
9e566a
     /* now we don't */
9e566a
     /* if (!sawalpha) return NULL;  */
9e566a
 
9e566a
+    if( (libcyrus_config_getswitch(CYRUSOPT_NORMALIZEUID) == 1) ) {
9e566a
+        strcpy(backup,retbuf);
9e566a
+       /* remove leading blanks */
9e566a
+       for(ic=0; isblank(backup[ic]); ic++);
9e566a
+       for(rbc=0; backup[ic]; ic++) {
9e566a
+            retbuf[rbc] = ( isalpha(backup[ic]) ?
9e566a
+                 tolower(backup[ic]) : backup[ic] );
9e566a
+            rbc++;
9e566a
+       }
9e566a
+       retbuf[rbc] = '\0';
9e566a
+       /* remove trailing blanks */
9e566a
+       for(--rbc; isblank(retbuf[rbc]); rbc--) {
9e566a
+            retbuf[rbc] = '\0';
9e566a
+       }
9e566a
+    }
9e566a
+
9e566a
     return retbuf;
9e566a
 }
9e566a
 
6258b3
diff -up cyrus-imapd-2.4.14/lib/imapoptions.authid_normalize cyrus-imapd-2.4.14/lib/imapoptions
6258b3
--- cyrus-imapd-2.4.14/lib/imapoptions.authid_normalize	2012-03-12 12:47:51.000000000 +0100
6258b3
+++ cyrus-imapd-2.4.14/lib/imapoptions	2012-03-14 11:01:11.020256349 +0100
6258b3
@@ -844,6 +844,11 @@ Blank lines and lines beginning with ``#
6258b3
 /* Set the length of the NNTP server's inactivity autologout timer,    
6258b3
    in minutes.  The minimum value is 3, the default. */
9e566a
 
9e566a
+{ "normalizeuid", 0, SWITCH }
9e566a
+/* Lowercase uid and strip leading and trailing blanks. It is recommended
9e566a
+   to set this to yes, especially if OpenLDAP is used as authentication
9e566a
+   source. */
9e566a
+
6258b3
 { "notifysocket", "{configdirectory}/socket/notify", STRING }
6258b3
 /* Unix domain socket that the mail notification daemon listens on. */
6258b3
 
6258b3
diff -up cyrus-imapd-2.4.14/lib/libcyr_cfg.c.authid_normalize cyrus-imapd-2.4.14/lib/libcyr_cfg.c
6258b3
--- cyrus-imapd-2.4.14/lib/libcyr_cfg.c.authid_normalize	2012-03-12 12:47:51.000000000 +0100
6258b3
+++ cyrus-imapd-2.4.14/lib/libcyr_cfg.c	2012-03-14 10:49:50.681822910 +0100
6258b3
@@ -158,6 +158,10 @@ struct cyrusopt_s cyrus_options[] = {
6e3d99
       CFGVAL(long, 1),
2bab04
       CYRUS_OPT_SWITCH },
9e566a
 
9e566a
+    { CYRUSOPT_NORMALIZEUID,
9e566a
+      CFGVAL(long, 1),
9e566a
+      CYRUS_OPT_SWITCH },
9e566a
+
9e566a
     { CYRUSOPT_LAST, { NULL }, CYRUS_OPT_NOTOPT }
9e566a
 };
9e566a
 
6258b3
diff -up cyrus-imapd-2.4.14/lib/libcyr_cfg.h.authid_normalize cyrus-imapd-2.4.14/lib/libcyr_cfg.h
6258b3
--- cyrus-imapd-2.4.14/lib/libcyr_cfg.h.authid_normalize	2012-03-12 12:47:51.000000000 +0100
6258b3
+++ cyrus-imapd-2.4.14/lib/libcyr_cfg.h	2012-03-14 10:49:50.681822910 +0100
6258b3
@@ -116,6 +116,8 @@ enum cyrus_opt {
6e3d99
     CYRUSOPT_SQL_USESSL,
6e3d99
     /* Checkpoint after every recovery (OFF) */
6e3d99
     CYRUSOPT_SKIPLIST_ALWAYS_CHECKPOINT,
6e3d99
+    /* Lowercase uid and strip leading and trailing blanks (OFF) */
6e3d99
+    CYRUSOPT_NORMALIZEUID,
6e3d99
 
6e3d99
     CYRUSOPT_LAST
6e3d99