On Fri, 22 Jul 2011, Neal Horman wrote:
Since I don't know where to send this, I thought this to be the most
appropriate place, sorry if it is not.
Mac OS X Lion's Apple Mail client, fails to authenticate with imapd-2007e.
In the b64 encoded authentication parameter "authzid\0authcid\password",
authzid is empty when sent by Apple Mail.
As a result, authentication fails.
Attached is a single line minor patch that corrects the failure.
Also, what is the story here about code base development, from what I can
see, it hasn't really been active for a number of years...
Did the developers move on, or did the code reach feature completion or what?
The developers did move on. However, we are still using imapd so this bug
hit us, too. We've verified that it is a bug and that the fix Neal sent is
correct.
The bug affects only clients using RFC 4959 SASL Initial Client Response.
As Neal says, Lion's Mail is leaving the authzid empty in the b64 encoded
"authzid\0authcid\0password". That is allowed and correct. For the imapd
bug, it doesn't actually matter if the initial authzid is left off or not.
What matters is if the total length of the whole base64 argument is
divisible by 3 or not. When it is, there is an off-by-one error that is
corrected by the patch. Note that this means you can work-around the
problem by increasing or decreasing the length of your password by a
character.
In case it helps anybody we've put an imap-2007f at
ftp://ftp.cac.washington.edu/imap/imap-2007f.tar.gz
This should not be misconstrued to mean we're getting back in the game,
we're not. We now return to our regular radio silence. Thanks.
Steve Hubert <hub...@uw.edu>
UW Information Technology
University of Washington
_______________________________________________
Imap-uw mailing list
Imap-uw@u.washington.edu
http://mailman2.u.washington.edu/mailman/listinfo/imap-uw
