41 lines
1.8 KiB
Plaintext
41 lines
1.8 KiB
Plaintext
MBOX-Line: From gds at chartertn.net Thu Oct 26 22:23:23 2017
|
|
To: imap-protocol@u.washington.edu
|
|
From: Gene Smith <gds@chartertn.net>
|
|
Date: Fri Jun 8 12:34:55 2018
|
|
Subject: [Imap-protocol] authenticate LOGIN question
|
|
In-Reply-To: <CAByav=gBnVkLg+4z90ewBvKRVtOrEQ7XESfirEQ1dyx=Sb0MXw@mail.gmail.com>
|
|
References: <38137c2b-f1f1-2bed-e22f-2aea7fa50ac3@chartertn.net>
|
|
<CAByav=gBnVkLg+4z90ewBvKRVtOrEQ7XESfirEQ1dyx=Sb0MXw@mail.gmail.com>
|
|
Message-ID: <8204fbd1-3679-c8cc-7f92-d4307867ece0@chartertn.net>
|
|
|
|
While working on thunderbird bug 1408610 (*) I attempted to do an
|
|
"authenticate LOGIN" to the imap.mail.yahoo.com server with unsuccessful
|
|
results (tb = thunderbird, yh = yahoo):
|
|
|
|
tb: 2 authenticate LOGIN
|
|
yh: + <-- no Username: "challenge" sent here.
|
|
tb: <base64 encoded uid>
|
|
yh: + <base64 encoded string saying auth string is bad>
|
|
tb: <base64 encoded password>
|
|
yh: 2 BAD [AUTHENTICATIONFAILED] LOGIN Invalid credentials
|
|
|
|
I get this result when sent by tb or when sent manually using openssl. I
|
|
have tried several variants to see if it would work such as sending
|
|
separate base64 encoded and spaced separated uid and pwd right after the
|
|
first yh + response. Also tried base64 encoded "\0<uid>\0<pwd>", that
|
|
works for PLAIN, after yh + response and others variations to no avail.
|
|
|
|
Authenticate PLAIN and simple imap login with normal ascii uid and pwd
|
|
text work OK. Noticed that few imap servers even support "authenticate
|
|
LOGIN". One that I did find that supports it, after providing the uid
|
|
and pwd, reports RENEGOTIATING and then openssl crashes.
|
|
|
|
Only official documentation I could find on "authenticate login" is
|
|
https://tools.ietf.org/html/draft-murchison-sasl-login-00 but it only
|
|
provides an example for smtp.
|
|
|
|
-gene
|
|
P/S: The yahoo server reports a capability AUTH=LOGIN
|
|
(*) https://bugzilla.mozilla.org/show_bug.cgi?id=1408610
|
|
|