[PATCH] for: no pop mail with git head

From: Albrecht Dreß <albrecht dress arcor de>
To: Jack <ostroffjh users sourceforge net>
Cc: balsa-list gnome org
Subject: [PATCH] for: no pop mail with git head
Date: Tue, 18 Apr 2017 10:58:02 +0200

Hi Jack:

Am 16.04.17 19:38 schrieb(en) Jack:

For one server, I get

Message: 140011706032352, 0, POP3: aya-gmail
** (balsa:2808): DEBUG: connected to localhost
** (balsa:2808): DEBUG: R '+OK POP3 POPFile (v1.1.3) server ready'
** (balsa:2808): DEBUG: W 'CAPA'
** (balsa:2808): DEBUG: R '-ERR No secure server specified'


This doesn't harm, as pop3 does not require the CAPA command.  However, according to RFC 1939 and because the 
server greeting by POPFile does not include a time stamp (RFC 1939, Sect. 7), the *only* possible auth method 
is USER/PASS...

** (balsa:2808): DEBUG: emit 'auth' signal for client 0x30f8600
** (balsa:2808): DEBUG: libbalsa_server_get_auth: 0x30f8600 0x290cb60: encrypted = 0


...which will be rejected as the connection is unencrypted.

Actually, this restriction I made is too narrow for POP3.  Please try the attached patch which allows all 
possible auth methods even for unencrypted connections (and fixes cosmetic style issue).

Thanks a lot for pointing me to this issue!

Cheers,
Albrecht.

diff --git a/libbalsa/mailbox_pop3.c b/libbalsa/mailbox_pop3.c
index 0003b32..5e79319 100644
--- a/libbalsa/mailbox_pop3.c
+++ b/libbalsa/mailbox_pop3.c
@@ -465,6 +465,7 @@ libbalsa_mailbox_pop3_startup(LibBalsaServer            *server,
 {
        NetClientPop *pop;
        GError *error = NULL;
+       guint allow_auth;
 
        /* create the mailbox connection */
        if (server->security == NET_CLIENT_CRYPT_ENCRYPTED) {
@@ -476,11 +477,14 @@ libbalsa_mailbox_pop3_startup(LibBalsaServer            *server,
                return NULL;
        }
 
-       /* configure the mailbox connection */
+       /* configure the mailbox connection; allow all (including plain text) auth methods even for 
unencrypted connections so using
+        * e.g. popfile on localhost is possible, i.e. the user is responsible for choosing a proper security 
mode */
+       allow_auth = NET_CLIENT_POP_AUTH_ALL;
        if (mbox->disable_apop) {
-               net_client_pop_allow_auth(pop, TRUE, NET_CLIENT_POP_AUTH_ALL & ~NET_CLIENT_POP_AUTH_APOP);
-               net_client_pop_allow_auth(pop, FALSE, NET_CLIENT_POP_AUTH_SAFE & ~NET_CLIENT_POP_AUTH_APOP);
+               allow_auth &= ~NET_CLIENT_POP_AUTH_APOP;
        }
+       net_client_pop_allow_auth(pop, TRUE, allow_auth);
+       net_client_pop_allow_auth(pop, FALSE, allow_auth);
        net_client_set_timeout(NET_CLIENT(pop), 60U);
 
        /* load client certificate if configured */
diff --git a/libnetclient/net-client-pop.c b/libnetclient/net-client-pop.c
index 07f799f..ccd4076 100644
--- a/libnetclient/net-client-pop.c
+++ b/libnetclient/net-client-pop.c
@@ -696,7 +696,8 @@ net_client_pop_get_capa(NetClientPop *client, guint *auth_supported)
         * at least support USER/PASS... */
        if (*auth_supported == 0U) {
                *auth_supported = NET_CLIENT_POP_AUTH_USER_PASS;
-       }client->priv->can_pipelining = TRUE;
+       }
+       client->priv->can_pipelining = TRUE;
 }

Attachment: pgpnLi6ZM9I0s.pgp
Description: PGP signature

Follow-Ups:
- Re: [PATCH] for: no pop mail with git head
  - From: Jack
- Success: [PATCH] for: no pop mail with git head (localhost using Popfile)
  - From: Jack

References:
- Re: no pop mail with git head
  - From: Jack

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]