Bug in gyrus_admin_login()

From: Andreas Haumer <andreas xss co at>
To: gyrus-list gnome org
Subject: Bug in gyrus_admin_login()
Date: Fri, 07 Apr 2006 18:26:34 +0200

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi!

While testing gyrus (which is really a nice utility)
I found a bug in function gyrus_admin_login() in file
gyrus-admin.c

The problem occurs if a user tries to login to the
IMAP server using a password which contains white
space characters like ASCII 0x20, which is perfectly
valid according to RFC1730 and RFC3501

Such a password has to be a literal string or quoted string,
though, and the quotes are missing in the gyrus sources as
of version 0.3.6

I'm attaching a patch which solves the problem by providing
double quote characters around the password (tested with
gyrus 0.3.6)

Please note: with the patch it is still not possible to
send passwords containing double quote characters. It
might be better to use literal strings as defined in
RFC1730, though this might make handling of the login
command a little bit complicated as the client has to
wait for the server command continuation request after
sending the initial {nnn}CRLF sequence.

Note also that the same is true for the userid field
of the login command.

HTH

- - andreas

PS: I found gyrus' error message

Unable to connect with empty passwords.
Please introduce your password.

very misleading as the problem occured after entering a
valid password.

- --
Andreas Haumer                     | mailto:andreas xss co at
*x Software + Systeme              | http://www.xss.co.at/
Karmarschgasse 51/2/20             | Tel: +43-1-6060114-0
A-1100 Vienna, Austria             | Fax: +43-1-6060114-71
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFENpK3xJmyeGcXPhERAr6RAJ9tTrs0GrrZZJaSxSgIaOriFO+IrACgxHSq
3J418fk+GB0cxUqVN8pyDCM=
=CaCY
-----END PGP SIGNATURE-----

Index: gyrus/src/gyrus-admin.c
===================================================================
RCS file: /home/cvs/repository/distribution/Utilities/gyrus/src/gyrus-admin.c,v
retrieving revision 1.1.1.3
diff -u -r1.1.1.3 gyrus-admin.c
--- gyrus/src/gyrus-admin.c	21 Mar 2006 22:15:35 -0000	1.1.1.3
+++ gyrus/src/gyrus-admin.c	7 Apr 2006 15:49:55 -0000
@@ -880,7 +880,7 @@
 
 	g_return_val_if_fail (status == GYRUS_IMAP_STATUS_OK, FALSE);
 	
-	msg = g_strdup_printf (". login \"%s\" %s\n",
+	msg = g_strdup_printf (". login \"%s\" \"%s\"\n",
 			       gyrus_admin_get_current_user (admin),
 			       gyrus_admin_get_current_passwd (admin));
 	gyrus_admin_write_channel (admin, msg);

Follow-Ups:
- Re: Bug in gyrus_admin_login()
  - From: Claudio Saavedra

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]