[Kolab-devel] [issue2444] kontact sends base64 encoded password when sieve server does not advertise STARTTLS
Thomas Arendsen Hein
kolab-issues at intevation.de
Fri Feb 1 18:54:11 CET 2008
New submission from Thomas Arendsen Hein <thomas at intevation.de>:
kontact sends base64 encoded password when sieve server does not advertise
STARTTLS, even if using TLS is configured.
Kontact
Version 1.2.4 (enterprise 20071204.744693)
KDE personal information manager
(C) 2001-2004 The Kontact developers
To reproduce, stop the sieve server and start netcat instead:
nc -l -p 2000 -n -v
Answer the client's request with the capabilities excluding STARTTLS, e.g.:
"IMPLEMENTATION" "Cyrus timsieved v2.3.11-openpkg"
"SASL" "PLAIN"
"SIEVE" "comparator-i;ascii-numeric fileinto reject vacation imapflags notify
include envelope body relational regex subaddress copy"
OK
kontact will send:
AUTHENTICATE "PLAIN" "(base64:login\0login\0pass)"
(though it seems to notice the problem and will answer with LOGOUT on OK)
----------
assignedto: till
messages: 13558
nosy: bernhard, bh, ludwig, osterfeld, thomas, till, vkrause
priority: urgent
status: unread
title: kontact sends base64 encoded password when sieve server does not advertise STARTTLS
topic: enterprise35, kde client
________________________________________________
Kolab issue tracker <kolab-issues at intevation.de>
<https://intevation.de/roundup/kolab/issue2444>
________________________________________________
More information about the devel
mailing list