cyrus-devel at lists.andrew.cmu.edu

[István Király]

Hello List(s), ...

When using saslauthd for authentication with a remote imap server, in this
case perdition IMAP4, there seems to be a compatibility issue.

After LOGIN, perdition is sending the CAPABILITY tag before the OK.
saslauthd expects an OK, but receives the CAPABILITY first and then closes
the connection.

saslauthd[8454] :do_auth         : auth failure: [user=x at test.d250.hu]
[service=imap] [realm=]
[mech=rimap] [reason=[ALERT] Unexpected response from remote authentication
server]

I was able to alter the last lines of auth_rimap.c, and hack this out, but
this should be implemented properly.

I assume, perdition behaves standard compliant within the IMAP4 protocol,
however it could send the combined "a OK [CAPABILITY ... ]" as dovecot
does. Is there a technical reason for the two separate messages? I was not
able to manipulate this behavior with configuration arguments.

saslauthd on the other hand could read the CAPABILITY tag, skip it, and
process the next tag to read an OK, and then close the connection, with the
Unexpected response error eventually.

I'm not sure which is the more standard compliant approach, but if my
assumption is correct, auth_rimap.c should be modified for increased
compatibility.

Thank you, ...
Greetings,
-- 
Király István
+36 209 753 758
LaKing at D250.hu
<http://d250.hu>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.andrew.cmu.edu/pipermail/cyrus-devel/attachments/20140702/e68aaae8/attachment.html