Allow plaintext and TLS

Nikola Milutinovic alokin1 at yahoo.com
Mon Apr 3 06:00:08 EDT 2006


Hi all.

It looks like I've hit a minor bug in Cyrus. It has to do with "allowplaintext"
option.

I have set this option to "no". When I setup my client (Thunderbird) to use TLS
and PLAIN, it says "Server refused... blah, blah". When I set it to use SSL and
PLAIN, I can login.

>From this I can only conclude that the server is not advertising AUTH=PLAIN if
the connection is over TLS, while it is advertizing it over SSL. I'd say this
is a bug, since TLS does/should provide SSF=256.

If I understand correctly, SSL is a SSL wrapper over the connection and it gets
established BEFORE IMAP connection is established. TLS, on the other hand, is
initiated within an established IMAP connection. I'd say TLS code is forgetting
to raise SSF to 256, upon successful establishing of encrypted communication.

Nix.

__________________________________________________
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com 


More information about the Info-cyrus mailing list