[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [pysieved] authentication problem

From: Neale Pickett <neale at woozle dot org>
Subject: Re: [pysieved] authentication problem
Date: Sat, 28 Jul 2007 18:58:12 -0600

Philippe Levan <levan at epix dot net> writes:

> The question is : does "\0username\0pass" break
> anybody else's setup ?

To test this, apply the following patch (you can do it by hand too, it's
line 209):

--- plugins/dovecot.py~ 2007-07-23 13:43:53.000000000 -0600
+++ plugins/dovecot.py  2007-07-28 18:55:23.000000000 -0600
@@ -206,7 +206,7 @@
         auth_string = ('AUTH\t%d\tPLAIN\tservice=%s\tresp=%s' %
                        (1,
                         self.service,
-                        base64.encodestring(params['username'] + '\0' +
+                        base64.encodestring('\0' +
                                             params['username'] + '\0' +
                                             params['password'])))
         self.auth_sock.sendall(auth_string + '\n')

> Remark : If I were ambitious enough, I'd revise the
> code so that the whole authentication phase would be
> a pass-through between the ManageSieve client and the
> Dovecot authentication daemon.

That's the sort of thing that I expect the C-based patch to do, whenever
it gets merged into Dovecot proper.  In the meantime I'm holding out
hope that Exim people will get some utility out of pysieved, too.  I
probably ought to tell them about it, though :)

Neale

References:
- [pysieved] authentication problem
  - From: Sebastian Ganschow
- Re: [pysieved] authentication problem
  - From: Neale Pickett
- Re: [pysieved] authentication problem
  - From: Philippe Levan

Prev by Date: Re: [pysieved] [PATCH] Setup.py and intent to submit FreeBSD port
Next by Date: [pysieved] SASL revamp
Previous by thread: Re: [pysieved] authentication problem
Next by thread: [pysieved] RPMs - can anyone test?
Index(es):
- Date
- Thread