[Tickets #1519] RESOLVED: backslash must be doubled in password
bugs at bugs.horde.org
bugs at bugs.horde.org
Thu Mar 10 11:35:14 PST 2005
DO NOT REPLY TO THIS MESSAGE. THIS EMAIL ADDRESS IS NOT MONITORED.
Ticket URL: http://bugs.horde.org/ticket/?id=1519
-----------------------------------------------------------------------
Ticket | 1519
Updated By | jmorzins at mit.edu
Summary | backslash must be doubled in password
Queue | IMP
Version | RELENG_3
State | Bogus
Priority | 1. Low
Type | Bug
Owners |
-----------------------------------------------------------------------
jmorzins at mit.edu (2005-03-10 11:35) wrote:
Respectfully, I think the person who replied has misunderstood my report.
IMP builds and sends an IMAP command when it tries to log me in. My bug
report concerns the fact that IMP builds the command wrongly. As far as I
can see, php's handling of backslashes is completely clean and proper, and
is not part of this bug report.
As proof that PHP is correctly configured, I point out that I can
successfully use IMP to send myself email with tricky subjects ilke:
test \\ of \ backslash
The doubled backslash between "test" and "of" is properly preserved in my
email, and the single backslash between "of" and "backslash" is also
properly preserved. IMP's php code is doing the right thing.
However, when I try to log in, the php code is doing the right thing, but
IMP constructs the login command incorrectly. A login command must escape
any backslashes in the password. This is specified in RFC 2060, which is
recommend reading for anyone who is trying to write an IMAP client. Because
IMP is not escaping the backslashes when it constructs the IMAP login
command, the command fails. If the user is an IMAP guru who knows probably
IMAP failure modes and know that the *protocol layer* requires doubled
backslashes, the user can compensate for IMP's shortcomings...
IMP should not require the user to be a guru, and should build
correctly-formatted password strings before trying to log in to the server.
Thank you
Jacob Morzinski
More information about the bugs
mailing list