[Tickets #10680] Re: Authentication via IMP does fail for some passwords while using IMAP directly does work

bugs at horde.org bugs at horde.org
Thu Jan 12 11:00:51 UTC 2012 

BITTE NICHT AUF DIESE NACHRICHT ANTWORTEN. NACHRICHTEN AN DIESE  
E-MAIL-ADRESSE WERDEN NICHT GELESEN.

Ticket-URL: http://bugs.horde.org/ticket/10680
------------------------------------------------------------------------------
  Ticket           | 10680
  Aktualisiert Von | tkrah at fachschaft.imn.htwk-leipzig.de
  Zusammenfassung  | Authentication via IMP does fail for some passwords while
                   | using IMAP directly does work
  Warteschlange    | Kronolith
  Version          | Git master
  Typ              | Bug
  Status           | Assigned
  Priorität        | 1. Low
  Milestone        |
  Patch            |
  Zuständige       | Jan Schneider, Michael Slusarz
------------------------------------------------------------------------------


tkrah at fachschaft.imn.htwk-leipzig.de (2012-01-12 11:00) hat geschrieben:

I did some more testing and can tell this:

1. The password sent from the client (tbird+lightning) is correct,  
looking at the PHP_AUTH_PW line.
2. The stacktrace of the rpc call looks like this:

  1. Horde_Rpc_Webdav->getResponse() /var/www/horde/rpc.php:146
  2. Horde_Rpc_Webdav->ServeRequest() /usr/share/php/Horde/Rpc/Webdav.php:250
  3. Horde_Rpc_Webdav->_check_auth() /usr/share/php/Horde/Rpc/Webdav.php:953
  4. Horde_Rpc_Webdav->check_auth() /usr/share/php/Horde/Rpc/Webdav.php:2428
  5. Horde_Core_Auth_Application->authenticate()  
/usr/share/php/Horde/Rpc/Webdav.php:832
  6. Horde_Core_Auth_Application->authenticate()  
/usr/share/php/Horde/Core/Auth/Application.php:129
  7. Horde_Auth_Base->authenticate()  
/usr/share/php/Horde/Core/Auth/Application.php:132
  8. Horde_Core_Auth_Application->_authenticate()  
/usr/share/php/Horde/Auth/Base.php:146
  9. Horde_Registry->callAppMethod()  
/usr/share/php/Horde/Core/Auth/Application.php:161
10. call_user_func_array() /usr/share/php/Horde/Registry.php:1083
11. IMP_Application->authAuthenticate()
12. IMP_Auth::authenticate() /var/www/horde/imp/lib/Application.php:409
13. Horde::debug() /var/www/horde/imp/lib/Auth.php:80

3. The encoded session password taken from the imap->ob is garbage  
like reported.
4. The password send to the imap socket (verified via debug statement  
at lib level) is garbage too - but it differs from the one from 3.

I am stuck here. The client did sent the correct credentials - but  
credentials sent to the socket are wrong and does differ from the  
encoded one, to decoding seems to take place but there something is  
going wrong.

More information about the bugs mailing list