[Tickets #10680] Re: Authentication via IMP does fail for some passwords while using IMAP directly does work

bugs at horde.org bugs at horde.org
Fri Jan 27 14:12:58 UTC 2012 

DO NOT REPLY TO THIS MESSAGE. THIS EMAIL ADDRESS IS NOT MONITORED.

Ticket URL: http://bugs.horde.org/ticket/10680
------------------------------------------------------------------------------
  Ticket             | 10680
  Updated By         | jarribas at rosario.gov.ar
  Summary            | Authentication via IMP does fail for some passwords
                     | while using IMAP directly does work
  Queue              | Kronolith
  Version            | Git master
  Type               | Bug
  State              | Assigned
  Priority           | 1. Low
  Milestone          |
  Patch              |
  Owners             | Jan Schneider, Michael Slusarz
------------------------------------------------------------------------------


tkrah at fachschaft.imn.htwk-leipzig.de (2012-01-12 11:00) wrote:

I did some more testing and can tell this:

1. The password sent from the client (tbird+lightning) is correct,  
looking at the PHP_AUTH_PW line.
2. The stacktrace of the rpc call looks like this:

  1. Horde_Rpc_Webdav->getResponse() /var/www/horde/rpc.php:146
  2. Horde_Rpc_Webdav->ServeRequest() /usr/share/php/Horde/Rpc/Webdav.php:250
  3. Horde_Rpc_Webdav->_check_auth() /usr/share/php/Horde/Rpc/Webdav.php:953
  4. Horde_Rpc_Webdav->check_auth() /usr/share/php/Horde/Rpc/Webdav.php:2428
  5. Horde_Core_Auth_Application->authenticate()  
/usr/share/php/Horde/Rpc/Webdav.php:832
  6. Horde_Core_Auth_Application->authenticate()  
/usr/share/php/Horde/Core/Auth/Application.php:129
  7. Horde_Auth_Base->authenticate()  
/usr/share/php/Horde/Core/Auth/Application.php:132
  8. Horde_Core_Auth_Application->_authenticate()  
/usr/share/php/Horde/Auth/Base.php:146
  9. Horde_Registry->callAppMethod()  
/usr/share/php/Horde/Core/Auth/Application.php:161
10. call_user_func_array() /usr/share/php/Horde/Registry.php:1083
11. IMP_Application->authAuthenticate()
12. IMP_Auth::authenticate() /var/www/horde/imp/lib/Application.php:409
13. Horde::debug() /var/www/horde/imp/lib/Auth.php:80

3. The encoded session password taken from the imap->ob is garbage  
like reported.
4. The password send to the imap socket (verified via debug statement  
at lib level) is garbage too - but it differs from the one from 3.

I am stuck here. The client did sent the correct credentials - but  
credentials sent to the socket are wrong and does differ from the  
encoded one, to decoding seems to take place but there something is  
going wrong.

More information about the bugs mailing list