[imp] Improper password escapes

Jan Schneider jan@horde.org
Tue, 12 Mar 2002 18:48:07 +0100

Previous message: [imp] Improper password escapes
Next message: [imp] Improper password escapes
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Zitat von Iain McBride <imcbride@imajica.org>:

> On Tue, 12 Mar 2002, Chuck Hagenbuch wrote:
> 
> > > I searched the mailing list archives and saw that there was a
> similar
> > > problem with trailing spaces that has been fixed in the RELENG_3
> branch in
> > > CVS, which I checked out with no success.
> >
> > This works fine here. Can you be more detailed about your lack of
> success with
> > RELENG_3?
> 
> Using a single quote in the password of a user works just fine for you? 
> Hrm.
> 
> I don't know how to be any more detailed than that and snoops of the
> POP3
> exchange between the web client and the POP3 server.  I've documented
> that
> a user with a single quote in their username is unable to authenticate
> via
> POP3 or IMAP, due to the single quote being escaped in their password.
> 
> a user configured:
> username: test
> password: test'test
> 
> causes IMP to attempt to auth them as:
> username: test
> password: test\'test

Hm, I'm not sure but shouldn't the c-client put the password in quotes if 
it contains quotes itself? At least that was the behaviour we always 
watched while we fixed this escape problem.

Jan.

--
http://www.horde.org - The Horde Project
http://www.ammma.de - discover your knowledge
http://www.tip4all.de - Deine private Tippgemeinschaft

Previous message: [imp] Improper password escapes
Next message: [imp] Improper password escapes
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]