#1488057 closed Bugs (wontfix)
IMAP login fails at early starting the connection
| Reported by: | remort | Owned by: | |
|---|---|---|---|
| Priority: | 5 | Milestone: | later |
| Component: | IMAP connection | Version: | 0.5.4 |
| Severity: | normal | Keywords: | imap |
| Cc: |
Description
Hi ! It's an analogue of ticket # 1484643
I'll try to give you more info about this issue.
Yesterday i've tested RC on fresh gentoo (with dovecot) and everything is fine. it works. But i had to integrate RC in an software gateway that has an old version of courier (i think it's a problem of inconsistant with old courier imap server).
the version of imapd server in courier is "imapd.dist.in,v 1.38 2006/02/24". i have no chance to renew the courier or change it to dovecot.
Ok. the problem is when i goes through the installation script in RC via browser the imap login failed. Postfix + courier are configured properly and i can log in into it with my thunderbird client for example. The main IMAP options in RC are following:
auth type = PLAIN (or blank)
default host = 10.10.10.5 (i connect to the imap server from the server itself)
port = 143
others set by default.
i try several ways to determine what i do wrong, changed letter case and domain part of login, saw source code and so on... but finally i've decided to compare a verbose tcp log of the connection and found some info. i'll attach logs below.
Attachments (3)
Change History (10)
Changed 21 months ago by remort
comment:1 Changed 21 months ago by remort
So...
Looking to the files we can see that imap server response that login failed for the first request about auth_type. but thunderbird splits on it and continue sending request about login, and imap server authenticate it succesfully.
RC is more shy and stops send request after the first negative answer from imapd. am i right?
yes, imapd isn't ok, maybe because of buggy courier nature, but all modern client work perfetly with it (our clients use Outlook, thunderbird, squirrelmail and other stuff). so i think it should be some brute method to send requests no matter what happened like thunder does.
if you need any additional info i am very able to do it for you, but i think i couldn't give you a trial access to my testing servers.
PS : may be my logic about IMAP auth process is not right, so just look into the files and ask me questions.
comment:2 Changed 21 months ago by remort
i ran a test with outlook and it shows a differ situation. third file is attached. outlook doesn't send any auth type requests at all. so may be it is not so important to ask server about auth type. due to this RC shouldn't drop the connection.
And this is how it looks on the imapd side. RC just disconnects w/o sending a login. few tries here:
Aug 26 17:15:51 unknown-domain imapd: Connection, ip=[::ffff:10.10.10.5]
Aug 26 17:15:51 unknown-domain imapd: LOGOUT, ip=[::ffff:10.10.10.5], rcvd=58, sent=550
Aug 26 17:16:05 unknown-domain imapd: Connection, ip=[::ffff:10.10.10.5]
Aug 26 17:16:05 unknown-domain imapd: LOGOUT, ip=[::ffff:10.10.10.5], rcvd=58, sent=550
Aug 26 17:17:30 unknown-domain imapd: Connection, ip=[::ffff:10.10.10.5]
Aug 26 17:17:30 unknown-domain imapd: LOGOUT, ip=[::ffff:10.10.10.5], rcvd=58, sent=550
Aug 26 17:18:58 unknown-domain imapd: Connection, ip=[::ffff:10.10.10.5]
Aug 26 17:18:58 unknown-domain imapd: LOGOUT, ip=[::ffff:10.10.10.5], rcvd=58, sent=550
And this is a usual thunderbird login. sending credits just after connect:
Aug 26 17:19:14 unknown-domain imapd: Connection, ip=[::ffff:10.10.10.1]
Aug 26 17:19:19 unknown-domain imapd: LOGIN, user=user40, ip=[::ffff:10.10.10.1], protocol=IMAP
Aug 26 17:19:23 unknown-domain imapd: Disconnected, ip=[::ffff:10.10.10.1], time=9
i think you can try to modify your php imap driver or whatever not to give up so soon and try to send credits to server anyway.
comment:3 Changed 21 months ago by remort
I did the following to make it able to connect to courier in rcube_imap_generic.php :
/* if ($line[0] != '+') {
return $this->parseResult($line);
}*/
// send result, get reply and process it
//$this->putLine($reply);
$credits=" LOGIN \"$user\" \"$pass\"";
$this->putLine($this->nextTag() . "$credits");
$line = $this->readReply();
$result = $this->parseResult($line);
IMAP test login work now, but when i try to log in, it says me that Session is outdated (not literally).
comment:4 Changed 21 months ago by alec
- Resolution set to wontfix
- Status changed from new to closed
RFC3501:
If an AUTHENTICATE command fails with a NO response, the client MAY try another authentication mechanism by issuing another AUTHENTICATE command. It MAY also attempt to authenticate by using the LOGIN command
So, Thunderbird is doing this, Roundcube not. All you need is to set imap_auth_type=LOGIN.
comment:5 Changed 21 months ago by remort
For me if i set auth type to LOGIN or whatever it finally became PLAIN for always. as i noticed RC checks CAPABILITY string from imap server and if there is no LOGIN in the captured string it sets it to PLAIN.
My imapd has AUTH=PLAIN in caps, but doesn't accept this type anyway. yes my imapd sucks, but RC can't handle this case too. i think it's better not to change the config.inc variable in that case at least.
I changed $auth_method to LOGIN in imap_generic.php for sure and now IMAP check prints OK w/o any other edits in sourcecode. but when i try to log in on the main page, it says: 'Your session is invalid or has expired' (but in my native language).
So i'll try to fix this for me now, but please don't close the ticket for a while.
comment:6 Changed 21 months ago by remort
I set default $type variable value to LOGIN in authenticate function definition and it solved the login trouble.
but now a have an unexpected logouts and i am unable to send messages in IE. unable to make multiple logins from a same browser (something wrong with sessions?) but this an another story.
thanks for the help with authtype.
comment:7 Changed 14 months ago by alan138
This might help anyone who has a similar problem:
successful connect from thunderbird to courier