View Issue Details

Jump to NotesJump to History
IDProjectCategoryView StatusDate SubmittedLast Update
0002126SOGoBackend Mailpublic2012-11-27 13:322013-01-14 19:31
Reportereicky Assigned Tofrancis  
PrioritynormalSeveritymajorReproducibilityalways
Status resolvedResolutionfixed 
Product Version2.0.2a 
Target Version2.0.4Fixed in Version2.0.4 
Summary0002126: SMTP PLAIN AUTH fails with long login-phrases
Description

SMTP PLAIN AUTH fails, if the base64-encoded login-phrase is longer than 72 chars. If the encoded login-phrase is longer, a second line is used for authentication and the mailserver rejects the attempt. A login with shorter phrases was tested successfully.

Additional Information

Here's the SOGo-Log for one of my login attemts, that failed because of the
long login-string:

C: connect to <0x0x7f00fa002090[NGInternetSocketAddress]:
host=smtp.example.org
not-filled>
S: <SMTP-Reply: code=220 line='mail.example.org ESMTP'>
C: EHLO srv-web-01.example.local
S: <SMTP-Reply: code=250 line='DSN'>
S: pipelining extension supported.
S: size extension supported.
S: plain auth extension supported.
C: AUTH PLAIN xyXYxyXYxyXYxyXYxyXYxyXYxyXYxyXYxyXYxyXYxyXYxyXYxyXYxyXYxyXYxyXYxyXYxyXY
xyXYxyXYxyXYxyXYxyXYxyXYxyXYxyXYxyXYxyX=
C: QUIT
S: <SMTP-Reply: code=502 line='5.5.2 Error: command not recognized'>

I replaced the AUTH PLAIN string for security reasons, but the length still
fits...

TagsNo tags attached.

Activities

ludovic

ludovic

2012-12-03 21:28

reporter   ~0005022

Fixed: https://github.com/inverse-inc/sope/commit/180ee5442d3245265a993de4c565271bc6c5c142
eicky

eicky

2012-12-07 12:09

reporter   ~0005047

I'm sorry to report, that the issue still persists. The Output of SMTP AUTH with SOGo 2.0.3:

C: connect to <0x0x7fd08b958690[NGInternetSocketAddress]: host=smtp.example.org not-filled>
S: <SMTP-Reply: code=220 line='smtp.example.org ESMTP'>
C: EHLO srv-web-01.example.local
S: <SMTP-Reply: code=250 line='DSN'>
S: pipelining extension supported.
S: size extension supported.
S: plain auth extension supported.
C: AUTH PLAIN
C: xyXYxyXYxyXYxyXYxyXYxyXYxyXYxyXYxyXYxyXYxyXYxyXYxyXYxyXYxyXYxyXYxyXYxyXY
xyXYxyXYxyXYxyXYxyXYxyXYxyXYxyXYxyXYxyX=
C: QUIT
S: <SMTP-Reply: code=502 line='5.5.2 Error: command not recognized'>

I replaced the AUTH PLAIN string for security reasons, but the length still
fits...
jobisoft

jobisoft

2013-01-11 13:06

reporter   ~0005132

Last edited: 2013-01-13 12:55

EDIT: My original post was plain wrong and missleading, removed it later.

After playing around with it, I learned, that the linebreak indeed causes the error. Simpling replacing all "\n" in the authstring with "" solved the problem. Simple fix included.

2013-01-11 17:34

 

fix_2126 (829 bytes)    
diff --git a/sope-mime/NGMail/NGSmtpClient.m b/sope-mime/NGMail/NGSmtpClient.m
index bb5daba..781ddd3 100644
--- a/sope-mime/NGMail/NGSmtpClient.m
+++ b/sope-mime/NGMail/NGSmtpClient.m
@@ -237,10 +237,10 @@
     buffer = malloc (sizeof (char) * (buflen + 1));
     sprintf (buffer, "%s%c%s%c%s",
              utf8Username, 0, utf8Username, 0, utf8Password);
-    authString = [[NSData dataWithBytesNoCopy: buffer
+    authString = [[[NSData dataWithBytesNoCopy: buffer
                                        length: buflen
                                  freeWhenDone: YES]
-                   stringByEncodingBase64];
+                   stringByEncodingBase64] stringByReplacingOccurrencesOfString:@"\n" withString:@""];
     reply = [self sendCommand: @"AUTH PLAIN"];
     
     if ([reply code] == NGSmtpServerChallenge)
fix_2126 (829 bytes)   
francis

francis

2013-01-14 19:31

administrator   ~0005171

Thanks.

See https://github.com/inverse-inc/sope/commit/9c3999fadcf3b5e2de9dfbf21756eaa4b7d41e54

Issue History

Date Modified Username Field Change
2012-11-27 13:32 eicky New Issue
2012-11-30 21:17 ludovic Target Version => 2.0.3
2012-12-03 21:28 ludovic Note Added: 0005022
2012-12-03 21:28 ludovic Status new => closed
2012-12-03 21:28 ludovic Resolution open => fixed
2012-12-03 21:28 ludovic Fixed in Version => 2.0.3
2012-12-07 12:09 eicky Note Added: 0005047
2012-12-07 12:09 eicky Status closed => feedback
2012-12-07 12:09 eicky Resolution fixed => reopened
2013-01-11 13:06 jobisoft Note Added: 0005132
2013-01-11 17:32 jobisoft Note Edited: 0005132
2013-01-11 17:34 jobisoft File Added: fix_2126
2013-01-13 12:55 jobisoft Note Edited: 0005132
2013-01-14 15:05 francis Target Version 2.0.3 => 2.0.4
2013-01-14 19:31 francis Note Added: 0005171
2013-01-14 19:31 francis Status feedback => resolved
2013-01-14 19:31 francis Fixed in Version 2.0.3 => 2.0.4
2013-01-14 19:31 francis Resolution reopened => fixed
2013-01-14 19:31 francis Assigned To => francis