Dear Timo,
Thanks for the patch. It shows the connections, but auth never gets called.
I finally pulled my act together so that I could compile from source. So, I thought I would be a little more clear.
If I turn on ssl (comment out ssl_disable = yes, the default) and turn off plaintext (uncomment disable_plaintext_auth = yes), then immediately after SSL negotiation, my client hangs (I'm testing with mutt).
Eventually, I determined what's happening, to some degree. Alas, I've been programming in Java for five years, so I have trouble debugging a real programming language. However: in login/client.c, client_handle_input, the first part of the function checks for client->cmd_finished, and if so, clears client->cmd_tag and client->cmd_name. It then checks client->skip_line, and if true, calls client_skip_line. Adding debugging to client_skip_line (i_info with the contents of data) shows that, after the starttls command, client_skip_line discards the whole next command (in my case, a0002 CAPABILITY). The client is waiting for a response. The server is waiting for a command (having discarded one). login times out sixty seconds later, for inactivity.
There's where my skills prove inadequate, I'm afraid, because bypassing client_skip_line if the last command was STARTTLS doesn't seem to do any good; the server never sees the capability command. I'm between a rock and a hard place, it appears; if the server sees the command, it discards it and then times out, but if it doesn't, it times out anyway. *sigh*
No one else seems to be having this sort of problem, though. Is that because most folks are using TLS on the imaps port? Or have I got a misconfiguration that runs somehow deeper? I don't *think* I'm chasing a wild hare.
Sorry to be a bother.
Amy! On 21 Jan 2003 09:43:06 +0200 Timo Sirainen <tss@iki.fi> wrote:
On Sat, 2003-01-18 at 19:01, Amelia A.Lewis wrote:
I'm running the debian package 0.99.7-2. If I turn off SSL, and allow plaintext, I can log in. If I turn SSL on (comment out ssl_diable = yes), then I can't. It was working in 0.99.6, I know.
If it was working in .6, I can't think of what could have broken. But here's a patch for more verbose logging if "auth_verbose = yes" in config file.
-- Amelia A. Lewis amyzing {at} talsever.com There are two major products that came out of Berkeley: LSD and BSD Unix. We don't believe this to be a coincidence.