I have a phone (LG CU320) with a built-in IMAP client. However, it
has some issues. For one, the phone crashes if there are greater than
some-as-of-yet-determined-number-of folders. That can't be worked
around at the server, but this one can:
After a long session of staring at tcpdump, it appears that when it
logs in it does so like this:
a001 LOGIN "username" myPassword
This works unless one has funny characters in their password (which
is usually the case). Why on earth it would put quotes around the
username and NOT the password is beyond me (which is more likely to
have special characters?)
It does seem to check the CAPABILITY line to see what authentication
is supported, because if I try it with a different (cyrus) server,
instead of using LOGIN to authenticate, it uses AUTHENTICATE
Dovecot presents that it supports AUTH=PLAIN, whereas Cyrus presents
that it supports AUTH=PLAIN AUTH=LOGIN AUTH=CRAM-MD5 AUTH=GSSAPI.
This is presumably because Dovecot prefers STARTTLS or simple IMAPS
for authentication.
So as I see it, getting this phone work with Dovecot and a password
with special characters can take one of two forms (either of which
I'll be happy to code):
1. Somehow getting Dovecot to look at the second token as if it
*were* quoted.
2. Getting Dovecot to present and interpret AUTH=LOGIN (i. e.
AUTHENTICATE), which appears to cause the phone to properly escape
the password
The first one really only fixes certain special characters, and
leaves others still broken (like quotes themselves), and in fact
violates IMAP4rev1. So I'd just make and run a local patch
The second one fixes the problem more cleanly, and my code can be
reused and submitted to the Dovecot commiters.
So my question to anyone familiar with the codebase is, which of
these options is more likely to work, and would the Dovecot team be
interested in patches for either one?
David King wrote:
- Getting Dovecot to present and interpret AUTH=LOGIN (i. e.
AUTHENTICATE), which appears to cause the phone to properly escape
the password
In your auth{} block, add/change mechanisms to: mechanisms = plain login
This works in 1.0beta7 and probably several versions before it.
If your passdb backend has cleartext passwords (and I suppose it might, since you said Cyrus was presending CRAM-MD5), you could enable some of the non-cleartext auth mechanisms as well (which is a nice bonus if your phone supports it...)
HTH,
Ben Winslow <rain@bluecherry.net>
- Getting Dovecot to present and interpret AUTH=LOGIN [...] In your auth{} block, add/change mechanisms to: mechanisms = plain login
Ah, okay. I figured that it wasn't supported already because the
example in the .conf page ("plain digest-md5 cram-md5 apop
anonymous") doesn't include it. That's not an exhaustive list, then.
Thank you!
participants (2)
-
Ben Winslow
-
David King