Summary: | Refuse to LOGIN when hasCapability("LOGINDISABLED") | ||
---|---|---|---|
Product: | [Frameworks and Libraries] kio | Reporter: | Magnus Holmgren <holmgren> |
Component: | imap | Assignee: | kdepim bugs <kdepim-bugs> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | jkt |
Priority: | NOR | ||
Version: | unspecified | ||
Target Milestone: | --- | ||
Platform: | Debian testing | ||
OS: | Linux | ||
Latest Commit: | Version Fixed In: | ||
Attachments: |
Abort login if disabled
Abort login if disabled |
Description
Magnus Holmgren
2006-05-08 19:08:48 UTC
In addition, RFC 3501 section 7.2.1 states: An IMAP client MUST NOT issue the LOGIN command if the server advertises the LOGINDISABLED capability. Created attachment 15983 [details]
Abort login if disabled
And here is my proposed, but yet-to-be-tested solution.
Good idea but this can only be included in kde 4 as it introduces a new string. Just one more reminder and request for a core developer to check this bug and patch out (and in) before the string unfreeze ends today, please. SVN commit 586077 by winterz: Fix for "Refuse to LOGIN when hasCapability("LOGINDISABLED")" Patch provided by Magnus, and approved by Carsten. And also Till says it looks ok too. BUGS: 126975 M +33 -25 imap4.cc --- branches/KDE/3.5/kdepim/kioslaves/imap4/imap4.cc #586076:586077 @@ -152,7 +152,7 @@ #ifdef HAVE_LIBSASL2 sasl_done(); #endif - + return 0; } @@ -747,7 +747,7 @@ } readBufferLen -= copyLen; - if (readBufferLen) + if (readBufferLen) memmove(readBuffer, &readBuffer[copyLen], readBufferLen); if (buffer[buffer.size() - 1] == '\n') return TRUE; } @@ -945,10 +945,10 @@ if (type == ITYPE_BOX) { bool ask = ( aInfo.find( "ASKUSER" ) != -1 ); - if ( ask && + if ( ask && messageBox(QuestionYesNo, i18n("The following folder will be created on the server: %1 " - "What do you want to store in this folder?").arg( aBox ), + "What do you want to store in this folder?").arg( aBox ), i18n("Create Folder"), i18n("&Messages"), i18n("&Subfolders")) == KMessageBox::No ) { @@ -1212,7 +1212,7 @@ * No-op: data = 'N' * Namespace: data = 'n'. Result shipped in infoMessage() signal * The format is: section=namespace=delimiter - * Note that the namespace can be empty + * Note that the namespace can be empty * Unsubscribe: data = 'U' + URL (KURL) * Subscribe: data = 'u' + URL (KURL) * Change the status: data = 'S' + URL (KURL) + Flags (QCString) @@ -1264,7 +1264,7 @@ break; } case 'n': - { + { // namespace in the form "section=namespace=delimiter" // entries are separated by , infoMessage( imapNamespaces.join(",") ); @@ -1313,7 +1313,7 @@ finished(); break; } - case 'A': + case 'A': { // acl int cmd; @@ -1325,7 +1325,7 @@ } break; } - case 'M': + case 'M': { // annotatemore int cmd; @@ -1337,7 +1337,7 @@ } break; } - case 'S': + case 'S': { // status KURL _url; @@ -1374,7 +1374,7 @@ finished(); break; } - case 'E': + case 'E': { // search specialSearchCommand( stream ); @@ -1665,7 +1665,7 @@ QString aBox, aSequence, aLType, aSection, aValidity, aDelimiter, aInfo; // parseURL with caching enum IMAP_TYPE aType = - parseURL (_url, aBox, aSection, aLType, aSequence, aValidity, aDelimiter, + parseURL (_url, aBox, aSection, aLType, aSequence, aValidity, aDelimiter, aInfo, true); UDSEntry entry; @@ -1924,16 +1924,24 @@ } else completeQueue.removeRef(cmd); } - if (!myAuth.isEmpty () && myAuth != "*" - && !hasCapability (QString ("AUTH=") + myAuth)) - { - error (ERR_COULD_NOT_LOGIN, i18n("The authentication method %1 is not " - "supported by the server.").arg(myAuth)); - closeConnection(); - return false; + if ( myAuth.isEmpty () || myAuth == "*" ) { + if ( hasCapability( QString( "LOGINDISABLED" ) ) ) { + error( ERR_COULD_NOT_LOGIN, i18n("LOGIN is disabled by the server.") ); + closeConnection(); + return false; + } + else { + if ( !hasCapability( QString( "AUTH=" ) + myAuth ) ) { + error( ERR_COULD_NOT_LOGIN, + i18n("The authentication method %1 is not " + "supported by the server.").arg( myAuth ) ); + closeConnection(); + return false; + } + } } - if ( greeting.contains( QRegExp( "Cyrus IMAP4 v2.1" ) ) ) { + if ( greeting.contains( QRegExp( "Cyrus IMAP4 v2.1" ) ) ) { removeCapability( "ANNOTATEMORE" ); } @@ -1961,7 +1969,7 @@ } else { -#ifdef HAVE_LIBSASL2 +#ifdef HAVE_LIBSASL2 if (!clientAuthenticate (this, authInfo, myHost, myAuth, mySSL, resultInfo)) error(KIO::ERR_COULD_NOT_LOGIN, i18n("Unable to authenticate via %1.\n" "The server %2 replied:\n%3").arg(myAuth).arg(myHost).arg(resultInfo)); @@ -2002,12 +2010,12 @@ if ( it != listResponses.end() ) { namespaceToDelimiter[QString::null] = (*it).hierarchyDelimiter(); - kdDebug(7116) << "makeLogin - delimiter for empty ns='" << + kdDebug(7116) << "makeLogin - delimiter for empty ns='" << (*it).hierarchyDelimiter() << "'" << endl; if ( !hasCapability("NAMESPACE") ) { // server does not support namespaces - QString nsentry = QString::number( 0 ) + "==" + QString nsentry = QString::number( 0 ) + "==" + (*it).hierarchyDelimiter(); imapNamespaces.append( nsentry ); } @@ -2336,7 +2344,7 @@ } } // if we got no list response for the box see if it's a prefix - if ( retVal == ITYPE_UNKNOWN && + if ( retVal == ITYPE_UNKNOWN && namespaceToDelimiter.contains(_box) ) { retVal = ITYPE_DIR; } @@ -2354,7 +2362,7 @@ else kdDebug(7116) << "IMAP4::parseURL: no login!" << endl; - } + } else // empty box { // the root is just a dir @@ -2383,7 +2391,7 @@ if ( _hierarchyDelimiter.isEmpty() && (_type == "LIST" || _type == "LSUB" || _type == "LSUBNOCHECK") ) { - // this shouldn't happen but when the delimiter is really empty + // this shouldn't happen but when the delimiter is really empty // we try to reconstruct it from the URL if (!_box.isEmpty()) { Magnus, I will need to revert this patch unless you can give me a fix for your fix very quickly (today). During my testing I am unable to access a Kolab server. I continually get the message "The authentication method * is not supported by the server." And then I am prompted for a username and password. But access fails anyway. The patch as you applied it differs from my patch which in turn differs from the changes I actually made to that file (and nobody spotted the unbalanced braces?). The relevant block should of course read if (myAuth.isEmpty () || myAuth == "*") { if (hasCapability (QString ("LOGINDISABLED"))) { error (ERR_COULD_NOT_LOGIN, i18n("LOGIN is disabled by the server.")); closeConnection(); return false; } } else { if (!hasCapability (QString ("AUTH=") + myAuth)) { error (ERR_COULD_NOT_LOGIN, i18n("The authentication method %1 is not " "supported by the server.").arg(myAuth)); closeConnection(); return false; } } Created attachment 17852 [details]
Abort login if disabled
SVN commit 586730 by winterz: fix my silly typos to Magnus' patch. Lucky I tested. BUGS: 126975 M +10 -11 imap4.cc --- branches/KDE/3.5/kdepim/kioslaves/imap4/imap4.cc #586729:586730 @@ -1924,20 +1924,19 @@ } else completeQueue.removeRef(cmd); } - if ( myAuth.isEmpty () || myAuth == "*" ) { - if ( hasCapability( QString( "LOGINDISABLED" ) ) ) { - error( ERR_COULD_NOT_LOGIN, i18n("LOGIN is disabled by the server.") ); + if (myAuth.isEmpty () || myAuth == "*") { + if (hasCapability (QString ("LOGINDISABLED"))) { + error (ERR_COULD_NOT_LOGIN, i18n("LOGIN is disabled by the server.")); closeConnection(); return false; } - else { - if ( !hasCapability( QString( "AUTH=" ) + myAuth ) ) { - error( ERR_COULD_NOT_LOGIN, - i18n("The authentication method %1 is not " - "supported by the server.").arg( myAuth ) ); - closeConnection(); - return false; - } + } + else { + if (!hasCapability (QString ("AUTH=") + myAuth)) { + error (ERR_COULD_NOT_LOGIN, i18n("The authentication method %1 is not " + "supported by the server.").arg(myAuth)); + closeConnection(); + return false; } } |