Bug 122818

Summary: IMAP BAD responses not properly handled
Product: [Frameworks and Libraries] kio Reporter: Casey Allen Shobe <cshobe>
Component: imapAssignee: kdepim bugs <kdepim-bugs>
Status: RESOLVED DUPLICATE    
Severity: normal    
Priority: NOR    
Version: unspecified   
Target Milestone: ---   
Platform: Compiled Sources   
OS: Linux   
Latest Commit: Version Fixed In:

Description Casey Allen Shobe 2006-02-28 00:10:56 UTC
Version:            (using KDE KDE 3.5.1)
Installed from:    Compiled From Sources
Compiler:          gcc 3.4.4 
OS:                Linux

3 CAPABILITY 
* CAPABILITY IMAP4rev1 SORT THREAD=REFERENCES MULTIAPPEND UNSELECT LITERAL+ IDLE CHILDREN NAMESPACE LOGIN-REFERRALS STARTTLS AUTH=PLAIN AUTH=DIGEST-MD5 AUTH=GSSAPI 
3 OK Capability completed. 
4 NAMESPACE 
4 BAD Error in IMAP command received by server. 
5 LIST "" "" 
5 BAD Error in IMAP command received by server. 

In this example, we see that kmail receives a bad response to it's namespace inquiry (which means that the IMAP protocol got violated).  "No matter!", it decides, and keeps on going.  Worst, after blatently ignoring the errors received, it then lies to the user, saying something clever like "The server imap.sk8rland.com replied: SASL(-4): no mechanism available: No worthy mechs found.  Blame them not me!!  OMG!"
Comment 1 Carsten Burghardt 2006-03-05 00:25:37 UTC
To be honest the only error message that kmail could give as a result of this communication is: "remove this account as kmail will not be able to communicate with this server correctly".
The reason is that the BAD reponse from the list "" "" command simpy violates rfc 2060. It doesn't communicate the default delimiter for paths ("/" or "."). So clients will have no clue how to work with the server. This should be no problem as the server claims to support namespaces - but it also answers with an error. And the query from kmail was definitely correct.
I will close this report as I don't a reasonable way to work with this server. I do agree that the error message is misleading but this is really a minor problem.
Comment 2 Carsten Burghardt 2006-03-05 00:33:48 UTC
My pardon, I didn't see your first report. The user was _not_ logged in before therefore the server reponse is of course right. But I could not see that from this report.
Comment 3 Carsten Burghardt 2006-03-05 00:34:32 UTC
Nevertheless it is a duplicate as the source of the problem is the same.

*** This bug has been marked as a duplicate of 122817 ***
Comment 4 Casey Allen Shobe 2006-03-05 02:28:40 UTC
> Nevertheless it is a duplicate as the source of the problem is the same.

...and how am I supposed to know the internal workings of Kmail enough to guess this?  I saw 2 separate problems, so I filed 2 bugs.
Comment 5 David Woodhouse 2006-03-05 13:16:45 UTC
Doesn't look like a duplicate to me. The first report covers the lack of any attempt to authenticate; the second report concerns the poor or non-existent error handling after that has happened.

The errors which were badly handled in the second report may indeed have been caused by the bug in the first report, but that doesn't make it a duplicate. There are two separate bugs -- first kmail causes an error, then it lies to the user about that error. 
Comment 6 Thiago Macieira 2006-03-05 14:25:02 UTC
Casey: you're not supposed to. That's why developers take a look at it and mark it as duplicate if it's the same cause.

David: the second problem doesn't exist if the user is logged in properly.
Comment 7 Casey Allen Shobe 2006-03-07 18:24:02 UTC
> Casey: you're not supposed to. That's why developers take a look at it and
> mark it as duplicate if it's the same cause.

Yeah I just took the wording the harshest possible way, which is probably not how it was meant.  Sorry for that.