* bug#34458: 27.0.50; Gnus's nnimap truncates password
@ 2019-02-12 16:49 Amin Bandali
2019-06-22 13:01 ` Lars Ingebrigtsen
0 siblings, 1 reply; 8+ messages in thread
From: Amin Bandali @ 2019-02-12 16:49 UTC (permalink / raw)
To: 34458
It seems that when the combined length of username + password for an
imap login exceeds certain length, nnimap tries to log into the server
with a truncated password.
Example:
Say I have the following line in ~/.authinfo.gpg:
machine mymchn login myuserid@hereis.alongaddr.ca password VAdlmhgtPX3RQpV2bfr8ilj6Qptr0Omz
I was wondering why Gnus wasn’t able to log into the server, though I
had made sure I was using the correct username and password. Upon
looking into server logs, I noticed that the login attempts were made
using VAdlmhgtPX3RQpV2bfr8ilj6Qpt as the password (notice that r0Omz is
missing at the end) instead of the correct full password.
Then I tried with a shorter username like below and it worked just fine:
machine mymchn login myuserid@hereis.ca password VAdlmhgtPX3RQpV2bfr8ilj6Qptr0Omz
If I recall correctly, this issue also happens without adding a machine
entry to ~/.authinfo.gpg (i.e. by filling out the username and password
prompt); which leads me to think that the issue is not with auth-source.
^ permalink raw reply [flat|nested] 8+ messages in thread
* bug#34458: 27.0.50; Gnus's nnimap truncates password
2019-02-12 16:49 bug#34458: 27.0.50; Gnus's nnimap truncates password Amin Bandali
@ 2019-06-22 13:01 ` Lars Ingebrigtsen
2019-06-22 13:04 ` Lars Ingebrigtsen
2019-06-29 18:32 ` Amin Bandali
0 siblings, 2 replies; 8+ messages in thread
From: Lars Ingebrigtsen @ 2019-06-22 13:01 UTC (permalink / raw)
To: Amin Bandali; +Cc: 34458
Amin Bandali <bandali@gnu.org> writes:
> It seems that when the combined length of username + password for an
> imap login exceeds certain length, nnimap tries to log into the server
> with a truncated password.
I've looked at the code, and I can't see where it would be truncating
the password...
> I was wondering why Gnus wasn’t able to log into the server, though I
> had made sure I was using the correct username and password. Upon
> looking into server logs, I noticed that the login attempts were made
> using VAdlmhgtPX3RQpV2bfr8ilj6Qpt as the password (notice that r0Omz is
> missing at the end) instead of the correct full password.
Is it possible that the server is truncating the password (before
logging it, even)? What IMAP server are you using?
--
(domestic pets only, the antidote for overdose, milk.)
bloggy blog: http://lars.ingebrigtsen.no
^ permalink raw reply [flat|nested] 8+ messages in thread
* bug#34458: 27.0.50; Gnus's nnimap truncates password
2019-06-22 13:01 ` Lars Ingebrigtsen
@ 2019-06-22 13:04 ` Lars Ingebrigtsen
2019-06-29 18:32 ` Amin Bandali
1 sibling, 0 replies; 8+ messages in thread
From: Lars Ingebrigtsen @ 2019-06-22 13:04 UTC (permalink / raw)
To: Amin Bandali; +Cc: 34458
Lars Ingebrigtsen <larsi@gnus.org> writes:
> Amin Bandali <bandali@gnu.org> writes:
>
>> It seems that when the combined length of username + password for an
>> imap login exceeds certain length, nnimap tries to log into the server
>> with a truncated password.
>
> I've looked at the code, and I can't see where it would be truncating
> the password...
Unless you're using CRAM-MD5 as the auth method, but then you wouldn't
see the password at all on the server side, I guess...
--
(domestic pets only, the antidote for overdose, milk.)
bloggy blog: http://lars.ingebrigtsen.no
^ permalink raw reply [flat|nested] 8+ messages in thread
* bug#34458: 27.0.50; Gnus's nnimap truncates password
2019-06-22 13:01 ` Lars Ingebrigtsen
2019-06-22 13:04 ` Lars Ingebrigtsen
@ 2019-06-29 18:32 ` Amin Bandali
2019-07-04 13:23 ` Lars Ingebrigtsen
1 sibling, 1 reply; 8+ messages in thread
From: Amin Bandali @ 2019-06-29 18:32 UTC (permalink / raw)
To: Lars Ingebrigtsen; +Cc: 34458
Lars Ingebrigtsen <larsi@gnus.org> writes:
[...]
>
> Is it possible that the server is truncating the password (before
> logging it, even)? What IMAP server are you using?
I don’t think so…? I use a local dovecot with a fairly typical
configuration [0], with sha512 of passwords stored in a separate file.
[0]: https://git.sr.ht/~bandali/dotfiles/tree/b1ed9ee8a3c507dd26df3d884fb0e15daef7da99/rc.org#L23
Lars Ingebrigtsen <larsi@gnus.org> writes:
[...]
>
> Unless you're using CRAM-MD5 as the auth method, but then you wouldn't
> see the password at all on the server side, I guess...
Right. As far as I know, I am not. I have been meaning to try and
edebug nnimap-login, but I’ve been super busy with school work lately,
and have barely had any free time.
Have you tried reproducing this on your end?
^ permalink raw reply [flat|nested] 8+ messages in thread
* bug#34458: 27.0.50; Gnus's nnimap truncates password
2019-06-29 18:32 ` Amin Bandali
@ 2019-07-04 13:23 ` Lars Ingebrigtsen
2019-07-12 23:49 ` Lars Ingebrigtsen
0 siblings, 1 reply; 8+ messages in thread
From: Lars Ingebrigtsen @ 2019-07-04 13:23 UTC (permalink / raw)
To: Amin Bandali; +Cc: 34458
Amin Bandali <bandali@gnu.org> writes:
> Have you tried reproducing this on your end?
No, but the code is:
(defun nnimap-login (user password)
(cond
;; Prefer plain LOGIN if it's enabled (since it requires fewer
;; round trips than CRAM-MD5, and it's less likely to be buggy),
;; and we're using an encrypted connection.
((and (not (nnimap-capability "LOGINDISABLED"))
[...]
(nnimap-command "LOGIN %S %S" user password))
[...]
((and (not (nnimap-capability "LOGINDISABLED"))
[...]
(nnimap-command "LOGIN %S %S" user password))
((and (nnimap-capability "AUTH=PLAIN")
[...]
(nnimap-command
"AUTHENTICATE PLAIN %s"
(base64-encode-string
(format "\000%s\000%s"
(nnimap-quote-specials user)
(nnimap-quote-specials password)))))))
so if you're using any of the plain LOGIN things to the IMAP server,
there's really no code in there that I can see that can truncate
anything...
--
(domestic pets only, the antidote for overdose, milk.)
bloggy blog: http://lars.ingebrigtsen.no
^ permalink raw reply [flat|nested] 8+ messages in thread
* bug#34458: 27.0.50; Gnus's nnimap truncates password
2019-07-04 13:23 ` Lars Ingebrigtsen
@ 2019-07-12 23:49 ` Lars Ingebrigtsen
2019-07-13 3:20 ` Amin Bandali
0 siblings, 1 reply; 8+ messages in thread
From: Lars Ingebrigtsen @ 2019-07-12 23:49 UTC (permalink / raw)
To: Amin Bandali; +Cc: 34458
A bug report was filed for a similar problem in url.el, and it turns out
that the base64 encoding may have been the culprit -- it would split the
encoded string into two lines, thereby effectively truncating the data.
I've pushed a fix for this in nnimap, too. Could you check whether the
trunk now works for you?
--
(domestic pets only, the antidote for overdose, milk.)
bloggy blog: http://lars.ingebrigtsen.no
^ permalink raw reply [flat|nested] 8+ messages in thread
* bug#34458: 27.0.50; Gnus's nnimap truncates password
2019-07-12 23:49 ` Lars Ingebrigtsen
@ 2019-07-13 3:20 ` Amin Bandali
2019-07-13 3:34 ` Lars Ingebrigtsen
0 siblings, 1 reply; 8+ messages in thread
From: Amin Bandali @ 2019-07-13 3:20 UTC (permalink / raw)
To: Lars Ingebrigtsen; +Cc: 34458
Hi Lars,
Sorry for the slow reply.
Lars Ingebrigtsen <larsi@gnus.org> writes:
> A bug report was filed for a similar problem in url.el, and it turns out
> that the base64 encoding may have been the culprit -- it would split the
> encoded string into two lines, thereby effectively truncating the data.
>
> I've pushed a fix for this in nnimap, too. Could you check whether the
> trunk now works for you?
With your 99e8d6fc26a163001c3a7ccf6786e1c4ecc5788e it does seem to be
fixed now; many thanks!
--
Amin Bandali
Free Software Activist | GNU Webmaster & Volunteer
GPG: BE62 7373 8E61 6D6D 1B3A 08E8 A21A 0202 4881 6103
https://shemshak.org/~amin
^ permalink raw reply [flat|nested] 8+ messages in thread
end of thread, other threads:[~2019-07-13 3:34 UTC | newest]
Thread overview: 8+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2019-02-12 16:49 bug#34458: 27.0.50; Gnus's nnimap truncates password Amin Bandali
2019-06-22 13:01 ` Lars Ingebrigtsen
2019-06-22 13:04 ` Lars Ingebrigtsen
2019-06-29 18:32 ` Amin Bandali
2019-07-04 13:23 ` Lars Ingebrigtsen
2019-07-12 23:49 ` Lars Ingebrigtsen
2019-07-13 3:20 ` Amin Bandali
2019-07-13 3:34 ` Lars Ingebrigtsen
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/emacs.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).