Description: ------------ Net_Sieve.php (no matter if 1.1.7 stable or 1.2.0 beta) tries to connect to e.g. mail.server.com on Port 2004. It logs in, sends "LISTSCRIPTS" and then get's the message "BYE (REFERRAL "sieve://mail2") "Try Remote."". Everything o.k. until here! Now the function doCMD() tries to follow the referral and the next try to connect to the referred host leads to an error, since the needed variables (host, port, user, password etc.) are now empty and connecting to localhost:2000 fails. Inserting three new lines into e.g. (we use PLAIN) authPLAIN solves the problem, but it needs a more sophisticated patch than this quick and dirty one. Test script: --------------- not a test script, but the quick and dirty solution: function _authPLAIN($user, $pass , $euser ) { // new: define $this->_data[]: $this->_data['user']=$user; $this->_data['pass']=$pass; $this->_data['port']='2004'; // end of quick and dirty patch if ($euser != '') { $cmd=sprintf('AUTHENTICATE "PLAIN" "%s"', base64_encode($euser . chr(0) . $user . chr(0) . $pass ) ) ; } else { $cmd=sprintf('AUTHENTICATE "PLAIN" "%s"', base64_encode( chr(0) . $user . chr(0) . $pass ) ); } return $this->_sendCmd( $cmd ) ; }

Looking at the managesieve specs, this doesn't seem to be the right solution. The REFERRAL response should contain the port number if it is different than the default, and we should use that. The specs are not explicit about that but instead refer to the RFC 3986 authority for the host part or the sieve URI.

I'm also seeing a similar issue with the latest Net::Sieve and Cyrus timsieved v2.2.12 on Gentoo. After a referral, the credentials are all empty, so the hash is "AAA==" which is obviously wrong. I understand the port issue, but clearly $uid, $pwd, $euser must all be preserved on a referral. Please let me know if I can provide further info and testing.

I can't reproduce this. If the server sends a referral, Net_Sieve is doing a new connect and login with the same credentials.

I'm not sure what to say... here's my log (note the empty hash "AAA="): [06-Jul-2010 21:12:41 -0400]: S: "IMPLEMENTATION" "Cyrus timsieved v2.2.12-Invoca-RPM-2.2.12-OSG3" [06-Jul-2010 21:12:41 -0400]: S: "SASL" "PLAIN" [06-Jul-2010 21:12:41 -0400]: S: "SIEVE" "fileinto reject envelope vacation imapflags notify subaddress relational comparator-i;ascii-numeric regex" [06-Jul-2010 21:12:41 -0400]: S: OK [06-Jul-2010 21:12:41 -0400]: C: CAPABILITY [06-Jul-2010 21:12:41 -0400]: S: "IMPLEMENTATION" "Cyrus timsieved v2.2.12-Invoca-RPM-2.2.12-OSG3" [06-Jul-2010 21:12:41 -0400]: S: "SASL" "PLAIN" [06-Jul-2010 21:12:41 -0400]: S: "SIEVE" "fileinto reject envelope vacation imapflags notify subaddress relational comparator-i;ascii-numeric regex" [06-Jul-2010 21:12:41 -0400]: S: OK [06-Jul-2010 21:12:41 -0400]: C: AUTHENTICATE "PLAIN" "<sanitized hash>" [06-Jul-2010 21:12:41 -0400]: S: OK [06-Jul-2010 21:12:41 -0400]: C: LISTSCRIPTS [06-Jul-2010 21:12:41 -0400]: S: BYE (REFERRAL "sieve://not-a-proxy.example.com") "Try Remote." [06-Jul-2010 21:12:41 -0400]: S: "IMPLEMENTATION" "Cyrus timsieved v2.2.12-Gentoo" [06-Jul-2010 21:12:41 -0400]: S: "SASL" "PLAIN" [06-Jul-2010 21:12:41 -0400]: S: "SIEVE" "fileinto reject envelope vacation imapflags notify subaddress relational comparator-i;ascii-numeric regex" [06-Jul-2010 21:12:41 -0400]: S: "STARTTLS" [06-Jul-2010 21:12:41 -0400]: S: OK [06-Jul-2010 21:12:41 -0400]: C: CAPABILITY [06-Jul-2010 21:12:41 -0400]: S: "IMPLEMENTATION" "Cyrus timsieved v2.2.12-Gentoo" [06-Jul-2010 21:12:41 -0400]: S: "SASL" "PLAIN" [06-Jul-2010 21:12:41 -0400]: S: "SIEVE" "fileinto reject envelope vacation imapflags notify subaddress relational comparator-i;ascii-numeric regex" [06-Jul-2010 21:12:41 -0400]: S: "STARTTLS" [06-Jul-2010 21:12:41 -0400]: S: OK [06-Jul-2010 21:12:41 -0400]: C: STARTTLS [06-Jul-2010 21:12:41 -0400]: S: OK "Begin TLS negotiation now" [06-Jul-2010 21:12:41 -0400]: STARTTLS negotiation successful [06-Jul-2010 21:12:41 -0400]: C: CAPABILITY [06-Jul-2010 21:12:41 -0400]: S: "IMPLEMENTATION" "Cyrus timsieved v2.2.12-Gentoo" [06-Jul-2010 21:12:41 -0400]: S: "SASL" "PLAIN" [06-Jul-2010 21:12:41 -0400]: S: "SIEVE" "fileinto reject envelope vacation imapflags notify subaddress relational comparator-i;ascii-numeric regex" [06-Jul-2010 21:12:41 -0400]: S: OK [06-Jul-2010 21:12:41 -0400]: C: AUTHENTICATE "PLAIN" "AAA=" [06-Jul-2010 21:12:41 -0400]: S: NO "Authentication Error" [06-Jul-2010 21:12:41 -0400]: C: LOGOUT [06-Jul-2010 21:12:41 -0400]: S: OK "Logout Complete" Perhaps you can't reproduce because of a different referral syntax you're testing against?

I emulated your referral example in code, just to be sure. I debugged the code step by step, and this is what's happening in the case of a referral response: 1. $this->_data['host'] is being updated with the new host name 2. _handleConnectAndLogin() is called 3. connect() with the new hostname, and login() with the user credentials from $this->_data are called. 4. login() passes the user names and password to _cmdAuthenticate()

Added patch Sieve_referral.patch.

I can confirm this issue. The important thing is that only class constructor sets $_data variable. So, when you call constructor without arguments and then use connect/login methods the $_data is not updated. Attached patch fixes the issue.

Thank you for your bug report. This issue has been fixed in the latest released version of the package, which you can download at http://pear.php.net/get/