Package home | Report new bug | New search | Development Roadmap Status: Open | Feedback | All | Closed Since Version 1.4.4

Bug #17107 can't follow referral -> empty Variables
Submitted: 2010-02-16 13:57 UTC
From: granada Assigned: yunosh
Status: Closed Package: Net_Sieve (version 1.1.7)
PHP Version: 5.2.1 OS: Linux, Solaris 10
Roadmaps: (Not assigned)    
Subscription  


Anyone can comment on a bug. Have a simpler test case? Does it work for you on a different platform? Let us know! Just going to say 'Me too!'? Don't clutter the database with that please !
Your email address:
MUST BE VALID
Solve the problem : 45 - 9 = ?

 
 [2010-02-16 13:57 UTC] granada (RĂ¼diger Engel)
Description: ------------ Net_Sieve.php (no matter if 1.1.7 stable or 1.2.0 beta) tries to connect to e.g. mail.server.com on Port 2004. It logs in, sends "LISTSCRIPTS" and then get's the message "BYE (REFERRAL "sieve://mail2") "Try Remote."". Everything o.k. until here! Now the function doCMD() tries to follow the referral and the next try to connect to the referred host leads to an error, since the needed variables (host, port, user, password etc.) are now empty and connecting to localhost:2000 fails. Inserting three new lines into e.g. (we use PLAIN) authPLAIN solves the problem, but it needs a more sophisticated patch than this quick and dirty one. Test script: --------------- not a test script, but the quick and dirty solution: function _authPLAIN($user, $pass , $euser ) { // new: define $this->_data[]: $this->_data['user']=$user; $this->_data['pass']=$pass; $this->_data['port']='2004'; // end of quick and dirty patch if ($euser != '') { $cmd=sprintf('AUTHENTICATE "PLAIN" "%s"', base64_encode($euser . chr(0) . $user . chr(0) . $pass ) ) ; } else { $cmd=sprintf('AUTHENTICATE "PLAIN" "%s"', base64_encode( chr(0) . $user . chr(0) . $pass ) ); } return $this->_sendCmd( $cmd ) ; }

Comments

 [2010-04-01 17:58 UTC] yunosh (Jan Schneider)
-Status: Open +Status: Feedback
Looking at the managesieve specs, this doesn't seem to be the right solution. The REFERRAL response should contain the port number if it is different than the default, and we should use that. The specs are not explicit about that but instead refer to the RFC 3986 authority for the host part or the sieve URI.
 [2010-06-30 04:41 UTC] smithmb (Martin Smith)
I'm also seeing a similar issue with the latest Net::Sieve and Cyrus timsieved v2.2.12 on Gentoo. After a referral, the credentials are all empty, so the hash is "AAA==" which is obviously wrong. I understand the port issue, but clearly $uid, $pwd, $euser must all be preserved on a referral. Please let me know if I can provide further info and testing.
 [2010-07-01 15:09 UTC] yunosh (Jan Schneider)
I can't reproduce this. If the server sends a referral, Net_Sieve is doing a new connect and login with the same credentials.
 [2010-07-07 06:08 UTC] smithmb (Martin Smith)
I'm not sure what to say... here's my log (note the empty hash "AAA="): [06-Jul-2010 21:12:41 -0400]: S: "IMPLEMENTATION" "Cyrus timsieved v2.2.12-Invoca-RPM-2.2.12-OSG3" [06-Jul-2010 21:12:41 -0400]: S: "SASL" "PLAIN" [06-Jul-2010 21:12:41 -0400]: S: "SIEVE" "fileinto reject envelope vacation imapflags notify subaddress relational comparator-i;ascii-numeric regex" [06-Jul-2010 21:12:41 -0400]: S: OK [06-Jul-2010 21:12:41 -0400]: C: CAPABILITY [06-Jul-2010 21:12:41 -0400]: S: "IMPLEMENTATION" "Cyrus timsieved v2.2.12-Invoca-RPM-2.2.12-OSG3" [06-Jul-2010 21:12:41 -0400]: S: "SASL" "PLAIN" [06-Jul-2010 21:12:41 -0400]: S: "SIEVE" "fileinto reject envelope vacation imapflags notify subaddress relational comparator-i;ascii-numeric regex" [06-Jul-2010 21:12:41 -0400]: S: OK [06-Jul-2010 21:12:41 -0400]: C: AUTHENTICATE "PLAIN" "<sanitized hash>" [06-Jul-2010 21:12:41 -0400]: S: OK [06-Jul-2010 21:12:41 -0400]: C: LISTSCRIPTS [06-Jul-2010 21:12:41 -0400]: S: BYE (REFERRAL "sieve://not-a-proxy.example.com") "Try Remote." [06-Jul-2010 21:12:41 -0400]: S: "IMPLEMENTATION" "Cyrus timsieved v2.2.12-Gentoo" [06-Jul-2010 21:12:41 -0400]: S: "SASL" "PLAIN" [06-Jul-2010 21:12:41 -0400]: S: "SIEVE" "fileinto reject envelope vacation imapflags notify subaddress relational comparator-i;ascii-numeric regex" [06-Jul-2010 21:12:41 -0400]: S: "STARTTLS" [06-Jul-2010 21:12:41 -0400]: S: OK [06-Jul-2010 21:12:41 -0400]: C: CAPABILITY [06-Jul-2010 21:12:41 -0400]: S: "IMPLEMENTATION" "Cyrus timsieved v2.2.12-Gentoo" [06-Jul-2010 21:12:41 -0400]: S: "SASL" "PLAIN" [06-Jul-2010 21:12:41 -0400]: S: "SIEVE" "fileinto reject envelope vacation imapflags notify subaddress relational comparator-i;ascii-numeric regex" [06-Jul-2010 21:12:41 -0400]: S: "STARTTLS" [06-Jul-2010 21:12:41 -0400]: S: OK [06-Jul-2010 21:12:41 -0400]: C: STARTTLS [06-Jul-2010 21:12:41 -0400]: S: OK "Begin TLS negotiation now" [06-Jul-2010 21:12:41 -0400]: STARTTLS negotiation successful [06-Jul-2010 21:12:41 -0400]: C: CAPABILITY [06-Jul-2010 21:12:41 -0400]: S: "IMPLEMENTATION" "Cyrus timsieved v2.2.12-Gentoo" [06-Jul-2010 21:12:41 -0400]: S: "SASL" "PLAIN" [06-Jul-2010 21:12:41 -0400]: S: "SIEVE" "fileinto reject envelope vacation imapflags notify subaddress relational comparator-i;ascii-numeric regex" [06-Jul-2010 21:12:41 -0400]: S: OK [06-Jul-2010 21:12:41 -0400]: C: AUTHENTICATE "PLAIN" "AAA=" [06-Jul-2010 21:12:41 -0400]: S: NO "Authentication Error" [06-Jul-2010 21:12:41 -0400]: C: LOGOUT [06-Jul-2010 21:12:41 -0400]: S: OK "Logout Complete" Perhaps you can't reproduce because of a different referral syntax you're testing against?
 [2010-07-07 15:26 UTC] yunosh (Jan Schneider)
I emulated your referral example in code, just to be sure. I debugged the code step by step, and this is what's happening in the case of a referral response: 1. $this->_data['host'] is being updated with the new host name 2. _handleConnectAndLogin() is called 3. connect() with the new hostname, and login() with the user credentials from $this->_data are called. 4. login() passes the user names and password to _cmdAuthenticate()
 [2011-05-31 22:11 UTC] alec (Aleksander Machniak)
 [2011-05-31 22:13 UTC] alec (Aleksander Machniak)
I can confirm this issue. The important thing is that only class constructor sets $_data variable. So, when you call constructor without arguments and then use connect/login methods the $_data is not updated. Attached patch fixes the issue.
 [2011-08-07 03:05 UTC] yunosh (Jan Schneider)
-Status: Feedback +Status: Closed -Assigned To: +Assigned To: yunosh
Thank you for your bug report. This issue has been fixed in the latest released version of the package, which you can download at http://pear.php.net/get/