On Sun, 29 Nov 2009, Rick wrote:
Trying to get SMTP auth working with alpine, I came across a bug. Alpine
sends AUTH PLAIN and waits for a 334 response, then sends the auth string.
According to the RFC, the server should reply with 334 and a nothing else,
but in Auth.pm qpsmtpd responds with "334 Please continue." the "Please
continue" is interpreted as a non-zero length initial challenge which causes
alpine (and maybe other clients?) to abort the session.
The simple fix is to change this part in Auth.pm:
if ( $mechanism eq "plain" ) {
if (!$prekey) {
$session->respond( 334, "Please continue" );
$prekey= <STDIN>;
}
To this:
if ( $mechanism eq "plain" ) {
if (!$prekey) {
$session->respond( 334, " " );
$prekey= <STDIN>;
}
Signed-off-by: Charlie Brady <charl...@budge.apana.org.au>
bash-3.2$ git diff
diff --git a/lib/Qpsmtpd/Auth.pm b/lib/Qpsmtpd/Auth.pm
index 993c176..422c3f4 100644
--- a/lib/Qpsmtpd/Auth.pm
+++ b/lib/Qpsmtpd/Auth.pm
@@ -20,7 +20,7 @@ sub SASL {
if ( $mechanism eq "plain" ) {
if (!$prekey) {
- $session->respond( 334, "Please continue" );
+ $session->respond( 334, " " );
$prekey= <STDIN>;
}
( $loginas, $user, $passClear ) = split /\x0/,
bash-3.2$
Rick, if you prefer, you could submit the patch, and I will follow with:
Acked-by: Charlie Brady <charl...@budge.apana.org.au>
There's a space in there, otherwise qpsmtpd won't send any response which is
equally as bad.
I suggest somebody commit this small change to the source tree.
-Rick
