#3862: Error in POP3 authentication via SASL mechanism DIGEST-MD5
-----------------------+----------------------
Reporter: g1pimutt | Owner: mutt-dev
Type: defect | Status: new
Priority: major | Milestone:
Component: POP | Version:
Resolution: | Keywords:
-----------------------+----------------------
Comment (by kevin8t8):
> The manual for sasl_client_step() says:
>
> "... in IMAP sasl_client_step should still be called one more time
with a serverinlen of zero."
> (presumably "after it returns SASL_OK")
No, I don't believe the above presumption is correct. They are pointing
out that you should follow the return codes, not assume that "+OK" in the
response means you are done. If there is another response needed from the
client, the sasl_client_step() should return SASL_CONTINUE, even if the
clientout is empty. SASL_OK means "the authentication is complete."
It looks like the code currently tries to handle the case where
rc==SASL_OK but the olen is set for some strange reason.
But if what is happening is that olen==0, rc==SASL_OK, and yet there is
supposed to be another sasl_client_step(), that is clearly a bug in the
SASL libraries, and I don't think there is any good way to work around it
in the application (mutt) code.
--
Ticket URL: <https://dev.mutt.org/trac/ticket/3862#comment:5>
Mutt <http://www.mutt.org/>
The Mutt mail user agent
