[kmail2] [Bug 311990] Problem connetcing to dovecot-managesieve with STARTTLS and auth=CRAM-MD5 /LOGIN
https://bugs.kde.org/show_bug.cgi?id=311990 --- Comment #24 from aeris --- Ok, here is the root cause: https://github.com/KDE/libksieve/blob/master/src/kmanagesieve/session.cpp#L171 With CRAM-MD5, the challenge is on the `response.key()`, not on the `data` field, which is here empty. Don't know how to fix this without breaking other auth type… -- You are receiving this mail because: You are watching all bug changes.
[kmail2] [Bug 311990] Problem connetcing to dovecot-managesieve with STARTTLS and auth=CRAM-MD5 /LOGIN
https://bugs.kde.org/show_bug.cgi?id=311990 --- Comment #23 from aeris --- Trouble is here: https://github.com/KDE/libksieve/blob/master/src/kmanagesieve/sessionthread.cpp#L265-L266 Seems strange, the challenge is expected to be read *before* the AUTHENTICATE command… -- You are receiving this mail because: You are watching all bug changes.
[kmail2] [Bug 311990] Problem connetcing to dovecot-managesieve with STARTTLS and auth=CRAM-MD5 /LOGIN
https://bugs.kde.org/show_bug.cgi?id=311990 --- Comment #22 from aeris --- Seems the used challenge is empty string ./gen-auth.pl CRAM-MD5 "aeris" "$PASS" "" YWVyaXMgMTliMTYxYjNkMGI4YWY3OGRlNjkwNDFkNWQ4Zm= Which is the same as the always sent token in my case -- You are receiving this mail because: You are watching all bug changes.
[kmail2] [Bug 311990] Problem connetcing to dovecot-managesieve with STARTTLS and auth=CRAM-MD5 /LOGIN
https://bugs.kde.org/show_bug.cgi?id=311990 aeris changed: What|Removed |Added CC||ae...@imirhil.fr --- Comment #21 from aeris --- Same here. When debugging, I notice the returned CRAM-MD5 is always the same, whatever the challenge the server send. Aug 15 10:10:49 kamino dovecot[25805]: auth: Debug: client passdb out: CONT 1PDE2MzYzMDkzMDA4MTM5MTYuMTU2NTg2Mzg0OUBrYW1pbm8+ Aug 15 10:10:49 kamino dovecot[25805]: auth: Debug: client in: CONT1 YWVyaXMgMTliMTYxYjNkMGI4YWY3OGRlNjkwNDFkNWQ4Zm= (previous base64 data may contain sensitive data) Aug 15 10:11:00 kamino dovecot[25805]: auth: Debug: client passdb out: CONT 1PDU3NjA0MjQyNTkyMzAwMzEuMTU2NTg2Mzg2MEBrYW1pbm8+ Aug 15 10:11:00 kamino dovecot[25805]: auth: Debug: client in: CONT1 YWVyaXMgMTliMTYxYjNkMGI4YWY3OGRlNjkwNDFkNWQ4Zm= (previous base64 data may contain sensitive data) Notice the 2 challenges PDE2MzYzMDkzMDA4MTM5MTYuMTU2NTg2Mzg0OUBrYW1pbm8+ and PDU3NjA0MjQyNTkyMzAwMzEuMTU2NTg2Mzg2MEBrYW1pbm8+, but the same response YWVyaXMgMTliMTYxYjNkMGI4YWY3OGRlNjkwNDFkNWQ4Zm -- You are receiving this mail because: You are watching all bug changes.
[kmail2] [Bug 311990] Problem connetcing to dovecot-managesieve with STARTTLS and auth=CRAM-MD5 /LOGIN
https://bugs.kde.org/show_bug.cgi?id=311990 Michael Chalvatzischanged: What|Removed |Added Version|unspecified |5.7.3 CC||gly...@gmx.net --- Comment #20 from Michael Chalvatzis --- I still can confirm this bug and I hit this even with version 5.7.3 (included with kubuntu 18.04). When will there be a fix for this? My investigation shows, that the client response of the md5 challenge is wrong by kmail. Doing the steps manually works perfect. here some log entries of the (dovecot-)sieve server that shows the error: auth: Debug: client in: AUTH#0111#011CRAM-MD5#011service=sieve#011secured#011session=TJDeHydsngDAqLKz#011lip=192.168.xxx.xxx#011rip=192.168.xxx.xxx#011lport=4190#011rport=53662 auth: Debug: client passdb out: CONT#0111#011PDA0NDIzNjg4NDE3NTgzMDcuMTUyNjI5MDE3N0BtYXN0ZXJibGFzdGVyLmhvbW== auth: Debug: client in: CONT#0111#011Y2hhbHZhdHogMDE5YzU0MjcyOTM4MGFjNmVhMDkxMTg4YTU1Nzxxx= <-- this is wrong answer! recreating the challenge response manually produces a different output!! auth: Debug: passwd-file(username,192.168.xxx.xxx,): lookup: user=username file=/etc/dovecot/users auth: Debug: password(username,192.168.xxx.xxx,): Credentials: dx auth: cram-md5(username,192.168.xxx.xxx,): password mismatch auth: Debug: client passdb out: FAIL#0111#011user=username -- You are receiving this mail because: You are watching all bug changes.
[kmail2] [Bug 311990] Problem connetcing to dovecot-managesieve with STARTTLS and auth=CRAM-MD5 /LOGIN
https://bugs.kde.org/show_bug.cgi?id=311990 Dennis Schriddechanged: What|Removed |Added CC||devuran...@gmx.net -- You are receiving this mail because: You are watching all bug changes.
[kmail2] [Bug 311990] Problem connetcing to dovecot-managesieve with STARTTLS and auth=CRAM-MD5 /LOGIN
https://bugs.kde.org/show_bug.cgi?id=311990 --- Comment #19 from Laurent Montel--- (In reply to Nikolay Brookstein from comment #18) > (In reply to Laurent Montel from comment #17) > > For sure I can't investigate this week (Christmas holidays for me) but > > indeed an account which can provide error will help me to investigate for > > sure. > > That would be great! > > Than I will create an account for you and send you login data. > Can I use your *@kde.org address for this? Yep mon...@kde.org > > Merry Christmas Thanks :) > > P.S. Probably the majority is busy with holidays && famirly && friends this > week :D > So I have expected that only after 1-2 weeks it will be possible to try to > find out what is going wrong here. -- You are receiving this mail because: You are watching all bug changes.
[kmail2] [Bug 311990] Problem connetcing to dovecot-managesieve with STARTTLS and auth=CRAM-MD5 /LOGIN
https://bugs.kde.org/show_bug.cgi?id=311990 --- Comment #18 from Nikolay Brookstein--- (In reply to Laurent Montel from comment #17) > For sure I can't investigate this week (Christmas holidays for me) but > indeed an account which can provide error will help me to investigate for > sure. That would be great! Than I will create an account for you and send you login data. Can I use your *@kde.org address for this? Merry Christmas P.S. Probably the majority is busy with holidays && famirly && friends this week :D So I have expected that only after 1-2 weeks it will be possible to try to find out what is going wrong here. -- You are receiving this mail because: You are watching all bug changes.
[kmail2] [Bug 311990] Problem connetcing to dovecot-managesieve with STARTTLS and auth=CRAM-MD5 /LOGIN
https://bugs.kde.org/show_bug.cgi?id=311990 --- Comment #17 from Laurent Montel--- For sure I can't investigate this week (Christmas holidays for me) but indeed an account which can provide error will help me to investigate for sure. -- You are receiving this mail because: You are watching all bug changes.
[kmail2] [Bug 311990] Problem connetcing to dovecot-managesieve with STARTTLS and auth=CRAM-MD5 /LOGIN
https://bugs.kde.org/show_bug.cgi?id=311990 --- Comment #16 from Nikolay Brookstein--- Some logging from the kmail side: log_kmanagersieve: "session1" connect to host url: QUrl("sieve://alice%40test@mail-01.test.com:4190?x-mech=PLAIN") log_kmanagersieve: "session1" void KManageSieve::Session::scheduleJob(KManageSieve::SieveJob*) KManageSieve::SieveJob(0x5607dd4137e0) log_kmanagersieve: "session1" void KManageSieve::Session::killJob(KManageSieve::SieveJob*, KJob::KillVerbosity) KManageSieve::SieveJob(0x5607dd4137e0) log_kmanagersieve: "session1" void KManageSieve::Session::scheduleJob(KManageSieve::SieveJob*) KManageSieve::SieveJob(0x5607dd115640) log_kmanagersieve: S: "\"IMPLEMENTATION\" \"Cyrus timsieved 2.5.10-55-gb6dbffa-Kolab-2.5.10-6.1.el7.kolab_16\"" log_kmanagersieve: 1 "IMPLEMENTATION" "Cyrus timsieved 2.5.10-55-gb6dbffa-Kolab-2.5.10-6.1.el7.kolab_16" "" 0 log_kmanagersieve: S: "\"SASL\" \"\"" log_kmanagersieve: 1 "SASL" "" "" 0 log_kmanagersieve: "session1" Connected to Sieve server: "Cyrus timsieved 2.5.10-55-gb6dbffa-Kolab-2.5.10-6.1.el7.kolab_16" log_kmanagersieve: S: "\"SIEVE\" \"comparator-i;ascii-numeric fileinto reject vacation imapflags notify include envelope body relational regex subaddress copy date\"" log_kmanagersieve: "session1" Server SASL authentication methods: () log_kmanagersieve: 1 "SIEVE" "comparator-i;ascii-numeric fileinto reject vacation imapflags notify include envelope body relational regex subaddress copy date" "" 0 log_kmanagersieve: S: "\"STARTTLS\"" log_kmanagersieve: "session1" Server script capabilities: ("comparator-i;ascii-numeric", "fileinto", "reject", "vacation", "imapflags", "notify", "include", "envelope", "body", "relational", "regex", "subaddress", "copy", "date") log_kmanagersieve: 1 "STARTTLS" "" "" 0 log_kmanagersieve: S: "\"UNAUTHENTICATE\"" log_kmanagersieve: "session1" Server supports TLS log_kmanagersieve: 1 "UNAUTHENTICATE" "" "" 0 log_kmanagersieve: S: "OK" log_kmanagersieve: "session1" Unrecognised key "UNAUTHENTICATE" log_kmanagersieve: 2 "OK" "" "" 0 log_kmanagersieve: "session1" Sieve server ready & awaiting authentication. log_kmanagersieve: C: "STARTTLS" log_kmanagersieve: S: "OK \"Begin TLS negotiation now\"" log_kmanagersieve: 2 "OK \"Begin TLS negotiation now\"" "" "" 0 log_kmanagersieve: SessionThread::doStartSsl() log_kmanagersieve: void KManageSieve::SessionThread::slotSocketError() "Unknown error" log_kmanagersieve: "session1" No job for reporting this error message! "Could not connect to host Unknown error." log_kmanagersieve: Initial SSL handshake failed. cipher.isNull() is true , cipher.usedBits() is 0 , the socket says: "Unknown error" and the list of SSL errors contains 0 items. log_kmanagersieve: "session1" TLS negotiation done. log_kmanagersieve: "session1" TLS negotiation done, m_state= 2 log_kmanagersieve: Initial SSL handshake failed. cipher.isNull() is true , cipher.usedBits() is 0 , the socket says: "Unknown error" and the list of SSL errors contains 0 items. log_kmanagersieve: "session1" TLS negotiation done. log_kmanagersieve: "session1" TLS negotiation done, m_state= 2 It looks like we have several problems here. - First of all is probably wrong interprets a username from the imap, so instead of "al...@test.com" we getting "alice%40test@mail-01.test.com" - Second one, that "SessionThread::doStartSsl()" fails I can make a email account to a KDE developer if it helps to debug. -- You are receiving this mail because: You are watching all bug changes.
[kmail2] [Bug 311990] Problem connetcing to dovecot-managesieve with STARTTLS and auth=CRAM-MD5 /LOGIN
https://bugs.kde.org/show_bug.cgi?id=311990 Nikolay Brooksteinchanged: What|Removed |Added CC||nikolay.brookstein@nextnetw ||orks.eu --- Comment #15 from Nikolay Brookstein --- KMail 5.3.3 Kolab 16 server with TLS/STARRTLS log on the server side: Dez 19 23:29:51 test.com sieve[7287]: inittls: Loading hard-coded DH parameters Dez 19 23:29:51 test.com sieve[7287]: STARTTLS failed Dez 19 23:29:51 test.com sieve[7287]: Lost connection to client -- exiting problem still persists! -- You are receiving this mail because: You are watching all bug changes.
[kmail2] [Bug 311990] Problem connetcing to dovecot-managesieve with STARTTLS and auth=CRAM-MD5 /LOGIN
https://bugs.kde.org/show_bug.cgi?id=311990 Nikolay Brooksteinchanged: What|Removed |Added Ever confirmed|0 |1 Status|UNCONFIRMED |CONFIRMED --- Comment #14 from Nikolay Brookstein --- *** This bug has been confirmed by popular vote. *** -- You are receiving this mail because: You are watching all bug changes.
[kmail2] [Bug 311990] Problem connetcing to dovecot-managesieve with STARTTLS and auth=CRAM-MD5 /LOGIN
https://bugs.kde.org/show_bug.cgi?id=311990 Alex Potterchanged: What|Removed |Added CC||a...@alepot.org --- Comment #12 from Alex Potter --- Created attachment 97927 --> https://bugs.kde.org/attachment.cgi?id=97927=edit Screenshot of kmail sieve manager dialog This bug exists on KMail 5.0.2 on Kubuntu 15.10 AMD 64. The login to sieve succeeds, data is returned, but is inaccessible to kmail, as can be seen in the attached screenshot -- You are receiving this mail because: You are watching all bug changes.
[kmail2] [Bug 311990] Problem connetcing to dovecot-managesieve with STARTTLS and auth=CRAM-MD5 /LOGIN
https://bugs.kde.org/show_bug.cgi?id=311990 --- Comment #13 from Alex Potter--- Version here is 15.08.2-0ubuntu1 -- You are receiving this mail because: You are watching all bug changes.