[kmail2] [Bug 311990] Problem connetcing to dovecot-managesieve with STARTTLS and auth=CRAM-MD5 /LOGIN
https://bugs.kde.org/show_bug.cgi?id=311990 --- Comment #24 from aeris --- Ok, here is the root cause: https://github.com/KDE/libksieve/blob/master/src/kmanagesieve/session.cpp#L171 With CRAM-MD5, the challenge is on the `response.key()`, not on the `data` field, which is here empty. Don't know how to fix this without breaking other auth type… -- You are receiving this mail because: You are on the CC list for the bug. You are the assignee for the bug.
[kmail2] [Bug 311990] Problem connetcing to dovecot-managesieve with STARTTLS and auth=CRAM-MD5 /LOGIN
https://bugs.kde.org/show_bug.cgi?id=311990 --- Comment #23 from aeris --- Trouble is here: https://github.com/KDE/libksieve/blob/master/src/kmanagesieve/sessionthread.cpp#L265-L266 Seems strange, the challenge is expected to be read *before* the AUTHENTICATE command… -- You are receiving this mail because: You are the assignee for the bug. You are on the CC list for the bug.
[kmail2] [Bug 311990] Problem connetcing to dovecot-managesieve with STARTTLS and auth=CRAM-MD5 /LOGIN
https://bugs.kde.org/show_bug.cgi?id=311990 --- Comment #22 from aeris --- Seems the used challenge is empty string ./gen-auth.pl CRAM-MD5 "aeris" "$PASS" "" YWVyaXMgMTliMTYxYjNkMGI4YWY3OGRlNjkwNDFkNWQ4Zm= Which is the same as the always sent token in my case -- You are receiving this mail because: You are the assignee for the bug. You are on the CC list for the bug.
[kmail2] [Bug 311990] Problem connetcing to dovecot-managesieve with STARTTLS and auth=CRAM-MD5 /LOGIN
https://bugs.kde.org/show_bug.cgi?id=311990 aeris changed: What|Removed |Added CC||ae...@imirhil.fr --- Comment #21 from aeris --- Same here. When debugging, I notice the returned CRAM-MD5 is always the same, whatever the challenge the server send. Aug 15 10:10:49 kamino dovecot[25805]: auth: Debug: client passdb out: CONT 1PDE2MzYzMDkzMDA4MTM5MTYuMTU2NTg2Mzg0OUBrYW1pbm8+ Aug 15 10:10:49 kamino dovecot[25805]: auth: Debug: client in: CONT1 YWVyaXMgMTliMTYxYjNkMGI4YWY3OGRlNjkwNDFkNWQ4Zm= (previous base64 data may contain sensitive data) Aug 15 10:11:00 kamino dovecot[25805]: auth: Debug: client passdb out: CONT 1PDU3NjA0MjQyNTkyMzAwMzEuMTU2NTg2Mzg2MEBrYW1pbm8+ Aug 15 10:11:00 kamino dovecot[25805]: auth: Debug: client in: CONT1 YWVyaXMgMTliMTYxYjNkMGI4YWY3OGRlNjkwNDFkNWQ4Zm= (previous base64 data may contain sensitive data) Notice the 2 challenges PDE2MzYzMDkzMDA4MTM5MTYuMTU2NTg2Mzg0OUBrYW1pbm8+ and PDU3NjA0MjQyNTkyMzAwMzEuMTU2NTg2Mzg2MEBrYW1pbm8+, but the same response YWVyaXMgMTliMTYxYjNkMGI4YWY3OGRlNjkwNDFkNWQ4Zm -- You are receiving this mail because: You are the assignee for the bug. You are on the CC list for the bug.
[kmail2] [Bug 311990] Problem connetcing to dovecot-managesieve with STARTTLS and auth=CRAM-MD5 /LOGIN
https://bugs.kde.org/show_bug.cgi?id=311990 Michael Chalvatzis changed: What|Removed |Added Version|unspecified |5.7.3 CC||gly...@gmx.net --- Comment #20 from Michael Chalvatzis --- I still can confirm this bug and I hit this even with version 5.7.3 (included with kubuntu 18.04). When will there be a fix for this? My investigation shows, that the client response of the md5 challenge is wrong by kmail. Doing the steps manually works perfect. here some log entries of the (dovecot-)sieve server that shows the error: auth: Debug: client in: AUTH#0111#011CRAM-MD5#011service=sieve#011secured#011session=TJDeHydsngDAqLKz#011lip=192.168.xxx.xxx#011rip=192.168.xxx.xxx#011lport=4190#011rport=53662 auth: Debug: client passdb out: CONT#0111#011PDA0NDIzNjg4NDE3NTgzMDcuMTUyNjI5MDE3N0BtYXN0ZXJibGFzdGVyLmhvbW== auth: Debug: client in: CONT#0111#011Y2hhbHZhdHogMDE5YzU0MjcyOTM4MGFjNmVhMDkxMTg4YTU1Nzxxx= <-- this is wrong answer! recreating the challenge response manually produces a different output!! auth: Debug: passwd-file(username,192.168.xxx.xxx,): lookup: user=username file=/etc/dovecot/users auth: Debug: password(username,192.168.xxx.xxx,): Credentials: dx auth: cram-md5(username,192.168.xxx.xxx,): password mismatch auth: Debug: client passdb out: FAIL#0111#011user=username -- You are receiving this mail because: You are the assignee for the bug. You are on the CC list for the bug.
[kmail2] [Bug 311990] Problem connetcing to dovecot-managesieve with STARTTLS and auth=CRAM-MD5 /LOGIN
https://bugs.kde.org/show_bug.cgi?id=311990 Dennis Schridde changed: What|Removed |Added CC||devuran...@gmx.net -- You are receiving this mail because: You are on the CC list for the bug. You are the assignee for the bug.
[kmail2] [Bug 311990] Problem connetcing to dovecot-managesieve with STARTTLS and auth=CRAM-MD5 /LOGIN
https://bugs.kde.org/show_bug.cgi?id=311990 --- Comment #19 from Laurent Montel --- (In reply to Nikolay Brookstein from comment #18) > (In reply to Laurent Montel from comment #17) > > For sure I can't investigate this week (Christmas holidays for me) but > > indeed an account which can provide error will help me to investigate for > > sure. > > That would be great! > > Than I will create an account for you and send you login data. > Can I use your *@kde.org address for this? Yep mon...@kde.org > > Merry Christmas Thanks :) > > P.S. Probably the majority is busy with holidays && famirly && friends this > week :D > So I have expected that only after 1-2 weeks it will be possible to try to > find out what is going wrong here. -- You are receiving this mail because: You are on the CC list for the bug. You are the assignee for the bug.
[kmail2] [Bug 311990] Problem connetcing to dovecot-managesieve with STARTTLS and auth=CRAM-MD5 /LOGIN
https://bugs.kde.org/show_bug.cgi?id=311990 --- Comment #18 from Nikolay Brookstein --- (In reply to Laurent Montel from comment #17) > For sure I can't investigate this week (Christmas holidays for me) but > indeed an account which can provide error will help me to investigate for > sure. That would be great! Than I will create an account for you and send you login data. Can I use your *@kde.org address for this? Merry Christmas P.S. Probably the majority is busy with holidays && famirly && friends this week :D So I have expected that only after 1-2 weeks it will be possible to try to find out what is going wrong here. -- You are receiving this mail because: You are the assignee for the bug. You are on the CC list for the bug.
[kmail2] [Bug 311990] Problem connetcing to dovecot-managesieve with STARTTLS and auth=CRAM-MD5 /LOGIN
https://bugs.kde.org/show_bug.cgi?id=311990 --- Comment #17 from Laurent Montel --- For sure I can't investigate this week (Christmas holidays for me) but indeed an account which can provide error will help me to investigate for sure. -- You are receiving this mail because: You are the assignee for the bug. You are on the CC list for the bug.
[kmail2] [Bug 311990] Problem connetcing to dovecot-managesieve with STARTTLS and auth=CRAM-MD5 /LOGIN
https://bugs.kde.org/show_bug.cgi?id=311990 --- Comment #16 from Nikolay Brookstein --- Some logging from the kmail side: log_kmanagersieve: "session1" connect to host url: QUrl("sieve://alice%40test@mail-01.test.com:4190?x-mech=PLAIN") log_kmanagersieve: "session1" void KManageSieve::Session::scheduleJob(KManageSieve::SieveJob*) KManageSieve::SieveJob(0x5607dd4137e0) log_kmanagersieve: "session1" void KManageSieve::Session::killJob(KManageSieve::SieveJob*, KJob::KillVerbosity) KManageSieve::SieveJob(0x5607dd4137e0) log_kmanagersieve: "session1" void KManageSieve::Session::scheduleJob(KManageSieve::SieveJob*) KManageSieve::SieveJob(0x5607dd115640) log_kmanagersieve: S: "\"IMPLEMENTATION\" \"Cyrus timsieved 2.5.10-55-gb6dbffa-Kolab-2.5.10-6.1.el7.kolab_16\"" log_kmanagersieve: 1 "IMPLEMENTATION" "Cyrus timsieved 2.5.10-55-gb6dbffa-Kolab-2.5.10-6.1.el7.kolab_16" "" 0 log_kmanagersieve: S: "\"SASL\" \"\"" log_kmanagersieve: 1 "SASL" "" "" 0 log_kmanagersieve: "session1" Connected to Sieve server: "Cyrus timsieved 2.5.10-55-gb6dbffa-Kolab-2.5.10-6.1.el7.kolab_16" log_kmanagersieve: S: "\"SIEVE\" \"comparator-i;ascii-numeric fileinto reject vacation imapflags notify include envelope body relational regex subaddress copy date\"" log_kmanagersieve: "session1" Server SASL authentication methods: () log_kmanagersieve: 1 "SIEVE" "comparator-i;ascii-numeric fileinto reject vacation imapflags notify include envelope body relational regex subaddress copy date" "" 0 log_kmanagersieve: S: "\"STARTTLS\"" log_kmanagersieve: "session1" Server script capabilities: ("comparator-i;ascii-numeric", "fileinto", "reject", "vacation", "imapflags", "notify", "include", "envelope", "body", "relational", "regex", "subaddress", "copy", "date") log_kmanagersieve: 1 "STARTTLS" "" "" 0 log_kmanagersieve: S: "\"UNAUTHENTICATE\"" log_kmanagersieve: "session1" Server supports TLS log_kmanagersieve: 1 "UNAUTHENTICATE" "" "" 0 log_kmanagersieve: S: "OK" log_kmanagersieve: "session1" Unrecognised key "UNAUTHENTICATE" log_kmanagersieve: 2 "OK" "" "" 0 log_kmanagersieve: "session1" Sieve server ready & awaiting authentication. log_kmanagersieve: C: "STARTTLS" log_kmanagersieve: S: "OK \"Begin TLS negotiation now\"" log_kmanagersieve: 2 "OK \"Begin TLS negotiation now\"" "" "" 0 log_kmanagersieve: SessionThread::doStartSsl() log_kmanagersieve: void KManageSieve::SessionThread::slotSocketError() "Unknown error" log_kmanagersieve: "session1" No job for reporting this error message! "Could not connect to host Unknown error." log_kmanagersieve: Initial SSL handshake failed. cipher.isNull() is true , cipher.usedBits() is 0 , the socket says: "Unknown error" and the list of SSL errors contains 0 items. log_kmanagersieve: "session1" TLS negotiation done. log_kmanagersieve: "session1" TLS negotiation done, m_state= 2 log_kmanagersieve: Initial SSL handshake failed. cipher.isNull() is true , cipher.usedBits() is 0 , the socket says: "Unknown error" and the list of SSL errors contains 0 items. log_kmanagersieve: "session1" TLS negotiation done. log_kmanagersieve: "session1" TLS negotiation done, m_state= 2 It looks like we have several problems here. - First of all is probably wrong interprets a username from the imap, so instead of "al...@test.com" we getting "alice%40test@mail-01.test.com" - Second one, that "SessionThread::doStartSsl()" fails I can make a email account to a KDE developer if it helps to debug. -- You are receiving this mail because: You are on the CC list for the bug. You are the assignee for the bug.
[kmail2] [Bug 311990] Problem connetcing to dovecot-managesieve with STARTTLS and auth=CRAM-MD5 /LOGIN
https://bugs.kde.org/show_bug.cgi?id=311990 Nikolay Brookstein changed: What|Removed |Added CC||nikolay.brookstein@nextnetw ||orks.eu --- Comment #15 from Nikolay Brookstein --- KMail 5.3.3 Kolab 16 server with TLS/STARRTLS log on the server side: Dez 19 23:29:51 test.com sieve[7287]: inittls: Loading hard-coded DH parameters Dez 19 23:29:51 test.com sieve[7287]: STARTTLS failed Dez 19 23:29:51 test.com sieve[7287]: Lost connection to client -- exiting problem still persists! -- You are receiving this mail because: You are on the CC list for the bug. You are the assignee for the bug.
[kmail2] [Bug 311990] Problem connetcing to dovecot-managesieve with STARTTLS and auth=CRAM-MD5 /LOGIN
https://bugs.kde.org/show_bug.cgi?id=311990 Nikolay Brookstein changed: What|Removed |Added Ever confirmed|0 |1 Status|UNCONFIRMED |CONFIRMED --- Comment #14 from Nikolay Brookstein --- *** This bug has been confirmed by popular vote. *** -- You are receiving this mail because: You are the assignee for the bug. You are on the CC list for the bug.
[kmail2] [Bug 311990] Problem connetcing to dovecot-managesieve with STARTTLS and auth=CRAM-MD5 /LOGIN
https://bugs.kde.org/show_bug.cgi?id=311990 Alex Potter changed: What|Removed |Added CC||a...@alepot.org --- Comment #12 from Alex Potter --- Created attachment 97927 --> https://bugs.kde.org/attachment.cgi?id=97927&action=edit Screenshot of kmail sieve manager dialog This bug exists on KMail 5.0.2 on Kubuntu 15.10 AMD 64. The login to sieve succeeds, data is returned, but is inaccessible to kmail, as can be seen in the attached screenshot -- You are receiving this mail because: You are the assignee for the bug. You are on the CC list for the bug. ___ Kdepim-bugs mailing list Kdepim-bugs@kde.org https://mail.kde.org/mailman/listinfo/kdepim-bugs
[kmail2] [Bug 311990] Problem connetcing to dovecot-managesieve with STARTTLS and auth=CRAM-MD5 /LOGIN
https://bugs.kde.org/show_bug.cgi?id=311990 --- Comment #13 from Alex Potter --- Version here is 15.08.2-0ubuntu1 -- You are receiving this mail because: You are on the CC list for the bug. You are the assignee for the bug. ___ Kdepim-bugs mailing list Kdepim-bugs@kde.org https://mail.kde.org/mailman/listinfo/kdepim-bugs
[kmail2] [Bug 311990] Problem connetcing to dovecot-managesieve with STARTTLS and auth=CRAM-MD5 /LOGIN
https://bugs.kde.org/show_bug.cgi?id=311990 alex changed: What|Removed |Added CC||jus...@gmx.de --- Comment #11 from alex --- Confirmed the bug still exists: Qt: 4.8.6 KDE: 4.14.3 KMail: 4.14.3 So switching from LOGIN to PLAIN worked for me. -- You are receiving this mail because: You are on the CC list for the bug. You are the assignee for the bug. ___ Kdepim-bugs mailing list Kdepim-bugs@kde.org https://mail.kde.org/mailman/listinfo/kdepim-bugs
[kmail2] [Bug 311990] Problem connetcing to dovecot-managesieve with STARTTLS and auth=CRAM-MD5 /LOGIN
https://bugs.kde.org/show_bug.cgi?id=311990 kdeb...@signup.servebeer.com changed: What|Removed |Added CC||kdeb...@signup.servebeer.co ||m --- Comment #10 from kdeb...@signup.servebeer.com --- Looks like it's still around in KMail 4.14.1. A long week! -- You are receiving this mail because: You are on the CC list for the bug. You are the assignee for the bug. ___ Kdepim-bugs mailing list Kdepim-bugs@kde.org https://mail.kde.org/mailman/listinfo/kdepim-bugs
[kmail2] [Bug 311990] Problem connetcing to dovecot-managesieve with STARTTLS and auth=CRAM-MD5 /LOGIN
https://bugs.kde.org/show_bug.cgi?id=311990 Nigel Kukard changed: What|Removed |Added CC||nkuk...@lbsd.net --- Comment #9 from Nigel Kukard --- Seems I've ended up with exactly the same problem. 1. I have a password file dovecot auth, the password entry is CRAM-MD5 2. dovecot settings disable_plaintext_auth = yes auth_mechanisms = cram-md5 3. kmail is set to "use host and login configuration" on port 4190 IMAP authentication works without a hitch, however sieve gets an authentication error... Oct 19 19:43:35 gbr dovecot: managesieve-login: Disconnected (auth failed, 1 attempts in 3 secs): user=, method=CRAM-MD5, rip=105.x.x.x, lip=217.x.x.x, TLS: Disconnected, session= -- You are receiving this mail because: You are the assignee for the bug. You are on the CC list for the bug. ___ Kdepim-bugs mailing list Kdepim-bugs@kde.org https://mail.kde.org/mailman/listinfo/kdepim-bugs
[kmail2] [Bug 311990] Problem connetcing to dovecot-managesieve with STARTTLS and auth=CRAM-MD5 /LOGIN
https://bugs.kde.org/show_bug.cgi?id=311990 --- Comment #8 from Laurent Montel --- It's possible :) Not sure that I fix it this week but yes please (in private of course) -- You are receiving this mail because: You are on the CC list for the bug. You are the assignee for the bug. ___ Kdepim-bugs mailing list Kdepim-bugs@kde.org https://mail.kde.org/mailman/listinfo/kdepim-bugs
[kmail2] [Bug 311990] Problem connetcing to dovecot-managesieve with STARTTLS and auth=CRAM-MD5 /LOGIN
https://bugs.kde.org/show_bug.cgi?id=311990 --- Comment #7 from regi.h...@gmx.net --- (In reply to comment #6) > Ok but I can't test... > need a server for it. I can give you an account on my server if you like. -- You are receiving this mail because: You are on the CC list for the bug. You are the assignee for the bug. ___ Kdepim-bugs mailing list Kdepim-bugs@kde.org https://mail.kde.org/mailman/listinfo/kdepim-bugs
[kmail2] [Bug 311990] Problem connetcing to dovecot-managesieve with STARTTLS and auth=CRAM-MD5 /LOGIN
https://bugs.kde.org/show_bug.cgi?id=311990 --- Comment #6 from Laurent Montel --- Ok but I can't test... need a server for it. -- You are receiving this mail because: You are on the CC list for the bug. You are the assignee for the bug. ___ Kdepim-bugs mailing list Kdepim-bugs@kde.org https://mail.kde.org/mailman/listinfo/kdepim-bugs
[kmail2] [Bug 311990] Problem connetcing to dovecot-managesieve with STARTTLS and auth=CRAM-MD5 /LOGIN
https://bugs.kde.org/show_bug.cgi?id=311990 Daniel Vrátil changed: What|Removed |Added CC||dvra...@redhat.com Component|IMAP resource |sieve Version|4.9 |unspecified Assignee|er...@kde.org |kdepim-bugs@kde.org Product|Akonadi |kmail2 -- You are receiving this mail because: You are on the CC list for the bug. You are the assignee for the bug. ___ Kdepim-bugs mailing list Kdepim-bugs@kde.org https://mail.kde.org/mailman/listinfo/kdepim-bugs