Opened 9 years ago

Closed 9 years ago

#61 closed defect (invalid)

IMAP PROXY - 64bit - an incorrect login username reaches the destination server

Reported by: www.google.com/accounts/o8/id?id=AItOawlepElWkquQHoeFRD0APkXWy1ALz-VeTR4 Owned by: somebody
Priority: minor Milestone:
Component: nginx-core Version: 1.0.x
Keywords: imap, mail Cc: lahavs@…
uname -a: [root@lb-1 ~]# uname -a
Linux x.y.z.co 2.6.21.7-2.fc8xen #1 SMP Fri Feb 15 12:39:36 EST 2008 i686 i686 i386 GNU/Linux
(It's CentOS release 5.7 (Final))
nginx -V: [root@lb-1 ~]# /usr/local/nginx/sbin/nginx -V
nginx: nginx version: nginx/1.0.10
nginx: built by gcc 4.1.2 20080704 (Red Hat 4.1.2-51)
nginx: TLS SNI support disabled
nginx: configure arguments: --with-mail --with-mail_ssl_module

Description

Steps to reproduce:

  • set up an IMAP proxy server
  • connect to the server and do a LOGIN

Result:

  • the IMAP "LOGIN" request reaches the destination server, but modified as follows:

Instead of

"A1 LOGIN georgianai pass\r\n"

We get

"A1 LOGIN {10}\r\n"

(between the brackets it's the length of the username)

nginx.conf:

[...]
mail {

auth_http mac:80/nginx-auth/mail-auth.php ;
imap_capabilities "IMAP4rev1" "UIDPLUS";
server {

listen 143;
listen 1430;
protocol imap;
proxy on;

}

}

This is the mail-auth.php script response (the username looks ok):

HTTP/1.1 200 OK
Server: nginx/1.0.8
Date: Mon, 28 Nov 2011 05:45:13 GMT
Content-Type: text/html
Connection: close
X-Powered-By: PHP/5.1.6
Auth-Status: OK
Auth-Server: 10.48.177.131
Auth-Port: 1430
Auth-User: georgianai
Auth-Pass: geopass

Kind regards,
Georgiana Iancu
Software Engineer at Emindsys LTD.

Change History (1)

comment:1 by Maxim Dounin, 9 years ago

Resolution: invalid
Status: newclosed

This is literal form of string, see http://tools.ietf.org/html/rfc3501#section-4.3.

Note: See TracTickets for help on using tickets.