52097 – bug in CRAM-MD5 authentication code

Bug 52097 - bug in CRAM-MD5 authentication code

Summary: bug in CRAM-MD5 authentication code

Keywords:
Status:	CLOSED RAWHIDE
Alias:	None
Product:	Red Hat Public Beta
Classification:	Retired
Component:	libesmtp
Sub Component:
Version:	roswell
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Bill Nottingham
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2001-08-20 15:01 UTC by Pawel Salek
Modified:	2014-03-17 02:22 UTC (History)
CC List:	1 user (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2001-08-20 19:23:11 UTC
Embargoed:

Attachments	(Terms of Use)

Description Pawel Salek 2001-08-20 15:01:42 UTC

Description of problem:
libesmtp-0.8.3 has a bug that makes CRAM-MD5 authentication code useless.
(only LOGIN works).

How reproducible:
Always

Steps to Reproduce:
1.run the test program from the examples directory and watch the output.
	

Actual Results:  CRAM-MD5 authentication fails even with the right password.

Expected Results:  Authentication should be successful.

Additional info:

This has been acknowledged by the libesmtp's developer Brian Stafford. He
released fixed libesmtp-0.8.4 right away.
See libesmtp-0.8.4 changelog for more details.

Comment 1 Glen Foster 2001-08-20 19:23:05 UTC

We (Red Hat) should really try to fix this before next release.

Comment 2 Bill Nottingham 2001-08-20 19:27:03 UTC

Fixed in 0.8.4-1; thanks for the report!

Note You need to log in before you can comment on or make changes to this bug.