Bug 87459 - Squirrlemail cannot login to uw-imap-2002b-5 by default
Squirrlemail cannot login to uw-imap-2002b-5 by default
Status: CLOSED CURRENTRELEASE
Product: Red Hat Raw Hide
Classification: Retired
Component: squirrelmail (Show other bugs)
1.0
noarch Linux
medium Severity medium
: ---
: ---
Assigned To: Gary Benson
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2003-03-26 22:04 EST by Rick Johnson
Modified: 2007-04-18 12:52 EDT (History)
0 users

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2004-01-08 06:08:56 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Rick Johnson 2003-03-26 22:04:12 EST
From Bugzilla Helper:
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0; YComp 5.0.0.0)

Description of problem:
Latest RawHide imap-2002b-5 doesn't allow "LOGIN" authentication method by 
default. This breaks SquirrleMail since it relies on plaintext LOGIN method. 
SquirrelMail at present only supports using stunnel for IMAPS implementation.

Version-Release number of selected component (if applicable):
1.2.10-4

How reproducible:
Always

Steps to Reproduce:
1. Install Squirrlemail 1.2.10-4
2. Install imap-2002b-5
3. Login to imap server via Squirrlemail.
    

Actual Results:  Login rejected - Squirrlemail doesn't support STARTTLS or 
alternate Plaintext Login methods

Expected Results:  Successful login.

Additional info:

Changing IMAP to use SSLTYPE=unix instead of SSLTYPE=unix.nopwd via spec fixes 
the issue (but breaks IESG security requirement of disabling plaintext w/o 
STARTTLS)

Filing here because the imap change is "better" as long as SquirrelMail is 
capable of using STARTTLS or an alternate login method.
Comment 1 Rick Johnson 2003-04-03 17:47:35 EST
Squirrelmail 1.4.0 when combined with PHP 4.3.0 or higher will support TLS
authentication.

Note You need to log in before you can comment on or make changes to this bug.