Re: [Mutt] #2117: smtp patch does not tell you when your password
#2117: smtp patch does not tell you when your password is incorrect
Changes (by brendan):
* owner: mutt-dev => brendan
* milestone: => 1.6
Old description:
> {{{
> if you mis-stype your SMTP password, mutt will respond with an error that
> "No authenticators [were] available", which is not the case.
>
> Here is the debug from both sides:
>
> mx_close_message (): unlinking /tmp/mutt-little-laptop-501-29795-6
> send.c:967: mutt_mktemp returns "/tmp/mutt-little-laptop-501-29795-7".
> ssl_check_certificate: signer check passed
> < 220 lazy.spodder.com ESMTP Postfix
> > EHLO eatyourpets.com
> < 250-lazy.spodder.com
> < 250-PIPELINING
> < 250-SIZE 10240000
> < 250-ETRN
> < 250-AUTH PLAIN DIGEST-MD5 CRAM-MD5
> < 250-AUTH=PLAIN DIGEST-MD5 CRAM-MD5
> < 250 8BITMIME
> smtp_authenticate: Trying method plain
> local ip: 10.0.1.3;59557, remote ip:72.21.56.27;465
> External SSF: 256
> External authentication name: charlie
> mutt_sasl_cb_authname: getting authname for mail.eatyourpets.com:465
> mutt_sasl_cb_authname: getting user for mail.eatyourpets.com:465
> mutt_sasl_cb_pass: getting password for charlie@xxxxxxxxxxxxxxxxxxxx:465
> > AUTH PLAIN Y2hhcmxpZQBjaGFybGllAGJvb3R5
> < 535 Error: authentication failed
> smtp_auth_sasl: PLAIN failed
> No authenticators available
> mutt_free_body: Unlinking /tmp/mutt-little-laptop-501-29795-3.
>
> and from the MTA side:
> Oct 21 21:47:46 lazy postfix/smtpd[26056]: connect from
> 220-253-43-125.VIC.netsp
> ace.net.au[220.253.43.125]
> Oct 21 21:47:54 lazy postfix/smtpd[26056]: warning: SASL authentication
> failure:
> Password verification failed
> Oct 21 21:47:54 lazy postfix/smtpd[26056]: warning:
> 220-253-43-125.VIC.netspace.
> net.au[220.253.43.125]: SASL PLAIN authentication failed
> Oct 21 21:47:55 lazy postfix/smtpd[26056]: lost connection after AUTH
> from 220-2
> 53-43-125.VIC.netspace.net.au[220.253.43.125]
> Oct 21 21:47:55 lazy postfix/smtpd[26056]: disconnect from
> 220-253-43-125.VIC.ne
> tspace.net.au[220.253.43.125]
>
> It seems the smtp.patch could use the "535" error code to pick up on an
> authentication failure, rather than a lack of authentication mechanism?
>
> It seems mutt can internally check it's authenticators to really report
> if there are no authenticators:
>
> ssl_check_certificate: signer check passed
> < 220 lazy.spodder.com ESMTP Postfix
> > EHLO eatyourpets.com
> < 250-lazy.spodder.com
> < 250-PIPELINING
> < 250-SIZE 10240000
> < 250-ETRN
> < 250-AUTH PLAIN DIGEST-MD5 CRAM-MD5
> < 250-AUTH=PLAIN DIGEST-MD5 CRAM-MD5
> < 250 8BITMIME
> smtp_authenticate: Trying method gssapi
> local ip: 10.0.1.3;59564, remote ip:72.21.56.27;465
> External SSF: 256
> External authentication name: charlie
> mutt_sasl_cb_authname: getting user for mail.eatyourpets.com:465
> SASL: GSSAPI Error: Miscellaneous failure (No credentials cache found)
> smtp_auth_sasl: GSSAPI unavailable
> No authenticators available
> mutt_free_body: Unlinking /tmp/mutt-little-laptop-501-29929-4.
> >How-To-Repeat:
> on the prompt for SMTP password, enter a bogus password, and watch it
> return "No Authenticators available". I should return "bad password" or
> whatever the string is.
> >Fix:
> Unknown
> }}}
New description:
{{{
if you mis-stype your SMTP password, mutt will respond with an error that
"No authenticators [were] available", which is not the case.
Here is the debug from both sides:
mx_close_message (): unlinking /tmp/mutt-little-laptop-501-29795-6
send.c:967: mutt_mktemp returns "/tmp/mutt-little-laptop-501-29795-7".
ssl_check_certificate: signer check passed
< 220 lazy.spodder.com ESMTP Postfix
> EHLO eatyourpets.com
< 250-lazy.spodder.com
< 250-PIPELINING
< 250-SIZE 10240000
< 250-ETRN
< 250-AUTH PLAIN DIGEST-MD5 CRAM-MD5
< 250-AUTH=PLAIN DIGEST-MD5 CRAM-MD5
< 250 8BITMIME
smtp_authenticate: Trying method plain
local ip: 10.0.1.3;59557, remote ip:72.21.56.27;465
External SSF: 256
External authentication name: charlie
mutt_sasl_cb_authname: getting authname for mail.eatyourpets.com:465
mutt_sasl_cb_authname: getting user for mail.eatyourpets.com:465
mutt_sasl_cb_pass: getting password for charlie@xxxxxxxxxxxxxxxxxxxx:465
> AUTH PLAIN Y2hhcmxpZQBjaGFybGllAGJvb3R5
< 535 Error: authentication failed
smtp_auth_sasl: PLAIN failed
No authenticators available
mutt_free_body: Unlinking /tmp/mutt-little-laptop-501-29795-3.
and from the MTA side:
Oct 21 21:47:46 lazy postfix/smtpd[26056]: connect from
220-253-43-125.VIC.netsp
ace.net.au[220.253.43.125]
Oct 21 21:47:54 lazy postfix/smtpd[26056]: warning: SASL authentication
failure:
Password verification failed
Oct 21 21:47:54 lazy postfix/smtpd[26056]: warning:
220-253-43-125.VIC.netspace.
net.au[220.253.43.125]: SASL PLAIN authentication failed
Oct 21 21:47:55 lazy postfix/smtpd[26056]: lost connection after AUTH from
220-2
53-43-125.VIC.netspace.net.au[220.253.43.125]
Oct 21 21:47:55 lazy postfix/smtpd[26056]: disconnect from
220-253-43-125.VIC.ne
tspace.net.au[220.253.43.125]
It seems the smtp.patch could use the "535" error code to pick up on an
authentication failure, rather than a lack of authentication mechanism?
It seems mutt can internally check it's authenticators to really report if
there are no authenticators:
ssl_check_certificate: signer check passed
< 220 lazy.spodder.com ESMTP Postfix
> EHLO eatyourpets.com
< 250-lazy.spodder.com
< 250-PIPELINING
< 250-SIZE 10240000
< 250-ETRN
< 250-AUTH PLAIN DIGEST-MD5 CRAM-MD5
< 250-AUTH=PLAIN DIGEST-MD5 CRAM-MD5
< 250 8BITMIME
smtp_authenticate: Trying method gssapi
local ip: 10.0.1.3;59564, remote ip:72.21.56.27;465
External SSF: 256
External authentication name: charlie
mutt_sasl_cb_authname: getting user for mail.eatyourpets.com:465
SASL: GSSAPI Error: Miscellaneous failure (No credentials cache found)
smtp_auth_sasl: GSSAPI unavailable
No authenticators available
mutt_free_body: Unlinking /tmp/mutt-little-laptop-501-29929-4.
>How-To-Repeat:
on the prompt for SMTP password, enter a bogus password, and watch it
return "No Authenticators available". I should return "bad password" or
whatever the string is.
>Fix:
Unknown
}}}
--
Ticket URL: <http://dev.mutt.org/trac/ticket/2117#comment:1>