Problems with imap proxy sending invalid username
Pat
nginx at brokenwatch.net
Wed Jul 14 19:19:43 MSD 2010
On 7/14/2010 10:07 AM, Maxim Dounin wrote:
>
> This isn't what nginx normally logs, looks like you added this
> logging yourself, right? You did it wrong - this string contains
> only 16 bytes ("a001 LOGIN {8}" CRLF).
>
>
Yes it is. Sorry, I didn't look around too much just used a debug
function in the same file. I was just trying to confirm if my tcpdump
output was correct. No other modifications were made besides some calls
to that same function.
>> 2010/07/14 09:03:42 [debug] 22837#0: *4 send: fd:8 16 of 16
>> 2010/07/14 09:03:42 [debug] 22837#0: *4 mail proxy dummy handler
>>
>> 2010/07/14 09:03:42 [debug] 22837#0: *4 mail proxy imap auth handler
>> 2010/07/14 09:03:42 [debug] 22837#0: *4 recv: fd:8 23 of 4096
>> 2010/07/14 09:03:42 [error] 22837#0: *4 upstream sent invalid
>> response: "a001 NO Login failed." while reading response from
>> upstream, client: 10.2.5.60, server: 0.0.0.0:143, login: "trashcan",
>> upstream: 10.0.7.134:143
>>
> Here we see that your backend replied "NO Login failed." right
> after it got initial "a001 LOGIN {8}" CRLF string. Expected reply
> is command continuation request.
>
> Looks like your backend just doesn't support IMAP4rev1, at least
> not string literals. See RFC 3501 for details.
>
> Maxim Dounin
>
Oh OK, I didn't recognize that it was a command continuation request, I
thought it was perhaps some kind of error in how I compiled nginx, and
it was not escaping its strings correctly. Unfortunately my auth backend
does not support this, is there any way I can send the login
immediately? After the login it will be a real imap server responding
which could handle command continuation requests for regular IMAP
commands (just not at LOGIN). At this particular stage it normally only
does either a cookie based login or a regular LOGIN username password.
Thank you for the fast response.
More information about the nginx
mailing list