[prev in list] [next in list] [prev in thread] [next in thread] 

List:       kmail-devel
Subject:    2nd: XYMPKI Authentication (Yahoo!) Support
From:       Joerg Lehrke <jlehrke () noc ! de>
Date:       2008-04-29 14:19:22
Message-ID: 200804291619.22500.jlehrke () noc ! de
[Download RAW message or body]

There are circumstances when Yahoo asks for a second cookie. To provide this I 
used the password field. Again you should paste the iPhone output here. The 
updated patch is attached. The communication looks like the following trace 
(the second cookie is not used for every access):

S:   * OK IMAP4rev1 server ready (3.5.23.2)
C:  1 CAPABILITY
S:  * CAPABILITY IMAP4rev1 LOGIN-REFERRALS AUTH=XYMCOOKIE AUTH=XYMCOOKIEB64 
AUTH=XYMPKI ID
S:  1 OK CAPABILITY completed
C:  2 AUTHENTICATE XYMPKI
S:  +
C:  MAGIC-COOKIE1
S: +
C: MAGIC-COOKIE2
S:  2 OK AUTHENTICATE completed
C:  3 LIST "" "*"

	Cheers,
         J"org
-- 
Joerg Lehrke   GnuPG-KeyID: C66844AC     Pi-BI: 2593079121
The Knoc  http://k.noc.de/         GNU -- Protect your freedom!

["kmail-XYMPKI2.patch" (text/x-diff)]

--- ./kioslaves/imap4/imapparser.cc.yahoo-imap	2008-02-13 10:39:38.000000000 +0100
+++ ./kioslaves/imap4/imapparser.cc	2008-04-29 15:35:24.000000000 +0200
@@ -215,6 +215,51 @@
 #endif
 
 bool
+imapParser::yahooAuthenticate ( KIO::SlaveBase *slave, KIO::AuthInfo &ai,
+  const QString & aCookie1, const QString & aCookie2, const QString & aAuth, bool \
isSSL, QString & resultInfo) +{
+  imapCommand *cmd;
+  bool retVal = false;
+  bool secondCookie = false;
+
+  // see if server supports this authenticator
+  if (!hasCapability ("AUTH=" + aAuth))
+    return false;
+
+  cmd = sendCommand (new imapCommand ("AUTHENTICATE", aAuth));
+
+  while ( true )
+  {
+    //read the next line
+    while (parseLoop() == 0);
+    if ( cmd->isComplete() ) break;
+
+    if (!continuation.isEmpty())
+    {
+      if (!secondCookie)
+      {
+	parseWriteLine (aCookie1);
+	secondCookie = true;
+      } else {
+	parseWriteLine (aCookie2);
+      }
+      continuation.resize(0);
+    } else
+      return retVal;
+  }
+
+  if (cmd->result () == "OK")
+  {
+    currentState = ISTATE_LOGIN;
+    retVal = true;
+  }
+  resultInfo = cmd->resultInfo();
+  completeQueue.removeRef (cmd);
+
+  return retVal;
+}
+
+bool
 imapParser::clientAuthenticate ( KIO::SlaveBase *slave, KIO::AuthInfo &ai,
   const QString & aFQDN, const QString & aAuth, bool isSSL, QString & resultInfo)
 {
--- ./kioslaves/imap4/README.yahoo-imap	2005-09-10 10:24:05.000000000 +0200
+++ ./kioslaves/imap4/README	2008-04-18 22:54:40.000000000 +0200
@@ -1,8 +1,8 @@
 This is s.carstens@gmx.de release of KDE 2.0 kioslave
 for the IMAP protocol.
 
-It supports LOGIN, AUTHENTICATE LOGIN, AUTHENTICATE ANONYMOUS and
-AUTHENTICATE CRAM-MD5.
+It supports LOGIN, AUTHENTICATE LOGIN, AUTHENTICATE ANONYMOUS,
+AUTHENTICATE CRAM-MD5 and AUTHETICATE XYMPKI (Yahoo!)
 It supports the rfc2192 URL naming convention.
 
 - UIDVALIDITY check is conditional
--- ./kioslaves/imap4/imap4.cc.yahoo-imap	2008-02-13 10:39:38.000000000 +0100
+++ ./kioslaves/imap4/imap4.cc	2008-04-29 15:00:34.000000000 +0200
@@ -2135,6 +2135,7 @@
     }
     else
     {
+      if (!yahooAuthenticate (this, authInfo, myUser, myPass, myAuth, mySSL, \
resultInfo)) {  #ifdef HAVE_LIBSASL2
       if (!clientAuthenticate (this, authInfo, myHost, myAuth, mySSL, resultInfo))
         error(KIO::ERR_COULD_NOT_AUTHENTICATE, i18n("Unable to authenticate via \
%1.\n" @@ -2146,6 +2147,7 @@
 #else
       error(KIO::ERR_COULD_NOT_LOGIN, i18n("SASL authentication is not compiled into \
kio_imap4."));  #endif
+      }
     }
     if ( hasCapability("NAMESPACE") )
     {
--- ./kioslaves/imap4/imapparser.h.yahoo-imap	2008-02-13 10:39:38.000000000 +0100
+++ ./kioslaves/imap4/imapparser.h	2008-04-29 15:01:38.000000000 +0200
@@ -244,6 +244,9 @@
    * @param resultInfo The resultinfo from the command
    * @return success or failure
    */
+  bool yahooAuthenticate (KIO::SlaveBase *slave, KIO::AuthInfo &ai, const QString & \
aCookie1, const QString & aCookie2, +    const QString & aAuth, bool isSSL, QString & \
resultInfo); +
   bool clientAuthenticate (KIO::SlaveBase *slave, KIO::AuthInfo &ai, const QString & \
aFQDN,  const QString & aAuth, bool isSSL, QString & resultInfo);
 
--- ./kmail/accountdialog.h.yahoo-imap	2008-02-13 10:39:38.000000000 +0100
+++ ./kmail/accountdialog.h	2008-04-18 22:54:40.000000000 +0200
@@ -195,6 +195,7 @@
       QRadioButton *authCramMd5;
       QRadioButton *authDigestMd5;
       QRadioButton *authGSSAPI;
+      QRadioButton *authXYMPKI;
       QRadioButton *authNTLM;
       QRadioButton *authAnonymous;
       QPushButton  *checkCapabilities;
@@ -289,6 +290,7 @@
       STARTTLS   = 512, // TLS for IMAP
       GSSAPI     = 1024,
       NTLM       = 2048,
+      XYMPKI     = 4096, // Yahoo!
       AllCapa    = 0xffffffff
     };
     unsigned int mCurCapa;
--- ./kmail/accountdialog.cpp.yahoo-imap	2008-02-13 10:39:37.000000000 +0100
+++ ./kmail/accountdialog.cpp	2008-04-18 22:54:40.000000000 +0200
@@ -1121,6 +1121,7 @@
   mImap.authNTLM = new QRadioButton( i18n("&NTLM"), mImap.authGroup );
   mImap.authGSSAPI = new QRadioButton( i18n("&GSSAPI"), mImap.authGroup );
   mImap.authAnonymous = new QRadioButton( i18n("&Anonymous"), mImap.authGroup );
+  mImap.authXYMPKI = new QRadioButton( i18n("&XYMPKI"), mImap.authGroup );
   vlay->addWidget( mImap.authGroup );
 
   vlay->addStretch();
@@ -1291,6 +1292,8 @@
       mImap.authNTLM->setChecked( true );
     else if (ai.auth() == "GSSAPI")
       mImap.authGSSAPI->setChecked( true );
+    else if (ai.auth() == "XYMPKI")
+      mImap.authXYMPKI->setChecked( true );
     else if (ai.auth() == "ANONYMOUS")
       mImap.authAnonymous->setChecked( true );
     else if (ai.auth() == "PLAIN")
@@ -1342,7 +1345,9 @@
     else if (ai.auth() == "NTLM")
       mImap.authNTLM->setChecked( true );
     else if (ai.auth() == "ANONYMOUS")
-      mImap.authAnonymous->setChecked( true );
+      mImap.authNTLM->setChecked( true );
+    else if (ai.auth() == "XYMPKI")
+      mImap.authXYMPKI->setChecked( true );
     else if (ai.auth() == "PLAIN")
       mImap.authPlain->setChecked( true );
     else if (ai.auth() == "LOGIN")
@@ -1699,6 +1704,8 @@
       capa |= NTLM;
     else if ( cur == "AUTH=GSSAPI" )
       capa |= GSSAPI;
+    else if ( cur == "AUTH=XYMPKI" )
+      capa |= XYMPKI;
     else if ( cur == "AUTH=ANONYMOUS" )
       capa |= Anonymous;
     else if ( cur == "STARTTLS" )
@@ -1757,6 +1764,7 @@
   mImap.authNTLM->setEnabled( capa & NTLM );
   mImap.authGSSAPI->setEnabled( capa & GSSAPI );
   mImap.authAnonymous->setEnabled( capa & Anonymous );
+  mImap.authXYMPKI->setEnabled( capa & XYMPKI );
 }
 
 
@@ -2233,6 +2241,8 @@
       na.setAuth("NTLM");
     else if (mImap.authGSSAPI->isChecked())
       na.setAuth("GSSAPI");
+    else if (mImap.authXYMPKI->isChecked())
+      na.setAuth("XYMPKI");
     else if (mImap.authAnonymous->isChecked())
       na.setAuth("ANONYMOUS");
     else if (mImap.authLogin->isChecked())



_______________________________________________
KMail developers mailing list
KMail-devel@kde.org
https://mail.kde.org/mailman/listinfo/kmail-devel


[prev in list] [next in list] [prev in thread] [next in thread]

Configure | About | News | Add a list | Sponsored by KoreLogic