Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

🔒 Cancel SASL authentication after client-side exceptions #310

Open
nevans opened this issue Jul 14, 2024 · 0 comments
Open

🔒 Cancel SASL authentication after client-side exceptions #310

nevans opened this issue Jul 14, 2024 · 0 comments
Labels
IMAP4rev1 Requirement for IMAP4rev1, RFC3501 IMAP4rev2 Requirement for IMAP4rev2, RFC9051 SASL 🔒 Authentication and authentication mechanisms
Milestone
v0.6

Comments

@nevans
Copy link
Collaborator

nevans commented Jul 14, 2024
edited
Loading

From RFC9051 6.2.2

If the client wishes to cancel an authentication exchange, it issues a line consisting of a single "*". If the server receives such a response, or if it receives an invalid base64 string (e.g., characters outside the base64 alphabet or non-terminal "="), it MUST reject the AUTHENTICATE command by sending a tagged BAD response.

Currently, exceptions should cause the connection to be dropped, but that's too severe a reaction.

When authentication is canceled, the original exception should be the #cause of any resulting BAD exception. This way it will be captured by automated error reporting.
@nevans nevans added the SASL 🔒 Authentication and authentication mechanisms label Oct 3, 2024
@nevans nevans added this to the v0.6 milestone Oct 14, 2024
@nevans nevans added IMAP4rev2 Requirement for IMAP4rev2, RFC9051 IMAP4rev1 Requirement for IMAP4rev1, RFC3501 labels Oct 14, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
IMAP4rev1 Requirement for IMAP4rev1, RFC3501 IMAP4rev2 Requirement for IMAP4rev2, RFC9051 SASL 🔒 Authentication and authentication mechanisms
Milestone
v0.6
Development

No branches or pull requests
1 participant
@nevans