Tickets :: [#3653] IMAP/Client.java: choosing auth method

Summary	IMAP/Client.java: choosing auth method
Queue	IMP
Queue Version	HEAD
Type	Bug
State	Resolved
Priority	1. Low
Owners	slusarz (at) horde (dot) org
Requester	a (at) example (dot) com
Created	03/18/2006 (7237 days ago)
Due
Updated	03/28/2006 (7227 days ago)
Assigned	03/19/2006 (7236 days ago)
Resolved	03/28/2006 (7227 days ago)
Github Issue Link
Github Pull Request
Milestone
Patch	No

03/28/2006 07:08:16 PM	Michael Slusarz	Comment #3 State ⇒ Resolved	Reply to this comment
This should have already been fixed, and no feedback anyway.

03/19/2006 11:00:07 AM	Jan Schneider	Comment #2 Assigned to Michael Slusarz State ⇒ Feedback	Reply to this comment
This code has been refactored yesterday, can you check if the logic is still wrong in your opinion? And please use a real email address next time.

03/18/2006 06:12:33 PM	a (at) example (dot) com	Comment #1 State ⇒ Unconfirmed Priority ⇒ 1. Low Type ⇒ Bug Summary ⇒ IMAP/Client.java: choosing auth method Queue ⇒ IMP	Reply to this comment
It's not realy a bug in function 'login', but it is not the intended behaviour: In lines 479-481 it is said that no special authentication is needed for encrypted connections. But in the lines starting with 489 there is chosen 'CRAM-MD5' or 'DIGEST-MD5' instead of 'plain'. The reason is in line 489: if ((!$this->_usessl \|\| !$this->_usetls) && !empty($auth_methods)) The '\|\|' should be a '&&'. Only a not encrypted connection (!$this->_usessl && !$this->_usetls) needs 'CRAM-MD5' or 'DIGEST-MD5'.