Skip to content

🔒 Cancel SASL authentication after client-side exceptions #310

New issue
New issue
Open
Open
🔒 Cancel SASL authentication after client-side exceptions#310
Labels
IMAP4rev1Requirement for IMAP4rev1, RFC3501IMAP4rev2Requirement for IMAP4rev2, RFC9051SASL 🔒Authentication and authentication mechanisms
Milestone
v0.6
@nevans

Description

@nevans
nevans
opened on Jul 14, 2024

From RFC9051 6.2.2

If the client wishes to cancel an authentication exchange, it issues a line consisting of a single "*". If the server receives such a response, or if it receives an invalid base64 string (e.g., characters outside the base64 alphabet or non-terminal "="), it MUST reject the AUTHENTICATE command by sending a tagged BAD response.

Currently, exceptions should cause the connection to be dropped, but that's too severe a reaction.

When authentication is canceled, the original exception should be the #cause of any resulting BAD exception. This way it will be captured by automated error reporting.

Metadata

Metadata

Assignees

No one assigned

    Labels

    IMAP4rev1Requirement for IMAP4rev1, RFC3501IMAP4rev2Requirement for IMAP4rev2, RFC9051SASL 🔒Authentication and authentication mechanisms

    Type

    No type

    Projects

    No projects

    Milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions