[Users] Suddenly CM is asking for password when checking for emails

Tue Apr 7 10:57:03 CEST 2015

On Mon, 6 Apr 2015 21:27:51 -0700
sylpheed at 911networks.com wrote:

> Hi,
> 
> CM 3.11.1 on xUbuntu 14.04. No change/update done lately to either
> xUbuntu, CM and/or the mail server.
> 
> I have the receiving POP3 on a 5 minutes timer (account prefs) and
> suddenly, when checking for emails on the server, now it's asking for
> the password each time.
> 
> I have the "remember password for session" checked
> 
> Obviously I must have done something but I don't what. Any suggestion
> on what to look for?

The following is probably irrelevent to you as you are using linux (from
your claws header in your email) but maybe not.

You can see the DES encrypted password in your .claws-mail/accountrc
file. Does it change when you quit claws-mail and it starts asking for
the password again. On OpenBSD around the time of the following patch
for libressl compatibility it started changing to partly all AAAA and
so I assume the patch is the issue. Perhaps you are using libressl and
a version of this patch or my assumption was incorrect.

Luckily on OpenBSD you can use chflags uchg so claws can't edit
accountrc as a temporary fix, chattr +ias if I remember rightly may
work on linux or change it's owner with chmod as root.
______________________________________________________________________________


$OpenBSD: patch-src_common_passcrypt_c,v 1.1 2015/01/12 21:47:13 landry Exp $

Use libressl des code to read/write the pwd. backwards-compatible with 5.6

--- src/common/passcrypt.c.orig	Sat Dec 14 11:15:06 2013
+++ src/common/passcrypt.c	Sun Jan 11 22:32:43 2015
@@ -35,6 +35,7 @@
 #endif
 
 #include <glib.h>
+#include <openssl/des.h>
 
 #include "passcrypt.h"
 
@@ -72,100 +73,30 @@ crypt_cfb_buf(const char key[8], unsigned char *buf, u
 		ecb_crypt(des_key, buf, len, DES_ENCRYPT);
 }
 #else
-static void crypt_cfb_shift(unsigned char *to,
-			    const unsigned char *from, unsigned len);
-static void crypt_cfb_xor(unsigned char *to, const unsigned char *from,
-			  unsigned len);
-static void crypt_unpack(unsigned char *a);
-
 static void
 crypt_cfb_buf(const char key[8], unsigned char *buf, unsigned len,
 	      unsigned chunksize, int decrypt)
 {
-	unsigned char temp[64];
+	unsigned char *out;
+	char des_key[8];
+	DES_key_schedule keysched;
 
-	memcpy(temp, key, 8);
-	crypt_unpack(temp);
-	setkey((const char *) temp);
-	memset(temp, 0, sizeof(temp));
+	out = malloc(len);
+	if(out == NULL)
+		return;
+	strncpy(des_key, PASSCRYPT_KEY, 8);
+	memset(&crypt_cfb_iv, 0, sizeof(crypt_cfb_iv));
+	
+	DES_set_odd_parity(&des_key);
+	DES_set_key_unchecked(&des_key, &keysched);
+	if (decrypt)
+		DES_cfb_encrypt(buf, out, crypt_cfb_blocksize,\
+		    len, &keysched, &crypt_cfb_iv, DES_DECRYPT);
+	else
+		DES_cfb_encrypt(buf, out, crypt_cfb_blocksize,\
+		    len, &keysched, &crypt_cfb_iv, DES_ENCRYPT);
 
-	memset(crypt_cfb_iv, 0, sizeof(crypt_cfb_iv));
-
-	if (chunksize > crypt_cfb_blocksize)
-		chunksize = crypt_cfb_blocksize;
-
-	while (len) {
-		memcpy(temp, crypt_cfb_iv, sizeof(temp));
-		encrypt((char *) temp, 0);
-		if (chunksize > len)
-			chunksize = len;
-		if (decrypt)
-			crypt_cfb_shift(crypt_cfb_iv, buf, chunksize);
-		crypt_cfb_xor((unsigned char *) buf, temp, chunksize);
-		if (!decrypt)
-			crypt_cfb_shift(crypt_cfb_iv, buf, chunksize);
-		len -= chunksize;
-		buf += chunksize;
-	}
-}
-
-/*
-* Shift len bytes from end of to buffer to beginning, then put len
-* bytes from from at the end.  Caution: the to buffer is unpacked,
-* but the from buffer is not.
-*/
-static void
-crypt_cfb_shift(unsigned char *to, const unsigned char *from, unsigned len)
-{
-	unsigned i;
-	unsigned j;
-	unsigned k;
-
-	if (len < crypt_cfb_blocksize) {
-		i = len * 8;
-		j = crypt_cfb_blocksize * 8;
-		for (k = i; k < j; k++) {
-			to[0] = to[i];
-			++to;
-		}
-	}
-
-	for (i = 0; i < len; i++) {
-		j = *from++;
-		for (k = 0x80; k; k >>= 1)
-			*to++ = ((j & k) != 0);
-	}
-}
-
-/*
-* XOR len bytes from from into the data at to.  Caution: the from buffer
-* is unpacked, but the to buffer is not.
-*/
-static void
-crypt_cfb_xor(unsigned char *to, const unsigned char *from, unsigned len)
-{
-	unsigned i;
-	unsigned j;
-	unsigned char c;
-
-	for (i = 0; i < len; i++) {
-		c = 0;
-		for (j = 0; j < 8; j++)
-			c = (c << 1) | *from++;
-		*to++ ^= c;
-	}
-}
-
-/*
-* Take the 8-byte array at *a (must be able to hold 64 bytes!) and unpack
-* each bit into its own byte.
-*/
-static void crypt_unpack(unsigned char *a)
-{
-	int i, j;
-
-	for (i = 7; i >= 0; --i)
-		for (j = 7; j >= 0; --j)
-			a[(i << 3) + j] = (a[i] & (0x80 >> j)) != 0;
+	strncpy(buf, out, len);
+	free(out);
 }
 #endif

