[Users] [Bug 4664] New: OAUTH2 overwrites passwords even for plaintext logins
noreply at thewildbeast.co.uk
noreply at thewildbeast.co.uk
Mon Feb 20 21:39:55 UTC 2023
https://www.thewildbeast.co.uk/claws-mail/bugzilla/show_bug.cgi?id=4664
Bug ID: 4664
Summary: OAUTH2 overwrites passwords even for plaintext logins
Product: Claws Mail
Version: GIT
Hardware: PC
OS: Linux
Status: NEW
Severity: normal
Priority: P3
Component: OAuth2
Assignee: users at lists.claws-mail.org
Reporter: rhaas at illinois.edu
Created attachment 2322
-->
https://www.thewildbeast.co.uk/claws-mail/bugzilla/attachment.cgi?id=2322&action=edit
possible fix for IMAP receive
When selecting OATUH2 for either send (SMTP) or receive (IMAP in my case)
ClawsMail will overwrite both send and receive passwords with the OAUTH2 token
even if that login uses a non-OAUTH password.
In my case I use my employer's SMTP server (secured via OAUTH2) to send but a
local IMAP server to hold incoming mail (plaintext password).
Currently I patch oauth2.c as shown in the attached patch, which fixes the
issue for me. However the patch is not eg handling POP3 accounts so is more of
a detailed explanation rather than a fix.
--
You are receiving this mail because:
You are the assignee for the bug.
More information about the Users
mailing list