On Fri, Aug 04, 2017 at 06:16:53PM +0200, Nicolas Morey-Chaisemartin wrote:
> static struct imap_store *imap_open_store(struct imap_server_conf *srvc, char *folder)
> {
> struct credential cred = CREDENTIAL_INIT;
> @@ -1090,7 +1116,7 @@ static struct imap_store *imap_open_store(struct imap_server_conf *srvc, char *f
> if (!srvc->user)
> srvc->user = xstrdup(cred.username);
> if (!srvc->pass)
> - srvc->pass = xstrdup(cred.password);
> + srvc->pass = imap_escape_password(cred.password);
> }
>
> if (srvc->auth_method) {
I'm not sure if this is correct. It looks like this username and
password are used by whatever authentication method we use, whether
that's LOGIN or CRAM-MD5. I don't think we'd want to encode the
password here before sending it through the CRAM-MD5 authenticator.
--
brian m. carlson / brian with sandals: Houston, Texas, US
https://www.crustytoothpaste.net/~bmc | My opinion only
OpenPGP: https://keybase.io/bk2204
Attachment:
signature.asc
Description: PGP signature
