如何正确使用 AUTHENTICATE PLAIN 连接 IMAP?

发布于 2024-12-01 12:45:25 字数 356 浏览 0 评论 0原文

我正在使用 OpenSSL 连接到邮件服务器。

POP3 工作正常,但我在使用 IMAP 时遇到问题。基于CAPABILITY的命令服务器支持PLAIN、NTLM和GSS-API认证方法。

我想使用 PLAIN 因为它比其他的更容易。 我读过需要使用 来实现它。

我已经运行了下一个变体,但没有成功:

? login user pass
? login <nul>user<nul>pass
? <nul>login <nul>user<nul>pass

我做错了什么?

I'm using OpenSSL to connect to mail server.

POP3 works fine but I have problems with IMAP. Based on CAPABILITY command server supports PLAIN, NTLM and GSS-API authentication methods.

I want to use PLAIN because it's easier than others.
I have read it's needed to use <NUL> for it.

I have run the next variations, but no success:

? login user pass
? login <nul>user<nul>pass
? <nul>login <nul>user<nul>pass

What am I doing wrong?

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(3

陌路终见情 2024-12-08 12:45:25

之前的答案实际上都没有说明如何使用PLAIN身份验证,所以我做了更多的挖掘。事实证明,身份验证信息需要采用 base64 格式。通过示例来解释可能是最简单的。假设用户名是“bob”,密码是“munchkin”。

我们首先需要使用 Base64 进行编码。在 Linux 系统上,它是这样的:

echo -en "\0bob\0munchkin" | base64

这根据需要合并了空字符,并且还进行了 Base64 编码。我们得到这个字符串:AGJvYgBtdW5jaGtpbg==

现在,我们可以进行实际的身份验证(S = 服务器,C = 客户端):

S: * OK The Microsoft Exchange IMAP4 service is ready.
C: D0 CAPABILITY
S: * CAPABILITY IMAP4 IMAP4rev1 AUTH=NTLM AUTH=GSSAPI AUTH=PLAIN CHILDREN IDLE NAMESPACE LITERAL+
S: D0 OK CAPABILITY completed.
C: D1 AUTHENTICATE PLAIN
S: +
C: AGJvYgBtdW5jaGtpbg==
S: D1 OK AUTHENTICATE completed

您就完成了!

None of the previous answers actually said how to use PLAIN authentication, so I did some more digging. It turns out that authentication information is expected in base64. It's probably easiest to explain by example. Assume a username of "bob" and a password of "munchkin".

We'll first need to encode in base64. On a Linux-ish system, it goes likes this:

echo -en "\0bob\0munchkin" | base64

This incorporates the null characters as required, and also does the base64 encoding. We get this string out: AGJvYgBtdW5jaGtpbg==.

Now, we can do the actual authentication (S = Server, C = Client):

S: * OK The Microsoft Exchange IMAP4 service is ready.
C: D0 CAPABILITY
S: * CAPABILITY IMAP4 IMAP4rev1 AUTH=NTLM AUTH=GSSAPI AUTH=PLAIN CHILDREN IDLE NAMESPACE LITERAL+
S: D0 OK CAPABILITY completed.
C: D1 AUTHENTICATE PLAIN
S: +
C: AGJvYgBtdW5jaGtpbg==
S: D1 OK AUTHENTICATE completed

And you're done!

很糊涂小朋友 2024-12-08 12:45:25
May be this will help

/* RFC 4616.2. PLAIN SASL Mechanism.                
The mechanism consists of a single message, a string of [UTF-8]
encoded [Unicode] characters, from the client to the server.  The
client presents the authorization identity (identity to act as),
followed by a NUL (U+0000) character, followed by the authentication
identity (identity whose password will be used), followed by a NUL
(U+0000) character, followed by the clear-text password.  As with
other SASL mechanisms, the client does not provide an authorization
identity when it wishes the server to derive an identity from the
credentials and use that as the authorization identity.

message = [authzid] UTF8NUL authcid UTF8NUL passwd

Example:
C: a002 AUTHENTICATE "PLAIN"
S: + ""
C: {21}
C: <NUL>tim<NUL>tanstaaftanstaaf
S: a002 OK "Authenticated"
*/


IMAP not easy to code, literal string and xxx response formats ... .
It's easier to use some free IMAP client.
May be this will help

/* RFC 4616.2. PLAIN SASL Mechanism.                
The mechanism consists of a single message, a string of [UTF-8]
encoded [Unicode] characters, from the client to the server.  The
client presents the authorization identity (identity to act as),
followed by a NUL (U+0000) character, followed by the authentication
identity (identity whose password will be used), followed by a NUL
(U+0000) character, followed by the clear-text password.  As with
other SASL mechanisms, the client does not provide an authorization
identity when it wishes the server to derive an identity from the
credentials and use that as the authorization identity.

message = [authzid] UTF8NUL authcid UTF8NUL passwd

Example:
C: a002 AUTHENTICATE "PLAIN"
S: + ""
C: {21}
C: <NUL>tim<NUL>tanstaaftanstaaf
S: a002 OK "Authenticated"
*/


IMAP not easy to code, literal string and xxx response formats ... .
It's easier to use some free IMAP client.
伤感在游骋 2024-12-08 12:45:25

?登录 [email protected] mypassword\r\n

通常服务器不需要“@box.zone”部分,您只需输入登录即可

? login [email protected] mypassword\r\n

often servers don't require " @box.zone " part, you can just type login

~没有更多了~
我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
原文