Closed Bug 212937 Opened 21 years ago Closed 21 years ago

incorrect login <username>@<servername> instead of just <username>

Categories

(MailNews Core :: Networking: POP, defect)

Product:
MailNews Core
Component:
Networking: POP
Platform:
x86
Windows 98
Type:
defect
Priority:
Not set
Severity:
major

Tracking

(Not tracked)

Status:
RESOLVED FIXED

People

(Reporter: cheb, Assigned: Bienvenu)

References

Details

Attachments

(2 files, 1 obsolete file)

NSPR POP3 protocol log
9.42 KB, text/plain
Details
patch v2
1.41 KB, patch
Bienvenu
: review+
Details | Diff | Splinter Review 
User-Agent:       Mozilla/5.0 (Windows; U; Win98; en-US; rv:1.4) Gecko/20030624
Build Identifier: Mozilla/5.0 (Windows; U; Win98; en-US; rv:1.4) Gecko/20030624

When Mozilla sends login info to the POP server, it composes it as
<username>@<server name>
but in my LAN, server is set up differently, and this login does not work!
And, because this is handled only automatically, I can't bypasss it in any way.
I forced to use Outlook although I don't like it :(

Reproducible: Always

Steps to Reproduce:
1.set username to "cheb@internets.ru" (required by LAN administrator)
2.set server name to "mail.internets.ru"

Actual Results:  
Mozilla requests password for "cheb@internets.ru@mail.internets.ru", then
mail.internets.ru server responds "Bad login" because it expected
"cheb@internets.ru", not "cheb@internets.ru@mail.internets.ru".

Attempts to use just "cheb" as username won't help, because then mozilla sends
login "cheb@mail.internets.ru", not "cheb@internets.ru" and server still says
"Bad login".

Expected Results:  
Act as all normal mail clients, and send <username> to log to the server, and
not invent any stupid constructs. 
Because msOutlook works, and TheBat works, only Mozilla fails.

no any firewall.
"cheb@internets.ru@mail.internets.ru" means that it sent "cheb@internets.ru" as
user to the server "mail.internets.ru".

Can you please create a pop3 log : 
http://www.mozilla.org/quality/mailnews/mail-troubleshoot.html

use about:config and set (boolean) mail.allow_at_sign_in_user_name probably to 
true. Use google and read about it.
LOG:
0[780160]: Entering NET_ProcessPop3 88
0[780160]: POP3: Entering state: 1
0[780160]: POP3: Entering state: 2
0[780160]: POP3: Entering state: 4
0[780160]: RECV: +OK POP3 crom::pop3d server. Version 3.0
<26562.1058522583@predator-eth0.internets.ru>
0[780160]: POP3: Entering state: 29
0[780160]: SEND: AUTH

0[780160]: Entering NET_ProcessPop3 22
0[780160]: POP3: Entering state: 3
0[780160]: RECV: -ERR Not implemented
0[780160]: POP3: Entering state: 30
0[780160]: POP3: Entering state: 31
0[780160]: POP3: Entering state: 5
0[780160]: SEND: USER cheb@internets.ru

vvv...the next block repeats 89 times, since I have no choice except endless
clicking "Ok" button in popping up dialog box >:E ...grrrr...

0[780160]: Entering NET_ProcessPop3 5
0[780160]: POP3: Entering state: 3
0[780160]: RECV: +OK
0[780160]: POP3: Entering state: 32
0[780160]: POP3: Entering state: 6
0[780160]: Logging suppressed for this command (it probably contained
authentication information)
0[780160]: Entering NET_ProcessPop3 16
0[780160]: POP3: Entering state: 3
0[780160]: RECV: -ERR Bad login
0[780160]: POP3: Entering state: 7
0[780160]: POP3: Entering state: 24
0[780160]: POP3: Entering state: 0
0[780160]: POP3: Entering state: 31
0[780160]: POP3: Entering state: 5
0[780160]: SEND: USER cheb@internets.ru

^^^...


Anton, please look at the log you posted.
Don't you think
SEND: USER cheb@internets.ru
looks absolutely right?

And as Matti said, "cheb@internets.ru@mail.internets.ru" ist only a string
displayed in the dialog and has nothing to do with the string sent (ugly, I know).

There seems to be another problem with your account.
You write, the login and error block repeats 89 times, since you have no choice
except endless clicking "Ok" button in popping up dialog box. What dialog box is
this? It's not the password question?

If the password dialog doesn't appear it looks like you entered your password
and clicked "remember". But since this option only takes effect if the password
entered succeeded I guess your login succeeded at least once in the past.
Ist this right? Please supply as with more details to track this down, thanks.
>What dialog box is this?
"Alert: The PASS command did not succeed. Mail server mail.internets.ru
responded: Bad login"

>>I guess your login succeeded at least once in the past.
Right. But then something happened with the server (I gues, database failure or
something like this), and Mozilla just stopped working

I think, mail server returns incorrect error code for such situation, and
Mozilla is totally confused by this. It SHOULD ask me for the new password, but
it cries "bad login" instead. :(

>>I guess your login succeeded at least once in the past.
Right. But then something happened with the server (I gues, database failure or
something like this), and Mozilla just stopped working

Aha, ok, that explains some issues.

> Mozilla is totally confused by this. It SHOULD ask me for the new password,
but it cries "bad login" instead. :(

No, not confused. This alert is always displayed if a login fails, but it's
followed by the password dialog if the password has not been saved.
I'm about to think over a reorganization of this behaviour to straighten things
and make it easier.

But to get to the point let's see what problem prevends you from getting mail.
I guess the problem is the saved password and not the username (as this looks
good in the log).
So please delete the password: Privacy&Security->Passwords->Manage Stored
Passwords->choose your POP accounts line and remove it.
Then try to get mail again and enter the correct password in the dialog.

Please report if that works.
or try tomorrow's build - I fixed the password looping problem.
Assignee: sspitzer → bienvenu
Status: UNCONFIRMED → NEW
Ever confirmed: true
Attached file NSPR POP3 protocol log 
I was recommended to report here by Christian Eyrich in Bug 213513.

I tested 4 cases with 2003073110-trunk/Win-Me.
(Infinite retry loop has been already resolved by 2003073110-trunk) 

[Case-1]
 Use secure authentication    : Unchecked
 User name in Server Settings : xxxx@ops.dti.ne.jp (This is valid username)
 -> "AUTH failed" alert was isseued although valid username/password

[Case-2]
 Use secure authentication    : Checked
 User name in Server Settings : xxxx@ops.dti.ne.jp (This is valid username)
 -> Password was prompted although valid username/password
 -> Username on dialog was xxxx@ops@dti.ne.jp@ops.dti.ne.jp

[Case-3]
 Use secure authentication    : Checked
 User name in Server Settings : xxxx (This is first part of the valid username)

 -> No error.

[Case-4]
 Use secure authentication    : Unchecked
 User name in Server Settings : xxxx (This is first part of the valid username)

 -> No error.

Note-1:
 Both USE/PASS(POP3) and APOP are enabled at POP Server(pop.ops.dti.ne.jp)
Note-2:
 Login was successuful in case-3/case-4 because my real user name has
xxxx@<POP_Server_Name> format fortunately.
Thank you WADA for the very detailed log.

Since in the APOP case login including the username is suppressed, let's
concentrate on the not secure authentication.

For Case-2 you say "Password was prompted" while in Case-1 ""AUTH failed" alert
was isseued".
Although that's not the issue of this bug, the user should get both (first the
AUTH failed alert with OK button and then the password prompt dialog) in both cases.
Did you get both and that's a flaw in you description?


Ok, now for the real work.
In Case-2 you wrote, the username prompted in the dialog was
xxxx@ops@dti.ne.jp@ops.dti.ne.jp. Is this true or was it
xxxx@ops.dti.ne.jp@ops.dti.ne.jp? The second @ confuses me.
And what's the servername in your settings - pop.ops.dti.ne.jp, ops.dti.ne.jp or
another?
I think it should be pop.ops.dti.ne.jp but the username in the dialog then
should have been xxxx@ops.dti.ne.jp@pop.ops.dti.ne.jp.

I tried to reproduce your results with different settings. I don't know if login
would have succeeded if I had the right password, but the username sent in my
trials was "muttley@ops.dti.ne.jp" instead of "muttley@pop.ops.dti.ne.jp" in
your case.
So it looks right for me under the premise you're right with xxxx@ops.dti.ne.jp
is a valid username.

But in the log of Case-4 you can see Mozilla sent
USER muttley
and that was accepted. So it looks to me as the login in this case wasn't
successful because your "real user name has
xxxx@<POP_Server_Name> format fortunately" but the server accepts xxxx only (at
least too) as username.

In Case-4 you can see from the log, that nothing was appended to the username
you entered. That's the same result we saw from Anton's log.

What needs to be explained is the difference between the sent
USER muttley@pop.ops.dti.ne.jp
in your log Case-1 and xxxx@ops.dti.ne.jp (I guess muttley@ops.dti.ne.jp) you
wrote you entered in the settings.


Phew, that's a lot stuff. Please go through your settings again and don't
anonymize your username with xxxx (we also know the real one from the log) to
prevend confusion.
Christian, sorry for my mistake and my comfusion.

My real account name is "muttley@ops.dti.ne.jp" as you say.
POP server name setting is "pop.ops.dti.ne.jp" .

For (Case-4) :
My provider changed account name format and my account name was changed from
"muttley" to "muttley@ops.dti.ne.jp" in 2002/05.
I had been believing that old format "muttley" was disabled on the change but my
provider said that they still accepted old format account in usual
authentication(non APOP) service for old user's convienience.
Sorry for my confusion and misunderstandig.

For (Case-1) and (Case-2) :
In (Case-1) and (Case-2), I set User Name in Server Settings as
"muttley@pop.ops.dti.ne.jp" by mistake.
I copy&pasted Serverna Name setting after "muttley@" but I forgot to delete
"pop." portion in this test.
Therefore login failed and it is natural.
Sorry again for my mistakes.

Userid displayed in (Case-2) was, I believe,
"muttley@pop.ops.dti.ne.jp@pop.ops.dti.ne.jp".
This is the problem I wanted to report.
<user_name>@<pop_server_name> format is not appropriate for error message. 
Ok, that looks good.
To recapitulate, after setting username to "muttley@ops.dti.ne.jp" instead of
"muttley@pop.ops.dti.ne.jp" logging in works for Case-1 and Case-2. And just
"muttley" works in Case-4.
So you have no functional problems when getting mails, yes?

The last thing I don't fully understand: you say "they still accepted old format
account in usual authentication (non APOP) service". But it looks like it works
with APOP too as in Case-3 getting mail succeeded.

So ok, muttley@ops.dti.ne.jp@pop.ops.dti.ne.jp is indeed ugly but no functional
flaw. IMHO it should be changed (like for SMTP, see bug 90507).
I already made a patch for another bug which included this task (see bug 203099
comment #3) but it didn't make it into the source yet. Getting review has been
quite difficult in the last month(s), but I'll try with a new version soon.
> But it looks like it works with APOP too as in Case-3 getting mail succeeded.
I can not distinguish APOP and USE/PASS from protcol log although I can
understand both login in Case-3 and Case-4 are successufull.
However, I'm sure that I set username "muttley" and checked "Use Secure
Authentication" in Case-3. 
Therefore, truth is : "My provider accepts old format account for APOP too."
Sorry for my many mistakes in both testing and reporting.

> So you have no functional problems when getting mails, yes?
Yes. There is no functional flaw in both USE/PASS and APOP.

I prefer "Enter your password for %1$s logging into %2$s:" to "Enter your
password for %1$s@%2$s:". 
I wait for bug 203099.
Thanks a lot, Christian.
Attached patch proposed patch (obsolete) — Splinter Review 
In contrast to the text for SMTPs password dialog (bug 203099), this one can be
changed without modification to the code itself.

So to get this clarification in and to prevent future misunderstandings I made
this a standalone patch. The new text will be "Enter your password for username
logging into server" instead of "Enter your password for username@server".
Attachment #129378 - Flags: review?(bienvenu)
I'm not crazy about the wording but I'm not sure I have a better alternative.
Perhaps "Enter your password for username on server". Scott, do you have an opinion?
That would be ok to me as well.
I suggested the string three months ago in bug 90507 and saw no contrary
proposal. But everything other than the misleading @ is acceptable.
Attachment #129378 - Flags: review?(bienvenu)
Attached patch patch v2Splinter Review 
Changed the message to "Enter your password for <username> on <server>".
Attachment #129378 - Attachment is obsolete: true
*** Bug 218778 has been marked as a duplicate of this bug. ***
*** Bug 141156 has been marked as a duplicate of this bug. ***
Attachment #131140 - Flags: review?(bienvenu)
Scott Vetter, in bug 218778 you wrote "The end result [of appending the
mailserver part to the username] is that I cannot send or receive email."

Do you really have problems to authenticate with the POP server? Did you even
try to enter your password for the username and go on? Or do you just give up
because of this malformed username@servername?
Comment on attachment 131140 [details] [diff] [review]
patch v2

r/sr=bienvenu
Attachment #131140 - Flags: review?(bienvenu) → review+
patch checked in, thx, Christian.
Status: NEW → RESOLVED
Closed: 21 years ago
Resolution: --- → FIXED
"(i.e. john.smith@example.org)"

That example expanded string in the comment should probably have been updated,
or removed.
*** Bug 65649 has been marked as a duplicate of this bug. ***
Product: MailNews → Core
Product: Core → MailNews Core
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: