[Httpmail-devel] Re: Hotwayd

[Frank de L. <fr...@un...>]

On Fri, May 03, 2002 at 12:43:31PM +0200, Uri Yanover wrote:
> > I'm currently trying to teach hotwayd to authenticate only when asked, and
> to
> the correct realm
> 
> Hi, I'm trying to do the same. Any ideas so far?
> 
> As to my personal findings, I'd come to notice that
> when authenticating at Passport, Outlook Express
> responds only to the _second_ authentication
> request, which is in the form of a
> WWW-Authorize request, not an Authenticate. In
> addition, Outlook sets a certain cookie
> (MSPPre=my...@ho...).

Outlook only authenticates when explicitly asked to do so. This seems to be
necessary for working with MS's httpmail implementation, since passport.com
gives incorrect results when presented with authentication credits for the
hotmail.com (instead of the passport.com) realm. I think it should refuse those
authentication tokens, and request new auth for the passport.com realm, but it
doesn't. Instead, it produces a bogus redirect which sends hotwayd (and any
other httpmail implementation which works like it, like the other 'httpmail'
project) in a loop.

The solution is to make sure hotwayd ONLY authenticates when the last reply
requested to do so. This can be achieved by explicitly clearing the authtoken
before doing anything. I hacked up the source to do so, and it DOES
authenticate and find the folder list, but the program is crashing left and
right on the errrr shall we say shaky memory allocation... Now testing with
efence, to see where the bad stuff happens (all over the place, really)

Cheers//Frank
-- 
  WWWWW      ________________________
 ## o o\    /     Frank de Lange     \
 }#   \|   /                          \
  \ `--| _/     <Hacker for Hire>      \
   `---'  \      +31-320-252965        /
           \    fr...@un...    /
            `------------------------'
 [ "Omnis enim res, quae dando non deficit, dum habetur
    et non datur, nondum habetur, quomodo habenda est."  ]