[Pkg-roundcube-maintainers] Bug#960302: Bug#960302: imap retry must be tunable

[Matus UHLAR - fantomas]

On 24.05.20 01:34, Sandro Knauß wrote:
>> Could you please have a look at this regression report?  You authored
>> the patch and my PHP-fu is failing me :-P  It should definitely not
>> retry the very same incorrect credentials.  Even on systems without
>> anti-bruteforce logic that locks the user out, Roundcube still takes 5
>> times longer to complain a about a failed login — which is not
>> negligible when an expensive PBKDF is used for credential verification.
>
>ACK
>
>> I think it's rather unfortunate that
>> debian/patches/retry_to_reach_imap_server.patch was AFAICT never submitted
>> upstream and landed into stable through -p-u. I dunno whether
>> program/lib/Roundcube/rcube_imap.php:connect() has access to the IMAP state
>> machine to determine whether a greeting was seen (AFAICT your intention was
>> to retry on missing greeting lines, not on NO/BYE greeting conditions let
>> alone failed authentication attempts) or to another interface returning
>> whether the error is transient or not. Either way it'd be good to have
>> upstream's blessing before adopting such patches to Debian :-)
>
>Well I tried several times to reach upstream and they are often not answering.
>Never the less I created a pull request with an updated version, that does no
>retry for unrecoverable failures like authentication failure, no password,
>configuration failure. That should improve the situation already in this issue.
>
>@Matus UHLAR: please try the patch attached to the pull request if this fixes
>your issue:
> https://github.com/roundcube/roundcubemail/pull/7402

this patch works properly when invalid password is entered.


-- 
Matus UHLAR - fantomas, uhlar at fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Enter any 12-digit prime number to continue.