Password conversion from plaintext to encrypted does not handle ! as first char of plaintext password. If you migrate from sylpheed to claws you will encounter this problem. Should be a simple fix, I haven't looked at the code.
(In reply to comment #0)
> Should be a simple fix, I haven't looked at the code.
Waiting for your patch, in that case.
Good point but maybe I meant "should be simple, for someone that knows the code".
Can you point me to the code to look at? I did look around a little.
I've looked some more and ended up looking at passcrypt. I'm wondering if it's something to do with gchar which is c char which is by default signed on gcc but in passcrypt the crypt functions want unsigned.
When I encountered the problem my first thought was that some escaping of ! didn't happen somewhere but I don't find anything to support that thought.
Ok nothing to do with signedness. That's what -Wno-pointer-sign is for.
But I wonder if anyone seeing this bug report knew right away what the problem was/is.
I looked at .claws-mail/accountrc and notice that each encrypted password begins with a !
Or like this when no password has been set:
Why this has to be I can guess at but maybe someone knows exactly why.
someone decided to use ! as a demarcation for the beginning of a
base64 encoded encrypted password string.
And somewhere, while encrypting, the ! is removed from unencrypted password strings.
I need to be explicit. And somewhere, while encrypting, the ! is removed from unencrypted password string when the ! occurs as the first char of the unecrypted password string.
When Claws Mail looks at the password in the preferences and sees it prefixed with '!', it assumes that what comes after the '!' is already encrypted. That is why this problem exists - if migrating from very old configuration, where passwords were stored directly in plaintext, any password starting with '!' will be problematic.
Unfortunately, at this point, I doubt anyone is going to spend their time fixing this corner case. Especially since Claws Mail has already moved on to yet another system for storing passwords.