Base64-encoded Auth login strings are not compatible with vaultwarden

stalwartlabs / smtp-server

Stalwart SMTP Server

https://stalw.art/smtp

GNU Affero General Public License v3.0

492 stars 25 forks source link

Base64-encoded Auth login strings are not compatible with vaultwarden #21

Closed dungmuht closed 1 year ago

dungmuht commented 1 year ago

When decoding "VXNlciBOYW1lAA==" -> "User Name�" When decoding "UGFzc3dvcmQA" -> "Password�"

Vaultwarden does not recognize the "�" symbol and returns an error. If you don't need the "�" symbol in your source code, you can probably replace the encoded string with something else. ex)

"Username:" -> "VXNlcm5hbWU6" "Password:" -> "UGFzc3dvcmQ6"

Thanks for a great project.

mdecimus commented 1 year ago

Hi, this looks like a bug in Vaultwarden. Stalwart SMTP uses the same AUTH LOGIN base64 challenges as in the SASL LOGIN draft, please see https://datatracker.ietf.org/doc/html/draft-murchison-sasl-login-00

mdecimus commented 1 year ago

However, on the other hand the draft does say "Username:" encoded in base64 and those challenges are for "Username\0". Do you know what AUTH LOGIN base64 challenges are used by Postfix, Courier or Dovecot?