Ubuntu
evolution-data-server package

Mishandling of @ (at sign) in WebDAV contacts username (wrong DNS query)

Bug #497146 reported by fubarbundy
16
This bug affects 3 people
Affects Status Importance Assigned to Milestone
evolution-data-server
Fix Released
Medium
evolution-data-server (Ubuntu)
Fix Released
Low
Ubuntu Desktop Bugs

Bug Description

Binary package hint: evolution-data-server

Steps to reproduce:

1. Set up a WebDAV contacts store with a username with an @ in it (e.g.
<email address hidden>). I'm using Zimbra.
2. In Evolution, create a new address book of type WebDAV and click OK:
Example URL: https://<email address hidden>/Contacts
Example Username: <email address hidden>

Expected result:
- contact super-awesomeness
- Evolution looks up hostdomain.com, asks for a password, authenticates with
<email address hidden> and the password, and requests the resource at
<email address hidden>/Contacts

Actual result:
- Evolution pops up a dialogue with:
  Unable to perform search.
  This query did not complete successfully.
- evolution-data-server spits out:
  (process:18068): libebookbackendgoogle-WARNING **: PROPFIND on webdav failed
with http status 2
- Wireshark reveals that e-d-s tried to perform DNS lookups for
<email address hidden>. Unsurprisingly, it failed.

It looks like maybe e-d-s is wedging the username into the front of the URL in
the format https://<email address hidden> without escaping the @, resulting in
this case in <email address hidden>@hostdomain.com, and then mis-parsing the
username as myname and the domain as <email address hidden>. If not, I
can't imagine what sort of crack is going on here.

Worth noting that the same credentials work fine for the other DAV stores
(calendaring, tasks).

Revision history for this message
fubarbundy (launchpad-mailtic) wrote :

Using 9.10 64-bit, evolution-data-server 2.28.

Also reported upstream.

Pedro Villavicencio (pedro)
Changed in evolution-data-server (Ubuntu):
status: New → Triaged
importance: Undecided → Low
assignee: nobody → Ubuntu Desktop Bugs (desktop-bugs)
Revision history for this message
meceso (meceso-gmx) wrote :

this bug also affects Ubuntu 9.04 64-bit, evolution-data-server 2.26

Revision history for this message
Philipp Kitzberger (philipp-kitze) wrote :

also affects Ubuntu 9.10 32-bit, evolution-data-server 2.28

Bug Watch Updater (bug-watch-updater)
Changed in evolution-data-server:
status: Unknown → New
Bug Watch Updater (bug-watch-updater)
Changed in evolution-data-server:
status: New → Fix Released
Revision history for this message
Launchpad Janitor (janitor) wrote :
Download full text (3.9 KiB)

This bug was fixed in the package evolution-data-server - 2.30.2-0ubuntu1

---------------
evolution-data-server (2.30.2-0ubuntu1) maverick; urgency=low

  * New upstream release:
    - Mail inline parser doesn't always work (Milan Crha) (LP: #219104)
    - Corruption of mailbox and can't expunge trash (Milan Crha)
      (LP: #286497, #325157)
    - WebDAV addressbook is too strict about content-type (Petr Tomasek)
    - Handle server's resource rename on WebDAV PUT response (Milan Crha)
    - Use NSS SQLite database, if available (Craig Ringer)
    - Fix NULL return without exception on krb5-auth-dialog
      failure (David Woodhouse)
    - Categories not translated in menus (Matthew Barnes) (LP: #443215)
    - Fix translation domain for default categories (Gert Michael Kulyk)
    - Mishandling of '@' in WebDAV contacts username (Milan Crha)
      (LP: #497146)
    - Use CRLF in signed & encrypted S/MIME messages
    - Remove superfluous space in flags in APPEND command (David Woodhouse)
    - Crash in gnome_keyring_item_info_free from e-passwords.c (Milan Crha)
    - Fix GSSAPI (and other SASL) authentication for imapx (David Woodhouse)
    - Teach camel_sexp_to_sql_sexp about no-arg (match-all)
      (Matt McCutchen 2)
    - Contacts are not displayed in GW Addressbook (Bharath Acharya)
    - Don't use an unitialized key in folder_changed_remove_uid
      (Claudio Saavedra)
    - Evolution didn't quit due to deadlock (Milan Crha)
    - Crash of e-addressbook-factory on second start of evolution (Milan Crha)
    - Fix translation of birthday and anniversary events (Gert Michael Kulyk)
    - Return formatted address in e_destination_get_address (David Ayers)
      (LP: #229187)
    - Add imap-over-custom-command support for imapx (David Woodhouse)
    - Fix fetch of large mails from broken servers like Exchange
      (David Woodhouse)
    - Fix double command ->complete() in imapx_command_start_next()
      (David Woodhouse)
    - Fix double-free of is->literal in cancel_all_jobs() (David Woodhouse)
    - use 'UID FETCH' instead of 'FETCH' for scan_changes (David Woodhouse)
    - Remove GroupWise debugging messages. (Matthew Barnes)
    - Bump libedataserver soname twice. (Matthew Barnes)
    - Check EBook DBus error names without underscores too (Milan Crha)
    - Create a section in the name selector dialog in its own function
      (Federico Mena Quintero)
    - Create the configdir instead of bailing out if it does not exist
      (Fridrich Štrba)
    - Don't set a default vertical size for the name selector window
      (Federico Mena Quintero)
    - Fix locking issues in cancel_all_jobs() (David Woodhouse)
    - Fix pointlessly narrow default width in the name selection dialog
    - Name the pointless label at the top, so it can be disabled for MeeGo
      (Michael Meeks)
    - Fix tagprefix for multiple accounts. (David Woodhouse)
    - Fix typo in patch for bug on WebDAV (Milan Crha)
    - Put the name selector's section labels in the same row as the
      treeviews (Federico Mena Quintero)
    - Redo the container hierarchy in the name selector dialog
      (Federico Mena Quintero)
    - Remove an unused label in the name selector ...

Read more...

Changed in evolution-data-server (Ubuntu):
status: Triaged → Fix Released
Bug Watch Updater (bug-watch-updater)
Changed in evolution-data-server:
importance: Unknown → Medium
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.