Mercurial > dovecot > original-hg > dovecot-1.2
diff src/imap-login/client-authenticate.c @ 8413:24c8bc8098ee HEAD
Give a different error message if authentication succeeds but authorization fails.
Added a new "authz" parameter for FAIL result in the auth protocol for this.
| author | Timo Sirainen <tss@iki.fi> |
|---|---|
| date | Sat, 15 Nov 2008 21:29:59 +0200 |
| parents | 6e9100795d89 |
| children | 4693c9f72baa |
line wrap: on
line diff
--- a/src/imap-login/client-authenticate.c Sat Nov 15 21:10:17 2008 +0200 +++ b/src/imap-login/client-authenticate.c Sat Nov 15 21:29:59 2008 +0200 @@ -20,6 +20,8 @@ #define IMAP_SERVICE_NAME "imap" #define IMAP_AUTH_FAILED_MSG "["IMAP_RESP_CODE_AUTHFAILED"] "AUTH_FAILED_MSG +#define IMAP_AUTHZ_FAILED_MSG \ + "["IMAP_RESP_CODE_AUTHZFAILED"] Authorization failed" const char *client_authenticate_get_capabilities(bool secured) { @@ -95,6 +97,7 @@ string_t *reply; unsigned int port = 143; bool proxy = FALSE, temp = FALSE, nologin = !success, proxy_self; + bool authz_failure = FALSE; for (; *args != NULL; args++) { if (strcmp(*args, "nologin") == 0) @@ -103,6 +106,8 @@ proxy = TRUE; else if (strcmp(*args, "temp") == 0) temp = TRUE; + else if (strcmp(*args, "authz") == 0) + authz_failure = TRUE; else if (strncmp(*args, "reason=", 7) == 0) reason = *args + 7; else if (strncmp(*args, "host=", 5) == 0) @@ -183,6 +188,8 @@ else if (temp || proxy_self) { str_append(reply, "NO ["IMAP_RESP_CODE_UNAVAILABLE"] " AUTH_TEMP_FAILED_MSG); + } else if (authz_failure) { + str_append(reply, "NO "IMAP_AUTHZ_FAILED_MSG); } else { str_append(reply, "NO "IMAP_AUTH_FAILED_MSG); }