# HG changeset patch # User Timo Sirainen # Date 1247186974 14400 # Node ID 75423424851011f4eb58fc1c1eff0ac7bfe922a3 # Parent dd49cf3fd2c95651f40ba105d0560d434272cc19 login processes: Auth code cleanups. Custom IMAP auth errors now have [ALERT] prefix. This should make them visible in more clients. diff -r dd49cf3fd2c9 -r 754234248510 src/imap-login/client-authenticate.c --- a/src/imap-login/client-authenticate.c Thu Jul 09 19:15:59 2009 -0400 +++ b/src/imap-login/client-authenticate.c Thu Jul 09 20:49:34 2009 -0400 @@ -66,10 +66,9 @@ if (line == NULL) return; - if (strcmp(line, "*") == 0) { - sasl_server_auth_client_error(&client->common, - "Authentication aborted"); - } else { + if (strcmp(line, "*") == 0) + sasl_server_auth_abort(&client->common); + else { client_set_auth_waiting(client); auth_client_request_continue(client->common.auth_request, line); io_remove(&client->io); @@ -232,7 +231,7 @@ allowed to log in. Shouldn't probably happen. */ reply = t_str_new(128); if (reason != NULL) - str_printfa(reply, "NO %s", reason); + str_printfa(reply, "NO [ALERT] %s", reason); else if (temp) { str_append(reply, "NO ["IMAP_RESP_CODE_UNAVAILABLE"] " AUTH_TEMP_FAILED_MSG); @@ -264,7 +263,7 @@ bool nodelay; i_assert(!client->destroyed || - reply == SASL_SERVER_REPLY_CLIENT_ERROR || + reply == SASL_SERVER_REPLY_AUTH_ABORTED || reply == SASL_SERVER_REPLY_MASTER_FAILED); switch (reply) { @@ -278,7 +277,7 @@ client_destroy_success(client, "Login"); break; case SASL_SERVER_REPLY_AUTH_FAILED: - case SASL_SERVER_REPLY_CLIENT_ERROR: + case SASL_SERVER_REPLY_AUTH_ABORTED: if (client->to_auth_waiting != NULL) timeout_remove(&client->to_auth_waiting); if (args != NULL) { @@ -286,9 +285,12 @@ break; } - msg = reply == SASL_SERVER_REPLY_AUTH_FAILED ? "NO " : "BAD "; - msg = t_strconcat(msg, data != NULL ? data : - IMAP_AUTH_FAILED_MSG, NULL); + if (reply == SASL_SERVER_REPLY_AUTH_ABORTED) + msg = "BAD Authentication aborted by client."; + else if (data == NULL) + msg = "NO "IMAP_AUTH_FAILED_MSG; + else + msg = t_strconcat("NO [ALERT] ", data, NULL); client_send_tagline(client, msg); if (!client->destroyed) diff -r dd49cf3fd2c9 -r 754234248510 src/imap-login/client.c --- a/src/imap-login/client.c Thu Jul 09 19:15:59 2009 -0400 +++ b/src/imap-login/client.c Thu Jul 09 20:49:34 2009 -0400 @@ -567,7 +567,7 @@ master_request_abort(&client->common); } else if (client->common.auth_request != NULL) { i_assert(client->common.authenticating); - sasl_server_auth_client_error(&client->common, NULL); + sasl_server_auth_abort(&client->common); } else { i_assert(!client->common.authenticating); } diff -r dd49cf3fd2c9 -r 754234248510 src/login-common/sasl-server.c --- a/src/login-common/sasl-server.c Thu Jul 09 19:15:59 2009 -0400 +++ b/src/login-common/sasl-server.c Thu Jul 09 20:49:34 2009 -0400 @@ -204,7 +204,7 @@ sasl_server_auth_cancel(client, reason, SASL_SERVER_REPLY_AUTH_FAILED); } -void sasl_server_auth_client_error(struct client *client, const char *reason) +void sasl_server_auth_abort(struct client *client) { - sasl_server_auth_cancel(client, reason, SASL_SERVER_REPLY_CLIENT_ERROR); + sasl_server_auth_cancel(client, NULL, SASL_SERVER_REPLY_AUTH_ABORTED); } diff -r dd49cf3fd2c9 -r 754234248510 src/login-common/sasl-server.h --- a/src/login-common/sasl-server.h Thu Jul 09 19:15:59 2009 -0400 +++ b/src/login-common/sasl-server.h Thu Jul 09 20:49:34 2009 -0400 @@ -4,7 +4,7 @@ enum sasl_server_reply { SASL_SERVER_REPLY_SUCCESS, SASL_SERVER_REPLY_AUTH_FAILED, - SASL_SERVER_REPLY_CLIENT_ERROR, + SASL_SERVER_REPLY_AUTH_ABORTED, SASL_SERVER_REPLY_MASTER_FAILED, SASL_SERVER_REPLY_CONTINUE }; @@ -18,6 +18,6 @@ const char *initial_resp_base64, sasl_server_callback_t *callback); void sasl_server_auth_failed(struct client *client, const char *reason); -void sasl_server_auth_client_error(struct client *client, const char *reason); +void sasl_server_auth_abort(struct client *client); #endif diff -r dd49cf3fd2c9 -r 754234248510 src/pop3-login/client-authenticate.c --- a/src/pop3-login/client-authenticate.c Thu Jul 09 19:15:59 2009 -0400 +++ b/src/pop3-login/client-authenticate.c Thu Jul 09 20:49:34 2009 -0400 @@ -71,10 +71,9 @@ if (line == NULL) return; - if (strcmp(line, "*") == 0) { - sasl_server_auth_client_error(&client->common, - "Authentication aborted"); - } else { + if (strcmp(line, "*") == 0) + sasl_server_auth_abort(&client->common); + else { auth_client_request_continue(client->common.auth_request, line); io_remove(&client->io); @@ -225,7 +224,7 @@ bool nodelay; i_assert(!client->destroyed || - reply == SASL_SERVER_REPLY_CLIENT_ERROR || + reply == SASL_SERVER_REPLY_AUTH_ABORTED || reply == SASL_SERVER_REPLY_MASTER_FAILED); switch (reply) { @@ -238,14 +237,18 @@ client_destroy_success(client, "Login"); break; case SASL_SERVER_REPLY_AUTH_FAILED: - case SASL_SERVER_REPLY_CLIENT_ERROR: + case SASL_SERVER_REPLY_AUTH_ABORTED: if (args != NULL) { if (client_handle_args(client, args, FALSE, &nodelay)) break; } - msg = t_strconcat("-ERR ", data != NULL ? - data : AUTH_FAILED_MSG, NULL); + if (reply == SASL_SERVER_REPLY_AUTH_ABORTED) + msg = "-ERR Authentication aborted by client."; + else if (data == NULL) + msg = "-ERR "AUTH_FAILED_MSG; + else + msg = t_strconcat("-ERR ", data, NULL); client_send_line(client, msg); if (!client->destroyed) diff -r dd49cf3fd2c9 -r 754234248510 src/pop3-login/client.c --- a/src/pop3-login/client.c Thu Jul 09 19:15:59 2009 -0400 +++ b/src/pop3-login/client.c Thu Jul 09 20:49:34 2009 -0400 @@ -370,7 +370,7 @@ master_request_abort(&client->common); } else if (client->common.auth_request != NULL) { i_assert(client->common.authenticating); - sasl_server_auth_client_error(&client->common, NULL); + sasl_server_auth_abort(&client->common); } else { i_assert(!client->common.authenticating); }