Mercurial > dovecot > original-hg > dovecot-1.2
changeset 1473:7709e997903f HEAD
Don't advertise AUTH=PLAIN in capability if disable_plaintext_auth = yes and
SSL/TLS is not yet negotiated.
author | Timo Sirainen <tss@iki.fi> |
---|---|
date | Fri, 16 May 2003 20:05:42 +0300 |
parents | 74e28b26b4eb |
children | e0065ebba5b3 |
files | src/imap-login/client-authenticate.c src/imap-login/client-authenticate.h src/imap-login/client.c src/pop3-login/client-authenticate.c |
diffstat | 4 files changed, 11 insertions(+), 8 deletions(-) [+] |
line wrap: on
line diff
--- a/src/imap-login/client-authenticate.c Thu May 15 22:42:12 2003 +0300 +++ b/src/imap-login/client-authenticate.c Fri May 16 20:05:42 2003 +0300 @@ -19,7 +19,7 @@ static enum auth_mech auth_mechs = 0; static char *auth_mechs_capability = NULL; -const char *client_authenticate_get_capabilities(void) +const char *client_authenticate_get_capabilities(int tls) { string_t *str; int i; @@ -34,7 +34,9 @@ for (i = 0; i < AUTH_MECH_COUNT; i++) { if ((auth_mechs & auth_mech_desc[i].mech) && - auth_mech_desc[i].name != NULL) { + auth_mech_desc[i].name != NULL && + (tls || !auth_mech_desc[i].plaintext || + !disable_plaintext_auth)) { str_append_c(str, ' '); str_append(str, "AUTH="); str_append(str, auth_mech_desc[i].name);
--- a/src/imap-login/client-authenticate.h Thu May 15 22:42:12 2003 +0300 +++ b/src/imap-login/client-authenticate.h Fri May 16 20:05:42 2003 +0300 @@ -1,7 +1,7 @@ #ifndef __CLIENT_AUTHENTICATE_H #define __CLIENT_AUTHENTICATE_H -const char *client_authenticate_get_capabilities(void); +const char *client_authenticate_get_capabilities(int tls); int cmd_login(struct imap_client *client, struct imap_arg *args); int cmd_authenticate(struct imap_client *client, struct imap_arg *args);
--- a/src/imap-login/client.c Thu May 15 22:42:12 2003 +0300 +++ b/src/imap-login/client.c Fri May 16 20:05:42 2003 +0300 @@ -89,14 +89,13 @@ static int cmd_capability(struct imap_client *client) { - const char *capability; + const char *capability, *auths; + auths = client_authenticate_get_capabilities(client->tls); capability = t_strconcat("* CAPABILITY " CAPABILITY_STRING, ssl_initialized ? " STARTTLS" : "", disable_plaintext_auth && !client->tls ? - " LOGINDISABLED" : "", - client_authenticate_get_capabilities(), - NULL); + " LOGINDISABLED" : "", auths, NULL); client_send_line(client, capability); client_send_tagline(client, "OK Capability completed."); return TRUE;
--- a/src/pop3-login/client-authenticate.c Thu May 15 22:42:12 2003 +0300 +++ b/src/pop3-login/client-authenticate.c Fri May 16 20:05:42 2003 +0300 @@ -33,7 +33,9 @@ str_append(str, "SASL"); for (i = 0; i < AUTH_MECH_COUNT; i++) { if ((auth_mechs & auth_mech_desc[i].mech) && - auth_mech_desc[i].name != NULL) { + auth_mech_desc[i].name != NULL && + (client->tls || !auth_mech_desc[i].plaintext || + !disable_plaintext_auth)) { str_append_c(str, ' '); str_append(str, auth_mech_desc[i].name); }