Mercurial > dovecot > original-hg > dovecot-1.2
changeset 1474:e0065ebba5b3 HEAD
If client tries to do LOGIN even if it's disabled, send [ALERT] to user.
author | Timo Sirainen <tss@iki.fi> |
---|---|
date | Fri, 16 May 2003 20:09:42 +0300 |
parents | 7709e997903f |
children | 474e4b205af7 |
files | src/imap-login/client-authenticate.c |
diffstat | 1 files changed, 4 insertions(+), 0 deletions(-) [+] |
line wrap: on
line diff
--- a/src/imap-login/client-authenticate.c Fri May 16 20:05:42 2003 +0300 +++ b/src/imap-login/client-authenticate.c Fri May 16 20:09:42 2003 +0300 @@ -167,6 +167,10 @@ pass = IMAP_ARG_STR(&args[1]); if (!client->tls && disable_plaintext_auth) { + client_send_line(client, + "* BAD [ALERT] Plaintext authentication is disabled, " + "but your client sent password in plaintext anyway." + "If anyone was listening, the password was exposed."); client_send_tagline(client, "NO Plaintext authentication disabled."); return TRUE;