[dovecot-cvs] dovecot/src/pop3-login client-authenticate.c,1.11,1.12 client.c,1.15,1.16 client.h,1.6,1.7

Sun Aug 24 11:55:25 EEST 2003

Update of /home/cvs/dovecot/src/pop3-login
In directory danu:/tmp/cvs-serv4540/src/pop3-login

Modified Files:
	client-authenticate.c client.c client.h 
Log Message:
disable_plaintext_auth defaults to yes now. ipv4 127.* and ipv6 ::1
addresses are considered secure however and plaintext authentication is
allowed from them.



Index: client-authenticate.c
===================================================================
RCS file: /home/cvs/dovecot/src/pop3-login/client-authenticate.c,v
retrieving revision 1.11
retrieving revision 1.12
diff -u -d -r1.11 -r1.12

--- client-authenticate.c	22 Aug 2003 18:57:00 -0000	1.11
+++ client-authenticate.c	24 Aug 2003 07:55:23 -0000	1.12
@@ -36,7 +36,7 @@
 		for (i = 0; i < AUTH_MECH_COUNT; i++) {
 			if ((auth_mechs & auth_mech_desc[i].mech) &&
 			    auth_mech_desc[i].name != NULL &&
-			    (client->tls || !auth_mech_desc[i].plaintext ||
+			    (client->secured || !auth_mech_desc[i].plaintext ||
 			     !disable_plaintext_auth)) {
 				str_append_c(str, ' ');
 				str_append(str, auth_mech_desc[i].name);
@@ -156,7 +156,7 @@
 
 int cmd_user(struct pop3_client *client, const char *args)
 {
-	if (!client->tls && disable_plaintext_auth) {
+	if (!client->secured && disable_plaintext_auth) {
 		client_send_line(client,
 				 "-ERR Plaintext authentication disabled.");
 		return TRUE;
@@ -284,7 +284,7 @@
 		return TRUE;
 	}
 
-	if (!client->tls && mech->plaintext && disable_plaintext_auth) {
+	if (!client->secured && mech->plaintext && disable_plaintext_auth) {
 		client_send_line(client,
 				 "-ERR Plaintext authentication disabled.");
 		return TRUE;

Index: client.c
===================================================================
RCS file: /home/cvs/dovecot/src/pop3-login/client.c,v
retrieving revision 1.15
retrieving revision 1.16
diff -u -d -r1.15 -r1.16
--- client.c	22 Aug 2003 18:57:00 -0000	1.15
+++ client.c	24 Aug 2003 07:55:23 -0000	1.16
@@ -83,6 +83,7 @@
 	fd_ssl = ssl_proxy_new(client->common.fd, &client->common.ip);
 	if (fd_ssl != -1) {
 		client->tls = TRUE;
+		client->secured = TRUE;
                 client_set_title(client);
 
 		client->common.fd = fd_ssl;
@@ -234,6 +235,7 @@
 struct client *client_create(int fd, struct ip_addr *ip, int ssl)
 {
 	struct pop3_client *client;
+	const char *addr;
 
 	if (max_logging_users > CLIENT_DESTROY_OLDEST_COUNT &&
 	    hash_size(clients) >= max_logging_users) {
@@ -249,6 +251,11 @@
 	client->created = ioloop_time;
 	client->refcount = 1;
 	client->tls = ssl;
+
+        addr = net_ip2addr(ip);
+	client->secured = ssl ||
+		(IPADDR_IS_V4(ip) && strncmp(addr, "127.", 4) == 0) ||
+		(IPADDR_IS_V6(ip) && strcmp(addr, "::1") == 0);
 
 	client->common.ip = *ip;
 	client->common.fd = fd;

Index: client.h
===================================================================
RCS file: /home/cvs/dovecot/src/pop3-login/client.h,v
retrieving revision 1.6
retrieving revision 1.7
diff -u -d -r1.6 -r1.7
--- client.h	22 Aug 2003 18:57:00 -0000	1.6
+++ client.h	24 Aug 2003 07:55:23 -0000	1.7
@@ -20,6 +20,7 @@
 	buffer_t *plain_login;
 
 	unsigned int tls:1;
+	unsigned int secured:1;
 	unsigned int input_blocked:1;
 	unsigned int destroyed:1;
 };

