[dovecot-cvs] dovecot/src/imap-login client-authenticate.c,1.6,1.7
cras at procontrol.fi
cras at procontrol.fi
Fri May 16 21:09:44 EEST 2003
Update of /home/cvs/dovecot/src/imap-login
In directory danu:/tmp/cvs-serv6107/imap-login
Modified Files:
client-authenticate.c
Log Message:
If client tries to do LOGIN even if it's disabled, send [ALERT] to user.
Index: client-authenticate.c
===================================================================
RCS file: /home/cvs/dovecot/src/imap-login/client-authenticate.c,v
retrieving revision 1.6
retrieving revision 1.7
diff -u -d -r1.6 -r1.7
--- client-authenticate.c 16 May 2003 17:05:42 -0000 1.6
+++ client-authenticate.c 16 May 2003 17:09:42 -0000 1.7
@@ -167,6 +167,10 @@
pass = IMAP_ARG_STR(&args[1]);
if (!client->tls && disable_plaintext_auth) {
+ client_send_line(client,
+ "* BAD [ALERT] Plaintext authentication is disabled, "
+ "but your client sent password in plaintext anyway."
+ "If anyone was listening, the password was exposed.");
client_send_tagline(client,
"NO Plaintext authentication disabled.");
return TRUE;
More information about the dovecot-cvs
mailing list