[dovecot-cvs] dovecot/src/login-common sasl-server.c, 1.10, 1.10.2.1 sasl-server.h, 1.4, 1.4.2.1

[cras at dovecot.org]

Update of /var/lib/cvs/dovecot/src/login-common
In directory talvi:/tmp/cvs-serv13740/login-common

Modified Files:
      Tag: branch_1_0
	sasl-server.c sasl-server.h 
Log Message:
IMAP: Reply with tagged BAD if authentication is aborted because client sent
"*" or something else that was a client error.

If authentication failed for any reason, the error message was always
"Authentication failed". In case of client errors or if auth process gave
an error message, it should have been that instead.



Index: sasl-server.c
===================================================================
RCS file: /var/lib/cvs/dovecot/src/login-common/sasl-server.c,v
retrieving revision 1.10
retrieving revision 1.10.2.1
diff -u -d -r1.10 -r1.10.2.1
--- sasl-server.c	13 Jan 2006 20:26:39 -0000	1.10
+++ sasl-server.c	5 Jun 2006 20:25:08 -0000	1.10.2.1
@@ -119,15 +119,15 @@
 
 	mech = auth_client_find_mech(auth_client, mech_name);
 	if (mech == NULL) {
-		sasl_server_auth_cancel(client, 
+		sasl_server_auth_client_error(client,
 			"Unsupported authentication mechanism.");
 		return;
 	}
 
 	if (!client->secured && disable_plaintext_auth &&
 	    (mech->flags & MECH_SEC_PLAINTEXT) != 0) {
-		sasl_server_auth_cancel(client,
-					"Plaintext authentication disabled.");
+		sasl_server_auth_client_error(client,
+			"Plaintext authentication disabled.");
 		return;
 	}
 
@@ -145,12 +145,13 @@
 		auth_client_request_new(auth_client, NULL, &info,
 					authenticate_callback, client, &error);
 	if (client->auth_request == NULL) {
-		sasl_server_auth_cancel(client,
+		sasl_server_auth_failed(client,
 			 t_strconcat("Authentication failed: ", error, NULL));
 	}
 }
 
-void sasl_server_auth_cancel(struct client *client, const char *reason)
+static void sasl_server_auth_cancel(struct client *client, const char *reason,
+				    enum sasl_server_reply reply)
 {
 	if (verbose_auth && reason != NULL) {
 		const char *auth_name =
@@ -167,6 +168,15 @@
 		client->auth_request = NULL;
 	}
 
-	client->sasl_callback(client, SASL_SERVER_REPLY_AUTH_FAILED,
-			      reason, NULL);
+	client->sasl_callback(client, reply, reason, NULL);
+}
+
+void sasl_server_auth_failed(struct client *client, const char *reason)
+{
+	sasl_server_auth_cancel(client, reason, SASL_SERVER_REPLY_AUTH_FAILED);
+}
+
+void sasl_server_auth_client_error(struct client *client, const char *reason)
+{
+	sasl_server_auth_cancel(client, reason, SASL_SERVER_REPLY_CLIENT_ERROR);
 }

Index: sasl-server.h
===================================================================
RCS file: /var/lib/cvs/dovecot/src/login-common/sasl-server.h,v
retrieving revision 1.4
retrieving revision 1.4.2.1
diff -u -d -r1.4 -r1.4.2.1
--- sasl-server.h	19 Oct 2004 02:51:37 -0000	1.4
+++ sasl-server.h	5 Jun 2006 20:25:08 -0000	1.4.2.1
@@ -4,6 +4,7 @@
 enum sasl_server_reply {
 	SASL_SERVER_REPLY_SUCCESS,
 	SASL_SERVER_REPLY_AUTH_FAILED,
+	SASL_SERVER_REPLY_CLIENT_ERROR,
 	SASL_SERVER_REPLY_MASTER_FAILED,
 	SASL_SERVER_REPLY_CONTINUE
 };
@@ -16,6 +17,7 @@
 			    const char *service, const char *mech_name,
 			    const char *initial_resp_base64,
 			    sasl_server_callback_t *callback);
-void sasl_server_auth_cancel(struct client *client, const char *reason);
+void sasl_server_auth_failed(struct client *client, const char *reason);
+void sasl_server_auth_client_error(struct client *client, const char *reason);
 
 #endif