[dovecot-cvs] dovecot/src/pop3-login client-authenticate.c,1.5,1.6
cras at procontrol.fi
cras at procontrol.fi
Fri May 16 21:05:44 EEST 2003
Update of /home/cvs/dovecot/src/pop3-login
In directory danu:/tmp/cvs-serv5614/pop3-login
Modified Files:
client-authenticate.c
Log Message:
Don't advertise AUTH=PLAIN in capability if disable_plaintext_auth = yes and
SSL/TLS is not yet negotiated.
Index: client-authenticate.c
===================================================================
RCS file: /home/cvs/dovecot/src/pop3-login/client-authenticate.c,v
retrieving revision 1.5
retrieving revision 1.6
diff -u -d -r1.5 -r1.6
--- client-authenticate.c 2 Feb 2003 10:53:43 -0000 1.5
+++ client-authenticate.c 16 May 2003 17:05:42 -0000 1.6
@@ -33,7 +33,9 @@
str_append(str, "SASL");
for (i = 0; i < AUTH_MECH_COUNT; i++) {
if ((auth_mechs & auth_mech_desc[i].mech) &&
- auth_mech_desc[i].name != NULL) {
+ auth_mech_desc[i].name != NULL &&
+ (client->tls || !auth_mech_desc[i].plaintext ||
+ !disable_plaintext_auth)) {
str_append_c(str, ' ');
str_append(str, auth_mech_desc[i].name);
}
More information about the dovecot-cvs
mailing list