*-login: Don't disable auth penalty for login_trusted_networks.

It might or might not be a webmail (or something) that has its own penalty.
If the old behavior is still wanted, it's possible to do nowadays with e.g.:

passdb {
 driver = passwd-file
 args = username_format=%{rip} /etc/dovecot/passdb
}

/etc/dovecot/passdb:
192.168.10.123:::::::nodelay=yes
192.168.10.124:::::::nodelay=yes

diff --git a/src/login-common/sasl-server.c b/src/login-common/sasl-server.c
index 8323b02dae3fb43a5dd8bf417d94f6a85d356b64..5d6d29cf9a9afabe0ddae46f30e331cb3cff2e1b 100644 (file)
--- a/src/login-common/sasl-server.c
+++ b/src/login-common/sasl-server.c
@@ -69,10 +69,6 @@ client_get_auth_flags(struct client *client)
                auth_flags |= AUTH_REQUEST_FLAG_VALID_CLIENT_CERT;
        if (client->secured)
                auth_flags |= AUTH_REQUEST_FLAG_SECURED;
-       if (client->trusted) {
-               /* e.g. webmail */
-               auth_flags |= AUTH_REQUEST_FLAG_NO_PENALTY;
-       }
        if (login_binary->sasl_support_final_reply)
                auth_flags |= AUTH_REQUEST_FLAG_SUPPORT_FINAL_RESP;
        return auth_flags;