src/patches/allow_auth_plain_proxying.patch

   1 --- imap/imapd.c
   2 +++ imap/imapd.c        2004/01/16 12:25:51
   3 @@ -578,8 +578,11 @@
   4         fatal("SASL failed initializing: sasl_server_new()", EC_TEMPFAIL);
   5      }
   6
   7 -    /* never allow plaintext, since IMAP has the LOGIN command */
   8 -    secprops = mysasl_secprops(SASL_SEC_NOPLAINTEXT);
   9 +    if( (config_getswitch(IMAPOPT_ALLOWPLAINWITHOUTTLS) == 0) ) {
  10 +        secprops = mysasl_secprops(SASL_SEC_NOPLAINTEXT);
  11 +    } else {
  12 +        secprops = mysasl_secprops(0);
  13 +    }
  14      sasl_setprop(imapd_saslconn, SASL_SEC_PROPS, secprops);
  15      sasl_setprop(imapd_saslconn, SASL_SSF_EXTERNAL, &extprops_ssf);
  16
  17 --- lib/imapoptions
  18 +++ lib/imapoptions     2004/01/16 12:27:52
  19 @@ -684,6 +684,9 @@
  20     to set this to yes, especially if OpenLDAP is used as authentication
  21     source. */
  22
  23 +{ "allowplainwithouttls", 0, SWITCH }
  24 +/* Allow plain login mechanism without an encrypted connection. */
  25 +
  26  /*
  27  .SH SEE ALSO
  28  .PP