login: Rename disable_plaintext_auth to auth_allow_cleartext

author Aki Tuomi <aki.tuomi@open-xchange.com>

Thu, 14 Jul 2022 07:48:50 +0000 (10:48 +0300)

committer aki.tuomi <aki.tuomi@open-xchange.com>

Wed, 20 Jul 2022 09:22:54 +0000 (09:22 +0000)
author Aki Tuomi <aki.tuomi@open-xchange.com>
Thu, 14 Jul 2022 07:48:50 +0000 (10:48 +0300)
committer aki.tuomi <aki.tuomi@open-xchange.com>
Wed, 20 Jul 2022 09:22:54 +0000 (09:22 +0000)
diff --git a/src/imap-login/imap-login-client.c b/src/imap-login/imap-login-client.c

index c7e7d54e2b52ad0ee8fc59aecd1226e89e17070c..afbb3edddda95a3d7953860778c0ed4b3ba5d48d 100644 (file)
--- a/src/imap-login/imap-login-client.c
+++ b/src/imap-login/imap-login-client.c
@@ -81,7 +81,7 @@ static bool is_login_cmd_disabled(struct client *client)
                 }
                 return FALSE;
         }
-       if (client->set->disable_plaintext_auth)
+       if (!client->set->auth_allow_cleartext)
                 return TRUE;
         if (strcmp(client->ssl_set->ssl, "required") == 0)
                 return TRUE;
diff --git a/src/login-common/client-common-auth.c b/src/login-common/client-common-auth.c

index 74363411eb051754721eb7e8d35aa6fcdc301cda..40e18dda84690ccb770f7f80eb2dd3e53c721274 100644 (file)
--- a/src/login-common/client-common-auth.c
+++ b/src/login-common/client-common-auth.c
@@ -1060,7 +1060,7 @@ bool client_check_plaintext_auth(struct client *client, bool pass_sent)
  {
         bool ssl_required = (strcmp(client->ssl_set->ssl, "required") == 0);
  
-       if (client->secured || (!client->set->disable_plaintext_auth &&
+       if (client->secured || (client->set->auth_allow_cleartext &&
                                 !ssl_required))
                 return TRUE;
  
diff --git a/src/login-common/login-settings.c b/src/login-common/login-settings.c

index e1080f840cc174cd253e0457b0c6ecbe84de2844..0ee392dafc17b49ede3edbaa911264c7746b33e7 100644 (file)
--- a/src/login-common/login-settings.c
+++ b/src/login-common/login-settings.c
@@ -38,7 +38,7 @@ static const struct setting_define login_setting_defines[] = {
         DEF(BOOL, auth_ssl_require_client_cert),
         DEF(BOOL, auth_ssl_username_from_cert),
  
-       DEF(BOOL, disable_plaintext_auth),
+       DEF(BOOL, auth_allow_cleartext),
         DEF(BOOL, auth_verbose),
         DEF(BOOL, auth_debug),
         DEF(BOOL, verbose_proctitle),
@@ -67,7 +67,7 @@ static const struct login_settings login_default_settings = {
         .auth_ssl_require_client_cert = FALSE,
         .auth_ssl_username_from_cert = FALSE,
  
-       .disable_plaintext_auth = TRUE,
+       .auth_allow_cleartext = FALSE,
         .auth_verbose = FALSE,
         .auth_debug = FALSE,
         .verbose_proctitle = FALSE,
diff --git a/src/login-common/login-settings.h b/src/login-common/login-settings.h

index 35771f9c441ebc6a864af234b549bf43035b0b3f..686ef7ceba60ecc4fd5de0c12b31c5f95cb7ef00 100644 (file)
--- a/src/login-common/login-settings.h
+++ b/src/login-common/login-settings.h
@@ -23,7 +23,7 @@ struct login_settings {
         bool auth_ssl_require_client_cert;
         bool auth_ssl_username_from_cert;
  
-       bool disable_plaintext_auth;
+       bool auth_allow_cleartext;
         bool auth_verbose;
         bool auth_debug;
         bool auth_debug_passwords;
diff --git a/src/login-common/sasl-server.c b/src/login-common/sasl-server.c

index ef6730da4bfa6cf35fd5e450265d2d5850814863..23af140cd74226c109af8f45c13cae0bd47291c3 100644 (file)
--- a/src/login-common/sasl-server.c
+++ b/src/login-common/sasl-server.c
@@ -68,7 +68,7 @@ sasl_server_get_advertised_mechs(struct client *client, unsigned int *count_r)
                    c) we allow insecure authentication
                 */
                 if ((fmech.flags & MECH_SEC_PRIVATE) == 0 &&
-                   (client->secured || !client->set->disable_plaintext_auth ||
+                   (client->secured || client->set->auth_allow_cleartext ||
                      (fmech.flags & MECH_SEC_PLAINTEXT) == 0))
                         ret_mech[j++] = fmech;
         }
@@ -519,7 +519,7 @@ void sasl_server_auth_begin(struct client *client, const char *mech_name,
  
         i_assert(!private || (mech->flags & MECH_SEC_PRIVATE) != 0);
  
-       if (!client->secured && client->set->disable_plaintext_auth &&
+       if (!client->secured && !client->set->auth_allow_cleartext &&
             (mech->flags & MECH_SEC_PLAINTEXT) != 0) {
                 sasl_server_auth_failed(client,
                         "Plaintext authentication disabled.",
diff --git a/src/pop3-login/client-authenticate.c b/src/pop3-login/client-authenticate.c

index b4ead6857787ad985dd9130036763709a1f66a0e..d70c91252383c961ca171ce1fdb095c268a7b6a3 100644 (file)
--- a/src/pop3-login/client-authenticate.c
+++ b/src/pop3-login/client-authenticate.c
@@ -33,7 +33,7 @@ bool cmd_capa(struct pop3_client *client, const char *args ATTR_UNUSED)
  
         if (client_is_tls_enabled(&client->common) && !client->common.tls)
                 str_append(str, "STLS\r\n");
-       if (!client->common.set->disable_plaintext_auth ||
+       if (client->common.set->auth_allow_cleartext ||
             client->common.secured)
                 str_append(str, "USER\r\n");
author	Aki Tuomi <aki.tuomi@open-xchange.com>
	Thu, 14 Jul 2022 07:48:50 +0000 (10:48 +0300)
committer	aki.tuomi <aki.tuomi@open-xchange.com>
	Wed, 20 Jul 2022 09:22:54 +0000 (09:22 +0000)
src/imap-login/imap-login-client.c		patch \| blob \| blame \| history
src/login-common/client-common-auth.c		patch \| blob \| blame \| history
src/login-common/login-settings.c		patch \| blob \| blame \| history
src/login-common/login-settings.h		patch \| blob \| blame \| history
src/login-common/sasl-server.c		patch \| blob \| blame \| history
src/pop3-login/client-authenticate.c		patch \| blob \| blame \| history