return "(tried to use disabled plaintext auth)";
if (client->set->ssl_require_client_cert)
return "(cert required, client didn't start TLS)";
+ if (client->auth_tried_unsupported_mech)
+ return "(tried to use unsupported auth mechanism)";
+ if (client->auth_request != NULL && client->auth_attempts == 1)
+ return "(disconnected while authenticating)";
+ if (client->auth_try_aborted && client->auth_attempts == 1)
+ return "(aborted authentication)";
return t_strdup_printf("(auth failed, %u attempts)",
client->auth_attempts);
unsigned int trusted:1;
unsigned int authenticating:1;
unsigned int auth_tried_disabled_plaintext:1;
+ unsigned int auth_tried_unsupported_mech:1;
+ unsigned int auth_try_aborted:1;
unsigned int auth_initializing:1;
/* ... */
};
mech = auth_client_find_mech(auth_client, mech_name);
if (mech == NULL) {
+ client->auth_tried_unsupported_mech = TRUE;
sasl_server_auth_failed(client,
"Unsupported authentication mechanism.");
return;
if (!client->secured && client->set->disable_plaintext_auth &&
(mech->flags & MECH_SEC_PLAINTEXT) != 0) {
+ client->auth_tried_disabled_plaintext = TRUE;
sasl_server_auth_failed(client,
"Plaintext authentication disabled.");
return;
void sasl_server_auth_abort(struct client *client)
{
+ client->auth_try_aborted = TRUE;
sasl_server_auth_cancel(client, NULL, SASL_SERVER_REPLY_AUTH_ABORTED);
}
projects / thirdparty / dovecot / core.git / commitdiff
