*-login: Moved common code to sasl_server_get_advertised_mechs().

--HG--
branch : HEAD

diff --git a/src/imap-login/client-authenticate.c b/src/imap-login/client-authenticate.c
index f04f9f9f98aaa025891766189aeec0bd25ab1001..2c9ec1045e052af3c14a015cdb3c53e80c9690de 100644 (file)
--- a/src/imap-login/client-authenticate.c
+++ b/src/imap-login/client-authenticate.c
@@ -29,20 +29,11 @@ const char *client_authenticate_get_capabilities(struct imap_client *client)
        string_t *str;
 
        str = t_str_new(128);
-       mech = auth_client_get_available_mechs(auth_client, &count);
+       mech = sasl_server_get_advertised_mechs(&client->common, &count);
        for (i = 0; i < count; i++) {
-               /* a) transport is secured
-                  b) auth mechanism isn't plaintext
-                  c) we allow insecure authentication
-               */
-               if ((mech[i].flags & MECH_SEC_PRIVATE) == 0 &&
-                   (client->common.secured ||
-                    !client->common.set->disable_plaintext_auth ||
-                    (mech[i].flags & MECH_SEC_PLAINTEXT) == 0)) {
-                       str_append_c(str, ' ');
-                       str_append(str, "AUTH=");
-                       str_append(str, mech[i].name);
-               }
+               str_append_c(str, ' ');
+               str_append(str, "AUTH=");
+               str_append(str, mech[i].name);
        }
 
        return str_c(str);

diff --git a/src/login-common/sasl-server.c b/src/login-common/sasl-server.c
index bd98bd76a4e92c59dfb627dee0cf7be225111380..1bbbb630a6f4c085b42293c7c44a4ca3fa5dfb8e 100644 (file)
--- a/src/login-common/sasl-server.c
+++ b/src/login-common/sasl-server.c
@@ -21,6 +21,34 @@
        "Maximum number of connections from user+IP exceeded " \
        "(mail_max_userip_connections)"
 
+const struct auth_mech_desc *
+sasl_server_get_advertised_mechs(struct client *client, unsigned int *count_r)
+{
+       const struct auth_mech_desc *mech;
+       struct auth_mech_desc *ret_mech;
+       unsigned int i, j, count;
+
+       mech = auth_client_get_available_mechs(auth_client, &count);
+       if (count == 0) {
+               *count_r = 0;
+               return NULL;
+       }
+
+       ret_mech = t_new(struct auth_mech_desc, count);
+       for (i = j = 0; i < count; i++) {
+               /* a) transport is secured
+                  b) auth mechanism isn't plaintext
+                  c) we allow insecure authentication
+               */
+               if ((mech[i].flags & MECH_SEC_PRIVATE) == 0 &&
+                   (client->secured || !client->set->disable_plaintext_auth ||
+                    (mech[i].flags & MECH_SEC_PLAINTEXT) == 0))
+                       ret_mech[j++] = mech[i];
+       }
+       *count_r = j;
+       return ret_mech;
+}
+
 static enum auth_request_flags
 client_get_auth_flags(struct client *client)
 {

diff --git a/src/login-common/sasl-server.h b/src/login-common/sasl-server.h
index 99214894aa4d41ae3201048574e02fadb1b914bf..7c8940ba18912f311c07460a39cc2873838251b3 100644 (file)
--- a/src/login-common/sasl-server.h
+++ b/src/login-common/sasl-server.h
@@ -15,6 +15,9 @@ typedef void sasl_server_callback_t(struct client *client,
                                    enum sasl_server_reply reply,
                                    const char *data, const char *const *args);
 
+const struct auth_mech_desc *
+sasl_server_get_advertised_mechs(struct client *client, unsigned int *count_r);
+
 void sasl_server_auth_begin(struct client *client,
                            const char *service, const char *mech_name,
                            const char *initial_resp_base64,

diff --git a/src/pop3-login/client-authenticate.c b/src/pop3-login/client-authenticate.c
index f8b4a2980c281573a802b9344224e0b51426163e..6a4e29cc6e406d943c1bf326091cf5fc75d075d2 100644 (file)
--- a/src/pop3-login/client-authenticate.c
+++ b/src/pop3-login/client-authenticate.c
@@ -41,19 +41,10 @@ bool cmd_capa(struct pop3_client *client, const char *args ATTR_UNUSED)
                str_append(str, "USER\r\n");
 
        str_append(str, "SASL");
-       mech = auth_client_get_available_mechs(auth_client, &count);
+       mech = sasl_server_get_advertised_mechs(&client->common, &count);
        for (i = 0; i < count; i++) {
-               /* a) transport is secured
-                  b) auth mechanism isn't plaintext
-                  c) we allow insecure authentication
-               */
-               if ((mech[i].flags & MECH_SEC_PRIVATE) == 0 &&
-                   (client->common.secured ||
-                    !client->common.set->disable_plaintext_auth ||
-                    (mech[i].flags & MECH_SEC_PLAINTEXT) == 0)) {
-                       str_append_c(str, ' ');
-                       str_append(str, mech[i].name);
-               }
+               str_append_c(str, ' ');
+               str_append(str, mech[i].name);
        }
        str_append(str, "\r\n.");