From: Timo Sirainen Date: Wed, 17 Dec 2008 18:12:11 +0000 (+0200) Subject: Mention SSL/TLS in "plaintext auth disallowed" error. X-Git-Tag: 1.2.beta1~179 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=276165201f2c553b70c768a1746cdc60744141c6;p=thirdparty%2Fdovecot%2Fcore.git Mention SSL/TLS in "plaintext auth disallowed" error. --HG-- branch : HEAD --- diff --git a/TODO b/TODO index 5b534c8c2d..f8bcc266a5 100644 --- a/TODO +++ b/TODO @@ -1,3 +1,17 @@ + - proxying: support fallbacking to local (or other?) server if the first + one is down +user_attrs { + uid = %{ldap:uidNumber} + home = %{ldap:homeDirectory} + quota_bytes = *:bytes=%{ldap:quota} +} + +fts_solr: select() failed: Interrupted system call +fts_solr: Indexing failed: (null) + +imap(tss)(pid=12890): Error: dovecot-acl-list creation failed: +safe_mkstemp(/usr/local/var/run/dovecot/user-not-found/test/temp.hurina.12890.87eb6b37b351b733) failed: No such file or directory + - i_panic("Message count decreased") happens - why? - fts-solr: handle DELETE, RENAME - fsck -> log_file_tail_offset 2273345664 -> 996 -> @@ -102,8 +116,6 @@ - maildir - don't allow more than 26 keywords - physical separator could be configurable - - setting flags to same as they already are causes unnecessary - rename()s with identical parameters - deliver+maildir: if new mails are in new/ or cur/ they're not added to dovecot-uidlist but newly saved mails are, so UIDs will be in wrong order - maildir_copy_with_hardlinks: We're currently first hardlinking to tmp/ and diff --git a/src/imap-login/client-authenticate.c b/src/imap-login/client-authenticate.c index 8006b0e465..03853f7dd0 100644 --- a/src/imap-login/client-authenticate.c +++ b/src/imap-login/client-authenticate.c @@ -352,8 +352,8 @@ int cmd_login(struct imap_client *client, const struct imap_arg *args) client->common.auth_tried_disabled_plaintext = TRUE; client->common.auth_attempts++; client_send_line(client, - "* BAD [ALERT] Plaintext authentication is disabled, " - "but your client sent password in plaintext anyway. " + "* BAD [ALERT] Plaintext authentication not allowed " + "without SSL/TLS, but your client did it anyway. " "If anyone was listening, the password was exposed."); client_send_tagline(client, "NO ["IMAP_RESP_CODE_CLIENTBUG"] " AUTH_PLAINTEXT_DISABLED_MSG); diff --git a/src/login-common/common.h b/src/login-common/common.h index 23618676f4..efb8c13ef9 100644 --- a/src/login-common/common.h +++ b/src/login-common/common.h @@ -9,7 +9,7 @@ #define AUTH_FAILED_MSG "Authentication failed." #define AUTH_TEMP_FAILED_MSG "Temporary authentication failure." #define AUTH_PLAINTEXT_DISABLED_MSG \ - "Plaintext authentication disallowed on non-secure connections." + "Plaintext authentication disallowed on non-secure (SSL/TLS) connections." extern const char *login_protocol;