From: Timo Sirainen <tss@iki.fi>
Date: Sun, 21 Dec 2008 08:15:58 +0000 (+0200)
Subject: Log a warning at startup if there doesn't seem to be any way to log in from non-local... 
X-Git-Tag: 1.2.beta1~159
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=5ac49ccf11501ec1d97bf3cb66f46f82fd0816ca;p=thirdparty%2Fdovecot%2Fcore.git

Log a warning at startup if there doesn't seem to be any way to log in from non-localhost.

--HG--
branch : HEAD
---

diff --git a/src/master/master-settings.c b/src/master/master-settings.c
index a2bc583230..93bbdf5016 100644
--- a/src/master/master-settings.c
+++ b/src/master/master-settings.c
@@ -581,6 +581,26 @@ static bool settings_have_connect_sockets(struct settings *set)
 	return FALSE;
 }
 
+static bool settings_have_nonplaintext_auths(struct settings *set)
+{
+	struct auth_settings *auth;
+	struct server_settings *server;
+	const char *const *tmp;
+
+	for (server = set->server; server != NULL; server = server->next) {
+		for (auth = server->auths; auth != NULL; auth = auth->next) {
+			tmp = t_strsplit_spaces(auth->mechanisms, " ");
+			for (; *tmp != NULL; tmp++) {
+				if (strcasecmp(*tmp, "PLAIN") != 0 &&
+				    strcasecmp(*tmp, "LOGIN") != 0)
+					return TRUE;
+			}
+		}
+	}
+
+	return FALSE;
+}
+
 static void unlink_auth_sockets(const char *path, const char *prefix)
 {
 	DIR *dirp;
@@ -838,6 +858,13 @@ static bool settings_verify(struct settings *set)
 		return FALSE;
 	}
 #endif
+	if (set->ssl_disable && set->disable_plaintext_auth &&
+	    strncmp(set->listen, "127.", 4) != 0 &&
+	    !settings_have_nonplaintext_auths(set)) {
+		i_warning("There is no way to login to this server: "
+			  "disable_plaintext_auth=yes, ssl_disable=yes, "
+			  "no non-plaintext auth mechanisms.");
+	}
 
 	if (set->max_mail_processes < 1) {
 		i_error("max_mail_processes must be at least 1");