From: Timo Sirainen Date: Sun, 9 Aug 2009 20:20:31 +0000 (-0400) Subject: *-login: Moved common code to sasl_server_get_advertised_mechs(). X-Git-Tag: 2.0.alpha1~299 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=a19c6b87b303dd99c26598949ce71c040e10e353;p=thirdparty%2Fdovecot%2Fcore.git *-login: Moved common code to sasl_server_get_advertised_mechs(). --HG-- branch : HEAD --- diff --git a/src/imap-login/client-authenticate.c b/src/imap-login/client-authenticate.c index f04f9f9f98..2c9ec1045e 100644 --- a/src/imap-login/client-authenticate.c +++ b/src/imap-login/client-authenticate.c @@ -29,20 +29,11 @@ const char *client_authenticate_get_capabilities(struct imap_client *client) string_t *str; str = t_str_new(128); - mech = auth_client_get_available_mechs(auth_client, &count); + mech = sasl_server_get_advertised_mechs(&client->common, &count); for (i = 0; i < count; i++) { - /* a) transport is secured - b) auth mechanism isn't plaintext - c) we allow insecure authentication - */ - if ((mech[i].flags & MECH_SEC_PRIVATE) == 0 && - (client->common.secured || - !client->common.set->disable_plaintext_auth || - (mech[i].flags & MECH_SEC_PLAINTEXT) == 0)) { - str_append_c(str, ' '); - str_append(str, "AUTH="); - str_append(str, mech[i].name); - } + str_append_c(str, ' '); + str_append(str, "AUTH="); + str_append(str, mech[i].name); } return str_c(str); diff --git a/src/login-common/sasl-server.c b/src/login-common/sasl-server.c index bd98bd76a4..1bbbb630a6 100644 --- a/src/login-common/sasl-server.c +++ b/src/login-common/sasl-server.c @@ -21,6 +21,34 @@ "Maximum number of connections from user+IP exceeded " \ "(mail_max_userip_connections)" +const struct auth_mech_desc * +sasl_server_get_advertised_mechs(struct client *client, unsigned int *count_r) +{ + const struct auth_mech_desc *mech; + struct auth_mech_desc *ret_mech; + unsigned int i, j, count; + + mech = auth_client_get_available_mechs(auth_client, &count); + if (count == 0) { + *count_r = 0; + return NULL; + } + + ret_mech = t_new(struct auth_mech_desc, count); + for (i = j = 0; i < count; i++) { + /* a) transport is secured + b) auth mechanism isn't plaintext + c) we allow insecure authentication + */ + if ((mech[i].flags & MECH_SEC_PRIVATE) == 0 && + (client->secured || !client->set->disable_plaintext_auth || + (mech[i].flags & MECH_SEC_PLAINTEXT) == 0)) + ret_mech[j++] = mech[i]; + } + *count_r = j; + return ret_mech; +} + static enum auth_request_flags client_get_auth_flags(struct client *client) { diff --git a/src/login-common/sasl-server.h b/src/login-common/sasl-server.h index 99214894aa..7c8940ba18 100644 --- a/src/login-common/sasl-server.h +++ b/src/login-common/sasl-server.h @@ -15,6 +15,9 @@ typedef void sasl_server_callback_t(struct client *client, enum sasl_server_reply reply, const char *data, const char *const *args); +const struct auth_mech_desc * +sasl_server_get_advertised_mechs(struct client *client, unsigned int *count_r); + void sasl_server_auth_begin(struct client *client, const char *service, const char *mech_name, const char *initial_resp_base64, diff --git a/src/pop3-login/client-authenticate.c b/src/pop3-login/client-authenticate.c index f8b4a2980c..6a4e29cc6e 100644 --- a/src/pop3-login/client-authenticate.c +++ b/src/pop3-login/client-authenticate.c @@ -41,19 +41,10 @@ bool cmd_capa(struct pop3_client *client, const char *args ATTR_UNUSED) str_append(str, "USER\r\n"); str_append(str, "SASL"); - mech = auth_client_get_available_mechs(auth_client, &count); + mech = sasl_server_get_advertised_mechs(&client->common, &count); for (i = 0; i < count; i++) { - /* a) transport is secured - b) auth mechanism isn't plaintext - c) we allow insecure authentication - */ - if ((mech[i].flags & MECH_SEC_PRIVATE) == 0 && - (client->common.secured || - !client->common.set->disable_plaintext_auth || - (mech[i].flags & MECH_SEC_PLAINTEXT) == 0)) { - str_append_c(str, ' '); - str_append(str, mech[i].name); - } + str_append_c(str, ' '); + str_append(str, mech[i].name); } str_append(str, "\r\n.");