This week, we finally dragged UNC into the 21st century and disabled
unencrypted plaintext logins. In so doing, we found the default message
for rejecting unencrypted LOGIN attempts, "Login only available under a
layer," to be confusing to our users.
This patch just overloads "plaintextloginalert" to also be the reject
message if allowplaintext is set to 0. It is otherwise only used if
allowplaintext is set to 1.
This is a patch to the 2.3.16 codebase, and is entered in Bugzilla as 3247.
Michael Bacon
ITS Messaging
UNC Chapel Hill
Index: imapd.c
===================================================================
RCS file: /cvs/src/cyrus/imap/imapd.c,v
retrieving revision 1.575
diff -u -r1.575 imapd.c
--- imapd.c 16 Dec 2009 02:51:39 -0000 1.575
+++ imapd.c 4 Aug 2010 17:42:53 -0000
@@ -2049,8 +2049,18 @@
!config_getswitch(IMAPOPT_ALLOWPLAINTEXT) &&
!is_userid_anonymous(canon_user)) {
eatline(imapd_in, ' ');
- prot_printf(imapd_out, "%s NO Login only available under a
layer\r\n",
- tag);
+
+ plaintextloginalert =
config_getstring(IMAPOPT_PLAINTEXTLOGINALERT);
+
+ if (plaintextloginalert) {
+ prot_printf(imapd_out, "%s NO %s\r\n",
+ tag, plaintextloginalert);
+ /* Don't alert twice */
+ plaintextloginalert = NULL;
+ } else {
+ prot_printf(imapd_out,
+ "%s NO Login only available under a layer\r\n", tag);
+ }
return;
}
