Auth failure handling should be more complete, but it's still
horrifically slow to test because the dovecot instance I run has
rate-limits for auth failures.
Perhaps public-inbox-imapd should learn to reject certain
username + password combos, since the -imapd instance on
public-inbox.org sees a fair amount of automated traffic
looking to steal info off leaked credentials.
3/6 is me still learning to use APIs I invent :x
Eric Wong (6):
URInntps: add URI 5.08 release note
lei q: ensure wq workers shutdown on IMAP auth failures
lei tag: fix tagging of IMAP inputs
lei_auth: rename {net_merge} to {net_merge_continue}
net_reader: fix read-only "lei convert" auth failures
xt/lei-auth-fail: test more failure cases
lib/PublicInbox/LEI.pm | 24 ++++++++----------------
lib/PublicInbox/LeiAuth.pm | 17 ++++++++++-------
lib/PublicInbox/LeiTag.pm | 6 +++++-
lib/PublicInbox/NetReader.pm | 5 +++--
lib/PublicInbox/URInntps.pm | 1 +
t/lei-import-imap.t | 1 +
xt/lei-auth-fail.t | 11 +++++++----
7 files changed, 35 insertions(+), 30 deletions(-)
--
unsubscribe: one-click, see List-Unsubscribe header
archive: https://public-inbox.org/meta/
