oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

if using SASL, don't allow plaintext USER/PASS

Browse Source 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@13927 ec53bebd-3082-4978-b11e-865c3cabbd6b
This commit is contained in:
Johan Danielsson
2004-06-14 08:14:16 +00:00
parent 0985fdc628
commit d2e71b5db5
1 changed files with 10 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
appl/popper/pop_user.c
View File

@@ -18,19 +18,19 @@ pop_user (POP *p)
strlcpy(p->user, p->pop_parm[1], sizeof(p->user)); strlcpy(p->user, p->pop_parm[1], sizeof(p->user));
#ifdef OTP if (p->auth_level == AUTH_OTP) {
if (otp_challenge (&p->otp_ctx, p->user, ss, sizeof(ss)) == 0) {
return pop_msg(p, POP_SUCCESS, "Password %s required for %s.",
ss, p->user);
} else
#endif
if (p->auth_level != AUTH_NONE) {
char *s = NULL; char *s = NULL;
#ifdef OTP #ifdef OTP
if(otp_challenge (&p->otp_ctx, p->user, ss, sizeof(ss)) == 0)
return pop_msg(p, POP_SUCCESS, "Password %s required for %s.",
ss, p->user);
s = otp_error(&p->otp_ctx); s = otp_error(&p->otp_ctx);
#endif
return pop_msg(p, POP_FAILURE, "Permission denied%s%s", return pop_msg(p, POP_FAILURE, "Permission denied%s%s",
s ? ":" : "", s ? s : ""); s ? ":" : "", s ? s : "");
} else #endif
return pop_msg(p, POP_SUCCESS, "Password required for %s.", p->user); }
if (p->auth_level == AUTH_SASL) {
return pop_msg(p, POP_FAILURE, "Permission denied");
}
return pop_msg(p, POP_SUCCESS, "Password required for %s.", p->user);
} }