Sophie

Sophie

distrib > Mandriva > 2010.1 > i586 > media > main-testing-src > by-pkgid > 3360a71f40b196f13ed5026474f80f3c > files > 17

cyrus-imapd-2.3.15-10mdv2010.1.src.rpm

diff -Naurp cyrus-imapd-2.3.13/imap/imapd.c cyrus-imapd-2.3.13.oden/imap/imapd.c
--- cyrus-imapd-2.3.13/imap/imapd.c	2008-12-16 12:26:39.000000000 +0100
+++ cyrus-imapd-2.3.13.oden/imap/imapd.c	2008-12-16 12:25:47.000000000 +0100
@@ -121,6 +121,7 @@ static char shutdownfilename[1024];
 static int imaps = 0;
 static sasl_ssf_t extprops_ssf = 0;
 static int nosaslpasswdcheck = 0;
+static int imapd_allow_plaintext = 0;
 
 /* PROXY STUFF */
 /* we want a list of our outgoing connections here and which one we're
@@ -664,7 +665,10 @@ int service_init(int argc, char **argv, 
     snmp_connect(); /* ignore return code */
     snmp_set_str(SERVER_NAME_VERSION,CYRUS_VERSION);
 
-    while ((opt = getopt(argc, argv, "sp:N")) != EOF) {
+    /* set defaults for allowplaintext */
+    imapd_allow_plaintext=config_getswitch(IMAPOPT_ALLOWPLAINTEXT);
+
+    while ((opt = getopt(argc, argv, "stp:N")) != EOF) {
 	switch (opt) {
 	case 's': /* imaps (do starttls right away) */
 	    imaps = 1;
@@ -681,6 +685,9 @@ int service_init(int argc, char **argv, 
 		   * you know what you're doing! */
 	    nosaslpasswdcheck = 1;
 	    break;
+	case 't': /* allowplaintext: no */
+		imapd_allow_plaintext=0;
+	    break;
 	default:
 	    break;
 	}
@@ -2048,7 +2055,7 @@ void cmd_login(char *tag, char *user)
 
     /* possibly disallow login */
     if (!imapd_starttls_done && (extprops_ssf < 2) &&
-	!config_getswitch(IMAPOPT_ALLOWPLAINTEXT) &&
+	!imapd_allow_plaintext &&
 	!is_userid_anonymous(canon_user)) {
 	eatline(imapd_in, ' ');
 	prot_printf(imapd_out, "%s NO Login only available under a layer\r\n",
@@ -2693,7 +2700,7 @@ void capa_response(int flags)
     }
     if (imapd_authstate ||
 	(!imapd_starttls_done && (extprops_ssf < 2) &&
-	 !config_getswitch(IMAPOPT_ALLOWPLAINTEXT))) {
+	 !imapd_allow_plaintext)) {
 	prot_printf(imapd_out, " LOGINDISABLED");
     }
 
diff -Naurp cyrus-imapd-2.3.13/imap/pop3d.c cyrus-imapd-2.3.13.oden/imap/pop3d.c
--- cyrus-imapd-2.3.13/imap/pop3d.c	2008-12-16 12:26:39.000000000 +0100
+++ cyrus-imapd-2.3.13.oden/imap/pop3d.c	2008-12-16 12:22:03.000000000 +0100
@@ -134,6 +134,7 @@ struct msg {
 static sasl_ssf_t extprops_ssf = 0;
 static int pop3s = 0;
 int popd_starttls_done = 0;
+static int popd_allow_plaintext = 0;
 
 static struct mailbox mboxstruct;
 
@@ -431,7 +432,10 @@ int service_init(int argc __attribute__(
 	fatal(error_message(r), EC_CONFIG);
     }
 
-    while ((opt = getopt(argc, argv, "skp:")) != EOF) {
+    /* set defaults for allowplaintext */
+    popd_allow_plaintext=config_getswitch(IMAPOPT_ALLOWPLAINTEXT);
+
+    while ((opt = getopt(argc, argv, "skpt:")) != EOF) {
 	switch(opt) {
 	case 's': /* pop3s (do starttls right away) */
 	    pop3s = 1;
@@ -450,6 +454,9 @@ int service_init(int argc __attribute__(
 	    extprops_ssf = atoi(optarg);
 	    break;
 
+	case 't': /* allowplaintext: no */
+		popd_allow_plaintext=0;
+	    break;
 	default:
 	    usage();
 	}
@@ -1219,7 +1226,7 @@ void cmd_user(char *user)
 
     /* possibly disallow USER */
     if (!(kflag || popd_starttls_done || (extprops_ssf > 1) ||
-	  config_getswitch(IMAPOPT_ALLOWPLAINTEXT))) {
+	  popd_allow_plaintext)) {
 	prot_printf(popd_out,
 		    "-ERR [AUTH] USER command only available under a layer\r\n");
 	return;
@@ -1389,7 +1396,7 @@ void cmd_capa()
 
     if (!popd_authstate &&
 	(kflag || popd_starttls_done || (extprops_ssf > 1)
-	 || config_getswitch(IMAPOPT_ALLOWPLAINTEXT))) {
+	 || popd_allow_plaintext)) {
 	prot_printf(popd_out, "USER\r\n");
     }
     
diff -Naurp cyrus-imapd-2.3.13/man/imapd.8 cyrus-imapd-2.3.13.oden/man/imapd.8
--- cyrus-imapd-2.3.13/man/imapd.8	2008-08-20 22:41:16.000000000 +0200
+++ cyrus-imapd-2.3.13.oden/man/imapd.8	2008-12-16 12:22:03.000000000 +0100
@@ -68,6 +68,9 @@ imapd \- IMAP server process
 .B \-N
 ]
 [
+.B \-t
+]
+[
 .B \-p
 .I ssf
 ]
@@ -144,6 +147,11 @@ is encrypted using the Secure Sockets La
 .BI \-N
 Bypass password checking.  (Not recommended unless you know what you're doing.)
 .TP
+.BI \-t
+Do not allow the use of cleartext passwords on the wire.  Equivalent to setting
+.I allowplaintext: no
+in the configuration file.
+.TP
 .BI \-p " ssf"
 Tell
 .I imapd
diff -Naurp cyrus-imapd-2.3.13/man/pop3d.8 cyrus-imapd-2.3.13.oden/man/pop3d.8
--- cyrus-imapd-2.3.13/man/pop3d.8	2008-04-04 14:47:00.000000000 +0200
+++ cyrus-imapd-2.3.13.oden/man/pop3d.8	2008-12-16 12:22:03.000000000 +0100
@@ -65,6 +65,9 @@ pop3d \- POP3 server process
 .B \-s
 ]
 [
+.B \-t
+]
+[
 .B \-k
 ]
 [
@@ -119,6 +122,11 @@ Serve POP3 over SSL (pop3s).  All data t
 .I pop3d
 is encrypted using the Secure Sockets Layer.
 .TP
+.BI \-t
+Do not allow the use of cleartext passwords on the wire.  Equivalent to setting
+.I allowplaintext: no
+in the configuration file.
+.TP
 .B \-k
 Serve MIT's KPOP (Kerberized POP) protocol instead.
 .TP

Perl :: Catalyst :: PostgreSQL :: RPM Valid HTML 4.01 Transitional