Implement RFC 2595 LOGINDISABLED

Warn the user and abort when we attempt a plaintext login, but the server has explicitly disabled plaintext logins. Signed-off-by: Sebastian Spaeth <Sebastian@SSpaeth.de>
2024-06-26 07:29:03 +02:00 · 2011-09-16 13:57:55 +02:00 · 2011-09-16 13:57:55 +02:00 · 1ac9dc7fb4
commit 1ac9dc7fb4
parent 19ff636390
2 changed files with 10 additions and 5 deletions
--- a/Changelog.draft.rst
+++ b/Changelog.draft.rst
@ -20,6 +20,10 @@ New Features
  future. Starting with this version, OfflineImap will be
  forward-compatible with the per-account locking style.

+* Implement RFC 2595 LOGINDISABLED. Warn the user and abort when we
+  attempt a plaintext login but the server has explicitly disabled
+  plaintext logins rather than crashing.
+
 Changes
 -------

@ -30,8 +34,3 @@ Bug Fixes

 * New emails are not created with "-rwxr-xr-x" but as "-rw-r--r--"
  anymore, fixing a regression in 6.3.4.
-
-Pending for the next major release
-==================================
-
-* UIs get shorter and nicer names. (API changing)
--- a/offlineimap/imapserver.py
+++ b/offlineimap/imapserver.py
@ -262,6 +262,12 @@ class IMAPServer:
                                except imapobj.error, val:
                                    self.plainauth(imapobj)
                            else:
+                                # Use plaintext login, unless
+                                # LOGINDISABLED (RFC2595)
+                                if 'LOGINDISABLED' in imapobj.capabilities:
+                                    raise OfflineImapError("Plaintext login "
+                                       "disabled by server. Need to use SSL?",
+                                        OfflineImapError.ERROR.REPO)
                                self.plainauth(imapobj)
                        # Would bail by here if there was a failure.
                        success = 1