Implement RFC 2595 LOGINDISABLED

Warn the user and abort when we attempt a plaintext login, but the server has explicitly disabled plaintext logins. Signed-off-by: Sebastian Spaeth <Sebastian@SSpaeth.de>
2011-09-16 13:57:55 +02:00
parent 19ff636390
commit 1ac9dc7fb4
2 changed files with 10 additions and 5 deletions
--- a/offlineimap/imapserver.py
+++ b/offlineimap/imapserver.py
@ -262,6 +262,12 @@ class IMAPServer:
                                except imapobj.error, val:
                                    self.plainauth(imapobj)
                            else:
+                                # Use plaintext login, unless
+                                # LOGINDISABLED (RFC2595)
+                                if 'LOGINDISABLED' in imapobj.capabilities:
+                                    raise OfflineImapError("Plaintext login "
+                                       "disabled by server. Need to use SSL?",
+                                        OfflineImapError.ERROR.REPO)
                                self.plainauth(imapobj)
                        # Would bail by here if there was a failure.
                        success = 1