IMAP: don't spam the logs about non-SSL connections to localhost

When using IMAP as auth module every single request causes a warning to
be logged just because we're not encrypting traffic sent to another
process on the *same* machine.

This change recognizes that while some people might consider this
undesirable, others might have made this a conscious choice and *don't*
wish to be spammed for it. As such now only a single warning is logged
(the first time in the server's lifetime that a user logs in).

Signed-off-by: Giel van Schijndel <me@mortis.eu>
This commit is contained in:
Giel van Schijndel 2014-08-09 22:39:16 +02:00
parent 2df8f92f87
commit a040c666ca

View File

@ -40,9 +40,12 @@ IMAP_SERVER = config.get("auth", "imap_hostname")
IMAP_SERVER_PORT = config.getint("auth", "imap_port") IMAP_SERVER_PORT = config.getint("auth", "imap_port")
IMAP_USE_SSL = config.getboolean("auth", "imap_ssl") IMAP_USE_SSL = config.getboolean("auth", "imap_ssl")
IMAP_WARNED_UNENCRYPTED = False
def is_authenticated(user, password): def is_authenticated(user, password):
"""Check if ``user``/``password`` couple is valid.""" """Check if ``user``/``password`` couple is valid."""
global IMAP_WARNED_UNENCRYPTED
if not user or not password: if not user or not password:
return False return False
@ -72,7 +75,8 @@ def is_authenticated(user, password):
"IMAP server at %s failed to accept TLS connection " "IMAP server at %s failed to accept TLS connection "
"because of: %s" % (IMAP_SERVER, exception)) "because of: %s" % (IMAP_SERVER, exception))
if server_is_local and not connection_is_secure: if server_is_local and not connection_is_secure and not IMAP_WARNED_UNENCRYPTED:
IMAP_WARNED_UNENCRYPTED = True
log.LOGGER.warning( log.LOGGER.warning(
"IMAP server is local. " "IMAP server is local. "
"Will allow transmitting unencrypted credentials.") "Will allow transmitting unencrypted credentials.")