- Use only one from IMAP authentication methods to prevent login delays (1487784)

git-svn-id: https://svn.roundcube.net/trunk@4543 208e9e7b-5314-0410-a742-e7e81cd9613c
author: alec <alec@208e9e7b-5314-0410-a742-e7e81cd9613c> 2011-02-15 11:10:59 +0000
committer: alec <alec@208e9e7b-5314-0410-a742-e7e81cd9613c> 2011-02-15 11:10:59 +0000
commit: 449f3e4f505dda041353f622a5b8f326720e4750 (patch)
tree: a0d3bdfc798ecc084fecc68f0af314535b7a4a7a /roundcubemail/program/include/rcube_imap_generic.php
parent: ea522377aafe60e11cab916c6d29f1f7c80abb18 (diff)
1 files changed, 14 insertions, 11 deletions
diff --git a/roundcubemail/program/include/rcube_imap_generic.php b/roundcubemail/program/include/rcube_imap_generic.php
index e7a9cedf3..cc590e05a 100644
--- a/roundcubemail/program/include/rcube_imap_generic.php
+++ b/roundcubemail/program/include/rcube_imap_generic.php
@@ -782,6 +782,13 @@ class rcube_imap_generic
             else if (!$login_disabled) {
                 $auth_methods[] = 'LOGIN';
             }
+
+            // Use best (for security) supported authentication method
+            foreach (array('DIGEST-MD5', 'CRAM-MD5', 'CRAM_MD5', 'PLAIN', 'LOGIN') as $auth_method) {
+                if (in_array($auth_method, $auth_methods)) {
+                    break;
+                }
+            }
         }
         else {
             // Prevent from sending credentials in plain text when connection is not secure
@@ -791,32 +798,28 @@ class rcube_imap_generic
                 return false;
             }
             // replace AUTH with CRAM-MD5 for backward compat.
-            $auth_methods[] = $auth_method == 'AUTH' ? 'CRAM-MD5' : $auth_method;
+            if ($auth_method == 'AUTH') {
+                $auth_method = 'CRAM-MD5';
+            }
         }
 
         // pre-login capabilities can be not complete
         $this->capability_readed = false;
 
         // Authenticate
-        foreach ($auth_methods as $method) {
-            switch ($method) {
+        switch ($auth_method) {
             case 'CRAM_MD5':
-                $method = 'CRAM-MD5';
+                $auth_method = 'CRAM-MD5';
             case 'CRAM-MD5':
             case 'DIGEST-MD5':
             case 'PLAIN':
-                $result = $this->authenticate($user, $password, $method);
+                $result = $this->authenticate($user, $password, $auth_method);
                 break;
             case 'LOGIN':
                 $result = $this->login($user, $password);
                 break;
             default:
-                $this->setError(self::ERROR_BAD, "Configuration error. Unknown auth method: $method");
-            }
-
-            if (is_resource($result)) {
-                break;
-            }
+                $this->setError(self::ERROR_BAD, "Configuration error. Unknown auth method: $auth_method");
         }
 
         // Connected and authenticated
author	alec <alec@208e9e7b-5314-0410-a742-e7e81cd9613c>	2011-02-15 11:10:59 +0000
committer	alec <alec@208e9e7b-5314-0410-a742-e7e81cd9613c>	2011-02-15 11:10:59 +0000
commit	449f3e4f505dda041353f622a5b8f326720e4750 (patch)
tree	a0d3bdfc798ecc084fecc68f0af314535b7a4a7a /roundcubemail/program/include/rcube_imap_generic.php
parent	ea522377aafe60e11cab916c6d29f1f7c80abb18 (diff)