diff options
| author | Jannis M. Hoffmann <jannis@fehcom.de> | 2023-09-09 21:44:29 +0200 |
|---|---|---|
| committer | Jannis M. Hoffmann <jannis@fehcom.de> | 2023-09-09 21:44:29 +0200 |
| commit | 84186e77461ddeb867fa2944dcbf45217b41b80e (patch) | |
| tree | e614baca10fc5ebb41c0d84ad5a56e1a75a6a759 /lib/JWebmail | |
| parent | 45c55ee591d9aaddaeeffac9240e310951f71fe0 (diff) | |
Fix authentication schemes
Diffstat (limited to 'lib/JWebmail')
| -rw-r--r-- | lib/JWebmail/Controller/Webmail.pm | 10 |
1 files changed, 5 insertions, 5 deletions
diff --git a/lib/JWebmail/Controller/Webmail.pm b/lib/JWebmail/Controller/Webmail.pm index 94df668..7bf083a 100644 --- a/lib/JWebmail/Controller/Webmail.pm +++ b/lib/JWebmail/Controller/Webmail.pm @@ -347,7 +347,7 @@ sub _session_passwd { if ($secAlg eq fc 'cram_md5') { $self->session(S_PASSWD() => $passwd, challenge => $challenge); } - elsif ($secAlg eq 's3d') { + elsif ($secAlg eq fc 'plain') { unless ($passwd) { $self->s3d(S_PASSWD, ''); delete $self->session->{S_OTP_S3D_PW()}; @@ -363,7 +363,7 @@ sub _session_passwd { $self->session(S_OTP_S3D_PW, b64_encode($rand_bytes, '')); } else { - $self->session(S_PASSWD() => $passwd); + die } } else { # get @@ -371,14 +371,14 @@ sub _session_passwd { wantarray or carp "you forgot the challenge"; return ($self->session(S_PASSWD), $self->session('challenge')); } - elsif ($secAlg eq 's3d') { + elsif ($secAlg eq fc 'plain') { my $pw = b64_decode($self->s3d(S_PASSWD) || ''); my $otp = b64_decode($self->session(S_OTP_S3D_PW) || ''); my ($res) = split "\n", decode('UTF-8', $pw ^ $otp), 2; return $res; } else { - return $self->session(S_PASSWD); + die } } } @@ -388,7 +388,7 @@ sub _warn_crypt { state $once = 0; - if ( !TRUE_RANDOM && !$once && lc $self->config->{session}{secure} eq 's3d' ) { + if ( !TRUE_RANDOM && !$once && LOGIN_SCHEME eq fc 'plain' ) { $self->log->warn("Falling back to pseudo random generation. Please install Crypt::URandom"); $once = 1; } |