Monotone-Parent: d6d341b84cbf1c54684b2a4f7b962733b4c3fe07

Monotone-Revision: 013c9cc4204885ed0c7be9ec01e9383412ef259f

Monotone-Author: wsourdeau@inverse.ca
Monotone-Date: 2007-07-13T14:03:18
Monotone-Branch: ca.inverse.sogo

ChangeLog

@@ -1,3 +1,16 @@
+2007-07-13  Wolfgang Sourdeau  <wsourdeau@inverse.ca>
+
+	* SoObjects/SOGo/SOGoUser.m ([SOGoUser +initialize]): set
+	acceptAnyUser to YES only when the SOGoAuthentificationMethod user
+	default is set to "bypass".
+
+	* SoObjects/SOGo/SOGoAuthenticator.m ([SOGoAuthenticator
+	-checkLogin:_loginpassword:_pwd]): accepts unverified connections
+	when authMethod is set to "bypass" from now on. This would avoid a
+	security concern with a default installation of SOGo.
+	AuthentificationMethod is now prefixed with "SOGo" for better
+	clarity.
+
 2007-07-11  Wolfgang Sourdeau  <wsourdeau@inverse.ca>
 
 	* UI/MailerUI/UIxMailFolderActions.m ([UIxMailFolderActions

SoObjects/SOGo/SOGoAuthenticator.m

@@ -50,7 +50,7 @@
   if ((self = [super init]))
     {
       authMethod = [[NSUserDefaults standardUserDefaults]
-		     stringForKey: @"AuthentificationMethod"];
+		     stringForKey: @"SOGoAuthentificationMethod"];
       [authMethod retain];
     }
 
@@ -75,7 +75,8 @@
       accept = [um checkLogin: _login andPassword: _pwd];
     }
   else
-    accept = ([_login length] > 0);
+    accept = ([authMethod isEqualToString: @"bypass"]
+	      && [_login length] > 0);
 
   return accept;
 // 	  || ([_login isEqualToString: @"freebusy"]

SoObjects/SOGo/SOGoUser.m

@@ -92,7 +92,8 @@ NSString *SOGoWeekStartFirstFullWeek = @"FirstFullWeek";
 	ASSIGN (superUsername, nsUsername);
     }
 
-  acceptAnyUser = (![ud stringForKey: @"AuthentificationMethod"]);
+  acceptAnyUser = ([[ud stringForKey: @"SOGoAuthentificationMethod"]
+		     isEqualToString: @"bypass"]);
 }
 
 + (SOGoUser *) userWithLogin: (NSString *) newLogin