From: Jean-Marc Pigeon <jmp@safe.c>
Date: Wed, 26 Nov 2025 17:00:17 +0000 (-0500)
Subject: Improving MD5 authentication
X-Git-Tag: tag-0.19~38
X-Git-Url: https://jmp-git.ovh.safe.ca/?a=commitdiff_plain;h=38a60da4165fbf13862d1598e9eb7d6cc5a8981f;p=jmp%2Fmailleur

Improving MD5 authentication
---

diff --git a/lib/lvleml.c b/lib/lvleml.c
index 08bf441..6bc2fa4 100644
--- a/lib/lvleml.c
+++ b/lib/lvleml.c
@@ -791,14 +791,7 @@ proceed=true;
 while (proceed==true) {
   (void) rou_dbglive(9,OPEP,"phase='%d'",OPEP,phase);
   switch (phase) {
-    case 0      :               //are we encrypted and on the right port
-      if (soc_iscrypted(contact->socptr)==false) {
-        static char *cmt="no authentication allowed on clear chanel";
-        (void) eml_status(contact,FAILED,NULL," 5.7.0 %s",cmt);
-        (void) setterminator(contact,cmt);
-        contact->credit-=1;     //"Bad boy"
-        phase=999;              //No need to go further 
-        }
+    case 0      :               //empty phase
       break;
     case 1      :       //check buffer
       if ((buffer==(char *)0)||(strlen(buffer)==0)) {
@@ -835,25 +828,37 @@ while (proceed==true) {
         case 0          :       //AUTH PLAIN
           if (soc_iscrypted(contact->socptr)==true) 
             (void) get_auth_plain(contact,local,&rmtpass);
-          else
-            (void) eml_transmit(contact,true,"%d 5.7.3 Unsafe PLAIN auth mode",
-                                              FAILED);
+          else {
+            static char *cmt="Unsafe PLAIN auth mode";
+
+            contact->credit-=2;
+            (void) eml_status(contact,FAILED,NULL," 5.7.3 %s",cmt);
+            (void) setterminator(contact,cmt);
+            }
           break;
         case 1          :       //AUTH LOGIN
           if (soc_iscrypted(contact->socptr)==true) 
             (void) get_auth_login(contact,&rmtpass);
-          else
-            (void) eml_transmit(contact,true,"%d 5.7.4 Unsafe LOGIN auth mode",
-                                              FAILED);
+          else {
+            static char *cmt="Unsafe LOGIN auth mode";
+
+            contact->credit-=2;
+            (void) eml_status(contact,FAILED,NULL," 5.7.3 %s",cmt);
+            (void) setterminator(contact,cmt);
+            }
           break;
         case 2          :       //AUTH DIGEST-MD5
           (void) get_auth_digest_md5(contact,&rmtpass);
           break;
-        default         :       //not yet implemented
-          (void) rou_alert(0,"%s auth type <%d> not yet implemented (Bug!)",
+        default         :  {    //not yet implemented
+          static char *cmt="Unexpected auth mode";
+
+          (void) rou_alert(0,"%s auth type <%d> not yet implemented (Bug?!)",
                               OPEP,code);
-          (void) eml_transmit(contact,true,"%d 5.7.5 Unexpected auth mode",FAILED);
+          (void) eml_status(contact,FAILED,NULL," 5.7.5 %s",cmt);
+          (void) setterminator(contact,cmt);
           phase=999;
+          }
           break;
         }
       break;