githubFork/roundcubemail.git

			@@ -782,6 +782,13 @@
			else if (!$login_disabled) {
			$auth_methods[] = 'LOGIN';
			}

			// Use best (for security) supported authentication method
			foreach (array('DIGEST-MD5', 'CRAM-MD5', 'CRAM_MD5', 'PLAIN', 'LOGIN') as $auth_method) {
			if (in_array($auth_method, $auth_methods)) {
			break;
			}
			}
			}
			else {
			// Prevent from sending credentials in plain text when connection is not secure
			@@ -791,32 +798,28 @@
			return false;
			}
			// replace AUTH with CRAM-MD5 for backward compat.
			$auth_methods[] = $auth_method == 'AUTH' ? 'CRAM-MD5' : $auth_method;
			if ($auth_method == 'AUTH') {
			$auth_method = 'CRAM-MD5';
			}
			}

			// pre-login capabilities can be not complete
			$this->capability_readed = false;

			// Authenticate
			foreach ($auth_methods as $method) {
			switch ($method) {
			switch ($auth_method) {
			case 'CRAM_MD5':
			$method = 'CRAM-MD5';
			$auth_method = 'CRAM-MD5';
			case 'CRAM-MD5':
			case 'DIGEST-MD5':
			case 'PLAIN':
			$result = $this->authenticate($user, $password, $method);
			$result = $this->authenticate($user, $password, $auth_method);
			break;
			case 'LOGIN':
			$result = $this->login($user, $password);
			break;
			default:
			$this->setError(self::ERROR_BAD, "Configuration error. Unknown auth method: $method");
			}

			if (is_resource($result)) {
			break;
			}
			$this->setError(self::ERROR_BAD, "Configuration error. Unknown auth method: $auth_method");
			}

			// Connected and authenticated

	CHANGELOG	1 ●●●●● patch \| view \| raw \| blame \| history
	program/include/rcube_imap_generic.php	25 ●●●●● patch \| view \| raw \| blame \| history

			@@ -1,6 +1,7 @@
			CHANGELOG Roundcube Webmail
			===========================

			- Use only one from IMAP authentication methods to prevent login delays (1487784)
			- Replying to a sent message puts the old recipient as the new recipient (#1487074)
			- Fulltext search over (almost) all data for contacts
			- Extend address book with rich contact information