From: "Adam D. Barratt" <debian-bts@adam-barratt.org.uk>
Date: Sat, 3 Jan 2004 16:04:22 +0000
Subject: 07 allowuser

Add AllowUser option (bug#77710). Patch based upstream version 0.16d.
---
 man/spop3d.conf.5 |    7 +++++++
 src/configfile.h  |    1 +
 src/main.c        |    7 +++++++
 3 files changed, 15 insertions(+), 0 deletions(-)

diff --git a/man/spop3d.conf.5 b/man/spop3d.conf.5
index f954d0e..6f1de20 100644
--- a/man/spop3d.conf.5
+++ b/man/spop3d.conf.5
@@ -189,6 +189,13 @@ are logged. Option is enabled by default.
 If enabled maildrop (mailbox or maildir) will be created, when it doesn't
 exist. Option is disabled by default.
 .TP
+.B AllowUser boolean
+Allow USER/PASS authentication. This option is enabled by default.
+It's the standard method of user authentication and you probably don't
+need to disable it.
+You must have at least one authentication method enabled
+(AllowUser or AllowAPOP).
+.TP
 .RE
 .SH EXAMPLE
 .RS
diff --git a/src/configfile.h b/src/configfile.h
index c0cf7ec..aa7f09a 100644
--- a/src/configfile.h
+++ b/src/configfile.h
@@ -79,6 +79,7 @@ extern char logpriority[];
 #ifdef STATISTICS
 extern int logstatistics;
 #endif
+extern int allowuser;
 
 struct str_option {
 	char *name;
diff --git a/src/main.c b/src/main.c
index 42220cd..5b1be3c 100644
--- a/src/main.c
+++ b/src/main.c
@@ -187,9 +187,11 @@ struct str_option options_set[] =
 	{"LogStatistics", OP_BOOLEAN, &logstatistics, 0, NULL},
 #endif
 	{"LogPriority", OP_STRING, &logpriority, 64, check_logpriority},
+	{"AllowUser", OP_BOOLEAN, &allowuser, 0, NULL},
 	{NULL, 0, NULL, 0, NULL}
 };
 
+int allowuser = 1;
 int connection_state;
 char username[MAXARGLN + 1];
 char password[MAXARGLN + 1];
@@ -559,6 +561,11 @@ void end_auth_state(char *arg) {
 void get_username(char *arg) {
 	int tmp = 0;
 
+	if (!allowuser) {
+		send_error("USER/PASS authentication not allowed");
+		check_wccount();
+		return;
+	}
 	if (strlen(arg) >= sizeof(username)) {
 		send_error("username too long");
 		check_wccount();
--