diff --git a/docsrc/imap/download/installation/manage-dav.rst b/docsrc/imap/download/installation/manage-dav.rst index 1a50869231..960aa5a501 100644 --- a/docsrc/imap/download/installation/manage-dav.rst +++ b/docsrc/imap/download/installation/manage-dav.rst @@ -85,8 +85,8 @@ authentication does not depend on a Cyrus SASL plugin. The advertisement of the other HTTP authentication schemes is controlled by the :ref:`SASL mech_list option ` option. For Cyrus httpd -the GSS-SPNEGO, NTLM, SCRAM-SHA-1, and SCRAM-SHA-256 values enable -support for the Negotiate (Kerberos only), NTLM, SCRAM-SHA-1, and +the GSS-SPNEGO, SCRAM-SHA-1, and SCRAM-SHA-256 values enable +support for the Negotiate (Kerberos only), SCRAM-SHA-1, and SCRAM-SHA-256 authentication schemes respectively, provided that the plugins are installed on the server. diff --git a/docsrc/imap/rfc-support.rst b/docsrc/imap/rfc-support.rst index 416cde263f..105ad88014 100644 --- a/docsrc/imap/rfc-support.rst +++ b/docsrc/imap/rfc-support.rst @@ -959,8 +959,6 @@ draft-murchison-lmtp-ignorequota LMTP Service Extension for Ignoring Recipient Quotas -[MS-NTHT] NTLM Over HTTP Protocol Specification - draft-ietf-sieve-regex Sieve Email Filtering -- Regular Expression Extension diff --git a/imap/http_proxy.c b/imap/http_proxy.c index d9e3eb8ec6..fbacf10447 100644 --- a/imap/http_proxy.c +++ b/imap/http_proxy.c @@ -458,7 +458,7 @@ static int login(struct backend *s, const char *userid, serverin = base64; } - /* SASL mech (SCRAM-*, Digest, Negotiate, NTLM) */ + /* SASL mech (SCRAM-*, Digest, Negotiate) */ r = sasl_client_step(s->saslconn, serverin, serverinlen, NULL, /* no prompts */ &clientout, &clientoutlen); diff --git a/imap/httpd.c b/imap/httpd.c index e1cb8431a0..85a8f50147 100644 --- a/imap/httpd.c +++ b/imap/httpd.c @@ -451,8 +451,6 @@ struct auth_scheme_t auth_schemes[] = { { AUTH_SCRAM_SHA1, "SCRAM-SHA-1", "SCRAM-SHA-1", AUTH_NEED_PERSIST | AUTH_SERVER_FIRST | AUTH_BASE64 | AUTH_REALM_PARAM | AUTH_DATA_PARAM }, - { AUTH_NTLM, "NTLM", "NTLM", - AUTH_NEED_PERSIST | AUTH_BASE64 }, { AUTH_BEARER, "Bearer", NULL, AUTH_SERVER_FIRST | AUTH_REALM_PARAM }, AUTH_SCHEME_BASIC, @@ -4302,7 +4300,7 @@ static int http_auth(const char *creds, struct transaction_t *txn) httpd_authstate = auth_newstate(user); } else { - /* SASL-based authentication (SCRAM_*, Digest, Negotiate, NTLM) */ + /* SASL-based authentication (SCRAM_*, Digest, Negotiate) */ const char *serverout = NULL; unsigned int serveroutlen = 0; unsigned int auth_params_len = 0; diff --git a/imap/httpd.h b/imap/httpd.h index 0d796350be..b9ee1b8755 100644 --- a/imap/httpd.h +++ b/imap/httpd.h @@ -182,10 +182,9 @@ struct auth_scheme_t { enum { AUTH_BASIC = (1<<0), AUTH_SPNEGO = (1<<1), - AUTH_NTLM = (1<<2), - AUTH_BEARER = (1<<3), - AUTH_SCRAM_SHA1 = (1<<4), - AUTH_SCRAM_SHA256 = (1<<5) + AUTH_BEARER = (1<<2), + AUTH_SCRAM_SHA1 = (1<<3), + AUTH_SCRAM_SHA256 = (1<<4) }; /* Auth scheme flags */ diff --git a/imtest/imtest.c b/imtest/imtest.c index b517f3288d..f431718dfd 100644 --- a/imtest/imtest.c +++ b/imtest/imtest.c @@ -2703,7 +2703,7 @@ static void usage(char *prog, char *prot) else if (!strcasecmp(prot, "nntp")) printf(" (\"user\" for AUTHINFO USER/PASS\n"); else if (!strcasecmp(prot, "http")) - printf(" (\"basic\", \"digest\", \"negotiate\", \"ntlm\")\n"); + printf(" (\"basic\", \"digest\", \"negotiate\")\n"); printf(" -f file : pipe file into connection after authentication\n"); printf(" -r realm : realm\n"); #ifdef HAVE_SSL