changeset 582:b03df4603e78

Don't accept STARTTLS command in imap4 mode if it hasn't been enabled See http://bugs.debian.org/500554 Signed-off-by: Simon Horman <horms@verge.net.au>
author Simon Horman <horms@verge.net.au>
date Thu, 13 Aug 2009 21:47:12 +1000
parents 0c73e2fc2bd0
children 713a6f37f975
files debian/changelog perdition/imap4_in.c
diffstat 2 files changed, 7 insertions(+), 1 deletions(-) [+]
line wrap: on
line diff
--- a/debian/changelog	Thu Aug 13 21:22:40 2009 +1000
+++ b/debian/changelog	Thu Aug 13 21:47:12 2009 +1000
@@ -14,8 +14,11 @@
       (closes: #395408)
     - Refer to libperditiondb_postgresql.so.0 in POSTGRESQL of perditiondb(5)
       (closes: #507414)
+    - Don't accept STARTTLS command in imap4 mode if it hasn't been
+      enabled in the configuration.
+      (closes: #500554)
 
- -- Simon Horman <horms@debian.org>  Thu, 04 Dec 2008 18:54:48 +1100
+ -- Simon Horman <horms@debian.org>  Thu, 13 Aug 2009 21:45:09 +1000
 
 perdition (1.17.1-1) unstable; urgency=high
 
--- a/perdition/imap4_in.c	Thu Aug 13 21:22:40 2009 +1000
+++ b/perdition/imap4_in.c	Thu Aug 13 21:47:12 2009 +1000
@@ -447,6 +447,9 @@
 			! strncasecmp((char *)token_buf(t), IMAP4_CMD_STARTTLS, 
 				token_len(t))) {
       __IMAP4_IN_CHECK_NO_ARG(IMAP4_CMD_STARTTLS);
+      if(!(opt.ssl_mode & SSL_MODE_TLS_OUTGOING)) {
+	__IMAP4_IN_BAD("STARTTLS disabled, mate");
+      }
       if(io_get_type(io) != io_type_ssl){
         if(imap4_write(io, NULL_FLAG, tag, IMAP4_OK, 0,
 				"Begin TLS negotiation now")<0){