diff options
author | Matthias Andree <matthias.andree@gmx.de> | 2006-11-26 10:42:03 +0000 |
---|---|---|
committer | Matthias Andree <matthias.andree@gmx.de> | 2006-11-26 10:42:03 +0000 |
commit | 06adf462c806beab3d65c2c34d296c35e8e0655f (patch) | |
tree | e1860eace79ad172b612b06c16db919fe585d335 /pop3.c | |
parent | 250f0ed84ac892ea85654790cb83331dcbd8d44f (diff) | |
download | fetchmail-06adf462c806beab3d65c2c34d296c35e8e0655f.tar.gz fetchmail-06adf462c806beab3d65c2c34d296c35e8e0655f.tar.bz2 fetchmail-06adf462c806beab3d65c2c34d296c35e8e0655f.zip |
Be sure that CAPA is probed before TLS.
Needed to avoid bogus login failures if the upstream offers STLS.
Patch by Isaac Wilcox.
svn path=/branches/BRANCH_6-3/; revision=4963
Diffstat (limited to 'pop3.c')
-rw-r--r-- | pop3.c | 16 |
1 files changed, 15 insertions, 1 deletions
@@ -41,6 +41,7 @@ static char lastok[POPBUFSIZE+1]; #endif /* OPIE_ENABLE */ /* session variables initialized in capa_probe() or pop3_getauth() */ +flag done_capa = FALSE; #if defined(GSSAPI) flag has_gssapi = FALSE; #endif /* defined(GSSAPI) */ @@ -238,6 +239,9 @@ static int capa_probe(int sock) { int ok; + if (done_capa) { + return PS_SUCCESS; + } #if defined(GSSAPI) has_gssapi = FALSE; #endif /* defined(GSSAPI) */ @@ -278,6 +282,7 @@ static int capa_probe(int sock) if (strstr(buffer, "CRAM-MD5")) has_cram = TRUE; } + done_capa = TRUE; } return(ok); } @@ -307,6 +312,7 @@ static int pop3_getauth(int sock, struct query *ctl, char *greeting) flag got_tls = FALSE; #endif /* SSL_ENABLE */ + done_capa = FALSE; #if defined(GSSAPI) has_gssapi = FALSE; #endif /* defined(GSSAPI) */ @@ -441,6 +447,10 @@ static int pop3_getauth(int sock, struct query *ctl, char *greeting) } #ifdef SSL_ENABLE + ok = capa_probe(sock); + if (ok != PS_SUCCESS) { + return ok; + } if (maybe_tls(ctl)) { if (has_stls) { @@ -467,7 +477,11 @@ static int pop3_getauth(int sock, struct query *ctl, char *greeting) * guarantee a secure capability re-probe. */ got_tls = TRUE; - (void)capa_probe(sock); + done_capa = FALSE; + ok = capa_probe(sock); + if (ok != PS_SUCCESS) { + return ok; + } if (outlevel >= O_VERBOSE) { report(stdout, GT_("%s: upgrade to TLS succeeded.\n"), realhost); |