aboutsummaryrefslogtreecommitdiffstats
path: root/pop3.c
diff options
context:
space:
mode:
authorMatthias Andree <matthias.andree@gmx.de>2007-03-18 01:24:22 +0000
committerMatthias Andree <matthias.andree@gmx.de>2007-03-18 01:24:22 +0000
commit321d61b215169346708da3ad2b74711996771635 (patch)
tree2d214a6b6ea2a9e02dd15261fad62af157f7d2cf /pop3.c
parenta59128a9369bc21df6485ddd548964a7345d1008 (diff)
downloadfetchmail-321d61b215169346708da3ad2b74711996771635.tar.gz
fetchmail-321d61b215169346708da3ad2b74711996771635.tar.bz2
fetchmail-321d61b215169346708da3ad2b74711996771635.zip
Strengthen APOP a bit (validate RFC-822 syntax) in order to fend off
Leurent-style MITM attacks which are based on MD5 and APOP weaknesses. svn path=/branches/BRANCH_6-3/; revision=5057
Diffstat (limited to 'pop3.c')
-rw-r--r--pop3.c14
1 files changed, 14 insertions, 0 deletions
diff --git a/pop3.c b/pop3.c
index 3ba6af36..17f66c70 100644
--- a/pop3.c
+++ b/pop3.c
@@ -659,6 +659,20 @@ static int pop3_getauth(int sock, struct query *ctl, char *greeting)
else
*++end = '\0';
+ /* SECURITY: 2007-03-17
+ * Strictly validating the presented challenge for RFC-822
+ * conformity (it must be a msg-id in terms of that standard) is
+ * supposed to make attacks against the MD5 implementation
+ * harder[1]
+ *
+ * [1] "Security vulnerability in APOP authentication",
+ * Gaƫtan Leurent, fetchmail-devel, 2007-03-17 */
+ if (!rfc822_valid_msgid((unsigned char *)start)) {
+ report(stderr,
+ GT_("Invalid APOP timestamp.\n"));
+ return PS_AUTHFAIL;
+ }
+
/* copy timestamp and password into digestion buffer */
msg = xmalloc((end-start+1) + strlen(ctl->password) + 1);
strcpy(msg,start);
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-21 12:03:17 +0000