On Fri, Jan 14, 2005 at 09:07:06AM +0100, Hasse Hagen Johansen wrote:
> Peter Stuge wrote:
> >I'll file this with the tracker and include a patch in a minute.
..or more like two hours..
http://bugs.bincimap.org/browse/BINC-34
http://bugs.bincimap.org/browse/BINC-35
I found another bug that I fixed too. When STARTTLS had been
completed, Binc didn't reply correctly to another STARTTLS command.
> Great! You are just too fast. Haven't even got the time to look at
> the code (it was planned for this weekend) ;-)
I wish I was even faster.. Or that the day had more hours..
Here are the patches anyway. :)
//Peter
diff -ru bincimap-1.2.11final/src/operator-authenticate.cc.old
bincimap-1.2.11final/src/operator-authenticate.cc
--- bincimap-1.2.11final/src/operator-authenticate.cc.old Mon May 17
12:44:04 2004
+++ bincimap-1.2.11final/src/operator-authenticate.cc Fri Jan 14 08:43:02 2005
@@ -88,7 +88,7 @@
// we only allow this type of authentication over a plain
// connection if it is passed as argument or given in the conf
// file.
- if (!session.command.ssl && !allowplain && !getenv("ALLOWPLAIN")) {
+ if (!session.command.ssl && session["sslmode"] != "true" && !allowplain &&
!getenv("ALLOWPLAIN")) {
session.setLastError("Plain text password authentication"
" is disallowed. Please try enabling SSL"
" or TLS in your mail client.");
@@ -141,7 +141,7 @@
} else if (authtype == "PLAIN") {
// we only allow this type of authentication over an SSL encrypted
// connection.
- if (!session.command.ssl && !allowplain && !getenv("ALLOWPLAIN")) {
+ if (!session.command.ssl && session["sslmode"] != "true" && !allowplain &&
!getenv("ALLOWPLAIN")) {
session.setLastError("Plain text password authentication"
" is disallowed. Please try enabling SSL"
" or TLS in your mail client.");
diff -ru bincimap-1.2.11final/src/operator-capability.cc.old
bincimap-1.2.11final/src/operator-capability.cc
--- bincimap-1.2.11final/src/operator-capability.cc.old Mon May 17 12:44:03 2004
+++ bincimap-1.2.11final/src/operator-capability.cc Fri Jan 14 08:44:09 2005
@@ -93,7 +93,7 @@
const bool allowplain
= (session.globalconfig["Authentication"]["allow plain auth in non ssl"]
== "yes");
- if (session.command.ssl || allowplain || getenv("ALLOWPLAIN"))
+ if (session.command.ssl || session["sslmode"] == "true" || allowplain ||
getenv("ALLOWPLAIN"))
com << " AUTH=LOGIN AUTH=PLAIN";
else
com << " LOGINDISABLED";
diff -ru bincimap-1.2.11final/src/operator-login.cc.old
bincimap-1.2.11final/src/operator-login.cc
--- bincimap-1.2.11final/src/operator-login.cc Mon May 17 12:44:04 2004
+++ bincimap-1.2.11final/src/operator-login.cc Fri Jan 14 08:43:17 2005
@@ -88,7 +88,7 @@
const bool allowplain
= (session.globalconfig["Authentication"]["allow plain auth in non ssl"]
== "yes");
- if (!session.command.ssl && !allowplain && !getenv("ALLOWPLAIN")) {
+ if (!session.command.ssl && session["sslmode"] != "true" && !allowplain &&
!getenv("ALLOWPLAIN")) {
session.setLastError("Plain text password authentication"
" is disallowed. Please try enabling SSL"
" or TLS in your mail client.");
diff -ru bincimap-1.2.11final/src/operator-starttls.cc.old
bincimap-1.2.11final/src/operator-starttls.cc
--- bincimap-1.2.11final/src/operator-starttls.cc.old Mon May 17 12:44:04 2004
+++ bincimap-1.2.11final/src/operator-starttls.cc Fri Jan 14 10:04:58 2005
@@ -105,7 +105,7 @@
}
}
- session.add("sslmode", "yes");
+ session.add("sslmode", "true");
return NOTHING;
}
diff -ru bincimap-1.2.11final/src/bincimap-up.cc.old
bincimap-1.2.11final/src/bincimap-up.cc
--- bincimap-1.2.11final/src/bincimap-up.cc.old Thu May 27 08:52:34 2004
+++ bincimap-1.2.11final/src/bincimap-up.cc Fri Jan 14 10:03:31 2005
@@ -183,7 +183,8 @@
case Operator::BAD:
com << request.getTag() << " BAD " << request.getName()
<< " failed: " << session.getLastError() << endl;
- recovery = true;
+ if (request.getName() != "STARTTLS")
+ recovery = true;
break;
case Operator::NOTHING:
break;
