details: http://freenginx.org/hg/nginx/rev/46ecad404a29
branches:
changeset: 9274:46ecad404a29
user: Rob Mueller <r...@fastmailteam.com>
date: Wed May 15 10:06:00 2024 +0300
description:
Mail: reset imap tag to empty after authentication attempt.
We need to reset the imap tag to empty after an authentication attempt
completes, otherwise if the next line parsed is incomplete with no tag
(e.g. empty line) then we use the "tag" from the previous buffer which
is now definitely wrong and has been partially overwritten with the most
recently read data (e.g. CRLF).
An example before this patch:
S: * OK IMAP4 ready
C: foobar login a b
S: foobar NO Incorrect username or password.
C:
S:
S: obar BAD invalid command
Then with this patch:
S: * OK IMAP4 ready
C: foobar login a b
S: foobar NO Incorrect username or password.
C:
S: * BAD invalid command
diffstat:
src/mail/ngx_mail_auth_http_module.c | 1 +
1 files changed, 1 insertions(+), 0 deletions(-)
diffs (11 lines):
diff --git a/src/mail/ngx_mail_auth_http_module.c
b/src/mail/ngx_mail_auth_http_module.c
--- a/src/mail/ngx_mail_auth_http_module.c
+++ b/src/mail/ngx_mail_auth_http_module.c
@@ -883,6 +883,7 @@ ngx_mail_auth_sleep_handler(ngx_event_t
s->mail_state = 0;
s->auth_method = NGX_MAIL_AUTH_PLAIN;
+ s->tag.len = 0;
c->log->action = "in auth state";
--
nginx-devel mailing list
nginx-devel@freenginx.org
https://freenginx.org/mailman/listinfo/nginx-devel
