dovecot-2.0: imap proxy: Detect and log invalid remote input.
dovecot at dovecot.org
dovecot at dovecot.org
Wed Sep 23 23:13:04 EEST 2009
details: http://hg.dovecot.org/dovecot-2.0/rev/aedf642c8bc8
changeset: 9938:aedf642c8bc8
user: Timo Sirainen <tss at iki.fi>
date: Wed Sep 23 23:12:58 2009 +0300
description:
imap proxy: Detect and log invalid remote input.
diffstat:
2 files changed, 16 insertions(+), 1 deletion(-)
src/imap-login/client.h | 1 +
src/imap-login/imap-proxy.c | 16 +++++++++++++++-
diffs (55 lines):
diff -r 49cd8e736a8a -r aedf642c8bc8 src/imap-login/client.h
--- a/src/imap-login/client.h Sun Sep 13 21:40:51 2009 -0400
+++ b/src/imap-login/client.h Wed Sep 23 23:12:58 2009 +0300
@@ -15,6 +15,7 @@ struct imap_client {
unsigned int cmd_finished:1;
unsigned int proxy_sasl_ir:1;
unsigned int proxy_seen_banner:1;
+ unsigned int proxy_wait_auth_continue:1;
unsigned int skip_line:1;
unsigned int id_logged:1;
unsigned int client_ignores_capability_resp_code:1;
diff -r 49cd8e736a8a -r aedf642c8bc8 src/imap-login/imap-proxy.c
--- a/src/imap-login/imap-proxy.c Sun Sep 13 21:40:51 2009 -0400
+++ b/src/imap-login/imap-proxy.c Wed Sep 23 23:12:58 2009 +0300
@@ -91,6 +91,7 @@ static void proxy_write_login(struct ima
} else {
/* master user login without SASL initial response */
str_append(str, "L AUTHENTICATE PLAIN");
+ client->proxy_wait_auth_continue = TRUE;
}
str_append(str, "\r\n");
}
@@ -155,6 +156,15 @@ int imap_proxy_parse_line(struct client
return 0;
} else if (*line == '+') {
/* AUTHENTICATE started. finish it. */
+ if (!imap_client->proxy_wait_auth_continue) {
+ client_log_err(client, t_strdup_printf(
+ "proxy: Unexpected input: %s",
+ str_sanitize(line, 160)));
+ client_proxy_failed(client, TRUE);
+ return -1;
+ }
+ imap_client->proxy_wait_auth_continue = FALSE;
+
str = t_str_new(128);
get_plain_auth(client, str);
str_append(str, "\r\n");
@@ -250,6 +260,9 @@ int imap_proxy_parse_line(struct client
return 0;
} else {
/* tagged reply, shouldn't happen. */
+ client_log_err(client, t_strdup_printf(
+ "proxy: Unexpected input, ignoring: %s",
+ str_sanitize(line, 160)));
return 0;
}
}
@@ -260,4 +273,5 @@ void imap_proxy_reset(struct client *cli
imap_client->proxy_sasl_ir = FALSE;
imap_client->proxy_seen_banner = FALSE;
-}
+ imap_client->proxy_wait_auth_continue = FALSE;
+}
More information about the dovecot-cvs
mailing list