fix STARTTLS protocol violation

with thanks to, and patch by Damian Poddebniak and Hanno Böck

diff --git a/AUTHORS b/AUTHORS
index 96a6ca27aa72534f84e0e7e901d5774f7aae4b4d..5299b13813bf06c063e46ff061d510ad4fa12338 100644 (file)
--- a/AUTHORS
+++ b/AUTHORS
@@ -310,7 +310,7 @@ contributors (in addition to the above; based on Changelog)
        Arthur Huillet
        Blatinox
        Andy Balaam
-       Hanno Boeck
+       Hanno Böck
        Ben Hutchings
        Ralf Bormann
        Darac Marjal
@@ -331,4 +331,5 @@ contributors (in addition to the above; based on Changelog)
        Alexander Lyons Harkness
        Jakub Kiciński
        Jean Delvare
+       Damian Poddebniak
 

diff --git a/src/common/session.c b/src/common/session.c
index 7ef085d1fb0b0d5a02bad4dec1d7635d8fa77281..2ed62e17f39c1386479fbedf8b9d257e833e6b02 100644 (file)
--- a/src/common/session.c
+++ b/src/common/session.c
@@ -418,6 +418,13 @@ gint session_start_tls(Session *session)
                return -1;
        }
 
+       if (0 < session->read_buf_len) {
+               g_warning("protocol violation: suffix data after STARTTLS detected.");
+               if (nb_mode)
+                       sock_set_nonblocking_mode(session->sock, session->nonblocking);
+               return -1;
+       }
+
        if (nb_mode)
                sock_set_nonblocking_mode(session->sock, session->nonblocking);
 

diff --git a/src/gtk/authors.h b/src/gtk/authors.h
index 6034aeccf3b3413680aa28f22f1e7e86e8b156b2..d8c06432fb5527016cbf4df989ebb1a21a11de0e 100644 (file)
--- a/src/gtk/authors.h
+++ b/src/gtk/authors.h
@@ -100,7 +100,7 @@ static char *CONTRIBS_LIST[] = {
 "Laurent Bigonville",
 "Jean-Luc Biord",
 "Blatinox",
-"Hanno Boeck",
+"Hanno Böck",
 "Pavlo Bohmat",
 "Ralf Bormann",
 "H. Merijn Brand",
@@ -253,6 +253,7 @@ static char *CONTRIBS_LIST[] = {
 "Thomas Orgis",
 "Reza Pakdel",
 "Richard Palo",
+"Damian Poddebniak",
 "Marcel Pol",
 "Martin Pool",
 "Quar",