From fcc25329049b6f9bd8d890f1197ed61eb12e14d5 Mon Sep 17 00:00:00 2001 From: Paul Date: Mon, 13 Jul 2020 10:39:19 +0100 Subject: [PATCH] fix STARTTLS protocol violation MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit with thanks to, and patch by Damian Poddebniak and Hanno Böck --- AUTHORS | 3 ++- src/common/session.c | 7 +++++++ src/gtk/authors.h | 3 ++- 3 files changed, 11 insertions(+), 2 deletions(-) diff --git a/AUTHORS b/AUTHORS index 96a6ca27a..5299b1381 100644 --- a/AUTHORS +++ b/AUTHORS @@ -310,7 +310,7 @@ contributors (in addition to the above; based on Changelog) Arthur Huillet Blatinox Andy Balaam - Hanno Boeck + Hanno Böck Ben Hutchings Ralf Bormann Darac Marjal @@ -331,4 +331,5 @@ contributors (in addition to the above; based on Changelog) Alexander Lyons Harkness Jakub Kiciński Jean Delvare + Damian Poddebniak diff --git a/src/common/session.c b/src/common/session.c index 7ef085d1f..2ed62e17f 100644 --- a/src/common/session.c +++ b/src/common/session.c @@ -418,6 +418,13 @@ gint session_start_tls(Session *session) return -1; } + if (0 < session->read_buf_len) { + g_warning("protocol violation: suffix data after STARTTLS detected."); + if (nb_mode) + sock_set_nonblocking_mode(session->sock, session->nonblocking); + return -1; + } + if (nb_mode) sock_set_nonblocking_mode(session->sock, session->nonblocking); diff --git a/src/gtk/authors.h b/src/gtk/authors.h index 6034aeccf..d8c06432f 100644 --- a/src/gtk/authors.h +++ b/src/gtk/authors.h @@ -100,7 +100,7 @@ static char *CONTRIBS_LIST[] = { "Laurent Bigonville", "Jean-Luc Biord", "Blatinox", -"Hanno Boeck", +"Hanno Böck", "Pavlo Bohmat", "Ralf Bormann", "H. Merijn Brand", @@ -253,6 +253,7 @@ static char *CONTRIBS_LIST[] = { "Thomas Orgis", "Reza Pakdel", "Richard Palo", +"Damian Poddebniak", "Marcel Pol", "Martin Pool", "Quar", -- 2.25.1