Permalink
Browse files

login_disabled option before starttls for pop3

  • Loading branch information...
1 parent 4392738 commit bd6f15673058c4253ee0bbaaa03f70711b572a6f Paul J Stevens committed Feb 18, 2015
Showing with 21 additions and 0 deletions.
  1. +5 −0 dbmail.conf
  2. +16 −0 src/pop3.c
View
@@ -227,6 +227,11 @@ port = 110
# You can set an alternate banner to display when connecting to the service
# banner = DBMAIL pop3 server ready to rock
+# If TLS is enabled, login before starttls is normally
+# allowed. Use login_disabled=yes to change this
+#
+# login_disabled = no
+
#
# If yes, allows SMTP access from the host IP connecting by POP3.
# This requires addition configuration of your MTA
View
@@ -366,6 +366,7 @@ int pop3(ClientSession_T *session, const char *buffer)
int found = 0;
//int indx = 0;
int validate_result;
+ bool login_disabled = FALSE;
uint64_t result, top_lines, top_messageid, user_idnr;
unsigned char *md5_apop_he;
struct message *msg;
@@ -431,6 +432,15 @@ int pop3(ClientSession_T *session, const char *buffer)
}
}
+ if (state == CLIENTSTATE_INITIAL_CONNECT) {
+ if (server_conf->ssl) {
+ Field_T val;
+ GETCONFIGVALUE("login_disabled", "POP", val);
+ if (SMATCH(val, "yes"))
+ login_disabled = TRUE;
+ }
+ }
+
switch (cmdtype) {
case POP3_QUIT:
@@ -459,6 +469,9 @@ int pop3(ClientSession_T *session, const char *buffer)
if (state != CLIENTSTATE_INITIAL_CONNECT)
return pop3_error(session, "-ERR wrong command mode\r\n");
+ if (login_disabled && ! session->ci->sock->ssl_state)
+ return pop3_error(session, "-ERR try STLS\r\n");
+
if (session->username != NULL) {
/* reset username */
g_free(session->username);
@@ -478,6 +491,9 @@ int pop3(ClientSession_T *session, const char *buffer)
if (state != CLIENTSTATE_INITIAL_CONNECT)
return pop3_error(session, "-ERR wrong command mode\r\n");
+ if (login_disabled && ! session->ci->sock->ssl_state)
+ return pop3_error(session, "-ERR try STLS\r\n");
+
if (session->password != NULL) {
g_free(session->password);
session->password = NULL;

0 comments on commit bd6f156

Please sign in to comment.