summaryrefslogtreecommitdiff
path: root/imap
diff options
context:
space:
mode:
authorEduardo Chappa <chappa@washington.edu>2020-06-18 03:25:29 -0600
committerEduardo Chappa <chappa@washington.edu>2020-06-18 03:25:29 -0600
commit000edd9036b6aea5e6a06900ecd6c58faec665ab (patch)
treecb0e40cf17e1c6e3b1f69cb02fe1ef364e605d1a /imap
parent5cba97d032b16b89a6f73d5841e55bf13672f921 (diff)
downloadalpine-000edd9036b6aea5e6a06900ecd6c58faec665ab.tar.xz
* Security Bug: Alpine can be configured to start a secure connection using /tls
on an insecure connection. However, if the connection is PREAUTH, Alpine will not upgrade the connection to a secure connection, because a client must not issue a STARTTLS to a server that supports it in authenticated state. This makes Alpine continue to use an insecure connection with the server, exposing user data. Reported by Damian Poddebniak and Fabian Ising, from Münster University of Applied Sciences.
Diffstat (limited to 'imap')
-rw-r--r--imap/src/c-client/imap4r1.c12
1 files changed, 11 insertions, 1 deletions
diff --git a/imap/src/c-client/imap4r1.c b/imap/src/c-client/imap4r1.c
index 2233da6e..4991f85e 100644
--- a/imap/src/c-client/imap4r1.c
+++ b/imap/src/c-client/imap4r1.c
@@ -1,7 +1,7 @@
/*
* Copyright 2016-2020 Eduardo Chappa
*
- * Last Edited: Jan 26, 2020 Eduardo Chappa <alpine.chappa@gmx.com>
+ * Last Edited: Jun 18, 2020 Eduardo Chappa <alpine.chappa@yandex.com>
*
*/
/* ========================================================================
@@ -891,6 +891,16 @@ MAILSTREAM *imap_open (MAILSTREAM *stream)
return NIL; /* lost during greeting */
}
+ /* STARTTLS is not allowed in PREAUTH state */
+ if (LOCAL->netstream && !strcmp (reply->key,"PREAUTH")){
+ sslstart_t stls = (sslstart_t) mail_parameters (NIL,GET_SSLSTART,NIL);
+ if (!LOCAL->gotcapability) imap_capability (stream);
+ if (LOCAL->netstream
+ && stls && LOCAL->cap.starttls && !mb.sslflag && !mb.notlsflag && mb.tlsflag){
+ mm_log("STARTTLS not allowed on PREAUTH state. Closing Connection", ERROR);
+ return NIL;
+ }
+ }
/* if connected and not preauthenticated */
if (LOCAL->netstream && strcmp (reply->key,"PREAUTH")) {
sslstart_t stls = (sslstart_t) mail_parameters (NIL,GET_SSLSTART,NIL);