From 81e994d7907f850506ddc248f84761a54995e58c Mon Sep 17 00:00:00 2001
From: Eduardo Chappa <chappa@washington.edu>
Date: Fri, 31 May 2013 17:08:22 -0600
Subject:   * Fix not allow remote execution by adding PIPE_NOSHELL to the
 opening of a url by     a browser.

---
 imap/src/c-client/imap4r1.c | 2 ++
 1 file changed, 2 insertions(+)

(limited to 'imap/src/c-client/imap4r1.c')

diff --git a/imap/src/c-client/imap4r1.c b/imap/src/c-client/imap4r1.c
index 1409b37d..96d1fa19 100644
--- a/imap/src/c-client/imap4r1.c
+++ b/imap/src/c-client/imap4r1.c
@@ -1156,6 +1156,7 @@ long imap_auth (MAILSTREAM *stream,NETMBX *mb,char *tmp,char *usr)
 	}
 				/* no error if protocol-initiated cancel */
 	lsterr = cpystr (reply->text);
+	delete_password(mb, usr);
       }
     }
     while (LOCAL->netstream && !LOCAL->byeseen && trial &&
@@ -1207,6 +1208,7 @@ long imap_login (MAILSTREAM *stream,NETMBX *mb,char *pwd,char *usr)
 	if (imap_OK (stream,reply = imap_send (stream,"LOGIN",args)))
 	  ret = LONGT;		/* success */
 	else {
+	  delete_password(mb, usr);
 	  mm_log (reply->text,WARN);
 	  if (!LOCAL->referral && (trial == imap_maxlogintrials))
 	    mm_log ("Too many login failures",ERROR);
-- 
cgit v1.2.3-70-g09d2