| blob | 2f16f212ff420cc044e32fabf1d92846a3810832 |
1 --- netqmail-1.05/qmail-smtpd.c 2006-06-16 20:01:36.000000000 +0100
2 +++ netqmail-1.05-patched/qmail-smtpd.c 2006-06-16 20:03:03.000000000 +0100
3 @@ -98,6 +98,9 @@
4 int err_noauth() { out("504 auth type unimplemented (#5.5.1)\r\n"); return -1; }
5 int err_authabrt() { out("501 auth exchange canceled (#5.0.0)\r\n"); return -1; }
6 int err_input() { out("501 malformed auth input (#5.5.4)\r\n"); return -1; }
7 +#if defined(TLS) && defined(TLS_BEFORE_AUTH)
8 +int err_wantstarttls() { out("530 Must issue a STARTTLS command first (#5.7.0)\r\n"); return -1; };
9 +#endif
10 void err_authfail() { out("535 authentication failed (#5.7.1)\r\n"); }
12 stralloc greeting = {0};
13 @@ -338,6 +341,13 @@
14 smtp_greet("250 "); out("\r\n");
15 seenmail = 0; dohelo(arg);
16 }
17 +void smtp_authout() {
18 +#ifdef CRAM_MD5
19 + out("250-AUTH LOGIN PLAIN CRAM-MD5\r\n");
20 +#else
21 + out("250-AUTH LOGIN PLAIN\r\n");
22 +#endif
23 +}
24 /* ESMTP extensions are published here */
25 void smtp_ehlo(arg) char *arg;
26 {
27 @@ -352,12 +362,12 @@
28 #endif
29 size[fmt_ulong(size,(unsigned int) databytes)] = 0;
30 out("\r\n250-PIPELINING\r\n250-8BITMIME\r\n");
31 - out("250-SIZE "); out(size); out("\r\n");
32 -#ifdef CRAM_MD5
33 - out("250 AUTH LOGIN PLAIN CRAM-MD5\r\n");
34 +#if defined(TLS) && defined(TLS_BEFORE_AUTH)
35 + if(ssl) smtp_authout();
36 #else
37 - out("250 AUTH LOGIN PLAIN\r\n");
38 + smtp_authout();
39 #endif
40 + out("250 SIZE "); out(size); out("\r\n");
41 seenmail = 0; dohelo(arg);
42 }
43 void smtp_rset(arg) char *arg;
44 @@ -615,6 +625,9 @@
45 {
46 int r;
48 +#if defined(TLS) && defined(TLS_BEFORE_AUTH)
49 + if (!ssl) return err_wantstarttls();
50 +#endif
51 if (*arg) {
52 if (r = b64decode(arg,str_len(arg),&user) == 1) return err_input();
53 }
54 @@ -639,6 +652,9 @@
55 {
56 int r, id = 0;
58 +#if defined(TLS) && defined(TLS_BEFORE_AUTH)
59 + if (!ssl) return err_wantstarttls();
60 +#endif
61 if (*arg) {
62 if (r = b64decode(arg,str_len(arg),&resp) == 1) return err_input();
63 }
64 @@ -665,6 +681,10 @@
65 int i, r;
66 char *s;
68 +#if defined(TLS) && defined(TLS_BEFORE_AUTH)
69 + if (!ssl) return err_wantstarttls();
70 +#endif
71 +
72 s = unique; /* generate challenge */
73 s += fmt_uint(s,getpid());
74 *s++ = '.';