Extend SMTP and IMAP protocol handling to perform the required (8d72476e) · Commits · CYBER - Cyber Security / TS 103 523 MSP / TLMSP / TLMSP OpenSSL

CHANGES

+4 −0

Original line number	Diff line number	Diff line
		@@ -518,6 +518,10 @@
		Improve header file function name parsing.
		[Steve Henson]

		*) extend SMTP and IMAP protocol emulation in s_client to use EHLO
		or CAPABILITY handshake as required by RFCs.
		[Goetz Babin-Ebell]

		Changes between 0.9.8c and 0.9.8d [28 Sep 2006]

		*) Introduce limits to prevent malicious keys being able to

+31 −1

Original line number	Diff line number	Diff line
		@@ -914,12 +914,27 @@ re_start:
		/* This is an ugly hack that does a lot of assumptions */
		if (starttls_proto == PROTO_SMTP)
		{
		int foundit=0;
		/* wait for multi-line response to end from SMTP */
		do
		{
		mbuf_len = BIO_read(sbio,mbuf,BUFSIZZ);
		}
		while (mbuf_len>3 && mbuf[3]=='-');
		/* STARTTLS command requires EHLO... */
		BIO_printf(sbio,"EHLO openssl.client.net\r\n");
		/* wait for multi-line response to end EHLO SMTP response */
		do
		{
		mbuf_len = BIO_read(sbio,mbuf,BUFSIZZ);
		if (strstr(mbuf,"STARTTLS"))
		foundit=1;
		}
		while (mbuf_len>3 && mbuf[3]=='-');
		if (!foundit)
		BIO_printf(bio_err,
		"didn't found starttls in server response,"
		" try anyway...\n");
		BIO_printf(sbio,"STARTTLS\r\n");
		BIO_read(sbio,sbuf,BUFSIZZ);
		}
		@@ -931,8 +946,23 @@ re_start:
		}
		else if (starttls_proto == PROTO_IMAP)
		{
		int foundit=0;
		BIO_read(sbio,mbuf,BUFSIZZ);
		BIO_printf(sbio,"0 STARTTLS\r\n");
		/* STARTTLS command requires CAPABILITY... */
		BIO_printf(sbio,". CAPABILITY\r\n");
		/* wait for multi-line CAPABILITY response */
		do
		{
		mbuf_len = BIO_read(sbio,mbuf,BUFSIZZ);
		if (strstr(mbuf,"STARTTLS"))
		foundit=1;
		}
		while (mbuf_len>3);
		if (!foundit)
		BIO_printf(bio_err,
		"didn't found STARTTLS in server response,"
		" try anyway...\n");
		BIO_printf(sbio,". STARTTLS\r\n");
		BIO_read(sbio,sbuf,BUFSIZZ);
		}
		else if (starttls_proto == PROTO_FTP)