diff options
author | Jacek Masiulaniec <jacekm@cvs.openbsd.org> | 2009-05-19 12:33:54 +0000 |
---|---|---|
committer | Jacek Masiulaniec <jacekm@cvs.openbsd.org> | 2009-05-19 12:33:54 +0000 |
commit | 8df771eb2ef7b0188f0817d631c556da7a0c9b01 (patch) | |
tree | c38c81fffd96fbf1e861d1145afe7ed2b0070554 | |
parent | 4579f9e8556f4837002ef10b9409bc7857688c25 (diff) |
Accept STARTTLS only after EHLO; ok gilles@
-rw-r--r-- | usr.sbin/smtpd/smtp_session.c | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/usr.sbin/smtpd/smtp_session.c b/usr.sbin/smtpd/smtp_session.c index 47fc8960164..c144576310d 100644 --- a/usr.sbin/smtpd/smtp_session.c +++ b/usr.sbin/smtpd/smtp_session.c @@ -1,4 +1,4 @@ -/* $OpenBSD: smtp_session.c,v 1.90 2009/05/19 11:42:52 jacekm Exp $ */ +/* $OpenBSD: smtp_session.c,v 1.91 2009/05/19 12:33:53 jacekm Exp $ */ /* * Copyright (c) 2008 Gilles Chehade <gilles@openbsd.org> @@ -119,6 +119,11 @@ session_rfc3207_stls_handler(struct session *s, char *args) return 1; } + if (s->s_state != S_HELO) { + session_respond(s, "503 TLS not allowed at this stage"); + return 1; + } + if (args != NULL) { session_respond(s, "501 No parameters allowed"); return 1; |