summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorGilles Chehade <gilles@cvs.openbsd.org>2009-10-06 18:20:45 +0000
committerGilles Chehade <gilles@cvs.openbsd.org>2009-10-06 18:20:45 +0000
commit37fb3c82fd5a3ecf936d94f1a66c44aa7868ecf4 (patch)
tree9e99569148acbfae5acdd5c2865d0aac7969269a
parenta427f6cb775a32ac07a4edec9aa03e16b38e5701 (diff)
disallow AUTH once a session is in progress, this prevents a fatal from
being triggered in smtp process when client sends AUTH after MAIL. bug reported and fix tested by James Turner <james@bsdgroup.org>
Diffstat
-rw-r--r--usr.sbin/smtpd/smtp_session.c7
1 files changed, 6 insertions, 1 deletions
diff --git a/usr.sbin/smtpd/smtp_session.c b/usr.sbin/smtpd/smtp_session.c
index 5af99291733..2f94ff80f3e 100644
--- a/usr.sbin/smtpd/smtp_session.c
+++ b/usr.sbin/smtpd/smtp_session.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: smtp_session.c,v 1.120 2009/09/12 12:24:51 jacekm Exp $ */
+/* $OpenBSD: smtp_session.c,v 1.121 2009/10/06 18:20:44 gilles Exp $ */
/*
* Copyright (c) 2008 Gilles Chehade <gilles@openbsd.org>
@@ -153,6 +153,11 @@ session_rfc4954_auth_handler(struct session *s, char *args)
return 1;
}
+ if (s->s_state != S_HELO) {
+ session_respond(s, "503 Session already in progress");
+ return 1;
+ }
+
if (args == NULL) {
session_respond(s, "501 No parameters given");
return 1;
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-28 23:59:52 +0000