diff options
| author | Jacek Masiulaniec <jacekm@cvs.openbsd.org> | 2009-05-27 13:11:40 +0000 |
|---|---|---|
| committer | Jacek Masiulaniec <jacekm@cvs.openbsd.org> | 2009-05-27 13:11:40 +0000 |
| commit | 6a8a5a251dfc9d033763ade4c29ff7d7f67151e5 (patch) | |
| tree | 69592e03ef7c38b375e11008adff67ffe9e53b8c /usr.sbin | |
| parent | 864dce2bc80e7c0ba01cabe9f8f53e7bbfdb85e3 (diff) | |
After a successful AUTH command completes, reject any further AUTH commands.
ok gilles@
Diffstat (limited to 'usr.sbin')
| -rw-r--r-- | usr.sbin/smtpd/smtp_session.c | 15 | ||||
| -rw-r--r-- | usr.sbin/smtpd/smtpd.h | 5 |
2 files changed, 13 insertions, 7 deletions
diff --git a/usr.sbin/smtpd/smtp_session.c b/usr.sbin/smtpd/smtp_session.c index 68f41878b41..08a52294cee 100644 --- a/usr.sbin/smtpd/smtp_session.c +++ b/usr.sbin/smtpd/smtp_session.c @@ -1,4 +1,4 @@ -/* $OpenBSD: smtp_session.c,v 1.98 2009/05/27 13:09:07 jacekm Exp $ */ +/* $OpenBSD: smtp_session.c,v 1.99 2009/05/27 13:11:39 jacekm Exp $ */ /* * Copyright (c) 2008 Gilles Chehade <gilles@openbsd.org> @@ -139,8 +139,13 @@ session_rfc4954_auth_handler(struct session *s, char *args) char *method; char *eom; - if (! ADVERTISE_AUTH(s)) - return 0; + if (! ADVERTISE_AUTH(s)) { + if (s->s_flags & F_AUTHENTICATED) { + session_respond(s, "503 Already authenticated"); + return 1; + } else + return 0; + } if (s->s_state == S_GREETED) { session_respond(s, "503 Polite people say HELO first"); @@ -315,7 +320,7 @@ session_rfc5321_helo_handler(struct session *s, char *args) } s->s_state = S_HELO; - s->s_flags &= F_SECURE; + s->s_flags &= F_SECURE|F_AUTHENTICATED; session_respond(s, "250 %s Hello %s [%s], pleased to meet you", s->s_env->sc_hostname, args, ss_to_text(&s->s_ss)); @@ -338,7 +343,7 @@ session_rfc5321_ehlo_handler(struct session *s, char *args) } s->s_state = S_HELO; - s->s_flags &= F_SECURE; + s->s_flags &= F_SECURE|F_AUTHENTICATED; s->s_flags |= F_EHLO; s->s_flags |= F_8BITMIME; diff --git a/usr.sbin/smtpd/smtpd.h b/usr.sbin/smtpd/smtpd.h index 70f539f8eca..5e8735ebde0 100644 --- a/usr.sbin/smtpd/smtpd.h +++ b/usr.sbin/smtpd/smtpd.h @@ -1,4 +1,4 @@ -/* $OpenBSD: smtpd.h,v 1.117 2009/05/27 13:09:07 jacekm Exp $ */ +/* $OpenBSD: smtpd.h,v 1.118 2009/05/27 13:11:39 jacekm Exp $ */ /* * Copyright (c) 2008 Gilles Chehade <gilles@openbsd.org> @@ -89,7 +89,8 @@ ((s)->s_l->flags & F_STARTTLS && !((s)->s_flags & F_SECURE)) #define ADVERTISE_AUTH(s) \ - ((s)->s_l->flags & F_AUTH && ((s)->s_flags & F_SECURE)) + ((s)->s_l->flags & F_AUTH && (s)->s_flags & F_SECURE && \ + !((s)->s_flags & F_AUTHENTICATED)) struct netaddr { struct sockaddr_storage ss; |