Roundcubemail devel
parent: 77327e25 | patch | commit | show whitespace
alecpl
2010-10-28 f0638be52a0bdb313e608447763eb4481770c4b2 
- Close properly IMAP connection when login fails
- Don't use LOGIN when server sent LOGINDISABLED


1 files modified
29 ■■■■■ changed files
program/include/rcube_imap_generic.php 29 ●●●●● patch | view | raw | blame | history 
 program/include/rcube_imap_generic.php


@@ -680,8 +680,6 @@


            $auth_method = 'CHECK';


        }




        $message = "INITIAL: $auth_method\n";




        $result = false;




        // initialize connection


@@ -737,10 +735,12 @@


        // Connected to wrong port or connection error?


        if (!preg_match('/^\* (OK|PREAUTH)/i', $line)) {


            if ($line)


                $this->error = sprintf("Wrong startup greeting (%s:%d): %s", $host, $this->prefs['port'], $line);


                $error = sprintf("Wrong startup greeting (%s:%d): %s", $host, $this->prefs['port'], $line);


            else


                $this->error = sprintf("Empty startup greeting (%s:%d)", $host, $this->prefs['port']);


            $this->errornum = self::ERROR_BAD;


                $error = sprintf("Empty startup greeting (%s:%d)", $host, $this->prefs['port']);




            $this->set_error(self::ERROR_BAD, $error);


            $this->close();


            return false;


        }




@@ -749,7 +749,7 @@


            $this->parseCapability($matches[1], true);


        }




        $this->message .= $line;


        $this->message = $line;




        // TLS connection


        if ($this->prefs['ssl_mode'] == 'tls' && $this->getCapability('STARTTLS')) {


@@ -757,11 +757,13 @@


                   $res = $this->execute('STARTTLS');




                if ($res[0] != self::ERROR_OK) {


                    $this->close();


                    return false;


                }




                if (!stream_socket_enable_crypto($this->fp, true, STREAM_CRYPTO_METHOD_TLS_CLIENT)) {


                    $this->set_error(self::ERROR_BAD, "Unable to negotiate TLS");


                    $this->close();


                    return false;


                }




@@ -790,6 +792,12 @@


            }


        }


        else {


            // Prevent from sending credentials in plain text when connection is not secure


            if ($auth_method == 'LOGIN' && $this->getCapability('LOGINDISABLED')) {


                $this->set_error(self::ERROR_BAD, "Login disabled by IMAP server");


                $this->close();


                return false;


            }


            // replace AUTH with CRAM-MD5 for backward compat.


            $auth_methods[] = $auth_method == 'AUTH' ? 'CRAM-MD5' : $auth_method;


        }


@@ -829,8 +837,7 @@


        }




        // Close connection


        @fclose($this->fp);


        $this->fp = false;


        $this->close();




        return false;


    }


@@ -842,10 +849,10 @@




    function close()


    {


        if ($this->logged && $this->putLine($this->next_tag() . ' LOGOUT')) {


            if (!feof($this->fp))


                fgets($this->fp, 1024);


        if ($this->putLine($this->next_tag() . ' LOGOUT')) {


            $this->readReply();


        }




        @fclose($this->fp);


        $this->fp = false;


    }