diff options
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/ftp.c | 3 | ||||
| -rw-r--r-- | lib/imap.c | 4 | ||||
| -rw-r--r-- | lib/pop3.c | 4 | ||||
| -rw-r--r-- | lib/smtp.c | 4 |
4 files changed, 15 insertions, 0 deletions
@@ -2743,6 +2743,9 @@ static CURLcode ftp_statemachine(struct Curl_easy *data, case FTP_AUTH: /* we have gotten the response to a previous AUTH command */ + if(pp->cache_size) + return CURLE_WEIRD_SERVER_REPLY; /* Forbid pipelining in response. */ + /* RFC2228 (page 5) says: * * If the server is willing to accept the named security mechanism, diff --git a/lib/imap.c b/lib/imap.c index 923b1d59b..6163899bb 100644 --- a/lib/imap.c +++ b/lib/imap.c @@ -963,6 +963,10 @@ static CURLcode imap_state_starttls_resp(struct Curl_easy *data, (void)instate; /* no use for this yet */ + /* Pipelining in response is forbidden. */ + if(data->conn->proto.imapc.pp.cache_size) + return CURLE_WEIRD_SERVER_REPLY; + if(imapcode != IMAP_RESP_OK) { if(data->set.use_ssl != CURLUSESSL_TRY) { failf(data, "STARTTLS denied"); diff --git a/lib/pop3.c b/lib/pop3.c index a331d71f7..d3f3de6d4 100644 --- a/lib/pop3.c +++ b/lib/pop3.c @@ -771,6 +771,10 @@ static CURLcode pop3_state_starttls_resp(struct Curl_easy *data, CURLcode result = CURLE_OK; (void)instate; /* no use for this yet */ + /* Pipelining in response is forbidden. */ + if(data->conn->proto.pop3c.pp.cache_size) + return CURLE_WEIRD_SERVER_REPLY; + if(pop3code != '+') { if(data->set.use_ssl != CURLUSESSL_TRY) { failf(data, "STARTTLS denied"); diff --git a/lib/smtp.c b/lib/smtp.c index 20dc85a5f..02ddaca0a 100644 --- a/lib/smtp.c +++ b/lib/smtp.c @@ -834,6 +834,10 @@ static CURLcode smtp_state_starttls_resp(struct Curl_easy *data, CURLcode result = CURLE_OK; (void)instate; /* no use for this yet */ + /* Pipelining in response is forbidden. */ + if(data->conn->proto.smtpc.pp.cache_size) + return CURLE_WEIRD_SERVER_REPLY; + if(smtpcode != 220) { if(data->set.use_ssl != CURLUSESSL_TRY) { failf(data, "STARTTLS denied, code %d", smtpcode); |