changeset | 8ba4253adc9b |
---|---|
branch | HEAD |
bookmark | |
tag | tip |
user | Timo Sirainen <tss@iki.fi> |
description | *-login: SSL connections didn't get closed when the client got destroyed. |
files | src/imap-login/client.c src/login-common/ssl-proxy-openssl.c src/login-common/ssl-proxy.c src/login-common/ssl-proxy.h src/pop3-login/client.c |
changeset | d6bd9acd97e7 |
---|---|
branch | HEAD |
bookmark | |
tag | |
user | Timo Sirainen <tss@iki.fi> |
description | lib-storage: Don't crash when searching multiple keywords. Fixed by simply removing the keyword merging code. mail_search_args_simplify() is called before mail_search_args_init(), so the keywords are still NULL and merging can't be done. Alternative fix would have been to add string array to mail_search_arg.value containing the keywords, but all of this is a pretty unnecessary optimization. |
files | src/lib-storage/mail-search.c |
changeset | 6862d534e5b1 |
---|---|
branch | HEAD |
bookmark | |
tag | |
user | Timo Sirainen <tss@iki.fi> |
description | auth: Fixed error handling in GSSAPI when __gss_userok() was used. An invalid username would have been treated as successful and auth process probably would have crashed. |
files | src/auth/mech-gssapi.c |
changeset | a56eb5db0d87 |
---|---|
branch | HEAD |
bookmark | |
tag | |
user | Timo Sirainen <tss@iki.fi> |
description | message parser: Fixed infinite loop when parsing a specific message. |
files | src/lib-mail/message-parser.c |
changeset | c80abc48d486 |
---|---|
branch | HEAD |
bookmark | |
tag | |
user | Timo Sirainen <tss@iki.fi> |
description | lib-mail: rfc822_parse_quoted_string() didn't remove '\' from the strings. |
files | src/lib-mail/rfc822-parser.c |
changeset | 9f3c8c59f8c4 |
---|---|
branch | HEAD |
bookmark | |
tag | |
user | Timo Sirainen <tss@iki.fi> |
description | SSL: Enable SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS flag for extra security. This is to counter the "BEAST SSL" attack, although I don't think it's practical to implement against IMAP/POP3/LMTP protocols. There's really no way for attackers to inject any evil data before authentication, so the password is safe. Post-authentication attacker could cause clients to download evil emails, but even then clients don't typically redownload some specific mail, so there's really no way to extract anything useful. |
files | src/login-common/ssl-proxy-openssl.c |
changeset | 031a4c2fabea |
---|---|
branch | HEAD |
bookmark | |
tag | |
user | Timo Sirainen <tss@iki.fi> |
description | imap: CONTEXT search return option wasn't handled at all. |
files | src/imap/imap-search.c |
changeset | 9ab1c8a10944 |
---|---|
branch | HEAD |
bookmark | |
tag | |
user | Timo Sirainen <tss@iki.fi> |
description | lib-storage: Message size lookups from cache was broken if fields weren't in "normal" order in file. |
files | src/lib-storage/index/index-mail.c |
changeset | da3c7253b18c |
---|---|
branch | HEAD |
bookmark | |
tag | |
user | Timo Sirainen <tss@iki.fi> |
description | auth: DIGEST-MD5 didn't read nonce-count parameter correctly. Patch by Yubao Liu. |
files | src/auth/mech-digest-md5.c |
changeset | 02c2ac9ddf8c |
---|---|
branch | HEAD |
bookmark | |
tag | |
user | Timo Sirainen <tss@iki.fi> |
description | imap: FETCH BODY[HEADER.FIELDS (..)] may have tried to fetch garbage field names. Such situations were quite likely to cause a crash though. |
files | src/imap/imap-fetch-body.c |