From: Stephan Bosch Date: Thu, 1 Mar 2018 13:53:11 +0000 (+0100) Subject: lib-smtp: server: Only accept XCLIENT command when the XCLIENT capability is active. X-Git-Tag: 2.3.9~2194 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=e1f52248b04b91cf1b5c8f55719391f03198242b;p=thirdparty%2Fdovecot%2Fcore.git lib-smtp: server: Only accept XCLIENT command when the XCLIENT capability is active. Report "502 Unsupported command" otherwise. Before, it would complain about the client not being trusted, which is confusing. --- diff --git a/src/lib-smtp/smtp-server-cmd-xclient.c b/src/lib-smtp/smtp-server-cmd-xclient.c index 29aa7f1252..78c039c342 100644 --- a/src/lib-smtp/smtp-server-cmd-xclient.c +++ b/src/lib-smtp/smtp-server-cmd-xclient.c @@ -95,6 +95,12 @@ void smtp_server_cmd_xclient(struct smtp_server_cmd_ctx *cmd, attribute-value = xtext */ + if ((conn->set.capabilities & SMTP_CAPABILITY_XCLIENT) == 0) { + smtp_server_reply(cmd, + 502, "5.5.1", "Unsupported command"); + return; + } + /* check transaction state as far as possible */ if (!cmd_xclient_check_state(cmd)) return; diff --git a/src/lmtp/client.c b/src/lmtp/client.c index 3affc7f45e..7089e888f7 100644 --- a/src/lmtp/client.c +++ b/src/lmtp/client.c @@ -150,7 +150,8 @@ struct client *client_create(int fd_in, int fd_out, SMTP_CAPABILITY_PIPELINING | SMTP_CAPABILITY_ENHANCEDSTATUSCODES | SMTP_CAPABILITY_8BITMIME | - SMTP_CAPABILITY_CHUNKING; + SMTP_CAPABILITY_CHUNKING | + SMTP_CAPABILITY_XCLIENT; if (!conn->ssl && master_service_ssl_is_enabled(master_service)) lmtp_set.capabilities |= SMTP_CAPABILITY_STARTTLS; lmtp_set.hostname = client->unexpanded_lda_set->hostname; diff --git a/src/submission-login/client.c b/src/submission-login/client.c index c71511ab14..0669d1ae00 100644 --- a/src/submission-login/client.c +++ b/src/submission-login/client.c @@ -69,7 +69,8 @@ static void submission_client_create(struct client *client, i_zero(&smtp_set); smtp_set.capabilities = SMTP_CAPABILITY_SIZE | - SMTP_CAPABILITY_ENHANCEDSTATUSCODES | SMTP_CAPABILITY_AUTH; + SMTP_CAPABILITY_ENHANCEDSTATUSCODES | SMTP_CAPABILITY_AUTH | + SMTP_CAPABILITY_XCLIENT; if (client_is_tls_enabled(client)) smtp_set.capabilities |= SMTP_CAPABILITY_STARTTLS; smtp_set.hostname = subm_client->set->hostname;