From: Timo Sirainen Date: Mon, 3 Aug 2020 10:21:14 +0000 (+0300) Subject: pop3-login: Fix the next command failing after unsuccessful AUTH X-Git-Tag: 2.3.13~417 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=d0ea7f9f4530878a40ae0275cf0c36d3ff9111fc;p=thirdparty%2Fdovecot%2Fcore.git pop3-login: Fix the next command failing after unsuccessful AUTH If the AUTH command failed (e.g. bad password or proxying failure), the next command was still processed as AUTH command. For example: auth plain . -ERR [AUTH] Invalid base64 data in initial response quit -ERR [AUTH] Unsupported authentication mechanism. --- diff --git a/src/pop3-login/client-authenticate.c b/src/pop3-login/client-authenticate.c index 21716d34b4..e215833395 100644 --- a/src/pop3-login/client-authenticate.c +++ b/src/pop3-login/client-authenticate.c @@ -127,6 +127,15 @@ int cmd_auth(struct pop3_client *pop3_client) ir = t_strdup(str_c(client->auth_response)); pop3_client->auth_mech_name_parsed = FALSE; + /* The whole AUTH line command is parsed now. The rest of the SASL + protocol exchange happens in login-common code. We can free the + current command here already, because no pop3-login code is called + until the authentication is finished. Also, there's currently no + single location that is called in pop3-login code after the + authentication is finished. For example it could be an auth failure + or it could be a successful authentication with a proxying + failure. */ + i_free(pop3_client->current_cmd); return client_auth_begin(client, t_strdup(client->auth_mech_name), ir); }