From 9c47edf0d1aa8afa6d05dde93e7aa5169059c94a Mon Sep 17 00:00:00 2001
From: Timo Sirainen <tss@iki.fi>
Date: Wed, 23 Sep 2009 23:12:58 +0300
Subject: [PATCH] imap proxy: Detect and log invalid remote input.

--HG--
branch : HEAD
---
 src/imap-login/client.h     |  1 +
 src/imap-login/imap-proxy.c | 14 ++++++++++++++
 2 files changed, 15 insertions(+)

diff --git a/src/imap-login/client.h b/src/imap-login/client.h
index 5dc3d34107..1339ee39fc 100644
--- a/src/imap-login/client.h
+++ b/src/imap-login/client.h
@@ -15,6 +15,7 @@ struct imap_client {
 	unsigned int cmd_finished:1;
 	unsigned int proxy_sasl_ir:1;
 	unsigned int proxy_seen_banner:1;
+	unsigned int proxy_wait_auth_continue:1;
 	unsigned int skip_line:1;
 	unsigned int id_logged:1;
 	unsigned int client_ignores_capability_resp_code:1;
diff --git a/src/imap-login/imap-proxy.c b/src/imap-login/imap-proxy.c
index a94f4511da..34f16e8021 100644
--- a/src/imap-login/imap-proxy.c
+++ b/src/imap-login/imap-proxy.c
@@ -91,6 +91,7 @@ static void proxy_write_login(struct imap_client *client, string_t *str)
 	} else {
 		/* master user login without SASL initial response */
 		str_append(str, "L AUTHENTICATE PLAIN");
+		client->proxy_wait_auth_continue = TRUE;
 	}
 	str_append(str, "\r\n");
 }
@@ -155,6 +156,15 @@ int imap_proxy_parse_line(struct client *client, const char *line)
 		return 0;
 	} else if (*line == '+') {
 		/* AUTHENTICATE started. finish it. */
+		if (!imap_client->proxy_wait_auth_continue) {
+			client_log_err(client, t_strdup_printf(
+				"proxy: Unexpected input: %s",
+				str_sanitize(line, 160)));
+			client_proxy_failed(client, TRUE);
+			return -1;
+		}
+		imap_client->proxy_wait_auth_continue = FALSE;
+
 		str = t_str_new(128);
 		get_plain_auth(client, str);
 		str_append(str, "\r\n");
@@ -250,6 +260,9 @@ int imap_proxy_parse_line(struct client *client, const char *line)
 		return 0;
 	} else {
 		/* tagged reply, shouldn't happen. */
+		client_log_err(client, t_strdup_printf(
+			"proxy: Unexpected input, ignoring: %s",
+			str_sanitize(line, 160)));
 		return 0;
 	}
 }
@@ -260,4 +273,5 @@ void imap_proxy_reset(struct client *client)
 
 	imap_client->proxy_sasl_ir = FALSE;
 	imap_client->proxy_seen_banner = FALSE;
+	imap_client->proxy_wait_auth_continue = FALSE;
 }
-- 
2.47.3