diff options
| author |   Eric Faurot <eric@faurot.net> | 2014-05-12 16:39:17 +0200 |
|---|---|---|
| committer | Eric Faurot <eric@faurot.net> | 2014-05-12 16:39:17 +0200 |
| commit | b9c3e800a31b892cbced2ece18f6a43457e3b3c7 (patch) | |
| tree | 8e21ef62d83eccbb2d82eae51aaaa0fe082fc55b | |
| parent | remove some refernces to MFA (diff) | |
| download | OpenSMTPD-b9c3e800a31b892cbced2ece18f6a43457e3b3c7.tar.xz OpenSMTPD-b9c3e800a31b892cbced2ece18f6a43457e3b3c7.zip | |
Fix a possible double free when tls is required but not advertised by
the server.
| -rw-r--r-- | smtpd/mta_session.c | 10 |
1 files changed, 8 insertions, 2 deletions
diff --git a/smtpd/mta_session.c b/smtpd/mta_session.c index 520aab9a..efe3e00c 100644 --- a/smtpd/mta_session.c +++ b/smtpd/mta_session.c @@ -1,4 +1,4 @@ -/* $OpenBSD: mta_session.c,v 1.60 2014/04/19 13:35:51 gilles Exp $ */ +/* $OpenBSD$ */ /* * Copyright (c) 2008 Pierre-Yves Ritschard <pyr@openbsd.org> @@ -91,6 +91,7 @@ enum mta_state { #define MTA_LMTP 0x0800 #define MTA_WAIT 0x1000 #define MTA_HANGON 0x2000 +#define MTA_RECONN 0x4000 #define MTA_EXT_STARTTLS 0x01 #define MTA_EXT_PIPELINING 0x02 @@ -633,7 +634,7 @@ mta_enter_state(struct mta_session *s, int newstate) else if ((s->ext & MTA_EXT_STARTTLS) == 0) { if (s->flags & MTA_FORCE_TLS || s->flags & MTA_WANT_SECURE) { mta_error(s, "TLS required but not supported by remote host"); - mta_connect(s); + s->flags |= MTA_RECONN; } else /* server doesn't support starttls, do not use it */ @@ -1250,6 +1251,11 @@ mta_io(struct io *io, int evt) mta_free(s); return; } + if (s->flags & MTA_RECONN) { + s->flags &= ~MTA_RECONN; + mta_connect(s); + return; + } iobuf_normalize(&s->iobuf); |