mirror of
https://github.com/moparisthebest/curl
synced 2024-12-21 23:58:49 -05:00
pop3: Added support for the STLS capability (Part Three)
Added honoring of the tls_supported flag when starting a TLS upgrade rather than unconditionally attempting it. If the use_ssl flag is set to CURLUSESSL_TRY and the server doesn't support TLS upgrades then the connection will continue to authenticate. If this flag is set to CURLUSESSL_ALL then the connection will complete with a failure as it did previously.
This commit is contained in:
parent
b50ce1e5ba
commit
e0f4af4032
15
lib/pop3.c
15
lib/pop3.c
@ -636,15 +636,24 @@ static CURLcode pop3_state_capa_resp(struct connectdata *conn, int pop3code,
|
||||
{
|
||||
CURLcode result = CURLE_OK;
|
||||
struct SessionHandle *data = conn->data;
|
||||
struct pop3_conn *pop3c = &conn->proto.pop3c;
|
||||
|
||||
(void)instate; /* no use for this yet */
|
||||
|
||||
if(pop3code != '+')
|
||||
result = pop3_state_user(conn);
|
||||
else if(data->set.use_ssl && !conn->ssl[FIRSTSOCKET].use) {
|
||||
/* We don't have a SSL/TLS connection yet, but SSL is requested. Switch
|
||||
to TLS connection now */
|
||||
result = pop3_state_starttls(conn);
|
||||
/* We don't have a SSL/TLS connection yet, but SSL is requested */
|
||||
if(pop3c->tls_supported)
|
||||
/* Switch to TLS connection now */
|
||||
result = pop3_state_starttls(conn);
|
||||
else if(data->set.use_ssl == CURLUSESSL_TRY)
|
||||
/* Fallback and carry on with authentication */
|
||||
result = pop3_authenticate(conn);
|
||||
else {
|
||||
failf(data, "STLS not supported.");
|
||||
result = CURLE_USE_SSL_FAILED;
|
||||
}
|
||||
}
|
||||
else
|
||||
result = pop3_authenticate(conn);
|
||||
|
Loading…
Reference in New Issue
Block a user