aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorSteve Holme <steve_holme@hotmail.com>2013-02-10 19:56:54 +0000
committerSteve Holme <steve_holme@hotmail.com>2013-02-10 19:56:54 +0000
commite0f4af403208b61ec7e19c05ec9b6187146c5189 (patch)
tree5a99678aec02c1f5d010c15469315c3f90d42408
parentb50ce1e5ba3d28f5d75a8d32f11238ae9c9e3fa1 (diff)
pop3: Added support for the STLS capability (Part Three)
Added honoring of the tls_supported flag when starting a TLS upgrade rather than unconditionally attempting it. If the use_ssl flag is set to CURLUSESSL_TRY and the server doesn't support TLS upgrades then the connection will continue to authenticate. If this flag is set to CURLUSESSL_ALL then the connection will complete with a failure as it did previously.
-rw-r--r--lib/pop3.c15
1 files changed, 12 insertions, 3 deletions
diff --git a/lib/pop3.c b/lib/pop3.c
index 8d8dab8a1..2b58df9b5 100644
--- a/lib/pop3.c
+++ b/lib/pop3.c
@@ -636,15 +636,24 @@ static CURLcode pop3_state_capa_resp(struct connectdata *conn, int pop3code,
{
CURLcode result = CURLE_OK;
struct SessionHandle *data = conn->data;
+ struct pop3_conn *pop3c = &conn->proto.pop3c;
(void)instate; /* no use for this yet */
if(pop3code != '+')
result = pop3_state_user(conn);
else if(data->set.use_ssl && !conn->ssl[FIRSTSOCKET].use) {
- /* We don't have a SSL/TLS connection yet, but SSL is requested. Switch
- to TLS connection now */
- result = pop3_state_starttls(conn);
+ /* We don't have a SSL/TLS connection yet, but SSL is requested */
+ if(pop3c->tls_supported)
+ /* Switch to TLS connection now */
+ result = pop3_state_starttls(conn);
+ else if(data->set.use_ssl == CURLUSESSL_TRY)
+ /* Fallback and carry on with authentication */
+ result = pop3_authenticate(conn);
+ else {
+ failf(data, "STLS not supported.");
+ result = CURLE_USE_SSL_FAILED;
+ }
}
else
result = pop3_authenticate(conn);