Merge tag 'upstream/0.5.2' into debian

Upstream version 0.5.2
author: Guilhem Moulin <guilhem@fripost.org> 2020-08-03 20:51:42 +0200
committer: Guilhem Moulin <guilhem@fripost.org> 2020-08-03 20:51:42 +0200
commit: 531e27c2dfd67b4ad600c2ad5e13e608a75f04d8 (patch)
tree: d669f8caf9c795d88ce3e72736157901dbcaec15 /tests/starttls-injection/t
parent: 887526e77f7a3b707c53457b076d098a1edefeb7 (diff)
parent: fe5501d4bb4c7c6365ceb009ea715356cca27a50 (diff)
1 files changed, 16 insertions, 0 deletions
diff --git a/tests/starttls-injection/t b/tests/starttls-injection/t
new file mode 100644
index 0000000..d57aa7a
--- /dev/null
+++ b/tests/starttls-injection/t
@@ -0,0 +1,16 @@
+# Test unauthenticated response injection after the STARTTLS response
+# For background see https://gitlab.com/muttmua/mutt/-/issues/248
+
+env -i USER="remote" HOME="$HOME_remote" "$TESTDIR/imapd" & PID=$!
+trap "ptree_abort $PID" EXIT INT TERM
+
+! interimap --debug || error
+
+# Make sure we show a warning but ignore ignore (unauthenticated) injected responses
+! grep -E 'remote: S: .*[ -]injected$' <"$STDERR" || error "unauthenticated response injection"
+grep -Fx 'remote: WARNING: Truncating non-empty output buffer (unauthenticated response injection?)' <"$STDERR" || error
+
+! grep -Fx 'remote: ERROR: Logins are disabled.' <"$STDERR" || error "injected capability wasn't ignored"
+grep -Fx 'remote: ERROR: Server did not advertise ENABLE (RFC 5161) capability.' <"$STDERR" || error "injected capability wasn't ignored"
+
+# vim: set filetype=sh :
author	Guilhem Moulin <guilhem@fripost.org>	2020-08-03 20:51:42 +0200
committer	Guilhem Moulin <guilhem@fripost.org>	2020-08-03 20:51:42 +0200
commit	531e27c2dfd67b4ad600c2ad5e13e608a75f04d8 (patch)
tree	d669f8caf9c795d88ce3e72736157901dbcaec15 /tests/starttls-injection/t
parent	887526e77f7a3b707c53457b076d098a1edefeb7 (diff)
parent	fe5501d4bb4c7c6365ceb009ea715356cca27a50 (diff)