# Test unauthenticated response injection after the STARTTLS response
# For background see https://gitlab.com/muttmua/mutt/-/issues/248

env -i USER="remote" HOME="$HOME_remote" "$TESTDIR/imapd" & PID=$!
trap "ptree_abort $PID" EXIT INT TERM

! interimap --debug || error

# Make sure we show a warning but ignore ignore (unauthenticated) injected responses
! grep -E 'remote: S: .*[ -]injected$' <"$STDERR" || error "unauthenticated response injection"
grep -Fx 'remote: WARNING: Truncating non-empty output buffer (unauthenticated response injection?)' <"$STDERR" || error

! grep -Fx 'remote: ERROR: Logins are disabled.' <"$STDERR" || error "injected capability wasn't ignored"
grep -Fx 'remote: ERROR: Server did not advertise ENABLE (RFC 5161) capability.' <"$STDERR" || error "injected capability wasn't ignored"

# vim: set filetype=sh :