blob: d57aa7a2742c7b3d9afb30a57b08c288d1b6fe0d (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
|
# Test unauthenticated response injection after the STARTTLS response
# For background see https://gitlab.com/muttmua/mutt/-/issues/248
env -i USER="remote" HOME="$HOME_remote" "$TESTDIR/imapd" & PID=$!
trap "ptree_abort $PID" EXIT INT TERM
! interimap --debug || error
# Make sure we show a warning but ignore ignore (unauthenticated) injected responses
! grep -E 'remote: S: .*[ -]injected$' <"$STDERR" || error "unauthenticated response injection"
grep -Fx 'remote: WARNING: Truncating non-empty output buffer (unauthenticated response injection?)' <"$STDERR" || error
! grep -Fx 'remote: ERROR: Logins are disabled.' <"$STDERR" || error "injected capability wasn't ignored"
grep -Fx 'remote: ERROR: Server did not advertise ENABLE (RFC 5161) capability.' <"$STDERR" || error "injected capability wasn't ignored"
# vim: set filetype=sh :
|
