aboutsummaryrefslogtreecommitdiffstats
path: root/tests/starttls-injection/t
blob: d57aa7a2742c7b3d9afb30a57b08c288d1b6fe0d (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
# Test unauthenticated response injection after the STARTTLS response
# For background see https://gitlab.com/muttmua/mutt/-/issues/248

env -i USER="remote" HOME="$HOME_remote" "$TESTDIR/imapd" & PID=$!
trap "ptree_abort $PID" EXIT INT TERM

! interimap --debug || error

# Make sure we show a warning but ignore ignore (unauthenticated) injected responses
! grep -E 'remote: S: .*[ -]injected$' <"$STDERR" || error "unauthenticated response injection"
grep -Fx 'remote: WARNING: Truncating non-empty output buffer (unauthenticated response injection?)' <"$STDERR" || error

! grep -Fx 'remote: ERROR: Logins are disabled.' <"$STDERR" || error "injected capability wasn't ignored"
grep -Fx 'remote: ERROR: Server did not advertise ENABLE (RFC 5161) capability.' <"$STDERR" || error "injected capability wasn't ignored"

# vim: set filetype=sh :