diff options
author | Runxi Yu <me@runxiyu.org> | 2025-01-12 13:49:27 +0800 |
---|---|---|
committer | Runxi Yu <me@runxiyu.org> | 2025-01-12 13:49:27 +0800 |
commit | a520d623224197e417b278853c8d6ff112461dfa (patch) | |
tree | 86c011dda68b578709116446483d622ce3082aaa /mta_recv.go | |
parent | Add incoming STARTTLS support (diff) | |
download | maild-a520d623224197e417b278853c8d6ff112461dfa.tar.gz maild-a520d623224197e417b278853c8d6ff112461dfa.tar.zst maild-a520d623224197e417b278853c8d6ff112461dfa.zip |
Reject STARTTLS when already active or with excessive parameters
Diffstat (limited to 'mta_recv.go')
-rw-r--r-- | mta_recv.go | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/mta_recv.go b/mta_recv.go index 3f7f473..0ca81d9 100644 --- a/mta_recv.go +++ b/mta_recv.go @@ -56,6 +56,16 @@ func handle_incoming_server_connection(buf_conn *bufio.ReadWriter, net_conn *net switch_cmd: switch cmd { case "STARTTLS": + if param != "" { + _, _ = buf_conn.WriteString("501 5.5.4 Syntax error (no parameters allowed)\r\n") + _ = buf_conn.Flush() + break + } + if tls_conn != nil { + _, _ = buf_conn.WriteString("554 5.5.1 Error: TLS already active\r\n") + _ = buf_conn.Flush() + break + } _, _ = buf_conn.WriteString("220 2.0.0 Ready to start TLS\r\n") _ = buf_conn.Flush() tls_conn = tls.Server(*net_conn, tls_config) |