[Tickets #6338] Re: Show the script in "Show Active Script"
bugs at horde.org
bugs at horde.org
Mon May 5 09:45:59 UTC 2008
DO NOT REPLY TO THIS MESSAGE. THIS EMAIL ADDRESS IS NOT MONITORED.
Ticket URL: http://bugs.horde.org/ticket/6338
-----------------------------------------------------------------------
Ticket | 6338
Updated By | skhorde at smail.inf.fh-bonn-rhein-sieg.de
Summary | Show the script in "Show Active Script"
Queue | Ingo
Version | 1.1.5
Type | Enhancement
State | No Feedback
Priority | 1. Low
Milestone |
Patch |
Owners |
-----------------------------------------------------------------------
skhorde at smail.inf.fh-bonn-rhein-sieg.de (2008-05-05 05:45) wrote:
The problem is in horde/pear/Net/Sieve.php as it does not fetch the
CAPABILITY string send after STARTTLS:
http://tools.ietf.org/html/draft-martin-managesieve-08#section-2.2
"After the TLS layer is established, the server MUST re-issue the
capability results, followed by an OK response. This is necessary to
protect against man-in-the-middle attacks which alter the
capabilities list prior to STARTTLS. This capability result MUST NOT
include the STARTTLS capability."
This patch allows TLS working:
@@ -373,6 +373,11 @@
if (PEAR::isError($res = $this->_startTLS())) {
return $res;
}
+ // Get STARTTLS capability and parse
+ if (PEAR::isError($res = $this->_doCmd())) {
+ return $res;
+ }
+ $this->_parseCapability($res);
}
}
More information about the bugs
mailing list