From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on dcvr.yhbt.net X-Spam-Level: X-Spam-ASN: X-Spam-Status: No, score=-4.2 required=3.0 tests=ALL_TRUSTED,BAYES_00, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF shortcircuit=no autolearn=ham autolearn_force=no version=3.4.2 Received: from localhost (dcvr.yhbt.net [127.0.0.1]) by dcvr.yhbt.net (Postfix) with ESMTP id 5658C1F61C; Wed, 20 Jul 2022 09:24:14 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=80x24.org; s=selector1; t=1658309054; bh=N881dyx7LTNBbyb2vGR7eBK35BsQkUVY+VLcLf6fUes=; h=From:To:Subject:Date:In-Reply-To:References:From; b=aSFmxeZXVsZ1kI4CsefvJsJbaFUwlGuCYUKBYZtCIjkky1jJ2L7IwAmvoqOkzlmdV YQ9vVkNZRtTetGbRW93wi+F0e2e9esOyntqiW9xgIRZoEhqcyauj/UarKSP3gfykf3 SKYfbqffXzcPYH2aw5Nvz3ZU8pWnN8tCM6xHNCMs= From: Eric Wong To: meta@public-inbox.org Subject: [PATCH v2 5/5] pop3: advertise STLS in CAPA if appropriate Date: Wed, 20 Jul 2022 09:24:13 +0000 Message-Id: <20220720092413.3309948-6-e@80x24.org> In-Reply-To: <20220720092413.3309948-1-e@80x24.org> References: <20220720092413.3309948-1-e@80x24.org> MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit List-Id: This is documented in RFC 2595, and POP3 clients may rely on seeing "STLS" in CAPA output to initiate TLS negotiation. --- Documentation/standards.perl | 1 + lib/PublicInbox/POP3.pm | 6 ++++-- t/pop3d.t | 7 +++++++ 3 files changed, 12 insertions(+), 2 deletions(-) diff --git a/Documentation/standards.perl b/Documentation/standards.perl index 835de3a2..c36afb5d 100755 --- a/Documentation/standards.perl +++ b/Documentation/standards.perl @@ -69,6 +69,7 @@ my $rfcs = [ 1081 => 'Post Office Protocol – Version 3', 1939 => 'Post Office Protocol – Version 3 (STD 53)', 2449 => 'POP3 extension mechanism', + 2595 => 'STARTTLS for IMAP and POP3', 2384 => 'POP URL Scheme', # TODO: flesh this out diff --git a/lib/PublicInbox/POP3.pm b/lib/PublicInbox/POP3.pm index 2c20c84b..ec73893c 100644 --- a/lib/PublicInbox/POP3.pm +++ b/lib/PublicInbox/POP3.pm @@ -343,15 +343,17 @@ sub cmd_dele { # RFC 2449 sub cmd_capa { my ($self) = @_; + my $STLS = !$self->{ibx} && !$self->{sock}->can('stop_SSL') && + $self->{pop3d}->{accept_tls} ? "\nSTLS\r" : ''; $self->{expire} = ''; # "EXPIRE 0" allows clients to avoid DELE commands - \<sockhost, Port => $pop3s->sockport, SSL => 1, %o); my $p3s = Net::POP3->new(@p3s_args); + my $capa = $p3s->capa; + ok(!exists $capa->{STLS}, 'no STLS CAPA for POP3S'); ok($p3s->quit, 'QUIT works w/POP3S'); { $p3s = Net::POP3->new(@p3s_args); @@ -127,7 +129,11 @@ for my $args ( my $np3 = Net::POP3->new(@np3_args); ok($np3->quit, 'plain QUIT works'); $np3 = Net::POP3->new(@np3_args, %o); + $capa = $np3->capa; + ok(exists $capa->{STLS}, 'STLS CAPA advertised before STLS'); ok($np3->starttls, 'STLS works'); + $capa = $np3->capa; + ok(!exists $capa->{STLS}, 'STLS CAPA not advertised after STLS'); ok($np3->quit, 'QUIT works after STLS'); for my $mailbox (('x'x32)."\@$group", $group, ('a'x32)."\@z.$group") { @@ -239,6 +245,7 @@ EOF my $capa = $oldc->capa; ok(defined($capa->{PIPELINING}), 'pipelining supported by CAPA'); is($capa->{EXPIRE}, 0, 'EXPIRE 0 set'); + ok(!exists $capa->{STLS}, 'STLS unset w/o daemon certs'); # ensure TOP doesn't trigger "EXPIRE 0" like RETR does (cf. RFC2449) my $list = $oldc->list;