public void execute(AbstractPop3Handler handler, AbstractPop3Connection conn, String cmd) { try { if (!handler.isUsingAPOPAuthMethod(conn)) conn.println("-ERR APOP not authorized"); else { String[] cmdLine = StringUtilities.split(cmd); if (cmdLine.length < 3) { conn.println("-ERR Required syntax: APOP <name> <digest>"); return; } String username = cmdLine[1]; Pop3State state = conn.getState(); state.setUser(state.getUser(username)); byte[] uniqueKey = (state.getGeneratedAPOPBanner() + state.getUser().getPassword()) .getBytes(MailsterConstants.DEFAULT_CHARSET_NAME); String hash = null; synchronized (md5) { md5.Init(); md5.Update(uniqueKey); hash = md5.asHex(); } if (hash.equals(cmdLine[2])) tryLockingMailbox(conn); else conn.println("-ERR permission denied"); } } catch (Exception ex) { // Shouldn't append cause we automatically create the mailbox. // RFC 1939 states it is a security threat to respond -ERR // as it is giving potential attackers clues about which names are // valid conn.println("-ERR " + ex.getMessage()); } }
public void execute(AbstractPop3Handler handler, AbstractPop3Connection conn, String cmd) { try { String[] cmdLine = StringUtilities.split(cmd); if (cmdLine.length > 1) { conn.println("-ERR Required syntax: STLS"); return; } if (!MailsterKeyStoreFactory.getInstance().isStoreLoaded()) { conn.println("-ERR TLS is disabled because of wrong server configuration"); return; } if (conn.isTLSConnection()) { conn.println("-ERR Command not permitted when TLS is already active"); return; } conn.startTLS("+OK Begin TLS negotiation"); conn.getState().reset(); // clean state } catch (Exception ex) { conn.println("-ERR " + ex.getMessage()); } }