Authentication over SSL
Julien ÉLIE
julien at trigofacile.com
Mon Sep 22 19:51:55 UTC 2008
Hi Russ,
>> The main problem is that we then need to force a re-authentication after
>> a successful TLS negotiation (because we need to change the current auth
>> block). I do not know if it is wise to do that.
>
> We have to discard any authentication after STARTTLS anyway. All state
> must be reset after STARTTLS and no information from the connection prior
> to STARTTLS can be trusted other than MODE READER. (It may have been the
> result of a man-in-the-middle attack.)
Hmm...
You frighten me because I implemented that:
AUTHINFO USER test
381 Enter password
AUTHINFO PASS test
281 Authentication succeeded
STARTTLS
502 Already authenticated
According to RFC 4642:
Syntax
STARTTLS
Responses
382 Continue with TLS negotiation
502 Command unavailable [1]
580 Can not initiate TLS negotiation
[1] If a TLS layer is already active, or if authentication has
occurred, STARTTLS is not a valid command (see Section 2.2.2).
And I understood that STARTTLS could not be sent after AUTHINFO
(but the contrary is possible).
Note that section 2.2.2 does not explain further that behaviour...
--
Julien ÉLIE
« Medicus dedit qui temporis morbo curam,
Is plus remedii quam cutis sector dedit. »
More information about the inn-workers
mailing list