[nginx] Mail: reset imap tag to empty after authentication attempt.

[Maxim Dounin]

details:   http://freenginx.org/hg/nginx/rev/46ecad404a29
branches:  
changeset: 9274:46ecad404a29
user:      Rob Mueller <robm at fastmailteam.com>
date:      Wed May 15 10:06:00 2024 +0300
description:
Mail: reset imap tag to empty after authentication attempt.

We need to reset the imap tag to empty after an authentication attempt
completes, otherwise if the next line parsed is incomplete with no tag
(e.g. empty line) then we use the "tag" from the previous buffer which
is now definitely wrong and has been partially overwritten with the most
recently read data (e.g. CRLF).

An example before this patch:

S: * OK IMAP4 ready
C: foobar login a b
S: foobar NO Incorrect username or password.
C:
S:
S: obar BAD invalid command

Then with this patch:

S: * OK IMAP4 ready
C: foobar login a b
S: foobar NO Incorrect username or password.
C:
S: * BAD invalid command

diffstat:

 src/mail/ngx_mail_auth_http_module.c |  1 +
 1 files changed, 1 insertions(+), 0 deletions(-)

diffs (11 lines):

diff --git a/src/mail/ngx_mail_auth_http_module.c b/src/mail/ngx_mail_auth_http_module.c
--- a/src/mail/ngx_mail_auth_http_module.c
+++ b/src/mail/ngx_mail_auth_http_module.c
@@ -883,6 +883,7 @@ ngx_mail_auth_sleep_handler(ngx_event_t 
 
         s->mail_state = 0;
         s->auth_method = NGX_MAIL_AUTH_PLAIN;
+        s->tag.len = 0;
 
         c->log->action = "in auth state";