* elmo-pop3.el (elmo-pop3-auth-apop): Use more strict regexp.

author yoichi <yoichi>

Tue, 24 Apr 2007 14:28:23 +0000 (14:28 +0000)

committer yoichi <yoichi>

Tue, 24 Apr 2007 14:28:23 +0000 (14:28 +0000)
author yoichi <yoichi>
Tue, 24 Apr 2007 14:28:23 +0000 (14:28 +0000)
committer yoichi <yoichi>
Tue, 24 Apr 2007 14:28:23 +0000 (14:28 +0000)
diff --git a/elmo/ChangeLog b/elmo/ChangeLog

index bf9cb76..05904f7 100644 (file)
--- a/elmo/ChangeLog
+++ b/elmo/ChangeLog
@@ -1,3 +1,9 @@
+2007-04-24  Yoichi NAKAYAMA  <yoichi@geiin.org>
+
+       * elmo-pop3.el (elmo-pop3-auth-apop): Use more strict regexp.
+       http://seclists.org/bugtraq/2007/Apr/0018.html
+       (Suggested by Tatsuya Kinoshita)
+
  2007-04-16  Yoichi NAKAYAMA  <yoichi@geiin.org>
  
         * elmo-imap4.el (elmo-folder-delete): Don't call close for mailbox
diff --git a/elmo/elmo-pop3.el b/elmo/elmo-pop3.el

index 19d052b..c95188d 100644 (file)
--- a/elmo/elmo-pop3.el
+++ b/elmo/elmo-pop3.el
@@ -299,7 +299,7 @@ CODE is one of the following:
      (car response)))
  
  (defun elmo-pop3-auth-apop (session)
-  (unless (string-match "^\+OK .*\\(<[^\>]+>\\)"
+  (unless (string-match "^\+OK .*\\(<[=!-;?-~]+@[=!-;?-~]+>\\)"
                         (elmo-network-session-greeting-internal session))
      (signal 'elmo-open-error '(elmo-pop3-auth-apop)))
    ;; good, APOP ready server
elmo/ChangeLog		patch \| blob \| history
elmo/elmo-pop3.el		patch \| blob \| history