Hello,
Maybe I'm not understanding the purpose of the return value, but the way
I'm looking at it, function TSMTPSend.Login: Boolean; can return True
even if the Login fails.
In the code for the Login method the result is true when we get to this
code (smtpsend.pas line 456 in version 40):
if s <> '' then
begin
if Pos('CRAM-MD5', auths) > 0 then
FAuthDone := AuthCram;
if (not FauthDone) and (Pos('PLAIN', auths) > 0) then
FAuthDone := AuthPlain;
if (not FauthDone) and (Pos('LOGIN', auths) > 0) then
FAuthDone := AuthLogin;
end;
When we leave the code block, FAuthDone can be set to False, but that
never gets propagated to the Result, leaving a failed login but True result.
This is my proposed solution:
if s <> '' then
begin
if Pos('CRAM-MD5', auths) > 0 then
FAuthDone := AuthCram;
if (not FauthDone) and (Pos('PLAIN', auths) > 0) then
FAuthDone := AuthPlain;
if (not FauthDone) and (Pos('LOGIN', auths) > 0) then
FAuthDone := AuthLogin;
Result := FAuthDone; // <-- We set the result here to reflect the
outcome of authorization
end;
This proposed solution makes the assumption that we need authorization
(which, to me is a correct assumption).
Is this a bug in the Login function or am I looking at the function's
return value wrong?
--thanks
------------------------------------------------------------------------------
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and
threat landscape has changed and how IT managers can respond. Discussions
will include endpoint security, mobile security and the latest in malware
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
_______________________________________________
synalist-public mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/synalist-public
