RPOP support is back.

svn path=/trunk/; revision=791

6 files changed, 49 insertions, 4 deletions

diff --git a/NEWS b/NEWS
index bdbd6906..8fb6470e 100644
--- a/NEWS
+++ b/NEWS
@@ -1,7 +1,7 @@
 			Release Notes:
 
 ------------------------------------------------------------------------------
-fetchmail-2.9 ()
+fetchmail-3.0 (Sat Jan 18 22:00:17 EST 1997)
 
 features --
 
@@ -17,6 +17,8 @@ features --
 
 * Options such as `nokeep' can now be written `no keep'.
 
+* RPOP support is back by user request.
+
 Note: The first two changes mean that older .fetchmailrc files using
 the `set' syntax for these options will cause fetchmail to die with a
 parse error at initialization time.  Conversion is trivial -- for
@@ -44,7 +46,7 @@ Note: the RFC subdirectory is no longer included with the distribution
 (this cut its size in half!)  Instead, applicable RFCs are listed on the
 manual page.
 
-There are 195 people on the fetchmail-friends list.
+There are 197 people on the fetchmail-friends list.
 
 ------------------------------------------------------------------------------
 fetchmail-2.8 (Sat Jan 11 15:48:33 EST 1997)
diff --git a/README b/README
index a0576863..58d31884 100644
--- a/README
+++ b/README
@@ -28,6 +28,8 @@ major new features since 2.0:
 	** (Linux only) Security option to permit fetchmail to poll a host 
 	   only when a point-to-point link to a particular IP address is up.
 
+	** RPOP support is back.
+
 There have also been numerous improvements in multidrop mailbox handling.
 Under many circumstances fetchmail can now determine a mail message's
 envelope address from its headers, making multidrop forwarding more reliable.
@@ -36,7 +38,7 @@ Here are fetchmail's main features.  Those unique to fetchmail
 (relative to fetchpop1.9, PopTart-0.9.3, get-mail, gwpop, pimp-1.0,
 pop-perl5-1.2, popc, popmail-1.6 and upop) are marked with **.
 
-	*  **POP2, POP3, **APOP, **IMAP2bis, **IMAP4 support.
+	*  **POP2, POP3, **APOP, **RPOP, **IMAP2bis, **IMAP4 support.
 
 	** Support for Kerberos user authentication (either MIT or Cygnus).
 
diff --git a/fetchmail.c b/fetchmail.c
index 0ae0fe4c..f762a873 100644
--- a/fetchmail.c
+++ b/fetchmail.c
@@ -647,6 +647,13 @@ static int load_params(int argc, char **argv, int optind)
 			       ctl->server.names->id);
 		exit(PS_SYNTAX);
 	    }
+	    if (ctl->server.protocol == P_RPOP && ctl->server.port >= 1024)
+	    {
+		(void) fprintf(stderr,
+			       "%s configuration invalid, RPOP requires a privileged port",
+			       ctl->server.names->id);
+		exit(PS_SYNTAX);
+	    }
 	}
     }
 
@@ -702,6 +709,7 @@ static char *showproto(int proto)
     case P_POP3: return("POP3"); break;
     case P_IMAP: return("IMAP"); break;
     case P_APOP: return("APOP"); break;
+    case P_RPOP: return("RPOP"); break;
     default: return("unknown?!?"); break;
     }
 }
@@ -740,6 +748,7 @@ static int query_host(struct query *ctl)
 	break;
     case P_POP3:
     case P_APOP:
+    case P_RPOP:
 	return(doPOP3(ctl));
 	break;
     case P_IMAP:
@@ -777,6 +786,8 @@ void dump_params (struct query *ctl)
     else if (outlevel == O_VERBOSE)
 	if (ctl->server.protocol == P_APOP)
 	    printf("  APOP secret = '%s'.\n", visbuf(ctl->password));
+	else if (ctl->server.protocol == P_RPOP)
+	    printf("  RPOP id = '%s'.\n", visbuf(ctl->password));
         else
 	    printf("  Password = '%s'.\n", visbuf(ctl->password));
     if (ctl->server.protocol == P_POP3 
diff --git a/fetchmail.h b/fetchmail.h
index 4294bf36..c1913f1a 100644
--- a/fetchmail.h
+++ b/fetchmail.h
@@ -8,6 +8,7 @@
 #define		P_POP3		3
 #define		P_IMAP		4
 #define		P_APOP		5
+#define		P_RPOP		6
 
 #define		KPOP_PORT	1109
 
diff --git a/fetchmail.man b/fetchmail.man
index 762adb3c..c8d46a8d 100644
--- a/fetchmail.man
+++ b/fetchmail.man
@@ -136,6 +136,8 @@ Post Office Protocol 2
 Post Office Protocol 3
 .IP APOP
 Use POP3 with MD5 authentication.
+.IP RPOP
+Use POP3 with RPOP authentication.
 .IP KPOP
 Use POP3 with Kerberos authentication on port 1109.
 .RE
@@ -330,6 +332,19 @@ password are usually assigned by the server administrator when you apply for
 a mailbox on the server.  Contact your server administrator if you don't know 
 the correct user-id and password for your mailbox account.
 .PP
+Early versions of POP3 (RFC1081, RFC1225) supported a crude form of
+independent authentication using the
+.I rhosts
+file on the mailserver side.  Under this RPOP variant, a fixed
+per-user ID equivalent to a password was sent in clear over a link to
+a reserved port, with the command RPOP rather than PASS to alert the
+server that it should do special checking.  RPOP is supported
+by
+.I fetchmail
+(you can specify `protocol RPOP' to have the program send `RPOP'
+rather than `PASS') but its use is strongly discouraged.  This
+facility was vulnerable to spoofing and was withdrawn in RFC1460.
+.PP
 RFC1460 introduced APOP authentication.  In this variant of POP3,
 you register an APOP password on your server host (the program
 to do this with on the server is probably called \fIpopauth\fR(8)).  You
@@ -967,6 +982,12 @@ RFC 937
 POP3:
 RFC 1081, RFC 1225, RFC 1460, RFC 1725, RFC 1939
 .TP 5
+APOP:
+RFC 1460, RFC 1725, RFC 1939
+.TP 5
+RPOP:
+RFC 1081, RFC 1225
+.TP 5
 IMAP2/IMAP2BIS:
 RFC 1176, RFC 1732
 .TP 5
diff --git a/pop3.c b/pop3.c
index b8f67bb5..01b92b84 100644
--- a/pop3.c
+++ b/pop3.c
@@ -104,7 +104,7 @@ int pop3_getauth(FILE *sockfp, struct query *ctl, char *greeting)
 
     switch (ctl->server.protocol) {
     case P_POP3:
-	if ((gen_transact(sockfp,"USER %s", ctl->remotename)) != 0)
+	if ((gen_transact(sockfp, "USER %s", ctl->remotename)) != 0)
 	    PROTOCOL_ERROR
 
 	if ((gen_transact(sockfp, "PASS %s", ctl->password)) != 0)
@@ -117,6 +117,14 @@ int pop3_getauth(FILE *sockfp, struct query *ctl, char *greeting)
 	    PROTOCOL_ERROR
 	break;
 
+    case P_RPOP:
+	if ((gen_transact(sockfp,"USER %s", ctl->remotename)) != 0)
+	    PROTOCOL_ERROR
+
+	if ((gen_transact(sockfp, "RPOP %s", ctl->password)) != 0)
+	    PROTOCOL_ERROR
+	break;
+
     default:
 	error(0, 0, "Undefined protocol request in POP3_auth");
     }