aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorEric S. Raymond <esr@thyrsus.com>2004-01-13 07:02:39 +0000
committerEric S. Raymond <esr@thyrsus.com>2004-01-13 07:02:39 +0000
commitcbd3a0b35222d2f720da82df0504469da064ff68 (patch)
tree522ddd45a011e0684890cff7130b90ba34d1f248
parent908792f78a5233c5f6ec7ac02b5f6addddc5a486 (diff)
downloadfetchmail-cbd3a0b35222d2f720da82df0504469da064ff68.tar.gz
fetchmail-cbd3a0b35222d2f720da82df0504469da064ff68.tar.bz2
fetchmail-cbd3a0b35222d2f720da82df0504469da064ff68.zip
POP3 strong authentication fixes.
svn path=/trunk/; revision=3873
Diffstat
-rw-r--r--NEWS4
-rw-r--r--fetchmail.h2
-rw-r--r--gssapi.c4
-rw-r--r--imap.c2
-rw-r--r--pop3.c9
5 files changed, 14 insertions, 7 deletions
diff --git a/NEWS b/NEWS
index 5aebe8de..c998e507 100644
--- a/NEWS
+++ b/NEWS
@@ -5,7 +5,9 @@
* Sunil Shetye's fix to force fetchsizelimit to 1 for APOP and RPOP.
* PopDel.py removed from contrib at author's request.
* Matthias Andree's fix for Sunil Shetye's fetvh-split patch
-* include James Stone's moldremover.py script.
+* Include James Stone's moldremover.py script.
+* Enable .fetchmailrc permissions checking under Cygwin.
+* Nalin Dahyabai's fix for POP3 strong authentication.
fetchmail-6.2.5 (Wed Oct 15 18:39:22 EDT 2003), 23079 lines:
diff --git a/fetchmail.h b/fetchmail.h
index ac89f42c..7d73032a 100644
--- a/fetchmail.h
+++ b/fetchmail.h
@@ -600,7 +600,7 @@ int doODMR (struct query *);
/* authentication functions */
int do_cram_md5(int sock, char *command, struct query *ctl, char *strip);
int do_rfc1731(int sock, char *command, char *truename);
-int do_gssauth(int sock, char *command, char *hostname, char *username);
+int do_gssauth(int sock, char *command, char *service, char *hostname, char *username);
int do_otp(int sock, char *command, struct query *ctl);
/* miscellanea */
diff --git a/gssapi.c b/gssapi.c
index 2769ca46..3b70a934 100644
--- a/gssapi.c
+++ b/gssapi.c
@@ -38,7 +38,7 @@
#define GSSAUTH_P_INTEGRITY 2
#define GSSAUTH_P_PRIVACY 4
-int do_gssauth(int sock, char *command, char *hostname, char *username)
+int do_gssauth(int sock, char *command, char *service, char *hostname, char *username)
{
gss_buffer_desc request_buf, send_token;
gss_buffer_t sec_token;
@@ -53,7 +53,7 @@ int do_gssauth(int sock, char *command, char *hostname, char *username)
int result;
/* first things first: get an imap ticket for host */
- sprintf(buf1, "imap@%s", hostname);
+ sprintf(buf1, "%s@%s", service, hostname);
request_buf.value = buf1;
request_buf.length = strlen(buf1) + 1;
maj_stat = gss_import_name(&min_stat, &request_buf, GSS_C_NT_HOSTBASED_SERVICE,
diff --git a/imap.c b/imap.c
index 13bc170d..b667c4a6 100644
--- a/imap.c
+++ b/imap.c
@@ -392,7 +392,7 @@ static int imap_getauth(int sock, struct query *ctl, char *greeting)
if ((ctl->server.authenticate == A_ANY
|| ctl->server.authenticate == A_GSSAPI)
&& strstr(capabilities, "AUTH=GSSAPI"))
- if(ok = do_gssauth(sock, "AUTHENTICATE", ctl->server.truename, ctl->remotename))
+ if(ok = do_gssauth(sock, "AUTHENTICATE", "imap", ctl->server.truename, ctl->remotename))
{
/* SASL cancellation of authentication */
gen_send(sock, "*");
diff --git a/pop3.c b/pop3.c
index 8e356f18..a3d2d63f 100644
--- a/pop3.c
+++ b/pop3.c
@@ -365,7 +365,12 @@ static int pop3_getauth(int sock, struct query *ctl, char *greeting)
* These authentication methods are blessed by RFC1734,
* describing the POP3 AUTHentication command.
*/
- if (ctl->server.authenticate == A_ANY)
+ if ((ctl->use_ssl != FLAG_FALSE) ||
+ (ctl->server.authenticate == A_ANY) ||
+ (ctl->server.authenticate == A_GSSAPI) ||
+ (ctl->server.authenticate == A_KERBEROS_V4) ||
+ (ctl->server.authenticate == A_OTP) ||
+ (ctl->server.authenticate == A_CRAM_MD5))
{
if ((ok = capa_probe(sock)) != PS_SUCCESS)
/* we are in STAGE_GETAUTH! */
@@ -455,7 +460,7 @@ static int pop3_getauth(int sock, struct query *ctl, char *greeting)
(ctl->server.authenticate == A_GSSAPI ||
ctl->server.authenticate == A_ANY))
{
- ok = do_gssauth(sock,"AUTH",ctl->server.truename,ctl->remotename);
+ ok = do_gssauth(sock,"AUTH","pop",ctl->server.truename,ctl->remotename);
if (ok == PS_SUCCESS || ctl->server.authenticate != A_ANY)
break;
}
generated by cgit v1.2.3 (git 2.39.1) at 2025-03-13 22:01:19 +0000