diff options
| author | Eric S. Raymond <esr@thyrsus.com> | 2001-02-19 20:31:30 +0000 |
|---|---|---|
| committer | Eric S. Raymond <esr@thyrsus.com> | 2001-02-19 20:31:30 +0000 |
| commit | ea8294a37ef78608fc3b50c8363e64d93d2d491d (patch) | |
| tree | 19f356e39db49f1a658cd7f1fc797c439ced55de | |
| parent | 665f79a142fb8db222aa6c6634173c25b2829d68 (diff) | |
| download | fetchmail-ea8294a37ef78608fc3b50c8363e64d93d2d491d.tar.gz fetchmail-ea8294a37ef78608fc3b50c8363e64d93d2d491d.tar.bz2 fetchmail-ea8294a37ef78608fc3b50c8363e64d93d2d491d.zip | |
preauth -> auth.
svn path=/trunk/; revision=3121
| -rw-r--r-- | NEWS | 2 | ||||
| -rw-r--r-- | conf.c | 26 | ||||
| -rw-r--r-- | driver.c | 8 | ||||
| -rw-r--r-- | fetchmail-FAQ.html | 10 | ||||
| -rw-r--r-- | fetchmail.c | 30 | ||||
| -rw-r--r-- | fetchmail.h | 12 | ||||
| -rw-r--r-- | fetchmail.man | 24 | ||||
| -rwxr-xr-x | fetchmailconf | 16 | ||||
| -rw-r--r-- | imap.c | 12 | ||||
| -rw-r--r-- | options.c | 26 | ||||
| -rw-r--r-- | pop3.c | 12 | ||||
| -rw-r--r-- | rcfile_l.l | 7 | ||||
| -rw-r--r-- | rcfile_y.y | 38 |
13 files changed, 116 insertions, 107 deletions
@@ -2,6 +2,8 @@ (The `lines' figures total .c, .h, .l, and .y files under version control.) +* `preauth' option changed back to `auth' + fetchmail-5.6.7 (Mon Feb 19 12:31:03 EST 2001), 20082 lines: * Fixed brown-paper-bag password bug (only showed up if it was necessary @@ -247,7 +247,7 @@ void dump_config(struct runctl *runp, struct query *querylist) #else ctl->server.service && !strcmp(ctl->server.service, KPOP_PORT ) && #endif - ctl->server.preauthenticate == A_KERBEROS_V4); + ctl->server.authenticate == A_KERBEROS_V4); stringdump("pollname", ctl->server.pollname); booldump("active", !ctl->server.skip); @@ -271,18 +271,18 @@ void dump_config(struct runctl *runp, struct query *querylist) numdump("envskip", ctl->server.envskip); stringdump("qvirtual", ctl->server.qvirtual); - if (ctl->server.preauthenticate == A_ANY) - stringdump("preauth", "any"); - else if (ctl->server.preauthenticate == A_PASSWORD) - stringdump("preauth", "password"); - else if (ctl->server.preauthenticate == A_GSSAPI) - stringdump("preauth", "gssapi"); - else if (ctl->server.preauthenticate == A_KERBEROS_V4) - stringdump("preauth", "kerberos_v4"); - else if (ctl->server.preauthenticate == A_KERBEROS_V5) - stringdump("preauth", "kerberos_v5"); - else if (ctl->server.preauthenticate == A_SSH) - stringdump("preauth", "ssh"); + if (ctl->server.authenticate == A_ANY) + stringdump("auth", "any"); + else if (ctl->server.authenticate == A_PASSWORD) + stringdump("auth", "password"); + else if (ctl->server.authenticate == A_GSSAPI) + stringdump("auth", "gssapi"); + else if (ctl->server.authenticate == A_KERBEROS_V4) + stringdump("auth", "kerberos_v4"); + else if (ctl->server.authenticate == A_KERBEROS_V5) + stringdump("auth", "kerberos_v5"); + else if (ctl->server.authenticate == A_SSH) + stringdump("auth", "ssh"); #if defined(HAVE_GETHOSTBYNAME) && defined(HAVE_RES_SEARCH) booldump("dns", ctl->server.dns); @@ -1777,7 +1777,7 @@ const int maxfetch; /* maximum number of messages to fetch */ #endif #ifdef KERBEROS_V4 - if (ctl->server.preauthenticate == A_KERBEROS_V4) + if (ctl->server.authenticate == A_KERBEROS_V4) { set_timeout(mytimeout); ok = kerberos_auth(mailserver_socket, ctl->server.truename, @@ -1789,7 +1789,7 @@ const int maxfetch; /* maximum number of messages to fetch */ #endif /* KERBEROS_V4 */ #ifdef KERBEROS_V5 - if (ctl->server.preauthenticate == A_KERBEROS_V5) + if (ctl->server.authenticate == A_KERBEROS_V5) { set_timeout(mytimeout); ok = kerberos5_auth(mailserver_socket, ctl->server.truename); @@ -2448,7 +2448,7 @@ const struct method *proto; /* protocol method table */ int ok; #ifndef KERBEROS_V4 - if (ctl->server.preauthenticate == A_KERBEROS_V4) + if (ctl->server.authenticate == A_KERBEROS_V4) { report(stderr, _("Kerberos V4 support not linked.\n")); return(PS_ERROR); @@ -2456,7 +2456,7 @@ const struct method *proto; /* protocol method table */ #endif /* KERBEROS_V4 */ #ifndef KERBEROS_V5 - if (ctl->server.preauthenticate == A_KERBEROS_V5) + if (ctl->server.authenticate == A_KERBEROS_V5) { report(stderr, _("Kerberos V5 support not linked.\n")); return(PS_ERROR); diff --git a/fetchmail-FAQ.html b/fetchmail-FAQ.html index 565fb94f..b991e772 100644 --- a/fetchmail-FAQ.html +++ b/fetchmail-FAQ.html @@ -10,7 +10,7 @@ <table width="100%" cellpadding=0><tr> <td width="30%">Back to <a href="index.html">Fetchmail Home Page</a> <td width="30%" align=center>To <a href="/~esr/sitemap.html">Site Map</a> -<td width="30%" align=right>$Date: 2001/02/15 22:58:43 $ +<td width="30%" align=right>$Date: 2001/02/19 20:31:25 $ </table> <HR> <H1>Frequently Asked Questions About Fetchmail</H1> @@ -690,6 +690,12 @@ once you have installed the `bind' package.<P> <hr> <h2><a name="F1">F1. Why does my old .fetchmailrc file no longer work?</a></h2> +<h3>If your file predates 5.6.8</h3> + +In 5.6.8, the <tt>preauth</tt> keyword and option were changed back to +<tt>auth</tt>. The <tt>preauth</tt> synonym will still be supported +through a few more point releases.<p> + <h3>If your file predates 5.6.5</h3> The <tt>imap-gss</tt>, <tt>imap-k4</tt>, and <tt>imap-login</tt> @@ -2989,7 +2995,7 @@ switching to IMAP and using a short expunge interval.<p> <table width="100%" cellpadding=0><tr> <td width="30%">Back to <a href="index.html">Fetchmail Home Page</a> <td width="30%" align=center>To <a href="/~esr/sitemap.html">Site Map</a> -<td width="30%" align=right>$Date: 2001/02/15 22:58:43 $ +<td width="30%" align=right>$Date: 2001/02/19 20:31:25 $ </table> <P><ADDRESS>Eric S. Raymond <A HREF="mailto:esr@thyrsus.com"><esr@snark.thyrsus.com></A></ADDRESS> diff --git a/fetchmail.c b/fetchmail.c index 7b5efbf9..ac6d99e0 100644 --- a/fetchmail.c +++ b/fetchmail.c @@ -324,7 +324,7 @@ int main(int argc, char **argv) { if (ctl->active && !(implicitmode && ctl->server.skip)&&!ctl->password) { - if (ctl->server.preauthenticate > A_PASSWORD || ctl->server.protocol >= P_ETRN) + if (ctl->server.authenticate > A_PASSWORD || ctl->server.protocol >= P_ETRN) /* Server won't care what the password is, but there must be some non-null string here. */ ctl->password = ctl->remotename; @@ -494,7 +494,7 @@ int main(int argc, char **argv) for (ctl = querylist; ctl; ctl = ctl->next) { if (ctl->active && !(implicitmode && ctl->server.skip) - && ctl->server.preauthenticate <= A_PASSWORD + && ctl->server.authenticate <= A_PASSWORD && ctl->server.protocol < P_ETRN && !ctl->password) { @@ -868,7 +868,7 @@ static void optmerge(struct query *h2, struct query *h1, int force) FLAG_MERGE(server.port); #endif /* INET6_ENABLE */ FLAG_MERGE(server.interval); - FLAG_MERGE(server.preauthenticate); + FLAG_MERGE(server.authenticate); FLAG_MERGE(server.timeout); FLAG_MERGE(server.envelope); FLAG_MERGE(server.envskip); @@ -1103,8 +1103,8 @@ static int load_params(int argc, char **argv, int optind) * If we're using Kerberos for authentication, we need * the FQDN in order to generate capability keys. */ if (ctl->server.protocol==P_ETRN || ctl->server.protocol==P_ODMR - || ctl->server.preauthenticate == A_KERBEROS_V4 - || ctl->server.preauthenticate == A_KERBEROS_V5) + || ctl->server.authenticate == A_KERBEROS_V4 + || ctl->server.authenticate == A_KERBEROS_V5) if (strcmp(fetchmailhost, "localhost") == 0) fetchmailhost = host_fqdn(); @@ -1194,8 +1194,8 @@ static int load_params(int argc, char **argv, int optind) #ifdef HAVE_GETHOSTBYNAME else if (!configdump) { - if (ctl->server.preauthenticate==A_KERBEROS_V4 || - ctl->server.preauthenticate==A_KERBEROS_V5 || + if (ctl->server.authenticate==A_KERBEROS_V4 || + ctl->server.authenticate==A_KERBEROS_V5 || (ctl->server.dns && MULTIDROP(ctl))) { struct hostent *namerec; @@ -1560,7 +1560,7 @@ static void dump_params (struct runctl *runp, if (ctl->server.skip || outlevel >= O_VERBOSE) printf(_(" This host %s be queried when no host is specified.\n"), ctl->server.skip ? _("will not") : _("will")); - if (ctl->server.preauthenticate <= A_PASSWORD && ctl->server.protocol < P_ETRN) + if (ctl->server.authenticate <= A_PASSWORD && ctl->server.protocol < P_ETRN) { if (!ctl->password) printf(_(" Password will be prompted for.\n")); @@ -1584,10 +1584,10 @@ static void dump_params (struct runctl *runp, #else /* INET6_ENABLE */ && ctl->server.port == KPOP_PORT #endif /* INET6_ENABLE */ - && (ctl->server.preauthenticate == A_KERBEROS_V4 || - ctl->server.preauthenticate == A_KERBEROS_V5)) + && (ctl->server.authenticate == A_KERBEROS_V4 || + ctl->server.authenticate == A_KERBEROS_V5)) printf(_(" Protocol is KPOP with Kerberos %s authentication"), - ctl->server.preauthenticate == A_KERBEROS_V5 ? "V" : "IV"); + ctl->server.authenticate == A_KERBEROS_V5 ? "V" : "IV"); else printf(_(" Protocol is %s"), showproto(ctl->server.protocol)); #if INET6_ENABLE @@ -1605,7 +1605,7 @@ static void dump_params (struct runctl *runp, printf(_(" (forcing UIDL use)")); putchar('.'); putchar('\n'); - switch (ctl->server.preauthenticate) + switch (ctl->server.authenticate) { case A_ANY: printf(_(" All authentication methods will be described.\n")); @@ -1614,13 +1614,13 @@ static void dump_params (struct runctl *runp, printf(_(" Password authentication will be forced.\n")); break; case A_GSSAPI: - printf(_(" GSSAPI preauthentication will be forced.\n")); + printf(_(" GSSAPI authentication will be forced.\n")); break; case A_KERBEROS_V4: - printf(_(" Kerberos V4 preauthentication will be forced.\n")); + printf(_(" Kerberos V4 authentication will be forced.\n")); break; case A_KERBEROS_V5: - printf(_(" Kerberos V5 preauthentication will be forced.\n")); + printf(_(" Kerberos V5 authentication will be forced.\n")); break; case A_SSH: printf(_(" End-to-end encryption assumed.\n")); diff --git a/fetchmail.h b/fetchmail.h index 083d6887..9c996c9c 100644 --- a/fetchmail.h +++ b/fetchmail.h @@ -28,13 +28,13 @@ #define SPOP3_PORT 995 #endif -/* preauthentication types */ +/* authentication types */ #define A_ANY 0 /* use the first method that works */ #define A_PASSWORD 1 /* password or inline authentication */ -#define A_KERBEROS_V4 2 /* preauthenticate w/ Kerberos V4 */ -#define A_KERBEROS_V5 3 /* preauthenticate w/ Kerberos V5 */ -#define A_GSSAPI 4 /* preauthenticate with GSSAPI */ -#define A_SSH 5 /* preauthentication at session level */ +#define A_KERBEROS_V4 2 /* authenticate w/ Kerberos V4 */ +#define A_KERBEROS_V5 3 /* authenticate w/ Kerberos V5 */ +#define A_GSSAPI 4 /* authenticate with GSSAPI */ +#define A_SSH 5 /* authentication at session level */ /* * Definitions for buffer sizes. We get little help on setting maxima @@ -195,7 +195,7 @@ struct hostdata /* shared among all user connections to given server */ int port; /* TCP/IP service port number */ #endif /* INET6_ENABLE */ int interval; /* # cycles to skip between polls */ - int preauthenticate; /* preauthentication mode to try */ + int authenticate; /* authentication mode to try */ int timeout; /* inactivity timout in seconds */ char *envelope; /* envelope address list header */ int envskip; /* skip to numbered envelope header */ diff --git a/fetchmail.man b/fetchmail.man index 409b7806..5342b8a5 100644 --- a/fetchmail.man +++ b/fetchmail.man @@ -181,7 +181,7 @@ Use POP3 with old-fashioned MD5-challenge authentication. .IP RPOP Use POP3 with RPOP authentication. .IP KPOP -Use POP3 with Kerberos V4 preauthentication on port 1109. +Use POP3 with Kerberos V4 authentication on port 1109. .IP SDPS Use POP3 with Demon Internet's SDPS extensions. .IP IMAP @@ -306,7 +306,7 @@ mailserver is asked to ship mail to. Hosts are tried in list order; the first one that is up becomes the forwarding target for the current run. Normally, `localhost' is added to the end of the list as an invisible default. However, when using ETRN mode or Kerberos -preauthentication, the FQDN of the machine running fetchmail is added to +authentication, the FQDN of the machine running fetchmail is added to the end of the list as an invisible default. Each hostname may have a port number following the host name. The port number is separated from the host name by a slash; the default port is 25 (or ``smtp'' under IPv6). @@ -497,8 +497,8 @@ fetchmail runs with the effective GID set to that of the kmem group .I only when interface data is being collected. .TP -.B --preauth <type> -(Keyword: preauth[enticate]) +.B --auth <type> +(Keyword: auth[enticate]) This option permits you to specify an authentication type (see USER AUTHENTICATION below for details). The possible values are \fBany\fR, \&`\fBpassword\fR', `\fBkerberos_v5\fR' and `\fBkerberos\fR' (or, for @@ -514,7 +514,7 @@ a password. Specify \fBssh\fR when you are using an end-to-end secure connection such as an ssh tunnel; specify \fRgssapi\fR or \fBkerberos_v4\fR if you are using a protocol variant that employs GSSAPI or K4. Choosing KPOP protocol automatically selects Kerberos -preauthentication. This option does not work with ETRN or ODMR. +authentication. This option does not work with ETRN or ODMR. .SS Miscellaneous Options .TP .B \-f <pathname>, --fetchmailrc <pathname> @@ -687,13 +687,13 @@ the server greeting time to the server, which can verify it by checking its authorization database. .PP If your \fIfetchmail\fR was built with Kerberos support and you specify -Kerberos preauthentication (either with --preauth or the \fI.fetchmailrc\fR +Kerberos authentication (either with --auth or the \fI.fetchmailrc\fR option \fBauthenticate kerberos_v4\fR) it will try to get a Kerberos ticket from the mailserver at the start of each query. Note: if either the pollnane or via name is `hesiod', fetchmail will try to use Hesiod to look up the mailserver. .PP -If you use POP3 or IMAP with GSSAPI preauthentication, \fIfetchmail\fR will +If you use POP3 or IMAP with GSSAPI authentication, \fIfetchmail\fR will expect the server to have RFC1731- or RFC1734-conformant GSSAPI capability, and will use it. Currently this has only been tested over Kerberos V, so you're expected to already have a ticket-granting @@ -704,7 +704,7 @@ option \fBuser\fR. If your IMAP daemon returns the PREAUTH response in its greeting line, fetchmail will notice this and skip the normal authentication step. This could be useful, e.g. if you start imapd explicitly using ssh. -In this case you can declare the preauthentication value `ssh' on that +In this case you can declare the authentication value `ssh' on that site entry to stop \fI.fetchmail\fR from asking you for a password when it starts up. .PP @@ -1155,8 +1155,8 @@ T} port -P T{ Specify TCP/IP service port T} -preauth[enticate] -A T{ -Set preauthentication type (default `password') +auth[enticate] -A T{ +Set authentication type (default `password') T} timeout -t T{ Server inactivity timeout in seconds (default 300) @@ -1586,7 +1586,7 @@ query instead, and send an arbitrary string as the password; and `gssapi' tells fetchmail to use GSSAPI authentication. .PP Specifying `kpop' sets POP3 protocol over port 1109 with Kerberos V4 -preauthentication. These defaults may be overridden by later options. +authentication. These defaults may be overridden by later options. .PP There are currently four global option statements; `set logfile' followed by a string sets the same global specified by --logfile. A @@ -1751,7 +1751,7 @@ The queries are made directly on the stdin and stdout of imapd via ssh. Note that in this setup, IMAP authentication can be skipped. .nf -poll mailhost.net with proto imap and preauth ssh: +poll mailhost.net with proto imap and auth ssh: plugin "ssh %h /usr/sbin/imapd"; .fi diff --git a/fetchmailconf b/fetchmailconf index 7ef4add8..b86f62d5 100755 --- a/fetchmailconf +++ b/fetchmailconf @@ -4,7 +4,7 @@ # by Eric S. Raymond, <esr@snark.thyrsus.com>. # Requires Python with Tkinter, and the following OS-dependent services: # posix, posixpath, socket -version = "1.36" +version = "1.37" from Tkinter import * from Dialog import * @@ -80,7 +80,7 @@ class Server: self.protocol = 'auto' # Default to auto protocol self.port = 0 # Port number to use self.uidl = FALSE # Don't use RFC1725 UIDLs by default - self.preauth = 'any' # Default to password authentication + self.auth = 'any' # Default to password authentication self.timeout = 300 # 5-minute timeout self.envelope = 'Received' # Envelope-address header self.envskip = 0 # Number of envelope headers to skip @@ -103,7 +103,7 @@ class Server: ('protocol', 'String'), ('port', 'Int'), ('uidl', 'Boolean'), - ('preauth', 'String'), + ('auth', 'String'), ('timeout', 'Int'), ('envelope', 'String'), ('envskip', 'Int'), @@ -140,8 +140,8 @@ class Server: res = res + " envelope " + self.envelope if self.qvirtual: res = res + (" qvirtual " + str(self.qvirtual) + "\n"); - if self.preauth != ServerDefaults.preauth: - res = res + " preauth " + self.preauth + if self.auth != ServerDefaults.auth: + res = res + " auth " + self.auth if self.dns != ServerDefaults.dns or self.uidl != ServerDefaults.uidl: res = res + " and options" if self.dns != ServerDefaults.dns: @@ -373,7 +373,7 @@ defaultports = {"auto":0, "ETRN":25, "ODMR":366} -preauthlist = ("any", "password", "gssapi", "kerberos", "ssh") +authlist = ("any", "password", "gssapi", "kerberos", "ssh") listboxhelp = { 'title' : 'List Selection Help', @@ -1102,8 +1102,8 @@ class ServerEdit(Frame, MyWidget): secwin = Frame(rightwin, relief=RAISED, bd=5) Label(secwin, text="Security").pack(side=TOP) # Don't actually let users set this. KPOP sets it implicitly - # ButtonBar(secwin, 'Preauthorization mode:', - # self.preauth, preauthlist, 1, None).pack(side=TOP) + # ButtonBar(secwin, 'Authorization mode:', + # self.auth, authlist, 1, None).pack(side=TOP) if os_type == 'linux' or os_type == 'freebsd' or 'interface' in dictmembers: LabeledEntry(secwin, 'IP range to check before poll:', self.interface, leftwidth).pack(side=TOP, fill=X) @@ -270,7 +270,7 @@ int imap_getauth(int sock, struct query *ctl, char *greeting) * If either (a) we saw a PREAUTH token in the greeting, or * (b) the user specified ssh preauthentication, then we're done. */ - if (preauth || ctl->server.preauthenticate == A_SSH) + if (preauth || ctl->server.authenticate == A_SSH) { preauth = FALSE; /* reset for the next session */ return(PS_SUCCESS); @@ -281,16 +281,16 @@ int imap_getauth(int sock, struct query *ctl, char *greeting) * Try the protocol variants that don't require passwords first. */ #ifdef GSSAPI - if ((ctl->server.preauthenticate == A_ANY - || ctl->server.preauthenticate==A_GSSAPI) + if ((ctl->server.authenticate == A_ANY + || ctl->server.authenticate==A_GSSAPI) && strstr(capabilities, "AUTH=GSSAPI")) return(do_gssauth(sock, ctl->server.truename, ctl->remotename)); #endif /* GSSAPI */ #ifdef KERBEROS_V4 - if ((ctl->server.preauthenticate == A_ANY - || ctl->server.preauthenticate==A_KERBEROS_V4 - || ctl->server.preauthenticate==A_KERBEROS_V5) + if ((ctl->server.authenticate == A_ANY + || ctl->server.authenticate==A_KERBEROS_V4 + || ctl->server.authenticate==A_KERBEROS_V5) && strstr(capabilities, "AUTH=KERBEROS_V4")) { if ((ok = do_rfc1731(sock, "AUTHENTICATE", ctl->server.truename))) @@ -41,7 +41,7 @@ #define LA_PROTOCOL 17 #define LA_UIDL 18 #define LA_PORT 19 -#define LA_PREAUTH 20 +#define LA_AUTH 20 #define LA_TIMEOUT 21 #define LA_ENVELOPE 22 #define LA_QVIRTUAL 23 @@ -109,7 +109,7 @@ static const struct option longoptions[] = { {"proto", required_argument, (int *) 0, LA_PROTOCOL }, {"uidl", no_argument, (int *) 0, LA_UIDL }, {"port", required_argument, (int *) 0, LA_PORT }, - {"preauth", required_argument, (int *) 0, LA_PREAUTH}, + {"auth", required_argument, (int *) 0, LA_AUTH}, {"timeout", required_argument, (int *) 0, LA_TIMEOUT }, {"envelope", required_argument, (int *) 0, LA_ENVELOPE }, {"qvirtual", required_argument, (int *) 0, LA_QVIRTUAL }, @@ -351,9 +351,9 @@ struct query *ctl; /* option record to be initialized */ ctl->server.port = KPOP_PORT; #endif /* INET6_ENABLE */ #ifdef KERBEROS_V5 - ctl->server.preauthenticate = A_KERBEROS_V5; + ctl->server.authenticate = A_KERBEROS_V5; #else - ctl->server.preauthenticate = A_KERBEROS_V4; + ctl->server.authenticate = A_KERBEROS_V4; #endif /* KERBEROS_V5 */ } else if (strcasecmp(optarg,"imap") == 0) @@ -377,23 +377,23 @@ struct query *ctl; /* option record to be initialized */ ctl->server.port = xatoi(optarg, &errflag); #endif /* INET6_ENABLE */ break; - case LA_PREAUTH: + case LA_AUTH: if (strcmp(optarg, "password") == 0) - ctl->server.preauthenticate = A_PASSWORD; + ctl->server.authenticate = A_PASSWORD; else if (strcmp(optarg, "kerberos") == 0) #ifdef KERBEROS_V5 - ctl->server.preauthenticate = A_KERBEROS_V5; + ctl->server.authenticate = A_KERBEROS_V5; #else - ctl->server.preauthenticate = A_KERBEROS_V4; + ctl->server.authenticate = A_KERBEROS_V4; #endif /* KERBEROS_V5 */ else if (strcmp(optarg, "kerberos_v5") == 0) - ctl->server.preauthenticate = A_KERBEROS_V5; + ctl->server.authenticate = A_KERBEROS_V5; else if (strcmp(optarg, "kerberos_v4") == 0) - ctl->server.preauthenticate = A_KERBEROS_V4; + ctl->server.authenticate = A_KERBEROS_V4; else if (strcmp(optarg, "ssh") == 0) - ctl->server.preauthenticate = A_SSH; + ctl->server.authenticate = A_SSH; else { - fprintf(stderr,_("Invalid preauthentication `%s' specified.\n"), optarg); + fprintf(stderr,_("Invalid authentication `%s' specified.\n"), optarg); errflag++; } break; @@ -620,7 +620,7 @@ struct query *ctl; /* option record to be initialized */ P(_(" -p, --protocol specify retrieval protocol (see man page)\n")); P(_(" -U, --uidl force the use of UIDLs (pop3 only)\n")); P(_(" -P, --port TCP/IP service port to connect to\n")); - P(_(" --preauth preauthentication type (password/kerberos/ssh)\n")); + P(_(" --auth authentication type (password/kerberos/ssh)\n")); P(_(" -t, --timeout server nonresponse timeout\n")); P(_(" -E, --envelope envelope address header\n")); P(_(" -Q, --qvirtual prefix to remove from local user id\n")); @@ -206,7 +206,7 @@ int pop3_getauth(int sock, struct query *ctl, char *greeting) * These authentication methods are blessed by RFC1734, * describing the POP3 AUTHentication command. */ - if (ctl->server.preauthenticate == A_ANY + if (ctl->server.authenticate == A_ANY && strchr(greeting, '<') && gen_transact(sock, "CAPA") == 0) { @@ -244,16 +244,16 @@ int pop3_getauth(int sock, struct query *ctl, char *greeting) } #if defined(GSSAPI) - if ((ctl->server.preauthenticate == A_ANY - || ctl->server.preauthenticate==A_GSSAPI) + if ((ctl->server.authenticate == A_ANY + || ctl->server.authenticate==A_GSSAPI) && has_gssapi) return(do_gssauth(sock, "AUTH", ctl->server.truename, ctl->remotename)); #endif /* defined(GSSAPI) */ #if defined(KERBEROS_V4) || defined(KERBEROS_V5) - if ((ctl->server.preauthenticate == A_ANY - || ctl->server.preauthenticate==A_KERBEROS_V4 - || ctl->server.preauthenticate==A_KERBEROS_V5) + if ((ctl->server.authenticate == A_ANY + || ctl->server.authenticate==A_KERBEROS_V4 + || ctl->server.authenticate==A_KERBEROS_V5) && has_kerberos) return(do_rfc1731(sock, "AUTH", ctl->server.truename)); #endif /* defined(KERBEROS_V4) || defined(KERBEROS_V5) */ @@ -25,7 +25,7 @@ int prc_lineno = 1; %a 4000 %p 3000 -%s NAME PREAUTH +%s NAME AUTH %% @@ -82,14 +82,15 @@ proto(col)? { return PROTOCOL; } service { return SERVICE; } port { return PORT; } interval { return INTERVAL; } -preauth(enticate)? { SETSTATE(PREAUTH); return PREAUTHENTICATE; } +preauth(enticate)? { SETSTATE(AUTH); return AUTHENTICATE; } +auth(enticate)? { SETSTATE(AUTH); return AUTHENTICATE; } any { SETSTATE(0); return ANY; } gssapi { SETSTATE(0); return GSSAPI; } kerberos(_v)?4 { SETSTATE(0); return KERBEROS4; } kerberos(_v)?5 { SETSTATE(0); return KERBEROS5; } kerberos { SETSTATE(0); return KERBEROS; } ssh { SETSTATE(0); return SSH; } -<PREAUTH>password { SETSTATE(0); return PASSWORD; } +<AUTH>password { SETSTATE(0); return PASSWORD; } timeout { return TIMEOUT;} envelope { return ENVELOPE; } qvirtual { return QVIRTUAL; } @@ -59,7 +59,7 @@ extern char * yytext; } %token DEFAULTS POLL SKIP VIA AKA LOCALDOMAINS PROTOCOL ANY -%token PREAUTHENTICATE TIMEOUT KPOP SDPS KERBEROS4 KERBEROS5 KERBEROS GSSAPI +%token AUTHENTICATE TIMEOUT KPOP SDPS KERBEROS4 KERBEROS5 KERBEROS GSSAPI %token SSH ENVELOPE QVIRTUAL USERNAME PASSWORD FOLDER SMTPHOST MDA BSMTP LMTP %token SMTPADDRESS SMTPNAME SPAMRESPONSE PRECONNECT POSTCONNECT LIMIT WARNINGS %token NETSEC INTERFACE MONITOR PLUGIN PLUGOUT @@ -140,11 +140,11 @@ serv_option : AKA alias_list | PROTOCOL KPOP { current.server.protocol = P_POP3; - if (current.server.preauthenticate == A_PASSWORD) + if (current.server.authenticate == A_PASSWORD) #ifdef KERBEROS_V5 - current.server.preauthenticate = A_KERBEROS_V5; + current.server.authenticate = A_KERBEROS_V5; #else - current.server.preauthenticate = A_KERBEROS_V4; + current.server.authenticate = A_KERBEROS_V4; #endif /* KERBEROS_V5 */ #if INET6_ENABLE current.server.service = KPOP_PORT; @@ -182,25 +182,25 @@ serv_option : AKA alias_list } | INTERVAL NUMBER {current.server.interval = $2;} - | PREAUTHENTICATE ANY - {current.server.preauthenticate = A_ANY;} - | PREAUTHENTICATE PASSWORD - {current.server.preauthenticate = A_PASSWORD;} - | PREAUTHENTICATE GSSAPI - {current.server.preauthenticate = A_GSSAPI;} - | PREAUTHENTICATE KERBEROS4 - {current.server.preauthenticate = A_KERBEROS_V4;} - | PREAUTHENTICATE KERBEROS5 - {current.server.preauthenticate = A_KERBEROS_V5;} - | PREAUTHENTICATE KERBEROS { + | AUTHENTICATE ANY + {current.server.authenticate = A_ANY;} + | AUTHENTICATE PASSWORD + {current.server.authenticate = A_PASSWORD;} + | AUTHENTICATE GSSAPI + {current.server.authenticate = A_GSSAPI;} + | AUTHENTICATE KERBEROS4 + {current.server.authenticate = A_KERBEROS_V4;} + | AUTHENTICATE KERBEROS5 + {current.server.authenticate = A_KERBEROS_V5;} + | AUTHENTICATE KERBEROS { #ifdef KERBEROS_V5 - current.server.preauthenticate = A_KERBEROS_V5; + current.server.authenticate = A_KERBEROS_V5; #else - current.server.preauthenticate = A_KERBEROS_V4; + current.server.authenticate = A_KERBEROS_V4; #endif /* KERBEROS_V5 */ } - | PREAUTHENTICATE SSH - {current.server.preauthenticate = A_SSH;} + | AUTHENTICATE SSH + {current.server.authenticate = A_SSH;} | TIMEOUT NUMBER {current.server.timeout = $2;} | ENVELOPE NUMBER STRING |