Merge in various small fixes, including two remote DOS

svn path=/trunk/; revision=3838

6 files changed, 55 insertions, 17 deletions

diff --git a/NEWS b/NEWS
index 74c6e36b..10ae4ded 100644
--- a/NEWS
+++ b/NEWS
@@ -2,6 +2,17 @@
 
 (The `lines' figures total .c, .h, .l, and .y files under version control.)
 
+* Updated Spanish, Turkish, and German translation files.
+* Matthew Gregan's patch to handle garbage lengths from dbmail;
+  closes Debian bug #207919.
+* Fix IMAP query so new-message count doesn't include deleted messages.
+* Man page typo fix, closes Debian bug #205892.
+* OpenSSL cleanup patches fro levinedl@acm.org.
+* Benjamin Drieu's patch to fix Debian bug #212240, no oversized-nmessage
+  flushing if both "flush" and "limit" were specified.
+* rfc822.c fixes for CAN-2003-0790 and CAN-2003-0792 potential 
+  remote DOS attack vulnerabilities.
+
 fetchmail-6.2.4 (Wed Aug 13 04:27:35 EDT 2003), 22625 lines:
 
 * Updated German, Spanish, Catalan, and Turkish translations.
diff --git a/configure.in b/configure.in
index d2b57ae9..a13bdf6c 100644
--- a/configure.in
+++ b/configure.in
@@ -603,7 +603,7 @@ then
     ### In Red Hat 9, this file includes a reference to <krb5.h>, so we
     ### force the Kerberos direcory onto the include path so it will build.
     echo "Enabling OpenSSL support in $with_ssl"
-    CEFLAGS="$CEFLAGS -I$with_ssl/include/openssl -I/usr/kerberos/include"
+    CEFLAGS="$CEFLAGS -I$with_ssl/include -I/usr/kerberos/include"
     ###	OpenBSD comes with ssl headers
   elif test -r /usr/include/ssl/ssl.h
   then
diff --git a/fetchmail-FAQ.html b/fetchmail-FAQ.html
index 21f2346e..a7a1d9a7 100644
--- a/fetchmail-FAQ.html
+++ b/fetchmail-FAQ.html
@@ -16,7 +16,7 @@ content="Frequently asked questions about fetchmail."/>
 Page</a></td>
 <td width="30%" align="center">To <a href="/~esr/sitemap.html">Site
 Map</a></td>
-<td width="30%" align="right">$Date: 2003/08/06 04:31:10 $</td>
+<td width="30%" align="right">$Date: 2003/10/10 09:39:55 $</td>
 </tr>
 </table>
 
@@ -3392,7 +3392,7 @@ is write-locked by the other instance yours can neither mark
 messages seen or delete them. The solution is to either (a) wait
 for the other client to finish, or (b) terminate it.</p>
 
-<p>James Stevens &lt;James.Stevens@kyzo.com&gt; writes:</p>
+<p>James Stevens &lt;James.Stevens at kyzo.com&gt; writes:</p>
 
 <p><em>We had a Linux box dialing the Net and collecting mail from
 an NT POP3 server. Fetchmail was correctly collecting and deleting
@@ -3476,7 +3476,7 @@ does something like "date >> $HOME/Procmail/fetchmail.log".</p>
 Page</a></td>
 <td width="30%" align="center">To <a href="/~esr/sitemap.html">Site
 Map</a></td>
-<td width="30%" align="right">$Date: 2003/08/06 04:31:10 $</td>
+<td width="30%" align="right">$Date: 2003/10/10 09:39:55 $</td>
 </tr>
 </table>
 
diff --git a/fetchmail.man b/fetchmail.man
index 7a596e77..522de040 100644
--- a/fetchmail.man
+++ b/fetchmail.man
@@ -125,7 +125,7 @@ not work with POP2, and may occasionally flake out under POP3.
 .TP
 .B \-s | \-\-silent
 Silent mode.  Suppresses all progress/status messages that are
-normally echoed to standard error during a fetch (but does not
+normally echoed to standard output during a fetch (but does not
 suppress actual error messages).  The --verbose option overrides this.
 .TP
 .B \-v | \-\-verbose
@@ -162,14 +162,13 @@ you have specified a default of \fBkeep\fR in your
 \&\fI.fetchmailrc\fR.  This option is forced on with ETRN and ODMR.
 .TP
 .B \-F | \-\-flush
-POP3/IMAP only.  Delete old (previously retrieved) messages from the mailserver
-before retrieving new messages. This option does not work with ETRN or
-ODMR.  In combination with the --limit option, --flush can be used to 
-delete oversized messages waiting on the server.
-Warning: if your local MTA hangs and fetchmail is aborted, the next
-time you run fetchmail, it will delete mail that was never delivered to you.
-What you probably want is the default setting: if you don't specify `-k', then
-fetchmail will automatically delete messages after successful delivery.
+POP3/IMAP only.  Delete old (previously retrieved) messages from the
+mailserver before retrieving new messages. This option does not work
+with ETRN or ODMR.  Warning: if your local MTA hangs and fetchmail is
+aborted, the next time you run fetchmail, it will delete mail that was
+never delivered to you.  What you probably want is the default
+setting: if you don't specify `-k', then fetchmail will automatically
+delete messages after successful delivery.
 .SS Protocol and Query Options
 .TP
 .B \-p <proto> | \-\-protocol <proto>
diff --git a/imap.c b/imap.c
index fac7cae0..e3a6f4ec 100644
--- a/imap.c
+++ b/imap.c
@@ -12,6 +12,7 @@
 #if defined(STDC_HEADERS)
 #include  <stdlib.h>
 #include  <limits.h>
+#include  <errno.h>
 #endif
 #include  "fetchmail.h"
 #include  "socket.h"
@@ -724,7 +725,8 @@ static int imap_getrange(int sock,
 	memset(unseen_messages, 0, count * sizeof(unsigned int));
 	unseen = 0;
 
-	gen_send(sock, "SEARCH UNSEEN");
+	/* don't count deleted messages, in case user enabled keep last time */
+	gen_send(sock, "SEARCH UNSEEN NOT DELETED");
 	do {
 	    ok = gen_recv(sock, buf, sizeof(buf));
 	    if (ok != 0)
@@ -999,10 +1001,15 @@ static int imap_fetch_body(int sock, struct query *ctl, int number, int *lenp)
     /*
      * Try to extract a length from the FETCH response.  RFC2060 requires
      * it to be present, but at least one IMAP server (Novell GroupWise)
-     * botches this.
+     * botches this.  The overflow check is needed because of a broken
+     * server called dbmail that returns huge garbage lengths.
      */
-    if ((cp = strchr(buf, '{')))
-	*lenp = atoi(cp + 1);
+    if ((cp = strchr(buf, '{'))) {
+        errno = 0;
+	*lenp = (int)strtol(cp + 1, (char **)NULL, 10);
+        if (errno == ERANGE && (*lenp == LONG_MAX || *lenp == LONG_MIN))
+            *lenp = -1;    /* length is too big/small for us to handle */
+    }
     else
 	*lenp = -1;	/* missing length part in FETCH reponse */
 
diff --git a/socket.c b/socket.c
index cc3c679e..389d861d 100644
--- a/socket.c
+++ b/socket.c
@@ -901,10 +901,31 @@ int SSLOpen(int sock, char *mycert, char *mykey, char *myproto, int certck, char
     char *fingerprint, char *servercname, char *label)
 {
 	SSL *ssl;
+        struct stat randstat;
+        int i;
 	
 	SSL_load_error_strings();
 	SSLeay_add_ssl_algorithms();
 	
+#ifdef SSL_ENABLE
+        if (stat("/dev/random", &randstat)  &&
+            stat("/dev/urandom", &randstat)) {
+          /* Neither /dev/random nor /dev/urandom are present, so add
+             entropy to the SSL PRNG a hard way. */
+          for (i = 0; i < 10000  &&  ! RAND_status (); ++i) {
+            char buf[4];
+            struct timeval tv;
+            gettimeofday (&tv, 0);
+            buf[0] = tv.tv_usec & 0xF;
+            buf[2] = (tv.tv_usec & 0xF0) >> 4;
+            buf[3] = (tv.tv_usec & 0xF00) >> 8;
+            buf[1] = (tv.tv_usec & 0xF000) >> 12;
+            RAND_add (buf, sizeof buf, 0.1);
+          }
+        }
+#endif /* SSL_ENABLE */
+
+
 	if( sock < 0 || sock > FD_SETSIZE ) {
 		report(stderr, GT_("File descriptor out of range for SSL") );
 		return( -1 );