diff options
| -rw-r--r-- | INSTALL | 6 | ||||
| -rw-r--r-- | configure.in | 2 | ||||
| -rw-r--r-- | driver.c | 28 |
3 files changed, 35 insertions, 1 deletions
@@ -31,6 +31,12 @@ wish to change these defaults, edit the Makefile AFTER you run a prefix other than /usr/local, or you can choose completely different directories for each item. +Note: if you intended to use RPOP (which we don't recommend, you +should set up APOP), you'll have to make fetchmail suid root. This +is so it can call rresvport and bind to a privileged port, so the +server's TCP/IP will see that and know it's OK to let it bind to +a privileged port at the other end. + See the man page or the file sample.rcfile for a description of how to configure your individual preferences. diff --git a/configure.in b/configure.in index 2c3552b2..33d13b7a 100644 --- a/configure.in +++ b/configure.in @@ -140,7 +140,7 @@ dnl All AC_CHECK_FUNCs must precede the following AC_SUBSTs AC_SUBST(EXTRASRC) AC_SUBST(EXTRAOBJ) -AC_CHECK_FUNCS(dup2 strerror tcsetattr stty setsid flock) +AC_CHECK_FUNCS(dup2 strerror tcsetattr stty setsid flock rresvport) dnl AC_FUNC_SETVBUF_REVERSED @@ -16,6 +16,9 @@ #include <malloc.h> #include <varargs.h> #include <sys/time.h> +#ifdef HAVE_RRESVPORT_H +#include <netinet/in.h> +#endif /* HAVE_RRESVPORT_H */ #include "socket.h" #include "fetchmail.h" @@ -543,11 +546,31 @@ struct method *proto; int mboxfd = -1; char buf [POPBUFSIZE+1], host[HOSTLEN+1]; int socket; +#ifdef HAVE_RRESVPORT_H + int privport = -1; +#endif /* HAVE_RRESVPORT_H */ int first,number,count; tagnum = 0; protocol = proto; +#ifdef HAVE_RRESVPORT_H + /* + * If we're trying to bind to a reserved port on the remote system, + * do likewise on the local one so the remote will know we're privileged. + * (This is most likely to happen in connection with RPOP.) + */ + if (queryctl->port < IPPORT_RESERVED) + { + ok = IPPORT_RESERVED - 1; + if ((privport = rresvport(&ok)) == -1) + { + perror("fetchmail, binding to reserved port"); + return(PS_SOCKET); + } + } +#endif /* HAVE_RRESVPORT_H */ + /* open a socket to the mail server */ if ((socket = Socket(queryctl->servername, queryctl->port ? queryctl->port : protocol->port))<0) @@ -705,6 +728,11 @@ cleanUp: close(socket); } +#ifdef HAVE_RRESVPORT_H + if (privport != -1) + close(privport); /* no big deal if this fails */ +#endif /* HAVE_RRESVPORT_H */ + closeUp: if (queryctl->output == TO_FOLDER) { |