diff options
-rw-r--r-- | .gitignore | 11 | ||||
-rw-r--r-- | NEWS | 11 | ||||
-rw-r--r-- | README | 3 | ||||
-rw-r--r-- | README.git | 1 | ||||
-rw-r--r-- | TODO.txt | 23 | ||||
-rw-r--r-- | checkalias.c | 2 | ||||
-rw-r--r-- | configure.ac | 54 | ||||
-rw-r--r-- | cram.c | 2 | ||||
-rw-r--r-- | daemon.c | 7 | ||||
-rwxr-xr-x | dist-tools/makerelease.pl | 2 | ||||
-rw-r--r-- | fetchmail-FAQ.html | 4 | ||||
-rw-r--r-- | fetchmail.c | 3 | ||||
-rw-r--r-- | fetchmail.h | 4 | ||||
-rw-r--r-- | getopt.c | 4 | ||||
-rw-r--r-- | gssapi.c | 3 | ||||
-rw-r--r-- | idle.c | 2 | ||||
-rw-r--r-- | idlist.c | 17 | ||||
-rw-r--r-- | imap.c | 12 | ||||
-rw-r--r-- | lock.c | 2 | ||||
-rw-r--r-- | netrc.c | 2 | ||||
-rw-r--r-- | opie.c | 7 | ||||
-rw-r--r-- | options.c | 1 | ||||
-rw-r--r-- | pop3.c | 58 | ||||
-rw-r--r-- | rcfile_l.l | 2 | ||||
-rw-r--r-- | rcfile_y.y | 3 | ||||
-rw-r--r-- | rfc822.c | 2 | ||||
-rw-r--r-- | rpa.c | 2 | ||||
-rw-r--r-- | sink.c | 36 | ||||
-rw-r--r-- | smbencrypt.c | 46 | ||||
-rw-r--r-- | smbutil.c | 2 | ||||
-rw-r--r-- | socket.c | 14 | ||||
-rw-r--r-- | socket.h | 1 | ||||
-rw-r--r-- | strlcat.c | 3 | ||||
-rw-r--r-- | strlcpy.c | 3 | ||||
-rw-r--r-- | transact.c | 20 | ||||
-rw-r--r-- | ucs/norm_charmap.c | 1 | ||||
-rw-r--r-- | uid.c | 15 | ||||
-rw-r--r-- | unmime.c | 2 |
38 files changed, 153 insertions, 234 deletions
@@ -6,9 +6,13 @@ .deps/ .project .rsyncs +.settings/ +.vscode/ /nbproject/ ABOUT-NLS aclocal.m4 +ANNOUNCE.EMAIL +ar-lib autobuild/ autom4te.cache build* @@ -36,7 +40,9 @@ fetchmail-man.html fetchmail.spec fetchmailconf genlsm.sh +IMAPCapa install-sh +intl/ libfm.a m4/ Mailbox-Names-UTF7.html @@ -60,13 +66,10 @@ rfc822valid stamp-h1 tags test-driver +test-suite.log TODO unmime x509_name_match ylwrap \#*# -.settings/ -.vscode/ _build* -ANNOUNCE.EMAIL -ar-lib @@ -99,6 +99,17 @@ fetchmail-6.4.0 (not yet released): * Fetchmail prevents buffer overruns in GSSAPI authentication with user names beyond c. 6000 characters in length. Reported by Greg Hudson. +## CHANGED REQUIREMENTS +* fetchmail 6.4.0 is written in C99 and requires a SUSv3 (Single Unix + Specification v3, a superset of POSIX.1-2001 aka. IEEE Std 1003.1-2001 with + XSI extension) compliant system. For now, a C89 compiler should also work + if the system is SUSv3 compliant. + + In particular, older fetchmail versions had workaround for several functions + standardized in the Single Unix Specification v3, these have been removed. + + The trio/ library has been removed from the distribution. + ## CHANGES * fetchmail 6.3.X is unsupported. * fetchmail now configures OpenSSL support by default. @@ -46,7 +46,6 @@ used in some parts of the code. Future fetchmail releases will require modern language features such as "long long" and others, so this release is the last to support C89. - Further reading --------------- @@ -62,7 +61,7 @@ Status, source code The fetchmail code appears to be stable and free of bugs affecting normal operation (that is, retrieving from POP3 or IMAP in single-drop mode and -forwarding via SMTP to a local MTA). +forwarding via SMTP to a local mail transfer agent). You can get the code from the fetchmail home page: @@ -12,6 +12,7 @@ The prerequisite packages are: - GNU m4 - GNU bison - GNU flex >= 2.5.30 +- A TLSv1.2-capable OpenSSL version (>= 1.0.2) After you have everything installed, type: @@ -176,6 +176,29 @@ questionable: does it expect, what does it get instead, what does that mean, how can the user fix it; references to the manual) +- grarpamp suggested, on the fetchmail list in later April 2013, more + config file flexibility and explicitness, by marking polls, hosts, + accounts. See thread. + +- more selection options, Debian Bug#705291. + +- add a way to specify multiple fingerprints per host + +- add a way to specify non-MD5 fingerprints per host. SHA1 can be told + from its mere length; other digest algorithms would require some sort + of prefix. We may require the prefix for SHA1, too, for clarity. + +- more useful logging, suggested by Jerry, fetchmail-users, 17 May 2013 + should include date, time, message-id, and 250 Ok message from + listener that got forwarded to. + +- support to present/limit the ciphers and protocols used + ciphers: Martin Koeppe (mkoeppe at gmx dot de) 20130717 on + fetchmail-users list. + protocols: see recent Postfix versions + +- add timestamps to local logfiles, proposed by Aaron Sloman + <A.Sloman at cs.bham.ac.uk> 2013-10-16 DOCUMENTATION: - Add info whether Keywords are global, server or user keywords diff --git a/checkalias.c b/checkalias.c index eb92ff00..4da77656 100644 --- a/checkalias.c +++ b/checkalias.c @@ -5,6 +5,7 @@ * For license terms, see the file COPYING in this directory. */ #include "config.h" +#include "fetchmail.h" #include <stdlib.h> #include <stdio.h> #include <string.h> @@ -21,7 +22,6 @@ #include <netdb.h> #include "i18n.h" #include "mx.h" -#include "fetchmail.h" #include "getaddrinfo.h" #define MX_RETRIES 3 diff --git a/configure.ac b/configure.ac index 47d88712..223ac149 100644 --- a/configure.ac +++ b/configure.ac @@ -375,7 +375,8 @@ AM_CONDITIONAL(POP2_ENABLE, test "$with_POP2" = yes) ### use option --disable-POP3 to omit the POP3 support AC_ARG_ENABLE(POP3, - [ --disable-POP3 don't compile in POP3 protocol support], + [AS_HELP_STRING([--disable-POP3], + [do not compile in POP3 protocol support])], [with_POP3=$enableval], [with_POP3=yes]) test "$with_POP3" = "yes" && AC_DEFINE(POP3_ENABLE,1,Define if you want POP3 support compiled in) @@ -383,7 +384,8 @@ AM_CONDITIONAL(POP3_ENABLE, test "$with_POP3" = yes) ### use option --disable-IMAP to omit the IMAP support AC_ARG_ENABLE(IMAP, - [ --disable-IMAP don't compile in IMAP protocol support], + [AS_HELP_STRING([--disable-IMAP], + [do not compile in IMAP protocol support])], [with_IMAP=$enableval], [with_IMAP=yes]) test "$with_IMAP" = "yes" && AC_DEFINE(IMAP_ENABLE,1,Define if you want IMAP support compiled in) @@ -391,7 +393,8 @@ AM_CONDITIONAL(IMAP_ENABLE, test "$with_IMAP" = yes) ### use option --disable-ETRN to omit the ETRN support AC_ARG_ENABLE(ETRN, - [ --disable-ETRN don't compile in ETRN protocol support], + [AS_HELP_STRING([--disable-ETRN],[do not compile in ETRN protocol + support])], [with_ETRN=$enableval], [with_ETRN=yes]) test "$with_ETRN" = "yes" && AC_DEFINE(ETRN_ENABLE,1,Define if you want ETRN support compiled in.) @@ -399,7 +402,8 @@ AM_CONDITIONAL(ETRN_ENABLE, test "$with_ETRN" = yes) ### use option --disable-ODMR to omit the ODMR support AC_ARG_ENABLE(ODMR, - [ --disable-ODMR don't compile in ODMR protocol support], + [AS_HELP_STRING([--disable-ODMR],[do not compile in ODMR protocol + support])], [with_ODMR=$enableval], [with_ODMR=yes]) test "$with_ODMR" = "yes" && AC_DEFINE(ODMR_ENABLE,1,Define if you want ODMR support compiled in) @@ -407,7 +411,8 @@ AM_CONDITIONAL(ODMR_ENABLE, test "$with_ODMR" = yes) ### use option --enable-RPA to compile in the RPA support AC_ARG_ENABLE(RPA, - [ --enable-RPA compile in RPA protocol support], + [AS_HELP_STRING([--enable-RPA],[compile in RPA protocol + support])], [with_RPA=$enableval], [with_RPA=no]) test "$with_RPA" = "yes" && AC_DEFINE(RPA_ENABLE,1,Define if you want RPA support compiled in) @@ -415,7 +420,8 @@ AM_CONDITIONAL(RPA_ENABLE, test "$with_RPA" = yes) ### use option --enable-NTLM to compile in the NTLM support AC_ARG_ENABLE(NTLM, - [ --enable-NTLM compile in NTLM authentication support], + [AS_HELP_STRING([--enable-NTLM],[compile in NTLM authentication + support])], [with_NTLM=$enableval], [with_NTLM=no]) test "$with_NTLM" = "yes" && AC_DEFINE(NTLM_ENABLE,1,Define if you want NTLM authentication) @@ -423,7 +429,7 @@ AM_CONDITIONAL(NTLM_ENABLE, test "$with_NTLM" = yes) ### use option --enable-SDPS to compile in the SDPS support AC_ARG_ENABLE(SDPS, - [ --enable-SDPS compile in SDPS protocol support], + [AS_HELP_STRING([--enable-SDPS],[compile in SDPS protocol support])], [with_SDPS=$enableval], [with_SDPS=no]) if test "$with_SDPS" = yes ; then @@ -443,7 +449,8 @@ AC_CACHE_SAVE ### use option --enable-opie to compile in the OPIE support AC_ARG_ENABLE(opie, - [ --enable-opie support OTP through the OPIE library], + [AS_HELP_STRING([--enable-opie],[support one-time passwords + (OTP) through the OPIE library])], [ AC_CHECK_HEADER(opie.h,, [AC_MSG_ERROR([cannot find <opie.h>, which is required for OPIE support.])]) AC_CHECK_LIB(opie,opiegenerator,, [AC_MSG_ERROR([cannot find libopie, which is required for OPIE support.])]) with_opie=$enableval], @@ -501,10 +508,10 @@ if test "$fm_cv_getaddrinfo" = yes ; then gai_ts=no dnl we have getaddrinfo() - check if the OS is known to have a async-signal-safe implementation case $host_os in - darwin9*) gai_ts=yes ;; - linux*) gai_ts=yes ;; - freebsd5.5|freebsd6*|freebsd7*) gai_ts=yes ;; - solaris2.8|solaris2.9|solaris2.10) gai_ts=yes ;; + darwin*) gai_ts=yes ;; + linux*) gai_ts=yes ;; + freebsd*) gai_ts=yes ;; + solaris*) gai_ts=yes ;; esac AC_MSG_RESULT($gai_ts) if test $gai_ts = yes ; then @@ -523,14 +530,15 @@ fi # * Move all the kerberos header mess to kerberos.h, and #include that # in driver.c and kerberos.c. # -# Tested using the Heimdal Kerberos V libs, Kungliga Tekniska Högskolan (the +# Tested using the Heimdal Kerberos V libs, Kungliga Tekniska Högskolan (the # Royal Institute of Technology in Stockholm, Sweden)'s kerberos IV libs, and # the MIT reference implementation of KerberosV (all as packaged in Debian). ### use option --with-kerberos5=DIR to point at a Kerberos 5 directory ### make sure --with-ssl is run before --with-kerberos* ! AC_ARG_WITH(kerberos5, - [ --with-kerberos5=DIR point fetchmail compilation at a Kerberos 5 directory], + [AS_HELP_STRING([--with-kerberos5[[=DIR]]],[point fetchmail + compilation at a Kerberos 5 directory])], [ if test "$with_kerberos5" != "no" then @@ -708,7 +716,9 @@ AM_CONDITIONAL(KERBEROS_V4_ENABLE, test "$KERBEROS_V4" = 1) ### use option --with-ssl to compile in the SSL support AC_ARG_WITH(ssl, - [ --with-ssl=[DIR] enable SSL support using libraries in DIR], + [AS_HELP_STRING([--with-ssl[[={yes|no|DIR}]]],[Use OpenSSL from + DIR/include/openssl and + DIR/lib (default: yes). Yes means try to find it.])], [with_ssl=$withval], [with_ssl=yes]) @@ -755,7 +765,7 @@ then AC_MSG_NOTICE(Enabling OpenSSL support in $with_ssl.) test "$with_ssl" != "/usr" && CFLAGS="$CFLAGS -I$with_ssl/include" ### In Red Hat 9, this file includes a reference to <krb5.h>, so we - ### force the Kerberos direcory onto the include path so it will build. + ### force the Kerberos directory onto the include path so it will build. CFLAGS="$CFLAGS -I/usr/kerberos/include" ### OpenBSD comes with ssl headers else @@ -789,13 +799,17 @@ else fi case "$LIBS" in *-lssl*) + AC_CHECK_DECLS([TLS1_2_VERSION],, + AC_MSG_ERROR([Your OpenSSL version is too old and does not support TLS v1.2. Upgrade.]), + [#include <openssl/ssl.h>]) AC_CHECK_DECLS([SSLv3_client_method],,,[#include <openssl/ssl.h>]) ;; esac ### use option --with-socks=DIR to point at SOCKS library AC_ARG_WITH(socks, - [ --with-socks[=DIR] add built-in SOCKS firewall access], + [AS_HELP_STRING([--with-socks[[=DIR]]],[add built-in SOCKS (4) + firewall access])], [ if test "$with_socks" != no then @@ -813,7 +827,8 @@ fi]) ### use option --with-socks5=DIR to point at SOCKS library AC_ARG_WITH(socks5, - [ --with-socks5[=DIR] add built-in SOCKS5 firewall access], + [AS_HELP_STRING([--with-socks5[[=DIR]]],[add built-in SOCKS5 + firewall access])], [ if test "$with_socks5" != no then @@ -836,7 +851,8 @@ AC_ma_SEARCH_PACKAGE(hesiod, hesiod_getmailhost, /usr/athena /usr /usr/local,hes ### use option --with-gssapi=DIR to compile in GSSAPI support AC_ARG_WITH(gssapi, - [ --with-gssapi[=DIR] compile in GSSAPI support using libraries in DIR], + [AS_HELP_STRING([--with-gssapi[[=DIR]]],[compile in GSSAPI + support using libraries in DIR])], [ if test "$with_gssapi" != "no" then @@ -15,7 +15,7 @@ #include "socket.h" #include "i18n.h" -#include "fm_md5.h" +#include "fm_md5.h" void hmac_md5 (const unsigned char *password, size_t pass_len, const unsigned char *challenge, size_t chal_len, @@ -238,12 +238,15 @@ nottyDetach: if (dup(logfd) < 0 /* stdout */ || ((logfd == 0 || logfd >= 3) && dup(logfd) < 0)) { /* stderr */ - report(stderr, "dup (%s)\n", strerror(errno)); + report(stderr, "dup(): %s\n", strerror(errno)); return(PS_IOERR); } /* move to root directory, so we don't prevent filesystem unmounts */ - chdir("/"); + if (chdir("/")) { + report(stderr, "chdir(\"/\"): %s\n", strerror(errno)); + return PS_IOERR; + } /* set our umask to something reasonable (we hope) */ #if defined(DEF_UMASK) diff --git a/dist-tools/makerelease.pl b/dist-tools/makerelease.pl index 48482376..8bdba4bd 100755 --- a/dist-tools/makerelease.pl +++ b/dist-tools/makerelease.pl @@ -63,7 +63,7 @@ my $tmp = $ENV{TMPDIR} || $ENV{TMP} || $ENV{TEMP} || "/tmp"; # extract version from source my $version =`grep 'AC_INIT' configure.ac`; -$version =~ /AC_INIT\([^,]*,\[?([0-9.rcbeta-]+)\]?\,.*\)/; +$version =~ /AC_INIT\([^,]*,\[?([0-9.rcbetalph-]+)\]?\,.*\)/; $version = $1; die "cannot determine version" unless defined $1; my $tag = "RELEASE_$version"; diff --git a/fetchmail-FAQ.html b/fetchmail-FAQ.html index 0f9c9a96..5b9a1203 100644 --- a/fetchmail-FAQ.html +++ b/fetchmail-FAQ.html @@ -17,7 +17,7 @@ a much better one. <title>The Fetchmail FAQ</title> <meta name="description" content="Frequently asked questions about fetchmail."/> -<meta name="keywords" content="fetchmail, POP, POP2, POP3, IMAP, remote mail"/> +<meta name="keywords" content="fetchmail, POP3, IMAP, remote mail"/> </head> <body> <table width="100%" cellpadding="0" summary="Canned page footer"> @@ -2071,7 +2071,7 @@ SSL?</a></h2> <p>You'll need to have the <a href="https://www.openssl.org/">OpenSSL</a> libraries installed, and they should at least be version 1.0.2. -Configure with --with-ssl. If you have the OpenSSL libraries +Configure with --with-ssl (default since fetchmail v6.4.0). If you have the OpenSSL libraries installed in commonly-used default locations, this will suffice. If you have them installed in a non-default location, you'll need to specify the OpenSSL installation directory as an argument diff --git a/fetchmail.c b/fetchmail.c index 80993ccb..5e570154 100644 --- a/fetchmail.c +++ b/fetchmail.c @@ -964,7 +964,7 @@ static void optmerge(struct query *h2, struct query *h1, int force) list_merge(&h2->domainlist, &h1->domainlist, force); list_merge(&h2->antispam, &h1->antispam, force); -#define FLAG_MERGE(fld) if (force ? !!h1->fld : !h2->fld) h2->fld = h1->fld +#define FLAG_MERGE(fld) do { if (force ? !!h1->fld : !h2->fld) h2->fld = h1->fld; } while (0) FLAG_MERGE(server.via); FLAG_MERGE(server.protocol); FLAG_MERGE(server.service); @@ -1575,6 +1575,7 @@ static int query_host(struct query *ctl) default: report(stderr, GT_("unsupported protocol selected.\n")); st = PS_PROTOCOL; + break; } /* diff --git a/fetchmail.h b/fetchmail.h index 327552d8..dae4f8a1 100644 --- a/fetchmail.h +++ b/fetchmail.h @@ -38,8 +38,8 @@ struct addrinfo; # include "trio/trio.h" #endif -#include "uid_db.h" #include "fm_strl.h" +#include "uid_db.h" /* constants designating the various supported protocols */ #define P_AUTO 1 @@ -114,7 +114,7 @@ struct addrinfo; #define MSGBUFSIZE 8192 #define NAMELEN 64 /* max username length */ -#define PASSWORDLEN 64 /* max password length */ +#define PASSWORDLEN 256 /* max password length */ #define DIGESTLEN 33 /* length of MD5 digest */ /* exit code values */ @@ -244,7 +244,7 @@ exchange (argv) { /* Bottom segment is the short one. */ int len = middle - bottom; - register int i; + int i; /* Swap it with the top part of the top segment. */ for (i = 0; i < len; i++) @@ -260,7 +260,7 @@ exchange (argv) { /* Top segment is the short one. */ int len = top - middle; - register int i; + int i; /* Swap it with the bottom part of the bottom segment. */ for (i = 0; i < len; i++) @@ -5,13 +5,14 @@ */ #include "config.h" +#include "fetchmail.h" + #include <stdio.h> #include <string.h> #include <ctype.h> #if defined(STDC_HEADERS) #include <stdlib.h> #endif -#include "fetchmail.h" #include "socket.h" #include "i18n.h" @@ -16,12 +16,12 @@ is part of fetchmail and the Unix Cookbook, and are released under the MIT license. Compile with -DMAIN to build the demonstrator. ******************************************************************************/ +#include "fetchmail.h" #include <stdio.h> #include <stdlib.h> #include <unistd.h> #include <signal.h> #include <errno.h> -#include <fetchmail.h> /* for ROOT_UID */ #ifndef TRUE #define TRUE 1 @@ -5,6 +5,7 @@ */ #include "config.h" +#include "fetchmail.h" #include <sys/stat.h> #include <errno.h> @@ -18,7 +19,6 @@ #include <unistd.h> #endif -#include "fetchmail.h" /** Save string \a str to idlist \a idl with status \a status. * \return Pointer to the last element of the list to help the quick, @@ -82,21 +82,6 @@ void save_str_pair(struct idlist **idl, const char *str1, const char *str2) (*end)->next = (struct idlist *)NULL; } -#ifdef __UNUSED__ -void free_str_pair_list(struct idlist **idl) -/* free the given ID pair list */ -{ - if (*idl == (struct idlist *)NULL) - return; - - free_idpair_list(&(*idl)->next); - free ((*idl)->id); - free ((*idl)->val.id2); - free(*idl); - *idl = (struct idlist *)NULL; -} -#endif - /** Check if ID \a str is in idlist \a idl. \return idlist entry if found, * NULL if not found. */ struct idlist *str_in_list(struct idlist **idl, const char *str, @@ -6,6 +6,8 @@ */ #include "config.h" +#include "fetchmail.h" + #include <stdio.h> #include <string.h> #include <strings.h> @@ -15,7 +17,6 @@ #include <limits.h> #include <errno.h> #endif -#include "fetchmail.h" #include "socket.h" #include "i18n.h" @@ -627,15 +628,6 @@ static int imap_getauth(int sock, struct query *ctl, char *greeting) } #endif /* NTLM_ENABLE */ -#ifdef __UNUSED__ /* The Cyrus IMAP4rev1 server chokes on this */ - /* this handles either AUTH=LOGIN or AUTH-LOGIN */ - if ((imap_version >= IMAP4rev1) && (!strstr(capabilities, "LOGIN"))) - { - report(stderr, - GT_("Required LOGIN capability not supported by server\n")); - } -#endif /* __UNUSED__ */ - /* * We're stuck with sending the password en clair. * The reason for this odd-looking logic is that some @@ -4,6 +4,7 @@ * For license terms, see the file COPYING in this directory. */ #include "config.h" +#include "fetchmail.h" #include <stdio.h> #ifdef HAVE_STRING_H @@ -19,7 +20,6 @@ #include <fcntl.h> #include <signal.h> -#include "fetchmail.h" #include "i18n.h" #include "lock.h" @@ -11,13 +11,13 @@ */ #include "config.h" +#include "fetchmail.h" #include <stdio.h> #include <ctype.h> #include <stdlib.h> #include <string.h> -#include "fetchmail.h" #include "netrc.h" #include "i18n.h" @@ -5,13 +5,14 @@ */ #include "config.h" +#include "fetchmail.h" + #include <stdio.h> #include <string.h> #include <ctype.h> #if defined(STDC_HEADERS) #include <stdlib.h> #endif -#include "fetchmail.h" #include "socket.h" #include "i18n.h" @@ -43,7 +44,7 @@ int do_otp(int sock, const char *command, struct query *ctl) return PS_AUTHFAIL; } - to64frombits(buffer, ctl->remotename, strlen(ctl->remotename), sizeof buffer); + to64frombits(buffer, ctl->remotename, strlen(ctl->remotename), sizeof(buffer)); suppress_tags = TRUE; gen_send(sock, "%s", buffer); suppress_tags = FALSE; @@ -70,7 +71,7 @@ int do_otp(int sock, const char *command, struct query *ctl) if (rval) return(PS_AUTHFAIL); - to64frombits(buffer, response, strlen(response), sizeof buffer); + to64frombits(buffer, response, strlen(response), sizeof(buffer)); suppress_tags = TRUE; gen_send(sock, "%s", buffer); suppress_tags = FALSE; @@ -6,6 +6,7 @@ */ #include "config.h" +#include "fetchmail.h" #include <stdio.h> #include <pwd.h> @@ -6,6 +6,7 @@ */ #include "config.h" + #ifdef POP3_ENABLE #include <stdio.h> #include <string.h> @@ -708,22 +709,6 @@ static int pop3_getauth(int sock, struct query *ctl, char *greeting) return(ok); } -/* Disable the sleep. Based on patch by Brian Candler 2004-04-19/2004-11-08, - * accepted by Matthias Andree. - * - * Rationale: the server must have locked the spool before returning +OK; - * this sleep just wastes time and hence, for modem and GSM CSD users, money. */ -#ifdef WANT_BOGUS - /* - * Empirical experience shows some server/OS combinations - * may need a brief pause even after any lockfiles on the - * server are released, to give the server time to finish - * copying back very large mailfolders from the temp-file... - * this is only ever an issue with extremely large mailboxes. - */ - sleep(3); /* to be _really_ safe, probably need sleep(5)! */ -#endif - /* we're approved */ return(PS_SUCCESS); } @@ -1231,29 +1216,6 @@ static int pop3_is_old(int sock, struct query *ctl, int num) } } -#ifdef UNUSED -/* - * We could use this to fetch headers only as we do for IMAP. The trouble - * is that there's no way to fetch the body only. So the following RETR - * would have to re-fetch the header. Enough messages have longer headers - * than bodies to make this a net loss. - */ -static int pop_fetch_headers(int sock, struct query *ctl,int number,int *lenp) -/* request headers of nth message */ -{ - int ok; - char buf[POPBUFSIZE+1]; - - gen_send(sock, "TOP %d 0", number); - if ((ok = pop3_ok(sock, buf)) != 0) - return(ok); - - *lenp = -1; /* we got sizes from the LIST response */ - - return(PS_SUCCESS); -} -#endif /* UNUSED */ - static int pop3_fetch(int sock, struct query *ctl, int number, int *lenp) /* request nth message */ { @@ -1389,24 +1351,6 @@ static int pop3_logout(int sock, struct query *ctl) { int ok; -#ifdef __UNUSED__ - /* - * We used to do this in case the server marks messages deleted when seen. - * (Yes, this has been reported, in the MercuryP/NLM server. - * It's even legal under RFC 1939 (section 8) as a site policy.) - * It interacted badly with UIDL, though. Thomas Zajic wrote: - * "Running 'fetchmail -F -v' and checking the logs, I found out - * that fetchmail did in fact flush my mailbox properly, but sent - * a RSET just before sending QUIT to log off. This caused the - * POP3 server to undo/forget about the previous DELEs, resetting - * my mailbox to its original (ie. unflushed) state. The - * ~/.fetchids file did get flushed though, so the next time - * fetchmail was run it saw all the old messages as new ones ..." - */ - if (ctl->keep) - gen_transact(sock, "RSET"); -#endif /* __UNUSED__ */ - ok = gen_transact(sock, "QUIT"); if (!ok) expunge_uids(ctl); @@ -36,8 +36,6 @@ int yywrap(void) { return 1; } %s NAME AUTH - - %% \"[^\"]*\" | @@ -6,6 +6,7 @@ */ #include "config.h" +#include "fetchmail.h" #include <stdio.h> #include <sys/types.h> #include <sys/file.h> @@ -462,6 +463,8 @@ int prc_parse_file (const char *pathname, const flag securecheck) prc_errflag = 0; querylist = hosttail = (struct query *)NULL; + (void)yytoknum; /* work around compiler warning */ + errno = 0; /* Check that the file is secure */ @@ -21,6 +21,7 @@ MIT license. Compile with -DMAIN to build the demonstrator. ******************************************************************************/ #include "config.h" +#include "fetchmail.h" #include <stdio.h> #include <ctype.h> @@ -28,7 +29,6 @@ MIT license. Compile with -DMAIN to build the demonstrator. #include <strings.h> #include <stdlib.h> -#include "fetchmail.h" #include "sdump.h" #ifndef MAIN @@ -16,6 +16,7 @@ #include "config.h" #if defined(POP3_ENABLE) && defined(RPA_ENABLE) +#include "fetchmail.h" #include <stdio.h> #include <stdlib.h> #include <unistd.h> @@ -24,7 +25,6 @@ #include <sys/types.h> #include "socket.h" -#include "fetchmail.h" #include "fm_md5.h" #include "i18n.h" @@ -11,6 +11,8 @@ */ #include "config.h" +#include "fetchmail.h" + #include <stdio.h> #include <errno.h> #include <string.h> @@ -32,8 +34,6 @@ #include <ctype.h> #include <langinfo.h> -#include "fetchmail.h" - /* for W* macros after pclose() */ #define _USE_BSD #include <sys/types.h> @@ -445,18 +445,6 @@ static int handle_smtp_report(struct query *ctl, struct msgblk *msg) responses[0] = xstrdup(smtp_response); -#ifdef __UNUSED__ - /* - * Don't do this! It can really mess you up if, for example, you're - * reporting an error with a single RCPT TO address among several; - * RSET discards the message body and it doesn't get sent to the - * valid recipients. - */ - smtp_rset(ctl); /* stay on the safe side */ - if (outlevel >= O_DEBUG) - report(stdout, GT_("Saved error is still %d\n"), smtperr); -#endif /* __UNUSED */ - /* * Note: send_bouncemail message strings are not made subject * to gettext translation because (a) they're going to be @@ -533,12 +521,6 @@ static int handle_smtp_report(struct query *ctl, struct msgblk *msg) * (b) we wouldn't want spammers to get confirmation that * this address is live, anyway. */ -#ifdef __DONT_FEED_THE_SPAMMERS__ - if (run.bouncemail) - send_bouncemail(ctl, msg, XMIT_ACCEPT, - "Invalid address in MAIL FROM (SMTP error 553).\r\n", - 1, responses); -#endif /* __DONT_FEED_THE_SPAMMERS__ */ free(responses[0]); return(PS_REFUSED); @@ -617,10 +599,6 @@ static int handle_smtp_report_without_bounce(struct query *ctl, struct msgblk *m return(PS_REFUSED); case 553: /* invalid sending domain */ -#ifdef __DONT_FEED_THE_SPAMMERS__ - if (run.bouncemail) - return(PS_SUCCESS); -#endif /* __DONT_FEED_THE_SPAMMERS__ */ return(PS_REFUSED); default: @@ -1185,6 +1163,16 @@ static int open_mda_sink(struct query *ctl, struct msgblk *msg, for (dp = after, sp = before; (*dp = *sp); dp++, sp++) { if (sp[0] != '%') continue; + if (sp > before && sp[-1] == '\'') { + report(stderr, GT_("MDA option contains single-quoted %%%c expansion.\n"), sp[1]); + report(stderr, GT_("Refusing to deliver. Check the manual and fix your mda option.\n")); + free(before); + free(after); + if (from) free(from); + if (names) free(names); + return PS_SYNTAX; + } + /* need to expand? BTW, no here overflow, because in ** the worst case (end of string) sp[1] == '\0' */ if (sp[1] == 's' || sp[1] == 'T') { diff --git a/smbencrypt.c b/smbencrypt.c index ad14707f..21d7bff0 100644 --- a/smbencrypt.c +++ b/smbencrypt.c @@ -65,12 +65,6 @@ static size_t skip_multibyte_char(char c) return 0; } - -/******************************************************************* -safe string copy into a known length string. maxlength does not -include the terminating zero. -********************************************************************/ - static void strupper(char *s) { while (*s) @@ -201,43 +195,3 @@ void SMBNTencrypt(uchar *passwd, uchar *c8, uchar *p24) dump_data(100, (char *)p24, 24); #endif } - -#if 0 - -BOOL make_oem_passwd_hash(char data[516], const char *passwd, uchar old_pw_hash[16], BOOL unicode) -{ - int new_pw_len = strlen(passwd) * (unicode ? 2 : 1); - - if (new_pw_len > 512) - { - DEBUG(0,("make_oem_passwd_hash: new password is too long.\n")); - return False; - } - - /* - * Now setup the data area. - * We need to generate a random fill - * for this area to make it harder to - * decrypt. JRA. - */ - generate_random_buffer((unsigned char *)data, 516, False); - if (unicode) - { - struni2( &data[512 - new_pw_len], passwd); - } - else - { - fstrcpy( &data[512 - new_pw_len], passwd); - } - SIVAL(data, 512, new_pw_len); - -#ifdef DEBUG_PASSWORD - DEBUG(100,("make_oem_passwd_hash\n")); - dump_data(100, data, 516); -#endif - SamOEMhash( (unsigned char *)data, (unsigned char *)old_pw_hash, True); - - return True; -} - -#endif @@ -1,3 +1,4 @@ +#include "fetchmail.h" #include <unistd.h> #include <stdlib.h> #include <stdio.h> @@ -7,7 +8,6 @@ #include "ntlm.h" #include "smbencrypt.h" #include "smbbyteorder.h" -#include "fetchmail.h" char versionString[] ="libntlm version 0.21"; @@ -9,6 +9,8 @@ */ #include "config.h" +#include "fetchmail.h" + #include <stdio.h> #include <errno.h> #include <string.h> @@ -48,7 +50,6 @@ #endif #include "socket.h" -#include "fetchmail.h" #include "getaddrinfo.h" #include "i18n.h" #include "sdump.h" @@ -226,7 +227,7 @@ int UnixOpen(const char *path) return -1; } - /* Socket opened saved. Usefull if connect timeout + /* Socket opened saved. Useful if connect timeout * because it can be closed. */ mailserver_socket_temp = sock; @@ -374,6 +375,10 @@ va_dcl { } #ifdef SSL_ENABLE +/* OPENSSL_NO_SSL_INTERN: + transitional feature for OpenSSL 1.0.1 up to and excluding 1.1.0 + to make sure we do not access internal structures! */ +#define OPENSSL_NO_SSL_INTERN 1 #define OPENSSL_NO_DEPRECATED 23 #include <openssl/ssl.h> #include <openssl/err.h> @@ -616,7 +621,7 @@ SSL *SSLGetContext( int sock ) /* ok_return (preverify_ok) is 1 if this stage of certificate verification passed, or 0 if it failed. This callback lets us display informative errors, and perform additional validation (e.g. CN matches) */ -static int SSL_verify_callback( int ok_return, X509_STORE_CTX *ctx, int strict ) +static int SSL_verify_callback(int ok_return, X509_STORE_CTX *ctx, int strict) { #define SSLverbose (((outlevel) >= O_DEBUG) || ((outlevel) >= O_VERBOSE && (depth) == 0)) char buf[257]; @@ -847,7 +852,7 @@ static int SSL_verify_callback( int ok_return, X509_STORE_CTX *ctx, int strict ) _verify_ok &= ok_return; if (!strict) ok_return = 1; - return (ok_return); + return ok_return; } static int SSL_nock_verify_callback( int ok_return, X509_STORE_CTX *ctx ) @@ -1108,6 +1113,7 @@ int SSLOpen(int sock, char *mycert, char *mykey, const char *myproto, int certck available protocol, subject to SSL_OP_NO* constraints. */ _ctx[sock] = SSL_CTX_new(SSLv23_client_method()); } + if(_ctx[sock] == NULL) { unsigned long ec = ERR_peek_last_error(); ERR_print_errors_fp(stderr); @@ -20,7 +20,6 @@ struct addrinfo; /** Create a new client socket; returns -1 on error */ int SockOpen(const char *host, const char *service, const char *plugin, struct addrinfo **); - /** Get a string terminated by an '\n' (matches interface of fgets). Pass it a valid socket, a buffer for the string, and @@ -17,6 +17,9 @@ * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ +#include "config.h" +#include "fetchmail.h" + #include <sys/types.h> #include <assert.h> #include <string.h> @@ -17,6 +17,9 @@ * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ +#include "config.h" +#include "fetchmail.h" + #include <sys/types.h> #include <assert.h> #include <string.h> @@ -6,6 +6,7 @@ */ #include "config.h" +#include "fetchmail.h" #include <stdio.h> #include <string.h> #include <ctype.h> @@ -35,7 +36,6 @@ #include "i18n.h" #include "socket.h" -#include "fetchmail.h" /** Macro to clamp the argument so it is >= INT_MIN. */ #define _FIX_INT_MIN(x) ((x) < INT_MIN ? INT_MIN : (x)) @@ -888,24 +888,6 @@ eoh: else if (!strncasecmp("Resent-Sender:", line, 14) && (strchr(line, '@') || strchr(line, '!'))) resent_sender_offs = (line - msgblk.headers); -#ifdef __UNUSED__ - else if (!strncasecmp("Message-Id:", line, 11)) - { - if (ctl->server.uidl) - { - char id[IDLEN+1]; - - line[IDLEN+12] = 0; /* prevent stack overflow */ - sscanf(line+12, "%s", id); - if (!str_find( &ctl->newsaved, num)) - { - struct idlist *newl = save_str(&ctl->newsaved,id,UID_SEEN); - newl->val.status.num = num; - } - } - } -#endif /* __UNUSED__ */ - /* if multidrop is on, gather addressee headers */ if (MULTIDROP(ctl)) { diff --git a/ucs/norm_charmap.c b/ucs/norm_charmap.c index dedad326..07c5d2a9 100644 --- a/ucs/norm_charmap.c +++ b/ucs/norm_charmap.c @@ -26,6 +26,7 @@ #include "config.h" /* import AC_C_CONST effects */ #include "norm_charmap.h" +#include "fetchmail.h" #include <string.h> @@ -23,10 +23,9 @@ #include "sdump.h" /* - * Machinery for handling UID lists live here. This is mainly to support - * RFC1725/RFC1939-conformant POP3 servers without a LAST command, but may also - * be useful for making the IMAP4 querying logic UID-oriented, if a future - * revision of IMAP forces me to. + * Machinery for handling UID lists live here. This is currently used + * by POP3, but may also be useful for making the IMAP4 querying logic + * UID-oriented. * * These functions are also used by the rest of the code to maintain * string lists. @@ -121,6 +120,7 @@ static int dump_saved_uid(struct uid_db_record *rec, void *unused) return 0; } +/** Read saved IDs from \a idfile and attach to each host in \a hostlist. */ void initialize_saved_lists(struct query *hostlist, const char *idfile) { struct stat statbuf; @@ -347,7 +347,7 @@ static void dump_uid_db(struct uid_db *db) traverse_uid_db(db, dump_uid_db_record, &n_recs); } -/* finish a query */ +/** Finish a successful query */ void uid_swap_lists(struct query *ctl) { /* debugging code */ @@ -390,7 +390,7 @@ void uid_swap_lists(struct query *ctl) report(stdout, GT_("not swapping UID lists, no UIDs seen this query\n")); } -/* finish a query which had errors */ +/** Finish a query which had errors */ void uid_discard_new_list(struct query *ctl) { /* debugging code */ @@ -446,6 +446,7 @@ static int write_uid_db_record(struct uid_db_record *rec, void *arg) return rc < 0 ? -1 : 0; } +/** Write new list of UIDs (state) to \a idfile. */ void write_saved_lists(struct query *hostlist, const char *idfile) { long idcount; @@ -504,7 +505,7 @@ void write_saved_lists(struct query *hostlist, const char *idfile) bailout: (void)fflush(tmpfp); /* return code ignored, we check ferror instead */ errflg |= ferror(tmpfp); - fclose(tmpfp); + errflg |= fclose(tmpfp); /* if we could write successfully, move into place; * otherwise, drop */ if (errflg) { @@ -13,12 +13,12 @@ * For license terms, see the file COPYING in this directory. */ +#include "fetchmail.h" #include "config.h" #include <string.h> #include <stdlib.h> #include <stdio.h> #include <ctype.h> -#include "fetchmail.h" #include "i18n.h" static unsigned char unhex(unsigned char c) |