aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--.gitignore11
-rw-r--r--NEWS11
-rw-r--r--README3
-rw-r--r--README.git1
-rw-r--r--TODO.txt23
-rw-r--r--checkalias.c2
-rw-r--r--configure.ac54
-rw-r--r--cram.c2
-rw-r--r--daemon.c7
-rwxr-xr-xdist-tools/makerelease.pl2
-rw-r--r--fetchmail-FAQ.html4
-rw-r--r--fetchmail.c3
-rw-r--r--fetchmail.h4
-rw-r--r--getopt.c4
-rw-r--r--gssapi.c3
-rw-r--r--idle.c2
-rw-r--r--idlist.c17
-rw-r--r--imap.c12
-rw-r--r--lock.c2
-rw-r--r--netrc.c2
-rw-r--r--opie.c7
-rw-r--r--options.c1
-rw-r--r--pop3.c58
-rw-r--r--rcfile_l.l2
-rw-r--r--rcfile_y.y3
-rw-r--r--rfc822.c2
-rw-r--r--rpa.c2
-rw-r--r--sink.c36
-rw-r--r--smbencrypt.c46
-rw-r--r--smbutil.c2
-rw-r--r--socket.c14
-rw-r--r--socket.h1
-rw-r--r--strlcat.c3
-rw-r--r--strlcpy.c3
-rw-r--r--transact.c20
-rw-r--r--ucs/norm_charmap.c1
-rw-r--r--uid.c15
-rw-r--r--unmime.c2
38 files changed, 153 insertions, 234 deletions
diff --git a/.gitignore b/.gitignore
index 032ff6e0..1894ce54 100644
--- a/.gitignore
+++ b/.gitignore
@@ -6,9 +6,13 @@
.deps/
.project
.rsyncs
+.settings/
+.vscode/
/nbproject/
ABOUT-NLS
aclocal.m4
+ANNOUNCE.EMAIL
+ar-lib
autobuild/
autom4te.cache
build*
@@ -36,7 +40,9 @@ fetchmail-man.html
fetchmail.spec
fetchmailconf
genlsm.sh
+IMAPCapa
install-sh
+intl/
libfm.a
m4/
Mailbox-Names-UTF7.html
@@ -60,13 +66,10 @@ rfc822valid
stamp-h1
tags
test-driver
+test-suite.log
TODO
unmime
x509_name_match
ylwrap
\#*#
-.settings/
-.vscode/
_build*
-ANNOUNCE.EMAIL
-ar-lib
diff --git a/NEWS b/NEWS
index c9c65a1b..b30474b4 100644
--- a/NEWS
+++ b/NEWS
@@ -99,6 +99,17 @@ fetchmail-6.4.0 (not yet released):
* Fetchmail prevents buffer overruns in GSSAPI authentication with user names
beyond c. 6000 characters in length. Reported by Greg Hudson.
+## CHANGED REQUIREMENTS
+* fetchmail 6.4.0 is written in C99 and requires a SUSv3 (Single Unix
+ Specification v3, a superset of POSIX.1-2001 aka. IEEE Std 1003.1-2001 with
+ XSI extension) compliant system. For now, a C89 compiler should also work
+ if the system is SUSv3 compliant.
+
+ In particular, older fetchmail versions had workaround for several functions
+ standardized in the Single Unix Specification v3, these have been removed.
+
+ The trio/ library has been removed from the distribution.
+
## CHANGES
* fetchmail 6.3.X is unsupported.
* fetchmail now configures OpenSSL support by default.
diff --git a/README b/README
index a33a791c..73f11ffe 100644
--- a/README
+++ b/README
@@ -46,7 +46,6 @@ used in some parts of the code.
Future fetchmail releases will require modern language features such as
"long long" and others, so this release is the last to support C89.
-
Further reading
---------------
@@ -62,7 +61,7 @@ Status, source code
The fetchmail code appears to be stable and free of bugs affecting normal
operation (that is, retrieving from POP3 or IMAP in single-drop mode and
-forwarding via SMTP to a local MTA).
+forwarding via SMTP to a local mail transfer agent).
You can get the code from the fetchmail home page:
diff --git a/README.git b/README.git
index 59fae997..1781c192 100644
--- a/README.git
+++ b/README.git
@@ -12,6 +12,7 @@ The prerequisite packages are:
- GNU m4
- GNU bison
- GNU flex >= 2.5.30
+- A TLSv1.2-capable OpenSSL version (>= 1.0.2)
After you have everything installed, type:
diff --git a/TODO.txt b/TODO.txt
index 8839b017..28fad276 100644
--- a/TODO.txt
+++ b/TODO.txt
@@ -176,6 +176,29 @@ questionable:
does it expect, what does it get instead, what does that mean, how can the
user fix it; references to the manual)
+- grarpamp suggested, on the fetchmail list in later April 2013, more
+ config file flexibility and explicitness, by marking polls, hosts,
+ accounts. See thread.
+
+- more selection options, Debian Bug#705291.
+
+- add a way to specify multiple fingerprints per host
+
+- add a way to specify non-MD5 fingerprints per host. SHA1 can be told
+ from its mere length; other digest algorithms would require some sort
+ of prefix. We may require the prefix for SHA1, too, for clarity.
+
+- more useful logging, suggested by Jerry, fetchmail-users, 17 May 2013
+ should include date, time, message-id, and 250 Ok message from
+ listener that got forwarded to.
+
+- support to present/limit the ciphers and protocols used
+ ciphers: Martin Koeppe (mkoeppe at gmx dot de) 20130717 on
+ fetchmail-users list.
+ protocols: see recent Postfix versions
+
+- add timestamps to local logfiles, proposed by Aaron Sloman
+ <A.Sloman at cs.bham.ac.uk> 2013-10-16
DOCUMENTATION:
- Add info whether Keywords are global, server or user keywords
diff --git a/checkalias.c b/checkalias.c
index eb92ff00..4da77656 100644
--- a/checkalias.c
+++ b/checkalias.c
@@ -5,6 +5,7 @@
* For license terms, see the file COPYING in this directory.
*/
#include "config.h"
+#include "fetchmail.h"
#include <stdlib.h>
#include <stdio.h>
#include <string.h>
@@ -21,7 +22,6 @@
#include <netdb.h>
#include "i18n.h"
#include "mx.h"
-#include "fetchmail.h"
#include "getaddrinfo.h"
#define MX_RETRIES 3
diff --git a/configure.ac b/configure.ac
index 47d88712..223ac149 100644
--- a/configure.ac
+++ b/configure.ac
@@ -375,7 +375,8 @@ AM_CONDITIONAL(POP2_ENABLE, test "$with_POP2" = yes)
### use option --disable-POP3 to omit the POP3 support
AC_ARG_ENABLE(POP3,
- [ --disable-POP3 don't compile in POP3 protocol support],
+ [AS_HELP_STRING([--disable-POP3],
+ [do not compile in POP3 protocol support])],
[with_POP3=$enableval],
[with_POP3=yes])
test "$with_POP3" = "yes" && AC_DEFINE(POP3_ENABLE,1,Define if you want POP3 support compiled in)
@@ -383,7 +384,8 @@ AM_CONDITIONAL(POP3_ENABLE, test "$with_POP3" = yes)
### use option --disable-IMAP to omit the IMAP support
AC_ARG_ENABLE(IMAP,
- [ --disable-IMAP don't compile in IMAP protocol support],
+ [AS_HELP_STRING([--disable-IMAP],
+ [do not compile in IMAP protocol support])],
[with_IMAP=$enableval],
[with_IMAP=yes])
test "$with_IMAP" = "yes" && AC_DEFINE(IMAP_ENABLE,1,Define if you want IMAP support compiled in)
@@ -391,7 +393,8 @@ AM_CONDITIONAL(IMAP_ENABLE, test "$with_IMAP" = yes)
### use option --disable-ETRN to omit the ETRN support
AC_ARG_ENABLE(ETRN,
- [ --disable-ETRN don't compile in ETRN protocol support],
+ [AS_HELP_STRING([--disable-ETRN],[do not compile in ETRN protocol
+ support])],
[with_ETRN=$enableval],
[with_ETRN=yes])
test "$with_ETRN" = "yes" && AC_DEFINE(ETRN_ENABLE,1,Define if you want ETRN support compiled in.)
@@ -399,7 +402,8 @@ AM_CONDITIONAL(ETRN_ENABLE, test "$with_ETRN" = yes)
### use option --disable-ODMR to omit the ODMR support
AC_ARG_ENABLE(ODMR,
- [ --disable-ODMR don't compile in ODMR protocol support],
+ [AS_HELP_STRING([--disable-ODMR],[do not compile in ODMR protocol
+ support])],
[with_ODMR=$enableval],
[with_ODMR=yes])
test "$with_ODMR" = "yes" && AC_DEFINE(ODMR_ENABLE,1,Define if you want ODMR support compiled in)
@@ -407,7 +411,8 @@ AM_CONDITIONAL(ODMR_ENABLE, test "$with_ODMR" = yes)
### use option --enable-RPA to compile in the RPA support
AC_ARG_ENABLE(RPA,
- [ --enable-RPA compile in RPA protocol support],
+ [AS_HELP_STRING([--enable-RPA],[compile in RPA protocol
+ support])],
[with_RPA=$enableval],
[with_RPA=no])
test "$with_RPA" = "yes" && AC_DEFINE(RPA_ENABLE,1,Define if you want RPA support compiled in)
@@ -415,7 +420,8 @@ AM_CONDITIONAL(RPA_ENABLE, test "$with_RPA" = yes)
### use option --enable-NTLM to compile in the NTLM support
AC_ARG_ENABLE(NTLM,
- [ --enable-NTLM compile in NTLM authentication support],
+ [AS_HELP_STRING([--enable-NTLM],[compile in NTLM authentication
+ support])],
[with_NTLM=$enableval],
[with_NTLM=no])
test "$with_NTLM" = "yes" && AC_DEFINE(NTLM_ENABLE,1,Define if you want NTLM authentication)
@@ -423,7 +429,7 @@ AM_CONDITIONAL(NTLM_ENABLE, test "$with_NTLM" = yes)
### use option --enable-SDPS to compile in the SDPS support
AC_ARG_ENABLE(SDPS,
- [ --enable-SDPS compile in SDPS protocol support],
+ [AS_HELP_STRING([--enable-SDPS],[compile in SDPS protocol support])],
[with_SDPS=$enableval],
[with_SDPS=no])
if test "$with_SDPS" = yes ; then
@@ -443,7 +449,8 @@ AC_CACHE_SAVE
### use option --enable-opie to compile in the OPIE support
AC_ARG_ENABLE(opie,
- [ --enable-opie support OTP through the OPIE library],
+ [AS_HELP_STRING([--enable-opie],[support one-time passwords
+ (OTP) through the OPIE library])],
[ AC_CHECK_HEADER(opie.h,, [AC_MSG_ERROR([cannot find <opie.h>, which is required for OPIE support.])])
AC_CHECK_LIB(opie,opiegenerator,, [AC_MSG_ERROR([cannot find libopie, which is required for OPIE support.])])
with_opie=$enableval],
@@ -501,10 +508,10 @@ if test "$fm_cv_getaddrinfo" = yes ; then
gai_ts=no
dnl we have getaddrinfo() - check if the OS is known to have a async-signal-safe implementation
case $host_os in
- darwin9*) gai_ts=yes ;;
- linux*) gai_ts=yes ;;
- freebsd5.5|freebsd6*|freebsd7*) gai_ts=yes ;;
- solaris2.8|solaris2.9|solaris2.10) gai_ts=yes ;;
+ darwin*) gai_ts=yes ;;
+ linux*) gai_ts=yes ;;
+ freebsd*) gai_ts=yes ;;
+ solaris*) gai_ts=yes ;;
esac
AC_MSG_RESULT($gai_ts)
if test $gai_ts = yes ; then
@@ -523,14 +530,15 @@ fi
# * Move all the kerberos header mess to kerberos.h, and #include that
# in driver.c and kerberos.c.
#
-# Tested using the Heimdal Kerberos V libs, Kungliga Tekniska Högskolan (the
+# Tested using the Heimdal Kerberos V libs, Kungliga Tekniska Högskolan (the
# Royal Institute of Technology in Stockholm, Sweden)'s kerberos IV libs, and
# the MIT reference implementation of KerberosV (all as packaged in Debian).
### use option --with-kerberos5=DIR to point at a Kerberos 5 directory
### make sure --with-ssl is run before --with-kerberos* !
AC_ARG_WITH(kerberos5,
- [ --with-kerberos5=DIR point fetchmail compilation at a Kerberos 5 directory],
+ [AS_HELP_STRING([--with-kerberos5[[=DIR]]],[point fetchmail
+ compilation at a Kerberos 5 directory])],
[
if test "$with_kerberos5" != "no"
then
@@ -708,7 +716,9 @@ AM_CONDITIONAL(KERBEROS_V4_ENABLE, test "$KERBEROS_V4" = 1)
### use option --with-ssl to compile in the SSL support
AC_ARG_WITH(ssl,
- [ --with-ssl=[DIR] enable SSL support using libraries in DIR],
+ [AS_HELP_STRING([--with-ssl[[={yes|no|DIR}]]],[Use OpenSSL from
+ DIR/include/openssl and
+ DIR/lib (default: yes). Yes means try to find it.])],
[with_ssl=$withval],
[with_ssl=yes])
@@ -755,7 +765,7 @@ then
AC_MSG_NOTICE(Enabling OpenSSL support in $with_ssl.)
test "$with_ssl" != "/usr" && CFLAGS="$CFLAGS -I$with_ssl/include"
### In Red Hat 9, this file includes a reference to <krb5.h>, so we
- ### force the Kerberos direcory onto the include path so it will build.
+ ### force the Kerberos directory onto the include path so it will build.
CFLAGS="$CFLAGS -I/usr/kerberos/include"
### OpenBSD comes with ssl headers
else
@@ -789,13 +799,17 @@ else
fi
case "$LIBS" in *-lssl*)
+ AC_CHECK_DECLS([TLS1_2_VERSION],,
+ AC_MSG_ERROR([Your OpenSSL version is too old and does not support TLS v1.2. Upgrade.]),
+ [#include <openssl/ssl.h>])
AC_CHECK_DECLS([SSLv3_client_method],,,[#include <openssl/ssl.h>])
;;
esac
### use option --with-socks=DIR to point at SOCKS library
AC_ARG_WITH(socks,
- [ --with-socks[=DIR] add built-in SOCKS firewall access],
+ [AS_HELP_STRING([--with-socks[[=DIR]]],[add built-in SOCKS (4)
+ firewall access])],
[
if test "$with_socks" != no
then
@@ -813,7 +827,8 @@ fi])
### use option --with-socks5=DIR to point at SOCKS library
AC_ARG_WITH(socks5,
- [ --with-socks5[=DIR] add built-in SOCKS5 firewall access],
+ [AS_HELP_STRING([--with-socks5[[=DIR]]],[add built-in SOCKS5
+ firewall access])],
[
if test "$with_socks5" != no
then
@@ -836,7 +851,8 @@ AC_ma_SEARCH_PACKAGE(hesiod, hesiod_getmailhost, /usr/athena /usr /usr/local,hes
### use option --with-gssapi=DIR to compile in GSSAPI support
AC_ARG_WITH(gssapi,
- [ --with-gssapi[=DIR] compile in GSSAPI support using libraries in DIR],
+ [AS_HELP_STRING([--with-gssapi[[=DIR]]],[compile in GSSAPI
+ support using libraries in DIR])],
[
if test "$with_gssapi" != "no"
then
diff --git a/cram.c b/cram.c
index 4ac4a31f..969d3d90 100644
--- a/cram.c
+++ b/cram.c
@@ -15,7 +15,7 @@
#include "socket.h"
#include "i18n.h"
-#include "fm_md5.h"
+#include "fm_md5.h"
void hmac_md5 (const unsigned char *password, size_t pass_len,
const unsigned char *challenge, size_t chal_len,
diff --git a/daemon.c b/daemon.c
index 58dee539..53bc4dcb 100644
--- a/daemon.c
+++ b/daemon.c
@@ -238,12 +238,15 @@ nottyDetach:
if (dup(logfd) < 0 /* stdout */
|| ((logfd == 0 || logfd >= 3) && dup(logfd) < 0)) { /* stderr */
- report(stderr, "dup (%s)\n", strerror(errno));
+ report(stderr, "dup(): %s\n", strerror(errno));
return(PS_IOERR);
}
/* move to root directory, so we don't prevent filesystem unmounts */
- chdir("/");
+ if (chdir("/")) {
+ report(stderr, "chdir(\"/\"): %s\n", strerror(errno));
+ return PS_IOERR;
+ }
/* set our umask to something reasonable (we hope) */
#if defined(DEF_UMASK)
diff --git a/dist-tools/makerelease.pl b/dist-tools/makerelease.pl
index 48482376..8bdba4bd 100755
--- a/dist-tools/makerelease.pl
+++ b/dist-tools/makerelease.pl
@@ -63,7 +63,7 @@ my $tmp = $ENV{TMPDIR} || $ENV{TMP} || $ENV{TEMP} || "/tmp";
# extract version from source
my $version =`grep 'AC_INIT' configure.ac`;
-$version =~ /AC_INIT\([^,]*,\[?([0-9.rcbeta-]+)\]?\,.*\)/;
+$version =~ /AC_INIT\([^,]*,\[?([0-9.rcbetalph-]+)\]?\,.*\)/;
$version = $1;
die "cannot determine version" unless defined $1;
my $tag = "RELEASE_$version";
diff --git a/fetchmail-FAQ.html b/fetchmail-FAQ.html
index 0f9c9a96..5b9a1203 100644
--- a/fetchmail-FAQ.html
+++ b/fetchmail-FAQ.html
@@ -17,7 +17,7 @@ a much better one.
<title>The Fetchmail FAQ</title>
<meta name="description"
content="Frequently asked questions about fetchmail."/>
-<meta name="keywords" content="fetchmail, POP, POP2, POP3, IMAP, remote mail"/>
+<meta name="keywords" content="fetchmail, POP3, IMAP, remote mail"/>
</head>
<body>
<table width="100%" cellpadding="0" summary="Canned page footer">
@@ -2071,7 +2071,7 @@ SSL?</a></h2>
<p>You'll need to have the <a
href="https://www.openssl.org/">OpenSSL</a> libraries installed, and they
should at least be version 1.0.2.
-Configure with --with-ssl. If you have the OpenSSL libraries
+Configure with --with-ssl (default since fetchmail v6.4.0). If you have the OpenSSL libraries
installed in commonly-used default locations, this will
suffice. If you have them installed in a non-default location,
you'll need to specify the OpenSSL installation directory as an argument
diff --git a/fetchmail.c b/fetchmail.c
index 80993ccb..5e570154 100644
--- a/fetchmail.c
+++ b/fetchmail.c
@@ -964,7 +964,7 @@ static void optmerge(struct query *h2, struct query *h1, int force)
list_merge(&h2->domainlist, &h1->domainlist, force);
list_merge(&h2->antispam, &h1->antispam, force);
-#define FLAG_MERGE(fld) if (force ? !!h1->fld : !h2->fld) h2->fld = h1->fld
+#define FLAG_MERGE(fld) do { if (force ? !!h1->fld : !h2->fld) h2->fld = h1->fld; } while (0)
FLAG_MERGE(server.via);
FLAG_MERGE(server.protocol);
FLAG_MERGE(server.service);
@@ -1575,6 +1575,7 @@ static int query_host(struct query *ctl)
default:
report(stderr, GT_("unsupported protocol selected.\n"));
st = PS_PROTOCOL;
+ break;
}
/*
diff --git a/fetchmail.h b/fetchmail.h
index 327552d8..dae4f8a1 100644
--- a/fetchmail.h
+++ b/fetchmail.h
@@ -38,8 +38,8 @@ struct addrinfo;
# include "trio/trio.h"
#endif
-#include "uid_db.h"
#include "fm_strl.h"
+#include "uid_db.h"
/* constants designating the various supported protocols */
#define P_AUTO 1
@@ -114,7 +114,7 @@ struct addrinfo;
#define MSGBUFSIZE 8192
#define NAMELEN 64 /* max username length */
-#define PASSWORDLEN 64 /* max password length */
+#define PASSWORDLEN 256 /* max password length */
#define DIGESTLEN 33 /* length of MD5 digest */
/* exit code values */
diff --git a/getopt.c b/getopt.c
index 04524325..c2062b57 100644
--- a/getopt.c
+++ b/getopt.c
@@ -244,7 +244,7 @@ exchange (argv)
{
/* Bottom segment is the short one. */
int len = middle - bottom;
- register int i;
+ int i;
/* Swap it with the top part of the top segment. */
for (i = 0; i < len; i++)
@@ -260,7 +260,7 @@ exchange (argv)
{
/* Top segment is the short one. */
int len = top - middle;
- register int i;
+ int i;
/* Swap it with the bottom part of the bottom segment. */
for (i = 0; i < len; i++)
diff --git a/gssapi.c b/gssapi.c
index 818b599b..5bef92e1 100644
--- a/gssapi.c
+++ b/gssapi.c
@@ -5,13 +5,14 @@
*/
#include "config.h"
+#include "fetchmail.h"
+
#include <stdio.h>
#include <string.h>
#include <ctype.h>
#if defined(STDC_HEADERS)
#include <stdlib.h>
#endif
-#include "fetchmail.h"
#include "socket.h"
#include "i18n.h"
diff --git a/idle.c b/idle.c
index 4ea21a3c..eb034b20 100644
--- a/idle.c
+++ b/idle.c
@@ -16,12 +16,12 @@ is part of fetchmail and the Unix Cookbook, and are released under the
MIT license. Compile with -DMAIN to build the demonstrator.
******************************************************************************/
+#include "fetchmail.h"
#include <stdio.h>
#include <stdlib.h>
#include <unistd.h>
#include <signal.h>
#include <errno.h>
-#include <fetchmail.h> /* for ROOT_UID */
#ifndef TRUE
#define TRUE 1
diff --git a/idlist.c b/idlist.c
index d886de6b..379073fd 100644
--- a/idlist.c
+++ b/idlist.c
@@ -5,6 +5,7 @@
*/
#include "config.h"
+#include "fetchmail.h"
#include <sys/stat.h>
#include <errno.h>
@@ -18,7 +19,6 @@
#include <unistd.h>
#endif
-#include "fetchmail.h"
/** Save string \a str to idlist \a idl with status \a status.
* \return Pointer to the last element of the list to help the quick,
@@ -82,21 +82,6 @@ void save_str_pair(struct idlist **idl, const char *str1, const char *str2)
(*end)->next = (struct idlist *)NULL;
}
-#ifdef __UNUSED__
-void free_str_pair_list(struct idlist **idl)
-/* free the given ID pair list */
-{
- if (*idl == (struct idlist *)NULL)
- return;
-
- free_idpair_list(&(*idl)->next);
- free ((*idl)->id);
- free ((*idl)->val.id2);
- free(*idl);
- *idl = (struct idlist *)NULL;
-}
-#endif
-
/** Check if ID \a str is in idlist \a idl. \return idlist entry if found,
* NULL if not found. */
struct idlist *str_in_list(struct idlist **idl, const char *str,
diff --git a/imap.c b/imap.c
index 8163ddaa..90c3f92c 100644
--- a/imap.c
+++ b/imap.c
@@ -6,6 +6,8 @@
*/
#include "config.h"
+#include "fetchmail.h"
+
#include <stdio.h>
#include <string.h>
#include <strings.h>
@@ -15,7 +17,6 @@
#include <limits.h>
#include <errno.h>
#endif
-#include "fetchmail.h"
#include "socket.h"
#include "i18n.h"
@@ -627,15 +628,6 @@ static int imap_getauth(int sock, struct query *ctl, char *greeting)
}
#endif /* NTLM_ENABLE */
-#ifdef __UNUSED__ /* The Cyrus IMAP4rev1 server chokes on this */
- /* this handles either AUTH=LOGIN or AUTH-LOGIN */
- if ((imap_version >= IMAP4rev1) && (!strstr(capabilities, "LOGIN")))
- {
- report(stderr,
- GT_("Required LOGIN capability not supported by server\n"));
- }
-#endif /* __UNUSED__ */
-
/*
* We're stuck with sending the password en clair.
* The reason for this odd-looking logic is that some
diff --git a/lock.c b/lock.c
index 213969f1..53846c83 100644
--- a/lock.c
+++ b/lock.c
@@ -4,6 +4,7 @@
* For license terms, see the file COPYING in this directory.
*/
#include "config.h"
+#include "fetchmail.h"
#include <stdio.h>
#ifdef HAVE_STRING_H
@@ -19,7 +20,6 @@
#include <fcntl.h>
#include <signal.h>
-#include "fetchmail.h"
#include "i18n.h"
#include "lock.h"
diff --git a/netrc.c b/netrc.c
index a585e1a0..661da361 100644
--- a/netrc.c
+++ b/netrc.c
@@ -11,13 +11,13 @@
*/
#include "config.h"
+#include "fetchmail.h"
#include <stdio.h>
#include <ctype.h>
#include <stdlib.h>
#include <string.h>
-#include "fetchmail.h"
#include "netrc.h"
#include "i18n.h"
diff --git a/opie.c b/opie.c
index c186908f..367932bc 100644
--- a/opie.c
+++ b/opie.c
@@ -5,13 +5,14 @@
*/
#include "config.h"
+#include "fetchmail.h"
+
#include <stdio.h>
#include <string.h>
#include <ctype.h>
#if defined(STDC_HEADERS)
#include <stdlib.h>
#endif
-#include "fetchmail.h"
#include "socket.h"
#include "i18n.h"
@@ -43,7 +44,7 @@ int do_otp(int sock, const char *command, struct query *ctl)
return PS_AUTHFAIL;
}
- to64frombits(buffer, ctl->remotename, strlen(ctl->remotename), sizeof buffer);
+ to64frombits(buffer, ctl->remotename, strlen(ctl->remotename), sizeof(buffer));
suppress_tags = TRUE;
gen_send(sock, "%s", buffer);
suppress_tags = FALSE;
@@ -70,7 +71,7 @@ int do_otp(int sock, const char *command, struct query *ctl)
if (rval)
return(PS_AUTHFAIL);
- to64frombits(buffer, response, strlen(response), sizeof buffer);
+ to64frombits(buffer, response, strlen(response), sizeof(buffer));
suppress_tags = TRUE;
gen_send(sock, "%s", buffer);
suppress_tags = FALSE;
diff --git a/options.c b/options.c
index b8561f8d..90eeaaff 100644
--- a/options.c
+++ b/options.c
@@ -6,6 +6,7 @@
*/
#include "config.h"
+#include "fetchmail.h"
#include <stdio.h>
#include <pwd.h>
diff --git a/pop3.c b/pop3.c
index 907a5879..c2238b72 100644
--- a/pop3.c
+++ b/pop3.c
@@ -6,6 +6,7 @@
*/
#include "config.h"
+
#ifdef POP3_ENABLE
#include <stdio.h>
#include <string.h>
@@ -708,22 +709,6 @@ static int pop3_getauth(int sock, struct query *ctl, char *greeting)
return(ok);
}
-/* Disable the sleep. Based on patch by Brian Candler 2004-04-19/2004-11-08,
- * accepted by Matthias Andree.
- *
- * Rationale: the server must have locked the spool before returning +OK;
- * this sleep just wastes time and hence, for modem and GSM CSD users, money. */
-#ifdef WANT_BOGUS
- /*
- * Empirical experience shows some server/OS combinations
- * may need a brief pause even after any lockfiles on the
- * server are released, to give the server time to finish
- * copying back very large mailfolders from the temp-file...
- * this is only ever an issue with extremely large mailboxes.
- */
- sleep(3); /* to be _really_ safe, probably need sleep(5)! */
-#endif
-
/* we're approved */
return(PS_SUCCESS);
}
@@ -1231,29 +1216,6 @@ static int pop3_is_old(int sock, struct query *ctl, int num)
}
}
-#ifdef UNUSED
-/*
- * We could use this to fetch headers only as we do for IMAP. The trouble
- * is that there's no way to fetch the body only. So the following RETR
- * would have to re-fetch the header. Enough messages have longer headers
- * than bodies to make this a net loss.
- */
-static int pop_fetch_headers(int sock, struct query *ctl,int number,int *lenp)
-/* request headers of nth message */
-{
- int ok;
- char buf[POPBUFSIZE+1];
-
- gen_send(sock, "TOP %d 0", number);
- if ((ok = pop3_ok(sock, buf)) != 0)
- return(ok);
-
- *lenp = -1; /* we got sizes from the LIST response */
-
- return(PS_SUCCESS);
-}
-#endif /* UNUSED */
-
static int pop3_fetch(int sock, struct query *ctl, int number, int *lenp)
/* request nth message */
{
@@ -1389,24 +1351,6 @@ static int pop3_logout(int sock, struct query *ctl)
{
int ok;
-#ifdef __UNUSED__
- /*
- * We used to do this in case the server marks messages deleted when seen.
- * (Yes, this has been reported, in the MercuryP/NLM server.
- * It's even legal under RFC 1939 (section 8) as a site policy.)
- * It interacted badly with UIDL, though. Thomas Zajic wrote:
- * "Running 'fetchmail -F -v' and checking the logs, I found out
- * that fetchmail did in fact flush my mailbox properly, but sent
- * a RSET just before sending QUIT to log off. This caused the
- * POP3 server to undo/forget about the previous DELEs, resetting
- * my mailbox to its original (ie. unflushed) state. The
- * ~/.fetchids file did get flushed though, so the next time
- * fetchmail was run it saw all the old messages as new ones ..."
- */
- if (ctl->keep)
- gen_transact(sock, "RSET");
-#endif /* __UNUSED__ */
-
ok = gen_transact(sock, "QUIT");
if (!ok)
expunge_uids(ctl);
diff --git a/rcfile_l.l b/rcfile_l.l
index 9590a2ff..a7052df9 100644
--- a/rcfile_l.l
+++ b/rcfile_l.l
@@ -36,8 +36,6 @@ int yywrap(void) { return 1; }
%s NAME AUTH
-
-
%%
\"[^\"]*\" |
diff --git a/rcfile_y.y b/rcfile_y.y
index 70615661..774f7155 100644
--- a/rcfile_y.y
+++ b/rcfile_y.y
@@ -6,6 +6,7 @@
*/
#include "config.h"
+#include "fetchmail.h"
#include <stdio.h>
#include <sys/types.h>
#include <sys/file.h>
@@ -462,6 +463,8 @@ int prc_parse_file (const char *pathname, const flag securecheck)
prc_errflag = 0;
querylist = hosttail = (struct query *)NULL;
+ (void)yytoknum; /* work around compiler warning */
+
errno = 0;
/* Check that the file is secure */
diff --git a/rfc822.c b/rfc822.c
index 15b88f05..e56ced16 100644
--- a/rfc822.c
+++ b/rfc822.c
@@ -21,6 +21,7 @@ MIT license. Compile with -DMAIN to build the demonstrator.
******************************************************************************/
#include "config.h"
+#include "fetchmail.h"
#include <stdio.h>
#include <ctype.h>
@@ -28,7 +29,6 @@ MIT license. Compile with -DMAIN to build the demonstrator.
#include <strings.h>
#include <stdlib.h>
-#include "fetchmail.h"
#include "sdump.h"
#ifndef MAIN
diff --git a/rpa.c b/rpa.c
index c365f0de..e5fe326f 100644
--- a/rpa.c
+++ b/rpa.c
@@ -16,6 +16,7 @@
#include "config.h"
#if defined(POP3_ENABLE) && defined(RPA_ENABLE)
+#include "fetchmail.h"
#include <stdio.h>
#include <stdlib.h>
#include <unistd.h>
@@ -24,7 +25,6 @@
#include <sys/types.h>
#include "socket.h"
-#include "fetchmail.h"
#include "fm_md5.h"
#include "i18n.h"
diff --git a/sink.c b/sink.c
index 164c36d8..85680dbe 100644
--- a/sink.c
+++ b/sink.c
@@ -11,6 +11,8 @@
*/
#include "config.h"
+#include "fetchmail.h"
+
#include <stdio.h>
#include <errno.h>
#include <string.h>
@@ -32,8 +34,6 @@
#include <ctype.h>
#include <langinfo.h>
-#include "fetchmail.h"
-
/* for W* macros after pclose() */
#define _USE_BSD
#include <sys/types.h>
@@ -445,18 +445,6 @@ static int handle_smtp_report(struct query *ctl, struct msgblk *msg)
responses[0] = xstrdup(smtp_response);
-#ifdef __UNUSED__
- /*
- * Don't do this! It can really mess you up if, for example, you're
- * reporting an error with a single RCPT TO address among several;
- * RSET discards the message body and it doesn't get sent to the
- * valid recipients.
- */
- smtp_rset(ctl); /* stay on the safe side */
- if (outlevel >= O_DEBUG)
- report(stdout, GT_("Saved error is still %d\n"), smtperr);
-#endif /* __UNUSED */
-
/*
* Note: send_bouncemail message strings are not made subject
* to gettext translation because (a) they're going to be
@@ -533,12 +521,6 @@ static int handle_smtp_report(struct query *ctl, struct msgblk *msg)
* (b) we wouldn't want spammers to get confirmation that
* this address is live, anyway.
*/
-#ifdef __DONT_FEED_THE_SPAMMERS__
- if (run.bouncemail)
- send_bouncemail(ctl, msg, XMIT_ACCEPT,
- "Invalid address in MAIL FROM (SMTP error 553).\r\n",
- 1, responses);
-#endif /* __DONT_FEED_THE_SPAMMERS__ */
free(responses[0]);
return(PS_REFUSED);
@@ -617,10 +599,6 @@ static int handle_smtp_report_without_bounce(struct query *ctl, struct msgblk *m
return(PS_REFUSED);
case 553: /* invalid sending domain */
-#ifdef __DONT_FEED_THE_SPAMMERS__
- if (run.bouncemail)
- return(PS_SUCCESS);
-#endif /* __DONT_FEED_THE_SPAMMERS__ */
return(PS_REFUSED);
default:
@@ -1185,6 +1163,16 @@ static int open_mda_sink(struct query *ctl, struct msgblk *msg,
for (dp = after, sp = before; (*dp = *sp); dp++, sp++) {
if (sp[0] != '%') continue;
+ if (sp > before && sp[-1] == '\'') {
+ report(stderr, GT_("MDA option contains single-quoted %%%c expansion.\n"), sp[1]);
+ report(stderr, GT_("Refusing to deliver. Check the manual and fix your mda option.\n"));
+ free(before);
+ free(after);
+ if (from) free(from);
+ if (names) free(names);
+ return PS_SYNTAX;
+ }
+
/* need to expand? BTW, no here overflow, because in
** the worst case (end of string) sp[1] == '\0' */
if (sp[1] == 's' || sp[1] == 'T') {
diff --git a/smbencrypt.c b/smbencrypt.c
index ad14707f..21d7bff0 100644
--- a/smbencrypt.c
+++ b/smbencrypt.c
@@ -65,12 +65,6 @@ static size_t skip_multibyte_char(char c)
return 0;
}
-
-/*******************************************************************
-safe string copy into a known length string. maxlength does not
-include the terminating zero.
-********************************************************************/
-
static void strupper(char *s)
{
while (*s)
@@ -201,43 +195,3 @@ void SMBNTencrypt(uchar *passwd, uchar *c8, uchar *p24)
dump_data(100, (char *)p24, 24);
#endif
}
-
-#if 0
-
-BOOL make_oem_passwd_hash(char data[516], const char *passwd, uchar old_pw_hash[16], BOOL unicode)
-{
- int new_pw_len = strlen(passwd) * (unicode ? 2 : 1);
-
- if (new_pw_len > 512)
- {
- DEBUG(0,("make_oem_passwd_hash: new password is too long.\n"));
- return False;
- }
-
- /*
- * Now setup the data area.
- * We need to generate a random fill
- * for this area to make it harder to
- * decrypt. JRA.
- */
- generate_random_buffer((unsigned char *)data, 516, False);
- if (unicode)
- {
- struni2( &data[512 - new_pw_len], passwd);
- }
- else
- {
- fstrcpy( &data[512 - new_pw_len], passwd);
- }
- SIVAL(data, 512, new_pw_len);
-
-#ifdef DEBUG_PASSWORD
- DEBUG(100,("make_oem_passwd_hash\n"));
- dump_data(100, data, 516);
-#endif
- SamOEMhash( (unsigned char *)data, (unsigned char *)old_pw_hash, True);
-
- return True;
-}
-
-#endif
diff --git a/smbutil.c b/smbutil.c
index d1d127fc..66f5d565 100644
--- a/smbutil.c
+++ b/smbutil.c
@@ -1,3 +1,4 @@
+#include "fetchmail.h"
#include <unistd.h>
#include <stdlib.h>
#include <stdio.h>
@@ -7,7 +8,6 @@
#include "ntlm.h"
#include "smbencrypt.h"
#include "smbbyteorder.h"
-#include "fetchmail.h"
char versionString[] ="libntlm version 0.21";
diff --git a/socket.c b/socket.c
index cb93b60e..a0d5aadc 100644
--- a/socket.c
+++ b/socket.c
@@ -9,6 +9,8 @@
*/
#include "config.h"
+#include "fetchmail.h"
+
#include <stdio.h>
#include <errno.h>
#include <string.h>
@@ -48,7 +50,6 @@
#endif
#include "socket.h"
-#include "fetchmail.h"
#include "getaddrinfo.h"
#include "i18n.h"
#include "sdump.h"
@@ -226,7 +227,7 @@ int UnixOpen(const char *path)
return -1;
}
- /* Socket opened saved. Usefull if connect timeout
+ /* Socket opened saved. Useful if connect timeout
* because it can be closed.
*/
mailserver_socket_temp = sock;
@@ -374,6 +375,10 @@ va_dcl {
}
#ifdef SSL_ENABLE
+/* OPENSSL_NO_SSL_INTERN:
+ transitional feature for OpenSSL 1.0.1 up to and excluding 1.1.0
+ to make sure we do not access internal structures! */
+#define OPENSSL_NO_SSL_INTERN 1
#define OPENSSL_NO_DEPRECATED 23
#include <openssl/ssl.h>
#include <openssl/err.h>
@@ -616,7 +621,7 @@ SSL *SSLGetContext( int sock )
/* ok_return (preverify_ok) is 1 if this stage of certificate verification
passed, or 0 if it failed. This callback lets us display informative
errors, and perform additional validation (e.g. CN matches) */
-static int SSL_verify_callback( int ok_return, X509_STORE_CTX *ctx, int strict )
+static int SSL_verify_callback(int ok_return, X509_STORE_CTX *ctx, int strict)
{
#define SSLverbose (((outlevel) >= O_DEBUG) || ((outlevel) >= O_VERBOSE && (depth) == 0))
char buf[257];
@@ -847,7 +852,7 @@ static int SSL_verify_callback( int ok_return, X509_STORE_CTX *ctx, int strict )
_verify_ok &= ok_return;
if (!strict)
ok_return = 1;
- return (ok_return);
+ return ok_return;
}
static int SSL_nock_verify_callback( int ok_return, X509_STORE_CTX *ctx )
@@ -1108,6 +1113,7 @@ int SSLOpen(int sock, char *mycert, char *mykey, const char *myproto, int certck
available protocol, subject to SSL_OP_NO* constraints. */
_ctx[sock] = SSL_CTX_new(SSLv23_client_method());
}
+
if(_ctx[sock] == NULL) {
unsigned long ec = ERR_peek_last_error();
ERR_print_errors_fp(stderr);
diff --git a/socket.h b/socket.h
index 0c4ac001..d2a5ef1d 100644
--- a/socket.h
+++ b/socket.h
@@ -20,7 +20,6 @@ struct addrinfo;
/** Create a new client socket; returns -1 on error */
int SockOpen(const char *host, const char *service, const char *plugin, struct addrinfo **);
-
/**
Get a string terminated by an '\n' (matches interface of fgets).
Pass it a valid socket, a buffer for the string, and
diff --git a/strlcat.c b/strlcat.c
index 22428d68..0af16670 100644
--- a/strlcat.c
+++ b/strlcat.c
@@ -17,6 +17,9 @@
* CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
+#include "config.h"
+#include "fetchmail.h"
+
#include <sys/types.h>
#include <assert.h>
#include <string.h>
diff --git a/strlcpy.c b/strlcpy.c
index 5963dfe3..c9f0ef2b 100644
--- a/strlcpy.c
+++ b/strlcpy.c
@@ -17,6 +17,9 @@
* CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
+#include "config.h"
+#include "fetchmail.h"
+
#include <sys/types.h>
#include <assert.h>
#include <string.h>
diff --git a/transact.c b/transact.c
index f73dd0da..c3d8a35d 100644
--- a/transact.c
+++ b/transact.c
@@ -6,6 +6,7 @@
*/
#include "config.h"
+#include "fetchmail.h"
#include <stdio.h>
#include <string.h>
#include <ctype.h>
@@ -35,7 +36,6 @@
#include "i18n.h"
#include "socket.h"
-#include "fetchmail.h"
/** Macro to clamp the argument so it is >= INT_MIN. */
#define _FIX_INT_MIN(x) ((x) < INT_MIN ? INT_MIN : (x))
@@ -888,24 +888,6 @@ eoh:
else if (!strncasecmp("Resent-Sender:", line, 14) && (strchr(line, '@') || strchr(line, '!')))
resent_sender_offs = (line - msgblk.headers);
-#ifdef __UNUSED__
- else if (!strncasecmp("Message-Id:", line, 11))
- {
- if (ctl->server.uidl)
- {
- char id[IDLEN+1];
-
- line[IDLEN+12] = 0; /* prevent stack overflow */
- sscanf(line+12, "%s", id);
- if (!str_find( &ctl->newsaved, num))
- {
- struct idlist *newl = save_str(&ctl->newsaved,id,UID_SEEN);
- newl->val.status.num = num;
- }
- }
- }
-#endif /* __UNUSED__ */
-
/* if multidrop is on, gather addressee headers */
if (MULTIDROP(ctl))
{
diff --git a/ucs/norm_charmap.c b/ucs/norm_charmap.c
index dedad326..07c5d2a9 100644
--- a/ucs/norm_charmap.c
+++ b/ucs/norm_charmap.c
@@ -26,6 +26,7 @@
#include "config.h" /* import AC_C_CONST effects */
#include "norm_charmap.h"
+#include "fetchmail.h"
#include <string.h>
diff --git a/uid.c b/uid.c
index 2db06733..8583a49a 100644
--- a/uid.c
+++ b/uid.c
@@ -23,10 +23,9 @@
#include "sdump.h"
/*
- * Machinery for handling UID lists live here. This is mainly to support
- * RFC1725/RFC1939-conformant POP3 servers without a LAST command, but may also
- * be useful for making the IMAP4 querying logic UID-oriented, if a future
- * revision of IMAP forces me to.
+ * Machinery for handling UID lists live here. This is currently used
+ * by POP3, but may also be useful for making the IMAP4 querying logic
+ * UID-oriented.
*
* These functions are also used by the rest of the code to maintain
* string lists.
@@ -121,6 +120,7 @@ static int dump_saved_uid(struct uid_db_record *rec, void *unused)
return 0;
}
+/** Read saved IDs from \a idfile and attach to each host in \a hostlist. */
void initialize_saved_lists(struct query *hostlist, const char *idfile)
{
struct stat statbuf;
@@ -347,7 +347,7 @@ static void dump_uid_db(struct uid_db *db)
traverse_uid_db(db, dump_uid_db_record, &n_recs);
}
-/* finish a query */
+/** Finish a successful query */
void uid_swap_lists(struct query *ctl)
{
/* debugging code */
@@ -390,7 +390,7 @@ void uid_swap_lists(struct query *ctl)
report(stdout, GT_("not swapping UID lists, no UIDs seen this query\n"));
}
-/* finish a query which had errors */
+/** Finish a query which had errors */
void uid_discard_new_list(struct query *ctl)
{
/* debugging code */
@@ -446,6 +446,7 @@ static int write_uid_db_record(struct uid_db_record *rec, void *arg)
return rc < 0 ? -1 : 0;
}
+/** Write new list of UIDs (state) to \a idfile. */
void write_saved_lists(struct query *hostlist, const char *idfile)
{
long idcount;
@@ -504,7 +505,7 @@ void write_saved_lists(struct query *hostlist, const char *idfile)
bailout:
(void)fflush(tmpfp); /* return code ignored, we check ferror instead */
errflg |= ferror(tmpfp);
- fclose(tmpfp);
+ errflg |= fclose(tmpfp);
/* if we could write successfully, move into place;
* otherwise, drop */
if (errflg) {
diff --git a/unmime.c b/unmime.c
index 5f743e36..d3f779bc 100644
--- a/unmime.c
+++ b/unmime.c
@@ -13,12 +13,12 @@
* For license terms, see the file COPYING in this directory.
*/
+#include "fetchmail.h"
#include "config.h"
#include <string.h>
#include <stdlib.h>
#include <stdio.h>
#include <ctype.h>
-#include "fetchmail.h"
#include "i18n.h"
static unsigned char unhex(unsigned char c)