From 3a501db74967d4c31aa749e1baec8aa7bdef96e4 Mon Sep 17 00:00:00 2001 From: "Eric S. Raymond" Date: Wed, 14 Mar 2001 00:09:16 +0000 Subject: Shrouding is now done over a narrower scope. svn path=/trunk/; revision=3252 --- NEWS | 1 + driver.c | 17 ++--------------- etrn.c | 1 - fetchmail.h | 3 +-- imap.c | 3 ++- odmr.c | 1 - pop2.c | 9 ++++++--- pop3.c | 1 - 8 files changed, 12 insertions(+), 24 deletions(-) diff --git a/NEWS b/NEWS index 521903ad..0d525f19 100644 --- a/NEWS +++ b/NEWS @@ -3,6 +3,7 @@ (The `lines' figures total .c, .h, .l, and .y files under version control.) * Nalin Dahyabhai's patch to make IPv6 build on older systems. +* Restrict shrouding to just the password send so it won't leak info. fetchmail-5.7.4 (Mon Mar 12 00:02:23 EST 2001), 20323 lines: diff --git a/driver.c b/driver.c index 9d247761..12440224 100644 --- a/driver.c +++ b/driver.c @@ -88,6 +88,7 @@ int stage; /* where are we? */ int phase; /* where are we, for error-logging purposes? */ int mytimeout; /* value of nonreponse timeout */ int suppress_tags; /* emit tags? */ +char shroud[PASSWORDLEN]; /* string to shroud in debug output */ static const struct method *protocol; static jmp_buf restart; @@ -96,7 +97,6 @@ char tag[TAGLEN]; static int tagnum; #define GENSYM (sprintf(tag, "A%04d", ++tagnum % TAGMOD), tag) -static char shroud[PASSWORDLEN]; /* string to shroud in debug output */ static int timeoutcount; /* count consecutive timeouts */ static int msglen; /* actual message length */ @@ -1808,21 +1808,8 @@ const int maxfetch; /* maximum number of messages to fetch */ stage = STAGE_GETAUTH; if (protocol->getauth) { - /* - * We want to restrict shrouding as much as possible -- it - * might actually leak information by splatting out revealing - * pieces of a message. - */ - if (ctl->server.authenticate == A_PASSWORD) - if (protocol->password_canonify) - (protocol->password_canonify)(shroud, ctl->password, PASSWORDLEN); - else - strcpy(shroud, ctl->password); - ok = (protocol->getauth)(mailserver_socket, ctl, buf); - shroud[0] = '\0'; - if (ok != 0) { if (ok == PS_LOCKBUSY) @@ -2481,7 +2468,7 @@ is restored.")); } closeUp: - /* execute post-initialization command, if any */ + /* execute wrapup command, if any */ if (ctl->postconnect && (ok = system(ctl->postconnect))) { report(stderr, _("post-connection command failed with status %d\n"), ok); diff --git a/etrn.c b/etrn.c index 5b6a56bf..76c12121 100644 --- a/etrn.c +++ b/etrn.c @@ -130,7 +130,6 @@ const static struct method etrn = FALSE, /* this is not a tagged protocol */ FALSE, /* this does not use a message delimiter */ etrn_ok, /* parse command response */ - NULL, /* no password canonicalization */ NULL, /* no need to get authentication */ etrn_getrange, /* initialize message sending */ NULL, /* we cannot get a list of sizes */ diff --git a/fetchmail.h b/fetchmail.h index e5d576a0..9f530031 100644 --- a/fetchmail.h +++ b/fetchmail.h @@ -173,8 +173,6 @@ struct method /* describe methods for protocol state machine */ flag delimited; /* if true, accept "." message delimiter */ int (*parse_response)(int, char *); /* response_parsing function */ - int (*password_canonify)(char *, char *, int); - /* canonicalize password */ int (*getauth)(int, struct query *, char *); /* authorization fetcher */ int (*getrange)(int, struct query *, const char *, int *, int *, int *); @@ -381,6 +379,7 @@ extern flag configdump; /* dump control blocks as Python dictionary */ extern const char *fetchmailhost; /* either "localhost" or an FQDN */ extern int suppress_tags; /* suppress tags in tagged protocols? */ +extern char shroud[PASSWORDLEN]; /* string to shroud in debug output */ #ifdef SDPS_ENABLE extern char *sdps_envfrom; extern char *sdps_envto; diff --git a/imap.c b/imap.c index d92dad03..be2fcd5b 100644 --- a/imap.c +++ b/imap.c @@ -375,7 +375,9 @@ static int imap_getauth(int sock, struct query *ctl, char *greeting) imap_canonicalize(remotename, ctl->remotename, NAMELEN); imap_canonicalize(password, ctl->password, PASSWORDLEN); + imap_canonicalize(shroud, ctl->password, PASSWORDLEN); ok = gen_transact(sock, "LOGIN \"%s\" \"%s\"", remotename, password); + shroud[0] = '\0'; } if (ok) @@ -827,7 +829,6 @@ const static struct method imap = TRUE, /* this is a tagged protocol */ FALSE, /* no message delimiter */ imap_ok, /* parse command response */ - imap_canonicalize, /* deal with embedded slashes and spaces */ imap_getauth, /* get authorization */ imap_getrange, /* query range of messages */ imap_getsizes, /* get sizes of messages (used for ESMTP SIZE option) */ diff --git a/odmr.c b/odmr.c index 4c3d2322..c712ccb8 100644 --- a/odmr.c +++ b/odmr.c @@ -190,7 +190,6 @@ const static struct method odmr = FALSE, /* this is not a tagged protocol */ FALSE, /* this does not use a message delimiter */ odmr_ok, /* parse command response */ - NULL, /* no password canonicalization */ NULL, /* no need to get authentication */ odmr_getrange, /* initialize message sending */ NULL, /* we cannot get a list of sizes */ diff --git a/pop2.c b/pop2.c index 1d2f74a5..40bdc975 100644 --- a/pop2.c +++ b/pop2.c @@ -54,9 +54,13 @@ static int pop2_ok (int sock, char *argbuf) static int pop2_getauth(int sock, struct query *ctl, char *buf) /* apply for connection authorization */ { - return(gen_transact(sock, + int status; + + strcpy(shroud, ctl->password) + status = gen_transact(sock, "HELO %s %s", - ctl->remotename, ctl->password)); + ctl->remotename, ctl->password); + shroud[0] = '\0'; } static int pop2_getrange(int sock, struct query *ctl, const char *folder, @@ -134,7 +138,6 @@ const static struct method pop2 = FALSE, /* this is not a tagged protocol */ FALSE, /* does not use message delimiter */ pop2_ok, /* parse command response */ - NULL, /* no password canonicalization */ pop2_getauth, /* get authorization */ pop2_getrange, /* query range of messages */ NULL, /* no way to get sizes */ diff --git a/pop3.c b/pop3.c index c97c8c7c..12701e84 100644 --- a/pop3.c +++ b/pop3.c @@ -729,7 +729,6 @@ const static struct method pop3 = FALSE, /* this is not a tagged protocol */ TRUE, /* this uses a message delimiter */ pop3_ok, /* parse command response */ - NULL, /* no password canonicalization */ pop3_getauth, /* get authorization */ pop3_getrange, /* query range of messages */ pop3_getsizes, /* we can get a list of sizes */ -- cgit v1.2.3