From 54428f7c1355129d7a9c3d592c4731a27b3baa93 Mon Sep 17 00:00:00 2001
From: "Eric S. Raymond" <esr@thyrsus.com>
Date: Tue, 3 Aug 1999 08:20:31 +0000
Subject: RPA support works.

svn path=/trunk/; revision=2538
---
 NEWS          |  8 ++++++++
 fetchmail.man | 12 ++++--------
 fetchmailconf |  8 --------
 pop3.c        | 58 +++++++++++++++++++++++++---------------------------------
 4 files changed, 37 insertions(+), 49 deletions(-)

diff --git a/NEWS b/NEWS
index 697b87dc..e8d38147 100644
--- a/NEWS
+++ b/NEWS
@@ -6,8 +6,16 @@
 
 * --all option that forces poll of skipped entries?
 
+* Support for `folder' keywird in fetchmailconf (Debian bug #35925).
+
 				Release Notes:
 
+fetchmail-5.0.7 ():
+* RPA support works again.
+* Added debian_rc startup/shutdown script to contrib/.
+
+There are 263 people on fetchmail-friends and 421 on fetchmail-announce.
+
 fetchmail-5.0.6 (Mon Aug  2 14:04:23 EDT 1999):
 * Czech internationalization support (thanks to Jiri Pavlovsky).
 * Russion internationalization support (but I couldn't read the contributor
diff --git a/fetchmail.man b/fetchmail.man
index 8624b502..abf9c2d1 100644
--- a/fetchmail.man
+++ b/fetchmail.man
@@ -180,8 +180,6 @@ Use POP3 with MD5 authentication.
 Use POP3 with RPOP authentication.
 .IP KPOP
 Use POP3 with Kerberos V4 authentication on port 1109.
-.IP RPA
-Tries CompuServe's Remote Password Authentication.
 .IP SDPS
 Use POP3 with Demon Internet's SDPS extensions.
 .IP IMAP
@@ -647,9 +645,10 @@ challenge conforming to RFC1938, \fIfetchmail\fR will use your
 password as a pass phrase to generate the required response. This
 avoids sending secrets over the net unencrypted.
 .PP
-Compuserve's RPA authentication (similar to APOP) is supported.  If
-you specify it, \fIfetchmail\fR will try to perform an RPA pass-phrase
-authentication instead of sending over the password en clair.
+Compuserve's RPA authentication (similar to APOP) is supported. If you
+compile in the support, \fIfetchmail\fR will try to perform an RPA pass-phrase
+authentication instead of sending over the password en clair if it
+detects "@compuserve.com" in the hostname.
 .PP
 If you are using IPsec, the -T (--netsec) option can be used to pass
 an IP security request to be used when outgoing IP connections are
@@ -1823,9 +1822,6 @@ MDA.  For maximum safety, however, don't use an mda command containing
 Fetchmail's method of sending bouncemail requires that port 25 of localhost
 be available for sending mail via SMTP.
 .PP
-Due to an incompatible change in CompuServe's RPA on July 31 1999, 
-the RPA support is currently broken.
-.PP
 Send comments, bug reports, gripes, and the like to the
 fetchmail-friends list <fetchmail-friends@ccil.org>.  An HTML FAQ is
 available at the fetchmail home page; surf to
diff --git a/fetchmailconf b/fetchmailconf
index 25b88e8f..76a14040 100755
--- a/fetchmailconf
+++ b/fetchmailconf
@@ -1168,14 +1168,6 @@ It looks like you could use APOP on this server and avoid sending it your
 password in clear.  You should talk to the mailserver administrator about
 this.
 
-"""
-            if string.find(greetline, "csi.com") > 0:
-                warnings = warnings + """
-It appears you're talking to CompuServe.  You can use their special RPA
-service for authentication, but only if your fetchmail -V output's first
-line contains the string "RPA".  This is not included in stock fetchmail
-binaries; to compile it in, rebuild from sources with the configure
-option --enable-RPA.
 """
             if string.find(greetline, "IMAP2bis") > 0:
                 warnings = warnings + """
diff --git a/pop3.c b/pop3.c
index d85d314d..d3ab0dc0 100644
--- a/pop3.c
+++ b/pop3.c
@@ -140,41 +140,33 @@ int pop3_getauth(int sock, struct query *ctl, char *greeting)
 
     switch (ctl->server.protocol) {
     case P_POP3:
-	 ok = gen_transact(sock, "USER %s", ctl->remotename);
-
 #ifdef RPA_ENABLE
-	 /*
-	  * CompuServe has changed its RPA behavior.  Used to be they didn't
-	  * accept PASS, but I'm told this changed in mid-November 1997.
-	  */
-	 if (strstr(greeting, "csi.com")
-	     && (start = strchr(ctl->remotename, '@'))
-	     && !strcmp("@compuserve.com", start))
-	 {
-             /* temporary fix to get back out of cleartext authentication */
-             gen_transact(sock, "PASS %s", "dummypass");
-  
-	     /* AUTH command should return a list of available mechanisms */
-	     if (gen_transact(sock, "AUTH") == 0)
-	     {
-		 char buffer[10];
-		 flag has_rpa = FALSE;
-
-		 while ((ok = gen_recv(sock, buffer, sizeof(buffer))) == 0)
-		 {
-		     if (buffer[0] == '.')
-			 break;
-		     if (strncasecmp(buffer, "rpa", 3) == 0)
-			 has_rpa = TRUE;
-		 }
-		 if (has_rpa && !POP3_auth_rpa(ctl->remotename, 
-					       ctl->password, sock))
-		     return(PS_SUCCESS);
-	     }
-
-	     return(PS_AUTHFAIL);
-	 }
+	/* CompuServe POP3 Servers as of 990730 want AUTH first for RPA */
+	if (strstr(ctl->remotename, "@compuserve.com"))
+	{
+	    /* AUTH command should return a list of available mechanisms */
+	    if (gen_transact(sock, "AUTH") == 0)
+	    {
+		char buffer[10];
+		flag has_rpa = FALSE;
+
+		while ((ok = gen_recv(sock, buffer, sizeof(buffer))) == 0)
+		{
+		    if (buffer[0] == '.')
+			break;
+		    if (strncasecmp(buffer, "rpa", 3) == 0)
+			has_rpa = TRUE;
+		}
+		if (has_rpa && !POP3_auth_rpa(ctl->remotename, 
+					      ctl->password, sock))
+		    return(PS_SUCCESS);
+	    }
+
+	    return(PS_AUTHFAIL);
+	}
+	else /* not a CompuServe account */
 #endif /* RPA_ENABLE */
+	    ok = gen_transact(sock, "USER %s", ctl->remotename);
 
 #if OPIE
 	/* see RFC1938: A One-Time Password System */
-- 
cgit v1.2.3