From 8dcde6bdc0a17bd0bffb1f2436325038a0fa9103 Mon Sep 17 00:00:00 2001 From: "Eric S. Raymond" Date: Mon, 9 Dec 2002 15:05:42 +0000 Subject: Security fix release. svn path=/trunk/; revision=3775 --- Makefile.in | 2 +- fetchmail.man | 4 ++++ indexgen.sh | 5 +++-- rfc822.c | 2 +- smtp.c | 50 +++++++++++++++++++++++++++++++++++++++++--------- 5 files changed, 50 insertions(+), 13 deletions(-) diff --git a/Makefile.in b/Makefile.in index 1b0a714d..73252e07 100644 --- a/Makefile.in +++ b/Makefile.in @@ -4,7 +4,7 @@ # So just uncomment all the lines marked QNX. PACKAGE = fetchmail -VERSION = 6.1.3 +VERSION = 6.2.0 # Ultrix 2.2 make doesn't expand the value of VPATH. srcdir = @srcdir@ diff --git a/fetchmail.man b/fetchmail.man index d6122d33..2c51dd83 100644 --- a/fetchmail.man +++ b/fetchmail.man @@ -1110,6 +1110,10 @@ The .I postfix MTA runs 554 as an antispam response. .PP +.I Zmailer +may reject code with a 500 response (followed by an enhanced status +code that contains more information). +.PP Return codes which .I fetchmail treats as antispam responses and discards diff --git a/indexgen.sh b/indexgen.sh index 739cbc6e..37e3fb06 100755 --- a/indexgen.sh +++ b/indexgen.sh @@ -163,7 +163,7 @@ checksum file is cryptographically signed and can be verified with the command:

-gpg --verify checksums.asc
+gpg --verify checksums
 
EOF @@ -228,7 +228,8 @@ FAQ covers them like a blanket.

href="../index.html">Eric S. Raymond. There are some designated backup maintainers (Rob Funk, David DeSimone aka Fuzzy Fox, -Dave Bodenstab). Other backup +Dave Bodenstab and Sunil Shetye). Other backup maintainers may be added in the future, in order to ensure continued support should Eric S. Raymond drop permanently off the net for any reason.

diff --git a/rfc822.c b/rfc822.c index 1957c037..9e3226e6 100644 --- a/rfc822.c +++ b/rfc822.c @@ -76,7 +76,7 @@ const unsigned char *host; /* server hostname */ for (cp = buf; *cp; cp++) if (*cp == ',' || isspace(*cp)) addresscount++; - buf = (unsigned char *)xrealloc(buf, strlen(buf) + addresscount * strlen(host) + 1); + buf = (unsigned char *)xrealloc(buf, strlen(buf) + addresscount * (strlen(host) + 1) + 1); #endif /* MAIN */ /* diff --git a/smtp.c b/smtp.c index 6c357571..44b22989 100644 --- a/smtp.c +++ b/smtp.c @@ -11,6 +11,7 @@ #include #include #include +#include #include "fetchmail.h" #include "socket.h" #include "smtp.h" @@ -322,29 +323,60 @@ int SMTP_eom(int sock) return ok; } +/* ignore SIGALRM signal indicating a timeout during smtp ok */ +static void smtp_timeout_handler (int signal) { } + int SMTP_ok(int sock) /* returns status of SMTP connection */ { + void (*alrmsave)(int); + + /* set an alarm for smtp ok */ + alrmsave = signal(SIGALRM, smtp_timeout_handler); + set_timeout(mytimeout); + while ((SockRead(sock, smtp_response, sizeof(smtp_response)-1)) != -1) { - int n = strlen(smtp_response); + int n; - if (smtp_response[strlen(smtp_response)-1] == '\n') - smtp_response[strlen(smtp_response)-1] = '\0'; - if (smtp_response[strlen(smtp_response)-1] == '\r') - smtp_response[strlen(smtp_response)-1] = '\0'; - if (n < 4) - return SM_ERROR; + /* restore alarm */ + set_timeout(0); + signal(SIGALRM, alrmsave); + + n = strlen(smtp_response); + if (n > 0 && smtp_response[n-1] == '\n') + n--; + if (n > 0 && smtp_response[n-1] == '\r') + n--; smtp_response[n] = '\0'; if (outlevel >= O_MONITOR) report(stdout, "%cMTP< %s\n", smtp_mode, smtp_response); - if ((smtp_response[0] == '1' || smtp_response[0] == '2' || smtp_response[0] == '3') && smtp_response[3] == ' ') + if (n < 4 || + (smtp_response[3] != ' ' && smtp_response[3] != '-')) + { + if (outlevel >= O_MONITOR) + report(stderr, GT_("smtp listener protocol error\n")); + return SM_UNRECOVERABLE; + } + + if ((smtp_response[0] == '1' || smtp_response[0] == '2' || smtp_response[0] == '3') && + smtp_response[3] == ' ') return SM_OK; else if (smtp_response[3] != '-') return SM_ERROR; + + /* set an alarm for smtp ok */ + signal(SIGALRM, smtp_timeout_handler); + set_timeout(mytimeout); + } + + /* restore alarm */ + set_timeout(0); + signal(SIGALRM, alrmsave); + if (outlevel >= O_MONITOR) - report(stderr, GT_("smtp listener protocol error")); + report(stderr, GT_("smtp listener protocol error\n")); return SM_UNRECOVERABLE; } -- cgit v1.2.3