From e0e7a74bde52a1aa02d1da758128722598fb6dd8 Mon Sep 17 00:00:00 2001 From: Matthias Andree Date: Sun, 25 Aug 2019 18:52:53 +0200 Subject: Align with legacy_6x. * Normalize include order. * Backport missed bug fixes. * Remove dead code. --- .gitignore | 11 +++++---- NEWS | 11 +++++++++ README | 3 +-- README.git | 1 + TODO.txt | 23 +++++++++++++++++++ checkalias.c | 2 +- configure.ac | 54 +++++++++++++++++++++++++++---------------- cram.c | 2 +- daemon.c | 7 ++++-- dist-tools/makerelease.pl | 2 +- fetchmail-FAQ.html | 4 ++-- fetchmail.c | 3 ++- fetchmail.h | 4 ++-- getopt.c | 4 ++-- gssapi.c | 3 ++- idle.c | 2 +- idlist.c | 17 +------------- imap.c | 12 ++-------- lock.c | 2 +- netrc.c | 2 +- opie.c | 7 +++--- options.c | 1 + pop3.c | 58 +---------------------------------------------- rcfile_l.l | 2 -- rcfile_y.y | 3 +++ rfc822.c | 2 +- rpa.c | 2 +- sink.c | 36 ++++++++++------------------- smbencrypt.c | 46 ------------------------------------- smbutil.c | 2 +- socket.c | 14 ++++++++---- socket.h | 1 - strlcat.c | 3 +++ strlcpy.c | 3 +++ transact.c | 20 +--------------- ucs/norm_charmap.c | 1 + uid.c | 15 ++++++------ unmime.c | 2 +- 38 files changed, 153 insertions(+), 234 deletions(-) diff --git a/.gitignore b/.gitignore index 032ff6e0..1894ce54 100644 --- a/.gitignore +++ b/.gitignore @@ -6,9 +6,13 @@ .deps/ .project .rsyncs +.settings/ +.vscode/ /nbproject/ ABOUT-NLS aclocal.m4 +ANNOUNCE.EMAIL +ar-lib autobuild/ autom4te.cache build* @@ -36,7 +40,9 @@ fetchmail-man.html fetchmail.spec fetchmailconf genlsm.sh +IMAPCapa install-sh +intl/ libfm.a m4/ Mailbox-Names-UTF7.html @@ -60,13 +66,10 @@ rfc822valid stamp-h1 tags test-driver +test-suite.log TODO unmime x509_name_match ylwrap \#*# -.settings/ -.vscode/ _build* -ANNOUNCE.EMAIL -ar-lib diff --git a/NEWS b/NEWS index c9c65a1b..b30474b4 100644 --- a/NEWS +++ b/NEWS @@ -99,6 +99,17 @@ fetchmail-6.4.0 (not yet released): * Fetchmail prevents buffer overruns in GSSAPI authentication with user names beyond c. 6000 characters in length. Reported by Greg Hudson. +## CHANGED REQUIREMENTS +* fetchmail 6.4.0 is written in C99 and requires a SUSv3 (Single Unix + Specification v3, a superset of POSIX.1-2001 aka. IEEE Std 1003.1-2001 with + XSI extension) compliant system. For now, a C89 compiler should also work + if the system is SUSv3 compliant. + + In particular, older fetchmail versions had workaround for several functions + standardized in the Single Unix Specification v3, these have been removed. + + The trio/ library has been removed from the distribution. + ## CHANGES * fetchmail 6.3.X is unsupported. * fetchmail now configures OpenSSL support by default. diff --git a/README b/README index a33a791c..73f11ffe 100644 --- a/README +++ b/README @@ -46,7 +46,6 @@ used in some parts of the code. Future fetchmail releases will require modern language features such as "long long" and others, so this release is the last to support C89. - Further reading --------------- @@ -62,7 +61,7 @@ Status, source code The fetchmail code appears to be stable and free of bugs affecting normal operation (that is, retrieving from POP3 or IMAP in single-drop mode and -forwarding via SMTP to a local MTA). +forwarding via SMTP to a local mail transfer agent). You can get the code from the fetchmail home page: diff --git a/README.git b/README.git index 59fae997..1781c192 100644 --- a/README.git +++ b/README.git @@ -12,6 +12,7 @@ The prerequisite packages are: - GNU m4 - GNU bison - GNU flex >= 2.5.30 +- A TLSv1.2-capable OpenSSL version (>= 1.0.2) After you have everything installed, type: diff --git a/TODO.txt b/TODO.txt index 8839b017..28fad276 100644 --- a/TODO.txt +++ b/TODO.txt @@ -176,6 +176,29 @@ questionable: does it expect, what does it get instead, what does that mean, how can the user fix it; references to the manual) +- grarpamp suggested, on the fetchmail list in later April 2013, more + config file flexibility and explicitness, by marking polls, hosts, + accounts. See thread. + +- more selection options, Debian Bug#705291. + +- add a way to specify multiple fingerprints per host + +- add a way to specify non-MD5 fingerprints per host. SHA1 can be told + from its mere length; other digest algorithms would require some sort + of prefix. We may require the prefix for SHA1, too, for clarity. + +- more useful logging, suggested by Jerry, fetchmail-users, 17 May 2013 + should include date, time, message-id, and 250 Ok message from + listener that got forwarded to. + +- support to present/limit the ciphers and protocols used + ciphers: Martin Koeppe (mkoeppe at gmx dot de) 20130717 on + fetchmail-users list. + protocols: see recent Postfix versions + +- add timestamps to local logfiles, proposed by Aaron Sloman + 2013-10-16 DOCUMENTATION: - Add info whether Keywords are global, server or user keywords diff --git a/checkalias.c b/checkalias.c index eb92ff00..4da77656 100644 --- a/checkalias.c +++ b/checkalias.c @@ -5,6 +5,7 @@ * For license terms, see the file COPYING in this directory. */ #include "config.h" +#include "fetchmail.h" #include #include #include @@ -21,7 +22,6 @@ #include #include "i18n.h" #include "mx.h" -#include "fetchmail.h" #include "getaddrinfo.h" #define MX_RETRIES 3 diff --git a/configure.ac b/configure.ac index 47d88712..223ac149 100644 --- a/configure.ac +++ b/configure.ac @@ -375,7 +375,8 @@ AM_CONDITIONAL(POP2_ENABLE, test "$with_POP2" = yes) ### use option --disable-POP3 to omit the POP3 support AC_ARG_ENABLE(POP3, - [ --disable-POP3 don't compile in POP3 protocol support], + [AS_HELP_STRING([--disable-POP3], + [do not compile in POP3 protocol support])], [with_POP3=$enableval], [with_POP3=yes]) test "$with_POP3" = "yes" && AC_DEFINE(POP3_ENABLE,1,Define if you want POP3 support compiled in) @@ -383,7 +384,8 @@ AM_CONDITIONAL(POP3_ENABLE, test "$with_POP3" = yes) ### use option --disable-IMAP to omit the IMAP support AC_ARG_ENABLE(IMAP, - [ --disable-IMAP don't compile in IMAP protocol support], + [AS_HELP_STRING([--disable-IMAP], + [do not compile in IMAP protocol support])], [with_IMAP=$enableval], [with_IMAP=yes]) test "$with_IMAP" = "yes" && AC_DEFINE(IMAP_ENABLE,1,Define if you want IMAP support compiled in) @@ -391,7 +393,8 @@ AM_CONDITIONAL(IMAP_ENABLE, test "$with_IMAP" = yes) ### use option --disable-ETRN to omit the ETRN support AC_ARG_ENABLE(ETRN, - [ --disable-ETRN don't compile in ETRN protocol support], + [AS_HELP_STRING([--disable-ETRN],[do not compile in ETRN protocol + support])], [with_ETRN=$enableval], [with_ETRN=yes]) test "$with_ETRN" = "yes" && AC_DEFINE(ETRN_ENABLE,1,Define if you want ETRN support compiled in.) @@ -399,7 +402,8 @@ AM_CONDITIONAL(ETRN_ENABLE, test "$with_ETRN" = yes) ### use option --disable-ODMR to omit the ODMR support AC_ARG_ENABLE(ODMR, - [ --disable-ODMR don't compile in ODMR protocol support], + [AS_HELP_STRING([--disable-ODMR],[do not compile in ODMR protocol + support])], [with_ODMR=$enableval], [with_ODMR=yes]) test "$with_ODMR" = "yes" && AC_DEFINE(ODMR_ENABLE,1,Define if you want ODMR support compiled in) @@ -407,7 +411,8 @@ AM_CONDITIONAL(ODMR_ENABLE, test "$with_ODMR" = yes) ### use option --enable-RPA to compile in the RPA support AC_ARG_ENABLE(RPA, - [ --enable-RPA compile in RPA protocol support], + [AS_HELP_STRING([--enable-RPA],[compile in RPA protocol + support])], [with_RPA=$enableval], [with_RPA=no]) test "$with_RPA" = "yes" && AC_DEFINE(RPA_ENABLE,1,Define if you want RPA support compiled in) @@ -415,7 +420,8 @@ AM_CONDITIONAL(RPA_ENABLE, test "$with_RPA" = yes) ### use option --enable-NTLM to compile in the NTLM support AC_ARG_ENABLE(NTLM, - [ --enable-NTLM compile in NTLM authentication support], + [AS_HELP_STRING([--enable-NTLM],[compile in NTLM authentication + support])], [with_NTLM=$enableval], [with_NTLM=no]) test "$with_NTLM" = "yes" && AC_DEFINE(NTLM_ENABLE,1,Define if you want NTLM authentication) @@ -423,7 +429,7 @@ AM_CONDITIONAL(NTLM_ENABLE, test "$with_NTLM" = yes) ### use option --enable-SDPS to compile in the SDPS support AC_ARG_ENABLE(SDPS, - [ --enable-SDPS compile in SDPS protocol support], + [AS_HELP_STRING([--enable-SDPS],[compile in SDPS protocol support])], [with_SDPS=$enableval], [with_SDPS=no]) if test "$with_SDPS" = yes ; then @@ -443,7 +449,8 @@ AC_CACHE_SAVE ### use option --enable-opie to compile in the OPIE support AC_ARG_ENABLE(opie, - [ --enable-opie support OTP through the OPIE library], + [AS_HELP_STRING([--enable-opie],[support one-time passwords + (OTP) through the OPIE library])], [ AC_CHECK_HEADER(opie.h,, [AC_MSG_ERROR([cannot find , which is required for OPIE support.])]) AC_CHECK_LIB(opie,opiegenerator,, [AC_MSG_ERROR([cannot find libopie, which is required for OPIE support.])]) with_opie=$enableval], @@ -501,10 +508,10 @@ if test "$fm_cv_getaddrinfo" = yes ; then gai_ts=no dnl we have getaddrinfo() - check if the OS is known to have a async-signal-safe implementation case $host_os in - darwin9*) gai_ts=yes ;; - linux*) gai_ts=yes ;; - freebsd5.5|freebsd6*|freebsd7*) gai_ts=yes ;; - solaris2.8|solaris2.9|solaris2.10) gai_ts=yes ;; + darwin*) gai_ts=yes ;; + linux*) gai_ts=yes ;; + freebsd*) gai_ts=yes ;; + solaris*) gai_ts=yes ;; esac AC_MSG_RESULT($gai_ts) if test $gai_ts = yes ; then @@ -523,14 +530,15 @@ fi # * Move all the kerberos header mess to kerberos.h, and #include that # in driver.c and kerberos.c. # -# Tested using the Heimdal Kerberos V libs, Kungliga Tekniska Högskolan (the +# Tested using the Heimdal Kerberos V libs, Kungliga Tekniska Högskolan (the # Royal Institute of Technology in Stockholm, Sweden)'s kerberos IV libs, and # the MIT reference implementation of KerberosV (all as packaged in Debian). ### use option --with-kerberos5=DIR to point at a Kerberos 5 directory ### make sure --with-ssl is run before --with-kerberos* ! AC_ARG_WITH(kerberos5, - [ --with-kerberos5=DIR point fetchmail compilation at a Kerberos 5 directory], + [AS_HELP_STRING([--with-kerberos5[[=DIR]]],[point fetchmail + compilation at a Kerberos 5 directory])], [ if test "$with_kerberos5" != "no" then @@ -708,7 +716,9 @@ AM_CONDITIONAL(KERBEROS_V4_ENABLE, test "$KERBEROS_V4" = 1) ### use option --with-ssl to compile in the SSL support AC_ARG_WITH(ssl, - [ --with-ssl=[DIR] enable SSL support using libraries in DIR], + [AS_HELP_STRING([--with-ssl[[={yes|no|DIR}]]],[Use OpenSSL from + DIR/include/openssl and + DIR/lib (default: yes). Yes means try to find it.])], [with_ssl=$withval], [with_ssl=yes]) @@ -755,7 +765,7 @@ then AC_MSG_NOTICE(Enabling OpenSSL support in $with_ssl.) test "$with_ssl" != "/usr" && CFLAGS="$CFLAGS -I$with_ssl/include" ### In Red Hat 9, this file includes a reference to , so we - ### force the Kerberos direcory onto the include path so it will build. + ### force the Kerberos directory onto the include path so it will build. CFLAGS="$CFLAGS -I/usr/kerberos/include" ### OpenBSD comes with ssl headers else @@ -789,13 +799,17 @@ else fi case "$LIBS" in *-lssl*) + AC_CHECK_DECLS([TLS1_2_VERSION],, + AC_MSG_ERROR([Your OpenSSL version is too old and does not support TLS v1.2. Upgrade.]), + [#include ]) AC_CHECK_DECLS([SSLv3_client_method],,,[#include ]) ;; esac ### use option --with-socks=DIR to point at SOCKS library AC_ARG_WITH(socks, - [ --with-socks[=DIR] add built-in SOCKS firewall access], + [AS_HELP_STRING([--with-socks[[=DIR]]],[add built-in SOCKS (4) + firewall access])], [ if test "$with_socks" != no then @@ -813,7 +827,8 @@ fi]) ### use option --with-socks5=DIR to point at SOCKS library AC_ARG_WITH(socks5, - [ --with-socks5[=DIR] add built-in SOCKS5 firewall access], + [AS_HELP_STRING([--with-socks5[[=DIR]]],[add built-in SOCKS5 + firewall access])], [ if test "$with_socks5" != no then @@ -836,7 +851,8 @@ AC_ma_SEARCH_PACKAGE(hesiod, hesiod_getmailhost, /usr/athena /usr /usr/local,hes ### use option --with-gssapi=DIR to compile in GSSAPI support AC_ARG_WITH(gssapi, - [ --with-gssapi[=DIR] compile in GSSAPI support using libraries in DIR], + [AS_HELP_STRING([--with-gssapi[[=DIR]]],[compile in GSSAPI + support using libraries in DIR])], [ if test "$with_gssapi" != "no" then diff --git a/cram.c b/cram.c index 4ac4a31f..969d3d90 100644 --- a/cram.c +++ b/cram.c @@ -15,7 +15,7 @@ #include "socket.h" #include "i18n.h" -#include "fm_md5.h" +#include "fm_md5.h" void hmac_md5 (const unsigned char *password, size_t pass_len, const unsigned char *challenge, size_t chal_len, diff --git a/daemon.c b/daemon.c index 58dee539..53bc4dcb 100644 --- a/daemon.c +++ b/daemon.c @@ -238,12 +238,15 @@ nottyDetach: if (dup(logfd) < 0 /* stdout */ || ((logfd == 0 || logfd >= 3) && dup(logfd) < 0)) { /* stderr */ - report(stderr, "dup (%s)\n", strerror(errno)); + report(stderr, "dup(): %s\n", strerror(errno)); return(PS_IOERR); } /* move to root directory, so we don't prevent filesystem unmounts */ - chdir("/"); + if (chdir("/")) { + report(stderr, "chdir(\"/\"): %s\n", strerror(errno)); + return PS_IOERR; + } /* set our umask to something reasonable (we hope) */ #if defined(DEF_UMASK) diff --git a/dist-tools/makerelease.pl b/dist-tools/makerelease.pl index 48482376..8bdba4bd 100755 --- a/dist-tools/makerelease.pl +++ b/dist-tools/makerelease.pl @@ -63,7 +63,7 @@ my $tmp = $ENV{TMPDIR} || $ENV{TMP} || $ENV{TEMP} || "/tmp"; # extract version from source my $version =`grep 'AC_INIT' configure.ac`; -$version =~ /AC_INIT\([^,]*,\[?([0-9.rcbeta-]+)\]?\,.*\)/; +$version =~ /AC_INIT\([^,]*,\[?([0-9.rcbetalph-]+)\]?\,.*\)/; $version = $1; die "cannot determine version" unless defined $1; my $tag = "RELEASE_$version"; diff --git a/fetchmail-FAQ.html b/fetchmail-FAQ.html index 0f9c9a96..5b9a1203 100644 --- a/fetchmail-FAQ.html +++ b/fetchmail-FAQ.html @@ -17,7 +17,7 @@ a much better one. The Fetchmail FAQ - + @@ -2071,7 +2071,7 @@ SSL?

You'll need to have the OpenSSL libraries installed, and they should at least be version 1.0.2. -Configure with --with-ssl. If you have the OpenSSL libraries +Configure with --with-ssl (default since fetchmail v6.4.0). If you have the OpenSSL libraries installed in commonly-used default locations, this will suffice. If you have them installed in a non-default location, you'll need to specify the OpenSSL installation directory as an argument diff --git a/fetchmail.c b/fetchmail.c index 80993ccb..5e570154 100644 --- a/fetchmail.c +++ b/fetchmail.c @@ -964,7 +964,7 @@ static void optmerge(struct query *h2, struct query *h1, int force) list_merge(&h2->domainlist, &h1->domainlist, force); list_merge(&h2->antispam, &h1->antispam, force); -#define FLAG_MERGE(fld) if (force ? !!h1->fld : !h2->fld) h2->fld = h1->fld +#define FLAG_MERGE(fld) do { if (force ? !!h1->fld : !h2->fld) h2->fld = h1->fld; } while (0) FLAG_MERGE(server.via); FLAG_MERGE(server.protocol); FLAG_MERGE(server.service); @@ -1575,6 +1575,7 @@ static int query_host(struct query *ctl) default: report(stderr, GT_("unsupported protocol selected.\n")); st = PS_PROTOCOL; + break; } /* diff --git a/fetchmail.h b/fetchmail.h index 327552d8..dae4f8a1 100644 --- a/fetchmail.h +++ b/fetchmail.h @@ -38,8 +38,8 @@ struct addrinfo; # include "trio/trio.h" #endif -#include "uid_db.h" #include "fm_strl.h" +#include "uid_db.h" /* constants designating the various supported protocols */ #define P_AUTO 1 @@ -114,7 +114,7 @@ struct addrinfo; #define MSGBUFSIZE 8192 #define NAMELEN 64 /* max username length */ -#define PASSWORDLEN 64 /* max password length */ +#define PASSWORDLEN 256 /* max password length */ #define DIGESTLEN 33 /* length of MD5 digest */ /* exit code values */ diff --git a/getopt.c b/getopt.c index 04524325..c2062b57 100644 --- a/getopt.c +++ b/getopt.c @@ -244,7 +244,7 @@ exchange (argv) { /* Bottom segment is the short one. */ int len = middle - bottom; - register int i; + int i; /* Swap it with the top part of the top segment. */ for (i = 0; i < len; i++) @@ -260,7 +260,7 @@ exchange (argv) { /* Top segment is the short one. */ int len = top - middle; - register int i; + int i; /* Swap it with the bottom part of the bottom segment. */ for (i = 0; i < len; i++) diff --git a/gssapi.c b/gssapi.c index 818b599b..5bef92e1 100644 --- a/gssapi.c +++ b/gssapi.c @@ -5,13 +5,14 @@ */ #include "config.h" +#include "fetchmail.h" + #include #include #include #if defined(STDC_HEADERS) #include #endif -#include "fetchmail.h" #include "socket.h" #include "i18n.h" diff --git a/idle.c b/idle.c index 4ea21a3c..eb034b20 100644 --- a/idle.c +++ b/idle.c @@ -16,12 +16,12 @@ is part of fetchmail and the Unix Cookbook, and are released under the MIT license. Compile with -DMAIN to build the demonstrator. ******************************************************************************/ +#include "fetchmail.h" #include #include #include #include #include -#include /* for ROOT_UID */ #ifndef TRUE #define TRUE 1 diff --git a/idlist.c b/idlist.c index d886de6b..379073fd 100644 --- a/idlist.c +++ b/idlist.c @@ -5,6 +5,7 @@ */ #include "config.h" +#include "fetchmail.h" #include #include @@ -18,7 +19,6 @@ #include #endif -#include "fetchmail.h" /** Save string \a str to idlist \a idl with status \a status. * \return Pointer to the last element of the list to help the quick, @@ -82,21 +82,6 @@ void save_str_pair(struct idlist **idl, const char *str1, const char *str2) (*end)->next = (struct idlist *)NULL; } -#ifdef __UNUSED__ -void free_str_pair_list(struct idlist **idl) -/* free the given ID pair list */ -{ - if (*idl == (struct idlist *)NULL) - return; - - free_idpair_list(&(*idl)->next); - free ((*idl)->id); - free ((*idl)->val.id2); - free(*idl); - *idl = (struct idlist *)NULL; -} -#endif - /** Check if ID \a str is in idlist \a idl. \return idlist entry if found, * NULL if not found. */ struct idlist *str_in_list(struct idlist **idl, const char *str, diff --git a/imap.c b/imap.c index 8163ddaa..90c3f92c 100644 --- a/imap.c +++ b/imap.c @@ -6,6 +6,8 @@ */ #include "config.h" +#include "fetchmail.h" + #include #include #include @@ -15,7 +17,6 @@ #include #include #endif -#include "fetchmail.h" #include "socket.h" #include "i18n.h" @@ -627,15 +628,6 @@ static int imap_getauth(int sock, struct query *ctl, char *greeting) } #endif /* NTLM_ENABLE */ -#ifdef __UNUSED__ /* The Cyrus IMAP4rev1 server chokes on this */ - /* this handles either AUTH=LOGIN or AUTH-LOGIN */ - if ((imap_version >= IMAP4rev1) && (!strstr(capabilities, "LOGIN"))) - { - report(stderr, - GT_("Required LOGIN capability not supported by server\n")); - } -#endif /* __UNUSED__ */ - /* * We're stuck with sending the password en clair. * The reason for this odd-looking logic is that some diff --git a/lock.c b/lock.c index 213969f1..53846c83 100644 --- a/lock.c +++ b/lock.c @@ -4,6 +4,7 @@ * For license terms, see the file COPYING in this directory. */ #include "config.h" +#include "fetchmail.h" #include #ifdef HAVE_STRING_H @@ -19,7 +20,6 @@ #include #include -#include "fetchmail.h" #include "i18n.h" #include "lock.h" diff --git a/netrc.c b/netrc.c index a585e1a0..661da361 100644 --- a/netrc.c +++ b/netrc.c @@ -11,13 +11,13 @@ */ #include "config.h" +#include "fetchmail.h" #include #include #include #include -#include "fetchmail.h" #include "netrc.h" #include "i18n.h" diff --git a/opie.c b/opie.c index c186908f..367932bc 100644 --- a/opie.c +++ b/opie.c @@ -5,13 +5,14 @@ */ #include "config.h" +#include "fetchmail.h" + #include #include #include #if defined(STDC_HEADERS) #include #endif -#include "fetchmail.h" #include "socket.h" #include "i18n.h" @@ -43,7 +44,7 @@ int do_otp(int sock, const char *command, struct query *ctl) return PS_AUTHFAIL; } - to64frombits(buffer, ctl->remotename, strlen(ctl->remotename), sizeof buffer); + to64frombits(buffer, ctl->remotename, strlen(ctl->remotename), sizeof(buffer)); suppress_tags = TRUE; gen_send(sock, "%s", buffer); suppress_tags = FALSE; @@ -70,7 +71,7 @@ int do_otp(int sock, const char *command, struct query *ctl) if (rval) return(PS_AUTHFAIL); - to64frombits(buffer, response, strlen(response), sizeof buffer); + to64frombits(buffer, response, strlen(response), sizeof(buffer)); suppress_tags = TRUE; gen_send(sock, "%s", buffer); suppress_tags = FALSE; diff --git a/options.c b/options.c index b8561f8d..90eeaaff 100644 --- a/options.c +++ b/options.c @@ -6,6 +6,7 @@ */ #include "config.h" +#include "fetchmail.h" #include #include diff --git a/pop3.c b/pop3.c index 907a5879..c2238b72 100644 --- a/pop3.c +++ b/pop3.c @@ -6,6 +6,7 @@ */ #include "config.h" + #ifdef POP3_ENABLE #include #include @@ -708,22 +709,6 @@ static int pop3_getauth(int sock, struct query *ctl, char *greeting) return(ok); } -/* Disable the sleep. Based on patch by Brian Candler 2004-04-19/2004-11-08, - * accepted by Matthias Andree. - * - * Rationale: the server must have locked the spool before returning +OK; - * this sleep just wastes time and hence, for modem and GSM CSD users, money. */ -#ifdef WANT_BOGUS - /* - * Empirical experience shows some server/OS combinations - * may need a brief pause even after any lockfiles on the - * server are released, to give the server time to finish - * copying back very large mailfolders from the temp-file... - * this is only ever an issue with extremely large mailboxes. - */ - sleep(3); /* to be _really_ safe, probably need sleep(5)! */ -#endif - /* we're approved */ return(PS_SUCCESS); } @@ -1231,29 +1216,6 @@ static int pop3_is_old(int sock, struct query *ctl, int num) } } -#ifdef UNUSED -/* - * We could use this to fetch headers only as we do for IMAP. The trouble - * is that there's no way to fetch the body only. So the following RETR - * would have to re-fetch the header. Enough messages have longer headers - * than bodies to make this a net loss. - */ -static int pop_fetch_headers(int sock, struct query *ctl,int number,int *lenp) -/* request headers of nth message */ -{ - int ok; - char buf[POPBUFSIZE+1]; - - gen_send(sock, "TOP %d 0", number); - if ((ok = pop3_ok(sock, buf)) != 0) - return(ok); - - *lenp = -1; /* we got sizes from the LIST response */ - - return(PS_SUCCESS); -} -#endif /* UNUSED */ - static int pop3_fetch(int sock, struct query *ctl, int number, int *lenp) /* request nth message */ { @@ -1389,24 +1351,6 @@ static int pop3_logout(int sock, struct query *ctl) { int ok; -#ifdef __UNUSED__ - /* - * We used to do this in case the server marks messages deleted when seen. - * (Yes, this has been reported, in the MercuryP/NLM server. - * It's even legal under RFC 1939 (section 8) as a site policy.) - * It interacted badly with UIDL, though. Thomas Zajic wrote: - * "Running 'fetchmail -F -v' and checking the logs, I found out - * that fetchmail did in fact flush my mailbox properly, but sent - * a RSET just before sending QUIT to log off. This caused the - * POP3 server to undo/forget about the previous DELEs, resetting - * my mailbox to its original (ie. unflushed) state. The - * ~/.fetchids file did get flushed though, so the next time - * fetchmail was run it saw all the old messages as new ones ..." - */ - if (ctl->keep) - gen_transact(sock, "RSET"); -#endif /* __UNUSED__ */ - ok = gen_transact(sock, "QUIT"); if (!ok) expunge_uids(ctl); diff --git a/rcfile_l.l b/rcfile_l.l index 9590a2ff..a7052df9 100644 --- a/rcfile_l.l +++ b/rcfile_l.l @@ -36,8 +36,6 @@ int yywrap(void) { return 1; } %s NAME AUTH - - %% \"[^\"]*\" | diff --git a/rcfile_y.y b/rcfile_y.y index 70615661..774f7155 100644 --- a/rcfile_y.y +++ b/rcfile_y.y @@ -6,6 +6,7 @@ */ #include "config.h" +#include "fetchmail.h" #include #include #include @@ -462,6 +463,8 @@ int prc_parse_file (const char *pathname, const flag securecheck) prc_errflag = 0; querylist = hosttail = (struct query *)NULL; + (void)yytoknum; /* work around compiler warning */ + errno = 0; /* Check that the file is secure */ diff --git a/rfc822.c b/rfc822.c index 15b88f05..e56ced16 100644 --- a/rfc822.c +++ b/rfc822.c @@ -21,6 +21,7 @@ MIT license. Compile with -DMAIN to build the demonstrator. ******************************************************************************/ #include "config.h" +#include "fetchmail.h" #include #include @@ -28,7 +29,6 @@ MIT license. Compile with -DMAIN to build the demonstrator. #include #include -#include "fetchmail.h" #include "sdump.h" #ifndef MAIN diff --git a/rpa.c b/rpa.c index c365f0de..e5fe326f 100644 --- a/rpa.c +++ b/rpa.c @@ -16,6 +16,7 @@ #include "config.h" #if defined(POP3_ENABLE) && defined(RPA_ENABLE) +#include "fetchmail.h" #include #include #include @@ -24,7 +25,6 @@ #include #include "socket.h" -#include "fetchmail.h" #include "fm_md5.h" #include "i18n.h" diff --git a/sink.c b/sink.c index 164c36d8..85680dbe 100644 --- a/sink.c +++ b/sink.c @@ -11,6 +11,8 @@ */ #include "config.h" +#include "fetchmail.h" + #include #include #include @@ -32,8 +34,6 @@ #include #include -#include "fetchmail.h" - /* for W* macros after pclose() */ #define _USE_BSD #include @@ -445,18 +445,6 @@ static int handle_smtp_report(struct query *ctl, struct msgblk *msg) responses[0] = xstrdup(smtp_response); -#ifdef __UNUSED__ - /* - * Don't do this! It can really mess you up if, for example, you're - * reporting an error with a single RCPT TO address among several; - * RSET discards the message body and it doesn't get sent to the - * valid recipients. - */ - smtp_rset(ctl); /* stay on the safe side */ - if (outlevel >= O_DEBUG) - report(stdout, GT_("Saved error is still %d\n"), smtperr); -#endif /* __UNUSED */ - /* * Note: send_bouncemail message strings are not made subject * to gettext translation because (a) they're going to be @@ -533,12 +521,6 @@ static int handle_smtp_report(struct query *ctl, struct msgblk *msg) * (b) we wouldn't want spammers to get confirmation that * this address is live, anyway. */ -#ifdef __DONT_FEED_THE_SPAMMERS__ - if (run.bouncemail) - send_bouncemail(ctl, msg, XMIT_ACCEPT, - "Invalid address in MAIL FROM (SMTP error 553).\r\n", - 1, responses); -#endif /* __DONT_FEED_THE_SPAMMERS__ */ free(responses[0]); return(PS_REFUSED); @@ -617,10 +599,6 @@ static int handle_smtp_report_without_bounce(struct query *ctl, struct msgblk *m return(PS_REFUSED); case 553: /* invalid sending domain */ -#ifdef __DONT_FEED_THE_SPAMMERS__ - if (run.bouncemail) - return(PS_SUCCESS); -#endif /* __DONT_FEED_THE_SPAMMERS__ */ return(PS_REFUSED); default: @@ -1185,6 +1163,16 @@ static int open_mda_sink(struct query *ctl, struct msgblk *msg, for (dp = after, sp = before; (*dp = *sp); dp++, sp++) { if (sp[0] != '%') continue; + if (sp > before && sp[-1] == '\'') { + report(stderr, GT_("MDA option contains single-quoted %%%c expansion.\n"), sp[1]); + report(stderr, GT_("Refusing to deliver. Check the manual and fix your mda option.\n")); + free(before); + free(after); + if (from) free(from); + if (names) free(names); + return PS_SYNTAX; + } + /* need to expand? BTW, no here overflow, because in ** the worst case (end of string) sp[1] == '\0' */ if (sp[1] == 's' || sp[1] == 'T') { diff --git a/smbencrypt.c b/smbencrypt.c index ad14707f..21d7bff0 100644 --- a/smbencrypt.c +++ b/smbencrypt.c @@ -65,12 +65,6 @@ static size_t skip_multibyte_char(char c) return 0; } - -/******************************************************************* -safe string copy into a known length string. maxlength does not -include the terminating zero. -********************************************************************/ - static void strupper(char *s) { while (*s) @@ -201,43 +195,3 @@ void SMBNTencrypt(uchar *passwd, uchar *c8, uchar *p24) dump_data(100, (char *)p24, 24); #endif } - -#if 0 - -BOOL make_oem_passwd_hash(char data[516], const char *passwd, uchar old_pw_hash[16], BOOL unicode) -{ - int new_pw_len = strlen(passwd) * (unicode ? 2 : 1); - - if (new_pw_len > 512) - { - DEBUG(0,("make_oem_passwd_hash: new password is too long.\n")); - return False; - } - - /* - * Now setup the data area. - * We need to generate a random fill - * for this area to make it harder to - * decrypt. JRA. - */ - generate_random_buffer((unsigned char *)data, 516, False); - if (unicode) - { - struni2( &data[512 - new_pw_len], passwd); - } - else - { - fstrcpy( &data[512 - new_pw_len], passwd); - } - SIVAL(data, 512, new_pw_len); - -#ifdef DEBUG_PASSWORD - DEBUG(100,("make_oem_passwd_hash\n")); - dump_data(100, data, 516); -#endif - SamOEMhash( (unsigned char *)data, (unsigned char *)old_pw_hash, True); - - return True; -} - -#endif diff --git a/smbutil.c b/smbutil.c index d1d127fc..66f5d565 100644 --- a/smbutil.c +++ b/smbutil.c @@ -1,3 +1,4 @@ +#include "fetchmail.h" #include #include #include @@ -7,7 +8,6 @@ #include "ntlm.h" #include "smbencrypt.h" #include "smbbyteorder.h" -#include "fetchmail.h" char versionString[] ="libntlm version 0.21"; diff --git a/socket.c b/socket.c index cb93b60e..a0d5aadc 100644 --- a/socket.c +++ b/socket.c @@ -9,6 +9,8 @@ */ #include "config.h" +#include "fetchmail.h" + #include #include #include @@ -48,7 +50,6 @@ #endif #include "socket.h" -#include "fetchmail.h" #include "getaddrinfo.h" #include "i18n.h" #include "sdump.h" @@ -226,7 +227,7 @@ int UnixOpen(const char *path) return -1; } - /* Socket opened saved. Usefull if connect timeout + /* Socket opened saved. Useful if connect timeout * because it can be closed. */ mailserver_socket_temp = sock; @@ -374,6 +375,10 @@ va_dcl { } #ifdef SSL_ENABLE +/* OPENSSL_NO_SSL_INTERN: + transitional feature for OpenSSL 1.0.1 up to and excluding 1.1.0 + to make sure we do not access internal structures! */ +#define OPENSSL_NO_SSL_INTERN 1 #define OPENSSL_NO_DEPRECATED 23 #include #include @@ -616,7 +621,7 @@ SSL *SSLGetContext( int sock ) /* ok_return (preverify_ok) is 1 if this stage of certificate verification passed, or 0 if it failed. This callback lets us display informative errors, and perform additional validation (e.g. CN matches) */ -static int SSL_verify_callback( int ok_return, X509_STORE_CTX *ctx, int strict ) +static int SSL_verify_callback(int ok_return, X509_STORE_CTX *ctx, int strict) { #define SSLverbose (((outlevel) >= O_DEBUG) || ((outlevel) >= O_VERBOSE && (depth) == 0)) char buf[257]; @@ -847,7 +852,7 @@ static int SSL_verify_callback( int ok_return, X509_STORE_CTX *ctx, int strict ) _verify_ok &= ok_return; if (!strict) ok_return = 1; - return (ok_return); + return ok_return; } static int SSL_nock_verify_callback( int ok_return, X509_STORE_CTX *ctx ) @@ -1108,6 +1113,7 @@ int SSLOpen(int sock, char *mycert, char *mykey, const char *myproto, int certck available protocol, subject to SSL_OP_NO* constraints. */ _ctx[sock] = SSL_CTX_new(SSLv23_client_method()); } + if(_ctx[sock] == NULL) { unsigned long ec = ERR_peek_last_error(); ERR_print_errors_fp(stderr); diff --git a/socket.h b/socket.h index 0c4ac001..d2a5ef1d 100644 --- a/socket.h +++ b/socket.h @@ -20,7 +20,6 @@ struct addrinfo; /** Create a new client socket; returns -1 on error */ int SockOpen(const char *host, const char *service, const char *plugin, struct addrinfo **); - /** Get a string terminated by an '\n' (matches interface of fgets). Pass it a valid socket, a buffer for the string, and diff --git a/strlcat.c b/strlcat.c index 22428d68..0af16670 100644 --- a/strlcat.c +++ b/strlcat.c @@ -17,6 +17,9 @@ * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ +#include "config.h" +#include "fetchmail.h" + #include #include #include diff --git a/strlcpy.c b/strlcpy.c index 5963dfe3..c9f0ef2b 100644 --- a/strlcpy.c +++ b/strlcpy.c @@ -17,6 +17,9 @@ * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ +#include "config.h" +#include "fetchmail.h" + #include #include #include diff --git a/transact.c b/transact.c index f73dd0da..c3d8a35d 100644 --- a/transact.c +++ b/transact.c @@ -6,6 +6,7 @@ */ #include "config.h" +#include "fetchmail.h" #include #include #include @@ -35,7 +36,6 @@ #include "i18n.h" #include "socket.h" -#include "fetchmail.h" /** Macro to clamp the argument so it is >= INT_MIN. */ #define _FIX_INT_MIN(x) ((x) < INT_MIN ? INT_MIN : (x)) @@ -888,24 +888,6 @@ eoh: else if (!strncasecmp("Resent-Sender:", line, 14) && (strchr(line, '@') || strchr(line, '!'))) resent_sender_offs = (line - msgblk.headers); -#ifdef __UNUSED__ - else if (!strncasecmp("Message-Id:", line, 11)) - { - if (ctl->server.uidl) - { - char id[IDLEN+1]; - - line[IDLEN+12] = 0; /* prevent stack overflow */ - sscanf(line+12, "%s", id); - if (!str_find( &ctl->newsaved, num)) - { - struct idlist *newl = save_str(&ctl->newsaved,id,UID_SEEN); - newl->val.status.num = num; - } - } - } -#endif /* __UNUSED__ */ - /* if multidrop is on, gather addressee headers */ if (MULTIDROP(ctl)) { diff --git a/ucs/norm_charmap.c b/ucs/norm_charmap.c index dedad326..07c5d2a9 100644 --- a/ucs/norm_charmap.c +++ b/ucs/norm_charmap.c @@ -26,6 +26,7 @@ #include "config.h" /* import AC_C_CONST effects */ #include "norm_charmap.h" +#include "fetchmail.h" #include diff --git a/uid.c b/uid.c index 2db06733..8583a49a 100644 --- a/uid.c +++ b/uid.c @@ -23,10 +23,9 @@ #include "sdump.h" /* - * Machinery for handling UID lists live here. This is mainly to support - * RFC1725/RFC1939-conformant POP3 servers without a LAST command, but may also - * be useful for making the IMAP4 querying logic UID-oriented, if a future - * revision of IMAP forces me to. + * Machinery for handling UID lists live here. This is currently used + * by POP3, but may also be useful for making the IMAP4 querying logic + * UID-oriented. * * These functions are also used by the rest of the code to maintain * string lists. @@ -121,6 +120,7 @@ static int dump_saved_uid(struct uid_db_record *rec, void *unused) return 0; } +/** Read saved IDs from \a idfile and attach to each host in \a hostlist. */ void initialize_saved_lists(struct query *hostlist, const char *idfile) { struct stat statbuf; @@ -347,7 +347,7 @@ static void dump_uid_db(struct uid_db *db) traverse_uid_db(db, dump_uid_db_record, &n_recs); } -/* finish a query */ +/** Finish a successful query */ void uid_swap_lists(struct query *ctl) { /* debugging code */ @@ -390,7 +390,7 @@ void uid_swap_lists(struct query *ctl) report(stdout, GT_("not swapping UID lists, no UIDs seen this query\n")); } -/* finish a query which had errors */ +/** Finish a query which had errors */ void uid_discard_new_list(struct query *ctl) { /* debugging code */ @@ -446,6 +446,7 @@ static int write_uid_db_record(struct uid_db_record *rec, void *arg) return rc < 0 ? -1 : 0; } +/** Write new list of UIDs (state) to \a idfile. */ void write_saved_lists(struct query *hostlist, const char *idfile) { long idcount; @@ -504,7 +505,7 @@ void write_saved_lists(struct query *hostlist, const char *idfile) bailout: (void)fflush(tmpfp); /* return code ignored, we check ferror instead */ errflg |= ferror(tmpfp); - fclose(tmpfp); + errflg |= fclose(tmpfp); /* if we could write successfully, move into place; * otherwise, drop */ if (errflg) { diff --git a/unmime.c b/unmime.c index 5f743e36..d3f779bc 100644 --- a/unmime.c +++ b/unmime.c @@ -13,12 +13,12 @@ * For license terms, see the file COPYING in this directory. */ +#include "fetchmail.h" #include "config.h" #include #include #include #include -#include "fetchmail.h" #include "i18n.h" static unsigned char unhex(unsigned char c) -- cgit v1.2.3