%{ /* * rcfile_y.y -- Run control file parser for fetchmail * * For license terms, see the file COPYING in this directory. */ #include "config.h" #include #include #include #if defined(HAVE_SYS_WAIT_H) #include #endif #include #include #if defined(STDC_HEADERS) #include #endif #if defined(HAVE_UNISTD_H) #include #endif #include #if defined(__CYGWIN__) #include #endif /* __CYGWIN__ */ #include "fetchmail.h" #include "i18n.h" /* parser reads these */ char *rcfile; /* path name of rc file */ struct query cmd_opts; /* where to put command-line info */ /* parser sets these */ struct query *querylist; /* head of server list (globally visible) */ int yydebug; /* in case we didn't generate with -- debug */ static struct query current; /* current server record */ static int prc_errflag; static struct hostdata *leadentry; static flag trailer; static void record_current(void); static void user_reset(void); static void reset_server(const char *name, int skip); /* these should be of size PATH_MAX */ char currentwd[1024] = "", rcfiledir[1024] = ""; /* using Bison, this arranges that yydebug messages will show actual tokens */ extern char * yytext; #define YYPRINT(fp, type, val) fprintf(fp, " = \"%s\"", yytext) %} %union { int proto; int number; char *sval; } %token DEFAULTS POLL SKIP VIA AKA LOCALDOMAINS PROTOCOL %token AUTHENTICATE TIMEOUT KPOP SDPS ENVELOPE QVIRTUAL %token USERNAME PASSWORD FOLDER SMTPHOST FETCHDOMAINS MDA BSMTP LMTP %token SMTPADDRESS SMTPNAME SPAMRESPONSE PRECONNECT POSTCONNECT LIMIT WARNINGS %token INTERFACE MONITOR PLUGIN PLUGOUT %token IS HERE THERE TO MAP WILDCARD %token BATCHLIMIT FETCHLIMIT FETCHSIZELIMIT FASTUIDL EXPUNGE PROPERTIES %token SET LOGFILE DAEMON SYSLOG IDFILE INVISIBLE POSTMASTER BOUNCEMAIL %token SPAMBOUNCE SHOWDOTS %token PROTO AUTHTYPE %token STRING %token NUMBER %token NO KEEP FLUSH FETCHALL REWRITE FORCECR STRIPCR PASS8BITS %token DROPSTATUS DROPDELIVERED %token DNS SERVICE PORT UIDL INTERVAL MIMEDECODE IDLE CHECKALIAS %token SSL SSLKEY SSLCERT SSLPROTO SSLCERTCK SSLCERTPATH SSLFINGERPRINT %token PRINCIPAL ESMTPNAME ESMTPPASSWORD %token TRACEPOLLS %% rcfile : /* empty */ | statement_list ; statement_list : statement | statement_list statement ; optmap : MAP | /* EMPTY */; /* future global options should also have the form SET optmap */ statement : SET LOGFILE optmap STRING {run.logfile = prependdir ($4, rcfiledir);} | SET IDFILE optmap STRING {run.idfile = prependdir ($4, rcfiledir);} | SET DAEMON optmap NUMBER {run.poll_interval = $4;} | SET POSTMASTER optmap STRING {run.postmaster = xstrdup($4);} | SET BOUNCEMAIL {run.bouncemail = TRUE;} | SET NO BOUNCEMAIL {run.bouncemail = FALSE;} | SET SPAMBOUNCE {run.spambounce = TRUE;} | SET NO SPAMBOUNCE {run.spambounce = FALSE;} | SET PROPERTIES optmap STRING {run.properties =xstrdup($4);} | SET SYSLOG {run.use_syslog = TRUE;} | SET NO SYSLOG {run.use_syslog = FALSE;} | SET INVISIBLE {run.invisible = TRUE;} | SET NO INVISIBLE {run.invisible = FALSE;} | SET SHOWDOTS {run.showdots = FLAG_TRUE;} | SET NO SHOWDOTS {run.showdots = FLAG_FALSE;} /* * The way the next two productions are written depends on the fact that * userspecs cannot be empty. It's a kluge to deal with files that set * up a load of defaults and then have poll statements following with no * user options at all. */ | define_server serverspecs {record_current();} | define_server serverspecs userspecs /* detect and complain about the most common user error */ | define_server serverspecs userspecs serv_option {yyerror(GT_("server option after user options"));} ; define_server : POLL STRING {reset_server($2, FALSE);} | SKIP STRING {reset_server($2, TRUE);} | DEFAULTS {reset_server("defaults", FALSE);} ; serverspecs : /* EMPTY */ | serverspecs serv_option ; alias_list : STRING {save_str(¤t.server.akalist,$1,0);} | alias_list STRING {save_str(¤t.server.akalist,$2,0);} ; domain_list : STRING {save_str(¤t.server.localdomains,$1,0);} | domain_list STRING {save_str(¤t.server.localdomains,$2,0);} ; serv_option : AKA alias_list | VIA STRING {current.server.via = xstrdup($2);} | LOCALDOMAINS domain_list | PROTOCOL PROTO {current.server.protocol = $2;} | PROTOCOL KPOP { current.server.protocol = P_POP3; if (current.server.authenticate == A_PASSWORD) #ifdef KERBEROS_V5 current.server.authenticate = A_KERBEROS_V5; #else current.server.authenticate = A_KERBEROS_V4; #endif /* KERBEROS_V5 */ #ifdef INET6_ENABLE current.server.service = KPOP_PORT; #else /* INET6_ENABLE */ current.server.port = KPOP_PORT; #endif /* INET6_ENABLE */ } | PRINCIPAL STRING {current.server.principal = xstrdup($2);} | ESMTPNAME STRING {current.server.esmtp_name = xstrdup($2);} | ESMTPPASSWORD STRING {current.server.esmtp_password = xstrdup($2);} | PROTOCOL SDPS { #ifdef SDPS_ENABLE current.server.protocol = P_POP3; current.server.sdps = TRUE; #else yyerror(GT_("SDPS not enabled.")); #endif /* SDPS_ENABLE */ } | UIDL {current.server.uidl = FLAG_TRUE;} | NO UIDL {current.server.uidl = FLAG_FALSE;} | CHECKALIAS {current.server.checkalias = FLAG_TRUE;} | NO CHECKALIAS {current
NTLM support by Grant Edwards <grante@visi.com>

This directory contains sources for a library which provides
routines to manipulate the structures used for the client end
of Microsoft NTLM authentication.

This code (the ntlm.h file and smb*.[ch] files) was taken mostly from
the Samba project and was initially intended for use with Microsoft
Exchange Server when it is configured to require NTLM authentication
for clients of its IMAP server.

Not much effort has been put into making this portable, and the author
only know for sure that it works on i386 Linux glibc systems -- though
there shouldn't be anything all that system-specific anywhere.  System
byte order differences should already be taken care of.

USAGE  
  
The application program must convert these structures to/from base64
which is used to transfer data for IMAP authentication.  For example
usage see the sources for the mutt MUA or here in the fetchmail
package.

In general the usage is something like shown below (no, I don't
know if this code even compiles, but you get the idea
hopefully):


#include <ntlm.h>

extern char *seqTag;  /* IMAP sequence number */

int imap_auth_ntlm(char *user, char *domain, char *pass)
{
  tSmbNtlmAuthRequest   request;              
  tSmbNtlmAuthChallenge challenge;
  tSmbNtlmAuthResponse  response;
  char buffer[512];
  char tmpstr[32];
  
  writeToServer("%s AUTHENTICATE NTLM\r\n",seqTag);
  readFromServer(buffer)
  
  /* buffer should be "+", but we won't show code to check */

  /* 
   * prepare the request, convert to base64, and send it to
   * the the server.  My server didn't care about domain, and NULL
   * worked fine.
   */

  buildSmbNtlmAuthRequest(&request,user,domain);
  convertToBase64(buffer, &request, SmbLength(&request));
  writeToServer("%s\r\n",buffer);
  
  /* read challange data from server, convert from base64 */
  
  readFromServer(buffer);
  
  /* buffer should contain the string "+ [base 64 data]" */
  
  convertFromBase64(&challenge, buffer+2);
  
  /* prepare response, convert to base64, send to server */
  
  buildSmbNtlmAuthResponse(&challenge, &response, user, pass);
  convertToBase64(buffer,&response,SmbLength(&response));
  writeToServer("%s\r\n",buffer);
  
  /* read line from server, it should be "[seq] OK blah blah blah" */
  
  readFromServer(buffer);
  
  sprintf(tmpstr,"%s OK",seqTag);
  
  if (strncmp(buffer,tmpstr,strlen(tmpstr)))
  {
    /* login failed */
    return -1;
  }
  
  return 0;
}
generated by cgit v1.2.3 (git 2.39.1) at 2025-03-15 08:48:53 +0000
f(stderr, GT_("File %s must have no more than -rwx--x--- (0710) permissions.\n"), pathname); return(PS_IOERR); } #endif /* __BEOS__ */ #ifdef HAVE_GETEUID if (statbuf.st_uid != geteuid()) #else if (statbuf.st_uid != getuid()) #endif /* HAVE_GETEUID */ { fprintf(stderr, GT_("File %s must be owned by you.\n"), pathname); return(PS_IOERR); } #endif return(PS_SUCCESS); } int prc_parse_file (const char *pathname, const flag securecheck) /* digest the configuration into a linked list of host records */ { prc_errflag = 0; querylist = hosttail = (struct query *)NULL; errno = 0; /* Check that the file is secure */ if ( (prc_errflag = prc_filecheck(pathname, securecheck)) != 0 ) return(prc_errflag); /* * Croak if the configuration directory does not exist. * This probably means an NFS mount failed and we can't * see a configuration file that ought to be there. * Question: is this a portable check? It's not clear * that all implementations of lstat() will return ENOTDIR * rather than plain ENOENT in this case... */ if (errno == ENOTDIR) return(PS_IOERR); else if (errno == ENOENT) return(PS_SUCCESS); /* Open the configuration file and feed it to the lexer. */ if (strcmp(pathname, "-") == 0) yyin = stdin; else if ((yyin = fopen(pathname,"r")) == (FILE *)NULL) { report(stderr, "open: %s: %s\n", pathname, strerror(errno)); return(PS_IOERR); } yyparse(); /* parse entire file */ fclose(yyin); /* not checking this should be safe, file mode was r */ if (prc_errflag) return(PS_SYNTAX); else return(PS_SUCCESS); } static void reset_server(const char *name, int skip) /* clear the entire global record and initialize it with a new name */ { trailer = FALSE; memset(¤t,'\0',sizeof(current)); current.smtp_socket = -1; current.server.pollname = xstrdup(name); current.server.skip = skip; current.server.principal = (char *)NULL; } static void user_reset(void) /* clear the global current record (user parameters) used by the parser */ { struct hostdata save; /* * Purpose of this code is to initialize the new server block, but * preserve whatever server name was previously set. Also * preserve server options unless the command-line explicitly * overrides them. */ save = current.server; memset(¤t, '\0', sizeof(current)); current.smtp_socket = -1; current.server = save; } struct query *hostalloc(init) /* append a host record to the host list */ struct query *init; /* pointer to block containing initial values */ { struct query *node; /* allocate new node */ node = (struct query *) xmalloc(sizeof(struct query)); /* initialize it */ if (init) memcpy(node, init, sizeof(struct query)); else { memset(node, '\0', sizeof(struct query)); node->smtp_socket = -1; } /* append to end of list */ if (hosttail != (struct query *) 0) hosttail->next = node; /* list contains at least one element */ else querylist = node; /* list is empty */ hosttail = node; if (trailer) node->server.lead_server = leadentry; else { node->server.lead_server = NULL; leadentry = &node->server; } return(node); } static void record_current(void) /* register current parameters and append to the host list */ { (void) hostalloc(¤t); trailer = TRUE; } char *prependdir (const char *file, const char *dir) /* if a filename is relative to dir, convert it to an absolute path */ { char *newfile; if (!file[0] || /* null path */ file[0] == '/' || /* absolute path */ strcmp(file, "-") == 0 || /* stdin/stdout */ !dir[0]) /* we don't HAVE_GETCWD */ return xstrdup (file); newfile = xmalloc (strlen (dir) + 1 + strlen (file) + 1); if (dir[strlen(dir) - 1] != '/') sprintf (newfile, "%s/%s", dir, file); else sprintf (newfile, "%s%s", dir, file); return newfile; } /* easier to do this than cope with variations in where the library lives */ int yywrap(void) {return 1;} /* rcfile_y.y ends here */