Commit b11b996a authored by Eric S. Raymond's avatar Eric S. Raymond

Caseblind comparison of names, more explicitness about Kerberos.

svn path=/trunk/; revision=988
parent 549a2fc9
......@@ -14,9 +14,8 @@ every user entry in a multi-user poll declaration.
technically RFC822 legal. The general problem is mentioned on the man page.
* fetchmail has been reported to break when processing 0-length (bodyless)
messages retrieved via IMAP. It is not clear whether this is a fetchmail
bug or a glitch in some specific IMAP server. (Such messages are sometimes
issued by the INN suite as status notifications.)
messages retrieved via IMAP. (Such messages are sometimes issued by the
INN suite as status notifications.)
* Dave Holland <[email protected]> thinks it's a misfeature that
--fetchall overrides --limit. He may have a point. Perhaps I should
......@@ -30,8 +29,11 @@ every user entry in a multi-user poll declaration.
pl 3.9.4 ():
* Fixed a compilation glitch for systems like SunOS & others without atexit(3).
* Fixed a compilation glitch in daemonize for HP-UX.
* Changes to compile correctly on systems that have on_exit() but not atexit().
* Changes to forbid duplicate server names in the rc file.
* Do caseblind comparisons of host and user names everywhere.
------------------------------------------------------------------------------
There are 239 people on the fetchmail-friends list.
pl 3.9.3 (Wed May 7 11:40:47 EDT 1997):
* Fix for -I option from George Sipe.
......@@ -177,7 +179,7 @@ bugs --
* The counter referred to by the batchlimit option used to count not only
fetched messages but skipped ones. This has been fixed.
* Compilation fixes for Kerberos support and GNU glibc2 support.
* Compilation fixes for Kerberos V4 support and GNU glibc2 support.
There are 230 people on the fetchmail-friends list.
......@@ -540,7 +542,7 @@ features --
bugs --
* Nalin Dahyabhai's fix patch for MIT Kerberos support.
* Nalin Dahyabhai's fix patch for MIT Kerberos V4 support.
* Fixed a fencepost error in the APOP code that was causing a core dump.
......@@ -642,7 +644,7 @@ features --
who forced us to this with RFC1725, but thank Al Longyear <[email protected]>
for fixing and verifying my slightly buggy implementation.
* Kerberos support ditto. Thanks to Chris Hanson <[email protected]>
* Kerberos V4 support ditto. Thanks to Chris Hanson <[email protected]>
for this feature.
* When there's a daemon fetchmail in background, running fetchmail in
......@@ -713,7 +715,7 @@ features --
* Linux packagers: building fetchmail now generates an RPM specfile for it.
* Kerberos support via KPOP protocol (thanks to Chris Hanson).
* Kerberos V4 support via KPOP protocol (thanks to Chris Hanson).
* New --check option for asking server whether there is mail without
actually retrieving or deleting it.
......
......@@ -48,7 +48,7 @@ Since 2.0:
** Support POP2, APOP, RPOP, IMAP2, IMAP2bis, IMAP3, IMAP4, IMAP4rev1.
** Support for Kerberos user authentication (either MIT or Cygnus).
** Support for Kerberos V4 user authentication (either MIT or Cygnus).
** Host is auto-probed for a working server if no protocol is
specified for the connection. Thus you don't need to know
......
......@@ -1168,9 +1168,9 @@ const struct method *proto; /* protocol method table */
void (*sigsave)();
#ifndef KERBEROS_V4
if (ctl->server.authenticate == A_KERBEROS)
if (ctl->server.authenticate == A_KERBEROS_V4)
{
error(0, -1, "Kerberos support not linked.");
error(0, -1, "Kerberos V4 support not linked.");
return(PS_ERROR);
}
#endif /* KERBEROS_V4 */
......@@ -1245,7 +1245,7 @@ const struct method *proto; /* protocol method table */
}
#ifdef KERBEROS_V4
if (ctl->server.authenticate == A_KERBEROS)
if (ctl->server.authenticate == A_KERBEROS_V4)
{
ok = kerberos_auth(fileno(sockfp), ctl->server.canonical_name);
if (ok != 0)
......
......@@ -300,7 +300,7 @@ int main (int argc, char **argv)
for (ctl = querylist; ctl; ctl = ctl->next)
if (ctl->active && !(implicitmode && ctl->server.skip) && !ctl->password)
{
if (ctl->server.authenticate == A_KERBEROS)
if (ctl->server.authenticate == A_KERBEROS_V4)
/* Server won't care what the password is, but there
must be some non-null string here. */
ctl->password = ctl->remotename;
......@@ -402,7 +402,7 @@ int main (int argc, char **argv)
* as a probe to make sure our nameserver is still up.
* The multidrop case (especially) needs it.
*/
if (ctl->server.authenticate == A_KERBEROS || MULTIDROP(ctl))
if (ctl->server.authenticate==A_KERBEROS_V4 || MULTIDROP(ctl))
{
struct hostent *namerec;
......@@ -823,7 +823,7 @@ void dump_params (struct query *ctl)
printf(" Password = '%s'.\n", visbuf(ctl->password));
if (ctl->server.protocol == P_POP3
&& ctl->server.port == KPOP_PORT
&& ctl->server.authenticate == A_KERBEROS)
&& ctl->server.authenticate == A_KERBEROS_V4)
printf(" Protocol is KPOP");
else
printf(" Protocol is %s", showproto(ctl->server.protocol));
......@@ -835,8 +835,8 @@ void dump_params (struct query *ctl)
printf(" (forcing UIDL use)");
putchar('.');
putchar('\n');
if (ctl->server.authenticate == A_KERBEROS)
printf(" Kerberos authentication enabled.\n");
if (ctl->server.authenticate == A_KERBEROS_V4)
printf(" Kerberos V4 preauthentication enabled.\n");
printf(" Server nonresponse timeout is %d seconds", ctl->server.timeout);
if (ctl->server.timeout == CLIENT_TIMEOUT)
printf(" (default).\n");
......
......@@ -14,8 +14,8 @@
#define KPOP_PORT 1109
/* authentication types */
#define A_PASSWORD 0 /* passwords in cleartext */
#define A_KERBEROS 1 /* get Kerberos V4 ticket */
#define A_PASSWORD 0 /* password or inline authentication */
#define A_KERBEROS_V4 1 /* preauthenticate w/ Kerberos V4 */
/* definitions for buffer sizes -- somewhat arbitrary */
#define POPBUFSIZE 512 /* per RFC 937 */
......
......@@ -139,7 +139,7 @@ Use POP3 with MD5 authentication.
.IP RPOP
Use POP3 with RPOP authentication.
.IP KPOP
Use POP3 with Kerberos authentication on port 1109.
Use POP3 with Kerberos V4 authentication on port 1109.
.IP IMAP
IMAP2bis, IMAP4, or IMAP4rev1 (\fIfetchmail\fR autodetects their capabilities).
.IP ETRN
......@@ -258,11 +258,12 @@ no other activity has occurred on the link, then the poll will be
skipped. This option is currently only supported under Linux.
.TP
.B \-A, --auth
This option permits you to specify an authentication type (see USER
This option permits you to specify a preauthentication type (see USER
AUTHENTICATION below for details). The possible values are
\&`\fBpassword\fR' and `\fBkerberos\fR'. This option is provided
\&`\fBpassword\fR' and `\fBkerberos\fR' (or, for excruciating
exactness, `\fBkerberos_v4\fR'). This option is provided
primarily for developers; choosing KPOP protocol automatically selects
Kerberos authentication, and all other alternatives use ordinary
Kerberos preauthentication, and all other alternatives use ordinary
password authentication (though APOP uses a generated one-time
key as the password).
This option does not work with ETRN.
......@@ -385,8 +386,8 @@ the server greeting time to the server, which can verify it by
checking its authorization database.
.PP
If your \fIfetchmail\fR was built with Kerberos support and you specify
Kerberos authentication (either with --auth or the \fI.fetchmailrc\fR
option \fBauthenticate kerberos\fR) it will try to get a Kerberos
Kerberos preauthentication (either with --auth or the \fI.fetchmailrc\fR
option \fBauthenticate kerberos_v4\fR) it will try to get a Kerberos
ticket from the mailserver at the start of each query.
.SH DAEMON MODE
......@@ -730,7 +731,7 @@ as in APOP); the second tells \fIfetchmail\fR to try to get a Kerberos
ticket at the start of each query instead, and send an arbitrary
string as the password.
.PP
Specifying `kpop' sets POP3 protocol over port 1109 with Kerberos
Specifying `kpop' sets POP3 protocol over port 1109 with Kerberos V4
authentication. These defaults may be overridden by later options.
.PP
You can use the noise keywords `and', `with',
......
......@@ -186,7 +186,7 @@ struct query *ctl; /* option record to be initialized */
{
ctl->server.protocol = P_POP3;
ctl->server.port = KPOP_PORT;
ctl->server.authenticate = A_KERBEROS;
ctl->server.authenticate = A_KERBEROS_V4;
}
else if (strcasecmp(optarg,"etrn") == 0)
ctl->server.protocol = P_ETRN;
......@@ -208,7 +208,9 @@ struct query *ctl; /* option record to be initialized */
if (strcmp(optarg, "password") == 0)
ctl->server.authenticate = A_PASSWORD;
else if (strcmp(optarg, "kerberos") == 0)
ctl->server.authenticate = A_KERBEROS;
ctl->server.authenticate = A_KERBEROS_V4;
else if (strcmp(optarg, "kerberos_v4") == 0)
ctl->server.authenticate = A_KERBEROS_V4;
else {
fprintf(stderr,"Invalid authentication `%s' specified.\n", optarg);
errflag++;
......
......@@ -34,7 +34,8 @@ local(domains) { return LOCALDOMAINS; }
proto(col)? { return PROTOCOL; }
port { return PORT; }
auth(enticate)? { return AUTHENTICATE; }
kerberos { return KERBEROS; }
kerberos_v4 { return KERBEROS_V4; }
kerberos { return KERBEROS_V4; }
timeout { return TIMEOUT;}
envelope { return ENVELOPE; }
......
......@@ -32,6 +32,7 @@ static int prc_errflag;
static void record_current();
static void user_reset();
static int reset_server(char *name, int skip);
%}
%union {
......@@ -41,7 +42,7 @@ static void user_reset();
}
%token DEFAULTS POLL SKIP AKA LOCALDOMAINS PROTOCOL
%token AUTHENTICATE TIMEOUT KPOP KERBEROS
%token AUTHENTICATE TIMEOUT KPOP KERBEROS_V4
%token ENVELOPE USERNAME PASSWORD FOLDER SMTPHOST MDA PRECONNECT LIMIT
%token IS HERE THERE TO MAP WILDCARD
%token SET BATCHLIMIT FETCHLIMIT LOGFILE DAEMON INTERFACE MONITOR
......@@ -74,14 +75,27 @@ statement : SET LOGFILE MAP STRING {logfile = xstrdup($4);}
| define_server serverspecs userspecs
;
define_server : POLL STRING {memset(&current,'\0',sizeof(current));
save_str(&current.server.names, -1,$2);
current.server.skip = FALSE;}
| SKIP STRING {memset(&current,'\0',sizeof(current));
save_str(&current.server.names, -1,$2);
current.server.skip = TRUE;}
| DEFAULTS {memset(&current,'\0',sizeof(current));
save_str(&current.server.names, -1,"defaults");}
define_server : POLL STRING {
if (!reset_server($2, FALSE))
{
yyerror("duplicate entry name not allowed");
YYERROR;
}
}
| SKIP STRING {
if (!reset_server($2, TRUE))
{
yyerror("duplicate entry name not allowed");
YYERROR;
}
}
| DEFAULTS {
if (!reset_server("defaults", FALSE))
{
yyerror("can't have two default entries");
YYERROR;
}
}
;
serverspecs : /* EMPTY */
......@@ -101,14 +115,14 @@ serv_option : AKA alias_list
| PROTOCOL PROTO {current.server.protocol = $2;}
| PROTOCOL KPOP {
current.server.protocol = P_POP3;
current.server.authenticate = A_KERBEROS;
current.server.authenticate = A_KERBEROS_V4;
current.server.port = KPOP_PORT;
}
| UIDL {current.server.uidl = FLAG_TRUE;}
| NO UIDL {current.server.uidl = FLAG_FALSE;}
| PORT NUMBER {current.server.port = $2;}
| AUTHENTICATE PASSWORD {current.server.authenticate = A_PASSWORD;}
| AUTHENTICATE KERBEROS {current.server.authenticate = A_KERBEROS;}
| AUTHENTICATE KERBEROS_V4 {current.server.authenticate = A_KERBEROS_V4;}
| TIMEOUT NUMBER {current.server.timeout = $2;}
| ENVELOPE STRING {current.server.envelope = xstrdup($2);}
| INTERFACE STRING {
......@@ -303,6 +317,23 @@ const char *pathname; /* pathname for the configuration file */
return(0);
}
static int reset_server(char *name, int skip)
/* clear the entire global record and initialize it with a new name */
{
struct query *ctl;
/* don't allow name collisions, this screws up the data structures */
for (ctl = querylist; ctl; ctl = ctl->next)
if (strcmp(name, ctl->server.names->id) == 0)
return(FALSE);
memset(&current,'\0',sizeof(current));
save_str(&current.server.names, -1, name);
current.server.skip = skip;
return(TRUE);
}
static void user_reset(void)
/* clear the global current record (server parameters) used by the parser */
{
......
......@@ -224,8 +224,15 @@ error (status, errnum, message, va_alist)
fprintf (stderr, message, a1, a2, a3, a4, a5, a6, a7, a8);
#endif
if (errnum)
fprintf (stderr, ": %s", strerror (errnum));
if (errnum) {
char *tmps = strerror(errnum);
if (tmps) {
fprintf (stderr, ": %s", tmps);
}
else {
fprintf (stderr, ": Error %d", errnum);
}
}
putc ('\n', stderr);
fflush (stderr);
}
......
......@@ -2,7 +2,7 @@
#
# This file (or one of your own creation, rather) should be located
# in your home directory with the name .fetchmailrc. Permissions on this
# file may be no greater than -rw-------, or fetchmail will refuse to
# file may be no greater than -rw------- (0600), or fetchmail will refuse to
# use it.
#
# To see what effect your ~/.fetchmailrc file has, do
......
......@@ -23,9 +23,7 @@
* Machinery for handling UID lists live here. This is mainly to support
* RFC1725-conformant POP3 servers without a LAST command, but may also be
* useful for making the IMAP4 querying logic UID-oriented, if a future
* revision of IMAP forces me to. (This would be bad. Server-side
* seen bits are better than UIDs, because they track messages seen by
* *all* clients.)
* revision of IMAP forces me to.
*
* Here's the theory:
*
......@@ -57,6 +55,8 @@
* At the end of the fetchmail run, all current `oldsaved' lists are
* flushed out to the .fetchids file to be picked up by the next run.
* If there are no such messages, the file is deleted.
*
* Note: all comparisons are caseblind!
*/
/* UIDs associated with un-queried hosts */
......@@ -84,8 +84,8 @@ void initialize_saved_lists(struct query *hostlist, const char *idfile)
{
for (ctl = hostlist; ctl; ctl = ctl->next)
{
if (strcmp(host, ctl->server.names->id) == 0
&& strcmp(user, ctl->remotename) == 0)
if (strcasecmp(host, ctl->server.names->id) == 0
&& strcasecmp(user, ctl->remotename) == 0)
{
save_str(&ctl->oldsaved, -1, id);
break;
......@@ -186,11 +186,11 @@ char *str_find(struct idlist **idl, int number)
}
char *idpair_find(struct idlist **idl, const char *id)
/* return the id of the given number in the given list. */
/* return the id of the given id in the given list (caseblind comparison) */
{
if (*idl == (struct idlist *) 0)
return((char *) 0);
else if (strcmp(id, (*idl)->id) == 0)
else if (strcasecmp(id, (*idl)->id) == 0)
return((*idl)->val.id2 ? (*idl)->val.id2 : (*idl)->id);
else
return(idpair_find(&(*idl)->next, id));
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment