+static int imap_untagged_response(int sock, const char *buf)
+/* interpret untagged status responses */
+{
+ /* For each individual check, use a BLANK before the word to avoid
+ * confusion with the \Recent flag or similar */
+ if (stage == STAGE_GETAUTH
+ && !strncmp(buf, "* CAPABILITY", 12))
+ {
+ strlcpy(capabilities, buf + 12, sizeof(capabilities));
+ }
+ else if (stage == STAGE_GETAUTH
+ && !strncmp(buf, "* PREAUTH", 9))
+ {
+ preauth = TRUE;
+ }
+ else if (stage != STAGE_LOGOUT
+ && !strncmp(buf, "* BYE", 5))
+ {
+ /* log the unexpected bye from server as we expect the
+ * connection to be cut-off after this */
+ if (outlevel > O_SILENT)
+ report(stderr, GT_("Received BYE response from IMAP server: %s"), buf + 5);
+ }
+ else if (strstr(buf, " EXISTS"))
+ {
+ char *t; unsigned long u;
+ errno = 0;
+ u = strtoul(buf+2, &t, 10);
+ /*
+ * Don't trust the message count passed by the server.
+ * Without this check, it might be possible to do a
+ * DNS-spoofing attack that would pass back a ridiculous
+ * count, and allocate a malloc area that would overlap
+ * a portion of the stack.
+ */
+ if (errno /* strtoul failed */
+ || t == buf+2 /* no valid data */
+ || u > (unsigned long)(INT_MAX/sizeof(int)) /* too large */)
+ {
+ report(stderr, GT_("bogus message count in \"%s\"!"), buf);
+ return(PS_PROTOCOL);
+ }
+ count = u; /* safe as long as count <= INT_MAX - checked above */
+
+ if ((recentcount = count - oldcount) < 0)
+ recentcount = 0;
+
+ /*
+ * Nasty kluge to handle RFC2177 IDLE. If we know we're idling
+ * we can't wait for the tag matching the IDLE; we have to tell the
+ * server the IDLE is finished by shipping back a DONE when we
+ * see an EXISTS. Only after that will a tagged response be
+ * shipped. The idling flag also gets cleared on a timeout.
+ */
+ if (stage == STAGE_IDLE)
+ {
+ /* If IDLE isn't supported, we were only sending NOOPs anyway. */
+ if (has_idle)
+ {
+ /* we do our own write and report here to disable tagging */
+ SockWrite(sock, "DONE\r\n", 6);
+ if (outlevel >= O_MONITOR)
+ report(stdout, "IMAP> DONE\n");
+ }
+
+ mytimeout = saved_timeout;
+ stage = STAGE_GETRANGE;
+ }
+ }
+ /* we now compute recentcount as a difference between
+ * new and old EXISTS, hence disable RECENT check */
+# if 0
+ else if (strstr(buf, " RECENT"))
+ {
+ /* fixme: use strto[u]l and error checking */
+ recentcount = atoi(buf+2);
+ }
+# endif
+ else if (strstr(buf, " EXPUNGE"))
+ {
+ unsigned long u; char *t;
+ /* the response "* 10 EXPUNGE" means that the currently
+ * tenth (i.e. only one) message has been deleted */
+ errno = 0;
+ u = strtoul(buf+2, &t, 10);
+ if (errno /* conversion error */ || t == buf+2 /* no number found */) {
+ report(stderr, GT_("bogus EXPUNGE count in \"%s\"!"), buf);
+ return PS_PROTOCOL;
+ }
+ if (u > 0)
+ {
+ if (count > 0)
+ count--;
+ if (oldcount > 0)
+ oldcount--;
+ /* We do expect an EXISTS response immediately
+ * after this, so this updation of recentcount is
+ * just a precaution! */
+ if ((recentcount = count - oldcount) < 0)
+ recentcount = 0;
+ actual_deletions++;
+ }
+ }
+ /*
+ * The server may decide to make the mailbox read-only,
+ * which causes fetchmail to go into a endless loop
+ * fetching the same message over and over again.
+ *
+ * However, for check_only, we use EXAMINE which will
+ * mark the mailbox read-only as per the RFC.
+ *
+ * This checks for the condition and aborts if
+ * the mailbox is read-only.
+ *
+ * See RFC 2060 section 6.3.1 (SELECT).
+ * See RFC 2060 section 6.3.2 (EXAMINE).
+ */
+ else if (stage == STAGE_GETRANGE
+ && !check_only && strstr(buf, "[READ-ONLY]"))
+ {
+ return(PS_LOCKBUSY);
+ }
+ else
+ {
+ return(PS_UNTAGGED);
+ }
+ return(PS_SUCCESS);
+}
+
+static int imap_response(int sock, char *argbuf, struct RecvSplit *rs)