- gen_send(socket,"USER %s", queryctl->remotename);
- if (pop3_ok(socket, buf) != 0)
- goto badAuth;
+ if ((gen_transact(sock, "USER %s", ctl->remotename)) != 0)
+ PROTOCOL_ERROR
+
+#if defined(HAVE_LIBOPIE) && defined(OPIE_ENABLE)
+ /* see RFC1938: A One-Time Password System */
+ if (challenge = strstr(lastok, "otp-"))
+ {
+ char response[OPIE_RESPONSE_MAX+1];
+
+ /*
+ * Special case in case we're running Craig Metz's
+ * OPIE daemon. Code in opiegenerator() will detect this.
+ */
+ if (ctl->password && !strcmp(ctl->password, "opie"))
+ {
+ if (ok = opiegenerator(challenge, "", response))
+ if (ok != 2)
+ PROTOCOL_ERROR
+ }
+ else if (opiegenerator(challenge, ctl->password, response))
+ PROTOCOL_ERROR
+
+ ok = gen_transact(sock, "PASS %s", response);
+ }
+ else
+#endif /* defined(HAVE_LIBOPIE) && defined(OPIE_ENABLE) */
+ /* ordinary validation, no one-time password */
+ ok = gen_transact(sock, "PASS %s", ctl->password);
+
+ if (ok != 0)
+ {
+ if (ok == PS_LOCKBUSY)
+ LOCKBUSY_ERROR
+ PROTOCOL_ERROR
+ }