#endif /* NET_SECURITY */
#include "fetchmail.h"
-
+#include "i18n.h"
+
/* parser reads these */
char *rcfile; /* path name of rc file */
struct query cmd_opts; /* where to put command-line info */
static struct hostdata *leadentry;
static flag trailer;
-static void record_current();
-static void user_reset();
-static void reset_server(char *name, int skip);
+static void record_current(void);
+static void user_reset(void);
+static void reset_server(const char *name, int skip);
/* using Bison, this arranges that yydebug messages will show actual tokens */
extern char * yytext;
}
%token DEFAULTS POLL SKIP VIA AKA LOCALDOMAINS PROTOCOL
-%token AUTHENTICATE TIMEOUT KPOP SDPS KERBEROS4 KERBEROS5 KERBEROS
-%token ENVELOPE QVIRTUAL USERNAME PASSWORD FOLDER SMTPHOST MDA SMTPADDRESS
-%token SPAMRESPONSE PRECONNECT POSTCONNECT LIMIT
-%token NETSEC INTERFACE MONITOR
+%token AUTHENTICATE TIMEOUT KPOP SDPS ENVELOPE QVIRTUAL
+%token USERNAME PASSWORD FOLDER SMTPHOST FETCHDOMAINS MDA BSMTP LMTP
+%token SMTPADDRESS SMTPNAME SPAMRESPONSE PRECONNECT POSTCONNECT LIMIT WARNINGS
+%token NETSEC INTERFACE MONITOR PLUGIN PLUGOUT
%token IS HERE THERE TO MAP WILDCARD
%token BATCHLIMIT FETCHLIMIT EXPUNGE PROPERTIES
-%token SET LOGFILE DAEMON SYSLOG IDFILE INVISIBLE POSTMASTER WARNINGS
-%token <proto> PROTO
+%token SET LOGFILE DAEMON SYSLOG IDFILE INVISIBLE POSTMASTER BOUNCEMAIL
+%token SPAMBOUNCE SHOWDOTS
+%token <proto> PROTO AUTHTYPE
%token <sval> STRING
%token <number> NUMBER
-%token NO KEEP FLUSH FETCHALL REWRITE FORCECR STRIPCR PASS8BITS DROPSTATUS
-%token DNS SERVICE PORT UIDL INTERVAL MIMEDECODE CHECKALIAS
+%token NO KEEP FLUSH FETCHALL REWRITE FORCECR STRIPCR PASS8BITS
+%token DROPSTATUS DROPDELIVERED
+%token DNS SERVICE PORT UIDL INTERVAL MIMEDECODE IDLE CHECKALIAS
+%token SSL SSLKEY SSLCERT SSLPROTO SSLCERTCK SSLCERTPATH SSLFINGERPRINT
+%token PRINCIPAL
+%token TRACEPOLLS
%%
| SET IDFILE optmap STRING {run.idfile = xstrdup($4);}
| SET DAEMON optmap NUMBER {run.poll_interval = $4;}
| SET POSTMASTER optmap STRING {run.postmaster = xstrdup($4);}
+ | SET BOUNCEMAIL {run.bouncemail = TRUE;}
+ | SET NO BOUNCEMAIL {run.bouncemail = FALSE;}
+ | SET SPAMBOUNCE {run.spambounce = TRUE;}
+ | SET NO SPAMBOUNCE {run.spambounce = FALSE;}
+ | SET PROPERTIES optmap STRING {run.properties =xstrdup($4);}
| SET SYSLOG {run.use_syslog = TRUE;}
+ | SET NO SYSLOG {run.use_syslog = FALSE;}
| SET INVISIBLE {run.invisible = TRUE;}
+ | SET NO INVISIBLE {run.invisible = FALSE;}
+ | SET SHOWDOTS {run.showdots = TRUE;}
+ | SET NO SHOWDOTS {run.showdots = FALSE;}
/*
* The way the next two productions are written depends on the fact that
/* detect and complain about the most common user error */
| define_server serverspecs userspecs serv_option
- {yyerror("server option after user options");}
+ {yyerror(GT_("server option after user options"));}
;
define_server : POLL STRING {reset_server($2, FALSE);}
| PROTOCOL KPOP {
current.server.protocol = P_POP3;
- if (current.server.preauthenticate == A_PASSWORD)
+ if (current.server.authenticate == A_PASSWORD)
#ifdef KERBEROS_V5
- current.server.preauthenticate = A_KERBEROS_V5;
+ current.server.authenticate = A_KERBEROS_V5;
#else
- current.server.preauthenticate = A_KERBEROS_V4;
+ current.server.authenticate = A_KERBEROS_V4;
#endif /* KERBEROS_V5 */
-#if INET6
+#if INET6_ENABLE
current.server.service = KPOP_PORT;
-#else /* INET6 */
+#else /* INET6_ENABLE */
current.server.port = KPOP_PORT;
-#endif /* INET6 */
+#endif /* INET6_ENABLE */
}
+ | PRINCIPAL STRING {current.server.principal = xstrdup($2);}
| PROTOCOL SDPS {
#ifdef SDPS_ENABLE
current.server.protocol = P_POP3;
current.server.sdps = TRUE;
#else
- yyerror("SDPS not enabled.");
+ yyerror(GT_("SDPS not enabled."));
#endif /* SDPS_ENABLE */
}
| UIDL {current.server.uidl = FLAG_TRUE;}
| CHECKALIAS {current.server.checkalias = FLAG_TRUE;}
| NO CHECKALIAS {current.server.checkalias = FLAG_FALSE;}
| SERVICE STRING {
-#if INET6
+#if INET6_ENABLE
current.server.service = $2;
-#endif /* INET6 */
+#endif /* INET6_ENABLE */
}
| PORT NUMBER {
-#if !INET6
- current.server.port = $2;
-#endif /* !INET6 */
- }
- | INTERVAL NUMBER {current.server.interval = $2;}
- | AUTHENTICATE PASSWORD {current.server.preauthenticate = A_PASSWORD;}
- | AUTHENTICATE KERBEROS4 {current.server.preauthenticate = A_KERBEROS_V4;}
- | AUTHENTICATE KERBEROS5 {current.server.preauthenticate = A_KERBEROS_V5;}
- | AUTHENTICATE KERBEROS {
-#ifdef KERBEROS_V5
- current.server.preauthenticate = A_KERBEROS_V5;
+#if INET6_ENABLE
+ int port = $2;
+ char buf[10];
+ sprintf(buf, "%d", port);
+ current.server.service = xstrdup(buf);
#else
- current.server.preauthenticate = A_KERBEROS_V4;
-#endif /* KERBEROS_V5 */
+ current.server.port = $2;
+#endif /* INET6_ENABLE */
}
- | TIMEOUT NUMBER {current.server.timeout = $2;}
-
+ | INTERVAL NUMBER
+ {current.server.interval = $2;}
+ | AUTHENTICATE AUTHTYPE
+ {current.server.authenticate = $2;}
+ | TIMEOUT NUMBER
+ {current.server.timeout = $2;}
| ENVELOPE NUMBER STRING
{
current.server.envelope =
int requestlen;
if (net_security_strtorequest($2, &request, &requestlen))
- yyerror("invalid security request");
+ yyerror(GT_("invalid security request"));
else {
current.server.netsec = xstrdup($2);
free(request);
}
#else
- yyerror("network-security support disabled");
+ yyerror(GT_("network-security support disabled"));
#endif /* NET_SECURITY */
}
| INTERFACE STRING {
-#if defined(linux) && !defined(INET6)
+#if (defined(linux) && !defined(INET6_ENABLE)) || defined(__FreeBSD__)
interface_parse($2, ¤t.server);
-#else /* defined(linux) && !defined(INET6) */
- fprintf(stderr, "fetchmail: interface option is only supported under Linux\n");
-#endif /* defined(linux) && !defined(INET6) */
+#else /* (defined(linux) && !defined(INET6_ENABLE)) || defined(__FreeBSD__) */
+ fprintf(stderr, GT_("fetchmail: interface option is only supported under Linux (without IPv6) and FreeBSD\n"));
+#endif /* (defined(linux) && !defined(INET6_ENABLE)) || defined(__FreeBSD__) */
}
| MONITOR STRING {
-#if defined(linux) && !defined(INET6)
+#if (defined(linux) && !defined(INET6_ENABLE)) || defined(__FreeBSD__)
current.server.monitor = xstrdup($2);
-#else /* defined(linux) && !defined(INET6) */
- fprintf(stderr, "fetchmail: monitor option is only supported under Linux\n");
-#endif /* defined(linux) && !defined(INET6) */
+#else /* (defined(linux) && !defined(INET6_ENABLE)) || defined(__FreeBSD__) */
+ fprintf(stderr, GT_("fetchmail: monitor option is only supported under Linux (without IPv6) and FreeBSD\n"));
+#endif /* (defined(linux) && !defined(INET6_ENABLE) || defined(__FreeBSD__)) */
}
+ | PLUGIN STRING { current.server.plugin = xstrdup($2); }
+ | PLUGOUT STRING { current.server.plugout = xstrdup($2); }
| DNS {current.server.dns = FLAG_TRUE;}
| NO DNS {current.server.dns = FLAG_FALSE;}
| NO ENVELOPE {current.server.envelope = STRING_DISABLED;}
+ | TRACEPOLLS {current.tracepolls = FLAG_TRUE;}
+ | NO TRACEPOLLS {current.tracepolls = FLAG_FALSE;}
;
userspecs : user1opts {record_current(); user_reset();}
| smtp_list STRING {save_str(¤t.smtphunt, $2,TRUE);}
;
+fetch_list : STRING {save_str(¤t.domainlist, $1,TRUE);}
+ | fetch_list STRING {save_str(¤t.domainlist, $2,TRUE);}
+ ;
+
num_list : NUMBER
{
struct idlist *id;
| IS localnames HERE
| IS localnames
- | IS STRING THERE {current.remotename = xstrdup($2);}
- | PASSWORD STRING {current.password = xstrdup($2);}
+ | IS STRING THERE {current.remotename = xstrdup($2);}
+ | PASSWORD STRING {current.password = xstrdup($2);}
| FOLDER folder_list
| SMTPHOST smtp_list
+ | FETCHDOMAINS fetch_list
| SMTPADDRESS STRING {current.smtpaddress = xstrdup($2);}
+ | SMTPNAME STRING {current.smtpname = xstrdup($2);}
| SPAMRESPONSE num_list
- | MDA STRING {current.mda = xstrdup($2);}
- | PRECONNECT STRING {current.preconnect = xstrdup($2);}
+ | MDA STRING {current.mda = xstrdup($2);}
+ | BSMTP STRING {current.bsmtp = xstrdup($2);}
+ | LMTP {current.listener = LMTP_MODE;}
+ | PRECONNECT STRING {current.preconnect = xstrdup($2);}
| POSTCONNECT STRING {current.postconnect = xstrdup($2);}
- | KEEP {current.keep = FLAG_TRUE;}
- | FLUSH {current.flush = FLAG_TRUE;}
- | FETCHALL {current.fetchall = FLAG_TRUE;}
- | REWRITE {current.rewrite = FLAG_TRUE;}
- | FORCECR {current.forcecr = FLAG_TRUE;}
- | STRIPCR {current.stripcr = FLAG_TRUE;}
- | PASS8BITS {current.pass8bits = FLAG_TRUE;}
- | DROPSTATUS {current.dropstatus = FLAG_TRUE;}
- | MIMEDECODE {current.mimedecode = FLAG_TRUE;}
-
- | NO KEEP {current.keep = FLAG_FALSE;}
- | NO FLUSH {current.flush = FLAG_FALSE;}
- | NO FETCHALL {current.fetchall = FLAG_FALSE;}
- | NO REWRITE {current.rewrite = FLAG_FALSE;}
- | NO FORCECR {current.forcecr = FLAG_FALSE;}
- | NO STRIPCR {current.stripcr = FLAG_FALSE;}
- | NO PASS8BITS {current.pass8bits = FLAG_FALSE;}
- | NO DROPSTATUS {current.dropstatus = FLAG_FALSE;}
- | NO MIMEDECODE {current.mimedecode = FLAG_FALSE;}
-
- | LIMIT NUMBER {current.limit = NUM_VALUE($2);}
- | WARNINGS NUMBER {current.warnings = NUM_VALUE($2);}
- | FETCHLIMIT NUMBER {current.fetchlimit = NUM_VALUE($2);}
- | BATCHLIMIT NUMBER {current.batchlimit = NUM_VALUE($2);}
- | EXPUNGE NUMBER {current.expunge = NUM_VALUE($2);}
-
- | PROPERTIES STRING {current.properties = xstrdup($2);}
+ | KEEP {current.keep = FLAG_TRUE;}
+ | FLUSH {current.flush = FLAG_TRUE;}
+ | FETCHALL {current.fetchall = FLAG_TRUE;}
+ | REWRITE {current.rewrite = FLAG_TRUE;}
+ | FORCECR {current.forcecr = FLAG_TRUE;}
+ | STRIPCR {current.stripcr = FLAG_TRUE;}
+ | PASS8BITS {current.pass8bits = FLAG_TRUE;}
+ | DROPSTATUS {current.dropstatus = FLAG_TRUE;}
+ | DROPDELIVERED {current.dropdelivered = FLAG_TRUE;}
+ | MIMEDECODE {current.mimedecode = FLAG_TRUE;}
+ | IDLE {current.idle = FLAG_TRUE;}
+
+ | SSL {current.use_ssl = FLAG_TRUE;}
+ | SSLKEY STRING {current.sslkey = xstrdup($2);}
+ | SSLCERT STRING {current.sslcert = xstrdup($2);}
+ | SSLPROTO STRING {current.sslproto = xstrdup($2);}
+ | SSLCERTCK {current.sslcertck = FLAG_TRUE;}
+ | SSLCERTPATH STRING {current.sslcertpath = xstrdup($2);}
+ | SSLFINGERPRINT STRING {current.sslfingerprint = xstrdup($2);}
+
+ | NO KEEP {current.keep = FLAG_FALSE;}
+ | NO FLUSH {current.flush = FLAG_FALSE;}
+ | NO FETCHALL {current.fetchall = FLAG_FALSE;}
+ | NO REWRITE {current.rewrite = FLAG_FALSE;}
+ | NO FORCECR {current.forcecr = FLAG_FALSE;}
+ | NO STRIPCR {current.stripcr = FLAG_FALSE;}
+ | NO PASS8BITS {current.pass8bits = FLAG_FALSE;}
+ | NO DROPSTATUS {current.dropstatus = FLAG_FALSE;}
+ | NO DROPDELIVERED {current.dropdelivered = FLAG_FALSE;}
+ | NO MIMEDECODE {current.mimedecode = FLAG_FALSE;}
+ | NO IDLE {current.idle = FLAG_FALSE;}
+
+ | NO SSL {current.use_ssl = FLAG_FALSE;}
+
+ | LIMIT NUMBER {current.limit = NUM_VALUE_IN($2);}
+ | WARNINGS NUMBER {current.warnings = NUM_VALUE_IN($2);}
+ | FETCHLIMIT NUMBER {current.fetchlimit = NUM_VALUE_IN($2);}
+ | BATCHLIMIT NUMBER {current.batchlimit = NUM_VALUE_IN($2);}
+ | EXPUNGE NUMBER {current.expunge = NUM_VALUE_IN($2);}
+
+ | PROPERTIES STRING {current.properties = xstrdup($2);}
;
%%
void yyerror (const char *s)
/* report a syntax error */
{
- error_at_line( 0, 0, rcfile, prc_lineno, "%s at %s", s,
- (yytext && yytext[0]) ? yytext : "end of input");
+ report_at_line(stderr, 0, rcfile, prc_lineno, GT_("%s at %s"), s,
+ (yytext && yytext[0]) ? yytext : GT_("end of input"));
prc_errflag++;
}
errno = 0;
- /* special cases useful for debugging purposes */
+ /* special case useful for debugging purposes */
if (strcmp("/dev/null", pathname) == 0)
return(PS_SUCCESS);
+ /* pass through the special name for stdin */
+ if (strcmp("-", pathname) == 0)
+ return(PS_SUCCESS);
+
/* the run control file must have the same uid as the REAL uid of this
process, it must have permissions no greater than 600, and it must not
be a symbolic link. We check these conditions here. */
if (errno == ENOENT)
return(PS_SUCCESS);
else {
- error(0, errno, "lstat: %s", pathname);
+ report(stderr, "lstat: %s: %s\n", pathname, strerror(errno));
return(PS_IOERR);
}
}
- if (!securecheck) return 0;
+ if (!securecheck) return PS_SUCCESS;
if ((statbuf.st_mode & S_IFLNK) == S_IFLNK)
{
- fprintf(stderr, "File %s must not be a symbolic link.\n", pathname);
- return(PS_AUTHFAIL);
+ fprintf(stderr, GT_("File %s must not be a symbolic link.\n"), pathname);
+ return(PS_IOERR);
}
+#ifndef __BEOS__
if (statbuf.st_mode & ~(S_IFREG | S_IREAD | S_IWRITE | S_IEXEC | S_IXGRP))
{
- fprintf(stderr, "File %s must have no more than -rwx--x--- (0710) permissions.\n",
+ fprintf(stderr, GT_("File %s must have no more than -rwx--x--- (0710) permissions.\n"),
pathname);
- return(PS_AUTHFAIL);
+ return(PS_IOERR);
}
+#endif /* __BEOS__ */
+#ifdef HAVE_GETEUID
+ if (statbuf.st_uid != geteuid())
+#else
if (statbuf.st_uid != getuid())
+#endif /* HAVE_GETEUID */
{
- fprintf(stderr, "File %s must be owned by you.\n", pathname);
- return(PS_AUTHFAIL);
+ fprintf(stderr, GT_("File %s must be owned by you.\n"), pathname);
+ return(PS_IOERR);
}
#endif
return(PS_SUCCESS);
if ( (prc_errflag = prc_filecheck(pathname, securecheck)) != 0 )
return(prc_errflag);
- if (errno == ENOENT)
+ /*
+ * Croak if the configuration directory does not exist.
+ * This probably means an NFS mount failed and we can't
+ * see a configuration file that ought to be there.
+ * Question: is this a portable check? It's not clear
+ * that all implementations of lstat() will return ENOTDIR
+ * rather than plain ENOENT in this case...
+ */
+ if (errno == ENOTDIR)
+ return(PS_IOERR);
+ else if (errno == ENOENT)
return(PS_SUCCESS);
- /* Open the configuration and feed it to the lexer. */
- if ((yyin = fopen(pathname,"r")) == (FILE *)NULL) {
- error(0, errno, "open: %s", pathname);
+ /* Open the configuration file and feed it to the lexer. */
+ if (strcmp(pathname, "-") == 0)
+ yyin = stdin;
+ else if ((yyin = fopen(pathname,"r")) == (FILE *)NULL) {
+ report(stderr, "open: %s: %s\n", pathname, strerror(errno));
return(PS_IOERR);
}
yyparse(); /* parse entire file */
- fclose(yyin);
+ fclose(yyin); /* not checking this should be safe, file mode was r */
if (prc_errflag)
return(PS_SYNTAX);
return(PS_SUCCESS);
}
-static void reset_server(char *name, int skip)
+static void reset_server(const char *name, int skip)
/* clear the entire global record and initialize it with a new name */
{
trailer = FALSE;
current.smtp_socket = -1;
current.server.pollname = xstrdup(name);
current.server.skip = skip;
+ current.server.principal = (char *)NULL;
}