Minor fixes.

svn path=/trunk/; revision=3584

diff --git a/NEWS b/NEWS
index 52c3a8db6e29f341af45539e3e30f6059d1f3967..3d855172ad9cb59be5c2c8f34dad819923873c8c 100644 (file)
--- a/NEWS
+++ b/NEWS
@@ -2,6 +2,10 @@
 
 (The `lines' figures total .c, .h, .l, and .y files under version control.)
 
+* Renamed misnamed tr.po and da.po files
+* Jakub Ulanowski's patch to fix SSL fingerprint handling.
+* Matt Kraai's patch for supporting STLS over POP3.
+
 fetchmail-5.9.8 (Thu Feb 14 23:47:31 EST 2002), 21358 lines:
 
 * Added de translation catalog; updated da and tr catalogs.

diff --git a/pop3.c b/pop3.c
index fac2b1858999f170b3959c952a773b7ec6b5a845..41723b484523c199df78f5b9d3d20edeb7a4ebd0 100644 (file)
--- a/pop3.c
+++ b/pop3.c
@@ -141,6 +141,9 @@ static int pop3_getauth(int sock, struct query *ctl, char *greeting)
 #ifdef OPIE_ENABLE
     flag has_otp = FALSE;
 #endif /* OPIE_ENABLE */
+#ifdef SSL_ENABLE
+    flag has_ssl = FALSE;
+#endif /* SSL_ENABLE */
 
 #ifdef SDPS_ENABLE
     /*
@@ -207,6 +210,10 @@ static int pop3_getauth(int sock, struct query *ctl, char *greeting)
            {
                if (DOTLINE(buffer))
                    break;
+#ifdef SSL_ENABLE
+               if (strstr(buffer, "STLS"))
+                   has_ssl = TRUE;
+#endif /* SSL_ENABLE */
 #if defined(GSSAPI)
                if (strstr(buffer, "GSSAPI"))
                    has_gssapi = TRUE;
@@ -224,6 +231,27 @@ static int pop3_getauth(int sock, struct query *ctl, char *greeting)
            }
        }
 
+#ifdef SSL_ENABLE
+       if (has_ssl &&
+#if INET6_ENABLE
+           ctl->server.service && (strcmp(ctl->server.service, "pop3s"))
+#else /* INET6_ENABLE */
+           ctl->server.port != 995
+#endif /* INET6_ENABLE */
+           )
+       {
+           char *realhost;
+
+           realhost = ctl->server.via ? ctl->server.via : ctl->server.pollname;           gen_transact(sock, "STLS");
+           if (SSLOpen(sock,ctl->sslcert,ctl->sslkey,ctl->sslproto,ctl->sslcertck, ctl->sslcertpath,ctl->sslfingerprint,realhost,ctl->server.pollname) == -1)
+           {
+               report(stderr,
+                      GT_("SSL connection failed.\n"));
+               return(PS_AUTHFAIL);
+           }
+       }
+#endif /* SSL_ENABLE */
+
        /*
         * OK, we have an authentication type now.
         */

diff --git a/rcfile_y.y b/rcfile_y.y
index a7246cf52812d683fdd2bdfe51899cd5328dacb3..7701d2c45d3051e3c9585d8f939acfcfa8c35b13 100644 (file)
--- a/rcfile_y.y
+++ b/rcfile_y.y
@@ -368,7 +368,7 @@ user_option : TO localnames HERE
 #ifdef SSL_ENABLE
                    current.use_ssl = FLAG_FALSE;
 #else
-                   yyerror(GT_("SSL is not enabled"))
+                   yyerror(GT_("SSL is not enabled"));
 #endif 
                }
 

diff --git a/sink.c b/sink.c
index 5ffe142f179069f71ccd70c23874257cbac041a7..ebd674b95b3eadf24f614a298de41802468d7a53 100644 (file)
--- a/sink.c
+++ b/sink.c
@@ -1029,8 +1029,11 @@ int open_sink(struct query *ctl, struct msgblk *msg,
        /* 
         * User was delivering locally.  We have a fallback MDA.
         * Latch it in place, logging the error, and fall through.
+        * Set stripcr as we would if MDA had been the initial transport
         */
        ctl->mda = FALLBACK_MDA;
+       if (!ctl->forcecr)
+           ctl->stripcr = TRUE;
 
        report(stderr, GT_("can't raise the listener; falling back to %s"),
                         FALLBACK_MDA);

diff --git a/socket.c b/socket.c
index ceadc9603b32c5054605ec3594c5a0e2d7c0659f..27b928ccd473a6fe81d5970892d1b8bbafa4042b 100644 (file)
--- a/socket.c
+++ b/socket.c
@@ -807,10 +807,10 @@ int SSL_verify_callback( int ok_return, X509_STORE_CTX *ctx, int strict )
                        if (outlevel > O_SILENT)
                            report(stdout, GT_("%s key fingerprint: %s\n"), _server_label, text);
                        if (_check_digest != NULL) {
-                               if (strcmp(text, _check_digest) == 0)
+                               if (strcmp(text, _check_digest) == 0) {
                                    if (outlevel > O_SILENT)
                                        report(stdout, GT_("%s fingerprints match.\n"), _server_label);
-                               else {
+                               } else {
                                    if (outlevel > O_SILENT)
                                        report(stderr, GT_("%s fingerprints do not match!\n"), _server_label);
                                    return (0);