technically RFC822 legal. The general problem is mentioned on the man page.
* fetchmail has been reported to break when processing 0-length (bodyless)
- messages retrieved via IMAP. It is not clear whether this is a fetchmail
- bug or a glitch in some specific IMAP server. (Such messages are sometimes
- issued by the INN suite as status notifications.)
+ messages retrieved via IMAP. (Such messages are sometimes issued by the
+ INN suite as status notifications.)
* Dave Holland <dave@zenda.demon.co.uk> thinks it's a misfeature that
--fetchall overrides --limit. He may have a point. Perhaps I should
pl 3.9.4 ():
* Fixed a compilation glitch for systems like SunOS & others without atexit(3).
* Fixed a compilation glitch in daemonize for HP-UX.
+* Changes to compile correctly on systems that have on_exit() but not atexit().
+* Changes to forbid duplicate server names in the rc file.
+* Do caseblind comparisons of host and user names everywhere.
-------------------------------------------------------------------------------
+There are 239 people on the fetchmail-friends list.
pl 3.9.3 (Wed May 7 11:40:47 EDT 1997):
* Fix for -I option from George Sipe.
* The counter referred to by the batchlimit option used to count not only
fetched messages but skipped ones. This has been fixed.
-* Compilation fixes for Kerberos support and GNU glibc2 support.
+* Compilation fixes for Kerberos V4 support and GNU glibc2 support.
There are 230 people on the fetchmail-friends list.
bugs --
-* Nalin Dahyabhai's fix patch for MIT Kerberos support.
+* Nalin Dahyabhai's fix patch for MIT Kerberos V4 support.
* Fixed a fencepost error in the APOP code that was causing a core dump.
who forced us to this with RFC1725, but thank Al Longyear <longyear@sii.com>
for fixing and verifying my slightly buggy implementation.
-* Kerberos support ditto. Thanks to Chris Hanson <cph@martigny.mit.edu>
+* Kerberos V4 support ditto. Thanks to Chris Hanson <cph@martigny.mit.edu>
for this feature.
* When there's a daemon fetchmail in background, running fetchmail in
* Linux packagers: building fetchmail now generates an RPM specfile for it.
-* Kerberos support via KPOP protocol (thanks to Chris Hanson).
+* Kerberos V4 support via KPOP protocol (thanks to Chris Hanson).
* New --check option for asking server whether there is mail without
actually retrieving or deleting it.
** Support POP2, APOP, RPOP, IMAP2, IMAP2bis, IMAP3, IMAP4, IMAP4rev1.
- ** Support for Kerberos user authentication (either MIT or Cygnus).
+ ** Support for Kerberos V4 user authentication (either MIT or Cygnus).
** Host is auto-probed for a working server if no protocol is
specified for the connection. Thus you don't need to know
void (*sigsave)();
#ifndef KERBEROS_V4
- if (ctl->server.authenticate == A_KERBEROS)
+ if (ctl->server.authenticate == A_KERBEROS_V4)
{
- error(0, -1, "Kerberos support not linked.");
+ error(0, -1, "Kerberos V4 support not linked.");
return(PS_ERROR);
}
#endif /* KERBEROS_V4 */
}
#ifdef KERBEROS_V4
- if (ctl->server.authenticate == A_KERBEROS)
+ if (ctl->server.authenticate == A_KERBEROS_V4)
{
ok = kerberos_auth(fileno(sockfp), ctl->server.canonical_name);
if (ok != 0)
for (ctl = querylist; ctl; ctl = ctl->next)
if (ctl->active && !(implicitmode && ctl->server.skip) && !ctl->password)
{
- if (ctl->server.authenticate == A_KERBEROS)
+ if (ctl->server.authenticate == A_KERBEROS_V4)
/* Server won't care what the password is, but there
must be some non-null string here. */
ctl->password = ctl->remotename;
* as a probe to make sure our nameserver is still up.
* The multidrop case (especially) needs it.
*/
- if (ctl->server.authenticate == A_KERBEROS || MULTIDROP(ctl))
+ if (ctl->server.authenticate==A_KERBEROS_V4 || MULTIDROP(ctl))
{
struct hostent *namerec;
printf(" Password = '%s'.\n", visbuf(ctl->password));
if (ctl->server.protocol == P_POP3
&& ctl->server.port == KPOP_PORT
- && ctl->server.authenticate == A_KERBEROS)
+ && ctl->server.authenticate == A_KERBEROS_V4)
printf(" Protocol is KPOP");
else
printf(" Protocol is %s", showproto(ctl->server.protocol));
printf(" (forcing UIDL use)");
putchar('.');
putchar('\n');
- if (ctl->server.authenticate == A_KERBEROS)
- printf(" Kerberos authentication enabled.\n");
+ if (ctl->server.authenticate == A_KERBEROS_V4)
+ printf(" Kerberos V4 preauthentication enabled.\n");
printf(" Server nonresponse timeout is %d seconds", ctl->server.timeout);
if (ctl->server.timeout == CLIENT_TIMEOUT)
printf(" (default).\n");
#define KPOP_PORT 1109
/* authentication types */
-#define A_PASSWORD 0 /* passwords in cleartext */
-#define A_KERBEROS 1 /* get Kerberos V4 ticket */
+#define A_PASSWORD 0 /* password or inline authentication */
+#define A_KERBEROS_V4 1 /* preauthenticate w/ Kerberos V4 */
/* definitions for buffer sizes -- somewhat arbitrary */
#define POPBUFSIZE 512 /* per RFC 937 */
.IP RPOP
Use POP3 with RPOP authentication.
.IP KPOP
-Use POP3 with Kerberos authentication on port 1109.
+Use POP3 with Kerberos V4 authentication on port 1109.
.IP IMAP
IMAP2bis, IMAP4, or IMAP4rev1 (\fIfetchmail\fR autodetects their capabilities).
.IP ETRN
skipped. This option is currently only supported under Linux.
.TP
.B \-A, --auth
-This option permits you to specify an authentication type (see USER
+This option permits you to specify a preauthentication type (see USER
AUTHENTICATION below for details). The possible values are
-\&`\fBpassword\fR' and `\fBkerberos\fR'. This option is provided
+\&`\fBpassword\fR' and `\fBkerberos\fR' (or, for excruciating
+exactness, `\fBkerberos_v4\fR'). This option is provided
primarily for developers; choosing KPOP protocol automatically selects
-Kerberos authentication, and all other alternatives use ordinary
+Kerberos preauthentication, and all other alternatives use ordinary
password authentication (though APOP uses a generated one-time
key as the password).
This option does not work with ETRN.
checking its authorization database.
.PP
If your \fIfetchmail\fR was built with Kerberos support and you specify
-Kerberos authentication (either with --auth or the \fI.fetchmailrc\fR
-option \fBauthenticate kerberos\fR) it will try to get a Kerberos
+Kerberos preauthentication (either with --auth or the \fI.fetchmailrc\fR
+option \fBauthenticate kerberos_v4\fR) it will try to get a Kerberos
ticket from the mailserver at the start of each query.
.SH DAEMON MODE
ticket at the start of each query instead, and send an arbitrary
string as the password.
.PP
-Specifying `kpop' sets POP3 protocol over port 1109 with Kerberos
+Specifying `kpop' sets POP3 protocol over port 1109 with Kerberos V4
authentication. These defaults may be overridden by later options.
.PP
You can use the noise keywords `and', `with',
{
ctl->server.protocol = P_POP3;
ctl->server.port = KPOP_PORT;
- ctl->server.authenticate = A_KERBEROS;
+ ctl->server.authenticate = A_KERBEROS_V4;
}
else if (strcasecmp(optarg,"etrn") == 0)
ctl->server.protocol = P_ETRN;
if (strcmp(optarg, "password") == 0)
ctl->server.authenticate = A_PASSWORD;
else if (strcmp(optarg, "kerberos") == 0)
- ctl->server.authenticate = A_KERBEROS;
+ ctl->server.authenticate = A_KERBEROS_V4;
+ else if (strcmp(optarg, "kerberos_v4") == 0)
+ ctl->server.authenticate = A_KERBEROS_V4;
else {
fprintf(stderr,"Invalid authentication `%s' specified.\n", optarg);
errflag++;
proto(col)? { return PROTOCOL; }
port { return PORT; }
auth(enticate)? { return AUTHENTICATE; }
-kerberos { return KERBEROS; }
+kerberos_v4 { return KERBEROS_V4; }
+kerberos { return KERBEROS_V4; }
timeout { return TIMEOUT;}
envelope { return ENVELOPE; }
static void record_current();
static void user_reset();
+static int reset_server(char *name, int skip);
%}
%union {
}
%token DEFAULTS POLL SKIP AKA LOCALDOMAINS PROTOCOL
-%token AUTHENTICATE TIMEOUT KPOP KERBEROS
+%token AUTHENTICATE TIMEOUT KPOP KERBEROS_V4
%token ENVELOPE USERNAME PASSWORD FOLDER SMTPHOST MDA PRECONNECT LIMIT
%token IS HERE THERE TO MAP WILDCARD
%token SET BATCHLIMIT FETCHLIMIT LOGFILE DAEMON INTERFACE MONITOR
| define_server serverspecs userspecs
;
-define_server : POLL STRING {memset(¤t,'\0',sizeof(current));
- save_str(¤t.server.names, -1,$2);
- current.server.skip = FALSE;}
- | SKIP STRING {memset(¤t,'\0',sizeof(current));
- save_str(¤t.server.names, -1,$2);
- current.server.skip = TRUE;}
- | DEFAULTS {memset(¤t,'\0',sizeof(current));
- save_str(¤t.server.names, -1,"defaults");}
+define_server : POLL STRING {
+ if (!reset_server($2, FALSE))
+ {
+ yyerror("duplicate entry name not allowed");
+ YYERROR;
+ }
+ }
+ | SKIP STRING {
+ if (!reset_server($2, TRUE))
+ {
+ yyerror("duplicate entry name not allowed");
+ YYERROR;
+ }
+ }
+ | DEFAULTS {
+ if (!reset_server("defaults", FALSE))
+ {
+ yyerror("can't have two default entries");
+ YYERROR;
+ }
+ }
;
serverspecs : /* EMPTY */
| PROTOCOL PROTO {current.server.protocol = $2;}
| PROTOCOL KPOP {
current.server.protocol = P_POP3;
- current.server.authenticate = A_KERBEROS;
+ current.server.authenticate = A_KERBEROS_V4;
current.server.port = KPOP_PORT;
}
| UIDL {current.server.uidl = FLAG_TRUE;}
| NO UIDL {current.server.uidl = FLAG_FALSE;}
| PORT NUMBER {current.server.port = $2;}
| AUTHENTICATE PASSWORD {current.server.authenticate = A_PASSWORD;}
- | AUTHENTICATE KERBEROS {current.server.authenticate = A_KERBEROS;}
+ | AUTHENTICATE KERBEROS_V4 {current.server.authenticate = A_KERBEROS_V4;}
| TIMEOUT NUMBER {current.server.timeout = $2;}
| ENVELOPE STRING {current.server.envelope = xstrdup($2);}
| INTERFACE STRING {
return(0);
}
+static int reset_server(char *name, int skip)
+/* clear the entire global record and initialize it with a new name */
+{
+ struct query *ctl;
+
+ /* don't allow name collisions, this screws up the data structures */
+ for (ctl = querylist; ctl; ctl = ctl->next)
+ if (strcmp(name, ctl->server.names->id) == 0)
+ return(FALSE);
+
+ memset(¤t,'\0',sizeof(current));
+ save_str(¤t.server.names, -1, name);
+ current.server.skip = skip;
+ return(TRUE);
+}
+
+
static void user_reset(void)
/* clear the global current record (server parameters) used by the parser */
{
fprintf (stderr, message, a1, a2, a3, a4, a5, a6, a7, a8);
#endif
- if (errnum)
- fprintf (stderr, ": %s", strerror (errnum));
+ if (errnum) {
+ char *tmps = strerror(errnum);
+ if (tmps) {
+ fprintf (stderr, ": %s", tmps);
+ }
+ else {
+ fprintf (stderr, ": Error %d", errnum);
+ }
+ }
putc ('\n', stderr);
fflush (stderr);
}
#
# This file (or one of your own creation, rather) should be located
# in your home directory with the name .fetchmailrc. Permissions on this
-# file may be no greater than -rw-------, or fetchmail will refuse to
+# file may be no greater than -rw------- (0600), or fetchmail will refuse to
# use it.
#
# To see what effect your ~/.fetchmailrc file has, do
* Machinery for handling UID lists live here. This is mainly to support
* RFC1725-conformant POP3 servers without a LAST command, but may also be
* useful for making the IMAP4 querying logic UID-oriented, if a future
- * revision of IMAP forces me to. (This would be bad. Server-side
- * seen bits are better than UIDs, because they track messages seen by
- * *all* clients.)
+ * revision of IMAP forces me to.
*
* Here's the theory:
*
* At the end of the fetchmail run, all current `oldsaved' lists are
* flushed out to the .fetchids file to be picked up by the next run.
* If there are no such messages, the file is deleted.
+ *
+ * Note: all comparisons are caseblind!
*/
/* UIDs associated with un-queried hosts */
{
for (ctl = hostlist; ctl; ctl = ctl->next)
{
- if (strcmp(host, ctl->server.names->id) == 0
- && strcmp(user, ctl->remotename) == 0)
+ if (strcasecmp(host, ctl->server.names->id) == 0
+ && strcasecmp(user, ctl->remotename) == 0)
{
save_str(&ctl->oldsaved, -1, id);
break;
}
char *idpair_find(struct idlist **idl, const char *id)
-/* return the id of the given number in the given list. */
+/* return the id of the given id in the given list (caseblind comparison) */
{
if (*idl == (struct idlist *) 0)
return((char *) 0);
- else if (strcmp(id, (*idl)->id) == 0)
+ else if (strcasecmp(id, (*idl)->id) == 0)
return((*idl)->val.id2 ? (*idl)->val.id2 : (*idl)->id);
else
return(idpair_find(&(*idl)->next, id));