From: Matthias Andree Date: Wed, 5 Sep 2012 00:53:54 +0000 (+0200) Subject: Merge branch 'legacy_63' X-Git-Url: http://pileus.org/git/?p=~andy%2Ffetchmail;a=commitdiff_plain;h=40fe452223b5cc0ff5dbae0efa8551d7e96c1a5c Merge branch 'legacy_63' Conflicts: Makefile.am NEWS conf.c configure.ac contrib/rawlog.patch fetchmail-SA-2011-01.txt fetchmail.man fm_md5.h kerberos.c socket.c socket.h --- 40fe452223b5cc0ff5dbae0efa8551d7e96c1a5c diff --cc Makefile.am index 0bdbfa43,6f247dae..42fd0890 --- a/Makefile.am +++ b/Makefile.am @@@ -138,8 -149,9 +135,8 @@@ DISTDOCS= FAQ FEATURES NOTES OLDNEWS fe # extra directories to ship distdirs = rh-config contrib beos - EXTRA_DIST+= $(DISTDOCS) $(distdirs) \ + EXTRA_DIST= $(DISTDOCS) $(distdirs) \ fetchmail.spec fetchmail.xpm \ - trio/CHANGES trio/README \ strlcpy.3 bighand.png \ m4/codeset.m4 \ m4/gettext.m4 \ diff --cc NEWS index 172223e6,a0705cd8..a10dd50a --- a/NEWS +++ b/NEWS @@@ -40,90 -54,91 +40,172 @@@ removed from a 7.0.0 or newer release. -------------------------------------------------------------------------------- +fetchmail-7.0.0 (not yet released): + +NOTE THIS IS AN ALPHA RELEASE THAT HAS NOT BEEN THOROUGHLY TESTED! + +# MAJOR CHANGES +* The UIDL handler code is now much faster, especially noticable with lots of + mail kept on a POP3 server. Where the 6.3.X code was of O(n^2) complexity, + we're down to O(n log n). + Contributed by Rainer Weikusat, MAD Partners Ltd./MSS GmbH. +* The POP3 code now always uses UIDL, except if "fetchall" is in effect. + Fixes BerliOS Bug #16172. Fixes Debian Bug#345788. +* Fetchmail now enables SSL support by default. If this is undesired, + ./configure --without-ssl should help. +* The OpenSSL code now excludes the SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS option. + This can cause interoperability problems with certain buggy servers, but is + required to defang chosen-plaintext attacks against AES. While probably hard + to mount against fetchmail, let's play it safe rather than be sorry later. + +# FEATURES ADDED +* Fetchmail can now retrieve credentials from PWMD. This needs to be enabled at + compile-time and requires run-time configuration. See README.PWMD for details. + Contributed by Ben Kibbey, author of libpwmd and pwmd. +* Fetchmail now supports a retrieve-error command line or rcfile option that + takes exactly one argument, abort (default), continue or markseen. This + specifies the policy used by fetchmail to handle messages whose bodies + fail to be retrieved due to server errors. Both the continue and markseen + options will skip the message with errors and allow the session to + continue so that subsequent messages can be retrieved. The markseen + option will also mark the message with errors as seen. + The default policy is to abort the session whenever a server error occurs. + Contributed by Craig Brown. +* Fetchmailconf offers cram-md5 and apop authentication. + +# REMOVED FEATURES +* IMAP2 protocol support was removed. +* POP2 protocol support was removed. +* RPOP (not actually a protocol, but a variant of POP3) was removed +* POP3: the uidl option has been removed. It is always on. +* POP3: LAST is no longer used. It was removed from POP3 in 1994, and it could + cause mail loss when the connection was interrupted or if clients besides + fetchmail polled the mailbox. +* Trio was removed, fetchmail expects reasonable stdio.h quality levels. +* Support for systems that do not conform to C89 and POSIX 2001 was removed, + this means that BeOS, EMX, NeXTSTEP quirks are no longer worked around. +* The MX and host alias DNS lookups that fetchmail performs in multidrop mode + have been removed. They were based on the mistaken assumption that the + IMAP/POP3 server was also the MX server, which is rarely the case. They have + never supported IPv6 (including IPv6-mapped IPv4) either. + Non-DNS based alias keywords such as "aka" remain. +* Kerberos IV support was removed. +* fetchmail no longer supports SSL v2, nor the corresponding SSL2 option to + --sslproto. SSLv2 is insecure and had been deprecated 15 years ago. fetchmail + will actively forbid SSLv2 negotiation by means of SSL_OP_NO_SSLv2. + To fix Debian Bug#622054. +* A lot of outdated and/or unsafe-to-use material got dropped from contrib/. + +# REGRESSION FIXES +* The mimedecode feature now properly detects multipart/mixed-type matches, so + that quoted-printable-encoded multipart messages can get decoded. + (Regression in 5.0.0 on 1999-03-27, as a side effect of a PGP-mimedecode fix + attributed to Henrik Storner.) + +# BUG FIXES +* The mimedecode feature failed to ship the last line of the body if it was + encoded as quoted-printable and had a MIME soft line break in the very last + line. Reported by Lars Hecking in June 2011. + Bug introduced on 1998-03-20 when the mimedecode support was added by ESR + before release 4.4.1 through code contributed by Henrik Storner. + Workaround for older releases: do not use mimedecode feature. +* Fetchmail now detects singly-quoted % expansions in the mda option and refuses + to deliver for safety reasons. Fixes Debian Bug#347909. +* The Server certificate: message in verbose mode now appears on stdout like the + remainder of the output. Reported by Henry Jensen, to fix Debian Bug #639807. + +# CHANGES +* A foreground fetchmail can now accept a few more options while another copy is + running in the background. +* APOP is no longer a protocol, but an authentication method. In order to use + it, use protocol POP3 auth APOP, or on the commandline, -p pop3 --auth apop. + If no authentication method is specified, APOP is automatically tried if + offered by the server before we resort to sending the password as clear text. + +-------------------------------------------------------------------------------- - fetchmail-6.3.22 (not yet released): + fetchmail-6.3.23 (not yet released) + + # NOTE THAT THE RELEASE OF FUTURE FETCHMAIL 6.3.X VERSIONS IS UNCLEAR. + Should a 7.0 release be made earlier, chances are that the 6.3.X branch + is abandoned and its changes be folded into the 7.0 release, with changes + after 6.3.22 not available on their own in a newer 6.3.X release. + + # REGRESSION FIXES + * Fix compilation with OpenSSL implementations before 0.9.8m that lack + SSL_CTX_clear_options. Patch by Earl Chew. + Note that the use of older OpenSSL versions with fetchmail is unsupported and + *not* recommended. + + # BUG FIXES + * Fix combination of --plugin and -f -. Patch by Alexander Zangerl, + to fix Debian Bug#671294. + + + fetchmail-6.3.22 (released 2012-08-29, 26077 LoC): + + # SECURITY FIXES + * for CVE-2012-3482: + NTLM: fetchmail mistook an error message that the server sent in response to + an NTLM request for protocol exchange, tried to decode it, and crashed while + reading from a bad memory location. + Also, with a carefully crafted NTLM challenge packet sent from the server, it + would be possible that fetchmail conveyed confidential data not meant for the + server through the NTLM response packet. + Fix: Detect base64 decoding errors, validate the NTLM challenge, and abort + NTLM authentication in case of error. + See fetchmail-SA-2012-02.txt for further details. + Reported by J. Porter Clark. + + * for CVE-2011-3389: + SSL/TLS (wrapped and STARTTLS): fetchmail used to disable a countermeasure + against a certain kind of attack against cipher block chaining initialization + vectors (SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS). + Whether this creates an exploitable situation, depends on the server and the + negotiated ciphers. + As a precaution, fetchmail 6.3.22 enables the countermeasure, by clearing + SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS. + + NOTE that this can cause connections to certain non-conforming servers to + fail, in which case you can set the environment variable + FETCHMAIL_DISABLE_CBC_IV_COUNTERMEASURE to any non-empty value when starting + fetchmail to re-instate the compatibility option at the expense of security. + + Reported by Apple Product Security. + + For technical details, refer to . + See fetchmail-SA-2012-01.txt for further details. + + # BUG FIX + * The Server certificate: message in verbose mode now appears on stdout like the + remainder of the output. Reported by Henry Jensen, to fix Debian Bug #639807. + + * The GSSAPI-related autoconf code now matches gssapi.c better, and uses + a different check to look for GSS_C_NT_HOSTBASED_SERVICE. + This fixes the GSSAPI-enabled build on NetBSD 6 Beta. + + # CHANGES + * On systems where SSLv2_client_method isn't defined in OpenSSL (such as + newer Debian, and Ubuntu starting with 11.10 oneiric ocelot), don't + reference it (to fix the build) and if configured, print a run-time error + that the OS does not support SSLv2. Fixes Debian Bug #622054, + but note that that bug report has a more thorough patch that does away with + SSLv2 altogether. + + * The security and errata notices fetchmail-{EN,SA}-20??-??.txt are now + under the more relaxed CC BY-ND 3.0 license (the noncommercial clause + was dropped). The Creative Commons address was updated. + + * The Python-related Makefile.am parts were simplified to avoid an automake + 1.11.X bug around noinst_PYTHON, Automake Bug #10995. + + * Configuring fetchmail without SSL now triggers a configure warning, + and asks the user to consider running configure --with-ssl. + + # WORKAROUND + * Some servers, notably Zimbra, return A1234 987 FETCH () in response to + a header request, in the face of message corruption. fetchmail now treats + these as temporary errors. Report and Patch by Mikulas Patocka, Red Hat. + * Some servers, notably Microsoft Exchange, return "A0009 OK FETCH completed." without any header in response to a header request for meeting reminder messages (with a "meeting.ics" attachment). fetchmail now treats these as @@@ -141,7 -185,12 +252,11 @@@ fetchmail-6.3.21 (released 2011-08-21, messages end up in mbox, but adds line termination for storages (like Maildir) that do not require that the last line be LF- or CRLF-terminated. + # CONTRIB/ addition + * There is a patch against fetchnews's source, contrib/rawlog.patch, that can + log (and hexdump non-printing characters) raw socket data to a file. It proved + useful to debug Antoine's bug described above. - fetchmail-6.3.20 (released 2011-06-06, 26005 LoC): # SECURITY BUG FIXES diff --cc configure.ac index 7b074424,f19bdc51..dd66cdbd --- a/configure.ac +++ b/configure.ac @@@ -9,7 -9,7 +9,7 @@@ dnl Process this file with autoconf to dnl dnl XXX - if bumping version here, check fetchmail.man, too! - AC_INIT([fetchmail],[7.0.0-alpha2],[fetchmail-devel@lists.berlios.de]) -AC_INIT([fetchmail],[6.3.22.1],[fetchmail-users@lists.berlios.de]) ++AC_INIT([fetchmail],[7.0.0-alpha3],[fetchmail-devel@lists.berlios.de]) AC_CONFIG_SRCDIR([fetchmail.h]) AC_CONFIG_HEADERS([config.h]) AC_CONFIG_LIBOBJ_DIR([.]) @@@ -672,13 -899,74 +678,22 @@@ the CPPFLAGS="$CPPFLAGS -I$with_gssapi/include" fi AC_CHECK_HEADERS(gss.h gssapi.h gssapi/gssapi.h gssapi/gssapi_generic.h) - if test "$ac_cv_header_gssapi_h" = "yes"; then - AC_EGREP_HEADER(GSS_C_NT_HOSTBASED_SERVICE, gssapi.h, AC_DEFINE(HAVE_GSS_C_NT_HOSTBASED_SERVICE,1,Define if you have MIT kerberos)) - else - AC_EGREP_HEADER(GSS_C_NT_HOSTBASED_SERVICE, gssapi/gssapi.h, AC_DEFINE(HAVE_GSS_C_NT_HOSTBASED_SERVICE)) - fi + AC_CHECK_DECLS(GSS_C_NT_HOSTBASED_SERVICE,,,[ + AC_INCLUDES_DEFAULT + #if HAVE_GSS_H + #include + #endif + #if HAVE_GSSAPI_GSSAPI_H + #include + #elif HAVE_GSSAPI_H + #include + #endif + #if HAVE_GSSAPI_GSSAPI_GENERIC_H + #include + #endif + ]) fi]) -dnl ,------------------------------------------------------------------ -dnl Check if we need TRIO -needtrio=0 -if test "$FORCE_TRIO" = "yes" ; then - needtrio=1 - ac_cv_func_vsnprintf=no - ac_cv_func_snprintf=no -fi -if test "x$ac_cv_func_snprintf" != "xyes" ; then - AC_DEFINE(snprintf, trio_snprintf, - [Define to trio_snprintf if your system lacks snprintf]) - needtrio=1 -fi -if test "x$ac_cv_func_vsnprintf" != "xyes" ; then - AC_DEFINE(vsnprintf, trio_vsnprintf, - [Define to trio_vsnprintf if your system lacks vsnprintf]) - needtrio=1 -fi -AM_CONDITIONAL(NEED_TRIO, test "$needtrio" = 1) - -dnl TRIO IEEE compiler option for Alpha -dnl -if test "$needtrio" = 1 ; then - AC_MSG_CHECKING(for IEEE compilation options) - AC_CACHE_VAL(ac_cv_ieee_option, [ - AC_TRY_COMPILE(,[ - #if !(defined(__alpha) && (defined(__DECC) || defined(__DECCXX) || (defined(__osf__) && defined(__LANGUAGE_C__))) && (defined(VMS) || defined(__VMS))) - # error "Option needed" - #endif - ],ac_cv_ieee_option="/IEEE_MODE=UNDERFLOW_TO_ZERO/FLOAT=IEEE", - AC_TRY_COMPILE(,[ - #if !(defined(__alpha) && (defined(__DECC) || defined(__DECCXX) || (defined(__osf__) && defined(__LANGUAGE_C__))) && !(defined(VMS) || defined(__VMS)) && !defined(_CFE)) - # error "Option needed" - #endif - ],ac_cv_ieee_option="-ieee", - AC_TRY_COMPILE(,[ - #if !(defined(__alpha) && (defined(__GNUC__) && (defined(__osf__) || defined(__linux__)))) - # error "Option needed" - #endif - ],ac_cv_ieee_option="-mieee", - ac_cv_ieee_option="none" - ) - ) - ) - ]) - AC_MSG_RESULT($ac_cv_ieee_option) - if test $ac_cv_ieee_option != none; then - CFLAGS="${CFLAGS} ${ac_cv_ieee_option}" - fi -fi -dnl ----------------------------------------------------------------' - AC_CONFIG_FILES([Makefile po/Makefile.in genlsm.sh]) AC_OUTPUT diff --cc contrib/rawlog.patch index c599797d,a341d4e1..bec08b5e --- a/contrib/rawlog.patch +++ b/contrib/rawlog.patch @@@ -11,18 -11,31 +11,45 @@@ The file gets appended to, so you can l Note 1: any logging failures cause fetchmail to abort() forcefully. +Note 2: raw control characters persist in the log and are not filtered +out. In doubt use a pager that filters control characters, or use tools +such as a binary-capable text edtior, vim's xxd, or hexdump, or od, to +view the raw log message. + +-- Matthias Andree, June 2011 + +diff --git a/socket.c b/socket.c +index c8117a5..89847fe 100644 +--- a/socket.c ++++ b/socket.c +@@ -362,6 +362,49 @@ static SSL *_ssl_context[FD_SETSIZE]; ++======= + Note 2: non-printable characters are hex-escaped, so it is safe to use + FETCHMAIL_RAW_LOGFILE=/dev/stderr or similar. + + -- Matthias Andree, August 2011 + + diff --git a/sink.c b/sink.c + index 5d92556..ff6208d 100644 + --- a/sink.c + +++ b/sink.c + @@ -649,6 +649,10 @@ int stuffline(struct query *ctl, char *buf) + while ((last += strlen(last)) && (last[-1] != '\n')) + last++; + + + if (outlevel >= O_DEBUG && (size_t)(last - buf) != strlen(buf)) + + report(stdout, GT_("DEBUG: stuffline shipping line with NULs, length=%lu, strlen=%lu\n"), last - buf, strlen(buf)); + + + + + /* fix message lines that have only \n termination (for qmail) */ + if (ctl->forcecr) + { + diff --git a/socket.c b/socket.c + index e338207..dcaf19d 100644 + --- a/socket.c + +++ b/socket.c + @@ -381,6 +381,49 @@ static SSL *_ssl_context[FD_SETSIZE]; ++>>>>>>> legacy_63 static SSL *SSLGetContext( int ); #endif /* SSL_ENABLE */ diff --cc fetchmail.man index b5542333,56026d0b..babc57ab --- a/fetchmail.man +++ b/fetchmail.man @@@ -10,7 -10,7 +10,7 @@@ .\" Load www macros to process .URL requests, this requires groff: .mso www.tmac .\" - .TH fetchmail 1 "fetchmail 7.0.0-alpha2" "fetchmail" "fetchmail reference manual" -.TH fetchmail 1 "fetchmail 6.3.22" "fetchmail" "fetchmail reference manual" ++.TH fetchmail 1 "fetchmail 7.0.0-alpha3" "fetchmail" "fetchmail reference manual" .SH NAME fetchmail \- fetch mail from a POP, IMAP, ETRN, or ODMR-capable server diff --cc fm_md5.h index 86ec8ab5,f55909a4..ea61c823 --- a/fm_md5.h +++ b/fm_md5.h @@@ -7,10 -7,19 +7,13 @@@ #include "fetchmail.h" -#if SIZEOF_INT == 4 -typedef unsigned int uint32; -#else -typedef unsigned long int uint32; -#endif - struct MD5Context { - uint32 buf[4]; - uint32 bits[2]; + uint32_t buf[4]; + uint32_t bits[2]; - unsigned char in[64]; + union { + unsigned char in[64]; + uint32 in32[16]; + } u; }; void MD5Init(struct MD5Context *context);