Another pass at cleaning up (some of) the manpages.

[nmh] / mts / smtp / smtp.c

diff --git a/mts/smtp/smtp.c b/mts/smtp/smtp.c
index 98c20d83c4faf85328b774038265406646b41894..873e0cd8d5c59400fb46b15f8b929fed4ab2a4b5 100644 (file)
--- a/mts/smtp/smtp.c
+++ b/mts/smtp/smtp.c
@@ -10,6 +10,7 @@
 #include "smtp.h"
 #include <h/mts.h>
 #include <h/signals.h>
+#include <h/utils.h>
 
 #ifdef CYRUS_SASL
 #include <sasl/sasl.h>
@@ -97,7 +98,6 @@ static FILE *sm_wfp = NULL;
 static sasl_conn_t *conn = NULL;       /* SASL connection state */
 static int sasl_complete = 0;          /* Has authentication succeded? */
 static sasl_ssf_t sasl_ssf;            /* Our security strength factor */
-static char *sasl_pw_context[3];       /* Context to pass into sm_get_pass */
 static int maxoutbuf;                  /* Maximum crypto output buffer */
 static char *sasl_outbuffer;           /* SASL output buffer for encryption */
 static int sasl_outbuflen;             /* Current length of data in outbuf */
@@ -142,20 +142,19 @@ static int tls_active = 0;
 
 static char *sm_noreply = "No reply text given";
 static char *sm_moreply = "; ";
-
-struct smtp sm_reply;          /* global... */
+static struct smtp sm_reply;
 
 #define        MAXEHLO 20
 
 static int doingEHLO;
-char *EHLOkeys[MAXEHLO + 1];
+static char *EHLOkeys[MAXEHLO + 1];
 
 /*
  * static prototypes
  */
-static int smtp_init (char *, char *, char *, int, int, int, int, int, int,
+static int smtp_init (char *, char *, char *, int, int, int, int, int,
                      char *, char *, int);
-static int sendmail_init (char *, char *, int, int, int, int, int, int,
+static int sendmail_init (char *, char *, int, int, int, int, int,
                           char *, char *);
 
 static int rclient (char *, char *);
@@ -185,22 +184,19 @@ static int sm_auth_sasl(char *, int, char *, char *);
 
 int
 sm_init (char *client, char *server, char *port, int watch, int verbose,
-         int debug, int queued, int sasl, int saslssf,
-        char *saslmech, char *user, int tls)
+         int debug, int sasl, int saslssf, char *saslmech, char *user, int tls)
 {
     if (sm_mts == MTS_SMTP)
        return smtp_init (client, server, port, watch, verbose,
-                         debug, queued, sasl, saslssf, saslmech,
-                         user, tls);
+                         debug, sasl, saslssf, saslmech, user, tls);
     else
        return sendmail_init (client, server, watch, verbose,
-                              debug, queued, sasl, saslssf, saslmech,
-                             user);
+                              debug, sasl, saslssf, saslmech, user);
 }
 
 static int
 smtp_init (char *client, char *server, char *port, int watch, int verbose,
-          int debug, int queued,
+          int debug,
            int sasl, int saslssf, char *saslmech, char *user, int tls)
 {
     int result, sd1, sd2;
@@ -389,16 +385,13 @@ smtp_init (char *client, char *server, char *port, int watch, int verbose,
 send_options: ;
     if (watch && EHLOset ("XVRB"))
        smtalk (SM_HELO, "VERB on");
-    if (queued && EHLOset ("XQUE"))
-       smtalk (SM_HELO, "QUED");
 
     return RP_OK;
 }
 
 int
 sendmail_init (char *client, char *server, int watch, int verbose,
-               int debug, int queued,
-               int sasl, int saslssf, char *saslmech, char *user)
+               int debug, int sasl, int saslssf, char *saslmech, char *user)
 {
     unsigned int i, result, vecp;
     int pdi[2], pdo[2];
@@ -474,15 +467,13 @@ sendmail_init (char *client, char *server, int watch, int verbose,
            vecp = 0;
            vec[vecp++] = r1bindex (sendmail, '/');
            vec[vecp++] = "-bs";
-           vec[vecp++] = watch ? "-odi" : queued ? "-odq" : "-odb";
+           vec[vecp++] = watch ? "-odi" : "-odb";
            vec[vecp++] = "-oem";
            vec[vecp++] = "-om";
            if (verbose)
                vec[vecp++] = "-ov";
            vec[vecp++] = NULL;
 
-           setgid (getegid ());
-           setuid (geteuid ());
            execvp (sendmail, vec);
            fprintf (stderr, "unable to exec ");
            perror (sendmail);
@@ -808,17 +799,26 @@ sm_end (int type)
  * completes successfully, then authentication is successful and we've
  * (optionally) negotiated a security layer.
  */
+
+#define CHECKB64SIZE(insize, outbuf, outsize) \
+    { size_t wantout = (((insize + 2) / 3) * 4) + 32; \
+      if (wantout > outsize) { \
+          outbuf = mh_xrealloc(outbuf, outsize = wantout); \
+      } \
+    }
+
 static int
 sm_auth_sasl(char *user, int saslssf, char *mechlist, char *inhost)
 {
     int result, status;
     unsigned int buflen, outlen;
-    char *buf, outbuf[BUFSIZ], host[NI_MAXHOST];
+    char *buf, *outbuf = NULL, host[NI_MAXHOST];
     const char *chosen_mech;
     sasl_security_properties_t secprops;
     sasl_ssf_t *ssf;
     int *outbufmax;
     struct nmh_creds creds = { 0, 0, 0 };
+    size_t outbufsize = 0;
 
     /*
      * Initialize the callback contexts
@@ -854,17 +854,13 @@ sm_auth_sasl(char *user, int saslssf, char *mechlist, char *inhost)
        strncpy(host, inhost, sizeof(host) - 1);
     }
 
-    nmh_get_credentials (host, user, 1, &creds);
-
-    /* It's OK to copy the creds pointers here.  The callbacks that
-       use them will only be called before this function returns. */
-    callbacks[SM_SASL_N_CB_USER].context = creds.user;
-    callbacks[SM_SASL_N_CB_AUTHNAME].context = creds.user;
-    sasl_pw_context[0] = host;
-    sasl_pw_context[1] = creds.user;
-    sasl_pw_context[2] = creds.password;
-
-    callbacks[SM_SASL_N_CB_PASS].context = sasl_pw_context;
+    /* It's OK to copy the addresses here.  The callbacks that use
+       them will only be called before this function returns. */
+    creds.host = host;
+    creds.user = user;
+    callbacks[SM_SASL_N_CB_USER].context = &creds;
+    callbacks[SM_SASL_N_CB_AUTHNAME].context = &creds;
+    callbacks[SM_SASL_N_CB_PASS].context = &creds;
 
     result = sasl_client_init(callbacks);
 
@@ -919,10 +915,13 @@ sm_auth_sasl(char *user, int saslssf, char *mechlist, char *inhost)
      */
 
     if (buflen) {
-       status = sasl_encode64(buf, buflen, outbuf, sizeof(outbuf), NULL);
+       CHECKB64SIZE(buflen, outbuf, outbufsize);
+       status = sasl_encode64(buf, buflen, outbuf, outbufsize, NULL);
        if (status != SASL_OK) {
            sm_ierror("SASL base64 encode failed: %s",
                      sasl_errstring(status, NULL, NULL));
+           if (outbuf)
+               free(outbuf);
            return NOTOK;
        }
 
@@ -949,8 +948,11 @@ sm_auth_sasl(char *user, int saslssf, char *mechlist, char *inhost)
 
        if (status == 235)
            break;
-       else if (status < 300 || status > 399)
+       else if (status < 300 || status > 399) {
+           if (outbuf)
+               free(outbuf);
            return RP_BHST;
+       }
        
        /*
         * Special case; a zero-length response from the SMTP server
@@ -961,12 +963,18 @@ sm_auth_sasl(char *user, int saslssf, char *mechlist, char *inhost)
        if (strcmp("=", sm_reply.text) == 0) {
            outlen = 0;
        } else {
+           if (sm_reply.length > (int) outbufsize) {
+               outbuf = mh_xrealloc(outbuf, outbufsize = sm_reply.length);
+           }
+
            result = sasl_decode64(sm_reply.text, sm_reply.length,
-                                  outbuf, sizeof(outbuf), &outlen);
+                                  outbuf, outbufsize, &outlen);
            if (result != SASL_OK) {
                smtalk(SM_AUTH, "*");
                sm_ierror("SASL base64 decode failed: %s",
                          sasl_errstring(result, NULL, NULL));
+               if (outbuf)
+                   free(outbuf);
                return NOTOK;
            }
        }
@@ -978,21 +986,29 @@ sm_auth_sasl(char *user, int saslssf, char *mechlist, char *inhost)
            smtalk(SM_AUTH, "*");
            sm_ierror("SASL client negotiation failed: %s",
                      sasl_errstring(result, NULL, NULL));
+           if (outbuf)
+               free(outbuf);
            return NOTOK;
        }
 
-       status = sasl_encode64(buf, buflen, outbuf, sizeof(outbuf), NULL);
+       CHECKB64SIZE(buflen, outbuf, outbufsize);
+       status = sasl_encode64(buf, buflen, outbuf, outbufsize, NULL);
 
        if (status != SASL_OK) {
            smtalk(SM_AUTH, "*");
            sm_ierror("SASL base64 encode failed: %s",
                      sasl_errstring(status, NULL, NULL));
+           if (outbuf)
+               free(outbuf);
            return NOTOK;
        }
        
        status = smtalk(SM_AUTH, outbuf);
     }
 
+    if (outbuf)
+       free(outbuf);
+
     /*
      * Make sure that we got the correct response
      */
@@ -1054,14 +1070,27 @@ sm_auth_sasl(char *user, int saslssf, char *mechlist, char *inhost)
 static int
 sm_get_user(void *context, int id, const char **result, unsigned *len)
 {
-    char *user = (char *) context;
+    nmh_creds_t creds = (nmh_creds_t) context;
 
     if (! result || ((id != SASL_CB_USER) && (id != SASL_CB_AUTHNAME)))
        return SASL_BADPARAM;
 
-    *result = user;
+    if (creds->user == NULL) {
+        /*
+         * Pass the 1 third argument to nmh_get_credentials() so
+         * that a default user if the -user switch to send(1)/post(8)
+         * wasn't used, and so that a default password will be supplied.
+         * That's used when those values really don't matter, and only
+         * with legacy/.netrc, i.e., with a credentials profile entry.
+         */
+        if (nmh_get_credentials (creds->host, creds->user, 1, creds) != OK) {
+            return SASL_BADPARAM;
+        }
+    }
+
+    *result = creds->user;
     if (len)
-       *len = strlen(user);
+       *len = strlen(creds->user);
 
     return SASL_OK;
 }
@@ -1070,7 +1099,7 @@ static int
 sm_get_pass(sasl_conn_t *conn, void *context, int id,
            sasl_secret_t **psecret)
 {
-    char **pw_context = (char **) context;
+    nmh_creds_t creds = (nmh_creds_t) context;
     int len;
 
     NMH_UNUSED (conn);
@@ -1078,14 +1107,26 @@ sm_get_pass(sasl_conn_t *conn, void *context, int id,
     if (! psecret || id != SASL_CB_PASS)
        return SASL_BADPARAM;
 
-    len = strlen (pw_context[2]);
+    if (creds->password == NULL) {
+        /*
+         * Pass the 0 third argument to nmh_get_credentials() so
+         * that the default password isn't used.  With legacy/.netrc
+         * credentials support, we'll only get here if the -user
+         * switch to send(1)/post(8) wasn't used.
+         */
+        if (nmh_get_credentials (creds->host, creds->user, 0, creds) != OK) {
+            return SASL_BADPARAM;
+        }
+    }
+
+    len = strlen (creds->password);
 
     if (! (*psecret = (sasl_secret_t *) malloc(sizeof(sasl_secret_t) + len))) {
        return SASL_NOMEM;
     }
 
     (*psecret)->len = len;
-    strcpy((char *) (*psecret)->data, pw_context[2]);
+    strcpy((char *) (*psecret)->data, creds->password);
 
     return SASL_OK;
 }
@@ -1111,12 +1152,22 @@ smtalk (int time, char *fmt, ...)
 {
     va_list ap;
     int result;
-    char buffer[BUFSIZ];
+    char *buffer;
+    size_t bufsize = BUFSIZ;
+
+    buffer = mh_xmalloc(bufsize);
 
     va_start(ap, fmt);
-    vsnprintf (buffer, sizeof(buffer), fmt, ap);
+    result = vsnprintf (buffer, bufsize, fmt, ap);
     va_end(ap);
 
+    if (result > (int) bufsize) {
+       buffer = mh_xrealloc(buffer, bufsize = result + 1);
+       va_start(ap, fmt);
+       vsnprintf (buffer, bufsize, fmt, ap);
+       va_end(ap);
+    }
+
     if (sm_debug) {
        if (sasl_ssf)
                printf("(sasl-encrypted) ");
@@ -1132,6 +1183,8 @@ smtalk (int time, char *fmt, ...)
        result = smhear ();
     alarm (0);
 
+    free(buffer);
+
     return result;
 }
 
@@ -1170,7 +1223,7 @@ sm_wstream (char *buffer, int len)
        return (ferror (sm_wfp) ? sm_werror () : OK);
     }
 
-    for (bp = buffer; len > 0; bp++, len--) {
+    for (bp = buffer; bp && len > 0; bp++, len--) {
        switch (*bp) {
            case '\n': 
                sm_nl = TRUE;
@@ -1219,7 +1272,9 @@ sm_fwrite(char *buffer, int len)
            }
        } else
 #endif /* TLS_SUPPORT */
-       fwrite(buffer, sizeof(*buffer), len, sm_wfp);
+       if ((int) fwrite(buffer, sizeof(*buffer), len, sm_wfp) < len) {
+           advise ("sm_fwrite", "fwrite");
+       }
 #ifdef CYRUS_SASL
     } else {
        while (len >= maxoutbuf - sasl_outbuflen) {
@@ -1235,7 +1290,10 @@ sm_fwrite(char *buffer, int len)
                return NOTOK;
            }
 
-           fwrite(output, sizeof(*output), outputlen, sm_wfp);
+           if (fwrite(output, sizeof(*output), outputlen, sm_wfp) <
+               outputlen) {
+               advise ("sm_fwrite", "fwrite");
+           }
        }
 
        if (len > 0) {
@@ -1382,7 +1440,9 @@ sm_fflush(void)
            return;
        }
 
-       fwrite(output, sizeof(*output), outputlen, sm_wfp);
+       if (fwrite(output, sizeof(*output), outputlen, sm_wfp) < outputlen) {
+           advise ("sm_fflush", "fwrite");
+       }
        sasl_outbuflen = 0;
     }
 #endif /* CYRUS_SASL */
@@ -1414,7 +1474,7 @@ smhear (void)
     int i, code, cont, bc = 0, rc, more;
     unsigned char *bp;
     char *rp;
-    char **ehlo = NULL, buffer[BUFSIZ];
+    char **ehlo = EHLOkeys, buffer[BUFSIZ];
 
     if (doingEHLO) {
        static int at_least_once = 0;