X-Git-Url: https://diplodocus.org/git/nmh/blobdiff_plain/8e79ce1919d9cf54f101a812e0fd70a33286b9f3..ca5ae3e652ed0fb43efaabd697162fd1c28d09ba:/uip/popsbr.c

diff --git a/uip/popsbr.c b/uip/popsbr.c
old mode 100755
new mode 100644
index fb66a93b..479fdb1f
--- a/uip/popsbr.c
+++ b/uip/popsbr.c
@@ -23,8 +23,6 @@
 
 #include <h/popsbr.h>
 #include <h/signals.h>
-#include <signal.h>
-#include <errno.h>
 
 #define	TRM	"."
 #define	TRMLEN	(sizeof TRM - 1)
@@ -46,6 +44,7 @@ static int sasl_get_user(void *, int, const char **, unsigned *);
 static int sasl_get_pass(sasl_conn_t *, void *, int, sasl_secret_t **);
 struct pass_context {
     char *user;
+    char *password;
     char *host;
 };
 
@@ -90,12 +89,20 @@ static int putline (char *, FILE *);
  * layer.
  */
 
+#define CHECKB64SIZE(insize, outbuf, outsize) \
+    { size_t wantout = (((insize + 2) / 3) * 4) + 32; \
+      if (wantout > outsize) { \
+          outbuf = mh_xrealloc(outbuf, outsize = wantout); \
+      } \
+    }
+
 int
 pop_auth_sasl(char *user, char *host, char *mech)
 {
     int result, status, sasl_capability = 0;
     unsigned int buflen, outlen;
-    char server_mechs[256], *buf, outbuf[BUFSIZ];
+    char server_mechs[256], *buf, *outbuf = NULL;
+    size_t outbufsize = 0;
     const char *chosen_mech;
     sasl_security_properties_t secprops;
     struct pass_context p_context;
@@ -210,10 +217,13 @@ pop_auth_sasl(char *user, char *host, char *mech)
     }
 
     if (buflen) {
-	status = sasl_encode64(buf, buflen, outbuf, sizeof(outbuf), NULL);
+	CHECKB64SIZE(buflen, outbuf, outbufsize);
+	status = sasl_encode64(buf, buflen, outbuf, outbufsize, NULL);
 	if (status != SASL_OK) {
 	    snprintf(response, sizeof(response), "SASL base64 encode "
 		     "failed: %s", sasl_errstring(status, NULL, NULL));
+	    if (outbuf)
+		free(outbuf);
 	    return NOTOK;
 	}
 
@@ -222,8 +232,13 @@ pop_auth_sasl(char *user, char *host, char *mech)
 	status = command("AUTH %s", chosen_mech);
 
     while (result == SASL_CONTINUE) {
-	if (status == NOTOK)
+	size_t inlen;
+
+	if (status == NOTOK) {
+	    if (outbuf)
+		free(outbuf);
 	    return NOTOK;
+	}
 	
 	/*
 	 * If we get a "+OK" prefix to our response, then we should
@@ -242,16 +257,31 @@ pop_auth_sasl(char *user, char *host, char *mech)
 	    command("*");
 	    snprintf(response, sizeof(response),
 		     "Malformed authentication message from server");
+	    if (outbuf)
+		free(outbuf);
 	    return NOTOK;
 	}
 
+	/*
+	 * For decode, it will always be shorter, so just make sure
+	 * that outbuf is as at least as big as the encoded response.
+	 */
+
+	inlen = strlen(response + 2);
+
+	if (inlen > outbufsize) {
+	    outbuf = mh_xrealloc(outbuf, outbufsize = inlen);
+	}
+
 	result = sasl_decode64(response + 2, strlen(response + 2),
-			       outbuf, sizeof(outbuf), &outlen);
+			       outbuf, outbufsize, &outlen);
 	
 	if (result != SASL_OK) {
 	    command("*");
 	    snprintf(response, sizeof(response), "SASL base64 decode "
 		     "failed: %s", sasl_errstring(result, NULL, NULL));
+	    if (outbuf)
+		free(outbuf);
 	    return NOTOK;
 	}
 
@@ -262,21 +292,30 @@ pop_auth_sasl(char *user, char *host, char *mech)
 	    command("*");
 	    snprintf(response, sizeof(response), "SASL client negotiaton "
 		     "failed: %s", sasl_errdetail(conn));
+	    if (outbuf)
+		free(outbuf);
 	    return NOTOK;
 	}
 
-	status = sasl_encode64(buf, buflen, outbuf, sizeof(outbuf), NULL);
+	CHECKB64SIZE(buflen, outbuf, outbufsize);
+
+	status = sasl_encode64(buf, buflen, outbuf, outbufsize, NULL);
 
 	if (status != SASL_OK) {
 	    command("*");
 	    snprintf(response, sizeof(response), "SASL base64 encode "
 		     "failed: %s", sasl_errstring(status, NULL, NULL));
+	    if (outbuf)
+		free(outbuf);
 	    return NOTOK;
 	}
 
 	status = command(outbuf);
     }
 
+    if (outbuf)
+	free(outbuf);
+
     /*
      * If we didn't get a positive final response, then error out
      * (that probably means we failed an authorization check).
@@ -351,7 +390,7 @@ static int
 sasl_get_pass(sasl_conn_t *conn, void *context, int id, sasl_secret_t **psecret)
 {
     struct pass_context *p_context = (struct pass_context *) context;
-    char *pass = NULL;
+    struct nmh_creds creds = { 0, 0, 0 };
     int len;
 
     NMH_UNUSED (conn);
@@ -359,14 +398,25 @@ sasl_get_pass(sasl_conn_t *conn, void *context, int id, sasl_secret_t **psecret)
     if (! psecret || id != SASL_CB_PASS)
 	return SASL_BADPARAM;
 
-    ruserpass(p_context->user, &(p_context->host), &pass);
+    if (creds.password == NULL) {
+        /*
+         * Pass the 0 third argument to nmh_get_credentials() so
+         * that the default password isn't used.  With legacy/.netrc
+         * credentials support, we'll only get here if the -user
+         * switch to send(1)/post(8) wasn't used.
+         */
+        if (nmh_get_credentials (p_context->host, p_context->user, 0, &creds)
+            != OK) {
+            return SASL_BADPARAM;
+        }
+    }
 
-    len = strlen(pass);
+    len = strlen (creds.password);
 
     *psecret = (sasl_secret_t *) mh_xmalloc(sizeof(sasl_secret_t) + len);
 
     (*psecret)->len = len;
-    strcpy((char *) (*psecret)->data, pass);
+    strcpy((char *) (*psecret)->data, creds.password);
 
     return SASL_OK;
 }
@@ -437,9 +487,6 @@ pop_init (char *host, char *port, char *user, char *pass, char *proxy,
        int inpipe[2];	  /* for reading from the server */
        int outpipe[2];    /* for sending to the server */
 
-       /* first give up any root priviledges we may have for rpop */
-       setuid(getuid());
-
        pipe(inpipe);
        pipe(outpipe);
 
@@ -746,9 +793,10 @@ command(const char *fmt, ...)
 static int
 vcommand (const char *fmt, va_list ap)
 {
-    char *cp, buffer[BUFSIZ];
+    char *cp, buffer[65536];
 
     vsnprintf (buffer, sizeof(buffer), fmt, ap);
+
     if (poprint) {
 #ifdef CYRUS_SASL
 	if (sasl_ssf)