X-Git-Url: https://diplodocus.org/git/nmh/blobdiff_plain/c4d932d08940f689b39b654a714f9ef3657690a9..e6917522:/uip/popsbr.c?ds=sidebyside

diff --git a/uip/popsbr.c b/uip/popsbr.c
index c566264d..2eb823cf 100644
--- a/uip/popsbr.c
+++ b/uip/popsbr.c
@@ -12,12 +12,17 @@
 #ifdef CYRUS_SASL
 # include <sasl/sasl.h>
 # include <sasl/saslutil.h>
+# if SASL_VERSION_FULL < 0x020125
+    /* Cyrus SASL 2.1.25 introduced the sasl_callback_ft prototype,
+       which has an explicit void parameter list, according to best
+       practice.  So we need to cast to avoid compile warnings.
+       Provide this prototype for earlier versions. */
+    typedef int (*sasl_callback_ft)();
+# endif /* SASL_VERSION_FULL < 0x020125 */
 #endif /* CYRUS_SASL */
 
 #include <h/popsbr.h>
 #include <h/signals.h>
-#include <signal.h>
-#include <errno.h>
 
 #define	TRM	"."
 #define	TRMLEN	(sizeof TRM - 1)
@@ -39,13 +44,14 @@ static int sasl_get_user(void *, int, const char **, unsigned *);
 static int sasl_get_pass(sasl_conn_t *, void *, int, sasl_secret_t **);
 struct pass_context {
     char *user;
+    char *password;
     char *host;
 };
 
 static sasl_callback_t callbacks[] = {
-    { SASL_CB_USER, sasl_get_user, NULL },
+    { SASL_CB_USER, (sasl_callback_ft) sasl_get_user, NULL },
 #define POP_SASL_CB_N_USER 0
-    { SASL_CB_PASS, sasl_get_pass, NULL },
+    { SASL_CB_PASS, (sasl_callback_ft) sasl_get_pass, NULL },
 #define POP_SASL_CB_N_PASS 1
     { SASL_CB_LOG, NULL, NULL },
     { SASL_CB_LIST_END, NULL, NULL },
@@ -344,7 +350,7 @@ static int
 sasl_get_pass(sasl_conn_t *conn, void *context, int id, sasl_secret_t **psecret)
 {
     struct pass_context *p_context = (struct pass_context *) context;
-    char *pass = NULL;
+    struct nmh_creds creds = { 0, 0, 0 };
     int len;
 
     NMH_UNUSED (conn);
@@ -352,14 +358,25 @@ sasl_get_pass(sasl_conn_t *conn, void *context, int id, sasl_secret_t **psecret)
     if (! psecret || id != SASL_CB_PASS)
 	return SASL_BADPARAM;
 
-    ruserpass(p_context->user, &(p_context->host), &pass);
+    if (creds.password == NULL) {
+        /*
+         * Pass the 0 third argument to nmh_get_credentials() so
+         * that the default password isn't used.  With legacy/.netrc
+         * credentials support, we'll only get here if the -user
+         * switch to send(1)/post(8) wasn't used.
+         */
+        if (nmh_get_credentials (p_context->host, p_context->user, 0, &creds)
+            != OK) {
+            return SASL_BADPARAM;
+        }
+    }
 
-    len = strlen(pass);
+    len = strlen (creds.password);
 
     *psecret = (sasl_secret_t *) mh_xmalloc(sizeof(sasl_secret_t) + len);
 
     (*psecret)->len = len;
-    strcpy((char *) (*psecret)->data, pass);
+    strcpy((char *) (*psecret)->data, creds.password);
 
     return SASL_OK;
 }
@@ -430,9 +447,6 @@ pop_init (char *host, char *port, char *user, char *pass, char *proxy,
        int inpipe[2];	  /* for reading from the server */
        int outpipe[2];    /* for sending to the server */
 
-       /* first give up any root priviledges we may have for rpop */
-       setuid(getuid());
-
        pipe(inpipe);
        pipe(outpipe);