From f0895fa4d501a4aded934b66e9e16b23b78387fb Mon Sep 17 00:00:00 2001 From: "Steffen \"Daode\" Nurpmeso" Date: Wed, 26 Sep 2012 11:16:57 +0200 Subject: [PATCH] Support optional WANT_MD5 configuration --- aux.c | 15 +++++++++++++++ catd/en_US | 1 + extern.h | 2 ++ hmac.c | 6 ++++++ imap.c | 19 +++++++++++++++---- makeconfig | 19 +++++++++++++++++++ md5.c | 7 ++++++- md5.h | 4 ++++ pop3.c | 31 ++++++++++++++++++++++--------- sendout.c | 1 - smtp.c | 16 +++++++++++++--- user.conf | 8 ++++++++ 12 files changed, 111 insertions(+), 18 deletions(-) diff --git a/aux.c b/aux.c index 3186898e..b9e27650 100644 --- a/aux.c +++ b/aux.c @@ -762,6 +762,7 @@ strdec(const char *cp) return n; } +#ifdef USE_MD5 char * md5tohex(const void *vp) { @@ -802,6 +803,7 @@ cram_md5_string(const char *user, const char *pass, const char *b64) free(cp); return rp; } +#endif /* USE_MD5 */ char * getuser(void) @@ -899,7 +901,11 @@ getrandstring(size_t length) char *data; char *cp, *rp; size_t i; +#ifdef USE_MD5 MD5_CTX ctx; +#else + size_t j; +#endif data = salloc(length); if ((fd = open("/dev/urandom", O_RDONLY)) < 0 || @@ -908,9 +914,18 @@ getrandstring(size_t length) pid = getpid(); srand(pid); cp = nodename(0); +#ifdef USE_MD5 MD5Init(&ctx); MD5Update(&ctx, (unsigned char *)cp, strlen(cp)); MD5Final(nodedigest, &ctx); +#else + /* In that case it's only used for boundaries and + * Message-Id:s so that srand(3) should suffice */ + j = strlen(cp) + 1; + for (i = 0; i < sizeof(nodedigest); ++i) + nodedigest[i] = (unsigned char)( + cp[i % j] ^ rand()); +#endif } for (i = 0; i < length; i++) data[i] = (char) diff --git a/catd/en_US b/catd/en_US index c1f2fc81..748a238d 100644 --- a/catd/en_US +++ b/catd/en_US @@ -322,3 +322,4 @@ The following ~ escapes are defined:\n\ 274 Unknown SMTP authentication method: %s\n 275 User and password are necessary for SMTP authentication.\n 276 Could not determine timestamp from server greeting. Can't use APOP.\n +277 No CRAM-MD5 support compiled in.\n diff --git a/extern.h b/extern.h index 0d8a16e4..ea3dfc61 100644 --- a/extern.h +++ b/extern.h @@ -71,8 +71,10 @@ unsigned pjw(const char *cp); long nextprime(long n); char *strenc(const char *cp); char *strdec(const char *cp); +#ifdef USE_MD5 char *md5tohex(const void *vp); char *cram_md5_string(const char *user, const char *pass, const char *b64); +#endif char *getuser(void); char *getpassword(struct termios *otio, int *reset_tio, const char *query); void transflags(struct message *omessage, long omsgCount, int transparent); diff --git a/hmac.c b/hmac.c index 3c13a4ba..1b74d0ec 100644 --- a/hmac.c +++ b/hmac.c @@ -2,6 +2,7 @@ * Heirloom mailx - a mail user agent derived from Berkeley Mail. * * Copyright (c) 2000-2004 Gunnar Ritter, Freiburg i. Br., Germany. + * Copyright (c) 2012 Steffen "Daode" Nurpmeso. */ /* * Derived from: @@ -35,6 +36,10 @@ Appendix -- Sample Code #include "rcv.h" #include "md5.h" +#ifndef USE_MD5 +typedef int avoid_empty_file_compiler_warning; +#else + /* ** Function: hmac_md5 */ @@ -111,3 +116,4 @@ hmac_md5 ( * hash */ MD5Final(digest, &context); /* finish up 2nd pass */ } +#endif /* USE_MD5 */ diff --git a/imap.c b/imap.c index 830e8f44..ec5b3f92 100644 --- a/imap.c +++ b/imap.c @@ -58,8 +58,9 @@ static char sccsid[] = "@(#)imap.c 1.222 (gritter) 3/13/09"; #include #ifdef USE_IMAP - -#include "md5.h" +# ifdef USE_MD5 +# include "md5.h" +# endif #include #include @@ -199,8 +200,10 @@ static enum okay imap_preauth(struct mailbox *mp, const char *xserver, static enum okay imap_capability(struct mailbox *mp); static enum okay imap_auth(struct mailbox *mp, const char *uhp, char *xuser, const char *pass); +#ifdef USE_MD5 static enum okay imap_cram_md5(struct mailbox *mp, - char *xuser, const char *xpass); + char *xuser, const char *xpass); +#endif static enum okay imap_login(struct mailbox *mp, char *xuser, const char *xpass); #ifdef USE_GSSAPI static enum okay imap_gss(struct mailbox *mp, char *user); @@ -842,8 +845,14 @@ imap_auth(struct mailbox *mp, const char *uhp, char *xuser, const char *pass) } if (auth == NULL || strcmp(auth, "login") == 0) return imap_login(mp, xuser, pass); - if (strcmp(auth, "cram-md5") == 0) + if (strcmp(auth, "cram-md5") == 0) { +#ifdef USE_MD5 return imap_cram_md5(mp, xuser, pass); +#else + fprintf(stderr, tr(277, "No CRAM-MD5 support compiled in.\n")); + return (STOP); +#endif + } if (strcmp(auth, "gssapi") == 0) { #ifdef USE_GSSAPI return imap_gss(mp, xuser); @@ -860,6 +869,7 @@ imap_auth(struct mailbox *mp, const char *uhp, char *xuser, const char *pass) /* * Implementation of RFC 2194. */ +#ifdef USE_MD5 static enum okay imap_cram_md5(struct mailbox *mp, char *xuser, const char *xpass) { @@ -894,6 +904,7 @@ retry: if (xuser == NULL) { } return ok; } +#endif /* USE_MD5 */ static enum okay imap_login(struct mailbox *mp, char *xuser, const char *xpass) diff --git a/makeconfig b/makeconfig index 63b3508f..a36738f6 100644 --- a/makeconfig +++ b/makeconfig @@ -43,6 +43,13 @@ fi if ! wantfeat IMAP; then WANT_GSSAPI=0 fi +# If we don't need MD5 except for producing boundary and message-id strings, +# leave it off, plain old srand(3) should be enough for that purpose. +if ! wantfeat SOCKET && ! wantfeat JUNK; then + WANT_MD5=0 +elif wantfeat JUNK; then + WANT_MD5=1 +fi tmp=___build$$ tmp2=___tmp1$$ @@ -556,6 +563,12 @@ else echo "/* #define USE_JUNK */" >> $out fi +if wantfeat MD5; then + echo "#define USE_MD5" >> $out +else + echo "/* #define USE_MD5 */" >> $out +fi + cat >$tmp2.c <<\! #include "config.h" #ifdef HAVE_NL_LANGINFO @@ -599,6 +612,9 @@ cat >$tmp2.c <<\! #ifdef USE_JUNK : + Gunnar Ritter's junk-mail management #endif +#ifdef USE_MD5 +: + The MD5 message digest +#endif : :The following optional features are disabled: #ifndef HAVE_SETLOCALE @@ -636,6 +652,9 @@ cat >$tmp2.c <<\! #ifndef USE_JUNK : - Gunnar Ritter's junk-mail management #endif +#ifndef USE_MD5 +: - The MD5 message digest +#endif : :Remarks: #ifndef HAVE_SNPRINTF diff --git a/md5.c b/md5.c index e953a9eb..fb54d27a 100644 --- a/md5.c +++ b/md5.c @@ -35,7 +35,11 @@ documentation and/or software. /* Sccsid @(#)md5.c 1.8 (gritter) 3/4/06 */ #include "rcv.h" -#include "md5.h" + +#ifndef USE_MD5 +typedef int avoid_empty_file_compiler_warning; +#else +# include "md5.h" #define UINT4B_MAX 0xFFFFFFFFul @@ -331,3 +335,4 @@ Decode(md5_type *output, unsigned char *input, unsigned int len) (md5_type)input[j+2] << 16 | (md5_type)input[j+3] << 24) & UINT4B_MAX; } +#endif /* USE_MD5 */ diff --git a/md5.h b/md5.h index 768e9ac1..0205abe4 100644 --- a/md5.h +++ b/md5.h @@ -33,6 +33,8 @@ documentation and/or software. /* Sccsid @(#)md5.h 1.8 (gritter) 3/4/06 */ +#ifdef USE_MD5 + /* * This version of MD5 has been changed such that any unsigned type with * at least 32 bits is acceptable. This is important e.g. for Cray vector @@ -51,3 +53,5 @@ void MD5Update(MD5_CTX *, unsigned char *, unsigned int); void MD5Final(unsigned char[16], MD5_CTX *); void hmac_md5(unsigned char *, int, unsigned char *, int, void *); + +#endif /* USE_MD5 */ diff --git a/pop3.c b/pop3.c index 6c3bc0ae..364fe344 100644 --- a/pop3.c +++ b/pop3.c @@ -52,7 +52,9 @@ static char sccsid[] = "@(#)pop3.c 2.43 (gritter) 3/4/06"; #include #include -#include "md5.h" +#ifdef USE_MD5 +# include "md5.h" +#endif /* * Mail -- a mail program @@ -94,13 +96,15 @@ static void maincatch(int s); static enum okay pop3_noop1(struct mailbox *mp); static void pop3alarm(int s); static enum okay pop3_pass(struct mailbox *mp, const char *pass); +#ifdef USE_MD5 static char *pop3_find_timestamp(const char *bp); static enum okay pop3_apop(struct mailbox *mp, char *xuser, const char *pass, const char *ts); static enum okay pop3_apop1(struct mailbox *mp, const char *user, const char *xp); -static int pop3_use_starttls(const char *uhp); static int pop3_use_apop(const char *uhp); +#endif +static int pop3_use_starttls(const char *uhp); static enum okay pop3_user(struct mailbox *mp, char *xuser, const char *pass, const char *uhp, const char *xserver); static enum okay pop3_stat(struct mailbox *mp, off_t *size, int *count); @@ -282,6 +286,7 @@ pop3_pass(struct mailbox *mp, const char *pass) return OKAY; } +#ifdef USE_MD5 static char * pop3_find_timestamp(const char *bp) { @@ -350,24 +355,25 @@ pop3_apop1(struct mailbox *mp, const char *user, const char *xp) } static int -pop3_use_starttls(const char *uhp) +pop3_use_apop(const char *uhp) { char *var; - if (value("pop3-use-starttls")) + if (value("pop3-use-apop")) return 1; - var = savecat("pop3-use-starttls-", uhp); + var = savecat("pop3-use-apop-", uhp); return value(var) != NULL; } +#endif /* USE_MD5 */ static int -pop3_use_apop(const char *uhp) +pop3_use_starttls(const char *uhp) { char *var; - if (value("pop3-use-apop")) + if (value("pop3-use-starttls")) return 1; - var = savecat("pop3-use-apop-", uhp); + var = savecat("pop3-use-starttls-", uhp); return value(var) != NULL; } @@ -375,9 +381,13 @@ static enum okay pop3_user(struct mailbox *mp, char *xuser, const char *pass, const char *uhp, const char *xserver) { - char o[LINESIZE], *user, *ts = NULL, *server, *cp; + char o[LINESIZE], *user, *server, *cp; +#ifdef USE_MD5 + char *ts = NULL; +#endif POP3_ANSWER() +#ifdef USE_MD5 if (pop3_use_apop(uhp)) { if ((ts = pop3_find_timestamp(pop3buf)) == NULL) { fprintf(stderr, tr(276, @@ -386,6 +396,7 @@ pop3_user(struct mailbox *mp, char *xuser, const char *pass, return STOP; } } +#endif if ((cp = strchr(xserver, ':')) != NULL) { server = salloc(cp - xserver + 1); memcpy(server, xserver, cp - xserver); @@ -405,8 +416,10 @@ pop3_user(struct mailbox *mp, char *xuser, const char *pass, return STOP; } #endif /* !USE_SSL */ +#ifdef USE_MD5 if (ts != NULL) return pop3_apop(mp, xuser, pass, ts); +#endif retry: if (xuser == NULL) { if ((user = getuser()) == NULL) return STOP; diff --git a/sendout.c b/sendout.c index 1484ca72..10d4c0d0 100644 --- a/sendout.c +++ b/sendout.c @@ -50,7 +50,6 @@ static char sccsid[] = "@(#)sendout.c 2.100 (gritter) 3/1/09"; #include #include #include -#include "md5.h" /* * Mail -- a mail program diff --git a/smtp.c b/smtp.c index eff931a2..a3dab744 100644 --- a/smtp.c +++ b/smtp.c @@ -58,7 +58,10 @@ static char sccsid[] = "@(#)smtp.c 2.43 (gritter) 8/4/07"; #include #include "extern.h" -#include "md5.h" + +#ifdef USE_MD5 +# include "md5.h" +#endif /* * Mail -- a mail program @@ -273,9 +276,14 @@ talk_smtp(struct name *to, FILE *fi, struct sock *sp, auth = AUTH_PLAIN; else if (strcmp(authstr, "login") == 0) auth = AUTH_LOGIN; - else if (strcmp(authstr, "cram-md5") == 0) + else if (strcmp(authstr, "cram-md5") == 0) { +#ifdef USE_MD5 auth = AUTH_CRAM_MD5; - else { +#else + fprintf(stderr, tr(277, "No CRAM-MD5 support compiled in.\n")); + return (1); +#endif + } else { fprintf(stderr, tr(274, "Unknown SMTP authentication method: %s\n"), authstr); return 1; @@ -341,6 +349,7 @@ talk_smtp(struct name *to, FILE *fi, struct sock *sp, SMTP_OUT(o); SMTP_ANSWER(2); break; +#ifdef USE_MD5 case AUTH_CRAM_MD5: SMTP_OUT("AUTH CRAM-MD5\r\n"); SMTP_ANSWER(3); @@ -350,6 +359,7 @@ talk_smtp(struct name *to, FILE *fi, struct sock *sp, SMTP_OUT(cp); SMTP_ANSWER(2); break; +#endif } } else { snprintf(o, sizeof o, "HELO %s\r\n", nodename(1)); diff --git a/user.conf b/user.conf index 9f5e5354..b4686fe6 100644 --- a/user.conf +++ b/user.conf @@ -24,3 +24,11 @@ WANT_SMTP=1 # Support for SecureSocketLayer (TransportLayerSecurity, TLS), i.e., # encrypted socket connections. WANT_SSL=1 + +# Several facilities use the MD5 message digest, but for some of them it is +# used for optional features (POP3: APOP authentification, IMAP: CRAM-MD5 +# authentification, SMTP: CRAM-MD5 authentification). +# If you don't need those, you may exclude MD5 from S-nail. +# Note that WANT_MD5 is automatically turned off if its exclusion will only +# affect MIME boundary strings and Message-Id: fields. +WANT_MD5=1 -- 2.11.4.GIT