Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Evergreen:11.4
cyrus-imapd.import5240
cyrus-imapd_nntp-auth-vuln.dif
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File cyrus-imapd_nntp-auth-vuln.dif of Package cyrus-imapd.import5240
Index: cyrus-imapd-2.3.16/imap/nntpd.c =================================================================== --- cyrus-imapd-2.3.16.orig/imap/nntpd.c +++ cyrus-imapd-2.3.16/imap/nntpd.c @@ -887,7 +887,7 @@ static void cmdloop(void) /* Only Authinfo/Capabilities/Check/Head/Help/Ihave/List Active/ Mode/Quit/Starttls/Stat/Takethis allowed when not logged in */ - if (!nntp_userid && !allowanonymous && + if (!nntp_authstate && !allowanonymous && !strchr("ACHILMQST", cmd.s[0])) goto nologin; switch (cmd.s[0]) { @@ -928,7 +928,7 @@ static void cmdloop(void) "501 Unrecognized AUTHINFO command\r\n"); } else if (!(nntp_capa & MODE_READ)) goto noperm; - else if (!nntp_userid && !allowanonymous) goto nologin; + else if (!nntp_authstate && !allowanonymous) goto nologin; else if (!strcmp(cmd.s, "Article")) { char curgroup[MAX_MAILBOX_BUFFER], *msgid; @@ -1084,7 +1084,7 @@ static void cmdloop(void) cmd_help(); } else if (!(nntp_capa & MODE_READ)) goto noperm; - else if (!nntp_userid && !allowanonymous) goto nologin; + else if (!nntp_authstate && !allowanonymous) goto nologin; else if (!strcmp(cmd.s, "Hdr")) { char curgroup[MAX_MAILBOX_BUFFER], *msgid; @@ -1168,7 +1168,7 @@ static void cmdloop(void) cmd_list(arg1.len ? arg1.s : NULL, arg2.len ? arg2.s : NULL); } else if (!(nntp_capa & MODE_READ)) goto noperm; - else if (!nntp_userid && !allowanonymous) goto nologin; + else if (!nntp_authstate && !allowanonymous) goto nologin; else if (!strcmp(cmd.s, "Last")) { if (c == '\r') c = prot_getc(nntp_in); if (c != '\n') goto extraargs; @@ -1445,7 +1445,7 @@ static void cmdloop(void) mode = ARTICLE_STAT; goto article; } - else if (!nntp_userid && !allowanonymous) goto nologin; + else if (!nntp_authstate && !allowanonymous) goto nologin; else if (!strcmp(cmd.s, "Slave")) { if (c == '\r') c = prot_getc(nntp_in); if (c != '\n') goto extraargs; @@ -1813,7 +1813,7 @@ static int open_group(char *name, int ha if (newserver) { /* remote group */ backend_next = proxy_findserver(newserver, &nntp_protocol, - nntp_userid ? nntp_userid : "anonymous", + nntp_authstate ? nntp_userid : "anonymous", &backend_cached, &backend_current, NULL, nntp_in); if (!backend_next) return IMAP_SERVER_UNAVAILABLE; @@ -1881,7 +1881,7 @@ static void cmd_capabilities(char *keywo if (mechcount) prot_printf(nntp_out, "%s", mechlist); /* add the reader capabilities/extensions */ - if ((nntp_capa & MODE_READ) && (nntp_userid || allowanonymous)) { + if ((nntp_capa & MODE_READ) && (nntp_authstate || allowanonymous)) { prot_printf(nntp_out, "READER\r\n"); prot_printf(nntp_out, "POST\r\n"); if (config_getswitch(IMAPOPT_ALLOWNEWNEWS)) @@ -1899,7 +1899,7 @@ static void cmd_capabilities(char *keywo /* add the LIST variants */ prot_printf(nntp_out, "LIST ACTIVE%s\r\n", - ((nntp_capa & MODE_READ) && (nntp_userid || allowanonymous)) ? + ((nntp_capa & MODE_READ) && (nntp_authstate || allowanonymous)) ? " HEADERS NEWSGROUPS OVERVIEW.FMT" : ""); prot_printf(nntp_out, ".\r\n"); @@ -2333,7 +2333,7 @@ static void cmd_help(void) { prot_printf(nntp_out, "100 Supported commands:\r\n"); - if ((nntp_capa & MODE_READ) && (nntp_userid || allowanonymous)) { + if ((nntp_capa & MODE_READ) && (nntp_authstate || allowanonymous)) { prot_printf(nntp_out, "\tARTICLE [ message-id | number ]\r\n" "\t\tRetrieve entirety of the specified article.\r\n"); } @@ -2348,7 +2348,7 @@ static void cmd_help(void) prot_printf(nntp_out, "\tAUTHINFO PASS password\r\n" "\t\tPresent clear-text password for authentication.\r\n"); } - if ((nntp_capa & MODE_READ) && (nntp_userid || allowanonymous)) { + if ((nntp_capa & MODE_READ) && (nntp_authstate || allowanonymous)) { prot_printf(nntp_out, "\tBODY [ message-id | number ]\r\n" "\t\tRetrieve body of the specified article.\r\n"); } @@ -2358,7 +2358,7 @@ static void cmd_help(void) prot_printf(nntp_out, "\tCHECK message-id\r\n" "\t\tCheck if the server wants the specified article.\r\n"); } - if ((nntp_capa & MODE_READ) && (nntp_userid || allowanonymous)) { + if ((nntp_capa & MODE_READ) && (nntp_authstate || allowanonymous)) { prot_printf(nntp_out, "\tDATE\r\n" "\t\tRequest the current server UTC date and time.\r\n"); prot_printf(nntp_out, "\tGROUP group\r\n" @@ -2375,13 +2375,13 @@ static void cmd_help(void) prot_printf(nntp_out, "\tIHAVE message-id\r\n" "\t\tPresent/transfer the specified article to the server.\r\n"); } - if ((nntp_capa & MODE_READ) && (nntp_userid || allowanonymous)) { + if ((nntp_capa & MODE_READ) && (nntp_authstate || allowanonymous)) { prot_printf(nntp_out, "\tLAST\r\n" "\t\tSelect the previous article.\r\n"); } prot_printf(nntp_out, "\tLIST [ ACTIVE wildmat ]\r\n" "\t\tList the (subset of) valid newsgroups.\r\n"); - if ((nntp_capa & MODE_READ) && (nntp_userid || allowanonymous)) { + if ((nntp_capa & MODE_READ) && (nntp_authstate || allowanonymous)) { prot_printf(nntp_out, "\tLIST HEADERS [ MSGID | RANGE ]\r\n" "\t\tList the headers and metadata items available via HDR.\r\n"); prot_printf(nntp_out, "\tLIST NEWSGROUPS [wildmat]\r\n" @@ -2414,7 +2414,7 @@ static void cmd_help(void) prot_printf(nntp_out, "\tTAKETHIS message-id\r\n" "\t\tTransfer the specified article to the server.\r\n"); } - if ((nntp_capa & MODE_READ) && (nntp_userid || allowanonymous)) { + if ((nntp_capa & MODE_READ) && (nntp_authstate || allowanonymous)) { prot_printf(nntp_out, "\tXPAT header message-id|range wildmat\r\n" "\t\tList the specified article(s) in which the contents\r\n" "\t\tof the specified header/metadata matches the wildmat.\r\n"); @@ -2484,7 +2484,7 @@ void list_proxy(char *server, void *data char *result; be = proxy_findserver(server, &nntp_protocol, - nntp_userid ? nntp_userid : "anonymous", + nntp_authstate ? nntp_userid : "anonymous", &backend_cached, &backend_current, NULL, nntp_in); if (!be) return; @@ -2621,7 +2621,8 @@ static void cmd_list(char *arg1, char *a strcpy(pattern, newsprefix); strcat(pattern, "*"); list_cb(NULL, 0, 0, NULL); - mboxlist_findall(NULL, pattern, 0, nntp_userid, nntp_authstate, + mboxlist_findall(NULL, pattern, 0, + nntp_authstate ? nntp_userid : NULL, nntp_authstate, list_cb, &lrock); /* proxy to the backends */ @@ -2645,7 +2646,7 @@ static void cmd_list(char *arg1, char *a prot_printf(nntp_out, "502 Permission denied\r\n"); return; } - else if (!nntp_userid && !allowanonymous) { + else if (!nntp_authstate && !allowanonymous) { prot_printf(nntp_out, "480 Authentication required\r\n"); return; } @@ -2682,7 +2683,8 @@ static void cmd_list(char *arg1, char *a strcpy(pattern, newsprefix); strcat(pattern, "*"); list_cb(NULL, 0, 0, NULL); - mboxlist_findall(NULL, pattern, 0, nntp_userid, nntp_authstate, + mboxlist_findall(NULL, pattern, 0, + nntp_authstate ? nntp_userid : NULL, nntp_authstate, list_cb, &lrock); /* proxy to the backends */ @@ -3245,7 +3247,7 @@ static int deliver_remote(message_data_t char buf[4096]; be = proxy_findserver(d->server, &nntp_protocol, - nntp_userid ? nntp_userid : "anonymous", + nntp_authstate ? nntp_userid : "anonymous", &backend_cached, &backend_current, NULL, nntp_in); if (!be) return IMAP_SERVER_UNAVAILABLE; @@ -3323,7 +3325,8 @@ static int deliver(message_data_t *msg) } r = append_setup(&as, rcpt, MAILBOX_FORMAT_NORMAL, - nntp_userid, nntp_authstate, ACL_POST, 0); + nntp_authstate ? nntp_userid : NULL, + nntp_authstate, ACL_POST, 0); if (!r) { prot_rewind(msg->data);
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor