Fix the following from the PR:

First, teapop fails to authentificate user if he logs in without specifying his domain (pop_auth calls pop_string_find and tests its result against being NULL, while NULL is returned only upon malloc() failures. On empty domain logins pop_string_find returns empty string). This makes APOP login method to always fail as teapop erroneously interprets command APOP avn d41d8cd98f00b204e9800998ecf8427e as an attempt of login for user avn@d41d8cd98f00b204e9800998ecf8427e without supplying MD5 hash value. Instead, return value should be tested against being empty string, while positive test for NULL should cause pop3 server error message to be printed. Second, if configured with WITHOUT_APOP arguments to 'make install', teapop incorrectly handles QUIT command while in authentification state. It's because a part of switch statement became commented out and there will be no branch for return value from pop_wait_for_commands with command "QUIT" (it will return 3, not 4 when configured without APOP). PR: 26181 Submitted by: Alexey V. Neyman <avn@any.ru>
author: Jim Mock <jim@FreeBSD.org> 2001-03-28 20:51:19 +0000
committer: Jim Mock <jim@FreeBSD.org> 2001-03-28 20:51:19 +0000
commit: 1096d5b2bd44332ce814c60c18e31c7e0d97869d (patch)
tree: 1f5e72ed1082356426f0677040979e09d4343856 /mail
parent: Update to version 1.3 (diff)
2 files changed, 60 insertions, 0 deletions
diff --git a/mail/teapop-devel/files/patch-ab b/mail/teapop-devel/files/patch-ab
new file mode 100644
index 000000000000..aad97bbbecfe
--- /dev/null
+++ b/mail/teapop-devel/files/patch-ab
@@ -0,0 +1,30 @@
+--- teapop/pop_auth.c.orig	Mon Nov 13 02:03:11 2000
++++ teapop/pop_auth.c	Wed Mar 28 23:58:33 2001
+@@ -111,7 +111,11 @@
+ #endif /* ALLOW_APOP */
+ 				pop_cmd_capa(NULL, pinfo);
+ 				continue;
++#ifdef ALLOW_APOP
+ 			case 4:
++#else
++			case 3:
++#endif /* ALLOW_APOP */
+ 				return 1;
+ 			}
+ 			/* If we get this far we have a good USER or APOP */
+@@ -158,7 +162,14 @@
+ 
+ #ifdef VPOP
+ 		ptr = pop_string_find(pinfo->userid, DIVIDERS);
+-		if (ptr != NULL) {
++		if (ptr == NULL) {
++			syslog(LOG_ERR, "pop_auth: malloc failure");
++			pop_socket_send(pinfo->out, "%s %s", POP_ERR,
++				POP_WRONG);
++			exit(0);
++		}
++		if (*ptr != '\0') {
++			/* domain delimiters found */
+ 			strcpy(pinfo->domain, ptr+1);
+ 			*ptr = '\0';
+ 		} else
diff --git a/mail/teapop/files/patch-ab b/mail/teapop/files/patch-ab
new file mode 100644
index 000000000000..aad97bbbecfe
--- /dev/null
+++ b/mail/teapop/files/patch-ab
@@ -0,0 +1,30 @@
+--- teapop/pop_auth.c.orig	Mon Nov 13 02:03:11 2000
++++ teapop/pop_auth.c	Wed Mar 28 23:58:33 2001
+@@ -111,7 +111,11 @@
+ #endif /* ALLOW_APOP */
+ 				pop_cmd_capa(NULL, pinfo);
+ 				continue;
++#ifdef ALLOW_APOP
+ 			case 4:
++#else
++			case 3:
++#endif /* ALLOW_APOP */
+ 				return 1;
+ 			}
+ 			/* If we get this far we have a good USER or APOP */
+@@ -158,7 +162,14 @@
+ 
+ #ifdef VPOP
+ 		ptr = pop_string_find(pinfo->userid, DIVIDERS);
+-		if (ptr != NULL) {
++		if (ptr == NULL) {
++			syslog(LOG_ERR, "pop_auth: malloc failure");
++			pop_socket_send(pinfo->out, "%s %s", POP_ERR,
++				POP_WRONG);
++			exit(0);
++		}
++		if (*ptr != '\0') {
++			/* domain delimiters found */
+ 			strcpy(pinfo->domain, ptr+1);
+ 			*ptr = '\0';
+ 		} else
author	Jim Mock <jim@FreeBSD.org>	2001-03-28 20:51:19 +0000
committer	Jim Mock <jim@FreeBSD.org>	2001-03-28 20:51:19 +0000
commit	1096d5b2bd44332ce814c60c18e31c7e0d97869d (patch)
tree	1f5e72ed1082356426f0677040979e09d4343856 /mail
parent	Update to version 1.3 (diff)