nmh-workers
[Top] [All Lists]

first commit from me.

2002-07-02 10:00:11
-----BEGIN PGP SIGNED MESSAGE-----


  I have just switched to a new hard disk on my notebook, and I'm now dual
booting NetBSD and Debian (X/BSD/)GNU/Linux. So, I had to rebuild nmh with
the patches that I've used for 5 years - I change pop_init() to popen()
SSH to get a connection to a custom POP server that runs as me on my
mail server.
  It is enabled with --enable-sshpop.

  Do we have a notion if we are using autoconf2.13, or autoconf2.5?
  
  The server side is actually spopd, but nmh no longer distributes that
piece, so I'm not clear where to put the server stuff. Basically, I run POP
protocol over SSH so that I get single-sign on and privacy.

  The substantive patch is attached below. Any objections?

Index: popsbr.c
===================================================================
RCS file: /cvsroot/nmh/nmh/uip/popsbr.c,v
retrieving revision 1.7
diff -u -r1.7 popsbr.c
- --- popsbr.c    7 Jul 2000 03:48:05 -0000       1.7
+++ popsbr.c    2 Jul 2002 16:48:54 -0000
@@ -30,6 +30,8 @@
 #include <signal.h>
 #include <errno.h>
 
+#include <sys/socket.h>
+
 #define        TRM     "."
 #define        TRMLEN  (sizeof TRM - 1)
 
@@ -465,7 +467,7 @@
 
 int
 pop_init (char *host, char *user, char *pass, int snoop, int rpop, int kpop,
- -         int sasl, char *mech)
+         int sshpop, int sasl, char *mech)
 {
     int fd1, fd2;
     char buffer[BUFSIZ];
@@ -477,6 +479,78 @@
        rpop = 0;
 #endif
 
+#ifdef SSHPOP
+    if(sshpop)
+      {
+       int pid;
+       int inpipe[2];     /* for reading from the server */
+       int outpipe[2];    /* for sending to the server */
+
+       /* for ssh pop, we run ssh to the server and run spopd on the other end 
*/
+
+       /* first give up any root priveledges we may have for rpop */
+       setuid(getuid());
+
+       pipe(inpipe);
+       pipe(outpipe);
+
+       pid=fork();
+       if(pid==0)
+         {
+           char *argv[10];
+           char *path;
+           
+           /* in child */
+           close(0);  
+           close(1);
+           dup2(outpipe[0],0);  /* connect read end of connection to server to 
ssh */
+           dup2(inpipe[1], 1);  /* connect write end of connection from server 
to ssh */
+           if(inpipe[0]>1) close(inpipe[0]);
+           if(inpipe[1]>1) close(inpipe[1]);
+           if(outpipe[0]>1) close(outpipe[0]);
+           if(outpipe[1]>1) close(outpipe[1]);
+
+           /* now start up ssh to server */
+           /* we don't use system to avoid DNS name hacking */
+           /* we do let ssh be found on the path, but let $POP_SSH be used to 
overide */
+           
+           if((path=getenv("POP_SSH"))==NULL)
+             path="ssh";
+           
+           argv[0]="ssh";
+           argv[1]=host;
+           argv[2]="-a";  /* can't think of a reason why agent should be 
forwarded */
+           argv[3]="-x";  /* or why X windows should be forwarded */
+
+           /* we also let the remote command be overridden */
+           if((argv[4]=getenv("SPOPD_SSH"))==NULL)
+             argv[4]="spopd";
+
+           argv[5]="-stdin";
+           argv[6]=NULL;
+
+           /* become ssh */
+           execvp(path,argv);
+
+           perror(path);
+           close(0);
+           close(1);
+           exit(10);
+         }
+
+       /* okay in the parent we do some stuff */
+       close(inpipe[1]);  /* child uses this */
+       close(outpipe[0]); /* child uses this */
+
+       /* we read on fd1 */
+       fd1=inpipe[0];
+
+       /* and write on fd2 */
+       fd2=outpipe[1];
+      }
+    else
+      {
+#endif /* SSHPOP */
 #ifndef NNTP
 # ifdef KPOP
     if ( kpop ) {
@@ -509,6 +583,10 @@
        close (fd1);
        return NOTOK;
     }
+#ifdef SSHPOP
+      } /* for else clause above */
+#endif /* SSHPOP */
+    
 #ifndef NNTP
     if (pop_set (fd1, fd2, snoop) == NOTOK)
 #else  /* NNTP */


  
-----BEGIN PGP SIGNATURE-----
Version: 2.6.3ia
Charset: latin1
Comment: Finger me for keys

iQCVAwUBPSHZ+YqHRg3pndX9AQFmzQP/QRCu9C+WMwMNxmiGYMs/YEReYaPTnlpE
dZ18VFHjhHO+3aogJlaumh2bqIOgKdI1bt8sZnmPl6D4Ip9r5VCJNepvvVWz53rH
8iRhcrjLMmBXGxF9gpkAyuvq+M/zGFuLYnAH0XWNJmxhMlm4k0kUZinb0KzIrbDx
O1DM6/ahKBw=
=b4dS
-----END PGP SIGNATURE-----


<Prev in Thread] Current Thread [Next in Thread>