"Fossies" - the Fresh Open Source Software Archive  

Source code changes of the file "src/auth.c" between
tin-2.4.4.tar.xz and tin-2.4.5.tar.xz

About: TIN is a threaded NNTP and spool based UseNet newsreader.

auth.c  (tin-2.4.4.tar.xz):auth.c  (tin-2.4.5.tar.xz)
/* /*
* Project : tin - a Usenet reader * Project : tin - a Usenet reader
* Module : auth.c * Module : auth.c
* Author : Dirk Nimmich <nimmich@muenster.de> * Author : Dirk Nimmich <nimmich@muenster.de>
* Created : 1997-04-05 * Created : 1997-04-05
* Updated : 2018-06-04 * Updated : 2018-06-04
* Notes : Routines to authenticate to a news server via NNTP. * Notes : Routines to authenticate to a news server via NNTP.
* DON'T USE get_respcode() THROUGHOUT THIS CODE. * DON'T USE get_respcode() THROUGHOUT THIS CODE.
* *
* Copyright (c) 1997-2020 Dirk Nimmich <nimmich@muenster.de> * Copyright (c) 1997-2021 Dirk Nimmich <nimmich@muenster.de>
* All rights reserved. * All rights reserved.
* *
* Redistribution and use in source and binary forms, with or without * Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions * modification, are permitted provided that the following conditions
* are met: * are met:
* *
* 1. Redistributions of source code must retain the above copyright notice, * 1. Redistributions of source code must retain the above copyright notice,
* this list of conditions and the following disclaimer. * this list of conditions and the following disclaimer.
* *
* 2. Redistributions in binary form must reproduce the above copyright * 2. Redistributions in binary form must reproduce the above copyright
skipping to change at line 101 skipping to change at line 101
if (fstat(fd, &statbuf) == -1) { if (fstat(fd, &statbuf) == -1) {
fclose(fp); fclose(fp);
return FALSE; return FALSE;
} }
# ifndef FILE_MODE_BROKEN # ifndef FILE_MODE_BROKEN
if (S_ISREG(statbuf.st_mode) && (statbuf.st_mode|S_IRUSR|S_IWUSR) != (S_IRUSR|S_IWUSR|S_IFREG)) { if (S_ISREG(statbuf.st_mode) && (statbuf.st_mode|S_IRUSR|S_IWUSR) != (S_IRUSR|S_IWUSR|S_IFREG)) {
error_message(4, _(txt_error_insecure_permissions), filen ame, statbuf.st_mode); error_message(4, _(txt_error_insecure_permissions), filen ame, statbuf.st_mode);
/* /*
* TODO: fix permissions? * TODO: fix permissions?
* fchmod(fd, S_IRUSR|S_IWUSR); * #ifdef HAVE_FCHMOD
* fchmod(fd, S_IRUSR|S_IWUSR);
* #else
* # ifdef HAVE_CHMOD
* chmod(filename, S_IRUSR|S_IWUSR);
* # endif
* #endif
*/ */
} }
# endif /* !FILE_MODE_BROKEN */ # endif /* !FILE_MODE_BROKEN */
/* /*
* Search through authorization file for correct NNTP server * Search through authorization file for correct NNTP server
* File has format: 'nntp-server' 'password' ['username'] * File has format: 'nntp-server' 'password' ['username']
*/ */
while (fgets(line, sizeof(line), fp) != NULL) { while (fgets(line, sizeof(line), fp) != NULL) {
/* strip trailing newline character */ /* strip trailing newline character */
skipping to change at line 187 skipping to change at line 193
# ifdef DEBUG # ifdef DEBUG
if ((debug & DEBUG_NNTP) && verbose > 1) if ((debug & DEBUG_NNTP) && verbose > 1)
debug_print_file("NNTP", "authorization %s", line); debug_print_file("NNTP", "authorization %s", line);
# endif /* DEBUG */ # endif /* DEBUG */
put_server(line); put_server(line);
if ((ret = get_only_respcode(NULL, 0)) != NEED_AUTHDATA) if ((ret = get_only_respcode(NULL, 0)) != NEED_AUTHDATA)
return ret; return ret;
if ((authpass == NULL) || (*authpass == '\0')) { if ((authpass == NULL) || (*authpass == '\0')) {
# ifdef DEBUG # ifdef DEBUG
if ((debug & DEBUG_NNTP) && verbose >1) if ((debug & DEBUG_NNTP) && verbose > 1)
debug_print_file("NNTP", "authorization failed: no passwo rd"); debug_print_file("NNTP", "authorization failed: no passwo rd");
# endif /* DEBUG */ # endif /* DEBUG */
error_message(2, _(txt_auth_failed_nopass), server); error_message(2, _(txt_auth_failed_nopass), server);
return ERR_AUTHBAD; return ERR_AUTHBAD;
} }
snprintf(line, sizeof(line), "AUTHINFO PASS %s", authpass); snprintf(line, sizeof(line), "AUTHINFO PASS %s", authpass);
# ifdef DEBUG # ifdef DEBUG
if ((debug & DEBUG_NNTP) && verbose > 1) if ((debug & DEBUG_NNTP) && verbose > 1)
debug_print_file("NNTP", "authorization %s", line); debug_print_file("NNTP", "authorization %s", line);
skipping to change at line 301 skipping to change at line 307
if ((debug & DEBUG_NNTP) && verbose > 1) if ((debug & DEBUG_NNTP) && verbose > 1)
debug_print_file("NNTP", "authorization s ucceeded"); debug_print_file("NNTP", "authorization s ucceeded");
# endif /* DEBUG */ # endif /* DEBUG */
initialized = TRUE; initialized = TRUE;
return TRUE; return TRUE;
} }
} }
# ifdef DEBUG # ifdef DEBUG
else { else {
if ((debug & DEBUG_NNTP) && verbose > 1) if ((debug & DEBUG_NNTP) && verbose > 1)
debug_print_file("NNTP", "read_newsauth_file(\"% s\", \"%s\", \"%s\") failed", server, authuser, authpass); debug_print_file("NNTP", "read_newsauth_file(\"%s \", \"%s\", \"%s\") failed", server, authuser, authpass);
} }
# endif /* DEBUG */ # endif /* DEBUG */
} }
/* /*
* At this point, either authentication with username/password pair from * At this point, either authentication with username/password pair from
* .newsauth has failed or there's no .newsauth file respectively no * .newsauth has failed or there's no .newsauth file respectively no
* matching username/password for the current server. If we are not at * matching username/password for the current server. If we are not at
* startup we ask the user to enter such a pair by hand. Don't ask him * startup we ask the user to enter such a pair by hand. Don't ask him
* at startup except if requested by -A option because if he doesn't need * at startup except if requested by -A option because if he doesn't need
skipping to change at line 545 skipping to change at line 551
Gsasl_session *session; Gsasl_session *session;
char *p = NULL; char *p = NULL;
const char *mech = "PLAIN"; const char *mech = "PLAIN";
if (gsasl_init(&ctx) != GSASL_OK) /* TODO: do this only once at startup * / if (gsasl_init(&ctx) != GSASL_OK) /* TODO: do this only once at startup * /
return p; return p;
if (gsasl_client_start(ctx, mech, &session) != GSASL_OK) { if (gsasl_client_start(ctx, mech, &session) != GSASL_OK) {
gsasl_done(ctx); gsasl_done(ctx);
return p; return p;
} }
gsasl_property_set(session, GSASL_AUTHID, user); /* GSASL_AUTHZID (authorization identity) is (usually) unused with NNTP *
gsasl_property_set(session, GSASL_PASSWORD, pass); /
gsasl_property_set(session, GSASL_AUTHID, user); /* authentication
identity */
gsasl_property_set(session, GSASL_PASSWORD, pass); /* password of th
e authentication identity */
if (gsasl_step64(session, NULL, &p) != GSASL_OK) if (gsasl_step64(session, NULL, &p) != GSASL_OK)
FreeAndNull(p); FreeAndNull(p);
gsasl_finish(session); gsasl_finish(session);
gsasl_done(ctx); gsasl_done(ctx);
return p; return p;
} }
# endif /* USE_SASL */ # endif /* USE_SASL */
#else #else
static void no_authenticate(void); /* proto-type */ static void no_authenticate(void); /* proto-type */
 End of changes. 5 change blocks. 
6 lines changed or deleted 16 lines changed or added

Home  |  About  |  Features  |  All  |  Newest  |  Dox  |  Diffs  |  RSS Feeds  |  Screenshots  |  Comments  |  Imprint  |  Privacy  |  HTTP(S)