[popfile-commit] engine/Proxy POP3.pm,1.93,1.94 Proxy.pm,1.46,1.47

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 454-5900

Update of /cvsroot/popfile/engine/Proxy
In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv29164/Proxy

Modified Files:
	POP3.pm Proxy.pm 
Log Message:
Added SSL support for POP3 over SSL (and other proxies if
needed).

Proxy/Proxy.pm:

verify_connected_ can now establish SSL connections if the $ssl
parameter is set to 1.

Proxy/POP3.pm:

Take Sam's syntax for doing APOP on the USER command and expand it to be
a generic "options" syntax so that the USER settings in the POP3 client
are not in the form

    host:port:username:options

where port and options are optional.

Valid options are now

   apop         Require APOP authentication
   ssl          Require SSL connection from POPFile to server

it's possible to use both as follows:

    host:port:username:apop,ssl

Index: POP3.pm
===================================================================
RCS file: /cvsroot/popfile/engine/Proxy/POP3.pm,v
retrieving revision 1.93
retrieving revision 1.94
diff -C2 -d -r1.93 -r1.94
*** POP3.pm	16 Apr 2004 20:25:20 -0000	1.93
--- POP3.pm	20 Apr 2004 18:54:55 -0000	1.94
***************
*** 197,201 ****

      my $user_command = 'USER ([^:]+)(:(\d+))?' . $self->config_( 'separator' ) . '([^:]+)(:([^:]+))?';
- 
      my $apop_command = 'APOP ([^:]+)(:(\d+))?' . $self->config_( 'separator' ) . '([^:]+) (.*?)';

--- 197,200 ----
***************
*** 220,230 ****
          # will pull email from.  Doing this means we can act as a proxy for multiple mail clients
          # and mail accounts
          # When the client issues the command "USER host:username:apop" POPFile must acknowledge
          # the command and be prepared to compute the md5 digest of the user's password and the
          # real pop server's banner upon receipt of a PASS command.

          if ( $command =~ /$user_command/io ) {
              if ( $1 ne '' )  {
!                 my ($host, $port, $user, $is_apop_user) = ($1, $3, $4, $6);

                  print $pipe "LOGIN:$user$eol";
--- 219,234 ----
          # will pull email from.  Doing this means we can act as a proxy for multiple mail clients
          # and mail accounts
+         #
          # When the client issues the command "USER host:username:apop" POPFile must acknowledge
          # the command and be prepared to compute the md5 digest of the user's password and the
          # real pop server's banner upon receipt of a PASS command.
+         #
+         # When the client issues the command "USER host:username:ssl" POPFile will use SSL for
+         # the connection to the remote, note that the user can say host:username:ssl,apop if both
+         # are needed

          if ( $command =~ /$user_command/io ) {
              if ( $1 ne '' )  {
!                 my ( $host, $port, $user, $options ) = ($1, $3, $4, $6);

                  print $pipe "LOGIN:$user$eol";
***************
*** 232,238 ****
                  $self->yield_( $ppipe, $pid );

!                 if ( $mail = $self->verify_connected_( $mail, $client, $host, $port || 110 ) )  {

!                     if ( defined($is_apop_user) && $is_apop_user =~ /apop/i ) {

                          # We want to make sure the server sent a real APOP banner, containing <>'s
--- 236,245 ----
                  $self->yield_( $ppipe, $pid );

!                 my $ssl = defined( $options ) && ( $options =~ /ssl/i );
!                 $port = 110 if ( !defined( $port ) );

!                 if ( $mail = $self->verify_connected_( $mail, $client, $host, $port, $ssl ) )  {
! 
!                     if ( defined( $options ) && ( $options =~ /apop/i ) ) {

                          # We want to make sure the server sent a real APOP banner, containing <>'s
***************
*** 247,254 ****
                              $self->log_( "auth APOP" );
                              $self->{apop_user__} = $user;
                              # tell the client that username was accepted
                              $self->tee_( $client, "+OK hello $user$eol" );
!                             next; # don't flush_extra, we didn't send anything to the real server
                          } else {
                              # If the client asked for APOP, and the server doesn't have the correct
                              # banner, give a meaningful error instead of whatever error the server
--- 254,265 ----
                              $self->log_( "auth APOP" );
                              $self->{apop_user__} = $user;
+ 
                              # tell the client that username was accepted
+ 			    # don't flush_extra, we didn't send anything to the real server
+ 
                              $self->tee_( $client, "+OK hello $user$eol" );
!                             next;
                          } else {
+ 
                              # If the client asked for APOP, and the server doesn't have the correct
                              # banner, give a meaningful error instead of whatever error the server
***************
*** 260,265 ****
--- 271,278 ----
                          }
                      } else {
+ 
                          # Pass through the USER command with the actual user name for this server,
                          # and send the reply straight to the client
+ 
                          $self->log_( "auth plaintext" );
                          $self->{use_apop__} = 0;         # signifies a non-apop connection

Index: Proxy.pm
===================================================================
RCS file: /cvsroot/popfile/engine/Proxy/Proxy.pm,v
retrieving revision 1.46
retrieving revision 1.47
diff -C2 -d -r1.46 -r1.47
*** Proxy.pm	19 Apr 2004 14:25:07 -0000	1.46
--- Proxy.pm	20 Apr 2004 18:54:57 -0000	1.47
***************
*** 34,37 ****
--- 34,38 ----
  use IO::Select;
  use IO::Socket::Socks;
+ use IO::Socket::SSL;

  # A handy variable containing the value of an EOL for networks
***************
*** 635,638 ****
--- 636,640 ----
  # $hostname    The host name of the remote server
  # $port        The port
+ # $ssl         If set to 1 then the connection to the remote is established using SSL
  #
  # Check that we are connected to $hostname on port $port putting the open handle in $mail.
***************
*** 642,646 ****
  sub verify_connected_
  {
!     my ( $self, $mail, $client, $hostname, $port ) = @_;

      # Check to see if we are already connected
--- 644,650 ----
  sub verify_connected_
  {
!     my ( $self, $mail, $client, $hostname, $port, $ssl ) = @_;
! 
!     $ssl = 0 if ( !defined( $ssl ) );

      # Check to see if we are already connected
***************
*** 657,664 ****
                      ConnectPort  => $port ); # PROFILE BLOCK STOP
      } else {
!         $mail = IO::Socket::INET->new( # PROFILE BLOCK START
!                     Proto    => "tcp",
!                     PeerAddr => $hostname,
!                     PeerPort => $port ); # PROFILE BLOCK STOP
      }

--- 661,675 ----
                      ConnectPort  => $port ); # PROFILE BLOCK STOP
      } else {
!         if ( $ssl ) {
!             $mail = IO::Socket::SSL->new( # PROFILE BLOCK START
!                         Proto    => "tcp",
!                         PeerAddr => $hostname,
!                         PeerPort => $port ); # PROFILE BLOCK STOP
! 	} else {
!             $mail = IO::Socket::INET->new( # PROFILE BLOCK START
!                         Proto    => "tcp",
!                         PeerAddr => $hostname,
!                         PeerPort => $port ); # PROFILE BLOCK STOP
!         }
      }

***************
*** 672,676 ****
              # occurs

!             binmode( $mail );

              # Wait 10 seconds for a response from the remote server and if
--- 683,689 ----
              # occurs

!             if ( !$ssl ) {
!                 binmode( $mail );
! 	    }

              # Wait 10 seconds for a response from the remote server and if