1.1 --- a/src/ipopd/ipop3d.c	Thu Oct 30 00:00:57 2014 +0900
     1.2 +++ b/src/ipopd/ipop3d.c	Thu Oct 30 00:03:05 2014 +0900
     1.3 @@ -96,6 +96,9 @@
     1.4  void trmint ();
     1.5  int pass_login (char *t,int argc,char *argv[]);
     1.6  char *apop_login (char *chal,char *user,char *md5,int argc,char *argv[]);
     1.7 +#ifdef QMAIL
     1.8 +char* conv_virtualdomain(char *account);
     1.9 +#endif
    1.10  char *responder (void *challenge,unsigned long clen,unsigned long *rlen);
    1.11  int mbxopen (char *mailbox);
    1.12  long blat (char *text,long lines,unsigned long size,STRING *st);
    1.13 @@ -128,7 +131,11 @@
    1.14      AUTHENTICATOR *auth = mail_lookup_auth (1);
    1.15      while (auth && compare_cstring (auth->name,"CRAM-MD5")) auth = auth->next;
    1.16  				/* build challenge -- less than 128 chars */
    1.17 +#ifndef QMAIL
    1.18 +    if (!(auth->flags & AU_DISABLE))
    1.19 +#else
    1.20      if (auth && auth->server && !(auth->flags & AU_DISABLE))
    1.21 +#endif
    1.22        sprintf (challenge,"<%lx.%lx@%.64s>",(unsigned long) getpid (),
    1.23  	       (unsigned long) time (0),tcp_serverhost ());
    1.24      else challenge[0] = '\0';	/* no MD5 authentication */
    1.25 @@ -258,10 +265,17 @@
    1.26  				/* get user name */
    1.27  	    if (!(t && *t && (s = strtok (t," ")) && (t = strtok(NIL,"\012"))))
    1.28  	      PSOUT ("-ERR Missing APOP argument\015\012");
    1.29 -	    else if (!(user = apop_login (challenge,s,t,argc,argv)))
    1.30 -	      PSOUT ("-ERR Bad APOP\015\012");
    1.31 -	    else if ((state = mbxopen ("INBOX")) == TRANSACTION)
    1.32 -	      syslog (LOG_INFO,"APOP user=%.80s host=%.80s nmsgs=%lu/%lu",
    1.33 + #ifdef QMAIL
    1.34 +	    else if (!(user = apop_login (challenge,conv_virtualdomain(s),t,argc,argv))) {
    1.35 + #else /* !QMAIL */
    1.36 +	      else if (!(user = apop_login (challenge,s,t,argc,argv))) {
    1.37 + #endif /* QMAIL */
    1.38 +	      PSOUT ("-ERR Bad APOP (Maybe your password is expired)\015\012");
    1.39 +	      user = cpystr (s);
    1.40 +              syslog (LOG_INFO,"APOP login failure user=%.80s host=%.80s",
    1.41 +                    user,tcp_clienthost ());
    1.42 +	    } else if ((state = mbxopen ("INBOX")) == TRANSACTION)
    1.43 +	      syslog (LOG_INFO,"APOP user=%.80s host=%.80s nmsgs=%ld/%ld",
    1.44  		      user,tcp_clienthost (),nmsgs,stream->nmsgs);
    1.45  	    else syslog (LOG_INFO,"APOP user=%.80s host=%.80s no mailbox",
    1.46  			 user,tcp_clienthost ());
    1.47 @@ -279,8 +293,20 @@
    1.48  	  }
    1.49  	  else PSOUT ("+OK STLS completed\015\012");
    1.50  	}
    1.51 +#ifndef RESTRICT_POP
    1.52  	else if (!mail_parameters (NIL,GET_DISABLEPLAINTEXT,NIL) &&
    1.53  		 !strcmp (s,"USER")) {
    1.54 +#else	/* !RESTRICT_POP */
    1.55 +	else if (!strcmp (s,"USER")) {
    1.56 +	  if (getenv("INTRANET") == NIL) {
    1.57 +	    PSOUT("-ERR Sorry, we don't allow POP3 from your network.  Use APOP instead.\015\012");
    1.58 +	    user = cpystr(t);
    1.59 +	    syslog (LOG_INFO,"Plain POP3 is restricted user=%.80s host=%.80s",
    1.60 +		    user,tcp_clienthost ());
    1.61 +	    memset(user, '\0', strlen(user));
    1.62 +	    break;
    1.63 +	  }
    1.64 +#endif
    1.65  	  if (host) fs_give ((void **) &host);
    1.66  	  if (user) fs_give ((void **) &user);
    1.67  	  if (pass) fs_give ((void **) &pass);
    1.68 @@ -294,7 +320,11 @@
    1.69  	      user = cpystr (s);/* copy user name */
    1.70  	    }
    1.71  				/* local user name */
    1.72 +#ifdef QMAIL
    1.73 +	    else user = conv_virtualdomain(cpystr (t));
    1.74 +#else
    1.75  	    else user = cpystr (t);
    1.76 +#endif
    1.77  	    PSOUT ("+OK User name accepted, password please\015\012");
    1.78  	  }
    1.79  	  else PSOUT ("-ERR Missing username argument\015\012");