Commits

Commit:
79d85c203f9853e8370c0703605358325f51a2da
From:
Peter J. Philipp <pjp@localhost>
Date:
Wed Dec 2 16:34:48 2020 UTC

Add BINDIR and MANDIR to Makefile to install in /usr/local add my name to the manpage sections AUTHORS and HISTORY and add on CAVEATS a little.

Commit:
0029f86072d629cfaeba446b0a716716479c065b
From:
Peter J. Philipp <pjp@localhost>
Date:
Tue Dec 1 10:25:38 2020 UTC

after (trying to) read of the libc's pw routines, I made the educated guess that endpwent() is not needed here.

Commit:
11e368b7d470d02ccfc6e7bb7b0d4a780c82d9be
From:
Peter J. Philipp <pjp@delphinusdns.org>
Date:
Tue Dec 1 09:46:25 2020 UTC

remove a crash condition if the user is root remove a timeing a attack against users in the password database ie. if the user exists but is locked in some form the timing is longest for the strlen(pw->pw_passwd), for normal users the timing is medium near longest and for completely locked users (with passwd *) the timing is shortest...

Commit:
ef0e9155490d88eae73301ba1177d9e149008247
From:
pjp <pjp@localhost>
Date:
Tue Jun 4 19:04:38 2019 UTC

select and write (with return value 0) were spinning, this should fix this (and reduce cpu cycles)

Commit:
6037502a332b364176def31bf941f3e175a9dd10
From:
pjp <pjp@localhost>
Date:
Tue May 14 08:44:56 2019 UTC

do some CPU accounting for the TLS multiplexer, there is a setitimer that I disabled in this commit that would cause a SIGVTALRM to go into a signal handler when a threshold of cpu time was used. May 14 10:37:31 orange popa3d[82360]: TLS multiplexer: parent of pid 35643 time used 8924 microseconds On my vps a session timeout uses arond 8 ms os CPU time, but this value is CPU dependent and not for all. I still think it's a worthy log.

Commit:
2ee6eb0050fcf32af49b226f5d801bea40993e4a
From:
pjp <pjp@localhost>
Date:
Sat May 11 06:52:14 2019 UTC

set new timeout of 2 minutes set new auth dummy salt make the server really close everything after 2 minutes (alarm)

Commit:
8bb1590144b1f9e60a0b1a3270c95560f5789ee3
From:
pjp <pjp@localhost>
Date:
Mon Jan 14 19:00:44 2019 UTC

wrap tls_read() with an alarm()

Commit:
d863307e0ee67fb8409ab0317922acab5eabd5f7
From:
pjp <pjp@localhost>
Date:
Mon Jan 14 18:47:27 2019 UTC

do close the TCP descriptor (new) as well

Commit:
f35d7b718ef3f3c24837d0f32f8caec5b6f6692f
From:
pjp <pjp@localhost>
Date:
Wed Dec 19 12:25:07 2018 UTC

for POP_MAILDIR we forgot a unveil()... here it is!

Commit:
b3cbbbc29b540334a1c38b00b2944787a39a8cb6
From:
pjp <pjp@localhost>
Date:
Wed Dec 19 11:53:12 2018 UTC

the maildir is in /home/%user/Maildir/{new,cur} adjust appropriately.

Commit:
d10280ba41e30d5f6736958abab1f49a44bbd01e
From:
pjp <pjp@localhost>
Date:
Wed Dec 19 10:52:16 2018 UTC

embed maildir support, in case of maildir the daemon chroot's to /home

Commit:
309356bb722e90d6418fb8499a4dca85e8ee8b10
From:
pjp <pjp@localhost>
Date:
Wed Dec 19 10:39:07 2018 UTC

maildir support from patch found at: http://hhg.to/popa3d/popa3d-0.5.9-maildir-2.diff fixed strcpy() -> strlcpy(), strcat() -> strlcat() and fixed a return value of strdup().

Commit:
88a32412f3ba02fbc6b3a1db8261987e2a0a232b
From:
pjp <pjp@localhost>
Date:
Tue Dec 18 19:58:06 2018 UTC

take out dead code, transplant standalone.c's sessions to tls_server but it doesn't work so I have it ifdef'ed out move struct sess to config.h

Commit:
e50557b846a220d144e930cebc59a6458cccb2a7
From:
pjp <pjp@localhost>
Date:
Tue Dec 18 18:40:20 2018 UTC

raise the idle timeout from 240 seconds to 60 * 10 seconds (POP_TIMEOUT) update the DESIGN to what it is today

Commit:
1dbcbfda2f97e92abfd12e3253176abc90a860b5
From:
pjp <pjp@localhost>
Date:
Tue Dec 18 18:20:21 2018 UTC

also check for uid == 0, if that's the case show them the door!

Commit:
36a15d58c6dc028f40ef6e258bc4fa1060a791b2
From:
pjp <pjp@localhost>
Date:
Tue Dec 18 17:41:00 2018 UTC

never let root pop his mail. The password will fail, spwd.db will never get opened, there is a certain timing problem here right?

Commit:
c8de6c8ca81eec24805fcbed346a2f6880046ae0
From:
pjp <pjp@localhost>
Date:
Tue Dec 18 17:33:58 2018 UTC

I never understood if you're using mbox why you can't just chroot /var/mail and then open the mailbox. popa3d doesn't use temporary files so I'm going to do this. chroot + pledge... even safer

Commit:
b4a3a8cc286f6d1683e1a3f6b33329a6bd626cbb
From:
pjp <pjp@localhost>
Date:
Tue Dec 18 17:14:54 2018 UTC

disassociate the shadow root password imsg child with the setproctitle: authentication root shadow stage This way it's found easy in a ps

Commit:
f85fe979dc41d32aacea6e2f54ca31babe854ba5
From:
pjp <pjp@localhost>
Date:
Tue Dec 18 16:50:18 2018 UTC

this imsg filedescriptor was hangin' around. I close it when it's not needed anymore.

Commit:
c69984a68be16d21029ee3ecf65995e4e9e15300
From:
pjp <pjp@localhost>
Date:
Tue Dec 18 16:31:33 2018 UTC

fix the plumbing a little, the imsg forked child that only reads the spwd.db and reports back whether a password was right or not is disassociated from the socketpair that writes back to the tls multiplexer, for this I use close, close, open, open, dup2...these calls have to succeed if not I don't care.

Commit:
cc02b89c633cd6b4610f6e2ba016d95d3f42bcbe
From:
pjp <pjp@localhost>
Date:
Tue Dec 18 15:57:56 2018 UTC

use daemon() to go into the background instead of a home-roll, this needs unveil()'ed of read-write to /dev/null otherwise the pty terminal is still open

Commit:
e50cf799677ed276bc8091aad23e454b8e5f5237
From:
pjp <pjp@localhost>
Date:
Tue Dec 18 10:07:47 2018 UTC

tls_read checks for TLS_WANT_POLLIN et co. pledge needs a flock here

Commit:
4d83d22cab8cb22634d6f420266c0f2be0a3ed29
From:
pjp <pjp@localhost>
Date:
Mon Dec 17 20:15:20 2018 UTC

-a pledged and unveil'ed, privsep'ing, chroot'ing and best of all TLS'ing implementation of popa3d

Commit:
b867ddea75bd205e3e6850b225f81c118d0d4f1a
From:
pjp <pjp@localhost>
Date:
Mon Dec 17 18:03:31 2018 UTC

forgot this

Commit:
bb4dfce8cc03d4134c07645234425f2e0509d937
From:
pjp <pjp@localhost>
Date:
Mon Dec 17 15:22:21 2018 UTC

cafile -> certfile, for consistency