Date: Mon, 20 Aug 2001 21:07:23 +0200 (CEST) From: dirk.meyer@dinoex.sub.org To: FreeBSD-gnats-submit@freebsd.org Subject: ports/29906: ports/popa3d Message-ID: <200108201907.f7KJ7NJ24480@home.dinoex.sub.org>
next in thread | raw e-mail | index | archive | help
>Number: 29906 >Category: ports >Synopsis: ports/popa3d >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-ports >State: open >Quarter: >Keywords: >Date-Required: >Class: change-request >Submitter-Id: current-users >Arrival-Date: Mon Aug 20 12:10:01 PDT 2001 >Closed-Date: >Last-Modified: >Originator: Dirk Meyer >Release: FreeBSD 4.3-STABLE i386 >Organization: privat >Environment: sendmail (base or port) >Description: support SMTP relay after successful pop3 authenication. based on IP numbers without cron-jobs, or log-eatng scripts. >How-To-Repeat: >Fix: maintainer mailed at: 12th august 2001 patches for this new FEATURE: diff popa3d/Makefile popa3d/Makefile --- popa3d/Makefile Sun Feb 18 18:48:07 2001 +++ popa3d/Makefile Sun Aug 12 23:49:17 2001 @@ -12,25 +12,59 @@ ftp://ftp.openwall.com/popa3d/ \ ftp://ftp.dataforce.net/pub/solar/ \ ftp://ftp.false.com/pub/security/popa3d/ +.if defined(SMTP_AFTER_POP3) +PKGNAMESUFFIX?= -before-sendmail +.endif + +.if defined(SMTP_AFTER_POP3) +PATCH_SITES= http://www.openwall.com/popa3d/contrib/ +PATCHFILES= popa3d-0.4-before-sendmail.tar.gz +PATCH_DIST_STRIP= -p1 +.endif MAINTAINER= gonza@techline.ru ALL_TARGET= popa3d +.if defined(SMTP_AFTER_POP3) +PATCHDIR= ${MASTERDIR}/files.smtp +PLIST= ${WRKDIR}/.PLIST.more + +pre-configure: + @${ECHO} "%%PORTDOCS%%share/doc/popa3d/POPAUTH" >${PLIST} + @${CAT} ${PKGDIR}/pkg-plist >>${PLIST} + @${ECHO} "share/sendmail/cf/hack/popauth.m4" >>${PLIST} + +post-patch: + @${PERL5} -pi -e "s=LOG_MAIL=LOG_DAEMON=" ${WRKSRC}/params.h + @${PERL5} -pi -e "s=db1/db.h=db.h=" ${WRKSRC}/pop_root.c +.endif + +pre-install: + @ ${SH} ${PKGINSTALL} ${PKGNAME} PRE-INSTALL + do-install: ${INSTALL} ${COPY} -o root -g wheel -m 500 \ ${WRKSRC}/popa3d ${PREFIX}/libexec/popa3d - +.if defined(SMTP_AFTER_POP3) + ${INSTALL_DATA} ${PATCHDIR}/popauth.m4 ${CFDIR}/hack +.endif .if !defined(NOPORTDOCS) ${MKDIR} ${PREFIX}/share/doc/popa3d ${INSTALL_MAN} ${WRKSRC}/DESIGN ${PREFIX}/share/doc/popa3d ${INSTALL_MAN} ${WRKSRC}/COPYING ${PREFIX}/share/doc/popa3d +.if defined(SMTP_AFTER_POP3) + ${INSTALL_DATA} ${PATCHDIR}/POPAUTH ${PREFIX}/share/doc/popa3d +.endif .endif - -pre-install: - @ ${SH} ${PKGINSTALL} ${PKGNAME} PRE-INSTALL post-install: @ ${CAT} ${PKGMESSAGE} .include <bsd.port.mk> + +.if exists(${DESTDIR}/${LOCALBASE}/share/sendmail/cf/mailer/uucp.m4) +CFDIR= ${DESTDIR}${LOCALBASE}/share/sendmail/cf +.else +CFDIR= ${DESTDIR}/usr/share/sendmail/cf +.endif diff popa3d/distinfo popa3d/distinfo --- popa3d/distinfo Sat Feb 19 14:21:54 2000 +++ popa3d/distinfo Mon Jul 16 11:20:54 2001 @@ -1 +1,2 @@ MD5 (popa3d-0.4.tar.gz) = 4ce2ed209abeaeaae7724d8d24bb7dbf +MD5 (popa3d-0.4-before-sendmail.tar.gz) = 8e1aed8c86e1df777eee116667ad9d54 diff popa3d/files.smtp/POPAUTH popa3d/files.smtp/POPAUTH --- popa3d/files.smtp/POPAUTH Thu Jan 1 01:00:00 1970 +++ popa3d/files.smtp/POPAUTH Sat Dec 16 21:28:00 2000 @@ -0,0 +1,49 @@ + popa3d patch for POP-before-SMTP and SMTP-after-POP + + Garry Glendown / Dec. 12th 2000 + +On the 'net there are a couple of solutions to allow for POP-before-SMTP +authentication in order to allow for relaying of mails. Anyway, the +solutions I found didn't really apeal to me, so I hacked popa3d a bit, +which we already used on one of our machines to serve mail to dialup +customers. + + Prerequisites + +This patch supplies data to sendmail to allow for certain IPs to use it +as a relaying host. In order to use with your sendmail installation, get +the popauth-hack (http://www.sendmail.org/~ca/email/rules/popauth.m4) +and install it by adding "HACK(`popauth')" to you .mc-file. + + Installing + +The patch - enabled through the POPB4SMTP-define in the Makefile - +accesses the file "/etc/mail/popauth.db" (create with "makemap hash +/etc/mail/popauth </dev/null") and adds the IP of the sucessfully +authenticated POP-user to it. Once the IP appears in the .db-file, +sendmail will allow the IP to relay mail from it. + +Apart from the IP, which is added as LHS in the database, the patch adds +the timestamp of the authentication as RHS (which the sendmail-hack +ignores). This timestamp is then used to remove old IPs which are older +than VALIDTIME seconds (defined in the Makefile). + + Disclaimer + +This hack has been in production use for a week on our server and though +there are in average 30-60 POP3 logins per minute (going up to 2-3 +requests per seconds during daytime), we have not had any problems. +Please note that I'm no expert at the Berkeley db library - I just +hacked up a version using the old db1 functions and it worked out. +There may be things to do better, but it seems to work fine for me. If +you have any suggestions, let me know ... I've tried to play it safe and +wrapped all db-access into a semaphore-protected block, hopefully +allowing for safe multiple execution ... also, I tried to make sure that +the string functions all check for the available array length. + +If you have any suggestions, questions or feedback of any other kind +concerning this hack, don't bug the author of popa3d, but drop me a mail +at garry@glendown.de + +G.Glendown / Dec 15th 2000 + diff popa3d/files.smtp/patch-aa popa3d/files.smtp/patch-aa --- popa3d/files.smtp/patch-aa Thu Jan 1 01:00:00 1970 +++ popa3d/files.smtp/patch-aa Sat Apr 1 05:39:44 2000 @@ -0,0 +1,37 @@ +--- params.h.orig Tue Feb 1 09:16:24 2000 ++++ params.h Sat Mar 4 16:12:48 2000 +@@ -33,7 +33,7 @@ + * An unprivileged dummy user to run as before authentication. The user + * and its UID must not be used for any other purpose. + */ +-#define POP_USER "popa3d" ++#define POP_USER "pop" + + /* + * Sessions will be closed if idle for longer than POP_TIMEOUT seconds. +@@ -62,7 +62,7 @@ + * Do we have shadow passwords? (Not for *BSD.) + * Note: password aging is not supported. + */ +-#define AUTH_SHADOW 1 ++#define AUTH_SHADOW 0 + + /* + * A salt used to waste some CPU time on dummy crypt(3) calls and make +@@ -81,14 +81,14 @@ + * Your mail spool directory. Note: only local (non-NFS) mode 775 mail + * spools are currently supported. + */ +-#define MAIL_SPOOL_PATH "/var/spool/mail" ++#define MAIL_SPOOL_PATH "/var/mail" + + /* + * How do we talk to syslogd? These should be fine for most systems. + */ + #define SYSLOG_IDENT "popa3d" + #define SYSLOG_OPTIONS LOG_PID +-#define SYSLOG_FACILITY LOG_DAEMON ++#define SYSLOG_FACILITY LOG_MAIL + #define SYSLOG_PRIORITY LOG_NOTICE + + /* diff popa3d/files.smtp/patch-ab popa3d/files.smtp/patch-ab --- popa3d/files.smtp/patch-ab Thu Jan 1 01:00:00 1970 +++ popa3d/files.smtp/patch-ab Mon Jul 16 11:51:24 2001 @@ -0,0 +1,23 @@ +--- Makefile.orig Mon Jul 16 11:35:16 2001 ++++ Makefile Mon Jul 16 11:43:29 2001 +@@ -1,9 +1,8 @@ +-CC = gcc +-LD = gcc ++CC? = gcc + RM = rm -f + CFLAGS = -c -Wall -O2 -fomit-frame-pointer -DPOPB4SMTP -DVALIDTIME=600 + #LDFLAGS = -s +-LDFLAGS = -s -lcrypt -ldb1 ++LDFLAGS = -s -lcrypt + + + PROJ = popa3d +@@ -14,7 +13,7 @@ + misc.o pop_pbs.o + + popa3d: $(OBJS) +- $(LD) $(LDFLAGS) $(OBJS) -o popa3d ++ $(CC) $(LDFLAGS) $(OBJS) -o popa3d + + md5/md5.o: md5/md5.c md5/md5.h + $(CC) $(CFLAGS) -D_LIBC md5/md5.c -o md5/md5.o diff popa3d/files.smtp/patch-pop_auth.c popa3d/files.smtp/patch-pop_auth.c --- popa3d/files.smtp/patch-pop_auth.c Thu Jan 1 01:00:00 1970 +++ popa3d/files.smtp/patch-pop_auth.c Mon Jul 16 11:54:59 2001 @@ -0,0 +1,11 @@ +--- pop_auth.c.orig Mon Jul 16 11:51:30 2001 ++++ pop_auth.c Mon Jul 16 11:54:35 2001 +@@ -12,6 +12,8 @@ + #include "protocol.h" + #include "pop_auth.h" + ++char *client_addr(int); ++ + static char *pop_user, *pop_pass; + + static int pop_auth_quit(char *params) diff popa3d/files.smtp/patch-pop_pbs.c popa3d/files.smtp/patch-pop_pbs.c --- popa3d/files.smtp/patch-pop_pbs.c Thu Jan 1 01:00:00 1970 +++ popa3d/files.smtp/patch-pop_pbs.c Mon Jul 16 11:41:51 2001 @@ -0,0 +1,11 @@ +--- pop_pbs.c.orig Mon Jul 16 11:38:00 2001 ++++ pop_pbs.c Mon Jul 16 11:41:40 2001 +@@ -1,6 +1,7 @@ ++#include <sys/types.h> + #include <sys/socket.h> ++#include <netinet/in.h> + #include <arpa/inet.h> +-#include <sys/types.h> + #include <sys/stat.h> + + char addr_buf[256]; diff popa3d/files.smtp/patch-pop_root.c popa3d/files.smtp/patch-pop_root.c --- popa3d/files.smtp/patch-pop_root.c Thu Jan 1 01:00:00 1970 +++ popa3d/files.smtp/patch-pop_root.c Tue Jul 17 11:45:28 2001 @@ -0,0 +1,18 @@ +--- pop_root.c.neu.orig Mon Jul 16 11:55:05 2001 ++++ pop_root.c Tue Jul 17 11:45:22 2001 +@@ -210,6 +210,7 @@ + sem=sem_attach(0x50413453); + sem_enter(sem); + db=dbopen("/etc/mail/popauth.db",O_RDWR,0664,DB_HASH,0 ); ++ if ( db != NULL ) { + key.data=client_addr(1); + key.size=strlen(key.data); + sprintf(ts,"%d",(int)time(0)); +@@ -233,6 +234,7 @@ + ret=db->seq(db,&key,&data,R_NEXT); + } + db->close(db); ++ } + sem_leave(sem); + #endif + diff popa3d/files.smtp/popauth.m4 popa3d/files.smtp/popauth.m4 --- popa3d/files.smtp/popauth.m4 Thu Jan 1 01:00:00 1970 +++ popa3d/files.smtp/popauth.m4 Sun Jul 22 13:39:46 2001 @@ -0,0 +1,47 @@ +divert(-1) +# +# Copyright (c) 2000 Claus Assmann <ca+popauth@mine.informatik.uni-kiel.de> +# +# In short: you can do whatever you want with this, but don't blame me! +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND +# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +# ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE +# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +# SUCH DAMAGE. +# +# <URL: http://www.sendmail.org/~ca/email/chk-89n.html > +# +VERSIONID(`$Id: popauth.m4,v 1.5 2000/10/19 17:47:53 ca Exp $') + +LOCAL_CONFIG +ifdef(`DATABASE_MAP_TYPE', `', `define(`DATABASE_MAP_TYPE', `hash')') +Kpopauth ifelse(defn(`_ARG_'), `', + `DATABASE_MAP_TYPE -a<OK> /etc/mail/popauth', + `_ARG_') +ifdef(`CF_LEVEL', `dnl has been introduced in 8.10 +dnl this can be used to add a tag to entries in the map +dnl to restrict the access +ifdef(`POP_B4_SMTP_TAG',, `define(`POP_B4_SMTP_TAG', `POP:')')dnl +ifdef(`POP_TO', `dnl +ifdef(`_ARITH_MAP_', `', `dnl +define(`_ARITH_MAP_', `1')dnl +Karith arith') +')', `dnl +define(`POP_B4_SMTP_TAG', `')dnl +')dnl +LOCAL_RULESETS +SLocal_check_rcpt +R$* $: $(popauth `'$&{client_addr} $: <?> $) +R<?> $@ NoPopAuth +ifdef(`POP_TO', `dnl +R$+ $: $(arith - $@ $1 $@ $&t $) +R$+ $: $(arith l $@ $1 $@ POP_TO $) +RTRUE $# OK', ` +R$*<OK> $# OK') diff popa3d/pkg-plist popa3d/pkg-plist --- popa3d/pkg-plist Sat Apr 1 05:39:48 2000 +++ popa3d/pkg-plist Sun Jul 22 13:57:32 2001 @@ -1,5 +1,5 @@ @comment $FreeBSD: ports/mail/popa3d/pkg-plist,v 1.2 2000/04/01 03:39:48 mharo Exp $ libexec/popa3d -share/doc/popa3d/DESIGN -share/doc/popa3d/COPYING -@dirrm share/doc/popa3d +%%PORTDOCS%%share/doc/popa3d/DESIGN +%%PORTDOCS%%share/doc/popa3d/COPYING +%%PORTDOCS%%@dirrm share/doc/popa3d >Release-Note: >Audit-Trail: >Unformatted: To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ports" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200108201907.f7KJ7NJ24480>