From owner-freebsd-isp Mon Mar 1 14:40:53 1999 Delivered-To: freebsd-isp@freebsd.org Received: from tinker.com (troll.tinker.com [204.214.7.146]) by hub.freebsd.org (Postfix) with ESMTP id 4AD7D154D3 for ; Mon, 1 Mar 1999 14:39:34 -0800 (PST) (envelope-from carol@tinker.com) Received: by localhost (8.8.5/8.8.5) Received: by mail.tinker.com via smap (V2.0) id xma017050; Mon Mar 1 16:37:19 1999 Received: by localhost (8.8.8/8.8.8) id QAA08384; Mon, 1 Mar 1999 16:37:39 -0600 (CST) Message-ID: <36DB1755.6A468C75@tinker.com> Date: Mon, 01 Mar 1999 16:40:21 -0600 From: Carol Deihl Organization: Shrier and Deihl X-Mailer: Mozilla 4.5 [en] (X11; U; FreeBSD 2.2.8-RELEASE i386) X-Accept-Language: en MIME-Version: 1.0 To: Andy Kohtz Cc: freebsd-isp@FreeBSD.org Subject: Re: usernames longer than 8 characters References: Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Hi Andy, Andy Kohtz wrote: [snip...] > My problem is that there are a heck of a lot of people who are > using usernames longer than 8 characters in their pop account settings for > their e-mail programs. > > Is there a way I can make FreeBSD (or any UNIX in general) > understand usernames longer than 8 characters so the system can remain > backwords compatible, or am I going to experience hell when I make this > change? > - Andrew Kohtz > - akohtz@amug.org > - andrew@kohtz.com If these folks are *only* getting email (and don't need telnet access), an option that will work with any version of FreeBSD is to use sendmail's virtusertable option. It will let you map usernames of any length to local account names. (That's also how to provide support for virtual domains, but that's another story.) It's described at http://www.sendmail.org under Virtual Domains. If you use virtusertable, you'll probably also want to patch popper to do a similar mapping, so that the users can use their "long" names to pick up mail, instead of their shorter local account names. The (old) patches are at http://www.westnet.com/providers, but they've not been incorporated into the current popper release. I've included below the patches that I recently made for FBSD 2.2.8 based on westnet's patches. My patches use the "hash" database, since that's what the makemap program in the sendmail FBSD port uses. For example, you'd make a file /etc/virtusertable: joe_somebody@mydomain.com joe001 mary_longname@mydomain.com mar001 or whatever to map the long usernames into the local account names. Also make a similar file /etc/virtpop - actually, in simple cases, it can be the same file (make sure you compiled the correct filename into popper). Then you'll need to "hash" the tables, for fast lookup by sendmail and popper: root# /usr/sbin/makemap hash /etc/virtusertable.db < /etc/virtusertable root# /usr/sbin/makemap hash /etc/virtpop < /etc/virtpop Since these popper patches were designed to support virtual domains, they expect the reverse DNS to be properly setup (so it can tell which virtual domain it's servicing). In your case, you just need to ensure that the reverse DNS entry for your mail server reports the same name that users try to connect to, for example pop.mydomain.com. (Alternatively, you could pull that part of the code out of the patches, since you aren't serving multiple domain.) Hope this helps. popper patches follow. Carol -------------------------------- These patches created by Carol Deihl (carol@tinker.com) 1999-02-18. Patches apply against the popper port for FreeBSD 2.2.8, but should work (possibly with minor mods) against other versions. These patches should be applied *after* the normal FBSD port patches. For example, if this file is named vpopper.patch root# make patch root# patch = 199306)) && !defined(__USE_BSD) extern int sys_nerr; ! extern char * sys_errlist[]; #ifndef __linux__ extern char * sys_siglist[]; #endif #endif --- 144,155 ---- extern int errno; #if !(defined(BSD) && (BSD >= 199306)) && !defined(__USE_BSD) extern int sys_nerr; ! extern __const char *__const sys_errlist[]; ! /* extern char * sys_errlist[]; */ #ifndef __linux__ extern char * sys_siglist[]; #endif #endif *************** *** 237,246 **** --- 238,250 ---- daemon program */ char * myhost; /* The name of our host computer */ char * client; /* Canonical name of client computer */ + #ifdef VIRTUAL_SERVER + char * server; /* Canonical name of server */ + #endif /* VIRTUAL_SERVER */ char * ipaddr; /* Dotted-notation format of client IP address */ unsigned short ipport; /* Client port for privileged operations */ char user[MAXUSERNAMELEN]; /* Name of the POP user */ *************** *** 326,335 **** --- 330,340 ---- extern int pop_rset(); extern int pop_send(); extern int pop_stat(); extern int pop_updt(); extern int pop_user(); + extern int pop_virtualh(); extern int pop_xtnd(); extern int pop_xmit(); extern int pop_xmit_recv(); extern int pop_xmit_exec(); extern int pop_xlst(); *** pop_init.c Thu Feb 18 15:52:01 1999 --- pop_init.c Thu Feb 18 15:52:01 1999 *************** *** 134,143 **** --- 134,147 ---- extern char * optarg; int options = 0; int sp = 0; /* Socket pointer */ char * trace_file_name; struct hostent * hp = NULL; + struct sockaddr_in mysock; /* Communication parameters */ + struct hostent * mych; /* Server host information */ + char * myipaddr; /* Save Server IP */ + /* Initialize the POP parameter block */ bzero ((char *)p,(int)sizeof(POP)); /* Initialize maildrop status variables in the POP parameter block */ *************** *** 354,363 **** --- 358,403 ---- _res.options |= RES_DEFNAMES; #endif #endif /* BIND43 */ } + + #ifdef VIRTUAL_SERVER + /* Modified by Carol Deihl (carol@tinker.com) 1999-02-18 for bug fixes */ + + /* Get My current address to see on which virtual address I was listening */ + + len = sizeof(mysock); + if (getsockname(sp,(struct sockaddr *)&mysock,&len) < 0) { + pop_log(p,POP_PRIORITY, + "Unable to obtain My socket and address, err = %d",errno); + exit(1); + } + /* Save the dotted decimal form of the client's IP address + in the POP parameter block */ + myipaddr = (char *)strdup(inet_ntoa(cs.sin_addr)); + + mych = gethostbyaddr((char *) &mysock.sin_addr, sizeof(mysock.sin_addr), AF_INET); + + if (mych == NULL) { + pop_log(p,POP_PRIORITY, + "(v%s) Unable to get canonical name of Server, err = %d", + VERSION, errno); + /* Don't know my name, so just use my ip address */ + p->server = myipaddr; + } + else { + /* Save the cannonical name of the server host in + the POP parameter block */ + /* If your really hung up about the security of your local + DNS servers and don't trust them, then you can either add + in the same mess as is used for clients, or upgrade your + servers... Upgrade your DNS server(s).... + */ + p->server = (char *)strdup(mych->h_name); + } + #endif /* VIRTUAL_SERVER */ /* Create input file stream for TCP/IP communication */ if ((p->input = fdopen(sp,"r")) == NULL){ pop_log(p,POP_PRIORITY, "Unable to open communication stream for input, err = %d",errno); *** pop_user.c Thu Feb 18 15:52:01 1999 --- pop_user.c Thu Feb 18 15:52:01 1999 *************** *** 81,90 **** --- 81,99 ---- # ifdef APOP_ONLY return(pop_auth_fail(p, POP_FAILURE, "You must use APOP authentication to connect to this server")); # endif + #ifdef VIRTUAL_SERVER + /* If virtual Hosting replace virtual user ID with real user ID */ + if(pop_virtualh(p)) { + return(pop_msg(p,POP_FAILURE, + "Virtualization Failure for (%s)", p->user)); + } + #endif /* VIRTUAL_SERVER */ + + # ifdef APOP /* If this call fails then the database is not accessable (doesn't exist?) in which case we can ignore an APOP user trying to access the popper with a cleartext password. *** /dev/null Thu Feb 18 03:30:20 1999 --- pop_virtualh.c Thu Feb 18 15:52:01 1999 *************** *** 0 **** --- 1,123 ---- + /* + ** Modified by Carol Deihl (carol@tinker.com) 1999-02-18 + ** to use Berkeley newdb library, since on FreeBSD + ** the sendmail/makemap uses the "hash" stuff from newdb. + ** Also bug fixes, reformat to read easier. + ** Free Mod, Copyright Abandoned. + ** Distribute Freely. + ** Written by Ryan Mooney (ryan@pcslink.com) to add virtual Host + ** Support to the Qualcomm Popper Daemon on Mon Feb 17 MST 1997 + ** + ** Use at your own risk, no warranty is implied or granted, this + ** code has not been thoroughly tested and may have bugs, it may + ** destroy your entire system, it may contain unsuspected worms and + ** take over all the computers in your company and mail the little + ** green men from outer space your password file. If you are uncomfortable + ** with this write your own damn code, and don't blame me. + ** + ** Loosely based on code included in the other popper files: + ** Copyright (c) 1990 Regents of the University of California. + ** + */ + + + #ifdef VIRTUAL_SERVER + + #ifndef lint + static char copyright[] = "CopyRight Abandoned 1997"; + static char SccsId[] = "DO YOUR SCCS THING HERE!!!!"; + #endif /* not lint */ + + #include + #include + #include + + #if defined(SOLARIS2) || defined(SYSV) || defined(AIX) + # include + #else + # include + #endif + + #if defined(SOLARIS2) || defined(UNIXWARE) || defined(AIX) || defined(PTX) \ + || defined(AUX) || defined(POPSCO) || defined(OSF1) || defined(ULTRIX) + # include + #else + # include + #endif + + #include + + #include + + #include "popper.h" + + int pop_virtualh (p) + POP *p; + { + DB *virt_db; + DBT key, value; + + char orig_user[MAXLINELEN]; /* who user claims to be */ + char virt_user[MAXLINELEN]; /* what orig_user maps to in the virtpop table */ + char *s; + + if ((strlen(p->server) + strlen(p->user)) > MAXLINELEN - 1) { + pop_msg(p,POP_FAILURE, + "Server (%s) + user (%s) bigger than MAX %d", p->user, + p->server, MAXLINELEN - 1); + return(-1); + } + + sprintf(orig_user, "%s@%s", p->user, p->server); + + /* fold to lower case for fetching, since that's makemap's default behavior + when generating the db file + */ + s = orig_user; + while (*s) + *s++ = tolower(*s); + + #ifdef DEBUG + if (p->debug) + pop_log(p, POP_DEBUG, "Attempting to Virtualize (%s)", orig_user); + #endif /* DEBUG */ + + if ( (virt_db = dbopen(VIRTUAL_SERVER, O_RDONLY, 0, DB_HASH, NULL)) != NULL) { + key.size = strlen (key.data = orig_user); + value.size = sizeof(virt_user); + value.data = (void *)virt_user; + + if ( (virt_db->get) (virt_db, &key, &value, 0) == 0) { + #ifdef DEBUG + if (p->debug) + pop_log(p, POP_DEBUG, "User (%s) Virtualized", p->user); + #endif + /* + ** Got a live one, this is the users "real" name on our server + ** Replace the original name and carry on + */ + + bcopy(value.data, p->user, value.size); + p->user[value.size] = 0; + + #ifdef DEBUG + if (p->debug) + pop_log(p, POP_DEBUG, "Virtualized User is (%s)", p->user); + # endif + } + (virt_db->close)(virt_db); + + } + else { + #ifdef DEBUG + if (p->debug) + pop_log(p, POP_DEBUG, "Virtualization DB unopened (%s)", + strerror(errno)); + # endif + } + + return(0); + } /* end pop_virtualh */ + + #endif /* VIRTUAL_SERVER */ + *** INSTALL Thu Feb 18 15:52:01 1999 --- INSTALL Thu Feb 18 16:08:54 1999 *************** *** 23,32 **** --- 23,33 ---- 3. APOP 4. BULLETINS 5. SERVER MODE 6. SHADOW PASSWORDS / ENHANCED SECURITY SYSTEMS. 7. COMPILE TIME MACROS(for other options) + 8. VIRTUAL HOST NOTES DEBUGGING 0.0 BUFFER OVERRUN IN QPOPPER: ------------------------------ *************** *** 499,508 **** --- 500,542 ---- shells. v) GDBM - This value uses the GNU's GDBM library instead of NDBM. + 8.0 VIRTUAL HOST + ---------------- + The Virtual Host support allows you to have support for automatic + translation of e-mail addresses depending on the interface that + they arrive on. + + To enable this feature you need to define where the VIRTUAL_SERVER + db will live: + VIRTUAL_SERVER=\"/etc/virtual.pop\" + + You can then use the sendmail makemap (or other custom ndbm or db compatible + program) to generate translation tables for inbound pop users. + + ie: You have two virtual hosts defined on your server (with different + IP addresses bound to each): + senior.com + junior.com + + You have a user fred@senior.com and a user fred@junior.com, you + create two unix users: + www01 + www02 + + and then setup the translation DB as follows: + fred@senior.com www01 + fred@junior.com www02 + run "makemap -v hash /etc/virt.pop < /etc/virt.pop" or equivelant + and then when a pop request comes in for fred on the senior interface + it will be automatically translated into www01. + + This feature is designed to work with the sendmail virtual domain + hack (http://www.westnet.com/providers/) or the sendmail 8.8.x + virtusertable feature. NOTES: *** Makefile.in Thu Feb 18 16:25:44 1999 --- Makefile.in Thu Feb 18 02:37:40 1999 *************** *** 1,15 **** ! CSRCS = pop_dele.c pop_dropcopy.c \ pop_get_command.c pop_get_subcommand.c pop_init.c \ pop_last.c pop_list.c pop_log.c pop_lower.c \ pop_msg.c pop_parse.c pop_pass.c pop_quit.c \ pop_rset.c pop_send.c pop_stat.c pop_updt.c \ pop_user.c pop_xtnd.c pop_xmit.c popper.c \ pop_bull.c xtnd_xlst.c pop_uidl.c \ pop_rpop.c pop_apop.c pop_auth.c sendto.c ! OBJS = pop_dele.o pop_dropcopy.o \ pop_get_command.o pop_get_subcommand.o pop_init.o \ pop_last.o pop_list.o pop_log.o pop_lower.o \ pop_msg.o pop_parse.o pop_pass.o pop_quit.o \ pop_rset.o pop_send.o pop_stat.o pop_updt.o \ pop_user.o pop_xtnd.o pop_xmit.o popper.o \ --- 1,15 ---- ! CSRCS = pop_virtualh.c pop_dele.c pop_dropcopy.c \ pop_get_command.c pop_get_subcommand.c pop_init.c \ pop_last.c pop_list.c pop_log.c pop_lower.c \ pop_msg.c pop_parse.c pop_pass.c pop_quit.c \ pop_rset.c pop_send.c pop_stat.c pop_updt.c \ pop_user.c pop_xtnd.c pop_xmit.c popper.c \ pop_bull.c xtnd_xlst.c pop_uidl.c \ pop_rpop.c pop_apop.c pop_auth.c sendto.c ! OBJS = pop_virtualh.o pop_dele.o pop_dropcopy.o \ pop_get_command.o pop_get_subcommand.o pop_init.o \ pop_last.o pop_list.o pop_log.o pop_lower.o \ pop_msg.o pop_parse.o pop_pass.o pop_quit.o \ pop_rset.o pop_send.o pop_stat.o pop_updt.o \ pop_user.o pop_xtnd.o pop_xmit.o popper.o \ -- Carol Deihl - carol@tinker.com Shrier and Deihl - Unix Network Admin and Internet Software Development To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message