diff options
| author | Dirk Meyer <dinoex@FreeBSD.org> | 2001-09-16 09:43:13 +0000 |
|---|---|---|
| committer | Dirk Meyer <dinoex@FreeBSD.org> | 2001-09-16 09:43:13 +0000 |
| commit | 77b231c638775f0ab9cf62e13a8a0854e1172392 (patch) | |
| tree | 982f1519d5c3c87190d6dca0c5fab81ef7db1b39 /mail | |
| parent | Add a warnig messages if IDEA is not build by configuration. (diff) | |
Added new functionality:
SMTP_RELAY aftersucessfull POP3 authentification.
Option:
SMPT_AFTER_POP=yes
Documentation and popauth.m4 is included in this port.
PR: 29906
Notes
Notes:
svn path=/head/; revision=47862
Diffstat (limited to 'mail')
| -rw-r--r-- | mail/popa3d/Makefile | 42 | ||||
| -rw-r--r-- | mail/popa3d/distinfo | 1 | ||||
| -rw-r--r-- | mail/popa3d/files.smtp/POPAUTH | 49 | ||||
| -rw-r--r-- | mail/popa3d/files.smtp/patch-aa | 37 | ||||
| -rw-r--r-- | mail/popa3d/files.smtp/patch-ab | 23 | ||||
| -rw-r--r-- | mail/popa3d/files.smtp/patch-pop_auth.c | 11 | ||||
| -rw-r--r-- | mail/popa3d/files.smtp/patch-pop_pbs.c | 11 | ||||
| -rw-r--r-- | mail/popa3d/files.smtp/patch-pop_root.c | 18 | ||||
| -rw-r--r-- | mail/popa3d/files.smtp/popauth.m4 | 47 | ||||
| -rw-r--r-- | mail/popa3d/pkg-plist | 6 |
10 files changed, 238 insertions, 7 deletions
diff --git a/mail/popa3d/Makefile b/mail/popa3d/Makefile index 4e040d0f2fec..a2c7e3f22505 100644 --- a/mail/popa3d/Makefile +++ b/mail/popa3d/Makefile @@ -12,25 +12,59 @@ MASTER_SITES= http://www.openwall.com/popa3d/ \ ftp://ftp.openwall.com/popa3d/ \ ftp://ftp.dataforce.net/pub/solar/ \ ftp://ftp.false.com/pub/security/popa3d/ +.if defined(SMTP_AFTER_POP3) +PKGNAMESUFFIX?= -before-sendmail +.endif + +.if defined(SMTP_AFTER_POP3) +PATCH_SITES= http://www.openwall.com/popa3d/contrib/ +PATCHFILES= popa3d-0.4-before-sendmail.tar.gz +PATCH_DIST_STRIP= -p1 +.endif MAINTAINER= gonza@techline.ru ALL_TARGET= popa3d +.if defined(SMTP_AFTER_POP3) +PATCHDIR= ${MASTERDIR}/files.smtp +PLIST= ${WRKDIR}/.PLIST.more + +pre-configure: + @${ECHO} "%%PORTDOCS%%share/doc/popa3d/POPAUTH" >${PLIST} + @${CAT} ${PKGDIR}/pkg-plist >>${PLIST} + @${ECHO} "share/sendmail/cf/hack/popauth.m4" >>${PLIST} + +post-patch: + @${PERL5} -pi -e "s=LOG_MAIL=LOG_DAEMON=" ${WRKSRC}/params.h + @${PERL5} -pi -e "s=db1/db.h=db.h=" ${WRKSRC}/pop_root.c +.endif + +pre-install: + @ ${SH} ${PKGINSTALL} ${PKGNAME} PRE-INSTALL + do-install: ${INSTALL} ${COPY} -o root -g wheel -m 500 \ ${WRKSRC}/popa3d ${PREFIX}/libexec/popa3d - +.if defined(SMTP_AFTER_POP3) + ${INSTALL_DATA} ${PATCHDIR}/popauth.m4 ${CFDIR}/hack +.endif .if !defined(NOPORTDOCS) ${MKDIR} ${PREFIX}/share/doc/popa3d ${INSTALL_MAN} ${WRKSRC}/DESIGN ${PREFIX}/share/doc/popa3d ${INSTALL_MAN} ${WRKSRC}/COPYING ${PREFIX}/share/doc/popa3d +.if defined(SMTP_AFTER_POP3) + ${INSTALL_DATA} ${PATCHDIR}/POPAUTH ${PREFIX}/share/doc/popa3d +.endif .endif - -pre-install: - @ ${SH} ${PKGINSTALL} ${PKGNAME} PRE-INSTALL post-install: @ ${CAT} ${PKGMESSAGE} .include <bsd.port.mk> + +.if exists(${DESTDIR}/${LOCALBASE}/share/sendmail/cf/mailer/uucp.m4) +CFDIR= ${DESTDIR}${LOCALBASE}/share/sendmail/cf +.else +CFDIR= ${DESTDIR}/usr/share/sendmail/cf +.endif diff --git a/mail/popa3d/distinfo b/mail/popa3d/distinfo index e530600c94fc..aff3cb035e42 100644 --- a/mail/popa3d/distinfo +++ b/mail/popa3d/distinfo @@ -1 +1,2 @@ MD5 (popa3d-0.4.tar.gz) = 4ce2ed209abeaeaae7724d8d24bb7dbf +MD5 (popa3d-0.4-before-sendmail.tar.gz) = 8e1aed8c86e1df777eee116667ad9d54 diff --git a/mail/popa3d/files.smtp/POPAUTH b/mail/popa3d/files.smtp/POPAUTH new file mode 100644 index 000000000000..abb368505724 --- /dev/null +++ b/mail/popa3d/files.smtp/POPAUTH @@ -0,0 +1,49 @@ + popa3d patch for POP-before-SMTP and SMTP-after-POP + + Garry Glendown / Dec. 12th 2000 + +On the 'net there are a couple of solutions to allow for POP-before-SMTP +authentication in order to allow for relaying of mails. Anyway, the +solutions I found didn't really apeal to me, so I hacked popa3d a bit, +which we already used on one of our machines to serve mail to dialup +customers. + + Prerequisites + +This patch supplies data to sendmail to allow for certain IPs to use it +as a relaying host. In order to use with your sendmail installation, get +the popauth-hack (http://www.sendmail.org/~ca/email/rules/popauth.m4) +and install it by adding "HACK(`popauth')" to you .mc-file. + + Installing + +The patch - enabled through the POPB4SMTP-define in the Makefile - +accesses the file "/etc/mail/popauth.db" (create with "makemap hash +/etc/mail/popauth </dev/null") and adds the IP of the sucessfully +authenticated POP-user to it. Once the IP appears in the .db-file, +sendmail will allow the IP to relay mail from it. + +Apart from the IP, which is added as LHS in the database, the patch adds +the timestamp of the authentication as RHS (which the sendmail-hack +ignores). This timestamp is then used to remove old IPs which are older +than VALIDTIME seconds (defined in the Makefile). + + Disclaimer + +This hack has been in production use for a week on our server and though +there are in average 30-60 POP3 logins per minute (going up to 2-3 +requests per seconds during daytime), we have not had any problems. +Please note that I'm no expert at the Berkeley db library - I just +hacked up a version using the old db1 functions and it worked out. +There may be things to do better, but it seems to work fine for me. If +you have any suggestions, let me know ... I've tried to play it safe and +wrapped all db-access into a semaphore-protected block, hopefully +allowing for safe multiple execution ... also, I tried to make sure that +the string functions all check for the available array length. + +If you have any suggestions, questions or feedback of any other kind +concerning this hack, don't bug the author of popa3d, but drop me a mail +at garry@glendown.de + +G.Glendown / Dec 15th 2000 + diff --git a/mail/popa3d/files.smtp/patch-aa b/mail/popa3d/files.smtp/patch-aa new file mode 100644 index 000000000000..b873e9ac3561 --- /dev/null +++ b/mail/popa3d/files.smtp/patch-aa @@ -0,0 +1,37 @@ +--- params.h.orig Tue Feb 1 09:16:24 2000 ++++ params.h Sat Mar 4 16:12:48 2000 +@@ -33,7 +33,7 @@ + * An unprivileged dummy user to run as before authentication. The user + * and its UID must not be used for any other purpose. + */ +-#define POP_USER "popa3d" ++#define POP_USER "pop" + + /* + * Sessions will be closed if idle for longer than POP_TIMEOUT seconds. +@@ -62,7 +62,7 @@ + * Do we have shadow passwords? (Not for *BSD.) + * Note: password aging is not supported. + */ +-#define AUTH_SHADOW 1 ++#define AUTH_SHADOW 0 + + /* + * A salt used to waste some CPU time on dummy crypt(3) calls and make +@@ -81,14 +81,14 @@ + * Your mail spool directory. Note: only local (non-NFS) mode 775 mail + * spools are currently supported. + */ +-#define MAIL_SPOOL_PATH "/var/spool/mail" ++#define MAIL_SPOOL_PATH "/var/mail" + + /* + * How do we talk to syslogd? These should be fine for most systems. + */ + #define SYSLOG_IDENT "popa3d" + #define SYSLOG_OPTIONS LOG_PID +-#define SYSLOG_FACILITY LOG_DAEMON ++#define SYSLOG_FACILITY LOG_MAIL + #define SYSLOG_PRIORITY LOG_NOTICE + + /* diff --git a/mail/popa3d/files.smtp/patch-ab b/mail/popa3d/files.smtp/patch-ab new file mode 100644 index 000000000000..2565bb67698a --- /dev/null +++ b/mail/popa3d/files.smtp/patch-ab @@ -0,0 +1,23 @@ +--- Makefile.orig Mon Jul 16 11:35:16 2001 ++++ Makefile Mon Jul 16 11:43:29 2001 +@@ -1,9 +1,8 @@ +-CC = gcc +-LD = gcc ++CC? = gcc + RM = rm -f + CFLAGS = -c -Wall -O2 -fomit-frame-pointer -DPOPB4SMTP -DVALIDTIME=600 + #LDFLAGS = -s +-LDFLAGS = -s -lcrypt -ldb1 ++LDFLAGS = -s -lcrypt + + + PROJ = popa3d +@@ -14,7 +13,7 @@ + misc.o pop_pbs.o + + popa3d: $(OBJS) +- $(LD) $(LDFLAGS) $(OBJS) -o popa3d ++ $(CC) $(LDFLAGS) $(OBJS) -o popa3d + + md5/md5.o: md5/md5.c md5/md5.h + $(CC) $(CFLAGS) -D_LIBC md5/md5.c -o md5/md5.o diff --git a/mail/popa3d/files.smtp/patch-pop_auth.c b/mail/popa3d/files.smtp/patch-pop_auth.c new file mode 100644 index 000000000000..fe0638ac55a7 --- /dev/null +++ b/mail/popa3d/files.smtp/patch-pop_auth.c @@ -0,0 +1,11 @@ +--- pop_auth.c.orig Mon Jul 16 11:51:30 2001 ++++ pop_auth.c Mon Jul 16 11:54:35 2001 +@@ -12,6 +12,8 @@ + #include "protocol.h" + #include "pop_auth.h" + ++char *client_addr(int); ++ + static char *pop_user, *pop_pass; + + static int pop_auth_quit(char *params) diff --git a/mail/popa3d/files.smtp/patch-pop_pbs.c b/mail/popa3d/files.smtp/patch-pop_pbs.c new file mode 100644 index 000000000000..397de2d09e9c --- /dev/null +++ b/mail/popa3d/files.smtp/patch-pop_pbs.c @@ -0,0 +1,11 @@ +--- pop_pbs.c.orig Mon Jul 16 11:38:00 2001 ++++ pop_pbs.c Mon Jul 16 11:41:40 2001 +@@ -1,6 +1,7 @@ ++#include <sys/types.h> + #include <sys/socket.h> ++#include <netinet/in.h> + #include <arpa/inet.h> +-#include <sys/types.h> + #include <sys/stat.h> + + char addr_buf[256]; diff --git a/mail/popa3d/files.smtp/patch-pop_root.c b/mail/popa3d/files.smtp/patch-pop_root.c new file mode 100644 index 000000000000..cdc98a60e1f5 --- /dev/null +++ b/mail/popa3d/files.smtp/patch-pop_root.c @@ -0,0 +1,18 @@ +--- pop_root.c.neu.orig Mon Jul 16 11:55:05 2001 ++++ pop_root.c Tue Jul 17 11:45:22 2001 +@@ -210,6 +210,7 @@ + sem=sem_attach(0x50413453); + sem_enter(sem); + db=dbopen("/etc/mail/popauth.db",O_RDWR,0664,DB_HASH,0 ); ++ if ( db != NULL ) { + key.data=client_addr(1); + key.size=strlen(key.data); + sprintf(ts,"%d",(int)time(0)); +@@ -233,6 +234,7 @@ + ret=db->seq(db,&key,&data,R_NEXT); + } + db->close(db); ++ } + sem_leave(sem); + #endif + diff --git a/mail/popa3d/files.smtp/popauth.m4 b/mail/popa3d/files.smtp/popauth.m4 new file mode 100644 index 000000000000..2520978ad904 --- /dev/null +++ b/mail/popa3d/files.smtp/popauth.m4 @@ -0,0 +1,47 @@ +divert(-1) +# +# Copyright (c) 2000 Claus Assmann <ca+popauth@mine.informatik.uni-kiel.de> +# +# In short: you can do whatever you want with this, but don't blame me! +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND +# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +# ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE +# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +# SUCH DAMAGE. +# +# <URL: http://www.sendmail.org/~ca/email/chk-89n.html > +# +VERSIONID(`$Id: popauth.m4,v 1.5 2000/10/19 17:47:53 ca Exp $') + +LOCAL_CONFIG +ifdef(`DATABASE_MAP_TYPE', `', `define(`DATABASE_MAP_TYPE', `hash')') +Kpopauth ifelse(defn(`_ARG_'), `', + `DATABASE_MAP_TYPE -a<OK> /etc/mail/popauth', + `_ARG_') +ifdef(`CF_LEVEL', `dnl has been introduced in 8.10 +dnl this can be used to add a tag to entries in the map +dnl to restrict the access +ifdef(`POP_B4_SMTP_TAG',, `define(`POP_B4_SMTP_TAG', `POP:')')dnl +ifdef(`POP_TO', `dnl +ifdef(`_ARITH_MAP_', `', `dnl +define(`_ARITH_MAP_', `1')dnl +Karith arith') +')', `dnl +define(`POP_B4_SMTP_TAG', `')dnl +')dnl +LOCAL_RULESETS +SLocal_check_rcpt +R$* $: $(popauth `'$&{client_addr} $: <?> $) +R<?> $@ NoPopAuth +ifdef(`POP_TO', `dnl +R$+ $: $(arith - $@ $1 $@ $&t $) +R$+ $: $(arith l $@ $1 $@ POP_TO $) +RTRUE $# OK', ` +R$*<OK> $# OK') diff --git a/mail/popa3d/pkg-plist b/mail/popa3d/pkg-plist index 89792500cea3..0567735d177d 100644 --- a/mail/popa3d/pkg-plist +++ b/mail/popa3d/pkg-plist @@ -1,5 +1,5 @@ @comment $FreeBSD$ libexec/popa3d -share/doc/popa3d/DESIGN -share/doc/popa3d/COPYING -@dirrm share/doc/popa3d +%%PORTDOCS%%share/doc/popa3d/DESIGN +%%PORTDOCS%%share/doc/popa3d/COPYING +%%PORTDOCS%%@dirrm share/doc/popa3d |