Added new functionality:

SMTP_RELAY aftersucessfull POP3 authentification. Option: SMPT_AFTER_POP=yes Documentation and popauth.m4 is included in this port. PR: 29906
author: dinoex <dinoex@FreeBSD.org> 2001-09-16 09:43:13 +0000
committer: dinoex <dinoex@FreeBSD.org> 2001-09-16 09:43:13 +0000
commit: dc18738f39ee104f387063ed4aeea6fea34b232c (patch)
tree: 6d5b2b9b0e7baa184258cbe4eb484389e4c32a66 /mail/popa3d
parent: 2ffd6b1a2a9e6c6415261fbcf0026c04109ca428 (diff)
download: FreeBSD-ports-dc18738f39ee104f387063ed4aeea6fea34b232c.zip
FreeBSD-ports-dc18738f39ee104f387063ed4aeea6fea34b232c.tar.gz
10 files changed, 238 insertions, 7 deletions
diff --git a/mail/popa3d/Makefile b/mail/popa3d/Makefile
index 4e040d0..a2c7e3f 100644
--- a/mail/popa3d/Makefile
+++ b/mail/popa3d/Makefile
@@ -12,25 +12,59 @@ MASTER_SITES=	http://www.openwall.com/popa3d/ \
 		ftp://ftp.openwall.com/popa3d/ \
 		ftp://ftp.dataforce.net/pub/solar/ \
 		ftp://ftp.false.com/pub/security/popa3d/
+.if defined(SMTP_AFTER_POP3)
+PKGNAMESUFFIX?=	-before-sendmail
+.endif
+
+.if defined(SMTP_AFTER_POP3)
+PATCH_SITES= 	http://www.openwall.com/popa3d/contrib/
+PATCHFILES= 	popa3d-0.4-before-sendmail.tar.gz
+PATCH_DIST_STRIP=	-p1
+.endif
 
 MAINTAINER=	gonza@techline.ru
 
 ALL_TARGET=	popa3d
 
+.if defined(SMTP_AFTER_POP3)
+PATCHDIR=	${MASTERDIR}/files.smtp
+PLIST=		${WRKDIR}/.PLIST.more
+
+pre-configure:
+	@${ECHO} "%%PORTDOCS%%share/doc/popa3d/POPAUTH" >${PLIST}
+	@${CAT} ${PKGDIR}/pkg-plist >>${PLIST}
+	@${ECHO} "share/sendmail/cf/hack/popauth.m4" >>${PLIST}
+
+post-patch:
+	@${PERL5} -pi -e "s=LOG_MAIL=LOG_DAEMON=" ${WRKSRC}/params.h
+	@${PERL5} -pi -e "s=db1/db.h=db.h=" ${WRKSRC}/pop_root.c
+.endif
+
+pre-install:
+	@ ${SH} ${PKGINSTALL} ${PKGNAME} PRE-INSTALL
+
 do-install:
 	${INSTALL} ${COPY} -o root -g wheel -m 500 \
 	    ${WRKSRC}/popa3d ${PREFIX}/libexec/popa3d
-
+.if defined(SMTP_AFTER_POP3)
+	${INSTALL_DATA} ${PATCHDIR}/popauth.m4 ${CFDIR}/hack
+.endif
 .if !defined(NOPORTDOCS)
 	${MKDIR} ${PREFIX}/share/doc/popa3d
 	${INSTALL_MAN} ${WRKSRC}/DESIGN ${PREFIX}/share/doc/popa3d
 	${INSTALL_MAN} ${WRKSRC}/COPYING ${PREFIX}/share/doc/popa3d
+.if defined(SMTP_AFTER_POP3)
+	${INSTALL_DATA} ${PATCHDIR}/POPAUTH ${PREFIX}/share/doc/popa3d
+.endif
 .endif
-
-pre-install:
-	@ ${SH} ${PKGINSTALL} ${PKGNAME} PRE-INSTALL
 
 post-install:
 	@ ${CAT} ${PKGMESSAGE}
 
 .include <bsd.port.mk>
+
+.if exists(${DESTDIR}/${LOCALBASE}/share/sendmail/cf/mailer/uucp.m4)
+CFDIR=		${DESTDIR}${LOCALBASE}/share/sendmail/cf
+.else
+CFDIR=		${DESTDIR}/usr/share/sendmail/cf
+.endif
diff --git a/mail/popa3d/distinfo b/mail/popa3d/distinfo
index e530600..aff3cb0 100644
--- a/mail/popa3d/distinfo
+++ b/mail/popa3d/distinfo
@@ -1 +1,2 @@
 MD5 (popa3d-0.4.tar.gz) = 4ce2ed209abeaeaae7724d8d24bb7dbf
+MD5 (popa3d-0.4-before-sendmail.tar.gz) = 8e1aed8c86e1df777eee116667ad9d54
diff --git a/mail/popa3d/files.smtp/POPAUTH b/mail/popa3d/files.smtp/POPAUTH
new file mode 100644
index 0000000..abb3685
--- /dev/null
+++ b/mail/popa3d/files.smtp/POPAUTH
@@ -0,0 +1,49 @@
+	  popa3d patch for POP-before-SMTP and SMTP-after-POP
+
+		    Garry Glendown / Dec. 12th 2000
+
+On the 'net there are a couple of solutions to allow for POP-before-SMTP
+authentication in order to allow for relaying of mails. Anyway, the 
+solutions I found didn't really apeal to me, so I hacked popa3d a bit,
+which we already used on one of our machines to serve mail to dialup
+customers.
+
+			     Prerequisites
+
+This patch supplies data to sendmail to allow for certain IPs to use it
+as a relaying host. In order to use with your sendmail installation, get
+the popauth-hack (http://www.sendmail.org/~ca/email/rules/popauth.m4)
+and install it by adding "HACK(`popauth')" to you .mc-file.
+
+			       Installing
+
+The patch - enabled through the POPB4SMTP-define in the Makefile -
+accesses the file "/etc/mail/popauth.db" (create with "makemap hash
+/etc/mail/popauth </dev/null") and adds the IP of the sucessfully
+authenticated POP-user to it. Once the IP appears in the .db-file,
+sendmail will allow the IP to relay mail from it.
+
+Apart from the IP, which is added as LHS in the database, the patch adds
+the timestamp of the authentication as RHS (which the sendmail-hack
+ignores). This timestamp is then used to remove old IPs which are older
+than VALIDTIME seconds (defined in the Makefile).
+
+			       Disclaimer
+
+This hack has been in production use for a week on our server and though
+there are in average 30-60 POP3 logins per minute (going up to 2-3
+requests per seconds during daytime), we have not had any problems.
+Please note that I'm no expert at the Berkeley db library - I just
+hacked up a version using the old db1 functions and it worked out.
+There may be things to do better, but it seems to work fine for me. If
+you have any suggestions, let me know ... I've tried to play it safe and
+wrapped all db-access into a semaphore-protected block, hopefully
+allowing for safe multiple execution ... also, I tried to make sure that
+the string functions all check for the available array length.
+
+If you have any suggestions, questions or feedback of any other kind
+concerning this hack, don't bug the author of popa3d, but drop me a mail
+at garry@glendown.de
+
+G.Glendown / Dec 15th 2000
+
diff --git a/mail/popa3d/files.smtp/patch-aa b/mail/popa3d/files.smtp/patch-aa
new file mode 100644
index 0000000..b873e9a
--- /dev/null
+++ b/mail/popa3d/files.smtp/patch-aa
@@ -0,0 +1,37 @@
+--- params.h.orig	Tue Feb  1 09:16:24 2000
++++ params.h	Sat Mar  4 16:12:48 2000
+@@ -33,7 +33,7 @@
+  * An unprivileged dummy user to run as before authentication. The user
+  * and its UID must not be used for any other purpose.
+  */
+-#define POP_USER			"popa3d"
++#define POP_USER			"pop"
+ 
+ /*
+  * Sessions will be closed if idle for longer than POP_TIMEOUT seconds.
+@@ -62,7 +62,7 @@
+  * Do we have shadow passwords? (Not for *BSD.)
+  * Note: password aging is not supported.
+  */
+-#define AUTH_SHADOW			1
++#define AUTH_SHADOW			0
+ 
+ /*
+  * A salt used to waste some CPU time on dummy crypt(3) calls and make
+@@ -81,14 +81,14 @@
+  * Your mail spool directory. Note: only local (non-NFS) mode 775 mail
+  * spools are currently supported.
+  */
+-#define MAIL_SPOOL_PATH			"/var/spool/mail"
++#define MAIL_SPOOL_PATH			"/var/mail"
+ 
+ /*
+  * How do we talk to syslogd? These should be fine for most systems.
+  */
+ #define SYSLOG_IDENT			"popa3d"
+ #define SYSLOG_OPTIONS			LOG_PID
+-#define SYSLOG_FACILITY			LOG_DAEMON
++#define SYSLOG_FACILITY			LOG_MAIL
+ #define SYSLOG_PRIORITY			LOG_NOTICE
+ 
+ /*
diff --git a/mail/popa3d/files.smtp/patch-ab b/mail/popa3d/files.smtp/patch-ab
new file mode 100644
index 0000000..2565bb6
--- /dev/null
+++ b/mail/popa3d/files.smtp/patch-ab
@@ -0,0 +1,23 @@
+--- Makefile.orig	Mon Jul 16 11:35:16 2001
++++ Makefile	Mon Jul 16 11:43:29 2001
+@@ -1,9 +1,8 @@
+-CC = gcc
+-LD = gcc
++CC? = gcc
+ RM = rm -f
+ CFLAGS = -c -Wall -O2 -fomit-frame-pointer -DPOPB4SMTP -DVALIDTIME=600
+ #LDFLAGS = -s
+-LDFLAGS = -s -lcrypt -ldb1
++LDFLAGS = -s -lcrypt
+ 
+ 
+ PROJ = popa3d
+@@ -14,7 +13,7 @@
+ 	misc.o pop_pbs.o
+ 
+ popa3d: $(OBJS)
+-	$(LD) $(LDFLAGS) $(OBJS) -o popa3d
++	$(CC) $(LDFLAGS) $(OBJS) -o popa3d
+ 
+ md5/md5.o: md5/md5.c md5/md5.h
+ 	$(CC) $(CFLAGS) -D_LIBC md5/md5.c -o md5/md5.o
diff --git a/mail/popa3d/files.smtp/patch-pop_auth.c b/mail/popa3d/files.smtp/patch-pop_auth.c
new file mode 100644
index 0000000..fe0638a
--- /dev/null
+++ b/mail/popa3d/files.smtp/patch-pop_auth.c
@@ -0,0 +1,11 @@
+--- pop_auth.c.orig	Mon Jul 16 11:51:30 2001
++++ pop_auth.c	Mon Jul 16 11:54:35 2001
+@@ -12,6 +12,8 @@
+ #include "protocol.h"
+ #include "pop_auth.h"
+ 
++char *client_addr(int);
++
+ static char *pop_user, *pop_pass;
+ 
+ static int pop_auth_quit(char *params)
diff --git a/mail/popa3d/files.smtp/patch-pop_pbs.c b/mail/popa3d/files.smtp/patch-pop_pbs.c
new file mode 100644
index 0000000..397de2d
--- /dev/null
+++ b/mail/popa3d/files.smtp/patch-pop_pbs.c
@@ -0,0 +1,11 @@
+--- pop_pbs.c.orig	Mon Jul 16 11:38:00 2001
++++ pop_pbs.c	Mon Jul 16 11:41:40 2001
+@@ -1,6 +1,7 @@
++#include <sys/types.h>
+ #include <sys/socket.h>
++#include <netinet/in.h>
+ #include <arpa/inet.h>
+-#include <sys/types.h>
+ #include <sys/stat.h>
+ 
+ char  addr_buf[256];
diff --git a/mail/popa3d/files.smtp/patch-pop_root.c b/mail/popa3d/files.smtp/patch-pop_root.c
new file mode 100644
index 0000000..cdc98a6
--- /dev/null
+++ b/mail/popa3d/files.smtp/patch-pop_root.c
@@ -0,0 +1,18 @@
+--- pop_root.c.neu.orig	Mon Jul 16 11:55:05 2001
++++ pop_root.c	Tue Jul 17 11:45:22 2001
+@@ -210,6 +210,7 @@
+ 	sem=sem_attach(0x50413453);
+ 	sem_enter(sem);
+ 	db=dbopen("/etc/mail/popauth.db",O_RDWR,0664,DB_HASH,0 );
++	if ( db != NULL ) {
+ 	key.data=client_addr(1);
+ 	key.size=strlen(key.data);
+ 	sprintf(ts,"%d",(int)time(0));
+@@ -233,6 +234,7 @@
+ 		ret=db->seq(db,&key,&data,R_NEXT);
+ 	}
+ 	db->close(db);
++	}
+ 	sem_leave(sem);
+ #endif
+ 
diff --git a/mail/popa3d/files.smtp/popauth.m4 b/mail/popa3d/files.smtp/popauth.m4
new file mode 100644
index 0000000..2520978
--- /dev/null
+++ b/mail/popa3d/files.smtp/popauth.m4
@@ -0,0 +1,47 @@
+divert(-1)
+#
+# Copyright (c) 2000 Claus Assmann <ca+popauth@mine.informatik.uni-kiel.de>
+#
+# In short: you can do whatever you want with this, but don't blame me!
+#
+# THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
+# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+# ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+# SUCH DAMAGE.
+#
+# <URL: http://www.sendmail.org/~ca/email/chk-89n.html >
+#
+VERSIONID(`$Id: popauth.m4,v 1.5 2000/10/19 17:47:53 ca Exp $')
+
+LOCAL_CONFIG
+ifdef(`DATABASE_MAP_TYPE', `', `define(`DATABASE_MAP_TYPE', `hash')')
+Kpopauth ifelse(defn(`_ARG_'), `',
+		`DATABASE_MAP_TYPE -a<OK> /etc/mail/popauth',
+		`_ARG_')
+ifdef(`CF_LEVEL', `dnl has been introduced in 8.10
+dnl this can be used to add a tag to entries in the map
+dnl to restrict the access
+ifdef(`POP_B4_SMTP_TAG',, `define(`POP_B4_SMTP_TAG', `POP:')')dnl
+ifdef(`POP_TO', `dnl
+ifdef(`_ARITH_MAP_', `', `dnl
+define(`_ARITH_MAP_', `1')dnl
+Karith arith')
+')', `dnl
+define(`POP_B4_SMTP_TAG', `')dnl
+')dnl
+LOCAL_RULESETS
+SLocal_check_rcpt
+R$*		$: $(popauth `'$&{client_addr} $: <?> $)
+R<?>		$@ NoPopAuth
+ifdef(`POP_TO', `dnl
+R$+		$: $(arith - $@ $1 $@ $&t $)
+R$+		$: $(arith l $@ $1 $@ POP_TO $)
+RTRUE		$# OK', `
+R$*<OK>		$# OK')
diff --git a/mail/popa3d/pkg-plist b/mail/popa3d/pkg-plist
index 8979250..0567735 100644
--- a/mail/popa3d/pkg-plist
+++ b/mail/popa3d/pkg-plist
@@ -1,5 +1,5 @@
 @comment $FreeBSD$
 libexec/popa3d
-share/doc/popa3d/DESIGN
-share/doc/popa3d/COPYING
-@dirrm share/doc/popa3d
+%%PORTDOCS%%share/doc/popa3d/DESIGN
+%%PORTDOCS%%share/doc/popa3d/COPYING
+%%PORTDOCS%%@dirrm share/doc/popa3d
author	dinoex <dinoex@FreeBSD.org>	2001-09-16 09:43:13 +0000
committer	dinoex <dinoex@FreeBSD.org>	2001-09-16 09:43:13 +0000
commit	dc18738f39ee104f387063ed4aeea6fea34b232c (patch)
tree	6d5b2b9b0e7baa184258cbe4eb484389e4c32a66 /mail/popa3d
parent	2ffd6b1a2a9e6c6415261fbcf0026c04109ca428 (diff)
download	FreeBSD-ports-dc18738f39ee104f387063ed4aeea6fea34b232c.zip FreeBSD-ports-dc18738f39ee104f387063ed4aeea6fea34b232c.tar.gz