SSMTP bundles MD5 code with it (md5auth/md5c.c) instead of linking against system libraries, and this bundled code seems to generate broken HMAC-MD5 hashes, which breaks SSMTP's support for CRAM-MD5 SMTP authentication, at least on FreeBSD 8.0. Attached is a patch to the port that unlinks md5auth/md5c.c from the build, and links ssmtp against the system -lmd. Fix: Patch attached with submission follows:
Responsible Changed From-To: freebsd-ports-bugs->glarkin Over to maintainer (via the GNATS Auto Assign Tool)
I neglected to bump PORTREVISION, sorry. Please catch that for me. :)
As requested, I've updated the port to the latest stable version from upstream, 2.62-3, and included the CRAM-MD5 fix. Patch attached. I've made some minor changes, in particular the port doesn't fetch the patchlevel diff file from upstream. I'm not sure why it was fetching it previously as it didn't seem to do anything with it, and neither does this new port. The upstream patchlevel stuff is integrated in files/patch-ssmtp.c and includes: debian/patches/02-CVE-2008-3962 debian/patches/345780-standardise-bufsize There were quite a lot of local coding fixes in ssmtp.c that had to be updated. Have you tried sending these upstream?
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Aragon Gouveia wrote: > The following reply was made to PR ports/140175; it has been noted by GNATS. > > From: Aragon Gouveia <aragon@phat.za.net> > To: bug-followup@FreeBSD.org > Cc: > Subject: Re: ports/140175: [patch] mail/ssmtp CRAM-MD5 broken > Date: Thu, 26 Nov 2009 02:08:28 +0200 > > This is a multi-part message in MIME format. > --------------050206040202080707060505 > Content-Type: text/plain; charset=ISO-8859-1; format=flowed > Content-Transfer-Encoding: 7bit > > As requested, I've updated the port to the latest stable version from > upstream, 2.62-3, and included the CRAM-MD5 fix. Patch attached. > > I've made some minor changes, in particular the port doesn't fetch the > patchlevel diff file from upstream. I'm not sure why it was fetching it > previously as it didn't seem to do anything with it, and neither does > this new port. The upstream patchlevel stuff is integrated in > files/patch-ssmtp.c and includes: > > debian/patches/02-CVE-2008-3962 > debian/patches/345780-standardise-bufsize > > There were quite a lot of local coding fixes in ssmtp.c that had to be > updated. Have you tried sending these upstream? > [...] Hi Aragon, Thank you for preparing the new patch, and I have been working on incorporating it into my local development area. I discovered pretty quickly that FreeBSD <7.2 doesn't include the strndup function in libc, so ssmtp doesn't link on those versions. Lately, I've been using GNU gnulib (http://www.gnu.org/software/gnulib/) to work around problems like these, and I am working on some additional patches to incorporate GNU strndup into this project. Thank you, Greg - -- Greg Larkin http://www.FreeBSD.org/ - The Power To Serve http://www.sourcehosting.net/ - Ready. Set. Code. http://twitter.com/sourcehosting/ - Follow me, follow you -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iD8DBQFLFZ5d0sRouByUApARAkEoAJ9rD0v/gQnu5TqybTeyGXm+VVDhuACeORN9 9KVJVnenQIPpN1KDGrhbNBY= =nVf4 -----END PGP SIGNATURE-----
Attached is a patch that incorporates everything previously plus a version conditional patch with a strndup() implementation for older FreeBSD versions. I tested this on a 7.1-RELEASE system. I don't actually know how you made sense of my previous patch - it got severely bastardised somewhere in my rolling process which I only noticed now. This patch should be sane!
glarkin 2009-12-05 03:20:00 UTC FreeBSD ports repository Modified files: mail/ssmtp Makefile distinfo mail/ssmtp/files patch-configure patch-ssmtp.c Added files: mail/ssmtp/files patch-md5auth-hmac_md5.c Removed files: mail/ssmtp/files patch-arpadate.c patch-base64.c patch-ssmtp.h Log: - Updated to 2.62.3 - Link against system MD5 libs instead of included modules to fix CRAM-MD5 authentication PR: ports/140175 Submitted by: Aragon Gouveia <aragon@phat.za.net> Revision Changes Path 1.29 +3 -7 ports/mail/ssmtp/Makefile 1.11 +3 -6 ports/mail/ssmtp/distinfo 1.2 +0 -11 ports/mail/ssmtp/files/patch-arpadate.c (dead) 1.2 +0 -20 ports/mail/ssmtp/files/patch-base64.c (dead) 1.3 +13 -0 ports/mail/ssmtp/files/patch-configure 1.1 +12 -0 ports/mail/ssmtp/files/patch-md5auth-hmac_md5.c (new) 1.5 +252 -187 ports/mail/ssmtp/files/patch-ssmtp.c 1.2 +0 -10 ports/mail/ssmtp/files/patch-ssmtp.h (dead) _______________________________________________ cvs-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/cvs-all To unsubscribe, send any mail to "cvs-all-unsubscribe@freebsd.org"
glarkin 2009-12-05 03:22:07 UTC FreeBSD doc repository (ports committer) Modified files: en_US.ISO8859-1/articles/contributors contrib.additional.sgml Log: - Added new contributor: Aragon Gouveia <aragon@phat.za.net> PR: ports/140175 Revision Changes Path 1.883 +5 -0 doc/en_US.ISO8859-1/articles/contributors/contrib.additional.sgml _______________________________________________ cvs-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/cvs-all To unsubscribe, send any mail to "cvs-all-unsubscribe@freebsd.org"
State Changed From-To: open->closed Committed with minor tweaks to keep portlint happy, thank you!