Users of qmail uses ucspi-tcp with RSS_DIFF option selected. With this option, rblsmtpd, if matches the IP, open a fake smtp server. It's not so good, because if person want to auth on server and prove he is a valid user he doesn't have chance. I made this new patch, and, if you set an environment var named RBL2SMTPD, it accept the connection and call qmail-smtpd with this envvar set, so, qmail-smtpd will check this. I'm working now on qmail-smtpd patch to check this. Added file(s): - files/extra-patch-rblsmtpd.c Port maintainer (dom@happygiraffe.net) is cc'd. Generated with FreeBSD Port Tools 0.77
Responsible Changed From-To: freebsd-ports-bugs->garga Submitter has GNATS access
State Changed From-To: open->feedback Awaiting maintainers feedback
Sorry, I sent a wrong version of files/extra-patch-rblsmtpd.c, here is the correct: ------------------------------------------------------------------- --- rblsmtpd.c.orig Fri Jun 2 15:59:56 2006 +++ rblsmtpd.c Fri Jun 2 16:07:20 2006 @@ -178,17 +178,19 @@ buffer_puts(buffer_2,"\n"); buffer_flush(buffer_2); - if (!stralloc_cats(&message,"\r\n")) nomem(); + if (!env_get("RBL2SMTPD")) { + if (!stralloc_cats(&message,"\r\n")) nomem(); - if (!timeout) - reject(); - else { - sig_catch(sig_alarm,drop); - alarm(timeout); - greet(); - commands(&in,smtpcommands); + if (!timeout) + reject(); + else { + sig_catch(sig_alarm,drop); + alarm(timeout); + greet(); + commands(&in,smtpcommands); + } + _exit(0); } - _exit(0); } main(int argc,char **argv,char **envp) @@ -230,7 +232,11 @@ if (flagwantdefaultrbl) rbl("rbl.maps.vix.com"); if (decision >= 2) rblsmtpd(); - - pathexec_run(*argv,argv,envp); + if (env_get("RBL2SMTPD")) { + if (decision >= 2) pathexec_env("RBLMATCH", message.s); + pathexec(argv); + } else { + pathexec_run(*argv,argv,envp); + } strerr_die4sys(111,FATAL,"unable to run ",*argv,": "); } ------------------------------------------------------------------- -- Renato Botelho <garga @ FreeBSD.org> <freebsd @ galle.com.br> GnuPG Key: http://www.FreeBSD.org/~garga/pubkey.asc I have no doubt that it is a part of the destiny of the human race, in its gradual improvement, to leave off eating animals. -- Thoreau
Sorry for the mistake again, mnag@ noted this patch can be used without RSS_DIFF, so, here is a new diff, usging it as an option. ------------------------------------------------------------ Index: Makefile =================================================================== RCS file: /home/pcvs/ports/sysutils/ucspi-tcp/Makefile,v retrieving revision 1.24 diff -u -r1.24 Makefile --- Makefile 14 May 2006 13:30:24 -0000 1.24 +++ Makefile 2 Jun 2006 19:27:38 -0000 @@ -17,7 +17,8 @@ OPTIONS= MAN "Install man(1) pages" on \ RSS_DIFF "Patch rblsmtpd for qmail users" off \ - SSL "Adds support for SSL (Secure Socket Layer)" off + SSL "Adds support for SSL (Secure Socket Layer)" off \ + RBL2SMTPD "Don't drop connection, pass envvar to smtpd" off NO_PACKAGE= Unsure of djb's license @@ -49,6 +50,13 @@ PATCHFILES+= ucspi-tcp-ssl-20050405.patch.gz PATCH_DIST_STRIP= -p1 +.if defined(WITH_RBL2SMTPD) +PATCH_SITES+= ${MASTER_SITE_LOCAL} +PATCH_SITE_SUBDIR= garga/ucspi-tcp +PATCHFILES+= ucspi-tcp_rbl2smtpd.diff +PATCH_DIST_STRIP= -p1 +.endif + post-patch: @${REINPLACE_CMD} -e 's|#INCS=-I/usr/local/include|INCS=-I${OPENSSLBASE}/include|g; \ s|-lcrypto|-L${OPENSSLBASE}/lib |g' ${WRKSRC}/Makefile Index: distinfo =================================================================== RCS file: /home/pcvs/ports/sysutils/ucspi-tcp/distinfo,v retrieving revision 1.6 diff -u -r1.6 distinfo --- distinfo 6 Nov 2005 17:43:54 -0000 1.6 +++ distinfo 2 Jun 2006 19:27:38 -0000 @@ -1,8 +1,15 @@ MD5 (ucspi-tcp-0.88.tar.gz) = 39b619147db54687c4a583a7a94c9163 +SHA256 (ucspi-tcp-0.88.tar.gz) = 4a0615cab74886f5b4f7e8fd32933a07b955536a3476d74ea087a3ea66a23e9c SIZE (ucspi-tcp-0.88.tar.gz) = 53019 MD5 (ucspi-tcp-0.88-man.tar.gz) = d33160cbd43bccbc0963d0499dfcebdb +SHA256 (ucspi-tcp-0.88-man.tar.gz) = 09b1dd69ca3722b62c030abb27df9560cb72ff5d6247e4628e0c61e957b408ef SIZE (ucspi-tcp-0.88-man.tar.gz) = 7562 MD5 (ucspi-rss.diff) = 554ec0eb60f619667efde3fb5325310d +SHA256 (ucspi-rss.diff) = 5101354eb86d8e11edefd7b83df4e9c274a55b845f4cb2ce36dda912aced56f4 SIZE (ucspi-rss.diff) = 1828 MD5 (ucspi-tcp-ssl-20050405.patch.gz) = cbe2443539d5289ffb5ae2a036e0ba3d +SHA256 (ucspi-tcp-ssl-20050405.patch.gz) = 931ebeb9ca3ceb9394464aca0c4585048d04fc194fc5a9d4bb49bdd8ac249467 SIZE (ucspi-tcp-ssl-20050405.patch.gz) = 13173 +MD5 (ucspi-tcp_rbl2smtpd.diff) = ba6e320170ab4c386985a66e64d6b062 +SHA256 (ucspi-tcp_rbl2smtpd.diff) = 56b9e2692e22e52b61317f660ff6a9929a7e076aab032dc7a7fa74dff340b79b +SIZE (ucspi-tcp_rbl2smtpd.diff) = 1090 ------------------------------------------------------------ -- Renato Botelho <garga @ FreeBSD.org> <freebsd @ galle.com.br> GnuPG Key: http://www.FreeBSD.org/~garga/pubkey.asc A man was reading The Canterbury Tales one Saturday morning, when his wife asked "What have you got there?" Replied he, "Just my cup and Chaucer."
Renato Botelho wrote: > Sorry for the mistake again, mnag@ noted this patch can be used without > RSS_DIFF, so, here is a new diff, usging it as an option. My apologies for the delay. Please go ahead and commit this latest patch, it works for me. Thanks, -Dom
State Changed From-To: feedback->closed Committed. Thanks!