diff options
| author | adrianp <adrianp> | 2005-06-01 21:00:39 +0000 |
|---|---|---|
| committer | adrianp <adrianp> | 2005-06-01 21:00:39 +0000 |
| commit | 699c4f89d853f9ab1f2efdb2798ac1e52b409ba4 (patch) | |
| tree | 022165202d6840ca43b06e2c4db4a7d3d4727393 | |
| parent | c93dbb4894c1edab3213eb51e0775883ff109c81 (diff) | |
| download | pkgsrc-699c4f89d853f9ab1f2efdb2798ac1e52b409ba4.tar.gz | |
- Update poppassd to 4.0.8
- Thanks to taca@ and gavan@ for feedback and patch review
- This also enables experimental PAM support (on platforms that support it)
- Security fixes included
- From the ChangeLog:
Changes from 4.0.7 to 4.0.8:
> ---------------------------
> 1. Fix compilation error on HPUX.
> 2. Fix some compilation warnings.
> 3. Update man page with '-x' option.
> 4. Fix problems with 'make install'
>
>
> Changes from 4.0.6 to 4.0.7:
> ---------------------------
> 1. Fix '-V' for standalone.
> 2. Include 'man' directory in tarball.
>
>
> Changes from 4.0.5 to 4.0.6:
> ----------------------------
> 1. Minor fixes for true64.
> 2. Patch from Uli Zappe to fix SCRAM compilation bugs.
> 3. Minor fixes for true64.
> 4. poppassd now runs smbpasswd as user, not root, to avoid exploit
> 5. Remove -traditional-cpp from the compiler options for Darwin
> builds (otherwise build fails)
> 6. Open stdout and stderr as O_WRONLY instead of O_RDONLY so that
> should anything actually be written to them it will show up
> 7. When configured as --with-pam and required,
> include <pam/pam_appl.h> instead of <security/pam_appl.h>
> (otherwise build fails)
> 8. strdup the pw.pw_name field from getpwnam so that it's still
> valid by the time genpath is called; also added corresponding
> free (without this fix when the bug manifests, clients are
> erroneously told there are 0 messages in the mail drop
> regardless of the actual number)
> 9. Add a pam bug workaround at the beginning of main to do a
> pam_start and pam_end immediately when the program starts up
> in order to avoid bogus authentication failed messages from
> pam_authenticate later (only when configured as --with-pam)
> [ Thanks to Kyle McKay for changes 5-9 ]
> 10. Fixed error in configure script for Mac OS / Darwin.
> 11. Support chained certs for OpenSSL [from Daniel Senie].
> 12. Fixes to compile better on Linux [from Daniel Senie].
> 13. X-UIDL header no longer written when Update_status_hdrs is false
> [thanks to Helge Oldach]
> 14. Now calling SSL_shutdown() again if it fails the first time.
> 15. Now logging TLS errors when compiled with debugging and debug is
> enabled (instead of either) [thanks to Maks N. Polunin].
> 16. Config file now always closed (not just on error).
> 17. When using pam, Kerberos tickets are now destroyed.
> Otherwise dead tickets accumulate in cache directory which runs
> out of space quickly on busy server. Problem noted by Rodney
> McDuff ITS UQ. (Directory permissions on ticket cache dir need
> to be 1777).
> 18. Always log "Servicing request" (instead of just when debugging is
> on). This allows start of pop sessions to be logged always which
> is useful for diagnosis of problems.
> 19. Worked around problem on some systems causing SIGALRM to be masked,
> leaving hung pop processes which should have timed out waiting
> for a command from the client.
> [ Thanks to David Shrimpton for changes 16-19 ]
> 20. Now defaulting to "EXPIRE NEVER" instead of "EXPIRE 0".
> 21. Fix core dump on 64-bit Solaris 2.8 [thanks to Kenny Nguyen]
> 22. Log facility set on command line now applies to daemon as well.
> [Thanks to Helge Oldach]
> 23. '-y' to set log facility on command line now works again.
> 24. Allow '-V' as synonym for '-v' (to see version).
> 25. Process user and spool config files as user, not as root (fix
> security hole reported by Jens Steube)
> 26. Added "xtnd_xmit" as a boolean option to permit/deny XTND XMIT
> and 'x' as a command-line option to disable it. You should
> disable it unless you really need it, and even then it is better
> to move to SMTP AUTH.
> 27. popauth now opens trace file as user, not root (fix security
> hole reported by Jens Steube); also umask now set.
> 28. Fix race crash on FreeBSD (thanks to Martin Haller).
> 29. Resolve some compiler warnings.
> 30. Fix check for libcrypt on FreeBSD.
> 31. Added sample pam configuration file (also installed by 'make
> install')
> 32. Use generic error msg and sleep in more auth failure cases.
> 33. Added code to use mkstemp() instead of our perfectly safe usage
> of tempnam() because some compilers issue overly broad warnings
> implying that all uses of tempnam() are unsafe. To bypass,
> use '--enable-tempnam' with ./configure.
| -rw-r--r-- | mail/poppassd/MESSAGE | 3 | ||||
| -rw-r--r-- | mail/poppassd/Makefile | 7 | ||||
| -rw-r--r-- | mail/poppassd/distinfo | 14 |
3 files changed, 10 insertions, 14 deletions
diff --git a/mail/poppassd/MESSAGE b/mail/poppassd/MESSAGE index af534c18368..5d8c4fdde77 100644 --- a/mail/poppassd/MESSAGE +++ b/mail/poppassd/MESSAGE @@ -1,5 +1,5 @@ =========================================================================== -$NetBSD: MESSAGE,v 1.2 2002/09/18 16:15:50 grant Exp $ +$NetBSD: MESSAGE,v 1.3 2005/06/01 21:00:39 adrianp Exp $ In order to enable poppassd service, you should add the following line to your /etc/services: @@ -9,5 +9,6 @@ to your /etc/services: And /etc/inetd.conf: poppass stream tcp nowait root ${PREFIX}/libexec/poppassd poppassd + poppass stream tcp6 nowait root ${PREFIX}/libexec/poppassd poppassd =========================================================================== diff --git a/mail/poppassd/Makefile b/mail/poppassd/Makefile index d62503ab6a2..ad6a07f31d5 100644 --- a/mail/poppassd/Makefile +++ b/mail/poppassd/Makefile @@ -1,16 +1,11 @@ -# $NetBSD: Makefile,v 1.15 2005/05/28 02:57:22 taca Exp $ +# $NetBSD: Makefile,v 1.16 2005/06/01 21:00:39 adrianp Exp $ # DISTNAME= qpopper${VERSION} PKGNAME= poppassd-${VERSION} -PKGREVISION= 3 CATEGORIES= mail MASTER_SITES= ${QPOPPER_MASTER_SITES} -PATCH_SITES= http://www.imasy.or.jp/~ume/ipv6/ -PATCHFILES= qpopper-4.0.5-ipv6-20030313.diff.gz -PATCH_DIST_STRIP= -p1 - MAINTAINER= mellon@fugue.com HOMEPAGE= ${QPOPPER_HOMEPAGE} COMMENT= Qualcomm's password change server mainly for Eudora diff --git a/mail/poppassd/distinfo b/mail/poppassd/distinfo index 618d52f0d73..2e44755c040 100644 --- a/mail/poppassd/distinfo +++ b/mail/poppassd/distinfo @@ -1,11 +1,11 @@ -$NetBSD: distinfo,v 1.10 2005/02/24 09:59:26 agc Exp $ +$NetBSD: distinfo,v 1.11 2005/06/01 21:00:39 adrianp Exp $ -SHA1 (qpopper4.0.5.tar.gz) = 726d40da2210bf4b82541a28971986e6a3d9e1a5 -RMD160 (qpopper4.0.5.tar.gz) = e05c1b0823c8942d791c7b48af82e278a51591d2 -Size (qpopper4.0.5.tar.gz) = 2281284 bytes -SHA1 (qpopper-4.0.5-ipv6-20030313.diff.gz) = 31858d41e1dab90019152d957a7ea3d69fe085b0 -RMD160 (qpopper-4.0.5-ipv6-20030313.diff.gz) = b9d4329496ed427ca46c8981a2888f4471269737 -Size (qpopper-4.0.5-ipv6-20030313.diff.gz) = 60773 bytes +SHA1 (qpopper4.0.8.tar.gz) = 161038e6088b4952eedaf85fafa9f3b10eb40a01 +RMD160 (qpopper4.0.8.tar.gz) = 4a1dc2aaa6ef1330a76dfed5330d658a45e7d1d2 +Size (qpopper4.0.8.tar.gz) = 2766902 bytes +SHA1 (qpopper4.0.8-ipv6-20050515.diff.gz) = 3ccd51fa8fb1633c34dee19e6d50351cb649a3c1 +RMD160 (qpopper4.0.8-ipv6-20050515.diff.gz) = 0ca9a8893e31933d8bf33a3cfa4d88fde511ed5e +Size (qpopper4.0.8-ipv6-20050515.diff.gz) = 11479 bytes SHA1 (patch-aa) = 0dd1bdc832d00bd640e7003afea28f0d90c2f975 SHA1 (patch-ab) = 713698d5834b569a0ee08088567a71e218d50550 SHA1 (patch-ac) = db8329f0937554be80a88f4754b37f3a69bd70aa |