diff options
author | salo <salo@pkgsrc.org> | 2005-06-05 18:35:25 +0000 |
---|---|---|
committer | salo <salo@pkgsrc.org> | 2005-06-05 18:35:25 +0000 |
commit | c2dd9c1fb4ba3aa6de93946baa9be6f08d9e6404 (patch) | |
tree | 12c608345dfd37d9f76f5f85770b0d577b4ddf72 /mail/qpopper/patches/patch-am | |
parent | a74ca966eedb62417c1458b6be22c596f4ff0fd3 (diff) | |
download | pkgsrc-c2dd9c1fb4ba3aa6de93946baa9be6f08d9e6404.tar.gz |
Pullup ticket 539 - requested by Adrian Portelli
security update for qpopper
Revisions pulled up:
- pkgsrc/mail/qpopper/Makefile 1.49-1.50
- pkgsrc/mail/qpopper/Makefile.common 1.14-1.15
- pkgsrc/mail/qpopper/PLIST 1.4
- pkgsrc/mail/qpopper/distinfo 1.12
- pkgsrc/mail/qpopper/options.mk patched by hand (parts of 1.5-1.6)
- pkgsrc/mail/qpopper/patches/patch-am 1.4
- pkgsrc/mail/qpopper/patches/patch-ao removed
- pkgsrc/mail/qpopper/patches/patch-ap 1.3
Module Name: pkgsrc
Committed By: taca
Date: Sat May 28 02:55:43 UTC 2005
Modified Files:
pkgsrc/mail/qpopper: Makefile Makefile.common PLIST
Log Message:
- Sort PLIST.
- Share MASTER_SITES and HOMEPAGE with poppassd package with introducing
QPOPPER_MASTER_SITES and QPOPPER_HOMEPAGE in Makefile.common.
No functional change.
---
Module Name: pkgsrc
Committed By: adrianp
Date: Wed Jun 1 20:55:16 UTC 2005
Modified Files:
pkgsrc/mail/qpopper: Makefile Makefile.common distinfo options.mk
pkgsrc/mail/qpopper/patches: patch-am patch-ap
Removed Files:
pkgsrc/mail/qpopper/patches: patch-ao
Log Message:
- Update qpopper to 4.0.8
- Thanks to taca@ and gavan@ for feedback and patch review
- This also enables experimental PAM support (on platforms that support it)
- Security fixes included
- From the ChangeLog:
> Changes from 4.0.7 to 4.0.8:
> ---------------------------
> 1. Fix compilation error on HPUX.
> 2. Fix some compilation warnings.
> 3. Update man page with '-x' option.
> 4. Fix problems with 'make install'
>
>
> Changes from 4.0.6 to 4.0.7:
> ---------------------------
> 1. Fix '-V' for standalone.
> 2. Include 'man' directory in tarball.
>
>
> Changes from 4.0.5 to 4.0.6:
> ----------------------------
> 1. Minor fixes for true64.
> 2. Patch from Uli Zappe to fix SCRAM compilation bugs.
> 3. Minor fixes for true64.
> 4. poppassd now runs smbpasswd as user, not root, to avoid exploit
> 5. Remove -traditional-cpp from the compiler options for Darwin
> builds (otherwise build fails)
> 6. Open stdout and stderr as O_WRONLY instead of O_RDONLY so that
> should anything actually be written to them it will show up
> 7. When configured as --with-pam and required,
> include <pam/pam_appl.h> instead of <security/pam_appl.h>
> (otherwise build fails)
> 8. strdup the pw.pw_name field from getpwnam so that it's still
> valid by the time genpath is called; also added corresponding
> free (without this fix when the bug manifests, clients are
> erroneously told there are 0 messages in the mail drop
> regardless of the actual number)
> 9. Add a pam bug workaround at the beginning of main to do a
> pam_start and pam_end immediately when the program starts up
> in order to avoid bogus authentication failed messages from
> pam_authenticate later (only when configured as --with-pam)
> [ Thanks to Kyle McKay for changes 5-9 ]
> 10. Fixed error in configure script for Mac OS / Darwin.
> 11. Support chained certs for OpenSSL [from Daniel Senie].
> 12. Fixes to compile better on Linux [from Daniel Senie].
> 13. X-UIDL header no longer written when Update_status_hdrs is false
> [thanks to Helge Oldach]
> 14. Now calling SSL_shutdown() again if it fails the first time.
> 15. Now logging TLS errors when compiled with debugging and debug is
> enabled (instead of either) [thanks to Maks N. Polunin].
> 16. Config file now always closed (not just on error).
> 17. When using pam, Kerberos tickets are now destroyed.
> Otherwise dead tickets accumulate in cache directory which runs
> out of space quickly on busy server. Problem noted by Rodney
> McDuff ITS UQ. (Directory permissions on ticket cache dir need
> to be 1777).
> 18. Always log "Servicing request" (instead of just when debugging is
> on). This allows start of pop sessions to be logged always which
> is useful for diagnosis of problems.
> 19. Worked around problem on some systems causing SIGALRM to be masked,
> leaving hung pop processes which should have timed out waiting
> for a command from the client.
> [ Thanks to David Shrimpton for changes 16-19 ]
> 20. Now defaulting to "EXPIRE NEVER" instead of "EXPIRE 0".
> 21. Fix core dump on 64-bit Solaris 2.8 [thanks to Kenny Nguyen]
> 22. Log facility set on command line now applies to daemon as well.
> [Thanks to Helge Oldach]
> 23. '-y' to set log facility on command line now works again.
> 24. Allow '-V' as synonym for '-v' (to see version).
> 25. Process user and spool config files as user, not as root (fix
> security hole reported by Jens Steube)
> 26. Added "xtnd_xmit" as a boolean option to permit/deny XTND XMIT
> and 'x' as a command-line option to disable it. You should
> disable it unless you really need it, and even then it is better
> to move to SMTP AUTH.
> 27. popauth now opens trace file as user, not root (fix security
> hole reported by Jens Steube); also umask now set.
> 28. Fix race crash on FreeBSD (thanks to Martin Haller).
> 29. Resolve some compiler warnings.
> 30. Fix check for libcrypt on FreeBSD.
> 31. Added sample pam configuration file (also installed by 'make
> install')
> 32. Use generic error msg and sleep in more auth failure cases.
> 33. Added code to use mkstemp() instead of our perfectly safe usage
> of tempnam() because some compilers issue overly broad warnings
> implying that all uses of tempnam() are unsafe. To bypass,
> use '--enable-tempnam' with ./configure.
---
Module Name: pkgsrc
Committed By: adrianp
Date: Wed Jun 1 21:09:02 UTC 2005
Modified Files:
pkgsrc/mail/qpopper: options.mk
Log Message:
- Add a note for PAM
Diffstat (limited to 'mail/qpopper/patches/patch-am')
-rw-r--r-- | mail/qpopper/patches/patch-am | 58 |
1 files changed, 31 insertions, 27 deletions
diff --git a/mail/qpopper/patches/patch-am b/mail/qpopper/patches/patch-am index 0414c68c0e1..67c05b33855 100644 --- a/mail/qpopper/patches/patch-am +++ b/mail/qpopper/patches/patch-am @@ -1,17 +1,17 @@ -$NetBSD: patch-am,v 1.3 2004/05/06 13:46:23 taca Exp $ +$NetBSD: patch-am,v 1.3.8.1 2005/06/05 18:35:25 salo Exp $ ---- popper/Makefile.in.orig Thu Mar 13 11:06:36 2003 +--- popper/Makefile.in.orig 2005-05-13 20:20:11.000000000 +0100 +++ popper/Makefile.in -@@ -90,6 +90,8 @@ VPATH = @srcdir@ +@@ -96,6 +96,8 @@ VPATH = @srcdir@ prefix = @prefix@ exec_prefix = @exec_prefix@ installdir = @sbindir@ +libexecdir = @libexecdir@ -+sbindir = @sbindir@ ++sbindir = @sbindir@ popper_srcdir = ${top_srcdir}/popper qd_srcdir = ${top_srcdir}/qd -@@ -108,17 +110,20 @@ password_dir = ${base_dir}/password +@@ -114,17 +116,20 @@ password_dir = ${base_dir}/password OBJS = pop_dele.o pop_dropcopy.o \ @@ -27,15 +27,15 @@ $NetBSD: patch-am,v 1.3 2004/05/06 13:46:23 taca Exp $ pop_extend.o scram.o hmac.o base64.o pop_util.o \ get_sub_opt.o msg_ptr.o drac.o pop_config.o pop_tls.o \ pop_tls_openssl.o pop_tls_sslplus.o sslplus_utils.o \ -- main.o pop_cache.o genpath.o -+ pop_cache.o genpath.o +- main.o pop_cache.o genpath.o ++ pop_cache.o genpath.o + +INETDOBJ = main.o pop_init.o +STANDOBJ = main-stand.o pop_init-stand.o SRCS = pop_dele.c pop_dropcopy.c \ pop_get_command.c pop_get_subcommand.c pop_init.c \ -@@ -126,7 +131,7 @@ SRCS = pop_dele.c pop_dropc +@@ -132,7 +137,7 @@ SRCS = pop_dele.c pop_dropc pop_msg.c pop_parse.c pop_pass.c pop_quit.c \ pop_rset.c pop_send.c pop_stat.c pop_updt.c \ pop_user.c pop_xtnd.c pop_xmit.c popper.c \ @@ -44,7 +44,7 @@ $NetBSD: patch-am,v 1.3 2004/05/06 13:46:23 taca Exp $ pop_rpop.c pop_apop.c md5.c pop_auth.c pop_pope.c \ pop_extend.c scram.c hmac.c base64.c pop_util.c \ get_sub_opt.c msg_ptr.c drac.c pop_config.c pop_tls.c \ -@@ -174,7 +179,7 @@ SSL_INC = @SSL_DIR_INC@ +@@ -181,7 +186,7 @@ USE_PAM = @USE_PAM@ .SUFFIXES: .c .o @@ -53,7 +53,7 @@ $NetBSD: patch-am,v 1.3 2004/05/06 13:46:23 taca Exp $ mangler_library: cd ${mmangle_dir} && ${MAKE} all -@@ -182,13 +187,18 @@ mangler_library: +@@ -189,13 +194,18 @@ mangler_library: common_library: cd ${common_dir} && ${MAKE} all @@ -75,20 +75,20 @@ $NetBSD: patch-am,v 1.3 2004/05/06 13:46:23 taca Exp $ ${common_dir}/libcommon.a poppassd: common_library -@@ -199,21 +209,32 @@ poppassd: common_library +@@ -206,22 +216,36 @@ poppassd: common_library -I${mmangle_srcdir} -I${common_srcdir} ${SSL_INC} \ ${CFLAGS} ${DEFS} ${CDEFS} ${OS_DEFS} $< -o $@ +main-stand.o: main.c + ${CC} -c -I${base_dir} -I${top_srcdir} -I${srcdir} \ -+ -I${mmangle_srcdir} -I${common_srcdir} ${SSL_INC} \ -+ ${CFLAGS} ${DEFS} ${CDEFS} ${OS_DEFS} -DSTANDALONE \ ++ -I${mmangle_srcdir} -I${common_srcdir} ${SSL_INC} \ ++ ${CFLAGS} ${DEFS} ${CDEFS} ${OS_DEFS} -DSTANDALONE \ + -o $@ main.c + +pop_init-stand.o: pop_init.c + ${CC} -c -I${base_dir} -I${top_srcdir} -I${srcdir} \ -+ -I${mmangle_srcdir} -I${common_srcdir} ${SSL_INC} \ -+ ${CFLAGS} ${DEFS} ${CDEFS} ${OS_DEFS} -DSTANDALONE \ ++ -I${mmangle_srcdir} -I${common_srcdir} ${SSL_INC} \ ++ ${CFLAGS} ${DEFS} ${CDEFS} ${OS_DEFS} -DSTANDALONE \ + -o $@ pop_init.c + ${SRCS}: @@ -99,23 +99,27 @@ $NetBSD: patch-am,v 1.3 2004/05/06 13:46:23 taca Exp $ - echo "Installed popper as ${installdir}/popper" - if [ "x${poppassd}" != "x" ]; then \ - cd ${password_dir} && ${MAKE} $@ ;\ -- fi -- if [ "x${pop_auth}" != "x" ]; then \ -- ${INSTALL} -s -m 4755 -o ${apop_uid} -g 0 ${pop_auth} \ -- ${installdir}/${pop_auth}; \ -- echo "Installed popauth as ${installdir}/${pop_auth} " \ +install: popper popper-standalone ${pop_auth} + ${INSTALL} -s -m 0755 -o root popper ${libexecdir}/qpopper -+ @echo "Installed popper as ${libexecdir}/qpopper" ++ echo "Installed popper as ${libexecdir}/qpopper" + ${INSTALL} -s -m 0755 -o root popper-standalone ${sbindir}/qpopper + @echo "Installed standalone popper as ${sbindir}/qpopper" + @if [ "x${pop_auth}" != "x" ]; then \ -+ ${INSTALL} -s -m 4755 -o ${apop_uid} -g ${BINGRP} ${pop_auth} \ -+ ${sbindir}/q${pop_auth}; \ -+ echo "Installed popauth as ${sbindir}/q${pop_auth} " \ - "with uid ${apop_uid}"; \ ++ ${INSTALL} -s -m 4755 -o ${apop_uid} -g ${BINGRP} ${pop_auth} \ ++ ${sbindir}/q${pop_auth}; \ ++ echo "Installed popauth as ${sbindir}/q${pop_auth} " \ ++ "with uid ${apop_uid}"; \ ++ ${sbindir}/q${pop_auth} -init -safe; \ + fi + +- if [ "x${pop_auth}" != "x" ]; then \ +- ${INSTALL} -s -m 4755 -o ${apop_uid} -g 0 ${pop_auth} \ +- ${installdir}/${pop_auth}; \ +- echo "Installed popauth as ${installdir}/${pop_auth} " \ +- "with uid ${apop_uid}"; \ - ${installdir}/${pop_auth} -init -safe; \ -+ ${sbindir}/q${pop_auth} -init -safe; \ ++ if [ "x${poppassd}" != "x" ]; then \ ++ cd ${password_dir} && ${MAKE} $@ ;\ fi - clean: + if [ "x${USE_PAM}" != "x" ]; then \ |