summaryrefslogtreecommitdiff
path: root/mail/poppassd
AgeCommit message (Collapse)AuthorFilesLines
2005-06-16Create directories before installing files into them.jlam1-1/+3
2005-06-15Fix the problem on NetBSD 3.0BETA and later noted by Martti Kuparinentaca3-27/+29
on tech-pkg. Bump PKGREVISION.
2005-06-14Explicitly disable use of PAM as before qpopper/Makefile.commontaca1-2/+2
related changes.
2005-06-13- Update Makefile along with qpopper/Makefile.common.taca2-1/+19
- Introduce poppassd own options.mk. No functional change to poppassd pkgsrc itself and this should fix poppassd build problem reported by Martti Kuparinen on tech-pkg@.
2005-06-01- Update poppassd to 4.0.8adrianp3-14/+10
- Thanks to taca@ and gavan@ for feedback and patch review - This also enables experimental PAM support (on platforms that support it) - Security fixes included - From the ChangeLog: Changes from 4.0.7 to 4.0.8: > --------------------------- > 1. Fix compilation error on HPUX. > 2. Fix some compilation warnings. > 3. Update man page with '-x' option. > 4. Fix problems with 'make install' > > > Changes from 4.0.6 to 4.0.7: > --------------------------- > 1. Fix '-V' for standalone. > 2. Include 'man' directory in tarball. > > > Changes from 4.0.5 to 4.0.6: > ---------------------------- > 1. Minor fixes for true64. > 2. Patch from Uli Zappe to fix SCRAM compilation bugs. > 3. Minor fixes for true64. > 4. poppassd now runs smbpasswd as user, not root, to avoid exploit > 5. Remove -traditional-cpp from the compiler options for Darwin > builds (otherwise build fails) > 6. Open stdout and stderr as O_WRONLY instead of O_RDONLY so that > should anything actually be written to them it will show up > 7. When configured as --with-pam and required, > include <pam/pam_appl.h> instead of <security/pam_appl.h> > (otherwise build fails) > 8. strdup the pw.pw_name field from getpwnam so that it's still > valid by the time genpath is called; also added corresponding > free (without this fix when the bug manifests, clients are > erroneously told there are 0 messages in the mail drop > regardless of the actual number) > 9. Add a pam bug workaround at the beginning of main to do a > pam_start and pam_end immediately when the program starts up > in order to avoid bogus authentication failed messages from > pam_authenticate later (only when configured as --with-pam) > [ Thanks to Kyle McKay for changes 5-9 ] > 10. Fixed error in configure script for Mac OS / Darwin. > 11. Support chained certs for OpenSSL [from Daniel Senie]. > 12. Fixes to compile better on Linux [from Daniel Senie]. > 13. X-UIDL header no longer written when Update_status_hdrs is false > [thanks to Helge Oldach] > 14. Now calling SSL_shutdown() again if it fails the first time. > 15. Now logging TLS errors when compiled with debugging and debug is > enabled (instead of either) [thanks to Maks N. Polunin]. > 16. Config file now always closed (not just on error). > 17. When using pam, Kerberos tickets are now destroyed. > Otherwise dead tickets accumulate in cache directory which runs > out of space quickly on busy server. Problem noted by Rodney > McDuff ITS UQ. (Directory permissions on ticket cache dir need > to be 1777). > 18. Always log "Servicing request" (instead of just when debugging is > on). This allows start of pop sessions to be logged always which > is useful for diagnosis of problems. > 19. Worked around problem on some systems causing SIGALRM to be masked, > leaving hung pop processes which should have timed out waiting > for a command from the client. > [ Thanks to David Shrimpton for changes 16-19 ] > 20. Now defaulting to "EXPIRE NEVER" instead of "EXPIRE 0". > 21. Fix core dump on 64-bit Solaris 2.8 [thanks to Kenny Nguyen] > 22. Log facility set on command line now applies to daemon as well. > [Thanks to Helge Oldach] > 23. '-y' to set log facility on command line now works again. > 24. Allow '-V' as synonym for '-v' (to see version). > 25. Process user and spool config files as user, not as root (fix > security hole reported by Jens Steube) > 26. Added "xtnd_xmit" as a boolean option to permit/deny XTND XMIT > and 'x' as a command-line option to disable it. You should > disable it unless you really need it, and even then it is better > to move to SMTP AUTH. > 27. popauth now opens trace file as user, not root (fix security > hole reported by Jens Steube); also umask now set. > 28. Fix race crash on FreeBSD (thanks to Martin Haller). > 29. Resolve some compiler warnings. > 30. Fix check for libcrypt on FreeBSD. > 31. Added sample pam configuration file (also installed by 'make > install') > 32. Use generic error msg and sleep in more auth failure cases. > 33. Added code to use mkstemp() instead of our perfectly safe usage > of tempnam() because some compilers issue overly broad warnings > implying that all uses of tempnam() are unsafe. To bypass, > use '--enable-tempnam' with ./configure.
2005-05-28- Share MASTER_SITES and HOMEPAGE with qpopper package usingtaca1-3/+3
QPOPPER_MASTER_SITES and QPOPPER_HOMEPAGE defined in ../qpopper/Makefile.common. No functional change.
2005-04-11Remove USE_BUILDLINK3 and NO_BUILDLINK; these are no longer used.tv1-2/+1
2005-02-24Add RMD160 digests.agc1-1/+3
2004-12-03Rename ALL_TARGET to BUILD_TARGET for consistency with other *_TARGETs.wiz1-2/+2
Suggested by Roland Illig, ok'd by various.
2004-10-20- fix a problem that poppassd(8) would hang with smbpasswd(1).taca6-29/+108
- make it work on Solaris; tested on SunOS 5.8. Bump package revision.
2004-04-18Convert to buildlink3.snj1-2/+2
2004-01-30Fix one error message to client.taca2-5/+5
2004-01-29Update poppassd pacakge to 4.0.5nb2.taca4-39/+223
- Catch child process exit. - Add "-o" option which provides compatibility with older poppassd, returning authentication error after "PASS" command not "NEWPASS" for some broken clients.
2003-04-29Update poppassd package to 4.0.5nb1.taca3-5/+6
Fix security problem, local root exploit. It is no need to install poppassd as setuid. Noted on bugtraq mailing list. http://www.securityfocus.com/archive/1/319811/2003-04-26/2003-05-02/0
2003-03-13Catch up to qpopper 4.0.5taca2-8/+7
Changes from 4.0.4 to 4.0.5: ---------------------------- 1. Add debug trace call with OpenSSL library version. 2. Added 'tls-options' configuration file option. 3. Added 'tls-workarounds' boolean option. 4. STLS errors (except for timeout) no longer fatal. 5. Added sample xinetd configuration file. 6. Additional checks for networking libraries. 7. Pick up LDFLAGS from environment, if set. 8. Added '--enable-32-bit' and '--enable-64-bit' 9. Applied patch from Jeremy Chadwick to fix pathname trimming in standalone mode. 10. Fixed (non-root) buffer overflow. 11. Fixed '-no-mime' appended to user name (reported by Florian Heinz). 12. Fixed response message when identical MDEFs defined multiple times (reported by Florian Heinz).
2002-09-18${PKG_PREFIX} -> ${PREFIX}grant1-2/+2
2002-09-09* buildlink1 --> buildlink2.jlam3-14/+18
* Pass the LDFLAGS through to the build process so that the final binaries are built with the appropriate -Wl,-R flags. This should fix pkg/18054. * Use ROOT_{USER,GROUP} instead of hardcoding "root" and "wheel" when installing poppassd.
2002-07-16Make it work smbpassword update function.taca3-19/+67
It seems that there was some deadlock between pty and child exiting. Bump PKGREVISION to 1.
2002-05-03- replace using INSTALL with MESSAGE.taca2-17/+2
- Share version with ../qpopper/Makefile.common.
2002-05-02Updated poppassd to 4.0.4martti4-25/+25
* Fixed DOS attack seen on some systems. * Fixed "noop has null function" log entry. * Allow '-p' to be used when APOP not defined (noted by Daniel Senie). * Enforce ClearTextPassword even without APOP (noted by Daniel Senie). * Restrict clear-text-password=never to APOP. * Restrict clear-text-password=tls to QPOP_SSL. * Fixed qpopper hanging on I/O error on some platforms.
2001-11-01Move pkg/ files into package's toplevel directoryzuntum4-5/+5
2001-09-09Move USE_BUILDLINK_ONLY definition out of Makefile.common and into thejlam1-1/+2
individual package Makefiles.
2001-07-26Some style clean up as qpopper package.taca2-11/+15
2001-06-10Importing poppassd included in qpopper 4.0.3 now.taca8-0/+309