- Update poppassd to 4.0.8
- Thanks to taca@ and gavan@ for feedback and patch review - This also enables experimental PAM support (on platforms that support it) - Security fixes included - From the ChangeLog: Changes from 4.0.7 to 4.0.8: > --------------------------- > 1. Fix compilation error on HPUX. > 2. Fix some compilation warnings. > 3. Update man page with '-x' option. > 4. Fix problems with 'make install' > > > Changes from 4.0.6 to 4.0.7: > --------------------------- > 1. Fix '-V' for standalone. > 2. Include 'man' directory in tarball. > > > Changes from 4.0.5 to 4.0.6: > ---------------------------- > 1. Minor fixes for true64. > 2. Patch from Uli Zappe to fix SCRAM compilation bugs. > 3. Minor fixes for true64. > 4. poppassd now runs smbpasswd as user, not root, to avoid exploit > 5. Remove -traditional-cpp from the compiler options for Darwin > builds (otherwise build fails) > 6. Open stdout and stderr as O_WRONLY instead of O_RDONLY so that > should anything actually be written to them it will show up > 7. When configured as --with-pam and required, > include <pam/pam_appl.h> instead of <security/pam_appl.h> > (otherwise build fails) > 8. strdup the pw.pw_name field from getpwnam so that it's still > valid by the time genpath is called; also added corresponding > free (without this fix when the bug manifests, clients are > erroneously told there are 0 messages in the mail drop > regardless of the actual number) > 9. Add a pam bug workaround at the beginning of main to do a > pam_start and pam_end immediately when the program starts up > in order to avoid bogus authentication failed messages from > pam_authenticate later (only when configured as --with-pam) > [ Thanks to Kyle McKay for changes 5-9 ] > 10. Fixed error in configure script for Mac OS / Darwin. > 11. Support chained certs for OpenSSL [from Daniel Senie]. > 12. Fixes to compile better on Linux [from Daniel Senie]. > 13. X-UIDL header no longer written when Update_status_hdrs is false > [thanks to Helge Oldach] > 14. Now calling SSL_shutdown() again if it fails the first time. > 15. Now logging TLS errors when compiled with debugging and debug is > enabled (instead of either) [thanks to Maks N. Polunin]. > 16. Config file now always closed (not just on error). > 17. When using pam, Kerberos tickets are now destroyed. > Otherwise dead tickets accumulate in cache directory which runs > out of space quickly on busy server. Problem noted by Rodney > McDuff ITS UQ. (Directory permissions on ticket cache dir need > to be 1777). > 18. Always log "Servicing request" (instead of just when debugging is > on). This allows start of pop sessions to be logged always which > is useful for diagnosis of problems. > 19. Worked around problem on some systems causing SIGALRM to be masked, > leaving hung pop processes which should have timed out waiting > for a command from the client. > [ Thanks to David Shrimpton for changes 16-19 ] > 20. Now defaulting to "EXPIRE NEVER" instead of "EXPIRE 0". > 21. Fix core dump on 64-bit Solaris 2.8 [thanks to Kenny Nguyen] > 22. Log facility set on command line now applies to daemon as well. > [Thanks to Helge Oldach] > 23. '-y' to set log facility on command line now works again. > 24. Allow '-V' as synonym for '-v' (to see version). > 25. Process user and spool config files as user, not as root (fix > security hole reported by Jens Steube) > 26. Added "xtnd_xmit" as a boolean option to permit/deny XTND XMIT > and 'x' as a command-line option to disable it. You should > disable it unless you really need it, and even then it is better > to move to SMTP AUTH. > 27. popauth now opens trace file as user, not root (fix security > hole reported by Jens Steube); also umask now set. > 28. Fix race crash on FreeBSD (thanks to Martin Haller). > 29. Resolve some compiler warnings. > 30. Fix check for libcrypt on FreeBSD. > 31. Added sample pam configuration file (also installed by 'make > install') > 32. Use generic error msg and sleep in more auth failure cases. > 33. Added code to use mkstemp() instead of our perfectly safe usage > of tempnam() because some compilers issue overly broad warnings > implying that all uses of tempnam() are unsafe. To bypass, > use '--enable-tempnam' with ./configure.
This commit is contained in:
parent
dbd3bcb3db
commit
bc386bed51
3 changed files with 10 additions and 14 deletions
|
@ -1,5 +1,5 @@
|
|||
===========================================================================
|
||||
$NetBSD: MESSAGE,v 1.2 2002/09/18 16:15:50 grant Exp $
|
||||
$NetBSD: MESSAGE,v 1.3 2005/06/01 21:00:39 adrianp Exp $
|
||||
|
||||
In order to enable poppassd service, you should add the following line
|
||||
to your /etc/services:
|
||||
|
@ -9,5 +9,6 @@ to your /etc/services:
|
|||
And /etc/inetd.conf:
|
||||
|
||||
poppass stream tcp nowait root ${PREFIX}/libexec/poppassd poppassd
|
||||
poppass stream tcp6 nowait root ${PREFIX}/libexec/poppassd poppassd
|
||||
|
||||
===========================================================================
|
||||
|
|
|
@ -1,16 +1,11 @@
|
|||
# $NetBSD: Makefile,v 1.15 2005/05/28 02:57:22 taca Exp $
|
||||
# $NetBSD: Makefile,v 1.16 2005/06/01 21:00:39 adrianp Exp $
|
||||
#
|
||||
|
||||
DISTNAME= qpopper${VERSION}
|
||||
PKGNAME= poppassd-${VERSION}
|
||||
PKGREVISION= 3
|
||||
CATEGORIES= mail
|
||||
MASTER_SITES= ${QPOPPER_MASTER_SITES}
|
||||
|
||||
PATCH_SITES= http://www.imasy.or.jp/~ume/ipv6/
|
||||
PATCHFILES= qpopper-4.0.5-ipv6-20030313.diff.gz
|
||||
PATCH_DIST_STRIP= -p1
|
||||
|
||||
MAINTAINER= mellon@fugue.com
|
||||
HOMEPAGE= ${QPOPPER_HOMEPAGE}
|
||||
COMMENT= Qualcomm's password change server mainly for Eudora
|
||||
|
|
|
@ -1,11 +1,11 @@
|
|||
$NetBSD: distinfo,v 1.10 2005/02/24 09:59:26 agc Exp $
|
||||
$NetBSD: distinfo,v 1.11 2005/06/01 21:00:39 adrianp Exp $
|
||||
|
||||
SHA1 (qpopper4.0.5.tar.gz) = 726d40da2210bf4b82541a28971986e6a3d9e1a5
|
||||
RMD160 (qpopper4.0.5.tar.gz) = e05c1b0823c8942d791c7b48af82e278a51591d2
|
||||
Size (qpopper4.0.5.tar.gz) = 2281284 bytes
|
||||
SHA1 (qpopper-4.0.5-ipv6-20030313.diff.gz) = 31858d41e1dab90019152d957a7ea3d69fe085b0
|
||||
RMD160 (qpopper-4.0.5-ipv6-20030313.diff.gz) = b9d4329496ed427ca46c8981a2888f4471269737
|
||||
Size (qpopper-4.0.5-ipv6-20030313.diff.gz) = 60773 bytes
|
||||
SHA1 (qpopper4.0.8.tar.gz) = 161038e6088b4952eedaf85fafa9f3b10eb40a01
|
||||
RMD160 (qpopper4.0.8.tar.gz) = 4a1dc2aaa6ef1330a76dfed5330d658a45e7d1d2
|
||||
Size (qpopper4.0.8.tar.gz) = 2766902 bytes
|
||||
SHA1 (qpopper4.0.8-ipv6-20050515.diff.gz) = 3ccd51fa8fb1633c34dee19e6d50351cb649a3c1
|
||||
RMD160 (qpopper4.0.8-ipv6-20050515.diff.gz) = 0ca9a8893e31933d8bf33a3cfa4d88fde511ed5e
|
||||
Size (qpopper4.0.8-ipv6-20050515.diff.gz) = 11479 bytes
|
||||
SHA1 (patch-aa) = 0dd1bdc832d00bd640e7003afea28f0d90c2f975
|
||||
SHA1 (patch-ab) = 713698d5834b569a0ee08088567a71e218d50550
|
||||
SHA1 (patch-ac) = db8329f0937554be80a88f4754b37f3a69bd70aa
|
||||
|
|
Loading…
Reference in a new issue