rpms/ssmtp/EL-4 ssmtp-default-cert-path.patch, NONE, 1.1 ssmtp-standardise.patch, NONE, 1.1 ssmtp.spec, 1.12, 1.13
Manuel Wolfshant
wolfy at fedoraproject.org
Tue Apr 20 01:22:14 UTC 2010
Author: wolfy
Update of /cvs/pkgs/rpms/ssmtp/EL-4
In directory cvs01.phx2.fedoraproject.org:/tmp/cvs-serv13129
Modified Files:
ssmtp.spec
Added Files:
ssmtp-default-cert-path.patch ssmtp-standardise.patch
Log Message:
* Tue Apr 20 2010 Manuel "lonely wolf" Wolfshant <wolfy at fedoraproject.org> 2.61-14
- use Fedora's default TLS cert path (close #553734)
- add Debian's patch for "send-mail: standardise() -- Buffer overflow"
(close #582236)
ssmtp-default-cert-path.patch:
ssmtp.c | 2 +-
ssmtp.conf | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
--- NEW FILE ssmtp-default-cert-path.patch ---
diff -up ssmtp-2.61/ssmtp.conf.orig ssmtp-2.61/ssmtp.conf
--- ssmtp-2.61/ssmtp.conf.orig 2010-04-20 02:29:08.599233791 +0300
+++ ssmtp-2.61/ssmtp.conf 2010-04-20 02:29:43.930234176 +0300
@@ -38,7 +38,7 @@ mailhub=mail
#UseTLSCert=YES
# Use this RSA certificate.
-#TLSCert=/etc/ssl/certs/ssmtp.pem
+#TLSCert=/etc/pki/tls/private/ssmtp.pem
# Get enhanced (*really* enhanced) debugging information in the logs
# If you want to have debugging of the config file parsing, move this option
diff -up ssmtp-2.61/ssmtp.c.orig ssmtp-2.61/ssmtp.c
--- ssmtp-2.61/ssmtp.c.orig 2010-04-20 02:26:41.383363866 +0300
+++ ssmtp-2.61/ssmtp.c 2010-04-20 02:28:57.888234422 +0300
@@ -71,7 +71,7 @@ char *minus_F = (char)NULL;
char *gecos;
char *prog = (char)NULL;
char *root = NULL;
-char *tls_cert = "/etc/ssl/certs/ssmtp.pem"; /* Default Certificate */
+char *tls_cert = "/etc/pki/tls/private/ssmtp.pem"; /* Default Certificate */
char *uad = (char)NULL;
char *config_file = (char)NULL; /* alternate configuration file */
ssmtp-standardise.patch:
ssmtp.c | 65 ++++++++++++++++++++++++++++++++++++++--------------------------
1 file changed, 39 insertions(+), 26 deletions(-)
--- NEW FILE ssmtp-standardise.patch ---
diff -up ssmtp-2.61/ssmtp.c.orig ssmtp-2.61/ssmtp.c
--- ssmtp-2.61/ssmtp.c.orig 2010-04-20 02:35:29.787660523 +0300
+++ ssmtp-2.61/ssmtp.c 2010-04-20 02:49:49.010048173 +0300
@@ -351,28 +351,26 @@ char *append_domain(char *str)
/*
standardise() -- Trim off '\n's and double leading dots
*/
-void standardise(char *str)
+bool_t standardise(char *str, bool_t *linestart)
{
size_t sl;
char *p;
-
- if((p = strchr(str, '\n'))) {
- *p = (char)NULL;
- }
+ bool_t leadingdot = False;
/* Any line beginning with a dot has an additional dot inserted;
- not just a line consisting solely of a dot. Thus we have to slide
- the buffer down one */
- sl = strlen(str);
+ not just a line consisting solely of a dot. Thus we have to move
+ the buffer start up one */
- if(*str == '.') {
- if((sl + 2) > BUF_SZ) {
- die("standardise() -- Buffer overflow");
- }
- (void)memmove((str + 1), str, (sl + 1)); /* Copy trailing \0 */
+ if(*linestart && *str == '.') {
+ leadingdot = True;
+ }
+ *linestart = False;
- *str = '.';
+ if((p = strchr(str, '\n'))) {
+ *p = (char)NULL;
+ *linestart = True;
}
+ return(leadingdot);
}
/*
@@ -1417,12 +1415,12 @@ smtp_write() -- A printf to an fd and ap
*/
ssize_t smtp_write(int fd, char *format, ...)
{
- char buf[(BUF_SZ + 1)];
+ char buf[(BUF_SZ + 2)];
va_list ap;
ssize_t outbytes = 0;
va_start(ap, format);
- if(vsnprintf(buf, (BUF_SZ - 2), format, ap) == -1) {
+ if(vsnprintf(buf, (BUF_SZ - 1), format, ap) == -1) {
die("smtp_write() -- vsnprintf() failed");
}
va_end(ap);
@@ -1460,16 +1458,18 @@ ssmtp() -- send the message (exactly one
*/
int ssmtp(char *argv[])
{
- char buf[(BUF_SZ + 1)], *p, *q;
+ char b[(BUF_SZ + 2)], *buf = b+1, *p, *q;
#ifdef MD5AUTH
char challenge[(BUF_SZ + 1)];
#endif
struct passwd *pw;
int i, sock;
uid_t uid;
- bool_t minus_v_save;
+ bool_t minus_v_save, leadingdot, linestart = True;
int timeout = 0;
+ int bufsize = sizeof(b)-1;
+ b[0] = '.';
outbytes = 0;
ht = &headers;
@@ -1552,12 +1552,12 @@ int ssmtp(char *argv[])
}
strncpy(challenge, strchr(buf,' ') + 1, sizeof(challenge));
- memset(buf, 0, sizeof(buf));
+ memset(buf, 0, bufsize);
crammd5(challenge, auth_user, auth_pass, buf);
}
else {
#endif
- memset(buf, 0, sizeof(buf));
+ memset(buf, 0, bufsize);
to64frombits(buf, auth_user, strlen(auth_user));
if (use_oldauth) {
outbytes += smtp_write(sock, "AUTH LOGIN %s", buf);
@@ -1569,7 +1569,7 @@ int ssmtp(char *argv[])
die("Server didn't like our AUTH LOGIN (%s)", buf);
}
/* we assume server asked us for Username */
- memset(buf, 0, sizeof(buf));
+ memset(buf, 0, bufsize);
to64frombits(buf, auth_user, strlen(auth_user));
outbytes += smtp_write(sock, buf);
}
@@ -1578,7 +1578,7 @@ int ssmtp(char *argv[])
if(smtp_read(sock, buf) != 3) {
die("Server didn't accept AUTH LOGIN (%s)", buf);
}
- memset(buf, 0, sizeof(buf));
+ memset(buf, 0, bufsize);
to64frombits(buf, auth_pass, strlen(auth_pass));
#ifdef MD5AUTH
@@ -1689,7 +1689,7 @@ int ssmtp(char *argv[])
/* don't hang forever when reading from stdin */
while(!feof(stdin) && timeout < MEDWAIT) {
- if (!fgets(buf, sizeof(buf), stdin)) {
+ if (!fgets(buf, bufsize, stdin)) {
/* if nothing was received, then no transmission
* over smtp should be done */
sleep(1);
@@ -1697,12 +1697,25 @@ int ssmtp(char *argv[])
continue;
}
/* Trim off \n, double leading .'s */
- standardise(buf);
-
- outbytes += smtp_write(sock, "%s", buf);
+ leadingdot = standardise(buf, &linestart);
+ if (linestart) {
+ outbytes += smtp_write(sock, "%s", leadingdot ? b : buf);
+ } else {
+ if (log_level > 0) {
+ log_event(LOG_INFO, "Sent a very long line in chunks");
+ }
+ if (leadingdot) {
+ outbytes += fd_puts(sock, b, sizeof(b));
+ } else {
+ outbytes += fd_puts(sock, buf, bufsize);
+ }
+ }
(void)alarm((unsigned) MEDWAIT);
}
+ if(feof(stdin) && !linestart) {
+ smtp_write(sock, "");
+ }
/* End of body */
if (timeout >= MEDWAIT) {
Index: ssmtp.spec
===================================================================
RCS file: /cvs/pkgs/rpms/ssmtp/EL-4/ssmtp.spec,v
retrieving revision 1.12
retrieving revision 1.13
diff -u -p -r1.12 -r1.13
--- ssmtp.spec 26 Dec 2008 15:39:03 -0000 1.12
+++ ssmtp.spec 20 Apr 2010 01:22:14 -0000 1.13
@@ -1,6 +1,6 @@
Name: ssmtp
Version: 2.61
-Release: 11.8%{?dist}
+Release: 14%{?dist}
Summary: Extremely simple MTA to get mail off the system to a Mailhub
Group: Applications/Internet
License: GPLv2+
@@ -19,6 +19,8 @@ Patch6: %{name}-md5auth-non-rsa
Patch7: %{name}-unitialized-strdup.patch
Patch8: %{name}-authpass.patch
Patch9: %{name}-aliases.patch
+Patch10: %{name}-default-cert-path.patch
+Patch11: %{name}-standardise.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
#hack around wrong requires for mutt and mdadm
@@ -28,7 +30,8 @@ Provides: MTA smtpdaemon
%if 0%{?fedora} < 8
Provides: MTA smtpdaemon
%endif
-Provides: %{_sbindir}/sendmail
+#Provides: %{_sbindir}/sendmail
+#Provides: %{_bindir}/mailq
Requires(post): %{_sbindir}/alternatives
Requires(preun): %{_sbindir}/alternatives
BuildRequires: openssl-devel
@@ -56,7 +59,13 @@ or manage a queue. That belongs on a mai
%patch7 -p1
%patch8 -p1
%patch9 -p1
+%patch10 -p1
+%patch11 -p1
+#add missing libs in orderto fix FTBFS due to changes in implicit DSO linking
+%if "0%{?dist}" >= "0.fc13"
+sed -i "s/LIBS -lssl/LIBS -lssl -lcrypto/" configure
+%endif
%build
#on RHEL3 krb5 is somewhere else
@@ -65,6 +74,7 @@ or manage a queue. That belongs on a mai
%if "0%{?dist}" == "0.el3"
%define cppflags -I/usr/kerberos/include
%endif
+
%configure --enable-ssl --enable-md5auth --enable-inet6
%if "0%{?dist}" == "0.el3"
make %{?_smp_mflags} CPPFLAGS=%{cppflags}
@@ -85,7 +95,12 @@ install -p -D -m 644 ssmtp.conf.5 %{buil
ln -s %{_sbindir}/%{name} %{buildroot}%{_sbindir}/sendmail.ssmtp
ln -s %{_sbindir}/%{name} %{buildroot}%{_bindir}/newaliases.ssmtp
ln -s %{_sbindir}/%{name} %{buildroot}%{_bindir}/mailq.ssmtp
-
+touch %{buildroot}%{_sbindir}/sendmail
+touch %{buildroot}%{_bindir}/mailq
+touch %{buildroot}%{_bindir}/newaliases
+touch %{buildroot}%{_mandir}/man1/mailq.1.gz
+touch %{buildroot}%{_mandir}/man1/newaliases.1.gz
+touch %{buildroot}%{_mandir}/man8/sendmail.8.gz
%clean
rm -rf %{buildroot}
@@ -106,11 +121,12 @@ if [ $1 -eq 0 ] ; then
fi
exit 0
-#%postun
-#if [ $1 -eq 0 ] ; then
-# /usr/sbin/alternatives --auto mta
-#fi
-#exit 0
+%postun
+if [ "$1" -ge "1" ]; then
+ if [ "`readlink %{_sysconfdir}/alternatives/mta`" == "%{_sbindir}/sendmail.ssmtp" ]; then
+ %{_sbindir}/alternatives --set mta %{_sbindir}/sendmail.ssmtp
+ fi
+fi
%files
%defattr(-,root,root,-)
@@ -120,6 +136,14 @@ exit 0
%{_mandir}/man1/*
%{_sbindir}/%{name}
#%{_bindir}/generate_config_alt
+
+%ghost %{_sbindir}/sendmail
+%ghost %{_bindir}/mailq
+%ghost %{_bindir}/newaliases
+%ghost %{_mandir}/man1/mailq.1.gz
+%ghost %{_mandir}/man1/newaliases.1.gz
+%ghost %{_mandir}/man8/sendmail.8.gz
+
%{_sbindir}/sendmail.ssmtp
%{_bindir}/newaliases.ssmtp
%{_bindir}/mailq.ssmtp
@@ -129,6 +153,30 @@ exit 0
%changelog
+* Tue Apr 20 2010 Manuel "lonely wolf" Wolfshant <wolfy at fedoraproject.org> 2.61-14
+- use Fedora's default TLS cert path (close #553734)
+- add Debian's patch for "send-mail: standardise() -- Buffer overflow"
+ (close #582236)
+
+* Mon Mar 08 2010 Manuel "lonely wolf" Wolfshant <wolfy at fedoraproject.org> 2.61-13
+- Use %ghost instead of explicit-provides according to Packaging Guidelines for
+ Alternatives.
+- close #570799
+
+* Tue Feb 16 2010 Manuel "lonely wolf" Wolfshant <wolfy at fedoraproject.org> 2.61-12
+- fix FTBFS due to ImplicitDSOLinking
+- close #564967
+
+* Wed Aug 26 2009 Tomas Mraz <tmraz at redhat.com> 2.61-11.10
+- rebuild for new openssl
+
+* Wed Feb 17 2009 Manuel "lonely wolf" Wolfshant <wolfy at nobugconsulting.ro> 2.61-11.9
+- add Provides for mailq; this should make ssmtp dissapear from the "bad" list
+ from https://fedoraproject.org/wiki/PackagingDrafts/UsingAlternatives
+
+* Fri Jan 16 2009 Manuel "lonely wolf" Wolfshant <wolfy at nobugconsulting.ro> 2.61-11.8.1
+- rebuild for newer openssl
+
* Fri Dec 26 2008 Manuel "lonely wolf" Wolfshant <wolfy at nobugconsulting.ro> 2.61-11.8
- integrate patch adding support for aliases; initial version received from Tako
Schotanus <tako at codejive.org>, who adapted it from "eatnumber1"
More information about the scm-commits
mailing list