Date: Mon, 21 Jan 2002 21:20:55 -0500 From: Yarema <yds@CoolRat.org> To: FreeBSD-gnats-submit@freebsd.org Cc: dwhite@freebsd.org;, dwcjr@freebsd.org Subject: ports/34145: MAINTAINER-UPDATE: Port upgrade: mail/courier Message-ID: <courier.3C4CCC87.00002A5F@CoolRat.org>
next in thread | raw e-mail | index | archive | help
>Number: 34145 >Category: ports >Synopsis: MAINTAINER-UPDATE: Port upgrade: mail/courier >Confidential: no >Severity: critical >Priority: high >Responsible: freebsd-ports >State: open >Quarter: >Keywords: >Date-Required: >Class: maintainer-update >Submitter-Id: current-users >Arrival-Date: Mon Jan 21 18:30:01 PST 2002 >Closed-Date: >Last-Modified: >Originator: Yarema >Release: FreeBSD 4.5-RC i386 >Organization: CollRat.org >Environment: System: FreeBSD volyn.coolrat.org 4.5-RC FreeBSD 4.5-RC #0: Thu Jan 10 04:09:32 EST 2002 root@volyn.coolrat.org:/usr/obj/usr/src/sys/TIGER100 i386 >Description: Sam Varshavchik <mrsam@courier-mta.com> in <courier-announce@lists.sourceforge.net> writes: > This release fixes a locally-exploitable bug in Courier 0.37.1 and > earlier, identified by Nat Sakimura. A hand-crafted .courier file can > be used to insert \r characters in the message queue file. A bug in the > function that reads message queue files subsequently results in memory > corruption. In addition to upgrading the port to the 0.37.2 release this PR adapts a patch by Marcus Felipe Pereira <marcus@provedor.net> to accept invalid MIME-formatted 8bit messages which violate RFC2047 and/or RFC2045 guidelines. There's a new patch-courier_module.esmtp_esmtpd.dist.in file which adds a runtime config knob for the above patch. This PR adds another knob to respect the make.conf(5) NOUUCP setting. If NOUUCP is defined none of courier's uucp functionality will be built or installed. >How-To-Repeat: >Fix: diff -ruN courier-0.37.0/Makefile courier/Makefile --- courier-0.37.0/Makefile Tue Jan 15 01:17:25 2002 +++ courier/Makefile Mon Jan 21 19:31:22 2002 @@ -6,16 +6,14 @@ # PORTNAME= courier -PORTVERSION= 0.37.0 +PORTVERSION= 0.37.2 PORTREVISION= 0 CATEGORIES= mail ipv6 -MASTER_SITES= http://www.courier-mta.org/beta/%SUBDIR%/ \ - ${MASTER_SITE_SOURCEFORGE} +MASTER_SITES= ${MASTER_SITE_SOURCEFORGE} MASTER_SITE_SUBDIR= courier MAINTAINER= yds@CoolRat.org -#BUILD_DEPENDS= ${LOCALBASE}/share/aclocal/sysconftool.m4:${PORTSDIR}/devel/sysconftool RUN_DEPENDS= ${LOCALBASE}/lib/perl5/site_perl/${PERL_VER}/Net/CIDR.pm:${PORTSDIR}/net/p5-Net-CIDR # @@ -76,9 +74,17 @@ --enable-workarounds-for-imap-client-bugs CONFIGURE_ENV= PATH="${PATH}:${SCRIPTDIR}" +# Respect the make.conf(5) NOUUCP setting +.if defined(NOUUCP) +CONFIGURE_ARGS+=--with-transport='local esmtp dsn' +PLIST_SUB+= SUB_UUCP="@comment " +.else +PLIST_SUB+= SUB_UUCP="" +.endif + PKGMESSAGE= ${WRKDIR}/.PKGMESSAGE -INSTALL_TARGET= install-strip +INSTALL_TARGET= install-strip install-perms PLIST_SUB+= CACHEOWNER="${CACHEOWNER}" diff -ruN courier-0.37.0/Makefile.man courier/Makefile.man --- courier-0.37.0/Makefile.man Wed Jan 2 18:37:53 2002 +++ courier/Makefile.man Mon Jan 21 18:54:23 2002 @@ -32,7 +32,6 @@ courierldapaliasd.8 \ courierperlfilter.8 \ courierpop3d.8 \ - courieruucp.8 \ deliverquota.8 \ dupfilter.8 \ esmtpd.8 \ @@ -65,8 +64,13 @@ authlib.7 authvchkpw.7 \ courierfilter.8 filterctl.8 \ courierpop3d.8 courierpop3login.8 \ - courieruucp.8 makeuucpneighbors.8 \ esmtpd.8 esmtpd-msa.8 \ makesmtpaccess.8 makesmtpaccess-msa.8 \ makeuserdb.8 pw2userdb.8 \ makeuserdb.8 vchkpw2userdb.8 + +.if !defined(NOUUCP) +MAN8+= courieruucp.8 +MLINKS+=courieruucp.8 makeuucpneighbors.8 +.endif + diff -ruN courier-0.37.0/distinfo courier/distinfo --- courier-0.37.0/distinfo Wed Jan 9 16:06:22 2002 +++ courier/distinfo Mon Jan 21 14:03:00 2002 @@ -1 +1 @@ -MD5 (courier-0.37.0.tar.gz) = 3bbece1455c9d2de871d3edc9970a1c4 +MD5 (courier-0.37.2.tar.gz) = f7935e8152477a9f4625f982533e15ec diff -ruN courier-0.37.0/files/patch-courier_module.esmtp_esmtpd.dist.in courier/files/patch-courier_module.esmtp_esmtpd.dist.in --- courier-0.37.0/files/patch-courier_module.esmtp_esmtpd.dist.in Wed Dec 31 19:00:00 1969 +++ courier/files/patch-courier_module.esmtp_esmtpd.dist.in Mon Jan 21 15:15:39 2002 @@ -0,0 +1,16 @@ +--- courier/module.esmtp/esmtpd.dist.in.orig Mon Jan 21 14:43:56 2002 ++++ courier/module.esmtp/esmtpd.dist.in Mon Jan 21 15:13:05 2002 +@@ -39,6 +39,13 @@ + + BOFHCHECKDNS=1 + ++##NAME: BOFHACCEPT8BIT:0 ++# ++# Set BOFHACCEPT8BIT to 1 to accept invalid MIME-formatted 8bit ++# messages which violate RFC2047 and/or RFC2045 guidelines. ++ ++BOFHACCEPT8BIT=0 ++ + ##NAME: BOFHNOEXPN:1 + # + # Set BOFHNOEXP to 1 to disable EXPN diff -ruN courier-0.37.0/files/patch-courier_perms.sh.in courier/files/patch-courier_perms.sh.in --- courier-0.37.0/files/patch-courier_perms.sh.in Wed Dec 19 22:04:47 2001 +++ courier/files/patch-courier_perms.sh.in Mon Jan 21 18:46:41 2002 @@ -1,18 +1,17 @@ --- courier/perms.sh.in.orig Fri Dec 7 08:37:35 2001 -+++ courier/perms.sh.in Wed Dec 19 22:04:44 2001 -@@ -10,9 +10,9 @@ ++++ courier/perms.sh.in Mon Jan 21 18:46:38 2002 +@@ -10,9 +10,7 @@ exec_prefix="@exec_prefix@" PERMS=" -. 755 -+. 755 x root wheel - +- -@localstatedir@ 755 x bin bin +@localstatedir@ 755 x root wheel @localstatedir@/tmp 770 @localstatedir@/msgs 750 @localstatedir@/msgq 750 -@@ -41,120 +41,131 @@ +@@ -41,120 +39,125 @@ @sysconfdir@/rfcerr2046.txt 444 config @sysconfdir@/rfcerr2047.txt 444 config @@ -21,7 +20,6 @@ -@libexecdir@/courier 755 x bin bin -@libexecdir@/courier/modules 755 x bin bin -@libexecdir@/courier/modules/modules.ctl 444 x bin bin -+@libexecdir@ 755 x root wheel +@libexecdir@/authlib 755 x root wheel +@libexecdir@/courier 755 x root wheel +@libexecdir@/courier/modules 755 x root wheel @@ -32,7 +30,6 @@ +@libexecdir@/courier/modules/local/courierdeliver 555 x root wheel +@libexecdir@/courier/modules/local/courierlocal 555 x root wheel +@libexecdir@/courier/modules/modules.ctl 444 x root wheel -+@libexecdir@/courier/modules/uucp 755 x root wheel @libexecdir@/courier/submitmkdir 4550 -@libexecdir@/courier/courierd 550 -@libexecdir@/courier/courierpop3d 555 @@ -64,7 +61,6 @@ +@libexecdir@/filters/dupfilter 555 x root wheel +@libexecdir@/filters/perlfilter 555 x root wheel + -+@sbindir@ 755 x root wheel +@sbindir@/courier 555 x root wheel +@sbindir@/showconfig 555 x root wheel @sbindir@/showmodules 550 @@ -84,7 +80,6 @@ +@datadir@/imapd-ssl 555 x root wheel -@bindir@ 755 x bin bin -+@bindir@ 755 x root wheel @bindir@/cancelmsg 6555 -@bindir@/courier-config 555 -@bindir@/mailq 2555 @@ -180,7 +175,6 @@ +@bindir@/mimegpg 555 x root wheel +@bindir@/couriermlm 555 x root wheel +@bindir@/dotforward 555 x root wheel -+@bindir@/preline 555 x root wheel + +@datadir@/makedat 555 x root wheel +@bindir@/makedat 555 x root wheel @@ -205,7 +199,6 @@ +@datadir@/vchkpw2userdb 555 x root wheel +@sbindir@/vchkpw2userdb 555 x root wheel + -+@datadir@ 755 x root wheel +@datadir@/courierctl.start 555 x root wheel + +@datadir@/mkimapdcert 555 x root wheel @@ -250,7 +243,7 @@ " echo "$PERMS" | while read FILE MODE SPECIAL USER GROUP -@@ -198,7 +209,7 @@ +@@ -198,7 +201,7 @@ if test "$couriertls" != "" then @@ -259,7 +252,7 @@ fi if test "@HAVE_LDAP@" != 0 -@@ -207,23 +218,23 @@ +@@ -207,23 +210,23 @@ echo @sbindir@/courierldapaliasd 700 @mailuser@ @mailgroup@ fi @@ -287,7 +280,7 @@ done . ../authlib/authdaemonrc -@@ -240,16 +251,16 @@ +@@ -240,16 +243,16 @@ . ../authlib/authpwdprogs @@ -305,5 +298,5 @@ test "$f" = "dummy" && continue echo "@authchangepwdir@/$f 555 @mailuser@ @mailgroup@" - echo "@datadir@/$f 555 @mailuser@ @mailgroup@" -+ echo "@datadir@/$f 555 root wheel ++ echo "@datadir@/$f 555 root wheel" done diff -ruN courier-0.37.0/files/patch-courier_submit2.C courier/files/patch-courier_submit2.C --- courier-0.37.0/files/patch-courier_submit2.C Mon Jan 14 20:32:29 2002 +++ courier/files/patch-courier_submit2.C Mon Jan 21 15:39:29 2002 @@ -1,18 +1,26 @@ ---- courier/submit2.C.orig Sat Dec 15 16:19:01 2001 -+++ courier/submit2.C Mon Jan 14 20:32:21 2002 -@@ -800,6 +800,7 @@ +--- courier/submit2.C.orig Tue Jan 15 17:44:37 2002 ++++ courier/submit2.C Mon Jan 21 15:38:40 2002 +@@ -777,6 +777,8 @@ + { + int is8bit=0, dorewrite=0, rwmode=0; + const char *mime=getenv("MIME"); ++const char *q=getenv("BOFHACCEPT8BIT"); ++const int accept8bit=(q && *q == '1' ? 1 : 0); + unsigned n; + struct stat stat_buf; + const char *rfcerr=NULL; +@@ -800,12 +802,12 @@ return (1); } -+#if !defined(RFC2045_ERR8BITACCEPT) - if (rwrfcptr->rfcviolation & RFC2045_ERR8BITHEADER) +- if (rwrfcptr->rfcviolation & RFC2045_ERR8BITHEADER) ++ if (!accept8bit && (rwrfcptr->rfcviolation & RFC2045_ERR8BITHEADER)) { rfcerr= SYSCONFDIR "/rfcerr2047.txt"; -@@ -810,6 +811,7 @@ - rfcerr= SYSCONFDIR "/rfcerr2045.txt"; dorewrite=1; } -+#endif - else if (rwrfcptr->rfcviolation & RFC2045_ERRBADBOUNDARY) +- else if (rwrfcptr->rfcviolation & RFC2045_ERR8BITCONTENT) ++ else if (!accept8bit && (rwrfcptr->rfcviolation & RFC2045_ERR8BITCONTENT)) { - rfcerr= SYSCONFDIR "/rfcerr2046.txt"; + rfcerr= SYSCONFDIR "/rfcerr2045.txt"; + dorewrite=1; diff -ruN courier-0.37.0/pkg-plist courier/pkg-plist --- courier-0.37.0/pkg-plist Wed Jan 9 17:37:59 2002 +++ courier/pkg-plist Mon Jan 21 19:00:46 2002 @@ -79,7 +79,7 @@ etc/courier/module.dsn etc/courier/module.esmtp etc/courier/module.local -etc/courier/module.uucp +%%SUB_UUCP%%etc/courier/module.uucp etc/courier/pop3d-ssl.dist etc/courier/pop3d.authpam etc/courier/pop3d.cnf @@ -142,7 +142,7 @@ libexec/courier/modules/local/courierdeliver libexec/courier/modules/local/courierlocal libexec/courier/modules/modules.ctl -libexec/courier/modules/uucp/courieruucp +%%SUB_UUCP%%libexec/courier/modules/uucp/courieruucp libexec/courier/pcpd libexec/courier/submit libexec/courier/submitmkdir @@ -152,7 +152,7 @@ libexec/filters/perlfilter @dirrm libexec/authlib/changepwd @dirrm libexec/authlib -@dirrm libexec/courier/modules/uucp +%%SUB_UUCP%%@dirrm libexec/courier/modules/uucp @dirrm libexec/courier/modules/local @dirrm libexec/courier/modules/esmtp @dirrm libexec/courier/modules/dsn @@ -178,7 +178,7 @@ sbin/makesmtpaccess sbin/makesmtpaccess-msa sbin/makeuserdb -sbin/makeuucpneighbors +%%SUB_UUCP%%sbin/makeuucpneighbors sbin/mkesmtpdcert sbin/mkimapdcert sbin/mkpop3dcert @@ -280,7 +280,7 @@ share/courier/makepercentrelay share/courier/makesmtpaccess share/courier/makeuserdb -share/courier/makeuucpneighbors +%%SUB_UUCP%%share/courier/makeuucpneighbors share/courier/mkesmtpdcert share/courier/mkimapdcert share/courier/mkpop3dcert @@ -445,6 +445,7 @@ share/courier/sqwebmail/images/replylist.gif share/courier/sqwebmail/images/right.gif share/courier/sqwebmail/images/right2.gif +share/courier/sqwebmail/images/save.gif share/courier/sqwebmail/images/sep.gif share/courier/sqwebmail/images/signin.gif share/courier/sqwebmail/images/sqwebmail.css @@ -497,7 +498,7 @@ %%PORTDOCS%%share/doc/courier/html/courierpop3d.html %%PORTDOCS%%share/doc/courier/html/couriertcpd.html %%PORTDOCS%%share/doc/courier/html/couriertls.html -%%PORTDOCS%%share/doc/courier/html/courieruucp.html +%%SUB_UUCP%%%%PORTDOCS%%share/doc/courier/html/courieruucp.html %%PORTDOCS%%share/doc/courier/html/deliverquota.html %%PORTDOCS%%share/doc/courier/html/dot-courier.html %%PORTDOCS%%share/doc/courier/html/dot-forward.html @@ -592,7 +593,7 @@ @exec chown courier:courier %D/etc/courier/module.dsn @exec chown courier:courier %D/etc/courier/module.esmtp @exec chown courier:courier %D/etc/courier/module.local -@exec chown courier:courier %D/etc/courier/module.uucp +%%SUB_UUCP%%@exec chown courier:courier %D/etc/courier/module.uucp @exec chown root:wheel %D/etc/courier/pop3d-ssl.dist @exec chown root:wheel %D/etc/courier/pop3d.authpam @exec chown root:wheel %D/etc/courier/pop3d.cnf @@ -614,7 +615,7 @@ @exec chown root:courier %D/libexec/courier/modules/esmtp/authstart @exec chown courier:courier %D/libexec/courier/modules/esmtp/courieresmtp @exec chown courier:courier %D/libexec/courier/modules/esmtp/courieresmtpd -@exec chown courier:courier %D/libexec/courier/modules/uucp/courieruucp +%%SUB_UUCP%%@exec chown courier:courier %D/libexec/courier/modules/uucp/courieruucp @exec chown courier:courier %D/libexec/courier/submit @exec chown courier:courier %D/libexec/courier/submitmkdir @exec chown courier:courier %D/sbin/showmodules diff -ruN courier-0.37.0/scripts/configure.courier courier/scripts/configure.courier --- courier-0.37.0/scripts/configure.courier Tue Jan 15 01:17:28 2002 +++ courier/scripts/configure.courier Mon Jan 21 15:41:45 2002 @@ -14,25 +14,19 @@ fi if [ "${BATCH}" = "yes" ]; then - [ "x${ENABLE_ACCEPT8BIT}" = "xYES" ] && OPTIONS="${OPTIONS} \"Accept8bit\"" - [ "x${ENABLE_EXPECT}" = "xYES" ] && OPTIONS="${OPTIONS} \"Expect\"" - [ "x${ENABLE_GNUPG}" = "xYES" ] && OPTIONS="${OPTIONS} \"GnuPG\"" - [ "x${ENABLE_ASPELL}" = "xYES" ] && OPTIONS="${OPTIONS} \"ASpell\"" - [ "x${ENABLE_ISPELL}" = "xYES" ] && OPTIONS="${OPTIONS} \"ISpell\"" - [ "x${ENABLE_LDAP1}" = "xYES" ] && OPTIONS="${OPTIONS} \"OpenLDAP1\"" - [ "x${ENABLE_LDAP2}" = "xYES" ] && OPTIONS="${OPTIONS} \"OpenLDAP2\"" - [ "x${ENABLE_MYSQL}" = "xYES" ] && OPTIONS="${OPTIONS} \"MySQL\"" - [ "x${ENABLE_PGSQL}" = "xYES" ] && OPTIONS="${OPTIONS} \"PostgreSQL\"" - [ "x${ENABLE_VPOPMAIL}" = "xYES" ] && OPTIONS="${OPTIONS} \"VPopMail\"" - [ "x${ENABLE_PROCMAIL}" = "xYES" ] && OPTIONS="${OPTIONS} \"Procmail\"" - [ "x${ENABLE_IPV6}" = "xYES" ] && OPTIONS="${OPTIONS} \"IPv6\"" + [ "x${ENABLE_EXPECT}" = "xYES" ] && OPTIONS="${OPTIONS} \"Expect\"" + [ "x${ENABLE_GNUPG}" = "xYES" ] && OPTIONS="${OPTIONS} \"GnuPG\"" + [ "x${ENABLE_ASPELL}" = "xYES" ] && OPTIONS="${OPTIONS} \"ASpell\"" + [ "x${ENABLE_ISPELL}" = "xYES" ] && OPTIONS="${OPTIONS} \"ISpell\"" + [ "x${ENABLE_LDAP1}" = "xYES" ] && OPTIONS="${OPTIONS} \"OpenLDAP1\"" + [ "x${ENABLE_LDAP2}" = "xYES" ] && OPTIONS="${OPTIONS} \"OpenLDAP2\"" + [ "x${ENABLE_MYSQL}" = "xYES" ] && OPTIONS="${OPTIONS} \"MySQL\"" + [ "x${ENABLE_PGSQL}" = "xYES" ] && OPTIONS="${OPTIONS} \"PostgreSQL\"" + [ "x${ENABLE_VPOPMAIL}" = "xYES" ] && OPTIONS="${OPTIONS} \"VPopMail\"" + [ "x${ENABLE_PROCMAIL}" = "xYES" ] && OPTIONS="${OPTIONS} \"Procmail\"" + [ "x${ENABLE_IPV6}" = "xYES" ] && OPTIONS="${OPTIONS} \"IPv6\"" [ -n "${OPTIONS}" ] && set ${OPTIONS} else - if [ "x${ENABLE_ACCEPT8BIT}" = "xYES" ]; then - SET_ACCEPT8BIT="ON" - else - SET_ACCEPT8BIT="OFF" - fi if [ "x${ENABLE_EXPECT}" = "xYES" \ -o -x ${LOCALBASE}/bin/expect ]; then SET_EXPECT="ON" @@ -107,7 +101,6 @@ /usr/bin/dialog --title "Courier configuration options" --clear \ --checklist "\n\ Please select desired options:" -1 -1 16 \ -Accept8bit "http://www.Courier-MTA.org/FAQ.html#esmtperr" ${SET_ACCEPT8BIT} \ Expect "Expect support for WebMail change passwd" ${SET_EXPECT} \ GnuPG "GNU Privacy Guard support for WebMail" ${SET_GNUPG} \ ASpell "ASpell support for WebMail" ${SET_ASPELL} \ @@ -155,9 +148,6 @@ while [ "$1" ]; do case $1 in - \"Accept8bit\") - echo "CXXFLAGS+= -DRFC2045_ERR8BITACCEPT" - ;; \"Expect\") echo "BUILD_DEPENDS+= expect:${PORTSDIR}/lang/expect" ;; >Release-Note: >Audit-Trail: >Unformatted: To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ports" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?courier.3C4CCC87.00002A5F>