Difuse/packages
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Merge pull request #523 from dibdot/master

Browse source 
ssmtp: revoke gnutls support
This commit is contained in:
sbyx 2014-11-09 19:19:46 +01:00
commit ea39322917
3 changed files with 54 additions and 97 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
mail/ssmtp/Makefile
View file

@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk
PKG_NAME:=ssmtp PKG_NAME:=ssmtp
PKG_VERSION:=2.64 PKG_VERSION:=2.64
PKG_RELEASE:=1 PKG_RELEASE:=1.1
PKG_MAINTAINER:=Dirk Brenken <dibdot@gmail.com> PKG_MAINTAINER:=Dirk Brenken <dibdot@gmail.com>
PKG_LICENSE:=GPL-2.0+ PKG_LICENSE:=GPL-2.0+
@ -24,8 +24,8 @@ TARGET_CFLAGS += $(TARGET_CPPFLAGS)
define Package/ssmtp define Package/ssmtp
SECTION:=mail SECTION:=mail
CATEGORY:=Mail CATEGORY:=Mail
DEPENDS:=+libgnutls-openssl DEPENDS:=+libopenssl
TITLE:=A minimal and secure mail sender with gnutls support TITLE:=A minimal and secure mail sender with ssl support
URL:=http://packages.debian.org/ssmtp URL:=http://packages.debian.org/ssmtp
endef endef
@ -33,7 +33,7 @@ define Package/ssmtp/description
A secure, effective and simple way of getting mail off a system to your A secure, effective and simple way of getting mail off a system to your
mail hub. It contains no suid-binaries or other dangerous things - no mail hub. It contains no suid-binaries or other dangerous things - no
mail spool to poke around in, and no daemons running in the background. mail spool to poke around in, and no daemons running in the background.
mail is simply forwarded to the configured mailhost. Extremely easy Mail is simply forwarded to the configured mailhost. Extremely easy
configuration. configuration.
endef endef
@ -43,7 +43,7 @@ define Package/ssmtp/conffiles
endef endef
CONFIGURE_VARS += \ CONFIGURE_VARS += \
LIBS="$(TARGET_LDFLAGS) -lgnutls-openssl" LIBS="$(TARGET_LDFLAGS) -lcrypto -lssl"
CONFIGURE_ARGS += \ CONFIGURE_ARGS += \
--enable-ssl --enable-ssl

60
mail/ssmtp/patches/001-gnutls.patch
View file

@ -1,60 +0,0 @@
--- a/configure
+++ b/configure
@@ -1562,7 +1562,7 @@ if test x$enableval = xyes ; then
#define HAVE_SSL 1
EOF
- LIBS="$LIBS -lssl"
+ LIBS="$LIBS -lgnutls-openssl"
fi
enableval=""
--- a/configure.in
+++ b/configure.in
@@ -52,7 +52,7 @@ AC_ARG_ENABLE(ssl,
[ --enable-ssl support for secure connection to mail server])
if test x$enableval = xyes ; then
AC_DEFINE(HAVE_SSL)
- LIBS="$LIBS -lssl"
+ LIBS="$LIBS -lgnutls-openssl"
fi
enableval=""
--- a/ssmtp.c
+++ b/ssmtp.c
@@ -26,11 +26,7 @@
#include <ctype.h>
#include <netdb.h>
#ifdef HAVE_SSL
-#include <openssl/crypto.h>
-#include <openssl/x509.h>
-#include <openssl/pem.h>
-#include <openssl/ssl.h>
-#include <openssl/err.h>
+#include <gnutls/openssl.h>
#endif
#ifdef MD5AUTH
#include "md5auth/hmac_md5.h"
@@ -1133,7 +1129,7 @@ int smtp_open(char *host, int port)
}
if(use_cert == True) {
- if(SSL_CTX_use_certificate_chain_file(ctx, tls_cert) <= 0) {
+ if(SSL_CTX_use_certificate_file(ctx, tls_cert, SSL_FILETYPE_PEM) <= 0) {
perror("Use certfile");
return(-1);
}
@@ -1143,10 +1139,13 @@ int smtp_open(char *host, int port)
return(-1);
}
+#ifdef NOT_USED
if(!SSL_CTX_check_private_key(ctx)) {
log_event(LOG_ERR, "Private key does not match the certificate public key\n");
return(-1);
}
+#endif
+
}
#endif

81
mail/ssmtp/patches/002-fix_pointer.patch
View file

@ -1,6 +1,6 @@
--- a/ssmtp.c --- a/ssmtp.c
+++ b/ssmtp.c +++ b/ssmtp.c
@@ -51,21 +51,21 @@ bool_t use_oldauth = False; /* use old @@ -55,21 +55,21 @@ bool_t use_oldauth = False; /* use old
#define ARPADATE_LENGTH 32 /* Current date in RFC format */ #define ARPADATE_LENGTH 32 /* Current date in RFC format */
char arpadate[ARPADATE_LENGTH]; char arpadate[ARPADATE_LENGTH];
@ -32,7 +32,7 @@
headers_t headers, *ht; headers_t headers, *ht;
@@ -257,7 +257,7 @@ char *strip_post_ws(char *str) @@ -261,7 +261,7 @@ char *strip_post_ws(char *str)
p = (str + strlen(str)); p = (str + strlen(str));
while(isspace(*--p)) { while(isspace(*--p)) {
@ -41,7 +41,7 @@
} }
return(p); return(p);
@@ -275,7 +275,7 @@ char *addr_parse(char *str) @@ -279,7 +279,7 @@ char *addr_parse(char *str)
#endif #endif
/* Simple case with email address enclosed in <> */ /* Simple case with email address enclosed in <> */
@ -50,7 +50,7 @@
die("addr_parse(): strdup()"); die("addr_parse(): strdup()");
} }
@@ -283,7 +283,7 @@ char *addr_parse(char *str) @@ -287,7 +287,7 @@ char *addr_parse(char *str)
q++; q++;
if((p = strchr(q, '>'))) { if((p = strchr(q, '>'))) {
@ -59,7 +59,7 @@
} }
#if 0 #if 0
@@ -306,7 +306,7 @@ char *addr_parse(char *str) @@ -310,7 +310,7 @@ char *addr_parse(char *str)
q = strip_post_ws(p); q = strip_post_ws(p);
if(*q == ')') { if(*q == ')') {
while((*--q != '(')); while((*--q != '('));
@ -68,7 +68,7 @@
} }
(void)strip_post_ws(p); (void)strip_post_ws(p);
@@ -359,7 +359,7 @@ bool_t standardise(char *str, bool_t *li @@ -363,7 +363,7 @@ bool_t standardise(char *str, bool_t *li
*linestart = False; *linestart = False;
if((p = strchr(str, '\n'))) { if((p = strchr(str, '\n'))) {
@ -77,7 +77,7 @@
*linestart = True; *linestart = True;
} }
return(leadingdot); return(leadingdot);
@@ -380,7 +380,7 @@ void revaliases(struct passwd *pw) @@ -384,7 +384,7 @@ void revaliases(struct passwd *pw)
while(fgets(buf, sizeof(buf), fp)) { while(fgets(buf, sizeof(buf), fp)) {
/* Make comments invisible */ /* Make comments invisible */
if((p = strchr(buf, '#'))) { if((p = strchr(buf, '#'))) {
@ -86,7 +86,7 @@
} }
/* Ignore malformed lines and comments */ /* Ignore malformed lines and comments */
@@ -515,11 +515,11 @@ void rcpt_save(char *str) @@ -519,11 +519,11 @@ void rcpt_save(char *str)
#endif #endif
/* Ignore missing usernames */ /* Ignore missing usernames */
@ -100,7 +100,7 @@
die("rcpt_save() -- strdup() failed"); die("rcpt_save() -- strdup() failed");
} }
@@ -544,7 +544,7 @@ void rcpt_parse(char *str) @@ -548,7 +548,7 @@ void rcpt_parse(char *str)
(void)fprintf(stderr, "*** rcpt_parse(): str = [%s]\n", str); (void)fprintf(stderr, "*** rcpt_parse(): str = [%s]\n", str);
#endif #endif
@ -109,7 +109,7 @@
die("rcpt_parse(): strdup() failed"); die("rcpt_parse(): strdup() failed");
} }
q = p; q = p;
@@ -572,7 +572,7 @@ void rcpt_parse(char *str) @@ -576,7 +576,7 @@ void rcpt_parse(char *str)
} }
/* End of string? */ /* End of string? */
@ -118,7 +118,7 @@
got_addr = True; got_addr = True;
} }
@@ -580,7 +580,7 @@ void rcpt_parse(char *str) @@ -584,7 +584,7 @@ void rcpt_parse(char *str)
if((*q == ',') && (in_quotes == False)) { if((*q == ',') && (in_quotes == False)) {
got_addr = True; got_addr = True;
@ -127,7 +127,7 @@
} }
if(got_addr) { if(got_addr) {
@@ -664,7 +664,7 @@ void header_save(char *str) @@ -668,7 +668,7 @@ void header_save(char *str)
(void)fprintf(stderr, "header_save(): str = [%s]\n", str); (void)fprintf(stderr, "header_save(): str = [%s]\n", str);
#endif #endif
@ -136,7 +136,7 @@
die("header_save() -- strdup() failed"); die("header_save() -- strdup() failed");
} }
ht->string = p; ht->string = p;
@@ -672,7 +672,7 @@ void header_save(char *str) @@ -676,7 +676,7 @@ void header_save(char *str)
if(strncasecmp(ht->string, "From:", 5) == 0) { if(strncasecmp(ht->string, "From:", 5) == 0) {
#if 1 #if 1
/* Hack check for NULL From: line */ /* Hack check for NULL From: line */
@ -145,7 +145,7 @@
return; return;
} }
#endif #endif
@@ -735,19 +735,19 @@ header_parse() -- Break headers into sep @@ -739,19 +739,19 @@ header_parse() -- Break headers into sep
void header_parse(FILE *stream) void header_parse(FILE *stream)
{ {
size_t size = BUF_SZ, len = 0; size_t size = BUF_SZ, len = 0;
@ -169,7 +169,7 @@
die("header_parse() -- realloc() failed"); die("header_parse() -- realloc() failed");
} }
q = (p + len); q = (p + len);
@@ -772,9 +772,9 @@ void header_parse(FILE *stream) @@ -776,9 +776,9 @@ void header_parse(FILE *stream)
in_header = False; in_header = False;
default: default:
@ -181,7 +181,7 @@
} }
header_save(p); header_save(p);
@@ -805,9 +805,9 @@ void header_parse(FILE *stream) @@ -809,9 +809,9 @@ void header_parse(FILE *stream)
in_header = False; in_header = False;
default: default:
@ -193,7 +193,7 @@
} }
header_save(p); header_save(p);
@@ -872,11 +872,11 @@ bool_t read_config() @@ -876,11 +876,11 @@ bool_t read_config()
char *rightside; char *rightside;
/* Make comments invisible */ /* Make comments invisible */
if((p = strchr(buf, '#'))) { if((p = strchr(buf, '#'))) {
@ -207,7 +207,7 @@
/* Parse out keywords */ /* Parse out keywords */
p=firsttok(&begin, "= \t\n"); p=firsttok(&begin, "= \t\n");
@@ -886,7 +886,7 @@ bool_t read_config() @@ -890,7 +890,7 @@ bool_t read_config()
} }
if(p && q) { if(p && q) {
if(strcasecmp(p, "Root") == 0) { if(strcasecmp(p, "Root") == 0) {
@ -216,7 +216,7 @@
die("parse_config() -- strdup() failed"); die("parse_config() -- strdup() failed");
} }
@@ -900,7 +900,7 @@ bool_t read_config() @@ -904,7 +904,7 @@ bool_t read_config()
port = atoi(r); port = atoi(r);
} }
@ -225,7 +225,7 @@
die("parse_config() -- strdup() failed"); die("parse_config() -- strdup() failed");
} }
@@ -945,7 +945,7 @@ bool_t read_config() @@ -949,7 +949,7 @@ bool_t read_config()
mail_domain = strdup(q); mail_domain = strdup(q);
} }
@ -234,7 +234,7 @@
die("parse_config() -- strdup() failed"); die("parse_config() -- strdup() failed");
} }
rewrite_domain = True; rewrite_domain = True;
@@ -1021,7 +1021,7 @@ bool_t read_config() @@ -1025,7 +1025,7 @@ bool_t read_config()
} }
} }
else if(strcasecmp(p, "TLSCert") == 0) { else if(strcasecmp(p, "TLSCert") == 0) {
@ -243,7 +243,7 @@
die("parse_config() -- strdup() failed"); die("parse_config() -- strdup() failed");
} }
@@ -1032,7 +1032,7 @@ bool_t read_config() @@ -1036,7 +1036,7 @@ bool_t read_config()
#endif #endif
/* Command-line overrides these */ /* Command-line overrides these */
else if(strcasecmp(p, "AuthUser") == 0 && !auth_user) { else if(strcasecmp(p, "AuthUser") == 0 && !auth_user) {
@ -252,7 +252,7 @@
die("parse_config() -- strdup() failed"); die("parse_config() -- strdup() failed");
} }
@@ -1041,7 +1041,7 @@ bool_t read_config() @@ -1045,7 +1045,7 @@ bool_t read_config()
} }
} }
else if(strcasecmp(p, "AuthPass") == 0 && !auth_pass) { else if(strcasecmp(p, "AuthPass") == 0 && !auth_pass) {
@ -261,7 +261,7 @@
die("parse_config() -- strdup() failed"); die("parse_config() -- strdup() failed");
} }
@@ -1050,7 +1050,7 @@ bool_t read_config() @@ -1054,7 +1054,7 @@ bool_t read_config()
} }
} }
else if(strcasecmp(p, "AuthMethod") == 0 && !auth_method) { else if(strcasecmp(p, "AuthMethod") == 0 && !auth_method) {
@ -270,7 +270,24 @@
die("parse_config() -- strdup() failed"); die("parse_config() -- strdup() failed");
} }
@@ -1309,7 +1309,7 @@ char *fd_gets(char *buf, int size, int f @@ -1119,14 +1119,11 @@ int smtp_open(char *host, int port)
char buf[(BUF_SZ + 1)];
/* Init SSL stuff */
- SSL_CTX *ctx;
- SSL_METHOD *meth;
+ SSL_CTX *ctx = NULL;
X509 *server_cert;
-
SSL_load_error_strings();
SSLeay_add_ssl_algorithms();
- meth=SSLv23_client_method();
- ctx = SSL_CTX_new(meth);
+ ctx = SSL_CTX_new(SSLv23_client_method());
if(!ctx) {
log_event(LOG_ERR, "No SSL support initiated\n");
return(-1);
@@ -1310,7 +1307,7 @@ char *fd_gets(char *buf, int size, int f
buf[i++] = c; buf[i++] = c;
} }
} }
@ -279,7 +296,7 @@
return(buf); return(buf);
} }
@@ -1433,14 +1433,14 @@ int ssmtp(char *argv[]) @@ -1434,14 +1431,14 @@ int ssmtp(char *argv[])
} }
if((p = strtok(pw->pw_gecos, ";,"))) { if((p = strtok(pw->pw_gecos, ";,"))) {
@ -296,7 +313,7 @@
uad = append_domain(pw->pw_name); uad = append_domain(pw->pw_name);
} }
@@ -1488,7 +1488,7 @@ int ssmtp(char *argv[]) @@ -1489,7 +1486,7 @@ int ssmtp(char *argv[])
/* Try to log in if username was supplied */ /* Try to log in if username was supplied */
if(auth_user) { if(auth_user) {
#ifdef MD5AUTH #ifdef MD5AUTH
@ -305,7 +322,7 @@
auth_pass = strdup(""); auth_pass = strdup("");
} }
@@ -1736,7 +1736,7 @@ char **parse_options(int argc, char *arg @@ -1737,7 +1734,7 @@ char **parse_options(int argc, char *arg
j = 0; j = 0;
add = 1; add = 1;
@ -314,7 +331,7 @@
switch(argv[i][j]) { switch(argv[i][j]) {
#ifdef INET6 #ifdef INET6
case '6': case '6':
@@ -1754,14 +1754,14 @@ char **parse_options(int argc, char *arg @@ -1755,14 +1752,14 @@ char **parse_options(int argc, char *arg
if((!argv[i][(j + 1)]) if((!argv[i][(j + 1)])
&& argv[(i + 1)]) { && argv[(i + 1)]) {
auth_user = strdup(argv[i+1]); auth_user = strdup(argv[i+1]);
@ -331,7 +348,7 @@
die("parse_options() -- strdup() failed"); die("parse_options() -- strdup() failed");
} }
} }
@@ -1771,14 +1771,14 @@ char **parse_options(int argc, char *arg @@ -1772,14 +1769,14 @@ char **parse_options(int argc, char *arg
if((!argv[i][(j + 1)]) if((!argv[i][(j + 1)])
&& argv[(i + 1)]) { && argv[(i + 1)]) {
auth_pass = strdup(argv[i+1]); auth_pass = strdup(argv[i+1]);
@ -348,7 +365,7 @@
die("parse_options() -- strdup() failed"); die("parse_options() -- strdup() failed");
} }
} }
@@ -1869,14 +1869,14 @@ char **parse_options(int argc, char *arg @@ -1870,14 +1867,14 @@ char **parse_options(int argc, char *arg
case 'F': case 'F':
if((!argv[i][(j + 1)]) && argv[(i + 1)]) { if((!argv[i][(j + 1)]) && argv[(i + 1)]) {
minus_F = strdup(argv[(i + 1)]); minus_F = strdup(argv[(i + 1)]);
@ -365,7 +382,7 @@
die("parse_options() -- strdup() failed"); die("parse_options() -- strdup() failed");
} }
} }
@@ -1888,14 +1888,14 @@ char **parse_options(int argc, char *arg @@ -1889,14 +1886,14 @@ char **parse_options(int argc, char *arg
case 'r': case 'r':
if((!argv[i][(j + 1)]) && argv[(i + 1)]) { if((!argv[i][(j + 1)]) && argv[(i + 1)]) {
minus_f = strdup(argv[(i + 1)]); minus_f = strdup(argv[(i + 1)]);