Index: head/mail/cclient/Makefile =================================================================== --- head/mail/cclient/Makefile (revision 81927) +++ head/mail/cclient/Makefile (revision 81928) @@ -1,95 +1,96 @@ # New ports collection makefile for: cclient # Date created: 2 July 2000 # Whom: Kelly Yancey # # $FreeBSD$ # PORTNAME= cclient PORTVERSION= 2002c1 +PORTREVISION= 1 PORTEPOCH= 1 CATEGORIES= mail devel MASTER_SITES= ftp://ftp.cac.washington.edu/imap/%SUBDIR%/ \ http://atreides.freenix.no/~anders/%SUBDIR%/ \ ftp://ftp.funet.fi/pub/mirrors/ftp.cac.washington.edu/imap/%SUBDIR%/ \ ftp://ftp.nuug.no/pub/anders/distfiles/%SUBDIR%/ MASTER_SITE_SUBDIR= . old DISTNAME= imap-${PORTVERSION} EXTRACT_SUFX= .tar.Z MAINTAINER= anders@FreeBSD.org COMMENT= Mark Crispin's C-client mail access routines INSTALLS_SHLIB= yes ALL_TARGET= bsf .if defined(WITHOUT_SSL) MAKE_ARGS+= SSLTYPE=none .else USE_OPENSSL= yes .if defined(WITH_SSL_AND_PLAINTEXT) MAKE_ARGS+= SSLTYPE=unix .else MAKE_ARGS+= SSLTYPE=unix.nopwd .endif .endif WRKSRC= ${WRKDIR}/${DISTNAME} USE_REINPLACE= yes SHLIBBASE= c-client4 SHLIBMAJ= 8 SHLIBNAME= lib${SHLIBBASE}.so.${SHLIBMAJ} MAKE_ENV= SHLIBNAME=${SHLIBNAME} SHLIBBASE=${SHLIBBASE} PLIST_SUB= SHLIBNAME=${SHLIBNAME} SHLIBBASE=${SHLIBBASE} .include .if ${PORTOBJFORMAT} == "aout" SHLIBNAME= lib${SHLIBBASE}.so.${SHLIBMAJ}.0 .endif post-patch: .for file in Makefile src/osdep/unix/Makefile src/osdep/unix/Makefile.gss @${REINPLACE_CMD} -e "s|/usr/local|${PREFIX}|g" ${WRKSRC}/${file} .endfor post-configure: @${ECHO_MSG} ">> The c-client shared library will be named ${SHLIBNAME}" HEADERS= c-client.h dummy.h env.h env_unix.h fdstring.h flocksim.h \ flstring.h fs.h ftl.h imap4r1.h linkage.c linkage.h mail.h \ mbox.h mbx.h mh.h misc.h mmdf.h mtx.h mx.h netmsg.h news.h \ newsrc.h nl.h nntp.h osdep.h phile.h pop3.h pseudo.h rfc822.h \ smtp.h sslio.h tcp.h tcp_unix.h tenex.h unix.h utf8.h PORTREV_H= ${WRKDIR}/portrevision.h post-build: @${ECHO_CMD} "#define CCLIENT_PORTVERSION \"${PORTVERSION}\"" >${PORTREV_H} .if !defined(WITHOUT_SSL) @${ECHO_CMD} "#define CCLIENT_SSLENABLED \"yes\"" >>${PORTREV_H} .else @${ECHO_CMD} "#define CCLIENT_SSLENABLED \"no\"" >>${PORTREV_H} .endif do-install: ${MKDIR} ${PREFIX}/include/c-client .for f in ${HEADERS} ${INSTALL_DATA} ${WRKSRC}/c-client/${f} ${PREFIX}/include/c-client .endfor ${INSTALL} ${COPY} -o ${LIBOWN} -g ${LIBGRP} -m ${LIBMODE} \ ${WRKSRC}/c-client/${SHLIBNAME} ${PREFIX}/lib ${LN} -sf ${SHLIBNAME} ${PREFIX}/lib/lib${SHLIBBASE}.so ${INSTALL_DATA} ${WRKSRC}/c-client/c-client.a \ ${PREFIX}/lib/lib${SHLIBBASE}.a post-install: ${INSTALL_DATA} ${PORTREV_H} ${PREFIX}/include/c-client .if !defined(WITHOUT_SSL) @${ECHO} "================================================================================" @${ECHO} "Warning: You have chosen to include SSL support. Applications/ports that use" @${ECHO} "the cclient library but do not support SSL may stop working or have problems @${ECHO} "linking. Linking them explicitly with ssl (-lssl -lcrypto) may or may not help." @${ECHO} "================================================================================" .endif .include Property changes on: head/mail/cclient/Makefile ___________________________________________________________________ Modified: cvs2svn:cvs-rev ## -1 +1 ## -1.25 \ No newline at end of property +1.26 \ No newline at end of property Index: head/mail/imap-uw/Makefile =================================================================== --- head/mail/imap-uw/Makefile (revision 81927) +++ head/mail/imap-uw/Makefile (revision 81928) @@ -1,113 +1,114 @@ # New ports collection makefile for: imap-uw # Date created: 9 Jan 1997 # Whom: pst # # $FreeBSD$ # PORTNAME= imap PORTVERSION= 2002c1 +PORTREVISION= 1 PORTEPOCH= 1 CATEGORIES= mail MASTER_SITES= ftp://ftp.cac.washington.edu/imap/%SUBDIR%/ \ ftp://ftp.nuug.no/pub/anders/distfiles/%SUBDIR%/ \ http://atreides.freenix.no/~anders/%SUBDIR%/ \ ftp://ftp.funet.fi/pub/mirrors/ftp.cac.washington.edu/mail/%SUBDIR%/ MASTER_SITE_SUBDIR= . old PKGNAMESUFFIX= -uw DISTNAME= imap-${PORTVERSION} EXTRACT_SUFX= .tar.Z MAINTAINER= anders@FreeBSD.org COMMENT= University of Washington IMAP4rev1/POP2/POP3 mail servers LIB_DEPENDS= c-client4.8:${PORTSDIR}/mail/cclient .if defined(WITH_DRAC) BUILD_DEPENDS= ${LOCALBASE}/lib/libdrac.a:${PORTSDIR}/mail/drac .endif WRKSRC= ${WRKDIR}/${DISTNAME} MAN1= dmail.1 mailutil.1 tmail.1 MAN8= ipopd.8 imapd.8 ALL_TARGET= bsf .if defined(WITHOUT_SSL) MAKE_ARGS+= SSLTYPE=none .else USE_OPENSSL= yes .if defined(WITH_SSL_AND_PLAINTEXT) MAKE_ARGS+= SSLTYPE=unix .else MAKE_ARGS+= SSLTYPE=unix.nopwd .endif .endif # Define this to get somewhat better interoperability with Netscape. .if defined(WITH_NETSCAPE_BRAIN_DAMAGE) MAKE_ARGS+= WITH_NETSCAPE_BRAIN_DAMAGE=yes .endif # Define this to get possibly better interoperability with Microsoft Entourage. .if defined(WITH_ENTOURAGE_BRAIN_DAMAGE) MAKE_ARGS+= WITH_ENTOURAGE_BRAIN_DAMAGE=yes .endif # See src/imapd/Makefile for more information about these three options. .include pre-build: @${SH} ${PKGREQ}.rev ${LOCALBASE}/include/c-client/portrevision.h ${PORTVERSION} .if !defined(WITHOUT_SSL) @${SH} ${PKGREQ}.ssl ${LOCALBASE}/include/c-client/portrevision.h yes .else @${SH} ${PKGREQ}.ssl ${LOCALBASE}/include/c-client/portrevision.h no .endif do-install: ${INSTALL_PROGRAM} ${WRKSRC}/imapd/imapd ${PREFIX}/libexec/ ${INSTALL_PROGRAM} ${WRKSRC}/ipopd/ipop2d ${PREFIX}/libexec/ ${INSTALL_PROGRAM} ${WRKSRC}/ipopd/ipop3d ${PREFIX}/libexec/ ${INSTALL} ${COPY} ${STRIP} -o ${BINOWN} -g mail -m 2711 \ ${WRKSRC}/mlock/mlock ${PREFIX}/libexec ${INSTALL_PROGRAM} ${WRKSRC}/mtest/mtest ${PREFIX}/bin/mboxtest ${INSTALL_MAN} \ ${WRKSRC}/src/imapd/imapd.8c ${PREFIX}/man/man8/imapd.8 ${INSTALL_MAN} \ ${WRKSRC}/src/ipopd/ipopd.8c ${PREFIX}/man/man8/ipopd.8 ${INSTALL_PROGRAM} ${WRKSRC}/dmail/dmail ${PREFIX}/bin/ ${INSTALL_PROGRAM} ${WRKSRC}/mailutil/mailutil ${PREFIX}/bin/ ${INSTALL_PROGRAM} ${WRKSRC}/tmail/tmail ${PREFIX}/bin/ ${INSTALL_MAN} ${WRKSRC}/src/dmail/dmail.1 ${PREFIX}/man/man1/ ${INSTALL_MAN} ${WRKSRC}/src/mailutil/mailutil.1 ${PREFIX}/man/man1/ ${INSTALL_MAN} ${WRKSRC}/src/tmail/tmail.1 ${PREFIX}/man/man1/ post-install: @${CAT} ${PKGMESSAGE} .if defined(WITH_DRAC) @${ECHO} "================================================================================" @${ECHO} "To have DRAC working, you must create ${PREFIX}/etc/dracd.host, containing" @${ECHO} "the hostname of the DRAC server:" @${ECHO} @${ECHO} "localhost" @${ECHO} "================================================================================" .endif .if !defined(WITHOUT_SSL) @${ECHO} @${ECHO} "To create and install a new SSL certificate for imapd and ipop3d, type \"make" @${ECHO} "cert\". Or install manually in ${PREFIX}/certs." @${ECHO} @${ECHO} "Example inetd config for SSL only services:" @${ECHO} @${ECHO} "pop3s stream tcp nowait root ${PREFIX}/libexec/ipop3d ipop3d" @${ECHO} "imaps stream tcp nowait root ${PREFIX}/libexec/imapd imapd" @${ECHO} "================================================================================" .endif cert: @${INSTALL} -d -o root -g wheel -m 0755 ${PREFIX}/certs @openssl req -new -x509 -days 365 -nodes -config ${FILESDIR}/imap-uw.cnf -out ${PREFIX}/certs/imapd.pem -keyout ${PREFIX}/certs/imapd.pem @openssl x509 -subject -dates -fingerprint -noout -in ${PREFIX}/certs/imapd.pem @${CHMOD} 700 ${PREFIX}/certs/imapd.pem @${LN} -s ${PREFIX}/certs/imapd.pem ${PREFIX}/certs/ipop3d.pem .include Property changes on: head/mail/imap-uw/Makefile ___________________________________________________________________ Modified: cvs2svn:cvs-rev ## -1 +1 ## -1.71 \ No newline at end of property +1.72 \ No newline at end of property Index: head/mail/imap-uw/files/patch-ah =================================================================== --- head/mail/imap-uw/files/patch-ah (revision 81927) +++ head/mail/imap-uw/files/patch-ah (revision 81928) @@ -1,122 +1,131 @@ --- src/ipopd/ipop3d.c.orig Fri Jan 17 18:17:58 2003 -+++ src/ipopd/ipop3d.c Mon May 19 22:18:28 2003 ++++ src/ipopd/ipop3d.c Mon Jun 2 02:47:10 2003 @@ -28,6 +28,11 @@ #include #include "c-client.h" +#ifdef DRAC_AUTH +#include +#include +#include +#endif /* DRAC_AUTH */ #define CRLF PSOUT ("\015\012") /* primary output terpri */ @@ -57,6 +62,12 @@ /* Global storage */ +#ifdef DRAC_AUTH +#define DRACTIMEOUT 10*60 /* check every 10 minutes */ +time_t lastdrac = 0; /* time of last drac check */ +extern char *getenv (); +#endif /* DRAC_AUTH */ + char *version = "2003.83"; /* server version */ short state = AUTHORIZATION; /* server state */ short critical = NIL; /* non-zero if in critical code */ @@ -88,7 +99,53 @@ int mbxopen (char *mailbox); long blat (char *text,long lines,unsigned long size); void rset (); - +#ifdef DRAC_AUTH +void drac_auth(); +#endif /* DRAC_AUTH */ + +#ifdef DRAC_AUTH +/* DRAC Authorization + */ +void drac_auth () +{ + if (time (0) > lastdrac + DRACTIMEOUT) + { + FILE *dracconf; + char host[100]; + char *drachost; + char *err; + char *p; + + if ( (dracconf = fopen(ETC_DIR "/dracd.host", "r")) == NULL) + { + syslog (LOG_INFO, "dracd: error opening %s/dracd.host config file",ETC_DIR); + exit(1); + } + + fgets(host, 100, dracconf); + p = strchr(host, '\n'); + if(p != NULL) + *p = '\0'; + fclose(dracconf); + + if( drachost = (host) ) + { + struct sockaddr_in sin; + int sinlen = sizeof (struct sockaddr_in); + char *client = getpeername (0,(struct sockaddr *) &sin,(void *) &sinlen) ? + "UNKNOWN" : inet_ntoa (sin.sin_addr); + + lastdrac = time(0); + + if (dracauth(drachost, inet_addr(client), &err) != 0) + syslog (LOG_INFO, err); + else + syslog (LOG_INFO, "dracd: authorized ip %s", client); + } + } +} +#endif /* DRAC_AUTH */ + /* Main program */ int main (int argc,char *argv[]) +@@ -101,7 +158,7 @@ + (((s = strrchr (argv[0],'/')) || (s = strrchr (argv[0],'\\'))) ? + s+1 : argv[0]) : "ipop3d"; + /* set service name before linkage */ +- mail_parameters (NIL,SET_SERVICENAME,(void *) "pop"); ++ mail_parameters (NIL,SET_SERVICENAME,(void *) "pop3"); + #include "linkage.c" + /* initialize server */ + server_init (pgmname,"pop3","pop3s",clkint,kodint,hupint,trmint); @@ -209,9 +266,13 @@ syslog (LOG_INFO,"AUTHENTICATE %s failure host=%.80s",s, tcp_clienthost ()); } - else if ((state = mbxopen ("INBOX")) == TRANSACTION) + else if ((state = mbxopen ("INBOX")) == TRANSACTION) { + #ifdef DRAC_AUTH + drac_auth(); + #endif /* DRAC_AUTH */ syslog (LOG_INFO,"Auth user=%.80s host=%.80s nmsgs=%ld/%ld", user,tcp_clienthost (),nmsgs,stream->nmsgs); + } else syslog (LOG_INFO,"Auth user=%.80s host=%.80s no mailbox", user,tcp_clienthost ()); } @@ -248,9 +309,13 @@ PSOUT ("-ERR Missing APOP argument\015\012"); else if (!(user = apop_login (challenge,s,t,argc,argv))) PSOUT ("-ERR Bad APOP\015\012"); - else if ((state = mbxopen ("INBOX")) == TRANSACTION) + else if ((state = mbxopen ("INBOX")) == TRANSACTION) { + #ifdef DRAC_AUTH + drac_auth(); + #endif /* DRAC_AUTH */ syslog (LOG_INFO,"APOP user=%.80s host=%.80s nmsgs=%ld/%ld", user,tcp_clienthost (),nmsgs,stream->nmsgs); + } else syslog (LOG_INFO,"APOP user=%.80s host=%.80s no mailbox", user,tcp_clienthost ()); } @@ -580,6 +645,9 @@ /* attempt the login */ if (server_login (user,pass,t,argc,argv)) { int ret = mbxopen ("INBOX"); + #ifdef DRAC_AUTH + drac_auth(); + #endif /* DRAC_AUTH */ if (ret == TRANSACTION) /* mailbox opened OK? */ syslog (LOG_INFO,"%sLogin user=%.80s host=%.80s nmsgs=%ld/%ld", t ? "Admin " : "",user,tcp_clienthost (),nmsgs,stream->nmsgs); Property changes on: head/mail/imap-uw/files/patch-ah ___________________________________________________________________ Modified: cvs2svn:cvs-rev ## -1 +1 ## -1.10 \ No newline at end of property +1.11 \ No newline at end of property Index: head/mail/imap-uw/pkg-message =================================================================== --- head/mail/imap-uw/pkg-message (revision 81927) +++ head/mail/imap-uw/pkg-message (revision 81928) @@ -1,28 +1,28 @@ The ipop2d, ipop3d, and imapd daemons should be invoked by your /etc/inetd.conf file with lines such as: pop2 stream tcp nowait root /usr/local/libexec/ipop2d ipop2d pop3 stream tcp nowait root /usr/local/libexec/ipop3d ipop3d imap4 stream tcp nowait root /usr/local/libexec/imapd imapd If PAM authentication support has been compiled in you will need to add something like the following lines to /etc/pam.conf (PAM authentication is default): imap auth required pam_unix.so -imap account required pam_unix.so try_first_pass -imap session required pam_deny.so +imap account required pam_unix.so +imap session required pam_unix.so pop3 auth required pam_unix.so -pop3 account required pam_unix.so try_first_pass -pop3 session required pam_deny.so +pop3 account required pam_unix.so +pop3 session required pam_unix.so The pam_unix module does not have session support, so we do not use it for session management. Be sure to read up on pam.conf(5). ===> NB: IMAP-UW now rejects non-encrypted logins by default. To change this ===> behaviour, recompile and reinstall cclient and imap-uw ports with one of ===> the following make variables defined: WITHOUT_SSL - build without SSL/encryption support. WITH_SSL_AND_PLAINTEXT - build with SSL/encryption support, but allow non-encrypted logins. Property changes on: head/mail/imap-uw/pkg-message ___________________________________________________________________ Modified: cvs2svn:cvs-rev ## -1 +1 ## -1.7 \ No newline at end of property +1.8 \ No newline at end of property