do i have to apply this patch:

http://www.mcmilk.de/qmail/dl/patche...tr_cpyb.c.diff

the str_cpyb.c patch?

if so..how would i do that exactly?

thanks

lenny

it looks like there were a few file i had to create:

file1: str_cpyb.c

#include "str.h"

unsigned int str_copyb(s,t,max)
register char *s;
register char *t;
unsigned int max;
{
register int len;

len = 0;
while (max-- > 0) {
if (!(*s = *t)) return len; ++s; ++t; ++len;
if (!(*s = *t)) return len; ++s; ++t; ++len;
if (!(*s = *t)) return len; ++s; ++t; ++len;
if (!(*s = *t)) return len; ++s; ++t; ++len;
}
return len;



file2: byte_cspn.c

#include "byte.h"

unsigned int byte_cspn(s,n,c)
register char *s;
register unsigned int n;
register char *c;
{
while(*c)
n = byte_chr(s,n,*c++);
return n;
}

file3: byte_rcspn.c

#include "byte.h"

unsigned int byte_rcspn(s,n,c)
register char *s;
register unsigned int n;
register char *c;
{
unsigned int ret,pos,i;

for(ret = n,pos = 0;*c;++c) {
i = byte_rchr(s + pos,n - pos,*c) + pos;
if (i < n) ret = pos = i;
}

return ret;
}


now when u run make setup check i get this error:

[root@baguh qmail-1.03]# make setup check
./load auto-str substdio.a error.a str.a
substdio.a(substdo.o)(.text+0x43): In function `allwrite':
: undefined reference to `errno'
collect2: ld returned 1 exit status
make: *** [auto-str] Error 1


any ideas

sorry about all the posts....now when u run make setup check i get this:

[root@baguh qmail-1.03]# make setup check
./compile qmail-smtpd.c
qmail-smtpd.c:255: error: redefinition of `err_child'
qmail-smtpd.c:133: error: `err_child' previously defined here
qmail-smtpd.c:256: error: redefinition of `err_fork'
qmail-smtpd.c:134: error: `err_fork' previously defined here
qmail-smtpd.c:257: error: redefinition of `err_pipe'
qmail-smtpd.c:135: error: `err_pipe' previously defined here
qmail-smtpd.c:258: error: redefinition of `err_write'
qmail-smtpd.c:136: error: `err_write' previously defined here
qmail-smtpd.c:259: error: redefinition of `err_authd'
qmail-smtpd.c:137: error: `err_authd' previously defined here
qmail-smtpd.c:260: error: redefinition of `err_authmail'
qmail-smtpd.c:138: error: `err_authmail' previously defined here
qmail-smtpd.c:261: error: redefinition of `err_noauth'
qmail-smtpd.c:139: error: `err_noauth' previously defined here
qmail-smtpd.c:262: error: redefinition of `err_authabrt'
qmail-smtpd.c:140: error: `err_authabrt' previously defined here
qmail-smtpd.c:263: error: redefinition of `err_input'
qmail-smtpd.c:141: error: `err_input' previously defined here
qmail-smtpd.c:358: error: redefinition of `mfcheck'
qmail-smtpd.c:339: error: `mfcheck' previously defined here
qmail-smtpd.c:384: error: redefinition of `err_child'
qmail-smtpd.c:255: error: `err_child' previously defined here
qmail-smtpd.c:385: error: redefinition of `err_fork'
qmail-smtpd.c:256: error: `err_fork' previously defined here
qmail-smtpd.c:386: error: redefinition of `err_pipe'
qmail-smtpd.c:257: error: `err_pipe' previously defined here
qmail-smtpd.c:387: error: redefinition of `err_write'
qmail-smtpd.c:258: error: `err_write' previously defined here
qmail-smtpd.c:388: error: redefinition of `err_authd'
qmail-smtpd.c:259: error: `err_authd' previously defined here
qmail-smtpd.c:389: error: redefinition of `err_authmail'
qmail-smtpd.c:260: error: `err_authmail' previously defined here
qmail-smtpd.c:390: error: redefinition of `err_noauth'
qmail-smtpd.c:261: error: `err_noauth' previously defined here
qmail-smtpd.c:391: error: redefinition of `err_authabrt'
qmail-smtpd.c:262: error: `err_authabrt' previously defined here
qmail-smtpd.c:392: error: redefinition of `err_input'
qmail-smtpd.c:263: error: `err_input' previously defined here
qmail-smtpd.c: In function `smtp_ehlo':
qmail-smtpd.c:424: error: `ssl' undeclared (first use in this function)
qmail-smtpd.c:424: error: (Each undeclared identifier is reported only once
qmail-smtpd.c:424: error: for each function it appears in.)
qmail-smtpd.c: At top level:
qmail-smtpd.c:704: error: redefinition of `spfreceived'
qmail-smtpd.c:685: error: `spfreceived' previously defined here
qmail-smtpd.c: In function `smtp_auth':
qmail-smtpd.c:1013: error: `ssl' undeclared (first use in this function)
qmail-smtpd.c: In function `main':
qmail-smtpd.c:1070: warning: return type of `main' is not `int'
qmail-smtpd.c: At top level:
qmail-smtpd.c:1103: error: redefinition of `checkrcptcount'
qmail-smtpd.c:1097: error: `checkrcptcount' previously defined here
make: *** [qmail-smtpd.o] Error 1


any ideas?

thanks.

Lenny

Ok, that helped a little.... now I can see that the --addr.len part should NOT be removed. It is supposed to be there. So if you removed it, you'll need to add it back and run make setup check again.

I am thinking this patch is really designed for the especially paranoid, or for those who are running big mail server. This patch (and many others) were created because their mail systems are so big that there are lots of things they don't want people doing to all of the kazillion users that use Yahoo mail.

I am thinking that for most small mail servers, this is not a huge problem. So if you are really having trouble with this patch, I wouldn't sweat it too much. There are probably other patches that are much more useful to have... like the qregex patch. You should search for this on the forums here. I've discusses it a few times with various people. qregex is nice because you can block bad helo uses, or you can block mail with "badmailto" control files. On top of all that, you can use regular expressions to block these things, so you can get as detailed as you need.

thanks for the info...any ideas on how to fix the last issue u was having? if not no biggie...

i went to http://www.arda.homeunix.net/store/qmail/ to check out the patches and im guessing its the first one:

http://www.arda.homeunix.net/store/q...20040725.patch


what would be the best way to install this new patch it and will i run into any issues installing this one since i didnt complete the other?

thanks,

Lenny

any ideas how to fix the following?

[lenny@baguh qmail-1.03]$ make setup check
./compile qmail-smtpd.c
qmail-smtpd.c: In function `smtp_ehlo':
qmail-smtpd.c:425: error: `ssl' undeclared (first use in this function)
qmail-smtpd.c:425: error: (Each undeclared identifier is reported only once
qmail-smtpd.c:425: error: for each function it appears in.)
qmail-smtpd.c: In function `smtp_auth':
qmail-smtpd.c:1036: error: `ssl' undeclared (first use in this function)
qmail-smtpd.c: In function `main':
qmail-smtpd.c:1095: warning: return type of `main' is not `int'
make: *** [qmail-smtpd.o] Error 1

the above is what i get when I type make setup check

any ideas

lenny

>> any ideas on how to fix the last issue u was having

Which one?

>> and im guessing its the first one:

Correct.

>> and will i run into any issues

You might. It may be better to get a brand new copy of qmail-smtpd.c and start over. I dont know if you had any other patches you were applying. Your distro says Fedora. In that case, you probalby applied the errno patch? You'd need to apply those patches over again.

I'd be careful about using the patch command. It is a good command, but as soon as you start applying patch after patch to the same file, pretty soon the patch command is unable to apply any further patches because your original file is so different from what the patch file expects the original file to look like.

One of the big problems right now is that I don't know what changes you've made when applying your patches and I don't know what patches you're trying to apply. If you want me to, I will be happy to help. Just let me know what patches you're trying to install and post your file (after you apply the patches) so I can double-check your work to be sure everything looks OK.

i was referring to the following issue... when i run make setup check i get this:

lenny@baguh qmail-1.03]$ make setup check
./compile qmail-smtpd.c
qmail-smtpd.c: In function `smtp_ehlo':
qmail-smtpd.c:425: error: `ssl' undeclared (first use in this function)
qmail-smtpd.c:425: error: (Each undeclared identifier is reported only once
qmail-smtpd.c:425: error: for each function it appears in.)
qmail-smtpd.c: In function `smtp_auth':
qmail-smtpd.c:1036: error: `ssl' undeclared (first use in this function)
qmail-smtpd.c: In function `main':
qmail-smtpd.c:1095: warning: return type of `main' is not `int'
make: *** [qmail-smtpd.o] Error 1


here is my current qmail-smtpd.c file:

#include "sig.h"
#include "readwrite.h"
#include "stralloc.h"
#include "substdio.h"
#include "alloc.h"
#include "auto_qmail.h"
#include "control.h"
#include "received.h"
#include "constmap.h"
#include "error.h"
#include "ipme.h"
#include "ip.h"
#include "qmail.h"
#include "str.h"
#include "fmt.h"
#include "scan.h"
#include "byte.h"
#include "case.h"
#include "env.h"
#include "now.h"
#include "exit.h"
#include "rcpthosts.h"
#ifndef TLS
#include "timeoutread.h"
#include "timeoutwrite.h"
#endif
#include "commands.h"
#include "wait.h"
#include "fd.h"
#include "dns.h"
#include "spf.h"

#ifdef TLS
//#include </usr/include/openssl/ssl.h>
#include <openssl/ssl.h>
SSL *ssl = NULL;

stralloc clientcert = {0};
stralloc tlsserverciphers = {0};
#endif

/* #define AUTHCRAM */
#define MAXHOPS 100
unsigned int databytes = 0;
unsigned int mfchk = 0;
int timeout = 1200;
int rcptcounter = 0;
int maxrcpt = -1;
unsigned int spfbehavior = 0;
int useauth = 0;
unsigned int essl = 0;

#ifdef TLS
int flagtimedout = 0;
void sigalrm()
{
flagtimedout = 1;
}

int ssl_timeoutread(timeout,fd,buf,n) int timeout; int fd; char *buf; int n;
{
int r; int saveerrno;
if (flagtimedout) { errno = error_timeout; return -1; }
alarm(timeout);
if (ssl) {
while(((r = SSL_read(ssl,buf,n)) <= 0)
&& (SSL_get_error(ssl, r) == SSL_ERROR_WANT_READ));
}else r = read(fd,buf,n);
saveerrno = errno;
alarm(0);
if (flagtimedout) { errno = error_timeout; return -1; }
errno = saveerrno;
return r;
}

int ssl_timeoutwrite(timeout,fd,buf,n) int timeout; int fd; char *buf; int n;
{
int r; int saveerrno;
if (flagtimedout) { errno = error_timeout; return -1; }
alarm(timeout);
if (ssl) {
while(((r = SSL_write(ssl,buf,n)) <= 0)
&& (SSL_get_error(ssl, r) == SSL_ERROR_WANT_WRITE));
}else r = write(fd,buf,n);
saveerrno = errno;
alarm(0);
if (flagtimedout) { errno = error_timeout; return -1; }
errno = saveerrno;
return r;
}
#endif

int safewrite(fd,buf,len) int fd; char *buf; int len;
{
int r;
#ifdef TLS
r = ssl_timeoutwrite(timeout,fd,buf,len);
#else
r = timeoutwrite(timeout,fd,buf,len);
#endif
if (r <= 0) _exit(1);
return r;
}

char ssoutbuf[512];
substdio ssout = SUBSTDIO_FDBUF(safewrite,1,ssoutbuf,sizeof ssoutbuf);

void flush() { substdio_flush(&ssout); }
void out(s) char *s; { substdio_puts(&ssout,s); }

void die_read() { _exit(1); }
void die_alarm() { out("451 timeout (#4.4.2)\r\n"); flush(); _exit(1); }
void die_nomem() { out("421 out of memory (#4.3.0)\r\n"); flush(); _exit(1); }
void die_control() { out("421 unable to read controls (#4.3.0)\r\n"); flush(); _exit(1); }
void die_ipme() { out("421 unable to figure out my IP addresses (#4.3.0)\r\n"); flush(); _exit(1); }
void straynewline() { out("451 See http://pobox.com/~djb/docs/smtplf.html.\r\n"); flush(); _exit(1); }

void err_bmf() { out("553 sorry, your envelope sender is in my badmailfrom list (#5.7.1)\r\n"); }
void err_hmf() { out("553 sorry, your envelope sender domain must exist (#5.7.1)\r\n"); }
void err_smf() { out("451 DNS temporary failure (#4.3.0)\r\n"); }
void err_nogateway() { out("553 sorry, that domain isn't in my list of allowed rcpthosts (#5.7.1)\r\n"); }
#ifdef TLS
void err_nogwcert() { out("553 no valid cert for gatewaying (#5.7.1)\r\n"); }
#endif
void err_unimpl() { out("502 unimplemented (#5.5.1)\r\n"); }
void err_syntax() { out("555 syntax error (#5.5.4)\r\n"); }
void err_relay() { out("553 we don't relay (#5.7.1)\r\n"); }
void err_wantmail() { out("503 MAIL first (#5.5.1)\r\n"); }
void err_wantrcpt() { out("503 RCPT first (#5.5.1)\r\n"); }
void err_noop() { out("250 ok\r\n"); }
void err_vrfy() { out("252 send some mail, i'll try my best\r\n"); }
void err_qqt() { out("451 qqt failure (#4.3.0)\r\n"); }

int err_child() { out("454 oops, problem with child and I can't auth (#4.3.0)\r\n"); return -1; }
int err_fork() { out("454 oops, child won't start and I can't auth (#4.3.0)\r\n"); return -1; }
int err_pipe() { out("454 oops, unable to open pipe and I can't auth (#4.3.0)\r\n"); return -1; }
int err_write() { out("454 oops, unable to write pipe and I can't auth (#4.3.0)\r\n"); return -1; }
void err_authd() { out("503 you're already authenticated (#5.5.0)\r\n"); }
void err_authmail() { out("503 no auth during mail transaction (#5.5.0)\r\n"); }
int err_noauth() { out("504 auth type unimplemented (#5.5.1)\r\n"); return -1; }
int err_authabrt() { out("501 auth exchange cancelled (#5.0.0)\r\n"); return -1; }
int err_input() { out("501 malformed auth input (#5.5.4)\r\n"); return -1; }

stralloc greeting = {0};
stralloc spflocal = {0};
stralloc spfguess = {0};
stralloc spfexp = {0};

void smtp_greet(code) char *code;
{
substdio_puts(&ssout,code);
substdio_put(&ssout,greeting.s,greeting.len);
}
void smtp_help()
{
out("214 qmail home page: http://pobox.com/~djb/qmail.html\r\n");
}
void smtp_quit()
{
smtp_greet("221 "); out("\r\n"); flush(); _exit(0);
}

char *remoteip;
char *remotehost;
char *remoteinfo;
char *local;
char *relayclient;
#ifdef TLS
char *tlsciphers;
#endif

stralloc helohost = {0};
char *fakehelo; /* pointer into helohost, or 0 */

void dohelo(arg) char *arg; {
if (!stralloc_copys(&helohost,arg)) die_nomem();
if (!stralloc_0(&helohost)) die_nomem();
fakehelo = case_diffs(remotehost,helohost.s) ? helohost.s : 0;
}

int liphostok = 0;
stralloc liphost = {0};
int bmfok = 0;
stralloc bmf = {0};
struct constmap mapbmf;

void setup()
{
char *x;
unsigned long u;
#ifdef TLS
char *tlsciphers;
#endif

if (control_init() == -1) die_control();
if (control_rldef(&greeting,"control/smtpgreeting",1,(char *) 0) != 1)
die_control();
liphostok = control_rldef(&liphost,"control/localiphost",1,(char *) 0);
if (liphostok == -1) die_control();
if (control_readint(&timeout,"control/timeoutsmtpd") == -1) die_control();
if (timeout <= 0) timeout = 1;
if (control_readint(&maxrcpt,"control/maxrcpt") == -1) die_control();

if (rcpthosts_init() == -1) die_control();

if (control_readint(&mfchk,"control/mfcheck") == -1) die_control();
x = env_get("MFCHECK");
if (x) { scan_ulong(x,&u); mfchk = u; }

bmfok = control_readfile(&bmf,"control/badmailfrom",0);
if (bmfok == -1) die_control();
if (bmfok)
if (!constmap_init(&mapbmf,bmf.s,bmf.len,0)) die_nomem();

if (control_readint(&databytes,"control/databytes") == -1) die_control();
x = env_get("DATABYTES");
if (x) { scan_ulong(x,&u); databytes = u; }
if (!(databytes + 1)) --databytes;

if (control_readint(&spfbehavior,"control/spfbehavior") == -1)
die_control();
x = env_get("SPFBEHAVIOR");
if (x) { scan_ulong(x,&u); spfbehavior = u; }

if (control_readline(&spflocal,"control/spfrules") == -1) die_control();
if (spflocal.len && !stralloc_0(&spflocal)) die_nomem();
if (control_readline(&spfguess,"control/spfguess") == -1) die_control();
if (spfguess.len && !stralloc_0(&spfguess)) die_nomem();
if (control_rldef(&spfexp,"control/spfexp",0,SPF_DEFEXP) == -1)
die_control();
if (!stralloc_0(&spfexp)) die_nomem();

remoteip = env_get("TCPREMOTEIP");
if (!remoteip) remoteip = "unknown";
local = env_get("TCPLOCALHOST");
if (!local) local = env_get("TCPLOCALIP");
if (!local) local = "unknown";
remotehost = env_get("TCPREMOTEHOST");
if (!remotehost) remotehost = "unknown";
remoteinfo = env_get("TCPREMOTEINFO");
relayclient = env_get("RELAYCLIENT");
#ifdef TLS
if (tlsciphers = env_get("TLSCIPHERS")){
if (!stralloc_copys(&tlsserverciphers,tlsciphers)) die_nomem();
}
else {
if (control_rldef(&tlsserverciphers,"control/tlsserverciphers",0,"DEFAULT") != 1)
die_control();
}
if (!stralloc_0(&tlsserverciphers)) die_nomem();
#endif

dohelo(remotehost);
}

//int err_child() { out("454 oops, problem with child and I can't auth (#4.3.0)\r\n"); return -1; }
//int err_fork() { out("454 oops, child won't start and I can't auth (#4.3.0)\r\n"); return -1; }
//int err_pipe() { out("454 oops, unable to open pipe and I can't auth (#4.3.0)\r\n"); return -1; }
//int err_write() { out("454 oops, unable to write pipe and I can't auth (#4.3.0)\r\n"); return -1; }
//void err_authd() { out("503 you're already authenticated (#5.5.0)\r\n"); }
//void err_authmail() { out("503 no auth during mail transaction (#5.5.0)\r\n"); }
//int err_noauth() { out("504 auth type unimplemented (#5.5.1)\r\n"); return -1; }
//int err_authabrt() { out("501 auth exchange cancelled (#5.0.0)\r\n"); return -1; }
//int err_input() { out("501 malformed auth input (#5.5.4)\r\n"); return -1; }

stralloc addr = {0}; /* will be 0-terminated, if addrparse returns 1 */

int addrparse(arg)
char *arg;
{
int i;
char ch;
char terminator;
struct ip_address ip;
int flagesc;
int flagquoted;

terminator = '>';
i = str_chr(arg,'<');
if (arg[i])
arg += i + 1;
else { /* partner should go read rfc 821 */
terminator = ' ';
arg += str_chr(arg,':');
if (*arg == ':') ++arg;
while (*arg == ' ') ++arg;
}

/* strip source route */
if (*arg == '@') while (*arg) if (*arg++ == ':') break;

if (!stralloc_copys(&addr,"")) die_nomem();
flagesc = 0;
flagquoted = 0;
for (i = 0;ch = arg[i];++i) { /* copy arg to addr, stripping quotes */
if (flagesc) {
if (!stralloc_append(&addr,&ch)) die_nomem();
flagesc = 0;
}
else {
if (!flagquoted && (ch == terminator)) break;
switch(ch) {
case '\\': flagesc = 1; break;
case '"': flagquoted = !flagquoted; break;
default: if (!stralloc_append(&addr,&ch)) die_nomem();
}
}
}
/* could check for termination failure here, but why bother? */
if (!stralloc_append(&addr,"")) die_nomem();

if (liphostok) {
i = byte_rchr(addr.s,addr.len,'@');
if (i < addr.len) /* if not, partner should go read rfc 821 */
if (addr.s[i + 1] == '[')
if (!addr.s[i + 1 + ip_scanbracket(addr.s + i + 1,&ip)])
if (ipme_is(&ip)) {
addr.len = i + 1;
if (!stralloc_cat(&addr,&liphost)) die_nomem();
if (!stralloc_0(&addr)) die_nomem();
}
}

if (addr.len > 900) return 0;
return 1;
}

int bmfcheck()
{
int j;
if (!bmfok) return 0;
if (constmap(&mapbmf,addr.s,addr.len - 1)) return 1;
j = byte_rchr(addr.s,addr.len,'@');
if (j < addr.len)
if (constmap(&mapbmf,addr.s + j,addr.len - j - 1)) return 1;
return 0;
}

int mfcheck()
{
stralloc sa = {0};
ipalloc ia = {0};
unsigned int random;
int j;

if (!mfchk) return 0;
random = now() + (getpid() << 16);
j = byte_rchr(addr.s,addr.len,'@') + 1;
if (j < addr.len) {
stralloc_copys(&sa, addr.s + j);
dns_init(0);
j = dns_mxip(&ia,&sa,random);
if (j < 0) return j;
}
return 0;
}

//int mfcheck()
//{
// stralloc sa = {0};
// ipalloc ia = {0};
// unsigned int random;
// int j;
//
// if (!mfchk) return 0;
// random = now() + (getpid() << 16);
// j = byte_rchr(addr.s,addr.len,'@') + 1;
// if (j < addr.len) {
// stralloc_copys(&sa, addr.s + j);
// dns_init(0);
// j = dns_mxip(&ia,&sa,random);
// if (j < 0) return j;
// }
// return 0;
//}

int addrallowed()
{
int r;
r = rcpthosts(addr.s,str_len(addr.s));
if (r == -1) die_control();
return r;
}

//int err_child() { out("454 oops, problem with child and I can't auth (#4.3.0)\r\n"); return -1; }
//int err_fork() { out("454 oops, child won't start and I can't auth (#4.3.0)\r\n"); return -1; }
//int err_pipe() { out("454 oops, unable to open pipe and I can't auth (#4.3.0)\r\n"); return -1; }
//int err_write() { out("454 oops, unable to write pipe and I can't auth (#4.3.0)\r\n"); return -1; }
//void err_authd() { out("503 you're already authenticated (#5.5.0)\r\n"); }
//void err_authmail() { out("503 no auth during mail transaction (#5.5.0)\r\n"); }
//int err_noauth() { out("504 auth type unimplemented (#5.5.1)\r\n"); return -1; }
//int err_authabrt() { out("501 auth exchange cancelled (#5.0.0)\r\n"); return -1; }
//int err_input() { out("501 malformed auth input (#5.5.4)\r\n"); return -1; }

int addrrelay()
{
int j;
j = addr.len;
while(--j >= 0)
if (addr.s[j] == '@') break;
if (j < 0) j = addr.len;
while(--j >= 0) {
if (addr.s[j] == '@') return 1;
if (addr.s[j] == '%') return 1;
if (addr.s[j] == '!') return 1;
}
return 0;
}

int seenmail = 0;
int flagbarf; /* defined if seenmail */
int flagbarfspf;
stralloc spfbarfmsg = {0};
stralloc mailfrom = {0};
stralloc rcptto = {0};

void smtp_helo(arg) char *arg;
{
smtp_greet("250 "); out("\r\n");
seenmail = 0; dohelo(arg);
}
void smtp_ehlo(arg) char *arg;
{
smtp_greet("250-");
if ( useauth && ( ssl || essl ) )
{
#ifdef AUTHCRAM
out("\r\n250-AUTH LOGIN CRAM-MD5 PLAIN");
out("\r\n250-AUTH=LOGIN CRAM-MD5 PLAIN");
#else
out("\r\n250-AUTH LOGIN PLAIN");
out("\r\n250-AUTH=LOGIN PLAIN");
#endif
}

//void smtp_ehlo(arg) char *arg;
//{
// smtp_greet("250-");
// if ( useauth && ( ssl || essl || !forcetls ) )
// {
//#ifdef AUTHCRAM
// if( !ssl )
// {
// out("\r\n250-AUTH LOGIN CRAM-MD5 PLAIN");
// out("\r\n250-AUTH=LOGIN CRAM-MD5 PLAIN");
// }
// else
// {
// out("\r\n250-AUTH LOGIN PLAIN");
// out("\r\n250-AUTH=LOGIN PLAIN");
////////////////// }
//#else
// out("\r\n250-AUTH LOGIN PLAIN");
// out("\r\n250-AUTH=LOGIN PLAIN");
//#endif
// }
#ifdef TLS
if (!ssl) out("\r\n250-STARTTLS");
#endif
out("\r\n250-PIPELINING\r\n250 8BITMIME\r\n");
seenmail = 0; dohelo(arg);
}
void smtp_rset()
{
seenmail = 0;
out("250 flushed\r\n");
}
void smtp_mail(arg) char *arg;
{
int r;
rcptcounter = 0 ;
if (!addrparse(arg)) { err_syntax(); return; }
flagbarf = bmfcheck();
switch(mfcheck()) {
case DNS_HARD: err_hmf(); return;
case DNS_SOFT: err_smf(); return;
case DNS_MEM: die_nomem();
}
flagbarfspf = 0;
if (spfbehavior && !relayclient)
{
switch (r = spfcheck())
{
case SPF_OK: env_put2("SPFRESULT","pass"); break;
case SPF_NONE: env_put2("SPFRESULT","none"); break;
case SPF_UNKNOWN: env_put2("SPFRESULT","unknown"); break;
case SPF_NEUTRAL: env_put2("SPFRESULT","neutral"); break;
case SPF_SOFTFAIL: env_put2("SPFRESULT","softfail"); break;
case SPF_FAIL: env_put2("SPFRESULT","fail"); break;
case SPF_ERROR: env_put2("SPFRESULT","error"); break;
}
switch (r)
{
case SPF_NOMEM:
die_nomem();
case SPF_ERROR:
if (spfbehavior < 2) break ;
out ("451 SPF lookup failure (#4.3.0)\r\n");
return;
case SPF_NONE:
case SPF_UNKNOWN:
if (spfbehavior < 6) break ;
case SPF_NEUTRAL:
if (spfbehavior < 5) break ;
case SPF_SOFTFAIL:
if (spfbehavior < 4) break ;
case SPF_FAIL:
if (spfbehavior < 3) break ;
if (!spfexplanation(&spfbarfmsg)) die_nomem();
if (!stralloc_0(&spfbarfmsg)) die_nomem();
flagbarfspf = 1;
}
}
else
env_unset("SPFRESULT");
seenmail = 1;
if (!stralloc_copys(&rcptto,"")) die_nomem();
if (!stralloc_copys(&mailfrom,addr.s)) die_nomem();
if (!stralloc_0(&mailfrom)) die_nomem();
out("250 ok\r\n");
}

void err_spf()
{
int i,j;

for( i=0 ; i < spfbarfmsg.len ; i=j+1 ) {
j = byte_chr(spfbarfmsg.s + i,spfbarfmsg.len - i, '\n') + i;
if (j < spfbarfmsg.len){
out("550-");
spfbarfmsg.s[j] = 0;
out(spfbarfmsg.s);
spfbarfmsg.s[j] = '\n';
} else {
out("550 ");
out(spfbarfmsg.s);
out(" (#5.7.1)\r\n");
}
}
}



i couldnt fit the whole file so im pasting it on the next post.....

any ideas?

Lenny

qmail-smtpd.c continued:

#ifdef TLS
static int verify_cb(int ok, X509_STORE_CTX * ctx)
{
return(1);
}
#endif

void smtp_rcpt(arg) char *arg; {
rcptcounter++;
if (!seenmail) { err_wantmail(); return; }
if (checkrcptcount() == 1) { err_syntax(); return; }
if (!addrparse(arg)) { err_syntax(); return; }
if (addrrelay()) { err_relay(); return; }
if (flagbarf) { err_bmf(); return; }
if (flagbarfspf) { err_spf(); return; }
if (relayclient) {
--addr.len;
if (!stralloc_cats(&addr,relayclient)) die_nomem();
if (!stralloc_0(&addr)) die_nomem();
}
else
#ifndef TLS
if (!addrallowed()) { err_nogateway(); return; }
#else
if (!addrallowed())
{
if (ssl)
{ STACK_OF(X509_NAME) *sk;
X509 *peercert;
stralloc tlsclients = {0};
struct constmap maptlsclients;
int r;

SSL_set_verify(ssl,
SSL_VERIFY_PEER|SSL_VERIFY_CLIENT_ONCE,
verify_cb);
if ((sk = SSL_load_client_CA_file("control/clientca.pem")) == NULL)
{ err_nogateway(); return; }
SSL_set_client_CA_list(ssl, sk);
if((control_readfile(&tlsclients,"control/tlsclients",0) != 1) ||
!constmap_init(&maptlsclients,tlsclients.s,tlsclients.len,0))
{ err_nogateway(); return; }

SSL_renegotiate(ssl);
SSL_do_handshake(ssl);
ssl->state = SSL_ST_ACCEPT;
SSL_do_handshake(ssl);
if ((r = SSL_get_verify_result(ssl)) != X509_V_OK)
{out("553 no valid cert for gatewaying: ");
out(X509_verify_cert_error_string(r));
out(" (#5.7.1)\r\n");
return;
}

if (peercert = SSL_get_peer_certificate(ssl))
{char emailAddress[256];

X509_NAME_get_text_by_NID(X509_get_subject_name(
SSL_get_peer_certificate(ssl)),
NID_pkcs9_emailAddress, emailAddress, 256); if (!stralloc_copys(&clientcert, emailAddress)) die_nomem();
if (!constmap(&maptlsclients,clientcert.s,clientcert.len))
{ err_nogwcert(); return; }
relayclient = "";
}
else { err_nogwcert(); return; }
}
else { err_nogateway(); return; }
}
#endif
if (!stralloc_cats(&rcptto,"T")) die_nomem();
if (!stralloc_cats(&rcptto,addr.s)) die_nomem();
if (!stralloc_0(&rcptto)) die_nomem();
out("250 ok\r\n");
}

int saferead(fd,buf,len) int fd; char *buf; int len;
{
int r;
flush();
#ifdef TLS
r = ssl_timeoutread(timeout,fd,buf,len);
#else
r = timeoutread(timeout,fd,buf,len);
#endif
if (r == -1) if (errno == error_timeout) die_alarm();
if (r <= 0) die_read();
return r;
}

char ssinbuf[1024];
substdio ssin = SUBSTDIO_FDBUF(saferead,0,ssinbuf,sizeof ssinbuf);

struct qmail qqt;
unsigned int bytestooverflow = 0;

void put(ch)
char *ch;
{
if (bytestooverflow)
if (!--bytestooverflow)
qmail_fail(&qqt);
qmail_put(&qqt,ch,1);
}

void blast(hops)
int *hops;
{
char ch;
int state;
int flaginheader;
int pos; /* number of bytes since most recent \n, if fih */
int flagmaybex; /* 1 if this line might match RECEIVED, if fih */
int flagmaybey; /* 1 if this line might match \r\n, if fih */
int flagmaybez; /* 1 if this line might match DELIVERED, if fih */

state = 1;
*hops = 0;
flaginheader = 1;
pos = 0; flagmaybex = flagmaybey = flagmaybez = 1;
for (; {
substdio_get(&ssin,&ch,1);
if (flaginheader) {
if (pos < 9) {
if (ch != "delivered"[pos]) if (ch != "DELIVERED"[pos]) flagmaybez = 0;
if (flagmaybez) if (pos == 8) ++*hops;
if (pos < 8)
if (ch != "received"[pos]) if (ch != "RECEIVED"[pos]) flagmaybex = 0;
if (flagmaybex) if (pos == 7) ++*hops;
if (pos < 2) if (ch != "\r\n"[pos]) flagmaybey = 0;
if (flagmaybey) if (pos == 1) flaginheader = 0;
}
++pos;
if (ch == '\n') { pos = 0; flagmaybex = flagmaybey = flagmaybez = 1; }
}
switch(state) {
case 0:
if (ch == '\n') straynewline();
if (ch == '\r') { state = 4; continue; }
break;
case 1: /* \r\n */
if (ch == '\n') straynewline();
if (ch == '.') { state = 2; continue; }
if (ch == '\r') { state = 4; continue; }
state = 0;
break;
case 2: /* \r\n + . */
if (ch == '\n') straynewline();
if (ch == '\r') { state = 3; continue; }
state = 0;
break;
case 3: /* \r\n + .\r */
if (ch == '\n') return;
put(".");
put("\r");
if (ch == '\r') { state = 4; continue; }
state = 0;
break;
case 4: /* + \r */
if (ch == '\n') { state = 1; break; }
if (ch != '\r') { put("\r"); state = 0; }
}
put(&ch);
}
}

void spfreceived()
{
stralloc sa = {0};
stralloc rcvd_spf = {0};

if (!spfbehavior || relayclient) return;

if (!stralloc_copys(&rcvd_spf, "Received-SPF: ")) die_nomem();
if (!spfinfo(&sa)) die_nomem();
if (!stralloc_cat(&rcvd_spf, &sa)) die_nomem();
if (!stralloc_append(&rcvd_spf, "\n")) die_nomem();
if (bytestooverflow) {
bytestooverflow -= rcvd_spf.len;
if (bytestooverflow <= 0) qmail_fail(&qqt);
}
qmail_put(&qqt,rcvd_spf.s,rcvd_spf.len);
}


//void spfreceived()
//{
// stralloc sa = {0};
// stralloc rcvd_spf = {0};
//
// if (!spfbehavior || relayclient) return;
//
// if (!stralloc_copys(&rcvd_spf, "Received-SPF: ")) die_nomem();
// if (!spfinfo(&sa)) die_nomem();
// if (!stralloc_cat(&rcvd_spf, &sa)) die_nomem();
// if (!stralloc_append(&rcvd_spf, "\n")) die_nomem();
// if (bytestooverflow) {
// bytestooverflow -= rcvd_spf.len;
// if (bytestooverflow <= 0) qmail_fail(&qqt);
// }
// qmail_put(&qqt,rcvd_spf.s,rcvd_spf.len);
//}


char accept_buf[FMT_ULONG];
void acceptmessage(qp) unsigned long qp;
{
datetime_sec when;
when = now();
out("250 ok ");
accept_buf[fmt_ulong(accept_buf,(unsigned long) when)] = 0;
out(accept_buf);
out(" qp ");
accept_buf[fmt_ulong(accept_buf,qp)] = 0;
out(accept_buf);
out("\r\n");
}

void smtp_data() {
int hops;
unsigned long qp;
char *qqx;
#ifdef TLS
stralloc protocolinfo = {0};
#endif

if (!seenmail) { err_wantmail(); return; }
if (!rcptto.len) { err_wantrcpt(); return; }
seenmail = 0;
if (databytes) bytestooverflow = databytes + 1;
if (qmail_open(&qqt) == -1) { err_qqt(); return; }
qp = qmail_qp(&qqt);
out("354 go ahead\r\n");

#ifdef TLS
if(ssl){
if (!stralloc_copys(&protocolinfo, SSL_CIPHER_get_name(SSL_get_current_cipher(ssl)))) die_nomem();
if (!stralloc_catb(&protocolinfo, " encrypted SMTP", 15)) die_nomem();
if (clientcert.len){
if (!stralloc_catb(&protocolinfo," cert ", 6)) die_nomem();
if (!stralloc_catb(&protocolinfo,clientcert.s, clientcert.len)) die_nomem();
}
if (!stralloc_0(&protocolinfo)) die_nomem();
} else if (!stralloc_copyb(&protocolinfo,"SMTP",5)) die_nomem();
received(&qqt,protocolinfo.s,local,remoteip,remotehost,remoteinfo,case_diffs(remotehost,helohost.s) ? helohost.s : 0);
#else
received(&qqt,"SMTP",local,remoteip,remotehost,remoteinfo,fakehelo);
#endif

spfreceived();
blast(&hops);
hops = (hops >= MAXHOPS);
if (hops) qmail_fail(&qqt);
qmail_from(&qqt,mailfrom.s);
qmail_put(&qqt,rcptto.s,rcptto.len);

qqx = qmail_close(&qqt);
if (!*qqx) { acceptmessage(qp); return; }
if (hops) { out("554 too many hops, this message is looping (#5.4.6)\r\n"); return; }
if (databytes) if (!bytestooverflow) { out("552 sorry, that message size exceeds my databytes limit (#5.3.4)\r\n"); return; }
if (*qqx == 'I') out("250 ok "); else if (*qqx == 'D') out("554 "); else out("451 ");
out(qqx + 1);
out("\r\n");
}
#ifdef TLS
static RSA *tmp_rsa_cb(ssl,export,keylength) SSL *ssl; int export; int keylength;
{
RSA* rsa;
BIO* in;

if (!export || keylength == 512)
if (in=BIO_new(BIO_s_file_internal()))
if (BIO_read_filename(in,"control/rsa512.pem") > 0)
if (rsa=PEM_read_bio_RSAPrivateKey(in,NULL,NULL,NULL))
return rsa;
return (RSA_generate_key(export?keylength:512,RSA_F4,NULL,NULL));
}

void smtp_tls(arg) char *arg;
{
SSL_CTX *ctx;

if (*arg)
{out("501 Syntax error (no parameters allowed) (#5.5.4)\r\n");
return;}

SSL_library_init();
if(!(ctx=SSL_CTX_new(SSLv23_server_method())))
{out("454 TLS not available: unable to initialize ctx (#4.3.0)\r\n");
return;}
if(!SSL_CTX_use_RSAPrivateKey_file(ctx, "control/servercert.pem", SSL_FILETYPE_PEM))
{out("454 TLS not available: missing RSA private key (#4.3.0)\r\n");
return;}
if(!SSL_CTX_use_certificate_chain_file(ctx, "control/servercert.pem"))
{out("454 TLS not available: missing certificate (#4.3.0)\r\n");
return;}
SSL_CTX_set_tmp_rsa_callback(ctx, tmp_rsa_cb);
SSL_CTX_set_cipher_list(ctx,tlsserverciphers.s);
SSL_CTX_load_verify_locations(ctx, "control/clientca.pem",NULL);
SSL_CTX_set_verify(ctx, SSL_VERIFY_NONE, verify_cb);

out("220 ready for tls\r\n"); flush();

if(!(ssl=SSL_new(ctx))) die_read();
SSL_set_fd(ssl,0);
if(SSL_accept(ssl)<=0) die_read();
substdio_fdbuf(&ssout,SSL_write,ssl,ssoutbuf,sizeof(ssoutbuf));

remotehost = env_get("TCPREMOTEHOST");
if (!remotehost) remotehost = "unknown";
dohelo(remotehost);
}
#endif


char unique[FMT_ULONG + FMT_ULONG + 3];
static stralloc authin = {0};
static stralloc user = {0};
static stralloc pass = {0};
static stralloc resp = {0};
static stralloc slop = {0};
char *hostname;
char **childargs;
substdio ssup;
char upbuf[128];
int authd = 0;

int authgetl(void) {
int i;

if (!stralloc_copys(&authin, "")) die_nomem();

for (; {
if (!stralloc_readyplus(&authin,1)) die_nomem(); /* XXX */
i = substdio_get(&ssin,authin.s + authin.len,1);
if (i != 1) die_read();
if (authin.s[authin.len] == '\n') break;
++authin.len;
}

if (authin.len > 0) if (authin.s[authin.len - 1] == '\r') --authin.len;
authin.s[authin.len] = 0;

if (*authin.s == '*' && *(authin.s + 1) == 0) { return err_authabrt(); }
if (authin.len == 0) { return err_input(); }
return authin.len;
}

int authenticate(void)
{
int child;
int wstat;
int pi[2];

if (!stralloc_0(&user)) die_nomem();
if (!stralloc_0(&pass)) die_nomem();
if (!stralloc_0(&resp)) die_nomem();

if (fd_copy(2,1) == -1) return err_pipe();
close(3);
if (pipe(pi) == -1) return err_pipe();
if (pi[0] != 3) return err_pipe();
switch(child = fork()) {
case -1:
return err_fork();
case 0:
close(pi[1]);
sig_pipedefault();
execvp(*childargs, childargs);
_exit(1);
}
close(pi[0]);

substdio_fdbuf(&ssup,write,pi[1],upbuf,sizeof upbuf);
if (substdio_put(&ssup,user.s,user.len) == -1) return err_write();
if (substdio_put(&ssup,pass.s,pass.len) == -1) return err_write();
if (substdio_put(&ssup,resp.s,resp.len) == -1) return err_write();
if (substdio_flush(&ssup) == -1) return err_write();

close(pi[1]);
byte_zero(pass.s,pass.len);
byte_zero(upbuf,sizeof upbuf);
if (wait_pid(&wstat,child) == -1) return err_child();
if (wait_crashed(wstat)) return err_child();
if (wait_exitcode(wstat)) { sleep(5); return 1; } /* no */
return 0; /* yes */
}

int auth_login(arg) char *arg;
{
int r;

if (*arg) {
if (r = b64decode(arg,str_len(arg),&user) == 1) return err_input();
}
else {
out("334 VXNlcm5hbWU6\r\n"); flush(); /* Username: */
if (authgetl() < 0) return -1;
if (r = b64decode(authin.s,authin.len,&user) == 1) return err_input();
}
if (r == -1) die_nomem();

out("334 UGFzc3dvcmQ6\r\n"); flush(); /* Password: */

if (authgetl() < 0) return -1;
if (r = b64decode(authin.s,authin.len,&pass) == 1) return err_input();
if (r == -1) die_nomem();

if (!user.len || !pass.len) return err_input();
return authenticate();
}

int auth_plain(arg) char *arg;
{
int r, id = 0;

if (*arg) {
if (r = b64decode(arg,str_len(arg),&slop) == 1) return err_input();
}
else {
out("334 \r\n"); flush();
if (authgetl() < 0) return -1;
if (r = b64decode(authin.s,authin.len,&slop) == 1) return err_input();
}
if (r == -1 || !stralloc_0(&slop)) die_nomem();
while (slop.s[id]) id++; /* ignore authorize-id */

if (slop.len > id + 1)
if (!stralloc_copys(&user,slop.s + id + 1)) die_nomem();
if (slop.len > id + user.len + 2)
if (!stralloc_copys(&pass,slop.s + id + user.len + 2)) die_nomem();

if (!user.len || !pass.len) return err_input();
return authenticate();
}

#ifdef AUTHCRAM
int auth_cram()
{
int i, r;
char *s;

s = unique;
s += fmt_uint(s,getpid());
*s++ = '.';
s += fmt_ulong(s,(unsigned long) now());
*s++ = '@';
*s++ = 0;

if (!stralloc_copys(&pass,"<")) die_nomem();
if (!stralloc_cats(&pass,unique)) die_nomem();
if (!stralloc_cats(&pass,hostname)) die_nomem();
if (!stralloc_cats(&pass,">")) die_nomem();
if (b64encode(&pass,&slop) < 0) die_nomem();
if (!stralloc_0(&slop)) die_nomem();

out("334 ");
out(slop.s);
out("\r\n");
flush();

if (authgetl() < 0) return -1;
if (r = b64decode(authin.s,authin.len,&slop) == 1) return err_input();
if (r == -1 || !stralloc_0(&slop)) die_nomem();

i = str_chr(slop.s,' ');
s = slop.s + i;
while (*s == ' ') ++s;
slop.s[i] = 0;
if (!stralloc_copys(&user,slop.s)) die_nomem();
if (!stralloc_copys(&resp,s)) die_nomem();

if (!user.len || !resp.len) return err_input();
return authenticate();
}
#endif

struct authcmd {
char *text;
int (*fun)();
} authcmds[] = {
{ "login", auth_login }
, { "plain", auth_plain }
#ifdef AUTHCRAM
, { "cram-md5", auth_cram }
#endif
, { 0, err_noauth }
};

void smtp_auth(arg)
char *arg;
{
int i;
char *cmd = arg;

if (!( useauth && (ssl||essl) ))
//if (!( useauth && ( ssl || essl || !forcetls ) ))

{
out("503 auth not available (#5.3.3)\r\n");
return;
}
if (authd) { err_authd(); return; }
if (seenmail) { err_authmail(); return; }

if (!stralloc_copys(&user,"")) die_nomem();
if (!stralloc_copys(&pass,"")) die_nomem();
if (!stralloc_copys(&resp,"")) die_nomem();

i = str_chr(cmd,' ');
arg = cmd + i;
while (*arg == ' ') ++arg;
cmd[i] = 0;

for (i = 0;authcmds[i].text;++i)
if (case_equals(authcmds[i].text,cmd)) break;

switch (authcmds[i].fun(arg)) {
case 0:
authd = 1;
relayclient = "";
remoteinfo = user.s;
if (!env_unset("TCPREMOTEINFO")) die_read();
if (!env_put2("TCPREMOTEINFO",remoteinfo)) die_nomem();
if (!env_unset("SMTP_AUTH_USER")) die_read();
if (!env_put2("SMTP_AUTH_USER",remoteinfo)) die_nomem();
out("235 ok, go ahead (#2.0.0)\r\n");
break;
case 1:
out("535 authorization failed (#5.7.0)\r\n");
}
}

struct commands smtpcommands[] = {
{ "rcpt", smtp_rcpt, 0 }
, { "mail", smtp_mail, 0 }
, { "data", smtp_data, flush }
, { "auth", smtp_auth, flush }
, { "quit", smtp_quit, flush }
, { "helo", smtp_helo, flush }
, { "ehlo", smtp_ehlo, flush }
, { "rset", smtp_rset, 0 }
, { "help", smtp_help, flush }
#ifdef TLS
, { "starttls", smtp_tls, flush }
#endif
, { "noop", err_noop, flush }
, { "vrfy", err_vrfy, flush }
, { 0, err_unimpl, flush }
} ;

void main(argc,argv)
int argc;
char **argv;
{
char *x ;
unsigned long u ;

if (argc>3)
{
hostname = argv[1];
childargs = argv + 2;
useauth = 1;
}

x = env_get("SSL");
if(x) { scan_ulong(x,&u); essl = u; }

#ifdef TLS
sig_alarmcatch(sigalrm);
#endif
sig_pipeignore();
if (chdir(auto_qmail) == -1) die_control();
setup();
if (ipme_init() != 1) die_ipme();
smtp_greet("220 ");
out(" ESMTP\r\n");
if (commands(&ssin,&smtpcommands) == 0) die_read();
die_nomem();
}

int checkrcptcount() {
if (maxrcpt == -1) { return 0;}
else if (rcptcounter > maxrcpt ) { return 1;}
return 0;
}

//int checkrcptcount() {
// if (maxrcpt == -1) { return 0;}
// else if (rcptcounter > maxrcpt ) { return 1;}
// return 0;
//}

any ideas?

thanks

My lord! Looks like you added a whole TON of patches!

I would guess your problem has to do with the TLS patch you're trying to apply. I'd look over that patch again carefully and see if you spot any mistakes.

One discrepancy I found was in the line that looks like this...

case '\': flagesc = 1; break;

The original qmail-smtpd.c file has this...

case '\\': flagesc = 1; break;

I dont know if this was part of a patch you were trying to apply.

Another discrepancy... I noticed a whole bunch of lines that are commented out. Was that intentional? For example, void spfreceived() is a whle subroutine you commented out... or maybe a patch did? Also, checkrcptcount, which is at the very end of the file. There are 2 instances of that subroutine. One is commented and the other is not, but they both say the same thing.

Maybe if you can make a list of all the patches you are wanting to apply? I noticed the TLS patch, the mfcheck patch... and maybe a few others.

Are you also trying to apply a patch for SPF? I think SPF is still a relatively new technology and one that's not been adopted by many ISP's, so I believe it to be optional and probably unsupported by a great majority of server admins. I'm holding off until the IETF figures out what to do about email address spoofing.

thanks for lookin into it...i went ahead an commented those areas..

i installed qmail from qmailrocks.org so the patches that are in the tutorial i went ahead and applied.

patches like:

0.70-errno.patch
courier-imap-authvchk.c1.patch
qlogtools_errno.patch
qmail-1.03-forcetls-20040703.patch
qmail-103.patch
ucspi-tcp-0.88.errno.patch
auth-jms1.4a.patch
base64.h
base64.c
daemontools-0.76.errno.patch
qmail-1.03.errno.patch
qmail-1.03-jms1.5.patch
qmailqueue.patch
vmysql.patch

i also looked at the qmail-smtpd.c file and found case '\': flagesc = 1; break; and it looked correct:

case '\\': flagesc = 1; break;

i would really like to get the lastest patch installed:

Russell Nelson has a patch to reject relay probes generated by so-called anti-spammers. These relay probes have '!', '%' and '@' in the local (username) part of the address.

--- orig/qmail-smtpd.c Mon Jun 15 06:53:16 1998
+++ qmail-smtpd.c Sat Feb 9 12:07:19 2002
@@ -53,6 +53,7 @@
void err_nogateway() { out("553 sorry, that domain isn't in my list of allowed rcpthosts (#5.7.1)\r\n"); }
void err_unimpl() { out("502 unimplemented (#5.5.1)\r\n"); }
void err_syntax() { out("555 syntax error (#5.5.4)\r\n"); }
+void err_relay() { out("553 we don't relay (#5.7.1)\r\n"); }
void err_wantmail() { out("503 MAIL first (#5.5.1)\r\n"); }
void err_wantrcpt() { out("503 RCPT first (#5.5.1)\r\n"); }
void err_noop() { out("250 ok\r\n"); }
@@ -216,6 +217,21 @@
return r;
}

+int addrrelay()
+{
+ int j;
+ j = addr.len;
+ while(--j >= 0)
+ if (addr.s[j] == '@') break;
+ if (j < 0) j = addr.len;
+ while(--j >= 0) {
+ if (addr.s[j] == '@') return 1;
+ if (addr.s[j] == '%') return 1;
+ if (addr.s[j] == '!') return 1;
+ }
+ return 0;
+}
+

int seenmail = 0;
int flagbarf; /* defined if seenmail */
@@ -250,6 +266,7 @@
void smtp_rcpt(arg) char *arg; {
if (!seenmail) { err_wantmail(); return; }
if (!addrparse(arg)) { err_syntax(); return; }
+ if (addrrelay()) { err_relay(); return; }
if (flagbarf) { err_bmf(); return; }
if (relayclient) {
--addr.len;

the one we've been talking about but im stuck on this:


[lenny@baguh qmail-1.03]$ make setup check
./compile qmail-smtpd.c
qmail-smtpd.c: In function `smtp_ehlo':
qmail-smtpd.c:425: error: `ssl' undeclared (first use in this function)
qmail-smtpd.c:425: error: (Each undeclared identifier is reported only once
qmail-smtpd.c:425: error: for each function it appears in.)
qmail-smtpd.c: In function `smtp_auth':
qmail-smtpd.c:1036: error: `ssl' undeclared (first use in this function)
qmail-smtpd.c: In function `main':
qmail-smtpd.c:1095: warning: return type of `main' is not `int'
make: *** [qmail-smtpd.o] Error 1

any help would be greatly appriciated...will this patch work with fedora? my friend installed the same EXACT patch on his RH 8 machine with no problems.

I also emailed Russell Nelson a few times but im not sure if he will get back to me.

Thanks

Lenny

Hmmm. If it were me, I would feel inclined to go back and start over with the patching. The errors you're getting are referring to SSL, which I'm sure must be related to the TLS patch that is being applied in that "all-in-one" patch from qmail rocks.

I'd go back to your qmail-1.03 tarball and extract everything back into the source directory and run the patch commands again. My recommendation is to ONLY apply the patches suggested by qmailrocks. This will help us isolate where the problem is. If the error happens after applying the "wonder patch" from qmail rocks, then it means the problem lies with them. If you can successfully patch it and then apply Russell's patch, you can try running make setup check and see if you get the error.

Here's what I'm concerned about...

If you were to rerun the patch command right now, I have a feeling all hell would break loose because your files are already patched. Hopefully the patch command is smart enough to know that the files are already patched and won't try to apply the patch twice.

I think this means you'll need to get the original files back from the tarball and put them in the source tree like I described above. That way, when you apply the "wonder patch" from qmailrocks it will be patching virgin files and won't be trying to patch files that have already been patched.

thanks

so should i make a copy of the qmail-1.03 directory and then unpack the qmail-1.03 tarball and basically have to start over with installing qmail? like from the middle of http://www.qmailrocks.org/qmail.htm where it says:

Now we build Qmail...

cd /usr/src/qmail/qmail-1.03

make man && make setup check

./config-fast your_fqdn_hostname (ex: ./config-fast mail.mydomain.com)

and i have to recreate the cert?

or just to unpack the tarball and apply the patches and then run make man && make setup check in the qmail-1.03 directory?

just not too sure where to start

now would it hurt if i just left it alone now? but once i need to patch something else later ill run into the same issue?

thanks

lenny

Well, the bottom line is... you only need to repatch qmail-smtpd.c. It may be possible to hack the all-in-one patch and remove the stuff that is irrelavent. Like you could clip out only the stuff that's needed for qmail-smtpd.c. Then you can just repatch that one file. This is a little more risky because you have to be absolutely sure you are keeping ONLY the stuff that's needed for qmail-smtpd.c.

I'm going home for lunch here in about 5 min. When I get home, I'll look at hacking that patch file for you. So all you need to do is go back to the tarball and extract just that one file.... qmail-smtpd.c. Maybe you can extract it to some dummy directory and copy that one file and write over the one you have in there now that is the one we're trying to use.

I'll try to have a good patch for you here in an hour or so.

thank u so much!

i really appreciate all your help..if you need anything from me just let me know.

i actually extracted the 1 file (qmail-smtpd.c) from the tarball to see what it looks like compaired to mine and it defintly different.

thanks,

Lenny