On January 29, 2010 at 16:22, Joel Reicher wrote:
Unless I've misunderstood, this is a problem that was discussed and
solved on comp.mail.mh a couple of years ago.
http://groups.google.com/group/comp.mail.mh/browse_thread/thread/47e00851b535
80b7
Not sure how it worked since SASL support is not available
when using sendmail as your mts delivery method. I.e. If
the SMTP server requires user/pass authentication, sendmail-based
deliver will not work.
The script:
#!/bin/sh
openssl s_client -connect smtp.gmail.com:465 -quiet
Will create a SSL connection to Gmail servers, but user authentication
is still required.
Hacking the nmh code to support sasl for sendmail delivery, it appears
I got some success. I just cut-n-hasted code from smtp_init()
into sendmail_init(). To avoid a bogus getpeername() call since
sendmail method is not a socket, I just specified the server name in
my .mh_profile.
I also modified the code so a user can override or augment the
mts.conf with environment variables. I should be able to specify
a custom sendmail wrapper script (in this case to create SSL connection
to gmail) w/o effecting all users on the system.
I was unable to get TLS connections to work. openssl kept erroring
out, but smtp.gmail.com:465 worked.
To get 'whom' to work, I had to add sasl option support to whom.c.
What follows is the diffs to the sources I did. The diffs
also includes changes to Makefile.in since I think it is wrong
to overwrite existing configuration files when installing
stuff. The norm appears for packages to write the "new"
files to something else (eg. <file>.rpmsave). In the change
I made, if the new file differs from what is installed, it
writes the new file with a ".dist" extension.
Index: etc/Makefile.in
===================================================================
RCS file: /sources/nmh/nmh/etc/Makefile.in,v
retrieving revision 1.16
diff -u -r1.16 Makefile.in
--- etc/Makefile.in 4 Mar 2006 22:14:18 -0000 1.16
+++ etc/Makefile.in 30 Jan 2010 09:09:20 -0000
@@ -100,18 +100,13 @@
for path in $$INSTALL_FILES; do \
file=`basename $$path`; \
echo "Installing $$file..."; \
- if [ -f $(DESTDIR)$(etcdir)/$$file ]; then \
- mv $(DESTDIR)$(etcdir)/$$file $(DESTDIR)$(etcdir)/$$file.prev; \
- $(INSTALL_DATA) $$path $(DESTDIR)$(etcdir)/$$file; \
- if diff $(DESTDIR)$(etcdir)/$$file.prev $(DESTDIR)$(etcdir)/$$file;
then \
- rm $(DESTDIR)$(etcdir)/$$file.prev; \
+ if [ -f "$(DESTDIR)$(etcdir)/$$file" ]; then \
+ if cmp -s "$$path" "$(DESTDIR)$(etcdir)/$$file"; then \
+ echo "$(DESTDIR)$(etcdir)/$$file is UNCHANGED"; \
else \
- echo; \
- echo " Previous version of $$file saved as $$file.prev due\c";\
- echo " to diffs."; \
- echo " Please merge any local config changes into the new\c"; \
- echo " $$file."; \
- echo; \
+ $(INSTALL_DATA) "$$path" "$(DESTDIR)$(etcdir)/$$file.dist"; \
+ echo "$(DESTDIR)$(etcdir)/$$file PRESERVED."; \
+ echo " New version saved with .dist extension"; \
fi; \
else \
$(INSTALL_DATA) $$path $(DESTDIR)$(etcdir)/$$file; \
Index: mts/smtp/smtp.c
===================================================================
RCS file: /sources/nmh/nmh/mts/smtp/smtp.c,v
retrieving revision 1.28
diff -u -r1.28 smtp.c
--- mts/smtp/smtp.c 21 Dec 2009 17:18:04 -0000 1.28
+++ mts/smtp/smtp.c 30 Jan 2010 09:09:20 -0000
@@ -128,7 +128,8 @@
*/
static int smtp_init (char *, char *, char *, int, int, int, int, int, int,
char *, char *);
-static int sendmail_init (char *, char *, int, int, int, int, int);
+static int sendmail_init (char *, char *, int, int, int, int, int, int,
+ char *, char *);
static int rclient (char *, char *);
static int sm_ierror (char *fmt, ...);
@@ -165,13 +166,13 @@
debug, onex, queued, sasl, saslmech, user);
else
return sendmail_init (client, server, watch, verbose,
- debug, onex, queued);
+ debug, onex, queued, sasl, saslmech, user);
}
static int
smtp_init (char *client, char *server, char *port, int watch, int verbose,
- int debug, int onex, int queued, int sasl, char *saslmech,
- char *user)
+ int debug, int onex, int queued,
+ int sasl, char *saslmech, char *user)
{
#ifdef CYRUS_SASL
char *server_mechs;
@@ -299,8 +300,12 @@
int
sendmail_init (char *client, char *server, int watch, int verbose,
- int debug, int onex, int queued)
+ int debug, int onex, int queued,
+ int sasl, char *saslmech, char *user)
{
+#ifdef CYRUS_SASL
+ char *server_mechs;
+#endif /* CYRUS_SASL */
int i, result, vecp;
int pdi[2], pdo[2];
char *vec[15];
@@ -426,6 +431,35 @@
}
}
+#ifdef CYRUS_SASL
+ /*
+ * If the user asked for SASL, then check to see if the SMTP server
+ * supports it. Otherwise, error out (because the SMTP server
+ * might have been spoofed; we don't want to just silently not
+ * do authentication
+ */
+
+ if (sasl) {
+ if (! (server_mechs = EHLOset("AUTH"))) {
+ sm_end(NOTOK);
+ return sm_ierror("SMTP server does not support SASL");
+ }
+
+ if (saslmech && stringdex(saslmech, server_mechs) == -1) {
+ sm_end(NOTOK);
+ return sm_ierror("Requested SASL mech \"%s\" is not in the "
+ "list of supported mechanisms:\n%s",
+ saslmech, server_mechs);
+ }
+
+ if (sm_auth_sasl(user, saslmech ? saslmech : server_mechs,
+ server) != RP_OK) {
+ sm_end(NOTOK);
+ return NOTOK;
+ }
+ }
+#endif /* CYRUS_SASL */
+
#ifndef ZMAILER
if (onex)
smtalk (SM_HELO, "ONEX");
Index: sbr/mts.c
===================================================================
RCS file: /sources/nmh/nmh/sbr/mts.c,v
retrieving revision 1.6
diff -u -r1.6 mts.c
--- sbr/mts.c 16 Jan 2009 02:28:55 -0000 1.6
+++ sbr/mts.c 30 Jan 2010 09:09:21 -0000
@@ -33,6 +33,9 @@
*/
static char *tailor_value (unsigned char *);
static void getuserinfo (void);
+static const char *get_mtsconf_pathname(void);
+static const char *get_mtsuserconf_pathname(void);
+static void mts_read_conf_file (FILE *fp);
/*
* *mmdfldir and *uucpldir are the maildrop directories. If maildrops
@@ -172,36 +175,22 @@
void
mts_init (char *name)
{
- unsigned char *bp;
- char *cp, buffer[BUFSIZ];
- struct bind *b;
+ const char *cp;
FILE *fp;
static int inited = 0;
- if (inited++ || (fp = fopen (mtsconf, "r")) == NULL)
+ if (inited++ || (fp = fopen (get_mtsconf_pathname(), "r")) == NULL)
return;
+ mts_read_conf_file(fp);
+ fclose (fp);
- while (fgets (buffer, sizeof(buffer), fp)) {
- if (!(cp = strchr(buffer, '\n')))
- break;
- *cp = 0;
- if (*buffer == '#' || *buffer == '\0')
- continue;
- if (!(bp = strchr(buffer, ':')))
- break;
- *bp++ = 0;
- while (isspace (*bp))
- *bp++ = 0;
-
- for (b = binds; b->keyword; b++)
- if (!strcmp (buffer, b->keyword))
- break;
- if (b->keyword && (cp = tailor_value (bp)))
- *b->value = cp;
+ cp = get_mtsuserconf_pathname();
+ if (cp != NULL &&
+ ((fp = fopen (get_mtsuserconf_pathname(), "r")) != NULL)) {
+ mts_read_conf_file(fp);
+ fclose (fp);
}
- fclose (fp);
-
Everyone = atoi (everyone);
if (strstr(masquerade, "draft_from") != NULL)
@@ -529,3 +518,50 @@
return;
}
+
+static const char*
+get_mtsconf_pathname (void)
+{
+ const char *cp = getenv ( "MHMTSCONF ");
+ if (cp != NULL && *cp != '\0') {
+ return cp;
+ }
+ return mtsconf;
+}
+
+static const char*
+get_mtsuserconf_pathname (void)
+{
+ const char *cp = getenv ( "MHMTSUSERCONF" );
+ if (cp != NULL && *cp != '\0') {
+ return cp;
+ }
+ return NULL;
+}
+
+static void
+mts_read_conf_file (FILE *fp)
+{
+ unsigned char *bp;
+ char *cp, buffer[BUFSIZ];
+ struct bind *b;
+
+ while (fgets (buffer, sizeof(buffer), fp)) {
+ if (!(cp = strchr(buffer, '\n')))
+ break;
+ *cp = 0;
+ if (*buffer == '#' || *buffer == '\0')
+ continue;
+ if (!(bp = strchr(buffer, ':')))
+ break;
+ *bp++ = 0;
+ while (isspace (*bp))
+ *bp++ = 0;
+
+ for (b = binds; b->keyword; b++)
+ if (!strcmp (buffer, b->keyword))
+ break;
+ if (b->keyword && (cp = tailor_value (bp)))
+ *b->value = cp;
+ }
+}
Index: uip/whom.c
===================================================================
RCS file: /sources/nmh/nmh/uip/whom.c,v
retrieving revision 1.4
diff -u -r1.4 whom.c
--- uip/whom.c 2 Jul 2002 22:09:15 -0000 1.4
+++ uip/whom.c 30 Jan 2010 09:09:21 -0000
@@ -13,6 +13,12 @@
#include <h/signals.h>
#include <signal.h>
+#ifndef CYRUS_SASL
+# define SASLminc(a) (a)
+#else /* CYRUS_SASL */
+# define SASLminc(a) 0
+#endif /* CYRUS_SASL */
+
static struct swit switches[] = {
#define ALIASW 0
{ "alias aliasfile", 0 },
@@ -38,6 +44,12 @@
{ "server host", -6 },
#define SNOOPSW 11
{ "snoop", -5 },
+#define SASLSW 12
+ { "sasl", SASLminc(4) },
+#define SASLMECHSW 13
+ { "saslmech mechanism", SASLminc(-5) },
+#define USERSW 14
+ { "user username", SASLminc(-4) },
{ NULL, 0 }
};
@@ -88,6 +100,7 @@
case CHKSW:
case NOCHKSW:
case SNOOPSW:
+ case SASLSW:
vec[vecp++] = --cp;
continue;
@@ -117,6 +130,8 @@
case ALIASW:
case CLIESW:
case SERVSW:
+ case USERSW:
+ case SASLMECHSW:
vec[vecp++] = --cp;
if (!(cp = *argp++) || *cp == '-')
adios (NULL, "missing argument to %s", argp[-2]);
_______________________________________________
Nmh-workers mailing list
Nmh-workers(_at_)nongnu(_dot_)org
http://lists.nongnu.org/mailman/listinfo/nmh-workers