Summary: | #ifdef used instead of #if in qmail-smtpd | ||
---|---|---|---|
Product: | Gentoo Linux | Reporter: | Martin Diers <martin> |
Component: | [OLD] Server | Assignee: | Net-Mail Packages <net-mail+disabled> |
Status: | VERIFIED TEST-REQUEST | ||
Severity: | normal | CC: | andrei.ivanov, leonardop, vapier |
Priority: | High | ||
Version: | unspecified | ||
Hardware: | x86 | ||
OS: | Linux | ||
Whiteboard: | |||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | |||
Bug Blocks: | 29485 |
Description
Martin Diers
2004-01-31 12:37:59 UTC
umm it works fine over here ... i'm using net-mail/qmail-1.03-r15 with net-mail/vpopmail-5.4.0_rc1 and the only people who can send relay mail through my server are ones who auth with ssl and the vpopmail ebuild is not way out of date, the latest is 5.4.0_rc2, and 5.4.0_rc1 is in portage perhaps your custom installation is messed up ? OK. I finally figured this out. The original Brisby SMTP_AUTH patch was simply that, an auth login patch. No TLS. The patch which is currently implemented in qmail-1.03-r15 is a TLS before AUTH LOGIN patch. That means, unless you have a valid SSL certificate all setup on the server, you cannot use AUTH. This, of course, is a very reasonable and secure way of doing things. However, it is not well documented that without TLS support, AUTH does not work at all. All that being said, it seems that the smtp-auth-close3.patch has the effect of forcing the use of TLS before AUTH, whereas without the patch, it is possible to Authenticate without issuing a STARTTLS command. Is this the intended effect of these patches combined, or is this an unfortunate sideeffect? smtp-auth-close3.patch fixes a problem with morercpthosts, and nothing else. however I have found a logic error in qmail-smtpd.c, dealing with the conditions in which smtp_authout() is called. #ifdef is used instead of #if for all lines containing TLS && TLS_BEFORE_AUTH I'll fix it soon. note to self patch to fix this well is at http://forums.gentoo.org/viewtopic.php?t=131572 *** Bug 39018 has been marked as a duplicate of this bug. *** Fixed in r15 and r16, could you test it, please? No response for five months. Closing. |