Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 74124 - [qmail] SMTP authentication redirects STDERR to STDOUT - log messages get sent to client
Summary: [qmail] SMTP authentication redirects STDERR to STDOUT - log messages get sen...
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: New packages (show other bugs)
Hardware: All All
: High normal (vote)
Assignee: Qmail Team (OBSOLETE)
Depends on:
Reported: 2004-12-11 12:10 UTC by Perolo Silantico
Modified: 2005-08-18 16:01 UTC (History)
0 users

See Also:
Package list:
Runtime testing required: ---


Note You need to log in before you can comment on or make changes to this bug.
Description Perolo Silantico 2004-12-11 12:10:41 UTC
affected file: qmail-smtpd.c
affected function: int authenticate(void)
steps to reproduce: 
 1) use alternative qmail-queue program that prints something to STDERR
    (fe. debug messages during development)
    original qmail-queue does not write log messages itself
 2) use SMTP-AUTH in an SMTP session

the authentication function calls fd_copy(2,1) to redirect STDERR to STDOUT. I think the intention is to send authentication error messages of the executed password program to the remote client.

BUT "fd_copy" is called before a "fork" is performed, redirecting STDERR of the whole process and subsequently all executed programs (qmail-queue) to the client. This redirects messages, which are intended for the log, to the client. These messages acertainly not comply with RFC.

The following patch moves the "fd_copy" to the forked process, leaving the parent process writing messages to STDERR and therefore the log file.

--- qmail-1.03.orig/qmail-smtpd.c       2004-11-19 09:00:53.000000000 +0100
+++ qmail-1.03/qmail-smtpd.c    2004-12-11 19:06:23.185045688 +0100
@@ -1006,7 +1006,6 @@
   if (!stralloc_0(&pass)) die_nomem();
   if (!stralloc_0(&resp)) die_nomem();

-  if (fd_copy(2,1) == -1) return err_pipe();
   if (pipe(pi) == -1) return err_pipe();
   //if (pi[0] != 3) return err_pipe();
@@ -1014,6 +1013,7 @@
     case -1:
       return err_fork();
     case 0:
+      if (fd_copy(2,1) == -1) _exit(1);
       if (pi[0] != 3) {
Comment 1 Michael Hanselmann (hansmi) (RETIRED) gentoo-dev 2005-08-07 03:58:29 UTC
Is this still the case with -r16?
Comment 2 Michael Hanselmann (hansmi) (RETIRED) gentoo-dev 2005-08-18 16:01:16 UTC
No response. Please reopen if you've comments.