From ryan@pcslink.com Wed Jul 8 10:32:08 1998 Date: Tue, 7 Jul 1998 17:41:25 -0700 (MST) From: Ryan Mooney To: chris@westnet.com Subject: Whups - qpopper patches After having run the new patch for a while I found that there was a wee little problem in that the server code vhost was overwriting a static variable in a (name lookup) system call that would cause the popper spew errors because the clients IP/name wouldn't match. It doesn't appear to be life threatening, so don't panic :) Hopefully I got it right this time. My apologies to anyone using it. Original message + fixed patch :) I've had a bunch of people ask for an updated qpopper patch. These patches work against popper2.52, I just did them, so I can't guarantee that I missed any major bugs, as usual, use at your own risk. ********** NOTE ***************** PLEASE E-MAIL QUALCOMM AND ASK THEM TO PUT EITHER THIS OR SOMETHING LIKE IT INTO THE STANDARD DISTRIBUTION. I really don't have time to support it all the time, and this has been out long enough now that they should pick it up. Personally I'm a bit pissed at them for not haven taken one of the vpopper patches and applied them... ----------------------------------------------------- diff -c ../qpopper2.52/./INSTALL ./INSTALL *** ../qpopper2.52/./INSTALL Wed Jul 1 13:00:19 1998 --- ./INSTALL Tue Jul 7 14:16:13 1998 *************** *** 32,37 **** --- 32,38 ---- BULLETINS SERVER MODE APOP + + VIRTUAL HOST INSTALLATION: To install the qpopper, change the directory to where the *************** *** 547,554 **** popauth ! ! --- 548,594 ---- popauth + VIRTUAL HOST: ! The Virtual Host support allows you to have support for automatic ! translation of e-mail addresses depending on the interface that ! they arrive on. ! ! To enable this feature you need to define where the VIRTUAL_SERVER ! db will live: ! VIRTUAL_SERVER=\"/etc/virtual.pop\" ! or use configure: configure --with-vhost=/etc/virtual.pop ! ! You can then use the sendmail makemap (or other custom ndbm compatible ! program) to generate translation tables for inbound pop users. ! ! ie: You have two virtual hosts defined on your server (with different ! IP addresses bound to each): ! 10.1.1.1 -->PTR--> senior.com ! 10.1.1.2 -->PTR--> junior.com ! Note that it is VERY IMPORTANT to have reverse DNS working correctly ! for this. ! ! You have a user fred@senior.com and a user fred@junior.com, you ! create two unix users: ! www01 ! www02 ! ! and then setup the translation DB as follows: ! fred@senior.com www01 ! fred@junior.com www02 ! run "makemap -v dbm /etc/virt.pop < /etc/virt.pop" or equivelant ! and then when a pop request comes in for fred on the senior.com ! interface it will be automatically translated into www01. ! Also if the user specifies the full domain name as thier e-amail ! address (ie: fred@senior.com), this will automatically be used ! without doing the DB lookup. This only works for some e-mail ! clients as some programs have an annoying habit of stripping the ! @domain.com from the e-mail address (yes its the right thing to ! do, but hey it breaks my stuff :) ! ! This feature is designed to work with the sendmail virtual domain ! hack (http://www.westnet.com/providers/) or the sendmail 8.8.x ! usertable feature. diff -c ../qpopper2.52/./Makefile.in ./Makefile.in *** ../qpopper2.52/./Makefile.in Wed Jul 1 12:54:51 1998 --- ./Makefile.in Tue Jul 7 11:37:07 1998 *************** *** 5,11 **** pop_rset.c pop_send.c pop_stat.c pop_updt.c \ pop_user.c pop_xtnd.c pop_xmit.c popper.c \ pop_bull.c xtnd_xlst.c pop_uidl.c mktemp.c \ ! pop_rpop.c pop_apop.c md5.c pop_auth.c OBJS = flock.o pop_dele.o pop_dropcopy.o \ pop_get_command.o pop_get_subcommand.o pop_init.o \ --- 5,11 ---- pop_rset.c pop_send.c pop_stat.c pop_updt.c \ pop_user.c pop_xtnd.c pop_xmit.c popper.c \ pop_bull.c xtnd_xlst.c pop_uidl.c mktemp.c \ ! pop_rpop.c pop_apop.c md5.c pop_auth.c pop_virtualh.c OBJS = flock.o pop_dele.o pop_dropcopy.o \ pop_get_command.o pop_get_subcommand.o pop_init.o \ *************** *** 14,20 **** pop_rset.o pop_send.o pop_stat.o pop_updt.o \ pop_user.o pop_xtnd.o pop_xmit.o popper.o \ pop_bull.o xtnd_xlst.o pop_uidl.o mktemp.o \ ! pop_rpop.o pop_apop.o md5.o pop_auth.o DOCS = README pop3.rfc1081 pop3e.rfc1082 popper.8 --- 14,20 ---- pop_rset.o pop_send.o pop_stat.o pop_updt.o \ pop_user.o pop_xtnd.o pop_xmit.o popper.o \ pop_bull.o xtnd_xlst.o pop_uidl.o mktemp.o \ ! pop_rpop.o pop_apop.o md5.o pop_auth.o pop_virtualh.o DOCS = README pop3.rfc1081 pop3e.rfc1082 popper.8 diff -c ../qpopper2.52/./config.h.in ./config.h.in *** ../qpopper2.52/./config.h.in Wed Jul 1 12:54:51 1998 --- ./config.h.in Tue Jul 7 11:30:59 1998 *************** *** 38,43 **** --- 38,44 ---- #undef DEBUG #undef APOP + #undef VIRTUAL_SERVER #undef POPUID #undef GDBM #undef MAIL_COMMAND diff -c ../qpopper2.52/./configure ./configure *** ../qpopper2.52/./configure Wed Jul 1 12:54:51 1998 --- ./configure Tue Jul 7 12:18:53 1998 *************** *** 19,24 **** --- 19,26 ---- --with-apop=path Set the pop.auth file path [/etc/pop.auth]" ac_help="$ac_help --with-apopuid=pop Set the user who would own the pop.auth file. [pop]" + ac_help="$ac_help + --with-vhost=vhostfile Set the path of the virtual host file [/etc/virtual.pop]" # Initialize some variables set by options. # The variables have the same names as the options, with *************** *** 897,902 **** --- 899,926 ---- else cat >> confdefs.h <> confdefs.h <> confdefs.h <client,p->ipaddr); #endif + + #ifdef VIRTUAL_SERVER + + /* Get My current address to see on which virtual address I was listening */ + + len = sizeof(mysock); + if (getsockname(sp,(struct sockaddr *)&mysock,&len) < 0){ + pop_log(p,POP_PRIORITY, + "Unable to obtain My socket and address, err = %d",errno); + exit(1); + } + /* Save the dotted decimal form of the client's IP address + in the POP parameter block */ + myipaddr = (char *)strdup(inet_ntoa(cs.sin_addr)); + + mych = gethostbyaddr((char *) &mysock.sin_addr, sizeof(mysock.sin_addr), AF_INET); + + if (mych == NULL){ + pop_log(p,POP_PRIORITY, + "(v%s) Unable to get canonical name of Server, err = %d", + VERSION, errno); + p->server = myipaddr; + } + + /* Save the cannonical name of the server host in + the POP parameter block */ + /* If your really hung up about the security of your local + DNS servers and don't trust them, then you can either add + in the same mess as is used for clients, or upgrade your + servers... Upgrade your DNS server(s).... + */ + p->server = (char *)strdup(mych->h_name); + #endif /* VIRTUAL_SERVER */ return(authenticate(p, &cs)); } diff -c ../qpopper2.52/./pop_user.c ./pop_user.c *** ../qpopper2.52/./pop_user.c Wed Jul 1 12:54:51 1998 --- ./pop_user.c Tue Jul 7 13:27:28 1998 *************** *** 47,52 **** --- 47,53 ---- int pop_user (p) POP * p; { + /* If there is an APOP database entry then don't allow a cleartext password over the net */ # ifdef APOP *************** *** 77,82 **** --- 78,91 ---- /* Save the user name */ (void)strncpy(p->user, p->pop_parm[1], sizeof(p->user)); p->user[sizeof(p->user)-1] = 0; + + #ifdef VIRTUAL_SERVER + /* If virtual Hosting replace virtual user ID with real user ID */ + if(pop_virtualh(p)) { + return(pop_msg(p,POP_FAILURE, + "Virtualization Failure for (%s)", p->user)); + } + #endif /* VIRTUAL_SERVER */ # ifdef APOP_ONLY return(pop_auth_fail(p, POP_FAILURE, diff -c ../qpopper2.52/./pop_virtualh.c ./pop_virtualh.c *** ../qpopper2.52/./pop_virtualh.c Tue Jul 7 11:07:15 1998 --- ./pop_virtualh.c Tue Jul 7 14:10:19 1998 *************** *** 0 **** --- 1,125 ---- + /* + ** Free Mod, Copyright Abandoned. + ** Distribute Freely. + ** Written by Ryan Mooney (ryan@pcslink.com) to add virtual Host + ** Support to the Qualcomm Popper Daemon on Mon Feb 17 MST 1997 + ** + ** Use at your own risk, no warranty is implied or granted, this + ** code has not been thoroughly tested and may have bugs, it may + ** destroy your entire system, it may contain unsuspected worms and + ** take over all the computers in your company and mail the little + ** green men from outer space your password file. If you are uncomfortable + ** with this write your own damn code, and don't blame me. + ** + ** Loosely based on code included in the other popper files: + ** Copyright (c) 1990 Regents of the University of California. + ** + */ + + #include "config.h" + + #ifdef VIRTUAL_SERVER + + #ifndef lint + static char copyright[] = "CopyRight Abandoned 1997"; + static char SccsId[] = "DO YOUR SCCS THING HERE!!!!"; + #endif /* not lint */ + + #include + #include + #include + + #if defined(SOLARIS2) || defined(SYSV) || defined(AIX) + # include + #else + # include + #endif + + #if defined(SOLARIS2) || defined(UNIXWARE) || defined(AIX) || defined(PTX) \ + || defined(AUX) || defined(POPSCO) || defined(OSF1) || defined(ULTRIX) + # include + #else + # include + #endif + + #include + + #include "popper.h" + + int pop_virtualh (p) + POP * p; + { + DBM *virt_db; + struct stat st; + char real_user[MAXLINELEN]; + char virtual_dir[BUFSIZ]; + datum key, value; + + /* Allow user@vhost.com to supersede DNS lookup */ + if(strstr(p->user, "@")) { + strcpy(real_user, p->user); + } else { + + if ((strlen(p->server) + strlen(p->user)) > MAXLINELEN - 2) { + pop_msg(p,POP_FAILURE, + "Server (%s) + user (%s) bigger than MAX %d", p->user, + p->server, MAXLINELEN - 1); + return(-1); + } + + sprintf(real_user, "%s@%s", p->user, p->server); + } + + # ifdef DEBUG + if (p->debug) + pop_log(p, POP_DEBUG, "Attempting to Virtualize (%s)", real_user); + # endif /* DEBUG */ + + if ( (virt_db = dbm_open(VIRTUAL_SERVER, O_RDONLY, 0)) != NULL) { + + // key.dsize = strlen (real_user) + 1; + key.dsize = strlen (real_user); + key.dptr = real_user; + + # ifdef DEBUG + if (p->debug) + pop_log(p, POP_DEBUG, "Key '%s' Size '%d'", key.dptr, key.dsize); + # endif /* DEBUG */ + value = dbm_fetch (virt_db, key); + /* + ** Got a live one, this is the users "real" name on our server + ** Replace the "fake" name and carry on + */ + if (value.dptr != NULL) { + # ifdef DEBUG + if (p->debug) + pop_log(p, POP_DEBUG, "User (%s) Virtualized", p->user); + # endif + bcopy(value.dptr, p->user, value.dsize); + p->user[value.dsize] = 0; + + # ifdef DEBUG + if (p->debug) + pop_log(p, POP_DEBUG, "Virtualized User is (%s)", p->user); + # endif + } else { + # ifdef DEBUG + if (p->debug) + pop_log(p, POP_DEBUG, "Virt DB Value returned NULL"); + # endif + } + dbm_close (virt_db); + + } else { + # ifdef DEBUG + if (p->debug) + pop_log(p, POP_DEBUG, "Virtualization DB %s unopened (%s)", + VIRTUAL_SERVER, strerror(errno)); + # endif + } + + return(0); + + } + + #endif /* VIRTUAL_SERVER */ diff -c ../qpopper2.52/./popper.h ./popper.h *** ../qpopper2.52/./popper.h Wed Jul 1 12:54:51 1998 --- ./popper.h Tue Jul 7 12:09:19 1998 *************** *** 125,131 **** #define POP_TIMEOUT 120 /* timeout connection after this many secs */ /* UID's <= this value are not allowed to access email */ ! #define BLOCK_UID 10 #define DIG_SIZE 16 --- 125,131 ---- #define POP_TIMEOUT 120 /* timeout connection after this many secs */ /* UID's <= this value are not allowed to access email */ ! #define BLOCK_UID 10 #define DIG_SIZE 16 *************** *** 242,247 **** --- 242,250 ---- computer */ char * client; /* Canonical name of client computer */ + #ifdef VIRTUAL_SERVER + char * server; /* Canonical name of server */ + #endif /* VIRTUAL_SERVER */ char * ipaddr; /* Dotted-notation format of client IP address */ unsigned short ipport; /* Client port for privileged *************** *** 329,334 **** --- 332,338 ---- extern int pop_updt(); extern int pop_user(); extern int pop_xtnd(); + extern int pop_virtualh(); extern int pop_xmit(); extern int pop_xmit_recv(); extern int pop_xmit_exec(); ----------------------------------------------------- >-=-=-=-=-=-=-<>-=-=-=-=-=-<>-=-=-=-=-=-<>-=-=-=-=-=-<>-=-=-=-=-=-=-< Ryan Mooney Phone (602)265-9188 PCSLink ryan@pcslink.com Internet Services NT is an excellent choice for managers who need to show that they used up their fiscal year budget for hardware/software expenditures. <-=-=-=-=-=-=-><-=-=-=-=-=-><-=-=-=-=-=-><-=-=-=-=-=-><-=-=-=-=-=-=->