In Fedora 6 environment, I patched original qmail 1.03 (qmail-1.03.tar.gz) with
qmail-ldap-1.03-20060201.patch, then with
qmail-ldap-1.03-20060201-controls20060403b. I failed to compile it. Hence, I
made several changes:
1. Commented out "extern unsigned sasl_flags;" in control.h. It seems that
sasl_flags are defined as static in all programs using this header file.
2. Replaced function verify_ldap_file_check with old source code (use strcmp
instead of strstr). The strstr code has bug.
3. Included str_diffn.o in the qmail-newmrh section of Makefile. Someone
suggested this change in this newgroup.
4. Setup all the options in the Makefile.
All changes are included in the attached diff file.
After a lot of debug tracing, I found that the value of "fn" was cleared after
called to "control_ldap_search" in the control_readfile function. Someone
already mentioned this point in this newsgroup before. At last, I disabled the
gcc optimization option (I removed "-O2" from file conf-cc) and everything work
fine.
Anybody here is solving similar problem? Please comment my work. I think the
"fn" cleared problem was due to GCC 4.1.1 bug.
Steve
diff -urN qmail-1.03-orig/conf-cc qmail-1.03/conf-cc
--- qmail-1.03-orig/conf-cc 1998-06-15 18:53:16.000000000 +0800
+++ qmail-1.03/conf-cc 2007-03-17 18:49:44.000000000 +0800
@@ -1,3 +1,3 @@
-cc -O2
+cc
This will be used to compile .c files.
diff -urN qmail-1.03-orig/control.c qmail-1.03/control.c
--- qmail-1.03-orig/control.c 2007-03-18 19:03:59.000000000 +0800
+++ qmail-1.03/control.c 2007-03-17 12:07:48.000000000 +0800
@@ -653,6 +653,7 @@
/* This function will return TRUE if file is OK to fetch from LDAP */
int verify_ldap_file_check(const char *fn) {
if(!strstr(fn, ".cdb")
+#if 0
&& (strstr(fn, "me") == fn)
&& (strstr(fn, "ldapserver") == fn)
&& (strstr(fn, "ldapcontroldn") == fn)
@@ -661,6 +662,18 @@
#if defined(SECUREBIND_SASL) || defined(SECUREBIND_SSL) ||
defined(SECUREBIND_TLS) || defined(SECUREBIND_ALL)
&& (strstr(fn, "ldapsecurebind") == fn)
#endif
+#else
+ /* BECAUSE OF BUG ABOVE, I HAD TO RESORT TO THIS */
+
+ && strncmp(fn, "me", 2) && strcmp(fn, "control/me") && strcmp(fn,
"/var/qmail/control/me")
+ && strcmp(fn, "ldapserver") && strcmp(fn, "control/ldapserver") &&
strcmp(fn, "/var/qmail/control/ldapserver")
+ && strcmp(fn, "ldapcontroldn") && strcmp(fn, "control/ldapcontroldn") &&
strcmp(fn, "/var/qmail/control/ldapcontroldn")
+ && strcmp(fn, "ldaplogin") && strcmp(fn, "control/ldaplogin") &&
strcmp(fn, "/var/qmail/control/ldaplogin")
+ && strcmp(fn, "ldappassword") && strcmp(fn, "control/ldappassword") &&
strcmp(fn, "/var/qmail/control/ldappassword")
+#if defined(SECUREBIND_SASL) || defined(SECUREBIND_SSL) ||
defined(SECUREBIND_TLS) || defined(SECUREBIND_ALL)
+ && strcmp(fn, "ldapsecurebind") && strcmp(fn, "control/ldapsecurebind") &&
strcmp(fn, "/var/qmail/control/ldapsecurebind")
+#endif
+#endif
/* Do we have what we need for an LDAP search!? */
&& ldap_controldn.len
&& (me.len || ldap_me.len)
diff -urN qmail-1.03-orig/control.h qmail-1.03/control.h
--- qmail-1.03-orig/control.h 2007-03-18 19:03:59.000000000 +0800
+++ qmail-1.03/control.h 2007-03-11 11:13:03.000000000 +0800
@@ -16,7 +16,7 @@
#include "stralloc.h"
#if defined(SECUREBIND_SASL) || defined(SECUREBIND_ALL)
-extern unsigned sasl_flags;
+//extern unsigned sasl_flags;
extern char *sasl_secprops;
extern char *sasl_realm;
extern char *sasl_authc_id;
diff -urN qmail-1.03-orig/Makefile qmail-1.03/Makefile
--- qmail-1.03-orig/Makefile 2007-03-18 19:03:58.000000000 +0800
+++ qmail-1.03/Makefile 2007-03-17 12:21:56.000000000 +0800
@@ -22,12 +22,14 @@
# -DCOURIER use Courier POP3d/IMAPd instead of Qmail POP3d
#LDAPFLAGS=-DQLDAP_CLUSTER -DEXTERNAL_TODO -DDASH_EXT -DDATA_COMPRESS
-DQMQP_COMPRESS -DSMTPEXECCHECK -DCOURIER
+LDAPFLAGS= -DALTQUEUE -DQLDAP_CLUSTER
+
# * These are some options to securly connect to the LDAP server
# -DSECUREBIND_SASL Bind using SASL
# -DSECUREBIND_SSL Encrypt the channel with SSL
# -DSECUREBIND_TLS Encrypt the channel with TLS (SSL v3)
# -DSECUREBIND_ALL All of the above...
-#SECUREBIND=-DSECUREBIND_ALL
+SECUREBIND=-DSECUREBIND_ALL
# * Log authentication success/failures in auth_{pop,imap,smtp}
#SYSLOGAUTH=-DSYSLOGAUTH
@@ -41,12 +43,12 @@
# to, uncomment the following line and read QLDAPINSTALL.
# -DUSE_CONTROLDB Search LDAP for control files
# -DQLDAP_BAILOUT First search LDAP, then FS
-#CONTROLDB=-DUSE_CONTROLDB -DQLDAP_BAILOUT
+CONTROLDB=-DUSE_CONTROLDB -DQLDAP_BAILOUT
# Perhaps you have different ldap libraries, change them here
-#LDAPLIBS=-L/usr/local/lib -lldap -llber
+LDAPLIBS=-L/usr/local/lib -lldap -llber
# and change the location of the include files here
-#LDAPINCLUDES=-I/usr/local/include
+LDAPINCLUDES=-I/usr/local/include
# on Slowaris you need -lresolv and probably a LD_RUN_PATH added like this:
#LDAPLIBS=-L/opt/OpenLDAP/lib -lldap -llber -lresolv -R/opt/OpenLDAP/lib
# for example on my Linux box I use:
@@ -79,13 +81,13 @@
#MNW=-DMAKE_NETSCAPE_WORK
# to enable the auto-maildir-make feature uncomment the next line
-#MDIRMAKE=-DAUTOMAILDIRMAKE
+MDIRMAKE=-DAUTOMAILDIRMAKE
# to enable the auto-homedir-make feature uncomment the next line
-#HDIRMAKE=-DAUTOHOMEDIRMAKE
+HDIRMAKE=-DAUTOHOMEDIRMAKE
# on most systems we need this to make auth_pop and auth_imap
-#SHADOWLIBS=-lcrypt
+SHADOWLIBS=-lcrypt
# OpenBSD and other Systems do not have libcrypt, so comment the line out
# if you get linking problems.
# To use shadow passwords under some Linux OS, uncomment the next two lines.
@@ -1759,7 +1761,7 @@
stralloc.a alloc.a strerr.a substdio.a error.a str.a auto_qmail.o \
$(NEWLDAPPROGLIBS) $(SECUREBINDLIBS) $(QLDAPLIB) $(CONTROLLIBS)
./load qmail-newmrh getln.a open.a cdbmake.a seek.a \
- case.a stralloc.a alloc.a strerr.a substdio.a error.a \
+ case.a stralloc.a alloc.a strerr.a substdio.a error.a str_diffn.o \
$(QLDAPLIB) $(CONTROLLIBS) str.a auto_qmail.o \
$(NEWLDAPPROGLIBS) $(SECUREBINDLIBS) $(LDAPLIBS)
