Re: Building snapshots on 5.5-stable?
Hi On Tue, May 06, 2014 at 10:17:01AM +0100, John Cox wrote: Hi Is it possible to build snapshots on OpenBSD-5.5-Stable (built from source because as far as I can tell the release ISO still contains Heartbleed)? Neither the OpenBSD or the Portable version works for me. I can understand that the OpenBSD version tracks current and may fail to build at any point, but I was hopeful theat the portable vsrsion might be more portable... I'd like to follow this project and maybe help if I ever have the time (which is, at the moment, I admit, unlikely) but I really don't have the time to try and follow OpenBSD-current Many thanks John Cox Hi, Sorry for the breakage. The new snapshot should now work on both current and stable. Please try it out. Sadly it still doesn't build - the problem has moved on: cc -O2 -pipe -I/home/jc/opensmtpd-201405071639/smtpd/../asr -g3 -ggdb -I/home/jc/opensmtpd-201405071639/smtpd/.. -Wall -Wstrict-prototypes -Wmissing-prototypes -Wmissing-declarations -Wshadow -Wpointer-arith -Wcast-qual -Wsign-compare -Wbounded -DIO_SSL -DQUEUE_PROFILING -c /home/jc/opensmtpd-201405071639/smtpd/../asr/res_query.c /home/jc/opensmtpd-201405071639/smtpd/../asr/res_query.c: In function 'res_query': /home/jc/opensmtpd-201405071639/smtpd/../asr/res_query.c:63: warning: comparison between signed and unsigned /home/jc/opensmtpd-201405071639/smtpd/../asr/res_query.c: In function 'res_search': /home/jc/opensmtpd-201405071639/smtpd/../asr/res_query.c:105: warning: comparison between signed and unsigned cc -O2 -pipe -I/home/jc/opensmtpd-201405071639/smtpd/../asr -g3 -ggdb -I/home/jc/opensmtpd-201405071639/smtpd/.. -Wall -Wstrict-prototypes -Wmissing-prototypes -Wmissing-declarations -Wshadow -Wpointer-arith -Wcast-qual -Wsign-compare -Wbounded -DIO_SSL -DQUEUE_PROFILING -c /home/jc/opensmtpd-201405071639/smtpd/../res_search_async.c cc -O2 -pipe -I/home/jc/opensmtpd-201405071639/smtpd/../asr -g3 -ggdb -I/home/jc/opensmtpd-201405071639/smtpd/.. -Wall -Wstrict-prototypes -Wmissing-prototypes -Wmissing-declarations -Wshadow -Wpointer-arith -Wcast-qual -Wsign-compare -Wbounded -DIO_SSL -DQUEUE_PROFILING -c /home/jc/opensmtpd-201405071639/smtpd/../asr/res_send.c /home/jc/opensmtpd-201405071639/smtpd/../asr/res_send.c: In function '__res_send': /home/jc/opensmtpd-201405071639/smtpd/../asr/res_send.c:55: warning: comparison between signed and unsigned cc -O2 -pipe -I/home/jc/opensmtpd-201405071639/smtpd/../asr -g3 -ggdb -I/home/jc/opensmtpd-201405071639/smtpd/.. -Wall -Wstrict-prototypes -Wmissing-prototypes -Wmissing-declarations -Wshadow -Wpointer-arith -Wcast-qual -Wsign-compare -Wbounded -DIO_SSL -DQUEUE_PROFILING -c /home/jc/opensmtpd-201405071639/smtpd/../res_send_async.c /home/jc/opensmtpd-201405071639/smtpd/../res_send_async.c: In function 'res_send_async': /home/jc/opensmtpd-201405071639/smtpd/../res_send_async.c:70: warning: cast discards qualifiers from pointer target type cc -O2 -pipe -I/home/jc/opensmtpd-201405071639/smtpd/../asr -g3 -ggdb -I/home/jc/opensmtpd-201405071639/smtpd/.. -Wall -Wstrict-prototypes -Wmissing-prototypes -Wmissing-declarations -Wshadow -Wpointer-arith -Wcast-qual -Wsign-compare -Wbounded -DIO_SSL -DQUEUE_PROFILING -c /home/jc/opensmtpd-201405071639/smtpd/../asr/sethostent.c cc -O2 -pipe -I/home/jc/opensmtpd-201405071639/smtpd/../asr -g3 -ggdb -I/home/jc/opensmtpd-201405071639/smtpd/.. -Wall -Wstrict-prototypes -Wmissing-prototypes -Wmissing-declarations -Wshadow -Wpointer-arith -Wcast-qual -Wsign-compare -Wbounded -DIO_SSL -DQUEUE_PROFILING -c /home/jc/opensmtpd-201405071639/smtpd/../asr/event_asr_run.c cc -o smtpd aliases.o bounce.o ca.o compress_backend.o config.o control.o crypto.o delivery.o dict.o dns.o envelope.o esc.o expand.o forward.o iobuf.o ioev.o limit.o lka.o lka_session.o log.o mda.o mproc.o mta.o mta_session.o parse.o pony.o queue.o queue_backend.o ruleset.o runq.o scheduler.o scheduler_backend.o smtp.o smtp_session.o smtpd.o ssl.o ssl_privsep.o ssl_smtpd.o stat_backend.o table.o to.o tree.o util.o waitq.o compress_gzip.o delivery_filename.o delivery_maildir.o delivery_mbox.o delivery_mda.o delivery_lmtp.o table_db.o table_getpwnam.o table_proc.o table_static.o queue_fs.o queue_null.o queue_proc.o queue_ram.o scheduler_ramqueue.o scheduler_null.o scheduler_proc.o stat_ramstat.o asr.o asr_debug.o asr_utils.o getaddrinfo.o getaddrinfo_async.o gethostnamadr.o gethostnamadr_async.o getnameinfo.o getnameinfo_async.o getnetnamadr.o getnetnamadr_async.o getrrsetbyname.o getrrsetbyname_async.o res_debug.o res_init.o res_mkquery.o res_query.o res_search_async.o res_send.o res_send_async.o sethostent.o event_asr_run.o -levent -lutil -lssl -lcrypto -lm -lz asr.o(.text+0x5c7): In function `asr_resolver_done': /home/jc/opensmtpd-201405071639/smtpd/../asr.c:164: undefined reference to `_THREAD_PRIVATE' asr.o(.text+0x17ee): In function `asr_use_resolver': /home/jc/opensmtpd-201405071639/smtpd/../asr.c:348: undefined reference to
Re: new privsep for rsa and ca [was: [OpenSMTPD] master snapshot opensmtpd-201405071639 available]
On Thu, May 08, 2014 at 05:08:36AM +0200, Jason A. Donenfeld wrote: On Wed, May 7, 2014 at 4:43 PM, gil...@poolp.org wrote: - RSA engine privsep by reyk@ - ca process, by reyk Do these require new UIDs/usernames? no, no new UID/username required -- Gilles Chehade https://www.poolp.org @poolpOrg -- You received this mail because you are subscribed to misc@opensmtpd.org To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org
Re: Compile errors compiling opensmtpd-latest on the most recent openbsd -current
ok, new snapshot will be generated tomorrow, not today Gilles On Thu, May 08, 2014 at 06:16:48AM -0700, Barbier, Jason wrote: So I have the most recent snap installed to my machine and when I try to compile latest I get /home/kusuriya/opensmtpd-201405071639/smtpd/../dns.c: In function 'dns_imsg': /home/kusuriya/opensmtpd-201405071639/smtpd/../dns.c:219: warning: assignment from incompatible pointer type /home/kusuriya/opensmtpd-201405071639/smtpd/../dns.c:246: warning: assignment from incompatible pointer type /home/kusuriya/opensmtpd-201405071639/smtpd/../dns.c:269: warning: assignment from incompatible pointer type /home/kusuriya/opensmtpd-201405071639/smtpd/../dns.c: In function 'dns_dispatch_host': /home/kusuriya/opensmtpd-201405071639/smtpd/../dns.c:297: error: dereferencing pointer to incomplete type /home/kusuriya/opensmtpd-201405071639/smtpd/../dns.c:306: error: dereferencing pointer to incomplete type /home/kusuriya/opensmtpd-201405071639/smtpd/../dns.c:307: error: dereferencing pointer to incomplete type /home/kusuriya/opensmtpd-201405071639/smtpd/../dns.c:309: error: dereferencing pointer to incomplete type /home/kusuriya/opensmtpd-201405071639/smtpd/../dns.c:310: error: dereferencing pointer to incomplete type /home/kusuriya/opensmtpd-201405071639/smtpd/../dns.c: In function 'dns_dispatch_ptr': /home/kusuriya/opensmtpd-201405071639/smtpd/../dns.c:330: error: dereferencing pointer to incomplete type /home/kusuriya/opensmtpd-201405071639/smtpd/../dns.c:331: error: dereferencing pointer to incomplete type /home/kusuriya/opensmtpd-201405071639/smtpd/../dns.c: In function 'dns_dispatch_mx': /home/kusuriya/opensmtpd-201405071639/smtpd/../dns.c:348: error: dereferencing pointer to incomplete type /home/kusuriya/opensmtpd-201405071639/smtpd/../dns.c:348: error: dereferencing pointer to incomplete type /home/kusuriya/opensmtpd-201405071639/smtpd/../dns.c:352: error: dereferencing pointer to incomplete type /home/kusuriya/opensmtpd-201405071639/smtpd/../dns.c:354: error: dereferencing pointer to incomplete type /home/kusuriya/opensmtpd-201405071639/smtpd/../dns.c:360: error: dereferencing pointer to incomplete type /home/kusuriya/opensmtpd-201405071639/smtpd/../dns.c:364: error: dereferencing pointer to incomplete type /home/kusuriya/opensmtpd-201405071639/smtpd/../dns.c:364: error: dereferencing pointer to incomplete type /home/kusuriya/opensmtpd-201405071639/smtpd/../dns.c:378: error: dereferencing pointer to incomplete type /home/kusuriya/opensmtpd-201405071639/smtpd/../dns.c: In function 'dns_dispatch_mx_preference': /home/kusuriya/opensmtpd-201405071639/smtpd/../dns.c:396: error: dereferencing pointer to incomplete type /home/kusuriya/opensmtpd-201405071639/smtpd/../dns.c:397: error: dereferencing pointer to incomplete type /home/kusuriya/opensmtpd-201405071639/smtpd/../dns.c:399: error: dereferencing pointer to incomplete type /home/kusuriya/opensmtpd-201405071639/smtpd/../dns.c:400: error: dereferencing pointer to incomplete type /home/kusuriya/opensmtpd-201405071639/smtpd/../dns.c:407: error: dereferencing pointer to incomplete type /home/kusuriya/opensmtpd-201405071639/smtpd/../dns.c:407: error: dereferencing pointer to incomplete type /home/kusuriya/opensmtpd-201405071639/smtpd/../dns.c:423: error: dereferencing pointer to incomplete type *** Error 1 in smtpd (sys.mk:87 'dns.o') *** Error 1 in /home/kusuriya/opensmtpd-201405071639 (bsd.subdir.mk:48 'all') any ideas? -- Jason Barbier | jab...@serversave.us -- Gilles Chehade https://www.poolp.org @poolpOrg -- You received this mail because you are subscribed to misc@opensmtpd.org To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org
Problem with simple user authentication scheme
Greetings to everyone, I am trying to configure OpenSMTD with TLS + simple auth in order to be able to send email from my laptop and mobile using the server. My 'smtpd.conf' is: - # This is the smtpd server system-wide configuration file. # See smtpd.conf(5) for more information. # SSL PKI Certificates pki domain.net certificate /etc/mail/certs/host.cert pki domain.net key /etc/mail/certs/host.key # If you edit the file, you have to run smtpctl update table aliases table users /usr/local/etc/mail/virtual.users.txt table domains /usr/local/etc/mail/virtual.domains.txt table secrets /usr/local/etc/mail/secrets table virtuals /usr/local/etc/mail/virtual.aliases.txt table aliases db:/usr/local/etc/mail/aliases.db # To accept external mail, replace with: listen on all listen on 127.0.0.1 listen on xx.xx.xx.xx secure pki domain.net auth secrets hostname domain.net accept for local alias aliases deliver to mbox accept from any for domain domains relay via lmtp://127.0.0.1:2026 accept from any for domain domains alias virtuals - My 'secrets' file looks like this: - root@domain:/usr/local/etc/mail # cat secrets atma = test:test123 - The server runs successfully (see log below) and I try to test my connection using OpenSSL: - $ openssl s_client -connect domain.net:465 CONNECTED(0003) [...] 220 domain.net ESMTP OpenSMTPD EHLO domain.net 250-domain.net Hello domain.net [xxx.xxx.xx.xxx], pleased to meet you 250-8BITMIME 250-ENHANCEDSTATUSCODES 250-SIZE 36700160 250-DSN 250-AUTH PLAIN LOGIN 250 HELP AUTH LOGIN 334 VXNlcm5hbWU6 dGVzdA==# = my input from: perl -MMIME::Base64 -e 'print encode_base64(test);' 334 UGFzc3dvcmQ6 dGVzdDEyMw==# = my input from: perl -MMIME::Base64 -e 'print encode_base64(test123);' 535 Authentication failed read:errno=0 - In the meantime in the server I can see the logs complaining of course: - root@domain:/usr/local/etc/mail # smtpd -dv debug: init ssl-tree info: loading pki information for domain.net info: OpenSMTPD 5.4.2p1 starting debug: bounce warning after 4h debug: using fs queue backend debug: using ramqueue scheduler backend debug: using ram stat backend info: startup [debug mode] debug: queue: done loading queue into scheduler mfa: building simple chains... mfa: building complex chains... mfa: done building complex chains mfa: done building default chain libevent 1.4.14b-stable (kqueue) debug: parent_send_config_ruleset: reloading debug: parent_send_config_mfa: reloading debug: parent_send_config: configuring smtp debug: mfa ready debug: smtp: listen on 1xx.xx.xx.xx port 25 flags 0x49 pki domain.net debug: smtp: listen on 1xx.xx.xx.xx port 465 flags 0x4a pki domain.net debug: smtp: listen on 127.0.0.1 port 25 flags 0x0 pki debug: smtp: will accept at most 14392 clients debug: smtpd: scanning offline queue... debug: smtpd: offline scanning done debug: smtp: new client on listener: 0x8024b6000 smtp-in: New session 21ee5e1eb2e647db from host 217.70.my-adsl.net [xx.xx.xx.xx] debug: lka: looking up pki domain.net debug: session_start_ssl: switching to SSL smtp-in: Started TLS on session 21ee5e1eb2e647db: version=TLSv1/SSLv3, cipher=ECDHE-RSA-AES256-GCM-SHA384, bits=256 debug: lka: authenticating for secrets:test smtp-in: Authentication failed for user test on session 21ee5e1eb2e647db smtp-in: Failed command on session 21ee5e1eb2e647db: dGVzdDEyMw== = 535 Authentication failed smtp-in: Disconnecting session 21ee5e1eb2e647db: session timeout debug: smtp: 0x8024ba000: deleting session: timeout - I'd like to know how can I fix my table in order to match/accept emails from users. I'm probably doing some mistake in the 'secrets' file syntax. Any hints and/or ideas would be welcomed. Thanks for the excellent piece of software :-) Best regards, atmosx Panagiotis (atmosx) Atmatzidis email: a...@convalesco.org URL:http://www.convalesco.org GnuPG ID: 0x1A7BFEC5 gpg --keyserver pgp.mit.edu --recv-keys 1A7BFEC5 As you set out for Ithaca, hope the voyage is a long one, full of adventure, full of discovery [...] - C. P. Cavafy signature.asc Description: Message signed with OpenPGP using GPGMail