Re: OpenSMTPD 6.6.4p1 released: addresses CRITICAL vulnerability

anything. On Wed, Feb 26, 2020 at 3:56 AM Denis Fateyev wrote: > Beside the real vulnerability, what is interesting that Qualys used an > outdated Fedora package to prepare the report: > > On Linux, this vulnerability is generally not exploitable because > /proc/sys/fs/protected_har

Re: OpenSMTPD 6.6.4p1 released: addresses CRITICAL vulnerability

Beside the real vulnerability, what is interesting that Qualys used an outdated Fedora package to prepare the report: On Linux, this vulnerability is generally not exploitable because /proc/sys/fs/protected_hardlinks prevents attackers from creating hardlinks to files they do not own. On Fedora

Re: OpenSMTPD build on OpenSSL 1.1.x

> > ../../smtpd/ca.c: In function 'ca_X509_verify': > ../../smtpd/ca.c:204:47: error: dereferencing pointer to incomplete type > 'X509_STORE_CTX' {aka 'struct x509_store_ctx_st'} > 204 |*errstr = X509_verify_cert_error_string(xsc->error); > This can be fixed in "smtpd/ca.c" with: - *errstr

Re: OpenSMTPD build on OpenSSL 1.1.x

Hello Gilles, Tried to rebuild on Fedora 30, but got compile errors (providing below with warnings in case if you find them useful): --- < cut here > --- gcc -DHAVE_CONFIG_H -I. -I../.. -I../../smtpd -I../../openbsd-compat -I../../openbsd-compat/err_h

Re: question to package maintainers

On Dec 24, 2015 7:31 PM, "Gilles Chehade" <gil...@poolp.org> wrote: > On Thu, Dec 24, 2015 at 07:17:12PM +0600, Denis Fateyev wrote: > > > > Well, you asked what distributions packagers thought, and I presented it > > from point of the specific distr

Re: question to package maintainers

On Wed, Dec 23, 2015 at 6:23 PM, Gilles Chehade wrote: > > Would your distribution be affected if LibreSSL became a requirement ? > > OpenSMTPD is starting to rely on LibreSSL-specific functions that will > force us to go through painful hacks to maintain that dual SSL support

Re: question to package maintainers

On Wed, Dec 23, 2015 at 9:16 PM, Gilles Chehade wrote: > > What I'm wondering is if there's any reason that would prevent RHEL, for > example, to package LibreSSL in the same way that libasr was packaged so > that OpenSMTPD could specifically depend on it. > > The system would

Re: [OpenSMTPD] portable snapshot opensmtpd-201505121836p1 available

Hmm, I thought you already dropped bdb dependency, but: -- checking db_185.h usability... no checking db_185.h presence... no checking for db_185.h... no checking db.h usability... no checking db.h presence... no checking for db.h... no checking db1/db.h usability... no

Re: [OpenSMTPD] portable snapshot opensmtpd-201505121836p1 available

, May 13, 2015 at 4:31 PM, Gilles Chehade gil...@poolp.org wrote: On Wed, May 13, 2015 at 04:26:31PM +0600, Denis Fateyev wrote: Hmm, I thought you already dropped bdb dependency, but: -- checking db_185.h usability... no checking db_185.h presence... no checking

Re: Announce: libasr 1.0.1 released

On Tue, Feb 3, 2015 at 2:08 AM, Gilles Chehade gil...@poolp.org wrote: On Tue, Feb 03, 2015 at 02:07:25AM +0600, Denis Fateyev wrote: On Tue, Feb 3, 2015 at 1:52 AM, Eric Faurot e...@poolp.org wrote: On Tue, Feb 03, 2015 at 12:04:51AM +0600, Denis Fateyev wrote: Just a small

Re: Announce: libasr 1.0.1 released

On Tue, Feb 3, 2015 at 1:52 AM, Eric Faurot e...@poolp.org wrote: On Tue, Feb 03, 2015 at 12:04:51AM +0600, Denis Fateyev wrote: Just a small nit-picking. Once was a discussion about license filename spelling. [1]https://www.mail-archive.com/misc@opensmtpd.org/msg01513.html

Re: Announce: libasr 1.0.1 released

Just a small nit-picking. Once was a discussion about license filename spelling. https://www.mail-archive.com/misc@opensmtpd.org/msg01513.html Not a problem at all, but *might* be a small cleanup. --- wbr, Denis.

Re: libasr: LICENSE, LICENCE

between EN_GB and EN_US was one that always irritated me. On 12/27/2014 03:56 PM, Hugo Osvaldo Barrera wrote: On 2014-12-28 05:01, Denis Fateyev wrote: In English both versions are possible. But 'license' indeed sounds better, IMO. I'm just pointing out that different tarballs

Re: [OpenSMTPD] libasr snapshot libasr-201412181500 available

Tested on RHEL6 and Fedora 20 with opensmtpd-5.4.4-rc2, no regressions found. -- wbr, Denis. On Thu, Dec 18, 2014 at 8:00 PM, Gilles Chehade gil...@poolp.org wrote: On Thu, Dec 18, 2014 at 02:57:52PM +0100, gilles chehade wrote: A new libasr snapshot is available at:

Re: OpenSMTPD 5.4.4p1-rc2 CALL FOR TESTING

Hello there, Tested on RHEL6,7 and Fedora 19,20,21 with the latest libasr snapshot (201412141738), haven't seen any errors. Seems now it's fine. I think, it's time to introduce libasr release numeration (0.1, 1.0, or whatever you like.) -- wbr, Denis. On Sun, Dec 14, 2014 at 10:30 PM, Gilles

Re: OpenSMTPD 5.4.4{p1,}-rc1 CALL FOR TESTING

I saw that with 5.4.4-rc1. Not sure in which recent snapshot it has been introduced. I'll do some checks with previous snapshots today or tomorrow when time permits.. -- wbr, Denis. On Sun, Dec 14, 2014 at 6:35 PM, Gilles Chehade gil...@poolp.org wrote: Do you experience this with snapshots

Re: OpenSMTPD 5.4.4{p1,}-rc1 CALL FOR TESTING

Sure thing. Opened a new ticket: https://github.com/OpenSMTPD/OpenSMTPD/issues/503 On Mon, Dec 8, 2014 at 2:31 PM, Gilles Chehade gil...@poolp.org wrote: Do you mind opening a ticket ? I was talking to eric@ and asking him if he had a chance to look at this and he had missed this :-/ --

Re: [OpenSMTPD] libasr snapshot libasr-201410012101 available

Hello all, Just tested the latest opensmtpd snapshot opensmtpd-201410152136p1 with libasr-201410012101.tar.gz on RHEL 5,6,7 and Fedora 20 and devel. Seems no build issues so far, and basically working (I've send a couple of messages via each testing instance not going deeply to test all the

Re: [OpenBSD] libasr snapshot libasr-201407111828 available

Hello there, Builds fine on RHEL6 and Fedora 19 - Fedora devel scope, both 32- and 64bit. Some side notes: 1) The library `libasr-5.5.0.so.0.0.0` hasn't got executable bit after make install. I need to chown it to 0755 to get it working; 2) Rpmlint (a package diagnostic tool) reports a warning:

Re: attention, attention, changes !

Hello Charles, On Fri, Jun 20, 2014 at 8:20 PM, Charles Longeau c...@openbsd.org wrote: As with recent `opensmtpd` builds, I am not planning to support `libasr` RHEL5 packages, so fixing it is optional and up to you. I added the missing check in libasr. Even if you don't plan to support

Re: [OpenSMTPD] portable snapshot opensmtpd-201406192306p1 available

Hi Gilles, The latest snapshot builds and works as expected in RHEL6 and Fedora 19, 20, devel (all available arch). Although I have tested the very basic functionality for sending and receiving messages to catch RH/Fedora-specific regressions, if any. Under RHEL5 I have got a build error:

Re: attention, attention, changes !

Hello there, I have just tested `libasr` build on RH-systems. Everything is fine with RHEL6; Fedora 19, 20 and devel (all arch). Also, see no objections from including it to Fedora and EPEL (RHEL 6, 7) when it's stable and ready for production. In RHEL 5 I got an error during build:

Re: Opensmtpd official Fedora/RHEL packages

but not the yum equivalent. Regards, Michiel On 01/09/2014 02:44 PM, Denis Fateyev wrote: Thanks for the report, will be fixed soon. This man-file was missed from 'alternatives' indeed. Meanwhile you can do force install, or skip it during installation - non-critical since involves a single man

Re: Opensmtpd official Fedora/RHEL packages

On Thu, Jan 9, 2014 at 9:28 PM, Michiel van Es m...@protegam.nl wrote: the default pam module is not loaded correctly thus authentication is not working. You create a /etc/pam.d/smtp.opensmtpd file with a correct PAM configuration but OpenSMTPD build with PAM looks for /etc/pam.d/smtpd

Re: [OpenSMTPD] portable snapshot opensmtpd-201312131550p1 available

at 01:21:17AM +0600, Denis Fateyev wrote: -- gcc -DHAVE_CONFIG_H -I. -I../.. -I../../smtpd -I../../openbsd-compat -I../../contrib/lib/libc/asr -I. -DSMTPD_CONFDIR=\/etc/opensmtpd\ -DPATH_CHROOT=\/var/empty/smtpd\ -DPATH_SMTPCTL=\/usr/sbin/smtpctl\ -DPATH_MAILLOCAL=\/usr

Re: RFC: package maintainers

Hi there, On Sat, Oct 26, 2013 at 7:15 PM, Gilles Chehade gil...@poolp.org wrote: Upstream we do not really have a strong opinion and we'll do whatever makes it easier for most maintainers. This means that we're not opposed to adding brand new configure flags if it can help solving

Re: RFC: package maintainers

On Sat, Oct 26, 2013 at 5:21 AM, Sébastien Luttringer se...@seblu.netwrote: So why not keep sysconfdir and set a default value to /etc/smtpd (default pool is /var/spool/smtpd) instead of using a non standard new value? The default value should be then `/etc/opensmtpd` since we agreed during

Re: RFC: package maintainers

On Sat, Oct 26, 2013 at 6:43 AM, Sébastien Luttringer se...@seblu.netwrote: - And it's the source of the problem... - This is definitely not a good idea since... - we definitely shouldn't touch... I disagree. It's the purpose of this variable! sysconfdir is the path to your package

Opensmtpd RHEL RPMs (testing)

snapshots for test purposes, as well. All packages are signed with my RPM gpg-key Denis Fateyev de...@fateyev.com (0x5679927F). Feel free to grab, test and rebuild. Comments, suggestions and improvements are welcome. --- wbr, Denis.

Re: latest snapshot needs HEAVY testing

Hello Gilles, Noticed an issue with `--libexecdir` setting, not sure in which snapshot it has been introduced. According to configure --help --libexecdir=DIRprogram executables [EPREFIX/libexec] --sysconfdir=DIRread-only single-machine data [PREFIX/etc] If I specify in the RPM

Re: [OpenSMTPD] portable snapshot ... beware ;-)

Hello Gilles, Answered with two tiny issues on Github ;-) --- wbr, Denis. On Wed, Jul 31, 2013 at 9:19 PM, Gilles Chehade gil...@poolp.org wrote: --- skipped --- If you have questions, feel free to ask ;-)

Re: Compatibility patch idea

On Wed, Jul 17, 2013 at 12:38 PM, Eric Faurot e...@faurot.net wrote: I'm ok with that, what I'm not happy with is adding ifdef's to the code when not absolutely necessary :-) 3) RES_USE_EDNS0 and RES_USE_DNSSEC options are missed in old GLIBC. They prescript to use DNSSEC for

OpenSMTPD pid file

Hello there, I'm working with opensmtpd on linux (centos). I haven't found any options for opensmtpd PID file creation (like PidFile in openssh server config.) Is this feature not supported yet? --- wbr, Denis.

Re: OpenSMTPD pid file

, Denis. On Tue, Jun 11, 2013 at 5:21 PM, Gilles Chehade gil...@poolp.org wrote: On Tue, Jun 11, 2013 at 04:45:59PM +0600, Denis Fateyev wrote: Hello there, Hello, I'm working with opensmtpd on linux (centos). I haven't found any options for opensmtpd PID file creation (like PidFile

Some build information

Hello, More information and report about building on Linux. Making RHEL5 build, I use this patch: -- cut here -- Fix RHEL5 build parameters --- opensmtpd-5.3.3p1/smtpd/Makefile.am2013-06-04 14:13:28.0 +0600 +++ opensmtpd-5.3.3p1/smtpd/Makefile.am

Recipient's address in smtp-in

Hello, Why 'smtp-in' doesn't show the name of recipient in session (only sender is shown)? It would make logs more transparent. Jun 11 13:08:12 ovz1-i386 p[27613]: smtp-in: New session f22ab30f from host 0@localhost [local] Jun 11 17:08:12 ovz1-i386 p[27613]: smtp-in: Accepted message