On Aug 23, 2004, at 5:26 PM, Dave wrote:
Give that the mail systems on these machines are rock solid from a stability
perspective, and have had multiple tweaks and other patches made to
accompanying packages since installation, not to mention the database format
changes for some of the older versions that would be required in the case of
an upgrade, I would prefer a diff or patch to insert this functionality into
the existing vchkpw code. I can then manually create a patch, or edit the
appropriate files and recompile.

Here's what you're looking for:

http://cvs.sourceforge.net/viewcvs.py/vpopmail/vpopmail/vchkpw.c? r1=1.6&r2=1.8

or, a simpler patch from an earlier release that just covers the port 587 stuff:

http://cvs.sourceforge.net/viewcvs.py/vpopmail/vpopmail/vchkpw.c? r1=1.3&r2=1.4

The CVS interface on SourceForge should help you craft custom patches and be selective with what to include and not include.

If your CRAM-MD5 auth isn't working properly, be sure to apply the vchkpw patch from between 1.9 and 1.10. It makes vchkpw's CRAM-MD5 compatible with the latest SMTP AUTH patches (which follow a standard protocol for passing information between qmail-smtpd and vchkpw).

If you're using MySQL as a backend though, I highly recommend you go through the painful process of upgrading to 5.4.6 as it has numerous bug fixes over the 5.3.x releases, and closes an SQL-injection vulnerability. It should be an easy upgrade from the 5.3.x servers, I got involved with vpopmail well after 4.9.10, so I don't know much about that release.

Tom Collins  -  [EMAIL PROTECTED]
QmailAdmin: http://qmailadmin.sf.net/  Vpopmail: http://vpopmail.sf.net/
Info on the Sniffter hand-held Network Tester: http://sniffter.com/

Reply via email to