Bug 88131

Summary:

build with SASL 2 uses wrong headers, renders SMTP AUTH unusable

Product:

[Retired] Red Hat Raw Hide

Reporter:

Zenon Mousmoulas <zmousm>

Component:

postfix

Assignee:

John Dennis <jdennis>

Status:

CLOSED CURRENTRELEASE

QA Contact:

Severity:

medium

Docs Contact:

Priority:

medium

Version:

1.0

Target Milestone:

---

Target Release:

---

Hardware:

i386

OS:

Linux

Whiteboard:

Fixed In Version:

Doc Type:

Bug Fix

Doc Text:

Story Points:

---

Clone Of:

Environment:

Last Closed:

2003-06-12 17:39:51 UTC

Type:

---

Regression:

---

Mount Type:

---

Documentation:

---

CRM:

Verified Versions:

Category:

---

oVirt Team:

---

RHEL 7.3 requirements from Atomic Host:

Cloudforms Team:

---

Target Upstream Version:

Embargoed:

Attachments:

Description	Flags
differences between postfix-2.0.6-2 spec and my 2.0.7-4 spec	none
Adds the log_recipient option for directives in main.cf	none
Simon J. Mudd's classic patch, allows the smtpd greeting banner to span over multiple lines	none
Adds support for writing full select statements in mysql maps	none
Generic smtpd.conf for use with SASL 2 only	none

Description Zenon Mousmoulas 2003-04-06 14:20:10 UTC

Description of problem:
The spec file correctly handles separately building postfix with SASL 1 or 
SASL 2.

However, when building with SASL 2, it doesn't take into account that cyrus-
sasl packages in RHL provide both SASL version 1 and version 2 libraries and 
headers.

SASL 1 headers are installed in /usr/include.
SASL 2 headers are in /usr/include/sasl.

Therefore, when building with SASL 2, the spec must take care to add '-
I/usr/include/sasl' to the CCARGS environment variable prior to compiling 
postfix.

Otherwise postfix will start failing as soon as SASL is called by any 
component of the system, with the error message:

fatal: SASL per-connection security setup

To trigger this, add for example 'smtpd_sasl_auth_enable = yes' 
to /etc/postfix/main.cf and issue `service postfix reload'. Every new 
connection to the smtp service will fail and produce this error msg.

I'm attaching a diff between the spec in the rawhide package and my own. It 
has further customizations/improvements, including a fix for this problem.


Version-Release number of selected component (if applicable):
2.0.6-2

How reproducible:
Always

Comment 1 Zenon Mousmoulas 2003-04-06 14:55:32 UTC

Created attachment 90935 [details]
differences between postfix-2.0.6-2 spec and my 2.0.7-4 spec

Comment 2 John Dennis 2003-04-07 14:44:42 UTC

Thank you for your fixes. Your modified spec file references new files and/or
patches, could you please attach those as well? In particular the sasl2 config
file, the other new files would be helpful as well. Thank you.

Comment 3 Zenon Mousmoulas 2003-04-07 20:21:18 UTC

Oh yes I'm sorry, I didn't think about that.

Please note, all of these patches are taken from Simon J. Mudd's current 
postfix srpm package.
The only other file is my own postfix-smtpd-sasl2.conf, which is just like 
postfix-smtpd.conf, but adjusted to defaults suitable for use with SASL 2. A 
simple hack :)

Comment 4 Zenon Mousmoulas 2003-04-07 20:31:08 UTC

Created attachment 90972 [details]
Adds the log_recipient option for directives in main.cf

Comment 5 Zenon Mousmoulas 2003-04-07 20:32:48 UTC

Created attachment 90973 [details]
Simon J. Mudd's classic patch, allows the smtpd greeting banner to span over multiple lines

Comment 6 Zenon Mousmoulas 2003-04-07 20:34:58 UTC

Created attachment 90974 [details]
Adds support for writing full select statements in mysql maps

Comment 7 Zenon Mousmoulas 2003-04-07 20:36:21 UTC

Created attachment 90975 [details]
Generic smtpd.conf for use with SASL 2 only

Comment 8 John Dennis 2003-06-12 17:39:51 UTC

I've fixed the sasl include directory (in postfix-2.0.11).