Bug 88131 - build with SASL 2 uses wrong headers, renders SMTP AUTH unusable
build with SASL 2 uses wrong headers, renders SMTP AUTH unusable
Status: CLOSED CURRENTRELEASE
Product: Red Hat Raw Hide
Classification: Retired
Component: postfix (Show other bugs)
1.0
i386 Linux
medium Severity medium
: ---
: ---
Assigned To: John Dennis
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2003-04-06 10:20 EDT by Zenon Mousmoulas
Modified: 2007-04-18 12:52 EDT (History)
0 users

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2003-06-12 13:39:51 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
differences between postfix-2.0.6-2 spec and my 2.0.7-4 spec (4.53 KB, patch)
2003-04-06 10:55 EDT, Zenon Mousmoulas
no flags Details | Diff
Adds the log_recipient option for directives in main.cf (1.85 KB, patch)
2003-04-07 16:31 EDT, Zenon Mousmoulas
no flags Details | Diff
Simon J. Mudd's classic patch, allows the smtpd greeting banner to span over multiple lines (4.28 KB, patch)
2003-04-07 16:32 EDT, Zenon Mousmoulas
no flags Details | Diff
Adds support for writing full select statements in mysql maps (11.01 KB, patch)
2003-04-07 16:34 EDT, Zenon Mousmoulas
no flags Details | Diff
Generic smtpd.conf for use with SASL 2 only (24 bytes, text/plain)
2003-04-07 16:36 EDT, Zenon Mousmoulas
no flags Details

  None (edit)
Description Zenon Mousmoulas 2003-04-06 10:20:10 EDT
Description of problem:
The spec file correctly handles separately building postfix with SASL 1 or 
SASL 2.

However, when building with SASL 2, it doesn't take into account that cyrus-
sasl packages in RHL provide both SASL version 1 and version 2 libraries and 
headers.

SASL 1 headers are installed in /usr/include.
SASL 2 headers are in /usr/include/sasl.

Therefore, when building with SASL 2, the spec must take care to add '-
I/usr/include/sasl' to the CCARGS environment variable prior to compiling 
postfix.

Otherwise postfix will start failing as soon as SASL is called by any 
component of the system, with the error message:

fatal: SASL per-connection security setup

To trigger this, add for example 'smtpd_sasl_auth_enable = yes' 
to /etc/postfix/main.cf and issue `service postfix reload'. Every new 
connection to the smtp service will fail and produce this error msg.

I'm attaching a diff between the spec in the rawhide package and my own. It 
has further customizations/improvements, including a fix for this problem.


Version-Release number of selected component (if applicable):
2.0.6-2

How reproducible:
Always
Comment 1 Zenon Mousmoulas 2003-04-06 10:55:32 EDT
Created attachment 90935 [details]
differences between postfix-2.0.6-2 spec and my 2.0.7-4 spec
Comment 2 John Dennis 2003-04-07 10:44:42 EDT
Thank you for your fixes. Your modified spec file references new files and/or
patches, could you please attach those as well? In particular the sasl2 config
file, the other new files would be helpful as well. Thank you.
Comment 3 Zenon Mousmoulas 2003-04-07 16:21:18 EDT
Oh yes I'm sorry, I didn't think about that.

Please note, all of these patches are taken from Simon J. Mudd's current 
postfix srpm package.
The only other file is my own postfix-smtpd-sasl2.conf, which is just like 
postfix-smtpd.conf, but adjusted to defaults suitable for use with SASL 2. A 
simple hack :)
Comment 4 Zenon Mousmoulas 2003-04-07 16:31:08 EDT
Created attachment 90972 [details]
Adds the log_recipient option for directives in main.cf
Comment 5 Zenon Mousmoulas 2003-04-07 16:32:48 EDT
Created attachment 90973 [details]
Simon J. Mudd's classic patch, allows the smtpd greeting banner to span over multiple lines
Comment 6 Zenon Mousmoulas 2003-04-07 16:34:58 EDT
Created attachment 90974 [details]
Adds support for writing full select statements in mysql maps
Comment 7 Zenon Mousmoulas 2003-04-07 16:36:21 EDT
Created attachment 90975 [details]
Generic smtpd.conf for use with SASL 2 only
Comment 8 John Dennis 2003-06-12 13:39:51 EDT
I've fixed the sasl include directory (in postfix-2.0.11).

Note You need to log in before you can comment on or make changes to this bug.