LILiK
/
openwrt-packages-dist
5
0
Fork 0
Code Issues 0 Pull Requests 0 Projects 0 Releases 0 Wiki Activity
Browse Source

ssmtp: revoke gnutls support 

Drop gnutls and use openssl instead, due to excessive memory consumption in embedded environment for an additonal ssl library.

Signed-off-by: Dirk Brenken <dibdot@gmail.com>
lilik-openwrt-22.03
Dirk Brenken 10 years ago
parent
43d2457b98
commit
f267d2eaa6
3 changed files with 54 additions and 97 deletions
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. +5
    -5
      mail/ssmtp/Makefile
  2. +0
    -60
      mail/ssmtp/patches/001-gnutls.patch
  3. +49
    -32
      mail/ssmtp/patches/002-fix_pointer.patch

+ 5
- 5
mail/ssmtp/Makefile View File

@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk
PKG_NAME:=ssmtp PKG_NAME:=ssmtp
PKG_VERSION:=2.64 PKG_VERSION:=2.64
PKG_RELEASE:=1
PKG_RELEASE:=1.1
PKG_MAINTAINER:=Dirk Brenken <dibdot@gmail.com> PKG_MAINTAINER:=Dirk Brenken <dibdot@gmail.com>
PKG_LICENSE:=GPL-2.0+ PKG_LICENSE:=GPL-2.0+
@ -24,8 +24,8 @@ TARGET_CFLAGS += $(TARGET_CPPFLAGS)
define Package/ssmtp define Package/ssmtp
SECTION:=mail SECTION:=mail
CATEGORY:=Mail CATEGORY:=Mail
DEPENDS:=+libgnutls-openssl
TITLE:=A minimal and secure mail sender with gnutls support
DEPENDS:=+libopenssl
TITLE:=A minimal and secure mail sender with ssl support
URL:=http://packages.debian.org/ssmtp URL:=http://packages.debian.org/ssmtp
endef endef
@ -33,7 +33,7 @@ define Package/ssmtp/description
A secure, effective and simple way of getting mail off a system to your A secure, effective and simple way of getting mail off a system to your
mail hub. It contains no suid-binaries or other dangerous things - no mail hub. It contains no suid-binaries or other dangerous things - no
mail spool to poke around in, and no daemons running in the background. mail spool to poke around in, and no daemons running in the background.
mail is simply forwarded to the configured mailhost. Extremely easy
Mail is simply forwarded to the configured mailhost. Extremely easy
configuration. configuration.
endef endef
@ -43,7 +43,7 @@ define Package/ssmtp/conffiles
endef endef
CONFIGURE_VARS += \ CONFIGURE_VARS += \
LIBS="$(TARGET_LDFLAGS) -lgnutls-openssl"
LIBS="$(TARGET_LDFLAGS) -lcrypto -lssl"
CONFIGURE_ARGS += \ CONFIGURE_ARGS += \
--enable-ssl --enable-ssl


+ 0
- 60
mail/ssmtp/patches/001-gnutls.patch View File

@ -1,60 +0,0 @@
--- a/configure
+++ b/configure
@@ -1562,7 +1562,7 @@ if test x$enableval = xyes ; then
#define HAVE_SSL 1
EOF
- LIBS="$LIBS -lssl"
+ LIBS="$LIBS -lgnutls-openssl"
fi
enableval=""
--- a/configure.in
+++ b/configure.in
@@ -52,7 +52,7 @@ AC_ARG_ENABLE(ssl,
[ --enable-ssl support for secure connection to mail server])
if test x$enableval = xyes ; then
AC_DEFINE(HAVE_SSL)
- LIBS="$LIBS -lssl"
+ LIBS="$LIBS -lgnutls-openssl"
fi
enableval=""
--- a/ssmtp.c
+++ b/ssmtp.c
@@ -26,11 +26,7 @@
#include <ctype.h>
#include <netdb.h>
#ifdef HAVE_SSL
-#include <openssl/crypto.h>
-#include <openssl/x509.h>
-#include <openssl/pem.h>
-#include <openssl/ssl.h>
-#include <openssl/err.h>
+#include <gnutls/openssl.h>
#endif
#ifdef MD5AUTH
#include "md5auth/hmac_md5.h"
@@ -1133,7 +1129,7 @@ int smtp_open(char *host, int port)
}
if(use_cert == True) {
- if(SSL_CTX_use_certificate_chain_file(ctx, tls_cert) <= 0) {
+ if(SSL_CTX_use_certificate_file(ctx, tls_cert, SSL_FILETYPE_PEM) <= 0) {
perror("Use certfile");
return(-1);
}
@@ -1143,10 +1139,13 @@ int smtp_open(char *host, int port)
return(-1);
}
+#ifdef NOT_USED
if(!SSL_CTX_check_private_key(ctx)) {
log_event(LOG_ERR, "Private key does not match the certificate public key\n");
return(-1);
}
+#endif
+
}
#endif

+ 49
- 32
mail/ssmtp/patches/002-fix_pointer.patch View File

@ -1,6 +1,6 @@
--- a/ssmtp.c --- a/ssmtp.c
+++ b/ssmtp.c +++ b/ssmtp.c
@@ -51,21 +51,21 @@ bool_t use_oldauth = False; /* use old
@@ -55,21 +55,21 @@ bool_t use_oldauth = False; /* use old
#define ARPADATE_LENGTH 32 /* Current date in RFC format */ #define ARPADATE_LENGTH 32 /* Current date in RFC format */
char arpadate[ARPADATE_LENGTH]; char arpadate[ARPADATE_LENGTH];
@ -32,7 +32,7 @@
headers_t headers, *ht; headers_t headers, *ht;
@@ -257,7 +257,7 @@ char *strip_post_ws(char *str)
@@ -261,7 +261,7 @@ char *strip_post_ws(char *str)
p = (str + strlen(str)); p = (str + strlen(str));
while(isspace(*--p)) { while(isspace(*--p)) {
@ -41,7 +41,7 @@
} }
return(p); return(p);
@@ -275,7 +275,7 @@ char *addr_parse(char *str)
@@ -279,7 +279,7 @@ char *addr_parse(char *str)
#endif #endif
/* Simple case with email address enclosed in <> */ /* Simple case with email address enclosed in <> */
@ -50,7 +50,7 @@
die("addr_parse(): strdup()"); die("addr_parse(): strdup()");
} }
@@ -283,7 +283,7 @@ char *addr_parse(char *str)
@@ -287,7 +287,7 @@ char *addr_parse(char *str)
q++; q++;
if((p = strchr(q, '>'))) { if((p = strchr(q, '>'))) {
@ -59,7 +59,7 @@
} }
#if 0 #if 0
@@ -306,7 +306,7 @@ char *addr_parse(char *str)
@@ -310,7 +310,7 @@ char *addr_parse(char *str)
q = strip_post_ws(p); q = strip_post_ws(p);
if(*q == ')') { if(*q == ')') {
while((*--q != '(')); while((*--q != '('));
@ -68,7 +68,7 @@
} }
(void)strip_post_ws(p); (void)strip_post_ws(p);
@@ -359,7 +359,7 @@ bool_t standardise(char *str, bool_t *li
@@ -363,7 +363,7 @@ bool_t standardise(char *str, bool_t *li
*linestart = False; *linestart = False;
if((p = strchr(str, '\n'))) { if((p = strchr(str, '\n'))) {
@ -77,7 +77,7 @@
*linestart = True; *linestart = True;
} }
return(leadingdot); return(leadingdot);
@@ -380,7 +380,7 @@ void revaliases(struct passwd *pw)
@@ -384,7 +384,7 @@ void revaliases(struct passwd *pw)
while(fgets(buf, sizeof(buf), fp)) { while(fgets(buf, sizeof(buf), fp)) {
/* Make comments invisible */ /* Make comments invisible */
if((p = strchr(buf, '#'))) { if((p = strchr(buf, '#'))) {
@ -86,7 +86,7 @@
} }
/* Ignore malformed lines and comments */ /* Ignore malformed lines and comments */
@@ -515,11 +515,11 @@ void rcpt_save(char *str)
@@ -519,11 +519,11 @@ void rcpt_save(char *str)
#endif #endif
/* Ignore missing usernames */ /* Ignore missing usernames */
@ -100,7 +100,7 @@
die("rcpt_save() -- strdup() failed"); die("rcpt_save() -- strdup() failed");
} }
@@ -544,7 +544,7 @@ void rcpt_parse(char *str)
@@ -548,7 +548,7 @@ void rcpt_parse(char *str)
(void)fprintf(stderr, "*** rcpt_parse(): str = [%s]\n", str); (void)fprintf(stderr, "*** rcpt_parse(): str = [%s]\n", str);
#endif #endif
@ -109,7 +109,7 @@
die("rcpt_parse(): strdup() failed"); die("rcpt_parse(): strdup() failed");
} }
q = p; q = p;
@@ -572,7 +572,7 @@ void rcpt_parse(char *str)
@@ -576,7 +576,7 @@ void rcpt_parse(char *str)
} }
/* End of string? */ /* End of string? */
@ -118,7 +118,7 @@
got_addr = True; got_addr = True;
} }
@@ -580,7 +580,7 @@ void rcpt_parse(char *str)
@@ -584,7 +584,7 @@ void rcpt_parse(char *str)
if((*q == ',') && (in_quotes == False)) { if((*q == ',') && (in_quotes == False)) {
got_addr = True; got_addr = True;
@ -127,7 +127,7 @@
} }
if(got_addr) { if(got_addr) {
@@ -664,7 +664,7 @@ void header_save(char *str)
@@ -668,7 +668,7 @@ void header_save(char *str)
(void)fprintf(stderr, "header_save(): str = [%s]\n", str); (void)fprintf(stderr, "header_save(): str = [%s]\n", str);
#endif #endif
@ -136,7 +136,7 @@
die("header_save() -- strdup() failed"); die("header_save() -- strdup() failed");
} }
ht->string = p; ht->string = p;
@@ -672,7 +672,7 @@ void header_save(char *str)
@@ -676,7 +676,7 @@ void header_save(char *str)
if(strncasecmp(ht->string, "From:", 5) == 0) { if(strncasecmp(ht->string, "From:", 5) == 0) {
#if 1 #if 1
/* Hack check for NULL From: line */ /* Hack check for NULL From: line */
@ -145,7 +145,7 @@
return; return;
} }
#endif #endif
@@ -735,19 +735,19 @@ header_parse() -- Break headers into sep
@@ -739,19 +739,19 @@ header_parse() -- Break headers into sep
void header_parse(FILE *stream) void header_parse(FILE *stream)
{ {
size_t size = BUF_SZ, len = 0; size_t size = BUF_SZ, len = 0;
@ -169,7 +169,7 @@
die("header_parse() -- realloc() failed"); die("header_parse() -- realloc() failed");
} }
q = (p + len); q = (p + len);
@@ -772,9 +772,9 @@ void header_parse(FILE *stream)
@@ -776,9 +776,9 @@ void header_parse(FILE *stream)
in_header = False; in_header = False;
default: default:
@ -181,7 +181,7 @@
} }
header_save(p); header_save(p);
@@ -805,9 +805,9 @@ void header_parse(FILE *stream)
@@ -809,9 +809,9 @@ void header_parse(FILE *stream)
in_header = False; in_header = False;
default: default:
@ -193,7 +193,7 @@
} }
header_save(p); header_save(p);
@@ -872,11 +872,11 @@ bool_t read_config()
@@ -876,11 +876,11 @@ bool_t read_config()
char *rightside; char *rightside;
/* Make comments invisible */ /* Make comments invisible */
if((p = strchr(buf, '#'))) { if((p = strchr(buf, '#'))) {
@ -207,7 +207,7 @@
/* Parse out keywords */ /* Parse out keywords */
p=firsttok(&begin, "= \t\n"); p=firsttok(&begin, "= \t\n");
@@ -886,7 +886,7 @@ bool_t read_config()
@@ -890,7 +890,7 @@ bool_t read_config()
} }
if(p && q) { if(p && q) {
if(strcasecmp(p, "Root") == 0) { if(strcasecmp(p, "Root") == 0) {
@ -216,7 +216,7 @@
die("parse_config() -- strdup() failed"); die("parse_config() -- strdup() failed");
} }
@@ -900,7 +900,7 @@ bool_t read_config()
@@ -904,7 +904,7 @@ bool_t read_config()
port = atoi(r); port = atoi(r);
} }
@ -225,7 +225,7 @@
die("parse_config() -- strdup() failed"); die("parse_config() -- strdup() failed");
} }
@@ -945,7 +945,7 @@ bool_t read_config()
@@ -949,7 +949,7 @@ bool_t read_config()
mail_domain = strdup(q); mail_domain = strdup(q);
} }
@ -234,7 +234,7 @@
die("parse_config() -- strdup() failed"); die("parse_config() -- strdup() failed");
} }
rewrite_domain = True; rewrite_domain = True;
@@ -1021,7 +1021,7 @@ bool_t read_config()
@@ -1025,7 +1025,7 @@ bool_t read_config()
} }
} }
else if(strcasecmp(p, "TLSCert") == 0) { else if(strcasecmp(p, "TLSCert") == 0) {
@ -243,7 +243,7 @@
die("parse_config() -- strdup() failed"); die("parse_config() -- strdup() failed");
} }
@@ -1032,7 +1032,7 @@ bool_t read_config()
@@ -1036,7 +1036,7 @@ bool_t read_config()
#endif #endif
/* Command-line overrides these */ /* Command-line overrides these */
else if(strcasecmp(p, "AuthUser") == 0 && !auth_user) { else if(strcasecmp(p, "AuthUser") == 0 && !auth_user) {
@ -252,7 +252,7 @@
die("parse_config() -- strdup() failed"); die("parse_config() -- strdup() failed");
} }
@@ -1041,7 +1041,7 @@ bool_t read_config()
@@ -1045,7 +1045,7 @@ bool_t read_config()
} }
} }
else if(strcasecmp(p, "AuthPass") == 0 && !auth_pass) { else if(strcasecmp(p, "AuthPass") == 0 && !auth_pass) {
@ -261,7 +261,7 @@
die("parse_config() -- strdup() failed"); die("parse_config() -- strdup() failed");
} }
@@ -1050,7 +1050,7 @@ bool_t read_config()
@@ -1054,7 +1054,7 @@ bool_t read_config()
} }
} }
else if(strcasecmp(p, "AuthMethod") == 0 && !auth_method) { else if(strcasecmp(p, "AuthMethod") == 0 && !auth_method) {
@ -270,7 +270,24 @@
die("parse_config() -- strdup() failed"); die("parse_config() -- strdup() failed");
} }
@@ -1309,7 +1309,7 @@ char *fd_gets(char *buf, int size, int f
@@ -1119,14 +1119,11 @@ int smtp_open(char *host, int port)
char buf[(BUF_SZ + 1)];
/* Init SSL stuff */
- SSL_CTX *ctx;
- SSL_METHOD *meth;
+ SSL_CTX *ctx = NULL;
X509 *server_cert;
-
SSL_load_error_strings();
SSLeay_add_ssl_algorithms();
- meth=SSLv23_client_method();
- ctx = SSL_CTX_new(meth);
+ ctx = SSL_CTX_new(SSLv23_client_method());
if(!ctx) {
log_event(LOG_ERR, "No SSL support initiated\n");
return(-1);
@@ -1310,7 +1307,7 @@ char *fd_gets(char *buf, int size, int f
buf[i++] = c; buf[i++] = c;
} }
} }
@ -279,7 +296,7 @@
return(buf); return(buf);
} }
@@ -1433,14 +1433,14 @@ int ssmtp(char *argv[])
@@ -1434,14 +1431,14 @@ int ssmtp(char *argv[])
} }
if((p = strtok(pw->pw_gecos, ";,"))) { if((p = strtok(pw->pw_gecos, ";,"))) {
@ -296,7 +313,7 @@
uad = append_domain(pw->pw_name); uad = append_domain(pw->pw_name);
} }
@@ -1488,7 +1488,7 @@ int ssmtp(char *argv[])
@@ -1489,7 +1486,7 @@ int ssmtp(char *argv[])
/* Try to log in if username was supplied */ /* Try to log in if username was supplied */
if(auth_user) { if(auth_user) {
#ifdef MD5AUTH #ifdef MD5AUTH
@ -305,7 +322,7 @@
auth_pass = strdup(""); auth_pass = strdup("");
} }
@@ -1736,7 +1736,7 @@ char **parse_options(int argc, char *arg
@@ -1737,7 +1734,7 @@ char **parse_options(int argc, char *arg
j = 0; j = 0;
add = 1; add = 1;
@ -314,7 +331,7 @@
switch(argv[i][j]) { switch(argv[i][j]) {
#ifdef INET6 #ifdef INET6
case '6': case '6':
@@ -1754,14 +1754,14 @@ char **parse_options(int argc, char *arg
@@ -1755,14 +1752,14 @@ char **parse_options(int argc, char *arg
if((!argv[i][(j + 1)]) if((!argv[i][(j + 1)])
&& argv[(i + 1)]) { && argv[(i + 1)]) {
auth_user = strdup(argv[i+1]); auth_user = strdup(argv[i+1]);
@ -331,7 +348,7 @@
die("parse_options() -- strdup() failed"); die("parse_options() -- strdup() failed");
} }
} }
@@ -1771,14 +1771,14 @@ char **parse_options(int argc, char *arg
@@ -1772,14 +1769,14 @@ char **parse_options(int argc, char *arg
if((!argv[i][(j + 1)]) if((!argv[i][(j + 1)])
&& argv[(i + 1)]) { && argv[(i + 1)]) {
auth_pass = strdup(argv[i+1]); auth_pass = strdup(argv[i+1]);
@ -348,7 +365,7 @@
die("parse_options() -- strdup() failed"); die("parse_options() -- strdup() failed");
} }
} }
@@ -1869,14 +1869,14 @@ char **parse_options(int argc, char *arg
@@ -1870,14 +1867,14 @@ char **parse_options(int argc, char *arg
case 'F': case 'F':
if((!argv[i][(j + 1)]) && argv[(i + 1)]) { if((!argv[i][(j + 1)]) && argv[(i + 1)]) {
minus_F = strdup(argv[(i + 1)]); minus_F = strdup(argv[(i + 1)]);
@ -365,7 +382,7 @@
die("parse_options() -- strdup() failed"); die("parse_options() -- strdup() failed");
} }
} }
@@ -1888,14 +1888,14 @@ char **parse_options(int argc, char *arg
@@ -1889,14 +1886,14 @@ char **parse_options(int argc, char *arg
case 'r': case 'r':
if((!argv[i][(j + 1)]) && argv[(i + 1)]) { if((!argv[i][(j + 1)]) && argv[(i + 1)]) {
minus_f = strdup(argv[(i + 1)]); minus_f = strdup(argv[(i + 1)]);


Write Preview
Loading…
Cancel
Save