- add MASTER_SITE

- incorporate feedback from author in SECURITY - move post-install message from INSTALL to MESSAGE - Makefile-patch -> MAKE_FLAGS
2000-02-09 08:37:32 +00:00 · 2000-02-09 08:37:32 +00:00 · dce5acf88b
commit dce5acf88b
parent 0551533263
6 changed files with 21 additions and 34 deletions
--- a/net/popa3d/Makefile
+++ b/net/popa3d/Makefile
@ -1,20 +1,19 @@
-# $OpenBSD: Makefile,v 1.3 2000/02/03 18:45:38 brad Exp $
+# $OpenBSD: Makefile,v 1.4 2000/02/09 08:37:32 camield Exp $

 DISTNAME=	popa3d-0.4
 CATEGORIES=	net mail
 MASTER_SITES=   http://www.openwall.com/popa3d/ \
-                ftp://ftp.openwall.com/popa3d \
+                ftp://ftp.openwall.com/popa3d/ \
+		ftp://ftp.false.com/security/popa3d/ \
                ftp://ftp.dataforce.net/pub/solar/

 MAINTAINER=	cd@sentia.nl

 NO_CONFIGURE=	yes
 ALL_TARGET=	popa3d
+MAKE_FLAGS=	CC=${CC} LD=${CC} CFLAGS="-c ${CFLAGS}"

 do-install:
 	${INSTALL_PROGRAM} ${WRKSRC}/popa3d ${PREFIX}/libexec

-post-install:
-	@PKG_PREFIX="${PREFIX}" sh ${PKGDIR}/INSTALL ${DISTNAME} POST-INSTALL
-
 .include <bsd.port.mk>
--- a/net/popa3d/patches/patch-ac
+++ b/net/popa3d/patches/patch-ac
@ -1,13 +0,0 @@
--- Makefile.orig	Sat Nov 27 00:08:17 1999
-+++ Makefile	Sat Nov 27 00:09:00 1999
-@@ -1,7 +1,7 @@
-CC = gcc
-LD = gcc
-+#CC = gcc
-+LD = $(CC)
- RM = rm -f
-CFLAGS = -c -Wall -O2 -fomit-frame-pointer
-+CFLAGS += -c -Wall -fomit-frame-pointer
- LDFLAGS = -s
- #LDFLAGS = -s -lcrypt
- 
--- a/net/popa3d/pkg/DEINSTALL
+++ b/net/popa3d/pkg/DEINSTALL
@ -1,3 +1,5 @@
-# $OpenBSD: DEINSTALL,v 1.1.1.1 1999/09/10 22:07:35 brad Exp $
+# $OpenBSD: DEINSTALL,v 1.2 2000/02/09 08:37:32 camield Exp $

-/bin/echo Remember to remove popa3d from /etc/inetd.conf and restart inetd.
+PATH=/bin
+
+echo Remember to remove popa3d from /etc/inetd.conf and restart inetd.
--- a/net/popa3d/pkg/INSTALL
+++ b/net/popa3d/pkg/INSTALL
@ -1,13 +0,0 @@
-# $OpenBSD: INSTALL,v 1.1.1.1 1999/09/10 22:07:35 brad Exp $
-
-PATH=/bin
-
-if [ "X$2" = XPOST-INSTALL ]; then
-    echo
-    echo "To activate popa3d, add the following line to /etc/inetd.conf:"
-    echo "pop3\t\tstream\ttcp\tnowait\troot\t/usr/local/libexec/popa3d popa3d"
-    echo
-    echo "Then let inetd reread its configuration with:"
-    echo "kill -HUP \`cat /var/run/inetd.pid\`"
-    echo
-fi
--- a/net/popa3d/pkg/MESSAGE
+++ b/net/popa3d/pkg/MESSAGE
@ -0,0 +1,8 @@
+
+To activate popa3d, add the following line to /etc/inetd.conf
+(you may need to change /usr/local/ to the actual PREFIX):
+pop3	stream	tcp	nowait	root	/usr/local/libexec/popa3d popa3d
+
+Then let inetd reread its configuration with:
+kill -HUP `cat /var/run/inetd.pid`
+
--- a/net/popa3d/pkg/SECURITY
+++ b/net/popa3d/pkg/SECURITY
@ -12,6 +12,10 @@ derived from an input-buffer of which popa3d takes care not to overrun.
 sprintf is used once. Its parameters are 'MAIL_SPOOL_PATH', which is a
 compile-time constant and 'mailbox', which is the username, derived from
 the password-file. 
+Feedback from author: "buffer is malloc()'ed one line earlier to the correct
+size, regardless of where the input comes from. The only required property of
+those two strings, is that they're of a sane length not to cause an integer
+overflow in the addition".

 One more time: POP3 is inherently insecure. Passwords are sent in cleartext, 
-everytime a user checks his mailbox. popa3d does not have APOP support. 
+everytime a user checks his mailbox.