[PATCH] opensmtpd: Fix crash during authentication

[Adam Zimmerman <adam@digitalpirate.ca>]

[-- Attachment #1: Type: text/plain, Size: 1020 bytes --]

Hi all,

I'm running a mail server that I recently migrated to GuixSD, and I
found this issue when trying to get opensmtpd set up.

When using authentication from a table, opensmtpd would crash whenever I
tried to authenticate. I found this patch which fixes the issue. It's
already been merged into the opensmtpd master branch[1], and will be
fixed in the next release which apparently will be around
October/November this year.

[1] https://github.com/OpenSMTPD/OpenSMTPD/pull/835

I also noticed another issue which I'm not 100% sure how to solve
properly. When rebooting the server, opensmtpd fails to start. I think
the reason is that the shepherd service only has '(loopback) listed in
its requirements, and I think it might be trying to start the server
before the network comes up. When I ssh into the server and start it
manually, it works fine.

My first thought was to change the requirements to '(networking), but
could that cause issues for people who only use opensmtpd as a local
delivery server?

- Adam

[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #2: 0001-gnu-opensmtpd-Add-patch-to-fix-crash-on-authenticati.patch --]
[-- Type: text/x-patch; name="0001-gnu-opensmtpd-Add-patch-to-fix-crash-on-authenticati.patch", Size: 2650 bytes --]

From 42b7717b167553c10adbed1a0ef405b1accfc87e Mon Sep 17 00:00:00 2001
From: Adam Zimmerman <adam@digitalpirate.ca>
Date: Wed, 6 Jun 2018 14:47:46 -0700
Subject: [PATCH] gnu: opensmtpd: Add patch to fix crash on authentication

* gnu/packages/mail.scm (opensmtpd): Add patch to fix crash
---
 gnu/packages/mail.scm                          |  3 +-
 gnu/packages/patches/opensmtpd-fix-crash.patch | 44 ++++++++++++++++++++++++++
 2 files changed, 46 insertions(+), 1 deletion(-)
 create mode 100644 gnu/packages/patches/opensmtpd-fix-crash.patch

diff --git a/gnu/packages/mail.scm b/gnu/packages/mail.scm
index f6dfb3397..c0f4bfbdf 100644
--- a/gnu/packages/mail.scm
+++ b/gnu/packages/mail.scm
@@ -1995,7 +1995,8 @@ transfer protocols.")
                                   name "-" version ".tar.gz"))
               (sha256
                (base32
-                "10bsfsnlg9d9i6l2izdnxp05s3ri8fvwzqxvx1jmarc852382619"))))
+                "10bsfsnlg9d9i6l2izdnxp05s3ri8fvwzqxvx1jmarc852382619"))
+              (patches (search-patches "opensmtpd-fix-crash.patch"))))
     (build-system gnu-build-system)
     (inputs
      `(("bdb" ,bdb)
diff --git a/gnu/packages/patches/opensmtpd-fix-crash.patch b/gnu/packages/patches/opensmtpd-fix-crash.patch
new file mode 100644
index 000000000..003016753
--- /dev/null
+++ b/gnu/packages/patches/opensmtpd-fix-crash.patch
@@ -0,0 +1,44 @@
+From 9b5f70b93e038df5446bd37a4adac5a0380748e7 Mon Sep 17 00:00:00 2001
+From: johannes <johannes.brechtmann@gmail.com>
+Date: Wed, 21 Feb 2018 23:57:11 +0100
+Subject: [PATCH] crypt_checkpass: include HAVE_CRYPT_H definition, add NULL
+ check
+
+---
+ openbsd-compat/crypt_checkpass.c | 9 ++++++++-
+ 1 file changed, 8 insertions(+), 1 deletion(-)
+
+diff --git a/openbsd-compat/crypt_checkpass.c b/openbsd-compat/crypt_checkpass.c
+index dafd2dae..d10b3a57 100644
+--- a/openbsd-compat/crypt_checkpass.c
++++ b/openbsd-compat/crypt_checkpass.c
+@@ -1,5 +1,6 @@
+ /* OPENBSD ORIGINAL: lib/libc/crypt/cryptutil.c */
+ 
++#include "includes.h"
+ #include <errno.h>
+ #ifdef HAVE_CRYPT_H
+ #include <crypt.h>
+@@ -10,6 +11,8 @@
+ int
+ crypt_checkpass(const char *pass, const char *goodhash)
+ {
++	char *c;
++
+ 	if (goodhash == NULL)
+ 		goto fail;
+ 
+@@ -17,7 +20,11 @@ crypt_checkpass(const char *pass, const char *goodhash)
+ 	if (strlen(goodhash) == 0 && strlen(pass) == 0)
+ 		return 0;
+ 
+-	if (strcmp(crypt(pass, goodhash), goodhash) == 0)
++	c = crypt(pass, goodhash);
++	if (c == NULL)
++		goto fail;
++
++	if (strcmp(c, goodhash) == 0)
+ 		return 0;
+ 
+ fail:
+
-- 
2.14.1