public/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge pull request #24331 from LumiGuide/ssmtp-AuthPassFile

Browse Source 
ssmtp: use the authPassFile option instead of authPass
This commit is contained in:
Jörg Thalheim 2017-04-08 17:22:26 +02:00 committed by GitHub
commit cb6d1fdfd9
4 changed files with 113 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
lib/maintainers.nix
View File

@ -60,6 +60,7 @@
bachp = "Pascal Bach <pascal.bach@nextrem.ch>"; bachp = "Pascal Bach <pascal.bach@nextrem.ch>";
badi = "Badi' Abdul-Wahid <abdulwahidc@gmail.com>"; badi = "Badi' Abdul-Wahid <abdulwahidc@gmail.com>";
balajisivaraman = "Balaji Sivaraman<sivaraman.balaji@gmail.com>"; balajisivaraman = "Balaji Sivaraman<sivaraman.balaji@gmail.com>";
basvandijk = "Bas van Dijk <v.dijk.bas@gmail.com>";
Baughn = "Svein Ove Aas <sveina@gmail.com>"; Baughn = "Svein Ove Aas <sveina@gmail.com>";
bcarrell = "Brandon Carrell <brandoncarrell@gmail.com>"; bcarrell = "Brandon Carrell <brandoncarrell@gmail.com>";
bcdarwin = "Ben Darwin <bcdarwin@gmail.com>"; bcdarwin = "Ben Darwin <bcdarwin@gmail.com>";

41
nixos/modules/programs/ssmtp.nix
View File

@ -39,7 +39,8 @@ in
example = "mail.example.org"; example = "mail.example.org";
description = '' description = ''
The host name of the default mail server to use to deliver The host name of the default mail server to use to deliver
e-mail. e-mail. Can also contain a port number (ex: mail.example.org:587),
defaults to port 25 if no port is given.
''; '';
}; };
@ -95,6 +96,25 @@ in
example = "correctHorseBatteryStaple"; example = "correctHorseBatteryStaple";
description = '' description = ''
Password used for SMTP auth. (STORED PLAIN TEXT, WORLD-READABLE IN NIX STORE) Password used for SMTP auth. (STORED PLAIN TEXT, WORLD-READABLE IN NIX STORE)
It's recommended to use <option>authPassFile</option>
which takes precedence over <option>authPass</option>.
'';
};
authPassFile = mkOption {
type = types.nullOr types.str;
default = null;
example = "/run/keys/ssmtp-authpass";
description = ''
Path to a file that contains the password used for SMTP auth. The file
should not contain a trailing newline, if the password does not contain one.
This file should be readable by the users that need to execute ssmtp.
<option>authPassFile</option> takes precedence over <option>authPass</option>.
Warning: when <option>authPass</option> is non-empty <option>authPassFile</option>
defaults to a file in the WORLD-READABLE Nix store containing that password.
''; '';
}; };
@ -111,17 +131,24 @@ in
config = mkIf cfg.directDelivery { config = mkIf cfg.directDelivery {
networking.defaultMailServer.authPassFile = mkIf (cfg.authPass != "")
(mkDefault (toString (pkgs.writeTextFile {
name = "ssmtp-authpass";
text = cfg.authPass;
})));
environment.etc."ssmtp/ssmtp.conf".text = environment.etc."ssmtp/ssmtp.conf".text =
let yesNo = yes : if yes then "YES" else "NO"; in
'' ''
MailHub=${cfg.hostName} MailHub=${cfg.hostName}
FromLineOverride=YES FromLineOverride=YES
${if cfg.root != "" then "root=${cfg.root}" else ""} ${optionalString (cfg.root != "") "root=${cfg.root}"}
${if cfg.domain != "" then "rewriteDomain=${cfg.domain}" else ""} ${optionalString (cfg.domain != "") "rewriteDomain=${cfg.domain}"}
UseTLS=${if cfg.useTLS then "YES" else "NO"} UseTLS=${yesNo cfg.useTLS}
UseSTARTTLS=${if cfg.useSTARTTLS then "YES" else "NO"} UseSTARTTLS=${yesNo cfg.useSTARTTLS}
#Debug=YES #Debug=YES
${if cfg.authUser != "" then "AuthUser=${cfg.authUser}" else ""} ${optionalString (cfg.authUser != "") "AuthUser=${cfg.authUser}"}
${if cfg.authPass != "" then "AuthPass=${cfg.authPass}" else ""} ${optionalString (!isNull cfg.authPassFile) "AuthPassFile=${cfg.authPassFile}"}
''; '';
environment.systemPackages = [pkgs.ssmtp]; environment.systemPackages = [pkgs.ssmtp];

9
pkgs/tools/networking/ssmtp/default.nix
View File

@ -10,6 +10,10 @@ stdenv.mkDerivation {
sha256 = "0dps8s87ag4g3jr6dk88hs9zl46h3790marc5c2qw7l71k4pvhr2"; sha256 = "0dps8s87ag4g3jr6dk88hs9zl46h3790marc5c2qw7l71k4pvhr2";
}; };
# A request has been made to merge this patch into ssmtp.
# See: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=858781
patches = [ ./ssmtp_support_AuthPassFile_parameter.patch ];
configureFlags = "--sysconfdir=/etc ${if tlsSupport then "--enable-ssl" else ""}"; configureFlags = "--sysconfdir=/etc ${if tlsSupport then "--enable-ssl" else ""}";
postConfigure = postConfigure =
@ -27,7 +31,8 @@ stdenv.mkDerivation {
buildInputs = stdenv.lib.optional tlsSupport openssl; buildInputs = stdenv.lib.optional tlsSupport openssl;
meta = { meta = with stdenv.lib; {
platforms = stdenv.lib.platforms.linux; platforms = platforms.linux;
maintainers = with maintainers; [ basvandijk ];
}; };
} }

69
pkgs/tools/networking/ssmtp/ssmtp_support_AuthPassFile_parameter.patch Normal file
View File

@ -0,0 +1,69 @@
diff -Naurb a/ssmtp.c b/ssmtp.c
--- a/ssmtp.c 2009-11-23 10:55:11.000000000 +0100
+++ b/ssmtp.c 2017-03-25 03:00:26.508283016 +0100
@@ -57,6 +57,7 @@
char arpadate[ARPADATE_LENGTH];
char *auth_user = (char)NULL;
char *auth_pass = (char)NULL;
+char *auth_passfile = (char)NULL;
char *auth_method = (char)NULL; /* Mechanism for SMTP authentication */
char *mail_domain = (char)NULL;
char *from = (char)NULL; /* Use this as the From: address */
@@ -1053,6 +1054,15 @@
log_event(LOG_INFO, "Set AuthPass=\"%s\"\n", auth_pass);
}
}
+ else if(strcasecmp(p, "AuthPassFile") == 0 && !auth_passfile) {
+ if((auth_passfile = strdup(q)) == (char *)NULL) {
+ die("parse_config() -- strdup() failed");
+ }
+
+ if(log_level > 0) {
+ log_event(LOG_INFO, "Set AuthPassFile=\"%s\"\n", auth_passfile);
+ }
+ }
else if(strcasecmp(p, "AuthMethod") == 0 && !auth_method) {
if((auth_method = strdup(q)) == (char *)NULL) {
die("parse_config() -- strdup() failed");
@@ -1415,6 +1425,8 @@
struct passwd *pw;
int i, sock;
uid_t uid;
+ FILE *fp;
+ char pass_buf[BUF_SZ+1];
bool_t minus_v_save, leadingdot, linestart = True;
int timeout = 0;
int bufsize = sizeof(b)-1;
@@ -1433,6 +1445,17 @@
log_event(LOG_INFO, "%s not found", config_file);
}
+ if(auth_passfile != (char *)NULL) {
+ if((fp = fopen(auth_passfile, "r")) == (FILE *)NULL) {
+ die("Could not open the AuthPassFile %s", auth_passfile);
+ }
+ if (fgets(pass_buf, BUF_SZ, fp) == NULL) {
+ die("Error while reading a line from the AuthPassFile %s, or it is empty", auth_passfile);
+ }
+ fclose(fp);
+ auth_pass = strdup(pass_buf);
+ }
+
if((p = strtok(pw->pw_gecos, ";,"))) {
if((gecos = strdup(p)) == (char *)NULL) {
die("ssmtp() -- strdup() failed");
diff -Naurb a/ssmtp.conf.5 b/ssmtp.conf.5
--- a/ssmtp.conf.5 2008-02-29 03:50:15.000000000 +0100
+++ b/ssmtp.conf.5 2017-03-25 01:45:52.890165426 +0100
@@ -61,6 +61,11 @@
.Pp
.It Cm AuthPass
The password to use for SMTP AUTH.
+It is recommended to use AuthPassFile which also takes precedence over AuthPass.
+.Pp
+.It Cm AuthPassFile
+A file that should contain the password to use for SMTP AUTH.
+This takes precedence over AuthPass.
.Pp
.It Cm AuthMethod
The authorization method to use.