author: Dima Panov <fluffy@FreeBSD.org> 2020-02-24 08:43:46 +0000
committer: Dima Panov <fluffy@FreeBSD.org> 2020-02-24 08:43:46 +0000
commit: cffd68eed3d1ec6d7a60a8bb0a4f50277d4aa568 (patch)
tree: 57b543c4c11b29c3f3e189f8e0981c082e304742 /mail/exim
parent: b49922b0681a6076aaeb40fe8b0d15232801da91 (diff)
download: ports-cffd68eed3d1ec6d7a60a8bb0a4f50277d4aa568.tar.gz
ports-cffd68eed3d1ec6d7a60a8bb0a4f50277d4aa568.zip
4 files changed, 226 insertions, 11 deletions
diff --git a/mail/exim/Makefile b/mail/exim/Makefile
index 0fc49fe8f3ff..5abe25a2536b 100644
--- a/mail/exim/Makefile
+++ b/mail/exim/Makefile
@@ -97,11 +97,12 @@ IGNORE=	you cannot enable DANE without DNSSEC support or without TLS support
 MASTER_SITES+=	http://marc.merlins.org/linux/exim/files/:sa_exim \
 		SF/sa-exim/sa-exim/${SA_EXIM_VERSION}:sa_exim
 DISTFILES+=	sa-exim-${SA_EXIM_VERSION}.tar.gz:sa_exim
-EXTRA_PATCHES+=	${FILESDIR}/files/extra-patch-Local-sa-exim.c
+EXTRA_PATCHES+=	${FILESDIR}/extra-patch-Local-sa-exim.c
+EXTRA_PATCHES+=	${FILESDIR}/extra-patch-Local-sa-exim.conf
 .endif
 
 EXIM_VERSION=	4.93
-SA_EXIM_VERSION=4.2
+SA_EXIM_VERSION=4.2.1
 EXIM_INSTALL_ARG+=	"-no_chown" "-no_symlink"
 
 .if !defined(EXIMON_ONLY)
@@ -553,6 +554,7 @@ post-extract:
 .if ${PORT_OPTIONS:MSA_EXIM}
 	@cd ${WRKDIR} && ${TAR} ${EXTRACT_BEFORE_ARGS} ${_DISTDIR}/sa-exim-${SA_EXIM_VERSION}.tar.gz ${EXTRACT_AFTER_ARGS}
 	@@${CP} ${WRKDIR}/sa-exim-${SA_EXIM_VERSION}/sa-exim.c ${WRKSRC}/Local
+	@@${CP} ${WRKDIR}/sa-exim-${SA_EXIM_VERSION}/sa-exim.conf ${WRKSRC}/Local
 .endif
 
 do-configure:
@@ -580,7 +582,7 @@ do-configure:
 	    ${ECHO_CMD} "#define SPAMASSASSIN_CONF	\"${PREFIX}/etc/exim/sa-exim.conf\""; \
 	} > ${WRKSRC}/Local/sa-exim.h
 	@${REINPLACE_CMD} -e 's,/usr/bin/spamc,${LOCALBASE}/bin/spamc,' \
-	    ${WRKDIR}/sa-exim-${SA_EXIM_VERSION}/sa-exim.conf
+	    ${WRKSRC}/Local/sa-exim.conf
 .endif
 	@${REINPLACE_CMD} -E -e 's/XX_STRIPCMD_XX/${STRIP_CMD:S,/,\/,g}/' \
 		${WRKSRC}/OS/Makefile-FreeBSD
@@ -622,7 +624,7 @@ post-install:
 .endfor
 .endif
 .if ${PORT_OPTIONS:MSA_EXIM}
-	${INSTALL_DATA} ${WRKDIR}/sa-exim-${SA_EXIM_VERSION}/sa-exim.conf \
+	${INSTALL_DATA} ${WRKSRC}/Local/sa-exim.conf \
 		${STAGEDIR}${PREFIX}/etc/exim/sa-exim.conf.sample
 .endif
 
diff --git a/mail/exim/distinfo b/mail/exim/distinfo
index 8499ba292159..45a2609f984f 100644
--- a/mail/exim/distinfo
+++ b/mail/exim/distinfo
@@ -1,5 +1,5 @@
-TIMESTAMP = 1581947251
+TIMESTAMP = 1582043253
 SHA256 (exim/exim-4.93.tar.bz2) = 22c432c0585ef605c52bc796042c4823e961f58a7e6ad1486252e203bf4c9276
 SIZE (exim/exim-4.93.tar.bz2) = 1972841
-SHA256 (exim/sa-exim-4.2.tar.gz) = 72e0a735547f18b05785e6c58a71d24623858f0f5234a5dc0e24cb453999e99a
-SIZE (exim/sa-exim-4.2.tar.gz) = 66575
+SHA256 (exim/sa-exim-4.2.1.tar.gz) = 24d4bf7b0fdddaea11f132981cebb6a86a4ab20ef54111a8ebd481b421c6e2c1
+SIZE (exim/sa-exim-4.2.1.tar.gz) = 68933
diff --git a/mail/exim/files/extra-patch-Local-sa-exim.c b/mail/exim/files/extra-patch-Local-sa-exim.c
index bfe31223f5e9..103027b1f44d 100644
--- a/mail/exim/files/extra-patch-Local-sa-exim.c
+++ b/mail/exim/files/extra-patch-Local-sa-exim.c
@@ -1,11 +1,200 @@
---- Local/sa-exim.c.orig	2020-02-18 20:02:59.741459000 +0100
-+++ Local/sa-exim.c	2020-02-18 20:03:42.394082000 +0100
-@@ -1218,7 +1218,7 @@
+--- Local/sa-exim.c.orig	2020-02-19 03:04:43 UTC
++++ Local/sa-exim.c
+@@ -29,10 +29,7 @@ http://lists.merlins.org/lists/listinfo/sa-exim
+ #include "sa-exim.h"
+ 
+ /* Exim includes */
+-#include "local_scan.h"
+-extern FILE   *smtp_out;               /* Exim's incoming SMTP output file */
+-extern int     body_linecount;         /* Line count in body */
+-extern uschar *primary_hostname;
++#include <local_scan.h>
+ 
+ #ifdef DLOPEN_LOCAL_SCAN
+ 
+@@ -409,6 +406,11 @@ int parsemlheader(char *buffer, FILE *readfh, char *he
+ 	    if (buffer[strlen(buffer)-1] == '\n')
+ 	    {
+ 		buffer[strlen(buffer)-1]=0;
++		/* and any carriage return */
++		if (buffer[strlen(buffer)-1] == '\r')
++		{
++		    buffer[strlen(buffer)-1]=0;
++		}
+ 	    }
+ 	    if (SAEximDebug > 5)
+ 	    {
+@@ -515,6 +517,7 @@ int local_scan(volatile int fd, uschar **return_text)
+     int pid;
+     int writefd[2];
+     int readfd[2];
++    char *spamc_argv[10];
+     int i;
+     /* These are the only values that we want working after the longjmp 
+      * The automatic ones can be clobbered, but we don't really care */
+@@ -550,8 +553,9 @@ int local_scan(volatile int fd, uschar **return_text)
+     static char *SAspamcpath=SPAMC_LOCATION;
+     static char *SAsafemesgidchars=SAFEMESGIDCHARS
+     static char *SAspamcSockPath=NULL;
+-    static char *SAspamcPort="783";
+-    static char *SAspamcHost="127.0.0.1";
++    static char *SAspamcPort=NULL;
++    static char *SAspamcHost=NULL;
++    static char *SAspamcUser=NULL;
+     static char *SAEximRunCond="0";
+     static char *SAEximRejCond="1";
+     static int SAmaxbody=250*1024;
+@@ -602,6 +606,10 @@ int local_scan(volatile int fd, uschar **return_text)
+     /* Do not put a %s in there, or you'll segfault */
+     static char *SAmsgerror="Temporary local error while processing message, please contact postmaster";
+ 
++    /* This needs to be retrieved through expand_string in order
++       not to violate the API. */
++    uschar *primary_hostname=expand_string("$primary_hostname");
++
+     /* New values we read from spamassassin */
+     char *xspamstatus=NULL;
+     char *xspamflag=NULL;
+@@ -712,6 +720,7 @@ int local_scan(volatile int fd, uschar **return_text)
+ 	    M_CHECKFORSTR(SAspamcSockPath);
+ 	    M_CHECKFORSTR(SAspamcPort);
+ 	    M_CHECKFORSTR(SAspamcHost);
++	    M_CHECKFORSTR(SAspamcUser);
+ 	    M_CHECKFORSTR(SAEximRunCond);
+ 	    M_CHECKFORSTR(SAEximRejCond);
+ 	    M_CHECKFORVAR(SAmaxbody, "%d");
+@@ -914,6 +923,22 @@ int local_scan(volatile int fd, uschar **return_text)
+ 	ret=dup2(readfd[1],2);
+ 	CHECKERR(ret,"dup2 stderr",__LINE__);
+ 
++	i = 0;
++	spamc_argv[i++] = "spamc";
++	if (SAspamcUser && SAspamcUser[0])
++	{
++	    expand=expand_string(SAspamcUser);
++	    if (expand == NULL)
++	    {
++		log_write(0, LOG_MAIN | LOG_PANIC, "SA: SAspamcUser expansion failure on %s, will run as Exim user instead.", SAspamcUser);
++	    }
++	    else if (expand[0] != '\0')
++	    {
++		spamc_argv[i++] = "-u";
++		spamc_argv[i++] = expand;
++	    }
++	}
++
+ 	/* 
+          * I could implement the spamc protocol and talk to spamd directly
+          * instead of forking spamc, but considering the overhead spent
+@@ -924,17 +949,30 @@ int local_scan(volatile int fd, uschar **return_text)
+ 	/* Ok, we cheat, spamc cares about how big the whole message is and
+          * we only know about the body size, so I'll  give an extra 16K
+          * to account for any headers that can accompany the message */
++
++	spamc_argv[i++] = "-s";
++	spamc_argv[i++] = string_sprintf("%d", SAmaxbody+16384);
++
+ 	if(SAspamcSockPath)
+ 	{
+-	    ret=execl(SAspamcpath, "spamc", "-s", string_sprintf("%d", SAmaxbody+16384), "-U", SAspamcSockPath, NULL);
+-	    CHECKERR(ret,string_sprintf("exec %s", SAspamcpath),__LINE__);
++    	    spamc_argv[i++] = "-U";
++	    spamc_argv[i++] = SAspamcSockPath;
+ 	}
+ 	else
+ 	{
+-	    ret=execl(SAspamcpath, "spamc", "-s", string_sprintf("%d", SAmaxbody+16384), "-d", SAspamcHost, "-p", SAspamcPort, NULL);
+-	    CHECKERR(ret,string_sprintf("exec %s", SAspamcpath),__LINE__);
++	    if (SAspamcHost) {
++		spamc_argv[i++] = "-d";
++		spamc_argv[i++] = SAspamcHost;
++	    }
++	    if (SAspamcPort) {
++		spamc_argv[i++] = "-p";
++		spamc_argv[i++] = SAspamcPort;
++	    }
+ 	}
+-	
++	spamc_argv[i++] = NULL;
++
++	ret=execv(SAspamcpath, spamc_argv);
++	CHECKERR(ret,string_sprintf("exec %s", SAspamcpath),__LINE__);
+     }
+ 
+     if (SAEximDebug > 8)
+@@ -1045,6 +1083,11 @@ int local_scan(volatile int fd, uschar **return_text)
+ 	if (buffer[strlen(buffer)-1] == '\n')
+ 	{
+ 	    buffer[strlen(buffer)-1]=0;
++	    /* and any carriage return */
++	    if (buffer[strlen(buffer)-1] == '\r')
++	    {
++		buffer[strlen(buffer)-1]=0;
++	    }
+ 	}
+ restart:
+ 	if (SAEximDebug > 5)
+@@ -1218,7 +1261,7 @@ restart:
  	    }
  
  	    stret=write(fd, buffer, strlen(buffer));
 -	    CHECKERR(stret,string_sprintf("SA body write to msg"),__LINE__);
-+	    CHECKERR(stret,"SA body write to msg",__LINE__);
++	    CHECKERR(stret,string_sprintf("%s", "SA body write to msg"),__LINE__);
  	    if (SAEximDebug > 8)
  	    {
  		log_write(0, LOG_MAIN, "SA: Debug9: Wrote to msg; line %d (wrote %d)", line, ret);
+@@ -1229,18 +1272,20 @@ restart:
+ 	    }
+ 	}
+ 
++	
+ 	if (SAEximDebug > 1)
+ 	{
+ 	    log_write(0, LOG_MAIN, "SA: Debug2: body_linecount before SA: %d", body_linecount);
+ 	}
+ 
+ 	/* update global variable $body_linecount to reflect the new body size*/
+-	body_linecount = (line - 1);
++	if (body_linecount > 0) body_linecount = (line - 1); // Not updating if zero, indicating spool_wireformat
+ 
+ 	if (SAEximDebug > 1)
+ 	{
+ 	    log_write(0, LOG_MAIN, "SA: Debug2: body_linecount after SA: %d", body_linecount);
+ 	}
++
+     }
+ 
+     fclose((FILE *)readfh);
+@@ -1331,6 +1376,9 @@ restart:
+ 	
+ 	if (dorej && doteergrube)
+ 	{
++	    char *teergrubewaitstr;
++	    teergrubewaitstr=string_sprintf(SAmsgteergrubewait, spamstatus);
++
+ 	    /* By default, we'll only save temp bounces by message ID so
+ 	     * that when the same message is submitted several times, we
+ 	     * overwrite the same file on disk and not create a brand new
+@@ -1353,20 +1401,8 @@ restart:
+ 
+ 	    for (i=0;i<SAteergrubetime/10;i++)
+ 	    {
+-		char *str;
+-		
+-		/* Unfortunately, we can't use exim's smtp_printf because it
+-		 * doesn't return an error code if the write gets an EPIPE.
+-		 * So, we write ourselves, but this won't work if you have a
+-		 * TLS connection opened (that said, if you are teergrubing
+-		 * a TLS connection, it's probably a relay host, not a
+-		 * spammer, and in this case you should not teergrube a
+-		 * friendly relay, so basically we should be ok).
+-		 * If you do teergrube an SSL connection with the current
+-		 * code, you will break it, but that's acceptable */
+-		str=string_sprintf(string_sprintf("451- %s\r\n",SAmsgteergrubewait), spamstatus);
+-		fprintf(smtp_out, str);
+-		ret=fflush(smtp_out);
++		smtp_printf("451-%s\r\n", teergrubewaitstr);
++		ret=smtp_fflush();
+ 		if (ret != 0)
+ 		{
+ 		    log_write(0, LOG_MAIN | LOG_REJECT, "SA: Action: teergrubed sender for %d secs until it closed the connection: %s (scanned in %d/%d secs | Message-Id: %s). %s", i*10, spamstatus, scantime, fulltime, safemesgid, mailinfo);
diff --git a/mail/exim/files/extra-patch-Local-sa-exim.conf b/mail/exim/files/extra-patch-Local-sa-exim.conf
new file mode 100644
index 000000000000..866eca55f3f4
--- /dev/null
+++ b/mail/exim/files/extra-patch-Local-sa-exim.conf
@@ -0,0 +1,24 @@
+--- Local/sa-exim.conf.orig	2005-03-08 20:35:43 UTC
++++ Local/sa-exim.conf
+@@ -49,11 +49,17 @@ SAspamcpath: /usr/bin/spamc
+ # you set it, it will override the two TCP connect options below
+ #SAspamcSockPath: /var/run/spamd.sock
+ 
+-# SAspamcHost / SAspamcPort: TCP socket where your spamd is listening
+-# Shown below are the defaults:
+-SAspamcHost: 127.0.0.1
+-SAspamcPort: 783
++# SAspamcHost / SAspamcPort: TCP socket where your spamd is listening.
++# Default is to let spamc use any settings in spamc.conf.
++#SAspamcHost: 127.0.0.1
++#SAspamcPort: 783
+ 
++# SAspamcUser: The username passed to spamc. Some tricks are needed to 
++# decide on one user when there are many recipients. This string is of
++# course expanded. If unset or empty, spamc will use the user Exim 
++# runs as. We suggest that you decide what username to use in the ACLs
++# and set an ACL variable.
++#SAspamcUser: $acl_m2
+ 
+ # Exim configuration string to run before running SA against the message
+ # This decides whether SA gets run against the message or not.  This
author	Dima Panov <fluffy@FreeBSD.org>	2020-02-24 08:43:46 +0000
committer	Dima Panov <fluffy@FreeBSD.org>	2020-02-24 08:43:46 +0000
commit	cffd68eed3d1ec6d7a60a8bb0a4f50277d4aa568 (patch)
tree	57b543c4c11b29c3f3e189f8e0981c082e304742 /mail/exim
parent	b49922b0681a6076aaeb40fe8b0d15232801da91 (diff)
download	ports-cffd68eed3d1ec6d7a60a8bb0a4f50277d4aa568.tar.gz ports-cffd68eed3d1ec6d7a60a8bb0a4f50277d4aa568.zip