- update amavisd-new to 20040701

- add dependency on cabextract and rpm2cpio.pl
- add menu used to add required dependencies
  for MySQL, PostgreSQL and LDAP support
- add warning when running under perl version below 5.8.2
- remove taint checks when running perl 5.00503
- (hopefully) fix chroot support by running amavisd with -u
  instead of using "su"
- mention other virus scanners available in the ports collection
  in the startup message

PR:		ports/68732
Submitted by:	maintainer

10 files changed, 140 insertions, 61 deletions

diff --git a/security/amavisd-new/Makefile b/security/amavisd-new/Makefile
index 56ea07acc80e..2bb1f009bdb7 100644
--- a/security/amavisd-new/Makefile
+++ b/security/amavisd-new/Makefile
@@ -7,7 +7,7 @@
 # Based on amavisd ports makefile.
 
 PORTNAME=	amavisd-new
-PORTVERSION=	20030616.p9
+PORTVERSION=	20040701
 CATEGORIES=	security
 MASTER_SITES=	http://www.ijs.si/software/amavisd/ \
 		http://mirrors.catpipe.net/amavisd-new/ \
@@ -26,13 +26,16 @@ RUN_DEPENDS=	${SITE_PERL}/${PERL_ARCH}/Unix/Syslog.pm:${PORTSDIR}/sysutils/p5-Un
 		${SITE_PERL}/Archive/Zip.pm:${PORTSDIR}/archivers/p5-Archive-Zip \
 		${SITE_PERL}/Net/Server.pm:${PORTSDIR}/net/p5-Net-Server \
 		${SITE_PERL}/Mail/SpamAssassin.pm:${PORTSDIR}/mail/p5-Mail-SpamAssassin \
+		${SITE_PERL}/${PERL_ARCH}/BerkeleyDB.pm:${PORTSDIR}/databases/p5-BerkeleyDB \
 		${LOCALBASE}/bin/arc:${PORTSDIR}/archivers/arc \
 		${LOCALBASE}/bin/unfreeze:${PORTSDIR}/archivers/freeze \
 		${LOCALBASE}/bin/lha:${PORTSDIR}/archivers/lha \
 		${LOCALBASE}/bin/lzop:${PORTSDIR}/archivers/lzop \
 		${LOCALBASE}/bin/unarj:${PORTSDIR}/archivers/unarj \
 		${LOCALBASE}/bin/unrar:${PORTSDIR}/archivers/unrar \
-		${LOCALBASE}/bin/zoo:${PORTSDIR}/archivers/zoo
+		${LOCALBASE}/bin/zoo:${PORTSDIR}/archivers/zoo \
+		${LOCALBASE}/bin/cabextract:${PORTSDIR}/archivers/cabextract \
+		${LOCALBASE}/bin/rpm2cpio.pl:${PORTSDIR}/archivers/rpm2cpio
 
 USE_PERL5_RUN=	yes
 USE_RC_SUBR=	yes
@@ -48,6 +51,10 @@ AMAVISQUARANTINE?=	/var/virusmails
 
 WRKSRC=		${WRKDIR}/${PORTNAME}-${PORTVERSION:C/\.p.+//}
 
+OPTIONS=	MYSQL	"MySQL support"		off \
+		PGSQL	"PgSQL support"		off \
+		LDAP	"LDAP support"		off
+
 .if !exists(/usr/lib/libmilter.so) && !exists(${PREFIX}/lib/libmilter.so)
 AMAVIS_NOMILTER="@comment "
 .endif
@@ -72,12 +79,34 @@ SED_SCRIPT=	-e 's,%%AMAVISUSER%%,${AMAVISUSER},g' \
 		-e 's,%%PREFIX%%,${PREFIX},g' \
 		-e 's,%%RC_SUBR%%,${RC_SUBR},g'
 
+.include <bsd.port.pre.mk>
+
+.if defined(WITH_MYSQL)
+RUN_DEPENDS+=	${SITE_PERL}/${PERL_ARCH}/Mysql.pm:${PORTSDIR}/databases/p5-DBD-mysql
+.endif
+
+.if defined(WITH_PGSQL)
+RUN_DEPENDS+=	${SITE_PERL}/${PERL_ARCH}/DBD/Pg.pm:${PORTSDIR}/databases/p5-DBD-Pg
+.endif
+
+.if defined(WITH_LDAP)
+RUN_DEPENDS+=	${SITE_PERL}/Net/LDAP.pm:${PORTSDIR}/net/p5-perl-ldap
+.endif
+
 pre-build:
+.if ${PERL_LEVEL} < 500802
+# add warning to greeting message when running perl older than 5.8.2
+	${SED} -e 's,%%PERLVERSION%%,${PERL_VERSION},g' < ${FILESDIR}/perlwarning.tmpl > ${WRKDIR}/MESSAGE
+.endif
+.if ${PERL_LEVEL} < 500600
+# remove taint checks when running under perl 5.00503
+	${SED} -e 's,^\#\!/usr/bin/perl -T,\#\!/usr/bin/perl,' < ${WRKSRC}/amavisd > ${WRKDIR}/amavisd
+.endif
 	for f in amavisd.sh amavis-milter.sh INSTALL DEINSTALL MESSAGE; do \
-		${SED} ${SED_SCRIPT} < ${FILESDIR}/$${f}.tmpl > ${WRKDIR}/$${f}; \
+		${SED} ${SED_SCRIPT} < ${FILESDIR}/$${f}.tmpl >> ${WRKDIR}/$${f}; \
 	done
-	for f in amavisd.conf amavisd; do \
-		${SED} ${SED_SCRIPT} < ${WRKSRC}/$${f} > ${WRKDIR}/$${f}; \
+	for f in amavisd.conf amavisd.conf-sample amavisd; do \
+		${SED} ${SED_SCRIPT} < ${WRKSRC}/$${f} >> ${WRKDIR}/$${f}; \
 	done
 
 pre-install:
@@ -91,10 +120,12 @@ do-install:
 .endif
 	${INSTALL_SCRIPT} ${WRKDIR}/amavisd ${PREFIX}/sbin
 	${INSTALL_SCRIPT} ${WRKDIR}/amavisd.conf ${PREFIX}/etc/amavisd.conf-dist
+	${INSTALL_SCRIPT} ${WRKDIR}/amavisd.conf-sample ${PREFIX}/etc/amavisd.conf-sample
+	${INSTALL_SCRIPT} ${WRKSRC}/amavisd.conf-default ${PREFIX}/etc/amavisd.conf-default
 	${INSTALL_SCRIPT} ${WRKDIR}/amavisd.sh ${PREFIX}/etc/rc.d
 .if !defined(NOPORTDOCS)
 	@${MKDIR} ${DOCSDIR}
-.for FILE in AAAREADME.first INSTALL LICENSE RELEASE_NOTES README_FILES/*
+.for FILE in AAAREADME.first INSTALL LDAP.schema LICENSE RELEASE_NOTES README_FILES/*
 	${INSTALL_DATA} ${WRKSRC}/${FILE} ${DOCSDIR}
 .endfor
 
@@ -102,8 +133,6 @@ post-install:
 	@${CAT} ${PKGMESSAGE}
 .endif
 
-.include <bsd.port.pre.mk>
-
 .if ${PERL_LEVEL} < 500800
 RUN_DEPENDS+=	${SITE_PERL}/${PERL_ARCH}/Digest/MD5.pm:${PORTSDIR}/security/p5-Digest-MD5 \
 		${SITE_PERL}/${PERL_ARCH}/Time/HiRes.pm:${PORTSDIR}/devel/p5-Time-HiRes
diff --git a/security/amavisd-new/distinfo b/security/amavisd-new/distinfo
index 69cca7298184..d8f75a718ce2 100644
--- a/security/amavisd-new/distinfo
+++ b/security/amavisd-new/distinfo
@@ -1,2 +1,2 @@
-MD5 (amavisd-new-20030616-p9.tar.gz) = 4c96fadc57a5de84cc3bc6b548b46aff
-SIZE (amavisd-new-20030616-p9.tar.gz) = 363756
+MD5 (amavisd-new-20040701.tar.gz) = d5566eeaf1e47b6c856f4e676e93d584
+SIZE (amavisd-new-20040701.tar.gz) = 451622
diff --git a/security/amavisd-new/files/INSTALL.tmpl b/security/amavisd-new/files/INSTALL.tmpl
index 1b8cc6e0cd35..3219efb5d653 100644
--- a/security/amavisd-new/files/INSTALL.tmpl
+++ b/security/amavisd-new/files/INSTALL.tmpl
@@ -1,6 +1,6 @@
 #!/bin/sh
 #
-#	$FreeBSD: /tmp/pcvs/ports/security/amavisd-new/files/Attic/INSTALL.tmpl,v 1.2 2003-01-04 10:59:25 demon Exp $
+#	$FreeBSD: /tmp/pcvs/ports/security/amavisd-new/files/Attic/INSTALL.tmpl,v 1.3 2004-07-18 10:05:50 vanilla Exp $
 #
 
 USER=%%AMAVISUSER%%
@@ -41,6 +41,8 @@ if [ "$2" = "PRE-INSTALL" ]; then
 
     /usr/bin/install -o ${USER} -g ${GROUP} -m 750 -d ${DIR}
     echo "Created \"${DIR}\" directory."
+    /usr/bin/install -o ${USER} -g ${GROUP} -m 750 -d ${DIR}/db
+    echo "Created \"${DIR}/db\" directory."
     /usr/bin/install -o ${USER} -g ${GROUP} -m 750 -d ${QUARANTINE}
     echo "Created \"${QUARANTINE}\" directory."    
 fi
diff --git a/security/amavisd-new/files/MESSAGE.tmpl b/security/amavisd-new/files/MESSAGE.tmpl
index f98068cd5773..24b1e98c50a3 100644
--- a/security/amavisd-new/files/MESSAGE.tmpl
+++ b/security/amavisd-new/files/MESSAGE.tmpl
@@ -1,9 +1,13 @@
 
 *******************************************************************
  To use amavisd-new, you need to install at least one virus scanner.
- For example McAfee VirusScan is available as a FreeBSD port
- in /usr/ports/security/vscan and Clam Antivirus is available
- in /usr/ports/security/clamav.
+ The following virus scanners are available in the FreeBSD ports
+ collection:
+ 
+ /usr/ports/security/vscan	McAfee VirusScan
+ /usr/ports/security/clamav	Clam Antivirus
+ /usr/ports/security/f-prot	F-Prot Antivirus
+ /usr/ports/security/drweb	DrWeb antivirus suite
 
  Enable amavisd-new in /etc/rc.conf with the following line:
 
@@ -14,9 +18,9 @@
 
     amavis_milter_enable="YES"
 
- A configuration template is available in %%PREFIX%%/etc
- as amavisd.conf-dist. Copy it to amavisd.conf and edit it to
- suit your needs. Documentation is available in
- %%DOCSDIR%%.
+ Configuration templates are available in %%PREFIX%%/etc
+ as amavisd.conf-dist, amavisd.conf-sample and amavisd.conf-default.
+ Copy any of them to amavisd.conf and edit the file to suit your
+ needs. Documentation is available in %%DOCSDIR%%.
 *******************************************************************
 
diff --git a/security/amavisd-new/files/amavisd.sh.tmpl b/security/amavisd-new/files/amavisd.sh.tmpl
index 553b87da40ad..58b1a49c5709 100644
--- a/security/amavisd-new/files/amavisd.sh.tmpl
+++ b/security/amavisd-new/files/amavisd.sh.tmpl
@@ -1,6 +1,6 @@
 #!/bin/sh
 #
-# $FreeBSD: /tmp/pcvs/ports/security/amavisd-new/files/Attic/amavisd.sh.tmpl,v 1.6 2003-11-20 11:00:19 jeh Exp $
+# $FreeBSD: /tmp/pcvs/ports/security/amavisd-new/files/Attic/amavisd.sh.tmpl,v 1.7 2004-07-18 10:05:50 vanilla Exp $
 #
 
 # PROVIDE: amavisd
@@ -21,7 +21,7 @@ rcvar=`set_rcvar`
 
 command=%%PREFIX%%/sbin/amavisd > /dev/null 2>&1
 
-amavisd_user=%%AMAVISUSER%%
+amavisd_flags="-u %%AMAVISUSER%%"
 
 pidfile=%%AMAVISDIR%%/amavisd.pid
 required_files=%%PREFIX%%/etc/amavisd.conf
diff --git a/security/amavisd-new/files/patch-amavisd b/security/amavisd-new/files/patch-amavisd
index b541eadff85c..7faead0bf821 100644
--- a/security/amavisd-new/files/patch-amavisd
+++ b/security/amavisd-new/files/patch-amavisd
@@ -1,11 +1,11 @@
---- amavisd.orig	Fri Apr  2 21:33:50 2004
-+++ amavisd	Sat Apr  3 12:29:41 2004
-@@ -6461,7 +6461,7 @@
- my($amavisd_path) = find_program_path($0, [split(/:/, $path, -1)], 0);
- $amavisd_path = $1 if $amavisd_path=~m{^([A-Za-z0-9/._=+-]+)$(?!\n)}; # untaint
+--- amavisd.orig	Sun Jul  4 03:19:35 2004
++++ amavisd	Sun Jul  4 11:28:36 2004
+@@ -7367,7 +7367,7 @@
+ $Amavis::Conf::log_recip_templ = $1
+   if $Amavis::Conf::log_recip_templ=~/^(.*?)[\r\n]+\z/s;
  
 -my($config_file) = '/etc/amavisd.conf';  # default location of config file
 +my($config_file) = '%%PREFIX%%/etc/amavisd.conf';  # default location of config file
- if (@ARGV >= 2 && $ARGV[0] eq '-c') {    # override by command line option -c
-     shift @ARGV; $config_file = shift @ARGV;
-     $config_file = $1 if $config_file=~m{^([A-Za-z0-9/._=+-]+)$(?!\n)};# untaint
+ 
+ # Consider droping privileges early, before reading config file.
+ # This is only possible if running under chroot will not be needed.
diff --git a/security/amavisd-new/files/patch-amavisd-sample.conf b/security/amavisd-new/files/patch-amavisd-sample.conf
new file mode 100644
index 000000000000..0e4863af06f8
--- /dev/null
+++ b/security/amavisd-new/files/patch-amavisd-sample.conf
@@ -0,0 +1,40 @@
+--- amavisd.conf-sample.orig	Mon Nov 10 00:07:53 2003
++++ amavisd.conf-sample	Tue Nov 11 22:48:05 2003
+@@ -51,7 +51,7 @@
+ # $MYHOME serves as a quick default for some other configuration settings.
+ # More refined control is available with each individual setting further down.
+ # $MYHOME is not used directly by the program. No trailing slash!
+-#$MYHOME = '/var/lib/amavis';   # (default is '/var/amavis')
++$MYHOME = '%%AMAVISDIR%%';   # (default is '/var/amavis')
+ 
+ # $mydomain serves as a quick default for some other configuration settings.
+ # More refined control is available with each individual setting further down.
+@@ -60,8 +60,8 @@
+ 
+ # Set the user and group to which the daemon will change if started as root
+ # (otherwise just keeps the UID unchanged, and these settings have no effect):
+-$daemon_user  = 'vscan';	# (no default;  customary: vscan or amavis)
+-$daemon_group = 'sweep';	# (no default;  customary: vscan or amavis)
++$daemon_user  = '%%AMAVISUSER%%';	# (no default;  customary: vscan or amavis)
++$daemon_group = '%%AMAVISGROUP%%';	# (no default;  customary: vscan or amavis)
+ 
+ # Runtime working directory (cwd), and a place where
+ # temporary directories for unpacking mail are created.
+@@ -274,7 +274,7 @@
+ # 3: server, client
+ # 4: decompose parts
+ # 5: more debug details
+-$log_level = 2;		  # (defaults to 0)
++$log_level = 0;		  # (defaults to 0)
+ 
+ # Customizable template for the most interesting log file entry (e.g. with
+ # $log_level=0) (take care to properly quote Perl special characters like '\')
+@@ -510,7 +510,7 @@
+ #   or a directory (no trailing slash)
+ #   (the default value is undef, meaning no quarantine)
+ #
+-$QUARANTINEDIR = '/var/virusmails';
++$QUARANTINEDIR = '%%AMAVISQUARANTINE%%';
+ 
+ #$virus_quarantine_method = "local:virus-%i-%n";    # default
+ #$spam_quarantine_method  = "local:spam-%b-%i-%n";  # default
diff --git a/security/amavisd-new/files/patch-amavisd.conf b/security/amavisd-new/files/patch-amavisd.conf
index 22b9177eded7..d904f5d2c4c2 100644
--- a/security/amavisd-new/files/patch-amavisd.conf
+++ b/security/amavisd-new/files/patch-amavisd.conf
@@ -1,40 +1,31 @@
---- amavisd.conf.orig	Mon Nov 10 00:07:53 2003
-+++ amavisd.conf	Tue Nov 11 22:48:05 2003
-@@ -51,7 +51,7 @@
- # $MYHOME serves as a quick default for some other configuration settings.
- # More refined control is available with each individual setting further down.
- # $MYHOME is not used directly by the program. No trailing slash!
--#$MYHOME = '/var/lib/amavis';   # (default is '/var/amavis')
-+$MYHOME = '%%AMAVISDIR%%';   # (default is '/var/amavis')
+--- amavisd.conf.orig	Thu Jul  1 22:04:36 2004
++++ amavisd.conf	Sun Jul  4 11:32:17 2004
+@@ -9,7 +9,7 @@
+ # MUST BE SET (no useful default):
  
- # $mydomain serves as a quick default for some other configuration settings.
- # More refined control is available with each individual setting further down.
-@@ -60,8 +60,8 @@
+ $mydomain = 'example.com';
+-$MYHOME   = '/var/amavis';
++$MYHOME   = '%%AMAVISDIR%%';
+ $TEMPBASE = "$MYHOME/tmp";
  
- # Set the user and group to which the daemon will change if started as root
- # (otherwise just keeps the UID unchanged, and these settings have no effect):
--$daemon_user  = 'vscan';	# (no default;  customary: vscan or amavis)
--$daemon_group = 'sweep';	# (no default;  customary: vscan or amavis)
-+$daemon_user  = '%%AMAVISUSER%%';	# (no default;  customary: vscan or amavis)
-+$daemon_group = '%%AMAVISGROUP%%';	# (no default;  customary: vscan or amavis)
  
- # Runtime working directory (cwd), and a place where
- # temporary directories for unpacking mail are created.
-@@ -274,7 +274,7 @@
- # 3: server, client
- # 4: decompose parts
- # 5: more debug details
--$log_level = 2;		  # (defaults to 0)
-+$log_level = 0;		  # (defaults to 0)
+@@ -19,8 +19,8 @@
+ # @bypass_spam_checks_maps  = (1);  # uncomment to DISABLE anti-spam code
  
- # Customizable template for the most interesting log file entry (e.g. with
- # $log_level=0) (take care to properly quote Perl special characters like '\')
-@@ -510,7 +510,7 @@
- #   or a directory (no trailing slash)
- #   (the default value is undef, meaning no quarantine)
- #
+ $max_servers = 2;         # number of pre-forked children
+-$daemon_user  = 'vscan';  # (no default;  customary: vscan or amavis)
+-$daemon_group = 'vscan';  # (no default;  customary: vscan or amavis)
++$daemon_user  = '%%AMAVISUSER%%';  # (no default;  customary: vscan or amavis)
++$daemon_group = '%%AMAVISGROUP%%';  # (no default;  customary: vscan or amavis)
+ @local_domains_maps = ( [".$mydomain"] );
+ 
+ $log_level = 0;
+@@ -28,7 +28,7 @@
+ $DO_SYSLOG = 1;
+ $SYSLOG_LEVEL = 'mail.info';
+ $ENV{TMPDIR} = $TEMPBASE;
 -$QUARANTINEDIR = '/var/virusmails';
 +$QUARANTINEDIR = '%%AMAVISQUARANTINE%%';
+ # $daemon_chroot_dir = $MYHOME;  # (default is undef, meaning: do not chroot)
  
- #$virus_quarantine_method = "local:virus-%i-%n";    # default
- #$spam_quarantine_method  = "local:spam-%b-%i-%n";  # default
+ $inet_socket_port = 10024;   # accept SMTP on this local TCP port(s) (Postfix)
diff --git a/security/amavisd-new/files/perlwarning.tmpl b/security/amavisd-new/files/perlwarning.tmpl
new file mode 100644
index 000000000000..d33423722b75
--- /dev/null
+++ b/security/amavisd-new/files/perlwarning.tmpl
@@ -0,0 +1,10 @@
+
+*******************************************************************
+ WARNING: You appear to be running perl version %%PERLVERSION%%.
+
+ amavisd-new has been tested and is guaranteed to run only with
+ perl 5.8.2 and above. There are numerous problems with amavisd-new
+ when running under previous perl versions, including perl crashes,
+ taint bugs and others.  You are strongly advised to upgrade your
+ perl by using the /usr/ports/lang/perl5.8 port.
+*******************************************************************
diff --git a/security/amavisd-new/pkg-plist b/security/amavisd-new/pkg-plist
index 41ebbd2b9149..840f22d83abe 100644
--- a/security/amavisd-new/pkg-plist
+++ b/security/amavisd-new/pkg-plist
@@ -1,5 +1,6 @@
 %%PORTDOCS%%%%DOCSDIR%%/AAAREADME.first
 %%PORTDOCS%%%%DOCSDIR%%/INSTALL
+%%PORTDOCS%%%%DOCSDIR%%/LDAP.schema
 %%PORTDOCS%%%%DOCSDIR%%/LICENSE
 %%PORTDOCS%%%%DOCSDIR%%/README.chroot
 %%PORTDOCS%%%%DOCSDIR%%/README.contributed
@@ -21,7 +22,9 @@
 %%PORTDOCS%%%%DOCSDIR%%/README.sendmail-dual
 %%PORTDOCS%%%%DOCSDIR%%/RELEASE_NOTES
 %%PORTDOCS%%@dirrm %%DOCSDIR%%
+etc/amavisd.conf-default
 etc/amavisd.conf-dist
+etc/amavisd.conf-sample
 %%AMAVIS_NOMILTER%%etc/rc.d/amavis-milter.sh
 etc/rc.d/amavisd.sh
 %%AMAVIS_NOMILTER%%sbin/amavis