From owner-svn-ports-head@freebsd.org Fri Dec 25 11:41:38 2020 Return-Path: Delivered-To: svn-ports-head@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 92E974BE8DC; Fri, 25 Dec 2020 11:41:38 +0000 (UTC) (envelope-from otis@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4D2Q5G3lP0z4rgM; Fri, 25 Dec 2020 11:41:38 +0000 (UTC) (envelope-from otis@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 73B7B2204E; Fri, 25 Dec 2020 11:41:38 +0000 (UTC) (envelope-from otis@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id 0BPBfcN9076016; Fri, 25 Dec 2020 11:41:38 GMT (envelope-from otis@FreeBSD.org) Received: (from otis@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id 0BPBfbij076013; Fri, 25 Dec 2020 11:41:37 GMT (envelope-from otis@FreeBSD.org) Message-Id: <202012251141.0BPBfbij076013@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: otis set sender to otis@FreeBSD.org using -f From: Juraj Lutter Date: Fri, 25 Dec 2020 11:41:37 +0000 (UTC) To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r559235 - in head/mail/postsrsd: . files X-SVN-Group: ports-head X-SVN-Commit-Author: otis X-SVN-Commit-Paths: in head/mail/postsrsd: . files X-SVN-Commit-Revision: 559235 X-SVN-Commit-Repository: ports MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-ports-head@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: SVN commit messages for the ports tree for head List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 25 Dec 2020 11:41:38 -0000 Author: otis Date: Fri Dec 25 11:41:37 2020 New Revision: 559235 URL: https://svnweb.freebsd.org/changeset/ports/559235 Log: mail/postsrsd: update to 1.10 Changelog: - SECURITY FIX [CVE-2020-35573]: PostSRSd could be tricked into consuming a lot of CPU time with an SRS address that has a very long time stamp tag - Fixed a bug where PostSRSd would occasionally create invalid SRS addresses if the used secret is extremely long PR: 252007 Submitted by: ports@bsdserwis.com Reviewed by: osa (mentor) Approved by: osa (mentor) Security: eb2845c4-43ce-11eb-aba5-00a09858faf5 Differential Revision: https://reviews.freebsd.org/D27702 Modified: head/mail/postsrsd/Makefile head/mail/postsrsd/distinfo head/mail/postsrsd/files/patch-CMakeLists.txt Modified: head/mail/postsrsd/Makefile ============================================================================== --- head/mail/postsrsd/Makefile Fri Dec 25 10:19:35 2020 (r559234) +++ head/mail/postsrsd/Makefile Fri Dec 25 11:41:37 2020 (r559235) @@ -2,7 +2,7 @@ # $FreeBSD$ PORTNAME= postsrsd -PORTVERSION= 1.6 +PORTVERSION= 1.10 CATEGORIES= mail MAINTAINER= ports@bsdserwis.com @@ -17,18 +17,19 @@ USES= cmake pkgconfig USE_GITHUB= yes GH_ACCOUNT= roehling +USE_RC_SUBR= ${PORTNAME} CMAKE_ARGS= --no-warn-unused-cli \ -DCMAKE_INCLUDE_PATH="${LOCALBASE}/include" \ -DCMAKE_LIBRARY_PATH="${LOCALBASE}/lib" -USE_RC_SUBR= ${PORTNAME} -PORTDOCS= README.md main.cf.ex README_UPGRADE.md +PLIST_FILES= man/man8/postsrsd.8.gz \ + sbin/postsrsd +PORTDOCS= README.md README_UPGRADE.md main.cf.ex + OPTIONS_DEFINE= DOCS DOCS_CMAKE_BOOL= ENABLE_DOCS - -PLIST_FILES= sbin/postsrsd man/man8/postsrsd.8.gz .include Modified: head/mail/postsrsd/distinfo ============================================================================== --- head/mail/postsrsd/distinfo Fri Dec 25 10:19:35 2020 (r559234) +++ head/mail/postsrsd/distinfo Fri Dec 25 11:41:37 2020 (r559235) @@ -1,3 +1,3 @@ TIMESTAMP = 1488207086 -SHA256 (roehling-postsrsd-1.6_GH0.tar.gz) = c7db909ec0e326cc92b624d1776ce96acc8bc1637bae532c4bd981168118aa13 -SIZE (roehling-postsrsd-1.6_GH0.tar.gz) = 32111 +SHA256 (roehling-postsrsd-1.10_GH0.tar.gz) = 4880bf12f1a75791f10a995e46a7fce26ee760d1d6942b4602244d2026d4e64a +SIZE (roehling-postsrsd-1.10_GH0.tar.gz) = 34844 Modified: head/mail/postsrsd/files/patch-CMakeLists.txt ============================================================================== --- head/mail/postsrsd/files/patch-CMakeLists.txt Fri Dec 25 10:19:35 2020 (r559234) +++ head/mail/postsrsd/files/patch-CMakeLists.txt Fri Dec 25 11:41:37 2020 (r559235) @@ -1,6 +1,6 @@ ---- CMakeLists.txt.orig 2019-02-23 13:28:34 UTC +--- CMakeLists.txt.orig 2020-12-12 09:55:17 UTC +++ CMakeLists.txt -@@ -6,12 +6,15 @@ include(TestBigEndian) +@@ -7,12 +7,15 @@ include(CTest) option(GENERATE_SRS_SECRET "Generate a random SRS secret if none exists during install" ON) option(USE_APPARMOR "Enable AppArmor profile" OFF) @@ -17,26 +17,23 @@ set(DOC_DIR "share/doc/${PROJECT_NAME}" CACHE PATH "Path for documentation files") mark_as_advanced(CHROOT_DIR SYSCONF_DIR SYSD_UNIT_DIR CONFIG_DIR DOC_DIR) -@@ -19,8 +22,6 @@ find_program(HELP2MAN help2man DOC "path to help2man e +@@ -20,8 +23,6 @@ find_program(HELP2MAN help2man DOC "path to help2man e find_program(DD dd DOC "path to dd executable") find_program(BASE64 base64 DOC "path to base64 executable") find_program(OPENSSL openssl DOC "path to OpenSSL executable") -find_program(INSSERV insserv DOC "path to insserv executable") -find_program(CHKCONFIG chkconfig DOC "path to chkconfig executable") - find_program(SYSTEMD systemd) - find_library(LIBSOCKET socket) - find_library(LIBNSL nsl) -@@ -65,26 +66,6 @@ endif() + find_program(SYSTEMCTL systemctl DOC "path to systemctl executable") + + if(CMAKE_SYSTEM_NAME MATCHES "SunOS") +@@ -69,23 +70,6 @@ endif() check_type_size("unsigned long" SIZEOF_UNSIGNED_LONG) add_definitions(-DSIZEOF_UNSIGNED_LONG=${SIZEOF_UNSIGNED_LONG}) -if(NOT DEFINED INIT_FLAVOR) -- if(SYSTEMD) +- if(SYSTEMCTL) - message(STATUS "Detected init flavor: systemd") - set(INIT_FLAVOR "systemd" CACHE STRING "Init daemon of this system") -- elseif(IS_DIRECTORY "${SYSCONF_DIR}/init" AND EXISTS "/lib/init/upstart-job") -- message(STATUS "Detected init flavor: upstart") -- set(INIT_FLAVOR "upstart" CACHE STRING "Init daemon of this system") - elseif(IS_DIRECTORY "${SYSCONF_DIR}/init.d" AND EXISTS "${SYSCONF_DIR}/init.d/functions") - message(STATUS "Detected init flavor: sysv-redhat") - set(INIT_FLAVOR "sysv-redhat" CACHE STRING "Init daemon of this system") @@ -50,12 +47,12 @@ - endif() -endif() - + add_definitions(-DPOSTSRSD_VERSION=\"${PROJECT_VERSION}\") add_executable(${PROJECT_NAME} postsrsd.c sha1.c srs2.c) - enable_testing() - add_executable(${PROJECT_NAME}_tests tests.c sha1.c srs2.c) -@@ -95,15 +76,7 @@ if(${CMAKE_SYSTEM_NAME} MATCHES "SunOS") - target_link_libraries(${PROJECT_NAME}_tests ${LIBSOCKET} ${LIBNSL}) + +@@ -95,16 +79,8 @@ if(CMAKE_SYSTEM_NAME MATCHES "SunOS") endif() + set(POSTSRSD "${PROJECT_NAME}${CMAKE_EXECUTABLE_SUFFIX}") -set(APPARMOR_PROFILE "${CMAKE_INSTALL_PREFIX}/sbin/${POSTSRSD}") -string(REGEX REPLACE "^/+" "" APPARMOR_PROFILE "${APPARMOR_PROFILE}") @@ -63,13 +60,14 @@ -configure_file(init/${PROJECT_NAME}.sysv-lsb.in ${PROJECT_NAME}.sysv-lsb @ONLY) -configure_file(init/${PROJECT_NAME}.sysv-redhat.in ${PROJECT_NAME}.sysv-redhat @ONLY) --configure_file(init/${PROJECT_NAME}.upstart.in ${PROJECT_NAME}.upstart @ONLY) -configure_file(init/${PROJECT_NAME}.apparmor.in ${PROJECT_NAME}.apparmor @ONLY) -configure_file(init/${PROJECT_NAME}.systemd.in ${PROJECT_NAME}.systemd @ONLY) configure_file(init/${PROJECT_NAME}.default.in ${PROJECT_NAME}.default @ONLY) +-configure_file(init/${PROJECT_NAME}-systemd-launcher.in ${PROJECT_NAME}-systemd-launcher @ONLY) configure_file(postinstall.cmake.in postinstall.cmake @ONLY) -@@ -113,7 +86,7 @@ add_custom_command(TARGET ${PROJECT_NAME} POST_BUILD + +@@ -118,7 +94,7 @@ add_custom_command(TARGET ${PROJECT_NAME} POST_BUILD COMMAND ${HELP2MAN} ARGS -s8 -o${PROJECT_NAME}.8 -n "Postfix Sender Rewriting Scheme daemon" -N -h-h -v-v ${CMAKE_CURRENT_BINARY_DIR}/${POSTSRSD} VERBATIM ) @@ -78,12 +76,13 @@ endif() if(USE_APPARMOR) -@@ -130,6 +103,8 @@ if(USE_SELINUX) +@@ -135,6 +111,8 @@ if(USE_SELINUX) endif() install(TARGETS ${PROJECT_NAME} DESTINATION "sbin") +-install(PROGRAMS ${CMAKE_CURRENT_BINARY_DIR}/${PROJECT_NAME}-systemd-launcher DESTINATION "share/${PROJECT_NAME}") +if(ENABLE_DOCS) - install(FILES README.md README_UPGRADE.md main.cf.ex DESTINATION "${DOC_DIR}") ++ install(FILES README.md README_UPGRADE.md main.cf.ex DESTINATION "${DOC_DIR}") +endif() + install(FILES README.md README_UPGRADE.md main.cf.ex DESTINATION "${DOC_DIR}") install(SCRIPT "${CMAKE_CURRENT_BINARY_DIR}/postinstall.cmake") -