From owner-svn-ports-head@freebsd.org  Sat Jan 11 21:50:47 2020
Return-Path: <owner-svn-ports-head@freebsd.org>
Delivered-To: svn-ports-head@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id 68B661F5B5A;
 Sat, 11 Jan 2020 21:50:47 +0000 (UTC)
 (envelope-from romain@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org
 [IPv6:2610:1c1:1:606c::19:3])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 server-signature RSA-PSS (4096 bits)
 client-signature RSA-PSS (4096 bits) client-digest SHA256)
 (Client CN "mxrelay.nyi.freebsd.org",
 Issuer "Let's Encrypt Authority X3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 47wD7C23bMz4Wbt;
 Sat, 11 Jan 2020 21:50:47 +0000 (UTC)
 (envelope-from romain@FreeBSD.org)
Received: from repo.freebsd.org (repo.freebsd.org
 [IPv6:2610:1c1:1:6068::e6a:0])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 41D4C950F;
 Sat, 11 Jan 2020 21:50:47 +0000 (UTC)
 (envelope-from romain@FreeBSD.org)
Received: from repo.freebsd.org ([127.0.1.37])
 by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id 00BLolqB047085;
 Sat, 11 Jan 2020 21:50:47 GMT (envelope-from romain@FreeBSD.org)
Received: (from romain@localhost)
 by repo.freebsd.org (8.15.2/8.15.2/Submit) id 00BLojuY047056;
 Sat, 11 Jan 2020 21:50:45 GMT (envelope-from romain@FreeBSD.org)
Message-Id: <202001112150.00BLojuY047056@repo.freebsd.org>
X-Authentication-Warning: repo.freebsd.org: romain set sender to
 romain@FreeBSD.org using -f
From: =?UTF-8?Q?Romain_Tarti=c3=a8re?= <romain@FreeBSD.org>
Date: Sat, 11 Jan 2020 21:50:45 +0000 (UTC)
To: ports-committers@freebsd.org, svn-ports-all@freebsd.org,
 svn-ports-head@freebsd.org
Subject: svn commit: r522713 - in head/mail: . py-postfix-mta-sts-resolver
 py-postfix-mta-sts-resolver/files
X-SVN-Group: ports-head
X-SVN-Commit-Author: romain
X-SVN-Commit-Paths: in head/mail: . py-postfix-mta-sts-resolver
 py-postfix-mta-sts-resolver/files
X-SVN-Commit-Revision: 522713
X-SVN-Commit-Repository: ports
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-BeenThere: svn-ports-head@freebsd.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: SVN commit messages for the ports tree for head
 <svn-ports-head.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/svn-ports-head>, 
 <mailto:svn-ports-head-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/svn-ports-head/>
List-Post: <mailto:svn-ports-head@freebsd.org>
List-Help: <mailto:svn-ports-head-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/svn-ports-head>,
 <mailto:svn-ports-head-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 11 Jan 2020 21:50:47 -0000

Author: romain
Date: Sat Jan 11 21:50:45 2020
New Revision: 522713
URL: https://svnweb.freebsd.org/changeset/ports/522713

Log:
  New port: mail/py-postfix-mta-sts-resolver
  
  Daemon which provides TLS client policy for Postfix via socketmap, according to
  domain MTA-STS policy. Current support of RFC8461 is limited - daemon lacks
  some minor features:
  
    - Proactive policy fetch
    - Fetch error reporting
    - Fetch ratelimit (but actual fetch rate partially restricted with cache_grace config option).
  
  Server has configurable cache backend which allows to store cached STS policies
  in memory (internal), file (sqlite) or in Redis database (redis).
  
  WWW: https://pypi.python.org/pypi/postfix-mta-sts-resolver

Added:
  head/mail/py-postfix-mta-sts-resolver/
  head/mail/py-postfix-mta-sts-resolver/Makefile   (contents, props changed)
  head/mail/py-postfix-mta-sts-resolver/distinfo   (contents, props changed)
  head/mail/py-postfix-mta-sts-resolver/files/
  head/mail/py-postfix-mta-sts-resolver/files/mta_sts.in   (contents, props changed)
  head/mail/py-postfix-mta-sts-resolver/files/patch-postfix__mta__sts__resolver_daemon.py   (contents, props changed)
  head/mail/py-postfix-mta-sts-resolver/files/patch-setup.py   (contents, props changed)
  head/mail/py-postfix-mta-sts-resolver/pkg-descr   (contents, props changed)
Modified:
  head/mail/Makefile

Modified: head/mail/Makefile
==============================================================================
--- head/mail/Makefile	Sat Jan 11 21:45:18 2020	(r522712)
+++ head/mail/Makefile	Sat Jan 11 21:50:45 2020	(r522713)
@@ -514,6 +514,7 @@
     SUBDIR += py-managesieve3
     SUBDIR += py-milter
     SUBDIR += py-notmuch
+    SUBDIR += py-postfix-mta-sts-resolver
     SUBDIR += py-ppolicy
     SUBDIR += py-premailer
     SUBDIR += py-pymailq

Added: head/mail/py-postfix-mta-sts-resolver/Makefile
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/mail/py-postfix-mta-sts-resolver/Makefile	Sat Jan 11 21:50:45 2020	(r522713)
@@ -0,0 +1,43 @@
+# $FreeBSD$
+
+PORTNAME=	postfix-mta-sts-resolver
+PORTVERSION=	0.7.2
+DISTVERSIONPREFIX=v
+CATEGORIES=	mail python
+PKGNAMEPREFIX=	${PYTHON_PKGNAMEPREFIX}
+
+MAINTAINER=	romain@FreeBSD.org
+COMMENT=	TLS client policy for Postfix according to domain MTA-STS policy
+
+LICENSE=	MIT
+
+BUILD_DEPENDS=	${PYTHON_PKGNAMEPREFIX}wheel>0:devel/py-wheel@${PY_FLAVOR}
+RUN_DEPENDS=	${PYTHON_PKGNAMEPREFIX}aiodns>0:dns/py-aiodns@${PY_FLAVOR} \
+		${PYTHON_PKGNAMEPREFIX}aiohttp>0:www/py-aiohttp@${PY_FLAVOR} \
+		${PYTHON_PKGNAMEPREFIX}yaml>0:devel/py-yaml@${PY_FLAVOR} \
+		${LOCALBASE}/share/certs/ca-root-nss.crt:security/ca_root_nss
+
+USES=		python:3.5+
+USE_GITHUB=	yes
+USE_PYTHON=	autoplist distutils
+
+GH_ACCOUNT=	Snawoot
+
+OPTIONS_DEFINE=	REDIS SQLITE
+
+REDIS_RUN_DEPENDS=	${PYTHON_PKGNAMEPREFIX}aioredis>0:databases/py-aioredis@${PY_FLAVOR}
+SQLITE_RUN_DEPENDS=	${PYTHON_PKGNAMEPREFIX}aiosqlite>0:databases/py-aiosqlite@${PY_FLAVOR}
+
+USE_RC_SUBR=	mta_sts
+
+SUB_LIST=	PYTHON_CMD=${PYTHON_CMD}
+PLIST_FILES=	"@sample etc/mta-sts-daemon.yml.sample"
+
+post-extract:
+	${REINPLACE_CMD} -e 's|/etc/|${PREFIX}/etc/|' \
+		${WRKSRC}/postfix_mta_sts_resolver/defaults.py
+
+post-install:
+	${CP} ${WRKSRC}/config_examples/mta-sts-daemon.yml.internal ${STAGEDIR}${PREFIX}/etc/mta-sts-daemon.yml.sample
+
+.include <bsd.port.mk>

Added: head/mail/py-postfix-mta-sts-resolver/distinfo
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/mail/py-postfix-mta-sts-resolver/distinfo	Sat Jan 11 21:50:45 2020	(r522713)
@@ -0,0 +1,3 @@
+TIMESTAMP = 1578764689
+SHA256 (Snawoot-postfix-mta-sts-resolver-v0.7.2_GH0.tar.gz) = e5934c0ef39060e10be43d113bb81b830dd8ca02aff16022025c39993bda9526
+SIZE (Snawoot-postfix-mta-sts-resolver-v0.7.2_GH0.tar.gz) = 43533

Added: head/mail/py-postfix-mta-sts-resolver/files/mta_sts.in
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/mail/py-postfix-mta-sts-resolver/files/mta_sts.in	Sat Jan 11 21:50:45 2020	(r522713)
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+# $FreeBSD$
+#
+# PROVIDE: mta_sts
+# REQUIRE: DAEMON
+# KEYWORD: shutdown
+#
+# Add these lines to /etc/rc.conf.local or /etc/rc.conf
+# to enable this service:
+#
+# mta_sts_enable (bool):	Set to NO by default.
+# 		     		Set it to YES to enable mta_sts.
+# mta_sts_config (path):	Set to %%PREFIX%%/etc/mta-sts-daemon.yml
+#				by default.
+
+. /etc/rc.subr
+
+name=mta_sts
+rcvar=mta_sts_enable
+
+load_rc_config $name
+
+: ${mta_sts_enable:="NO"}
+: ${mta_sts_config="%%PREFIX%%/etc/mta-sts-daemon.yml"}
+: ${mta_sts_user="nobody"}
+
+pidfile=/var/run/${name}.pid
+command=%%PREFIX%%/bin/mta-sts-daemon
+command_interpreter="%%PYTHON_CMD%%"
+
+start_cmd="${name}_start"
+
+mta_sts_start()
+{
+	/usr/sbin/daemon -u "${mta_sts_user}" -p "${pidfile}" "${command}" -c "${mta_sts_config}"
+}
+
+run_rc_command "$1"

Added: head/mail/py-postfix-mta-sts-resolver/files/patch-postfix__mta__sts__resolver_daemon.py
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/mail/py-postfix-mta-sts-resolver/files/patch-postfix__mta__sts__resolver_daemon.py	Sat Jan 11 21:50:45 2020	(r522713)
@@ -0,0 +1,22 @@
+--- postfix_mta_sts_resolver/daemon.py.orig	2020-01-11 21:18:26 UTC
++++ postfix_mta_sts_resolver/daemon.py
+@@ -7,7 +7,6 @@ import logging
+ import signal
+ from functools import partial
+ 
+-from sdnotify import SystemdNotifier
+ from . import utils
+ from . import defaults
+ from .responder import STSSocketmapResponder
+@@ -72,11 +71,8 @@ async def amain(cfg, loop):  # pragma: no cover
+     sig_handler = partial(exit_handler, exit_event)
+     signal.signal(signal.SIGTERM, sig_handler)
+     signal.signal(signal.SIGINT, sig_handler)
+-    notifier = await loop.run_in_executor(None, SystemdNotifier)
+-    await loop.run_in_executor(None, notifier.notify, "READY=1")
+     await exit_event.wait()
+     logger.debug("Eventloop interrupted. Shutting down server...")
+-    await loop.run_in_executor(None, notifier.notify, "STOPPING=1")
+     beat.cancel()
+     await responder.stop()
+ 

Added: head/mail/py-postfix-mta-sts-resolver/files/patch-setup.py
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/mail/py-postfix-mta-sts-resolver/files/patch-setup.py	Sat Jan 11 21:50:45 2020	(r522713)
@@ -0,0 +1,10 @@
+--- setup.py.orig	2020-01-11 21:21:32 UTC
++++ setup.py
+@@ -23,7 +23,6 @@ setup(name='postfix_mta_sts_resolver',
+           'aiodns>=1.1.1',
+           'aiohttp>=3.4.4',
+           'PyYAML>=3.12',
+-          'sdnotify>=0.3.2',
+       ],
+       extras_require={
+           'sqlite': 'aiosqlite>=0.10.0',

Added: head/mail/py-postfix-mta-sts-resolver/pkg-descr
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/mail/py-postfix-mta-sts-resolver/pkg-descr	Sat Jan 11 21:50:45 2020	(r522713)
@@ -0,0 +1,12 @@
+Daemon which provides TLS client policy for Postfix via socketmap, according to
+domain MTA-STS policy. Current support of RFC8461 is limited - daemon lacks
+some minor features:
+
+  - Proactive policy fetch
+  - Fetch error reporting
+  - Fetch ratelimit (but actual fetch rate partially restricted with cache_grace config option).
+
+Server has configurable cache backend which allows to store cached STS policies
+in memory (internal), file (sqlite) or in Redis database (redis).
+
+WWW: https://pypi.python.org/pypi/postfix-mta-sts-resolver