Date: Sat, 11 Jan 2020 21:50:45 +0000 (UTC) From: =?UTF-8?Q?Romain_Tarti=c3=a8re?= <romain@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r522713 - in head/mail: . py-postfix-mta-sts-resolver py-postfix-mta-sts-resolver/files Message-ID: <202001112150.00BLojuY047056@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: romain Date: Sat Jan 11 21:50:45 2020 New Revision: 522713 URL: https://svnweb.freebsd.org/changeset/ports/522713 Log: New port: mail/py-postfix-mta-sts-resolver Daemon which provides TLS client policy for Postfix via socketmap, according to domain MTA-STS policy. Current support of RFC8461 is limited - daemon lacks some minor features: - Proactive policy fetch - Fetch error reporting - Fetch ratelimit (but actual fetch rate partially restricted with cache_grace config option). Server has configurable cache backend which allows to store cached STS policies in memory (internal), file (sqlite) or in Redis database (redis). WWW: https://pypi.python.org/pypi/postfix-mta-sts-resolver Added: head/mail/py-postfix-mta-sts-resolver/ head/mail/py-postfix-mta-sts-resolver/Makefile (contents, props changed) head/mail/py-postfix-mta-sts-resolver/distinfo (contents, props changed) head/mail/py-postfix-mta-sts-resolver/files/ head/mail/py-postfix-mta-sts-resolver/files/mta_sts.in (contents, props changed) head/mail/py-postfix-mta-sts-resolver/files/patch-postfix__mta__sts__resolver_daemon.py (contents, props changed) head/mail/py-postfix-mta-sts-resolver/files/patch-setup.py (contents, props changed) head/mail/py-postfix-mta-sts-resolver/pkg-descr (contents, props changed) Modified: head/mail/Makefile Modified: head/mail/Makefile ============================================================================== --- head/mail/Makefile Sat Jan 11 21:45:18 2020 (r522712) +++ head/mail/Makefile Sat Jan 11 21:50:45 2020 (r522713) @@ -514,6 +514,7 @@ SUBDIR += py-managesieve3 SUBDIR += py-milter SUBDIR += py-notmuch + SUBDIR += py-postfix-mta-sts-resolver SUBDIR += py-ppolicy SUBDIR += py-premailer SUBDIR += py-pymailq Added: head/mail/py-postfix-mta-sts-resolver/Makefile ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/mail/py-postfix-mta-sts-resolver/Makefile Sat Jan 11 21:50:45 2020 (r522713) @@ -0,0 +1,43 @@ +# $FreeBSD$ + +PORTNAME= postfix-mta-sts-resolver +PORTVERSION= 0.7.2 +DISTVERSIONPREFIX=v +CATEGORIES= mail python +PKGNAMEPREFIX= ${PYTHON_PKGNAMEPREFIX} + +MAINTAINER= romain@FreeBSD.org +COMMENT= TLS client policy for Postfix according to domain MTA-STS policy + +LICENSE= MIT + +BUILD_DEPENDS= ${PYTHON_PKGNAMEPREFIX}wheel>0:devel/py-wheel@${PY_FLAVOR} +RUN_DEPENDS= ${PYTHON_PKGNAMEPREFIX}aiodns>0:dns/py-aiodns@${PY_FLAVOR} \ + ${PYTHON_PKGNAMEPREFIX}aiohttp>0:www/py-aiohttp@${PY_FLAVOR} \ + ${PYTHON_PKGNAMEPREFIX}yaml>0:devel/py-yaml@${PY_FLAVOR} \ + ${LOCALBASE}/share/certs/ca-root-nss.crt:security/ca_root_nss + +USES= python:3.5+ +USE_GITHUB= yes +USE_PYTHON= autoplist distutils + +GH_ACCOUNT= Snawoot + +OPTIONS_DEFINE= REDIS SQLITE + +REDIS_RUN_DEPENDS= ${PYTHON_PKGNAMEPREFIX}aioredis>0:databases/py-aioredis@${PY_FLAVOR} +SQLITE_RUN_DEPENDS= ${PYTHON_PKGNAMEPREFIX}aiosqlite>0:databases/py-aiosqlite@${PY_FLAVOR} + +USE_RC_SUBR= mta_sts + +SUB_LIST= PYTHON_CMD=${PYTHON_CMD} +PLIST_FILES= "@sample etc/mta-sts-daemon.yml.sample" + +post-extract: + ${REINPLACE_CMD} -e 's|/etc/|${PREFIX}/etc/|' \ + ${WRKSRC}/postfix_mta_sts_resolver/defaults.py + +post-install: + ${CP} ${WRKSRC}/config_examples/mta-sts-daemon.yml.internal ${STAGEDIR}${PREFIX}/etc/mta-sts-daemon.yml.sample + +.include <bsd.port.mk> Added: head/mail/py-postfix-mta-sts-resolver/distinfo ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/mail/py-postfix-mta-sts-resolver/distinfo Sat Jan 11 21:50:45 2020 (r522713) @@ -0,0 +1,3 @@ +TIMESTAMP = 1578764689 +SHA256 (Snawoot-postfix-mta-sts-resolver-v0.7.2_GH0.tar.gz) = e5934c0ef39060e10be43d113bb81b830dd8ca02aff16022025c39993bda9526 +SIZE (Snawoot-postfix-mta-sts-resolver-v0.7.2_GH0.tar.gz) = 43533 Added: head/mail/py-postfix-mta-sts-resolver/files/mta_sts.in ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/mail/py-postfix-mta-sts-resolver/files/mta_sts.in Sat Jan 11 21:50:45 2020 (r522713) @@ -0,0 +1,39 @@ +#!/bin/sh + +# $FreeBSD$ +# +# PROVIDE: mta_sts +# REQUIRE: DAEMON +# KEYWORD: shutdown +# +# Add these lines to /etc/rc.conf.local or /etc/rc.conf +# to enable this service: +# +# mta_sts_enable (bool): Set to NO by default. +# Set it to YES to enable mta_sts. +# mta_sts_config (path): Set to %%PREFIX%%/etc/mta-sts-daemon.yml +# by default. + +. /etc/rc.subr + +name=mta_sts +rcvar=mta_sts_enable + +load_rc_config $name + +: ${mta_sts_enable:="NO"} +: ${mta_sts_config="%%PREFIX%%/etc/mta-sts-daemon.yml"} +: ${mta_sts_user="nobody"} + +pidfile=/var/run/${name}.pid +command=%%PREFIX%%/bin/mta-sts-daemon +command_interpreter="%%PYTHON_CMD%%" + +start_cmd="${name}_start" + +mta_sts_start() +{ + /usr/sbin/daemon -u "${mta_sts_user}" -p "${pidfile}" "${command}" -c "${mta_sts_config}" +} + +run_rc_command "$1" Added: head/mail/py-postfix-mta-sts-resolver/files/patch-postfix__mta__sts__resolver_daemon.py ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/mail/py-postfix-mta-sts-resolver/files/patch-postfix__mta__sts__resolver_daemon.py Sat Jan 11 21:50:45 2020 (r522713) @@ -0,0 +1,22 @@ +--- postfix_mta_sts_resolver/daemon.py.orig 2020-01-11 21:18:26 UTC ++++ postfix_mta_sts_resolver/daemon.py +@@ -7,7 +7,6 @@ import logging + import signal + from functools import partial + +-from sdnotify import SystemdNotifier + from . import utils + from . import defaults + from .responder import STSSocketmapResponder +@@ -72,11 +71,8 @@ async def amain(cfg, loop): # pragma: no cover + sig_handler = partial(exit_handler, exit_event) + signal.signal(signal.SIGTERM, sig_handler) + signal.signal(signal.SIGINT, sig_handler) +- notifier = await loop.run_in_executor(None, SystemdNotifier) +- await loop.run_in_executor(None, notifier.notify, "READY=1") + await exit_event.wait() + logger.debug("Eventloop interrupted. Shutting down server...") +- await loop.run_in_executor(None, notifier.notify, "STOPPING=1") + beat.cancel() + await responder.stop() + Added: head/mail/py-postfix-mta-sts-resolver/files/patch-setup.py ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/mail/py-postfix-mta-sts-resolver/files/patch-setup.py Sat Jan 11 21:50:45 2020 (r522713) @@ -0,0 +1,10 @@ +--- setup.py.orig 2020-01-11 21:21:32 UTC ++++ setup.py +@@ -23,7 +23,6 @@ setup(name='postfix_mta_sts_resolver', + 'aiodns>=1.1.1', + 'aiohttp>=3.4.4', + 'PyYAML>=3.12', +- 'sdnotify>=0.3.2', + ], + extras_require={ + 'sqlite': 'aiosqlite>=0.10.0', Added: head/mail/py-postfix-mta-sts-resolver/pkg-descr ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/mail/py-postfix-mta-sts-resolver/pkg-descr Sat Jan 11 21:50:45 2020 (r522713) @@ -0,0 +1,12 @@ +Daemon which provides TLS client policy for Postfix via socketmap, according to +domain MTA-STS policy. Current support of RFC8461 is limited - daemon lacks +some minor features: + + - Proactive policy fetch + - Fetch error reporting + - Fetch ratelimit (but actual fetch rate partially restricted with cache_grace config option). + +Server has configurable cache backend which allows to store cached STS policies +in memory (internal), file (sqlite) or in Redis database (redis). + +WWW: https://pypi.python.org/pypi/postfix-mta-sts-resolver
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202001112150.00BLojuY047056>