diff options
author | Eray Aslan <eras@gentoo.org> | 2011-06-08 12:24:51 +0000 |
---|---|---|
committer | Eray Aslan <eras@gentoo.org> | 2011-06-08 12:24:51 +0000 |
commit | 7fa9a6ef0576a2d1e7b93bd7a93286fd4089b676 (patch) | |
tree | 4ae64c5e50212c7a77498b7bf7f8067d2a9468c1 /mail-filter/spamass-milter | |
parent | Update the makefile patch so the gtk is really optional. (diff) | |
download | gentoo-2-7fa9a6ef0576a2d1e7b93bd7a93286fd4089b676.tar.gz gentoo-2-7fa9a6ef0576a2d1e7b93bd7a93286fd4089b676.tar.bz2 gentoo-2-7fa9a6ef0576a2d1e7b93bd7a93286fd4089b676.zip |
Security bump - bug #310049. Don't spam check authenticated
users - bug #265621. Fix received headers - bug #264304
(Portage version: 2.1.10/cvs/Linux x86_64)
Diffstat (limited to 'mail-filter/spamass-milter')
5 files changed, 401 insertions, 2 deletions
diff --git a/mail-filter/spamass-milter/ChangeLog b/mail-filter/spamass-milter/ChangeLog index 565b40f2a82b..6344477148dc 100644 --- a/mail-filter/spamass-milter/ChangeLog +++ b/mail-filter/spamass-milter/ChangeLog @@ -1,6 +1,14 @@ # ChangeLog for mail-filter/spamass-milter -# Copyright 2000-2009 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/mail-filter/spamass-milter/ChangeLog,v 1.22 2009/08/23 00:11:45 mrness Exp $ +# Copyright 1999-2011 Gentoo Foundation; Distributed under the GPL v2 +# $Header: /var/cvsroot/gentoo-x86/mail-filter/spamass-milter/ChangeLog,v 1.23 2011/06/08 12:24:51 eras Exp $ + +*spamass-milter-0.3.1-r4 (08 Jun 2011) + + 08 Jun 2011; Eray Aslan <eras@gentoo.org> +spamass-milter-0.3.1-r4.ebuild, + +files/spamass-milter-auth_users.patch, +files/spamass-milter-header.patch, + +files/spamass-milter-popen.patch: + Security bump - bug #310049. Don't spam check authenticated users - bug + #265621. Fix received headers - bug #264304 *spamass-milter-0.3.1-r3 (23 Aug 2009) diff --git a/mail-filter/spamass-milter/files/spamass-milter-auth_users.patch b/mail-filter/spamass-milter/files/spamass-milter-auth_users.patch new file mode 100644 index 000000000000..8bfc24e4306f --- /dev/null +++ b/mail-filter/spamass-milter/files/spamass-milter-auth_users.patch @@ -0,0 +1,92 @@ +Based on the debian patch: +http://patch-tracker.debian.org/patch/series/view/spamass-milter/0.3.1-10/10_dont_handle_authenticated_users.diff + +--- spamass-milter.cpp 2011-06-08 11:56:33.000000000 +0000 ++++ spamass-milter.cpp 2011-06-08 12:04:41.000000000 +0000 +@@ -170,6 +170,7 @@ + bool flag_full_email = false; /* pass full email address to spamc */ + bool flag_expand = false; /* alias/virtusertable expansion */ + bool warnedmacro = false; /* have we logged that we couldn't fetch a macro? */ ++bool ignore_authenticated_senders = false; + + #if defined(__FreeBSD__) /* popen bug - see PR bin/50770 */ + static pthread_mutex_t popen_mutex = PTHREAD_MUTEX_INITIALIZER; +@@ -181,7 +182,7 @@ + main(int argc, char* argv[]) + { + int c, err = 0; +- const char *args = "fd:mMp:P:r:u:D:i:b:B:e:x"; ++ const char *args = "fd:mMp:P:r:u:D:i:Ib:B:e:x"; + char *sock = NULL; + bool dofork = false; + char *pidfilename = NULL; +@@ -213,6 +214,10 @@ + debug(D_MISC, "Parsing ignore list"); + parse_networklist(optarg, &ignorenets); + break; ++ case 'I': ++ debug(D_MISC, "Ignore authenticated senders"); ++ ignore_authenticated_senders = true; ++ break; + case 'm': + dontmodifyspam = true; + smfilter.xxfi_flags &= ~SMFIF_CHGBODY; +@@ -280,7 +285,7 @@ + cout << PACKAGE_NAME << " - Version " << PACKAGE_VERSION << endl; + cout << "SpamAssassin Sendmail Milter Plugin" << endl; + cout << "Usage: spamass-milter -p socket [-b|-B bucket] [-d xx[,yy...]] [-D host]" << endl; +- cout << " [-e defaultdomain] [-f] [-i networks] [-m] [-M]" << endl; ++ cout << " [-e defaultdomain] [-f] [-i networks] [-I] [-m] [-M]" << endl; + cout << " [-P pidfile] [-r nn] [-u defaultuser] [-x]" << endl; + cout << " [-- spamc args ]" << endl; + cout << " -p socket: path to create socket" << endl; +@@ -294,6 +299,7 @@ + cout << " -f: fork into background" << endl; + cout << " -i: skip (ignore) checks from these IPs or netblocks" << endl; + cout << " example: -i 192.168.12.5,10.0.0.0/8,172.16.0.0/255.255.0.0" << endl; ++ cout << " -I: skip (ignore) checks if sender is authenticated" << endl; + cout << " -m: don't modify body, Content-type: or Subject:" << endl; + cout << " -M: don't modify the message at all" << endl; + cout << " -P pidfile: Put processid in pidfile" << endl; +@@ -783,6 +789,22 @@ + } + /* debug(D_ALWAYS, "ZZZ got private context %p", sctx); */ + ++ if (ignore_authenticated_senders) ++ { ++ char *auth_authen; ++ ++ auth_authen = smfi_getsymval(ctx, "{auth_authen}"); ++ debug(D_MISC, "auth_authen=%s", auth_authen ?: "<unauthenticated>"); ++ ++ if (auth_authen) ++ { ++ debug(D_MISC, "sender authenticated (%s) - accepting message", ++ auth_authen); ++ debug(D_FUNC, "mlfi_envfrom: exit ignore"); ++ return SMFIS_ACCEPT; ++ } ++ } ++ + debug(D_FUNC, "mlfi_envfrom: enter"); + try { + // launch new SpamAssassin +--- spamass-milter.1.in 2011-06-08 12:05:35.000000000 +0000 ++++ spamass-milter.1.in 2011-06-08 12:06:57.000000000 +0000 +@@ -14,6 +14,7 @@ + .Op Fl e Ar defaultdomain + .Op Fl f + .Op Fl i Ar networks ++.Op Fl I + .Op Fl m + .Op Fl M + .Op Fl P Ar pidfile +@@ -119,6 +120,8 @@ + flags will append to the list. + For example, if you list all your internal networks, no outgoing emails + will be filtered. ++.It Fl I ++Ignores messages if the sender has authenticated via SMTP AUTH. + .It Fl m + Disables modification of the + .Ql Subject: diff --git a/mail-filter/spamass-milter/files/spamass-milter-header.patch b/mail-filter/spamass-milter/files/spamass-milter-header.patch new file mode 100644 index 000000000000..450b08cd89a8 --- /dev/null +++ b/mail-filter/spamass-milter/files/spamass-milter-header.patch @@ -0,0 +1,15 @@ +Do not mangle headers - bug #264304 +--- spamass-milter.cppi~ 2011-06-08 11:33:25.000000000 +0000 ++++ spamass-milter.cpp 2011-06-08 11:34:31.000000000 +0000 +@@ -1002,9 +1002,9 @@ + + assassin->output((string) + "Received: from "+macro_s+" ("+macro__+")\r\n\t"+ +- "by "+macro_j+"("+macro_v+"/"+macro_Z+") with "+macro_r+" id "+macro_i+"\r\n\t"+ ++ "by "+macro_j+" ("+macro_v+"/"+macro_Z+") with "+macro_r+" id "+macro_i+"\r\n\t"+ + macro_b+"\r\n\t"+ +- "(envelope-from "+assassin->from()+"\r\n"); ++ "(envelope-from "+assassin->from()+")\r\n"); + + } else + assassin->output((string)"X-Envelope-To: "+envrcpt[0]+"\r\n"); diff --git a/mail-filter/spamass-milter/files/spamass-milter-popen.patch b/mail-filter/spamass-milter/files/spamass-milter-popen.patch new file mode 100644 index 000000000000..3a7279cc2bda --- /dev/null +++ b/mail-filter/spamass-milter/files/spamass-milter-popen.patch @@ -0,0 +1,233 @@ +See bug #310049 + +Index: spamass-milter.cpp +=================================================================== +RCS file: /cvsroot/spamass-milt/spamass-milt/spamass-milter.cpp,v +retrieving revision 1.91 +diff -u -r1.91 spamass-milter.cpp +--- spamass-milter.cpp 24 Jul 2006 19:59:17 -0000 1.91 ++++ spamass-milter.cpp 10 Mar 2010 18:52:22 -0000 +@@ -171,10 +171,6 @@ + bool flag_expand = false; /* alias/virtusertable expansion */ + bool warnedmacro = false; /* have we logged that we couldn't fetch a macro? */ + +-#if defined(__FreeBSD__) /* popen bug - see PR bin/50770 */ +-static pthread_mutex_t popen_mutex = PTHREAD_MUTEX_INITIALIZER; +-#endif +- + // {{{ main() + + int +@@ -461,59 +457,24 @@ + send another copy. The milter API will not let you send the + message AND return a failure code to the sender, so this is + the only way to do it. */ +-#if defined(__FreeBSD__) +- int rv; +-#endif +- +-#if defined(HAVE_ASPRINTF) +- char *buf; +-#else +- char buf[1024]; +-#endif +- char *fmt="%s \"%s\""; ++ char *popen_argv[3]; + FILE *p; + +-#if defined(HAVE_ASPRINTF) +- asprintf(&buf, fmt, SENDMAIL, spambucket); +-#else +-#if defined(HAVE_SNPRINTF) +- snprintf(buf, sizeof(buf)-1, fmt, SENDMAIL, spambucket); +-#else +- /* XXX possible buffer overflow here */ +- sprintf(buf, fmt, SENDMAIL, spambucket); +-#endif +-#endif +- +- debug(D_COPY, "calling %s", buf); +-#if defined(__FreeBSD__) /* popen bug - see PR bin/50770 */ +- rv = pthread_mutex_lock(&popen_mutex); +- if (rv) +- { +- debug(D_ALWAYS, "Could not lock popen mutex: %s", strerror(rv)); +- abort(); +- } +-#endif +- p = popen(buf, "w"); ++ popen_argv[0] = SENDMAIL; ++ popen_argv[1] = spambucket; ++ popen_argv[2] = NULL; ++ ++ debug(D_COPY, "calling %s %s", SENDMAIL, spambucket); ++ p = popenv(popen_argv, "w"); + if (!p) + { +- debug(D_COPY, "popen failed(%s). Will not send a copy to spambucket", strerror(errno)); ++ debug(D_COPY, "popenv failed(%s). Will not send a copy to spambucket", strerror(errno)); + } else + { + // Send message provided by SpamAssassin + fwrite(assassin->d().c_str(), assassin->d().size(), 1, p); +- pclose(p); p = NULL; ++ fclose(p); p = NULL; + } +-#if defined(__FreeBSD__) +- rv = pthread_mutex_unlock(&popen_mutex); +- if (rv) +- { +- debug(D_ALWAYS, "Could not unlock popen mutex: %s", strerror(rv)); +- abort(); +- } +-#endif +-#if defined(HAVE_ASPRINTF) +- free(buf); +-#endif + } + return SMFIS_REJECT; + } +@@ -842,30 +803,19 @@ + /* open a pipe to sendmail so we can do address expansion */ + + char buf[1024]; +- char *fmt="%s -bv \"%s\" 2>&1"; +- +-#if defined(HAVE_SNPRINTF) +- snprintf(buf, sizeof(buf)-1, fmt, SENDMAIL, envrcpt[0]); +-#else +- /* XXX possible buffer overflow here */ +- sprintf(buf, fmt, SENDMAIL, envrcpt[0]); +-#endif ++ char *popen_argv[4]; ++ ++ popen_argv[0] = SENDMAIL; ++ popen_argv[1] = "-bv"; ++ popen_argv[2] = envrcpt[0]; ++ popen_argv[3] = NULL; + +- debug(D_RCPT, "calling %s", buf); ++ debug(D_RCPT, "calling %s -bv %s", SENDMAIL, envrcpt[0]); + +-#if defined(__FreeBSD__) /* popen bug - see PR bin/50770 */ +- rv = pthread_mutex_lock(&popen_mutex); +- if (rv) +- { +- debug(D_ALWAYS, "Could not lock popen mutex: %s", strerror(rv)); +- abort(); +- } +-#endif +- +- p = popen(buf, "r"); ++ p = popenv(popen_argv, "r"); + if (!p) + { +- debug(D_RCPT, "popen failed(%s). Will not expand aliases", strerror(errno)); ++ debug(D_RCPT, "popenv failed(%s). Will not expand aliases", strerror(errno)); + assassin->expandedrcpt.push_back(envrcpt[0]); + } else + { +@@ -890,16 +840,8 @@ + assassin->expandedrcpt.push_back(p+7); + } + } +- pclose(p); p = NULL; ++ fclose(p); p = NULL; + } +-#if defined(__FreeBSD__) +- rv = pthread_mutex_unlock(&popen_mutex); +- if (rv) +- { +- debug(D_ALWAYS, "Could not unlock popen mutex: %s", strerror(rv)); +- abort(); +- } +-#endif + } else + { + assassin->expandedrcpt.push_back(envrcpt[0]); +@@ -2157,5 +2099,71 @@ + warnedmacro = true; + } + ++/* ++ untrusted-argument-safe popen function - only supports "r" and "w" modes ++ for simplicity, and always reads stdout and stderr in "r" mode. Call ++ fclose to close the FILE. ++*/ ++FILE *popenv(char *const argv[], const char *type) ++{ ++ FILE *iop; ++ int pdes[2]; ++ int save_errno; ++ if ((*type != 'r' && *type != 'w') || type[1]) ++ { ++ errno = EINVAL; ++ return (NULL); ++ } ++ if (pipe(pdes) < 0) ++ return (NULL); ++ switch (fork()) { ++ ++ case -1: /* Error. */ ++ save_errno = errno; ++ (void)close(pdes[0]); ++ (void)close(pdes[1]); ++ errno = save_errno; ++ return (NULL); ++ /* NOTREACHED */ ++ case 0: /* Child. */ ++ if (*type == 'r') { ++ /* ++ * The dup2() to STDIN_FILENO is repeated to avoid ++ * writing to pdes[1], which might corrupt the ++ * parent's copy. This isn't good enough in ++ * general, since the exit() is no return, so ++ * the compiler is free to corrupt all the local ++ * variables. ++ */ ++ (void)close(pdes[0]); ++ (void)dup2(pdes[1], STDOUT_FILENO); ++ (void)dup2(pdes[1], STDERR_FILENO); ++ if (pdes[1] != STDOUT_FILENO && pdes[1] != STDERR_FILENO) { ++ (void)close(pdes[1]); ++ } ++ } else { ++ if (pdes[0] != STDIN_FILENO) { ++ (void)dup2(pdes[0], STDIN_FILENO); ++ (void)close(pdes[0]); ++ } ++ (void)close(pdes[1]); ++ } ++ execv(argv[0], argv); ++ exit(127); ++ /* NOTREACHED */ ++ } ++ ++ /* Parent; assume fdopen can't fail. */ ++ if (*type == 'r') { ++ iop = fdopen(pdes[0], type); ++ (void)close(pdes[1]); ++ } else { ++ iop = fdopen(pdes[1], type); ++ (void)close(pdes[0]); ++ } ++ ++ return (iop); ++} ++ + // }}} + // vim6:ai:noexpandtab +Index: spamass-milter.h +=================================================================== +RCS file: /cvsroot/spamass-milt/spamass-milt/spamass-milter.h,v +retrieving revision 1.23 +diff -u -r1.23 spamass-milter.h +--- spamass-milter.h 7 Apr 2005 02:04:24 -0000 1.23 ++++ spamass-milter.h 10 Mar 2010 18:52:22 -0000 +@@ -186,5 +186,6 @@ + void parse_debuglevel(char* string); + char *strlwr(char *str); + void warnmacro(char *macro, char *scope); ++FILE *popenv(char *const argv[], const char *type); + + #endif diff --git a/mail-filter/spamass-milter/spamass-milter-0.3.1-r4.ebuild b/mail-filter/spamass-milter/spamass-milter-0.3.1-r4.ebuild new file mode 100644 index 000000000000..e5446c9b123f --- /dev/null +++ b/mail-filter/spamass-milter/spamass-milter-0.3.1-r4.ebuild @@ -0,0 +1,51 @@ +# Copyright 1999-2011 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/mail-filter/spamass-milter/spamass-milter-0.3.1-r4.ebuild,v 1.1 2011/06/08 12:24:51 eras Exp $ + +EAPI=4 + +inherit eutils + +IUSE="" + +DESCRIPTION="A milter for SpamAssassin" +HOMEPAGE="http://savannah.nongnu.org/projects/spamass-milt/" +SRC_URI="http://savannah.nongnu.org/download/spamass-milt/${P}.tar.bz2" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="~amd64 ~ppc ~sparc ~x86" + +DEPEND="|| ( mail-filter/libmilter mail-mta/sendmail ) + >=mail-filter/spamassassin-3.1.0" +RDEPEND="${DEPEND}" + +pkg_setup() { + enewgroup milter + enewuser milter -1 -1 /var/lib/milter milter +} + +src_prepare() { + epatch "${FILESDIR}"/${PN}-header.patch + epatch "${FILESDIR}"/${PN}-auth_users.patch + epatch "${FILESDIR}"/${PN}-popen.patch +} + +src_install() { + emake DESTDIR="${D}" install + + newinitd "${FILESDIR}"/spamass-milter.rc3 spamass-milter + newconfd "${FILESDIR}"/spamass-milter.conf3 spamass-milter + dodir /var/run/milter + keepdir /var/run/milter + fowners milter:milter /var/run/milter + dodir /var/lib/milter + keepdir /var/lib/milter + fowners milter:milter /var/lib/milter + + dodoc AUTHORS NEWS README ChangeLog "${FILESDIR}/README.gentoo" +} + +pkg_postinst() { + elog "Documentation is installed in /usr/share/doc/${P}" +} |