summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorEray Aslan <eras@gentoo.org>2011-07-09 12:06:53 +0000
committerEray Aslan <eras@gentoo.org>2011-07-09 12:06:53 +0000
commitb500746ffc5c93130c3436a4c34a8944fa2a2d86 (patch)
treefac16b8597b8315f337df7cd30f86ab11c446315 /mail-filter/spamass-milter
parentInstall xterm.desktop and uxterm.desktop wrt #350545 by Michelangelo Scopelliti (diff)
downloadgentoo-2-b500746ffc5c93130c3436a4c34a8944fa2a2d86.tar.gz
gentoo-2-b500746ffc5c93130c3436a4c34a8944fa2a2d86.tar.bz2
gentoo-2-b500746ffc5c93130c3436a4c34a8944fa2a2d86.zip
Bump for revized version of popen() patch that does not generate zombie processes.
(Portage version: 2.1.10.4/cvs/Linux x86_64)
Diffstat (limited to 'mail-filter/spamass-milter')
-rw-r--r--mail-filter/spamass-milter/ChangeLog9
-rw-r--r--mail-filter/spamass-milter/files/spamass-milter-popen-r1.patch220
-rw-r--r--mail-filter/spamass-milter/spamass-milter-0.3.1-r5.ebuild51
3 files changed, 279 insertions, 1 deletions
diff --git a/mail-filter/spamass-milter/ChangeLog b/mail-filter/spamass-milter/ChangeLog
index b8c2c7c0a7d3..5bc11ea90cf4 100644
--- a/mail-filter/spamass-milter/ChangeLog
+++ b/mail-filter/spamass-milter/ChangeLog
@@ -1,6 +1,13 @@
# ChangeLog for mail-filter/spamass-milter
# Copyright 1999-2011 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/mail-filter/spamass-milter/ChangeLog,v 1.26 2011/06/13 09:50:38 eras Exp $
+# $Header: /var/cvsroot/gentoo-x86/mail-filter/spamass-milter/ChangeLog,v 1.27 2011/07/09 12:06:53 eras Exp $
+
+*spamass-milter-0.3.1-r5 (09 Jul 2011)
+
+ 09 Jul 2011; Eray Aslan <eras@gentoo.org>
+ +files/spamass-milter-popen-r1.patch, +spamass-milter-0.3.1-r5.ebuild:
+ Bump for revized version of popen() patch that does not generate zombie
+ processes.
13 Jun 2011; Eray Aslan <eras@gentoo.org> -spamass-milter-0.3.1-r1.ebuild,
-spamass-milter-0.3.1-r2.ebuild, -spamass-milter-0.3.1-r3.ebuild:
diff --git a/mail-filter/spamass-milter/files/spamass-milter-popen-r1.patch b/mail-filter/spamass-milter/files/spamass-milter-popen-r1.patch
new file mode 100644
index 000000000000..b6cc9e3f3c32
--- /dev/null
+++ b/mail-filter/spamass-milter/files/spamass-milter-popen-r1.patch
@@ -0,0 +1,220 @@
+--- spamass-milter.cpp 2011-07-09 11:26:20.000000000 +0000
++++ spamass-milter.cpp 2011-07-09 11:53:53.000000000 +0000
+@@ -172,10 +172,6 @@
+ bool warnedmacro = false; /* have we logged that we couldn't fetch a macro? */
+ bool ignore_authenticated_senders = false;
+
+-#if defined(__FreeBSD__) /* popen bug - see PR bin/50770 */
+-static pthread_mutex_t popen_mutex = PTHREAD_MUTEX_INITIALIZER;
+-#endif
+-
+ // {{{ main()
+
+ int
+@@ -467,59 +463,23 @@
+ send another copy. The milter API will not let you send the
+ message AND return a failure code to the sender, so this is
+ the only way to do it. */
+-#if defined(__FreeBSD__)
+- int rv;
+-#endif
+-
+-#if defined(HAVE_ASPRINTF)
+- char *buf;
+-#else
+- char buf[1024];
+-#endif
+- char *fmt="%s \"%s\"";
++ char sendmail_prog[] = SENDMAIL;
++ char *const popen_argv[] = { sendmail_prog, spambucket, NULL };
+ FILE *p;
++ pid_t pid;
+
+-#if defined(HAVE_ASPRINTF)
+- asprintf(&buf, fmt, SENDMAIL, spambucket);
+-#else
+-#if defined(HAVE_SNPRINTF)
+- snprintf(buf, sizeof(buf)-1, fmt, SENDMAIL, spambucket);
+-#else
+- /* XXX possible buffer overflow here */
+- sprintf(buf, fmt, SENDMAIL, spambucket);
+-#endif
+-#endif
+-
+- debug(D_COPY, "calling %s", buf);
+-#if defined(__FreeBSD__) /* popen bug - see PR bin/50770 */
+- rv = pthread_mutex_lock(&popen_mutex);
+- if (rv)
+- {
+- debug(D_ALWAYS, "Could not lock popen mutex: %s", strerror(rv));
+- abort();
+- }
+-#endif
+- p = popen(buf, "w");
++ debug(D_COPY, "calling %s %s", SENDMAIL, spambucket);
++ p = popenv(popen_argv, "w", &pid);
+ if (!p)
+ {
+- debug(D_COPY, "popen failed(%s). Will not send a copy to spambucket", strerror(errno));
++ debug(D_COPY, "popenv failed(%s). Will not send a copy to spambucket", strerror(errno));
+ } else
+ {
+ // Send message provided by SpamAssassin
+ fwrite(assassin->d().c_str(), assassin->d().size(), 1, p);
+- pclose(p); p = NULL;
++ fclose(p); p = NULL;
++ waitpid(pid, NULL, 0);
+ }
+-#if defined(__FreeBSD__)
+- rv = pthread_mutex_unlock(&popen_mutex);
+- if (rv)
+- {
+- debug(D_ALWAYS, "Could not unlock popen mutex: %s", strerror(rv));
+- abort();
+- }
+-#endif
+-#if defined(HAVE_ASPRINTF)
+- free(buf);
+-#endif
+ }
+ return SMFIS_REJECT;
+ }
+@@ -864,30 +824,17 @@
+ /* open a pipe to sendmail so we can do address expansion */
+
+ char buf[1024];
+- char *fmt="%s -bv \"%s\" 2>&1";
+-
+-#if defined(HAVE_SNPRINTF)
+- snprintf(buf, sizeof(buf)-1, fmt, SENDMAIL, envrcpt[0]);
+-#else
+- /* XXX possible buffer overflow here */
+- sprintf(buf, fmt, SENDMAIL, envrcpt[0]);
+-#endif
+-
+- debug(D_RCPT, "calling %s", buf);
++ char sendmail_prog[] = SENDMAIL;
++ char sendmail_mode[] = "-bv";
++ char * const popen_argv[] = { sendmail_prog, sendmail_mode, envrcpt[0], NULL };
++ pid_t pid;
+
+-#if defined(__FreeBSD__) /* popen bug - see PR bin/50770 */
+- rv = pthread_mutex_lock(&popen_mutex);
+- if (rv)
+- {
+- debug(D_ALWAYS, "Could not lock popen mutex: %s", strerror(rv));
+- abort();
+- }
+-#endif
++ debug(D_RCPT, "calling %s -bv %s", SENDMAIL, envrcpt[0]);
+
+- p = popen(buf, "r");
++ p = popenv(popen_argv, "r", &pid);
+ if (!p)
+ {
+- debug(D_RCPT, "popen failed(%s). Will not expand aliases", strerror(errno));
++ debug(D_RCPT, "popenv failed(%s). Will not expand aliases", strerror(errno));
+ assassin->expandedrcpt.push_back(envrcpt[0]);
+ } else
+ {
+@@ -912,16 +859,9 @@
+ assassin->expandedrcpt.push_back(p+7);
+ }
+ }
+- pclose(p); p = NULL;
++ fclose(p); p = NULL;
++ waitpid(pid, NULL, 0);
+ }
+-#if defined(__FreeBSD__)
+- rv = pthread_mutex_unlock(&popen_mutex);
+- if (rv)
+- {
+- debug(D_ALWAYS, "Could not unlock popen mutex: %s", strerror(rv));
+- abort();
+- }
+-#endif
+ } else
+ {
+ assassin->expandedrcpt.push_back(envrcpt[0]);
+@@ -2179,5 +2119,72 @@
+ warnedmacro = true;
+ }
+
++/*
++ untrusted-argument-safe popen function - only supports "r" and "w" modes
++ for simplicity, and always reads stdout and stderr in "r" mode. Call
++ fclose to close the FILE, and waitpid to reap the child process (pid).
++*/
++FILE *popenv(char *const argv[], const char *type, pid_t *pid)
++{
++ FILE *iop;
++ int pdes[2];
++ int save_errno;
++
++ if ((*type != 'r' && *type != 'w') || type[1])
++ {
++ errno = EINVAL;
++ return (NULL);
++ }
++ if (pipe(pdes) < 0)
++ return (NULL);
++ switch (*pid = fork()) {
++
++ case -1: /* Error. */
++ save_errno = errno;
++ (void)close(pdes[0]);
++ (void)close(pdes[1]);
++ errno = save_errno;
++ return (NULL);
++ /* NOTREACHED */
++ case 0: /* Child. */
++ if (*type == 'r') {
++ /*
++ * The dup2() to STDIN_FILENO is repeated to avoid
++ * writing to pdes[1], which might corrupt the
++ * parent's copy. This isn't good enough in
++ * general, since the exit() is no return, so
++ * the compiler is free to corrupt all the local
++ * variables.
++ */
++ (void)close(pdes[0]);
++ (void)dup2(pdes[1], STDOUT_FILENO);
++ (void)dup2(pdes[1], STDERR_FILENO);
++ if (pdes[1] != STDOUT_FILENO && pdes[1] != STDERR_FILENO) {
++ (void)close(pdes[1]);
++ }
++ } else {
++ if (pdes[0] != STDIN_FILENO) {
++ (void)dup2(pdes[0], STDIN_FILENO);
++ (void)close(pdes[0]);
++ }
++ (void)close(pdes[1]);
++ }
++ execv(argv[0], argv);
++ exit(127);
++ /* NOTREACHED */
++ }
++
++ /* Parent; assume fdopen can't fail. */
++ if (*type == 'r') {
++ iop = fdopen(pdes[0], type);
++ (void)close(pdes[1]);
++ } else {
++ iop = fdopen(pdes[1], type);
++ (void)close(pdes[0]);
++ }
++
++ return (iop);
++}
++
+ // }}}
+ // vim6:ai:noexpandtab
+--- spamass-milter.h 2011-07-09 11:55:14.000000000 +0000
++++ spamass-milter.h 2011-07-09 11:56:02.000000000 +0000
+@@ -186,5 +186,6 @@
+ void parse_debuglevel(char* string);
+ char *strlwr(char *str);
+ void warnmacro(char *macro, char *scope);
++FILE *popenv(char *const argv[], const char *type, pid_t *pid);
+
+ #endif
diff --git a/mail-filter/spamass-milter/spamass-milter-0.3.1-r5.ebuild b/mail-filter/spamass-milter/spamass-milter-0.3.1-r5.ebuild
new file mode 100644
index 000000000000..2e3fb015bc85
--- /dev/null
+++ b/mail-filter/spamass-milter/spamass-milter-0.3.1-r5.ebuild
@@ -0,0 +1,51 @@
+# Copyright 1999-2011 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/mail-filter/spamass-milter/spamass-milter-0.3.1-r5.ebuild,v 1.1 2011/07/09 12:06:53 eras Exp $
+
+EAPI=4
+
+inherit eutils
+
+IUSE=""
+
+DESCRIPTION="A milter for SpamAssassin"
+HOMEPAGE="http://savannah.nongnu.org/projects/spamass-milt/"
+SRC_URI="http://savannah.nongnu.org/download/spamass-milt/${P}.tar.bz2"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~amd64 ~ppc ~x86"
+
+DEPEND="|| ( mail-filter/libmilter mail-mta/sendmail )
+ >=mail-filter/spamassassin-3.1.0"
+RDEPEND="${DEPEND}"
+
+pkg_setup() {
+ enewgroup milter
+ enewuser milter -1 -1 /var/lib/milter milter
+}
+
+src_prepare() {
+ epatch "${FILESDIR}"/${PN}-header.patch
+ epatch "${FILESDIR}"/${PN}-auth_users.patch
+ epatch "${FILESDIR}"/${PN}-popen-r1.patch
+}
+
+src_install() {
+ emake DESTDIR="${D}" install
+
+ newinitd "${FILESDIR}"/spamass-milter.rc3 spamass-milter
+ newconfd "${FILESDIR}"/spamass-milter.conf3 spamass-milter
+ dodir /var/run/milter
+ keepdir /var/run/milter
+ fowners milter:milter /var/run/milter
+ dodir /var/lib/milter
+ keepdir /var/lib/milter
+ fowners milter:milter /var/lib/milter
+
+ dodoc AUTHORS NEWS README ChangeLog "${FILESDIR}/README.gentoo"
+}
+
+pkg_postinst() {
+ elog "Documentation is installed in /usr/share/doc/${P}"
+}