summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMichael Orlitzky <mjo@gentoo.org>2018-09-17 22:05:09 -0400
committerMichael Orlitzky <mjo@gentoo.org>2018-09-17 22:43:25 -0400
commit0dbbc52674fccc8c21209fe42b9e66790369901f (patch)
treea270ecd39112aede47f07aa8f6d940ff217ae3c8 /mail-filter
parentsys-kernel/gentoo-sources-4.4.150: ppc64 stable, bug 663744 (diff)
downloadgentoo-0dbbc52674fccc8c21209fe42b9e66790369901f.tar.gz
gentoo-0dbbc52674fccc8c21209fe42b9e66790369901f.tar.bz2
gentoo-0dbbc52674fccc8c21209fe42b9e66790369901f.zip
mail-filter/spamassassin: new version 3.4.2.
This new version incorporates a ton of fixes that have piled on top of v3.4.1 over the past few years. As a result, we are able to drop all of our PATCHES in the new ebuild. The new version also addresses four security vulnerabilities: * CVE-2016-1238 * CVE-2017-15705 * CVE-2018-11780 * CVE-2018-11781 Sadly, there is a new failure in the test suite (upstream bug 7622) so I've added RESTRICT=test for now. Stabilization of this version should already be fast-tracked for the security issues mentioned above, but just in case, the release notes have the following to say: If you do not update to 3.4.2, you will be stuck at the last ruleset with SHA-1 signatures in the near future. Bug: https://bugs.gentoo.org/666348 Bug: https://bz.apache.org/SpamAssassin/show_bug.cgi?id=7622 Package-Manager: Portage-2.3.40, Repoman-2.3.9
Diffstat (limited to 'mail-filter')
-rw-r--r--mail-filter/spamassassin/Manifest1
-rw-r--r--mail-filter/spamassassin/spamassassin-3.4.2.ebuild242
2 files changed, 243 insertions, 0 deletions
diff --git a/mail-filter/spamassassin/Manifest b/mail-filter/spamassassin/Manifest
index d2d417e002fb..6b7489e6f216 100644
--- a/mail-filter/spamassassin/Manifest
+++ b/mail-filter/spamassassin/Manifest
@@ -1 +1,2 @@
DIST Mail-SpamAssassin-3.4.1.tar.bz2 2710985 BLAKE2B f85b0ed2bae783bc6dfa39df36589a6cb90e6c657efcff1fa094f952847e4bcb24aa232b6689804bb1170204ae1d33216ed9bde207d7a7a6863410d8f847c391 SHA512 91d50e2ce6520e3e1c7bc66da133a0815be34ced15e26b6e6c17af5a03d5c62f41d8086f25f65084d6634497148cf5439977d7d4a44d7c3e307535beac6629af
+DIST Mail-SpamAssassin-3.4.2.tar.bz2 2700016 BLAKE2B a29b4cfce5e578c07ec54b2224191917dc45bcefff071f674c572fc905f1d6324827bcc21c338546bdea11140fc20474a16314218e2fd4fa685965b0e0078df8 SHA512 fe3d9d1d7b9fed3063549afd071066729f1f4d998be91ded1e5afc29bb37c7a298dc5f8f99a282b75435d317b5b5072a81393134ccfe059a73d953e26a9c3885
diff --git a/mail-filter/spamassassin/spamassassin-3.4.2.ebuild b/mail-filter/spamassassin/spamassassin-3.4.2.ebuild
new file mode 100644
index 000000000000..340edb07078a
--- /dev/null
+++ b/mail-filter/spamassassin/spamassassin-3.4.2.ebuild
@@ -0,0 +1,242 @@
+# Copyright 1999-2018 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=6
+
+inherit perl-functions systemd toolchain-funcs user
+
+MY_P="Mail-SpamAssassin-${PV//_/-}"
+S="${WORKDIR}/${MY_P}"
+DESCRIPTION="An extensible mail filter which can identify and tag spam"
+HOMEPAGE="https://spamassassin.apache.org/"
+SRC_URI="mirror://apache/spamassassin/source/${MY_P}.tar.bz2"
+
+LICENSE="Apache-2.0 GPL-2"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~x86-fbsd ~amd64-linux ~x86-linux ~x86-macos"
+IUSE="berkdb cron ipv6 ldap libressl mysql postgres qmail sqlite ssl test"
+
+# Upstream bug 7622.
+RESTRICT=test
+
+# The Makefile.PL script checks for dependencies, but only fails if a
+# required (i.e. not optional) dependency is missing. We therefore
+# require most of the optional modules only at runtime.
+REQDEPEND="dev-lang/perl:=
+ dev-perl/HTML-Parser
+ dev-perl/Net-DNS
+ dev-perl/NetAddr-IP
+ virtual/perl-Archive-Tar
+ virtual/perl-Digest-SHA
+ virtual/perl-IO-Zlib
+ virtual/perl-Time-HiRes
+ ssl? (
+ !libressl? ( dev-libs/openssl:0= )
+ libressl? ( dev-libs/libressl )
+ )"
+
+# SpamAssassin doesn't use libwww-perl except as a fallback for when
+# curl/wget are missing, so we depend on one of those instead. Some
+# mirrors use https, so we need those utilities to support SSL.
+#
+# re2c is needed to compile the rules (sa-compile).
+#
+# We still need the old Digest-SHA1 because razor2 has not been ported
+# to Digest-SHA.
+OPTDEPEND="app-crypt/gnupg
+ dev-perl/Digest-SHA1
+ dev-perl/Encode-Detect
+ dev-perl/Geo-IP
+ dev-perl/HTTP-Date
+ dev-perl/Mail-DKIM
+ dev-perl/Mail-SPF
+ dev-perl/Net-Patricia
+ dev-perl/Net-CIDR-Lite
+ dev-util/re2c
+ || ( net-misc/wget[ssl] net-misc/curl[ssl] )
+ virtual/perl-MIME-Base64
+ virtual/perl-Pod-Parser
+ berkdb? ( virtual/perl-DB_File )
+ ipv6? ( dev-perl/IO-Socket-INET6 )
+ ldap? ( dev-perl/perl-ldap )
+ mysql? (
+ dev-perl/DBI
+ dev-perl/DBD-mysql
+ )
+ postgres? (
+ dev-perl/DBI
+ dev-perl/DBD-Pg
+ )
+ sqlite? (
+ dev-perl/DBI
+ dev-perl/DBD-SQLite
+ )
+ ssl? ( dev-perl/IO-Socket-SSL )"
+
+DEPEND="${REQDEPEND}
+ test? (
+ ${OPTDEPEND}
+ virtual/perl-Test-Harness
+ )"
+RDEPEND="${REQDEPEND} ${OPTDEPEND}"
+
+src_prepare() {
+ default
+
+ # The sa_compile test does some weird stuff like hopping around in
+ # the directory tree and calling "make" to create a dist tarball
+ # from ${S}. It fails, and is more trouble than it's worth...
+ perl_rm_files t/sa_compile.t || die 'failed to remove sa_compile test'
+
+ # The spamc tests (which need the networked spamd daemon) fail for
+ # irrelevant reasons. It's too hard to disable them (unlike the
+ # spamd tests themselves -- see src_test), so use a crude
+ # workaround.
+ perl_rm_files t/spamc_*.t || die 'failed to remove spamc tests'
+}
+
+src_configure() {
+ # This is how and where the perl-module eclass disables the
+ # MakeMaker interactive prompt.
+ export PERL_MM_USE_DEFAULT=1
+
+ # Set SYSCONFDIR explicitly so we can't get bitten by bug 48205 again
+ # (just to be sure, nobody knows how it could happen in the first place).
+ #
+ # We also set the path to the perl executable explictly. This will be
+ # used to create the initial shebang line in the scripts (bug 62276).
+ perl Makefile.PL \
+ PREFIX="${EPREFIX}/usr" \
+ INSTALLDIRS=vendor \
+ SYSCONFDIR="${EPREFIX}/etc" \
+ DATADIR="${EPREFIX}/usr/share/spamassassin" \
+ PERL_BIN="${EPREFIX}/usr/bin/perl" \
+ ENABLE_SSL="$(usex ssl)" \
+ DESTDIR="${D}" \
+ || die 'failed to create a Makefile using Makefile.PL'
+
+ # Now configure spamc.
+ emake CC="$(tc-getCC)" LDFLAGS="${LDFLAGS}" spamc/Makefile
+}
+
+src_compile() {
+ emake
+ use qmail && emake spamc/qmail-spamc
+}
+
+src_install () {
+ emake install
+ einstalldocs
+
+ # Create the stub dir used by sa-update and friends
+ keepdir /var/lib/spamassassin
+
+ # Move spamd to sbin where it belongs.
+ dodir /usr/sbin
+ mv "${ED}"/usr/bin/spamd "${ED}"/usr/sbin/spamd || die "move spamd failed"
+
+ if use qmail; then
+ dobin spamc/qmail-spamc
+ fi
+
+ dosym mail/spamassassin /etc/spamassassin
+
+ # Disable plugin by default
+ sed -i -e 's/^loadplugin/\#loadplugin/g' \
+ "${ED}/etc/mail/spamassassin/init.pre" \
+ || die "failed to disable plugins by default"
+
+ # Add the init and config scripts.
+ newinitd "${FILESDIR}/3.4.1-spamd.init-r3" spamd
+ newconfd "${FILESDIR}/3.4.1-spamd.conf-r1" spamd
+
+ systemd_newunit "${FILESDIR}/${PN}.service-r4" "${PN}.service"
+ systemd_install_serviced "${FILESDIR}/${PN}.service.conf-r2" \
+ "${PN}.service"
+
+ use postgres && dodoc sql/*_pg.sql
+ use mysql && dodoc sql/*_mysql.sql
+
+ dodoc NOTICE TRADEMARK CREDITS UPGRADE USAGE sql/README.bayes \
+ sql/README.awl procmailrc.example sample-nonspam.txt \
+ sample-spam.txt spamd/PROTOCOL spamd/README.vpopmail \
+ spamd-apache2/README.apache
+
+ # Rename some files so that they don't clash with others.
+ newdoc spamd/README README.spamd
+ newdoc sql/README README.sql
+ newdoc ldap/README README.ldap
+
+ if use qmail; then
+ dodoc spamc/README.qmail
+ fi
+
+ insinto /etc/mail/spamassassin/
+ insopts -m0400
+ newins "${FILESDIR}"/secrets.cf secrets.cf.example
+
+ # Create the directory where sa-update stores its GPG key (if you
+ # choose to import one). If this directory does not exist, the
+ # import will fail. This is bug 396307. We expect that the import
+ # will be performed as root, and making the directory accessible
+ # only to root prevents a warning on the command-line.
+ diropts -m0700
+ dodir /etc/mail/spamassassin/sa-update-keys
+
+ if use cron; then
+ # Install the cron job if they want it.
+ exeinto /etc/cron.daily
+ newexe "${FILESDIR}/update-spamassassin-rules.cron" \
+ update-spamassassin-rules
+ fi
+
+ # Remove perllocal.pod to avoid file collisions (bug #603338).
+ perl_delete_localpod || die "failed to remove perllocal.pod"
+
+ # The perl-module eclass calls three other functions to clean
+ # up in src_install. The first fixes references to ${D} in the
+ # packlist, and is useful to us, too. The other two functions,
+ # perl_delete_emptybsdir and perl_remove_temppath, don't seem
+ # to be needed: there are no empty directories, *.bs files, or
+ # ${D} paths remaining in our installed image.
+ perl_fix_packlist || die "failed to fix paths in packlist"
+}
+
+src_test() {
+ # Trick the test suite into skipping the spamd tests. Setting
+ # SPAMD_HOST to a non-localhost value causes SKIP_SPAMD_TESTS to be
+ # set in SATest.pm.
+ export SPAMD_HOST=disabled
+ default
+}
+
+pkg_preinst() {
+ # The spamd daemon runs as this user. Use a real home directory so
+ # that it can hold SA configuration.
+ enewuser spamd -1 -1 /home/spamd
+}
+
+pkg_postinst() {
+ elog
+ elog 'No rules are installed by default. You will need to run sa-update'
+ elog 'at least once, and most likely configure SpamAssassin before it'
+ elog 'will work.'
+
+ if ! use cron; then
+ elog
+ elog 'You should consider a cron job for sa-update. One is provided'
+ elog 'for daily updates if you enable the "cron" USE flag.'
+ fi
+ elog
+ elog 'Configuration and update help can be found on the wiki:'
+ elog
+ elog ' https://wiki.gentoo.org/wiki/SpamAssassin'
+ elog
+
+ ewarn 'If this version of SpamAssassin causes permissions issues'
+ ewarn 'with your user configurations or bayes databases, then you'
+ ewarn 'may need to set SPAMD_RUN_AS_ROOT=true in your OpenRC service'
+ ewarn 'configuration file, or remove the --username and --groupname'
+ ewarn 'flags from the SPAMD_OPTS variable in your systemd service'
+ ewarn 'configuration file.'
+}