From f045aa7c03f3b649b2a6b163bcee0b196e472b88 Mon Sep 17 00:00:00 2001 From: "B. Watson" Date: Fri, 11 Feb 2022 21:50:07 -0500 Subject: [PATCH] system/clamsmtp: Fix 15.0 build. Signed-off-by: B. Watson Signed-off-by: Willy Sudiarto Raharjo --- system/clamsmtp/README | 10 +- system/clamsmtp/clamsmtp.SlackBuild | 31 +++-- system/clamsmtp/doinst.sh | 5 +- .../clamsmtp/patches/300175-fileperms.patch | 32 +++++ system/clamsmtp/patches/gnu_source.patch | 13 ++ system/clamsmtp/patches/include_order.patch | 64 +++++++++ system/clamsmtp/patches/leading_dots.patch | 121 ++++++++++++++++++ system/clamsmtp/patches/manpage.patch | 13 ++ system/clamsmtp/patches/series | 5 + 9 files changed, 270 insertions(+), 24 deletions(-) create mode 100644 system/clamsmtp/patches/300175-fileperms.patch create mode 100644 system/clamsmtp/patches/gnu_source.patch create mode 100644 system/clamsmtp/patches/include_order.patch create mode 100644 system/clamsmtp/patches/leading_dots.patch create mode 100644 system/clamsmtp/patches/manpage.patch create mode 100644 system/clamsmtp/patches/series diff --git a/system/clamsmtp/README b/system/clamsmtp/README index 41c3f2f441..d1ab1a82e8 100644 --- a/system/clamsmtp/README +++ b/system/clamsmtp/README @@ -1,4 +1,6 @@ -ClamSMTP is an SMTP filter that allows you to check for viruses using the -ClamAV anti-virus software. It accepts SMTP connections and forwards the -SMTP commands and responses to another SMTP server. The 'DATA' email body -is intercepted and scanned before forwarding. +clamsmtp (ClamAV SMTP filter) + +ClamSMTP is an SMTP filter that allows you to check for viruses +using the ClamAV anti-virus software. It accepts SMTP connections and +forwards the SMTP commands and responses to another SMTP server. The +'DATA' email body is intercepted and scanned before forwarding. diff --git a/system/clamsmtp/clamsmtp.SlackBuild b/system/clamsmtp/clamsmtp.SlackBuild index b2ae8f501b..0b5b719cc9 100644 --- a/system/clamsmtp/clamsmtp.SlackBuild +++ b/system/clamsmtp/clamsmtp.SlackBuild @@ -24,6 +24,8 @@ # NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS # SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +# 20220211 bkw: Modified by SlackBuilds.org: fix build on 15.0. + cd $(dirname $0) ; CWD=$(pwd) PRGNAM=clamsmtp @@ -40,9 +42,6 @@ if [ -z "$ARCH" ]; then esac fi -# If the variable PRINT_PACKAGE_NAME is set, then this script will report what -# the name of the created package would be, and then exit. This information -# could be useful to other scripts. if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then echo "$PRGNAM-$VERSION-$ARCH-$BUILD$TAG.$PKGTYPE" exit 0 @@ -76,10 +75,18 @@ cd $TMP/$PRGNAM-$VERSION chown -R root.root . find -L . \ \( -perm 664 -o -perm 666 -o -perm 600 -o -perm 440 -o -perm 444 -o -perm 400 \) \ - -exec chmod 644 {} \; + -exec chmod 644 {} \+ find -L . \ \( -perm 777 -o -perm 755 -o -perm 711 -o -perm 700 -o -perm 555 -o -perm 511 -o -perm 500 \) \ - -exec chmod 755 {} \; + -exec chmod 755 {} \+ + +# 20220211 bkw: These patches came from Debian: +# http://deb.debian.org/debian/pool/main/c/clamsmtp/clamsmtp_1.10-17.diff.gz +# They fix various issues, including one that kept this from compiling +# on Slackware 15.0. +for i in $(cat $CWD/patches/series); do + patch -p1 < $CWD/patches/$i +done CFLAGS="$SLKCFLAGS" \ ./configure \ @@ -93,24 +100,16 @@ CFLAGS="$SLKCFLAGS" \ --build=${ARCH}-slackware-linux make -make install DESTDIR=$PKG +make install-strip DESTDIR=$PKG +gzip -9 $PKG/usr/man/man*/* # Install init script and config file mkdir -p $PKG/etc/rc.d cat $CWD/rc.clamsmtpd > $PKG/etc/rc.d/rc.clamsmtpd.new cat doc/clamsmtpd.conf > $PKG/etc/clamsmtpd.conf.new -### strip binaries -find $PKG | xargs file | grep -e "executable" -e "shared object" | grep ELF \ - | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null || true - -( cd $PKG/usr/man - find . -type f -exec gzip -9 {} \; - for i in $(find . -type l) ; do ln -s $(readlink $i).gz $i.gz ; rm $i ; done -) - mkdir -p $PKG/usr/doc/$PRGNAM-$VERSION -cp -a AUTHORS ChangeLog COPYING INSTALL NEWS README \ +cp -a AUTHORS ChangeLog COPYING NEWS README \ $PKG/usr/doc/$PRGNAM-$VERSION mkdir -p $PKG/install $PKG/etc/rc.d diff --git a/system/clamsmtp/doinst.sh b/system/clamsmtp/doinst.sh index 6053858dd2..bcc73dc734 100644 --- a/system/clamsmtp/doinst.sh +++ b/system/clamsmtp/doinst.sh @@ -1,17 +1,14 @@ config() { NEW="$1" OLD="$(dirname $NEW)/$(basename $NEW .new)" - # If there's no config file by that name, mv it over: if [ ! -r $OLD ]; then mv $NEW $OLD elif [ "$(cat $OLD | md5sum)" = "$(cat $NEW | md5sum)" ]; then - # toss the redundant copy rm $NEW fi - # Otherwise, we leave the .new copy for the admin to consider... } -# Keep same perms on rc.heimdal: +# Keep same perms on rc.clamsmtpd: if [ -e etc/rc.d/rc.clamsmtpd ]; then cp -a etc/rc.d/rc.clamsmtpd etc/rc.d/rc.clamsmtpd.new.incoming cat etc/rc.d/rc.clamsmtpd.new > etc/rc.d/rc.clamsmtpd.new.incoming diff --git a/system/clamsmtp/patches/300175-fileperms.patch b/system/clamsmtp/patches/300175-fileperms.patch new file mode 100644 index 0000000000..d645b86076 --- /dev/null +++ b/system/clamsmtp/patches/300175-fileperms.patch @@ -0,0 +1,32 @@ +From: Samuel Tardieu +Subject: Bug#300175: Patch for clamav/clamsmtp +Date: Mon, 21 Mar 2005 11:07:48 +0100 +To: 300175@bugs.debian.org +Cc: erwan@rail.eu.org +Reply-To: sam@rfc1149.net + +On recent glibc, files created with mkstemp() are created with mode +0600. If the mode is not changed, there is no way for another user to +read the temporary file, regardless of the users' respective groups. + +This patch allows users in the same group to read the temporary files. +This should solve Erwan's problem, and certainly has solved mine: + +Sam + +PS/ older glibc used to create the file in 0666 mode, which may explain + why not everyone has this problem + +Samuel Tardieu -- sam@rfc1149.net -- http://www.rfc1149.net/sam + +--- clamsmtp/common/smtppass.c.old 2005-01-27 01:22:56.000000000 +0100 ++++ clamsmtp/common/smtppass.c 2005-03-21 10:58:38.000000000 +0100 +@@ -1270,6 +1270,7 @@ + return -1; + } + ++ fchmod(tfd, 0640); + fcntl(tfd, F_SETFD, fcntl(tfd, F_GETFD, 0) | FD_CLOEXEC); + sp_messagex(ctx, LOG_DEBUG, "created cache file: %s", ctx->cachename); + } + diff --git a/system/clamsmtp/patches/gnu_source.patch b/system/clamsmtp/patches/gnu_source.patch new file mode 100644 index 0000000000..22203e0b4f --- /dev/null +++ b/system/clamsmtp/patches/gnu_source.patch @@ -0,0 +1,13 @@ +Remove GNU_SOURCE definition rom the only file that has it. + +--- ./common/smtppass.c 2014-07-06 12:26:26.000000000 +0200 ++++ ./common/smtppass.c 2014-07-06 12:26:52.367104112 +0200 +@@ -38,8 +38,6 @@ + * Olivier Beyssac + */ + +-#define _GNU_SOURCE +- + #include + #include + #include diff --git a/system/clamsmtp/patches/include_order.patch b/system/clamsmtp/patches/include_order.patch new file mode 100644 index 0000000000..bf1526d0fa --- /dev/null +++ b/system/clamsmtp/patches/include_order.patch @@ -0,0 +1,64 @@ +Fix order of includes + +--- clamsmtp-1.10/common/usuals.h 2007-05-27 01:57:56.000000000 +0200 ++++ clamsmtp-patched/common/usuals.h 2015-03-01 16:48:10.684201573 +0100 +@@ -39,10 +39,10 @@ + #ifndef __USUALS_H__ + #define __USUALS_H__ + +-#include +- + #include "config.h" + ++#include ++ + #include + #include + #include +diff -Nru clamsmtp-1.10/configure.in clamsmtp-patched/configure.in +--- clamsmtp-1.10/configure.in 2008-06-30 19:01:48.000000000 +0200 ++++ clamsmtp-patched/configure.in 2015-03-01 16:40:02.278986882 +0100 +@@ -51,6 +51,8 @@ + AC_PROG_LN_S + AC_PROG_MAKE_SET + ++AC_USE_SYSTEM_EXTENSIONS ++ + # Debug mode + AC_ARG_ENABLE(debug,=20 + AC_HELP_STRING([--enable-debug], + +diff -Nru clamsmtp-1.10/common/smtppass.c clamsmtp-patched/common/smtppass.c +--- clamsmtp-1.10/common/smtppass.c 2015-03-02 09:36:27.793398352 +0100 ++++ clamsmtp-patched/common/smtppass.c 2015-03-02 09:38:50.843467581 +0100 +@@ -38,6 +38,8 @@ + * Olivier Beyssac + */ + ++#include "usuals.h" ++ + #include + #include + #include +@@ -58,17 +58,15 @@ + #include + #include + +-#include "usuals.h" +- +-#ifdef LINUX_TRANSPARENT_PROXY +-#include +-#endif +- + #include "compat.h" + #include "sock_any.h" + #include "stringx.h" + #include "sppriv.h" + ++#ifdef LINUX_TRANSPARENT_PROXY ++#include ++#endif ++ + /* ----------------------------------------------------------------------- + * STRUCTURES + */ diff --git a/system/clamsmtp/patches/leading_dots.patch b/system/clamsmtp/patches/leading_dots.patch new file mode 100644 index 0000000000..983247146f --- /dev/null +++ b/system/clamsmtp/patches/leading_dots.patch @@ -0,0 +1,121 @@ +--- clamsmtp-1.10.orig/common/smtppass.c ++++ clamsmtp-1.10/common/smtppass.c +@@ -1389,16 +1389,34 @@ int sp_cache_data(spctx_t* ctx) + { + int r, count = 0; + const char* data; ++ int linestart; ++ ++ linestart = 1; + + while((r = sp_read_data(ctx, &data)) != 0) + { +- if(r < 0) +- return -1; /* Message already printed */ ++ if(r < 0) ++ return -1; /* Message already printed */ ++ ++ /* SMTP RFCs say that servers must remove leading dots at the beginning ++ * of a line. We do that here. ++ */ ++ ++ if (linestart && (data[0] == '.')) ++ { ++ data++; ++ r--; ++ } ++ ++ if (ctx->_crlf) ++ linestart = 1; ++ else ++ linestart = 0; + +- count += r; ++ count += r; + +- if((r = sp_write_data(ctx, data, r)) < 0) +- return -1; /* Message already printed */ ++ if((r = sp_write_data(ctx, data, r)) < 0) ++ return -1; /* Message already printed */ + } + + /* End the caching */ +@@ -1572,9 +1590,12 @@ int sp_done_data(spctx_t* ctx, const cha + int ret = 0; + char *line; + char header[MAX_HEADER_LENGTH] = ""; +- size_t header_len, line_len; ++ size_t header_len; + int header_prepend = 0; + ssize_t rc; ++ size_t buf_len; ++ int linestart; ++ char *buf; + + ASSERT(ctx->cachename[0]); /* Must still be around */ + ASSERT(!ctx->cachefile); /* File must be closed */ +@@ -1582,10 +1603,12 @@ int sp_done_data(spctx_t* ctx, const cha + memset(header, 0, sizeof(header)); + + /* Alloc line buffer */ +- line_len = SP_LINE_LENGTH; +- if((line = (char *)malloc(line_len)) == NULL) ++ buf_len = SP_LINE_LENGTH; ++ if((buf = (char *)malloc(buf_len)) == NULL) + RETURN(-1); + ++ buf[0] = '.'; ++ + /* Open the file */ + file = fopen(ctx->cachename, "r"); + if(file == NULL) +@@ -1631,17 +1654,24 @@ int sp_done_data(spctx_t* ctx, const cha + header[0] = '\0'; + } + +- /* Transfer actual file data */ +- while((rc = getline(&line, &line_len, file)) != -1) ++ /* Transfer actual file data */ ++ while(line = (fgets(buf + 1, buf_len - 1, file))) + { +- /* +- * If the line is . we need to change it so that +- * it doesn't end the email. We do this by adding a space. +- * This won't occur much in clamsmtpd, but proxsmtpd might +- * have filters that accidentally put this in. +- */ +- if(strcmp(line, "." CRLF) == 0) +- strncpy(line, ". " CRLF, SP_LINE_LENGTH); ++ /* SMTP RFCs say that clients must prepend an additional dot ++ * to every line starting with a dot. We do that here. ++ */ ++ if (linestart && (line[0] == '.')) ++ line = buf; ++ ++ rc = strlen(line); ++ ++ if (strstr(line, CRLF)) ++ linestart = 1; ++ else ++ linestart = 0; ++ ++ if(strcmp(line, "." CRLF) == 0) ++ strncpy(line, ". " CRLF, SP_LINE_LENGTH); + + if(header[0] != '\0') + { +@@ -1683,10 +1713,10 @@ int sp_done_data(spctx_t* ctx, const cha + + cleanup: + +- if(line) +- free(line); +- if(file) +- fclose(file); /* read-only so no error check */ ++ if(buf) ++ free(buf); ++ if(file) ++ fclose(file); /* read-only so no error check */ + + return ret; + } diff --git a/system/clamsmtp/patches/manpage.patch b/system/clamsmtp/patches/manpage.patch new file mode 100644 index 0000000000..4a1514dfbb --- /dev/null +++ b/system/clamsmtp/patches/manpage.patch @@ -0,0 +1,13 @@ +Fix syntax error in manpage. + +--- clamsmtp/doc/clamsmtpd.8.orig 2008-11-30 13:54:38.000000000 +0100 ++++ clamsmtp/doc/clamsmtpd.8 2008-11-30 13:54:46.000000000 +0100 +@@ -146,7 +146,7 @@ + machine under heavy load. Secondly as with running any program there are + security implications to be considered. + .Pp +-.Please consider the above carefully before implementing a virus action. ++Please consider the above carefully before implementing a virus action. + .Pp + The script is run without its output being logged, or return value being + checked. Because of this you should test it thoroughly. Make sure it runs diff --git a/system/clamsmtp/patches/series b/system/clamsmtp/patches/series new file mode 100644 index 0000000000..0ce65e1c6b --- /dev/null +++ b/system/clamsmtp/patches/series @@ -0,0 +1,5 @@ +300175-fileperms.patch +gnu_source.patch +include_order.patch +leading_dots.patch +manpage.patch