forked from gentoo/gentoo
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
The new 3.x packaging makes the milter a first-class citizen, but I've left it disabled for now. There are incorrect paths, unnecessary PID files and privilege-dropping, and a chown() exploit -- all reported upstream. But since the milter was never available on Gentoo in the first place, it seems prudent to leave it disabled until those issues are sorted out. Closes: https://bugs.gentoo.org/896976 Signed-off-by: Michael Orlitzky <[email protected]>
- Loading branch information
Showing
2 changed files
with
75 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1 +1,2 @@ | ||
DIST spf-engine-2.9.3.tar.gz 52974 BLAKE2B 9e6c47af7d523e1486d9bbfee2b0e53a4a97dbfc93e1cd14f70d4676542defaf6fede397d33e21c00e9bb2cdd1016c98981b6c0e735bdfd225b226920b9470b1 SHA512 adde80eca38f372ad00ed7355951007b9c02ef8a52a5a4edcbf2fa9959220f1083e3e313668e9c7ad2c26144148ae8ff62ec468d79936d96b43897598254f528 | ||
DIST spf-engine-3.0.3.tar.gz 61350 BLAKE2B f28dfb10559bfd61be152a4b65a5653ec50b25718fcb63f8a2c9532fd9d52a51c131c99ba5408bd6aa424adc5ce6094da7eeb97dbacd7e60e8abb48c65c4f188 SHA512 08db392d2cce16651ba416fcd265e6606e1a8af3cb88721ed149a2286d11ac9ea6ed4d01572cea6950740890c3334e8e0d496d1d1e9edcc29d04833fec049ab0 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,74 @@ | ||
# Copyright 1999-2023 Gentoo Authors | ||
# Distributed under the terms of the GNU General Public License v2 | ||
|
||
EAPI=8 | ||
|
||
PYTHON_COMPAT=( python3_9 python3_10 python3_11 ) | ||
|
||
# The built-in ipaddress module handles the parsing of IP addresses. If | ||
# python is built without ipv6 support, then ipaddress can't parse ipv6 | ||
# addresses, and the daemon will crash if it sees an ipv6 SPF record. In | ||
# other words, it's completely broken. | ||
PYTHON_REQ_USE="ipv6(+)" | ||
DISTUTILS_USE_PEP517=flit | ||
PYPI_NO_NORMALIZE=1 | ||
inherit distutils-r1 pypi | ||
|
||
DESCRIPTION="Policy daemon for Postfix SPF verification" | ||
HOMEPAGE="https://launchpad.net/spf-engine" | ||
|
||
LICENSE="Apache-2.0" | ||
SLOT="0" | ||
KEYWORDS="~amd64 ~x86" | ||
|
||
RDEPEND="dev-python/pyspf[${PYTHON_USEDEP}] | ||
dev-python/authres[${PYTHON_USEDEP}]" | ||
|
||
DOCS=( CHANGES ) | ||
|
||
python_prepare_all() { | ||
distutils-r1_python_prepare_all | ||
|
||
# The tarball has a "data" directory containing a hierarchy that | ||
# flit wants to insert right into /usr. Before it does that, we have | ||
# to remove the parts we don't want, and fix some of the paths. | ||
# | ||
# Note that one of our patches already mangles a few of these | ||
# before we even see them. | ||
|
||
einfo "removing milter files" | ||
rm -v -r data/lib data/etc/init.d data/share/man/man8 || die | ||
rm -v data/etc/pyspf-milter/pyspf-milter.conf || die | ||
rm -v spf_engine/milter_spf.py || die | ||
|
||
# And don't create a python-exec wrapper for it. | ||
sed -e '/^pyspf-milter = /d' -i pyproject.toml || die | ||
|
||
# The commented conf example is documentation, not configuration. | ||
mv -v data/etc/python-policyd-spf/policyd-spf.conf.commented \ | ||
data/share/doc/python-policyd-spf/ || die | ||
|
||
# The man page hard-codes /usr/local/etc, it should be /etc. | ||
sed -e 's:/usr/local/etc:/etc:g' \ | ||
-i data/share/man/man1/policyd-spf.1 || die | ||
|
||
# Fix the documentation path. | ||
mv -v data/share/doc/python-policyd-spf "data/share/doc/${PF}" || die | ||
|
||
# The "real" config file mentions the commented one, so we point | ||
# users in the right direction. Caveat: the documentation is | ||
# compressed, so we're usually off by a ".bz2" suffix anyway. | ||
local oldconf="policyd-spf.conf.commented" | ||
local newconf="/usr/share/doc/${PF}/${oldconf}" | ||
sed -e "1 s~ ${oldconf}~,\n# ${newconf}~" \ | ||
-i "data/etc/python-policyd-spf/policyd-spf.conf" \ | ||
|| die 'failed to update commented config file path' | ||
} | ||
|
||
src_install() { | ||
distutils-r1_src_install | ||
|
||
# The "data" installation is relative to python's prefix, so | ||
# data/etc gets installed to /usr/etc. Let's fix that. | ||
mv -v "${ED}/usr/etc" "${ED}/" || die 'failed to relocate sysconfdir' | ||
} |