pkgsrc-Changes archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

CVS commit: pkgsrc



Module Name:    pkgsrc
Committed By:   manu
Date:           Wed May 25 15:45:32 UTC 2022

Modified Files:
        pkgsrc/doc: CHANGES-2022
        pkgsrc/mail: Makefile
Added Files:
        pkgsrc/mail/srs-milter: DESCR Makefile PLIST distinfo
        pkgsrc/mail/srs-milter/files: srs-milter-in.sh srs-milter-out.sh
        pkgsrc/mail/srs-milter/patches: patch-srs-filter.c

Log Message:
Added mail/srs-milter 20141121nb9

This milter implemets SRS (Sender Rewriting Scheme) that can be used to
fix envelope MAIL FROM for forwarded mails protected by SPF. It can be
configured in two modes for:

* Incoming mail -- rewrite RCPT TO addresses in SRS format back
* Outgoing mail -- rewrite MAIL FROM address to SRS format


To generate a diff of this commit:
cvs rdiff -u -r1.2741 -r1.2742 pkgsrc/doc/CHANGES-2022
cvs rdiff -u -r1.578 -r1.579 pkgsrc/mail/Makefile
cvs rdiff -u -r0 -r1.1 pkgsrc/mail/srs-milter/DESCR \
    pkgsrc/mail/srs-milter/Makefile pkgsrc/mail/srs-milter/PLIST \
    pkgsrc/mail/srs-milter/distinfo
cvs rdiff -u -r0 -r1.1 pkgsrc/mail/srs-milter/files/srs-milter-in.sh \
    pkgsrc/mail/srs-milter/files/srs-milter-out.sh
cvs rdiff -u -r0 -r1.1 pkgsrc/mail/srs-milter/patches/patch-srs-filter.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: pkgsrc/doc/CHANGES-2022
diff -u pkgsrc/doc/CHANGES-2022:1.2741 pkgsrc/doc/CHANGES-2022:1.2742
--- pkgsrc/doc/CHANGES-2022:1.2741      Wed May 25 15:38:54 2022
+++ pkgsrc/doc/CHANGES-2022     Wed May 25 15:45:31 2022
@@ -1,4 +1,4 @@
-$NetBSD: CHANGES-2022,v 1.2741 2022/05/25 15:38:54 kleink Exp $
+$NetBSD: CHANGES-2022,v 1.2742 2022/05/25 15:45:31 manu Exp $
 
 Changes to the packages collection and infrastructure in 2022:
 
@@ -4208,3 +4208,4 @@ Changes to the packages collection and i
        Added www/py-wtforms-dateutil version 0.1 [kleink 2022-05-25]
        Added www/py-wtforms-django version 0.1 [kleink 2022-05-25]
        Added www/py-wtforms-sqlalchemy version 0.3 [kleink 2022-05-25]
+       Added mail/srs-milter 20141121nb9 [manu 2022-05-25]

Index: pkgsrc/mail/Makefile
diff -u pkgsrc/mail/Makefile:1.578 pkgsrc/mail/Makefile:1.579
--- pkgsrc/mail/Makefile:1.578  Sat Feb  5 13:51:20 2022
+++ pkgsrc/mail/Makefile        Wed May 25 15:45:31 2022
@@ -1,4 +1,4 @@
-# $NetBSD: Makefile,v 1.578 2022/02/05 13:51:20 schmonz Exp $
+# $NetBSD: Makefile,v 1.579 2022/05/25 15:45:31 manu Exp $
 #
 
 COMMENT=       Electronic mail utilities
@@ -380,6 +380,7 @@ SUBDIR+=    squirrelmail
 SUBDIR+=       squirrelmail-decode
 SUBDIR+=       squirrelmail-locales
 SUBDIR+=       sqwebmail
+SUBDIR+=       srs-milter
 SUBDIR+=       ssmtp
 SUBDIR+=       swaks
 SUBDIR+=       sylpheed

Added files:

Index: pkgsrc/mail/srs-milter/DESCR
diff -u /dev/null pkgsrc/mail/srs-milter/DESCR:1.1
--- /dev/null   Wed May 25 15:45:32 2022
+++ pkgsrc/mail/srs-milter/DESCR        Wed May 25 15:45:31 2022
@@ -0,0 +1,6 @@
+This milter implemets SRS (Sender Rewriting Scheme) that can be used to
+fix envelope MAIL FROM for forwarded mails protected by SPF. It can be
+configured in two modes for:
+
+* Incoming mail -- rewrite RCPT TO addresses in SRS format back
+* Outgoing mail -- rewrite MAIL FROM address to SRS format
Index: pkgsrc/mail/srs-milter/Makefile
diff -u /dev/null pkgsrc/mail/srs-milter/Makefile:1.1
--- /dev/null   Wed May 25 15:45:32 2022
+++ pkgsrc/mail/srs-milter/Makefile     Wed May 25 15:45:31 2022
@@ -0,0 +1,42 @@
+# $NetBSD: Makefile,v 1.1 2022/05/25 15:45:31 manu Exp $
+
+GITHUB_PROJECT=        srs-milter
+GITHUB_TAG=    3c44b13a10471df0361c08786c8826ea1d0ecc7b
+DISTNAME=      3c44b13a10471df0361c08786c8826ea1d0ecc7b
+PKGNAME=       ${GITHUB_PROJECT}-20141121
+PKGREVISION=   9
+CATEGORIES=    mail
+MASTER_SITES=  ${MASTER_SITE_GITHUB:=emsearcy/}
+DIST_SUBDIR=   ${GITHUB_PROJECT}
+EXTRACT_SUFX=  .zip
+
+MAINTAINER=    pkgsrc-users%NetBSD.org@localhost
+HOMEPAGE=      https://github.com/emsearcy/srs-milter
+COMMENT=       Sender Rewriting Scheme milter
+LICENSE=       generic-nonlicense
+
+WRKSRC=        ${WRKDIR}/srs-milter-3c44b13a10471df0361c08786c8826ea1d0ecc7b/src
+
+INSTALLATION_DIRS=     sbin
+
+RCD_SCRIPTS=   srs-milter-in srs-milter-out
+
+BUILD_DEFS+=   MILTER_USER VARBASE
+FILES_SUBST+=  MILTER_USER=${MILTER_USER:Q}
+
+do-build:
+       cd ${WRKSRC} && \
+       ${CC} ${CPPFLAGS} -c srs-filter.c  &&  \
+       ${CC} -o srs-milter ${LDFLAGS} -lspf2 -lsrs2 -lpthread \
+                srs-filter.o ${BUILDLINK_PREFIX.libmilter}/lib/libmilter.a
+
+do-install:
+       cd ${WRKSRC} && \
+       ${INSTALL_PROGRAM} srs-milter ${DESTDIR}${PREFIX}/sbin
+
+.include "../../mail/libspf2/buildlink3.mk"
+.include "../../mail/libsrs2/buildlink3.mk"
+.include "../../mail/libmilter/buildlink3.mk"
+.include "../../mk/pthread.buildlink3.mk"
+
+.include "../../mk/bsd.pkg.mk"
Index: pkgsrc/mail/srs-milter/PLIST
diff -u /dev/null pkgsrc/mail/srs-milter/PLIST:1.1
--- /dev/null   Wed May 25 15:45:32 2022
+++ pkgsrc/mail/srs-milter/PLIST        Wed May 25 15:45:31 2022
@@ -0,0 +1,2 @@
+@comment $NetBSD: PLIST,v 1.1 2022/05/25 15:45:31 manu Exp $
+sbin/srs-milter
Index: pkgsrc/mail/srs-milter/distinfo
diff -u /dev/null pkgsrc/mail/srs-milter/distinfo:1.1
--- /dev/null   Wed May 25 15:45:32 2022
+++ pkgsrc/mail/srs-milter/distinfo     Wed May 25 15:45:31 2022
@@ -0,0 +1,6 @@
+$NetBSD: distinfo,v 1.1 2022/05/25 15:45:31 manu Exp $
+
+BLAKE2s (srs-milter/3c44b13a10471df0361c08786c8826ea1d0ecc7b-3c44b13a10471df0361c08786c8826ea1d0ecc7b.zip) = e62ffea86976769bda9e0af3d64a52dd57901bf2130b7b8d39a7741d2731bfa0
+SHA512 (srs-milter/3c44b13a10471df0361c08786c8826ea1d0ecc7b-3c44b13a10471df0361c08786c8826ea1d0ecc7b.zip) = 
91db41b5fd955a1856ce1b30ec2ceaac2483820b3c1cc29e9817460633f3013401b416bb98e76fd5bf41492836b8dea42ea46689c4544d021a1d65f234c80112
+Size (srs-milter/3c44b13a10471df0361c08786c8826ea1d0ecc7b-3c44b13a10471df0361c08786c8826ea1d0ecc7b.zip) = 15843 bytes
+SHA1 (patch-srs-filter.c) = c3533bff78ecb36380d73a357b6ea6341d02550c

Index: pkgsrc/mail/srs-milter/files/srs-milter-in.sh
diff -u /dev/null pkgsrc/mail/srs-milter/files/srs-milter-in.sh:1.1
--- /dev/null   Wed May 25 15:45:32 2022
+++ pkgsrc/mail/srs-milter/files/srs-milter-in.sh       Wed May 25 15:45:32 2022
@@ -0,0 +1,48 @@
+#!@CD_SCRIPTS_SHELL@
+#
+# $NetBSD: srs-milter-in.sh,v 1.1 2022/05/25 15:45:32 manu Exp $
+#
+# PROVIDE: srs_milter_in
+# REQUIRE: DAEMON
+# BEFORE: mail
+
+if [ -f /etc/rc.subr ]; then
+       . /etc/rc.subr
+fi
+
+name="srs_milter_in"
+rcvar=$name
+command="@PREFIX@/sbin/srs-milter"
+pidfile="@VARBASE@/run/srs-milter/${name}.pid"
+keyfile="/etc/mail/srs.key"
+command_args="-P ${pidfile} -s local:@VARBASE@/run/srs-milter/${name}.sock" 
+command_args="${command_args} --srs-secret-file=${keyfile}"
+command_args="${command_args} --user @MILTER_USER@ --reverse"
+required_files="${keyfile}"
+start_precmd="srs_milter_precmd"
+
+srs_milter_precmd()
+{
+       if [ ! -f ${keyfile} ]; then
+               ( umask 077; dd if=/dev/random bs=256 count=1 of=${keyfile} )
+               chown srs ${keyfile}
+       fi
+
+        if [ ! -d @VARBASE@/run/srs-milter ]; then
+                mkdir -p @VARBASE@/run/srs-milter
+                chown srs @VARBASE@/run/srs-milter
+                chmod 0750 @VARBASE@/run/srs-milter
+        fi
+
+       if [ -e @VARBASE@/run/srs-milter/${name}.sock ]; then
+               rm -f @VARBASE@/run/srs-milter/${name}.sock
+       fi
+}
+
+if [ -f /etc/rc.subr ]; then
+        load_rc_config $name
+       run_rc_command "$1"
+else
+       @ECHO@ -n " ${name}"
+       ${command} ${srs_milter_flags} ${command_args}
+fi
Index: pkgsrc/mail/srs-milter/files/srs-milter-out.sh
diff -u /dev/null pkgsrc/mail/srs-milter/files/srs-milter-out.sh:1.1
--- /dev/null   Wed May 25 15:45:32 2022
+++ pkgsrc/mail/srs-milter/files/srs-milter-out.sh      Wed May 25 15:45:32 2022
@@ -0,0 +1,48 @@
+#!@CD_SCRIPTS_SHELL@
+#
+# $NetBSD: srs-milter-out.sh,v 1.1 2022/05/25 15:45:32 manu Exp $
+#
+# PROVIDE: srs_milter_out
+# REQUIRE: DAEMON
+# BEFORE: mail
+
+if [ -f /etc/rc.subr ]; then
+       . /etc/rc.subr
+fi
+
+name="srs_milter_out"
+rcvar=$name
+command="@PREFIX@/sbin/srs-milter"
+pidfile="@VARBASE@/run/srs-milter/${name}.pid"
+keyfile="/etc/mail/srs.key"
+command_args="-P ${pidfile} -s local:@VARBASE@/run/srs-milter/${name}.sock" 
+command_args="${command_args} --srs-secret-file=${keyfile}"
+command_args="${command_args} --user @MILTER_USER@ --forward"
+required_files="${keyfile}"
+start_precmd="srs_milter_precmd"
+
+srs_milter_precmd()
+{
+       if [ ! -f ${keyfile} ]; then
+               ( umask 077; dd if=/dev/random bs=256 count=1 of=${keyfile} )
+               chown srs ${keyfile}
+       fi
+
+        if [ ! -d @VARBASE@/run/srs-milter ]; then
+                mkdir -p @VARBASE@/run/srs-milter
+                chown srs @VARBASE@/run/srs-milter
+                chmod 0750 @VARBASE@/run/srs-milter
+        fi
+
+       if [ -e @VARBASE@/run/srs-milter/${name}.sock ]; then
+               rm -f @VARBASE@/run/srs-milter/${name}.sock
+       fi
+}
+
+if [ -f /etc/rc.subr ]; then
+        load_rc_config $name
+       run_rc_command "$1"
+else
+       @ECHO@ -n " ${name}"
+       ${command} ${srs_milter_flags} ${command_args}
+fi

Index: pkgsrc/mail/srs-milter/patches/patch-srs-filter.c
diff -u /dev/null pkgsrc/mail/srs-milter/patches/patch-srs-filter.c:1.1
--- /dev/null   Wed May 25 15:45:32 2022
+++ pkgsrc/mail/srs-milter/patches/patch-srs-filter.c   Wed May 25 15:45:32 2022
@@ -0,0 +1,353 @@
+$NetBSD: patch-srs-filter.c,v 1.1 2022/05/25 15:45:32 manu Exp $
+
+- Update pidfile after forking
+- Process addresses with or without enclosing brackets
+- Add -u/--user option to use unprivilegied user
+- Add -A/--alias-cmd and -R/--aliad_regex to resolve aliases
+- Add -n/--reverse-null to ensable SRS reverse for null sender <>
+
+--- srs-filter.c.orig  2022-05-11 14:10:11.430909881 +0200
++++ srs-filter.c       2022-05-17 08:53:10.516904377 +0200
+@@ -3,11 +3,13 @@
+ #include <stdio.h>
+ #include <stdlib.h>
+ #include <getopt.h>
+ #include <unistd.h>
++#include <regex.h>
+ #include <string.h>
+ #include <strings.h>
+ #include <pthread.h>
++#include <pwd.h>
+ #include <syslog.h>
+ #include <sys/stat.h>
+ #include <sys/types.h>
+ #include <sys/socket.h>
+@@ -37,10 +39,16 @@
+ /* these should be read from command line or config file */
+ static int CONFIG_verbose = 0;
+ static int CONFIG_forward = 0;
+ static int CONFIG_reverse = 0;
++static int CONFIG_reverse_null = 0;
+ static char *CONFIG_socket = NULL;
++static char *CONFIG_user = NULL;
++static char *CONFIG_pidfile = NULL;
+ static char **CONFIG_domains = NULL;
++static char *CONFIG_alias_cmd = NULL;
++static char *CONFIG_alias_regex_str = "^\\(.*\\)\\.\\.\\. deliverable";
++static regex_t CONFIG_alias_regex;
+ static int CONFIG_spf_check = 0;
+ static char *CONFIG_spf_heloname = NULL;
+ static union {
+    struct sockaddr_in in;
+@@ -70,9 +78,43 @@
+   srs_t *srs;
+   SPF_server_t *spf;
+ };
+ 
++static char *srs_milter_resolve_alias(char *recip) {
++  char *recip_alias = NULL;
++  char *alias_cmd = NULL;
++  FILE *f = NULL;
+ 
++  if (asprintf(&alias_cmd, CONFIG_alias_cmd, recip) < 0)
++    goto out;
++
++  if ((f = popen(alias_cmd, "r")) == NULL) {
++    syslog(LOG_ERR, "failed to run alias-cmd %s: %s", alias_cmd, strerror(errno));
++    goto out;
++  }
++
++  do {
++    char line[4096];
++    regmatch_t pm[2];
++
++    if (fgets(line, sizeof(line), f) == NULL)
++      break;
++
++    if (regexec(&CONFIG_alias_regex, line, 2, pm, 0) == 0) {
++      recip_alias = strndup(line + pm[1].rm_so, pm[1].rm_eo - pm[1].rm_so);
++      break;
++    }
++  } while (!feof(f));
++
++out:
++  if (f)
++    pclose(f);
++
++  if (alias_cmd)
++    free(alias_cmd);
++
++  return recip_alias;
++}
+ 
+ char *srs_milter_load_file_secrets(char ***CONFIG_srs_secrets, char *secrets_file) {
+   int i, l;
+   FILE *f;
+@@ -114,9 +156,9 @@
+ int is_local_addr(const char *addr) {
+   int i, r;
+   const char *dom;
+ 
+-  if (!addr)
++  if (!addr || !*addr)
+     return 0;
+ 
+   if (!CONFIG_domains)
+     return 0;
+@@ -227,17 +269,21 @@
+ static sfsistat
+ xxfi_srs_milter_envfrom(SMFICTX* ctx, char** argv) {
+   struct srs_milter_connection_data* cd =
+           (struct srs_milter_connection_data*) smfi_getpriv(ctx);
++  int invalid_addr = 0;
++  int null_addr = 0;
+ 
+   if (cd->state & SS_STATE_INVALID_CONN)
+     return SMFIS_CONTINUE;
+ 
+   if (CONFIG_verbose)
+     syslog(LOG_DEBUG, "conn# %d[%i] - xxfi_srs_milter_envfrom(\"%s\")",
+            cd->num, cd->state, argv[0]);
+ 
+-  if (strlen(argv[0]) < 1 || strcmp(argv[0], "<>") == 0 || argv[0][0] != '<' || argv[0][strlen(argv[0])-1] != '>' || !strchr(argv[0], '@')) {
++  null_addr = (strcmp(argv[0], "<>") == 0);
++  invalid_addr = (argv[0][0] == '\0' || (!strchr(argv[0], '@' && !null_addr))); 
++  if (invalid_addr || (null_addr && !CONFIG_reverse_null)) {
+     cd->state |= SS_STATE_INVALID_MSG;
+     if (CONFIG_verbose)
+       syslog(LOG_DEBUG, "conn# %d[%i] - xxfi_srs_milter_envfrom(\"%s\"): skipping \"MAIL FROM: %s\"",
+              cd->num, cd->state, argv[0], argv[0]);
+@@ -272,16 +318,20 @@
+ 
+   cd->recip_remote = 0;
+ 
+   // strore MAIL FROM: address
+-  cd->sender = (char *) malloc(strlen(argv[0])-1);
++  cd->sender = (char *) malloc(strlen(argv[0])+1);
+   if (!cd->sender) {
+     // memory allocation problem
+     cd->state |= SS_STATE_INVALID_MSG;
+     return SMFIS_CONTINUE;
+   }
+-  strncpy(cd->sender, argv[0]+1, strlen(argv[0])-2);
+-  cd->sender[strlen(argv[0])-2] = '\0';
++  if (argv[0][0] == '<') {
++    strncpy(cd->sender, argv[0]+1, strlen(argv[0])-2);
++    cd->sender[strlen(argv[0])-2] = '\0';
++  } else {
++    strcpy(cd->sender, argv[0]);
++  }
+ 
+   // store MAIL FROM: arguments
+   {
+     int argc = 0;
+@@ -316,16 +366,30 @@
+     syslog(LOG_DEBUG, "conn# %d[%i] - xxfi_srs_milter_envrcpt(\"%s\")",
+            cd->num, cd->state, argv[0]);
+ 
+   // get recipient address
+-  char *recip = (char *) malloc(strlen(argv[0])-1);
++  char *recip = (char *) malloc(strlen(argv[0])+1);
+   if (!recip) {
+     // memory allocation problem
+     cd->state |= SS_STATE_INVALID_MSG;
+     return SMFIS_CONTINUE;
+   }
+-  strncpy(recip, argv[0]+1, strlen(argv[0])-2);
+-  recip[strlen(argv[0])-2] = '\0';
++  if (argv[0][0] == '<') {
++    strncpy(recip, argv[0]+1, strlen(argv[0])-2);
++    recip[strlen(argv[0])-2] = '\0';
++  } else {
++    strcpy(recip, argv[0]);
++  }
++
++  if (CONFIG_alias_cmd && is_local_addr(recip)) {
++    char *recip_alias;
++
++    if ((recip_alias = srs_milter_resolve_alias(recip)) != NULL) {
++      syslog(LOG_DEBUG, "resolved recipient %s as %s", recip, recip_alias);
++      free(recip);
++      recip = recip_alias;
++    }
++  }
+ 
+   if (!is_local_addr(recip)) {
+     cd->recip_remote = 1;
+   } else {
+@@ -345,9 +409,13 @@
+       if (!cd->recip) {
+         // memory allocation problem
+         cd->state |= SS_STATE_INVALID_MSG;
+       } else {
+-        cd->recip[argc] = strdup(argv[0]);
++        if (argv[0][0] == '<') {
++          cd->recip[argc] = strndup(argv[0] + 1, strlen(argv[0]) - 2);
++        } else {
++          cd->recip[argc] = strdup(argv[0]);
++        } 
+         cd->recip[argc+1] = NULL;
+         if (!cd->recip[argc]) {
+           // memory allocation problem
+           cd->state |= SS_STATE_INVALID_MSG;
+@@ -669,8 +737,17 @@
+     syslog(LOG_ERR, "exiting parent process");
+     exit(EXIT_SUCCESS);
+   }
+ 
++  /* update pidfile */
++  if (CONFIG_pidfile) {
++    FILE *f;
++
++    f = fopen(CONFIG_pidfile, "w");
++    fprintf(f, "%i", (int) getpid());
++    fclose(f);
++  }
++
+   /* Change the file mode mask */
+   umask(0);
+ 
+   /* Open any logs here */
+@@ -717,17 +794,27 @@
+   printf("  -s, --socket\n");
+   printf("      {unix|local}:/path/to/file -- a named pipe.\n");
+   printf("      inet:port@{hostname|ip-address} -- an IPV4 socket.\n");
+   printf("      inet6:port@{hostname|ip-address} -- an IPV6 socket.\n");
++  printf("  -u, --user\n");
++  printf("      unprivilegied user we should run as\n");
+   printf("  -t, --timeout\n");
+   printf("      milter timeout\n");
+   printf("  -f, --forward\n");
+   printf("      SRS encode the envelope sender of non-local-destined mail\n");
+   printf("  -r, --reverse\n");
+   printf("      SRS decode any envelope recipients of local SRS addresses\n");
++  printf("  -n, --reverse-null\n");
++  printf("      Also decode SRS addresses when sender is <>\n");
+   printf("  -m, --domain\n");
+   printf("      all local mail domains for that we accept mail\n");
+   printf("      starting domain name with \".\" match also all subdomains\n");
++  printf("  -A, --alias-cmd\n");
++  printf("      external command to resolve aliases\n");
++  printf("      hint: \"sendmail -bv %%s\", %%s gets replaced by recipient\n");
++  printf("  -R, --alias-regex\n");
++  printf("      regex to extract resolved alias from alias-cmd output\n");
++  printf("      default value matches sendmail -bv output\n");
+   printf("  -o, --srs-domain\n");
+   printf("      our SRS domain name\n");
+   printf("  -c, --srs-secret\n");
+   printf("      secret string for SRS hashing algorithm\n");
+@@ -770,12 +857,16 @@
+       {"debug",                  no_argument,       0, 'd'},
+       {"verbose",                no_argument,       0, 'v'},
+       {"pidfile",                required_argument, 0, 'P'},
+       {"socket",                 required_argument, 0, 's'},
++      {"user",                   required_argument, 0, 'u'},
+       {"timeout",                required_argument, 0, 't'},
+       {"forward",                no_argument,       0, 'f'},
+       {"reverse",                no_argument,       0, 'r'},
++      {"reverse-null",           no_argument,       0, 'n'},
+       {"local-domain",           required_argument, 0, 'm'},
++      {"alias-cmd",              required_argument, 0, 'A'},
++      {"alias-regex",            required_argument, 0, 'R'},
+       {"spf-check",              no_argument,       0, 'k'},
+       {"spf-heloname",           required_argument, 0, 'l'},
+       {"spf-address",            required_argument, 0, 'a'},
+       {"srs-domain",             required_argument, 0, 'o'},
+@@ -791,9 +882,9 @@
+     };
+     /* getopt_long stores the option index here. */
+     int option_index = 0;
+ 
+-    c = getopt_long(argc, argv, "hdvP:s:t:f:r:mk:t:l:a:o:yc:C:wg:i:x:e:",
++    c = getopt_long(argc, argv, "hdvP:s:u:t:f:rnm:A:R:kt:l:a:o:yc:C:wg:i:x:e:",
+                     long_options, &option_index);
+ 
+     /* Detect the end of the options. */
+     if (c == -1)
+@@ -823,17 +914,22 @@
+         CONFIG_verbose = 1;
+         break;
+ 
+       case 'P':
+-        f = fopen(optarg, "w");
++        CONFIG_pidfile = optarg;
++        f = fopen(CONFIG_pidfile, "w");
+         fprintf(f, "%i", (int) getpid());
+         fclose(f);
+         break;
+ 
+       case 's':
+         CONFIG_socket = optarg;
+         break;
+ 
++      case 'u':
++        CONFIG_user = optarg;
++        break;
++
+       case 't':
+         if (optarg == NULL || *optarg == '\0') {
+           fprintf(stderr, "ERROR: illegal timeout %s\n", optarg);
+           exit(EXIT_FAILURE);
+@@ -851,8 +947,12 @@
+       case 'r':
+         CONFIG_reverse = 1;
+         break;
+ 
++      case 'n':
++        CONFIG_reverse_null = 1;
++        break;
++
+       case 'm':
+         i = 0;
+         if (!CONFIG_domains) {
+           CONFIG_domains = (char **) malloc((i+2)*sizeof(char *));
+@@ -863,8 +963,16 @@
+         CONFIG_domains[i] = optarg;
+         CONFIG_domains[i+1] = NULL;
+         break;
+ 
++      case 'A':
++        CONFIG_alias_cmd = optarg;
++        break;
++
++      case 'R':
++        CONFIG_alias_regex_str = optarg;
++        break;
++
+       case 'k':
+         CONFIG_spf_check = 1;
+         break;
+ 
+@@ -941,8 +1049,32 @@
+       printf ("%s ", argv[optind++]);
+     putchar ('\n');
+   }
+ 
++  if (CONFIG_user) {
++    struct passwd *pw;
++
++    if ((pw = getpwnam(CONFIG_user)) == NULL) {
++      fprintf(stderr, "ERROR: inexistant user %s", CONFIG_user);
++      exit(EXIT_FAILURE);
++    }
++
++    if (setgid(pw->pw_gid) != 0) {
++      fprintf(stderr, "ERROR: failed to switch to group %d", pw->pw_gid);
++      exit(EXIT_FAILURE);
++    }
++
++    if (setuid(pw->pw_uid) != 0) {
++      fprintf(stderr, "ERROR: failed to switch to user %s", CONFIG_user);
++      exit(EXIT_FAILURE);
++    }
++  }
++
++  if (regcomp(&CONFIG_alias_regex, CONFIG_alias_regex_str, REG_BASIC) != 0) {
++    fprintf(stderr, "ERROR: can't compile regex %s\n", CONFIG_alias_regex_str);
++    exit(EXIT_FAILURE);
++  }
++
+   if (pthread_key_create(&key, &srs_milter_thread_data_destructor)) {
+       fprintf(stderr, "pthread_key_create failed");
+       exit(EXIT_FAILURE);
+   }



Home | Main Index | Thread Index | Old Index