update to a newer svn checkout of imapproxy, plus add pledge/unveil

2022-12-12 16:46:59 +00:00 · 2022-12-12 16:46:59 +00:00 · f3615e00a7
commit f3615e00a7
parent 0c472397fb
4 changed files with 34 additions and 12 deletions
--- a/mail/imapproxy/Makefile
+++ b/mail/imapproxy/Makefile
@ -1,16 +1,15 @@
-COMMENT=	caching IMAP proxy to be used with webmail clients
+COMMENT=	connection-caching IMAP proxy for webmail clients etc.

-DISTNAME=	squirrelmail-20210316_0200-SVN.imap_proxy
-PKGNAME=	imapproxy-1.2.8pre2021.02
-REVISION=	5
+DISTNAME=	squirrelmail-20221212_0200-SVN.imap_proxy
+# date of last commit:
+PKGNAME=	imapproxy-1.2.8pre20220524
 WRKDIST=	${WRKDIR}/squirrelmail.imap_proxy

 CATEGORIES=	mail
-# old svn tgz are removed
-#MASTER_SITES=	http://snapshots.squirrelmail.org/
+PORTROACH=	site:https://snapshots.squirrelmail.org/
 MASTER_SITES=	https://spacehopper.org/mirrors/

-HOMEPAGE=	http://www.imapproxy.org/
+HOMEPAGE=	https://squirrelmail.org/

 # GPLv2+
 PERMIT_PACKAGE=	Yes
@ -23,7 +22,7 @@ DEBUG_PACKAGES=	${BUILD_PACKAGES}
 NO_TEST=	Yes

 pre-build:
-	@${SUBST_CMD} ${WRKSRC}/include/imapproxy.h
+	${SUBST_CMD} ${WRKSRC}/include/imapproxy.h

 post-install:
 	${INSTALL_DATA_DIR} ${PREFIX}/share/doc/imapproxy
--- a/mail/imapproxy/distinfo
+++ b/mail/imapproxy/distinfo
@ -1,2 +1,2 @@
-SHA256 (squirrelmail-20210316_0200-SVN.imap_proxy.tar.gz) = x1nvOqr1+WZJU1N9g59p8VrmjX1cxKwZ9VOKlSQYnjs=
-SIZE (squirrelmail-20210316_0200-SVN.imap_proxy.tar.gz) = 146748
+SHA256 (squirrelmail-20221212_0200-SVN.imap_proxy.tar.gz) = mJQRG+EsaAb3rqGV84e8I+H6sBmcWLfanEh1r/cR3+Q=
+SIZE (squirrelmail-20221212_0200-SVN.imap_proxy.tar.gz) = 149482
--- a/mail/imapproxy/patches/patch-src_imapcommon_c
+++ b/mail/imapproxy/patches/patch-src_imapcommon_c
@ -53,7 +53,7 @@ Index: src/imapcommon.c
     
     /* see if we have a reusable connection available */
     ICC_Active = NULL;
-@@ -1277,6 +1294,7 @@ extern ICD_Struct *Get_Server_conn( char *Username, 
+@@ -1362,6 +1379,7 @@ extern ICD_Struct *Get_Server_conn( char *Username, 
 	SSL_free( Server.conn->tls );
     }
 #endif
--- a/mail/imapproxy/patches/patch-src_main_c
+++ b/mail/imapproxy/patches/patch-src_main_c
@ -16,7 +16,30 @@ Index: src/main.c
     SSL_load_error_strings();
 
     /* 
-@@ -1574,9 +1566,9 @@ static int verify_callback(int ok, X509_STORE_CTX * ct
+@@ -681,6 +673,22 @@ int main( int argc, char *argv[] )
+     if ( BecomeNonRoot() )
+ 	exit( 1 );
+ 
+    /*
+     * Optional dir accessed at runtime if it exists, but allow unveil() to fail
+     * so the daemon can still run if the dir does not exist.
+     */
+    unveil("/etc/ssl/certs", "r");
+    if ( unveil(NULL, NULL) != 0 )
+    {
+	syslog(LOG_ERR, "%s: unveil() failed: [%d]\n", fn, rc);
+	exit( 1 );
+    }
+    if ( pledge("stdio inet dns rpath", NULL) != 0 )
+    {
+	syslog(LOG_ERR, "%s: pledge() failed: [%d]\n", fn, rc);
+	exit( 1 );
+    }
+
+     /* some misc thread setup */
+     rc = pthread_attr_init( &attr );
+     if ( rc )
+@@ -1574,9 +1582,9 @@ static int verify_callback(int ok, X509_STORE_CTX * ct
 	    verify_error = X509_V_ERR_CERT_CHAIN_TOO_LONG;
 	}
     }