update to a newer svn checkout of imapproxy, plus add pledge/unveil
This commit is contained in:
parent
0c472397fb
commit
f3615e00a7
|
@ -1,16 +1,15 @@
|
|||
COMMENT= caching IMAP proxy to be used with webmail clients
|
||||
COMMENT= connection-caching IMAP proxy for webmail clients etc.
|
||||
|
||||
DISTNAME= squirrelmail-20210316_0200-SVN.imap_proxy
|
||||
PKGNAME= imapproxy-1.2.8pre2021.02
|
||||
REVISION= 5
|
||||
DISTNAME= squirrelmail-20221212_0200-SVN.imap_proxy
|
||||
# date of last commit:
|
||||
PKGNAME= imapproxy-1.2.8pre20220524
|
||||
WRKDIST= ${WRKDIR}/squirrelmail.imap_proxy
|
||||
|
||||
CATEGORIES= mail
|
||||
# old svn tgz are removed
|
||||
#MASTER_SITES= http://snapshots.squirrelmail.org/
|
||||
PORTROACH= site:https://snapshots.squirrelmail.org/
|
||||
MASTER_SITES= https://spacehopper.org/mirrors/
|
||||
|
||||
HOMEPAGE= http://www.imapproxy.org/
|
||||
HOMEPAGE= https://squirrelmail.org/
|
||||
|
||||
# GPLv2+
|
||||
PERMIT_PACKAGE= Yes
|
||||
|
@ -23,7 +22,7 @@ DEBUG_PACKAGES= ${BUILD_PACKAGES}
|
|||
NO_TEST= Yes
|
||||
|
||||
pre-build:
|
||||
@${SUBST_CMD} ${WRKSRC}/include/imapproxy.h
|
||||
${SUBST_CMD} ${WRKSRC}/include/imapproxy.h
|
||||
|
||||
post-install:
|
||||
${INSTALL_DATA_DIR} ${PREFIX}/share/doc/imapproxy
|
||||
|
|
|
@ -1,2 +1,2 @@
|
|||
SHA256 (squirrelmail-20210316_0200-SVN.imap_proxy.tar.gz) = x1nvOqr1+WZJU1N9g59p8VrmjX1cxKwZ9VOKlSQYnjs=
|
||||
SIZE (squirrelmail-20210316_0200-SVN.imap_proxy.tar.gz) = 146748
|
||||
SHA256 (squirrelmail-20221212_0200-SVN.imap_proxy.tar.gz) = mJQRG+EsaAb3rqGV84e8I+H6sBmcWLfanEh1r/cR3+Q=
|
||||
SIZE (squirrelmail-20221212_0200-SVN.imap_proxy.tar.gz) = 149482
|
||||
|
|
|
@ -53,7 +53,7 @@ Index: src/imapcommon.c
|
|||
|
||||
/* see if we have a reusable connection available */
|
||||
ICC_Active = NULL;
|
||||
@@ -1277,6 +1294,7 @@ extern ICD_Struct *Get_Server_conn( char *Username,
|
||||
@@ -1362,6 +1379,7 @@ extern ICD_Struct *Get_Server_conn( char *Username,
|
||||
SSL_free( Server.conn->tls );
|
||||
}
|
||||
#endif
|
||||
|
|
|
@ -16,7 +16,30 @@ Index: src/main.c
|
|||
SSL_load_error_strings();
|
||||
|
||||
/*
|
||||
@@ -1574,9 +1566,9 @@ static int verify_callback(int ok, X509_STORE_CTX * ct
|
||||
@@ -681,6 +673,22 @@ int main( int argc, char *argv[] )
|
||||
if ( BecomeNonRoot() )
|
||||
exit( 1 );
|
||||
|
||||
+ /*
|
||||
+ * Optional dir accessed at runtime if it exists, but allow unveil() to fail
|
||||
+ * so the daemon can still run if the dir does not exist.
|
||||
+ */
|
||||
+ unveil("/etc/ssl/certs", "r");
|
||||
+ if ( unveil(NULL, NULL) != 0 )
|
||||
+ {
|
||||
+ syslog(LOG_ERR, "%s: unveil() failed: [%d]\n", fn, rc);
|
||||
+ exit( 1 );
|
||||
+ }
|
||||
+ if ( pledge("stdio inet dns rpath", NULL) != 0 )
|
||||
+ {
|
||||
+ syslog(LOG_ERR, "%s: pledge() failed: [%d]\n", fn, rc);
|
||||
+ exit( 1 );
|
||||
+ }
|
||||
+
|
||||
/* some misc thread setup */
|
||||
rc = pthread_attr_init( &attr );
|
||||
if ( rc )
|
||||
@@ -1574,9 +1582,9 @@ static int verify_callback(int ok, X509_STORE_CTX * ct
|
||||
verify_error = X509_V_ERR_CERT_CHAIN_TOO_LONG;
|
||||
}
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue
Block a user