diff options
author | Natanael Copa <ncopa@alpinelinux.org> | 2011-07-06 09:17:22 +0000 |
---|---|---|
committer | Natanael Copa <ncopa@alpinelinux.org> | 2011-07-06 09:21:32 +0000 |
commit | 5bcbe1fea9eea0ec4749a7905c3b7ef616ecce46 (patch) | |
tree | c2e57d35a587f324611fb614d5c5bc4f964a9c43 /main/gross | |
parent | 26aee517954fe2874c517c93f382933fbcf6189b (diff) | |
download | aports-5bcbe1fea9eea0ec4749a7905c3b7ef616ecce46.tar.bz2 aports-5bcbe1fea9eea0ec4749a7905c3b7ef616ecce46.tar.xz |
main/gross: add grey_tuple feature
Allows you to do greylisting on client ip, sender domain, and helo instead
of the default client ip, sender email and recipient email.
Patch is discussed upstream:
https://lists.utu.fi/pipermail/gross/2011/000300.html
Diffstat (limited to 'main/gross')
-rw-r--r-- | main/gross/APKBUILD | 30 | ||||
-rw-r--r-- | main/gross/gross-grey_tuple.patch | 146 |
2 files changed, 164 insertions, 12 deletions
diff --git a/main/gross/APKBUILD b/main/gross/APKBUILD index e1f304d8ac..e359433914 100644 --- a/main/gross/APKBUILD +++ b/main/gross/APKBUILD @@ -2,7 +2,7 @@ # Maintainer: Natanael Copa <ncopa@alpinelinux.org> pkgname=gross pkgver=1.0.2 -pkgrel=3 +pkgrel=4 pkgdesc="Greylisting of suspicious sources" url="http://code.google.com/p/gross/" arch="all" @@ -16,28 +16,33 @@ source="http://gross.googlecode.com/files/$pkgname-$pkgver.tar.gz grossd.initd grossd.confd gross-1.0.1-default-conf.patch + gross-grey_tuple.patch " -build() { - cd "$srcdir/$pkgname-$pkgver" +_builddir="$srcdir/$pkgname-$pkgver" +prepare() { + local i + cd "$_builddir" + for i in $source; do + case $i in + *.patch) msg $i; patch -p1 -i "$srcdir"/$i || return 1;; + esac + done +} - for _i in ../*.patch; do - msg "Applying $_i..." - patch -p1 < $_i || return 1 - done - export lt_SED='/bin/sed' - export lt_cv_path_SED='/bin/sed' +build() { + cd "$_builddir" ./configure --prefix=/usr \ --sysconfdir=/etc \ --mandir=/usr/share/man \ --infodir=/usr/share/info - make -j1 || return 1 + make || return 1 } package() { - cd "$srcdir/$pkgname-$pkgver" + cd "$_builddir" make -j1 DESTDIR="$pkgdir" install rm "$pkgdir"/usr/lib/*.la @@ -50,4 +55,5 @@ package() { md5sums="cb88d88553161c01e9bed7a74c3e9263 gross-1.0.2.tar.gz 6e8a2626c0c9f0e98e950a67a55a7040 grossd.initd 5ca1c6e51c3243236e6564480b20279b grossd.confd -7c504b653c71dcf7b192bc487b3516fd gross-1.0.1-default-conf.patch" +7c504b653c71dcf7b192bc487b3516fd gross-1.0.1-default-conf.patch +d25f5688a63bddf14e0db677a7a82382 gross-grey_tuple.patch" diff --git a/main/gross/gross-grey_tuple.patch b/main/gross/gross-grey_tuple.patch new file mode 100644 index 0000000000..581e0064d2 --- /dev/null +++ b/main/gross/gross-grey_tuple.patch @@ -0,0 +1,146 @@ +Index: include/conf.h +=================================================================== +--- a/include/conf.h (revision 519) ++++ b/include/conf.h (working copy) +@@ -41,6 +41,7 @@ + "stat_type", "status", \ + "grey_mask", "24", \ + "grey_delay", "10", \ ++ "grey_type", "normal", \ + "syslog_facility", "mail", \ + "blocker_port", "4466", \ + "blocker_weight", "1", \ +@@ -80,6 +81,7 @@ + "log_level", \ + "grey_mask", \ + "grey_delay", \ ++ "grey_type", \ + "check", \ + "protocol", \ + "syslog_facility", \ +Index: include/common.h +=================================================================== +--- a/include/common.h (revision 519) ++++ b/include/common.h (working copy) +@@ -151,6 +151,12 @@ + # endif /* bool */ + #endif /* HAVE_BOOL */ + ++typedef enum ++{ ++ GREY_TUPLE_NORMAL = 0, ++ GREY_TUPLE_LOOSE, ++} greytupletype_t; ++ + typedef struct peer_s + { + struct sockaddr_in peer_addr; +@@ -207,6 +213,7 @@ + int grey_mask; + int protocols; + int greylist_delay; ++ greytupletype_t grey_tuple; + postfix_config_t postfix; + sjsms_config_t sjsms; + blocker_config_t blocker; +Index: src/gross.c +=================================================================== +--- a/src/gross.c (revision 519) ++++ b/src/gross.c (working copy) +@@ -112,7 +112,7 @@ + { + int ret; + configlist_t *cp; +- const char *updatestr; ++ const char *updatestr, *greytuplestr; + struct hostent *host = NULL; + char buffer[MAXLINELEN] = { '\0' }; + params_t *pp; +@@ -214,6 +214,17 @@ + daemon_shutdown(EXIT_CONFIG, "Invalid updatestyle: %s", updatestr); + } + ++ greytuplestr = CONF("grey_tuple"); ++ if (strncmp(greytuplestr, "loose", 6) == 0) { ++ logstr(GLOG_DEBUG, "grey_tuple: LOOSE"); ++ ctx->config.grey_tuple = GREY_TUPLE_LOOSE; ++ } else if ((greytuplestr == NULL) || (strncmp(greytuplestr, "normal", 7) == 0)) { ++ logstr(GLOG_DEBUG, "grey_tuple: NORMAL"); ++ ctx->config.grey_tuple = GREY_TUPLE_NORMAL; ++ } else { ++ daemon_shutdown(EXIT_CONFIG, "Invalid grey_tuple: %s", greytuplestr); ++ } ++ + /* we must reset errno because strtol returns 0 if it fails */ + errno = 0; + ctx->config.grey_mask = strtol(CONF("grey_mask"), (char **)NULL, 10); +Index: src/worker.c +=================================================================== +--- a/src/worker.c (revision 519) ++++ b/src/worker.c (working copy) +@@ -186,6 +186,14 @@ + } + } + ++static const char *domain_part(const char *email) ++{ ++ char *p = strchr(email, '@'); ++ if (p == NULL) ++ return email; ++ return p + 1; ++} ++ + int + test_tuple(final_status_t *final, grey_tuple_t *request, tmout_action_t *ta) + { +@@ -233,7 +241,14 @@ + } + + /* greylist */ +- snprintf(maskedtuple, MSGSZ, "%s %s %s", chkipstr, request->sender, request->recipient); ++ switch (ctx->config.grey_tuple) { ++ case GREY_TUPLE_NORMAL: ++ snprintf(maskedtuple, MSGSZ, "%s %s %s", chkipstr, request->sender, request->recipient); ++ break; ++ case GREY_TUPLE_LOOSE: ++ snprintf(maskedtuple, MSGSZ, "%s %s %s", chkipstr, domain_part(request->sender), request->helo_name); ++ break; ++ } + digest = sha256_string(maskedtuple); + + querylog_entry = &final->querylog_entry; +Index: doc/examples/grossd.conf +=================================================================== +--- a/doc/examples/grossd.conf (revision 519) ++++ b/doc/examples/grossd.conf (working copy) +@@ -93,6 +93,13 @@ + # only if response is STATUS_GREY + # DEFAULT: update = grey + ++# 'grey_tuple' is the way greylisting tuples are created. Valid options are ++# 'normal' and 'loose'. If 'grey_tuple = normal' the tuple for grey listing ++# will be: masked client-ip, sender email, recipient email. If 'grey_tuple = ++# loose' the tuple for greylisting will be client-ip, domain of sender email ++# and helo. ++# DEFAULT: grey_tuple = normal ++ + # 'grey_mask' is the mask for grossd to use when matching client_ip + # against the database. Default is 24, so grossd treats addresses + # like a.b.c.d as a.b.c.0. Setting this to 32 makes grossd to +Index: man/grossd.conf.5.in +=================================================================== +--- a/man/grossd.conf.5.in (revision 519) ++++ b/man/grossd.conf.5.in (working copy) +@@ -66,6 +66,12 @@ + \fIgrossd\fP\|(8) will update the database only if the response is + `\s-1STATUS_GREY\s+1'. Setting it to `always' may reduce the impact on + \s-1DNS\s+1 servers. ++.IP "\fBgrey_tuple\fP" 4 ++is the greylisting tuple. Valid options are `normal' and `loose'. If set to ++`normal', which is the default, \fIgrossd\fP\|(8) will create the tuple from ++the masked `smtp\-client\-ip', sender email and recipient email. If set to ++`loose' it will create the tuple from the masked `smtp\-client\-ip', the sender ++email domain and helo message. + .IP "\fBgrey_mask\fP" 4 + is the mask for \fIgrossd\fP\|(8) to use when matching the + `smtp\-client\-ip' against the database. Default is 24, which makes \fIgrossd\fP\|(8) |