aboutsummaryrefslogtreecommitdiffstats
path: root/main/gross
diff options
context:
space:
mode:
authorNatanael Copa <ncopa@alpinelinux.org>2011-07-06 09:17:22 +0000
committerNatanael Copa <ncopa@alpinelinux.org>2011-07-06 09:21:32 +0000
commit5bcbe1fea9eea0ec4749a7905c3b7ef616ecce46 (patch)
treec2e57d35a587f324611fb614d5c5bc4f964a9c43 /main/gross
parent26aee517954fe2874c517c93f382933fbcf6189b (diff)
downloadaports-5bcbe1fea9eea0ec4749a7905c3b7ef616ecce46.tar.bz2
aports-5bcbe1fea9eea0ec4749a7905c3b7ef616ecce46.tar.xz
main/gross: add grey_tuple feature
Allows you to do greylisting on client ip, sender domain, and helo instead of the default client ip, sender email and recipient email. Patch is discussed upstream: https://lists.utu.fi/pipermail/gross/2011/000300.html
Diffstat (limited to 'main/gross')
-rw-r--r--main/gross/APKBUILD30
-rw-r--r--main/gross/gross-grey_tuple.patch146
2 files changed, 164 insertions, 12 deletions
diff --git a/main/gross/APKBUILD b/main/gross/APKBUILD
index e1f304d8ac..e359433914 100644
--- a/main/gross/APKBUILD
+++ b/main/gross/APKBUILD
@@ -2,7 +2,7 @@
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=gross
pkgver=1.0.2
-pkgrel=3
+pkgrel=4
pkgdesc="Greylisting of suspicious sources"
url="http://code.google.com/p/gross/"
arch="all"
@@ -16,28 +16,33 @@ source="http://gross.googlecode.com/files/$pkgname-$pkgver.tar.gz
grossd.initd
grossd.confd
gross-1.0.1-default-conf.patch
+ gross-grey_tuple.patch
"
-build() {
- cd "$srcdir/$pkgname-$pkgver"
+_builddir="$srcdir/$pkgname-$pkgver"
+prepare() {
+ local i
+ cd "$_builddir"
+ for i in $source; do
+ case $i in
+ *.patch) msg $i; patch -p1 -i "$srcdir"/$i || return 1;;
+ esac
+ done
+}
- for _i in ../*.patch; do
- msg "Applying $_i..."
- patch -p1 < $_i || return 1
- done
- export lt_SED='/bin/sed'
- export lt_cv_path_SED='/bin/sed'
+build() {
+ cd "$_builddir"
./configure --prefix=/usr \
--sysconfdir=/etc \
--mandir=/usr/share/man \
--infodir=/usr/share/info
- make -j1 || return 1
+ make || return 1
}
package() {
- cd "$srcdir/$pkgname-$pkgver"
+ cd "$_builddir"
make -j1 DESTDIR="$pkgdir" install
rm "$pkgdir"/usr/lib/*.la
@@ -50,4 +55,5 @@ package() {
md5sums="cb88d88553161c01e9bed7a74c3e9263 gross-1.0.2.tar.gz
6e8a2626c0c9f0e98e950a67a55a7040 grossd.initd
5ca1c6e51c3243236e6564480b20279b grossd.confd
-7c504b653c71dcf7b192bc487b3516fd gross-1.0.1-default-conf.patch"
+7c504b653c71dcf7b192bc487b3516fd gross-1.0.1-default-conf.patch
+d25f5688a63bddf14e0db677a7a82382 gross-grey_tuple.patch"
diff --git a/main/gross/gross-grey_tuple.patch b/main/gross/gross-grey_tuple.patch
new file mode 100644
index 0000000000..581e0064d2
--- /dev/null
+++ b/main/gross/gross-grey_tuple.patch
@@ -0,0 +1,146 @@
+Index: include/conf.h
+===================================================================
+--- a/include/conf.h (revision 519)
++++ b/include/conf.h (working copy)
+@@ -41,6 +41,7 @@
+ "stat_type", "status", \
+ "grey_mask", "24", \
+ "grey_delay", "10", \
++ "grey_type", "normal", \
+ "syslog_facility", "mail", \
+ "blocker_port", "4466", \
+ "blocker_weight", "1", \
+@@ -80,6 +81,7 @@
+ "log_level", \
+ "grey_mask", \
+ "grey_delay", \
++ "grey_type", \
+ "check", \
+ "protocol", \
+ "syslog_facility", \
+Index: include/common.h
+===================================================================
+--- a/include/common.h (revision 519)
++++ b/include/common.h (working copy)
+@@ -151,6 +151,12 @@
+ # endif /* bool */
+ #endif /* HAVE_BOOL */
+
++typedef enum
++{
++ GREY_TUPLE_NORMAL = 0,
++ GREY_TUPLE_LOOSE,
++} greytupletype_t;
++
+ typedef struct peer_s
+ {
+ struct sockaddr_in peer_addr;
+@@ -207,6 +213,7 @@
+ int grey_mask;
+ int protocols;
+ int greylist_delay;
++ greytupletype_t grey_tuple;
+ postfix_config_t postfix;
+ sjsms_config_t sjsms;
+ blocker_config_t blocker;
+Index: src/gross.c
+===================================================================
+--- a/src/gross.c (revision 519)
++++ b/src/gross.c (working copy)
+@@ -112,7 +112,7 @@
+ {
+ int ret;
+ configlist_t *cp;
+- const char *updatestr;
++ const char *updatestr, *greytuplestr;
+ struct hostent *host = NULL;
+ char buffer[MAXLINELEN] = { '\0' };
+ params_t *pp;
+@@ -214,6 +214,17 @@
+ daemon_shutdown(EXIT_CONFIG, "Invalid updatestyle: %s", updatestr);
+ }
+
++ greytuplestr = CONF("grey_tuple");
++ if (strncmp(greytuplestr, "loose", 6) == 0) {
++ logstr(GLOG_DEBUG, "grey_tuple: LOOSE");
++ ctx->config.grey_tuple = GREY_TUPLE_LOOSE;
++ } else if ((greytuplestr == NULL) || (strncmp(greytuplestr, "normal", 7) == 0)) {
++ logstr(GLOG_DEBUG, "grey_tuple: NORMAL");
++ ctx->config.grey_tuple = GREY_TUPLE_NORMAL;
++ } else {
++ daemon_shutdown(EXIT_CONFIG, "Invalid grey_tuple: %s", greytuplestr);
++ }
++
+ /* we must reset errno because strtol returns 0 if it fails */
+ errno = 0;
+ ctx->config.grey_mask = strtol(CONF("grey_mask"), (char **)NULL, 10);
+Index: src/worker.c
+===================================================================
+--- a/src/worker.c (revision 519)
++++ b/src/worker.c (working copy)
+@@ -186,6 +186,14 @@
+ }
+ }
+
++static const char *domain_part(const char *email)
++{
++ char *p = strchr(email, '@');
++ if (p == NULL)
++ return email;
++ return p + 1;
++}
++
+ int
+ test_tuple(final_status_t *final, grey_tuple_t *request, tmout_action_t *ta)
+ {
+@@ -233,7 +241,14 @@
+ }
+
+ /* greylist */
+- snprintf(maskedtuple, MSGSZ, "%s %s %s", chkipstr, request->sender, request->recipient);
++ switch (ctx->config.grey_tuple) {
++ case GREY_TUPLE_NORMAL:
++ snprintf(maskedtuple, MSGSZ, "%s %s %s", chkipstr, request->sender, request->recipient);
++ break;
++ case GREY_TUPLE_LOOSE:
++ snprintf(maskedtuple, MSGSZ, "%s %s %s", chkipstr, domain_part(request->sender), request->helo_name);
++ break;
++ }
+ digest = sha256_string(maskedtuple);
+
+ querylog_entry = &final->querylog_entry;
+Index: doc/examples/grossd.conf
+===================================================================
+--- a/doc/examples/grossd.conf (revision 519)
++++ b/doc/examples/grossd.conf (working copy)
+@@ -93,6 +93,13 @@
+ # only if response is STATUS_GREY
+ # DEFAULT: update = grey
+
++# 'grey_tuple' is the way greylisting tuples are created. Valid options are
++# 'normal' and 'loose'. If 'grey_tuple = normal' the tuple for grey listing
++# will be: masked client-ip, sender email, recipient email. If 'grey_tuple =
++# loose' the tuple for greylisting will be client-ip, domain of sender email
++# and helo.
++# DEFAULT: grey_tuple = normal
++
+ # 'grey_mask' is the mask for grossd to use when matching client_ip
+ # against the database. Default is 24, so grossd treats addresses
+ # like a.b.c.d as a.b.c.0. Setting this to 32 makes grossd to
+Index: man/grossd.conf.5.in
+===================================================================
+--- a/man/grossd.conf.5.in (revision 519)
++++ b/man/grossd.conf.5.in (working copy)
+@@ -66,6 +66,12 @@
+ \fIgrossd\fP\|(8) will update the database only if the response is
+ `\s-1STATUS_GREY\s+1'. Setting it to `always' may reduce the impact on
+ \s-1DNS\s+1 servers.
++.IP "\fBgrey_tuple\fP" 4
++is the greylisting tuple. Valid options are `normal' and `loose'. If set to
++`normal', which is the default, \fIgrossd\fP\|(8) will create the tuple from
++the masked `smtp\-client\-ip', sender email and recipient email. If set to
++`loose' it will create the tuple from the masked `smtp\-client\-ip', the sender
++email domain and helo message.
+ .IP "\fBgrey_mask\fP" 4
+ is the mask for \fIgrossd\fP\|(8) to use when matching the
+ `smtp\-client\-ip' against the database. Default is 24, which makes \fIgrossd\fP\|(8)