From 7d6a6fe51ee7edb4dc7b5fd1beb57fcda76291be Mon Sep 17 00:00:00 2001 From: kitzman Date: Sun, 21 Nov 2021 18:07:03 +0200 Subject: [PATCH] patched sinntp to handle TLS --- images/lieferhund/APKBUILD.sinntp | 13 ++--- images/lieferhund/Dockerfile | 24 +++++---- images/lieferhund/sinntp_use_tls.patch | 70 ++++++++++++++++++++++++++ 3 files changed, 90 insertions(+), 17 deletions(-) create mode 100644 images/lieferhund/sinntp_use_tls.patch diff --git a/images/lieferhund/APKBUILD.sinntp b/images/lieferhund/APKBUILD.sinntp index 2d6d1c6..0985f93 100644 --- a/images/lieferhund/APKBUILD.sinntp +++ b/images/lieferhund/APKBUILD.sinntp @@ -1,7 +1,7 @@ # Contributor: kitzman # Maintainer: kitzman pkgname=sinntp -pkgver=1.6 +pkgver=1.6.1 pkgrel=0 pkgdesc="NNTP utilities" provides="" @@ -13,16 +13,17 @@ depends="python3" checkdepends="python3-dev" makedepends="gzip" subpackages="" -source="https://github.com/jwilk/sinntp/releases/download/1.6/sinntp-1.6.tar.gz" -builddir="$srcdir/$_pkgname-$pkgver" +source="$pkgname-$pkgver.zip::https://github.com/jwilk/sinntp/archive/867da5ef0cb6d7f6127379d3e6f11bb38e49b192.zip sinntp_use_tls.patch" +builddir="$srcdir/$pkgname-867da5ef0cb6d7f6127379d3e6f11bb38e49b192" options="!check" sha512sums=" -44276960bda9ed532559af369eee3afa53a6b1638ec2089bffe229be4816d91cda98b8ae1d5f48d4774139e8776b52ae48cd6188d4d644a749ba70782dc94fe3 sinntp-1.6.tar.gz +b4c41c1b731f24b64364815906bf45851b520dc2790c048efd1b96fe9f6e1574d55a2777e4427040d0b41d74f3fa7158604570398666d429ac74a3767aafbbe4 sinntp-1.6.1.zip +b2afcc2ad96e41a4253e433c5c889a538c7e95498978bd9d36b84ba6a657806b8d93adf625902634e4271eb4911beffd873aaede4616b00e0d9e2bee1f5ce211 sinntp_use_tls.patch " package() { - sources="$srcdir/$pkgname-$pkgver" + sources="$srcdir/$pkgname-867da5ef0cb6d7f6127379d3e6f11bb38e49b192" mkdir -p "$pkgdir"/usr/bin mkdir -p "$pkgdir"/usr/share/sinntp @@ -31,7 +32,7 @@ package() { cp "$sources"/doc/manpages/* "$pkgdir"/usr/share/man/man1/. find "$pkgdir"/usr/share/man/man1 -exec gzip {} \; - + cp "$sources"/sinntp "$pkgdir"/usr/share/sinntp/. cp "$sources"/plugins.py "$pkgdir"/usr/share/sinntp/. cp "$sources"/utils.py "$pkgdir"/usr/share/sinntp/. diff --git a/images/lieferhund/Dockerfile b/images/lieferhund/Dockerfile index 9105a7f..81b1e85 100644 --- a/images/lieferhund/Dockerfile +++ b/images/lieferhund/Dockerfile @@ -17,17 +17,7 @@ RUN useradd -m -G wheel,users,abuild abuild-user RUN sed '$a%wheel ALL=(ALL) NOPASSWD: ALL' -i /etc/sudoers USER abuild-user - -# sinntp package -RUN mkdir -p /home/abuild-user/staging/sinntp - -WORKDIR /home/abuild-user/staging/sinntp - -COPY APKBUILD.sinntp APKBUILD - RUN abuild-keygen -a -i -n -RUN abuild -r -RUN sudo apk add --allow-untrusted /home/abuild-user/packages/staging/x86_64/sinntp*.apk # gnutls package @@ -47,6 +37,18 @@ RUN sed '10aoptions="!strip !check"' -i APKBUILD RUN abuild -r RUN sudo apk add --allow-untrusted /home/abuild-user/packages/staging/x86_64/gnutls*.apk +# sinntp package +RUN mkdir -p /home/abuild-user/staging/sinntp + +WORKDIR /home/abuild-user/staging/sinntp + +COPY APKBUILD.sinntp APKBUILD +COPY sinntp_use_tls.patch + +RUN abuild -r +RUN sudo apk add --allow-untrusted /home/abuild-user/packages/staging/x86_64/sinntp*.apk + +# Cleanup USER root RUN sed 's|%wheel ALL=(ALL) NOPASSWD: ALL||g' -i /etc/sudoers @@ -61,7 +63,7 @@ WORKDIR /tmp/lieferhund RUN git checkout $LH_TAG RUN autoreconf -vfi -RUN ./configure +RUN ./configure --prefix=/usr RUN make RUN make check RUN make install diff --git a/images/lieferhund/sinntp_use_tls.patch b/images/lieferhund/sinntp_use_tls.patch new file mode 100644 index 0000000..f045342 --- /dev/null +++ b/images/lieferhund/sinntp_use_tls.patch @@ -0,0 +1,70 @@ +diff --git a/sinntp b/sinntp +index 0d54740..2d4c5a9 100755 +--- a/sinntp ++++ b/sinntp +@@ -21,7 +21,7 @@ type(...) # Python 3 is required + __author__ = ('Jakub Wilk', 'Piotr Lewandowski') + __version__ = '1.6.1' + +-from nntplib import NNTP, NNTP_PORT, NNTPTemporaryError, NNTPError ++from nntplib import NNTP, NNTP_SSL, NNTP_PORT, NNTPTemporaryError, NNTPError + import argparse + import email + import email.generator +@@ -36,6 +36,7 @@ import os.path + import signal + import socket + import sys ++import ssl + + import plugins + import utils +@@ -105,6 +106,8 @@ class Command(): + o.add_argument('-P', '--password', dest='password', action='store', help='specify password') + o.add_argument('--no-netrc', dest='netrc', action='store_false', help='ignore credentials in ~/.netrc') + o.add_argument('-t', '--timeout', dest='timeout', action='store', type=int, help='specify connection timeout') ++ o.add_argument('-T', '--use-tls', dest='tls', action='store_true', help='use TLS') ++ o.add_argument('-I', '--insecure', dest='tls_no_verify', action='store_true', help='disable TLS verification') + return o + + def __init__(self, argv): +@@ -360,13 +363,32 @@ if __name__ == '__main__': + socket.setdefaulttimeout(command.options.timeout) + try: + logging.info('Connecting to %s:%d...', host, port) +- connection = NNTP(host, +- port=port, +- user=command.options.username, +- password=command.options.password, +- readermode=True, +- usenetrc=command.options.netrc +- ) ++ ++ connection = None ++ ++ if not command.options.tls: ++ connection = NNTP(host, ++ port=port, ++ user=command.options.username, ++ password=command.options.password, ++ readermode=True, ++ usenetrc=command.options.netrc ++ ) ++ else: ++ used_context = ssl.create_default_context() ++ ++ if command.options.tls_no_verify: ++ used_context.check_hostname = False ++ used_context.verify_mode = ssl.CERT_NONE ++ ++ connection = NNTP_SSL(host, ++ port=port, ++ user=command.options.username, ++ password=command.options.password, ++ ssl_context=used_context, ++ readermode=True, ++ usenetrc=command.options.netrc ++ ) + except socket.error as e: + logging.error('Could not connect to %s:%d: %s', host, port, e.strerror) + sys.exit(3)