[UPDATE] mail/p3scan to 2.3.2

Update port mail/p3scan to version 2.3.2.
	By default UVSCAN is off, because we have OSS clamav.
	User changed to system mailnull.
	Possible description must be changed too, because new version
	can POP3S, SMTP transparent proxing.

PR:		ports/96673
Submitted by:	edwin@FreeBSD.org
This commit is contained in:
Edwin Groothuis 2006-10-31 21:50:01 +00:00
parent 45923373c2
commit 8f30f8ef6a
Notes: svn2git 2021-03-31 03:12:20 +00:00
svn path=/head/; revision=175943
14 changed files with 205 additions and 138 deletions

View file

@ -6,7 +6,7 @@
#
PORTNAME= p3scan
PORTVERSION= 2.1
PORTVERSION= 2.3.2
CATEGORIES= mail net
MASTER_SITES= ${MASTER_SITE_SOURCEFORGE}
MASTER_SITE_SUBDIR= ${PORTNAME}
@ -23,7 +23,7 @@ SCRIPTS_ENV= PKG_PREFIX=${PREFIX} NONEXISTENT=${NONEXISTENT} PASSWD=/etc/passwd
SUB_FILES= pkg-message
PKGMESSAGE= ${WRKDIR}/pkg-message
OPTIONS= UVSCAN "Use UVSCAN" on
OPTIONS= UVSCAN "Use UVSCAN" off
PORTDOCS= AUTHORS CHANGELOG LICENSE NEWS README
@ -37,9 +37,16 @@ RUN_DEPENDS+= uvscan:${PORTSDIR}/security/vscan
.endif
do-install:
.if !exists(${PREFIX}/etc/p3scan)
${MKDIR} ${PREFIX}/etc/p3scan
.endif
.if !exists(/var/spool/p3scan)
${MKDIR} /var/spool/p3scan
.endif
${CHOWN} mailnull:mail /var/spool/p3scan
${INSTALL_PROGRAM} ${WRKSRC}/p3scan ${PREFIX}/sbin/
${INSTALL_DATA} ${WRKSRC}/p3scan.conf ${PREFIX}/etc/p3scan.conf.sample
${INSTALL_DATA} ${WRKSRC}/p3scan-en.mail ${PREFIX}/etc/p3scan.mail.sample
${INSTALL_DATA} ${WRKSRC}/p3scan.conf ${PREFIX}/etc/p3scan/p3scan.conf.sample
${INSTALL_DATA} ${WRKSRC}/p3scan-en.mail ${PREFIX}/etc/p3scan/p3scan.mail.sample
${INSTALL_SCRIPT} ${FILESDIR}/p3scan.sh ${PREFIX}/etc/rc.d/
.for f in ${MAN8}
${INSTALL_MAN} ${WRKSRC}/${f}.gz ${MAN8PREFIX}/man/man8/

View file

@ -1,3 +1,3 @@
MD5 (p3scan-2.1.tar.gz) = 5e261548e522f3ac2583870b6e02aecd
SHA256 (p3scan-2.1.tar.gz) = 26ebe4034c7016581d808b5de47d2a3288fc25a6bb27be116d2497c9aadcf9e7
SIZE (p3scan-2.1.tar.gz) = 348717
MD5 (p3scan-2.3.2.tar.gz) = 9f8decc7d4701228788e3c8717096ca0
SHA256 (p3scan-2.3.2.tar.gz) = 570bdf87132b23120339e247809dc2cf37c2735d504f4e1072528c04d940bb5f
SIZE (p3scan-2.3.2.tar.gz) = 321684

View file

@ -5,13 +5,11 @@ if ! PREFIX=$(expr $0 : "\(/.*\)/etc/rc\.d/$(basename $0)\$"); then
exit 1
fi
user=p3scan
configfile=${PREFIX}/etc/p3scan.conf
case "$1" in
start)
echo -n "P3Scan "
${PREFIX}/sbin/p3scan --configfile=${configfile} || exit 1
${PREFIX}/sbin/p3scan || exit 1
;;
stop)
echo -n "Shutting down P3Scan"

View file

@ -1,53 +1,58 @@
--- Makefile.orig Tue Jul 26 13:25:59 2005
+++ Makefile Tue Jul 26 15:00:51 2005
@@ -34,20 +34,20 @@
--- Makefile.orig Mon Dec 12 18:00:00 2005
+++ Makefile Mon May 1 11:07:46 2006
@@ -39,27 +39,27 @@
LOGFAC="LOG_DAEMON"
LOGSET=-DLOGOPT=${LOGOPT} -DLOGFAC=${LOGFAC}
LANG=en
-CC=gcc
+CC?=gcc
SYSINS=ginstall
-CFLAGS=-Wall -O2 ${LOGSET}
-LDFLAGS=-L. -lripmime -lpcre #-static
+CFLAGS+=-Wall -O2 ${LOGSET} -I${PREFIX}/include -I/usr/local/include
+LDFLAGS+=-L. -lripmime -lpcre ${_LDFLAGS} #-static
SYSINS=install
#CFLAGS=-Wall -O3 -march=i686 ${LOGSET}
-CFLAGS=-Wall -O2 $(LOGSET)
+CFLAGS=-Wall -O2 $(LOGSET) -I${PREFIX}/include -I/usr/local/include
PREFIX=/usr
#ifdef DEMIME :)
-LDFLAGS=-L. -lripmime -lpcre -lssl -lcrypto #-static
+LDFLAGS=-L. -lripmime -lpcre -lssl -lcrypto ${_LDFLAGS} #-static
#else
#LDFLAGS=-L. -lpcre -lssl -lcrypto
#endif :)
-PREFIX=/usr
+PREFIX=/usr/local
DESTDIR=
#MANDIR=$(PREFIX)/share/man/man8
-MANDIR=$(PREFIX)/man/man8
+MANDIR?=$(PREFIX)/man/man8
piddir=/var/run/$(PROGS)
datadir=/var/spool/$(PROGS)
notify=/var/spool/$(PROGS)/notify
-user=mail.mail
-userdir=/etc/$(PROGS)
-docdir=/usr/doc/$(DISTNAME)
+user=mail:mail
+userdir=/usr/local/etc/$(PROGS)
+docdir=/usr/local/doc/$(DISTNAME)
-user=mail:mail
+userdir=$(PREFIX)/etc/$(PROGS)
+docdir=$(PREFIX)/share/doc/$(DISTNAME)
+user=mailnull:mail
# End user options
OBJECTS=getline.o parsefile.o p3scan.o \
@@ -71,8 +71,8 @@
OBJECTS=getlinep3.o getline_ssl.o parsefile.o p3scan.o \
@@ -85,7 +85,7 @@
dep depend .dep:
@echo "creating depencies"
- rm .tmp.dep -f
- @find -name "*.c" -maxdepth 1 -print0 | xargs -n 1 -0rt $(CC) -M $(CFLAGS) >>.tmp.dep
+ rm -f .tmp.dep
+ @find . -name "*.c" -maxdepth 1 -print0 | xargs -n 1 -0t $(CC) -M $(CFLAGS) >>.tmp.dep
rm -f .tmp.dep
- @find -maxdepth 1 -name "*.c" -print0 | xargs -n 1 -0rt $(CC) -M $(CFLAGS) >>.tmp.dep
+ @find . -maxdepth 1 -name "*.c" -print0 | xargs -n 1 -0rt $(CC) -M $(CFLAGS) >>.tmp.dep
mv .tmp.dep .dep
install: p3scan
@@ -148,9 +148,9 @@
@@ -163,8 +163,8 @@
fulltags:
@#VIM Users know why! *g*
- find -name "*.c" -maxdepth 1 -print0 \
+ find . -name "*.c" -maxdepth 1 -print0 \
| xargs -n 1 -0r $(CC) -M -H $(CFLAGS) 2>.totag >/dev/null
- find -name "*.c" -maxdepth 1 -print0 \
+ find . -name "*.c" -maxdepth 1 -print0 \
| xargs -n 1 -0r echo >>.totag
- find -maxdepth 1 -name "*.c" -print0 | xargs -n 1 -0r $(CC) -M -H $(CFLAGS) 2>.totag >/dev/null
- find -maxdepth 1 -name "*.c" -print0 | xargs -n 1 -0r echo >>.totag
+ find . -maxdepth 1 -name "*.c" -print0 | xargs -n 1 -0r $(CC) -M -H $(CFLAGS) 2>.totag >/dev/null
+ find . -maxdepth 1 -name "*.c" -print0 | xargs -n 1 -0r echo >>.totag
cat .totag | sed "s/^[[:space:]]*//" | grep -v "^$(CC)" | sort | uniq >.totag
ctags --c-types=+c+p+f+x -L .totag .
rm -f .totag

View file

@ -0,0 +1,18 @@
--- getline_ssl.c.orig Mon May 1 00:18:22 2006
+++ getline_ssl.c Mon May 1 00:18:25 2006
@@ -38,7 +38,6 @@
#include <stdio.h>
#include <unistd.h>
#include <string.h>
-#include <malloc.h>
#include <stdarg.h>
#include <fcntl.h>
#include <sys/time.h>
@@ -50,6 +49,7 @@
#include <netdb.h>
#include <stdlib.h>
#include <sys/wait.h>
+#include <stdlib.h>
#include "getline_ssl.h"

View file

@ -1,15 +1,11 @@
--- getline.c.orig Tue Jul 26 13:29:05 2005
+++ getline.c Tue Jul 26 11:10:51 2005
@@ -33,11 +33,11 @@
--- getlinep3.c.orig Mon May 1 00:39:10 2006
+++ getlinep3.c Mon May 1 00:39:28 2006
@@ -37,7 +37,7 @@
#include <stdio.h>
#include <unistd.h>
#include <string.h>
-#include <malloc.h>
+#include <stdlib.h>
#include <stdarg.h>
#include <fcntl.h>
#include <sys/time.h>
#include <errno.h>
+#include <stdlib.h>
#include "getline.h"

View file

@ -1,6 +1,6 @@
--- p3scan.c.orig Thu Jan 6 04:53:04 2005
+++ p3scan.c Fri Jul 29 10:10:15 2005
@@ -36,36 +36,38 @@
--- p3scan.c.orig Mon Dec 12 18:00:00 2005
+++ p3scan.c Mon May 1 00:45:41 2006
@@ -41,36 +41,37 @@
TODO: Wanted: white-list support
TODO: Wanted: no iptables support
*/
@ -49,90 +49,37 @@
#include <sys/select.h>
+#include <sys/ucred.h>
+#include <sys/mount.h>
+
#include "p3scan.h"
#include "getline.h"
@@ -94,13 +96,13 @@
#define VIRUS_SCANNER_VIRUSCODE 1
#define PID_FILE "/var/run/p3scan/p3scan.pid"
#define SYSLOG_NAME "p3scan"
-#define CONFIGFILE "/etc/p3scan/p3scan.conf"
-#define VIRUS_TEMPLATE "/etc/p3scan/p3scan.mail"
+#define CONFIGFILE "/usr/local/etc/p3scan/p3scan.conf"
+#define VIRUS_TEMPLATE "/usr/local/etc/p3scan/p3scan.mail"
#define DEBUG 0
#define QUIET 0
#define OVERWRITE NULL
#define CHECKSPAM 0
-#define SPAMCHECK "/usr/bin/spamc"
+#define SPAMCHECK "/usr/local/bin/spamc"
#define MINSPACE 0
#define DELIT 0
#define NEWLINE '\n'
@@ -507,10 +509,21 @@
FILE * scanner;
static char line[4096*16];
//static char line[4096];
- struct statvfs fs;
unsigned long kbfree;
int htmlfd;
+ struct statfs fs;
+ if ((ret=statfs(config->virusdir,&fs))!=0) {
+ do_log(LOG_EMERG, "Unable to get available space!");
+ return SCANNER_RET_CRIT; // Should never reach here, but keep it clean. :)
+ }
+ kbfree=fs.f_bavail*fs.f_bsize/1024;
+ if ( config->freespace != 0 && kbfree < config->freespace ){
+ do_log(LOG_CRIT, "Not enough space! Available space: %d", kbfree);
+ return SCANNER_RET_CRIT;
+ }
+
+
ret=checktimeout(p);
if (ret < 0) return SCANNER_RET_CRIT;
/* See if we have enough room to process the message based upon
@@ -521,7 +534,7 @@
do_log(LOG_EMERG, "Unable to get available space!");
return SCANNER_RET_CRIT; // Should never reach here, but keep it clean. :)
}
- kbfree=(fs.f_bavail * fs.f_frsize / 1024);
+ kbfree=(fs.f_bavail * fs.f_bsize / 1024);
if ( config->freespace != 0 && kbfree < config->freespace ){
p->errmsg=1;
do_log(LOG_CRIT, "Not enough space! Available space: %d", kbfree);
@@ -1179,8 +1192,10 @@
p->server_addr.sin_family = AF_INET;
if (htonl(INADDR_ANY) == config->targetaddr.sin_addr.s_addr) {
- if (getsockopt(p->client_fd, SOL_IP, SO_ORIGINAL_DST, &p->server_addr, &p->socksize)){
- do_log(LOG_CRIT, "No IP-Conntrack-data (getsockopt failed)");
+// if (getsockopt(p->client_fd, SOL_IP, SO_ORIGINAL_DST, &p->server_addr, &p->socksize)){
+// do_log(LOG_CRIT, "No IP-Conntrack-data (getsockopt failed)");
+ if (getsockname(p->client_fd, (struct sockaddr*)&p->server_addr, &p->socksize)){
+ do_log(LOG_CRIT, "No IP-Conntrack-data (getsockname failed)");
return 1;
#include "getline_ssl.h"
@@ -1640,8 +1641,9 @@
}
/* try to avoid loop */
@@ -2041,7 +2056,7 @@
} else {
if (htonl(INADDR_ANY) == config->targetaddr.sin_addr.s_addr) {
- if (getsockopt(p->client_fd, SOL_IP, SO_ORIGINAL_DST, &p->server_addr, &p->socksize)){
- do_log(LOG_CRIT, "ERR: No IP-Conntrack-data (getsockopt failed)");
+ // if (getsockopt(p->client_fd, SOL_IP, SO_ORIGINAL_DST, &p->server_addr, &p->socksize)){
+ // do_log(LOG_CRIT, "ERR: No IP-Conntrack-data (getsockopt failed)");
+ if (getsockname(p->client_fd, (struct sockaddr*)&p->server_addr, &p->socksize)){
return 1;
}
/* try to avoid loop */
@@ -2882,7 +2884,7 @@
char * responsemsg;
int virusdirlen;
int virusdirlen=0;
char chownit[100];
-#define CHOWNCMD "/bin/chown"
+#define CHOWNCMD "/usr/sbin/chown"
int len;
int ret;
int len=0;
int ret=0;
FILE * chowncmd;
@@ -2080,7 +2095,10 @@
if (!config->debug){
len=strlen(CHOWNCMD)+1+strlen(config->runasuser)+1+strlen(config->runasuser)+1+strlen(config->pidfile)+1;
//do_log(LOG_DEBUG, "%s %s.%s %s=%i",CHOWNCMD, config->runasuser, config->runasuser, config->pidfile, len);
- snprintf(chownit, len, "%s %s.%s %s", CHOWNCMD, config->runasuser, config->runasuser, config->pidfile);
+// snprintf(chownit, len, "%s %s.%s %s", CHOWNCMD, config->runasuser, config->runasuser, config->pidfile);
@@ -2920,7 +2922,8 @@
fclose(fp);
}else do_log(LOG_CRIT, "ERR: Can't write PID to %s", PID_FILE);
len=strlen(CHOWNCMD)+1+strlen(config->runasuser)+1+strlen(config->runasuser)+1+strlen(config->pidfile)+1;
- snprintf(chownit, len, "%s %s:%s %s", CHOWNCMD, config->runasuser, config->runasuser, config->pidfile);
+ do_log(LOG_DEBUG, "%s %s:%s %s=%i",CHOWNCMD, config->runasuser, config->runasuser, config->pidfile, len);
+ snprintf(chownit, len, "%s %s:%s %s", CHOWNCMD, config->runasuser, config->runasuser, config->pidfile);
+
if ((chowncmd=popen(chownit, "r"))==NULL){
do_log(LOG_ALERT, "Can't '%s' !!!", chowncmd);
return SCANNER_RET_ERR;
if ((chowncmd=popen(chownit, "r"))==NULL){
do_log(LOG_ALERT, "ERR: Can't '%s' !!!", chowncmd);
return SCANNER_RET_ERR;

View file

@ -0,0 +1,30 @@
--- p3scan.h.orig Mon May 1 00:33:38 2006
+++ p3scan.h Mon May 1 00:36:01 2006
@@ -110,21 +110,21 @@
#define VIRUS_SCANNER_VIRUSCODE 1
#define PID_FILE "/var/run/p3scan/p3scan.pid"
#define SYSLOG_NAME "p3scan"
-#define CONFIGFILE "/etc/p3scan/p3scan.conf"
-#define VIRUS_TEMPLATE "/etc/p3scan/p3scan.mail"
+#define CONFIGFILE "/usr/local/etc/p3scan/p3scan.conf"
+#define VIRUS_TEMPLATE "/usr/local/etc/p3scan/p3scan.mail"
#define DEBUG 0
#define QUIET 0
#define OVERWRITE NULL
#define CHECKSPAM 0
-#define SPAMCHECK "/usr/bin/spamc"
+#define SPAMCHECK "/usr/local/bin/spamc"
#define MINSPACE 10000
#define DELIT 0
#define SUBJECT "[Virus] found in a mail to you:"
#define NOTIFY "Per instruction, the message has been deleted."
#define SMTPRSET "Virus detected! P3scan rejected message!"
-#define XMAIL "/bin/mail"
-#define FOOTER "/etc/p3scan/p3scan.footer"
-#define EXTRA "/etc/p3scan/p3scan.extra"
+#define XMAIL "/usr/bin/mail"
+#define FOOTER "/usr/local/etc/p3scan/p3scan.footer"
+#define EXTRA "/usr/local/etc/p3scan/p3scan.extra"
#define EMERGCON "root@localhost postmaster@localhost"
/* Defaut maximum mail size for scanning. ZERO for no limit! */
#define MAX_SIZE_SCAN 0

View file

@ -1,6 +1,6 @@
--- parsefile.c.orig Wed Jan 5 20:53:04 2005
+++ parsefile.c Tue Jul 26 11:10:08 2005
@@ -33,11 +33,12 @@
--- parsefile.c.orig Mon May 1 00:37:13 2006
+++ parsefile.c Mon May 1 00:37:47 2006
@@ -69,9 +69,10 @@
#include <stdio.h>
#include <stdlib.h>
#include <fcntl.h>
@ -8,9 +8,7 @@
+#include <stdlib.h>
#include <string.h>
#include <sys/stat.h>
#include "parsefile.h"
#include "getline.h"
+#include <netinet/in.h>
#define NONULL(x) ( x==NULL ? "" : x) /* this is nice, found in the mutt code */
#include "parsefile.h"
#include "getlinep3.h"
#include "p3scan.h"

View file

@ -0,0 +1,18 @@
--- scanner_avpd_new.c.orig Mon May 1 00:52:11 2006
+++ scanner_avpd_new.c Mon May 1 00:53:46 2006
@@ -44,7 +44,6 @@
#include <time.h>
#include <sys/time.h>
#include <errno.h>
-#include <malloc.h>
#include <sys/un.h>
#include <sys/socket.h>
#include <stdarg.h>
@@ -52,6 +51,7 @@
#include <ctype.h>
#include <sys/select.h>
#include <fcntl.h>
+#include <netinet/in.h>
#include "p3scan.h"

View file

@ -0,0 +1,12 @@
--- scanner_bash.c.orig Mon May 1 00:54:39 2006
+++ scanner_bash.c Mon May 1 00:54:55 2006
@@ -39,8 +39,8 @@
#include <sys/wait.h>
#include <sys/stat.h>
#include <errno.h>
-#include <malloc.h>
#include <pcre.h>
+#include <netinet/in.h>
#include "p3scan.h"
#include "parsefile.h"

View file

@ -0,0 +1,38 @@
--- scanner_clamd.c.orig Mon May 1 10:54:52 2006
+++ scanner_clamd.c Mon May 1 10:55:00 2006
@@ -99,7 +99,10 @@
loc2 = tmp-config->virusscanner+1;
len=strlen(config->virusscanner);
config->clamdport=substr(config->virusscanner,loc2,len);
- config->clamdserver=strndup(config->virusscanner,loc); //TODO: 6 bytes in 1 blocks are definitely lost in loss record 1 of 2
+// config->clamdserver=strndup(config->virusscanner,loc); //TODO: 6 bytes in 1 blocks are definitely lost in loss record 1 of 2
+config->clamdserver=malloc(loc+1);
+config->clamdserver=strncpy(config->clamdserver, config->virusscanner, loc);
+config->clamdserver[1] = 0;
do_log(LOG_DEBUG, "Reset ClamdServer to: %s Port: %s",config->clamdserver, config->clamdport);
}
bzero(&clamd_pri, sizeof(clamd_pri));
@@ -262,7 +265,10 @@
char *tmp=NULL;
if (strlen(NONULL(config->virusscanner))<1){
- tmp=strndup(DEFAULT_SERVER,strlen(DEFAULT_SERVER));
+ //tmp=strndup(DEFAULT_SERVER,strlen(DEFAULT_SERVER));
+tmp=malloc(strlen(DEFAULT_SERVER)+1);
+tmp=strncpy(tmp, DEFAULT_SERVER, loc);
+config->clamdserver[1] = 0;
strncat(tmp,":",1);
strncat(tmp,DEFAULT_PORT,4);
config->virusscanner=tmp;
@@ -274,7 +280,10 @@
loc2 = tmp-config->virusscanner+1;
len=strlen(config->virusscanner);
config->clamdport=substr(config->virusscanner,loc2,len);
- config->clamdserver=strndup(config->virusscanner,loc); //TODO: 6 bytes in 1 blocks are definitely lost in loss record 1 of 2
+ //config->clamdserver=strndup(config->virusscanner,loc); //TODO: 6 bytes in 1 blocks are definitely lost in loss record 1 of 2
+config->clamdserver=malloc(loc+1);
+config->clamdserver=strncpy(config->clamdserver, config->virusscanner, loc);
+config->clamdserver[1] = 0;
do_log(LOG_DEBUG, "Clamd init. Server: %s Port: %s",config->clamdserver, config->clamdport);
}else{
do_log(LOG_CRIT, "Clamd init unable to locate separator: %s",config->virusscanner);

View file

@ -1,11 +1,11 @@
**********************************************************************
By default, P3Scan is configured to work with McAfee UVSCAN.
Please copy %%PREFIX%%/etc/p3scan.conf.sample to p3scan.conf and modify
%%PREFIX%%/etc/p3scan.conf and/or %%PREFIX%%/etc/rc.d/p3scan.sh to
Please copy %%PREFIX%%/etc/p3scan/p3scan.conf.sample to p3scan.conf and modify
%%PREFIX%%/etc/p3scan/p3scan.conf and/or %%PREFIX%%/etc/rc.d/p3scan.sh to
fit your environment.
Don't forget to copy %%PREFIX%%/etc/p3scan.mail.sample to p3scan.mail
Don't forget to copy %%PREFIX%%/etc/p3scan/p3scan.mail.sample to p3scan.mail
and edit your own template for virus notifications.
By the way, you need to enable IPFIREWALL and IPFIREWALL_FORWARD options

View file

@ -107,8 +107,8 @@ EOF
exit 1
fi
user=p3scan
group=p3scan
user=mailnull
group=mail
spooldir=/var/spool/p3scan
childrendir=/var/spool/p3scan/children
notifydir=/var/spool/p3scannotify