Update to 1.0.18.

Fix build problem with db4 following a hint by obache@

04/09/2006
==========

Release: Prayer 1.0.18

Important Security fix:
  os_connect_unix() had a strcpy() which should have been strncpy() to
  prevent buffer overrun. Prayer 1.0.17 was mostly safe.

By 28/06/2006
=============

Release: Prayer 1.0.17

Fix small foulup wuth gethostbyname() calculations when binding Prayer
to specific interfaces.

Cleanups to stop char vs unsigned char warnings with latest c-client.

Make sure that all internal draft messages consistently use CRLF.

Security audit for Prayer frontend following attack:
  Optional Chroot environment (See chroot options in config file).
  Stripped out debugging code.

04/11/2005
==========

Fix small foulups with abook_lookup:
  Couldn't add last address to existing draft.
  Block LDAP metacharacters from search.

By 13/06/2005
=============

Release: Prayer 1.0.16

Fix silly bug when replying to multipart messages where the main message
and the text/plain subpart have different encoding (missing mail_body
call).

Add a limit_vm backstop to stop single runaway process from taking
over the system.

By 10/06/2005
=============

Release: Prayer 1.0.15 (1.0.13 and 14 internal releases only).

list screen doesn't set "current" message to middle of range. Means that
switching between various sort modes works more consistently.

Go fishing for text/plain or failing that text/html bodypart within top
level of multipart/mixed or multipart/alternate message when replying to a
message. Behaviour should now be consistent with cmd_forward and
cmd_display.

Include LDAP and local finger database lookups (latter for Cambridge use only)

Addressbook screen:
  Addressbook sort (can be set on Manage => Preferences => Display)
  Addressbook bulk removal
  Import and Export CSV (Outlook) format address screen

Spellcheck:
  Support native aspell as well as ispell, aspell in ispell compatibility mode.
  Means that Quoted text is not checked if the following is set:
      Manage => Preferences => Extra Compose =>
      Skip quoted text on spell check

By 09/08/2005
=============

Spam whitelist

Test the Referer header on login. Two independant prayer.cf options:
referer_block_invalid and referer_log_invalid

Test the Referer: header before performing a /redirect/ action in
order to protect against URL redirector abuse
  Doesn't work with "Save Target As". Remove entirely

Confirm on expunge.

Cleanup up account_message error reporting so consistent.

Fix format=flowed quoting problems.

Fix memory leak in mailbox download (2 x size of mail folder) until
next transfer or idle shutdown.

25/01/2005
==========

line_wrap_on_send preference not used by draft_init().

Fixed problems with multipart/alternate display and forwarding
This commit is contained in:
wiz 2007-06-15 23:28:16 +00:00
parent 7a7bf0611c
commit 0987157b04
8 changed files with 87 additions and 50 deletions

View file

@ -1,8 +1,7 @@
# $NetBSD: Makefile,v 1.30 2007/06/08 12:25:04 wiz Exp $
# $NetBSD: Makefile,v 1.31 2007/06/15 23:28:16 wiz Exp $
#
DISTNAME= prayer-1.0.12
PKGREVISION= 5
DISTNAME= prayer-1.0.18
CATEGORIES= mail www
MASTER_SITES= ftp://ftp.csx.cam.ac.uk/pub/software/email/prayer/
@ -46,11 +45,13 @@ FILES_SUBST+= VAR_PREFIX=${VAR_PREFIX:Q}
post-patch:
${FIND} ${WRKSRC} -name CVS -type d -print | ${SORT} -r | \
${XARGS} ${RM} -r
cp ${WRKSRC}/defaults/Config ${WRKSRC}
pre-install:
${INSTALL_DATA_DIR} ${EGDIR}
.include "../../databases/db4/buildlink3.mk"
.include "../../databases/openldap-client/buildlink3.mk"
.include "../../devel/zlib/buildlink3.mk"
.include "../../mail/imap-uw/buildlink3.mk"
.include "../../security/openssl/buildlink3.mk"

View file

@ -1,6 +1,7 @@
@comment $NetBSD: PLIST,v 1.8 2006/02/19 09:24:53 wiz Exp $
@comment $NetBSD: PLIST,v 1.9 2007/06/15 23:28:16 wiz Exp $
sbin/prayer
sbin/prayer-cyclog
sbin/prayer-db-prune
sbin/prayer-sem-prune
sbin/prayer-session
sbin/prayer-ssl-prune
@ -11,7 +12,10 @@ share/examples/prayer/welcome.html
share/examples/rc.d/prayer
share/prayer/help/abook_add.html
share/prayer/help/abook_list.html
share/prayer/help/abook_lookup.html
share/prayer/help/abook_search.html
share/prayer/help/abook_take.html
share/prayer/help/abook_update.html
share/prayer/help/abook_xfer.html
share/prayer/help/attachments.html
share/prayer/help/block.html

View file

@ -1,14 +1,14 @@
$NetBSD: distinfo,v 1.12 2006/10/23 08:31:29 rillig Exp $
$NetBSD: distinfo,v 1.13 2007/06/15 23:28:16 wiz Exp $
SHA1 (prayer-1.0.12.tar.gz) = 8ea568f9e0e1fe925102e80451b3c9432f5fed15
RMD160 (prayer-1.0.12.tar.gz) = 76edc3896d0936c87378f848334bc42d648317f3
Size (prayer-1.0.12.tar.gz) = 544239 bytes
SHA1 (patch-aa) = 715cc47f3f9708e3f97f5b58b4f5bf307c7806bd
SHA1 (prayer-1.0.18.tar.gz) = ab90f9bfac568ed93993beff745f1433d20f1dcc
RMD160 (prayer-1.0.18.tar.gz) = bbe26134c69fd70026fd207f8ca0edcd24da7f74
Size (prayer-1.0.18.tar.gz) = 566168 bytes
SHA1 (patch-aa) = aa28cf4a598d9c8c3bf14dc9f0034ab16dccec06
SHA1 (patch-ab) = 72f6b8768303222a8798ca07e83efccdefa8fe25
SHA1 (patch-ac) = b7df87589bdc2fd2894f2028652e01aa0c181fa1
SHA1 (patch-ad) = bd8f517d5bede0fd3d3f4e9a108cd0cd99d7c8ab
SHA1 (patch-ae) = a04d4206e9b671be0fdce73a5093fb18778a1052
SHA1 (patch-af) = 730ee832fcb6464d7909ff9f048d7c57ce86aba8
SHA1 (patch-ag) = d932eeb11171da4084eb56e097a7880e67a18561
SHA1 (patch-ad) = a4d60d312012be24308405b3668edb4931892c06
SHA1 (patch-ae) = 378adaf7a2153a54824b60ee50b7a8a4591188ff
SHA1 (patch-af) = bc3b5b7181da0646995955245b2d9d4cc8032eed
SHA1 (patch-ag) = 2899392ad6a852dad0ccfdbea2c1a6a8f7c5feb7
SHA1 (patch-ah) = 7197f80ad71700276c79666090b62628c128ca21
SHA1 (patch-ai) = 0b3edeea78d16c3792d540ea0a92943ed0bb7583

View file

@ -1,8 +1,8 @@
$NetBSD: patch-aa,v 1.8 2006/10/23 08:31:29 rillig Exp $
$NetBSD: patch-aa,v 1.9 2007/06/15 23:28:17 wiz Exp $
--- Config.orig 2005-01-06 13:51:08.000000000 +0100
+++ Config 2006-10-23 10:21:43.000000000 +0200
@@ -15,9 +15,9 @@ DIRECT_ENABLE = false # Experime
--- defaults/Config.orig 2006-04-05 12:35:35.000000000 +0000
+++ defaults/Config
@@ -16,9 +16,9 @@ DIRECT_ENABLE = false # Experime
MUTEX_SEMAPHORE = false # Use SYSV mutexes rather than file locking
# Following depend on the way that you have configured c-client
@ -15,7 +15,7 @@ $NetBSD: patch-aa,v 1.8 2006/10/23 08:31:29 rillig Exp $
# Probably don't need the following
ACCOUNTD_ENABLE = false # Only of use in Cambridge at the moment.
@@ -31,13 +31,13 @@ CC = gcc
@@ -32,13 +32,13 @@ CC = gcc
# Location of make program (GNU make required)
MAKE = gmake
# Location of install program (GNU install or compatible required)
@ -32,20 +32,20 @@ $NetBSD: patch-aa,v 1.8 2006/10/23 08:31:29 rillig Exp $
BASE_LIBS = -lcrypt
# Base Compiler options for Sun SUNWspro compiler
@@ -57,9 +57,9 @@ BASE_LIBS = -lcrypt
@@ -58,9 +58,9 @@ BASE_LIBS = -lcrypt
# which points to ../../imap/c-client. This just reduces the amount of
# noise output on each line when building the package.
#
-CCLIENT_DIR=./c-client
-CCLIENT_INCLUDE=-I $(CCLIENT_DIR)
-CCLIENT_LIB=./$(CCLIENT_DIR)/c-client.a
-CCLIENT_LIBS=./$(CCLIENT_DIR)/c-client.a
+CCLIENT_DIR=${BUILDLINK_PREFIX.imap-uw}
+CCLIENT_INCLUDE=-I $(CCLIENT_DIR)/include/c-client
+CCLIENT_LIB=$(CCLIENT_DIR)/lib/libc-client.a
+CCLIENT_LIBS=$(CCLIENT_DIR)/lib/libc-client.a
CCLIENT_SSL_ENABLE = true
#
@@ -102,8 +102,8 @@ PAM_INCLUDE =
@@ -107,8 +107,8 @@ PAM_INCLUDE =
PAM_LIBS = -lpam
# Kerberos (required if CCLIENT_KERB_ENABLE set)
@ -56,7 +56,7 @@ $NetBSD: patch-aa,v 1.8 2006/10/23 08:31:29 rillig Exp $
# SSL definitions (required if SSL_ENABLE or CCLIENT_SSL_ENABLE set)
#
@@ -127,8 +127,8 @@ DB_INCLUDE=
@@ -132,8 +132,8 @@ DB_INCLUDE=
DB_LIBS=-ldb
# Following suitable for FreeBSD with DB 4 package installed
@ -67,7 +67,7 @@ $NetBSD: patch-aa,v 1.8 2006/10/23 08:31:29 rillig Exp $
############################################################################
@@ -142,16 +142,16 @@ BROOT=
@@ -147,16 +147,16 @@ BROOT=
# Directory, User and group for read-write files: log files, sockets etc
VAR_PREFIX = /var/spool/prayer
@ -89,7 +89,7 @@ $NetBSD: patch-aa,v 1.8 2006/10/23 08:31:29 rillig Exp $
# Access permissions for general objects (wrt above users and groups)
PUBLIC_EXEC = 0755
@@ -164,6 +164,6 @@ PRIVATE_DIR = 0750
@@ -169,6 +169,6 @@ PRIVATE_DIR = 0750
PRIVATE_FILE = 0640
# Location of configuration files and binaries

View file

@ -1,8 +1,17 @@
$NetBSD: patch-ad,v 1.4 2005/01/09 00:07:47 schmonz Exp $
$NetBSD: patch-ad,v 1.5 2007/06/15 23:28:17 wiz Exp $
--- prayer/Makefile.orig 2005-01-06 07:24:44.000000000 -0500
--- prayer/Makefile.orig 2006-04-11 12:31:57.000000000 +0000
+++ prayer/Makefile
@@ -94,8 +94,8 @@ ifeq ($(strip $(CCLIENT_KERB_ENABLE)), t
@@ -12,7 +12,7 @@ endif
# Default list of things to build
BIN = prayer prayer-session prayer-ssl-prune prayer-cyclog prayer-sem-prune \
- prayer-chroot
+ # prayer-chroot
# Enable on the fly compression
ifeq ($(strip $(GZIP_ENABLE)), true)
@@ -102,8 +102,8 @@ ifeq ($(strip $(CCLIENT_KERB_ENABLE)), t
SESSION_LIBS += $(KERB_LIBS)
endif
@ -13,27 +22,34 @@ $NetBSD: patch-ad,v 1.4 2005/01/09 00:07:47 schmonz Exp $
SHARED_OBJS = \
pool.o list.o assoc.o memblock.o buffer.o string.o config.o user_agent.o \
@@ -163,17 +163,17 @@ clean:
@@ -174,21 +174,21 @@ clean:
-rm -f $(BIN) test core *.o *.flc *~ \#*\#
install: all
- $(INSTALL) -o $(RO_USER) -g $(RO_GROUP) -m $(PUBLIC_DIR) -d \
+ $(BSD_INSTALL_DATA_DIR) \
+ $(BSD_INSTALL_PROGRAM_DIR) \
$(BROOT)$(BIN_DIR)
- $(INSTALL) -o $(RO_USER) -g $(RO_GROUP) -m $(PUBLIC_EXEC) \
+ $(BSD_INSTALL_PROGRAM) \
+ $(BSD_INSTALL_PROGRAM) \
prayer $(BROOT)$(BIN_DIR)
- $(INSTALL) -o $(RO_USER) -g $(RO_GROUP) -m $(PUBLIC_EXEC) \
+ $(BSD_INSTALL_PROGRAM) \
- prayer-chroot $(BROOT)$(BIN_DIR)
- $(INSTALL) -o $(RO_USER) -g $(RO_GROUP) -m $(PUBLIC_EXEC) \
+# $(BSD_INSTALL_PROGRAM) \
+# prayer-chroot $(BROOT)$(BIN_DIR)
+ $(BSD_INSTALL_PROGRAM) \
prayer-session $(BROOT)$(BIN_DIR)
- $(INSTALL) -o $(RO_USER) -g $(RO_GROUP) -m $(PUBLIC_EXEC) \
+ $(BSD_INSTALL_PROGRAM) \
+ $(BSD_INSTALL_PROGRAM) \
prayer-ssl-prune $(BROOT)$(BIN_DIR)
- $(INSTALL) -o $(RO_USER) -g $(RO_GROUP) -m $(PUBLIC_EXEC) \
+ $(BSD_INSTALL_PROGRAM) \
+ $(BSD_INSTALL_PROGRAM) \
prayer-sem-prune $(BROOT)$(BIN_DIR)
- $(INSTALL) -o $(RO_USER) -g $(RO_GROUP) -m $(PUBLIC_EXEC) \
+ $(BSD_INSTALL_SCRIPT) \
+ $(BSD_INSTALL_SCRIPT) \
prayer-db-prune $(BROOT)$(BIN_DIR)
- $(INSTALL) -o $(RO_USER) -g $(RO_GROUP) -m $(PUBLIC_EXEC) \
+ $(BSD_INSTALL_SCRIPT) \
prayer-cyclog $(BROOT)$(BIN_DIR)
prayer: $(PRAYER_OBJS)
prayer: $(PRAYER_OBJS) prayer_main.o

View file

@ -1,8 +1,8 @@
$NetBSD: patch-ae,v 1.3 2005/01/09 00:07:47 schmonz Exp $
$NetBSD: patch-ae,v 1.4 2007/06/15 23:28:17 wiz Exp $
--- files/etc/prayer.cf.SRC.orig 2004-04-30 11:02:21.000000000 -0400
--- files/etc/prayer.cf.SRC.orig 2006-04-11 11:13:21.000000000 +0000
+++ files/etc/prayer.cf.SRC
@@ -376,25 +376,25 @@ ispell_path = /usr/bin/ispell
@@ -382,13 +382,13 @@ ispell_path = /usr/bin/ispell
# <login_suffix_path>
# Login page prefix
@ -17,6 +17,11 @@ $NetBSD: patch-ae,v 1.3 2005/01/09 00:07:47 schmonz Exp $
-#login_suffix_path = "$prefix/etc/login_suffix.html"
+#login_suffix_path = "__PKG_SYSCONFDIR__/login_suffix.html"
# Login security: Prayer's front page defaults to a login form.
# If the user does not connect via SSL then this can be changed
@@ -407,16 +407,16 @@ ssl_redirect = FALSE
ssl_required = FALSE
# Session banner (local HTML inserted into each page of login session)
-#session_banner_path = "$prefix/etc/session_banner.html"
+#session_banner_path = "__PKG_SYSCONFDIR__/session_banner.html"

View file

@ -1,16 +1,28 @@
$NetBSD: patch-af,v 1.5 2005/01/09 00:07:47 schmonz Exp $
$NetBSD: patch-af,v 1.6 2007/06/15 23:28:17 wiz Exp $
--- prayer/mydb_db3.c.orig 2004-06-18 11:25:12.000000000 -0400
--- prayer/mydb_db3.c.orig 2006-04-20 10:10:00.000000000 +0000
+++ prayer/mydb_db3.c
@@ -133,9 +133,11 @@ static int myinit(const char *dbdir, int
dbenv->set_verbose(dbenv, DB_VERB_DEADLOCK, 1);
@@ -139,13 +139,23 @@ static int myinit(const char *dbdir, int
dbenv->set_verbose(dbenv, DB_VERB_WAITSFOR, 1);
}
#ifdef DB_VERB_CHKPOINT
+#if DB_VERSION_MAJOR == 4 && DB_VERSION_MINOR < 3
if (CONFIG_DB_VERBOSE > 1) {
dbenv->set_verbose(dbenv, DB_VERB_CHKPOINT, 1);
}
#endif
+#endif
dbenv->set_lk_detect(dbenv, CONFIG_DEADLOCK_DETECTION);
+#if DB_VERSION_MAJOR >= 4
+ r = dbenv->set_lk_max_locks(dbenv, 50000);
+ if (!r)
+ r = dbenv->set_lk_max_lockers(dbenv, 50000);
+ if (!r)
+ r = dbenv->set_lk_max_objects(dbenv, 50000);
+#else
r = dbenv->set_lk_max(dbenv, 50000);
+#endif
if (r) {
log_panic("DBERROR: set_lk_max(): %s", db_strerror(r));
abort();

View file

@ -1,11 +1,11 @@
$NetBSD: patch-ag,v 1.1 2005/01/09 00:07:47 schmonz Exp $
$NetBSD: patch-ag,v 1.2 2007/06/15 23:28:17 wiz Exp $
--- prayer/response.c 2003-04-15 14:00:03.000000000 +0100
+++ prayer/response.c 2005-01-05 18:32:01.000000000 +0000
@@ -694,7 +694,12 @@
--- prayer/response.c.orig 2003-04-15 13:00:03.000000000 +0000
+++ prayer/response.c
@@ -694,7 +694,12 @@ response_file(struct request *request,
} else
bputs(b, "Content-Type: text/plain" CRLF);
- bprintf(b, "Content-Length: %lu" CRLF, sbuf.st_size);
+ /* Hack: cast sbuf.st_size to long here as we are only dealing
+ * with small files. Otherwise, we will send "Content-Length: 0"
@ -13,7 +13,6 @@ $NetBSD: patch-ag,v 1.1 2005/01/09 00:07:47 schmonz Exp $
+ * which confuses browsers.
+ */
+ bprintf(b, "Content-Length: %lu" CRLF, (long)sbuf.st_size);
/* Following stolen from Apache:
*