Update to 1.0.18.

Fix build problem with db4 following a hint by obache@ 04/09/2006 ========== Release: Prayer 1.0.18 Important Security fix: os_connect_unix() had a strcpy() which should have been strncpy() to prevent buffer overrun. Prayer 1.0.17 was mostly safe. By 28/06/2006 ============= Release: Prayer 1.0.17 Fix small foulup wuth gethostbyname() calculations when binding Prayer to specific interfaces. Cleanups to stop char vs unsigned char warnings with latest c-client. Make sure that all internal draft messages consistently use CRLF. Security audit for Prayer frontend following attack: Optional Chroot environment (See chroot options in config file). Stripped out debugging code. 04/11/2005 ========== Fix small foulups with abook_lookup: Couldn't add last address to existing draft. Block LDAP metacharacters from search. By 13/06/2005 ============= Release: Prayer 1.0.16 Fix silly bug when replying to multipart messages where the main message and the text/plain subpart have different encoding (missing mail_body call). Add a limit_vm backstop to stop single runaway process from taking over the system. By 10/06/2005 ============= Release: Prayer 1.0.15 (1.0.13 and 14 internal releases only). list screen doesn't set "current" message to middle of range. Means that switching between various sort modes works more consistently. Go fishing for text/plain or failing that text/html bodypart within top level of multipart/mixed or multipart/alternate message when replying to a message. Behaviour should now be consistent with cmd_forward and cmd_display. Include LDAP and local finger database lookups (latter for Cambridge use only) Addressbook screen: Addressbook sort (can be set on Manage => Preferences => Display) Addressbook bulk removal Import and Export CSV (Outlook) format address screen Spellcheck: Support native aspell as well as ispell, aspell in ispell compatibility mode. Means that Quoted text is not checked if the following is set: Manage => Preferences => Extra Compose => Skip quoted text on spell check By 09/08/2005 ============= Spam whitelist Test the Referer header on login. Two independant prayer.cf options: referer_block_invalid and referer_log_invalid Test the Referer: header before performing a /redirect/ action in order to protect against URL redirector abuse Doesn't work with "Save Target As". Remove entirely Confirm on expunge. Cleanup up account_message error reporting so consistent. Fix format=flowed quoting problems. Fix memory leak in mailbox download (2 x size of mail folder) until next transfer or idle shutdown. 25/01/2005 ========== line_wrap_on_send preference not used by draft_init(). Fixed problems with multipart/alternate display and forwarding
2007-06-15 23:28:16 +00:00 · 2007-06-15 23:28:16 +00:00 · 0987157b04
commit 0987157b04
parent 7a7bf0611c
8 changed files with 87 additions and 50 deletions
--- a/mail/prayer/Makefile
+++ b/mail/prayer/Makefile
@ -1,8 +1,7 @@
-# $NetBSD: Makefile,v 1.30 2007/06/08 12:25:04 wiz Exp $
+# $NetBSD: Makefile,v 1.31 2007/06/15 23:28:16 wiz Exp $
 #

-DISTNAME=	prayer-1.0.12
-PKGREVISION=	5
+DISTNAME=	prayer-1.0.18
 CATEGORIES=	mail www
 MASTER_SITES=	ftp://ftp.csx.cam.ac.uk/pub/software/email/prayer/

@ -46,11 +45,13 @@ FILES_SUBST+=	VAR_PREFIX=${VAR_PREFIX:Q}
 post-patch:
 	${FIND} ${WRKSRC} -name CVS -type d -print | ${SORT} -r | \
 		${XARGS} ${RM} -r
+	cp ${WRKSRC}/defaults/Config ${WRKSRC}

 pre-install:
 	${INSTALL_DATA_DIR} ${EGDIR}

 .include "../../databases/db4/buildlink3.mk"
+.include "../../databases/openldap-client/buildlink3.mk"
 .include "../../devel/zlib/buildlink3.mk"
 .include "../../mail/imap-uw/buildlink3.mk"
 .include "../../security/openssl/buildlink3.mk"
--- a/mail/prayer/PLIST
+++ b/mail/prayer/PLIST
@ -1,6 +1,7 @@
-@comment $NetBSD: PLIST,v 1.8 2006/02/19 09:24:53 wiz Exp $
+@comment $NetBSD: PLIST,v 1.9 2007/06/15 23:28:16 wiz Exp $
 sbin/prayer
 sbin/prayer-cyclog
+sbin/prayer-db-prune
 sbin/prayer-sem-prune
 sbin/prayer-session
 sbin/prayer-ssl-prune
@ -11,7 +12,10 @@ share/examples/prayer/welcome.html
 share/examples/rc.d/prayer
 share/prayer/help/abook_add.html
 share/prayer/help/abook_list.html
+share/prayer/help/abook_lookup.html
 share/prayer/help/abook_search.html
+share/prayer/help/abook_take.html
+share/prayer/help/abook_update.html
 share/prayer/help/abook_xfer.html
 share/prayer/help/attachments.html
 share/prayer/help/block.html
--- a/mail/prayer/distinfo
+++ b/mail/prayer/distinfo
@ -1,14 +1,14 @@
-$NetBSD: distinfo,v 1.12 2006/10/23 08:31:29 rillig Exp $
+$NetBSD: distinfo,v 1.13 2007/06/15 23:28:16 wiz Exp $

-SHA1 (prayer-1.0.12.tar.gz) = 8ea568f9e0e1fe925102e80451b3c9432f5fed15
-RMD160 (prayer-1.0.12.tar.gz) = 76edc3896d0936c87378f848334bc42d648317f3
-Size (prayer-1.0.12.tar.gz) = 544239 bytes
-SHA1 (patch-aa) = 715cc47f3f9708e3f97f5b58b4f5bf307c7806bd
+SHA1 (prayer-1.0.18.tar.gz) = ab90f9bfac568ed93993beff745f1433d20f1dcc
+RMD160 (prayer-1.0.18.tar.gz) = bbe26134c69fd70026fd207f8ca0edcd24da7f74
+Size (prayer-1.0.18.tar.gz) = 566168 bytes
+SHA1 (patch-aa) = aa28cf4a598d9c8c3bf14dc9f0034ab16dccec06
 SHA1 (patch-ab) = 72f6b8768303222a8798ca07e83efccdefa8fe25
 SHA1 (patch-ac) = b7df87589bdc2fd2894f2028652e01aa0c181fa1
-SHA1 (patch-ad) = bd8f517d5bede0fd3d3f4e9a108cd0cd99d7c8ab
-SHA1 (patch-ae) = a04d4206e9b671be0fdce73a5093fb18778a1052
-SHA1 (patch-af) = 730ee832fcb6464d7909ff9f048d7c57ce86aba8
-SHA1 (patch-ag) = d932eeb11171da4084eb56e097a7880e67a18561
+SHA1 (patch-ad) = a4d60d312012be24308405b3668edb4931892c06
+SHA1 (patch-ae) = 378adaf7a2153a54824b60ee50b7a8a4591188ff
+SHA1 (patch-af) = bc3b5b7181da0646995955245b2d9d4cc8032eed
+SHA1 (patch-ag) = 2899392ad6a852dad0ccfdbea2c1a6a8f7c5feb7
 SHA1 (patch-ah) = 7197f80ad71700276c79666090b62628c128ca21
 SHA1 (patch-ai) = 0b3edeea78d16c3792d540ea0a92943ed0bb7583
--- a/mail/prayer/patches/patch-aa
+++ b/mail/prayer/patches/patch-aa
@ -1,8 +1,8 @@
-$NetBSD: patch-aa,v 1.8 2006/10/23 08:31:29 rillig Exp $
+$NetBSD: patch-aa,v 1.9 2007/06/15 23:28:17 wiz Exp $

--- Config.orig	2005-01-06 13:51:08.000000000 +0100
-+++ Config	2006-10-23 10:21:43.000000000 +0200
-@@ -15,9 +15,9 @@ DIRECT_ENABLE        = false  # Experime
+--- defaults/Config.orig	2006-04-05 12:35:35.000000000 +0000
+++ defaults/Config
+@@ -16,9 +16,9 @@ DIRECT_ENABLE        = false  # Experime
 MUTEX_SEMAPHORE      = false  # Use SYSV mutexes rather than file locking
 
 # Following depend on the way that you have configured c-client
@ -15,7 +15,7 @@ $NetBSD: patch-aa,v 1.8 2006/10/23 08:31:29 rillig Exp $
 
 # Probably don't need the following
 ACCOUNTD_ENABLE      = false  # Only of use in Cambridge at the moment.
-@@ -31,13 +31,13 @@ CC           = gcc
+@@ -32,13 +32,13 @@ CC           = gcc
 # Location of make program (GNU make required)
 MAKE         = gmake
 # Location of install program (GNU install or compatible required)
@ -32,20 +32,20 @@ $NetBSD: patch-aa,v 1.8 2006/10/23 08:31:29 rillig Exp $
 BASE_LIBS    = -lcrypt
 
 # Base Compiler options for Sun SUNWspro compiler
-@@ -57,9 +57,9 @@ BASE_LIBS    = -lcrypt
+@@ -58,9 +58,9 @@ BASE_LIBS    = -lcrypt
 # which points to ../../imap/c-client. This just reduces the amount of
 # noise output on each line when building the package.
 #
 -CCLIENT_DIR=./c-client
 -CCLIENT_INCLUDE=-I $(CCLIENT_DIR)
-CCLIENT_LIB=./$(CCLIENT_DIR)/c-client.a
+-CCLIENT_LIBS=./$(CCLIENT_DIR)/c-client.a
 +CCLIENT_DIR=${BUILDLINK_PREFIX.imap-uw}
 +CCLIENT_INCLUDE=-I $(CCLIENT_DIR)/include/c-client
-+CCLIENT_LIB=$(CCLIENT_DIR)/lib/libc-client.a
+CCLIENT_LIBS=$(CCLIENT_DIR)/lib/libc-client.a
 CCLIENT_SSL_ENABLE  = true
 
 #
-@@ -102,8 +102,8 @@ PAM_INCLUDE =
+@@ -107,8 +107,8 @@ PAM_INCLUDE =
 PAM_LIBS    = -lpam
 
 # Kerberos (required if CCLIENT_KERB_ENABLE set)
@ -56,7 +56,7 @@ $NetBSD: patch-aa,v 1.8 2006/10/23 08:31:29 rillig Exp $
 
 # SSL definitions (required if SSL_ENABLE or CCLIENT_SSL_ENABLE set)
 #
-@@ -127,8 +127,8 @@ DB_INCLUDE=
+@@ -132,8 +132,8 @@ DB_INCLUDE=
 DB_LIBS=-ldb
 
 # Following suitable for FreeBSD with DB 4 package installed
@ -67,7 +67,7 @@ $NetBSD: patch-aa,v 1.8 2006/10/23 08:31:29 rillig Exp $
 
 ############################################################################
 
-@@ -142,16 +142,16 @@ BROOT=
+@@ -147,16 +147,16 @@ BROOT=
 
 # Directory, User and group for read-write files: log files, sockets etc
 VAR_PREFIX = /var/spool/prayer
@ -89,7 +89,7 @@ $NetBSD: patch-aa,v 1.8 2006/10/23 08:31:29 rillig Exp $
 
 # Access permissions for general objects (wrt above users and groups)
 PUBLIC_EXEC  = 0755
-@@ -164,6 +164,6 @@ PRIVATE_DIR  = 0750
+@@ -169,6 +169,6 @@ PRIVATE_DIR  = 0750
 PRIVATE_FILE = 0640
 
 # Location of configuration files and binaries
--- a/mail/prayer/patches/patch-ad
+++ b/mail/prayer/patches/patch-ad
@ -1,8 +1,17 @@
-$NetBSD: patch-ad,v 1.4 2005/01/09 00:07:47 schmonz Exp $
+$NetBSD: patch-ad,v 1.5 2007/06/15 23:28:17 wiz Exp $

--- prayer/Makefile.orig	2005-01-06 07:24:44.000000000 -0500
+--- prayer/Makefile.orig	2006-04-11 12:31:57.000000000 +0000
 +++ prayer/Makefile
-@@ -94,8 +94,8 @@ ifeq ($(strip $(CCLIENT_KERB_ENABLE)), t
+@@ -12,7 +12,7 @@ endif
+ 
+ # Default list of things to build
+ BIN = prayer prayer-session prayer-ssl-prune prayer-cyclog prayer-sem-prune \
+-  prayer-chroot
+  # prayer-chroot
+ 
+ # Enable on the fly compression
+ ifeq ($(strip $(GZIP_ENABLE)), true)
+@@ -102,8 +102,8 @@ ifeq ($(strip $(CCLIENT_KERB_ENABLE)), t
   SESSION_LIBS += $(KERB_LIBS)
 endif
 
@ -13,27 +22,34 @@ $NetBSD: patch-ad,v 1.4 2005/01/09 00:07:47 schmonz Exp $
 
 SHARED_OBJS = \
  pool.o list.o assoc.o memblock.o buffer.o string.o config.o user_agent.o \
-@@ -163,17 +163,17 @@ clean:
+@@ -174,21 +174,21 @@ clean:
 	-rm -f $(BIN) test core *.o *.flc *~ \#*\#
 
 install: all
 -	$(INSTALL) -o $(RO_USER) -g $(RO_GROUP) -m $(PUBLIC_DIR) -d \
-+	$(BSD_INSTALL_DATA_DIR) \
+	$(BSD_INSTALL_PROGRAM_DIR) \
 	  $(BROOT)$(BIN_DIR)
 -	$(INSTALL) -o $(RO_USER) -g $(RO_GROUP) -m $(PUBLIC_EXEC) \
-+	$(BSD_INSTALL_PROGRAM)  \
+	$(BSD_INSTALL_PROGRAM) \
 	  prayer           $(BROOT)$(BIN_DIR)
 -	$(INSTALL) -o $(RO_USER) -g $(RO_GROUP) -m $(PUBLIC_EXEC) \
-+	$(BSD_INSTALL_PROGRAM)  \
+-	  prayer-chroot           $(BROOT)$(BIN_DIR)
+-	$(INSTALL) -o $(RO_USER) -g $(RO_GROUP) -m $(PUBLIC_EXEC) \
+#	$(BSD_INSTALL_PROGRAM) \
+#	  prayer-chroot           $(BROOT)$(BIN_DIR)
+	$(BSD_INSTALL_PROGRAM) \
 	  prayer-session   $(BROOT)$(BIN_DIR)
 -	$(INSTALL) -o $(RO_USER) -g $(RO_GROUP) -m $(PUBLIC_EXEC) \
-+	$(BSD_INSTALL_PROGRAM)  \
+	$(BSD_INSTALL_PROGRAM) \
 	  prayer-ssl-prune $(BROOT)$(BIN_DIR)
 -	$(INSTALL) -o $(RO_USER) -g $(RO_GROUP) -m $(PUBLIC_EXEC) \
-+	$(BSD_INSTALL_PROGRAM)  \
+	$(BSD_INSTALL_PROGRAM) \
 	  prayer-sem-prune $(BROOT)$(BIN_DIR)
 -	$(INSTALL) -o $(RO_USER) -g $(RO_GROUP) -m $(PUBLIC_EXEC) \
-+	$(BSD_INSTALL_SCRIPT)  \
+	$(BSD_INSTALL_SCRIPT) \
+ 	  prayer-db-prune $(BROOT)$(BIN_DIR)
+-	$(INSTALL) -o $(RO_USER) -g $(RO_GROUP) -m $(PUBLIC_EXEC) \
+	$(BSD_INSTALL_SCRIPT) \
 	  prayer-cyclog    $(BROOT)$(BIN_DIR)
 
- prayer: $(PRAYER_OBJS)
+ prayer: $(PRAYER_OBJS) prayer_main.o
--- a/mail/prayer/patches/patch-ae
+++ b/mail/prayer/patches/patch-ae
@ -1,8 +1,8 @@
-$NetBSD: patch-ae,v 1.3 2005/01/09 00:07:47 schmonz Exp $
+$NetBSD: patch-ae,v 1.4 2007/06/15 23:28:17 wiz Exp $

--- files/etc/prayer.cf.SRC.orig	2004-04-30 11:02:21.000000000 -0400
+--- files/etc/prayer.cf.SRC.orig	2006-04-11 11:13:21.000000000 +0000
 +++ files/etc/prayer.cf.SRC
-@@ -376,25 +376,25 @@ ispell_path         = /usr/bin/ispell
+@@ -382,13 +382,13 @@ ispell_path         = /usr/bin/ispell
 #  <login_suffix_path>
 
 # Login page prefix
@ -17,6 +17,11 @@ $NetBSD: patch-ae,v 1.3 2005/01/09 00:07:47 schmonz Exp $
 -#login_suffix_path   = "$prefix/etc/login_suffix.html"
 +#login_suffix_path   = "__PKG_SYSCONFDIR__/login_suffix.html"
 
+ # Login security: Prayer's front page defaults to a login form.
+ # If the user does not connect via SSL then this can be changed
+@@ -407,16 +407,16 @@ ssl_redirect        = FALSE
+ ssl_required        = FALSE
+ 
 # Session banner (local HTML inserted into each page of login session)
 -#session_banner_path = "$prefix/etc/session_banner.html"
 +#session_banner_path = "__PKG_SYSCONFDIR__/session_banner.html"
--- a/mail/prayer/patches/patch-af
+++ b/mail/prayer/patches/patch-af
@ -1,16 +1,28 @@
-$NetBSD: patch-af,v 1.5 2005/01/09 00:07:47 schmonz Exp $
+$NetBSD: patch-af,v 1.6 2007/06/15 23:28:17 wiz Exp $

--- prayer/mydb_db3.c.orig	2004-06-18 11:25:12.000000000 -0400
+--- prayer/mydb_db3.c.orig	2006-04-20 10:10:00.000000000 +0000
 +++ prayer/mydb_db3.c
-@@ -133,9 +133,11 @@ static int myinit(const char *dbdir, int
-     dbenv->set_verbose(dbenv, DB_VERB_DEADLOCK, 1);
+@@ -139,13 +139,23 @@ static int myinit(const char *dbdir, int
     dbenv->set_verbose(dbenv, DB_VERB_WAITSFOR, 1);
   }
+ #ifdef DB_VERB_CHKPOINT
 +#if DB_VERSION_MAJOR == 4 && DB_VERSION_MINOR < 3
   if (CONFIG_DB_VERBOSE > 1) {
     dbenv->set_verbose(dbenv, DB_VERB_CHKPOINT, 1);
   }
+ #endif
 +#endif
   dbenv->set_lk_detect(dbenv, CONFIG_DEADLOCK_DETECTION);
 
+#if DB_VERSION_MAJOR >= 4
+  r = dbenv->set_lk_max_locks(dbenv, 50000);
+  if (!r)
+    r = dbenv->set_lk_max_lockers(dbenv, 50000);
+  if (!r)
+    r = dbenv->set_lk_max_objects(dbenv, 50000);
+#else
   r = dbenv->set_lk_max(dbenv, 50000);
+#endif
+   if (r) {
+     log_panic("DBERROR: set_lk_max(): %s", db_strerror(r));
+     abort();
--- a/mail/prayer/patches/patch-ag
+++ b/mail/prayer/patches/patch-ag
@ -1,11 +1,11 @@
-$NetBSD: patch-ag,v 1.1 2005/01/09 00:07:47 schmonz Exp $
+$NetBSD: patch-ag,v 1.2 2007/06/15 23:28:17 wiz Exp $

--- prayer/response.c	2003-04-15 14:00:03.000000000 +0100
-+++ prayer/response.c	2005-01-05 18:32:01.000000000 +0000
-@@ -694,7 +694,12 @@
+--- prayer/response.c.orig	2003-04-15 13:00:03.000000000 +0000
+++ prayer/response.c
+@@ -694,7 +694,12 @@ response_file(struct request *request,
     } else
         bputs(b, "Content-Type: text/plain" CRLF);
-
+ 
 -    bprintf(b, "Content-Length: %lu" CRLF, sbuf.st_size);
 +    /* Hack: cast sbuf.st_size to long here as we are only dealing
 +     * with small files.  Otherwise, we will send "Content-Length: 0"
@ -13,7 +13,6 @@ $NetBSD: patch-ag,v 1.1 2005/01/09 00:07:47 schmonz Exp $
 +     * which confuses browsers.
 +     */
 +    bprintf(b, "Content-Length: %lu" CRLF, (long)sbuf.st_size);
-
+ 
     /* Following stolen from Apache:
      *
-