View | Details | Raw Unified | Return to bug 244440
Collapse All | Expand All

(-)mail/rspamd/Makefile (-2 / +1 lines)
Lines 1-7 Link Here
1
# $FreeBSD$
1
# $FreeBSD$
2
2
3
PORTNAME=	rspamd
3
PORTNAME=	rspamd
4
PORTVERSION=	2.3
4
PORTVERSION=	2.4
5
CATEGORIES=	mail
5
CATEGORIES=	mail
6
6
7
MAINTAINER=	vsevolod@FreeBSD.org
7
MAINTAINER=	vsevolod@FreeBSD.org
Lines 84-90 Link Here
84
	# Linux specific
84
	# Linux specific
85
	${RM} ${STAGEDIR}/${ETCDIR}/rspamd.systemd.conf
85
	${RM} ${STAGEDIR}/${ETCDIR}/rspamd.systemd.conf
86
	${RM} ${STAGEDIR}/${ETCDIR}/rspamd.sysvinit.conf
86
	${RM} ${STAGEDIR}/${ETCDIR}/rspamd.sysvinit.conf
87
	# No examples installed by the port
88
	${INSTALL_DATA} ${WRKDIR}/rspamd.newsyslog.conf.sample ${STAGEDIR}${ETCDIR}
87
	${INSTALL_DATA} ${WRKDIR}/rspamd.newsyslog.conf.sample ${STAGEDIR}${ETCDIR}
89
	@${MKDIR} ${STAGEDIR}${PREFIX}/etc/newsyslog.conf.d
88
	@${MKDIR} ${STAGEDIR}${PREFIX}/etc/newsyslog.conf.d
90
	${LN} -s ${ETCDIR}/rspamd.newsyslog.conf ${STAGEDIR}${PREFIX}/etc/newsyslog.conf.d
89
	${LN} -s ${ETCDIR}/rspamd.newsyslog.conf ${STAGEDIR}${PREFIX}/etc/newsyslog.conf.d
(-)mail/rspamd/distinfo (-3 / +3 lines)
Lines 1-3 Link Here
1
TIMESTAMP = 1580833267
1
TIMESTAMP = 1582747300
2
SHA256 (rspamd-rspamd-2.3_GH0.tar.gz) = 994f737875b6159225384606076798687a529336d66496781a83de9164b6d41b
2
SHA256 (rspamd-rspamd-2.4_GH0.tar.gz) = 3b4e7171d1d45e8fe4bba59b3f47fed55c1f63ef9f3a191fe9e22cc6c1204d9d
3
SIZE (rspamd-rspamd-2.3_GH0.tar.gz) = 4409924
3
SIZE (rspamd-rspamd-2.4_GH0.tar.gz) = 4462119
(-)mail/rspamd/files/patch-fips (-69 lines)
Lines 1-69 Link Here
1
From 963657514d24c29604e0b873c17dcee0d3efd345 Mon Sep 17 00:00:00 2001
2
From: Vsevolod Stakhov <vsevolod@highsecure.ru>
3
Date: Fri, 7 Feb 2020 13:18:32 +0000
4
Subject: [PATCH] [Minor] Add explicit checks for FIPS mode presence
5
6
---
7
 CMakeLists.txt     | 11 +++++++++++
8
 config.h.in        |  1 +
9
 src/libutil/util.c |  4 ++++
10
 3 files changed, 16 insertions(+)
11
12
diff --git a/CMakeLists.txt b/CMakeLists.txt
13
index 29986a740..a41dd8abb 100644
14
--- CMakeLists.txt.orig
15
+++ CMakeLists.txt
16
@@ -331,8 +331,19 @@ CHECK_SYMBOL_EXISTS(I_SETSIG "sys/types.h;sys/ioctl.h" HAVE_SETSIG)
17
 CHECK_SYMBOL_EXISTS(O_ASYNC "sys/types.h;sys/fcntl.h" HAVE_OASYNC)
18
 CHECK_SYMBOL_EXISTS(O_NOFOLLOW "sys/types.h;sys/fcntl.h" HAVE_ONOFOLLOW)
19
 CHECK_SYMBOL_EXISTS(O_CLOEXEC "sys/types.h;sys/fcntl.h" HAVE_OCLOEXEC)
20
+
21
+# OpenSSL specific stuff
22
 LIST(APPEND CMAKE_REQUIRED_INCLUDES "${LIBSSL_INCLUDE}")
23
+IF(LIBCRYPT_LIBRARY_PATH)
24
+	SET(CMAKE_REQUIRED_LIBRARIES "${CMAKE_REQUIRED_LIBRARIES};-L${LIBCRYPT_LIBRARY_PATH};${LIBCRYPT_LIBRARY}")
25
+	SET(CMAKE_REQUIRED_LIBRARIES "${CMAKE_REQUIRED_LIBRARIES};-L${LIBSSL_LIBRARY_PATH};${LIBSSL_LIBRARY}")
26
+ELSE()
27
+	SET(CMAKE_REQUIRED_LIBRARIES "${CMAKE_REQUIRED_LIBRARIES};-lcrypt;-lssl")
28
+ENDIF()
29
+
30
 CHECK_SYMBOL_EXISTS(SSL_set_tlsext_host_name "openssl/ssl.h" HAVE_SSL_TLSEXT_HOSTNAME)
31
+CHECK_SYMBOL_EXISTS(FIPS_mode "openssl/crypto.h" HAVE_FIPS_MODE)
32
+
33
 CHECK_SYMBOL_EXISTS(dirfd "sys/types.h;unistd.h;dirent.h" HAVE_DIRFD)
34
 CHECK_SYMBOL_EXISTS(fpathconf "sys/types.h;unistd.h" HAVE_FPATHCONF)
35
 CHECK_SYMBOL_EXISTS(sigaltstack "signal.h" HAVE_SIGALTSTACK)
36
diff --git a/config.h.in b/config.h.in
37
index c2d73a0a9..b3aefd980 100644
38
--- config.h.in.orig
39
+++ config.h.in
40
@@ -32,6 +32,7 @@
41
 #cmakedefine HAVE_FCNTL_H        1
42
 #cmakedefine HAVE_FDATASYNC      1
43
 #cmakedefine HAVE_FETCH_H        1
44
+#cmakedefine HAVE_FIPS_MODE      1
45
 #cmakedefine HAVE_FLOCK          1
46
 #cmakedefine HAVE_FPATHCONF      1
47
 #cmakedefine HAVE_GETPAGESIZE    1
48
diff --git a/src/libutil/util.c b/src/libutil/util.c
49
index 3256becb9..119082964 100644
50
--- src/libutil/util.c.orig
51
+++ src/libutil/util.c
52
@@ -2484,6 +2484,7 @@ rspamd_config_libs (struct rspamd_external_libs_ctx *ctx,
53
 		}
54
 
55
 		if (cfg->fips_mode) {
56
+#ifdef HAVE_FIPS_MODE
57
 			int mode = FIPS_mode ();
58
 			unsigned long err = (unsigned long)-1;
59
 
60
@@ -2505,6 +2506,9 @@ rspamd_config_libs (struct rspamd_external_libs_ctx *ctx,
61
 			else {
62
 				msg_info_config ("OpenSSL FIPS mode is enabled");
63
 			}
64
+#else
65
+			msg_warn_config ("SSL FIPS mode is enabled but not supported by OpenSSL library!");
66
+#endif
67
 		}
68
 
69
 		if (cfg->ssl_ca_path) {
(-)mail/rspamd/pkg-plist (+1 lines)
Lines 199-204 Link Here
199
%%DATADIR%%/lualib/lua_smtp.lua
199
%%DATADIR%%/lualib/lua_smtp.lua
200
%%DATADIR%%/lualib/lua_stat.lua
200
%%DATADIR%%/lualib/lua_stat.lua
201
%%DATADIR%%/lualib/lua_tcp_sync.lua
201
%%DATADIR%%/lualib/lua_tcp_sync.lua
202
%%DATADIR%%/lualib/lua_urls_compose.lua
202
%%DATADIR%%/lualib/lua_util.lua
203
%%DATADIR%%/lualib/lua_util.lua
203
%%DATADIR%%/lualib/lua_verdict.lua
204
%%DATADIR%%/lualib/lua_verdict.lua
204
%%DATADIR%%/lualib/lupa.lua
205
%%DATADIR%%/lualib/lupa.lua

Return to bug 244440