Date: Friday, March 10, 2017 @ 15:42:28 Author: bluewind Revision: 290503
archrelease: copy trunk to staging-i686, staging-x86_64 Added: spamassassin/repos/staging-i686/ spamassassin/repos/staging-i686/PKGBUILD (from rev 290502, spamassassin/trunk/PKGBUILD) spamassassin/repos/staging-i686/bug_828552-openssl-1.1.0.patch (from rev 290502, spamassassin/trunk/bug_828552-openssl-1.1.0.patch) spamassassin/repos/staging-i686/disable-sslv3.patch (from rev 290502, spamassassin/trunk/disable-sslv3.patch) spamassassin/repos/staging-i686/net-dns-1.01-compat-uribl.patch (from rev 290502, spamassassin/trunk/net-dns-1.01-compat-uribl.patch) spamassassin/repos/staging-i686/net-dns-1.01-compat.patch (from rev 290502, spamassassin/trunk/net-dns-1.01-compat.patch) spamassassin/repos/staging-i686/spamassassin.install (from rev 290502, spamassassin/trunk/spamassassin.install) spamassassin/repos/staging-i686/spamassassin.service (from rev 290502, spamassassin/trunk/spamassassin.service) spamassassin/repos/staging-x86_64/ spamassassin/repos/staging-x86_64/PKGBUILD (from rev 290502, spamassassin/trunk/PKGBUILD) spamassassin/repos/staging-x86_64/bug_828552-openssl-1.1.0.patch (from rev 290502, spamassassin/trunk/bug_828552-openssl-1.1.0.patch) spamassassin/repos/staging-x86_64/disable-sslv3.patch (from rev 290502, spamassassin/trunk/disable-sslv3.patch) spamassassin/repos/staging-x86_64/net-dns-1.01-compat-uribl.patch (from rev 290502, spamassassin/trunk/net-dns-1.01-compat-uribl.patch) spamassassin/repos/staging-x86_64/net-dns-1.01-compat.patch (from rev 290502, spamassassin/trunk/net-dns-1.01-compat.patch) spamassassin/repos/staging-x86_64/spamassassin.install (from rev 290502, spamassassin/trunk/spamassassin.install) spamassassin/repos/staging-x86_64/spamassassin.service (from rev 290502, spamassassin/trunk/spamassassin.service) ------------------------------------------------+ staging-i686/PKGBUILD | 73 +++ staging-i686/bug_828552-openssl-1.1.0.patch | 453 +++++++++++++++++++++++ staging-i686/disable-sslv3.patch | 276 ++++++++++++++ staging-i686/net-dns-1.01-compat-uribl.patch | 27 + staging-i686/net-dns-1.01-compat.patch | 14 staging-i686/spamassassin.install | 32 + staging-i686/spamassassin.service | 12 staging-x86_64/PKGBUILD | 73 +++ staging-x86_64/bug_828552-openssl-1.1.0.patch | 453 +++++++++++++++++++++++ staging-x86_64/disable-sslv3.patch | 276 ++++++++++++++ staging-x86_64/net-dns-1.01-compat-uribl.patch | 27 + staging-x86_64/net-dns-1.01-compat.patch | 14 staging-x86_64/spamassassin.install | 32 + staging-x86_64/spamassassin.service | 12 14 files changed, 1774 insertions(+) Copied: spamassassin/repos/staging-i686/PKGBUILD (from rev 290502, spamassassin/trunk/PKGBUILD) =================================================================== --- staging-i686/PKGBUILD (rev 0) +++ staging-i686/PKGBUILD 2017-03-10 15:42:28 UTC (rev 290503) @@ -0,0 +1,73 @@ +# $Id$ +# Maintainer: Florian Pritz <bluew...@xinu.at> +# Contributor: Dale Blount <d...@archlinux.org> +# Contributor: Manolis Tzanidakis +pkgname=spamassassin +pkgver=3.4.1 +pkgrel=5 +pkgdesc="A mail filter to identify spam." +arch=('i686' 'x86_64') +license=('APACHE') +url="http://spamassassin.apache.org" +depends=('openssl' 'zlib' 're2c' 'perl-net-dns' 'perl-io-socket-ssl' + 'perl-libwww' 'perl-mail-spf' 'perl-http-message' 'perl-net-http' + 'perl-io-socket-inet6' 'perl-mail-dkim' 'perl-crypt-ssleay') +makedepends=('razor' 'perl-dbi') +optdepends=('razor: to identify collaborately-flagged spam') +backup=('etc/mail/spamassassin/local.cf' + 'etc/mail/spamassassin/init.pre' + 'etc/mail/spamassassin/v310.pre' + 'etc/mail/spamassassin/v312.pre' + 'etc/mail/spamassassin/v320.pre' + 'etc/mail/spamassassin/v330.pre') +install="${pkgname}.install" +source=("http://www.us.apache.org/dist/${pkgname}/source/Mail-SpamAssassin-${pkgver}.tar.gz"{,.asc} + 'spamassassin.service' net-dns-1.01-compat.patch net-dns-1.01-compat-uribl.patch disable-sslv3.patch 'bug_828552-openssl-1.1.0.patch') +validpgpkeys=(D8099BC79E17D7E49BC21E31FDE52F40F7D39814) +md5sums=('76eca1f38c11635d319e62c26d5b034b' + 'SKIP' + '8adce028f25387ac3bc4dba697d209ed' + '63458976671c35f423bd4e8033cfff3a' + '14f2e3dc93c560d6b5a7fd7d54e44e11' + 'e6aeeae9828f305db72abb8707312ee7' + '8de3e540060b5a0dce23d12420cb7902') + +prepare() { + cd "${srcdir}/Mail-SpamAssassin-${pkgver}" + + sed -i t/sa_compile.t \ + -e 's#^my $temp_binpath = $Config{sitebinexp};#my $temp_binpath = "/bin/site_perl/";#' + + patch -i "$srcdir/net-dns-1.01-compat.patch" -p3 + patch -i "$srcdir/net-dns-1.01-compat-uribl.patch" -p3 + + # From Debian + patch -i "$srcdir/disable-sslv3.patch" -p1 + patch -i "$srcdir/bug_828552-openssl-1.1.0.patch" -p1 +} + +build() { + cd "${srcdir}/Mail-SpamAssassin-${pkgver}" + + # install module in vendor directories. + PERL_MM_USE_DEFAULT=1 perl Makefile.PL INSTALLDIRS=vendor \ + CONTACT_ADDRESS=root@localhost ENABLE_SSL=yes PERL_TAINT=no + make +} + +check() { + cd "${srcdir}/Mail-SpamAssassin-${pkgver}" + + # parallel tests cause lots of failures; disable for now + #export HARNESS_OPTIONS="j$(echo $MAKEFLAGS | sed 's/.*-j\([0-9][0-9]*\).*/\1/')" + + make test +} + +package() { + cd "${srcdir}/Mail-SpamAssassin-${pkgver}" + make DESTDIR="${pkgdir}" install + + install -D -m644 "${srcdir}/spamassassin.service" "${pkgdir}/usr/lib/systemd/system/spamassassin.service" + install -d -o 182 -g 182 -m 755 "$pkgdir/var/lib/spamassassin" +} Copied: spamassassin/repos/staging-i686/bug_828552-openssl-1.1.0.patch (from rev 290502, spamassassin/trunk/bug_828552-openssl-1.1.0.patch) =================================================================== --- staging-i686/bug_828552-openssl-1.1.0.patch (rev 0) +++ staging-i686/bug_828552-openssl-1.1.0.patch 2017-03-10 15:42:28 UTC (rev 290503) @@ -0,0 +1,453 @@ +From: Sebastian Andrzej Siewior <sebast...@breakpoint.cc> +Date: Thu, 22 Sep 2016 11:19:42 +0000 +Subject: [PATCH] spamassassin: get it compiled against openssl 1.1.0 + +CRYPTO_lock was part of the old locking API which got removed. I picked +a different symbol. + +Signed-off-by: Sebastian Andrzej Siewior <sebast...@breakpoint.cc> +--- + spamc/configure | 22 +++++++++++----------- + spamc/configure.in | 2 +- + 2 files changed, 12 insertions(+), 12 deletions(-) + +Index: spamassassin-3.4.1/spamc/configure +=================================================================== +--- spamassassin-3.4.1.orig/spamc/configure ++++ spamassassin-3.4.1/spamc/configure +@@ -943,7 +943,7 @@ esac + else + echo "$as_me: WARNING: no configuration information is in $ac_dir" >&2 + fi +- cd "$ac_popdir" ++ cd $ac_popdir + done + fi + +@@ -1874,7 +1874,8 @@ if { (eval echo "$as_me:$LINENO: \"$ac_c + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && +- { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' ++ { ac_try='test -z "$ac_c_werror_flag" ++ || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? +@@ -1932,7 +1933,8 @@ if { (eval echo "$as_me:$LINENO: \"$ac_c + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && +- { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' ++ { ac_try='test -z "$ac_c_werror_flag" ++ || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? +@@ -2048,7 +2050,8 @@ if { (eval echo "$as_me:$LINENO: \"$ac_c + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && +- { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' ++ { ac_try='test -z "$ac_c_werror_flag" ++ || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? +@@ -2102,7 +2105,8 @@ if { (eval echo "$as_me:$LINENO: \"$ac_c + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && +- { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' ++ { ac_try='test -z "$ac_c_werror_flag" ++ || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? +@@ -2147,7 +2151,8 @@ if { (eval echo "$as_me:$LINENO: \"$ac_c + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && +- { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' ++ { ac_try='test -z "$ac_c_werror_flag" ++ || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? +@@ -2191,7 +2196,8 @@ if { (eval echo "$as_me:$LINENO: \"$ac_c + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && +- { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' ++ { ac_try='test -z "$ac_c_werror_flag" ++ || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? +@@ -2523,7 +2529,8 @@ if { (eval echo "$as_me:$LINENO: \"$ac_c + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && +- { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' ++ { ac_try='test -z "$ac_c_werror_flag" ++ || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? +@@ -2693,7 +2700,8 @@ if { (eval echo "$as_me:$LINENO: \"$ac_c + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && +- { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' ++ { ac_try='test -z "$ac_c_werror_flag" ++ || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? +@@ -2764,7 +2772,8 @@ if { (eval echo "$as_me:$LINENO: \"$ac_c + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && +- { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' ++ { ac_try='test -z "$ac_c_werror_flag" ++ || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? +@@ -2917,7 +2926,8 @@ if { (eval echo "$as_me:$LINENO: \"$ac_c + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && +- { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' ++ { ac_try='test -z "$ac_c_werror_flag" ++ || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? +@@ -3069,7 +3079,8 @@ if { (eval echo "$as_me:$LINENO: \"$ac_c + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && +- { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' ++ { ac_try='test -z "$ac_c_werror_flag" ++ || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? +@@ -3260,7 +3271,8 @@ if { (eval echo "$as_me:$LINENO: \"$ac_c + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && +- { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' ++ { ac_try='test -z "$ac_c_werror_flag" ++ || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? +@@ -3323,7 +3335,8 @@ if { (eval echo "$as_me:$LINENO: \"$ac_c + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && +- { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' ++ { ac_try='test -z "$ac_c_werror_flag" ++ || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? +@@ -3388,7 +3401,8 @@ if { (eval echo "$as_me:$LINENO: \"$ac_c + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && +- { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' ++ { ac_try='test -z "$ac_c_werror_flag" ++ || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? +@@ -3491,7 +3505,8 @@ if { (eval echo "$as_me:$LINENO: \"$ac_c + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && +- { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' ++ { ac_try='test -z "$ac_c_werror_flag" ++ || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? +@@ -3557,7 +3572,8 @@ if { (eval echo "$as_me:$LINENO: \"$ac_c + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && +- { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' ++ { ac_try='test -z "$ac_c_werror_flag" ++ || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? +@@ -3628,7 +3644,8 @@ if { (eval echo "$as_me:$LINENO: \"$ac_l + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && +- { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' ++ { ac_try='test -z "$ac_c_werror_flag" ++ || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? +@@ -3666,9 +3683,9 @@ fi + SSLLIBS="" + SSLCFLAGS="" + if test yes = "$sa_ssl_enabled"; then +- echo "$as_me:$LINENO: checking for CRYPTO_lock in -lcrypto" >&5 +-echo $ECHO_N "checking for CRYPTO_lock in -lcrypto... $ECHO_C" >&6 +-if test "${ac_cv_lib_crypto_CRYPTO_lock+set}" = set; then ++ echo "$as_me:$LINENO: checking for CRYPTO_malloc in -lcrypto" >&5 ++echo $ECHO_N "checking for CRYPTO_malloc in -lcrypto... $ECHO_C" >&6 ++if test "${ac_cv_lib_crypto_CRYPTO_malloc+set}" = set; then + echo $ECHO_N "(cached) $ECHO_C" >&6 + else + ac_check_lib_save_LIBS=$LIBS +@@ -3686,11 +3703,11 @@ extern "C" + #endif + /* We use char because int might match the return type of a gcc2 + builtin and then its argument prototype would still apply. */ +-char CRYPTO_lock (); ++char CRYPTO_malloc (); + int + main () + { +-CRYPTO_lock (); ++CRYPTO_malloc (); + ; + return 0; + } +@@ -3704,7 +3721,8 @@ if { (eval echo "$as_me:$LINENO: \"$ac_l + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && +- { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' ++ { ac_try='test -z "$ac_c_werror_flag" ++ || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? +@@ -3716,20 +3734,20 @@ if { (eval echo "$as_me:$LINENO: \"$ac_l + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; }; then +- ac_cv_lib_crypto_CRYPTO_lock=yes ++ ac_cv_lib_crypto_CRYPTO_malloc=yes + else + echo "$as_me: failed program was:" >&5 + sed 's/^/| /' conftest.$ac_ext >&5 + +-ac_cv_lib_crypto_CRYPTO_lock=no ++ac_cv_lib_crypto_CRYPTO_malloc=no + fi + rm -f conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext + LIBS=$ac_check_lib_save_LIBS + fi +-echo "$as_me:$LINENO: result: $ac_cv_lib_crypto_CRYPTO_lock" >&5 +-echo "${ECHO_T}$ac_cv_lib_crypto_CRYPTO_lock" >&6 +-if test $ac_cv_lib_crypto_CRYPTO_lock = yes; then ++echo "$as_me:$LINENO: result: $ac_cv_lib_crypto_CRYPTO_malloc" >&5 ++echo "${ECHO_T}$ac_cv_lib_crypto_CRYPTO_malloc" >&6 ++if test $ac_cv_lib_crypto_CRYPTO_malloc = yes; then + SSLLIBS="-lcrypto $SSLLIBS" + fi + +@@ -3771,7 +3789,8 @@ if { (eval echo "$as_me:$LINENO: \"$ac_l + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && +- { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' ++ { ac_try='test -z "$ac_c_werror_flag" ++ || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? +@@ -3804,7 +3823,7 @@ fi + # before defining SPAMC_SSL check that all its requirements are + # actually available + if test yes = "$ac_cv_header_openssl_crypto_h" && \ +- test yes = "$ac_cv_lib_crypto_CRYPTO_lock" && \ ++ test yes = "$ac_cv_lib_crypto_CRYPTO_malloc" && \ + test yes = "$ac_cv_lib_ssl_SSL_CTX_free"; then + SSLCFLAGS="-DSPAMC_SSL" + else +@@ -3854,7 +3873,8 @@ if { (eval echo "$as_me:$LINENO: \"$ac_l + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && +- { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' ++ { ac_try='test -z "$ac_c_werror_flag" ++ || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? +@@ -3927,7 +3947,8 @@ if { (eval echo "$as_me:$LINENO: \"$ac_l + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && +- { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' ++ { ac_try='test -z "$ac_c_werror_flag" ++ || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? +@@ -4000,7 +4021,8 @@ if { (eval echo "$as_me:$LINENO: \"$ac_l + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && +- { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' ++ { ac_try='test -z "$ac_c_werror_flag" ++ || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? +@@ -4073,7 +4095,8 @@ if { (eval echo "$as_me:$LINENO: \"$ac_l + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && +- { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' ++ { ac_try='test -z "$ac_c_werror_flag" ++ || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? +@@ -4182,7 +4205,8 @@ if { (eval echo "$as_me:$LINENO: \"$ac_l + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && +- { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' ++ { ac_try='test -z "$ac_c_werror_flag" ++ || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? +@@ -4246,7 +4270,8 @@ if { (eval echo "$as_me:$LINENO: \"$ac_c + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && +- { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' ++ { ac_try='test -z "$ac_c_werror_flag" ++ || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? +@@ -4311,7 +4336,8 @@ if { (eval echo "$as_me:$LINENO: \"$ac_c + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && +- { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' ++ { ac_try='test -z "$ac_c_werror_flag" ++ || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? +@@ -4368,7 +4394,8 @@ if { (eval echo "$as_me:$LINENO: \"$ac_c + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && +- { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' ++ { ac_try='test -z "$ac_c_werror_flag" ++ || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? +@@ -4435,7 +4462,8 @@ if { (eval echo "$as_me:$LINENO: \"$ac_c + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && +- { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' ++ { ac_try='test -z "$ac_c_werror_flag" ++ || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? +@@ -4500,7 +4528,8 @@ if { (eval echo "$as_me:$LINENO: \"$ac_c + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && +- { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' ++ { ac_try='test -z "$ac_c_werror_flag" ++ || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? +@@ -4564,7 +4593,8 @@ if { (eval echo "$as_me:$LINENO: \"$ac_c + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && +- { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' ++ { ac_try='test -z "$ac_c_werror_flag" ++ || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? +@@ -4628,7 +4658,8 @@ if { (eval echo "$as_me:$LINENO: \"$ac_c + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && +- { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' ++ { ac_try='test -z "$ac_c_werror_flag" ++ || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? +@@ -4692,7 +4723,8 @@ if { (eval echo "$as_me:$LINENO: \"$ac_c + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && +- { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' ++ { ac_try='test -z "$ac_c_werror_flag" ++ || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? +@@ -5527,6 +5559,11 @@ esac + + + ++ if test x"$ac_file" != x-; then ++ { echo "$as_me:$LINENO: creating $ac_file" >&5 ++echo "$as_me: creating $ac_file" >&6;} ++ rm -f "$ac_file" ++ fi + # Let's still pretend it is `configure' which instantiates (i.e., don't + # use $as_me), people would be surprised to read: + # /* config.h. Generated by config.status. */ +@@ -5565,12 +5602,6 @@ echo "$as_me: error: cannot find input f + fi;; + esac + done` || { (exit 1); exit 1; } +- +- if test x"$ac_file" != x-; then +- { echo "$as_me:$LINENO: creating $ac_file" >&5 +-echo "$as_me: creating $ac_file" >&6;} +- rm -f "$ac_file" +- fi + _ACEOF + cat >>$CONFIG_STATUS <<_ACEOF + sed "$ac_vpsub +Index: spamassassin-3.4.1/spamc/configure.in +=================================================================== +--- spamassassin-3.4.1.orig/spamc/configure.in ++++ spamassassin-3.4.1/spamc/configure.in +@@ -64,13 +64,13 @@ AC_CHECK_LIB(socket, socket) + SSLLIBS="" + SSLCFLAGS="" + if test yes = "$sa_ssl_enabled"; then +- AC_CHECK_LIB(crypto, CRYPTO_lock,[SSLLIBS="-lcrypto $SSLLIBS"]) ++ AC_CHECK_LIB(crypto, CRYPTO_malloc,[SSLLIBS="-lcrypto $SSLLIBS"]) + AC_CHECK_LIB(ssl, SSL_CTX_free,[SSLLIBS="-lssl $SSLLIBS"],,-lcrypto) + + # before defining SPAMC_SSL check that all its requirements are + # actually available + if test yes = "$ac_cv_header_openssl_crypto_h" && \ +- test yes = "$ac_cv_lib_crypto_CRYPTO_lock" && \ ++ test yes = "$ac_cv_lib_crypto_CRYPTO_malloc" && \ + test yes = "$ac_cv_lib_ssl_SSL_CTX_free"; then + SSLCFLAGS="-DSPAMC_SSL" + else Copied: spamassassin/repos/staging-i686/disable-sslv3.patch (from rev 290502, spamassassin/trunk/disable-sslv3.patch) =================================================================== --- staging-i686/disable-sslv3.patch (rev 0) +++ staging-i686/disable-sslv3.patch 2017-03-10 15:42:28 UTC (rev 290503) @@ -0,0 +1,276 @@ +Index: spamassassin-3.4.1/spamc/libspamc.c +=================================================================== +--- spamassassin-3.4.1.orig/spamc/libspamc.c ++++ spamassassin-3.4.1/spamc/libspamc.c +@@ -1187,7 +1187,7 @@ int message_filter(struct transport *tp, + unsigned int throwaway; + SSL_CTX *ctx = NULL; + SSL *ssl = NULL; +- SSL_METHOD *meth; ++ const SSL_METHOD *meth; + char zlib_on = 0; + unsigned char *zlib_buf = NULL; + int zlib_bufsiz = 0; +@@ -1213,11 +1213,7 @@ int message_filter(struct transport *tp, + if (flags & SPAMC_USE_SSL) { + #ifdef SPAMC_SSL + SSLeay_add_ssl_algorithms(); +- if (flags & SPAMC_TLSV1) { +- meth = TLSv1_client_method(); +- } else { +- meth = SSLv3_client_method(); /* default */ +- } ++ meth = SSLv23_client_method(); + SSL_load_error_strings(); + ctx = SSL_CTX_new(meth); + #else +@@ -1596,7 +1592,7 @@ int message_tell(struct transport *tp, c + int failureval; + SSL_CTX *ctx = NULL; + SSL *ssl = NULL; +- SSL_METHOD *meth; ++ const SSL_METHOD *meth; + + assert(tp != NULL); + assert(m != NULL); +@@ -1604,7 +1600,7 @@ int message_tell(struct transport *tp, c + if (flags & SPAMC_USE_SSL) { + #ifdef SPAMC_SSL + SSLeay_add_ssl_algorithms(); +- meth = SSLv3_client_method(); ++ meth = SSLv23_client_method(); + SSL_load_error_strings(); + ctx = SSL_CTX_new(meth); + #else +Index: spamassassin-3.4.1/spamc/spamc.c +=================================================================== +--- spamassassin-3.4.1.orig/spamc/spamc.c ++++ spamassassin-3.4.1/spamc/spamc.c +@@ -368,16 +368,11 @@ read_args(int argc, char **argv, + case 'S': + { + flags |= SPAMC_USE_SSL; +- if (!spamc_optarg || (strcmp(spamc_optarg,"sslv3") == 0)) { +- flags |= SPAMC_SSLV3; +- } +- else if (strcmp(spamc_optarg,"tlsv1") == 0) { +- flags |= SPAMC_TLSV1; +- } +- else { +- libspamc_log(flags, LOG_ERR, "Please specify a legal ssl version (%s)", spamc_optarg); +- ret = EX_USAGE; +- } ++ if(spamc_optarg) { ++ libspamc_log(flags, LOG_ERR, ++ "Explicit specification of an SSL/TLS version no longer supported."); ++ ret = EX_USAGE; ++ } + break; + } + #endif +Index: spamassassin-3.4.1/spamd/spamd.raw +=================================================================== +--- spamassassin-3.4.1.orig/spamd/spamd.raw ++++ spamassassin-3.4.1/spamd/spamd.raw +@@ -409,7 +409,6 @@ GetOptions( + 'sql-config!' => \$opt{'sql-config'}, + 'ssl' => \$opt{'ssl'}, + 'ssl-port=s' => \$opt{'ssl-port'}, +- 'ssl-version=s' => \$opt{'ssl-version'}, + 'syslog-socket=s' => \$opt{'syslog-socket'}, + 'syslog|s=s' => \$opt{'syslog'}, + 'log-timestamp-fmt:s' => \$opt{'log-timestamp-fmt'}, +@@ -743,11 +742,6 @@ if ( defined $ENV{'HOME'} ) { + + # Do whitelist later in tmp dir. Side effect: this will be done as -u user. + +-my $sslversion = $opt{'ssl-version'} || 'sslv3'; +-if ($sslversion !~ /^(?:sslv3|tlsv1)$/) { +- die "spamd: invalid ssl-version: $opt{'ssl-version'}\n"; +-} +- + $opt{'server-key'} ||= "$LOCAL_RULES_DIR/certs/server-key.pem"; + $opt{'server-cert'} ||= "$LOCAL_RULES_DIR/certs/server-cert.pem"; + +@@ -898,9 +892,8 @@ sub compose_listen_info_string { + $socket_info->{ip_addr}, $socket_info->{port})); + + } elsif ($socket->isa('IO::Socket::SSL')) { +- push(@listeninfo, sprintf("SSL [%s]:%s, ssl version %s", +- $socket_info->{ip_addr}, $socket_info->{port}, +- $opt{'ssl-version'}||'sslv3')); ++ push(@listeninfo, sprintf("SSL [%r]:%s", $socket_info->{ip_addr}, ++ $socket_info->{port})); + } + } + +@@ -1071,7 +1064,6 @@ sub server_sock_setup_inet { + $sockopt{V6Only} = 1 if $io_socket_module_name eq 'IO::Socket::IP' + && IO::Socket::IP->VERSION >= 0.09; + %sockopt = (%sockopt, ( +- SSL_version => $sslversion, + SSL_verify_mode => 0x00, + SSL_key_file => $opt{'server-key'}, + SSL_cert_file => $opt{'server-cert'}, +@@ -1092,7 +1084,8 @@ sub server_sock_setup_inet { + if (!$server_inet) { + $diag = sprintf("could not create %s socket on [%s]:%s: %s", + $ssl ? 'IO::Socket::SSL' : $io_socket_module_name, +- $adr, $port, $!); ++ $adr, $port, $ssl && $IO::Socket::SSL::SSL_ERROR ? ++ "$!,$IO::Socket::SSL::SSL_ERROR" : $!); + push(@diag_fail, $diag); + } else { + $diag = sprintf("created %s socket on [%s]:%s", +@@ -3232,7 +3225,6 @@ Options: + -H [dir], --helper-home-dir[=dir] Specify a different HOME directory + --ssl Enable SSL on TCP connections + --ssl-port port Override --port setting for SSL connections +- --ssl-version sslversion Specify SSL protocol version to use + --server-key keyfile Specify an SSL keyfile + --server-cert certfile Specify an SSL certificate + --socketpath=path Listen on a given UNIX domain socket +@@ -3720,14 +3712,6 @@ Optionally specifies the port number for + SSL connections (default: whatever --port uses). See B<--ssl> for + more details. + +-=item B<--ssl-version>=I<sslversion> +- +-Specify the SSL protocol version to use, one of B<sslv3> or B<tlsv1>. +-The default, B<sslv3>, is the most flexible, accepting a SSLv3 or +-higher hello handshake, then negotiating use of SSLv3 or TLSv1 +-protocol if the client can accept it. Specifying B<--ssl-version> +-implies B<--ssl>. +- + =item B<--server-key> I<keyfile> + + Specify the SSL key file to use for SSL connections. +Index: spamassassin-3.4.1/spamc/spamc.pod +=================================================================== +--- spamassassin-3.4.1.orig/spamc/spamc.pod ++++ spamassassin-3.4.1/spamc/spamc.pod +@@ -177,12 +177,10 @@ The default is 1 time (ie. one attempt a + Sleep for I<sleep> seconds between failed spamd filtering attempts. + The default is 1 second. + +-=item B<-S>, B<--ssl>, B<--ssl>=I<sslversion> ++=item B<-S>, B<--ssl>, B<--ssl> + + If spamc was built with support for SSL, encrypt data to and from the + spamd process with SSL; spamd must support SSL as well. +-I<sslversion> specifies the SSL protocol version to use, either +-C<sslv3>, or C<tlsv1>. The default, is C<sslv3>. + + =item B<-t> I<timeout>, B<--timeout>=I<timeout> + +Index: spamassassin-3.4.1/t/spamd_ssl_tls.t +=================================================================== +--- spamassassin-3.4.1.orig/t/spamd_ssl_tls.t ++++ /dev/null +@@ -1,28 +0,0 @@ +-#!/usr/bin/perl +- +-use lib '.'; use lib 't'; +-use SATest; sa_t_init("spamd_ssl_tls"); +-use Test; plan tests => (($SKIP_SPAMD_TESTS || !$SSL_AVAILABLE) ? 0 : 9); +- +-exit if ($SKIP_SPAMD_TESTS || !$SSL_AVAILABLE); +- +-# --------------------------------------------------------------------------- +- +-%patterns = ( +- +-q{ Return-Path: sb55s...@yahoo.com}, 'firstline', +-q{ Subject: There yours for FREE!}, 'subj', +-q{ X-Spam-Status: Yes, score=}, 'status', +-q{ X-Spam-Flag: YES}, 'flag', +-q{ X-Spam-Level: **********}, 'stars', +-q{ TEST_ENDSNUMS}, 'endsinnums', +-q{ TEST_NOREALNAME}, 'noreal', +-q{ This must be the very last line}, 'lastline', +- +- +-); +- +-ok (sdrun ("-L --ssl --ssl-version=tlsv1 --server-key data/etc/testhost.key --server-cert data/etc/testhost.cert", +- "--ssl=tlsv1 < data/spam/001", +- \&patterns_run_cb)); +-ok_all_patterns(); +Index: spamassassin-3.4.1/t/spamd_ssl_v3.t +=================================================================== +--- spamassassin-3.4.1.orig/t/spamd_ssl_v3.t ++++ /dev/null +@@ -1,28 +0,0 @@ +-#!/usr/bin/perl +- +-use lib '.'; use lib 't'; +-use SATest; sa_t_init("spamd_sslv3"); +-use Test; plan tests => (($SKIP_SPAMD_TESTS || !$SSL_AVAILABLE) ? 0 : 9); +- +-exit if ($SKIP_SPAMD_TESTS || !$SSL_AVAILABLE); +- +-# --------------------------------------------------------------------------- +- +-%patterns = ( +- +-q{ Return-Path: sb55s...@yahoo.com}, 'firstline', +-q{ Subject: There yours for FREE!}, 'subj', +-q{ X-Spam-Status: Yes, score=}, 'status', +-q{ X-Spam-Flag: YES}, 'flag', +-q{ X-Spam-Level: **********}, 'stars', +-q{ TEST_ENDSNUMS}, 'endsinnums', +-q{ TEST_NOREALNAME}, 'noreal', +-q{ This must be the very last line}, 'lastline', +- +- +-); +- +-ok (sdrun ("-L --ssl --ssl-version=sslv3 --server-key data/etc/testhost.key --server-cert data/etc/testhost.cert", +- "--ssl=sslv3 < data/spam/001", +- \&patterns_run_cb)); +-ok_all_patterns(); +Index: spamassassin-3.4.1/t/spamd_ssl_accept_fail.t +=================================================================== +--- spamassassin-3.4.1.orig/t/spamd_ssl_accept_fail.t ++++ spamassassin-3.4.1/t/spamd_ssl_accept_fail.t +@@ -23,9 +23,9 @@ q{ This must be the very last line}, 'la + + ); + +-ok (start_spamd ("-L --ssl --ssl-version=sslv3 --server-key data/etc/testhost.key --server-cert data/etc/testhost.cert")); ++ok (start_spamd ("-L --ssl --server-key data/etc/testhost.key --server-cert data/etc/testhost.cert")); + ok (spamcrun ("< data/spam/001", \&patterns_run_cb)); +-ok (spamcrun ("--ssl=sslv3 < data/spam/001", \&patterns_run_cb)); ++ok (spamcrun ("--ssl < data/spam/001", \&patterns_run_cb)); + ok (stop_spamd ()); + + ok_all_patterns(); +Index: spamassassin-3.4.1/t/spamd_ssl.t +=================================================================== +--- spamassassin-3.4.1.orig/t/spamd_ssl.t ++++ spamassassin-3.4.1/t/spamd_ssl.t +@@ -2,10 +2,7 @@ + + use lib '.'; use lib 't'; + use SATest; sa_t_init("spamd_ssl"); +-use Test; plan tests => (($SKIP_SPAMD_TESTS || !$SSL_AVAILABLE) ? 0 : 9), +- onfail => sub { +- warn "\n\nNote: This may not be a SpamAssassin bug, as some platforms require that you" . +- "\nspecify a protocol in spamc --ssl option, and possibly in spamd --ssl-version.\n\n" }; ++use Test; plan tests => (($SKIP_SPAMD_TESTS || !$SSL_AVAILABLE) ? 0 : 9); + + exit if ($SKIP_SPAMD_TESTS || !$SSL_AVAILABLE); + +Index: spamassassin-3.4.1/MANIFEST +=================================================================== +--- spamassassin-3.4.1.orig/MANIFEST ++++ spamassassin-3.4.1/MANIFEST +@@ -511,8 +511,6 @@ t/spamd_report_ifspam.t + t/spamd_sql_prefs.t + t/spamd_ssl.t + t/spamd_ssl_accept_fail.t +-t/spamd_ssl_tls.t +-t/spamd_ssl_v3.t + t/spamd_stop.t + t/spamd_symbols.t + t/spamd_syslog.t Copied: spamassassin/repos/staging-i686/net-dns-1.01-compat-uribl.patch (from rev 290502, spamassassin/trunk/net-dns-1.01-compat-uribl.patch) =================================================================== --- staging-i686/net-dns-1.01-compat-uribl.patch (rev 0) +++ staging-i686/net-dns-1.01-compat-uribl.patch 2017-03-10 15:42:28 UTC (rev 290503) @@ -0,0 +1,27 @@ +--- spamassassin/branches/3.4/lib/Mail/SpamAssassin/Plugin/URIDNSBL.pm 2015/04/28 20:36:05 1676616 ++++ spamassassin/branches/3.4/lib/Mail/SpamAssassin/Plugin/URIDNSBL.pm 2015/08/04 23:16:38 1694126 +@@ -942,9 +942,8 @@ + next unless (defined($str) && defined($dom)); + dbg("uridnsbl: got($j) NS for $dom: $str"); + +- if ($str =~ /IN\s+NS\s+(\S+)/) { +- my $nsmatch = lc $1; +- $nsmatch =~ s/\.$//; ++ if ($rr->type eq 'NS') { ++ my $nsmatch = lc $rr->nsdname; # available since at least Net::DNS 0.14 + my $nsrhblstr = $nsmatch; + my $fullnsrhblstr = $nsmatch; + +@@ -1025,9 +1024,9 @@ + } + dbg("uridnsbl: complete_a_lookup got(%d) A for %s: %s", $j,$hname,$str); + +- local $1; +- if ($str =~ /IN\s+A\s+(\S+)/) { +- $self->lookup_dnsbl_for_ip($pms, $ent->{obj}, $1); ++ if ($rr->type eq 'A') { ++ my $ip_address = $rr->rdatastr; ++ $self->lookup_dnsbl_for_ip($pms, $ent->{obj}, $ip_address); + } + } + } Copied: spamassassin/repos/staging-i686/net-dns-1.01-compat.patch (from rev 290502, spamassassin/trunk/net-dns-1.01-compat.patch) =================================================================== --- staging-i686/net-dns-1.01-compat.patch (rev 0) +++ staging-i686/net-dns-1.01-compat.patch 2017-03-10 15:42:28 UTC (rev 290503) @@ -0,0 +1,14 @@ +https://bz.apache.org/SpamAssassin/show_bug.cgi?id=7223 + +--- spamassassin/branches/3.4/lib/Mail/SpamAssassin/DnsResolver.pm 2015/07/20 18:23:18 1691991 ++++ spamassassin/branches/3.4/lib/Mail/SpamAssassin/DnsResolver.pm 2015/07/20 18:24:48 1691992 +@@ -592,6 +592,9 @@ + }; + + if ($packet) { ++ # RD flag needs to be set explicitly since Net::DNS 1.01, Bug 7223 ++ $packet->header->rd(1); ++ + # my $udp_payload_size = $self->{res}->udppacketsize; + my $udp_payload_size = $self->{conf}->{dns_options}->{edns}; + if ($udp_payload_size && $udp_payload_size > 512) { Copied: spamassassin/repos/staging-i686/spamassassin.install (from rev 290502, spamassassin/trunk/spamassassin.install) =================================================================== --- staging-i686/spamassassin.install (rev 0) +++ staging-i686/spamassassin.install 2017-03-10 15:42:28 UTC (rev 290503) @@ -0,0 +1,32 @@ +setup_user() { + getent group spamd &>/dev/null || groupadd -g 182 spamd >/dev/null + getent passwd spamd &>/dev/null || useradd -u 182 -d /var/lib/spamassassin -g spamd -s /bin/false spamd >/dev/null + + if [[ -d /var/lib/spamassassin ]]; then + chown spamd:spamd /var/lib/spamassassin + fi + + true +} + +post_install() { + echo "You must run 'sa-update' to install spam rules before use." + setup_user +} + +post_upgrade() { + setup_user + if [ "$(vercmp $2 3.4)" -lt 0 ]; then + echo '/var/lib/spamassassin is now owned by the spamd user. spamassassin.service' + echo 'will also run under that user. You may need to adjust your setup.' + fi + + # Compile rules, if rules have previously been compiled, and it's possible + if type re2c &>/dev/null && type sa-compile &>/dev/null && [[ -d /var/lib/spamassassin/compiled ]]; then + echo "Detected compiled rules, running sa-compile..." + sa-compile > /dev/null 2>&1 + fi + + true +} + Copied: spamassassin/repos/staging-i686/spamassassin.service (from rev 290502, spamassassin/trunk/spamassassin.service) =================================================================== --- staging-i686/spamassassin.service (rev 0) +++ staging-i686/spamassassin.service 2017-03-10 15:42:28 UTC (rev 290503) @@ -0,0 +1,12 @@ +[Unit] +Description=Spamassassin daemon +After=syslog.target network.target + +[Service] +ExecStart=/usr/bin/vendor_perl/spamd -x -u spamd -g spamd +StandardOutput=null +StandardError=null +Restart=always + +[Install] +WantedBy=multi-user.target Copied: spamassassin/repos/staging-x86_64/PKGBUILD (from rev 290502, spamassassin/trunk/PKGBUILD) =================================================================== --- staging-x86_64/PKGBUILD (rev 0) +++ staging-x86_64/PKGBUILD 2017-03-10 15:42:28 UTC (rev 290503) @@ -0,0 +1,73 @@ +# $Id$ +# Maintainer: Florian Pritz <bluew...@xinu.at> +# Contributor: Dale Blount <d...@archlinux.org> +# Contributor: Manolis Tzanidakis +pkgname=spamassassin +pkgver=3.4.1 +pkgrel=5 +pkgdesc="A mail filter to identify spam." +arch=('i686' 'x86_64') +license=('APACHE') +url="http://spamassassin.apache.org" +depends=('openssl' 'zlib' 're2c' 'perl-net-dns' 'perl-io-socket-ssl' + 'perl-libwww' 'perl-mail-spf' 'perl-http-message' 'perl-net-http' + 'perl-io-socket-inet6' 'perl-mail-dkim' 'perl-crypt-ssleay') +makedepends=('razor' 'perl-dbi') +optdepends=('razor: to identify collaborately-flagged spam') +backup=('etc/mail/spamassassin/local.cf' + 'etc/mail/spamassassin/init.pre' + 'etc/mail/spamassassin/v310.pre' + 'etc/mail/spamassassin/v312.pre' + 'etc/mail/spamassassin/v320.pre' + 'etc/mail/spamassassin/v330.pre') +install="${pkgname}.install" +source=("http://www.us.apache.org/dist/${pkgname}/source/Mail-SpamAssassin-${pkgver}.tar.gz"{,.asc} + 'spamassassin.service' net-dns-1.01-compat.patch net-dns-1.01-compat-uribl.patch disable-sslv3.patch 'bug_828552-openssl-1.1.0.patch') +validpgpkeys=(D8099BC79E17D7E49BC21E31FDE52F40F7D39814) +md5sums=('76eca1f38c11635d319e62c26d5b034b' + 'SKIP' + '8adce028f25387ac3bc4dba697d209ed' + '63458976671c35f423bd4e8033cfff3a' + '14f2e3dc93c560d6b5a7fd7d54e44e11' + 'e6aeeae9828f305db72abb8707312ee7' + '8de3e540060b5a0dce23d12420cb7902') + +prepare() { + cd "${srcdir}/Mail-SpamAssassin-${pkgver}" + + sed -i t/sa_compile.t \ + -e 's#^my $temp_binpath = $Config{sitebinexp};#my $temp_binpath = "/bin/site_perl/";#' + + patch -i "$srcdir/net-dns-1.01-compat.patch" -p3 + patch -i "$srcdir/net-dns-1.01-compat-uribl.patch" -p3 + + # From Debian + patch -i "$srcdir/disable-sslv3.patch" -p1 + patch -i "$srcdir/bug_828552-openssl-1.1.0.patch" -p1 +} + +build() { + cd "${srcdir}/Mail-SpamAssassin-${pkgver}" + + # install module in vendor directories. + PERL_MM_USE_DEFAULT=1 perl Makefile.PL INSTALLDIRS=vendor \ + CONTACT_ADDRESS=root@localhost ENABLE_SSL=yes PERL_TAINT=no + make +} + +check() { + cd "${srcdir}/Mail-SpamAssassin-${pkgver}" + + # parallel tests cause lots of failures; disable for now + #export HARNESS_OPTIONS="j$(echo $MAKEFLAGS | sed 's/.*-j\([0-9][0-9]*\).*/\1/')" + + make test +} + +package() { + cd "${srcdir}/Mail-SpamAssassin-${pkgver}" + make DESTDIR="${pkgdir}" install + + install -D -m644 "${srcdir}/spamassassin.service" "${pkgdir}/usr/lib/systemd/system/spamassassin.service" + install -d -o 182 -g 182 -m 755 "$pkgdir/var/lib/spamassassin" +} Copied: spamassassin/repos/staging-x86_64/bug_828552-openssl-1.1.0.patch (from rev 290502, spamassassin/trunk/bug_828552-openssl-1.1.0.patch) =================================================================== --- staging-x86_64/bug_828552-openssl-1.1.0.patch (rev 0) +++ staging-x86_64/bug_828552-openssl-1.1.0.patch 2017-03-10 15:42:28 UTC (rev 290503) @@ -0,0 +1,453 @@ +From: Sebastian Andrzej Siewior <sebast...@breakpoint.cc> +Date: Thu, 22 Sep 2016 11:19:42 +0000 +Subject: [PATCH] spamassassin: get it compiled against openssl 1.1.0 + +CRYPTO_lock was part of the old locking API which got removed. I picked +a different symbol. + +Signed-off-by: Sebastian Andrzej Siewior <sebast...@breakpoint.cc> +--- + spamc/configure | 22 +++++++++++----------- + spamc/configure.in | 2 +- + 2 files changed, 12 insertions(+), 12 deletions(-) + +Index: spamassassin-3.4.1/spamc/configure +=================================================================== +--- spamassassin-3.4.1.orig/spamc/configure ++++ spamassassin-3.4.1/spamc/configure +@@ -943,7 +943,7 @@ esac + else + echo "$as_me: WARNING: no configuration information is in $ac_dir" >&2 + fi +- cd "$ac_popdir" ++ cd $ac_popdir + done + fi + +@@ -1874,7 +1874,8 @@ if { (eval echo "$as_me:$LINENO: \"$ac_c + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && +- { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' ++ { ac_try='test -z "$ac_c_werror_flag" ++ || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? +@@ -1932,7 +1933,8 @@ if { (eval echo "$as_me:$LINENO: \"$ac_c + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && +- { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' ++ { ac_try='test -z "$ac_c_werror_flag" ++ || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? +@@ -2048,7 +2050,8 @@ if { (eval echo "$as_me:$LINENO: \"$ac_c + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && +- { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' ++ { ac_try='test -z "$ac_c_werror_flag" ++ || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? +@@ -2102,7 +2105,8 @@ if { (eval echo "$as_me:$LINENO: \"$ac_c + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && +- { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' ++ { ac_try='test -z "$ac_c_werror_flag" ++ || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? +@@ -2147,7 +2151,8 @@ if { (eval echo "$as_me:$LINENO: \"$ac_c + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && +- { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' ++ { ac_try='test -z "$ac_c_werror_flag" ++ || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? +@@ -2191,7 +2196,8 @@ if { (eval echo "$as_me:$LINENO: \"$ac_c + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && +- { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' ++ { ac_try='test -z "$ac_c_werror_flag" ++ || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? +@@ -2523,7 +2529,8 @@ if { (eval echo "$as_me:$LINENO: \"$ac_c + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && +- { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' ++ { ac_try='test -z "$ac_c_werror_flag" ++ || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? +@@ -2693,7 +2700,8 @@ if { (eval echo "$as_me:$LINENO: \"$ac_c + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && +- { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' ++ { ac_try='test -z "$ac_c_werror_flag" ++ || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? +@@ -2764,7 +2772,8 @@ if { (eval echo "$as_me:$LINENO: \"$ac_c + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && +- { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' ++ { ac_try='test -z "$ac_c_werror_flag" ++ || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? +@@ -2917,7 +2926,8 @@ if { (eval echo "$as_me:$LINENO: \"$ac_c + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && +- { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' ++ { ac_try='test -z "$ac_c_werror_flag" ++ || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? +@@ -3069,7 +3079,8 @@ if { (eval echo "$as_me:$LINENO: \"$ac_c + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && +- { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' ++ { ac_try='test -z "$ac_c_werror_flag" ++ || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? +@@ -3260,7 +3271,8 @@ if { (eval echo "$as_me:$LINENO: \"$ac_c + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && +- { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' ++ { ac_try='test -z "$ac_c_werror_flag" ++ || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? +@@ -3323,7 +3335,8 @@ if { (eval echo "$as_me:$LINENO: \"$ac_c + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && +- { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' ++ { ac_try='test -z "$ac_c_werror_flag" ++ || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? +@@ -3388,7 +3401,8 @@ if { (eval echo "$as_me:$LINENO: \"$ac_c + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && +- { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' ++ { ac_try='test -z "$ac_c_werror_flag" ++ || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? +@@ -3491,7 +3505,8 @@ if { (eval echo "$as_me:$LINENO: \"$ac_c + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && +- { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' ++ { ac_try='test -z "$ac_c_werror_flag" ++ || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? +@@ -3557,7 +3572,8 @@ if { (eval echo "$as_me:$LINENO: \"$ac_c + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && +- { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' ++ { ac_try='test -z "$ac_c_werror_flag" ++ || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? +@@ -3628,7 +3644,8 @@ if { (eval echo "$as_me:$LINENO: \"$ac_l + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && +- { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' ++ { ac_try='test -z "$ac_c_werror_flag" ++ || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? +@@ -3666,9 +3683,9 @@ fi + SSLLIBS="" + SSLCFLAGS="" + if test yes = "$sa_ssl_enabled"; then +- echo "$as_me:$LINENO: checking for CRYPTO_lock in -lcrypto" >&5 +-echo $ECHO_N "checking for CRYPTO_lock in -lcrypto... $ECHO_C" >&6 +-if test "${ac_cv_lib_crypto_CRYPTO_lock+set}" = set; then ++ echo "$as_me:$LINENO: checking for CRYPTO_malloc in -lcrypto" >&5 ++echo $ECHO_N "checking for CRYPTO_malloc in -lcrypto... $ECHO_C" >&6 ++if test "${ac_cv_lib_crypto_CRYPTO_malloc+set}" = set; then + echo $ECHO_N "(cached) $ECHO_C" >&6 + else + ac_check_lib_save_LIBS=$LIBS +@@ -3686,11 +3703,11 @@ extern "C" + #endif + /* We use char because int might match the return type of a gcc2 + builtin and then its argument prototype would still apply. */ +-char CRYPTO_lock (); ++char CRYPTO_malloc (); + int + main () + { +-CRYPTO_lock (); ++CRYPTO_malloc (); + ; + return 0; + } +@@ -3704,7 +3721,8 @@ if { (eval echo "$as_me:$LINENO: \"$ac_l + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && +- { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' ++ { ac_try='test -z "$ac_c_werror_flag" ++ || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? +@@ -3716,20 +3734,20 @@ if { (eval echo "$as_me:$LINENO: \"$ac_l + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; }; then +- ac_cv_lib_crypto_CRYPTO_lock=yes ++ ac_cv_lib_crypto_CRYPTO_malloc=yes + else + echo "$as_me: failed program was:" >&5 + sed 's/^/| /' conftest.$ac_ext >&5 + +-ac_cv_lib_crypto_CRYPTO_lock=no ++ac_cv_lib_crypto_CRYPTO_malloc=no + fi + rm -f conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext + LIBS=$ac_check_lib_save_LIBS + fi +-echo "$as_me:$LINENO: result: $ac_cv_lib_crypto_CRYPTO_lock" >&5 +-echo "${ECHO_T}$ac_cv_lib_crypto_CRYPTO_lock" >&6 +-if test $ac_cv_lib_crypto_CRYPTO_lock = yes; then ++echo "$as_me:$LINENO: result: $ac_cv_lib_crypto_CRYPTO_malloc" >&5 ++echo "${ECHO_T}$ac_cv_lib_crypto_CRYPTO_malloc" >&6 ++if test $ac_cv_lib_crypto_CRYPTO_malloc = yes; then + SSLLIBS="-lcrypto $SSLLIBS" + fi + +@@ -3771,7 +3789,8 @@ if { (eval echo "$as_me:$LINENO: \"$ac_l + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && +- { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' ++ { ac_try='test -z "$ac_c_werror_flag" ++ || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? +@@ -3804,7 +3823,7 @@ fi + # before defining SPAMC_SSL check that all its requirements are + # actually available + if test yes = "$ac_cv_header_openssl_crypto_h" && \ +- test yes = "$ac_cv_lib_crypto_CRYPTO_lock" && \ ++ test yes = "$ac_cv_lib_crypto_CRYPTO_malloc" && \ + test yes = "$ac_cv_lib_ssl_SSL_CTX_free"; then + SSLCFLAGS="-DSPAMC_SSL" + else +@@ -3854,7 +3873,8 @@ if { (eval echo "$as_me:$LINENO: \"$ac_l + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && +- { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' ++ { ac_try='test -z "$ac_c_werror_flag" ++ || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? +@@ -3927,7 +3947,8 @@ if { (eval echo "$as_me:$LINENO: \"$ac_l + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && +- { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' ++ { ac_try='test -z "$ac_c_werror_flag" ++ || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? +@@ -4000,7 +4021,8 @@ if { (eval echo "$as_me:$LINENO: \"$ac_l + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && +- { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' ++ { ac_try='test -z "$ac_c_werror_flag" ++ || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? +@@ -4073,7 +4095,8 @@ if { (eval echo "$as_me:$LINENO: \"$ac_l + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && +- { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' ++ { ac_try='test -z "$ac_c_werror_flag" ++ || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? +@@ -4182,7 +4205,8 @@ if { (eval echo "$as_me:$LINENO: \"$ac_l + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && +- { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' ++ { ac_try='test -z "$ac_c_werror_flag" ++ || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? +@@ -4246,7 +4270,8 @@ if { (eval echo "$as_me:$LINENO: \"$ac_c + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && +- { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' ++ { ac_try='test -z "$ac_c_werror_flag" ++ || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? +@@ -4311,7 +4336,8 @@ if { (eval echo "$as_me:$LINENO: \"$ac_c + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && +- { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' ++ { ac_try='test -z "$ac_c_werror_flag" ++ || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? +@@ -4368,7 +4394,8 @@ if { (eval echo "$as_me:$LINENO: \"$ac_c + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && +- { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' ++ { ac_try='test -z "$ac_c_werror_flag" ++ || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? +@@ -4435,7 +4462,8 @@ if { (eval echo "$as_me:$LINENO: \"$ac_c + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && +- { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' ++ { ac_try='test -z "$ac_c_werror_flag" ++ || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? +@@ -4500,7 +4528,8 @@ if { (eval echo "$as_me:$LINENO: \"$ac_c + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && +- { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' ++ { ac_try='test -z "$ac_c_werror_flag" ++ || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? +@@ -4564,7 +4593,8 @@ if { (eval echo "$as_me:$LINENO: \"$ac_c + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && +- { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' ++ { ac_try='test -z "$ac_c_werror_flag" ++ || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? +@@ -4628,7 +4658,8 @@ if { (eval echo "$as_me:$LINENO: \"$ac_c + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && +- { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' ++ { ac_try='test -z "$ac_c_werror_flag" ++ || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? +@@ -4692,7 +4723,8 @@ if { (eval echo "$as_me:$LINENO: \"$ac_c + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && +- { ac_try='test -z "$ac_c_werror_flag" || test ! -s conftest.err' ++ { ac_try='test -z "$ac_c_werror_flag" ++ || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? +@@ -5527,6 +5559,11 @@ esac + + + ++ if test x"$ac_file" != x-; then ++ { echo "$as_me:$LINENO: creating $ac_file" >&5 ++echo "$as_me: creating $ac_file" >&6;} ++ rm -f "$ac_file" ++ fi + # Let's still pretend it is `configure' which instantiates (i.e., don't + # use $as_me), people would be surprised to read: + # /* config.h. Generated by config.status. */ +@@ -5565,12 +5602,6 @@ echo "$as_me: error: cannot find input f + fi;; + esac + done` || { (exit 1); exit 1; } +- +- if test x"$ac_file" != x-; then +- { echo "$as_me:$LINENO: creating $ac_file" >&5 +-echo "$as_me: creating $ac_file" >&6;} +- rm -f "$ac_file" +- fi + _ACEOF + cat >>$CONFIG_STATUS <<_ACEOF + sed "$ac_vpsub +Index: spamassassin-3.4.1/spamc/configure.in +=================================================================== +--- spamassassin-3.4.1.orig/spamc/configure.in ++++ spamassassin-3.4.1/spamc/configure.in +@@ -64,13 +64,13 @@ AC_CHECK_LIB(socket, socket) + SSLLIBS="" + SSLCFLAGS="" + if test yes = "$sa_ssl_enabled"; then +- AC_CHECK_LIB(crypto, CRYPTO_lock,[SSLLIBS="-lcrypto $SSLLIBS"]) ++ AC_CHECK_LIB(crypto, CRYPTO_malloc,[SSLLIBS="-lcrypto $SSLLIBS"]) + AC_CHECK_LIB(ssl, SSL_CTX_free,[SSLLIBS="-lssl $SSLLIBS"],,-lcrypto) + + # before defining SPAMC_SSL check that all its requirements are + # actually available + if test yes = "$ac_cv_header_openssl_crypto_h" && \ +- test yes = "$ac_cv_lib_crypto_CRYPTO_lock" && \ ++ test yes = "$ac_cv_lib_crypto_CRYPTO_malloc" && \ + test yes = "$ac_cv_lib_ssl_SSL_CTX_free"; then + SSLCFLAGS="-DSPAMC_SSL" + else Copied: spamassassin/repos/staging-x86_64/disable-sslv3.patch (from rev 290502, spamassassin/trunk/disable-sslv3.patch) =================================================================== --- staging-x86_64/disable-sslv3.patch (rev 0) +++ staging-x86_64/disable-sslv3.patch 2017-03-10 15:42:28 UTC (rev 290503) @@ -0,0 +1,276 @@ +Index: spamassassin-3.4.1/spamc/libspamc.c +=================================================================== +--- spamassassin-3.4.1.orig/spamc/libspamc.c ++++ spamassassin-3.4.1/spamc/libspamc.c +@@ -1187,7 +1187,7 @@ int message_filter(struct transport *tp, + unsigned int throwaway; + SSL_CTX *ctx = NULL; + SSL *ssl = NULL; +- SSL_METHOD *meth; ++ const SSL_METHOD *meth; + char zlib_on = 0; + unsigned char *zlib_buf = NULL; + int zlib_bufsiz = 0; +@@ -1213,11 +1213,7 @@ int message_filter(struct transport *tp, + if (flags & SPAMC_USE_SSL) { + #ifdef SPAMC_SSL + SSLeay_add_ssl_algorithms(); +- if (flags & SPAMC_TLSV1) { +- meth = TLSv1_client_method(); +- } else { +- meth = SSLv3_client_method(); /* default */ +- } ++ meth = SSLv23_client_method(); + SSL_load_error_strings(); + ctx = SSL_CTX_new(meth); + #else +@@ -1596,7 +1592,7 @@ int message_tell(struct transport *tp, c + int failureval; + SSL_CTX *ctx = NULL; + SSL *ssl = NULL; +- SSL_METHOD *meth; ++ const SSL_METHOD *meth; + + assert(tp != NULL); + assert(m != NULL); +@@ -1604,7 +1600,7 @@ int message_tell(struct transport *tp, c + if (flags & SPAMC_USE_SSL) { + #ifdef SPAMC_SSL + SSLeay_add_ssl_algorithms(); +- meth = SSLv3_client_method(); ++ meth = SSLv23_client_method(); + SSL_load_error_strings(); + ctx = SSL_CTX_new(meth); + #else +Index: spamassassin-3.4.1/spamc/spamc.c +=================================================================== +--- spamassassin-3.4.1.orig/spamc/spamc.c ++++ spamassassin-3.4.1/spamc/spamc.c +@@ -368,16 +368,11 @@ read_args(int argc, char **argv, + case 'S': + { + flags |= SPAMC_USE_SSL; +- if (!spamc_optarg || (strcmp(spamc_optarg,"sslv3") == 0)) { +- flags |= SPAMC_SSLV3; +- } +- else if (strcmp(spamc_optarg,"tlsv1") == 0) { +- flags |= SPAMC_TLSV1; +- } +- else { +- libspamc_log(flags, LOG_ERR, "Please specify a legal ssl version (%s)", spamc_optarg); +- ret = EX_USAGE; +- } ++ if(spamc_optarg) { ++ libspamc_log(flags, LOG_ERR, ++ "Explicit specification of an SSL/TLS version no longer supported."); ++ ret = EX_USAGE; ++ } + break; + } + #endif +Index: spamassassin-3.4.1/spamd/spamd.raw +=================================================================== +--- spamassassin-3.4.1.orig/spamd/spamd.raw ++++ spamassassin-3.4.1/spamd/spamd.raw +@@ -409,7 +409,6 @@ GetOptions( + 'sql-config!' => \$opt{'sql-config'}, + 'ssl' => \$opt{'ssl'}, + 'ssl-port=s' => \$opt{'ssl-port'}, +- 'ssl-version=s' => \$opt{'ssl-version'}, + 'syslog-socket=s' => \$opt{'syslog-socket'}, + 'syslog|s=s' => \$opt{'syslog'}, + 'log-timestamp-fmt:s' => \$opt{'log-timestamp-fmt'}, +@@ -743,11 +742,6 @@ if ( defined $ENV{'HOME'} ) { + + # Do whitelist later in tmp dir. Side effect: this will be done as -u user. + +-my $sslversion = $opt{'ssl-version'} || 'sslv3'; +-if ($sslversion !~ /^(?:sslv3|tlsv1)$/) { +- die "spamd: invalid ssl-version: $opt{'ssl-version'}\n"; +-} +- + $opt{'server-key'} ||= "$LOCAL_RULES_DIR/certs/server-key.pem"; + $opt{'server-cert'} ||= "$LOCAL_RULES_DIR/certs/server-cert.pem"; + +@@ -898,9 +892,8 @@ sub compose_listen_info_string { + $socket_info->{ip_addr}, $socket_info->{port})); + + } elsif ($socket->isa('IO::Socket::SSL')) { +- push(@listeninfo, sprintf("SSL [%s]:%s, ssl version %s", +- $socket_info->{ip_addr}, $socket_info->{port}, +- $opt{'ssl-version'}||'sslv3')); ++ push(@listeninfo, sprintf("SSL [%r]:%s", $socket_info->{ip_addr}, ++ $socket_info->{port})); + } + } + +@@ -1071,7 +1064,6 @@ sub server_sock_setup_inet { + $sockopt{V6Only} = 1 if $io_socket_module_name eq 'IO::Socket::IP' + && IO::Socket::IP->VERSION >= 0.09; + %sockopt = (%sockopt, ( +- SSL_version => $sslversion, + SSL_verify_mode => 0x00, + SSL_key_file => $opt{'server-key'}, + SSL_cert_file => $opt{'server-cert'}, +@@ -1092,7 +1084,8 @@ sub server_sock_setup_inet { + if (!$server_inet) { + $diag = sprintf("could not create %s socket on [%s]:%s: %s", + $ssl ? 'IO::Socket::SSL' : $io_socket_module_name, +- $adr, $port, $!); ++ $adr, $port, $ssl && $IO::Socket::SSL::SSL_ERROR ? ++ "$!,$IO::Socket::SSL::SSL_ERROR" : $!); + push(@diag_fail, $diag); + } else { + $diag = sprintf("created %s socket on [%s]:%s", +@@ -3232,7 +3225,6 @@ Options: + -H [dir], --helper-home-dir[=dir] Specify a different HOME directory + --ssl Enable SSL on TCP connections + --ssl-port port Override --port setting for SSL connections +- --ssl-version sslversion Specify SSL protocol version to use + --server-key keyfile Specify an SSL keyfile + --server-cert certfile Specify an SSL certificate + --socketpath=path Listen on a given UNIX domain socket +@@ -3720,14 +3712,6 @@ Optionally specifies the port number for + SSL connections (default: whatever --port uses). See B<--ssl> for + more details. + +-=item B<--ssl-version>=I<sslversion> +- +-Specify the SSL protocol version to use, one of B<sslv3> or B<tlsv1>. +-The default, B<sslv3>, is the most flexible, accepting a SSLv3 or +-higher hello handshake, then negotiating use of SSLv3 or TLSv1 +-protocol if the client can accept it. Specifying B<--ssl-version> +-implies B<--ssl>. +- + =item B<--server-key> I<keyfile> + + Specify the SSL key file to use for SSL connections. +Index: spamassassin-3.4.1/spamc/spamc.pod +=================================================================== +--- spamassassin-3.4.1.orig/spamc/spamc.pod ++++ spamassassin-3.4.1/spamc/spamc.pod +@@ -177,12 +177,10 @@ The default is 1 time (ie. one attempt a + Sleep for I<sleep> seconds between failed spamd filtering attempts. + The default is 1 second. + +-=item B<-S>, B<--ssl>, B<--ssl>=I<sslversion> ++=item B<-S>, B<--ssl>, B<--ssl> + + If spamc was built with support for SSL, encrypt data to and from the + spamd process with SSL; spamd must support SSL as well. +-I<sslversion> specifies the SSL protocol version to use, either +-C<sslv3>, or C<tlsv1>. The default, is C<sslv3>. + + =item B<-t> I<timeout>, B<--timeout>=I<timeout> + +Index: spamassassin-3.4.1/t/spamd_ssl_tls.t +=================================================================== +--- spamassassin-3.4.1.orig/t/spamd_ssl_tls.t ++++ /dev/null +@@ -1,28 +0,0 @@ +-#!/usr/bin/perl +- +-use lib '.'; use lib 't'; +-use SATest; sa_t_init("spamd_ssl_tls"); +-use Test; plan tests => (($SKIP_SPAMD_TESTS || !$SSL_AVAILABLE) ? 0 : 9); +- +-exit if ($SKIP_SPAMD_TESTS || !$SSL_AVAILABLE); +- +-# --------------------------------------------------------------------------- +- +-%patterns = ( +- +-q{ Return-Path: sb55s...@yahoo.com}, 'firstline', +-q{ Subject: There yours for FREE!}, 'subj', +-q{ X-Spam-Status: Yes, score=}, 'status', +-q{ X-Spam-Flag: YES}, 'flag', +-q{ X-Spam-Level: **********}, 'stars', +-q{ TEST_ENDSNUMS}, 'endsinnums', +-q{ TEST_NOREALNAME}, 'noreal', +-q{ This must be the very last line}, 'lastline', +- +- +-); +- +-ok (sdrun ("-L --ssl --ssl-version=tlsv1 --server-key data/etc/testhost.key --server-cert data/etc/testhost.cert", +- "--ssl=tlsv1 < data/spam/001", +- \&patterns_run_cb)); +-ok_all_patterns(); +Index: spamassassin-3.4.1/t/spamd_ssl_v3.t +=================================================================== +--- spamassassin-3.4.1.orig/t/spamd_ssl_v3.t ++++ /dev/null +@@ -1,28 +0,0 @@ +-#!/usr/bin/perl +- +-use lib '.'; use lib 't'; +-use SATest; sa_t_init("spamd_sslv3"); +-use Test; plan tests => (($SKIP_SPAMD_TESTS || !$SSL_AVAILABLE) ? 0 : 9); +- +-exit if ($SKIP_SPAMD_TESTS || !$SSL_AVAILABLE); +- +-# --------------------------------------------------------------------------- +- +-%patterns = ( +- +-q{ Return-Path: sb55s...@yahoo.com}, 'firstline', +-q{ Subject: There yours for FREE!}, 'subj', +-q{ X-Spam-Status: Yes, score=}, 'status', +-q{ X-Spam-Flag: YES}, 'flag', +-q{ X-Spam-Level: **********}, 'stars', +-q{ TEST_ENDSNUMS}, 'endsinnums', +-q{ TEST_NOREALNAME}, 'noreal', +-q{ This must be the very last line}, 'lastline', +- +- +-); +- +-ok (sdrun ("-L --ssl --ssl-version=sslv3 --server-key data/etc/testhost.key --server-cert data/etc/testhost.cert", +- "--ssl=sslv3 < data/spam/001", +- \&patterns_run_cb)); +-ok_all_patterns(); +Index: spamassassin-3.4.1/t/spamd_ssl_accept_fail.t +=================================================================== +--- spamassassin-3.4.1.orig/t/spamd_ssl_accept_fail.t ++++ spamassassin-3.4.1/t/spamd_ssl_accept_fail.t +@@ -23,9 +23,9 @@ q{ This must be the very last line}, 'la + + ); + +-ok (start_spamd ("-L --ssl --ssl-version=sslv3 --server-key data/etc/testhost.key --server-cert data/etc/testhost.cert")); ++ok (start_spamd ("-L --ssl --server-key data/etc/testhost.key --server-cert data/etc/testhost.cert")); + ok (spamcrun ("< data/spam/001", \&patterns_run_cb)); +-ok (spamcrun ("--ssl=sslv3 < data/spam/001", \&patterns_run_cb)); ++ok (spamcrun ("--ssl < data/spam/001", \&patterns_run_cb)); + ok (stop_spamd ()); + + ok_all_patterns(); +Index: spamassassin-3.4.1/t/spamd_ssl.t +=================================================================== +--- spamassassin-3.4.1.orig/t/spamd_ssl.t ++++ spamassassin-3.4.1/t/spamd_ssl.t +@@ -2,10 +2,7 @@ + + use lib '.'; use lib 't'; + use SATest; sa_t_init("spamd_ssl"); +-use Test; plan tests => (($SKIP_SPAMD_TESTS || !$SSL_AVAILABLE) ? 0 : 9), +- onfail => sub { +- warn "\n\nNote: This may not be a SpamAssassin bug, as some platforms require that you" . +- "\nspecify a protocol in spamc --ssl option, and possibly in spamd --ssl-version.\n\n" }; ++use Test; plan tests => (($SKIP_SPAMD_TESTS || !$SSL_AVAILABLE) ? 0 : 9); + + exit if ($SKIP_SPAMD_TESTS || !$SSL_AVAILABLE); + +Index: spamassassin-3.4.1/MANIFEST +=================================================================== +--- spamassassin-3.4.1.orig/MANIFEST ++++ spamassassin-3.4.1/MANIFEST +@@ -511,8 +511,6 @@ t/spamd_report_ifspam.t + t/spamd_sql_prefs.t + t/spamd_ssl.t + t/spamd_ssl_accept_fail.t +-t/spamd_ssl_tls.t +-t/spamd_ssl_v3.t + t/spamd_stop.t + t/spamd_symbols.t + t/spamd_syslog.t Copied: spamassassin/repos/staging-x86_64/net-dns-1.01-compat-uribl.patch (from rev 290502, spamassassin/trunk/net-dns-1.01-compat-uribl.patch) =================================================================== --- staging-x86_64/net-dns-1.01-compat-uribl.patch (rev 0) +++ staging-x86_64/net-dns-1.01-compat-uribl.patch 2017-03-10 15:42:28 UTC (rev 290503) @@ -0,0 +1,27 @@ +--- spamassassin/branches/3.4/lib/Mail/SpamAssassin/Plugin/URIDNSBL.pm 2015/04/28 20:36:05 1676616 ++++ spamassassin/branches/3.4/lib/Mail/SpamAssassin/Plugin/URIDNSBL.pm 2015/08/04 23:16:38 1694126 +@@ -942,9 +942,8 @@ + next unless (defined($str) && defined($dom)); + dbg("uridnsbl: got($j) NS for $dom: $str"); + +- if ($str =~ /IN\s+NS\s+(\S+)/) { +- my $nsmatch = lc $1; +- $nsmatch =~ s/\.$//; ++ if ($rr->type eq 'NS') { ++ my $nsmatch = lc $rr->nsdname; # available since at least Net::DNS 0.14 + my $nsrhblstr = $nsmatch; + my $fullnsrhblstr = $nsmatch; + +@@ -1025,9 +1024,9 @@ + } + dbg("uridnsbl: complete_a_lookup got(%d) A for %s: %s", $j,$hname,$str); + +- local $1; +- if ($str =~ /IN\s+A\s+(\S+)/) { +- $self->lookup_dnsbl_for_ip($pms, $ent->{obj}, $1); ++ if ($rr->type eq 'A') { ++ my $ip_address = $rr->rdatastr; ++ $self->lookup_dnsbl_for_ip($pms, $ent->{obj}, $ip_address); + } + } + } Copied: spamassassin/repos/staging-x86_64/net-dns-1.01-compat.patch (from rev 290502, spamassassin/trunk/net-dns-1.01-compat.patch) =================================================================== --- staging-x86_64/net-dns-1.01-compat.patch (rev 0) +++ staging-x86_64/net-dns-1.01-compat.patch 2017-03-10 15:42:28 UTC (rev 290503) @@ -0,0 +1,14 @@ +https://bz.apache.org/SpamAssassin/show_bug.cgi?id=7223 + +--- spamassassin/branches/3.4/lib/Mail/SpamAssassin/DnsResolver.pm 2015/07/20 18:23:18 1691991 ++++ spamassassin/branches/3.4/lib/Mail/SpamAssassin/DnsResolver.pm 2015/07/20 18:24:48 1691992 +@@ -592,6 +592,9 @@ + }; + + if ($packet) { ++ # RD flag needs to be set explicitly since Net::DNS 1.01, Bug 7223 ++ $packet->header->rd(1); ++ + # my $udp_payload_size = $self->{res}->udppacketsize; + my $udp_payload_size = $self->{conf}->{dns_options}->{edns}; + if ($udp_payload_size && $udp_payload_size > 512) { Copied: spamassassin/repos/staging-x86_64/spamassassin.install (from rev 290502, spamassassin/trunk/spamassassin.install) =================================================================== --- staging-x86_64/spamassassin.install (rev 0) +++ staging-x86_64/spamassassin.install 2017-03-10 15:42:28 UTC (rev 290503) @@ -0,0 +1,32 @@ +setup_user() { + getent group spamd &>/dev/null || groupadd -g 182 spamd >/dev/null + getent passwd spamd &>/dev/null || useradd -u 182 -d /var/lib/spamassassin -g spamd -s /bin/false spamd >/dev/null + + if [[ -d /var/lib/spamassassin ]]; then + chown spamd:spamd /var/lib/spamassassin + fi + + true +} + +post_install() { + echo "You must run 'sa-update' to install spam rules before use." + setup_user +} + +post_upgrade() { + setup_user + if [ "$(vercmp $2 3.4)" -lt 0 ]; then + echo '/var/lib/spamassassin is now owned by the spamd user. spamassassin.service' + echo 'will also run under that user. You may need to adjust your setup.' + fi + + # Compile rules, if rules have previously been compiled, and it's possible + if type re2c &>/dev/null && type sa-compile &>/dev/null && [[ -d /var/lib/spamassassin/compiled ]]; then + echo "Detected compiled rules, running sa-compile..." + sa-compile > /dev/null 2>&1 + fi + + true +} + Copied: spamassassin/repos/staging-x86_64/spamassassin.service (from rev 290502, spamassassin/trunk/spamassassin.service) =================================================================== --- staging-x86_64/spamassassin.service (rev 0) +++ staging-x86_64/spamassassin.service 2017-03-10 15:42:28 UTC (rev 290503) @@ -0,0 +1,12 @@ +[Unit] +Description=Spamassassin daemon +After=syslog.target network.target + +[Service] +ExecStart=/usr/bin/vendor_perl/spamd -x -u spamd -g spamd +StandardOutput=null +StandardError=null +Restart=always + +[Install] +WantedBy=multi-user.target