Martijn van Duren <[email protected]> wrote:
> Hello ports,
>
> There's a couple of things that kirill and I want to get into
> filter-dkimsign before making a new release. Since tmppath removal is
> getting closer, here's a temporary ports-diff to bridge the time until
> the next dkimsign release.
>
> OK?
looks fine to me, ok op@
> diff refs/heads/master refs/heads/filter-dkimsign/tmppath
> commit - 4fe5fa7a9635f108a166dc9120be0dab90a954a2
> commit + ead1452e6b419441505b850eee02d2f28c88f718
> blob - 208a3260834da2c84c405756cdf6d544808ef711
> blob + fff49edd3c6f19c60b5acf6f453253192e3221cd
> --- mail/opensmtpd-filters/dkimsign/Makefile
> +++ mail/opensmtpd-filters/dkimsign/Makefile
> @@ -1,6 +1,7 @@
> COMMENT= dkim signer integration to the OpenSMTPD daemon
>
> V= 0.6
> +REVISION= 0
> FILTER_NAME = dkimsign
> DISTNAME = filter-dkimsign-${V}
>
> blob - /dev/null
> blob + 27acde3ad9d236fd27ed99b84f675cc28bdc6664 (mode 644)
> --- /dev/null
> +++ mail/opensmtpd-filters/dkimsign/patches/patch-main_c
> @@ -0,0 +1,22 @@
> +Index: main.c
> +--- main.c.orig
> ++++ main.c
> +@@ -22,6 +22,7 @@
> + #include <errno.h>
> + #include <fcntl.h>
> + #include <limits.h>
> ++#include <paths.h>
> + #include <stdio.h>
> + #include <stdlib.h>
> + #include <string.h>
> +@@ -220,7 +221,9 @@ main(int argc, char *argv[])
> +
> + OpenSSL_add_all_digests();
> +
> +- if (pledge("tmppath stdio", NULL) == -1)
> ++ if (unveil(_PATH_TMP, "rwc") == -1)
> ++ osmtpd_err(1, "unveil");
> ++ if (pledge("stdio rpath wpath cpath", NULL) == -1)
> + osmtpd_err(1, "pledge");
> +
> + if ((hash_md = EVP_get_digestbyname(hashalg)) == NULL)
