NetBSD Problem Report #55725

From www@netbsd.org  Tue Oct 13 07:07:55 2020
Return-Path: <www@netbsd.org>
Received: from mail.netbsd.org (mail.netbsd.org [199.233.217.200])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(Client CN "mail.NetBSD.org", Issuer "mail.NetBSD.org CA" (not verified))
	by mollari.NetBSD.org (Postfix) with ESMTPS id 321D51A921F
	for <gnats-bugs@gnats.NetBSD.org>; Tue, 13 Oct 2020 07:07:55 +0000 (UTC)
Message-Id: <20201013070754.28C521A9246@mollari.NetBSD.org>
Date: Tue, 13 Oct 2020 07:07:54 +0000 (UTC)
From: sunil@nimmagadda.net
Reply-To: sunil@nimmagadda.net
To: gnats-bugs@NetBSD.org
Subject: postscreen(8): Add support for blocklistd(8)
X-Send-Pr-Version: www-1.0

>Number:         55725
>Category:       bin
>Synopsis:       postscreen(8): Add support for blocklistd(8)
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    christos
>State:          open
>Class:          change-request
>Submitter-Id:   net
>Arrival-Date:   Tue Oct 13 07:10:00 +0000 2020
>Last-Modified:  Mon Oct 26 13:31:35 +0000 2020
>Originator:     Sunil Nimmagadda
>Release:        current
>Organization:
>Environment:
NetBSD x230.nimmagadda.net 9.99.73 NetBSD 9.99.73 (GENERIC) #0: Thu Oct  8 16:00:09 UTC 2020  mkrepro@mkrepro.NetBSD.org:/usr/src/sys/arch/amd64/compile/GENERIC amd64
>Description:
postscreen(8) when enabled gets to decide which clients are legitimate and drops illegitimate traffic. This diff extends blocklistd(8) support to postscreen(8). It reuses pfilter.[ch] between smtpd(8) and postscreen(8) by moving it to the common util library.
>How-To-Repeat:

>Fix:
diff --git a/external/ibm-public/postfix/dist/src/postscreen/postscreen_misc.c b/external/ibm-public/postfix/dist/src/postscreen/postscreen_misc.c
--- a/external/ibm-public/postfix/dist/src/postscreen/postscreen_misc.c
+++ b/external/ibm-public/postfix/dist/src/postscreen/postscreen_misc.c
@@ -71,6 +71,8 @@

 #include <postscreen.h>

+#include "pfilter.h"
+
 /* psc_format_delta_time - pretty-formatted delta time */

 char   *psc_format_delta_time(VSTRING *buf, struct timeval tv,
@@ -139,6 +141,7 @@
 	if ((state->flags & PSC_STATE_FLAG_HANGUP) == 0)
 	    (void) PSC_SEND_REPLY(state, state->final_reply);
 	msg_info("DISCONNECT [%s]:%s", PSC_CLIENT_ADDR_PORT(state));
+	pfilter_notify(1, vstream_fileno(state->smtp_client_stream));
 	psc_free_session_state(state);
     }
 }
diff --git a/external/ibm-public/postfix/dist/src/smtpd/pfilter.c b/external/ibm-public/postfix/dist/src/util/pfilter.c
rename from external/ibm-public/postfix/dist/src/smtpd/pfilter.c
rename to external/ibm-public/postfix/dist/src/util/pfilter.c
diff --git a/external/ibm-public/postfix/dist/src/smtpd/pfilter.h b/external/ibm-public/postfix/dist/src/util/pfilter.h
rename from external/ibm-public/postfix/dist/src/smtpd/pfilter.h
rename to external/ibm-public/postfix/dist/src/util/pfilter.h
diff --git a/external/ibm-public/postfix/lib/util/Makefile b/external/ibm-public/postfix/lib/util/Makefile
--- a/external/ibm-public/postfix/lib/util/Makefile
+++ b/external/ibm-public/postfix/lib/util/Makefile
@@ -149,6 +149,7 @@
 pass_trigger.c \
 peekfd.c \
 percentm.c \
+pfilter.c \
 poll_fd.c \
 posix_signals.c \
 printable.c \
@@ -223,4 +224,7 @@
 COPTS.unix_recv_fd.c = -Wno-stack-protector
 COPTS.unix_send_fd.c = -Wno-stack-protector

+DPADD+=	${LIBBLOCKLIST}
+LDADD+=	-lblocklist
+
 .include <bsd.lib.mk>
diff --git a/external/ibm-public/postfix/libexec/postscreen/Makefile b/external/ibm-public/postfix/libexec/postscreen/Makefile
--- a/external/ibm-public/postfix/libexec/postscreen/Makefile
+++ b/external/ibm-public/postfix/libexec/postscreen/Makefile
@@ -21,4 +21,7 @@
 DPADD+= ${LIBPTLS} ${LIBSSL} ${LIBCRYPTO}
 LDADD+= ${LIBPTLS} -lssl -lcrypto

+DPADD+=	${LIBBLOCKLIST}
+LDADD+=	-lblocklist
+
 .include <bsd.prog.mk>
diff --git a/external/ibm-public/postfix/libexec/smtpd/Makefile b/external/ibm-public/postfix/libexec/smtpd/Makefile
--- a/external/ibm-public/postfix/libexec/smtpd/Makefile
+++ b/external/ibm-public/postfix/libexec/smtpd/Makefile
@@ -11,7 +11,6 @@
 .PATH:	${DIST}

 SRCS+= \
-pfilter.c \
 smtpd.c \
 smtpd_chat.c \
 smtpd_check.c \

>Release-Note:

>Audit-Trail:

Responsible-Changed-From-To: bin-bug-people->christos
Responsible-Changed-By: tnn@NetBSD.org
Responsible-Changed-When: Mon, 26 Oct 2020 13:31:35 +0000
Responsible-Changed-Why:
over to postfix and blocklistd maintainer


>Unformatted:

NetBSD Home
NetBSD PR Database Search

(Contact us) $NetBSD: query-full-pr,v 1.46 2020/01/03 16:35:01 leot Exp $
$NetBSD: gnats_config.sh,v 1.9 2014/08/02 14:16:04 spz Exp $
Copyright © 1994-2020 The NetBSD Foundation, Inc. ALL RIGHTS RESERVED.