Importing F-PROT Antivirus for mailservers.

F-PROT Antivirus is commercial product of FRISK Software International Inc.

6 files changed, 233 insertions, 0 deletions

diff --git a/security/f-prot-antivirus6-ms-bin/DESCR b/security/f-prot-antivirus6-ms-bin/DESCR
new file mode 100644
index 00000000000..216952ecb86
--- /dev/null
+++ b/security/f-prot-antivirus6-ms-bin/DESCR
@@ -0,0 +1,7 @@
+F-PROT Antivirus for mail servers is a product of FRISK Software
+International Inc.
+
+F-PROT Antivirus for BSD was especially developed to effectively eradicate
+viruses threatening workstations running FreeBSD, NetBSD, or OpenBSD.  It
+provides full protection against macro viruses and other forms of malicious
+software - including Trojans.
diff --git a/security/f-prot-antivirus6-ms-bin/Makefile b/security/f-prot-antivirus6-ms-bin/Makefile
new file mode 100644
index 00000000000..ff02749e2e4
--- /dev/null
+++ b/security/f-prot-antivirus6-ms-bin/Makefile
@@ -0,0 +1,57 @@
+# $NetBSD: Makefile,v 1.1.1.1 2009/09/22 17:41:07 taca Exp $
+#
+DISTNAME=		${FP_DISTNAME}
+CATEGORIES=		security
+
+MAINTAINER=		taca@NetBSD.org
+HOMEPAGE=		http://www.f-prot.com/products/corporate_users/unix/
+COMMENT=		F-PROT antivirus for Mail Servers
+
+PKG_DESTDIR_SUPPORT=	user-destdir
+USE_TOOLS+=		pax perl:run
+
+FP_TYPE=		ms
+
+RCD_SCRIPTS=		fpscand scanmail
+
+BUILD_DEFS+=		VARBASE
+
+VARDIR=			${VARBASE}/f-prot
+
+OWN_DIRS_PERMS+=	${VARDIR} ${BINOWN} ${BINGRP} 0751 \
+			${VARDIR}/backup ${BINOWN} ${BINGRP} 0700 \
+			${VARDIR}/tmp ${BINOWN} ${BINGRP} 0700 \
+
+FILES_SUBST+=		VARDIR=${VARDIR}
+PLIST_SUBST+=		VARDIR=${VARDIR}
+
+REPLACE_PERL+=		mailtools/scan-mail.pl
+
+SUBST_CLASSES+=		paths
+SUBST_MESSAGE.paths=	Configuring default paths.
+SUBST_STAGE.paths=	pre-install
+SUBST_SED.paths=	${FILES_SUBST_SED}
+SUBST_FILES.paths+=	mailtools/scan-mail.pl
+
+INSTALLATION_DIRS=	bin ${PKGMANDIR}/man1 ${PKGMANDIR}/man5 \
+			${PKGMANDIR}/man8 sbin ${DATADIR} ${DOCDIR}/html \
+			${EGDIR} ${FPROTDIR} ${PERL5_SUB_INSTALLVENDORLIB}
+
+do-install: install-common install-fpscand install-ms
+
+install-ms:
+	${INSTALL_SCRIPT} ${WRKSRC}/mailtools/scan-mail.pl \
+		${DESTDIR}${PREFIX}/${FPROTDIR}
+	${CHMOD} 0750  ${DESTDIR}${PREFIX}/${FPROTDIR}/scan-mail.pl
+	cd ${WRKSRC}/mailtools; \
+		${INSTALL_PROGRAM} fp-milter fp-qmail \
+			${DESTDIR}${PREFIX}/${FPROTDIR}
+	cd ${WRKSRC}/doc/man/; \
+		${INSTALL_MAN} scan-mail.pl.8 fp-milter.8 fp-qmail.8 \
+			${DESTDIR}${PREFIX}/${PKGMANDIR}/man8
+	${FIND} ${WRKSRC}/perl -type f -exec ${CHMOD} 0444 {} \; \
+			-name '*.orig' -exec rm -f {} \;
+	cd ${WRKSRC}/perl/lib; pax -rw . ${DESTDIR}${PERL5_INSTALLVENDORLIB}
+
+.include "../../security/f-prot-antivirus6/Makefile.common"
+.include "../../mk/bsd.pkg.mk"
diff --git a/security/f-prot-antivirus6-ms-bin/distinfo b/security/f-prot-antivirus6-ms-bin/distinfo
new file mode 100644
index 00000000000..e2bbf5bbab7
--- /dev/null
+++ b/security/f-prot-antivirus6-ms-bin/distinfo
@@ -0,0 +1,4 @@
+$NetBSD: distinfo,v 1.1.1.1 2009/09/22 17:41:07 taca Exp $
+
+SHA1 (patch-aa) = bf94f9d3ce9d714cbf6386e855eb383ecc04027d
+SHA1 (patch-ab) = 60f226d61487115eba5ffb7bb3bb2d3c75fca1c9
diff --git a/security/f-prot-antivirus6-ms-bin/files/scanmail.sh b/security/f-prot-antivirus6-ms-bin/files/scanmail.sh
new file mode 100644
index 00000000000..3792e887f35
--- /dev/null
+++ b/security/f-prot-antivirus6-ms-bin/files/scanmail.sh
@@ -0,0 +1,29 @@
+#!@RCD_SCRIPTS_SHELL@
+# $NetBSD: scanmail.sh,v 1.1.1.1 2009/09/22 17:41:07 taca Exp $
+
+# PROVIDE: scanmail
+# REQUIRE: fpscand
+# BEFORE: mail
+
+. /etc/rc.subr
+
+name="scanmail"
+rcvar=$name
+command="@PREFIX@/@FPROTDIR@/scan-mail.pl"
+command_interpreter="@PREFIX@/bin/perl"
+pidfile="@VARDIR@/scan-mail.pid"
+datadir="@VARDIR@"
+required_files="${command}"
+command_args="--daemon"
+user="@FPROT_USER@"
+start_cmd="scanmail_start"
+
+scanmail_start()
+{
+	if [ -x ${command} ]; then
+		su ${user} -c "${command} ${command_args} ${rc_flags}"
+	fi
+}
+
+load_rc_config $name
+run_rc_command "$1"
diff --git a/security/f-prot-antivirus6-ms-bin/patches/patch-aa b/security/f-prot-antivirus6-ms-bin/patches/patch-aa
new file mode 100644
index 00000000000..45ec67fcf24
--- /dev/null
+++ b/security/f-prot-antivirus6-ms-bin/patches/patch-aa
@@ -0,0 +1,123 @@
+$NetBSD: patch-aa,v 1.1.1.1 2009/09/22 17:41:07 taca Exp $
+
+--- mailtools/scan-mail.pl.orig	2008-01-19 23:53:47.000000000 +0900
++++ mailtools/scan-mail.pl
+@@ -81,11 +81,6 @@
+ 
+ use strict;
+ 
+-# scan-mail.pl is in mailtools/scan-mail.pl, add mailtools/Anomy/bin
+-# to @INC to find Anomy::
+-use FindBin '$Bin';
+-use lib "$Bin/../perl/lib";
+-
+ use Socket;
+ use Anomy::Sanitizer ();
+ use Anomy::Sanitizer::FProt::Client ();
+@@ -130,7 +125,7 @@ my @CONFIG_HARD = (
+ 
+ my %CONFIG_SOFT = (
+ 	# unknown=='check next rule'
+-	SCANMAIL_SCANLIST => ['file_list_1=.*','file_list_1_policy=unknown:unknown:drop:drop', 'file_list_1_scanner = 0:1:2:builtin/fpscand %FILENAME'],
++	SCANMAIL_SCANLIST => ['file_list_1=.*','file_list_1_policy=unknown:unknown:drop:unknown', 'file_list_1_scanner = 0:1:2:builtin/fpscand %FILENAME'],
+ 	SCANMAIL_BANLIST  => ['file_list_2 =','file_list_2_policy=drop', 'file_list_2_scanner=0'],
+ 	SCANMAIL_STOPLIST => ['file_list_3 =','file_list_3_policy=save', 'file_list_3_scanner=0']
+ );
+@@ -201,6 +196,7 @@ if (my $val = $conf->{SCANMAIL_LOGLEVEL}
+ # script, this is fugly
+ #
+ 
++my $datadir = "@VARDIR@";
+ my $debug           = 0;
+ my $verbose         = 0;
+ my $quarantine      = 0;
+@@ -210,7 +206,7 @@ my $milter_cf       = '/etc/mail/sendmai
+ my $milter_conn     = undef;
+ my $milter_name     = 'fp-milter';
+ my $milter_pid      = undef;
+-my $fprot_milter    = "$Bin/../mailtools/fp-milter";
++my $fprot_milter    = "@FPROTDIR@/fp-milter";
+ my $postfix         = 0;
+ my $postfix_ret     = undef;
+ my $server          = 0;
+@@ -219,7 +215,8 @@ my $proxy           = 0;
+ my $proxy_addr      = '0.0.0.0:25';
+ my $smtp_addr       = '127.0.0.1:26';
+ my $backup          = 0;
+-my $backup_location = "$Bin/../backup/";
++my $backup_location = "$datadir/backup/";
++my $pid_file	    = "$datadir/scan-mail.pid";
+ 
+ # use this for really complex configuration of
+ # scan-mail. /etc/f-prot.conf should take care of the simple things
+@@ -239,7 +236,7 @@ if (my $val = $conf->{SCANMAIL_DROP_MALW
+ # The temporary dir to use for files that are scanned and tmp data
+ # produced elsewhere (via tmpfile) in the program
+ my $TMPDIR = do {
+-    my $tmp = '/tmp'; # default
++    my $tmp = '/var/tmp'; # default
+ 
+     if ($ENV{TMPDIR} and $ENV{TMPDIR} ne $tmp) {
+         $tmp = $ENV{TMPDIR};
+@@ -441,9 +438,10 @@ if ($daemon)
+     defined(my $pid = fork)    or die "Can't fork: $!";
+     exit if $pid;
+     setsid                     or die "Can't start a new session: $!";
+-    open PID_FILE, '>/var/run/scan-mail.pid' or die "Can't open pid file: $!";
+-    print PID_FILE $$;
++    open PID_FILE, ">$pid_file" or die "Can't open pid file: $!";
++    print PID_FILE "$$\n";
+     close PID_FILE;
++    $SIG{'TERM'} = $SIG{'HUP'} = \&clean_up;
+     open STDERR, '>&STDOUT'    or die "Can't dup stdout: $!";
+ }
+ 
+@@ -602,6 +600,12 @@ else
+ 
+ ##[ Subroutines ]##############################################################
+ 
++sub clean_up
++{
++    unlink($pid_file);
++    exit(0);
++}
++
+ # proxy address, smtp address
+ sub run_smtp_proxy
+ {
+@@ -1020,7 +1024,7 @@ sub do_scan
+         my $subdir = "/".$m.$d."/";
+         unless (-d $backup_location)
+         {
+-            unless (mkdir($backup_location,1777))
++            unless (mkdir($backup_location,1777) or $!{'EEXIST'})
+             {
+                 my $err = "Unable to create backup basedir $backup_location: $!";
+                 syslog err => $err;
+@@ -1032,7 +1036,7 @@ sub do_scan
+ 
+         unless(-d $pathto)
+         {
+-              unless (mkdir($pathto,1777))
++	    unless (mkdir($pathto,1777) or $!{'EEXIST'})
+             {
+                 my $err = "Unable to create backup subdir $pathto: $!";
+                 syslog err => $err;
+@@ -1080,7 +1084,16 @@ sub do_scan
+ 	}
+ 
+         # Try to delete the directory. Will fail unless it's empty.
+-        rmdir($pathto);
++        # rmdir($pathto);
++	#
++	# But it cause some race, keep the directory and remove it by
++	# another script using find command or execute same functionality
++	# in this script.
++	#
++	# #!/bin/sh
++	# cd $backup_location
++	# find . -type d -name '[0-1]*' -mtime +7 rmdir {} \; >/dev/null 2>&1
++	#
+     }
+     else
+     {
diff --git a/security/f-prot-antivirus6-ms-bin/patches/patch-ab b/security/f-prot-antivirus6-ms-bin/patches/patch-ab
new file mode 100644
index 00000000000..53c3618cbe7
--- /dev/null
+++ b/security/f-prot-antivirus6-ms-bin/patches/patch-ab
@@ -0,0 +1,13 @@
+$NetBSD: patch-ab,v 1.1.1.1 2009/09/22 17:41:07 taca Exp $
+
+--- perl/lib/Anomy/Sanitizer.pm.orig	2008-01-19 23:53:47.000000000 +0900
++++ perl/lib/Anomy/Sanitizer.pm
+@@ -189,7 +189,7 @@ my $default_config = 
+     # So if you are using random directory hashing make sure to create 
+     # all the directories ahead of time!
+     #
+-    "file_name_tpl" => '/tmp/att-$T-$$$-$F',
++    "file_name_tpl" => '/var/tmp/att-$T-$$$-$F',
+ 
+     # How many rules are available?
+     "file_list_rules" => 15,