[rpms/postsrsd] epel10: Merge branch 'f44' into epel10

[David Beveridge <dave@bevhost.com>]

A new commit has been pushed.

Repo   : rpms/postsrsd
Branch : epel10
Commit : 87238f1b81c7a7ba687f85aec6a25db3dc4df6da
Author : David Beveridge <dave@bevhost.com>
Date   : 2026-06-07T05:57:35+10:00
Stats  : +254/-36 in 5 file(s)
URL    : https://src.fedoraproject.org/rpms/postsrsd/c/87238f1b81c7a7ba687f85aec6a25db3dc4df6da?branch=epel10

Log:
Merge branch 'f44' into epel10

---
diff --git a/postsrsd.conf b/postsrsd.conf
new file mode 100644
index 0000000..a112c4c
--- /dev/null
+++ b/postsrsd.conf
@@ -0,0 +1,189 @@
+# PostSRSd example configuration file
+# Copyright 2022-2023 Timo Röhling
+# SPDX-License-Identifier: FSFUL
+#
+# The copyright holder gives unlimited permission to copy, distribute and modify
+# this file.
+
+# Local domains
+# Your local domains need not be rewritten, so PostSRSd has to know about them.
+#
+# Example:
+#     domains = { "example.com", "example.org", "example.net" }
+#
+#domains = {}
+
+# Local domains (file storage)
+# Instead of listing your local domains directly, you can also write them to a
+# file and have PostSRSd read it. This is particularly useful if you have a
+# large number of domains for which you need to act as mail forwarder. PostSRSd
+# reads this file before it chroots and drops root privileges. The file format
+# is one domain per line.
+#
+# Example:
+#     domains-file = "/etc/postsrsd.domains"
+#
+domains-file = "/etc/postsrsd.domains"
+
+# Dedicated SRS rewrite domain.
+# The local domain which is used to create the ephemeral SRS envelope
+# addresses. It is recommended that you use a dedicated mail domain for SRS if
+# you serve multiple unrelated domains (e.g. for your customers), to prevent
+# privacy issues. If unset, the first configured local domain is used.
+#
+# Example:
+#     srs-domain = "srs.example.com"
+#
+#srs-domain =
+
+# Socketmap lookup table for Postfix integration.
+# Traditionally, PostSRSd interacts with Postfix through the canonicalization
+# lookup tables of the cleanup daemon. If you use a unix socket, be aware that
+# most Postfix instances will jail their cleanup daemon in a /var/spool/postfix
+# chroot, so no other path will be visible to them. Unix sockets are created
+# before PostSRSd chroots and drops root privileges.
+#
+# Examples:
+#     socketmap = unix:/var/spool/postfix/srs
+#     socketmap = inet:localhost:10003
+#
+socketmap = unix:/var/spool/postfix/srs
+
+# Socketmap connection keep-alive timeout.
+# After PostSRSd has served a socketmap request, it will keep the connection
+# open for a while longer, in case Postfix has additional queries. PostSRSd
+# will close the connection after the configured time (in seconds) has expired.
+#
+# Examples:
+#     keep-alive = 30
+#
+keep-alive = 30
+
+# Milter endpoint for MTA integration.
+# PostSRSd can act as a milter to rewrite envelope addresses if it has been
+# built with milter support. Unix sockets are created before PostSRSd chroots
+# and drops root privileges.
+#
+# Examples:
+#     milter = unix:/var/spool/postfix/srs_milter
+#     milter = inet:localhost:9997
+#
+#milter =
+
+# Original envelope sender handling.
+# When the envelope sender is rewritten, the original address can either be
+# embedded in the rewritten address, or stored in a local database. Embedding
+# makes PostSRSd work fully stateless, but the full sender address needs to fit
+# into the localpart of the embedded address, effectively limiting the length
+# of forwardable sender addresses to 51 octets. Storing the sender address in a
+# database circumvents this problem, but makes PostSRSd vulnerable to an
+# attacker sending vast amounts of emails with fake sender addresses, all of
+# which need to be stored in the database.
+#
+# If you are unsure which option suits your use-case best, the vast majority of
+# mail addresses will be relatively short, so you should pick "embedded".
+#
+# Examples:
+#     original-envelope = embedded
+#     original-envelope = database
+#
+original-envelope = embedded
+
+# Database for envelope sender storage.
+# If you decide to store envelope senders in a database, this database will be
+# used. The option is ignored if original-envelope is set to "embedded". Also
+# note that PostSRSd needs to be built with SQLite or Redis support for this.
+#
+# PostSRSd reads this database after it chroots and drops root privileges, so
+# the actual filename is the chroot directory joined with this filename.
+#
+# Examples:
+#     envelope-database = "sqlite:./senders.db"
+#     envelope-database = "redis:localhost:6379"
+#
+#envelope-database = "sqlite:./senders.db"
+
+# Secret keys for signing and verifying SRS addresses.
+# Rewritten addresses are tagged with a truncated HMAC-SHA1 signature, to
+# prevent tampering and forged envelope addresses. You can have more than
+# one signing secret; each line of the secrets file is considered one secret
+# key. If an incoming signature matches any key, it is accepted. Outgoing
+# signatures will always be generated with the first configured secret.
+#
+# For security reasons, you should also make sure that the file is owned and
+# only accessible by root (chmod 600). PostSRSd reads this file before it
+# chroots and drops root privileges.
+#
+# Example:
+#     secrets-file = "/etc/postsrsd.secret"
+#
+secrets-file = "/etc/postsrsd.secret"
+
+# SRS tag separator
+# This is the character following the initial SRS0 or SRS1 tag of a generated
+# sender address. Valid separators are "=", "+", and "-". Unless you have a
+# very good reason, you should leave this setting at its default.
+#
+separator = "="
+
+# SRS hash signature length
+# Any SRS address will be signed with a truncated hash to prevent tampering and
+# ensure that only legitimate email bounces will be returned to sender. The
+# default length provides adequate security without taking up too much valuable
+# space. Unless you know what you are doing, you should leave this setting at
+# its default.
+#
+# WARNING: You can break your mail server (or worse, turn it into a spam relay)
+# if you mess up this setting.
+#
+hash-length = 4
+
+# SRS minimum acceptable hash signature length
+# This is the mininum signature length that PostSRSd considers valid. It is a
+# separate setting because if you decide to increase the hash length, you may
+# want to keep accepting the shorter hashes for a 24 hour grace period. Again,
+# Unless you know what you are doing, you should leave this setting at its
+# default.
+#
+# WARNING: You can break your mail server (or worse, turn it into a spam relay)
+# if you mess up this setting.
+#
+hash-minimum = 4
+
+# Always rewrite sender addresses
+# You can force PostSRSd to rewrite any sender address, even if it has been
+# rewritten already. You probably do not want to do this, though.
+#
+always-rewrite = off
+
+# Execute PostSRSd as unprivileged user
+# Drop root privileges and run as this user before entering the main loop and
+# handling untrusted input. To prevent PostSRSd from changing users, set this to
+# the empty string.
+#
+# Example:
+#     unprivileged-user = "nobody"
+#
+unprivileged-user = "nobody"
+
+# Execute PostSRSd in chroot jail
+# PostSRSd will jail itself in the given directory, which adds an additional
+# layer of protection against the exploitation of security bugs in PostSRSd. To
+# prevent PostSRSd from chrooting, set this to the empty string.
+#
+# Example:
+#     chroot-dir = "/var/lib/postsrsd"
+#
+chroot-dir = "/var/lib/postsrsd"
+
+# Syslog
+# PostSRSd writes log messages to stderr. If you enable this option, PostSRSd
+# will also send all messages to the syslog mail facility.
+#
+syslog = off
+
+# Debug
+# This option makes PostSRSd more verbose in its logging, which can be useful
+# to hunt down configuration problems.
+#
+debug = off

diff --git a/postsrsd.pp b/postsrsd.pp
new file mode 100644
index 0000000..c4d81dd
Binary files /dev/null and b/postsrsd.pp differ

diff --git a/postsrsd.spec b/postsrsd.spec
index 25e5335..ad4f97d 100644
--- a/postsrsd.spec
+++ b/postsrsd.spec
@@ -1,28 +1,33 @@
-%global build_options -DGENERATE_SRS_SECRET=OFF -DUSE_SELINUX=ON -DINIT_FLAVOR=systemd
+%global build_options -DFETCHCONTENT_TRY_FIND_PACKAGE_MODE=ALWAYS -DFETCHCONTENT_FULLY_DISCONNECTED=ON -DTESTS_WITH_ASAN=OFF
 
 %undefine __cmake_in_source_build
 
 Name:           postsrsd
-Version:        1.12
-Release:        3%{?dist}
+Version:        2.0.11
+Release:        1%{?dist}
 Summary:        Sender Rewriting Scheme (SRS) provider
 
-License:        GPLv2+
+License:        GPL-3.0-only BSD-3-Clause FSFAP FSFUL
 URL:            https://github.com/roehling/postsrsd
 Source0:        https://github.com/roehling/%{name}/archive/%{version}/%{name}-%{version}.tar.gz
+Source1:	postsrsd.conf
+Source2:        postsrsd.pp
 
-BuildRequires: make
+Requires:	libconfuse
+BuildRequires:     make
 BuildRequires:     cmake
 BuildRequires:     gcc
 BuildRequires:     help2man
 BuildRequires:     selinux-policy-devel
+BuildRequires:     libconfuse-devel
+BuildRequires:     check-devel
+BuildRequires:     libasan
 %{?systemd_requires}
 BuildRequires:     systemd
 Requires(post):    policycoreutils
 Requires(preun):   policycoreutils
 Requires(postun):  policycoreutils
 
-
 %description
 PostSRSd provides the Sender Rewriting Scheme (SRS) via TCP-based lookup tables for Postfix.
 SRS is needed if your mail server acts as forwarder.
@@ -30,55 +35,43 @@ SRS is needed if your mail server acts as forwarder.
 
 %prep
 %autosetup -n %{name}-%{version}
-%if (0%{?rhel} && 0%{?rhel} < 8)
-mkdir build
-cd build && %cmake .. %build_options
-%else
 %cmake %build_options
-%endif
 
 
 %build
-%if (0%{?rhel} && 0%{?rhel} < 8)
-%make_build -C build
-%else
 %cmake_build
-%endif
-
+%ctest
 
 %install
-%if (0%{?rhel} && 0%{?rhel} < 8)
-%make_install -C build
-%else
 %cmake_install
-%endif
+
+install -m 644 README.rst CHANGELOG.rst %{buildroot}/%{_docdir}/%{name}/
 
 # %%ghost file requires it is present in the build root
 touch %{buildroot}/%{_sysconfdir}/postsrsd.secret
 
-# proper location for systemd config
-mkdir -p %{buildroot}/%{_unitdir}
-mv %{buildroot}/%{_sysconfdir}/systemd/system/postsrsd.service %{buildroot}/%{_unitdir}/postsrsd.service
-rm -rf %{buildroot}/%{_sysconfdir}/systemd
+# config file can work without modification
+cp %{SOURCE1} %{buildroot}/%{_sysconfdir}/postsrsd.conf
 
-# chroot directory
-# (also move default config which is in the way)
-sed -i 's/^CHROOT=.*/CHROOT=\/run\/postsrsd/' %{buildroot}/%{_sysconfdir}/default/%{name}
-sed -ri -e 's/postsrsd\/default/postsrsd.default/' \
-        -e "s/(\[Install\])/RuntimeDirectory=postsrsd\nRuntimeDirectoryMode=0750\n\n\1/" %{buildroot}/%{_unitdir}/postsrsd.service
+# user nobody already exists
+rm -f %{buildroot}/%{_sysusersdir}/postsrsd.conf
 
+# Runtime Directory
+mkdir -p %{buildroot}/%{_sharedstatedir}/%{name}
+
+# selinux policy
+mkdir -p %{buildroot}/%{_datadir}/selinux/packages/%{name}
+cp %{SOURCE2} %{buildroot}/%{_datadir}/selinux/packages/%{name}/postsrsd.pp
 
 %files
-%license LICENSE
+%license LICENSES/*
 %ghost %{_sysconfdir}/postsrsd.secret
-%config(noreplace) %{_sysconfdir}/default/%{name}
+%config(noreplace) %{_sysconfdir}/postsrsd.conf
 %{_unitdir}/postsrsd.service
 %{_sbindir}/postsrsd
-%{_docdir}/%{name}
-%{_mandir}/man8/postsrsd.8.gz
+%doc %{_docdir}/%{name}
+%{_sharedstatedir}/%{name}
 %{_datadir}/selinux/packages/%{name}/postsrsd.pp
-%{_datadir}/postsrsd/postsrsd-systemd-launcher
-
 
 %post
 if [ "$1" -le "1" ] ; then  # first install
@@ -89,6 +82,11 @@ fi
 # the admin may modify / restore from a backup, so better restore SELinux permissions unconditionally
 restorecon %{_sysconfdir}/postsrsd.secret
 %systemd_post %{name}.service
+# default value of local domain that will not be rewritten by srs and serve as the default domain to write other domains to.
+if [ ! -f /etc/postsrsd.domains ]; then
+hostname > /etc/postsrsd.domains
+chmod 640 /etc/postsrsd.domains
+fi
 
 
 %preun
@@ -109,6 +107,21 @@ fi
 
 
 %changelog
+* Sun Jun 07 2026 David Beveridge <dave@bevhost.com> - 2.0.11-1
+- First working 2.x release
+
+* Fri Jan 26 2024 Fedora Release Engineering <releng@fedoraproject.org> - 2.0.2-5
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
+
+* Sun Jan 21 2024 Fedora Release Engineering <releng@fedoraproject.org> - 2.0.2-4
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
+
+* Fri Jul 21 2023 Fedora Release Engineering <releng@fedoraproject.org> - 2.0.2-3
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
+
+* Fri Jan 20 2023 Fedora Release Engineering <releng@fedoraproject.org> - 2.0.2-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
+
 * Tue Nov 29 2022 Marc Dequènes (Duck) <duck@redhat.com> - 1.12-3
 - fix changelog entry
 

diff --git a/postsrsd.te b/postsrsd.te
new file mode 100644
index 0000000..3b982b4
--- /dev/null
+++ b/postsrsd.te
@@ -0,0 +1,16 @@
+
+module postsrsd 1.0;
+
+require {
+	type postfix_spool_t;
+	type postfix_cleanup_t;
+	type unconfined_service_t;
+	class unix_stream_socket connectto;
+	class sock_file write;
+}
+
+#============= postfix_cleanup_t ==============
+
+#!!!! This avc is allowed in the current policy
+allow postfix_cleanup_t postfix_spool_t:sock_file write;
+allow postfix_cleanup_t unconfined_service_t:unix_stream_socket connectto;

diff --git a/sources b/sources
index 5aac219..cfb3015 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-SHA512 (postsrsd-1.12.tar.gz) = 9b83d89f8ac26ba0477998c495b0566295e16ae62a661a9edaef430cbc2eea592fe178b3686d0ad0578a808d13c13d526ac44a2360fd6e715d701887086fa51a
+SHA512 (postsrsd-2.0.11.tar.gz) = d85be04decfcf38ac2aaa3435f804106faf37bd51914184f91ff2f130ff39ce4e1b73e9d0748dc57c940bdbc917dddcd25fc8777fcba65e864a1c6f0066c3995