1
#! /bin/sh /usr/share/dpatch/dpatch-run
2
## 06_SA_BUG_5240.dpatch by Duncan Findlay <duncf@debian.org>
4
## All lines beginning with `## DP:' are a description of the patch.
8
diff -urNad spamassassin~/sa-update.raw spamassassin/sa-update.raw
9
--- spamassassin~/sa-update.raw 2006-10-09 13:34:35.000000000 -0400
10
+++ spamassassin/sa-update.raw 2007-02-14 23:33:12.000000000 -0500
12
'debug|D:s' => \$opt{'debug'},
13
'version|V' => \$opt{'version'},
14
'help|h|?' => \$opt{'help'},
15
+ 'allowplugins' => \$opt{'allowplugins'},
17
# allow multiple of these on the commandline
18
'gpgkey=s' => $opt{'gpgkey'},
20
if (open OUT, ">".$outfname) {
21
my $content = $tar->get_content($file);
23
- # replace macros in the update files if it's a .pre or .cf
24
if ($outfname =~ /\.(?:pre|cf)$/) {
25
+ # replace macros in the update files if it's a .pre or .cf
26
$content =~ s/\@\@([^\@]+)\@\@/$MACRO_VALUES{$1} || "\@\@$1\@\@"/ge;
28
+ # also, if --allowplugins is not specified, comment out
29
+ # all loadplugin or tryplugin lines
30
+ if ( !$opt{'allowplugins'} ) {
31
+ $content =~ s{^\s*((?:load|try)plugin|bayes_store_module|auto_whitelist_factory)\b}
32
+ {#(commented by sa-update, no --allowplugins switch specified)# $1}gmx;
38
--channel channel Retrieve updates from this channel
39
Use multiple times for multiple channels
40
--channelfile file Retrieve updates from the channels in the file
43
+ --allowplugins Allow updates to load plugin code
44
--gpgkey key Trust the key id to sign releases
45
Use multiple times for multiple keys
46
--gpgkeyfile file Trust the key ids in the file to sign releases
47
@@ -1282,6 +1289,12 @@
48
file instead of on the commandline. This is extremely useful when there are a
49
lot of additional channels.
51
+=item B<--allowplugins>
53
+Allow downloaded updates to activate plugins. The default is not to
54
+activate plugins; any C<loadplugin> or C<tryplugin> lines will be commented
55
+in the downloaded update rules files.
57
=item B<--gpg>, B<--nogpg>
59
sa-update by default will verify update archives by use of a SHA1 checksum