You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@spamassassin.apache.org by jm...@apache.org on 2006/12/21 13:45:36 UTC

svn commit: r489341 - /spamassassin/trunk/sa-update.raw

Author: jm
Date: Thu Dec 21 04:45:35 2006
New Revision: 489341

URL: http://svn.apache.org/viewvc?view=rev&rev=489341
Log:
bug 5240: add sa-update --allowplugins switch, and automatically comment all 'loadplugin' or 'tryplugin' lines in downloaded rules files unless it is specified

Modified:
    spamassassin/trunk/sa-update.raw

Modified: spamassassin/trunk/sa-update.raw
URL: http://svn.apache.org/viewvc/spamassassin/trunk/sa-update.raw?view=diff&rev=489341&r1=489340&r2=489341
==============================================================================
--- spamassassin/trunk/sa-update.raw (original)
+++ spamassassin/trunk/sa-update.raw Thu Dec 21 04:45:35 2006
@@ -136,6 +136,7 @@
   'version|V'                           => \$opt{'version'},
   'help|h|?'                            => \$opt{'help'},
   'checkonly'                           => \$opt{'checkonly'},
+  'allowplugins'                        => \$opt{'allowplugins'},
 
   # allow multiple of these on the commandline
   'gpgkey=s'				=> $opt{'gpgkey'},
@@ -970,9 +971,16 @@
     if (open OUT, ">".$outfname) {
       my $content = $tar->get_content($file);
 
-      # replace macros in the update files if it's a .pre or .cf
       if ($outfname =~ /\.(?:pre|cf)$/) {
+        # replace macros in the update files if it's a .pre or .cf
         $content =~ s/\@\@([^\@]+)\@\@/$MACRO_VALUES{$1} || "\@\@$1\@\@"/ge;
+
+        # also, if --allowplugins is not specified, comment out
+        # all loadplugin or tryplugin lines
+        if ( !$opt{'allowplugins'} ) {
+          $content =~ s{^(\s*(?:load|try)plugin)\b}
+            {#(commented by sa-update, no --allowplugins switch specified)# $1}gmx;
+        }
       }
 
       print OUT $content;
@@ -1300,6 +1308,7 @@
                           Use multiple times for multiple channels
   --channelfile file      Retrieve updates from the channels in the file
   --checkonly             Check for update availability, do not install
+  --allowplugins          Allow updates to load plugin code
   --gpgkey key            Trust the key id to sign releases
                           Use multiple times for multiple keys
   --gpgkeyfile file       Trust the key ids in the file to sign releases
@@ -1353,6 +1362,12 @@
 
 Only check if an update is available, don't actually download and install it.
 The exit code will be C<0> or C<1> as described below.
+
+=item B<--allowplugins>
+
+Allow downloaded updates to activate plugins.  The default is not to
+activate plugins; any C<loadplugin> or C<tryplugin> lines will be commented
+in the downloaded update rules files.
 
 =item B<--gpg>, B<--nogpg>