* [gentoo-commits] repo/gentoo:master commit in: mail-mta/opensmtpd/files/, mail-mta/opensmtpd/
@ 2015-10-05 8:44 Jason Donenfeld
0 siblings, 0 replies; 10+ messages in thread
From: Jason Donenfeld @ 2015-10-05 8:44 UTC (permalink / raw
To: gentoo-commits
commit: 3f8e2fe24f3ff174d8515b82607e951e054f68f6
Author: Jason A. Donenfeld <zx2c4 <AT> gentoo <DOT> org>
AuthorDate: Mon Oct 5 08:42:58 2015 +0000
Commit: Jason Donenfeld <zx2c4 <AT> gentoo <DOT> org>
CommitDate: Mon Oct 5 08:44:18 2015 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=3f8e2fe2
mail-mta/opensmtpd: bump release for urgent security issue
Committing this as stable and removing the old version too, because it's
being exploited in the wild.
Package-Manager: portage-2.2.22
| 26 ++++++++++++++++++++++
....7.2_p1.ebuild => opensmtpd-5.7.2_p1-r1.ebuild} | 2 ++
2 files changed, 28 insertions(+)
--git a/mail-mta/opensmtpd/files/opensmtpd-5.7.2-remote-header-crash.patch b/mail-mta/opensmtpd/files/opensmtpd-5.7.2-remote-header-crash.patch
new file mode 100644
index 0000000..f9da33b
--- /dev/null
+++ b/mail-mta/opensmtpd/files/opensmtpd-5.7.2-remote-header-crash.patch
@@ -0,0 +1,26 @@
+diff --git a/smtpd/filter.c b/smtpd/filter.c
+index 062f00f..8af6eab 100644
+--- a/smtpd/filter.c
++++ b/smtpd/filter.c
+@@ -726,7 +726,6 @@ filter_tx_io(struct io *io, int evt)
+ struct filter_session *s = io->arg;
+ size_t len, n;
+ char *data;
+- char buf[65535];
+
+ log_trace(TRACE_FILTERS, "filter: filter_tx_io(%p, %s)", s, io_strevent(evt));
+
+@@ -734,10 +733,9 @@ filter_tx_io(struct io *io, int evt)
+ case IO_DATAIN:
+ data = iobuf_data(&s->ibuf);
+ len = iobuf_len(&s->ibuf);
+- memmove(buf, data, len);
+- buf[len] = 0;
+- log_trace(TRACE_FILTERS, "filter: filter_tx_io: datain (%zu) for req %016"PRIx64": %s",
+- len, s->id, buf);
++
++ log_trace(TRACE_FILTERS, "filter: filter_tx_io: datain (%zu) for req %016"PRIx64"",
++ len, s->id);
+
+ n = fwrite(data, 1, len, s->ofile);
+ if (n != len) {
diff --git a/mail-mta/opensmtpd/opensmtpd-5.7.2_p1.ebuild b/mail-mta/opensmtpd/opensmtpd-5.7.2_p1-r1.ebuild
similarity index 97%
rename from mail-mta/opensmtpd/opensmtpd-5.7.2_p1.ebuild
rename to mail-mta/opensmtpd/opensmtpd-5.7.2_p1-r1.ebuild
index fe35e0f..deba857 100644
--- a/mail-mta/opensmtpd/opensmtpd-5.7.2_p1.ebuild
+++ b/mail-mta/opensmtpd/opensmtpd-5.7.2_p1-r1.ebuild
@@ -47,6 +47,8 @@ src_prepare() {
# Use /run instead of /var/run
sed -i -e '/pidfile_path/s:_PATH_VARRUN:"/run/":' openbsd-compat/pidfile.c || die
+ epatch "${FILESDIR}"/"${PN}"-5.7.2-remote-header-crash.patch
+
epatch_user
eautoreconf
}
^ permalink raw reply related [flat|nested] 10+ messages in thread
* [gentoo-commits] repo/gentoo:master commit in: mail-mta/opensmtpd/files/, mail-mta/opensmtpd/
@ 2015-10-05 15:11 Jason Donenfeld
0 siblings, 0 replies; 10+ messages in thread
From: Jason Donenfeld @ 2015-10-05 15:11 UTC (permalink / raw
To: gentoo-commits
commit: 1d914fbcf38e35f7e66c8f0a4c78b903e2f216db
Author: Jason A. Donenfeld <zx2c4 <AT> gentoo <DOT> org>
AuthorDate: Mon Oct 5 15:10:38 2015 +0000
Commit: Jason Donenfeld <zx2c4 <AT> gentoo <DOT> org>
CommitDate: Mon Oct 5 15:11:06 2015 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=1d914fbc
mail-mta/opensmtpd: Bump version, with more security fixes, so stablize it too.
Package-Manager: portage-2.2.22
RepoMan-Options: --force
mail-mta/opensmtpd/Manifest | 2 +-
| 26 ----------------------
....7.2_p1-r1.ebuild => opensmtpd-5.7.3_p1.ebuild} | 2 --
3 files changed, 1 insertion(+), 29 deletions(-)
diff --git a/mail-mta/opensmtpd/Manifest b/mail-mta/opensmtpd/Manifest
index 1e736f2..f33bba9 100644
--- a/mail-mta/opensmtpd/Manifest
+++ b/mail-mta/opensmtpd/Manifest
@@ -1 +1 @@
-DIST opensmtpd-5.7.2p1.tar.gz 708991 SHA256 daae044488d456b33aa9c84ebcc79aef2f9ab2d17ebe0c0f09e41e1f4b60d992 SHA512 ef9487ba38711fd2a4076022c8fef89c4daf0aac346a72814a9c17f20f830bcd3cba4d85da53867cbc726d2c10fd6773c907ae533e0e022165d7f4aa3bdf1260 WHIRLPOOL 3d5d3fff0f15b898219af62eb4152666120d60d528f3afa99d347be0fcdd58b9fe36694471cd4485d51041de53ee6249f4510e5a0af254794fe7465b8642cd44
+DIST opensmtpd-5.7.3p1.tar.gz 709178 SHA256 848a3c72dd22b216bb924b69dc356fc297e8b3671ec30856978950208cba74dd SHA512 e75ed2e148d25716df3af7b6746332c475eb671b91d3832b9a56b11a1e567749065f1332cd06d928cf6bd5122427cd33cc3e0f5f4e2bec0f2269db695be65b7e WHIRLPOOL 191fe5e30f71aa1076434f95b46c1ffbc893ef15d355c485bbb2df503d0af986af6602424ab04f984a9041ca6074cf975289e7708e1362fa483f423a6c1e0d51
diff --git a/mail-mta/opensmtpd/files/opensmtpd-5.7.2-remote-header-crash.patch b/mail-mta/opensmtpd/files/opensmtpd-5.7.2-remote-header-crash.patch
deleted file mode 100644
index f9da33b..0000000
--- a/mail-mta/opensmtpd/files/opensmtpd-5.7.2-remote-header-crash.patch
+++ /dev/null
@@ -1,26 +0,0 @@
-diff --git a/smtpd/filter.c b/smtpd/filter.c
-index 062f00f..8af6eab 100644
---- a/smtpd/filter.c
-+++ b/smtpd/filter.c
-@@ -726,7 +726,6 @@ filter_tx_io(struct io *io, int evt)
- struct filter_session *s = io->arg;
- size_t len, n;
- char *data;
-- char buf[65535];
-
- log_trace(TRACE_FILTERS, "filter: filter_tx_io(%p, %s)", s, io_strevent(evt));
-
-@@ -734,10 +733,9 @@ filter_tx_io(struct io *io, int evt)
- case IO_DATAIN:
- data = iobuf_data(&s->ibuf);
- len = iobuf_len(&s->ibuf);
-- memmove(buf, data, len);
-- buf[len] = 0;
-- log_trace(TRACE_FILTERS, "filter: filter_tx_io: datain (%zu) for req %016"PRIx64": %s",
-- len, s->id, buf);
-+
-+ log_trace(TRACE_FILTERS, "filter: filter_tx_io: datain (%zu) for req %016"PRIx64"",
-+ len, s->id);
-
- n = fwrite(data, 1, len, s->ofile);
- if (n != len) {
diff --git a/mail-mta/opensmtpd/opensmtpd-5.7.2_p1-r1.ebuild b/mail-mta/opensmtpd/opensmtpd-5.7.3_p1.ebuild
similarity index 97%
rename from mail-mta/opensmtpd/opensmtpd-5.7.2_p1-r1.ebuild
rename to mail-mta/opensmtpd/opensmtpd-5.7.3_p1.ebuild
index deba857..fe35e0f 100644
--- a/mail-mta/opensmtpd/opensmtpd-5.7.2_p1-r1.ebuild
+++ b/mail-mta/opensmtpd/opensmtpd-5.7.3_p1.ebuild
@@ -47,8 +47,6 @@ src_prepare() {
# Use /run instead of /var/run
sed -i -e '/pidfile_path/s:_PATH_VARRUN:"/run/":' openbsd-compat/pidfile.c || die
- epatch "${FILESDIR}"/"${PN}"-5.7.2-remote-header-crash.patch
-
epatch_user
eautoreconf
}
^ permalink raw reply related [flat|nested] 10+ messages in thread
* [gentoo-commits] repo/gentoo:master commit in: mail-mta/opensmtpd/files/, mail-mta/opensmtpd/
@ 2016-06-25 14:55 Jason Donenfeld
0 siblings, 0 replies; 10+ messages in thread
From: Jason Donenfeld @ 2016-06-25 14:55 UTC (permalink / raw
To: gentoo-commits
commit: 5f4012dfa79841e434eaac595d78759ce8f56bfa
Author: Jason A. Donenfeld <zx2c4 <AT> gentoo <DOT> org>
AuthorDate: Sat Jun 25 14:54:08 2016 +0000
Commit: Jason Donenfeld <zx2c4 <AT> gentoo <DOT> org>
CommitDate: Sat Jun 25 14:55:27 2016 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=5f4012df
mail-mta/opensmtpd: snapshot version bump
Package-Manager: portage-2.3.0_rc1
mail-mta/opensmtpd/Manifest | 2 +-
...smtpd-5.9.2.201606071034_p1-ipv6-net-pton.patch | 50 ------------
.../opensmtpd-5.9.2.201606071034_p1-r1.ebuild | 94 ----------------------
...uild => opensmtpd-5.9.2.201606220754_p1.ebuild} | 0
4 files changed, 1 insertion(+), 145 deletions(-)
diff --git a/mail-mta/opensmtpd/Manifest b/mail-mta/opensmtpd/Manifest
index 0ddb06a..8af3860 100644
--- a/mail-mta/opensmtpd/Manifest
+++ b/mail-mta/opensmtpd/Manifest
@@ -1,3 +1,3 @@
DIST opensmtpd-201606071034p1.tar.gz 692683 SHA256 e4a63195cb67fd705bc0ddfc3b7bcaff63b16ec141782fff1f5056050b1ad3f3 SHA512 5cb40279222a7fd610bc40ab20f28cc5d638497815a6c25b0dcae6ee1ffd0e1d35a9942c853cca4970e34a9ffb91f419e8c245bbcbbd9487e6128af8969569cb WHIRLPOOL e644854a6341fb962006d4b33522a9a3f22e8b4a6dc7d636cd34c854878d4c067577caecc24b4f95b5ff8fd467cf086df5fcee4cffcc00b8c237f2a91b5c98af
-DIST opensmtpd-201606152203p1.tar.gz 692715 SHA256 f91a91a6936bd634ba0643dea91b189d454b03d3c454f38f365bf73921aaf222 SHA512 3573424d7ac32ad2061c8c46a947377825c907368d060d14b16a886e46de90ce3b11b4be097bce692fce86f54072133a39d9644566a1e10e33d7a21bccf08f0f WHIRLPOOL 1fa23b57ef2700d4c21cc60ee37083afeb0270749db65a18eebf69f9ad72e0c38e1ec7aa27c5ee5e88bfeff0855ce4d39860cc431867febdaf97d0fbd1b4b6b6
+DIST opensmtpd-201606220754p1.tar.gz 692879 SHA256 4057ab61396b0a9de50fb2087aac3997757fa95f49de5d71db3a8ad49a9ae163 SHA512 33eba331d2dcbdf00e69f213b17175ad378108a7e8344e379a042bc6308300eda9c0d16cf15617beda003938b806937575ccad579113bc978877c212e87d3089 WHIRLPOOL a6f446fbfdec7ad017e9347ae0a452ab6d1e9f4dbb775acc781022c226c9423aa43aa5dd8f79726d5d202fe6d93cca94077a987817425c283c5f3337a7440b09
DIST opensmtpd-5.9.2p1.tar.gz 681855 SHA256 3522f273c1630c781facdb2b921228e338ed4e651909316735df775d6a70a71d SHA512 99ca15101557848aa6d642f0c0171b152d805192e6839a97410b19431c981a21a5c0dc011e2c8cd91f3e6f6acb37a77f0f4c8e68114bf9808240392fe2b5d375 WHIRLPOOL 4d50474eb9f845633d152c065a0e70f3d41fba97134b33d3eb5164d39bdc58eeb4133b2f951a1815143a468144fb631f5f0b2960f57e7ba18a65321413fb5b6f
diff --git a/mail-mta/opensmtpd/files/opensmtpd-5.9.2.201606071034_p1-ipv6-net-pton.patch b/mail-mta/opensmtpd/files/opensmtpd-5.9.2.201606071034_p1-ipv6-net-pton.patch
deleted file mode 100644
index 9841a7e..0000000
--- a/mail-mta/opensmtpd/files/opensmtpd-5.9.2.201606071034_p1-ipv6-net-pton.patch
+++ /dev/null
@@ -1,50 +0,0 @@
-From 988cff352d6b3dd5fe3224d7ebce361fca5c0b4f Mon Sep 17 00:00:00 2001
-From: gilles <gilles@poolp.org>
-Date: Wed, 8 Jun 2016 08:23:02 +0200
-Subject: [PATCH] on systems with a broken inet_net_pton() that does not
- support IPv6, fallback to broken_net_inet_pton_ipv6() when errno ==
- EAFNOSUPPORT
-
----
- smtpd/to.c | 14 ++++++++++----
- 1 file changed, 10 insertions(+), 4 deletions(-)
-
-diff --git a/smtpd/to.c b/smtpd/to.c
-index 4a6a765..4b592be 100644
---- a/smtpd/to.c
-+++ b/smtpd/to.c
-@@ -60,7 +60,7 @@ static int alias_is_filename(struct expandnode *, const char *, size_t);
- static int alias_is_include(struct expandnode *, const char *, size_t);
- static int alias_is_error(struct expandnode *, const char *, size_t);
-
--static int temp_inet_net_pton_ipv6(const char *, void *, size_t);
-+static int broken_inet_net_pton_ipv6(const char *, void *, size_t);
-
- const char *
- sockaddr_to_text(struct sockaddr *sa)
-@@ -301,8 +301,14 @@ text_to_netaddr(struct netaddr *netaddr, const char *s)
- } else {
- bits = inet_net_pton(AF_INET6, s, &ssin6.sin6_addr,
- sizeof(struct in6_addr));
-- if (bits == -1)
-- return 0;
-+ if (bits == -1) {
-+ if (errno != EAFNOSUPPORT)
-+ return 0;
-+ bits = broken_inet_net_pton_ipv6(s, &ssin6.sin6_addr,
-+ sizeof(struct in6_addr));
-+ if (bits == -1)
-+ return 0;
-+ }
- ssin6.sin6_family = AF_INET6;
- memcpy(&ss, &ssin6, sizeof(ssin6));
- #ifdef HAVE_STRUCT_SOCKADDR_STORAGE_SS_LEN
-@@ -896,7 +902,7 @@ alias_is_error(struct expandnode *alias, const char *line, size_t len)
- }
-
- static int
--temp_inet_net_pton_ipv6(const char *src, void *dst, size_t size)
-+broken_inet_net_pton_ipv6(const char *src, void *dst, size_t size)
- {
- int ret;
- int bits;
diff --git a/mail-mta/opensmtpd/opensmtpd-5.9.2.201606071034_p1-r1.ebuild b/mail-mta/opensmtpd/opensmtpd-5.9.2.201606071034_p1-r1.ebuild
deleted file mode 100644
index bec67bd..0000000
--- a/mail-mta/opensmtpd/opensmtpd-5.9.2.201606071034_p1-r1.ebuild
+++ /dev/null
@@ -1,94 +0,0 @@
-# Copyright 1999-2016 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-# $Id$
-
-EAPI=5
-
-inherit multilib user flag-o-matic eutils pam toolchain-funcs autotools systemd versionator
-
-DESCRIPTION="Lightweight but featured SMTP daemon from OpenBSD"
-HOMEPAGE="http://www.opensmtpd.org/"
-MY_P="${P}"
-if [ $(get_last_version_component_index) -eq 4 ]; then
- MY_P="${PN}-$(get_version_component_range 4-)"
-fi
-SRC_URI="https://www.opensmtpd.org/archives/${MY_P/_}.tar.gz"
-
-LICENSE="ISC BSD BSD-1 BSD-2 BSD-4"
-SLOT="0"
-KEYWORDS="~amd64 ~x86"
-IUSE="libressl pam +mta"
-
-DEPEND="!libressl? ( dev-libs/openssl:0 )
- libressl? ( dev-libs/libressl )
- sys-libs/zlib
- pam? ( virtual/pam )
- sys-libs/db:=
- dev-libs/libevent
- app-misc/ca-certificates
- net-mail/mailbase
- net-libs/libasr
- !mail-mta/courier
- !mail-mta/esmtp
- !mail-mta/exim
- !mail-mta/mini-qmail
- !mail-mta/msmtp[mta]
- !mail-mta/netqmail
- !mail-mta/nullmailer
- !mail-mta/postfix
- !mail-mta/qmail-ldap
- !mail-mta/sendmail
- !mail-mta/ssmtp[mta]
-"
-RDEPEND="${DEPEND}"
-
-S=${WORKDIR}/${MY_P/_}
-
-src_prepare() {
- # Use /run instead of /var/run
- sed -i -e '/pidfile_path/s:_PATH_VARRUN:"/run/":' openbsd-compat/pidfile.c || die
- epatch "${FILESDIR}/${P}-ipv6-net-pton.patch"
- epatch_user
- eautoreconf
-}
-
-src_configure() {
- tc-export AR
- AR="$(which "$AR")" econf \
- --with-table-db \
- --with-user-smtpd=smtpd \
- --with-user-queue=smtpq \
- --with-group-queue=smtpq \
- --with-path-socket=/run \
- --with-path-CAfile=/etc/ssl/certs/ca-certificates.crt \
- --sysconfdir=/etc/opensmtpd \
- $(use_with pam auth-pam)
-}
-
-src_install() {
- default
- newinitd "${FILESDIR}"/smtpd.initd smtpd
- systemd_dounit "${FILESDIR}"/smtpd.{service,socket}
- use pam && newpamd "${FILESDIR}"/smtpd.pam smtpd
- if use mta ; then
- dodir /usr/sbin
- dosym /usr/sbin/smtpctl /usr/sbin/sendmail
- dosym /usr/sbin/smtpctl /usr/bin/sendmail
- dosym /usr/sbin/smtpctl /usr/$(get_libdir)/sendmail
- fi
-}
-
-pkg_preinst() {
- enewgroup smtpd 25
- enewuser smtpd 25 -1 /var/empty smtpd
- enewgroup smtpq 252
- enewuser smtpq 252 -1 /var/empty smtpq
-}
-
-pkg_postinst() {
- einfo
- einfo "Plugins for SQLite, MySQL, PostgreSQL, LDAP, socketmaps,"
- einfo "Redis, and many other useful addons and filters are"
- einfo "available in the mail-filter/opensmtpd-extras package."
- einfo
-}
diff --git a/mail-mta/opensmtpd/opensmtpd-5.9.2.201606152203_p1.ebuild b/mail-mta/opensmtpd/opensmtpd-5.9.2.201606220754_p1.ebuild
similarity index 100%
rename from mail-mta/opensmtpd/opensmtpd-5.9.2.201606152203_p1.ebuild
rename to mail-mta/opensmtpd/opensmtpd-5.9.2.201606220754_p1.ebuild
^ permalink raw reply related [flat|nested] 10+ messages in thread
* [gentoo-commits] repo/gentoo:master commit in: mail-mta/opensmtpd/files/, mail-mta/opensmtpd/
@ 2017-04-12 14:05 Jason Donenfeld
0 siblings, 0 replies; 10+ messages in thread
From: Jason Donenfeld @ 2017-04-12 14:05 UTC (permalink / raw
To: gentoo-commits
commit: 8a8806e399ae2045c594aaaa6bdabc203d67208d
Author: Samuel Holland <samuel <AT> sholland <DOT> org>
AuthorDate: Wed Jan 11 23:19:19 2017 +0000
Commit: Jason Donenfeld <zx2c4 <AT> gentoo <DOT> org>
CommitDate: Wed Apr 12 14:05:23 2017 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=8a8806e3
mail-mta/opensmtpd: revbump to fix libressl and musl
One patch is a backport from upstream. The other two have been submitted
upstream as pull requests.
Gentoo-Bug: 598822
Fixes: #3438
.../files/opensmtpd-6.0.2_p1-autoconf.patch | 46 ++++++++++
.../files/opensmtpd-6.0.2_p1-libressl.patch | 101 +++++++++++++++++++++
.../opensmtpd/files/opensmtpd-6.0.2_p1-musl.patch | 51 +++++++++++
mail-mta/opensmtpd/opensmtpd-6.0.2_p1-r2.ebuild | 98 ++++++++++++++++++++
4 files changed, 296 insertions(+)
diff --git a/mail-mta/opensmtpd/files/opensmtpd-6.0.2_p1-autoconf.patch b/mail-mta/opensmtpd/files/opensmtpd-6.0.2_p1-autoconf.patch
new file mode 100644
index 00000000000..d490a902919
--- /dev/null
+++ b/mail-mta/opensmtpd/files/opensmtpd-6.0.2_p1-autoconf.patch
@@ -0,0 +1,46 @@
+From 9370e962bfa1032ab16c48c79977536eae665d75 Mon Sep 17 00:00:00 2001
+From: Freddy DISSAUX <dsx@pouet.bsdsx.fr>
+Date: Sat, 17 Sep 2016 08:50:14 +0200
+Subject: [PATCH] Fix expression, as explain in
+
+https://www.gnu.org/savannah-checkouts/gnu/autoconf/manual/autoconf-2.69/html_node/Generic-Declarations.html#Generic-Declarations
+
+"Unlike the other `AC_CHECK_*S' macros, when a symbol is not
+declared, HAVE_DECL_symbol is defined to `0' instead of
+leaving HAVE_DECL_symbol undeclared."
+---
+ openbsd-compat/defines.h | 2 +-
+ openbsd-compat/openbsd-compat.h | 4 ++--
+ 2 files changed, 3 insertions(+), 3 deletions(-)
+
+diff --git a/openbsd-compat/defines.h b/openbsd-compat/defines.h
+index 0a94d76..bda39e9 100644
+--- a/openbsd-compat/defines.h
++++ b/openbsd-compat/defines.h
+@@ -85,7 +85,7 @@
+ # define STDERR_FILENO 2
+ #endif
+
+-#if defined(HAVE_DECL_O_NONBLOCK) && HAVE_DECL_O_NONBLOCK == 0
++#if !HAVE_DECL_O_NONBLOCK
+ # define O_NONBLOCK 00004 /* Non Blocking Open */
+ #endif
+
+diff --git a/openbsd-compat/openbsd-compat.h b/openbsd-compat/openbsd-compat.h
+index fd931d0..1ef2925 100644
+--- a/openbsd-compat/openbsd-compat.h
++++ b/openbsd-compat/openbsd-compat.h
+@@ -212,11 +212,11 @@ void errc(int, int, const char *, ...);
+ #define pledge(promises, paths) 0
+ #endif
+
+-#ifndef HAVE_DECL_AF_LOCAL
++#if !HAVE_DECL_AF_LOCAL
+ #define AF_LOCAL AF_UNIX
+ #endif
+
+-#ifndef HAVE_DECL_WAIT_MYPGRP
++#if !HAVE_DECL_WAIT_MYPGRP
+ #define WAIT_MYPGRP 0
+ #endif
+
diff --git a/mail-mta/opensmtpd/files/opensmtpd-6.0.2_p1-libressl.patch b/mail-mta/opensmtpd/files/opensmtpd-6.0.2_p1-libressl.patch
new file mode 100644
index 00000000000..e1656b94040
--- /dev/null
+++ b/mail-mta/opensmtpd/files/opensmtpd-6.0.2_p1-libressl.patch
@@ -0,0 +1,101 @@
+From f948b923873a93472dea9b786cf60a3472b0ddc8 Mon Sep 17 00:00:00 2001
+From: Samuel Holland <samuel@sholland.org>
+Date: Wed, 11 Jan 2017 17:35:29 -0600
+Subject: [PATCH] fix compatibility with libressl
+
+These functions are exported by libcrypto from libressl, due to its
+similar OpenBSD compatibility layer, but they are not present in any
+header files. Thus, while we can use the existing compiled function,
+and do not need to provide our own, we do need to provide the prototype
+for it.
+
+This avoids implicit function declarations and the resulting crashes due
+to pointer truncation.
+
+The patch is based on an equivalent patch for OpenSSH from
+https://bugzilla.mindrot.org/show_bug.cgi?id=2465
+Also see
+https://github.com/libressl-portable/portable/issues/109
+
+Fixes #691
+---
+ openbsd-compat/defines.h | 9 ---------
+ openbsd-compat/openbsd-compat.h | 25 +++++++++++++++----------
+ 2 files changed, 15 insertions(+), 19 deletions(-)
+
+diff --git a/openbsd-compat/defines.h b/openbsd-compat/defines.h
+index 2cbfbca..3ffcc81 100644
+--- a/openbsd-compat/defines.h
++++ b/openbsd-compat/defines.h
+@@ -422,15 +422,6 @@ typedef uint16_t in_port_t;
+ #define INET6_ADDRSTRLEN 46
+ #endif
+
+-/*
+- * Platforms that have arc4random_uniform() and not arc4random_stir()
+- * shouldn't need the latter.
+- */
+-#if defined(HAVE_ARC4RANDOM) && defined(HAVE_ARC4RANDOM_UNIFORM) && \
+- !defined(HAVE_ARC4RANDOM_STIR)
+-# define arc4random_stir()
+-#endif
+-
+ #ifndef HAVE_VA_COPY
+ # ifdef HAVE___VA_COPY
+ # define va_copy(dest, src) __va_copy(dest, src)
+diff --git a/openbsd-compat/openbsd-compat.h b/openbsd-compat/openbsd-compat.h
+index a51385b..51f33bb 100644
+--- a/openbsd-compat/openbsd-compat.h
++++ b/openbsd-compat/openbsd-compat.h
+@@ -119,20 +119,25 @@ int BSDoptind; /* index into parent argv vector */
+ int getpeereid(int , uid_t *, gid_t *);
+ #endif
+
+-#ifdef HAVE_ARC4RANDOM
+-# ifndef HAVE_ARC4RANDOM_STIR
+-# define arc4random_stir()
+-# endif
+-#else
++#if !defined(HAVE_ARC4RANDOM) || defined(LIBRESSL_VERSION_NUMBER)
+ unsigned int arc4random(void);
++#endif
++
++#if defined(HAVE_ARC4RANDOM_STIR)
+ void arc4random_stir(void);
+-#endif /* !HAVE_ARC4RANDOM */
++#elif defined(HAVE_ARC4RANDOM) || defined(LIBRESSL_VERSION_NUMBER)
++/* Recent system/libressl implementation; no need for explicit stir */
++# define arc4random_stir()
++#else
++/* openbsd-compat/arc4random.c provides arc4random_stir() */
++void arc4random_stir(void);
++#endif
+
+-#ifndef HAVE_ARC4RANDOM_BUF
++#if !defined(HAVE_ARC4RANDOM_BUF) || defined(LIBRESSL_VERSION_NUMBER)
+ void arc4random_buf(void *, size_t);
+ #endif
+
+-#ifndef HAVE_ARC4RANDOM_UNIFORM
++#if !defined(HAVE_ARC4RANDOM_UNIFORM) || defined(LIBRESSL_VERSION_NUMBER)
+ uint32_t arc4random_uniform(uint32_t);
+ #endif
+
+@@ -174,7 +179,7 @@ int vasprintf(char **, const char *, va_list);
+ int vsnprintf(char *, size_t, const char *, va_list);
+ #endif
+
+-#ifndef HAVE_EXPLICIT_BZERO
++#if !defined(HAVE_EXPLICIT_BZERO) || defined(LIBRESSL_VERSION_NUMBER)
+ void explicit_bzero(void *p, size_t n);
+ #endif
+
+@@ -200,7 +205,7 @@ int pidfile(const char *basename);
+ struct passwd *pw_dup(const struct passwd *);
+ #endif
+
+-#ifndef HAVE_REALLOCARRAY
++#if !defined(HAVE_REALLOCARRAY) || defined(LIBRESSL_VERSION_NUMBER)
+ void *reallocarray(void *, size_t, size_t);
+ #endif
+
diff --git a/mail-mta/opensmtpd/files/opensmtpd-6.0.2_p1-musl.patch b/mail-mta/opensmtpd/files/opensmtpd-6.0.2_p1-musl.patch
new file mode 100644
index 00000000000..065fbcdbe1a
--- /dev/null
+++ b/mail-mta/opensmtpd/files/opensmtpd-6.0.2_p1-musl.patch
@@ -0,0 +1,51 @@
+From 2ab442623e689532910b34ff0dbbc2167da02330 Mon Sep 17 00:00:00 2001
+From: Samuel Holland <samuel@sholland.org>
+Date: Wed, 11 Jan 2017 17:39:07 -0600
+Subject: [PATCH] fix musl compatibility (missing function prototypes)
+
+inet_net_pton is already compiled, but no prototype is provided.
+res_hnok is provided by the compatibility layer in libasr.
+
+These fixes avoid warnings about implicit function declaration.
+
+Fixes #758
+---
+ configure.ac | 1 +
+ openbsd-compat/openbsd-compat.h | 8 ++++++++
+ 2 files changed, 9 insertions(+)
+
+diff --git a/configure.ac b/configure.ac
+index 42e092f..e27c514 100644
+--- a/configure.ac
++++ b/configure.ac
+@@ -594,6 +594,7 @@ AC_CHECK_FUNCS([ \
+ pledge \
+ pw_dup \
+ reallocarray \
++ res_hnok \
+ setenv \
+ setlinebuf \
+ setproctitle \
+diff --git a/openbsd-compat/openbsd-compat.h b/openbsd-compat/openbsd-compat.h
+index a51385b..5d2e2c2 100644
+--- a/openbsd-compat/openbsd-compat.h
++++ b/openbsd-compat/openbsd-compat.h
+@@ -208,10 +208,18 @@ void *reallocarray(void *, size_t, size_t);
+ void errc(int, int, const char *, ...);
+ #endif
+
++#ifndef HAVE_INET_NET_PTON
++int inet_net_pton(int, const char *, void *, size_t);
++#endif
++
+ #ifndef HAVE_PLEDGE
+ #define pledge(promises, paths) 0
+ #endif
+
++#ifndef HAVE_RES_HNOK
++int res_hnok(const char *);
++#endif
++
+ #if !HAVE_DECL_AF_LOCAL
+ #define AF_LOCAL AF_UNIX
+ #endif
diff --git a/mail-mta/opensmtpd/opensmtpd-6.0.2_p1-r2.ebuild b/mail-mta/opensmtpd/opensmtpd-6.0.2_p1-r2.ebuild
new file mode 100644
index 00000000000..a00485d278c
--- /dev/null
+++ b/mail-mta/opensmtpd/opensmtpd-6.0.2_p1-r2.ebuild
@@ -0,0 +1,98 @@
+# Copyright 1999-2017 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=5
+
+inherit multilib user flag-o-matic eutils pam toolchain-funcs autotools systemd versionator
+
+DESCRIPTION="Lightweight but featured SMTP daemon from OpenBSD"
+HOMEPAGE="http://www.opensmtpd.org/"
+MY_P="${P}"
+if [ $(get_last_version_component_index) -eq 4 ]; then
+ MY_P="${PN}-$(get_version_component_range 4-)"
+fi
+SRC_URI="https://www.opensmtpd.org/archives/${MY_P/_}.tar.gz"
+
+LICENSE="ISC BSD BSD-1 BSD-2 BSD-4"
+SLOT="0"
+KEYWORDS="~amd64 ~arm ~x86"
+IUSE="libressl pam +mta"
+
+DEPEND="!libressl? ( dev-libs/openssl:0 )
+ libressl? ( dev-libs/libressl )
+ elibc_musl? ( sys-libs/fts-standalone )
+ sys-libs/zlib
+ pam? ( virtual/pam )
+ sys-libs/db:=
+ dev-libs/libevent
+ app-misc/ca-certificates
+ net-mail/mailbase
+ net-libs/libasr
+ !mail-mta/courier
+ !mail-mta/esmtp
+ !mail-mta/exim
+ !mail-mta/mini-qmail
+ !mail-mta/msmtp[mta]
+ !mail-mta/netqmail
+ !mail-mta/nullmailer
+ !mail-mta/postfix
+ !mail-mta/qmail-ldap
+ !mail-mta/sendmail
+ !mail-mta/ssmtp[mta]
+"
+RDEPEND="${DEPEND}"
+
+S=${WORKDIR}/${MY_P/_}
+
+src_prepare() {
+ # Use /run instead of /var/run
+ sed -i -e '/pidfile_path/s:_PATH_VARRUN:"/run/":' openbsd-compat/pidfile.c || die
+ epatch "${FILESDIR}"/${P}-autoconf.patch
+ epatch "${FILESDIR}"/${P}-libressl.patch
+ epatch "${FILESDIR}"/${P}-musl.patch
+ epatch_user
+ eautoreconf
+}
+
+src_configure() {
+ tc-export AR
+ AR="$(which "$AR")" econf \
+ --with-table-db \
+ --with-user-smtpd=smtpd \
+ --with-user-queue=smtpq \
+ --with-group-queue=smtpq \
+ --with-path-socket=/run \
+ --with-path-CAfile=/etc/ssl/certs/ca-certificates.crt \
+ --sysconfdir=/etc/opensmtpd \
+ $(use_with pam auth-pam)
+}
+
+src_install() {
+ default
+ newinitd "${FILESDIR}"/smtpd.initd smtpd
+ systemd_dounit "${FILESDIR}"/smtpd.{service,socket}
+ use pam && newpamd "${FILESDIR}"/smtpd.pam smtpd
+ dosym /usr/sbin/smtpctl /usr/sbin/makemap
+ dosym /usr/sbin/smtpctl /usr/sbin/newaliases
+ if use mta ; then
+ dodir /usr/sbin
+ dosym /usr/sbin/smtpctl /usr/sbin/sendmail
+ dosym /usr/sbin/smtpctl /usr/bin/sendmail
+ dosym /usr/sbin/smtpctl /usr/$(get_libdir)/sendmail
+ fi
+}
+
+pkg_preinst() {
+ enewgroup smtpd 25
+ enewuser smtpd 25 -1 /var/empty smtpd
+ enewgroup smtpq 252
+ enewuser smtpq 252 -1 /var/empty smtpq
+}
+
+pkg_postinst() {
+ einfo
+ einfo "Plugins for SQLite, MySQL, PostgreSQL, LDAP, socketmaps,"
+ einfo "Redis, and many other useful addons and filters are"
+ einfo "available in the mail-filter/opensmtpd-extras package."
+ einfo
+}
^ permalink raw reply related [flat|nested] 10+ messages in thread
* [gentoo-commits] repo/gentoo:master commit in: mail-mta/opensmtpd/files/, mail-mta/opensmtpd/
@ 2019-01-02 19:11 Jason A. Donenfeld
0 siblings, 0 replies; 10+ messages in thread
From: Jason A. Donenfeld @ 2019-01-02 19:11 UTC (permalink / raw
To: gentoo-commits
commit: 84dd7ff3292161696670435a2e1bda4dc2091cbd
Author: Jason A. Donenfeld <zx2c4 <AT> gentoo <DOT> org>
AuthorDate: Wed Jan 2 19:07:17 2019 +0000
Commit: Jason A. Donenfeld <zx2c4 <AT> gentoo <DOT> org>
CommitDate: Wed Jan 2 19:11:04 2019 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=84dd7ff3
mail-mta/opensmtpd: port to openssl 1.1
Package-Manager: Portage-2.3.53, Repoman-2.3.12
Signed-off-by: Jason A. Donenfeld <zx2c4 <AT> gentoo.org>
.../opensmtpd-6.0.3_p1-fix-crash-on-auth.patch | 43 ++
.../files/opensmtpd-6.0.3_p1-openssl_1.1.patch | 722 +++++++++++++++++++++
....0.3_p1.ebuild => opensmtpd-6.0.3_p1-r1.ebuild} | 6 +-
3 files changed, 770 insertions(+), 1 deletion(-)
diff --git a/mail-mta/opensmtpd/files/opensmtpd-6.0.3_p1-fix-crash-on-auth.patch b/mail-mta/opensmtpd/files/opensmtpd-6.0.3_p1-fix-crash-on-auth.patch
new file mode 100644
index 00000000000..c20b5e0a0ef
--- /dev/null
+++ b/mail-mta/opensmtpd/files/opensmtpd-6.0.3_p1-fix-crash-on-auth.patch
@@ -0,0 +1,43 @@
+From 9b5f70b93e038df5446bd37a4adac5a0380748e7 Mon Sep 17 00:00:00 2001
+From: johannes <johannes.brechtmann@gmail.com>
+Date: Wed, 21 Feb 2018 23:57:11 +0100
+Subject: [PATCH] crypt_checkpass: include HAVE_CRYPT_H definition, add NULL
+ check
+
+---
+ openbsd-compat/crypt_checkpass.c | 9 ++++++++-
+ 1 file changed, 8 insertions(+), 1 deletion(-)
+
+diff --git a/openbsd-compat/crypt_checkpass.c b/openbsd-compat/crypt_checkpass.c
+index dafd2dae..d10b3a57 100644
+--- a/openbsd-compat/crypt_checkpass.c
++++ b/openbsd-compat/crypt_checkpass.c
+@@ -1,5 +1,6 @@
+ /* OPENBSD ORIGINAL: lib/libc/crypt/cryptutil.c */
+
++#include "includes.h"
+ #include <errno.h>
+ #ifdef HAVE_CRYPT_H
+ #include <crypt.h>
+@@ -10,6 +11,8 @@
+ int
+ crypt_checkpass(const char *pass, const char *goodhash)
+ {
++ char *c;
++
+ if (goodhash == NULL)
+ goto fail;
+
+@@ -17,7 +20,11 @@ crypt_checkpass(const char *pass, const char *goodhash)
+ if (strlen(goodhash) == 0 && strlen(pass) == 0)
+ return 0;
+
+- if (strcmp(crypt(pass, goodhash), goodhash) == 0)
++ c = crypt(pass, goodhash);
++ if (c == NULL)
++ goto fail;
++
++ if (strcmp(c, goodhash) == 0)
+ return 0;
+
+ fail:
diff --git a/mail-mta/opensmtpd/files/opensmtpd-6.0.3_p1-openssl_1.1.patch b/mail-mta/opensmtpd/files/opensmtpd-6.0.3_p1-openssl_1.1.patch
new file mode 100644
index 00000000000..40a62ae9251
--- /dev/null
+++ b/mail-mta/opensmtpd/files/opensmtpd-6.0.3_p1-openssl_1.1.patch
@@ -0,0 +1,722 @@
+Description: Enable support for OpenSSL 1.1
+Author: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>
+ Ryan Kavanagh <rak@debian.org>
+Origin: Debian
+Bug: https://github.com/OpenSMTPD/OpenSMTPD/issues/738
+Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=859544
+Forwarded: https://github.com/OpenSMTPD/OpenSMTPD/pull/825
+Last-Update: 2018-03-18
+---
+This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
+diff --git a/openbsd-compat/libressl.c b/openbsd-compat/libressl.c
+index f4f2b52e..d06e006f 100644
+--- a/openbsd-compat/libressl.c
++++ b/openbsd-compat/libressl.c
+@@ -81,14 +81,14 @@ SSL_CTX_use_certificate_chain(SSL_CTX *ctx, char *buf, off_t len)
+ x = ca = NULL;
+
+ if ((in = BIO_new_mem_buf(buf, len)) == NULL) {
+- SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_CHAIN_FILE, ERR_R_BUF_LIB);
++ SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_FILE, ERR_R_BUF_LIB);
+ goto end;
+ }
+
+ if ((x = PEM_read_bio_X509(in, NULL,
+- ctx->default_passwd_callback,
+- ctx->default_passwd_callback_userdata)) == NULL) {
+- SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_CHAIN_FILE, ERR_R_PEM_LIB);
++ SSL_CTX_get_default_passwd_cb(ctx),
++ SSL_CTX_get_default_passwd_cb_userdata(ctx))) == NULL) {
++ SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_FILE, ERR_R_PEM_LIB);
+ goto end;
+ }
+
+@@ -99,14 +99,11 @@ SSL_CTX_use_certificate_chain(SSL_CTX *ctx, char *buf, off_t len)
+ * the CA certificates.
+ */
+
+- if (ctx->extra_certs != NULL) {
+- sk_X509_pop_free(ctx->extra_certs, X509_free);
+- ctx->extra_certs = NULL;
+- }
++ SSL_CTX_clear_extra_chain_certs(ctx);
+
+ while ((ca = PEM_read_bio_X509(in, NULL,
+- ctx->default_passwd_callback,
+- ctx->default_passwd_callback_userdata)) != NULL) {
++ SSL_CTX_get_default_passwd_cb(ctx),
++ SSL_CTX_get_default_passwd_cb_userdata(ctx))) != NULL) {
+
+ if (!SSL_CTX_add_extra_chain_cert(ctx, ca))
+ goto end;
+diff --git a/smtpd/ca.c b/smtpd/ca.c
+index e383c6a1..29a44b9b 100644
+--- a/smtpd/ca.c
++++ b/smtpd/ca.c
+@@ -170,6 +170,190 @@ ca_verify_cb(int ok, X509_STORE_CTX *ctx)
+ return ok;
+ }
+
++#if (OPENSSL_VERSION_NUMBER < 0x10100000L) || defined(LIBRESSL_VERSION_NUMBER)
++
++static int RSA_meth_get_flags(RSA_METHOD *meth)
++{
++ return meth->flags;
++}
++
++static int RSA_meth_set_flags(RSA_METHOD *meth, int flags)
++{
++ meth->flags = flags;
++ return 1;
++}
++
++static void *RSA_meth_get0_app_data(const RSA_METHOD *meth)
++{
++ return meth->app_data;
++}
++
++static int RSA_meth_set0_app_data(RSA_METHOD *meth, void *app_data)
++{
++ meth->app_data = app_data;
++ return 1;
++}
++
++static int (*RSA_meth_get_pub_enc(const RSA_METHOD *meth))
++(int flen, const unsigned char *from, unsigned char *to, RSA *rsa, int padding)
++{
++ return meth->rsa_pub_enc;
++}
++
++static int RSA_meth_set_pub_enc(RSA_METHOD *meth,
++ int (*pub_enc) (int flen, const unsigned char *from,
++ unsigned char *to, RSA *rsa,
++ int padding))
++{
++ meth->rsa_pub_enc = pub_enc;
++ return 1;
++}
++
++static int (*RSA_meth_get_pub_dec(const RSA_METHOD *meth))
++(int flen, const unsigned char *from, unsigned char *to, RSA *rsa, int padding)
++{
++ return meth->rsa_pub_dec;
++}
++
++static int (*RSA_meth_get_priv_enc(const RSA_METHOD *meth))
++(int flen, const unsigned char *from, unsigned char *to, RSA *rsa, int padding)
++{
++ return meth->rsa_priv_enc;
++}
++
++int RSA_meth_set_priv_enc(RSA_METHOD *meth,
++ int (*priv_enc) (int flen, const unsigned char *from,
++ unsigned char *to, RSA *rsa, int padding))
++{
++ meth->rsa_priv_enc = priv_enc;
++ return 1;
++}
++
++static int (*RSA_meth_get_priv_dec(const RSA_METHOD *meth))
++(int flen, const unsigned char *from, unsigned char *to, RSA *rsa, int padding)
++{
++ return meth->rsa_priv_dec;
++}
++
++static int RSA_meth_set_priv_dec(RSA_METHOD *meth,
++ int (*priv_dec) (int flen, const unsigned char *from,
++ unsigned char *to, RSA *rsa, int padding))
++{
++ meth->rsa_priv_dec = priv_dec;
++ return 1;
++}
++
++static int (*RSA_meth_get_mod_exp(const RSA_METHOD *meth))
++ (BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx)
++{
++ return meth->rsa_mod_exp;
++}
++
++static int RSA_meth_set_mod_exp(RSA_METHOD *meth,
++ int (*mod_exp) (BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx))
++{
++ meth->rsa_mod_exp = mod_exp;
++ return 1;
++}
++
++static int (*RSA_meth_get_bn_mod_exp(const RSA_METHOD *meth))
++(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx)
++{
++ return meth->bn_mod_exp;
++}
++
++static int RSA_meth_set_bn_mod_exp(RSA_METHOD *meth, int (*bn_mod_exp)
++ (BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m,
++ BN_CTX *ctx, BN_MONT_CTX *m_ctx))
++{
++ meth->bn_mod_exp = bn_mod_exp;
++ return 1;
++}
++
++static int (*RSA_meth_get_init(const RSA_METHOD *meth)) (RSA *rsa)
++{
++ return meth->init;
++}
++
++static int RSA_meth_set_init(RSA_METHOD *meth, int (*init) (RSA *rsa))
++{
++ meth->init = init;
++ return 1;
++}
++
++static int (*RSA_meth_get_finish(const RSA_METHOD *meth)) (RSA *rsa)
++{
++ return meth->finish;
++}
++
++static int RSA_meth_set_finish(RSA_METHOD *meth, int (*finish) (RSA *rsa))
++{
++ meth->finish = finish;
++ return 1;
++}
++
++static int (*RSA_meth_get_keygen(const RSA_METHOD *meth))
++ (RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb)
++{
++ return meth->rsa_keygen;
++}
++
++static int RSA_meth_set_keygen(RSA_METHOD *meth, int (*keygen)
++ (RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb))
++{
++ meth->rsa_keygen = keygen;
++ return 1;
++}
++
++static int (*RSA_meth_get_verify(const RSA_METHOD *meth))
++ (int dtype, const unsigned char *m,
++ unsigned int m_length, const unsigned char *sigbuf,
++ unsigned int siglen, const RSA *rsa)
++{
++ if (meth->flags & RSA_FLAG_SIGN_VER)
++ return meth->rsa_verify;
++ return NULL;
++}
++
++static int (*RSA_meth_get_sign(const RSA_METHOD *meth))
++ (int type,
++ const unsigned char *m, unsigned int m_length,
++ unsigned char *sigret, unsigned int *siglen,
++ const RSA *rsa)
++{
++ if (meth->flags & RSA_FLAG_SIGN_VER)
++ return meth->rsa_sign;
++ return NULL;
++}
++
++static int RSA_meth_set_pub_dec(RSA_METHOD *meth,
++ int (*pub_dec) (int flen, const unsigned char *from,
++ unsigned char *to, RSA *rsa, int padding))
++{
++ meth->rsa_pub_dec = pub_dec;
++ return 1;
++}
++
++static RSA_METHOD *RSA_meth_new(const char *name, int flags)
++{
++ RSA_METHOD *meth = malloc(sizeof(*meth));
++
++ if (meth != NULL) {
++ memset(meth, 0, sizeof(*meth));
++ meth->flags = flags;
++
++ meth->name = strdup(name);
++ if (meth->name != NULL)
++ return meth;
++
++ free(meth);
++ }
++
++ return NULL;
++}
++
++#endif
++
+ int
+ ca_X509_verify(void *certificate, void *chain, const char *CAfile,
+ const char *CRLfile, const char **errstr)
+@@ -201,7 +385,7 @@ end:
+ *errstr = NULL;
+ if (ret != 1) {
+ if (xsc)
+- *errstr = X509_verify_cert_error_string(xsc->error);
++ *errstr = X509_verify_cert_error_string(X509_STORE_CTX_get_error(xsc));
+ else if (ERR_peek_last_error())
+ *errstr = ERR_error_string(ERR_peek_last_error(), NULL);
+ }
+@@ -302,24 +486,9 @@ ca_imsg(struct mproc *p, struct imsg *imsg)
+ * RSA privsep engine (called from unprivileged processes)
+ */
+
+-const RSA_METHOD *rsa_default = NULL;
+-
+-static RSA_METHOD rsae_method = {
+- "RSA privsep engine",
+- rsae_pub_enc,
+- rsae_pub_dec,
+- rsae_priv_enc,
+- rsae_priv_dec,
+- rsae_mod_exp,
+- rsae_bn_mod_exp,
+- rsae_init,
+- rsae_finish,
+- 0,
+- NULL,
+- NULL,
+- NULL,
+- rsae_keygen
+-};
++static const RSA_METHOD *rsa_default = NULL;
++
++static const char *rsae_method_name = "RSA privsep engine";
+
+ static int
+ rsae_send_imsg(int flen, const unsigned char *from, unsigned char *to,
+@@ -404,7 +573,7 @@ rsae_pub_enc(int flen,const unsigned char *from, unsigned char *to, RSA *rsa,
+ int padding)
+ {
+ log_debug("debug: %s: %s", proc_name(smtpd_process), __func__);
+- return (rsa_default->rsa_pub_enc(flen, from, to, rsa, padding));
++ return (RSA_meth_get_pub_enc(rsa_default)(flen, from, to, rsa, padding));
+ }
+
+ static int
+@@ -412,7 +581,7 @@ rsae_pub_dec(int flen,const unsigned char *from, unsigned char *to, RSA *rsa,
+ int padding)
+ {
+ log_debug("debug: %s: %s", proc_name(smtpd_process), __func__);
+- return (rsa_default->rsa_pub_dec(flen, from, to, rsa, padding));
++ return (RSA_meth_get_pub_dec(rsa_default)(flen, from, to, rsa, padding));
+ }
+
+ static int
+@@ -424,7 +593,7 @@ rsae_priv_enc(int flen, const unsigned char *from, unsigned char *to, RSA *rsa,
+ return (rsae_send_imsg(flen, from, to, rsa, padding,
+ IMSG_CA_PRIVENC));
+ }
+- return (rsa_default->rsa_priv_enc(flen, from, to, rsa, padding));
++ return (RSA_meth_get_priv_enc(rsa_default)(flen, from, to, rsa, padding));
+ }
+
+ static int
+@@ -436,14 +605,14 @@ rsae_priv_dec(int flen, const unsigned char *from, unsigned char *to, RSA *rsa,
+ return (rsae_send_imsg(flen, from, to, rsa, padding,
+ IMSG_CA_PRIVDEC));
+ }
+- return (rsa_default->rsa_priv_dec(flen, from, to, rsa, padding));
++ return (RSA_meth_get_priv_dec(rsa_default)(flen, from, to, rsa, padding));
+ }
+
+ static int
+ rsae_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx)
+ {
+ log_debug("debug: %s: %s", proc_name(smtpd_process), __func__);
+- return (rsa_default->rsa_mod_exp(r0, I, rsa, ctx));
++ return (RSA_meth_get_mod_exp(rsa_default)(r0, I, rsa, ctx));
+ }
+
+ static int
+@@ -451,34 +620,36 @@ rsae_bn_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
+ const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx)
+ {
+ log_debug("debug: %s: %s", proc_name(smtpd_process), __func__);
+- return (rsa_default->bn_mod_exp(r, a, p, m, ctx, m_ctx));
++ return (RSA_meth_get_bn_mod_exp(rsa_default)(r, a, p, m, ctx, m_ctx));
+ }
+
+ static int
+ rsae_init(RSA *rsa)
+ {
+ log_debug("debug: %s: %s", proc_name(smtpd_process), __func__);
+- if (rsa_default->init == NULL)
++ if (RSA_meth_get_init(rsa_default) == NULL)
+ return (1);
+- return (rsa_default->init(rsa));
++ return (RSA_meth_get_init(rsa_default)(rsa));
+ }
+
+ static int
+ rsae_finish(RSA *rsa)
+ {
+ log_debug("debug: %s: %s", proc_name(smtpd_process), __func__);
+- if (rsa_default->finish == NULL)
++ if (RSA_meth_get_finish(rsa_default) == NULL)
+ return (1);
+- return (rsa_default->finish(rsa));
++ return (RSA_meth_get_finish(rsa_default)(rsa));
+ }
+
+ static int
+ rsae_keygen(RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb)
+ {
+ log_debug("debug: %s: %s", proc_name(smtpd_process), __func__);
+- return (rsa_default->rsa_keygen(rsa, bits, e, cb));
++ return (RSA_meth_get_keygen(rsa_default)(rsa, bits, e, cb));
+ }
+
++static RSA_METHOD *rsae_method;
++
+ void
+ ca_engine_init(void)
+ {
+@@ -490,7 +661,7 @@ ca_engine_init(void)
+ errstr = "ENGINE_new";
+ goto fail;
+ }
+- if (!ENGINE_set_name(e, rsae_method.name)) {
++ if (!ENGINE_set_name(e, rsae_method_name)) {
+ errstr = "ENGINE_set_name";
+ goto fail;
+ }
+@@ -503,25 +674,58 @@ ca_engine_init(void)
+ goto fail;
+ }
+
++ rsae_method = RSA_meth_new(rsae_method_name, 0);
++ if (!rsae_method) {
++ errstr = "RSA_meth_new";
++ goto fail;
++ }
++
+ if ((name = ENGINE_get_name(e)) == NULL)
+ name = "unknown RSA engine";
+
+ log_debug("debug: %s: using %s", __func__, name);
+
+- if (rsa_default->flags & RSA_FLAG_SIGN_VER)
++ if (RSA_meth_get_sign(rsa_default) ||
++ RSA_meth_get_verify(rsa_default))
+ fatalx("unsupported RSA engine");
+
+- if (rsa_default->rsa_mod_exp == NULL)
+- rsae_method.rsa_mod_exp = NULL;
+- if (rsa_default->bn_mod_exp == NULL)
+- rsae_method.bn_mod_exp = NULL;
+- if (rsa_default->rsa_keygen == NULL)
+- rsae_method.rsa_keygen = NULL;
+- rsae_method.flags = rsa_default->flags |
+- RSA_METHOD_FLAG_NO_CHECK;
+- rsae_method.app_data = rsa_default->app_data;
+-
+- if (!ENGINE_set_RSA(e, &rsae_method)) {
++ errstr = "Setting callback";
++ if (!RSA_meth_set_pub_enc(rsae_method, rsae_pub_enc))
++ goto fail;
++ if (!RSA_meth_set_pub_dec(rsae_method, rsae_pub_dec))
++ goto fail;
++ if (!RSA_meth_set_priv_enc(rsae_method, rsae_priv_enc))
++ goto fail;
++ if (!RSA_meth_set_priv_dec(rsae_method, rsae_priv_dec))
++ goto fail;
++
++ if (RSA_meth_get_mod_exp(rsa_default)) {
++ if (!RSA_meth_set_mod_exp(rsae_method, rsae_mod_exp))
++ goto fail;
++ }
++
++ if (RSA_meth_get_bn_mod_exp(rsa_default))
++ if (!RSA_meth_set_bn_mod_exp(rsae_method, rsae_bn_mod_exp))
++ goto fail;
++ if (!RSA_meth_set_init(rsae_method, rsae_init))
++ goto fail;
++ if (!RSA_meth_set_finish(rsae_method, rsae_finish))
++ goto fail;
++
++ if (RSA_meth_get_keygen(rsa_default)) {
++ if (!RSA_meth_set_keygen(rsae_method, rsae_keygen))
++ goto fail;
++ }
++
++ if (!RSA_meth_set_flags(rsae_method,
++ RSA_meth_get_flags(rsa_default) |
++ RSA_METHOD_FLAG_NO_CHECK))
++ goto fail;
++
++ if (!RSA_meth_set0_app_data(rsae_method, RSA_meth_get0_app_data(rsa_default)))
++ goto fail;
++
++ if (!ENGINE_set_RSA(e, rsae_method)) {
+ errstr = "ENGINE_set_RSA";
+ goto fail;
+ }
+diff --git a/smtpd/crypto.c b/smtpd/crypto.c
+index 76f98807..01452851 100644
+--- a/smtpd/crypto.c
++++ b/smtpd/crypto.c
+@@ -64,7 +64,7 @@ crypto_setup(const char *key, size_t len)
+ int
+ crypto_encrypt_file(FILE * in, FILE * out)
+ {
+- EVP_CIPHER_CTX ctx;
++ EVP_CIPHER_CTX *ctx;
+ uint8_t ibuf[CRYPTO_BUFFER_SIZE];
+ uint8_t obuf[CRYPTO_BUFFER_SIZE];
+ uint8_t iv[IV_SIZE];
+@@ -91,12 +91,14 @@ crypto_encrypt_file(FILE * in, FILE * out)
+ if ((w = fwrite(iv, 1, sizeof iv, out)) != sizeof iv)
+ return 0;
+
+- EVP_CIPHER_CTX_init(&ctx);
+- EVP_EncryptInit_ex(&ctx, EVP_aes_256_gcm(), NULL, cp.key, iv);
++ ctx = EVP_CIPHER_CTX_new();
++ if (!ctx)
++ return 0;
++ EVP_EncryptInit_ex(ctx, EVP_aes_256_gcm(), NULL, cp.key, iv);
+
+ /* encrypt until end of file */
+ while ((r = fread(ibuf, 1, CRYPTO_BUFFER_SIZE, in)) != 0) {
+- if (!EVP_EncryptUpdate(&ctx, obuf, &len, ibuf, r))
++ if (!EVP_EncryptUpdate(ctx, obuf, &len, ibuf, r))
+ goto end;
+ if (len && (w = fwrite(obuf, len, 1, out)) != 1)
+ goto end;
+@@ -105,13 +107,13 @@ crypto_encrypt_file(FILE * in, FILE * out)
+ goto end;
+
+ /* finalize and write last chunk if any */
+- if (!EVP_EncryptFinal_ex(&ctx, obuf, &len))
++ if (!EVP_EncryptFinal_ex(ctx, obuf, &len))
+ goto end;
+ if (len && (w = fwrite(obuf, len, 1, out)) != 1)
+ goto end;
+
+ /* get and append tag */
+- EVP_CIPHER_CTX_ctrl(&ctx, EVP_CTRL_GCM_GET_TAG, sizeof tag, tag);
++ EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_GET_TAG, sizeof tag, tag);
+ if ((w = fwrite(tag, sizeof tag, 1, out)) != 1)
+ goto end;
+
+@@ -119,14 +121,14 @@ crypto_encrypt_file(FILE * in, FILE * out)
+ ret = 1;
+
+ end:
+- EVP_CIPHER_CTX_cleanup(&ctx);
++ EVP_CIPHER_CTX_free(ctx);
+ return ret;
+ }
+
+ int
+ crypto_decrypt_file(FILE * in, FILE * out)
+ {
+- EVP_CIPHER_CTX ctx;
++ EVP_CIPHER_CTX *ctx;
+ uint8_t ibuf[CRYPTO_BUFFER_SIZE];
+ uint8_t obuf[CRYPTO_BUFFER_SIZE];
+ uint8_t iv[IV_SIZE];
+@@ -171,11 +173,13 @@ crypto_decrypt_file(FILE * in, FILE * out)
+ sz -= sizeof tag;
+
+
+- EVP_CIPHER_CTX_init(&ctx);
+- EVP_DecryptInit_ex(&ctx, EVP_aes_256_gcm(), NULL, cp.key, iv);
++ ctx = EVP_CIPHER_CTX_new();
++ if (!ctx)
++ return 0;
++ EVP_DecryptInit_ex(ctx, EVP_aes_256_gcm(), NULL, cp.key, iv);
+
+ /* set expected tag */
+- EVP_CIPHER_CTX_ctrl(&ctx, EVP_CTRL_GCM_SET_TAG, sizeof tag, tag);
++ EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_TAG, sizeof tag, tag);
+
+ /* decrypt until end of ciphertext */
+ while (sz) {
+@@ -185,7 +189,7 @@ crypto_decrypt_file(FILE * in, FILE * out)
+ r = fread(ibuf, 1, sz, in);
+ if (!r)
+ break;
+- if (!EVP_DecryptUpdate(&ctx, obuf, &len, ibuf, r))
++ if (!EVP_DecryptUpdate(ctx, obuf, &len, ibuf, r))
+ goto end;
+ if (len && (w = fwrite(obuf, len, 1, out)) != 1)
+ goto end;
+@@ -195,7 +199,7 @@ crypto_decrypt_file(FILE * in, FILE * out)
+ goto end;
+
+ /* finalize, write last chunk if any and perform authentication check */
+- if (!EVP_DecryptFinal_ex(&ctx, obuf, &len))
++ if (!EVP_DecryptFinal_ex(ctx, obuf, &len))
+ goto end;
+ if (len && (w = fwrite(obuf, len, 1, out)) != 1)
+ goto end;
+@@ -204,14 +208,14 @@ crypto_decrypt_file(FILE * in, FILE * out)
+ ret = 1;
+
+ end:
+- EVP_CIPHER_CTX_cleanup(&ctx);
++ EVP_CIPHER_CTX_free(ctx);
+ return ret;
+ }
+
+ size_t
+ crypto_encrypt_buffer(const char *in, size_t inlen, char *out, size_t outlen)
+ {
+- EVP_CIPHER_CTX ctx;
++ EVP_CIPHER_CTX *ctx;
+ uint8_t iv[IV_SIZE];
+ uint8_t tag[GCM_TAG_SIZE];
+ uint8_t version = API_VERSION;
+@@ -239,33 +243,35 @@ crypto_encrypt_buffer(const char *in, size_t inlen, char *out, size_t outlen)
+ memcpy(out + len, iv, sizeof iv);
+ len += sizeof iv;
+
+- EVP_CIPHER_CTX_init(&ctx);
+- EVP_EncryptInit_ex(&ctx, EVP_aes_256_gcm(), NULL, cp.key, iv);
++ ctx = EVP_CIPHER_CTX_new();
++ if (!ctx)
++ return 0;
++ EVP_EncryptInit_ex(ctx, EVP_aes_256_gcm(), NULL, cp.key, iv);
+
+ /* encrypt buffer */
+- if (!EVP_EncryptUpdate(&ctx, out + len, &olen, in, inlen))
++ if (!EVP_EncryptUpdate(ctx, out + len, &olen, in, inlen))
+ goto end;
+ len += olen;
+
+ /* finalize and write last chunk if any */
+- if (!EVP_EncryptFinal_ex(&ctx, out + len, &olen))
++ if (!EVP_EncryptFinal_ex(ctx, out + len, &olen))
+ goto end;
+ len += olen;
+
+ /* get and append tag */
+- EVP_CIPHER_CTX_ctrl(&ctx, EVP_CTRL_GCM_GET_TAG, sizeof tag, tag);
++ EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_GET_TAG, sizeof tag, tag);
+ memcpy(out + len, tag, sizeof tag);
+ ret = len + sizeof tag;
+
+ end:
+- EVP_CIPHER_CTX_cleanup(&ctx);
++ EVP_CIPHER_CTX_cleanup(ctx);
+ return ret;
+ }
+
+ size_t
+ crypto_decrypt_buffer(const char *in, size_t inlen, char *out, size_t outlen)
+ {
+- EVP_CIPHER_CTX ctx;
++ EVP_CIPHER_CTX *ctx;
+ uint8_t iv[IV_SIZE];
+ uint8_t tag[GCM_TAG_SIZE];
+ int olen;
+@@ -292,24 +298,26 @@ crypto_decrypt_buffer(const char *in, size_t inlen, char *out, size_t outlen)
+ inlen -= sizeof iv;
+ in += sizeof iv;
+
+- EVP_CIPHER_CTX_init(&ctx);
+- EVP_DecryptInit_ex(&ctx, EVP_aes_256_gcm(), NULL, cp.key, iv);
++ ctx = EVP_CIPHER_CTX_new();
++ if (!ctx)
++ return 0;
++ EVP_DecryptInit_ex(ctx, EVP_aes_256_gcm(), NULL, cp.key, iv);
+
+ /* set expected tag */
+- EVP_CIPHER_CTX_ctrl(&ctx, EVP_CTRL_GCM_SET_TAG, sizeof tag, tag);
++ EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_TAG, sizeof tag, tag);
+
+ /* decrypt buffer */
+- if (!EVP_DecryptUpdate(&ctx, out, &olen, in, inlen))
++ if (!EVP_DecryptUpdate(ctx, out, &olen, in, inlen))
+ goto end;
+ len += olen;
+
+ /* finalize, write last chunk if any and perform authentication check */
+- if (!EVP_DecryptFinal_ex(&ctx, out + len, &olen))
++ if (!EVP_DecryptFinal_ex(ctx, out + len, &olen))
+ goto end;
+ ret = len + olen;
+
+ end:
+- EVP_CIPHER_CTX_cleanup(&ctx);
++ EVP_CIPHER_CTX_cleanup(ctx);
+ return ret;
+ }
+
+diff --git a/smtpd/libressl.c b/smtpd/libressl.c
+index 57d74389..db78d943 100644
+--- a/smtpd/libressl.c
++++ b/smtpd/libressl.c
+@@ -94,10 +94,10 @@ ssl_ctx_use_certificate_chain_bio(SSL_CTX *ctx, BIO *in)
+
+ ERR_clear_error(); /* clear error stack for SSL_CTX_use_certificate() */
+
+- x = PEM_read_bio_X509_AUX(in, NULL, ctx->default_passwd_callback,
+- ctx->default_passwd_callback_userdata);
++ x = PEM_read_bio_X509_AUX(in, NULL, SSL_CTX_get_default_passwd_cb(ctx),
++ SSL_CTX_get_default_passwd_cb_userdata(ctx));
+ if (x == NULL) {
+- SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_CHAIN_FILE, ERR_R_PEM_LIB);
++ SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_FILE, ERR_R_PEM_LIB);
+ goto end;
+ }
+
+@@ -115,14 +115,11 @@ ssl_ctx_use_certificate_chain_bio(SSL_CTX *ctx, BIO *in)
+ int r;
+ unsigned long err;
+
+- if (ctx->extra_certs != NULL) {
+- sk_X509_pop_free(ctx->extra_certs, X509_free);
+- ctx->extra_certs = NULL;
+- }
++ SSL_CTX_clear_extra_chain_certs(ctx);
+
+ while ((ca = PEM_read_bio_X509(in, NULL,
+- ctx->default_passwd_callback,
+- ctx->default_passwd_callback_userdata)) != NULL) {
++ SSL_CTX_get_default_passwd_cb(ctx),
++ SSL_CTX_get_default_passwd_cb_userdata(ctx))) != NULL) {
+ r = SSL_CTX_add_extra_chain_cert(ctx, ca);
+ if (!r) {
+ X509_free(ca);
+@@ -160,7 +157,7 @@ SSL_CTX_use_certificate_chain_mem(SSL_CTX *ctx, void *buf, int len)
+
+ in = BIO_new_mem_buf(buf, len);
+ if (in == NULL) {
+- SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_CHAIN_FILE, ERR_R_BUF_LIB);
++ SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_FILE, ERR_R_BUF_LIB);
+ goto end;
+ }
+
+diff --git a/smtpd/ssl.c b/smtpd/ssl.c
+index b88360eb..0c93d87e 100644
+--- a/smtpd/ssl.c
++++ b/smtpd/ssl.c
+@@ -425,7 +425,7 @@ ssl_ctx_fake_private_key(SSL_CTX *ctx, const void *data, size_t datalen,
+ */
+ ret = SSL_CTX_use_PrivateKey(ctx, pkey);
+ if (!ret)
+- SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY, ERR_R_SSL_LIB);
++ SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY, ERR_R_SYS_LIB);
+
+ if (pkeyptr != NULL)
+ *pkeyptr = pkey;
+diff --git a/smtpd/ssl.h b/smtpd/ssl.h
+index 90f018d0..553120d4 100644
+--- a/smtpd/ssl.h
++++ b/smtpd/ssl.h
+@@ -73,3 +73,17 @@ void SSL_CTX_set_ecdh_auto(SSL_CTX *, int);
+ void SSL_CTX_set_dh_auto(SSL_CTX *, int);
+ #endif
+ int SSL_CTX_use_certificate_chain_mem(SSL_CTX *, void *, int);
++
++#if (OPENSSL_VERSION_NUMBER < 0x10100000L) || defined(LIBRESSL_VERSION_NUMBER)
++
++static inline pem_password_cb *SSL_CTX_get_default_passwd_cb(SSL_CTX *ctx)
++{
++ return ctx->default_passwd_callback;
++}
++
++static inline void *SSL_CTX_get_default_passwd_cb_userdata(SSL_CTX *ctx)
++{
++ return ctx->default_passwd_callback_userdata;
++}
++
++#endif
diff --git a/mail-mta/opensmtpd/opensmtpd-6.0.3_p1.ebuild b/mail-mta/opensmtpd/opensmtpd-6.0.3_p1-r1.ebuild
similarity index 94%
rename from mail-mta/opensmtpd/opensmtpd-6.0.3_p1.ebuild
rename to mail-mta/opensmtpd/opensmtpd-6.0.3_p1-r1.ebuild
index b8e388fa4fe..48e538cad47 100644
--- a/mail-mta/opensmtpd/opensmtpd-6.0.3_p1.ebuild
+++ b/mail-mta/opensmtpd/opensmtpd-6.0.3_p1-r1.ebuild
@@ -1,4 +1,4 @@
-# Copyright 1999-2018 Gentoo Authors
+# Copyright 1999-2019 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
EAPI=7
@@ -39,6 +39,10 @@ DEPEND="!libressl? ( dev-libs/openssl:0 )
RDEPEND="${DEPEND}"
S=${WORKDIR}/${P/_}
+PATCHES=(
+ "${FILESDIR}/${P}-fix-crash-on-auth.patch"
+ "${FILESDIR}/${P}-openssl_1.1.patch"
+)
src_configure() {
tc-export AR
^ permalink raw reply related [flat|nested] 10+ messages in thread
* [gentoo-commits] repo/gentoo:master commit in: mail-mta/opensmtpd/files/, mail-mta/opensmtpd/
@ 2020-01-29 8:51 Jason A. Donenfeld
0 siblings, 0 replies; 10+ messages in thread
From: Jason A. Donenfeld @ 2020-01-29 8:51 UTC (permalink / raw
To: gentoo-commits
commit: fabf7b6f4a9b8240f1ae4cef4dde4a2300722c9c
Author: Jason A. Donenfeld <zx2c4 <AT> gentoo <DOT> org>
AuthorDate: Wed Jan 29 08:51:03 2020 +0000
Commit: Jason A. Donenfeld <zx2c4 <AT> gentoo <DOT> org>
CommitDate: Wed Jan 29 08:51:26 2020 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=fabf7b6f
mail-mta/opensmtpd: bump for security disaster
Package-Manager: Portage-2.3.84, Repoman-2.3.20
Signed-off-by: Jason A. Donenfeld <zx2c4 <AT> gentoo.org>
.../files/opensmtpd-6.0.3_p1-security-fixes.patch | 91 ++++++++++++++++++++++
...3_p1-r1.ebuild => opensmtpd-6.0.3_p1-r2.ebuild} | 3 +-
2 files changed, 93 insertions(+), 1 deletion(-)
diff --git a/mail-mta/opensmtpd/files/opensmtpd-6.0.3_p1-security-fixes.patch b/mail-mta/opensmtpd/files/opensmtpd-6.0.3_p1-security-fixes.patch
new file mode 100644
index 00000000000..58f3ed8c38b
--- /dev/null
+++ b/mail-mta/opensmtpd/files/opensmtpd-6.0.3_p1-security-fixes.patch
@@ -0,0 +1,91 @@
+diff -ru OpenSMTPD-opensmtpd-6.0.3/smtpd/mta_session.c OpenSMTPD-opensmtpd-6.0.3-fixed/smtpd/mta_session.c
+--- OpenSMTPD-opensmtpd-6.0.3/smtpd/mta_session.c 2018-01-04 23:24:01.000000000 +0100
++++ OpenSMTPD-opensmtpd-6.0.3-fixed/smtpd/mta_session.c 2020-01-29 09:47:24.607457717 +0100
+@@ -1290,40 +1290,20 @@
+ break;
+
+ case IO_ERROR:
++ case IO_TLSERROR:
+ log_debug("debug: mta: %p: IO error: %s", s, io_error(io));
+- if (!s->ready) {
+- mta_error(s, "IO Error: %s", io_error(io));
+- mta_connect(s);
+- break;
+- }
+- else if (!(s->flags & (MTA_FORCE_TLS|MTA_FORCE_SMTPS|MTA_FORCE_ANYSSL))) {
+- /* error in non-strict SSL negotiation, downgrade to plain */
+- if (s->flags & MTA_TLS) {
+- log_info("smtp-out: Error on session %016"PRIx64
+- ": opportunistic TLS failed, "
+- "downgrading to plain", s->id);
+- s->flags &= ~MTA_TLS;
+- s->flags |= MTA_DOWNGRADE_PLAIN;
+- mta_connect(s);
+- break;
+- }
+- }
+- mta_error(s, "IO Error: %s", io_error(io));
+- mta_free(s);
+- break;
+
+- case IO_TLSERROR:
+- log_debug("debug: mta: %p: TLS IO error: %s", s, io_error(io));
+- if (!(s->flags & (MTA_FORCE_TLS|MTA_FORCE_SMTPS|MTA_FORCE_ANYSSL))) {
++ if (s->state == MTA_STARTTLS && s->use_smtp_tls) {
+ /* error in non-strict SSL negotiation, downgrade to plain */
+- log_info("smtp-out: TLS Error on session %016"PRIx64
+- ": TLS failed, "
++ log_info("smtp-out: Error on session %016"PRIx64
++ ": opportunistic TLS failed, "
+ "downgrading to plain", s->id);
+ s->flags &= ~MTA_TLS;
+ s->flags |= MTA_DOWNGRADE_PLAIN;
+ mta_connect(s);
+ break;
+ }
++
+ mta_error(s, "IO Error: %s", io_error(io));
+ mta_free(s);
+ break;
+diff -ru OpenSMTPD-opensmtpd-6.0.3/smtpd/smtp_session.c OpenSMTPD-opensmtpd-6.0.3-fixed/smtpd/smtp_session.c
+--- OpenSMTPD-opensmtpd-6.0.3/smtpd/smtp_session.c 2018-01-04 23:24:01.000000000 +0100
++++ OpenSMTPD-opensmtpd-6.0.3-fixed/smtpd/smtp_session.c 2020-01-29 09:47:24.610791335 +0100
+@@ -2004,25 +2004,23 @@
+ memmove(maddr->user, p, strlen(p) + 1);
+ }
+
+- if (!valid_localpart(maddr->user) ||
+- !valid_domainpart(maddr->domain)) {
+- /* accept empty return-path in MAIL FROM, required for bounces */
+- if (mailfrom && maddr->user[0] == '\0' && maddr->domain[0] == '\0')
+- return (1);
++ /* accept empty return-path in MAIL FROM, required for bounces */
++ if (mailfrom && maddr->user[0] == '\0' && maddr->domain[0] == '\0')
++ return (1);
+
+- /* no user-part, reject */
+- if (maddr->user[0] == '\0')
+- return (0);
+-
+- /* no domain, local user */
+- if (maddr->domain[0] == '\0') {
+- (void)strlcpy(maddr->domain, domain,
+- sizeof(maddr->domain));
+- return (1);
+- }
++ /* no or invalid user-part, reject */
++ if (maddr->user[0] == '\0' || !valid_localpart(maddr->user))
+ return (0);
++
++ /* no domain part, local user */
++ if (maddr->domain[0] == '\0') {
++ (void)strlcpy(maddr->domain, domain,
++ sizeof(maddr->domain));
+ }
+
++ if (!valid_domainpart(maddr->domain))
++ return (0);
++
+ return (1);
+ }
+
diff --git a/mail-mta/opensmtpd/opensmtpd-6.0.3_p1-r1.ebuild b/mail-mta/opensmtpd/opensmtpd-6.0.3_p1-r2.ebuild
similarity index 96%
rename from mail-mta/opensmtpd/opensmtpd-6.0.3_p1-r1.ebuild
rename to mail-mta/opensmtpd/opensmtpd-6.0.3_p1-r2.ebuild
index bd087d961d5..bed05258e9c 100644
--- a/mail-mta/opensmtpd/opensmtpd-6.0.3_p1-r1.ebuild
+++ b/mail-mta/opensmtpd/opensmtpd-6.0.3_p1-r2.ebuild
@@ -1,4 +1,4 @@
-# Copyright 1999-2019 Gentoo Authors
+# Copyright 1999-2020 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
EAPI=7
@@ -42,6 +42,7 @@ S=${WORKDIR}/${P/_}
PATCHES=(
"${FILESDIR}/${P}-fix-crash-on-auth.patch"
"${FILESDIR}/${P}-openssl_1.1.patch"
+ "${FILESDIR}/${P}-security-fixes.patch"
)
src_configure() {
^ permalink raw reply related [flat|nested] 10+ messages in thread
* [gentoo-commits] repo/gentoo:master commit in: mail-mta/opensmtpd/files/, mail-mta/opensmtpd/
@ 2023-04-26 3:51 Sam James
0 siblings, 0 replies; 10+ messages in thread
From: Sam James @ 2023-04-26 3:51 UTC (permalink / raw
To: gentoo-commits
commit: a05af7c36a3e4e74879cad3c03ef4ca2e3601b82
Author: orbea <orbea <AT> riseup <DOT> net>
AuthorDate: Tue Apr 25 14:38:02 2023 +0000
Commit: Sam James <sam <AT> gentoo <DOT> org>
CommitDate: Wed Apr 26 03:51:12 2023 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=a05af7c3
mail-mta/opensmtpd: Build fixes
Fixes some build issues:
* Build failure on musl systems
* Build failure with clang-16
* Uses AM_PROG_AR to find ar(1) during configure
* Uses configure arguments to find libevent and libssl on multilib
systems.
Closes: https://bugs.gentoo.org/720782
Closes: https://bugs.gentoo.org/727260
Closes: https://bugs.gentoo.org/739876
Closes: https://bugs.gentoo.org/896050
Closes: https://bugs.gentoo.org/899876
Upstream-Issue: https://github.com/OpenSMTPD/OpenSMTPD/issues/1065
Upstream-PR: https://github.com/OpenSMTPD/OpenSMTPD/pull/1195
Upstream-PR: https://github.com/OpenSMTPD/OpenSMTPD/pull/1198
Upstream-PR: https://github.com/OpenSMTPD/OpenSMTPD/pull/1199
Signed-off-by: orbea <orbea <AT> riseup.net>
Closes: https://github.com/gentoo/gentoo/pull/30750
Signed-off-by: Sam James <sam <AT> gentoo.org>
.../opensmtpd/files/opensmtpd-6.8.0_p2-ar.patch | 42 +++
...pd-6.8.0_p2-implicit-function-declaration.patch | 303 +++++++++++++++++++++
.../opensmtpd-6.8.0_p2-strict-prototypes.patch | 74 +++++
mail-mta/opensmtpd/opensmtpd-6.8.0_p2-r3.ebuild | 91 +++++++
4 files changed, 510 insertions(+)
diff --git a/mail-mta/opensmtpd/files/opensmtpd-6.8.0_p2-ar.patch b/mail-mta/opensmtpd/files/opensmtpd-6.8.0_p2-ar.patch
new file mode 100644
index 000000000000..fbd6ca925945
--- /dev/null
+++ b/mail-mta/opensmtpd/files/opensmtpd-6.8.0_p2-ar.patch
@@ -0,0 +1,42 @@
+https://github.com/OpenSMTPD/OpenSMTPD/pull/1199
+https://bugs.gentoo.org/720782
+
+From 92ada4471602fc737113b8dfe1b9b8e8e0aab7e0 Mon Sep 17 00:00:00 2001
+From: orbea <orbea@riseup.net>
+Date: Tue, 25 Apr 2023 09:13:51 -0700
+Subject: [PATCH] configure: Use AM_PROG_AR
+
+Automake provides AM_PROG_AR as a standard way of finding ar(1).
+
+Reference: https://www.gnu.org/software/automake/manual/html_node/Public-Macros.html
+
+Closes: https://github.com/OpenSMTPD/OpenSMTPD/pull/1177
+---
+ configure.ac | 7 +------
+ 1 file changed, 1 insertion(+), 6 deletions(-)
+
+diff --git a/configure.ac b/configure.ac
+index 00450485..5b12b67e 100644
+--- a/configure.ac
++++ b/configure.ac
+@@ -67,7 +67,7 @@ AC_C_BIGENDIAN
+ AC_PROG_CPP
+ AC_PROG_INSTALL
+ AC_PROG_LIBTOOL
+-AC_PATH_PROG([AR], [ar])
++AM_PROG_AR
+ AC_PATH_PROG([CAT], [cat])
+ AC_PATH_PROG([CHMOD], [chmod])
+ AC_PATH_PROG([CHOWN], [chown])
+@@ -84,11 +84,6 @@ AC_PROG_YACC
+
+ AC_SUBST([ZCAT])
+
+-
+-if test -z "$AR"; then
+- AC_MSG_ERROR([*** 'ar' missing, please install or fix your \$PATH ***])
+-fi
+-
+ if test -z "$LD"; then
+ LD=$CC
+ fi
diff --git a/mail-mta/opensmtpd/files/opensmtpd-6.8.0_p2-implicit-function-declaration.patch b/mail-mta/opensmtpd/files/opensmtpd-6.8.0_p2-implicit-function-declaration.patch
new file mode 100644
index 000000000000..11af2aa7630c
--- /dev/null
+++ b/mail-mta/opensmtpd/files/opensmtpd-6.8.0_p2-implicit-function-declaration.patch
@@ -0,0 +1,303 @@
+https://github.com/OpenSMTPD/OpenSMTPD/pull/1195
+https://bugs.gentoo.org/727260
+https://bugs.gentoo.org/896050
+https://bugs.gentoo.org/899876
+
+From 7abe6305f864113aec4c6fc55cccabdc55959252 Mon Sep 17 00:00:00 2001
+From: orbea <orbea@riseup.net>
+Date: Thu, 13 Apr 2023 11:04:14 -0700
+Subject: [PATCH] build: Fix -Werror=implicit-function-declaration
+
+On a system with musl these functions are not available, but they are
+found by the build system inside of libbsd instead. However many of the
+relevant headers are never incuded resulting in many implicit function
+declarations. Additionally clang-16 is more strict about these turning
+them into errors.
+
+* While libbsd contains symbols for inet_net_pton() they do not have any
+ headers with the function prototype. Upstream has marked this function
+ for removal since it is now provided in glibc even when musl doesn't
+ have it. This can be fixed by not looking for inet_net_pton() in libbsd.
+---
+ configure.ac | 6 +++++-
+ openbsd-compat/openbsd-compat.h | 4 +++-
+ usr.sbin/smtpd/aliases.c | 3 +++
+ usr.sbin/smtpd/config.c | 6 ++++++
+ usr.sbin/smtpd/control.c | 3 +++
+ usr.sbin/smtpd/envelope.c | 3 +++
+ usr.sbin/smtpd/forward.c | 3 +++
+ usr.sbin/smtpd/mail.maildir.c | 1 +
+ usr.sbin/smtpd/mda.c | 2 ++
+ usr.sbin/smtpd/mda_variables.c | 3 +++
+ usr.sbin/smtpd/mta_session.c | 3 +++
+ usr.sbin/smtpd/parse.y | 3 +++
+ usr.sbin/smtpd/smtp_session.c | 2 ++
+ usr.sbin/smtpd/ssl.c | 6 ++++++
+ usr.sbin/smtpd/table.c | 3 +++
+ usr.sbin/smtpd/to.c | 3 +++
+ usr.sbin/smtpd/util.c | 3 +++
+ 17 files changed, 55 insertions(+), 2 deletions(-)
+
+diff --git a/configure.ac b/configure.ac
+index c215f3bf..cf6fa675 100644
+--- a/configure.ac
++++ b/configure.ac
+@@ -119,6 +119,10 @@ AC_SUBST([MANFMT])
+ #
+ AC_CHECK_HEADERS([ \
+ arpa/nameser_compat.h \
++ bsd/stdlib.h \
++ bsd/string.h \
++ bsd/unistd.h \
++ bsd/vis.h \
+ crypt.h \
+ dirent.h \
+ err.h \
+@@ -442,7 +446,7 @@ AC_SEARCH_LIBS([dirname],
+ ])
+
+ AC_SEARCH_LIBS([inet_net_pton],
+- [resolv bsd],
++ [resolv],
+ [
+ AC_DEFINE([HAVE_INET_NET_PTON], [1],
+ [Define if you have the inet_net_pton() function.])
+diff --git a/openbsd-compat/openbsd-compat.h b/openbsd-compat/openbsd-compat.h
+index dcb643f1..5bebd78b 100644
+--- a/openbsd-compat/openbsd-compat.h
++++ b/openbsd-compat/openbsd-compat.h
+@@ -41,7 +41,9 @@
+
+ #include <sys/queue.h>
+ #include <sys/tree.h>
++#ifndef HAVE_BSD_VIS_H
+ #include "bsd-vis.h"
++#endif
+
+ #ifdef HAVE_SYS_TIME_H
+ #include <sys/time.h>
+@@ -67,7 +69,7 @@ size_t strlcpy(char *dst, const char *src, size_t size);
+ size_t strlcat(char *dst, const char *src, size_t size);
+ #endif
+
+-#ifndef HAVE_STRMODE
++#if !defined(HAVE_STROMODE) && !defined(HAVE_BSD_STRING_H)
+ void strmode(int mode, char *p);
+ #endif
+
+diff --git a/usr.sbin/smtpd/aliases.c b/usr.sbin/smtpd/aliases.c
+index 0f8a5c1e..f66d13e4 100644
+--- a/usr.sbin/smtpd/aliases.c
++++ b/usr.sbin/smtpd/aliases.c
+@@ -37,6 +37,9 @@
+ #ifdef HAVE_LIBUTIL_H
+ #include <libutil.h>
+ #endif
++#ifdef HAVE_BSD_LIBUTIL_H
++#include <bsd/libutil.h> /* needed for fparseln */
++#endif
+
+ #include "smtpd.h"
+ #include "log.h"
+diff --git a/usr.sbin/smtpd/config.c b/usr.sbin/smtpd/config.c
+index 8fe983d6..e1056b1d 100644
+--- a/usr.sbin/smtpd/config.c
++++ b/usr.sbin/smtpd/config.c
+@@ -30,9 +30,15 @@
+ #include <netdb.h>
+ #include <stdio.h>
+ #include <stdlib.h>
++#ifdef HAVE_BSD_STDLIB_H
++#include <bsd/stdlib.h> /* needed for freezero */
++#endif
+ #include <limits.h>
+ #include <string.h>
+ #include <unistd.h>
++#ifdef HAVE_BSD_UNISTD_H
++#include <bsd/unistd.h> /* needed for setproctitle */
++#endif
+
+ #include <openssl/ssl.h>
+
+diff --git a/usr.sbin/smtpd/control.c b/usr.sbin/smtpd/control.c
+index dbb2840d..b9f0df88 100644
+--- a/usr.sbin/smtpd/control.c
++++ b/usr.sbin/smtpd/control.c
+@@ -40,6 +40,9 @@
+ #include <string.h>
+ #include <time.h>
+ #include <unistd.h>
++#ifdef HAVE_BSD_UNISTD_H
++#include <bsd/unistd.h> /* needed for getpeereid */
++#endif
+ #include <limits.h>
+
+ #include "smtpd.h"
+diff --git a/usr.sbin/smtpd/envelope.c b/usr.sbin/smtpd/envelope.c
+index 35d98b79..0bb45aae 100644
+--- a/usr.sbin/smtpd/envelope.c
++++ b/usr.sbin/smtpd/envelope.c
+@@ -39,6 +39,9 @@
+ #include <limits.h>
+ #include <stdio.h>
+ #include <stdlib.h>
++#ifdef HAVE_BSD_STDLIB_H
++#include <bsd/stdlib.h> /* needed for strtonum */
++#endif
+ #include <string.h>
+ #include <time.h>
+ #include <unistd.h>
+diff --git a/usr.sbin/smtpd/forward.c b/usr.sbin/smtpd/forward.c
+index 7494c6ce..cf8dc6ef 100644
+--- a/usr.sbin/smtpd/forward.c
++++ b/usr.sbin/smtpd/forward.c
+@@ -36,6 +36,9 @@
+ #ifdef HAVE_LIBUTIL_H
+ #include <libutil.h>
+ #endif
++#ifdef HAVE_BSD_LIBUTIL_H
++#include <bsd/libutil.h> /* needed for fparseln */
++#endif
+ #include <unistd.h>
+ #include <limits.h>
+
+diff --git a/usr.sbin/smtpd/mail.maildir.c b/usr.sbin/smtpd/mail.maildir.c
+index fe6adba6..1f613b36 100644
+--- a/usr.sbin/smtpd/mail.maildir.c
++++ b/usr.sbin/smtpd/mail.maildir.c
+@@ -34,6 +34,7 @@
+ #include <string.h>
+ #include <time.h>
+ #include <sysexits.h>
++#include <time.h>
+ #include <unistd.h>
+
+ #define MAILADDR_ESCAPE "!#$%&'*/?^`{|}~"
+diff --git a/usr.sbin/smtpd/mda.c b/usr.sbin/smtpd/mda.c
+index 5e8fec19..9bc31be6 100644
+--- a/usr.sbin/smtpd/mda.c
++++ b/usr.sbin/smtpd/mda.c
+@@ -44,6 +44,8 @@
+ #include <limits.h>
+ #if defined(HAVE_VIS_H) && !defined(BROKEN_STRNVIS)
+ #include <vis.h>
++#elif defined(HAVE_BSD_VIS_H)
++#include <bsd/vis.h> /* needed for strnvis */
+ #else
+ #include "bsd-vis.h"
+ #endif
+diff --git a/usr.sbin/smtpd/mda_variables.c b/usr.sbin/smtpd/mda_variables.c
+index b672e492..10cb1cd0 100644
+--- a/usr.sbin/smtpd/mda_variables.c
++++ b/usr.sbin/smtpd/mda_variables.c
+@@ -29,6 +29,9 @@
+ #include <imsg.h>
+ #include <stdio.h>
+ #include <stdlib.h>
++#ifdef HAVE_BSD_STDLIB_H
++#include <bsd/stdlib.h> /* needed for strtonum */
++#endif
+ #include <string.h>
+ #include <unistd.h>
+ #include <limits.h>
+diff --git a/usr.sbin/smtpd/mta_session.c b/usr.sbin/smtpd/mta_session.c
+index 327502b7..72f8d29b 100644
+--- a/usr.sbin/smtpd/mta_session.c
++++ b/usr.sbin/smtpd/mta_session.c
+@@ -42,6 +42,9 @@
+ #include <signal.h>
+ #include <stdio.h>
+ #include <stdlib.h>
++#ifdef HAVE_BSD_STDLIB_H
++#include <bsd/stdlib.h> /* needed for strtonum */
++#endif
+ #include <string.h>
+ #include <time.h>
+ #include <unistd.h>
+diff --git a/usr.sbin/smtpd/parse.y b/usr.sbin/smtpd/parse.y
+index a82f8206..6510936d 100644
+--- a/usr.sbin/smtpd/parse.y
++++ b/usr.sbin/smtpd/parse.y
+@@ -50,6 +50,9 @@
+ #include <resolv.h>
+ #include <stdio.h>
+ #include <stdlib.h>
++#ifdef HAVE_BSD_STDLIB_H
++#include <bsd/stdlib.h> /* needed for strtonum */
++#endif
+ #include <string.h>
+ #include <syslog.h>
+ #include <unistd.h>
+diff --git a/usr.sbin/smtpd/smtp_session.c b/usr.sbin/smtpd/smtp_session.c
+index e8167fca..8bc877ea 100644
+--- a/usr.sbin/smtpd/smtp_session.c
++++ b/usr.sbin/smtpd/smtp_session.c
+@@ -43,6 +43,8 @@
+ #include <unistd.h>
+ #if defined(HAVE_VIS_H) && !defined(BROKEN_STRNVIS)
+ #include <vis.h>
++#elif defined(HAVE_BSD_VIS_H)
++#include <bsd/vis.h> /* needed for strnvis */
+ #else
+ #include "bsd-vis.h"
+ #endif
+diff --git a/usr.sbin/smtpd/ssl.c b/usr.sbin/smtpd/ssl.c
+index 97f7b1df..1ef692e5 100644
+--- a/usr.sbin/smtpd/ssl.c
++++ b/usr.sbin/smtpd/ssl.c
+@@ -34,7 +34,13 @@
+ #include <pwd.h>
+ #include <stdio.h>
+ #include <stdlib.h>
++#ifdef HAVE_BSD_STDLIB_H
++#include <bsd/stdlib.h> /* needed for freezero */
++#endif
+ #include <string.h>
++#ifdef HAVE_BSD_STRING_H
++#include <bsd/string.h> /* needed for strmode */
++#endif
+ #include <unistd.h>
+
+ #include <openssl/ssl.h>
+diff --git a/usr.sbin/smtpd/table.c b/usr.sbin/smtpd/table.c
+index 6d3292ce..ed3ba6d3 100644
+--- a/usr.sbin/smtpd/table.c
++++ b/usr.sbin/smtpd/table.c
+@@ -34,6 +34,9 @@
+ #include <imsg.h>
+ #include <stdio.h>
+ #include <stdlib.h>
++#ifdef HAVE_BSD_STDLIB_H
++#include <bsd/stdlib.h> /* needed for strtonum */
++#endif
+ #include <regex.h>
+ #include <limits.h>
+ #include <string.h>
+diff --git a/usr.sbin/smtpd/to.c b/usr.sbin/smtpd/to.c
+index 81a1bb54..1068b1a9 100644
+--- a/usr.sbin/smtpd/to.c
++++ b/usr.sbin/smtpd/to.c
+@@ -43,6 +43,9 @@
+ #include <stdarg.h>
+ #include <stdio.h>
+ #include <stdlib.h>
++#ifdef HAVE_BSD_STDLIB_H
++#include <bsd/stdlib.h> /* needed for strtonum */
++#endif
+ #include <string.h>
+ #include <time.h>
+ #include <unistd.h>
+diff --git a/usr.sbin/smtpd/util.c b/usr.sbin/smtpd/util.c
+index b2b1458c..7b1b5876 100644
+--- a/usr.sbin/smtpd/util.c
++++ b/usr.sbin/smtpd/util.c
+@@ -47,6 +47,9 @@
+ #include <stdio.h>
+ #include <stdlib.h>
+ #include <string.h>
++#ifdef HAVE_BSD_STRING_H
++#include <bsd/string.h> /* needed for strmode */
++#endif
+ #include <syslog.h>
+ #include <time.h>
+ #include <unistd.h>
diff --git a/mail-mta/opensmtpd/files/opensmtpd-6.8.0_p2-strict-prototypes.patch b/mail-mta/opensmtpd/files/opensmtpd-6.8.0_p2-strict-prototypes.patch
new file mode 100644
index 000000000000..44736bff5598
--- /dev/null
+++ b/mail-mta/opensmtpd/files/opensmtpd-6.8.0_p2-strict-prototypes.patch
@@ -0,0 +1,74 @@
+https://github.com/OpenSMTPD/OpenSMTPD/pull/1198
+
+From 84331a266b7d8d8e469aea8b85d1e493725807ae Mon Sep 17 00:00:00 2001
+From: orbea <orbea@riseup.net>
+Date: Thu, 13 Apr 2023 11:19:53 -0700
+Subject: [PATCH 1/2] build: Fix -Werror=strict-prototypes
+
+Clang-16 is more strict about these so make the compiler happy.
+---
+ usr.sbin/smtpd/bounce.c | 2 +-
+ usr.sbin/smtpd/ioev.c | 2 +-
+ usr.sbin/smtpd/mda.c | 4 ++--
+ usr.sbin/smtpd/smtpd.c | 2 +-
+ 4 files changed, 5 insertions(+), 5 deletions(-)
+
+diff --git a/usr.sbin/smtpd/bounce.c b/usr.sbin/smtpd/bounce.c
+index bb08f90e..7fb1cf32 100644
+--- a/usr.sbin/smtpd/bounce.c
++++ b/usr.sbin/smtpd/bounce.c
+@@ -243,7 +243,7 @@ bounce_timeout(int fd, short ev, void *arg)
+ }
+
+ static void
+-bounce_drain()
++bounce_drain(void)
+ {
+ struct bounce_message *msg;
+ struct timeval tv;
+diff --git a/usr.sbin/smtpd/ioev.c b/usr.sbin/smtpd/ioev.c
+index 747b3a51..3e3e68f4 100644
+--- a/usr.sbin/smtpd/ioev.c
++++ b/usr.sbin/smtpd/ioev.c
+@@ -228,7 +228,7 @@ io_frame_leave(struct io *io)
+ }
+
+ void
+-_io_init()
++_io_init(void)
+ {
+ static int init = 0;
+
+diff --git a/usr.sbin/smtpd/mda.c b/usr.sbin/smtpd/mda.c
+index 6a28b923..bd963e54 100644
+--- a/usr.sbin/smtpd/mda.c
++++ b/usr.sbin/smtpd/mda.c
+@@ -386,12 +386,12 @@ mda_imsg(struct mproc *p, struct imsg *imsg)
+ }
+
+ void
+-mda_postfork()
++mda_postfork(void)
+ {
+ }
+
+ void
+-mda_postprivdrop()
++mda_postprivdrop(void)
+ {
+ tree_init(&sessions);
+ tree_init(&users);
+diff --git a/usr.sbin/smtpd/smtpd.c b/usr.sbin/smtpd/smtpd.c
+index 26078c49..830417e6 100644
+--- a/usr.sbin/smtpd/smtpd.c
++++ b/usr.sbin/smtpd/smtpd.c
+@@ -353,7 +353,7 @@ parent_send_config_dispatcher(void)
+ }
+
+ void
+-parent_send_config_lka()
++parent_send_config_lka(void)
+ {
+ log_debug("debug: parent_send_config_ruleset: reloading");
+ m_compose(p_lka, IMSG_CONF_START, 0, 0, -1, NULL, 0);
+
diff --git a/mail-mta/opensmtpd/opensmtpd-6.8.0_p2-r3.ebuild b/mail-mta/opensmtpd/opensmtpd-6.8.0_p2-r3.ebuild
new file mode 100644
index 000000000000..aeba246f0bdd
--- /dev/null
+++ b/mail-mta/opensmtpd/opensmtpd-6.8.0_p2-r3.ebuild
@@ -0,0 +1,91 @@
+# Copyright 1999-2023 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+
+inherit autotools pam systemd
+
+DESCRIPTION="Lightweight but featured SMTP daemon from OpenBSD"
+HOMEPAGE="https://www.opensmtpd.org"
+SRC_URI="https://www.opensmtpd.org/archives/${P/_}.tar.gz"
+
+LICENSE="ISC BSD BSD-1 BSD-2 BSD-4"
+SLOT="0"
+KEYWORDS="~amd64 ~arm ~arm64 ~ppc64 ~riscv ~x86"
+IUSE="berkdb +mta pam split-usr"
+
+# < openssl 3 for bug #881701
+DEPEND="
+ acct-user/smtpd
+ acct-user/smtpq
+ <dev-libs/openssl-3:=
+ elibc_musl? ( sys-libs/fts-standalone )
+ sys-libs/zlib
+ pam? ( sys-libs/pam )
+ berkdb? ( sys-libs/db:= )
+ dev-libs/libevent:=
+ app-misc/ca-certificates
+ net-mail/mailbase
+ net-libs/libasr
+ virtual/libcrypt:=
+ !mail-mta/courier
+ !mail-mta/esmtp
+ !mail-mta/exim
+ !mail-mta/mini-qmail
+ !mail-mta/msmtp[mta]
+ !mail-mta/netqmail
+ !mail-mta/nullmailer
+ !mail-mta/postfix
+ !mail-mta/qmail-ldap
+ !mail-mta/sendmail
+ !mail-mta/ssmtp[mta]
+"
+RDEPEND="${DEPEND}"
+BDEPEND="app-alternatives/yacc"
+
+S=${WORKDIR}/${P/_}
+
+PATCHES=(
+ "${FILESDIR}"/${P}-ar.patch #720782
+ "${FILESDIR}"/${P}-implicit-function-declaration.patch #727260, 896050, 899876
+ "${FILESDIR}"/${P}-strict-prototypes.patch
+)
+
+src_prepare() {
+ default
+ eautoreconf
+}
+
+src_configure() {
+ econf \
+ --sysconfdir=/etc/smtpd \
+ --with-path-mbox=/var/spool/mail \
+ --with-path-empty=/var/empty \
+ --with-path-socket=/run \
+ --with-path-CAfile=/etc/ssl/certs/ca-certificates.crt \
+ --with-user-smtpd=smtpd \
+ --with-user-queue=smtpq \
+ --with-group-queue=smtpq \
+ --with-libevent="$(get_libdir)" \
+ --with-libssl="$(get_libdir)" \
+ $(use_with pam auth-pam) \
+ $(use_with berkdb table-db)
+}
+
+src_install() {
+ default
+ newinitd "${FILESDIR}"/smtpd.initd smtpd
+ systemd_dounit "${FILESDIR}"/smtpd.{service,socket}
+ use pam && newpamd "${FILESDIR}"/smtpd.pam smtpd
+ dosym smtpctl /usr/sbin/makemap
+ dosym smtpctl /usr/sbin/newaliases
+ if use mta ; then
+ dodir /usr/sbin
+ dosym smtpctl /usr/sbin/sendmail
+ # on USE="-split-usr" system sbin and bin are merged
+ # so symlink made above will collide with one below
+ use split-usr && dosym ../sbin/smtpctl /usr/bin/sendmail
+ mkdir -p "${ED}"/usr/$(get_libdir) || die
+ ln -s --relative "${ED}"/usr/sbin/smtpctl "${ED}"/usr/$(get_libdir)/sendmail || die
+ fi
+}
^ permalink raw reply related [flat|nested] 10+ messages in thread
* [gentoo-commits] repo/gentoo:master commit in: mail-mta/opensmtpd/files/, mail-mta/opensmtpd/
@ 2023-08-26 14:22 David Seifert
0 siblings, 0 replies; 10+ messages in thread
From: David Seifert @ 2023-08-26 14:22 UTC (permalink / raw
To: gentoo-commits
commit: 1c72dffdc796b9aa428abc9e9d557f817f6f9baa
Author: David Seifert <soap <AT> gentoo <DOT> org>
AuthorDate: Sat Aug 26 14:21:08 2023 +0000
Commit: David Seifert <soap <AT> gentoo <DOT> org>
CommitDate: Sat Aug 26 14:21:08 2023 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=1c72dffd
mail-mta/opensmtpd: add 7.3.0_p1
Bug: https://bugs.gentoo.org/779076
Bug: https://bugs.gentoo.org/881701
Bug: https://bugs.gentoo.org/899788
Bug: https://bugs.gentoo.org/908836
Signed-off-by: David Seifert <soap <AT> gentoo.org>
mail-mta/opensmtpd/Manifest | 1 +
mail-mta/opensmtpd/files/smtpd-r1.service | 11 ++++
mail-mta/opensmtpd/opensmtpd-7.3.0_p1.ebuild | 91 ++++++++++++++++++++++++++++
3 files changed, 103 insertions(+)
diff --git a/mail-mta/opensmtpd/Manifest b/mail-mta/opensmtpd/Manifest
index f7a170bf9339..2b92b99ea427 100644
--- a/mail-mta/opensmtpd/Manifest
+++ b/mail-mta/opensmtpd/Manifest
@@ -1 +1,2 @@
DIST opensmtpd-6.8.0p2.tar.gz 860189 BLAKE2B 603e8516860eddefb1694ea4cb5631cec2df2a19fa3193b25388caf73c41e82d44e57847fc95b5187488cae629542e72ff2d5a17badc15cef1647bdb173d7827 SHA512 48f152b75575146fdd09bdf47123041ea62fefb6e5de33a69826bf91a2126a918f8db1caffadb2f142a1a21de8126d492de88cb65bdf169e61c0b22d3e78d290
+DIST opensmtpd-7.3.0p1.tar.gz 849026 BLAKE2B bdb83468df12af2a2b39664a4408acfaf0cd81551074fb3823f7eb1b0d30ce79d812876fcea2ff940ddaac8b1a96700e1f4d2c275beab106fed010b733cff5c2 SHA512 2106de43e4b7435e49df759570ec758672ca8271dc451e30a261c250b41908b6ffe28e571a5f52e2ac14f59af132d1df45b272f8fcafeab04fcfb6bd5db970bb
diff --git a/mail-mta/opensmtpd/files/smtpd-r1.service b/mail-mta/opensmtpd/files/smtpd-r1.service
new file mode 100644
index 000000000000..fccd88f31472
--- /dev/null
+++ b/mail-mta/opensmtpd/files/smtpd-r1.service
@@ -0,0 +1,11 @@
+[Unit]
+Description=OpenSMTPD
+After=network.target
+
+[Service]
+Type=forking
+ExecStart=/usr/sbin/smtpd
+PIDFile=/run/smtpd.pid
+
+[Install]
+WantedBy=multi-user.target
diff --git a/mail-mta/opensmtpd/opensmtpd-7.3.0_p1.ebuild b/mail-mta/opensmtpd/opensmtpd-7.3.0_p1.ebuild
new file mode 100644
index 000000000000..25cf7cb2f25c
--- /dev/null
+++ b/mail-mta/opensmtpd/opensmtpd-7.3.0_p1.ebuild
@@ -0,0 +1,91 @@
+# Copyright 1999-2023 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+
+inherit autotools pam systemd
+
+DESCRIPTION="Lightweight but featured SMTP daemon from OpenBSD"
+HOMEPAGE="https://www.opensmtpd.org"
+SRC_URI="https://www.opensmtpd.org/archives/${P/_}.tar.gz"
+S="${WORKDIR}/${P/_}"
+
+LICENSE="ISC BSD BSD-1 BSD-2 BSD-4"
+SLOT="0"
+KEYWORDS="~amd64 ~arm ~arm64 ~ppc64 ~riscv ~x86"
+IUSE="berkdb +mta pam split-usr"
+
+RDEPEND="
+ acct-user/smtpd
+ acct-user/smtpq
+ app-misc/ca-certificates
+ dev-libs/libbsd
+ dev-libs/libevent:=
+ dev-libs/openssl:=
+ net-libs/libasr
+ net-mail/mailbase
+ sys-libs/zlib
+ virtual/libcrypt:=
+ berkdb? ( sys-libs/db:= )
+ elibc_musl? ( sys-libs/fts-standalone )
+ pam? ( sys-libs/pam )
+ !mail-mta/courier
+ !mail-mta/esmtp
+ !mail-mta/exim
+ !mail-mta/msmtp[mta]
+ !mail-mta/netqmail
+ !mail-mta/nullmailer
+ !mail-mta/postfix
+ !mail-mta/sendmail
+ !mail-mta/ssmtp[mta]
+"
+DEPEND="${RDEPEND}"
+BDEPEND="app-alternatives/yacc"
+
+QA_CONFIG_IMPL_DECL_SKIP=(
+ # LibreSSL link check
+ SSLeay_add_all_algorithms
+)
+
+src_prepare() {
+ default
+ eautoreconf
+}
+
+src_configure() {
+ econf \
+ --sysconfdir="${EPREFIX}"/etc/smtpd \
+ --with-path-mbox="${EPREFIX}"/var/spool/mail \
+ --with-path-empty="${EPREFIX}"/var/empty \
+ --with-path-socket=/run \
+ --with-path-CAfile="${EPREFIX}"/etc/ssl/certs/ca-certificates.crt \
+ --with-user-smtpd=smtpd \
+ --with-user-queue=smtpq \
+ --with-group-queue=smtpq \
+ --with-libevent="${EPREFIX}"/usr/$(get_libdir) \
+ --with-libssl="${EPREFIX}"/usr/$(get_libdir) \
+ $(use_with pam auth-pam) \
+ $(use_with berkdb table-db)
+}
+
+src_install() {
+ default
+
+ newinitd "${FILESDIR}"/smtpd.initd smtpd
+ systemd_newunit "${FILESDIR}"/smtpd-r1.service smtpd.service
+
+ use pam && newpamd "${FILESDIR}"/smtpd.pam smtpd
+
+ dosym smtpctl /usr/sbin/makemap
+ dosym smtpctl /usr/sbin/newaliases
+
+ if use mta ; then
+ dodir /usr/sbin
+ dosym smtpctl /usr/sbin/sendmail
+ # on USE="-split-usr" system sbin and bin are merged
+ # so symlink made above will collide with one below
+ use split-usr && dosym ../sbin/smtpctl /usr/bin/sendmail
+ dodir /usr/$(get_libdir)
+ dosym -r /usr/sbin/smtpctl /usr/$(get_libdir)/sendmail
+ fi
+}
^ permalink raw reply related [flat|nested] 10+ messages in thread
* [gentoo-commits] repo/gentoo:master commit in: mail-mta/opensmtpd/files/, mail-mta/opensmtpd/
@ 2023-09-05 14:37 David Seifert
0 siblings, 0 replies; 10+ messages in thread
From: David Seifert @ 2023-09-05 14:37 UTC (permalink / raw
To: gentoo-commits
commit: f571d35d15b7e75c0606e3faa6ef5aa25b8c15ec
Author: David Seifert <soap <AT> gentoo <DOT> org>
AuthorDate: Tue Sep 5 14:36:51 2023 +0000
Commit: David Seifert <soap <AT> gentoo <DOT> org>
CommitDate: Tue Sep 5 14:36:51 2023 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=f571d35d
mail-mta/opensmtpd: drop 6.8.0_p2-r2, 6.8.0_p2-r3
Closes: https://bugs.gentoo.org/881701
Closes: https://bugs.gentoo.org/899788
Closes: https://bugs.gentoo.org/913144
Signed-off-by: David Seifert <soap <AT> gentoo.org>
mail-mta/opensmtpd/Manifest | 1 -
.../opensmtpd/files/opensmtpd-6.8.0_p2-ar.patch | 42 ---
...pd-6.8.0_p2-implicit-function-declaration.patch | 303 ---------------------
.../opensmtpd-6.8.0_p2-strict-prototypes.patch | 74 -----
mail-mta/opensmtpd/files/smtpd.service | 10 -
mail-mta/opensmtpd/files/smtpd.socket | 8 -
mail-mta/opensmtpd/opensmtpd-6.8.0_p2-r2.ebuild | 78 ------
mail-mta/opensmtpd/opensmtpd-6.8.0_p2-r3.ebuild | 91 -------
8 files changed, 607 deletions(-)
diff --git a/mail-mta/opensmtpd/Manifest b/mail-mta/opensmtpd/Manifest
index 2b92b99ea427..5c6919669ac9 100644
--- a/mail-mta/opensmtpd/Manifest
+++ b/mail-mta/opensmtpd/Manifest
@@ -1,2 +1 @@
-DIST opensmtpd-6.8.0p2.tar.gz 860189 BLAKE2B 603e8516860eddefb1694ea4cb5631cec2df2a19fa3193b25388caf73c41e82d44e57847fc95b5187488cae629542e72ff2d5a17badc15cef1647bdb173d7827 SHA512 48f152b75575146fdd09bdf47123041ea62fefb6e5de33a69826bf91a2126a918f8db1caffadb2f142a1a21de8126d492de88cb65bdf169e61c0b22d3e78d290
DIST opensmtpd-7.3.0p1.tar.gz 849026 BLAKE2B bdb83468df12af2a2b39664a4408acfaf0cd81551074fb3823f7eb1b0d30ce79d812876fcea2ff940ddaac8b1a96700e1f4d2c275beab106fed010b733cff5c2 SHA512 2106de43e4b7435e49df759570ec758672ca8271dc451e30a261c250b41908b6ffe28e571a5f52e2ac14f59af132d1df45b272f8fcafeab04fcfb6bd5db970bb
diff --git a/mail-mta/opensmtpd/files/opensmtpd-6.8.0_p2-ar.patch b/mail-mta/opensmtpd/files/opensmtpd-6.8.0_p2-ar.patch
deleted file mode 100644
index fbd6ca925945..000000000000
--- a/mail-mta/opensmtpd/files/opensmtpd-6.8.0_p2-ar.patch
+++ /dev/null
@@ -1,42 +0,0 @@
-https://github.com/OpenSMTPD/OpenSMTPD/pull/1199
-https://bugs.gentoo.org/720782
-
-From 92ada4471602fc737113b8dfe1b9b8e8e0aab7e0 Mon Sep 17 00:00:00 2001
-From: orbea <orbea@riseup.net>
-Date: Tue, 25 Apr 2023 09:13:51 -0700
-Subject: [PATCH] configure: Use AM_PROG_AR
-
-Automake provides AM_PROG_AR as a standard way of finding ar(1).
-
-Reference: https://www.gnu.org/software/automake/manual/html_node/Public-Macros.html
-
-Closes: https://github.com/OpenSMTPD/OpenSMTPD/pull/1177
----
- configure.ac | 7 +------
- 1 file changed, 1 insertion(+), 6 deletions(-)
-
-diff --git a/configure.ac b/configure.ac
-index 00450485..5b12b67e 100644
---- a/configure.ac
-+++ b/configure.ac
-@@ -67,7 +67,7 @@ AC_C_BIGENDIAN
- AC_PROG_CPP
- AC_PROG_INSTALL
- AC_PROG_LIBTOOL
--AC_PATH_PROG([AR], [ar])
-+AM_PROG_AR
- AC_PATH_PROG([CAT], [cat])
- AC_PATH_PROG([CHMOD], [chmod])
- AC_PATH_PROG([CHOWN], [chown])
-@@ -84,11 +84,6 @@ AC_PROG_YACC
-
- AC_SUBST([ZCAT])
-
--
--if test -z "$AR"; then
-- AC_MSG_ERROR([*** 'ar' missing, please install or fix your \$PATH ***])
--fi
--
- if test -z "$LD"; then
- LD=$CC
- fi
diff --git a/mail-mta/opensmtpd/files/opensmtpd-6.8.0_p2-implicit-function-declaration.patch b/mail-mta/opensmtpd/files/opensmtpd-6.8.0_p2-implicit-function-declaration.patch
deleted file mode 100644
index 11af2aa7630c..000000000000
--- a/mail-mta/opensmtpd/files/opensmtpd-6.8.0_p2-implicit-function-declaration.patch
+++ /dev/null
@@ -1,303 +0,0 @@
-https://github.com/OpenSMTPD/OpenSMTPD/pull/1195
-https://bugs.gentoo.org/727260
-https://bugs.gentoo.org/896050
-https://bugs.gentoo.org/899876
-
-From 7abe6305f864113aec4c6fc55cccabdc55959252 Mon Sep 17 00:00:00 2001
-From: orbea <orbea@riseup.net>
-Date: Thu, 13 Apr 2023 11:04:14 -0700
-Subject: [PATCH] build: Fix -Werror=implicit-function-declaration
-
-On a system with musl these functions are not available, but they are
-found by the build system inside of libbsd instead. However many of the
-relevant headers are never incuded resulting in many implicit function
-declarations. Additionally clang-16 is more strict about these turning
-them into errors.
-
-* While libbsd contains symbols for inet_net_pton() they do not have any
- headers with the function prototype. Upstream has marked this function
- for removal since it is now provided in glibc even when musl doesn't
- have it. This can be fixed by not looking for inet_net_pton() in libbsd.
----
- configure.ac | 6 +++++-
- openbsd-compat/openbsd-compat.h | 4 +++-
- usr.sbin/smtpd/aliases.c | 3 +++
- usr.sbin/smtpd/config.c | 6 ++++++
- usr.sbin/smtpd/control.c | 3 +++
- usr.sbin/smtpd/envelope.c | 3 +++
- usr.sbin/smtpd/forward.c | 3 +++
- usr.sbin/smtpd/mail.maildir.c | 1 +
- usr.sbin/smtpd/mda.c | 2 ++
- usr.sbin/smtpd/mda_variables.c | 3 +++
- usr.sbin/smtpd/mta_session.c | 3 +++
- usr.sbin/smtpd/parse.y | 3 +++
- usr.sbin/smtpd/smtp_session.c | 2 ++
- usr.sbin/smtpd/ssl.c | 6 ++++++
- usr.sbin/smtpd/table.c | 3 +++
- usr.sbin/smtpd/to.c | 3 +++
- usr.sbin/smtpd/util.c | 3 +++
- 17 files changed, 55 insertions(+), 2 deletions(-)
-
-diff --git a/configure.ac b/configure.ac
-index c215f3bf..cf6fa675 100644
---- a/configure.ac
-+++ b/configure.ac
-@@ -119,6 +119,10 @@ AC_SUBST([MANFMT])
- #
- AC_CHECK_HEADERS([ \
- arpa/nameser_compat.h \
-+ bsd/stdlib.h \
-+ bsd/string.h \
-+ bsd/unistd.h \
-+ bsd/vis.h \
- crypt.h \
- dirent.h \
- err.h \
-@@ -442,7 +446,7 @@ AC_SEARCH_LIBS([dirname],
- ])
-
- AC_SEARCH_LIBS([inet_net_pton],
-- [resolv bsd],
-+ [resolv],
- [
- AC_DEFINE([HAVE_INET_NET_PTON], [1],
- [Define if you have the inet_net_pton() function.])
-diff --git a/openbsd-compat/openbsd-compat.h b/openbsd-compat/openbsd-compat.h
-index dcb643f1..5bebd78b 100644
---- a/openbsd-compat/openbsd-compat.h
-+++ b/openbsd-compat/openbsd-compat.h
-@@ -41,7 +41,9 @@
-
- #include <sys/queue.h>
- #include <sys/tree.h>
-+#ifndef HAVE_BSD_VIS_H
- #include "bsd-vis.h"
-+#endif
-
- #ifdef HAVE_SYS_TIME_H
- #include <sys/time.h>
-@@ -67,7 +69,7 @@ size_t strlcpy(char *dst, const char *src, size_t size);
- size_t strlcat(char *dst, const char *src, size_t size);
- #endif
-
--#ifndef HAVE_STRMODE
-+#if !defined(HAVE_STROMODE) && !defined(HAVE_BSD_STRING_H)
- void strmode(int mode, char *p);
- #endif
-
-diff --git a/usr.sbin/smtpd/aliases.c b/usr.sbin/smtpd/aliases.c
-index 0f8a5c1e..f66d13e4 100644
---- a/usr.sbin/smtpd/aliases.c
-+++ b/usr.sbin/smtpd/aliases.c
-@@ -37,6 +37,9 @@
- #ifdef HAVE_LIBUTIL_H
- #include <libutil.h>
- #endif
-+#ifdef HAVE_BSD_LIBUTIL_H
-+#include <bsd/libutil.h> /* needed for fparseln */
-+#endif
-
- #include "smtpd.h"
- #include "log.h"
-diff --git a/usr.sbin/smtpd/config.c b/usr.sbin/smtpd/config.c
-index 8fe983d6..e1056b1d 100644
---- a/usr.sbin/smtpd/config.c
-+++ b/usr.sbin/smtpd/config.c
-@@ -30,9 +30,15 @@
- #include <netdb.h>
- #include <stdio.h>
- #include <stdlib.h>
-+#ifdef HAVE_BSD_STDLIB_H
-+#include <bsd/stdlib.h> /* needed for freezero */
-+#endif
- #include <limits.h>
- #include <string.h>
- #include <unistd.h>
-+#ifdef HAVE_BSD_UNISTD_H
-+#include <bsd/unistd.h> /* needed for setproctitle */
-+#endif
-
- #include <openssl/ssl.h>
-
-diff --git a/usr.sbin/smtpd/control.c b/usr.sbin/smtpd/control.c
-index dbb2840d..b9f0df88 100644
---- a/usr.sbin/smtpd/control.c
-+++ b/usr.sbin/smtpd/control.c
-@@ -40,6 +40,9 @@
- #include <string.h>
- #include <time.h>
- #include <unistd.h>
-+#ifdef HAVE_BSD_UNISTD_H
-+#include <bsd/unistd.h> /* needed for getpeereid */
-+#endif
- #include <limits.h>
-
- #include "smtpd.h"
-diff --git a/usr.sbin/smtpd/envelope.c b/usr.sbin/smtpd/envelope.c
-index 35d98b79..0bb45aae 100644
---- a/usr.sbin/smtpd/envelope.c
-+++ b/usr.sbin/smtpd/envelope.c
-@@ -39,6 +39,9 @@
- #include <limits.h>
- #include <stdio.h>
- #include <stdlib.h>
-+#ifdef HAVE_BSD_STDLIB_H
-+#include <bsd/stdlib.h> /* needed for strtonum */
-+#endif
- #include <string.h>
- #include <time.h>
- #include <unistd.h>
-diff --git a/usr.sbin/smtpd/forward.c b/usr.sbin/smtpd/forward.c
-index 7494c6ce..cf8dc6ef 100644
---- a/usr.sbin/smtpd/forward.c
-+++ b/usr.sbin/smtpd/forward.c
-@@ -36,6 +36,9 @@
- #ifdef HAVE_LIBUTIL_H
- #include <libutil.h>
- #endif
-+#ifdef HAVE_BSD_LIBUTIL_H
-+#include <bsd/libutil.h> /* needed for fparseln */
-+#endif
- #include <unistd.h>
- #include <limits.h>
-
-diff --git a/usr.sbin/smtpd/mail.maildir.c b/usr.sbin/smtpd/mail.maildir.c
-index fe6adba6..1f613b36 100644
---- a/usr.sbin/smtpd/mail.maildir.c
-+++ b/usr.sbin/smtpd/mail.maildir.c
-@@ -34,6 +34,7 @@
- #include <string.h>
- #include <time.h>
- #include <sysexits.h>
-+#include <time.h>
- #include <unistd.h>
-
- #define MAILADDR_ESCAPE "!#$%&'*/?^`{|}~"
-diff --git a/usr.sbin/smtpd/mda.c b/usr.sbin/smtpd/mda.c
-index 5e8fec19..9bc31be6 100644
---- a/usr.sbin/smtpd/mda.c
-+++ b/usr.sbin/smtpd/mda.c
-@@ -44,6 +44,8 @@
- #include <limits.h>
- #if defined(HAVE_VIS_H) && !defined(BROKEN_STRNVIS)
- #include <vis.h>
-+#elif defined(HAVE_BSD_VIS_H)
-+#include <bsd/vis.h> /* needed for strnvis */
- #else
- #include "bsd-vis.h"
- #endif
-diff --git a/usr.sbin/smtpd/mda_variables.c b/usr.sbin/smtpd/mda_variables.c
-index b672e492..10cb1cd0 100644
---- a/usr.sbin/smtpd/mda_variables.c
-+++ b/usr.sbin/smtpd/mda_variables.c
-@@ -29,6 +29,9 @@
- #include <imsg.h>
- #include <stdio.h>
- #include <stdlib.h>
-+#ifdef HAVE_BSD_STDLIB_H
-+#include <bsd/stdlib.h> /* needed for strtonum */
-+#endif
- #include <string.h>
- #include <unistd.h>
- #include <limits.h>
-diff --git a/usr.sbin/smtpd/mta_session.c b/usr.sbin/smtpd/mta_session.c
-index 327502b7..72f8d29b 100644
---- a/usr.sbin/smtpd/mta_session.c
-+++ b/usr.sbin/smtpd/mta_session.c
-@@ -42,6 +42,9 @@
- #include <signal.h>
- #include <stdio.h>
- #include <stdlib.h>
-+#ifdef HAVE_BSD_STDLIB_H
-+#include <bsd/stdlib.h> /* needed for strtonum */
-+#endif
- #include <string.h>
- #include <time.h>
- #include <unistd.h>
-diff --git a/usr.sbin/smtpd/parse.y b/usr.sbin/smtpd/parse.y
-index a82f8206..6510936d 100644
---- a/usr.sbin/smtpd/parse.y
-+++ b/usr.sbin/smtpd/parse.y
-@@ -50,6 +50,9 @@
- #include <resolv.h>
- #include <stdio.h>
- #include <stdlib.h>
-+#ifdef HAVE_BSD_STDLIB_H
-+#include <bsd/stdlib.h> /* needed for strtonum */
-+#endif
- #include <string.h>
- #include <syslog.h>
- #include <unistd.h>
-diff --git a/usr.sbin/smtpd/smtp_session.c b/usr.sbin/smtpd/smtp_session.c
-index e8167fca..8bc877ea 100644
---- a/usr.sbin/smtpd/smtp_session.c
-+++ b/usr.sbin/smtpd/smtp_session.c
-@@ -43,6 +43,8 @@
- #include <unistd.h>
- #if defined(HAVE_VIS_H) && !defined(BROKEN_STRNVIS)
- #include <vis.h>
-+#elif defined(HAVE_BSD_VIS_H)
-+#include <bsd/vis.h> /* needed for strnvis */
- #else
- #include "bsd-vis.h"
- #endif
-diff --git a/usr.sbin/smtpd/ssl.c b/usr.sbin/smtpd/ssl.c
-index 97f7b1df..1ef692e5 100644
---- a/usr.sbin/smtpd/ssl.c
-+++ b/usr.sbin/smtpd/ssl.c
-@@ -34,7 +34,13 @@
- #include <pwd.h>
- #include <stdio.h>
- #include <stdlib.h>
-+#ifdef HAVE_BSD_STDLIB_H
-+#include <bsd/stdlib.h> /* needed for freezero */
-+#endif
- #include <string.h>
-+#ifdef HAVE_BSD_STRING_H
-+#include <bsd/string.h> /* needed for strmode */
-+#endif
- #include <unistd.h>
-
- #include <openssl/ssl.h>
-diff --git a/usr.sbin/smtpd/table.c b/usr.sbin/smtpd/table.c
-index 6d3292ce..ed3ba6d3 100644
---- a/usr.sbin/smtpd/table.c
-+++ b/usr.sbin/smtpd/table.c
-@@ -34,6 +34,9 @@
- #include <imsg.h>
- #include <stdio.h>
- #include <stdlib.h>
-+#ifdef HAVE_BSD_STDLIB_H
-+#include <bsd/stdlib.h> /* needed for strtonum */
-+#endif
- #include <regex.h>
- #include <limits.h>
- #include <string.h>
-diff --git a/usr.sbin/smtpd/to.c b/usr.sbin/smtpd/to.c
-index 81a1bb54..1068b1a9 100644
---- a/usr.sbin/smtpd/to.c
-+++ b/usr.sbin/smtpd/to.c
-@@ -43,6 +43,9 @@
- #include <stdarg.h>
- #include <stdio.h>
- #include <stdlib.h>
-+#ifdef HAVE_BSD_STDLIB_H
-+#include <bsd/stdlib.h> /* needed for strtonum */
-+#endif
- #include <string.h>
- #include <time.h>
- #include <unistd.h>
-diff --git a/usr.sbin/smtpd/util.c b/usr.sbin/smtpd/util.c
-index b2b1458c..7b1b5876 100644
---- a/usr.sbin/smtpd/util.c
-+++ b/usr.sbin/smtpd/util.c
-@@ -47,6 +47,9 @@
- #include <stdio.h>
- #include <stdlib.h>
- #include <string.h>
-+#ifdef HAVE_BSD_STRING_H
-+#include <bsd/string.h> /* needed for strmode */
-+#endif
- #include <syslog.h>
- #include <time.h>
- #include <unistd.h>
diff --git a/mail-mta/opensmtpd/files/opensmtpd-6.8.0_p2-strict-prototypes.patch b/mail-mta/opensmtpd/files/opensmtpd-6.8.0_p2-strict-prototypes.patch
deleted file mode 100644
index 44736bff5598..000000000000
--- a/mail-mta/opensmtpd/files/opensmtpd-6.8.0_p2-strict-prototypes.patch
+++ /dev/null
@@ -1,74 +0,0 @@
-https://github.com/OpenSMTPD/OpenSMTPD/pull/1198
-
-From 84331a266b7d8d8e469aea8b85d1e493725807ae Mon Sep 17 00:00:00 2001
-From: orbea <orbea@riseup.net>
-Date: Thu, 13 Apr 2023 11:19:53 -0700
-Subject: [PATCH 1/2] build: Fix -Werror=strict-prototypes
-
-Clang-16 is more strict about these so make the compiler happy.
----
- usr.sbin/smtpd/bounce.c | 2 +-
- usr.sbin/smtpd/ioev.c | 2 +-
- usr.sbin/smtpd/mda.c | 4 ++--
- usr.sbin/smtpd/smtpd.c | 2 +-
- 4 files changed, 5 insertions(+), 5 deletions(-)
-
-diff --git a/usr.sbin/smtpd/bounce.c b/usr.sbin/smtpd/bounce.c
-index bb08f90e..7fb1cf32 100644
---- a/usr.sbin/smtpd/bounce.c
-+++ b/usr.sbin/smtpd/bounce.c
-@@ -243,7 +243,7 @@ bounce_timeout(int fd, short ev, void *arg)
- }
-
- static void
--bounce_drain()
-+bounce_drain(void)
- {
- struct bounce_message *msg;
- struct timeval tv;
-diff --git a/usr.sbin/smtpd/ioev.c b/usr.sbin/smtpd/ioev.c
-index 747b3a51..3e3e68f4 100644
---- a/usr.sbin/smtpd/ioev.c
-+++ b/usr.sbin/smtpd/ioev.c
-@@ -228,7 +228,7 @@ io_frame_leave(struct io *io)
- }
-
- void
--_io_init()
-+_io_init(void)
- {
- static int init = 0;
-
-diff --git a/usr.sbin/smtpd/mda.c b/usr.sbin/smtpd/mda.c
-index 6a28b923..bd963e54 100644
---- a/usr.sbin/smtpd/mda.c
-+++ b/usr.sbin/smtpd/mda.c
-@@ -386,12 +386,12 @@ mda_imsg(struct mproc *p, struct imsg *imsg)
- }
-
- void
--mda_postfork()
-+mda_postfork(void)
- {
- }
-
- void
--mda_postprivdrop()
-+mda_postprivdrop(void)
- {
- tree_init(&sessions);
- tree_init(&users);
-diff --git a/usr.sbin/smtpd/smtpd.c b/usr.sbin/smtpd/smtpd.c
-index 26078c49..830417e6 100644
---- a/usr.sbin/smtpd/smtpd.c
-+++ b/usr.sbin/smtpd/smtpd.c
-@@ -353,7 +353,7 @@ parent_send_config_dispatcher(void)
- }
-
- void
--parent_send_config_lka()
-+parent_send_config_lka(void)
- {
- log_debug("debug: parent_send_config_ruleset: reloading");
- m_compose(p_lka, IMSG_CONF_START, 0, 0, -1, NULL, 0);
-
diff --git a/mail-mta/opensmtpd/files/smtpd.service b/mail-mta/opensmtpd/files/smtpd.service
deleted file mode 100644
index fd2a65010604..000000000000
--- a/mail-mta/opensmtpd/files/smtpd.service
+++ /dev/null
@@ -1,10 +0,0 @@
-[Unit]
-Description=OpenSMTPD
-After=network.target
-
-[Service]
-Type=forking
-ExecStart=/usr/sbin/smtpd
-
-[Install]
-WantedBy=multi-user.target
diff --git a/mail-mta/opensmtpd/files/smtpd.socket b/mail-mta/opensmtpd/files/smtpd.socket
deleted file mode 100644
index fb42f8557323..000000000000
--- a/mail-mta/opensmtpd/files/smtpd.socket
+++ /dev/null
@@ -1,8 +0,0 @@
-[Unit]
-Description=OpenSMTPD Socket
-
-[Socket]
-ListenStream=/var/run/smtpd.sock
-
-[Install]
-WantedBy=sockets.target
diff --git a/mail-mta/opensmtpd/opensmtpd-6.8.0_p2-r2.ebuild b/mail-mta/opensmtpd/opensmtpd-6.8.0_p2-r2.ebuild
deleted file mode 100644
index a8e71de77b1b..000000000000
--- a/mail-mta/opensmtpd/opensmtpd-6.8.0_p2-r2.ebuild
+++ /dev/null
@@ -1,78 +0,0 @@
-# Copyright 1999-2023 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=7
-
-inherit pam systemd
-
-DESCRIPTION="Lightweight but featured SMTP daemon from OpenBSD"
-HOMEPAGE="https://www.opensmtpd.org"
-SRC_URI="https://www.opensmtpd.org/archives/${P/_}.tar.gz"
-
-LICENSE="ISC BSD BSD-1 BSD-2 BSD-4"
-SLOT="0"
-KEYWORDS="amd64 ~arm arm64 ppc64 ~riscv x86"
-IUSE="berkdb +mta pam split-usr"
-
-# < openssl 3 for bug #881701
-DEPEND="
- acct-user/smtpd
- acct-user/smtpq
- <dev-libs/openssl-3:=
- elibc_musl? ( sys-libs/fts-standalone )
- sys-libs/zlib
- pam? ( sys-libs/pam )
- berkdb? ( sys-libs/db:= )
- dev-libs/libevent:=
- app-misc/ca-certificates
- net-mail/mailbase
- net-libs/libasr
- virtual/libcrypt:=
- !mail-mta/courier
- !mail-mta/esmtp
- !mail-mta/exim
- !mail-mta/mini-qmail
- !mail-mta/msmtp[mta]
- !mail-mta/netqmail
- !mail-mta/nullmailer
- !mail-mta/postfix
- !mail-mta/qmail-ldap
- !mail-mta/sendmail
- !mail-mta/ssmtp[mta]
-"
-RDEPEND="${DEPEND}"
-BDEPEND="app-alternatives/yacc"
-
-S=${WORKDIR}/${P/_}
-
-src_configure() {
- econf \
- --sysconfdir=/etc/smtpd \
- --with-path-mbox=/var/spool/mail \
- --with-path-empty=/var/empty \
- --with-path-socket=/run \
- --with-path-CAfile=/etc/ssl/certs/ca-certificates.crt \
- --with-user-smtpd=smtpd \
- --with-user-queue=smtpq \
- --with-group-queue=smtpq \
- $(use_with pam auth-pam) \
- $(use_with berkdb table-db)
-}
-
-src_install() {
- default
- newinitd "${FILESDIR}"/smtpd.initd smtpd
- systemd_dounit "${FILESDIR}"/smtpd.{service,socket}
- use pam && newpamd "${FILESDIR}"/smtpd.pam smtpd
- dosym smtpctl /usr/sbin/makemap
- dosym smtpctl /usr/sbin/newaliases
- if use mta ; then
- dodir /usr/sbin
- dosym smtpctl /usr/sbin/sendmail
- # on USE="-split-usr" system sbin and bin are merged
- # so symlink made above will collide with one below
- use split-usr && dosym ../sbin/smtpctl /usr/bin/sendmail
- mkdir -p "${ED}"/usr/$(get_libdir) || die
- ln -s --relative "${ED}"/usr/sbin/smtpctl "${ED}"/usr/$(get_libdir)/sendmail || die
- fi
-}
diff --git a/mail-mta/opensmtpd/opensmtpd-6.8.0_p2-r3.ebuild b/mail-mta/opensmtpd/opensmtpd-6.8.0_p2-r3.ebuild
deleted file mode 100644
index 718ece238838..000000000000
--- a/mail-mta/opensmtpd/opensmtpd-6.8.0_p2-r3.ebuild
+++ /dev/null
@@ -1,91 +0,0 @@
-# Copyright 1999-2023 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=8
-
-inherit autotools pam systemd
-
-DESCRIPTION="Lightweight but featured SMTP daemon from OpenBSD"
-HOMEPAGE="https://www.opensmtpd.org"
-SRC_URI="https://www.opensmtpd.org/archives/${P/_}.tar.gz"
-
-LICENSE="ISC BSD BSD-1 BSD-2 BSD-4"
-SLOT="0"
-KEYWORDS="~amd64 ~arm ~arm64 ~ppc64 ~riscv ~x86"
-IUSE="berkdb +mta pam split-usr"
-
-# < openssl 3 for bug #881701
-DEPEND="
- acct-user/smtpd
- acct-user/smtpq
- <dev-libs/openssl-3:=
- elibc_musl? ( sys-libs/fts-standalone )
- sys-libs/zlib
- pam? ( sys-libs/pam )
- berkdb? ( sys-libs/db:= )
- dev-libs/libevent:=
- app-misc/ca-certificates
- net-mail/mailbase
- net-libs/libasr
- virtual/libcrypt:=
- !mail-mta/courier
- !mail-mta/esmtp
- !mail-mta/exim
- !mail-mta/mini-qmail
- !mail-mta/msmtp[mta]
- !mail-mta/netqmail
- !mail-mta/nullmailer
- !mail-mta/postfix
- !mail-mta/qmail-ldap
- !mail-mta/sendmail
- !mail-mta/ssmtp[mta]
-"
-RDEPEND="${DEPEND}"
-BDEPEND="app-alternatives/yacc"
-
-S=${WORKDIR}/${P/_}
-
-PATCHES=(
- "${FILESDIR}"/${P}-ar.patch #720782
- "${FILESDIR}"/${P}-implicit-function-declaration.patch #727260, 896050, 899876
- "${FILESDIR}"/${P}-strict-prototypes.patch
-)
-
-src_prepare() {
- default
- eautoreconf
-}
-
-src_configure() {
- econf \
- --sysconfdir=/etc/smtpd \
- --with-path-mbox=/var/spool/mail \
- --with-path-empty=/var/empty \
- --with-path-socket=/run \
- --with-path-CAfile=/etc/ssl/certs/ca-certificates.crt \
- --with-user-smtpd=smtpd \
- --with-user-queue=smtpq \
- --with-group-queue=smtpq \
- --with-libevent="${EPREFIX}/usr/$(get_libdir)" \
- --with-libssl="${EPREFIX}/usr/$(get_libdir)" \
- $(use_with pam auth-pam) \
- $(use_with berkdb table-db)
-}
-
-src_install() {
- default
- newinitd "${FILESDIR}"/smtpd.initd smtpd
- systemd_dounit "${FILESDIR}"/smtpd.{service,socket}
- use pam && newpamd "${FILESDIR}"/smtpd.pam smtpd
- dosym smtpctl /usr/sbin/makemap
- dosym smtpctl /usr/sbin/newaliases
- if use mta ; then
- dodir /usr/sbin
- dosym smtpctl /usr/sbin/sendmail
- # on USE="-split-usr" system sbin and bin are merged
- # so symlink made above will collide with one below
- use split-usr && dosym ../sbin/smtpctl /usr/bin/sendmail
- mkdir -p "${ED}"/usr/$(get_libdir) || die
- ln -s --relative "${ED}"/usr/sbin/smtpctl "${ED}"/usr/$(get_libdir)/sendmail || die
- fi
-}
^ permalink raw reply related [flat|nested] 10+ messages in thread
* [gentoo-commits] repo/gentoo:master commit in: mail-mta/opensmtpd/files/, mail-mta/opensmtpd/
@ 2024-04-14 16:09 Matthew Smith
0 siblings, 0 replies; 10+ messages in thread
From: Matthew Smith @ 2024-04-14 16:09 UTC (permalink / raw
To: gentoo-commits
commit: 650f13dce660ef67fd90b7e6134a9ab79fa36c2c
Author: NHOrus <jy6x2b32pie9 <AT> yahoo <DOT> com>
AuthorDate: Mon Apr 1 07:51:45 2024 +0000
Commit: Matthew Smith <matthew <AT> gentoo <DOT> org>
CommitDate: Sun Apr 14 16:06:28 2024 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=650f13dc
mail-mta/opensmtpd: Add missing include
Fixes GCC-14 build error implicit declaration of function snprintf
Closes: https://bugs.gentoo.org/922951
Signed-off-by: NHOrus <jy6x2b32pie9 <AT> yahoo.com>
Closes: https://github.com/gentoo/gentoo/pull/36035
Signed-off-by: Matthew Smith <matthew <AT> gentoo.org>
.../opensmtpd/files/opensmtpd-7.4.0-missing-include.patch | 11 +++++++++++
mail-mta/opensmtpd/opensmtpd-7.4.0_p1.ebuild | 2 ++
2 files changed, 13 insertions(+)
diff --git a/mail-mta/opensmtpd/files/opensmtpd-7.4.0-missing-include.patch b/mail-mta/opensmtpd/files/opensmtpd-7.4.0-missing-include.patch
new file mode 100644
index 000000000000..b11d62456743
--- /dev/null
+++ b/mail-mta/opensmtpd/files/opensmtpd-7.4.0-missing-include.patch
@@ -0,0 +1,11 @@
+diff -ur '--exclude=*.o' opensmtpd-7.4.0p1.orig/openbsd-compat/getdtablecount.c opensmtpd-7.4.0p1/openbsd-compat/getdtablecount.c
+--- a/openbsd-compat/getdtablecount.c 2024-04-01 07:25:41.230753002 +0000
++++ b/openbsd-compat/getdtablecount.c 2024-04-01 07:27:23.556124378 +0000
+@@ -20,6 +20,7 @@
+
+ #include <glob.h>
+ #include <unistd.h>
++#include <stdio.h>
+
+ void fatal(const char *, ...);
+ void fatalx(const char *, ...);
diff --git a/mail-mta/opensmtpd/opensmtpd-7.4.0_p1.ebuild b/mail-mta/opensmtpd/opensmtpd-7.4.0_p1.ebuild
index c5b98eddea63..9dfe3df3f2c5 100644
--- a/mail-mta/opensmtpd/opensmtpd-7.4.0_p1.ebuild
+++ b/mail-mta/opensmtpd/opensmtpd-7.4.0_p1.ebuild
@@ -57,6 +57,8 @@ QA_CONFIG_IMPL_DECL_SKIP=( closefrom )
DOCS=( {CHANGES,README}.md )
+PATCHES=( "${FILESDIR}/${PN}-7.4.0-missing-include.patch" )
+
src_unpack() {
if use verify-sig; then
# Too many levels of symbolic links
^ permalink raw reply related [flat|nested] 10+ messages in thread
end of thread, other threads:[~2024-04-14 16:09 UTC | newest]
Thread overview: 10+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2015-10-05 8:44 [gentoo-commits] repo/gentoo:master commit in: mail-mta/opensmtpd/files/, mail-mta/opensmtpd/ Jason Donenfeld
-- strict thread matches above, loose matches on Subject: below --
2015-10-05 15:11 Jason Donenfeld
2016-06-25 14:55 Jason Donenfeld
2017-04-12 14:05 Jason Donenfeld
2019-01-02 19:11 Jason A. Donenfeld
2020-01-29 8:51 Jason A. Donenfeld
2023-04-26 3:51 Sam James
2023-08-26 14:22 David Seifert
2023-09-05 14:37 David Seifert
2024-04-14 16:09 Matthew Smith
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox