* [gentoo-commits] repo/gentoo:master commit in: mail-mta/exim/files/, mail-mta/exim/
@ 2015-08-25 4:21 Jeroen Roovers
0 siblings, 0 replies; 24+ messages in thread
From: Jeroen Roovers @ 2015-08-25 4:21 UTC (permalink / raw
To: gentoo-commits
commit: 2a826b81ee2e19b4f9d6b0d6fdc518e2062b69d0
Author: Jeroen Roovers <jer <AT> gentoo <DOT> org>
AuthorDate: Tue Aug 25 04:21:10 2015 +0000
Commit: Jeroen Roovers <jer <AT> gentoo <DOT> org>
CommitDate: Tue Aug 25 04:21:10 2015 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=2a826b81
mail-mta/exim: Stable for HPPA PPC64 (bug #550528).
Package-Manager: portage-2.2.20.1
mail-mta/exim/exim-4.85.ebuild | 2 +-
mail-mta/exim/files/exim-4.76-dsn.patch | 18 -
.../exim/files/exim-4.77-makefile-freebsd.patch | 48 -
mail-mta/exim/files/exim_482_dsn_1_3.patch | 1212 --------------------
4 files changed, 1 insertion(+), 1279 deletions(-)
diff --git a/mail-mta/exim/exim-4.85.ebuild b/mail-mta/exim/exim-4.85.ebuild
index 6c64ea2..e06d5a6 100644
--- a/mail-mta/exim/exim-4.85.ebuild
+++ b/mail-mta/exim/exim-4.85.ebuild
@@ -19,7 +19,7 @@ HOMEPAGE="http://www.exim.org/"
SLOT="0"
LICENSE="GPL-2"
-KEYWORDS="alpha amd64 ~hppa ia64 ppc ~ppc64 sparc x86 ~x86-fbsd ~x86-solaris"
+KEYWORDS="alpha amd64 hppa ia64 ppc ppc64 sparc x86 ~x86-fbsd ~x86-solaris"
COMMON_DEPEND=">=sys-apps/sed-4.0.5
>=sys-libs/db-3.2
diff --git a/mail-mta/exim/files/exim-4.76-dsn.patch b/mail-mta/exim/files/exim-4.76-dsn.patch
deleted file mode 100644
index 8a608ba..0000000
--- a/mail-mta/exim/files/exim-4.76-dsn.patch
+++ /dev/null
@@ -1,18 +0,0 @@
-http://bugs.gentoo.org/show_bug.cgi?id=366835
-https://sourceforge.net/tracker/?func=detail&aid=3300653&group_id=121058&atid=689120
-
---- exim_469_dsn_1_3.patch
-+++ exim_469_dsn_1_3.patch
-@@ -524,10 +524,10 @@
- diff -urN exim-4.69-orig/src/readconf.c exim-4.69-dsn/src/readconf.c
- --- exim-4.69-orig/src/readconf.c 2007-08-23 12:01:49.000000000 +0100
- +++ exim-4.69-dsn/src/readconf.c 2008-07-28 09:52:55.000000000 +0100
--@@ -207,6 +207,9 @@
-- { "dns_ipv4_lookup", opt_stringptr, &dns_ipv4_lookup },
-+@@ -219,6 +219,9 @@
- { "dns_retrans", opt_time, &dns_retrans },
- { "dns_retry", opt_int, &dns_retry },
-+ { "dns_use_edns0", opt_int, &dns_use_edns0 },
- +#ifdef SUPPORT_DSN
- + { "dsn", opt_bool, &dsn },
- +#endif
diff --git a/mail-mta/exim/files/exim-4.77-makefile-freebsd.patch b/mail-mta/exim/files/exim-4.77-makefile-freebsd.patch
deleted file mode 100644
index f3c0332..0000000
--- a/mail-mta/exim/files/exim-4.77-makefile-freebsd.patch
+++ /dev/null
@@ -1,48 +0,0 @@
---- OS/Makefile-FreeBSD
-+++ OS/Makefile-FreeBSD
-@@ -1,12 +1,10 @@
--# Exim: OS-specific make file for FreeBSD
--# There's no setting of CFLAGS here, to allow the system default
--# for "make" to be the default.
--
--PORTOBJFORMAT!= test -x /usr/bin/objformat && /usr/bin/objformat || echo aout
--
--CHOWN_COMMAND=/usr/sbin/chown
--STRIP_COMMAND=/usr/bin/strip
--CHMOD_COMMAND=/bin/chmod
-+# Exim: OS-specific FreeBSD make file, modified for Gentoo Prefix
-+
-+
-+BASENAME_COMMAND=look_for_it
-+CHOWN_COMMAND=look_for_it
-+CHGRP_COMMAND=look_for_it
-+CHMOD_COMMAND=look_for_it
-
- HAVE_SA_LEN=YES
-
-@@ -18,23 +16,12 @@
- # Dynamicly loaded modules need to be built with -fPIC
- CFLAGS_DYNAMIC=-shared -rdynamic -fPIC
-
--# FreeBSD always ships with Berkeley DB
-+DBMLIB = -ldb
- USE_DB=yes
-
--# This code for building outside ports suggested by Richard Clayton
--.ifdef X11BASE
--X11=${X11BASE}
--.elifdef LOCALBASE
--X11=$(LOCALBASE)
--.else
--X11=/usr/local
--.endif
--
-+X11=/usr/X11R6
- XINCLUDE=-I$(X11)/include
- XLFLAGS=-L$(X11)/lib
--.if ${PORTOBJFORMAT} == "elf"
--XLFLAGS+=-Wl,-rpath,${X11}/lib
--.endif
- X11_LD_LIB=$(X11)/lib
-
- EXIWHAT_PS_ARG=-ax
diff --git a/mail-mta/exim/files/exim_482_dsn_1_3.patch b/mail-mta/exim/files/exim_482_dsn_1_3.patch
deleted file mode 100644
index c300699..0000000
--- a/mail-mta/exim/files/exim_482_dsn_1_3.patch
+++ /dev/null
@@ -1,1212 +0,0 @@
-Modified for 4.82 by Gentoo -- not the official patch from
-http://sourceforge.net/projects/eximdsn/
-
-diff -Naur exim-4.82_RC5.orig/README.DSN exim-4.82_RC5/README.DSN
---- exim-4.82_RC5.orig/README.DSN 1970-01-01 01:00:00.000000000 +0100
-+++ exim-4.82_RC5/README.DSN 2013-10-27 21:47:32.000000000 +0100
-@@ -0,0 +1,118 @@
-+Exim DSN Patch (4.76)
-+---------------------
-+
-+This patch is free software; you can redistribute it and/or modify
-+it under the terms of the GNU General Public License as published by
-+the Free Software Foundation; either version 2 of the License, or
-+(at your option) any later version.
-+
-+This patch is distributed in the hope that it will be useful,
-+but WITHOUT ANY WARRANTY; without even the implied warranty of
-+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-+GNU General Public License for more details.
-+
-+You should have received a copy of the GNU General Public License
-+along with this patch; if not, write to the Free Software
-+Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111 USA.
-+
-+Install
-+-------
-+cd into the source tree for a vanilla exim
-+
-+patch -p1 </path/to/patch/file.patch
-+
-+Example :-
-+[root@linuxbuild exim-4.72-test]# patch -p1 <../exim.dsn.patch-472
-+
-+Expected Output :-
-+patching file README.DSN
-+patching file src/config.h.defaults
-+patching file src/deliver.c
-+patching file src/exim.c
-+patching file src/exim.h
-+patching file src/globals.c
-+patching file src/globals.h
-+patching file src/local_scan.h
-+patching file src/macros.h
-+patching file src/readconf.c
-+patching file src/route.c
-+patching file src/smtp_in.c
-+patching file src/spool_in.c
-+patching file src/spool_out.c
-+patching file src/structs.h
-+patching file src/transport.c
-+patching file src/transports/smtp.c
-+
-+
-+This patch can be included / excluded from the compilation by use of the #define SUPPORT_DSN
-+which gets added into src/config.h.defaults & src/EDITME by the patch.
-+
-+Use
-+---
-+
-+The facility (once compiled in) can be turned on for a particular router via the
-+dsn_process directive Eg :-
-+
-+dest_delivery_int:
-+ driver = manualroute
-+ domains = +relay_to_domains
-+ condition = ${if eq {${lc:$sender_address_domain}}\
-+ {domain.com}\
-+ {yes}{no}\
-+ }
-+ dsn_process
-+ hide route_data = ${lc:${extract{mailHost}{$address_data}{$value}{}}}
-+ transport = remote_smtp
-+
-+Exim will produce 1 of 2 DSN's back to the originator, or pass on the DSN request.
-+The 2 DSN's will either contain (relayed via non "Remote SMTP" router) or
-+(relayed to non-DSN-aware mailer) depending on if the delivery was VIA an SMTP
-+transport or not.
-+
-+
-+Credits
-+-------
-+
-+The original work for the patch was done by Philip Hazel in Exim 3
-+
-+The extract was taken and re-applied to Exim 4 by the following :-
-+Phil Bingham (phil.bingham@cwipapps.net)
-+Steve Falla (steve.falla@cwipapps.net)
-+Ray Edah (ray.edah@cwipapps.net)
-+Andrew Johnson (andrew.johnson@cwippaps.net)
-+Adrian Hungate (adrian.hungate@cwipapps.net)
-+
-+Now Primarily maintained by :-
-+Andrew Johnson (andrew.johnson@cwippaps.net)
-+
-+Contributions
-+-------------
-+Andrey J. Melnikoff (TEMHOTA) (temnota@kmv.ru)
-+
-+
-+ChangeLog
-+---------
-+
-+14-Apr-2006 : Changed subject to "Delivery Status Notification"
-+
-+17-May-2006 : debug_printf in spool-in.c were not wrapped with #ifndef COMPILE_UTILITY
-+ thanks to Andrey J. Melnikoff for this information
-+
-+12-Sep-2006 : Now supports Exim 4.63
-+
-+12-Sep-2006 : src/EDITME did not include the #define SUPPORT_DSN as stated
-+ in the documentation, this has now been corrected
-+ thanks to Robert Kehl for this information
-+
-+28-Jul-2008 : New version for exim 4.69 released.
-+
-+02-Jul-2010 : New version for exim 4.72 released.
-+
-+20-May-2011 : New version for exim 4.76 released.
-+
-+
-+Support for this patch (limited though it is) will only be provided through the SourceForge
-+project page (http://sourceforge.net/projects/eximdsn/)
-+
-+--
-+Andrew Johnson Cable & Wireless
-diff -Naur exim-4.82_RC5.orig/src/config.h.defaults exim-4.82_RC5/src/config.h.defaults
---- exim-4.82_RC5.orig/src/config.h.defaults 2013-10-27 21:46:25.000000000 +0100
-+++ exim-4.82_RC5/src/config.h.defaults 2013-10-27 21:47:32.000000000 +0100
-@@ -136,6 +136,7 @@
- #define SUPPORT_MOVE_FROZEN_MESSAGES
- #define SUPPORT_PAM
- #define SUPPORT_TLS
-+#define SUPPORT_DSN
- #define SUPPORT_TRANSLATE_IP_ADDRESS
-
- #define SYSLOG_LOG_PID
-diff -Naur exim-4.82_RC5.orig/src/deliver.c exim-4.82_RC5/src/deliver.c
---- exim-4.82_RC5.orig/src/deliver.c 2013-10-27 21:46:25.000000000 +0100
-+++ exim-4.82_RC5/src/deliver.c 2013-10-27 21:47:32.000000000 +0100
-@@ -63,6 +63,9 @@
- static address_item *addr_remote = NULL;
- static address_item *addr_route = NULL;
- static address_item *addr_succeed = NULL;
-+#ifdef SUPPORT_DSN
-+static address_item *addr_dsntmp = NULL;
-+#endif
-
- static FILE *message_log = NULL;
- static BOOL update_spool;
-@@ -2966,6 +2969,15 @@
- addr->flags |= af_prdr_used; break;
- #endif
-
-+ #ifdef SUPPORT_DSN
-+ case 'D':
-+ if (addr == NULL) break;
-+ addr->dsn_aware = (*ptr)? string_copy(ptr) : string_copy(" ");
-+ while (*ptr++);
-+ DEBUG(D_deliver) debug_printf("DSN read: addr->dsn_aware = %s\n", addr->dsn_aware);
-+ break;
-+ #endif
-+
- case 'A':
- if (addr == NULL)
- {
-@@ -4074,6 +4086,15 @@
- if (addr->flags & af_prdr_used) rmt_dlv_checked_write(fd, "P", 1);
- #endif
-
-+ #ifdef SUPPORT_DSN
-+ if (addr->dsn_aware == NULL)
-+ addr->dsn_aware = string_copy(" ");
-+ DEBUG(D_deliver) debug_printf("DSN write: addr->dsn_aware = %s\n", addr->dsn_aware);
-+ sprintf(big_buffer, "D%s", addr->dsn_aware);
-+ DEBUG(D_deliver) debug_printf("DSN write: big_buffer = %s (%d)\n", big_buffer, strlen(big_buffer)+1);
-+ write(fd, big_buffer, strlen(big_buffer)+1);
-+ #endif
-+
- /* Retry information: for most success cases this will be null. */
-
- for (r = addr->retries; r != NULL; r = r->next)
-@@ -5219,6 +5240,14 @@
- if (r->pno >= 0)
- new->onetime_parent = recipients_list[r->pno].address;
-
-+ #ifdef SUPPORT_DSN
-+ /* If DSN support is enabled, set the dsn flags and the original receipt
-+ to be passed on to other DSN enabled MTAs */
-+ new->dsn_flags = r->dsn_flags & rf_dsnflags;
-+ new->dsn_orcpt = r->orcpt;
-+ debug_printf("DSN (deliver): orcpt: %s flags: %d\n", new->dsn_orcpt, new->dsn_flags);
-+ #endif
-+
- switch (process_recipients)
- {
- /* RECIP_DEFER is set when a system filter freezes a message. */
-@@ -6163,6 +6192,12 @@
- regex_must_compile(US"\\n250[\\s\\-]PRDR(\\s|\\n|$)", FALSE, TRUE);
- #endif
-
-+ #ifdef SUPPORT_DSN
-+ /* Set the regex to check for DSN support on remote MTA */
-+ if (regex_DSN == NULL) regex_DSN =
-+ regex_must_compile(US"\\n250[\\s\\-]DSN(\\s|\\n|$)", FALSE, TRUE);
-+ #endif
-+
- /* Now sort the addresses if required, and do the deliveries. The yield of
- do_remote_deliveries is FALSE when mua_wrapper is set and all addresses
- cannot be delivered in one transaction. */
-@@ -6267,6 +6302,179 @@
-
- else if (!dont_deliver) retry_update(&addr_defer, &addr_failed, &addr_succeed);
-
-+#ifdef SUPPORT_DSN
-+/* ********** philb - Send DSN for successful messages */
-+
-+addr_dsntmp = addr_succeed;
-+
-+while(addr_dsntmp != NULL)
-+{
-+ BOOL dsn_sendmessage = FALSE;
-+ uschar dsnmsgbuf[4096];
-+
-+ DEBUG(D_deliver)
-+ debug_printf("DSN: processing router : %s\n", addr_dsntmp->router->name);
-+
-+ DEBUG(D_deliver)
-+ debug_printf("DSN: processing successful delivery address: %s\n", addr_dsntmp->address);
-+
-+ if (testflag(addr_dsntmp, af_ignore_error))
-+ {
-+ DEBUG(D_deliver)
-+ debug_printf("DSN: Ignore error for: %s\n", addr_dsntmp->address);
-+ }
-+ else
-+ {
-+ DEBUG(D_deliver) debug_printf("DSN: Checking Flag\n");
-+ if (addr_dsntmp->dsn_aware == NULL) {
-+ DEBUG(D_deliver) debug_printf("DSN: dsn_aware was NULL, setting to space at %s %d\n", __FILE__, __LINE__);
-+ addr_dsntmp->dsn_aware = string_copy(" ");
-+ }
-+ DEBUG(D_deliver) debug_printf("DSN: Sender_address: %s\n", sender_address);
-+ DEBUG(D_deliver) debug_printf("DSN: orcpt: %s flags: %d\n", addr_dsntmp->dsn_orcpt, addr_dsntmp->dsn_flags);
-+ DEBUG(D_deliver) debug_printf("DSN: envid: %s ret: %d\n", dsn_envid, dsn_ret);
-+ DEBUG(D_deliver) debug_printf("DSN: Remote SMTP server supports DSN: %s\n", addr_dsntmp->dsn_aware);
-+
-+ /* Process the flags */
-+ if((addr_dsntmp->dsn_flags & rf_dsnflags) != 0)
-+ {
-+ /* We've got at least one flag set */
-+
-+ /* set flag so we don't send bounces */
-+ setflag(addr_dsntmp, af_ignore_error);
-+
-+ if((addr_dsntmp->dsn_flags & rf_notify_never) != 0)
-+ {
-+ DEBUG(D_deliver) debug_printf("DSN: NEVER FLAG\n");
-+
-+ /* nothing to do here */
-+ }
-+
-+ if((addr_dsntmp->dsn_flags & rf_notify_success) != 0)
-+ {
-+ DEBUG(D_deliver) debug_printf("DSN: SUCCESS FLAG\n");
-+
-+ dsn_sendmessage = TRUE;
-+ }
-+
-+ if((addr_dsntmp->dsn_flags & rf_notify_failure) != 0)
-+ {
-+ DEBUG(D_deliver) debug_printf("DSN: FAILURE FLAG\n");
-+
-+ /* allow bounce messages */
-+ clearflag(addr_dsntmp, af_ignore_error);
-+ }
-+
-+ if((addr_dsntmp->dsn_flags & rf_notify_delay) != 0)
-+ {
-+ DEBUG(D_deliver) debug_printf("DSN: DELAY FLAG\n");
-+
-+ /* hmm, what to do here? */
-+ }
-+ }
-+
-+ if ((addr_dsntmp->dsn_aware != 0) && (addr_dsntmp->dsn_aware[0] != 'Y') && (dsn_sendmessage == TRUE) && (addr_dsntmp->router->dsn_process == TRUE))
-+ {
-+ pid_t pid;
-+ int fd;
-+
-+ /* remote MTA does not support DSN, so we need to send message */
-+
-+ /* create exim process to send message */
-+ pid = child_open_exim(&fd);
-+
-+ DEBUG(D_deliver) debug_printf("DSN: child_open_exim returns: %d\n", pid);
-+
-+ if (pid < 0) /* Creation of child failed */
-+ {
-+ log_write(0, LOG_MAIN|LOG_PANIC_DIE, "Process %d (parent %d) failed to "
-+ "create child process to send failure message: %s", getpid(),
-+ getppid(), strerror(errno));
-+
-+ DEBUG(D_deliver) debug_printf("DSN: child_open_exim failed\n");
-+
-+ }
-+ else /* Creation of child succeeded */
-+ {
-+ FILE *f = fdopen(fd, "wb");
-+ int topt = topt_add_return_path;
-+ uschar boundaryStr[64];
-+
-+ DEBUG(D_deliver) debug_printf("sending error message to: %s\n", sender_address);
-+
-+ /* build unique id for MIME boundary */
-+ snprintf(boundaryStr, 63, "%d-cwdsn-%d", pid, rand());
-+ DEBUG(D_deliver) debug_printf("DSN: MIME boundary: %s\n", boundaryStr);
-+
-+ /* if the sender doesn't want the whole message returned, don't send the body */
-+ if (dsn_ret != dsn_ret_full) topt |= topt_no_body;
-+
-+ if (errors_reply_to != NULL) fprintf(f,"Reply-To: %s\n", errors_reply_to);
-+
-+ fprintf(f,"Auto-Submitted: auto-generated\n");
-+ fprintf(f,"From: Mail Delivery System <Mailer-Daemon@%s>\n", qualify_domain_sender);
-+ fprintf(f,"To: %s\n", sender_address);
-+ fprintf(f,"Subject: Delivery Status Notification\n");
-+ fprintf(f,"Content-Type: multipart/report; report-type=delivery-status; boundary=%s\n", boundaryStr);
-+ fprintf(f,"MIME-Version: 1.0\n\n");
-+
-+ fprintf(f,"--%s\n", boundaryStr);
-+ fprintf(f,"Content-type: text/plain; charset=us-ascii\n\n");
-+
-+ fprintf(f,"This message was created automatically by mail delivery software.\n");
-+ fprintf(f," ----- The following addresses had successful delivery notifications -----\n");
-+/* AH: added specific message for non "Remote SMTP" situations */
-+ if (addr_dsntmp->dsn_aware[0] == 'N') {
-+ fprintf(f,"<%s> (relayed to non-DSN-aware mailer)\n\n", addr_dsntmp->address);
-+ } else {
-+ fprintf(f,"<%s> (relayed via non \"Remote SMTP\" router)\n\n", addr_dsntmp->address);
-+ }
-+
-+ fprintf(f,"--%s\n", boundaryStr);
-+ fprintf(f,"Content-type: message/delivery-status\n\n");
-+
-+ if (dsn_envid) { /* Test for NULL added by GC */
-+ fprintf(f,"Original-Envelope-Id: %s\n", dsn_envid);
-+ }
-+ fprintf(f,"Reporting-MTA: dns; %s\n", qualify_domain_sender);
-+ if (addr_dsntmp->dsn_orcpt) { /* Test for NULL added by GC */
-+ fprintf(f,"Original-Recipient: %s\n", addr_dsntmp->dsn_orcpt);
-+ }
-+ fprintf(f,"Action: delivered\n\n");
-+
-+ fprintf(f,"--%s\n", boundaryStr);
-+ fprintf(f,"Content-type: message/rfc822\n\n");
-+
-+ fflush(f);
-+ transport_filter_argv = NULL; /* Just in case */
-+ return_path = sender_address; /* In case not previously set */
-+
-+ /* Write the original email out */
-+ transport_write_message(NULL, fileno(f), topt, 2048, NULL, NULL, NULL, NULL, NULL, 0);
-+ fflush(f);
-+
-+ fprintf(f,"\n");
-+ fprintf(f,"--%s--\n", boundaryStr);
-+
-+ fflush(f);
-+ fclose(f);
-+ rc = child_close(pid, 0); /* Waits for child to close, no timeout */
-+ }
-+ }
-+ else
-+ { if (addr_dsntmp->router->dsn_process == TRUE)
-+ DEBUG(D_deliver) debug_printf("DSN: *** NOT SENDING DSN SUCCESS Message ***\n");
-+ if (addr_dsntmp->router->dsn_process == FALSE)
-+ DEBUG(D_deliver) debug_printf("DSN: *** NOT SENDING DSN SUCCESS Message (gagged) ***\n");
-+ }
-+ }
-+
-+ addr_dsntmp = addr_dsntmp->next;
-+}
-+
-+/* ********** philb - end of mod */
-+#endif
-+
- /* If any addresses failed, we must send a message to somebody, unless
- af_ignore_error is set, in which case no action is taken. It is possible for
- several messages to get sent if there are addresses with different
-diff -Naur exim-4.82_RC5.orig/src/EDITME exim-4.82_RC5/src/EDITME
---- exim-4.82_RC5.orig/src/EDITME 2013-10-27 21:46:25.000000000 +0100
-+++ exim-4.82_RC5/src/EDITME 2013-10-27 21:47:32.000000000 +0100
-@@ -192,6 +192,8 @@
- # least one type of lookup. You should consider whether you want to build
- # the Exim monitor or not.
-
-+# Support DSN
-+SUPPORT_DSN=yes
-
- #------------------------------------------------------------------------------
- # These settings determine which individual router drivers are included in the
-diff -Naur exim-4.82_RC5.orig/src/exim.c exim-4.82_RC5/src/exim.c
---- exim-4.82_RC5.orig/src/exim.c 2013-10-27 21:46:25.000000000 +0100
-+++ exim-4.82_RC5/src/exim.c 2013-10-27 21:47:32.000000000 +0100
-@@ -831,6 +831,9 @@
- #ifdef EXPERIMENTAL_REDIS
- fprintf(f, " Experimental_Redis");
- #endif
-+#ifdef SUPPORT_DSN
-+ fprintf(f, " C&W_DSN_1.3");
-+#endif
- fprintf(f, "\n");
-
- fprintf(f, "Lookups (built-in):");
-@@ -2653,6 +2656,16 @@
- break;
- }
-
-+ #ifdef SUPPORT_DSN
-+ /* -MCD: set the smtp_use_dsn flag; this indicates that the host
-+ that exim is connected to supports the esmtp extension DSN */
-+ else if (strcmp(argrest, "CD") == 0)
-+ {
-+ smtp_use_dsn = TRUE;
-+ break;
-+ }
-+ #endif
-+
- /* -MCP: set the smtp_use_pipelining flag; this is useful only when
- it preceded -MC (see above) */
-
-diff -Naur exim-4.82_RC5.orig/src/globals.c exim-4.82_RC5/src/globals.c
---- exim-4.82_RC5.orig/src/globals.c 2013-10-27 21:46:25.000000000 +0100
-+++ exim-4.82_RC5/src/globals.c 2013-10-27 21:47:32.000000000 +0100
-@@ -124,6 +124,13 @@
- uschar *local_scan_path = NULL;
- #endif
-
-+#ifdef SUPPORT_DSN
-+BOOL dsn = TRUE;
-+uschar *dsn_envid = NULL;
-+int dsn_ret = 0;
-+const pcre *regex_DSN = NULL;
-+BOOL smtp_use_dsn = FALSE;
-+#endif
-
- #ifdef SUPPORT_TLS
- BOOL gnutls_compat_mode = FALSE;
-@@ -341,6 +348,11 @@
- NULL, /* authenticator */
- NULL, /* auth_id */
- NULL, /* auth_sndr */
-+ #ifdef SUPPORT_DSN
-+ NULL, /* dsn_orcpt */
-+ 0, /* dsn_flags */
-+ NULL, /* dsn_aware */
-+ #endif
- (uid_t)(-1), /* uid */
- (gid_t)(-1), /* gid */
- 0, /* flags */
-@@ -1096,6 +1108,9 @@
- TRUE, /* verify_sender */
- FALSE, /* uid_set */
- FALSE, /* unseen */
-+#ifdef SUPPORT_DSN
-+ FALSE, /* dsn_process */
-+#endif
-
- self_freeze, /* self_code */
- (uid_t)(-1), /* uid */
-@@ -1105,6 +1120,7 @@
- NULL, /* transport instance */
- NULL, /* pass_router */
- NULL /* redirect_router */
-+
- };
-
- uschar *router_name = NULL;
-diff -Naur exim-4.82_RC5.orig/src/globals.h exim-4.82_RC5/src/globals.h
---- exim-4.82_RC5.orig/src/globals.h 2013-10-27 21:46:25.000000000 +0100
-+++ exim-4.82_RC5/src/globals.h 2013-10-27 21:47:32.000000000 +0100
-@@ -130,6 +130,13 @@
- extern int (*receive_ferror)(void);
- extern BOOL (*receive_smtp_buffered)(void);
-
-+#ifdef SUPPORT_DSN
-+extern BOOL dsn; /* FALSE if DSN not to be used */
-+extern uschar *dsn_envid; /* DSN envid string */
-+extern int dsn_ret; /* DSN ret type*/
-+extern const pcre *regex_DSN; /* For recognizing DSN settings */
-+extern BOOL smtp_use_dsn; /* Global for passed connections */
-+#endif
-
- /* For clearing, saving, restoring address expansion variables. We have to have
- the size of this vector set explicitly, because it is referenced from more than
-diff -Naur exim-4.82_RC5.orig/src/local_scan.h exim-4.82_RC5/src/local_scan.h
---- exim-4.82_RC5.orig/src/local_scan.h 2013-10-27 21:46:25.000000000 +0100
-+++ exim-4.82_RC5/src/local_scan.h 2013-10-27 21:47:32.000000000 +0100
-@@ -124,9 +124,13 @@
- field is always NULL except for one_time aliases that had errors_to on the
- routers that generated them. */
-
-+/* Added the dsn attributes orcpt and dsn_flags for DSN support*/
-+
- typedef struct recipient_item {
- uschar *address; /* the recipient address */
- int pno; /* parent number for "one_time" alias, or -1 */
-+ uschar *orcpt; /* DSN orcpt */
-+ int dsn_flags; /* DSN flags */
- uschar *errors_to; /* the errors_to address or NULL */
- #ifdef EXPERIMENTAL_BRIGHTMAIL
- uschar *bmi_optin;
-diff -Naur exim-4.82_RC5.orig/src/macros.h exim-4.82_RC5/src/macros.h
---- exim-4.82_RC5.orig/src/macros.h 2013-10-27 21:46:25.000000000 +0100
-+++ exim-4.82_RC5/src/macros.h 2013-10-27 21:47:32.000000000 +0100
-@@ -778,6 +778,22 @@
- #define topt_no_body 0x040 /* Omit body */
- #define topt_escape_headers 0x080 /* Apply escape check to headers */
-
-+ /* Flags for recipient_block, used in DSN support */
-+
-+ #define rf_onetime 0x01 /* A one-time alias */
-+ #define rf_notify_never 0x02 /* NOTIFY= settings */
-+ #define rf_notify_success 0x04
-+ #define rf_notify_failure 0x08
-+ #define rf_notify_delay 0x10
-+
-+ #define rf_dsnflags (rf_notify_never | rf_notify_success | \
-+ rf_notify_failure | rf_notify_delay)
-+
-+ /* DSN RET types */
-+
-+ #define dsn_ret_full 1
-+ #define dsn_ret_hdrs 2
-+
- /* Codes for the host_find_failed and host_all_ignored options. */
-
- #define hff_freeze 0
-diff -Naur exim-4.82_RC5.orig/src/readconf.c exim-4.82_RC5/src/readconf.c
---- exim-4.82_RC5.orig/src/readconf.c 2013-10-27 21:46:25.000000000 +0100
-+++ exim-4.82_RC5/src/readconf.c 2013-10-27 21:49:15.000000000 +0100
-@@ -229,6 +229,9 @@
- /* This option is now a no-op, retained for compability */
- { "drop_cr", opt_bool, &drop_cr },
- /*********************************************************/
-+#ifdef SUPPORT_DSN
-+ { "dsn", opt_bool, &dsn },
-+#endif
- { "dsn_from", opt_stringptr, &dsn_from },
- { "envelope_to_remove", opt_bool, &envelope_to_remove },
- { "errors_copy", opt_stringptr, &errors_copy },
-diff -Naur exim-4.82_RC5.orig/src/receive.c exim-4.82_RC5/src/receive.c
---- exim-4.82_RC5.orig/src/receive.c 2013-10-27 21:46:25.000000000 +0100
-+++ exim-4.82_RC5/src/receive.c 2013-10-27 21:47:32.000000000 +0100
-@@ -490,6 +490,8 @@
- memcpy(recipients_list, oldlist, oldmax * sizeof(recipient_item));
- }
-
-+/* memset added by GC to blank dsn records, etc. */
-+memset(&recipients_list[recipients_count], 0, sizeof(recipient_item));
- recipients_list[recipients_count].address = recipient;
- recipients_list[recipients_count].pno = pno;
- #ifdef EXPERIMENTAL_BRIGHTMAIL
-diff -Naur exim-4.82_RC5.orig/src/route.c exim-4.82_RC5/src/route.c
---- exim-4.82_RC5.orig/src/route.c 2013-10-27 21:46:25.000000000 +0100
-+++ exim-4.82_RC5/src/route.c 2013-10-27 21:47:32.000000000 +0100
-@@ -58,6 +58,10 @@
- (void *)offsetof(router_instance, domains) },
- { "driver", opt_stringptr|opt_public,
- (void *)offsetof(router_instance, driver_name) },
-+ #ifdef SUPPORT_DSN
-+ { "dsn_process", opt_bool|opt_public,
-+ (void *)offsetof(router_instance, dsn_process) },
-+ #endif
- { "errors_to", opt_stringptr|opt_public,
- (void *)(offsetof(router_instance, errors_to)) },
- { "expn", opt_bool|opt_public,
-@@ -270,6 +274,13 @@
-
- if (r->pass_router_name != NULL)
- set_router(r, r->pass_router_name, &(r->pass_router), TRUE);
-+
-+ #ifdef SUPPORT_DSN
-+ if (r->dsn_process == FALSE)
-+ DEBUG(D_route) debug_printf("%s router skipping DSN - add dsn_process to router\n", r->name);
-+ if (r->dsn_process == TRUE)
-+ DEBUG(D_route) debug_printf("%s router performing DSN \n", r->name);
-+ #endif
- }
- }
-
-@@ -1412,7 +1423,10 @@
-
- copyflag(new, addr, af_propagate);
- new->p.address_data = addr->p.address_data;
--
-+#ifdef SUPPORT_DSN
-+ new->dsn_flags = addr->dsn_flags;
-+ new->dsn_orcpt = addr->dsn_orcpt;
-+#endif
-
- /* As it has turned out, we haven't set headers_add or headers_remove for the
- * clone. Thinking about it, it isn't entirely clear whether they should be
-diff -Naur exim-4.82_RC5.orig/src/smtp_in.c exim-4.82_RC5/src/smtp_in.c
---- exim-4.82_RC5.orig/src/smtp_in.c 2013-10-27 21:46:25.000000000 +0100
-+++ exim-4.82_RC5/src/smtp_in.c 2013-10-27 21:47:32.000000000 +0100
-@@ -213,6 +213,9 @@
- #ifdef EXPERIMENTAL_PRDR
- ENV_MAIL_OPT_PRDR,
- #endif
-+#ifdef SUPPORT_DSN
-+ ENV_MAIL_OPT_RET, ENV_MAIL_OPT_ENVID,
-+#endif
- ENV_MAIL_OPT_NULL
- };
- typedef struct {
-@@ -228,6 +231,10 @@
- #ifdef EXPERIMENTAL_PRDR
- { US"PRDR", ENV_MAIL_OPT_PRDR, FALSE },
- #endif
-+#ifdef SUPPORT_DSN
-+ { US"RET", ENV_MAIL_OPT_RET, FALSE },
-+ { US"ENVID", ENV_MAIL_OPT_ENVID, FALSE },
-+#endif
- { US"NULL", ENV_MAIL_OPT_NULL, FALSE }
- };
-
-@@ -1073,6 +1080,13 @@
- sender_verified_list = NULL; /* No senders verified */
- memset(sender_address_cache, 0, sizeof(sender_address_cache));
- memset(sender_domain_cache, 0, sizeof(sender_domain_cache));
-+
-+#ifdef SUPPORT_DSN
-+/* Reset the DSN flags */
-+dsn_ret = 0;
-+dsn_envid = NULL;
-+#endif
-+
- authenticated_sender = NULL;
- #ifdef EXPERIMENTAL_BRIGHTMAIL
- bmi_run = 0;
-@@ -2679,6 +2693,10 @@
- int ptr, size, rc;
- int c, i;
- auth_instance *au;
-+#ifdef SUPPORT_DSN
-+ uschar *orcpt = NULL;
-+ int flags;
-+#endif
-
- switch(smtp_read_command(TRUE))
- {
-@@ -3106,6 +3124,12 @@
- s = string_cat(s, &size, &ptr, US"-8BITMIME\r\n", 11);
- }
-
-+ #ifdef SUPPORT_DSN
-+ /* Advertise DSN support if configured to do so. */
-+ if (dsn)
-+ s = string_cat(s, &size, &ptr, US"250-DSN\r\n", 9);
-+ #endif
-+
- /* Advertise ETRN if there's an ACL checking whether a host is
- permitted to issue it; a check is made when any host actually tries. */
-
-@@ -3360,6 +3384,42 @@
- arg_error = TRUE;
- break;
-
-+#ifdef SUPPORT_DSN
-+
-+ /* Handle the two DSN options, but only if configured to do so
-+ * (which will have caused "DSN" to be given in the EHLO
-+ * response). The code itself is included only if configured in
-+ * at build time. */
-+
-+ case ENV_MAIL_OPT_RET:
-+ /* Check if RET has already been set */
-+ if (dsn_ret > 0) {
-+ synprot_error(L_smtp_syntax_error, 501, NULL,
-+ US"RET can be specified once only");
-+ goto COMMAND_LOOP;
-+ }
-+ dsn_ret = (strcmpic(value, US"HDRS") == 0)? dsn_ret_hdrs :
-+ (strcmpic(value, US"FULL") == 0)? dsn_ret_full : 0;
-+ DEBUG(D_receive) debug_printf("DSN_RET: %d\n", dsn_ret);
-+ /* Check for invalid invalid value, and exit with error */
-+ if (dsn_ret == 0) {
-+ synprot_error(L_smtp_syntax_error, 501, NULL,
-+ US"Value for RET is invalid");
-+ goto COMMAND_LOOP;
-+ }
-+ break;
-+ case ENV_MAIL_OPT_ENVID:
-+ /* Check if the dsn envid has been already set */
-+ if (dsn_envid != NULL) {
-+ synprot_error(L_smtp_syntax_error, 501, NULL,
-+ US"ENVID can be specified once only");
-+ goto COMMAND_LOOP;
-+ }
-+ dsn_envid = string_copy(value);
-+ DEBUG(D_receive) debug_printf("DSN_ENVID: %s\n", dsn_envid);
-+ break;
-+#endif
-+
- /* Handle the AUTH extension. If the value given is not "<>" and either
- the ACL says "yes" or there is no ACL but the sending host is
- authenticated, we set it up as the authenticated sender. However, if the
-@@ -3633,6 +3693,89 @@
- rcpt_fail_count++;
- break;
- }
-+
-+ #ifdef SUPPORT_DSN
-+ /* Set the DSN flags orcpt and dsn_flags from the session*/
-+ orcpt = NULL;
-+ flags = 0;
-+
-+ if (esmtp) for(;;)
-+ {
-+ uschar *name, *value, *end;
-+ int size;
-+
-+ if (!extract_option(&name, &value))
-+ {
-+ break;
-+ }
-+
-+ if (strcmpic(name, US"ORCPT") == 0)
-+ {
-+ /* Check whether orcpt has been already set */
-+ if (orcpt != NULL) {
-+ synprot_error(L_smtp_syntax_error, 501, NULL,
-+ US"ORCPT can be specified once only");
-+ goto COMMAND_LOOP;
-+ }
-+ orcpt = string_copy(value);
-+ DEBUG(D_receive) debug_printf("DSN orcpt: %s\n", orcpt);
-+ }
-+
-+ else if (strcmpic(name, US"NOTIFY") == 0)
-+ {
-+ /* Check if the notify flags have been already set */
-+ if (flags > 0)
-+ {
-+ synprot_error(L_smtp_syntax_error, 501, NULL,
-+ US"NOTIFY can be specified once only");
-+ goto COMMAND_LOOP;
-+ }
-+ if (strcmpic(value, US"NEVER") == 0) flags |= rf_notify_never; else
-+ {
-+ uschar *p = value;
-+ while (*p != 0)
-+ {
-+ uschar *pp = p;
-+ while (*pp != 0 && *pp != ',') pp++;
-+ if (*pp == ',') *pp++ = 0;
-+ if (strcmpic(p, US"SUCCESS") == 0) {
-+ DEBUG(D_receive) debug_printf("GC: Setting notify success\n");
-+ flags |= rf_notify_success;
-+ }
-+ else if (strcmpic(p, US"FAILURE") == 0) {
-+ DEBUG(D_receive) debug_printf("GC: Setting notify failure\n");
-+ flags |= rf_notify_failure;
-+ }
-+ else if (strcmpic(p, US"DELAY") == 0) {
-+ DEBUG(D_receive) debug_printf("GC: Setting notify delay\n");
-+ flags |= rf_notify_delay;
-+ }
-+ else
-+ {
-+ /* Catch any strange values */
-+ synprot_error(L_smtp_syntax_error, 501, NULL,
-+ US"Invalid value for NOTIFY parameter");
-+ goto COMMAND_LOOP;
-+ }
-+ p = pp;
-+ }
-+ DEBUG(D_receive) debug_printf("DSN Flags: %x\n", flags);
-+ }
-+ }
-+
-+ /* Unknown option. Stick back the terminator characters and break
-+ the loop. An error for a malformed address will occur. */
-+
-+ else
-+ {
-+ DEBUG(D_receive) debug_printf("Invalid dsn command: %s : %s\n", name, value);
-+ name[-1] = ' ';
-+ value[-1] = '=';
-+ break;
-+ }
-+ }
-+ #endif
-+
-
- /* Apply SMTP rewriting then extract the working address. Don't allow "<>"
- as a recipient address */
-@@ -3747,6 +3890,24 @@
- if (user_msg == NULL) smtp_printf("250 Accepted\r\n");
- else smtp_user_msg(US"250", user_msg);
- receive_add_recipient(recipient, -1);
-+
-+ #ifdef SUPPORT_DSN
-+
-+ /* Set the dsn flags in the recipients_list */
-+ if (orcpt != NULL)
-+ recipients_list[recipients_count-1].orcpt = orcpt;
-+ else
-+ recipients_list[recipients_count-1].orcpt = NULL;
-+
-+ if (flags != 0)
-+ recipients_list[recipients_count-1].dsn_flags = flags;
-+ else
-+ recipients_list[recipients_count-1].dsn_flags = 0;
-+ debug_printf("DSN-AJ(smtp-in): orcpt: %s flags: %d\n", recipients_list[recipients_count-1].orcpt, recipients_list[recipients_count-1].dsn_flags);
-+
-+
-+ #endif
-+
- }
-
- /* The recipient was discarded */
-diff -Naur exim-4.82_RC5.orig/src/spool_in.c exim-4.82_RC5/src/spool_in.c
---- exim-4.82_RC5.orig/src/spool_in.c 2013-10-27 21:46:25.000000000 +0100
-+++ exim-4.82_RC5/src/spool_in.c 2013-10-27 21:47:32.000000000 +0100
-@@ -293,6 +293,13 @@
- spam_score_int = NULL;
- #endif
-
-+#ifdef SUPPORT_DSN
-+#ifndef COMPILE_UTILITY
-+dsn_ret = 0;
-+dsn_envid = NULL;
-+#endif /* COMPILE_UTILITY */
-+#endif
-+
- /* Generate the full name and open the file. If message_subdir is already
- set, just look in the given directory. Otherwise, look in both the split
- and unsplit directories, as for the data file above. */
-@@ -467,6 +474,19 @@
- case 'd':
- if (Ustrcmp(p, "eliver_firsttime") == 0)
- deliver_firsttime = TRUE;
-+ #ifdef SUPPORT_DSN
-+ #ifndef COMPILE_UTILITY
-+ /* Check if the dsn flags have been set in the header file */
-+ else if (Ustrncmp(p, "sn_ret", 6) == 0)
-+ {
-+ dsn_ret= atoi(big_buffer + 8);
-+ }
-+ else if (Ustrncmp(p, "sn_envid", 8) == 0)
-+ {
-+ dsn_envid = string_copy(big_buffer + 11);
-+ }
-+ #endif /* COMPILE_UTILITY */
-+ #endif
- break;
-
- case 'f':
-@@ -554,7 +574,7 @@
- tls_in.sni = string_unprinting(string_copy(big_buffer + 9));
- break;
- #endif
--
-+
- default: /* Present because some compilers complain if all */
- break; /* possibilities are not covered. */
- }
-@@ -604,6 +624,10 @@
- {
- int nn;
- int pno = -1;
-+ #ifdef SUPPORT_DSN
-+ int dsn_flags = 0;
-+ uschar *orcpt = NULL;
-+ #endif
- uschar *errors_to = NULL;
- uschar *p;
-
-@@ -672,10 +696,19 @@
- }
-
- /* Handle current format Exim 4 spool files */
-+ /* Spool file is modified if DSN is supported
-+ Original was "address errors_to len(errors_to),pno
-+ New for DSN support is now:
-+ "address errors_to orcpt len(errors_to),len(orcpt),pno,dsn_flags */
-
- else if (*p == '#')
- {
- int flags;
-+
-+ #ifndef COMPILE_UTILITY
-+ DEBUG(D_deliver) debug_printf("**** SPOOL_IN - Exim 4 standard format spoolfile\n");
-+ #endif /* COMPILE_UTILITY */
-+
- (void)sscanf(CS p+1, "%d", &flags);
-
- if ((flags & 0x01) != 0) /* one_time data exists */
-@@ -688,15 +721,82 @@
- {
- p -= len;
- errors_to = string_copy(p);
-+ }
-+ }
-+
-+ *(--p) = 0; /* Terminate address */
-+ }
-+ #ifdef SUPPORT_DSN
-+ else if (*p == '!') /* Handle Exim4 + DSN spool files */
-+ {
-+ int flags;
-+ int temp_dsn_flags;
-+
-+ #ifndef COMPILE_UTILITY
-+ DEBUG(D_deliver) debug_printf("**** SPOOL_IN - C&W DSN format spoolfile\n");
-+ #endif /* COMPILE_UTILITY */
-+
-+ sscanf(CS p+1, "%d,%d", &flags, &temp_dsn_flags);
-+
-+ if (((flags & 0x01) != 0) || (temp_dsn_flags > 0)) /* one_time data or dsn_flags exist */
-+ {
-+ int len;
-+ int len_orcpt;
-+
-+ #ifndef COMPILE_UTILITY
-+ DEBUG(D_deliver) debug_printf("**** spool_in dsn_flags = 0\n");
-+ #endif /* COMPILE_UTILITY */
-+
-+ dsn_flags = 0;
-+
-+ while (isdigit(*(--p)) || *p == ',' || *p == '-');
-+ sscanf(CS p+1, "%d,%d,%d,%d", &len, &len_orcpt, &pno, &dsn_flags);
-+
-+ *p = 0;
-+ if (len_orcpt > 0)
-+ {
-+ p -= len_orcpt;
-+ orcpt = string_copy(p);
- }
-+ *(--p) = 0; /* change the space to a NULL */
-+
-+ if (len > 0)
-+ {
-+ p -= len;
-+ errors_to = string_copy(p);
-+ }
- }
-
- *(--p) = 0; /* Terminate address */
- }
-+ #endif
-+ #ifndef COMPILE_UTILITY
-+ else
-+ {
-+ DEBUG(D_deliver) debug_printf("**** SPOOL_IN - No additional fields\n");
-+ }
-+ #endif /* COMPILE_UTILITY */
-+
-+ #ifdef SUPPORT_DSN
-+ #ifndef COMPILE_UTILITY
-+ DEBUG(D_deliver) debug_printf("**** SPOOL_IN - address: |%s| errorsto: |%s| orcpt: |%s| dsn_flags: %d\n",
-+ big_buffer, errors_to, orcpt, dsn_flags);
-+ #endif /* COMPILE_UTILITY */
-+ #endif
-+ #ifndef SUPPORT_DSN
-+ #ifndef COMPILE_UTILITY
-+ DEBUG(D_deliver) debug_printf("**** SPOOL_IN - address: |%s| errorsto: |%s|\n",
-+ big_buffer, errors_to);
-+ #endif /* COMPILE_UTILITY */
-+ #endif
-
- recipients_list[recipients_count].address = string_copy(big_buffer);
- recipients_list[recipients_count].pno = pno;
- recipients_list[recipients_count].errors_to = errors_to;
-+ #ifdef SUPPORT_DSN
-+ recipients_list[recipients_count].orcpt = orcpt;
-+ recipients_list[recipients_count].dsn_flags = dsn_flags;
-+ #endif
- }
-
- /* The remainder of the spool header file contains the headers for the message,
-diff -Naur exim-4.82_RC5.orig/src/spool_out.c exim-4.82_RC5/src/spool_out.c
---- exim-4.82_RC5.orig/src/spool_out.c 2013-10-27 21:46:25.000000000 +0100
-+++ exim-4.82_RC5/src/spool_out.c 2013-10-27 21:47:32.000000000 +0100
-@@ -234,6 +234,15 @@
- if (tls_in.sni != NULL) fprintf(f, "-tls_sni %s\n", string_printing(tls_in.sni));
- #endif
-
-+#ifdef SUPPORT_DSN
-+/* Write the dsn flags to the spool header file */
-+DEBUG(D_deliver) debug_printf("DSN: Write SPOOL :-dsn_envid %s\n", dsn_envid);
-+if (dsn_envid != NULL) fprintf(f, "-dsn_envid %s\n", dsn_envid);
-+DEBUG(D_deliver) debug_printf("DSN: Write SPOOL :-dsn_ret %d\n", dsn_ret);
-+if (dsn_ret != 0) fprintf(f, "-dsn_ret %d\n", dsn_ret);
-+#endif
-+
-+
- /* To complete the envelope, write out the tree of non-recipients, followed by
- the list of recipients. These won't be disjoint the first time, when no
- checking has been done. If a recipient is a "one-time" alias, it is followed by
-@@ -244,14 +253,36 @@
- for (i = 0; i < recipients_count; i++)
- {
- recipient_item *r = recipients_list + i;
-- if (r->pno < 0 && r->errors_to == NULL)
-+#ifdef SUPPORT_DSN
-+DEBUG(D_deliver) debug_printf("DSN: Flags :%d\n", r->dsn_flags);
-+#endif
-+ if (r->pno < 0 && r->errors_to == NULL
-+ #ifdef SUPPORT_DSN
-+ && r->dsn_flags == 0
-+ #endif
-+ )
- fprintf(f, "%s\n", r->address);
- else
- {
- uschar *errors_to = (r->errors_to == NULL)? US"" : r->errors_to;
-+ #ifdef SUPPORT_DSN
-+ uschar *orcpt = (r->orcpt == NULL)? US"" : r->orcpt;
-+ fprintf(f, "%s %s %s %d,%d,%d,%d!1\n", r->address, errors_to, orcpt,
-+ Ustrlen(errors_to), Ustrlen(orcpt), r->pno, r->dsn_flags);
-+ #else
- fprintf(f, "%s %s %d,%d#1\n", r->address, errors_to,
- Ustrlen(errors_to), r->pno);
-+ #endif
- }
-+
-+ #ifdef SUPPORT_DSN
-+ DEBUG(D_deliver) debug_printf("DSN :**** SPOOL_OUT - address: |%s| errorsto: |%s| orcpt: |%s| dsn_flags: %d\n",
-+ r->address, r->errors_to, r->orcpt, r->dsn_flags);
-+ #endif
-+ #ifndef SUPPORT_DSN
-+ DEBUG(D_deliver) debug_printf("**** SPOOL_OUT - address: |%s| errorsto: |%s|\n",
-+ r->address, r->errors_to);
-+ #endif
- }
-
- /* Put a blank line before the headers */
-diff -Naur exim-4.82_RC5.orig/src/structs.h exim-4.82_RC5/src/structs.h
---- exim-4.82_RC5.orig/src/structs.h 2013-10-27 21:46:25.000000000 +0100
-+++ exim-4.82_RC5/src/structs.h 2013-10-27 21:47:32.000000000 +0100
-@@ -282,7 +282,9 @@
- BOOL verify_sender; /* Use this router when verifying a sender */
- BOOL uid_set; /* Flag to indicate uid is set */
- BOOL unseen; /* If TRUE carry on, even after success */
--
-+#ifdef SUPPORT_DSN
-+ BOOL dsn_process; /* If TRUE, activate DSN for this router */
-+#endif
- int self_code; /* Encoded version of "self" */
- uid_t uid; /* Fixed uid value */
- gid_t gid; /* Fixed gid value */
-@@ -547,6 +549,12 @@
- uschar *auth_id; /* auth "login" name used by transport */
- uschar *auth_sndr; /* AUTH arg to SMTP MAIL, used by transport */
-
-+ #ifdef SUPPORT_DSN
-+ uschar *dsn_orcpt; /* DSN orcpt value */
-+ int dsn_flags; /* DSN flags */
-+ uschar *dsn_aware; /* DSN aware flag */
-+ #endif
-+
- uid_t uid; /* uid for transporting */
- gid_t gid; /* gid for transporting */
-
-diff -Naur exim-4.82_RC5.orig/src/transport.c exim-4.82_RC5/src/transport.c
---- exim-4.82_RC5.orig/src/transport.c 2013-10-27 21:46:25.000000000 +0100
-+++ exim-4.82_RC5/src/transport.c 2013-10-27 21:47:32.000000000 +0100
-@@ -1802,6 +1802,11 @@
-
- argv = child_exec_exim(CEE_RETURN_ARGV, TRUE, &i, FALSE, 0);
-
-+ #ifdef SUPPORT_DSN
-+ /* Call with the dsn flag */
-+ if (smtp_use_dsn) argv[i++] = US"-MCD";
-+ #endif
-+
- if (smtp_authenticated) argv[i++] = US"-MCA";
-
- #ifdef SUPPORT_TLS
-diff -Naur exim-4.82_RC5.orig/src/transports/smtp.c exim-4.82_RC5/src/transports/smtp.c
---- exim-4.82_RC5.orig/src/transports/smtp.c 2013-10-27 21:46:25.000000000 +0100
-+++ exim-4.82_RC5/src/transports/smtp.c 2013-10-27 21:47:32.000000000 +0100
-@@ -242,6 +242,16 @@
- #endif
- };
-
-+#ifdef SUPPORT_DSN
-+/* some DSN flags for use later */
-+
-+static int rf_list[] = {rf_notify_never, rf_notify_success,
-+ rf_notify_failure, rf_notify_delay };
-+
-+static uschar *rf_names[] = { "NEVER", "SUCCESS", "FAILURE", "DELAY" };
-+#endif
-+
-+
-
- /* Local statics */
-
-@@ -1079,6 +1089,27 @@
- else if (new[0] != 0) local_authenticated_sender = new;
- }
-
-+#ifdef SUPPORT_DSN
-+/* Add any DSN flags to the mail command */
-+
-+if (smtp_use_dsn)
-+ {
-+ uschar *p = buffer;
-+ if (dsn_ret == dsn_ret_hdrs)
-+ {
-+ strcpy(p, " RET=HDRS");
-+ while (*p) p++;
-+ }
-+ else if (dsn_ret == dsn_ret_full)
-+ {
-+ strcpy(p, " RET=FULL");
-+ while (*p) p++;
-+ }
-+ if (dsn_envid != NULL)
-+ string_format(p, sizeof(buffer) - (p-buffer), " ENVID=%s", dsn_envid);
-+ }
-+#endif
-+
- /* Add the authenticated sender address if present */
-
- if ((smtp_authenticated || ob->authenticated_sender_force) &&
-@@ -1587,6 +1618,14 @@
- {DEBUG(D_transport) debug_printf("PRDR usable\n");}
- #endif
-
-+ #ifdef SUPPORT_DSN
-+ /* Note if the server supports DSN */
-+ smtp_use_dsn = dsn &&
-+ esmtp && pcre_exec(regex_DSN, NULL, CS buffer, (int)Ustrlen(CS buffer), 0,
-+ PCRE_EOPT, NULL, 0) >= 0;
-+ DEBUG(D_transport) debug_printf("use_dsn=%d\n", smtp_use_dsn);
-+ #endif
-+
- /* Note if the response to EHLO specifies support for the AUTH extension.
- If it has, check that this host is one we want to authenticate to, and do
- the business. The host name and address must be available when the
-@@ -1746,18 +1785,66 @@
- int count;
- BOOL no_flush;
-
-+ #ifdef SUPPORT_DSN
-+ /* philb - set dsn_aware flag for this recipient */
-+ if(smtp_use_dsn)
-+ addr->dsn_aware = string_copy("Y");
-+ else
-+ addr->dsn_aware = string_copy("N");
-+ #endif
-+
- if (addr->transport_return != PENDING_DEFER) continue;
-
- address_count++;
- no_flush = smtp_use_pipelining && (!mua_wrapper || addr->next != NULL);
-
-+ #ifdef SUPPORT_DSN
-+ /* Add any DSN flags to the rcpt command and add to the sent string */
-+
-+ p = buffer;
-+ *p = 0;
-+
-+ if (smtp_use_dsn)
-+ {
-+ if ((addr->dsn_flags & rf_dsnflags) != 0)
-+ {
-+ int i;
-+ BOOL first = TRUE;
-+ strcpy(p, " NOTIFY=");
-+ while (*p) p++;
-+ for (i = 0; i < 4; i++)
-+ {
-+ if ((addr->dsn_flags & rf_list[i]) != 0)
-+ {
-+ if (!first) *p++ = ',';
-+ first = FALSE;
-+ strcpy(p, rf_names[i]);
-+ while (*p) p++;
-+ }
-+ }
-+ }
-+
-+ if (addr->dsn_orcpt != NULL)
-+ string_format(p, sizeof(buffer) - (p-buffer), " ORCPT=%s",
-+ addr->dsn_orcpt);
-+ }
-+
-+ #endif
-+
-+
- /* Now send the RCPT command, and process outstanding responses when
- necessary. After a timeout on RCPT, we just end the function, leaving the
- yield as OK, because this error can often mean that there is a problem with
- just one address, so we don't want to delay the host. */
-
-+ #ifdef SUPPORT_DSN
-+ count = smtp_write_command(&outblock, no_flush, "RCPT TO:<%s>%s%s\r\n",
-+ transport_rcpt_address(addr, tblock->rcpt_include_affixes), igquotstr, buffer);
-+ #else
- count = smtp_write_command(&outblock, no_flush, "RCPT TO:<%s>%s\r\n",
- transport_rcpt_address(addr, tblock->rcpt_include_affixes), igquotstr);
-+ #endif
-+
- if (count < 0) goto SEND_FAILED;
- if (count > 0)
- {
^ permalink raw reply related [flat|nested] 24+ messages in thread
* [gentoo-commits] repo/gentoo:master commit in: mail-mta/exim/files/, mail-mta/exim/
@ 2016-02-03 13:50 Fabian Groffen
0 siblings, 0 replies; 24+ messages in thread
From: Fabian Groffen @ 2016-02-03 13:50 UTC (permalink / raw
To: gentoo-commits
commit: 4339d7f48684a02e264e850cbfeac08e9c915460
Author: Fabian Groffen <grobian <AT> gentoo <DOT> org>
AuthorDate: Wed Feb 3 13:48:23 2016 +0000
Commit: Fabian Groffen <grobian <AT> gentoo <DOT> org>
CommitDate: Wed Feb 3 13:49:05 2016 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=4339d7f4
mail-mta/exim: add patch to avoid TMPDIR issues with distcc, bug #63420
Package-Manager: portage-2.2.20-prefix
mail-mta/exim/exim-4.86-r2.ebuild | 1 +
mail-mta/exim/exim-4.87_rc3.ebuild | 1 +
mail-mta/exim/files/exim-4.86-TMPDIR.patch | 71 ++++++++++++++++++++++++++++++
3 files changed, 73 insertions(+)
diff --git a/mail-mta/exim/exim-4.86-r2.ebuild b/mail-mta/exim/exim-4.86-r2.ebuild
index 02f4639..8d54cba 100644
--- a/mail-mta/exim/exim-4.86-r2.ebuild
+++ b/mail-mta/exim/exim-4.86-r2.ebuild
@@ -87,6 +87,7 @@ src_prepare() {
epatch "${FILESDIR}"/exim-4.76-crosscompile.patch # 266591
epatch "${FILESDIR}"/exim-4.86-radius-type-fix.patch
epatch "${FILESDIR}"/exim-4.86-radius-include.patch
+ epatch "${FILESDIR}"/exim-4.86-TMPDIR.patch # 63420
if use maildir ; then
epatch "${FILESDIR}"/exim-4.20-maildir.patch
diff --git a/mail-mta/exim/exim-4.87_rc3.ebuild b/mail-mta/exim/exim-4.87_rc3.ebuild
index 7c370de..356e2ff 100644
--- a/mail-mta/exim/exim-4.87_rc3.ebuild
+++ b/mail-mta/exim/exim-4.87_rc3.ebuild
@@ -85,6 +85,7 @@ src_prepare() {
epatch "${FILESDIR}"/exim-4.82-makefile-freebsd.patch # 235785
epatch "${FILESDIR}"/exim-4.87-as-needed-ldflags.patch # 352265, 391279
epatch "${FILESDIR}"/exim-4.76-crosscompile.patch # 266591
+ epatch "${FILESDIR}"/exim-4.86-TMPDIR.patch # 63420
if use maildir ; then
epatch "${FILESDIR}"/exim-4.20-maildir.patch
diff --git a/mail-mta/exim/files/exim-4.86-TMPDIR.patch b/mail-mta/exim/files/exim-4.86-TMPDIR.patch
new file mode 100644
index 0000000..7fb0a79
--- /dev/null
+++ b/mail-mta/exim/files/exim-4.86-TMPDIR.patch
@@ -0,0 +1,71 @@
+From c36cf51b85cfc86e46226c846914c8d915f9f3c0 Mon Sep 17 00:00:00 2001
+From: Alexander Tsoy <alexander@tsoy.me>
+Date: Tue, 2 Feb 2016 20:56:15 +0300
+Subject: [PATCH] Rename build-time option TMPDIR to EXIM_TMPDIR
+
+---
+ src/EDITME | 2 +-
+ src/config.h.defaults | 2 +-
+ src/exim.c | 12 ++++++------
+ 3 files changed, 8 insertions(+), 8 deletions(-)
+
+diff --git a/src/EDITME b/src/EDITME
+index 30a296e..6afe0c7 100644
+--- a/src/EDITME
++++ b/src/EDITME
+@@ -1123,7 +1123,7 @@ SYSTEM_ALIASES_FILE=/etc/aliases
+ # it replaces the value with what is defined here. Commenting this setting
+ # suppresses the check altogether.
+
+-TMPDIR="/tmp"
++EXIM_TMPDIR="/tmp"
+
+
+ #------------------------------------------------------------------------------
+diff --git a/src/config.h.defaults b/src/config.h.defaults
+index 14de083..c1cf1a9 100644
+--- a/src/config.h.defaults
++++ b/src/config.h.defaults
+@@ -150,7 +150,7 @@ it's a default value. */
+
+ #define TCP_WRAPPERS_DAEMON_NAME "exim"
+ #define TIMEZONE_DEFAULT
+-#define TMPDIR
++#define EXIM_TMPDIR
+
+ #define TRANSPORT_APPENDFILE
+ #define TRANSPORT_AUTOREPLY
+diff --git a/src/exim.c b/src/exim.c
+index ebc71dd..c134bf5 100644
+--- a/src/exim.c
++++ b/src/exim.c
+@@ -3899,20 +3899,20 @@ if (log_oneline)
+ temporary files are created; Exim doesn't use these (apart from when delivering
+ to MBX mailboxes), but called libraries such as DBM libraries may require them.
+ If TMPDIR is found in the environment, reset it to the value defined in the
+-TMPDIR macro, if this macro is defined. */
++EXIM_TMPDIR macro, if this macro is defined. */
+
+-#ifdef TMPDIR
++#ifdef EXIM_TMPDIR
+ {
+ uschar **p;
+ for (p = USS environ; *p != NULL; p++)
+ {
+ if (Ustrncmp(*p, "TMPDIR=", 7) == 0 &&
+- Ustrcmp(*p+7, TMPDIR) != 0)
++ Ustrcmp(*p+7, EXIM_TMPDIR) != 0)
+ {
+- uschar *newp = malloc(Ustrlen(TMPDIR) + 8);
+- sprintf(CS newp, "TMPDIR=%s", TMPDIR);
++ uschar *newp = malloc(Ustrlen(EXIM_TMPDIR) + 8);
++ sprintf(CS newp, "TMPDIR=%s", EXIM_TMPDIR);
+ *p = newp;
+- DEBUG(D_any) debug_printf("reset TMPDIR=%s in environment\n", TMPDIR);
++ DEBUG(D_any) debug_printf("reset TMPDIR=%s in environment\n", EXIM_TMPDIR);
+ }
+ }
+ }
+--
+2.4.10
+
^ permalink raw reply related [flat|nested] 24+ messages in thread
* [gentoo-commits] repo/gentoo:master commit in: mail-mta/exim/files/, mail-mta/exim/
@ 2016-07-20 11:13 Fabian Groffen
0 siblings, 0 replies; 24+ messages in thread
From: Fabian Groffen @ 2016-07-20 11:13 UTC (permalink / raw
To: gentoo-commits
commit: 32894d99f140fe814b0ec07a8697a861612668bf
Author: Fabian Groffen <grobian <AT> gentoo <DOT> org>
AuthorDate: Wed Jul 20 11:13:08 2016 +0000
Commit: Fabian Groffen <grobian <AT> gentoo <DOT> org>
CommitDate: Wed Jul 20 11:13:08 2016 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=32894d99
mail-mta/exim: cleanup vulnerable versions, bug #585212
Package-Manager: portage-2.2.28
mail-mta/exim/Manifest | 4 -
mail-mta/exim/exim-4.85.ebuild | 508 --------------------
mail-mta/exim/exim-4.86-r1.ebuild | 511 ---------------------
mail-mta/exim/exim-4.87.ebuild | 2 +-
.../exim/files/exim-4.77-as-needed-ldflags.patch | 144 ------
5 files changed, 1 insertion(+), 1168 deletions(-)
diff --git a/mail-mta/exim/Manifest b/mail-mta/exim/Manifest
index c702b5e..9561003 100644
--- a/mail-mta/exim/Manifest
+++ b/mail-mta/exim/Manifest
@@ -1,7 +1,3 @@
-DIST exim-4.85.tar.bz2 1784150 SHA256 13211f2bbc5400d095a9b4be075eb1347e0d98676fdfe4be8a3b4d56281daaa4 SHA512 2c5846528ee98e4aff5dbabe49dfa5ba6753fa64154b9671a7849db8a17773917fe13bcb9e5f732c43d7479debfadd8012b8650823eb12504a6b1b28be456161 WHIRLPOOL 4057cd745f12ff62e956838406544060d3d2d7383027959f3c1ca12eff43bddb9be63e284767245b271e53bef92596c1241f5e90e9ed611d02e95b7a30adc7c8
-DIST exim-4.86.tar.bz2 1804807 SHA256 f1ccf2ce2ea51b7fbbf160e7e0e41d24ca401cf44a185128ad99ea04635fc456 SHA512 0b90cd1b4d99bbb976336ccf9c2c3375f453a74bb306f1b0215f7ecca80fbda83cf5cc38c502516c2903c5d753f1f559c534fc4f4b1b32ee3300db86de6610ab WHIRLPOOL a7e938cfaeb92af1b81c8a113752914b61e49d7fd71c39460b944716725b1e98b50a7c9ef1699569cd031ee7cac210639d9ef9bd21280e5ce7682eb40db91726
DIST exim-4.87.tar.bz2 1801422 SHA256 74691e0dff4d1b5d387e9c33c86f96a8f6d2adbc781c0dec9d2061a847b07dc9 SHA512 2b0d5c82133315c444e29abd182e0866482c904db1abe5ffe9a3008c2174f52eca850a433c069b4102874dc32bbe4af112beac94ffa154f1c06615c24deb47a4 WHIRLPOOL 3aede6629fbf41a71f6907e636458165258b523a3080d0b59ba6b295c1a258d8ce205a3295d4c49c2e6e88ef597b64895684fd47a3f5c3fba360d8e56be5f7f9
-DIST exim-html-4.85.tar.bz2 467069 SHA256 fd91946369626e74842a0799b93d0d9e4a201fe640af84e1b5349fe6ff204167 SHA512 8214576300827f79c0880e2d2163f71d7f1b3fe2aff714b591a011e48816965de5a773c3509137b085fec3d4d2128931f8398768c24dad6c92b7df27cbcafe74 WHIRLPOOL a7edffd7124c4920708616d3e59c0db5159dee5f7e4fd62ce29fdba769d39781a3826d4e3e39cdc97669941bb9a5c977defe280feb73cbe159b23df4cb6fe95f
-DIST exim-html-4.86.tar.bz2 471159 SHA256 02226a9fbb6d5aaa9d35f3e2a3bd9077e2307463de6baf6e3e2e938c1fe39146 SHA512 0c15fbccaf9b744fb8b7990d2b2bd0555a04ef5ed82ffbf2e32372a539bae6d7cebad96960f5570a2f8f27d31ebdf2467c51cb053b059996bb9122bc02fa741b WHIRLPOOL d9fbaa73491ab1657afb6ba59da5adea26144b58b358aeb9829731d3f35d6c1d8c7021c5243cb989e7c704cc346cde2a330f9eedc5b357326c1d56d7caa4a6c5
DIST exim-html-4.87.tar.bz2 478953 SHA256 8f87876d4a392f59d1009ba64ac461862951a3f4eed9c0b14a49be7bcbdc1f12 SHA512 224884abfd7ab9a2410dbdd24bb65545faf427f1b83a942c6c72309e7d85771f78bf7dc5ec1439de95e1038959cdfc4ab549abb98852c8b17c8310b51ad0385c WHIRLPOOL 0444f0b8d8f2e6fab66e9ec7b169eb1d175247e31c323f0a2817b60e2ce6b75057c8d38477697472b009f73fd4b285595b8ca09bac845763767e8146d6c87491
DIST system_filter.exim.gz 3075 SHA256 3a3471b486a09e0a0153f7b520e1eaf26d21b97d73ea8348bdc593c00eb1e437 SHA512 cb358d3ce2499a0bb5920d962a06f2af8486e55ec90c8c928bd8e3aefb279aa57f5f960d5adfcef68bd94110b405eaa144e9629cfe6014a529c79c544600bbf3 WHIRLPOOL ce68d9c18b24eca3ef97ea810964cc1ada5f85b795a7c432ad39b5788188a16419101c92fb52b418738d760e1d658f7a41485e5561079a667d84d276c71be5a4
diff --git a/mail-mta/exim/exim-4.85.ebuild b/mail-mta/exim/exim-4.85.ebuild
deleted file mode 100644
index bb74f3b..0000000
--- a/mail-mta/exim/exim-4.85.ebuild
+++ /dev/null
@@ -1,508 +0,0 @@
-# Copyright 1999-2016 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-# $Id$
-
-EAPI="5"
-
-inherit eutils toolchain-funcs multilib pam systemd
-
-IUSE="dcc +dkim dlfunc dmarc +dnsdb doc dovecot-sasl dsn exiscan-acl gnutls ipv6 ldap lmtp maildir mbx mysql nis pam perl pkcs11 postgres +prdr proxy radius redis sasl selinux spf sqlite srs ssl syslog tcpd tpda X"
-REQUIRED_USE="spf? ( exiscan-acl ) srs? ( exiscan-acl ) dmarc? ( spf dkim ) pkcs11? ( gnutls )"
-
-COMM_URI="ftp://ftp.exim.org/pub/exim/exim4$([[ ${PV} == *_rc* ]] && echo /test)"
-
-DESCRIPTION="A highly configurable, drop-in replacement for sendmail"
-SRC_URI="${COMM_URI}/${P//rc/RC}.tar.bz2
- mirror://gentoo/system_filter.exim.gz
- doc? ( ${COMM_URI}/${PN}-html-${PV//rc/RC}.tar.bz2 )"
-HOMEPAGE="http://www.exim.org/"
-
-SLOT="0"
-LICENSE="GPL-2"
-KEYWORDS="alpha amd64 hppa ia64 ppc ppc64 sparc x86 ~x86-fbsd ~x86-solaris"
-
-COMMON_DEPEND=">=sys-apps/sed-4.0.5
- >=sys-libs/db-3.2:=
- dev-libs/libpcre
- perl? ( dev-lang/perl:= )
- pam? ( virtual/pam )
- tcpd? ( sys-apps/tcp-wrappers )
- ssl? ( dev-libs/openssl:= )
- gnutls? ( net-libs/gnutls[pkcs11?]
- dev-libs/libtasn1 )
- ldap? ( >=net-nds/openldap-2.0.7 )
- mysql? ( virtual/mysql )
- postgres? ( dev-db/postgresql:= )
- sasl? ( >=dev-libs/cyrus-sasl-2.1.26-r2 )
- redis? ( dev-libs/hiredis )
- spf? ( >=mail-filter/libspf2-1.2.5-r1 )
- dmarc? ( mail-filter/opendmarc )
- srs? ( mail-filter/libsrs_alt )
- X? ( x11-proto/xproto
- x11-libs/libX11
- x11-libs/libXmu
- x11-libs/libXt
- x11-libs/libXaw
- )
- sqlite? ( dev-db/sqlite )
- radius? ( net-dialup/radiusclient )
- virtual/libiconv
- "
- # added X check for #57206
-DEPEND="${COMMON_DEPEND}
- virtual/pkgconfig"
-RDEPEND="${COMMON_DEPEND}
- !mail-mta/courier
- !mail-mta/esmtp
- !mail-mta/mini-qmail
- !<mail-mta/msmtp-1.4.19-r1
- !>=mail-mta/msmtp-1.4.19-r1[mta]
- !mail-mta/netqmail
- !mail-mta/nullmailer
- !mail-mta/postfix
- !mail-mta/qmail-ldap
- !mail-mta/sendmail
- !mail-mta/opensmtpd
- !<mail-mta/ssmtp-2.64-r2
- !>=mail-mta/ssmtp-2.64-r2[mta]
- !net-mail/mailwrapper
- >=net-mail/mailbase-0.00-r5
- virtual/logger
- dcc? ( mail-filter/dcc )
- selinux? ( sec-policy/selinux-exim )
- "
-
-S=${WORKDIR}/${P//rc/RC}
-
-src_prepare() {
- epatch "${FILESDIR}"/exim-4.14-tail.patch
- epatch "${FILESDIR}"/exim-4.74-localscan_dlopen.patch
- epatch "${FILESDIR}"/exim-4.69-r1.27021.patch
- epatch "${FILESDIR}"/exim-4.74-radius-db-ENV-clash.patch # 287426
- epatch "${FILESDIR}"/exim-4.82-makefile-freebsd.patch # 235785
- epatch "${FILESDIR}"/exim-4.77-as-needed-ldflags.patch # 352265, 391279
- epatch "${FILESDIR}"/exim-4.76-crosscompile.patch # 266591
-
- if use maildir ; then
- epatch "${FILESDIR}"/exim-4.20-maildir.patch
- else
- epatch "${FILESDIR}"/exim-4.80-spool-mail-group.patch # 438606
- fi
-
- # user Exim believes it should be
- MAILUSER=mail
- MAILGROUP=mail
- if use prefix && [[ ${EUID} != 0 ]] ; then
- MAILUSER=$(id -un)
- MAILGROUP=$(id -gn)
- fi
-}
-
-src_configure() {
- # general config and paths
-
- sed -i.orig \
- -e "/SYSTEM_ALIASES_FILE/s'SYSTEM_ALIASES_FILE'${EPREFIX}/etc/mail/aliases'" \
- "${S}"/src/configure.default || die
-
- sed -i -e 's/^buildname=.*/buildname=exim-gentoo/g' Makefile || die
-
- sed -e "48i\CFLAGS=${CFLAGS}" \
- -e "s:BIN_DIRECTORY=/usr/exim/bin:BIN_DIRECTORY=${EPREFIX}/usr/sbin:" \
- -e "s:EXIM_USER=:EXIM_USER=${MAILUSER}:" \
- -e "s:CONFIGURE_FILE=/usr/exim/configure:CONFIGURE_FILE=${EPREFIX}/etc/exim/exim.conf:" \
- -e "s:ZCAT_COMMAND=.*$:ZCAT_COMMAND=${EPREFIX}/bin/zcat:" \
- -e "s:COMPRESS_COMMAND=.*$:COMPRESS_COMMAND=${EPREFIX}/bin/gzip:" \
- src/EDITME > Local/Makefile
-
- cd Local
-
- cat >> Makefile <<- EOC
- INFO_DIRECTORY=${EPREFIX}/usr/share/info
- PID_FILE_PATH=${EPREFIX}/run/exim.pid
- SPOOL_DIRECTORY=${EPREFIX}/var/spool/exim
- HAVE_ICONV=yes
- EOC
-
- # if we use libiconv, now is the time to tell so
- use !elibc_glibc && echo "EXTRALIBS_EXIM=-liconv" >> Makefile
-
- # support for IPv6
- if use ipv6; then
- cat >> Makefile <<- EOC
- HAVE_IPV6=YES
- EOC
- fi
-
- #
- # mail storage formats
-
- # mailstore is Exim's traditional storage format
- cat >> Makefile <<- EOC
- SUPPORT_MAILSTORE=yes
- EOC
-
- # mbox
- if use mbx; then
- cat >> Makefile <<- EOC
- SUPPORT_MBX=yes
- EOC
- fi
-
- # maildir
- if use maildir; then
- cat >> Makefile <<- EOC
- SUPPORT_MAILDIR=yes
- EOC
- fi
-
- #
- # lookup methods
-
- # use the "native" interfaces to the DBM and CDB libraries, support
- # passwd and directory lookups by default
- cat >> Makefile <<- EOC
- USE_DB=yes
- DBMLIB=-ldb
- LOOKUP_CDB=yes
- LOOKUP_PASSWD=yes
- LOOKUP_DSEARCH=yes
- EOC
-
- if ! use dnsdb; then
- # DNSDB lookup is enabled by default
- sed -i "s:^LOOKUP_DNSDB=yes:# LOOKUP_DNSDB=yes:" Makefile
- fi
-
- if use ldap; then
- cat >> Makefile <<- EOC
- LOOKUP_LDAP=yes
- LDAP_LIB_TYPE=OPENLDAP2
- LOOKUP_INCLUDE += -I"${EROOT}"usr/include/ldap
- LOOKUP_LIBS += -lldap -llber
- EOC
- fi
-
- if use mysql; then
- cat >> Makefile <<- EOC
- LOOKUP_MYSQL=yes
- LOOKUP_INCLUDE += $(mysql_config --include)
- LOOKUP_LIBS += $(mysql_config --libs)
- EOC
- fi
-
- if use nis; then
- cat >> Makefile <<- EOC
- LOOKUP_NIS=yes
- LOOKUP_NISPLUS=yes
- EOC
- fi
-
- if use postgres; then
- cat >> Makefile <<- EOC
- LOOKUP_PGSQL=yes
- LOOKUP_INCLUDE += -I$(pg_config --includedir)
- LOOKUP_LIBS += -L$(pg_config --libdir) -lpq
- EOC
- fi
-
- if use sqlite; then
- cat >> Makefile <<- EOC
- LOOKUP_SQLITE=yes
- LOOKUP_SQLITE_PC=sqlite3
- EOC
- fi
-
- if use redis; then
- cat >> Makefile <<- EOC
- EXPERIMENTAL_REDIS=yes
- LOOKUP_LIBS += -lhiredis
- EOC
- fi
-
- #
- # Exim monitor, enabled by default, controlled via X USE-flag,
- # disable if not requested, bug #46778
- if use X; then
- cp ../exim_monitor/EDITME eximon.conf || die
- else
- sed -i -e '/^EXIM_MONITOR=/s/^/# /' Makefile
- fi
-
- #
- # features
-
- # content scanning support
- if use exiscan-acl; then
- cat >> Makefile <<- EOC
- WITH_CONTENT_SCAN=yes
- WITH_OLD_DEMIME=yes
- EOC
- fi
-
- # DomainKeys Identified Mail, RFC4871
- if ! use dkim; then
- # DKIM is enabled by default
- cat >> Makefile <<- EOC
- DISABLE_DKIM=yes
- EOC
- fi
-
- # Per-Recipient-Data-Response
- if ! use prdr; then
- # PRDR is enabled by default
- cat >> Makefile <<- EOC
- DISABLE_PRDR=yes
- EOC
- fi
-
- # log to syslog
- if use syslog; then
- sed -i "s:LOG_FILE_PATH=/var/log/exim/exim_%s.log:LOG_FILE_PATH=syslog:" Makefile
- cat >> Makefile <<- EOC
- LOG_FILE_PATH=syslog
- EOC
- else
- cat >> Makefile <<- EOC
- LOG_FILE_PATH=${EPREFIX}/var/log/exim/exim_%s.log
- EOC
- fi
-
- # starttls support (ssl)
- if use ssl; then
- echo "SUPPORT_TLS=yes" >> Makefile
- if use gnutls; then
- echo "USE_GNUTLS=yes" >> Makefile
- echo "USE_GNUTLS_PC=gnutls" >> Makefile
- use pkcs11 || echo "AVOID_GNUTLS_PKCS11=yes" >> Makefile
- else
- echo "USE_OPENSSL_PC=openssl" >> Makefile
- fi
- fi
-
- # TCP wrappers
- if use tcpd; then
- cat >> Makefile <<- EOC
- USE_TCP_WRAPPERS=yes
- EXTRALIBS_EXIM += -lwrap
- EOC
- fi
-
- # Light Mail Transport Protocol
- if use lmtp; then
- cat >> Makefile <<- EOC
- TRANSPORT_LMTP=yes
- EOC
- fi
-
- # embedded Perl
- if use perl; then
- cat >> Makefile <<- EOC
- EXIM_PERL=perl.o
- EOC
- fi
-
- # dlfunc
- if use dlfunc; then
- cat >> Makefile <<- EOC
- EXPAND_DLFUNC=yes
- EOC
- fi
-
- #
- # experimental features
-
- # Distributed Checksum Clearinghouse
- if use dcc; then
- echo "EXPERIMENTAL_DCC=yes">> Makefile
- fi
-
- # Sender Policy Framework
- if use spf; then
- cat >> Makefile <<- EOC
- EXPERIMENTAL_SPF=yes
- EXTRALIBS_EXIM += -lspf2
- EOC
- fi
-
- # Sender Rewriting Scheme
- if use srs; then
- cat >> Makefile <<- EOC
- EXPERIMENTAL_SRS=yes
- EXTRALIBS_EXIM += -lsrs_alt
- EOC
- fi
-
- # DMARC
- if use dmarc; then
- cat >> Makefile <<- EOC
- EXPERIMENTAL_DMARC=yes
- EXTRALIBS_EXIM += -lopendmarc
- EOC
- fi
-
- # Transport post-delivery actions
- if use tpda; then
- cat >> Makefile <<- EOC
- EXPERIMENTAL_EVENT=yes
- EOC
- fi
-
- # Proxy Protocol
- if use proxy; then
- cat >> Makefile <<- EOC
- EXPERIMENTAL_PROXY=yes
- EOC
- fi
-
- # Delivery Sender Notifications
- if use dsn; then
- cat >> Makefile <<- EOC
- EXPERIMENTAL_DSN=yes
- EOC
- fi
-
- #
- # authentication (SMTP AUTH)
-
- # standard bits
- cat >> Makefile <<- EOC
- AUTH_SPA=yes
- AUTH_CRAM_MD5=yes
- AUTH_PLAINTEXT=yes
- EOC
-
- # Cyrus SASL
- if use sasl; then
- cat >> Makefile <<- EOC
- CYRUS_SASLAUTHD_SOCKET=${EPREFIX}/run/saslauthd/mux
- AUTH_CYRUS_SASL=yes
- AUTH_LIBS += -lsasl2
- EOC
- fi
-
- # Dovecot
- if use dovecot-sasl; then
- cat >> Makefile <<- EOC
- AUTH_DOVECOT=yes
- EOC
- fi
-
- # Pluggable Authentication Modules
- if use pam; then
- cat >> Makefile <<- EOC
- SUPPORT_PAM=yes
- AUTH_LIBS += -lpam
- EOC
- fi
-
- # Radius
- if use radius; then
- cat >> Makefile <<- EOC
- RADIUS_CONFIG_FILE=${EPREFIX}/etc/radiusclient/radiusclient.conf
- RADIUS_LIB_TYPE=RADIUSCLIENT
- AUTH_LIBS += -lradiusclient
- EOC
- fi
-}
-
-src_compile() {
- emake -j1 CC="$(tc-getCC)" HOSTCC="$(tc-getCC $CBUILD)" \
- AR="$(tc-getAR) cq" RANLIB="$(tc-getRANLIB)" FULLECHO='' \
- || die "make failed"
-}
-
-src_install () {
- cd "${S}"/build-exim-gentoo || die
- dosbin exim
- if use X; then
- dosbin eximon.bin
- dosbin eximon
- fi
- fperms 4755 /usr/sbin/exim
-
- dosym exim /usr/sbin/sendmail
- dosym exim /usr/sbin/rsmtp
- dosym exim /usr/sbin/rmail
- dosym /usr/sbin/exim /usr/bin/mailq
- dosym /usr/sbin/exim /usr/bin/newaliases
- dosym /usr/sbin/sendmail /usr/lib/sendmail
-
- for i in exicyclog exim_dbmbuild exim_dumpdb exim_fixdb exim_lock \
- exim_tidydb exinext exiwhat exigrep eximstats exiqsumm exiqgrep \
- convert4r3 convert4r4 exipick
- do
- dosbin $i
- done
-
- dodoc "${S}"/doc/*
- doman "${S}"/doc/exim.8
- use dsn && dodoc "${S}"/README.DSN
- use doc && dohtml -r "${WORKDIR}"/${PN}-html-${PV//rc/RC}/doc/html/spec_html/*
-
- # conf files
- insinto /etc/exim
- newins "${S}"/src/configure.default exim.conf.dist
- if use exiscan-acl; then
- newins "${S}"/src/configure.default exim.conf.exiscan-acl
- fi
- doins "${WORKDIR}"/system_filter.exim
- doins "${FILESDIR}"/auth_conf.sub
-
- pamd_mimic system-auth exim auth account
-
- # headers, #436406
- if use dlfunc ; then
- # fixup includes so they actually can be found when including
- sed -i \
- -e '/#include "\(config\|store\|mytypes\).h"/s:"\(.\+\)":<exim/\1>:' \
- local_scan.h || die
- insinto /usr/include/exim
- doins {config,local_scan}.h ../src/{mytypes,store}.h
- fi
-
- insinto /etc/logrotate.d
- newins "${FILESDIR}/exim.logrotate" exim
-
- newinitd "${FILESDIR}"/exim.rc9 exim
- newconfd "${FILESDIR}"/exim.confd exim
-
- systemd_dounit "${FILESDIR}"/{exim.service,exim.socket,exim-submission.socket}
- systemd_newunit "${FILESDIR}"/exim_at.service 'exim@.service'
- systemd_newunit "${FILESDIR}"/exim-submission_at.service 'exim-submission@.service'
-
- diropts -m 0750 -o ${MAILUSER} -g ${MAILGROUP}
- dodir /var/log/${PN}
-}
-
-pkg_postinst() {
- if [[ ! -f ${EROOT}etc/exim/exim.conf ]] ; then
- einfo "${EROOT}etc/exim/system_filter.exim is a sample system_filter."
- einfo "${EROOT}etc/exim/auth_conf.sub contains the configuration sub for using smtp auth."
- einfo "Please create ${EROOT}etc/exim/exim.conf from ${EROOT}etc/exim/exim.conf.dist."
- fi
- if use dcc ; then
- einfo "DCC support is experimental, you can find some limited"
- einfo "documentation at the bottom of this prerelease message:"
- einfo "http://article.gmane.org/gmane.mail.exim.devel/3579"
- fi
- use spf && einfo "SPF support is experimental"
- use srs && einfo "SRS support is experimental"
- if use dmarc ; then
- einfo "DMARC support is experimental. See global settings to"
- einfo "configure DMARC, for usage see the documentation at "
- einfo "experimental-spec.txt."
- fi
- use tpda && einfo "TPDA/EVENT support is experimental"
- use proxy && einfo "proxy support is experimental"
- if use dsn ; then
- einfo "Starting from Exim 4.83, DSN support comes from upstream."
- einfo "DSN support is an experimental feature. If you used DSN"
- einfo "support prior to 4.83, make sure to remove all dsn_process"
- einfo "switches from your routers, see https://bugs.gentoo.org/511818"
- fi
- einfo "Exim maintains some db files under its spool directory that need"
- einfo "cleaning from time to time. (${EROOT}var/spool/exim/db)"
- einfo "Please use the exim_tidydb tool as documented in the Exim manual:"
- einfo "http://www.exim.org/exim-html-current/doc/html/spec_html/ch-exim_utilities.html#SECThindatmai"
-}
diff --git a/mail-mta/exim/exim-4.86-r1.ebuild b/mail-mta/exim/exim-4.86-r1.ebuild
deleted file mode 100644
index 179aada..0000000
--- a/mail-mta/exim/exim-4.86-r1.ebuild
+++ /dev/null
@@ -1,511 +0,0 @@
-# Copyright 1999-2016 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-# $Id$
-
-EAPI="5"
-
-inherit eutils toolchain-funcs multilib pam systemd
-
-IUSE="dcc +dkim dlfunc dmarc +dnsdb doc dovecot-sasl dsn exiscan-acl gnutls ipv6 ldap libressl lmtp maildir mbx mysql nis pam perl pkcs11 postgres +prdr proxy radius redis sasl selinux spf sqlite srs ssl syslog tcpd tpda X"
-REQUIRED_USE="spf? ( exiscan-acl ) srs? ( exiscan-acl ) dmarc? ( spf dkim ) pkcs11? ( gnutls )"
-
-COMM_URI="ftp://ftp.exim.org/pub/exim/exim4$([[ ${PV} == *_rc* ]] && echo /test)"
-
-DESCRIPTION="A highly configurable, drop-in replacement for sendmail"
-SRC_URI="${COMM_URI}/${P//rc/RC}.tar.bz2
- mirror://gentoo/system_filter.exim.gz
- doc? ( ${COMM_URI}/${PN}-html-${PV//rc/RC}.tar.bz2 )"
-HOMEPAGE="http://www.exim.org/"
-
-SLOT="0"
-LICENSE="GPL-2"
-KEYWORDS="~alpha ~amd64 ~hppa ~ia64 ~ppc ~ppc64 ~sparc ~x86 ~x86-fbsd ~x86-solaris"
-
-COMMON_DEPEND=">=sys-apps/sed-4.0.5
- >=sys-libs/db-3.2:=
- dev-libs/libpcre
- perl? ( dev-lang/perl:= )
- pam? ( virtual/pam )
- tcpd? ( sys-apps/tcp-wrappers )
- ssl? (
- !libressl? ( dev-libs/openssl:0= )
- libressl? ( dev-libs/libressl:= )
- )
- gnutls? ( net-libs/gnutls[pkcs11?]
- dev-libs/libtasn1 )
- ldap? ( >=net-nds/openldap-2.0.7 )
- mysql? ( virtual/mysql )
- postgres? ( dev-db/postgresql:= )
- sasl? ( >=dev-libs/cyrus-sasl-2.1.26-r2 )
- redis? ( dev-libs/hiredis )
- spf? ( >=mail-filter/libspf2-1.2.5-r1 )
- dmarc? ( mail-filter/opendmarc )
- srs? ( mail-filter/libsrs_alt )
- X? ( x11-proto/xproto
- x11-libs/libX11
- x11-libs/libXmu
- x11-libs/libXt
- x11-libs/libXaw
- )
- sqlite? ( dev-db/sqlite )
- radius? ( net-dialup/radiusclient )
- virtual/libiconv
- "
- # added X check for #57206
-DEPEND="${COMMON_DEPEND}
- virtual/pkgconfig"
-RDEPEND="${COMMON_DEPEND}
- !mail-mta/courier
- !mail-mta/esmtp
- !mail-mta/mini-qmail
- !<mail-mta/msmtp-1.4.19-r1
- !>=mail-mta/msmtp-1.4.19-r1[mta]
- !mail-mta/netqmail
- !mail-mta/nullmailer
- !mail-mta/postfix
- !mail-mta/qmail-ldap
- !mail-mta/sendmail
- !mail-mta/opensmtpd
- !<mail-mta/ssmtp-2.64-r2
- !>=mail-mta/ssmtp-2.64-r2[mta]
- !net-mail/mailwrapper
- >=net-mail/mailbase-0.00-r5
- virtual/logger
- dcc? ( mail-filter/dcc )
- selinux? ( sec-policy/selinux-exim )
- "
-
-S=${WORKDIR}/${P//rc/RC}
-
-src_prepare() {
- epatch "${FILESDIR}"/exim-4.14-tail.patch
- epatch "${FILESDIR}"/exim-4.74-localscan_dlopen.patch
- epatch "${FILESDIR}"/exim-4.69-r1.27021.patch
- epatch "${FILESDIR}"/exim-4.74-radius-db-ENV-clash.patch # 287426
- epatch "${FILESDIR}"/exim-4.82-makefile-freebsd.patch # 235785
- epatch "${FILESDIR}"/exim-4.77-as-needed-ldflags.patch # 352265, 391279
- epatch "${FILESDIR}"/exim-4.76-crosscompile.patch # 266591
-
- if use maildir ; then
- epatch "${FILESDIR}"/exim-4.20-maildir.patch
- else
- epatch "${FILESDIR}"/exim-4.80-spool-mail-group.patch # 438606
- fi
-
- # user Exim believes it should be
- MAILUSER=mail
- MAILGROUP=mail
- if use prefix && [[ ${EUID} != 0 ]] ; then
- MAILUSER=$(id -un)
- MAILGROUP=$(id -gn)
- fi
-}
-
-src_configure() {
- # general config and paths
-
- sed -i.orig \
- -e "/SYSTEM_ALIASES_FILE/s'SYSTEM_ALIASES_FILE'${EPREFIX}/etc/mail/aliases'" \
- "${S}"/src/configure.default || die
-
- sed -i -e 's/^buildname=.*/buildname=exim-gentoo/g' Makefile || die
-
- sed -e "48i\CFLAGS=${CFLAGS}" \
- -e "s:BIN_DIRECTORY=/usr/exim/bin:BIN_DIRECTORY=${EPREFIX}/usr/sbin:" \
- -e "s:EXIM_USER=:EXIM_USER=${MAILUSER}:" \
- -e "s:CONFIGURE_FILE=/usr/exim/configure:CONFIGURE_FILE=${EPREFIX}/etc/exim/exim.conf:" \
- -e "s:ZCAT_COMMAND=.*$:ZCAT_COMMAND=${EPREFIX}/bin/zcat:" \
- -e "s:COMPRESS_COMMAND=.*$:COMPRESS_COMMAND=${EPREFIX}/bin/gzip:" \
- src/EDITME > Local/Makefile
-
- cd Local
-
- cat >> Makefile <<- EOC
- INFO_DIRECTORY=${EPREFIX}/usr/share/info
- PID_FILE_PATH=${EPREFIX}/run/exim.pid
- SPOOL_DIRECTORY=${EPREFIX}/var/spool/exim
- HAVE_ICONV=yes
- EOC
-
- # if we use libiconv, now is the time to tell so
- use !elibc_glibc && echo "EXTRALIBS_EXIM=-liconv" >> Makefile
-
- # support for IPv6
- if use ipv6; then
- cat >> Makefile <<- EOC
- HAVE_IPV6=YES
- EOC
- fi
-
- #
- # mail storage formats
-
- # mailstore is Exim's traditional storage format
- cat >> Makefile <<- EOC
- SUPPORT_MAILSTORE=yes
- EOC
-
- # mbox
- if use mbx; then
- cat >> Makefile <<- EOC
- SUPPORT_MBX=yes
- EOC
- fi
-
- # maildir
- if use maildir; then
- cat >> Makefile <<- EOC
- SUPPORT_MAILDIR=yes
- EOC
- fi
-
- #
- # lookup methods
-
- # use the "native" interfaces to the DBM and CDB libraries, support
- # passwd and directory lookups by default
- cat >> Makefile <<- EOC
- USE_DB=yes
- DBMLIB=-ldb
- LOOKUP_CDB=yes
- LOOKUP_PASSWD=yes
- LOOKUP_DSEARCH=yes
- EOC
-
- if ! use dnsdb; then
- # DNSDB lookup is enabled by default
- sed -i "s:^LOOKUP_DNSDB=yes:# LOOKUP_DNSDB=yes:" Makefile
- fi
-
- if use ldap; then
- cat >> Makefile <<- EOC
- LOOKUP_LDAP=yes
- LDAP_LIB_TYPE=OPENLDAP2
- LOOKUP_INCLUDE += -I"${EROOT}"usr/include/ldap
- LOOKUP_LIBS += -lldap -llber
- EOC
- fi
-
- if use mysql; then
- cat >> Makefile <<- EOC
- LOOKUP_MYSQL=yes
- LOOKUP_INCLUDE += $(mysql_config --include)
- LOOKUP_LIBS += $(mysql_config --libs)
- EOC
- fi
-
- if use nis; then
- cat >> Makefile <<- EOC
- LOOKUP_NIS=yes
- LOOKUP_NISPLUS=yes
- EOC
- fi
-
- if use postgres; then
- cat >> Makefile <<- EOC
- LOOKUP_PGSQL=yes
- LOOKUP_INCLUDE += -I$(pg_config --includedir)
- LOOKUP_LIBS += -L$(pg_config --libdir) -lpq
- EOC
- fi
-
- if use sqlite; then
- cat >> Makefile <<- EOC
- LOOKUP_SQLITE=yes
- LOOKUP_SQLITE_PC=sqlite3
- EOC
- fi
-
- if use redis; then
- cat >> Makefile <<- EOC
- EXPERIMENTAL_REDIS=yes
- LOOKUP_LIBS += -lhiredis
- EOC
- fi
-
- #
- # Exim monitor, enabled by default, controlled via X USE-flag,
- # disable if not requested, bug #46778
- if use X; then
- cp ../exim_monitor/EDITME eximon.conf || die
- else
- sed -i -e '/^EXIM_MONITOR=/s/^/# /' Makefile
- fi
-
- #
- # features
-
- # content scanning support
- if use exiscan-acl; then
- cat >> Makefile <<- EOC
- WITH_CONTENT_SCAN=yes
- WITH_OLD_DEMIME=yes
- EOC
- fi
-
- # DomainKeys Identified Mail, RFC4871
- if ! use dkim; then
- # DKIM is enabled by default
- cat >> Makefile <<- EOC
- DISABLE_DKIM=yes
- EOC
- fi
-
- # Per-Recipient-Data-Response
- if ! use prdr; then
- # PRDR is enabled by default
- cat >> Makefile <<- EOC
- DISABLE_PRDR=yes
- EOC
- fi
-
- # log to syslog
- if use syslog; then
- sed -i "s:LOG_FILE_PATH=/var/log/exim/exim_%s.log:LOG_FILE_PATH=syslog:" Makefile
- cat >> Makefile <<- EOC
- LOG_FILE_PATH=syslog
- EOC
- else
- cat >> Makefile <<- EOC
- LOG_FILE_PATH=${EPREFIX}/var/log/exim/exim_%s.log
- EOC
- fi
-
- # starttls support (ssl)
- if use ssl; then
- echo "SUPPORT_TLS=yes" >> Makefile
- if use gnutls; then
- echo "USE_GNUTLS=yes" >> Makefile
- echo "USE_GNUTLS_PC=gnutls" >> Makefile
- use pkcs11 || echo "AVOID_GNUTLS_PKCS11=yes" >> Makefile
- else
- echo "USE_OPENSSL_PC=openssl" >> Makefile
- fi
- fi
-
- # TCP wrappers
- if use tcpd; then
- cat >> Makefile <<- EOC
- USE_TCP_WRAPPERS=yes
- EXTRALIBS_EXIM += -lwrap
- EOC
- fi
-
- # Light Mail Transport Protocol
- if use lmtp; then
- cat >> Makefile <<- EOC
- TRANSPORT_LMTP=yes
- EOC
- fi
-
- # embedded Perl
- if use perl; then
- cat >> Makefile <<- EOC
- EXIM_PERL=perl.o
- EOC
- fi
-
- # dlfunc
- if use dlfunc; then
- cat >> Makefile <<- EOC
- EXPAND_DLFUNC=yes
- EOC
- fi
-
- #
- # experimental features
-
- # Distributed Checksum Clearinghouse
- if use dcc; then
- echo "EXPERIMENTAL_DCC=yes">> Makefile
- fi
-
- # Sender Policy Framework
- if use spf; then
- cat >> Makefile <<- EOC
- EXPERIMENTAL_SPF=yes
- EXTRALIBS_EXIM += -lspf2
- EOC
- fi
-
- # Sender Rewriting Scheme
- if use srs; then
- cat >> Makefile <<- EOC
- EXPERIMENTAL_SRS=yes
- EXTRALIBS_EXIM += -lsrs_alt
- EOC
- fi
-
- # DMARC
- if use dmarc; then
- cat >> Makefile <<- EOC
- EXPERIMENTAL_DMARC=yes
- EXTRALIBS_EXIM += -lopendmarc
- EOC
- fi
-
- # Transport post-delivery actions
- if use tpda; then
- cat >> Makefile <<- EOC
- EXPERIMENTAL_EVENT=yes
- EOC
- fi
-
- # Proxy Protocol
- if use proxy; then
- cat >> Makefile <<- EOC
- EXPERIMENTAL_PROXY=yes
- EOC
- fi
-
- # Delivery Sender Notifications
- if use dsn; then
- cat >> Makefile <<- EOC
- EXPERIMENTAL_DSN=yes
- EOC
- fi
-
- #
- # authentication (SMTP AUTH)
-
- # standard bits
- cat >> Makefile <<- EOC
- AUTH_SPA=yes
- AUTH_CRAM_MD5=yes
- AUTH_PLAINTEXT=yes
- EOC
-
- # Cyrus SASL
- if use sasl; then
- cat >> Makefile <<- EOC
- CYRUS_SASLAUTHD_SOCKET=${EPREFIX}/run/saslauthd/mux
- AUTH_CYRUS_SASL=yes
- AUTH_LIBS += -lsasl2
- EOC
- fi
-
- # Dovecot
- if use dovecot-sasl; then
- cat >> Makefile <<- EOC
- AUTH_DOVECOT=yes
- EOC
- fi
-
- # Pluggable Authentication Modules
- if use pam; then
- cat >> Makefile <<- EOC
- SUPPORT_PAM=yes
- AUTH_LIBS += -lpam
- EOC
- fi
-
- # Radius
- if use radius; then
- cat >> Makefile <<- EOC
- RADIUS_CONFIG_FILE=${EPREFIX}/etc/radiusclient/radiusclient.conf
- RADIUS_LIB_TYPE=RADIUSCLIENT
- AUTH_LIBS += -lradiusclient
- EOC
- fi
-}
-
-src_compile() {
- emake -j1 CC="$(tc-getCC)" HOSTCC="$(tc-getCC $CBUILD)" \
- AR="$(tc-getAR) cq" RANLIB="$(tc-getRANLIB)" FULLECHO='' \
- || die "make failed"
-}
-
-src_install () {
- cd "${S}"/build-exim-gentoo || die
- dosbin exim
- if use X; then
- dosbin eximon.bin
- dosbin eximon
- fi
- fperms 4755 /usr/sbin/exim
-
- dosym exim /usr/sbin/sendmail
- dosym exim /usr/sbin/rsmtp
- dosym exim /usr/sbin/rmail
- dosym /usr/sbin/exim /usr/bin/mailq
- dosym /usr/sbin/exim /usr/bin/newaliases
- dosym /usr/sbin/sendmail /usr/lib/sendmail
-
- for i in exicyclog exim_dbmbuild exim_dumpdb exim_fixdb exim_lock \
- exim_tidydb exinext exiwhat exigrep eximstats exiqsumm exiqgrep \
- convert4r3 convert4r4 exipick
- do
- dosbin $i
- done
-
- dodoc "${S}"/doc/*
- doman "${S}"/doc/exim.8
- use dsn && dodoc "${S}"/README.DSN
- use doc && dohtml -r "${WORKDIR}"/${PN}-html-${PV//rc/RC}/doc/html/spec_html/*
-
- # conf files
- insinto /etc/exim
- newins "${S}"/src/configure.default exim.conf.dist
- if use exiscan-acl; then
- newins "${S}"/src/configure.default exim.conf.exiscan-acl
- fi
- doins "${WORKDIR}"/system_filter.exim
- doins "${FILESDIR}"/auth_conf.sub
-
- pamd_mimic system-auth exim auth account
-
- # headers, #436406
- if use dlfunc ; then
- # fixup includes so they actually can be found when including
- sed -i \
- -e '/#include "\(config\|store\|mytypes\).h"/s:"\(.\+\)":<exim/\1>:' \
- local_scan.h || die
- insinto /usr/include/exim
- doins {config,local_scan}.h ../src/{mytypes,store}.h
- fi
-
- insinto /etc/logrotate.d
- newins "${FILESDIR}/exim.logrotate" exim
-
- newinitd "${FILESDIR}"/exim.rc9 exim
- newconfd "${FILESDIR}"/exim.confd exim
-
- systemd_dounit "${FILESDIR}"/{exim.service,exim.socket,exim-submission.socket}
- systemd_newunit "${FILESDIR}"/exim_at.service 'exim@.service'
- systemd_newunit "${FILESDIR}"/exim-submission_at.service 'exim-submission@.service'
-
- diropts -m 0750 -o ${MAILUSER} -g ${MAILGROUP}
- dodir /var/log/${PN}
-}
-
-pkg_postinst() {
- if [[ ! -f ${EROOT}etc/exim/exim.conf ]] ; then
- einfo "${EROOT}etc/exim/system_filter.exim is a sample system_filter."
- einfo "${EROOT}etc/exim/auth_conf.sub contains the configuration sub for using smtp auth."
- einfo "Please create ${EROOT}etc/exim/exim.conf from ${EROOT}etc/exim/exim.conf.dist."
- fi
- if use dcc ; then
- einfo "DCC support is experimental, you can find some limited"
- einfo "documentation at the bottom of this prerelease message:"
- einfo "http://article.gmane.org/gmane.mail.exim.devel/3579"
- fi
- use spf && einfo "SPF support is experimental"
- use srs && einfo "SRS support is experimental"
- if use dmarc ; then
- einfo "DMARC support is experimental. See global settings to"
- einfo "configure DMARC, for usage see the documentation at "
- einfo "experimental-spec.txt."
- fi
- use tpda && einfo "TPDA/EVENT support is experimental"
- use proxy && einfo "proxy support is experimental"
- if use dsn ; then
- einfo "Starting from Exim 4.83, DSN support comes from upstream."
- einfo "DSN support is an experimental feature. If you used DSN"
- einfo "support prior to 4.83, make sure to remove all dsn_process"
- einfo "switches from your routers, see https://bugs.gentoo.org/511818"
- fi
- einfo "Exim maintains some db files under its spool directory that need"
- einfo "cleaning from time to time. (${EROOT}var/spool/exim/db)"
- einfo "Please use the exim_tidydb tool as documented in the Exim manual:"
- einfo "http://www.exim.org/exim-html-current/doc/html/spec_html/ch-exim_utilities.html#SECThindatmai"
-}
diff --git a/mail-mta/exim/exim-4.87.ebuild b/mail-mta/exim/exim-4.87.ebuild
index 4a02b8a..e33da0b 100644
--- a/mail-mta/exim/exim-4.87.ebuild
+++ b/mail-mta/exim/exim-4.87.ebuild
@@ -25,7 +25,7 @@ HOMEPAGE="http://www.exim.org/"
SLOT="0"
LICENSE="GPL-2"
-KEYWORDS="alpha amd64 ~arm hppa ia64 ppc ppc64 sparc x86"
+KEYWORDS="alpha amd64 ~arm hppa ia64 ppc ppc64 sparc x86 ~x86-fbsd ~x86-solaris"
COMMON_DEPEND=">=sys-apps/sed-4.0.5
>=sys-libs/db-3.2:=
diff --git a/mail-mta/exim/files/exim-4.77-as-needed-ldflags.patch b/mail-mta/exim/files/exim-4.77-as-needed-ldflags.patch
deleted file mode 100644
index 4eac9aa..0000000
--- a/mail-mta/exim/files/exim-4.77-as-needed-ldflags.patch
+++ /dev/null
@@ -1,144 +0,0 @@
-https://bugs.gentoo.org/show_bug.cgi?id=352265
-
-Make sure LDFLAGS comes first, such that all libraries are considered,
-and not discarded when --as-needed is in effect.
-
-https://bugs.gentoo.org/show_bug.cgi?id=391279
-
-Use LDFLAGS for all targets, not just the exim binary, such that
---as-needed works as well.
-
-
---- OS/Makefile-Base
-+++ OS/Makefile-Base
-@@ -327,12 +327,12 @@
- $(FE)$(CC) -c $(CFLAGS) $(INCLUDE) $(IPV6_INCLUDE) $(TLS_INCLUDE) version.c
- rm -f exim
- @echo "$(LNCC) -o exim"
-- $(FE)$(PURIFY) $(LNCC) -o exim $(LFLAGS) $(OBJ_EXIM) version.o \
-+ $(FE)$(PURIFY) $(LNCC) -o exim $(LDFLAGS) $(OBJ_EXIM) version.o \
- routers/routers.a transports/transports.a lookups/lookups.a \
- auths/auths.a pdkim/pdkim.a \
- $(LIBRESOLV) $(LIBS) $(LIBS_EXIM) $(IPV6_LIBS) $(EXTRALIBS) \
- $(EXTRALIBS_EXIM) $(DBMLIB) $(LOOKUP_LIBS) $(AUTH_LIBS) \
-- $(PERL_LIBS) $(TLS_LIBS) $(PCRE_LIBS) $(LDFLAGS)
-+ $(PERL_LIBS) $(TLS_LIBS) $(PCRE_LIBS) $(LFLAGS)
- @if [ x"$(STRIP_COMMAND)" != x"" ]; then \
- echo $(STRIP_COMMAND) exim; \
- $(STRIP_COMMAND) exim; \
-@@ -340,8 +340,8 @@
-
- exim_dumpdb: $(OBJ_DUMPDB)
- @echo "$(LNCC) -o exim_dumpdb"
-- $(FE)$(LNCC) $(CFLAGS) $(INCLUDE) -o exim_dumpdb $(LFLAGS) $(OBJ_DUMPDB) \
-- $(LIBS) $(EXTRALIBS) $(DBMLIB)
-+ $(FE)$(LNCC) $(CFLAGS) $(INCLUDE) -o exim_dumpdb $(LDFLAGS) $(OBJ_DUMPDB) \
-+ $(LIBS) $(EXTRALIBS) $(DBMLIB) $(LFLAGS)
- @if [ x"$(STRIP_COMMAND)" != x"" ]; then \
- echo $(STRIP_COMMAND) exim_dumpdb; \
- $(STRIP_COMMAND) exim_dumpdb; \
-@@ -355,8 +355,8 @@
-
- exim_fixdb: $(OBJ_FIXDB) auths/auths.a
- @echo "$(LNCC) -o exim_fixdb"
-- $(FE)$(LNCC) $(CFLAGS) $(INCLUDE) -o exim_fixdb $(LFLAGS) $(OBJ_FIXDB) \
-- auths/auths.a $(LIBS) $(EXTRALIBS) $(DBMLIB)
-+ $(FE)$(LNCC) $(CFLAGS) $(INCLUDE) -o exim_fixdb $(LDFLAGS) $(OBJ_FIXDB) \
-+ auths/auths.a $(LIBS) $(EXTRALIBS) $(DBMLIB) $(LFLAGS)
- @if [ x"$(STRIP_COMMAND)" != x"" ]; then \
- echo $(STRIP_COMMAND) exim_fixdb; \
- $(STRIP_COMMAND) exim_fixdb; \
-@@ -370,8 +370,8 @@
-
- exim_tidydb: $(OBJ_TIDYDB)
- @echo "$(LNCC) -o exim_tidydb"
-- $(FE)$(LNCC) $(CFLAGS) $(INCLUDE) -o exim_tidydb $(LFLAGS) $(OBJ_TIDYDB) \
-- $(LIBS) $(EXTRALIBS) $(DBMLIB)
-+ $(FE)$(LNCC) $(CFLAGS) $(INCLUDE) -o exim_tidydb $(LDFLAGS) $(OBJ_TIDYDB) \
-+ $(LIBS) $(EXTRALIBS) $(DBMLIB) $(LFLAGS)
- @if [ x"$(STRIP_COMMAND)" != x"" ]; then \
- echo $(STRIP_COMMAND) exim_tidydb; \
- $(STRIP_COMMAND) exim_tidydb; \
-@@ -383,8 +383,8 @@
-
- exim_dbmbuild: exim_dbmbuild.o
- @echo "$(LNCC) -o exim_dbmbuild"
-- $(FE)$(LNCC) -o exim_dbmbuild $(LFLAGS) exim_dbmbuild.o \
-- $(LIBS) $(EXTRALIBS) $(DBMLIB)
-+ $(FE)$(LNCC) -o exim_dbmbuild $(LDFLAGS) exim_dbmbuild.o \
-+ $(LIBS) $(EXTRALIBS) $(DBMLIB) $(LFLAGS)
- @if [ x"$(STRIP_COMMAND)" != x"" ]; then \
- echo $(STRIP_COMMAND) exim_dbmbuild; \
- $(STRIP_COMMAND) exim_dbmbuild; \
-@@ -398,8 +398,8 @@
- @echo "$(CC) exim_lock.c"
- $(FE)$(CC) -c $(CFLAGS) $(INCLUDE) exim_lock.c
- @echo "$(LNCC) -o exim_lock"
-- $(FE)$(LNCC) -o exim_lock $(LFLAGS) exim_lock.o \
-- $(LIBS) $(EXTRALIBS)
-+ $(FE)$(LNCC) -o exim_lock $(LDFLAGS) exim_lock.o \
-+ $(LIBS) $(EXTRALIBS) $(LFLAGS)
- @if [ x"$(STRIP_COMMAND)" != x"" ]; then \
- echo $(STRIP_COMMAND) exim_lock; \
- $(STRIP_COMMAND) exim_lock; \
-@@ -429,9 +429,9 @@
- $(FE)$(CC) -o em_version.o -c \
- $(CFLAGS) $(XINCLUDE) -I. ../exim_monitor/em_version.c
- @echo "$(LNCC) -o eximon.bin"
-- $(FE)$(PURIFY) $(LNCC) -o eximon.bin em_version.o $(LFLAGS) $(XLFLAGS) \
-+ $(FE)$(PURIFY) $(LNCC) -o eximon.bin em_version.o $(LDFLAGS) $(XLFLAGS) \
- $(OBJ_MONBIN) -lXaw -lXmu -lXt -lXext -lX11 $(PCRE_LIBS) \
-- $(LIBS) $(LIBS_EXIMON) $(EXTRALIBS) $(EXTRALIBS_EXIMON) -lc
-+ $(LIBS) $(LIBS_EXIMON) $(EXTRALIBS) $(EXTRALIBS_EXIMON) -lc $(LFLAGS)
- @if [ x"$(STRIP_COMMAND)" != x"" ]; then \
- echo $(STRIP_COMMAND) eximon.bin; \
- $(STRIP_COMMAND) eximon.bin; \
-@@ -706,9 +706,9 @@
- test_dbfn: config.h dbfn.c dummies.o sa-globals.o sa-os.o store.o \
- string.o tod.o version.o
- $(CC) -c $(CFLAGS) $(INCLUDE) -DSTAND_ALONE dbfn.c
-- $(LNCC) -o test_dbfn $(LFLAGS) dbfn.o \
-+ $(LNCC) -o test_dbfn $(LDFLAGS) dbfn.o \
- dummies.o sa-globals.o sa-os.o store.o string.o \
-- tod.o version.o $(LIBS) $(DBMLIB)
-+ tod.o version.o $(LIBS) $(DBMLIB) $(LFLAGS)
- rm -f dbfn.o
-
- test_host: config.h child.c host.c dns.c dummies.c sa-globals.o os.o \
-@@ -717,28 +717,28 @@
- $(CC) -c $(CFLAGS) $(INCLUDE) -DSTAND_ALONE -DTEST_HOST host.c
- $(CC) -c $(CFLAGS) $(INCLUDE) -DSTAND_ALONE -DTEST_HOST dns.c
- $(CC) -c $(CFLAGS) $(INCLUDE) -DSTAND_ALONE -DTEST_HOST dummies.c
-- $(LNCC) -o test_host $(LFLAGS) \
-+ $(LNCC) -o test_host $(LDFLAGS) \
- host.o child.o dns.o dummies.o sa-globals.o os.o store.o string.o \
-- tod.o tree.o $(LIBS) $(LIBRESOLV)
-+ tod.o tree.o $(LIBS) $(LIBRESOLV) $(LFLAGS)
- rm -f child.o dummies.o host.o dns.o
-
- test_os: os.h os.c dummies.o sa-globals.o store.o string.o tod.o
- $(CC) -c $(CFLAGS) $(INCLUDE) -DSTAND_ALONE os.c
-- $(LNCC) -o test_os $(LFLAGS) os.o dummies.o \
-- sa-globals.o store.o string.o tod.o $(LIBS)
-+ $(LNCC) -o test_os $(LDFLAGS) os.o dummies.o \
-+ sa-globals.o store.o string.o tod.o $(LIBS) $(LFLAGS)
- rm -f os.o
-
- test_parse: config.h parse.c dummies.o sa-globals.o \
- store.o string.o tod.o version.o
- $(CC) -c $(CFLAGS) $(INCLUDE) -DSTAND_ALONE parse.c
-- $(LNCC) -o test_parse $(LFLAGS) parse.o \
-- dummies.o sa-globals.o store.o string.o tod.o version.o
-+ $(LNCC) -o test_parse $(LDFLAGS) parse.o \
-+ dummies.o sa-globals.o store.o string.o tod.o version.o $(LFLAGS)
- rm -f parse.o
-
- test_string: config.h string.c dummies.o sa-globals.o store.o tod.o
- $(CC) -c $(CFLAGS) $(INCLUDE) -DSTAND_ALONE string.c
-- $(LNCC) -o test_string $(LFLAGS) -DSTAND_ALONE string.o \
-- dummies.o sa-globals.o store.o tod.o $(LIBS)
-+ $(LNCC) -o test_string $(LDFLAGS) -DSTAND_ALONE string.o \
-+ dummies.o sa-globals.o store.o tod.o $(LIBS) $(LFLAGS)
- rm -f string.o
-
- # End
^ permalink raw reply related [flat|nested] 24+ messages in thread
* [gentoo-commits] repo/gentoo:master commit in: mail-mta/exim/files/, mail-mta/exim/
@ 2016-09-25 8:56 Fabian Groffen
0 siblings, 0 replies; 24+ messages in thread
From: Fabian Groffen @ 2016-09-25 8:56 UTC (permalink / raw
To: gentoo-commits
commit: 3090f391bcb7eba85e47d5e2bd0906b028211c46
Author: Fabian Groffen <grobian <AT> gentoo <DOT> org>
AuthorDate: Sun Sep 25 08:53:46 2016 +0000
Commit: Fabian Groffen <grobian <AT> gentoo <DOT> org>
CommitDate: Sun Sep 25 08:53:46 2016 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=3090f391
mail-mta/exim: version bump to 4.88_rc1 (masked)
Package-Manager: portage-2.2.28
mail-mta/exim/Manifest | 2 +
mail-mta/exim/exim-4.88_rc1.ebuild | 525 +++++++++++++++++++++
.../exim/files/exim-4.88-as-needed-ldflags.patch | 145 ++++++
3 files changed, 672 insertions(+)
diff --git a/mail-mta/exim/Manifest b/mail-mta/exim/Manifest
index 9561003..d1279ce 100644
--- a/mail-mta/exim/Manifest
+++ b/mail-mta/exim/Manifest
@@ -1,3 +1,5 @@
DIST exim-4.87.tar.bz2 1801422 SHA256 74691e0dff4d1b5d387e9c33c86f96a8f6d2adbc781c0dec9d2061a847b07dc9 SHA512 2b0d5c82133315c444e29abd182e0866482c904db1abe5ffe9a3008c2174f52eca850a433c069b4102874dc32bbe4af112beac94ffa154f1c06615c24deb47a4 WHIRLPOOL 3aede6629fbf41a71f6907e636458165258b523a3080d0b59ba6b295c1a258d8ce205a3295d4c49c2e6e88ef597b64895684fd47a3f5c3fba360d8e56be5f7f9
+DIST exim-4.88_RC1.tar.bz2 1805625 SHA256 025362da42722a6f67204afc042641085ee17c5aee75ea06cc2f8c1e072e8630 SHA512 f1ac89feb57ff5b3f4ae437c761c40c89b831ece499f0a593769022f494045808da63ca89b4ebe351ea25413c1815b570d30d24fea4a425d67d72160ca11439c WHIRLPOOL c8d5412131b9a5d49ce3cc2229eb1f301ef5c6e24a7edaf687c230079249f27d9a40a9df7a3a6e4874a2327cc4750838980b76ab486b960e6490b606c885040f
DIST exim-html-4.87.tar.bz2 478953 SHA256 8f87876d4a392f59d1009ba64ac461862951a3f4eed9c0b14a49be7bcbdc1f12 SHA512 224884abfd7ab9a2410dbdd24bb65545faf427f1b83a942c6c72309e7d85771f78bf7dc5ec1439de95e1038959cdfc4ab549abb98852c8b17c8310b51ad0385c WHIRLPOOL 0444f0b8d8f2e6fab66e9ec7b169eb1d175247e31c323f0a2817b60e2ce6b75057c8d38477697472b009f73fd4b285595b8ca09bac845763767e8146d6c87491
+DIST exim-pdf-4.88_RC1.tar.bz2 1916887 SHA256 76689b11b8e6d450e9a1eeba5b8542e59cd9daf3f1593ae2560c9ae9309d4cdc SHA512 a785c394af0880ca00d98f72ca3ce83499e9d1283c9b8e694e742c2d1ed1404febb7b8cda70330057bba8ed4702f7f18f80676a42e95c00a549473ae33acd381 WHIRLPOOL 5fb5bdefaf7f5080da3d64d7aa377358b7fdbfd56b6f2f2a5d63da45b5e1fbbde3c866f634ebcf6eb72e79fc566c00c5d0d1d56305c014754deb8f0c7302f2af
DIST system_filter.exim.gz 3075 SHA256 3a3471b486a09e0a0153f7b520e1eaf26d21b97d73ea8348bdc593c00eb1e437 SHA512 cb358d3ce2499a0bb5920d962a06f2af8486e55ec90c8c928bd8e3aefb279aa57f5f960d5adfcef68bd94110b405eaa144e9629cfe6014a529c79c544600bbf3 WHIRLPOOL ce68d9c18b24eca3ef97ea810964cc1ada5f85b795a7c432ad39b5788188a16419101c92fb52b418738d760e1d658f7a41485e5561079a667d84d276c71be5a4
diff --git a/mail-mta/exim/exim-4.88_rc1.ebuild b/mail-mta/exim/exim-4.88_rc1.ebuild
new file mode 100644
index 00000000..994f9f7
--- /dev/null
+++ b/mail-mta/exim/exim-4.88_rc1.ebuild
@@ -0,0 +1,525 @@
+# Copyright 1999-2016 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+EAPI="5"
+
+inherit eutils toolchain-funcs multilib pam systemd
+
+IUSE="dane dcc +dkim dlfunc dmarc +dnsdb doc dovecot-sasl dsn exiscan-acl gnutls ipv6 ldap libressl lmtp maildir mbx mysql nis pam perl pkcs11 postgres +prdr proxy radius redis sasl selinux spf sqlite srs ssl syslog tcpd tpda X elibc_glibc"
+REQUIRED_USE="
+ dane? ( !gnutls )
+ dmarc? ( spf dkim )
+ pkcs11? ( gnutls )
+ spf? ( exiscan-acl )
+ srs? ( exiscan-acl )
+"
+
+COMM_URI="ftp://ftp.exim.org/pub/exim/exim4$([[ ${PV} == *_rc* ]] && echo /test)"
+
+DESCRIPTION="A highly configurable, drop-in replacement for sendmail"
+SRC_URI="${COMM_URI}/${P//rc/RC}.tar.bz2
+ mirror://gentoo/system_filter.exim.gz
+ doc? ( ${COMM_URI}/${PN}-pdf-${PV//rc/RC}.tar.bz2 )"
+HOMEPAGE="http://www.exim.org/"
+
+SLOT="0"
+LICENSE="GPL-2"
+KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~ppc ~ppc64 ~sparc ~x86 ~x86-fbsd ~x86-solaris"
+
+COMMON_DEPEND=">=sys-apps/sed-4.0.5
+ >=sys-libs/db-3.2:=
+ dev-libs/libpcre
+ perl? ( dev-lang/perl:= )
+ pam? ( virtual/pam )
+ tcpd? ( sys-apps/tcp-wrappers )
+ ssl? (
+ !libressl? ( dev-libs/openssl:0= )
+ libressl? ( dev-libs/libressl:= )
+ )
+ gnutls? ( net-libs/gnutls[pkcs11?]
+ dev-libs/libtasn1 )
+ ldap? ( >=net-nds/openldap-2.0.7 )
+ nis? ( elibc_glibc? ( || (
+ <sys-libs/glibc-2.23
+ >=sys-libs/glibc-2.23[rpc]
+ ) ) )
+ mysql? ( virtual/mysql )
+ postgres? ( dev-db/postgresql:= )
+ sasl? ( >=dev-libs/cyrus-sasl-2.1.26-r2 )
+ redis? ( dev-libs/hiredis )
+ spf? ( >=mail-filter/libspf2-1.2.5-r1 )
+ dmarc? ( mail-filter/opendmarc )
+ srs? ( mail-filter/libsrs_alt )
+ X? ( x11-proto/xproto
+ x11-libs/libX11
+ x11-libs/libXmu
+ x11-libs/libXt
+ x11-libs/libXaw
+ )
+ sqlite? ( dev-db/sqlite )
+ radius? ( net-dialup/freeradius-client )
+ virtual/libiconv
+ "
+ # added X check for #57206
+DEPEND="${COMMON_DEPEND}
+ virtual/pkgconfig"
+RDEPEND="${COMMON_DEPEND}
+ !mail-mta/courier
+ !mail-mta/esmtp
+ !mail-mta/mini-qmail
+ !<mail-mta/msmtp-1.4.19-r1
+ !>=mail-mta/msmtp-1.4.19-r1[mta]
+ !mail-mta/netqmail
+ !mail-mta/nullmailer
+ !mail-mta/postfix
+ !mail-mta/qmail-ldap
+ !mail-mta/sendmail
+ !mail-mta/opensmtpd
+ !<mail-mta/ssmtp-2.64-r2
+ !>=mail-mta/ssmtp-2.64-r2[mta]
+ !net-mail/mailwrapper
+ >=net-mail/mailbase-0.00-r5
+ virtual/logger
+ dcc? ( mail-filter/dcc )
+ selinux? ( sec-policy/selinux-exim )
+ "
+
+S=${WORKDIR}/${P//rc/RC}
+
+src_prepare() {
+ epatch "${FILESDIR}"/exim-4.14-tail.patch
+ epatch "${FILESDIR}"/exim-4.74-localscan_dlopen.patch
+ epatch "${FILESDIR}"/exim-4.69-r1.27021.patch
+ epatch "${FILESDIR}"/exim-4.74-radius-db-ENV-clash.patch # 287426
+ epatch "${FILESDIR}"/exim-4.82-makefile-freebsd.patch # 235785
+ epatch "${FILESDIR}"/exim-4.88-as-needed-ldflags.patch # 352265, 391279
+ epatch "${FILESDIR}"/exim-4.76-crosscompile.patch # 266591
+
+ if use maildir ; then
+ epatch "${FILESDIR}"/exim-4.20-maildir.patch
+ else
+ epatch "${FILESDIR}"/exim-4.80-spool-mail-group.patch # 438606
+ fi
+
+ # user Exim believes it should be
+ MAILUSER=mail
+ MAILGROUP=mail
+ if use prefix && [[ ${EUID} != 0 ]] ; then
+ MAILUSER=$(id -un)
+ MAILGROUP=$(id -gn)
+ fi
+}
+
+src_configure() {
+ # general config and paths
+
+ sed -i.orig \
+ -e "/SYSTEM_ALIASES_FILE/s'SYSTEM_ALIASES_FILE'${EPREFIX}/etc/mail/aliases'" \
+ "${S}"/src/configure.default || die
+
+ sed -i -e 's/^buildname=.*/buildname=exim-gentoo/g' Makefile || die
+
+ sed -e "48i\CFLAGS=${CFLAGS}" \
+ -e "s:BIN_DIRECTORY=/usr/exim/bin:BIN_DIRECTORY=${EPREFIX}/usr/sbin:" \
+ -e "s:EXIM_USER=:EXIM_USER=${MAILUSER}:" \
+ -e "s:CONFIGURE_FILE=/usr/exim/configure:CONFIGURE_FILE=${EPREFIX}/etc/exim/exim.conf:" \
+ -e "s:ZCAT_COMMAND=.*$:ZCAT_COMMAND=${EPREFIX}/bin/zcat:" \
+ -e "s:COMPRESS_COMMAND=.*$:COMPRESS_COMMAND=${EPREFIX}/bin/gzip:" \
+ src/EDITME > Local/Makefile
+
+ if use elibc_musl; then
+ sed -e 's/^LIBS = -lnsl/LIBS =/g' \
+ -i OS/Makefile-Linux
+ fi
+
+ cd Local
+
+ cat >> Makefile <<- EOC
+ INFO_DIRECTORY=${EPREFIX}/usr/share/info
+ PID_FILE_PATH=${EPREFIX}/run/exim.pid
+ SPOOL_DIRECTORY=${EPREFIX}/var/spool/exim
+ HAVE_ICONV=yes
+ EOC
+
+ # if we use libiconv, now is the time to tell so
+ use !elibc_glibc && use !elibc_musl && echo "EXTRALIBS_EXIM=-liconv" >> Makefile
+
+ # support for IPv6
+ if use ipv6; then
+ cat >> Makefile <<- EOC
+ HAVE_IPV6=YES
+ EOC
+ fi
+
+ #
+ # mail storage formats
+
+ # mailstore is Exim's traditional storage format
+ cat >> Makefile <<- EOC
+ SUPPORT_MAILSTORE=yes
+ EOC
+
+ # mbox
+ if use mbx; then
+ cat >> Makefile <<- EOC
+ SUPPORT_MBX=yes
+ EOC
+ fi
+
+ # maildir
+ if use maildir; then
+ cat >> Makefile <<- EOC
+ SUPPORT_MAILDIR=yes
+ EOC
+ fi
+
+ #
+ # lookup methods
+
+ # use the "native" interfaces to the DBM and CDB libraries, support
+ # passwd and directory lookups by default
+ cat >> Makefile <<- EOC
+ USE_DB=yes
+ DBMLIB=-ldb
+ LOOKUP_CDB=yes
+ LOOKUP_PASSWD=yes
+ LOOKUP_DSEARCH=yes
+ EOC
+
+ if ! use dnsdb; then
+ # DNSDB lookup is enabled by default
+ sed -i "s:^LOOKUP_DNSDB=yes:# LOOKUP_DNSDB=yes:" Makefile
+ fi
+
+ if use ldap; then
+ cat >> Makefile <<- EOC
+ LOOKUP_LDAP=yes
+ LDAP_LIB_TYPE=OPENLDAP2
+ LOOKUP_INCLUDE += -I"${EROOT}"usr/include/ldap
+ LOOKUP_LIBS += -lldap -llber
+ EOC
+ fi
+
+ if use mysql; then
+ cat >> Makefile <<- EOC
+ LOOKUP_MYSQL=yes
+ LOOKUP_INCLUDE += $(mysql_config --include)
+ LOOKUP_LIBS += $(mysql_config --libs)
+ EOC
+ fi
+
+ if use nis; then
+ cat >> Makefile <<- EOC
+ LOOKUP_NIS=yes
+ LOOKUP_NISPLUS=yes
+ EOC
+ fi
+
+ if use postgres; then
+ cat >> Makefile <<- EOC
+ LOOKUP_PGSQL=yes
+ LOOKUP_INCLUDE += -I$(pg_config --includedir)
+ LOOKUP_LIBS += -L$(pg_config --libdir) -lpq
+ EOC
+ fi
+
+ if use sqlite; then
+ cat >> Makefile <<- EOC
+ LOOKUP_SQLITE=yes
+ LOOKUP_SQLITE_PC=sqlite3
+ EOC
+ fi
+
+ if use redis; then
+ cat >> Makefile <<- EOC
+ LOOKUP_REDIS=yes
+ LOOKUP_LIBS += -lhiredis
+ EOC
+ fi
+
+ #
+ # Exim monitor, enabled by default, controlled via X USE-flag,
+ # disable if not requested, bug #46778
+ if use X; then
+ cp ../exim_monitor/EDITME eximon.conf || die
+ else
+ sed -i -e '/^EXIM_MONITOR=/s/^/# /' Makefile
+ fi
+
+ #
+ # features
+
+ # content scanning support
+ if use exiscan-acl; then
+ cat >> Makefile <<- EOC
+ WITH_CONTENT_SCAN=yes
+ WITH_OLD_DEMIME=yes
+ EOC
+ fi
+
+ # DomainKeys Identified Mail, RFC4871
+ if ! use dkim; then
+ # DKIM is enabled by default
+ cat >> Makefile <<- EOC
+ DISABLE_DKIM=yes
+ EOC
+ fi
+
+ # Per-Recipient-Data-Response
+ if ! use prdr; then
+ # PRDR is enabled by default
+ cat >> Makefile <<- EOC
+ DISABLE_PRDR=yes
+ EOC
+ fi
+
+ # log to syslog
+ if use syslog; then
+ sed -i "s:LOG_FILE_PATH=/var/log/exim/exim_%s.log:LOG_FILE_PATH=syslog:" Makefile
+ cat >> Makefile <<- EOC
+ LOG_FILE_PATH=syslog
+ EOC
+ else
+ cat >> Makefile <<- EOC
+ LOG_FILE_PATH=${EPREFIX}/var/log/exim/exim_%s.log
+ EOC
+ fi
+
+ # starttls support (ssl)
+ if use ssl; then
+ echo "SUPPORT_TLS=yes" >> Makefile
+ if use gnutls; then
+ echo "USE_GNUTLS=yes" >> Makefile
+ echo "USE_GNUTLS_PC=gnutls" >> Makefile
+ use pkcs11 || echo "AVOID_GNUTLS_PKCS11=yes" >> Makefile
+ else
+ echo "USE_OPENSSL_PC=openssl" >> Makefile
+ fi
+ fi
+
+ # TCP wrappers
+ if use tcpd; then
+ cat >> Makefile <<- EOC
+ USE_TCP_WRAPPERS=yes
+ EXTRALIBS_EXIM += -lwrap
+ EOC
+ fi
+
+ # Light Mail Transport Protocol
+ if use lmtp; then
+ cat >> Makefile <<- EOC
+ TRANSPORT_LMTP=yes
+ EOC
+ fi
+
+ # embedded Perl
+ if use perl; then
+ cat >> Makefile <<- EOC
+ EXIM_PERL=perl.o
+ EOC
+ fi
+
+ # dlfunc
+ if use dlfunc; then
+ cat >> Makefile <<- EOC
+ EXPAND_DLFUNC=yes
+ EOC
+ fi
+
+ #
+ # experimental features
+
+ # DANE
+ if use dane; then
+ cat >> Makefile <<- EOC
+ EXPERIMENTAL_DANE=yes
+ EOC
+ fi
+
+ # Distributed Checksum Clearinghouse
+ if use dcc; then
+ echo "EXPERIMENTAL_DCC=yes">> Makefile
+ fi
+
+ # Sender Policy Framework
+ if use spf; then
+ cat >> Makefile <<- EOC
+ EXPERIMENTAL_SPF=yes
+ EXTRALIBS_EXIM += -lspf2
+ EOC
+ fi
+
+ # Sender Rewriting Scheme
+ if use srs; then
+ cat >> Makefile <<- EOC
+ EXPERIMENTAL_SRS=yes
+ EXTRALIBS_EXIM += -lsrs_alt
+ EOC
+ fi
+
+ # DMARC
+ if use dmarc; then
+ cat >> Makefile <<- EOC
+ EXPERIMENTAL_DMARC=yes
+ EXTRALIBS_EXIM += -lopendmarc
+ EOC
+ fi
+
+ # Transport post-delivery actions
+ if use tpda; then
+ cat >> Makefile <<- EOC
+ EXPERIMENTAL_EVENT=yes
+ EOC
+ fi
+
+ # Proxy Protocol
+ if use proxy; then
+ cat >> Makefile <<- EOC
+ EXPERIMENTAL_PROXY=yes
+ EOC
+ fi
+
+ # Delivery Sender Notifications
+ if use dsn; then
+ cat >> Makefile <<- EOC
+ EXPERIMENTAL_DSN=yes
+ EOC
+ fi
+
+ #
+ # authentication (SMTP AUTH)
+
+ # standard bits
+ cat >> Makefile <<- EOC
+ AUTH_SPA=yes
+ AUTH_CRAM_MD5=yes
+ AUTH_PLAINTEXT=yes
+ EOC
+
+ # Cyrus SASL
+ if use sasl; then
+ cat >> Makefile <<- EOC
+ CYRUS_SASLAUTHD_SOCKET=${EPREFIX}/run/saslauthd/mux
+ AUTH_CYRUS_SASL=yes
+ AUTH_LIBS += -lsasl2
+ EOC
+ fi
+
+ # Dovecot
+ if use dovecot-sasl; then
+ cat >> Makefile <<- EOC
+ AUTH_DOVECOT=yes
+ EOC
+ fi
+
+ # Pluggable Authentication Modules
+ if use pam; then
+ cat >> Makefile <<- EOC
+ SUPPORT_PAM=yes
+ AUTH_LIBS += -lpam
+ EOC
+ fi
+
+ # Radius
+ if use radius; then
+ cat >> Makefile <<- EOC
+ RADIUS_CONFIG_FILE=${EPREFIX}/etc/radiusclient/radiusclient.conf
+ RADIUS_LIB_TYPE=RADIUSCLIENTNEW
+ AUTH_LIBS += -lfreeradius-client
+ EOC
+ fi
+}
+
+src_compile() {
+ emake CC="$(tc-getCC)" HOSTCC="$(tc-getCC $CBUILD)" \
+ AR="$(tc-getAR) cq" RANLIB="$(tc-getRANLIB)" FULLECHO='' \
+ || die "make failed"
+}
+
+src_install () {
+ cd "${S}"/build-exim-gentoo || die
+ dosbin exim
+ if use X; then
+ dosbin eximon.bin
+ dosbin eximon
+ fi
+ fperms 4755 /usr/sbin/exim
+
+ dosym exim /usr/sbin/sendmail
+ dosym exim /usr/sbin/rsmtp
+ dosym exim /usr/sbin/rmail
+ dosym /usr/sbin/exim /usr/bin/mailq
+ dosym /usr/sbin/exim /usr/bin/newaliases
+ dosym /usr/sbin/sendmail /usr/lib/sendmail
+
+ for i in exicyclog exim_dbmbuild exim_dumpdb exim_fixdb exim_lock \
+ exim_tidydb exinext exiwhat exigrep eximstats exiqsumm exiqgrep \
+ convert4r3 convert4r4 exipick
+ do
+ dosbin $i
+ done
+
+ dodoc "${S}"/doc/*
+ doman "${S}"/doc/exim.8
+ use dsn && dodoc "${S}"/README.DSN
+ use doc && dodoc "${WORKDIR}"/${PN}-pdf-${PV//rc/RC}/doc/*.pdf
+
+ # conf files
+ insinto /etc/exim
+ newins "${S}"/src/configure.default exim.conf.dist
+ if use exiscan-acl; then
+ newins "${S}"/src/configure.default exim.conf.exiscan-acl
+ fi
+ doins "${WORKDIR}"/system_filter.exim
+ doins "${FILESDIR}"/auth_conf.sub
+
+ pamd_mimic system-auth exim auth account
+
+ # headers, #436406
+ if use dlfunc ; then
+ # fixup includes so they actually can be found when including
+ sed -i \
+ -e '/#include "\(config\|store\|mytypes\).h"/s:"\(.\+\)":<exim/\1>:' \
+ local_scan.h || die
+ insinto /usr/include/exim
+ doins {config,local_scan}.h ../src/{mytypes,store}.h
+ fi
+
+ insinto /etc/logrotate.d
+ newins "${FILESDIR}/exim.logrotate" exim
+
+ newinitd "${FILESDIR}"/exim.rc9 exim
+ newconfd "${FILESDIR}"/exim.confd exim
+
+ systemd_dounit "${FILESDIR}"/{exim.service,exim.socket,exim-submission.socket}
+ systemd_newunit "${FILESDIR}"/exim_at.service 'exim@.service'
+ systemd_newunit "${FILESDIR}"/exim-submission_at.service 'exim-submission@.service'
+
+ diropts -m 0750 -o ${MAILUSER} -g ${MAILGROUP}
+ dodir /var/log/${PN}
+}
+
+pkg_postinst() {
+ if [[ ! -f ${EROOT}etc/exim/exim.conf ]] ; then
+ einfo "${EROOT}etc/exim/system_filter.exim is a sample system_filter."
+ einfo "${EROOT}etc/exim/auth_conf.sub contains the configuration sub for using smtp auth."
+ einfo "Please create ${EROOT}etc/exim/exim.conf from ${EROOT}etc/exim/exim.conf.dist."
+ fi
+ use dane && einfo "DANE support is experimental"
+ if use dcc ; then
+ einfo "DCC support is experimental, you can find some limited"
+ einfo "documentation at the bottom of this prerelease message:"
+ einfo "http://article.gmane.org/gmane.mail.exim.devel/3579"
+ fi
+ use spf && einfo "SPF support is experimental"
+ use srs && einfo "SRS support is experimental"
+ if use dmarc ; then
+ einfo "DMARC support is experimental. See global settings to"
+ einfo "configure DMARC, for usage see the documentation at "
+ einfo "experimental-spec.txt."
+ fi
+ use tpda && einfo "TPDA/EVENT support is experimental"
+ use proxy && einfo "proxy support is experimental"
+ use dsn && einfo "DSN support is experimental"
+}
diff --git a/mail-mta/exim/files/exim-4.88-as-needed-ldflags.patch b/mail-mta/exim/files/exim-4.88-as-needed-ldflags.patch
new file mode 100644
index 00000000..a733ca0
--- /dev/null
+++ b/mail-mta/exim/files/exim-4.88-as-needed-ldflags.patch
@@ -0,0 +1,145 @@
+https://bugs.gentoo.org/show_bug.cgi?id=352265
+
+Make sure LDFLAGS comes first, such that all libraries are considered,
+and not discarded when --as-needed is in effect.
+
+https://bugs.gentoo.org/show_bug.cgi?id=391279
+
+Use LDFLAGS for all targets, not just the exim binary, such that
+--as-needed works as well.
+
+
+--- OS/Makefile-Base
++++ OS/Makefile-Base
+@@ -346,12 +346,12 @@
+ buildrouters buildtransports \
+ $(OBJ_EXIM) version.o
+ @echo "$(LNCC) -o exim"
+- $(FE)$(PURIFY) $(LNCC) -o exim $(LFLAGS) $(OBJ_EXIM) version.o \
++ $(FE)$(PURIFY) $(LNCC) -o exim $(LDFLAGS) $(OBJ_EXIM) version.o \
+ routers/routers.a transports/transports.a lookups/lookups.a \
+ auths/auths.a pdkim/pdkim.a \
+ $(LIBRESOLV) $(LIBS) $(LIBS_EXIM) $(IPV6_LIBS) $(EXTRALIBS) \
+ $(EXTRALIBS_EXIM) $(DBMLIB) $(LOOKUP_LIBS) $(AUTH_LIBS) \
+- $(PERL_LIBS) $(TLS_LIBS) $(PCRE_LIBS) $(LDFLAGS)
++ $(PERL_LIBS) $(TLS_LIBS) $(PCRE_LIBS) $(LFLAGS)
+ @if [ x"$(STRIP_COMMAND)" != x"" ]; then \
+ echo $(STRIP_COMMAND) exim; \
+ $(STRIP_COMMAND) exim; \
+@@ -367,8 +367,8 @@
+
+ exim_dumpdb: $(OBJ_DUMPDB)
+ @echo "$(LNCC) -o exim_dumpdb"
+- $(FE)$(LNCC) $(CFLAGS) $(INCLUDE) -o exim_dumpdb $(LFLAGS) $(OBJ_DUMPDB) \
+- $(LIBS) $(EXTRALIBS) $(DBMLIB)
++ $(FE)$(LNCC) $(CFLAGS) $(INCLUDE) -o exim_dumpdb $(LDFLAGS) $(OBJ_DUMPDB) \
++ $(LIBS) $(EXTRALIBS) $(DBMLIB) $(LFLAGS)
+ @if [ x"$(STRIP_COMMAND)" != x"" ]; then \
+ echo $(STRIP_COMMAND) exim_dumpdb; \
+ $(STRIP_COMMAND) exim_dumpdb; \
+@@ -382,8 +382,8 @@
+
+ exim_fixdb: $(OBJ_FIXDB) buildauths
+ @echo "$(LNCC) -o exim_fixdb"
+- $(FE)$(LNCC) $(CFLAGS) $(INCLUDE) -o exim_fixdb $(LFLAGS) $(OBJ_FIXDB) \
+- auths/auths.a $(LIBS) $(EXTRALIBS) $(DBMLIB)
++ $(FE)$(LNCC) $(CFLAGS) $(INCLUDE) -o exim_fixdb $(LDFLAGS) $(OBJ_FIXDB) \
++ auths/auths.a $(LIBS) $(EXTRALIBS) $(DBMLIB) $(LFLAGS)
+ @if [ x"$(STRIP_COMMAND)" != x"" ]; then \
+ echo $(STRIP_COMMAND) exim_fixdb; \
+ $(STRIP_COMMAND) exim_fixdb; \
+@@ -397,8 +397,8 @@
+
+ exim_tidydb: $(OBJ_TIDYDB)
+ @echo "$(LNCC) -o exim_tidydb"
+- $(FE)$(LNCC) $(CFLAGS) $(INCLUDE) -o exim_tidydb $(LFLAGS) $(OBJ_TIDYDB) \
+- $(LIBS) $(EXTRALIBS) $(DBMLIB)
++ $(FE)$(LNCC) $(CFLAGS) $(INCLUDE) -o exim_tidydb $(LDFLAGS) $(OBJ_TIDYDB) \
++ $(LIBS) $(EXTRALIBS) $(DBMLIB) $(LFLAGS)
+ @if [ x"$(STRIP_COMMAND)" != x"" ]; then \
+ echo $(STRIP_COMMAND) exim_tidydb; \
+ $(STRIP_COMMAND) exim_tidydb; \
+@@ -410,8 +410,8 @@
+
+ exim_dbmbuild: exim_dbmbuild.o
+ @echo "$(LNCC) -o exim_dbmbuild"
+- $(FE)$(LNCC) $(CFLAGS) $(INCLUDE) -o exim_dbmbuild $(LFLAGS) exim_dbmbuild.o \
+- $(LIBS) $(EXTRALIBS) $(DBMLIB)
++ $(FE)$(LNCC) $(CFLAGS) $(INCLUDE) -o exim_dbmbuild $(LDFLAGS) exim_dbmbuild.o \
++ $(LIBS) $(EXTRALIBS) $(DBMLIB) $(LFLAGS)
+ @if [ x"$(STRIP_COMMAND)" != x"" ]; then \
+ echo $(STRIP_COMMAND) exim_dbmbuild; \
+ $(STRIP_COMMAND) exim_dbmbuild; \
+@@ -425,8 +425,8 @@
+ @echo "$(CC) exim_lock.c"
+ $(FE)$(CC) -c $(CFLAGS) $(INCLUDE) exim_lock.c
+ @echo "$(LNCC) -o exim_lock"
+- $(FE)$(LNCC) -o exim_lock $(LFLAGS) exim_lock.o \
+- $(LIBS) $(EXTRALIBS)
++ $(FE)$(LNCC) -o exim_lock $(LDFLAGS) exim_lock.o \
++ $(LIBS) $(EXTRALIBS) $(LFLAGS)
+ @if [ x"$(STRIP_COMMAND)" != x"" ]; then \
+ echo $(STRIP_COMMAND) exim_lock; \
+ $(STRIP_COMMAND) exim_lock; \
+@@ -462,9 +462,9 @@
+ $(FE)$(CC) -o em_version.o -c \
+ $(CFLAGS) $(XINCLUDE) -I. ../exim_monitor/em_version.c
+ @echo "$(LNCC) -o eximon.bin"
+- $(FE)$(PURIFY) $(LNCC) -o eximon.bin em_version.o $(LFLAGS) $(XLFLAGS) \
++ $(FE)$(PURIFY) $(LNCC) -o eximon.bin em_version.o $(LDFLAGS) $(XLFLAGS) \
+ $(OBJ_MONBIN) -lXaw -lXmu -lXt -lXext -lX11 $(PCRE_LIBS) \
+- $(LIBS) $(LIBS_EXIMON) $(EXTRALIBS) $(EXTRALIBS_EXIMON) -lc
++ $(LIBS) $(LIBS_EXIMON) $(EXTRALIBS) $(EXTRALIBS_EXIMON) -lc $(LFLAGS)
+ @if [ x"$(STRIP_COMMAND)" != x"" ]; then \
+ echo $(STRIP_COMMAND) eximon.bin; \
+ $(STRIP_COMMAND) eximon.bin; \
+@@ -779,9 +779,9 @@
+ test_dbfn: config.h dbfn.c dummies.o sa-globals.o sa-os.o store.o \
+ string.o tod.o version.o utf8.o
+ $(CC) -c $(CFLAGS) $(INCLUDE) -DSTAND_ALONE dbfn.c
+- $(LNCC) -o test_dbfn $(LFLAGS) dbfn.o \
++ $(LNCC) -o test_dbfn $(LDFLAGS) dbfn.o \
+ dummies.o sa-globals.o sa-os.o store.o string.o \
+- tod.o version.o utf8.o $(LIBS) $(DBMLIB) $(LDFLAGS)
++ tod.o version.o utf8.o $(LIBS) $(DBMLIB) $(LFLAGS)
+ rm -f dbfn.o
+
+ test_host: config.h child.c host.c dns.c dummies.c sa-globals.o os.o \
+@@ -790,29 +790,29 @@
+ $(CC) -c $(CFLAGS) $(INCLUDE) -DSTAND_ALONE -DTEST_HOST host.c
+ $(CC) -c $(CFLAGS) $(INCLUDE) -DSTAND_ALONE -DTEST_HOST dns.c
+ $(CC) -c $(CFLAGS) $(INCLUDE) -DSTAND_ALONE -DTEST_HOST dummies.c
+- $(LNCC) -o test_host $(LFLAGS) \
++ $(LNCC) -o test_host $(LDFLAGS) \
+ host.o child.o dns.o dummies.o sa-globals.o os.o store.o string.o \
+- tod.o tree.o $(LIBS) $(LIBRESOLV)
++ tod.o tree.o $(LIBS) $(LIBRESOLV) $(LFLAGS)
+ rm -f child.o dummies.o host.o dns.o
+
+ test_os: os.h os.c dummies.o sa-globals.o store.o string.o tod.o utf8.o
+ $(CC) -c $(CFLAGS) $(INCLUDE) -DSTAND_ALONE os.c
+- $(LNCC) -o test_os $(LFLAGS) os.o dummies.o \
+- sa-globals.o store.o string.o tod.o utf8.o $(LIBS) $(LDFLAGS)
++ $(LNCC) -o test_os $(LDFLAGS) os.o dummies.o \
++ sa-globals.o store.o string.o tod.o utf8.o $(LIBS) $(LFLAGS)
+ rm -f os.o
+
+ test_parse: config.h parse.c dummies.o sa-globals.o \
+ store.o string.o tod.o version.o utf8.o
+ $(CC) -c $(CFLAGS) $(INCLUDE) -DSTAND_ALONE parse.c
+- $(LNCC) -o test_parse $(LFLAGS) parse.o \
++ $(LNCC) -o test_parse $(LDFLAGS) parse.o \
+ dummies.o sa-globals.o store.o string.o tod.o version.o \
+- utf8.o $(LDFLAGS)
++ utf8.o $(LFLAGS)
+ rm -f parse.o
+
+ test_string: config.h string.c dummies.o sa-globals.o store.o tod.o utf8.o
+ $(CC) -c $(CFLAGS) $(INCLUDE) -DSTAND_ALONE string.c
+- $(LNCC) -o test_string $(LFLAGS) -DSTAND_ALONE string.o \
+- dummies.o sa-globals.o store.o tod.o utf8.o $(LIBS) $(LDFLAGS)
++ $(LNCC) -o test_string $(LDFLAGS) -DSTAND_ALONE string.o \
++ dummies.o sa-globals.o store.o tod.o utf8.o $(LIBS) $(LFLAGS)
+ rm -f string.o
+
+ # End
^ permalink raw reply related [flat|nested] 24+ messages in thread
* [gentoo-commits] repo/gentoo:master commit in: mail-mta/exim/files/, mail-mta/exim/
@ 2017-01-30 7:46 Fabian Groffen
0 siblings, 0 replies; 24+ messages in thread
From: Fabian Groffen @ 2017-01-30 7:46 UTC (permalink / raw
To: gentoo-commits
commit: ce94c0e4ae8e56ec240906c2ed97b7e69e1ea013
Author: Fabian Groffen <grobian <AT> gentoo <DOT> org>
AuthorDate: Mon Jan 30 07:46:20 2017 +0000
Commit: Fabian Groffen <grobian <AT> gentoo <DOT> org>
CommitDate: Mon Jan 30 07:46:20 2017 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=ce94c0e4
mail-mta/exim: drop vulnerable versions, bug #602814
Package-Manager: portage-2.3.3
mail-mta/exim/Manifest | 2 -
mail-mta/exim/exim-4.87-r1.ebuild | 537 ---------------------
mail-mta/exim/exim-4.87.ebuild | 532 --------------------
.../exim/files/exim-4.87-as-needed-ldflags.patch | 145 ------
4 files changed, 1216 deletions(-)
diff --git a/mail-mta/exim/Manifest b/mail-mta/exim/Manifest
index 3d50ff2..fe5d02e 100644
--- a/mail-mta/exim/Manifest
+++ b/mail-mta/exim/Manifest
@@ -1,5 +1,3 @@
-DIST exim-4.87.tar.bz2 1801422 SHA256 74691e0dff4d1b5d387e9c33c86f96a8f6d2adbc781c0dec9d2061a847b07dc9 SHA512 2b0d5c82133315c444e29abd182e0866482c904db1abe5ffe9a3008c2174f52eca850a433c069b4102874dc32bbe4af112beac94ffa154f1c06615c24deb47a4 WHIRLPOOL 3aede6629fbf41a71f6907e636458165258b523a3080d0b59ba6b295c1a258d8ce205a3295d4c49c2e6e88ef597b64895684fd47a3f5c3fba360d8e56be5f7f9
DIST exim-4.88.tar.bz2 1824610 SHA256 119d5fd7e31fc224e84dfa458fe182f200856bae7adf852a8287c242161f8a2d SHA512 ea094bf703628c201de119fc5f09539475e52158e935f8f2a9e4138c4a1bfe885017145c3cc5e22aa9087b195091955c69385ebf1ea0baec64ed5c1b8e3b1caf WHIRLPOOL d2d8c404217fcc5bbc7bc18500456f2709a099b0a31d4930343b836c35c62e3914fa1c686ea7d9ba5eea95f0caab13c3b76c1508eda74cb75dabb0d61472428e
-DIST exim-html-4.87.tar.bz2 478953 SHA256 8f87876d4a392f59d1009ba64ac461862951a3f4eed9c0b14a49be7bcbdc1f12 SHA512 224884abfd7ab9a2410dbdd24bb65545faf427f1b83a942c6c72309e7d85771f78bf7dc5ec1439de95e1038959cdfc4ab549abb98852c8b17c8310b51ad0385c WHIRLPOOL 0444f0b8d8f2e6fab66e9ec7b169eb1d175247e31c323f0a2817b60e2ce6b75057c8d38477697472b009f73fd4b285595b8ca09bac845763767e8146d6c87491
DIST exim-pdf-4.88.tar.bz2 1922494 SHA256 33736fafb45c5922fcbc0def7626f46cb74927987b78943aa26949ef30789574 SHA512 8c4f580fa319c0285bcb49056ecd72b056cbbfa287a15a4d856965b4218469c85607ec7321ae0f2ba3be868f05a70a7fb8a77d5836a574417e6bffc64720bee5 WHIRLPOOL 7e3e65c58cc9a313d3440de6b79ed4f113ea265e39201aa2d36c091037c2b20718bd49f04e99f2aa029a20d238cd21178762e2ba6b470596309e83fb3ffc542b
DIST system_filter.exim.gz 3075 SHA256 3a3471b486a09e0a0153f7b520e1eaf26d21b97d73ea8348bdc593c00eb1e437 SHA512 cb358d3ce2499a0bb5920d962a06f2af8486e55ec90c8c928bd8e3aefb279aa57f5f960d5adfcef68bd94110b405eaa144e9629cfe6014a529c79c544600bbf3 WHIRLPOOL ce68d9c18b24eca3ef97ea810964cc1ada5f85b795a7c432ad39b5788188a16419101c92fb52b418738d760e1d658f7a41485e5561079a667d84d276c71be5a4
diff --git a/mail-mta/exim/exim-4.87-r1.ebuild b/mail-mta/exim/exim-4.87-r1.ebuild
deleted file mode 100644
index d41831e..00000000
--- a/mail-mta/exim/exim-4.87-r1.ebuild
+++ /dev/null
@@ -1,537 +0,0 @@
-# Copyright 1999-2016 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-# $Id$
-
-EAPI="5"
-
-inherit eutils toolchain-funcs multilib pam systemd
-
-IUSE="dane dcc +dkim dlfunc dmarc +dnsdb doc dovecot-sasl dsn exiscan-acl gnutls ipv6 ldap libressl lmtp maildir mbx mysql nis pam perl pkcs11 postgres +prdr proxy radius redis sasl selinux spf sqlite srs ssl syslog tcpd tpda X elibc_glibc"
-REQUIRED_USE="
- dane? ( !gnutls )
- dmarc? ( spf dkim )
- pkcs11? ( gnutls )
- spf? ( exiscan-acl )
- srs? ( exiscan-acl )
-"
-
-COMM_URI="ftp://ftp.exim.org/pub/exim/exim4$([[ ${PV} == *_rc* ]] && echo /test)"
-
-DESCRIPTION="A highly configurable, drop-in replacement for sendmail"
-SRC_URI="${COMM_URI}/${P//rc/RC}.tar.bz2
- mirror://gentoo/system_filter.exim.gz
- doc? ( ${COMM_URI}/${PN}-html-${PV//rc/RC}.tar.bz2 )"
-HOMEPAGE="http://www.exim.org/"
-
-SLOT="0"
-LICENSE="GPL-2"
-KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~ppc ~ppc64 ~sparc ~x86 ~x86-fbsd ~x86-solaris"
-
-COMMON_DEPEND=">=sys-apps/sed-4.0.5
- >=sys-libs/db-3.2:=
- dev-libs/libpcre
- perl? ( dev-lang/perl:= )
- pam? ( virtual/pam )
- tcpd? ( sys-apps/tcp-wrappers )
- ssl? (
- !libressl? ( dev-libs/openssl:0= )
- libressl? ( dev-libs/libressl:= )
- )
- gnutls? ( net-libs/gnutls[pkcs11?]
- dev-libs/libtasn1 )
- ldap? ( >=net-nds/openldap-2.0.7 )
- nis? ( elibc_glibc? ( || (
- <sys-libs/glibc-2.23
- >=sys-libs/glibc-2.23[rpc]
- ) ) )
- mysql? ( virtual/libmysqlclient )
- postgres? ( dev-db/postgresql:= )
- sasl? ( >=dev-libs/cyrus-sasl-2.1.26-r2 )
- redis? ( dev-libs/hiredis )
- spf? ( >=mail-filter/libspf2-1.2.5-r1 )
- dmarc? ( mail-filter/opendmarc )
- srs? ( mail-filter/libsrs_alt )
- X? ( x11-proto/xproto
- x11-libs/libX11
- x11-libs/libXmu
- x11-libs/libXt
- x11-libs/libXaw
- )
- sqlite? ( dev-db/sqlite )
- radius? ( net-dialup/freeradius-client )
- virtual/libiconv
- "
- # added X check for #57206
-DEPEND="${COMMON_DEPEND}
- virtual/pkgconfig"
-RDEPEND="${COMMON_DEPEND}
- !mail-mta/courier
- !mail-mta/esmtp
- !mail-mta/mini-qmail
- !<mail-mta/msmtp-1.4.19-r1
- !>=mail-mta/msmtp-1.4.19-r1[mta]
- !mail-mta/netqmail
- !mail-mta/nullmailer
- !mail-mta/postfix
- !mail-mta/qmail-ldap
- !mail-mta/sendmail
- !mail-mta/opensmtpd
- !<mail-mta/ssmtp-2.64-r2
- !>=mail-mta/ssmtp-2.64-r2[mta]
- !net-mail/mailwrapper
- >=net-mail/mailbase-0.00-r5
- virtual/logger
- dcc? ( mail-filter/dcc )
- selinux? ( sec-policy/selinux-exim )
- "
-
-S=${WORKDIR}/${P//rc/RC}
-
-src_prepare() {
- epatch "${FILESDIR}"/exim-4.14-tail.patch
- epatch "${FILESDIR}"/exim-4.74-localscan_dlopen.patch
- epatch "${FILESDIR}"/exim-4.69-r1.27021.patch
- epatch "${FILESDIR}"/exim-4.74-radius-db-ENV-clash.patch # 287426
- epatch "${FILESDIR}"/exim-4.82-makefile-freebsd.patch # 235785
- epatch "${FILESDIR}"/exim-4.87-as-needed-ldflags.patch # 352265, 391279
- epatch "${FILESDIR}"/exim-4.76-crosscompile.patch # 266591
-
- if use maildir ; then
- epatch "${FILESDIR}"/exim-4.20-maildir.patch
- else
- epatch "${FILESDIR}"/exim-4.80-spool-mail-group.patch # 438606
- fi
-
- # user Exim believes it should be
- MAILUSER=mail
- MAILGROUP=mail
- if use prefix && [[ ${EUID} != 0 ]] ; then
- MAILUSER=$(id -un)
- MAILGROUP=$(id -gn)
- fi
-}
-
-src_configure() {
- # general config and paths
-
- sed -i.orig \
- -e "/SYSTEM_ALIASES_FILE/s'SYSTEM_ALIASES_FILE'${EPREFIX}/etc/mail/aliases'" \
- "${S}"/src/configure.default || die
-
- sed -i -e 's/^buildname=.*/buildname=exim-gentoo/g' Makefile || die
-
- sed -e "48i\CFLAGS=${CFLAGS}" \
- -e "s:BIN_DIRECTORY=/usr/exim/bin:BIN_DIRECTORY=${EPREFIX}/usr/sbin:" \
- -e "s:EXIM_USER=:EXIM_USER=${MAILUSER}:" \
- -e "s:CONFIGURE_FILE=/usr/exim/configure:CONFIGURE_FILE=${EPREFIX}/etc/exim/exim.conf:" \
- -e "s:ZCAT_COMMAND=.*$:ZCAT_COMMAND=${EPREFIX}/bin/zcat:" \
- -e "s:COMPRESS_COMMAND=.*$:COMPRESS_COMMAND=${EPREFIX}/bin/gzip:" \
- src/EDITME > Local/Makefile
-
- if use elibc_musl; then
- sed -e 's/^LIBS = -lnsl/LIBS =/g' \
- -i OS/Makefile-Linux
- fi
-
- cd Local
-
- cat >> Makefile <<- EOC
- INFO_DIRECTORY=${EPREFIX}/usr/share/info
- PID_FILE_PATH=${EPREFIX}/run/exim.pid
- SPOOL_DIRECTORY=${EPREFIX}/var/spool/exim
- HAVE_ICONV=yes
- EOC
-
- # if we use libiconv, now is the time to tell so
- use !elibc_glibc && use !elibc_musl && echo "EXTRALIBS_EXIM=-liconv" >> Makefile
-
- # support for IPv6
- if use ipv6; then
- cat >> Makefile <<- EOC
- HAVE_IPV6=YES
- EOC
- fi
-
- #
- # mail storage formats
-
- # mailstore is Exim's traditional storage format
- cat >> Makefile <<- EOC
- SUPPORT_MAILSTORE=yes
- EOC
-
- # mbox
- if use mbx; then
- cat >> Makefile <<- EOC
- SUPPORT_MBX=yes
- EOC
- fi
-
- # maildir
- if use maildir; then
- cat >> Makefile <<- EOC
- SUPPORT_MAILDIR=yes
- EOC
- fi
-
- #
- # lookup methods
-
- # use the "native" interfaces to the DBM and CDB libraries, support
- # passwd and directory lookups by default
- cat >> Makefile <<- EOC
- USE_DB=yes
- DBMLIB=-ldb
- LOOKUP_CDB=yes
- LOOKUP_PASSWD=yes
- LOOKUP_DSEARCH=yes
- EOC
-
- if ! use dnsdb; then
- # DNSDB lookup is enabled by default
- sed -i "s:^LOOKUP_DNSDB=yes:# LOOKUP_DNSDB=yes:" Makefile
- fi
-
- if use ldap; then
- cat >> Makefile <<- EOC
- LOOKUP_LDAP=yes
- LDAP_LIB_TYPE=OPENLDAP2
- LOOKUP_INCLUDE += -I"${EROOT}"usr/include/ldap
- LOOKUP_LIBS += -lldap -llber
- EOC
- fi
-
- if use mysql; then
- cat >> Makefile <<- EOC
- LOOKUP_MYSQL=yes
- LOOKUP_INCLUDE += $(mysql_config --include)
- LOOKUP_LIBS += $(mysql_config --libs)
- EOC
- fi
-
- if use nis; then
- cat >> Makefile <<- EOC
- LOOKUP_NIS=yes
- LOOKUP_NISPLUS=yes
- EOC
- fi
-
- if use postgres; then
- cat >> Makefile <<- EOC
- LOOKUP_PGSQL=yes
- LOOKUP_INCLUDE += -I$(pg_config --includedir)
- LOOKUP_LIBS += -L$(pg_config --libdir) -lpq
- EOC
- fi
-
- if use sqlite; then
- cat >> Makefile <<- EOC
- LOOKUP_SQLITE=yes
- LOOKUP_SQLITE_PC=sqlite3
- EOC
- fi
-
- if use redis; then
- cat >> Makefile <<- EOC
- LOOKUP_REDIS=yes
- LOOKUP_LIBS += -lhiredis
- EOC
- fi
-
- #
- # Exim monitor, enabled by default, controlled via X USE-flag,
- # disable if not requested, bug #46778
- if use X; then
- cp ../exim_monitor/EDITME eximon.conf || die
- else
- sed -i -e '/^EXIM_MONITOR=/s/^/# /' Makefile
- fi
-
- #
- # features
-
- # content scanning support
- if use exiscan-acl; then
- cat >> Makefile <<- EOC
- WITH_CONTENT_SCAN=yes
- WITH_OLD_DEMIME=yes
- EOC
- fi
-
- # DomainKeys Identified Mail, RFC4871
- if ! use dkim; then
- # DKIM is enabled by default
- cat >> Makefile <<- EOC
- DISABLE_DKIM=yes
- EOC
- fi
-
- # Per-Recipient-Data-Response
- if ! use prdr; then
- # PRDR is enabled by default
- cat >> Makefile <<- EOC
- DISABLE_PRDR=yes
- EOC
- fi
-
- # log to syslog
- if use syslog; then
- sed -i "s:LOG_FILE_PATH=/var/log/exim/exim_%s.log:LOG_FILE_PATH=syslog:" Makefile
- cat >> Makefile <<- EOC
- LOG_FILE_PATH=syslog
- EOC
- else
- cat >> Makefile <<- EOC
- LOG_FILE_PATH=${EPREFIX}/var/log/exim/exim_%s.log
- EOC
- fi
-
- # starttls support (ssl)
- if use ssl; then
- echo "SUPPORT_TLS=yes" >> Makefile
- if use gnutls; then
- echo "USE_GNUTLS=yes" >> Makefile
- echo "USE_GNUTLS_PC=gnutls" >> Makefile
- use pkcs11 || echo "AVOID_GNUTLS_PKCS11=yes" >> Makefile
- else
- echo "USE_OPENSSL_PC=openssl" >> Makefile
- fi
- fi
-
- # TCP wrappers
- if use tcpd; then
- cat >> Makefile <<- EOC
- USE_TCP_WRAPPERS=yes
- EXTRALIBS_EXIM += -lwrap
- EOC
- fi
-
- # Light Mail Transport Protocol
- if use lmtp; then
- cat >> Makefile <<- EOC
- TRANSPORT_LMTP=yes
- EOC
- fi
-
- # embedded Perl
- if use perl; then
- cat >> Makefile <<- EOC
- EXIM_PERL=perl.o
- EOC
- fi
-
- # dlfunc
- if use dlfunc; then
- cat >> Makefile <<- EOC
- EXPAND_DLFUNC=yes
- EOC
- fi
-
- #
- # experimental features
-
- # DANE
- if use dane; then
- cat >> Makefile <<- EOC
- EXPERIMENTAL_DANE=yes
- EOC
- fi
-
- # Distributed Checksum Clearinghouse
- if use dcc; then
- echo "EXPERIMENTAL_DCC=yes">> Makefile
- fi
-
- # Sender Policy Framework
- if use spf; then
- cat >> Makefile <<- EOC
- EXPERIMENTAL_SPF=yes
- EXTRALIBS_EXIM += -lspf2
- EOC
- fi
-
- # Sender Rewriting Scheme
- if use srs; then
- cat >> Makefile <<- EOC
- EXPERIMENTAL_SRS=yes
- EXTRALIBS_EXIM += -lsrs_alt
- EOC
- fi
-
- # DMARC
- if use dmarc; then
- cat >> Makefile <<- EOC
- EXPERIMENTAL_DMARC=yes
- EXTRALIBS_EXIM += -lopendmarc
- EOC
- fi
-
- # Transport post-delivery actions
- if use tpda; then
- cat >> Makefile <<- EOC
- EXPERIMENTAL_EVENT=yes
- EOC
- fi
-
- # Proxy Protocol
- if use proxy; then
- cat >> Makefile <<- EOC
- EXPERIMENTAL_PROXY=yes
- EOC
- fi
-
- # Delivery Sender Notifications
- if use dsn; then
- cat >> Makefile <<- EOC
- EXPERIMENTAL_DSN=yes
- EOC
- fi
-
- #
- # authentication (SMTP AUTH)
-
- # standard bits
- cat >> Makefile <<- EOC
- AUTH_SPA=yes
- AUTH_CRAM_MD5=yes
- AUTH_PLAINTEXT=yes
- EOC
-
- # Cyrus SASL
- if use sasl; then
- cat >> Makefile <<- EOC
- CYRUS_SASLAUTHD_SOCKET=${EPREFIX}/run/saslauthd/mux
- AUTH_CYRUS_SASL=yes
- AUTH_LIBS += -lsasl2
- EOC
- fi
-
- # Dovecot
- if use dovecot-sasl; then
- cat >> Makefile <<- EOC
- AUTH_DOVECOT=yes
- EOC
- fi
-
- # Pluggable Authentication Modules
- if use pam; then
- cat >> Makefile <<- EOC
- SUPPORT_PAM=yes
- AUTH_LIBS += -lpam
- EOC
- fi
-
- # Radius
- if use radius; then
- cat >> Makefile <<- EOC
- RADIUS_CONFIG_FILE=${EPREFIX}/etc/radiusclient/radiusclient.conf
- RADIUS_LIB_TYPE=RADIUSCLIENTNEW
- AUTH_LIBS += -lfreeradius-client
- EOC
- fi
-}
-
-src_compile() {
- emake CC="$(tc-getCC)" HOSTCC="$(tc-getCC $CBUILD)" \
- AR="$(tc-getAR) cq" RANLIB="$(tc-getRANLIB)" FULLECHO='' \
- || die "make failed"
-}
-
-src_install () {
- cd "${S}"/build-exim-gentoo || die
- dosbin exim
- if use X; then
- dosbin eximon.bin
- dosbin eximon
- fi
- fperms 4755 /usr/sbin/exim
-
- dosym exim /usr/sbin/sendmail
- dosym exim /usr/sbin/rsmtp
- dosym exim /usr/sbin/rmail
- dosym /usr/sbin/exim /usr/bin/mailq
- dosym /usr/sbin/exim /usr/bin/newaliases
- dosym /usr/sbin/sendmail /usr/lib/sendmail
-
- for i in exicyclog exim_dbmbuild exim_dumpdb exim_fixdb exim_lock \
- exim_tidydb exinext exiwhat exigrep eximstats exiqsumm exiqgrep \
- convert4r3 convert4r4 exipick
- do
- dosbin $i
- done
-
- dodoc "${S}"/doc/*
- doman "${S}"/doc/exim.8
- use dsn && dodoc "${S}"/README.DSN
- use doc && dohtml -r "${WORKDIR}"/${PN}-html-${PV//rc/RC}/doc/html/spec_html/*
-
- # conf files
- insinto /etc/exim
- newins "${S}"/src/configure.default exim.conf.dist
- if use exiscan-acl; then
- newins "${S}"/src/configure.default exim.conf.exiscan-acl
- fi
- doins "${WORKDIR}"/system_filter.exim
- doins "${FILESDIR}"/auth_conf.sub
-
- pamd_mimic system-auth exim auth account
-
- # headers, #436406
- if use dlfunc ; then
- # fixup includes so they actually can be found when including
- sed -i \
- -e '/#include "\(config\|store\|mytypes\).h"/s:"\(.\+\)":<exim/\1>:' \
- local_scan.h || die
- insinto /usr/include/exim
- doins {config,local_scan}.h ../src/{mytypes,store}.h
- fi
-
- insinto /etc/logrotate.d
- newins "${FILESDIR}/exim.logrotate" exim
-
- newinitd "${FILESDIR}"/exim.rc9 exim
- newconfd "${FILESDIR}"/exim.confd exim
-
- systemd_dounit "${FILESDIR}"/{exim.service,exim.socket,exim-submission.socket}
- systemd_newunit "${FILESDIR}"/exim_at.service 'exim@.service'
- systemd_newunit "${FILESDIR}"/exim-submission_at.service 'exim-submission@.service'
-
- diropts -m 0750 -o ${MAILUSER} -g ${MAILGROUP}
- dodir /var/log/${PN}
-}
-
-pkg_postinst() {
- if [[ ! -f ${EROOT}etc/exim/exim.conf ]] ; then
- einfo "${EROOT}etc/exim/system_filter.exim is a sample system_filter."
- einfo "${EROOT}etc/exim/auth_conf.sub contains the configuration sub for using smtp auth."
- einfo "Please create ${EROOT}etc/exim/exim.conf from ${EROOT}etc/exim/exim.conf.dist."
- fi
- use dane && einfo "DANE support is experimental"
- if use dcc ; then
- einfo "DCC support is experimental, you can find some limited"
- einfo "documentation at the bottom of this prerelease message:"
- einfo "http://article.gmane.org/gmane.mail.exim.devel/3579"
- fi
- use spf && einfo "SPF support is experimental"
- use srs && einfo "SRS support is experimental"
- if use dmarc ; then
- einfo "DMARC support is experimental. See global settings to"
- einfo "configure DMARC, for usage see the documentation at "
- einfo "experimental-spec.txt."
- fi
- use tpda && einfo "TPDA/EVENT support is experimental"
- use proxy && einfo "proxy support is experimental"
- if use dsn ; then
- einfo "Starting from Exim 4.83, DSN support comes from upstream."
- einfo "DSN support is an experimental feature. If you used DSN"
- einfo "support prior to 4.83, make sure to remove all dsn_process"
- einfo "switches from your routers, see https://bugs.gentoo.org/511818"
- fi
- einfo "Exim maintains some db files under its spool directory that need"
- einfo "cleaning from time to time. (${EROOT}var/spool/exim/db)"
- einfo "Please use the exim_tidydb tool as documented in the Exim manual:"
- einfo "http://www.exim.org/exim-html-current/doc/html/spec_html/ch-exim_utilities.html#SECThindatmai"
- einfo "For CVE-2016-1531, Exim introduced keep_environment and"
- einfo "add_environment flags. You might want to set them, see:"
- einfo "https://lists.exim.org/lurker/message/20160302.191005.a72d8433.en.html"
-}
diff --git a/mail-mta/exim/exim-4.87.ebuild b/mail-mta/exim/exim-4.87.ebuild
deleted file mode 100644
index a610552..00000000
--- a/mail-mta/exim/exim-4.87.ebuild
+++ /dev/null
@@ -1,532 +0,0 @@
-# Copyright 1999-2016 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-# $Id$
-
-EAPI="5"
-
-inherit eutils toolchain-funcs multilib pam systemd
-
-IUSE="dane dcc +dkim dlfunc dmarc +dnsdb doc dovecot-sasl dsn exiscan-acl gnutls ipv6 ldap libressl lmtp maildir mbx mysql nis pam perl pkcs11 postgres +prdr proxy radius redis sasl selinux spf sqlite srs ssl syslog tcpd tpda X elibc_glibc"
-REQUIRED_USE="
- dane? ( !gnutls )
- dmarc? ( spf dkim )
- pkcs11? ( gnutls )
- spf? ( exiscan-acl )
- srs? ( exiscan-acl )
-"
-
-COMM_URI="ftp://ftp.exim.org/pub/exim/exim4$([[ ${PV} == *_rc* ]] && echo /test)"
-
-DESCRIPTION="A highly configurable, drop-in replacement for sendmail"
-SRC_URI="${COMM_URI}/${P//rc/RC}.tar.bz2
- mirror://gentoo/system_filter.exim.gz
- doc? ( ${COMM_URI}/${PN}-html-${PV//rc/RC}.tar.bz2 )"
-HOMEPAGE="http://www.exim.org/"
-
-SLOT="0"
-LICENSE="GPL-2"
-KEYWORDS="alpha amd64 ~arm hppa ia64 ppc ppc64 sparc x86 ~x86-fbsd ~x86-solaris"
-
-COMMON_DEPEND=">=sys-apps/sed-4.0.5
- >=sys-libs/db-3.2:=
- dev-libs/libpcre
- perl? ( dev-lang/perl:= )
- pam? ( virtual/pam )
- tcpd? ( sys-apps/tcp-wrappers )
- ssl? (
- !libressl? ( dev-libs/openssl:0= )
- libressl? ( dev-libs/libressl:= )
- )
- gnutls? ( net-libs/gnutls[pkcs11?]
- dev-libs/libtasn1 )
- ldap? ( >=net-nds/openldap-2.0.7 )
- nis? ( elibc_glibc? ( || (
- <sys-libs/glibc-2.23
- >=sys-libs/glibc-2.23[rpc]
- ) ) )
- mysql? ( virtual/libmysqlclient )
- postgres? ( dev-db/postgresql:= )
- sasl? ( >=dev-libs/cyrus-sasl-2.1.26-r2 )
- redis? ( dev-libs/hiredis )
- spf? ( >=mail-filter/libspf2-1.2.5-r1 )
- dmarc? ( mail-filter/opendmarc )
- srs? ( mail-filter/libsrs_alt )
- X? ( x11-proto/xproto
- x11-libs/libX11
- x11-libs/libXmu
- x11-libs/libXt
- x11-libs/libXaw
- )
- sqlite? ( dev-db/sqlite )
- radius? ( net-dialup/freeradius-client )
- virtual/libiconv
- "
- # added X check for #57206
-DEPEND="${COMMON_DEPEND}
- virtual/pkgconfig"
-RDEPEND="${COMMON_DEPEND}
- !mail-mta/courier
- !mail-mta/esmtp
- !mail-mta/mini-qmail
- !<mail-mta/msmtp-1.4.19-r1
- !>=mail-mta/msmtp-1.4.19-r1[mta]
- !mail-mta/netqmail
- !mail-mta/nullmailer
- !mail-mta/postfix
- !mail-mta/qmail-ldap
- !mail-mta/sendmail
- !mail-mta/opensmtpd
- !<mail-mta/ssmtp-2.64-r2
- !>=mail-mta/ssmtp-2.64-r2[mta]
- !net-mail/mailwrapper
- >=net-mail/mailbase-0.00-r5
- virtual/logger
- dcc? ( mail-filter/dcc )
- selinux? ( sec-policy/selinux-exim )
- "
-
-S=${WORKDIR}/${P//rc/RC}
-
-src_prepare() {
- epatch "${FILESDIR}"/exim-4.14-tail.patch
- epatch "${FILESDIR}"/exim-4.74-localscan_dlopen.patch
- epatch "${FILESDIR}"/exim-4.69-r1.27021.patch
- epatch "${FILESDIR}"/exim-4.74-radius-db-ENV-clash.patch # 287426
- epatch "${FILESDIR}"/exim-4.82-makefile-freebsd.patch # 235785
- epatch "${FILESDIR}"/exim-4.87-as-needed-ldflags.patch # 352265, 391279
- epatch "${FILESDIR}"/exim-4.76-crosscompile.patch # 266591
-
- if use maildir ; then
- epatch "${FILESDIR}"/exim-4.20-maildir.patch
- else
- epatch "${FILESDIR}"/exim-4.80-spool-mail-group.patch # 438606
- fi
-
- # user Exim believes it should be
- MAILUSER=mail
- MAILGROUP=mail
- if use prefix && [[ ${EUID} != 0 ]] ; then
- MAILUSER=$(id -un)
- MAILGROUP=$(id -gn)
- fi
-}
-
-src_configure() {
- # general config and paths
-
- sed -i.orig \
- -e "/SYSTEM_ALIASES_FILE/s'SYSTEM_ALIASES_FILE'${EPREFIX}/etc/mail/aliases'" \
- "${S}"/src/configure.default || die
-
- sed -i -e 's/^buildname=.*/buildname=exim-gentoo/g' Makefile || die
-
- sed -e "48i\CFLAGS=${CFLAGS}" \
- -e "s:BIN_DIRECTORY=/usr/exim/bin:BIN_DIRECTORY=${EPREFIX}/usr/sbin:" \
- -e "s:EXIM_USER=:EXIM_USER=${MAILUSER}:" \
- -e "s:CONFIGURE_FILE=/usr/exim/configure:CONFIGURE_FILE=${EPREFIX}/etc/exim/exim.conf:" \
- -e "s:ZCAT_COMMAND=.*$:ZCAT_COMMAND=${EPREFIX}/bin/zcat:" \
- -e "s:COMPRESS_COMMAND=.*$:COMPRESS_COMMAND=${EPREFIX}/bin/gzip:" \
- src/EDITME > Local/Makefile
-
- cd Local
-
- cat >> Makefile <<- EOC
- INFO_DIRECTORY=${EPREFIX}/usr/share/info
- PID_FILE_PATH=${EPREFIX}/run/exim.pid
- SPOOL_DIRECTORY=${EPREFIX}/var/spool/exim
- HAVE_ICONV=yes
- EOC
-
- # if we use libiconv, now is the time to tell so
- use !elibc_glibc && echo "EXTRALIBS_EXIM=-liconv" >> Makefile
-
- # support for IPv6
- if use ipv6; then
- cat >> Makefile <<- EOC
- HAVE_IPV6=YES
- EOC
- fi
-
- #
- # mail storage formats
-
- # mailstore is Exim's traditional storage format
- cat >> Makefile <<- EOC
- SUPPORT_MAILSTORE=yes
- EOC
-
- # mbox
- if use mbx; then
- cat >> Makefile <<- EOC
- SUPPORT_MBX=yes
- EOC
- fi
-
- # maildir
- if use maildir; then
- cat >> Makefile <<- EOC
- SUPPORT_MAILDIR=yes
- EOC
- fi
-
- #
- # lookup methods
-
- # use the "native" interfaces to the DBM and CDB libraries, support
- # passwd and directory lookups by default
- cat >> Makefile <<- EOC
- USE_DB=yes
- DBMLIB=-ldb
- LOOKUP_CDB=yes
- LOOKUP_PASSWD=yes
- LOOKUP_DSEARCH=yes
- EOC
-
- if ! use dnsdb; then
- # DNSDB lookup is enabled by default
- sed -i "s:^LOOKUP_DNSDB=yes:# LOOKUP_DNSDB=yes:" Makefile
- fi
-
- if use ldap; then
- cat >> Makefile <<- EOC
- LOOKUP_LDAP=yes
- LDAP_LIB_TYPE=OPENLDAP2
- LOOKUP_INCLUDE += -I"${EROOT}"usr/include/ldap
- LOOKUP_LIBS += -lldap -llber
- EOC
- fi
-
- if use mysql; then
- cat >> Makefile <<- EOC
- LOOKUP_MYSQL=yes
- LOOKUP_INCLUDE += $(mysql_config --include)
- LOOKUP_LIBS += $(mysql_config --libs)
- EOC
- fi
-
- if use nis; then
- cat >> Makefile <<- EOC
- LOOKUP_NIS=yes
- LOOKUP_NISPLUS=yes
- EOC
- fi
-
- if use postgres; then
- cat >> Makefile <<- EOC
- LOOKUP_PGSQL=yes
- LOOKUP_INCLUDE += -I$(pg_config --includedir)
- LOOKUP_LIBS += -L$(pg_config --libdir) -lpq
- EOC
- fi
-
- if use sqlite; then
- cat >> Makefile <<- EOC
- LOOKUP_SQLITE=yes
- LOOKUP_SQLITE_PC=sqlite3
- EOC
- fi
-
- if use redis; then
- cat >> Makefile <<- EOC
- LOOKUP_REDIS=yes
- LOOKUP_LIBS += -lhiredis
- EOC
- fi
-
- #
- # Exim monitor, enabled by default, controlled via X USE-flag,
- # disable if not requested, bug #46778
- if use X; then
- cp ../exim_monitor/EDITME eximon.conf || die
- else
- sed -i -e '/^EXIM_MONITOR=/s/^/# /' Makefile
- fi
-
- #
- # features
-
- # content scanning support
- if use exiscan-acl; then
- cat >> Makefile <<- EOC
- WITH_CONTENT_SCAN=yes
- WITH_OLD_DEMIME=yes
- EOC
- fi
-
- # DomainKeys Identified Mail, RFC4871
- if ! use dkim; then
- # DKIM is enabled by default
- cat >> Makefile <<- EOC
- DISABLE_DKIM=yes
- EOC
- fi
-
- # Per-Recipient-Data-Response
- if ! use prdr; then
- # PRDR is enabled by default
- cat >> Makefile <<- EOC
- DISABLE_PRDR=yes
- EOC
- fi
-
- # log to syslog
- if use syslog; then
- sed -i "s:LOG_FILE_PATH=/var/log/exim/exim_%s.log:LOG_FILE_PATH=syslog:" Makefile
- cat >> Makefile <<- EOC
- LOG_FILE_PATH=syslog
- EOC
- else
- cat >> Makefile <<- EOC
- LOG_FILE_PATH=${EPREFIX}/var/log/exim/exim_%s.log
- EOC
- fi
-
- # starttls support (ssl)
- if use ssl; then
- echo "SUPPORT_TLS=yes" >> Makefile
- if use gnutls; then
- echo "USE_GNUTLS=yes" >> Makefile
- echo "USE_GNUTLS_PC=gnutls" >> Makefile
- use pkcs11 || echo "AVOID_GNUTLS_PKCS11=yes" >> Makefile
- else
- echo "USE_OPENSSL_PC=openssl" >> Makefile
- fi
- fi
-
- # TCP wrappers
- if use tcpd; then
- cat >> Makefile <<- EOC
- USE_TCP_WRAPPERS=yes
- EXTRALIBS_EXIM += -lwrap
- EOC
- fi
-
- # Light Mail Transport Protocol
- if use lmtp; then
- cat >> Makefile <<- EOC
- TRANSPORT_LMTP=yes
- EOC
- fi
-
- # embedded Perl
- if use perl; then
- cat >> Makefile <<- EOC
- EXIM_PERL=perl.o
- EOC
- fi
-
- # dlfunc
- if use dlfunc; then
- cat >> Makefile <<- EOC
- EXPAND_DLFUNC=yes
- EOC
- fi
-
- #
- # experimental features
-
- # DANE
- if use dane; then
- cat >> Makefile <<- EOC
- EXPERIMENTAL_DANE=yes
- EOC
- fi
-
- # Distributed Checksum Clearinghouse
- if use dcc; then
- echo "EXPERIMENTAL_DCC=yes">> Makefile
- fi
-
- # Sender Policy Framework
- if use spf; then
- cat >> Makefile <<- EOC
- EXPERIMENTAL_SPF=yes
- EXTRALIBS_EXIM += -lspf2
- EOC
- fi
-
- # Sender Rewriting Scheme
- if use srs; then
- cat >> Makefile <<- EOC
- EXPERIMENTAL_SRS=yes
- EXTRALIBS_EXIM += -lsrs_alt
- EOC
- fi
-
- # DMARC
- if use dmarc; then
- cat >> Makefile <<- EOC
- EXPERIMENTAL_DMARC=yes
- EXTRALIBS_EXIM += -lopendmarc
- EOC
- fi
-
- # Transport post-delivery actions
- if use tpda; then
- cat >> Makefile <<- EOC
- EXPERIMENTAL_EVENT=yes
- EOC
- fi
-
- # Proxy Protocol
- if use proxy; then
- cat >> Makefile <<- EOC
- EXPERIMENTAL_PROXY=yes
- EOC
- fi
-
- # Delivery Sender Notifications
- if use dsn; then
- cat >> Makefile <<- EOC
- EXPERIMENTAL_DSN=yes
- EOC
- fi
-
- #
- # authentication (SMTP AUTH)
-
- # standard bits
- cat >> Makefile <<- EOC
- AUTH_SPA=yes
- AUTH_CRAM_MD5=yes
- AUTH_PLAINTEXT=yes
- EOC
-
- # Cyrus SASL
- if use sasl; then
- cat >> Makefile <<- EOC
- CYRUS_SASLAUTHD_SOCKET=${EPREFIX}/run/saslauthd/mux
- AUTH_CYRUS_SASL=yes
- AUTH_LIBS += -lsasl2
- EOC
- fi
-
- # Dovecot
- if use dovecot-sasl; then
- cat >> Makefile <<- EOC
- AUTH_DOVECOT=yes
- EOC
- fi
-
- # Pluggable Authentication Modules
- if use pam; then
- cat >> Makefile <<- EOC
- SUPPORT_PAM=yes
- AUTH_LIBS += -lpam
- EOC
- fi
-
- # Radius
- if use radius; then
- cat >> Makefile <<- EOC
- RADIUS_CONFIG_FILE=${EPREFIX}/etc/radiusclient/radiusclient.conf
- RADIUS_LIB_TYPE=RADIUSCLIENTNEW
- AUTH_LIBS += -lfreeradius-client
- EOC
- fi
-}
-
-src_compile() {
- emake CC="$(tc-getCC)" HOSTCC="$(tc-getCC $CBUILD)" \
- AR="$(tc-getAR) cq" RANLIB="$(tc-getRANLIB)" FULLECHO='' \
- || die "make failed"
-}
-
-src_install () {
- cd "${S}"/build-exim-gentoo || die
- dosbin exim
- if use X; then
- dosbin eximon.bin
- dosbin eximon
- fi
- fperms 4755 /usr/sbin/exim
-
- dosym exim /usr/sbin/sendmail
- dosym exim /usr/sbin/rsmtp
- dosym exim /usr/sbin/rmail
- dosym /usr/sbin/exim /usr/bin/mailq
- dosym /usr/sbin/exim /usr/bin/newaliases
- dosym /usr/sbin/sendmail /usr/lib/sendmail
-
- for i in exicyclog exim_dbmbuild exim_dumpdb exim_fixdb exim_lock \
- exim_tidydb exinext exiwhat exigrep eximstats exiqsumm exiqgrep \
- convert4r3 convert4r4 exipick
- do
- dosbin $i
- done
-
- dodoc "${S}"/doc/*
- doman "${S}"/doc/exim.8
- use dsn && dodoc "${S}"/README.DSN
- use doc && dohtml -r "${WORKDIR}"/${PN}-html-${PV//rc/RC}/doc/html/spec_html/*
-
- # conf files
- insinto /etc/exim
- newins "${S}"/src/configure.default exim.conf.dist
- if use exiscan-acl; then
- newins "${S}"/src/configure.default exim.conf.exiscan-acl
- fi
- doins "${WORKDIR}"/system_filter.exim
- doins "${FILESDIR}"/auth_conf.sub
-
- pamd_mimic system-auth exim auth account
-
- # headers, #436406
- if use dlfunc ; then
- # fixup includes so they actually can be found when including
- sed -i \
- -e '/#include "\(config\|store\|mytypes\).h"/s:"\(.\+\)":<exim/\1>:' \
- local_scan.h || die
- insinto /usr/include/exim
- doins {config,local_scan}.h ../src/{mytypes,store}.h
- fi
-
- insinto /etc/logrotate.d
- newins "${FILESDIR}/exim.logrotate" exim
-
- newinitd "${FILESDIR}"/exim.rc9 exim
- newconfd "${FILESDIR}"/exim.confd exim
-
- systemd_dounit "${FILESDIR}"/{exim.service,exim.socket,exim-submission.socket}
- systemd_newunit "${FILESDIR}"/exim_at.service 'exim@.service'
- systemd_newunit "${FILESDIR}"/exim-submission_at.service 'exim-submission@.service'
-
- diropts -m 0750 -o ${MAILUSER} -g ${MAILGROUP}
- dodir /var/log/${PN}
-}
-
-pkg_postinst() {
- if [[ ! -f ${EROOT}etc/exim/exim.conf ]] ; then
- einfo "${EROOT}etc/exim/system_filter.exim is a sample system_filter."
- einfo "${EROOT}etc/exim/auth_conf.sub contains the configuration sub for using smtp auth."
- einfo "Please create ${EROOT}etc/exim/exim.conf from ${EROOT}etc/exim/exim.conf.dist."
- fi
- use dane && einfo "DANE support is experimental"
- if use dcc ; then
- einfo "DCC support is experimental, you can find some limited"
- einfo "documentation at the bottom of this prerelease message:"
- einfo "http://article.gmane.org/gmane.mail.exim.devel/3579"
- fi
- use spf && einfo "SPF support is experimental"
- use srs && einfo "SRS support is experimental"
- if use dmarc ; then
- einfo "DMARC support is experimental. See global settings to"
- einfo "configure DMARC, for usage see the documentation at "
- einfo "experimental-spec.txt."
- fi
- use tpda && einfo "TPDA/EVENT support is experimental"
- use proxy && einfo "proxy support is experimental"
- if use dsn ; then
- einfo "Starting from Exim 4.83, DSN support comes from upstream."
- einfo "DSN support is an experimental feature. If you used DSN"
- einfo "support prior to 4.83, make sure to remove all dsn_process"
- einfo "switches from your routers, see https://bugs.gentoo.org/511818"
- fi
- einfo "Exim maintains some db files under its spool directory that need"
- einfo "cleaning from time to time. (${EROOT}var/spool/exim/db)"
- einfo "Please use the exim_tidydb tool as documented in the Exim manual:"
- einfo "http://www.exim.org/exim-html-current/doc/html/spec_html/ch-exim_utilities.html#SECThindatmai"
- einfo "For CVE-2016-1531, Exim introduced keep_environment and"
- einfo "add_environment flags. You might want to set them, see:"
- einfo "https://lists.exim.org/lurker/message/20160302.191005.a72d8433.en.html"
-}
diff --git a/mail-mta/exim/files/exim-4.87-as-needed-ldflags.patch b/mail-mta/exim/files/exim-4.87-as-needed-ldflags.patch
deleted file mode 100644
index e438485..00000000
--- a/mail-mta/exim/files/exim-4.87-as-needed-ldflags.patch
+++ /dev/null
@@ -1,145 +0,0 @@
-https://bugs.gentoo.org/show_bug.cgi?id=352265
-
-Make sure LDFLAGS comes first, such that all libraries are considered,
-and not discarded when --as-needed is in effect.
-
-https://bugs.gentoo.org/show_bug.cgi?id=391279
-
-Use LDFLAGS for all targets, not just the exim binary, such that
---as-needed works as well.
-
-
---- OS/Makefile-Base
-+++ OS/Makefile-Base
-@@ -325,12 +325,12 @@
- buildrouters buildtransports \
- $(OBJ_EXIM) version.o
- @echo "$(LNCC) -o exim"
-- $(FE)$(PURIFY) $(LNCC) -o exim $(LFLAGS) $(OBJ_EXIM) version.o \
-+ $(FE)$(PURIFY) $(LNCC) -o exim $(LDFLAGS) $(OBJ_EXIM) version.o \
- routers/routers.a transports/transports.a lookups/lookups.a \
- auths/auths.a pdkim/pdkim.a \
- $(LIBRESOLV) $(LIBS) $(LIBS_EXIM) $(IPV6_LIBS) $(EXTRALIBS) \
- $(EXTRALIBS_EXIM) $(DBMLIB) $(LOOKUP_LIBS) $(AUTH_LIBS) \
-- $(PERL_LIBS) $(TLS_LIBS) $(PCRE_LIBS) $(LDFLAGS)
-+ $(PERL_LIBS) $(TLS_LIBS) $(PCRE_LIBS) $(LFLAGS)
- @if [ x"$(STRIP_COMMAND)" != x"" ]; then \
- echo $(STRIP_COMMAND) exim; \
- $(STRIP_COMMAND) exim; \
-@@ -346,8 +346,8 @@
-
- exim_dumpdb: $(OBJ_DUMPDB)
- @echo "$(LNCC) -o exim_dumpdb"
-- $(FE)$(LNCC) $(CFLAGS) $(INCLUDE) -o exim_dumpdb $(LFLAGS) $(OBJ_DUMPDB) \
-- $(LIBS) $(EXTRALIBS) $(DBMLIB)
-+ $(FE)$(LNCC) $(CFLAGS) $(INCLUDE) -o exim_dumpdb $(LDFLAGS) $(OBJ_DUMPDB) \
-+ $(LIBS) $(EXTRALIBS) $(DBMLIB) $(LFLAGS)
- @if [ x"$(STRIP_COMMAND)" != x"" ]; then \
- echo $(STRIP_COMMAND) exim_dumpdb; \
- $(STRIP_COMMAND) exim_dumpdb; \
-@@ -361,8 +361,8 @@
-
- exim_fixdb: $(OBJ_FIXDB) buildauths
- @echo "$(LNCC) -o exim_fixdb"
-- $(FE)$(LNCC) $(CFLAGS) $(INCLUDE) -o exim_fixdb $(LFLAGS) $(OBJ_FIXDB) \
-- auths/auths.a $(LIBS) $(EXTRALIBS) $(DBMLIB)
-+ $(FE)$(LNCC) $(CFLAGS) $(INCLUDE) -o exim_fixdb $(LDFLAGS) $(OBJ_FIXDB) \
-+ auths/auths.a $(LIBS) $(EXTRALIBS) $(DBMLIB) $(LFLAGS)
- @if [ x"$(STRIP_COMMAND)" != x"" ]; then \
- echo $(STRIP_COMMAND) exim_fixdb; \
- $(STRIP_COMMAND) exim_fixdb; \
-@@ -376,8 +376,8 @@
-
- exim_tidydb: $(OBJ_TIDYDB)
- @echo "$(LNCC) -o exim_tidydb"
-- $(FE)$(LNCC) $(CFLAGS) $(INCLUDE) -o exim_tidydb $(LFLAGS) $(OBJ_TIDYDB) \
-- $(LIBS) $(EXTRALIBS) $(DBMLIB)
-+ $(FE)$(LNCC) $(CFLAGS) $(INCLUDE) -o exim_tidydb $(LDFLAGS) $(OBJ_TIDYDB) \
-+ $(LIBS) $(EXTRALIBS) $(DBMLIB) $(LFLAGS)
- @if [ x"$(STRIP_COMMAND)" != x"" ]; then \
- echo $(STRIP_COMMAND) exim_tidydb; \
- $(STRIP_COMMAND) exim_tidydb; \
-@@ -389,8 +389,8 @@
-
- exim_dbmbuild: exim_dbmbuild.o
- @echo "$(LNCC) -o exim_dbmbuild"
-- $(FE)$(LNCC) -o exim_dbmbuild $(LFLAGS) exim_dbmbuild.o \
-- $(LIBS) $(EXTRALIBS) $(DBMLIB)
-+ $(FE)$(LNCC) -o exim_dbmbuild $(LDFLAGS) exim_dbmbuild.o \
-+ $(LIBS) $(EXTRALIBS) $(DBMLIB) $(LFLAGS)
- @if [ x"$(STRIP_COMMAND)" != x"" ]; then \
- echo $(STRIP_COMMAND) exim_dbmbuild; \
- $(STRIP_COMMAND) exim_dbmbuild; \
-@@ -404,8 +404,8 @@
- @echo "$(CC) exim_lock.c"
- $(FE)$(CC) -c $(CFLAGS) $(INCLUDE) exim_lock.c
- @echo "$(LNCC) -o exim_lock"
-- $(FE)$(LNCC) -o exim_lock $(LFLAGS) exim_lock.o \
-- $(LIBS) $(EXTRALIBS)
-+ $(FE)$(LNCC) -o exim_lock $(LDFLAGS) exim_lock.o \
-+ $(LIBS) $(EXTRALIBS) $(LFLAGS)
- @if [ x"$(STRIP_COMMAND)" != x"" ]; then \
- echo $(STRIP_COMMAND) exim_lock; \
- $(STRIP_COMMAND) exim_lock; \
-@@ -435,9 +435,9 @@
- $(FE)$(CC) -o em_version.o -c \
- $(CFLAGS) $(XINCLUDE) -I. ../exim_monitor/em_version.c
- @echo "$(LNCC) -o eximon.bin"
-- $(FE)$(PURIFY) $(LNCC) -o eximon.bin em_version.o $(LFLAGS) $(XLFLAGS) \
-+ $(FE)$(PURIFY) $(LNCC) -o eximon.bin em_version.o $(LDFLAGS) $(XLFLAGS) \
- $(OBJ_MONBIN) -lXaw -lXmu -lXt -lXext -lX11 $(PCRE_LIBS) \
-- $(LIBS) $(LIBS_EXIMON) $(EXTRALIBS) $(EXTRALIBS_EXIMON) -lc
-+ $(LIBS) $(LIBS_EXIMON) $(EXTRALIBS) $(EXTRALIBS_EXIMON) -lc $(LFLAGS)
- @if [ x"$(STRIP_COMMAND)" != x"" ]; then \
- echo $(STRIP_COMMAND) eximon.bin; \
- $(STRIP_COMMAND) eximon.bin; \
-@@ -745,9 +745,9 @@
- test_dbfn: config.h dbfn.c dummies.o sa-globals.o sa-os.o store.o \
- string.o tod.o version.o utf8.o
- $(CC) -c $(CFLAGS) $(INCLUDE) -DSTAND_ALONE dbfn.c
-- $(LNCC) -o test_dbfn $(LFLAGS) dbfn.o \
-+ $(LNCC) -o test_dbfn $(LDFLAGS) dbfn.o \
- dummies.o sa-globals.o sa-os.o store.o string.o \
-- tod.o version.o utf8.o $(LIBS) $(DBMLIB) $(LDFLAGS)
-+ tod.o version.o utf8.o $(LIBS) $(DBMLIB) $(LFLAGS)
- rm -f dbfn.o
-
- test_host: config.h child.c host.c dns.c dummies.c sa-globals.o os.o \
-@@ -756,29 +756,29 @@
- $(CC) -c $(CFLAGS) $(INCLUDE) -DSTAND_ALONE -DTEST_HOST host.c
- $(CC) -c $(CFLAGS) $(INCLUDE) -DSTAND_ALONE -DTEST_HOST dns.c
- $(CC) -c $(CFLAGS) $(INCLUDE) -DSTAND_ALONE -DTEST_HOST dummies.c
-- $(LNCC) -o test_host $(LFLAGS) \
-+ $(LNCC) -o test_host $(LDFLAGS) \
- host.o child.o dns.o dummies.o sa-globals.o os.o store.o string.o \
-- tod.o tree.o $(LIBS) $(LIBRESOLV)
-+ tod.o tree.o $(LIBS) $(LIBRESOLV) $(LFLAGS)
- rm -f child.o dummies.o host.o dns.o
-
- test_os: os.h os.c dummies.o sa-globals.o store.o string.o tod.o utf8.o
- $(CC) -c $(CFLAGS) $(INCLUDE) -DSTAND_ALONE os.c
-- $(LNCC) -o test_os $(LFLAGS) os.o dummies.o \
-- sa-globals.o store.o string.o tod.o utf8.o $(LIBS) $(LDFLAGS)
-+ $(LNCC) -o test_os $(LDFLAGS) os.o dummies.o \
-+ sa-globals.o store.o string.o tod.o utf8.o $(LIBS) $(LFLAGS)
- rm -f os.o
-
- test_parse: config.h parse.c dummies.o sa-globals.o \
- store.o string.o tod.o version.o utf8.o
- $(CC) -c $(CFLAGS) $(INCLUDE) -DSTAND_ALONE parse.c
-- $(LNCC) -o test_parse $(LFLAGS) parse.o \
-+ $(LNCC) -o test_parse $(LDFLAGS) parse.o \
- dummies.o sa-globals.o store.o string.o tod.o version.o \
-- utf8.o $(LDFLAGS)
-+ utf8.o $(LFLAGS)
- rm -f parse.o
-
- test_string: config.h string.c dummies.o sa-globals.o store.o tod.o utf8.o
- $(CC) -c $(CFLAGS) $(INCLUDE) -DSTAND_ALONE string.c
-- $(LNCC) -o test_string $(LFLAGS) -DSTAND_ALONE string.o \
-- dummies.o sa-globals.o store.o tod.o utf8.o $(LIBS) $(LDFLAGS)
-+ $(LNCC) -o test_string $(LDFLAGS) -DSTAND_ALONE string.o \
-+ dummies.o sa-globals.o store.o tod.o utf8.o $(LIBS) $(LFLAGS)
- rm -f string.o
-
- # End
^ permalink raw reply related [flat|nested] 24+ messages in thread
* [gentoo-commits] repo/gentoo:master commit in: mail-mta/exim/files/, mail-mta/exim/
@ 2017-02-12 7:51 Fabian Groffen
0 siblings, 0 replies; 24+ messages in thread
From: Fabian Groffen @ 2017-02-12 7:51 UTC (permalink / raw
To: gentoo-commits
commit: 8278ef6c1514eb7558e1ad23dced277a09c7fc51
Author: Fabian Groffen <grobian <AT> gentoo <DOT> org>
AuthorDate: Sun Feb 12 07:51:10 2017 +0000
Commit: Fabian Groffen <grobian <AT> gentoo <DOT> org>
CommitDate: Sun Feb 12 07:51:10 2017 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=8278ef6c
mail-mta/exim: version bump to Exim 4.89 RC4
Package-Manager: portage-2.3.3
mail-mta/exim/Manifest | 4 +-
.../{exim-4.89_rc3.ebuild => exim-4.89_rc4.ebuild} | 2 +-
.../exim/files/exim-4.89-as-needed-ldflags.patch | 145 +++++++++++++++++++++
3 files changed, 148 insertions(+), 3 deletions(-)
diff --git a/mail-mta/exim/Manifest b/mail-mta/exim/Manifest
index 9f87ece7ac..d778435d68 100644
--- a/mail-mta/exim/Manifest
+++ b/mail-mta/exim/Manifest
@@ -1,5 +1,5 @@
DIST exim-4.88.tar.bz2 1824610 SHA256 119d5fd7e31fc224e84dfa458fe182f200856bae7adf852a8287c242161f8a2d SHA512 ea094bf703628c201de119fc5f09539475e52158e935f8f2a9e4138c4a1bfe885017145c3cc5e22aa9087b195091955c69385ebf1ea0baec64ed5c1b8e3b1caf WHIRLPOOL d2d8c404217fcc5bbc7bc18500456f2709a099b0a31d4930343b836c35c62e3914fa1c686ea7d9ba5eea95f0caab13c3b76c1508eda74cb75dabb0d61472428e
-DIST exim-4.89_RC3.tar.bz2 1840554 SHA256 f9db70feb2dfd074c407cc2960b21e63d57575fdc262f618322e247803f260fc SHA512 442baad509c72a51c06573516de490a425a1edfd69906ee3c33b07511f5a0d70314cd6d7cf2041f5578e71258689ac97d695b9040203c3a7a562b636d399b5b7 WHIRLPOOL 34302284f9fd0d48457719c4e75f608c95fb7daf679cbe15fd02c543effc0f577b991774cd59b9e0e8b7b25d9f4b91befbea099bf16ae9865d95363dfefdaa28
+DIST exim-4.89_RC4.tar.bz2 1840364 SHA256 e9de49cd7b874f944f827adbe2981fd3ea8eb000461856e94f5b7c859dde3df1 SHA512 efe8bc08713c1b47e6aa8b0964aa7d48a3a7ddf0332afa2c44b4ee2863511340176d074808cce0e06d45266eb07f52ab7ad980ff57b455d53b0b7bd25259e326 WHIRLPOOL 806b540a30dce26e1bc8b5baf4ed6b0e0ccbc5aa9922339d2e5895a2641cce1e28345c1d9ed4250efd296a8f987164ba0957cef595b7c93c5a6714c2fbb6fd3d
DIST exim-pdf-4.88.tar.bz2 1922494 SHA256 33736fafb45c5922fcbc0def7626f46cb74927987b78943aa26949ef30789574 SHA512 8c4f580fa319c0285bcb49056ecd72b056cbbfa287a15a4d856965b4218469c85607ec7321ae0f2ba3be868f05a70a7fb8a77d5836a574417e6bffc64720bee5 WHIRLPOOL 7e3e65c58cc9a313d3440de6b79ed4f113ea265e39201aa2d36c091037c2b20718bd49f04e99f2aa029a20d238cd21178762e2ba6b470596309e83fb3ffc542b
-DIST exim-pdf-4.89_RC3.tar.bz2 1924260 SHA256 93a34399096e1272ee8e4dcb6e3ec5bd09a7b084b14876e97e7685d97fa2c4bf SHA512 2504d7b482348ab67f6d9572ed4118c88e90ed44729267c05b769e6ae65ae42f28cb8095822a1e0588d1bcaf8b070e3e641b8fd8098c37656aa01ea2637ed343 WHIRLPOOL cb87c9d56a9b2a9a869484fe537daf9ee3dadc3469e22da1bc8523f838a22e263187d9b3493485301f13f44fca046fd3dd71079726077767802bc7eabcf4b821
+DIST exim-pdf-4.89_RC4.tar.bz2 1924453 SHA256 4b98d52873541e6675b3e7f6e433080033b0b2e0dece41ad273afedb6a6e17c0 SHA512 4438f8aae4dbee8c3422bfae0798536f73bae90377d9d1113b2ff2e005671767e78a9a5b3ffa64b0f0c2fe176ad55e3d2ff6c682b543f1d1a3f6460b4759adf4 WHIRLPOOL d5522cb831a037b2f668a522142384ad2efd414d235aba57a8c868b2578cc53e47215445828bb07a3a2e7c3841034824f3a388fe65d1dfcdcb3bb795e8d462e8
DIST system_filter.exim.gz 3075 SHA256 3a3471b486a09e0a0153f7b520e1eaf26d21b97d73ea8348bdc593c00eb1e437 SHA512 cb358d3ce2499a0bb5920d962a06f2af8486e55ec90c8c928bd8e3aefb279aa57f5f960d5adfcef68bd94110b405eaa144e9629cfe6014a529c79c544600bbf3 WHIRLPOOL ce68d9c18b24eca3ef97ea810964cc1ada5f85b795a7c432ad39b5788188a16419101c92fb52b418738d760e1d658f7a41485e5561079a667d84d276c71be5a4
diff --git a/mail-mta/exim/exim-4.89_rc3.ebuild b/mail-mta/exim/exim-4.89_rc4.ebuild
similarity index 99%
rename from mail-mta/exim/exim-4.89_rc3.ebuild
rename to mail-mta/exim/exim-4.89_rc4.ebuild
index 5deb3a88e3..e9c27b4082 100644
--- a/mail-mta/exim/exim-4.89_rc3.ebuild
+++ b/mail-mta/exim/exim-4.89_rc4.ebuild
@@ -93,7 +93,7 @@ src_prepare() {
epatch "${FILESDIR}"/exim-4.69-r1.27021.patch
epatch "${FILESDIR}"/exim-4.74-radius-db-ENV-clash.patch # 287426
epatch "${FILESDIR}"/exim-4.82-makefile-freebsd.patch # 235785
- epatch "${FILESDIR}"/exim-4.88-as-needed-ldflags.patch # 352265, 391279
+ epatch "${FILESDIR}"/exim-4.89-as-needed-ldflags.patch # 352265, 391279
epatch "${FILESDIR}"/exim-4.76-crosscompile.patch # 266591
if use maildir ; then
diff --git a/mail-mta/exim/files/exim-4.89-as-needed-ldflags.patch b/mail-mta/exim/files/exim-4.89-as-needed-ldflags.patch
new file mode 100644
index 0000000000..49e430939f
--- /dev/null
+++ b/mail-mta/exim/files/exim-4.89-as-needed-ldflags.patch
@@ -0,0 +1,145 @@
+https://bugs.gentoo.org/show_bug.cgi?id=352265
+
+Make sure LDFLAGS comes first, such that all libraries are considered,
+and not discarded when --as-needed is in effect.
+
+https://bugs.gentoo.org/show_bug.cgi?id=391279
+
+Use LDFLAGS for all targets, not just the exim binary, such that
+--as-needed works as well.
+
+
+--- OS/Makefile-Base
++++ OS/Makefile-Base
+@@ -346,12 +346,12 @@
+ buildrouters buildtransports \
+ $(OBJ_EXIM) version.o
+ @echo "$(LNCC) -o exim"
+- $(FE)$(PURIFY) $(LNCC) -o exim $(LFLAGS) $(OBJ_EXIM) version.o \
++ $(FE)$(PURIFY) $(LNCC) -o exim $(LDFLAGS) $(OBJ_EXIM) version.o \
+ routers/routers.a transports/transports.a lookups/lookups.a \
+ auths/auths.a pdkim/pdkim.a \
+ $(LIBRESOLV) $(LIBS) $(LIBS_EXIM) $(IPV6_LIBS) $(EXTRALIBS) \
+ $(EXTRALIBS_EXIM) $(DBMLIB) $(LOOKUP_LIBS) $(AUTH_LIBS) \
+- $(PERL_LIBS) $(TLS_LIBS) $(PCRE_LIBS) $(LDFLAGS)
++ $(PERL_LIBS) $(TLS_LIBS) $(PCRE_LIBS) $(LFLAGS)
+ @if [ x"$(STRIP_COMMAND)" != x"" ]; then \
+ echo $(STRIP_COMMAND) exim; \
+ $(STRIP_COMMAND) exim; \
+@@ -367,8 +367,8 @@
+
+ exim_dumpdb: $(OBJ_DUMPDB)
+ @echo "$(LNCC) -o exim_dumpdb"
+- $(FE)$(LNCC) $(CFLAGS) $(INCLUDE) -o exim_dumpdb $(LFLAGS) $(OBJ_DUMPDB) \
+- $(LIBS) $(EXTRALIBS) $(DBMLIB)
++ $(FE)$(LNCC) $(CFLAGS) $(INCLUDE) -o exim_dumpdb $(LDFLAGS) $(OBJ_DUMPDB) \
++ $(LIBS) $(EXTRALIBS) $(DBMLIB) $(LFLAGS)
+ @if [ x"$(STRIP_COMMAND)" != x"" ]; then \
+ echo $(STRIP_COMMAND) exim_dumpdb; \
+ $(STRIP_COMMAND) exim_dumpdb; \
+@@ -382,8 +382,8 @@
+
+ exim_fixdb: $(OBJ_FIXDB) buildauths
+ @echo "$(LNCC) -o exim_fixdb"
+- $(FE)$(LNCC) $(CFLAGS) $(INCLUDE) -o exim_fixdb $(LFLAGS) $(OBJ_FIXDB) \
+- auths/auths.a $(LIBS) $(EXTRALIBS) $(DBMLIB)
++ $(FE)$(LNCC) $(CFLAGS) $(INCLUDE) -o exim_fixdb $(LDFLAGS) $(OBJ_FIXDB) \
++ auths/auths.a $(LIBS) $(EXTRALIBS) $(DBMLIB) $(LFLAGS)
+ @if [ x"$(STRIP_COMMAND)" != x"" ]; then \
+ echo $(STRIP_COMMAND) exim_fixdb; \
+ $(STRIP_COMMAND) exim_fixdb; \
+@@ -397,8 +397,8 @@
+
+ exim_tidydb: $(OBJ_TIDYDB)
+ @echo "$(LNCC) -o exim_tidydb"
+- $(FE)$(LNCC) $(CFLAGS) $(INCLUDE) -o exim_tidydb $(LFLAGS) $(OBJ_TIDYDB) \
+- $(LIBS) $(EXTRALIBS) $(DBMLIB)
++ $(FE)$(LNCC) $(CFLAGS) $(INCLUDE) -o exim_tidydb $(LDFLAGS) $(OBJ_TIDYDB) \
++ $(LIBS) $(EXTRALIBS) $(DBMLIB) $(LFLAGS)
+ @if [ x"$(STRIP_COMMAND)" != x"" ]; then \
+ echo $(STRIP_COMMAND) exim_tidydb; \
+ $(STRIP_COMMAND) exim_tidydb; \
+@@ -410,8 +410,8 @@
+
+ exim_dbmbuild: exim_dbmbuild.o
+ @echo "$(LNCC) -o exim_dbmbuild"
+- $(FE)$(LNCC) $(CFLAGS) $(INCLUDE) -o exim_dbmbuild $(LFLAGS) exim_dbmbuild.o \
+- $(LIBS) $(EXTRALIBS) $(DBMLIB)
++ $(FE)$(LNCC) $(CFLAGS) $(INCLUDE) -o exim_dbmbuild $(LDFLAGS) exim_dbmbuild.o \
++ $(LIBS) $(EXTRALIBS) $(DBMLIB) $(LFLAGS)
+ @if [ x"$(STRIP_COMMAND)" != x"" ]; then \
+ echo $(STRIP_COMMAND) exim_dbmbuild; \
+ $(STRIP_COMMAND) exim_dbmbuild; \
+@@ -425,8 +425,8 @@
+ @echo "$(CC) exim_lock.c"
+ $(FE)$(CC) -c $(CFLAGS) $(INCLUDE) exim_lock.c
+ @echo "$(LNCC) -o exim_lock"
+- $(FE)$(LNCC) -o exim_lock $(LFLAGS) exim_lock.o \
+- $(LIBS) $(EXTRALIBS)
++ $(FE)$(LNCC) -o exim_lock $(LDFLAGS) exim_lock.o \
++ $(LIBS) $(EXTRALIBS) $(LFLAGS)
+ @if [ x"$(STRIP_COMMAND)" != x"" ]; then \
+ echo $(STRIP_COMMAND) exim_lock; \
+ $(STRIP_COMMAND) exim_lock; \
+@@ -462,9 +462,9 @@
+ $(FE)$(CC) -o em_version.o -c \
+ $(CFLAGS) $(XINCLUDE) -I. ../exim_monitor/em_version.c
+ @echo "$(LNCC) -o eximon.bin"
+- $(FE)$(PURIFY) $(LNCC) -o eximon.bin em_version.o $(LFLAGS) $(XLFLAGS) \
++ $(FE)$(PURIFY) $(LNCC) -o eximon.bin em_version.o $(LDFLAGS) $(XLFLAGS) \
+ $(OBJ_MONBIN) -lXaw -lXmu -lXt -lXext -lX11 $(PCRE_LIBS) \
+- $(LIBS) $(LIBS_EXIMON) $(EXTRALIBS) $(EXTRALIBS_EXIMON) -lc
++ $(LIBS) $(LIBS_EXIMON) $(EXTRALIBS) $(EXTRALIBS_EXIMON) -lc $(LFLAGS)
+ @if [ x"$(STRIP_COMMAND)" != x"" ]; then \
+ echo $(STRIP_COMMAND) eximon.bin; \
+ $(STRIP_COMMAND) eximon.bin; \
+@@ -780,9 +780,9 @@
+ string.o tod.o version.o utf8.o
+ $(CC) -c $(CFLAGS) $(INCLUDE) -DSTAND_ALONE dbfn.c
+ $(CC) -c $(CFLAGS) $(INCLUDE) -DCOMPILE_UTILITY store.c
+- $(LNCC) -o test_dbfn $(LFLAGS) dbfn.o \
++ $(LNCC) -o test_dbfn $(LDFLAGS) dbfn.o \
+ dummies.o sa-globals.o sa-os.o store.o string.o \
+- tod.o version.o utf8.o $(LIBS) $(DBMLIB) $(LDFLAGS)
++ tod.o version.o utf8.o $(LIBS) $(DBMLIB) $(LFLAGS)
+ rm -f dbfn.o store.o
+
+ test_host: config.h child.c host.c dns.c dummies.c sa-globals.o os.o \
+@@ -790,29 +790,29 @@
+ $(CC) -c $(CFLAGS) $(INCLUDE) -DSTAND_ALONE -DTEST_HOST host.c
+ $(CC) -c $(CFLAGS) $(INCLUDE) -DSTAND_ALONE -DTEST_HOST dns.c
+ $(CC) -c $(CFLAGS) $(INCLUDE) -DSTAND_ALONE -DTEST_HOST dummies.c
+- $(LNCC) -o test_host $(LFLAGS) \
++ $(LNCC) -o test_host $(LDFLAGS) \
+ host.o child.o dns.o dummies.o sa-globals.o os.o store.o string.o \
+- tod.o tree.o $(LIBS) $(LIBRESOLV)
++ tod.o tree.o $(LIBS) $(LIBRESOLV) $(LFLAGS)
+ rm -f child.o dummies.o host.o dns.o
+
+ test_os: os.h os.c dummies.o sa-globals.o store.o string.o tod.o utf8.o
+ $(CC) -c $(CFLAGS) $(INCLUDE) -DSTAND_ALONE os.c
+- $(LNCC) -o test_os $(LFLAGS) os.o dummies.o \
+- sa-globals.o store.o string.o tod.o utf8.o $(LIBS) $(LDFLAGS)
++ $(LNCC) -o test_os $(LDFLAGS) os.o dummies.o \
++ sa-globals.o store.o string.o tod.o utf8.o $(LIBS) $(LFLAGS)
+ rm -f os.o
+
+ test_parse: config.h parse.c dummies.o sa-globals.o \
+ store.o string.o tod.o version.o utf8.o
+ $(CC) -c $(CFLAGS) $(INCLUDE) -DSTAND_ALONE parse.c
+- $(LNCC) -o test_parse $(LFLAGS) parse.o \
++ $(LNCC) -o test_parse $(LDFLAGS) parse.o \
+ dummies.o sa-globals.o store.o string.o tod.o version.o \
+- utf8.o $(LDFLAGS)
++ utf8.o $(LFLAGS)
+ rm -f parse.o
+
+ test_string: config.h string.c dummies.o sa-globals.o store.o tod.o utf8.o
+ $(CC) -c $(CFLAGS) $(INCLUDE) -DSTAND_ALONE string.c
+- $(LNCC) -o test_string $(LFLAGS) -DSTAND_ALONE string.o \
+- dummies.o sa-globals.o store.o tod.o utf8.o $(LIBS) $(LDFLAGS)
++ $(LNCC) -o test_string $(LDFLAGS) -DSTAND_ALONE string.o \
++ dummies.o sa-globals.o store.o tod.o utf8.o $(LIBS) $(LFLAGS)
+ rm -f string.o
+
+ # End
^ permalink raw reply related [flat|nested] 24+ messages in thread
* [gentoo-commits] repo/gentoo:master commit in: mail-mta/exim/files/, mail-mta/exim/
@ 2017-11-26 13:40 Fabian Groffen
0 siblings, 0 replies; 24+ messages in thread
From: Fabian Groffen @ 2017-11-26 13:40 UTC (permalink / raw
To: gentoo-commits
commit: 1b23d30e4db6a6e345bca3fb0a47321598aab306
Author: Fabian Groffen <grobian <AT> gentoo <DOT> org>
AuthorDate: Sun Nov 26 13:40:28 2017 +0000
Commit: Fabian Groffen <grobian <AT> gentoo <DOT> org>
CommitDate: Sun Nov 26 13:40:28 2017 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=1b23d30e
mail-mta/exim: add patch for CVE-2017-16943, bug #638772
Bug: https://bugs.gentoo.org/638772
Package-Manager: Portage-2.3.13, Repoman-2.3.3
mail-mta/exim/Manifest | 6 +-
mail-mta/exim/exim-4.89-r4.ebuild | 531 +++++++++++++++++++++
mail-mta/exim/files/exim-4.89-CVE-2017-16943.patch | 40 ++
3 files changed, 574 insertions(+), 3 deletions(-)
diff --git a/mail-mta/exim/Manifest b/mail-mta/exim/Manifest
index bfccbae830e..7a9008eda45 100644
--- a/mail-mta/exim/Manifest
+++ b/mail-mta/exim/Manifest
@@ -1,3 +1,3 @@
-DIST exim-4.89.tar.bz2 1844430 SHA256 912f2ee03c8dba06a3a4c0ee40522d367e1b65dc59e38dfcc1f5d9eecff51ab0 SHA512 1e059966a93b47f055ab4ec2a4556f2c918aff56ea0367585f3a853f00411e9c275e13be4f9ae615a468fa06263135cd6a138fa1753f1b7fb3259a3321fcca65 WHIRLPOOL d0b30cde5cf2dbe278d393eae70e40a3861a153a2411f98f73a7ae43881032cc3e0f15163b09e17d61c09e673c2e766371c80533908af3460f483a5c18dff80f
-DIST exim-pdf-4.89.tar.bz2 1924606 SHA256 17d70ef5b2814f725633efcf339bcb49ac9564ecd648e0e3d010b5e43d6c167d SHA512 b04ea2e4dcdb1aaf52ef77ccd76e6599c68c4c6e5a98090720dbd3c50f7191bf3f6cd7dc2089a765c47576311780809cff547f85f004caec411d0f1ac9985299 WHIRLPOOL 4ab5bc7bdbbfc998ae7ee63f19449d051a1d7183f9b70297db100f44b82df2cca0853c309ddfccafee2d44cd1228258e06628ed82dab76de851bec856321c58f
-DIST system_filter.exim.gz 3075 SHA256 3a3471b486a09e0a0153f7b520e1eaf26d21b97d73ea8348bdc593c00eb1e437 SHA512 cb358d3ce2499a0bb5920d962a06f2af8486e55ec90c8c928bd8e3aefb279aa57f5f960d5adfcef68bd94110b405eaa144e9629cfe6014a529c79c544600bbf3 WHIRLPOOL ce68d9c18b24eca3ef97ea810964cc1ada5f85b795a7c432ad39b5788188a16419101c92fb52b418738d760e1d658f7a41485e5561079a667d84d276c71be5a4
+DIST exim-4.89.tar.bz2 1844430 BLAKE2B 255bb3f27a264d92bf4664cf1278beabffa888006dfc0b31cde8a04d62501b0fe282db5b959bd303e2a818322716548c97264842130b8d5c3b9075615f668ca7 SHA512 1e059966a93b47f055ab4ec2a4556f2c918aff56ea0367585f3a853f00411e9c275e13be4f9ae615a468fa06263135cd6a138fa1753f1b7fb3259a3321fcca65
+DIST exim-pdf-4.89.tar.bz2 1924606 BLAKE2B f03182d51f4cc5b71cb65c2e0bcf74142f8110b6bfbd5b0fc05e321b692ebde5dbc84c4562a39ee85065f4d2db0654e6a189c826bfdea19051f56969d4ca74e2 SHA512 b04ea2e4dcdb1aaf52ef77ccd76e6599c68c4c6e5a98090720dbd3c50f7191bf3f6cd7dc2089a765c47576311780809cff547f85f004caec411d0f1ac9985299
+DIST system_filter.exim.gz 3075 BLAKE2B d05e872b5cef377d29126cda03fc0a74c8777b2119b76ff43da6e8de808035eb9bfcb034a85d81824f135d484e864bfc0629fc1af2c228a7277d5ee7cf9cde79 SHA512 cb358d3ce2499a0bb5920d962a06f2af8486e55ec90c8c928bd8e3aefb279aa57f5f960d5adfcef68bd94110b405eaa144e9629cfe6014a529c79c544600bbf3
diff --git a/mail-mta/exim/exim-4.89-r4.ebuild b/mail-mta/exim/exim-4.89-r4.ebuild
new file mode 100644
index 00000000000..14b6181d4cb
--- /dev/null
+++ b/mail-mta/exim/exim-4.89-r4.ebuild
@@ -0,0 +1,531 @@
+# Copyright 1999-2017 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI="6"
+
+inherit eutils toolchain-funcs multilib pam systemd
+
+IUSE="dane dcc +dkim dlfunc dmarc +dnsdb doc dovecot-sasl dsn exiscan-acl gnutls ipv6 ldap libressl lmtp maildir mbx mysql nis pam perl pkcs11 postgres +prdr proxy radius redis sasl selinux spf sqlite srs ssl syslog tcpd tpda X elibc_glibc"
+REQUIRED_USE="
+ dane? ( !gnutls )
+ dmarc? ( spf dkim )
+ pkcs11? ( gnutls )
+ spf? ( exiscan-acl )
+ srs? ( exiscan-acl )
+"
+
+COMM_URI="ftp://ftp.exim.org/pub/exim/exim4$([[ ${PV} == *_rc* ]] && echo /test)"
+
+DESCRIPTION="A highly configurable, drop-in replacement for sendmail"
+SRC_URI="${COMM_URI}/${P//rc/RC}.tar.bz2
+ mirror://gentoo/system_filter.exim.gz
+ doc? ( ${COMM_URI}/${PN}-pdf-${PV//rc/RC}.tar.bz2 )"
+HOMEPAGE="http://www.exim.org/"
+
+SLOT="0"
+LICENSE="GPL-2"
+KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~ppc ~ppc64 ~sparc ~x86 ~x86-fbsd ~x86-solaris"
+
+COMMON_DEPEND=">=sys-apps/sed-4.0.5
+ >=sys-libs/db-3.2:=
+ dev-libs/libpcre
+ perl? ( dev-lang/perl:= )
+ pam? ( virtual/pam )
+ tcpd? ( sys-apps/tcp-wrappers )
+ ssl? (
+ !libressl? ( dev-libs/openssl:0= )
+ libressl? ( dev-libs/libressl:= )
+ )
+ gnutls? ( net-libs/gnutls[pkcs11?]
+ dev-libs/libtasn1 )
+ ldap? ( >=net-nds/openldap-2.0.7 )
+ nis? ( elibc_glibc? ( || (
+ <sys-libs/glibc-2.23
+ >=sys-libs/glibc-2.23[rpc]
+ ) ) )
+ mysql? ( virtual/libmysqlclient )
+ postgres? ( dev-db/postgresql:= )
+ sasl? ( >=dev-libs/cyrus-sasl-2.1.26-r2 )
+ redis? ( dev-libs/hiredis )
+ spf? ( >=mail-filter/libspf2-1.2.5-r1 )
+ dmarc? ( mail-filter/opendmarc )
+ srs? ( mail-filter/libsrs_alt )
+ X? ( x11-proto/xproto
+ x11-libs/libX11
+ x11-libs/libXmu
+ x11-libs/libXt
+ x11-libs/libXaw
+ )
+ sqlite? ( dev-db/sqlite )
+ radius? ( net-dialup/freeradius-client )
+ virtual/libiconv
+ "
+ # added X check for #57206
+DEPEND="${COMMON_DEPEND}
+ virtual/pkgconfig"
+RDEPEND="${COMMON_DEPEND}
+ !mail-mta/courier
+ !mail-mta/esmtp
+ !mail-mta/mini-qmail
+ !<mail-mta/msmtp-1.4.19-r1
+ !>=mail-mta/msmtp-1.4.19-r1[mta]
+ !mail-mta/netqmail
+ !mail-mta/nullmailer
+ !mail-mta/postfix
+ !mail-mta/qmail-ldap
+ !mail-mta/sendmail
+ !mail-mta/opensmtpd
+ !<mail-mta/ssmtp-2.64-r2
+ !>=mail-mta/ssmtp-2.64-r2[mta]
+ !net-mail/mailwrapper
+ >=net-mail/mailbase-0.00-r5
+ virtual/logger
+ dcc? ( mail-filter/dcc )
+ selinux? ( sec-policy/selinux-exim )
+ "
+
+S=${WORKDIR}/${P//rc/RC}
+
+src_prepare() {
+ epatch "${FILESDIR}"/exim-4.14-tail.patch
+ epatch "${FILESDIR}"/exim-4.74-localscan_dlopen.patch
+ epatch "${FILESDIR}"/exim-4.69-r1.27021.patch
+ epatch "${FILESDIR}"/exim-4.74-radius-db-ENV-clash.patch # 287426
+ epatch "${FILESDIR}"/exim-4.82-makefile-freebsd.patch # 235785
+ epatch "${FILESDIR}"/exim-4.89-as-needed-ldflags.patch # 352265, 391279
+ epatch "${FILESDIR}"/exim-4.76-crosscompile.patch # 266591
+ epatch "${FILESDIR}"/exim-4.89-CVE-2017-1000369.patch # 622212
+ epatch "${FILESDIR}"/${P}-transport-crash.patch # from git/in next release
+ epatch "${FILESDIR}"/${P}-address-expando-crash.patch # from git/in next release
+ epatch "${FILESDIR}"/${P}-CVE-2017-16943.patch # from git/in next release
+
+ if use maildir ; then
+ epatch "${FILESDIR}"/exim-4.20-maildir.patch
+ else
+ epatch "${FILESDIR}"/exim-4.80-spool-mail-group.patch # 438606
+ fi
+
+ eapply_user
+
+ # user Exim believes it should be
+ MAILUSER=mail
+ MAILGROUP=mail
+ if use prefix && [[ ${EUID} != 0 ]] ; then
+ MAILUSER=$(id -un)
+ MAILGROUP=$(id -gn)
+ fi
+}
+
+src_configure() {
+ # general config and paths
+
+ sed -i.orig \
+ -e "/SYSTEM_ALIASES_FILE/s'SYSTEM_ALIASES_FILE'${EPREFIX}/etc/mail/aliases'" \
+ "${S}"/src/configure.default || die
+
+ sed -i -e 's/^buildname=.*/buildname=exim-gentoo/g' Makefile || die
+
+ sed -e "48i\CFLAGS=${CFLAGS}" \
+ -e "s:BIN_DIRECTORY=/usr/exim/bin:BIN_DIRECTORY=${EPREFIX}/usr/sbin:" \
+ -e "s:EXIM_USER=:EXIM_USER=${MAILUSER}:" \
+ -e "s:CONFIGURE_FILE=/usr/exim/configure:CONFIGURE_FILE=${EPREFIX}/etc/exim/exim.conf:" \
+ -e "s:ZCAT_COMMAND=.*$:ZCAT_COMMAND=${EPREFIX}/bin/zcat:" \
+ -e "s:COMPRESS_COMMAND=.*$:COMPRESS_COMMAND=${EPREFIX}/bin/gzip:" \
+ src/EDITME > Local/Makefile
+
+ if use elibc_musl; then
+ sed -e 's/^LIBS = -lnsl/LIBS =/g' \
+ -i OS/Makefile-Linux
+ fi
+
+ cd Local
+
+ cat >> Makefile <<- EOC
+ INFO_DIRECTORY=${EPREFIX}/usr/share/info
+ PID_FILE_PATH=${EPREFIX}/run/exim.pid
+ SPOOL_DIRECTORY=${EPREFIX}/var/spool/exim
+ HAVE_ICONV=yes
+ EOC
+
+ # if we use libiconv, now is the time to tell so
+ use !elibc_glibc && use !elibc_musl && echo "EXTRALIBS_EXIM=-liconv" >> Makefile
+
+ # support for IPv6
+ if use ipv6; then
+ cat >> Makefile <<- EOC
+ HAVE_IPV6=YES
+ EOC
+ fi
+
+ #
+ # mail storage formats
+
+ # mailstore is Exim's traditional storage format
+ cat >> Makefile <<- EOC
+ SUPPORT_MAILSTORE=yes
+ EOC
+
+ # mbox
+ if use mbx; then
+ cat >> Makefile <<- EOC
+ SUPPORT_MBX=yes
+ EOC
+ fi
+
+ # maildir
+ if use maildir; then
+ cat >> Makefile <<- EOC
+ SUPPORT_MAILDIR=yes
+ EOC
+ fi
+
+ #
+ # lookup methods
+
+ # use the "native" interfaces to the DBM and CDB libraries, support
+ # passwd and directory lookups by default
+ cat >> Makefile <<- EOC
+ USE_DB=yes
+ DBMLIB=-ldb
+ LOOKUP_CDB=yes
+ LOOKUP_PASSWD=yes
+ LOOKUP_DSEARCH=yes
+ EOC
+
+ if ! use dnsdb; then
+ # DNSDB lookup is enabled by default
+ sed -i "s:^LOOKUP_DNSDB=yes:# LOOKUP_DNSDB=yes:" Makefile
+ fi
+
+ if use ldap; then
+ cat >> Makefile <<- EOC
+ LOOKUP_LDAP=yes
+ LDAP_LIB_TYPE=OPENLDAP2
+ LOOKUP_INCLUDE += -I"${EROOT}"usr/include/ldap
+ LOOKUP_LIBS += -lldap -llber
+ EOC
+ fi
+
+ if use mysql; then
+ cat >> Makefile <<- EOC
+ LOOKUP_MYSQL=yes
+ LOOKUP_INCLUDE += $(mysql_config --include)
+ LOOKUP_LIBS += $(mysql_config --libs)
+ EOC
+ fi
+
+ if use nis; then
+ cat >> Makefile <<- EOC
+ LOOKUP_NIS=yes
+ LOOKUP_NISPLUS=yes
+ EOC
+ fi
+
+ if use postgres; then
+ cat >> Makefile <<- EOC
+ LOOKUP_PGSQL=yes
+ LOOKUP_INCLUDE += -I$(pg_config --includedir)
+ LOOKUP_LIBS += -L$(pg_config --libdir) -lpq
+ EOC
+ fi
+
+ if use sqlite; then
+ cat >> Makefile <<- EOC
+ LOOKUP_SQLITE=yes
+ LOOKUP_SQLITE_PC=sqlite3
+ EOC
+ fi
+
+ if use redis; then
+ cat >> Makefile <<- EOC
+ LOOKUP_REDIS=yes
+ LOOKUP_LIBS += -lhiredis
+ EOC
+ fi
+
+ #
+ # Exim monitor, enabled by default, controlled via X USE-flag,
+ # disable if not requested, bug #46778
+ if use X; then
+ cp ../exim_monitor/EDITME eximon.conf || die
+ else
+ sed -i -e '/^EXIM_MONITOR=/s/^/# /' Makefile
+ fi
+
+ #
+ # features
+
+ # content scanning support
+ if use exiscan-acl; then
+ cat >> Makefile <<- EOC
+ WITH_CONTENT_SCAN=yes
+ WITH_OLD_DEMIME=yes
+ EOC
+ fi
+
+ # DomainKeys Identified Mail, RFC4871
+ if ! use dkim; then
+ # DKIM is enabled by default
+ cat >> Makefile <<- EOC
+ DISABLE_DKIM=yes
+ EOC
+ fi
+
+ # Per-Recipient-Data-Response
+ if ! use prdr; then
+ # PRDR is enabled by default
+ cat >> Makefile <<- EOC
+ DISABLE_PRDR=yes
+ EOC
+ fi
+
+ # log to syslog
+ if use syslog; then
+ sed -i "s:LOG_FILE_PATH=/var/log/exim/exim_%s.log:LOG_FILE_PATH=syslog:" Makefile
+ cat >> Makefile <<- EOC
+ LOG_FILE_PATH=syslog
+ EOC
+ else
+ cat >> Makefile <<- EOC
+ LOG_FILE_PATH=${EPREFIX}/var/log/exim/exim_%s.log
+ EOC
+ fi
+
+ # starttls support (ssl)
+ if use ssl; then
+ echo "SUPPORT_TLS=yes" >> Makefile
+ if use gnutls; then
+ echo "USE_GNUTLS=yes" >> Makefile
+ echo "USE_GNUTLS_PC=gnutls" >> Makefile
+ use pkcs11 || echo "AVOID_GNUTLS_PKCS11=yes" >> Makefile
+ else
+ echo "USE_OPENSSL_PC=openssl" >> Makefile
+ fi
+ fi
+
+ # TCP wrappers
+ if use tcpd; then
+ cat >> Makefile <<- EOC
+ USE_TCP_WRAPPERS=yes
+ EXTRALIBS_EXIM += -lwrap
+ EOC
+ fi
+
+ # Light Mail Transport Protocol
+ if use lmtp; then
+ cat >> Makefile <<- EOC
+ TRANSPORT_LMTP=yes
+ EOC
+ fi
+
+ # embedded Perl
+ if use perl; then
+ cat >> Makefile <<- EOC
+ EXIM_PERL=perl.o
+ EOC
+ fi
+
+ # dlfunc
+ if use dlfunc; then
+ cat >> Makefile <<- EOC
+ EXPAND_DLFUNC=yes
+ EOC
+ fi
+
+ # Proxy Protocol
+ if use proxy; then
+ cat >> Makefile <<- EOC
+ SUPPORT_PROXY=yes
+ EOC
+ fi
+
+ #
+ # experimental features
+
+ # DANE
+ if use dane; then
+ cat >> Makefile <<- EOC
+ EXPERIMENTAL_DANE=yes
+ EOC
+ fi
+
+ # Distributed Checksum Clearinghouse
+ if use dcc; then
+ echo "EXPERIMENTAL_DCC=yes">> Makefile
+ fi
+
+ # Sender Policy Framework
+ if use spf; then
+ cat >> Makefile <<- EOC
+ EXPERIMENTAL_SPF=yes
+ EXTRALIBS_EXIM += -lspf2
+ EOC
+ fi
+
+ # Sender Rewriting Scheme
+ if use srs; then
+ cat >> Makefile <<- EOC
+ EXPERIMENTAL_SRS=yes
+ EXTRALIBS_EXIM += -lsrs_alt
+ EOC
+ fi
+
+ # DMARC
+ if use dmarc; then
+ cat >> Makefile <<- EOC
+ EXPERIMENTAL_DMARC=yes
+ EXTRALIBS_EXIM += -lopendmarc
+ EOC
+ fi
+
+ # Transport post-delivery actions
+ if use tpda; then
+ cat >> Makefile <<- EOC
+ EXPERIMENTAL_EVENT=yes
+ EOC
+ fi
+
+ # Delivery Sender Notifications
+ if use dsn; then
+ cat >> Makefile <<- EOC
+ EXPERIMENTAL_DSN=yes
+ EOC
+ fi
+
+ #
+ # authentication (SMTP AUTH)
+
+ # standard bits
+ cat >> Makefile <<- EOC
+ AUTH_SPA=yes
+ AUTH_CRAM_MD5=yes
+ AUTH_PLAINTEXT=yes
+ EOC
+
+ # Cyrus SASL
+ if use sasl; then
+ cat >> Makefile <<- EOC
+ CYRUS_SASLAUTHD_SOCKET=${EPREFIX}/run/saslauthd/mux
+ AUTH_CYRUS_SASL=yes
+ AUTH_LIBS += -lsasl2
+ EOC
+ fi
+
+ # Dovecot
+ if use dovecot-sasl; then
+ cat >> Makefile <<- EOC
+ AUTH_DOVECOT=yes
+ EOC
+ fi
+
+ # Pluggable Authentication Modules
+ if use pam; then
+ cat >> Makefile <<- EOC
+ SUPPORT_PAM=yes
+ AUTH_LIBS += -lpam
+ EOC
+ fi
+
+ # Radius
+ if use radius; then
+ cat >> Makefile <<- EOC
+ RADIUS_CONFIG_FILE=${EPREFIX}/etc/radiusclient/radiusclient.conf
+ RADIUS_LIB_TYPE=RADIUSCLIENTNEW
+ AUTH_LIBS += -lfreeradius-client
+ EOC
+ fi
+}
+
+src_compile() {
+ emake CC="$(tc-getCC)" HOSTCC="$(tc-getCC $CBUILD)" \
+ AR="$(tc-getAR) cq" RANLIB="$(tc-getRANLIB)" FULLECHO='' \
+ || die "make failed"
+}
+
+src_install () {
+ cd "${S}"/build-exim-gentoo || die
+ dosbin exim
+ if use X; then
+ dosbin eximon.bin
+ dosbin eximon
+ fi
+ fperms 4755 /usr/sbin/exim
+
+ dosym exim /usr/sbin/sendmail
+ dosym exim /usr/sbin/rsmtp
+ dosym exim /usr/sbin/rmail
+ dosym ../sbin/exim /usr/bin/mailq
+ dosym ../sbin/exim /usr/bin/newaliases
+ dosym ../sbin/sendmail /usr/lib/sendmail
+
+ for i in exicyclog exim_dbmbuild exim_dumpdb exim_fixdb exim_lock \
+ exim_tidydb exinext exiwhat exigrep eximstats exiqsumm exiqgrep \
+ convert4r3 convert4r4 exipick
+ do
+ dosbin $i
+ done
+
+ dodoc "${S}"/doc/*
+ doman "${S}"/doc/exim.8
+ use dsn && dodoc "${S}"/README.DSN
+ use doc && dodoc "${WORKDIR}"/${PN}-pdf-${PV//rc/RC}/doc/*.pdf
+
+ # conf files
+ insinto /etc/exim
+ newins "${S}"/src/configure.default exim.conf.dist
+ if use exiscan-acl; then
+ newins "${S}"/src/configure.default exim.conf.exiscan-acl
+ fi
+ doins "${WORKDIR}"/system_filter.exim
+ doins "${FILESDIR}"/auth_conf.sub
+
+ pamd_mimic system-auth exim auth account
+
+ # headers, #436406
+ if use dlfunc ; then
+ # fixup includes so they actually can be found when including
+ sed -i \
+ -e '/#include "\(config\|store\|mytypes\).h"/s:"\(.\+\)":<exim/\1>:' \
+ local_scan.h || die
+ insinto /usr/include/exim
+ doins {config,local_scan}.h ../src/{mytypes,store}.h
+ fi
+
+ insinto /etc/logrotate.d
+ newins "${FILESDIR}/exim.logrotate" exim
+
+ newinitd "${FILESDIR}"/exim.rc10 exim
+ newconfd "${FILESDIR}"/exim.confd exim
+
+ systemd_dounit "${FILESDIR}"/{exim.service,exim.socket,exim-submission.socket}
+ systemd_newunit "${FILESDIR}"/exim_at.service 'exim@.service'
+ systemd_newunit "${FILESDIR}"/exim-submission_at.service 'exim-submission@.service'
+
+ diropts -m 0750 -o ${MAILUSER} -g ${MAILGROUP}
+ dodir /var/log/${PN}
+}
+
+pkg_postinst() {
+ if [[ ! -f ${EROOT}etc/exim/exim.conf ]] ; then
+ einfo "${EROOT}etc/exim/system_filter.exim is a sample system_filter."
+ einfo "${EROOT}etc/exim/auth_conf.sub contains the configuration sub for using smtp auth."
+ einfo "Please create ${EROOT}etc/exim/exim.conf from ${EROOT}etc/exim/exim.conf.dist."
+ fi
+ use dane && einfo "DANE support is experimental"
+ if use dcc ; then
+ einfo "DCC support is experimental, you can find some limited"
+ einfo "documentation at the bottom of this prerelease message:"
+ einfo "http://article.gmane.org/gmane.mail.exim.devel/3579"
+ fi
+ use spf && einfo "SPF support is experimental"
+ use srs && einfo "SRS support is experimental"
+ if use dmarc ; then
+ einfo "DMARC support is experimental. See global settings to"
+ einfo "configure DMARC, for usage see the documentation at "
+ einfo "experimental-spec.txt."
+ fi
+ use tpda && einfo "TPDA/EVENT support is experimental"
+ use dsn && einfo "DSN support is experimental"
+ elog "The obsolete acl condition 'demime' is removed, the replacements"
+ elog "are the ACLs acl_smtp_mime and acl_not_smtp_mime"
+}
diff --git a/mail-mta/exim/files/exim-4.89-CVE-2017-16943.patch b/mail-mta/exim/files/exim-4.89-CVE-2017-16943.patch
new file mode 100644
index 00000000000..b864ffa5ad1
--- /dev/null
+++ b/mail-mta/exim/files/exim-4.89-CVE-2017-16943.patch
@@ -0,0 +1,40 @@
+From 4e6ae6235c68de243b1c2419027472d7659aa2b4 Mon Sep 17 00:00:00 2001
+From: Jeremy Harris <jgh146exb@wizmail.org>
+Date: Fri, 24 Nov 2017 20:22:33 +0000
+Subject: [PATCH] Avoid release of store if there have been later allocations.
+ Bug 2199
+
+---
+ src/src/receive.c | 7 ++++---
+ 1 file changed, 4 insertions(+), 3 deletions(-)
+
+diff --git a/src/src/receive.c b/src/src/receive.c
+index e7e518a..d9b5001 100644
+--- a/src/src/receive.c
++++ b/src/src/receive.c
+@@ -1810,8 +1810,8 @@ for (;;)
+ (and sometimes lunatic messages can have ones that are 100s of K long) we
+ call store_release() for strings that have been copied - if the string is at
+ the start of a block (and therefore the only thing in it, because we aren't
+- doing any other gets), the block gets freed. We can only do this because we
+- know there are no other calls to store_get() going on. */
++ doing any other gets), the block gets freed. We can only do this release if
++ there were no allocations since the once that we want to free. */
+
+ if (ptr >= header_size - 4)
+ {
+@@ -1820,9 +1820,10 @@ for (;;)
+ header_size *= 2;
+ if (!store_extend(next->text, oldsize, header_size))
+ {
++ BOOL release_ok = store_last_get[store_pool] == next->text;
+ uschar *newtext = store_get(header_size);
+ memcpy(newtext, next->text, ptr);
+- store_release(next->text);
++ if (release_ok) store_release(next->text);
+ next->text = newtext;
+ }
+ }
+--
+1.9.1
+
^ permalink raw reply related [flat|nested] 24+ messages in thread
* [gentoo-commits] repo/gentoo:master commit in: mail-mta/exim/files/, mail-mta/exim/
@ 2017-11-29 8:50 Fabian Groffen
0 siblings, 0 replies; 24+ messages in thread
From: Fabian Groffen @ 2017-11-29 8:50 UTC (permalink / raw
To: gentoo-commits
commit: e7434ec7eeb4b4be5cd53cebba9576f940b076e9
Author: Fabian Groffen <grobian <AT> gentoo <DOT> org>
AuthorDate: Wed Nov 29 08:50:07 2017 +0000
Commit: Fabian Groffen <grobian <AT> gentoo <DOT> org>
CommitDate: Wed Nov 29 08:50:07 2017 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=e7434ec7
mail-mta/exim: add patch for CVE-2017-16944, bug #638772
Original patch is slightly adjusted to the 4.98 codebase in order to
apply.
Bug: https://bugs.gentoo.org/638772
Package-Manager: Portage-2.3.13, Repoman-2.3.3
.../{exim-4.89-r4.ebuild => exim-4.89-r5.ebuild} | 1 +
mail-mta/exim/files/exim-4.89-CVE-2017-16944.patch | 57 ++++++++++++++++++++++
2 files changed, 58 insertions(+)
diff --git a/mail-mta/exim/exim-4.89-r4.ebuild b/mail-mta/exim/exim-4.89-r5.ebuild
similarity index 99%
rename from mail-mta/exim/exim-4.89-r4.ebuild
rename to mail-mta/exim/exim-4.89-r5.ebuild
index 14b6181d4cb..c6da0e48afc 100644
--- a/mail-mta/exim/exim-4.89-r4.ebuild
+++ b/mail-mta/exim/exim-4.89-r5.ebuild
@@ -98,6 +98,7 @@ src_prepare() {
epatch "${FILESDIR}"/${P}-transport-crash.patch # from git/in next release
epatch "${FILESDIR}"/${P}-address-expando-crash.patch # from git/in next release
epatch "${FILESDIR}"/${P}-CVE-2017-16943.patch # from git/in next release
+ epatch "${FILESDIR}"/${P}-CVE-2017-16944.patch # from git/in next release
if use maildir ; then
epatch "${FILESDIR}"/exim-4.20-maildir.patch
diff --git a/mail-mta/exim/files/exim-4.89-CVE-2017-16944.patch b/mail-mta/exim/files/exim-4.89-CVE-2017-16944.patch
new file mode 100644
index 00000000000..285a6170aa8
--- /dev/null
+++ b/mail-mta/exim/files/exim-4.89-CVE-2017-16944.patch
@@ -0,0 +1,57 @@
+From 178ecb70987f024f0e775d87c2f8b2cf587dd542 Mon Sep 17 00:00:00 2001
+From: "Heiko Schlittermann (HS12-RIPE)" <hs@schlittermann.de>
+Date: Mon, 27 Nov 2017 22:42:33 +0100
+Subject: [PATCH] Chunking: do not treat the first lonely dot special.
+ CVE-2017-16944, Bug 2201
+
+Modified to apply on 4.89-gentoo
+
+---
+ src/src/receive.c | 2 +-
+ src/src/smtp_in.c | 7 +++++++
+ 2 files changed, 8 insertions(+), 1 deletion(-)
+
+diff --git a/src/src/receive.c b/src/src/receive.c
+index 541eba1..417e975 100644
+--- a/src/src/receive.c
++++ b/src/src/receive.c
+@@ -1865,7 +1865,7 @@ for (;;)
+ prevent further reading), and break out of the loop, having freed the
+ empty header, and set next = NULL to indicate no data line. */
+
+- if (ptr == 0 && ch == '.' && (smtp_input || dot_ends))
++ if (ptr == 0 && ch == '.' && dot_ends)
+ {
+ ch = (receive_getc)(GETC_BUFFER_UNLIMITED);
+ if (ch == '\r')
+diff --git a/src/src/smtp_in.c b/src/src/smtp_in.c
+index 1fdb705..0aabc53 100644
+--- a/src/src/smtp_in.c
++++ b/src/src/smtp_in.c
+@@ -5094,16 +5094,23 @@ while (done <= 0)
+ DEBUG(D_receive) debug_printf("chunking state %d, %d bytes\n",
+ (int)chunking_state, chunking_data_left);
+
++ /* push the current receive_* function on the "stack", and
++ replace them by bdat_getc(), which in turn will use the lwr_receive_*
++ functions to do the dirty work. */
+ lwr_receive_getc = receive_getc;
+ lwr_receive_ungetc = receive_ungetc;
++
+ receive_getc = bdat_getc;
+ receive_ungetc = bdat_ungetc;
+
++ dot_ends = FALSE;
++
+ goto DATA_BDAT;
+ }
+
+ case DATA_CMD:
+ HAD(SCH_DATA);
++ dot_ends = TRUE;
+
+ DATA_BDAT: /* Common code for DATA and BDAT */
+ if (!discarded && recipients_count <= 0)
+--
+1.9.1
+
^ permalink raw reply related [flat|nested] 24+ messages in thread
* [gentoo-commits] repo/gentoo:master commit in: mail-mta/exim/files/, mail-mta/exim/
@ 2019-06-28 13:50 Fabian Groffen
0 siblings, 0 replies; 24+ messages in thread
From: Fabian Groffen @ 2019-06-28 13:50 UTC (permalink / raw
To: gentoo-commits
commit: 47afd5252208d69ef4df50a86442bdd73287530e
Author: Fabian Groffen <grobian <AT> gentoo <DOT> org>
AuthorDate: Fri Jun 28 13:50:23 2019 +0000
Commit: Fabian Groffen <grobian <AT> gentoo <DOT> org>
CommitDate: Fri Jun 28 13:50:40 2019 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=47afd525
mail-mta/exim: fix USE=dlfunc
Closes: https://bugs.gentoo.org/688572
Signed-off-by: Fabian Groffen <grobian <AT> gentoo.org>
Package-Manager: Portage-2.3.66, Repoman-2.3.11
.../{exim-4.92-r1.ebuild => exim-4.92-r2.ebuild} | 59 ++++++++++++++--------
mail-mta/exim/exim-4.92.ebuild | 2 +
.../exim/files/exim-4.92-localscan_dlopen.patch | 2 +-
3 files changed, 40 insertions(+), 23 deletions(-)
diff --git a/mail-mta/exim/exim-4.92-r1.ebuild b/mail-mta/exim/exim-4.92-r2.ebuild
similarity index 90%
rename from mail-mta/exim/exim-4.92-r1.ebuild
rename to mail-mta/exim/exim-4.92-r2.ebuild
index a0346ffb579..3a5c9bf51b0 100644
--- a/mail-mta/exim/exim-4.92-r1.ebuild
+++ b/mail-mta/exim/exim-4.92-r2.ebuild
@@ -131,25 +131,27 @@ src_prepare() {
src_configure() {
# general config and paths
- sed -i.orig \
- -e "/SYSTEM_ALIASES_FILE/s'SYSTEM_ALIASES_FILE'${EPREFIX}/etc/mail/aliases'" \
- "${S}"/src/configure.default || die
+ local aliases="${EPREFIX}/etc/mail/aliases"
+ sed -i \
+ -e "/SYSTEM_ALIASES_FILE/s'SYSTEM_ALIASES_FILE'${aliases}'" \
+ src/configure.default || die
- sed -i -e 's/^buildname=.*/buildname=exim-gentoo/g' Makefile || die
+ sed -i -e 's/^buildname=.*/buildname=exim-gentoo/' Makefile || die
+ if use elibc_musl; then
+ sed -i -e 's/^LIBS = -lnsl/LIBS =/g' OS/Makefile-Linux || die
+ fi
+
+ local conffile="${EPREFIX}/etc/exim/exim.conf"
sed -e "48i\CFLAGS=${CFLAGS}" \
-e "s:BIN_DIRECTORY=/usr/exim/bin:BIN_DIRECTORY=${EPREFIX}/usr/sbin:" \
-e "s:EXIM_USER=:EXIM_USER=${MAILUSER}:" \
- -e "s:CONFIGURE_FILE=/usr/exim/configure:CONFIGURE_FILE=${EPREFIX}/etc/exim/exim.conf:" \
+ -e "s:CONFIGURE_FILE=.*$:CONFIGURE_FILE=${conffile}:" \
-e "s:ZCAT_COMMAND=.*$:ZCAT_COMMAND=${EPREFIX}/bin/zcat:" \
-e "s:COMPRESS_COMMAND=.*$:COMPRESS_COMMAND=${EPREFIX}/bin/gzip:" \
- src/EDITME > Local/Makefile
-
- if use elibc_musl; then
- sed -e 's/^LIBS = -lnsl/LIBS =/g' \
- -i OS/Makefile-Linux
- fi
+ src/EDITME > Local/Makefile || die
+ # work on Local/Makefile from now on
cd Local
cat >> Makefile <<- EOC
@@ -181,6 +183,7 @@ src_configure() {
#
# mail storage formats
+ #
# mailstore is Exim's traditional storage format
cat >> Makefile <<- EOC
@@ -218,14 +221,14 @@ src_configure() {
if ! use dnsdb; then
# DNSDB lookup is enabled by default
- sed -i "s:^LOOKUP_DNSDB=yes:# LOOKUP_DNSDB=yes:" Makefile
+ sed -i -e 's:^LOOKUP_DNSDB=yes:# LOOKUP_DNSDB=yes:' Makefile || die
fi
if use ldap; then
cat >> Makefile <<- EOC
LOOKUP_LDAP=yes
LDAP_LIB_TYPE=OPENLDAP2
- LOOKUP_INCLUDE += -I"${EROOT}"usr/include/ldap
+ LOOKUP_INCLUDE += -I"${EPREFIX}"/usr/include/ldap
LOOKUP_LIBS += -lldap -llber
EOC
fi
@@ -245,7 +248,7 @@ src_configure() {
EOC
if use elibc_glibc ; then
cat >> Makefile <<- EOC
- CFLAGS += -I/usr/include/tirpc
+ CFLAGS += -I"${EPREFIX}"/usr/include/tirpc
EOC
fi
fi
@@ -272,17 +275,17 @@ src_configure() {
EOC
fi
- #
# Exim monitor, enabled by default, controlled via X USE-flag,
# disable if not requested, bug #46778
if use X; then
cp ../exim_monitor/EDITME eximon.conf || die
else
- sed -i -e '/^EXIM_MONITOR=/s/^/# /' Makefile
+ sed -i -e '/^EXIM_MONITOR=/s/^/# /' Makefile || die
fi
#
# features
+ #
# content scanning support
if use exiscan-acl; then
@@ -317,7 +320,10 @@ src_configure() {
# log to syslog
if use syslog; then
- sed -i "s:LOG_FILE_PATH=/var/log/exim/exim_%s.log:LOG_FILE_PATH=syslog:" Makefile
+ local eximlog="${EPREFIX}/var/log/exim/exim_%s.log"
+ sed -i \
+ -e "s:LOG_FILE_PATH=${eximlog}:LOG_FILE_PATH=syslog:" \
+ Makefile || die
cat >> Makefile <<- EOC
LOG_FILE_PATH=syslog
EOC
@@ -365,6 +371,8 @@ src_configure() {
if use dlfunc; then
cat >> Makefile <<- EOC
EXPAND_DLFUNC=yes
+ HAVE_LOCAL_SCAN=yes
+ DLOPEN_LOCAL_SCAN=yes
EOC
fi
@@ -392,6 +400,7 @@ src_configure() {
#
# experimental features
+ #
# Authenticated Receive Chain
if use arc; then
@@ -428,6 +437,7 @@ src_configure() {
#
# authentication (SMTP AUTH)
+ #
# standard bits
cat >> Makefile <<- EOC
@@ -531,9 +541,12 @@ src_install () {
newinitd "${FILESDIR}"/exim.rc10 exim
newconfd "${FILESDIR}"/exim.confd exim
- systemd_dounit "${FILESDIR}"/{exim.service,exim.socket,exim-submission.socket}
- systemd_newunit "${FILESDIR}"/exim_at.service 'exim@.service'
- systemd_newunit "${FILESDIR}"/exim-submission_at.service 'exim-submission@.service'
+ systemd_dounit \
+ "${FILESDIR}"/{exim.service,exim.socket,exim-submission.socket}
+ systemd_newunit \
+ "${FILESDIR}"/exim_at.service 'exim@.service'
+ systemd_newunit \
+ "${FILESDIR}"/exim-submission_at.service 'exim-submission@.service'
diropts -m 0750 -o ${MAILUSER} -g ${MAILGROUP}
keepdir /var/log/${PN}
@@ -542,8 +555,10 @@ src_install () {
pkg_postinst() {
if [[ ! -f ${EROOT}etc/exim/exim.conf ]] ; then
einfo "${EROOT}etc/exim/system_filter.exim is a sample system_filter."
- einfo "${EROOT}etc/exim/auth_conf.sub contains the configuration sub for using smtp auth."
- einfo "Please create ${EROOT}etc/exim/exim.conf from ${EROOT}etc/exim/exim.conf.dist."
+ einfo "${EROOT}etc/exim/auth_conf.sub contains the configuration sub"
+ einfo "for using smtp auth."
+ einfo "Please create ${EROOT}etc/exim/exim.conf from"
+ einfo " ${EROOT}etc/exim/exim.conf.dist."
fi
if use dcc ; then
einfo "DCC support is experimental, you can find some limited"
diff --git a/mail-mta/exim/exim-4.92.ebuild b/mail-mta/exim/exim-4.92.ebuild
index a68f1b94203..fe6cf5e40f1 100644
--- a/mail-mta/exim/exim-4.92.ebuild
+++ b/mail-mta/exim/exim-4.92.ebuild
@@ -364,6 +364,8 @@ src_configure() {
if use dlfunc; then
cat >> Makefile <<- EOC
EXPAND_DLFUNC=yes
+ HAVE_LOCAL_SCAN=yes
+ DLOPEN_LOCAL_SCAN=yes
EOC
fi
diff --git a/mail-mta/exim/files/exim-4.92-localscan_dlopen.patch b/mail-mta/exim/files/exim-4.92-localscan_dlopen.patch
index b52d2ad7b9c..57363e56d50 100644
--- a/mail-mta/exim/files/exim-4.92-localscan_dlopen.patch
+++ b/mail-mta/exim/files/exim-4.92-localscan_dlopen.patch
@@ -23,7 +23,7 @@ diff -ur exim-4.92.orig/src/EDITME exim-4.92/src/EDITME
+# to be recompiled with the desired local_scan function. For a full
+# description of the API to this function, see the Exim specification.
+
-+DLOPEN_LOCAL_SCAN=yes
++#DLOPEN_LOCAL_SCAN=yes
+
+# If you set DLOPEN_LOCAL_SCAN, then you need to include -rdynamic in the
+# linker flags. Without it, the loaded .so won't be able to access any
^ permalink raw reply related [flat|nested] 24+ messages in thread
* [gentoo-commits] repo/gentoo:master commit in: mail-mta/exim/files/, mail-mta/exim/
@ 2019-12-09 17:18 Fabian Groffen
0 siblings, 0 replies; 24+ messages in thread
From: Fabian Groffen @ 2019-12-09 17:18 UTC (permalink / raw
To: gentoo-commits
commit: b5fbafb62386fdc6e0958d09804bdb95b700e326
Author: Fabian Groffen <grobian <AT> gentoo <DOT> org>
AuthorDate: Mon Dec 9 17:17:48 2019 +0000
Commit: Fabian Groffen <grobian <AT> gentoo <DOT> org>
CommitDate: Mon Dec 9 17:18:05 2019 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=b5fbafb6
mail-mta/exim-4.93: version bump
Package-Manager: Portage-2.3.76, Repoman-2.3.16
Signed-off-by: Fabian Groffen <grobian <AT> gentoo.org>
mail-mta/exim/Manifest | 2 +
mail-mta/exim/exim-4.93.ebuild | 580 +++++++++++++++++++++
.../exim/files/exim-4.93-as-needed-ldflags.patch | 145 ++++++
.../exim/files/exim-4.93-localscan_dlopen.patch | 267 ++++++++++
4 files changed, 994 insertions(+)
diff --git a/mail-mta/exim/Manifest b/mail-mta/exim/Manifest
index ff4a789bc71..d062568332d 100644
--- a/mail-mta/exim/Manifest
+++ b/mail-mta/exim/Manifest
@@ -1,5 +1,7 @@
DIST exim-4.92.2.tar.xz 1772688 BLAKE2B 618c70e26811d0e6d453a4b88ab1cdb9e337a9ca8ceec50aee665b1493c75157001483cf9721e3d57313a90910d2605717b2c4be4174c2897b3f992af01c1c26 SHA512 d27aca4d4e9df267b0afcbe7b3f74c9ca6e96e7e6eb4d2f86ff00b0e2234eaec90271405eb387a36a2e0d4ec5597b2920753f85318a5618ddbc8af475a7d81cd
DIST exim-4.92.3.tar.xz 1773156 BLAKE2B 7866c23c862f5b5aadac709279f9ed376e526e90e8ca09d41c1789041ec0a3ecd48f8d2237e4d462e547efa2178babd5942d3142fef7419e16d1707fe23fa226 SHA512 ca6d6f50653502345511b683859b33aa02faa48454fb2100ff89fed3dcb8af8933e7bce68939365fdee42f96eec0c3b135cf748f4581e92a62be0f0ab093868a
+DIST exim-4.93.tar.xz 1803660 BLAKE2B deef8a48dec4e8b79c43a54ab2033d00e858d8316f9994cbfcc4cc3f0673fc28783c73d4b9719062784155821594970fdb0c535cadb692bdb14c6407093920b6 SHA512 556c7fe75042739c3e92346b96c40960680fe2838589add5fad1f69f18600dd9ed128f367627c812051b3a3a1a64e740488d5ce8c198bf87b59fa84ab8a0eb5b
DIST exim-pdf-4.92.2.tar.xz 2039468 BLAKE2B 3542bb5d38267bb06728ada72cfa89f06027b917799e743a1764cb7568cf0ba4cdbc5b40738c3ae41c9540d348810b388d74ad315a201f2740a5a0b79e83f904 SHA512 da90354cd8133103f08b978dd0422fd1a00e5866cd3f40e523d06875fb8b31163d7fe9791f1cf81d15bc63b16fc7f6bb98cf28c3036d054464336c07245b3c91
DIST exim-pdf-4.92.3.tar.xz 2039436 BLAKE2B 8d20e7f0ebfcb573d08b490737923afc2cd2d5837f5c91bd2f3e6b5e637d86a5d5a59123c57ba9219ead675c72bfc46351d5b705d9533fab80bedeeca8bdd580 SHA512 3245a627a924db92e5a50e842e096731d08284f757274b5083ea234707c493abd6f27a3b34a2025e3acff167260df0f4ebe68b9f5832920c5f22c258143ab43f
+DIST exim-pdf-4.93.tar.xz 2068840 BLAKE2B b9cfcdcc4c37c312d11a5e6921ebeee09562ad9642fba66cef336f470ece69a3e62702219ec249058425bde489cce295d2bd39003da2f5042e0676f4286cf66b SHA512 817152ceb3aaa6f1a5676023c751ab01c14141e5248164848f33b04a5489a826fc9f19dbf29c6d555dd2bd54299b0c0c536426ea20cc9bffb325adb61366abe5
DIST system_filter.exim.gz 3075 BLAKE2B d05e872b5cef377d29126cda03fc0a74c8777b2119b76ff43da6e8de808035eb9bfcb034a85d81824f135d484e864bfc0629fc1af2c228a7277d5ee7cf9cde79 SHA512 cb358d3ce2499a0bb5920d962a06f2af8486e55ec90c8c928bd8e3aefb279aa57f5f960d5adfcef68bd94110b405eaa144e9629cfe6014a529c79c544600bbf3
diff --git a/mail-mta/exim/exim-4.93.ebuild b/mail-mta/exim/exim-4.93.ebuild
new file mode 100644
index 00000000000..6feaa1836fa
--- /dev/null
+++ b/mail-mta/exim/exim-4.93.ebuild
@@ -0,0 +1,580 @@
+# Copyright 1999-2019 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI="7"
+
+inherit db-use toolchain-funcs multilib pam systemd
+
+IUSE="arc dane dcc +dkim dlfunc dmarc +dnsdb doc dovecot-sasl dsn elibc_glibc exiscan-acl gnutls idn ipv6 ldap libressl lmtp maildir mbx mysql nis pam perl pkcs11 postgres +prdr proxy radius redis sasl selinux spf sqlite srs ssl syslog tcpd +tpda X"
+REQUIRED_USE="
+ arc? ( dkim spf )
+ dane? ( ssl !gnutls )
+ dmarc? ( dkim spf )
+ gnutls? ( ssl )
+ pkcs11? ( ssl )
+ spf? ( exiscan-acl )
+ srs? ( exiscan-acl )
+ !ssl? ( !dkim )
+"
+# NOTE on USE="gnutls dane", gnutls[dane] is masked in base, unmasked
+# for x86 and amd64 only, due to this, repoman won't allow depending on
+# gnutls[dane] for all else. Because we cannot express USE=dane when
+# USE=gnutls is in effect only in package.use.mask, the only option we
+# have left is to a) ignore the dependency (but that results in bug
+# #661164) or b) mask the usage of USE=dane with USE=gnutls. Both are
+# incorrect, but b) is the only "correct" view from repoman.
+
+COMM_URI="https://downloads.exim.org/exim4$([[ ${PV} == *_rc* ]] && echo /test)"
+
+DESCRIPTION="A highly configurable, drop-in replacement for sendmail"
+SRC_URI="${COMM_URI}/${P//rc/RC}.tar.xz
+ mirror://gentoo/system_filter.exim.gz
+ doc? ( ${COMM_URI}/${PN}-pdf-${PV//rc/RC}.tar.xz )"
+HOMEPAGE="https://www.exim.org/"
+
+SLOT="0"
+LICENSE="GPL-2"
+KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~ppc ~ppc64 ~sparc ~x86 ~x86-solaris"
+
+COMMON_DEPEND=">=sys-apps/sed-4.0.5
+ ( >=sys-libs/db-3.2:= <sys-libs/db-6:= )
+ dev-libs/libpcre
+ idn? ( net-dns/libidn:= net-dns/libidn2:= )
+ perl? ( dev-lang/perl:= )
+ pam? ( sys-libs/pam )
+ tcpd? ( sys-apps/tcp-wrappers )
+ ssl? (
+ !libressl? ( dev-libs/openssl:0= )
+ libressl? ( dev-libs/libressl:= )
+ )
+ gnutls? (
+ net-libs/gnutls:0=[pkcs11?]
+ dev-libs/libtasn1
+ )
+ ldap? ( >=net-nds/openldap-2.0.7 )
+ nis? (
+ elibc_glibc? (
+ net-libs/libtirpc
+ >=net-libs/libnsl-1:=
+ )
+ )
+ mysql? ( dev-db/mysql-connector-c:= )
+ postgres? ( dev-db/postgresql:= )
+ sasl? ( >=dev-libs/cyrus-sasl-2.1.26-r2 )
+ redis? ( dev-libs/hiredis )
+ spf? ( >=mail-filter/libspf2-1.2.5-r1 )
+ dmarc? ( mail-filter/opendmarc )
+ srs? ( mail-filter/libsrs_alt )
+ X? (
+ x11-libs/libX11
+ x11-libs/libXmu
+ x11-libs/libXt
+ x11-libs/libXaw
+ )
+ sqlite? ( dev-db/sqlite )
+ radius? ( net-dialup/freeradius-client )
+ virtual/libiconv
+ elibc_glibc? ( net-libs/libnsl )
+ "
+ # added X check for #57206
+BDEPEND="virtual/pkgconfig"
+DEPEND="${COMMON_DEPEND}"
+RDEPEND="${COMMON_DEPEND}
+ !mail-mta/courier
+ !mail-mta/esmtp
+ !mail-mta/mini-qmail
+ !<mail-mta/msmtp-1.4.19-r1
+ !>=mail-mta/msmtp-1.4.19-r1[mta]
+ !mail-mta/netqmail
+ !mail-mta/nullmailer
+ !mail-mta/postfix
+ !mail-mta/qmail-ldap
+ !mail-mta/sendmail
+ !mail-mta/opensmtpd
+ !<mail-mta/ssmtp-2.64-r2
+ !>=mail-mta/ssmtp-2.64-r2[mta]
+ !net-mail/mailwrapper
+ >=net-mail/mailbase-0.00-r5
+ virtual/logger
+ dcc? ( mail-filter/dcc )
+ selinux? ( sec-policy/selinux-exim )
+ "
+
+S=${WORKDIR}/${P//rc/RC}
+
+src_prepare() {
+ # Legacy patches which need a respin for -p1
+ eapply -p0 "${FILESDIR}"/exim-4.14-tail.patch
+ eapply -p0 "${FILESDIR}"/exim-4.74-radius-db-ENV-clash.patch # 287426
+ eapply "${FILESDIR}"/exim-4.93-as-needed-ldflags.patch # 352265, 391279
+ eapply -p0 "${FILESDIR}"/exim-4.76-crosscompile.patch # 266591
+ eapply "${FILESDIR}"/exim-4.69-r1.27021.patch
+ eapply "${FILESDIR}"/exim-4.93-localscan_dlopen.patch
+
+ if use maildir ; then
+ eapply "${FILESDIR}"/exim-4.20-maildir.patch
+ else
+ eapply -p0 "${FILESDIR}"/exim-4.80-spool-mail-group.patch # 438606
+ fi
+
+ eapply_user
+
+ # user Exim believes it should be
+ MAILUSER=mail
+ MAILGROUP=mail
+ if use prefix && [[ ${EUID} != 0 ]] ; then
+ MAILUSER=$(id -un)
+ MAILGROUP=$(id -gn)
+ fi
+}
+
+src_configure() {
+ # general config and paths
+
+ local aliases="${EPREFIX}/etc/mail/aliases"
+ sed -i \
+ -e "/SYSTEM_ALIASES_FILE/s'SYSTEM_ALIASES_FILE'${aliases}'" \
+ src/configure.default || die
+
+ sed -i -e 's/^buildname=.*/buildname=exim-gentoo/' Makefile || die
+
+ if use elibc_musl; then
+ sed -i -e 's/^LIBS = -lnsl/LIBS =/g' OS/Makefile-Linux || die
+ fi
+
+ local conffile="${EPREFIX}/etc/exim/exim.conf"
+ sed -e "48i\CFLAGS=${CFLAGS}" \
+ -e "s:BIN_DIRECTORY=/usr/exim/bin:BIN_DIRECTORY=${EPREFIX}/usr/sbin:" \
+ -e "s:EXIM_USER=:EXIM_USER=${MAILUSER}:" \
+ -e "s:CONFIGURE_FILE=.*$:CONFIGURE_FILE=${conffile}:" \
+ -e "s:ZCAT_COMMAND=.*$:ZCAT_COMMAND=${EPREFIX}/bin/zcat:" \
+ -e "s:COMPRESS_COMMAND=.*$:COMPRESS_COMMAND=${EPREFIX}/bin/gzip:" \
+ src/EDITME > Local/Makefile || die
+
+ # work on Local/Makefile from now on
+ cd Local
+
+ cat >> Makefile <<- EOC
+ INFO_DIRECTORY=${EPREFIX}/usr/share/info
+ PID_FILE_PATH=${EPREFIX}/run/exim.pid
+ SPOOL_DIRECTORY=${EPREFIX}/var/spool/exim
+ HAVE_ICONV=yes
+ EOC
+
+ # if we use libiconv, now is the time to tell so
+ use !elibc_glibc && use !elibc_musl && \
+ echo "EXTRALIBS_EXIM=-liconv" >> Makefile
+
+ # support for IPv6
+ if use ipv6; then
+ cat >> Makefile <<- EOC
+ HAVE_IPV6=YES
+ EOC
+ fi
+
+ # support i18n/IDNA
+ if use idn; then
+ cat >> Makefile <<- EOC
+ SUPPORT_I18N=yes
+ SUPPORT_I18N_2008=yes
+ EXTRALIBS_EXIM += -lidn -lidn2
+ EOC
+ fi
+
+ #
+ # mail storage formats
+ #
+
+ # mailstore is Exim's traditional storage format
+ cat >> Makefile <<- EOC
+ SUPPORT_MAILSTORE=yes
+ EOC
+
+ # mbox
+ if use mbx; then
+ cat >> Makefile <<- EOC
+ SUPPORT_MBX=yes
+ EOC
+ fi
+
+ # maildir
+ if use maildir; then
+ cat >> Makefile <<- EOC
+ SUPPORT_MAILDIR=yes
+ EOC
+ fi
+
+ #
+ # lookup methods
+
+ # use the "native" interfaces to the DBM and CDB libraries, support
+ # passwd and directory lookups by default
+ local DB_VERS="5.3 5.1 4.8 4.7 4.6 4.5 4.4 4.3 4.2 3.2"
+ cat >> Makefile <<- EOC
+ USE_DB=yes
+ CFLAGS+=-I$(db_includedir ${DB_VERS})
+ DBMLIB=-l$(db_libname ${DB_VERS})
+ LOOKUP_CDB=yes
+ LOOKUP_PASSWD=yes
+ LOOKUP_DSEARCH=yes
+ EOC
+
+ if ! use dnsdb; then
+ # DNSDB lookup is enabled by default
+ sed -i -e 's:^LOOKUP_DNSDB=yes:# LOOKUP_DNSDB=yes:' Makefile || die
+ fi
+
+ if use ldap; then
+ cat >> Makefile <<- EOC
+ LOOKUP_LDAP=yes
+ LDAP_LIB_TYPE=OPENLDAP2
+ LOOKUP_INCLUDE += -I"${EPREFIX}"/usr/include/ldap
+ LOOKUP_LIBS += -lldap -llber
+ EOC
+ fi
+
+ if use mysql; then
+ cat >> Makefile <<- EOC
+ LOOKUP_MYSQL=yes
+ LOOKUP_INCLUDE += $(mysql_config --include)
+ LOOKUP_LIBS += $(mysql_config --libs)
+ EOC
+ fi
+
+ if use nis; then
+ cat >> Makefile <<- EOC
+ LOOKUP_NIS=yes
+ LOOKUP_NISPLUS=yes
+ EOC
+ if use elibc_glibc ; then
+ cat >> Makefile <<- EOC
+ CFLAGS += -I"${EPREFIX}"/usr/include/tirpc
+ EOC
+ fi
+ fi
+
+ if use postgres; then
+ cat >> Makefile <<- EOC
+ LOOKUP_PGSQL=yes
+ LOOKUP_INCLUDE += -I$(pg_config --includedir)
+ LOOKUP_LIBS += -L$(pg_config --libdir) -lpq
+ EOC
+ fi
+
+ if use sqlite; then
+ cat >> Makefile <<- EOC
+ LOOKUP_SQLITE=yes
+ LOOKUP_SQLITE_PC=sqlite3
+ EOC
+ fi
+
+ if use redis; then
+ cat >> Makefile <<- EOC
+ LOOKUP_REDIS=yes
+ LOOKUP_LIBS += -lhiredis
+ EOC
+ fi
+
+ # Exim monitor, enabled by default, controlled via X USE-flag,
+ # disable if not requested, bug #46778
+ if use X; then
+ cp ../exim_monitor/EDITME eximon.conf || die
+ else
+ sed -i -e '/^EXIM_MONITOR=/s/^/# /' Makefile || die
+ fi
+
+ #
+ # features
+ #
+
+ # content scanning support
+ if use exiscan-acl; then
+ cat >> Makefile <<- EOC
+ WITH_CONTENT_SCAN=yes
+ EOC
+ fi
+
+ # DomainKeys Identified Mail, RFC4871
+ if ! use dkim; then
+ # DKIM is enabled by default
+ cat >> Makefile <<- EOC
+ DISABLE_DKIM=yes
+ EOC
+ fi
+
+ # Per-Recipient-Data-Response
+ if ! use prdr; then
+ # PRDR is enabled by default
+ cat >> Makefile <<- EOC
+ DISABLE_PRDR=yes
+ EOC
+ fi
+
+ # Transport post-delivery actions
+ if use !tpda && use !dane; then
+ # EVENT is enabled by default
+ cat >> Makefile <<- EOC
+ DISABLE_EVENT=yes
+ EOC
+ fi
+
+ # log to syslog
+ if use syslog; then
+ local eximlog="${EPREFIX}/var/log/exim/exim_%s.log"
+ sed -i \
+ -e "s:LOG_FILE_PATH=${eximlog}:LOG_FILE_PATH=syslog:" \
+ Makefile || die
+ cat >> Makefile <<- EOC
+ LOG_FILE_PATH=syslog
+ EOC
+ else
+ cat >> Makefile <<- EOC
+ LOG_FILE_PATH=${EPREFIX}/var/log/exim/exim_%s.log
+ EOC
+ fi
+
+ # starttls support (ssl)
+ if use ssl; then
+ if use gnutls; then
+ echo "USE_GNUTLS=yes" >> Makefile
+ echo "USE_GNUTLS_PC=gnutls $(use dane && echo gnutls-dane)" \
+ >> Makefile
+ use pkcs11 || echo "AVOID_GNUTLS_PKCS11=yes" >> Makefile
+ else
+ echo "USE_OPENSSL=yes" >> Makefile
+ echo "USE_OPENSSL_PC=openssl" >> Makefile
+ fi
+ else
+ echo "DISABLE_TLS=yes" >> Makefile
+ fi
+
+ # TCP wrappers
+ if use tcpd; then
+ cat >> Makefile <<- EOC
+ USE_TCP_WRAPPERS=yes
+ EXTRALIBS_EXIM += -lwrap
+ EOC
+ fi
+
+ # Light Mail Transport Protocol
+ if use lmtp; then
+ cat >> Makefile <<- EOC
+ TRANSPORT_LMTP=yes
+ EOC
+ fi
+
+ # embedded Perl
+ if use perl; then
+ cat >> Makefile <<- EOC
+ EXIM_PERL=perl.o
+ EOC
+ fi
+
+ # dlfunc
+ if use dlfunc; then
+ cat >> Makefile <<- EOC
+ EXPAND_DLFUNC=yes
+ HAVE_LOCAL_SCAN=yes
+ DLOPEN_LOCAL_SCAN=yes
+ EOC
+ fi
+
+ # Proxy Protocol
+ if use proxy; then
+ cat >> Makefile <<- EOC
+ SUPPORT_PROXY=yes
+ EOC
+ fi
+
+ # DANE
+ if use dane; then
+ cat >> Makefile <<- EOC
+ SUPPORT_DANE=yes
+ EOC
+ fi
+
+ # Sender Policy Framework
+ if use spf; then
+ cat >> Makefile <<- EOC
+ SUPPORT_SPF=yes
+ EXTRALIBS_EXIM += -lspf2
+ EOC
+ fi
+
+ #
+ # experimental features
+ #
+
+ # Authenticated Receive Chain
+ if use arc; then
+ echo "EXPERIMENTAL_ARC=yes">> Makefile
+ fi
+
+ # Distributed Checksum Clearinghouse
+ if use dcc; then
+ echo "EXPERIMENTAL_DCC=yes">> Makefile
+ fi
+
+ # Sender Rewriting Scheme
+ if use srs; then
+ cat >> Makefile <<- EOC
+ EXPERIMENTAL_SRS=yes
+ EXTRALIBS_EXIM += -lsrs_alt
+ EOC
+ fi
+
+ # DMARC
+ if use dmarc; then
+ cat >> Makefile <<- EOC
+ EXPERIMENTAL_DMARC=yes
+ EXTRALIBS_EXIM += -lopendmarc
+ EOC
+ fi
+
+ # Delivery Sender Notifications extra information in fail message
+ if use dsn; then
+ cat >> Makefile <<- EOC
+ EXPERIMENTAL_DSN_INFO=yes
+ EOC
+ fi
+
+ #
+ # authentication (SMTP AUTH)
+ #
+
+ # standard bits
+ cat >> Makefile <<- EOC
+ AUTH_SPA=yes
+ AUTH_CRAM_MD5=yes
+ AUTH_PLAINTEXT=yes
+ EOC
+
+ # Cyrus SASL
+ if use sasl; then
+ cat >> Makefile <<- EOC
+ CYRUS_SASLAUTHD_SOCKET=${EPREFIX}/run/saslauthd/mux
+ AUTH_CYRUS_SASL=yes
+ AUTH_LIBS += -lsasl2
+ EOC
+ fi
+
+ # Dovecot
+ if use dovecot-sasl; then
+ cat >> Makefile <<- EOC
+ AUTH_DOVECOT=yes
+ EOC
+ fi
+
+ # Pluggable Authentication Modules
+ if use pam; then
+ cat >> Makefile <<- EOC
+ SUPPORT_PAM=yes
+ AUTH_LIBS += -lpam
+ EOC
+ fi
+
+ # Radius
+ if use radius; then
+ cat >> Makefile <<- EOC
+ RADIUS_CONFIG_FILE=${EPREFIX}/etc/radiusclient/radiusclient.conf
+ RADIUS_LIB_TYPE=RADIUSCLIENTNEW
+ AUTH_LIBS += -lfreeradius-client
+ EOC
+ fi
+}
+
+src_compile() {
+ emake CC="$(tc-getCC)" HOSTCC="$(tc-getBUILD_CC)" \
+ AR="$(tc-getAR) cq" RANLIB="$(tc-getRANLIB)" FULLECHO='' \
+ || die "make failed"
+}
+
+src_install () {
+ cd "${S}"/build-exim-gentoo || die
+ dosbin exim
+ if use X; then
+ dosbin eximon.bin
+ dosbin eximon
+ fi
+ fperms 4755 /usr/sbin/exim
+
+ dosym exim /usr/sbin/sendmail
+ dosym exim /usr/sbin/rsmtp
+ dosym exim /usr/sbin/rmail
+ dosym ../sbin/exim /usr/bin/mailq
+ dosym ../sbin/exim /usr/bin/newaliases
+ dosym ../sbin/sendmail /usr/lib/sendmail
+
+ for i in exicyclog exim_dbmbuild exim_dumpdb exim_fixdb exim_lock \
+ exim_tidydb exinext exiwhat exigrep eximstats exiqsumm exiqgrep \
+ convert4r3 convert4r4 exipick
+ do
+ dosbin $i
+ done
+
+ dodoc -r "${S}"/doc/.
+ doman "${S}"/doc/exim.8
+ use dsn && dodoc "${S}"/README.DSN
+ use doc && dodoc "${WORKDIR}"/${PN}-pdf-${PV//rc/RC}/doc/*.pdf
+
+ # conf files
+ insinto /etc/exim
+ newins "${S}"/src/configure.default exim.conf.dist
+ if use exiscan-acl; then
+ newins "${S}"/src/configure.default exim.conf.exiscan-acl
+ fi
+ doins "${WORKDIR}"/system_filter.exim
+ doins "${FILESDIR}"/auth_conf.sub
+
+ pamd_mimic system-auth exim auth account
+
+ # headers, #436406
+ if use dlfunc ; then
+ # fixup includes so they actually can be found when including
+ sed -i \
+ -e '/#include "\(config\|store\|mytypes\).h"/s:"\(.\+\)":<exim/\1>:' \
+ local_scan.h || die
+ insinto /usr/include/exim
+ doins {config,local_scan}.h ../src/{mytypes,store}.h
+ fi
+
+ insinto /etc/logrotate.d
+ newins "${FILESDIR}/exim.logrotate" exim
+
+ newinitd "${FILESDIR}"/exim.rc10 exim
+ newconfd "${FILESDIR}"/exim.confd exim
+
+ systemd_dounit \
+ "${FILESDIR}"/{exim.service,exim.socket,exim-submission.socket}
+ systemd_newunit \
+ "${FILESDIR}"/exim_at.service 'exim@.service'
+ systemd_newunit \
+ "${FILESDIR}"/exim-submission_at.service 'exim-submission@.service'
+
+ diropts -m 0750 -o ${MAILUSER} -g ${MAILGROUP}
+ keepdir /var/log/${PN}
+}
+
+pkg_postinst() {
+ if [[ ! -f ${EROOT}/etc/exim/exim.conf ]] ; then
+ einfo "${EROOT}/etc/exim/system_filter.exim is a sample system_filter."
+ einfo "${EROOT}/etc/exim/auth_conf.sub contains the configuration sub"
+ einfo "for using smtp auth."
+ einfo "Please create ${EROOT}/etc/exim/exim.conf from"
+ einfo " ${EROOT}/etc/exim/exim.conf.dist."
+ fi
+ if use dcc ; then
+ einfo "DCC support is experimental, you can find some limited"
+ einfo "documentation at the bottom of this prerelease message:"
+ einfo "http://article.gmane.org/gmane.mail.exim.devel/3579"
+ fi
+ use srs && einfo "SRS support is experimental"
+ if use dmarc ; then
+ einfo "DMARC support is experimental. See global settings to"
+ einfo "configure DMARC, for usage see the documentation at "
+ einfo "experimental-spec.txt."
+ fi
+ use dsn && einfo "extra information in fail DSN message is experimental"
+ elog "The obsolete acl condition 'demime' is removed, the replacements"
+ elog "are the ACLs acl_smtp_mime and acl_not_smtp_mime"
+}
diff --git a/mail-mta/exim/files/exim-4.93-as-needed-ldflags.patch b/mail-mta/exim/files/exim-4.93-as-needed-ldflags.patch
new file mode 100644
index 00000000000..3b3ea462817
--- /dev/null
+++ b/mail-mta/exim/files/exim-4.93-as-needed-ldflags.patch
@@ -0,0 +1,145 @@
+https://bugs.gentoo.org/show_bug.cgi?id=352265
+
+Make sure LDFLAGS comes first, such that all libraries are considered,
+and not discarded when --as-needed is in effect.
+
+https://bugs.gentoo.org/show_bug.cgi?id=391279
+
+Use LDFLAGS for all targets, not just the exim binary, such that
+--as-needed works as well.
+
+
+--- a/OS/Makefile-Base
++++ b/OS/Makefile-Base
+@@ -496,12 +496,12 @@
+ buildrouters buildtransports \
+ $(OBJ_EXIM) version.o
+ @echo "$(LNCC) -o exim"
+- $(FE)$(PURIFY) $(LNCC) -o exim $(LFLAGS) $(OBJ_EXIM) version.o \
++ $(FE)$(PURIFY) $(LNCC) -o exim $(LDFLAGS) $(OBJ_EXIM) version.o \
+ routers/routers.a transports/transports.a lookups/lookups.a \
+ auths/auths.a pdkim/pdkim.a \
+ $(LIBRESOLV) $(LIBS) $(LIBS_EXIM) $(IPV6_LIBS) $(EXTRALIBS) \
+ $(EXTRALIBS_EXIM) $(DBMLIB) $(LOOKUP_LIBS) $(AUTH_LIBS) \
+- $(PERL_LIBS) $(TLS_LIBS) $(PCRE_LIBS) $(LDFLAGS)
++ $(PERL_LIBS) $(TLS_LIBS) $(PCRE_LIBS) $(LFLAGS)
+ @if [ x"$(STRIP_COMMAND)" != x"" ]; then \
+ echo $(STRIP_COMMAND) exim; \
+ $(STRIP_COMMAND) exim; \
+@@ -517,8 +517,8 @@
+
+ exim_dumpdb: $(OBJ_DUMPDB)
+ @echo "$(LNCC) -o exim_dumpdb"
+- $(FE)$(LNCC) $(CFLAGS) $(INCLUDE) -o exim_dumpdb $(LFLAGS) $(OBJ_DUMPDB) \
+- $(LIBS) $(EXTRALIBS) $(DBMLIB)
++ $(FE)$(LNCC) $(CFLAGS) $(INCLUDE) -o exim_dumpdb $(LDFLAGS) $(OBJ_DUMPDB) \
++ $(LIBS) $(EXTRALIBS) $(DBMLIB) $(LFLAGS)
+ @if [ x"$(STRIP_COMMAND)" != x"" ]; then \
+ echo $(STRIP_COMMAND) exim_dumpdb; \
+ $(STRIP_COMMAND) exim_dumpdb; \
+@@ -532,8 +532,8 @@
+
+ exim_fixdb: $(OBJ_FIXDB)
+ @echo "$(LNCC) -o exim_fixdb"
+- $(FE)$(LNCC) $(CFLAGS) $(INCLUDE) -o exim_fixdb $(LFLAGS) $(OBJ_FIXDB) \
+- $(LIBS) $(EXTRALIBS) $(DBMLIB)
++ $(FE)$(LNCC) $(CFLAGS) $(INCLUDE) -o exim_fixdb $(LDFLAGS) $(OBJ_FIXDB) \
++ $(LIBS) $(EXTRALIBS) $(DBMLIB) $(LFLAGS)
+ @if [ x"$(STRIP_COMMAND)" != x"" ]; then \
+ echo $(STRIP_COMMAND) exim_fixdb; \
+ $(STRIP_COMMAND) exim_fixdb; \
+@@ -547,8 +547,8 @@
+
+ exim_tidydb: $(OBJ_TIDYDB)
+ @echo "$(LNCC) -o exim_tidydb"
+- $(FE)$(LNCC) $(CFLAGS) $(INCLUDE) -o exim_tidydb $(LFLAGS) $(OBJ_TIDYDB) \
+- $(LIBS) $(EXTRALIBS) $(DBMLIB)
++ $(FE)$(LNCC) $(CFLAGS) $(INCLUDE) -o exim_tidydb $(LDFLAGS) $(OBJ_TIDYDB) \
++ $(LIBS) $(EXTRALIBS) $(DBMLIB) $(LFLAGS)
+ @if [ x"$(STRIP_COMMAND)" != x"" ]; then \
+ echo $(STRIP_COMMAND) exim_tidydb; \
+ $(STRIP_COMMAND) exim_tidydb; \
+@@ -560,8 +560,8 @@
+
+ exim_dbmbuild: exim_dbmbuild.o
+ @echo "$(LNCC) -o exim_dbmbuild"
+- $(FE)$(LNCC) $(CFLAGS) $(INCLUDE) -o exim_dbmbuild $(LFLAGS) exim_dbmbuild.o \
+- $(LIBS) $(EXTRALIBS) $(DBMLIB)
++ $(FE)$(LNCC) $(CFLAGS) $(INCLUDE) -o exim_dbmbuild $(LDFLAGS) exim_dbmbuild.o \
++ $(LIBS) $(EXTRALIBS) $(DBMLIB) $(LFLAGS)
+ @if [ x"$(STRIP_COMMAND)" != x"" ]; then \
+ echo $(STRIP_COMMAND) exim_dbmbuild; \
+ $(STRIP_COMMAND) exim_dbmbuild; \
+@@ -575,8 +575,8 @@
+ @echo "$(CC) exim_lock.c"
+ $(FE)$(CC) -c $(CFLAGS) $(INCLUDE) exim_lock.c
+ @echo "$(LNCC) -o exim_lock"
+- $(FE)$(LNCC) -o exim_lock $(LFLAGS) exim_lock.o \
+- $(LIBS) $(EXTRALIBS)
++ $(FE)$(LNCC) -o exim_lock $(LDFLAGS) exim_lock.o \
++ $(LIBS) $(EXTRALIBS) $(LFLAGS)
+ @if [ x"$(STRIP_COMMAND)" != x"" ]; then \
+ echo $(STRIP_COMMAND) exim_lock; \
+ $(STRIP_COMMAND) exim_lock; \
+@@ -612,9 +612,9 @@
+ $(FE)$(CC) -o em_version.o -c \
+ $(CFLAGS) $(XINCLUDE) -I. ../exim_monitor/em_version.c
+ @echo "$(LNCC) -o eximon.bin"
+- $(FE)$(PURIFY) $(LNCC) -o eximon.bin em_version.o $(LFLAGS) $(XLFLAGS) \
++ $(FE)$(PURIFY) $(LNCC) -o eximon.bin em_version.o $(LDFLAGS) $(XLFLAGS) \
+ $(OBJ_MONBIN) -lXaw -lXmu -lXt -lXext -lX11 $(PCRE_LIBS) \
+- $(LIBS) $(LIBS_EXIMON) $(EXTRALIBS) $(EXTRALIBS_EXIMON) -lc
++ $(LIBS) $(LIBS_EXIMON) $(EXTRALIBS) $(EXTRALIBS_EXIMON) -lc $(LFLAGS)
+ @if [ x"$(STRIP_COMMAND)" != x"" ]; then \
+ echo $(STRIP_COMMAND) eximon.bin; \
+ $(STRIP_COMMAND) eximon.bin; \
+@@ -947,9 +947,9 @@
+ string.o tod.o version.o utf8.o
+ $(CC) -c $(CFLAGS) $(INCLUDE) -DSTAND_ALONE dbfn.c
+ $(CC) -c $(CFLAGS) $(INCLUDE) -DCOMPILE_UTILITY store.c
+- $(LNCC) -o test_dbfn $(LFLAGS) dbfn.o \
++ $(LNCC) -o test_dbfn $(LDFLAGS) dbfn.o \
+ dummies.o sa-globals.o sa-os.o store.o string.o \
+- tod.o version.o utf8.o $(LIBS) $(DBMLIB) $(LDFLAGS)
++ tod.o version.o utf8.o $(LIBS) $(DBMLIB) $(LFLAGS)
+ rm -f dbfn.o store.o
+
+ test_host: config.h child.c host.c dns.c dummies.c sa-globals.o os.o \
+@@ -958,29 +958,29 @@
+ $(CC) -c $(CFLAGS) $(INCLUDE) -DSTAND_ALONE -DTEST_HOST host.c
+ $(CC) -c $(CFLAGS) $(INCLUDE) -DSTAND_ALONE -DTEST_HOST dns.c
+ $(CC) -c $(CFLAGS) $(INCLUDE) -DSTAND_ALONE -DTEST_HOST dummies.c
+- $(LNCC) -o test_host $(LFLAGS) \
++ $(LNCC) -o test_host $(LDFLAGS) \
+ host.o child.o dns.o dummies.o sa-globals.o os.o store.o string.o \
+- tod.o tree.o $(LIBS) $(LIBRESOLV)
++ tod.o tree.o $(LIBS) $(LIBRESOLV) $(LFLAGS)
+ rm -f child.o dummies.o host.o dns.o
+
+ test_os: os.h os.c dummies.o sa-globals.o store.o string.o tod.o utf8.o
+ $(CC) -c $(CFLAGS) $(INCLUDE) -DSTAND_ALONE os.c
+- $(LNCC) -o test_os $(LFLAGS) os.o dummies.o \
+- sa-globals.o store.o string.o tod.o utf8.o $(LIBS) $(LDFLAGS)
++ $(LNCC) -o test_os $(LDFLAGS) os.o dummies.o \
++ sa-globals.o store.o string.o tod.o utf8.o $(LIBS) $(LFLAGS)
+ rm -f os.o
+
+ test_parse: config.h parse.c dummies.o sa-globals.o \
+ store.o string.o tod.o version.o utf8.o
+ $(CC) -c $(CFLAGS) $(INCLUDE) -DSTAND_ALONE parse.c
+- $(LNCC) -o test_parse $(LFLAGS) parse.o \
++ $(LNCC) -o test_parse $(LDFLAGS) parse.o \
+ dummies.o sa-globals.o store.o string.o tod.o version.o \
+- utf8.o $(LDFLAGS)
++ utf8.o $(LFLAGS)
+ rm -f parse.o
+
+ test_string: config.h string.c dummies.o sa-globals.o store.o tod.o utf8.o
+ $(CC) -c $(CFLAGS) $(INCLUDE) -DSTAND_ALONE string.c
+- $(LNCC) -o test_string $(LFLAGS) -DSTAND_ALONE string.o \
+- dummies.o sa-globals.o store.o tod.o utf8.o $(LIBS) $(LDFLAGS)
++ $(LNCC) -o test_string $(LDFLAGS) -DSTAND_ALONE string.o \
++ dummies.o sa-globals.o store.o tod.o utf8.o $(LIBS) $(LFLAGS)
+ rm -f string.o
+
+ # End
diff --git a/mail-mta/exim/files/exim-4.93-localscan_dlopen.patch b/mail-mta/exim/files/exim-4.93-localscan_dlopen.patch
new file mode 100644
index 00000000000..d2a5e63128a
--- /dev/null
+++ b/mail-mta/exim/files/exim-4.93-localscan_dlopen.patch
@@ -0,0 +1,267 @@
+diff -ur exim-4.92.orig/src/config.h.defaults exim-4.92/src/config.h.defaults
+--- exim-4.92.orig/src/config.h.defaults 2019-01-30 14:59:52.000000000 +0100
++++ exim-4.92/src/config.h.defaults 2019-02-16 18:17:24.547216157 +0100
+@@ -32,6 +32,8 @@
+
+ #define AUTH_VARS 3
+
++#define DLOPEN_LOCAL_SCAN
++
+ #define BIN_DIRECTORY
+
+ #define CONFIGURE_FILE
+Only in exim-4.92/src: config.h.defaults.orig
+diff -ur exim-4.92.orig/src/EDITME exim-4.92/src/EDITME
+--- exim-4.92.orig/src/EDITME 2019-01-30 14:59:52.000000000 +0100
++++ exim-4.92/src/EDITME 2019-02-16 18:17:24.547216157 +0100
+@@ -824,6 +824,24 @@
+
+
+ #------------------------------------------------------------------------------
++# On systems which support dynamic loading of shared libraries, Exim can
++# load a local_scan function specified in its config file instead of having
++# to be recompiled with the desired local_scan function. For a full
++# description of the API to this function, see the Exim specification.
++
++#DLOPEN_LOCAL_SCAN=yes
++
++# If you set DLOPEN_LOCAL_SCAN, then you need to include -rdynamic in the
++# linker flags. Without it, the loaded .so won't be able to access any
++# functions from exim.
++
++LFLAGS = -rdynamic
++ifeq ($(OSTYPE),Linux)
++LFLAGS += -ldl
++endif
++
++
++#------------------------------------------------------------------------------
+ # The default distribution of Exim contains only the plain text form of the
+ # documentation. Other forms are available separately. If you want to install
+ # the documentation in "info" format, first fetch the Texinfo documentation
+Only in exim-4.92/src: EDITME.orig
+diff -ur exim-4.92.orig/src/globals.c exim-4.92/src/globals.c
+--- exim-4.92.orig/src/globals.c 2019-01-30 14:59:52.000000000 +0100
++++ exim-4.92/src/globals.c 2019-02-16 18:17:24.549216150 +0100
+@@ -41,6 +41,10 @@
+
+ uschar *no_aliases = NULL;
+
++#ifdef DLOPEN_LOCAL_SCAN
++uschar *local_scan_path = NULL;
++#endif
++
+
+ /* For comments on these variables, see globals.h. I'm too idle to
+ duplicate them here... */
+Only in exim-4.92/src: globals.c.orig
+diff -ur exim-4.92.orig/src/globals.h exim-4.92/src/globals.h
+--- exim-4.92.orig/src/globals.h 2019-01-30 14:59:52.000000000 +0100
++++ exim-4.92/src/globals.h 2019-02-16 18:17:24.549216150 +0100
+@@ -152,6 +152,9 @@
+ extern int (*receive_ferror)(void);
+ extern BOOL (*receive_smtp_buffered)(void);
+
++#ifdef DLOPEN_LOCAL_SCAN
++extern uschar *local_scan_path; /* Path to local_scan() library */
++#endif
+
+ /* For clearing, saving, restoring address expansion variables. We have to have
+ the size of this vector set explicitly, because it is referenced from more than
+Only in exim-4.92/src: globals.h.orig
+diff -ur exim-4.92.orig/src/local_scan.c exim-4.92/src/local_scan.c
+--- exim-4.92.orig/src/local_scan.c 2019-01-30 14:59:52.000000000 +0100
++++ exim-4.92/src/local_scan.c 2019-02-16 18:29:56.832732592 +0100
+@@ -5,61 +5,131 @@
+ /* Copyright (c) University of Cambridge 1995 - 2009 */
+ /* See the file NOTICE for conditions of use and distribution. */
+
++#include "local_scan.h"
+
+-/******************************************************************************
+-This file contains a template local_scan() function that just returns ACCEPT.
+-If you want to implement your own version, you should copy this file to, say
+-Local/local_scan.c, and edit the copy. To use your version instead of the
+-default, you must set
+-
+-HAVE_LOCAL_SCAN=yes
+-LOCAL_SCAN_SOURCE=Local/local_scan.c
+-
+-in your Local/Makefile. This makes it easy to copy your version for use with
+-subsequent Exim releases.
+-
+-For a full description of the API to this function, see the Exim specification.
+-******************************************************************************/
+-
+-
+-/* This is the only Exim header that you should include. The effect of
+-including any other Exim header is not defined, and may change from release to
+-release. Use only the documented interface! */
+-
+-#include "local_scan.h"
+-
+-
+-/* This is a "do-nothing" version of a local_scan() function. The arguments
+-are:
+-
+- fd The file descriptor of the open -D file, which contains the
+- body of the message. The file is open for reading and
+- writing, but modifying it is dangerous and not recommended.
+-
+- return_text A pointer to an unsigned char* variable which you can set in
+- order to return a text string. It is initialized to NULL.
+-
+-The return values of this function are:
+-
+- LOCAL_SCAN_ACCEPT
+- The message is to be accepted. The return_text argument is
+- saved in $local_scan_data.
+-
+- LOCAL_SCAN_REJECT
+- The message is to be rejected. The returned text is used
+- in the rejection message.
+-
+- LOCAL_SCAN_TEMPREJECT
+- This specifies a temporary rejection. The returned text
+- is used in the rejection message.
+-*/
++#ifdef DLOPEN_LOCAL_SCAN
++#include <dlfcn.h>
++static int (*local_scan_fn)(int fd, uschar **return_text) = NULL;
++static int load_local_scan_library(void);
++#endif
+
+ int
+ local_scan(int fd, uschar **return_text)
+ {
+ fd = fd; /* Keep picky compilers happy */
+ return_text = return_text;
+-return LOCAL_SCAN_ACCEPT;
++#ifdef DLOPEN_LOCAL_SCAN
++/* local_scan_path is defined AND not the empty string */
++if (local_scan_path && *local_scan_path)
++ {
++ if (!local_scan_fn)
++ {
++ if (!load_local_scan_library())
++ {
++ char *base_msg , *error_msg , *final_msg ;
++ int final_length = -1 ;
++
++ base_msg=US"Local configuration error - local_scan() library failure\n";
++ error_msg = dlerror() ;
++
++ final_length = strlen(base_msg) + strlen(error_msg) + 1 ;
++ final_msg = (char*)malloc( final_length*sizeof(char) ) ;
++ *final_msg = '\0' ;
++
++ strcat( final_msg , base_msg ) ;
++ strcat( final_msg , error_msg ) ;
++
++ *return_text = final_msg ;
++ return LOCAL_SCAN_TEMPREJECT;
++ }
++ }
++ return local_scan_fn(fd, return_text);
++ }
++else
++#endif
++ return LOCAL_SCAN_ACCEPT;
++}
++
++#ifdef DLOPEN_LOCAL_SCAN
++
++static int load_local_scan_library(void)
++{
++/* No point in keeping local_scan_lib since we'll never dlclose() anyway */
++void *local_scan_lib = NULL;
++int (*local_scan_version_fn)(void);
++int vers_maj;
++int vers_min;
++
++local_scan_lib = dlopen(local_scan_path, RTLD_NOW);
++if (!local_scan_lib)
++ {
++ log_write(0, LOG_MAIN|LOG_REJECT, "local_scan() library open failed - "
++ "message temporarily rejected");
++ return FALSE;
++ }
++
++local_scan_version_fn = dlsym(local_scan_lib, "local_scan_version_major");
++if (!local_scan_version_fn)
++ {
++ dlclose(local_scan_lib);
++ log_write(0, LOG_MAIN|LOG_REJECT, "local_scan() library doesn't contain "
++ "local_scan_version_major() function - message temporarily rejected");
++ return FALSE;
++ }
++
++/* The major number is increased when the ABI is changed in a non
++ backward compatible way. */
++vers_maj = local_scan_version_fn();
++
++local_scan_version_fn = dlsym(local_scan_lib, "local_scan_version_minor");
++if (!local_scan_version_fn)
++ {
++ dlclose(local_scan_lib);
++ log_write(0, LOG_MAIN|LOG_REJECT, "local_scan() library doesn't contain "
++ "local_scan_version_minor() function - message temporarily rejected");
++ return FALSE;
++ }
++
++/* The minor number is increased each time a new feature is added (in a
++ way that doesn't break backward compatibility) -- Marc */
++vers_min = local_scan_version_fn();
++
++
++if (vers_maj != LOCAL_SCAN_ABI_VERSION_MAJOR)
++ {
++ dlclose(local_scan_lib);
++ local_scan_lib = NULL;
++ log_write(0, LOG_MAIN|LOG_REJECT, "local_scan() has an incompatible major"
++ "version number, you need to recompile your module for this version"
++ "of exim (The module was compiled for version %d.%d and this exim provides"
++ "ABI version %d.%d)", vers_maj, vers_min, LOCAL_SCAN_ABI_VERSION_MAJOR,
++ LOCAL_SCAN_ABI_VERSION_MINOR);
++ return FALSE;
++ }
++else if (vers_min > LOCAL_SCAN_ABI_VERSION_MINOR)
++ {
++ dlclose(local_scan_lib);
++ local_scan_lib = NULL;
++ log_write(0, LOG_MAIN|LOG_REJECT, "local_scan() has an incompatible minor"
++ "version number, you need to recompile your module for this version"
++ "of exim (The module was compiled for version %d.%d and this exim provides"
++ "ABI version %d.%d)", vers_maj, vers_min, LOCAL_SCAN_ABI_VERSION_MAJOR,
++ LOCAL_SCAN_ABI_VERSION_MINOR);
++ return FALSE;
++ }
++
++local_scan_fn = dlsym(local_scan_lib, "local_scan");
++if (!local_scan_fn)
++ {
++ dlclose(local_scan_lib);
++ log_write(0, LOG_MAIN|LOG_REJECT, "local_scan() library doesn't contain "
++ "local_scan() function - message temporarily rejected");
++ return FALSE;
++ }
++
++return TRUE;
+ }
+
++#endif /* DLOPEN_LOCAL_SCAN */
++
+ /* End of local_scan.c */
+diff -ur exim-4.92.orig/src/readconf.c exim-4.92/src/readconf.c
+--- exim-4.92.orig/src/readconf.c 2019-01-30 14:59:52.000000000 +0100
++++ exim-4.92/src/readconf.c 2019-02-16 18:18:46.013947455 +0100
+@@ -199,6 +199,9 @@
+ { "local_from_prefix", opt_stringptr, &local_from_prefix },
+ { "local_from_suffix", opt_stringptr, &local_from_suffix },
+ { "local_interfaces", opt_stringptr, &local_interfaces },
++#ifdef DLOPEN_LOCAL_SCAN
++ { "local_scan_path", opt_stringptr, &local_scan_path },
++#endif
+ #ifdef HAVE_LOCAL_SCAN
+ { "local_scan_timeout", opt_time, &local_scan_timeout },
+ #endif
^ permalink raw reply related [flat|nested] 24+ messages in thread
* [gentoo-commits] repo/gentoo:master commit in: mail-mta/exim/files/, mail-mta/exim/
@ 2020-05-13 17:20 Fabian Groffen
0 siblings, 0 replies; 24+ messages in thread
From: Fabian Groffen @ 2020-05-13 17:20 UTC (permalink / raw
To: gentoo-commits
commit: 4b998533b5bae4ff911d11eb2ece787fd4a9e4c8
Author: Fabian Groffen <grobian <AT> gentoo <DOT> org>
AuthorDate: Wed May 13 17:19:39 2020 +0000
Commit: Fabian Groffen <grobian <AT> gentoo <DOT> org>
CommitDate: Wed May 13 17:19:57 2020 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=4b998533
mail-mta/exim: security cleanup
Bug: https://bugs.gentoo.org/722484
Package-Manager: Portage-2.3.89, Repoman-2.3.20
Signed-off-by: Fabian Groffen <grobian <AT> gentoo.org>
mail-mta/exim/Manifest | 2 -
mail-mta/exim/exim-4.92.3.ebuild | 581 ---------------------
.../exim/files/exim-4.82-makefile-freebsd.patch | 45 --
.../exim/files/exim-4.89-as-needed-ldflags.patch | 145 -----
.../files/exim-4.92-fix-eval-expansion-32bit.patch | 51 --
.../exim/files/exim-4.92-localscan_dlopen.patch | 267 ----------
6 files changed, 1091 deletions(-)
diff --git a/mail-mta/exim/Manifest b/mail-mta/exim/Manifest
index e8a899771de..e08c0096757 100644
--- a/mail-mta/exim/Manifest
+++ b/mail-mta/exim/Manifest
@@ -1,5 +1,3 @@
-DIST exim-4.92.3.tar.xz 1773156 BLAKE2B 7866c23c862f5b5aadac709279f9ed376e526e90e8ca09d41c1789041ec0a3ecd48f8d2237e4d462e547efa2178babd5942d3142fef7419e16d1707fe23fa226 SHA512 ca6d6f50653502345511b683859b33aa02faa48454fb2100ff89fed3dcb8af8933e7bce68939365fdee42f96eec0c3b135cf748f4581e92a62be0f0ab093868a
DIST exim-4.93.0.4.tar.xz 1804696 BLAKE2B 721336101104d9c71b3bb6f432e382c28ad17d80cdb50d04213989e65a719d906caf8eb95639bfaf7a1bfdd62c7000d9df14484953446ecfca901fd7c708514e SHA512 84951849b69399d6f187d2801760dc0cb9e61c88c7c88aaca4e07e48120199a6be94b2236d058ffeacb8d611dd84056b610d480353c301a3ad5799768dd39d96
-DIST exim-pdf-4.92.3.tar.xz 2039436 BLAKE2B 8d20e7f0ebfcb573d08b490737923afc2cd2d5837f5c91bd2f3e6b5e637d86a5d5a59123c57ba9219ead675c72bfc46351d5b705d9533fab80bedeeca8bdd580 SHA512 3245a627a924db92e5a50e842e096731d08284f757274b5083ea234707c493abd6f27a3b34a2025e3acff167260df0f4ebe68b9f5832920c5f22c258143ab43f
DIST exim-pdf-4.93.0.4.tar.xz 2069744 BLAKE2B 28730134293d87b16d672df66119ff97aaf2d796cf28842bb5bf6831a0be6a186a5cce503200b9fc985aaa14386053ca83c259625949634c5a28937b285247ca SHA512 929b4198a3e8764a64478e7ff5a9c7398ad1990114206b68494b1f1f563c23405c7b440e2f21a9f777e9e3cd3a3398d6faea3b882407f731ef3a767c27fd9361
DIST system_filter.exim.gz 3075 BLAKE2B d05e872b5cef377d29126cda03fc0a74c8777b2119b76ff43da6e8de808035eb9bfcb034a85d81824f135d484e864bfc0629fc1af2c228a7277d5ee7cf9cde79 SHA512 cb358d3ce2499a0bb5920d962a06f2af8486e55ec90c8c928bd8e3aefb279aa57f5f960d5adfcef68bd94110b405eaa144e9629cfe6014a529c79c544600bbf3
diff --git a/mail-mta/exim/exim-4.92.3.ebuild b/mail-mta/exim/exim-4.92.3.ebuild
deleted file mode 100644
index 03bdaab227c..00000000000
--- a/mail-mta/exim/exim-4.92.3.ebuild
+++ /dev/null
@@ -1,581 +0,0 @@
-# Copyright 1999-2020 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI="7"
-
-inherit db-use toolchain-funcs multilib pam systemd
-
-IUSE="arc dane dcc +dkim dlfunc dmarc +dnsdb doc dovecot-sasl dsn elibc_glibc exiscan-acl gnutls idn ipv6 ldap libressl lmtp maildir mbx mysql nis pam perl pkcs11 postgres +prdr proxy radius redis sasl selinux spf sqlite srs ssl syslog tcpd +tpda X"
-REQUIRED_USE="
- arc? ( dkim spf )
- dane? ( ssl !gnutls )
- dmarc? ( dkim spf )
- gnutls? ( ssl )
- pkcs11? ( ssl )
- spf? ( exiscan-acl )
- srs? ( exiscan-acl )
- !ssl? ( !dkim )
-"
-# NOTE on USE="gnutls dane", gnutls[dane] is masked in base, unmasked
-# for x86 and amd64 only, due to this, repoman won't allow depending on
-# gnutls[dane] for all else. Because we cannot express USE=dane when
-# USE=gnutls is in effect only in package.use.mask, the only option we
-# have left is to a) ignore the dependency (but that results in bug
-# #661164) or b) mask the usage of USE=dane with USE=gnutls. Both are
-# incorrect, but b) is the only "correct" view from repoman.
-
-COMM_URI="https://downloads.exim.org/exim4$([[ ${PV} == *_rc* ]] && echo /test)"
-
-DESCRIPTION="A highly configurable, drop-in replacement for sendmail"
-SRC_URI="${COMM_URI}/${P//rc/RC}.tar.xz
- mirror://gentoo/system_filter.exim.gz
- doc? ( ${COMM_URI}/${PN}-pdf-${PV//rc/RC}.tar.xz )"
-HOMEPAGE="https://www.exim.org/"
-
-SLOT="0"
-LICENSE="GPL-2"
-KEYWORDS="~alpha amd64 arm ~hppa ~ia64 ppc ppc64 sparc x86 ~x86-solaris"
-
-COMMON_DEPEND=">=sys-apps/sed-4.0.5
- ( >=sys-libs/db-3.2:= <sys-libs/db-6:= )
- dev-libs/libpcre
- idn? ( net-dns/libidn:= net-dns/libidn2:= )
- perl? ( dev-lang/perl:= )
- pam? ( sys-libs/pam )
- tcpd? ( sys-apps/tcp-wrappers )
- ssl? (
- !libressl? ( dev-libs/openssl:0= )
- libressl? ( dev-libs/libressl:= )
- )
- gnutls? (
- net-libs/gnutls:0=[pkcs11?]
- dev-libs/libtasn1
- )
- ldap? ( >=net-nds/openldap-2.0.7 )
- nis? (
- elibc_glibc? (
- net-libs/libtirpc
- >=net-libs/libnsl-1:=
- )
- )
- mysql? ( dev-db/mysql-connector-c:= )
- postgres? ( dev-db/postgresql:= )
- sasl? ( >=dev-libs/cyrus-sasl-2.1.26-r2 )
- redis? ( dev-libs/hiredis )
- spf? ( >=mail-filter/libspf2-1.2.5-r1 )
- dmarc? ( mail-filter/opendmarc )
- srs? ( mail-filter/libsrs_alt )
- X? (
- x11-libs/libX11
- x11-libs/libXmu
- x11-libs/libXt
- x11-libs/libXaw
- )
- sqlite? ( dev-db/sqlite )
- radius? ( net-dialup/freeradius-client )
- virtual/libiconv
- elibc_glibc? ( net-libs/libnsl )
- "
- # added X check for #57206
-BDEPEND="virtual/pkgconfig"
-DEPEND="${COMMON_DEPEND}"
-RDEPEND="${COMMON_DEPEND}
- !mail-mta/courier
- !mail-mta/esmtp
- !mail-mta/mini-qmail
- !<mail-mta/msmtp-1.4.19-r1
- !>=mail-mta/msmtp-1.4.19-r1[mta]
- !mail-mta/netqmail
- !mail-mta/nullmailer
- !mail-mta/postfix
- !mail-mta/qmail-ldap
- !mail-mta/sendmail
- !mail-mta/opensmtpd
- !<mail-mta/ssmtp-2.64-r2
- !>=mail-mta/ssmtp-2.64-r2[mta]
- !net-mail/mailwrapper
- >=net-mail/mailbase-0.00-r5
- virtual/logger
- dcc? ( mail-filter/dcc )
- selinux? ( sec-policy/selinux-exim )
- "
-
-PATCHES=(
- "${FILESDIR}"/exim-4.69-r1.27021.patch
- "${FILESDIR}"/exim-4.92-localscan_dlopen.patch
-)
-
-S=${WORKDIR}/${P//rc/RC}
-
-src_prepare() {
- # Legacy patches which need a respin for -p1
- eapply -p0 "${FILESDIR}"/exim-4.14-tail.patch
- eapply -p0 "${FILESDIR}"/exim-4.74-radius-db-ENV-clash.patch # 287426
- eapply -p0 "${FILESDIR}"/exim-4.82-makefile-freebsd.patch # 235785
- eapply -p0 "${FILESDIR}"/exim-4.89-as-needed-ldflags.patch # 352265, 391279
- eapply -p0 "${FILESDIR}"/exim-4.76-crosscompile.patch # 266591
- eapply -p2 "${FILESDIR}"/exim-4.92-fix-eval-expansion-32bit.patch #687554
-
- if use maildir ; then
- eapply "${FILESDIR}"/exim-4.20-maildir.patch
- else
- eapply -p0 "${FILESDIR}"/exim-4.80-spool-mail-group.patch # 438606
- fi
-
- default
-
- # user Exim believes it should be
- MAILUSER=mail
- MAILGROUP=mail
- if use prefix && [[ ${EUID} != 0 ]] ; then
- MAILUSER=$(id -un)
- MAILGROUP=$(id -gn)
- fi
-}
-
-src_configure() {
- # general config and paths
-
- local aliases="${EPREFIX}/etc/mail/aliases"
- sed -i \
- -e "/SYSTEM_ALIASES_FILE/s'SYSTEM_ALIASES_FILE'${aliases}'" \
- src/configure.default || die
-
- sed -i -e 's/^buildname=.*/buildname=exim-gentoo/' Makefile || die
-
- if use elibc_musl; then
- sed -i -e 's/^LIBS = -lnsl/LIBS =/g' OS/Makefile-Linux || die
- fi
-
- local conffile="${EPREFIX}/etc/exim/exim.conf"
- sed -e "48i\CFLAGS=${CFLAGS}" \
- -e "s:BIN_DIRECTORY=/usr/exim/bin:BIN_DIRECTORY=${EPREFIX}/usr/sbin:" \
- -e "s:EXIM_USER=:EXIM_USER=${MAILUSER}:" \
- -e "s:CONFIGURE_FILE=.*$:CONFIGURE_FILE=${conffile}:" \
- -e "s:ZCAT_COMMAND=.*$:ZCAT_COMMAND=${EPREFIX}/bin/zcat:" \
- -e "s:COMPRESS_COMMAND=.*$:COMPRESS_COMMAND=${EPREFIX}/bin/gzip:" \
- src/EDITME > Local/Makefile || die
-
- # work on Local/Makefile from now on
- cd Local
-
- cat >> Makefile <<- EOC
- INFO_DIRECTORY=${EPREFIX}/usr/share/info
- PID_FILE_PATH=${EPREFIX}/run/exim.pid
- SPOOL_DIRECTORY=${EPREFIX}/var/spool/exim
- HAVE_ICONV=yes
- EOC
-
- # if we use libiconv, now is the time to tell so
- use !elibc_glibc && use !elibc_musl && \
- echo "EXTRALIBS_EXIM=-liconv" >> Makefile
-
- # support for IPv6
- if use ipv6; then
- cat >> Makefile <<- EOC
- HAVE_IPV6=YES
- EOC
- fi
-
- # support i18n/IDNA
- if use idn; then
- cat >> Makefile <<- EOC
- SUPPORT_I18N=yes
- SUPPORT_I18N_2008=yes
- EXTRALIBS_EXIM += -lidn -lidn2
- EOC
- fi
-
- #
- # mail storage formats
- #
-
- # mailstore is Exim's traditional storage format
- cat >> Makefile <<- EOC
- SUPPORT_MAILSTORE=yes
- EOC
-
- # mbox
- if use mbx; then
- cat >> Makefile <<- EOC
- SUPPORT_MBX=yes
- EOC
- fi
-
- # maildir
- if use maildir; then
- cat >> Makefile <<- EOC
- SUPPORT_MAILDIR=yes
- EOC
- fi
-
- #
- # lookup methods
-
- # use the "native" interfaces to the DBM and CDB libraries, support
- # passwd and directory lookups by default
- local DB_VERS="5.3 5.1 4.8 4.7 4.6 4.5 4.4 4.3 4.2 3.2"
- cat >> Makefile <<- EOC
- USE_DB=yes
- CFLAGS+=-I$(db_includedir ${DB_VERS})
- DBMLIB=-l$(db_libname ${DB_VERS})
- LOOKUP_CDB=yes
- LOOKUP_PASSWD=yes
- LOOKUP_DSEARCH=yes
- EOC
-
- if ! use dnsdb; then
- # DNSDB lookup is enabled by default
- sed -i -e 's:^LOOKUP_DNSDB=yes:# LOOKUP_DNSDB=yes:' Makefile || die
- fi
-
- if use ldap; then
- cat >> Makefile <<- EOC
- LOOKUP_LDAP=yes
- LDAP_LIB_TYPE=OPENLDAP2
- LOOKUP_INCLUDE += -I"${EPREFIX}"/usr/include/ldap
- LOOKUP_LIBS += -lldap -llber
- EOC
- fi
-
- if use mysql; then
- cat >> Makefile <<- EOC
- LOOKUP_MYSQL=yes
- LOOKUP_INCLUDE += $(mysql_config --include)
- LOOKUP_LIBS += $(mysql_config --libs)
- EOC
- fi
-
- if use nis; then
- cat >> Makefile <<- EOC
- LOOKUP_NIS=yes
- LOOKUP_NISPLUS=yes
- EOC
- if use elibc_glibc ; then
- cat >> Makefile <<- EOC
- CFLAGS += -I"${EPREFIX}"/usr/include/tirpc
- EOC
- fi
- fi
-
- if use postgres; then
- cat >> Makefile <<- EOC
- LOOKUP_PGSQL=yes
- LOOKUP_INCLUDE += -I$(pg_config --includedir)
- LOOKUP_LIBS += -L$(pg_config --libdir) -lpq
- EOC
- fi
-
- if use sqlite; then
- cat >> Makefile <<- EOC
- LOOKUP_SQLITE=yes
- LOOKUP_SQLITE_PC=sqlite3
- EOC
- fi
-
- if use redis; then
- cat >> Makefile <<- EOC
- LOOKUP_REDIS=yes
- LOOKUP_LIBS += -lhiredis
- EOC
- fi
-
- # Exim monitor, enabled by default, controlled via X USE-flag,
- # disable if not requested, bug #46778
- if use X; then
- cp ../exim_monitor/EDITME eximon.conf || die
- else
- sed -i -e '/^EXIM_MONITOR=/s/^/# /' Makefile || die
- fi
-
- #
- # features
- #
-
- # content scanning support
- if use exiscan-acl; then
- cat >> Makefile <<- EOC
- WITH_CONTENT_SCAN=yes
- EOC
- fi
-
- # DomainKeys Identified Mail, RFC4871
- if ! use dkim; then
- # DKIM is enabled by default
- cat >> Makefile <<- EOC
- DISABLE_DKIM=yes
- EOC
- fi
-
- # Per-Recipient-Data-Response
- if ! use prdr; then
- # PRDR is enabled by default
- cat >> Makefile <<- EOC
- DISABLE_PRDR=yes
- EOC
- fi
-
- # Transport post-delivery actions
- if use !tpda && use !dane; then
- # EVENT is enabled by default
- cat >> Makefile <<- EOC
- DISABLE_EVENT=yes
- EOC
- fi
-
- # log to syslog
- if use syslog; then
- local eximlog="${EPREFIX}/var/log/exim/exim_%s.log"
- sed -i \
- -e "s:LOG_FILE_PATH=${eximlog}:LOG_FILE_PATH=syslog:" \
- Makefile || die
- cat >> Makefile <<- EOC
- LOG_FILE_PATH=syslog
- EOC
- else
- cat >> Makefile <<- EOC
- LOG_FILE_PATH=${EPREFIX}/var/log/exim/exim_%s.log
- EOC
- fi
-
- # starttls support (ssl)
- if use ssl; then
- echo "SUPPORT_TLS=yes" >> Makefile
- if use gnutls; then
- echo "USE_GNUTLS=yes" >> Makefile
- echo "USE_GNUTLS_PC=gnutls" >> Makefile
- use pkcs11 || echo "AVOID_GNUTLS_PKCS11=yes" >> Makefile
- else
- echo "USE_OPENSSL_PC=openssl" >> Makefile
- fi
- fi
-
- # TCP wrappers
- if use tcpd; then
- cat >> Makefile <<- EOC
- USE_TCP_WRAPPERS=yes
- EXTRALIBS_EXIM += -lwrap
- EOC
- fi
-
- # Light Mail Transport Protocol
- if use lmtp; then
- cat >> Makefile <<- EOC
- TRANSPORT_LMTP=yes
- EOC
- fi
-
- # embedded Perl
- if use perl; then
- cat >> Makefile <<- EOC
- EXIM_PERL=perl.o
- EOC
- fi
-
- # dlfunc
- if use dlfunc; then
- cat >> Makefile <<- EOC
- EXPAND_DLFUNC=yes
- HAVE_LOCAL_SCAN=yes
- DLOPEN_LOCAL_SCAN=yes
- EOC
- fi
-
- # Proxy Protocol
- if use proxy; then
- cat >> Makefile <<- EOC
- SUPPORT_PROXY=yes
- EOC
- fi
-
- # DANE
- if use dane; then
- cat >> Makefile <<- EOC
- SUPPORT_DANE=yes
- EOC
- fi
-
- # Sender Policy Framework
- if use spf; then
- cat >> Makefile <<- EOC
- SUPPORT_SPF=yes
- EXTRALIBS_EXIM += -lspf2
- EOC
- fi
-
- #
- # experimental features
- #
-
- # Authenticated Receive Chain
- if use arc; then
- echo "EXPERIMENTAL_ARC=yes">> Makefile
- fi
-
- # Distributed Checksum Clearinghouse
- if use dcc; then
- echo "EXPERIMENTAL_DCC=yes">> Makefile
- fi
-
- # Sender Rewriting Scheme
- if use srs; then
- cat >> Makefile <<- EOC
- EXPERIMENTAL_SRS=yes
- EXTRALIBS_EXIM += -lsrs_alt
- EOC
- fi
-
- # DMARC
- if use dmarc; then
- cat >> Makefile <<- EOC
- EXPERIMENTAL_DMARC=yes
- EXTRALIBS_EXIM += -lopendmarc
- EOC
- fi
-
- # Delivery Sender Notifications extra information in fail message
- if use dsn; then
- cat >> Makefile <<- EOC
- EXPERIMENTAL_DSN_INFO=yes
- EOC
- fi
-
- #
- # authentication (SMTP AUTH)
- #
-
- # standard bits
- cat >> Makefile <<- EOC
- AUTH_SPA=yes
- AUTH_CRAM_MD5=yes
- AUTH_PLAINTEXT=yes
- EOC
-
- # Cyrus SASL
- if use sasl; then
- cat >> Makefile <<- EOC
- CYRUS_SASLAUTHD_SOCKET=${EPREFIX}/run/saslauthd/mux
- AUTH_CYRUS_SASL=yes
- AUTH_LIBS += -lsasl2
- EOC
- fi
-
- # Dovecot
- if use dovecot-sasl; then
- cat >> Makefile <<- EOC
- AUTH_DOVECOT=yes
- EOC
- fi
-
- # Pluggable Authentication Modules
- if use pam; then
- cat >> Makefile <<- EOC
- SUPPORT_PAM=yes
- AUTH_LIBS += -lpam
- EOC
- fi
-
- # Radius
- if use radius; then
- cat >> Makefile <<- EOC
- RADIUS_CONFIG_FILE=${EPREFIX}/etc/radiusclient/radiusclient.conf
- RADIUS_LIB_TYPE=RADIUSCLIENTNEW
- AUTH_LIBS += -lfreeradius-client
- EOC
- fi
-}
-
-src_compile() {
- emake CC="$(tc-getCC)" HOSTCC="$(tc-getBUILD_CC)" \
- AR="$(tc-getAR) cq" RANLIB="$(tc-getRANLIB)" FULLECHO=''
-}
-
-src_install() {
- cd "${S}"/build-exim-gentoo || die
- dosbin exim
- if use X; then
- dosbin eximon.bin
- dosbin eximon
- fi
- fperms 4755 /usr/sbin/exim
-
- dosym exim /usr/sbin/sendmail
- dosym exim /usr/sbin/rsmtp
- dosym exim /usr/sbin/rmail
- dosym ../sbin/exim /usr/bin/mailq
- dosym ../sbin/exim /usr/bin/newaliases
- dosym ../sbin/sendmail /usr/lib/sendmail
-
- for i in exicyclog exim_dbmbuild exim_dumpdb exim_fixdb exim_lock \
- exim_tidydb exinext exiwhat exigrep eximstats exiqsumm exiqgrep \
- convert4r3 convert4r4 exipick
- do
- dosbin $i
- done
-
- dodoc -r "${S}"/doc/.
- doman "${S}"/doc/exim.8
- use dsn && dodoc "${S}"/README.DSN
- use doc && dodoc "${WORKDIR}"/${PN}-pdf-${PV//rc/RC}/doc/*.pdf
-
- # conf files
- insinto /etc/exim
- newins "${S}"/src/configure.default exim.conf.dist
- if use exiscan-acl; then
- newins "${S}"/src/configure.default exim.conf.exiscan-acl
- fi
- doins "${WORKDIR}"/system_filter.exim
- doins "${FILESDIR}"/auth_conf.sub
-
- pamd_mimic system-auth exim auth account
-
- # headers, #436406
- if use dlfunc ; then
- # fixup includes so they actually can be found when including
- sed -i \
- -e '/#include "\(config\|store\|mytypes\).h"/s:"\(.\+\)":<exim/\1>:' \
- local_scan.h || die
- insinto /usr/include/exim
- doins {config,local_scan}.h ../src/{mytypes,store}.h
- fi
-
- insinto /etc/logrotate.d
- newins "${FILESDIR}/exim.logrotate" exim
-
- newinitd "${FILESDIR}"/exim.rc10 exim
- newconfd "${FILESDIR}"/exim.confd exim
-
- systemd_dounit \
- "${FILESDIR}"/{exim.service,exim.socket,exim-submission.socket}
- systemd_newunit \
- "${FILESDIR}"/exim_at.service 'exim@.service'
- systemd_newunit \
- "${FILESDIR}"/exim-submission_at.service 'exim-submission@.service'
-
- diropts -m 0750 -o ${MAILUSER} -g ${MAILGROUP}
- keepdir /var/log/${PN}
-}
-
-pkg_postinst() {
- if [[ ! -f ${EROOT}/etc/exim/exim.conf ]] ; then
- einfo "${EROOT}/etc/exim/system_filter.exim is a sample system_filter."
- einfo "${EROOT}/etc/exim/auth_conf.sub contains the configuration sub"
- einfo "for using smtp auth."
- einfo "Please create ${EROOT}/etc/exim/exim.conf from"
- einfo " ${EROOT}/etc/exim/exim.conf.dist."
- fi
- if use dcc ; then
- einfo "DCC support is experimental, you can find some limited"
- einfo "documentation at the bottom of this prerelease message:"
- einfo "http://article.gmane.org/gmane.mail.exim.devel/3579"
- fi
- use srs && einfo "SRS support is experimental"
- if use dmarc ; then
- einfo "DMARC support is experimental. See global settings to"
- einfo "configure DMARC, for usage see the documentation at "
- einfo "experimental-spec.txt."
- fi
- use dsn && einfo "extra information in fail DSN message is experimental"
- elog "The obsolete acl condition 'demime' is removed, the replacements"
- elog "are the ACLs acl_smtp_mime and acl_not_smtp_mime"
-}
diff --git a/mail-mta/exim/files/exim-4.82-makefile-freebsd.patch b/mail-mta/exim/files/exim-4.82-makefile-freebsd.patch
deleted file mode 100644
index 9693d4945ad..00000000000
--- a/mail-mta/exim/files/exim-4.82-makefile-freebsd.patch
+++ /dev/null
@@ -1,45 +0,0 @@
---- OS/Makefile-FreeBSD.orig 2013-09-30 19:59:09.000000000 +0200
-+++ OS/Makefile-FreeBSD 2013-09-30 20:01:22.000000000 +0200
-@@ -1,10 +1,8 @@
--# Exim: OS-specific make file for FreeBSD
--# There's no setting of CFLAGS here, to allow the system default
--# for "make" to be the default.
--
--CHOWN_COMMAND=/usr/sbin/chown
--STRIP_COMMAND=/usr/bin/strip
--CHMOD_COMMAND=/bin/chmod
-+# Exim: OS-specific FreeBSD make file, modified for Gentoo Prefix
-+
-+CHOWN_COMMAND=look_for_it
-+STRIP_COMMAND=
-+CHMOD_COMMAND=look_for_it
-
- HAVE_SA_LEN=YES
-
-@@ -15,17 +13,9 @@
- CFLAGS_DYNAMIC=-shared -rdynamic -fPIC
-
- # FreeBSD always ships with Berkeley DB
-+DBMLIB = -ldb
- USE_DB=yes
-
--# This code for building outside ports suggested by Richard Clayton
--.ifdef X11BASE
--X11=${X11BASE}
--.elifdef LOCALBASE
--X11=$(LOCALBASE)
--.else
--X11=/usr/local
--.endif
--
- # nb: FreeBSD is entirely elf; objformat was removed prior to FreeBSD 7
- # http://www.freebsd.org/cgi/cvsweb.cgi/src/usr.bin/objformat/Attic/objformat.c
- # deleted Jan 2007.
-@@ -37,6 +27,7 @@
- # switch to default to ELF came with FreeBSD 3. elf(5) claims ELF support
- # introduced in FreeBSD 2.2.6.
- #
-+X11=/usr/X11R6
- XINCLUDE=-I$(X11)/include
- XLFLAGS=-L$(X11)/lib -Wl,-rpath,${X11}/lib
- X11_LD_LIB=$(X11)/lib
diff --git a/mail-mta/exim/files/exim-4.89-as-needed-ldflags.patch b/mail-mta/exim/files/exim-4.89-as-needed-ldflags.patch
deleted file mode 100644
index 49e430939fc..00000000000
--- a/mail-mta/exim/files/exim-4.89-as-needed-ldflags.patch
+++ /dev/null
@@ -1,145 +0,0 @@
-https://bugs.gentoo.org/show_bug.cgi?id=352265
-
-Make sure LDFLAGS comes first, such that all libraries are considered,
-and not discarded when --as-needed is in effect.
-
-https://bugs.gentoo.org/show_bug.cgi?id=391279
-
-Use LDFLAGS for all targets, not just the exim binary, such that
---as-needed works as well.
-
-
---- OS/Makefile-Base
-+++ OS/Makefile-Base
-@@ -346,12 +346,12 @@
- buildrouters buildtransports \
- $(OBJ_EXIM) version.o
- @echo "$(LNCC) -o exim"
-- $(FE)$(PURIFY) $(LNCC) -o exim $(LFLAGS) $(OBJ_EXIM) version.o \
-+ $(FE)$(PURIFY) $(LNCC) -o exim $(LDFLAGS) $(OBJ_EXIM) version.o \
- routers/routers.a transports/transports.a lookups/lookups.a \
- auths/auths.a pdkim/pdkim.a \
- $(LIBRESOLV) $(LIBS) $(LIBS_EXIM) $(IPV6_LIBS) $(EXTRALIBS) \
- $(EXTRALIBS_EXIM) $(DBMLIB) $(LOOKUP_LIBS) $(AUTH_LIBS) \
-- $(PERL_LIBS) $(TLS_LIBS) $(PCRE_LIBS) $(LDFLAGS)
-+ $(PERL_LIBS) $(TLS_LIBS) $(PCRE_LIBS) $(LFLAGS)
- @if [ x"$(STRIP_COMMAND)" != x"" ]; then \
- echo $(STRIP_COMMAND) exim; \
- $(STRIP_COMMAND) exim; \
-@@ -367,8 +367,8 @@
-
- exim_dumpdb: $(OBJ_DUMPDB)
- @echo "$(LNCC) -o exim_dumpdb"
-- $(FE)$(LNCC) $(CFLAGS) $(INCLUDE) -o exim_dumpdb $(LFLAGS) $(OBJ_DUMPDB) \
-- $(LIBS) $(EXTRALIBS) $(DBMLIB)
-+ $(FE)$(LNCC) $(CFLAGS) $(INCLUDE) -o exim_dumpdb $(LDFLAGS) $(OBJ_DUMPDB) \
-+ $(LIBS) $(EXTRALIBS) $(DBMLIB) $(LFLAGS)
- @if [ x"$(STRIP_COMMAND)" != x"" ]; then \
- echo $(STRIP_COMMAND) exim_dumpdb; \
- $(STRIP_COMMAND) exim_dumpdb; \
-@@ -382,8 +382,8 @@
-
- exim_fixdb: $(OBJ_FIXDB) buildauths
- @echo "$(LNCC) -o exim_fixdb"
-- $(FE)$(LNCC) $(CFLAGS) $(INCLUDE) -o exim_fixdb $(LFLAGS) $(OBJ_FIXDB) \
-- auths/auths.a $(LIBS) $(EXTRALIBS) $(DBMLIB)
-+ $(FE)$(LNCC) $(CFLAGS) $(INCLUDE) -o exim_fixdb $(LDFLAGS) $(OBJ_FIXDB) \
-+ auths/auths.a $(LIBS) $(EXTRALIBS) $(DBMLIB) $(LFLAGS)
- @if [ x"$(STRIP_COMMAND)" != x"" ]; then \
- echo $(STRIP_COMMAND) exim_fixdb; \
- $(STRIP_COMMAND) exim_fixdb; \
-@@ -397,8 +397,8 @@
-
- exim_tidydb: $(OBJ_TIDYDB)
- @echo "$(LNCC) -o exim_tidydb"
-- $(FE)$(LNCC) $(CFLAGS) $(INCLUDE) -o exim_tidydb $(LFLAGS) $(OBJ_TIDYDB) \
-- $(LIBS) $(EXTRALIBS) $(DBMLIB)
-+ $(FE)$(LNCC) $(CFLAGS) $(INCLUDE) -o exim_tidydb $(LDFLAGS) $(OBJ_TIDYDB) \
-+ $(LIBS) $(EXTRALIBS) $(DBMLIB) $(LFLAGS)
- @if [ x"$(STRIP_COMMAND)" != x"" ]; then \
- echo $(STRIP_COMMAND) exim_tidydb; \
- $(STRIP_COMMAND) exim_tidydb; \
-@@ -410,8 +410,8 @@
-
- exim_dbmbuild: exim_dbmbuild.o
- @echo "$(LNCC) -o exim_dbmbuild"
-- $(FE)$(LNCC) $(CFLAGS) $(INCLUDE) -o exim_dbmbuild $(LFLAGS) exim_dbmbuild.o \
-- $(LIBS) $(EXTRALIBS) $(DBMLIB)
-+ $(FE)$(LNCC) $(CFLAGS) $(INCLUDE) -o exim_dbmbuild $(LDFLAGS) exim_dbmbuild.o \
-+ $(LIBS) $(EXTRALIBS) $(DBMLIB) $(LFLAGS)
- @if [ x"$(STRIP_COMMAND)" != x"" ]; then \
- echo $(STRIP_COMMAND) exim_dbmbuild; \
- $(STRIP_COMMAND) exim_dbmbuild; \
-@@ -425,8 +425,8 @@
- @echo "$(CC) exim_lock.c"
- $(FE)$(CC) -c $(CFLAGS) $(INCLUDE) exim_lock.c
- @echo "$(LNCC) -o exim_lock"
-- $(FE)$(LNCC) -o exim_lock $(LFLAGS) exim_lock.o \
-- $(LIBS) $(EXTRALIBS)
-+ $(FE)$(LNCC) -o exim_lock $(LDFLAGS) exim_lock.o \
-+ $(LIBS) $(EXTRALIBS) $(LFLAGS)
- @if [ x"$(STRIP_COMMAND)" != x"" ]; then \
- echo $(STRIP_COMMAND) exim_lock; \
- $(STRIP_COMMAND) exim_lock; \
-@@ -462,9 +462,9 @@
- $(FE)$(CC) -o em_version.o -c \
- $(CFLAGS) $(XINCLUDE) -I. ../exim_monitor/em_version.c
- @echo "$(LNCC) -o eximon.bin"
-- $(FE)$(PURIFY) $(LNCC) -o eximon.bin em_version.o $(LFLAGS) $(XLFLAGS) \
-+ $(FE)$(PURIFY) $(LNCC) -o eximon.bin em_version.o $(LDFLAGS) $(XLFLAGS) \
- $(OBJ_MONBIN) -lXaw -lXmu -lXt -lXext -lX11 $(PCRE_LIBS) \
-- $(LIBS) $(LIBS_EXIMON) $(EXTRALIBS) $(EXTRALIBS_EXIMON) -lc
-+ $(LIBS) $(LIBS_EXIMON) $(EXTRALIBS) $(EXTRALIBS_EXIMON) -lc $(LFLAGS)
- @if [ x"$(STRIP_COMMAND)" != x"" ]; then \
- echo $(STRIP_COMMAND) eximon.bin; \
- $(STRIP_COMMAND) eximon.bin; \
-@@ -780,9 +780,9 @@
- string.o tod.o version.o utf8.o
- $(CC) -c $(CFLAGS) $(INCLUDE) -DSTAND_ALONE dbfn.c
- $(CC) -c $(CFLAGS) $(INCLUDE) -DCOMPILE_UTILITY store.c
-- $(LNCC) -o test_dbfn $(LFLAGS) dbfn.o \
-+ $(LNCC) -o test_dbfn $(LDFLAGS) dbfn.o \
- dummies.o sa-globals.o sa-os.o store.o string.o \
-- tod.o version.o utf8.o $(LIBS) $(DBMLIB) $(LDFLAGS)
-+ tod.o version.o utf8.o $(LIBS) $(DBMLIB) $(LFLAGS)
- rm -f dbfn.o store.o
-
- test_host: config.h child.c host.c dns.c dummies.c sa-globals.o os.o \
-@@ -790,29 +790,29 @@
- $(CC) -c $(CFLAGS) $(INCLUDE) -DSTAND_ALONE -DTEST_HOST host.c
- $(CC) -c $(CFLAGS) $(INCLUDE) -DSTAND_ALONE -DTEST_HOST dns.c
- $(CC) -c $(CFLAGS) $(INCLUDE) -DSTAND_ALONE -DTEST_HOST dummies.c
-- $(LNCC) -o test_host $(LFLAGS) \
-+ $(LNCC) -o test_host $(LDFLAGS) \
- host.o child.o dns.o dummies.o sa-globals.o os.o store.o string.o \
-- tod.o tree.o $(LIBS) $(LIBRESOLV)
-+ tod.o tree.o $(LIBS) $(LIBRESOLV) $(LFLAGS)
- rm -f child.o dummies.o host.o dns.o
-
- test_os: os.h os.c dummies.o sa-globals.o store.o string.o tod.o utf8.o
- $(CC) -c $(CFLAGS) $(INCLUDE) -DSTAND_ALONE os.c
-- $(LNCC) -o test_os $(LFLAGS) os.o dummies.o \
-- sa-globals.o store.o string.o tod.o utf8.o $(LIBS) $(LDFLAGS)
-+ $(LNCC) -o test_os $(LDFLAGS) os.o dummies.o \
-+ sa-globals.o store.o string.o tod.o utf8.o $(LIBS) $(LFLAGS)
- rm -f os.o
-
- test_parse: config.h parse.c dummies.o sa-globals.o \
- store.o string.o tod.o version.o utf8.o
- $(CC) -c $(CFLAGS) $(INCLUDE) -DSTAND_ALONE parse.c
-- $(LNCC) -o test_parse $(LFLAGS) parse.o \
-+ $(LNCC) -o test_parse $(LDFLAGS) parse.o \
- dummies.o sa-globals.o store.o string.o tod.o version.o \
-- utf8.o $(LDFLAGS)
-+ utf8.o $(LFLAGS)
- rm -f parse.o
-
- test_string: config.h string.c dummies.o sa-globals.o store.o tod.o utf8.o
- $(CC) -c $(CFLAGS) $(INCLUDE) -DSTAND_ALONE string.c
-- $(LNCC) -o test_string $(LFLAGS) -DSTAND_ALONE string.o \
-- dummies.o sa-globals.o store.o tod.o utf8.o $(LIBS) $(LDFLAGS)
-+ $(LNCC) -o test_string $(LDFLAGS) -DSTAND_ALONE string.o \
-+ dummies.o sa-globals.o store.o tod.o utf8.o $(LIBS) $(LFLAGS)
- rm -f string.o
-
- # End
diff --git a/mail-mta/exim/files/exim-4.92-fix-eval-expansion-32bit.patch b/mail-mta/exim/files/exim-4.92-fix-eval-expansion-32bit.patch
deleted file mode 100644
index 17d7d21113d..00000000000
--- a/mail-mta/exim/files/exim-4.92-fix-eval-expansion-32bit.patch
+++ /dev/null
@@ -1,51 +0,0 @@
-Extract from complete patch from
-https://git.exim.org/exim.git/patch/26dd3aa007b3b77969610c031f59388e0953bd00
-to only take the buildconfig.c change because the git directory
-structure is different from a release tarball causing this patch to fail
-otherwise.
-
-From 26dd3aa007b3b77969610c031f59388e0953bd00 Mon Sep 17 00:00:00 2001
-From: Jeremy Harris <jgh146exb@wizmail.org>
-Date: Fri, 7 Jun 2019 11:54:10 +0100
-Subject: [PATCH] Fix detection of 32b platform at build time. Bug 2405
-
----
- src/src/buildconfig.c | 12 +++++---
- test/scripts/0000-Basic/0002 | 72 +++++++++++++++++++++++---------------------
- test/stdout/0002 | 72 +++++++++++++++++++++++---------------------
- 3 files changed, 83 insertions(+), 73 deletions(-)
-
-diff --git a/src/src/buildconfig.c b/src/src/buildconfig.c
-index 71cf97b..a680b34 100644
---- a/src/src/buildconfig.c
-+++ b/src/src/buildconfig.c
-@@ -111,6 +111,7 @@ unsigned long test_ulong_t = 0L;
- unsigned int test_uint_t = 0;
- #endif
- long test_long_t = 0;
-+long long test_longlong_t = 0;
- int test_int_t = 0;
- FILE *base;
- FILE *new;
-@@ -155,15 +156,16 @@ This assumption is known to be OK for the common operating systems. */
-
- fprintf(new, "#ifndef OFF_T_FMT\n");
- if (sizeof(test_off_t) > sizeof(test_long_t))
-- {
- fprintf(new, "# define OFF_T_FMT \"%%lld\"\n");
-- fprintf(new, "# define LONGLONG_T long long int\n");
-- }
- else
-- {
- fprintf(new, "# define OFF_T_FMT \"%%ld\"\n");
-+fprintf(new, "#endif\n\n");
-+
-+fprintf(new, "#ifndef LONGLONG_T\n");
-+if (sizeof(test_longlong_t) > sizeof(test_long_t))
-+ fprintf(new, "# define LONGLONG_T long long int\n");
-+else
- fprintf(new, "# define LONGLONG_T long int\n");
-- }
- fprintf(new, "#endif\n\n");
-
- /* Now do the same thing for time_t variables. If the length is greater than
diff --git a/mail-mta/exim/files/exim-4.92-localscan_dlopen.patch b/mail-mta/exim/files/exim-4.92-localscan_dlopen.patch
deleted file mode 100644
index 57363e56d50..00000000000
--- a/mail-mta/exim/files/exim-4.92-localscan_dlopen.patch
+++ /dev/null
@@ -1,267 +0,0 @@
-diff -ur exim-4.92.orig/src/config.h.defaults exim-4.92/src/config.h.defaults
---- exim-4.92.orig/src/config.h.defaults 2019-01-30 14:59:52.000000000 +0100
-+++ exim-4.92/src/config.h.defaults 2019-02-16 18:17:24.547216157 +0100
-@@ -32,6 +32,8 @@
-
- #define AUTH_VARS 3
-
-+#define DLOPEN_LOCAL_SCAN
-+
- #define BIN_DIRECTORY
-
- #define CONFIGURE_FILE
-Only in exim-4.92/src: config.h.defaults.orig
-diff -ur exim-4.92.orig/src/EDITME exim-4.92/src/EDITME
---- exim-4.92.orig/src/EDITME 2019-01-30 14:59:52.000000000 +0100
-+++ exim-4.92/src/EDITME 2019-02-16 18:17:24.547216157 +0100
-@@ -824,6 +824,24 @@
-
-
- #------------------------------------------------------------------------------
-+# On systems which support dynamic loading of shared libraries, Exim can
-+# load a local_scan function specified in its config file instead of having
-+# to be recompiled with the desired local_scan function. For a full
-+# description of the API to this function, see the Exim specification.
-+
-+#DLOPEN_LOCAL_SCAN=yes
-+
-+# If you set DLOPEN_LOCAL_SCAN, then you need to include -rdynamic in the
-+# linker flags. Without it, the loaded .so won't be able to access any
-+# functions from exim.
-+
-+LFLAGS = -rdynamic
-+ifeq ($(OSTYPE),Linux)
-+LFLAGS += -ldl
-+endif
-+
-+
-+#------------------------------------------------------------------------------
- # The default distribution of Exim contains only the plain text form of the
- # documentation. Other forms are available separately. If you want to install
- # the documentation in "info" format, first fetch the Texinfo documentation
-Only in exim-4.92/src: EDITME.orig
-diff -ur exim-4.92.orig/src/globals.c exim-4.92/src/globals.c
---- exim-4.92.orig/src/globals.c 2019-01-30 14:59:52.000000000 +0100
-+++ exim-4.92/src/globals.c 2019-02-16 18:17:24.549216150 +0100
-@@ -41,6 +41,10 @@
-
- uschar *no_aliases = NULL;
-
-+#ifdef DLOPEN_LOCAL_SCAN
-+uschar *local_scan_path = NULL;
-+#endif
-+
-
- /* For comments on these variables, see globals.h. I'm too idle to
- duplicate them here... */
-Only in exim-4.92/src: globals.c.orig
-diff -ur exim-4.92.orig/src/globals.h exim-4.92/src/globals.h
---- exim-4.92.orig/src/globals.h 2019-01-30 14:59:52.000000000 +0100
-+++ exim-4.92/src/globals.h 2019-02-16 18:17:24.549216150 +0100
-@@ -152,6 +152,9 @@
- extern int (*receive_ferror)(void);
- extern BOOL (*receive_smtp_buffered)(void);
-
-+#ifdef DLOPEN_LOCAL_SCAN
-+extern uschar *local_scan_path; /* Path to local_scan() library */
-+#endif
-
- /* For clearing, saving, restoring address expansion variables. We have to have
- the size of this vector set explicitly, because it is referenced from more than
-Only in exim-4.92/src: globals.h.orig
-diff -ur exim-4.92.orig/src/local_scan.c exim-4.92/src/local_scan.c
---- exim-4.92.orig/src/local_scan.c 2019-01-30 14:59:52.000000000 +0100
-+++ exim-4.92/src/local_scan.c 2019-02-16 18:29:56.832732592 +0100
-@@ -5,61 +5,131 @@
- /* Copyright (c) University of Cambridge 1995 - 2009 */
- /* See the file NOTICE for conditions of use and distribution. */
-
-+#include "exim.h"
-
--/******************************************************************************
--This file contains a template local_scan() function that just returns ACCEPT.
--If you want to implement your own version, you should copy this file to, say
--Local/local_scan.c, and edit the copy. To use your version instead of the
--default, you must set
--
--HAVE_LOCAL_SCAN=yes
--LOCAL_SCAN_SOURCE=Local/local_scan.c
--
--in your Local/Makefile. This makes it easy to copy your version for use with
--subsequent Exim releases.
--
--For a full description of the API to this function, see the Exim specification.
--******************************************************************************/
--
--
--/* This is the only Exim header that you should include. The effect of
--including any other Exim header is not defined, and may change from release to
--release. Use only the documented interface! */
--
--#include "local_scan.h"
--
--
--/* This is a "do-nothing" version of a local_scan() function. The arguments
--are:
--
-- fd The file descriptor of the open -D file, which contains the
-- body of the message. The file is open for reading and
-- writing, but modifying it is dangerous and not recommended.
--
-- return_text A pointer to an unsigned char* variable which you can set in
-- order to return a text string. It is initialized to NULL.
--
--The return values of this function are:
--
-- LOCAL_SCAN_ACCEPT
-- The message is to be accepted. The return_text argument is
-- saved in $local_scan_data.
--
-- LOCAL_SCAN_REJECT
-- The message is to be rejected. The returned text is used
-- in the rejection message.
--
-- LOCAL_SCAN_TEMPREJECT
-- This specifies a temporary rejection. The returned text
-- is used in the rejection message.
--*/
-+#ifdef DLOPEN_LOCAL_SCAN
-+#include <dlfcn.h>
-+static int (*local_scan_fn)(int fd, uschar **return_text) = NULL;
-+static int load_local_scan_library(void);
-+#endif
-
- int
- local_scan(int fd, uschar **return_text)
- {
- fd = fd; /* Keep picky compilers happy */
- return_text = return_text;
--return LOCAL_SCAN_ACCEPT;
-+#ifdef DLOPEN_LOCAL_SCAN
-+/* local_scan_path is defined AND not the empty string */
-+if (local_scan_path && *local_scan_path)
-+ {
-+ if (!local_scan_fn)
-+ {
-+ if (!load_local_scan_library())
-+ {
-+ char *base_msg , *error_msg , *final_msg ;
-+ int final_length = -1 ;
-+
-+ base_msg=US"Local configuration error - local_scan() library failure\n";
-+ error_msg = dlerror() ;
-+
-+ final_length = strlen(base_msg) + strlen(error_msg) + 1 ;
-+ final_msg = (char*)malloc( final_length*sizeof(char) ) ;
-+ *final_msg = '\0' ;
-+
-+ strcat( final_msg , base_msg ) ;
-+ strcat( final_msg , error_msg ) ;
-+
-+ *return_text = final_msg ;
-+ return LOCAL_SCAN_TEMPREJECT;
-+ }
-+ }
-+ return local_scan_fn(fd, return_text);
-+ }
-+else
-+#endif
-+ return LOCAL_SCAN_ACCEPT;
-+}
-+
-+#ifdef DLOPEN_LOCAL_SCAN
-+
-+static int load_local_scan_library(void)
-+{
-+/* No point in keeping local_scan_lib since we'll never dlclose() anyway */
-+void *local_scan_lib = NULL;
-+int (*local_scan_version_fn)(void);
-+int vers_maj;
-+int vers_min;
-+
-+local_scan_lib = dlopen(local_scan_path, RTLD_NOW);
-+if (!local_scan_lib)
-+ {
-+ log_write(0, LOG_MAIN|LOG_REJECT, "local_scan() library open failed - "
-+ "message temporarily rejected");
-+ return FALSE;
-+ }
-+
-+local_scan_version_fn = dlsym(local_scan_lib, "local_scan_version_major");
-+if (!local_scan_version_fn)
-+ {
-+ dlclose(local_scan_lib);
-+ log_write(0, LOG_MAIN|LOG_REJECT, "local_scan() library doesn't contain "
-+ "local_scan_version_major() function - message temporarily rejected");
-+ return FALSE;
-+ }
-+
-+/* The major number is increased when the ABI is changed in a non
-+ backward compatible way. */
-+vers_maj = local_scan_version_fn();
-+
-+local_scan_version_fn = dlsym(local_scan_lib, "local_scan_version_minor");
-+if (!local_scan_version_fn)
-+ {
-+ dlclose(local_scan_lib);
-+ log_write(0, LOG_MAIN|LOG_REJECT, "local_scan() library doesn't contain "
-+ "local_scan_version_minor() function - message temporarily rejected");
-+ return FALSE;
-+ }
-+
-+/* The minor number is increased each time a new feature is added (in a
-+ way that doesn't break backward compatibility) -- Marc */
-+vers_min = local_scan_version_fn();
-+
-+
-+if (vers_maj != LOCAL_SCAN_ABI_VERSION_MAJOR)
-+ {
-+ dlclose(local_scan_lib);
-+ local_scan_lib = NULL;
-+ log_write(0, LOG_MAIN|LOG_REJECT, "local_scan() has an incompatible major"
-+ "version number, you need to recompile your module for this version"
-+ "of exim (The module was compiled for version %d.%d and this exim provides"
-+ "ABI version %d.%d)", vers_maj, vers_min, LOCAL_SCAN_ABI_VERSION_MAJOR,
-+ LOCAL_SCAN_ABI_VERSION_MINOR);
-+ return FALSE;
-+ }
-+else if (vers_min > LOCAL_SCAN_ABI_VERSION_MINOR)
-+ {
-+ dlclose(local_scan_lib);
-+ local_scan_lib = NULL;
-+ log_write(0, LOG_MAIN|LOG_REJECT, "local_scan() has an incompatible minor"
-+ "version number, you need to recompile your module for this version"
-+ "of exim (The module was compiled for version %d.%d and this exim provides"
-+ "ABI version %d.%d)", vers_maj, vers_min, LOCAL_SCAN_ABI_VERSION_MAJOR,
-+ LOCAL_SCAN_ABI_VERSION_MINOR);
-+ return FALSE;
-+ }
-+
-+local_scan_fn = dlsym(local_scan_lib, "local_scan");
-+if (!local_scan_fn)
-+ {
-+ dlclose(local_scan_lib);
-+ log_write(0, LOG_MAIN|LOG_REJECT, "local_scan() library doesn't contain "
-+ "local_scan() function - message temporarily rejected");
-+ return FALSE;
-+ }
-+
-+return TRUE;
- }
-
-+#endif /* DLOPEN_LOCAL_SCAN */
-+
- /* End of local_scan.c */
-diff -ur exim-4.92.orig/src/readconf.c exim-4.92/src/readconf.c
---- exim-4.92.orig/src/readconf.c 2019-01-30 14:59:52.000000000 +0100
-+++ exim-4.92/src/readconf.c 2019-02-16 18:18:46.013947455 +0100
-@@ -199,6 +199,9 @@
- { "local_from_prefix", opt_stringptr, &local_from_prefix },
- { "local_from_suffix", opt_stringptr, &local_from_suffix },
- { "local_interfaces", opt_stringptr, &local_interfaces },
-+#ifdef DLOPEN_LOCAL_SCAN
-+ { "local_scan_path", opt_stringptr, &local_scan_path },
-+#endif
- #ifdef HAVE_LOCAL_SCAN
- { "local_scan_timeout", opt_time, &local_scan_timeout },
- #endif
^ permalink raw reply related [flat|nested] 24+ messages in thread
* [gentoo-commits] repo/gentoo:master commit in: mail-mta/exim/files/, mail-mta/exim/
@ 2020-05-24 11:27 Fabian Groffen
0 siblings, 0 replies; 24+ messages in thread
From: Fabian Groffen @ 2020-05-24 11:27 UTC (permalink / raw
To: gentoo-commits
commit: 08aa447245b739b69a7e36cd324967b3160f2865
Author: Fabian Groffen <grobian <AT> gentoo <DOT> org>
AuthorDate: Sun May 24 11:26:24 2020 +0000
Commit: Fabian Groffen <grobian <AT> gentoo <DOT> org>
CommitDate: Sun May 24 11:26:54 2020 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=08aa4472
mail-mta/exim-4.93.0.4-r1: add patch to fix compilation using -fno-common
Closes: https://bugs.gentoo.org/723430
Package-Manager: Portage-2.3.89, Repoman-2.3.20
Signed-off-by: Fabian Groffen <grobian <AT> gentoo.org>
mail-mta/exim/exim-4.93.0.4-r1.ebuild | 1 +
mail-mta/exim/files/exim-4.93-fno-common.patch | 16 ++++++++++++++++
2 files changed, 17 insertions(+)
diff --git a/mail-mta/exim/exim-4.93.0.4-r1.ebuild b/mail-mta/exim/exim-4.93.0.4-r1.ebuild
index cb68569b7c8..19d13cef361 100644
--- a/mail-mta/exim/exim-4.93.0.4-r1.ebuild
+++ b/mail-mta/exim/exim-4.93.0.4-r1.ebuild
@@ -116,6 +116,7 @@ src_prepare() {
eapply "${FILESDIR}"/exim-4.93-localscan_dlopen.patch
eapply -p2 "${FILESDIR}"/exim-4.93-radius.patch # 720364
eapply "${FILESDIR}"/exim-4.93-CVE-2020-12783.patch # 722484
+ eapply "${FILESDIR}"/exim-4.93-fno-common.patch # 723430
if use maildir ; then
eapply "${FILESDIR}"/exim-4.20-maildir.patch
diff --git a/mail-mta/exim/files/exim-4.93-fno-common.patch b/mail-mta/exim/files/exim-4.93-fno-common.patch
new file mode 100644
index 00000000000..c5fff1c6720
--- /dev/null
+++ b/mail-mta/exim/files/exim-4.93-fno-common.patch
@@ -0,0 +1,16 @@
+Fix -fno-common linking
+
+Bug: https://bugs.gentoo.org/723430
+Bug: https://bugs.exim.org/show_bug.cgi?id=2577
+
+--- exim-4.93.0.4/src/globals.h
++++ exim-4.93.0.4/src/globals.h
+@@ -342,7 +342,7 @@
+ extern BOOL allow_domain_literals; /* As it says */
+ extern BOOL allow_mx_to_ip; /* Allow MX records to -> ip address */
+ #ifdef EXPERIMENTAL_ARC
+-struct arc_set *arc_received; /* highest ARC instance evaluation struct */
++extern struct arc_set *arc_received; /* highest ARC instance evaluation struct */
+ extern int arc_received_instance; /* highest ARC instance number in headers */
+ extern int arc_oldest_pass; /* lowest passing instance number in headers */
+ extern const uschar *arc_state; /* verification state */
^ permalink raw reply related [flat|nested] 24+ messages in thread
* [gentoo-commits] repo/gentoo:master commit in: mail-mta/exim/files/, mail-mta/exim/
@ 2020-06-01 17:58 Fabian Groffen
0 siblings, 0 replies; 24+ messages in thread
From: Fabian Groffen @ 2020-06-01 17:58 UTC (permalink / raw
To: gentoo-commits
commit: 57df96d9c31aae23c50a28f1da2505e72afeb42c
Author: Fabian Groffen <grobian <AT> gentoo <DOT> org>
AuthorDate: Mon Jun 1 17:57:35 2020 +0000
Commit: Fabian Groffen <grobian <AT> gentoo <DOT> org>
CommitDate: Mon Jun 1 17:58:47 2020 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=57df96d9
mail-mta/exim-4.94: version bump
Package-Manager: Portage-2.3.99, Repoman-2.3.22
Signed-off-by: Fabian Groffen <grobian <AT> gentoo.org>
mail-mta/exim/Manifest | 2 +
mail-mta/exim/exim-4.94.ebuild | 588 +++++++++++++++++++++
.../exim/files/exim-4.94-localscan_dlopen.patch | 269 ++++++++++
mail-mta/exim/files/exim-4.94-maildir.patch | 13 +
4 files changed, 872 insertions(+)
diff --git a/mail-mta/exim/Manifest b/mail-mta/exim/Manifest
index e08c0096757..b618d116c98 100644
--- a/mail-mta/exim/Manifest
+++ b/mail-mta/exim/Manifest
@@ -1,3 +1,5 @@
DIST exim-4.93.0.4.tar.xz 1804696 BLAKE2B 721336101104d9c71b3bb6f432e382c28ad17d80cdb50d04213989e65a719d906caf8eb95639bfaf7a1bfdd62c7000d9df14484953446ecfca901fd7c708514e SHA512 84951849b69399d6f187d2801760dc0cb9e61c88c7c88aaca4e07e48120199a6be94b2236d058ffeacb8d611dd84056b610d480353c301a3ad5799768dd39d96
+DIST exim-4.94.tar.xz 1828824 BLAKE2B 3836ae6427830b16fa366f5ca35431144eb48b922b699da20f3a5e423c9c8266def981afa008e50a879ac3583f3491d8f9c449e67c66053dc45e8612e38e836f SHA512 3bf95ade30902327403e7308089a3e423761da5b0745397dace7c7fd15ba3838d93e0ee418f1fed57606f79e57b793c7c7407e5c0d526146f0036126d5d95316
DIST exim-pdf-4.93.0.4.tar.xz 2069744 BLAKE2B 28730134293d87b16d672df66119ff97aaf2d796cf28842bb5bf6831a0be6a186a5cce503200b9fc985aaa14386053ca83c259625949634c5a28937b285247ca SHA512 929b4198a3e8764a64478e7ff5a9c7398ad1990114206b68494b1f1f563c23405c7b440e2f21a9f777e9e3cd3a3398d6faea3b882407f731ef3a767c27fd9361
+DIST exim-pdf-4.94.tar.xz 2089804 BLAKE2B 08f4631e903f1344d76da8dc1dcfd122cd5963bb2efbd54a486e7cf95df9e7ef06aa31dead1243a007656f05c18993f3fda18ba16ba1fde9377ac33324d5fe99 SHA512 d56666b619ba850dfa68de90afc7435bae741d72d18b5837762781ba18032878323ad40978e0113d4b88a01fd7a1d07213e6a74c38d699371d62796b6c3c35cc
DIST system_filter.exim.gz 3075 BLAKE2B d05e872b5cef377d29126cda03fc0a74c8777b2119b76ff43da6e8de808035eb9bfcb034a85d81824f135d484e864bfc0629fc1af2c228a7277d5ee7cf9cde79 SHA512 cb358d3ce2499a0bb5920d962a06f2af8486e55ec90c8c928bd8e3aefb279aa57f5f960d5adfcef68bd94110b405eaa144e9629cfe6014a529c79c544600bbf3
diff --git a/mail-mta/exim/exim-4.94.ebuild b/mail-mta/exim/exim-4.94.ebuild
new file mode 100644
index 00000000000..eaeaaeefbd3
--- /dev/null
+++ b/mail-mta/exim/exim-4.94.ebuild
@@ -0,0 +1,588 @@
+# Copyright 1999-2020 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI="7"
+
+inherit db-use toolchain-funcs multilib pam systemd
+
+IUSE="arc +dane dcc +dkim dlfunc dmarc +dnsdb doc dovecot-sasl dsn elibc_glibc exiscan-acl gnutls idn ipv6 ldap libressl lmtp maildir mbx mysql nis pam perl pkcs11 postgres +prdr proxy radius redis sasl selinux spf sqlite srs +ssl syslog tcpd +tpda X"
+REQUIRED_USE="
+ arc? ( dkim spf )
+ dane? ( ssl !gnutls )
+ dmarc? ( dkim spf )
+ dkim? ( ssl !gnutls )
+ gnutls? ( ssl )
+ pkcs11? ( ssl )
+ spf? ( exiscan-acl )
+ srs? ( exiscan-acl )
+"
+# NOTE on USE="gnutls dane", gnutls[dane] is masked in base, unmasked
+# for x86 and amd64 only, due to this, repoman won't allow depending on
+# gnutls[dane] for all else. Because we cannot express USE=dane when
+# USE=gnutls is in effect only in package.use.mask, the only option we
+# have left is to a) ignore the dependency (but that results in bug
+# #661164) or b) mask the usage of USE=dane with USE=gnutls. Both are
+# incorrect, but b) is the only "correct" view from repoman.
+
+SDIR=$([[ ${PV} == *_rc* ]] && echo /test
+ [[ ${PV} == *.*.*.* ]] && echo /fixes)
+COMM_URI="https://downloads.exim.org/exim4${SDIR}"
+
+DESCRIPTION="A highly configurable, drop-in replacement for sendmail"
+SRC_URI="${COMM_URI}/${P//_rc/-RC}.tar.xz
+ mirror://gentoo/system_filter.exim.gz
+ doc? ( ${COMM_URI}/${PN}-pdf-${PV//_rc/-RC}.tar.xz )"
+HOMEPAGE="https://www.exim.org/"
+
+SLOT="0"
+LICENSE="GPL-2"
+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~ppc ~ppc64 ~sparc ~x86 ~x86-solaris"
+
+COMMON_DEPEND=">=sys-apps/sed-4.0.5
+ ( >=sys-libs/db-3.2:= <sys-libs/db-6:= )
+ dev-libs/libpcre
+ idn? ( net-dns/libidn:= net-dns/libidn2:= )
+ perl? ( dev-lang/perl:= )
+ pam? ( sys-libs/pam )
+ tcpd? ( sys-apps/tcp-wrappers )
+ ssl? (
+ gnutls? (
+ net-libs/gnutls:0=[pkcs11?]
+ dev-libs/libtasn1
+ )
+ !gnutls? (
+ !libressl? ( dev-libs/openssl:0= )
+ libressl? ( dev-libs/libressl:= )
+ )
+ )
+ ldap? ( >=net-nds/openldap-2.0.7 )
+ nis? (
+ elibc_glibc? (
+ net-libs/libtirpc
+ >=net-libs/libnsl-1:=
+ )
+ )
+ mysql? ( dev-db/mysql-connector-c:= )
+ postgres? ( dev-db/postgresql:= )
+ sasl? ( >=dev-libs/cyrus-sasl-2.1.26-r2 )
+ redis? ( dev-libs/hiredis )
+ spf? ( >=mail-filter/libspf2-1.2.5-r1 )
+ dmarc? ( mail-filter/opendmarc )
+ srs? ( mail-filter/libsrs_alt )
+ X? (
+ x11-libs/libX11
+ x11-libs/libXmu
+ x11-libs/libXt
+ x11-libs/libXaw
+ )
+ sqlite? ( dev-db/sqlite )
+ radius? ( net-dialup/freeradius-client )
+ virtual/libiconv
+ elibc_glibc? ( net-libs/libnsl )
+ "
+ # added X check for #57206
+BDEPEND="virtual/pkgconfig"
+DEPEND="${COMMON_DEPEND}"
+RDEPEND="${COMMON_DEPEND}
+ !mail-mta/courier
+ !mail-mta/esmtp
+ !mail-mta/mini-qmail
+ !<mail-mta/msmtp-1.4.19-r1
+ !>=mail-mta/msmtp-1.4.19-r1[mta]
+ !mail-mta/netqmail
+ !mail-mta/nullmailer
+ !mail-mta/postfix
+ !mail-mta/qmail-ldap
+ !mail-mta/sendmail
+ !mail-mta/opensmtpd
+ !<mail-mta/ssmtp-2.64-r2
+ !>=mail-mta/ssmtp-2.64-r2[mta]
+ !net-mail/mailwrapper
+ >=net-mail/mailbase-0.00-r5
+ virtual/logger
+ dcc? ( mail-filter/dcc )
+ selinux? ( sec-policy/selinux-exim )
+ "
+
+S=${WORKDIR}/${P//_rc/-RC}
+
+src_prepare() {
+ # Legacy patches which need a respin for -p1
+ eapply -p0 "${FILESDIR}"/exim-4.14-tail.patch
+ eapply -p0 "${FILESDIR}"/exim-4.74-radius-db-ENV-clash.patch # 287426
+ eapply "${FILESDIR}"/exim-4.93-as-needed-ldflags.patch # 352265, 391279
+ eapply -p0 "${FILESDIR}"/exim-4.76-crosscompile.patch # 266591
+ eapply "${FILESDIR}"/exim-4.69-r1.27021.patch
+ eapply "${FILESDIR}"/exim-4.94-localscan_dlopen.patch
+
+ if use maildir ; then
+ eapply "${FILESDIR}"/exim-4.94-maildir.patch
+ else
+ eapply -p0 "${FILESDIR}"/exim-4.80-spool-mail-group.patch # 438606
+ fi
+
+ eapply_user
+
+ # user Exim believes it should be
+ MAILUSER=mail
+ MAILGROUP=mail
+ if use prefix && [[ ${EUID} != 0 ]] ; then
+ MAILUSER=$(id -un)
+ MAILGROUP=$(id -gn)
+ fi
+}
+
+src_configure() {
+ # general config and paths
+
+ local aliases="${EPREFIX}/etc/mail/aliases"
+ sed -i \
+ -e "/SYSTEM_ALIASES_FILE/s'SYSTEM_ALIASES_FILE'${aliases}'" \
+ src/configure.default || die
+
+ sed -i -e 's/^buildname=.*/buildname=exim-gentoo/' Makefile || die
+
+ if use elibc_musl; then
+ sed -i -e 's/^LIBS = -lnsl/LIBS =/g' OS/Makefile-Linux || die
+ fi
+
+ local conffile="${EPREFIX}/etc/exim/exim.conf"
+ sed -e "48i\CFLAGS=${CFLAGS}" \
+ -e "s:BIN_DIRECTORY=/usr/exim/bin:BIN_DIRECTORY=${EPREFIX}/usr/sbin:" \
+ -e "s;EXIM_USER=;EXIM_USER=ref:${MAILUSER};" \
+ -e "s:CONFIGURE_FILE=.*$:CONFIGURE_FILE=${conffile}:" \
+ -e "s:ZCAT_COMMAND=.*$:ZCAT_COMMAND=${EPREFIX}/bin/zcat:" \
+ -e "s:COMPRESS_COMMAND=.*$:COMPRESS_COMMAND=${EPREFIX}/bin/gzip:" \
+ src/EDITME > Local/Makefile || die
+
+ # work on Local/Makefile from now on
+ cd Local
+
+ cat >> Makefile <<- EOC
+ INFO_DIRECTORY=${EPREFIX}/usr/share/info
+ PID_FILE_PATH=${EPREFIX}/run/exim.pid
+ SPOOL_DIRECTORY=${EPREFIX}/var/spool/exim
+ HAVE_ICONV=yes
+ EOC
+
+ # if we use libiconv, now is the time to tell so
+ if use !elibc_glibc && use !elibc_musl ; then
+ cat >> Makefile <<- EOC
+ EXTRALIBS_EXIM=-liconv
+ EOC
+ fi
+
+ # support for IPv6
+ if use ipv6; then
+ cat >> Makefile <<- EOC
+ HAVE_IPV6=YES
+ EOC
+ fi
+
+ # support i18n/IDNA
+ if use idn; then
+ cat >> Makefile <<- EOC
+ SUPPORT_I18N=yes
+ SUPPORT_I18N_2008=yes
+ EXTRALIBS_EXIM += -lidn -lidn2
+ EOC
+ fi
+
+ #
+ # mail storage formats
+ #
+
+ # mailstore is Exim's traditional storage format
+ cat >> Makefile <<- EOC
+ SUPPORT_MAILSTORE=yes
+ EOC
+
+ # mbox
+ if use mbx; then
+ cat >> Makefile <<- EOC
+ SUPPORT_MBX=yes
+ EOC
+ fi
+
+ # maildir
+ if use maildir; then
+ cat >> Makefile <<- EOC
+ SUPPORT_MAILDIR=yes
+ EOC
+ fi
+
+ #
+ # lookup methods
+
+ # use the "native" interfaces to the DBM and CDB libraries, support
+ # passwd and directory lookups by default
+ local DB_VERS="5.3 5.1 4.8 4.7 4.6 4.5 4.4 4.3 4.2 3.2"
+ cat >> Makefile <<- EOC
+ USE_DB=yes
+ LOOKUP_CDB=yes
+ LOOKUP_PASSWD=yes
+ LOOKUP_DSEARCH=yes
+ # keep include in CFLAGS because exim.h -> dbstuff.h -> db.h
+ CFLAGS += -I$(db_includedir ${DB_VERS})
+ DBMLIB = -l$(db_libname ${DB_VERS})
+ EOC
+
+ if ! use dnsdb; then
+ # DNSDB lookup is enabled by default
+ sed -i -e 's:^LOOKUP_DNSDB=yes:# LOOKUP_DNSDB=yes:' Makefile || die
+ fi
+
+ if use ldap; then
+ cat >> Makefile <<- EOC
+ LOOKUP_LDAP=yes
+ LDAP_LIB_TYPE=OPENLDAP2
+ LOOKUP_INCLUDE += -I"${EPREFIX}"/usr/include/ldap
+ LOOKUP_LIBS += -lldap -llber
+ EOC
+ fi
+
+ if use mysql; then
+ cat >> Makefile <<- EOC
+ LOOKUP_MYSQL=yes
+ LOOKUP_INCLUDE += $(mysql_config --include)
+ LOOKUP_LIBS += $(mysql_config --libs)
+ EOC
+ fi
+
+ if use nis; then
+ cat >> Makefile <<- EOC
+ LOOKUP_NIS=yes
+ LOOKUP_NISPLUS=yes
+ EOC
+ if use elibc_glibc ; then
+ cat >> Makefile <<- EOC
+ LOOKUP_INCLUDE += -I"${EPREFIX}"/usr/include/tirpc
+ LOOKUP_LIBS += -lnsl
+ EOC
+ fi
+ fi
+
+ if use postgres; then
+ cat >> Makefile <<- EOC
+ LOOKUP_PGSQL=yes
+ LOOKUP_INCLUDE += -I$(pg_config --includedir)
+ LOOKUP_LIBS += -L$(pg_config --libdir) -lpq
+ EOC
+ fi
+
+ if use sqlite; then
+ cat >> Makefile <<- EOC
+ LOOKUP_SQLITE=yes
+ LOOKUP_SQLITE_PC=sqlite3
+ EOC
+ fi
+
+ if use redis; then
+ cat >> Makefile <<- EOC
+ LOOKUP_REDIS=yes
+ LOOKUP_LIBS += -lhiredis
+ EOC
+ fi
+
+ # Exim monitor, enabled by default, controlled via X USE-flag,
+ # disable if not requested, bug #46778
+ if use X; then
+ cp ../exim_monitor/EDITME eximon.conf || die
+ cat >> Makefile <<- EOC
+ EXIM_MONITOR=eximon.bin
+ EOC
+ fi
+
+ #
+ # features
+ #
+
+ # content scanning support
+ if use exiscan-acl; then
+ cat >> Makefile <<- EOC
+ WITH_CONTENT_SCAN=yes
+ EOC
+ fi
+
+ # DomainKeys Identified Mail, RFC4871
+ if ! use dkim; then
+ # DKIM is enabled by default
+ cat >> Makefile <<- EOC
+ DISABLE_DKIM=yes
+ EOC
+ fi
+
+ # Per-Recipient-Data-Response
+ if ! use prdr; then
+ # PRDR is enabled by default
+ cat >> Makefile <<- EOC
+ DISABLE_PRDR=yes
+ EOC
+ fi
+
+ # Transport post-delivery actions
+ if use !tpda && use !dane; then
+ # EVENT is enabled by default
+ cat >> Makefile <<- EOC
+ DISABLE_EVENT=yes
+ EOC
+ fi
+
+ # log to syslog
+ if use syslog; then
+ local eximlog="${EPREFIX}/var/log/exim/exim_%s.log"
+ sed -i \
+ -e "s:LOG_FILE_PATH=${eximlog}:LOG_FILE_PATH=syslog:" \
+ Makefile || die
+ cat >> Makefile <<- EOC
+ LOG_FILE_PATH=syslog
+ EOC
+ else
+ cat >> Makefile <<- EOC
+ LOG_FILE_PATH=${EPREFIX}/var/log/exim/exim_%s.log
+ EOC
+ fi
+
+ # starttls support (ssl)
+ if use ssl; then
+ if use gnutls; then
+ echo "USE_GNUTLS=yes" >> Makefile
+ echo "USE_GNUTLS_PC=gnutls $(use dane && echo gnutls-dane)" \
+ >> Makefile
+ use pkcs11 || echo "AVOID_GNUTLS_PKCS11=yes" >> Makefile
+ else
+ echo "USE_OPENSSL=yes" >> Makefile
+ echo "USE_OPENSSL_PC=openssl" >> Makefile
+ fi
+ else
+ echo "DISABLE_TLS=yes" >> Makefile
+ fi
+
+ # TCP wrappers
+ if use tcpd; then
+ cat >> Makefile <<- EOC
+ USE_TCP_WRAPPERS=yes
+ EXTRALIBS_EXIM += -lwrap
+ EOC
+ fi
+
+ # Light Mail Transport Protocol
+ if use lmtp; then
+ cat >> Makefile <<- EOC
+ TRANSPORT_LMTP=yes
+ EOC
+ fi
+
+ # embedded Perl
+ if use perl; then
+ cat >> Makefile <<- EOC
+ EXIM_PERL=perl.o
+ EOC
+ fi
+
+ # dlfunc
+ if use dlfunc; then
+ cat >> Makefile <<- EOC
+ EXPAND_DLFUNC=yes
+ HAVE_LOCAL_SCAN=yes
+ DLOPEN_LOCAL_SCAN=yes
+ EOC
+ fi
+
+ # Proxy Protocol
+ if use proxy; then
+ cat >> Makefile <<- EOC
+ SUPPORT_PROXY=yes
+ EOC
+ fi
+
+ # DANE
+ if use !dane; then
+ # DANE is enabled by default
+ sed -i -e 's:^SUPPORT_DANE=yes:# SUPPORT_DANE=yes:' Makefile || die
+ fi
+
+ # DMARC
+ if use dmarc; then
+ cat >> Makefile <<- EOC
+ SUPPORT_DMARC=yes
+ EXTRALIBS_EXIM += -lopendmarc
+ EOC
+ fi
+
+ # Sender Policy Framework
+ if use spf; then
+ cat >> Makefile <<- EOC
+ SUPPORT_SPF=yes
+ EXTRALIBS_EXIM += -lspf2
+ EOC
+ fi
+
+ #
+ # experimental features
+ #
+
+ # Authenticated Receive Chain
+ if use arc; then
+ echo "EXPERIMENTAL_ARC=yes">> Makefile
+ fi
+
+ # Distributed Checksum Clearinghouse
+ if use dcc; then
+ echo "EXPERIMENTAL_DCC=yes">> Makefile
+ fi
+
+ # Sender Rewriting Scheme
+ if use srs; then
+ cat >> Makefile <<- EOC
+ EXPERIMENTAL_SRS=yes
+ EXTRALIBS_EXIM += -lsrs_alt
+ EOC
+ fi
+
+ # Delivery Sender Notifications extra information in fail message
+ if use dsn; then
+ cat >> Makefile <<- EOC
+ EXPERIMENTAL_DSN_INFO=yes
+ EOC
+ fi
+
+ #
+ # authentication (SMTP AUTH)
+ #
+
+ # standard bits
+ cat >> Makefile <<- EOC
+ AUTH_SPA=yes
+ AUTH_CRAM_MD5=yes
+ AUTH_PLAINTEXT=yes
+ EOC
+
+ # Cyrus SASL
+ if use sasl; then
+ cat >> Makefile <<- EOC
+ CYRUS_SASLAUTHD_SOCKET=${EPREFIX}/run/saslauthd/mux
+ AUTH_CYRUS_SASL=yes
+ AUTH_LIBS += -lsasl2
+ EOC
+ fi
+
+ # Dovecot
+ if use dovecot-sasl; then
+ cat >> Makefile <<- EOC
+ AUTH_DOVECOT=yes
+ EOC
+ fi
+
+ # Pluggable Authentication Modules
+ if use pam; then
+ cat >> Makefile <<- EOC
+ SUPPORT_PAM=yes
+ AUTH_LIBS += -lpam
+ EOC
+ fi
+
+ # Radius
+ if use radius; then
+ cat >> Makefile <<- EOC
+ RADIUS_CONFIG_FILE=${EPREFIX}/etc/radiusclient/radiusclient.conf
+ RADIUS_LIB_TYPE=RADIUSCLIENTNEW
+ AUTH_LIBS += -lfreeradius-client
+ EOC
+ fi
+}
+
+src_compile() {
+ emake CC="$(tc-getCC)" HOSTCC="$(tc-getBUILD_CC)" \
+ AR="$(tc-getAR) cq" RANLIB="$(tc-getRANLIB)" FULLECHO=''
+}
+
+src_install() {
+ cd "${S}"/build-exim-gentoo || die
+ dosbin exim
+ if use X; then
+ dosbin eximon.bin
+ dosbin eximon
+ fi
+ fperms 4755 /usr/sbin/exim
+
+ dosym exim /usr/sbin/sendmail
+ dosym exim /usr/sbin/rsmtp
+ dosym exim /usr/sbin/rmail
+ dosym ../sbin/exim /usr/bin/mailq
+ dosym ../sbin/exim /usr/bin/newaliases
+ dosym ../sbin/sendmail /usr/lib/sendmail
+
+ for i in exicyclog exim_dbmbuild exim_dumpdb exim_fixdb exim_lock \
+ exim_tidydb exinext exiwhat exigrep eximstats exiqsumm exiqgrep \
+ convert4r3 convert4r4 exipick
+ do
+ dosbin $i
+ done
+
+ dodoc -r "${S}"/doc/.
+ doman "${S}"/doc/exim.8
+ use dsn && dodoc "${S}"/README.DSN
+ use doc && dodoc "${WORKDIR}"/${PN}-pdf-${PV//rc/RC}/doc/*.pdf
+
+ # conf files
+ insinto /etc/exim
+ newins "${S}"/src/configure.default exim.conf.dist
+ if use exiscan-acl; then
+ newins "${S}"/src/configure.default exim.conf.exiscan-acl
+ fi
+ doins "${WORKDIR}"/system_filter.exim
+ doins "${FILESDIR}"/auth_conf.sub
+
+ pamd_mimic system-auth exim auth account
+
+ # headers, #436406
+ if use dlfunc ; then
+ # fixup includes so they actually can be found when including
+ sed -i \
+ -e '/#include "\(config\|store\|mytypes\).h"/s:"\(.\+\)":<exim/\1>:' \
+ local_scan.h || die
+ insinto /usr/include/exim
+ doins {config,local_scan}.h ../src/{mytypes,store}.h
+ fi
+
+ insinto /etc/logrotate.d
+ newins "${FILESDIR}/exim.logrotate" exim
+
+ newinitd "${FILESDIR}"/exim.rc10 exim
+ newconfd "${FILESDIR}"/exim.confd exim
+
+ systemd_dounit \
+ "${FILESDIR}"/{exim.service,exim.socket,exim-submission.socket}
+ systemd_newunit \
+ "${FILESDIR}"/exim_at.service 'exim@.service'
+ systemd_newunit \
+ "${FILESDIR}"/exim-submission_at.service 'exim-submission@.service'
+
+ diropts -m 0750 -o ${MAILUSER} -g ${MAILGROUP}
+ keepdir /var/log/${PN}
+}
+
+pkg_postinst() {
+ if [[ ! -f ${EROOT}/etc/exim/exim.conf ]] ; then
+ einfo "${EROOT}/etc/exim/system_filter.exim is a sample system_filter."
+ einfo "${EROOT}/etc/exim/auth_conf.sub contains the configuration sub"
+ einfo "for using smtp auth."
+ einfo "Please create ${EROOT}/etc/exim/exim.conf from"
+ einfo " ${EROOT}/etc/exim/exim.conf.dist."
+ fi
+ if use dmarc ; then
+ einfo "DMARC support requires ${EROOT}/etc/exim/opendmarc.tlds"
+ einfo "you can populate this file with the contents downloaded from"
+ einfo " https://publicsuffix.org/list/public_suffix_list.dat"
+ fi
+ if use dcc ; then
+ einfo "DCC support is experimental, you can find some limited"
+ einfo "documentation at the bottom of this prerelease message:"
+ einfo " http://article.gmane.org/gmane.mail.exim.devel/3579"
+ fi
+ use srs && einfo "SRS support is experimental"
+ use dsn && einfo "extra information in fail DSN message is experimental"
+ elog "The obsolete acl condition 'demime' is removed, the replacements"
+ elog "are the ACLs acl_smtp_mime and acl_not_smtp_mime"
+}
diff --git a/mail-mta/exim/files/exim-4.94-localscan_dlopen.patch b/mail-mta/exim/files/exim-4.94-localscan_dlopen.patch
new file mode 100644
index 00000000000..68ff48ac2a3
--- /dev/null
+++ b/mail-mta/exim/files/exim-4.94-localscan_dlopen.patch
@@ -0,0 +1,269 @@
+diff -ur exim-4.92.orig/src/config.h.defaults exim-4.92/src/config.h.defaults
+--- exim-4.92.orig/src/config.h.defaults 2019-01-30 14:59:52.000000000 +0100
++++ exim-4.92/src/config.h.defaults 2019-02-16 18:17:24.547216157 +0100
+@@ -32,6 +32,8 @@
+
+ #define AUTH_VARS 3
+
++#define DLOPEN_LOCAL_SCAN
++
+ #define BIN_DIRECTORY
+
+ #define CONFIGURE_FILE
+Only in exim-4.92/src: config.h.defaults.orig
+diff -ur exim-4.92.orig/src/EDITME exim-4.92/src/EDITME
+--- exim-4.92.orig/src/EDITME 2019-01-30 14:59:52.000000000 +0100
++++ exim-4.92/src/EDITME 2019-02-16 18:17:24.547216157 +0100
+@@ -824,6 +824,24 @@
+
+
+ #------------------------------------------------------------------------------
++# On systems which support dynamic loading of shared libraries, Exim can
++# load a local_scan function specified in its config file instead of having
++# to be recompiled with the desired local_scan function. For a full
++# description of the API to this function, see the Exim specification.
++
++#DLOPEN_LOCAL_SCAN=yes
++
++# If you set DLOPEN_LOCAL_SCAN, then you need to include -rdynamic in the
++# linker flags. Without it, the loaded .so won't be able to access any
++# functions from exim.
++
++LFLAGS = -rdynamic
++ifeq ($(OSTYPE),Linux)
++LFLAGS += -ldl
++endif
++
++
++#------------------------------------------------------------------------------
+ # The default distribution of Exim contains only the plain text form of the
+ # documentation. Other forms are available separately. If you want to install
+ # the documentation in "info" format, first fetch the Texinfo documentation
+Only in exim-4.92/src: EDITME.orig
+diff -ur exim-4.92.orig/src/globals.c exim-4.92/src/globals.c
+--- exim-4.92.orig/src/globals.c 2019-01-30 14:59:52.000000000 +0100
++++ exim-4.92/src/globals.c 2019-02-16 18:17:24.549216150 +0100
+@@ -41,6 +41,10 @@
+
+ uschar *no_aliases = NULL;
+
++#ifdef DLOPEN_LOCAL_SCAN
++uschar *local_scan_path = NULL;
++#endif
++
+
+ /* For comments on these variables, see globals.h. I'm too idle to
+ duplicate them here... */
+Only in exim-4.92/src: globals.c.orig
+diff -ur exim-4.92.orig/src/globals.h exim-4.92/src/globals.h
+--- exim-4.92.orig/src/globals.h 2019-01-30 14:59:52.000000000 +0100
++++ exim-4.92/src/globals.h 2019-02-16 18:17:24.549216150 +0100
+@@ -152,6 +152,9 @@
+ extern int (*receive_ferror)(void);
+ extern BOOL (*receive_smtp_buffered)(void);
+
++#ifdef DLOPEN_LOCAL_SCAN
++extern uschar *local_scan_path; /* Path to local_scan() library */
++#endif
+
+ /* For clearing, saving, restoring address expansion variables. We have to have
+ the size of this vector set explicitly, because it is referenced from more than
+Only in exim-4.92/src: globals.h.orig
+diff -ur exim-4.92.orig/src/local_scan.c exim-4.92/src/local_scan.c
+--- exim-4.92.orig/src/local_scan.c 2019-01-30 14:59:52.000000000 +0100
++++ exim-4.92/src/local_scan.c 2019-02-16 18:29:56.832732592 +0100
+@@ -5,61 +5,133 @@
+ /* Copyright (c) University of Cambridge 1995 - 2009 */
+ /* See the file NOTICE for conditions of use and distribution. */
+
++#include "local_scan.h"
+
+-/******************************************************************************
+-This file contains a template local_scan() function that just returns ACCEPT.
+-If you want to implement your own version, you should copy this file to, say
+-Local/local_scan.c, and edit the copy. To use your version instead of the
+-default, you must set
+-
+-HAVE_LOCAL_SCAN=yes
+-LOCAL_SCAN_SOURCE=Local/local_scan.c
+-
+-in your Local/Makefile. This makes it easy to copy your version for use with
+-subsequent Exim releases.
+-
+-For a full description of the API to this function, see the Exim specification.
+-******************************************************************************/
+-
+-
+-/* This is the only Exim header that you should include. The effect of
+-including any other Exim header is not defined, and may change from release to
+-release. Use only the documented interface! */
+-
+-#include "local_scan.h"
+-
+-
+-/* This is a "do-nothing" version of a local_scan() function. The arguments
+-are:
+-
+- fd The file descriptor of the open -D file, which contains the
+- body of the message. The file is open for reading and
+- writing, but modifying it is dangerous and not recommended.
+-
+- return_text A pointer to an unsigned char* variable which you can set in
+- order to return a text string. It is initialized to NULL.
+-
+-The return values of this function are:
+-
+- LOCAL_SCAN_ACCEPT
+- The message is to be accepted. The return_text argument is
+- saved in $local_scan_data.
+-
+- LOCAL_SCAN_REJECT
+- The message is to be rejected. The returned text is used
+- in the rejection message.
+-
+- LOCAL_SCAN_TEMPREJECT
+- This specifies a temporary rejection. The returned text
+- is used in the rejection message.
+-*/
++#ifdef DLOPEN_LOCAL_SCAN
++#include <stdlib.h>
++#include <dlfcn.h>
++static int (*local_scan_fn)(int fd, uschar **return_text) = NULL;
++static int load_local_scan_library(void);
++extern uschar *local_scan_path; /* Path to local_scan() library */
++#endif
+
+ int
+ local_scan(int fd, uschar **return_text)
+ {
+ fd = fd; /* Keep picky compilers happy */
+ return_text = return_text;
+-return LOCAL_SCAN_ACCEPT;
++#ifdef DLOPEN_LOCAL_SCAN
++/* local_scan_path is defined AND not the empty string */
++if (local_scan_path && *local_scan_path)
++ {
++ if (!local_scan_fn)
++ {
++ if (!load_local_scan_library())
++ {
++ char *base_msg , *error_msg , *final_msg ;
++ int final_length = -1 ;
++
++ base_msg=US"Local configuration error - local_scan() library failure\n";
++ error_msg = dlerror() ;
++
++ final_length = strlen(base_msg) + strlen(error_msg) + 1 ;
++ final_msg = (char*)malloc( final_length*sizeof(char) ) ;
++ *final_msg = '\0' ;
++
++ strcat( final_msg , base_msg ) ;
++ strcat( final_msg , error_msg ) ;
++
++ *return_text = final_msg ;
++ return LOCAL_SCAN_TEMPREJECT;
++ }
++ }
++ return local_scan_fn(fd, return_text);
++ }
++else
++#endif
++ return LOCAL_SCAN_ACCEPT;
++}
++
++#ifdef DLOPEN_LOCAL_SCAN
++
++static int load_local_scan_library(void)
++{
++/* No point in keeping local_scan_lib since we'll never dlclose() anyway */
++void *local_scan_lib = NULL;
++int (*local_scan_version_fn)(void);
++int vers_maj;
++int vers_min;
++
++local_scan_lib = dlopen(local_scan_path, RTLD_NOW);
++if (!local_scan_lib)
++ {
++ log_write(0, LOG_MAIN|LOG_REJECT, "local_scan() library open failed - "
++ "message temporarily rejected");
++ return FALSE;
++ }
++
++local_scan_version_fn = dlsym(local_scan_lib, "local_scan_version_major");
++if (!local_scan_version_fn)
++ {
++ dlclose(local_scan_lib);
++ log_write(0, LOG_MAIN|LOG_REJECT, "local_scan() library doesn't contain "
++ "local_scan_version_major() function - message temporarily rejected");
++ return FALSE;
++ }
++
++/* The major number is increased when the ABI is changed in a non
++ backward compatible way. */
++vers_maj = local_scan_version_fn();
++
++local_scan_version_fn = dlsym(local_scan_lib, "local_scan_version_minor");
++if (!local_scan_version_fn)
++ {
++ dlclose(local_scan_lib);
++ log_write(0, LOG_MAIN|LOG_REJECT, "local_scan() library doesn't contain "
++ "local_scan_version_minor() function - message temporarily rejected");
++ return FALSE;
++ }
++
++/* The minor number is increased each time a new feature is added (in a
++ way that doesn't break backward compatibility) -- Marc */
++vers_min = local_scan_version_fn();
++
++
++if (vers_maj != LOCAL_SCAN_ABI_VERSION_MAJOR)
++ {
++ dlclose(local_scan_lib);
++ local_scan_lib = NULL;
++ log_write(0, LOG_MAIN|LOG_REJECT, "local_scan() has an incompatible major"
++ "version number, you need to recompile your module for this version"
++ "of exim (The module was compiled for version %d.%d and this exim provides"
++ "ABI version %d.%d)", vers_maj, vers_min, LOCAL_SCAN_ABI_VERSION_MAJOR,
++ LOCAL_SCAN_ABI_VERSION_MINOR);
++ return FALSE;
++ }
++else if (vers_min > LOCAL_SCAN_ABI_VERSION_MINOR)
++ {
++ dlclose(local_scan_lib);
++ local_scan_lib = NULL;
++ log_write(0, LOG_MAIN|LOG_REJECT, "local_scan() has an incompatible minor"
++ "version number, you need to recompile your module for this version"
++ "of exim (The module was compiled for version %d.%d and this exim provides"
++ "ABI version %d.%d)", vers_maj, vers_min, LOCAL_SCAN_ABI_VERSION_MAJOR,
++ LOCAL_SCAN_ABI_VERSION_MINOR);
++ return FALSE;
++ }
++
++local_scan_fn = dlsym(local_scan_lib, "local_scan");
++if (!local_scan_fn)
++ {
++ dlclose(local_scan_lib);
++ log_write(0, LOG_MAIN|LOG_REJECT, "local_scan() library doesn't contain "
++ "local_scan() function - message temporarily rejected");
++ return FALSE;
++ }
++
++return TRUE;
+ }
+
++#endif /* DLOPEN_LOCAL_SCAN */
++
+ /* End of local_scan.c */
+diff -ur exim-4.92.orig/src/readconf.c exim-4.92/src/readconf.c
+--- exim-4.92.orig/src/readconf.c 2019-01-30 14:59:52.000000000 +0100
++++ exim-4.92/src/readconf.c 2019-02-16 18:18:46.013947455 +0100
+@@ -205,6 +205,9 @@
+ { "local_from_prefix", opt_stringptr, {&local_from_prefix} },
+ { "local_from_suffix", opt_stringptr, {&local_from_suffix} },
+ { "local_interfaces", opt_stringptr, {&local_interfaces} },
++#ifdef DLOPEN_LOCAL_SCAN
++ { "local_scan_path", opt_stringptr, {&local_scan_path} },
++#endif
+ #ifdef HAVE_LOCAL_SCAN
+ { "local_scan_timeout", opt_time, {&local_scan_timeout} },
+ #endif
diff --git a/mail-mta/exim/files/exim-4.94-maildir.patch b/mail-mta/exim/files/exim-4.94-maildir.patch
new file mode 100644
index 00000000000..a1a728158ac
--- /dev/null
+++ b/mail-mta/exim/files/exim-4.94-maildir.patch
@@ -0,0 +1,13 @@
+--- a/src/configure.default
++++ b/src/configure.default
+@@ -873,7 +873,9 @@
+
+ local_delivery:
+ driver = appendfile
+- file = /var/mail/$local_part_data
++# file = /var/mail/$local_part_data
++ directory = /home/$local_part_data/.maildir
++ maildir_format
+ delivery_date_add
+ envelope_to_add
+ return_path_add
^ permalink raw reply related [flat|nested] 24+ messages in thread
* [gentoo-commits] repo/gentoo:master commit in: mail-mta/exim/files/, mail-mta/exim/
@ 2021-05-05 18:43 Fabian Groffen
0 siblings, 0 replies; 24+ messages in thread
From: Fabian Groffen @ 2021-05-05 18:43 UTC (permalink / raw
To: gentoo-commits
commit: 51ce2b02fc364a4a963c913edfc47084c3daa8ad
Author: Fabian Groffen <grobian <AT> gentoo <DOT> org>
AuthorDate: Wed May 5 18:43:16 2021 +0000
Commit: Fabian Groffen <grobian <AT> gentoo <DOT> org>
CommitDate: Wed May 5 18:43:26 2021 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=51ce2b02
mail-mta/exim: cleanup
Bug: https://bugs.gentoo.org/786945
Package-Manager: Portage-3.0.18, Repoman-3.0.2
Signed-off-by: Fabian Groffen <grobian <AT> gentoo.org>
mail-mta/exim/Manifest | 4 -
mail-mta/exim/exim-4.93.0.4-r2.ebuild | 592 --------------------
mail-mta/exim/exim-4.94-r2.ebuild | 593 --------------------
mail-mta/exim/exim-4.94-r3.ebuild | 617 ---------------------
mail-mta/exim/files/exim-4.20-maildir.patch | 14 -
mail-mta/exim/files/exim-4.93-CVE-2020-12783.patch | 83 ---
mail-mta/exim/files/exim-4.93-fno-common.patch | 16 -
.../exim/files/exim-4.93-localscan_dlopen.patch | 269 ---------
mail-mta/exim/files/exim-4.93-radius.patch | 66 ---
.../exim/files/exim-4.94-taint-pam-expansion.patch | 35 --
10 files changed, 2289 deletions(-)
diff --git a/mail-mta/exim/Manifest b/mail-mta/exim/Manifest
index 65f5493bddf..3a31f9eb19f 100644
--- a/mail-mta/exim/Manifest
+++ b/mail-mta/exim/Manifest
@@ -1,7 +1,3 @@
-DIST exim-4.93.0.4.tar.xz 1804696 BLAKE2B 721336101104d9c71b3bb6f432e382c28ad17d80cdb50d04213989e65a719d906caf8eb95639bfaf7a1bfdd62c7000d9df14484953446ecfca901fd7c708514e SHA512 84951849b69399d6f187d2801760dc0cb9e61c88c7c88aaca4e07e48120199a6be94b2236d058ffeacb8d611dd84056b610d480353c301a3ad5799768dd39d96
DIST exim-4.94.2.tar.xz 1838076 BLAKE2B 684e115a7af3efdab15451f8e11f9b53455c9166d8c078216d7a95223d77569cec8a882ed99b9180acbd8a9e747a0bca03d56993d011de15dc35143a989ab046 SHA512 5334c236221ed4e03dbc33e6a79d939b06037fa2f4b71971607a360b67af5c85a89681ee13a5eeaf0184382c55a160cf2e89ed7afb2949f025a54f1e88f9e3fc
-DIST exim-4.94.tar.xz 1828824 BLAKE2B 3836ae6427830b16fa366f5ca35431144eb48b922b699da20f3a5e423c9c8266def981afa008e50a879ac3583f3491d8f9c449e67c66053dc45e8612e38e836f SHA512 3bf95ade30902327403e7308089a3e423761da5b0745397dace7c7fd15ba3838d93e0ee418f1fed57606f79e57b793c7c7407e5c0d526146f0036126d5d95316
-DIST exim-pdf-4.93.0.4.tar.xz 2069744 BLAKE2B 28730134293d87b16d672df66119ff97aaf2d796cf28842bb5bf6831a0be6a186a5cce503200b9fc985aaa14386053ca83c259625949634c5a28937b285247ca SHA512 929b4198a3e8764a64478e7ff5a9c7398ad1990114206b68494b1f1f563c23405c7b440e2f21a9f777e9e3cd3a3398d6faea3b882407f731ef3a767c27fd9361
DIST exim-pdf-4.94.2.tar.xz 2092248 BLAKE2B 973ab4f117fdb58afa017bc41b4496fac1277e707a9926d67317c455b0bd617021c17cba6c8d793d8962aacef12c0790d5add7174017512b7b1ea070f8e8533d SHA512 3a661f69d81a992798d4b7e5b7def7cfffa297a7b3c02a6631be426cefff5a6e8783fa322a1bd105d01f7b06968d01e77963e6ab7be3157f63eb62eb6ff172b0
-DIST exim-pdf-4.94.tar.xz 2089804 BLAKE2B 08f4631e903f1344d76da8dc1dcfd122cd5963bb2efbd54a486e7cf95df9e7ef06aa31dead1243a007656f05c18993f3fda18ba16ba1fde9377ac33324d5fe99 SHA512 d56666b619ba850dfa68de90afc7435bae741d72d18b5837762781ba18032878323ad40978e0113d4b88a01fd7a1d07213e6a74c38d699371d62796b6c3c35cc
DIST system_filter.exim.gz 3075 BLAKE2B d05e872b5cef377d29126cda03fc0a74c8777b2119b76ff43da6e8de808035eb9bfcb034a85d81824f135d484e864bfc0629fc1af2c228a7277d5ee7cf9cde79 SHA512 cb358d3ce2499a0bb5920d962a06f2af8486e55ec90c8c928bd8e3aefb279aa57f5f960d5adfcef68bd94110b405eaa144e9629cfe6014a529c79c544600bbf3
diff --git a/mail-mta/exim/exim-4.93.0.4-r2.ebuild b/mail-mta/exim/exim-4.93.0.4-r2.ebuild
deleted file mode 100644
index 27021c7a2f0..00000000000
--- a/mail-mta/exim/exim-4.93.0.4-r2.ebuild
+++ /dev/null
@@ -1,592 +0,0 @@
-# Copyright 1999-2021 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI="7"
-
-inherit db-use toolchain-funcs multilib pam systemd
-
-IUSE="arc +dane dcc +dkim dlfunc dmarc +dnsdb doc dovecot-sasl dsn elibc_glibc exiscan-acl gnutls idn ipv6 ldap lmtp maildir mbx mysql nis pam perl pkcs11 postgres +prdr proxy radius redis sasl selinux spf sqlite srs +ssl syslog tcpd +tpda X"
-REQUIRED_USE="
- arc? ( dkim spf )
- dane? ( ssl !gnutls )
- dmarc? ( dkim spf )
- dkim? ( ssl !gnutls )
- gnutls? ( ssl )
- pkcs11? ( ssl )
- spf? ( exiscan-acl )
- srs? ( exiscan-acl )
-"
-# NOTE on USE="gnutls dane", gnutls[dane] is masked in base, unmasked
-# for x86 and amd64 only, due to this, repoman won't allow depending on
-# gnutls[dane] for all else. Because we cannot express USE=dane when
-# USE=gnutls is in effect only in package.use.mask, the only option we
-# have left is to a) ignore the dependency (but that results in bug
-# #661164) or b) mask the usage of USE=dane with USE=gnutls. Both are
-# incorrect, but b) is the only "correct" view from repoman.
-
-SDIR=$([[ ${PV} == *_rc* ]] && echo /test
- [[ ${PV} == *.*.*.* ]] && echo /fixes)
-COMM_URI="https://downloads.exim.org/exim4${SDIR}"
-
-DESCRIPTION="A highly configurable, drop-in replacement for sendmail"
-SRC_URI="${COMM_URI}/${P//rc/RC}.tar.xz
- mirror://gentoo/system_filter.exim.gz
- doc? ( ${COMM_URI}/${PN}-pdf-${PV//rc/RC}.tar.xz )"
-HOMEPAGE="https://www.exim.org/"
-
-SLOT="0"
-LICENSE="GPL-2"
-KEYWORDS="~alpha amd64 arm ~arm64 ~hppa ~ia64 ppc ppc64 sparc x86 ~x86-solaris"
-
-COMMON_DEPEND=">=sys-apps/sed-4.0.5
- ( >=sys-libs/db-3.2:= <sys-libs/db-6:= )
- dev-libs/libpcre
- idn? ( net-dns/libidn:= net-dns/libidn2:= )
- perl? ( dev-lang/perl:= )
- pam? ( sys-libs/pam )
- tcpd? ( sys-apps/tcp-wrappers )
- ssl? (
- gnutls? (
- net-libs/gnutls:0=[pkcs11?]
- dev-libs/libtasn1
- )
- !gnutls? (
- dev-libs/openssl:0=
- )
- )
- ldap? ( >=net-nds/openldap-2.0.7 )
- nis? (
- elibc_glibc? (
- net-libs/libtirpc
- >=net-libs/libnsl-1:=
- )
- )
- mysql? ( dev-db/mysql-connector-c:= )
- postgres? ( dev-db/postgresql:= )
- sasl? ( >=dev-libs/cyrus-sasl-2.1.26-r2 )
- redis? ( dev-libs/hiredis )
- spf? ( >=mail-filter/libspf2-1.2.5-r1 )
- dmarc? ( mail-filter/opendmarc )
- srs? ( mail-filter/libsrs_alt )
- X? (
- x11-libs/libX11
- x11-libs/libXmu
- x11-libs/libXt
- x11-libs/libXaw
- )
- sqlite? ( dev-db/sqlite )
- radius? ( net-dialup/freeradius-client )
- virtual/libiconv
- elibc_glibc? ( net-libs/libnsl )
- "
- # added X check for #57206
-BDEPEND="virtual/pkgconfig"
-DEPEND="${COMMON_DEPEND}"
-RDEPEND="${COMMON_DEPEND}
- !mail-mta/courier
- !mail-mta/esmtp
- !mail-mta/mini-qmail
- !<mail-mta/msmtp-1.4.19-r1
- !>=mail-mta/msmtp-1.4.19-r1[mta]
- !mail-mta/netqmail
- !mail-mta/nullmailer
- !mail-mta/postfix
- !mail-mta/qmail-ldap
- !mail-mta/sendmail
- !mail-mta/opensmtpd
- !<mail-mta/ssmtp-2.64-r2
- !>=mail-mta/ssmtp-2.64-r2[mta]
- !net-mail/mailwrapper
- >=net-mail/mailbase-0.00-r5
- virtual/logger
- dcc? ( mail-filter/dcc )
- selinux? ( sec-policy/selinux-exim )
- "
-
-S=${WORKDIR}/${P//rc/RC}
-
-src_prepare() {
- # Legacy patches which need a respin for -p1
- eapply -p0 "${FILESDIR}"/exim-4.14-tail.patch
- eapply -p0 "${FILESDIR}"/exim-4.74-radius-db-ENV-clash.patch # 287426
- eapply "${FILESDIR}"/exim-4.93-as-needed-ldflags.patch # 352265, 391279
- eapply -p0 "${FILESDIR}"/exim-4.76-crosscompile.patch # 266591
- eapply "${FILESDIR}"/exim-4.69-r1.27021.patch
- eapply "${FILESDIR}"/exim-4.93-localscan_dlopen.patch
- eapply -p2 "${FILESDIR}"/exim-4.93-radius.patch # 720364
- eapply "${FILESDIR}"/exim-4.93-CVE-2020-12783.patch # 722484
- eapply "${FILESDIR}"/exim-4.93-fno-common.patch # 723430
-
- if use maildir ; then
- eapply "${FILESDIR}"/exim-4.20-maildir.patch
- else
- eapply -p0 "${FILESDIR}"/exim-4.80-spool-mail-group.patch # 438606
- fi
-
- eapply_user
-
- # user Exim believes it should be
- MAILUSER=mail
- MAILGROUP=mail
- if use prefix && [[ ${EUID} != 0 ]] ; then
- MAILUSER=$(id -un)
- MAILGROUP=$(id -gn)
- fi
-}
-
-src_configure() {
- # general config and paths
-
- local aliases="${EPREFIX}/etc/mail/aliases"
- sed -i \
- -e "/SYSTEM_ALIASES_FILE/s'SYSTEM_ALIASES_FILE'${aliases}'" \
- src/configure.default || die
-
- sed -i -e 's/^buildname=.*/buildname=exim-gentoo/' Makefile || die
-
- if use elibc_musl; then
- sed -i -e 's/^LIBS = -lnsl/LIBS =/g' OS/Makefile-Linux || die
- fi
-
- local conffile="${EPREFIX}/etc/exim/exim.conf"
- sed -e "48i\CFLAGS=${CFLAGS}" \
- -e "s:BIN_DIRECTORY=/usr/exim/bin:BIN_DIRECTORY=${EPREFIX}/usr/sbin:" \
- -e "s;EXIM_USER=;EXIM_USER=ref:${MAILUSER};" \
- -e "s:CONFIGURE_FILE=.*$:CONFIGURE_FILE=${conffile}:" \
- -e "s:ZCAT_COMMAND=.*$:ZCAT_COMMAND=${EPREFIX}/bin/zcat:" \
- -e "s:COMPRESS_COMMAND=.*$:COMPRESS_COMMAND=${EPREFIX}/bin/gzip:" \
- src/EDITME > Local/Makefile || die
-
- # work on Local/Makefile from now on
- cd Local
-
- cat >> Makefile <<- EOC
- INFO_DIRECTORY=${EPREFIX}/usr/share/info
- PID_FILE_PATH=${EPREFIX}/run/exim.pid
- SPOOL_DIRECTORY=${EPREFIX}/var/spool/exim
- HAVE_ICONV=yes
- EOC
-
- # if we use libiconv, now is the time to tell so
- if use !elibc_glibc && use !elibc_musl ; then
- cat >> Makefile <<- EOC
- EXTRALIBS_EXIM=-liconv
- EOC
- fi
-
- # support for IPv6
- if use ipv6; then
- cat >> Makefile <<- EOC
- HAVE_IPV6=YES
- EOC
- fi
-
- # support i18n/IDNA
- if use idn; then
- cat >> Makefile <<- EOC
- SUPPORT_I18N=yes
- SUPPORT_I18N_2008=yes
- EXTRALIBS_EXIM += -lidn -lidn2
- EOC
- fi
-
- #
- # mail storage formats
- #
-
- # mailstore is Exim's traditional storage format
- cat >> Makefile <<- EOC
- SUPPORT_MAILSTORE=yes
- EOC
-
- # mbox
- if use mbx; then
- cat >> Makefile <<- EOC
- SUPPORT_MBX=yes
- EOC
- fi
-
- # maildir
- if use maildir; then
- cat >> Makefile <<- EOC
- SUPPORT_MAILDIR=yes
- EOC
- fi
-
- #
- # lookup methods
-
- # use the "native" interfaces to the DBM and CDB libraries, support
- # passwd and directory lookups by default
- local DB_VERS="5.3 5.1 4.8 4.7 4.6 4.5 4.4 4.3 4.2 3.2"
- cat >> Makefile <<- EOC
- USE_DB=yes
- LOOKUP_CDB=yes
- LOOKUP_PASSWD=yes
- LOOKUP_DSEARCH=yes
- # keep include in CFLAGS because exim.h -> dbstuff.h -> db.h
- CFLAGS += -I$(db_includedir ${DB_VERS})
- DBMLIB = -l$(db_libname ${DB_VERS})
- EOC
-
- if ! use dnsdb; then
- # DNSDB lookup is enabled by default
- sed -i -e 's:^LOOKUP_DNSDB=yes:# LOOKUP_DNSDB=yes:' Makefile || die
- fi
-
- if use ldap; then
- cat >> Makefile <<- EOC
- LOOKUP_LDAP=yes
- LDAP_LIB_TYPE=OPENLDAP2
- LOOKUP_INCLUDE += -I"${EPREFIX}"/usr/include/ldap
- LOOKUP_LIBS += -lldap -llber
- EOC
- fi
-
- if use mysql; then
- cat >> Makefile <<- EOC
- LOOKUP_MYSQL=yes
- LOOKUP_INCLUDE += $(mysql_config --include)
- LOOKUP_LIBS += $(mysql_config --libs)
- EOC
- fi
-
- if use nis; then
- cat >> Makefile <<- EOC
- LOOKUP_NIS=yes
- LOOKUP_NISPLUS=yes
- EOC
- if use elibc_glibc ; then
- cat >> Makefile <<- EOC
- LOOKUP_INCLUDE += -I"${EPREFIX}"/usr/include/tirpc
- LOOKUP_LIBS += -lnsl
- EOC
- fi
- fi
-
- if use postgres; then
- cat >> Makefile <<- EOC
- LOOKUP_PGSQL=yes
- LOOKUP_INCLUDE += -I$(pg_config --includedir)
- LOOKUP_LIBS += -L$(pg_config --libdir) -lpq
- EOC
- fi
-
- if use sqlite; then
- cat >> Makefile <<- EOC
- LOOKUP_SQLITE=yes
- LOOKUP_SQLITE_PC=sqlite3
- EOC
- fi
-
- if use redis; then
- cat >> Makefile <<- EOC
- LOOKUP_REDIS=yes
- LOOKUP_LIBS += -lhiredis
- EOC
- fi
-
- # Exim monitor, enabled by default, controlled via X USE-flag,
- # disable if not requested, bug #46778
- if use X; then
- cp ../exim_monitor/EDITME eximon.conf || die
- cat >> Makefile <<- EOC
- EXIM_MONITOR=eximon.bin
- EOC
- fi
-
- #
- # features
- #
-
- # content scanning support
- if use exiscan-acl; then
- cat >> Makefile <<- EOC
- WITH_CONTENT_SCAN=yes
- EOC
- fi
-
- # DomainKeys Identified Mail, RFC4871
- if ! use dkim; then
- # DKIM is enabled by default
- cat >> Makefile <<- EOC
- DISABLE_DKIM=yes
- EOC
- fi
-
- # Per-Recipient-Data-Response
- if ! use prdr; then
- # PRDR is enabled by default
- cat >> Makefile <<- EOC
- DISABLE_PRDR=yes
- EOC
- fi
-
- # Transport post-delivery actions
- if use !tpda && use !dane; then
- # EVENT is enabled by default
- cat >> Makefile <<- EOC
- DISABLE_EVENT=yes
- EOC
- fi
-
- # log to syslog
- if use syslog; then
- local eximlog="${EPREFIX}/var/log/exim/exim_%s.log"
- sed -i \
- -e "s:LOG_FILE_PATH=${eximlog}:LOG_FILE_PATH=syslog:" \
- Makefile || die
- cat >> Makefile <<- EOC
- LOG_FILE_PATH=syslog
- EOC
- else
- cat >> Makefile <<- EOC
- LOG_FILE_PATH=${EPREFIX}/var/log/exim/exim_%s.log
- EOC
- fi
-
- # starttls support (ssl)
- if use ssl; then
- if use gnutls; then
- echo "USE_GNUTLS=yes" >> Makefile
- echo "USE_GNUTLS_PC=gnutls $(use dane && echo gnutls-dane)" \
- >> Makefile
- use pkcs11 || echo "AVOID_GNUTLS_PKCS11=yes" >> Makefile
- else
- echo "USE_OPENSSL=yes" >> Makefile
- echo "USE_OPENSSL_PC=openssl" >> Makefile
- fi
- else
- echo "DISABLE_TLS=yes" >> Makefile
- fi
-
- # TCP wrappers
- if use tcpd; then
- cat >> Makefile <<- EOC
- USE_TCP_WRAPPERS=yes
- EXTRALIBS_EXIM += -lwrap
- EOC
- fi
-
- # Light Mail Transport Protocol
- if use lmtp; then
- cat >> Makefile <<- EOC
- TRANSPORT_LMTP=yes
- EOC
- fi
-
- # embedded Perl
- if use perl; then
- cat >> Makefile <<- EOC
- EXIM_PERL=perl.o
- EOC
- fi
-
- # dlfunc
- if use dlfunc; then
- cat >> Makefile <<- EOC
- EXPAND_DLFUNC=yes
- HAVE_LOCAL_SCAN=yes
- DLOPEN_LOCAL_SCAN=yes
- EOC
- fi
-
- # Proxy Protocol
- if use proxy; then
- cat >> Makefile <<- EOC
- SUPPORT_PROXY=yes
- EOC
- fi
-
- # DANE
- if use !dane; then
- # DANE is enabled by default
- sed -i -e 's:^SUPPORT_DANE=yes:# SUPPORT_DANE=yes:' Makefile || die
- fi
-
- # DMARC
- if use dmarc; then
- cat >> Makefile <<- EOC
- SUPPORT_DMARC=yes
- EXTRALIBS_EXIM += -lopendmarc
- EOC
- fi
-
- # Sender Policy Framework
- if use spf; then
- cat >> Makefile <<- EOC
- SUPPORT_SPF=yes
- EXTRALIBS_EXIM += -lspf2
- EOC
- fi
-
- #
- # experimental features
- #
-
- # Authenticated Receive Chain
- if use arc; then
- echo "EXPERIMENTAL_ARC=yes">> Makefile
- fi
-
- # Distributed Checksum Clearinghouse
- if use dcc; then
- echo "EXPERIMENTAL_DCC=yes">> Makefile
- fi
-
- # Sender Rewriting Scheme
- if use srs; then
- cat >> Makefile <<- EOC
- EXPERIMENTAL_SRS=yes
- EXTRALIBS_EXIM += -lsrs_alt
- EOC
- fi
-
- # Delivery Sender Notifications extra information in fail message
- if use dsn; then
- cat >> Makefile <<- EOC
- EXPERIMENTAL_DSN_INFO=yes
- EOC
- fi
-
- #
- # authentication (SMTP AUTH)
- #
-
- # standard bits
- cat >> Makefile <<- EOC
- AUTH_SPA=yes
- AUTH_CRAM_MD5=yes
- AUTH_PLAINTEXT=yes
- EOC
-
- # Cyrus SASL
- if use sasl; then
- cat >> Makefile <<- EOC
- CYRUS_SASLAUTHD_SOCKET=${EPREFIX}/run/saslauthd/mux
- AUTH_CYRUS_SASL=yes
- AUTH_LIBS += -lsasl2
- EOC
- fi
-
- # Dovecot
- if use dovecot-sasl; then
- cat >> Makefile <<- EOC
- AUTH_DOVECOT=yes
- EOC
- fi
-
- # Pluggable Authentication Modules
- if use pam; then
- cat >> Makefile <<- EOC
- SUPPORT_PAM=yes
- AUTH_LIBS += -lpam
- EOC
- fi
-
- # Radius
- if use radius; then
- cat >> Makefile <<- EOC
- RADIUS_CONFIG_FILE=${EPREFIX}/etc/radiusclient/radiusclient.conf
- RADIUS_LIB_TYPE=RADIUSCLIENTNEW
- AUTH_LIBS += -lfreeradius-client
- EOC
- fi
-}
-
-src_compile() {
- emake CC="$(tc-getCC)" HOSTCC="$(tc-getBUILD_CC)" \
- AR="$(tc-getAR) cq" RANLIB="$(tc-getRANLIB)" FULLECHO=''
-}
-
-src_install() {
- cd "${S}"/build-exim-gentoo || die
- dosbin exim
- if use X; then
- dosbin eximon.bin
- dosbin eximon
- fi
- fperms 4755 /usr/sbin/exim
-
- dosym exim /usr/sbin/sendmail
- dosym exim /usr/sbin/rsmtp
- dosym exim /usr/sbin/rmail
- dosym ../sbin/exim /usr/bin/mailq
- dosym ../sbin/exim /usr/bin/newaliases
- dosym ../sbin/sendmail /usr/lib/sendmail
-
- for i in exicyclog exim_dbmbuild exim_dumpdb exim_fixdb exim_lock \
- exim_tidydb exinext exiwhat exigrep eximstats exiqsumm exiqgrep \
- convert4r3 convert4r4 exipick
- do
- dosbin $i
- done
-
- dodoc -r "${S}"/doc/.
- doman "${S}"/doc/exim.8
- use dsn && dodoc "${S}"/README.DSN
- use doc && dodoc "${WORKDIR}"/${PN}-pdf-${PV//rc/RC}/doc/*.pdf
-
- # conf files
- insinto /etc/exim
- newins "${S}"/src/configure.default exim.conf.dist
- if use exiscan-acl; then
- newins "${S}"/src/configure.default exim.conf.exiscan-acl
- fi
- doins "${WORKDIR}"/system_filter.exim
- doins "${FILESDIR}"/auth_conf.sub
-
- if use pam; then
- pamd_mimic system-auth exim auth account
- fi
-
- # headers, #436406
- if use dlfunc ; then
- # fixup includes so they actually can be found when including
- sed -i \
- -e '/#include "\(config\|store\|mytypes\).h"/s:"\(.\+\)":<exim/\1>:' \
- local_scan.h || die
- insinto /usr/include/exim
- doins {config,local_scan}.h ../src/{mytypes,store}.h
- fi
-
- insinto /etc/logrotate.d
- newins "${FILESDIR}/exim.logrotate" exim
-
- newinitd "${FILESDIR}"/exim.rc10 exim
- newconfd "${FILESDIR}"/exim.confd exim
-
- systemd_dounit \
- "${FILESDIR}"/{exim.service,exim.socket,exim-submission.socket}
- systemd_newunit \
- "${FILESDIR}"/exim_at.service 'exim@.service'
- systemd_newunit \
- "${FILESDIR}"/exim-submission_at.service 'exim-submission@.service'
-
- diropts -m 0750 -o ${MAILUSER} -g ${MAILGROUP}
- keepdir /var/log/${PN}
-}
-
-pkg_postinst() {
- if [[ ! -f ${EROOT}/etc/exim/exim.conf ]] ; then
- einfo "${EROOT}/etc/exim/system_filter.exim is a sample system_filter."
- einfo "${EROOT}/etc/exim/auth_conf.sub contains the configuration sub"
- einfo "for using smtp auth."
- einfo "Please create ${EROOT}/etc/exim/exim.conf from"
- einfo " ${EROOT}/etc/exim/exim.conf.dist."
- fi
- if use dmarc ; then
- einfo "DMARC support requires ${EROOT}/etc/exim/opendmarc.tlds"
- einfo "you can populate this file with the contents downloaded from"
- einfo " https://publicsuffix.org/list/public_suffix_list.dat"
- fi
- if use dcc ; then
- einfo "DCC support is experimental, you can find some limited"
- einfo "documentation at the bottom of this prerelease message:"
- einfo " http://article.gmane.org/gmane.mail.exim.devel/3579"
- fi
- use srs && einfo "SRS support is experimental"
- use dsn && einfo "extra information in fail DSN message is experimental"
- elog "The obsolete acl condition 'demime' is removed, the replacements"
- elog "are the ACLs acl_smtp_mime and acl_not_smtp_mime"
-}
diff --git a/mail-mta/exim/exim-4.94-r2.ebuild b/mail-mta/exim/exim-4.94-r2.ebuild
deleted file mode 100644
index 0abf5983259..00000000000
--- a/mail-mta/exim/exim-4.94-r2.ebuild
+++ /dev/null
@@ -1,593 +0,0 @@
-# Copyright 1999-2021 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI="7"
-
-inherit db-use toolchain-funcs multilib pam systemd
-
-IUSE="arc +dane dcc +dkim dlfunc dmarc +dnsdb doc dovecot-sasl dsn elibc_glibc exiscan-acl gnutls idn ipv6 ldap lmtp maildir mbx mysql nis pam perl pkcs11 postgres +prdr proxy radius redis sasl selinux spf sqlite srs +ssl syslog tcpd +tpda X"
-REQUIRED_USE="
- arc? ( dkim spf )
- dane? ( ssl !gnutls )
- dmarc? ( dkim spf )
- dkim? ( ssl !gnutls )
- gnutls? ( ssl )
- pkcs11? ( ssl )
- spf? ( exiscan-acl )
- srs? ( exiscan-acl )
-"
-# NOTE on USE="gnutls dane", gnutls[dane] is masked in base, unmasked
-# for x86 and amd64 only, due to this, repoman won't allow depending on
-# gnutls[dane] for all else. Because we cannot express USE=dane when
-# USE=gnutls is in effect only in package.use.mask, the only option we
-# have left is to a) ignore the dependency (but that results in bug
-# #661164) or b) mask the usage of USE=dane with USE=gnutls. Both are
-# incorrect, but b) is the only "correct" view from repoman.
-
-SDIR=$([[ ${PV} == *_rc* ]] && echo /test
- [[ ${PV} == *.*.*.* ]] && echo /fixes)
-COMM_URI="https://downloads.exim.org/exim4${SDIR}"
-
-DESCRIPTION="A highly configurable, drop-in replacement for sendmail"
-SRC_URI="${COMM_URI}/${P//_rc/-RC}.tar.xz
- mirror://gentoo/system_filter.exim.gz
- doc? ( ${COMM_URI}/${PN}-pdf-${PV//_rc/-RC}.tar.xz )"
-HOMEPAGE="https://www.exim.org/"
-
-SLOT="0"
-LICENSE="GPL-2"
-KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~ppc ~ppc64 ~sparc ~x86 ~x86-solaris"
-
-COMMON_DEPEND=">=sys-apps/sed-4.0.5
- ( >=sys-libs/db-3.2:= <sys-libs/db-6:= )
- dev-libs/libpcre
- idn? ( net-dns/libidn:= net-dns/libidn2:= )
- perl? ( dev-lang/perl:= )
- pam? ( sys-libs/pam )
- tcpd? ( sys-apps/tcp-wrappers )
- ssl? (
- gnutls? (
- net-libs/gnutls:0=[pkcs11?]
- dev-libs/libtasn1
- )
- !gnutls? (
- dev-libs/openssl:0=
- )
- )
- ldap? ( >=net-nds/openldap-2.0.7 )
- nis? (
- elibc_glibc? (
- net-libs/libtirpc
- >=net-libs/libnsl-1:=
- )
- )
- mysql? ( dev-db/mysql-connector-c:= )
- postgres? ( dev-db/postgresql:= )
- sasl? ( >=dev-libs/cyrus-sasl-2.1.26-r2 )
- redis? ( dev-libs/hiredis )
- spf? ( >=mail-filter/libspf2-1.2.5-r1 )
- dmarc? ( mail-filter/opendmarc )
- srs? ( mail-filter/libsrs_alt )
- X? (
- x11-libs/libX11
- x11-libs/libXmu
- x11-libs/libXt
- x11-libs/libXaw
- )
- sqlite? ( dev-db/sqlite )
- radius? ( net-dialup/freeradius-client )
- virtual/libiconv
- elibc_glibc? ( net-libs/libnsl )
- "
- # added X check for #57206
-BDEPEND="virtual/pkgconfig"
-DEPEND="${COMMON_DEPEND}"
-RDEPEND="${COMMON_DEPEND}
- !mail-mta/courier
- !mail-mta/esmtp
- !mail-mta/mini-qmail
- !<mail-mta/msmtp-1.4.19-r1
- !>=mail-mta/msmtp-1.4.19-r1[mta]
- !mail-mta/netqmail
- !mail-mta/nullmailer
- !mail-mta/postfix
- !mail-mta/qmail-ldap
- !mail-mta/sendmail
- !mail-mta/opensmtpd
- !<mail-mta/ssmtp-2.64-r2
- !>=mail-mta/ssmtp-2.64-r2[mta]
- !net-mail/mailwrapper
- >=net-mail/mailbase-0.00-r5
- virtual/logger
- dcc? ( mail-filter/dcc )
- selinux? ( sec-policy/selinux-exim )
- "
-
-S=${WORKDIR}/${P//_rc/-RC}
-
-src_prepare() {
- # Legacy patches which need a respin for -p1
- eapply -p0 "${FILESDIR}"/exim-4.14-tail.patch
- eapply -p0 "${FILESDIR}"/exim-4.74-radius-db-ENV-clash.patch # 287426
- eapply "${FILESDIR}"/exim-4.93-as-needed-ldflags.patch # 352265, 391279
- eapply -p0 "${FILESDIR}"/exim-4.76-crosscompile.patch # 266591
- eapply "${FILESDIR}"/exim-4.69-r1.27021.patch
- eapply "${FILESDIR}"/exim-4.94-localscan_dlopen.patch
- eapply -p2 "${FILESDIR}"/exim-4.94-taint-pam-expansion.patch # drop on NR
-
- if use maildir ; then
- eapply "${FILESDIR}"/exim-4.94-maildir.patch
- else
- eapply -p0 "${FILESDIR}"/exim-4.80-spool-mail-group.patch # 438606
- fi
-
- eapply_user
-
- # user Exim believes it should be
- MAILUSER=mail
- MAILGROUP=mail
- if use prefix && [[ ${EUID} != 0 ]] ; then
- MAILUSER=$(id -un)
- MAILGROUP=$(id -gn)
- fi
-}
-
-src_configure() {
- # general config and paths
-
- local aliases="${EPREFIX}/etc/mail/aliases"
- sed -i \
- -e "/SYSTEM_ALIASES_FILE/s'SYSTEM_ALIASES_FILE'${aliases}'" \
- src/configure.default || die
-
- sed -i -e 's/^buildname=.*/buildname=exim-gentoo/' Makefile || die
-
- if use elibc_musl; then
- sed -i -e 's/^LIBS = -lnsl/LIBS =/g' OS/Makefile-Linux || die
- fi
-
- local conffile="${EPREFIX}/etc/exim/exim.conf"
- sed -e "48i\CFLAGS=${CFLAGS}" \
- -e "s:BIN_DIRECTORY=/usr/exim/bin:BIN_DIRECTORY=${EPREFIX}/usr/sbin:" \
- -e "s;EXIM_USER=;EXIM_USER=ref:${MAILUSER};" \
- -e "s:CONFIGURE_FILE=.*$:CONFIGURE_FILE=${conffile}:" \
- -e "s:ZCAT_COMMAND=.*$:ZCAT_COMMAND=${EPREFIX}/bin/zcat:" \
- -e "s:COMPRESS_COMMAND=.*$:COMPRESS_COMMAND=${EPREFIX}/bin/gzip:" \
- src/EDITME > Local/Makefile || die
-
- # work on Local/Makefile from now on
- cd Local
-
- cat >> Makefile <<- EOC
- INFO_DIRECTORY=${EPREFIX}/usr/share/info
- PID_FILE_PATH=${EPREFIX}/run/exim.pid
- SPOOL_DIRECTORY=${EPREFIX}/var/spool/exim
- HAVE_ICONV=yes
- EOC
-
- # if we use libiconv, now is the time to tell so
- if use !elibc_glibc && use !elibc_musl ; then
- cat >> Makefile <<- EOC
- EXTRALIBS_EXIM=-liconv
- EOC
- fi
-
- # support for IPv6
- if use ipv6; then
- cat >> Makefile <<- EOC
- HAVE_IPV6=YES
- EOC
- fi
-
- # support i18n/IDNA
- if use idn; then
- cat >> Makefile <<- EOC
- SUPPORT_I18N=yes
- SUPPORT_I18N_2008=yes
- EXTRALIBS_EXIM += -lidn -lidn2
- EOC
- fi
-
- #
- # mail storage formats
- #
-
- # mailstore is Exim's traditional storage format
- cat >> Makefile <<- EOC
- SUPPORT_MAILSTORE=yes
- EOC
-
- # mbox
- if use mbx; then
- cat >> Makefile <<- EOC
- SUPPORT_MBX=yes
- EOC
- fi
-
- # maildir
- if use maildir; then
- cat >> Makefile <<- EOC
- SUPPORT_MAILDIR=yes
- EOC
- fi
-
- #
- # lookup methods
-
- # use the "native" interfaces to the DBM and CDB libraries, support
- # passwd and directory lookups by default
- local DB_VERS="5.3 5.1 4.8 4.7 4.6 4.5 4.4 4.3 4.2 3.2"
- cat >> Makefile <<- EOC
- USE_DB=yes
- LOOKUP_CDB=yes
- LOOKUP_PASSWD=yes
- LOOKUP_DSEARCH=yes
- # keep include in CFLAGS because exim.h -> dbstuff.h -> db.h
- CFLAGS += -I$(db_includedir ${DB_VERS})
- DBMLIB = -l$(db_libname ${DB_VERS})
- EOC
-
- if ! use dnsdb; then
- # DNSDB lookup is enabled by default
- sed -i -e 's:^LOOKUP_DNSDB=yes:# LOOKUP_DNSDB=yes:' Makefile || die
- fi
-
- if use ldap; then
- cat >> Makefile <<- EOC
- LOOKUP_LDAP=yes
- LDAP_LIB_TYPE=OPENLDAP2
- LOOKUP_INCLUDE += -I"${EPREFIX}"/usr/include/ldap
- LOOKUP_LIBS += -lldap -llber
- EOC
- fi
-
- if use mysql; then
- cat >> Makefile <<- EOC
- LOOKUP_MYSQL=yes
- LOOKUP_INCLUDE += $(mysql_config --include)
- LOOKUP_LIBS += $(mysql_config --libs)
- EOC
- fi
-
- if use nis; then
- cat >> Makefile <<- EOC
- LOOKUP_NIS=yes
- LOOKUP_NISPLUS=yes
- EOC
- if use elibc_glibc ; then
- cat >> Makefile <<- EOC
- LOOKUP_INCLUDE += -I"${EPREFIX}"/usr/include/tirpc
- LOOKUP_LIBS += -lnsl
- EOC
- fi
- fi
-
- if use postgres; then
- cat >> Makefile <<- EOC
- LOOKUP_PGSQL=yes
- LOOKUP_INCLUDE += -I$(pg_config --includedir)
- LOOKUP_LIBS += -L$(pg_config --libdir) -lpq
- EOC
- fi
-
- if use sqlite; then
- cat >> Makefile <<- EOC
- LOOKUP_SQLITE=yes
- LOOKUP_SQLITE_PC=sqlite3
- EOC
- fi
-
- if use redis; then
- cat >> Makefile <<- EOC
- LOOKUP_REDIS=yes
- LOOKUP_LIBS += -lhiredis
- EOC
- fi
-
- # Exim monitor, enabled by default, controlled via X USE-flag,
- # disable if not requested, bug #46778
- if use X; then
- cp ../exim_monitor/EDITME eximon.conf || die
- cat >> Makefile <<- EOC
- EXIM_MONITOR=eximon.bin
- EOC
- fi
-
- #
- # features
- #
-
- # content scanning support
- if use exiscan-acl; then
- cat >> Makefile <<- EOC
- WITH_CONTENT_SCAN=yes
- EOC
- fi
-
- # DomainKeys Identified Mail, RFC4871
- if ! use dkim; then
- # DKIM is enabled by default
- cat >> Makefile <<- EOC
- DISABLE_DKIM=yes
- EOC
- fi
-
- # Per-Recipient-Data-Response
- if ! use prdr; then
- # PRDR is enabled by default
- cat >> Makefile <<- EOC
- DISABLE_PRDR=yes
- EOC
- fi
-
- # Transport post-delivery actions
- if use !tpda && use !dane; then
- # EVENT is enabled by default
- cat >> Makefile <<- EOC
- DISABLE_EVENT=yes
- EOC
- fi
-
- # log to syslog
- if use syslog; then
- local eximlog="${EPREFIX}/var/log/exim/exim_%s.log"
- sed -i \
- -e "s:LOG_FILE_PATH=${eximlog}:LOG_FILE_PATH=syslog:" \
- Makefile || die
- cat >> Makefile <<- EOC
- LOG_FILE_PATH=syslog
- EOC
- else
- cat >> Makefile <<- EOC
- LOG_FILE_PATH=${EPREFIX}/var/log/exim/exim_%s.log
- EOC
- fi
-
- # starttls support (ssl)
- if use ssl; then
- if use gnutls; then
- echo "USE_GNUTLS=yes" >> Makefile
- echo "USE_GNUTLS_PC=gnutls $(use dane && echo gnutls-dane)" \
- >> Makefile
- use pkcs11 || echo "AVOID_GNUTLS_PKCS11=yes" >> Makefile
- else
- echo "USE_OPENSSL=yes" >> Makefile
- echo "USE_OPENSSL_PC=openssl" >> Makefile
- fi
- else
- echo "DISABLE_TLS=yes" >> Makefile
- fi
-
- # TCP wrappers
- if use tcpd; then
- cat >> Makefile <<- EOC
- USE_TCP_WRAPPERS=yes
- EXTRALIBS_EXIM += -lwrap
- EOC
- fi
-
- # Light Mail Transport Protocol
- if use lmtp; then
- cat >> Makefile <<- EOC
- TRANSPORT_LMTP=yes
- EOC
- fi
-
- # embedded Perl
- if use perl; then
- cat >> Makefile <<- EOC
- EXIM_PERL=perl.o
- EOC
- fi
-
- # dlfunc
- if use dlfunc; then
- cat >> Makefile <<- EOC
- EXPAND_DLFUNC=yes
- HAVE_LOCAL_SCAN=yes
- DLOPEN_LOCAL_SCAN=yes
- EOC
- fi
-
- # Proxy Protocol
- if use proxy; then
- cat >> Makefile <<- EOC
- SUPPORT_PROXY=yes
- EOC
- fi
-
- # DANE
- if use !dane; then
- # DANE is enabled by default
- sed -i -e 's:^SUPPORT_DANE=yes:# SUPPORT_DANE=yes:' Makefile || die
- fi
-
- # DMARC
- if use dmarc; then
- cat >> Makefile <<- EOC
- SUPPORT_DMARC=yes
- EXTRALIBS_EXIM += -lopendmarc
- EOC
- fi
-
- # Sender Policy Framework
- if use spf; then
- cat >> Makefile <<- EOC
- SUPPORT_SPF=yes
- EXTRALIBS_EXIM += -lspf2
- EOC
- fi
-
- #
- # experimental features
- #
-
- # Authenticated Receive Chain
- if use arc; then
- echo "EXPERIMENTAL_ARC=yes">> Makefile
- fi
-
- # Distributed Checksum Clearinghouse
- if use dcc; then
- echo "EXPERIMENTAL_DCC=yes">> Makefile
- fi
-
- # Sender Rewriting Scheme
- if use srs; then
- cat >> Makefile <<- EOC
- EXPERIMENTAL_SRS=yes
- EXTRALIBS_EXIM += -lsrs_alt
- EOC
- fi
-
- # Delivery Sender Notifications extra information in fail message
- if use dsn; then
- cat >> Makefile <<- EOC
- EXPERIMENTAL_DSN_INFO=yes
- EOC
- fi
-
- #
- # authentication (SMTP AUTH)
- #
-
- # standard bits
- cat >> Makefile <<- EOC
- AUTH_SPA=yes
- AUTH_CRAM_MD5=yes
- AUTH_PLAINTEXT=yes
- EOC
-
- # Cyrus SASL
- if use sasl; then
- cat >> Makefile <<- EOC
- CYRUS_SASLAUTHD_SOCKET=${EPREFIX}/run/saslauthd/mux
- AUTH_CYRUS_SASL=yes
- AUTH_LIBS += -lsasl2
- EOC
- fi
-
- # Dovecot
- if use dovecot-sasl; then
- cat >> Makefile <<- EOC
- AUTH_DOVECOT=yes
- EOC
- fi
-
- # Pluggable Authentication Modules
- if use pam; then
- cat >> Makefile <<- EOC
- SUPPORT_PAM=yes
- AUTH_LIBS += -lpam
- EOC
- fi
-
- # Radius
- if use radius; then
- cat >> Makefile <<- EOC
- RADIUS_CONFIG_FILE=${EPREFIX}/etc/radiusclient/radiusclient.conf
- RADIUS_LIB_TYPE=RADIUSCLIENTNEW
- AUTH_LIBS += -lfreeradius-client
- EOC
- fi
-}
-
-src_compile() {
- emake CC="$(tc-getCC)" HOSTCC="$(tc-getBUILD_CC)" \
- AR="$(tc-getAR) cq" RANLIB="$(tc-getRANLIB)" FULLECHO=''
-}
-
-src_install() {
- cd "${S}"/build-exim-gentoo || die
- dosbin exim
- if use X; then
- dosbin eximon.bin
- dosbin eximon
- fi
- fperms 4755 /usr/sbin/exim
-
- dosym exim /usr/sbin/sendmail
- dosym exim /usr/sbin/rsmtp
- dosym exim /usr/sbin/rmail
- dosym ../sbin/exim /usr/bin/mailq
- dosym ../sbin/exim /usr/bin/newaliases
- dosym ../sbin/sendmail /usr/lib/sendmail
-
- for i in exicyclog exim_dbmbuild exim_dumpdb exim_fixdb exim_lock \
- exim_tidydb exinext exiwhat exigrep eximstats exiqsumm exiqgrep \
- convert4r3 convert4r4 exipick
- do
- dosbin $i
- done
-
- dodoc -r "${S}"/doc/.
- doman "${S}"/doc/exim.8
- use dsn && dodoc "${S}"/README.DSN
- use doc && dodoc "${WORKDIR}"/${PN}-pdf-${PV//rc/RC}/doc/*.pdf
-
- # conf files
- insinto /etc/exim
- newins "${S}"/src/configure.default exim.conf.dist
- if use exiscan-acl; then
- newins "${S}"/src/configure.default exim.conf.exiscan-acl
- fi
- doins "${WORKDIR}"/system_filter.exim
- doins "${FILESDIR}"/auth_conf.sub
-
- if use pam; then
- pamd_mimic system-auth exim auth account
- fi
-
- # headers, #436406
- if use dlfunc ; then
- # fixup includes so they actually can be found when including
- sed -i \
- -e '/#include "\(config\|store\|mytypes\).h"/s:"\(.\+\)":<exim/\1>:' \
- local_scan.h || die
- insinto /usr/include/exim
- doins {config,local_scan}.h ../src/{mytypes,store}.h
- fi
-
- insinto /etc/logrotate.d
- newins "${FILESDIR}/exim.logrotate" exim
-
- newinitd "${FILESDIR}"/exim.rc10 exim
- newconfd "${FILESDIR}"/exim.confd exim
-
- systemd_dounit \
- "${FILESDIR}"/{exim.service,exim.socket,exim-submission.socket}
- systemd_newunit \
- "${FILESDIR}"/exim_at.service 'exim@.service'
- systemd_newunit \
- "${FILESDIR}"/exim-submission_at.service 'exim-submission@.service'
-
- diropts -m 0750 -o ${MAILUSER} -g ${MAILGROUP}
- keepdir /var/log/${PN}
-}
-
-pkg_postinst() {
- if [[ ! -f ${EROOT}/etc/exim/exim.conf ]] ; then
- einfo "${EROOT}/etc/exim/system_filter.exim is a sample system_filter."
- einfo "${EROOT}/etc/exim/auth_conf.sub contains the configuration sub"
- einfo "for using smtp auth."
- einfo "Please create ${EROOT}/etc/exim/exim.conf from"
- einfo " ${EROOT}/etc/exim/exim.conf.dist."
- fi
- if use dmarc ; then
- einfo "DMARC support requires ${EROOT}/etc/exim/opendmarc.tlds"
- einfo "you can populate this file with the contents downloaded from"
- einfo " https://publicsuffix.org/list/public_suffix_list.dat"
- fi
- if use dcc ; then
- einfo "DCC support is experimental, you can find some limited"
- einfo "documentation at the bottom of this prerelease message:"
- einfo " http://article.gmane.org/gmane.mail.exim.devel/3579"
- fi
- use srs && einfo "SRS support is experimental"
- use dsn && einfo "extra information in fail DSN message is experimental"
- elog "The obsolete acl condition 'demime' is removed, the replacements"
- elog "are the ACLs acl_smtp_mime and acl_not_smtp_mime"
- einfo
- elog "Note that \$local_part is renamed to \$local_part_data, please"
- elog "update your affected sections, such as local_delivery transport"
-}
diff --git a/mail-mta/exim/exim-4.94-r3.ebuild b/mail-mta/exim/exim-4.94-r3.ebuild
deleted file mode 100644
index 7ec16446c71..00000000000
--- a/mail-mta/exim/exim-4.94-r3.ebuild
+++ /dev/null
@@ -1,617 +0,0 @@
-# Copyright 1999-2021 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI="7"
-
-inherit db-use toolchain-funcs multilib pam systemd
-
-IUSE="arc +dane dcc +dkim dlfunc dmarc +dnsdb doc dovecot-sasl dsn elibc_glibc exiscan-acl gnutls idn ipv6 ldap lmtp maildir mbx mysql nis pam perl pkcs11 postgres +prdr proxy radius redis sasl selinux spf sqlite srs +srs-alt srs-native +ssl syslog tcpd +tpda X"
-REQUIRED_USE="
- arc? ( dkim spf )
- dane? ( ssl !gnutls )
- dmarc? ( dkim spf )
- dkim? ( ssl !gnutls )
- gnutls? ( ssl )
- pkcs11? ( ssl )
- spf? ( exiscan-acl )
- srs? (
- exiscan-acl
- ^^ ( srs-alt srs-native )
- )
-"
-# NOTE on USE="gnutls dane", gnutls[dane] is masked in base, unmasked
-# for x86 and amd64 only, due to this, repoman won't allow depending on
-# gnutls[dane] for all else. Because we cannot express USE=dane when
-# USE=gnutls is in effect only in package.use.mask, the only option we
-# have left is to a) ignore the dependency (but that results in bug
-# #661164) or b) mask the usage of USE=dane with USE=gnutls. Both are
-# incorrect, but b) is the only "correct" view from repoman.
-
-SDIR=$([[ ${PV} == *_rc* ]] && echo /test
- [[ ${PV} == *.*.*.* ]] && echo /fixes)
-COMM_URI="https://downloads.exim.org/exim4${SDIR}"
-
-DESCRIPTION="A highly configurable, drop-in replacement for sendmail"
-SRC_URI="${COMM_URI}/${P//_rc/-RC}.tar.xz
- mirror://gentoo/system_filter.exim.gz
- doc? ( ${COMM_URI}/${PN}-pdf-${PV//_rc/-RC}.tar.xz )"
-HOMEPAGE="https://www.exim.org/"
-
-SLOT="0"
-LICENSE="GPL-2"
-KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~ppc ~ppc64 ~sparc ~x86 ~x86-solaris"
-
-COMMON_DEPEND=">=sys-apps/sed-4.0.5
- ( >=sys-libs/db-3.2:= <sys-libs/db-6:= )
- dev-libs/libpcre
- idn? ( net-dns/libidn:= net-dns/libidn2:= )
- perl? ( dev-lang/perl:= )
- pam? ( sys-libs/pam )
- tcpd? ( sys-apps/tcp-wrappers )
- ssl? (
- gnutls? (
- net-libs/gnutls:0=[pkcs11?]
- dev-libs/libtasn1
- )
- !gnutls? (
- dev-libs/openssl:0=
- )
- )
- ldap? ( >=net-nds/openldap-2.0.7 )
- nis? (
- elibc_glibc? (
- net-libs/libtirpc
- >=net-libs/libnsl-1:=
- )
- )
- mysql? ( dev-db/mysql-connector-c:= )
- postgres? ( dev-db/postgresql:= )
- sasl? ( >=dev-libs/cyrus-sasl-2.1.26-r2 )
- redis? ( dev-libs/hiredis )
- spf? ( >=mail-filter/libspf2-1.2.5-r1 )
- dmarc? ( mail-filter/opendmarc )
- srs? ( srs-alt? ( mail-filter/libsrs_alt ) )
- X? (
- x11-libs/libX11
- x11-libs/libXmu
- x11-libs/libXt
- x11-libs/libXaw
- )
- sqlite? ( dev-db/sqlite )
- radius? ( net-dialup/freeradius-client )
- virtual/libiconv
- elibc_glibc? ( net-libs/libnsl )
- "
- # added X check for #57206
-BDEPEND="virtual/pkgconfig"
-DEPEND="${COMMON_DEPEND}"
-RDEPEND="${COMMON_DEPEND}
- !mail-mta/courier
- !mail-mta/esmtp
- !mail-mta/mini-qmail
- !<mail-mta/msmtp-1.4.19-r1
- !>=mail-mta/msmtp-1.4.19-r1[mta]
- !mail-mta/netqmail
- !mail-mta/nullmailer
- !mail-mta/postfix
- !mail-mta/qmail-ldap
- !mail-mta/sendmail
- !mail-mta/opensmtpd
- !<mail-mta/ssmtp-2.64-r2
- !>=mail-mta/ssmtp-2.64-r2[mta]
- !net-mail/mailwrapper
- >=net-mail/mailbase-0.00-r5
- virtual/logger
- dcc? ( mail-filter/dcc )
- selinux? ( sec-policy/selinux-exim )
- "
-
-S=${WORKDIR}/${P//_rc/-RC}
-
-src_prepare() {
- # Legacy patches which need a respin for -p1
- eapply -p0 "${FILESDIR}"/exim-4.14-tail.patch
- eapply -p0 "${FILESDIR}"/exim-4.74-radius-db-ENV-clash.patch # 287426
- eapply "${FILESDIR}"/exim-4.93-as-needed-ldflags.patch # 352265, 391279
- eapply -p0 "${FILESDIR}"/exim-4.76-crosscompile.patch # 266591
- eapply "${FILESDIR}"/exim-4.69-r1.27021.patch
- eapply "${FILESDIR}"/exim-4.94-localscan_dlopen.patch
- eapply -p2 "${FILESDIR}"/exim-4.94-taint-pam-expansion.patch # drop on NR
-
- if use maildir ; then
- eapply "${FILESDIR}"/exim-4.94-maildir.patch
- else
- eapply -p0 "${FILESDIR}"/exim-4.80-spool-mail-group.patch # 438606
- fi
-
- eapply_user
-
- # user Exim believes it should be
- MAILUSER=mail
- MAILGROUP=mail
- if use prefix && [[ ${EUID} != 0 ]] ; then
- MAILUSER=$(id -un)
- MAILGROUP=$(id -gn)
- fi
-}
-
-src_configure() {
- # general config and paths
-
- local aliases="${EPREFIX}/etc/mail/aliases"
- sed -i \
- -e "/SYSTEM_ALIASES_FILE/s'SYSTEM_ALIASES_FILE'${aliases}'" \
- src/configure.default || die
-
- sed -i -e 's/^buildname=.*/buildname=exim-gentoo/' Makefile || die
-
- if use elibc_musl; then
- sed -i -e 's/^LIBS = -lnsl/LIBS =/g' OS/Makefile-Linux || die
- fi
-
- local conffile="${EPREFIX}/etc/exim/exim.conf"
- sed -e "48i\CFLAGS=${CFLAGS}" \
- -e "s:BIN_DIRECTORY=/usr/exim/bin:BIN_DIRECTORY=${EPREFIX}/usr/sbin:" \
- -e "s;EXIM_USER=;EXIM_USER=ref:${MAILUSER};" \
- -e "s:CONFIGURE_FILE=.*$:CONFIGURE_FILE=${conffile}:" \
- -e "s:ZCAT_COMMAND=.*$:ZCAT_COMMAND=${EPREFIX}/bin/zcat:" \
- -e "s:COMPRESS_COMMAND=.*$:COMPRESS_COMMAND=${EPREFIX}/bin/gzip:" \
- src/EDITME > Local/Makefile || die
-
- # work on Local/Makefile from now on
- cd Local
-
- cat >> Makefile <<- EOC
- INFO_DIRECTORY=${EPREFIX}/usr/share/info
- PID_FILE_PATH=${EPREFIX}/run/exim.pid
- SPOOL_DIRECTORY=${EPREFIX}/var/spool/exim
- HAVE_ICONV=yes
- EOC
-
- # if we use libiconv, now is the time to tell so
- if use !elibc_glibc && use !elibc_musl ; then
- cat >> Makefile <<- EOC
- EXTRALIBS_EXIM=-liconv
- EOC
- fi
-
- # support for IPv6
- if use ipv6; then
- cat >> Makefile <<- EOC
- HAVE_IPV6=YES
- EOC
- fi
-
- # support i18n/IDNA
- if use idn; then
- cat >> Makefile <<- EOC
- SUPPORT_I18N=yes
- SUPPORT_I18N_2008=yes
- EXTRALIBS_EXIM += -lidn -lidn2
- EOC
- fi
-
- #
- # mail storage formats
- #
-
- # mailstore is Exim's traditional storage format
- cat >> Makefile <<- EOC
- SUPPORT_MAILSTORE=yes
- EOC
-
- # mbox
- if use mbx; then
- cat >> Makefile <<- EOC
- SUPPORT_MBX=yes
- EOC
- fi
-
- # maildir
- if use maildir; then
- cat >> Makefile <<- EOC
- SUPPORT_MAILDIR=yes
- EOC
- fi
-
- #
- # lookup methods
-
- # use the "native" interfaces to the DBM and CDB libraries, support
- # passwd and directory lookups by default
- local DB_VERS="5.3 5.1 4.8 4.7 4.6 4.5 4.4 4.3 4.2 3.2"
- cat >> Makefile <<- EOC
- USE_DB=yes
- LOOKUP_CDB=yes
- LOOKUP_PASSWD=yes
- LOOKUP_DSEARCH=yes
- # keep include in CFLAGS because exim.h -> dbstuff.h -> db.h
- CFLAGS += -I$(db_includedir ${DB_VERS})
- DBMLIB = -l$(db_libname ${DB_VERS})
- EOC
-
- if ! use dnsdb; then
- # DNSDB lookup is enabled by default
- sed -i -e 's:^LOOKUP_DNSDB=yes:# LOOKUP_DNSDB=yes:' Makefile || die
- fi
-
- if use ldap; then
- cat >> Makefile <<- EOC
- LOOKUP_LDAP=yes
- LDAP_LIB_TYPE=OPENLDAP2
- LOOKUP_INCLUDE += -I"${EPREFIX}"/usr/include/ldap
- LOOKUP_LIBS += -lldap -llber
- EOC
- fi
-
- if use mysql; then
- cat >> Makefile <<- EOC
- LOOKUP_MYSQL=yes
- LOOKUP_INCLUDE += $(mysql_config --include)
- LOOKUP_LIBS += $(mysql_config --libs)
- EOC
- fi
-
- if use nis; then
- cat >> Makefile <<- EOC
- LOOKUP_NIS=yes
- LOOKUP_NISPLUS=yes
- EOC
- if use elibc_glibc ; then
- cat >> Makefile <<- EOC
- LOOKUP_INCLUDE += -I"${EPREFIX}"/usr/include/tirpc
- LOOKUP_LIBS += -lnsl
- EOC
- fi
- fi
-
- if use postgres; then
- cat >> Makefile <<- EOC
- LOOKUP_PGSQL=yes
- LOOKUP_INCLUDE += -I$(pg_config --includedir)
- LOOKUP_LIBS += -L$(pg_config --libdir) -lpq
- EOC
- fi
-
- if use sqlite; then
- cat >> Makefile <<- EOC
- LOOKUP_SQLITE=yes
- LOOKUP_SQLITE_PC=sqlite3
- EOC
- fi
-
- if use redis; then
- cat >> Makefile <<- EOC
- LOOKUP_REDIS=yes
- LOOKUP_LIBS += -lhiredis
- EOC
- fi
-
- # Exim monitor, enabled by default, controlled via X USE-flag,
- # disable if not requested, bug #46778
- if use X; then
- cp ../exim_monitor/EDITME eximon.conf || die
- cat >> Makefile <<- EOC
- EXIM_MONITOR=eximon.bin
- EOC
- fi
-
- #
- # features
- #
-
- # content scanning support
- if use exiscan-acl; then
- cat >> Makefile <<- EOC
- WITH_CONTENT_SCAN=yes
- EOC
- fi
-
- # DomainKeys Identified Mail, RFC4871
- if ! use dkim; then
- # DKIM is enabled by default
- cat >> Makefile <<- EOC
- DISABLE_DKIM=yes
- EOC
- fi
-
- # Per-Recipient-Data-Response
- if ! use prdr; then
- # PRDR is enabled by default
- cat >> Makefile <<- EOC
- DISABLE_PRDR=yes
- EOC
- fi
-
- # Transport post-delivery actions
- if use !tpda && use !dane; then
- # EVENT is enabled by default
- cat >> Makefile <<- EOC
- DISABLE_EVENT=yes
- EOC
- fi
-
- # log to syslog
- if use syslog; then
- local eximlog="${EPREFIX}/var/log/exim/exim_%s.log"
- sed -i \
- -e "s:LOG_FILE_PATH=${eximlog}:LOG_FILE_PATH=syslog:" \
- Makefile || die
- cat >> Makefile <<- EOC
- LOG_FILE_PATH=syslog
- EOC
- else
- cat >> Makefile <<- EOC
- LOG_FILE_PATH=${EPREFIX}/var/log/exim/exim_%s.log
- EOC
- fi
-
- # starttls support (ssl)
- if use ssl; then
- if use gnutls; then
- echo "USE_GNUTLS=yes" >> Makefile
- echo "USE_GNUTLS_PC=gnutls $(use dane && echo gnutls-dane)" \
- >> Makefile
- use pkcs11 || echo "AVOID_GNUTLS_PKCS11=yes" >> Makefile
- else
- echo "USE_OPENSSL=yes" >> Makefile
- echo "USE_OPENSSL_PC=openssl" >> Makefile
- fi
- else
- echo "DISABLE_TLS=yes" >> Makefile
- fi
-
- # TCP wrappers
- if use tcpd; then
- cat >> Makefile <<- EOC
- USE_TCP_WRAPPERS=yes
- EXTRALIBS_EXIM += -lwrap
- EOC
- fi
-
- # Light Mail Transport Protocol
- if use lmtp; then
- cat >> Makefile <<- EOC
- TRANSPORT_LMTP=yes
- EOC
- fi
-
- # embedded Perl
- if use perl; then
- cat >> Makefile <<- EOC
- EXIM_PERL=perl.o
- EOC
- fi
-
- # dlfunc
- if use dlfunc; then
- cat >> Makefile <<- EOC
- EXPAND_DLFUNC=yes
- HAVE_LOCAL_SCAN=yes
- DLOPEN_LOCAL_SCAN=yes
- EOC
- fi
-
- # Proxy Protocol
- if use proxy; then
- cat >> Makefile <<- EOC
- SUPPORT_PROXY=yes
- EOC
- fi
-
- # DANE
- if use !dane; then
- # DANE is enabled by default
- sed -i -e 's:^SUPPORT_DANE=yes:# SUPPORT_DANE=yes:' Makefile || die
- fi
-
- # DMARC
- if use dmarc; then
- cat >> Makefile <<- EOC
- SUPPORT_DMARC=yes
- EXTRALIBS_EXIM += -lopendmarc
- EOC
- fi
-
- # Sender Policy Framework
- if use spf; then
- cat >> Makefile <<- EOC
- SUPPORT_SPF=yes
- EXTRALIBS_EXIM += -lspf2
- EOC
- fi
-
- #
- # experimental features
- #
-
- # Authenticated Receive Chain
- if use arc; then
- echo "EXPERIMENTAL_ARC=yes">> Makefile
- fi
-
- # Distributed Checksum Clearinghouse
- if use dcc; then
- echo "EXPERIMENTAL_DCC=yes">> Makefile
- fi
-
- # Sender Rewriting Scheme
- if use srs; then
- # NOTE: we currently USE-default to srs-alt, because this is
- # what USE=srs used to be. Eventually we want to rid ourselves
- # of this external implementation.
- if use srs-alt; then
- # historical default, from 4.95 this becomes
- # EXPERIMENTAL_SRS_ALT
- cat >> Makefile <<- EOC
- EXPERIMENTAL_SRS=yes
- EXTRALIBS_EXIM += -lsrs_alt
- EOC
- fi
- if use srs-native; then
- # this one becomes SUPPORT_SRS in 4.95
- cat >> Makefile <<- EOC
- EXPERIMENTAL_SRS_NATIVE=yes
- EOC
- fi
- fi
-
- # Delivery Sender Notifications extra information in fail message
- if use dsn; then
- cat >> Makefile <<- EOC
- EXPERIMENTAL_DSN_INFO=yes
- EOC
- fi
-
- #
- # authentication (SMTP AUTH)
- #
-
- # standard bits
- cat >> Makefile <<- EOC
- AUTH_SPA=yes
- AUTH_CRAM_MD5=yes
- AUTH_PLAINTEXT=yes
- EOC
-
- # Cyrus SASL
- if use sasl; then
- cat >> Makefile <<- EOC
- CYRUS_SASLAUTHD_SOCKET=${EPREFIX}/run/saslauthd/mux
- AUTH_CYRUS_SASL=yes
- AUTH_LIBS += -lsasl2
- EOC
- fi
-
- # Dovecot
- if use dovecot-sasl; then
- cat >> Makefile <<- EOC
- AUTH_DOVECOT=yes
- EOC
- fi
-
- # Pluggable Authentication Modules
- if use pam; then
- cat >> Makefile <<- EOC
- SUPPORT_PAM=yes
- AUTH_LIBS += -lpam
- EOC
- fi
-
- # Radius
- if use radius; then
- cat >> Makefile <<- EOC
- RADIUS_CONFIG_FILE=${EPREFIX}/etc/radiusclient/radiusclient.conf
- RADIUS_LIB_TYPE=RADIUSCLIENTNEW
- AUTH_LIBS += -lfreeradius-client
- EOC
- fi
-}
-
-src_compile() {
- emake CC="$(tc-getCC)" HOSTCC="$(tc-getBUILD_CC)" \
- AR="$(tc-getAR) cq" RANLIB="$(tc-getRANLIB)" FULLECHO=''
-}
-
-src_install() {
- cd "${S}"/build-exim-gentoo || die
- dosbin exim
- if use X; then
- dosbin eximon.bin
- dosbin eximon
- fi
- fperms 4755 /usr/sbin/exim
-
- dosym exim /usr/sbin/sendmail
- dosym exim /usr/sbin/rsmtp
- dosym exim /usr/sbin/rmail
- dosym ../sbin/exim /usr/bin/mailq
- dosym ../sbin/exim /usr/bin/newaliases
- dosym ../sbin/sendmail /usr/lib/sendmail
-
- for i in exicyclog exim_dbmbuild exim_dumpdb exim_fixdb exim_lock \
- exim_tidydb exinext exiwhat exigrep eximstats exiqsumm exiqgrep \
- convert4r3 convert4r4 exipick
- do
- dosbin $i
- done
-
- dodoc -r "${S}"/doc/.
- doman "${S}"/doc/exim.8
- use dsn && dodoc "${S}"/README.DSN
- use doc && dodoc "${WORKDIR}"/${PN}-pdf-${PV//rc/RC}/doc/*.pdf
-
- # conf files
- insinto /etc/exim
- newins "${S}"/src/configure.default exim.conf.dist
- if use exiscan-acl; then
- newins "${S}"/src/configure.default exim.conf.exiscan-acl
- fi
- doins "${WORKDIR}"/system_filter.exim
- doins "${FILESDIR}"/auth_conf.sub
-
- if use pam; then
- pamd_mimic system-auth exim auth account
- fi
-
- # headers, #436406
- if use dlfunc ; then
- # fixup includes so they actually can be found when including
- sed -i \
- -e '/#include "\(config\|store\|mytypes\).h"/s:"\(.\+\)":<exim/\1>:' \
- local_scan.h || die
- insinto /usr/include/exim
- doins {config,local_scan}.h ../src/{mytypes,store}.h
- fi
-
- insinto /etc/logrotate.d
- newins "${FILESDIR}/exim.logrotate" exim
-
- newinitd "${FILESDIR}"/exim.rc10 exim
- newconfd "${FILESDIR}"/exim.confd exim
-
- systemd_dounit \
- "${FILESDIR}"/{exim.service,exim.socket,exim-submission.socket}
- systemd_newunit \
- "${FILESDIR}"/exim_at.service 'exim@.service'
- systemd_newunit \
- "${FILESDIR}"/exim-submission_at.service 'exim-submission@.service'
-
- diropts -m 0750 -o ${MAILUSER} -g ${MAILGROUP}
- keepdir /var/log/${PN}
-}
-
-pkg_postinst() {
- if [[ ! -f ${EROOT}/etc/exim/exim.conf ]] ; then
- einfo "${EROOT}/etc/exim/system_filter.exim is a sample system_filter."
- einfo "${EROOT}/etc/exim/auth_conf.sub contains the configuration sub"
- einfo "for using smtp auth."
- einfo "Please create ${EROOT}/etc/exim/exim.conf from"
- einfo " ${EROOT}/etc/exim/exim.conf.dist."
- fi
- if use dmarc ; then
- einfo "DMARC support requires ${EROOT}/etc/exim/opendmarc.tlds"
- einfo "you can populate this file with the contents downloaded from"
- einfo " https://publicsuffix.org/list/public_suffix_list.dat"
- fi
- if use dcc ; then
- einfo "DCC support is experimental, you can find some limited"
- einfo "documentation at the bottom of this prerelease message:"
- einfo " http://article.gmane.org/gmane.mail.exim.devel/3579"
- fi
- if use srs ; then
- einfo "SRS support is experimental in this release of Exim"
- if use srs-alt; then
- elog "You are using libsrs_alt to implement SRS support."
- elog "In future release of Exim, the native SRS implementation"
- elog "(USE=srs-native) will become the default. Please prepare"
- elog "your package.use or switch to USE=srs-native now."
- fi
- fi
- use dsn && einfo "extra information in fail DSN message is experimental"
- einfo
- elog "Note that this release contains a tainted variable check that"
- elog "is likely to break your configuration used with Exim 4.93 and before."
- elog "Please check your transports for occurences of \$local_part, and"
- elog "use a replacement like \$local_part_data where possible."
-}
diff --git a/mail-mta/exim/files/exim-4.20-maildir.patch b/mail-mta/exim/files/exim-4.20-maildir.patch
deleted file mode 100644
index 3cb198d545c..00000000000
--- a/mail-mta/exim/files/exim-4.20-maildir.patch
+++ /dev/null
@@ -1,14 +0,0 @@
-diff -urN ./exim-4.20.orig/src/configure.default exim-4.20/src/configure.default
---- ./exim-4.20.orig/src/configure.default 2003-06-27 16:48:22.000000000 -0700
-+++ exim-4.20/src/configure.default 2003-06-27 16:52:20.000000000 -0700
-@@ -451,7 +451,9 @@
-
- local_delivery:
- driver = appendfile
-- file = /var/mail/$local_part
-+# file = /var/mail/$local_part
-+ directory = /home/$local_part/.maildir
-+ maildir_format
- delivery_date_add
- envelope_to_add
- return_path_add
diff --git a/mail-mta/exim/files/exim-4.93-CVE-2020-12783.patch b/mail-mta/exim/files/exim-4.93-CVE-2020-12783.patch
deleted file mode 100644
index c957d5541e4..00000000000
--- a/mail-mta/exim/files/exim-4.93-CVE-2020-12783.patch
+++ /dev/null
@@ -1,83 +0,0 @@
-auths/spa: fix for CVE-2020-12783
-
-This is a combined patch of git commits:
-
-57aa14b216432be381b6295c312065b2fd034f86
-a04174dc2a84ae1008c23b6a7109e7fa3fb7b8b0
-
-leaving out whitespace noise for a smaller patch
-and made it apply to the 4.93 release
-
-modified paths because Exim dists differ in layout from the git repo
-
-Fix SPA authenticator, checking client-supplied data before using it. Bug 2571
-Rework SPA fix to avoid overflows. Bug 2571
-
-
---- a/src/auths/auth-spa.c
-+++ b/src/auths/auth-spa.c
-@@ -405,7 +405,7 @@ int
- /* base 64 to raw bytes in quasi-big-endian order, returning count of bytes */
- {
- int len = 0;
-- register uschar digit1, digit2, digit3, digit4;
-+ uschar digit1, digit2, digit3, digit4;
-
- if (in[0] == '+' && in[1] == ' ')
- in += 2;
---- a/src/auths/spa.c
-+++ b/src/auths/spa.c
-@@ -139,7 +139,8 @@ SPAAuthChallenge challenge;
- SPAAuthResponse response;
- SPAAuthResponse *responseptr = &response;
- uschar msgbuf[2048];
--uschar *clearpass;
-+uschar *clearpass, *s;
-+unsigned off;
-
- /* send a 334, MS Exchange style, and grab the client's request,
- unless we already have it via an initial response. */
-@@ -194,9 +195,19 @@ that causes failure if the size of msgbuf is exceeded. ****/
-
- {
- int i;
-- char *p = ((char*)responseptr) + IVAL(&responseptr->uUser.offset,0);
-+ char * p;
- int len = SVAL(&responseptr->uUser.len,0)/2;
-
-+ if ( (off = IVAL(&responseptr->uUser.offset,0)) >= sizeof(SPAAuthResponse)
-+ || len >= sizeof(responseptr->buffer)/2
-+ || (p = (CS responseptr) + off) + len*2 >= CS (responseptr+1)
-+ )
-+ {
-+ DEBUG(D_auth)
-+ debug_printf("auth_spa_server(): bad uUser spec in response\n");
-+ return FAIL;
-+ }
-+
- if (len + 1 >= sizeof(msgbuf)) return FAIL;
- for (i = 0; i < len; ++i)
- {
-@@ -245,12 +256,16 @@ spa_smb_nt_encrypt(clearpass, challenge.challengeData, ntRespData);
-
- /* compare NT hash (LM may not be available) */
-
--if (memcmp(ntRespData,
-- ((unsigned char*)responseptr)+IVAL(&responseptr->ntResponse.offset,0),
-- 24) == 0)
-- /* success. we have a winner. */
-- {
-+off = IVAL(&responseptr->ntResponse.offset,0);
-+if (off >= sizeof(SPAAuthResponse) - 24)
-+ {
-+ DEBUG(D_auth)
-+ debug_printf("auth_spa_server(): bad ntRespData spec in response\n");
-+ return FAIL;
-+ }
-+s = (US responseptr) + off;
-+
-+if (memcmp(ntRespData, s, 24) == 0)
- return auth_check_serv_cond(ablock);
-- }
-
- /* Expand server_condition as an authorization check (PH) */
diff --git a/mail-mta/exim/files/exim-4.93-fno-common.patch b/mail-mta/exim/files/exim-4.93-fno-common.patch
deleted file mode 100644
index c5fff1c6720..00000000000
--- a/mail-mta/exim/files/exim-4.93-fno-common.patch
+++ /dev/null
@@ -1,16 +0,0 @@
-Fix -fno-common linking
-
-Bug: https://bugs.gentoo.org/723430
-Bug: https://bugs.exim.org/show_bug.cgi?id=2577
-
---- exim-4.93.0.4/src/globals.h
-+++ exim-4.93.0.4/src/globals.h
-@@ -342,7 +342,7 @@
- extern BOOL allow_domain_literals; /* As it says */
- extern BOOL allow_mx_to_ip; /* Allow MX records to -> ip address */
- #ifdef EXPERIMENTAL_ARC
--struct arc_set *arc_received; /* highest ARC instance evaluation struct */
-+extern struct arc_set *arc_received; /* highest ARC instance evaluation struct */
- extern int arc_received_instance; /* highest ARC instance number in headers */
- extern int arc_oldest_pass; /* lowest passing instance number in headers */
- extern const uschar *arc_state; /* verification state */
diff --git a/mail-mta/exim/files/exim-4.93-localscan_dlopen.patch b/mail-mta/exim/files/exim-4.93-localscan_dlopen.patch
deleted file mode 100644
index 0d016dbeb26..00000000000
--- a/mail-mta/exim/files/exim-4.93-localscan_dlopen.patch
+++ /dev/null
@@ -1,269 +0,0 @@
-diff -ur exim-4.92.orig/src/config.h.defaults exim-4.92/src/config.h.defaults
---- exim-4.92.orig/src/config.h.defaults 2019-01-30 14:59:52.000000000 +0100
-+++ exim-4.92/src/config.h.defaults 2019-02-16 18:17:24.547216157 +0100
-@@ -32,6 +32,8 @@
-
- #define AUTH_VARS 3
-
-+#define DLOPEN_LOCAL_SCAN
-+
- #define BIN_DIRECTORY
-
- #define CONFIGURE_FILE
-Only in exim-4.92/src: config.h.defaults.orig
-diff -ur exim-4.92.orig/src/EDITME exim-4.92/src/EDITME
---- exim-4.92.orig/src/EDITME 2019-01-30 14:59:52.000000000 +0100
-+++ exim-4.92/src/EDITME 2019-02-16 18:17:24.547216157 +0100
-@@ -824,6 +824,24 @@
-
-
- #------------------------------------------------------------------------------
-+# On systems which support dynamic loading of shared libraries, Exim can
-+# load a local_scan function specified in its config file instead of having
-+# to be recompiled with the desired local_scan function. For a full
-+# description of the API to this function, see the Exim specification.
-+
-+#DLOPEN_LOCAL_SCAN=yes
-+
-+# If you set DLOPEN_LOCAL_SCAN, then you need to include -rdynamic in the
-+# linker flags. Without it, the loaded .so won't be able to access any
-+# functions from exim.
-+
-+LFLAGS = -rdynamic
-+ifeq ($(OSTYPE),Linux)
-+LFLAGS += -ldl
-+endif
-+
-+
-+#------------------------------------------------------------------------------
- # The default distribution of Exim contains only the plain text form of the
- # documentation. Other forms are available separately. If you want to install
- # the documentation in "info" format, first fetch the Texinfo documentation
-Only in exim-4.92/src: EDITME.orig
-diff -ur exim-4.92.orig/src/globals.c exim-4.92/src/globals.c
---- exim-4.92.orig/src/globals.c 2019-01-30 14:59:52.000000000 +0100
-+++ exim-4.92/src/globals.c 2019-02-16 18:17:24.549216150 +0100
-@@ -41,6 +41,10 @@
-
- uschar *no_aliases = NULL;
-
-+#ifdef DLOPEN_LOCAL_SCAN
-+uschar *local_scan_path = NULL;
-+#endif
-+
-
- /* For comments on these variables, see globals.h. I'm too idle to
- duplicate them here... */
-Only in exim-4.92/src: globals.c.orig
-diff -ur exim-4.92.orig/src/globals.h exim-4.92/src/globals.h
---- exim-4.92.orig/src/globals.h 2019-01-30 14:59:52.000000000 +0100
-+++ exim-4.92/src/globals.h 2019-02-16 18:17:24.549216150 +0100
-@@ -152,6 +152,9 @@
- extern int (*receive_ferror)(void);
- extern BOOL (*receive_smtp_buffered)(void);
-
-+#ifdef DLOPEN_LOCAL_SCAN
-+extern uschar *local_scan_path; /* Path to local_scan() library */
-+#endif
-
- /* For clearing, saving, restoring address expansion variables. We have to have
- the size of this vector set explicitly, because it is referenced from more than
-Only in exim-4.92/src: globals.h.orig
-diff -ur exim-4.92.orig/src/local_scan.c exim-4.92/src/local_scan.c
---- exim-4.92.orig/src/local_scan.c 2019-01-30 14:59:52.000000000 +0100
-+++ exim-4.92/src/local_scan.c 2019-02-16 18:29:56.832732592 +0100
-@@ -5,61 +5,133 @@
- /* Copyright (c) University of Cambridge 1995 - 2009 */
- /* See the file NOTICE for conditions of use and distribution. */
-
-+#include "local_scan.h"
-
--/******************************************************************************
--This file contains a template local_scan() function that just returns ACCEPT.
--If you want to implement your own version, you should copy this file to, say
--Local/local_scan.c, and edit the copy. To use your version instead of the
--default, you must set
--
--HAVE_LOCAL_SCAN=yes
--LOCAL_SCAN_SOURCE=Local/local_scan.c
--
--in your Local/Makefile. This makes it easy to copy your version for use with
--subsequent Exim releases.
--
--For a full description of the API to this function, see the Exim specification.
--******************************************************************************/
--
--
--/* This is the only Exim header that you should include. The effect of
--including any other Exim header is not defined, and may change from release to
--release. Use only the documented interface! */
--
--#include "local_scan.h"
--
--
--/* This is a "do-nothing" version of a local_scan() function. The arguments
--are:
--
-- fd The file descriptor of the open -D file, which contains the
-- body of the message. The file is open for reading and
-- writing, but modifying it is dangerous and not recommended.
--
-- return_text A pointer to an unsigned char* variable which you can set in
-- order to return a text string. It is initialized to NULL.
--
--The return values of this function are:
--
-- LOCAL_SCAN_ACCEPT
-- The message is to be accepted. The return_text argument is
-- saved in $local_scan_data.
--
-- LOCAL_SCAN_REJECT
-- The message is to be rejected. The returned text is used
-- in the rejection message.
--
-- LOCAL_SCAN_TEMPREJECT
-- This specifies a temporary rejection. The returned text
-- is used in the rejection message.
--*/
-+#ifdef DLOPEN_LOCAL_SCAN
-+#include <stdlib.h>
-+#include <dlfcn.h>
-+static int (*local_scan_fn)(int fd, uschar **return_text) = NULL;
-+static int load_local_scan_library(void);
-+extern uschar *local_scan_path; /* Path to local_scan() library */
-+#endif
-
- int
- local_scan(int fd, uschar **return_text)
- {
- fd = fd; /* Keep picky compilers happy */
- return_text = return_text;
--return LOCAL_SCAN_ACCEPT;
-+#ifdef DLOPEN_LOCAL_SCAN
-+/* local_scan_path is defined AND not the empty string */
-+if (local_scan_path && *local_scan_path)
-+ {
-+ if (!local_scan_fn)
-+ {
-+ if (!load_local_scan_library())
-+ {
-+ char *base_msg , *error_msg , *final_msg ;
-+ int final_length = -1 ;
-+
-+ base_msg=US"Local configuration error - local_scan() library failure\n";
-+ error_msg = dlerror() ;
-+
-+ final_length = strlen(base_msg) + strlen(error_msg) + 1 ;
-+ final_msg = (char*)malloc( final_length*sizeof(char) ) ;
-+ *final_msg = '\0' ;
-+
-+ strcat( final_msg , base_msg ) ;
-+ strcat( final_msg , error_msg ) ;
-+
-+ *return_text = final_msg ;
-+ return LOCAL_SCAN_TEMPREJECT;
-+ }
-+ }
-+ return local_scan_fn(fd, return_text);
-+ }
-+else
-+#endif
-+ return LOCAL_SCAN_ACCEPT;
-+}
-+
-+#ifdef DLOPEN_LOCAL_SCAN
-+
-+static int load_local_scan_library(void)
-+{
-+/* No point in keeping local_scan_lib since we'll never dlclose() anyway */
-+void *local_scan_lib = NULL;
-+int (*local_scan_version_fn)(void);
-+int vers_maj;
-+int vers_min;
-+
-+local_scan_lib = dlopen(local_scan_path, RTLD_NOW);
-+if (!local_scan_lib)
-+ {
-+ log_write(0, LOG_MAIN|LOG_REJECT, "local_scan() library open failed - "
-+ "message temporarily rejected");
-+ return FALSE;
-+ }
-+
-+local_scan_version_fn = dlsym(local_scan_lib, "local_scan_version_major");
-+if (!local_scan_version_fn)
-+ {
-+ dlclose(local_scan_lib);
-+ log_write(0, LOG_MAIN|LOG_REJECT, "local_scan() library doesn't contain "
-+ "local_scan_version_major() function - message temporarily rejected");
-+ return FALSE;
-+ }
-+
-+/* The major number is increased when the ABI is changed in a non
-+ backward compatible way. */
-+vers_maj = local_scan_version_fn();
-+
-+local_scan_version_fn = dlsym(local_scan_lib, "local_scan_version_minor");
-+if (!local_scan_version_fn)
-+ {
-+ dlclose(local_scan_lib);
-+ log_write(0, LOG_MAIN|LOG_REJECT, "local_scan() library doesn't contain "
-+ "local_scan_version_minor() function - message temporarily rejected");
-+ return FALSE;
-+ }
-+
-+/* The minor number is increased each time a new feature is added (in a
-+ way that doesn't break backward compatibility) -- Marc */
-+vers_min = local_scan_version_fn();
-+
-+
-+if (vers_maj != LOCAL_SCAN_ABI_VERSION_MAJOR)
-+ {
-+ dlclose(local_scan_lib);
-+ local_scan_lib = NULL;
-+ log_write(0, LOG_MAIN|LOG_REJECT, "local_scan() has an incompatible major"
-+ "version number, you need to recompile your module for this version"
-+ "of exim (The module was compiled for version %d.%d and this exim provides"
-+ "ABI version %d.%d)", vers_maj, vers_min, LOCAL_SCAN_ABI_VERSION_MAJOR,
-+ LOCAL_SCAN_ABI_VERSION_MINOR);
-+ return FALSE;
-+ }
-+else if (vers_min > LOCAL_SCAN_ABI_VERSION_MINOR)
-+ {
-+ dlclose(local_scan_lib);
-+ local_scan_lib = NULL;
-+ log_write(0, LOG_MAIN|LOG_REJECT, "local_scan() has an incompatible minor"
-+ "version number, you need to recompile your module for this version"
-+ "of exim (The module was compiled for version %d.%d and this exim provides"
-+ "ABI version %d.%d)", vers_maj, vers_min, LOCAL_SCAN_ABI_VERSION_MAJOR,
-+ LOCAL_SCAN_ABI_VERSION_MINOR);
-+ return FALSE;
-+ }
-+
-+local_scan_fn = dlsym(local_scan_lib, "local_scan");
-+if (!local_scan_fn)
-+ {
-+ dlclose(local_scan_lib);
-+ log_write(0, LOG_MAIN|LOG_REJECT, "local_scan() library doesn't contain "
-+ "local_scan() function - message temporarily rejected");
-+ return FALSE;
-+ }
-+
-+return TRUE;
- }
-
-+#endif /* DLOPEN_LOCAL_SCAN */
-+
- /* End of local_scan.c */
-diff -ur exim-4.92.orig/src/readconf.c exim-4.92/src/readconf.c
---- exim-4.92.orig/src/readconf.c 2019-01-30 14:59:52.000000000 +0100
-+++ exim-4.92/src/readconf.c 2019-02-16 18:18:46.013947455 +0100
-@@ -199,6 +199,9 @@
- { "local_from_prefix", opt_stringptr, &local_from_prefix },
- { "local_from_suffix", opt_stringptr, &local_from_suffix },
- { "local_interfaces", opt_stringptr, &local_interfaces },
-+#ifdef DLOPEN_LOCAL_SCAN
-+ { "local_scan_path", opt_stringptr, &local_scan_path },
-+#endif
- #ifdef HAVE_LOCAL_SCAN
- { "local_scan_timeout", opt_time, &local_scan_timeout },
- #endif
diff --git a/mail-mta/exim/files/exim-4.93-radius.patch b/mail-mta/exim/files/exim-4.93-radius.patch
deleted file mode 100644
index 55c52bee561..00000000000
--- a/mail-mta/exim/files/exim-4.93-radius.patch
+++ /dev/null
@@ -1,66 +0,0 @@
-From 70b28b113e21d21a528876c3abe88ccb5f7cc77d Mon Sep 17 00:00:00 2001
-From: Fabian Groffen <grobian@gentoo.org>
-Date: Sat, 9 May 2020 11:35:12 +0200
-Subject: [PATCH] call_radius: fix compilation due to incorrect usage of
- string_sprintf
-
-Since f3ebb786e451da973560f1c9d8cdb151d25108b5, string_sprintf cannot be
-used without arguments any more, so use US directly.
-
-While at it, also make newline usage consistent to not return a newline
-in errptr, when it is debug-printed, a newline is added.
-
-https://bugs.gentoo.org/720364
-
-Signed-off-by: Fabian Groffen <grobian@gentoo.org>
----
- src/src/auths/call_radius.c | 16 ++++++++--------
- 1 file changed, 8 insertions(+), 8 deletions(-)
-
-diff --git a/src/src/auths/call_radius.c b/src/src/auths/call_radius.c
-index c3637436d..253fd75cd 100644
---- a/src/src/auths/call_radius.c
-+++ b/src/src/auths/call_radius.c
-@@ -115,16 +115,16 @@ if (rc_read_config(RADIUS_CONFIG_FILE) != 0)
- *errptr = string_sprintf("RADIUS: can't open %s", RADIUS_CONFIG_FILE);
-
- else if (rc_read_dictionary(rc_conf_str("dictionary")) != 0)
-- *errptr = string_sprintf("RADIUS: can't read dictionary");
-+ *errptr = US("RADIUS: can't read dictionary");
-
- else if (rc_avpair_add(&send, PW_USER_NAME, user, 0) == NULL)
-- *errptr = string_sprintf("RADIUS: add user name failed\n");
-+ *errptr = US("RADIUS: add user name failed");
-
- else if (rc_avpair_add(&send, PW_USER_PASSWORD, CS radius_args, 0) == NULL)
-- *errptr = string_sprintf("RADIUS: add password failed\n");
-+ *errptr = US("RADIUS: add password failed");
-
- else if (rc_avpair_add(&send, PW_SERVICE_TYPE, &service, 0) == NULL)
-- *errptr = string_sprintf("RADIUS: add service type failed\n");
-+ *errptr = US("RADIUS: add service type failed");
-
- #else /* RADIUS_LIB_RADIUSCLIENT unset => RADIUS_LIB_RADIUSCLIENT2 */
-
-@@ -132,17 +132,17 @@ if ((h = rc_read_config(RADIUS_CONFIG_FILE)) == NULL)
- *errptr = string_sprintf("RADIUS: can't open %s", RADIUS_CONFIG_FILE);
-
- else if (rc_read_dictionary(h, rc_conf_str(h, "dictionary")) != 0)
-- *errptr = string_sprintf("RADIUS: can't read dictionary");
-+ *errptr = US("RADIUS: can't read dictionary");
-
- else if (rc_avpair_add(h, &send, PW_USER_NAME, user, Ustrlen(user), 0) == NULL)
-- *errptr = string_sprintf("RADIUS: add user name failed\n");
-+ *errptr = US("RADIUS: add user name failed");
-
- else if (rc_avpair_add(h, &send, PW_USER_PASSWORD, CS radius_args,
- Ustrlen(radius_args), 0) == NULL)
-- *errptr = string_sprintf("RADIUS: add password failed\n");
-+ *errptr = US("RADIUS: add password failed");
-
- else if (rc_avpair_add(h, &send, PW_SERVICE_TYPE, &service, 0, 0) == NULL)
-- *errptr = string_sprintf("RADIUS: add service type failed\n");
-+ *errptr = US("RADIUS: add service type failed");
-
- #endif /* RADIUS_LIB_RADIUSCLIENT */
-
diff --git a/mail-mta/exim/files/exim-4.94-taint-pam-expansion.patch b/mail-mta/exim/files/exim-4.94-taint-pam-expansion.patch
deleted file mode 100644
index 81863d340ed..00000000000
--- a/mail-mta/exim/files/exim-4.94-taint-pam-expansion.patch
+++ /dev/null
@@ -1,35 +0,0 @@
-From f7f933a199be8bb7362c715e0040545b514cddca Mon Sep 17 00:00:00 2001
-From: Jeremy Harris <jgh146exb@wizmail.org>
-Date: Tue, 2 Jun 2020 14:50:31 +0100
-Subject: [PATCH] Taint: fix pam expansion condition. Bug 2587
-
----
- doc/doc-txt/ChangeLog | 5 +++++
- src/src/auths/call_pam.c | 5 ++---
- 2 files changed, 7 insertions(+), 3 deletions(-)
-
-modified for gentoo so the patch applies by dropping Changelog part
-
-diff --git a/src/src/auths/call_pam.c b/src/src/auths/call_pam.c
-index 2959cbbf3..80bb23ec3 100644
---- a/src/src/auths/call_pam.c
-+++ b/src/src/auths/call_pam.c
-@@ -83,8 +83,7 @@ for (int i = 0; i < num_msg; i++)
- {
- case PAM_PROMPT_ECHO_ON:
- case PAM_PROMPT_ECHO_OFF:
-- arg = string_nextinlist(&pam_args, &sep, big_buffer, big_buffer_size);
-- if (!arg)
-+ if (!(arg = string_nextinlist(&pam_args, &sep, NULL, 0)))
- {
- arg = US"";
- pam_arg_ended = TRUE;
-@@ -155,7 +154,7 @@ pam_arg_ended = FALSE;
- fail. PAM doesn't support authentication with an empty user (it prompts for it,
- causing a potential mis-interpretation). */
-
--user = string_nextinlist(&pam_args, &sep, big_buffer, big_buffer_size);
-+user = string_nextinlist(&pam_args, &sep, NULL, 0);
- if (user == NULL || user[0] == 0) return FAIL;
-
- /* Start off PAM interaction */
^ permalink raw reply related [flat|nested] 24+ messages in thread
* [gentoo-commits] repo/gentoo:master commit in: mail-mta/exim/files/, mail-mta/exim/
@ 2021-05-08 8:23 Fabian Groffen
0 siblings, 0 replies; 24+ messages in thread
From: Fabian Groffen @ 2021-05-08 8:23 UTC (permalink / raw
To: gentoo-commits
commit: 9a3e0eda4fc04c85c612ee6cdfd45e26e9108209
Author: Fabian Groffen <grobian <AT> gentoo <DOT> org>
AuthorDate: Sat May 8 08:23:13 2021 +0000
Commit: Fabian Groffen <grobian <AT> gentoo <DOT> org>
CommitDate: Sat May 8 08:23:19 2021 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=9a3e0eda
mail-mta/exim: bump stable release to include SLOT dep for opendmarc
Unfortunately opendmarc broke their API without telling, and we need to
ensure Exim instances are rebuilt that link against an upgraded
opendmarc. Also, need to ensure that once opendmarc-1.4 goes stable,
Exim is properly rebuilt. Unfortunately this requires a conditional
patch, so we're all extremely unhappy here.
Closes: https://bugs.gentoo.org/788343
Package-Manager: Portage-3.0.18, Repoman-3.0.2
RepoMan-Options: --force
Signed-off-by: Fabian Groffen <grobian <AT> gentoo.org>
.../exim/{exim-4.94.2.ebuild => exim-4.94.2-r1.ebuild} | 8 +++++++-
mail-mta/exim/files/exim-4.94-opendmarc-1.4.patch | 14 ++++++++++++++
2 files changed, 21 insertions(+), 1 deletion(-)
diff --git a/mail-mta/exim/exim-4.94.2.ebuild b/mail-mta/exim/exim-4.94.2-r1.ebuild
similarity index 98%
rename from mail-mta/exim/exim-4.94.2.ebuild
rename to mail-mta/exim/exim-4.94.2-r1.ebuild
index 6458d452535..6d46c0ba652 100644
--- a/mail-mta/exim/exim-4.94.2.ebuild
+++ b/mail-mta/exim/exim-4.94.2-r1.ebuild
@@ -69,7 +69,7 @@ COMMON_DEPEND=">=sys-apps/sed-4.0.5
sasl? ( >=dev-libs/cyrus-sasl-2.1.26-r2 )
redis? ( dev-libs/hiredis )
spf? ( >=mail-filter/libspf2-1.2.5-r1 )
- dmarc? ( mail-filter/opendmarc )
+ dmarc? ( mail-filter/opendmarc:= )
srs? ( srs-alt? ( mail-filter/libsrs_alt ) )
X? (
x11-libs/libX11
@@ -117,6 +117,12 @@ src_prepare() {
eapply "${FILESDIR}"/exim-4.69-r1.27021.patch
eapply "${FILESDIR}"/exim-4.94-localscan_dlopen.patch
+ # for this reason we have a := dep on opendmarc, they changed their
+ # API in a minor release
+ if use dmarc && has_version ">=mail-filter/opendmarc-1.4" ; then
+ eapply "${FILESDIR}"/exim-4.94-opendmarc-1.4.patch
+ fi
+
if use maildir ; then
eapply "${FILESDIR}"/exim-4.94-maildir.patch
else
diff --git a/mail-mta/exim/files/exim-4.94-opendmarc-1.4.patch b/mail-mta/exim/files/exim-4.94-opendmarc-1.4.patch
new file mode 100644
index 00000000000..d37c320d159
--- /dev/null
+++ b/mail-mta/exim/files/exim-4.94-opendmarc-1.4.patch
@@ -0,0 +1,14 @@
+https://bugs.exim.org/show_bug.cgi?id=2728
+
+
+--- a/src/dmarc.c
++++ b/src/dmarc.c
+@@ -446,7 +446,7 @@
+ vs == PDKIM_VERIFY_INVALID ? DMARC_POLICY_DKIM_OUTCOME_TMPFAIL :
+ DMARC_POLICY_DKIM_OUTCOME_NONE;
+ libdm_status = opendmarc_policy_store_dkim(dmarc_pctx, US sig->domain,
+- dkim_result, US"");
++ sig->selector, dkim_result, US"");
+ DEBUG(D_receive)
+ debug_printf("DMARC adding DKIM sender domain = %s\n", sig->domain);
+ if (libdm_status != DMARC_PARSE_OKAY)
^ permalink raw reply related [flat|nested] 24+ messages in thread
* [gentoo-commits] repo/gentoo:master commit in: mail-mta/exim/files/, mail-mta/exim/
@ 2021-07-01 16:08 Fabian Groffen
0 siblings, 0 replies; 24+ messages in thread
From: Fabian Groffen @ 2021-07-01 16:08 UTC (permalink / raw
To: gentoo-commits
commit: 43159dcf782969bbc4320d786a87f127cb02d5df
Author: Fabian Groffen <grobian <AT> gentoo <DOT> org>
AuthorDate: Thu Jul 1 16:08:18 2021 +0000
Commit: Fabian Groffen <grobian <AT> gentoo <DOT> org>
CommitDate: Thu Jul 1 16:08:34 2021 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=43159dcf
mail-mta/exim-4.94.2-r6: add patch to fix crash on resolve
Closes: https://bugs.gentoo.org/799368
Package-Manager: Portage-3.0.20, Repoman-3.0.2
Signed-off-by: Fabian Groffen <grobian <AT> gentoo.org>
mail-mta/exim/exim-4.94.2-r6.ebuild | 665 +++++++++++++++++++++
.../exim/files/exim-4.94.2-fix-crash-resolve.patch | 24 +
2 files changed, 689 insertions(+)
diff --git a/mail-mta/exim/exim-4.94.2-r6.ebuild b/mail-mta/exim/exim-4.94.2-r6.ebuild
new file mode 100644
index 00000000000..fd36c6e44c7
--- /dev/null
+++ b/mail-mta/exim/exim-4.94.2-r6.ebuild
@@ -0,0 +1,665 @@
+# Copyright 1999-2021 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI="7"
+
+inherit db-use toolchain-funcs multilib pam systemd
+
+IUSE="arc berkdb +dane dcc +dkim dlfunc dmarc +dnsdb doc dovecot-sasl
+dsn elibc_glibc exiscan-acl gdbm gnutls idn ipv6 ldap lmtp maildir mbx
+mysql nis pam perl pkcs11 postgres +prdr proxy radius redis sasl selinux
+socks5 spf sqlite srs +srs-alt srs-native +ssl syslog tdb tcpd +tpda X"
+REQUIRED_USE="
+ arc? ( dkim spf )
+ dane? ( ssl !gnutls )
+ dmarc? ( dkim spf )
+ dkim? ( ssl !gnutls )
+ gnutls? ( ssl )
+ pkcs11? ( ssl )
+ spf? ( exiscan-acl )
+ srs? (
+ exiscan-acl
+ ^^ ( srs-alt srs-native )
+ )
+ || ( berkdb gdbm tdb )
+"
+# NOTE on USE="gnutls dane", gnutls[dane] is masked in base, unmasked
+# for x86 and amd64 only, due to this, repoman won't allow depending on
+# gnutls[dane] for all else. Because we cannot express USE=dane when
+# USE=gnutls is in effect only in package.use.mask, the only option we
+# have left is to a) ignore the dependency (but that results in bug
+# #661164) or b) mask the usage of USE=dane with USE=gnutls. Both are
+# incorrect, but b) is the only "correct" view from repoman.
+# We cannot express a required use for berkdb/gdbm/tdb correctly because
+# berkdb and gdbm are both enabled in base profile
+
+SDIR=$([[ ${PV} == *_rc* ]] && echo /test
+ [[ ${PV} == *.*.*.* ]] && echo /fixes)
+COMM_URI="https://downloads.exim.org/exim4${SDIR}"
+
+DESCRIPTION="A highly configurable, drop-in replacement for sendmail"
+SRC_URI="${COMM_URI}/${P//_rc/-RC}.tar.xz
+ mirror://gentoo/system_filter.exim.gz
+ doc? ( ${COMM_URI}/${PN}-pdf-${PV//_rc/-RC}.tar.xz )"
+HOMEPAGE="https://www.exim.org/"
+
+SLOT="0"
+LICENSE="GPL-2"
+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~ppc ~ppc64 ~sparc ~x86 ~x86-solaris"
+
+COMMON_DEPEND=">=sys-apps/sed-4.0.5
+ dev-libs/libpcre:=
+ tdb? ( sys-libs/tdb:= )
+ !tdb? ( berkdb? ( >=sys-libs/db-3.2:= <sys-libs/db-6:= ) )
+ !tdb? ( !berkdb? ( sys-libs/gdbm:= ) )
+ idn? ( net-dns/libidn:= net-dns/libidn2:= )
+ perl? ( dev-lang/perl:= )
+ pam? ( sys-libs/pam )
+ tcpd? ( sys-apps/tcp-wrappers )
+ ssl? (
+ gnutls? (
+ net-libs/gnutls:0=[pkcs11?]
+ dev-libs/libtasn1
+ )
+ !gnutls? (
+ dev-libs/openssl:0=
+ )
+ )
+ ldap? ( >=net-nds/openldap-2.0.7 )
+ elibc_glibc? (
+ net-libs/libnsl
+ nis? (
+ net-libs/libtirpc
+ >=net-libs/libnsl-1:=
+ )
+ )
+ mysql? ( dev-db/mysql-connector-c:= )
+ postgres? ( dev-db/postgresql:= )
+ sasl? ( >=dev-libs/cyrus-sasl-2.1.26-r2 )
+ redis? ( dev-libs/hiredis )
+ spf? ( >=mail-filter/libspf2-1.2.5-r1 )
+ dmarc? ( mail-filter/opendmarc:= )
+ srs? ( srs-alt? ( mail-filter/libsrs_alt ) )
+ X? (
+ x11-libs/libX11
+ x11-libs/libXmu
+ x11-libs/libXt
+ x11-libs/libXaw
+ )
+ sqlite? ( dev-db/sqlite )
+ radius? ( net-dialup/freeradius-client )
+ virtual/libcrypt:=
+ virtual/libiconv
+ "
+ # added X check for #57206
+BDEPEND="virtual/pkgconfig"
+DEPEND="${COMMON_DEPEND}"
+RDEPEND="${COMMON_DEPEND}
+ !mail-mta/courier
+ !mail-mta/esmtp
+ !mail-mta/mini-qmail
+ !<mail-mta/msmtp-1.4.19-r1
+ !>=mail-mta/msmtp-1.4.19-r1[mta]
+ !mail-mta/netqmail
+ !mail-mta/nullmailer
+ !mail-mta/postfix
+ !mail-mta/qmail-ldap
+ !mail-mta/sendmail
+ !mail-mta/opensmtpd
+ !<mail-mta/ssmtp-2.64-r2
+ !>=mail-mta/ssmtp-2.64-r2[mta]
+ !net-mail/mailwrapper
+ >=net-mail/mailbase-0.00-r5
+ virtual/logger
+ dcc? ( mail-filter/dcc )
+ selinux? ( sec-policy/selinux-exim )
+ "
+
+S=${WORKDIR}/${P//_rc/-RC}
+
+src_prepare() {
+ # Legacy patches which need a respin for -p1
+ eapply -p0 "${FILESDIR}"/exim-4.14-tail.patch
+ eapply -p0 "${FILESDIR}"/exim-4.74-radius-db-ENV-clash.patch # 287426
+ eapply "${FILESDIR}"/exim-4.93-as-needed-ldflags.patch # 352265, 391279
+ eapply -p0 "${FILESDIR}"/exim-4.76-crosscompile.patch # 266591
+ eapply "${FILESDIR}"/exim-4.69-r1.27021.patch
+ eapply "${FILESDIR}"/exim-4.94-localscan_dlopen.patch
+ eapply "${FILESDIR}"/exim-4.94.2-fix-crash-resolve.patch # 799368 upstr
+
+ # for this reason we have a := dep on opendmarc, they changed their
+ # API in a minor release
+ if use dmarc && has_version ">=mail-filter/opendmarc-1.4" ; then
+ eapply "${FILESDIR}"/exim-4.94-opendmarc-1.4.patch
+ fi
+
+ if use maildir ; then
+ eapply "${FILESDIR}"/exim-4.94-maildir.patch
+ else
+ eapply -p0 "${FILESDIR}"/exim-4.80-spool-mail-group.patch # 438606
+ fi
+
+ eapply_user
+
+ # user Exim believes it should be
+ MAILUSER=mail
+ MAILGROUP=mail
+ if use prefix && [[ ${EUID} != 0 ]] ; then
+ MAILUSER=$(id -un)
+ MAILGROUP=$(id -gn)
+ fi
+}
+
+src_configure() {
+ # general config and paths
+
+ local aliases="${EPREFIX}/etc/mail/aliases"
+ sed -i \
+ -e "/SYSTEM_ALIASES_FILE/s'SYSTEM_ALIASES_FILE'${aliases}'" \
+ src/configure.default || die
+
+ sed -i -e 's/^buildname=.*/buildname=exim-gentoo/' Makefile || die
+
+ if use elibc_musl; then
+ sed -i -e 's/^LIBS = -lnsl/LIBS =/g' OS/Makefile-Linux || die
+ fi
+
+ local conffile="${EPREFIX}/etc/exim/exim.conf"
+ sed -e "48i\CFLAGS=${CFLAGS}" \
+ -e "s:BIN_DIRECTORY=/usr/exim/bin:BIN_DIRECTORY=${EPREFIX}/usr/sbin:" \
+ -e "s;EXIM_USER=;EXIM_USER=ref:${MAILUSER};" \
+ -e "s:CONFIGURE_FILE=.*$:CONFIGURE_FILE=${conffile}:" \
+ -e "s:ZCAT_COMMAND=.*$:ZCAT_COMMAND=${EPREFIX}/bin/zcat:" \
+ -e "s:COMPRESS_COMMAND=.*$:COMPRESS_COMMAND=${EPREFIX}/bin/gzip:" \
+ src/EDITME > Local/Makefile || die
+
+ # work on Local/Makefile from now on
+ cd Local
+
+ cat >> Makefile <<- EOC
+ INFO_DIRECTORY=${EPREFIX}/usr/share/info
+ PID_FILE_PATH=${EPREFIX}/run/exim.pid
+ SPOOL_DIRECTORY=${EPREFIX}/var/spool/exim
+ HAVE_ICONV=yes
+ EOC
+
+ # configure db implementation, Exim always needs one for its hints
+ # database, we prefer tdb and gdbm, since bdb is kind of getting
+ # less and less support
+ if use tdb ; then
+ cat >> Makefile <<- EOC
+ USE_TDB=yes
+ DBMLIB = -ltdb
+ EOC
+ sed -i -e 's:^USE_DB=yes:# USE_DB=yes:' Makefile || die
+ sed -i -e 's:^USE_GDBM=yes:# USE_GDBM=yes:' Makefile || die
+ elif use berkdb ; then
+ # use the "native" interfaces to the DBM and CDB libraries, support
+ # passwd and directory lookups by default
+ local DB_VERS="5.3 5.1 4.8 4.7 4.6 4.5 4.4 4.3 4.2 3.2"
+ cat >> Makefile <<- EOC
+ USE_DB=yes
+ # keep include in CFLAGS because exim.h -> dbstuff.h -> db.h
+ CFLAGS += -I$(db_includedir ${DB_VERS})
+ DBMLIB = -l$(db_libname ${DB_VERS})
+ EOC
+ sed -i -e 's:^USE_GDBM=yes:# USE_GDBM=yes:' Makefile || die
+ sed -i -e 's:^USE_TDB=yes:# USE_TDB=yes:' Makefile || die
+ else # must be gdbm via required_use
+ cat >> Makefile <<- EOC
+ USE_GDBM=yes
+ DBMLIB = -lgdbm
+ EOC
+ sed -i -e 's:^USE_DB=yes:# USE_DB=yes:' Makefile || die
+ sed -i -e 's:^USE_TDB=yes:# USE_TDB=yes:' Makefile || die
+ fi
+
+ # if we use libiconv, now is the time to tell so
+ if use !elibc_glibc && use !elibc_musl ; then
+ cat >> Makefile <<- EOC
+ EXTRALIBS_EXIM=-liconv
+ EOC
+ fi
+
+ # support for IPv6
+ if use ipv6; then
+ cat >> Makefile <<- EOC
+ HAVE_IPV6=YES
+ EOC
+ fi
+
+ # support i18n/IDNA
+ if use idn; then
+ cat >> Makefile <<- EOC
+ SUPPORT_I18N=yes
+ SUPPORT_I18N_2008=yes
+ EXTRALIBS_EXIM += -lidn -lidn2
+ EOC
+ fi
+
+ #
+ # mail storage formats
+ #
+
+ # mailstore is Exim's traditional storage format
+ cat >> Makefile <<- EOC
+ SUPPORT_MAILSTORE=yes
+ EOC
+
+ # mbox
+ if use mbx; then
+ cat >> Makefile <<- EOC
+ SUPPORT_MBX=yes
+ EOC
+ fi
+
+ # maildir
+ if use maildir; then
+ cat >> Makefile <<- EOC
+ SUPPORT_MAILDIR=yes
+ EOC
+ fi
+
+ #
+ # lookup methods
+ #
+
+ # support passwd and directory lookups by default
+ cat >> Makefile <<- EOC
+ LOOKUP_CDB=yes
+ LOOKUP_PASSWD=yes
+ LOOKUP_DSEARCH=yes
+ EOC
+
+ if ! use dnsdb; then
+ # DNSDB lookup is enabled by default
+ sed -i -e 's:^LOOKUP_DNSDB=yes:# LOOKUP_DNSDB=yes:' Makefile || die
+ fi
+
+ if use ldap; then
+ cat >> Makefile <<- EOC
+ LOOKUP_LDAP=yes
+ LDAP_LIB_TYPE=OPENLDAP2
+ LOOKUP_INCLUDE += -I"${EPREFIX}"/usr/include/ldap
+ LOOKUP_LIBS += -lldap -llber
+ EOC
+ fi
+
+ if use mysql; then
+ cat >> Makefile <<- EOC
+ LOOKUP_MYSQL=yes
+ LOOKUP_INCLUDE += $(mysql_config --include)
+ LOOKUP_LIBS += $(mysql_config --libs)
+ EOC
+ fi
+
+ if use nis; then
+ cat >> Makefile <<- EOC
+ LOOKUP_NIS=yes
+ LOOKUP_NISPLUS=yes
+ EOC
+ if use elibc_glibc ; then
+ cat >> Makefile <<- EOC
+ LOOKUP_INCLUDE += -I"${EPREFIX}"/usr/include/tirpc
+ LOOKUP_LIBS += -lnsl
+ EOC
+ fi
+ fi
+
+ if use postgres; then
+ cat >> Makefile <<- EOC
+ LOOKUP_PGSQL=yes
+ LOOKUP_INCLUDE += -I$(pg_config --includedir)
+ LOOKUP_LIBS += -L$(pg_config --libdir) -lpq
+ EOC
+ fi
+
+ if use sqlite; then
+ cat >> Makefile <<- EOC
+ LOOKUP_SQLITE=yes
+ LOOKUP_SQLITE_PC=sqlite3
+ EOC
+ fi
+
+ if use redis; then
+ cat >> Makefile <<- EOC
+ LOOKUP_REDIS=yes
+ LOOKUP_LIBS += -lhiredis
+ EOC
+ fi
+
+ # Exim monitor, enabled by default, controlled via X USE-flag,
+ # disable if not requested, bug #46778
+ if use X; then
+ cp ../exim_monitor/EDITME eximon.conf || die
+ cat >> Makefile <<- EOC
+ EXIM_MONITOR=eximon.bin
+ EOC
+ fi
+
+ #
+ # features
+ #
+
+ # content scanning support
+ if use exiscan-acl; then
+ cat >> Makefile <<- EOC
+ WITH_CONTENT_SCAN=yes
+ EOC
+ fi
+
+ # DomainKeys Identified Mail, RFC4871
+ if ! use dkim; then
+ # DKIM is enabled by default
+ cat >> Makefile <<- EOC
+ DISABLE_DKIM=yes
+ EOC
+ fi
+
+ # Per-Recipient-Data-Response
+ if ! use prdr; then
+ # PRDR is enabled by default
+ cat >> Makefile <<- EOC
+ DISABLE_PRDR=yes
+ EOC
+ fi
+
+ # Transport post-delivery actions
+ if use !tpda && use !dane; then
+ # EVENT is enabled by default
+ cat >> Makefile <<- EOC
+ DISABLE_EVENT=yes
+ EOC
+ fi
+
+ # log to syslog
+ if use syslog; then
+ local eximlog="${EPREFIX}/var/log/exim/exim_%s.log"
+ sed -i \
+ -e "s:LOG_FILE_PATH=${eximlog}:LOG_FILE_PATH=syslog:" \
+ Makefile || die
+ cat >> Makefile <<- EOC
+ LOG_FILE_PATH=syslog
+ EOC
+ else
+ cat >> Makefile <<- EOC
+ LOG_FILE_PATH=${EPREFIX}/var/log/exim/exim_%s.log
+ EOC
+ fi
+
+ # starttls support (ssl)
+ if use ssl; then
+ if use gnutls; then
+ echo "USE_GNUTLS=yes" >> Makefile
+ echo "USE_GNUTLS_PC=gnutls $(use dane && echo gnutls-dane)" \
+ >> Makefile
+ use pkcs11 || echo "AVOID_GNUTLS_PKCS11=yes" >> Makefile
+ else
+ echo "USE_OPENSSL=yes" >> Makefile
+ echo "USE_OPENSSL_PC=openssl" >> Makefile
+ fi
+ else
+ echo "DISABLE_TLS=yes" >> Makefile
+ fi
+
+ # TCP wrappers
+ if use tcpd; then
+ cat >> Makefile <<- EOC
+ USE_TCP_WRAPPERS=yes
+ EXTRALIBS_EXIM += -lwrap
+ EOC
+ fi
+
+ # Light Mail Transport Protocol
+ if use lmtp; then
+ cat >> Makefile <<- EOC
+ TRANSPORT_LMTP=yes
+ EOC
+ fi
+
+ # embedded Perl
+ if use perl; then
+ cat >> Makefile <<- EOC
+ EXIM_PERL=perl.o
+ EOC
+ fi
+
+ # dlfunc
+ if use dlfunc; then
+ cat >> Makefile <<- EOC
+ EXPAND_DLFUNC=yes
+ HAVE_LOCAL_SCAN=yes
+ DLOPEN_LOCAL_SCAN=yes
+ EOC
+ fi
+
+ # Proxy Protocol
+ if use proxy; then
+ cat >> Makefile <<- EOC
+ SUPPORT_PROXY=yes
+ EOC
+ fi
+
+ # SOCKS5 (outbound) proxy support
+ if use socks5; then
+ cat >> Makefile <<- EOC
+ SUPPORT_SOCKS=yes
+ EOC
+ fi
+
+ # DANE
+ if use !dane; then
+ # DANE is enabled by default
+ sed -i -e 's:^SUPPORT_DANE=yes:# SUPPORT_DANE=yes:' Makefile || die
+ fi
+
+ # DMARC
+ if use dmarc; then
+ cat >> Makefile <<- EOC
+ SUPPORT_DMARC=yes
+ EXTRALIBS_EXIM += -lopendmarc
+ EOC
+ fi
+
+ # Sender Policy Framework
+ if use spf; then
+ cat >> Makefile <<- EOC
+ SUPPORT_SPF=yes
+ EXTRALIBS_EXIM += -lspf2
+ EOC
+ fi
+
+ #
+ # experimental features
+ #
+
+ # Authenticated Receive Chain
+ if use arc; then
+ echo "EXPERIMENTAL_ARC=yes">> Makefile
+ fi
+
+ # Distributed Checksum Clearinghouse
+ if use dcc; then
+ echo "EXPERIMENTAL_DCC=yes">> Makefile
+ fi
+
+ # Sender Rewriting Scheme
+ if use srs; then
+ # NOTE: we currently USE-default to srs-alt, because this is
+ # what USE=srs used to be. Eventually we want to rid ourselves
+ # of this external implementation.
+ if use srs-alt; then
+ # historical default, from 4.95 this becomes
+ # EXPERIMENTAL_SRS_ALT
+ cat >> Makefile <<- EOC
+ EXPERIMENTAL_SRS=yes
+ EXTRALIBS_EXIM += -lsrs_alt
+ EOC
+ fi
+ if use srs-native; then
+ # this one becomes SUPPORT_SRS in 4.95
+ cat >> Makefile <<- EOC
+ EXPERIMENTAL_SRS_NATIVE=yes
+ EOC
+ fi
+ fi
+
+ # Delivery Sender Notifications extra information in fail message
+ if use dsn; then
+ cat >> Makefile <<- EOC
+ EXPERIMENTAL_DSN_INFO=yes
+ EOC
+ fi
+
+ #
+ # authentication (SMTP AUTH)
+ #
+
+ # standard bits
+ cat >> Makefile <<- EOC
+ AUTH_SPA=yes
+ AUTH_CRAM_MD5=yes
+ AUTH_PLAINTEXT=yes
+ EOC
+
+ # Cyrus SASL
+ if use sasl; then
+ cat >> Makefile <<- EOC
+ CYRUS_SASLAUTHD_SOCKET=${EPREFIX}/run/saslauthd/mux
+ AUTH_CYRUS_SASL=yes
+ AUTH_LIBS += -lsasl2
+ EOC
+ fi
+
+ # Dovecot
+ if use dovecot-sasl; then
+ cat >> Makefile <<- EOC
+ AUTH_DOVECOT=yes
+ EOC
+ fi
+
+ # Pluggable Authentication Modules
+ if use pam; then
+ cat >> Makefile <<- EOC
+ SUPPORT_PAM=yes
+ AUTH_LIBS += -lpam
+ EOC
+ fi
+
+ # Radius
+ if use radius; then
+ cat >> Makefile <<- EOC
+ RADIUS_CONFIG_FILE=${EPREFIX}/etc/radiusclient/radiusclient.conf
+ RADIUS_LIB_TYPE=RADIUSCLIENTNEW
+ AUTH_LIBS += -lfreeradius-client
+ EOC
+ fi
+}
+
+src_compile() {
+ emake CC="$(tc-getCC)" HOSTCC="$(tc-getBUILD_CC)" \
+ AR="$(tc-getAR) cq" RANLIB="$(tc-getRANLIB)" FULLECHO=''
+}
+
+src_install() {
+ cd "${S}"/build-exim-gentoo || die
+ dosbin exim
+ if use X; then
+ dosbin eximon.bin
+ dosbin eximon
+ fi
+ fperms 4755 /usr/sbin/exim
+
+ dosym exim /usr/sbin/sendmail
+ dosym exim /usr/sbin/rsmtp
+ dosym exim /usr/sbin/rmail
+ dosym ../sbin/exim /usr/bin/mailq
+ dosym ../sbin/exim /usr/bin/newaliases
+ dosym ../sbin/sendmail /usr/lib/sendmail
+
+ for i in exicyclog exim_dbmbuild exim_dumpdb exim_fixdb exim_lock \
+ exim_tidydb exinext exiwhat exigrep eximstats exiqsumm exiqgrep \
+ convert4r3 convert4r4 exipick
+ do
+ dosbin $i
+ done
+
+ dodoc -r "${S}"/doc/.
+ doman "${S}"/doc/exim.8
+ use dsn && dodoc "${S}"/README.DSN
+ use doc && dodoc "${WORKDIR}"/${PN}-pdf-${PV//rc/RC}/doc/*.pdf
+
+ # conf files
+ insinto /etc/exim
+ newins "${S}"/src/configure.default exim.conf.dist
+ if use exiscan-acl; then
+ newins "${S}"/src/configure.default exim.conf.exiscan-acl
+ fi
+ doins "${WORKDIR}"/system_filter.exim
+ doins "${FILESDIR}"/auth_conf.sub
+
+ if use pam; then
+ pamd_mimic system-auth exim auth account
+ fi
+
+ # headers, #436406
+ if use dlfunc ; then
+ # fixup includes so they actually can be found when including
+ sed -i \
+ -e '/#include "\(config\|store\|mytypes\).h"/s:"\(.\+\)":<exim/\1>:' \
+ local_scan.h || die
+ insinto /usr/include/exim
+ doins {config,local_scan}.h ../src/{mytypes,store}.h
+ fi
+
+ insinto /etc/logrotate.d
+ newins "${FILESDIR}/exim.logrotate" exim
+
+ newinitd "${FILESDIR}"/exim.rc10 exim
+ newconfd "${FILESDIR}"/exim.confd exim
+
+ systemd_dounit \
+ "${FILESDIR}"/{exim.service,exim.socket,exim-submission.socket}
+ systemd_newunit \
+ "${FILESDIR}"/exim_at.service 'exim@.service'
+ systemd_newunit \
+ "${FILESDIR}"/exim-submission_at.service 'exim-submission@.service'
+
+ diropts -m 0750 -o ${MAILUSER} -g ${MAILGROUP}
+ keepdir /var/log/${PN}
+}
+
+pkg_postinst() {
+ if [[ ! -f ${EROOT}/etc/exim/exim.conf ]] ; then
+ einfo "${EROOT}/etc/exim/system_filter.exim is a sample system_filter."
+ einfo "${EROOT}/etc/exim/auth_conf.sub contains the configuration sub"
+ einfo "for using smtp auth."
+ einfo "Please create ${EROOT}/etc/exim/exim.conf from"
+ einfo " ${EROOT}/etc/exim/exim.conf.dist."
+ fi
+ if use dmarc ; then
+ einfo "DMARC support requires ${EROOT}/etc/exim/opendmarc.tlds"
+ einfo "you can populate this file with the contents downloaded from"
+ einfo " https://publicsuffix.org/list/public_suffix_list.dat"
+ fi
+ if use dcc ; then
+ einfo "DCC support is experimental, you can find some limited"
+ einfo "documentation at the bottom of this prerelease message:"
+ einfo " http://article.gmane.org/gmane.mail.exim.devel/3579"
+ fi
+ if use srs ; then
+ einfo "SRS support is experimental in this release of Exim"
+ if use srs-alt; then
+ elog "You are using libsrs_alt to implement SRS support."
+ elog "In future release of Exim, the native SRS implementation"
+ elog "(USE=srs-native) will become the default. Please prepare"
+ elog "your package.use or switch to USE=srs-native now."
+ fi
+ fi
+ use dsn && einfo "extra information in fail DSN message is experimental"
+ einfo
+ elog "Note that this release contains a tainted variable check that"
+ elog "is likely to break your configuration used with Exim 4.93 and before."
+ elog "Please check your transports for occurences of \$local_part, and"
+ elog "use a replacement like \$local_part_data where possible."
+}
diff --git a/mail-mta/exim/files/exim-4.94.2-fix-crash-resolve.patch b/mail-mta/exim/files/exim-4.94.2-fix-crash-resolve.patch
new file mode 100644
index 00000000000..27e68bfdd74
--- /dev/null
+++ b/mail-mta/exim/files/exim-4.94.2-fix-crash-resolve.patch
@@ -0,0 +1,24 @@
+From d4bc023436e4cce7c23c5f8bb5199e178b4cc743 Mon Sep 17 00:00:00 2001
+From: "Heiko Schlittermann (HS12-RIPE)" <hs@schlittermann.de>
+Date: Sun, 16 May 2021 19:11:19 +0200
+Subject: [PATCH] Fix host_name_lookup (Close 2747)
+
+https://bugs.exim.org/show_bug.cgi?id=2747
+
+(cherry picked from commit 20812729e3e47a193a21d326ecd036d67a8b2724)
+---
+ src/src/host.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/src/src/host.c b/src/src/host.c
+--- a/src/host.c
++++ b/src/host.c
+@@ -1691,7 +1691,7 @@ while ((ordername = string_nextinlist(&list, &sep, NULL, 0)))
+ {
+ uschar **aptr = NULL;
+ int ssize = 264;
+- int count = 0;
++ int count = 1; /* need 1 more for terminating NULL */
+ int old_pool = store_pool;
+
+ sender_host_dnssec = dns_is_secure(dnsa);
^ permalink raw reply related [flat|nested] 24+ messages in thread
* [gentoo-commits] repo/gentoo:master commit in: mail-mta/exim/files/, mail-mta/exim/
@ 2021-09-29 6:32 Fabian Groffen
0 siblings, 0 replies; 24+ messages in thread
From: Fabian Groffen @ 2021-09-29 6:32 UTC (permalink / raw
To: gentoo-commits
commit: 78d56e74ed18bae2388545dd5d0fead806452786
Author: Fabian Groffen <grobian <AT> gentoo <DOT> org>
AuthorDate: Wed Sep 29 06:31:54 2021 +0000
Commit: Fabian Groffen <grobian <AT> gentoo <DOT> org>
CommitDate: Wed Sep 29 06:31:54 2021 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=78d56e74
mail-mta/exim-4.95: version bump, change of srs default
Package-Manager: Portage-3.0.20, Repoman-3.0.3
Signed-off-by: Fabian Groffen <grobian <AT> gentoo.org>
mail-mta/exim/Manifest | 2 +
.../{exim-4.94.2-r5.ebuild => exim-4.95.ebuild} | 28 ++-
.../exim/files/exim-4.95-localscan_dlopen.patch | 221 +++++++++++++++++++++
3 files changed, 236 insertions(+), 15 deletions(-)
diff --git a/mail-mta/exim/Manifest b/mail-mta/exim/Manifest
index 3a31f9eb19f..b87cdd7fa6a 100644
--- a/mail-mta/exim/Manifest
+++ b/mail-mta/exim/Manifest
@@ -1,3 +1,5 @@
DIST exim-4.94.2.tar.xz 1838076 BLAKE2B 684e115a7af3efdab15451f8e11f9b53455c9166d8c078216d7a95223d77569cec8a882ed99b9180acbd8a9e747a0bca03d56993d011de15dc35143a989ab046 SHA512 5334c236221ed4e03dbc33e6a79d939b06037fa2f4b71971607a360b67af5c85a89681ee13a5eeaf0184382c55a160cf2e89ed7afb2949f025a54f1e88f9e3fc
+DIST exim-4.95.tar.xz 1865172 BLAKE2B 0dc8dbc394c1bf4c6075e6ae1c1609b3f41841b2bb4c210d7353e4ad28ab38f905b6c245539bfa772512e2a9baf2dcc855e31d6ccb14ab49077f8da4fe6f1d0b SHA512 93d09c20d99f27da5edbe3e6dc7d25aa4548faa2b67ca26f2cc0b4aeaf58398dd468e0263714fcf0df97531f05d16fcd3f1f0e9d0656ead7858a66b248a44a65
DIST exim-pdf-4.94.2.tar.xz 2092248 BLAKE2B 973ab4f117fdb58afa017bc41b4496fac1277e707a9926d67317c455b0bd617021c17cba6c8d793d8962aacef12c0790d5add7174017512b7b1ea070f8e8533d SHA512 3a661f69d81a992798d4b7e5b7def7cfffa297a7b3c02a6631be426cefff5a6e8783fa322a1bd105d01f7b06968d01e77963e6ab7be3157f63eb62eb6ff172b0
+DIST exim-pdf-4.95.tar.xz 2117384 BLAKE2B ac310ec7741110a067f2df135b6397a8219e48a1e8989c66118f6c62820467e6f7b1c391799ff9b7ddef7896e1340208c4bed21f126014fa94c24d338f681f94 SHA512 47f30f3c82fe2cb5b0836594b325da1d255c53d2514af90e720d4bf6c74cff43d4a6b1ab5fb7b148253e5330da74e8ebb80e29b3a08fbe1faed2f004476c9d6a
DIST system_filter.exim.gz 3075 BLAKE2B d05e872b5cef377d29126cda03fc0a74c8777b2119b76ff43da6e8de808035eb9bfcb034a85d81824f135d484e864bfc0629fc1af2c228a7277d5ee7cf9cde79 SHA512 cb358d3ce2499a0bb5920d962a06f2af8486e55ec90c8c928bd8e3aefb279aa57f5f960d5adfcef68bd94110b405eaa144e9629cfe6014a529c79c544600bbf3
diff --git a/mail-mta/exim/exim-4.94.2-r5.ebuild b/mail-mta/exim/exim-4.95.ebuild
similarity index 95%
rename from mail-mta/exim/exim-4.94.2-r5.ebuild
rename to mail-mta/exim/exim-4.95.ebuild
index d664f4b1c8d..43c4cb4797f 100644
--- a/mail-mta/exim/exim-4.94.2-r5.ebuild
+++ b/mail-mta/exim/exim-4.95.ebuild
@@ -8,7 +8,7 @@ inherit db-use toolchain-funcs multilib pam systemd
IUSE="arc berkdb +dane dcc +dkim dlfunc dmarc +dnsdb doc dovecot-sasl
dsn elibc_glibc exiscan-acl gdbm gnutls idn ipv6 ldap lmtp maildir mbx
mysql nis pam perl pkcs11 postgres +prdr proxy radius redis sasl selinux
-socks5 spf sqlite srs +srs-alt srs-native +ssl syslog tdb tcpd +tpda X"
+socks5 spf sqlite srs srs-alt +srs-native +ssl syslog tdb tcpd +tpda X"
REQUIRED_USE="
arc? ( dkim spf )
dane? ( ssl !gnutls )
@@ -124,7 +124,7 @@ src_prepare() {
eapply "${FILESDIR}"/exim-4.93-as-needed-ldflags.patch # 352265, 391279
eapply -p0 "${FILESDIR}"/exim-4.76-crosscompile.patch # 266591
eapply "${FILESDIR}"/exim-4.69-r1.27021.patch
- eapply "${FILESDIR}"/exim-4.94-localscan_dlopen.patch
+ eapply "${FILESDIR}"/exim-4.95-localscan_dlopen.patch
# for this reason we have a := dep on opendmarc, they changed their
# API in a minor release
@@ -488,17 +488,16 @@ src_configure() {
# what USE=srs used to be. Eventually we want to rid ourselves
# of this external implementation.
if use srs-alt; then
- # historical default, from 4.95 this becomes
- # EXPERIMENTAL_SRS_ALT
+ # historical default, until 4.95
cat >> Makefile <<- EOC
- EXPERIMENTAL_SRS=yes
+ EXPERIMENTAL_SRS_ALT=yes
EXTRALIBS_EXIM += -lsrs_alt
EOC
fi
if use srs-native; then
- # this one becomes SUPPORT_SRS in 4.95
+ # this one is the default/supported variant since 4.95
cat >> Makefile <<- EOC
- EXPERIMENTAL_SRS_NATIVE=yes
+ SUPPORT_SRS=yes
EOC
fi
fi
@@ -646,14 +645,13 @@ pkg_postinst() {
einfo "documentation at the bottom of this prerelease message:"
einfo " http://article.gmane.org/gmane.mail.exim.devel/3579"
fi
- if use srs ; then
- einfo "SRS support is experimental in this release of Exim"
- if use srs-alt; then
- elog "You are using libsrs_alt to implement SRS support."
- elog "In future release of Exim, the native SRS implementation"
- elog "(USE=srs-native) will become the default. Please prepare"
- elog "your package.use or switch to USE=srs-native now."
- fi
+ if use srs-alt; then
+ einfo "SRS support using libsrs_alt is experimental in this"
+ einfo "release of Exim"
+ elog "You are using libsrs_alt to implement SRS support."
+ elog "The native SRS implementation (USE=srs-native) is the"
+ elog "default implementation, which means libsrs_alt may go"
+ elog "away in a future release."
fi
use dsn && einfo "extra information in fail DSN message is experimental"
einfo
diff --git a/mail-mta/exim/files/exim-4.95-localscan_dlopen.patch b/mail-mta/exim/files/exim-4.95-localscan_dlopen.patch
new file mode 100644
index 00000000000..320cc9936da
--- /dev/null
+++ b/mail-mta/exim/files/exim-4.95-localscan_dlopen.patch
@@ -0,0 +1,221 @@
+Only in exim-4.95: dlopen.patch
+diff -aur exim-4.95.orig/src/config.h.defaults exim-4.95/src/config.h.defaults
+--- exim-4.95.orig/src/config.h.defaults 2021-09-28 10:24:46.000000000 +0200
++++ exim-4.95/src/config.h.defaults 2021-09-29 08:20:03.677883649 +0200
+@@ -35,6 +35,8 @@
+
+ #define AUTH_VARS 4
+
++#define DLOPEN_LOCAL_SCAN
++
+ #define BIN_DIRECTORY
+
+ #define CONFIGURE_FILE
+Only in exim-4.95/src: config.h.defaults.orig
+diff -aur exim-4.95.orig/src/EDITME exim-4.95/src/EDITME
+--- exim-4.95.orig/src/EDITME 2021-09-28 10:24:46.000000000 +0200
++++ exim-4.95/src/EDITME 2021-09-29 08:20:03.678883649 +0200
+@@ -883,6 +883,24 @@
+
+
+ #------------------------------------------------------------------------------
++# On systems which support dynamic loading of shared libraries, Exim can
++# load a local_scan function specified in its config file instead of having
++# to be recompiled with the desired local_scan function. For a full
++# description of the API to this function, see the Exim specification.
++
++#DLOPEN_LOCAL_SCAN=yes
++
++# If you set DLOPEN_LOCAL_SCAN, then you need to include -rdynamic in the
++# linker flags. Without it, the loaded .so won't be able to access any
++# functions from exim.
++
++LFLAGS = -rdynamic
++ifeq ($(OSTYPE),Linux)
++LFLAGS += -ldl
++endif
++
++
++#------------------------------------------------------------------------------
+ # The default distribution of Exim contains only the plain text form of the
+ # documentation. Other forms are available separately. If you want to install
+ # the documentation in "info" format, first fetch the Texinfo documentation
+Only in exim-4.95/src: EDITME.orig
+diff -aur exim-4.95.orig/src/globals.c exim-4.95/src/globals.c
+--- exim-4.95.orig/src/globals.c 2021-09-28 10:24:46.000000000 +0200
++++ exim-4.95/src/globals.c 2021-09-29 08:20:03.679883649 +0200
+@@ -42,6 +42,10 @@
+
+ uschar *no_aliases = NULL;
+
++#ifdef DLOPEN_LOCAL_SCAN
++uschar *local_scan_path = NULL;
++#endif
++
+
+ /* For comments on these variables, see globals.h. I'm too idle to
+ duplicate them here... */
+Only in exim-4.95/src: globals.c.orig
+diff -aur exim-4.95.orig/src/globals.h exim-4.95/src/globals.h
+--- exim-4.95.orig/src/globals.h 2021-09-28 10:24:46.000000000 +0200
++++ exim-4.95/src/globals.h 2021-09-29 08:20:03.680883648 +0200
+@@ -170,6 +170,9 @@
+ extern int (*receive_ferror)(void);
+ extern BOOL (*receive_smtp_buffered)(void);
+
++#ifdef DLOPEN_LOCAL_SCAN
++extern uschar *local_scan_path; /* Path to local_scan() library */
++#endif
+
+ /* For clearing, saving, restoring address expansion variables. We have to have
+ the size of this vector set explicitly, because it is referenced from more than
+Only in exim-4.95/src: globals.h.orig
+diff -aur exim-4.95.orig/src/local_scan.c exim-4.95/src/local_scan.c
+--- exim-4.95.orig/src/local_scan.c 2021-09-28 10:24:46.000000000 +0200
++++ exim-4.95/src/local_scan.c 2021-09-29 08:23:33.756785663 +0200
+@@ -54,10 +54,130 @@
+ is used in the rejection message.
+ */
+
++#ifdef DLOPEN_LOCAL_SCAN
++# include <stdlib.h>
++# include <dlfcn.h>
++static int (*local_scan_fn)(int fd, uschar **return_text) = NULL;
++static int load_local_scan_library(void);
++extern uschar *local_scan_path; /* Path to local_scan() library */
++#endif
++
+ int
+ local_scan(int fd, uschar **return_text)
+ {
+-return LOCAL_SCAN_ACCEPT;
++#ifdef DLOPEN_LOCAL_SCAN
++/* local_scan_path is defined AND not the empty string */
++if (local_scan_path && *local_scan_path)
++ {
++ if (!local_scan_fn)
++ {
++ if (!load_local_scan_library())
++ {
++ char *base_msg , *error_msg , *final_msg ;
++ int final_length = -1 ;
++
++ base_msg=US"Local configuration error - local_scan() library failure\n";
++ error_msg = dlerror() ;
++
++ final_length = strlen(base_msg) + strlen(error_msg) + 1 ;
++ final_msg = (char*)malloc( final_length*sizeof(char) ) ;
++ *final_msg = '\0' ;
++
++ strcat( final_msg , base_msg ) ;
++ strcat( final_msg , error_msg ) ;
++
++ *return_text = final_msg ;
++ return LOCAL_SCAN_TEMPREJECT;
++ }
++ }
++ return local_scan_fn(fd, return_text);
++ }
++else
++#endif
++ return LOCAL_SCAN_ACCEPT;
++}
++
++#ifdef DLOPEN_LOCAL_SCAN
++
++static int load_local_scan_library(void)
++{
++/* No point in keeping local_scan_lib since we'll never dlclose() anyway */
++void *local_scan_lib = NULL;
++int (*local_scan_version_fn)(void);
++int vers_maj;
++int vers_min;
++
++local_scan_lib = dlopen(local_scan_path, RTLD_NOW);
++if (!local_scan_lib)
++ {
++ log_write(0, LOG_MAIN|LOG_REJECT, "local_scan() library open failed - "
++ "message temporarily rejected");
++ return FALSE;
++ }
++
++local_scan_version_fn = dlsym(local_scan_lib, "local_scan_version_major");
++if (!local_scan_version_fn)
++ {
++ dlclose(local_scan_lib);
++ log_write(0, LOG_MAIN|LOG_REJECT, "local_scan() library doesn't contain "
++ "local_scan_version_major() function - message temporarily rejected");
++ return FALSE;
++ }
++
++/* The major number is increased when the ABI is changed in a non
++ backward compatible way. */
++vers_maj = local_scan_version_fn();
++
++local_scan_version_fn = dlsym(local_scan_lib, "local_scan_version_minor");
++if (!local_scan_version_fn)
++ {
++ dlclose(local_scan_lib);
++ log_write(0, LOG_MAIN|LOG_REJECT, "local_scan() library doesn't contain "
++ "local_scan_version_minor() function - message temporarily rejected");
++ return FALSE;
++ }
++
++/* The minor number is increased each time a new feature is added (in a
++ way that doesn't break backward compatibility) -- Marc */
++vers_min = local_scan_version_fn();
++
++
++if (vers_maj != LOCAL_SCAN_ABI_VERSION_MAJOR)
++ {
++ dlclose(local_scan_lib);
++ local_scan_lib = NULL;
++ log_write(0, LOG_MAIN|LOG_REJECT, "local_scan() has an incompatible major"
++ "version number, you need to recompile your module for this version"
++ "of exim (The module was compiled for version %d.%d and this exim provides"
++ "ABI version %d.%d)", vers_maj, vers_min, LOCAL_SCAN_ABI_VERSION_MAJOR,
++ LOCAL_SCAN_ABI_VERSION_MINOR);
++ return FALSE;
++ }
++else if (vers_min > LOCAL_SCAN_ABI_VERSION_MINOR)
++ {
++ dlclose(local_scan_lib);
++ local_scan_lib = NULL;
++ log_write(0, LOG_MAIN|LOG_REJECT, "local_scan() has an incompatible minor"
++ "version number, you need to recompile your module for this version"
++ "of exim (The module was compiled for version %d.%d and this exim provides"
++ "ABI version %d.%d)", vers_maj, vers_min, LOCAL_SCAN_ABI_VERSION_MAJOR,
++ LOCAL_SCAN_ABI_VERSION_MINOR);
++ return FALSE;
++ }
++
++local_scan_fn = dlsym(local_scan_lib, "local_scan");
++if (!local_scan_fn)
++ {
++ dlclose(local_scan_lib);
++ log_write(0, LOG_MAIN|LOG_REJECT, "local_scan() library doesn't contain "
++ "local_scan() function - message temporarily rejected");
++ return FALSE;
++ }
++
++return TRUE;
+ }
+
++#endif /* DLOPEN_LOCAL_SCAN */
++
++
+ /* End of local_scan.c */
+diff -aur exim-4.95.orig/src/readconf.c exim-4.95/src/readconf.c
+--- exim-4.95.orig/src/readconf.c 2021-09-28 10:24:46.000000000 +0200
++++ exim-4.95/src/readconf.c 2021-09-29 08:20:03.682883647 +0200
+@@ -215,6 +215,9 @@
+ { "local_from_prefix", opt_stringptr, {&local_from_prefix} },
+ { "local_from_suffix", opt_stringptr, {&local_from_suffix} },
+ { "local_interfaces", opt_stringptr, {&local_interfaces} },
++#ifdef DLOPEN_LOCAL_SCAN
++ { "local_scan_path", opt_stringptr, {&local_scan_path} },
++#endif
+ #ifdef HAVE_LOCAL_SCAN
+ { "local_scan_timeout", opt_time, {&local_scan_timeout} },
+ #endif
+Only in exim-4.95/src: readconf.c.orig
^ permalink raw reply related [flat|nested] 24+ messages in thread
* [gentoo-commits] repo/gentoo:master commit in: mail-mta/exim/files/, mail-mta/exim/
@ 2022-10-19 7:53 Fabian Groffen
0 siblings, 0 replies; 24+ messages in thread
From: Fabian Groffen @ 2022-10-19 7:53 UTC (permalink / raw
To: gentoo-commits
commit: b74dc7a9c13b34133d3691993afdbebd7dd0f59e
Author: Fabian Groffen <grobian <AT> gentoo <DOT> org>
AuthorDate: Wed Oct 19 07:51:00 2022 +0000
Commit: Fabian Groffen <grobian <AT> gentoo <DOT> org>
CommitDate: Wed Oct 19 07:53:31 2022 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=b74dc7a9
mail-mta/exim: revbumps for use-after-free fixes, CVE-2022-3559, cleanup
Bug: https://bugs.gentoo.org/877607
Signed-off-by: Fabian Groffen <grobian <AT> gentoo.org>
mail-mta/exim/exim-4.94.2-r7.ebuild | 11 +--
...exim-4.94.2-r8.ebuild => exim-4.94.2-r9.ebuild} | 12 +--
.../{exim-4.96-r1.ebuild => exim-4.96-r2.ebuild} | 12 +--
mail-mta/exim/files/exim-4.94-CVE-2022-3559.patch | 99 ++++++++++++++++++++++
.../files/exim-4.96-dmarc_use_after_free.patch | 31 +++++++
5 files changed, 141 insertions(+), 24 deletions(-)
diff --git a/mail-mta/exim/exim-4.94.2-r7.ebuild b/mail-mta/exim/exim-4.94.2-r7.ebuild
index 4d949c4c4c01..2c3b5101c59f 100644
--- a/mail-mta/exim/exim-4.94.2-r7.ebuild
+++ b/mail-mta/exim/exim-4.94.2-r7.ebuild
@@ -3,7 +3,7 @@
EAPI="7"
-inherit db-use toolchain-funcs multilib pam systemd
+inherit db-use toolchain-funcs pam systemd
IUSE="arc +dane dcc +dkim dlfunc dmarc +dnsdb doc dovecot-sasl dsn exiscan-acl gnutls idn ipv6 ldap lmtp maildir mbx mysql nis pam perl pkcs11 postgres +prdr proxy radius redis sasl selinux spf sqlite srs +srs-alt srs-native +ssl syslog tcpd +tpda X"
REQUIRED_USE="
@@ -89,18 +89,13 @@ DEPEND="${COMMON_DEPEND}"
RDEPEND="${COMMON_DEPEND}
!mail-mta/courier
!mail-mta/esmtp
- !mail-mta/mini-qmail
- !<mail-mta/msmtp-1.4.19-r1
- !>=mail-mta/msmtp-1.4.19-r1[mta]
+ !mail-mta/msmtp[mta]
!mail-mta/netqmail
!mail-mta/nullmailer
!mail-mta/postfix
- !mail-mta/qmail-ldap
!mail-mta/sendmail
!mail-mta/opensmtpd
- !<mail-mta/ssmtp-2.64-r2
- !>=mail-mta/ssmtp-2.64-r2[mta]
- !net-mail/mailwrapper
+ !mail-mta/ssmtp[mta]
>=net-mail/mailbase-0.00-r5
virtual/logger
dcc? ( mail-filter/dcc )
diff --git a/mail-mta/exim/exim-4.94.2-r8.ebuild b/mail-mta/exim/exim-4.94.2-r9.ebuild
similarity index 98%
rename from mail-mta/exim/exim-4.94.2-r8.ebuild
rename to mail-mta/exim/exim-4.94.2-r9.ebuild
index 7cce1a0a02e3..c62c296b2534 100644
--- a/mail-mta/exim/exim-4.94.2-r8.ebuild
+++ b/mail-mta/exim/exim-4.94.2-r9.ebuild
@@ -3,7 +3,7 @@
EAPI="7"
-inherit db-use toolchain-funcs multilib pam systemd
+inherit db-use toolchain-funcs pam systemd
IUSE="arc berkdb +dane dcc +dkim dlfunc dmarc +dnsdb doc dovecot-sasl
dsn exiscan-acl gdbm gnutls idn ipv6 ldap lmtp maildir mbx
@@ -97,18 +97,13 @@ DEPEND="${COMMON_DEPEND}"
RDEPEND="${COMMON_DEPEND}
!mail-mta/courier
!mail-mta/esmtp
- !mail-mta/mini-qmail
- !<mail-mta/msmtp-1.4.19-r1
- !>=mail-mta/msmtp-1.4.19-r1[mta]
+ !mail-mta/msmtp[mta]
!mail-mta/netqmail
!mail-mta/nullmailer
!mail-mta/postfix
- !mail-mta/qmail-ldap
!mail-mta/sendmail
!mail-mta/opensmtpd
- !<mail-mta/ssmtp-2.64-r2
- !>=mail-mta/ssmtp-2.64-r2[mta]
- !net-mail/mailwrapper
+ !mail-mta/ssmtp[mta]
>=net-mail/mailbase-0.00-r5
virtual/logger
dcc? ( mail-filter/dcc )
@@ -126,6 +121,7 @@ src_prepare() {
eapply "${FILESDIR}"/exim-4.69-r1.27021.patch
eapply "${FILESDIR}"/exim-4.94-localscan_dlopen.patch
eapply "${FILESDIR}"/exim-4.94.2-fix-crash-resolve.patch # 799368 upstr
+ eapply "${FILESDIR}"/exim-4.94-CVE-2022-3559.patch # 877607 upstr
# for this reason we have a := dep on opendmarc, they changed their
# API in a minor release
diff --git a/mail-mta/exim/exim-4.96-r1.ebuild b/mail-mta/exim/exim-4.96-r2.ebuild
similarity index 98%
rename from mail-mta/exim/exim-4.96-r1.ebuild
rename to mail-mta/exim/exim-4.96-r2.ebuild
index 719ead900410..739a2fcdea96 100644
--- a/mail-mta/exim/exim-4.96-r1.ebuild
+++ b/mail-mta/exim/exim-4.96-r2.ebuild
@@ -3,7 +3,7 @@
EAPI="7"
-inherit db-use toolchain-funcs multilib pam systemd
+inherit db-use toolchain-funcs pam systemd
IUSE="arc berkdb +dane dcc +dkim dlfunc dmarc +dnsdb doc dovecot-sasl
dsn exiscan-acl gdbm gnutls idn ipv6 ldap lmtp maildir mbx
@@ -93,18 +93,13 @@ DEPEND="${COMMON_DEPEND}"
RDEPEND="${COMMON_DEPEND}
!mail-mta/courier
!mail-mta/esmtp
- !mail-mta/mini-qmail
- !<mail-mta/msmtp-1.4.19-r1
- !>=mail-mta/msmtp-1.4.19-r1[mta]
+ !mail-mta/msmtp[mta]
!mail-mta/netqmail
!mail-mta/nullmailer
!mail-mta/postfix
- !mail-mta/qmail-ldap
!mail-mta/sendmail
!mail-mta/opensmtpd
- !<mail-mta/ssmtp-2.64-r2
- !>=mail-mta/ssmtp-2.64-r2[mta]
- !net-mail/mailwrapper
+ !mail-mta/ssmtp[mta]
>=net-mail/mailbase-0.00-r5
virtual/logger
dcc? ( mail-filter/dcc )
@@ -121,6 +116,7 @@ src_prepare() {
eapply -p0 "${FILESDIR}"/exim-4.76-crosscompile.patch # 266591
eapply "${FILESDIR}"/exim-4.69-r1.27021.patch
eapply "${FILESDIR}"/exim-4.95-localscan_dlopen.patch
+ eapply -p2 "${FILESDIR}"/exim-4.96-dmarc_use_after_free.patch # upstr
# oddity, they disable berkdb as hack, and then throw an error when
# berkdb isn't enabled
diff --git a/mail-mta/exim/files/exim-4.94-CVE-2022-3559.patch b/mail-mta/exim/files/exim-4.94-CVE-2022-3559.patch
new file mode 100644
index 000000000000..9617c70d9e57
--- /dev/null
+++ b/mail-mta/exim/files/exim-4.94-CVE-2022-3559.patch
@@ -0,0 +1,99 @@
+Patch cleaned up for Gentoo
+- applied to 4.94
+- removed unnecessary whitespace changes
+
+From 4e9ed49f8f12eb331b29bd5b6dc3693c520fddc2 Mon Sep 17 00:00:00 2001
+From: Jeremy Harris <jgh146exb@wizmail.org>
+Date: Wed, 31 Aug 2022 15:37:40 +0100
+Subject: [PATCH 1/1] Fix $regex<n> use-after-free. Bug 2915
+
+--- exim-4.94.2/src/exim.c 2021-04-30 14:08:21.000000000 +0200
++++ exim-4.94.2/src/exim.c 2022-10-19 09:15:58.611447982 +0200
+@@ -1886,8 +1886,6 @@
+ regex_must_compile(US"^[A-Za-z0-9_/.-]*$", FALSE, TRUE);
+ #endif
+
+-for (i = 0; i < REGEX_VARS; i++) regex_vars[i] = NULL;
+-
+ /* If the program is called as "mailq" treat it as equivalent to "exim -bp";
+ this seems to be a generally accepted convention, since one finds symbolic
+ links called "mailq" in standard OS configurations. */
+@@ -5841,7 +5839,7 @@
+ deliver_localpart_data = deliver_domain_data =
+ recipient_data = sender_data = NULL;
+ acl_var_m = NULL;
+- for(int i = 0; i < REGEX_VARS; i++) regex_vars[i] = NULL;
++ regex_vars_clear();
+
+ store_reset(reset_point);
+ }
+--- exim-4.94.2/src/functions.h 2021-04-30 14:08:21.000000000 +0200
++++ exim-4.94.2/src/functions.h 2022-10-19 09:17:44.882122667 +0200
+@@ -417,6 +417,7 @@
+ #endif
+ extern BOOL regex_match_and_setup(const pcre *, const uschar *, int, int);
+ extern const pcre *regex_must_compile(const uschar *, BOOL, BOOL);
++extern void regex_vars_clear(void);
+ extern void retry_add_item(address_item *, uschar *, int);
+ extern BOOL retry_check_address(const uschar *, host_item *, uschar *, BOOL,
+ uschar **, uschar **);
+--- exim-4.94.2/src/globals.c 2022-10-19 09:14:19.344751853 +0200
++++ exim-4.94.2/src/globals.c 2022-10-19 09:18:27.675991666 +0200
+@@ -1289,7 +1289,7 @@
+ #endif
+ const pcre *regex_ismsgid = NULL;
+ const pcre *regex_smtp_code = NULL;
+-uschar *regex_vars[REGEX_VARS];
++uschar *regex_vars[REGEX_VARS] = { 0 };
+ #ifdef WHITELIST_D_MACROS
+ const pcre *regex_whitelisted_macro = NULL;
+ #endif
+--- exim-4.94.2/src/regex.c 2021-04-30 14:08:21.000000000 +0200
++++ exim-4.94.2/src/regex.c 2022-10-19 09:35:03.229084750 +0200
+@@ -87,6 +87,14 @@
+ return FAIL;
+ }
+
++/* reset expansion variables */
++void
++regex_vars_clear(void)
++{
++regex_match_string = NULL;
++for (int i = 0; i < REGEX_VARS; i++) regex_vars[i] = NULL;
++}
++
+ int
+ regex(const uschar **listptr)
+ {
+@@ -98,7 +106,7 @@
+ int ret = FAIL;
+
+ /* reset expansion variable */
+-regex_match_string = NULL;
++regex_vars_clear();
+
+ if (!mime_stream) /* We are in the DATA ACL */
+ {
+@@ -166,8 +174,7 @@
+ int mime_subject_len = 0;
+ int ret;
+
+-/* reset expansion variable */
+-regex_match_string = NULL;
++regex_vars_clear();
+
+ /* precompile our regexes */
+ if (!(re_list_head = compile(*listptr)))
+--- exim-4.94.2/src/smtp_in.c 2021-04-30 14:08:21.000000000 +0200
++++ exim-4.94.2/src/smtp_in.c 2022-10-19 09:15:58.613447975 +0200
+@@ -2161,8 +2161,10 @@
+ #ifdef SUPPORT_I18N
+ message_smtputf8 = FALSE;
+ #endif
++regex_vars_clear();
+ body_linecount = body_zerocount = 0;
+
++lookup_value = NULL; /* Can be set by ACL */
+ sender_rate = sender_rate_limit = sender_rate_period = NULL;
+ ratelimiters_mail = NULL; /* Updated by ratelimit ACL condition */
+ /* Note that ratelimiters_conn persists across resets. */
diff --git a/mail-mta/exim/files/exim-4.96-dmarc_use_after_free.patch b/mail-mta/exim/files/exim-4.96-dmarc_use_after_free.patch
new file mode 100644
index 000000000000..dc2f62e9ba0f
--- /dev/null
+++ b/mail-mta/exim/files/exim-4.96-dmarc_use_after_free.patch
@@ -0,0 +1,31 @@
+From 12fb3842f81bcbd4a4519d5728f2d7e0e3ca1445 Mon Sep 17 00:00:00 2001
+From: Lorenz Brun <lorenz@brun.one>
+Date: Fri, 14 Oct 2022 21:02:51 +0200
+Subject: [PATCH] DMARC: fix use-after-free in dmarc_dns_lookup
+
+This fixes a use-after-free in dmarc_dns_lookup where the result
+of dns_lookup in dnsa is freed before the required data is copied out.
+
+Fixes: 9258363 ("DNS: explicit alloc/free of workspace")
+---
+ src/src/dmarc.c | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/src/src/dmarc.c b/src/src/dmarc.c
+index ad0c26c91..53c2752ac 100644
+--- a/src/src/dmarc.c
++++ b/src/src/dmarc.c
+@@ -230,8 +230,9 @@ if (rc == DNS_SUCCEED)
+ rr = dns_next_rr(dnsa, &dnss, RESET_NEXT))
+ if (rr->type == T_TXT && rr->size > 3)
+ {
++ uschar *record = string_copyn_taint(US rr->data, rr->size, GET_TAINTED);
+ store_free_dns_answer(dnsa);
+- return string_copyn_taint(US rr->data, rr->size, GET_TAINTED);
++ return record;
+ }
+ store_free_dns_answer(dnsa);
+ return NULL;
+--
+2.30.2
+
^ permalink raw reply related [flat|nested] 24+ messages in thread
* [gentoo-commits] repo/gentoo:master commit in: mail-mta/exim/files/, mail-mta/exim/
@ 2022-10-19 12:52 Fabian Groffen
0 siblings, 0 replies; 24+ messages in thread
From: Fabian Groffen @ 2022-10-19 12:52 UTC (permalink / raw
To: gentoo-commits
commit: a3d8d8adbd38e235b75232ac2e42741d03e0de65
Author: Fabian Groffen <grobian <AT> gentoo <DOT> org>
AuthorDate: Wed Oct 19 12:50:54 2022 +0000
Commit: Fabian Groffen <grobian <AT> gentoo <DOT> org>
CommitDate: Wed Oct 19 12:52:05 2022 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=a3d8d8ad
mail-mta/exim-4.94.2-r11: 3rd attempt at CVE patch
Fix another combination in which the code can be compiled. Hopefully
3rd time is the charm or something.
Closes: https://bugs.gentoo.org/877641
Signed-off-by: Fabian Groffen <grobian <AT> gentoo.org>
mail-mta/exim/{exim-4.94.2-r10.ebuild => exim-4.94.2-r11.ebuild} | 0
mail-mta/exim/files/exim-4.94-CVE-2022-3559.patch | 4 +++-
2 files changed, 3 insertions(+), 1 deletion(-)
diff --git a/mail-mta/exim/exim-4.94.2-r10.ebuild b/mail-mta/exim/exim-4.94.2-r11.ebuild
similarity index 100%
rename from mail-mta/exim/exim-4.94.2-r10.ebuild
rename to mail-mta/exim/exim-4.94.2-r11.ebuild
diff --git a/mail-mta/exim/files/exim-4.94-CVE-2022-3559.patch b/mail-mta/exim/files/exim-4.94-CVE-2022-3559.patch
index 8793514b8fb7..533aaf1f9e51 100644
--- a/mail-mta/exim/files/exim-4.94-CVE-2022-3559.patch
+++ b/mail-mta/exim/files/exim-4.94-CVE-2022-3559.patch
@@ -69,7 +69,7 @@ Subject: [PATCH 1/1] Fix $regex<n> use-after-free. Bug 2915
/* precompile our regexes */
if (!(re_list_head = compile(*listptr)))
-@@ -213,3 +205,12 @@
+@@ -213,3 +205,14 @@
}
#endif /* WITH_CONTENT_SCAN */
@@ -78,7 +78,9 @@ Subject: [PATCH 1/1] Fix $regex<n> use-after-free. Bug 2915
+void
+regex_vars_clear(void)
+{
++#ifdef WITH_CONTENT_SCAN
+regex_match_string = NULL;
++#endif
+for (int i = 0; i < REGEX_VARS; i++) regex_vars[i] = NULL;
+}
+
^ permalink raw reply related [flat|nested] 24+ messages in thread
* [gentoo-commits] repo/gentoo:master commit in: mail-mta/exim/files/, mail-mta/exim/
@ 2022-12-27 20:33 Fabian Groffen
0 siblings, 0 replies; 24+ messages in thread
From: Fabian Groffen @ 2022-12-27 20:33 UTC (permalink / raw
To: gentoo-commits
commit: e44efacab8c0d769cd1b6145e14bba16b109c094
Author: Fabian Groffen <grobian <AT> gentoo <DOT> org>
AuthorDate: Tue Dec 27 20:31:29 2022 +0000
Commit: Fabian Groffen <grobian <AT> gentoo <DOT> org>
CommitDate: Tue Dec 27 20:33:02 2022 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=e44efaca
mail-mta/exim-4.94.2-r11: backport OpenSSL3 patch from 4.96
Closes: https://bugs.gentoo.org/888619
Signed-off-by: Fabian Groffen <grobian <AT> gentoo.org>
mail-mta/exim/exim-4.94.2-r11.ebuild | 1 +
mail-mta/exim/files/exim-4.94.2-openssl3.patch | 34 ++++++++++++++++++++++++++
2 files changed, 35 insertions(+)
diff --git a/mail-mta/exim/exim-4.94.2-r11.ebuild b/mail-mta/exim/exim-4.94.2-r11.ebuild
index c62c296b2534..352ae0cdcd7e 100644
--- a/mail-mta/exim/exim-4.94.2-r11.ebuild
+++ b/mail-mta/exim/exim-4.94.2-r11.ebuild
@@ -122,6 +122,7 @@ src_prepare() {
eapply "${FILESDIR}"/exim-4.94-localscan_dlopen.patch
eapply "${FILESDIR}"/exim-4.94.2-fix-crash-resolve.patch # 799368 upstr
eapply "${FILESDIR}"/exim-4.94-CVE-2022-3559.patch # 877607 upstr
+ eapply "${FILESDIR}"/exim-4.94.2-openssl3.patch # 888619 backport
# for this reason we have a := dep on opendmarc, they changed their
# API in a minor release
diff --git a/mail-mta/exim/files/exim-4.94.2-openssl3.patch b/mail-mta/exim/files/exim-4.94.2-openssl3.patch
new file mode 100644
index 000000000000..d1102aac8bfa
--- /dev/null
+++ b/mail-mta/exim/files/exim-4.94.2-openssl3.patch
@@ -0,0 +1,34 @@
+Based on original commit, but applied to 4.94.2 tarball.
+
+From ff7829398d74e67f1c1f40339a772fd76708e5ac Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Jaroslav=20=C5=A0karvada?= <jskarvad@redhat.com>
+Date: Sat, 27 Nov 2021 21:07:15 +0000
+Subject: [PATCH] Fix build for OpenSSL 3.0.0 . Bug 2810
+
+---
+ src/src/tls-openssl.c | 10 +++++++---
+ 1 file changed, 7 insertions(+), 3 deletions(-)
+
+--- a/src/tls-openssl.c
++++ b/src/tls-openssl.c
+@@ -227,12 +227,16 @@
+ { US"no_tlsv1", SSL_OP_NO_TLSv1 },
+ #endif
+ #ifdef SSL_OP_NO_TLSv1_1
+-#if SSL_OP_NO_TLSv1_1 == 0x00000400L
++# if OPENSSL_VERSION_NUMBER < 0x30000000L
++# if SSL_OP_NO_TLSv1_1 == 0x00000400L
+ /* Error in chosen value in 1.0.1a; see first item in CHANGES for 1.0.1b */
+-#warning OpenSSL 1.0.1a uses a bad value for SSL_OP_NO_TLSv1_1, ignoring
+-#else
++# warning OpenSSL 1.0.1a uses a bad value for SSL_OP_NO_TLSv1_1, ignoring
++# define NO_SSL_OP_NO_TLSv1_1
++# endif
++# endif
++# ifndef NO_SSL_OP_NO_TLSv1_1
+ { US"no_tlsv1_1", SSL_OP_NO_TLSv1_1 },
+-#endif
++# endif
+ #endif
+ #ifdef SSL_OP_NO_TLSv1_2
+ { US"no_tlsv1_2", SSL_OP_NO_TLSv1_2 },
^ permalink raw reply related [flat|nested] 24+ messages in thread
* [gentoo-commits] repo/gentoo:master commit in: mail-mta/exim/files/, mail-mta/exim/
@ 2023-05-27 8:55 Fabian Groffen
0 siblings, 0 replies; 24+ messages in thread
From: Fabian Groffen @ 2023-05-27 8:55 UTC (permalink / raw
To: gentoo-commits
commit: b03890e439529ef3bed2bb111f93687065dd54bb
Author: Fabian Groffen <grobian <AT> gentoo <DOT> org>
AuthorDate: Sat May 27 08:54:10 2023 +0000
Commit: Fabian Groffen <grobian <AT> gentoo <DOT> org>
CommitDate: Sat May 27 08:55:14 2023 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=b03890e4
mail-mta/exim-4.96-r3: add a bunch of upstream patches
Try to fix a bunch of crashes and problem with upstream fixes inspired
by Debian packaging.
Signed-off-by: Fabian Groffen <grobian <AT> gentoo.org>
.../{exim-4.96-r2.ebuild => exim-4.96-r3.ebuild} | 24 ++-
mail-mta/exim/files/exim-4.96-dane-dns_again.patch | 81 +++++++
.../exim/files/exim-4.96-deamon-startup-fix.patch | 53 +++++
.../exim/files/exim-4.96-expansion-crash.patch | 69 ++++++
.../exim/files/exim-4.96-openssl-bad-alpn.patch | 101 +++++++++
.../files/exim-4.96-openssl-double-expansion.patch | 217 +++++++++++++++++++
.../files/exim-4.96-openssl-tls_eccurve-lt-3.patch | 44 ++++
.../exim-4.96-openssl-tls_eccurve-setting.patch | 169 +++++++++++++++
.../exim/files/exim-4.96-openssl-verify-ocsp.patch | 232 +++++++++++++++++++++
.../exim/files/exim-4.96-recursion-dns_again.patch | 57 +++++
.../files/exim-4.96-regex-use-after-free.patch | 173 +++++++++++++++
.../exim-4.96-rewrite-malformed-addr-fix.patch | 42 ++++
.../files/exim-4.96-spf-memory-error-fix.patch | 25 +++
.../exim/files/exim-4.96-transport-crash.patch | 27 +++
14 files changed, 1308 insertions(+), 6 deletions(-)
diff --git a/mail-mta/exim/exim-4.96-r2.ebuild b/mail-mta/exim/exim-4.96-r3.ebuild
similarity index 93%
rename from mail-mta/exim/exim-4.96-r2.ebuild
rename to mail-mta/exim/exim-4.96-r3.ebuild
index e6c19640021e..646aa80b8ade 100644
--- a/mail-mta/exim/exim-4.96-r2.ebuild
+++ b/mail-mta/exim/exim-4.96-r3.ebuild
@@ -1,4 +1,4 @@
-# Copyright 1999-2022 Gentoo Authors
+# Copyright 1999-2023 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
EAPI="7"
@@ -116,7 +116,20 @@ src_prepare() {
eapply -p0 "${FILESDIR}"/exim-4.76-crosscompile.patch # 266591
eapply "${FILESDIR}"/exim-4.69-r1.27021.patch
eapply "${FILESDIR}"/exim-4.95-localscan_dlopen.patch
+ eapply "${FILESDIR}"/exim-4.96-rewrite-malformed-addr-fix.patch # upstr
+ eapply "${FILESDIR}"/exim-4.96-spf-memory-error-fix.patch # upstr
+ eapply "${FILESDIR}"/exim-4.96-regex-use-after-free.patch # upstr
eapply -p2 "${FILESDIR}"/exim-4.96-dmarc_use_after_free.patch # upstr
+ eapply "${FILESDIR}"/exim-4.96-deamon-startup-fix.patch # upstr
+ eapply "${FILESDIR}"/exim-4.96-openssl-verify-ocsp.patch # upstr
+ eapply "${FILESDIR}"/exim-4.96-openssl-double-expansion.patch # upstr
+ eapply "${FILESDIR}"/exim-4.96-recursion-dns_again.patch # upstr
+ eapply "${FILESDIR}"/exim-4.96-openssl-tls_eccurve-setting.patch # upstr
+ eapply "${FILESDIR}"/exim-4.96-openssl-tls_eccurve-lt-3.patch # upstr
+ eapply "${FILESDIR}"/exim-4.96-openssl-bad-alpn.patch # upstr
+ eapply "${FILESDIR}"/exim-4.96-dane-dns_again.patch # upstr
+ eapply "${FILESDIR}"/exim-4.96-expansion-crash.patch # upstr
+ eapply "${FILESDIR}"/exim-4.96-transport-crash.patch # upstr
# oddity, they disable berkdb as hack, and then throw an error when
# berkdb isn't enabled
@@ -125,11 +138,10 @@ src_prepare() {
-e 's/define DB void/define DONTMESS void/' \
src/auths/call_radius.c || die
- # for this reason we have a := dep on opendmarc, they changed their
- # API in a minor release
- if use dmarc && has_version ">=mail-filter/opendmarc-1.4" ; then
- eapply "${FILESDIR}"/exim-4.94-opendmarc-1.4.patch
- fi
+ # API changed from 1.3 to 1.4, upstream doesn't think 1.4 should be
+ # used, but 1.3 has a CVE and Gentoo (like most downstreams) only
+ # has 1.4 available
+ eapply "${FILESDIR}"/exim-4.94-opendmarc-1.4.patch
if use maildir ; then
eapply "${FILESDIR}"/exim-4.94-maildir.patch
diff --git a/mail-mta/exim/files/exim-4.96-dane-dns_again.patch b/mail-mta/exim/files/exim-4.96-dane-dns_again.patch
new file mode 100644
index 000000000000..9bd94f784594
--- /dev/null
+++ b/mail-mta/exim/files/exim-4.96-dane-dns_again.patch
@@ -0,0 +1,81 @@
+modified for Gentoo, removed Changelog due to conflicts
+
+From 30520c8f87fcf660ed99a2344cae7f9787f7bc89 Mon Sep 17 00:00:00 2001
+From: Jeremy Harris <jgh146exb@wizmail.org>
+Date: Thu, 5 Jan 2023 18:39:51 +0000
+Subject: [PATCH 3/3] DANE: do not check dns_again_means_nonexist for TLSA
+ results of TRY_AGAIN
+
+---
+ doc/doc-docbook/spec.xfpt | 7 ++++++-
+ doc/ChangeLog | 4 ++++
+ src/dns.c | 35 ++++++++++++++++++++++-------------
+ 3 files changed, 32 insertions(+), 14 deletions(-)
+
+--- a/src/dns.c
++++ b/src/dns.c
+@@ -904,25 +904,34 @@ if (dnsa->answerlen < 0) switch (h_errno
+ DEBUG(D_dns) debug_printf("DNS lookup of %s (%s) gave TRY_AGAIN\n",
+ name, dns_text_type(type));
+
+ /* Cut this out for various test programs */
+ #ifndef STAND_ALONE
+- if (try_again_recursion)
++ /* Permitting dns_again_means nonexist for TLSA lookups breaks the
++ doewngrade resistance of dane, so avoid for those. */
++
++ if (type == T_TLSA)
++ rc = FAIL;
++ else
+ {
+- log_write(0, LOG_MAIN|LOG_PANIC,
+- "dns_again_means_nonexist recursion seen for %s (assuming nonexist)",
+- name);
+- return dns_fail_return(name, type, dns_expire_from_soa(dnsa, type), DNS_NOMATCH);
+- }
++ if (try_again_recursion)
++ {
++ log_write(0, LOG_MAIN|LOG_PANIC,
++ "dns_again_means_nonexist recursion seen for %s"
++ " (assuming nonexist)", name);
++ return dns_fail_return(name, type, dns_expire_from_soa(dnsa, type),
++ DNS_NOMATCH);
++ }
+
+- try_again_recursion = TRUE;
+- save_domain = deliver_domain;
+- deliver_domain = string_copy(name); /* set $domain */
+- rc = match_isinlist(name, CUSS &dns_again_means_nonexist, 0,
+- &domainlist_anchor, NULL, MCL_DOMAIN, TRUE, NULL);
+- deliver_domain = save_domain;
+- try_again_recursion = FALSE;
++ try_again_recursion = TRUE;
++ save_domain = deliver_domain;
++ deliver_domain = string_copy(name); /* set $domain */
++ rc = match_isinlist(name, CUSS &dns_again_means_nonexist, 0,
++ &domainlist_anchor, NULL, MCL_DOMAIN, TRUE, NULL);
++ deliver_domain = save_domain;
++ try_again_recursion = FALSE;
++ }
+
+ if (rc != OK)
+ {
+ DEBUG(D_dns) debug_printf("returning DNS_AGAIN\n");
+ return dns_fail_return(name, type, 0, DNS_AGAIN);
+--- a/doc/spec.txt
++++ b/doc/spec.txt
+@@ -14246,11 +14246,13 @@ dns_again_means_nonexist, it is treated
+ should be used with care. You can make it apply to reverse lookups by a setting
+ such as this:
+
+ dns_again_means_nonexist = *.in-addr.arpa
+
+-This option applies to all DNS lookups that Exim does. It also applies when the
++This option applies to all DNS lookups that Exim does, except for TLSA lookups
++(where knowing about such failures +is security-relevant). It also applies
++when the
+ gethostbyname() or getipnodebyname() functions give temporary errors, since
+ these are most likely to be caused by DNS lookup problems. The dnslookup router
+ has some options of its own for controlling what happens when lookups for MX or
+ SRV records give temporary errors. These more specific options are applied
+ after this global option.
diff --git a/mail-mta/exim/files/exim-4.96-deamon-startup-fix.patch b/mail-mta/exim/files/exim-4.96-deamon-startup-fix.patch
new file mode 100644
index 000000000000..8cf0cb703f1d
--- /dev/null
+++ b/mail-mta/exim/files/exim-4.96-deamon-startup-fix.patch
@@ -0,0 +1,53 @@
+modified for Gentoo, removed Changelog to avoid conflicts
+
+From 221321d2c51b83d1feced80ecd6c2fe33ec5456c Mon Sep 17 00:00:00 2001
+From: Jeremy Harris <jgh146exb@wizmail.org>
+Date: Thu, 3 Nov 2022 20:08:25 +0000
+Subject: [PATCH 1/2] Fix daemon startup. Bug 2930
+
+Broken-by: 7d5055276a
+---
+ doc/ChangeLog | 4 ++++
+ src/daemon.c | 8 ++++++--
+ 2 files changed, 10 insertions(+), 2 deletions(-)
+
+--- a/src/daemon.c
++++ b/src/daemon.c
+@@ -1744,19 +1744,23 @@
+ {
+ /* If the parent process of this one has pid == 1, we are re-initializing the
+ daemon as the result of a SIGHUP. In this case, there is no need to do
+ anything, because the controlling terminal has long gone. Otherwise, fork, in
+ case current process is a process group leader (see 'man setsid' for an
+- explanation) before calling setsid(). */
++ explanation) before calling setsid().
++ All other forks want daemon_listen cleared. Rather than blow a register, jsut
++ restore it here. */
+
+ if (getppid() != 1)
+ {
++ BOOL daemon_listen = f.daemon_listen;
+ pid_t pid = exim_fork(US"daemon");
+ if (pid < 0) log_write(0, LOG_MAIN|LOG_PANIC_DIE,
+ "fork() failed when starting daemon: %s", strerror(errno));
+ if (pid > 0) exit(EXIT_SUCCESS); /* in parent process, just exit */
+ (void)setsid(); /* release controlling terminal */
++ f.daemon_listen = daemon_listen;
+ }
+ }
+
+ /* We are now in the disconnected, daemon process (unless debugging). Set up
+ the listening sockets if required. */
+@@ -2090,11 +2094,11 @@
+ { /* found; append port to list */
+ for (p = i2->log; *p; ) p++; /* end of existing string */
+ if (*--p == '}') *p = '\0'; /* drop EOL */
+ while (isdigit(*--p)) ; /* char before port */
+
+- i2->log = *p == ':' /* no list yet? */
++ i2->log = *p == ':' /* no list yet? { */
+ ? string_sprintf("%.*s{%s,%d}",
+ (int)(p - i2->log + 1), i2->log, p+1, ipa->port)
+ : string_sprintf("%s,%d}", i2->log, ipa->port);
+ ipa->log = NULL;
+ break;
diff --git a/mail-mta/exim/files/exim-4.96-expansion-crash.patch b/mail-mta/exim/files/exim-4.96-expansion-crash.patch
new file mode 100644
index 000000000000..4b79784f9979
--- /dev/null
+++ b/mail-mta/exim/files/exim-4.96-expansion-crash.patch
@@ -0,0 +1,69 @@
+modified for Gentoo, removed Changelog and tests
+
+From 70069b65a39a7ba73a36fbd95371ff03cde1eb23 Mon Sep 17 00:00:00 2001
+From: Jeremy Harris <jgh146exb@wizmail.org>
+Date: Thu, 2 Feb 2023 20:00:35 +0000
+Subject: [PATCH] Fix crash in expansions
+
+Broken-by: 1058096b8c53
+---
+ doc/ChangeLog | 4 ++++
+ src/expand.c | 9 +++++----
+ test/stderr/0630 | 1 +
+ 3 files changed, 10 insertions(+), 4 deletions(-)
+
+--- a/src/expand.c
++++ b/src/expand.c
+@@ -4652,11 +4652,11 @@ while (*s)
+ yield = string_catn(yield, value, len);
+
+ continue;
+ }
+
+- if (isdigit(*s))
++ if (isdigit(*s)) /* A $<n> variable */
+ {
+ int n;
+ s = read_cnumber(&n, s);
+ if (n >= 0 && n <= expand_nmax)
+ yield = string_catn(yield, expand_nstring[n], expand_nlength[n]);
+@@ -7060,10 +7060,11 @@ NOT_ITEM: ;
+ if (arg) *arg++ = '_'; /* Put back for error messages */
+ }
+
+ /* Deal specially with operators that might take a certificate variable
+ as we do not want to do the usual expansion. For most, expand the string.*/
++
+ switch(c)
+ {
+ #ifndef DISABLE_TLS
+ case EOP_MD5:
+ case EOP_SHA1:
+@@ -7107,11 +7108,11 @@ NOT_ITEM: ;
+
+ /* Otherwise, switch on the operator type. After handling go back
+ to the main loop top. */
+
+ {
+- int start = yield->ptr;
++ unsigned expansion_start = gstring_length(yield);
+ switch(c)
+ {
+ case EOP_BASE32:
+ {
+ uschar *t;
+@@ -8168,12 +8169,12 @@ NOT_ITEM: ;
+ goto EXPAND_FAILED;
+ } /* EOP_* switch */
+
+ DEBUG(D_expand)
+ {
+- const uschar * s = yield->s + start;
+- int i = yield->ptr - start;
++ const uschar * s = yield->s + expansion_start;
++ int i = gstring_length(yield) - expansion_start;
+ BOOL tainted = is_tainted(s);
+
+ DEBUG(D_noutf8)
+ {
+ debug_printf_indent("|-----op-res: %.*s\n", i, s);
diff --git a/mail-mta/exim/files/exim-4.96-openssl-bad-alpn.patch b/mail-mta/exim/files/exim-4.96-openssl-bad-alpn.patch
new file mode 100644
index 000000000000..f494fff85a09
--- /dev/null
+++ b/mail-mta/exim/files/exim-4.96-openssl-bad-alpn.patch
@@ -0,0 +1,101 @@
+modified for Gentoo, removed tests
+
+From e1aca33756f73c22b00a98d40ce2be8ed94464b1 Mon Sep 17 00:00:00 2001
+From: Jeremy Harris <jgh146exb@wizmail.org>
+Date: Thu, 5 Jan 2023 13:03:37 +0000
+Subject: [PATCH 2/3] OpenSSL: log conns rejected for bad ALPN, with the
+ offered value
+
+Unfortunately, no way to do this under GnuTLS
+---
+ src/match.c | 1 +
+ src/tls-gnu.c | 9 ++++++++-
+ src/tls-openssl.c | 13 +++++++++++--
+ test/log/1190 | 2 ++
+ test/runtest | 3 +++
+ 5 files changed, 25 insertions(+), 3 deletions(-)
+
+diff --git a/src/match.c b/src/match.c
+index 91a49c0f0..07070362d 100644
+--- a/src/match.c
++++ b/src/match.c
+@@ -968,6 +968,7 @@ Arguments:
+ s string to search for
+ listptr ptr to ptr to colon separated list of patterns, or NULL
+ sep a separator value for the list (see string_nextinlist())
++ or zero for auto
+ anchorptr ptr to tree for named items, or NULL if no named items
+ cache_bits ptr to cache_bits for ditto, or NULL if not caching
+ type MCL_DOMAIN when matching a domain list
+diff --git a/src/tls-gnu.c b/src/tls-gnu.c
+index 729fb5879..b47fabf1d 100644
+--- a/src/tls-gnu.c
++++ b/src/tls-gnu.c
+@@ -1119,21 +1119,28 @@ switch (tls_id)
+ /* The format of "data" here doesn't seem to be documented, but appears
+ to be a 2-byte field with a (redundant, given the "size" arg) total length
+ then a sequence of one-byte size then string (not nul-term) names. The
+- latter is as described in OpenSSL documentation. */
++ latter is as described in OpenSSL documentation.
++ Note that we do not get called for a match_fail, making it hard to log
++ a single bad ALPN being offered (the common case). */
++ {
++ gstring * g = NULL;
+
+ DEBUG(D_tls) debug_printf("Seen ALPN extension from client (s=%u):", size);
+ for (const uschar * s = data+2; s-data < size-1; s += *s + 1)
+ {
+ server_seen_alpn++;
++ g = string_append_listele_n(g, ':', s+1, *s);
+ DEBUG(D_tls) debug_printf(" '%.*s'", (int)*s, s+1);
+ }
+ DEBUG(D_tls) debug_printf("\n");
+ if (server_seen_alpn > 1)
+ {
++ log_write(0, LOG_MAIN, "TLS ALPN (%s) rejected", string_from_gstring(g));
+ DEBUG(D_tls) debug_printf("TLS: too many ALPNs presented in handshake\n");
+ return GNUTLS_E_NO_APPLICATION_PROTOCOL;
+ }
+ break;
++ }
+ #endif
+ }
+ return 0;
+diff --git a/src/tls-openssl.c b/src/tls-openssl.c
+index e063d29bd..513ba0d3a 100644
+--- a/src/tls-openssl.c
++++ b/src/tls-openssl.c
+@@ -2324,6 +2324,8 @@ static int
+ tls_server_alpn_cb(SSL *ssl, const uschar ** out, uschar * outlen,
+ const uschar * in, unsigned int inlen, void * arg)
+ {
++gstring * g = NULL;
++
+ server_seen_alpn = TRUE;
+ DEBUG(D_tls)
+ {
+@@ -2354,12 +2356,19 @@ if ( inlen > 1 /* at least one name */
+ }
+ }
+
+-/* More than one name from clilent, or name did not match our list. */
++/* More than one name from client, or name did not match our list. */
+
+ /* This will be fatal to the TLS conn; would be nice to kill TCP also.
+ Maybe as an option in future; for now leave control to the config (must-tls). */
+
+-DEBUG(D_tls) debug_printf("TLS ALPN rejected\n");
++for (int pos = 0, siz; pos < inlen; pos += siz+1)
++ {
++ siz = in[pos];
++ if (pos + 1 + siz > inlen) siz = inlen - pos - 1;
++ g = string_append_listele_n(g, ':', in + pos + 1, siz);
++ }
++log_write(0, LOG_MAIN, "TLS ALPN (%s) rejected", string_from_gstring(g));
++gstring_release_unused(g);
+ return SSL_TLSEXT_ERR_ALERT_FATAL;
+ }
+ #endif /* EXIM_HAVE_ALPN */
+--
+2.39.0
+
diff --git a/mail-mta/exim/files/exim-4.96-openssl-double-expansion.patch b/mail-mta/exim/files/exim-4.96-openssl-double-expansion.patch
new file mode 100644
index 000000000000..09e4f11ef20e
--- /dev/null
+++ b/mail-mta/exim/files/exim-4.96-openssl-double-expansion.patch
@@ -0,0 +1,217 @@
+From 62b97c2ecf148ee86053d82e5509e4c3a5a20054 Mon Sep 17 00:00:00 2001
+From: Jeremy Harris <jgh146exb@wizmail.org>
+Date: Sat, 29 Oct 2022 22:33:43 +0100
+Subject: [PATCH 2/2] OpenSSL: fix double-expansion of tls_verify_certificates
+
+---
+ src/tls-openssl.c | 66 +++++++++++++++++++++----------------------
+ 1 file changed, 33 insertions(+), 33 deletions(-)
+
+diff --git a/src/tls-openssl.c b/src/tls-openssl.c
+index fdf0d92b2..2e09882d2 100644
+--- a/src/tls-openssl.c
++++ b/src/tls-openssl.c
+@@ -435,15 +435,15 @@ typedef struct exim_openssl_state {
+ /* should figure out a cleanup of API to handle state preserved per
+ implementation, for various reasons, which can be void * in the APIs.
+ For now, we hack around it. */
+ exim_openssl_state_st *client_static_state = NULL; /*XXX should not use static; multiple concurrent clients! */
+ exim_openssl_state_st state_server = {.is_server = TRUE};
+
+ static int
+-setup_certs(SSL_CTX *sctx, uschar *certs, uschar *crl, host_item *host,
++setup_certs(SSL_CTX * sctx, uschar ** certs, uschar * crl, host_item * host,
+ uschar ** errstr );
+
+ /* Callbacks */
+ #ifndef DISABLE_OCSP
+ static int tls_server_stapling_cb(SSL *s, void *arg);
+ static void x509_stack_dump_cert_s_names(const STACK_OF(X509) * sk);
+ static void x509_store_dump_cert_s_names(X509_STORE * store);
+@@ -1762,18 +1762,18 @@ if ( opt_set_and_noexpand(tls_verify_certificates)
+ {
+ /* Watch the default dir also as they are always included */
+
+ if ( tls_set_watch(CUS X509_get_default_cert_file(), FALSE)
+ && tls_set_watch(tls_verify_certificates, FALSE)
+ && tls_set_watch(tls_crl, FALSE))
+ {
++ uschar * v_certs = tls_verify_certificates;
+ DEBUG(D_tls) debug_printf("TLS: preloading CA bundle for server\n");
+
+- if (setup_certs(ctx, tls_verify_certificates, tls_crl, NULL, &dummy_errstr)
+- == OK)
++ if (setup_certs(ctx, &v_certs, tls_crl, NULL, &dummy_errstr) == OK)
+ state_server.lib_state.cabundle = TRUE;
+
+ /* If we can, preload the server-side cert, key and ocsp */
+
+ if ( opt_set_and_noexpand(tls_certificate)
+ # ifndef DISABLE_OCSP
+ && opt_unset_or_noexpand(tls_ocsp_file)
+@@ -1897,18 +1897,19 @@ if ( opt_set_and_noexpand(ob->tls_verify_certificates)
+ {
+ if ( !watch
+ || tls_set_watch(CUS X509_get_default_cert_file(), FALSE)
+ && tls_set_watch(ob->tls_verify_certificates, FALSE)
+ && tls_set_watch(ob->tls_crl, FALSE)
+ )
+ {
++ uschar * v_certs = ob->tls_verify_certificates;
+ DEBUG(D_tls)
+ debug_printf("TLS: preloading CA bundle for transport '%s'\n", t->name);
+
+- if (setup_certs(ctx, ob->tls_verify_certificates,
++ if (setup_certs(ctx, &v_certs,
+ ob->tls_crl, dummy_host, &dummy_errstr) == OK)
+ ob->tls_preload.cabundle = TRUE;
+ }
+ }
+ else
+ DEBUG(D_tls)
+ debug_printf("TLS: not preloading CA bundle, for transport '%s'\n", t->name);
+@@ -2238,22 +2239,20 @@ if (state->u_ocsp.server.file)
+ {
+ SSL_CTX_set_tlsext_status_cb(server_sni, tls_server_stapling_cb);
+ SSL_CTX_set_tlsext_status_arg(server_sni, state);
+ }
+ #endif
+
+ {
+- uschar * expcerts;
+- if ( !expand_check(tls_verify_certificates, US"tls_verify_certificates",
+- &expcerts, &dummy_errstr)
+- || (rc = setup_certs(server_sni, expcerts, tls_crl, NULL,
++ uschar * v_certs = tls_verify_certificates;
++ if ((rc = setup_certs(server_sni, &v_certs, tls_crl, NULL,
+ &dummy_errstr)) != OK)
+ goto bad;
+
+- if (expcerts && *expcerts)
++ if (v_certs && *v_certs)
+ setup_cert_verify(server_sni, FALSE, verify_callback_server);
+ }
+
+ /* do this after setup_certs, because this can require the certs for verifying
+ OCSP information. */
+ if ((rc = tls_expand_session_files(server_sni, state, &dummy_errstr)) != OK)
+ goto bad;
+@@ -3017,32 +3016,33 @@ return TRUE;
+
+
+ /* Called by both client and server startup; on the server possibly
+ repeated after a Server Name Indication.
+
+ Arguments:
+ sctx SSL_CTX* to initialise
+- certs certs file, expanded
++ certs certs file, returned expanded
+ crl CRL file or NULL
+ host NULL in a server; the remote host in a client
+ errstr error string pointer
+
+ Returns: OK/DEFER/FAIL
+ */
+
+ static int
+-setup_certs(SSL_CTX *sctx, uschar *certs, uschar *crl, host_item *host,
++setup_certs(SSL_CTX * sctx, uschar ** certsp, uschar * crl, host_item * host,
+ uschar ** errstr)
+ {
+-uschar *expcerts, *expcrl;
++uschar * expcerts, * expcrl;
+
+-if (!expand_check(certs, US"tls_verify_certificates", &expcerts, errstr))
++if (!expand_check(*certsp, US"tls_verify_certificates", &expcerts, errstr))
+ return DEFER;
+ DEBUG(D_tls) debug_printf("tls_verify_certificates: %s\n", expcerts);
+
++*certsp = expcerts;
+ if (expcerts && *expcerts)
+ {
+ /* Tell the library to use its compiled-in location for the system default
+ CA bundle. Then add the ones specified in the config, if any. */
+
+ if (!SSL_CTX_set_default_verify_paths(sctx))
+ return tls_error(US"SSL_CTX_set_default_verify_paths", host, NULL, errstr);
+@@ -3330,28 +3330,28 @@ if (verify_check_host(&tls_verify_hosts) == OK)
+ server_verify_optional = FALSE;
+ else if (verify_check_host(&tls_try_verify_hosts) == OK)
+ server_verify_optional = TRUE;
+ else
+ goto skip_certs;
+
+ {
+- uschar * expcerts;
+- if (!expand_check(tls_verify_certificates, US"tls_verify_certificates",
+- &expcerts, errstr))
+- return DEFER;
+- DEBUG(D_tls) debug_printf("tls_verify_certificates: %s\n", expcerts);
++ uschar * v_certs = tls_verify_certificates;
+
+ if (state_server.lib_state.cabundle)
+- { DEBUG(D_tls) debug_printf("TLS: CA bundle for server was preloaded\n"); }
++ {
++ DEBUG(D_tls) debug_printf("TLS: CA bundle for server was preloaded\n");
++ setup_cert_verify(ctx, server_verify_optional, verify_callback_server);
++ }
+ else
+- if ((rc = setup_certs(ctx, expcerts, tls_crl, NULL, errstr)) != OK)
++ {
++ if ((rc = setup_certs(ctx, &v_certs, tls_crl, NULL, errstr)) != OK)
+ return rc;
+-
+- if (expcerts && *expcerts)
+- setup_cert_verify(ctx, server_verify_optional, verify_callback_server);
++ if (v_certs && *v_certs)
++ setup_cert_verify(ctx, server_verify_optional, verify_callback_server);
++ }
+ }
+ skip_certs: ;
+
+ #ifndef DISABLE_TLS_RESUME
+ # if OPENSSL_VERSION_NUMBER < 0x30000000L
+ SSL_CTX_set_tlsext_ticket_key_cb(ctx, ticket_key_callback);
+ /* despite working, appears to always return failure, so ignoring */
+@@ -3606,28 +3606,28 @@ if ( ( ( !ob->tls_verify_hosts || !ob->tls_verify_hosts
+ client_verify_optional = FALSE;
+ else if (verify_check_given_host(CUSS &ob->tls_try_verify_hosts, host) == OK)
+ client_verify_optional = TRUE;
+ else
+ return OK;
+
+ {
+- uschar * expcerts;
+- if (!expand_check(ob->tls_verify_certificates, US"tls_verify_certificates",
+- &expcerts, errstr))
+- return DEFER;
+- DEBUG(D_tls) debug_printf("tls_verify_certificates: %s\n", expcerts);
++ uschar * v_certs = ob->tls_verify_certificates;
+
+ if (state->lib_state.cabundle)
+- { DEBUG(D_tls) debug_printf("TLS: CA bundle was preloaded\n"); }
++ {
++ DEBUG(D_tls) debug_printf("TLS: CA bundle for tpt was preloaded\n");
++ setup_cert_verify(ctx, client_verify_optional, verify_callback_client);
++ }
+ else
+- if ((rc = setup_certs(ctx, expcerts, ob->tls_crl, host, errstr)) != OK)
++ {
++ if ((rc = setup_certs(ctx, &v_certs, ob->tls_crl, host, errstr)) != OK)
+ return rc;
+-
+- if (expcerts && *expcerts)
+- setup_cert_verify(ctx, client_verify_optional, verify_callback_client);
++ if (v_certs && *v_certs)
++ setup_cert_verify(ctx, client_verify_optional, verify_callback_client);
++ }
+ }
+
+ if (verify_check_given_host(CUSS &ob->tls_verify_cert_hostnames, host) == OK)
+ {
+ state->verify_cert_hostnames =
+ #ifdef SUPPORT_I18N
+ string_domain_utf8_to_alabel(host->certname, NULL);
+--
+2.35.1
+
diff --git a/mail-mta/exim/files/exim-4.96-openssl-tls_eccurve-lt-3.patch b/mail-mta/exim/files/exim-4.96-openssl-tls_eccurve-lt-3.patch
new file mode 100644
index 000000000000..37d1d445cb0a
--- /dev/null
+++ b/mail-mta/exim/files/exim-4.96-openssl-tls_eccurve-lt-3.patch
@@ -0,0 +1,44 @@
+modified for Gentoo, removed tests due to conflicts
+
+From 7fa5764c203f2f4a900898a79ed02d674075313f Mon Sep 17 00:00:00 2001
+From: Jeremy Harris <jgh146exb@wizmail.org>
+Date: Mon, 2 Jan 2023 15:04:14 +0000
+Subject: [PATCH 1/3] OpenSSL: Fix tls_eccurve on earlier versions than 3.0.0.
+ Bug 2954
+
+Broken-by: ca4014de81e6
+---
+ src/tls-openssl.c | 7 ++++---
+ test/log/2149 | 28 ++++++++++++++--------------
+ test/runtest | 3 +++
+ test/scripts/2100-OpenSSL/2149 | 22 ++++++++++++----------
+ 4 files changed, 33 insertions(+), 27 deletions(-)
+
+diff --git a/src/tls-openssl.c b/src/tls-openssl.c
+index 4d0f99ea9..e063d29bd 100644
+--- a/src/tls-openssl.c
++++ b/src/tls-openssl.c
+@@ -786,8 +786,9 @@ if ( (nid = OBJ_sn2nid (CCS exp_curve)) == NID_undef
+ # endif
+ )
+ {
+- tls_error(string_sprintf("Unknown curve name tls_eccurve '%s'", exp_curve),
+- NULL, NULL, errstr);
++ uschar * s = string_sprintf("Unknown curve name tls_eccurve '%s'", exp_curve);
++ DEBUG(D_tls) debug_printf("TLS error '%s'\n", s);
++ if (errstr) *errstr = s;
+ return FALSE;
+ }
+
+@@ -803,7 +804,7 @@ if ( (nid = OBJ_sn2nid (CCS exp_curve)) == NID_undef
+ /* The "tmp" in the name here refers to setting a temporary key
+ not to the stability of the interface. */
+
+- if ((rc = SSL_CTX_set_tmp_ecdh(sctx, ecdh) == 0))
++ if ((rc = SSL_CTX_set_tmp_ecdh(sctx, ecdh)) == 0)
+ tls_error(string_sprintf("Error enabling '%s' curve", exp_curve), NULL, NULL, errstr);
+ else
+ DEBUG(D_tls) debug_printf(" ECDH: enabled '%s' curve\n", exp_curve);
+--
+2.39.0
+
diff --git a/mail-mta/exim/files/exim-4.96-openssl-tls_eccurve-setting.patch b/mail-mta/exim/files/exim-4.96-openssl-tls_eccurve-setting.patch
new file mode 100644
index 000000000000..6ccfbca9a985
--- /dev/null
+++ b/mail-mta/exim/files/exim-4.96-openssl-tls_eccurve-setting.patch
@@ -0,0 +1,169 @@
+modified for Gentoo, dropped Changelog and test due to conflicts
+
+From ca4014de81e6aa367aa0a54c49b4c3d4b137814c Mon Sep 17 00:00:00 2001
+From: Jeremy Harris <jgh146exb@wizmail.org>
+Date: Sun, 1 Jan 2023 12:18:38 +0000
+Subject: [PATCH] OpenSSL: fix tls_eccurve setting explicit curve/group. Bug
+ 2954
+
+---
+ doc/ChangeLog | 4 +++
+ src/tls-openssl.c | 39 ++++++++++++++----------
+ test/confs/2148 | 54 ++++++++++++++++++++++++++++++++++
+ test/confs/2149 | 39 +++++++++++++-----------
+ test/log/2148 | 48 ++++++++++++++++++++++++++++++
+ test/log/2149 | 39 ++++++++++++------------
+ test/paniclog/{2149 => 2148} | 0
+ test/scripts/2100-OpenSSL/2148 | 50 +++++++++++++++++++++++++++++++
+ test/scripts/2100-OpenSSL/2149 | 50 ++++++++++++++++---------------
+ test/stderr/2148 | 5 ++++
+ test/stderr/2149 | 3 --
+ 11 files changed, 250 insertions(+), 81 deletions(-)
+ create mode 100644 test/confs/2148
+ create mode 100644 test/log/2148
+ rename test/paniclog/{2149 => 2148} (100%)
+ create mode 100644 test/scripts/2100-OpenSSL/2148
+ create mode 100644 test/stderr/2148
+
+--- a/src/tls-openssl.c
++++ b/src/tls-openssl.c
+@@ -657,16 +657,16 @@ if (dh_bitsize <= tls_dh_max_bits)
+ /* EVP_PKEY_free(pkey); crashes */
+ #endif
+ }
+ else
+ DEBUG(D_tls)
+- debug_printf("Diffie-Hellman initialized from %s with %d-bit prime\n",
++ debug_printf(" Diffie-Hellman initialized from %s with %d-bit prime\n",
+ dhexpanded ? dhexpanded : US"default", dh_bitsize);
+ }
+ else
+ DEBUG(D_tls)
+- debug_printf("dhparams '%s' %d bits, is > tls_dh_max_bits limit of %d\n",
++ debug_printf(" dhparams '%s' %d bits, is > tls_dh_max_bits limit of %d\n",
+ dhexpanded ? dhexpanded : US"default", dh_bitsize, tls_dh_max_bits);
+
+ #if OPENSSL_VERSION_NUMBER < 0x30000000L
+ DH_free(dh);
+ #endif
+@@ -712,23 +712,31 @@ init_ecdh(SSL_CTX * sctx, uschar ** errs
+ #ifdef OPENSSL_NO_ECDH
+ return TRUE;
+ #else
+
+ uschar * exp_curve;
+-int nid;
+-BOOL rv;
++int nid, rc;
+
+ # ifndef EXIM_HAVE_ECDH
+ DEBUG(D_tls)
+- debug_printf("No OpenSSL API to define ECDH parameters, skipping\n");
++ debug_printf(" No OpenSSL API to define ECDH parameters, skipping\n");
+ return TRUE;
+ # else
+
+ if (!expand_check(tls_eccurve, US"tls_eccurve", &exp_curve, errstr))
+ return FALSE;
++
++/* Is the option deliberately empty? */
++
+ if (!exp_curve || !*exp_curve)
++ {
++#if OPENSSL_VERSION_NUMBER >= 0x10002000L
++ DEBUG(D_tls) debug_printf( " ECDH OpenSSL 1.0.2+: clearing curves list\n");
++ (void) SSL_CTX_set1_curves(sctx, &nid, 0);
++#endif
+ return TRUE;
++ }
+
+ /* "auto" needs to be handled carefully.
+ * OpenSSL < 1.0.2: we do not select anything, but fallback to prime256v1
+ * OpenSSL < 1.1.0: we have to call SSL_CTX_set_ecdh_auto
+ * (openssl/ssl.h defines SSL_CTRL_SET_ECDH_AUTO)
+@@ -737,27 +745,26 @@ if (!exp_curve || !*exp_curve)
+ */
+ if (Ustrcmp(exp_curve, "auto") == 0)
+ {
+ #if OPENSSL_VERSION_NUMBER < 0x10002000L
+ DEBUG(D_tls) debug_printf(
+- "ECDH OpenSSL < 1.0.2: temp key parameter settings: overriding \"auto\" with \"prime256v1\"\n");
++ " ECDH OpenSSL < 1.0.2: temp key parameter settings: overriding \"auto\" with \"prime256v1\"\n");
+ exp_curve = US"prime256v1";
+ #else
+ # if defined SSL_CTRL_SET_ECDH_AUTO
+ DEBUG(D_tls) debug_printf(
+- "ECDH OpenSSL 1.0.2+: temp key parameter settings: autoselection\n");
++ " ECDH OpenSSL 1.0.2+: temp key parameter settings: autoselection\n");
+ SSL_CTX_set_ecdh_auto(sctx, 1);
+ return TRUE;
+ # else
+ DEBUG(D_tls) debug_printf(
+- "ECDH OpenSSL 1.1.0+: temp key parameter settings: default selection\n");
++ " ECDH OpenSSL 1.1.0+: temp key parameter settings: library default selection\n");
+ return TRUE;
+ # endif
+ #endif
+ }
+
+-DEBUG(D_tls) debug_printf("ECDH: curve '%s'\n", exp_curve);
+ if ( (nid = OBJ_sn2nid (CCS exp_curve)) == NID_undef
+ # ifdef EXIM_HAVE_OPENSSL_EC_NIST2NID
+ && (nid = EC_curve_nist2nid(CCS exp_curve)) == NID_undef
+ # endif
+ )
+@@ -777,27 +784,27 @@ if ( (nid = OBJ_sn2nid (CCS exp_c
+ }
+
+ /* The "tmp" in the name here refers to setting a temporary key
+ not to the stability of the interface. */
+
+- if ((rv = SSL_CTX_set_tmp_ecdh(sctx, ecdh) == 0))
++ if ((rc = SSL_CTX_set_tmp_ecdh(sctx, ecdh) == 0))
+ tls_error(string_sprintf("Error enabling '%s' curve", exp_curve), NULL, NULL, errstr);
+ else
+- DEBUG(D_tls) debug_printf("ECDH: enabled '%s' curve\n", exp_curve);
++ DEBUG(D_tls) debug_printf(" ECDH: enabled '%s' curve\n", exp_curve);
+ EC_KEY_free(ecdh);
+ }
+
+ #else /* v 3.0.0 + */
+
+-if ((rv = SSL_CTX_set1_groups(sctx, &nid, 1)) == 0)
++if ((rc = SSL_CTX_set1_groups(sctx, &nid, 1)) == 0)
+ tls_error(string_sprintf("Error enabling '%s' group", exp_curve), NULL, NULL, errstr);
+ else
+- DEBUG(D_tls) debug_printf("ECDH: enabled '%s' group\n", exp_curve);
++ DEBUG(D_tls) debug_printf(" ECDH: enabled '%s' group\n", exp_curve);
+
+ #endif
+
+-return !rv;
++return !!rc;
+
+ # endif /*EXIM_HAVE_ECDH*/
+ #endif /*OPENSSL_NO_ECDH*/
+ }
+
+@@ -1719,19 +1726,19 @@ state_server.lib_state.lib_ctx = ctx;
+
+ /* Preload DH params and EC curve */
+
+ if (opt_unset_or_noexpand(tls_dhparam))
+ {
+- DEBUG(D_tls) debug_printf("TLS: preloading DH params for server\n");
++ DEBUG(D_tls) debug_printf("TLS: preloading DH params '%s' for server\n", tls_dhparam);
+ if (init_dh(ctx, tls_dhparam, &dummy_errstr))
+ state_server.lib_state.dh = TRUE;
+ }
+ else
+ DEBUG(D_tls) debug_printf("TLS: not preloading DH params for server\n");
+ if (opt_unset_or_noexpand(tls_eccurve))
+ {
+- DEBUG(D_tls) debug_printf("TLS: preloading ECDH curve for server\n");
++ DEBUG(D_tls) debug_printf("TLS: preloading ECDH curve '%s' for server\n", tls_eccurve);
+ if (init_ecdh(ctx, &dummy_errstr))
+ state_server.lib_state.ecdh = TRUE;
+ }
+ else
+ DEBUG(D_tls) debug_printf("TLS: not preloading ECDH curve for server\n");
diff --git a/mail-mta/exim/files/exim-4.96-openssl-verify-ocsp.patch b/mail-mta/exim/files/exim-4.96-openssl-verify-ocsp.patch
new file mode 100644
index 000000000000..2e21065fb1d6
--- /dev/null
+++ b/mail-mta/exim/files/exim-4.96-openssl-verify-ocsp.patch
@@ -0,0 +1,232 @@
+From 7f65a63b60c6ea86db683ac00e221939f3bb1d47 Mon Sep 17 00:00:00 2001
+From: Jeremy Harris <jgh146exb@wizmail.org>
+Date: Tue, 25 Oct 2022 21:26:30 +0100
+Subject: [PATCH 1/2] OpenSSL: when preloading creds do the server certs before
+ the OCSP proofs so that the latter can ve verified before loading
+
+---
+ src/tls-openssl.c | 113 ++++++++++++++++++++++--------------------
+ 1 file changed, 58 insertions(+), 55 deletions(-)
+
+diff --git a/src/tls-openssl.c b/src/tls-openssl.c
+index 68ad6f15b..fdf0d92b2 100644
+--- a/src/tls-openssl.c
++++ b/src/tls-openssl.c
+@@ -441,14 +441,16 @@ exim_openssl_state_st state_server = {.is_server = TRUE};
+ static int
+ setup_certs(SSL_CTX *sctx, uschar *certs, uschar *crl, host_item *host,
+ uschar ** errstr );
+
+ /* Callbacks */
+ #ifndef DISABLE_OCSP
+ static int tls_server_stapling_cb(SSL *s, void *arg);
++static void x509_stack_dump_cert_s_names(const STACK_OF(X509) * sk);
++static void x509_store_dump_cert_s_names(X509_STORE * store);
+ #endif
+
+
+
+ /* Daemon-called, before every connection, key create/rotate */
+ #ifndef DISABLE_TLS_RESUME
+ static void tk_init(void);
+@@ -1307,15 +1309,14 @@ ocsp_load_response(exim_openssl_state_st * state, const uschar * filename,
+ {
+ BIO * bio;
+ OCSP_RESPONSE * resp;
+ OCSP_BASICRESP * basic_response;
+ OCSP_SINGLERESP * single_response;
+ ASN1_GENERALIZEDTIME * rev, * thisupd, * nextupd;
+ STACK_OF(X509) * sk;
+-unsigned long verify_flags;
+ int status, reason, i;
+
+ DEBUG(D_tls)
+ debug_printf("tls_ocsp_file (%s) '%s'\n", is_pem ? "PEM" : "DER", filename);
+
+ if (!filename || !*filename) return;
+
+@@ -1372,28 +1373,28 @@ if ((status = OCSP_response_status(resp)) != OCSP_RESPONSE_STATUS_SUCCESSFUL)
+ if (!(basic_response = OCSP_response_get1_basic(resp)))
+ {
+ DEBUG(D_tls)
+ debug_printf("OCSP response parse error: unable to extract basic response.\n");
+ goto bad;
+ }
+
+-sk = state->verify_stack;
+-verify_flags = OCSP_NOVERIFY; /* check sigs, but not purpose */
++sk = state->verify_stack; /* set by setup_certs() / chain_from_pem_file() */
+
+ /* May need to expose ability to adjust those flags?
+ OCSP_NOSIGS OCSP_NOVERIFY OCSP_NOCHAIN OCSP_NOCHECKS OCSP_NOEXPLICIT
+ OCSP_TRUSTOTHER OCSP_NOINTERN */
+
+-/* This does a full verify on the OCSP proof before we load it for serving
+-up; possibly overkill - just date-checks might be nice enough.
++/* This does a partial verify (only the signer link, not the whole chain-to-CA)
++on the OCSP proof before we load it for serving up; possibly overkill -
++just date-checks might be nice enough.
+
+ OCSP_basic_verify takes a "store" arg, but does not
+-use it for the chain verification, which is all we do
+-when OCSP_NOVERIFY is set. The content from the wire
+-"basic_response" and a cert-stack "sk" are all that is used.
++use it for the chain verification, when OCSP_NOVERIFY is set.
++The content from the wire "basic_response" and a cert-stack "sk" are all
++that is used.
+
+ We have a stack, loaded in setup_certs() if tls_verify_certificates
+ was a file (not a directory, or "system"). It is unfortunate we
+ cannot used the connection context store, as that would neatly
+ handle the "system" case too, but there seems to be no library
+ function for getting a stack from a store.
+ [ In OpenSSL 1.1 - ? X509_STORE_CTX_get0_chain(ctx) ? ]
+@@ -1402,15 +1403,15 @@ SNI handling.
+
+ Separately we might try to replace using OCSP_basic_verify() - which seems to not
+ be a public interface into the OpenSSL library (there's no manual entry) -
+ But what with? We also use OCSP_basic_verify in the client stapling callback.
+ And there we NEED it; we must verify that status... unless the
+ library does it for us anyway? */
+
+-if ((i = OCSP_basic_verify(basic_response, sk, NULL, verify_flags)) < 0)
++if ((i = OCSP_basic_verify(basic_response, sk, NULL, OCSP_NOVERIFY)) < 0)
+ {
+ DEBUG(D_tls)
+ {
+ ERR_error_string_n(ERR_get_error(), ssl_errstring, sizeof(ssl_errstring));
+ debug_printf("OCSP response verify failure: %s\n", US ssl_errstring);
+ }
+ goto bad;
+@@ -1747,61 +1748,18 @@ if (opt_unset_or_noexpand(tls_eccurve))
+ if (init_ecdh(ctx, &dummy_errstr))
+ state_server.lib_state.ecdh = TRUE;
+ }
+ else
+ DEBUG(D_tls) debug_printf("TLS: not preloading ECDH curve for server\n");
+
+ #if defined(EXIM_HAVE_INOTIFY) || defined(EXIM_HAVE_KEVENT)
+-/* If we can, preload the server-side cert, key and ocsp */
+-
+-if ( opt_set_and_noexpand(tls_certificate)
+-# ifndef DISABLE_OCSP
+- && opt_unset_or_noexpand(tls_ocsp_file)
+-#endif
+- && opt_unset_or_noexpand(tls_privatekey))
+- {
+- /* Set watches on the filenames. The implementation does de-duplication
+- so we can just blindly do them all. */
+-
+- if ( tls_set_watch(tls_certificate, TRUE)
+-# ifndef DISABLE_OCSP
+- && tls_set_watch(tls_ocsp_file, TRUE)
+-#endif
+- && tls_set_watch(tls_privatekey, TRUE))
+- {
+- state_server.certificate = tls_certificate;
+- state_server.privatekey = tls_privatekey;
+-#ifndef DISABLE_OCSP
+- state_server.u_ocsp.server.file = tls_ocsp_file;
+-#endif
+-
+- DEBUG(D_tls) debug_printf("TLS: preloading server certs\n");
+- if (tls_expand_session_files(ctx, &state_server, &dummy_errstr) == OK)
+- state_server.lib_state.conn_certs = TRUE;
+- }
+- }
+-else if ( !tls_certificate && !tls_privatekey
+-# ifndef DISABLE_OCSP
+- && !tls_ocsp_file
+-#endif
+- )
+- { /* Generate & preload a selfsigned cert. No files to watch. */
+- if (tls_expand_session_files(ctx, &state_server, &dummy_errstr) == OK)
+- {
+- state_server.lib_state.conn_certs = TRUE;
+- lifetime = f.running_in_test_harness ? 2 : 60 * 60; /* 1 hour */
+- }
+- }
+-else
+- DEBUG(D_tls) debug_printf("TLS: not preloading server certs\n");
+-
+-
+ /* If we can, preload the Authorities for checking client certs against.
+ Actual choice to do verify is made (tls_{,try_}verify_hosts)
+-at TLS conn startup */
++at TLS conn startup.
++Do this before the server ocsp so that its info can verify the ocsp. */
+
+ if ( opt_set_and_noexpand(tls_verify_certificates)
+ && opt_unset_or_noexpand(tls_crl))
+ {
+ /* Watch the default dir also as they are always included */
+
+ if ( tls_set_watch(CUS X509_get_default_cert_file(), FALSE)
+@@ -1809,18 +1767,63 @@ if ( opt_set_and_noexpand(tls_verify_certificates)
+ && tls_set_watch(tls_crl, FALSE))
+ {
+ DEBUG(D_tls) debug_printf("TLS: preloading CA bundle for server\n");
+
+ if (setup_certs(ctx, tls_verify_certificates, tls_crl, NULL, &dummy_errstr)
+ == OK)
+ state_server.lib_state.cabundle = TRUE;
+- }
++
++ /* If we can, preload the server-side cert, key and ocsp */
++
++ if ( opt_set_and_noexpand(tls_certificate)
++# ifndef DISABLE_OCSP
++ && opt_unset_or_noexpand(tls_ocsp_file)
++# endif
++ && opt_unset_or_noexpand(tls_privatekey))
++ {
++ /* Set watches on the filenames. The implementation does de-duplication
++ so we can just blindly do them all. */
++
++ if ( tls_set_watch(tls_certificate, TRUE)
++# ifndef DISABLE_OCSP
++ && tls_set_watch(tls_ocsp_file, TRUE)
++# endif
++ && tls_set_watch(tls_privatekey, TRUE))
++ {
++ state_server.certificate = tls_certificate;
++ state_server.privatekey = tls_privatekey;
++#ifndef DISABLE_OCSP
++ state_server.u_ocsp.server.file = tls_ocsp_file;
++# endif
++
++ DEBUG(D_tls) debug_printf("TLS: preloading server certs\n");
++ if (tls_expand_session_files(ctx, &state_server, &dummy_errstr) == OK)
++ state_server.lib_state.conn_certs = TRUE;
++ }
++ }
++ else if ( !tls_certificate && !tls_privatekey
++# ifndef DISABLE_OCSP
++ && !tls_ocsp_file
++# endif
++ )
++ { /* Generate & preload a selfsigned cert. No files to watch. */
++ if (tls_expand_session_files(ctx, &state_server, &dummy_errstr) == OK)
++ {
++ state_server.lib_state.conn_certs = TRUE;
++ lifetime = f.running_in_test_harness ? 2 : 60 * 60; /* 1 hour */
++ }
++ }
++ else
++ DEBUG(D_tls) debug_printf("TLS: not preloading server certs\n");
++ }
+ }
+ else
+ DEBUG(D_tls) debug_printf("TLS: not preloading CA bundle for server\n");
++
++
+ #endif /* EXIM_HAVE_INOTIFY */
+
+
+ /* If we can, preload the ciphers control string */
+
+ if (opt_set_and_noexpand(tls_require_ciphers))
+ {
+--
+2.35.1
+
diff --git a/mail-mta/exim/files/exim-4.96-recursion-dns_again.patch b/mail-mta/exim/files/exim-4.96-recursion-dns_again.patch
new file mode 100644
index 000000000000..6ac0e81c9551
--- /dev/null
+++ b/mail-mta/exim/files/exim-4.96-recursion-dns_again.patch
@@ -0,0 +1,57 @@
+modified for Gentoo, removed Changelog due to conflicts
+
+From 1d38781da934809e6ce0b8c3718c4b3bccdfe1d2 Mon Sep 17 00:00:00 2001
+From: Jeremy Harris <jgh146exb@wizmail.org>
+Date: Wed, 28 Dec 2022 19:39:06 +0000
+Subject: [PATCH] Fix recursion on dns_again_means_nonexist. Bug 2911
+
+---
+ doc/ChangeLog | 8 +++++
+ src/dns.c | 12 ++++++++
+ test/confs/2202 | 18 +++++++++--
+ test/scripts/2200-dnsdb/2202 | 8 +++++
+ test/stderr/2202 | 58 +++++++++++++++++++++++++++++++++++-
+ test/stdout/2202 | 8 +++++
+ 6 files changed, 108 insertions(+), 4 deletions(-)
+
+--- a/src/dns.c
++++ b/src/dns.c
+@@ -799,10 +799,11 @@ int
+ dns_basic_lookup(dns_answer * dnsa, const uschar * name, int type)
+ {
+ int rc;
+ #ifndef STAND_ALONE
+ const uschar * save_domain;
++static BOOL try_again_recursion = FALSE;
+ #endif
+
+ /* DNS lookup failures of any kind are cached in a tree. This is mainly so that
+ a timeout on one domain doesn't happen time and time again for messages that
+ have many addresses in the same domain. We rely on the resolver and name server
+@@ -903,15 +904,26 @@ if (dnsa->answerlen < 0) switch (h_errno
+ DEBUG(D_dns) debug_printf("DNS lookup of %s (%s) gave TRY_AGAIN\n",
+ name, dns_text_type(type));
+
+ /* Cut this out for various test programs */
+ #ifndef STAND_ALONE
++ if (try_again_recursion)
++ {
++ log_write(0, LOG_MAIN|LOG_PANIC,
++ "dns_again_means_nonexist recursion seen for %s (assuming nonexist)",
++ name);
++ return dns_fail_return(name, type, dns_expire_from_soa(dnsa, type), DNS_NOMATCH);
++ }
++
++ try_again_recursion = TRUE;
+ save_domain = deliver_domain;
+ deliver_domain = string_copy(name); /* set $domain */
+ rc = match_isinlist(name, CUSS &dns_again_means_nonexist, 0,
+ &domainlist_anchor, NULL, MCL_DOMAIN, TRUE, NULL);
+ deliver_domain = save_domain;
++ try_again_recursion = FALSE;
++
+ if (rc != OK)
+ {
+ DEBUG(D_dns) debug_printf("returning DNS_AGAIN\n");
+ return dns_fail_return(name, type, 0, DNS_AGAIN);
+ }
diff --git a/mail-mta/exim/files/exim-4.96-regex-use-after-free.patch b/mail-mta/exim/files/exim-4.96-regex-use-after-free.patch
new file mode 100644
index 000000000000..1ec6d9a4abd6
--- /dev/null
+++ b/mail-mta/exim/files/exim-4.96-regex-use-after-free.patch
@@ -0,0 +1,173 @@
+modified for Gentoo, removed Changelog due to conflicts
+
+From 4e9ed49f8f12eb331b29bd5b6dc3693c520fddc2 Mon Sep 17 00:00:00 2001
+From: Jeremy Harris <jgh146exb@wizmail.org>
+Date: Wed, 31 Aug 2022 15:37:40 +0100
+Subject: [PATCH] Fix $regex<n> use-after-free. Bug 2915
+
+---
+ doc/ChangeLog | 8 +++++++-
+ src/exim.c | 4 +---
+ src/expand.c | 2 +-
+ src/functions.h | 1 +
+ src/globals.c | 2 +-
+ src/regex.c | 29 ++++++++++++++++++-----------
+ src/smtp_in.c | 2 ++
+ test/confs/4002 | 10 ++++++++++
+ test/mail/4002.userx | 7 +++++++
+ test/scripts/4000-scanning/4002 | 7 +++++++
+ 10 files changed, 55 insertions(+), 17 deletions(-)
+
+--- a/src/exim.c
++++ b/src/exim.c
+@@ -1999,12 +1999,10 @@
+
+ regex_whitelisted_macro =
+ regex_must_compile(US"^[A-Za-z0-9_/.-]*$", FALSE, TRUE);
+ #endif
+
+-for (i = 0; i < REGEX_VARS; i++) regex_vars[i] = NULL;
+-
+ /* If the program is called as "mailq" treat it as equivalent to "exim -bp";
+ this seems to be a generally accepted convention, since one finds symbolic
+ links called "mailq" in standard OS configurations. */
+
+ if ((namelen == 5 && Ustrcmp(argv[0], "mailq") == 0) ||
+@@ -6082,11 +6080,11 @@
+ callout_address = NULL;
+ sending_ip_address = NULL;
+ deliver_localpart_data = deliver_domain_data =
+ recipient_data = sender_data = NULL;
+ acl_var_m = NULL;
+- for(int i = 0; i < REGEX_VARS; i++) regex_vars[i] = NULL;
++ regex_vars_clear();
+
+ store_reset(reset_point);
+ }
+
+ exim_exit(EXIT_SUCCESS); /* Never returns */
+--- a/src/expand.c
++++ b/src/expand.c
+@@ -1871,11 +1871,11 @@
+ {
+ tree_node * node = tree_search(router_var, name + 2);
+ return node ? node->data.ptr : strict_acl_vars ? NULL : US"";
+ }
+
+-/* Handle $auth<n> variables. */
++/* Handle $auth<n>, $regex<n> variables. */
+
+ if (Ustrncmp(name, "auth", 4) == 0)
+ {
+ uschar *endptr;
+ int n = Ustrtoul(name + 4, &endptr, 10);
+--- a/src/functions.h
++++ b/src/functions.h
+@@ -436,10 +436,11 @@
+ extern int regex(const uschar **);
+ #endif
+ extern BOOL regex_match(const pcre2_code *, const uschar *, int, uschar **);
+ extern BOOL regex_match_and_setup(const pcre2_code *, const uschar *, int, int);
+ extern const pcre2_code *regex_must_compile(const uschar *, BOOL, BOOL);
++extern void regex_vars_clear(void);
+ extern void retry_add_item(address_item *, uschar *, int);
+ extern BOOL retry_check_address(const uschar *, host_item *, uschar *, BOOL,
+ uschar **, uschar **);
+ extern retry_config *retry_find_config(const uschar *, const uschar *, int, int);
+ extern BOOL retry_ultimate_address_timeout(uschar *, const uschar *,
+--- a/src/globals.c
++++ b/src/globals.c
+@@ -1313,11 +1313,11 @@
+ #ifndef DISABLE_PIPE_CONNECT
+ const pcre2_code *regex_EARLY_PIPE = NULL;
+ #endif
+ const pcre2_code *regex_ismsgid = NULL;
+ const pcre2_code *regex_smtp_code = NULL;
+-const uschar *regex_vars[REGEX_VARS];
++const uschar *regex_vars[REGEX_VARS] = { 0 };;
+ #ifdef WHITELIST_D_MACROS
+ const pcre2_code *regex_whitelisted_macro = NULL;
+ #endif
+ #ifdef WITH_CONTENT_SCAN
+ uschar *regex_match_string = NULL;
+--- a/src/regex.c
++++ b/src/regex.c
+@@ -94,22 +94,32 @@
+ }
+ pcre2_match_data_free(md);
+ return FAIL;
+ }
+
++
++/* reset expansion variables */
++void
++regex_vars_clear(void)
++{
++regex_match_string = NULL;
++for (int i = 0; i < REGEX_VARS; i++) regex_vars[i] = NULL;
++}
++
++
++
+ int
+-regex(const uschar **listptr)
++regex(const uschar ** listptr)
+ {
+ unsigned long mbox_size;
+-FILE *mbox_file;
+-pcre_list *re_list_head;
+-uschar *linebuffer;
++FILE * mbox_file;
++pcre_list * re_list_head;
++uschar * linebuffer;
+ long f_pos = 0;
+ int ret = FAIL;
+
+-/* reset expansion variable */
+-regex_match_string = NULL;
++regex_vars_clear();
+
+ if (!mime_stream) /* We are in the DATA ACL */
+ {
+ if (!(mbox_file = spool_mbox(&mbox_size, NULL, NULL)))
+ { /* error while spooling */
+@@ -167,18 +177,17 @@
+
+
+ int
+ mime_regex(const uschar **listptr)
+ {
+-pcre_list *re_list_head = NULL;
+-FILE *f;
+-uschar *mime_subject = NULL;
++pcre_list * re_list_head = NULL;
++FILE * f;
++uschar * mime_subject = NULL;
+ int mime_subject_len = 0;
+ int ret;
+
+-/* reset expansion variable */
+-regex_match_string = NULL;
++regex_vars_clear();
+
+ /* precompile our regexes */
+ if (!(re_list_head = compile(*listptr)))
+ return FAIL; /* no regexes -> nothing to do */
+
+--- a/src/smtp_in.c
++++ b/src/smtp_in.c
+@@ -2155,12 +2155,14 @@
+ prdr_requested = FALSE;
+ #endif
+ #ifdef SUPPORT_I18N
+ message_smtputf8 = FALSE;
+ #endif
++regex_vars_clear();
+ body_linecount = body_zerocount = 0;
+
++lookup_value = NULL; /* Can be set by ACL */
+ sender_rate = sender_rate_limit = sender_rate_period = NULL;
+ ratelimiters_mail = NULL; /* Updated by ratelimit ACL condition */
+ /* Note that ratelimiters_conn persists across resets. */
+
+ /* Reset message ACL variables */
diff --git a/mail-mta/exim/files/exim-4.96-rewrite-malformed-addr-fix.patch b/mail-mta/exim/files/exim-4.96-rewrite-malformed-addr-fix.patch
new file mode 100644
index 000000000000..2d3363e7b6cf
--- /dev/null
+++ b/mail-mta/exim/files/exim-4.96-rewrite-malformed-addr-fix.patch
@@ -0,0 +1,42 @@
+modified for Gentoo, removed Changelog change due to conflicts
+
+From e7ec503729970a03d4509921342bc81313976126 Mon Sep 17 00:00:00 2001
+From: Jeremy Harris <jgh146exb@wizmail.org>
+Date: Tue, 12 Jul 2022 22:14:04 +0100
+Subject: [PATCH] Fix exit on attempt to rewrite a malformed address. Bug 2903
+
+---
+ doc/ChangeLog | 5 +
+ src/rewrite.c | 9 +-
+ test/confs/0471 | 7 +
+ test/log/0471 | 5 +
+ test/scripts/0000-Basic/0471 | 4 +-
+ test/stderr/0471 | 245 ++++++++++++++++++++++++++++++++++-
+ 6 files changed, 267 insertions(+), 8 deletions(-)
+
+--- a/src/rewrite.c
++++ b/src/rewrite.c
+@@ -493,19 +493,18 @@
+ empty address, overlong addres. Sometimes the result matters, sometimes not.
+ It seems this function is called for *any* header we see. */
+
+ if (!recipient)
+ {
+- /* Handle unparesable addresses in the header. Slightly ugly because a
++ /* Log unparesable addresses in the header. Slightly ugly because a
+ null output from the extract can also result from a header without an
+- address, "To: undisclosed recpients:;" being the classic case. */
++ address, "To: undisclosed recpients:;" being the classic case. Ignore
++ this one and carry on. */
+
+ if ((rewrite_rules || routed_old) && Ustrcmp(errmess, "empty address") != 0)
+- {
+ log_write(0, LOG_MAIN, "rewrite: %s", errmess);
+- exim_exit(EXIT_FAILURE);
+- }
++
+ loop_reset_point = store_reset(loop_reset_point);
+ continue;
+ }
+
+ /* If routed_old is not NULL, this is a rewrite caused by a router,
diff --git a/mail-mta/exim/files/exim-4.96-spf-memory-error-fix.patch b/mail-mta/exim/files/exim-4.96-spf-memory-error-fix.patch
new file mode 100644
index 000000000000..e474acf6f54d
--- /dev/null
+++ b/mail-mta/exim/files/exim-4.96-spf-memory-error-fix.patch
@@ -0,0 +1,25 @@
+From 93c722ce0549360af68269f088f4e59ed8fc130e Mon Sep 17 00:00:00 2001
+From: Jeremy Harris <jgh146exb@wizmail.org>
+Date: Sun, 7 Aug 2022 17:00:27 +0100
+Subject: [PATCH] SPF: fix memory accounting for error case
+
+---
+ src/spf.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/spf.c b/src/spf.c
+index db6eea3a8..a8c0f75c4 100644
+--- a/src/spf.c
++++ b/src/spf.c
+@@ -204,7 +204,7 @@ spf_nxdomain = SPF_dns_rr_new_init(spf_dns_server,
+ "", ns_t_any, 24 * 60 * 60, HOST_NOT_FOUND);
+ if (!spf_nxdomain)
+ {
+- free(spf_dns_server);
++ store_free(spf_dns_server);
+ return NULL;
+ }
+
+--
+2.35.1
+
diff --git a/mail-mta/exim/files/exim-4.96-transport-crash.patch b/mail-mta/exim/files/exim-4.96-transport-crash.patch
new file mode 100644
index 000000000000..913fbf2d0918
--- /dev/null
+++ b/mail-mta/exim/files/exim-4.96-transport-crash.patch
@@ -0,0 +1,27 @@
+modified for Gentoo, removed Changelog
+
+From a8786a66feb3c003c74551399b345b1634cc6739 Mon Sep 17 00:00:00 2001
+From: Jeremy Harris <jgh146exb@wizmail.org>
+Date: Thu, 4 May 2023 15:41:46 +0100
+Subject: [PATCH 1/3] Fix variable initialisation in smtp transport. Bug 2996
+
+---
+ doc/ChangeLog | 8 ++++++++
+ src/transports/smtp.c | 2 +-
+ 2 files changed, 9 insertions(+), 1 deletion(-)
+
+--- a/src/transports/smtp.c
++++ b/src/transports/smtp.c
+@@ -4950,11 +4950,11 @@ Returns: nothing
+ void
+ smtp_transport_closedown(transport_instance *tblock)
+ {
+ smtp_transport_options_block * ob = SOB tblock->options_block;
+ client_conn_ctx cctx;
+-smtp_context sx;
++smtp_context sx = {0};
+ uschar buffer[256];
+ uschar inbuffer[4096];
+ uschar outbuffer[16];
+
+ /*XXX really we need an active-smtp-client ctx, rather than assuming stdout */
^ permalink raw reply related [flat|nested] 24+ messages in thread
* [gentoo-commits] repo/gentoo:master commit in: mail-mta/exim/files/, mail-mta/exim/
@ 2023-11-07 20:47 Fabian Groffen
0 siblings, 0 replies; 24+ messages in thread
From: Fabian Groffen @ 2023-11-07 20:47 UTC (permalink / raw
To: gentoo-commits
commit: 188612161131269127746a5e43c8df0a7f48a171
Author: Fabian Groffen <grobian <AT> gentoo <DOT> org>
AuthorDate: Tue Nov 7 20:46:36 2023 +0000
Commit: Fabian Groffen <grobian <AT> gentoo <DOT> org>
CommitDate: Tue Nov 7 20:46:52 2023 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=18861216
mail-mta/exim-4.97: version bump
Signed-off-by: Fabian Groffen <grobian <AT> gentoo.org>
mail-mta/exim/Manifest | 2 +
mail-mta/exim/exim-4.97.ebuild | 633 +++++++++++++++++++++
.../exim/files/exim-4.97-as-needed-ldflags.patch | 145 +++++
.../exim/files/exim-4.97-localscan_dlopen.patch | 209 +++++++
.../exim/files/exim-4.97-no-exim_id_update.patch | 13 +
5 files changed, 1002 insertions(+)
diff --git a/mail-mta/exim/Manifest b/mail-mta/exim/Manifest
index c253fa5f9734..1ad7d2a61766 100644
--- a/mail-mta/exim/Manifest
+++ b/mail-mta/exim/Manifest
@@ -3,8 +3,10 @@ DIST exim-4.96-gentoo-patches-r0.tar.xz 13308 BLAKE2B e01cd8b90593329d858cced27b
DIST exim-4.96.1.tar.xz 1879404 BLAKE2B fc6425be41ef7722f7d7b6b541c01774a4bafe55ca38152dc3fbb837e00ea52fabc39a42fcbf0500f4e0eda40deec3cbb0d746da9700a4a615f9ee4869e325c5 SHA512 ef1a0e57c59cdf4e915b3ac5dcdbc69f565b14dd92b0527f6796b2c46a9ec34f991f9790fb4171c99417f7e482cdd62d77e780cc71fab227c8bed876103f7fdd
DIST exim-4.96.2.tar.xz 1879896 BLAKE2B f172340e5f896dc1996e4e3cf46515c2336c47d3390524ca91cb9ef7258a62b83426592de582aa792584cbeaace519b4edea5e62b3ebeb8e5f599379255e04a5 SHA512 dc9f6a114e64ac826489edff88d50a24195b64714428e691c10a7bfb119b3ebb6455bf80cbb34dfd0a4e2e44cbde72effb009357a8e0a6065e512fe32092e3ed
DIST exim-4.96.tar.xz 1879152 BLAKE2B 4b424f2ebc661bd0db35d7f6da86300c6d5cb5b9a52cddd24fdd452daa76c84e471d4f8f278cf951d1503b01fd46fc3e6858d6feded09f34253d2cf2ae99b45a SHA512 6b863661465a0b9897c1b71875c5196a1903cf560dd85de45b08242b9731edb2bc10eb56945d62e477e5d15cc7a8d493915bff2ca81689673a8091c66f62c89e
+DIST exim-4.97.tar.xz 1909536 BLAKE2B b0f09d5f162853996976c222786de14e2104acdf01fd61da486f59f4cf8af1182cdfb7ea31fd55ccfd9c57256e7f442dc1b46727e08fe2eca82a296ac4ae7899 SHA512 b28cbb49fa7e143dfcc94e004d57cf98a1945013e676cd103c1ee4cf52933d49d378baa13bea2663353dba97745d6b2ab8b7b66cde870788a2d85d7abd716968
DIST exim-pdf-4.94.2.tar.xz 2092248 BLAKE2B 973ab4f117fdb58afa017bc41b4496fac1277e707a9926d67317c455b0bd617021c17cba6c8d793d8962aacef12c0790d5add7174017512b7b1ea070f8e8533d SHA512 3a661f69d81a992798d4b7e5b7def7cfffa297a7b3c02a6631be426cefff5a6e8783fa322a1bd105d01f7b06968d01e77963e6ab7be3157f63eb62eb6ff172b0
DIST exim-pdf-4.96.1.tar.xz 2132252 BLAKE2B 7e6d756630211b6465f9162c7a6b461774b3999ad8c3c1ace157a39b7e07f86644d206c5687991b6098aec47445319def44ddb2895b2a16146f6abd1c11d47a6 SHA512 d39ee2f9a05326809a6e8454a108d717838dacfa42c2cade72f5937b1b44d70e70152fa75f4b4e9548cd4198d54f8a8c1323e14d7d1f9a0a23c99a53db1001b0
DIST exim-pdf-4.96.2.tar.xz 2132268 BLAKE2B 9104d42d742e7152d166b6158a6f060d0a29143b11e5064ecda177ead59ac66a9bb6ab3575e5bcaf7af5b49964d29b841285e67184592a8b64bab6099f4c8ac9 SHA512 c35eea4ab5510bba50d22813b28c9d2f5e4e2fed76993693b997f2090024dde674d58dffe044cb64642bf57b83fcae3bfc3dbcae43288fae11692ee49374df74
DIST exim-pdf-4.96.tar.xz 2137468 BLAKE2B 7f61767f91864c43a3b7b6ca36ec7f41da6ad7029687a38cfa9307c444c2ffbd3eb61d45645ffd20ec16ba64a37e1ff08c02e7e4e36499c7783679af9a399081 SHA512 05e94579631656330d95d237c58bc9fd52229a067c5846e7c3409b4c83040c9216819bcb0090673d9991fd59e2c2025340592b31b241b557c6775782106854d1
+DIST exim-pdf-4.97.tar.xz 2136852 BLAKE2B df188e658e9e86d1b651d12b29e8a440677d75cc0384bab829323582a3a89b62f34e504b759ef2824b7735056696aed6ac33a4ca10a74fc5bc036f150caaac12 SHA512 defd1e7d823f4eadd2afe426d9105a395421824a1b1941b97bfda408905bdd105b5c219b713e15506d25d98fa48e965228f8daab286dc1be14a387f567c0b58b
DIST system_filter.exim.gz 3075 BLAKE2B d05e872b5cef377d29126cda03fc0a74c8777b2119b76ff43da6e8de808035eb9bfcb034a85d81824f135d484e864bfc0629fc1af2c228a7277d5ee7cf9cde79 SHA512 cb358d3ce2499a0bb5920d962a06f2af8486e55ec90c8c928bd8e3aefb279aa57f5f960d5adfcef68bd94110b405eaa144e9629cfe6014a529c79c544600bbf3
diff --git a/mail-mta/exim/exim-4.97.ebuild b/mail-mta/exim/exim-4.97.ebuild
new file mode 100644
index 000000000000..93fa8745430f
--- /dev/null
+++ b/mail-mta/exim/exim-4.97.ebuild
@@ -0,0 +1,633 @@
+# Copyright 1999-2023 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI="7"
+
+inherit db-use toolchain-funcs pam systemd
+
+IUSE="arc berkdb +dane dcc +dkim dlfunc dmarc +dnsdb doc dovecot-sasl
+dsn gdbm gnutls idn ipv6 ldap lmtp maildir mbx
+mysql nis pam perl pkcs11 postgres +prdr proxy radius redis sasl selinux
+socks5 spf sqlite srs +ssl syslog tdb tcpd +tpda X"
+REQUIRED_USE="
+ arc? ( dkim spf )
+ dane? ( ssl !gnutls )
+ dmarc? ( dkim spf )
+ dkim? ( ssl !gnutls )
+ gnutls? ( ssl )
+ pkcs11? ( ssl )
+ || ( berkdb gdbm tdb )
+"
+# NOTE on USE="gnutls dane", gnutls[dane] is masked in base, unmasked
+# for x86 and amd64 only, due to this, repoman won't allow depending on
+# gnutls[dane] for all else. Because we cannot express USE=dane when
+# USE=gnutls is in effect only in package.use.mask, the only option we
+# have left is to a) ignore the dependency (but that results in bug
+# #661164) or b) mask the usage of USE=dane with USE=gnutls. Both are
+# incorrect, but b) is the only "correct" view from repoman.
+# We cannot express a required use for berkdb/gdbm/tdb correctly because
+# berkdb and gdbm are both enabled in base profile
+
+SDIR=$([[ ${PV} == *_rc* ]] && echo /test
+ [[ ${PV} == *.*.*.* ]] && echo /fixes)
+COMM_URI="https://downloads.exim.org/exim4${SDIR}"
+
+GPV="r0"
+DESCRIPTION="A highly configurable, drop-in replacement for sendmail"
+SRC_URI="${COMM_URI}/${P//_rc/-RC}.tar.xz
+ mirror://gentoo/system_filter.exim.gz
+ doc? ( ${COMM_URI}/${PN}-pdf-${PV//_rc/-RC}.tar.xz )"
+HOMEPAGE="https://www.exim.org/"
+
+SLOT="0"
+LICENSE="GPL-2"
+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~ppc ~ppc64 ~sparc ~x86"
+
+COMMON_DEPEND=">=sys-apps/sed-4.0.5
+ dev-libs/libpcre2:=
+ tdb? ( sys-libs/tdb:= )
+ !tdb? ( berkdb? ( >=sys-libs/db-3.2:= <sys-libs/db-6:= ) )
+ !tdb? ( !berkdb? ( sys-libs/gdbm:= ) )
+ idn? ( net-dns/libidn:= net-dns/libidn2:= )
+ perl? ( dev-lang/perl:= )
+ pam? ( sys-libs/pam )
+ tcpd? ( sys-apps/tcp-wrappers )
+ ssl? (
+ gnutls? (
+ net-libs/gnutls:0=[pkcs11?]
+ dev-libs/libtasn1
+ )
+ !gnutls? (
+ dev-libs/openssl:0=
+ )
+ )
+ ldap? ( >=net-nds/openldap-2.0.7:= )
+ elibc_glibc? (
+ net-libs/libnsl:=
+ nis? (
+ net-libs/libtirpc:=
+ >=net-libs/libnsl-1:=
+ )
+ )
+ mysql? ( dev-db/mysql-connector-c:= )
+ postgres? ( dev-db/postgresql:= )
+ sasl? ( >=dev-libs/cyrus-sasl-2.1.26-r2 )
+ redis? ( dev-libs/hiredis:= )
+ spf? ( >=mail-filter/libspf2-1.2.5-r1 )
+ dmarc? ( mail-filter/opendmarc:= )
+ X? (
+ x11-libs/libX11
+ x11-libs/libXmu
+ x11-libs/libXt
+ x11-libs/libXaw
+ )
+ sqlite? ( dev-db/sqlite )
+ radius? ( net-dialup/freeradius-client )
+ virtual/libcrypt:=
+ virtual/libiconv
+ "
+ # added X check for #57206
+BDEPEND="virtual/pkgconfig"
+DEPEND="${COMMON_DEPEND}"
+RDEPEND="${COMMON_DEPEND}
+ !mail-mta/courier
+ !mail-mta/esmtp
+ !mail-mta/msmtp[mta]
+ !mail-mta/netqmail
+ !mail-mta/nullmailer
+ !mail-mta/postfix
+ !mail-mta/sendmail
+ !mail-mta/opensmtpd
+ !mail-mta/ssmtp[mta]
+ >=net-mail/mailbase-0.00-r5
+ virtual/logger
+ dcc? ( mail-filter/dcc )
+ selinux? ( sec-policy/selinux-exim )
+ "
+
+S=${WORKDIR}/${P//_rc/-RC}
+
+src_prepare() {
+ # Legacy patches which need a respin for -p1
+ eapply -p0 "${FILESDIR}"/exim-4.14-tail.patch
+ eapply -p0 "${FILESDIR}"/exim-4.74-radius-db-ENV-clash.patch # 287426
+ eapply "${FILESDIR}"/exim-4.97-as-needed-ldflags.patch # 352265, 391279
+ eapply -p0 "${FILESDIR}"/exim-4.76-crosscompile.patch # 266591
+ eapply "${FILESDIR}"/exim-4.69-r1.27021.patch
+ eapply "${FILESDIR}"/exim-4.97-localscan_dlopen.patch
+ eapply "${FILESDIR}"/exim-4.97-no-exim_id_update.patch
+
+ # oddity, they disable berkdb as hack, and then throw an error when
+ # berkdb isn't enabled
+ sed -i \
+ -e 's/_DB_/_DONTMESS_/' \
+ -e 's/define DB void/define DONTMESS void/' \
+ src/auths/call_radius.c || die
+
+ if use maildir ; then
+ eapply "${FILESDIR}"/exim-4.94-maildir.patch
+ else
+ eapply -p0 "${FILESDIR}"/exim-4.80-spool-mail-group.patch # 438606
+ fi
+
+ eapply_user
+
+ # user Exim believes it should be
+ MAILUSER=mail
+ MAILGROUP=mail
+ if use prefix && [[ ${EUID} != 0 ]] ; then
+ MAILUSER=$(id -un)
+ MAILGROUP=$(id -gn)
+ fi
+}
+
+src_configure() {
+ # general config and paths
+
+ local aliases="${EPREFIX}/etc/mail/aliases"
+ sed -i \
+ -e "/SYSTEM_ALIASES_FILE/s'SYSTEM_ALIASES_FILE'${aliases}'" \
+ src/configure.default || die
+
+ sed -i -e 's/^buildname=.*/buildname=exim-gentoo/' Makefile || die
+
+ if use elibc_musl; then
+ sed -i -e 's/^LIBS = -lnsl/LIBS =/g' OS/Makefile-Linux || die
+ fi
+
+ local conffile="${EPREFIX}/etc/exim/exim.conf"
+ sed -e "48i\CFLAGS=${CFLAGS}" \
+ -e "s:BIN_DIRECTORY=/usr/exim/bin:BIN_DIRECTORY=${EPREFIX}/usr/sbin:" \
+ -e "s;EXIM_USER=;EXIM_USER=ref:${MAILUSER};" \
+ -e "s:CONFIGURE_FILE=.*$:CONFIGURE_FILE=${conffile}:" \
+ -e "s:ZCAT_COMMAND=.*$:ZCAT_COMMAND=${EPREFIX}/bin/zcat:" \
+ -e "s:COMPRESS_COMMAND=.*$:COMPRESS_COMMAND=${EPREFIX}/bin/gzip:" \
+ src/EDITME > Local/Makefile || die
+
+ # work on Local/Makefile from now on
+ cd Local
+
+ cat >> Makefile <<- EOC
+ INFO_DIRECTORY=${EPREFIX}/usr/share/info
+ PID_FILE_PATH=${EPREFIX}/run/exim.pid
+ SPOOL_DIRECTORY=${EPREFIX}/var/spool/exim
+ HAVE_ICONV=yes
+ WITH_CONTENT_SCAN=yes
+ EOC
+
+ # configure db implementation, Exim always needs one for its hints
+ # database, we prefer tdb and gdbm, since bdb is kind of getting
+ # less and less support
+ if use tdb ; then
+ cat >> Makefile <<- EOC
+ USE_TDB=yes
+ DBMLIB = -ltdb
+ EOC
+ sed -i -e 's:^USE_DB=yes:# USE_DB=yes:' Makefile || die
+ sed -i -e 's:^USE_GDBM=yes:# USE_GDBM=yes:' Makefile || die
+ elif use gdbm ; then
+ cat >> Makefile <<- EOC
+ USE_GDBM=yes
+ DBMLIB = -lgdbm
+ EOC
+ sed -i -e 's:^USE_DB=yes:# USE_DB=yes:' Makefile || die
+ sed -i -e 's:^USE_TDB=yes:# USE_TDB=yes:' Makefile || die
+ else # must be berkdb via required_use
+ # use the "native" interfaces to the DBM and CDB libraries, support
+ # passwd and directory lookups by default
+ local DB_VERS="5.3 5.1 4.8 4.7 4.6 4.5 4.4 4.3 4.2 3.2"
+ cat >> Makefile <<- EOC
+ USE_DB=yes
+ # keep include in CFLAGS because exim.h -> dbstuff.h -> db.h
+ CFLAGS += -I$(db_includedir ${DB_VERS})
+ DBMLIB = -l$(db_libname ${DB_VERS})
+ EOC
+ sed -i -e 's:^USE_GDBM=yes:# USE_GDBM=yes:' Makefile || die
+ sed -i -e 's:^USE_TDB=yes:# USE_TDB=yes:' Makefile || die
+ fi
+
+ # if we use libiconv, now is the time to tell so
+ if use !elibc_glibc && use !elibc_musl ; then
+ cat >> Makefile <<- EOC
+ EXTRALIBS_EXIM=-liconv
+ EOC
+ fi
+
+ # support for IPv6
+ if use ipv6; then
+ cat >> Makefile <<- EOC
+ HAVE_IPV6=YES
+ EOC
+ fi
+
+ # support i18n/IDNA
+ if use idn; then
+ cat >> Makefile <<- EOC
+ SUPPORT_I18N=yes
+ SUPPORT_I18N_2008=yes
+ EXTRALIBS_EXIM += -lidn -lidn2
+ EOC
+ fi
+
+ #
+ # mail storage formats
+ #
+
+ # mailstore is Exim's traditional storage format
+ cat >> Makefile <<- EOC
+ SUPPORT_MAILSTORE=yes
+ EOC
+
+ # mbox
+ if use mbx; then
+ cat >> Makefile <<- EOC
+ SUPPORT_MBX=yes
+ EOC
+ fi
+
+ # maildir
+ if use maildir; then
+ cat >> Makefile <<- EOC
+ SUPPORT_MAILDIR=yes
+ EOC
+ fi
+
+ #
+ # lookup methods
+ #
+
+ # support passwd and directory lookups by default
+ cat >> Makefile <<- EOC
+ LOOKUP_CDB=yes
+ LOOKUP_PASSWD=yes
+ LOOKUP_DSEARCH=yes
+ EOC
+
+ if ! use dnsdb; then
+ # DNSDB lookup is enabled by default
+ sed -i -e 's:^LOOKUP_DNSDB=yes:# LOOKUP_DNSDB=yes:' Makefile || die
+ fi
+
+ if use ldap; then
+ cat >> Makefile <<- EOC
+ LOOKUP_LDAP=yes
+ LDAP_LIB_TYPE=OPENLDAP2
+ LOOKUP_INCLUDE += -I"${EPREFIX}"/usr/include/ldap
+ LOOKUP_LIBS += -lldap -llber
+ EOC
+ fi
+
+ if use mysql; then
+ cat >> Makefile <<- EOC
+ LOOKUP_MYSQL=yes
+ LOOKUP_INCLUDE += $(mysql_config --include)
+ LOOKUP_LIBS += $(mysql_config --libs)
+ EOC
+ fi
+
+ if use nis; then
+ cat >> Makefile <<- EOC
+ LOOKUP_NIS=yes
+ LOOKUP_NISPLUS=yes
+ EOC
+ if use elibc_glibc ; then
+ cat >> Makefile <<- EOC
+ LOOKUP_INCLUDE += -I"${EPREFIX}"/usr/include/tirpc
+ LOOKUP_LIBS += -lnsl
+ EOC
+ fi
+ fi
+
+ if use postgres; then
+ cat >> Makefile <<- EOC
+ LOOKUP_PGSQL=yes
+ LOOKUP_INCLUDE += -I$(pg_config --includedir)
+ LOOKUP_LIBS += -L$(pg_config --libdir) -lpq
+ EOC
+ fi
+
+ if use sqlite; then
+ cat >> Makefile <<- EOC
+ LOOKUP_SQLITE=yes
+ LOOKUP_SQLITE_PC=sqlite3
+ EOC
+ fi
+
+ if use redis; then
+ cat >> Makefile <<- EOC
+ LOOKUP_REDIS=yes
+ LOOKUP_LIBS += -lhiredis
+ EOC
+ fi
+
+ # Exim monitor, enabled by default, controlled via X USE-flag,
+ # disable if not requested, bug #46778
+ if use X; then
+ cp ../exim_monitor/EDITME eximon.conf || die
+ cat >> Makefile <<- EOC
+ EXIM_MONITOR=eximon.bin
+ EOC
+ fi
+
+ #
+ # features
+ #
+
+ # DomainKeys Identified Mail, RFC4871
+ if ! use dkim; then
+ # DKIM is enabled by default
+ cat >> Makefile <<- EOC
+ DISABLE_DKIM=yes
+ EOC
+ fi
+
+ # Per-Recipient-Data-Response
+ if ! use prdr; then
+ # PRDR is enabled by default
+ cat >> Makefile <<- EOC
+ DISABLE_PRDR=yes
+ EOC
+ fi
+
+ # Transport post-delivery actions
+ if use !tpda && use !dane; then
+ # EVENT is enabled by default
+ cat >> Makefile <<- EOC
+ DISABLE_EVENT=yes
+ EOC
+ fi
+
+ # log to syslog
+ if use syslog; then
+ local eximlog="${EPREFIX}/var/log/exim/exim_%s.log"
+ sed -i \
+ -e "s:LOG_FILE_PATH=${eximlog}:LOG_FILE_PATH=syslog:" \
+ Makefile || die
+ cat >> Makefile <<- EOC
+ LOG_FILE_PATH=syslog
+ EOC
+ else
+ cat >> Makefile <<- EOC
+ LOG_FILE_PATH=${EPREFIX}/var/log/exim/exim_%s.log
+ EOC
+ fi
+
+ # starttls support (ssl)
+ if use ssl; then
+ if use gnutls; then
+ echo "USE_GNUTLS=yes" >> Makefile
+ echo "USE_GNUTLS_PC=gnutls $(use dane && echo gnutls-dane)" \
+ >> Makefile
+ use pkcs11 || echo "AVOID_GNUTLS_PKCS11=yes" >> Makefile
+ else
+ echo "USE_OPENSSL=yes" >> Makefile
+ echo "USE_OPENSSL_PC=openssl" >> Makefile
+ fi
+ else
+ echo "DISABLE_TLS=yes" >> Makefile
+ fi
+
+ # TCP wrappers
+ if use tcpd; then
+ cat >> Makefile <<- EOC
+ USE_TCP_WRAPPERS=yes
+ EXTRALIBS_EXIM += -lwrap
+ EOC
+ fi
+
+ # Light Mail Transport Protocol
+ if use lmtp; then
+ cat >> Makefile <<- EOC
+ TRANSPORT_LMTP=yes
+ EOC
+ fi
+
+ # embedded Perl
+ if use perl; then
+ cat >> Makefile <<- EOC
+ EXIM_PERL=perl.o
+ EOC
+ fi
+
+ # dlfunc
+ if use dlfunc; then
+ cat >> Makefile <<- EOC
+ EXPAND_DLFUNC=yes
+ HAVE_LOCAL_SCAN=yes
+ DLOPEN_LOCAL_SCAN=yes
+ EOC
+ fi
+
+ # Proxy Protocol
+ if use proxy; then
+ cat >> Makefile <<- EOC
+ SUPPORT_PROXY=yes
+ EOC
+ fi
+
+ # SOCKS5 (outbound) proxy support
+ if use socks5; then
+ cat >> Makefile <<- EOC
+ SUPPORT_SOCKS=yes
+ EOC
+ fi
+
+ # DANE
+ if use !dane; then
+ # DANE is enabled by default
+ sed -i -e 's:^SUPPORT_DANE=yes:# SUPPORT_DANE=yes:' Makefile || die
+ fi
+
+ # DMARC
+ if use dmarc; then
+ cat >> Makefile <<- EOC
+ SUPPORT_DMARC=yes
+ EXTRALIBS_EXIM += -lopendmarc
+ EOC
+ fi
+
+ # Sender Policy Framework
+ if use spf; then
+ cat >> Makefile <<- EOC
+ SUPPORT_SPF=yes
+ EXTRALIBS_EXIM += -lspf2
+ EOC
+ fi
+
+ #
+ # experimental features
+ #
+
+ # Authenticated Receive Chain
+ if use arc; then
+ echo "EXPERIMENTAL_ARC=yes">> Makefile
+ fi
+
+ # Distributed Checksum Clearinghouse
+ if use dcc; then
+ echo "EXPERIMENTAL_DCC=yes">> Makefile
+ fi
+
+ # Sender Rewriting Scheme
+ if use srs; then
+ # this one is the default/supported variant since 4.95, and the
+ # only variant available since 4.96
+ cat >> Makefile <<- EOC
+ SUPPORT_SRS=yes
+ EOC
+ fi
+
+ # Delivery Sender Notifications extra information in fail message
+ if use dsn; then
+ cat >> Makefile <<- EOC
+ EXPERIMENTAL_DSN_INFO=yes
+ EOC
+ fi
+
+ #
+ # authentication (SMTP AUTH)
+ #
+
+ # standard bits
+ cat >> Makefile <<- EOC
+ AUTH_SPA=yes
+ AUTH_CRAM_MD5=yes
+ AUTH_PLAINTEXT=yes
+ EOC
+
+ # Cyrus SASL
+ if use sasl; then
+ cat >> Makefile <<- EOC
+ CYRUS_SASLAUTHD_SOCKET=${EPREFIX}/run/saslauthd/mux
+ AUTH_CYRUS_SASL=yes
+ AUTH_LIBS += -lsasl2
+ EOC
+ fi
+
+ # Dovecot
+ if use dovecot-sasl; then
+ cat >> Makefile <<- EOC
+ AUTH_DOVECOT=yes
+ EOC
+ fi
+
+ # Pluggable Authentication Modules
+ if use pam; then
+ cat >> Makefile <<- EOC
+ SUPPORT_PAM=yes
+ AUTH_LIBS += -lpam
+ EOC
+ fi
+
+ # Radius
+ if use radius; then
+ cat >> Makefile <<- EOC
+ RADIUS_CONFIG_FILE=${EPREFIX}/etc/radiusclient/radiusclient.conf
+ RADIUS_LIB_TYPE=RADIUSCLIENTNEW
+ AUTH_LIBS += -lfreeradius-client
+ EOC
+ fi
+}
+
+src_compile() {
+ emake CC="$(tc-getCC)" HOSTCC="$(tc-getBUILD_CC)" \
+ AR="$(tc-getAR) cq" RANLIB="$(tc-getRANLIB)" FULLECHO=''
+}
+
+src_install() {
+ cd "${S}"/build-exim-gentoo || die
+ dosbin exim
+ if use X; then
+ dosbin eximon.bin
+ dosbin eximon
+ fi
+ fperms 4755 /usr/sbin/exim
+
+ dosym exim /usr/sbin/sendmail
+ dosym exim /usr/sbin/rsmtp
+ dosym exim /usr/sbin/rmail
+ dosym ../sbin/exim /usr/bin/mailq
+ dosym ../sbin/exim /usr/bin/newaliases
+ dosym ../sbin/sendmail /usr/lib/sendmail
+
+ for i in exicyclog exim_dbmbuild exim_dumpdb exim_fixdb exim_lock \
+ exim_tidydb exinext exiwhat exigrep eximstats exiqsumm exiqgrep \
+ convert4r3 convert4r4 exipick
+ do
+ dosbin $i
+ done
+
+ dodoc -r "${S}"/doc/.
+ doman "${S}"/doc/exim.8
+ use dsn && dodoc "${S}"/README.DSN
+ use doc && dodoc "${WORKDIR}"/${PN}-pdf-${PV//rc/RC}/doc/*.pdf
+
+ # conf files
+ insinto /etc/exim
+ newins "${S}"/src/configure.default exim.conf.dist
+ doins "${WORKDIR}"/system_filter.exim
+ doins "${FILESDIR}"/auth_conf.sub
+
+ if use pam; then
+ pamd_mimic system-auth exim auth account
+ fi
+
+ # headers, #436406
+ if use dlfunc ; then
+ # fixup includes so they actually can be found when including
+ sed -i \
+ -e '/#include "\(config\|store\|mytypes\).h"/s:"\(.\+\)":<exim/\1>:' \
+ local_scan.h || die
+ insinto /usr/include/exim
+ doins {config,local_scan}.h ../src/{mytypes,store}.h
+ fi
+
+ insinto /etc/logrotate.d
+ newins "${FILESDIR}/exim.logrotate" exim
+
+ newinitd "${FILESDIR}"/exim.rc10 exim
+ newconfd "${FILESDIR}"/exim.confd exim
+
+ systemd_dounit \
+ "${FILESDIR}"/{exim.service,exim.socket,exim-submission.socket}
+ systemd_newunit \
+ "${FILESDIR}"/exim_at.service 'exim@.service'
+ systemd_newunit \
+ "${FILESDIR}"/exim-submission_at.service 'exim-submission@.service'
+
+ diropts -m 0750 -o ${MAILUSER} -g ${MAILGROUP}
+ keepdir /var/log/${PN}
+}
+
+pkg_postinst() {
+ if [[ ! -f ${EROOT}/etc/exim/exim.conf ]] ; then
+ einfo "${EROOT}/etc/exim/system_filter.exim is a sample system_filter."
+ einfo "${EROOT}/etc/exim/auth_conf.sub contains the configuration sub"
+ einfo "for using smtp auth."
+ einfo "Please create ${EROOT}/etc/exim/exim.conf from"
+ einfo " ${EROOT}/etc/exim/exim.conf.dist."
+ fi
+ if use berkdb && ( use gdbm || use tdb ) ; then
+ ewarn "USE=berkdb is ignored because USE=gdbm or USE=tdb is enabled!"
+ fi
+ if use dmarc ; then
+ einfo "DMARC support requires ${EROOT}/etc/exim/opendmarc.tlds"
+ einfo "you can populate this file with the contents downloaded from"
+ einfo " https://publicsuffix.org/list/public_suffix_list.dat"
+ fi
+ if use dcc ; then
+ einfo "DCC support is experimental, you can find some limited"
+ einfo "documentation at the bottom of this prerelease message:"
+ einfo " http://article.gmane.org/gmane.mail.exim.devel/3579"
+ fi
+ if use srs; then
+ einfo "SRS support using libsrs_alt was dropped in this"
+ einfo "release of Exim, you are now using the native SRS implementation"
+ fi
+ use dsn && einfo "extra information in fail DSN message is experimental"
+ einfo
+ elog "Note that this release contains a tainted variable check that"
+ elog "is likely to break your configuration used with Exim 4.93 and before."
+ elog "Please check your transports for occurences of \$local_part, and"
+ elog "use a replacement like \$local_part_data where possible."
+}
diff --git a/mail-mta/exim/files/exim-4.97-as-needed-ldflags.patch b/mail-mta/exim/files/exim-4.97-as-needed-ldflags.patch
new file mode 100644
index 000000000000..616f05484525
--- /dev/null
+++ b/mail-mta/exim/files/exim-4.97-as-needed-ldflags.patch
@@ -0,0 +1,145 @@
+https://bugs.gentoo.org/show_bug.cgi?id=352265
+
+Make sure LDFLAGS comes first, such that all libraries are considered,
+and not discarded when --as-needed is in effect.
+
+https://bugs.gentoo.org/show_bug.cgi?id=391279
+
+Use LDFLAGS for all targets, not just the exim binary, such that
+--as-needed works as well.
+
+
+--- a/OS/Makefile-Base
++++ b/OS/Makefile-Base
+@@ -552,12 +552,12 @@
+ buildrouters buildtransports \
+ $(OBJ_EXIM) version.o
+ @echo "$(LNCC) -o exim"
+- $(FE)$(PURIFY) $(LNCC) -o exim $(LFLAGS) $(OBJ_EXIM) version.o \
++ $(FE)$(PURIFY) $(LNCC) -o exim $(LDFLAGS) $(OBJ_EXIM) version.o \
+ routers/routers.a transports/transports.a lookups/lookups.a \
+ auths/auths.a pdkim/pdkim.a \
+ $(LIBRESOLV) $(LIBS) $(LIBS_EXIM) $(IPV6_LIBS) $(EXTRALIBS) \
+ $(EXTRALIBS_EXIM) $(DBMLIB) $(LOOKUP_LIBS) $(AUTH_LIBS) \
+- $(PERL_LIBS) $(TLS_LIBS) $(PCRE_LIBS) $(LDFLAGS)
++ $(PERL_LIBS) $(TLS_LIBS) $(PCRE_LIBS) $(LFLAGS)
+ @if [ x"$(STRIP_COMMAND)" != x"" ]; then \
+ echo $(STRIP_COMMAND) exim; \
+ $(STRIP_COMMAND) exim; \
+@@ -573,8 +573,8 @@
+
+ exim_dumpdb: $(OBJ_DUMPDB)
+ @echo "$(LNCC) -o exim_dumpdb"
+- $(FE)$(LNCC) $(CFLAGS) $(INCLUDE) -o exim_dumpdb $(LFLAGS) $(OBJ_DUMPDB) \
+- $(LIBS) $(EXTRALIBS) $(DBMLIB)
++ $(FE)$(LNCC) $(CFLAGS) $(INCLUDE) -o exim_dumpdb $(LDFLAGS) $(OBJ_DUMPDB) \
++ $(LIBS) $(EXTRALIBS) $(DBMLIB) $(LFLAGS)
+ @if [ x"$(STRIP_COMMAND)" != x"" ]; then \
+ echo $(STRIP_COMMAND) exim_dumpdb; \
+ $(STRIP_COMMAND) exim_dumpdb; \
+@@ -588,8 +588,8 @@
+
+ exim_fixdb: $(OBJ_FIXDB)
+ @echo "$(LNCC) -o exim_fixdb"
+- $(FE)$(LNCC) $(CFLAGS) $(INCLUDE) -o exim_fixdb $(LFLAGS) $(OBJ_FIXDB) \
+- $(LIBS) $(EXTRALIBS) $(DBMLIB)
++ $(FE)$(LNCC) $(CFLAGS) $(INCLUDE) -o exim_fixdb $(LDFLAGS) $(OBJ_FIXDB) \
++ $(LIBS) $(EXTRALIBS) $(DBMLIB) $(LFLAGS)
+ @if [ x"$(STRIP_COMMAND)" != x"" ]; then \
+ echo $(STRIP_COMMAND) exim_fixdb; \
+ $(STRIP_COMMAND) exim_fixdb; \
+@@ -603,8 +603,8 @@
+
+ exim_tidydb: $(OBJ_TIDYDB)
+ @echo "$(LNCC) -o exim_tidydb"
+- $(FE)$(LNCC) $(CFLAGS) $(INCLUDE) -o exim_tidydb $(LFLAGS) $(OBJ_TIDYDB) \
+- $(LIBS) $(EXTRALIBS) $(DBMLIB)
++ $(FE)$(LNCC) $(CFLAGS) $(INCLUDE) -o exim_tidydb $(LDFLAGS) $(OBJ_TIDYDB) \
++ $(LIBS) $(EXTRALIBS) $(DBMLIB) $(LFLAGS)
+ @if [ x"$(STRIP_COMMAND)" != x"" ]; then \
+ echo $(STRIP_COMMAND) exim_tidydb; \
+ $(STRIP_COMMAND) exim_tidydb; \
+@@ -616,8 +616,8 @@
+
+ exim_dbmbuild: exim_dbmbuild.o
+ @echo "$(LNCC) -o exim_dbmbuild"
+- $(FE)$(LNCC) $(CFLAGS) $(INCLUDE) -o exim_dbmbuild $(LFLAGS) exim_dbmbuild.o \
+- $(LIBS) $(EXTRALIBS) $(DBMLIB)
++ $(FE)$(LNCC) $(CFLAGS) $(INCLUDE) -o exim_dbmbuild $(LDFLAGS) exim_dbmbuild.o \
++ $(LIBS) $(EXTRALIBS) $(DBMLIB) $(LFLAGS)
+ @if [ x"$(STRIP_COMMAND)" != x"" ]; then \
+ echo $(STRIP_COMMAND) exim_dbmbuild; \
+ $(STRIP_COMMAND) exim_dbmbuild; \
+@@ -631,8 +631,8 @@
+ @echo "$(CC) exim_lock.c"
+ $(FE)$(CC) -c $(CFLAGS) $(INCLUDE) exim_lock.c
+ @echo "$(LNCC) -o exim_lock"
+- $(FE)$(LNCC) -o exim_lock $(LFLAGS) exim_lock.o \
+- $(LIBS) $(EXTRALIBS)
++ $(FE)$(LNCC) -o exim_lock $(LDFLAGS) exim_lock.o \
++ $(LIBS) $(EXTRALIBS) $(LFLAGS)
+ @if [ x"$(STRIP_COMMAND)" != x"" ]; then \
+ echo $(STRIP_COMMAND) exim_lock; \
+ $(STRIP_COMMAND) exim_lock; \
+@@ -669,9 +669,9 @@
+ $(FE)$(CC) -o em_version.o -c \
+ $(CFLAGS) $(XINCLUDE) -I. ../exim_monitor/em_version.c
+ @echo "$(LNCC) -o eximon.bin"
+- $(FE)$(PURIFY) $(LNCC) -o eximon.bin em_version.o $(LFLAGS) $(XLFLAGS) \
++ $(FE)$(PURIFY) $(LNCC) -o eximon.bin em_version.o $(LDFLAGS) $(XLFLAGS) \
+ $(OBJ_MONBIN) -lXaw -lXmu -lXt -lXext -lX11 $(PCRE_LIBS) \
+- $(LIBS) $(LIBS_EXIMON) $(EXTRALIBS) $(EXTRALIBS_EXIMON) -lc
++ $(LIBS) $(LIBS_EXIMON) $(EXTRALIBS) $(EXTRALIBS_EXIMON) -lc $(LFLAGS)
+ @if [ x"$(STRIP_COMMAND)" != x"" ]; then \
+ echo $(STRIP_COMMAND) eximon.bin; \
+ $(STRIP_COMMAND) eximon.bin; \
+@@ -1018,9 +1018,9 @@
+ string.o tod.o version.o utf8.o
+ $(CC) -c $(CFLAGS) $(INCLUDE) -DSTAND_ALONE dbfn.c
+ $(CC) -c $(CFLAGS) $(INCLUDE) -DCOMPILE_UTILITY store.c
+- $(LNCC) -o test_dbfn $(LFLAGS) dbfn.o \
++ $(LNCC) -o test_dbfn $(LDFLAGS) dbfn.o \
+ dummies.o sa-globals.o sa-os.o store.o string.o \
+- tod.o version.o utf8.o $(LIBS) $(DBMLIB) $(LDFLAGS)
++ tod.o version.o utf8.o $(LIBS) $(DBMLIB) $(LFLAGS)
+ rm -f dbfn.o store.o
+
+ test_host: config.h child.c host.c dns.c dummies.c sa-globals.o os.o \
+@@ -1029,29 +1029,29 @@
+ $(CC) -c $(CFLAGS) $(INCLUDE) -DSTAND_ALONE -DTEST_HOST host.c
+ $(CC) -c $(CFLAGS) $(INCLUDE) -DSTAND_ALONE -DTEST_HOST dns.c
+ $(CC) -c $(CFLAGS) $(INCLUDE) -DSTAND_ALONE -DTEST_HOST dummies.c
+- $(LNCC) -o test_host $(LFLAGS) \
++ $(LNCC) -o test_host $(LDFLAGS) \
+ host.o host_address.o child.o dns.o dummies.o sa-globals.o os.o store.o string.o \
+- tod.o tree.o $(LIBS) $(LIBRESOLV)
++ tod.o tree.o $(LIBS) $(LIBRESOLV) $(LFLAGS)
+ rm -f child.o dummies.o host.o dns.o
+
+ test_os: os.h os.c dummies.o sa-globals.o store.o string.o tod.o utf8.o
+ $(CC) -c $(CFLAGS) $(INCLUDE) -DSTAND_ALONE os.c
+- $(LNCC) -o test_os $(LFLAGS) os.o dummies.o \
+- sa-globals.o store.o string.o tod.o utf8.o $(LIBS) $(LDFLAGS)
++ $(LNCC) -o test_os $(LDFLAGS) os.o dummies.o \
++ sa-globals.o store.o string.o tod.o utf8.o $(LIBS) $(LFLAGS)
+ rm -f os.o
+
+ test_parse: config.h parse.c dummies.o sa-globals.o \
+ store.o string.o tod.o version.o utf8.o
+ $(CC) -c $(CFLAGS) $(INCLUDE) -DSTAND_ALONE parse.c
+- $(LNCC) -o test_parse $(LFLAGS) parse.o \
++ $(LNCC) -o test_parse $(LDFLAGS) parse.o \
+ dummies.o sa-globals.o store.o string.o tod.o version.o \
+- utf8.o $(LDFLAGS)
++ utf8.o $(LFLAGS)
+ rm -f parse.o
+
+ test_string: config.h string.c dummies.o sa-globals.o store.o tod.o utf8.o
+ $(CC) -c $(CFLAGS) $(INCLUDE) -DSTAND_ALONE string.c
+- $(LNCC) -o test_string $(LFLAGS) -DSTAND_ALONE string.o \
+- dummies.o sa-globals.o store.o tod.o utf8.o $(LIBS) $(LDFLAGS)
++ $(LNCC) -o test_string $(LDFLAGS) -DSTAND_ALONE string.o \
++ dummies.o sa-globals.o store.o tod.o utf8.o $(LIBS) $(LFLAGS)
+ rm -f string.o
+
+ # End
diff --git a/mail-mta/exim/files/exim-4.97-localscan_dlopen.patch b/mail-mta/exim/files/exim-4.97-localscan_dlopen.patch
new file mode 100644
index 000000000000..46c2e897f748
--- /dev/null
+++ b/mail-mta/exim/files/exim-4.97-localscan_dlopen.patch
@@ -0,0 +1,209 @@
+--- a/src/config.h.defaults
++++ b/src/config.h.defaults
+@@ -33,6 +33,8 @@
+
+ #define AUTH_VARS 4
+
++#define DLOPEN_LOCAL_SCAN
++
+ #define BIN_DIRECTORY
+
+ #define CONFIGURE_FILE
+--- a/src/EDITME
++++ b/src/EDITME
+@@ -904,6 +904,24 @@
+
+
+ #------------------------------------------------------------------------------
++# On systems which support dynamic loading of shared libraries, Exim can
++# load a local_scan function specified in its config file instead of having
++# to be recompiled with the desired local_scan function. For a full
++# description of the API to this function, see the Exim specification.
++
++#DLOPEN_LOCAL_SCAN=yes
++
++# If you set DLOPEN_LOCAL_SCAN, then you need to include -rdynamic in the
++# linker flags. Without it, the loaded .so won't be able to access any
++# functions from exim.
++
++LFLAGS = -rdynamic
++ifeq ($(OSTYPE),Linux)
++LFLAGS += -ldl
++endif
++
++
++#------------------------------------------------------------------------------
+ # The default distribution of Exim contains only the plain text form of the
+ # documentation. Other forms are available separately. If you want to install
+ # the documentation in "info" format, first fetch the Texinfo documentation
+--- a/src/globals.c
++++ b/src/globals.c
+@@ -43,6 +43,10 @@
+
+ uschar *no_aliases = NULL;
+
++#ifdef DLOPEN_LOCAL_SCAN
++uschar *local_scan_path = NULL;
++#endif
++
+
+ /* For comments on these variables, see globals.h. I'm too idle to
+ duplicate them here... */
+--- a/src/globals.h
++++ b/src/globals.h
+@@ -173,6 +173,9 @@
+ extern int (*receive_feof)(void);
+ extern int (*receive_ferror)(void);
+
++#ifdef DLOPEN_LOCAL_SCAN
++extern uschar *local_scan_path; /* Path to local_scan() library */
++#endif
+
+ /* For clearing, saving, restoring address expansion variables. We have to have
+ the size of this vector set explicitly, because it is referenced from more than
+--- a/src/local_scan.c
++++ b/src/local_scan.c
+@@ -56,10 +56,130 @@
+ is used in the rejection message.
+ */
+
++#ifdef DLOPEN_LOCAL_SCAN
++# include <stdlib.h>
++# include <dlfcn.h>
++static int (*local_scan_fn)(int fd, uschar **return_text) = NULL;
++static int load_local_scan_library(void);
++extern uschar *local_scan_path; /* Path to local_scan() library */
++#endif
++
+ int
+ local_scan(int fd, uschar **return_text)
+ {
+-return LOCAL_SCAN_ACCEPT;
++#ifdef DLOPEN_LOCAL_SCAN
++/* local_scan_path is defined AND not the empty string */
++if (local_scan_path && *local_scan_path)
++ {
++ if (!local_scan_fn)
++ {
++ if (!load_local_scan_library())
++ {
++ char *base_msg , *error_msg , *final_msg ;
++ int final_length = -1 ;
++
++ base_msg=US"Local configuration error - local_scan() library failure\n";
++ error_msg = dlerror() ;
++
++ final_length = strlen(base_msg) + strlen(error_msg) + 1 ;
++ final_msg = (char*)malloc( final_length*sizeof(char) ) ;
++ *final_msg = '\0' ;
++
++ strcat( final_msg , base_msg ) ;
++ strcat( final_msg , error_msg ) ;
++
++ *return_text = final_msg ;
++ return LOCAL_SCAN_TEMPREJECT;
++ }
++ }
++ return local_scan_fn(fd, return_text);
++ }
++else
++#endif
++ return LOCAL_SCAN_ACCEPT;
++}
++
++#ifdef DLOPEN_LOCAL_SCAN
++
++static int load_local_scan_library(void)
++{
++/* No point in keeping local_scan_lib since we'll never dlclose() anyway */
++void *local_scan_lib = NULL;
++int (*local_scan_version_fn)(void);
++int vers_maj;
++int vers_min;
++
++local_scan_lib = dlopen(local_scan_path, RTLD_NOW);
++if (!local_scan_lib)
++ {
++ log_write(0, LOG_MAIN|LOG_REJECT, "local_scan() library open failed - "
++ "message temporarily rejected");
++ return FALSE;
++ }
++
++local_scan_version_fn = dlsym(local_scan_lib, "local_scan_version_major");
++if (!local_scan_version_fn)
++ {
++ dlclose(local_scan_lib);
++ log_write(0, LOG_MAIN|LOG_REJECT, "local_scan() library doesn't contain "
++ "local_scan_version_major() function - message temporarily rejected");
++ return FALSE;
++ }
++
++/* The major number is increased when the ABI is changed in a non
++ backward compatible way. */
++vers_maj = local_scan_version_fn();
++
++local_scan_version_fn = dlsym(local_scan_lib, "local_scan_version_minor");
++if (!local_scan_version_fn)
++ {
++ dlclose(local_scan_lib);
++ log_write(0, LOG_MAIN|LOG_REJECT, "local_scan() library doesn't contain "
++ "local_scan_version_minor() function - message temporarily rejected");
++ return FALSE;
++ }
++
++/* The minor number is increased each time a new feature is added (in a
++ way that doesn't break backward compatibility) -- Marc */
++vers_min = local_scan_version_fn();
++
++
++if (vers_maj != LOCAL_SCAN_ABI_VERSION_MAJOR)
++ {
++ dlclose(local_scan_lib);
++ local_scan_lib = NULL;
++ log_write(0, LOG_MAIN|LOG_REJECT, "local_scan() has an incompatible major"
++ "version number, you need to recompile your module for this version"
++ "of exim (The module was compiled for version %d.%d and this exim provides"
++ "ABI version %d.%d)", vers_maj, vers_min, LOCAL_SCAN_ABI_VERSION_MAJOR,
++ LOCAL_SCAN_ABI_VERSION_MINOR);
++ return FALSE;
++ }
++else if (vers_min > LOCAL_SCAN_ABI_VERSION_MINOR)
++ {
++ dlclose(local_scan_lib);
++ local_scan_lib = NULL;
++ log_write(0, LOG_MAIN|LOG_REJECT, "local_scan() has an incompatible minor"
++ "version number, you need to recompile your module for this version"
++ "of exim (The module was compiled for version %d.%d and this exim provides"
++ "ABI version %d.%d)", vers_maj, vers_min, LOCAL_SCAN_ABI_VERSION_MAJOR,
++ LOCAL_SCAN_ABI_VERSION_MINOR);
++ return FALSE;
++ }
++
++local_scan_fn = dlsym(local_scan_lib, "local_scan");
++if (!local_scan_fn)
++ {
++ dlclose(local_scan_lib);
++ log_write(0, LOG_MAIN|LOG_REJECT, "local_scan() library doesn't contain "
++ "local_scan() function - message temporarily rejected");
++ return FALSE;
++ }
++
++return TRUE;
+ }
+
++#endif /* DLOPEN_LOCAL_SCAN */
++
++
+ /* End of local_scan.c */
+--- a/src/readconf.c
++++ b/src/readconf.c
+@@ -216,6 +216,9 @@
+ { "local_from_prefix", opt_stringptr, {&local_from_prefix} },
+ { "local_from_suffix", opt_stringptr, {&local_from_suffix} },
+ { "local_interfaces", opt_stringptr, {&local_interfaces} },
++#ifdef DLOPEN_LOCAL_SCAN
++ { "local_scan_path", opt_stringptr, {&local_scan_path} },
++#endif
+ #ifdef HAVE_LOCAL_SCAN
+ { "local_scan_timeout", opt_time, {&local_scan_timeout} },
+ #endif
diff --git a/mail-mta/exim/files/exim-4.97-no-exim_id_update.patch b/mail-mta/exim/files/exim-4.97-no-exim_id_update.patch
new file mode 100644
index 000000000000..26cd64971449
--- /dev/null
+++ b/mail-mta/exim/files/exim-4.97-no-exim_id_update.patch
@@ -0,0 +1,13 @@
+This utility needs File::FcntlLock which Gentoo doesn't package
+
+--- a/OS/Makefile-Base
++++ b/OS/Makefile-Base
+@@ -253,7 +253,7 @@
+ transport-filter.pl convert4r3 convert4r4 \
+ exim_checkaccess \
+ exim_dbmbuild exim_dumpdb exim_fixdb exim_tidydb \
+- exim_lock exim_msgdate exim_id_update
++ exim_lock exim_msgdate
+
+
+ # Targets for special-purpose configuration header builders
^ permalink raw reply related [flat|nested] 24+ messages in thread
* [gentoo-commits] repo/gentoo:master commit in: mail-mta/exim/files/, mail-mta/exim/
@ 2024-01-26 19:08 Fabian Groffen
0 siblings, 0 replies; 24+ messages in thread
From: Fabian Groffen @ 2024-01-26 19:08 UTC (permalink / raw
To: gentoo-commits
commit: 7125e469ee81e0899df0a174d72fe90b774cb356
Author: Fabian Groffen <grobian <AT> gentoo <DOT> org>
AuthorDate: Fri Jan 26 19:06:36 2024 +0000
Commit: Fabian Groffen <grobian <AT> gentoo <DOT> org>
CommitDate: Fri Jan 26 19:06:36 2024 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=7125e469
mail-mta/exim-4.97.1-r1: bump for upstream candidate patch plugging memuse
PCRE2 changed the amount of memory it allocates considerably, making it
necessary to cleanup more often.
Bug: https://bugs.gentoo.org/922780
Signed-off-by: Fabian Groffen <grobian <AT> gentoo.org>
mail-mta/exim/exim-4.97.1-r1.ebuild | 631 +++++++++++++++++++++
.../files/exim-4.97.1-memory-usage-bug-3047.patch | 56 ++
2 files changed, 687 insertions(+)
diff --git a/mail-mta/exim/exim-4.97.1-r1.ebuild b/mail-mta/exim/exim-4.97.1-r1.ebuild
new file mode 100644
index 000000000000..8ac924524bb1
--- /dev/null
+++ b/mail-mta/exim/exim-4.97.1-r1.ebuild
@@ -0,0 +1,631 @@
+# Copyright 1999-2024 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI="7"
+
+inherit db-use flag-o-matic toolchain-funcs pam systemd
+
+IUSE="arc berkdb +dane dcc +dkim dlfunc dmarc +dnsdb doc dovecot-sasl
+dsn gdbm gnutls idn ipv6 ldap lmtp maildir mbx
+mysql nis pam perl pkcs11 postgres +prdr proxy radius redis sasl selinux
+socks5 spf sqlite srs +ssl syslog tdb tcpd +tpda X"
+REQUIRED_USE="
+ arc? ( dkim spf )
+ dane? ( ssl !gnutls )
+ dmarc? ( dkim spf )
+ dkim? ( ssl !gnutls )
+ gnutls? ( ssl )
+ pkcs11? ( ssl )
+ || ( berkdb gdbm tdb )
+"
+# NOTE on USE="gnutls dane", gnutls[dane] is masked in base, unmasked
+# for x86 and amd64 only, due to this, repoman won't allow depending on
+# gnutls[dane] for all else. Because we cannot express USE=dane when
+# USE=gnutls is in effect only in package.use.mask, the only option we
+# have left is to a) ignore the dependency (but that results in bug
+# #661164) or b) mask the usage of USE=dane with USE=gnutls. Both are
+# incorrect, but b) is the only "correct" view from repoman.
+# We cannot express a required use for berkdb/gdbm/tdb correctly because
+# berkdb and gdbm are both enabled in base profile
+
+SDIR=$([[ ${PV} == *_rc* ]] && echo /test
+ [[ ${PV} == *.*.*.* ]] && echo /fixes)
+COMM_URI="https://downloads.exim.org/exim4${SDIR}"
+
+GPV="r0"
+DESCRIPTION="A highly configurable, drop-in replacement for sendmail"
+SRC_URI="${COMM_URI}/${P//_rc/-RC}.tar.xz
+ mirror://gentoo/system_filter.exim.gz
+ doc? ( ${COMM_URI}/${PN}-pdf-${PV//_rc/-RC}.tar.xz )"
+HOMEPAGE="https://www.exim.org/"
+
+SLOT="0"
+LICENSE="GPL-2"
+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~ppc ~ppc64 ~sparc ~x86"
+
+COMMON_DEPEND=">=sys-apps/sed-4.0.5
+ dev-libs/libpcre2:=
+ tdb? ( sys-libs/tdb:= )
+ !tdb? ( berkdb? ( >=sys-libs/db-3.2:= <sys-libs/db-6:= ) )
+ !tdb? ( !berkdb? ( sys-libs/gdbm:= ) )
+ idn? ( net-dns/libidn:= net-dns/libidn2:= )
+ perl? ( dev-lang/perl:= )
+ pam? ( sys-libs/pam )
+ tcpd? ( sys-apps/tcp-wrappers )
+ ssl? (
+ gnutls? (
+ net-libs/gnutls:0=[pkcs11?]
+ dev-libs/libtasn1
+ )
+ !gnutls? (
+ dev-libs/openssl:0=
+ )
+ )
+ ldap? ( >=net-nds/openldap-2.0.7:= )
+ elibc_glibc? (
+ net-libs/libnsl:=
+ nis? (
+ net-libs/libtirpc:=
+ >=net-libs/libnsl-1:=
+ )
+ )
+ mysql? ( dev-db/mysql-connector-c:= )
+ postgres? ( dev-db/postgresql:= )
+ sasl? ( >=dev-libs/cyrus-sasl-2.1.26-r2 )
+ redis? ( dev-libs/hiredis:= )
+ spf? ( >=mail-filter/libspf2-1.2.5-r1 )
+ dmarc? ( mail-filter/opendmarc:= )
+ X? (
+ x11-libs/libX11
+ x11-libs/libXmu
+ x11-libs/libXt
+ x11-libs/libXaw
+ )
+ sqlite? ( dev-db/sqlite )
+ radius? ( net-dialup/freeradius-client )
+ virtual/libcrypt:=
+ virtual/libiconv
+ "
+ # added X check for #57206
+BDEPEND="virtual/pkgconfig"
+DEPEND="${COMMON_DEPEND}"
+RDEPEND="${COMMON_DEPEND}
+ !mail-mta/courier
+ !mail-mta/esmtp
+ !mail-mta/msmtp[mta]
+ !mail-mta/netqmail
+ !mail-mta/nullmailer
+ !mail-mta/postfix
+ !mail-mta/sendmail
+ !mail-mta/opensmtpd
+ !mail-mta/ssmtp[mta]
+ >=net-mail/mailbase-0.00-r5
+ virtual/logger
+ dcc? ( mail-filter/dcc )
+ selinux? ( sec-policy/selinux-exim )
+ "
+
+S=${WORKDIR}/${P//_rc/-RC}
+
+src_prepare() {
+ # Legacy patches which need a respin for -p1
+ eapply -p0 "${FILESDIR}"/exim-4.14-tail.patch
+ eapply -p0 "${FILESDIR}"/exim-4.74-radius-db-ENV-clash.patch # 287426
+ eapply "${FILESDIR}"/exim-4.97-as-needed-ldflags.patch # 352265, 391279
+ eapply -p0 "${FILESDIR}"/exim-4.76-crosscompile.patch # 266591
+ eapply "${FILESDIR}"/exim-4.69-r1.27021.patch
+ eapply "${FILESDIR}"/exim-4.97-localscan_dlopen.patch
+ eapply "${FILESDIR}"/exim-4.97-no-exim_id_update.patch
+ eapply "${FILESDIR}"/exim-4.97.1-memory-usage-bug-3047.patch # 922780
+
+ # oddity, they disable berkdb as hack, and then throw an error when
+ # berkdb isn't enabled
+ sed -i \
+ -e 's/_DB_/_DONTMESS_/' \
+ -e 's/define DB void/define DONTMESS void/' \
+ src/auths/call_radius.c || die
+
+ if use maildir ; then
+ eapply "${FILESDIR}"/exim-4.94-maildir.patch
+ else
+ eapply -p0 "${FILESDIR}"/exim-4.80-spool-mail-group.patch # 438606
+ fi
+
+ eapply_user
+
+ # user Exim believes it should be
+ MAILUSER=mail
+ MAILGROUP=mail
+ if use prefix && [[ ${EUID} != 0 ]] ; then
+ MAILUSER=$(id -un)
+ MAILGROUP=$(id -gn)
+ fi
+}
+
+src_configure() {
+ # general config and paths
+
+ local aliases="${EPREFIX}/etc/mail/aliases"
+ sed -i \
+ -e "/SYSTEM_ALIASES_FILE/s'SYSTEM_ALIASES_FILE'${aliases}'" \
+ src/configure.default || die
+
+ sed -i -e 's/^buildname=.*/buildname=exim-gentoo/' Makefile || die
+
+ if use elibc_musl; then
+ sed -i -e 's/^LIBS = -lnsl/LIBS =/g' OS/Makefile-Linux || die
+ append-cflags -DNO_EXECINFO
+ fi
+
+ local conffile="${EPREFIX}/etc/exim/exim.conf"
+ sed -e "48i\CFLAGS=${CFLAGS}" \
+ -e "s:BIN_DIRECTORY=/usr/exim/bin:BIN_DIRECTORY=${EPREFIX}/usr/sbin:" \
+ -e "s;EXIM_USER=;EXIM_USER=ref:${MAILUSER};" \
+ -e "s:CONFIGURE_FILE=.*$:CONFIGURE_FILE=${conffile}:" \
+ -e "s:ZCAT_COMMAND=.*$:ZCAT_COMMAND=${EPREFIX}/bin/zcat:" \
+ -e "s:COMPRESS_COMMAND=.*$:COMPRESS_COMMAND=${EPREFIX}/bin/gzip:" \
+ src/EDITME > Local/Makefile || die
+
+ # work on Local/Makefile from now on
+ cd Local
+
+ cat >> Makefile <<- EOC
+ INFO_DIRECTORY=${EPREFIX}/usr/share/info
+ PID_FILE_PATH=${EPREFIX}/run/exim.pid
+ SPOOL_DIRECTORY=${EPREFIX}/var/spool/exim
+ HAVE_ICONV=yes
+ WITH_CONTENT_SCAN=yes
+ EOC
+
+ # configure db implementation, Exim always needs one for its hints
+ # database, we prefer tdb and gdbm, since bdb is kind of getting
+ # less and less support
+ if use tdb ; then
+ cat >> Makefile <<- EOC
+ USE_TDB=yes
+ DBMLIB = -ltdb
+ EOC
+ sed -i -e 's:^USE_DB=yes:# USE_DB=yes:' Makefile || die
+ sed -i -e 's:^USE_GDBM=yes:# USE_GDBM=yes:' Makefile || die
+ elif use gdbm ; then
+ cat >> Makefile <<- EOC
+ USE_GDBM=yes
+ DBMLIB = -lgdbm
+ EOC
+ sed -i -e 's:^USE_DB=yes:# USE_DB=yes:' Makefile || die
+ sed -i -e 's:^USE_TDB=yes:# USE_TDB=yes:' Makefile || die
+ else # must be berkdb via required_use
+ # use the "native" interfaces to the DBM and CDB libraries, support
+ # passwd and directory lookups by default
+ local DB_VERS="5.3 5.1 4.8 4.7 4.6 4.5 4.4 4.3 4.2 3.2"
+ cat >> Makefile <<- EOC
+ USE_DB=yes
+ # keep include in CFLAGS because exim.h -> dbstuff.h -> db.h
+ CFLAGS += -I$(db_includedir ${DB_VERS})
+ DBMLIB = -l$(db_libname ${DB_VERS})
+ EOC
+ sed -i -e 's:^USE_GDBM=yes:# USE_GDBM=yes:' Makefile || die
+ sed -i -e 's:^USE_TDB=yes:# USE_TDB=yes:' Makefile || die
+ fi
+
+ # if we use libiconv, now is the time to tell so
+ if use !elibc_glibc && use !elibc_musl ; then
+ cat >> Makefile <<- EOC
+ EXTRALIBS_EXIM=-liconv
+ EOC
+ fi
+
+ # support for IPv6
+ if use ipv6; then
+ cat >> Makefile <<- EOC
+ HAVE_IPV6=YES
+ EOC
+ fi
+
+ # support i18n/IDNA
+ if use idn; then
+ cat >> Makefile <<- EOC
+ SUPPORT_I18N=yes
+ SUPPORT_I18N_2008=yes
+ EXTRALIBS_EXIM += -lidn -lidn2
+ EOC
+ fi
+
+ #
+ # mail storage formats
+ #
+
+ # mailstore is Exim's traditional storage format
+ cat >> Makefile <<- EOC
+ SUPPORT_MAILSTORE=yes
+ EOC
+
+ # mbox
+ if use mbx; then
+ cat >> Makefile <<- EOC
+ SUPPORT_MBX=yes
+ EOC
+ fi
+
+ # maildir
+ if use maildir; then
+ cat >> Makefile <<- EOC
+ SUPPORT_MAILDIR=yes
+ EOC
+ fi
+
+ #
+ # lookup methods
+ #
+
+ # support passwd and directory lookups by default
+ cat >> Makefile <<- EOC
+ LOOKUP_CDB=yes
+ LOOKUP_PASSWD=yes
+ LOOKUP_DSEARCH=yes
+ EOC
+
+ if ! use dnsdb; then
+ # DNSDB lookup is enabled by default
+ sed -i -e 's:^LOOKUP_DNSDB=yes:# LOOKUP_DNSDB=yes:' Makefile || die
+ fi
+
+ if use ldap; then
+ cat >> Makefile <<- EOC
+ LOOKUP_LDAP=yes
+ LDAP_LIB_TYPE=OPENLDAP2
+ LOOKUP_INCLUDE += -I"${EPREFIX}"/usr/include/ldap
+ LOOKUP_LIBS += -lldap -llber
+ EOC
+ fi
+
+ if use mysql; then
+ cat >> Makefile <<- EOC
+ LOOKUP_MYSQL=yes
+ LOOKUP_INCLUDE += $(mysql_config --include)
+ LOOKUP_LIBS += $(mysql_config --libs)
+ EOC
+ fi
+
+ if use nis; then
+ cat >> Makefile <<- EOC
+ LOOKUP_NIS=yes
+ LOOKUP_NISPLUS=yes
+ EOC
+ if use elibc_glibc ; then
+ cat >> Makefile <<- EOC
+ LOOKUP_INCLUDE += -I"${EPREFIX}"/usr/include/tirpc
+ LOOKUP_LIBS += -lnsl
+ EOC
+ fi
+ fi
+
+ if use postgres; then
+ cat >> Makefile <<- EOC
+ LOOKUP_PGSQL=yes
+ LOOKUP_INCLUDE += -I$(pg_config --includedir)
+ LOOKUP_LIBS += -L$(pg_config --libdir) -lpq
+ EOC
+ fi
+
+ if use sqlite; then
+ cat >> Makefile <<- EOC
+ LOOKUP_SQLITE=yes
+ LOOKUP_SQLITE_PC=sqlite3
+ EOC
+ fi
+
+ if use redis; then
+ cat >> Makefile <<- EOC
+ LOOKUP_REDIS=yes
+ LOOKUP_LIBS += -lhiredis
+ EOC
+ fi
+
+ # Exim monitor, enabled by default, controlled via X USE-flag,
+ # disable if not requested, bug #46778
+ if use X; then
+ cp ../exim_monitor/EDITME eximon.conf || die
+ cat >> Makefile <<- EOC
+ EXIM_MONITOR=eximon.bin
+ EOC
+ fi
+
+ #
+ # features
+ #
+
+ # DomainKeys Identified Mail, RFC4871
+ if ! use dkim; then
+ # DKIM is enabled by default
+ cat >> Makefile <<- EOC
+ DISABLE_DKIM=yes
+ EOC
+ fi
+
+ # Per-Recipient-Data-Response
+ if ! use prdr; then
+ # PRDR is enabled by default
+ cat >> Makefile <<- EOC
+ DISABLE_PRDR=yes
+ EOC
+ fi
+
+ # Transport post-delivery actions
+ if use !tpda && use !dane; then
+ # EVENT is enabled by default
+ cat >> Makefile <<- EOC
+ DISABLE_EVENT=yes
+ EOC
+ fi
+
+ # log to syslog
+ if use syslog; then
+ local eximlog="${EPREFIX}/var/log/exim/exim_%s.log"
+ sed -i \
+ -e "s:LOG_FILE_PATH=${eximlog}:LOG_FILE_PATH=syslog:" \
+ Makefile || die
+ cat >> Makefile <<- EOC
+ LOG_FILE_PATH=syslog
+ EOC
+ else
+ cat >> Makefile <<- EOC
+ LOG_FILE_PATH=${EPREFIX}/var/log/exim/exim_%s.log
+ EOC
+ fi
+
+ # starttls support (ssl)
+ if use ssl; then
+ if use gnutls; then
+ echo "USE_GNUTLS=yes" >> Makefile
+ echo "USE_GNUTLS_PC=gnutls $(use dane && echo gnutls-dane)" \
+ >> Makefile
+ use pkcs11 || echo "AVOID_GNUTLS_PKCS11=yes" >> Makefile
+ else
+ echo "USE_OPENSSL=yes" >> Makefile
+ echo "USE_OPENSSL_PC=openssl" >> Makefile
+ fi
+ else
+ echo "DISABLE_TLS=yes" >> Makefile
+ fi
+
+ # TCP wrappers
+ if use tcpd; then
+ cat >> Makefile <<- EOC
+ USE_TCP_WRAPPERS=yes
+ EXTRALIBS_EXIM += -lwrap
+ EOC
+ fi
+
+ # Light Mail Transport Protocol
+ if use lmtp; then
+ cat >> Makefile <<- EOC
+ TRANSPORT_LMTP=yes
+ EOC
+ fi
+
+ # embedded Perl
+ if use perl; then
+ cat >> Makefile <<- EOC
+ EXIM_PERL=perl.o
+ EOC
+ fi
+
+ # dlfunc
+ if use dlfunc; then
+ cat >> Makefile <<- EOC
+ EXPAND_DLFUNC=yes
+ HAVE_LOCAL_SCAN=yes
+ DLOPEN_LOCAL_SCAN=yes
+ EOC
+ fi
+
+ # Proxy Protocol
+ if use proxy; then
+ cat >> Makefile <<- EOC
+ SUPPORT_PROXY=yes
+ EOC
+ fi
+
+ # SOCKS5 (outbound) proxy support
+ if use socks5; then
+ cat >> Makefile <<- EOC
+ SUPPORT_SOCKS=yes
+ EOC
+ fi
+
+ # DANE
+ if use !dane; then
+ # DANE is enabled by default
+ sed -i -e 's:^SUPPORT_DANE=yes:# SUPPORT_DANE=yes:' Makefile || die
+ fi
+
+ # DMARC
+ if use dmarc; then
+ cat >> Makefile <<- EOC
+ SUPPORT_DMARC=yes
+ EXTRALIBS_EXIM += -lopendmarc
+ EOC
+ fi
+
+ # Sender Policy Framework
+ if use spf; then
+ cat >> Makefile <<- EOC
+ SUPPORT_SPF=yes
+ EXTRALIBS_EXIM += -lspf2
+ EOC
+ fi
+
+ #
+ # experimental features
+ #
+
+ # Authenticated Receive Chain
+ if use arc; then
+ echo "EXPERIMENTAL_ARC=yes">> Makefile
+ fi
+
+ # Distributed Checksum Clearinghouse
+ if use dcc; then
+ echo "EXPERIMENTAL_DCC=yes">> Makefile
+ fi
+
+ # Sender Rewriting Scheme
+ if use srs; then
+ # this one is the default/supported variant since 4.95, and the
+ # only variant available since 4.96
+ cat >> Makefile <<- EOC
+ SUPPORT_SRS=yes
+ EOC
+ fi
+
+ # Delivery Sender Notifications extra information in fail message
+ if use dsn; then
+ cat >> Makefile <<- EOC
+ EXPERIMENTAL_DSN_INFO=yes
+ EOC
+ fi
+
+ #
+ # authentication (SMTP AUTH)
+ #
+
+ # standard bits
+ cat >> Makefile <<- EOC
+ AUTH_SPA=yes
+ AUTH_CRAM_MD5=yes
+ AUTH_PLAINTEXT=yes
+ EOC
+
+ # Cyrus SASL
+ if use sasl; then
+ cat >> Makefile <<- EOC
+ CYRUS_SASLAUTHD_SOCKET=${EPREFIX}/run/saslauthd/mux
+ AUTH_CYRUS_SASL=yes
+ AUTH_LIBS += -lsasl2
+ EOC
+ fi
+
+ # Dovecot
+ if use dovecot-sasl; then
+ cat >> Makefile <<- EOC
+ AUTH_DOVECOT=yes
+ EOC
+ fi
+
+ # Pluggable Authentication Modules
+ if use pam; then
+ cat >> Makefile <<- EOC
+ SUPPORT_PAM=yes
+ AUTH_LIBS += -lpam
+ EOC
+ fi
+
+ # Radius
+ if use radius; then
+ cat >> Makefile <<- EOC
+ RADIUS_CONFIG_FILE=${EPREFIX}/etc/radiusclient/radiusclient.conf
+ RADIUS_LIB_TYPE=RADIUSCLIENTNEW
+ AUTH_LIBS += -lfreeradius-client
+ EOC
+ fi
+}
+
+src_compile() {
+ emake CC="$(tc-getCC)" HOSTCC="$(tc-getBUILD_CC)" \
+ AR="$(tc-getAR) cq" RANLIB="$(tc-getRANLIB)" FULLECHO=''
+}
+
+src_install() {
+ cd "${S}"/build-exim-gentoo || die
+ dosbin exim
+ if use X; then
+ dosbin eximon.bin
+ dosbin eximon
+ fi
+ fperms 4755 /usr/sbin/exim
+
+ dosym exim /usr/sbin/sendmail
+ dosym exim /usr/sbin/rsmtp
+ dosym exim /usr/sbin/rmail
+ dosym ../sbin/exim /usr/bin/mailq
+ dosym ../sbin/exim /usr/bin/newaliases
+ dosym ../sbin/sendmail /usr/lib/sendmail
+
+ for i in exicyclog exim_dbmbuild exim_dumpdb exim_fixdb exim_lock \
+ exim_tidydb exinext exiwhat exigrep eximstats exiqsumm exiqgrep \
+ convert4r3 convert4r4 exipick
+ do
+ dosbin $i
+ done
+
+ dodoc -r "${S}"/doc/.
+ doman "${S}"/doc/exim.8
+ use dsn && dodoc "${S}"/README.DSN
+ use doc && dodoc "${WORKDIR}"/${PN}-pdf-${PV//rc/RC}/doc/*.pdf
+
+ # conf files
+ insinto /etc/exim
+ newins "${S}"/src/configure.default exim.conf.dist
+ doins "${WORKDIR}"/system_filter.exim
+ doins "${FILESDIR}"/auth_conf.sub
+
+ if use pam; then
+ pamd_mimic system-auth exim auth account
+ fi
+
+ # headers, #436406
+ if use dlfunc ; then
+ # fixup includes so they actually can be found when including
+ sed -i \
+ -e '/#include "\(config\|store\|mytypes\).h"/s:"\(.\+\)":<exim/\1>:' \
+ local_scan.h || die
+ insinto /usr/include/exim
+ doins {config,local_scan}.h ../src/{mytypes,store}.h
+ fi
+
+ insinto /etc/logrotate.d
+ newins "${FILESDIR}/exim.logrotate" exim
+
+ newinitd "${FILESDIR}"/exim.rc10 exim
+ newconfd "${FILESDIR}"/exim.confd exim
+
+ systemd_dounit \
+ "${FILESDIR}"/{exim.service,exim.socket,exim-submission.socket}
+ systemd_newunit \
+ "${FILESDIR}"/exim_at.service 'exim@.service'
+ systemd_newunit \
+ "${FILESDIR}"/exim-submission_at.service 'exim-submission@.service'
+
+ diropts -m 0750 -o ${MAILUSER} -g ${MAILGROUP}
+ keepdir /var/log/${PN}
+}
+
+pkg_postinst() {
+ if [[ ! -f ${EROOT}/etc/exim/exim.conf ]] ; then
+ einfo "${EROOT}/etc/exim/system_filter.exim is a sample system_filter."
+ einfo "${EROOT}/etc/exim/auth_conf.sub contains the configuration sub"
+ einfo "for using smtp auth."
+ einfo "Please create ${EROOT}/etc/exim/exim.conf from"
+ einfo " ${EROOT}/etc/exim/exim.conf.dist."
+ fi
+ if use berkdb && ( use gdbm || use tdb ) ; then
+ ewarn "USE=berkdb is ignored because USE=gdbm or USE=tdb is enabled!"
+ fi
+ if use dmarc ; then
+ einfo "DMARC support requires ${EROOT}/etc/exim/opendmarc.tlds"
+ einfo "you can populate this file with the contents downloaded from"
+ einfo " https://publicsuffix.org/list/public_suffix_list.dat"
+ fi
+ if use dcc ; then
+ einfo "DCC support is experimental, you can find some limited"
+ einfo "documentation at the bottom of this prerelease message:"
+ einfo " http://article.gmane.org/gmane.mail.exim.devel/3579"
+ fi
+ use dsn && einfo "extra information in fail DSN message is experimental"
+ einfo
+ elog "Note that this release contains a tainted variable check that"
+ elog "is likely to break your configuration used with Exim 4.93 and before."
+ elog "Please check your transports for occurences of \$local_part, and"
+ elog "use a replacement like \$local_part_data where possible."
+}
diff --git a/mail-mta/exim/files/exim-4.97.1-memory-usage-bug-3047.patch b/mail-mta/exim/files/exim-4.97.1-memory-usage-bug-3047.patch
new file mode 100644
index 000000000000..f141d08bb7b4
--- /dev/null
+++ b/mail-mta/exim/files/exim-4.97.1-memory-usage-bug-3047.patch
@@ -0,0 +1,56 @@
+https://bugs.exim.org/show_bug.cgi?id=3047
+https://bugs.gentoo.org/922780
+
+diff --git a/src/src/transports/appendfile.c b/src/src/transports/appendfile.c
+index ec41ca035..91b353079 100644
+--- a/src/transports/appendfile.c
++++ b/src/transports/appendfile.c
+@@ -153,6 +153,10 @@ static const char *mailbox_formats[] = {
+ (!ob->quota_warn_threshold_is_percent || ob->quota_value > 0))
+
+
++/* Free memory allocated by PCRE2 every so often, because a recent version
++is now using 20kB for every match call */
++
++#define RESET_STORE_FILECNT 1000
+
+ /*************************************************
+ * Setup entry point *
+@@ -661,13 +665,14 @@ Returns: the sum of the sizes of the stattable files
+ off_t
+ check_dir_size(const uschar * dirname, int * countptr, const pcre2_code * re)
+ {
+-DIR *dir;
++DIR * dir;
+ off_t sum = 0;
+-int count = *countptr;
++int count = *countptr, lcount = RESET_STORE_FILECNT;
++rmark reset_point = store_mark();
+
+ if (!(dir = exim_opendir(dirname))) return 0;
+
+-for (struct dirent *ent; ent = readdir(dir); )
++for (struct dirent * ent; ent = readdir(dir); )
+ {
+ uschar * path, * name = US ent->d_name;
+ struct stat statbuf;
+@@ -675,6 +680,11 @@ for (struct dirent *ent; ent = readdir(dir); )
+ if (Ustrcmp(name, ".") == 0 || Ustrcmp(name, "..") == 0) continue;
+
+ count++;
++ if (--lcount == 0)
++ {
++ store_reset(reset_point); reset_point = store_mark();
++ lcount = RESET_STORE_FILECNT;
++ }
+
+ /* If there's a regex, try to find the size using it */
+
+@@ -726,6 +736,7 @@ DEBUG(D_transport)
+ debug_printf("check_dir_size: dir=%s sum=" OFF_T_FMT " count=%d\n", dirname,
+ sum, count);
+
++store_reset(reset_point);
+ *countptr = count;
+ return sum;
+ }
^ permalink raw reply related [flat|nested] 24+ messages in thread
* [gentoo-commits] repo/gentoo:master commit in: mail-mta/exim/files/, mail-mta/exim/
@ 2024-02-15 8:28 Fabian Groffen
0 siblings, 0 replies; 24+ messages in thread
From: Fabian Groffen @ 2024-02-15 8:28 UTC (permalink / raw
To: gentoo-commits
commit: fa7a1f384983f4d7158e7edbd9cab1a914140d28
Author: Fabian Groffen <grobian <AT> gentoo <DOT> org>
AuthorDate: Thu Feb 15 08:27:25 2024 +0000
Commit: Fabian Groffen <grobian <AT> gentoo <DOT> org>
CommitDate: Thu Feb 15 08:28:27 2024 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=fa7a1f38
mail-mta/exim-4.97.1-r4: update regex memory patch
Include 6fcb3173d6 and 5aacb69f5c8 from upstream.
Bug: https://bugs.gentoo.org/922780
Signed-off-by: Fabian Groffen <grobian <AT> gentoo.org>
...exim-4.97.1-r3.ebuild => exim-4.97.1-r4.ebuild} | 0
.../files/exim-4.97.1-memory-usage-bug-3047.patch | 49 ++++++++++++++++------
2 files changed, 36 insertions(+), 13 deletions(-)
diff --git a/mail-mta/exim/exim-4.97.1-r3.ebuild b/mail-mta/exim/exim-4.97.1-r4.ebuild
similarity index 100%
rename from mail-mta/exim/exim-4.97.1-r3.ebuild
rename to mail-mta/exim/exim-4.97.1-r4.ebuild
diff --git a/mail-mta/exim/files/exim-4.97.1-memory-usage-bug-3047.patch b/mail-mta/exim/files/exim-4.97.1-memory-usage-bug-3047.patch
index b8f4eb9c5eef..e467edf71fa2 100644
--- a/mail-mta/exim/files/exim-4.97.1-memory-usage-bug-3047.patch
+++ b/mail-mta/exim/files/exim-4.97.1-memory-usage-bug-3047.patch
@@ -15,6 +15,16 @@ Date: Sun, 11 Feb 2024 13:57:18 +0000 (+0000)
Subject: Use non-releaseable memory for regex match strings. Bug 3047
Broken-by: 35aacb69f5c8
+From 6fcb3173d64ef8a9d70f8adf19f134a0cd9cf6e8 Mon Sep 17 00:00:00 2001
+From: Jeremy Harris <jgh146exb@wizmail.org>
+Date: Sun, 11 Feb 2024 15:04:58 +0000
+Subject: [PATCH] use dynamic mem for regex_match_string
+
+From a173a4376d168edbf3fe2494dff998c4060bf425 Mon Sep 17 00:00:00 2001
+From: Jeremy Harris <jgh146exb@wizmail.org>
+Date: Tue, 13 Feb 2024 17:34:19 +0000
+Subject: [PATCH] Use non-releasable memory for regex line-buffer
+Broken-by: 5aacb69f5c8
diff --git a/src/src/exim.c b/src/src/exim.c
--- a/src/exim.c
@@ -99,6 +109,15 @@ diff --git a/src/src/macros.h b/src/src/macros.h
diff --git a/src/src/regex.c b/src/src/regex.c
--- a/src/regex.c
+++ b/src/regex.c
+@@ -24,8 +24,6 @@ typedef struct pcre_list {
+ struct pcre_list * next;
+ } pcre_list;
+
+-uschar regex_match_string_buffer[1024];
+-
+ extern FILE *mime_stream;
+ extern uschar *mime_current_boundary;
+
@@ -31,12 +31,11 @@ extern uschar *mime_current_boundary;
@@ -135,16 +154,20 @@ diff --git a/src/src/regex.c b/src/src/regex.c
static int
matcher(pcre_list * re_list_head, uschar * linebuffer, int len)
{
-@@ -75,6 +82,9 @@ for (pcre_list * ri = re_list_head; ri; ri = ri->next)
+@@ -75,9 +82,10 @@ for (pcre_list * ri = re_list_head; ri; ri = ri->next)
/* try matcher on the line */
if ((n = pcre2_match(ri->re, (PCRE2_SPTR)linebuffer, len, 0, 0, md, pcre_gen_mtc_ctx)) > 0)
{
+ int save_pool = store_pool;
+ store_pool = POOL_PERM;
+
- Ustrncpy(regex_match_string_buffer, ri->pcre_text,
- sizeof(regex_match_string_buffer)-1);
- regex_match_string = regex_match_string_buffer;
+- Ustrncpy(regex_match_string_buffer, ri->pcre_text,
+- sizeof(regex_match_string_buffer)-1);
+- regex_match_string = regex_match_string_buffer;
++ regex_match_string = string_copy(ri->pcre_text);
+
+ for (int nn = 1; nn < n; nn++)
+ {
@@ -87,6 +97,7 @@ for (pcre_list * ri = re_list_head; ri; ri = ri->next)
regex_vars[nn-1] = string_copyn(linebuffer + ovec[off], len);
}
@@ -153,9 +176,11 @@ diff --git a/src/src/regex.c b/src/src/regex.c
return OK;
}
}
-@@ -112,7 +113,8 @@ FILE * mbox_file;
+@@ -110,9 +111,9 @@ FILE * mbox_file;
+ unsigned long mbox_size;
+ FILE * mbox_file;
pcre_list * re_list_head;
- uschar * linebuffer;
+-uschar * linebuffer;
long f_pos = 0;
-int ret = FAIL;
+int ret = FAIL, cnt, lcount = REGEX_LOOPCOUNT_STORE_RESET;
@@ -163,7 +188,7 @@ diff --git a/src/src/regex.c b/src/src/regex.c
regex_vars_clear();
-@@ -136,26 +138,34 @@ else
+@@ -136,26 +138,32 @@ else
mbox_file = mime_stream;
}
@@ -187,17 +212,15 @@ diff --git a/src/src/regex.c b/src/src/regex.c
+ /* precompile our regexes */
+ if ((re_list_head = compile(*listptr, cacheable, &cnt)))
+ {
-+ /* match each line against all regexes */
-+ linebuffer = store_get(32767, GET_TAINTED);
-+ while (fgets(CS linebuffer, 32767, mbox_file))
++ while (fgets(CS big_buffer, big_buffer_size, mbox_file))
+ {
+ if ( mime_stream && mime_current_boundary /* check boundary */
-+ && Ustrncmp(linebuffer, "--", 2) == 0
-+ && Ustrncmp((linebuffer+2), mime_current_boundary,
++ && Ustrncmp(big_buffer, "--", 2) == 0
++ && Ustrncmp((big_buffer+2), mime_current_boundary,
+ Ustrlen(mime_current_boundary)) == 0)
+ break; /* found boundary */
+
-+ if ((ret = matcher(re_list_head, linebuffer, (int)Ustrlen(linebuffer))) == OK)
++ if ((ret = matcher(re_list_head, big_buffer, (int)Ustrlen(big_buffer))) == OK)
+ break;
+
+ if ((lcount -= cnt) <= 0)
^ permalink raw reply related [flat|nested] 24+ messages in thread
end of thread, other threads:[~2024-02-15 8:28 UTC | newest]
Thread overview: 24+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2017-02-12 7:51 [gentoo-commits] repo/gentoo:master commit in: mail-mta/exim/files/, mail-mta/exim/ Fabian Groffen
-- strict thread matches above, loose matches on Subject: below --
2024-02-15 8:28 Fabian Groffen
2024-01-26 19:08 Fabian Groffen
2023-11-07 20:47 Fabian Groffen
2023-05-27 8:55 Fabian Groffen
2022-12-27 20:33 Fabian Groffen
2022-10-19 12:52 Fabian Groffen
2022-10-19 7:53 Fabian Groffen
2021-09-29 6:32 Fabian Groffen
2021-07-01 16:08 Fabian Groffen
2021-05-08 8:23 Fabian Groffen
2021-05-05 18:43 Fabian Groffen
2020-06-01 17:58 Fabian Groffen
2020-05-24 11:27 Fabian Groffen
2020-05-13 17:20 Fabian Groffen
2019-12-09 17:18 Fabian Groffen
2019-06-28 13:50 Fabian Groffen
2017-11-29 8:50 Fabian Groffen
2017-11-26 13:40 Fabian Groffen
2017-01-30 7:46 Fabian Groffen
2016-09-25 8:56 Fabian Groffen
2016-07-20 11:13 Fabian Groffen
2016-02-03 13:50 Fabian Groffen
2015-08-25 4:21 Jeroen Roovers
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox