[gentoo-commits] repo/gentoo:master commit in: mail-mta/netqmail/files/, mail-mta/netqmail/

[gentoo-commits] repo/gentoo:master commit in: mail-mta/netqmail/files/, mail-mta/netqmail/

[Joonas Niilola]

commit:     6901a0a254a693859b3b83fabb26680d1bc900a0
Author:     Rolf Eike Beer <eike <AT> sf-mail <DOT> de>
AuthorDate: Sat Sep 21 16:51:05 2019 +0000
Commit:     Joonas Niilola <juippis <AT> gentoo <DOT> org>
CommitDate: Wed Sep 25 03:31:58 2019 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=6901a0a2

mail-mta/netqmail: upgrade EAPI, clean up

- properly handle multiple IP addresses on the same interface

Closes: https://bugs.gentoo.org/show_bug.cgi?id=566826
Closes: https://github.com/gentoo/gentoo/pull/12989
Signed-off-by: Rolf Eike Beer <eike <AT> sf-mail.de>
Signed-off-by: Joonas Niilola <juippis <AT> gentoo.org>

 .../netqmail/files/genqmail-20080406-ldflags.patch |   4 +-
 .../files/netqmail-1.06-ipme-multiple.patch        | 117 ++++++++++++
 .../files/use-new-path-for-functions.sh.patch      |   4 +-
 mail-mta/netqmail/netqmail-1.06-r7.ebuild          | 201 +++++++++++++++++++++
 4 files changed, 322 insertions(+), 4 deletions(-)

diff --git a/mail-mta/netqmail/files/genqmail-20080406-ldflags.patch b/mail-mta/netqmail/files/genqmail-20080406-ldflags.patch
index 1eb334c259c..cfd27cbb828 100644
--- a/mail-mta/netqmail/files/genqmail-20080406-ldflags.patch
+++ b/mail-mta/netqmail/files/genqmail-20080406-ldflags.patch
@@ -1,6 +1,6 @@
 diff -Nuar genqmail-20080406.orig/spp/Makefile genqmail-20080406/spp/Makefile
---- genqmail-20080406.orig/spp/Makefile	2008-04-06 15:44:14.000000000 +0000
-+++ genqmail-20080406/spp/Makefile	2013-05-27 00:37:58.687763457 +0000
+--- a/genqmail-20080406/spp/Makefile	2008-04-06 15:44:14.000000000 +0000
++++ b/genqmail-20080406/spp/Makefile	2013-05-27 00:37:58.687763457 +0000
 @@ -14,7 +14,7 @@
  	rm -f $(TARGETS)
  

diff --git a/mail-mta/netqmail/files/netqmail-1.06-ipme-multiple.patch b/mail-mta/netqmail/files/netqmail-1.06-ipme-multiple.patch
new file mode 100644
index 00000000000..85b5a450c95
--- /dev/null
+++ b/mail-mta/netqmail/files/netqmail-1.06-ipme-multiple.patch
@@ -0,0 +1,117 @@
+From d24a34857afc33ed11da9ba62736c0bb9b3e5b94 Mon Sep 17 00:00:00 2001
+From: Rolf Eike Beer <eike@sf-mail.de>
+Date: Thu, 29 Aug 2019 20:35:48 +0200
+Subject: [PATCH 1/2] ask kernel for the correct buffer size to satisfy
+ SIOCGIFCONF before looping
+
+---
+ ipme.c | 41 ++++++++++++++++++++++++++++-------------
+ 1 file changed, 28 insertions(+), 13 deletions(-)
+
+diff --git a/ipme.c b/ipme.c
+index 3c86127..d88785d 100644
+--- a/ipme.c
++++ b/ipme.c
+@@ -52,20 +52,35 @@ int ipme_init()
+   byte_copy(&ix.ip,4,"\0\0\0\0");
+   if (!ipalloc_append(&ipme,&ix)) { return 0; }
+   if ((s = socket(AF_INET,SOCK_STREAM,0)) == -1) return -1;
+- 
+-  len = 256;
+-  for (;;) {
+-    if (!stralloc_ready(&buf,len)) { close(s); return 0; }
+-    buf.len = 0;
++
++  ifc.ifc_buf = 0;
++  ifc.ifc_len = 0;
++
++  /* first pass: just ask what the correct length for all addresses is */
++  len = 0;
++  if (ioctl(s,SIOCGIFCONF,&ifc) >= 0 && ifc.ifc_len > 0) { /* > is for System V */
++    if (!stralloc_ready(&buf,ifc.ifc_len)) { close(s); return 0; }
+     ifc.ifc_buf = buf.s;
+-    ifc.ifc_len = len;
+-    if (ioctl(s,SIOCGIFCONF,&ifc) >= 0) /* > is for System V */
+-      if (ifc.ifc_len + sizeof(*ifr) + 64 < len) { /* what a stupid interface */
+-        buf.len = ifc.ifc_len;
+-        break;
+-      }
+-    if (len > 200000) { close(s); return -1; }
+-    len += 100 + (len >> 2);
++    if (ioctl(s,SIOCGIFCONF,&ifc) >= 0)
++      buf.len = ifc.ifc_len;
++  }
++
++  /* check if we have complete length, otherwise try so sort that out */
++  if (buf.len == 0) {
++    len = 256;
++    for (;;) {
++      if (!stralloc_ready(&buf,len)) { close(s); return 0; }
++      buf.len = 0;
++      ifc.ifc_buf = buf.s;
++      ifc.ifc_len = len;
++      if (ioctl(s,SIOCGIFCONF,&ifc) >= 0) /* > is for System V */
++        if (ifc.ifc_len + sizeof(*ifr) + 64 < len) { /* what a stupid interface */
++          buf.len = ifc.ifc_len;
++          break;
++        }
++      if (len > 200000) { close(s); return -1; }
++      len += 100 + (len >> 2);
++    }
+   }
+   x = buf.s;
+   while (x < buf.s + buf.len) {
+-- 
+2.16.4
+
+From 9d6c05d092e3cf94a6591cd5420f8026fcd4691f Mon Sep 17 00:00:00 2001
+From: Rolf Eike Beer <eike@sf-mail.de>
+Date: Thu, 29 Aug 2019 20:37:03 +0200
+Subject: [PATCH 2/2] ipme: fix detection of multiple IP addresses on the same
+ link
+
+The problem was that the code did another ioctl() to check if the link is
+actually up, and when doing this overwrites the information it is currently
+looking at. The code when sa_len is available copies the current IP address out
+before checking if the link is up. Reorder the code so both branches share more
+code and both work.
+---
+ CHANGES |  2 ++
+ ipme.c  | 14 +++-----------
+ 2 files changed, 5 insertions(+), 11 deletions(-)
+
+diff --git a/ipme.c b/ipme.c
+index d88785d..e163f5b 100644
+--- a/ipme.c
++++ b/ipme.c
+@@ -89,6 +89,9 @@ int ipme_init()
+     len = sizeof(ifr->ifr_name) + ifr->ifr_addr.sa_len;
+     if (len < sizeof(*ifr))
+       len = sizeof(*ifr);
++#else
++    len = sizeof(*ifr);
++#endif
+     if (ifr->ifr_addr.sa_family == AF_INET) {
+       sin = (struct sockaddr_in *) &ifr->ifr_addr;
+       byte_copy(&ix.ip,4,&sin->sin_addr);
+@@ -96,17 +99,6 @@ int ipme_init()
+         if (ifr->ifr_flags & IFF_UP)
+           if (!ipalloc_append(&ipme,&ix)) { close(s); return 0; }
+     }
+-#else
+-    len = sizeof(*ifr);
+-    if (ioctl(s,SIOCGIFFLAGS,x) == 0)
+-      if (ifr->ifr_flags & IFF_UP)
+-        if (ioctl(s,SIOCGIFADDR,x) == 0)
+-	  if (ifr->ifr_addr.sa_family == AF_INET) {
+-	    sin = (struct sockaddr_in *) &ifr->ifr_addr;
+-	    byte_copy(&ix.ip,4,&sin->sin_addr);
+-	    if (!ipalloc_append(&ipme,&ix)) { close(s); return 0; }
+-	  }
+-#endif
+     x += len;
+   }
+   close(s);
+-- 
+2.16.4
+

diff --git a/mail-mta/netqmail/files/use-new-path-for-functions.sh.patch b/mail-mta/netqmail/files/use-new-path-for-functions.sh.patch
index 52f3d8e9a95..c107db0480f 100644
--- a/mail-mta/netqmail/files/use-new-path-for-functions.sh.patch
+++ b/mail-mta/netqmail/files/use-new-path-for-functions.sh.patch
@@ -1,5 +1,5 @@
---- genqmail-20080406.orig/ssl/mkservercert.orig	2015-10-18 12:46:40.082559295 -0200
-+++ genqmail-20080406/ssl/mkservercert	2015-10-18 12:49:03.749576181 -0200
+--- a/genqmail-20080406/ssl/mkservercert.orig	2015-10-18 12:46:40.082559295 -0200
++++ b/genqmail-20080406/ssl/mkservercert	2015-10-18 12:49:03.749576181 -0200
 @@ -5,7 +5,7 @@
  # Based on mkimapdcert from courier-imap.
 

diff --git a/mail-mta/netqmail/netqmail-1.06-r7.ebuild b/mail-mta/netqmail/netqmail-1.06-r7.ebuild
new file mode 100644
index 00000000000..00b6a3087f4
--- /dev/null
+++ b/mail-mta/netqmail/netqmail-1.06-r7.ebuild
@@ -0,0 +1,201 @@
+# Copyright 1999-2019 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=7
+
+GENQMAIL_PV=20080406
+QMAIL_SPP_PV=0.42
+
+QMAIL_TLS_PV=20190114
+QMAIL_TLS_F=${PN}-1.05-tls-smtpauth-${QMAIL_TLS_PV}.patch
+QMAIL_TLS_CVE=vu555316.patch
+
+QMAIL_BIGTODO_PV=103
+QMAIL_BIGTODO_F=big-todo.${QMAIL_BIGTODO_PV}.patch
+
+QMAIL_LARGE_DNS='qmail-103.patch'
+
+QMAIL_SMTPUTF8='qmail-smtputf8.patch'
+
+inherit qmail
+
+DESCRIPTION="qmail -- a secure, reliable, efficient, simple message transfer agent"
+HOMEPAGE="
+	http://netqmail.org
+	https://cr.yp.to/qmail.html
+	http://qmail.org
+"
+SRC_URI="mirror://qmail/${P}.tar.gz
+	https://dev.gentoo.org/~hollow/distfiles/${GENQMAIL_F}
+	https://www.ckdhr.com/ckd/${QMAIL_LARGE_DNS}
+	!vanilla? (
+		highvolume? ( mirror://qmail/${QMAIL_BIGTODO_F} )
+		qmail-spp? ( mirror://sourceforge/qmail-spp/${QMAIL_SPP_F} )
+		ssl? (
+			https://mirror.alexh.name/qmail/netqmail/${QMAIL_TLS_F}
+			http://inoa.net/qmail-tls/${QMAIL_TLS_CVE}
+			https://arnt.gulbrandsen.priv.no/qmail/qmail-smtputf8.patch
+		)
+	)
+"
+
+LICENSE="public-domain"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~arm ~hppa ~mips ~ppc ~ppc64 ~x86"
+IUSE="authcram gencertdaily highvolume libressl qmail-spp ssl vanilla"
+REQUIRED_USE="vanilla? ( !ssl !qmail-spp !highvolume )"
+RESTRICT="test"
+
+DEPEND="
+	acct-group/nofiles
+	acct-group/qmail
+	acct-user/alias
+	acct-user/qmaild
+	acct-user/qmaill
+	acct-user/qmailp
+	acct-user/qmailq
+	acct-user/qmailr
+	acct-user/qmails
+	net-dns/libidn2
+	net-mail/queue-repair
+	sys-apps/gentoo-functions
+	sys-apps/groff
+	ssl? (
+		!libressl? ( >=dev-libs/openssl-1.1:0= )
+		libressl? ( dev-libs/libressl:= )
+	)
+"
+RDEPEND="${DEPEND}
+	>=net-mail/dot-forward-0.71-r3
+	>=sys-apps/ucspi-tcp-0.88-r17
+	virtual/checkpassword
+	virtual/daemontools
+	authcram? ( >=net-mail/cmd5checkpw-0.30 )
+	ssl? ( >=sys-apps/ucspi-ssl-0.70-r1 )
+	!mail-mta/courier
+	!mail-mta/esmtp
+	!mail-mta/exim
+	!mail-mta/mini-qmail
+	!mail-mta/msmtp[mta]
+	!mail-mta/nullmailer
+	!mail-mta/opensmtpd
+	!mail-mta/postfix
+	!mail-mta/qmail-ldap
+	!mail-mta/sendmail
+	!mail-mta/ssmtp[mta]
+"
+
+pkg_setup() {
+	if [[ -n "${QMAIL_PATCH_DIR}" ]]; then
+		eerror
+		eerror "The QMAIL_PATCH_DIR variable for custom patches"
+		eerror "has been removed from ${PN}. If you need custom patches"
+		eerror "see 'user patches' in the portage manual."
+		eerror
+		die "QMAIL_PATCH_DIR is not supported anymore"
+	fi
+}
+
+src_unpack() {
+	genqmail_src_unpack
+	use qmail-spp && qmail_spp_src_unpack
+
+	unpack ${P}.tar.gz
+}
+
+PATCHES=(
+	"${FILESDIR}/${PV}-exit.patch"
+	"${FILESDIR}/${PV}-readwrite.patch"
+	"${DISTDIR}/${QMAIL_LARGE_DNS}"
+	"${FILESDIR}/${PV}-fbsd-utmpx.patch"
+	"${FILESDIR}/${P}-ipme-multiple.patch"
+)
+
+src_prepare() {
+	if ! use vanilla; then
+		if use ssl; then
+			# This patch contains relative paths and needs to be cleaned up.
+			sed 's~^--- \.\./\.\./~--- ~g' \
+				< "${DISTDIR}"/${QMAIL_TLS_F} \
+				> "${T}"/${QMAIL_TLS_F} || die
+			local PATCHES+=( "${T}/${QMAIL_TLS_F}"
+				"${DISTDIR}/${QMAIL_TLS_CVE}"
+				"${FILESDIR}/qmail-smtputf8.patch"
+			)
+		fi
+		if use highvolume; then
+			local PATCHES+=( "${DISTDIR}/${QMAIL_BIGTODO_F}" )
+		fi
+
+		if use qmail-spp; then
+			if use ssl; then
+				SPP_PATCH="${QMAIL_SPP_S}/qmail-spp-smtpauth-tls-20060105.diff"
+			else
+				SPP_PATCH="${QMAIL_SPP_S}/netqmail-spp.diff"
+			fi
+			# make the patch work with "-p1"
+			sed -e 's#^--- \([Mq]\)#--- a/\1#' -e 's#^+++ \([Mq]\)#+++ b/\1#' -i ${SPP_PATCH} || die
+
+			local PATCHES+=( "${SPP_PATCH}" )
+		fi
+	fi
+
+	default
+
+	pushd "${WORKDIR}" >/dev/null || die
+	use qmail-spp && eapply "${FILESDIR}/genqmail-20080406-ldflags.patch"
+	eapply "${FILESDIR}"/use-new-path-for-functions.sh.patch
+	popd >/dev/null || die
+
+	qmail_src_postunpack
+
+	# Fix bug #33818 but for netqmail (Bug 137015)
+	if ! use authcram; then
+		einfo "Disabled CRAM_MD5 support"
+		sed -e 's,^#define CRAM_MD5$,/*&*/,' -i "${S}"/qmail-smtpd.c || die
+	else
+		einfo "Enabled CRAM_MD5 support"
+	fi
+
+	ht_fix_file Makefile*
+}
+
+src_compile() {
+	qmail_src_compile
+	use qmail-spp && qmail_spp_src_compile
+}
+
+src_install() {
+	qmail_src_install
+}
+
+pkg_postinst() {
+	qmail_queue_setup
+	qmail_rootmail_fixup
+	qmail_tcprules_build
+
+	qmail_config_notice
+	qmail_supervise_config_notice
+	elog
+	elog "If you are looking for documentation, check those links:"
+	elog "https://wiki.gentoo.org/wiki/Virtual_mail_hosting_with_qmail"
+	elog "  -- qmail/vpopmail Virtual Mail Hosting System Guide"
+	elog "http://www.lifewithqmail.com/"
+	elog "  -- Life with qmail"
+	elog
+}
+
+pkg_preinst() {
+	qmail_tcprules_fixup
+}
+
+pkg_config() {
+	# avoid some weird locale problems
+	export LC_ALL=C
+
+	qmail_config_fast
+	qmail_tcprules_config
+	qmail_tcprules_build
+
+	use ssl && qmail_ssl_generate
+}

[gentoo-commits] repo/gentoo:master commit in: mail-mta/netqmail/files/, mail-mta/netqmail/

[Joonas Niilola]

commit:     c0c074a84d82aba52e68925cbb158e8d4b57f0bf
Author:     Rolf Eike Beer <eike <AT> sf-mail <DOT> de>
AuthorDate: Tue Oct 29 22:09:12 2019 +0000
Commit:     Joonas Niilola <juippis <AT> gentoo <DOT> org>
CommitDate: Fri Nov  1 13:59:14 2019 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=c0c074a8

mail-mta/netqmail: fix SMTPUTF8 mode

This fix was provided by the original patch author, but he sadly did not provide
a new patch.

Closes: https://bugs.gentoo.org/611142
Signed-off-by: Rolf Eike Beer <eike <AT> sf-mail.de>
Signed-off-by: Joonas Niilola <juippis <AT> gentoo.org>

 .../netqmail/files/qmail-smtputf8-crlf-fix.patch   |  12 ++
 mail-mta/netqmail/netqmail-1.06-r10.ebuild         | 196 +++++++++++++++++++++
 2 files changed, 208 insertions(+)

diff --git a/mail-mta/netqmail/files/qmail-smtputf8-crlf-fix.patch b/mail-mta/netqmail/files/qmail-smtputf8-crlf-fix.patch
new file mode 100644
index 00000000000..cde34e0f9dd
--- /dev/null
+++ b/mail-mta/netqmail/files/qmail-smtputf8-crlf-fix.patch
@@ -0,0 +1,12 @@
+https://bugs.gentoo.org/611142
+
+--- a/qmail-remote.c	2019-10-29 22:46:27.076000000 +0100
++++ b/qmail-remote.c	2019-10-29 22:48:18.868000000 +0100
+@@ -556,6 +556,7 @@ void checkutf8message()
+     if (r == 0) break;
+     if (r == -1) temp_read();
+ 
++    if (ch == '\n' && !stralloc_cats(&firstpart,"\r")) temp_nomem();
+     if (!stralloc_append(&firstpart,&ch)) temp_nomem();
+ 
+     if (ch == '\r')

diff --git a/mail-mta/netqmail/netqmail-1.06-r10.ebuild b/mail-mta/netqmail/netqmail-1.06-r10.ebuild
new file mode 100644
index 00000000000..315e297526f
--- /dev/null
+++ b/mail-mta/netqmail/netqmail-1.06-r10.ebuild
@@ -0,0 +1,196 @@
+# Copyright 1999-2019 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=7
+
+GENQMAIL_PV=20191010
+QMAIL_SPP_PV=0.42
+
+QMAIL_TLS_PV=20190114
+QMAIL_TLS_F=${PN}-1.05-tls-smtpauth-${QMAIL_TLS_PV}.patch
+QMAIL_TLS_CVE=vu555316.patch
+
+QMAIL_BIGTODO_PV=103
+QMAIL_BIGTODO_F=big-todo.${QMAIL_BIGTODO_PV}.patch
+
+QMAIL_LARGE_DNS='qmail-103.patch'
+
+QMAIL_SMTPUTF8='qmail-smtputf8.patch'
+
+inherit qmail
+
+DESCRIPTION="qmail -- a secure, reliable, efficient, simple message transfer agent"
+HOMEPAGE="
+	http://netqmail.org
+	https://cr.yp.to/qmail.html
+	http://qmail.org
+"
+SRC_URI="mirror://qmail/${P}.tar.gz
+	https://github.com/DerDakon/genqmail/releases/download/genqmail-${GENQMAIL_PV}/${GENQMAIL_F}
+	https://www.ckdhr.com/ckd/${QMAIL_LARGE_DNS}
+	!vanilla? (
+		highvolume? ( mirror://qmail/${QMAIL_BIGTODO_F} )
+		qmail-spp? ( mirror://sourceforge/qmail-spp/${QMAIL_SPP_F} )
+		ssl? (
+			https://mirror.alexh.name/qmail/netqmail/${QMAIL_TLS_F}
+			http://inoa.net/qmail-tls/${QMAIL_TLS_CVE}
+			https://arnt.gulbrandsen.priv.no/qmail/qmail-smtputf8.patch
+		)
+	)
+"
+
+LICENSE="public-domain"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~arm ~hppa ~mips ~ppc ~ppc64 ~x86"
+IUSE="authcram gencertdaily highvolume libressl qmail-spp ssl vanilla"
+REQUIRED_USE="vanilla? ( !ssl !qmail-spp !highvolume )"
+RESTRICT="test"
+
+DEPEND="
+	acct-group/nofiles
+	acct-group/qmail
+	acct-user/alias
+	acct-user/qmaild
+	acct-user/qmaill
+	acct-user/qmailp
+	acct-user/qmailq
+	acct-user/qmailr
+	acct-user/qmails
+	net-dns/libidn2
+	net-mail/queue-repair
+	sys-apps/gentoo-functions
+	sys-apps/groff
+	ssl? (
+		!libressl? ( >=dev-libs/openssl-1.1:0= )
+		libressl? ( dev-libs/libressl:= )
+	)
+"
+RDEPEND="${DEPEND}
+	sys-apps/ucspi-tcp
+	virtual/checkpassword
+	virtual/daemontools
+	authcram? ( >=net-mail/cmd5checkpw-0.30 )
+	ssl? ( sys-apps/ucspi-ssl )
+	!mail-mta/courier
+	!mail-mta/esmtp
+	!mail-mta/exim
+	!mail-mta/mini-qmail
+	!mail-mta/msmtp[mta]
+	!mail-mta/nullmailer
+	!mail-mta/opensmtpd
+	!mail-mta/postfix
+	!mail-mta/qmail-ldap
+	!mail-mta/sendmail
+	!mail-mta/ssmtp[mta]
+"
+
+pkg_setup() {
+	if [[ -n "${QMAIL_PATCH_DIR}" ]]; then
+		eerror
+		eerror "The QMAIL_PATCH_DIR variable for custom patches"
+		eerror "has been removed from ${PN}. If you need custom patches"
+		eerror "see 'user patches' in the portage manual."
+		eerror
+		die "QMAIL_PATCH_DIR is not supported anymore"
+	fi
+}
+
+src_unpack() {
+	genqmail_src_unpack
+	use qmail-spp && qmail_spp_src_unpack
+
+	unpack ${P}.tar.gz
+}
+
+PATCHES=(
+	"${FILESDIR}/${PV}-exit.patch"
+	"${FILESDIR}/${PV}-readwrite.patch"
+	"${DISTDIR}/${QMAIL_LARGE_DNS}"
+	"${FILESDIR}/${PV}-fbsd-utmpx.patch"
+	"${FILESDIR}/${P}-ipme-multiple.patch"
+)
+
+src_prepare() {
+	if ! use vanilla; then
+		if use ssl; then
+			# This patch contains relative paths and needs to be cleaned up.
+			sed 's~^--- \.\./\.\./~--- ~g' \
+				< "${DISTDIR}"/${QMAIL_TLS_F} \
+				> "${T}"/${QMAIL_TLS_F} || die
+			PATCHES+=( "${T}/${QMAIL_TLS_F}"
+				"${DISTDIR}/${QMAIL_TLS_CVE}"
+				"${FILESDIR}/qmail-smtputf8.patch"
+				"${FILESDIR}/qmail-smtputf8-crlf-fix.patch"
+			)
+		fi
+		if use highvolume; then
+			PATCHES+=( "${DISTDIR}/${QMAIL_BIGTODO_F}" )
+		fi
+
+		if use qmail-spp; then
+			if use ssl; then
+				SPP_PATCH="${QMAIL_SPP_S}/qmail-spp-smtpauth-tls-20060105.diff"
+			else
+				SPP_PATCH="${QMAIL_SPP_S}/netqmail-spp.diff"
+			fi
+			# make the patch work with "-p1"
+			sed -e 's#^--- \([Mq]\)#--- a/\1#' -e 's#^+++ \([Mq]\)#+++ b/\1#' -i ${SPP_PATCH} || die
+
+			PATCHES+=( "${SPP_PATCH}" )
+		fi
+	fi
+
+	default
+
+	qmail_src_postunpack
+
+	# Fix bug #33818 but for netqmail (Bug 137015)
+	if ! use authcram; then
+		einfo "Disabled CRAM_MD5 support"
+		sed -e 's,^#define CRAM_MD5$,/*&*/,' -i "${S}"/qmail-smtpd.c || die
+	else
+		einfo "Enabled CRAM_MD5 support"
+	fi
+
+	ht_fix_file Makefile*
+}
+
+src_compile() {
+	qmail_src_compile
+	use qmail-spp && qmail_spp_src_compile
+}
+
+src_install() {
+	qmail_src_install
+}
+
+pkg_postinst() {
+	qmail_queue_setup
+	qmail_rootmail_fixup
+	qmail_tcprules_build
+
+	qmail_config_notice
+	qmail_supervise_config_notice
+	elog
+	elog "If you are looking for documentation, check those links:"
+	elog "https://wiki.gentoo.org/wiki/Virtual_mail_hosting_with_qmail"
+	elog "  -- qmail/vpopmail Virtual Mail Hosting System Guide"
+	elog "http://www.lifewithqmail.com/"
+	elog "  -- Life with qmail"
+	elog
+}
+
+pkg_preinst() {
+	qmail_tcprules_fixup
+}
+
+pkg_config() {
+	# avoid some weird locale problems
+	export LC_ALL=C
+
+	qmail_config_fast
+	qmail_tcprules_config
+	qmail_tcprules_build
+
+	use ssl && qmail_ssl_generate
+}

[gentoo-commits] repo/gentoo:master commit in: mail-mta/netqmail/files/, mail-mta/netqmail/

[Joonas Niilola]

commit:     668d198ff2da26953b3d6f9df3f8aea93375317d
Author:     Rolf Eike Beer <eike <AT> sf-mail <DOT> de>
AuthorDate: Sat Nov 30 22:42:42 2019 +0000
Commit:     Joonas Niilola <juippis <AT> gentoo <DOT> org>
CommitDate: Tue Dec  3 13:34:53 2019 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=668d198f

mail-mta/netqmail: avoid ANY DNS queries

Closes: https://bugs.gentoo.org/701476
Signed-off-by: Rolf Eike Beer <eike <AT> sf-mail.de>
Closes: https://github.com/gentoo/gentoo/pull/13816
Signed-off-by: Joonas Niilola <juippis <AT> gentoo.org>

 .../files/netqmail-1.06-any-to-cname.patch         |  74 ++++++++
 mail-mta/netqmail/netqmail-1.06-r12.ebuild         | 199 +++++++++++++++++++++
 2 files changed, 273 insertions(+)

diff --git a/mail-mta/netqmail/files/netqmail-1.06-any-to-cname.patch b/mail-mta/netqmail/files/netqmail-1.06-any-to-cname.patch
new file mode 100644
index 00000000000..9c9d5396351
--- /dev/null
+++ b/mail-mta/netqmail/files/netqmail-1.06-any-to-cname.patch
@@ -0,0 +1,74 @@
+From b05ec6cbdacdf40d6c75326394461e22b7f8ab20 Mon Sep 17 00:00:00 2001
+From: Jonathan de Boyne Pollard <J.deBoynePollard-newsgroups@NTLWorld.com>
+Date: Fri, 12 Jul 2019 23:34:52 -0600
+Subject: [PATCH] Apply Jonathan de Boyne Pollard's any-to-cname patch.
+
+modifies the behaviour of qmail-remote to remove the workaround
+that Dan Bernstein added on 1996-10-03 to work around a bug in
+BIND versions earlier than version 4.9.4.
+
+Applying this patch incurs a risk, but yields a benefit. It is
+published in order to allow others to experiment with removing
+the workaround.
+
+The risk is twofold:
+
+ * qmail-remote will not be able to relay any mail if one's own
+   proxy DNS server is such a version of BIND. This is trivially
+   overcome by replacing such an old version of BIND either with a
+   new version of BIND that doesn't have the problem or with some
+   other proxy DNS server software entirely (such as dnscache).
+
+ * qmail-remote will not be able to relay mail to domains whose
+   content DNS servers use such versions of BIND, because the
+   "CNAME" resource record lookup will fail. To gauge the level of
+   this risk, notice that Dan's own 2002-12-17 survey of content DNS
+   servers reports a mere 2% of the "*.com." content DNS servers as
+   employing BIND version 4 (but doesn't report how many of that 2%
+   employ BIND 4 versions earlier than 4.9.4).
+
+The benefit of this patch is that it reduces DNS query traffic
+and proxy DNS server cache load.
+
+ * Without it, qmail-remote issues "ANY" queries. Some proxy DNS
+   server softwares (albeit not dnscache) pass such queries through
+   directly to the back end, meaning that every query issued by
+   qmail-remote will result in a back-end query to a content DNS
+   server, no matter if the necessary information is already cached.
+   Moreover: The results of such a query, which are often a large
+   collection of resource record sets of various types, are cached
+   in the proxy DNS server's cache, even though almost none of them
+   will be used. A caching proxy DNS server dedicated to serving
+   qmail will end up with all sorts of cruft in its cache that isn't
+   actually relevant to mail transportation, taking up space that
+   could be better put to use caching those resource record sets
+   that are relevant.
+
+ * With it, qmail-remote issues "CNAME" queries. All of the mainstream
+   proxy DNS server softwares in popular use (apart from dnscache,
+   because it has problems in this regard) don't pass such queries
+   directly through, and will answer them from their caches without
+   issuing a back-end query at all if the data are already there and
+   still current. Moreover: A caching proxy DNS server dedicated to
+   serving qmail will not have its cache cluttered with irrelevant
+   data.
+---
+ dns.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/dns.c b/dns.c
+index 44db25b..77e4ff7 100644
+--- a/dns.c
++++ b/dns.c
+@@ -197,7 +197,7 @@ stralloc *sa;
+    if (!sa->len) return loop;
+    if (sa->s[sa->len - 1] == ']') return loop;
+    if (sa->s[sa->len - 1] == '.') { --sa->len; continue; }
+-   switch(resolve(sa,T_ANY))
++   switch(resolve(sa,T_CNAME))
+     {
+      case DNS_MEM: return DNS_MEM;
+      case DNS_SOFT: return DNS_SOFT;
+-- 
+2.16.4
+

diff --git a/mail-mta/netqmail/netqmail-1.06-r12.ebuild b/mail-mta/netqmail/netqmail-1.06-r12.ebuild
new file mode 100644
index 00000000000..8044a26d502
--- /dev/null
+++ b/mail-mta/netqmail/netqmail-1.06-r12.ebuild
@@ -0,0 +1,199 @@
+# Copyright 1999-2019 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=7
+
+GENQMAIL_PV=20191010
+QMAIL_SPP_PV=0.42
+
+QMAIL_TLS_PV=20190114
+QMAIL_TLS_F=${PN}-1.05-tls-smtpauth-${QMAIL_TLS_PV}.patch
+QMAIL_TLS_CVE=vu555316.patch
+
+QMAIL_BIGTODO_PV=103
+QMAIL_BIGTODO_F=big-todo.${QMAIL_BIGTODO_PV}.patch
+
+QMAIL_LARGE_DNS='qmail-103.patch'
+
+QMAIL_SMTPUTF8='qmail-smtputf8.patch'
+
+inherit qmail
+
+DESCRIPTION="qmail -- a secure, reliable, efficient, simple message transfer agent"
+HOMEPAGE="
+	http://netqmail.org
+	https://cr.yp.to/qmail.html
+	http://qmail.org
+"
+SRC_URI="mirror://qmail/${P}.tar.gz
+	https://github.com/DerDakon/genqmail/releases/download/genqmail-${GENQMAIL_PV}/${GENQMAIL_F}
+	https://www.ckdhr.com/ckd/${QMAIL_LARGE_DNS}
+	!vanilla? (
+		highvolume? ( mirror://qmail/${QMAIL_BIGTODO_F} )
+		qmail-spp? ( mirror://sourceforge/qmail-spp/${QMAIL_SPP_F} )
+		ssl? (
+			https://mirror.alexh.name/qmail/netqmail/${QMAIL_TLS_F}
+			http://inoa.net/qmail-tls/${QMAIL_TLS_CVE}
+			https://arnt.gulbrandsen.priv.no/qmail/qmail-smtputf8.patch
+		)
+	)
+"
+
+LICENSE="public-domain"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~arm ~hppa ~mips ~ppc ~ppc64 ~x86"
+IUSE="authcram gencertdaily highvolume libressl pop3 qmail-spp ssl vanilla"
+REQUIRED_USE="vanilla? ( !ssl !qmail-spp !highvolume )"
+RESTRICT="test"
+
+DEPEND="
+	acct-group/nofiles
+	acct-group/qmail
+	acct-user/alias
+	acct-user/qmaild
+	acct-user/qmaill
+	acct-user/qmailp
+	acct-user/qmailq
+	acct-user/qmailr
+	acct-user/qmails
+	net-dns/libidn2
+	net-mail/queue-repair
+	sys-apps/gentoo-functions
+	sys-apps/groff
+	ssl? (
+		!libressl? ( >=dev-libs/openssl-1.1:0= )
+		libressl? ( dev-libs/libressl:= )
+	)
+"
+RDEPEND="${DEPEND}
+	sys-apps/ucspi-tcp
+	virtual/checkpassword
+	virtual/daemontools
+	authcram? ( >=net-mail/cmd5checkpw-0.30 )
+	ssl? (
+		pop3? ( sys-apps/ucspi-ssl )
+	)
+	!mail-mta/courier
+	!mail-mta/esmtp
+	!mail-mta/exim
+	!mail-mta/mini-qmail
+	!mail-mta/msmtp[mta]
+	!mail-mta/nullmailer
+	!mail-mta/opensmtpd
+	!mail-mta/postfix
+	!mail-mta/qmail-ldap
+	!mail-mta/sendmail
+	!mail-mta/ssmtp[mta]
+"
+
+pkg_setup() {
+	if [[ -n "${QMAIL_PATCH_DIR}" ]]; then
+		eerror
+		eerror "The QMAIL_PATCH_DIR variable for custom patches"
+		eerror "has been removed from ${PN}. If you need custom patches"
+		eerror "see 'user patches' in the portage manual."
+		eerror
+		die "QMAIL_PATCH_DIR is not supported anymore"
+	fi
+}
+
+src_unpack() {
+	genqmail_src_unpack
+	use qmail-spp && qmail_spp_src_unpack
+
+	unpack ${P}.tar.gz
+}
+
+PATCHES=(
+	"${FILESDIR}/${PV}-exit.patch"
+	"${FILESDIR}/${PV}-readwrite.patch"
+	"${DISTDIR}/${QMAIL_LARGE_DNS}"
+	"${FILESDIR}/${PV}-fbsd-utmpx.patch"
+	"${FILESDIR}/${P}-ipme-multiple.patch"
+	"${FILESDIR}/${P}-any-to-cname.patch"
+)
+
+src_prepare() {
+	if ! use vanilla; then
+		if use ssl; then
+			# This patch contains relative paths and needs to be cleaned up.
+			sed 's~^--- \.\./\.\./~--- ~g' \
+				< "${DISTDIR}"/${QMAIL_TLS_F} \
+				> "${T}"/${QMAIL_TLS_F} || die
+			PATCHES+=( "${T}/${QMAIL_TLS_F}"
+				"${DISTDIR}/${QMAIL_TLS_CVE}"
+				"${FILESDIR}/qmail-smtputf8.patch"
+				"${FILESDIR}/qmail-smtputf8-crlf-fix.patch"
+			)
+		fi
+		if use highvolume; then
+			PATCHES+=( "${DISTDIR}/${QMAIL_BIGTODO_F}" )
+		fi
+
+		if use qmail-spp; then
+			if use ssl; then
+				SPP_PATCH="${QMAIL_SPP_S}/qmail-spp-smtpauth-tls-20060105.diff"
+			else
+				SPP_PATCH="${QMAIL_SPP_S}/netqmail-spp.diff"
+			fi
+			# make the patch work with "-p1"
+			sed -e 's#^--- \([Mq]\)#--- a/\1#' -e 's#^+++ \([Mq]\)#+++ b/\1#' -i ${SPP_PATCH} || die
+
+			PATCHES+=( "${SPP_PATCH}" )
+		fi
+	fi
+
+	default
+
+	qmail_src_postunpack
+
+	# Fix bug #33818 but for netqmail (Bug 137015)
+	if ! use authcram; then
+		einfo "Disabled CRAM_MD5 support"
+		sed -e 's,^#define CRAM_MD5$,/*&*/,' -i "${S}"/qmail-smtpd.c || die
+	else
+		einfo "Enabled CRAM_MD5 support"
+	fi
+
+	ht_fix_file Makefile*
+}
+
+src_compile() {
+	qmail_src_compile
+	use qmail-spp && qmail_spp_src_compile
+}
+
+src_install() {
+	qmail_src_install
+}
+
+pkg_postinst() {
+	qmail_queue_setup
+	qmail_rootmail_fixup
+	qmail_tcprules_build
+
+	qmail_config_notice
+	qmail_supervise_config_notice
+	elog
+	elog "If you are looking for documentation, check those links:"
+	elog "https://wiki.gentoo.org/wiki/Virtual_mail_hosting_with_qmail"
+	elog "  -- qmail/vpopmail Virtual Mail Hosting System Guide"
+	elog "http://www.lifewithqmail.com/"
+	elog "  -- Life with qmail"
+	elog
+}
+
+pkg_preinst() {
+	qmail_tcprules_fixup
+}
+
+pkg_config() {
+	# avoid some weird locale problems
+	export LC_ALL=C
+
+	qmail_config_fast
+	qmail_tcprules_config
+	qmail_tcprules_build
+
+	use ssl && qmail_ssl_generate
+}