From eb91cbdb90ce19d32becdae439f983a5b2634efb Mon Sep 17 00:00:00 2001 From: maxice8 Date: Thu, 29 Nov 2018 09:28:56 -0200 Subject: [PATCH] postfix: update to 3.3.2. --- srcpkgs/postfix/patches/libressl.patch | 104 +++++++++---------------- srcpkgs/postfix/template | 6 +- 2 files changed, 38 insertions(+), 72 deletions(-) diff --git a/srcpkgs/postfix/patches/libressl.patch b/srcpkgs/postfix/patches/libressl.patch index a162085bf94..1c3fc70e3b6 100644 --- a/srcpkgs/postfix/patches/libressl.patch +++ b/srcpkgs/postfix/patches/libressl.patch @@ -1,7 +1,10 @@ -$OpenBSD: patch-src_posttls-finger_posttls-finger_c,v 1.2 2017/03/04 22:09:43 sthen Exp $ ---- src/posttls-finger/posttls-finger.c.orig Fri Feb 3 17:43:04 2017 -+++ src/posttls-finger/posttls-finger.c Mon Feb 20 12:42:58 2017 -@@ -1513,7 +1513,8 @@ static int finger(STATE *state) +Source: https://svnweb.freebsd.org/ports/head/mail/postfix/files/?sortby=date#dirlist +Upstream: no, upstream does not define a contribution workflow/platform +Reason: fix compatibility with LibreSSL + +--- src/posttls-finger/posttls-finger.c 2017-02-03 23:43:04.000000000 +0100 ++++ src/posttls-finger/posttls-finger.c 2018-11-29 11:20:05.850958411 +0100 +@@ -1513,7 +1513,8 @@ return (0); } @@ -11,7 +14,7 @@ $OpenBSD: patch-src_posttls-finger_posttls-finger_c,v 1.2 2017/03/04 22:09:43 st /* ssl_cleanup - free memory allocated in the OpenSSL library */ -@@ -1966,7 +1967,8 @@ int main(int argc, char *argv[]) +@@ -1966,7 +1967,8 @@ cleanup(&state); /* OpenSSL 1.1.0 and later (de)initialization is implicit */ @@ -21,10 +24,9 @@ $OpenBSD: patch-src_posttls-finger_posttls-finger_c,v 1.2 2017/03/04 22:09:43 st ssl_cleanup(); #endif -$OpenBSD: patch-src_tls_tls_client_c,v 1.2 2017/03/04 22:09:43 sthen Exp $ ---- src/tls/tls_client.c.orig Sun Jan 1 17:22:13 2017 -+++ src/tls/tls_client.c Mon Feb 20 12:42:58 2017 -@@ -299,7 +299,7 @@ TLS_APPL_STATE *tls_client_init(const TLS_CLIENT_INIT_ +--- src/tls/tls_client.c 2018-11-17 23:33:15.000000000 +0100 ++++ src/tls/tls_client.c 2018-11-29 11:20:44.305963154 +0100 +@@ -299,7 +299,7 @@ */ tls_check_version(); @@ -33,7 +35,7 @@ $OpenBSD: patch-src_tls_tls_client_c,v 1.2 2017/03/04 22:09:43 sthen Exp $ /* * Initialize the OpenSSL library by the book! To start with, we must -@@ -433,7 +433,7 @@ TLS_APPL_STATE *tls_client_init(const TLS_CLIENT_INIT_ +@@ -433,7 +433,7 @@ /* * 2015-12-05: Ephemeral RSA removed from OpenSSL 1.1.0-dev */ @@ -42,10 +44,9 @@ $OpenBSD: patch-src_tls_tls_client_c,v 1.2 2017/03/04 22:09:43 sthen Exp $ /* * According to the OpenSSL documentation, temporary RSA key is needed -$OpenBSD: patch-src_tls_tls_dane_c,v 1.2 2017/03/04 22:09:43 sthen Exp $ ---- src/tls/tls_dane.c.orig Sun Jan 1 17:22:13 2017 -+++ src/tls/tls_dane.c Mon Feb 20 12:42:58 2017 -@@ -2125,7 +2125,7 @@ static SSL_CTX *ctx_init(const char *CAfile) +--- src/tls/tls_dane.c 2018-11-05 00:47:50.000000000 +0100 ++++ src/tls/tls_dane.c 2018-11-29 11:21:12.762966395 +0100 +@@ -2127,7 +2127,7 @@ tls_param_init(); tls_check_version(); @@ -54,28 +55,9 @@ $OpenBSD: patch-src_tls_tls_dane_c,v 1.2 2017/03/04 22:09:43 sthen Exp $ SSL_load_error_strings(); SSL_library_init(); #endif -$OpenBSD: patch-src_tls_tls_dh_c,v 1.1 2017/03/04 22:09:43 sthen Exp $ - -Fix building with LibreSSL - ---- src/tls/tls_dh.c.orig Mon Dec 26 18:47:24 2016 -+++ src/tls/tls_dh.c Sat Feb 4 01:45:39 2017 -@@ -314,7 +314,7 @@ void tls_auto_eecdh_curves(SSL_CTX *ctx) - * This is a NOP in OpenSSL 1.1.0 and later, where curves are always - * auto-negotiated. - */ --#if OPENSSL_VERSION_NUMBER < 0x10100000UL -+#if OPENSSL_VERSION_NUMBER < 0x10100000UL || defined(LIBRESSL_VERSION_NUMBER) - if (SSL_CTX_set_ecdh_auto(ctx, 1) <= 0) { - msg_warn("failed to enable automatic ECDHE curve selection"); - tls_print_errors(); -$OpenBSD: patch-src_tls_tls_h,v 1.2 2017/03/04 22:09:43 sthen Exp $ - -Fix building with LibreSSL - ---- src/tls/tls.h.orig Sun Jan 1 17:22:13 2017 -+++ src/tls/tls.h Fri Jan 6 23:17:26 2017 -@@ -89,7 +89,7 @@ extern const char *str_tls_level(int); +--- src/tls/tls.h 2018-11-17 23:55:55.000000000 +0100 ++++ src/tls/tls.h 2018-11-29 11:21:38.228969112 +0100 +@@ -89,7 +89,7 @@ #endif /* Backwards compatibility with OpenSSL < 1.1.0 */ @@ -84,19 +66,8 @@ Fix building with LibreSSL #define OpenSSL_version_num SSLeay #define OpenSSL_version SSLeay_version #define OPENSSL_VERSION SSLEAY_VERSION -@@ -104,6 +104,9 @@ extern const char *str_tls_level(int); - #define ASN1_STRING_get0_data ASN1_STRING_data - #define X509_getm_notBefore X509_get_notBefore - #define X509_getm_notAfter X509_get_notAfter -+#endif -+ -+#if OPENSSL_VERSION_NUMBER < 0x10100000L - #define TLS_method SSLv23_method - #define TLS_client_method SSLv23_client_method - #define TLS_server_method SSLv23_server_method -$OpenBSD: patch-src_tls_tls_rsa_c,v 1.1 2016/09/03 15:39:58 sthen Exp $ ---- src/tls/tls_rsa.c.orig Thu Sep 1 21:57:15 2016 -+++ src/tls/tls_rsa.c Thu Sep 1 21:58:11 2016 +--- src/tls/tls_rsa.c 2016-01-03 15:49:51.000000000 +0100 ++++ src/tls/tls_rsa.c 2018-11-29 11:22:05.178971819 +0100 @@ -57,7 +57,7 @@ /* * 2015-12-05: Ephemeral RSA removed from OpenSSL 1.1.0-dev @@ -106,7 +77,7 @@ $OpenBSD: patch-src_tls_tls_rsa_c,v 1.1 2016/09/03 15:39:58 sthen Exp $ /* tls_tmp_rsa_cb - call-back to generate ephemeral RSA key */ -@@ -109,7 +109,7 @@ int main(int unused_argc, char *const argv[]) +@@ -109,7 +109,7 @@ /* * 2015-12-05: Ephemeral RSA removed from OpenSSL 1.1.0-dev */ @@ -115,10 +86,9 @@ $OpenBSD: patch-src_tls_tls_rsa_c,v 1.1 2016/09/03 15:39:58 sthen Exp $ RSA *rsa; msg_vstream_init(argv[0], VSTREAM_ERR); -$OpenBSD: patch-src_tls_tls_server_c,v 1.2 2017/03/04 22:09:43 sthen Exp $ ---- src/tls/tls_server.c.orig Sun Jan 1 17:22:13 2017 -+++ src/tls/tls_server.c Mon Feb 20 12:42:58 2017 -@@ -174,7 +174,7 @@ static const char server_session_id_context[] = "Postf +--- src/tls/tls_server.c 2018-11-17 23:33:15.000000000 +0100 ++++ src/tls/tls_server.c 2018-11-29 11:24:36.505984117 +0100 +@@ -174,7 +174,7 @@ #endif /* OPENSSL_VERSION_NUMBER */ /* OpenSSL 1.1.0 bitrot */ @@ -127,7 +97,7 @@ $OpenBSD: patch-src_tls_tls_server_c,v 1.2 2017/03/04 22:09:43 sthen Exp $ typedef const unsigned char *session_id_t; #else -@@ -377,7 +377,7 @@ TLS_APPL_STATE *tls_server_init(const TLS_SERVER_INIT_ +@@ -377,7 +377,7 @@ */ tls_check_version(); @@ -136,7 +106,16 @@ $OpenBSD: patch-src_tls_tls_server_c,v 1.2 2017/03/04 22:09:43 sthen Exp $ /* * Initialize the OpenSSL library by the book! To start with, we must -@@ -580,7 +580,7 @@ TLS_APPL_STATE *tls_server_init(const TLS_SERVER_INIT_ +@@ -486,7 +486,7 @@ + * OpenSSL 0.9.8h, while SSL_NO_TICKET was added in 0.9.8f. + */ + #ifdef SSL_OP_NO_TICKET +-#if !defined(OPENSSL_NO_TLSEXT) && OPENSSL_VERSION_NUMBER >= 0x0090808fL ++#if !defined(OPENSSL_NO_TLSEXT) && OPENSSL_VERSION_NUMBER >= 0x0090808fL && !defined(LIBRESSL_VERSION_NUMBER) + ticketable = (*var_tls_tkt_cipher && scache_timeout > 0 + && !(off & SSL_OP_NO_TICKET)); + if (ticketable) { +@@ -595,7 +595,7 @@ /* * 2015-12-05: Ephemeral RSA removed from OpenSSL 1.1.0-dev */ @@ -145,16 +124,3 @@ $OpenBSD: patch-src_tls_tls_server_c,v 1.2 2017/03/04 22:09:43 sthen Exp $ /* * According to OpenSSL documentation, a temporary RSA key is needed when - -For LibreSSL 2.4: ---- src/tls/tls_dh.c.orig -+++ src/tls/tls_dh.c -@@ -244,7 +244,7 @@ - - void tls_auto_eecdh_curves(SSL_CTX *ctx) - { --#if OPENSSL_VERSION_NUMBER >= 0x1000200fUL && !defined(OPENSSL_NO_ECDH) -+#if OPENSSL_VERSION_NUMBER >= 0x1000200fUL && !defined(OPENSSL_NO_ECDH) && !defined(LIBRESSL_VERSION_NUMBER) - SSL_CTX *tmpctx; - int *nids; - int space = 5; diff --git a/srcpkgs/postfix/template b/srcpkgs/postfix/template index fc71e27b107..1ba2c10791e 100644 --- a/srcpkgs/postfix/template +++ b/srcpkgs/postfix/template @@ -1,8 +1,8 @@ # Template file for 'postfix' pkgname=postfix -version=3.3.1 +version=3.3.2 revision=4 -hostmakedepends="perl" +hostmakedepends="perl m4" makedepends="icu-devel libldap-devel libmysqlclient-devel pcre-devel postgresql-libs-devel sqlite-devel" short_desc="High-performance mail transport agent" @@ -10,7 +10,7 @@ maintainer="Juan RP " license="IPL-1.0, EPL-2.0" homepage="http://www.postfix.org/" distfiles="ftp://ftp.porcupine.org/mirrors/postfix-release/official/${pkgname}-${version}.tar.gz" -checksum=54f514dae42b5275cb4bc9c69283f16c06200b71813d0bb696568c4ba7ae7e3b +checksum=3c93f31eee49a58e592c31e62a058701cadde11e8e066ea441da19fddad7b35b system_accounts="postfix" postfix_homedir="/var/spool/postfix"