diff options
author | schmonz <schmonz@pkgsrc.org> | 2018-10-24 13:32:26 +0000 |
---|---|---|
committer | schmonz <schmonz@pkgsrc.org> | 2018-10-24 13:32:26 +0000 |
commit | 4b1863460bc3d1dc9d6988b12d11ebf39c99ce24 (patch) | |
tree | 4c31177a4708f6c979a004104cb059841222a2a9 | |
parent | 7e5ad16f87b182b82749d19fa2d2013b2b418509 (diff) | |
download | pkgsrc-4b1863460bc3d1dc9d6988b12d11ebf39c99ce24.tar.gz |
We've been stuck on a TLS implementation from 2007 because the TLS
patch and the AUTH patch conflict, nobody else has published a newer
hand-merged combo patch, and as it happens, I'd apparently rather
write a pile of new DJB-style C than make myself responsible for
hand-merging other people's security-sensitive code every time there's
a new TLS patch.
Now that we have AUTH without patching (see mail/qmail-acceptutils), the
"sasl" option goes away, we're finally on the most recent TLS patch
available, and when it's updated it'll be easy for us to keep up.
Rebase RCPTCHECK and EAI patches onto netqmail-with-TLS-and-no-AUTH.
Bump PKGREVISION.
-rw-r--r-- | mail/qmail/Makefile | 4 | ||||
-rw-r--r-- | mail/qmail/distinfo | 26 | ||||
-rw-r--r-- | mail/qmail/options.mk | 56 |
3 files changed, 30 insertions, 56 deletions
diff --git a/mail/qmail/Makefile b/mail/qmail/Makefile index 9d98263ff57..7638455f9cc 100644 --- a/mail/qmail/Makefile +++ b/mail/qmail/Makefile @@ -1,9 +1,9 @@ -# $NetBSD: Makefile,v 1.98 2018/09/14 09:01:53 schmonz Exp $ +# $NetBSD: Makefile,v 1.99 2018/10/24 13:32:26 schmonz Exp $ # DISTNAME= netqmail-1.06 PKGNAME= qmail-1.03 -PKGREVISION= 37 +PKGREVISION= 38 CATEGORIES= mail MASTER_SITES= http://qmail.org/ diff --git a/mail/qmail/distinfo b/mail/qmail/distinfo index 2dfad3280e3..17f25a6fe12 100644 --- a/mail/qmail/distinfo +++ b/mail/qmail/distinfo @@ -1,9 +1,5 @@ -$NetBSD: distinfo,v 1.38 2018/05/28 23:39:16 schmonz Exp $ +$NetBSD: distinfo,v 1.39 2018/10/24 13:32:26 schmonz Exp $ -SHA1 (netqmail-1.05-tls-smtpauth-20070417.patch) = d24cb13cf1371044fc2dfe20471478f59b5524e5 -RMD160 (netqmail-1.05-tls-smtpauth-20070417.patch) = 81a00e06fa67a4073b1a5bf5195fbbac675cd46b -SHA512 (netqmail-1.05-tls-smtpauth-20070417.patch) = ce5fb50ae9a7683b708eeb65c68a0db47c5817eb3fc14457c4f7c5746916ca2734c647a2369bf6f1240477ee818e3e7d7870aec3edbad2eaace179cba6267e41 -Size (netqmail-1.05-tls-smtpauth-20070417.patch) = 67942 bytes SHA1 (netqmail-1.06-destdir-20170716.patch) = 92b3fe539d7863792e951723e26f6cfb6062771a RMD160 (netqmail-1.06-destdir-20170716.patch) = bad1976ba87e0af934a50d02bd38eebb3b22cf03 SHA512 (netqmail-1.06-destdir-20170716.patch) = 00dc4d90f52332784900d5c8b1142d5517d639115e1da4e1cf4880635d10107816981892f22847f682a71b7a15c348789bce20701d9bec20a2315c0fd1f2bf73 @@ -16,10 +12,18 @@ SHA1 (netqmail-1.06-qmailremote-20170716.patch) = cf7fa5aaf74a5b7d48b2cf0e5f46f7 RMD160 (netqmail-1.06-qmailremote-20170716.patch) = c26d7f8510cab92bcf5d5fbb861ec62ff593196a SHA512 (netqmail-1.06-qmailremote-20170716.patch) = de77c1b01ab88199b3f096e64a733dd86867001dfbcea1cf0d6b20e99d448638e0294440ef48fabc309355440834a8747b4c476cf47b89e6ddb3b7250008dd8e Size (netqmail-1.06-qmailremote-20170716.patch) = 1668 bytes -SHA1 (netqmail-1.06-tls-smtpauth-20070417-rcptcheck-20170716.patch) = 682661f44fdcb49e130226cbc90b32dbad1f2f6c -RMD160 (netqmail-1.06-tls-smtpauth-20070417-rcptcheck-20170716.patch) = 51cbb3a18275f5958fd3fd0299fb53e47fb066c1 -SHA512 (netqmail-1.06-tls-smtpauth-20070417-rcptcheck-20170716.patch) = 04f2d22a035a92af808a6351e2c7b98626b1fe699b95751c42b7c981f2fc4ff3538e159b80081cbad67ab89d3b23afcadffdaf0c0cc790c31c0b235480906507 -Size (netqmail-1.06-tls-smtpauth-20070417-rcptcheck-20170716.patch) = 3132 bytes +SHA1 (netqmail-1.06-tls-20160918-rcptcheck-20181022.patch) = 7f1090de7904820793e7534ea607b4f3fd3e52f2 +RMD160 (netqmail-1.06-tls-20160918-rcptcheck-20181022.patch) = 9940b7995fc1244a0c2d5e642f0dd265cb1cdd18 +SHA512 (netqmail-1.06-tls-20160918-rcptcheck-20181022.patch) = 0c185e056e4bab748de64b5d7457cb1abe7083e8e7126672715b3935f3439680c2e37b99a4f2cf3359c29cba13153d138eecc74719b659a54b26c6012331b09d +Size (netqmail-1.06-tls-20160918-rcptcheck-20181022.patch) = 3187 bytes +SHA1 (netqmail-1.06-tls-20160918-smtputf8-20181024.patch) = 8007a59a002445abc9fa09323b34e7a84598db68 +RMD160 (netqmail-1.06-tls-20160918-smtputf8-20181024.patch) = ec5da2b48f0a98b3eeb4b95ca8321768a8ccfbb7 +SHA512 (netqmail-1.06-tls-20160918-smtputf8-20181024.patch) = e8cf31a923ecddcc63d667539798a844e4f294a6f8000705b29258fe35637d0001f2948e0a2980f788a12749774c598825d8ec4bcd152a9c0f31069aff7f3014 +Size (netqmail-1.06-tls-20160918-smtputf8-20181024.patch) = 7080 bytes +SHA1 (netqmail-1.06-tls-20160918.patch) = c33b4f8e7391ee2673776da54567e21c44f3404f +RMD160 (netqmail-1.06-tls-20160918.patch) = e09409c08912ad29df6fe58980f90d320da3ac05 +SHA512 (netqmail-1.06-tls-20160918.patch) = bb165c1b46c3706afcdd20173b0705d0918770acb0016c8a24b56f3f0ab5b08bd15218a426cfc30f4d7ad04340e64cc0f9df8fa71a15b15b2fd4f0666dffa7ce +Size (netqmail-1.06-tls-20160918.patch) = 50082 bytes SHA1 (netqmail-1.06.tar.gz) = 9ee9a603e2ad3d8e1d34b900e19b7a5d275f538b RMD160 (netqmail-1.06.tar.gz) = d31598afa862abb35bc1feb8d038ab619b5a17a2 SHA512 (netqmail-1.06.tar.gz) = de40a6d8fac502bd785010434d99b99f2c0524e10aea3d0f2a0d35c70fce91e991eb1fb8f20a1276eb56d7e73130ea5e2c178f6075d138af47b28d9ca6e6046b @@ -40,10 +44,6 @@ SHA1 (qmail-queue-custom-error-v2.netqmail-1.05.patch) = 639d052ca9e46b9a63daadd RMD160 (qmail-queue-custom-error-v2.netqmail-1.05.patch) = e40fe48e048a41d92c052a12aafa1fccf8becba2 SHA512 (qmail-queue-custom-error-v2.netqmail-1.05.patch) = c3710a87cee5458fee7708166afd0d591b58b071eeea8d551c38c2d59c739865478cb1a0fbb8b592933f9bb85b865da6cdb8973fa0d93259605d01347600176c Size (qmail-queue-custom-error-v2.netqmail-1.05.patch) = 3873 bytes -SHA1 (qmail-smtputf8.patch) = 909cb9d5f77e9b85973ad5d9daf821287950bf56 -RMD160 (qmail-smtputf8.patch) = bbed2ca7167937f6a38caf375a7e1e9bc490bd96 -SHA512 (qmail-smtputf8.patch) = 8cafdf1a4f1fd41e6b11ee2abddac5c3da4a1d2ab17b5d3847433875a91f867a26eb358ae8c41791f1e77758e5a2c311134a286d888ccd23fbede6d9f0b475c4 -Size (qmail-smtputf8.patch) = 6693 bytes SHA1 (qmail-srs-0.8.patch) = 44d6075fe22d698b21a9045b0cce7f607bc86eee RMD160 (qmail-srs-0.8.patch) = cf86dc7874dc116b31bf933f18615c75cfc4c0c4 SHA512 (qmail-srs-0.8.patch) = a2a6c26a02d1c607f4ed4f73d6c8b57ed6a6c31126f20b073e9cd2258ca43c0da98a67de254df30e07e3887c90239cba0ccf3f45d535f4c66017217da1732f9b diff --git a/mail/qmail/options.mk b/mail/qmail/options.mk index 5cd3a20edb1..ef176cd5596 100644 --- a/mail/qmail/options.mk +++ b/mail/qmail/options.mk @@ -1,18 +1,19 @@ -# $NetBSD: options.mk,v 1.53 2018/09/14 16:44:09 schmonz Exp $ +# $NetBSD: options.mk,v 1.54 2018/10/24 13:32:26 schmonz Exp $ PKG_OPTIONS_VAR= PKG_OPTIONS.qmail -PKG_SUPPORTED_OPTIONS+= eai inet6 pam sasl syncdir tls +PKG_SUPPORTED_OPTIONS+= eai inet6 pam syncdir tls PKG_SUPPORTED_OPTIONS+= qmail-customerror qmail-srs -PKG_SUGGESTED_OPTIONS+= eai sasl syncdir tls +PKG_SUGGESTED_OPTIONS+= eai syncdir tls PKG_SUGGESTED_OPTIONS+= qmail-customerror qmail-srs # Formerly optional patches, now unconditionally applied: QMAILPATCHES= netqmail:${DEFAULT_DISTFILES} -QMAILPATCHES+= tls-smtpauth:${TLSSASL_PATCH} -TLSSASL_PATCH= netqmail-1.05-tls-smtpauth-20070417.patch -PATCHFILES+= ${TLSSASL_PATCH} -SITES.${TLSSASL_PATCH}= https://raw.githubusercontent.com/shupp/legacy-qmail-related/master/patches/ +QMAILPATCHES+= tls:${TLS_PATCH} +TLS_PATCH= netqmail-1.06-tls-20160918.patch +PATCHFILES+= ${TLS_PATCH} +SITES.${TLS_PATCH}= http://inoa.net/qmail-tls/ +PATCH_DIST_STRIP.${TLS_PATCH}= -p1 QMAILPATCHES+= bigdns:${BIGDNS_PATCH} BIGDNS_PATCH= qmail-103.patch @@ -43,7 +44,7 @@ PATCHFILES+= ${QBIFFUTMPX_PATCH} SITES.${QBIFFUTMPX_PATCH}= https://schmonz.com/qmail/qbiffutmpx/ QMAILPATCHES+= rcptcheck:${RCPTCHECK_PATCH} -RCPTCHECK_PATCH= netqmail-1.06-tls-smtpauth-20070417-rcptcheck-20170716.patch +RCPTCHECK_PATCH= netqmail-1.06-tls-20160918-rcptcheck-20181022.patch PATCHFILES+= ${RCPTCHECK_PATCH} SITES.${RCPTCHECK_PATCH}= https://schmonz.com/qmail/rcptcheck/ @@ -57,12 +58,9 @@ SITES.${REMOTE_PATCH}= https://schmonz.com/qmail/remote/ .if !empty(PKG_OPTIONS:Meai) . include "../../devel/libidn2/buildlink3.mk" QMAILPATCHES+= eai:${EAI_PATCH} -EAI_PATCH= qmail-smtputf8.patch +EAI_PATCH= netqmail-1.06-tls-20160918-smtputf8-20181024.patch PATCHFILES+= ${EAI_PATCH} -SITES.${EAI_PATCH}= http://arnt.gulbrandsen.priv.no/qmail/ -PATCH_DIST_CAT.${EAI_PATCH}= ${SED} \ - -e 's|\(if (!stralloc_append(&firstpart,&ch)) temp_nomem();\)|if (ch == '"'\\\n'"' \&\& \!stralloc_append(\&firstpart,"\\r")) temp_nomem(); \1|' < ${EAI_PATCH} -PATCH_DIST_STRIP.${EAI_PATCH}= -p1 +SITES.${EAI_PATCH}= https://schmonz.com/qmail/eai/ .endif .if !empty(PKG_OPTIONS:Mpam) @@ -81,6 +79,7 @@ PATCH_DIST_STRIP.${CUSTOMERROR_PATCH}=-p1 PLIST_VARS+= srs .if !empty(PKG_OPTIONS:Mqmail-srs) +PLIST.srs= yes . include "../../mail/libsrs2/buildlink3.mk" QMAILPATCHES+= srs:${SRS_PATCH} SRS_PATCH= qmail-srs-0.8.patch @@ -105,7 +104,6 @@ SUBST_CLASSES+= srsreadme SUBST_STAGE.srsreadme= do-configure SUBST_FILES.srsreadme= README.srs SUBST_VARS.srsreadme= PKG_SYSCONFDIR -PLIST.srs= yes MESSAGE_SRC+= ${PKGDIR}/MESSAGE.srs READMES+= README.srs .endif @@ -125,38 +123,16 @@ SUBST_MESSAGE.load= Setting linker flags for syncdir. .endif PLIST_VARS+= tls -.if !empty(PKG_OPTIONS:Msasl) || !empty(PKG_OPTIONS:Mtls) -. if empty(PKG_OPTIONS:Msasl) -PKG_OPTIONS+= sasl -. endif +.if !empty(PKG_OPTIONS:Mtls) +PLIST.tls= yes . include "../../security/openssl/buildlink3.mk" -. if !empty(PKG_OPTIONS:Mtls) -CFLAGS+= -DTLS=20070408nb1 # NOTE: match what's _in_ the patch +CFLAGS+= -DTLS=20160918 # NOTE: match what's _in_ the patch USE_TOOLS+= openssl SUBST_CLASSES+= tmprsadh SUBST_STAGE.tmprsadh= do-configure SUBST_FILES.tmprsadh= update_tmprsadh.sh SUBST_SED.tmprsadh= -e 's|^export PATH=.*||' SUBST_SED.tmprsadh+= -e 's|^openssl |${OPENSSL} |' -SUBST_SED.tmprsadh+= -e 's|rsa512|rsa2048|g' -SUBST_SED.tmprsadh+= -e 's|rsa2048\.new 512|rsa2048.new 2048|g' -SUBST_SED.tmprsadh+= -e 's|dh1024|dh2048|g' -SUBST_SED.tmprsadh+= -e 's|dh2048\.new 1024|dh2048.new 2048|g' -SUBST_CLASSES+= keys -SUBST_STAGE.keys= do-configure -SUBST_FILES.keys= qmail-smtpd.c -SUBST_SED.keys= -e 's|\(keylen.* \)512|\12048|g' -SUBST_SED.keys+= -e 's|512\.pem|2048.pem|g' -SUBST_SED.keys+= -e 's|keylen = 1024|keylen = 2048|g' -SUBST_SED.keys+= -e 's|\(keylen == 1024\)|0 \&\& \1|g' -SUBST_CLASSES+= mankeys -SUBST_STAGE.mankeys= do-configure -SUBST_FILES.mankeys= qmail-smtpd.8 qmail-control.9 -SUBST_SED.mankeys= -e 's|dh1024\.pem|dh2048.pem|g' -SUBST_SED.mankeys+= -e 's|1024 bit|2048 bit|g' -SUBST_SED.mankeys+= -e 's|rsa512\.pem|rsa2048.pem|g' -SUBST_SED.mankeys+= -e 's|512 bit RSA|2048 bit RSA|g' -PLIST.tls= yes MESSAGE_SRC+= ${PKGDIR}/MESSAGE.tls MESSAGE_SUBST+= OPENSSL=${OPENSSL:Q} MESSAGE_SUBST+= SERVERCERT=${PKG_SYSCONFDIR:Q}/control/servercert.pem @@ -164,7 +140,6 @@ MESSAGE_SUBST+= CLIENTCERT=${PKG_SYSCONFDIR:Q}/control/clientcert.pem MESSAGE_SUBST+= QMAIL_DAEMON_USER=${QMAIL_DAEMON_USER:Q} MESSAGE_SUBST+= QMAIL_QMAIL_GROUP=${QMAIL_QMAIL_GROUP:Q} DEPENDS+= ucspi-ssl-[0-9]*:../../net/ucspi-ssl -. endif .else BUILDLINK_TRANSFORM+= rm:-lssl BUILDLINK_TRANSFORM+= rm:-lcrypto @@ -173,5 +148,4 @@ DEPENDS+= ucspi-tcp6-[0-9]*:../../net/ucspi-tcp6 .else DEPENDS+= ucspi-tcp-[0-9]*:../../net/ucspi-tcp .endif - .endif |