diff options
author | taca <taca@pkgsrc.org> | 2016-09-18 17:10:28 +0000 |
---|---|---|
committer | taca <taca@pkgsrc.org> | 2016-09-18 17:10:28 +0000 |
commit | 0b6aa16ee40b70b1f5344a87c226e65ced273cb6 (patch) | |
tree | a0b94d9b9dacd00a00b6e174a1937e35e0a2db2b /mail/postfix | |
parent | 992f57023e11297b4edda3efb5061e349ff8d481 (diff) | |
download | pkgsrc-0b6aa16ee40b70b1f5344a87c226e65ced273cb6.tar.gz |
Update postfix to 3.1.2.
3.1.0
The main changes in no particular order are:
* "postfix tls" command to simplify setup of opportunistic TLS,
and to simplify SMTP server key/certificate management.
* Positive and negative DNS reply TTL support in postscreen(8).
* SASL AUTH rate limit in the Postfix SMTP server.
* A safety limit on the number of address verify requests.
* JSON-format Postfix queue listing.
* Destination-independent delivery rate delay
For details, see the RELEASE_NOTES file.
3.1.1
Fixed in all supported releases:
* The Milter "replace sender" (SMFIR_CHGFROM) request lost an
address that was added with sender_bcc_maps, resulting in a
"rcpt count mismatch" warning. Reported by Joerg Backschues.
This defect was introduced with Postfix 2.6.
* The "bad filetype" example in the header_checks(5) manpage
falsely rejected Content- headers with ``name="example";
x-apple-part-url="example.com"''. Reported by Cedric Knight.
This defect was introduced with Postfix 2.6.
3.1.2
Fixed with Postfix 3.1.2:
* Changes to make Postfix build with OpenSSL 1.1.0.
Fixed with Postfix 3.1.2 and 3.0.6:
* The makedefs script ignored readme_directory=pathname overrides.
Fix by Todd C. Olson.
* The tls_session_ticket_cipher documentation says that the default
cipher for TLS session tickets is aes-256-cbc, but the implemented
default was aes-128-cbc. Note that TLS session ticket keys are
rotated after 1/2 hour, to limit the impact of attacks on session
ticket keys.
Diffstat (limited to 'mail/postfix')
-rw-r--r-- | mail/postfix/Makefile | 3 | ||||
-rw-r--r-- | mail/postfix/Makefile.common | 4 | ||||
-rw-r--r-- | mail/postfix/PLIST | 5 | ||||
-rw-r--r-- | mail/postfix/distinfo | 12 | ||||
-rw-r--r-- | mail/postfix/patches/patch-src_dns_dns__lookup.c | 73 |
5 files changed, 75 insertions, 22 deletions
diff --git a/mail/postfix/Makefile b/mail/postfix/Makefile index e4ddb019889..2750e12db35 100644 --- a/mail/postfix/Makefile +++ b/mail/postfix/Makefile @@ -1,9 +1,8 @@ -# $NetBSD: Makefile,v 1.291 2016/07/09 06:38:31 wiz Exp $ +# $NetBSD: Makefile,v 1.292 2016/09/18 17:10:28 taca Exp $ .include "../../mail/postfix/Makefile.common" COMMENT= Postfix SMTP server and tools -PKGREVISION= 5 CONFLICTS+= courier-mta-[0-9]* fastforward>=0.51nb2 sendmail-[0-9]* CONFLICTS+= esmtp>=1.2 nullmailer-[0-9]* diff --git a/mail/postfix/Makefile.common b/mail/postfix/Makefile.common index 115e76356eb..c97e6cb2ffe 100644 --- a/mail/postfix/Makefile.common +++ b/mail/postfix/Makefile.common @@ -1,8 +1,8 @@ -# $NetBSD: Makefile.common,v 1.2 2016/04/10 16:39:28 joerg Exp $ +# $NetBSD: Makefile.common,v 1.3 2016/09/18 17:10:28 taca Exp $ # used by mail/postfix/Makefile # used by mail/postfix/Makefile.module -DISTNAME= postfix-3.0.2 +DISTNAME= postfix-3.1.2 CATEGORIES= mail MASTER_SITES= ftp://ftp.porcupine.org/mirrors/postfix-release/official/ MASTER_SITES+= http://postfix.it-austria.net/releases/official/ diff --git a/mail/postfix/PLIST b/mail/postfix/PLIST index d2e15b05044..a0af4ac3d92 100644 --- a/mail/postfix/PLIST +++ b/mail/postfix/PLIST @@ -1,4 +1,4 @@ -@comment $NetBSD: PLIST,v 1.29 2015/09/07 09:47:01 fhajny Exp $ +@comment $NetBSD: PLIST,v 1.30 2016/09/18 17:10:28 taca Exp $ bin/mailq bin/newaliases lib/postfix/libpostfix-dns.so @@ -27,6 +27,7 @@ libexec/postfix/pipe libexec/postfix/post-install libexec/postfix/postfix-files libexec/postfix/postfix-script +libexec/postfix/postfix-tls-script libexec/postfix/postfix-wrapper libexec/postfix/postmulti-script libexec/postfix/postscreen @@ -49,6 +50,7 @@ man/man1/postalias.1 man/man1/postcat.1 man/man1/postconf.1 man/man1/postdrop.1 +man/man1/postfix-tls.1 man/man1/postfix.1 man/man1/postkick.1 man/man1/postlock.1 @@ -135,6 +137,7 @@ share/doc/postfix/BACKSCATTER_README share/doc/postfix/BASIC_CONFIGURATION_README share/doc/postfix/BUILTIN_FILTER_README share/doc/postfix/CDB_README +share/doc/postfix/COMPATIBILITY_README share/doc/postfix/CONNECTION_CACHE_README share/doc/postfix/CONTENT_INSPECTION_README share/doc/postfix/DATABASE_README diff --git a/mail/postfix/distinfo b/mail/postfix/distinfo index 0100d099fae..d41a4237436 100644 --- a/mail/postfix/distinfo +++ b/mail/postfix/distinfo @@ -1,10 +1,10 @@ -$NetBSD: distinfo,v 1.163 2016/03/23 12:55:18 gdt Exp $ +$NetBSD: distinfo,v 1.164 2016/09/18 17:10:28 taca Exp $ -SHA1 (postfix-3.0.2.tar.gz) = 9d75ca3c207441a38a79a2c8ceaa398c2b9cdc4e -RMD160 (postfix-3.0.2.tar.gz) = aba1e9decc1aa9aa0c0b68f2bb7f0432b75fabdf -SHA512 (postfix-3.0.2.tar.gz) = b097ff5cb1707361af568bbcf8b9d264dfefe7a9fd5c2fb4ce731a2ff6a632c3341ace43afe7f1600f2096592535cf9a300322f78c92000e752e0df7d3c39021 -Size (postfix-3.0.2.tar.gz) = 4239235 bytes +SHA1 (postfix-3.1.2.tar.gz) = 1595ca360c465d7e4f69a5722b4849de5a598e4f +RMD160 (postfix-3.1.2.tar.gz) = 6ec7ef6c97631ebd88490f4f72b8ebab06d02994 +SHA512 (postfix-3.1.2.tar.gz) = 58493d1890c3235d74a18365294ca764bd3b3f278b9825da931005165af60250342c6cf477c3b3575e50858d99cd3ee40f22bece094eb61e9be6c3cf0313d571 +Size (postfix-3.1.2.tar.gz) = 4337569 bytes SHA1 (patch-aa) = f2c418a2fd34da7325ea2823ddd14043768f0111 SHA1 (patch-ag) = e3d818cd75225c5b50960659827c6e27767cbd58 SHA1 (patch-ai) = 17b29cceadba3055ae198e1802a786468ecc9eff -SHA1 (patch-src_dns_dns__lookup.c) = 9c26686e5abd9aee36f042440e5f6a6ffca3df4a +SHA1 (patch-src_dns_dns__lookup.c) = b04d35b1df1b60409c903d2fb5bafb16b848523d diff --git a/mail/postfix/patches/patch-src_dns_dns__lookup.c b/mail/postfix/patches/patch-src_dns_dns__lookup.c index f16a6c45ebf..a30d0cfe124 100644 --- a/mail/postfix/patches/patch-src_dns_dns__lookup.c +++ b/mail/postfix/patches/patch-src_dns_dns__lookup.c @@ -1,10 +1,10 @@ -$NetBSD: patch-src_dns_dns__lookup.c,v 1.3 2014/02/09 05:34:13 taca Exp $ +$NetBSD: patch-src_dns_dns__lookup.c,v 1.4 2016/09/18 17:10:28 taca Exp $ Fix runtime problem when mysql PKG_OPTIONS is enabled. ---- src/dns/dns_lookup.c.orig 2014-01-09 15:00:36.000000000 +0000 +--- src/dns/dns_lookup.c.orig 2015-07-12 14:10:57.000000000 +0000 +++ src/dns/dns_lookup.c -@@ -194,6 +194,8 @@ +@@ -245,6 +245,8 @@ /* Local stuff. */ @@ -13,7 +13,51 @@ Fix runtime problem when mysql PKG_OPTIONS is enabled. /* * Structure to keep track of things while decoding a name server reply. */ -@@ -235,7 +237,7 @@ static int dns_query(const char *name, i +@@ -308,7 +310,7 @@ typedef struct DNS_REPLY { + + /* dns_res_query - a res_query() clone that can return negative replies */ + +-static int dns_res_query(const char *name, int class, int type, ++static int dns_res_query(res_state statp, const char *name, int class, int type, + unsigned char *answer, int anslen) + { + unsigned char msg_buf[MAX_DNS_QUERY_SIZE]; +@@ -337,14 +339,14 @@ static int dns_res_query(const char *nam + #define NO_MKQUERY_DATA_LEN ((int) 0) + #define NO_MKQUERY_NEWRR ((unsigned char *) 0) + +- if ((len = res_mkquery(QUERY, name, class, type, NO_MKQUERY_DATA_BUF, ++ if ((len = res_nmkquery(statp, QUERY, name, class, type, NO_MKQUERY_DATA_BUF, + NO_MKQUERY_DATA_LEN, NO_MKQUERY_NEWRR, + msg_buf, sizeof(msg_buf))) < 0) { + SET_H_ERRNO(NO_RECOVERY); + if (msg_verbose) + msg_info("res_mkquery() failed"); + return (len); +- } else if ((len = res_send(msg_buf, len, answer, anslen)) < 0) { ++ } else if ((len = res_nsend(statp, msg_buf, len, answer, anslen)) < 0) { + SET_H_ERRNO(TRY_AGAIN); + if (msg_verbose) + msg_info("res_send() failed"); +@@ -373,7 +375,7 @@ static int dns_res_query(const char *nam + + /* dns_res_search - res_search() that can return negative replies */ + +-static int dns_res_search(const char *name, int class, int type, ++static int dns_res_search(res_state statp, const char *name, int class, int type, + unsigned char *answer, int anslen, int keep_notfound) + { + int len; +@@ -396,7 +398,7 @@ static int dns_res_search(const char *na + if (keep_notfound) + /* Prepare for returning a null-padded server reply. */ + memset(answer, 0, anslen); +- len = res_query(name, class, type, answer, anslen); ++ len = res_nquery(statp, name, class, type, answer, anslen); + if (len > 0) { + SET_H_ERRNO(0); + } else if (keep_notfound && NOT_FOUND_H_ERRNO(h_errno)) { +@@ -427,7 +429,7 @@ static int dns_query(const char *name, i /* * Initialize the name service. */ @@ -22,12 +66,12 @@ Fix runtime problem when mysql PKG_OPTIONS is enabled. if (why) vstring_strcpy(why, "Name service initialization failure"); return (DNS_FAIL); -@@ -264,18 +266,18 @@ static int dns_query(const char *name, i +@@ -456,24 +458,24 @@ static int dns_query(const char *name, i */ #define SAVE_FLAGS (USER_FLAGS | XTRA_FLAGS) - saved_options = (_res.options & SAVE_FLAGS); -+ saved_options = (rstate.options & USER_FLAGS); ++ saved_options = (rstate.options & SAVE_FLAGS); /* * Perform the lookup. Claim that the information cannot be found if and @@ -36,14 +80,21 @@ Fix runtime problem when mysql PKG_OPTIONS is enabled. for (;;) { - _res.options &= ~saved_options; - _res.options |= flags; -- len = res_search((char *) name, C_IN, type, reply->buf, reply->buf_len); -- _res.options &= ~flags; -- _res.options |= saved_options; + rstate.options &= ~saved_options; + rstate.options |= flags; -+ len = res_nsearch(&rstate, (char *) name, C_IN, type, reply->buf, reply->buf_len); + if (keep_notfound && var_dns_ncache_ttl_fix) { +- len = dns_res_query((char *) name, C_IN, type, reply->buf, ++ len = dns_res_query(&rstate, (char *) name, C_IN, type, reply->buf, + reply->buf_len); + } else { +- len = dns_res_search((char *) name, C_IN, type, reply->buf, ++ len = dns_res_search(&rstate, (char *) name, C_IN, type, reply->buf, + reply->buf_len, keep_notfound); + } +- _res.options &= ~flags; +- _res.options |= saved_options; + rstate.options &= ~flags; + rstate.options |= saved_options; reply_header = (HEADER *) reply->buf; reply->rcode = reply_header->rcode; - if (len < 0) { + if (h_errno != 0) { |