diff options
| author | Gluzskiy Alexandr <sss@sss.chaoslab.ru> | 2017-12-11 07:33:02 +0300 |
|---|---|---|
| committer | Gluzskiy Alexandr <sss@sss.chaoslab.ru> | 2017-12-11 07:33:02 +0300 |
| commit | 7af3f663df2a7ae1266722ad80831d643ba9a4cf (patch) | |
| tree | 7807b7093743fc1493f76eeae77eb75eac56b9c5 /mail-mta | |
| parent | 5718cc240f2d0e0806fc1b69d33acc976f6b8a46 (diff) | |
exim: added scm version to always have fresh fixes (bugs)
Diffstat (limited to 'mail-mta')
21 files changed, 1371 insertions, 0 deletions
diff --git a/mail-mta/exim/exim-scm.ebuild b/mail-mta/exim/exim-scm.ebuild new file mode 100644 index 0000000..09edf0b --- /dev/null +++ b/mail-mta/exim/exim-scm.ebuild @@ -0,0 +1,530 @@ +# Copyright 1999-2017 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +EAPI="6" + +inherit eutils toolchain-funcs multilib pam systemd git-r3 + +IUSE="dane dcc +dkim dlfunc dmarc +dnsdb doc dovecot-sasl dsn exiscan-acl gnutls ipv6 ldap libressl lmtp maildir mbx mysql nis pam perl pkcs11 postgres +prdr proxy radius redis sasl selinux spf sqlite srs ssl syslog tcpd tpda X elibc_glibc" +REQUIRED_USE=" + dane? ( !gnutls ) + dmarc? ( spf dkim ) + pkcs11? ( gnutls ) + spf? ( exiscan-acl ) + srs? ( exiscan-acl ) +" + + +DESCRIPTION="A highly configurable, drop-in replacement for sendmail" +SRC_URI="" + +EGIT_REPO_URI="git://git.exim.org/exim.git" +HOMEPAGE="http://www.exim.org/" + +SLOT="0" +LICENSE="GPL-2" +KEYWORDS="" + +COMMON_DEPEND=">=sys-apps/sed-4.0.5 + >=sys-libs/db-3.2:= + dev-libs/libpcre + perl? ( dev-lang/perl:= ) + pam? ( virtual/pam ) + tcpd? ( sys-apps/tcp-wrappers ) + ssl? ( + !libressl? ( dev-libs/openssl:0= ) + libressl? ( dev-libs/libressl:= ) + ) + gnutls? ( net-libs/gnutls[pkcs11?] + dev-libs/libtasn1 ) + ldap? ( >=net-nds/openldap-2.0.7 ) + nis? ( elibc_glibc? ( || ( + <sys-libs/glibc-2.23 + >=sys-libs/glibc-2.23[rpc] + ) ) ) + mysql? ( virtual/libmysqlclient ) + postgres? ( dev-db/postgresql:= ) + sasl? ( >=dev-libs/cyrus-sasl-2.1.26-r2 ) + redis? ( dev-libs/hiredis ) + spf? ( >=mail-filter/libspf2-1.2.5-r1 ) + dmarc? ( mail-filter/opendmarc ) + srs? ( mail-filter/libsrs_alt ) + X? ( x11-proto/xproto + x11-libs/libX11 + x11-libs/libXmu + x11-libs/libXt + x11-libs/libXaw + ) + sqlite? ( dev-db/sqlite ) + radius? ( net-dialup/freeradius-client ) + virtual/libiconv + " + # added X check for #57206 +DEPEND="${COMMON_DEPEND} + virtual/pkgconfig" +RDEPEND="${COMMON_DEPEND} + !mail-mta/courier + !mail-mta/esmtp + !mail-mta/mini-qmail + !<mail-mta/msmtp-1.4.19-r1 + !>=mail-mta/msmtp-1.4.19-r1[mta] + !mail-mta/netqmail + !mail-mta/nullmailer + !mail-mta/postfix + !mail-mta/qmail-ldap + !mail-mta/sendmail + !mail-mta/opensmtpd + !<mail-mta/ssmtp-2.64-r2 + !>=mail-mta/ssmtp-2.64-r2[mta] + !net-mail/mailwrapper + >=net-mail/mailbase-0.00-r5 + virtual/logger + dcc? ( mail-filter/dcc ) + selinux? ( sec-policy/selinux-exim ) + " + +#S=${WORKDIR}/${P//rc/RC} + + + +S="${WORKDIR}/${PN}-${PV}/src/" + +src_prepare() { + epatch "${FILESDIR}"/exim-4.14-tail.patch + epatch "${FILESDIR}"/exim-4.74-localscan_dlopen.patch + epatch "${FILESDIR}"/exim-4.69-r1.27021.patch + epatch "${FILESDIR}"/exim-4.74-radius-db-ENV-clash.patch # 287426 + epatch "${FILESDIR}"/exim-4.82-makefile-freebsd.patch # 235785 + epatch "${FILESDIR}"/exim-4.89-as-needed-ldflags.patch # 352265, 391279 + epatch "${FILESDIR}"/exim-4.76-crosscompile.patch # 266591 + + if use maildir ; then + epatch "${FILESDIR}"/exim-4.20-maildir.patch + else + epatch "${FILESDIR}"/exim-4.80-spool-mail-group.patch # 438606 + fi + + eapply_user + + # user Exim believes it should be + MAILUSER=mail + MAILGROUP=mail + if use prefix && [[ ${EUID} != 0 ]] ; then + MAILUSER=$(id -un) + MAILGROUP=$(id -gn) + fi +} + +src_configure() { + # general config and paths + + + sed -i.orig \ + -e "/SYSTEM_ALIASES_FILE/s'SYSTEM_ALIASES_FILE'${EPREFIX}/etc/mail/aliases'" \ + "${S}"/src/configure.default || die + + sed -i -e 's/^buildname=.*/buildname=exim-gentoo/g' Makefile || die + mkdir Local + sed -e "48i\CFLAGS=${CFLAGS}" \ + -e "s:BIN_DIRECTORY=/usr/exim/bin:BIN_DIRECTORY=${EPREFIX}/usr/sbin:" \ + -e "s:EXIM_USER=:EXIM_USER=${MAILUSER}:" \ + -e "s:CONFIGURE_FILE=/usr/exim/configure:CONFIGURE_FILE=${EPREFIX}/etc/exim/exim.conf:" \ + -e "s:ZCAT_COMMAND=.*$:ZCAT_COMMAND=${EPREFIX}/bin/zcat:" \ + -e "s:COMPRESS_COMMAND=.*$:COMPRESS_COMMAND=${EPREFIX}/bin/gzip:" \ + src/EDITME > Local/Makefile + if use elibc_musl; then + sed -e 's/^LIBS = -lnsl/LIBS =/g' \ + -i OS/Makefile-Linux + fi + + cd Local + + cat >> Makefile <<- EOC + INFO_DIRECTORY=${EPREFIX}/usr/share/info + PID_FILE_PATH=${EPREFIX}/run/exim.pid + SPOOL_DIRECTORY=${EPREFIX}/var/spool/exim + HAVE_ICONV=yes + EOC + + # if we use libiconv, now is the time to tell so + use !elibc_glibc && use !elibc_musl && echo "EXTRALIBS_EXIM=-liconv" >> Makefile + + # support for IPv6 + if use ipv6; then + cat >> Makefile <<- EOC + HAVE_IPV6=YES + EOC + fi + + # + # mail storage formats + + # mailstore is Exim's traditional storage format + cat >> Makefile <<- EOC + SUPPORT_MAILSTORE=yes + EOC + + # mbox + if use mbx; then + cat >> Makefile <<- EOC + SUPPORT_MBX=yes + EOC + fi + + # maildir + if use maildir; then + cat >> Makefile <<- EOC + SUPPORT_MAILDIR=yes + EOC + fi + + # + # lookup methods + + # use the "native" interfaces to the DBM and CDB libraries, support + # passwd and directory lookups by default + cat >> Makefile <<- EOC + USE_DB=yes + DBMLIB=-ldb + LOOKUP_CDB=yes + LOOKUP_PASSWD=yes + LOOKUP_DSEARCH=yes + EOC + + if ! use dnsdb; then + # DNSDB lookup is enabled by default + sed -i "s:^LOOKUP_DNSDB=yes:# LOOKUP_DNSDB=yes:" Makefile + fi + + if use ldap; then + cat >> Makefile <<- EOC + LOOKUP_LDAP=yes + LDAP_LIB_TYPE=OPENLDAP2 + LOOKUP_INCLUDE += -I"${EROOT}"usr/include/ldap + LOOKUP_LIBS += -lldap -llber + EOC + fi + + if use mysql; then + cat >> Makefile <<- EOC + LOOKUP_MYSQL=yes + LOOKUP_INCLUDE += $(mysql_config --include) + LOOKUP_LIBS += $(mysql_config --libs) + EOC + fi + + if use nis; then + cat >> Makefile <<- EOC + LOOKUP_NIS=yes + LOOKUP_NISPLUS=yes + EOC + fi + + if use postgres; then + cat >> Makefile <<- EOC + LOOKUP_PGSQL=yes + LOOKUP_INCLUDE += -I$(pg_config --includedir) + LOOKUP_LIBS += -L$(pg_config --libdir) -lpq + EOC + fi + + if use sqlite; then + cat >> Makefile <<- EOC + LOOKUP_SQLITE=yes + LOOKUP_SQLITE_PC=sqlite3 + EOC + fi + + if use redis; then + cat >> Makefile <<- EOC + LOOKUP_REDIS=yes + LOOKUP_LIBS += -lhiredis + EOC + fi + + # + # Exim monitor, enabled by default, controlled via X USE-flag, + # disable if not requested, bug #46778 + if use X; then + cp ../exim_monitor/EDITME eximon.conf || die + else + sed -i -e '/^EXIM_MONITOR=/s/^/# /' Makefile + fi + + # + # features + + # content scanning support + if use exiscan-acl; then + cat >> Makefile <<- EOC + WITH_CONTENT_SCAN=yes + WITH_OLD_DEMIME=yes + EOC + fi + + # DomainKeys Identified Mail, RFC4871 + if ! use dkim; then + # DKIM is enabled by default + cat >> Makefile <<- EOC + DISABLE_DKIM=yes + EOC + fi + + # Per-Recipient-Data-Response + if ! use prdr; then + # PRDR is enabled by default + cat >> Makefile <<- EOC + DISABLE_PRDR=yes + EOC + fi + + # log to syslog + if use syslog; then + sed -i "s:LOG_FILE_PATH=/var/log/exim/exim_%s.log:LOG_FILE_PATH=syslog:" Makefile + cat >> Makefile <<- EOC + LOG_FILE_PATH=syslog + EOC + else + cat >> Makefile <<- EOC + LOG_FILE_PATH=${EPREFIX}/var/log/exim/exim_%s.log + EOC + fi + + # starttls support (ssl) + if use ssl; then + echo "SUPPORT_TLS=yes" >> Makefile + if use gnutls; then + echo "USE_GNUTLS=yes" >> Makefile + echo "USE_GNUTLS_PC=gnutls" >> Makefile + use pkcs11 || echo "AVOID_GNUTLS_PKCS11=yes" >> Makefile + else + echo "USE_OPENSSL_PC=openssl" >> Makefile + fi + fi + + # TCP wrappers + if use tcpd; then + cat >> Makefile <<- EOC + USE_TCP_WRAPPERS=yes + EXTRALIBS_EXIM += -lwrap + EOC + fi + + # Light Mail Transport Protocol + if use lmtp; then + cat >> Makefile <<- EOC + TRANSPORT_LMTP=yes + EOC + fi + + # embedded Perl + if use perl; then + cat >> Makefile <<- EOC + EXIM_PERL=perl.o + EOC + fi + + # dlfunc + if use dlfunc; then + cat >> Makefile <<- EOC + EXPAND_DLFUNC=yes + EOC + fi + + # Proxy Protocol + if use proxy; then + cat >> Makefile <<- EOC + SUPPORT_PROXY=yes + EOC + fi + + # + # experimental features + + # DANE + if use dane; then + cat >> Makefile <<- EOC + EXPERIMENTAL_DANE=yes + EOC + fi + + # Distributed Checksum Clearinghouse + if use dcc; then + echo "EXPERIMENTAL_DCC=yes">> Makefile + fi + + # Sender Policy Framework + if use spf; then + cat >> Makefile <<- EOC + EXPERIMENTAL_SPF=yes + EXTRALIBS_EXIM += -lspf2 + EOC + fi + + # Sender Rewriting Scheme + if use srs; then + cat >> Makefile <<- EOC + EXPERIMENTAL_SRS=yes + EXTRALIBS_EXIM += -lsrs_alt + EOC + fi + + # DMARC + if use dmarc; then + cat >> Makefile <<- EOC + EXPERIMENTAL_DMARC=yes + EXTRALIBS_EXIM += -lopendmarc + EOC + fi + + # Transport post-delivery actions + if use tpda; then + cat >> Makefile <<- EOC + EXPERIMENTAL_EVENT=yes + EOC + fi + + # Delivery Sender Notifications + if use dsn; then + cat >> Makefile <<- EOC + EXPERIMENTAL_DSN=yes + EOC + fi + + # + # authentication (SMTP AUTH) + + # standard bits + cat >> Makefile <<- EOC + AUTH_SPA=yes + AUTH_CRAM_MD5=yes + AUTH_PLAINTEXT=yes + EOC + + # Cyrus SASL + if use sasl; then + cat >> Makefile <<- EOC + CYRUS_SASLAUTHD_SOCKET=${EPREFIX}/run/saslauthd/mux + AUTH_CYRUS_SASL=yes + AUTH_LIBS += -lsasl2 + EOC + fi + + # Dovecot + if use dovecot-sasl; then + cat >> Makefile <<- EOC + AUTH_DOVECOT=yes + EOC + fi + + # Pluggable Authentication Modules + if use pam; then + cat >> Makefile <<- EOC + SUPPORT_PAM=yes + AUTH_LIBS += -lpam + EOC + fi + + # Radius + if use radius; then + cat >> Makefile <<- EOC + RADIUS_CONFIG_FILE=${EPREFIX}/etc/radiusclient/radiusclient.conf + RADIUS_LIB_TYPE=RADIUSCLIENTNEW + AUTH_LIBS += -lfreeradius-client + EOC + fi +} + +src_compile() { + emake CC="$(tc-getCC)" HOSTCC="$(tc-getCC $CBUILD)" \ + AR="$(tc-getAR) cq" RANLIB="$(tc-getRANLIB)" FULLECHO='' \ + || die "make failed" +} + +src_install () { + cd "${S}"/build-exim-gentoo || die + dosbin exim + if use X; then + dosbin eximon.bin + dosbin eximon + fi + fperms 4755 /usr/sbin/exim + + dosym exim /usr/sbin/sendmail + dosym exim /usr/sbin/rsmtp + dosym exim /usr/sbin/rmail + dosym ../sbin/exim /usr/bin/mailq + dosym ../sbin/exim /usr/bin/newaliases + dosym ../sbin/sendmail /usr/lib/sendmail + + for i in exicyclog exim_dbmbuild exim_dumpdb exim_fixdb exim_lock \ + exim_tidydb exinext exiwhat exigrep eximstats exiqsumm exiqgrep \ + convert4r3 convert4r4 exipick + do + dosbin $i + done + + dodoc "${S}"/doc/* + doman "${S}"/doc/exim.8 + use dsn && dodoc "${S}"/README.DSN + use doc && dodoc "${WORKDIR}"/${PN}-pdf-${PV//rc/RC}/doc/*.pdf + + # conf files + insinto /etc/exim + newins "${S}"/src/configure.default exim.conf.dist + if use exiscan-acl; then + newins "${S}"/src/configure.default exim.conf.exiscan-acl + fi + doins "${WORKDIR}"/system_filter.exim + doins "${FILESDIR}"/auth_conf.sub + + pamd_mimic system-auth exim auth account + + # headers, #436406 + if use dlfunc ; then + # fixup includes so they actually can be found when including + sed -i \ + -e '/#include "\(config\|store\|mytypes\).h"/s:"\(.\+\)":<exim/\1>:' \ + local_scan.h || die + insinto /usr/include/exim + doins {config,local_scan}.h ../src/{mytypes,store}.h + fi + + insinto /etc/logrotate.d + newins "${FILESDIR}/exim.logrotate" exim + + newinitd "${FILESDIR}"/exim.rc10 exim + newconfd "${FILESDIR}"/exim.confd exim + + systemd_dounit "${FILESDIR}"/{exim.service,exim.socket,exim-submission.socket} + systemd_newunit "${FILESDIR}"/exim_at.service 'exim@.service' + systemd_newunit "${FILESDIR}"/exim-submission_at.service 'exim-submission@.service' + + diropts -m 0750 -o ${MAILUSER} -g ${MAILGROUP} + dodir /var/log/${PN} +} + +pkg_postinst() { + if [[ ! -f ${EROOT}etc/exim/exim.conf ]] ; then + einfo "${EROOT}etc/exim/system_filter.exim is a sample system_filter." + einfo "${EROOT}etc/exim/auth_conf.sub contains the configuration sub for using smtp auth." + einfo "Please create ${EROOT}etc/exim/exim.conf from ${EROOT}etc/exim/exim.conf.dist." + fi + use dane && einfo "DANE support is experimental" + if use dcc ; then + einfo "DCC support is experimental, you can find some limited" + einfo "documentation at the bottom of this prerelease message:" + einfo "http://article.gmane.org/gmane.mail.exim.devel/3579" + fi + use spf && einfo "SPF support is experimental" + use srs && einfo "SRS support is experimental" + if use dmarc ; then + einfo "DMARC support is experimental. See global settings to" + einfo "configure DMARC, for usage see the documentation at " + einfo "experimental-spec.txt." + fi + use tpda && einfo "TPDA/EVENT support is experimental" + use dsn && einfo "DSN support is experimental" + elog "The obsolete acl condition 'demime' is removed, the replacements" + elog "are the ACLs acl_smtp_mime and acl_not_smtp_mime" +} diff --git a/mail-mta/exim/files/auth_conf.sub b/mail-mta/exim/files/auth_conf.sub new file mode 100644 index 0000000..24434a7 --- /dev/null +++ b/mail-mta/exim/files/auth_conf.sub @@ -0,0 +1,25 @@ +###################################################################### +# AUTHENTICATION CONFIGURATION # +###################################################################### +# If you're using PAM to authenticate, lifes real simple. +# This plain directive works for nearly everything except windows MUA's the +# login directive will allow you to authenticate your Outlook 2000 and +# outlook express clients. + + + +plain: + driver = plaintext + public_name = PLAIN + server_condition = "${if pam{$2:$3}{1}{0}}" + server_set_id = $2 + +login: + driver = plaintext + public_name = LOGIN + server_prompts = "Username:: : Password::" + server_condition = "${if pam{$1:${sg{$2}{:}{::}}}{1}{0}}" + server_set_id = $1 +# +# FIXME +# Need to add authenticator for SPA!! diff --git a/mail-mta/exim/files/exim-4.14-tail.patch b/mail-mta/exim/files/exim-4.14-tail.patch new file mode 100644 index 0000000..481dca9 --- /dev/null +++ b/mail-mta/exim/files/exim-4.14-tail.patch @@ -0,0 +1,11 @@ +--- scripts/Configure-config.h.orig 2003-07-17 18:01:19.000000000 -0400 ++++ scripts/Configure-config.h 2003-07-17 18:01:25.000000000 -0400 +@@ -41,7 +41,7 @@ + + # Double-check that config.h is complete. + +-if [ "`tail -1 config.h`" != "/* End of config.h */" ] ; then ++if [ "`tail -n 1 config.h`" != "/* End of config.h */" ] ; then + echo "*** config.h appears to be incomplete" + echo "*** unexpected failure in buildconfig program" + exit 1 diff --git a/mail-mta/exim/files/exim-4.20-maildir.patch b/mail-mta/exim/files/exim-4.20-maildir.patch new file mode 100644 index 0000000..3cb198d --- /dev/null +++ b/mail-mta/exim/files/exim-4.20-maildir.patch @@ -0,0 +1,14 @@ +diff -urN ./exim-4.20.orig/src/configure.default exim-4.20/src/configure.default +--- ./exim-4.20.orig/src/configure.default 2003-06-27 16:48:22.000000000 -0700 ++++ exim-4.20/src/configure.default 2003-06-27 16:52:20.000000000 -0700 +@@ -451,7 +451,9 @@ + + local_delivery: + driver = appendfile +- file = /var/mail/$local_part ++# file = /var/mail/$local_part ++ directory = /home/$local_part/.maildir ++ maildir_format + delivery_date_add + envelope_to_add + return_path_add diff --git a/mail-mta/exim/files/exim-4.69-r1.27021.patch b/mail-mta/exim/files/exim-4.69-r1.27021.patch new file mode 100644 index 0000000..804e16d --- /dev/null +++ b/mail-mta/exim/files/exim-4.69-r1.27021.patch @@ -0,0 +1,48 @@ +diff -urN exim-4.69.orig/src/configure.default exim-4.69/src/configure.default +--- exim-4.69.orig/src/configure.default 2008-05-05 10:17:44.000000000 +0100 ++++ exim-4.69/src/configure.default 2008-05-05 10:18:26.000000000 +0100 +@@ -592,6 +592,22 @@ + pipe_transport = address_pipe + reply_transport = address_reply + ++# This router runs procmail if users have a .procmailrc file ++procmail: ++ check_local_user ++ driver = accept ++ transport = procmail_pipe ++ require_files = ${local_part}:+${home}:+${home}/.procmailrc:+/usr/bin/procmail ++ no_verify ++ ++# This router runs maildrop if users have a .mailfilter file ++maildrop: ++ check_local_user ++ driver = accept ++ transport = maildrop_pipe ++ require_files = ${local_part}:+${home}:+${home}/.mailfilter:+/usr/bin/maildrop ++ no_verify ++ + + # This router matches local user mailboxes. If the router fails, the error + # message is "Unknown user". +@@ -676,6 +692,21 @@ + address_reply: + driver = autoreply + ++# This transport is used for procmail ++procmail_pipe: ++ driver = pipe ++ command = "/usr/bin/procmail -d ${local_part}" ++ return_path_add ++ delivery_date_add ++ envelope_to_add ++ ++# This transport is used for courier-maildrop filtering (Maildir filter system) ++maildrop_pipe: ++ driver = pipe ++ command = "/usr/bin/maildrop -d ${local_part}" ++ return_path_add ++ delivery_date_add ++ envelope_to_add + + + ###################################################################### diff --git a/mail-mta/exim/files/exim-4.74-localscan_dlopen.patch b/mail-mta/exim/files/exim-4.74-localscan_dlopen.patch new file mode 100644 index 0000000..3bb57c1 --- /dev/null +++ b/mail-mta/exim/files/exim-4.74-localscan_dlopen.patch @@ -0,0 +1,262 @@ +diff -Naur exim-4.32/src/EDITME exim-4.32-dlopen/src/EDITME +--- src/EDITME 2004-04-15 08:27:01.000000000 +0000 ++++ src/EDITME 2004-05-06 16:15:47.000000000 +0000 +@@ -505,6 +505,24 @@ + + + #------------------------------------------------------------------------------ ++# On systems which support dynamic loading of shared libraries, Exim can ++# load a local_scan function specified in its config file instead of having ++# to be recompiled with the desired local_scan function. For a full ++# description of the API to this function, see the Exim specification. ++ ++DLOPEN_LOCAL_SCAN=yes ++ ++# If you set DLOPEN_LOCAL_SCAN, then you need to include -rdynamic in the ++# linker flags. Without it, the loaded .so won't be able to access any ++# functions from exim. ++ ++LFLAGS = -rdynamic ++ifeq ($(OSTYPE),Linux) ++LFLAGS += -ldl ++endif ++ ++ ++#------------------------------------------------------------------------------ + # The default distribution of Exim contains only the plain text form of the + # documentation. Other forms are available separately. If you want to install + # the documentation in "info" format, first fetch the Texinfo documentation +diff -Naur exim-4.32/src/config.h.defaults exim-4.32-dlopen/src/config.h.defaults +--- src/config.h.defaults 2004-04-15 08:27:01.000000000 +0000 ++++ src/config.h.defaults 2004-05-06 16:16:30.000000000 +0000 +@@ -20,6 +20,8 @@ + #define AUTH_PLAINTEXT + #define AUTH_SPA + ++#define DLOPEN_LOCAL_SCAN ++ + #define BIN_DIRECTORY + + #define CONFIGURE_FILE +diff -Naur exim-4.32/src/globals.c exim-4.32-dlopen/src/globals.c +--- src/globals.c 2004-04-15 08:27:01.000000000 +0000 ++++ src/globals.c 2004-05-06 16:17:07.000000000 +0000 +@@ -109,6 +109,10 @@ + uschar *tls_verify_hosts = NULL; + #endif + ++#ifdef DLOPEN_LOCAL_SCAN ++uschar *local_scan_path = NULL; ++#endif ++ + + /* Input-reading functions for messages, so we can use special ones for + incoming TCP/IP. The defaults use stdin. We never need these for any +diff -Naur exim-4.32/src/globals.h exim-4.32-dlopen/src/globals.h +--- src/globals.h 2004-04-15 08:27:01.000000000 +0000 ++++ src/globals.h 2004-05-06 16:17:50.000000000 +0000 +@@ -73,6 +73,9 @@ + extern uschar *tls_verify_hosts; /* Mandatory client verification */ + #endif + ++#ifdef DLOPEN_LOCAL_SCAN ++extern uschar *local_scan_path; /* Path to local_scan() library */ ++#endif + + /* Input-reading functions for messages, so we can use special ones for + incoming TCP/IP. */ +diff -Naur exim-4.32/src/local_scan.c exim-4.32-dlopen/src/local_scan.c +--- src/local_scan.c 2004-04-15 08:27:01.000000000 +0000 ++++ src/local_scan.c 2004-05-06 16:21:57.000000000 +0000 +@@ -5,60 +5,131 @@ + /* Copyright (c) University of Cambridge 1995 - 2004 */ + /* See the file NOTICE for conditions of use and distribution. */ + ++#include "exim.h" + +-/****************************************************************************** +-This file contains a template local_scan() function that just returns ACCEPT. +-If you want to implement your own version, you should copy this file to, say +-Local/local_scan.c, and edit the copy. To use your version instead of the +-default, you must set +- +-LOCAL_SCAN_SOURCE=Local/local_scan.c +- +-in your Local/Makefile. This makes it easy to copy your version for use with +-subsequent Exim releases. +- +-For a full description of the API to this function, see the Exim specification. +-******************************************************************************/ +- +- +-/* This is the only Exim header that you should include. The effect of +-including any other Exim header is not defined, and may change from release to +-release. Use only the documented interface! */ +- +-#include "local_scan.h" +- +- +-/* This is a "do-nothing" version of a local_scan() function. The arguments +-are: +- +- fd The file descriptor of the open -D file, which contains the +- body of the message. The file is open for reading and +- writing, but modifying it is dangerous and not recommended. +- +- return_text A pointer to an unsigned char* variable which you can set in +- order to return a text string. It is initialized to NULL. +- +-The return values of this function are: +- +- LOCAL_SCAN_ACCEPT +- The message is to be accepted. The return_text argument is +- saved in $local_scan_data. +- +- LOCAL_SCAN_REJECT +- The message is to be rejected. The returned text is used +- in the rejection message. +- +- LOCAL_SCAN_TEMPREJECT +- This specifies a temporary rejection. The returned text +- is used in the rejection message. +-*/ ++#ifdef DLOPEN_LOCAL_SCAN ++#include <dlfcn.h> ++static int (*local_scan_fn)(int fd, uschar **return_text) = NULL; ++static int load_local_scan_library(void); ++#endif + + int + local_scan(int fd, uschar **return_text) + { + fd = fd; /* Keep picky compilers happy */ + return_text = return_text; +-return LOCAL_SCAN_ACCEPT; ++#ifdef DLOPEN_LOCAL_SCAN ++/* local_scan_path is defined AND not the empty string */ ++if (local_scan_path && *local_scan_path) ++ { ++ if (!local_scan_fn) ++ { ++ if (!load_local_scan_library()) ++ { ++ char *base_msg , *error_msg , *final_msg ; ++ int final_length = -1 ; ++ ++ base_msg=US"Local configuration error - local_scan() library failure\n"; ++ error_msg = dlerror() ; ++ ++ final_length = strlen(base_msg) + strlen(error_msg) + 1 ; ++ final_msg = (char*)malloc( final_length*sizeof(char) ) ; ++ *final_msg = '\0' ; ++ ++ strcat( final_msg , base_msg ) ; ++ strcat( final_msg , error_msg ) ; ++ ++ *return_text = final_msg ; ++ return LOCAL_SCAN_TEMPREJECT; ++ } ++ } ++ return local_scan_fn(fd, return_text); ++ } ++else ++#endif ++ return LOCAL_SCAN_ACCEPT; ++} ++ ++#ifdef DLOPEN_LOCAL_SCAN ++ ++static int load_local_scan_library(void) ++{ ++/* No point in keeping local_scan_lib since we'll never dlclose() anyway */ ++void *local_scan_lib = NULL; ++int (*local_scan_version_fn)(void); ++int vers_maj; ++int vers_min; ++ ++local_scan_lib = dlopen(local_scan_path, RTLD_NOW); ++if (!local_scan_lib) ++ { ++ log_write(0, LOG_MAIN|LOG_REJECT, "local_scan() library open failed - " ++ "message temporarily rejected"); ++ return FALSE; ++ } ++ ++local_scan_version_fn = dlsym(local_scan_lib, "local_scan_version_major"); ++if (!local_scan_version_fn) ++ { ++ dlclose(local_scan_lib); ++ log_write(0, LOG_MAIN|LOG_REJECT, "local_scan() library doesn't contain " ++ "local_scan_version_major() function - message temporarily rejected"); ++ return FALSE; ++ } ++ ++/* The major number is increased when the ABI is changed in a non ++ backward compatible way. */ ++vers_maj = local_scan_version_fn(); ++ ++local_scan_version_fn = dlsym(local_scan_lib, "local_scan_version_minor"); ++if (!local_scan_version_fn) ++ { ++ dlclose(local_scan_lib); ++ log_write(0, LOG_MAIN|LOG_REJECT, "local_scan() library doesn't contain " ++ "local_scan_version_minor() function - message temporarily rejected"); ++ return FALSE; ++ } ++ ++/* The minor number is increased each time a new feature is added (in a ++ way that doesn't break backward compatibility) -- Marc */ ++vers_min = local_scan_version_fn(); ++ ++ ++if (vers_maj != LOCAL_SCAN_ABI_VERSION_MAJOR) ++ { ++ dlclose(local_scan_lib); ++ local_scan_lib = NULL; ++ log_write(0, LOG_MAIN|LOG_REJECT, "local_scan() has an incompatible major" ++ "version number, you need to recompile your module for this version" ++ "of exim (The module was compiled for version %d.%d and this exim provides" ++ "ABI version %d.%d)", vers_maj, vers_min, LOCAL_SCAN_ABI_VERSION_MAJOR, ++ LOCAL_SCAN_ABI_VERSION_MINOR); ++ return FALSE; ++ } ++else if (vers_min > LOCAL_SCAN_ABI_VERSION_MINOR) ++ { ++ dlclose(local_scan_lib); ++ local_scan_lib = NULL; ++ log_write(0, LOG_MAIN|LOG_REJECT, "local_scan() has an incompatible minor" ++ "version number, you need to recompile your module for this version" ++ "of exim (The module was compiled for version %d.%d and this exim provides" ++ "ABI version %d.%d)", vers_maj, vers_min, LOCAL_SCAN_ABI_VERSION_MAJOR, ++ LOCAL_SCAN_ABI_VERSION_MINOR); ++ return FALSE; ++ } ++ ++local_scan_fn = dlsym(local_scan_lib, "local_scan"); ++if (!local_scan_fn) ++ { ++ dlclose(local_scan_lib); ++ log_write(0, LOG_MAIN|LOG_REJECT, "local_scan() library doesn't contain " ++ "local_scan() function - message temporarily rejected"); ++ return FALSE; ++ } ++ ++return TRUE; + } + ++#endif /* DLOPEN_LOCAL_SCAN */ ++ + /* End of local_scan.c */ +diff -Naur exim-4.32/src/readconf.c exim-4.32-dlopen/src/readconf.c +--- src/readconf.c 2004-04-15 08:27:01.000000000 +0000 ++++ src/readconf.c 2004-05-06 16:23:12.000000000 +0000 +@@ -223,6 +223,9 @@ + { "local_from_prefix", opt_stringptr, &local_from_prefix }, + { "local_from_suffix", opt_stringptr, &local_from_suffix }, + { "local_interfaces", opt_stringptr, &local_interfaces }, ++#ifdef DLOPEN_LOCAL_SCAN ++ { "local_scan_path", opt_stringptr, &local_scan_path }, ++#endif + { "local_scan_timeout", opt_time, &local_scan_timeout }, + { "local_sender_retain", opt_bool, &local_sender_retain }, + { "localhost_number", opt_stringptr, &host_number_string }, diff --git a/mail-mta/exim/files/exim-4.74-radius-db-ENV-clash.patch b/mail-mta/exim/files/exim-4.74-radius-db-ENV-clash.patch new file mode 100644 index 0000000..247668e --- /dev/null +++ b/mail-mta/exim/files/exim-4.74-radius-db-ENV-clash.patch @@ -0,0 +1,22 @@ +Nasty workaround for +http://bugs.gentoo.org/show_bug.cgi?id=287426 + +--- src/auths/call_radius.c ++++ src/auths/call_radius.c +@@ -10,6 +10,16 @@ + /* This file was originally supplied by Ian Kirk. The libradius support came + from Alex Kiernan. */ + ++/* ugly hack to work around redefinition of ENV by radiusclient.h and ++ * db.h: define _DB_H_ so the db.h include thinks it's already included, ++ * we can get away with it like this, since this file doesn't use any db ++ * functions. */ ++#ifndef _DB_H_ ++#define _DB_H_ 1 ++#define _DB_EXT_PROT_IN_ 1 ++#define DB void ++#endif ++ + #include "../exim.h" + + /* This module contains functions that call the Radius authentication diff --git a/mail-mta/exim/files/exim-4.76-crosscompile.patch b/mail-mta/exim/files/exim-4.76-crosscompile.patch new file mode 100644 index 0000000..cf47ade --- /dev/null +++ b/mail-mta/exim/files/exim-4.76-crosscompile.patch @@ -0,0 +1,15 @@ +https://bugs.gentoo.org/show_bug.cgi?id=266591 + +--- OS/Makefile-Base ++++ OS/Makefile-Base +@@ -114,8 +114,8 @@ + + # Targets for special-purpose configuration header builders + buildconfig: buildconfig.c +- @echo "$(CC) buildconfig.c" +- $(FE)$(CC) $(CFLAGS) $(INCLUDE) -o buildconfig buildconfig.c $(LIBS) ++ @echo "$(HOSTCC) buildconfig.c" ++ $(FE)$(HOSTCC) $(HOSTCFLAGS) $(INCLUDE) -o buildconfig buildconfig.c $(LIBS) + + + # Target for the exicyclog utility script diff --git a/mail-mta/exim/files/exim-4.80-spool-mail-group.patch b/mail-mta/exim/files/exim-4.80-spool-mail-group.patch new file mode 100644 index 0000000..6f88d85 --- /dev/null +++ b/mail-mta/exim/files/exim-4.80-spool-mail-group.patch @@ -0,0 +1,27 @@ +Change default such that we run on a stock Gentoo system. Bug #438606 + +--- src/configure.default ++++ src/configure.default +@@ -674,8 +674,9 @@ + # BSD mailbox format. By default it will be run under the uid and gid of the + # local user, and requires the sticky bit to be set on the /var/mail directory. + # Some systems use the alternative approach of running mail deliveries under a +-# particular group instead of using the sticky bit. The commented options below +-# show how this can be done. ++# particular group instead of using the sticky bit. This is also the ++# default case on Gentoo, therefore group and mode are set below. ++# Comment them out, to get the default behaviour. + + local_delivery: + driver = appendfile +@@ -683,8 +684,8 @@ + delivery_date_add + envelope_to_add + return_path_add +-# group = mail +-# mode = 0660 ++ group = mail ++ mode = 0660 + + + # This transport is used for handling pipe deliveries generated by alias or diff --git a/mail-mta/exim/files/exim-4.82-makefile-freebsd.patch b/mail-mta/exim/files/exim-4.82-makefile-freebsd.patch new file mode 100644 index 0000000..9693d49 --- /dev/null +++ b/mail-mta/exim/files/exim-4.82-makefile-freebsd.patch @@ -0,0 +1,45 @@ +--- OS/Makefile-FreeBSD.orig 2013-09-30 19:59:09.000000000 +0200 ++++ OS/Makefile-FreeBSD 2013-09-30 20:01:22.000000000 +0200 +@@ -1,10 +1,8 @@ +-# Exim: OS-specific make file for FreeBSD +-# There's no setting of CFLAGS here, to allow the system default +-# for "make" to be the default. +- +-CHOWN_COMMAND=/usr/sbin/chown +-STRIP_COMMAND=/usr/bin/strip +-CHMOD_COMMAND=/bin/chmod ++# Exim: OS-specific FreeBSD make file, modified for Gentoo Prefix ++ ++CHOWN_COMMAND=look_for_it ++STRIP_COMMAND= ++CHMOD_COMMAND=look_for_it + + HAVE_SA_LEN=YES + +@@ -15,17 +13,9 @@ + CFLAGS_DYNAMIC=-shared -rdynamic -fPIC + + # FreeBSD always ships with Berkeley DB ++DBMLIB = -ldb + USE_DB=yes + +-# This code for building outside ports suggested by Richard Clayton +-.ifdef X11BASE +-X11=${X11BASE} +-.elifdef LOCALBASE +-X11=$(LOCALBASE) +-.else +-X11=/usr/local +-.endif +- + # nb: FreeBSD is entirely elf; objformat was removed prior to FreeBSD 7 + # http://www.freebsd.org/cgi/cvsweb.cgi/src/usr.bin/objformat/Attic/objformat.c + # deleted Jan 2007. +@@ -37,6 +27,7 @@ + # switch to default to ELF came with FreeBSD 3. elf(5) claims ELF support + # introduced in FreeBSD 2.2.6. + # ++X11=/usr/X11R6 + XINCLUDE=-I$(X11)/include + XLFLAGS=-L$(X11)/lib -Wl,-rpath,${X11}/lib + X11_LD_LIB=$(X11)/lib diff --git a/mail-mta/exim/files/exim-4.89-as-needed-ldflags.patch b/mail-mta/exim/files/exim-4.89-as-needed-ldflags.patch new file mode 100644 index 0000000..49e4309 --- /dev/null +++ b/mail-mta/exim/files/exim-4.89-as-needed-ldflags.patch @@ -0,0 +1,145 @@ +https://bugs.gentoo.org/show_bug.cgi?id=352265 + +Make sure LDFLAGS comes first, such that all libraries are considered, +and not discarded when --as-needed is in effect. + +https://bugs.gentoo.org/show_bug.cgi?id=391279 + +Use LDFLAGS for all targets, not just the exim binary, such that +--as-needed works as well. + + +--- OS/Makefile-Base ++++ OS/Makefile-Base +@@ -346,12 +346,12 @@ + buildrouters buildtransports \ + $(OBJ_EXIM) version.o + @echo "$(LNCC) -o exim" +- $(FE)$(PURIFY) $(LNCC) -o exim $(LFLAGS) $(OBJ_EXIM) version.o \ ++ $(FE)$(PURIFY) $(LNCC) -o exim $(LDFLAGS) $(OBJ_EXIM) version.o \ + routers/routers.a transports/transports.a lookups/lookups.a \ + auths/auths.a pdkim/pdkim.a \ + $(LIBRESOLV) $(LIBS) $(LIBS_EXIM) $(IPV6_LIBS) $(EXTRALIBS) \ + $(EXTRALIBS_EXIM) $(DBMLIB) $(LOOKUP_LIBS) $(AUTH_LIBS) \ +- $(PERL_LIBS) $(TLS_LIBS) $(PCRE_LIBS) $(LDFLAGS) ++ $(PERL_LIBS) $(TLS_LIBS) $(PCRE_LIBS) $(LFLAGS) + @if [ x"$(STRIP_COMMAND)" != x"" ]; then \ + echo $(STRIP_COMMAND) exim; \ + $(STRIP_COMMAND) exim; \ +@@ -367,8 +367,8 @@ + + exim_dumpdb: $(OBJ_DUMPDB) + @echo "$(LNCC) -o exim_dumpdb" +- $(FE)$(LNCC) $(CFLAGS) $(INCLUDE) -o exim_dumpdb $(LFLAGS) $(OBJ_DUMPDB) \ +- $(LIBS) $(EXTRALIBS) $(DBMLIB) ++ $(FE)$(LNCC) $(CFLAGS) $(INCLUDE) -o exim_dumpdb $(LDFLAGS) $(OBJ_DUMPDB) \ ++ $(LIBS) $(EXTRALIBS) $(DBMLIB) $(LFLAGS) + @if [ x"$(STRIP_COMMAND)" != x"" ]; then \ + echo $(STRIP_COMMAND) exim_dumpdb; \ + $(STRIP_COMMAND) exim_dumpdb; \ +@@ -382,8 +382,8 @@ + + exim_fixdb: $(OBJ_FIXDB) buildauths + @echo "$(LNCC) -o exim_fixdb" +- $(FE)$(LNCC) $(CFLAGS) $(INCLUDE) -o exim_fixdb $(LFLAGS) $(OBJ_FIXDB) \ +- auths/auths.a $(LIBS) $(EXTRALIBS) $(DBMLIB) ++ $(FE)$(LNCC) $(CFLAGS) $(INCLUDE) -o exim_fixdb $(LDFLAGS) $(OBJ_FIXDB) \ ++ auths/auths.a $(LIBS) $(EXTRALIBS) $(DBMLIB) $(LFLAGS) + @if [ x"$(STRIP_COMMAND)" != x"" ]; then \ + echo $(STRIP_COMMAND) exim_fixdb; \ + $(STRIP_COMMAND) exim_fixdb; \ +@@ -397,8 +397,8 @@ + + exim_tidydb: $(OBJ_TIDYDB) + @echo "$(LNCC) -o exim_tidydb" +- $(FE)$(LNCC) $(CFLAGS) $(INCLUDE) -o exim_tidydb $(LFLAGS) $(OBJ_TIDYDB) \ +- $(LIBS) $(EXTRALIBS) $(DBMLIB) ++ $(FE)$(LNCC) $(CFLAGS) $(INCLUDE) -o exim_tidydb $(LDFLAGS) $(OBJ_TIDYDB) \ ++ $(LIBS) $(EXTRALIBS) $(DBMLIB) $(LFLAGS) + @if [ x"$(STRIP_COMMAND)" != x"" ]; then \ + echo $(STRIP_COMMAND) exim_tidydb; \ + $(STRIP_COMMAND) exim_tidydb; \ +@@ -410,8 +410,8 @@ + + exim_dbmbuild: exim_dbmbuild.o + @echo "$(LNCC) -o exim_dbmbuild" +- $(FE)$(LNCC) $(CFLAGS) $(INCLUDE) -o exim_dbmbuild $(LFLAGS) exim_dbmbuild.o \ +- $(LIBS) $(EXTRALIBS) $(DBMLIB) ++ $(FE)$(LNCC) $(CFLAGS) $(INCLUDE) -o exim_dbmbuild $(LDFLAGS) exim_dbmbuild.o \ ++ $(LIBS) $(EXTRALIBS) $(DBMLIB) $(LFLAGS) + @if [ x"$(STRIP_COMMAND)" != x"" ]; then \ + echo $(STRIP_COMMAND) exim_dbmbuild; \ + $(STRIP_COMMAND) exim_dbmbuild; \ +@@ -425,8 +425,8 @@ + @echo "$(CC) exim_lock.c" + $(FE)$(CC) -c $(CFLAGS) $(INCLUDE) exim_lock.c + @echo "$(LNCC) -o exim_lock" +- $(FE)$(LNCC) -o exim_lock $(LFLAGS) exim_lock.o \ +- $(LIBS) $(EXTRALIBS) ++ $(FE)$(LNCC) -o exim_lock $(LDFLAGS) exim_lock.o \ ++ $(LIBS) $(EXTRALIBS) $(LFLAGS) + @if [ x"$(STRIP_COMMAND)" != x"" ]; then \ + echo $(STRIP_COMMAND) exim_lock; \ + $(STRIP_COMMAND) exim_lock; \ +@@ -462,9 +462,9 @@ + $(FE)$(CC) -o em_version.o -c \ + $(CFLAGS) $(XINCLUDE) -I. ../exim_monitor/em_version.c + @echo "$(LNCC) -o eximon.bin" +- $(FE)$(PURIFY) $(LNCC) -o eximon.bin em_version.o $(LFLAGS) $(XLFLAGS) \ ++ $(FE)$(PURIFY) $(LNCC) -o eximon.bin em_version.o $(LDFLAGS) $(XLFLAGS) \ + $(OBJ_MONBIN) -lXaw -lXmu -lXt -lXext -lX11 $(PCRE_LIBS) \ +- $(LIBS) $(LIBS_EXIMON) $(EXTRALIBS) $(EXTRALIBS_EXIMON) -lc ++ $(LIBS) $(LIBS_EXIMON) $(EXTRALIBS) $(EXTRALIBS_EXIMON) -lc $(LFLAGS) + @if [ x"$(STRIP_COMMAND)" != x"" ]; then \ + echo $(STRIP_COMMAND) eximon.bin; \ + $(STRIP_COMMAND) eximon.bin; \ +@@ -780,9 +780,9 @@ + string.o tod.o version.o utf8.o + $(CC) -c $(CFLAGS) $(INCLUDE) -DSTAND_ALONE dbfn.c + $(CC) -c $(CFLAGS) $(INCLUDE) -DCOMPILE_UTILITY store.c +- $(LNCC) -o test_dbfn $(LFLAGS) dbfn.o \ ++ $(LNCC) -o test_dbfn $(LDFLAGS) dbfn.o \ + dummies.o sa-globals.o sa-os.o store.o string.o \ +- tod.o version.o utf8.o $(LIBS) $(DBMLIB) $(LDFLAGS) ++ tod.o version.o utf8.o $(LIBS) $(DBMLIB) $(LFLAGS) + rm -f dbfn.o store.o + + test_host: config.h child.c host.c dns.c dummies.c sa-globals.o os.o \ +@@ -790,29 +790,29 @@ + $(CC) -c $(CFLAGS) $(INCLUDE) -DSTAND_ALONE -DTEST_HOST host.c + $(CC) -c $(CFLAGS) $(INCLUDE) -DSTAND_ALONE -DTEST_HOST dns.c + $(CC) -c $(CFLAGS) $(INCLUDE) -DSTAND_ALONE -DTEST_HOST dummies.c +- $(LNCC) -o test_host $(LFLAGS) \ ++ $(LNCC) -o test_host $(LDFLAGS) \ + host.o child.o dns.o dummies.o sa-globals.o os.o store.o string.o \ +- tod.o tree.o $(LIBS) $(LIBRESOLV) ++ tod.o tree.o $(LIBS) $(LIBRESOLV) $(LFLAGS) + rm -f child.o dummies.o host.o dns.o + + test_os: os.h os.c dummies.o sa-globals.o store.o string.o tod.o utf8.o + $(CC) -c $(CFLAGS) $(INCLUDE) -DSTAND_ALONE os.c +- $(LNCC) -o test_os $(LFLAGS) os.o dummies.o \ +- sa-globals.o store.o string.o tod.o utf8.o $(LIBS) $(LDFLAGS) ++ $(LNCC) -o test_os $(LDFLAGS) os.o dummies.o \ ++ sa-globals.o store.o string.o tod.o utf8.o $(LIBS) $(LFLAGS) + rm -f os.o + + test_parse: config.h parse.c dummies.o sa-globals.o \ + store.o string.o tod.o version.o utf8.o + $(CC) -c $(CFLAGS) $(INCLUDE) -DSTAND_ALONE parse.c +- $(LNCC) -o test_parse $(LFLAGS) parse.o \ ++ $(LNCC) -o test_parse $(LDFLAGS) parse.o \ + dummies.o sa-globals.o store.o string.o tod.o version.o \ +- utf8.o $(LDFLAGS) ++ utf8.o $(LFLAGS) + rm -f parse.o + + test_string: config.h string.c dummies.o sa-globals.o store.o tod.o utf8.o + $(CC) -c $(CFLAGS) $(INCLUDE) -DSTAND_ALONE string.c +- $(LNCC) -o test_string $(LFLAGS) -DSTAND_ALONE string.o \ +- dummies.o sa-globals.o store.o tod.o utf8.o $(LIBS) $(LDFLAGS) ++ $(LNCC) -o test_string $(LDFLAGS) -DSTAND_ALONE string.o \ ++ dummies.o sa-globals.o store.o tod.o utf8.o $(LIBS) $(LFLAGS) + rm -f string.o + + # End diff --git a/mail-mta/exim/files/exim-4.89-transport-crash.patch b/mail-mta/exim/files/exim-4.89-transport-crash.patch new file mode 100644 index 0000000..94a1d6b --- /dev/null +++ b/mail-mta/exim/files/exim-4.89-transport-crash.patch @@ -0,0 +1,62 @@ +This is a manual backport of the following commit which fixes the +original bug as well as https://bugs.exim.org/show_bug.cgi?id=2166: + +From e69636bc9ddf3617be688b07941d7d659d50eaa7 Mon Sep 17 00:00:00 2001 +From: Jeremy Harris <jgh146exb@wizmail.org> +Date: Sat, 3 Jun 2017 13:39:18 +0100 +Subject: [PATCH 1/1] Fix crash in transport, on second smtp-connect fail for a + list of target hosts + +Reported as the sequence: + 1MX: 554 on connect (banner) + 2MX: TCP conn timeout + +diff --git a/src/src/transports/smtp.c b/src/src/transports/smtp.c +index 454c0f7..dc9e03b 100644 +--- a/src/src/transports/smtp.c ++++ b/src/src/transports/smtp.c +@@ -2177,25 +2177,34 @@ return OK; + + /* The failure happened while setting up the call; see if the failure was + a 5xx response (this will either be on connection, or following HELO - a 5xx +- after EHLO causes it to try HELO). If so, fail all addresses, as this host is +- never going to accept them. For other errors during setting up (timeouts or +- whatever), defer all addresses, and yield DEFER, so that the host is not +- tried again for a while. */ ++ after EHLO causes it to try HELO). If so, and there are no more hosts to try, ++ fail all addresses, as this host is never going to accept them. For other ++ errors during setting up (timeouts or whatever), defer all addresses, and ++ yield DEFER, so that the host is not tried again for a while. ++ ++ XXX This peeking for another host feels like a layering violation. We want ++ to note the host as unusable, but down here we shouldn't know if this was ++ the last host to try for the addr(list). Perhaps the upper layer should be ++ the one to do set_errno() ? The problem is that currently the addr is where ++ errno etc. are stashed, but until we run out of hosts to try the errors are ++ host-specific. Maybe we should enhance the host_item definition? */ + + FAILED: + sx->ok = FALSE; /* For when reached by GOTO */ +- +- yield = code == '5' ++ set_errno(sx->addrlist, errno, message, ++ sx->host->next ++ ? DEFER ++ : code == '5' + #ifdef SUPPORT_I18N +- || errno == ERRNO_UTF8_FWD ++ || errno == ERRNO_UTF8_FWD + #endif +- ? FAIL : DEFER; +- +- set_errno(sx->addrlist, errno, message, yield, pass_message, sx->host ++ ? FAIL : DEFER, ++ pass_message, sx->host + #ifdef EXPERIMENTAL_DSN_INFO + , sx->smtp_greeting, sx->helo_response + #endif + ); ++ yield = DEFER; + } + + diff --git a/mail-mta/exim/files/exim-submission.socket b/mail-mta/exim/files/exim-submission.socket new file mode 100644 index 0000000..b9593e2 --- /dev/null +++ b/mail-mta/exim/files/exim-submission.socket @@ -0,0 +1,10 @@ +[Unit] +Description=Exim Mail Transfer Agent (message submission) +Conflicts=exim.service + +[Socket] +ListenStream=587 +Accept=yes + +[Install] +WantedBy=sockets.target diff --git a/mail-mta/exim/files/exim-submission_at.service b/mail-mta/exim/files/exim-submission_at.service new file mode 100644 index 0000000..4f90cd8 --- /dev/null +++ b/mail-mta/exim/files/exim-submission_at.service @@ -0,0 +1,11 @@ +# It doesn't make sense for this to be separate from exim@.service +# However, I couldn't think of a way to have two .socket files point +# to it ([Socket] Service= is rejected if Accept=yes is set). + +[Unit] +Description=Exim Mail Daemon per-connection server (message submission) + +[Service] +ExecStart=-/usr/bin/exim -bs +StandardInput=socket +StandardError=syslog diff --git a/mail-mta/exim/files/exim.confd b/mail-mta/exim/files/exim.confd new file mode 100644 index 0000000..1534d9d --- /dev/null +++ b/mail-mta/exim/files/exim.confd @@ -0,0 +1,5 @@ +# Command-line options for running exim +EXIM_OPTS="-bd -q15m" + +# Additional flags passed to exim_tidydb upon start (e.g. -t 7d) +TIDY_OPTS="" diff --git a/mail-mta/exim/files/exim.logrotate b/mail-mta/exim/files/exim.logrotate new file mode 100644 index 0000000..f54f8c4 --- /dev/null +++ b/mail-mta/exim/files/exim.logrotate @@ -0,0 +1,9 @@ +/var/log/exim/exim*.log { + daily + missingok + rotate 28 + compress + delaycompress + notifempty + create 640 mail mail +} diff --git a/mail-mta/exim/files/exim.rc10 b/mail-mta/exim/files/exim.rc10 new file mode 100644 index 0000000..c44dba1 --- /dev/null +++ b/mail-mta/exim/files/exim.rc10 @@ -0,0 +1,47 @@ +#!/sbin/openrc-run +# Copyright 1999-2017 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +extra_started_commands="reload" + +depend() { + need logger + use antivirus net + provide mta +} + +tidy_dbs() { + local spooldir=$(/usr/sbin/exim -C /etc/exim/${SVCNAME}.conf -bP -n spool_directory) + local db + local ret=0 + ebegin "Tidying hints databases in ${spooldir}/db" + for db in "${spooldir}"/db/* ; do + case "${db}" in + *".lockfile"|*"*") continue ;; + esac + /usr/sbin/exim_tidydb ${TIDY_OPTS} "${spooldir}" ${db##*/} > /dev/null + : $((ret += $?)) + done + eend ${ret} +} + +start() { + # if you use multiple instances, make sure you set spool_directory + # in the configfile + tidy_dbs + ebegin "Starting ${SVCNAME}" + start-stop-daemon --start --exec /usr/sbin/exim --pidfile /run/${SVCNAME}.pid -- -C /etc/exim/${SVCNAME}.conf ${EXIM_OPTS:--bd -q15m} + eend $? +} + +stop() { + ebegin "Stopping ${SVCNAME}" + start-stop-daemon --stop --pidfile /run/${SVCNAME}.pid --name exim + eend $? +} + +reload() { + ebegin "Reloading ${SVCNAME}" + start-stop-daemon --signal HUP --pidfile /run/${SVCNAME}.pid --name exim + eend $? +} diff --git a/mail-mta/exim/files/exim.service b/mail-mta/exim/files/exim.service new file mode 100644 index 0000000..c8a61cd --- /dev/null +++ b/mail-mta/exim/files/exim.service @@ -0,0 +1,12 @@ +[Unit] +Description=Exim Mail Transport Agent +After=network.target + +[Service] +Environment=QUEUE=15m +ExecStart=/usr/sbin/exim -bdf -q${QUEUE} +ExecReload=/bin/kill -HUP $MAINPID +PrivateTmp=true + +[Install] +WantedBy=multi-user.target diff --git a/mail-mta/exim/files/exim.socket b/mail-mta/exim/files/exim.socket new file mode 100644 index 0000000..36d2868 --- /dev/null +++ b/mail-mta/exim/files/exim.socket @@ -0,0 +1,10 @@ +[Unit] +Description=Exim Mail Transfer Agent +Conflicts=exim.service + +[Socket] +ListenStream=25 +Accept=yes + +[Install] +WantedBy=sockets.target diff --git a/mail-mta/exim/files/exim_at.service b/mail-mta/exim/files/exim_at.service new file mode 100644 index 0000000..19c07a5 --- /dev/null +++ b/mail-mta/exim/files/exim_at.service @@ -0,0 +1,7 @@ +[Unit] +Description=Exim Mail Daemon per-connection server + +[Service] +ExecStart=-/usr/bin/exim -bs +StandardInput=socket +StandardError=syslog diff --git a/mail-mta/exim/metadata.xml b/mail-mta/exim/metadata.xml new file mode 100644 index 0000000..8a96bf7 --- /dev/null +++ b/mail-mta/exim/metadata.xml @@ -0,0 +1,54 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> + <maintainer type="person"> + <email>grobian@gentoo.org</email> + </maintainer> + <maintainer type="project"> + <email>net-mail@gentoo.org</email> + <name>Net-Mail</name> + </maintainer> + <longdescription> + Exim is a message transfer agent (MTA) developed at the University of + Cambridge for use on Unix systems connected to the Internet. It is + freely available under the terms of the GNU General Public Licence. In + style it is similar to Smail 3, but its facilities are more general. + There is a great deal of flexibility in the way mail can be routed, and + there are extensive facilities for checking incoming mail. Exim can be + installed in place of sendmail, although the configuration of exim is + quite different to that of sendmail. + </longdescription> + <use> + <flag name="dcc">Adds support for Distributed Checksum Clearinghouse + (DCC)</flag> + <flag name="dane">Adds support for DNS-based Authentication of Named Entities</flag> + <flag name="dkim">Adds support for DomainKeys Identified Mail + (DKIM)</flag> + <flag name="dnsdb">Adds support for a DNS search for a record whose + domain name is the supplied query</flag> + <flag name="dovecot-sasl">Adds support for Dovecot's + authentication</flag> + <flag name="dlfunc">Install local_scan.h header to compile separate + dlfunc libraries</flag> + <flag name="dmarc">Adds support for DMARC</flag> + <flag name="dsn">Adds support for Delivery Status Notifications + (DSN)</flag> + <flag name="exiscan-acl">Patch providing support for content + scanning</flag> + <flag name="lmtp">Adds support for lmtp</flag> + <flag name="mbx">Adds support for UW's mbx format</flag> + <flag name="spf">Adds support for Sender Policy Framework</flag> + <flag name="srs">Adds support for Sender Rewriting Scheme</flag> + <flag name="proxy">Add support for being behind a proxy, such as HAProxy</flag> + <flag name="pkcs11">Require pkcs11 support in <pkg>net-libs/gnutls</pkg> with USE=gnutls</flag> + <flag name="redis">Adds support for querying <pkg>dev-db/redis</pkg></flag> + <flag name="prdr">Adds support for Per-Recipient Data Response</flag> + <flag name="tpda">Adds support for Transport Post-Delivery Actions</flag> + </use> + <upstream> + <bugs-to>http://bugs.exim.org/</bugs-to> + <!-- stupid DTD doesn't allow this + <vcs>http://git.exim.org/exim.git</vcs> + --> + </upstream> +</pkgmetadata> |