Fri Sep 6 14:08:18 2013 UTC ()
Update postfix to 2.9.8.

Changes:

2.9.8

* TLS Interoperability workaround: turn on SHA-2 digests by force.
  This improves interoperability with clients and servers that
  deploy SHA-2 digests without the required support for TLSv1.2-style
  digest negotiation.

* TLS Performance workaround: the Postfix SMTP server TLS session
  cache had become ineffective because recent OpenSSL versions
  enable session tickets by default, resulting in a different
  ticket encryption key for each smtpd(8) process. The workaround
  turns off session tickets. Postfix 2.11 will enable session
  tickets properly.

* TLS Interoperability workaround: Debian Exim versions before
  4.80-3 may fail to communicate with Postfix and possibly other
  MTAs, with the following Exim SMTP client error message:

      TLS error on connection to server-name [server-address]
      (gnutls_handshake): The Diffie-Hellman prime sent by the
      server is not acceptable (not long enough)

  See the RELEASE_NOTES file for a Postfix SMTP server configuration
  workaround.

* Bugfix (defect introduced: 1997): memory leak while forwarding
  mail with the local(8) delivery agent, in code that handles a
  cleanup(8) server error.

2.9.7

* Bugfix (introduced: Postfix 2.0): when myhostname is not listed in
  mydestination, the trivial-rewrite resolver may log "do not list in both
  mydestination and ". The fix is to re-resolve a domain-less address after
  adding $myhostname as the surrogate domain, so that it pops out with the
  right address-class label. Reported by Quanah Gibson-Mount.

* Bugfix (introduced: Postfix 2.3): don't reuse TCP connections when
  smtp_tls_policy_maps is specified. TLS policies may depend on the remote
  destination, but the Postfix <2.11 SMTP connection cache client does not
  distinguish between different destinations that resolve to the same IP
  address. Victor Duchovni. Found during Postfix 2.11 code maintenance.

* Bugfix (introduced: Postfix 2.2): don't reuse TCP connections when SASL
  authentication is enabled. SASL passwords may depend on the remote SMTP
  server hostname, but the Postfix <2.11 SMTP connection cache client does not
  distinguish between different hostnames that resolve to the same IP
  address. Found during Postfix 2.11 code maintenance.


(taca)
diff -r1.265 -r1.266 pkgsrc/mail/postfix/Makefile
diff -r1.149 -r1.150 pkgsrc/mail/postfix/distinfo
diff -r1.28 -r1.29 pkgsrc/mail/postfix/patches/patch-ai
diff -r1.1 -r1.2 pkgsrc/mail/postfix/patches/patch-src_dns_dns__lookup.c
cvs diff -r1.265 -r1.266 pkgsrc/mail/postfix/Makefile (expand / switch to unified diff)

--- pkgsrc/mail/postfix/Makefile 2013/06/07 16:30:25 1.265
+++ pkgsrc/mail/postfix/Makefile 2013/09/06 14:08:18 1.266
@@ -1,17 +1,16 @@ @@ -1,17 +1,16 @@
1# $NetBSD: Makefile,v 1.265 2013/06/07 16:30:25 jperkin Exp $ 1# $NetBSD: Makefile,v 1.266 2013/09/06 14:08:18 taca Exp $
2 2
3DISTNAME= postfix-2.9.6 3DISTNAME= postfix-2.9.8
4PKGREVISION= 4 
5CATEGORIES= mail 4CATEGORIES= mail
6MASTER_SITES= ftp://ftp.porcupine.org/mirrors/postfix-release/official/ 5MASTER_SITES= ftp://ftp.porcupine.org/mirrors/postfix-release/official/
7MASTER_SITES+= http://postfix.it-austria.net/releases/official/ 6MASTER_SITES+= http://postfix.it-austria.net/releases/official/
8MASTER_SITES+= http://mirrors.isc.org/pub/postfix/official/ 7MASTER_SITES+= http://mirrors.isc.org/pub/postfix/official/
9MASTER_SITES+= http://mirror.postfix.jp/postfix-release/official/ 8MASTER_SITES+= http://mirror.postfix.jp/postfix-release/official/
10 9
11MAINTAINER= pkgsrc-users@NetBSD.org 10MAINTAINER= pkgsrc-users@NetBSD.org
12HOMEPAGE= http://www.postfix.org/ 11HOMEPAGE= http://www.postfix.org/
13COMMENT= Postfix SMTP server and tools 12COMMENT= Postfix SMTP server and tools
14# The postfix license has only very minor diffs from cpl-1.0. 13# The postfix license has only very minor diffs from cpl-1.0.
15LICENSE= cpl-1.0 14LICENSE= cpl-1.0
16#LICENSE= postfix-license 15#LICENSE= postfix-license
17 16
cvs diff -r1.149 -r1.150 pkgsrc/mail/postfix/distinfo (expand / switch to unified diff)

--- pkgsrc/mail/postfix/distinfo 2013/02/26 19:56:18 1.149
+++ pkgsrc/mail/postfix/distinfo 2013/09/06 14:08:18 1.150
@@ -1,9 +1,9 @@ @@ -1,9 +1,9 @@
1$NetBSD: distinfo,v 1.149 2013/02/26 19:56:18 garbled Exp $ 1$NetBSD: distinfo,v 1.150 2013/09/06 14:08:18 taca Exp $
2 2
3SHA1 (postfix-2.9.6.tar.gz) = 9d7af8670fd13fd5e5290ff2e3f00d724178f0fb 3SHA1 (postfix-2.9.8.tar.gz) = 392f09ecaf6ccb5e7e40d96d26f37f2602f6198f
4RMD160 (postfix-2.9.6.tar.gz) = e3148a42f246c4f54c82cf387b7467805edcd2cd 4RMD160 (postfix-2.9.8.tar.gz) = a907383209f00210217b13e9eefc841666371e68
5Size (postfix-2.9.6.tar.gz) = 3767309 bytes 5Size (postfix-2.9.8.tar.gz) = 3769844 bytes
6SHA1 (patch-aa) = 2115fd7af5776a14fdbfc88a5ad3bc668a6762db 6SHA1 (patch-aa) = 2115fd7af5776a14fdbfc88a5ad3bc668a6762db
7SHA1 (patch-ag) = 60d752b6c8db971d92ca0017c63329ad446209c5 7SHA1 (patch-ag) = 60d752b6c8db971d92ca0017c63329ad446209c5
8SHA1 (patch-ai) = 1bd3682b74de11e5d420e453f3df088d965452d6 8SHA1 (patch-ai) = 619bab1c9f5a30929086ff2414dca8cff6c4c37e
9SHA1 (patch-src_dns_dns__lookup.c) = 70147b43a683aa6fd99317d7bae36dfe9beb2d8d 9SHA1 (patch-src_dns_dns__lookup.c) = 1e4e94f0929d351c5cdb606ac2f61c1e07224ca5
cvs diff -r1.28 -r1.29 pkgsrc/mail/postfix/patches/patch-ai (expand / switch to unified diff)

--- pkgsrc/mail/postfix/patches/patch-ai 2012/12/13 16:23:14 1.28
+++ pkgsrc/mail/postfix/patches/patch-ai 2013/09/06 14:08:18 1.29
@@ -1,89 +1,89 @@ @@ -1,89 +1,89 @@
1$NetBSD: patch-ai,v 1.28 2012/12/13 16:23:14 taca Exp $ 1$NetBSD: patch-ai,v 1.29 2013/09/06 14:08:18 taca Exp $
2 2
3Make this pkgsrc friendly. 3Make this pkgsrc friendly.
4Add support for NetBSD 5.x, NetBSD 6.x and DragonFly BSD. 4Add support for NetBSD 5.x, NetBSD 6.x and DragonFly BSD.
5 5
6--- makedefs.orig 2012-12-12 22:49:32.000000000 +0000 6--- makedefs.orig 2012-11-29 23:53:34.000000000 +0000
7+++ makedefs 7+++ makedefs
8@@ -148,6 +148,8 @@ case "$SYSTEM.$RELEASE" in 8@@ -155,6 +155,8 @@ case "$SYSTEM.$RELEASE" in
9 ;; 9 ;;
10 FreeBSD.9*) SYSTYPE=FREEBSD9 10 FreeBSD.9*) SYSTYPE=FREEBSD9
11 ;; 11 ;;
12+ DragonFly.*) SYSTYPE=DRAGONFLY 12+ DragonFly.*) SYSTYPE=DRAGONFLY
13+ ;; 13+ ;;
14 OpenBSD.2*) SYSTYPE=OPENBSD2 14 OpenBSD.2*) SYSTYPE=OPENBSD2
15 ;; 15 ;;
16 OpenBSD.3*) SYSTYPE=OPENBSD3 16 OpenBSD.3*) SYSTYPE=OPENBSD3
17@@ -166,6 +168,10 @@ case "$SYSTEM.$RELEASE" in 17@@ -173,6 +175,10 @@ case "$SYSTEM.$RELEASE" in
18 ;; 18 ;;
19 NetBSD.4*) SYSTYPE=NETBSD4 19 NetBSD.4*) SYSTYPE=NETBSD4
20 ;; 20 ;;
21+ NetBSD.5*) SYSTYPE=NETBSD5 21+ NetBSD.5*) SYSTYPE=NETBSD5
22+ ;; 22+ ;;
23+ NetBSD.6*) SYSTYPE=NETBSD6 23+ NetBSD.6*) SYSTYPE=NETBSD6
24+ ;; 24+ ;;
25 BSD/OS.2*) SYSTYPE=BSDI2 25 BSD/OS.2*) SYSTYPE=BSDI2
26 ;; 26 ;;
27 BSD/OS.3*) SYSTYPE=BSDI3 27 BSD/OS.3*) SYSTYPE=BSDI3
28@@ -218,13 +224,6 @@ case "$SYSTEM.$RELEASE" in 28@@ -225,13 +231,6 @@ case "$SYSTEM.$RELEASE" in
29 esac 29 esac
30 ;; 30 ;;
31 ULTRIX.4*) SYSTYPE=ULTRIX4 31 ULTRIX.4*) SYSTYPE=ULTRIX4
32- if [ -f /usr/local/lib/libdb.a ]; then 32- if [ -f /usr/local/lib/libdb.a ]; then
33- SYSLIBS="$SYSLIBS -ldb" 33- SYSLIBS="$SYSLIBS -ldb"
34- CCARGS="$CCARGS -DHAS_DB" 34- CCARGS="$CCARGS -DHAS_DB"
35- if [ -d /usr/local/include/db ]; then 35- if [ -d /usr/local/include/db ]; then
36- CCARGS="$CCARGS -I/usr/local/include/db" 36- CCARGS="$CCARGS -I/usr/local/include/db"
37- fi 37- fi
38- fi 38- fi
39 for l in syslog resolv; do 39 for l in syslog resolv; do
40 if [ -f /usr/local/lib/lib$l.a ]; then 40 if [ -f /usr/local/lib/lib$l.a ]; then
41 SYSLIBS="$SYSLIBS -l$l" 41 SYSLIBS="$SYSLIBS -l$l"
42@@ -262,25 +261,8 @@ case "$SYSTEM.$RELEASE" in 42@@ -269,25 +268,8 @@ case "$SYSTEM.$RELEASE" in
43 esac;; 43 esac;;
44 # Tested with RedHat 3.03 on 20020729. 44 # Tested with RedHat 3.03 on 20020729.
45 Linux.1*) SYSTYPE=LINUX1 45 Linux.1*) SYSTYPE=LINUX1
46- SYSLIBS="-ldb" 46- SYSLIBS="-ldb"
47 ;; 47 ;;
48 Linux.2*) SYSTYPE=LINUX2 48 Linux.2*) SYSTYPE=LINUX2
49- # Postfix no longer needs DB 1.85 compatibility 49- # Postfix no longer needs DB 1.85 compatibility
50- if [ -f /usr/include/db.h ] 50- if [ -f /usr/include/db.h ]
51- then 51- then
52- : we are all set 52- : we are all set
53- elif [ -f /usr/include/db/db.h ] 53- elif [ -f /usr/include/db/db.h ]
54- then 54- then
55- CCARGS="$CCARGS -I/usr/include/db" 55- CCARGS="$CCARGS -I/usr/include/db"
56- else 56- else
57- # No, we're not going to try db1 db2 db3 etc. 57- # No, we're not going to try db1 db2 db3 etc.
58- # On a properly installed system, Postfix builds 58- # On a properly installed system, Postfix builds
59- # by including <db.h> and by linking with -ldb 59- # by including <db.h> and by linking with -ldb
60- echo "No <db.h> include file found." 1>&2 60- echo "No <db.h> include file found." 1>&2
61- echo "Install the appropriate db*-devel package first." 1>&2 61- echo "Install the appropriate db*-devel package first." 1>&2
62- echo "See the RELEASE_NOTES file for more information." 1>&2 62- echo "See the RELEASE_NOTES file for more information." 1>&2
63- exit 1 63- exit 1
64- fi 64- fi
65 # GDBM locks the DBM .pag file after open. This breaks postmap. 65 # GDBM locks the DBM .pag file after open. This breaks postmap.
66 # if [ -f /usr/include/gdbm-ndbm.h ] 66 # if [ -f /usr/include/gdbm-ndbm.h ]
67 # then 67 # then
68@@ -291,7 +273,6 @@ case "$SYSTEM.$RELEASE" in 68@@ -298,7 +280,6 @@ case "$SYSTEM.$RELEASE" in
69 # CCARGS="$CCARGS -DHAS_DBM -DPATH_NDBM_H='<gdbm/ndbm.h>'" 69 # CCARGS="$CCARGS -DHAS_DBM -DPATH_NDBM_H='<gdbm/ndbm.h>'"
70 # GDBM_LIBS=gdbm 70 # GDBM_LIBS=gdbm
71 # fi 71 # fi
72- SYSLIBS="-ldb" 72- SYSLIBS="-ldb"
73 for name in nsl resolv $GDBM_LIBS 73 for name in nsl resolv $GDBM_LIBS
74 do 74 do
75 for lib in /usr/lib64 /lib64 /usr/lib /lib 75 for lib in /usr/lib64 /lib64 /usr/lib /lib
76@@ -420,25 +401,13 @@ EOF 76@@ -427,25 +408,13 @@ EOF
77 HP-UX.A.09.*) SYSTYPE=HPUX9 77 HP-UX.A.09.*) SYSTYPE=HPUX9
78 SYSLIBS=-ldbm 78 SYSLIBS=-ldbm
79 CCARGS="$CCARGS -DMISSING_USLEEP" 79 CCARGS="$CCARGS -DMISSING_USLEEP"
80- if [ -f /usr/lib/libdb.a ]; then 80- if [ -f /usr/lib/libdb.a ]; then
81- CCARGS="$CCARGS -DHAS_DB" 81- CCARGS="$CCARGS -DHAS_DB"
82- SYSLIBS="$SYSLIBS -ldb" 82- SYSLIBS="$SYSLIBS -ldb"
83- fi 83- fi
84 ;; 84 ;;
85 HP-UX.B.10.*) SYSTYPE=HPUX10 85 HP-UX.B.10.*) SYSTYPE=HPUX10
86 CCARGS="$CCARGS `nm /usr/lib/libc.a 2>/dev/null | 86 CCARGS="$CCARGS `nm /usr/lib/libc.a 2>/dev/null |
87 (grep usleep >/dev/null || echo '-DMISSING_USLEEP')`" 87 (grep usleep >/dev/null || echo '-DMISSING_USLEEP')`"
88- if [ -f /usr/lib/libdb.a ]; then 88- if [ -f /usr/lib/libdb.a ]; then
89- CCARGS="$CCARGS -DHAS_DB" 89- CCARGS="$CCARGS -DHAS_DB"
cvs diff -r1.1 -r1.2 pkgsrc/mail/postfix/patches/Attic/patch-src_dns_dns__lookup.c (expand / switch to unified diff)

--- pkgsrc/mail/postfix/patches/Attic/patch-src_dns_dns__lookup.c 2013/02/26 19:56:18 1.1
+++ pkgsrc/mail/postfix/patches/Attic/patch-src_dns_dns__lookup.c 2013/09/06 14:08:18 1.2
@@ -1,14 +1,16 @@ @@ -1,14 +1,16 @@
1$NetBSD: patch-src_dns_dns__lookup.c,v 1.1 2013/02/26 19:56:18 garbled Exp $ 1$NetBSD: patch-src_dns_dns__lookup.c,v 1.2 2013/09/06 14:08:18 taca Exp $
 2
 3Fix runtime problem when mysql PKG_OPTIONS is enabled.
2 4
3--- src/dns/dns_lookup.c.orig 2013-02-26 19:34:50.000000000 +0000 5--- src/dns/dns_lookup.c.orig 2013-02-26 19:34:50.000000000 +0000
4+++ src/dns/dns_lookup.c 6+++ src/dns/dns_lookup.c
5@@ -153,6 +153,8 @@ 7@@ -153,6 +153,8 @@
6  8
7 /* Local stuff. */ 9 /* Local stuff. */
8  10
9+struct __res_state rstate; 11+struct __res_state rstate;
10+ 12+
11 /* 13 /*
12 * Structure to keep track of things while decoding a name server reply. 14 * Structure to keep track of things while decoding a name server reply.
13 */ 15 */
14@@ -192,7 +194,7 @@ static int dns_query(const char *name, i 16@@ -192,7 +194,7 @@ static int dns_query(const char *name, i