Sat Jan 28 09:28:31 2023 UTC ()
mail/postfix: update to 3.7.4

Postfix 3.7.4 (2023-01-22)

  * Workaround: with OpenSSL 3 and later always turn on
    SSL_OP_IGNORE_UNEXPECTED_EOF, to avoid warning messages and missed
    opportunities for TLS session reuse. This is safe because the SMTP
    protocol implements application-level framing, and is therefore not
    affected by TLS truncation attacks. Fix by Viktor Dukhovni.

  * Workaround: OpenSSL 3.x EVP_get_digestbyname() can return
    lazily-bound handles for digest implementations. In sufficiently
    hostile configurations, Postfix could mistakenly believe that a digest
    algorithm is available, and fail when it is not. A similar workaround
    may be needed for EVP_get_cipherbyname(). Fix by Viktor Dukhovni.

  * Bugfix (bug introduced in Postfix 2.11): the checkok() macro in
    tls/tls_fprint.c evaluated its argument unconditionally; it should
    evaluate the argument only if there was no prior error. Found during
    code review.

  * Bugfix (bug introduced in Postfix 2.8): postscreen died with a
    segmentation violation when postscreen_dnsbl_threshold < 1. It
    should reject such input with a fatal error instead. Discovered by
    Benny Pedersen.

  * Bitrot: fixes for linker warnings from newer Darwin (MacOS)
    versions. Viktor Dukhovni.

  * Portability: Linux 6 support.

  * Added missing documentation that cidr:, pcre: and regexp: tables
    support inline specification only in Postfix 3.7 and later.


(taca)
diff -r1.338 -r1.339 pkgsrc/mail/postfix/Makefile
diff -r1.42 -r1.43 pkgsrc/mail/postfix/Makefile.common
diff -r1.203 -r1.204 pkgsrc/mail/postfix/distinfo
diff -r1.32 -r1.33 pkgsrc/mail/postfix-sqlite/Makefile
diff -r1.45 -r1.46 pkgsrc/mail/postfix/patches/patch-ai
cvs diff -r1.338 -r1.339 pkgsrc/mail/postfix/Makefile (expand / switch to unified diff)

--- pkgsrc/mail/postfix/Makefile 2022/11/23 16:20:33 1.338
+++ pkgsrc/mail/postfix/Makefile 2023/01/28 09:28:30 1.339
@@ -1,16 +1,15 @@ @@ -1,16 +1,15 @@
1# $NetBSD: Makefile,v 1.338 2022/11/23 16:20:33 adam Exp $ 1# $NetBSD: Makefile,v 1.339 2023/01/28 09:28:30 taca Exp $
2 2
3PKGREVISION= 1 
4.include "../../mail/postfix/Makefile.common" 3.include "../../mail/postfix/Makefile.common"
5 4
6COMMENT= Fast, easy to administer, and secure mail transfer agent 5COMMENT= Fast, easy to administer, and secure mail transfer agent
7 6
8CONFLICTS+= courier-mta-[0-9]* fastforward>=0.51nb2 sendmail-[0-9]* 7CONFLICTS+= courier-mta-[0-9]* fastforward>=0.51nb2 sendmail-[0-9]*
9CONFLICTS+= esmtp>=1.2 nullmailer-[0-9]* 8CONFLICTS+= esmtp>=1.2 nullmailer-[0-9]*
10 9
11USE_TOOLS+= perl pkg-config m4 10USE_TOOLS+= perl pkg-config m4
12 11
13SPECIAL_PERMS+= sbin/postdrop ${POSTFIX_USER} ${MAILDROP_GROUP} 2555 12SPECIAL_PERMS+= sbin/postdrop ${POSTFIX_USER} ${MAILDROP_GROUP} 2555
14SPECIAL_PERMS+= sbin/postqueue ${POSTFIX_USER} ${MAILDROP_GROUP} 2555 13SPECIAL_PERMS+= sbin/postqueue ${POSTFIX_USER} ${MAILDROP_GROUP} 2555
15 14
16REPLACE_PERL+= auxiliary/qshape/qshape.pl 15REPLACE_PERL+= auxiliary/qshape/qshape.pl
cvs diff -r1.42 -r1.43 pkgsrc/mail/postfix/Makefile.common (expand / switch to unified diff)

--- pkgsrc/mail/postfix/Makefile.common 2022/10/15 20:34:57 1.42
+++ pkgsrc/mail/postfix/Makefile.common 2023/01/28 09:28:30 1.43
@@ -1,18 +1,18 @@ @@ -1,18 +1,18 @@
1# $NetBSD: Makefile.common,v 1.42 2022/10/15 20:34:57 triaxx Exp $ 1# $NetBSD: Makefile.common,v 1.43 2023/01/28 09:28:30 taca Exp $
2# used by mail/postfix/Makefile 2# used by mail/postfix/Makefile
3# used by mail/postfix/Makefile.module 3# used by mail/postfix/Makefile.module
4 4
5DISTNAME= postfix-3.7.3 5DISTNAME= postfix-3.7.4
6CATEGORIES= mail 6CATEGORIES= mail
7MASTER_SITES= ftp://ftp.porcupine.org/mirrors/postfix-release/official/ 7MASTER_SITES= ftp://ftp.porcupine.org/mirrors/postfix-release/official/
8 8
9MAINTAINER= pkgsrc-users@NetBSD.org 9MAINTAINER= pkgsrc-users@NetBSD.org
10HOMEPAGE= http://www.postfix.org/ 10HOMEPAGE= http://www.postfix.org/
11# The postfix license has only very minor diffs from cpl-1.0. 11# The postfix license has only very minor diffs from cpl-1.0.
12LICENSE= cpl-1.0 12LICENSE= cpl-1.0
13#LICENSE= postfix-license 13#LICENSE= postfix-license
14 14
15DISTINFO_FILE= ${PKGDIR}/../../mail/postfix/distinfo 15DISTINFO_FILE= ${PKGDIR}/../../mail/postfix/distinfo
16PATCHDIR= ${PKGDIR}/../../mail/postfix/patches 16PATCHDIR= ${PKGDIR}/../../mail/postfix/patches
17 17
18CHECK_HEADERS_SKIP+= src/global/mail_params.h 18CHECK_HEADERS_SKIP+= src/global/mail_params.h
cvs diff -r1.203 -r1.204 pkgsrc/mail/postfix/distinfo (expand / switch to unified diff)

--- pkgsrc/mail/postfix/distinfo 2022/10/15 20:34:57 1.203
+++ pkgsrc/mail/postfix/distinfo 2023/01/28 09:28:30 1.204
@@ -1,12 +1,12 @@ @@ -1,12 +1,12 @@
1$NetBSD: distinfo,v 1.203 2022/10/15 20:34:57 triaxx Exp $ 1$NetBSD: distinfo,v 1.204 2023/01/28 09:28:30 taca Exp $
2 2
3BLAKE2s (postfix-3.7.3.tar.gz) = fc7c1d8c281a88f221ffb51e04fd562508c92fa29e39d6167978ec23f4d96721 3BLAKE2s (postfix-3.7.4.tar.gz) = e89a5cf0be8daf875aa244a30cb8ef54d3bb20873ca212f10767800306e8a4e2
4SHA512 (postfix-3.7.3.tar.gz) = 4ceedd1b7b364f47a3becc041cf29a48aea54e38306fd1227c5a7c25894831fb5c37150d99d781d237175e58da21ac53887c97d99bb6b715c4988777596ee890 4SHA512 (postfix-3.7.4.tar.gz) = 972738291b960c90fe83861d55b1288900416167adb353418956e69bcc709a6daf84fbfde11d573eebba030654d27abc8d55f90661a2b880ccfb3a334064c236
5Size (postfix-3.7.3.tar.gz) = 4825380 bytes 5Size (postfix-3.7.4.tar.gz) = 4833834 bytes
6SHA1 (patch-aa) = c8216f133e202a7bb37682b0dbc1448f021e7c1c 6SHA1 (patch-aa) = c8216f133e202a7bb37682b0dbc1448f021e7c1c
7SHA1 (patch-ag) = 8ab3cfafa63056f9a7f096da7e55bcccab965180 7SHA1 (patch-ag) = 8ab3cfafa63056f9a7f096da7e55bcccab965180
8SHA1 (patch-ai) = c042f6cf94cbb7301e9e04707dd6eda59ccbbcef 8SHA1 (patch-ai) = 3d143532e1e9a149c6c06e2efadcd34f6f72e82d
9SHA1 (patch-src_smtpd_Makefile.in) = 8133f9cceb0c1c0250d6543cb060c66288571722 9SHA1 (patch-src_smtpd_Makefile.in) = 8133f9cceb0c1c0250d6543cb060c66288571722
10SHA1 (patch-src_smtpd_pfilter.c) = c747d2f3584f694eb7b73b19118b4d8b450cfe7f 10SHA1 (patch-src_smtpd_pfilter.c) = c747d2f3584f694eb7b73b19118b4d8b450cfe7f
11SHA1 (patch-src_smtpd_pfilter.h) = 153b516da89d709d293c6086c2f126791bd945d6 11SHA1 (patch-src_smtpd_pfilter.h) = 153b516da89d709d293c6086c2f126791bd945d6
12SHA1 (patch-src_smtpd_smtpd.c) = 03c768fc007156412d11cba6e4d450f73b775d5f 12SHA1 (patch-src_smtpd_smtpd.c) = 03c768fc007156412d11cba6e4d450f73b775d5f
cvs diff -r1.32 -r1.33 pkgsrc/mail/postfix-sqlite/Makefile (expand / switch to unified diff)

--- pkgsrc/mail/postfix-sqlite/Makefile 2022/11/23 16:20:34 1.32
+++ pkgsrc/mail/postfix-sqlite/Makefile 2023/01/28 09:28:30 1.33
@@ -1,18 +1,17 @@ @@ -1,18 +1,17 @@
1# $NetBSD: Makefile,v 1.32 2022/11/23 16:20:34 adam Exp $ 1# $NetBSD: Makefile,v 1.33 2023/01/28 09:28:30 taca Exp $
2# 2#
3 3
4COMMENT= Postfix SMTP server SQLite backend module 4COMMENT= Postfix SMTP server SQLite backend module
5PKGREVISION= 1 
6 5
7POSTFIX_LIB= sqlite 6POSTFIX_LIB= sqlite
8POSTFIX_LIBDIR= src/global 7POSTFIX_LIBDIR= src/global
9POSTFIX_LIB_DICT= yes 8POSTFIX_LIB_DICT= yes
10POSTFIX_LIB_MKMAP= no 9POSTFIX_LIB_MKMAP= no
11 10
12.include "../../mail/postfix/Makefile.module" 11.include "../../mail/postfix/Makefile.module"
13 12
14CCARGS+= -I${BUILDLINK_PREFIX.sqlite3}/include 13CCARGS+= -I${BUILDLINK_PREFIX.sqlite3}/include
15AUXLIBS_MODULE= -L${BUILDLINK_PREFIX.sqlite3}/lib -lsqlite3 \ 14AUXLIBS_MODULE= -L${BUILDLINK_PREFIX.sqlite3}/lib -lsqlite3 \
16 ${COMPILER_RPATH_FLAG}${BUILDLINK_PREFIX.sqlite3}/lib 15 ${COMPILER_RPATH_FLAG}${BUILDLINK_PREFIX.sqlite3}/lib
17 16
18.include "../../databases/sqlite3/buildlink3.mk" 17.include "../../databases/sqlite3/buildlink3.mk"
cvs diff -r1.45 -r1.46 pkgsrc/mail/postfix/patches/patch-ai (expand / switch to unified diff)

--- pkgsrc/mail/postfix/patches/patch-ai 2022/07/21 15:08:39 1.45
+++ pkgsrc/mail/postfix/patches/patch-ai 2023/01/28 09:28:30 1.46
@@ -1,25 +1,25 @@ @@ -1,25 +1,25 @@
1$NetBSD: patch-ai,v 1.45 2022/07/21 15:08:39 taca Exp $ 1$NetBSD: patch-ai,v 1.46 2023/01/28 09:28:30 taca Exp $
2 2
31) Add shlib definitions for NetBSD 5; the build system must be 31) Add shlib definitions for NetBSD 5; the build system must be
4hard-coded per OS per version. Not yet reported upstream. 4hard-coded per OS per version. Not yet reported upstream.
5 5
62) Make this pkgsrc friendly. 62) Make this pkgsrc friendly.
7 7
83) Add support for FreeBSD 13. 83) Add support for FreeBSD 13.
9 9
104) Add blocklist(3) support. 104) Add blocklist(3) support.
11 11
12--- makedefs.orig 2022-01-23 20:53:41.000000000 +0000 12--- makedefs.orig 2023-01-15 23:29:39.000000000 +0000
13+++ makedefs 13+++ makedefs
14@@ -339,6 +339,15 @@ case "$SYSTEM.$RELEASE" in 14@@ -339,6 +339,15 @@ case "$SYSTEM.$RELEASE" in
15 : ${SHLIB_ENV="LD_LIBRARY_PATH=`pwd`/lib"} 15 : ${SHLIB_ENV="LD_LIBRARY_PATH=`pwd`/lib"}
16 : ${PLUGIN_LD="${CC} -shared"} 16 : ${PLUGIN_LD="${CC} -shared"}
17 ;; 17 ;;
18+ FreeBSD.13*) SYSTYPE=FREEBSD13 18+ FreeBSD.13*) SYSTYPE=FREEBSD13
19+ : ${CC=cc} 19+ : ${CC=cc}
20+ : ${SHLIB_SUFFIX=.so} 20+ : ${SHLIB_SUFFIX=.so}
21+ : ${SHLIB_CFLAGS=-fPIC} 21+ : ${SHLIB_CFLAGS=-fPIC}
22+ : ${SHLIB_LD="${CC} -shared"' -Wl,-soname,${LIB}'} 22+ : ${SHLIB_LD="${CC} -shared"' -Wl,-soname,${LIB}'}
23+ : ${SHLIB_RPATH='-Wl,-rpath,${SHLIB_DIR}'} 23+ : ${SHLIB_RPATH='-Wl,-rpath,${SHLIB_DIR}'}
24+ : ${SHLIB_ENV="LD_LIBRARY_PATH=`pwd`/lib"} 24+ : ${SHLIB_ENV="LD_LIBRARY_PATH=`pwd`/lib"}
25+ : ${PLUGIN_LD="${CC} -shared"} 25+ : ${PLUGIN_LD="${CC} -shared"}
@@ -116,94 +116,94 @@ hard-coded per OS per version. Not yet  @@ -116,94 +116,94 @@ hard-coded per OS per version. Not yet
116- # No, we're not going to try db1 db2 db3 etc. 116- # No, we're not going to try db1 db2 db3 etc.
117- # On a properly installed system, Postfix builds 117- # On a properly installed system, Postfix builds
118- # by including <db.h> and by linking with -ldb 118- # by including <db.h> and by linking with -ldb
119- echo "No <db.h> include file found." 1>&2 119- echo "No <db.h> include file found." 1>&2
120- echo "Install the appropriate db*-devel package first." 1>&2 120- echo "Install the appropriate db*-devel package first." 1>&2
121- exit 1 121- exit 1
122- fi 122- fi
123- SYSLIBS="-ldb" 123- SYSLIBS="-ldb"
124- ;; 124- ;;
125- esac 125- esac
126 for name in nsl resolv $GDBM_LIBS 126 for name in nsl resolv $GDBM_LIBS
127 do 127 do
128 for lib in /usr/lib64 /lib64 /usr/lib /lib 128 for lib in /usr/lib64 /lib64 /usr/lib /lib
129@@ -667,24 +602,6 @@ EOF 129@@ -667,24 +602,6 @@ Linux.[3456].*) SYSTYPE=LINUX$RELEASE_MA
130 ;; 130 ;;
131 GNU.0*|GNU/kFreeBSD.[567]*) 131 GNU.0*|GNU/kFreeBSD.[567]*)
132 SYSTYPE=GNU0 132 SYSTYPE=GNU0
133- case "$CCARGS" in 133- case "$CCARGS" in
134- *-DNO_DB*) ;; 134- *-DNO_DB*) ;;
135- *) if [ -f /usr/include/db.h ] 135- *) if [ -f /usr/include/db.h ]
136- then 136- then
137- : we are all set 137- : we are all set
138- elif [ -f /usr/include/db/db.h ] 138- elif [ -f /usr/include/db/db.h ]
139- then 139- then
140- CCARGS="$CCARGS -I/usr/include/db" 140- CCARGS="$CCARGS -I/usr/include/db"
141- else 141- else
142- # On a properly installed system, Postfix builds 142- # On a properly installed system, Postfix builds
143- # by including <db.h> and by linking with -ldb 143- # by including <db.h> and by linking with -ldb
144- echo "No <db.h> include file found." 1>&2 144- echo "No <db.h> include file found." 1>&2
145- echo "Install the appropriate db*-devel package first." 1>&2 145- echo "Install the appropriate db*-devel package first." 1>&2
146- exit 1 146- exit 1
147- fi 147- fi
148- SYSLIBS="-ldb" 148- SYSLIBS="-ldb"
149- ;; 149- ;;
150- esac 150- esac
151 for name in nsl resolv 151 for name in nsl resolv
152 do 152 do
153 for lib in /usr/lib64 /lib64 /usr/lib /lib 153 for lib in /usr/lib64 /lib64 /usr/lib /lib
154@@ -715,26 +632,14 @@ EOF 154@@ -715,26 +632,14 @@ Linux.[3456].*) SYSTYPE=LINUX$RELEASE_MA
155 HP-UX.A.09.*) SYSTYPE=HPUX9 155 HP-UX.A.09.*) SYSTYPE=HPUX9
156 SYSLIBS=-ldbm 156 SYSLIBS=-ldbm
157 CCARGS="$CCARGS -DMISSING_USLEEP -DNO_SNPRINTF" 157 CCARGS="$CCARGS -DMISSING_USLEEP -DNO_SNPRINTF"
158- if [ -f /usr/lib/libdb.a ]; then 158- if [ -f /usr/lib/libdb.a ]; then
159- CCARGS="$CCARGS -DHAS_DB" 159- CCARGS="$CCARGS -DHAS_DB"
160- SYSLIBS="$SYSLIBS -ldb" 160- SYSLIBS="$SYSLIBS -ldb"
161- fi 161- fi
162 ;; 162 ;;
163 HP-UX.B.10.*) SYSTYPE=HPUX10 163 HP-UX.B.10.*) SYSTYPE=HPUX10
164 CCARGS="$CCARGS `nm /usr/lib/libc.a 2>/dev/null | 164 CCARGS="$CCARGS `nm /usr/lib/libc.a 2>/dev/null |
165 (grep usleep >/dev/null || echo '-DMISSING_USLEEP')`" 165 (grep usleep >/dev/null || echo '-DMISSING_USLEEP')`"
166 CCARGS="$CCARGS -DNO_SNPRINTF" 166 CCARGS="$CCARGS -DNO_SNPRINTF"
167- if [ -f /usr/lib/libdb.a ]; then 167- if [ -f /usr/lib/libdb.a ]; then
168- CCARGS="$CCARGS -DHAS_DB" 168- CCARGS="$CCARGS -DHAS_DB"
169- SYSLIBS=-ldb 169- SYSLIBS=-ldb
170- fi 170- fi
171 ;; 171 ;;
172 HP-UX.B.11.*) SYSTYPE=HPUX11 172 HP-UX.B.11.*) SYSTYPE=HPUX11
173 SYSLIBS=-lnsl 173 SYSLIBS=-lnsl
174- if [ -f /usr/lib/libdb.a ]; then 174- if [ -f /usr/lib/libdb.a ]; then
175- CCARGS="$CCARGS -DHAS_DB" 175- CCARGS="$CCARGS -DHAS_DB"
176- SYSLIBS="$SYSLIBS -ldb" 176- SYSLIBS="$SYSLIBS -ldb"
177- fi 177- fi
178 ;; 178 ;;
179 ReliantUNIX-?.5.43) SYSTYPE=ReliantUnix543 179 ReliantUNIX-?.5.43) SYSTYPE=ReliantUnix543
180 RANLIB=echo 180 RANLIB=echo
181@@ -776,12 +681,12 @@ ReliantUNIX-?.5.43) SYSTYPE=ReliantUnix5 181@@ -782,12 +687,12 @@ ReliantUNIX-?.5.43) SYSTYPE=ReliantUnix5
182 esac 182 esac
183 : ${SHLIB_CFLAGS=-fPIC} 183 : ${SHLIB_CFLAGS=-fPIC}
184 : ${SHLIB_SUFFIX=.dylib} 184 : ${SHLIB_SUFFIX=.dylib}
185- : ${SHLIB_LD='cc -shared -Wl,-flat_namespace -Wl,-undefined,dynamic_lookup -Wl,-install_name,@rpath/${LIB}'} 185- : ${SHLIB_LD="cc -shared -Wl,-flat_namespace ${NOFIXUP}-Wl,-undefined,dynamic_lookup "'-Wl,-install_name,@rpath/${LIB}'}
186+ : ${SHLIB_LD='${CC} -shared -Wl,-flat_namespace -Wl,-undefined,dynamic_lookup -Wl,-install_name,@rpath/${LIB}'} 186+ : ${SHLIB_LD='${CC} '"-shared -Wl,-flat_namespace ${NOFIXUP}-Wl,-undefined,dynamic_lookup "'-Wl,-install_name,@rpath/${LIB}'}
187 : ${SHLIB_RPATH='-Wl,-rpath,${SHLIB_DIR}'} 187 : ${SHLIB_RPATH='-Wl,-rpath,${SHLIB_DIR}'}
188 # In MacOS/X 10.11.x /bin/sh unsets DYLD_LIBRARY_PATH, so we 188 # In MacOS/X 10.11.x /bin/sh unsets DYLD_LIBRARY_PATH, so we
189 # have export it into postfix-install indirectly! 189 # have export it into postfix-install indirectly!
190 : ${SHLIB_ENV="DYLD_LIBRARY_PATH=`pwd`/lib SHLIB_ENV_VAR=DYLD_LIBRARY_PATH SHLIB_ENV_VAL=`pwd`/lib"} 190 : ${SHLIB_ENV="DYLD_LIBRARY_PATH=`pwd`/lib SHLIB_ENV_VAR=DYLD_LIBRARY_PATH SHLIB_ENV_VAL=`pwd`/lib"}
191- : ${PLUGIN_LD='cc -shared -Wl,-flat_namespace -Wl,-undefined,dynamic_lookup'} 191- : ${PLUGIN_LD="cc -shared -Wl,-flat_namespace ${NOFIXUP}-Wl,-undefined,dynamic_lookup"}
192+ : ${PLUGIN_LD='${CC} -shared -Wl,-flat_namespace -Wl,-undefined,dynamic_lookup'} 192+ : ${PLUGIN_LD='${CC} '"-shared -Wl,-flat_namespace ${NOFIXUP}-Wl,-undefined,dynamic_lookup"}
193 ;; 193 ;;
194 dcosx.1*) SYSTYPE=DCOSX1 194 dcosx.1*) SYSTYPE=DCOSX1
195 RANLIB=echo 195 RANLIB=echo
196@@ -805,6 +710,21 @@ ReliantUNIX-?.5.43) SYSTYPE=ReliantUnix5 196@@ -811,6 +716,21 @@ ReliantUNIX-?.5.43) SYSTYPE=ReliantUnix5
197 esac 197 esac
198  198
199 # 199 #
200+# Support for blocklist(3) or blacklist(3). 200+# Support for blocklist(3) or blacklist(3).
201+# 201+#
202+case "$CCARGS" in 202+case "$CCARGS" in
203+ *-DUSE_BLOCKLIST*) 203+ *-DUSE_BLOCKLIST*)
204+ if test -f /usr/include/blocklist.h; then 204+ if test -f /usr/include/blocklist.h; then
205+ CCARGS="$CCARGS -DHAVE_BLOCKLIST" 205+ CCARGS="$CCARGS -DHAVE_BLOCKLIST"
206+ SYSLIBS="$SYSLIBS -lblocklist" 206+ SYSLIBS="$SYSLIBS -lblocklist"
207+ elif test -f /usr/include/blacklist.h; then 207+ elif test -f /usr/include/blacklist.h; then
208+ CCARGS="$CCARGS -DHAVE_BLACKLIST" 208+ CCARGS="$CCARGS -DHAVE_BLACKLIST"
209+ SYSLIBS="$SYSLIBS -lblacklist" 209+ SYSLIBS="$SYSLIBS -lblacklist"