reinit the tree, so we can have metadata

7 files changed, 246 insertions, 0 deletions

diff --git a/mail-mta/postfix/files/postfix-2.11.1-db6.patch b/mail-mta/postfix/files/postfix-2.11.1-db6.patch
new file mode 100644
index 000000000000..5f5cad406b0c
--- /dev/null
+++ b/mail-mta/postfix/files/postfix-2.11.1-db6.patch
@@ -0,0 +1,12 @@
+--- src/util/dict_db.c	2012-01-25 00:41:08.000000000 +0000
++++ src/util/dict_db.c	2014-06-25 18:56:10.000000000 +0000
+@@ -693,7 +688,8 @@
+ 	msg_fatal("set DB cache size %d: %m", dict_db_cache_size);
+     if (type == DB_HASH && db->set_h_nelem(db, DICT_DB_NELM) != 0)
+ 	msg_fatal("set DB hash element count %d: %m", DICT_DB_NELM);
+-#if DB_VERSION_MAJOR == 5 || (DB_VERSION_MAJOR == 4 && DB_VERSION_MINOR > 0)
++#if DB_VERSION_MAJOR == 6 || DB_VERSION_MAJOR == 5 || \
++	(DB_VERSION_MAJOR == 4 && DB_VERSION_MINOR > 0)
+     if ((errno = db->open(db, 0, db_path, 0, type, db_flags, 0644)) != 0)
+ 	FREE_RETURN(dict_surrogate(class, path, open_flags, dict_flags,
+ 				   "open database %s: %m", db_path));
diff --git a/mail-mta/postfix/files/postfix-libressl-runtime.patch b/mail-mta/postfix/files/postfix-libressl-runtime.patch
new file mode 100644
index 000000000000..814088610a8d
--- /dev/null
+++ b/mail-mta/postfix/files/postfix-libressl-runtime.patch
@@ -0,0 +1,102 @@
+--- src/posttls-finger/posttls-finger.c.orig	2016-08-27 20:27:50 UTC
++++ src/posttls-finger/posttls-finger.c
+@@ -1511,7 +1511,8 @@ static int finger(STATE *state)
+     return (0);
+ }
+ 
+-#if defined(USE_TLS) && OPENSSL_VERSION_NUMBER < 0x10100000L
++#if defined(USE_TLS) && \
++    ( OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) )
+ 
+ /* ssl_cleanup - free memory allocated in the OpenSSL library */
+ 
+@@ -1958,7 +1959,8 @@ int     main(int argc, char *argv[])
+     cleanup(&state);
+ 
+     /* OpenSSL 1.1.0 and later (de)initialization is implicit */
+-#if defined(USE_TLS) && OPENSSL_VERSION_NUMBER < 0x10100000L
++#if defined(USE_TLS) && \
++    ( OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) )
+     ssl_cleanup();
+ #endif
+ 
+--- src/tls/tls_client.c.orig	2016-08-27 20:27:50 UTC
++++ src/tls/tls_client.c
+@@ -299,7 +299,7 @@ TLS_APPL_STATE *tls_client_init(const TL
+      */
+     tls_check_version();
+ 
+-#if OPENSSL_VERSION_NUMBER < 0x10100000L
++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
+ 
+     /*
+      * Initialize the OpenSSL library by the book! To start with, we must
+@@ -441,7 +441,7 @@ TLS_APPL_STATE *tls_client_init(const TL
+     /*
+      * 2015-12-05: Ephemeral RSA removed from OpenSSL 1.1.0-dev
+      */
+-#if OPENSSL_VERSION_NUMBER < 0x10100000L
++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
+ 
+     /*
+      * According to the OpenSSL documentation, temporary RSA key is needed
+--- src/tls/tls_dane.c.orig	2016-08-27 20:27:50 UTC
++++ src/tls/tls_dane.c
+@@ -2163,7 +2163,7 @@ static SSL_CTX *ctx_init(const char *CAf
+     tls_param_init();
+     tls_check_version();
+ 
+-#if OPENSSL_VERSION_NUMBER < 0x10100000L
++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
+     SSL_load_error_strings();
+     SSL_library_init();
+ #endif
+--- src/tls/tls_rsa.c.orig	2016-01-03 14:49:51 UTC
++++ src/tls/tls_rsa.c
+@@ -57,7 +57,7 @@
+  /*
+   * 2015-12-05: Ephemeral RSA removed from OpenSSL 1.1.0-dev
+   */
+-#if OPENSSL_VERSION_NUMBER < 0x10100000L
++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
+ 
+ /* tls_tmp_rsa_cb - call-back to generate ephemeral RSA key */
+ 
+@@ -109,7 +109,7 @@ int     main(int unused_argc, char *cons
+     /*
+      * 2015-12-05: Ephemeral RSA removed from OpenSSL 1.1.0-dev
+      */
+-#if OPENSSL_VERSION_NUMBER < 0x10100000L
++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
+     RSA    *rsa;
+ 
+     msg_vstream_init(argv[0], VSTREAM_ERR);
+--- src/tls/tls_server.c.orig	2016-08-27 20:27:50 UTC
++++ src/tls/tls_server.c
+@@ -174,7 +174,7 @@ static const char server_session_id_cont
+ #endif					/* OPENSSL_VERSION_NUMBER */
+ 
+  /* OpenSSL 1.1.0 bitrot */
+-#if OPENSSL_VERSION_NUMBER >= 0x10100000L
++#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
+ typedef const unsigned char *session_id_t;
+ 
+ #else
+@@ -377,7 +377,7 @@ TLS_APPL_STATE *tls_server_init(const TL
+      */
+     tls_check_version();
+ 
+-#if OPENSSL_VERSION_NUMBER < 0x10100000L
++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
+ 
+     /*
+      * Initialize the OpenSSL library by the book! To start with, we must
+@@ -588,7 +588,7 @@ TLS_APPL_STATE *tls_server_init(const TL
+     /*
+      * 2015-12-05: Ephemeral RSA removed from OpenSSL 1.1.0-dev
+      */
+-#if OPENSSL_VERSION_NUMBER < 0x10100000L
++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
+ 
+     /*
+      * According to OpenSSL documentation, a temporary RSA key is needed when
diff --git a/mail-mta/postfix/files/postfix-libressl.patch b/mail-mta/postfix/files/postfix-libressl.patch
new file mode 100644
index 000000000000..ce047b760399
--- /dev/null
+++ b/mail-mta/postfix/files/postfix-libressl.patch
@@ -0,0 +1,17 @@
+OpenBSD patch at:
+http://cvsweb.openbsd.org/cgi-bin/cvsweb/ports/mail/postfix/snapshot/patches/patch-src_tls_tls_h
+$OpenBSD: patch-src_tls_tls_h,v 1.2 2016/02/25 09:39:49 sthen Exp $
+
+Fix building with LibreSSL
+
+--- src/tls/tls.h.orig	Sat Feb  6 15:09:41 2016
++++ src/tls/tls.h	Sun Feb 14 19:54:38 2016
+@@ -89,7 +89,7 @@ extern const char *str_tls_level(int);
+ #endif
+ 
+  /* Backwards compatibility with OpenSSL < 1.1.0 */
+-#if OPENSSL_VERSION_NUMBER < 0x10100000L
++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
+ #define OpenSSL_version_num SSLeay
+ #define OpenSSL_version SSLeay_version
+ #define OPENSSL_VERSION SSLEAY_VERSION
diff --git a/mail-mta/postfix/files/postfix.rc6.2.7 b/mail-mta/postfix/files/postfix.rc6.2.7
new file mode 100644
index 000000000000..9a1c1e21de9b
--- /dev/null
+++ b/mail-mta/postfix/files/postfix.rc6.2.7
@@ -0,0 +1,85 @@
+#!/sbin/openrc-run
+# Copyright 1999-2012 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+
+extra_started_commands="reload abort flush"
+
+description_reload="Re-read configuration files. Running processes terminate at their earliest convenience."
+description_abort="Stop the Postfix mail system abruptly. Running processes are signaled to stop immediately."
+description_flush="Force delivery: attempt to deliver every message in the deferred mail queue."
+
+# Please read http://www.postfix.org/MULTI_INSTANCE_README.html for multi instance support
+CONF_DIR="/etc/postfix"
+CONF_OPT="${SVCNAME##*.}"
+if [ -n ${CONF_OPT} -a ${SVCNAME} != "postfix" ]; then
+	CONF_DIR="${CONF_DIR}.${CONF_OPT}"
+fi
+if [ "${CONF_DIR}" = "/etc/postfix" ]; then
+	CONF_PARAM=""
+	CONF_MESSAGE=""
+else
+	CONF_PARAM="-c ${CONF_DIR}"
+	CONF_MESSAGE="(${CONF_DIR})"
+fi
+
+depend() {
+	use logger dns ypbind amavisd antivirus postfix_greylist net saslauthd
+	if [ "${SVCNAME}" = "postfix" ]; then
+		provide mta
+	fi
+}
+
+start() {
+	if [ ! -z "${CONF_PARAM}" ]; then
+		einfo "Please consider updating your config for postmulti support."
+	fi
+	ebegin "Starting postfix ${CONF_MESSAGE}"
+	if [ ! -d ${CONF_DIR} ]; then
+		eend 1 "${CONF_DIR} does not exist"
+		return 1
+	fi
+	/usr/sbin/postfix ${CONF_PARAM} start >/dev/null 2>&1
+	eend $?
+}
+
+stop() {
+	ebegin "Stopping postfix ${CONF_MESSAGE}"
+	/usr/sbin/postfix ${CONF_PARAM} stop >/dev/null 2>&1
+	eend
+}
+
+status() {
+	local _retval
+	einfon ""
+	/usr/sbin/postfix ${CONF_PARAM} status
+	_retval=$?
+	if [ x${_retval} = 'x0' ]; then
+		mark_service_started "${SVCNAME}"
+		eend 0
+	else
+		mark_service_stopped "${SVCNAME}"
+		eend 3
+	fi
+}
+
+reload() {
+	ebegin "Reloading postfix ${CONF_MESSAGE}"
+	/usr/sbin/postfix ${CONF_PARAM} reload >/dev/null 2>&1
+	eend $?
+}
+
+abort() {
+	ebegin "Aborting postfix ${CONF_MESSAGE}"
+
+	if service_started "${SVCNAME}"; then
+		mark_service_stopped "${SVCNAME}"
+	fi
+	/usr/sbin/postfix ${CONF_PARAM} abort >/dev/null 2>&1
+	eend $?
+}
+
+flush() {
+	ebegin "Flushing postfix ${CONF_MESSAGE}"
+	/usr/sbin/postfix ${CONF_PARAM} flush >/dev/null 2>&1
+	eend $?
+}
diff --git a/mail-mta/postfix/files/postfix.service b/mail-mta/postfix/files/postfix.service
new file mode 100644
index 000000000000..db585b3e29db
--- /dev/null
+++ b/mail-mta/postfix/files/postfix.service
@@ -0,0 +1,26 @@
+[Unit]
+Description=Postfix Mail Transport Agent
+After=network.target
+
+[Service]
+Type=forking
+ExecStartPre=-/usr/bin/newaliases
+ExecStart=/usr/sbin/postfix start
+ExecStop=/usr/sbin/postfix stop
+ExecReload=/usr/sbin/postfix reload
+# Hardening
+PrivateTmp=yes
+PrivateDevices=yes
+ProtectSystem=full
+ReadWritePaths=-/etc/mail/aliases.db
+CapabilityBoundingSet=~ CAP_NET_ADMIN CAP_SYS_ADMIN CAP_SYS_BOOT CAP_SYS_MODULE
+MemoryDenyWriteExecute=true
+ProtectKernelModules=true
+ProtectKernelTunables=true
+ProtectControlGroups=true
+RestrictAddressFamilies=AF_INET AF_INET6 AF_NETLINK AF_UNIX
+RestrictNamespaces=true
+RestrictRealtime=true
+
+[Install]
+WantedBy=multi-user.target
diff --git a/mail-mta/postfix/files/smtp.pass b/mail-mta/postfix/files/smtp.pass
new file mode 100644
index 000000000000..f9b5120d64e8
--- /dev/null
+++ b/mail-mta/postfix/files/smtp.pass
@@ -0,0 +1,2 @@
+#
+# remotehost user:password
diff --git a/mail-mta/postfix/files/smtp.sasl b/mail-mta/postfix/files/smtp.sasl
new file mode 100644
index 000000000000..82f29457bc01
--- /dev/null
+++ b/mail-mta/postfix/files/smtp.sasl
@@ -0,0 +1,2 @@
+pwcheck_method:saslauthd
+mech_list: PLAIN