diff options
author | V3n3RiX <venerix@redcorelinux.org> | 2017-10-09 18:53:29 +0100 |
---|---|---|
committer | V3n3RiX <venerix@redcorelinux.org> | 2017-10-09 18:53:29 +0100 |
commit | 4f2d7949f03e1c198bc888f2d05f421d35c57e21 (patch) | |
tree | ba5f07bf3f9d22d82e54a462313f5d244036c768 /mail-mta/postfix/files |
reinit the tree, so we can have metadata
Diffstat (limited to 'mail-mta/postfix/files')
-rw-r--r-- | mail-mta/postfix/files/postfix-2.11.1-db6.patch | 12 | ||||
-rw-r--r-- | mail-mta/postfix/files/postfix-libressl-runtime.patch | 102 | ||||
-rw-r--r-- | mail-mta/postfix/files/postfix-libressl.patch | 17 | ||||
-rw-r--r-- | mail-mta/postfix/files/postfix.rc6.2.7 | 85 | ||||
-rw-r--r-- | mail-mta/postfix/files/postfix.service | 26 | ||||
-rw-r--r-- | mail-mta/postfix/files/smtp.pass | 2 | ||||
-rw-r--r-- | mail-mta/postfix/files/smtp.sasl | 2 |
7 files changed, 246 insertions, 0 deletions
diff --git a/mail-mta/postfix/files/postfix-2.11.1-db6.patch b/mail-mta/postfix/files/postfix-2.11.1-db6.patch new file mode 100644 index 000000000000..5f5cad406b0c --- /dev/null +++ b/mail-mta/postfix/files/postfix-2.11.1-db6.patch @@ -0,0 +1,12 @@ +--- src/util/dict_db.c 2012-01-25 00:41:08.000000000 +0000 ++++ src/util/dict_db.c 2014-06-25 18:56:10.000000000 +0000 +@@ -693,7 +688,8 @@ + msg_fatal("set DB cache size %d: %m", dict_db_cache_size); + if (type == DB_HASH && db->set_h_nelem(db, DICT_DB_NELM) != 0) + msg_fatal("set DB hash element count %d: %m", DICT_DB_NELM); +-#if DB_VERSION_MAJOR == 5 || (DB_VERSION_MAJOR == 4 && DB_VERSION_MINOR > 0) ++#if DB_VERSION_MAJOR == 6 || DB_VERSION_MAJOR == 5 || \ ++ (DB_VERSION_MAJOR == 4 && DB_VERSION_MINOR > 0) + if ((errno = db->open(db, 0, db_path, 0, type, db_flags, 0644)) != 0) + FREE_RETURN(dict_surrogate(class, path, open_flags, dict_flags, + "open database %s: %m", db_path)); diff --git a/mail-mta/postfix/files/postfix-libressl-runtime.patch b/mail-mta/postfix/files/postfix-libressl-runtime.patch new file mode 100644 index 000000000000..814088610a8d --- /dev/null +++ b/mail-mta/postfix/files/postfix-libressl-runtime.patch @@ -0,0 +1,102 @@ +--- src/posttls-finger/posttls-finger.c.orig 2016-08-27 20:27:50 UTC ++++ src/posttls-finger/posttls-finger.c +@@ -1511,7 +1511,8 @@ static int finger(STATE *state) + return (0); + } + +-#if defined(USE_TLS) && OPENSSL_VERSION_NUMBER < 0x10100000L ++#if defined(USE_TLS) && \ ++ ( OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) ) + + /* ssl_cleanup - free memory allocated in the OpenSSL library */ + +@@ -1958,7 +1959,8 @@ int main(int argc, char *argv[]) + cleanup(&state); + + /* OpenSSL 1.1.0 and later (de)initialization is implicit */ +-#if defined(USE_TLS) && OPENSSL_VERSION_NUMBER < 0x10100000L ++#if defined(USE_TLS) && \ ++ ( OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) ) + ssl_cleanup(); + #endif + +--- src/tls/tls_client.c.orig 2016-08-27 20:27:50 UTC ++++ src/tls/tls_client.c +@@ -299,7 +299,7 @@ TLS_APPL_STATE *tls_client_init(const TL + */ + tls_check_version(); + +-#if OPENSSL_VERSION_NUMBER < 0x10100000L ++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) + + /* + * Initialize the OpenSSL library by the book! To start with, we must +@@ -441,7 +441,7 @@ TLS_APPL_STATE *tls_client_init(const TL + /* + * 2015-12-05: Ephemeral RSA removed from OpenSSL 1.1.0-dev + */ +-#if OPENSSL_VERSION_NUMBER < 0x10100000L ++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) + + /* + * According to the OpenSSL documentation, temporary RSA key is needed +--- src/tls/tls_dane.c.orig 2016-08-27 20:27:50 UTC ++++ src/tls/tls_dane.c +@@ -2163,7 +2163,7 @@ static SSL_CTX *ctx_init(const char *CAf + tls_param_init(); + tls_check_version(); + +-#if OPENSSL_VERSION_NUMBER < 0x10100000L ++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) + SSL_load_error_strings(); + SSL_library_init(); + #endif +--- src/tls/tls_rsa.c.orig 2016-01-03 14:49:51 UTC ++++ src/tls/tls_rsa.c +@@ -57,7 +57,7 @@ + /* + * 2015-12-05: Ephemeral RSA removed from OpenSSL 1.1.0-dev + */ +-#if OPENSSL_VERSION_NUMBER < 0x10100000L ++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) + + /* tls_tmp_rsa_cb - call-back to generate ephemeral RSA key */ + +@@ -109,7 +109,7 @@ int main(int unused_argc, char *cons + /* + * 2015-12-05: Ephemeral RSA removed from OpenSSL 1.1.0-dev + */ +-#if OPENSSL_VERSION_NUMBER < 0x10100000L ++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) + RSA *rsa; + + msg_vstream_init(argv[0], VSTREAM_ERR); +--- src/tls/tls_server.c.orig 2016-08-27 20:27:50 UTC ++++ src/tls/tls_server.c +@@ -174,7 +174,7 @@ static const char server_session_id_cont + #endif /* OPENSSL_VERSION_NUMBER */ + + /* OpenSSL 1.1.0 bitrot */ +-#if OPENSSL_VERSION_NUMBER >= 0x10100000L ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER) + typedef const unsigned char *session_id_t; + + #else +@@ -377,7 +377,7 @@ TLS_APPL_STATE *tls_server_init(const TL + */ + tls_check_version(); + +-#if OPENSSL_VERSION_NUMBER < 0x10100000L ++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) + + /* + * Initialize the OpenSSL library by the book! To start with, we must +@@ -588,7 +588,7 @@ TLS_APPL_STATE *tls_server_init(const TL + /* + * 2015-12-05: Ephemeral RSA removed from OpenSSL 1.1.0-dev + */ +-#if OPENSSL_VERSION_NUMBER < 0x10100000L ++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) + + /* + * According to OpenSSL documentation, a temporary RSA key is needed when diff --git a/mail-mta/postfix/files/postfix-libressl.patch b/mail-mta/postfix/files/postfix-libressl.patch new file mode 100644 index 000000000000..ce047b760399 --- /dev/null +++ b/mail-mta/postfix/files/postfix-libressl.patch @@ -0,0 +1,17 @@ +OpenBSD patch at: +http://cvsweb.openbsd.org/cgi-bin/cvsweb/ports/mail/postfix/snapshot/patches/patch-src_tls_tls_h +$OpenBSD: patch-src_tls_tls_h,v 1.2 2016/02/25 09:39:49 sthen Exp $ + +Fix building with LibreSSL + +--- src/tls/tls.h.orig Sat Feb 6 15:09:41 2016 ++++ src/tls/tls.h Sun Feb 14 19:54:38 2016 +@@ -89,7 +89,7 @@ extern const char *str_tls_level(int); + #endif + + /* Backwards compatibility with OpenSSL < 1.1.0 */ +-#if OPENSSL_VERSION_NUMBER < 0x10100000L ++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) + #define OpenSSL_version_num SSLeay + #define OpenSSL_version SSLeay_version + #define OPENSSL_VERSION SSLEAY_VERSION diff --git a/mail-mta/postfix/files/postfix.rc6.2.7 b/mail-mta/postfix/files/postfix.rc6.2.7 new file mode 100644 index 000000000000..9a1c1e21de9b --- /dev/null +++ b/mail-mta/postfix/files/postfix.rc6.2.7 @@ -0,0 +1,85 @@ +#!/sbin/openrc-run +# Copyright 1999-2012 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +extra_started_commands="reload abort flush" + +description_reload="Re-read configuration files. Running processes terminate at their earliest convenience." +description_abort="Stop the Postfix mail system abruptly. Running processes are signaled to stop immediately." +description_flush="Force delivery: attempt to deliver every message in the deferred mail queue." + +# Please read http://www.postfix.org/MULTI_INSTANCE_README.html for multi instance support +CONF_DIR="/etc/postfix" +CONF_OPT="${SVCNAME##*.}" +if [ -n ${CONF_OPT} -a ${SVCNAME} != "postfix" ]; then + CONF_DIR="${CONF_DIR}.${CONF_OPT}" +fi +if [ "${CONF_DIR}" = "/etc/postfix" ]; then + CONF_PARAM="" + CONF_MESSAGE="" +else + CONF_PARAM="-c ${CONF_DIR}" + CONF_MESSAGE="(${CONF_DIR})" +fi + +depend() { + use logger dns ypbind amavisd antivirus postfix_greylist net saslauthd + if [ "${SVCNAME}" = "postfix" ]; then + provide mta + fi +} + +start() { + if [ ! -z "${CONF_PARAM}" ]; then + einfo "Please consider updating your config for postmulti support." + fi + ebegin "Starting postfix ${CONF_MESSAGE}" + if [ ! -d ${CONF_DIR} ]; then + eend 1 "${CONF_DIR} does not exist" + return 1 + fi + /usr/sbin/postfix ${CONF_PARAM} start >/dev/null 2>&1 + eend $? +} + +stop() { + ebegin "Stopping postfix ${CONF_MESSAGE}" + /usr/sbin/postfix ${CONF_PARAM} stop >/dev/null 2>&1 + eend +} + +status() { + local _retval + einfon "" + /usr/sbin/postfix ${CONF_PARAM} status + _retval=$? + if [ x${_retval} = 'x0' ]; then + mark_service_started "${SVCNAME}" + eend 0 + else + mark_service_stopped "${SVCNAME}" + eend 3 + fi +} + +reload() { + ebegin "Reloading postfix ${CONF_MESSAGE}" + /usr/sbin/postfix ${CONF_PARAM} reload >/dev/null 2>&1 + eend $? +} + +abort() { + ebegin "Aborting postfix ${CONF_MESSAGE}" + + if service_started "${SVCNAME}"; then + mark_service_stopped "${SVCNAME}" + fi + /usr/sbin/postfix ${CONF_PARAM} abort >/dev/null 2>&1 + eend $? +} + +flush() { + ebegin "Flushing postfix ${CONF_MESSAGE}" + /usr/sbin/postfix ${CONF_PARAM} flush >/dev/null 2>&1 + eend $? +} diff --git a/mail-mta/postfix/files/postfix.service b/mail-mta/postfix/files/postfix.service new file mode 100644 index 000000000000..db585b3e29db --- /dev/null +++ b/mail-mta/postfix/files/postfix.service @@ -0,0 +1,26 @@ +[Unit] +Description=Postfix Mail Transport Agent +After=network.target + +[Service] +Type=forking +ExecStartPre=-/usr/bin/newaliases +ExecStart=/usr/sbin/postfix start +ExecStop=/usr/sbin/postfix stop +ExecReload=/usr/sbin/postfix reload +# Hardening +PrivateTmp=yes +PrivateDevices=yes +ProtectSystem=full +ReadWritePaths=-/etc/mail/aliases.db +CapabilityBoundingSet=~ CAP_NET_ADMIN CAP_SYS_ADMIN CAP_SYS_BOOT CAP_SYS_MODULE +MemoryDenyWriteExecute=true +ProtectKernelModules=true +ProtectKernelTunables=true +ProtectControlGroups=true +RestrictAddressFamilies=AF_INET AF_INET6 AF_NETLINK AF_UNIX +RestrictNamespaces=true +RestrictRealtime=true + +[Install] +WantedBy=multi-user.target diff --git a/mail-mta/postfix/files/smtp.pass b/mail-mta/postfix/files/smtp.pass new file mode 100644 index 000000000000..f9b5120d64e8 --- /dev/null +++ b/mail-mta/postfix/files/smtp.pass @@ -0,0 +1,2 @@ +# +# remotehost user:password diff --git a/mail-mta/postfix/files/smtp.sasl b/mail-mta/postfix/files/smtp.sasl new file mode 100644 index 000000000000..82f29457bc01 --- /dev/null +++ b/mail-mta/postfix/files/smtp.sasl @@ -0,0 +1,2 @@ +pwcheck_method:saslauthd +mech_list: PLAIN |