diff options
Diffstat (limited to 'mail-mta/exim/files')
21 files changed, 930 insertions, 0 deletions
diff --git a/mail-mta/exim/files/auth_conf.sub b/mail-mta/exim/files/auth_conf.sub new file mode 100644 index 000000000000..24434a7164a1 --- /dev/null +++ b/mail-mta/exim/files/auth_conf.sub @@ -0,0 +1,25 @@ +###################################################################### +# AUTHENTICATION CONFIGURATION # +###################################################################### +# If you're using PAM to authenticate, lifes real simple. +# This plain directive works for nearly everything except windows MUA's the +# login directive will allow you to authenticate your Outlook 2000 and +# outlook express clients. + + + +plain: + driver = plaintext + public_name = PLAIN + server_condition = "${if pam{$2:$3}{1}{0}}" + server_set_id = $2 + +login: + driver = plaintext + public_name = LOGIN + server_prompts = "Username:: : Password::" + server_condition = "${if pam{$1:${sg{$2}{:}{::}}}{1}{0}}" + server_set_id = $1 +# +# FIXME +# Need to add authenticator for SPA!! diff --git a/mail-mta/exim/files/exim-4.14-tail.patch b/mail-mta/exim/files/exim-4.14-tail.patch new file mode 100644 index 000000000000..481dca9b80d4 --- /dev/null +++ b/mail-mta/exim/files/exim-4.14-tail.patch @@ -0,0 +1,11 @@ +--- scripts/Configure-config.h.orig 2003-07-17 18:01:19.000000000 -0400 ++++ scripts/Configure-config.h 2003-07-17 18:01:25.000000000 -0400 +@@ -41,7 +41,7 @@ + + # Double-check that config.h is complete. + +-if [ "`tail -1 config.h`" != "/* End of config.h */" ] ; then ++if [ "`tail -n 1 config.h`" != "/* End of config.h */" ] ; then + echo "*** config.h appears to be incomplete" + echo "*** unexpected failure in buildconfig program" + exit 1 diff --git a/mail-mta/exim/files/exim-4.20-maildir.patch b/mail-mta/exim/files/exim-4.20-maildir.patch new file mode 100644 index 000000000000..3cb198d545c1 --- /dev/null +++ b/mail-mta/exim/files/exim-4.20-maildir.patch @@ -0,0 +1,14 @@ +diff -urN ./exim-4.20.orig/src/configure.default exim-4.20/src/configure.default +--- ./exim-4.20.orig/src/configure.default 2003-06-27 16:48:22.000000000 -0700 ++++ exim-4.20/src/configure.default 2003-06-27 16:52:20.000000000 -0700 +@@ -451,7 +451,9 @@ + + local_delivery: + driver = appendfile +- file = /var/mail/$local_part ++# file = /var/mail/$local_part ++ directory = /home/$local_part/.maildir ++ maildir_format + delivery_date_add + envelope_to_add + return_path_add diff --git a/mail-mta/exim/files/exim-4.69-r1.27021.patch b/mail-mta/exim/files/exim-4.69-r1.27021.patch new file mode 100644 index 000000000000..804e16d6acde --- /dev/null +++ b/mail-mta/exim/files/exim-4.69-r1.27021.patch @@ -0,0 +1,48 @@ +diff -urN exim-4.69.orig/src/configure.default exim-4.69/src/configure.default +--- exim-4.69.orig/src/configure.default 2008-05-05 10:17:44.000000000 +0100 ++++ exim-4.69/src/configure.default 2008-05-05 10:18:26.000000000 +0100 +@@ -592,6 +592,22 @@ + pipe_transport = address_pipe + reply_transport = address_reply + ++# This router runs procmail if users have a .procmailrc file ++procmail: ++ check_local_user ++ driver = accept ++ transport = procmail_pipe ++ require_files = ${local_part}:+${home}:+${home}/.procmailrc:+/usr/bin/procmail ++ no_verify ++ ++# This router runs maildrop if users have a .mailfilter file ++maildrop: ++ check_local_user ++ driver = accept ++ transport = maildrop_pipe ++ require_files = ${local_part}:+${home}:+${home}/.mailfilter:+/usr/bin/maildrop ++ no_verify ++ + + # This router matches local user mailboxes. If the router fails, the error + # message is "Unknown user". +@@ -676,6 +692,21 @@ + address_reply: + driver = autoreply + ++# This transport is used for procmail ++procmail_pipe: ++ driver = pipe ++ command = "/usr/bin/procmail -d ${local_part}" ++ return_path_add ++ delivery_date_add ++ envelope_to_add ++ ++# This transport is used for courier-maildrop filtering (Maildir filter system) ++maildrop_pipe: ++ driver = pipe ++ command = "/usr/bin/maildrop -d ${local_part}" ++ return_path_add ++ delivery_date_add ++ envelope_to_add + + + ###################################################################### diff --git a/mail-mta/exim/files/exim-4.74-localscan_dlopen.patch b/mail-mta/exim/files/exim-4.74-localscan_dlopen.patch new file mode 100644 index 000000000000..3bb57c1637c6 --- /dev/null +++ b/mail-mta/exim/files/exim-4.74-localscan_dlopen.patch @@ -0,0 +1,262 @@ +diff -Naur exim-4.32/src/EDITME exim-4.32-dlopen/src/EDITME +--- src/EDITME 2004-04-15 08:27:01.000000000 +0000 ++++ src/EDITME 2004-05-06 16:15:47.000000000 +0000 +@@ -505,6 +505,24 @@ + + + #------------------------------------------------------------------------------ ++# On systems which support dynamic loading of shared libraries, Exim can ++# load a local_scan function specified in its config file instead of having ++# to be recompiled with the desired local_scan function. For a full ++# description of the API to this function, see the Exim specification. ++ ++DLOPEN_LOCAL_SCAN=yes ++ ++# If you set DLOPEN_LOCAL_SCAN, then you need to include -rdynamic in the ++# linker flags. Without it, the loaded .so won't be able to access any ++# functions from exim. ++ ++LFLAGS = -rdynamic ++ifeq ($(OSTYPE),Linux) ++LFLAGS += -ldl ++endif ++ ++ ++#------------------------------------------------------------------------------ + # The default distribution of Exim contains only the plain text form of the + # documentation. Other forms are available separately. If you want to install + # the documentation in "info" format, first fetch the Texinfo documentation +diff -Naur exim-4.32/src/config.h.defaults exim-4.32-dlopen/src/config.h.defaults +--- src/config.h.defaults 2004-04-15 08:27:01.000000000 +0000 ++++ src/config.h.defaults 2004-05-06 16:16:30.000000000 +0000 +@@ -20,6 +20,8 @@ + #define AUTH_PLAINTEXT + #define AUTH_SPA + ++#define DLOPEN_LOCAL_SCAN ++ + #define BIN_DIRECTORY + + #define CONFIGURE_FILE +diff -Naur exim-4.32/src/globals.c exim-4.32-dlopen/src/globals.c +--- src/globals.c 2004-04-15 08:27:01.000000000 +0000 ++++ src/globals.c 2004-05-06 16:17:07.000000000 +0000 +@@ -109,6 +109,10 @@ + uschar *tls_verify_hosts = NULL; + #endif + ++#ifdef DLOPEN_LOCAL_SCAN ++uschar *local_scan_path = NULL; ++#endif ++ + + /* Input-reading functions for messages, so we can use special ones for + incoming TCP/IP. The defaults use stdin. We never need these for any +diff -Naur exim-4.32/src/globals.h exim-4.32-dlopen/src/globals.h +--- src/globals.h 2004-04-15 08:27:01.000000000 +0000 ++++ src/globals.h 2004-05-06 16:17:50.000000000 +0000 +@@ -73,6 +73,9 @@ + extern uschar *tls_verify_hosts; /* Mandatory client verification */ + #endif + ++#ifdef DLOPEN_LOCAL_SCAN ++extern uschar *local_scan_path; /* Path to local_scan() library */ ++#endif + + /* Input-reading functions for messages, so we can use special ones for + incoming TCP/IP. */ +diff -Naur exim-4.32/src/local_scan.c exim-4.32-dlopen/src/local_scan.c +--- src/local_scan.c 2004-04-15 08:27:01.000000000 +0000 ++++ src/local_scan.c 2004-05-06 16:21:57.000000000 +0000 +@@ -5,60 +5,131 @@ + /* Copyright (c) University of Cambridge 1995 - 2004 */ + /* See the file NOTICE for conditions of use and distribution. */ + ++#include "exim.h" + +-/****************************************************************************** +-This file contains a template local_scan() function that just returns ACCEPT. +-If you want to implement your own version, you should copy this file to, say +-Local/local_scan.c, and edit the copy. To use your version instead of the +-default, you must set +- +-LOCAL_SCAN_SOURCE=Local/local_scan.c +- +-in your Local/Makefile. This makes it easy to copy your version for use with +-subsequent Exim releases. +- +-For a full description of the API to this function, see the Exim specification. +-******************************************************************************/ +- +- +-/* This is the only Exim header that you should include. The effect of +-including any other Exim header is not defined, and may change from release to +-release. Use only the documented interface! */ +- +-#include "local_scan.h" +- +- +-/* This is a "do-nothing" version of a local_scan() function. The arguments +-are: +- +- fd The file descriptor of the open -D file, which contains the +- body of the message. The file is open for reading and +- writing, but modifying it is dangerous and not recommended. +- +- return_text A pointer to an unsigned char* variable which you can set in +- order to return a text string. It is initialized to NULL. +- +-The return values of this function are: +- +- LOCAL_SCAN_ACCEPT +- The message is to be accepted. The return_text argument is +- saved in $local_scan_data. +- +- LOCAL_SCAN_REJECT +- The message is to be rejected. The returned text is used +- in the rejection message. +- +- LOCAL_SCAN_TEMPREJECT +- This specifies a temporary rejection. The returned text +- is used in the rejection message. +-*/ ++#ifdef DLOPEN_LOCAL_SCAN ++#include <dlfcn.h> ++static int (*local_scan_fn)(int fd, uschar **return_text) = NULL; ++static int load_local_scan_library(void); ++#endif + + int + local_scan(int fd, uschar **return_text) + { + fd = fd; /* Keep picky compilers happy */ + return_text = return_text; +-return LOCAL_SCAN_ACCEPT; ++#ifdef DLOPEN_LOCAL_SCAN ++/* local_scan_path is defined AND not the empty string */ ++if (local_scan_path && *local_scan_path) ++ { ++ if (!local_scan_fn) ++ { ++ if (!load_local_scan_library()) ++ { ++ char *base_msg , *error_msg , *final_msg ; ++ int final_length = -1 ; ++ ++ base_msg=US"Local configuration error - local_scan() library failure\n"; ++ error_msg = dlerror() ; ++ ++ final_length = strlen(base_msg) + strlen(error_msg) + 1 ; ++ final_msg = (char*)malloc( final_length*sizeof(char) ) ; ++ *final_msg = '\0' ; ++ ++ strcat( final_msg , base_msg ) ; ++ strcat( final_msg , error_msg ) ; ++ ++ *return_text = final_msg ; ++ return LOCAL_SCAN_TEMPREJECT; ++ } ++ } ++ return local_scan_fn(fd, return_text); ++ } ++else ++#endif ++ return LOCAL_SCAN_ACCEPT; ++} ++ ++#ifdef DLOPEN_LOCAL_SCAN ++ ++static int load_local_scan_library(void) ++{ ++/* No point in keeping local_scan_lib since we'll never dlclose() anyway */ ++void *local_scan_lib = NULL; ++int (*local_scan_version_fn)(void); ++int vers_maj; ++int vers_min; ++ ++local_scan_lib = dlopen(local_scan_path, RTLD_NOW); ++if (!local_scan_lib) ++ { ++ log_write(0, LOG_MAIN|LOG_REJECT, "local_scan() library open failed - " ++ "message temporarily rejected"); ++ return FALSE; ++ } ++ ++local_scan_version_fn = dlsym(local_scan_lib, "local_scan_version_major"); ++if (!local_scan_version_fn) ++ { ++ dlclose(local_scan_lib); ++ log_write(0, LOG_MAIN|LOG_REJECT, "local_scan() library doesn't contain " ++ "local_scan_version_major() function - message temporarily rejected"); ++ return FALSE; ++ } ++ ++/* The major number is increased when the ABI is changed in a non ++ backward compatible way. */ ++vers_maj = local_scan_version_fn(); ++ ++local_scan_version_fn = dlsym(local_scan_lib, "local_scan_version_minor"); ++if (!local_scan_version_fn) ++ { ++ dlclose(local_scan_lib); ++ log_write(0, LOG_MAIN|LOG_REJECT, "local_scan() library doesn't contain " ++ "local_scan_version_minor() function - message temporarily rejected"); ++ return FALSE; ++ } ++ ++/* The minor number is increased each time a new feature is added (in a ++ way that doesn't break backward compatibility) -- Marc */ ++vers_min = local_scan_version_fn(); ++ ++ ++if (vers_maj != LOCAL_SCAN_ABI_VERSION_MAJOR) ++ { ++ dlclose(local_scan_lib); ++ local_scan_lib = NULL; ++ log_write(0, LOG_MAIN|LOG_REJECT, "local_scan() has an incompatible major" ++ "version number, you need to recompile your module for this version" ++ "of exim (The module was compiled for version %d.%d and this exim provides" ++ "ABI version %d.%d)", vers_maj, vers_min, LOCAL_SCAN_ABI_VERSION_MAJOR, ++ LOCAL_SCAN_ABI_VERSION_MINOR); ++ return FALSE; ++ } ++else if (vers_min > LOCAL_SCAN_ABI_VERSION_MINOR) ++ { ++ dlclose(local_scan_lib); ++ local_scan_lib = NULL; ++ log_write(0, LOG_MAIN|LOG_REJECT, "local_scan() has an incompatible minor" ++ "version number, you need to recompile your module for this version" ++ "of exim (The module was compiled for version %d.%d and this exim provides" ++ "ABI version %d.%d)", vers_maj, vers_min, LOCAL_SCAN_ABI_VERSION_MAJOR, ++ LOCAL_SCAN_ABI_VERSION_MINOR); ++ return FALSE; ++ } ++ ++local_scan_fn = dlsym(local_scan_lib, "local_scan"); ++if (!local_scan_fn) ++ { ++ dlclose(local_scan_lib); ++ log_write(0, LOG_MAIN|LOG_REJECT, "local_scan() library doesn't contain " ++ "local_scan() function - message temporarily rejected"); ++ return FALSE; ++ } ++ ++return TRUE; + } + ++#endif /* DLOPEN_LOCAL_SCAN */ ++ + /* End of local_scan.c */ +diff -Naur exim-4.32/src/readconf.c exim-4.32-dlopen/src/readconf.c +--- src/readconf.c 2004-04-15 08:27:01.000000000 +0000 ++++ src/readconf.c 2004-05-06 16:23:12.000000000 +0000 +@@ -223,6 +223,9 @@ + { "local_from_prefix", opt_stringptr, &local_from_prefix }, + { "local_from_suffix", opt_stringptr, &local_from_suffix }, + { "local_interfaces", opt_stringptr, &local_interfaces }, ++#ifdef DLOPEN_LOCAL_SCAN ++ { "local_scan_path", opt_stringptr, &local_scan_path }, ++#endif + { "local_scan_timeout", opt_time, &local_scan_timeout }, + { "local_sender_retain", opt_bool, &local_sender_retain }, + { "localhost_number", opt_stringptr, &host_number_string }, diff --git a/mail-mta/exim/files/exim-4.74-radius-db-ENV-clash.patch b/mail-mta/exim/files/exim-4.74-radius-db-ENV-clash.patch new file mode 100644 index 000000000000..247668ef3da3 --- /dev/null +++ b/mail-mta/exim/files/exim-4.74-radius-db-ENV-clash.patch @@ -0,0 +1,22 @@ +Nasty workaround for +http://bugs.gentoo.org/show_bug.cgi?id=287426 + +--- src/auths/call_radius.c ++++ src/auths/call_radius.c +@@ -10,6 +10,16 @@ + /* This file was originally supplied by Ian Kirk. The libradius support came + from Alex Kiernan. */ + ++/* ugly hack to work around redefinition of ENV by radiusclient.h and ++ * db.h: define _DB_H_ so the db.h include thinks it's already included, ++ * we can get away with it like this, since this file doesn't use any db ++ * functions. */ ++#ifndef _DB_H_ ++#define _DB_H_ 1 ++#define _DB_EXT_PROT_IN_ 1 ++#define DB void ++#endif ++ + #include "../exim.h" + + /* This module contains functions that call the Radius authentication diff --git a/mail-mta/exim/files/exim-4.76-crosscompile.patch b/mail-mta/exim/files/exim-4.76-crosscompile.patch new file mode 100644 index 000000000000..cf47adee6265 --- /dev/null +++ b/mail-mta/exim/files/exim-4.76-crosscompile.patch @@ -0,0 +1,15 @@ +https://bugs.gentoo.org/show_bug.cgi?id=266591 + +--- OS/Makefile-Base ++++ OS/Makefile-Base +@@ -114,8 +114,8 @@ + + # Targets for special-purpose configuration header builders + buildconfig: buildconfig.c +- @echo "$(CC) buildconfig.c" +- $(FE)$(CC) $(CFLAGS) $(INCLUDE) -o buildconfig buildconfig.c $(LIBS) ++ @echo "$(HOSTCC) buildconfig.c" ++ $(FE)$(HOSTCC) $(HOSTCFLAGS) $(INCLUDE) -o buildconfig buildconfig.c $(LIBS) + + + # Target for the exicyclog utility script diff --git a/mail-mta/exim/files/exim-4.80-spool-mail-group.patch b/mail-mta/exim/files/exim-4.80-spool-mail-group.patch new file mode 100644 index 000000000000..6f88d8533e8b --- /dev/null +++ b/mail-mta/exim/files/exim-4.80-spool-mail-group.patch @@ -0,0 +1,27 @@ +Change default such that we run on a stock Gentoo system. Bug #438606 + +--- src/configure.default ++++ src/configure.default +@@ -674,8 +674,9 @@ + # BSD mailbox format. By default it will be run under the uid and gid of the + # local user, and requires the sticky bit to be set on the /var/mail directory. + # Some systems use the alternative approach of running mail deliveries under a +-# particular group instead of using the sticky bit. The commented options below +-# show how this can be done. ++# particular group instead of using the sticky bit. This is also the ++# default case on Gentoo, therefore group and mode are set below. ++# Comment them out, to get the default behaviour. + + local_delivery: + driver = appendfile +@@ -683,8 +684,8 @@ + delivery_date_add + envelope_to_add + return_path_add +-# group = mail +-# mode = 0660 ++ group = mail ++ mode = 0660 + + + # This transport is used for handling pipe deliveries generated by alias or diff --git a/mail-mta/exim/files/exim-4.82-makefile-freebsd.patch b/mail-mta/exim/files/exim-4.82-makefile-freebsd.patch new file mode 100644 index 000000000000..9693d4945ad9 --- /dev/null +++ b/mail-mta/exim/files/exim-4.82-makefile-freebsd.patch @@ -0,0 +1,45 @@ +--- OS/Makefile-FreeBSD.orig 2013-09-30 19:59:09.000000000 +0200 ++++ OS/Makefile-FreeBSD 2013-09-30 20:01:22.000000000 +0200 +@@ -1,10 +1,8 @@ +-# Exim: OS-specific make file for FreeBSD +-# There's no setting of CFLAGS here, to allow the system default +-# for "make" to be the default. +- +-CHOWN_COMMAND=/usr/sbin/chown +-STRIP_COMMAND=/usr/bin/strip +-CHMOD_COMMAND=/bin/chmod ++# Exim: OS-specific FreeBSD make file, modified for Gentoo Prefix ++ ++CHOWN_COMMAND=look_for_it ++STRIP_COMMAND= ++CHMOD_COMMAND=look_for_it + + HAVE_SA_LEN=YES + +@@ -15,17 +13,9 @@ + CFLAGS_DYNAMIC=-shared -rdynamic -fPIC + + # FreeBSD always ships with Berkeley DB ++DBMLIB = -ldb + USE_DB=yes + +-# This code for building outside ports suggested by Richard Clayton +-.ifdef X11BASE +-X11=${X11BASE} +-.elifdef LOCALBASE +-X11=$(LOCALBASE) +-.else +-X11=/usr/local +-.endif +- + # nb: FreeBSD is entirely elf; objformat was removed prior to FreeBSD 7 + # http://www.freebsd.org/cgi/cvsweb.cgi/src/usr.bin/objformat/Attic/objformat.c + # deleted Jan 2007. +@@ -37,6 +27,7 @@ + # switch to default to ELF came with FreeBSD 3. elf(5) claims ELF support + # introduced in FreeBSD 2.2.6. + # ++X11=/usr/X11R6 + XINCLUDE=-I$(X11)/include + XLFLAGS=-L$(X11)/lib -Wl,-rpath,${X11}/lib + X11_LD_LIB=$(X11)/lib diff --git a/mail-mta/exim/files/exim-4.89-CVE-2017-1000369.patch b/mail-mta/exim/files/exim-4.89-CVE-2017-1000369.patch new file mode 100644 index 000000000000..c3d976a2b907 --- /dev/null +++ b/mail-mta/exim/files/exim-4.89-CVE-2017-1000369.patch @@ -0,0 +1,58 @@ +CVE-2017-1000369 + +https://github.com/Exim/exim/commit/65e061b76867a9ea7aeeb535341b790b90ae6c21 + +--- a/doc/exim.8 ++++ b/doc/exim.8 +@@ -1350,7 +1350,7 @@ option sets the received protocol value that is stored in + or \fB\-bs\fP is used. For \fB\-bh\fP, the protocol is forced to one of the standard + SMTP protocol names. For \fB\-bs\fP, the protocol is always "local\-" followed by + one of those same names. For \fB\-bS\fP (batched SMTP) however, the protocol can +-be set by \fB\-oMr\fP. ++be set by \fB\-oMr\fP. Repeated use of this option is not supported. + .TP 10 + \fB\-oMs\fP <\fIhost name\fP> + See \fB\-oMa\fP above for general remarks about the \fB\-oM\fP options. The \fB\-oMs\fP +@@ -1418,6 +1418,7 @@ host name and its colon can be omitted when only the protocol is to be set. + Note the Exim already has two private options, \fB\-pd\fP and \fB\-ps\fP, that refer + to embedded Perl. It is therefore impossible to set a protocol value of d + or s using this option (but that does not seem a real limitation). ++Repeated use of this option is not supported. + .TP 10 + \fB\-q\fP + This option is normally restricted to admin users. However, there is a +--- a/src/exim.c ++++ b/src/exim.c +@@ -3092,7 +3092,14 @@ for (i = 1; i < argc; i++) + + /* -oMr: Received protocol */ + +- else if (Ustrcmp(argrest, "Mr") == 0) received_protocol = argv[++i]; ++ else if (Ustrcmp(argrest, "Mr") == 0) ++ ++ if (received_protocol) ++ { ++ fprintf(stderr, "received_protocol is set already\n"); ++ exit(EXIT_FAILURE); ++ } ++ else received_protocol = argv[++i]; + + /* -oMs: Set sender host name */ + +@@ -3188,7 +3195,15 @@ for (i = 1; i < argc; i++) + + if (*argrest != 0) + { +- uschar *hn = Ustrchr(argrest, ':'); ++ uschar *hn; ++ ++ if (received_protocol) ++ { ++ fprintf(stderr, "received_protocol is set already\n"); ++ exit(EXIT_FAILURE); ++ } ++ ++ hn = Ustrchr(argrest, ':'); + if (hn == NULL) + { + received_protocol = argrest; diff --git a/mail-mta/exim/files/exim-4.89-address-expando-crash.patch b/mail-mta/exim/files/exim-4.89-address-expando-crash.patch new file mode 100644 index 000000000000..2a868490a426 --- /dev/null +++ b/mail-mta/exim/files/exim-4.89-address-expando-crash.patch @@ -0,0 +1,85 @@ +ignoring parts which don't match due to repo reorg post release + +From 1b7cf216d933b395dee691f05becca4dd44b26f7 Mon Sep 17 00:00:00 2001 +From: "Heiko Schlittermann (HS12-RIPE)" <hs@schlittermann.de> +Date: Wed, 4 Oct 2017 22:25:45 +0200 +Subject: [PATCH] Check for proper output separator in expanding + ${addresses:STRING} (Closes 2171) + +Better yet would be to force setting the output separator literally, +and not after expansion of the STRING. But this would be an incompatible +change. +--- + doc/doc-docbook/spec.xfpt | 10 +++++++++- + src/src/expand.c | 8 +++++++- + test/scripts/0000-Basic/0002 | 1 + + test/stdout/0002 | 1 + + 4 files changed, 18 insertions(+), 2 deletions(-) + +ignored - diff --git a/doc/doc-docbook/spec.xfpt b/doc/doc-docbook/spec.xfpt +ignored - index 4a8e1d0..c140945 100644 +ignored - --- a/doc/doc-docbook/spec.xfpt +ignored - +++ b/doc/doc-docbook/spec.xfpt +ignored - @@ -10118,7 +10118,15 @@ character. For example: +ignored - .code +ignored - ${addresses:>& Chief <ceo@up.stairs>, sec@base.ment (dogsbody)} +ignored - .endd +ignored - -expands to &`ceo@up.stairs&&sec@base.ment`&. Compare the &*address*& (singular) +ignored - +expands to &`ceo@up.stairs&&sec@base.ment`&. The string is expanded +ignored - +first, so if the expanded string starts with >, it may change the output +ignored - +separator unintentionally. This can be avoided by setting the output +ignored - +separator explicitly: +ignored - +.code +ignored - +${addresses:>:$h_from:} +ignored - +.endd +ignored - + +ignored - +Compare the &*address*& (singular) +ignored - expansion item, which extracts the working address from a single RFC2822 +ignored - address. See the &*filter*&, &*map*&, and &*reduce*& items for ways of +ignored - processing lists. +diff --git a/src/src/expand.c b/src/src/expand.c +index 353b8ea..67b3d65 100644 +--- a/src/src/expand.c ++++ b/src/src/expand.c +@@ -6797,7 +6797,13 @@ while (*s != 0) + int start, end, domain; /* Not really used */ + + while (isspace(*sub)) sub++; +- if (*sub == '>') { *outsep = *++sub; ++sub; } ++ if (*sub == '>') ++ if (*outsep = *++sub) ++sub; ++ else { ++ expand_string_message = string_sprintf("output separator " ++ "missing in expanding ${addresses:%s}", --sub); ++ goto EXPAND_FAILED; ++ } + parse_allow_group = TRUE; + + for (;;) +ignored - diff --git a/test/scripts/0000-Basic/0002 b/test/scripts/0000-Basic/0002 +ignored - index cb0bb18..dd9cea2 100644 +ignored - --- a/test/scripts/0000-Basic/0002 +ignored - +++ b/test/scripts/0000-Basic/0002 +ignored - @@ -133,6 +133,7 @@ addresses: ${addresses:>+ Exim Person <local-part@dom.ain> (that's me),\ +ignored - addresses: ${addresses:Exim Person <local-part@dom.ain> (that's me), \ +ignored - xyz@abc, nullgroupname:;, group: p@q, r@s; } +ignored - addresses: ${addresses:local-part@dom.ain <local-part@dom.ain>} +ignored - +addresses: ${addresses:>} +ignored - +ignored - escape: ${escape:B7·F2ò} +ignored - excape8bit: ${escape8bit:undisturbed text\ttab\nnewline\ttab\\backslash \176tilde\177DEL\200\x81.} +ignored - diff --git a/test/stdout/0002 b/test/stdout/0002 +ignored - index 5593f06..1422289 100644 +ignored - --- a/test/stdout/0002 +ignored - +++ b/test/stdout/0002 +ignored - @@ -123,6 +123,7 @@ +ignored - > addresses: local-part@dom.ain+xyz@abc +ignored - > addresses: local-part@dom.ain:xyz@abc:p@q:r@s +ignored - > addresses: +ignored - +> Failed: output separator missing in expanding ${addresses:>} +ignored - > +ignored - > escape: B7\267F2\362 +ignored - > excape8bit: undisturbed text tab +-- +1.9.1 + diff --git a/mail-mta/exim/files/exim-4.89-as-needed-ldflags.patch b/mail-mta/exim/files/exim-4.89-as-needed-ldflags.patch new file mode 100644 index 000000000000..49e430939fcd --- /dev/null +++ b/mail-mta/exim/files/exim-4.89-as-needed-ldflags.patch @@ -0,0 +1,145 @@ +https://bugs.gentoo.org/show_bug.cgi?id=352265 + +Make sure LDFLAGS comes first, such that all libraries are considered, +and not discarded when --as-needed is in effect. + +https://bugs.gentoo.org/show_bug.cgi?id=391279 + +Use LDFLAGS for all targets, not just the exim binary, such that +--as-needed works as well. + + +--- OS/Makefile-Base ++++ OS/Makefile-Base +@@ -346,12 +346,12 @@ + buildrouters buildtransports \ + $(OBJ_EXIM) version.o + @echo "$(LNCC) -o exim" +- $(FE)$(PURIFY) $(LNCC) -o exim $(LFLAGS) $(OBJ_EXIM) version.o \ ++ $(FE)$(PURIFY) $(LNCC) -o exim $(LDFLAGS) $(OBJ_EXIM) version.o \ + routers/routers.a transports/transports.a lookups/lookups.a \ + auths/auths.a pdkim/pdkim.a \ + $(LIBRESOLV) $(LIBS) $(LIBS_EXIM) $(IPV6_LIBS) $(EXTRALIBS) \ + $(EXTRALIBS_EXIM) $(DBMLIB) $(LOOKUP_LIBS) $(AUTH_LIBS) \ +- $(PERL_LIBS) $(TLS_LIBS) $(PCRE_LIBS) $(LDFLAGS) ++ $(PERL_LIBS) $(TLS_LIBS) $(PCRE_LIBS) $(LFLAGS) + @if [ x"$(STRIP_COMMAND)" != x"" ]; then \ + echo $(STRIP_COMMAND) exim; \ + $(STRIP_COMMAND) exim; \ +@@ -367,8 +367,8 @@ + + exim_dumpdb: $(OBJ_DUMPDB) + @echo "$(LNCC) -o exim_dumpdb" +- $(FE)$(LNCC) $(CFLAGS) $(INCLUDE) -o exim_dumpdb $(LFLAGS) $(OBJ_DUMPDB) \ +- $(LIBS) $(EXTRALIBS) $(DBMLIB) ++ $(FE)$(LNCC) $(CFLAGS) $(INCLUDE) -o exim_dumpdb $(LDFLAGS) $(OBJ_DUMPDB) \ ++ $(LIBS) $(EXTRALIBS) $(DBMLIB) $(LFLAGS) + @if [ x"$(STRIP_COMMAND)" != x"" ]; then \ + echo $(STRIP_COMMAND) exim_dumpdb; \ + $(STRIP_COMMAND) exim_dumpdb; \ +@@ -382,8 +382,8 @@ + + exim_fixdb: $(OBJ_FIXDB) buildauths + @echo "$(LNCC) -o exim_fixdb" +- $(FE)$(LNCC) $(CFLAGS) $(INCLUDE) -o exim_fixdb $(LFLAGS) $(OBJ_FIXDB) \ +- auths/auths.a $(LIBS) $(EXTRALIBS) $(DBMLIB) ++ $(FE)$(LNCC) $(CFLAGS) $(INCLUDE) -o exim_fixdb $(LDFLAGS) $(OBJ_FIXDB) \ ++ auths/auths.a $(LIBS) $(EXTRALIBS) $(DBMLIB) $(LFLAGS) + @if [ x"$(STRIP_COMMAND)" != x"" ]; then \ + echo $(STRIP_COMMAND) exim_fixdb; \ + $(STRIP_COMMAND) exim_fixdb; \ +@@ -397,8 +397,8 @@ + + exim_tidydb: $(OBJ_TIDYDB) + @echo "$(LNCC) -o exim_tidydb" +- $(FE)$(LNCC) $(CFLAGS) $(INCLUDE) -o exim_tidydb $(LFLAGS) $(OBJ_TIDYDB) \ +- $(LIBS) $(EXTRALIBS) $(DBMLIB) ++ $(FE)$(LNCC) $(CFLAGS) $(INCLUDE) -o exim_tidydb $(LDFLAGS) $(OBJ_TIDYDB) \ ++ $(LIBS) $(EXTRALIBS) $(DBMLIB) $(LFLAGS) + @if [ x"$(STRIP_COMMAND)" != x"" ]; then \ + echo $(STRIP_COMMAND) exim_tidydb; \ + $(STRIP_COMMAND) exim_tidydb; \ +@@ -410,8 +410,8 @@ + + exim_dbmbuild: exim_dbmbuild.o + @echo "$(LNCC) -o exim_dbmbuild" +- $(FE)$(LNCC) $(CFLAGS) $(INCLUDE) -o exim_dbmbuild $(LFLAGS) exim_dbmbuild.o \ +- $(LIBS) $(EXTRALIBS) $(DBMLIB) ++ $(FE)$(LNCC) $(CFLAGS) $(INCLUDE) -o exim_dbmbuild $(LDFLAGS) exim_dbmbuild.o \ ++ $(LIBS) $(EXTRALIBS) $(DBMLIB) $(LFLAGS) + @if [ x"$(STRIP_COMMAND)" != x"" ]; then \ + echo $(STRIP_COMMAND) exim_dbmbuild; \ + $(STRIP_COMMAND) exim_dbmbuild; \ +@@ -425,8 +425,8 @@ + @echo "$(CC) exim_lock.c" + $(FE)$(CC) -c $(CFLAGS) $(INCLUDE) exim_lock.c + @echo "$(LNCC) -o exim_lock" +- $(FE)$(LNCC) -o exim_lock $(LFLAGS) exim_lock.o \ +- $(LIBS) $(EXTRALIBS) ++ $(FE)$(LNCC) -o exim_lock $(LDFLAGS) exim_lock.o \ ++ $(LIBS) $(EXTRALIBS) $(LFLAGS) + @if [ x"$(STRIP_COMMAND)" != x"" ]; then \ + echo $(STRIP_COMMAND) exim_lock; \ + $(STRIP_COMMAND) exim_lock; \ +@@ -462,9 +462,9 @@ + $(FE)$(CC) -o em_version.o -c \ + $(CFLAGS) $(XINCLUDE) -I. ../exim_monitor/em_version.c + @echo "$(LNCC) -o eximon.bin" +- $(FE)$(PURIFY) $(LNCC) -o eximon.bin em_version.o $(LFLAGS) $(XLFLAGS) \ ++ $(FE)$(PURIFY) $(LNCC) -o eximon.bin em_version.o $(LDFLAGS) $(XLFLAGS) \ + $(OBJ_MONBIN) -lXaw -lXmu -lXt -lXext -lX11 $(PCRE_LIBS) \ +- $(LIBS) $(LIBS_EXIMON) $(EXTRALIBS) $(EXTRALIBS_EXIMON) -lc ++ $(LIBS) $(LIBS_EXIMON) $(EXTRALIBS) $(EXTRALIBS_EXIMON) -lc $(LFLAGS) + @if [ x"$(STRIP_COMMAND)" != x"" ]; then \ + echo $(STRIP_COMMAND) eximon.bin; \ + $(STRIP_COMMAND) eximon.bin; \ +@@ -780,9 +780,9 @@ + string.o tod.o version.o utf8.o + $(CC) -c $(CFLAGS) $(INCLUDE) -DSTAND_ALONE dbfn.c + $(CC) -c $(CFLAGS) $(INCLUDE) -DCOMPILE_UTILITY store.c +- $(LNCC) -o test_dbfn $(LFLAGS) dbfn.o \ ++ $(LNCC) -o test_dbfn $(LDFLAGS) dbfn.o \ + dummies.o sa-globals.o sa-os.o store.o string.o \ +- tod.o version.o utf8.o $(LIBS) $(DBMLIB) $(LDFLAGS) ++ tod.o version.o utf8.o $(LIBS) $(DBMLIB) $(LFLAGS) + rm -f dbfn.o store.o + + test_host: config.h child.c host.c dns.c dummies.c sa-globals.o os.o \ +@@ -790,29 +790,29 @@ + $(CC) -c $(CFLAGS) $(INCLUDE) -DSTAND_ALONE -DTEST_HOST host.c + $(CC) -c $(CFLAGS) $(INCLUDE) -DSTAND_ALONE -DTEST_HOST dns.c + $(CC) -c $(CFLAGS) $(INCLUDE) -DSTAND_ALONE -DTEST_HOST dummies.c +- $(LNCC) -o test_host $(LFLAGS) \ ++ $(LNCC) -o test_host $(LDFLAGS) \ + host.o child.o dns.o dummies.o sa-globals.o os.o store.o string.o \ +- tod.o tree.o $(LIBS) $(LIBRESOLV) ++ tod.o tree.o $(LIBS) $(LIBRESOLV) $(LFLAGS) + rm -f child.o dummies.o host.o dns.o + + test_os: os.h os.c dummies.o sa-globals.o store.o string.o tod.o utf8.o + $(CC) -c $(CFLAGS) $(INCLUDE) -DSTAND_ALONE os.c +- $(LNCC) -o test_os $(LFLAGS) os.o dummies.o \ +- sa-globals.o store.o string.o tod.o utf8.o $(LIBS) $(LDFLAGS) ++ $(LNCC) -o test_os $(LDFLAGS) os.o dummies.o \ ++ sa-globals.o store.o string.o tod.o utf8.o $(LIBS) $(LFLAGS) + rm -f os.o + + test_parse: config.h parse.c dummies.o sa-globals.o \ + store.o string.o tod.o version.o utf8.o + $(CC) -c $(CFLAGS) $(INCLUDE) -DSTAND_ALONE parse.c +- $(LNCC) -o test_parse $(LFLAGS) parse.o \ ++ $(LNCC) -o test_parse $(LDFLAGS) parse.o \ + dummies.o sa-globals.o store.o string.o tod.o version.o \ +- utf8.o $(LDFLAGS) ++ utf8.o $(LFLAGS) + rm -f parse.o + + test_string: config.h string.c dummies.o sa-globals.o store.o tod.o utf8.o + $(CC) -c $(CFLAGS) $(INCLUDE) -DSTAND_ALONE string.c +- $(LNCC) -o test_string $(LFLAGS) -DSTAND_ALONE string.o \ +- dummies.o sa-globals.o store.o tod.o utf8.o $(LIBS) $(LDFLAGS) ++ $(LNCC) -o test_string $(LDFLAGS) -DSTAND_ALONE string.o \ ++ dummies.o sa-globals.o store.o tod.o utf8.o $(LIBS) $(LFLAGS) + rm -f string.o + + # End diff --git a/mail-mta/exim/files/exim-4.89-transport-crash.patch b/mail-mta/exim/files/exim-4.89-transport-crash.patch new file mode 100644 index 000000000000..94a1d6b15525 --- /dev/null +++ b/mail-mta/exim/files/exim-4.89-transport-crash.patch @@ -0,0 +1,62 @@ +This is a manual backport of the following commit which fixes the +original bug as well as https://bugs.exim.org/show_bug.cgi?id=2166: + +From e69636bc9ddf3617be688b07941d7d659d50eaa7 Mon Sep 17 00:00:00 2001 +From: Jeremy Harris <jgh146exb@wizmail.org> +Date: Sat, 3 Jun 2017 13:39:18 +0100 +Subject: [PATCH 1/1] Fix crash in transport, on second smtp-connect fail for a + list of target hosts + +Reported as the sequence: + 1MX: 554 on connect (banner) + 2MX: TCP conn timeout + +diff --git a/src/src/transports/smtp.c b/src/src/transports/smtp.c +index 454c0f7..dc9e03b 100644 +--- a/src/src/transports/smtp.c ++++ b/src/src/transports/smtp.c +@@ -2177,25 +2177,34 @@ return OK; + + /* The failure happened while setting up the call; see if the failure was + a 5xx response (this will either be on connection, or following HELO - a 5xx +- after EHLO causes it to try HELO). If so, fail all addresses, as this host is +- never going to accept them. For other errors during setting up (timeouts or +- whatever), defer all addresses, and yield DEFER, so that the host is not +- tried again for a while. */ ++ after EHLO causes it to try HELO). If so, and there are no more hosts to try, ++ fail all addresses, as this host is never going to accept them. For other ++ errors during setting up (timeouts or whatever), defer all addresses, and ++ yield DEFER, so that the host is not tried again for a while. ++ ++ XXX This peeking for another host feels like a layering violation. We want ++ to note the host as unusable, but down here we shouldn't know if this was ++ the last host to try for the addr(list). Perhaps the upper layer should be ++ the one to do set_errno() ? The problem is that currently the addr is where ++ errno etc. are stashed, but until we run out of hosts to try the errors are ++ host-specific. Maybe we should enhance the host_item definition? */ + + FAILED: + sx->ok = FALSE; /* For when reached by GOTO */ +- +- yield = code == '5' ++ set_errno(sx->addrlist, errno, message, ++ sx->host->next ++ ? DEFER ++ : code == '5' + #ifdef SUPPORT_I18N +- || errno == ERRNO_UTF8_FWD ++ || errno == ERRNO_UTF8_FWD + #endif +- ? FAIL : DEFER; +- +- set_errno(sx->addrlist, errno, message, yield, pass_message, sx->host ++ ? FAIL : DEFER, ++ pass_message, sx->host + #ifdef EXPERIMENTAL_DSN_INFO + , sx->smtp_greeting, sx->helo_response + #endif + ); ++ yield = DEFER; + } + + diff --git a/mail-mta/exim/files/exim-submission.socket b/mail-mta/exim/files/exim-submission.socket new file mode 100644 index 000000000000..b9593e2ef7b2 --- /dev/null +++ b/mail-mta/exim/files/exim-submission.socket @@ -0,0 +1,10 @@ +[Unit] +Description=Exim Mail Transfer Agent (message submission) +Conflicts=exim.service + +[Socket] +ListenStream=587 +Accept=yes + +[Install] +WantedBy=sockets.target diff --git a/mail-mta/exim/files/exim-submission_at.service b/mail-mta/exim/files/exim-submission_at.service new file mode 100644 index 000000000000..4f90cd83dc8d --- /dev/null +++ b/mail-mta/exim/files/exim-submission_at.service @@ -0,0 +1,11 @@ +# It doesn't make sense for this to be separate from exim@.service +# However, I couldn't think of a way to have two .socket files point +# to it ([Socket] Service= is rejected if Accept=yes is set). + +[Unit] +Description=Exim Mail Daemon per-connection server (message submission) + +[Service] +ExecStart=-/usr/bin/exim -bs +StandardInput=socket +StandardError=syslog diff --git a/mail-mta/exim/files/exim.confd b/mail-mta/exim/files/exim.confd new file mode 100644 index 000000000000..1534d9dfaf08 --- /dev/null +++ b/mail-mta/exim/files/exim.confd @@ -0,0 +1,5 @@ +# Command-line options for running exim +EXIM_OPTS="-bd -q15m" + +# Additional flags passed to exim_tidydb upon start (e.g. -t 7d) +TIDY_OPTS="" diff --git a/mail-mta/exim/files/exim.logrotate b/mail-mta/exim/files/exim.logrotate new file mode 100644 index 000000000000..f54f8c479af9 --- /dev/null +++ b/mail-mta/exim/files/exim.logrotate @@ -0,0 +1,9 @@ +/var/log/exim/exim*.log { + daily + missingok + rotate 28 + compress + delaycompress + notifempty + create 640 mail mail +} diff --git a/mail-mta/exim/files/exim.rc10 b/mail-mta/exim/files/exim.rc10 new file mode 100644 index 000000000000..c44dba16ce2d --- /dev/null +++ b/mail-mta/exim/files/exim.rc10 @@ -0,0 +1,47 @@ +#!/sbin/openrc-run +# Copyright 1999-2017 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +extra_started_commands="reload" + +depend() { + need logger + use antivirus net + provide mta +} + +tidy_dbs() { + local spooldir=$(/usr/sbin/exim -C /etc/exim/${SVCNAME}.conf -bP -n spool_directory) + local db + local ret=0 + ebegin "Tidying hints databases in ${spooldir}/db" + for db in "${spooldir}"/db/* ; do + case "${db}" in + *".lockfile"|*"*") continue ;; + esac + /usr/sbin/exim_tidydb ${TIDY_OPTS} "${spooldir}" ${db##*/} > /dev/null + : $((ret += $?)) + done + eend ${ret} +} + +start() { + # if you use multiple instances, make sure you set spool_directory + # in the configfile + tidy_dbs + ebegin "Starting ${SVCNAME}" + start-stop-daemon --start --exec /usr/sbin/exim --pidfile /run/${SVCNAME}.pid -- -C /etc/exim/${SVCNAME}.conf ${EXIM_OPTS:--bd -q15m} + eend $? +} + +stop() { + ebegin "Stopping ${SVCNAME}" + start-stop-daemon --stop --pidfile /run/${SVCNAME}.pid --name exim + eend $? +} + +reload() { + ebegin "Reloading ${SVCNAME}" + start-stop-daemon --signal HUP --pidfile /run/${SVCNAME}.pid --name exim + eend $? +} diff --git a/mail-mta/exim/files/exim.service b/mail-mta/exim/files/exim.service new file mode 100644 index 000000000000..c8a61cdc4a4a --- /dev/null +++ b/mail-mta/exim/files/exim.service @@ -0,0 +1,12 @@ +[Unit] +Description=Exim Mail Transport Agent +After=network.target + +[Service] +Environment=QUEUE=15m +ExecStart=/usr/sbin/exim -bdf -q${QUEUE} +ExecReload=/bin/kill -HUP $MAINPID +PrivateTmp=true + +[Install] +WantedBy=multi-user.target diff --git a/mail-mta/exim/files/exim.socket b/mail-mta/exim/files/exim.socket new file mode 100644 index 000000000000..36d28684f18a --- /dev/null +++ b/mail-mta/exim/files/exim.socket @@ -0,0 +1,10 @@ +[Unit] +Description=Exim Mail Transfer Agent +Conflicts=exim.service + +[Socket] +ListenStream=25 +Accept=yes + +[Install] +WantedBy=sockets.target diff --git a/mail-mta/exim/files/exim_at.service b/mail-mta/exim/files/exim_at.service new file mode 100644 index 000000000000..19c07a51b063 --- /dev/null +++ b/mail-mta/exim/files/exim_at.service @@ -0,0 +1,7 @@ +[Unit] +Description=Exim Mail Daemon per-connection server + +[Service] +ExecStart=-/usr/bin/exim -bs +StandardInput=socket +StandardError=syslog |