From 4b998533b5bae4ff911d11eb2ece787fd4a9e4c8 Mon Sep 17 00:00:00 2001 From: Fabian Groffen Date: Wed, 13 May 2020 19:19:39 +0200 Subject: [PATCH] mail-mta/exim: security cleanup Bug: https://bugs.gentoo.org/722484 Package-Manager: Portage-2.3.89, Repoman-2.3.20 Signed-off-by: Fabian Groffen --- mail-mta/exim/Manifest | 2 - mail-mta/exim/exim-4.92.3.ebuild | 581 ------------------ .../files/exim-4.82-makefile-freebsd.patch | 45 -- .../files/exim-4.89-as-needed-ldflags.patch | 145 ----- .../exim-4.92-fix-eval-expansion-32bit.patch | 51 -- .../files/exim-4.92-localscan_dlopen.patch | 267 -------- 6 files changed, 1091 deletions(-) delete mode 100644 mail-mta/exim/exim-4.92.3.ebuild delete mode 100644 mail-mta/exim/files/exim-4.82-makefile-freebsd.patch delete mode 100644 mail-mta/exim/files/exim-4.89-as-needed-ldflags.patch delete mode 100644 mail-mta/exim/files/exim-4.92-fix-eval-expansion-32bit.patch delete mode 100644 mail-mta/exim/files/exim-4.92-localscan_dlopen.patch diff --git a/mail-mta/exim/Manifest b/mail-mta/exim/Manifest index e8a899771de7..e08c0096757d 100644 --- a/mail-mta/exim/Manifest +++ b/mail-mta/exim/Manifest @@ -1,5 +1,3 @@ -DIST exim-4.92.3.tar.xz 1773156 BLAKE2B 7866c23c862f5b5aadac709279f9ed376e526e90e8ca09d41c1789041ec0a3ecd48f8d2237e4d462e547efa2178babd5942d3142fef7419e16d1707fe23fa226 SHA512 ca6d6f50653502345511b683859b33aa02faa48454fb2100ff89fed3dcb8af8933e7bce68939365fdee42f96eec0c3b135cf748f4581e92a62be0f0ab093868a DIST exim-4.93.0.4.tar.xz 1804696 BLAKE2B 721336101104d9c71b3bb6f432e382c28ad17d80cdb50d04213989e65a719d906caf8eb95639bfaf7a1bfdd62c7000d9df14484953446ecfca901fd7c708514e SHA512 84951849b69399d6f187d2801760dc0cb9e61c88c7c88aaca4e07e48120199a6be94b2236d058ffeacb8d611dd84056b610d480353c301a3ad5799768dd39d96 -DIST exim-pdf-4.92.3.tar.xz 2039436 BLAKE2B 8d20e7f0ebfcb573d08b490737923afc2cd2d5837f5c91bd2f3e6b5e637d86a5d5a59123c57ba9219ead675c72bfc46351d5b705d9533fab80bedeeca8bdd580 SHA512 3245a627a924db92e5a50e842e096731d08284f757274b5083ea234707c493abd6f27a3b34a2025e3acff167260df0f4ebe68b9f5832920c5f22c258143ab43f DIST exim-pdf-4.93.0.4.tar.xz 2069744 BLAKE2B 28730134293d87b16d672df66119ff97aaf2d796cf28842bb5bf6831a0be6a186a5cce503200b9fc985aaa14386053ca83c259625949634c5a28937b285247ca SHA512 929b4198a3e8764a64478e7ff5a9c7398ad1990114206b68494b1f1f563c23405c7b440e2f21a9f777e9e3cd3a3398d6faea3b882407f731ef3a767c27fd9361 DIST system_filter.exim.gz 3075 BLAKE2B d05e872b5cef377d29126cda03fc0a74c8777b2119b76ff43da6e8de808035eb9bfcb034a85d81824f135d484e864bfc0629fc1af2c228a7277d5ee7cf9cde79 SHA512 cb358d3ce2499a0bb5920d962a06f2af8486e55ec90c8c928bd8e3aefb279aa57f5f960d5adfcef68bd94110b405eaa144e9629cfe6014a529c79c544600bbf3 diff --git a/mail-mta/exim/exim-4.92.3.ebuild b/mail-mta/exim/exim-4.92.3.ebuild deleted file mode 100644 index 03bdaab227c0..000000000000 --- a/mail-mta/exim/exim-4.92.3.ebuild +++ /dev/null @@ -1,581 +0,0 @@ -# Copyright 1999-2020 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI="7" - -inherit db-use toolchain-funcs multilib pam systemd - -IUSE="arc dane dcc +dkim dlfunc dmarc +dnsdb doc dovecot-sasl dsn elibc_glibc exiscan-acl gnutls idn ipv6 ldap libressl lmtp maildir mbx mysql nis pam perl pkcs11 postgres +prdr proxy radius redis sasl selinux spf sqlite srs ssl syslog tcpd +tpda X" -REQUIRED_USE=" - arc? ( dkim spf ) - dane? ( ssl !gnutls ) - dmarc? ( dkim spf ) - gnutls? ( ssl ) - pkcs11? ( ssl ) - spf? ( exiscan-acl ) - srs? ( exiscan-acl ) - !ssl? ( !dkim ) -" -# NOTE on USE="gnutls dane", gnutls[dane] is masked in base, unmasked -# for x86 and amd64 only, due to this, repoman won't allow depending on -# gnutls[dane] for all else. Because we cannot express USE=dane when -# USE=gnutls is in effect only in package.use.mask, the only option we -# have left is to a) ignore the dependency (but that results in bug -# #661164) or b) mask the usage of USE=dane with USE=gnutls. Both are -# incorrect, but b) is the only "correct" view from repoman. - -COMM_URI="https://downloads.exim.org/exim4$([[ ${PV} == *_rc* ]] && echo /test)" - -DESCRIPTION="A highly configurable, drop-in replacement for sendmail" -SRC_URI="${COMM_URI}/${P//rc/RC}.tar.xz - mirror://gentoo/system_filter.exim.gz - doc? ( ${COMM_URI}/${PN}-pdf-${PV//rc/RC}.tar.xz )" -HOMEPAGE="https://www.exim.org/" - -SLOT="0" -LICENSE="GPL-2" -KEYWORDS="~alpha amd64 arm ~hppa ~ia64 ppc ppc64 sparc x86 ~x86-solaris" - -COMMON_DEPEND=">=sys-apps/sed-4.0.5 - ( >=sys-libs/db-3.2:= =net-nds/openldap-2.0.7 ) - nis? ( - elibc_glibc? ( - net-libs/libtirpc - >=net-libs/libnsl-1:= - ) - ) - mysql? ( dev-db/mysql-connector-c:= ) - postgres? ( dev-db/postgresql:= ) - sasl? ( >=dev-libs/cyrus-sasl-2.1.26-r2 ) - redis? ( dev-libs/hiredis ) - spf? ( >=mail-filter/libspf2-1.2.5-r1 ) - dmarc? ( mail-filter/opendmarc ) - srs? ( mail-filter/libsrs_alt ) - X? ( - x11-libs/libX11 - x11-libs/libXmu - x11-libs/libXt - x11-libs/libXaw - ) - sqlite? ( dev-db/sqlite ) - radius? ( net-dialup/freeradius-client ) - virtual/libiconv - elibc_glibc? ( net-libs/libnsl ) - " - # added X check for #57206 -BDEPEND="virtual/pkgconfig" -DEPEND="${COMMON_DEPEND}" -RDEPEND="${COMMON_DEPEND} - !mail-mta/courier - !mail-mta/esmtp - !mail-mta/mini-qmail - !=mail-mta/msmtp-1.4.19-r1[mta] - !mail-mta/netqmail - !mail-mta/nullmailer - !mail-mta/postfix - !mail-mta/qmail-ldap - !mail-mta/sendmail - !mail-mta/opensmtpd - !=mail-mta/ssmtp-2.64-r2[mta] - !net-mail/mailwrapper - >=net-mail/mailbase-0.00-r5 - virtual/logger - dcc? ( mail-filter/dcc ) - selinux? ( sec-policy/selinux-exim ) - " - -PATCHES=( - "${FILESDIR}"/exim-4.69-r1.27021.patch - "${FILESDIR}"/exim-4.92-localscan_dlopen.patch -) - -S=${WORKDIR}/${P//rc/RC} - -src_prepare() { - # Legacy patches which need a respin for -p1 - eapply -p0 "${FILESDIR}"/exim-4.14-tail.patch - eapply -p0 "${FILESDIR}"/exim-4.74-radius-db-ENV-clash.patch # 287426 - eapply -p0 "${FILESDIR}"/exim-4.82-makefile-freebsd.patch # 235785 - eapply -p0 "${FILESDIR}"/exim-4.89-as-needed-ldflags.patch # 352265, 391279 - eapply -p0 "${FILESDIR}"/exim-4.76-crosscompile.patch # 266591 - eapply -p2 "${FILESDIR}"/exim-4.92-fix-eval-expansion-32bit.patch #687554 - - if use maildir ; then - eapply "${FILESDIR}"/exim-4.20-maildir.patch - else - eapply -p0 "${FILESDIR}"/exim-4.80-spool-mail-group.patch # 438606 - fi - - default - - # user Exim believes it should be - MAILUSER=mail - MAILGROUP=mail - if use prefix && [[ ${EUID} != 0 ]] ; then - MAILUSER=$(id -un) - MAILGROUP=$(id -gn) - fi -} - -src_configure() { - # general config and paths - - local aliases="${EPREFIX}/etc/mail/aliases" - sed -i \ - -e "/SYSTEM_ALIASES_FILE/s'SYSTEM_ALIASES_FILE'${aliases}'" \ - src/configure.default || die - - sed -i -e 's/^buildname=.*/buildname=exim-gentoo/' Makefile || die - - if use elibc_musl; then - sed -i -e 's/^LIBS = -lnsl/LIBS =/g' OS/Makefile-Linux || die - fi - - local conffile="${EPREFIX}/etc/exim/exim.conf" - sed -e "48i\CFLAGS=${CFLAGS}" \ - -e "s:BIN_DIRECTORY=/usr/exim/bin:BIN_DIRECTORY=${EPREFIX}/usr/sbin:" \ - -e "s:EXIM_USER=:EXIM_USER=${MAILUSER}:" \ - -e "s:CONFIGURE_FILE=.*$:CONFIGURE_FILE=${conffile}:" \ - -e "s:ZCAT_COMMAND=.*$:ZCAT_COMMAND=${EPREFIX}/bin/zcat:" \ - -e "s:COMPRESS_COMMAND=.*$:COMPRESS_COMMAND=${EPREFIX}/bin/gzip:" \ - src/EDITME > Local/Makefile || die - - # work on Local/Makefile from now on - cd Local - - cat >> Makefile <<- EOC - INFO_DIRECTORY=${EPREFIX}/usr/share/info - PID_FILE_PATH=${EPREFIX}/run/exim.pid - SPOOL_DIRECTORY=${EPREFIX}/var/spool/exim - HAVE_ICONV=yes - EOC - - # if we use libiconv, now is the time to tell so - use !elibc_glibc && use !elibc_musl && \ - echo "EXTRALIBS_EXIM=-liconv" >> Makefile - - # support for IPv6 - if use ipv6; then - cat >> Makefile <<- EOC - HAVE_IPV6=YES - EOC - fi - - # support i18n/IDNA - if use idn; then - cat >> Makefile <<- EOC - SUPPORT_I18N=yes - SUPPORT_I18N_2008=yes - EXTRALIBS_EXIM += -lidn -lidn2 - EOC - fi - - # - # mail storage formats - # - - # mailstore is Exim's traditional storage format - cat >> Makefile <<- EOC - SUPPORT_MAILSTORE=yes - EOC - - # mbox - if use mbx; then - cat >> Makefile <<- EOC - SUPPORT_MBX=yes - EOC - fi - - # maildir - if use maildir; then - cat >> Makefile <<- EOC - SUPPORT_MAILDIR=yes - EOC - fi - - # - # lookup methods - - # use the "native" interfaces to the DBM and CDB libraries, support - # passwd and directory lookups by default - local DB_VERS="5.3 5.1 4.8 4.7 4.6 4.5 4.4 4.3 4.2 3.2" - cat >> Makefile <<- EOC - USE_DB=yes - CFLAGS+=-I$(db_includedir ${DB_VERS}) - DBMLIB=-l$(db_libname ${DB_VERS}) - LOOKUP_CDB=yes - LOOKUP_PASSWD=yes - LOOKUP_DSEARCH=yes - EOC - - if ! use dnsdb; then - # DNSDB lookup is enabled by default - sed -i -e 's:^LOOKUP_DNSDB=yes:# LOOKUP_DNSDB=yes:' Makefile || die - fi - - if use ldap; then - cat >> Makefile <<- EOC - LOOKUP_LDAP=yes - LDAP_LIB_TYPE=OPENLDAP2 - LOOKUP_INCLUDE += -I"${EPREFIX}"/usr/include/ldap - LOOKUP_LIBS += -lldap -llber - EOC - fi - - if use mysql; then - cat >> Makefile <<- EOC - LOOKUP_MYSQL=yes - LOOKUP_INCLUDE += $(mysql_config --include) - LOOKUP_LIBS += $(mysql_config --libs) - EOC - fi - - if use nis; then - cat >> Makefile <<- EOC - LOOKUP_NIS=yes - LOOKUP_NISPLUS=yes - EOC - if use elibc_glibc ; then - cat >> Makefile <<- EOC - CFLAGS += -I"${EPREFIX}"/usr/include/tirpc - EOC - fi - fi - - if use postgres; then - cat >> Makefile <<- EOC - LOOKUP_PGSQL=yes - LOOKUP_INCLUDE += -I$(pg_config --includedir) - LOOKUP_LIBS += -L$(pg_config --libdir) -lpq - EOC - fi - - if use sqlite; then - cat >> Makefile <<- EOC - LOOKUP_SQLITE=yes - LOOKUP_SQLITE_PC=sqlite3 - EOC - fi - - if use redis; then - cat >> Makefile <<- EOC - LOOKUP_REDIS=yes - LOOKUP_LIBS += -lhiredis - EOC - fi - - # Exim monitor, enabled by default, controlled via X USE-flag, - # disable if not requested, bug #46778 - if use X; then - cp ../exim_monitor/EDITME eximon.conf || die - else - sed -i -e '/^EXIM_MONITOR=/s/^/# /' Makefile || die - fi - - # - # features - # - - # content scanning support - if use exiscan-acl; then - cat >> Makefile <<- EOC - WITH_CONTENT_SCAN=yes - EOC - fi - - # DomainKeys Identified Mail, RFC4871 - if ! use dkim; then - # DKIM is enabled by default - cat >> Makefile <<- EOC - DISABLE_DKIM=yes - EOC - fi - - # Per-Recipient-Data-Response - if ! use prdr; then - # PRDR is enabled by default - cat >> Makefile <<- EOC - DISABLE_PRDR=yes - EOC - fi - - # Transport post-delivery actions - if use !tpda && use !dane; then - # EVENT is enabled by default - cat >> Makefile <<- EOC - DISABLE_EVENT=yes - EOC - fi - - # log to syslog - if use syslog; then - local eximlog="${EPREFIX}/var/log/exim/exim_%s.log" - sed -i \ - -e "s:LOG_FILE_PATH=${eximlog}:LOG_FILE_PATH=syslog:" \ - Makefile || die - cat >> Makefile <<- EOC - LOG_FILE_PATH=syslog - EOC - else - cat >> Makefile <<- EOC - LOG_FILE_PATH=${EPREFIX}/var/log/exim/exim_%s.log - EOC - fi - - # starttls support (ssl) - if use ssl; then - echo "SUPPORT_TLS=yes" >> Makefile - if use gnutls; then - echo "USE_GNUTLS=yes" >> Makefile - echo "USE_GNUTLS_PC=gnutls" >> Makefile - use pkcs11 || echo "AVOID_GNUTLS_PKCS11=yes" >> Makefile - else - echo "USE_OPENSSL_PC=openssl" >> Makefile - fi - fi - - # TCP wrappers - if use tcpd; then - cat >> Makefile <<- EOC - USE_TCP_WRAPPERS=yes - EXTRALIBS_EXIM += -lwrap - EOC - fi - - # Light Mail Transport Protocol - if use lmtp; then - cat >> Makefile <<- EOC - TRANSPORT_LMTP=yes - EOC - fi - - # embedded Perl - if use perl; then - cat >> Makefile <<- EOC - EXIM_PERL=perl.o - EOC - fi - - # dlfunc - if use dlfunc; then - cat >> Makefile <<- EOC - EXPAND_DLFUNC=yes - HAVE_LOCAL_SCAN=yes - DLOPEN_LOCAL_SCAN=yes - EOC - fi - - # Proxy Protocol - if use proxy; then - cat >> Makefile <<- EOC - SUPPORT_PROXY=yes - EOC - fi - - # DANE - if use dane; then - cat >> Makefile <<- EOC - SUPPORT_DANE=yes - EOC - fi - - # Sender Policy Framework - if use spf; then - cat >> Makefile <<- EOC - SUPPORT_SPF=yes - EXTRALIBS_EXIM += -lspf2 - EOC - fi - - # - # experimental features - # - - # Authenticated Receive Chain - if use arc; then - echo "EXPERIMENTAL_ARC=yes">> Makefile - fi - - # Distributed Checksum Clearinghouse - if use dcc; then - echo "EXPERIMENTAL_DCC=yes">> Makefile - fi - - # Sender Rewriting Scheme - if use srs; then - cat >> Makefile <<- EOC - EXPERIMENTAL_SRS=yes - EXTRALIBS_EXIM += -lsrs_alt - EOC - fi - - # DMARC - if use dmarc; then - cat >> Makefile <<- EOC - EXPERIMENTAL_DMARC=yes - EXTRALIBS_EXIM += -lopendmarc - EOC - fi - - # Delivery Sender Notifications extra information in fail message - if use dsn; then - cat >> Makefile <<- EOC - EXPERIMENTAL_DSN_INFO=yes - EOC - fi - - # - # authentication (SMTP AUTH) - # - - # standard bits - cat >> Makefile <<- EOC - AUTH_SPA=yes - AUTH_CRAM_MD5=yes - AUTH_PLAINTEXT=yes - EOC - - # Cyrus SASL - if use sasl; then - cat >> Makefile <<- EOC - CYRUS_SASLAUTHD_SOCKET=${EPREFIX}/run/saslauthd/mux - AUTH_CYRUS_SASL=yes - AUTH_LIBS += -lsasl2 - EOC - fi - - # Dovecot - if use dovecot-sasl; then - cat >> Makefile <<- EOC - AUTH_DOVECOT=yes - EOC - fi - - # Pluggable Authentication Modules - if use pam; then - cat >> Makefile <<- EOC - SUPPORT_PAM=yes - AUTH_LIBS += -lpam - EOC - fi - - # Radius - if use radius; then - cat >> Makefile <<- EOC - RADIUS_CONFIG_FILE=${EPREFIX}/etc/radiusclient/radiusclient.conf - RADIUS_LIB_TYPE=RADIUSCLIENTNEW - AUTH_LIBS += -lfreeradius-client - EOC - fi -} - -src_compile() { - emake CC="$(tc-getCC)" HOSTCC="$(tc-getBUILD_CC)" \ - AR="$(tc-getAR) cq" RANLIB="$(tc-getRANLIB)" FULLECHO='' -} - -src_install() { - cd "${S}"/build-exim-gentoo || die - dosbin exim - if use X; then - dosbin eximon.bin - dosbin eximon - fi - fperms 4755 /usr/sbin/exim - - dosym exim /usr/sbin/sendmail - dosym exim /usr/sbin/rsmtp - dosym exim /usr/sbin/rmail - dosym ../sbin/exim /usr/bin/mailq - dosym ../sbin/exim /usr/bin/newaliases - dosym ../sbin/sendmail /usr/lib/sendmail - - for i in exicyclog exim_dbmbuild exim_dumpdb exim_fixdb exim_lock \ - exim_tidydb exinext exiwhat exigrep eximstats exiqsumm exiqgrep \ - convert4r3 convert4r4 exipick - do - dosbin $i - done - - dodoc -r "${S}"/doc/. - doman "${S}"/doc/exim.8 - use dsn && dodoc "${S}"/README.DSN - use doc && dodoc "${WORKDIR}"/${PN}-pdf-${PV//rc/RC}/doc/*.pdf - - # conf files - insinto /etc/exim - newins "${S}"/src/configure.default exim.conf.dist - if use exiscan-acl; then - newins "${S}"/src/configure.default exim.conf.exiscan-acl - fi - doins "${WORKDIR}"/system_filter.exim - doins "${FILESDIR}"/auth_conf.sub - - pamd_mimic system-auth exim auth account - - # headers, #436406 - if use dlfunc ; then - # fixup includes so they actually can be found when including - sed -i \ - -e '/#include "\(config\|store\|mytypes\).h"/s:"\(.\+\)"::' \ - local_scan.h || die - insinto /usr/include/exim - doins {config,local_scan}.h ../src/{mytypes,store}.h - fi - - insinto /etc/logrotate.d - newins "${FILESDIR}/exim.logrotate" exim - - newinitd "${FILESDIR}"/exim.rc10 exim - newconfd "${FILESDIR}"/exim.confd exim - - systemd_dounit \ - "${FILESDIR}"/{exim.service,exim.socket,exim-submission.socket} - systemd_newunit \ - "${FILESDIR}"/exim_at.service 'exim@.service' - systemd_newunit \ - "${FILESDIR}"/exim-submission_at.service 'exim-submission@.service' - - diropts -m 0750 -o ${MAILUSER} -g ${MAILGROUP} - keepdir /var/log/${PN} -} - -pkg_postinst() { - if [[ ! -f ${EROOT}/etc/exim/exim.conf ]] ; then - einfo "${EROOT}/etc/exim/system_filter.exim is a sample system_filter." - einfo "${EROOT}/etc/exim/auth_conf.sub contains the configuration sub" - einfo "for using smtp auth." - einfo "Please create ${EROOT}/etc/exim/exim.conf from" - einfo " ${EROOT}/etc/exim/exim.conf.dist." - fi - if use dcc ; then - einfo "DCC support is experimental, you can find some limited" - einfo "documentation at the bottom of this prerelease message:" - einfo "http://article.gmane.org/gmane.mail.exim.devel/3579" - fi - use srs && einfo "SRS support is experimental" - if use dmarc ; then - einfo "DMARC support is experimental. See global settings to" - einfo "configure DMARC, for usage see the documentation at " - einfo "experimental-spec.txt." - fi - use dsn && einfo "extra information in fail DSN message is experimental" - elog "The obsolete acl condition 'demime' is removed, the replacements" - elog "are the ACLs acl_smtp_mime and acl_not_smtp_mime" -} diff --git a/mail-mta/exim/files/exim-4.82-makefile-freebsd.patch b/mail-mta/exim/files/exim-4.82-makefile-freebsd.patch deleted file mode 100644 index 9693d4945ad9..000000000000 --- a/mail-mta/exim/files/exim-4.82-makefile-freebsd.patch +++ /dev/null @@ -1,45 +0,0 @@ ---- OS/Makefile-FreeBSD.orig 2013-09-30 19:59:09.000000000 +0200 -+++ OS/Makefile-FreeBSD 2013-09-30 20:01:22.000000000 +0200 -@@ -1,10 +1,8 @@ --# Exim: OS-specific make file for FreeBSD --# There's no setting of CFLAGS here, to allow the system default --# for "make" to be the default. -- --CHOWN_COMMAND=/usr/sbin/chown --STRIP_COMMAND=/usr/bin/strip --CHMOD_COMMAND=/bin/chmod -+# Exim: OS-specific FreeBSD make file, modified for Gentoo Prefix -+ -+CHOWN_COMMAND=look_for_it -+STRIP_COMMAND= -+CHMOD_COMMAND=look_for_it - - HAVE_SA_LEN=YES - -@@ -15,17 +13,9 @@ - CFLAGS_DYNAMIC=-shared -rdynamic -fPIC - - # FreeBSD always ships with Berkeley DB -+DBMLIB = -ldb - USE_DB=yes - --# This code for building outside ports suggested by Richard Clayton --.ifdef X11BASE --X11=${X11BASE} --.elifdef LOCALBASE --X11=$(LOCALBASE) --.else --X11=/usr/local --.endif -- - # nb: FreeBSD is entirely elf; objformat was removed prior to FreeBSD 7 - # http://www.freebsd.org/cgi/cvsweb.cgi/src/usr.bin/objformat/Attic/objformat.c - # deleted Jan 2007. -@@ -37,6 +27,7 @@ - # switch to default to ELF came with FreeBSD 3. elf(5) claims ELF support - # introduced in FreeBSD 2.2.6. - # -+X11=/usr/X11R6 - XINCLUDE=-I$(X11)/include - XLFLAGS=-L$(X11)/lib -Wl,-rpath,${X11}/lib - X11_LD_LIB=$(X11)/lib diff --git a/mail-mta/exim/files/exim-4.89-as-needed-ldflags.patch b/mail-mta/exim/files/exim-4.89-as-needed-ldflags.patch deleted file mode 100644 index 49e430939fcd..000000000000 --- a/mail-mta/exim/files/exim-4.89-as-needed-ldflags.patch +++ /dev/null @@ -1,145 +0,0 @@ -https://bugs.gentoo.org/show_bug.cgi?id=352265 - -Make sure LDFLAGS comes first, such that all libraries are considered, -and not discarded when --as-needed is in effect. - -https://bugs.gentoo.org/show_bug.cgi?id=391279 - -Use LDFLAGS for all targets, not just the exim binary, such that ---as-needed works as well. - - ---- OS/Makefile-Base -+++ OS/Makefile-Base -@@ -346,12 +346,12 @@ - buildrouters buildtransports \ - $(OBJ_EXIM) version.o - @echo "$(LNCC) -o exim" -- $(FE)$(PURIFY) $(LNCC) -o exim $(LFLAGS) $(OBJ_EXIM) version.o \ -+ $(FE)$(PURIFY) $(LNCC) -o exim $(LDFLAGS) $(OBJ_EXIM) version.o \ - routers/routers.a transports/transports.a lookups/lookups.a \ - auths/auths.a pdkim/pdkim.a \ - $(LIBRESOLV) $(LIBS) $(LIBS_EXIM) $(IPV6_LIBS) $(EXTRALIBS) \ - $(EXTRALIBS_EXIM) $(DBMLIB) $(LOOKUP_LIBS) $(AUTH_LIBS) \ -- $(PERL_LIBS) $(TLS_LIBS) $(PCRE_LIBS) $(LDFLAGS) -+ $(PERL_LIBS) $(TLS_LIBS) $(PCRE_LIBS) $(LFLAGS) - @if [ x"$(STRIP_COMMAND)" != x"" ]; then \ - echo $(STRIP_COMMAND) exim; \ - $(STRIP_COMMAND) exim; \ -@@ -367,8 +367,8 @@ - - exim_dumpdb: $(OBJ_DUMPDB) - @echo "$(LNCC) -o exim_dumpdb" -- $(FE)$(LNCC) $(CFLAGS) $(INCLUDE) -o exim_dumpdb $(LFLAGS) $(OBJ_DUMPDB) \ -- $(LIBS) $(EXTRALIBS) $(DBMLIB) -+ $(FE)$(LNCC) $(CFLAGS) $(INCLUDE) -o exim_dumpdb $(LDFLAGS) $(OBJ_DUMPDB) \ -+ $(LIBS) $(EXTRALIBS) $(DBMLIB) $(LFLAGS) - @if [ x"$(STRIP_COMMAND)" != x"" ]; then \ - echo $(STRIP_COMMAND) exim_dumpdb; \ - $(STRIP_COMMAND) exim_dumpdb; \ -@@ -382,8 +382,8 @@ - - exim_fixdb: $(OBJ_FIXDB) buildauths - @echo "$(LNCC) -o exim_fixdb" -- $(FE)$(LNCC) $(CFLAGS) $(INCLUDE) -o exim_fixdb $(LFLAGS) $(OBJ_FIXDB) \ -- auths/auths.a $(LIBS) $(EXTRALIBS) $(DBMLIB) -+ $(FE)$(LNCC) $(CFLAGS) $(INCLUDE) -o exim_fixdb $(LDFLAGS) $(OBJ_FIXDB) \ -+ auths/auths.a $(LIBS) $(EXTRALIBS) $(DBMLIB) $(LFLAGS) - @if [ x"$(STRIP_COMMAND)" != x"" ]; then \ - echo $(STRIP_COMMAND) exim_fixdb; \ - $(STRIP_COMMAND) exim_fixdb; \ -@@ -397,8 +397,8 @@ - - exim_tidydb: $(OBJ_TIDYDB) - @echo "$(LNCC) -o exim_tidydb" -- $(FE)$(LNCC) $(CFLAGS) $(INCLUDE) -o exim_tidydb $(LFLAGS) $(OBJ_TIDYDB) \ -- $(LIBS) $(EXTRALIBS) $(DBMLIB) -+ $(FE)$(LNCC) $(CFLAGS) $(INCLUDE) -o exim_tidydb $(LDFLAGS) $(OBJ_TIDYDB) \ -+ $(LIBS) $(EXTRALIBS) $(DBMLIB) $(LFLAGS) - @if [ x"$(STRIP_COMMAND)" != x"" ]; then \ - echo $(STRIP_COMMAND) exim_tidydb; \ - $(STRIP_COMMAND) exim_tidydb; \ -@@ -410,8 +410,8 @@ - - exim_dbmbuild: exim_dbmbuild.o - @echo "$(LNCC) -o exim_dbmbuild" -- $(FE)$(LNCC) $(CFLAGS) $(INCLUDE) -o exim_dbmbuild $(LFLAGS) exim_dbmbuild.o \ -- $(LIBS) $(EXTRALIBS) $(DBMLIB) -+ $(FE)$(LNCC) $(CFLAGS) $(INCLUDE) -o exim_dbmbuild $(LDFLAGS) exim_dbmbuild.o \ -+ $(LIBS) $(EXTRALIBS) $(DBMLIB) $(LFLAGS) - @if [ x"$(STRIP_COMMAND)" != x"" ]; then \ - echo $(STRIP_COMMAND) exim_dbmbuild; \ - $(STRIP_COMMAND) exim_dbmbuild; \ -@@ -425,8 +425,8 @@ - @echo "$(CC) exim_lock.c" - $(FE)$(CC) -c $(CFLAGS) $(INCLUDE) exim_lock.c - @echo "$(LNCC) -o exim_lock" -- $(FE)$(LNCC) -o exim_lock $(LFLAGS) exim_lock.o \ -- $(LIBS) $(EXTRALIBS) -+ $(FE)$(LNCC) -o exim_lock $(LDFLAGS) exim_lock.o \ -+ $(LIBS) $(EXTRALIBS) $(LFLAGS) - @if [ x"$(STRIP_COMMAND)" != x"" ]; then \ - echo $(STRIP_COMMAND) exim_lock; \ - $(STRIP_COMMAND) exim_lock; \ -@@ -462,9 +462,9 @@ - $(FE)$(CC) -o em_version.o -c \ - $(CFLAGS) $(XINCLUDE) -I. ../exim_monitor/em_version.c - @echo "$(LNCC) -o eximon.bin" -- $(FE)$(PURIFY) $(LNCC) -o eximon.bin em_version.o $(LFLAGS) $(XLFLAGS) \ -+ $(FE)$(PURIFY) $(LNCC) -o eximon.bin em_version.o $(LDFLAGS) $(XLFLAGS) \ - $(OBJ_MONBIN) -lXaw -lXmu -lXt -lXext -lX11 $(PCRE_LIBS) \ -- $(LIBS) $(LIBS_EXIMON) $(EXTRALIBS) $(EXTRALIBS_EXIMON) -lc -+ $(LIBS) $(LIBS_EXIMON) $(EXTRALIBS) $(EXTRALIBS_EXIMON) -lc $(LFLAGS) - @if [ x"$(STRIP_COMMAND)" != x"" ]; then \ - echo $(STRIP_COMMAND) eximon.bin; \ - $(STRIP_COMMAND) eximon.bin; \ -@@ -780,9 +780,9 @@ - string.o tod.o version.o utf8.o - $(CC) -c $(CFLAGS) $(INCLUDE) -DSTAND_ALONE dbfn.c - $(CC) -c $(CFLAGS) $(INCLUDE) -DCOMPILE_UTILITY store.c -- $(LNCC) -o test_dbfn $(LFLAGS) dbfn.o \ -+ $(LNCC) -o test_dbfn $(LDFLAGS) dbfn.o \ - dummies.o sa-globals.o sa-os.o store.o string.o \ -- tod.o version.o utf8.o $(LIBS) $(DBMLIB) $(LDFLAGS) -+ tod.o version.o utf8.o $(LIBS) $(DBMLIB) $(LFLAGS) - rm -f dbfn.o store.o - - test_host: config.h child.c host.c dns.c dummies.c sa-globals.o os.o \ -@@ -790,29 +790,29 @@ - $(CC) -c $(CFLAGS) $(INCLUDE) -DSTAND_ALONE -DTEST_HOST host.c - $(CC) -c $(CFLAGS) $(INCLUDE) -DSTAND_ALONE -DTEST_HOST dns.c - $(CC) -c $(CFLAGS) $(INCLUDE) -DSTAND_ALONE -DTEST_HOST dummies.c -- $(LNCC) -o test_host $(LFLAGS) \ -+ $(LNCC) -o test_host $(LDFLAGS) \ - host.o child.o dns.o dummies.o sa-globals.o os.o store.o string.o \ -- tod.o tree.o $(LIBS) $(LIBRESOLV) -+ tod.o tree.o $(LIBS) $(LIBRESOLV) $(LFLAGS) - rm -f child.o dummies.o host.o dns.o - - test_os: os.h os.c dummies.o sa-globals.o store.o string.o tod.o utf8.o - $(CC) -c $(CFLAGS) $(INCLUDE) -DSTAND_ALONE os.c -- $(LNCC) -o test_os $(LFLAGS) os.o dummies.o \ -- sa-globals.o store.o string.o tod.o utf8.o $(LIBS) $(LDFLAGS) -+ $(LNCC) -o test_os $(LDFLAGS) os.o dummies.o \ -+ sa-globals.o store.o string.o tod.o utf8.o $(LIBS) $(LFLAGS) - rm -f os.o - - test_parse: config.h parse.c dummies.o sa-globals.o \ - store.o string.o tod.o version.o utf8.o - $(CC) -c $(CFLAGS) $(INCLUDE) -DSTAND_ALONE parse.c -- $(LNCC) -o test_parse $(LFLAGS) parse.o \ -+ $(LNCC) -o test_parse $(LDFLAGS) parse.o \ - dummies.o sa-globals.o store.o string.o tod.o version.o \ -- utf8.o $(LDFLAGS) -+ utf8.o $(LFLAGS) - rm -f parse.o - - test_string: config.h string.c dummies.o sa-globals.o store.o tod.o utf8.o - $(CC) -c $(CFLAGS) $(INCLUDE) -DSTAND_ALONE string.c -- $(LNCC) -o test_string $(LFLAGS) -DSTAND_ALONE string.o \ -- dummies.o sa-globals.o store.o tod.o utf8.o $(LIBS) $(LDFLAGS) -+ $(LNCC) -o test_string $(LDFLAGS) -DSTAND_ALONE string.o \ -+ dummies.o sa-globals.o store.o tod.o utf8.o $(LIBS) $(LFLAGS) - rm -f string.o - - # End diff --git a/mail-mta/exim/files/exim-4.92-fix-eval-expansion-32bit.patch b/mail-mta/exim/files/exim-4.92-fix-eval-expansion-32bit.patch deleted file mode 100644 index 17d7d21113de..000000000000 --- a/mail-mta/exim/files/exim-4.92-fix-eval-expansion-32bit.patch +++ /dev/null @@ -1,51 +0,0 @@ -Extract from complete patch from -https://git.exim.org/exim.git/patch/26dd3aa007b3b77969610c031f59388e0953bd00 -to only take the buildconfig.c change because the git directory -structure is different from a release tarball causing this patch to fail -otherwise. - -From 26dd3aa007b3b77969610c031f59388e0953bd00 Mon Sep 17 00:00:00 2001 -From: Jeremy Harris -Date: Fri, 7 Jun 2019 11:54:10 +0100 -Subject: [PATCH] Fix detection of 32b platform at build time. Bug 2405 - ---- - src/src/buildconfig.c | 12 +++++--- - test/scripts/0000-Basic/0002 | 72 +++++++++++++++++++++++--------------------- - test/stdout/0002 | 72 +++++++++++++++++++++++--------------------- - 3 files changed, 83 insertions(+), 73 deletions(-) - -diff --git a/src/src/buildconfig.c b/src/src/buildconfig.c -index 71cf97b..a680b34 100644 ---- a/src/src/buildconfig.c -+++ b/src/src/buildconfig.c -@@ -111,6 +111,7 @@ unsigned long test_ulong_t = 0L; - unsigned int test_uint_t = 0; - #endif - long test_long_t = 0; -+long long test_longlong_t = 0; - int test_int_t = 0; - FILE *base; - FILE *new; -@@ -155,15 +156,16 @@ This assumption is known to be OK for the common operating systems. */ - - fprintf(new, "#ifndef OFF_T_FMT\n"); - if (sizeof(test_off_t) > sizeof(test_long_t)) -- { - fprintf(new, "# define OFF_T_FMT \"%%lld\"\n"); -- fprintf(new, "# define LONGLONG_T long long int\n"); -- } - else -- { - fprintf(new, "# define OFF_T_FMT \"%%ld\"\n"); -+fprintf(new, "#endif\n\n"); -+ -+fprintf(new, "#ifndef LONGLONG_T\n"); -+if (sizeof(test_longlong_t) > sizeof(test_long_t)) -+ fprintf(new, "# define LONGLONG_T long long int\n"); -+else - fprintf(new, "# define LONGLONG_T long int\n"); -- } - fprintf(new, "#endif\n\n"); - - /* Now do the same thing for time_t variables. If the length is greater than diff --git a/mail-mta/exim/files/exim-4.92-localscan_dlopen.patch b/mail-mta/exim/files/exim-4.92-localscan_dlopen.patch deleted file mode 100644 index 57363e56d50e..000000000000 --- a/mail-mta/exim/files/exim-4.92-localscan_dlopen.patch +++ /dev/null @@ -1,267 +0,0 @@ -diff -ur exim-4.92.orig/src/config.h.defaults exim-4.92/src/config.h.defaults ---- exim-4.92.orig/src/config.h.defaults 2019-01-30 14:59:52.000000000 +0100 -+++ exim-4.92/src/config.h.defaults 2019-02-16 18:17:24.547216157 +0100 -@@ -32,6 +32,8 @@ - - #define AUTH_VARS 3 - -+#define DLOPEN_LOCAL_SCAN -+ - #define BIN_DIRECTORY - - #define CONFIGURE_FILE -Only in exim-4.92/src: config.h.defaults.orig -diff -ur exim-4.92.orig/src/EDITME exim-4.92/src/EDITME ---- exim-4.92.orig/src/EDITME 2019-01-30 14:59:52.000000000 +0100 -+++ exim-4.92/src/EDITME 2019-02-16 18:17:24.547216157 +0100 -@@ -824,6 +824,24 @@ - - - #------------------------------------------------------------------------------ -+# On systems which support dynamic loading of shared libraries, Exim can -+# load a local_scan function specified in its config file instead of having -+# to be recompiled with the desired local_scan function. For a full -+# description of the API to this function, see the Exim specification. -+ -+#DLOPEN_LOCAL_SCAN=yes -+ -+# If you set DLOPEN_LOCAL_SCAN, then you need to include -rdynamic in the -+# linker flags. Without it, the loaded .so won't be able to access any -+# functions from exim. -+ -+LFLAGS = -rdynamic -+ifeq ($(OSTYPE),Linux) -+LFLAGS += -ldl -+endif -+ -+ -+#------------------------------------------------------------------------------ - # The default distribution of Exim contains only the plain text form of the - # documentation. Other forms are available separately. If you want to install - # the documentation in "info" format, first fetch the Texinfo documentation -Only in exim-4.92/src: EDITME.orig -diff -ur exim-4.92.orig/src/globals.c exim-4.92/src/globals.c ---- exim-4.92.orig/src/globals.c 2019-01-30 14:59:52.000000000 +0100 -+++ exim-4.92/src/globals.c 2019-02-16 18:17:24.549216150 +0100 -@@ -41,6 +41,10 @@ - - uschar *no_aliases = NULL; - -+#ifdef DLOPEN_LOCAL_SCAN -+uschar *local_scan_path = NULL; -+#endif -+ - - /* For comments on these variables, see globals.h. I'm too idle to - duplicate them here... */ -Only in exim-4.92/src: globals.c.orig -diff -ur exim-4.92.orig/src/globals.h exim-4.92/src/globals.h ---- exim-4.92.orig/src/globals.h 2019-01-30 14:59:52.000000000 +0100 -+++ exim-4.92/src/globals.h 2019-02-16 18:17:24.549216150 +0100 -@@ -152,6 +152,9 @@ - extern int (*receive_ferror)(void); - extern BOOL (*receive_smtp_buffered)(void); - -+#ifdef DLOPEN_LOCAL_SCAN -+extern uschar *local_scan_path; /* Path to local_scan() library */ -+#endif - - /* For clearing, saving, restoring address expansion variables. We have to have - the size of this vector set explicitly, because it is referenced from more than -Only in exim-4.92/src: globals.h.orig -diff -ur exim-4.92.orig/src/local_scan.c exim-4.92/src/local_scan.c ---- exim-4.92.orig/src/local_scan.c 2019-01-30 14:59:52.000000000 +0100 -+++ exim-4.92/src/local_scan.c 2019-02-16 18:29:56.832732592 +0100 -@@ -5,61 +5,131 @@ - /* Copyright (c) University of Cambridge 1995 - 2009 */ - /* See the file NOTICE for conditions of use and distribution. */ - -+#include "exim.h" - --/****************************************************************************** --This file contains a template local_scan() function that just returns ACCEPT. --If you want to implement your own version, you should copy this file to, say --Local/local_scan.c, and edit the copy. To use your version instead of the --default, you must set -- --HAVE_LOCAL_SCAN=yes --LOCAL_SCAN_SOURCE=Local/local_scan.c -- --in your Local/Makefile. This makes it easy to copy your version for use with --subsequent Exim releases. -- --For a full description of the API to this function, see the Exim specification. --******************************************************************************/ -- -- --/* This is the only Exim header that you should include. The effect of --including any other Exim header is not defined, and may change from release to --release. Use only the documented interface! */ -- --#include "local_scan.h" -- -- --/* This is a "do-nothing" version of a local_scan() function. The arguments --are: -- -- fd The file descriptor of the open -D file, which contains the -- body of the message. The file is open for reading and -- writing, but modifying it is dangerous and not recommended. -- -- return_text A pointer to an unsigned char* variable which you can set in -- order to return a text string. It is initialized to NULL. -- --The return values of this function are: -- -- LOCAL_SCAN_ACCEPT -- The message is to be accepted. The return_text argument is -- saved in $local_scan_data. -- -- LOCAL_SCAN_REJECT -- The message is to be rejected. The returned text is used -- in the rejection message. -- -- LOCAL_SCAN_TEMPREJECT -- This specifies a temporary rejection. The returned text -- is used in the rejection message. --*/ -+#ifdef DLOPEN_LOCAL_SCAN -+#include -+static int (*local_scan_fn)(int fd, uschar **return_text) = NULL; -+static int load_local_scan_library(void); -+#endif - - int - local_scan(int fd, uschar **return_text) - { - fd = fd; /* Keep picky compilers happy */ - return_text = return_text; --return LOCAL_SCAN_ACCEPT; -+#ifdef DLOPEN_LOCAL_SCAN -+/* local_scan_path is defined AND not the empty string */ -+if (local_scan_path && *local_scan_path) -+ { -+ if (!local_scan_fn) -+ { -+ if (!load_local_scan_library()) -+ { -+ char *base_msg , *error_msg , *final_msg ; -+ int final_length = -1 ; -+ -+ base_msg=US"Local configuration error - local_scan() library failure\n"; -+ error_msg = dlerror() ; -+ -+ final_length = strlen(base_msg) + strlen(error_msg) + 1 ; -+ final_msg = (char*)malloc( final_length*sizeof(char) ) ; -+ *final_msg = '\0' ; -+ -+ strcat( final_msg , base_msg ) ; -+ strcat( final_msg , error_msg ) ; -+ -+ *return_text = final_msg ; -+ return LOCAL_SCAN_TEMPREJECT; -+ } -+ } -+ return local_scan_fn(fd, return_text); -+ } -+else -+#endif -+ return LOCAL_SCAN_ACCEPT; -+} -+ -+#ifdef DLOPEN_LOCAL_SCAN -+ -+static int load_local_scan_library(void) -+{ -+/* No point in keeping local_scan_lib since we'll never dlclose() anyway */ -+void *local_scan_lib = NULL; -+int (*local_scan_version_fn)(void); -+int vers_maj; -+int vers_min; -+ -+local_scan_lib = dlopen(local_scan_path, RTLD_NOW); -+if (!local_scan_lib) -+ { -+ log_write(0, LOG_MAIN|LOG_REJECT, "local_scan() library open failed - " -+ "message temporarily rejected"); -+ return FALSE; -+ } -+ -+local_scan_version_fn = dlsym(local_scan_lib, "local_scan_version_major"); -+if (!local_scan_version_fn) -+ { -+ dlclose(local_scan_lib); -+ log_write(0, LOG_MAIN|LOG_REJECT, "local_scan() library doesn't contain " -+ "local_scan_version_major() function - message temporarily rejected"); -+ return FALSE; -+ } -+ -+/* The major number is increased when the ABI is changed in a non -+ backward compatible way. */ -+vers_maj = local_scan_version_fn(); -+ -+local_scan_version_fn = dlsym(local_scan_lib, "local_scan_version_minor"); -+if (!local_scan_version_fn) -+ { -+ dlclose(local_scan_lib); -+ log_write(0, LOG_MAIN|LOG_REJECT, "local_scan() library doesn't contain " -+ "local_scan_version_minor() function - message temporarily rejected"); -+ return FALSE; -+ } -+ -+/* The minor number is increased each time a new feature is added (in a -+ way that doesn't break backward compatibility) -- Marc */ -+vers_min = local_scan_version_fn(); -+ -+ -+if (vers_maj != LOCAL_SCAN_ABI_VERSION_MAJOR) -+ { -+ dlclose(local_scan_lib); -+ local_scan_lib = NULL; -+ log_write(0, LOG_MAIN|LOG_REJECT, "local_scan() has an incompatible major" -+ "version number, you need to recompile your module for this version" -+ "of exim (The module was compiled for version %d.%d and this exim provides" -+ "ABI version %d.%d)", vers_maj, vers_min, LOCAL_SCAN_ABI_VERSION_MAJOR, -+ LOCAL_SCAN_ABI_VERSION_MINOR); -+ return FALSE; -+ } -+else if (vers_min > LOCAL_SCAN_ABI_VERSION_MINOR) -+ { -+ dlclose(local_scan_lib); -+ local_scan_lib = NULL; -+ log_write(0, LOG_MAIN|LOG_REJECT, "local_scan() has an incompatible minor" -+ "version number, you need to recompile your module for this version" -+ "of exim (The module was compiled for version %d.%d and this exim provides" -+ "ABI version %d.%d)", vers_maj, vers_min, LOCAL_SCAN_ABI_VERSION_MAJOR, -+ LOCAL_SCAN_ABI_VERSION_MINOR); -+ return FALSE; -+ } -+ -+local_scan_fn = dlsym(local_scan_lib, "local_scan"); -+if (!local_scan_fn) -+ { -+ dlclose(local_scan_lib); -+ log_write(0, LOG_MAIN|LOG_REJECT, "local_scan() library doesn't contain " -+ "local_scan() function - message temporarily rejected"); -+ return FALSE; -+ } -+ -+return TRUE; - } - -+#endif /* DLOPEN_LOCAL_SCAN */ -+ - /* End of local_scan.c */ -diff -ur exim-4.92.orig/src/readconf.c exim-4.92/src/readconf.c ---- exim-4.92.orig/src/readconf.c 2019-01-30 14:59:52.000000000 +0100 -+++ exim-4.92/src/readconf.c 2019-02-16 18:18:46.013947455 +0100 -@@ -199,6 +199,9 @@ - { "local_from_prefix", opt_stringptr, &local_from_prefix }, - { "local_from_suffix", opt_stringptr, &local_from_suffix }, - { "local_interfaces", opt_stringptr, &local_interfaces }, -+#ifdef DLOPEN_LOCAL_SCAN -+ { "local_scan_path", opt_stringptr, &local_scan_path }, -+#endif - #ifdef HAVE_LOCAL_SCAN - { "local_scan_timeout", opt_time, &local_scan_timeout }, - #endif -- 2.26.2