commit: a439566d73af0c6907c967b98f5087b008ea35f1 Author: Sam James <sam <AT> gentoo <DOT> org> AuthorDate: Fri Jul 29 03:03:55 2022 +0000 Commit: Sam James <sam <AT> gentoo <DOT> org> CommitDate: Fri Jul 29 03:03:55 2022 +0000 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=a439566d
mail-mta/sendmail: apply cyrus-sasl fix Closes: https://bugs.gentoo.org/859172 Signed-off-by: Sam James <sam <AT> gentoo.org> .../files/sendmail-8.17.1-cyrus-sasl-auth.patch | 26 +++ mail-mta/sendmail/sendmail-8.17.1-r3.ebuild | 208 +++++++++++++++++++++ 2 files changed, 234 insertions(+) diff --git a/mail-mta/sendmail/files/sendmail-8.17.1-cyrus-sasl-auth.patch b/mail-mta/sendmail/files/sendmail-8.17.1-cyrus-sasl-auth.patch new file mode 100644 index 000000000000..ddbe2b1fb02e --- /dev/null +++ b/mail-mta/sendmail/files/sendmail-8.17.1-cyrus-sasl-auth.patch @@ -0,0 +1,26 @@ +https://bugs.gentoo.org/859172 +https://bz-attachments.freebsd.org/attachment.cgi?id=233353 +https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=263287 +https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=262935 +--- a/sendmail/sendmail.h ++++ b/sendmail/sendmail.h +@@ -760,7 +760,7 @@ extern bool filesys_free __P((long)); + # define SASL_IS_AUTH 2 /* authenticated */ + + /* SASL options */ +-# define SASL_AUTH_AUTH 0x1000 /* use auth= only if authenticated */ ++# define SASL_AUTH_AUTH 0x10000 /* use auth= only if authenticated */ + # if SASL >= 20101 + # define SASL_SEC_MASK SASL_SEC_MAXIMUM /* mask for SASL_SEC_* values: sasl.h */ + # else /* SASL >= 20101 */ +@@ -775,6 +775,9 @@ extern bool filesys_free __P((long)); + # endif /* SASL_SEC_NOPLAINTEXT & SASL_SEC_MASK) == 0 ... */ + # endif /* SASL >= 20101 */ + # define MAXOUTLEN 8192 /* length of output buffer, should be 2^n */ ++# if (SASL_AUTH_AUTH & SASL_SEC_MASK) != 0 ++# ERROR "change SASL_AUTH_AUTH notify sendmail.org!" ++# endif + + /* functions */ + extern char *intersect __P((char *, char *, SM_RPOOL_T *)); + diff --git a/mail-mta/sendmail/sendmail-8.17.1-r3.ebuild b/mail-mta/sendmail/sendmail-8.17.1-r3.ebuild new file mode 100644 index 000000000000..a2ae30989f5d --- /dev/null +++ b/mail-mta/sendmail/sendmail-8.17.1-r3.ebuild @@ -0,0 +1,208 @@ +# Copyright 1999-2022 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +# Note: please bump this together with mail-filter/libmilter + +inherit systemd toolchain-funcs + +DESCRIPTION="Widely-used Mail Transport Agent (MTA)" +HOMEPAGE="https://www.sendmail.org/"; +SRC_URI="ftp://ftp.sendmail.org/pub/${PN}/${PN}.${PV}.tar.gz"; + +LICENSE="Sendmail GPL-2" # GPL-2 is here for initscript +SLOT="0" +KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86" +IUSE="ipv6 ldap mbox nis sasl sockets ssl tcpd" + +BDEPEND=" + sys-devel/m4 + virtual/pkgconfig" +DEPEND=" + acct-group/smmsp + >=acct-user/smmsp-0-r2 + net-mail/mailbase + >=sys-libs/db-3.2:= + ldap? ( net-nds/openldap:= ) + nis? ( net-libs/libnsl:= ) + sasl? ( >=dev-libs/cyrus-sasl-2.1.10 ) + ssl? ( dev-libs/openssl:0= ) + tcpd? ( sys-apps/tcp-wrappers )" +RDEPEND=" + ${DEPEND} + >=mail-filter/libmilter-1.0.2_p2 + !mail-mta/courier + !mail-mta/esmtp + !mail-mta/exim + !mail-mta/mini-qmail + !mail-mta/msmtp[mta] + !mail-mta/netqmail + !mail-mta/nullmailer + !mail-mta/opensmtpd + !mail-mta/postfix + !mail-mta/qmail-ldap + !>=mail-mta/ssmtp-2.64-r2[mta] + !net-mail/vacation" +PDEPEND="!mbox? ( mail-filter/procmail )" + +src_prepare() { + eapply "${FILESDIR}"/${PN}-8.16.1-build-system.patch + eapply "${FILESDIR}"/${PN}-8.17.1-cyrus-sasl-auth.patch + eapply -p0 "${FILESDIR}"/${PN}-delivered_hdr.patch + eapply_user + + local confCCOPTS="${CFLAGS}" + # See bug #808954 for FLOCK + local confENVDEF="-DMAXDAEMONS=64 -DHAS_GETHOSTBYNAME2=1 -DHASFLOCK=1" + local confLDOPTS="${LDFLAGS}" + local confLIBS= + local confMAPDEF="-DMAP_REGEX" + local conf_sendmail_LIBS= + + if use ldap; then + confMAPDEF+=" -DLDAPMAP" + confLIBS+=" -lldap -llber" + fi + + if use sasl; then + confCCOPTS+=" $($(tc-getPKG_CONFIG) --cflags libsasl2)" + confENVDEF+=" -DSASL=2" + conf_sendmail_LIBS+=" $($(tc-getPKG_CONFIG) --libs libsasl2)" + fi + + if use ssl; then + # Bug #542370 - lets add support for modern crypto (PFS) + confCCOPTS+=" $($(tc-getPKG_CONFIG) --cflags openssl)" + confENVDEF+=" -DSTARTTLS -D_FFR_DEAL_WITH_ERROR_SSL" + confENVDEF+=" -D_FFR_TLS_1 -D_FFR_TLS_EC" + conf_sendmail_LIBS+=" $($(tc-getPKG_CONFIG) --libs openssl)" + fi + + if use tcpd; then + confENVDEF+=" -DTCPWRAPPERS" + confLIBS+=" -lwrap" + fi + + use ipv6 && confENVDEF+=" -DNETINET6" + use nis && confENVDEF+=" -DNIS" + use sockets && confENVDEF+=" -DSOCKETMAP" + + sed -e "s|@@confCC@@|$(tc-getCC)|" \ + -e "s|@@confCCOPTS@@|${confCCOPTS}|" \ + -e "s|@@confENVDEF@@|${confENVDEF}|" \ + -e "s|@@confLDOPTS@@|${confLDOPTS}|" \ + -e "s|@@confLIBS@@|${confLIBS}|" \ + -e "s|@@confMAPDEF@@|${confMAPDEF}|" \ + -e "s|@@conf_sendmail_LIBS@@|${conf_sendmail_LIBS}|" \ + "${FILESDIR}"/site.config.m4 > devtools/Site/site.config.m4 \ + || die "failed to generate site.config.m4" + + echo "APPENDDEF(\`confLIBDIRS', \`-L${EPREFIX}/usr/$(get_libdir)')" \ + >> devtools/Site/site.config.m4 || die "failed adding to site.config.m4" +} + +src_compile() { + sh Build AR="$(tc-getAR)" RANLIB="$(tc-getRANLIB)" || die "compilation failed in main build script" +} + +src_install() { + dodir /usr/{bin,$(get_libdir)} + dodir /usr/share/man/man{1,5,8} /usr/sbin /usr/share/sendmail-cf + dodir /var/spool/{mqueue,clientmqueue} /etc/conf.d + + keepdir /var/spool/{clientmqueue,mqueue} + + local emakeargs=( + DESTDIR="${D}" LIBDIR="/usr/$(get_libdir)" + MANROOT=/usr/share/man/man + SBINOWN=root SBINGRP=root UBINOWN=root UBINGRP=root + MANOWN=root MANGRP=root INCOWN=root INCGRP=root + LIBOWN=root LIBGRP=root GBINOWN=root GBINGRP=root + MSPQOWN=root CFOWN=root CFGRP=root + ) + + local dir + for dir in libsmutil sendmail mailstats praliases smrsh makemap vacation editmap; do + emake -j1 -C obj.*/${dir} "${emakeargs[@]}" install + done + for dir in rmail mail.local; do + emake -j1 -C obj.*/${dir} "${emakeargs[@]}" force-install + done + + fowners root:smmsp /usr/sbin/sendmail + fperms 2555 /usr/sbin/sendmail + fowners smmsp:smmsp /var/spool/clientmqueue + fperms 770 /var/spool/clientmqueue + fperms 700 /var/spool/mqueue + dosym ../sbin/makemap /usr/bin/makemap + dodoc FAQ KNOWNBUGS README RELEASE_NOTES doc/op/op.ps + + dodoc sendmail/{SECURITY,TUNING} + newdoc sendmail/README README.sendmail + newdoc smrsh/README README.smrsh + + newdoc cf/README README.cf + newdoc cf/cf/README README.install-cf + + dodoc -r contrib + + cp -pPR cf/. "${ED}"/usr/share/sendmail-cf || die + + insinto /etc/mail + if use mbox; then + newins "${FILESDIR}"/sendmail.mc-r1 sendmail.mc + else + newins "${FILESDIR}"/sendmail-procmail.mc sendmail.mc + fi + + # See discussion on bug #730890 + m4 "${ED}"/usr/share/sendmail-cf/m4/cf.m4 \ + <(grep -v "${EPREFIX}"/usr/share/sendmail-cf/m4/cf.m4 "${ED}"/etc/mail/sendmail.mc) \ + > "${ED}"/etc/mail/sendmail.cf || die "cf.m4 failed" + + echo "include(\`/usr/share/sendmail-cf/m4/cf.m4')dnl" \ + > "${ED}"/etc/mail/submit.mc || die "submit.mc echo failed" + + cat "${ED}"/usr/share/sendmail-cf/cf/submit.mc \ + >> "${ED}"/etc/mail/submit.mc || die "submit.mc cat failed" + + echo "# local-host-names - include all aliases for your machine here" \ + > "${ED}"/etc/mail/local-host-names || die "local-host-names echo failed" + + cat <<- EOF > "${ED}"/etc/mail/trusted-users || die "trusted-users cat failed" + # trusted-users - users that can send mail as others without a warning + # apache, mailman, majordomo, uucp are good candidates + EOF + + cat <<- EOF > "${ED}"/etc/mail/access || die "access cat failed" + # Check the /usr/share/doc/sendmail/README.cf file for a description + # of the format of this file. (search for access_db in that file) + # The /usr/share/doc/sendmail/README.cf is part of the sendmail-doc + # package. + # + + EOF + + cat <<- EOF > "${ED}"/etc/conf.d/sendmail || die "sendmail cat failed" + # Config file for /etc/init.d/sendmail + # add start-up options here + SENDMAIL_OPTS="-bd -q30m -L sm-mta" # default daemon mode + CLIENTMQUEUE_OPTS="-Ac -q30m -L sm-cm" # clientmqueue + KILL_OPTS="" # add -9/-15/your favorite evil SIG level here + + EOF + + if use sasl; then + dodir /etc/sasl2 + cat <<- EOF > "${ED}"/etc/sasl2/Sendmail.conf || die "Sendmail.conf cat ailed" + pwcheck_method: saslauthd + mech_list: PLAIN LOGIN + + EOF + fi + + doinitd "${FILESDIR}"/sendmail + systemd_dounit "${FILESDIR}"/sendmail.service + systemd_dounit "${FILESDIR}"/sm-client.service +}
