postfix: update to 3.3.2.

This commit is contained in:
maxice8 2018-11-29 09:28:56 -02:00 committed by maxice8
parent e202459c2d
commit eb91cbdb90
2 changed files with 38 additions and 72 deletions

View file

@ -1,7 +1,10 @@
$OpenBSD: patch-src_posttls-finger_posttls-finger_c,v 1.2 2017/03/04 22:09:43 sthen Exp $
--- src/posttls-finger/posttls-finger.c.orig Fri Feb 3 17:43:04 2017
+++ src/posttls-finger/posttls-finger.c Mon Feb 20 12:42:58 2017
@@ -1513,7 +1513,8 @@ static int finger(STATE *state)
Source: https://svnweb.freebsd.org/ports/head/mail/postfix/files/?sortby=date#dirlist
Upstream: no, upstream does not define a contribution workflow/platform
Reason: fix compatibility with LibreSSL
--- src/posttls-finger/posttls-finger.c 2017-02-03 23:43:04.000000000 +0100
+++ src/posttls-finger/posttls-finger.c 2018-11-29 11:20:05.850958411 +0100
@@ -1513,7 +1513,8 @@
return (0);
}
@ -11,7 +14,7 @@ $OpenBSD: patch-src_posttls-finger_posttls-finger_c,v 1.2 2017/03/04 22:09:43 st
/* ssl_cleanup - free memory allocated in the OpenSSL library */
@@ -1966,7 +1967,8 @@ int main(int argc, char *argv[])
@@ -1966,7 +1967,8 @@
cleanup(&state);
/* OpenSSL 1.1.0 and later (de)initialization is implicit */
@ -21,10 +24,9 @@ $OpenBSD: patch-src_posttls-finger_posttls-finger_c,v 1.2 2017/03/04 22:09:43 st
ssl_cleanup();
#endif
$OpenBSD: patch-src_tls_tls_client_c,v 1.2 2017/03/04 22:09:43 sthen Exp $
--- src/tls/tls_client.c.orig Sun Jan 1 17:22:13 2017
+++ src/tls/tls_client.c Mon Feb 20 12:42:58 2017
@@ -299,7 +299,7 @@ TLS_APPL_STATE *tls_client_init(const TLS_CLIENT_INIT_
--- src/tls/tls_client.c 2018-11-17 23:33:15.000000000 +0100
+++ src/tls/tls_client.c 2018-11-29 11:20:44.305963154 +0100
@@ -299,7 +299,7 @@
*/
tls_check_version();
@ -33,7 +35,7 @@ $OpenBSD: patch-src_tls_tls_client_c,v 1.2 2017/03/04 22:09:43 sthen Exp $
/*
* Initialize the OpenSSL library by the book! To start with, we must
@@ -433,7 +433,7 @@ TLS_APPL_STATE *tls_client_init(const TLS_CLIENT_INIT_
@@ -433,7 +433,7 @@
/*
* 2015-12-05: Ephemeral RSA removed from OpenSSL 1.1.0-dev
*/
@ -42,10 +44,9 @@ $OpenBSD: patch-src_tls_tls_client_c,v 1.2 2017/03/04 22:09:43 sthen Exp $
/*
* According to the OpenSSL documentation, temporary RSA key is needed
$OpenBSD: patch-src_tls_tls_dane_c,v 1.2 2017/03/04 22:09:43 sthen Exp $
--- src/tls/tls_dane.c.orig Sun Jan 1 17:22:13 2017
+++ src/tls/tls_dane.c Mon Feb 20 12:42:58 2017
@@ -2125,7 +2125,7 @@ static SSL_CTX *ctx_init(const char *CAfile)
--- src/tls/tls_dane.c 2018-11-05 00:47:50.000000000 +0100
+++ src/tls/tls_dane.c 2018-11-29 11:21:12.762966395 +0100
@@ -2127,7 +2127,7 @@
tls_param_init();
tls_check_version();
@ -54,28 +55,9 @@ $OpenBSD: patch-src_tls_tls_dane_c,v 1.2 2017/03/04 22:09:43 sthen Exp $
SSL_load_error_strings();
SSL_library_init();
#endif
$OpenBSD: patch-src_tls_tls_dh_c,v 1.1 2017/03/04 22:09:43 sthen Exp $
Fix building with LibreSSL
--- src/tls/tls_dh.c.orig Mon Dec 26 18:47:24 2016
+++ src/tls/tls_dh.c Sat Feb 4 01:45:39 2017
@@ -314,7 +314,7 @@ void tls_auto_eecdh_curves(SSL_CTX *ctx)
* This is a NOP in OpenSSL 1.1.0 and later, where curves are always
* auto-negotiated.
*/
-#if OPENSSL_VERSION_NUMBER < 0x10100000UL
+#if OPENSSL_VERSION_NUMBER < 0x10100000UL || defined(LIBRESSL_VERSION_NUMBER)
if (SSL_CTX_set_ecdh_auto(ctx, 1) <= 0) {
msg_warn("failed to enable automatic ECDHE curve selection");
tls_print_errors();
$OpenBSD: patch-src_tls_tls_h,v 1.2 2017/03/04 22:09:43 sthen Exp $
Fix building with LibreSSL
--- src/tls/tls.h.orig Sun Jan 1 17:22:13 2017
+++ src/tls/tls.h Fri Jan 6 23:17:26 2017
@@ -89,7 +89,7 @@ extern const char *str_tls_level(int);
--- src/tls/tls.h 2018-11-17 23:55:55.000000000 +0100
+++ src/tls/tls.h 2018-11-29 11:21:38.228969112 +0100
@@ -89,7 +89,7 @@
#endif
/* Backwards compatibility with OpenSSL < 1.1.0 */
@ -84,19 +66,8 @@ Fix building with LibreSSL
#define OpenSSL_version_num SSLeay
#define OpenSSL_version SSLeay_version
#define OPENSSL_VERSION SSLEAY_VERSION
@@ -104,6 +104,9 @@ extern const char *str_tls_level(int);
#define ASN1_STRING_get0_data ASN1_STRING_data
#define X509_getm_notBefore X509_get_notBefore
#define X509_getm_notAfter X509_get_notAfter
+#endif
+
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
#define TLS_method SSLv23_method
#define TLS_client_method SSLv23_client_method
#define TLS_server_method SSLv23_server_method
$OpenBSD: patch-src_tls_tls_rsa_c,v 1.1 2016/09/03 15:39:58 sthen Exp $
--- src/tls/tls_rsa.c.orig Thu Sep 1 21:57:15 2016
+++ src/tls/tls_rsa.c Thu Sep 1 21:58:11 2016
--- src/tls/tls_rsa.c 2016-01-03 15:49:51.000000000 +0100
+++ src/tls/tls_rsa.c 2018-11-29 11:22:05.178971819 +0100
@@ -57,7 +57,7 @@
/*
* 2015-12-05: Ephemeral RSA removed from OpenSSL 1.1.0-dev
@ -106,7 +77,7 @@ $OpenBSD: patch-src_tls_tls_rsa_c,v 1.1 2016/09/03 15:39:58 sthen Exp $
/* tls_tmp_rsa_cb - call-back to generate ephemeral RSA key */
@@ -109,7 +109,7 @@ int main(int unused_argc, char *const argv[])
@@ -109,7 +109,7 @@
/*
* 2015-12-05: Ephemeral RSA removed from OpenSSL 1.1.0-dev
*/
@ -115,10 +86,9 @@ $OpenBSD: patch-src_tls_tls_rsa_c,v 1.1 2016/09/03 15:39:58 sthen Exp $
RSA *rsa;
msg_vstream_init(argv[0], VSTREAM_ERR);
$OpenBSD: patch-src_tls_tls_server_c,v 1.2 2017/03/04 22:09:43 sthen Exp $
--- src/tls/tls_server.c.orig Sun Jan 1 17:22:13 2017
+++ src/tls/tls_server.c Mon Feb 20 12:42:58 2017
@@ -174,7 +174,7 @@ static const char server_session_id_context[] = "Postf
--- src/tls/tls_server.c 2018-11-17 23:33:15.000000000 +0100
+++ src/tls/tls_server.c 2018-11-29 11:24:36.505984117 +0100
@@ -174,7 +174,7 @@
#endif /* OPENSSL_VERSION_NUMBER */
/* OpenSSL 1.1.0 bitrot */
@ -127,7 +97,7 @@ $OpenBSD: patch-src_tls_tls_server_c,v 1.2 2017/03/04 22:09:43 sthen Exp $
typedef const unsigned char *session_id_t;
#else
@@ -377,7 +377,7 @@ TLS_APPL_STATE *tls_server_init(const TLS_SERVER_INIT_
@@ -377,7 +377,7 @@
*/
tls_check_version();
@ -136,7 +106,16 @@ $OpenBSD: patch-src_tls_tls_server_c,v 1.2 2017/03/04 22:09:43 sthen Exp $
/*
* Initialize the OpenSSL library by the book! To start with, we must
@@ -580,7 +580,7 @@ TLS_APPL_STATE *tls_server_init(const TLS_SERVER_INIT_
@@ -486,7 +486,7 @@
* OpenSSL 0.9.8h, while SSL_NO_TICKET was added in 0.9.8f.
*/
#ifdef SSL_OP_NO_TICKET
-#if !defined(OPENSSL_NO_TLSEXT) && OPENSSL_VERSION_NUMBER >= 0x0090808fL
+#if !defined(OPENSSL_NO_TLSEXT) && OPENSSL_VERSION_NUMBER >= 0x0090808fL && !defined(LIBRESSL_VERSION_NUMBER)
ticketable = (*var_tls_tkt_cipher && scache_timeout > 0
&& !(off & SSL_OP_NO_TICKET));
if (ticketable) {
@@ -595,7 +595,7 @@
/*
* 2015-12-05: Ephemeral RSA removed from OpenSSL 1.1.0-dev
*/
@ -145,16 +124,3 @@ $OpenBSD: patch-src_tls_tls_server_c,v 1.2 2017/03/04 22:09:43 sthen Exp $
/*
* According to OpenSSL documentation, a temporary RSA key is needed when
For LibreSSL 2.4:
--- src/tls/tls_dh.c.orig
+++ src/tls/tls_dh.c
@@ -244,7 +244,7 @@
void tls_auto_eecdh_curves(SSL_CTX *ctx)
{
-#if OPENSSL_VERSION_NUMBER >= 0x1000200fUL && !defined(OPENSSL_NO_ECDH)
+#if OPENSSL_VERSION_NUMBER >= 0x1000200fUL && !defined(OPENSSL_NO_ECDH) && !defined(LIBRESSL_VERSION_NUMBER)
SSL_CTX *tmpctx;
int *nids;
int space = 5;

View file

@ -1,8 +1,8 @@
# Template file for 'postfix'
pkgname=postfix
version=3.3.1
version=3.3.2
revision=4
hostmakedepends="perl"
hostmakedepends="perl m4"
makedepends="icu-devel libldap-devel libmysqlclient-devel pcre-devel
postgresql-libs-devel sqlite-devel"
short_desc="High-performance mail transport agent"
@ -10,7 +10,7 @@ maintainer="Juan RP <xtraeme@voidlinux.eu>"
license="IPL-1.0, EPL-2.0"
homepage="http://www.postfix.org/"
distfiles="ftp://ftp.porcupine.org/mirrors/postfix-release/official/${pkgname}-${version}.tar.gz"
checksum=54f514dae42b5275cb4bc9c69283f16c06200b71813d0bb696568c4ba7ae7e3b
checksum=3c93f31eee49a58e592c31e62a058701cadde11e8e066ea441da19fddad7b35b
system_accounts="postfix"
postfix_homedir="/var/spool/postfix"