pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/trunk]: pkgsrc/mail mail/postfix: update to 3.7.2
details: https://anonhg.NetBSD.org/pkgsrc/rev/834696626cb3
branches: trunk
changeset: 382146:834696626cb3
user: taca <taca%pkgsrc.org@localhost>
date: Thu Jul 21 15:08:39 2022 +0000
description:
mail/postfix: update to 3.7.2
3.7.0 (2022-02-07)
* Support to inline the content of small cidr:, pcre:, and regexp:
tables in Postfix parameter values. An example is the new
smtpd_forbidden_commands default value, "CONNECT GET POST
regexp:{{/^[^A-Z]/ Thrash}}", to quickly drop connections from
clients that send garbage.
* To make the maillog_file feature more useful, including stdout
logging from a container, the postlog(1) command is now set-gid
postdrop, so that unprivileged programs can use it to write
logging through the postlogd(8) daemon. This required hardening
the postlog(1) command against privilege escalation attacks.
* Support for library APIs: OpenSSL 3.0.0, PCRE2, Berkeley DB 18.
* Postfix programs now randomize the initial state of in-memory
hash tables, to defend against hash collision attacks involving
a large number of attacker-chosen lookup keys. Presently, the
only known opportunity for such attacks involves remote SMTP
client IPv6 addresses in the anvil(8) service, and requires
making hundreds of short-lived connections per second while
cycling through thousands of different client IP addresses.
* Updated defense against remote clients or servers that 'trickle'
SMTP or LMTP traffic. This replaces the old per-record deadlines
with per-request deadlines and minimum data rates.
* Many typofixes by raf and Wietse.
3.7.1 (2022-04-18)
* (problem introduced: Postfix 2.7) The milter_header_checks maps
are now opened before the cleanup(8) server enters the chroot
jail. Problem reported by Jesper Dybdal.
* In an internal client module, "host or service not found" was
a fatal error, causing the milter_default_action setting to be
ignored. It is now a non-fatal error, just like a failure to
connect. Problem reported by Christian Degenkolb.
* The proxy_read_maps default value was missing up to 27 parameter
names. The corresponding lookup tables were not automatically
authorized for use with the proxymap(8) service. The parameter
names were ending in _checks, _reply_footer, _reply_filter,
_command_filter, and _delivery_status_filter.
* (problem introduced: Postfix 3.0) With dynamic map loading
enabled, an attempt to create a map with "postmap regexp:path"
would result in a bogus error message "Is the postfix-regexp
package installed?" instead of "unsupported map type for this
operation". This happened with all non-dynamic map types (static,
cidr, etc.) that have no 'bulk create' support. Problem reported
by Greg Klanderman.
* In PCRE_README, "pcre2 --libs" should be "pcre2 --libs8". Problem
reported by Carlos Velasco.
* Documented in the postlogd(8) daemon manpage that the Postfix
>= 3.7 postlog(1) command can run with setgid permissions.
3.7.2 (2022-04-28)
This reverts an overly complex change in the postscreen SMTP engine
(made during Postfix 3.7 development), and replaces it with much
simpler code. The bad change was crashing postscreen on some systems
after receiving malformed input (for example, a TLS "hello" message).
diffstat:
mail/postfix-sqlite/Makefile | 3 +-
mail/postfix/Makefile | 3 +-
mail/postfix/Makefile.common | 4 +-
mail/postfix/PLIST | 8 ++++--
mail/postfix/distinfo | 12 +++++-----
mail/postfix/patches/patch-ag | 25 ++++++++-------------
mail/postfix/patches/patch-ai | 48 ++++++++++++++++++++++++++++++++----------
7 files changed, 61 insertions(+), 42 deletions(-)
diffs (275 lines):
diff -r 0770b249803e -r 834696626cb3 mail/postfix-sqlite/Makefile
--- a/mail/postfix-sqlite/Makefile Thu Jul 21 14:08:46 2022 +0000
+++ b/mail/postfix-sqlite/Makefile Thu Jul 21 15:08:39 2022 +0000
@@ -1,8 +1,7 @@
-# $NetBSD: Makefile,v 1.30 2022/04/18 19:11:34 adam Exp $
+# $NetBSD: Makefile,v 1.31 2022/07/21 15:08:40 taca Exp $
#
COMMENT= Postfix SMTP server SQLite backend module
-PKGREVISION= 2
POSTFIX_LIB= sqlite
POSTFIX_LIBDIR= src/global
diff -r 0770b249803e -r 834696626cb3 mail/postfix/Makefile
--- a/mail/postfix/Makefile Thu Jul 21 14:08:46 2022 +0000
+++ b/mail/postfix/Makefile Thu Jul 21 15:08:39 2022 +0000
@@ -1,6 +1,5 @@
-# $NetBSD: Makefile,v 1.336 2022/06/28 11:34:33 wiz Exp $
+# $NetBSD: Makefile,v 1.337 2022/07/21 15:08:39 taca Exp $
-PKGREVISION= 2
.include "../../mail/postfix/Makefile.common"
COMMENT= Fast, easy to administer, and secure mail transfer agent
diff -r 0770b249803e -r 834696626cb3 mail/postfix/Makefile.common
--- a/mail/postfix/Makefile.common Thu Jul 21 14:08:46 2022 +0000
+++ b/mail/postfix/Makefile.common Thu Jul 21 15:08:39 2022 +0000
@@ -1,8 +1,8 @@
-# $NetBSD: Makefile.common,v 1.40 2022/01/26 17:41:31 triaxx Exp $
+# $NetBSD: Makefile.common,v 1.41 2022/07/21 15:08:39 taca Exp $
# used by mail/postfix/Makefile
# used by mail/postfix/Makefile.module
-DISTNAME= postfix-3.6.4
+DISTNAME= postfix-3.7.2
CATEGORIES= mail
MASTER_SITES= ftp://ftp.porcupine.org/mirrors/postfix-release/official/
diff -r 0770b249803e -r 834696626cb3 mail/postfix/PLIST
--- a/mail/postfix/PLIST Thu Jul 21 14:08:46 2022 +0000
+++ b/mail/postfix/PLIST Thu Jul 21 15:08:39 2022 +0000
@@ -1,4 +1,4 @@
-@comment $NetBSD: PLIST,v 1.32 2020/01/28 08:16:51 triaxx Exp $
+@comment $NetBSD: PLIST,v 1.33 2022/07/21 15:08:39 taca Exp $
bin/mailq
bin/newaliases
lib/postfix/libpostfix-dns.so
@@ -137,6 +137,7 @@
share/doc/postfix/ADDRESS_VERIFICATION_README
share/doc/postfix/BACKSCATTER_README
share/doc/postfix/BASIC_CONFIGURATION_README
+share/doc/postfix/BDAT_README
share/doc/postfix/BUILTIN_FILTER_README
share/doc/postfix/CDB_README
share/doc/postfix/COMPATIBILITY_README
@@ -156,6 +157,7 @@
share/doc/postfix/LMDB_README
share/doc/postfix/LOCAL_RECIPIENT_README
share/doc/postfix/MAILDROP_README
+share/doc/postfix/MAILLOG_README
share/doc/postfix/MEMCACHE_README
share/doc/postfix/MILTER_README
share/doc/postfix/MULTI_INSTANCE_README
@@ -165,6 +167,7 @@
share/doc/postfix/PACKAGE_README
share/doc/postfix/PCRE_README
share/doc/postfix/PGSQL_README
+share/doc/postfix/POSTSCREEN_3_5_README
share/doc/postfix/POSTSCREEN_README
share/doc/postfix/QSHAPE_README
share/doc/postfix/RELEASE_NOTES
@@ -174,6 +177,7 @@
share/doc/postfix/SMTPD_ACCESS_README
share/doc/postfix/SMTPD_POLICY_README
share/doc/postfix/SMTPD_PROXY_README
+share/doc/postfix/SMTPUTF8_README
share/doc/postfix/SOHO_README
share/doc/postfix/SQLITE_README
share/doc/postfix/STANDARD_CONFIGURATION_README
@@ -203,7 +207,5 @@
${PLIST.csasl}share/examples/postfix/smtpd.conf
share/examples/postfix/transport
share/examples/postfix/virtual
-@pkgdir var/spool/postfix
-@pkgdir var/db/postfix
@pkgdir libexec/postfix/postfix-files.d
@pkgdir libexec/postfix/dynamicmaps.cf.d
diff -r 0770b249803e -r 834696626cb3 mail/postfix/distinfo
--- a/mail/postfix/distinfo Thu Jul 21 14:08:46 2022 +0000
+++ b/mail/postfix/distinfo Thu Jul 21 15:08:39 2022 +0000
@@ -1,11 +1,11 @@
-$NetBSD: distinfo,v 1.201 2022/06/11 10:27:04 bsiegert Exp $
+$NetBSD: distinfo,v 1.202 2022/07/21 15:08:39 taca Exp $
-BLAKE2s (postfix-3.6.4.tar.gz) = 91a54f04959c49aa514db5d884576501df627f51df109829acbb40295d28311b
-SHA512 (postfix-3.6.4.tar.gz) = f5813801377a5887d27720cc7f85a6a68f8ca82fc7a9e852b27c8967996b3d64f651cc16e2b021d55316a074b4778e19155bb60c8f0885d4aaf72766cab7c4cd
-Size (postfix-3.6.4.tar.gz) = 4751433 bytes
+BLAKE2s (postfix-3.7.2.tar.gz) = 64623c1410113c29aebd4f7e25f631339f1ea12ea4c1a4e18526f9a09e460658
+SHA512 (postfix-3.7.2.tar.gz) = 23bb1af6bf3743c741f108da136f64613f9062d121dc459944ac192275335952cd309ffec6c380f5d36430605eec538c2549c3fdee9d4597f739d9d1b0a033fc
+Size (postfix-3.7.2.tar.gz) = 4824424 bytes
SHA1 (patch-aa) = c8216f133e202a7bb37682b0dbc1448f021e7c1c
-SHA1 (patch-ag) = feccf4aba580f581953b32e6c3a2c453fcb9131c
-SHA1 (patch-ai) = ae4084deb653b1155fbf70d8ef999f4f9654fa68
+SHA1 (patch-ag) = 8ab3cfafa63056f9a7f096da7e55bcccab965180
+SHA1 (patch-ai) = c042f6cf94cbb7301e9e04707dd6eda59ccbbcef
SHA1 (patch-src_smtpd_Makefile.in) = 8133f9cceb0c1c0250d6543cb060c66288571722
SHA1 (patch-src_smtpd_pfilter.c) = c747d2f3584f694eb7b73b19118b4d8b450cfe7f
SHA1 (patch-src_smtpd_pfilter.h) = 153b516da89d709d293c6086c2f126791bd945d6
diff -r 0770b249803e -r 834696626cb3 mail/postfix/patches/patch-ag
--- a/mail/postfix/patches/patch-ag Thu Jul 21 14:08:46 2022 +0000
+++ b/mail/postfix/patches/patch-ag Thu Jul 21 15:08:39 2022 +0000
@@ -1,29 +1,24 @@
-$NetBSD: patch-ag,v 1.41 2021/06/02 15:29:57 taca Exp $
+$NetBSD: patch-ag,v 1.42 2022/07/21 15:08:39 taca Exp $
* Add common support for NetBSD.
* Only define HAS_DB if it hasn't been defined.
* Add support for FreeBSD 11 and 12.
---- src/util/sys_defs.h.orig 2020-05-21 13:34:23.000000000 +0000
+--- src/util/sys_defs.h.orig 2021-12-05 18:59:27.000000000 +0000
+++ src/util/sys_defs.h
-@@ -30,14 +30,11 @@
- #if defined(FREEBSD2) || defined(FREEBSD3) || defined(FREEBSD4) \
- || defined(FREEBSD5) || defined(FREEBSD6) || defined(FREEBSD7) \
- || defined(FREEBSD8) || defined(FREEBSD9) || defined(FREEBSD10) \
-- || defined(FREEBSD11) || defined(FREEBSD12) \
-+ || defined(FREEBSD11) || defined(FREEBSD12) || defined(FREEBSD13) \
+@@ -35,10 +35,7 @@
|| defined(BSDI2) || defined(BSDI3) || defined(BSDI4) \
|| defined(OPENBSD2) || defined(OPENBSD3) || defined(OPENBSD4) \
- || defined(OPENBSD5) || defined(OPENBSD6) \
+ || defined(OPENBSD5) || defined(OPENBSD6) || defined(OPENBSD7) \
- || defined(NETBSD1) || defined(NETBSD2) || defined(NETBSD3) \
- || defined(NETBSD4) || defined(NETBSD5) || defined(NETBSD6) \
-- || defined(NETBSD7) \
-- || defined(EKKOBSD1) || defined(DRAGONFLY)
-+ || defined(NETBSD) || defined(EKKOBSD1) || defined(DRAGONFLY)
+- || defined(NETBSD7) | defined(NETBSD8) || defined(NETBSD9) \
+- || defined(NETBSD10) \
++ || defined(NETBSD) \
+ || defined(EKKOBSD1) || defined(DRAGONFLY)
#define SUPPORTED
#include <sys/param.h>
- #define UINT32_TYPE unsigned int
-@@ -49,7 +46,9 @@
+@@ -51,7 +48,9 @@
#define DEF_MAILBOX_LOCK "flock, dotlock"
#define HAS_SUN_LEN
#define HAS_FSYNC
@@ -33,7 +28,7 @@
#define HAS_SA_LEN
#define NATIVE_DB_TYPE "hash"
#if (defined(__NetBSD_Version__) && __NetBSD_Version__ >= 104250000)
-@@ -1252,6 +1251,8 @@ extern int h_errno;
+@@ -1257,6 +1256,8 @@ extern int h_errno;
#define DEF_SMTP_CACHE_DEMAND 0
#endif
diff -r 0770b249803e -r 834696626cb3 mail/postfix/patches/patch-ai
--- a/mail/postfix/patches/patch-ai Thu Jul 21 14:08:46 2022 +0000
+++ b/mail/postfix/patches/patch-ai Thu Jul 21 15:08:39 2022 +0000
@@ -1,4 +1,4 @@
-$NetBSD: patch-ai,v 1.44 2022/06/11 10:27:04 bsiegert Exp $
+$NetBSD: patch-ai,v 1.45 2022/07/21 15:08:39 taca Exp $
1) Add shlib definitions for NetBSD 5; the build system must be
hard-coded per OS per version. Not yet reported upstream.
@@ -9,9 +9,9 @@
4) Add blocklist(3) support.
---- makedefs.orig 2021-04-24 20:49:37.000000000 +0000
+--- makedefs.orig 2022-01-23 20:53:41.000000000 +0000
+++ makedefs
-@@ -309,6 +309,15 @@ case "$SYSTEM.$RELEASE" in
+@@ -339,6 +339,15 @@ case "$SYSTEM.$RELEASE" in
: ${SHLIB_ENV="LD_LIBRARY_PATH=`pwd`/lib"}
: ${PLUGIN_LD="${CC} -shared"}
;;
@@ -27,7 +27,7 @@
DragonFly.*) SYSTYPE=DRAGONFLY
;;
OpenBSD.2*) SYSTYPE=OPENBSD2
-@@ -337,25 +346,7 @@ case "$SYSTEM.$RELEASE" in
+@@ -376,49 +385,7 @@ case "$SYSTEM.$RELEASE" in
;;
ekkoBSD.1*) SYSTYPE=EKKOBSD1
;;
@@ -48,13 +48,37 @@
- : ${SHLIB_RPATH='-Wl,-rpath,${SHLIB_DIR}'}
- : ${SHLIB_ENV="LD_LIBRARY_PATH=`pwd`/lib"}
- : ${PLUGIN_LD="${CC-gcc} -shared"}
-- ;;
-- NetBSD.7*) SYSTYPE=NETBSD7
+- ;;
+- NetBSD.7*) SYSTYPE=NETBSD7
+- : ${SHLIB_SUFFIX=.so}
+- : ${SHLIB_CFLAGS=-fPIC}
+- : ${SHLIB_LD="${CC-gcc} -shared"' -Wl,-soname,${LIB}'}
+- : ${SHLIB_RPATH='-Wl,-rpath,${SHLIB_DIR}'}
+- : ${SHLIB_ENV="LD_LIBRARY_PATH=`pwd`/lib"}
+- : ${PLUGIN_LD="${CC-gcc} -shared"}
+- ;;
+- NetBSD.8*) SYSTYPE=NETBSD8
+- : ${SHLIB_SUFFIX=.so}
+- : ${SHLIB_CFLAGS=-fPIC}
+- : ${SHLIB_LD="${CC-gcc} -shared"' -Wl,-soname,${LIB}'}
+- : ${SHLIB_RPATH='-Wl,-rpath,${SHLIB_DIR}'}
+- : ${SHLIB_ENV="LD_LIBRARY_PATH=`pwd`/lib"}
+- : ${PLUGIN_LD="${CC-gcc} -shared"}
+- ;;
+- NetBSD.9*) SYSTYPE=NETBSD9
+- : ${SHLIB_SUFFIX=.so}
+- : ${SHLIB_CFLAGS=-fPIC}
+- : ${SHLIB_LD="${CC-gcc} -shared"' -Wl,-soname,${LIB}'}
+- : ${SHLIB_RPATH='-Wl,-rpath,${SHLIB_DIR}'}
+- : ${SHLIB_ENV="LD_LIBRARY_PATH=`pwd`/lib"}
+- : ${PLUGIN_LD="${CC-gcc} -shared"}
+- ;;
+- NetBSD.10*) SYSTYPE=NETBSD10
+ NetBSD*) SYSTYPE=NETBSD
: ${SHLIB_SUFFIX=.so}
: ${SHLIB_CFLAGS=-fPIC}
: ${SHLIB_LD="${CC-gcc} -shared"' -Wl,-soname,${LIB}'}
-@@ -434,13 +425,6 @@ case "$SYSTEM.$RELEASE" in
+@@ -493,13 +460,6 @@ case "$SYSTEM.$RELEASE" in
esac
;;
ULTRIX.4*) SYSTYPE=ULTRIX4
@@ -68,7 +92,7 @@
for l in syslog resolv; do
if [ -f /usr/local/lib/lib$l.a ]; then
SYSLIBS="$SYSLIBS -l$l"
-@@ -482,33 +466,8 @@ case "$SYSTEM.$RELEASE" in
+@@ -541,33 +501,8 @@ case "$SYSTEM.$RELEASE" in
esac;;
# Tested with RedHat 3.03 on 20020729.
Linux.1*) SYSTYPE=LINUX1
@@ -102,7 +126,7 @@
for name in nsl resolv $GDBM_LIBS
do
for lib in /usr/lib64 /lib64 /usr/lib /lib
-@@ -608,24 +567,6 @@ EOF
+@@ -667,24 +602,6 @@ EOF
;;
GNU.0*|GNU/kFreeBSD.[567]*)
SYSTYPE=GNU0
@@ -127,7 +151,7 @@
for name in nsl resolv
do
for lib in /usr/lib64 /lib64 /usr/lib /lib
-@@ -656,26 +597,14 @@ EOF
+@@ -715,26 +632,14 @@ EOF
HP-UX.A.09.*) SYSTYPE=HPUX9
SYSLIBS=-ldbm
CCARGS="$CCARGS -DMISSING_USLEEP -DNO_SNPRINTF"
@@ -154,7 +178,7 @@
;;
ReliantUNIX-?.5.43) SYSTYPE=ReliantUnix543
RANLIB=echo
-@@ -717,12 +646,12 @@ ReliantUNIX-?.5.43) SYSTYPE=ReliantUnix5
+@@ -776,12 +681,12 @@ ReliantUNIX-?.5.43) SYSTYPE=ReliantUnix5
esac
: ${SHLIB_CFLAGS=-fPIC}
: ${SHLIB_SUFFIX=.dylib}
@@ -169,7 +193,7 @@
;;
dcosx.1*) SYSTYPE=DCOSX1
RANLIB=echo
-@@ -746,6 +675,21 @@ ReliantUNIX-?.5.43) SYSTYPE=ReliantUnix5
+@@ -805,6 +710,21 @@ ReliantUNIX-?.5.43) SYSTYPE=ReliantUnix5
esac
#
Home |
Main Index |
Thread Index |
Old Index