From 43ed5d3301f5eac5008275de64996ec6258e5120 Mon Sep 17 00:00:00 2001 From: Eygene Ryabinkin Date: Thu, 13 Oct 2011 20:16:20 +0400 Subject: [PATCH] mail/exim: upgrade to 4.77 New stuff (from ftp://exim.inode.at/exim/ChangeLogs/NewStuff-4.77): 1. New options for the ratelimit ACL condition: /count= and /unique=. The /noupdate option has been replaced by a /readonly option. 2. The SMTP transport's protocol option may now be set to "smtps", to use SSL-on-connect outbound. 3. New variable $av_failed, set true if the AV scanner deferred; ie, when there is a problem talking to the AV scanner, or the AV scanner running. 4. New expansion conditions, "inlist" and "inlisti", which take simple lists and check if the search item is a member of the list. This does not support named lists, but does subject the list part to string expansion. 5. Unless the new EXPAND_LISTMATCH_RHS build option is set when Exim was built, Exim no longer performs string expansion on the second string of the match_* expansion conditions: "match_address", "match_domain", "match_ip" & "match_local_part". Named lists can still be used. Relevant entries from ChangeLog at ftp://exim.inode.at/exim/ChangeLogs/ChangeLog-4.77: TK/01 DKIM Verification: Fix relaxed canon for empty headers w/o whitespace trailer TF/02 Fix a couple more cases where we did not log the error message when unlink() failed. See also change 4.74-TF/03. TF/03 Make the exiwhat support code safe for signals. Previously Exim might lock up or crash if it happened to be inside a call to libc when it got a SIGUSR1 from exiwhat. The SIGUSR1 handler appends the current process status to the process log which is later printed by exiwhat. It used to use the general purpose logging code to do this, but several functions it calls are not safe for signals. The new output code in the SIGUSR1 handler is specific to the process log, and simple enough that it's easy to inspect for signal safety. Removing some special cases also simplifies the general logging code. Removing the spurious timestamps from the process log simplifies exiwhat. PP/02 Raise smtp_cmd_buffer_size to 16kB. Bugzilla 879. Patch from Paul Fisher. PP/07 Make maildir_use_size_file an _expandable_ boolean. Bugzilla 1089. Patch from Heiko Schlittermann. PP/08 Handle ${run} returning more data than OS pipe buffer size. Bugzilla 1131. Patch from Holger Weitz. PP/09 Handle IPv6 addresses with SPF. Bugzilla 860. Patch from Wolfgang Breyha. PP/10 GnuTLS: support TLS 1.2 & 1.1. Bugzilla 1156. Use gnutls_certificate_verify_peers2() [patch from Andreas Metzler]. Bugzilla 1095. PP/12 fix uninitialised greeting string from PP/03 (smtps client support). PP/13 shell and compiler warnings fixes for RC1-RC4 changes. PP/14 fix log_write() format string regression from TF/03. Bugzilla 1152. Patch from Dmitry Isaikin. Other changes: - the patch for XCLIENT was updated to match the latest Exim sources; - removed already incorporated patch for exiqgrep; - removed Makefile.options and simplified OPTIONS handling. PR: ports/161095, ports/161482 Signed-off-by: Eygene Ryabinkin --- UPDATING | 10 +++ mail/exim/Makefile | 27 +++++-- mail/exim/Makefile.options | 153 ----------------------------------- mail/exim/distinfo | 4 +- mail/exim/files/extra-patch-xclient | 17 ++-- mail/exim/files/patch-exiqgrep.src | 15 ---- mail/exim/options | 91 +++++++++++---------- mail/exim/pkg-message | 13 +++ mail/exim/pkg-plist | 2 - 9 files changed, 100 insertions(+), 232 deletions(-) delete mode 100644 mail/exim/Makefile.options delete mode 100644 mail/exim/files/patch-exiqgrep.src diff --git a/UPDATING b/UPDATING index 10cb9c3..9a3f8a2 100644 --- a/UPDATING +++ b/UPDATING @@ -5,6 +5,16 @@ they are unavoidable. You should get into the habit of checking this file for changes each time you update your ports collection, before attempting any port upgrades. +20111016: + AFFECTS: users of mail/exim + AUTHOR: Eygene Ryabinkin + + By-default Exim now refrains from expanding the right-hand side + of match_* functions unless the port knob WITH_LISTMATCH_RHS + is set. Please, read the changelog at + ftp://exim.inode.at/exim/ChangeLogs/ChangeLog-4.77: + to obtain full details about the new behaviour. + 20111005: AFFECTS: users of lang/erlang AUTHOR: Jimmy Olgeni diff --git a/mail/exim/Makefile b/mail/exim/Makefile index 2abf87d..00a4c0e 100644 --- a/mail/exim/Makefile +++ b/mail/exim/Makefile @@ -18,7 +18,7 @@ EXTRACT_ONLY= ${DISTNAME}${EXTRACT_SUFX} MAINTAINER= rea@FreeBSD.org COMMENT?= High performance MTA for Unix systems on the Internet -.include "Makefile.options" +LICENSE= GPLv2 USE_BZIP2= yes WANT_GNOME= yes @@ -41,7 +41,8 @@ MAKE_JOBS_UNSAFE= yes .error "You forgot to define FETCH_ALL to create the sane distinfo" .endif -.include +.include "options" +.include .if defined(WITH_SA_EXIM) .if defined(WITH_KAS) @@ -77,7 +78,7 @@ PLIST_SUB+= SO_1024="" PLIST_SUB+= SO_1024="@comment " .endif -EXIM_VERSION= 4.76 +EXIM_VERSION= 4.77 SA_EXIM_VERSION=4.2 SO_1024_VERSION=3.2 @@ -110,8 +111,7 @@ NO_INSTALL_MANPAGES= yes PORTDOC_BASE= ACKNOWLEDGMENTS NOTICE README.UPDATING PORTDOC_FILES= ChangeLog Exim3.upgrade Exim4.upgrade NewStuff \ OptionLists.txt README README.SIEVE dbm.discuss.txt \ - experimental-spec.txt filter.txt pcrepattern.txt \ - pcretest.txt spec.txt + experimental-spec.txt filter.txt spec.txt PORT_EXAMPLES= convert4r3 convert4r4 transport-filter.pl @@ -166,6 +166,10 @@ WITH_DEFAULT_CHARSET?= ISO-8859-1 LIB_DEPENDS+= pcre.0:${PORTSDIR}/devel/pcre +.if defined(WITH_LISTMATCH_RHS) +SEDLIST+= -e 's,^\# (EXPAND_LISTMATCH_RHS=),\1,' +.endif + .if defined(WITH_DCC) SEDLIST+= -e 's,^\# (EXPERIMENTAL_DCC=),\1,' .endif @@ -619,4 +623,15 @@ post-install: .endif -.include +show-variables-list: + @${SH} -c 'set -- ${OPTIONS:C/".*"//g}; \ + while [ -n "$$1" ]; do \ + opt="$$1"; shift; \ + status="$$1"; shift; \ + case "X$$status" in \ + X[Oo][Nn]) echo "WITH_$$opt"=yes; ;; \ + X[Oo][Ff][Ff]) echo "WITHOUT_$$opt"=yes; ;; \ + esac; \ + done' + +.include diff --git a/mail/exim/Makefile.options b/mail/exim/Makefile.options deleted file mode 100644 index 60ff5de..0000000 --- a/mail/exim/Makefile.options +++ /dev/null @@ -1,153 +0,0 @@ -# -# Makefile helper for options handling. -# -# Targets and their behaviors: -# -# show-variables-list - shows WITH_*, WITHOUT_ variables set by default. -# -# show-options-list - generates OPTIONS string compatible with ports -# format. Can by safely used by maintainer to -# re-generate sorted options list to cut-and-paste them -# into `options' file. -# -# $FreeBSD: ports/mail/exim/Makefile.options,v 1.5 2011/01/09 11:19:24 rea Exp $ - -AUTH_CRAM_MD5 = "Enable CRAM-MD5 authentication mechanisms" -AUTH_DOVECOT = "Enable Dovecot authentication mechanisms" -AUTH_PLAINTEXT = "Enable plaintext authentication" -AUTH_SPA = "Enable Secure Password Authentication" -CDB = "Enable CDB-style lookups" -DAEMON = "Install scripts to run as a daemon" -DNSDB = "Enable DNS-style lookups" -DSEARCH = "Enable directory-list lookups" -EMBEDDED_PERL = "Enable embedded Perl interpreter" -ICONV = "Enable header charset conversion" -IPV6 = "Enable IPv6 support" -LMTP = "RFC2033 SMTP over command pipe transport" -LSEARCH = "Enable wildcarded-file lookups" -MAILDIR = "Enable Maildir mailbox format" -MAILSTORE = "Enable Mailstore mailbox format" -MBX = "Enable MBX mailbox format" -NIS = "Enable NIS-style lookups" -OLD_DEMIME = "Enable old, deprecated \"demime\" ACL" -PAM = "Enable PAM authentication mechanisms" -PASSWD = "Enable /etc/passwd lookups" -SUID = "Install the exim binary suid root" -TLS = "Link against OpenSSL" - -ALT_CONFIG_PREFIX = "Restrict the set of configuration files" -AUTH_RADIUS = "Enable radius (RFC 2865) authentication" -AUTH_SASL = "Enable use of Cyrus SASL auth library" -CONTENT_SCAN = "Enable exiscan email content scanner" -DCC = "Enable DCC at ACL support via dccifd" -DEBUG = "Build with debugging symbols" -DISABLE_D_OPT = "Disable macros overrides using option -D" -EXIMON = "Build eximon monitor (require XFree86!)" -KAS = "Build with Kaspersky AntiSpam local scan" -MYSQL = "Link against libmysqlclient library" -OPENLDAP = "Link against libldap" -PGSQL = "Link against libpq" -READLINE = "Enable readline(3) library" -SASLAUTHD = "Enable use of Cyrus SASL auth daemon" -SA_EXIM = "SA-Exim support" -SO_1024 = "Build with Spamooborona-1024 local scan" -SPF = "Enable Sender Policy Framework checking" -SQLITE = "Enable SQLite lookups" -SRS = "Enable Sender Rewriting Scheme" -SRS_ALT = "Enable alternative SRS library" -TCP_WRAPPERS = "Enable /etc/hosts.allow access control" -WISHLIST = "Include the unsupported patches" -XCLIENT = "Enable XCLIENT command in exim" - -ENABLED_OPTIONS+= \ - AUTH_CRAM_MD5 \ - AUTH_DOVECOT \ - AUTH_PLAINTEXT \ - AUTH_SPA \ - CDB \ - DAEMON \ - DISABLE_D_OPT \ - DNSDB \ - DSEARCH \ - ICONV \ - IPV6 \ - LMTP \ - LSEARCH \ - MAILDIR \ - MAILSTORE \ - MBX \ - NIS \ - OLD_DEMIME \ - PAM \ - PASSWD \ - EMBEDDED_PERL \ - SUID \ - TLS - -DISABLED_OPTIONS+= \ - ALT_CONFIG_PREFIX \ - AUTH_RADIUS \ - AUTH_SASL \ - CONTENT_SCAN \ - DCC \ - DEBUG \ - EXIMON \ - KAS \ - MYSQL \ - OPENLDAP \ - PGSQL \ - READLINE \ - SASLAUTHD \ - SA_EXIM \ - SO_1024 \ - SPF \ - SQLITE \ - SRS \ - SRS_ALT \ - TCP_WRAPPERS \ - WISHLIST \ - XCLIENT - -ALL_OPTIONS= ${ENABLED_OPTIONS} \ - ${DISABLED_OPTIONS} - -.if !target(show-options-list) - -_SELECTED_OPTIONS_ENV= -.for option in ${ENABLED_OPTIONS} ${DISABLED_OPTIONS} -.if !defined($(option)) -_SELECTED_OPTIONS_ENV+= $(option)=$(option) -.else -_SELECTED_OPTIONS_ENV+= $(option)=$($(option)) -.endif -.endfor - -show-options-list: - @${ECHO_CMD} OPTIONS+= \\ - @for option in ${ALL_OPTIONS:O:u}; do \ - _txt=$$(${_SELECTED_OPTIONS_ENV} && \ - eval ${ECHO_CMD} $$\{$${option}\}); \ - if ${ECHO_CMD} ${ENABLED_OPTIONS} |${GREP} -wq $${option}; \ - then \ - _flag=on; \ - else \ - _flag=off; \ - fi; \ - ${PRINTF} "\t $${option} \"$${_txt}\" $${_flag} \\"; \ - ${ECHO_CMD}; \ - done -.endif - -.if !target(show-variables-list) -show-variables-list: - @for option in ${ALL_OPTIONS}; do \ - if ${ECHO_CMD} ${ENABLED_OPTIONS} |${GREP} -wq $${option}; \ - then \ - ${ECHO_CMD} "WITH_$${option}=yes"; \ - else \ - ${ECHO_CMD} "WITHOUT_$${option}=yes"; \ - fi; \ - done -.endif - -.include "options" diff --git a/mail/exim/distinfo b/mail/exim/distinfo index db3e0c9..8f4c5dc 100644 --- a/mail/exim/distinfo +++ b/mail/exim/distinfo @@ -1,5 +1,5 @@ -SHA256 (exim/exim-4.76.tar.bz2) = 4625b0fb916835ae60a73311a8956267fa1248e888f584c337a5b7df20174e95 -SIZE (exim/exim-4.76.tar.bz2) = 1605832 +SHA256 (exim/exim-4.77.tar.bz2) = 0ccc13cf2f052b1163fcdf71c55a3578765050848ba413a6473d3ab5d20b1475 +SIZE (exim/exim-4.77.tar.bz2) = 1576148 SHA256 (exim/sa-exim-4.2.tar.gz) = 72e0a735547f18b05785e6c58a71d24623858f0f5234a5dc0e24cb453999e99a SIZE (exim/sa-exim-4.2.tar.gz) = 66575 SHA256 (exim/spamooborona1024-src-3.2.tar.gz) = ab22a430f3860460045f6b213c68c89700a0cd10cbb6c7a808ece326c53787ee diff --git a/mail/exim/files/extra-patch-xclient b/mail/exim/files/extra-patch-xclient index 01a9552..f55498f 100644 --- a/mail/exim/files/extra-patch-xclient +++ b/mail/exim/files/extra-patch-xclient @@ -1,22 +1,21 @@ - ---- src/globals.c.orig 2007-12-10 18:59:58.297661332 +0300 -+++ src/globals.c 2007-12-10 19:00:22.299029091 +0300 -@@ -621,6 +621,7 @@ +--- src/globals.c.orig 2011-10-10 09:18:13.000000000 +0400 ++++ src/globals.c 2011-10-16 02:33:45.000000000 +0400 +@@ -633,6 +633,7 @@ BOOL helo_verified = FALSE; BOOL helo_verify_failed = FALSE; uschar *helo_verify_hosts = NULL; +uschar *xclient_allow_hosts = NULL; - uschar *hex_digits = US"0123456789abcdef"; + const uschar *hex_digits = CUS"0123456789abcdef"; uschar *hold_domains = NULL; BOOL host_checking = FALSE; ---- src/globals.h.orig 2007-12-10 19:11:45.337953260 +0300 -+++ src/globals.h 2007-12-10 19:12:42.341201691 +0300 -@@ -367,6 +367,7 @@ +--- src/globals.h.orig 2011-10-10 09:18:13.000000000 +0400 ++++ src/globals.h 2011-10-16 02:34:09.000000000 +0400 +@@ -398,6 +398,7 @@ extern BOOL helo_verified; /* True if HELO verified */ extern BOOL helo_verify_failed; /* True if attempt failed */ extern uschar *helo_verify_hosts; /* Hard check HELO argument for these */ +extern uschar *xclient_allow_hosts; /* Allow XCLIENT command for specified hosts */ - extern uschar *hex_digits; /* Used in several places */ + extern const uschar *hex_digits; /* Used in several places */ extern uschar *hold_domains; /* Hold up deliveries to these */ extern BOOL host_find_failed_syntax;/* DNS syntax check failure */ --- src/macros.h.orig 2007-08-30 18:31:06.000000000 +0400 diff --git a/mail/exim/files/patch-exiqgrep.src b/mail/exim/files/patch-exiqgrep.src deleted file mode 100644 index 32986da..0000000 --- a/mail/exim/files/patch-exiqgrep.src +++ /dev/null @@ -1,15 +0,0 @@ -Should be removed once it will get into the mainline release. - -Taken-from: http://bugs.exim.org/show_bug.cgi?id=1103 -Reported-by: Oliver Brandmueller ---- src/exiqgrep.src.orig 2011-05-10 10:29:50.000000000 +0400 -+++ src/exiqgrep.src 2011-05-10 10:31:13.000000000 +0400 -@@ -88,7 +88,7 @@ - chomp(); - my $line = $_; - #Should be 1st line of record, if not error. -- if ($line =~ /^\s*(\w+)\s+((?:\d+(?:\.\d+)?[A-Z])?)\s*(\w{6}-\w{6}-\w{2})\s+(<.*?>)/) { -+ if ($line =~ /^\s*(\w+)\s+((?:\d+(?:\.\d+)?[A-Z]?)?)\s*(\w{6}-\w{6}-\w{2})\s+(<.*?>)/) { - my $msg = $3; - $id{$msg}{age} = $1; - $id{$msg}{size} = $2; diff --git a/mail/exim/options b/mail/exim/options index 8f2083b..cef4d9b 100644 --- a/mail/exim/options +++ b/mail/exim/options @@ -1,46 +1,47 @@ OPTIONS+= \ - ALT_CONFIG_PREFIX "Restrict the set of configuration files" off \ - AUTH_CRAM_MD5 "Enable CRAM-MD5 authentication mechanisms" on \ - AUTH_DOVECOT "Enable Dovecot authentication mechanisms" on \ - AUTH_PLAINTEXT "Enable plaintext authentication" on \ - AUTH_RADIUS "Enable radius (RFC 2865) authentication" off \ - AUTH_SASL "Enable use of Cyrus SASL auth library" off \ - AUTH_SPA "Enable Secure Password Authentication" on \ - CDB "Enable CDB-style lookups" on \ - CONTENT_SCAN "Enable exiscan email content scanner" off \ - DAEMON "Install scripts to run as a daemon" on \ - DCC "Enable DCC at ACL support via dccifd" off \ - DEBUG "Build with debugging symbols" off \ - DISABLE_D_OPT "Disable macros overrides using option -D" on \ - DNSDB "Enable DNS-style lookups" on \ - DSEARCH "Enable directory-list lookups" on \ - EMBEDDED_PERL "Enable embedded Perl interpreter" on \ - EXIMON "Build eximon monitor (require XFree86!)" off \ - ICONV "Enable header charset conversion" on \ - IPV6 "Enable IPv6 support" on \ - KAS "Build with Kaspersky AntiSpam local scan" off \ - LMTP "RFC2033 SMTP over command pipe transport" on \ - LSEARCH "Enable wildcarded-file lookups" on \ - MAILDIR "Enable Maildir mailbox format" on \ - MAILSTORE "Enable Mailstore mailbox format" on \ - MBX "Enable MBX mailbox format" on \ - MYSQL "Link against libmysqlclient library" off \ - NIS "Enable NIS-style lookups" on \ - OLD_DEMIME "Enable old, deprecated "demime" ACL" on \ - OPENLDAP "Link against libldap" off \ - PAM "Enable PAM authentication mechanisms" on \ - PASSWD "Enable /etc/passwd lookups" on \ - PGSQL "Link against libpq" off \ - READLINE "Enable readline(3) library" off \ - SASLAUTHD "Enable use of Cyrus SASL auth daemon" off \ - SA_EXIM "SA-Exim support" off \ - SO_1024 "Build with Spamooborona-1024 local scan" off \ - SPF "Enable Sender Policy Framework checking" off \ - SQLITE "Enable SQLite lookups" off \ - SRS "Enable Sender Rewriting Scheme" off \ - SRS_ALT "Enable alternative SRS library" off \ - SUID "Install the exim binary suid root" on \ - TCP_WRAPPERS "Enable /etc/hosts.allow access control" off \ - TLS "Link against OpenSSL" on \ - WISHLIST "Include the unsupported patches" off \ - XCLIENT "Enable XCLIENT command in exim" off \ + ALT_CONFIG_PREFIX "Restrict the set of configuration files" off \ + AUTH_CRAM_MD5 "Enable CRAM-MD5 authentication mechanisms" on \ + AUTH_DOVECOT "Enable Dovecot authentication mechanisms" on \ + AUTH_PLAINTEXT "Enable plaintext authentication" on \ + AUTH_RADIUS "Enable radius (RFC 2865) authentication" off \ + AUTH_SASL "Enable use of Cyrus SASL auth library" off \ + AUTH_SPA "Enable Secure Password Authentication" on \ + CDB "Enable CDB-style lookups" on \ + CONTENT_SCAN "Enable exiscan email content scanner" off \ + DAEMON "Install scripts to run as a daemon" on \ + DCC "Enable DCC at ACL support via dccifd" off \ + DEBUG "Build with debugging symbols" off \ + DISABLE_D_OPT "Disable macros overrides using option -D" on \ + DNSDB "Enable DNS-style lookups" on \ + DSEARCH "Enable directory-list lookups" on \ + EMBEDDED_PERL "Enable embedded Perl interpreter" on \ + EXIMON "Build eximon monitor (require XFree86!)" off \ + ICONV "Enable header charset conversion" on \ + IPV6 "Enable IPv6 support" on \ + KAS "Build with Kaspersky AntiSpam local scan" off \ + LISTMATCH_RHS "Enable pre-4.77 behaviour for match_*" off \ + LMTP "RFC2033 SMTP over command pipe transport" on \ + LSEARCH "Enable wildcarded-file lookups" on \ + MAILDIR "Enable Maildir mailbox format" on \ + MAILSTORE "Enable Mailstore mailbox format" on \ + MBX "Enable MBX mailbox format" on \ + MYSQL "Link against libmysqlclient library" off \ + NIS "Enable NIS-style lookups" on \ + OLD_DEMIME "Enable old, deprecated "demime" ACL" on \ + OPENLDAP "Link against libldap" off \ + PAM "Enable PAM authentication mechanisms" on \ + PASSWD "Enable /etc/passwd lookups" on \ + PGSQL "Link against libpq" off \ + READLINE "Enable readline(3) library" off \ + SASLAUTHD "Enable use of Cyrus SASL auth daemon" off \ + SA_EXIM "SA-Exim support" off \ + SO_1024 "Build with Spamooborona-1024 local scan" off \ + SPF "Enable Sender Policy Framework checking" off \ + SQLITE "Enable SQLite lookups" off \ + SRS "Enable Sender Rewriting Scheme" off \ + SRS_ALT "Enable alternative SRS library" off \ + SUID "Install the exim binary suid root" on \ + TCP_WRAPPERS "Enable /etc/hosts.allow access control" off \ + TLS "Link against OpenSSL" on \ + WISHLIST "Include the unsupported patches" off \ + XCLIENT "Enable XCLIENT command in exim" off diff --git a/mail/exim/pkg-message b/mail/exim/pkg-message index 93c1aba..cbd7c03 100644 --- a/mail/exim/pkg-message +++ b/mail/exim/pkg-message @@ -5,3 +5,16 @@ IMPORTANT NOTE: Please read %%DOCSDIR%%/POST-INSTALL-NOTES for important information regarding your Exim installation. + +How to restore pre-4.77 behaviour of match_* expansions +======================================================= + +Just two steps to do it: + + 1. first, read README.UPDATING and in most cases you will + realize that pre-4.77 behaviour is not what you want; + + 2. if you're still here, turn on port's knob LISTMATCH_RHS + and carefully review your configuration for untrusted + right-hand sides in match_* operations. + diff --git a/mail/exim/pkg-plist b/mail/exim/pkg-plist index c8db5d8..3e56283 100644 --- a/mail/exim/pkg-plist +++ b/mail/exim/pkg-plist @@ -32,8 +32,6 @@ sbin/exiwhat %%PORTDOCS%%%%DOCSDIR%%/dbm.discuss.txt %%PORTDOCS%%%%DOCSDIR%%/experimental-spec.txt %%PORTDOCS%%%%DOCSDIR%%/filter.txt -%%PORTDOCS%%%%DOCSDIR%%/pcrepattern.txt -%%PORTDOCS%%%%DOCSDIR%%/pcretest.txt %%PORTDOCS%%%%DOCSDIR%%/spec.txt %%PORTDOCS%%@dirrmtry %%DOCSDIR%% %%PORTDOCS%%%%EXAMPLESDIR%%/convert4r3 -- 1.7.5.4