- update to 3.4.5

- adopt libressl patches from OpenBSD
2019-04-19 18:53:13 +00:00
parent fcecc02117
commit 56228e8fd2
13 changed files with 27 additions and 129 deletions
--- a/mail/postfix/Makefile
+++ b/mail/postfix/Makefile
@@ -2,7 +2,7 @@
 # $FreeBSD$

 PORTNAME=	postfix
-DISTVERSION=	3.3.4
+DISTVERSION=	3.4.5
 PORTREVISION?=	0
 PORTEPOCH=	1
 CATEGORIES=	mail ipv6
--- a/mail/postfix/distinfo
+++ b/mail/postfix/distinfo
@@ -1,3 +1,3 @@
-TIMESTAMP = 1553957353
-SHA256 (postfix/postfix-3.3.4.tar.gz) = 847818bb82d0d7e83303a30206330b5d6bd035bbbb0086782cd87dcb8ac99bd3
-SIZE (postfix/postfix-3.3.4.tar.gz) = 4429964
+TIMESTAMP = 1553956821
+SHA256 (postfix/postfix-3.4.5.tar.gz) = 8b2ba54f9d2a049582a0ed3ee2dbe96ba57e278feea9cb4f80e1a61844e6319f
+SIZE (postfix/postfix-3.4.5.tar.gz) = 4581301
--- a/mail/postfix/files/patch-makedefs
+++ b/mail/postfix/files/patch-makedefs
@@ -1,6 +1,6 @@
--- makedefs.orig	2018-02-03 17:20:46 UTC
+--- makedefs.orig	2019-03-10 23:42:59 UTC
 +++ makedefs
-@@ -287,6 +287,33 @@ case "$SYSTEM.$RELEASE" in
+@@ -298,6 +298,33 @@ case "$SYSTEM.$RELEASE" in
 		: ${SHLIB_ENV="LD_LIBRARY_PATH=`pwd`/lib"}
 		: ${PLUGIN_LD="${CC} -shared"}
 		;;
--- a/mail/postfix/files/patch-src_global_dict__mysql.c
+++ b/mail/postfix/files/patch-src_global_dict__mysql.c
@@ -1,54 +0,0 @@
-# PR: 220224 fix build against mysql 8.x
-#
-# from https://dev.mysql.com/doc/refman/5.7/en/mysql-options.html
-# o MYSQL_OPT_SSL_VERIFY_SERVER_CERT (argument type: my_bool *)
-#    This option is deprecated as of MySQL 5.7.11 and is removed in MySQL 8.0.
-#    Instead, use MYSQL_OPT_SSL_MODE with a value of SSL_MODE_VERIFY_IDENTITY. 
-#
--- src/global/dict_mysql.c.orig	2017-02-19 01:58:20 UTC
-+++ src/global/dict_mysql.c
-@@ -198,6 +198,14 @@
- 
- #include "dict_mysql.h"
- 
-+/* MySQL 8.x API change */
-+
-+#if defined(MARIADB_BASE_VERSION) && MYSQL_VERSION_ID >= 50023
-+#define DICT_MYSQL_SSL_VERIFY_SERVER_CERT MYSQL_OPT_SSL_VERIFY_SERVER_CERT
-+#elif MYSQL_VERSION_ID >= 80000
-+#define DICT_MYSQL_SSL_VERIFY_SERVER_CERT MYSQL_OPT_SSL_MODE
-+#endif
-+
- /* need some structs to help organize things */
- typedef struct {
-     MYSQL  *db;
-@@ -237,7 +245,7 @@ typedef struct {
-     char   *tls_CAfile;
-     char   *tls_CApath;
-     char   *tls_ciphers;
-#if MYSQL_VERSION_ID >= 50023
-+#if defined(DICT_MYSQL_SSL_VERIFY_SERVER_CERT)
-     int     tls_verify_cert;
- #endif
- #endif
-@@ -656,9 +664,9 @@ static void plmysql_connect_single(DICT_
- 		      dict_mysql->tls_key_file, dict_mysql->tls_cert_file,
- 		      dict_mysql->tls_CAfile, dict_mysql->tls_CApath,
- 		      dict_mysql->tls_ciphers);
-#if MYSQL_VERSION_ID >= 50023
-+#if defined(DICT_MYSQL_SSL_VERIFY_SERVER_CERT)
-     if (dict_mysql->tls_verify_cert != -1)
-	mysql_options(host->db, MYSQL_OPT_SSL_VERIFY_SERVER_CERT,
-+	mysql_options(host->db, DICT_MYSQL_SSL_VERIFY_SERVER_CERT,
- 		      &dict_mysql->tls_verify_cert);
- #endif
- #endif
-@@ -723,7 +731,7 @@ static void mysql_parse_config(DICT_MYSQ
-     dict_mysql->tls_CAfile = cfg_get_str(p, "tls_CAfile", NULL, 0, 0);
-     dict_mysql->tls_CApath = cfg_get_str(p, "tls_CApath", NULL, 0, 0);
-     dict_mysql->tls_ciphers = cfg_get_str(p, "tls_ciphers", NULL, 0, 0);
-#if MYSQL_VERSION_ID >= 50023
-+#if defined(DICT_MYSQL_SSL_VERIFY_SERVER_CERT)
-     dict_mysql->tls_verify_cert = cfg_get_bool(p, "tls_verify_cert", -1);
- #endif
- #endif
--- a/mail/postfix/files/patch-src_posttls-finger_posttls-finger.c
+++ b/mail/postfix/files/patch-src_posttls-finger_posttls-finger.c
@@ -1,6 +1,6 @@
--- src/posttls-finger/posttls-finger.c.orig	2016-08-27 20:27:50 UTC
+--- src/posttls-finger/posttls-finger.c.orig	2019-02-12 13:17:45 UTC
 +++ src/posttls-finger/posttls-finger.c
-@@ -1511,7 +1511,8 @@ static int finger(STATE *state)
+@@ -1673,7 +1673,8 @@ static int finger(STATE *state)
     return (0);
 }
 
@@ -10,7 +10,7 @@
 
 /* ssl_cleanup - free memory allocated in the OpenSSL library */
 
-@@ -1958,7 +1959,8 @@ int     main(int argc, char *argv[])
+@@ -2156,7 +2157,8 @@ int     main(int argc, char *argv[])
     cleanup(&state);
 
     /* OpenSSL 1.1.0 and later (de)initialization is implicit */
--- a/mail/postfix/files/patch-src_tls_tls.h
+++ b/mail/postfix/files/patch-src_tls_tls.h
@@ -1,25 +0,0 @@
-$OpenBSD: patch-src_tls_tls_h,v 1.2 2017/03/04 22:09:43 sthen Exp $
-
-Fix building with LibreSSL
-
--- src/tls/tls.h.orig	2017-01-01 22:22:13 UTC
-+++ src/tls/tls.h
-@@ -89,7 +89,7 @@ extern const char *str_tls_level(int);
- #endif
- 
-  /* Backwards compatibility with OpenSSL < 1.1.0 */
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
-+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
- #define OpenSSL_version_num SSLeay
- #define OpenSSL_version SSLeay_version
- #define OPENSSL_VERSION SSLEAY_VERSION
-@@ -104,6 +104,9 @@ extern const char *str_tls_level(int);
- #define ASN1_STRING_get0_data ASN1_STRING_data
- #define X509_getm_notBefore X509_get_notBefore
- #define X509_getm_notAfter X509_get_notAfter
-+#endif
-+
-+#if OPENSSL_VERSION_NUMBER < 0x10100000L
- #define TLS_method SSLv23_method
- #define TLS_client_method SSLv23_client_method
- #define TLS_server_method SSLv23_server_method
--- a/mail/postfix/files/patch-src_tls_tls__certkey.c
+++ b/mail/postfix/files/patch-src_tls_tls__certkey.c
@@ -0,0 +1,11 @@
+--- src/tls/tls_certkey.c.orig	2019-03-07 23:57:10 UTC
+++ src/tls/tls_certkey.c
+@@ -144,7 +144,7 @@ static void init_pem_load_state(pem_load
+ 
+ /* use_chain - load cert, key and chain into ctx or ssl */
+ 
+-#if OPENSSL_VERSION_NUMBER >= 0x1010100fUL
+#if OPENSSL_VERSION_NUMBER >= 0x1010100fUL && !defined(LIBRESSL_VERSION_NUMBER)
+ static int use_chain(pem_load_state_t *st)
+ {
+     int     ret;
--- a/mail/postfix/files/patch-src_tls_tls__client.c
+++ b/mail/postfix/files/patch-src_tls_tls__client.c
@@ -1,11 +0,0 @@
--- src/tls/tls_client.c.orig	2016-08-27 20:27:50 UTC
-+++ src/tls/tls_client.c
-@@ -299,7 +299,7 @@ TLS_APPL_STATE *tls_client_init(const TL
-      */
-     tls_check_version();
- 
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
-+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
- 
-     /*
-      * Initialize the OpenSSL library by the book! To start with, we must
--- a/mail/postfix/files/patch-src_tls_tls__dane.c
+++ b/mail/postfix/files/patch-src_tls_tls__dane.c
@@ -1,11 +0,0 @@
--- src/tls/tls_dane.c.orig	2016-08-27 20:27:50 UTC
-+++ src/tls/tls_dane.c
-@@ -2163,7 +2163,7 @@ static SSL_CTX *ctx_init(const char *CAf
-     tls_param_init();
-     tls_check_version();
- 
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
-+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
-     SSL_load_error_strings();
-     SSL_library_init();
- #endif
--- a/mail/postfix/files/patch-src_tls_tls__dh.c
+++ b/mail/postfix/files/patch-src_tls_tls__dh.c
@@ -1,15 +0,0 @@
-$OpenBSD: patch-src_tls_tls_dh_c,v 1.1 2017/03/04 22:09:43 sthen Exp $
-
-Fix building with LibreSSL
-
--- src/tls/tls_dh.c.orig	2016-12-26 23:47:24 UTC
-+++ src/tls/tls_dh.c
-@@ -314,7 +314,7 @@ void    tls_auto_eecdh_curves(SSL_CTX *c
-      * This is a NOP in OpenSSL 1.1.0 and later, where curves are always
-      * auto-negotiated.
-      */
-#if OPENSSL_VERSION_NUMBER < 0x10100000UL
-+#if OPENSSL_VERSION_NUMBER < 0x10100000UL || defined(LIBRESSL_VERSION_NUMBER)
-     if (SSL_CTX_set_ecdh_auto(ctx, 1) <= 0) {
- 	msg_warn("failed to enable automatic ECDHE curve selection");
- 	tls_print_errors();
--- a/mail/postfix/files/patch-src_tls_tls__server.c
+++ b/mail/postfix/files/patch-src_tls_tls__server.c
@@ -1,6 +1,6 @@
--- src/tls/tls_server.c.orig	2018-11-17 22:33:15 UTC
+--- src/tls/tls_server.c.orig	2019-02-18 23:03:54 UTC
 +++ src/tls/tls_server.c
-@@ -517,7 +517,9 @@ TLS_APPL_STATE *tls_server_init(const TL
+@@ -518,7 +518,9 @@ TLS_APPL_STATE *tls_server_init(const TL
 	 * ticket decryption callback already (since 2.11) asks OpenSSL to
 	 * avoid issuing new tickets when the presented ticket is re-usable.
 	 */
--- a/mail/postfix/files/patch-src_util_sys__defs.h
+++ b/mail/postfix/files/patch-src_util_sys__defs.h
@@ -1,9 +1,10 @@
--- src/util/sys_defs.h.orig	2017-06-18 19:30:20 UTC
+--- src/util/sys_defs.h.orig	2019-03-10 16:58:04 UTC
 +++ src/util/sys_defs.h
-@@ -30,6 +30,7 @@
+@@ -30,7 +30,7 @@
 #if defined(FREEBSD2) || defined(FREEBSD3) || defined(FREEBSD4) \
     || defined(FREEBSD5) || defined(FREEBSD6) || defined(FREEBSD7) \
     || defined(FREEBSD8) || defined(FREEBSD9) || defined(FREEBSD10) \
+-    || defined(FREEBSD11) \
 +    || defined(FREEBSD11) || defined(FREEBSD12) || defined(FREEBSD13) \
     || defined(BSDI2) || defined(BSDI3) || defined(BSDI4) \
     || defined(OPENBSD2) || defined(OPENBSD3) || defined(OPENBSD4) \
--- a/mail/postfix/pkg-plist
+++ b/mail/postfix/pkg-plist
@@ -61,6 +61,7 @@ libexec/postfix/postfix-files
 libexec/postfix/postfix-script
 libexec/postfix/postfix-tls-script
 libexec/postfix/postfix-wrapper
+libexec/postfix/postlogd
 libexec/postfix/postmulti-script
 libexec/postfix/postscreen
 libexec/postfix/proxymap
@@ -137,6 +138,7 @@ libexec/postfix/virtual
 %%BMAN%%man/man8/oqmgr.8.gz
 %%BMAN%%man/man8/pickup.8.gz
 %%BMAN%%man/man8/pipe.8.gz
+%%BMAN%%man/man8/postlogd.8.gz
 %%BMAN%%man/man8/postscreen.8.gz
 %%BMAN%%man/man8/proxymap.8.gz
 %%BMAN%%man/man8/qmgr.8.gz