From 646a5c1cbfd95873950a87b5f75d52073a967023 Mon Sep 17 00:00:00 2001 From: Patrick J Volkerding Date: Mon, 28 May 2018 19:12:29 +0000 Subject: Mon May 28 19:12:29 UTC 2018 a/pkgtools-15.0-noarch-13.txz: Rebuilt. installpkg: default line length for --terselength is the number of columns. removepkg: added --terse mode. upgradepkg: default line length for --terselength is the number of columns. upgradepkg: accept -option in addition to --option. ap/vim-8.1.0026-x86_64-1.txz: Upgraded. d/bison-3.0.5-x86_64-1.txz: Upgraded. e/emacs-26.1-x86_64-1.txz: Upgraded. kde/kopete-4.14.3-x86_64-8.txz: Rebuilt. Recompiled against libidn-1.35. n/conntrack-tools-1.4.5-x86_64-1.txz: Upgraded. n/libnetfilter_conntrack-1.0.7-x86_64-1.txz: Upgraded. n/libnftnl-1.1.0-x86_64-1.txz: Upgraded. n/links-2.16-x86_64-2.txz: Rebuilt. Rebuilt to enable X driver for -g mode. n/lynx-2.8.9dev.19-x86_64-1.txz: Upgraded. n/nftables-0.8.5-x86_64-1.txz: Upgraded. n/p11-kit-0.23.11-x86_64-1.txz: Upgraded. n/ulogd-2.0.7-x86_64-1.txz: Upgraded. n/whois-5.3.1-x86_64-1.txz: Upgraded. xap/network-manager-applet-1.8.12-x86_64-1.txz: Upgraded. xap/vim-gvim-8.1.0026-x86_64-1.txz: Upgraded. --- extra/source/sendmail/Build | 29 +++ extra/source/sendmail/SlackBuild-sendmail | 170 +++++++++++++++ extra/source/sendmail/SlackBuild-sendmail-cf | 57 +++++ extra/source/sendmail/linux.uucp.mc | 8 + extra/source/sendmail/openssl-1.1.0.patch | 242 +++++++++++++++++++++ .../source/sendmail/sendmail-slackware-tls-sasl.mc | 61 ++++++ extra/source/sendmail/sendmail-slackware-tls.mc | 56 +++++ extra/source/sendmail/sendmail-slackware.mc | 42 ++++ extra/source/sendmail/sendmail.SlackBuild | 3 + extra/source/sendmail/site.config.m4 | 8 + extra/source/sendmail/slack-desc.sendmail | 19 ++ extra/source/sendmail/slack-desc.sendmail-cf | 19 ++ 12 files changed, 714 insertions(+) create mode 100644 extra/source/sendmail/Build create mode 100755 extra/source/sendmail/SlackBuild-sendmail create mode 100755 extra/source/sendmail/SlackBuild-sendmail-cf create mode 100644 extra/source/sendmail/linux.uucp.mc create mode 100644 extra/source/sendmail/openssl-1.1.0.patch create mode 100644 extra/source/sendmail/sendmail-slackware-tls-sasl.mc create mode 100644 extra/source/sendmail/sendmail-slackware-tls.mc create mode 100644 extra/source/sendmail/sendmail-slackware.mc create mode 100755 extra/source/sendmail/sendmail.SlackBuild create mode 100644 extra/source/sendmail/site.config.m4 create mode 100644 extra/source/sendmail/slack-desc.sendmail create mode 100644 extra/source/sendmail/slack-desc.sendmail-cf (limited to 'extra/source/sendmail') diff --git a/extra/source/sendmail/Build b/extra/source/sendmail/Build new file mode 100644 index 00000000..21950d49 --- /dev/null +++ b/extra/source/sendmail/Build @@ -0,0 +1,29 @@ +#!/bin/sh +# Copyright 2004 Slackware Linux, Inc. Concord, CA 94520 +# Copyright 2007, 2008 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +# + +# A script to build .cf files from .mc files: + +for mcfile in $* ; do + /usr/bin/m4 /usr/share/sendmail/cf/m4/cf.m4 $mcfile > $(basename $mcfile .mc).cf +done + diff --git a/extra/source/sendmail/SlackBuild-sendmail b/extra/source/sendmail/SlackBuild-sendmail new file mode 100755 index 00000000..a477d16a --- /dev/null +++ b/extra/source/sendmail/SlackBuild-sendmail @@ -0,0 +1,170 @@ +#!/bin/sh + +# Copyright 2008, 2009, 2010, 2012, 2013, 2014, 2015 Patrick J. Volkerding, Sebeka, Minnesota, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +VERSION=8.15.2 +BUILD=${BUILD:-3} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i586 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-sendmail + +if [ "$ARCH" = "i586" ]; then + SLKCFLAGS="-O2 -march=i586 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" + LIBDIRSUFFIX="64" +else + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +fi + +rm -rf $PKG +mkdir -p $TMP $PKG + +# Explode the package framework: +cd $PKG +explodepkg $CWD/_sendmail.tar.gz +[ -n "${LIBDIRSUFFIX}" ] && mv $PKG/usr/lib $PKG/usr/lib${LIBDIRSUFFIX} + +echo "+=================+" +echo "| sendmail.$VERSION |" +echo "+=================+" +OSCPU="`uname -srm | tr ' ' '.'`" +cd $TMP +rm -rf sendmail-$VERSION +tar xvf $CWD/sendmail.$VERSION.tar.gz || exit 1 +cd sendmail-$VERSION + +zcat $CWD/openssl-1.1.0.patch.gz | patch -p1 --verbose || exit 1 + +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +# Add TLS support to the sendmail binary: +cat $CWD/site.config.m4 > devtools/Site/site.config.m4 + +# Build .cf files for Linux: +cd $TMP/sendmail-$VERSION/cf/cf +cp $CWD/*.mc . +cp linux.uucp.mc config.mc +sh Build config.cf +mv config.cf $PKG/usr/share/sendmail/linux.uucp.cf +cp sendmail-slackware.mc config.mc +sh Build config.cf +mv config.cf $PKG/usr/share/sendmail/sendmail-slackware.cf +cp sendmail-slackware-tls.mc config.mc +sh Build config.cf +mv config.cf $PKG/usr/share/sendmail/sendmail-slackware-tls.cf +cp sendmail-slackware-tls-sasl.mc config.mc +sh Build config.cf +mv config.cf $PKG/usr/share/sendmail/sendmail-slackware-tls-sasl.cf + +# Add a sample sendmail.cf: +cat $PKG/usr/share/sendmail/sendmail-slackware.cf > $PKG/etc/mail/sendmail.cf.new +cat submit.cf > $PKG/etc/mail/submit.cf.new + +cd $TMP/sendmail-$VERSION +## All "Build" does is call make while screwing up the options :-) +## sh Build +make O="$SLKCFLAGS" +#O="$SLKCFLAGS" sh Build +cat sendmail/mailq.1 | gzip -9c > $PKG/usr/man/man1/mailq.1.gz +cat sendmail/newaliases.1 | gzip -9c > $PKG/usr/man/man1/newaliases.1.gz +mkdir -p $PKG/usr/doc/sendmail-$VERSION +cp -a \ + FAQ INSTALL KNOWNBUGS LICENSE PGPKEYS README RELEASE_NOTES \ + $PKG/usr/doc/sendmail-$VERSION +( cd doc ; cp -a op $PKG/usr/doc/sendmail-$VERSION ) + +cd obj.$OSCPU/sendmail +cat sendmail > $PKG/usr/sbin/sendmail.new +cat aliases.5 | gzip -9c > $PKG/usr/man/man5/aliases.5.gz +cat sendmail.8 | gzip -9c > $PKG/usr/man/man8/sendmail.8.gz +cat statistics > $PKG/etc/mail/statistics +cat ../../sendmail/helpfile > $PKG/etc/mail/helpfile +cd ../makemap +cat makemap > $PKG/usr/sbin/makemap +cat makemap.8 | gzip -9c > $PKG/usr/man/man8/makemap.8.gz +cd ../mailstats +cat mailstats > $PKG/usr/sbin/mailstats +cat mailstats.8 | gzip -9c > $PKG/usr/man/man8/mailstats.8.gz +cd ../praliases +cat praliases > $PKG/usr/bin/praliases +chmod 755 $PKG/usr/bin/praliases +cat praliases.8 | gzip -9c > $PKG/usr/man/man8/praliases.8.gz +cd ../rmail +cat rmail > $PKG/usr/bin/rmail +cat rmail.8 | gzip -9c > $PKG/usr/man/man8/rmail.8.gz +cd ../smrsh +cat smrsh > $PKG/usr/sbin/smrsh +cat smrsh.8 | gzip -9c > $PKG/usr/man/man8/smrsh.8.gz +cd ../mail.local +cat mail.local > $PKG/usr/sbin/mail.local +cat mail.local.8 | gzip -9c > $PKG/usr/man/man8/mail.local.8.gz +cd ../vacation +cat vacation > $PKG/usr/bin/vacation +cat vacation.1 | gzip -9c > $PKG/usr/man/man1/vacation.1.gz +cd ../editmap +cat editmap > $PKG/usr/sbin/editmap +cat editmap.8 | gzip -9c > $PKG/usr/man/man8/editmap.8.gz + +# Add libmilter: +cd $TMP/sendmail-$VERSION/libmilter +./Build +cd .. +mkdir -p $PKG/usr/include +mkdir -p $PKG/usr/include/libmilter +cp -a include/libmilter/mfapi.h $PKG/usr/include/libmilter +cp -a include/libmilter/mfdef.h $PKG/usr/include/libmilter +cp -a obj.*/libmilter/libmilter.a $PKG/usr/lib${LIBDIRSUFFIX} +strip -g $PKG/usr/lib${LIBDIRSUFFIX}/libmilter.a +chmod 644 $PKG/usr/lib${LIBDIRSUFFIX}/libmilter.a $PKG/usr/include/libmilter/* +mkdir -p $PKG/usr/doc/sendmail-$VERSION/libmilter +cp -a libmilter/README $PKG/usr/doc/sendmail-$VERSION/libmilter + +find $PKG | xargs file | grep -e "executable" -e "shared object" | grep ELF \ + | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + +cat $CWD/slack-desc.sendmail > $PKG/install/slack-desc + +# Build the package: +cd $PKG +/sbin/makepkg -l y -c n $TMP/sendmail-$VERSION-$ARCH-$BUILD.txz + diff --git a/extra/source/sendmail/SlackBuild-sendmail-cf b/extra/source/sendmail/SlackBuild-sendmail-cf new file mode 100755 index 00000000..32e88023 --- /dev/null +++ b/extra/source/sendmail/SlackBuild-sendmail-cf @@ -0,0 +1,57 @@ +#!/bin/sh + +# Copyright 2008, 2009, 2012, 2013, 2014, 2015 Patrick J. Volkerding, Sebeka, Minnesota, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +VERSION=8.15.2 +ARCH=noarch +BUILD=${BUILD:-3} + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-sendmail-cf + +rm -rf $PKG +mkdir -p $TMP $PKG + +echo "+====================+" +echo "| sendmail.cf.$VERSION |" +echo "+====================+" +( cd $TMP/sendmail-$VERSION ; find . -name "*~" -print -exec rm {} \; ) +cd $PKG +mkdir -p usr/share/sendmail/cf +cd usr/share/sendmail/cf +cp -a $TMP/sendmail-$VERSION/cf/README . +cp -a $TMP/package-sendmail/usr/share/sendmail/README.linux . +for dir in cf domain feature hack m4 mailer ostype sh siteconfig ; do + cp -a $TMP/sendmail-$VERSION/cf/$dir . +done +# Replace the sendmail Build script with a simple (working) one: +cp -a $PKG/usr/share/sendmail/cf/cf/Build $PKG/usr/share/sendmail/cf/cf/Build.orig +zcat $CWD/Build.gz > $PKG/usr/share/sendmail/cf/cf/Build +chown -R root.root * + +mkdir -p $PKG/install +cat $CWD/slack-desc.sendmail-cf > $PKG/install/slack-desc + +# Build the package: +cd $PKG +/sbin/makepkg -l y -c n $TMP/sendmail-cf-$VERSION-noarch-$BUILD.txz + diff --git a/extra/source/sendmail/linux.uucp.mc b/extra/source/sendmail/linux.uucp.mc new file mode 100644 index 00000000..ffd242bb --- /dev/null +++ b/extra/source/sendmail/linux.uucp.mc @@ -0,0 +1,8 @@ +include(`../m4/cf.m4') +VERSIONID(`linux for setup with uucp which uses domain names')dnl +OSTYPE(linux) +FEATURE(always_add_domain)dnl +MAILER(local)dnl +MAILER(smtp)dnl +MAILER(uucp) +define(`SMART_HOST', uucp-dom:otheruucphost) diff --git a/extra/source/sendmail/openssl-1.1.0.patch b/extra/source/sendmail/openssl-1.1.0.patch new file mode 100644 index 00000000..bbca0454 --- /dev/null +++ b/extra/source/sendmail/openssl-1.1.0.patch @@ -0,0 +1,242 @@ +From: Sebastian Andrzej Siewior +Date: Sat, 10 Sep 2016 19:27:17 +0000 +Subject: [PATCH] sendmail: compile against openssl 1.1.0 + +Signed-off-by: Sebastian Andrzej Siewior +--- + +--- a/sendmail/tls.c ++++ b/sendmail/tls.c +@@ -60,18 +60,58 @@ static unsigned char dh512_g[] = + 0x02 + }; + ++#if OPENSSL_VERSION_NUMBER < 0x10100000 ++ ++static inline int DH_set0_pqg(DH *dh, BIGNUM *p, BIGNUM *q, BIGNUM *g) ++{ ++ /* If the fields p and g in d are NULL, the corresponding input ++ * parameters MUST be non-NULL. q may remain NULL. ++ */ ++ if ((dh->p == NULL && p == NULL) ++ || (dh->g == NULL && g == NULL)) ++ return 0; ++ ++ if (p != NULL) { ++ BN_free(dh->p); ++ dh->p = p; ++ } ++ if (q != NULL) { ++ BN_free(dh->q); ++ dh->q = q; ++ } ++ if (g != NULL) { ++ BN_free(dh->g); ++ dh->g = g; ++ } ++ ++ if (q != NULL) { ++ dh->length = BN_num_bits(q); ++ } ++ ++ return 1; ++} ++#endif ++ + static DH * + get_dh512() + { + DH *dh = NULL; ++ BIGNUM *p; ++ BIGNUM *g; + +- if ((dh = DH_new()) == NULL) +- return NULL; +- dh->p = BN_bin2bn(dh512_p, sizeof(dh512_p), NULL); +- dh->g = BN_bin2bn(dh512_g, sizeof(dh512_g), NULL); +- if ((dh->p == NULL) || (dh->g == NULL)) +- return NULL; ++ dh = DH_new(); ++ p = BN_bin2bn(dh512_p, sizeof(dh512_p), NULL); ++ g = BN_bin2bn(dh512_g, sizeof(dh512_g), NULL); ++ if (!dh || !p || !g) ++ goto err; ++ if (!DH_set0_pqg(dh, p, NULL, g)) ++ goto err; + return dh; ++err: ++ DH_free(dh); ++ BN_free(p); ++ BN_free(g); ++ return NULL; + } + + # if 0 +@@ -117,17 +157,22 @@ get_dh2048() + }; + static unsigned char dh2048_g[]={ 0x02, }; + DH *dh; ++ BIGNUM *p; ++ BIGNUM *g; + +- if ((dh=DH_new()) == NULL) +- return(NULL); +- dh->p=BN_bin2bn(dh2048_p,sizeof(dh2048_p),NULL); +- dh->g=BN_bin2bn(dh2048_g,sizeof(dh2048_g),NULL); +- if ((dh->p == NULL) || (dh->g == NULL)) +- { +- DH_free(dh); +- return(NULL); +- } ++ dh = DH_new(); ++ p = BN_bin2bn(dh2048_p,sizeof(dh2048_p),NULL); ++ g = BN_bin2bn(dh2048_g,sizeof(dh2048_g),NULL); ++ if (!dh || !p || !g) ++ goto err; ++ if (!DH_set0_pqg(dh, p, NULL, g)) ++ goto err; + return(dh); ++err: ++ DH_free(dh); ++ BN_free(p); ++ BN_free(g); ++ return NULL; + } + # endif /* !NO_DH */ + +@@ -926,7 +971,7 @@ inittls(ctx, req, options, srv, certfile + { + /* get a pointer to the current certificate validation store */ + store = SSL_CTX_get_cert_store(*ctx); /* does not fail */ +- crl_file = BIO_new(BIO_s_file_internal()); ++ crl_file = BIO_new(BIO_s_file()); + if (crl_file != NULL) + { + if (BIO_read_filename(crl_file, CRLFile) >= 0) +@@ -1000,26 +1045,43 @@ inittls(ctx, req, options, srv, certfile + ** maybe we should do it only on demand... + */ + +- if (bitset(TLS_I_RSA_TMP, req) + # if SM_CONF_SHM +- && ShmId != SM_SHM_NO_ID && +- (rsa_tmp = RSA_generate_key(RSA_KEYLENGTH, RSA_F4, NULL, +- NULL)) == NULL +-# else /* SM_CONF_SHM */ +- && 0 /* no shared memory: no need to generate key now */ +-# endif /* SM_CONF_SHM */ +- ) ++ if (bitset(TLS_I_RSA_TMP, req) ++ && ShmId != SM_SHM_NO_ID) + { +- if (LogLevel > 7) ++ BIGNUM *bn; ++ ++ bn = BN_new(); ++ rsa_tmp = RSA_new(); ++ if (!bn || !rsa_tmp || !BN_set_word(bn, RSA_F4)) { ++ RSA_free(rsa_tmp); ++ rsa_tmp = NULL; ++ } ++ if (rsa_tmp) + { +- sm_syslog(LOG_WARNING, NOQID, +- "STARTTLS=%s, error: RSA_generate_key failed", +- who); +- if (LogLevel > 9) +- tlslogerr(LOG_WARNING, who); ++ if (!RSA_generate_key_ex(rsa_tmp, RSA_KEYLENGTH, bn, NULL)) ++ { ++ RSA_free(rsa_tmp); ++ rsa_tmp = NULL; ++ } ++ } ++ BN_free(bn); ++ if (!rsa_tmp) ++ { ++ if (LogLevel > 7) ++ { ++ sm_syslog(LOG_WARNING, NOQID, ++ "STARTTLS=%s, error: RSA_generate_key failed", ++ who); ++ if (LogLevel > 9) ++ tlslogerr(LOG_WARNING, who); ++ } ++ return false; + } +- return false; + } ++# else /* SM_CONF_SHM */ ++ /* no shared memory: no need to generate key now */ ++# endif /* SM_CONF_SHM */ + # endif /* !TLS_NO_RSA */ + + /* +@@ -1210,9 +1272,15 @@ inittls(ctx, req, options, srv, certfile + sm_dprintf("inittls: Generating %d bit DH parameters\n", bits); + + /* this takes a while! */ +- dsa = DSA_generate_parameters(bits, NULL, 0, NULL, +- NULL, 0, NULL); +- dh = DSA_dup_DH(dsa); ++ dsa = DSA_new(); ++ if (dsa) { ++ int r; ++ ++ r = DSA_generate_parameters_ex(dsa, bits, NULL, 0, ++ NULL, NULL, NULL); ++ if (r != 0) ++ dh = DSA_dup_DH(dsa); ++ } + DSA_free(dsa); + } + else if (dh == NULL && bitset(TLS_I_DHFIXED, req)) +@@ -1733,6 +1801,9 @@ tmp_rsa_key(s, export, keylength) + int export; + int keylength; + { ++ BIGNUM *bn; ++ int ret; ++ + # if SM_CONF_SHM + extern int ShmId; + extern int *PRSATmpCnt; +@@ -1742,10 +1813,22 @@ tmp_rsa_key(s, export, keylength) + return rsa_tmp; + # endif /* SM_CONF_SHM */ + +- if (rsa_tmp != NULL) +- RSA_free(rsa_tmp); +- rsa_tmp = RSA_generate_key(RSA_KEYLENGTH, RSA_F4, NULL, NULL); +- if (rsa_tmp == NULL) ++ if (rsa_tmp == NULL) { ++ rsa_tmp = RSA_new(); ++ if (!rsa_tmp) ++ return NULL; ++ } ++ ++ bn = BN_new(); ++ if (!bn) ++ return NULL; ++ if (!BN_set_word(bn, RSA_F4)) { ++ BN_free(bn); ++ return NULL; ++ } ++ ret = RSA_generate_key_ex(rsa_tmp, RSA_KEYLENGTH, bn, NULL); ++ BN_free(bn); ++ if (!ret) + { + if (LogLevel > 0) + sm_syslog(LOG_ERR, NOQID, +@@ -1971,9 +2054,9 @@ x509_verify_cb(ok, ctx) + { + if (LogLevel > 13) + tls_verify_log(ok, ctx, "x509"); +- if (ctx->error == X509_V_ERR_UNABLE_TO_GET_CRL) ++ if (X509_STORE_CTX_get_error(ctx) == X509_V_ERR_UNABLE_TO_GET_CRL) + { +- ctx->error = 0; ++ X509_STORE_CTX_set_error(ctx, 0); + return 1; /* override it */ + } + } diff --git a/extra/source/sendmail/sendmail-slackware-tls-sasl.mc b/extra/source/sendmail/sendmail-slackware-tls-sasl.mc new file mode 100644 index 00000000..ed5753b4 --- /dev/null +++ b/extra/source/sendmail/sendmail-slackware-tls-sasl.mc @@ -0,0 +1,61 @@ +dnl# This is the a sendmail .mc file for Slackware with TLS support. +dnl# To generate the sendmail.cf file from this (perhaps after making +dnl# some changes), use the m4 files in /usr/share/sendmail/cf like this: +dnl# +dnl# cp sendmail-slackware-tls.mc /usr/share/sendmail/cf/config.mc +dnl# cd /usr/share/sendmail/cf +dnl# sh Build config.mc +dnl# +dnl# You may then install the resulting .cf file: +dnl# cp config.cf /etc/mail/sendmail.cf +dnl# +include(`../m4/cf.m4') +VERSIONID(`TLS supporting setup for Slackware Linux')dnl +OSTYPE(`linux')dnl +dnl# +dnl# You will need to create the certificates below with OpenSSL first: +define(`confCACERT_PATH', `/etc/mail/certs/') +define(`confCACERT', `/etc/mail/certs/CA.cert.pem') +define(`confSERVER_CERT', `/etc/mail/certs/smtp.cert.pem') +define(`confSERVER_KEY', `/etc/mail/certs/smtp.key.pem') +dnl# These settings help protect against people verifying email addresses +dnl# at your site in order to send you email that you probably don't want: +define(`confPRIVACY_FLAGS', `authwarnings,novrfy,noexpn,restrictqrun')dnl +dnl# Uncomment the line below to send outgoing mail through an external server: +dnl define(`SMART_HOST',`mailserver.example.com') +dnl# No timeout for ident: +define(`confTO_IDENT', `0')dnl +dnl# Enable the line below to use smrsh to restrict what sendmail can run: +dnl FEATURE(`smrsh',`/usr/sbin/smrsh')dnl +dnl# See the README in /usr/share/sendmail/cf for a ton of information on +dnl# how these options work: +FEATURE(`use_cw_file')dnl +FEATURE(`use_ct_file')dnl +FEATURE(`mailertable',`hash -o /etc/mail/mailertable.db')dnl +FEATURE(`virtusertable',`hash -o /etc/mail/virtusertable.db')dnl +FEATURE(`access_db', `hash -T /etc/mail/access')dnl +FEATURE(`blacklist_recipients')dnl +FEATURE(`local_procmail',`',`procmail -t -Y -a $h -d $u')dnl +FEATURE(`always_add_domain')dnl +FEATURE(`redirect')dnl +FEATURE(`no_default_msa')dnl +dnl# Turn this feature on if you don't always have DNS, or enjoy junk mail: +dnl FEATURE(`accept_unresolvable_domains')dnl +EXPOSED_USER(`root')dnl +dnl# Also accept mail for localhost.localdomain: +LOCAL_DOMAIN(`localhost.localdomain')dnl +MAILER(local)dnl +MAILER(smtp)dnl +MAILER(procmail)dnl +dnl# Allow SASL authentication/relaying: +define(`confAUTH_OPTIONS', `A p y')dnl +define(`confAUTH_MECHANISMS', `LOGIN PLAIN DIGEST-MD5 CRAM-MD5')dnl +TRUST_AUTH_MECH(`LOGIN PLAIN DIGEST-MD5 CRAM-MD5')dnl +DAEMON_OPTIONS(`Port=smtp, Name=MTA')dnl +dnl# Daemon options after M= below that might need to be changed are: +dnl# s (allow SSL, not only TLS) +dnl# a (require authentication) +DAEMON_OPTIONS(`Port=smtps, Name=MSA-SSL, M=Esa')dnl +LOCAL_CONFIG +dnl# Do not allow the weak SSLv2: +O CipherList=ALL:!ADH:!NULL:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:-LOW:+SSLv3:+TLSv1:-SSLv2:+EXP:+eNULL diff --git a/extra/source/sendmail/sendmail-slackware-tls.mc b/extra/source/sendmail/sendmail-slackware-tls.mc new file mode 100644 index 00000000..01a66775 --- /dev/null +++ b/extra/source/sendmail/sendmail-slackware-tls.mc @@ -0,0 +1,56 @@ +dnl# This is the a sendmail .mc file for Slackware with TLS support. +dnl# To generate the sendmail.cf file from this (perhaps after making +dnl# some changes), use the m4 files in /usr/share/sendmail/cf like this: +dnl# +dnl# cp sendmail-slackware-tls.mc /usr/share/sendmail/cf/config.mc +dnl# cd /usr/share/sendmail/cf +dnl# sh Build config.mc +dnl# +dnl# You may then install the resulting .cf file: +dnl# cp config.cf /etc/mail/sendmail.cf +dnl# +include(`../m4/cf.m4') +VERSIONID(`TLS supporting setup for Slackware Linux')dnl +OSTYPE(`linux')dnl +dnl# +dnl# You will need to create the certificates below with OpenSSL first: +define(`confCACERT_PATH', `/etc/mail/certs/') +define(`confCACERT', `/etc/mail/certs/CA.cert.pem') +define(`confSERVER_CERT', `/etc/mail/certs/smtp.cert.pem') +define(`confSERVER_KEY', `/etc/mail/certs/smtp.key.pem') +dnl# These settings help protect against people verifying email addresses +dnl# at your site in order to send you email that you probably don't want: +define(`confPRIVACY_FLAGS', `authwarnings,novrfy,noexpn,restrictqrun')dnl +dnl# Uncomment the line below to send outgoing mail through an external server: +dnl define(`SMART_HOST',`mailserver.example.com') +dnl# No timeout for ident: +define(`confTO_IDENT', `0')dnl +dnl# Enable the line below to use smrsh to restrict what sendmail can run: +dnl FEATURE(`smrsh',`/usr/sbin/smrsh')dnl +dnl# See the README in /usr/share/sendmail/cf for a ton of information on +dnl# how these options work: +FEATURE(`use_cw_file')dnl +FEATURE(`use_ct_file')dnl +FEATURE(`mailertable',`hash -o /etc/mail/mailertable.db')dnl +FEATURE(`virtusertable',`hash -o /etc/mail/virtusertable.db')dnl +FEATURE(`access_db', `hash -T /etc/mail/access')dnl +FEATURE(`blacklist_recipients')dnl +FEATURE(`local_procmail',`',`procmail -t -Y -a $h -d $u')dnl +FEATURE(`always_add_domain')dnl +FEATURE(`redirect')dnl +dnl# Turn this feature on if you don't always have DNS, or enjoy junk mail: +dnl FEATURE(`accept_unresolvable_domains')dnl +EXPOSED_USER(`root')dnl +dnl# Also accept mail for localhost.localdomain: +LOCAL_DOMAIN(`localhost.localdomain')dnl +MAILER(local)dnl +MAILER(smtp)dnl +MAILER(procmail)dnl +DAEMON_OPTIONS(`Port=smtp, Name=MTA')dnl +dnl# Daemon options after M= below that might need to be changed are: +dnl# s (allow SSL, not only TLS) +dnl# a (require authentication) +DAEMON_OPTIONS(`Port=smtps, Name=MSA-SSL, M=Es')dnl +LOCAL_CONFIG +dnl# Do not allow the weak SSLv2: +O CipherList=ALL:!ADH:!NULL:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:-LOW:+SSLv3:+TLSv1:-SSLv2:+EXP:+eNULL diff --git a/extra/source/sendmail/sendmail-slackware.mc b/extra/source/sendmail/sendmail-slackware.mc new file mode 100644 index 00000000..4fd4620b --- /dev/null +++ b/extra/source/sendmail/sendmail-slackware.mc @@ -0,0 +1,42 @@ +dnl# This is the default sendmail .mc file for Slackware. To generate +dnl# the sendmail.cf file from this (perhaps after making some changes), +dnl# use the m4 files in /usr/share/sendmail/cf like this: +dnl# +dnl# cp sendmail-slackware.mc /usr/share/sendmail/cf/config.mc +dnl# cd /usr/share/sendmail/cf +dnl# sh Build config.cf +dnl# +dnl# You may then install the resulting .cf file: +dnl# cp config.cf /etc/mail/sendmail.cf +dnl# +include(`../m4/cf.m4') +VERSIONID(`default setup for Slackware Linux')dnl +OSTYPE(`linux')dnl +dnl# These settings help protect against people verifying email addresses +dnl# at your site in order to send you email that you probably don't want: +define(`confPRIVACY_FLAGS', `authwarnings,novrfy,noexpn,restrictqrun')dnl +dnl# Uncomment the line below to send outgoing mail through an external server: +dnl define(`SMART_HOST',`mailserver.example.com') +dnl# No timeout for ident: +define(`confTO_IDENT', `0')dnl +dnl# Enable the line below to use smrsh to restrict what sendmail can run: +dnl FEATURE(`smrsh',`/usr/sbin/smrsh')dnl +dnl# See the README in /usr/share/sendmail/cf for a ton of information on +dnl# how these options work: +FEATURE(`use_cw_file')dnl +FEATURE(`use_ct_file')dnl +FEATURE(`mailertable',`hash -o /etc/mail/mailertable.db')dnl +FEATURE(`virtusertable',`hash -o /etc/mail/virtusertable.db')dnl +FEATURE(`access_db', `hash -T /etc/mail/access')dnl +FEATURE(`blacklist_recipients')dnl +FEATURE(`local_procmail',`',`procmail -t -Y -a $h -d $u')dnl +FEATURE(`always_add_domain')dnl +FEATURE(`redirect')dnl +dnl# Turn this feature on if you don't always have DNS, or enjoy junk mail: +dnl FEATURE(`accept_unresolvable_domains')dnl +EXPOSED_USER(`root')dnl +dnl# Also accept mail for localhost.localdomain: +LOCAL_DOMAIN(`localhost.localdomain')dnl +MAILER(local)dnl +MAILER(smtp)dnl +MAILER(procmail)dnl diff --git a/extra/source/sendmail/sendmail.SlackBuild b/extra/source/sendmail/sendmail.SlackBuild new file mode 100755 index 00000000..462f16e9 --- /dev/null +++ b/extra/source/sendmail/sendmail.SlackBuild @@ -0,0 +1,3 @@ +#!/bin/sh +./SlackBuild-sendmail $* +./SlackBuild-sendmail-cf $* diff --git a/extra/source/sendmail/site.config.m4 b/extra/source/sendmail/site.config.m4 new file mode 100644 index 00000000..09b1d72f --- /dev/null +++ b/extra/source/sendmail/site.config.m4 @@ -0,0 +1,8 @@ +APPENDDEF(`confENVDEF', `-DNETINET6') +APPENDDEF(`confMAPDEF', `-DNEWDB -DSTARTTLS -DSASL=2 -DTCPWRAPPERS -DNIS -DMAP_REGEX -DSOCKETMAP') +APPENDDEF(`confLIBS', `-lnsl -lssl -lcrypto -lsasl2 -lwrap -lm -ldb -lresolv') +APPENDDEF(`conf_libmilter_ENVDEF', `-DMILTER') +APPENDDEF(`conf_sendmail_ENVDEF', `-DMILTER') +APPENDDEF(`conf_libmilter_ENVDEF', `-D_FFR_MILTER_ROOT_UNSAFE ') +APPENDDEF(`confENVDEF', `-DBROKEN_PTHREAD_SLEEP') +APPENDDEF(`confENVDEF', `-D_FFR_TLS_1')dnl diff --git a/extra/source/sendmail/slack-desc.sendmail b/extra/source/sendmail/slack-desc.sendmail new file mode 100644 index 00000000..e7cec1ee --- /dev/null +++ b/extra/source/sendmail/slack-desc.sendmail @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +sendmail: sendmail (mail transfer agent) +sendmail: +sendmail: Eric Allman's mail transport agent. The _Unix System Administration +sendmail: Handbook_ calls sendmail 'The most complex and complete mail delivery +sendmail: system in common use...' +sendmail: +sendmail: Ready-made configuration files are included for systems connected by +sendmail: TCP/IP (with or without a nameserver) and for systems using UUCP. +sendmail: +sendmail: The procmail package is required to handle local mail delivery. +sendmail: diff --git a/extra/source/sendmail/slack-desc.sendmail-cf b/extra/source/sendmail/slack-desc.sendmail-cf new file mode 100644 index 00000000..8f15a212 --- /dev/null +++ b/extra/source/sendmail/slack-desc.sendmail-cf @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +sendmail-cf: sendmail-cf (configuration files for sendmail) +sendmail-cf: +sendmail-cf: These files are used to create sendmail.cf configuration files. The +sendmail-cf: m4 macro processor is also required in order to make use of these +sendmail-cf: files. +sendmail-cf: +sendmail-cf: The files and documentation in /usr/share/sendmail should make it +sendmail-cf: possible to support virtually any mail configuration. NOTE: You +sendmail-cf: probably won't need this package if you're planning to use one of the +sendmail-cf: sendmail.cf samples included in the sendmail package. +sendmail-cf: -- cgit v1.2.3