summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorFabian Groffen <grobian@gentoo.org>2024-01-12 12:56:22 +0100
committerFabian Groffen <grobian@gentoo.org>2024-01-12 12:56:22 +0100
commitc11d2a7a9507bd2392e0c8c83e6719debbf18ab1 (patch)
tree3a61239bdb9f99f8bb7091b7fad49ad12026726b /mail-mta
parentprofiles/arch: drop obsolete USE=mpx entries (diff)
downloadgentoo-c11d2a7a9507bd2392e0c8c83e6719debbf18ab1.tar.gz
gentoo-c11d2a7a9507bd2392e0c8c83e6719debbf18ab1.tar.bz2
gentoo-c11d2a7a9507bd2392e0c8c83e6719debbf18ab1.zip
mail-mta/exim: cleanup vulnerable
Signed-off-by: Fabian Groffen <grobian@gentoo.org>
Diffstat (limited to 'mail-mta')
-rw-r--r--mail-mta/exim/Manifest5
-rw-r--r--mail-mta/exim/exim-4.96-r4.ebuild655
-rw-r--r--mail-mta/exim/exim-4.96.2-r1.ebuild656
-rw-r--r--mail-mta/exim/exim-4.96.2.ebuild655
-rw-r--r--mail-mta/exim/files/exim-4.93-as-needed-ldflags.patch145
-rw-r--r--mail-mta/exim/files/exim-4.94-opendmarc-1.4.patch14
-rw-r--r--mail-mta/exim/files/exim-4.95-localscan_dlopen.patch221
-rw-r--r--mail-mta/exim/files/exim-4.97-CVE-2023-51766.patch265
8 files changed, 0 insertions, 2616 deletions
diff --git a/mail-mta/exim/Manifest b/mail-mta/exim/Manifest
index 9553d4d46a0a..d87f52e906c4 100644
--- a/mail-mta/exim/Manifest
+++ b/mail-mta/exim/Manifest
@@ -1,8 +1,3 @@
-DIST exim-4.96-gentoo-patches-r0.tar.xz 13308 BLAKE2B e01cd8b90593329d858cced27bea9da4860e80500c0b0b3f86418931a77616ac1e4a532cfffc551de5844bfcbcd115c1591b28577c234beb551458dc0877e764 SHA512 0a8d7b5903c8cd7c2cc07e4ea3ed62200ee0116fe0b5513ec97ba7f3ab1dd5cd0dc181eb93c3c1c7f767be7df3546ac07b622a8f4352eb883323c3a005a1c7db
-DIST exim-4.96.2.tar.xz 1879896 BLAKE2B f172340e5f896dc1996e4e3cf46515c2336c47d3390524ca91cb9ef7258a62b83426592de582aa792584cbeaace519b4edea5e62b3ebeb8e5f599379255e04a5 SHA512 dc9f6a114e64ac826489edff88d50a24195b64714428e691c10a7bfb119b3ebb6455bf80cbb34dfd0a4e2e44cbde72effb009357a8e0a6065e512fe32092e3ed
-DIST exim-4.96.tar.xz 1879152 BLAKE2B 4b424f2ebc661bd0db35d7f6da86300c6d5cb5b9a52cddd24fdd452daa76c84e471d4f8f278cf951d1503b01fd46fc3e6858d6feded09f34253d2cf2ae99b45a SHA512 6b863661465a0b9897c1b71875c5196a1903cf560dd85de45b08242b9731edb2bc10eb56945d62e477e5d15cc7a8d493915bff2ca81689673a8091c66f62c89e
DIST exim-4.97.1.tar.xz 1919308 BLAKE2B ea41bf851185c7330e648c7757f2bf0b0aea3133e399630a40d220f5f542e9055e3ed0cd67c9ee5dcede281ccc17919a4ac328abd8f05d4d828e0381f10df0b8 SHA512 eab7ca28b37f1635c48f5e963ab69fcbad539b2c35a84286ecaad7d7ff5210bbefce86452302e08099afdc0710f9cb7ca6d9b152b0ba88a19292f7c5541e0cfc
-DIST exim-pdf-4.96.2.tar.xz 2132268 BLAKE2B 9104d42d742e7152d166b6158a6f060d0a29143b11e5064ecda177ead59ac66a9bb6ab3575e5bcaf7af5b49964d29b841285e67184592a8b64bab6099f4c8ac9 SHA512 c35eea4ab5510bba50d22813b28c9d2f5e4e2fed76993693b997f2090024dde674d58dffe044cb64642bf57b83fcae3bfc3dbcae43288fae11692ee49374df74
-DIST exim-pdf-4.96.tar.xz 2137468 BLAKE2B 7f61767f91864c43a3b7b6ca36ec7f41da6ad7029687a38cfa9307c444c2ffbd3eb61d45645ffd20ec16ba64a37e1ff08c02e7e4e36499c7783679af9a399081 SHA512 05e94579631656330d95d237c58bc9fd52229a067c5846e7c3409b4c83040c9216819bcb0090673d9991fd59e2c2025340592b31b241b557c6775782106854d1
DIST exim-pdf-4.97.1.tar.xz 2139688 BLAKE2B baadbb6ca7b88b11ea88f6b5ce0c96d9d713a1f5b358e4dfb52647ccc2bb1a9a6f74e75341839a8ee7df327f2f5645dbf223e4e5923631b02aa53a777701b436 SHA512 6aa733b1d48b6237f458939ff53e484e702f47a0c10ba781ba101db404d39667bd2ddc876af4f597deda1991e534d5b8b874c549e6a86b5325ebd624a6713183
DIST system_filter.exim.gz 3075 BLAKE2B d05e872b5cef377d29126cda03fc0a74c8777b2119b76ff43da6e8de808035eb9bfcb034a85d81824f135d484e864bfc0629fc1af2c228a7277d5ee7cf9cde79 SHA512 cb358d3ce2499a0bb5920d962a06f2af8486e55ec90c8c928bd8e3aefb279aa57f5f960d5adfcef68bd94110b405eaa144e9629cfe6014a529c79c544600bbf3
diff --git a/mail-mta/exim/exim-4.96-r4.ebuild b/mail-mta/exim/exim-4.96-r4.ebuild
deleted file mode 100644
index c3bb1a1d477e..000000000000
--- a/mail-mta/exim/exim-4.96-r4.ebuild
+++ /dev/null
@@ -1,655 +0,0 @@
-# Copyright 1999-2023 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI="7"
-
-inherit db-use toolchain-funcs pam systemd
-
-IUSE="arc berkdb +dane dcc +dkim dlfunc dmarc +dnsdb doc dovecot-sasl
-dsn gdbm gnutls idn ipv6 ldap lmtp maildir mbx
-mysql nis pam perl pkcs11 postgres +prdr proxy radius redis sasl selinux
-socks5 spf sqlite srs +ssl syslog tdb tcpd +tpda X"
-REQUIRED_USE="
- arc? ( dkim spf )
- dane? ( ssl !gnutls )
- dmarc? ( dkim spf )
- dkim? ( ssl !gnutls )
- gnutls? ( ssl )
- pkcs11? ( ssl )
- || ( berkdb gdbm tdb )
-"
-# NOTE on USE="gnutls dane", gnutls[dane] is masked in base, unmasked
-# for x86 and amd64 only, due to this, repoman won't allow depending on
-# gnutls[dane] for all else. Because we cannot express USE=dane when
-# USE=gnutls is in effect only in package.use.mask, the only option we
-# have left is to a) ignore the dependency (but that results in bug
-# #661164) or b) mask the usage of USE=dane with USE=gnutls. Both are
-# incorrect, but b) is the only "correct" view from repoman.
-# We cannot express a required use for berkdb/gdbm/tdb correctly because
-# berkdb and gdbm are both enabled in base profile
-
-SDIR=$([[ ${PV} == *_rc* ]] && echo /test
- [[ ${PV} == *.*.*.* ]] && echo /fixes)
-COMM_URI="https://downloads.exim.org/exim4${SDIR}"
-
-GPV="r0"
-DESCRIPTION="A highly configurable, drop-in replacement for sendmail"
-SRC_URI="${COMM_URI}/${P//_rc/-RC}.tar.xz
- https://dev.gentoo.org/~grobian/distfiles/${P}-gentoo-patches-${GPV}.tar.xz
- mirror://gentoo/system_filter.exim.gz
- doc? ( ${COMM_URI}/${PN}-pdf-${PV//_rc/-RC}.tar.xz )"
-HOMEPAGE="https://www.exim.org/"
-
-SLOT="0"
-LICENSE="GPL-2"
-KEYWORDS="x86"
-
-COMMON_DEPEND=">=sys-apps/sed-4.0.5
- dev-libs/libpcre2:=
- tdb? ( sys-libs/tdb:= )
- !tdb? ( berkdb? ( >=sys-libs/db-3.2:= <sys-libs/db-6:= ) )
- !tdb? ( !berkdb? ( sys-libs/gdbm:= ) )
- idn? ( net-dns/libidn:= net-dns/libidn2:= )
- perl? ( dev-lang/perl:= )
- pam? ( sys-libs/pam )
- tcpd? ( sys-apps/tcp-wrappers )
- ssl? (
- gnutls? (
- net-libs/gnutls:0=[pkcs11?]
- dev-libs/libtasn1
- )
- !gnutls? (
- dev-libs/openssl:0=
- )
- )
- ldap? ( >=net-nds/openldap-2.0.7:= )
- elibc_glibc? (
- net-libs/libnsl:=
- nis? (
- net-libs/libtirpc:=
- >=net-libs/libnsl-1:=
- )
- )
- mysql? ( dev-db/mysql-connector-c:= )
- postgres? ( dev-db/postgresql:= )
- sasl? ( >=dev-libs/cyrus-sasl-2.1.26-r2 )
- redis? ( dev-libs/hiredis:= )
- spf? ( >=mail-filter/libspf2-1.2.5-r1 )
- dmarc? ( mail-filter/opendmarc:= )
- X? (
- x11-libs/libX11
- x11-libs/libXmu
- x11-libs/libXt
- x11-libs/libXaw
- )
- sqlite? ( dev-db/sqlite )
- radius? ( net-dialup/freeradius-client )
- virtual/libcrypt:=
- virtual/libiconv
- "
- # added X check for #57206
-BDEPEND="virtual/pkgconfig"
-DEPEND="${COMMON_DEPEND}"
-RDEPEND="${COMMON_DEPEND}
- !mail-mta/courier
- !mail-mta/esmtp
- !mail-mta/msmtp[mta]
- !mail-mta/netqmail
- !mail-mta/nullmailer
- !mail-mta/postfix
- !mail-mta/sendmail
- !mail-mta/opensmtpd
- !mail-mta/ssmtp[mta]
- >=net-mail/mailbase-0.00-r5
- virtual/logger
- dcc? ( mail-filter/dcc )
- selinux? ( sec-policy/selinux-exim )
- "
-
-S=${WORKDIR}/${P//_rc/-RC}
-
-src_prepare() {
- # Legacy patches which need a respin for -p1
- eapply -p0 "${FILESDIR}"/exim-4.14-tail.patch
- eapply -p0 "${FILESDIR}"/exim-4.74-radius-db-ENV-clash.patch # 287426
- eapply "${FILESDIR}"/exim-4.93-as-needed-ldflags.patch # 352265, 391279
- eapply -p0 "${FILESDIR}"/exim-4.76-crosscompile.patch # 266591
- eapply "${FILESDIR}"/exim-4.69-r1.27021.patch
- eapply "${FILESDIR}"/exim-4.95-localscan_dlopen.patch
-
- # Upstream post-release fixes :(
- local GPVDIR=${WORKDIR}/${P}-gentoo-patches-${GPV}
- eapply "${GPVDIR}"/exim-4.96-rewrite-malformed-addr-fix.patch # upstr
- eapply "${GPVDIR}"/exim-4.96-spf-memory-error-fix.patch # upstr
- eapply "${GPVDIR}"/exim-4.96-regex-use-after-free.patch # upstr
- eapply -p2 "${GPVDIR}"/exim-4.96-dmarc_use_after_free.patch # upstr
- eapply "${GPVDIR}"/exim-4.96-deamon-startup-fix.patch # upstr
- eapply "${GPVDIR}"/exim-4.96-openssl-verify-ocsp.patch # upstr
- eapply "${GPVDIR}"/exim-4.96-openssl-double-expansion.patch # upstr
- eapply "${GPVDIR}"/exim-4.96-recursion-dns_again.patch # upstr
- eapply "${GPVDIR}"/exim-4.96-openssl-tls_eccurve-setting.patch # upstr
- eapply "${GPVDIR}"/exim-4.96-openssl-tls_eccurve-lt-3.patch # upstr
- eapply "${GPVDIR}"/exim-4.96-openssl-bad-alpn.patch # upstr
- eapply "${GPVDIR}"/exim-4.96-dane-dns_again.patch # upstr
- eapply "${GPVDIR}"/exim-4.96-expansion-crash.patch # upstr
- eapply "${GPVDIR}"/exim-4.96-transport-crash.patch # upstr
-
- # oddity, they disable berkdb as hack, and then throw an error when
- # berkdb isn't enabled
- sed -i \
- -e 's/_DB_/_DONTMESS_/' \
- -e 's/define DB void/define DONTMESS void/' \
- src/auths/call_radius.c || die
-
- # API changed from 1.3 to 1.4, upstream doesn't think 1.4 should be
- # used, but 1.3 has a CVE and Gentoo (like most downstreams) only
- # has 1.4 available
- eapply "${FILESDIR}"/exim-4.94-opendmarc-1.4.patch
-
- if use maildir ; then
- eapply "${FILESDIR}"/exim-4.94-maildir.patch
- else
- eapply -p0 "${FILESDIR}"/exim-4.80-spool-mail-group.patch # 438606
- fi
-
- eapply_user
-
- # user Exim believes it should be
- MAILUSER=mail
- MAILGROUP=mail
- if use prefix && [[ ${EUID} != 0 ]] ; then
- MAILUSER=$(id -un)
- MAILGROUP=$(id -gn)
- fi
-}
-
-src_configure() {
- # general config and paths
-
- local aliases="${EPREFIX}/etc/mail/aliases"
- sed -i \
- -e "/SYSTEM_ALIASES_FILE/s'SYSTEM_ALIASES_FILE'${aliases}'" \
- src/configure.default || die
-
- sed -i -e 's/^buildname=.*/buildname=exim-gentoo/' Makefile || die
-
- if use elibc_musl; then
- sed -i -e 's/^LIBS = -lnsl/LIBS =/g' OS/Makefile-Linux || die
- fi
-
- local conffile="${EPREFIX}/etc/exim/exim.conf"
- sed -e "48i\CFLAGS=${CFLAGS}" \
- -e "s:BIN_DIRECTORY=/usr/exim/bin:BIN_DIRECTORY=${EPREFIX}/usr/sbin:" \
- -e "s;EXIM_USER=;EXIM_USER=ref:${MAILUSER};" \
- -e "s:CONFIGURE_FILE=.*$:CONFIGURE_FILE=${conffile}:" \
- -e "s:ZCAT_COMMAND=.*$:ZCAT_COMMAND=${EPREFIX}/bin/zcat:" \
- -e "s:COMPRESS_COMMAND=.*$:COMPRESS_COMMAND=${EPREFIX}/bin/gzip:" \
- src/EDITME > Local/Makefile || die
-
- # work on Local/Makefile from now on
- cd Local
-
- cat >> Makefile <<- EOC
- INFO_DIRECTORY=${EPREFIX}/usr/share/info
- PID_FILE_PATH=${EPREFIX}/run/exim.pid
- SPOOL_DIRECTORY=${EPREFIX}/var/spool/exim
- HAVE_ICONV=yes
- WITH_CONTENT_SCAN=yes
- EOC
-
- # configure db implementation, Exim always needs one for its hints
- # database, we prefer tdb and gdbm, since bdb is kind of getting
- # less and less support
- if use tdb ; then
- cat >> Makefile <<- EOC
- USE_TDB=yes
- DBMLIB = -ltdb
- EOC
- sed -i -e 's:^USE_DB=yes:# USE_DB=yes:' Makefile || die
- sed -i -e 's:^USE_GDBM=yes:# USE_GDBM=yes:' Makefile || die
- elif use gdbm ; then
- cat >> Makefile <<- EOC
- USE_GDBM=yes
- DBMLIB = -lgdbm
- EOC
- sed -i -e 's:^USE_DB=yes:# USE_DB=yes:' Makefile || die
- sed -i -e 's:^USE_TDB=yes:# USE_TDB=yes:' Makefile || die
- else # must be berkdb via required_use
- # use the "native" interfaces to the DBM and CDB libraries, support
- # passwd and directory lookups by default
- local DB_VERS="5.3 5.1 4.8 4.7 4.6 4.5 4.4 4.3 4.2 3.2"
- cat >> Makefile <<- EOC
- USE_DB=yes
- # keep include in CFLAGS because exim.h -> dbstuff.h -> db.h
- CFLAGS += -I$(db_includedir ${DB_VERS})
- DBMLIB = -l$(db_libname ${DB_VERS})
- EOC
- sed -i -e 's:^USE_GDBM=yes:# USE_GDBM=yes:' Makefile || die
- sed -i -e 's:^USE_TDB=yes:# USE_TDB=yes:' Makefile || die
- fi
-
- # if we use libiconv, now is the time to tell so
- if use !elibc_glibc && use !elibc_musl ; then
- cat >> Makefile <<- EOC
- EXTRALIBS_EXIM=-liconv
- EOC
- fi
-
- # support for IPv6
- if use ipv6; then
- cat >> Makefile <<- EOC
- HAVE_IPV6=YES
- EOC
- fi
-
- # support i18n/IDNA
- if use idn; then
- cat >> Makefile <<- EOC
- SUPPORT_I18N=yes
- SUPPORT_I18N_2008=yes
- EXTRALIBS_EXIM += -lidn -lidn2
- EOC
- fi
-
- #
- # mail storage formats
- #
-
- # mailstore is Exim's traditional storage format
- cat >> Makefile <<- EOC
- SUPPORT_MAILSTORE=yes
- EOC
-
- # mbox
- if use mbx; then
- cat >> Makefile <<- EOC
- SUPPORT_MBX=yes
- EOC
- fi
-
- # maildir
- if use maildir; then
- cat >> Makefile <<- EOC
- SUPPORT_MAILDIR=yes
- EOC
- fi
-
- #
- # lookup methods
- #
-
- # support passwd and directory lookups by default
- cat >> Makefile <<- EOC
- LOOKUP_CDB=yes
- LOOKUP_PASSWD=yes
- LOOKUP_DSEARCH=yes
- EOC
-
- if ! use dnsdb; then
- # DNSDB lookup is enabled by default
- sed -i -e 's:^LOOKUP_DNSDB=yes:# LOOKUP_DNSDB=yes:' Makefile || die
- fi
-
- if use ldap; then
- cat >> Makefile <<- EOC
- LOOKUP_LDAP=yes
- LDAP_LIB_TYPE=OPENLDAP2
- LOOKUP_INCLUDE += -I"${EPREFIX}"/usr/include/ldap
- LOOKUP_LIBS += -lldap -llber
- EOC
- fi
-
- if use mysql; then
- cat >> Makefile <<- EOC
- LOOKUP_MYSQL=yes
- LOOKUP_INCLUDE += $(mysql_config --include)
- LOOKUP_LIBS += $(mysql_config --libs)
- EOC
- fi
-
- if use nis; then
- cat >> Makefile <<- EOC
- LOOKUP_NIS=yes
- LOOKUP_NISPLUS=yes
- EOC
- if use elibc_glibc ; then
- cat >> Makefile <<- EOC
- LOOKUP_INCLUDE += -I"${EPREFIX}"/usr/include/tirpc
- LOOKUP_LIBS += -lnsl
- EOC
- fi
- fi
-
- if use postgres; then
- cat >> Makefile <<- EOC
- LOOKUP_PGSQL=yes
- LOOKUP_INCLUDE += -I$(pg_config --includedir)
- LOOKUP_LIBS += -L$(pg_config --libdir) -lpq
- EOC
- fi
-
- if use sqlite; then
- cat >> Makefile <<- EOC
- LOOKUP_SQLITE=yes
- LOOKUP_SQLITE_PC=sqlite3
- EOC
- fi
-
- if use redis; then
- cat >> Makefile <<- EOC
- LOOKUP_REDIS=yes
- LOOKUP_LIBS += -lhiredis
- EOC
- fi
-
- # Exim monitor, enabled by default, controlled via X USE-flag,
- # disable if not requested, bug #46778
- if use X; then
- cp ../exim_monitor/EDITME eximon.conf || die
- cat >> Makefile <<- EOC
- EXIM_MONITOR=eximon.bin
- EOC
- fi
-
- #
- # features
- #
-
- # DomainKeys Identified Mail, RFC4871
- if ! use dkim; then
- # DKIM is enabled by default
- cat >> Makefile <<- EOC
- DISABLE_DKIM=yes
- EOC
- fi
-
- # Per-Recipient-Data-Response
- if ! use prdr; then
- # PRDR is enabled by default
- cat >> Makefile <<- EOC
- DISABLE_PRDR=yes
- EOC
- fi
-
- # Transport post-delivery actions
- if use !tpda && use !dane; then
- # EVENT is enabled by default
- cat >> Makefile <<- EOC
- DISABLE_EVENT=yes
- EOC
- fi
-
- # log to syslog
- if use syslog; then
- local eximlog="${EPREFIX}/var/log/exim/exim_%s.log"
- sed -i \
- -e "s:LOG_FILE_PATH=${eximlog}:LOG_FILE_PATH=syslog:" \
- Makefile || die
- cat >> Makefile <<- EOC
- LOG_FILE_PATH=syslog
- EOC
- else
- cat >> Makefile <<- EOC
- LOG_FILE_PATH=${EPREFIX}/var/log/exim/exim_%s.log
- EOC
- fi
-
- # starttls support (ssl)
- if use ssl; then
- if use gnutls; then
- echo "USE_GNUTLS=yes" >> Makefile
- echo "USE_GNUTLS_PC=gnutls $(use dane && echo gnutls-dane)" \
- >> Makefile
- use pkcs11 || echo "AVOID_GNUTLS_PKCS11=yes" >> Makefile
- else
- echo "USE_OPENSSL=yes" >> Makefile
- echo "USE_OPENSSL_PC=openssl" >> Makefile
- fi
- else
- echo "DISABLE_TLS=yes" >> Makefile
- fi
-
- # TCP wrappers
- if use tcpd; then
- cat >> Makefile <<- EOC
- USE_TCP_WRAPPERS=yes
- EXTRALIBS_EXIM += -lwrap
- EOC
- fi
-
- # Light Mail Transport Protocol
- if use lmtp; then
- cat >> Makefile <<- EOC
- TRANSPORT_LMTP=yes
- EOC
- fi
-
- # embedded Perl
- if use perl; then
- cat >> Makefile <<- EOC
- EXIM_PERL=perl.o
- EOC
- fi
-
- # dlfunc
- if use dlfunc; then
- cat >> Makefile <<- EOC
- EXPAND_DLFUNC=yes
- HAVE_LOCAL_SCAN=yes
- DLOPEN_LOCAL_SCAN=yes
- EOC
- fi
-
- # Proxy Protocol
- if use proxy; then
- cat >> Makefile <<- EOC
- SUPPORT_PROXY=yes
- EOC
- fi
-
- # SOCKS5 (outbound) proxy support
- if use socks5; then
- cat >> Makefile <<- EOC
- SUPPORT_SOCKS=yes
- EOC
- fi
-
- # DANE
- if use !dane; then
- # DANE is enabled by default
- sed -i -e 's:^SUPPORT_DANE=yes:# SUPPORT_DANE=yes:' Makefile || die
- fi
-
- # DMARC
- if use dmarc; then
- cat >> Makefile <<- EOC
- SUPPORT_DMARC=yes
- EXTRALIBS_EXIM += -lopendmarc
- EOC
- fi
-
- # Sender Policy Framework
- if use spf; then
- cat >> Makefile <<- EOC
- SUPPORT_SPF=yes
- EXTRALIBS_EXIM += -lspf2
- EOC
- fi
-
- #
- # experimental features
- #
-
- # Authenticated Receive Chain
- if use arc; then
- echo "EXPERIMENTAL_ARC=yes">> Makefile
- fi
-
- # Distributed Checksum Clearinghouse
- if use dcc; then
- echo "EXPERIMENTAL_DCC=yes">> Makefile
- fi
-
- # Sender Rewriting Scheme
- if use srs; then
- # this one is the default/supported variant since 4.95, and the
- # only variant available since 4.96
- cat >> Makefile <<- EOC
- SUPPORT_SRS=yes
- EOC
- fi
-
- # Delivery Sender Notifications extra information in fail message
- if use dsn; then
- cat >> Makefile <<- EOC
- EXPERIMENTAL_DSN_INFO=yes
- EOC
- fi
-
- #
- # authentication (SMTP AUTH)
- #
-
- # standard bits
- cat >> Makefile <<- EOC
- AUTH_SPA=yes
- AUTH_CRAM_MD5=yes
- AUTH_PLAINTEXT=yes
- EOC
-
- # Cyrus SASL
- if use sasl; then
- cat >> Makefile <<- EOC
- CYRUS_SASLAUTHD_SOCKET=${EPREFIX}/run/saslauthd/mux
- AUTH_CYRUS_SASL=yes
- AUTH_LIBS += -lsasl2
- EOC
- fi
-
- # Dovecot
- if use dovecot-sasl; then
- cat >> Makefile <<- EOC
- AUTH_DOVECOT=yes
- EOC
- fi
-
- # Pluggable Authentication Modules
- if use pam; then
- cat >> Makefile <<- EOC
- SUPPORT_PAM=yes
- AUTH_LIBS += -lpam
- EOC
- fi
-
- # Radius
- if use radius; then
- cat >> Makefile <<- EOC
- RADIUS_CONFIG_FILE=${EPREFIX}/etc/radiusclient/radiusclient.conf
- RADIUS_LIB_TYPE=RADIUSCLIENTNEW
- AUTH_LIBS += -lfreeradius-client
- EOC
- fi
-}
-
-src_compile() {
- emake CC="$(tc-getCC)" HOSTCC="$(tc-getBUILD_CC)" \
- AR="$(tc-getAR) cq" RANLIB="$(tc-getRANLIB)" FULLECHO=''
-}
-
-src_install() {
- cd "${S}"/build-exim-gentoo || die
- dosbin exim
- if use X; then
- dosbin eximon.bin
- dosbin eximon
- fi
- fperms 4755 /usr/sbin/exim
-
- dosym exim /usr/sbin/sendmail
- dosym exim /usr/sbin/rsmtp
- dosym exim /usr/sbin/rmail
- dosym ../sbin/exim /usr/bin/mailq
- dosym ../sbin/exim /usr/bin/newaliases
- dosym ../sbin/sendmail /usr/lib/sendmail
-
- for i in exicyclog exim_dbmbuild exim_dumpdb exim_fixdb exim_lock \
- exim_tidydb exinext exiwhat exigrep eximstats exiqsumm exiqgrep \
- convert4r3 convert4r4 exipick
- do
- dosbin $i
- done
-
- dodoc -r "${S}"/doc/.
- doman "${S}"/doc/exim.8
- use dsn && dodoc "${S}"/README.DSN
- use doc && dodoc "${WORKDIR}"/${PN}-pdf-${PV//rc/RC}/doc/*.pdf
-
- # conf files
- insinto /etc/exim
- newins "${S}"/src/configure.default exim.conf.dist
- doins "${WORKDIR}"/system_filter.exim
- doins "${FILESDIR}"/auth_conf.sub
-
- if use pam; then
- pamd_mimic system-auth exim auth account
- fi
-
- # headers, #436406
- if use dlfunc ; then
- # fixup includes so they actually can be found when including
- sed -i \
- -e '/#include "\(config\|store\|mytypes\).h"/s:"\(.\+\)":<exim/\1>:' \
- local_scan.h || die
- insinto /usr/include/exim
- doins {config,local_scan}.h ../src/{mytypes,store}.h
- fi
-
- insinto /etc/logrotate.d
- newins "${FILESDIR}/exim.logrotate" exim
-
- newinitd "${FILESDIR}"/exim.rc10 exim
- newconfd "${FILESDIR}"/exim.confd exim
-
- systemd_dounit \
- "${FILESDIR}"/{exim.service,exim.socket,exim-submission.socket}
- systemd_newunit \
- "${FILESDIR}"/exim_at.service 'exim@.service'
- systemd_newunit \
- "${FILESDIR}"/exim-submission_at.service 'exim-submission@.service'
-
- diropts -m 0750 -o ${MAILUSER} -g ${MAILGROUP}
- keepdir /var/log/${PN}
-}
-
-pkg_postinst() {
- if [[ ! -f ${EROOT}/etc/exim/exim.conf ]] ; then
- einfo "${EROOT}/etc/exim/system_filter.exim is a sample system_filter."
- einfo "${EROOT}/etc/exim/auth_conf.sub contains the configuration sub"
- einfo "for using smtp auth."
- einfo "Please create ${EROOT}/etc/exim/exim.conf from"
- einfo " ${EROOT}/etc/exim/exim.conf.dist."
- fi
- if use berkdb && ( use gdbm || use tdb ) ; then
- ewarn "USE=berkdb is ignored because USE=gdbm or USE=tdb is enabled!"
- fi
- if use dmarc ; then
- einfo "DMARC support requires ${EROOT}/etc/exim/opendmarc.tlds"
- einfo "you can populate this file with the contents downloaded from"
- einfo " https://publicsuffix.org/list/public_suffix_list.dat"
- fi
- if use dcc ; then
- einfo "DCC support is experimental, you can find some limited"
- einfo "documentation at the bottom of this prerelease message:"
- einfo " http://article.gmane.org/gmane.mail.exim.devel/3579"
- fi
- if use srs; then
- einfo "SRS support using libsrs_alt was dropped in this"
- einfo "release of Exim, you are now using the native SRS implementation"
- fi
- use dsn && einfo "extra information in fail DSN message is experimental"
- einfo
- elog "Note that this release contains a tainted variable check that"
- elog "is likely to break your configuration used with Exim 4.93 and before."
- elog "Please check your transports for occurences of \$local_part, and"
- elog "use a replacement like \$local_part_data where possible."
-}
diff --git a/mail-mta/exim/exim-4.96.2-r1.ebuild b/mail-mta/exim/exim-4.96.2-r1.ebuild
deleted file mode 100644
index f31266dbaa83..000000000000
--- a/mail-mta/exim/exim-4.96.2-r1.ebuild
+++ /dev/null
@@ -1,656 +0,0 @@
-# Copyright 1999-2023 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI="7"
-
-inherit db-use toolchain-funcs pam systemd
-
-IUSE="arc berkdb +dane dcc +dkim dlfunc dmarc +dnsdb doc dovecot-sasl
-dsn gdbm gnutls idn ipv6 ldap lmtp maildir mbx
-mysql nis pam perl pkcs11 postgres +prdr proxy radius redis sasl selinux
-socks5 spf sqlite srs +ssl syslog tdb tcpd +tpda X"
-REQUIRED_USE="
- arc? ( dkim spf )
- dane? ( ssl !gnutls )
- dmarc? ( dkim spf )
- dkim? ( ssl !gnutls )
- gnutls? ( ssl )
- pkcs11? ( ssl )
- || ( berkdb gdbm tdb )
-"
-# NOTE on USE="gnutls dane", gnutls[dane] is masked in base, unmasked
-# for x86 and amd64 only, due to this, repoman won't allow depending on
-# gnutls[dane] for all else. Because we cannot express USE=dane when
-# USE=gnutls is in effect only in package.use.mask, the only option we
-# have left is to a) ignore the dependency (but that results in bug
-# #661164) or b) mask the usage of USE=dane with USE=gnutls. Both are
-# incorrect, but b) is the only "correct" view from repoman.
-# We cannot express a required use for berkdb/gdbm/tdb correctly because
-# berkdb and gdbm are both enabled in base profile
-
-SDIR=$([[ ${PV} == *_rc* ]] && echo /test
- [[ ${PV} == *.*.*.* ]] && echo /fixes)
-COMM_URI="https://downloads.exim.org/exim4${SDIR}"
-
-GPV="r0"
-DESCRIPTION="A highly configurable, drop-in replacement for sendmail"
-SRC_URI="${COMM_URI}/${P//_rc/-RC}.tar.xz
- https://dev.gentoo.org/~grobian/distfiles/${PN}-4.96-gentoo-patches-${GPV}.tar.xz
- mirror://gentoo/system_filter.exim.gz
- doc? ( ${COMM_URI}/${PN}-pdf-${PV//_rc/-RC}.tar.xz )"
-HOMEPAGE="https://www.exim.org/"
-
-SLOT="0"
-LICENSE="GPL-2"
-KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~ppc ~ppc64 ~sparc ~x86"
-
-COMMON_DEPEND=">=sys-apps/sed-4.0.5
- dev-libs/libpcre2:=
- tdb? ( sys-libs/tdb:= )
- !tdb? ( berkdb? ( >=sys-libs/db-3.2:= <sys-libs/db-6:= ) )
- !tdb? ( !berkdb? ( sys-libs/gdbm:= ) )
- idn? ( net-dns/libidn:= net-dns/libidn2:= )
- perl? ( dev-lang/perl:= )
- pam? ( sys-libs/pam )
- tcpd? ( sys-apps/tcp-wrappers )
- ssl? (
- gnutls? (
- net-libs/gnutls:0=[pkcs11?]
- dev-libs/libtasn1
- )
- !gnutls? (
- dev-libs/openssl:0=
- )
- )
- ldap? ( >=net-nds/openldap-2.0.7:= )
- elibc_glibc? (
- net-libs/libnsl:=
- nis? (
- net-libs/libtirpc:=
- >=net-libs/libnsl-1:=
- )
- )
- mysql? ( dev-db/mysql-connector-c:= )
- postgres? ( dev-db/postgresql:= )
- sasl? ( >=dev-libs/cyrus-sasl-2.1.26-r2 )
- redis? ( dev-libs/hiredis:= )
- spf? ( >=mail-filter/libspf2-1.2.5-r1 )
- dmarc? ( mail-filter/opendmarc:= )
- X? (
- x11-libs/libX11
- x11-libs/libXmu
- x11-libs/libXt
- x11-libs/libXaw
- )
- sqlite? ( dev-db/sqlite )
- radius? ( net-dialup/freeradius-client )
- virtual/libcrypt:=
- virtual/libiconv
- "
- # added X check for #57206
-BDEPEND="virtual/pkgconfig"
-DEPEND="${COMMON_DEPEND}"
-RDEPEND="${COMMON_DEPEND}
- !mail-mta/courier
- !mail-mta/esmtp
- !mail-mta/msmtp[mta]
- !mail-mta/netqmail
- !mail-mta/nullmailer
- !mail-mta/postfix
- !mail-mta/sendmail
- !mail-mta/opensmtpd
- !mail-mta/ssmtp[mta]
- >=net-mail/mailbase-0.00-r5
- virtual/logger
- dcc? ( mail-filter/dcc )
- selinux? ( sec-policy/selinux-exim )
- "
-
-S=${WORKDIR}/${P//_rc/-RC}
-
-src_prepare() {
- # Legacy patches which need a respin for -p1
- eapply -p0 "${FILESDIR}"/exim-4.14-tail.patch
- eapply -p0 "${FILESDIR}"/exim-4.74-radius-db-ENV-clash.patch # 287426
- eapply "${FILESDIR}"/exim-4.93-as-needed-ldflags.patch # 352265, 391279
- eapply -p0 "${FILESDIR}"/exim-4.76-crosscompile.patch # 266591
- eapply "${FILESDIR}"/exim-4.69-r1.27021.patch
- eapply "${FILESDIR}"/exim-4.95-localscan_dlopen.patch
- eapply -p2 "${FILESDIR}"/exim-4.97-CVE-2023-51766.patch # 3063
-
- # Upstream post-release fixes :(
- local GPVDIR=${WORKDIR}/${PN}-4.96-gentoo-patches-${GPV}
- eapply "${GPVDIR}"/exim-4.96-rewrite-malformed-addr-fix.patch # upstr
- eapply "${GPVDIR}"/exim-4.96-spf-memory-error-fix.patch # upstr
- eapply "${GPVDIR}"/exim-4.96-regex-use-after-free.patch # upstr
- eapply -p2 "${GPVDIR}"/exim-4.96-dmarc_use_after_free.patch # upstr
- eapply "${GPVDIR}"/exim-4.96-deamon-startup-fix.patch # upstr
- eapply "${GPVDIR}"/exim-4.96-openssl-verify-ocsp.patch # upstr
- eapply "${GPVDIR}"/exim-4.96-openssl-double-expansion.patch # upstr
- eapply "${GPVDIR}"/exim-4.96-recursion-dns_again.patch # upstr
- eapply "${GPVDIR}"/exim-4.96-openssl-tls_eccurve-setting.patch # upstr
- eapply "${GPVDIR}"/exim-4.96-openssl-tls_eccurve-lt-3.patch # upstr
- eapply "${GPVDIR}"/exim-4.96-openssl-bad-alpn.patch # upstr
- eapply "${GPVDIR}"/exim-4.96-dane-dns_again.patch # upstr
- eapply "${GPVDIR}"/exim-4.96-expansion-crash.patch # upstr
- eapply "${GPVDIR}"/exim-4.96-transport-crash.patch # upstr
-
- # oddity, they disable berkdb as hack, and then throw an error when
- # berkdb isn't enabled
- sed -i \
- -e 's/_DB_/_DONTMESS_/' \
- -e 's/define DB void/define DONTMESS void/' \
- src/auths/call_radius.c || die
-
- # API changed from 1.3 to 1.4, upstream doesn't think 1.4 should be
- # used, but 1.3 has a CVE and Gentoo (like most downstreams) only
- # has 1.4 available
- eapply "${FILESDIR}"/exim-4.94-opendmarc-1.4.patch
-
- if use maildir ; then
- eapply "${FILESDIR}"/exim-4.94-maildir.patch
- else
- eapply -p0 "${FILESDIR}"/exim-4.80-spool-mail-group.patch # 438606
- fi
-
- eapply_user
-
- # user Exim believes it should be
- MAILUSER=mail
- MAILGROUP=mail
- if use prefix && [[ ${EUID} != 0 ]] ; then
- MAILUSER=$(id -un)
- MAILGROUP=$(id -gn)
- fi
-}
-
-src_configure() {
- # general config and paths
-
- local aliases="${EPREFIX}/etc/mail/aliases"
- sed -i \
- -e "/SYSTEM_ALIASES_FILE/s'SYSTEM_ALIASES_FILE'${aliases}'" \
- src/configure.default || die
-
- sed -i -e 's/^buildname=.*/buildname=exim-gentoo/' Makefile || die
-
- if use elibc_musl; then
- sed -i -e 's/^LIBS = -lnsl/LIBS =/g' OS/Makefile-Linux || die
- fi
-
- local conffile="${EPREFIX}/etc/exim/exim.conf"
- sed -e "48i\CFLAGS=${CFLAGS}" \
- -e "s:BIN_DIRECTORY=/usr/exim/bin:BIN_DIRECTORY=${EPREFIX}/usr/sbin:" \
- -e "s;EXIM_USER=;EXIM_USER=ref:${MAILUSER};" \
- -e "s:CONFIGURE_FILE=.*$:CONFIGURE_FILE=${conffile}:" \
- -e "s:ZCAT_COMMAND=.*$:ZCAT_COMMAND=${EPREFIX}/bin/zcat:" \
- -e "s:COMPRESS_COMMAND=.*$:COMPRESS_COMMAND=${EPREFIX}/bin/gzip:" \
- src/EDITME > Local/Makefile || die
-
- # work on Local/Makefile from now on
- cd Local
-
- cat >> Makefile <<- EOC
- INFO_DIRECTORY=${EPREFIX}/usr/share/info
- PID_FILE_PATH=${EPREFIX}/run/exim.pid
- SPOOL_DIRECTORY=${EPREFIX}/var/spool/exim
- HAVE_ICONV=yes
- WITH_CONTENT_SCAN=yes
- EOC
-
- # configure db implementation, Exim always needs one for its hints
- # database, we prefer tdb and gdbm, since bdb is kind of getting
- # less and less support
- if use tdb ; then
- cat >> Makefile <<- EOC
- USE_TDB=yes
- DBMLIB = -ltdb
- EOC
- sed -i -e 's:^USE_DB=yes:# USE_DB=yes:' Makefile || die
- sed -i -e 's:^USE_GDBM=yes:# USE_GDBM=yes:' Makefile || die
- elif use gdbm ; then
- cat >> Makefile <<- EOC
- USE_GDBM=yes
- DBMLIB = -lgdbm
- EOC
- sed -i -e 's:^USE_DB=yes:# USE_DB=yes:' Makefile || die
- sed -i -e 's:^USE_TDB=yes:# USE_TDB=yes:' Makefile || die
- else # must be berkdb via required_use
- # use the "native" interfaces to the DBM and CDB libraries, support
- # passwd and directory lookups by default
- local DB_VERS="5.3 5.1 4.8 4.7 4.6 4.5 4.4 4.3 4.2 3.2"
- cat >> Makefile <<- EOC
- USE_DB=yes
- # keep include in CFLAGS because exim.h -> dbstuff.h -> db.h
- CFLAGS += -I$(db_includedir ${DB_VERS})
- DBMLIB = -l$(db_libname ${DB_VERS})
- EOC
- sed -i -e 's:^USE_GDBM=yes:# USE_GDBM=yes:' Makefile || die
- sed -i -e 's:^USE_TDB=yes:# USE_TDB=yes:' Makefile || die
- fi
-
- # if we use libiconv, now is the time to tell so
- if use !elibc_glibc && use !elibc_musl ; then
- cat >> Makefile <<- EOC
- EXTRALIBS_EXIM=-liconv
- EOC
- fi
-
- # support for IPv6
- if use ipv6; then
- cat >> Makefile <<- EOC
- HAVE_IPV6=YES
- EOC
- fi
-
- # support i18n/IDNA
- if use idn; then
- cat >> Makefile <<- EOC
- SUPPORT_I18N=yes
- SUPPORT_I18N_2008=yes
- EXTRALIBS_EXIM += -lidn -lidn2
- EOC
- fi
-
- #
- # mail storage formats
- #
-
- # mailstore is Exim's traditional storage format
- cat >> Makefile <<- EOC
- SUPPORT_MAILSTORE=yes
- EOC
-
- # mbox
- if use mbx; then
- cat >> Makefile <<- EOC
- SUPPORT_MBX=yes
- EOC
- fi
-
- # maildir
- if use maildir; then
- cat >> Makefile <<- EOC
- SUPPORT_MAILDIR=yes
- EOC
- fi
-
- #
- # lookup methods
- #
-
- # support passwd and directory lookups by default
- cat >> Makefile <<- EOC
- LOOKUP_CDB=yes
- LOOKUP_PASSWD=yes
- LOOKUP_DSEARCH=yes
- EOC
-
- if ! use dnsdb; then
- # DNSDB lookup is enabled by default
- sed -i -e 's:^LOOKUP_DNSDB=yes:# LOOKUP_DNSDB=yes:' Makefile || die
- fi
-
- if use ldap; then
- cat >> Makefile <<- EOC
- LOOKUP_LDAP=yes
- LDAP_LIB_TYPE=OPENLDAP2
- LOOKUP_INCLUDE += -I"${EPREFIX}"/usr/include/ldap
- LOOKUP_LIBS += -lldap -llber
- EOC
- fi
-
- if use mysql; then
- cat >> Makefile <<- EOC
- LOOKUP_MYSQL=yes
- LOOKUP_INCLUDE += $(mysql_config --include)
- LOOKUP_LIBS += $(mysql_config --libs)
- EOC
- fi
-
- if use nis; then
- cat >> Makefile <<- EOC
- LOOKUP_NIS=yes
- LOOKUP_NISPLUS=yes
- EOC
- if use elibc_glibc ; then
- cat >> Makefile <<- EOC
- LOOKUP_INCLUDE += -I"${EPREFIX}"/usr/include/tirpc
- LOOKUP_LIBS += -lnsl
- EOC
- fi
- fi
-
- if use postgres; then
- cat >> Makefile <<- EOC
- LOOKUP_PGSQL=yes
- LOOKUP_INCLUDE += -I$(pg_config --includedir)
- LOOKUP_LIBS += -L$(pg_config --libdir) -lpq
- EOC
- fi
-
- if use sqlite; then
- cat >> Makefile <<- EOC
- LOOKUP_SQLITE=yes
- LOOKUP_SQLITE_PC=sqlite3
- EOC
- fi
-
- if use redis; then
- cat >> Makefile <<- EOC
- LOOKUP_REDIS=yes
- LOOKUP_LIBS += -lhiredis
- EOC
- fi
-
- # Exim monitor, enabled by default, controlled via X USE-flag,
- # disable if not requested, bug #46778
- if use X; then
- cp ../exim_monitor/EDITME eximon.conf || die
- cat >> Makefile <<- EOC
- EXIM_MONITOR=eximon.bin
- EOC
- fi
-
- #
- # features
- #
-
- # DomainKeys Identified Mail, RFC4871
- if ! use dkim; then
- # DKIM is enabled by default
- cat >> Makefile <<- EOC
- DISABLE_DKIM=yes
- EOC
- fi
-
- # Per-Recipient-Data-Response
- if ! use prdr; then
- # PRDR is enabled by default
- cat >> Makefile <<- EOC
- DISABLE_PRDR=yes
- EOC
- fi
-
- # Transport post-delivery actions
- if use !tpda && use !dane; then
- # EVENT is enabled by default
- cat >> Makefile <<- EOC
- DISABLE_EVENT=yes
- EOC
- fi
-
- # log to syslog
- if use syslog; then
- local eximlog="${EPREFIX}/var/log/exim/exim_%s.log"
- sed -i \
- -e "s:LOG_FILE_PATH=${eximlog}:LOG_FILE_PATH=syslog:" \
- Makefile || die
- cat >> Makefile <<- EOC
- LOG_FILE_PATH=syslog
- EOC
- else
- cat >> Makefile <<- EOC
- LOG_FILE_PATH=${EPREFIX}/var/log/exim/exim_%s.log
- EOC
- fi
-
- # starttls support (ssl)
- if use ssl; then
- if use gnutls; then
- echo "USE_GNUTLS=yes" >> Makefile
- echo "USE_GNUTLS_PC=gnutls $(use dane && echo gnutls-dane)" \
- >> Makefile
- use pkcs11 || echo "AVOID_GNUTLS_PKCS11=yes" >> Makefile
- else
- echo "USE_OPENSSL=yes" >> Makefile
- echo "USE_OPENSSL_PC=openssl" >> Makefile
- fi
- else
- echo "DISABLE_TLS=yes" >> Makefile
- fi
-
- # TCP wrappers
- if use tcpd; then
- cat >> Makefile <<- EOC
- USE_TCP_WRAPPERS=yes
- EXTRALIBS_EXIM += -lwrap
- EOC
- fi
-
- # Light Mail Transport Protocol
- if use lmtp; then
- cat >> Makefile <<- EOC
- TRANSPORT_LMTP=yes
- EOC
- fi
-
- # embedded Perl
- if use perl; then
- cat >> Makefile <<- EOC
- EXIM_PERL=perl.o
- EOC
- fi
-
- # dlfunc
- if use dlfunc; then
- cat >> Makefile <<- EOC
- EXPAND_DLFUNC=yes
- HAVE_LOCAL_SCAN=yes
- DLOPEN_LOCAL_SCAN=yes
- EOC
- fi
-
- # Proxy Protocol
- if use proxy; then
- cat >> Makefile <<- EOC
- SUPPORT_PROXY=yes
- EOC
- fi
-
- # SOCKS5 (outbound) proxy support
- if use socks5; then
- cat >> Makefile <<- EOC
- SUPPORT_SOCKS=yes
- EOC
- fi
-
- # DANE
- if use !dane; then
- # DANE is enabled by default
- sed -i -e 's:^SUPPORT_DANE=yes:# SUPPORT_DANE=yes:' Makefile || die
- fi
-
- # DMARC
- if use dmarc; then
- cat >> Makefile <<- EOC
- SUPPORT_DMARC=yes
- EXTRALIBS_EXIM += -lopendmarc
- EOC
- fi
-
- # Sender Policy Framework
- if use spf; then
- cat >> Makefile <<- EOC
- SUPPORT_SPF=yes
- EXTRALIBS_EXIM += -lspf2
- EOC
- fi
-
- #
- # experimental features
- #
-
- # Authenticated Receive Chain
- if use arc; then
- echo "EXPERIMENTAL_ARC=yes">> Makefile
- fi
-
- # Distributed Checksum Clearinghouse
- if use dcc; then
- echo "EXPERIMENTAL_DCC=yes">> Makefile
- fi
-
- # Sender Rewriting Scheme
- if use srs; then
- # this one is the default/supported variant since 4.95, and the
- # only variant available since 4.96
- cat >> Makefile <<- EOC
- SUPPORT_SRS=yes
- EOC
- fi
-
- # Delivery Sender Notifications extra information in fail message
- if use dsn; then
- cat >> Makefile <<- EOC
- EXPERIMENTAL_DSN_INFO=yes
- EOC
- fi
-
- #
- # authentication (SMTP AUTH)
- #
-
- # standard bits
- cat >> Makefile <<- EOC
- AUTH_SPA=yes
- AUTH_CRAM_MD5=yes
- AUTH_PLAINTEXT=yes
- EOC
-
- # Cyrus SASL
- if use sasl; then
- cat >> Makefile <<- EOC
- CYRUS_SASLAUTHD_SOCKET=${EPREFIX}/run/saslauthd/mux
- AUTH_CYRUS_SASL=yes
- AUTH_LIBS += -lsasl2
- EOC
- fi
-
- # Dovecot
- if use dovecot-sasl; then
- cat >> Makefile <<- EOC
- AUTH_DOVECOT=yes
- EOC
- fi
-
- # Pluggable Authentication Modules
- if use pam; then
- cat >> Makefile <<- EOC
- SUPPORT_PAM=yes
- AUTH_LIBS += -lpam
- EOC
- fi
-
- # Radius
- if use radius; then
- cat >> Makefile <<- EOC
- RADIUS_CONFIG_FILE=${EPREFIX}/etc/radiusclient/radiusclient.conf
- RADIUS_LIB_TYPE=RADIUSCLIENTNEW
- AUTH_LIBS += -lfreeradius-client
- EOC
- fi
-}
-
-src_compile() {
- emake CC="$(tc-getCC)" HOSTCC="$(tc-getBUILD_CC)" \
- AR="$(tc-getAR) cq" RANLIB="$(tc-getRANLIB)" FULLECHO=''
-}
-
-src_install() {
- cd "${S}"/build-exim-gentoo || die
- dosbin exim
- if use X; then
- dosbin eximon.bin
- dosbin eximon
- fi
- fperms 4755 /usr/sbin/exim
-
- dosym exim /usr/sbin/sendmail
- dosym exim /usr/sbin/rsmtp
- dosym exim /usr/sbin/rmail
- dosym ../sbin/exim /usr/bin/mailq
- dosym ../sbin/exim /usr/bin/newaliases
- dosym ../sbin/sendmail /usr/lib/sendmail
-
- for i in exicyclog exim_dbmbuild exim_dumpdb exim_fixdb exim_lock \
- exim_tidydb exinext exiwhat exigrep eximstats exiqsumm exiqgrep \
- convert4r3 convert4r4 exipick
- do
- dosbin $i
- done
-
- dodoc -r "${S}"/doc/.
- doman "${S}"/doc/exim.8
- use dsn && dodoc "${S}"/README.DSN
- use doc && dodoc "${WORKDIR}"/${PN}-pdf-${PV//rc/RC}/doc/*.pdf
-
- # conf files
- insinto /etc/exim
- newins "${S}"/src/configure.default exim.conf.dist
- doins "${WORKDIR}"/system_filter.exim
- doins "${FILESDIR}"/auth_conf.sub
-
- if use pam; then
- pamd_mimic system-auth exim auth account
- fi
-
- # headers, #436406
- if use dlfunc ; then
- # fixup includes so they actually can be found when including
- sed -i \
- -e '/#include "\(config\|store\|mytypes\).h"/s:"\(.\+\)":<exim/\1>:' \
- local_scan.h || die
- insinto /usr/include/exim
- doins {config,local_scan}.h ../src/{mytypes,store}.h
- fi
-
- insinto /etc/logrotate.d
- newins "${FILESDIR}/exim.logrotate" exim
-
- newinitd "${FILESDIR}"/exim.rc10 exim
- newconfd "${FILESDIR}"/exim.confd exim
-
- systemd_dounit \
- "${FILESDIR}"/{exim.service,exim.socket,exim-submission.socket}
- systemd_newunit \
- "${FILESDIR}"/exim_at.service 'exim@.service'
- systemd_newunit \
- "${FILESDIR}"/exim-submission_at.service 'exim-submission@.service'
-
- diropts -m 0750 -o ${MAILUSER} -g ${MAILGROUP}
- keepdir /var/log/${PN}
-}
-
-pkg_postinst() {
- if [[ ! -f ${EROOT}/etc/exim/exim.conf ]] ; then
- einfo "${EROOT}/etc/exim/system_filter.exim is a sample system_filter."
- einfo "${EROOT}/etc/exim/auth_conf.sub contains the configuration sub"
- einfo "for using smtp auth."
- einfo "Please create ${EROOT}/etc/exim/exim.conf from"
- einfo " ${EROOT}/etc/exim/exim.conf.dist."
- fi
- if use berkdb && ( use gdbm || use tdb ) ; then
- ewarn "USE=berkdb is ignored because USE=gdbm or USE=tdb is enabled!"
- fi
- if use dmarc ; then
- einfo "DMARC support requires ${EROOT}/etc/exim/opendmarc.tlds"
- einfo "you can populate this file with the contents downloaded from"
- einfo " https://publicsuffix.org/list/public_suffix_list.dat"
- fi
- if use dcc ; then
- einfo "DCC support is experimental, you can find some limited"
- einfo "documentation at the bottom of this prerelease message:"
- einfo " http://article.gmane.org/gmane.mail.exim.devel/3579"
- fi
- if use srs; then
- einfo "SRS support using libsrs_alt was dropped in this"
- einfo "release of Exim, you are now using the native SRS implementation"
- fi
- use dsn && einfo "extra information in fail DSN message is experimental"
- einfo
- elog "Note that this release contains a tainted variable check that"
- elog "is likely to break your configuration used with Exim 4.93 and before."
- elog "Please check your transports for occurences of \$local_part, and"
- elog "use a replacement like \$local_part_data where possible."
-}
diff --git a/mail-mta/exim/exim-4.96.2.ebuild b/mail-mta/exim/exim-4.96.2.ebuild
deleted file mode 100644
index 1a6f85e5b4ec..000000000000
--- a/mail-mta/exim/exim-4.96.2.ebuild
+++ /dev/null
@@ -1,655 +0,0 @@
-# Copyright 1999-2023 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI="7"
-
-inherit db-use toolchain-funcs pam systemd
-
-IUSE="arc berkdb +dane dcc +dkim dlfunc dmarc +dnsdb doc dovecot-sasl
-dsn gdbm gnutls idn ipv6 ldap lmtp maildir mbx
-mysql nis pam perl pkcs11 postgres +prdr proxy radius redis sasl selinux
-socks5 spf sqlite srs +ssl syslog tdb tcpd +tpda X"
-REQUIRED_USE="
- arc? ( dkim spf )
- dane? ( ssl !gnutls )
- dmarc? ( dkim spf )
- dkim? ( ssl !gnutls )
- gnutls? ( ssl )
- pkcs11? ( ssl )
- || ( berkdb gdbm tdb )
-"
-# NOTE on USE="gnutls dane", gnutls[dane] is masked in base, unmasked
-# for x86 and amd64 only, due to this, repoman won't allow depending on
-# gnutls[dane] for all else. Because we cannot express USE=dane when
-# USE=gnutls is in effect only in package.use.mask, the only option we
-# have left is to a) ignore the dependency (but that results in bug
-# #661164) or b) mask the usage of USE=dane with USE=gnutls. Both are
-# incorrect, but b) is the only "correct" view from repoman.
-# We cannot express a required use for berkdb/gdbm/tdb correctly because
-# berkdb and gdbm are both enabled in base profile
-
-SDIR=$([[ ${PV} == *_rc* ]] && echo /test
- [[ ${PV} == *.*.*.* ]] && echo /fixes)
-COMM_URI="https://downloads.exim.org/exim4${SDIR}"
-
-GPV="r0"
-DESCRIPTION="A highly configurable, drop-in replacement for sendmail"
-SRC_URI="${COMM_URI}/${P//_rc/-RC}.tar.xz
- https://dev.gentoo.org/~grobian/distfiles/${PN}-4.96-gentoo-patches-${GPV}.tar.xz
- mirror://gentoo/system_filter.exim.gz
- doc? ( ${COMM_URI}/${PN}-pdf-${PV//_rc/-RC}.tar.xz )"
-HOMEPAGE="https://www.exim.org/"
-
-SLOT="0"
-LICENSE="GPL-2"
-KEYWORDS="~alpha amd64 arm ~arm64 ~hppa ~ia64 ~ppc ppc64 sparc ~x86"
-
-COMMON_DEPEND=">=sys-apps/sed-4.0.5
- dev-libs/libpcre2:=
- tdb? ( sys-libs/tdb:= )
- !tdb? ( berkdb? ( >=sys-libs/db-3.2:= <sys-libs/db-6:= ) )
- !tdb? ( !berkdb? ( sys-libs/gdbm:= ) )
- idn? ( net-dns/libidn:= net-dns/libidn2:= )
- perl? ( dev-lang/perl:= )
- pam? ( sys-libs/pam )
- tcpd? ( sys-apps/tcp-wrappers )
- ssl? (
- gnutls? (
- net-libs/gnutls:0=[pkcs11?]
- dev-libs/libtasn1
- )
- !gnutls? (
- dev-libs/openssl:0=
- )
- )
- ldap? ( >=net-nds/openldap-2.0.7:= )
- elibc_glibc? (
- net-libs/libnsl:=
- nis? (
- net-libs/libtirpc:=
- >=net-libs/libnsl-1:=
- )
- )
- mysql? ( dev-db/mysql-connector-c:= )
- postgres? ( dev-db/postgresql:= )
- sasl? ( >=dev-libs/cyrus-sasl-2.1.26-r2 )
- redis? ( dev-libs/hiredis:= )
- spf? ( >=mail-filter/libspf2-1.2.5-r1 )
- dmarc? ( mail-filter/opendmarc:= )
- X? (
- x11-libs/libX11
- x11-libs/libXmu
- x11-libs/libXt
- x11-libs/libXaw
- )
- sqlite? ( dev-db/sqlite )
- radius? ( net-dialup/freeradius-client )
- virtual/libcrypt:=
- virtual/libiconv
- "
- # added X check for #57206
-BDEPEND="virtual/pkgconfig"
-DEPEND="${COMMON_DEPEND}"
-RDEPEND="${COMMON_DEPEND}
- !mail-mta/courier
- !mail-mta/esmtp
- !mail-mta/msmtp[mta]
- !mail-mta/netqmail
- !mail-mta/nullmailer
- !mail-mta/postfix
- !mail-mta/sendmail
- !mail-mta/opensmtpd
- !mail-mta/ssmtp[mta]
- >=net-mail/mailbase-0.00-r5
- virtual/logger
- dcc? ( mail-filter/dcc )
- selinux? ( sec-policy/selinux-exim )
- "
-
-S=${WORKDIR}/${P//_rc/-RC}
-
-src_prepare() {
- # Legacy patches which need a respin for -p1
- eapply -p0 "${FILESDIR}"/exim-4.14-tail.patch
- eapply -p0 "${FILESDIR}"/exim-4.74-radius-db-ENV-clash.patch # 287426
- eapply "${FILESDIR}"/exim-4.93-as-needed-ldflags.patch # 352265, 391279
- eapply -p0 "${FILESDIR}"/exim-4.76-crosscompile.patch # 266591
- eapply "${FILESDIR}"/exim-4.69-r1.27021.patch
- eapply "${FILESDIR}"/exim-4.95-localscan_dlopen.patch
-
- # Upstream post-release fixes :(
- local GPVDIR=${WORKDIR}/${PN}-4.96-gentoo-patches-${GPV}
- eapply "${GPVDIR}"/exim-4.96-rewrite-malformed-addr-fix.patch # upstr
- eapply "${GPVDIR}"/exim-4.96-spf-memory-error-fix.patch # upstr
- eapply "${GPVDIR}"/exim-4.96-regex-use-after-free.patch # upstr
- eapply -p2 "${GPVDIR}"/exim-4.96-dmarc_use_after_free.patch # upstr
- eapply "${GPVDIR}"/exim-4.96-deamon-startup-fix.patch # upstr
- eapply "${GPVDIR}"/exim-4.96-openssl-verify-ocsp.patch # upstr
- eapply "${GPVDIR}"/exim-4.96-openssl-double-expansion.patch # upstr
- eapply "${GPVDIR}"/exim-4.96-recursion-dns_again.patch # upstr
- eapply "${GPVDIR}"/exim-4.96-openssl-tls_eccurve-setting.patch # upstr
- eapply "${GPVDIR}"/exim-4.96-openssl-tls_eccurve-lt-3.patch # upstr
- eapply "${GPVDIR}"/exim-4.96-openssl-bad-alpn.patch # upstr
- eapply "${GPVDIR}"/exim-4.96-dane-dns_again.patch # upstr
- eapply "${GPVDIR}"/exim-4.96-expansion-crash.patch # upstr
- eapply "${GPVDIR}"/exim-4.96-transport-crash.patch # upstr
-
- # oddity, they disable berkdb as hack, and then throw an error when
- # berkdb isn't enabled
- sed -i \
- -e 's/_DB_/_DONTMESS_/' \
- -e 's/define DB void/define DONTMESS void/' \
- src/auths/call_radius.c || die
-
- # API changed from 1.3 to 1.4, upstream doesn't think 1.4 should be
- # used, but 1.3 has a CVE and Gentoo (like most downstreams) only
- # has 1.4 available
- eapply "${FILESDIR}"/exim-4.94-opendmarc-1.4.patch
-
- if use maildir ; then
- eapply "${FILESDIR}"/exim-4.94-maildir.patch
- else
- eapply -p0 "${FILESDIR}"/exim-4.80-spool-mail-group.patch # 438606
- fi
-
- eapply_user
-
- # user Exim believes it should be
- MAILUSER=mail
- MAILGROUP=mail
- if use prefix && [[ ${EUID} != 0 ]] ; then
- MAILUSER=$(id -un)
- MAILGROUP=$(id -gn)
- fi
-}
-
-src_configure() {
- # general config and paths
-
- local aliases="${EPREFIX}/etc/mail/aliases"
- sed -i \
- -e "/SYSTEM_ALIASES_FILE/s'SYSTEM_ALIASES_FILE'${aliases}'" \
- src/configure.default || die
-
- sed -i -e 's/^buildname=.*/buildname=exim-gentoo/' Makefile || die
-
- if use elibc_musl; then
- sed -i -e 's/^LIBS = -lnsl/LIBS =/g' OS/Makefile-Linux || die
- fi
-
- local conffile="${EPREFIX}/etc/exim/exim.conf"
- sed -e "48i\CFLAGS=${CFLAGS}" \
- -e "s:BIN_DIRECTORY=/usr/exim/bin:BIN_DIRECTORY=${EPREFIX}/usr/sbin:" \
- -e "s;EXIM_USER=;EXIM_USER=ref:${MAILUSER};" \
- -e "s:CONFIGURE_FILE=.*$:CONFIGURE_FILE=${conffile}:" \
- -e "s:ZCAT_COMMAND=.*$:ZCAT_COMMAND=${EPREFIX}/bin/zcat:" \
- -e "s:COMPRESS_COMMAND=.*$:COMPRESS_COMMAND=${EPREFIX}/bin/gzip:" \
- src/EDITME > Local/Makefile || die
-
- # work on Local/Makefile from now on
- cd Local
-
- cat >> Makefile <<- EOC
- INFO_DIRECTORY=${EPREFIX}/usr/share/info
- PID_FILE_PATH=${EPREFIX}/run/exim.pid
- SPOOL_DIRECTORY=${EPREFIX}/var/spool/exim
- HAVE_ICONV=yes
- WITH_CONTENT_SCAN=yes
- EOC
-
- # configure db implementation, Exim always needs one for its hints
- # database, we prefer tdb and gdbm, since bdb is kind of getting
- # less and less support
- if use tdb ; then
- cat >> Makefile <<- EOC
- USE_TDB=yes
- DBMLIB = -ltdb
- EOC
- sed -i -e 's:^USE_DB=yes:# USE_DB=yes:' Makefile || die
- sed -i -e 's:^USE_GDBM=yes:# USE_GDBM=yes:' Makefile || die
- elif use gdbm ; then
- cat >> Makefile <<- EOC
- USE_GDBM=yes
- DBMLIB = -lgdbm
- EOC
- sed -i -e 's:^USE_DB=yes:# USE_DB=yes:' Makefile || die
- sed -i -e 's:^USE_TDB=yes:# USE_TDB=yes:' Makefile || die
- else # must be berkdb via required_use
- # use the "native" interfaces to the DBM and CDB libraries, support
- # passwd and directory lookups by default
- local DB_VERS="5.3 5.1 4.8 4.7 4.6 4.5 4.4 4.3 4.2 3.2"
- cat >> Makefile <<- EOC
- USE_DB=yes
- # keep include in CFLAGS because exim.h -> dbstuff.h -> db.h
- CFLAGS += -I$(db_includedir ${DB_VERS})
- DBMLIB = -l$(db_libname ${DB_VERS})
- EOC
- sed -i -e 's:^USE_GDBM=yes:# USE_GDBM=yes:' Makefile || die
- sed -i -e 's:^USE_TDB=yes:# USE_TDB=yes:' Makefile || die
- fi
-
- # if we use libiconv, now is the time to tell so
- if use !elibc_glibc && use !elibc_musl ; then
- cat >> Makefile <<- EOC
- EXTRALIBS_EXIM=-liconv
- EOC
- fi
-
- # support for IPv6
- if use ipv6; then
- cat >> Makefile <<- EOC
- HAVE_IPV6=YES
- EOC
- fi
-
- # support i18n/IDNA
- if use idn; then
- cat >> Makefile <<- EOC
- SUPPORT_I18N=yes
- SUPPORT_I18N_2008=yes
- EXTRALIBS_EXIM += -lidn -lidn2
- EOC
- fi
-
- #
- # mail storage formats
- #
-
- # mailstore is Exim's traditional storage format
- cat >> Makefile <<- EOC
- SUPPORT_MAILSTORE=yes
- EOC
-
- # mbox
- if use mbx; then
- cat >> Makefile <<- EOC
- SUPPORT_MBX=yes
- EOC
- fi
-
- # maildir
- if use maildir; then
- cat >> Makefile <<- EOC
- SUPPORT_MAILDIR=yes
- EOC
- fi
-
- #
- # lookup methods
- #
-
- # support passwd and directory lookups by default
- cat >> Makefile <<- EOC
- LOOKUP_CDB=yes
- LOOKUP_PASSWD=yes
- LOOKUP_DSEARCH=yes
- EOC
-
- if ! use dnsdb; then
- # DNSDB lookup is enabled by default
- sed -i -e 's:^LOOKUP_DNSDB=yes:# LOOKUP_DNSDB=yes:' Makefile || die
- fi
-
- if use ldap; then
- cat >> Makefile <<- EOC
- LOOKUP_LDAP=yes
- LDAP_LIB_TYPE=OPENLDAP2
- LOOKUP_INCLUDE += -I"${EPREFIX}"/usr/include/ldap
- LOOKUP_LIBS += -lldap -llber
- EOC
- fi
-
- if use mysql; then
- cat >> Makefile <<- EOC
- LOOKUP_MYSQL=yes
- LOOKUP_INCLUDE += $(mysql_config --include)
- LOOKUP_LIBS += $(mysql_config --libs)
- EOC
- fi
-
- if use nis; then
- cat >> Makefile <<- EOC
- LOOKUP_NIS=yes
- LOOKUP_NISPLUS=yes
- EOC
- if use elibc_glibc ; then
- cat >> Makefile <<- EOC
- LOOKUP_INCLUDE += -I"${EPREFIX}"/usr/include/tirpc
- LOOKUP_LIBS += -lnsl
- EOC
- fi
- fi
-
- if use postgres; then
- cat >> Makefile <<- EOC
- LOOKUP_PGSQL=yes
- LOOKUP_INCLUDE += -I$(pg_config --includedir)
- LOOKUP_LIBS += -L$(pg_config --libdir) -lpq
- EOC
- fi
-
- if use sqlite; then
- cat >> Makefile <<- EOC
- LOOKUP_SQLITE=yes
- LOOKUP_SQLITE_PC=sqlite3
- EOC
- fi
-
- if use redis; then
- cat >> Makefile <<- EOC
- LOOKUP_REDIS=yes
- LOOKUP_LIBS += -lhiredis
- EOC
- fi
-
- # Exim monitor, enabled by default, controlled via X USE-flag,
- # disable if not requested, bug #46778
- if use X; then
- cp ../exim_monitor/EDITME eximon.conf || die
- cat >> Makefile <<- EOC
- EXIM_MONITOR=eximon.bin
- EOC
- fi
-
- #
- # features
- #
-
- # DomainKeys Identified Mail, RFC4871
- if ! use dkim; then
- # DKIM is enabled by default
- cat >> Makefile <<- EOC
- DISABLE_DKIM=yes
- EOC
- fi
-
- # Per-Recipient-Data-Response
- if ! use prdr; then
- # PRDR is enabled by default
- cat >> Makefile <<- EOC
- DISABLE_PRDR=yes
- EOC
- fi
-
- # Transport post-delivery actions
- if use !tpda && use !dane; then
- # EVENT is enabled by default
- cat >> Makefile <<- EOC
- DISABLE_EVENT=yes
- EOC
- fi
-
- # log to syslog
- if use syslog; then
- local eximlog="${EPREFIX}/var/log/exim/exim_%s.log"
- sed -i \
- -e "s:LOG_FILE_PATH=${eximlog}:LOG_FILE_PATH=syslog:" \
- Makefile || die
- cat >> Makefile <<- EOC
- LOG_FILE_PATH=syslog
- EOC
- else
- cat >> Makefile <<- EOC
- LOG_FILE_PATH=${EPREFIX}/var/log/exim/exim_%s.log
- EOC
- fi
-
- # starttls support (ssl)
- if use ssl; then
- if use gnutls; then
- echo "USE_GNUTLS=yes" >> Makefile
- echo "USE_GNUTLS_PC=gnutls $(use dane && echo gnutls-dane)" \
- >> Makefile
- use pkcs11 || echo "AVOID_GNUTLS_PKCS11=yes" >> Makefile
- else
- echo "USE_OPENSSL=yes" >> Makefile
- echo "USE_OPENSSL_PC=openssl" >> Makefile
- fi
- else
- echo "DISABLE_TLS=yes" >> Makefile
- fi
-
- # TCP wrappers
- if use tcpd; then
- cat >> Makefile <<- EOC
- USE_TCP_WRAPPERS=yes
- EXTRALIBS_EXIM += -lwrap
- EOC
- fi
-
- # Light Mail Transport Protocol
- if use lmtp; then
- cat >> Makefile <<- EOC
- TRANSPORT_LMTP=yes
- EOC
- fi
-
- # embedded Perl
- if use perl; then
- cat >> Makefile <<- EOC
- EXIM_PERL=perl.o
- EOC
- fi
-
- # dlfunc
- if use dlfunc; then
- cat >> Makefile <<- EOC
- EXPAND_DLFUNC=yes
- HAVE_LOCAL_SCAN=yes
- DLOPEN_LOCAL_SCAN=yes
- EOC
- fi
-
- # Proxy Protocol
- if use proxy; then
- cat >> Makefile <<- EOC
- SUPPORT_PROXY=yes
- EOC
- fi
-
- # SOCKS5 (outbound) proxy support
- if use socks5; then
- cat >> Makefile <<- EOC
- SUPPORT_SOCKS=yes
- EOC
- fi
-
- # DANE
- if use !dane; then
- # DANE is enabled by default
- sed -i -e 's:^SUPPORT_DANE=yes:# SUPPORT_DANE=yes:' Makefile || die
- fi
-
- # DMARC
- if use dmarc; then
- cat >> Makefile <<- EOC
- SUPPORT_DMARC=yes
- EXTRALIBS_EXIM += -lopendmarc
- EOC
- fi
-
- # Sender Policy Framework
- if use spf; then
- cat >> Makefile <<- EOC
- SUPPORT_SPF=yes
- EXTRALIBS_EXIM += -lspf2
- EOC
- fi
-
- #
- # experimental features
- #
-
- # Authenticated Receive Chain
- if use arc; then
- echo "EXPERIMENTAL_ARC=yes">> Makefile
- fi
-
- # Distributed Checksum Clearinghouse
- if use dcc; then
- echo "EXPERIMENTAL_DCC=yes">> Makefile
- fi
-
- # Sender Rewriting Scheme
- if use srs; then
- # this one is the default/supported variant since 4.95, and the
- # only variant available since 4.96
- cat >> Makefile <<- EOC
- SUPPORT_SRS=yes
- EOC
- fi
-
- # Delivery Sender Notifications extra information in fail message
- if use dsn; then
- cat >> Makefile <<- EOC
- EXPERIMENTAL_DSN_INFO=yes
- EOC
- fi
-
- #
- # authentication (SMTP AUTH)
- #
-
- # standard bits
- cat >> Makefile <<- EOC
- AUTH_SPA=yes
- AUTH_CRAM_MD5=yes
- AUTH_PLAINTEXT=yes
- EOC
-
- # Cyrus SASL
- if use sasl; then
- cat >> Makefile <<- EOC
- CYRUS_SASLAUTHD_SOCKET=${EPREFIX}/run/saslauthd/mux
- AUTH_CYRUS_SASL=yes
- AUTH_LIBS += -lsasl2
- EOC
- fi
-
- # Dovecot
- if use dovecot-sasl; then
- cat >> Makefile <<- EOC
- AUTH_DOVECOT=yes
- EOC
- fi
-
- # Pluggable Authentication Modules
- if use pam; then
- cat >> Makefile <<- EOC
- SUPPORT_PAM=yes
- AUTH_LIBS += -lpam
- EOC
- fi
-
- # Radius
- if use radius; then
- cat >> Makefile <<- EOC
- RADIUS_CONFIG_FILE=${EPREFIX}/etc/radiusclient/radiusclient.conf
- RADIUS_LIB_TYPE=RADIUSCLIENTNEW
- AUTH_LIBS += -lfreeradius-client
- EOC
- fi
-}
-
-src_compile() {
- emake CC="$(tc-getCC)" HOSTCC="$(tc-getBUILD_CC)" \
- AR="$(tc-getAR) cq" RANLIB="$(tc-getRANLIB)" FULLECHO=''
-}
-
-src_install() {
- cd "${S}"/build-exim-gentoo || die
- dosbin exim
- if use X; then
- dosbin eximon.bin
- dosbin eximon
- fi
- fperms 4755 /usr/sbin/exim
-
- dosym exim /usr/sbin/sendmail
- dosym exim /usr/sbin/rsmtp
- dosym exim /usr/sbin/rmail
- dosym ../sbin/exim /usr/bin/mailq
- dosym ../sbin/exim /usr/bin/newaliases
- dosym ../sbin/sendmail /usr/lib/sendmail
-
- for i in exicyclog exim_dbmbuild exim_dumpdb exim_fixdb exim_lock \
- exim_tidydb exinext exiwhat exigrep eximstats exiqsumm exiqgrep \
- convert4r3 convert4r4 exipick
- do
- dosbin $i
- done
-
- dodoc -r "${S}"/doc/.
- doman "${S}"/doc/exim.8
- use dsn && dodoc "${S}"/README.DSN
- use doc && dodoc "${WORKDIR}"/${PN}-pdf-${PV//rc/RC}/doc/*.pdf
-
- # conf files
- insinto /etc/exim
- newins "${S}"/src/configure.default exim.conf.dist
- doins "${WORKDIR}"/system_filter.exim
- doins "${FILESDIR}"/auth_conf.sub
-
- if use pam; then
- pamd_mimic system-auth exim auth account
- fi
-
- # headers, #436406
- if use dlfunc ; then
- # fixup includes so they actually can be found when including
- sed -i \
- -e '/#include "\(config\|store\|mytypes\).h"/s:"\(.\+\)":<exim/\1>:' \
- local_scan.h || die
- insinto /usr/include/exim
- doins {config,local_scan}.h ../src/{mytypes,store}.h
- fi
-
- insinto /etc/logrotate.d
- newins "${FILESDIR}/exim.logrotate" exim
-
- newinitd "${FILESDIR}"/exim.rc10 exim
- newconfd "${FILESDIR}"/exim.confd exim
-
- systemd_dounit \
- "${FILESDIR}"/{exim.service,exim.socket,exim-submission.socket}
- systemd_newunit \
- "${FILESDIR}"/exim_at.service 'exim@.service'
- systemd_newunit \
- "${FILESDIR}"/exim-submission_at.service 'exim-submission@.service'
-
- diropts -m 0750 -o ${MAILUSER} -g ${MAILGROUP}
- keepdir /var/log/${PN}
-}
-
-pkg_postinst() {
- if [[ ! -f ${EROOT}/etc/exim/exim.conf ]] ; then
- einfo "${EROOT}/etc/exim/system_filter.exim is a sample system_filter."
- einfo "${EROOT}/etc/exim/auth_conf.sub contains the configuration sub"
- einfo "for using smtp auth."
- einfo "Please create ${EROOT}/etc/exim/exim.conf from"
- einfo " ${EROOT}/etc/exim/exim.conf.dist."
- fi
- if use berkdb && ( use gdbm || use tdb ) ; then
- ewarn "USE=berkdb is ignored because USE=gdbm or USE=tdb is enabled!"
- fi
- if use dmarc ; then
- einfo "DMARC support requires ${EROOT}/etc/exim/opendmarc.tlds"
- einfo "you can populate this file with the contents downloaded from"
- einfo " https://publicsuffix.org/list/public_suffix_list.dat"
- fi
- if use dcc ; then
- einfo "DCC support is experimental, you can find some limited"
- einfo "documentation at the bottom of this prerelease message:"
- einfo " http://article.gmane.org/gmane.mail.exim.devel/3579"
- fi
- if use srs; then
- einfo "SRS support using libsrs_alt was dropped in this"
- einfo "release of Exim, you are now using the native SRS implementation"
- fi
- use dsn && einfo "extra information in fail DSN message is experimental"
- einfo
- elog "Note that this release contains a tainted variable check that"
- elog "is likely to break your configuration used with Exim 4.93 and before."
- elog "Please check your transports for occurences of \$local_part, and"
- elog "use a replacement like \$local_part_data where possible."
-}
diff --git a/mail-mta/exim/files/exim-4.93-as-needed-ldflags.patch b/mail-mta/exim/files/exim-4.93-as-needed-ldflags.patch
deleted file mode 100644
index 3b3ea4628174..000000000000
--- a/mail-mta/exim/files/exim-4.93-as-needed-ldflags.patch
+++ /dev/null
@@ -1,145 +0,0 @@
-https://bugs.gentoo.org/show_bug.cgi?id=352265
-
-Make sure LDFLAGS comes first, such that all libraries are considered,
-and not discarded when --as-needed is in effect.
-
-https://bugs.gentoo.org/show_bug.cgi?id=391279
-
-Use LDFLAGS for all targets, not just the exim binary, such that
---as-needed works as well.
-
-
---- a/OS/Makefile-Base
-+++ b/OS/Makefile-Base
-@@ -496,12 +496,12 @@
- buildrouters buildtransports \
- $(OBJ_EXIM) version.o
- @echo "$(LNCC) -o exim"
-- $(FE)$(PURIFY) $(LNCC) -o exim $(LFLAGS) $(OBJ_EXIM) version.o \
-+ $(FE)$(PURIFY) $(LNCC) -o exim $(LDFLAGS) $(OBJ_EXIM) version.o \
- routers/routers.a transports/transports.a lookups/lookups.a \
- auths/auths.a pdkim/pdkim.a \
- $(LIBRESOLV) $(LIBS) $(LIBS_EXIM) $(IPV6_LIBS) $(EXTRALIBS) \
- $(EXTRALIBS_EXIM) $(DBMLIB) $(LOOKUP_LIBS) $(AUTH_LIBS) \
-- $(PERL_LIBS) $(TLS_LIBS) $(PCRE_LIBS) $(LDFLAGS)
-+ $(PERL_LIBS) $(TLS_LIBS) $(PCRE_LIBS) $(LFLAGS)
- @if [ x"$(STRIP_COMMAND)" != x"" ]; then \
- echo $(STRIP_COMMAND) exim; \
- $(STRIP_COMMAND) exim; \
-@@ -517,8 +517,8 @@
-
- exim_dumpdb: $(OBJ_DUMPDB)
- @echo "$(LNCC) -o exim_dumpdb"
-- $(FE)$(LNCC) $(CFLAGS) $(INCLUDE) -o exim_dumpdb $(LFLAGS) $(OBJ_DUMPDB) \
-- $(LIBS) $(EXTRALIBS) $(DBMLIB)
-+ $(FE)$(LNCC) $(CFLAGS) $(INCLUDE) -o exim_dumpdb $(LDFLAGS) $(OBJ_DUMPDB) \
-+ $(LIBS) $(EXTRALIBS) $(DBMLIB) $(LFLAGS)
- @if [ x"$(STRIP_COMMAND)" != x"" ]; then \
- echo $(STRIP_COMMAND) exim_dumpdb; \
- $(STRIP_COMMAND) exim_dumpdb; \
-@@ -532,8 +532,8 @@
-
- exim_fixdb: $(OBJ_FIXDB)
- @echo "$(LNCC) -o exim_fixdb"
-- $(FE)$(LNCC) $(CFLAGS) $(INCLUDE) -o exim_fixdb $(LFLAGS) $(OBJ_FIXDB) \
-- $(LIBS) $(EXTRALIBS) $(DBMLIB)
-+ $(FE)$(LNCC) $(CFLAGS) $(INCLUDE) -o exim_fixdb $(LDFLAGS) $(OBJ_FIXDB) \
-+ $(LIBS) $(EXTRALIBS) $(DBMLIB) $(LFLAGS)
- @if [ x"$(STRIP_COMMAND)" != x"" ]; then \
- echo $(STRIP_COMMAND) exim_fixdb; \
- $(STRIP_COMMAND) exim_fixdb; \
-@@ -547,8 +547,8 @@
-
- exim_tidydb: $(OBJ_TIDYDB)
- @echo "$(LNCC) -o exim_tidydb"
-- $(FE)$(LNCC) $(CFLAGS) $(INCLUDE) -o exim_tidydb $(LFLAGS) $(OBJ_TIDYDB) \
-- $(LIBS) $(EXTRALIBS) $(DBMLIB)
-+ $(FE)$(LNCC) $(CFLAGS) $(INCLUDE) -o exim_tidydb $(LDFLAGS) $(OBJ_TIDYDB) \
-+ $(LIBS) $(EXTRALIBS) $(DBMLIB) $(LFLAGS)
- @if [ x"$(STRIP_COMMAND)" != x"" ]; then \
- echo $(STRIP_COMMAND) exim_tidydb; \
- $(STRIP_COMMAND) exim_tidydb; \
-@@ -560,8 +560,8 @@
-
- exim_dbmbuild: exim_dbmbuild.o
- @echo "$(LNCC) -o exim_dbmbuild"
-- $(FE)$(LNCC) $(CFLAGS) $(INCLUDE) -o exim_dbmbuild $(LFLAGS) exim_dbmbuild.o \
-- $(LIBS) $(EXTRALIBS) $(DBMLIB)
-+ $(FE)$(LNCC) $(CFLAGS) $(INCLUDE) -o exim_dbmbuild $(LDFLAGS) exim_dbmbuild.o \
-+ $(LIBS) $(EXTRALIBS) $(DBMLIB) $(LFLAGS)
- @if [ x"$(STRIP_COMMAND)" != x"" ]; then \
- echo $(STRIP_COMMAND) exim_dbmbuild; \
- $(STRIP_COMMAND) exim_dbmbuild; \
-@@ -575,8 +575,8 @@
- @echo "$(CC) exim_lock.c"
- $(FE)$(CC) -c $(CFLAGS) $(INCLUDE) exim_lock.c
- @echo "$(LNCC) -o exim_lock"
-- $(FE)$(LNCC) -o exim_lock $(LFLAGS) exim_lock.o \
-- $(LIBS) $(EXTRALIBS)
-+ $(FE)$(LNCC) -o exim_lock $(LDFLAGS) exim_lock.o \
-+ $(LIBS) $(EXTRALIBS) $(LFLAGS)
- @if [ x"$(STRIP_COMMAND)" != x"" ]; then \
- echo $(STRIP_COMMAND) exim_lock; \
- $(STRIP_COMMAND) exim_lock; \
-@@ -612,9 +612,9 @@
- $(FE)$(CC) -o em_version.o -c \
- $(CFLAGS) $(XINCLUDE) -I. ../exim_monitor/em_version.c
- @echo "$(LNCC) -o eximon.bin"
-- $(FE)$(PURIFY) $(LNCC) -o eximon.bin em_version.o $(LFLAGS) $(XLFLAGS) \
-+ $(FE)$(PURIFY) $(LNCC) -o eximon.bin em_version.o $(LDFLAGS) $(XLFLAGS) \
- $(OBJ_MONBIN) -lXaw -lXmu -lXt -lXext -lX11 $(PCRE_LIBS) \
-- $(LIBS) $(LIBS_EXIMON) $(EXTRALIBS) $(EXTRALIBS_EXIMON) -lc
-+ $(LIBS) $(LIBS_EXIMON) $(EXTRALIBS) $(EXTRALIBS_EXIMON) -lc $(LFLAGS)
- @if [ x"$(STRIP_COMMAND)" != x"" ]; then \
- echo $(STRIP_COMMAND) eximon.bin; \
- $(STRIP_COMMAND) eximon.bin; \
-@@ -947,9 +947,9 @@
- string.o tod.o version.o utf8.o
- $(CC) -c $(CFLAGS) $(INCLUDE) -DSTAND_ALONE dbfn.c
- $(CC) -c $(CFLAGS) $(INCLUDE) -DCOMPILE_UTILITY store.c
-- $(LNCC) -o test_dbfn $(LFLAGS) dbfn.o \
-+ $(LNCC) -o test_dbfn $(LDFLAGS) dbfn.o \
- dummies.o sa-globals.o sa-os.o store.o string.o \
-- tod.o version.o utf8.o $(LIBS) $(DBMLIB) $(LDFLAGS)
-+ tod.o version.o utf8.o $(LIBS) $(DBMLIB) $(LFLAGS)
- rm -f dbfn.o store.o
-
- test_host: config.h child.c host.c dns.c dummies.c sa-globals.o os.o \
-@@ -958,29 +958,29 @@
- $(CC) -c $(CFLAGS) $(INCLUDE) -DSTAND_ALONE -DTEST_HOST host.c
- $(CC) -c $(CFLAGS) $(INCLUDE) -DSTAND_ALONE -DTEST_HOST dns.c
- $(CC) -c $(CFLAGS) $(INCLUDE) -DSTAND_ALONE -DTEST_HOST dummies.c
-- $(LNCC) -o test_host $(LFLAGS) \
-+ $(LNCC) -o test_host $(LDFLAGS) \
- host.o child.o dns.o dummies.o sa-globals.o os.o store.o string.o \
-- tod.o tree.o $(LIBS) $(LIBRESOLV)
-+ tod.o tree.o $(LIBS) $(LIBRESOLV) $(LFLAGS)
- rm -f child.o dummies.o host.o dns.o
-
- test_os: os.h os.c dummies.o sa-globals.o store.o string.o tod.o utf8.o
- $(CC) -c $(CFLAGS) $(INCLUDE) -DSTAND_ALONE os.c
-- $(LNCC) -o test_os $(LFLAGS) os.o dummies.o \
-- sa-globals.o store.o string.o tod.o utf8.o $(LIBS) $(LDFLAGS)
-+ $(LNCC) -o test_os $(LDFLAGS) os.o dummies.o \
-+ sa-globals.o store.o string.o tod.o utf8.o $(LIBS) $(LFLAGS)
- rm -f os.o
-
- test_parse: config.h parse.c dummies.o sa-globals.o \
- store.o string.o tod.o version.o utf8.o
- $(CC) -c $(CFLAGS) $(INCLUDE) -DSTAND_ALONE parse.c
-- $(LNCC) -o test_parse $(LFLAGS) parse.o \
-+ $(LNCC) -o test_parse $(LDFLAGS) parse.o \
- dummies.o sa-globals.o store.o string.o tod.o version.o \
-- utf8.o $(LDFLAGS)
-+ utf8.o $(LFLAGS)
- rm -f parse.o
-
- test_string: config.h string.c dummies.o sa-globals.o store.o tod.o utf8.o
- $(CC) -c $(CFLAGS) $(INCLUDE) -DSTAND_ALONE string.c
-- $(LNCC) -o test_string $(LFLAGS) -DSTAND_ALONE string.o \
-- dummies.o sa-globals.o store.o tod.o utf8.o $(LIBS) $(LDFLAGS)
-+ $(LNCC) -o test_string $(LDFLAGS) -DSTAND_ALONE string.o \
-+ dummies.o sa-globals.o store.o tod.o utf8.o $(LIBS) $(LFLAGS)
- rm -f string.o
-
- # End
diff --git a/mail-mta/exim/files/exim-4.94-opendmarc-1.4.patch b/mail-mta/exim/files/exim-4.94-opendmarc-1.4.patch
deleted file mode 100644
index d37c320d1592..000000000000
--- a/mail-mta/exim/files/exim-4.94-opendmarc-1.4.patch
+++ /dev/null
@@ -1,14 +0,0 @@
-https://bugs.exim.org/show_bug.cgi?id=2728
-
-
---- a/src/dmarc.c
-+++ b/src/dmarc.c
-@@ -446,7 +446,7 @@
- vs == PDKIM_VERIFY_INVALID ? DMARC_POLICY_DKIM_OUTCOME_TMPFAIL :
- DMARC_POLICY_DKIM_OUTCOME_NONE;
- libdm_status = opendmarc_policy_store_dkim(dmarc_pctx, US sig->domain,
-- dkim_result, US"");
-+ sig->selector, dkim_result, US"");
- DEBUG(D_receive)
- debug_printf("DMARC adding DKIM sender domain = %s\n", sig->domain);
- if (libdm_status != DMARC_PARSE_OKAY)
diff --git a/mail-mta/exim/files/exim-4.95-localscan_dlopen.patch b/mail-mta/exim/files/exim-4.95-localscan_dlopen.patch
deleted file mode 100644
index 320cc9936da9..000000000000
--- a/mail-mta/exim/files/exim-4.95-localscan_dlopen.patch
+++ /dev/null
@@ -1,221 +0,0 @@
-Only in exim-4.95: dlopen.patch
-diff -aur exim-4.95.orig/src/config.h.defaults exim-4.95/src/config.h.defaults
---- exim-4.95.orig/src/config.h.defaults 2021-09-28 10:24:46.000000000 +0200
-+++ exim-4.95/src/config.h.defaults 2021-09-29 08:20:03.677883649 +0200
-@@ -35,6 +35,8 @@
-
- #define AUTH_VARS 4
-
-+#define DLOPEN_LOCAL_SCAN
-+
- #define BIN_DIRECTORY
-
- #define CONFIGURE_FILE
-Only in exim-4.95/src: config.h.defaults.orig
-diff -aur exim-4.95.orig/src/EDITME exim-4.95/src/EDITME
---- exim-4.95.orig/src/EDITME 2021-09-28 10:24:46.000000000 +0200
-+++ exim-4.95/src/EDITME 2021-09-29 08:20:03.678883649 +0200
-@@ -883,6 +883,24 @@
-
-
- #------------------------------------------------------------------------------
-+# On systems which support dynamic loading of shared libraries, Exim can
-+# load a local_scan function specified in its config file instead of having
-+# to be recompiled with the desired local_scan function. For a full
-+# description of the API to this function, see the Exim specification.
-+
-+#DLOPEN_LOCAL_SCAN=yes
-+
-+# If you set DLOPEN_LOCAL_SCAN, then you need to include -rdynamic in the
-+# linker flags. Without it, the loaded .so won't be able to access any
-+# functions from exim.
-+
-+LFLAGS = -rdynamic
-+ifeq ($(OSTYPE),Linux)
-+LFLAGS += -ldl
-+endif
-+
-+
-+#------------------------------------------------------------------------------
- # The default distribution of Exim contains only the plain text form of the
- # documentation. Other forms are available separately. If you want to install
- # the documentation in "info" format, first fetch the Texinfo documentation
-Only in exim-4.95/src: EDITME.orig
-diff -aur exim-4.95.orig/src/globals.c exim-4.95/src/globals.c
---- exim-4.95.orig/src/globals.c 2021-09-28 10:24:46.000000000 +0200
-+++ exim-4.95/src/globals.c 2021-09-29 08:20:03.679883649 +0200
-@@ -42,6 +42,10 @@
-
- uschar *no_aliases = NULL;
-
-+#ifdef DLOPEN_LOCAL_SCAN
-+uschar *local_scan_path = NULL;
-+#endif
-+
-
- /* For comments on these variables, see globals.h. I'm too idle to
- duplicate them here... */
-Only in exim-4.95/src: globals.c.orig
-diff -aur exim-4.95.orig/src/globals.h exim-4.95/src/globals.h
---- exim-4.95.orig/src/globals.h 2021-09-28 10:24:46.000000000 +0200
-+++ exim-4.95/src/globals.h 2021-09-29 08:20:03.680883648 +0200
-@@ -170,6 +170,9 @@
- extern int (*receive_ferror)(void);
- extern BOOL (*receive_smtp_buffered)(void);
-
-+#ifdef DLOPEN_LOCAL_SCAN
-+extern uschar *local_scan_path; /* Path to local_scan() library */
-+#endif
-
- /* For clearing, saving, restoring address expansion variables. We have to have
- the size of this vector set explicitly, because it is referenced from more than
-Only in exim-4.95/src: globals.h.orig
-diff -aur exim-4.95.orig/src/local_scan.c exim-4.95/src/local_scan.c
---- exim-4.95.orig/src/local_scan.c 2021-09-28 10:24:46.000000000 +0200
-+++ exim-4.95/src/local_scan.c 2021-09-29 08:23:33.756785663 +0200
-@@ -54,10 +54,130 @@
- is used in the rejection message.
- */
-
-+#ifdef DLOPEN_LOCAL_SCAN
-+# include <stdlib.h>
-+# include <dlfcn.h>
-+static int (*local_scan_fn)(int fd, uschar **return_text) = NULL;
-+static int load_local_scan_library(void);
-+extern uschar *local_scan_path; /* Path to local_scan() library */
-+#endif
-+
- int
- local_scan(int fd, uschar **return_text)
- {
--return LOCAL_SCAN_ACCEPT;
-+#ifdef DLOPEN_LOCAL_SCAN
-+/* local_scan_path is defined AND not the empty string */
-+if (local_scan_path && *local_scan_path)
-+ {
-+ if (!local_scan_fn)
-+ {
-+ if (!load_local_scan_library())
-+ {
-+ char *base_msg , *error_msg , *final_msg ;
-+ int final_length = -1 ;
-+
-+ base_msg=US"Local configuration error - local_scan() library failure\n";
-+ error_msg = dlerror() ;
-+
-+ final_length = strlen(base_msg) + strlen(error_msg) + 1 ;
-+ final_msg = (char*)malloc( final_length*sizeof(char) ) ;
-+ *final_msg = '\0' ;
-+
-+ strcat( final_msg , base_msg ) ;
-+ strcat( final_msg , error_msg ) ;
-+
-+ *return_text = final_msg ;
-+ return LOCAL_SCAN_TEMPREJECT;
-+ }
-+ }
-+ return local_scan_fn(fd, return_text);
-+ }
-+else
-+#endif
-+ return LOCAL_SCAN_ACCEPT;
-+}
-+
-+#ifdef DLOPEN_LOCAL_SCAN
-+
-+static int load_local_scan_library(void)
-+{
-+/* No point in keeping local_scan_lib since we'll never dlclose() anyway */
-+void *local_scan_lib = NULL;
-+int (*local_scan_version_fn)(void);
-+int vers_maj;
-+int vers_min;
-+
-+local_scan_lib = dlopen(local_scan_path, RTLD_NOW);
-+if (!local_scan_lib)
-+ {
-+ log_write(0, LOG_MAIN|LOG_REJECT, "local_scan() library open failed - "
-+ "message temporarily rejected");
-+ return FALSE;
-+ }
-+
-+local_scan_version_fn = dlsym(local_scan_lib, "local_scan_version_major");
-+if (!local_scan_version_fn)
-+ {
-+ dlclose(local_scan_lib);
-+ log_write(0, LOG_MAIN|LOG_REJECT, "local_scan() library doesn't contain "
-+ "local_scan_version_major() function - message temporarily rejected");
-+ return FALSE;
-+ }
-+
-+/* The major number is increased when the ABI is changed in a non
-+ backward compatible way. */
-+vers_maj = local_scan_version_fn();
-+
-+local_scan_version_fn = dlsym(local_scan_lib, "local_scan_version_minor");
-+if (!local_scan_version_fn)
-+ {
-+ dlclose(local_scan_lib);
-+ log_write(0, LOG_MAIN|LOG_REJECT, "local_scan() library doesn't contain "
-+ "local_scan_version_minor() function - message temporarily rejected");
-+ return FALSE;
-+ }
-+
-+/* The minor number is increased each time a new feature is added (in a
-+ way that doesn't break backward compatibility) -- Marc */
-+vers_min = local_scan_version_fn();
-+
-+
-+if (vers_maj != LOCAL_SCAN_ABI_VERSION_MAJOR)
-+ {
-+ dlclose(local_scan_lib);
-+ local_scan_lib = NULL;
-+ log_write(0, LOG_MAIN|LOG_REJECT, "local_scan() has an incompatible major"
-+ "version number, you need to recompile your module for this version"
-+ "of exim (The module was compiled for version %d.%d and this exim provides"
-+ "ABI version %d.%d)", vers_maj, vers_min, LOCAL_SCAN_ABI_VERSION_MAJOR,
-+ LOCAL_SCAN_ABI_VERSION_MINOR);
-+ return FALSE;
-+ }
-+else if (vers_min > LOCAL_SCAN_ABI_VERSION_MINOR)
-+ {
-+ dlclose(local_scan_lib);
-+ local_scan_lib = NULL;
-+ log_write(0, LOG_MAIN|LOG_REJECT, "local_scan() has an incompatible minor"
-+ "version number, you need to recompile your module for this version"
-+ "of exim (The module was compiled for version %d.%d and this exim provides"
-+ "ABI version %d.%d)", vers_maj, vers_min, LOCAL_SCAN_ABI_VERSION_MAJOR,
-+ LOCAL_SCAN_ABI_VERSION_MINOR);
-+ return FALSE;
-+ }
-+
-+local_scan_fn = dlsym(local_scan_lib, "local_scan");
-+if (!local_scan_fn)
-+ {
-+ dlclose(local_scan_lib);
-+ log_write(0, LOG_MAIN|LOG_REJECT, "local_scan() library doesn't contain "
-+ "local_scan() function - message temporarily rejected");
-+ return FALSE;
-+ }
-+
-+return TRUE;
- }
-
-+#endif /* DLOPEN_LOCAL_SCAN */
-+
-+
- /* End of local_scan.c */
-diff -aur exim-4.95.orig/src/readconf.c exim-4.95/src/readconf.c
---- exim-4.95.orig/src/readconf.c 2021-09-28 10:24:46.000000000 +0200
-+++ exim-4.95/src/readconf.c 2021-09-29 08:20:03.682883647 +0200
-@@ -215,6 +215,9 @@
- { "local_from_prefix", opt_stringptr, {&local_from_prefix} },
- { "local_from_suffix", opt_stringptr, {&local_from_suffix} },
- { "local_interfaces", opt_stringptr, {&local_interfaces} },
-+#ifdef DLOPEN_LOCAL_SCAN
-+ { "local_scan_path", opt_stringptr, {&local_scan_path} },
-+#endif
- #ifdef HAVE_LOCAL_SCAN
- { "local_scan_timeout", opt_time, {&local_scan_timeout} },
- #endif
-Only in exim-4.95/src: readconf.c.orig
diff --git a/mail-mta/exim/files/exim-4.97-CVE-2023-51766.patch b/mail-mta/exim/files/exim-4.97-CVE-2023-51766.patch
deleted file mode 100644
index 7eed4eb1855f..000000000000
--- a/mail-mta/exim/files/exim-4.97-CVE-2023-51766.patch
+++ /dev/null
@@ -1,265 +0,0 @@
-https://nvd.nist.gov/vuln/detail/CVE-2023-51766
-
-
-From cf1376206284f2a4f11e32d931d4aade34c206c5 Mon Sep 17 00:00:00 2001
-From: Jeremy Harris <jgh146exb@wizmail.org>
-Date: Fri, 22 Dec 2023 23:57:05 +0000
-Subject: [PATCH] Reject "dot, LF" as ending data phase. Bug 3063
-
-From 5bb786d5ad568a88d50d15452aacc8404047e5ca Mon Sep 17 00:00:00 2001
-From: Jeremy Harris <jgh146exb@wizmail.org>
-Date: Sat, 23 Dec 2023 17:42:57 +0000
-Subject: [PATCH] Reject "dot, LF" as ending data phase (pt. 2). Bug 3063
-
-reduced to source changes only for Gentoo
-
-
-
-diff --git a/src/src/receive.c b/src/src/receive.c
-index e35400aec..c6f612832 100644
---- a/src/src/receive.c
-+++ b/src/src/receive.c
-@@ -836,93 +842,101 @@
- */
-
- static int
--read_message_data_smtp(FILE *fout)
-+read_message_data_smtp(FILE * fout, BOOL strict_crlf)
- {
--int ch_state = 0;
--int ch;
--int linelength = 0;
-+enum { s_linestart, s_normal, s_had_cr, s_had_nl_dot, s_had_dot_cr } ch_state =
-+ s_linestart;
-+int linelength = 0, ch;
-
- while ((ch = (receive_getc)(GETC_BUFFER_UNLIMITED)) != EOF)
- {
- if (ch == 0) body_zerocount++;
- switch (ch_state)
- {
-- case 0: /* After LF or CRLF */
-- if (ch == '.')
-- {
-- ch_state = 3;
-- continue; /* Don't ever write . after LF */
-- }
-- ch_state = 1;
-+ case s_linestart: /* After LF or CRLF */
-+ if (ch == '.')
-+ {
-+ ch_state = s_had_nl_dot;
-+ continue; /* Don't ever write . after LF */
-+ }
-+ ch_state = s_normal;
-
-- /* Else fall through to handle as normal uschar. */
-+ /* Else fall through to handle as normal uschar. */
-
-- case 1: /* Normal state */
-- if (ch == '\n')
-- {
-- ch_state = 0;
-- body_linecount++;
-+ case s_normal: /* Normal state */
-+ if (ch == '\r')
-+ {
-+ ch_state = s_had_cr;
-+ continue; /* Don't write the CR */
-+ }
-+ if (ch == '\n') /* Bare LF at end of line */
-+ if (strict_crlf)
-+ ch = ' '; /* replace LF with space */
-+ else
-+ { /* treat as line ending */
-+ ch_state = s_linestart;
-+ body_linecount++;
-+ if (linelength > max_received_linelength)
-+ max_received_linelength = linelength;
-+ linelength = -1;
-+ }
-+ break;
-+
-+ case s_had_cr: /* After (unwritten) CR */
-+ body_linecount++; /* Any char ends line */
- if (linelength > max_received_linelength)
-- max_received_linelength = linelength;
-+ max_received_linelength = linelength;
- linelength = -1;
-- }
-- else if (ch == '\r')
-- {
-- ch_state = 2;
-- continue;
-- }
-- break;
-+ if (ch == '\n') /* proper CRLF */
-+ ch_state = s_linestart;
-+ else
-+ {
-+ message_size++; /* convert the dropped CR to a stored NL */
-+ if (fout && fputc('\n', fout) == EOF) return END_WERROR;
-+ cutthrough_data_put_nl();
-+ if (ch == '\r') /* CR; do not write */
-+ continue;
-+ ch_state = s_normal; /* not LF or CR; process as standard */
-+ }
-+ break;
-
-- case 2: /* After (unwritten) CR */
-- body_linecount++;
-- if (linelength > max_received_linelength)
-- max_received_linelength = linelength;
-- linelength = -1;
-- if (ch == '\n')
-- {
-- ch_state = 0;
-- }
-- else
-- {
-- message_size++;
-- if (fout != NULL && fputc('\n', fout) == EOF) return END_WERROR;
-- cutthrough_data_put_nl();
-- if (ch != '\r') ch_state = 1; else continue;
-- }
-- break;
-+ case s_had_nl_dot: /* After [CR] LF . */
-+ if (ch == '\n') /* [CR] LF . LF */
-+ if (strict_crlf)
-+ ch = ' '; /* replace LF with space */
-+ else
-+ return END_DOT;
-+ else if (ch == '\r') /* [CR] LF . CR */
-+ {
-+ ch_state = s_had_dot_cr;
-+ continue; /* Don't write the CR */
-+ }
-+ /* The dot was removed on reaching s_had_nl_dot. For a doubled dot, here,
-+ reinstate it to cutthrough. The current ch, dot or not, is passed both to
-+ cutthrough and to file below. */
-+ else if (ch == '.')
-+ {
-+ uschar c = ch;
-+ cutthrough_data_puts(&c, 1);
-+ }
-+ ch_state = s_normal;
-+ break;
-
-- case 3: /* After [CR] LF . */
-- if (ch == '\n')
-- return END_DOT;
-- if (ch == '\r')
-- {
-- ch_state = 4;
-- continue;
-- }
-- /* The dot was removed at state 3. For a doubled dot, here, reinstate
-- it to cutthrough. The current ch, dot or not, is passed both to cutthrough
-- and to file below. */
-- if (ch == '.')
-- {
-- uschar c= ch;
-- cutthrough_data_puts(&c, 1);
-- }
-- ch_state = 1;
-- break;
-+ case s_had_dot_cr: /* After [CR] LF . CR */
-+ if (ch == '\n')
-+ return END_DOT; /* Preferred termination */
-
-- case 4: /* After [CR] LF . CR */
-- if (ch == '\n') return END_DOT;
-- message_size++;
-- body_linecount++;
-- if (fout != NULL && fputc('\n', fout) == EOF) return END_WERROR;
-- cutthrough_data_put_nl();
-- if (ch == '\r')
-- {
-- ch_state = 2;
-- continue;
-- }
-- ch_state = 1;
-- break;
-+ message_size++; /* convert the dropped CR to a stored NL */
-+ body_linecount++;
-+ if (fout && fputc('\n', fout) == EOF) return END_WERROR;
-+ cutthrough_data_put_nl();
-+ if (ch == '\r')
-+ {
-+ ch_state = s_had_cr;
-+ continue; /* CR; do not write */
-+ }
-+ ch_state = s_normal;
-+ break;
- }
-
- /* Add the character to the spool file, unless skipping; then loop for the
-@@ -1140,7 +1152,7 @@ receive_swallow_smtp(void)
- {
- if (message_ended >= END_NOTENDED)
- message_ended = chunking_state <= CHUNKING_OFFERED
-- ? read_message_data_smtp(NULL)
-+ ? read_message_data_smtp(NULL, FALSE)
- : read_message_bdat_smtp_wire(NULL);
- }
-
-@@ -1960,8 +1960,10 @@ for (;;)
-
- if (ch == '\n')
- {
-- if (first_line_ended_crlf == TRUE_UNSET) first_line_ended_crlf = FALSE;
-- else if (first_line_ended_crlf) receive_ungetc(' ');
-+ if (first_line_ended_crlf == TRUE_UNSET)
-+ first_line_ended_crlf = FALSE;
-+ else if (first_line_ended_crlf)
-+ receive_ungetc(' ');
- goto EOL;
- }
-
-@@ -1977,7 +1980,11 @@ for (;;)
- if (f.dot_ends && ptr == 0 && ch == '.')
- {
- ch = (receive_getc)(GETC_BUFFER_UNLIMITED);
-- if (ch == '\r')
-+ if (ch == '\n' && first_line_ended_crlf == TRUE /* and not TRUE_UNSET */ )
-+ /* dot, LF but we are in CRLF mode. Attack? */
-+ ch = ' '; /* replace the LF with a space */
-+
-+ else if (ch == '\r')
- {
- ch = (receive_getc)(GETC_BUFFER_UNLIMITED);
- if (ch != '\n')
-@@ -2013,7 +2020,8 @@ for (;;)
- ch = (receive_getc)(GETC_BUFFER_UNLIMITED);
- if (ch == '\n')
- {
-- if (first_line_ended_crlf == TRUE_UNSET) first_line_ended_crlf = TRUE;
-+ if (first_line_ended_crlf == TRUE_UNSET)
-+ first_line_ended_crlf = TRUE;
- goto EOL;
- }
-
-@@ -3241,7 +3253,7 @@ if (!ferror(spool_data_file) && !(receive_feof)() && message_ended != END_DOT)
- if (smtp_input)
- {
- message_ended = chunking_state <= CHUNKING_OFFERED
-- ? read_message_data_smtp(spool_data_file)
-+ ? read_message_data_smtp(spool_data_file, first_line_ended_crlf)
- : spool_wireformat
- ? read_message_bdat_smtp_wire(spool_data_file)
- : read_message_bdat_smtp(spool_data_file);
-diff --git a/src/src/smtp_in.c b/src/src/smtp_in.c
-index e19c86ff8..aeaffeb37 100644
---- a/src/src/smtp_in.c
-+++ b/src/src/smtp_in.c
-@@ -5112,7 +5112,10 @@ while (done <= 0)
- to get the DATA command sent. */
-
- if (!acl_smtp_predata && cutthrough.cctx.sock < 0)
-+ {
-+ if (!check_sync()) goto SYNC_FAILURE;
- rc = OK;
-+ }
- else
- {
- uschar * acl = acl_smtp_predata ? acl_smtp_predata : US"accept";