Update to 8.16.1 with DANE support

author: Amish 2020-07-06 15:11:18 +0530
committer: Amish 2020-07-06 15:11:18 +0530
commit: 2cb076853120d56219d2f8fefe60f31f589baa52 (patch)
tree: 90b5c1a2020084245b01393da31bd3d0c50bbbec
parent: 11186a5bf92831c19e73c2d80ca8c25a57d69d57 (diff)
download: aur-2cb076853120d56219d2f8fefe60f31f589baa52.tar.gz
9 files changed, 18 insertions, 682 deletions
diff --git a/.SRCINFO b/.SRCINFO
index 07e255e30537..ad6c4ff3eb45 100644
--- a/.SRCINFO
+++ b/.SRCINFO
@@ -1,13 +1,13 @@
 pkgbase = sendmail
 	pkgdesc = A general purpose internetwork email routing MTA
-	pkgver = 8.15.2
-	pkgrel = 9
+	pkgver = 8.16.1
+	pkgrel = 1
 	url = http://www.sendmail.org
 	arch = x86_64
 	license = custom:sendmail
 	depends = db
 	depends = cyrus-sasl
-	provides = sendmail=8.15
+	provides = sendmail=8.16
 	provides = smtp-server
 	provides = smtp-forwarder
 	conflicts = msmtp-mta
@@ -18,28 +18,18 @@ pkgbase = sendmail
 	backup = etc/mail/aliases
 	backup = etc/mail/sendmail.cf
 	backup = etc/sasl2/Sendmail.conf
-	source = https://ftp.sendmail.org/sendmail.8.15.2.tar.gz
+	source = https://ftp.sendmail.org/sendmail.8.16.1.tar.gz
 	source = site.config.m4
 	source = sendmail-8.14.8-sasl2-in-etc.patch
-	source = sendmail-8.15.2-smtp-session-reuse-fix.patch
-	source = sendmail-8.15.2-openssl-1.1.0-fix.patch
-	source = sendmail-8.15.2-openssl-1.1.0-ecdhe-fix.patch
-	source = sendmail-8.15.2-gethostbyname2.patch
-	source = sendmail-8.15.2-fix-covscan-issues.patch
 	source = sendmail.conf
 	source = sasl2.conf
 	source = sendmail.sysusers
 	source = sendmail.tmpfiles
 	source = sendmail.service
 	source = sm-client.service
-	sha256sums = 24f94b5fd76705f15897a78932a5f2439a32b1a2fdc35769bb1a5f5d9b4db439
-	sha256sums = 01dc50a378f134e9e3a91f98a5a002a8fa6a0c69b32ceddf6fc29b40e0fb8be9
-	sha256sums = 03169f8983d200adf2422677bd4adce3b5887f33724778f16d7f58506eac0e05
-	sha256sums = bc5a0de6c5434d8d46467f93d07b2bb5c7acd62f9dbce2490e0005d21b673250
-	sha256sums = 9991dd85428778cec0c2030bf49e6ddf6d3db6026c651f858d72891973537b0e
-	sha256sums = 746d8ae8dea54cb2599c02181c2ea28ab15b26ba5e1e3b0f9cfe907a0e7a1d22
-	sha256sums = 656c76d42281afbb43fa628e03c4d725e94e6f34a16802427d3314e504086033
-	sha256sums = 11e9dfe0881f9b9077cd538faf8eeb84fdbfe8d0b190582e753936f6548558dd
+	sha256sums = 7886d5dc4b436b86175f32b5b9c7305c80787749847e2909bf99123ecc4e64ba
+	sha256sums = 3e744a9ac002c9a3a347785788038f34d8fc09fb10a104f2d7d126b72cdde948
+	sha256sums = aac157c4751087638c255e5c2ac3b119f9a0a45e836c864acfffcfa147b444cb
 	sha256sums = 39730f2be66bb1f1e6bc7fff61911db632ecf4b891d348df525abe2020274580
 	sha256sums = 9b4d2d141191f6c9a18538f7acf65243cceb26359f88b64c92c1c4e8407398f0
 	sha256sums = 95531a87d42e30742ca71f7d7197403eb9d703a407a50c9fda1f909ed21e1010
diff --git a/PKGBUILD b/PKGBUILD
index 28fbdf8d3fd8..528e0dba7745 100644
--- a/PKGBUILD
+++ b/PKGBUILD
@@ -6,13 +6,13 @@
 # Contributor: doze_worm <shuimao@gmail.com> the original port.
 
 pkgname=sendmail
-pkgver=8.15.2
-pkgrel=9
+pkgver=8.16.1
+pkgrel=1
 pkgdesc="A general purpose internetwork email routing MTA"
 url="http://www.sendmail.org"
 arch=('x86_64')
 license=('custom:sendmail')
-provides=('sendmail=8.15' 'smtp-server' 'smtp-forwarder')
+provides=('sendmail=8.16' 'smtp-server' 'smtp-forwarder')
 conflicts=('msmtp-mta' 'postfix' 'exim' 'opensmtpd')
 backup=('etc/conf.d/sendmail'
         'etc/mail/aliases'
@@ -21,11 +21,6 @@ backup=('etc/conf.d/sendmail'
 source=("https://ftp.sendmail.org/${pkgname}.${pkgver}.tar.gz"
         'site.config.m4'
         'sendmail-8.14.8-sasl2-in-etc.patch'
-        'sendmail-8.15.2-smtp-session-reuse-fix.patch'
-        'sendmail-8.15.2-openssl-1.1.0-fix.patch'
-        'sendmail-8.15.2-openssl-1.1.0-ecdhe-fix.patch'
-        'sendmail-8.15.2-gethostbyname2.patch'
-        'sendmail-8.15.2-fix-covscan-issues.patch'
         'sendmail.conf'
         'sasl2.conf'
         'sendmail.sysusers'
@@ -33,14 +28,9 @@ source=("https://ftp.sendmail.org/${pkgname}.${pkgver}.tar.gz"
         'sendmail.service'
         'sm-client.service')
 depends=('db' 'cyrus-sasl')
-sha256sums=('24f94b5fd76705f15897a78932a5f2439a32b1a2fdc35769bb1a5f5d9b4db439'
-            '01dc50a378f134e9e3a91f98a5a002a8fa6a0c69b32ceddf6fc29b40e0fb8be9'
-            '03169f8983d200adf2422677bd4adce3b5887f33724778f16d7f58506eac0e05'
-            'bc5a0de6c5434d8d46467f93d07b2bb5c7acd62f9dbce2490e0005d21b673250'
-            '9991dd85428778cec0c2030bf49e6ddf6d3db6026c651f858d72891973537b0e'
-            '746d8ae8dea54cb2599c02181c2ea28ab15b26ba5e1e3b0f9cfe907a0e7a1d22'
-            '656c76d42281afbb43fa628e03c4d725e94e6f34a16802427d3314e504086033'
-            '11e9dfe0881f9b9077cd538faf8eeb84fdbfe8d0b190582e753936f6548558dd'
+sha256sums=('7886d5dc4b436b86175f32b5b9c7305c80787749847e2909bf99123ecc4e64ba'
+            '3e744a9ac002c9a3a347785788038f34d8fc09fb10a104f2d7d126b72cdde948'
+            'aac157c4751087638c255e5c2ac3b119f9a0a45e836c864acfffcfa147b444cb'
             '39730f2be66bb1f1e6bc7fff61911db632ecf4b891d348df525abe2020274580'
             '9b4d2d141191f6c9a18538f7acf65243cceb26359f88b64c92c1c4e8407398f0'
             '95531a87d42e30742ca71f7d7197403eb9d703a407a50c9fda1f909ed21e1010'
@@ -52,11 +42,6 @@ prepare() {
     # patches picked from Fedora
     cd "${srcdir}/${pkgname}-${pkgver}"
     patch -p1 < "${srcdir}"/sendmail-8.14.8-sasl2-in-etc.patch
-    patch -p1 < "${srcdir}"/sendmail-8.15.2-smtp-session-reuse-fix.patch
-    patch -p1 < "${srcdir}"/sendmail-8.15.2-openssl-1.1.0-fix.patch
-    patch -p1 < "${srcdir}"/sendmail-8.15.2-openssl-1.1.0-ecdhe-fix.patch
-    patch -p1 < "${srcdir}"/sendmail-8.15.2-gethostbyname2.patch
-    patch -p1 < "${srcdir}"/sendmail-8.15.2-fix-covscan-issues.patch
     sed -i -e 's/CFGRP=bin/CFGRP=root/g' cf/cf/Makefile
     install -m644 -t devtools/Site "${srcdir}"/site.config.m4
 }
diff --git a/sendmail-8.14.8-sasl2-in-etc.patch b/sendmail-8.14.8-sasl2-in-etc.patch
index fe8f353f3725..64657bf76b7d 100644
--- a/sendmail-8.14.8-sasl2-in-etc.patch
+++ b/sendmail-8.14.8-sasl2-in-etc.patch
@@ -2,17 +2,17 @@ diff --git a/sendmail/usersmtp.c b/sendmail/usersmtp.c
 index c217ffa..e4dadd3 100644
 --- a/sendmail/usersmtp.c
 +++ b/sendmail/usersmtp.c
-@@ -1331,9 +1331,7 @@ safesaslfile(context, file)
+@@ -1346,9 +1346,7 @@ safesaslfile(context, file)
  {
  	long sff;
  	int r;
 -#if SASL <= 10515
  	size_t len;
--#endif /* SASL <= 10515 */
+-#endif
  	char *p;
  
  	if (file == NULL || *file == '\0')
-@@ -1369,9 +1367,16 @@ safesaslfile(context, file)
+@@ -1386,9 +1384,16 @@ safesaslfile(context, file)
  #endif /* SASL <= 10515 */
  
  	p = (char *) file;
diff --git a/sendmail-8.15.2-fix-covscan-issues.patch b/sendmail-8.15.2-fix-covscan-issues.patch
deleted file mode 100644
index 9cb1f3487574..000000000000
--- a/sendmail-8.15.2-fix-covscan-issues.patch
+++ /dev/null
@@ -1,149 +0,0 @@
-diff --git a/include/sm/varargs.h b/include/sm/varargs.h
-index 612858d..2609630 100644
---- a/include/sm/varargs.h
-+++ b/include/sm/varargs.h
-@@ -32,6 +32,11 @@
- #  define SM_VA_COPY(dst, src)	__va_copy((dst), (src))
- # else
- #  define SM_VA_COPY(dst, src)	memcpy(&(dst), &(src), sizeof((dst)))
-+#  define SM_VA_END_COPY(ap)	do { } while (0)
-+# endif
-+
-+# ifndef SM_VA_END_COPY
-+#  define SM_VA_END_COPY(ap)	va_end(ap)
- # endif
- 
- /*
-diff --git a/libsm/vfprintf.c b/libsm/vfprintf.c
-index 87c353c..c99d4e5 100644
---- a/libsm/vfprintf.c
-+++ b/libsm/vfprintf.c
-@@ -782,6 +782,7 @@ number:			if ((dprec = prec) >= 0)
- done:
- 	FLUSH();
- error:
-+	SM_VA_END_COPY(orgap);
- 	if ((argtable != NULL) && (argtable != statargtable))
- 		sm_free(argtable);
- 	return sm_error(fp) ? SM_IO_EOF : ret;
-diff --git a/sendmail/milter.c b/sendmail/milter.c
-index 9b3667d..190bf9f 100644
---- a/sendmail/milter.c
-+++ b/sendmail/milter.c
-@@ -2441,8 +2441,7 @@ milter_negotiate(m, e, milters)
- 			sm_syslog(LOG_ERR, e->e_id,
- 				  "Milter (%s): negotiate: returned %c instead of %c",
- 				  m->mf_name, rcmd, SMFIC_OPTNEG);
--		if (response != NULL)
--			sm_free(response); /* XXX */
-+		SM_FREE(response);
- 		milter_error(m, e);
- 		return -1;
- 	}
-@@ -2457,8 +2456,7 @@ milter_negotiate(m, e, milters)
- 			sm_syslog(LOG_ERR, e->e_id,
- 				  "Milter (%s): negotiate: did not return valid info",
- 				  m->mf_name);
--		if (response != NULL)
--			sm_free(response); /* XXX */
-+		SM_FREE(response);
- 		milter_error(m, e);
- 		return -1;
- 	}
-@@ -2476,8 +2474,7 @@ milter_negotiate(m, e, milters)
- 			sm_syslog(LOG_ERR, e->e_id,
- 				  "Milter (%s): negotiate: did not return enough info",
- 				  m->mf_name);
--		if (response != NULL)
--			sm_free(response); /* XXX */
-+		SM_FREE(response);
- 		milter_error(m, e);
- 		return -1;
- 	}
-@@ -2593,11 +2590,11 @@ milter_negotiate(m, e, milters)
- 	if (tTd(64, 5))
- 		sm_dprintf("milter_negotiate(%s): received: version %u, fflags 0x%x, pflags 0x%x\n",
- 			m->mf_name, m->mf_fvers, m->mf_fflags, m->mf_pflags);
-+	SM_FREE(response);
- 	return 0;
- 
-   error:
--	if (response != NULL)
--		sm_free(response); /* XXX */
-+	SM_FREE(response);
- 	return -1;
- }
- 
-@@ -3233,6 +3230,7 @@ milter_changeheader(m, response, rlen, e)
- 			addheader(newstr(field), mh_value, H_USER, e,
- 				!bitset(SMFIP_HDR_LEADSPC, m->mf_pflags));
- 		}
-+		SM_FREE(mh_value);
- 		return;
- 	}
- 
-@@ -3441,6 +3439,8 @@ milter_chgfrom(response, rlen, e)
- 	{
- 		if (tTd(64, 10))
- 			sm_dprintf("didn't follow protocol argc=%d\n", argc);
-+		if (argv != NULL)
-+			free(argv);
- 		return;
- 	}
- 
-@@ -3459,6 +3459,7 @@ milter_chgfrom(response, rlen, e)
- 				mail_esmtp_args);
- 	}
- 	Errors = olderrors;
-+	free(argv);
- 	return;
- }
- 
-@@ -3506,6 +3507,8 @@ milter_addrcpt_par(response, rlen, e)
- 	{
- 		if (tTd(64, 10))
- 			sm_dprintf("didn't follow protocol argc=%d\n", argc);
-+		if (argv != NULL)
-+			free(argv);
- 		return;
- 	}
- 	olderrors = Errors;
-@@ -3530,6 +3533,7 @@ milter_addrcpt_par(response, rlen, e)
- 	}
- 
- 	Errors = olderrors;
-+	free(argv);
- 	return;
- }
- 
-diff --git a/sendmail/queue.c b/sendmail/queue.c
-index a323301..d61f626 100644
---- a/sendmail/queue.c
-+++ b/sendmail/queue.c
-@@ -8433,6 +8433,7 @@ split_by_recipient(e)
- 		if (split_within_queue(ee) == SM_SPLIT_FAIL)
- 		{
- 			e->e_sibling = firstsibling;
-+			SM_FREE(lsplits);
- 			return false;
- 		}
- 		ee->e_flags |= EF_SPLIT;
-@@ -8447,8 +8448,7 @@ split_by_recipient(e)
- 				if (p == NULL)
- 				{
- 					/* let's try to get this done */
--					sm_free(lsplits);
--					lsplits = NULL;
-+					SM_FREE(lsplits);
- 				}
- 				else
- 					lsplits = p;
-@@ -8470,7 +8470,7 @@ split_by_recipient(e)
- 	{
- 		sm_syslog(LOG_NOTICE, e->e_id, "split: count=%d, id%s=%s",
- 			  n - 1, n > 2 ? "s" : "", lsplits);
--		sm_free(lsplits);
-+		SM_FREE(lsplits);
- 	}
- 	split = split_within_queue(e) != SM_SPLIT_FAIL;
- 	if (split)
diff --git a/sendmail-8.15.2-gethostbyname2.patch b/sendmail-8.15.2-gethostbyname2.patch
deleted file mode 100644
index 03ff909d320a..000000000000
--- a/sendmail-8.15.2-gethostbyname2.patch
+++ /dev/null
@@ -1,39 +0,0 @@
-diff --git a/libmilter/sm_gethost.c b/libmilter/sm_gethost.c
-index a025c8f..cd0ef31 100644
---- a/libmilter/sm_gethost.c
-+++ b/libmilter/sm_gethost.c
-@@ -49,8 +49,16 @@ sm_getipnodebyname(name, family, flags, err)
- 	int flags;
- 	int *err;
- {
--	bool resv6 = true;
- 	struct hostent *h;
-+# if HAS_GETHOSTBYNAME2
-+
-+	h = gethostbyname2(name, family);
-+	if (h == NULL)
-+		*err = h_errno;
-+	return h;
-+
-+# else /* HAS_GETHOSTBYNAME2 */
-+	bool resv6 = true;
- 
- 	if (family == AF_INET6)
- 	{
-@@ -60,7 +68,7 @@ sm_getipnodebyname(name, family, flags, err)
- 	}
- 	SM_SET_H_ERRNO(0);
- 	h = gethostbyname(name);
--	if (family == AF_INET6 && !resv6)
-+	if (!resv6)
- 		_res.options &= ~RES_USE_INET6;
- 
- 	/* the function is supposed to return only the requested family */
-@@ -75,6 +83,7 @@ sm_getipnodebyname(name, family, flags, err)
- 	else
- 		*err = h_errno;
- 	return h;
-+# endif /* HAS_GETHOSTBYNAME2 */
- }
- 
- void
diff --git a/sendmail-8.15.2-openssl-1.1.0-ecdhe-fix.patch b/sendmail-8.15.2-openssl-1.1.0-ecdhe-fix.patch
deleted file mode 100644
index b470358a7f4b..000000000000
--- a/sendmail-8.15.2-openssl-1.1.0-ecdhe-fix.patch
+++ /dev/null
@@ -1,20 +0,0 @@
-diff --git a/sendmail/tls.c b/sendmail/tls.c
-index 16cb93f..9338380 100644
---- a/sendmail/tls.c
-+++ b/sendmail/tls.c
-@@ -1329,13 +1329,8 @@ inittls(ctx, req, options, srv, certfile, keyfile, cacertpath, cacertfile, dhpar
- 		}
- 
- #if _FFR_TLS_EC
--		ecdh = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1);
--		if (ecdh != NULL)
--		{
--			SSL_CTX_set_options(*ctx, SSL_OP_SINGLE_ECDH_USE);
--			SSL_CTX_set_tmp_ecdh(*ctx, ecdh);
--			EC_KEY_free(ecdh);
--		}
-+		SSL_CTX_set_options(*ctx, SSL_OP_SINGLE_ECDH_USE);
-+		SSL_CTX_set_ecdh_auto(*ctx, 1);
- #endif /* _FFR_TLS_EC */
- 
- 	}
diff --git a/sendmail-8.15.2-openssl-1.1.0-fix.patch b/sendmail-8.15.2-openssl-1.1.0-fix.patch
deleted file mode 100644
index 54a67548941d..000000000000
--- a/sendmail-8.15.2-openssl-1.1.0-fix.patch
+++ /dev/null
@@ -1,182 +0,0 @@
---- sendmail-8.15.2.orig/sendmail/tls.c	2016-12-01 15:20:59.953546417 +0100
-+++ sendmail-8.15.2.orig/sendmail/tls.c	2016-12-01 17:26:43.868521378 +0100
-@@ -63,14 +63,28 @@ static unsigned char dh512_g[] =
- static DH *
- get_dh512()
- {
--	DH *dh = NULL;
-+	DH *dh;
-+	BIGNUM *p, *g;
- 
- 	if ((dh = DH_new()) == NULL)
- 		return NULL;
--	dh->p = BN_bin2bn(dh512_p, sizeof(dh512_p), NULL);
--	dh->g = BN_bin2bn(dh512_g, sizeof(dh512_g), NULL);
--	if ((dh->p == NULL) || (dh->g == NULL))
-+	p = BN_bin2bn(dh512_p, sizeof(dh512_p), NULL);
-+	g = BN_bin2bn(dh512_g, sizeof(dh512_g), NULL);
-+	if (p == NULL || g == NULL)
-+	{
-+		BN_free(p);
-+		BN_free(g);
-+		DH_free(dh);
- 		return NULL;
-+	}
-+
-+#if OPENSSL_VERSION_NUMBER >= 0x10100005L
-+	DH_set0_pqg(dh, p, NULL, g);
-+#else
-+	dh->p = p;
-+	dh->g = g;
-+#endif
-+
- 	return dh;
- }
- 
-@@ -117,16 +131,27 @@ get_dh2048()
- 		};
- 	static unsigned char dh2048_g[]={ 0x02, };
- 	DH *dh;
-+	BIGNUM *p, *g;
- 
- 	if ((dh=DH_new()) == NULL)
- 		return(NULL);
--	dh->p=BN_bin2bn(dh2048_p,sizeof(dh2048_p),NULL);
--	dh->g=BN_bin2bn(dh2048_g,sizeof(dh2048_g),NULL);
--	if ((dh->p == NULL) || (dh->g == NULL))
-+	p = BN_bin2bn(dh2048_p, sizeof(dh2048_p), NULL);
-+	g = BN_bin2bn(dh2048_g, sizeof(dh2048_g), NULL);
-+	if (p == NULL || g == NULL)
- 	{
-+		BN_free(p);
-+		BN_free(g);
- 		DH_free(dh);
--		return(NULL);
-+		return NULL;
- 	}
-+
-+#if OPENSSL_VERSION_NUMBER >= 0x10100005L
-+	DH_set0_pqg(dh, p, NULL, g);
-+#else
-+	dh->p = p;
-+	dh->g = g;
-+#endif
-+
- 	return(dh);
- }
- # endif /* !NO_DH */
-@@ -715,6 +740,54 @@ static char server_session_id_context[]
- # define SM_SSL_OP_TLS_BLOCK_PADDING_BUG	0
- #endif
- 
-+static RSA *
-+generate_rsa_key(bits, e)
-+	int bits;
-+	unsigned long e;
-+{
-+#if OPENSSL_VERSION_NUMBER < 0x00908000L
-+	return RSA_generate_key(bits, e, NULL, NULL);
-+#else
-+	BIGNUM *bne;
-+	RSA *rsa = NULL;
-+
-+	bne = BN_new();
-+	if (bne && BN_set_word(bne, e) != 1)
-+		rsa = RSA_new();
-+	if (rsa && RSA_generate_key_ex(rsa, bits, bne, NULL) != 1)
-+	{
-+		RSA_free(rsa);
-+		rsa = NULL;
-+	}
-+	BN_free(bne);
-+	return rsa;
-+#endif
-+}
-+
-+static DSA *
-+generate_dsa_parameters(bits, seed, seed_len, counter_ret, h_ret)
-+	int bits;
-+	unsigned char *seed;
-+	int seed_len;
-+	int *counter_ret;
-+	unsigned long *h_ret;
-+{
-+#if OPENSSL_VERSION_NUMBER < 0x00908000L
-+	return DSA_generate_parameters(bits, seed, seed_len, counter_ret,
-+			               h_ret, NULL, NULL);
-+#else
-+	DSA *dsa = DSA_new();
-+
-+	if (dsa && DSA_generate_parameters_ex(dsa, bits, seed, seed_len,
-+				              counter_ret, h_ret, NULL) != 1)
-+	{
-+		DSA_free(dsa);
-+		dsa = NULL;
-+	}
-+	return dsa;
-+#endif
-+}
-+
- bool
- inittls(ctx, req, options, srv, certfile, keyfile, cacertpath, cacertfile, dhparam)
- 	SSL_CTX **ctx;
-@@ -926,7 +999,7 @@ inittls(ctx, req, options, srv, certfile
- 	{
- 		/* get a pointer to the current certificate validation store */
- 		store = SSL_CTX_get_cert_store(*ctx);	/* does not fail */
--		crl_file = BIO_new(BIO_s_file_internal());
-+		crl_file = BIO_new(BIO_s_file());
- 		if (crl_file != NULL)
- 		{
- 			if (BIO_read_filename(crl_file, CRLFile) >= 0)
-@@ -1003,8 +1076,7 @@ inittls(ctx, req, options, srv, certfile
- 	if (bitset(TLS_I_RSA_TMP, req)
- #  if SM_CONF_SHM
- 	    && ShmId != SM_SHM_NO_ID &&
--	    (rsa_tmp = RSA_generate_key(RSA_KEYLENGTH, RSA_F4, NULL,
--					NULL)) == NULL
-+	    (rsa_tmp = generate_rsa_key(RSA_KEYLENGTH, RSA_F4)) == NULL
- #  else /* SM_CONF_SHM */
- 	    && 0	/* no shared memory: no need to generate key now */
- #  endif /* SM_CONF_SHM */
-@@ -1210,8 +1282,8 @@ inittls(ctx, req, options, srv, certfile
- 				sm_dprintf("inittls: Generating %d bit DH parameters\n", bits);
- 
- 			/* this takes a while! */
--			dsa = DSA_generate_parameters(bits, NULL, 0, NULL,
--						      NULL, 0, NULL);
-+			dsa = generate_dsa_parameters(bits, NULL, 0, NULL,
-+						      NULL);
- 			dh = DSA_dup_DH(dsa);
- 			DSA_free(dsa);
- 		}
-@@ -1747,7 +1819,7 @@ tmp_rsa_key(s, export, keylength)
- 
- 	if (rsa_tmp != NULL)
- 		RSA_free(rsa_tmp);
--	rsa_tmp = RSA_generate_key(RSA_KEYLENGTH, RSA_F4, NULL, NULL);
-+	rsa_tmp = generate_rsa_key(RSA_KEYLENGTH, RSA_F4);
- 	if (rsa_tmp == NULL)
- 	{
- 		if (LogLevel > 0)
-@@ -1974,11 +2046,20 @@ x509_verify_cb(ok, ctx)
- 	{
- 		if (LogLevel > 13)
- 			tls_verify_log(ok, ctx, "x509");
-+#if OPENSSL_VERSION_NUMBER >= 0x10100005L
-+		if (X509_STORE_CTX_get_error(ctx) ==
-+		    X509_V_ERR_UNABLE_TO_GET_CRL)
-+		{
-+			X509_STORE_CTX_set_error(ctx, 0);
-+			return 1;	/* override it */
-+		}
-+#else
- 		if (ctx->error == X509_V_ERR_UNABLE_TO_GET_CRL)
- 		{
- 			ctx->error = 0;
- 			return 1;	/* override it */
- 		}
-+#endif
- 	}
- 	return ok;
- }
diff --git a/sendmail-8.15.2-smtp-session-reuse-fix.patch b/sendmail-8.15.2-smtp-session-reuse-fix.patch
deleted file mode 100644
index bc148419532b..000000000000
--- a/sendmail-8.15.2-smtp-session-reuse-fix.patch
+++ /dev/null
@@ -1,249 +0,0 @@
-diff -ru a/sendmail/deliver.c b/sendmail/deliver.c
---- a/sendmail/deliver.c	2016-02-29 06:01:55.000000000 -0800
-+++ b/sendmail/deliver.c	2016-02-29 06:02:06.000000000 -0800
-@@ -6274,8 +6274,7 @@
- 				tlslogerr(LOG_WARNING, "client");
- 		}
- 
--		SSL_free(clt_ssl);
--		clt_ssl = NULL;
-+		SM_SSL_FREE(clt_ssl);
- 		return EX_SOFTWARE;
- 	}
- 	mci->mci_ssl = clt_ssl;
-@@ -6287,8 +6286,7 @@
- 		return EX_OK;
- 
- 	/* failure */
--	SSL_free(clt_ssl);
--	clt_ssl = NULL;
-+	SM_SSL_FREE(clt_ssl);
- 	return EX_SOFTWARE;
- }
- /*
-@@ -6309,7 +6307,7 @@
- 
- 	if (!bitset(MCIF_TLSACT, mci->mci_flags))
- 		return EX_OK;
--	r = endtls(mci->mci_ssl, "client");
-+	r = endtls(&mci->mci_ssl, "client");
- 	mci->mci_flags &= ~MCIF_TLSACT;
- 	return r;
- }
-diff -ru a/sendmail/macro.c b/sendmail/macro.c
---- a/sendmail/macro.c	2016-02-29 06:01:55.000000000 -0800
-+++ b/sendmail/macro.c	2016-02-29 06:02:06.000000000 -0800
-@@ -362,6 +362,33 @@
- }
- 
- /*
-+**  MACTABCLEAR -- clear entire macro table
-+**
-+**	Parameters:
-+**		mac -- Macro table.
-+**
-+**	Returns:
-+**		none.
-+**
-+**	Side Effects:
-+**		clears entire mac structure including rpool pointer!
-+*/
-+
-+void
-+mactabclear(mac)
-+	MACROS_T *mac;
-+{
-+	int i;
-+
-+	if (mac->mac_rpool == NULL)
-+	{
-+		for (i = 0; i < MAXMACROID; i++)
-+	    		SM_FREE_CLR(mac->mac_table[i]);
-+	}
-+	memset((char *) mac, '\0', sizeof(*mac));
-+}
-+
-+/*
- **  MACDEFINE -- bind a macro name to a value
- **
- **	Set a macro to a value, with fancy storage management.
-diff -ru a/sendmail/mci.c b/sendmail/mci.c
---- a/sendmail/mci.c	2016-02-29 06:01:55.000000000 -0800
-+++ b/sendmail/mci.c	2016-02-29 06:02:06.000000000 -0800
-@@ -25,6 +25,7 @@
- 						  int, bool));
- static bool	mci_load_persistent __P((MCI *));
- static void	mci_uncache __P((MCI **, bool));
-+static void	mci_clear __P((MCI *));
- static int	mci_lock_host_statfile __P((MCI *));
- static int	mci_read_persistent __P((SM_FILE_T *, MCI *));
- 
-@@ -253,6 +254,7 @@
- 	SM_FREE_CLR(mci->mci_status);
- 	SM_FREE_CLR(mci->mci_rstatus);
- 	SM_FREE_CLR(mci->mci_heloname);
-+ 	mci_clear(mci);
- 	if (mci->mci_rpool != NULL)
- 	{
- 		sm_rpool_free(mci->mci_rpool);
-@@ -315,6 +317,41 @@
- }
- 
- /*
-+**  MCI_CLEAR -- clear mci
-+**
-+**	Parameters:
-+**		mci -- the connection to clear.
-+**
-+**	Returns:
-+**		none.
-+*/
-+
-+static void
-+mci_clear(mci)
-+	MCI *mci;
-+{
-+	if (mci == NULL)
-+		return;
-+
-+	mci->mci_maxsize = 0;
-+	mci->mci_min_by = 0;
-+	mci->mci_deliveries = 0;
-+#if SASL
-+	if (bitset(MCIF_AUTHACT, mci->mci_flags))
-+		sasl_dispose(&mci->mci_conn);
-+#endif
-+#if STARTTLS
-+	if (bitset(MCIF_TLSACT, mci->mci_flags) && mci->mci_ssl != NULL)
-+		SM_SSL_FREE(mci->mci_ssl);
-+#endif
-+
-+	/* which flags to preserve? */
-+	mci->mci_flags &= MCIF_CACHED;
-+	mactabclear(&mci->mci_macro);
-+}
-+
-+
-+/*
- **  MCI_GET -- get information about a particular host
- **
- **	Parameters:
-@@ -419,6 +456,7 @@
- 			mci->mci_errno = 0;
- 			mci->mci_exitstat = EX_OK;
- 		}
-+	 	mci_clear(mci);
- 	}
- 
- 	return mci;
-diff -ru a/sendmail/sendmail.h b/sendmail/sendmail.h
---- a/sendmail/sendmail.h	2016-02-29 06:01:55.000000000 -0800
-+++ b/sendmail/sendmail.h	2016-02-29 06:02:06.000000000 -0800
-@@ -1186,6 +1186,7 @@
- #define macid(name)  macid_parse(name, NULL)
- extern char	*macname __P((int));
- extern char	*macvalue __P((int, ENVELOPE *));
-+extern void	mactabclear __P((MACROS_T *));
- extern int	rscheck __P((char *, char *, char *, ENVELOPE *, int, int, char *, char *, ADDRESS *, char **));
- extern int	rscap __P((char *, char *, char *, ENVELOPE *, char ***, char *, int));
- extern void	setclass __P((int, char *));
-@@ -2002,7 +2003,15 @@
- extern void	setclttls __P((bool));
- extern bool	initsrvtls __P((bool));
- extern int	tls_get_info __P((SSL *, bool, char *, MACROS_T *, bool));
--extern int	endtls __P((SSL *, char *));
-+#define SM_SSL_FREE(ssl)			\
-+	do {					\
-+		if (ssl != NULL)		\
-+		{				\
-+			SSL_free(ssl);		\
-+			ssl = NULL;		\
-+		}				\
-+	} while (0)
-+extern int	endtls __P((SSL **, char *));
- extern void	tlslogerr __P((int, const char *));
- 
- 
-diff -ru a/sendmail/srvrsmtp.c b/sendmail/srvrsmtp.c
---- a/sendmail/srvrsmtp.c	2016-02-29 06:01:55.000000000 -0800
-+++ b/sendmail/srvrsmtp.c	2016-02-29 06:02:06.000000000 -0800
-@@ -2122,8 +2122,7 @@
- 			if (get_tls_se_options(e, srv_ssl, true) != 0)
- 			{
- 				message("454 4.3.3 TLS not available: error setting options");
--				SSL_free(srv_ssl);
--				srv_ssl = NULL;
-+				SM_SSL_FREE(srv_ssl);
- 				goto tls_done;
- 			}
- 
-@@ -2145,8 +2144,7 @@
- 			    SSL_set_wfd(srv_ssl, wfd) <= 0)
- 			{
- 				message("454 4.3.3 TLS not available: error set fd");
--				SSL_free(srv_ssl);
--				srv_ssl = NULL;
-+				SM_SSL_FREE(srv_ssl);
- 				goto tls_done;
- 			}
- 			if (!smtps)
-@@ -2188,8 +2186,7 @@
- 						tlslogerr(LOG_WARNING, "server");
- 				}
- 				tls_ok_srv = false;
--				SSL_free(srv_ssl);
--				srv_ssl = NULL;
-+				SM_SSL_FREE(srv_ssl);
- 
- 				/*
- 				**  according to the next draft of
-@@ -3416,7 +3413,7 @@
- 			/* shutdown TLS connection */
- 			if (tls_active)
- 			{
--				(void) endtls(srv_ssl, "server");
-+				(void) endtls(&srv_ssl, "server");
- 				tls_active = false;
- 			}
- #endif /* STARTTLS */
-diff -ru a/sendmail/tls.c b/sendmail/tls.c
---- a/sendmail/tls.c	2016-02-29 06:01:55.000000000 -0800
-+++ b/sendmail/tls.c	2016-02-29 06:02:06.000000000 -0800
-@@ -1624,7 +1624,7 @@
- **  ENDTLS -- shutdown secure connection
- **
- **	Parameters:
--**		ssl -- SSL connection information.
-+**		pssl -- pointer to TLS session context
- **		side -- server/client (for logging).
- **
- **	Returns:
-@@ -1632,12 +1632,16 @@
- */
- 
- int
--endtls(ssl, side)
--	SSL *ssl;
-+endtls(pssl, side)
-+	SSL **pssl;
- 	char *side;
- {
- 	int ret = EX_OK;
-+	SSL *ssl;
- 
-+	SM_REQUIRE(pssl != NULL);
-+ 	ret = EX_OK;
-+	ssl = *pssl;
- 	if (ssl != NULL)
- 	{
- 		int r;
-@@ -1703,8 +1707,7 @@
- 			ret = EX_SOFTWARE;
- 		}
- # endif /* !defined(OPENSSL_VERSION_NUMBER) || OPENSSL_VERSION_NUMBER > 0x0090602fL */
--		SSL_free(ssl);
--		ssl = NULL;
-+		SM_SSL_FREE(*pssl);
- 	}
- 	return ret;
- }
diff --git a/site.config.m4 b/site.config.m4
index e8e300d3d761..ac920691e17b 100644
--- a/site.config.m4
+++ b/site.config.m4
@@ -13,6 +13,6 @@ define(`confEBINDIR', `/usr/bin')
 define(`confMBINDIR', `/usr/bin')
 define(`confSBINDIR', `/usr/bin')
 define(`confMANROOT', `/usr/share/man/man')
-APPENDDEF(`confENVDEF', `-DNETINET6  -DHAS_GETHOSTBYNAME2 -D_FFR_LINUX_MHNL -D_FFR_MILTER_CHECK_REJECTIONS_TOO')
-APPENDDEF(`conf_sendmail_ENVDEF', `-DSTARTTLS -DSASL=2 -D_FFR_TLS_EC -D_FFR_TLS_USE_CERTIFICATE_CHAIN_FILE')
+APPENDDEF(`confENVDEF', `-DNETINET6 -DHAS_GETHOSTBYNAME2 -D_FFR_MILTER_CHECK_REJECTIONS_TOO')
+APPENDDEF(`conf_sendmail_ENVDEF', `-DSTARTTLS -DSASL=2 -DDANE -DTLS_EC=2 -D_FFR_TLS_USE_CERTIFICATE_CHAIN_FILE')
 APPENDDEF(`conf_sendmail_LIBS', `-lssl -lcrypto -lresolv -lsasl2')
author	Amish	2020-07-06 15:11:18 +0530
committer	Amish	2020-07-06 15:11:18 +0530
commit	2cb076853120d56219d2f8fefe60f31f589baa52 (patch)
tree	90b5c1a2020084245b01393da31bd3d0c50bbbec
parent	11186a5bf92831c19e73c2d80ca8c25a57d69d57 (diff)
download	aur-2cb076853120d56219d2f8fefe60f31f589baa52.tar.gz