l/sendmaili-devel: Fix MTA-STS support, to local-deliverable with MTA…

…-STS enabled PR: 275996 Submitted by: Hiroki Sato Submitted by: Norikatsu Shigemura
freebsd · Dec 29, 2023 · 4281b33 · 4281b33
1 parent a2405c5
commit 4281b33
Show file tree

Hide file tree

Showing 9 changed files with 45 additions and 21 deletions.
diff --git a/mail/sendmail-devel/Makefile b/mail/sendmail-devel/Makefile
@@ -1,6 +1,6 @@
 PORTNAME=	sendmail
 PORTVERSION=	8.18.0.2
-PORTREVISION=	1
+PORTREVISION=	2
 CATEGORIES=	mail
 MASTER_SITES=	ftp://ftp.sendmail.org/pub/sendmail/snapshots/
 PKGNAMESUFFIX?=	-devel${PKGNAMESUFFIX2}

diff --git a/mail/sendmail-devel/files/patch-cfproto.m4 b/mail/sendmail-devel/files/patch-cfproto.m4
@@ -0,0 +1,24 @@
+--- cf/m4/proto.m4.orig	2023-10-27 05:47:26 UTC
++++ cf/m4/proto.m4
+@@ -2912,10 +2912,6 @@ R$* $| $#$*		$#$2
+ R$* $| $*		$: $1', `dnl')
+ ifdef(`_TLS_FAILURES_',`dnl
+ R$*		$: $(macro {saved_verify} $@ $1 $) $1')
+-ifdef(`_MTA_STS_', `dnl
+-R$*			$: $1 $| $>"STS_secure" $1
+-R$* $| $#$*		$#$2
+-R$* $| $*		$: $1', `dnl')
+ ifdef(`_ACCESS_TABLE_', `dnl
+ dnl store name of other side
+ R$*		$: $(macro {TLS_Name} $@ $&{server_name} $) $1
+@@ -2923,6 +2919,10 @@ R$*		$: $1 $| $>D <$&{server_name}> <?> <! TLS_SRV_TAG
+ R$* $| <?>$*	$: $1 $| $>A <$&{server_addr}> <?> <! TLS_SRV_TAG> <>
+ dnl do a default lookup: just TLS_SRV_TAG
+ R$* $| <?>$*	$: $1 $| <$(access TLS_SRV_TAG`'_TAG_DELIM_ $: ? $)>
++ifdef(`_MTA_STS_', `dnl
++R$*			$: $1 $| $>"STS_secure" $1
++R$* $| $#$*		$#$2
++R$* $| $*		$: $1', `dnl')
+ ifdef(`_ATMPF_', `dnl tempfail?
+ R$* $| <$* _ATMPF_>	$#error $@ 4.3.0 $: _TMPFMSG_(`TS')', `dnl')
+ R$*		$@ $>"TLS_connection" $1', `dnl
diff --git a/mail/sendmail-devel/files/patch-cfsts.m4 b/mail/sendmail-devel/files/patch-cfsts.m4
@@ -1,6 +1,6 @@
---- cf/feature/sts.m4.orig	2021-06-08 04:03:56.000000000 +0900
-+++ cf/feature/sts.m4	2022-02-24 21:30:48.072162000 +0900
-@@ -15,5 +15,5 @@
+--- cf/feature/sts.m4.orig	2023-02-09 18:24:38 UTC
++++ cf/feature/sts.m4
+@@ -15,5 +15,5 @@ ifelse(_ARG2_,`NO_SAN_TST',`',`define(`_STS_SAN', `1')
  LOCAL_CONFIG
  O StrictTransportSecurity=true
  ifelse(_ARG2_,`NO_SAN_TST',`',`O SetCertAltnames=true')

diff --git a/mail/sendmail-devel/files/patch-daemon.c b/mail/sendmail-devel/files/patch-daemon.c
@@ -1,6 +1,6 @@
---- sendmail/daemon.c.orig	2021-06-22 08:24:43 UTC
+--- sendmail/daemon.c.orig	2023-10-27 05:47:26 UTC
 +++ sendmail/daemon.c
-@@ -775,6 +775,8 @@ getrequests(e)
+@@ -782,6 +782,8 @@ getrequests(e)
  						anynet_ntoa(&RealHostAddr));
  			}
 

diff --git a/mail/sendmail-devel/files/patch-makeinfo.sh b/mail/sendmail-devel/files/patch-makeinfo.sh
@@ -1,4 +1,4 @@
---- cf/sh/makeinfo.sh.orig	2014-03-05 00:59:45 UTC
+--- cf/sh/makeinfo.sh.orig	2023-02-09 18:24:38 UTC
 +++ cf/sh/makeinfo.sh
 @@ -52,7 +52,7 @@ then
  else
@@ -8,4 +8,4 @@
 +echo '#####' built by $user@$host on `LC_TIME=C date`
  echo '#####' in `pwd` | sed 's/\/tmp_mnt//'
  echo '#####' using $1 as configuration include directory | sed 's/\/tmp_mnt//'
- echo "define(\`__HOST__', $host)dnl"
+ echo "define(\`__HOST__', \`$host')dnl"
diff --git a/mail/sendmail-devel/files/patch-readcf.c b/mail/sendmail-devel/files/patch-readcf.c
@@ -1,7 +1,7 @@
---- sendmail/readcf.c.orig	2019-02-15 10:30:19 UTC
+--- sendmail/readcf.c.orig	2023-12-19 05:29:19 UTC
 +++ sendmail/readcf.c
-@@ -2988,6 +2988,10 @@ static struct optioninfo
- 	{ "ClientCACertPath",			O_CLTCACERTPATH, OI_NONE },
+@@ -3208,6 +3208,10 @@ static struct optioninfo
+ 	{ "CipherSuites",		O_CIPHERSUITES,	OI_NONE	},
  #endif
 
 +#if USE_BLACKLIST
@@ -11,7 +11,7 @@
  	{ NULL,				'\0',		OI_NONE	}
  };
 
-@@ -4661,6 +4665,12 @@ setoption(opt, val, safe, sticky, e)
+@@ -4946,6 +4950,12 @@ setoption(opt, val, safe, sticky, e)
  		break;
  #endif
 

diff --git a/mail/sendmail-devel/files/patch-sendmail.8 b/mail/sendmail-devel/files/patch-sendmail.8
@@ -1,7 +1,7 @@
---- sendmail/sendmail.8.orig	2014-06-13 14:57:59 UTC
+--- sendmail/sendmail.8.orig	2023-02-09 18:24:38 UTC
 +++ sendmail/sendmail.8
-@@ -537,6 +537,11 @@ for this amount of time, 
- failed messages will be returned to the sender.  
+@@ -552,6 +552,11 @@ for this amount of time,
+ failed messages will be returned to the sender.
  The default is five days.
  .TP
 +UseBlacklist
@@ -11,4 +11,4 @@
 +.TP
  .RI UserDatabaseSpec= userdatabase
  If set, a user database is consulted to get forwarding information.
- You can consider this an adjunct to the aliasing mechanism, 
+ You can consider this an adjunct to the aliasing mechanism,
diff --git a/mail/sendmail-devel/files/patch-smrsh.8 b/mail/sendmail-devel/files/patch-smrsh.8
@@ -1,4 +1,4 @@
---- smrsh/smrsh.8.orig	2014-03-05 00:59:45 UTC
+--- smrsh/smrsh.8.orig	2023-02-09 18:24:38 UTC
 +++ smrsh/smrsh.8
 @@ -39,7 +39,7 @@ Briefly,
  .I smrsh
@@ -9,7 +9,7 @@
  allowing the system administrator to choose the set of acceptable commands,
  and to the shell builtin commands ``exec'', ``exit'', and ``echo''.
  It also rejects any commands with the characters
-@@ -50,13 +50,12 @@ It allows ``||'' and ``&&'' to enable co
+@@ -50,13 +50,12 @@ It allows ``||'' and ``&&'' to enable commands like:
  ``"|exec /usr/local/bin/filter || exit 75"''
  .PP
  Initial pathnames on programs are stripped,

diff --git a/mail/sendmail-devel/files/patch-usersmtp.c b/mail/sendmail-devel/files/patch-usersmtp.c
@@ -1,6 +1,6 @@
---- sendmail/usersmtp.c.orig	2014-12-05 15:42:28 UTC
+--- sendmail/usersmtp.c.orig	2023-07-27 07:12:46 UTC
 +++ sendmail/usersmtp.c
-@@ -1825,6 +1825,9 @@ attemptauth(m, mci, e, sai)
+@@ -1875,6 +1875,9 @@ attemptauth(m, mci, e, sai)
 
  		if (saslresult != SASL_OK && saslresult != SASL_CONTINUE)
  		{
@@ -10,7 +10,7 @@
  			if (tTd(95, 5))
  				sm_dprintf("AUTH FAIL=%s (%d)\n",
  					sasl_errstring(saslresult, NULL, NULL),
-@@ -1970,9 +1973,11 @@ smtpauth(m, mci, e)
+@@ -2020,9 +2023,11 @@ smtpauth(m, mci, e)
  	do
  	{
  		result = attemptauth(m, mci, e, &(mci->mci_sai));