diff options
Diffstat (limited to 'mail/postfix35/files')
| -rw-r--r-- | mail/postfix35/files/extra-patch-blacklistd | 69 | ||||
| -rw-r--r-- | mail/postfix35/files/mailer.conf.postfix.in | 7 | ||||
| -rw-r--r-- | mail/postfix35/files/patch-makedefs | 45 | ||||
| -rw-r--r-- | mail/postfix35/files/patch-src_posttls-finger_posttls-finger.c | 22 | ||||
| -rw-r--r-- | mail/postfix35/files/patch-src_tls_tls__certkey.c | 11 | ||||
| -rw-r--r-- | mail/postfix35/files/patch-src_tls_tls__server.c | 12 | ||||
| -rw-r--r-- | mail/postfix35/files/patch-src_util_sys__defs.h | 12 | ||||
| -rw-r--r-- | mail/postfix35/files/pkg-install.in | 189 | ||||
| -rw-r--r-- | mail/postfix35/files/pkg-message.in | 44 | ||||
| -rw-r--r-- | mail/postfix35/files/postfix.in | 50 |
10 files changed, 461 insertions, 0 deletions
diff --git a/mail/postfix35/files/extra-patch-blacklistd b/mail/postfix35/files/extra-patch-blacklistd new file mode 100644 index 000000000000..a9448d978c7d --- /dev/null +++ b/mail/postfix35/files/extra-patch-blacklistd @@ -0,0 +1,69 @@ +# PR 225664: support blacklistd on FreeBSD >= 11.0 +# +--- src/smtpd/Makefile.in.orig 2017-02-05 23:36:32 UTC ++++ src/smtpd/Makefile.in +@@ -2,14 +2,14 @@ SHELL = /bin/sh + SRCS = smtpd.c smtpd_token.c smtpd_check.c smtpd_chat.c smtpd_state.c \ + smtpd_peer.c smtpd_sasl_proto.c smtpd_sasl_glue.c smtpd_proxy.c \ + smtpd_xforward.c smtpd_dsn_fix.c smtpd_milter.c smtpd_resolve.c \ +- smtpd_expand.c smtpd_haproxy.c ++ smtpd_expand.c smtpd_haproxy.c pfilter.c + OBJS = smtpd.o smtpd_token.o smtpd_check.o smtpd_chat.o smtpd_state.o \ + smtpd_peer.o smtpd_sasl_proto.o smtpd_sasl_glue.o smtpd_proxy.o \ + smtpd_xforward.o smtpd_dsn_fix.o smtpd_milter.o smtpd_resolve.o \ +- smtpd_expand.o smtpd_haproxy.o ++ smtpd_expand.o smtpd_haproxy.o pfilter.o + HDRS = smtpd_token.h smtpd_check.h smtpd_chat.h smtpd_sasl_proto.h \ + smtpd_sasl_glue.h smtpd_proxy.h smtpd_dsn_fix.h smtpd_milter.h \ +- smtpd_resolve.h smtpd_expand.h ++ smtpd_resolve.h smtpd_expand.h pfilter.h + TESTSRC = smtpd_token_test.c + DEFS = -I. -I$(INC_DIR) -D$(SYSTYPE) + CFLAGS = $(DEBUG) $(OPT) $(DEFS) +--- src/smtpd/smtpd_sasl_glue.c.orig 2017-02-19 01:58:21 UTC ++++ src/smtpd/smtpd_sasl_glue.c +@@ -147,6 +147,7 @@ + #include "smtpd.h" + #include "smtpd_sasl_glue.h" + #include "smtpd_chat.h" ++#include "pfilter.h" /* for blacklistd(8) */ + + #ifdef USE_SASL_AUTH + +@@ -332,6 +333,10 @@ int smtpd_sasl_authenticate(SMTPD_ST + else + smtpd_chat_reply(state, "535 5.7.8 Error: authentication failed: %s", + STR(state->sasl_reply)); ++ ++ ++ /* notify blacklistd of SASL authentication failure */ ++ pfilter_notify(1, vstream_fileno(state->client)); + return (-1); + } + /* RFC 4954 Section 6. */ +--- src/smtpd/pfilter.h.orig 2018-02-04 15:36:49 UTC ++++ src/smtpd/pfilter.h +@@ -0,0 +1 @@ ++void pfilter_notify(int, int); +--- src/smtpd/pfilter.c.orig 2018-02-04 15:36:49 UTC ++++ src/smtpd/pfilter.c +@@ -0,0 +1,19 @@ ++#include "pfilter.h" ++#include <stdio.h> /* for NULL */ ++#include <blacklist.h> ++ ++static struct blacklist *blstate; ++ ++void ++pfilter_notify(int a, int fd) ++{ ++ if (blstate == NULL) ++ blstate = blacklist_open(); ++ if (blstate == NULL) ++ return; ++ (void)blacklist_r(blstate, a, fd, "smtpd"); ++ if (a == 0) { ++ blacklist_close(blstate); ++ blstate = NULL; ++ } ++} diff --git a/mail/postfix35/files/mailer.conf.postfix.in b/mail/postfix35/files/mailer.conf.postfix.in new file mode 100644 index 000000000000..08f2b2c00f35 --- /dev/null +++ b/mail/postfix35/files/mailer.conf.postfix.in @@ -0,0 +1,7 @@ +# +# Execute the Postfix sendmail program, named %%PREFIX%%/sbin/sendmail +# +sendmail %%PREFIX%%/sbin/sendmail +send-mail %%PREFIX%%/sbin/sendmail +mailq %%PREFIX%%/sbin/sendmail +newaliases %%PREFIX%%/sbin/sendmail diff --git a/mail/postfix35/files/patch-makedefs b/mail/postfix35/files/patch-makedefs new file mode 100644 index 000000000000..f688b8ab7338 --- /dev/null +++ b/mail/postfix35/files/patch-makedefs @@ -0,0 +1,45 @@ +--- makedefs.orig 2021-01-16 15:10:00 UTC ++++ makedefs +@@ -298,6 +298,42 @@ case "$SYSTEM.$RELEASE" in + : ${SHLIB_ENV="LD_LIBRARY_PATH=`pwd`/lib"} + : ${PLUGIN_LD="${CC} -shared"} + ;; ++ FreeBSD.11*) SYSTYPE=FREEBSD11 ++ : ${CC=cc} ++ : ${SHLIB_SUFFIX=.so} ++ : ${SHLIB_CFLAGS=-fPIC} ++ : ${SHLIB_LD="${CC} -shared"' -Wl,-soname,${LIB}'} ++ : ${SHLIB_RPATH='-Wl,-rpath,${SHLIB_DIR}'} ++ : ${SHLIB_ENV="LD_LIBRARY_PATH=`pwd`/lib"} ++ : ${PLUGIN_LD="${CC} -shared"} ++ ;; ++ FreeBSD.12*) SYSTYPE=FREEBSD12 ++ : ${CC=cc} ++ : ${SHLIB_SUFFIX=.so} ++ : ${SHLIB_CFLAGS=-fPIC} ++ : ${SHLIB_LD="${CC} -shared"' -Wl,-soname,${LIB}'} ++ : ${SHLIB_RPATH='-Wl,-rpath,${SHLIB_DIR}'} ++ : ${SHLIB_ENV="LD_LIBRARY_PATH=`pwd`/lib"} ++ : ${PLUGIN_LD="${CC} -shared"} ++ ;; ++ FreeBSD.13*) SYSTYPE=FREEBSD13 ++ : ${CC=cc} ++ : ${SHLIB_SUFFIX=.so} ++ : ${SHLIB_CFLAGS=-fPIC} ++ : ${SHLIB_LD="${CC} -shared"' -Wl,-soname,${LIB}'} ++ : ${SHLIB_RPATH='-Wl,-rpath,${SHLIB_DIR}'} ++ : ${SHLIB_ENV="LD_LIBRARY_PATH=`pwd`/lib"} ++ : ${PLUGIN_LD="${CC} -shared"} ++ ;; ++ FreeBSD.14*) SYSTYPE=FREEBSD14 ++ : ${CC=cc} ++ : ${SHLIB_SUFFIX=.so} ++ : ${SHLIB_CFLAGS=-fPIC} ++ : ${SHLIB_LD="${CC} -shared"' -Wl,-soname,${LIB}'} ++ : ${SHLIB_RPATH='-Wl,-rpath,${SHLIB_DIR}'} ++ : ${SHLIB_ENV="LD_LIBRARY_PATH=`pwd`/lib"} ++ : ${PLUGIN_LD="${CC} -shared"} ++ ;; + DragonFly.*) SYSTYPE=DRAGONFLY + ;; + OpenBSD.2*) SYSTYPE=OPENBSD2 diff --git a/mail/postfix35/files/patch-src_posttls-finger_posttls-finger.c b/mail/postfix35/files/patch-src_posttls-finger_posttls-finger.c new file mode 100644 index 000000000000..fdece6346ca5 --- /dev/null +++ b/mail/postfix35/files/patch-src_posttls-finger_posttls-finger.c @@ -0,0 +1,22 @@ +--- src/posttls-finger/posttls-finger.c.orig 2019-02-12 13:17:45 UTC ++++ src/posttls-finger/posttls-finger.c +@@ -1673,7 +1673,8 @@ static int finger(STATE *state) + return (0); + } + +-#if defined(USE_TLS) && OPENSSL_VERSION_NUMBER < 0x10100000L ++#if defined(USE_TLS) && \ ++ ( OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) ) + + /* ssl_cleanup - free memory allocated in the OpenSSL library */ + +@@ -2156,7 +2157,8 @@ int main(int argc, char *argv[]) + cleanup(&state); + + /* OpenSSL 1.1.0 and later (de)initialization is implicit */ +-#if defined(USE_TLS) && OPENSSL_VERSION_NUMBER < 0x10100000L ++#if defined(USE_TLS) && \ ++ ( OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) ) + ssl_cleanup(); + #endif + diff --git a/mail/postfix35/files/patch-src_tls_tls__certkey.c b/mail/postfix35/files/patch-src_tls_tls__certkey.c new file mode 100644 index 000000000000..b34b8efd2be6 --- /dev/null +++ b/mail/postfix35/files/patch-src_tls_tls__certkey.c @@ -0,0 +1,11 @@ +--- src/tls/tls_certkey.c.orig 2019-03-07 23:57:10 UTC ++++ src/tls/tls_certkey.c +@@ -144,7 +144,7 @@ static void init_pem_load_state(pem_load + + /* use_chain - load cert, key and chain into ctx or ssl */ + +-#if OPENSSL_VERSION_NUMBER >= 0x1010100fUL ++#if OPENSSL_VERSION_NUMBER >= 0x1010100fUL && !defined(LIBRESSL_VERSION_NUMBER) + static int use_chain(pem_load_state_t *st) + { + int ret; diff --git a/mail/postfix35/files/patch-src_tls_tls__server.c b/mail/postfix35/files/patch-src_tls_tls__server.c new file mode 100644 index 000000000000..92115aa16679 --- /dev/null +++ b/mail/postfix35/files/patch-src_tls_tls__server.c @@ -0,0 +1,12 @@ +--- src/tls/tls_server.c.orig 2019-02-18 23:03:54 UTC ++++ src/tls/tls_server.c +@@ -518,7 +518,9 @@ TLS_APPL_STATE *tls_server_init(const TL + * ticket decryption callback already (since 2.11) asks OpenSSL to + * avoid issuing new tickets when the presented ticket is re-usable. + */ ++#ifndef LIBRESSL_VERSION_NUMBER + SSL_CTX_set_num_tickets(server_ctx, 1); ++#endif + } + #endif + if (!ticketable) diff --git a/mail/postfix35/files/patch-src_util_sys__defs.h b/mail/postfix35/files/patch-src_util_sys__defs.h new file mode 100644 index 000000000000..a31dfd4c24d5 --- /dev/null +++ b/mail/postfix35/files/patch-src_util_sys__defs.h @@ -0,0 +1,12 @@ +--- src/util/sys_defs.h.orig 2019-10-13 15:32:18 UTC ++++ src/util/sys_defs.h +@@ -30,7 +30,8 @@ + #if defined(FREEBSD2) || defined(FREEBSD3) || defined(FREEBSD4) \ + || defined(FREEBSD5) || defined(FREEBSD6) || defined(FREEBSD7) \ + || defined(FREEBSD8) || defined(FREEBSD9) || defined(FREEBSD10) \ +- || defined(FREEBSD11) \ ++ || defined(FREEBSD11) || defined(FREEBSD12) || defined(FREEBSD13) \ ++ || defined(FREEBSD14) \ + || defined(BSDI2) || defined(BSDI3) || defined(BSDI4) \ + || defined(OPENBSD2) || defined(OPENBSD3) || defined(OPENBSD4) \ + || defined(OPENBSD5) || defined(OPENBSD6) \ diff --git a/mail/postfix35/files/pkg-install.in b/mail/postfix35/files/pkg-install.in new file mode 100644 index 000000000000..0b7e47cfe011 --- /dev/null +++ b/mail/postfix35/files/pkg-install.in @@ -0,0 +1,189 @@ +#!/bin/sh + +# If the POSTFIX_DEFAULT_MTA environment variable is set to YES, it +# will make the port/package use defaults which make postfix replace +# sendmail as much as possible. + +# allowed vars during package installation +BATCH=${BATCH:=no} +POSTFIX_DEFAULT_MTA=${POSTFIX_DEFAULT_MTA:=no} + +# fixed vars +PREFIX="%%PREFIX%%" +ETCDIR="%%ETCDIR%%" +DAEMONDIR="%%DAEMONDIR%%" +META_DIRECTORY="%%META_DIRECTORY%%" +READMEDIR="%%READMEDIR%%" +MC_TEMPLATE="%%DATADIR%%/mailer.conf.postfix" + +# FreeBSD <= 10.3 +MC_BASE="/etc/mail/mailer.conf" +# FreeBSD >= 10.3 (and current) +MC_LOCALBASE="%%LOCALBASE%%/etc/mail/mailer.conf" +USE_LOCALBASE_MAILER_CONF="%%USE_LOCALBASE_MAILER_CONF%%" + +if [ "${POSTFIX_DEFAULT_MTA}" = "no" ]; then + DEFAULT_REPLACE_MAILERCONF=n +else + DEFAULT_REPLACE_MAILERCONF=y +fi + +ask() { + local question default answer + + question=$1 + default=$2 + if [ -z "${PACKAGE_BUILDING}" -a "${BATCH}" = "no" ]; then + read -p "${question} [${default}]? " answer + fi + if [ -z "${answer}" ]; then + answer=${default} + fi + echo ${answer} +} + +yesno() { + local question default answer + + question=$1 + default=$2 + while :; do + answer=$(ask "${question}" "${default}") + case "${answer}" in + [Yy]*) return 0;; + [Nn]*) return 1;; + esac + echo "Please answer yes or no." + done +} + +# ============================================================================== +# Respect POSTFIX_DEFAULT_MTA, do not ask for confirmation! +# (This helps tools like salt, ansible or puppet on new installations) +# ============================================================================== +install_choise(){ + local mailerconf + mailerconf=$1 + + if [ "${DEFAULT_REPLACE_MAILERCONF}" = "y" ]; then + install_mailer_conf ${mailerconf} + elif [ "${DEFAULT_REPLACE_MAILERCONF}" = "n" -a -t 0 ]; then + if yesno "Would you like to activate Postfix in ${mailerconf}" ${DEFAULT_REPLACE_MAILERCONF:="n"}; then + install_mailer_conf ${mailerconf} + else + show_not_activated_msg ${mailerconf} + fi + else + show_not_activated_msg ${mailerconf} + fi +} + +show_not_activated_msg() { + local mailerconf + + mailerconf=$1 + echo + echo "===============================================================" + echo "Postfix was *not* activated in ${mailerconf}! " + echo + echo "To finish installation run the following commands:" + echo + if [ "${USE_LOCALBASE_MAILER_CONF}" = "yes" ]; then + echo " mkdir -p %%LOCALBASE%%/etc/mail" + else + echo " mv -f ${mailerconf} ${mailerconf}.old" + fi + echo " install -m 0644 ${MC_TEMPLATE} ${mailerconf}" + echo "===============================================================" + echo +} + +show_activated_msg() { + local mailerconf + + mailerconf=$1 + echo "===============================================================" + echo "Postfix already activated in ${mailerconf}" + echo "===============================================================" +} + +cmp_mailer() { + local mailerconf + + mailerconf=$1 + cmp -s ${mailerconf} ${MC_TEMPLATE} + return $? +} + +install_mailer_conf() { + local mailerconf + + mailerconf=$1 + echo "Activate Postfix in ${mailerconf}" + if [ "${USE_LOCALBASE_MAILER_CONF}" = "yes" ]; then + [ -d %%LOCALBASE%%/etc/mail ] || mkdir -p %%LOCALBASE%%/etc/mail + fi + [ -f ${mailerconf} ] && mv -f ${mailerconf} ${mailerconf}.old + install -m 644 ${MC_TEMPLATE} ${mailerconf} +} + +# ============================================================================== +# Run postfix reload +# This is a candidate for a dedicated pkg-post-upgrade script, but it seems +# this not fully implemented in pkg :(see upstream PR 941) +# ============================================================================== +try_reload(){ + ${PREFIX}/sbin/postfix status 2>/dev/null +if [ $? -eq 0 ]; then + ${PREFIX}/sbin/postfix reload +else + echo "postfix not running" +fi +} + +# ============================================================================== +# Run postfix post-install to fix permissions and new config values +# ============================================================================== +if [ "$2" = "POST-INSTALL" ]; then + /bin/sh ${DAEMONDIR}/post-install tempdir=/tmp \ + daemon_directory=${DAEMONDIR} \ + meta_directory=${META_DIRECTORY} \ + html_directory=${READMEDIR} \ + readme_directory=${READMEDIR} \ + upgrade-package +fi + +# ============================================================================== +# If FreeBSD <= 10.2 is deprecated check only LOCALBASE and remove BASE checks, +# regardless if installed in BASE or LOCALBASE +# Iff postfix is activated in BASE, also activate postfix in LOCALBASE! +# ============================================================================== +if [ "$2" = "POST-INSTALL" -a -z "${PACKAGE_BUILDING}" ]; then +if [ -f "${MC_BASE}" ]; then + if [ "${USE_LOCALBASE_MAILER_CONF}" = "yes" ]; then + cmp_mailer ${MC_BASE} + if [ $? -eq 0 ]; then + show_activated_msg ${MC_BASE} + cmp_mailer ${MC_LOCALBASE} || install_mailer_conf ${MC_LOCALBASE} + try_reload + else + cmp_mailer ${MC_LOCALBASE} || install_choise ${MC_LOCALBASE} + fi + else + cmp_mailer ${MC_BASE} + if [ $? -ne 0 ]; then + install_choise ${MC_BASE} + else + show_activated_msg ${MC_BASE} + try_reload + fi + fi + +else + if [ "${USE_LOCALBASE_MAILER_CONF}" = "yes" ]; then + show_not_activated_msg ${MC_LOCALBASE} + else + show_not_activated_msg ${MC_BASE} + fi +fi # -f "${MC_BASE}" +fi # "$2" = "POST-INSTALL" -a -z "${PACKAGE_BUILDING}" diff --git a/mail/postfix35/files/pkg-message.in b/mail/postfix35/files/pkg-message.in new file mode 100644 index 000000000000..44a62a9e6f4e --- /dev/null +++ b/mail/postfix35/files/pkg-message.in @@ -0,0 +1,44 @@ +[ +{ + type: install + message: <<EOM +To use postfix instead of sendmail: + - clear sendmail queue and stop the sendmail daemons + +Run the following commands to enable postfix during startup: + - sysrc postfix_enable="YES" + - sysrc sendmail_enable="NONE" + +If postfix is *not* already activated in %%MC_PREFIX%%/etc/mail/mailer.conf + - mv %%MC_PREFIX%%/etc/mail/mailer.conf %%MC_PREFIX%%/etc/mail/mailer.conf.old + - install -m 0644 %%DATADIR%%/mailer.conf.postfix %%MC_PREFIX%%/etc/mail/mailer.conf + +Disable sendmail(8) specific tasks, +add the following lines to /etc/periodic.conf(.local): + daily_clean_hoststat_enable="NO" + daily_status_mail_rejects_enable="NO" + daily_status_include_submit_mailq="NO" + daily_submit_queuerun="NO" + +If you are using SASL, you need to make sure that postfix has access to read +the sasldb file. This is accomplished by adding postfix to group mail and +making the %%PREFIX%%/etc/sasldb* file(s) readable by group mail (this should +be the default for new installs). +EOM +} +{ + type: upgrade + message: <<EOM +If you are upgrading from prior postfix version, please see the README +files for recommended changes to your configuration and additional +http://www.postfix.org/COMPATIBILITY_README.html +EOM +} +{ + type: remove + message: <<EOM +If you remove postfix permanent, adjust / remove the the following file: + - %%MC_PREFIX%%/etc/mail/mailer.conf +EOM +} +] diff --git a/mail/postfix35/files/postfix.in b/mail/postfix35/files/postfix.in new file mode 100644 index 000000000000..597da191fd16 --- /dev/null +++ b/mail/postfix35/files/postfix.in @@ -0,0 +1,50 @@ +#!/bin/sh + +# PROVIDE: postfix mail +# REQUIRE: %%REQUIRE%% +# KEYWORD: shutdown +# +# Add the following lines to /etc/rc.conf to enable postfix: +# postfix_enable (bool): Set it to "YES" to enable postfix. +# Default is "NO". +# postfix_pidfile (path): Set full path to master.pid. +# Default is "/var/spool/postfix/pid/master.pid". +# postfix_procname (command): Set command that start master. Used to verify if +# postfix is running. +# Default is "%%PREFIX%%/libexec/postfix/master". +# postfix_flags (str): Flags passed to postfix-script on startup. +# Default is "". +# + +. /etc/rc.subr + +name="postfix" +rcvar=postfix_enable + +load_rc_config $name + +: ${postfix_enable:="NO"} +: ${postfix_pidfile:="/var/spool/postfix/pid/master.pid"} +: ${postfix_procname:="%%PREFIX%%/libexec/postfix/master"} + +start_cmd=${name}_start +stop_cmd=${name}_stop +extra_commands="reload" +reload_cmd="${name}_reload" + +pidfile=${postfix_pidfile} +procname=${postfix_procname} + +postfix_start() { + %%PREFIX%%/sbin/postfix ${postfix_flags} start +} + +postfix_stop() { + %%PREFIX%%/sbin/postfix ${postfix_flags} stop +} + +postfix_reload() { + %%PREFIX%%/sbin/postfix ${postfix_flags} reload +} + +run_rc_command "$1" |