From 96e93d3ddfc43b968aca829f872aff071a2f9068 Mon Sep 17 00:00:00 2001 From: =?utf8?q?Arkadiusz=20Mi=C5=9Bkiewicz?= Date: Wed, 11 Dec 2019 09:05:03 +0100 Subject: [PATCH] - up to 4.93; localscan patch updated from debian; dropped obsolete patches --- branch.sh | 4 +- dsn-references.patch | 285 --------------------- exim-bug-1891.patch | 64 ----- exim.spec | 22 +- exim4-EDITME.patch | 111 ++++---- localscan_dlopen_exim_4.20_or_better.patch | 160 +++++++----- 6 files changed, 173 insertions(+), 473 deletions(-) delete mode 100644 dsn-references.patch delete mode 100644 exim-bug-1891.patch diff --git a/branch.sh b/branch.sh index e35deb1..ed24834 100755 --- a/branch.sh +++ b/branch.sh @@ -2,8 +2,8 @@ set -e url=git://git.exim.org/exim.git package=exim -tag=exim-4.92.3 -branch=exim-4.92.3+fixes +tag=exim-4.93 +branch=exim-4.93+fixes out=$package-git.patch repo=$package.git diff --git a/dsn-references.patch b/dsn-references.patch deleted file mode 100644 index 8267e82..0000000 --- a/dsn-references.patch +++ /dev/null @@ -1,285 +0,0 @@ -commit d6c829b9a350f61c98196768e3260beb3cbecbfe -Author: Jeremy Harris -Date: Wed Oct 2 14:49:55 2019 +0100 - - DSN: add References: header. Bug 2452 - -diff --git a/src/src/deliver.c b/src/src/deliver.c -index 72751c2dc..7433b5fb2 100644 ---- a/src/src/deliver.c -+++ b/src/src/deliver.c -@@ -7344,7 +7344,7 @@ if (addr_senddsn) - if (pid < 0) /* Creation of child failed */ - { - log_write(0, LOG_MAIN|LOG_PANIC_DIE, "Process %d (parent %d) failed to " -- "create child process to send failure message: %s", getpid(), -+ "create child process to send success-dsn message: %s", getpid(), - getppid(), strerror(errno)); - - DEBUG(D_deliver) debug_printf("DSN: child_open_exim failed\n"); -@@ -7357,7 +7357,7 @@ if (addr_senddsn) - transport_ctx tctx = {{0}}; - - DEBUG(D_deliver) -- debug_printf("sending error message to: %s\n", sender_address); -+ debug_printf("sending success-dsn to: %s\n", sender_address); - - /* build unique id for MIME boundary */ - bound = string_sprintf(TIME_T_FMT "-eximdsn-%d", time(NULL), rand()); -@@ -7369,8 +7369,11 @@ if (addr_senddsn) - moan_write_from(f); - fprintf(f, "Auto-Submitted: auto-generated\n" - "To: %s\n" -- "Subject: Delivery Status Notification\n" -- "Content-Type: multipart/report; report-type=delivery-status; boundary=%s\n" -+ "Subject: Delivery Status Notification\n", -+ sender_address); -+ moan_write_references(f, NULL); -+ fprintf(f, "Content-Type: multipart/report;" -+ " report-type=delivery-status; boundary=%s\n" - "MIME-Version: 1.0\n\n" - - "--%s\n" -@@ -7378,7 +7381,7 @@ if (addr_senddsn) - - "This message was created automatically by mail delivery software.\n" - " ----- The following addresses had successful delivery notifications -----\n", -- sender_address, bound, bound); -+ bound, bound); - - for (address_item * a = addr_senddsn; a; a = a->next) - fprintf(f, "<%s> (relayed %s)\n\n", -@@ -7607,6 +7610,7 @@ while (addr_failed) - fprintf(fp, "Auto-Submitted: auto-replied\n"); - moan_write_from(fp); - fprintf(fp, "To: %s\n", bounce_recipient); -+ moan_write_references(fp, NULL); - - /* generate boundary string and output MIME-Headers */ - bound = string_sprintf(TIME_T_FMT "-eximdsn-%d", time(NULL), rand()); -@@ -8192,7 +8196,8 @@ else if (addr_defer != (address_item *)(+1)) - - DEBUG(D_deliver) - { -- debug_printf("time on queue = %s id %s addr %s\n", readconf_printtime(queue_time), message_id, addr_defer->address); -+ debug_printf("time on queue = %s id %s addr %s\n", -+ readconf_printtime(queue_time), message_id, addr_defer->address); - debug_printf("warning counts: required %d done %d\n", count, - warning_count); - } -@@ -8230,6 +8235,7 @@ else if (addr_defer != (address_item *)(+1)) - fprintf(f, "Auto-Submitted: auto-replied\n"); - moan_write_from(f); - fprintf(f, "To: %s\n", recipients); -+ moan_write_references(f, NULL); - - /* generated boundary string and output MIME-Headers */ - bound = string_sprintf(TIME_T_FMT "-eximdsn-%d", time(NULL), rand()); -diff --git a/src/src/functions.h b/src/src/functions.h -index 31c005773..d99f15465 100644 ---- a/src/src/functions.h -+++ b/src/src/functions.h -@@ -335,6 +335,7 @@ extern void moan_tell_someone(uschar *, address_item *, - const uschar *, const char *, ...) PRINTF_FUNCTION(4,5); - extern BOOL moan_to_sender(int, error_block *, header_line *, FILE *, BOOL); - extern void moan_write_from(FILE *); -+extern void moan_write_references(FILE *, uschar *); - extern FILE *modefopen(const uschar *, const char *, mode_t); - - extern int open_cutthrough_connection( address_item * addr ); -diff --git a/src/src/moan.c b/src/src/moan.c -index f6cda37f2..31d033c1a 100644 ---- a/src/src/moan.c -+++ b/src/src/moan.c -@@ -28,7 +28,7 @@ Returns: nothing - void - moan_write_from(FILE *f) - { --uschar *s = expand_string(dsn_from); -+uschar * s = expand_string(dsn_from); - if (!s) - { - log_write(0, LOG_MAIN|LOG_PANIC, -@@ -40,6 +40,80 @@ fprintf(f, "From: %s\n", s); - - - -+/************************************************* -+* Write References: line for DSN * -+*************************************************/ -+ -+/* Generate a References: header if there is in the header_list -+at least one of Message-ID:, References:, or In-Reply-To: (see RFC 2822). -+ -+Arguments: f the FILE to write to -+ message_id optional already-found message-id, or NULL -+ -+Returns: nothing -+*/ -+ -+void -+moan_write_references(FILE * fp, uschar * message_id) -+{ -+header_line * h; -+ -+if (!message_id) -+ for (h = header_list; h; h = h->next) -+ if (h->type == htype_id) -+ { -+ message_id = Ustrchr(h->text, ':') + 1; -+ while (isspace(*message_id)) message_id++; -+ } -+ -+for (h = header_list; h; h = h->next) -+ if (h->type != htype_old && strncmpic(US"References:", h->text, 11) == 0) -+ break; -+ -+if (!h) -+ for (h = header_list; h; h = h->next) -+ if (h->type != htype_old && strncmpic(US"In-Reply-To:", h->text, 12) == 0) -+ break; -+ -+/* We limit the total length of references. Although there is no fixed -+limit, some systems do not like headers growing beyond recognition. -+Keep the first message ID for the thread root and the last few for -+the position inside the thread, up to a maximum of 12 altogether. */ -+ -+if (h || message_id) -+ { -+ fprintf(fp, "References:"); -+ if (h) -+ { -+ uschar * s, * id, * error; -+ uschar * referenced_ids[12]; -+ int reference_count = 0; -+ -+ s = Ustrchr(h->text, ':') + 1; -+ f.parse_allow_group = FALSE; -+ while (*s && (s = parse_message_id(s, &id, &error))) -+ if (reference_count == nelem(referenced_ids)) -+ { -+ memmove(referenced_ids + 1, referenced_ids + 2, -+ sizeof(referenced_ids) - 2*sizeof(uschar *)); -+ referenced_ids[reference_count - 1] = id; -+ } -+ else -+ referenced_ids[reference_count++] = id; -+ -+ for (int i = 0; i < reference_count; ++i) -+ fprintf(fp, " %s", referenced_ids[i]); -+ } -+ -+ /* The message id will have a newline on the end of it. */ -+ -+ if (message_id) fprintf(fp, " %s", message_id); -+ else fprintf(fp, "\n"); -+ } -+} -+ -+ -+ - /************************************************* - * Send error message * - *************************************************/ -@@ -119,6 +193,7 @@ else - moan_write_from(fp); - - fprintf(fp, "To: %s\n", recipient); -+moan_write_references(fp, NULL); - - switch(ident) - { -@@ -145,7 +220,7 @@ switch(ident) - "A message that you sent contained one or more recipient addresses that were\n" - "incorrectly constructed:\n\n"); - -- while (eblock != NULL) -+ while (eblock) - { - fprintf(fp, " %s: %s\n", eblock->text1, eblock->text2); - count++; -@@ -522,6 +597,7 @@ f = fdopen(fd, "wb"); - fprintf(f, "Auto-Submitted: auto-replied\n"); - moan_write_from(f); - fprintf(f, "To: %s\n", who); -+moan_write_references(f, NULL); - fprintf(f, "Subject: %s\n\n", subject); - va_start(ap, format); - vfprintf(f, format, ap); -@@ -656,8 +732,7 @@ llen = domain++ - recipient; - - /* Scan through the configured items */ - --while ((item = string_nextinlist(&listptr, &sep, buffer, sizeof(buffer))) -- != NULL) -+while ((item = string_nextinlist(&listptr, &sep, buffer, sizeof(buffer)))) - { - const uschar *newaddress = item; - const uschar *pattern = string_dequote(&newaddress); -@@ -759,6 +834,7 @@ fprintf(f, "Auto-Submitted: auto-replied\n"); - moan_write_from(f); - fprintf(f, "To: %s\n", s); - fprintf(f, "Subject: error(s) in forwarding or filtering\n\n"); -+moan_write_references(f, NULL); - - if (custom) - { -diff --git a/src/src/transports/autoreply.c b/src/src/transports/autoreply.c -index 734e65833..1aef02aaf 100644 ---- a/src/src/transports/autoreply.c -+++ b/src/src/transports/autoreply.c -@@ -599,53 +599,7 @@ if (h) - fprintf(fp, "In-Reply-To: %s", message_id); - } - --/* Generate a References header if there is at least one of Message-ID:, --References:, or In-Reply-To: (see RFC 2822). */ -- --for (h = header_list; h; h = h->next) -- if (h->type != htype_old && strncmpic(US"References:", h->text, 11) == 0) -- break; -- --if (!h) -- for (h = header_list; h; h = h->next) -- if (h->type != htype_old && strncmpic(US"In-Reply-To:", h->text, 12) == 0) -- break; -- --/* We limit the total length of references. Although there is no fixed --limit, some systems do not like headers growing beyond recognition. --Keep the first message ID for the thread root and the last few for --the position inside the thread, up to a maximum of 12 altogether. */ -- --if (h || message_id) -- { -- fprintf(fp, "References:"); -- if (h) -- { -- uschar *s, *id, *error; -- uschar *referenced_ids[12]; -- int reference_count = 0; -- int i; -- -- s = Ustrchr(h->text, ':') + 1; -- f.parse_allow_group = FALSE; -- while (*s != 0 && (s = parse_message_id(s, &id, &error)) != NULL) -- { -- if (reference_count == nelem(referenced_ids)) -- { -- memmove(referenced_ids + 1, referenced_ids + 2, -- sizeof(referenced_ids) - 2*sizeof(uschar *)); -- referenced_ids[reference_count - 1] = id; -- } -- else referenced_ids[reference_count++] = id; -- } -- for (i = 0; i < reference_count; ++i) fprintf(fp, " %s", referenced_ids[i]); -- } -- -- /* The message id will have a newline on the end of it. */ -- -- if (message_id) fprintf(fp, " %s", message_id); -- else fprintf(fp, "\n"); -- } -+ moan_write_references(fp, message_id); - - /* Add an Auto-Submitted: header */ - diff --git a/exim-bug-1891.patch b/exim-bug-1891.patch deleted file mode 100644 index e5597f4..0000000 --- a/exim-bug-1891.patch +++ /dev/null @@ -1,64 +0,0 @@ -commit 3c55eef24050cec9e50e98e2f5fc12cd45f1ef8a -Author: Jeremy Harris -Date: Fri Apr 5 15:22:20 2019 +0100 - - Logging: close logfile when non-smtp input is taking a long time. Bug 1891 - -diff --git a/src/src/receive.c b/src/src/receive.c -index 0cb38626..64f62757 100644 ---- a/src/src/receive.c -+++ b/src/src/receive.c -@@ -571,6 +571,30 @@ return FALSE; - - - -+/* Pause for a while waiting for input. If none received in that time, -+close the logfile, if we had one open; then if we wait for a long-running -+datasource (months, in one use-case) log rotation will not leave us holding -+the file copy. */ -+ -+static void -+log_close_chk(void) -+{ -+if (!receive_timeout) -+ { -+ struct timeval t; -+ timesince(&t, &received_time); -+ if (t.tv_sec > 30*60) -+ mainlog_close(); -+ else -+ { -+ fd_set r; -+ FD_ZERO(&r); FD_SET(0, &r); -+ t.tv_sec = 30*60 - t.tv_sec; t.tv_usec = 0; -+ if (select(1, &r, NULL, NULL, &t) == 0) mainlog_close(); -+ } -+ } -+} -+ - /************************************************* - * Read data portion of a non-SMTP message * - *************************************************/ -@@ -619,9 +643,11 @@ register int linelength = 0; - - if (!f.dot_ends) - { -- register int last_ch = '\n'; -+ int last_ch = '\n'; - -- for (; (ch = (receive_getc)(GETC_BUFFER_UNLIMITED)) != EOF; last_ch = ch) -+ for ( ; -+ log_close_chk(), (ch = (receive_getc)(GETC_BUFFER_UNLIMITED)) != EOF; -+ last_ch = ch) - { - if (ch == 0) body_zerocount++; - if (last_ch == '\r' && ch != '\n') -@@ -663,7 +689,7 @@ if (!f.dot_ends) - - ch_state = 1; - --while ((ch = (receive_getc)(GETC_BUFFER_UNLIMITED)) != EOF) -+while (log_close_chk(), (ch = (receive_getc)(GETC_BUFFER_UNLIMITED)) != EOF) - { - if (ch == 0) body_zerocount++; - switch (ch_state) diff --git a/exim.spec b/exim.spec index a410043..5f7d318 100644 --- a/exim.spec +++ b/exim.spec @@ -24,15 +24,15 @@ Summary: University of Cambridge Mail Transfer Agent Summary(pl.UTF-8): Agent Transferu Poczty Uniwersytetu w Cambridge Summary(pt_BR.UTF-8): Servidor de correio eletrônico exim Name: exim -Version: 4.92.3 -Release: 4 +Version: 4.93 +Release: 1 Epoch: 2 License: GPL Group: Networking/Daemons/SMTP Source0: ftp://ftp.exim.org/pub/exim/exim4/%{name}-%{version}.tar.bz2 -# Source0-md5: c9c72bfcaa391bca3da5441af58e8858 +# Source0-md5: d8a9342b2c0f2275717ba1f9fafbc3aa Source1: ftp://ftp.exim.org/pub/exim/exim4/%{name}-html-%{version}.tar.bz2 -# Source1-md5: b084f88d9d1d346f21c38a36d7b16251 +# Source1-md5: 1985746cb7fbe8141c9f4b7fc6adece3 Source2: %{name}.init Source3: %{name}.cron.db Source4: %{name}4.conf @@ -51,7 +51,7 @@ Source15: %{name}4-smtp.pamd Source16: %{name}on.png # sh branch.sh Patch100: %{name}-git.patch -# Patch100-md5: 722a9915d1a0c59953fd68c55030487b +# Patch100-md5: 3c82284c70beeaf89becc1157d7cd100 Patch0: %{name}4-EDITME.patch Patch1: %{name}4-monitor-EDITME.patch Patch2: %{name}4-cflags.patch @@ -59,8 +59,7 @@ Patch3: exim-defs.patch Patch4: %{name}4-Makefile-Default.patch # http://marc.merlins.org/linux/exim/files/sa-exim-cvs/localscan_dlopen_exim_4.20_or_better.patch Patch5: localscan_dlopen_%{name}_4.20_or_better.patch -Patch6: exim-bug-1891.patch -Patch7: dsn-references.patch + Patch8: %{name}-spam-timeout.patch Patch20: %{name}4-disableSSLv3.patch @@ -177,16 +176,14 @@ Pliki nagłówkowe dla Exima. %prep %setup -q -a1 -a7 -%patch100 -p2 - +#%patch100 -p2 %patch0 -p1 %patch1 -p1 %patch2 -p1 %patch3 -p1 %patch4 -p1 %patch5 -p1 -%patch6 -p2 -%patch7 -p2 + %patch8 -p1 install %{SOURCE4} exim4.conf @@ -212,7 +209,7 @@ SUPPORT_I18N_2008=yes LDFLAGS+= -lidn -lidn2 SUPPORT_PROXY=yes %if %{with dmarc} -EXPERIMENTAL_DMARC=yes +SUPPORT_DMARC=yes LOOKUP_LIBS+=-lopendmarc %endif %if %{with spf} @@ -275,6 +272,7 @@ LOOKUP_LIBS+=-lldap -llber EXPERIMENTAL_LMDB=yes LOOKUP_LIBS+=-llmdb %endif +DLOPEN_LOCAL_SCAN=yes EOF # have to be after Local/Makefile-Linux creation diff --git a/exim4-EDITME.patch b/exim4-EDITME.patch index d5f67c9..e22fef4 100644 --- a/exim4-EDITME.patch +++ b/exim4-EDITME.patch @@ -1,6 +1,5 @@ -diff -urN exim-4.64.org/src/EDITME exim-4.64/src/EDITME ---- exim-4.64.org/src/EDITME 2006-12-20 10:46:04.000000000 +0100 -+++ exim-4.64/src/EDITME 2006-12-21 16:57:08.676246750 +0100 +--- exim-4.93/src/EDITME.org 2019-12-11 07:24:16.057781209 +0100 ++++ exim-4.93/src/EDITME 2019-12-11 07:24:21.077926862 +0100 @@ -100,7 +100,7 @@ # /usr/local/sbin. The installation script will try to create this directory, # and any superior directories, if they do not exist. @@ -10,7 +9,7 @@ diff -urN exim-4.64.org/src/EDITME exim-4.64/src/EDITME #------------------------------------------------------------------------------ -@@ -116,7 +116,7 @@ +@@ -116,7 +116,7 @@ BIN_DIRECTORY=/usr/exim/bin # don't exist. It will also install a default runtime configuration if this # file does not exist. @@ -19,9 +18,9 @@ diff -urN exim-4.64.org/src/EDITME exim-4.64/src/EDITME # It is possible to specify a colon-separated list of files for CONFIGURE_FILE. # In this case, Exim will use the first of them that exists when it is run. -@@ -134,7 +134,8 @@ - # owner of a local mailbox.) Specifying these values as root is very strongly - # discouraged. +@@ -133,7 +133,8 @@ CONFIGURE_FILE=/usr/exim/configure + # deliveries. (Local deliveries run as various non-root users, typically as the + # owner of a local mailbox.) Specifying these values as root is not supported. -EXIM_USER= +EXIM_UID=79 @@ -29,7 +28,22 @@ diff -urN exim-4.64.org/src/EDITME exim-4.64/src/EDITME # If you specify EXIM_USER as a name, this is looked up at build time, and the # uid number is built into the binary. However, you can specify that this -@@ -214,7 +215,7 @@ +@@ -211,11 +212,11 @@ SPOOL_DIRECTORY=/var/spool/exim + # If you are buliding with TLS, the library configuration must be done: + + # Uncomment this if you are using OpenSSL +-# USE_OPENSSL=yes ++USE_OPENSSL=yes + # Uncomment one of these settings if you are using OpenSSL; pkg-config vs not + # and an optional location. +-# USE_OPENSSL_PC=openssl +-# TLS_LIBS=-lssl -lcrypto ++USE_OPENSSL_PC=openssl ++TLS_LIBS=-lssl -lcrypto + # TLS_LIBS=-L/usr/local/openssl/lib -lssl -lcrypto + + # Uncomment this if you are using GnuTLS +@@ -317,7 +318,7 @@ ROUTER_REDIRECT=yes # This one is very special-purpose, so is not included by default. @@ -38,7 +52,7 @@ diff -urN exim-4.64.org/src/EDITME exim-4.64/src/EDITME #------------------------------------------------------------------------------ -@@ -235,7 +236,7 @@ +@@ -338,7 +339,7 @@ TRANSPORT_SMTP=yes # This one is special-purpose, and commonly not required, so it is not # included by default. @@ -47,7 +61,7 @@ diff -urN exim-4.64.org/src/EDITME exim-4.64/src/EDITME #------------------------------------------------------------------------------ -@@ -244,9 +245,9 @@ +@@ -347,9 +348,9 @@ TRANSPORT_SMTP=yes # MBX, is included only when requested. If you do not know what this is about, # leave these settings commented out. @@ -60,7 +74,7 @@ diff -urN exim-4.64.org/src/EDITME exim-4.64/src/EDITME #------------------------------------------------------------------------------ -@@ -263,15 +264,15 @@ +@@ -407,8 +408,8 @@ LOOKUP_DBM=yes LOOKUP_LSEARCH=yes LOOKUP_DNSDB=yes @@ -69,26 +83,36 @@ diff -urN exim-4.64.org/src/EDITME exim-4.64/src/EDITME +LOOKUP_CDB=yes +LOOKUP_DSEARCH=yes # LOOKUP_IBASE=yes + # LOOKUP_JSON=yes # LOOKUP_LDAP=yes - # LOOKUP_MYSQL=yes - # LOOKUP_MYSQL_PC=mariadb +@@ -417,7 +418,7 @@ LOOKUP_DNSDB=yes # LOOKUP_NIS=yes # LOOKUP_NISPLUS=yes # LOOKUP_ORACLE=yes -# LOOKUP_PASSWD=yes +LOOKUP_PASSWD=yes # LOOKUP_PGSQL=yes + # LOOKUP_REDIS=yes # LOOKUP_SQLITE=yes -@@ -391,7 +391,7 @@ EXIM_MONITOR=eximon.bin +@@ -500,7 +500,7 @@ SUPPORT_DANE=yes + # files are defaulted in the OS/Makefile-Default file, but can be overridden in + # local OS-specific make files. + +-# EXIM_MONITOR=eximon.bin ++EXIM_MONITOR=eximon.bin + + + #------------------------------------------------------------------------------ +@@ -509,7 +510,7 @@ SUPPORT_DANE=yes # and the MIME ACL. Please read the documentation to learn more about these # features. -# WITH_CONTENT_SCAN=yes +WITH_CONTENT_SCAN=yes - #------------------------------------------------------------------------------ - # If you're using ClamAV and are backporting fixes to an old version, instead -@@ -629,15 +630,15 @@ FIXED_NEVER_USERS=root + # If you have content scanning you may wish to only include some of the scanner + # interfaces. Uncomment any of these lines to remove that code. +@@ -752,18 +753,18 @@ FIXED_NEVER_USERS=root # included in the Exim binary. You will then need to set up the run time # configuration to make use of the mechanism(s) selected. @@ -97,6 +121,7 @@ diff -urN exim-4.64.org/src/EDITME exim-4.64/src/EDITME # AUTH_CYRUS_SASL=yes -# AUTH_DOVECOT=yes +AUTH_DOVECOT=yes + # AUTH_EXTERNAL=yes # AUTH_GSASL=yes # AUTH_GSASL_PC=libgsasl # AUTH_HEIMDAL_GSSAPI=yes @@ -109,7 +134,9 @@ diff -urN exim-4.64.org/src/EDITME exim-4.64/src/EDITME +AUTH_SPA=yes +AUTH_TLS=yes -@@ -610,7 +611,7 @@ + # Heimdal through 1.5 required pkg-config 'heimdal-gssapi'; Heimdal 7.1 + # requires multiple pkg-config files to work with Exim, so the second example +@@ -787,7 +788,7 @@ FIXED_NEVER_USERS=root # one that is set in the headers_charset option. The default setting is # defined by this setting: @@ -118,22 +145,7 @@ diff -urN exim-4.64.org/src/EDITME exim-4.64/src/EDITME # If you are going to make use of $header_xxx expansions in your configuration # file, or if your users are going to use them in filter files, and the normal -@@ -690,11 +691,11 @@ - # leave these settings commented out. - - # This setting is required for any TLS support (either OpenSSL or GnuTLS) --# SUPPORT_TLS=yes -+SUPPORT_TLS=yes - - # Uncomment one of these settings if you are using OpenSSL; pkg-config vs not --# USE_OPENSSL_PC=openssl --# TLS_LIBS=-lssl -lcrypto -+USE_OPENSSL_PC=openssl -+TLS_LIBS=-lssl -lcrypto - - # Uncomment the first and either the second or the third of these if you - # are using GnuTLS. If you have pkg-config, then the second, else the third. -@@ -630,7 +631,7 @@ +@@ -883,7 +898,7 @@ HEADERS_CHARSET="ISO-8859-1" # Once you have done this, "make install" will build the info files and # install them in the directory you have defined. @@ -142,7 +154,7 @@ diff -urN exim-4.64.org/src/EDITME exim-4.64/src/EDITME #------------------------------------------------------------------------------ -@@ -643,7 +644,7 @@ +@@ -896,7 +911,7 @@ HEADERS_CHARSET="ISO-8859-1" # %s. This will be replaced by one of the strings "main", "panic", or "reject" # to form the final file names. Some installations may want something like this: @@ -151,7 +163,7 @@ diff -urN exim-4.64.org/src/EDITME exim-4.64/src/EDITME # which results in files with names /var/log/exim_mainlog, etc. The directory # in which the log files are placed must exist; Exim does not try to create -@@ -692,7 +693,7 @@ +@@ -945,7 +960,7 @@ EXICYCLOG_MAX=10 # files. Both the name of the command and the suffix that it adds to files # need to be defined here. See also the EXICYCLOG_MAX configuration. @@ -160,7 +172,7 @@ diff -urN exim-4.64.org/src/EDITME exim-4.64/src/EDITME COMPRESS_SUFFIX=gz -@@ -700,7 +701,7 @@ +@@ -960,7 +975,7 @@ COMPRESS_SUFFIX=gz # ZCAT_COMMAND=zcat # # Or specify the full pathname: @@ -169,7 +181,7 @@ diff -urN exim-4.64.org/src/EDITME exim-4.64/src/EDITME #------------------------------------------------------------------------------ # Compiling in support for embedded Perl: If you want to be able to -@@ -709,7 +710,7 @@ +@@ -968,7 +983,7 @@ ZCAT_COMMAND=/usr/bin/zcat # (version 5.004 or later) installed, set EXIM_PERL to perl.o. Using embedded # Perl costs quite a lot of resources. Only do this if you really need it. @@ -178,7 +190,7 @@ diff -urN exim-4.64.org/src/EDITME exim-4.64/src/EDITME #------------------------------------------------------------------------------ -@@ -719,7 +720,7 @@ +@@ -978,7 +993,7 @@ ZCAT_COMMAND=/usr/bin/zcat # that the local_scan API is made available by the linker. You may also need # to add -ldl to EXTRALIBS so that dlopen() is available to Exim. @@ -187,7 +199,7 @@ diff -urN exim-4.64.org/src/EDITME exim-4.64/src/EDITME #------------------------------------------------------------------------------ -@@ -729,11 +730,12 @@ +@@ -988,11 +1003,12 @@ ZCAT_COMMAND=/usr/bin/zcat # support, which is intended for use in conjunction with the SMTP AUTH # facilities, is included only when requested by the following setting: @@ -200,9 +212,9 @@ diff -urN exim-4.64.org/src/EDITME exim-4.64/src/EDITME +EXTRALIBS=-lpam -ldl #------------------------------------------------------------------------------ - # Support for authentication via Radius is also available. The Exim support, -@@ -780,7 +782,7 @@ - # /var/pwcheck) and chown it to exim's user and group. Once you have installed + # Proxying. +@@ -1079,7 +1095,7 @@ ZCAT_COMMAND=/usr/bin/zcat + # /var/pwcheck) and chown it to Exim's user and group. Once you have installed # pwcheck, you should arrange for it to be started by root at boot time. -# CYRUS_PWCHECK_SOCKET=/var/pwcheck/pwcheck @@ -210,7 +222,7 @@ diff -urN exim-4.64.org/src/EDITME exim-4.64/src/EDITME #------------------------------------------------------------------------------ -@@ -797,7 +799,7 @@ +@@ -1096,7 +1112,7 @@ ZCAT_COMMAND=/usr/bin/zcat # group. Once you have installed saslauthd, you should arrange for it to be # started by root at boot time. @@ -219,7 +231,7 @@ diff -urN exim-4.64.org/src/EDITME exim-4.64/src/EDITME #------------------------------------------------------------------------------ -@@ -857,7 +859,7 @@ +@@ -1163,7 +1179,7 @@ SYSTEM_ALIASES_FILE=/etc/aliases # is "yes", as well as supporting line editing, a history of input lines in the # current run is maintained. @@ -228,7 +240,7 @@ diff -urN exim-4.64.org/src/EDITME exim-4.64/src/EDITME # You may need to add -ldl to EXTRALIBS when you set USE_READLINE=yes. # Note that this option adds to the size of the Exim binary, because the -@@ -932,7 +934,7 @@ +@@ -1253,7 +1269,7 @@ EXIM_TMPDIR="/tmp" # period (for example, /usr/exim/configure.host.in.some.domain). If this file # does not exist, then the bare configuration file name is tried. @@ -237,7 +249,7 @@ diff -urN exim-4.64.org/src/EDITME exim-4.64/src/EDITME #------------------------------------------------------------------------------ -@@ -1105,7 +1107,7 @@ +@@ -1432,7 +1448,7 @@ EXIM_TMPDIR="/tmp" # be changed here. The default is 0640 so that information from the spool is # available to anyone who is a member of the Exim group. @@ -246,11 +258,12 @@ diff -urN exim-4.64.org/src/EDITME exim-4.64/src/EDITME #------------------------------------------------------------------------------ -@@ -1164,6 +1166,6 @@ +@@ -1478,7 +1494,7 @@ EXIM_TMPDIR="/tmp" # feature should only be used in very exceptional circumstances. YOU HAVE BEEN # WARNED. -# ENABLE_DISABLE_FSYNC=yes +ENABLE_DISABLE_FSYNC=yes - # End of EDITME for Exim 4. + #------------------------------------------------------------------------------ + # For development, add this to include code to time various stages and report. diff --git a/localscan_dlopen_exim_4.20_or_better.patch b/localscan_dlopen_exim_4.20_or_better.patch index 33a735e..edb18be 100644 --- a/localscan_dlopen_exim_4.20_or_better.patch +++ b/localscan_dlopen_exim_4.20_or_better.patch @@ -1,24 +1,22 @@ -The initial version of this patch was originally posted David Woodhouse, and -dman gets the credit for first integrating it with SA-Exim. +Description: Allow one to use and switch between different local_scan functions + without recompiling exim. + http://marc.merlins.org/linux/exim/files/sa-exim-current/ Original patch from + David Woodhouse, modified first by Derrick 'dman' Hudson and then by Marc + MERLIN for SA-Exim and minor/major API version tracking +Author: David Woodhouse, Derrick 'dman' Hudson, Marc MERLIN +Origin: other, http://marc.merlins.org/linux/exim/files/sa-exim-current/ +Forwarded: no +Last-Update: 2019-10-20 -I have since then maintained it by first making a few minor changes, and -later switching it to a major/minor number scheme to support upgrades in -the exim API that don't affect backward compatibility (you can rely on -a feature denoted by the minor number and be compatible with future versions -of exim until Philip has to break the API and increase the major number) - -Marc MERLIN - -diff -urN exim-4.14-0/src/EDITME exim-4.14-1/src/EDITME ---- exim-4.14-0/src/EDITME Tue Mar 11 04:20:18 2003 -+++ exim-4.14-1/src/EDITME Sun Mar 23 15:34:15 2003 -@@ -388,6 +388,20 @@ +--- a/src/EDITME ++++ b/src/EDITME +@@ -868,6 +868,21 @@ HEADERS_CHARSET="ISO-8859-1" #------------------------------------------------------------------------------ +# On systems which support dynamic loading of shared libraries, Exim can +# load a local_scan function specified in its config file instead of having -+# to be recompiled with the desired local_scan function. For a full ++# to be recompiled with the desired local_scan function. For a full +# description of the API to this function, see the Exim specification. + +DLOPEN_LOCAL_SCAN=yes @@ -27,58 +25,54 @@ diff -urN exim-4.14-0/src/EDITME exim-4.14-1/src/EDITME +# linker flags. Without it, the loaded .so won't be able to access any +# functions from exim. + -+LFLAGS=-rdynamic -ldl ++LDFLAGS += -rdynamic ++CFLAGS += -fvisibility=hidden + +#------------------------------------------------------------------------------ # The default distribution of Exim contains only the plain text form of the # documentation. Other forms are available separately. If you want to install # the documentation in "info" format, first fetch the Texinfo documentation -diff -urNad 50_localscan_dlopen.tmp/src/config.h.defaults 50_localscan_dlopen/src/config.h.defaults ---- 50_localscan_dlopen.tmp/src/config.h.defaults Sun Dec 29 11:55:42 2002 -+++ 50_localscan_dlopen/src/config.h.defaults Sun Dec 29 11:56:44 2002 -@@ -17,6 +17,8 @@ - #define AUTH_PLAINTEXT - #define AUTH_SPA +--- a/src/config.h.defaults ++++ b/src/config.h.defaults +@@ -33,6 +33,8 @@ Do not put spaces between # and the 'def + + #define AUTH_VARS 3 +#define DLOPEN_LOCAL_SCAN + #define BIN_DIRECTORY #define CONFIGURE_FILE -diff -urN exim-4.14-0/src/globals.c exim-4.14-1/src/globals.c ---- exim-4.14-0/src/globals.c Tue Mar 11 04:20:20 2003 -+++ exim-4.14-1/src/globals.c Sun Mar 23 15:34:15 2003 -@@ -103,6 +103,9 @@ - uschar *tls_verify_hosts = NULL; - #endif +--- a/src/globals.c ++++ b/src/globals.c +@@ -115,6 +115,10 @@ int dsn_ret = 0; + const pcre *regex_DSN = NULL; + uschar *dsn_advertise_hosts = NULL; +#ifdef DLOPEN_LOCAL_SCAN +uschar *local_scan_path = NULL; +#endif - - /* Input-reading functions for messages, so we can use special ones for - incoming TCP/IP. The defaults use stdin. We never need these for any -diff -urN exim-4.14-0/src/globals.h exim-4.14-1/src/globals.h ---- exim-4.14-0/src/globals.h Tue Mar 11 04:20:20 2003 -+++ exim-4.14-1/src/globals.h Sun Mar 23 15:34:15 2003 -@@ -67,6 +67,9 @@ - extern uschar *tls_verify_hosts; /* Mandatory client verification */ - #endif ++ + #ifndef DISABLE_TLS + BOOL gnutls_compat_mode = FALSE; + BOOL gnutls_allow_auto_pkcs11 = FALSE; +--- a/src/globals.h ++++ b/src/globals.h +@@ -144,6 +144,9 @@ extern int dsn_ret; / + extern const pcre *regex_DSN; /* For recognizing DSN settings */ + extern uschar *dsn_advertise_hosts; /* host for which TLS is advertised */ +#ifdef DLOPEN_LOCAL_SCAN +extern uschar *local_scan_path; /* Path to local_scan() library */ +#endif - /* Input-reading functions for messages, so we can use special ones for incoming TCP/IP. */ -diff -urN exim-4.14-0/src/local_scan.c exim-4.14-1/src/local_scan.c ---- exim-4.14-0/src/local_scan.c Tue Mar 11 04:20:20 2003 -+++ exim-4.14-1/src/local_scan.c Sun Mar 23 15:34:15 2003 -@@ -5,61 +5,131 @@ - /* Copyright (c) University of Cambridge 1995 - 2003 */ + +--- a/src/local_scan.c ++++ b/src/local_scan.c +@@ -6,22 +6,6 @@ /* See the file NOTICE for conditions of use and distribution. */ -+#include "exim.h" -/****************************************************************************** -This file contains a template local_scan() function that just returns ACCEPT. @@ -96,13 +90,13 @@ diff -urN exim-4.14-0/src/local_scan.c exim-4.14-1/src/local_scan.c -******************************************************************************/ - - --/* This is the only Exim header that you should include. The effect of --including any other Exim header is not defined, and may change from release to --release. Use only the documented interface! */ -- --#include "local_scan.h" -- -- + /* This is the only Exim header that you should include. The effect of + including any other Exim header is not defined, and may change from release to + release. Use only the documented interface! */ +@@ -29,37 +13,129 @@ release. Use only the documented interfa + #include "local_scan.h" + + -/* This is a "do-nothing" version of a local_scan() function. The arguments -are: - @@ -169,8 +163,8 @@ diff -urN exim-4.14-0/src/local_scan.c exim-4.14-1/src/local_scan.c +else +#endif + return LOCAL_SCAN_ACCEPT; -+} -+ + } + +#ifdef DLOPEN_LOCAL_SCAN + +static int load_local_scan_library(void) @@ -244,20 +238,46 @@ diff -urN exim-4.14-0/src/local_scan.c exim-4.14-1/src/local_scan.c + { + dlclose(local_scan_lib); + log_write(0, LOG_MAIN|LOG_REJECT, "local_scan() library doesn't contain " -+ "local_scan() function - message temporarily rejected"); ++ "local_scan() function - message temporarily rejected"); + return FALSE; + } -+ +return TRUE; - } ++} + +#endif /* DLOPEN_LOCAL_SCAN */ - ++ ++ /* End of local_scan.c */ -diff -urN exim-4.14-0/src/readconf.c exim-4.14-1/src/readconf.c ---- exim-4.14-0/src/readconf.c Tue Mar 11 04:20:22 2003 -+++ exim-4.14-1/src/readconf.c Sun Mar 23 15:34:15 2003 -@@ -182,6 +182,9 @@ +--- a/src/local_scan.h ++++ b/src/local_scan.h +@@ -17,6 +17,7 @@ settings, and the store functions. */ + + #include + #include ++#pragma GCC visibility push(default) + #include "config.h" + #include "mytypes.h" + #include "store.h" +@@ -149,6 +150,9 @@ extern header_line *header_list; / + extern BOOL host_checking; /* Set when checking a host */ + extern uschar *interface_address; /* Interface for incoming call */ + extern int interface_port; /* Port number for incoming call */ ++#ifdef DLOPEN_LOCAL_SCAN ++extern uschar *local_scan_path; ++#endif + extern uschar *message_id; /* Internal id of message being handled */ + extern uschar *received_protocol; /* Name of incoming protocol */ + extern int recipients_count; /* Number of recipients */ +@@ -207,4 +211,6 @@ extern uschar * string_copyn_function(co + extern uschar * string_copy_taint_function(const uschar *, BOOL tainted); + #endif + ++#pragma GCC visibility pop ++ + /* End of local_scan.h */ +--- a/src/readconf.c ++++ b/src/readconf.c +@@ -203,6 +203,9 @@ static optionlist optionlist_config[] = { "local_from_prefix", opt_stringptr, &local_from_prefix }, { "local_from_suffix", opt_stringptr, &local_from_suffix }, { "local_interfaces", opt_stringptr, &local_interfaces }, @@ -267,3 +287,21 @@ diff -urN exim-4.14-0/src/readconf.c exim-4.14-1/src/readconf.c #ifdef HAVE_LOCAL_SCAN { "local_scan_timeout", opt_time, &local_scan_timeout }, #endif +--- a/src/string.c ++++ b/src/string.c +@@ -413,6 +413,7 @@ return ss; + + #if (defined(HAVE_LOCAL_SCAN) || defined(EXPAND_DLFUNC)) \ + && !defined(MACRO_PREDEF) && !defined(COMPILE_UTILITY) ++#pragma GCC visibility push(default) + /************************************************* + * Copy and save string * + *************************************************/ +@@ -465,6 +466,7 @@ Ustrncpy(ss, s, n); + ss[n] = 0; + return ss; + } ++#pragma GCC visibility pop + #endif + + -- 2.44.0