From cda837930ba24df71295c48806b3bf45503f5b65 Mon Sep 17 00:00:00 2001 From: David Woodhouse Date: Tue, 19 Apr 2005 04:06:04 +0000 Subject: [PATCH 001/194] auto-import exim-4.50-2 on branch devel from exim-4.50-2.src.rpm --- .cvsignore | 2 + exim-4.24-libdir.patch | 13 + exim-4.24-no_libc5.patch | 29 ++ exim-4.33-cyrus.patch | 18 ++ exim-4.43-pamconfig.patch | 63 ++++ exim-4.50-config.patch | 289 ++++++++++++++++++ exim-4.50-spamdconf.patch | 86 ++++++ exim-rhl.patch | 22 ++ exim.init | 88 ++++++ exim.logrotate | 7 + exim.pam | 2 + exim.spec | 627 ++++++++++++++++++++++++++++++++++++++ exim.sysconfig | 2 + sources | 2 + 14 files changed, 1250 insertions(+) create mode 100644 exim-4.24-libdir.patch create mode 100644 exim-4.24-no_libc5.patch create mode 100644 exim-4.33-cyrus.patch create mode 100644 exim-4.43-pamconfig.patch create mode 100644 exim-4.50-config.patch create mode 100644 exim-4.50-spamdconf.patch create mode 100644 exim-rhl.patch create mode 100644 exim.init create mode 100644 exim.logrotate create mode 100644 exim.pam create mode 100644 exim.spec create mode 100644 exim.sysconfig diff --git a/.cvsignore b/.cvsignore index e69de29..6d7760a 100644 --- a/.cvsignore +++ b/.cvsignore @@ -0,0 +1,2 @@ +exim-4.50.tar.bz2 +sa-exim-4.2.tar.gz diff --git a/exim-4.24-libdir.patch b/exim-4.24-libdir.patch new file mode 100644 index 0000000..7144305 --- /dev/null +++ b/exim-4.24-libdir.patch @@ -0,0 +1,13 @@ +--- exim-4.24/OS/Makefile-Linux.libdir 2003-09-22 10:29:52.000000000 +0200 ++++ exim-4.24/OS/Makefile-Linux 2003-11-13 12:05:15.000000000 +0100 +@@ -17,8 +17,8 @@ + + X11=/usr/X11R6 + XINCLUDE=-I$(X11)/include +-XLFLAGS=-L$(X11)/lib +-X11_LD_LIB=$(X11)/lib ++XLFLAGS=-L$(X11)/$(_lib) ++X11_LD_LIB=$(X11)/$(_lib) + + EXIWHAT_PS_ARG=ax + EXIWHAT_EGREP_ARG='/exim( |$$)' diff --git a/exim-4.24-no_libc5.patch b/exim-4.24-no_libc5.patch new file mode 100644 index 0000000..9884853 --- /dev/null +++ b/exim-4.24-no_libc5.patch @@ -0,0 +1,29 @@ +--- exim-4.24/scripts/os-type.no_libc5 2003-11-13 11:09:34.777973822 +0100 ++++ exim-4.24/scripts/os-type 2003-11-13 11:09:36.175695694 +0100 +@@ -125,16 +125,16 @@ + # easy enough to do a better check, and check the symlink destination or the + # control file contents and make sure. + +-Linux) if [ -L /usr/lib/libc.so ]; then +- if [ x"$(file /usr/lib/libc.so | grep "libc.so.5")"x != xx ]; then +- os=Linux-libc5 +- fi +- else +- if grep -q libc.so.5 /usr/lib/libc.so; then +- os=Linux-libc5 +- fi +- fi +- ;; ++#Linux) if [ -L /usr/lib/libc.so ]; then ++# if [ x"$(file /usr/lib/libc.so | grep "libc.so.5")"x != xx ]; then ++# os=Linux-libc5 ++# fi ++# else ++# if grep -q libc.so.5 /usr/lib/libc.so; then ++# os=Linux-libc5 ++# fi ++# fi ++# ;; + + # In the case of NetBSD we need to distinguish between a.out, ELF + # and COFF binary formats. However, a.out and COFF are the same diff --git a/exim-4.33-cyrus.patch b/exim-4.33-cyrus.patch new file mode 100644 index 0000000..bcd144c --- /dev/null +++ b/exim-4.33-cyrus.patch @@ -0,0 +1,18 @@ +--- exim-4.33/src/configure.default.cyrus 2004-07-02 15:00:27.941635455 +0200 ++++ exim-4.33/src/configure.default 2004-07-02 15:41:39.505133889 +0200 +@@ -595,6 +595,15 @@ + driver = autoreply + + ++# This transport is used to deliver local mail to cyrus IMAP server via UNIX ++# socket. ++# ++#local_delivery: ++# driver = lmtp ++# command = "/usr/lib/cyrus-imapd/deliver -l" ++# batch_max = 20 ++# user = cyrus ++ + + ###################################################################### + # RETRY CONFIGURATION # diff --git a/exim-4.43-pamconfig.patch b/exim-4.43-pamconfig.patch new file mode 100644 index 0000000..e4dd0da --- /dev/null +++ b/exim-4.43-pamconfig.patch @@ -0,0 +1,63 @@ +--- exim-4.43/src/configure.default.pam 2004-12-16 13:27:55.000000000 +0000 ++++ exim-4.43/src/configure.default 2004-12-16 15:41:34.000000000 +0000 +@@ -238,6 +238,40 @@ + + timeout_frozen_after = 7d + ++# This option, if uncommented, allows Exim to listen on ports other than ++# just the default port 25. For example, you may wish Exim to sldo listen ++# on the 'message submission' port 587 for roaming clients which cannot ++# use port 25 directly from their current location. (cf. RFC 2476). ++# ++# daemon_smtp_ports = smtp : msa ++ ++# This option instructs Exim to advertise the availability of encrypted ++# connections to all hosts, and uses the certificate which is automatically ++# generated when the RPM is installed. You can disable TLS, should you need ++# to do so, by commenting out the three lines below. ++ ++tls_advertise_hosts = * ++tls_certificate = /usr/share/ssl/certs/exim.pem ++tls_privatekey = /usr/share/ssl/private/exim.pem ++ ++# This setting, if uncommented, allows users to authenticate using ++# their system passwords against saslauthd if they connect over a ++# secure connection. If you have network logins such as NIS or ++# Kerberos rather than only local users, then you possibly also want ++# to configure /etc/sysconfig/saslauthd to use the 'pam' mechanism ++# too. Once a user is authenticated, the acl_check_rcpt ACL then ++# allows them to relay through the system. ++# ++# auth_advertise_hosts = ${if eq {$tls_cipher}{}{}{*}} ++# ++# By default, we set this option to allow SMTP AUTH from nowhere ++# (Exim's default would be to allow it from anywhere, even on an ++# unencrypted connection). ++# ++# Comment this one out if you uncomment the above. Did you make sure ++# saslauthd is actually running first? ++# ++auth_advertise_hosts = + + + ###################################################################### +@@ -657,6 +691,19 @@ + + begin authenticators + ++plain: ++ driver = plaintext ++ public_name = PLAIN ++ server_prompts = : ++ server_condition = "${if saslauthd{{$2}{$3}{smtp}} {1}}" ++ server_set_id = $2 ++ ++login: ++ driver = plaintext ++ public_name = LOGIN ++ server_prompts = "Username:: : Password::" ++ server_condition = "${if saslauthd{{$1}{$2}{smtp}} {1}}" ++ server_set_id = $1 + + + ###################################################################### diff --git a/exim-4.50-config.patch b/exim-4.50-config.patch new file mode 100644 index 0000000..6b125a9 --- /dev/null +++ b/exim-4.50-config.patch @@ -0,0 +1,289 @@ +--- exim-4.50/Local/Makefile.conf 2005-02-22 19:12:14.000000000 +0000 ++++ exim-4.50/Local/Makefile 2005-02-22 19:15:10.000000000 +0000 +@@ -100,7 +100,7 @@ + # /usr/local/sbin. The installation script will try to create this directory, + # and any superior directories, if they do not exist. + +-BIN_DIRECTORY=/usr/exim/bin ++BIN_DIRECTORY=/usr/sbin + + + #------------------------------------------------------------------------------ +@@ -116,7 +116,7 @@ + # don't exist. It will also install a default runtime configuration if this + # file does not exist. + +-CONFIGURE_FILE=/usr/exim/configure ++CONFIGURE_FILE=/etc/exim/exim.conf + + # It is possible to specify a colon-separated list of files for CONFIGURE_FILE. + # In this case, Exim will use the first of them that exists when it is run. +@@ -134,7 +134,7 @@ + # owner of a local mailbox.) Specifying these values as root is very strongly + # discouraged. + +-EXIM_USER= ++EXIM_USER=93 + + # If you specify EXIM_USER as a name, this is looked up at build time, and the + # uid number is built into the binary. However, you can specify that this +@@ -155,7 +155,7 @@ + # for EXIM_USER (e.g. EXIM_USER=exim), you don't need to set EXIM_GROUP unless + # you want to use a group other than the default group for the given user. + +-# EXIM_GROUP= ++EXIM_GROUP=93 + + # Many sites define a user called "exim", with an appropriate default group, + # and use +@@ -229,7 +229,7 @@ + # This one is special-purpose, and commonly not required, so it is not + # included by default. + +-# TRANSPORT_LMTP=yes ++TRANSPORT_LMTP=yes + + + #------------------------------------------------------------------------------ +@@ -238,9 +238,9 @@ + # MBX, is included only when requested. If you do not know what this is about, + # leave these settings commented out. + +-# SUPPORT_MAILDIR=yes +-# SUPPORT_MAILSTORE=yes +-# SUPPORT_MBX=yes ++SUPPORT_MAILDIR=yes ++SUPPORT_MAILSTORE=yes ++SUPPORT_MBX=yes + + + #------------------------------------------------------------------------------ +@@ -255,16 +255,18 @@ + LOOKUP_DBM=yes + LOOKUP_LSEARCH=yes + +-# LOOKUP_CDB=yes +-# LOOKUP_DNSDB=yes +-# LOOKUP_DSEARCH=yes ++LOOKUP_CDB=yes ++LOOKUP_DNSDB=yes ++LOOKUP_DSEARCH=yes + # LOOKUP_IBASE=yes +-# LOOKUP_LDAP=yes ++LOOKUP_LDAP=yes ++LDAP_LIB_TYPE=OPENLDAP2 ++LOOKUP_LIBS=-lldap -llber + # LOOKUP_MYSQL=yes +-# LOOKUP_NIS=yes +-# LOOKUP_NISPLUS=yes ++LOOKUP_NIS=yes ++LOOKUP_NISPLUS=yes + # LOOKUP_ORACLE=yes +-# LOOKUP_PASSWD=yes ++LOOKUP_PASSWD=yes + # LOOKUP_PGSQL=yes + # LOOKUP_WHOSON=yes + +@@ -272,7 +274,7 @@ + # LOOKUP_LSEARCH is enabled. However, we retain these for backward + # compatibility. Setting one forces LOOKUP_LSEARCH if it is not set. + +-# LOOKUP_WILDLSEARCH=yes ++LOOKUP_WILDLSEARCH=yes + # LOOKUP_NWILDLSEARCH=yes + + +@@ -321,14 +323,14 @@ + # and the MIME ACL. Please read the documentation to learn more about these + # features. + +-# WITH_CONTENT_SCAN=yes ++WITH_CONTENT_SCAN=yes + + # If you want to use the deprecated "demime" condition in the DATA ACL, + # uncomment the line below. Doing so will also explicitly turn on the + # WITH_CONTENT_SCAN option. If possible, use the MIME ACL instead of + # the "demime" condition. + +-# WITH_OLD_DEMIME=yes ++WITH_OLD_DEMIME=yes + + #------------------------------------------------------------------------------ + # Compiling Exim with experimental features. These are documented in +@@ -464,10 +466,10 @@ + # included in the Exim binary. You will then need to set up the run time + # configuration to make use of the mechanism(s) selected. + +-# AUTH_CRAM_MD5=yes +-# AUTH_CYRUS_SASL=yes +-# AUTH_PLAINTEXT=yes +-# AUTH_SPA=yes ++AUTH_CRAM_MD5=yes ++AUTH_CYRUS_SASL=yes ++AUTH_PLAINTEXT=yes ++AUTH_SPA=yes + + + #------------------------------------------------------------------------------ +@@ -484,7 +486,7 @@ + # one that is set in the headers_charset option. The default setting is + # defined by this setting: + +-HEADERS_CHARSET="ISO-8859-1" ++HEADERS_CHARSET="UTF-8" + + # If you are going to make use of $header_xxx expansions in your configuration + # file, or if your users are going to use them in filter files, and the normal +@@ -504,7 +506,7 @@ + # the Sieve filter support. For those OS where iconv() is known to be installed + # as standard, the file in OS/Makefile-xxxx contains + # +-# HAVE_ICONV=yes ++HAVE_ICONV=yes + # + # If you are not using one of those systems, but have installed iconv(), you + # need to uncomment that line above. In some cases, you may find that iconv() +@@ -553,10 +555,11 @@ + # leave these settings commented out. + + # This setting is required for any TLS support (either OpenSSL or GnuTLS) +-# SUPPORT_TLS=yes ++SUPPORT_TLS=yes + + # Uncomment this setting if you are using OpenSSL +-# TLS_LIBS=-lssl -lcrypto ++TLS_INCLUDE=-I/usr/kerberos/include ++TLS_LIBS=-lssl -lcrypto + + # Uncomment these settings if you are using GnuTLS + # USE_GNUTLS=yes +@@ -607,7 +610,7 @@ + # Once you have done this, "make install" will build the info files and + # install them in the directory you have defined. + +-# INFO_DIRECTORY=/usr/share/info ++INFO_DIRECTORY=/usr/share/info + + + #------------------------------------------------------------------------------ +@@ -620,7 +623,7 @@ + # %s. This will be replaced by one of the strings "main", "panic", or "reject" + # to form the final file names. Some installations may want something like this: + +-# LOG_FILE_PATH=/var/log/exim_%slog ++LOG_FILE_PATH=/var/log/exim/%s.log + + # which results in files with names /var/log/exim_mainlog, etc. The directory + # in which the log files are placed must exist; Exim does not try to create +@@ -669,7 +672,7 @@ + # files. Both the name of the command and the suffix that it adds to files + # need to be defined here. See also the EXICYCLOG_MAX configuration. + +-COMPRESS_COMMAND=/usr/bin/gzip ++COMPRESS_COMMAND=/bin/gzip + COMPRESS_SUFFIX=gz + + +@@ -677,7 +680,7 @@ + # If the exigrep utility is fed compressed log files, it tries to uncompress + # them using this command. + +-ZCAT_COMMAND=/usr/bin/zcat ++ZCAT_COMMAND=/bin/zcat + + + #------------------------------------------------------------------------------ +@@ -686,7 +689,7 @@ + # (version 5.004 or later) installed, set EXIM_PERL to perl.o. Using embedded + # Perl costs quite a lot of resources. Only do this if you really need it. + +-# EXIM_PERL=perl.o ++EXIM_PERL=perl.o + + + #------------------------------------------------------------------------------ +@@ -696,7 +699,7 @@ + # support, which is intended for use in conjunction with the SMTP AUTH + # facilities, is included only when requested by the following setting: + +-# SUPPORT_PAM=yes ++SUPPORT_PAM=yes + + # You probably need to add -lpam to EXTRALIBS, and in some releases of + # GNU/Linux -ldl is also needed. +@@ -757,7 +760,7 @@ + # group. Once you have installed saslauthd, you should arrange for it to be + # started by root at boot time. + +-# CYRUS_SASLAUTHD_SOCKET=/var/state/saslauthd/mux ++CYRUS_SASLAUTHD_SOCKET=/var/run/saslauthd/mux + + + #------------------------------------------------------------------------------ +@@ -770,9 +773,9 @@ + # You may well also have to specify a local "include" file and an additional + # library for TCP wrappers, so you probably need something like this: + # +-# USE_TCP_WRAPPERS=yes +-# CFLAGS=-O -I/usr/local/include +-# EXTRALIBS_EXIM=-L/usr/local/lib -lwrap ++USE_TCP_WRAPPERS=yes ++CFLAGS=-g -O ++EXTRALIBS_EXIM=-lwrap -lpam -ldl + # + # but of course there may need to be other things in CFLAGS and EXTRALIBS_EXIM + # as well. +@@ -817,13 +820,13 @@ + # is "yes", as well as supporting line editing, a history of input lines in the + # current run is maintained. + +-# USE_READLINE=yes ++USE_READLINE=yes + + # You may need to add -ldl to EXTRA_LIBS when you set USE_READLINE=yes. + # Note that this option adds to the size of the Exim binary, because the + # dynamic loading library is not otherwise included. + +- ++HAVE_IPV6=yes + + ############################################################################### + # THINGS YOU ALMOST NEVER NEED TO MENTION # +@@ -844,11 +847,12 @@ + # haven't got Perl, Exim will still build and run; you just won't be able to + # use those utilities. + +-# CHOWN_COMMAND=/usr/bin/chown +-# CHGRP_COMMAND=/usr/bin/chgrp +-# MV_COMMAND=/bin/mv +-# RM_COMMAND=/bin/rm +-# PERL_COMMAND=/usr/bin/perl ++CHOWN_COMMAND=/bin/chown ++CHGRP_COMMAND=/bin/chgrp ++ ++MV_COMAND=/bin/mv ++RM_COMMAND=/bin/rm ++PERL_COMMAND=/usr/bin/perl + + + #------------------------------------------------------------------------------ +@@ -1042,7 +1046,7 @@ + # (process id) to a file so that it can easily be identified. The path of the + # file can be specified here. Some installations may want something like this: + +-# PID_FILE_PATH=/var/lock/exim.pid ++PID_FILE_PATH=/var/run/exim.pid + + # If PID_FILE_PATH is not defined, Exim writes a file in its spool directory + # using the name "exim-daemon.pid". +--- exim-4.50/scripts/Configure-Makefile.conf 2005-02-17 14:49:11.000000000 +0000 ++++ exim-4.50/scripts/Configure-Makefile 2005-02-22 19:12:21.000000000 +0000 +@@ -131,7 +131,7 @@ + + mv $mft $mftt + echo "PERL_CC=`$PERL_COMMAND -MConfig -e 'print $Config{cc}'`" >>$mft +- echo "PERL_CCOPTS=`$PERL_COMMAND -MExtUtils::Embed -e ccopts`" >>$mft ++ echo "PERL_CCOPTS=`$PERL_COMMAND -MExtUtils::Embed -e ccopts` \$(CFLAGS)" >>$mft + echo "PERL_LIBS=`$PERL_COMMAND -MExtUtils::Embed -e ldopts`" >>$mft + echo "" >>$mft + cat $mftt >> $mft diff --git a/exim-4.50-spamdconf.patch b/exim-4.50-spamdconf.patch new file mode 100644 index 0000000..3be0bac --- /dev/null +++ b/exim-4.50-spamdconf.patch @@ -0,0 +1,86 @@ +--- exim-4.50/src/configure.default.orig 2005-02-22 19:49:15.000000000 +0000 ++++ exim-4.50/src/configure.default 2005-02-22 19:46:55.000000000 +0000 +@@ -108,6 +108,26 @@ + + # You should not change that setting until you understand how ACLs work. + ++# The following ACL entries are used if you want to do content scanning with ++# the exiscan-acl patch. When you uncomment one of these lines, you must also ++# review the respective entries in the ACL section further below. ++ ++# acl_smtp_mime = acl_check_mime ++# acl_smtp_data = acl_check_content ++ ++# This configuration variable defines the virus scanner that is used with ++# the 'malware' ACL condition of the exiscan acl-patch. If you do not use ++# virus scanning, leave it commented. Please read doc/exiscan-acl-readme.txt ++# for a list of supported scanners. ++ ++# av_scanner = sophie:/var/run/sophie ++ ++# The following setting is only needed if you use the 'spam' ACL condition ++# of the exiscan-acl patch. It specifies on which host and port the SpamAssassin ++# "spamd" daemon is listening. If you do not use this condition, or you use ++# the default of "127.0.0.1 783", you can omit this option. ++ ++# spamd_address = 127.0.0.1 783 + + # Specify the domain you want to be added to all unqualified addresses + # here. An unqualified address is one that does not contain an "@" character +@@ -376,6 +396,56 @@ + deny message = relay not permitted + + ++# These access control lists are used for content scanning with the exiscan-acl ++# patch. You must also uncomment the entries for acl_smtp_data and acl_smtp_mime ++# (scroll up), otherwise the ACLs will not be used. IMPORTANT: the default entries here ++# should be treated as EXAMPLES. You MUST read the file doc/exiscan-acl-spec.txt ++# to fully understand what you are doing ... ++ ++acl_check_mime: ++ ++ # Decode MIME parts to disk. This will support virus scanners later. ++ warn decode = default ++ ++ # File extension filtering. ++ deny message = Blacklisted file extension detected ++ condition = ${if match \ ++ {${lc:$mime_filename}} \ ++ {\N(\.exe|\.pif|\.bat|\.scr|\.lnk|\.com)$\N} \ ++ {1}{0}} ++ ++# # Reject messages that carry chinese character sets. ++# # WARNING: This is an EXAMPLE. ++# deny message = Sorry, noone speaks chinese here ++# condition = ${if eq{$mime_charset}{gb2312}{1}{0}} ++ ++ accept ++ ++acl_check_content: ++ ++ # Reject virus infested messages. ++ deny message = This message contains malware ($malware_name) ++ malware = * ++ ++ # Always add X-Spam-Score and X-Spam-Report headers, using SA system-wide settings ++ # (user "nobody"), no matter if over threshold or not. ++ warn message = X-Spam-Score: $spam_score ($spam_bar) ++ spam = nobody:true ++ warn message = X-Spam-Report: $spam_report ++ spam = nobody:true ++ ++ # Add X-Spam-Flag if spam is over system-wide threshold ++ warn message = X-Spam-Flag: YES ++ spam = nobody ++ ++ # Reject spam messages with score over 10, using an extra condition. ++ deny message = This message scored $spam_score points. Congratulations! ++ spam = nobody:true ++ condition = ${if >{$spam_score_int}{100}{1}{0}} ++ ++ # finally accept all the rest ++ accept ++ + + ###################################################################### + # ROUTERS CONFIGURATION # diff --git a/exim-rhl.patch b/exim-rhl.patch new file mode 100644 index 0000000..a9d2ccf --- /dev/null +++ b/exim-rhl.patch @@ -0,0 +1,22 @@ +--- exim-4.32/src/configure.default.rhl 2004-04-15 04:27:01.000000000 -0400 ++++ exim-4.32/src/configure.default 2004-04-15 12:30:03.367749456 -0400 +@@ -411,7 +411,7 @@ + driver = redirect + allow_fail + allow_defer +- data = ${lookup{$local_part}lsearch{SYSTEM_ALIASES_FILE}} ++ data = ${lookup{$local_part}lsearch{/etc/aliases}} + # user = exim + file_transport = address_file + pipe_transport = address_pipe +@@ -491,8 +491,8 @@ + delivery_date_add + envelope_to_add + return_path_add +-# group = mail +-# mode = 0660 ++ group = mail ++ mode = 0660 + + + # This transport is used for handling pipe deliveries generated by alias or diff --git a/exim.init b/exim.init new file mode 100644 index 0000000..a22d6c2 --- /dev/null +++ b/exim.init @@ -0,0 +1,88 @@ +#!/bin/bash +# +# exim This shell script takes care of starting and stopping exim +# +# chkconfig: 2345 80 30 +# description: Exim is a Mail Transport Agent, which is the program \ +# that moves mail from one machine to another. +# processname: exim +# config: /etc/exim/exim.conf +# pidfile: /var/run/exim.pid + +# Source function library. +. /etc/init.d/functions + +# Source networking configuration. +. /etc/sysconfig/network + +# Source exim configureation. +if [ -f /etc/sysconfig/exim ] ; then + . /etc/sysconfig/exim +else + DAEMON=yes + QUEUE=1h +fi + +# Check that networking is up. +[ ${NETWORKING} = "no" ] && exit 0 + +[ -f /usr/sbin/exim ] || exit 0 + +start() { + # check ownerships + # do this by seeing if /var/log/exim/main.log exists and is + # owned by exim - if owned by someone else we fix it up + if [ -f /var/log/exim/main.log ] + then + if [ "exim" != "`ls -l /var/log/exim/main.log | awk '{print $4}'`" ] + then + chown -R exim:exim /var/log/exim /var/spool/exim + fi + fi + # Start daemons. + echo -n $"Starting exim: " + daemon /usr/sbin/exim $([ "$DAEMON" = yes ] && echo -bd) \ + $([ -n "$QUEUE" ] && echo -q$QUEUE) + RETVAL=$? + echo + [ $RETVAL = 0 ] && touch /var/lock/subsys/exim +} + +stop() { + # Stop daemons. + echo -n $"Shutting down exim: " + killproc exim + RETVAL=$? + echo + [ $RETVAL = 0 ] && rm -f /var/lock/subsys/exim +} + +restart() { + stop + start +} + +# See how we were called. +case "$1" in + start) + start + ;; + stop) + stop + ;; + restart) + restart + ;; + condrestart) + [ -f /var/lock/subsys/exim ] && restart || : + ;; + status) + status exim + ;; + *) + echo $"Usage: $0 {start|stop|restart|status|condrestart}" + exit 1 +esac + +exit $RETVAL + diff --git a/exim.logrotate b/exim.logrotate new file mode 100644 index 0000000..05f13b9 --- /dev/null +++ b/exim.logrotate @@ -0,0 +1,7 @@ +# daemon does not need restarting after log rotate +# so we do not prod it any more +/var/log/exim/*log { + missingok + notifempty + delaycompress +} diff --git a/exim.pam b/exim.pam new file mode 100644 index 0000000..7ab2336 --- /dev/null +++ b/exim.pam @@ -0,0 +1,2 @@ +auth required pam_stack.so service=system-auth +account required pam_stack.so service=system-auth diff --git a/exim.spec b/exim.spec new file mode 100644 index 0000000..f88ec89 --- /dev/null +++ b/exim.spec @@ -0,0 +1,627 @@ +Summary: The exim mail transfer agent +Name: exim +Version: 4.50 +Release: 2 +License: GPL +Url: http://www.exim.org/ +Group: System Environment/Daemons +Buildroot: %{_tmppath}/%{name}-build.root +Provides: MTA smtpd smtpdaemon /usr/bin/newaliases +Provides: /usr/sbin/sendmail /usr/bin/mailq /usr/bin/rmail +PreReq: /sbin/chkconfig +PreReq: /sbin/service +PreReq: %{_sbindir}/alternatives +PreReq: %{_sbindir}/groupadd, %{_sbindir}/useradd +Source: ftp://ftp.exim.org/pub/exim/exim-%{version}.tar.bz2 +Source2: exim.init +Source3: exim.sysconfig +Source4: exim.logrotate +Source11: exim.pam +Source13: http://marc.merlins.org/linux/exim/files/sa-exim-4.2.tar.gz +Patch4: exim-rhl.patch +Patch6: exim-4.50-config.patch +Patch7: exim-4.24-no_libc5.patch +Patch8: exim-4.24-libdir.patch +Patch12: exim-4.33-cyrus.patch +Patch13: exim-4.43-pamconfig.patch +Patch14: exim-4.50-spamdconf.patch + +Requires: /etc/aliases +BuildRequires: db4-devel openssl-devel openldap-devel XFree86-devel pam-devel +BuildRequires: lynx +BuildRequires: cyrus-sasl-devel openldap-devel openssl-devel +PreReq: cyrus-sasl openldap openssl + +%description +Exim is a mail transport agent (MTA) developed at the University of +Cambridge for use on Unix systems connected to the Internet. In style +it is similar to Smail 3, but its facilities are more extensive, and +in particular it has options for verifying incoming sender and +recipient addresses, for refusing mail from specified hosts, networks, +or senders, and for controlling mail relaying. Exim is in production +use at quite a few sites, some of which move hundreds of thousands of +messages per day. + +%package mon +Summary: X11 monitor application for exim +Group: Applications/System +License: Free + +%description mon +The Exim Monitor is an optional supplement to the Exim package. It +displays information about Exim's processing in an X window, and an +administrator can perform a number of control actions from the window +interface. + +%package sa +Summary: Exim SpamAssassin at SMTP time - d/l plugin +Group: System Environment/Daemons +Requires: exim + +%description sa +Allows running of SA on incoming mail and rejection at SMTP time as +well as other nasty things like teergrubing. + +%prep +%setup -q +%setup -q -T -D -a 13 +# patch sa +cat sa-exim*/localscan_dlopen_exim_4.20_or_better.patch | patch -p1 +cp src/EDITME Local/Makefile +cp exim_monitor/EDITME Local/eximon.conf + +%patch4 -p1 -b .rhl +%patch6 -p1 -b .config +%patch7 -p1 -b .no_libc5 +%patch8 -p1 -b .libdir +%patch12 -p1 -b .cyrus +%patch13 -p1 -b .pam +%patch14 -p1 -b .spamd + +%build +%ifnarch s390 s390x + make CFLAGS="$RPM_OPT_FLAGS -fpie" LFLAGS=-pie _lib=%{_lib} +%else + make CFLAGS="$RPM_OPT_FLAGS -fPIE" LFLAGS=-pie _lib=%{_lib} +%endif + +# build sa-exim +cd sa-exim* +perl -pi -e 's|\@lynx|HOME=/ /usr/bin/lynx|g;' Makefile +make SACONF=%{_sysconfdir}/exim/sa-exim.conf CFLAGS="$RPM_OPT_FLAGS -fPIC" + + +%install +rm -rf $RPM_BUILD_ROOT + +mkdir -p $RPM_BUILD_ROOT%{_sbindir} +mkdir -p $RPM_BUILD_ROOT%{_bindir} +mkdir -p $RPM_BUILD_ROOT%{_libdir} +mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}/pam.d +mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}/exim + +cd build-`scripts/os-type`-`scripts/arch-type` +install -m 4775 exim $RPM_BUILD_ROOT%{_sbindir} + +for i in eximon eximon.bin exim_dumpdb exim_fixdb exim_tidydb \ + exinext exiwhat exim_dbmbuild exicyclog exim_lock \ + exigrep eximstats exipick exiqgrep exiqsumm \ + exim_checkaccess convert4r4 +do + install -m 0775 $i $RPM_BUILD_ROOT%{_sbindir} +done + +cd .. + +install -m 0644 src/configure.default $RPM_BUILD_ROOT%{_sysconfdir}/exim/exim.conf +install -m 0644 $RPM_SOURCE_DIR/exim.pam $RPM_BUILD_ROOT%{_sysconfdir}/pam.d/exim + +mkdir -p $RPM_BUILD_ROOT/usr/lib +pushd $RPM_BUILD_ROOT/usr/lib +ln -sf ../sbin/exim sendmail.exim +popd + +pushd $RPM_BUILD_ROOT%{_sbindir}/ +ln -sf exim sendmail.exim +popd + +pushd $RPM_BUILD_ROOT%{_bindir}/ +ln -sf ../sbin/exim mailq.exim +ln -sf ../sbin/exim runq.exim +ln -sf ../sbin/exim rsmtp.exim +ln -sf ../sbin/exim rmail.exim +ln -sf ../sbin/exim newaliases.exim +popd + +install -d -m 0750 $RPM_BUILD_ROOT%{_var}/spool/exim +install -d -m 0750 $RPM_BUILD_ROOT%{_var}/spool/exim/db +install -d -m 0750 $RPM_BUILD_ROOT%{_var}/spool/exim/input +install -d -m 0750 $RPM_BUILD_ROOT%{_var}/spool/exim/msglog +install -d -m 0750 $RPM_BUILD_ROOT%{_var}/log/exim + +mkdir -p $RPM_BUILD_ROOT%{_mandir}/man8 +install -m644 doc/exim.8 $RPM_BUILD_ROOT%{_mandir}/man8/exim.8 +pod2man --center=EXIM --section=8 \ + $RPM_BUILD_ROOT/usr/sbin/eximstats \ + $RPM_BUILD_ROOT%{_mandir}/man8/eximstats.8 + +mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}/sysconfig +install -m 644 $RPM_SOURCE_DIR/exim.sysconfig $RPM_BUILD_ROOT%{_sysconfdir}/sysconfig/exim + +mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}/rc.d/init.d +install $RPM_SOURCE_DIR/exim.init $RPM_BUILD_ROOT%{_sysconfdir}/rc.d/init.d/exim + +mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}/logrotate.d +install -m 0644 $RPM_SOURCE_DIR/exim.logrotate $RPM_BUILD_ROOT%{_sysconfdir}/logrotate.d/exim + +# install sa +cd sa-exim* +mkdir -p $RPM_BUILD_ROOT%{_libexecdir}/exim +install *.so $RPM_BUILD_ROOT%{_libexecdir}/exim +install -m 644 *.conf $RPM_BUILD_ROOT%{_sysconfdir}/exim +ln -s sa-exim*.so $RPM_BUILD_ROOT%{_libexecdir}/exim/sa-exim.so + +# generate ghost .pem file +mkdir -p $RPM_BUILD_ROOT/%{_datadir}/ssl/{certs,private} +touch $RPM_BUILD_ROOT/%{_datadir}/ssl/{certs,private}/exim.pem +chmod 600 $RPM_BUILD_ROOT/%{_datadir}/ssl/{certs,private}/exim.pem + + +%clean +rm -rf $RPM_BUILD_ROOT + +%pre +%{_sbindir}/useradd -d %{_var}/spool/exim -s /sbin/nologin -G mail -M -r -u 93 exim 2>/dev/null +exit 0 + +%post +/sbin/chkconfig --add exim + +%{_sbindir}/alternatives --install %{_sbindir}/sendmail mta %{_sbindir}/sendmail.exim 10 \ + --slave %{_bindir}/mailq mta-mailq %{_bindir}/mailq.exim \ + --slave %{_bindir}/runq mta-runq %{_bindir}/runq.exim \ + --slave %{_bindir}/rsmtp mta-rsmtp %{_bindir}/rsmtp.exim \ + --slave %{_bindir}/rmail mta-rmail %{_bindir}/rmail.exim \ + --slave /etc/pam.d/smtp mta-pam /etc/pam.d/exim \ + --slave %{_bindir}/newaliases mta-newaliases %{_bindir}/newaliases.exim \ + --slave /usr/lib/sendmail mta-sendmail /usr/lib/sendmail.exim \ + --slave %{_mandir}/man1/mailq.1.gz mta-mailqman %{_mandir}/man8/exim.8.gz \ + --initscript exim + +if [ ! -f %{_datadir}/ssl/certs/exim.pem ] ; then + umask 077 + FQDN=`hostname` + if [ "x${FQDN}" = "x" ]; then + FQDN=localhost.localdomain + fi + cat << EOF | openssl req -new -x509 -days 365 -nodes -out %{_datadir}/ssl/certs/exim.pem -keyout %{_datadir}/ssl/private/exim.pem &>/dev/null +-- +SomeState +SomeCity +SomeOrganization +SomeOrganizationalUnit +${FQDN} +root@${FQDN} +EOF +chown exim.exim %{_datadir}/ssl/{private,certs}/exim.pem +chmod 600 %{_datadir}/ssl/{private,certs}/exim.pem +fi + +%preun +if [ $1 = 0 ]; then + /sbin/service exim stop > /dev/null 2>&1 + /sbin/chkconfig --del exim + %{_sbindir}/alternatives --remove mta %{_sbindir}/sendmail.exim +fi + +%postun +if [ "$1" -ge "1" ]; then + /sbin/service exim condrestart > /dev/null 2>&1 + mta=`readlink /etc/alternatives/mta` + if [ "$mta" == "%{_sbindir}/sendmail.exim" ]; then + /usr/sbin/alternatives --set mta %{_sbindir}/sendmail.exim + fi +fi + +%files +%defattr(-,root,root) +%attr(4755,root,root) %{_sbindir}/exim +%{_sbindir}/exim_dumpdb +%{_sbindir}/exim_fixdb +%{_sbindir}/exim_tidydb +%{_sbindir}/exinext +%{_sbindir}/exiwhat +%{_sbindir}/exim_dbmbuild +%{_sbindir}/exicyclog +%{_sbindir}/exigrep +%{_sbindir}/eximstats +%{_sbindir}/exipick +%{_sbindir}/exiqgrep +%{_sbindir}/exiqsumm +%{_sbindir}/exim_lock +%{_sbindir}/exim_checkaccess +%{_sbindir}/convert4r4 +%{_sbindir}/sendmail.exim +%{_bindir}/mailq.exim +%{_bindir}/runq.exim +%{_bindir}/rsmtp.exim +%{_bindir}/rmail.exim +%{_bindir}/newaliases.exim +/usr/lib/sendmail.exim +%{_mandir}/*/* + +%defattr(-,exim,exim) +%dir %{_var}/spool/exim +%dir %{_var}/spool/exim/db +%dir %{_var}/spool/exim/input +%dir %{_var}/spool/exim/msglog +%dir %{_var}/log/exim + +%defattr(-,root,mail) +%config(noreplace) %{_sysconfdir}/exim/exim.conf + +%defattr(-,root,root) +%config %{_sysconfdir}/sysconfig/exim +%config %{_sysconfdir}/rc.d/init.d/exim +%config %{_sysconfdir}/logrotate.d/exim +%config %{_sysconfdir}/pam.d/exim + +%doc ACKNOWLEDGMENTS LICENCE NOTICE README.UPDATING README +%doc doc util/unknownuser.sh + +%attr(0600,root,root) %ghost %config(missingok,noreplace) %verify(not md5 size mtime) %{_datadir}/ssl/certs/exim.pem +%attr(0600,root,root) %ghost %config(missingok,noreplace) %verify(not md5 size mtime) %{_datadir}/ssl/private/exim.pem + +%files mon +%defattr(-,root,root) +%{_sbindir}/eximon +%{_sbindir}/eximon.bin + +%files sa +%defattr(-,root,root) +%{_libexecdir}/exim +%config(noreplace) %{_sysconfdir}/exim/sa-*.conf +%doc sa-exim*/*.html +%doc sa-exim*/{ACKNOWLEDGEMENTS,INSTALL,LICENSE,TODO} + +%changelog +* Tue Feb 22 2005 David Woodhouse 4.50-2 +- Move exim-doc into a separate package + +* Tue Feb 22 2005 David Woodhouse 4.50-1 +- Update to Exim 4.50 and sa-exim 4.2 +- Default headers_charset to utf-8 +- Add sample spamd stuff to default configuration like exiscan-acl used to + +* Sat Jan 15 2005 David Woodhouse 4.44-1 +- Update to Exim 4.44 and exiscan-acl-4.44-28 + +* Tue Jan 4 2005 David Woodhouse 4.43-4 +- Fix buffer overflows in host_aton() and SPA authentication + +* Thu Dec 16 2004 David Woodhouse 4.43-3 +- Demonstrate SASL auth configuration in default config file +- Enable TLS and provide certificate if necessary +- Don't reject all GB2312 charset mail by default + +* Mon Dec 6 2004 Thomas Woerner 4.43-2 +- rebuild + +* Thu Oct 7 2004 Thomas Woerner 4.43-1 +- new version 4.43 with sasl support +- new exiscan-acl-4.43-28 +- new config.samples and FAQ-html (added publication date) +- new BuildRequires for cyrus-sasl-devel openldap-devel openssl-devel + and PreReq for cyrus-sasl openldap openssl + +* Mon Sep 13 2004 Thomas Woerner 4.42-2 +- update to sa-exim-4.1: fixes spamassassin's new score= string (#131796) + +* Fri Aug 27 2004 Thomas Woerner 4.42-1 +- new version 4.42 + +* Mon Aug 2 2004 Thomas Woerner 4.41-1 +- new version 4.41 + +* Fri Jul 2 2004 Thomas Woerner 4.34-3 +- added pre-definition of local_delivery using Cyrus-IMAP (#122912) +- added BuildRequires for pam-devel (#124555) +- fixed format string bugs (#125117) +- fixed sa-exim code placed wrong in spec file (#127102) +- extended postun with alternatives call + +* Tue Jun 15 2004 Elliot Lee +- rebuilt + +* Wed May 12 2004 David Woodhouse 4.34-1 +- Update to Exim 4.34, exiscan-acl 4.34-21 + +* Sat May 8 2004 David Woodhouse 4.33-2 +- fix buffer overflow in header_syntax check + +* Wed May 5 2004 David Woodhouse 4.33-1 +- Update to Exim 4.33, exiscan-acl 4.33-20 to + fix crashes both in exiscan-acl and Exim itself. + +* Fri Apr 30 2004 David Woodhouse 4.32-2 +- Enable IPv6 support, Cyrus saslauthd support, iconv. + +* Thu Apr 15 2004 David Woodhouse 4.32-1 +- update to Exim 4.32, exiscan-acl 4.32-17, sa-exim 4.0 +- Fix Provides: and Source urls. +- include exiqgrep, exim_checkaccess, exipick +- require /etc/aliases instead of setup + +* Tue Feb 24 2004 Thomas Woerner 4.30-6.1 +- rebuilt + +* Mon Feb 23 2004 Tim Waugh +- Use ':' instead of '.' as separator for chown. + +* Fri Feb 13 2004 Elliot Lee +- rebuilt + +* Tue Jan 27 2004 Thomas Woerner 4.30-5 +- /usr/lib/sendmail is in alternatives, now +- /etc/alises is now in setup: new Requires for setup >= 2.5.31-1 + +* Tue Jan 13 2004 Thomas Woerner 4.30-4 +- fixed group test in init script +- fixed config patch: use /etc/exim/exim.conf instead of /usr/exim/exim4.conf + +* Wed Dec 10 2003 Nigel Metheringham - 4.30-3 +- Use exim.8 manpage from upstream +- Add eximstats.8 man page (from pod) +- Fixed mailq(1) man page alternatives links + +* Mon Dec 08 2003 Florian La Roche +- do not package /etc/aliases. We currently require sendmail rpm until + /etc/aliases moves into a more suitable rpm like "setup" or something else. + +* Thu Dec 4 2003 Thomas Woerner 4.30-1 +- new version 4.30 +- new exiscan-acl-4.30-14 +- disabled pie for s390 and s390x + +* Wed Dec 3 2003 Tim Waugh +- Fixed PIE support to make it actually work. + +* Wed Dec 3 2003 Thomas Woerner 4.24-1.2 +- added -fPIE to CFLAGS + +* Sat Nov 15 2003 Thomas Woerner 4.24-1.1 +- fixed useradd in pre +- fixed alternatives in post + +* Thu Nov 13 2003 Thomas Woerner 4.24-1 +- new version 4.24 with LDAP and perl support +- added SpamAssassin sa plugin + +* Mon Sep 23 2002 Bernhard Rosenkraenzer 3.36-1 +- 3.36, fixes security bugs + +* Thu Jun 21 2001 Tim Waugh 3.22-14 +- Bump release number. + +* Tue Jun 12 2001 Tim Waugh 3.22-13 +- Remove pam-devel build dependency in order to share package between + Guinness and Seawolf. + +* Fri Jun 8 2001 Tim Waugh 3.22-12 +- Fix format string bug. + +* Wed May 2 2001 Tim Waugh 3.22-11 +- SIGALRM patch from maintainer (bug #20908). +- There's no README.IPV6 any more (bug #32378). +- Fix logrotate entry for exim's pidfile scheme (bug #35436). +- ignore_target_hosts crash fix from maintainer. +- Make the summary start with a capital letter. +- Add reload entry to initscript; use $0 in strings. + +* Sun Mar 4 2001 Tim Waugh 3.22-10 +- Make sure db ownership is correct on upgrade, since we don't run as + root when running as a daemon any more. + +* Fri Mar 2 2001 Tim Powers +- rebuilt against openssl-0.9.6-1 + +* Sat Feb 17 2001 Tim Waugh +- Run as user mail, group mail when we drop privileges (bug #28193). + +* Tue Feb 13 2001 Tim Powers +- added conflict with postfix + +* Thu Jan 25 2001 Tim Waugh +- Avoid using zero-length salt in crypteq expansion. + +* Tue Jan 23 2001 Tim Waugh +- Redo initscript internationalisation. +- Initscript uses bash not sh. + +* Mon Jan 22 2001 Tim Waugh +- Okay, the real bug was in libident. + +* Mon Jan 22 2001 Tim Waugh +- Revert the RST patch for now; if it's needed, it's a pidentd bug + and should be fixed there. + +* Mon Jan 22 2001 Tim Waugh +- 3.22. +- Build requires XFree86-devel. + +* Mon Jan 15 2001 Tim Waugh +- New-style prereqs. +- Initscript internationalisation. + +* Thu Jan 11 2001 Tim Waugh +- Security patch no longer required; 3.20 and later have a hide feature + to do the same thing. +- Mark exim.conf noreplace. +- Better libident (RST) patch. + +* Wed Jan 10 2001 Tim Waugh +- Fix eximconfig so that it tells the user the correct place to look + for documentation +- Fix configure.default to deliver mail as group mail so that local + delivery works + +* Tue Jan 09 2001 Tim Waugh +- 3.21 + +* Mon Jan 08 2001 Tim Waugh +- Enable TLS support (bug #23196) + +* Mon Jan 08 2001 Tim Waugh +- 3.20 (bug #21895). Absorbs configure.default patch +- Put URLs in source tags where applicable +- Add build requirement on pam-devel + +* Wed Oct 18 2000 Bernhard Rosenkraenzer +- Fix up eximconfig's header generation (we're not Debian), Bug #18068 +- BuildRequires db2-devel (Bug #18089) +- Fix typo in logrotate script (Bug #18308) +- Local delivery must be setuid to work (Bug #18314) +- Don't send TCP RST packages to ident (Bug #19048) + +* Wed Oct 18 2000 Bernhard Rosenkraenzer +- 3.16 +- fix security bug +- some specfile cleanups +- fix handling of RPM_OPT_FLAGS + +* Fri Aug 18 2000 Tim Powers +- fixed bug #16535, logrotate script changes + +* Thu Aug 17 2000 Tim Powers +- fixed bug #16460 +- fixed bug #16458 +- fixed bug #16476 + +* Wed Aug 2 2000 Tim Powers +- fixed bug #15142 + +* Fri Jul 28 2000 Than Ngo +- add missing restart function in startup script +- add rm -rf $RPM_BUILD_ROOT in install section +- use %%{_tmppath} + +* Fri Jul 28 2000 Tim Powers +- fixed initscript so that condrestart doesn't return 1 when the test fails + +* Mon Jul 24 2000 Prospector +- rebuilt + +* Mon Jul 17 2000 Tim Powers +- inits bakc to rc.d/init.d, using service to start inits + +* Thu Jul 13 2000 Tim Powers +- applied patch from bug #13890 + +* Mon Jul 10 2000 Tim Powers +- rebuilt + +* Thu Jul 06 2000 Tim Powers +- added patch submitted by , fixes bug #13539 + +* Thu Jul 06 2000 Tim Powers +- fixed broken prereq to require /etc/init.d + +* Tue Jun 27 2000 Tim Powers +- PreReq initscripts >= 5.20 + +* Mon Jun 26 2000 Tim Powers +- fix init.d script location +- add condrestart to init.d script + +* Wed Jun 14 2000 Nalin Dahyabhai +- migrate to system-auth setup + +* Tue Jun 6 2000 Tim Powers +- fixed man page location + +* Tue May 9 2000 Tim Powers +- rebuilt for 7.0 + +* Fri Feb 04 2000 Tim Powers +- fixed the groups to be in Red Hat groups. +- removed Vendor header since it is going to be marked Red Hat in our build + system. +- quiet setups +- strip binaries +- fixed so that man pages can be auto gzipped by new RPM (in files list + /usr/man/*/* ) +- built for Powertools 6.2 + +* Tue Jan 18 2000 Mark Bergsma +- Upgraded to exim 3.13 +- Removed i386 specialization +- Added syslog support + +* Wed Dec 8 1999 Mark Bergsma +- Upgraded to exim 3.12 +- Procmail no longer used as the delivery agent + +* Wed Dec 1 1999 Mark Bergsma +- Upgraded to exim 3.11 + +* Sat Nov 27 1999 Mark Bergsma +- Added /etc/pam.d/exim + +* Wed Nov 24 1999 Mark Bergsma +- Upgraded to exim 3.10 + +* Thu Nov 11 1999 Mark Bergsma +- Added eximconfig script, thanks to Mark Baker +- Exim now uses the Berkeley DB library. + +* Fri Aug 4 1999 Mark Bergsma +- Upgraded to version 3.03 +- Removed version number out of the spec file name. + +* Fri Jul 23 1999 Mark Bergsma +- Added embedded Perl support. +- Added tcp_wrappers support. +- Added extra documentation in a new doc subpackage. + +* Mon Jul 12 1999 Mark Bergsma +- Added /usr/sbin/sendmail as a link to exim. +- Fixed wrong filenames in logrotate entry. + +* Sun Jul 11 1999 Mark Bergsma +- Now using the '%changelog' tag. +- Removed the SysV init links - let chkconfig handle them. +- Replaced install -d with mkdir -p + +* Sat Jul 10 1999 Mark Bergsma +- Fixed owner of the exim-mon files - the owner is now root + +* Thu Jul 08 1999 Mark Bergsma +- Removed executable permission bits of /etc/exim.conf +- Removed setuid permission bits of all programs except exim +- Changed spool/log directory owner/groups to 'mail' +- Changed the default configuration file to make exim run + as user and group 'mail'. + +* Thu Jul 08 1999 Mark Bergsma +- Added the /usr/bin/rmail -> /usr/sbin/exim symlink. +- Added the convert4r3 script. +- Added the transport-filter.pl script to the documentation. + +* Thu Jul 08 1999 Mark Bergsma +- Added procmail transport and director, and made that the + default. +- Added the unknownuser.sh script to the documentation. + +* Thu Jul 08 1999 Mark Bergsma +- Added manpage for exim. +- Fixed symlinks pointing to targets under Buildroot. +- The exim logfiles will now only be removed when uninstalling, + not upgrading. + +* Wed Jul 07 1999 Mark Bergsma +- Added 'Obsoletes' header. +- Added several symlinks to /usr/sbin/exim. + +* Wed Jul 07 1999 Mark Bergsma +- First RPM packet release. +- Not tested on other architectures/OS'es than i386/Linux.. diff --git a/exim.sysconfig b/exim.sysconfig new file mode 100644 index 0000000..cada3c9 --- /dev/null +++ b/exim.sysconfig @@ -0,0 +1,2 @@ +DAEMON=yes +QUEUE=1h diff --git a/sources b/sources index e69de29..c9bc6be 100644 --- a/sources +++ b/sources @@ -0,0 +1,2 @@ +7844eff82171872f6b3971a4183368d9 exim-4.50.tar.bz2 +ad76f73c6b3d01caa88078e3e622745a sa-exim-4.2.tar.gz From 1641a9dbd33e93d7a1668f9f0d9f057518f562fb Mon Sep 17 00:00:00 2001 From: David Woodhouse Date: Wed, 4 May 2005 16:30:44 +0000 Subject: [PATCH 002/194] auto-import exim-4.51-1 on branch devel from exim-4.51-1.src.rpm --- .cvsignore | 2 +- exim-4.51-csa.2c.patch | 876 +++++++++++++++++++++++++++++++++++++++++ exim.spec | 12 +- sources | 2 +- 4 files changed, 887 insertions(+), 5 deletions(-) create mode 100644 exim-4.51-csa.2c.patch diff --git a/.cvsignore b/.cvsignore index 6d7760a..f4abd34 100644 --- a/.cvsignore +++ b/.cvsignore @@ -1,2 +1,2 @@ -exim-4.50.tar.bz2 sa-exim-4.2.tar.gz +exim-4.51.tar.bz2 diff --git a/exim-4.51-csa.2c.patch b/exim-4.51-csa.2c.patch new file mode 100644 index 0000000..ead38e2 --- /dev/null +++ b/exim-4.51-csa.2c.patch @@ -0,0 +1,876 @@ +--- doc/ChangeLog 4 May 2005 10:17:28 -0000 1.133 ++++ doc/ChangeLog 4 May 2005 10:42:03 -0000 +@@ -287,6 +287,8 @@ + from the Makefile to this script so that it can call the same version of + "make". + ++TF/02 Added support for Client SMTP Authorization. See NewStuff for details. ++ + + A note about Exim versions 4.44 and 4.50 + ---------------------------------------- +--- doc/NewStuff 3 May 2005 14:20:00 -0000 1.39 ++++ doc/NewStuff 4 May 2005 10:42:03 -0000 +@@ -181,6 +181,61 @@ + both kinds of timeout. A transport filter timeout is now identified in + the log output. + ++TF/02 Support for checking Client SMTP Authorization has been added. CSA is a ++ system which allows a site to advertise which machines are and are not ++ permitted to send email. This is done by placing special SRV records in ++ the DNS, which are looked up using the client's HELO domain. At this ++ time CSA is still an Internet-Draft. ++ ++ Client SMTP Authorization checks are performed by the ACL condition ++ verify=csa. This will fail if the client is not authorized. If there is ++ a DNS problem, or if no valid CSA SRV record is found, or if the client ++ is authorized, the condition succeeds. These three cases can be ++ distinguished using the expansion variable $csa_status, which can take ++ one of the values "fail", "defer", "unknown", or "ok". The condition ++ does not itself defer because that would be likely to cause problems ++ for legitimate email. ++ ++ The error messages produced by the CSA code include slightly more ++ detail. If $csa_status is "defer" this may be because of problems ++ looking up the CSA SRV record, or problems looking up the CSA target ++ address record. There are four reasons for $csa_status being "fail": ++ the client's host name is explicitly not authorized; the client's IP ++ address does not match any of the CSA target IP addresses; the client's ++ host name is authorized but it has no valid target IP addresses (e.g. ++ the target's addresses are IPv6 and the client is using IPv4); or the ++ client's host name has no CSA SRV record but a parent domain has ++ asserted that all subdomains must be explicitly authorized. ++ ++ The verify=csa condition can take an argument which is the domain to ++ use for the DNS query. The default is verify=csa/$sender_helo_name. ++ ++ This implementation includes an extension to CSA. If the query domain ++ is an address literal such as [192.0.2.95], or if it is a bare IP ++ address, Exim will search for CSA SRV records in the reverse DNS as if ++ the HELO domain was e.g. 95.2.0.192.in-addr.arpa. Therefore it is ++ meaningful to say, for example, verify=csa/$sender_host_address - in ++ fact, this is the check that Exim performs if the client does not say ++ HELO. This extension can be turned off by setting the main ++ configuration option dns_csa_use_reverse = false. ++ ++ If a CSA SRV record is not found for the domain itself, then a search ++ is performed through its parent domains for a record which might be ++ making assertions about subdomains. The maximum depth of this search is ++ limited using the main configuration option dns_csa_search_limit, which ++ takes the value 5 by default. Exim does not look for CSA SRV records in ++ a top level domain, so the default settings handle HELO domains as long ++ as seven (hostname.five.four.three.two.one.com) which encompasses the ++ vast majority of legitimate HELO domains. ++ ++ The dnsdb lookup also has support for CSA. Although dnsdb already ++ supports SRV lookups, this is not sufficient because of the extra ++ parent domain search behaviour of CSA, and (as with PTR lookups) ++ dnsdb also turns IP addresses into lookups in the reverse DNS space. ++ The result of ${lookup dnsdb {csa=$sender_helo_name} } has two ++ space-separated fields: an authorization code and a target host name. ++ The authorization code can be "Y" for yes, "N" for no, "X" for explicit ++ authorization required but absent, or "?" for unknown. + + Version 4.50 + ------------ +--- src/acl.c 6 Apr 2005 14:03:53 -0000 1.28 ++++ src/acl.c 4 May 2005 10:42:26 -0000 +@@ -505,6 +505,45 @@ + { US"submission", CONTROL_SUBMISSION, TRUE} + }; + ++/* Support data structures for Client SMTP Authorization. acl_verify_csa() ++caches its result in a tree to avoid repeated DNS queries. The result is an ++integer code which is used as an index into the following tables of ++explanatory strings and verification return codes. */ ++ ++static tree_node *csa_cache = NULL; ++ ++enum { CSA_UNKNOWN, CSA_OK, CSA_DEFER_SRV, CSA_DEFER_ADDR, ++ CSA_FAIL_EXPLICIT, CSA_FAIL_DOMAIN, CSA_FAIL_NOADDR, CSA_FAIL_MISMATCH }; ++ ++/* The acl_verify_csa() return code is translated into an acl_verify() return ++code using the following table. It is OK unless the client is definitely not ++authorized. This is because CSA is supposed to be optional for sending sites, ++so recipients should not be too strict about checking it - especially because ++DNS problems are quite likely to occur. It's possible to use $csa_status in ++further ACL conditions to distinguish ok, unknown, and defer if required, but ++the aim is to make the usual configuration simple. */ ++ ++static int csa_return_code[] = { ++ OK, OK, OK, OK, ++ FAIL, FAIL, FAIL, FAIL ++}; ++ ++static uschar *csa_status_string[] = { ++ "unknown", "ok", "defer", "defer", ++ "fail", "fail", "fail", "fail" ++}; ++ ++static uschar *csa_reason_string[] = { ++ "unknown", ++ "ok", ++ "deferred (SRV lookup failed)", ++ "deferred (target address lookup failed)", ++ "failed (explicit authorization required)", ++ "failed (host name not authorized)", ++ "failed (no authorized addresses)", ++ "failed (client address mismatch)" ++}; ++ + /* Enable recursion between acl_check_internal() and acl_check_condition() */ + + static int acl_check_internal(int, address_item *, uschar *, int, uschar **, +@@ -938,6 +977,299 @@ + + + /************************************************* ++* Check client IP address matches CSA target * ++*************************************************/ ++ ++/* Called from acl_verify_csa() below. This routine scans a section of a DNS ++response for address records belonging to the CSA target hostname. The section ++is specified by the reset argument, either RESET_ADDITIONAL or RESET_ANSWERS. ++If one of the addresses matches the client's IP address, then the client is ++authorized by CSA. If there are target IP addresses but none of them match ++then the client is using an unauthorized IP address. If there are no target IP ++addresses then the client cannot be using an authorized IP address. (This is ++an odd configuration - why didn't the SRV record have a weight of 1 instead?) ++ ++Arguments: ++ dnsa the DNS answer block ++ dnss a DNS scan block for us to use ++ reset option specifing what portion to scan, as described above ++ target the target hostname to use for matching RR names ++ ++Returns: CSA_OK successfully authorized ++ CSA_FAIL_MISMATCH addresses found but none matched ++ CSA_FAIL_NOADDR no target addresses found ++*/ ++ ++static int ++acl_verify_csa_address(dns_answer *dnsa, dns_scan *dnss, int reset, ++ uschar *target) ++{ ++dns_record *rr; ++dns_address *da; ++ ++BOOL target_found = FALSE; ++ ++for (rr = dns_next_rr(dnsa, dnss, reset); ++ rr != NULL; ++ rr = dns_next_rr(dnsa, dnss, RESET_NEXT)) ++ { ++ /* Check this is an address RR for the target hostname. */ ++ ++ if (rr->type != T_A ++ #if HAVE_IPV6 ++ && rr->type != T_AAAA ++ #ifdef SUPPORT_A6 ++ && rr->type != T_A6 ++ #endif ++ #endif ++ ) continue; ++ ++ if (strcmpic(target, rr->name) != 0) continue; ++ ++ target_found = TRUE; ++ ++ /* Turn the target address RR into a list of textual IP addresses and scan ++ the list. There may be more than one if it is an A6 RR. */ ++ ++ for (da = dns_address_from_rr(&dnsa, rr); da != NULL; da = da->next) ++ { ++ /* If the client IP address matches the target IP address, it's good! */ ++ ++ DEBUG(D_acl) debug_printf("CSA target address is %s\n", da->address); ++ ++ if (strcmpic(sender_host_address, da->address) == 0) return CSA_OK; ++ } ++ } ++ ++/* If we found some target addresses but none of them matched, the client is ++using an unauthorized IP address, otherwise the target has no authorized IP ++addresses. */ ++ ++if (target_found) return CSA_FAIL_MISMATCH; ++else return CSA_FAIL_NOADDR; ++} ++ ++ ++ ++/************************************************* ++* Verify Client SMTP Authorization * ++*************************************************/ ++ ++/* Called from acl_verify() below. This routine calls dns_lookup_special() ++to find the CSA SRV record corresponding to the domain argument, or ++$sender_helo_name if no argument is provided. It then checks that the ++client is authorized, and that its IP address corresponds to the SRV ++target's address by calling acl_verify_csa_address() above. The address ++should have been returned in the DNS response's ADDITIONAL section, but if ++not we perform another DNS lookup to get it. ++ ++Arguments: ++ domain pointer to optional parameter following verify = csa ++ ++Returns: CSA_UNKNOWN no valid CSA record found ++ CSA_OK successfully authorized ++ CSA_FAIL_* client is definitely not authorized ++ CSA_DEFER_* there was a DNS problem ++*/ ++ ++static int ++acl_verify_csa(uschar *domain) ++{ ++tree_node *t; ++uschar *found, *p; ++int priority, weight, port; ++dns_answer dnsa; ++dns_scan dnss; ++dns_record *rr; ++int rc, type; ++uschar target[256]; ++ ++/* Work out the domain we are using for the CSA lookup. The default is the ++client's HELO domain. If the client has not said HELO, use its IP address ++instead. If it's a local client (exim -bs), CSA isn't applicable. */ ++ ++while (isspace(*domain) && *domain != '\0') ++domain; ++if (*domain == '\0') domain = sender_helo_name; ++if (domain == NULL) domain = sender_host_address; ++if (sender_host_address == NULL) return CSA_UNKNOWN; ++ ++/* If we have an address literal, strip off the framing ready for turning it ++into a domain. The framing consists of matched square brackets possibly ++containing a keyword and a colon before the actual IP address. */ ++ ++if (domain[0] == '[') ++ { ++ uschar *start = Ustrchr(domain, ':'); ++ if (start == NULL) start = domain; ++ domain = string_copyn(start + 1, Ustrlen(start) - 2); ++ } ++ ++/* Turn domains that look like bare IP addresses into domains in the reverse ++DNS. This code also deals with address literals and $sender_host_address. It's ++not quite kosher to treat bare domains such as EHLO 192.0.2.57 the same as ++address literals, but it's probably the most friendly thing to do. This is an ++extension to CSA, so we allow it to be turned off for proper conformance. */ ++ ++if (string_is_ip_address(domain, NULL)) ++ { ++ if (!dns_csa_use_reverse) return CSA_UNKNOWN; ++ dns_build_reverse(domain, target); ++ domain = target; ++ } ++ ++/* Find out if we've already done the CSA check for this domain. If we have, ++return the same result again. Otherwise build a new cached result structure ++for this domain. The name is filled in now, and the value is filled in when ++we return from this function. */ ++ ++t = tree_search(csa_cache, domain); ++if (t != NULL) return t->data.val; ++ ++t = store_get_perm(sizeof(tree_node) + Ustrlen(domain)); ++Ustrcpy(t->name, domain); ++(void)tree_insertnode(&csa_cache, t); ++ ++/* Now we are ready to do the actual DNS lookup(s). */ ++ ++switch (dns_special_lookup(&dnsa, domain, T_CSA, &found)) ++ { ++ /* If something bad happened (most commonly DNS_AGAIN), defer. */ ++ ++ default: ++ return t->data.val = CSA_DEFER_SRV; ++ ++ /* If we found nothing, the client's authorization is unknown. */ ++ ++ case DNS_NOMATCH: ++ case DNS_NODATA: ++ return t->data.val = CSA_UNKNOWN; ++ ++ /* We got something! Go on to look at the reply in more detail. */ ++ ++ case DNS_SUCCEED: ++ break; ++ } ++ ++/* Scan the reply for well-formed CSA SRV records. */ ++ ++for (rr = dns_next_rr(&dnsa, &dnss, RESET_ANSWERS); ++ rr != NULL; ++ rr = dns_next_rr(&dnsa, &dnss, RESET_NEXT)) ++ { ++ if (rr->type != T_SRV) continue; ++ ++ /* Extract the numerical SRV fields (p is incremented) */ ++ ++ p = rr->data; ++ GETSHORT(priority, p); ++ GETSHORT(weight, p); ++ GETSHORT(port, p); ++ ++ DEBUG(D_acl) ++ debug_printf("CSA priority=%d weight=%d port=%d\n", priority, weight, port); ++ ++ /* Check the CSA version number */ ++ ++ if (priority != 1) continue; ++ ++ /* If the domain does not have a CSA SRV record of its own (i.e. the domain ++ found by dns_special_lookup() is a parent of the one we asked for), we check ++ the subdomain assertions in the port field. At the moment there's only one ++ assertion: legitimate SMTP clients are all explicitly authorized with CSA ++ SRV records of their own. */ ++ ++ if (found != domain) ++ { ++ if (port & 1) ++ return t->data.val = CSA_FAIL_EXPLICIT; ++ else ++ return t->data.val = CSA_UNKNOWN; ++ } ++ ++ /* This CSA SRV record refers directly to our domain, so we check the value ++ in the weight field to work out the domain's authorization. 0 and 1 are ++ unauthorized; 3 means the client is authorized but we can't check the IP ++ address in order to authenticate it, so we treat it as unknown; values ++ greater than 3 are undefined. */ ++ ++ if (weight < 2) return t->data.val = CSA_FAIL_DOMAIN; ++ ++ if (weight > 2) continue; ++ ++ /* Weight == 2, which means the domain is authorized. We must check that the ++ client's IP address is listed as one of the SRV target addresses. Save the ++ target hostname then break to scan the additional data for its addresses. */ ++ ++ (void)dn_expand(dnsa.answer, dnsa.answer + dnsa.answerlen, p, ++ (DN_EXPAND_ARG4_TYPE)target, sizeof(target)); ++ ++ DEBUG(D_acl) debug_printf("CSA target is %s\n", target); ++ ++ break; ++ } ++ ++/* If we didn't break the loop then no appropriate records were found. */ ++ ++if (rr == NULL) return t->data.val = CSA_UNKNOWN; ++ ++/* Do not check addresses if the target is ".", in accordance with RFC 2782. ++A target of "." indicates there are no valid addresses, so the client cannot ++be authorized. (This is an odd configuration because weight=2 target=. is ++equivalent to weight=1, but we check for it in order to keep load off the ++root name servers.) Note that dn_expand() turns "." into "". */ ++ ++if (Ustrcmp(target, "") == 0) return t->data.val = CSA_FAIL_NOADDR; ++ ++/* Scan the additional section of the CSA SRV reply for addresses belonging ++to the target. If the name server didn't return any additional data (e.g. ++because it does not fully support SRV records), we need to do another lookup ++to obtain the target addresses; otherwise we have a definitive result. */ ++ ++rc = acl_verify_csa_address(&dnsa, &dnss, RESET_ADDITIONAL, target); ++if (rc != CSA_FAIL_NOADDR) return t->data.val = rc; ++ ++/* The DNS lookup type corresponds to the IP version used by the client. */ ++ ++#if HAVE_IPV6 ++if (Ustrchr(sender_host_address, ':') != NULL) ++ type = T_AAAA; ++else ++#endif /* HAVE_IPV6 */ ++ type = T_A; ++ ++DNS_LOOKUP_AGAIN: ++switch (dns_lookup(&dnsa, target, type, NULL)) ++ { ++ /* If something bad happened (most commonly DNS_AGAIN), defer. */ ++ ++ default: ++ return t->data.val = CSA_DEFER_ADDR; ++ ++ /* If the query succeeded, scan the addresses and return the result. */ ++ ++ case DNS_SUCCEED: ++ rc = acl_verify_csa_address(&dnsa, &dnss, RESET_ANSWERS, target); ++ if (rc != CSA_FAIL_NOADDR) return t->data.val = rc; ++ /* else fall through */ ++ ++ /* If the target has no IP addresses, the client cannot have an authorized ++ IP address. However, if the target site uses A6 records (not AAAA records) ++ we have to do yet another lookup in order to check them. */ ++ ++ case DNS_NOMATCH: ++ case DNS_NODATA: ++ ++ #if HAVE_IPV6 && defined(SUPPORT_A6) ++ if (type == T_AAAA) { type = T_A6; goto DNS_LOOKUP_AGAIN; } ++ #endif ++ ++ return t->data.val = CSA_FAIL_NOADDR; ++ } ++} ++ ++ ++ ++/************************************************* + * Handle verification (address & other) * + *************************************************/ + +@@ -1017,6 +1349,19 @@ + { + if (slash != NULL) goto NO_OPTIONS; + return helo_verified? OK : FAIL; ++ } ++ ++/* Do Client SMTP Authorization checks in a separate function, and turn the ++result code into user-friendly strings. */ ++ ++if (strcmpic(ss, US"csa") == 0) ++ { ++ rc = acl_verify_csa(list); ++ *log_msgptr = *user_msgptr = string_sprintf("client SMTP authorization %s", ++ csa_reason_string[rc]); ++ csa_status = csa_status_string[rc]; ++ DEBUG(D_acl) debug_printf("CSA result %s\n", csa_status); ++ return csa_return_code[rc]; + } + + /* Check that all relevant header lines have the correct syntax. If there is +--- src/dns.c 17 Feb 2005 11:58:26 -0000 1.5 ++++ src/dns.c 4 May 2005 10:42:26 -0000 +@@ -153,9 +153,9 @@ + *************************************************/ + + /* Call this with reset == RESET_ANSWERS to scan the answer block, reset == +-RESET_ADDITIONAL to scan the additional records, and reset == RESET_NEXT to +-get the next record. The result is in static storage which must be copied if +-it is to be preserved. ++RESET_AUTHORITY to scan the authority records, reset == RESET_ADDITIONAL to ++scan the additional records, and reset == RESET_NEXT to get the next record. ++The result is in static storage which must be copied if it is to be preserved. + + Arguments: + dnsa pointer to dns answer block +@@ -192,12 +192,14 @@ + + dnss->rrcount = ntohs(h->ancount); + +- /* Skip over answers and NS records if wanting to look at the additional ++ /* Skip over answers if we want to look at the authority section. Also skip ++ the NS records (i.e. authority section) if wanting to look at the additional + records. */ + +- if (reset == RESET_ADDITIONAL) ++ if (reset == RESET_ADDITIONAL) dnss->rrcount += ntohs(h->nscount); ++ ++ if (reset == RESET_AUTHORITY || reset == RESET_ADDITIONAL) + { +- dnss->rrcount += ntohs(h->nscount); + while (dnss->rrcount-- > 0) + { + namelen = dn_expand(dnsa->answer, dnsa->answer + dnsa->answerlen, +@@ -207,11 +209,11 @@ + GETSHORT(dnss->srr.size, dnss->aptr); /* size of data portion */ + dnss->aptr += dnss->srr.size; /* skip over it */ + } +- dnss->rrcount = ntohs(h->arcount); ++ dnss->rrcount = (reset == RESET_AUTHORITY) ++ ? ntohs(h->nscount) : ntohs(h->arcount); + } + } + +- + /* The variable dnss->aptr is now pointing at the next RR, and dnss->rrcount + contains the number of RR records left. */ + +@@ -666,6 +668,153 @@ + if (rc != DNS_NOMATCH && rc != DNS_NODATA) return rc; + while (*d != 0 && *d != '.') d++; + if (*d++ == 0) break; ++ } ++ return DNS_NOMATCH; ++ } ++ ++/* Try to look up the Client SMTP Authorization SRV record for the name. If ++there isn't one, search from the top downwards for a CSA record in a parent ++domain, which might be making assertions about subdomains. If we find a record ++we set fully_qualified_name to whichever lookup succeeded, so that the caller ++can tell whether to look at the explicit authorization field or the subdomain ++assertion field. */ ++ ++if (type == T_CSA) ++ { ++ uschar *srvname, *namesuff, *tld, *p; ++ int priority, weight, port; ++ int limit, rc, i; ++ BOOL ipv6; ++ dns_record *rr; ++ dns_scan dnss; ++ ++ DEBUG(D_dns) debug_printf("CSA lookup of %s\n", name); ++ ++ srvname = string_sprintf("_client._smtp.%s", name); ++ rc = dns_lookup(dnsa, srvname, T_SRV, NULL); ++ if (rc == DNS_SUCCEED || rc == DNS_AGAIN) ++ { ++ if (rc == DNS_SUCCEED) *fully_qualified_name = name; ++ return rc; ++ } ++ ++ /* Search for CSA subdomain assertion SRV records from the top downwards, ++ starting with the 2nd level domain. This order maximizes cache-friendliness. ++ We skip the top level domains to avoid loading their nameservers and because ++ we know they'll never have CSA SRV records. */ ++ ++ namesuff = Ustrrchr(name, '.'); ++ if (namesuff == NULL) return DNS_NOMATCH; ++ tld = namesuff + 1; ++ ipv6 = FALSE; ++ limit = dns_csa_search_limit; ++ ++ /* Use more appropriate search parameters if we are in the reverse DNS. */ ++ ++ if (strcmpic(namesuff, ".arpa") == 0) ++ { ++ if (namesuff - 8 > name && strcmpic(namesuff - 8, ".in-addr.arpa") == 0) ++ { ++ namesuff -= 8; ++ tld = namesuff + 1; ++ limit = 3; ++ } ++ else if (namesuff - 4 > name && strcmpic(namesuff - 4, ".ip6.arpa") == 0) ++ { ++ namesuff -= 4; ++ tld = namesuff + 1; ++ ipv6 = TRUE; ++ limit = 3; ++ } ++ } ++ ++ DEBUG(D_dns) debug_printf("CSA TLD %s\n", tld); ++ ++ /* Do not perform the search if the top level or 2nd level domains do not ++ exist. This is quite common, and when it occurs all the search queries would ++ go to the root or TLD name servers, which is not friendly. So we check the ++ AUTHORITY section; if it contains the root's SOA record or the TLD's SOA then ++ the TLD or the 2LD (respectively) doesn't exist and we can skip the search. ++ If the TLD and the 2LD exist but the explicit CSA record lookup failed, then ++ the AUTHORITY SOA will be the 2LD's or a subdomain thereof. */ ++ ++ if (rc == DNS_NOMATCH) ++ { ++ /* This is really gross. The successful return value from res_search() is ++ the packet length, which is stored in dnsa->answerlen. If we get a ++ negative DNS reply then res_search() returns -1, which causes the bounds ++ checks for name decompression to fail when it is treated as a packet ++ length, which in turn causes the authority search to fail. The correct ++ packet length has been lost inside libresolv, so we have to guess a ++ replacement value. (The only way to fix this properly would be to ++ re-implement res_search() and res_query() so that they don't muddle their ++ success and packet length return values.) For added safety we only reset ++ the packet length if the packet header looks plausible. */ ++ ++ HEADER *h = (HEADER *)dnsa->answer; ++ if (h->qr == 1 && h->opcode == QUERY && h->tc == 0 ++ && (h->rcode == NOERROR || h->rcode == NXDOMAIN) ++ && ntohs(h->qdcount) == 1 && ntohs(h->ancount) == 0 ++ && ntohs(h->nscount) >= 1) ++ dnsa->answerlen = MAXPACKET; ++ ++ for (rr = dns_next_rr(dnsa, &dnss, RESET_AUTHORITY); ++ rr != NULL; ++ rr = dns_next_rr(dnsa, &dnss, RESET_NEXT)) ++ if (rr->type != T_SOA) continue; ++ else if (strcmpic(rr->name, "") == 0 || ++ strcmpic(rr->name, tld) == 0) return DNS_NOMATCH; ++ else break; ++ } ++ ++ for (i = 0; i < limit; i++) ++ { ++ if (ipv6) ++ { ++ /* Scan through the IPv6 reverse DNS in chunks of 16 bits worth of IP ++ address, i.e. 4 hex chars and 4 dots, i.e. 8 chars. */ ++ namesuff -= 8; ++ if (namesuff <= name) return DNS_NOMATCH; ++ } ++ else ++ /* Find the start of the preceding domain name label. */ ++ do ++ if (--namesuff <= name) return DNS_NOMATCH; ++ while (*namesuff != '.'); ++ ++ DEBUG(D_dns) debug_printf("CSA parent search at %s\n", namesuff + 1); ++ ++ srvname = string_sprintf("_client._smtp.%s", namesuff + 1); ++ rc = dns_lookup(dnsa, srvname, T_SRV, NULL); ++ if (rc == DNS_AGAIN) return rc; ++ if (rc != DNS_SUCCEED) continue; ++ ++ /* Check that the SRV record we have found is worth returning. We don't ++ just return the first one we find, because some lower level SRV record ++ might make stricter assertions than its parent domain. */ ++ ++ for (rr = dns_next_rr(dnsa, &dnss, RESET_ANSWERS); ++ rr != NULL; ++ rr = dns_next_rr(dnsa, &dnss, RESET_NEXT)) ++ { ++ if (rr->type != T_SRV) continue; ++ ++ /* Extract the numerical SRV fields (p is incremented) */ ++ p = rr->data; ++ GETSHORT(priority, p); ++ GETSHORT(weight, p); ++ GETSHORT(port, p); ++ ++ /* Check the CSA version number */ ++ if (priority != 1) continue; ++ ++ /* If it's making an interesting assertion, return this response. */ ++ if (port & 1) ++ { ++ *fully_qualified_name = namesuff + 1; ++ return DNS_SUCCEED; ++ } ++ } + } + return DNS_NOMATCH; + } +--- src/exim.h 27 Apr 2005 10:00:18 -0000 1.11 ++++ src/exim.h 4 May 2005 10:42:26 -0000 +@@ -280,12 +280,19 @@ + #define T_SRV 33 + #endif + +-/* We use the private type T_ZNS for retrieving the nameservers for the +-enclosing zone of a domain, and the private type T_MXH for retrieving +-the MX hostnames only (without their priorities). */ ++/* We define a few private types for special DNS lookups: ++ ++ . T_ZNS gets the nameservers of the enclosing zone of a domain ++ ++ . T_MXH gets the MX hostnames only (without their priorities) ++ ++ . T_CSA gets the domain's Client SMTP Authorization SRV record ++ ++*/ + + #define T_ZNS (-1) + #define T_MXH (-2) ++#define T_CSA (-3) + + /* The resolv.h header defines __P(x) on some Solaris 2.5.1 systems (without + checking that it is already defined, in fact). This conflicts with other +--- src/expand.c 28 Apr 2005 13:29:27 -0000 1.20 ++++ src/expand.c 4 May 2005 10:42:27 -0000 +@@ -333,6 +333,7 @@ + { "caller_uid", vtype_uid, &real_uid }, + { "compile_date", vtype_stringptr, &version_date }, + { "compile_number", vtype_stringptr, &version_cnumber }, ++ { "csa_status", vtype_stringptr, &csa_status }, + #ifdef WITH_OLD_DEMIME + { "demime_errorlevel", vtype_int, &demime_errorlevel }, + { "demime_reason", vtype_stringptr, &demime_reason }, +--- src/globals.c 3 May 2005 14:20:01 -0000 1.23 ++++ src/globals.c 4 May 2005 10:42:27 -0000 +@@ -385,6 +385,8 @@ + int continue_sequence = 1; + uschar *continue_transport = NULL; + ++uschar *csa_status = NULL; ++ + BOOL daemon_listen = FALSE; + uschar *daemon_smtp_port = US"smtp"; + BOOL debug_daemon = FALSE; +@@ -473,6 +475,8 @@ + #endif + + uschar *dns_again_means_nonexist = NULL; ++int dns_csa_search_limit = 5; ++BOOL dns_csa_use_reverse = TRUE; + uschar *dns_ipv4_lookup = NULL; + int dns_retrans = 0; + int dns_retry = 0; +--- src/globals.h 3 May 2005 14:20:01 -0000 1.15 ++++ src/globals.h 4 May 2005 10:42:27 -0000 +@@ -214,6 +214,8 @@ + extern int continue_sequence; /* Sequence num for continued delivery */ + extern uschar *continue_transport; /* Transport for continued delivery */ + ++extern uschar *csa_status; /* Client SMTP Authorization result */ ++ + extern BOOL daemon_listen; /* True if listening required */ + extern uschar *daemon_smtp_port; /* Can be a list of ports */ + extern BOOL debug_daemon; /* Debug the daemon process only */ +@@ -271,6 +273,8 @@ + #endif + + extern uschar *dns_again_means_nonexist; /* Domains that are badly set up */ ++extern int dns_csa_search_limit; /* How deep to search for CSA SRV records */ ++extern BOOL dns_csa_use_reverse; /* Check CSA in reverse DNS? (non-standard) */ + extern uschar *dns_ipv4_lookup; /* For these domains, don't look for AAAA (or A6) */ + extern int dns_retrans; /* Retransmission time setting */ + extern int dns_retry; /* Number of retries */ +--- src/macros.h 7 Apr 2005 10:54:54 -0000 1.12 ++++ src/macros.h 4 May 2005 10:42:27 -0000 +@@ -178,7 +178,7 @@ + + /* Options for dns_next_rr */ + +-enum { RESET_NEXT, RESET_ANSWERS, RESET_ADDITIONAL }; ++enum { RESET_NEXT, RESET_ANSWERS, RESET_AUTHORITY, RESET_ADDITIONAL }; + + /* Argument values for the time-of-day function */ + +--- src/readconf.c 5 Apr 2005 13:58:35 -0000 1.7 ++++ src/readconf.c 4 May 2005 10:42:27 -0000 +@@ -193,6 +193,8 @@ + { "delivery_date_remove", opt_bool, &delivery_date_remove }, + { "dns_again_means_nonexist", opt_stringptr, &dns_again_means_nonexist }, + { "dns_check_names_pattern", opt_stringptr, &check_dns_names_pattern }, ++ { "dns_csa_search_limit", opt_int, &dns_csa_search_limit }, ++ { "dns_csa_use_reverse", opt_bool, &dns_csa_use_reverse }, + { "dns_ipv4_lookup", opt_stringptr, &dns_ipv4_lookup }, + { "dns_retrans", opt_time, &dns_retrans }, + { "dns_retry", opt_int, &dns_retry }, +--- src/lookups/dnsdb.c 17 Feb 2005 11:58:27 -0000 1.10 ++++ src/lookups/dnsdb.c 4 May 2005 10:42:27 -0000 +@@ -31,6 +31,7 @@ + #endif + #endif + "cname", ++ "csa", + "mx", + "mxh", + "ns", +@@ -49,6 +50,7 @@ + #endif + #endif + T_CNAME, ++ T_CSA, /* Private type for "Client SMTP Authorization". */ + T_MX, + T_MXH, /* Private type for "MX hostnames" */ + T_NS, +@@ -112,7 +114,7 @@ + int type = T_TXT; + int failrc = FAIL; + uschar *outsep = US"\n"; +-uschar *equals, *domain; ++uschar *equals, *domain, *found; + uschar buffer[256]; + + /* Because we're the working in the search pool, we try to reclaim as much +@@ -228,15 +230,18 @@ + != NULL) + { + uschar rbuffer[256]; +- int searchtype = (type == T_ZNS)? T_NS : /* record type we want */ +- (type == T_MXH)? T_MX : type; ++ int searchtype = (type == T_CSA)? T_SRV : /* record type we want */ ++ (type == T_MXH)? T_MX : ++ (type == T_ZNS)? T_NS : type; ++ ++ /* If the type is PTR or CSA, we have to construct the relevant magic lookup ++ key if the original is an IP address (some experimental protocols are using ++ PTR records for different purposes where the key string is a host name, and ++ Exim's extended CSA can be keyed by domains or IP addresses). This code for ++ doing the reversal is now in a separate function. */ + +- /* If the type is PTR, we have to construct the relevant magic lookup key if +- the original is an IP address (some experimental protocols are using PTR +- records for different purposes where the key string is a host name). This +- code for doing the reversal is now in a separate function. */ +- +- if (type == T_PTR && string_is_ip_address(domain, NULL) > 0) ++ if ((type == T_PTR || type == T_CSA) && ++ string_is_ip_address(domain, NULL) > 0) + { + dns_build_reverse(domain, rbuffer); + domain = rbuffer; +@@ -252,7 +257,7 @@ + continue with the next domain. In the case of DEFER, adjust the final + "nothing found" result, but carry on to the next domain. */ + +- rc = dns_special_lookup(&dnsa, domain, type, NULL); ++ rc = dns_special_lookup(&dnsa, domain, type, &found); + + if (rc == DNS_NOMATCH || rc == DNS_NODATA) continue; + if (rc != DNS_SUCCEED) +@@ -300,32 +305,63 @@ + yield = string_cat(yield, &size, &ptr, (uschar *)(rr->data+1), + (rr->data)[0]); + } +- else /* T_CNAME, T_MX, T_MXH, T_NS, T_SRV, T_PTR */ ++ else /* T_CNAME, T_CSA, T_MX, T_MXH, T_NS, T_PTR, T_SRV */ + { +- int num; ++ int priority, weight, port; + uschar s[264]; + uschar *p = (uschar *)(rr->data); + + if (type == T_MXH) + { + /* mxh ignores the priority number and includes only the hostnames */ +- GETSHORT(num, p); /* pointer is advanced */ ++ GETSHORT(priority, p); + } + else if (type == T_MX) + { +- GETSHORT(num, p); /* pointer is advanced */ +- sprintf(CS s, "%d ", num); ++ GETSHORT(priority, p); ++ sprintf(CS s, "%d ", priority); + yield = string_cat(yield, &size, &ptr, s, Ustrlen(s)); + } + else if (type == T_SRV) + { +- int weight, port; +- GETSHORT(num, p); /* pointer is advanced */ ++ GETSHORT(priority, p); + GETSHORT(weight, p); + GETSHORT(port, p); +- sprintf(CS s, "%d %d %d ", num, weight, port); ++ sprintf(CS s, "%d %d %d ", priority, weight, port); + yield = string_cat(yield, &size, &ptr, s, Ustrlen(s)); + } ++ else if (type == T_CSA) ++ { ++ /* See acl_verify_csa() for more comments about CSA. */ ++ ++ GETSHORT(priority, p); ++ GETSHORT(weight, p); ++ GETSHORT(port, p); ++ ++ if (priority != 1) continue; /* CSA version must be 1 */ ++ ++ /* If the CSA record we found is not the one we asked for, analyse ++ the subdomain assertions in the port field, else analyse the direct ++ authorization status in the weight field. */ ++ ++ if (found != domain) ++ { ++ if (port & 1) *s = 'X'; /* explicit authorization required */ ++ else *s = '?'; /* no subdomain assertions here */ ++ } ++ else ++ { ++ if (weight < 2) *s = 'N'; /* not authorized */ ++ else if (weight == 2) *s = 'Y'; /* authorized */ ++ else if (weight == 3) *s = '?'; /* unauthorizable */ ++ else continue; /* invalid */ ++ } ++ ++ s[1] = ' '; ++ yield = string_cat(yield, &size, &ptr, s, 2); ++ } ++ ++ /* GETSHORT() has advanced the pointer to the target domain. */ + + rc = dn_expand(dnsa.answer, dnsa.answer + dnsa.answerlen, p, + (DN_EXPAND_ARG4_TYPE)(s), sizeof(s)); diff --git a/exim.spec b/exim.spec index f88ec89..c4daf91 100644 --- a/exim.spec +++ b/exim.spec @@ -1,7 +1,7 @@ Summary: The exim mail transfer agent Name: exim -Version: 4.50 -Release: 2 +Version: 4.51 +Release: 1 License: GPL Url: http://www.exim.org/ Group: System Environment/Daemons @@ -12,7 +12,7 @@ PreReq: /sbin/chkconfig PreReq: /sbin/service PreReq: %{_sbindir}/alternatives PreReq: %{_sbindir}/groupadd, %{_sbindir}/useradd -Source: ftp://ftp.exim.org/pub/exim/exim-%{version}.tar.bz2 +Source: ftp://ftp.exim.org/pub/exim/exim4/exim-%{version}.tar.bz2 Source2: exim.init Source3: exim.sysconfig Source4: exim.logrotate @@ -25,6 +25,7 @@ Patch8: exim-4.24-libdir.patch Patch12: exim-4.33-cyrus.patch Patch13: exim-4.43-pamconfig.patch Patch14: exim-4.50-spamdconf.patch +Patch15: exim-4.51-csa.2c.patch Requires: /etc/aliases BuildRequires: db4-devel openssl-devel openldap-devel XFree86-devel pam-devel @@ -77,6 +78,7 @@ cp exim_monitor/EDITME Local/eximon.conf %patch12 -p1 -b .cyrus %patch13 -p1 -b .pam %patch14 -p1 -b .spamd +%patch15 -p0 -b .csa.2c %build %ifnarch s390 s390x @@ -285,6 +287,10 @@ fi %doc sa-exim*/{ACKNOWLEDGEMENTS,INSTALL,LICENSE,TODO} %changelog +* Wed May 4 2005 David Woodhouse 4.51-1 +- Update to Exim 4.51 +- Include Tony's CSA support patch + * Tue Feb 22 2005 David Woodhouse 4.50-2 - Move exim-doc into a separate package diff --git a/sources b/sources index c9bc6be..123bcc6 100644 --- a/sources +++ b/sources @@ -1,2 +1,2 @@ -7844eff82171872f6b3971a4183368d9 exim-4.50.tar.bz2 ad76f73c6b3d01caa88078e3e622745a sa-exim-4.2.tar.gz +36c0c005e012d13beb7edfd8d124c049 exim-4.51.tar.bz2 From f1ccf73fa13a13abf5008b8a6bd7c6442fc509ca Mon Sep 17 00:00:00 2001 From: David Woodhouse Date: Thu, 16 Jun 2005 11:17:05 +0000 Subject: [PATCH 003/194] auto-import exim-4.51-2 on branch devel from exim-4.51-2.src.rpm --- .cvsignore | 2 +- exim-4.51-csa.2c.patch => exim-csa.patch | 144 +++++++++++++++-------- exim.spec | 9 +- sources | 2 +- 4 files changed, 106 insertions(+), 51 deletions(-) rename exim-4.51-csa.2c.patch => exim-csa.patch (87%) diff --git a/.cvsignore b/.cvsignore index f4abd34..87dd004 100644 --- a/.cvsignore +++ b/.cvsignore @@ -1,2 +1,2 @@ -sa-exim-4.2.tar.gz exim-4.51.tar.bz2 +sa-exim-4.2.tar.gz diff --git a/exim-4.51-csa.2c.patch b/exim-csa.patch similarity index 87% rename from exim-4.51-csa.2c.patch rename to exim-csa.patch index ead38e2..504525d 100644 --- a/exim-4.51-csa.2c.patch +++ b/exim-csa.patch @@ -1,21 +1,32 @@ --- doc/ChangeLog 4 May 2005 10:17:28 -0000 1.133 -+++ doc/ChangeLog 4 May 2005 10:42:03 -0000 -@@ -287,6 +287,8 @@ - from the Makefile to this script so that it can call the same version of - "make". ++++ doc/ChangeLog 10 May 2005 10:19:11 -0000 1.134 +@@ -1,7 +1,13 @@ +-$Cambridge: exim/exim-doc/doc-txt/ChangeLog,v 1.133 2005/05/04 10:17:28 ph10 Exp $ ++$Cambridge: exim/exim-doc/doc-txt/ChangeLog,v 1.134 2005/05/10 10:19:11 ph10 Exp $ -+TF/02 Added support for Client SMTP Authorization. See NewStuff for details. + Change log file for Exim from version 4.21 + ------------------------------------------- + ++ ++Exim version 4.52 ++----------------- ++ ++TF/01 Added support for Client SMTP Authorization. See NewStuff for details. - A note about Exim versions 4.44 and 4.50 - ---------------------------------------- + + Exim version 4.51 --- doc/NewStuff 3 May 2005 14:20:00 -0000 1.39 -+++ doc/NewStuff 4 May 2005 10:42:03 -0000 -@@ -181,6 +181,61 @@ - both kinds of timeout. A transport filter timeout is now identified in - the log output. - -+TF/02 Support for checking Client SMTP Authorization has been added. CSA is a ++++ doc/NewStuff 10 May 2005 10:19:11 -0000 1.40 +@@ -7,6 +7,66 @@ + but have not yet made it into the main manual (which is most conveniently + updated when there is a relatively large batch of changes). The doc/ChangeLog + file contains a listing of all changes, including bug fixes. ++ ++ ++Exim version 4.52 ++----------------- ++ ++TF/01 Support for checking Client SMTP Authorization has been added. CSA is a + system which allows a site to advertise which machines are and are not + permitted to send email. This is done by placing special SRV records in + the DNS, which are looked up using the client's HELO domain. At this @@ -71,10 +82,10 @@ + The authorization code can be "Y" for yes, "N" for no, "X" for explicit + authorization required but absent, or "?" for unknown. - Version 4.50 - ------------ + + Version 4.51 --- src/acl.c 6 Apr 2005 14:03:53 -0000 1.28 -+++ src/acl.c 4 May 2005 10:42:26 -0000 ++++ src/acl.c 10 May 2005 10:19:11 -0000 1.29 @@ -505,6 +505,45 @@ { US"submission", CONTROL_SUBMISSION, TRUE} }; @@ -103,25 +114,25 @@ +}; + +static uschar *csa_status_string[] = { -+ "unknown", "ok", "defer", "defer", -+ "fail", "fail", "fail", "fail" ++ US"unknown", US"ok", US"defer", US"defer", ++ US"fail", US"fail", US"fail", US"fail" +}; + +static uschar *csa_reason_string[] = { -+ "unknown", -+ "ok", -+ "deferred (SRV lookup failed)", -+ "deferred (target address lookup failed)", -+ "failed (explicit authorization required)", -+ "failed (host name not authorized)", -+ "failed (no authorized addresses)", -+ "failed (client address mismatch)" ++ US"unknown", ++ US"ok", ++ US"deferred (SRV lookup failed)", ++ US"deferred (target address lookup failed)", ++ US"failed (explicit authorization required)", ++ US"failed (host name not authorized)", ++ US"failed (no authorized addresses)", ++ US"failed (client address mismatch)" +}; + /* Enable recursion between acl_check_internal() and acl_check_condition() */ static int acl_check_internal(int, address_item *, uschar *, int, uschar **, -@@ -938,6 +977,299 @@ +@@ -938,6 +977,304 @@ /************************************************* @@ -179,7 +190,7 @@ + /* Turn the target address RR into a list of textual IP addresses and scan + the list. There may be more than one if it is an A6 RR. */ + -+ for (da = dns_address_from_rr(&dnsa, rr); da != NULL; da = da->next) ++ for (da = dns_address_from_rr(dnsa, rr); da != NULL; da = da->next) + { + /* If the client IP address matches the target IP address, it's good! */ + @@ -279,6 +290,7 @@ + +/* Now we are ready to do the actual DNS lookup(s). */ + ++found = domain; +switch (dns_special_lookup(&dnsa, domain, T_CSA, &found)) + { + /* If something bad happened (most commonly DNS_AGAIN), defer. */ @@ -385,7 +397,11 @@ +#endif /* HAVE_IPV6 */ + type = T_A; + ++ ++#if HAVE_IPV6 && defined(SUPPORT_A6) +DNS_LOOKUP_AGAIN: ++#endif ++ +switch (dns_lookup(&dnsa, target, type, NULL)) + { + /* If something bad happened (most commonly DNS_AGAIN), defer. */ @@ -421,7 +437,7 @@ * Handle verification (address & other) * *************************************************/ -@@ -1017,6 +1349,19 @@ +@@ -1017,6 +1353,19 @@ { if (slash != NULL) goto NO_OPTIONS; return helo_verified? OK : FAIL; @@ -442,7 +458,7 @@ /* Check that all relevant header lines have the correct syntax. If there is --- src/dns.c 17 Feb 2005 11:58:26 -0000 1.5 -+++ src/dns.c 4 May 2005 10:42:26 -0000 ++++ src/dns.c 10 May 2005 10:19:11 -0000 1.6 @@ -153,9 +153,9 @@ *************************************************/ @@ -535,15 +551,15 @@ + + /* Use more appropriate search parameters if we are in the reverse DNS. */ + -+ if (strcmpic(namesuff, ".arpa") == 0) ++ if (strcmpic(namesuff, US".arpa") == 0) + { -+ if (namesuff - 8 > name && strcmpic(namesuff - 8, ".in-addr.arpa") == 0) ++ if (namesuff - 8 > name && strcmpic(namesuff - 8, US".in-addr.arpa") == 0) + { + namesuff -= 8; + tld = namesuff + 1; + limit = 3; + } -+ else if (namesuff - 4 > name && strcmpic(namesuff - 4, ".ip6.arpa") == 0) ++ else if (namesuff - 4 > name && strcmpic(namesuff - 4, US".ip6.arpa") == 0) + { + namesuff -= 4; + tld = namesuff + 1; @@ -586,7 +602,7 @@ + rr != NULL; + rr = dns_next_rr(dnsa, &dnss, RESET_NEXT)) + if (rr->type != T_SOA) continue; -+ else if (strcmpic(rr->name, "") == 0 || ++ else if (strcmpic(rr->name, US"") == 0 || + strcmpic(rr->name, tld) == 0) return DNS_NOMATCH; + else break; + } @@ -643,7 +659,7 @@ return DNS_NOMATCH; } --- src/exim.h 27 Apr 2005 10:00:18 -0000 1.11 -+++ src/exim.h 4 May 2005 10:42:26 -0000 ++++ src/exim.h 10 May 2005 10:19:11 -0000 1.12 @@ -280,12 +280,19 @@ #define T_SRV 33 #endif @@ -668,7 +684,7 @@ /* The resolv.h header defines __P(x) on some Solaris 2.5.1 systems (without checking that it is already defined, in fact). This conflicts with other --- src/expand.c 28 Apr 2005 13:29:27 -0000 1.20 -+++ src/expand.c 4 May 2005 10:42:27 -0000 ++++ src/expand.c 10 May 2005 10:19:11 -0000 1.21 @@ -333,6 +333,7 @@ { "caller_uid", vtype_uid, &real_uid }, { "compile_date", vtype_stringptr, &version_date }, @@ -678,7 +694,7 @@ { "demime_errorlevel", vtype_int, &demime_errorlevel }, { "demime_reason", vtype_stringptr, &demime_reason }, --- src/globals.c 3 May 2005 14:20:01 -0000 1.23 -+++ src/globals.c 4 May 2005 10:42:27 -0000 ++++ src/globals.c 10 May 2005 10:19:11 -0000 1.24 @@ -385,6 +385,8 @@ int continue_sequence = 1; uschar *continue_transport = NULL; @@ -698,7 +714,7 @@ int dns_retrans = 0; int dns_retry = 0; --- src/globals.h 3 May 2005 14:20:01 -0000 1.15 -+++ src/globals.h 4 May 2005 10:42:27 -0000 ++++ src/globals.h 10 May 2005 10:19:11 -0000 1.16 @@ -214,6 +214,8 @@ extern int continue_sequence; /* Sequence num for continued delivery */ extern uschar *continue_transport; /* Transport for continued delivery */ @@ -718,7 +734,7 @@ extern int dns_retrans; /* Retransmission time setting */ extern int dns_retry; /* Number of retries */ --- src/macros.h 7 Apr 2005 10:54:54 -0000 1.12 -+++ src/macros.h 4 May 2005 10:42:27 -0000 ++++ src/macros.h 10 May 2005 10:19:11 -0000 1.13 @@ -178,7 +178,7 @@ /* Options for dns_next_rr */ @@ -729,7 +745,7 @@ /* Argument values for the time-of-day function */ --- src/readconf.c 5 Apr 2005 13:58:35 -0000 1.7 -+++ src/readconf.c 4 May 2005 10:42:27 -0000 ++++ src/readconf.c 10 May 2005 10:19:11 -0000 1.8 @@ -193,6 +193,8 @@ { "delivery_date_remove", opt_bool, &delivery_date_remove }, { "dns_again_means_nonexist", opt_stringptr, &dns_again_means_nonexist }, @@ -740,7 +756,7 @@ { "dns_retrans", opt_time, &dns_retrans }, { "dns_retry", opt_int, &dns_retry }, --- src/lookups/dnsdb.c 17 Feb 2005 11:58:27 -0000 1.10 -+++ src/lookups/dnsdb.c 4 May 2005 10:42:27 -0000 ++++ src/lookups/dnsdb.c 10 May 2005 10:19:11 -0000 1.11 @@ -31,6 +31,7 @@ #endif #endif @@ -793,16 +809,32 @@ { dns_build_reverse(domain, rbuffer); domain = rbuffer; -@@ -252,7 +257,7 @@ - continue with the next domain. In the case of DEFER, adjust the final - "nothing found" result, but carry on to the next domain. */ +@@ -244,15 +249,16 @@ + + DEBUG(D_lookup) debug_printf("dnsdb key: %s\n", domain); + +- /* Do the lookup and sort out the result. There are two special types that +- are handled specially: T_ZNS and T_MXH. The former is handled in a special +- lookup function so that the facility could be used from other parts of the +- Exim code. The latter affects only what happens later on in this function, +- but for tidiness it is handled in a similar way. If the lookup fails, +- continue with the next domain. In the case of DEFER, adjust the final +- "nothing found" result, but carry on to the next domain. */ ++ /* Do the lookup and sort out the result. There are three special types that ++ are handled specially: T_CSA, T_ZNS and T_MXH. The former two are handled in ++ a special lookup function so that the facility could be used from other ++ parts of the Exim code. The latter affects only what happens later on in ++ this function, but for tidiness it is handled in a similar way. If the ++ lookup fails, continue with the next domain. In the case of DEFER, adjust ++ the final "nothing found" result, but carry on to the next domain. */ - rc = dns_special_lookup(&dnsa, domain, type, NULL); ++ found = domain; + rc = dns_special_lookup(&dnsa, domain, type, &found); if (rc == DNS_NOMATCH || rc == DNS_NODATA) continue; if (rc != DNS_SUCCEED) -@@ -300,32 +305,63 @@ +@@ -300,32 +311,63 @@ yield = string_cat(yield, &size, &ptr, (uschar *)(rr->data+1), (rr->data)[0]); } @@ -866,7 +898,7 @@ + else continue; /* invalid */ + } + -+ s[1] = ' '; ++ s[1] = ' '; + yield = string_cat(yield, &size, &ptr, s, 2); + } + @@ -874,3 +906,23 @@ rc = dn_expand(dnsa.answer, dnsa.answer + dnsa.answerlen, p, (DN_EXPAND_ARG4_TYPE)(s), sizeof(s)); +--- src/configure.default 29 Mar 2005 09:49:49 -0000 1.2 ++++ src/configure.default 10 May 2005 14:48:07 -0000 1.3 +@@ -322,6 +322,17 @@ + # warn message = X-Warning: $sender_host_address is in a black list at $dnslist_domain + # log_message = found in $dnslist_domain + # dnslists = black.list.example ++ ############################################################################# ++ ++ ############################################################################# ++ # This check is commented out because it is recognized that not every ++ # sysadmin will want to do it. If you enable it, the check performs ++ # Client SMTP Authorization (csa) checks on the sending host. These checks ++ # do DNS lookups for SRV records. The CSA proposal is currently (May 2005) ++ # an Internet draft. You can, of course, add additional conditions to this ++ # ACL statement to restrict the CSA checks to certain hosts only. ++ # ++ # require verify = csa + ############################################################################# + + # Accept if the address is in a local domain, but only if the recipient can diff --git a/exim.spec b/exim.spec index c4daf91..892541b 100644 --- a/exim.spec +++ b/exim.spec @@ -1,7 +1,7 @@ Summary: The exim mail transfer agent Name: exim Version: 4.51 -Release: 1 +Release: 2 License: GPL Url: http://www.exim.org/ Group: System Environment/Daemons @@ -25,7 +25,7 @@ Patch8: exim-4.24-libdir.patch Patch12: exim-4.33-cyrus.patch Patch13: exim-4.43-pamconfig.patch Patch14: exim-4.50-spamdconf.patch -Patch15: exim-4.51-csa.2c.patch +Patch15: http://www.cus.cam.ac.uk/~fanf2/hermes/doc/antiforgery/exim-csa.patch Requires: /etc/aliases BuildRequires: db4-devel openssl-devel openldap-devel XFree86-devel pam-devel @@ -78,7 +78,7 @@ cp exim_monitor/EDITME Local/eximon.conf %patch12 -p1 -b .cyrus %patch13 -p1 -b .pam %patch14 -p1 -b .spamd -%patch15 -p0 -b .csa.2c +%patch15 -p0 -b .csa %build %ifnarch s390 s390x @@ -287,6 +287,9 @@ fi %doc sa-exim*/{ACKNOWLEDGEMENTS,INSTALL,LICENSE,TODO} %changelog +* Wed May 4 2005 David Woodhouse 4.51-2 +- Update CSA patch + * Wed May 4 2005 David Woodhouse 4.51-1 - Update to Exim 4.51 - Include Tony's CSA support patch diff --git a/sources b/sources index 123bcc6..624cf8b 100644 --- a/sources +++ b/sources @@ -1,2 +1,2 @@ -ad76f73c6b3d01caa88078e3e622745a sa-exim-4.2.tar.gz 36c0c005e012d13beb7edfd8d124c049 exim-4.51.tar.bz2 +ad76f73c6b3d01caa88078e3e622745a sa-exim-4.2.tar.gz From 24695c8e88d49eba9aae8934f6b9d4ec54d3f1d2 Mon Sep 17 00:00:00 2001 From: David Woodhouse Date: Thu, 16 Jun 2005 11:27:34 +0000 Subject: [PATCH 004/194] release bump --- exim.spec | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/exim.spec b/exim.spec index 892541b..ab4a6f7 100644 --- a/exim.spec +++ b/exim.spec @@ -1,7 +1,7 @@ Summary: The exim mail transfer agent Name: exim Version: 4.51 -Release: 2 +Release: 3 License: GPL Url: http://www.exim.org/ Group: System Environment/Daemons @@ -287,7 +287,10 @@ fi %doc sa-exim*/{ACKNOWLEDGEMENTS,INSTALL,LICENSE,TODO} %changelog -* Wed May 4 2005 David Woodhouse 4.51-2 +* Thu Jun 16 2005 David Woodhouse 4.51-3 +- Rebuild for -devel + +* Thu Jun 16 2005 David Woodhouse 4.51-2 - Update CSA patch * Wed May 4 2005 David Woodhouse 4.51-1 From d439d08a59fc1060df02cdc8e1c6d1ffdb02ce64 Mon Sep 17 00:00:00 2001 From: David Woodhouse Date: Fri, 1 Jul 2005 15:54:35 +0000 Subject: [PATCH 005/194] import 4.52 --- .cvsignore | 1 + exim-4.24-no_libc5.patch | 29 -- exim-csa.patch | 928 --------------------------------------- exim.spec | 11 +- sources | 1 + 5 files changed, 7 insertions(+), 963 deletions(-) delete mode 100644 exim-4.24-no_libc5.patch delete mode 100644 exim-csa.patch diff --git a/.cvsignore b/.cvsignore index 87dd004..99a733b 100644 --- a/.cvsignore +++ b/.cvsignore @@ -1,2 +1,3 @@ exim-4.51.tar.bz2 sa-exim-4.2.tar.gz +exim-4.52.tar.bz2 diff --git a/exim-4.24-no_libc5.patch b/exim-4.24-no_libc5.patch deleted file mode 100644 index 9884853..0000000 --- a/exim-4.24-no_libc5.patch +++ /dev/null @@ -1,29 +0,0 @@ ---- exim-4.24/scripts/os-type.no_libc5 2003-11-13 11:09:34.777973822 +0100 -+++ exim-4.24/scripts/os-type 2003-11-13 11:09:36.175695694 +0100 -@@ -125,16 +125,16 @@ - # easy enough to do a better check, and check the symlink destination or the - # control file contents and make sure. - --Linux) if [ -L /usr/lib/libc.so ]; then -- if [ x"$(file /usr/lib/libc.so | grep "libc.so.5")"x != xx ]; then -- os=Linux-libc5 -- fi -- else -- if grep -q libc.so.5 /usr/lib/libc.so; then -- os=Linux-libc5 -- fi -- fi -- ;; -+#Linux) if [ -L /usr/lib/libc.so ]; then -+# if [ x"$(file /usr/lib/libc.so | grep "libc.so.5")"x != xx ]; then -+# os=Linux-libc5 -+# fi -+# else -+# if grep -q libc.so.5 /usr/lib/libc.so; then -+# os=Linux-libc5 -+# fi -+# fi -+# ;; - - # In the case of NetBSD we need to distinguish between a.out, ELF - # and COFF binary formats. However, a.out and COFF are the same diff --git a/exim-csa.patch b/exim-csa.patch deleted file mode 100644 index 504525d..0000000 --- a/exim-csa.patch +++ /dev/null @@ -1,928 +0,0 @@ ---- doc/ChangeLog 4 May 2005 10:17:28 -0000 1.133 -+++ doc/ChangeLog 10 May 2005 10:19:11 -0000 1.134 -@@ -1,7 +1,13 @@ --$Cambridge: exim/exim-doc/doc-txt/ChangeLog,v 1.133 2005/05/04 10:17:28 ph10 Exp $ -+$Cambridge: exim/exim-doc/doc-txt/ChangeLog,v 1.134 2005/05/10 10:19:11 ph10 Exp $ - - Change log file for Exim from version 4.21 - ------------------------------------------- -+ -+ -+Exim version 4.52 -+----------------- -+ -+TF/01 Added support for Client SMTP Authorization. See NewStuff for details. - - - Exim version 4.51 ---- doc/NewStuff 3 May 2005 14:20:00 -0000 1.39 -+++ doc/NewStuff 10 May 2005 10:19:11 -0000 1.40 -@@ -7,6 +7,66 @@ - but have not yet made it into the main manual (which is most conveniently - updated when there is a relatively large batch of changes). The doc/ChangeLog - file contains a listing of all changes, including bug fixes. -+ -+ -+Exim version 4.52 -+----------------- -+ -+TF/01 Support for checking Client SMTP Authorization has been added. CSA is a -+ system which allows a site to advertise which machines are and are not -+ permitted to send email. This is done by placing special SRV records in -+ the DNS, which are looked up using the client's HELO domain. At this -+ time CSA is still an Internet-Draft. -+ -+ Client SMTP Authorization checks are performed by the ACL condition -+ verify=csa. This will fail if the client is not authorized. If there is -+ a DNS problem, or if no valid CSA SRV record is found, or if the client -+ is authorized, the condition succeeds. These three cases can be -+ distinguished using the expansion variable $csa_status, which can take -+ one of the values "fail", "defer", "unknown", or "ok". The condition -+ does not itself defer because that would be likely to cause problems -+ for legitimate email. -+ -+ The error messages produced by the CSA code include slightly more -+ detail. If $csa_status is "defer" this may be because of problems -+ looking up the CSA SRV record, or problems looking up the CSA target -+ address record. There are four reasons for $csa_status being "fail": -+ the client's host name is explicitly not authorized; the client's IP -+ address does not match any of the CSA target IP addresses; the client's -+ host name is authorized but it has no valid target IP addresses (e.g. -+ the target's addresses are IPv6 and the client is using IPv4); or the -+ client's host name has no CSA SRV record but a parent domain has -+ asserted that all subdomains must be explicitly authorized. -+ -+ The verify=csa condition can take an argument which is the domain to -+ use for the DNS query. The default is verify=csa/$sender_helo_name. -+ -+ This implementation includes an extension to CSA. If the query domain -+ is an address literal such as [192.0.2.95], or if it is a bare IP -+ address, Exim will search for CSA SRV records in the reverse DNS as if -+ the HELO domain was e.g. 95.2.0.192.in-addr.arpa. Therefore it is -+ meaningful to say, for example, verify=csa/$sender_host_address - in -+ fact, this is the check that Exim performs if the client does not say -+ HELO. This extension can be turned off by setting the main -+ configuration option dns_csa_use_reverse = false. -+ -+ If a CSA SRV record is not found for the domain itself, then a search -+ is performed through its parent domains for a record which might be -+ making assertions about subdomains. The maximum depth of this search is -+ limited using the main configuration option dns_csa_search_limit, which -+ takes the value 5 by default. Exim does not look for CSA SRV records in -+ a top level domain, so the default settings handle HELO domains as long -+ as seven (hostname.five.four.three.two.one.com) which encompasses the -+ vast majority of legitimate HELO domains. -+ -+ The dnsdb lookup also has support for CSA. Although dnsdb already -+ supports SRV lookups, this is not sufficient because of the extra -+ parent domain search behaviour of CSA, and (as with PTR lookups) -+ dnsdb also turns IP addresses into lookups in the reverse DNS space. -+ The result of ${lookup dnsdb {csa=$sender_helo_name} } has two -+ space-separated fields: an authorization code and a target host name. -+ The authorization code can be "Y" for yes, "N" for no, "X" for explicit -+ authorization required but absent, or "?" for unknown. - - - Version 4.51 ---- src/acl.c 6 Apr 2005 14:03:53 -0000 1.28 -+++ src/acl.c 10 May 2005 10:19:11 -0000 1.29 -@@ -505,6 +505,45 @@ - { US"submission", CONTROL_SUBMISSION, TRUE} - }; - -+/* Support data structures for Client SMTP Authorization. acl_verify_csa() -+caches its result in a tree to avoid repeated DNS queries. The result is an -+integer code which is used as an index into the following tables of -+explanatory strings and verification return codes. */ -+ -+static tree_node *csa_cache = NULL; -+ -+enum { CSA_UNKNOWN, CSA_OK, CSA_DEFER_SRV, CSA_DEFER_ADDR, -+ CSA_FAIL_EXPLICIT, CSA_FAIL_DOMAIN, CSA_FAIL_NOADDR, CSA_FAIL_MISMATCH }; -+ -+/* The acl_verify_csa() return code is translated into an acl_verify() return -+code using the following table. It is OK unless the client is definitely not -+authorized. This is because CSA is supposed to be optional for sending sites, -+so recipients should not be too strict about checking it - especially because -+DNS problems are quite likely to occur. It's possible to use $csa_status in -+further ACL conditions to distinguish ok, unknown, and defer if required, but -+the aim is to make the usual configuration simple. */ -+ -+static int csa_return_code[] = { -+ OK, OK, OK, OK, -+ FAIL, FAIL, FAIL, FAIL -+}; -+ -+static uschar *csa_status_string[] = { -+ US"unknown", US"ok", US"defer", US"defer", -+ US"fail", US"fail", US"fail", US"fail" -+}; -+ -+static uschar *csa_reason_string[] = { -+ US"unknown", -+ US"ok", -+ US"deferred (SRV lookup failed)", -+ US"deferred (target address lookup failed)", -+ US"failed (explicit authorization required)", -+ US"failed (host name not authorized)", -+ US"failed (no authorized addresses)", -+ US"failed (client address mismatch)" -+}; -+ - /* Enable recursion between acl_check_internal() and acl_check_condition() */ - - static int acl_check_internal(int, address_item *, uschar *, int, uschar **, -@@ -938,6 +977,304 @@ - - - /************************************************* -+* Check client IP address matches CSA target * -+*************************************************/ -+ -+/* Called from acl_verify_csa() below. This routine scans a section of a DNS -+response for address records belonging to the CSA target hostname. The section -+is specified by the reset argument, either RESET_ADDITIONAL or RESET_ANSWERS. -+If one of the addresses matches the client's IP address, then the client is -+authorized by CSA. If there are target IP addresses but none of them match -+then the client is using an unauthorized IP address. If there are no target IP -+addresses then the client cannot be using an authorized IP address. (This is -+an odd configuration - why didn't the SRV record have a weight of 1 instead?) -+ -+Arguments: -+ dnsa the DNS answer block -+ dnss a DNS scan block for us to use -+ reset option specifing what portion to scan, as described above -+ target the target hostname to use for matching RR names -+ -+Returns: CSA_OK successfully authorized -+ CSA_FAIL_MISMATCH addresses found but none matched -+ CSA_FAIL_NOADDR no target addresses found -+*/ -+ -+static int -+acl_verify_csa_address(dns_answer *dnsa, dns_scan *dnss, int reset, -+ uschar *target) -+{ -+dns_record *rr; -+dns_address *da; -+ -+BOOL target_found = FALSE; -+ -+for (rr = dns_next_rr(dnsa, dnss, reset); -+ rr != NULL; -+ rr = dns_next_rr(dnsa, dnss, RESET_NEXT)) -+ { -+ /* Check this is an address RR for the target hostname. */ -+ -+ if (rr->type != T_A -+ #if HAVE_IPV6 -+ && rr->type != T_AAAA -+ #ifdef SUPPORT_A6 -+ && rr->type != T_A6 -+ #endif -+ #endif -+ ) continue; -+ -+ if (strcmpic(target, rr->name) != 0) continue; -+ -+ target_found = TRUE; -+ -+ /* Turn the target address RR into a list of textual IP addresses and scan -+ the list. There may be more than one if it is an A6 RR. */ -+ -+ for (da = dns_address_from_rr(dnsa, rr); da != NULL; da = da->next) -+ { -+ /* If the client IP address matches the target IP address, it's good! */ -+ -+ DEBUG(D_acl) debug_printf("CSA target address is %s\n", da->address); -+ -+ if (strcmpic(sender_host_address, da->address) == 0) return CSA_OK; -+ } -+ } -+ -+/* If we found some target addresses but none of them matched, the client is -+using an unauthorized IP address, otherwise the target has no authorized IP -+addresses. */ -+ -+if (target_found) return CSA_FAIL_MISMATCH; -+else return CSA_FAIL_NOADDR; -+} -+ -+ -+ -+/************************************************* -+* Verify Client SMTP Authorization * -+*************************************************/ -+ -+/* Called from acl_verify() below. This routine calls dns_lookup_special() -+to find the CSA SRV record corresponding to the domain argument, or -+$sender_helo_name if no argument is provided. It then checks that the -+client is authorized, and that its IP address corresponds to the SRV -+target's address by calling acl_verify_csa_address() above. The address -+should have been returned in the DNS response's ADDITIONAL section, but if -+not we perform another DNS lookup to get it. -+ -+Arguments: -+ domain pointer to optional parameter following verify = csa -+ -+Returns: CSA_UNKNOWN no valid CSA record found -+ CSA_OK successfully authorized -+ CSA_FAIL_* client is definitely not authorized -+ CSA_DEFER_* there was a DNS problem -+*/ -+ -+static int -+acl_verify_csa(uschar *domain) -+{ -+tree_node *t; -+uschar *found, *p; -+int priority, weight, port; -+dns_answer dnsa; -+dns_scan dnss; -+dns_record *rr; -+int rc, type; -+uschar target[256]; -+ -+/* Work out the domain we are using for the CSA lookup. The default is the -+client's HELO domain. If the client has not said HELO, use its IP address -+instead. If it's a local client (exim -bs), CSA isn't applicable. */ -+ -+while (isspace(*domain) && *domain != '\0') ++domain; -+if (*domain == '\0') domain = sender_helo_name; -+if (domain == NULL) domain = sender_host_address; -+if (sender_host_address == NULL) return CSA_UNKNOWN; -+ -+/* If we have an address literal, strip off the framing ready for turning it -+into a domain. The framing consists of matched square brackets possibly -+containing a keyword and a colon before the actual IP address. */ -+ -+if (domain[0] == '[') -+ { -+ uschar *start = Ustrchr(domain, ':'); -+ if (start == NULL) start = domain; -+ domain = string_copyn(start + 1, Ustrlen(start) - 2); -+ } -+ -+/* Turn domains that look like bare IP addresses into domains in the reverse -+DNS. This code also deals with address literals and $sender_host_address. It's -+not quite kosher to treat bare domains such as EHLO 192.0.2.57 the same as -+address literals, but it's probably the most friendly thing to do. This is an -+extension to CSA, so we allow it to be turned off for proper conformance. */ -+ -+if (string_is_ip_address(domain, NULL)) -+ { -+ if (!dns_csa_use_reverse) return CSA_UNKNOWN; -+ dns_build_reverse(domain, target); -+ domain = target; -+ } -+ -+/* Find out if we've already done the CSA check for this domain. If we have, -+return the same result again. Otherwise build a new cached result structure -+for this domain. The name is filled in now, and the value is filled in when -+we return from this function. */ -+ -+t = tree_search(csa_cache, domain); -+if (t != NULL) return t->data.val; -+ -+t = store_get_perm(sizeof(tree_node) + Ustrlen(domain)); -+Ustrcpy(t->name, domain); -+(void)tree_insertnode(&csa_cache, t); -+ -+/* Now we are ready to do the actual DNS lookup(s). */ -+ -+found = domain; -+switch (dns_special_lookup(&dnsa, domain, T_CSA, &found)) -+ { -+ /* If something bad happened (most commonly DNS_AGAIN), defer. */ -+ -+ default: -+ return t->data.val = CSA_DEFER_SRV; -+ -+ /* If we found nothing, the client's authorization is unknown. */ -+ -+ case DNS_NOMATCH: -+ case DNS_NODATA: -+ return t->data.val = CSA_UNKNOWN; -+ -+ /* We got something! Go on to look at the reply in more detail. */ -+ -+ case DNS_SUCCEED: -+ break; -+ } -+ -+/* Scan the reply for well-formed CSA SRV records. */ -+ -+for (rr = dns_next_rr(&dnsa, &dnss, RESET_ANSWERS); -+ rr != NULL; -+ rr = dns_next_rr(&dnsa, &dnss, RESET_NEXT)) -+ { -+ if (rr->type != T_SRV) continue; -+ -+ /* Extract the numerical SRV fields (p is incremented) */ -+ -+ p = rr->data; -+ GETSHORT(priority, p); -+ GETSHORT(weight, p); -+ GETSHORT(port, p); -+ -+ DEBUG(D_acl) -+ debug_printf("CSA priority=%d weight=%d port=%d\n", priority, weight, port); -+ -+ /* Check the CSA version number */ -+ -+ if (priority != 1) continue; -+ -+ /* If the domain does not have a CSA SRV record of its own (i.e. the domain -+ found by dns_special_lookup() is a parent of the one we asked for), we check -+ the subdomain assertions in the port field. At the moment there's only one -+ assertion: legitimate SMTP clients are all explicitly authorized with CSA -+ SRV records of their own. */ -+ -+ if (found != domain) -+ { -+ if (port & 1) -+ return t->data.val = CSA_FAIL_EXPLICIT; -+ else -+ return t->data.val = CSA_UNKNOWN; -+ } -+ -+ /* This CSA SRV record refers directly to our domain, so we check the value -+ in the weight field to work out the domain's authorization. 0 and 1 are -+ unauthorized; 3 means the client is authorized but we can't check the IP -+ address in order to authenticate it, so we treat it as unknown; values -+ greater than 3 are undefined. */ -+ -+ if (weight < 2) return t->data.val = CSA_FAIL_DOMAIN; -+ -+ if (weight > 2) continue; -+ -+ /* Weight == 2, which means the domain is authorized. We must check that the -+ client's IP address is listed as one of the SRV target addresses. Save the -+ target hostname then break to scan the additional data for its addresses. */ -+ -+ (void)dn_expand(dnsa.answer, dnsa.answer + dnsa.answerlen, p, -+ (DN_EXPAND_ARG4_TYPE)target, sizeof(target)); -+ -+ DEBUG(D_acl) debug_printf("CSA target is %s\n", target); -+ -+ break; -+ } -+ -+/* If we didn't break the loop then no appropriate records were found. */ -+ -+if (rr == NULL) return t->data.val = CSA_UNKNOWN; -+ -+/* Do not check addresses if the target is ".", in accordance with RFC 2782. -+A target of "." indicates there are no valid addresses, so the client cannot -+be authorized. (This is an odd configuration because weight=2 target=. is -+equivalent to weight=1, but we check for it in order to keep load off the -+root name servers.) Note that dn_expand() turns "." into "". */ -+ -+if (Ustrcmp(target, "") == 0) return t->data.val = CSA_FAIL_NOADDR; -+ -+/* Scan the additional section of the CSA SRV reply for addresses belonging -+to the target. If the name server didn't return any additional data (e.g. -+because it does not fully support SRV records), we need to do another lookup -+to obtain the target addresses; otherwise we have a definitive result. */ -+ -+rc = acl_verify_csa_address(&dnsa, &dnss, RESET_ADDITIONAL, target); -+if (rc != CSA_FAIL_NOADDR) return t->data.val = rc; -+ -+/* The DNS lookup type corresponds to the IP version used by the client. */ -+ -+#if HAVE_IPV6 -+if (Ustrchr(sender_host_address, ':') != NULL) -+ type = T_AAAA; -+else -+#endif /* HAVE_IPV6 */ -+ type = T_A; -+ -+ -+#if HAVE_IPV6 && defined(SUPPORT_A6) -+DNS_LOOKUP_AGAIN: -+#endif -+ -+switch (dns_lookup(&dnsa, target, type, NULL)) -+ { -+ /* If something bad happened (most commonly DNS_AGAIN), defer. */ -+ -+ default: -+ return t->data.val = CSA_DEFER_ADDR; -+ -+ /* If the query succeeded, scan the addresses and return the result. */ -+ -+ case DNS_SUCCEED: -+ rc = acl_verify_csa_address(&dnsa, &dnss, RESET_ANSWERS, target); -+ if (rc != CSA_FAIL_NOADDR) return t->data.val = rc; -+ /* else fall through */ -+ -+ /* If the target has no IP addresses, the client cannot have an authorized -+ IP address. However, if the target site uses A6 records (not AAAA records) -+ we have to do yet another lookup in order to check them. */ -+ -+ case DNS_NOMATCH: -+ case DNS_NODATA: -+ -+ #if HAVE_IPV6 && defined(SUPPORT_A6) -+ if (type == T_AAAA) { type = T_A6; goto DNS_LOOKUP_AGAIN; } -+ #endif -+ -+ return t->data.val = CSA_FAIL_NOADDR; -+ } -+} -+ -+ -+ -+/************************************************* - * Handle verification (address & other) * - *************************************************/ - -@@ -1017,6 +1353,19 @@ - { - if (slash != NULL) goto NO_OPTIONS; - return helo_verified? OK : FAIL; -+ } -+ -+/* Do Client SMTP Authorization checks in a separate function, and turn the -+result code into user-friendly strings. */ -+ -+if (strcmpic(ss, US"csa") == 0) -+ { -+ rc = acl_verify_csa(list); -+ *log_msgptr = *user_msgptr = string_sprintf("client SMTP authorization %s", -+ csa_reason_string[rc]); -+ csa_status = csa_status_string[rc]; -+ DEBUG(D_acl) debug_printf("CSA result %s\n", csa_status); -+ return csa_return_code[rc]; - } - - /* Check that all relevant header lines have the correct syntax. If there is ---- src/dns.c 17 Feb 2005 11:58:26 -0000 1.5 -+++ src/dns.c 10 May 2005 10:19:11 -0000 1.6 -@@ -153,9 +153,9 @@ - *************************************************/ - - /* Call this with reset == RESET_ANSWERS to scan the answer block, reset == --RESET_ADDITIONAL to scan the additional records, and reset == RESET_NEXT to --get the next record. The result is in static storage which must be copied if --it is to be preserved. -+RESET_AUTHORITY to scan the authority records, reset == RESET_ADDITIONAL to -+scan the additional records, and reset == RESET_NEXT to get the next record. -+The result is in static storage which must be copied if it is to be preserved. - - Arguments: - dnsa pointer to dns answer block -@@ -192,12 +192,14 @@ - - dnss->rrcount = ntohs(h->ancount); - -- /* Skip over answers and NS records if wanting to look at the additional -+ /* Skip over answers if we want to look at the authority section. Also skip -+ the NS records (i.e. authority section) if wanting to look at the additional - records. */ - -- if (reset == RESET_ADDITIONAL) -+ if (reset == RESET_ADDITIONAL) dnss->rrcount += ntohs(h->nscount); -+ -+ if (reset == RESET_AUTHORITY || reset == RESET_ADDITIONAL) - { -- dnss->rrcount += ntohs(h->nscount); - while (dnss->rrcount-- > 0) - { - namelen = dn_expand(dnsa->answer, dnsa->answer + dnsa->answerlen, -@@ -207,11 +209,11 @@ - GETSHORT(dnss->srr.size, dnss->aptr); /* size of data portion */ - dnss->aptr += dnss->srr.size; /* skip over it */ - } -- dnss->rrcount = ntohs(h->arcount); -+ dnss->rrcount = (reset == RESET_AUTHORITY) -+ ? ntohs(h->nscount) : ntohs(h->arcount); - } - } - -- - /* The variable dnss->aptr is now pointing at the next RR, and dnss->rrcount - contains the number of RR records left. */ - -@@ -666,6 +668,153 @@ - if (rc != DNS_NOMATCH && rc != DNS_NODATA) return rc; - while (*d != 0 && *d != '.') d++; - if (*d++ == 0) break; -+ } -+ return DNS_NOMATCH; -+ } -+ -+/* Try to look up the Client SMTP Authorization SRV record for the name. If -+there isn't one, search from the top downwards for a CSA record in a parent -+domain, which might be making assertions about subdomains. If we find a record -+we set fully_qualified_name to whichever lookup succeeded, so that the caller -+can tell whether to look at the explicit authorization field or the subdomain -+assertion field. */ -+ -+if (type == T_CSA) -+ { -+ uschar *srvname, *namesuff, *tld, *p; -+ int priority, weight, port; -+ int limit, rc, i; -+ BOOL ipv6; -+ dns_record *rr; -+ dns_scan dnss; -+ -+ DEBUG(D_dns) debug_printf("CSA lookup of %s\n", name); -+ -+ srvname = string_sprintf("_client._smtp.%s", name); -+ rc = dns_lookup(dnsa, srvname, T_SRV, NULL); -+ if (rc == DNS_SUCCEED || rc == DNS_AGAIN) -+ { -+ if (rc == DNS_SUCCEED) *fully_qualified_name = name; -+ return rc; -+ } -+ -+ /* Search for CSA subdomain assertion SRV records from the top downwards, -+ starting with the 2nd level domain. This order maximizes cache-friendliness. -+ We skip the top level domains to avoid loading their nameservers and because -+ we know they'll never have CSA SRV records. */ -+ -+ namesuff = Ustrrchr(name, '.'); -+ if (namesuff == NULL) return DNS_NOMATCH; -+ tld = namesuff + 1; -+ ipv6 = FALSE; -+ limit = dns_csa_search_limit; -+ -+ /* Use more appropriate search parameters if we are in the reverse DNS. */ -+ -+ if (strcmpic(namesuff, US".arpa") == 0) -+ { -+ if (namesuff - 8 > name && strcmpic(namesuff - 8, US".in-addr.arpa") == 0) -+ { -+ namesuff -= 8; -+ tld = namesuff + 1; -+ limit = 3; -+ } -+ else if (namesuff - 4 > name && strcmpic(namesuff - 4, US".ip6.arpa") == 0) -+ { -+ namesuff -= 4; -+ tld = namesuff + 1; -+ ipv6 = TRUE; -+ limit = 3; -+ } -+ } -+ -+ DEBUG(D_dns) debug_printf("CSA TLD %s\n", tld); -+ -+ /* Do not perform the search if the top level or 2nd level domains do not -+ exist. This is quite common, and when it occurs all the search queries would -+ go to the root or TLD name servers, which is not friendly. So we check the -+ AUTHORITY section; if it contains the root's SOA record or the TLD's SOA then -+ the TLD or the 2LD (respectively) doesn't exist and we can skip the search. -+ If the TLD and the 2LD exist but the explicit CSA record lookup failed, then -+ the AUTHORITY SOA will be the 2LD's or a subdomain thereof. */ -+ -+ if (rc == DNS_NOMATCH) -+ { -+ /* This is really gross. The successful return value from res_search() is -+ the packet length, which is stored in dnsa->answerlen. If we get a -+ negative DNS reply then res_search() returns -1, which causes the bounds -+ checks for name decompression to fail when it is treated as a packet -+ length, which in turn causes the authority search to fail. The correct -+ packet length has been lost inside libresolv, so we have to guess a -+ replacement value. (The only way to fix this properly would be to -+ re-implement res_search() and res_query() so that they don't muddle their -+ success and packet length return values.) For added safety we only reset -+ the packet length if the packet header looks plausible. */ -+ -+ HEADER *h = (HEADER *)dnsa->answer; -+ if (h->qr == 1 && h->opcode == QUERY && h->tc == 0 -+ && (h->rcode == NOERROR || h->rcode == NXDOMAIN) -+ && ntohs(h->qdcount) == 1 && ntohs(h->ancount) == 0 -+ && ntohs(h->nscount) >= 1) -+ dnsa->answerlen = MAXPACKET; -+ -+ for (rr = dns_next_rr(dnsa, &dnss, RESET_AUTHORITY); -+ rr != NULL; -+ rr = dns_next_rr(dnsa, &dnss, RESET_NEXT)) -+ if (rr->type != T_SOA) continue; -+ else if (strcmpic(rr->name, US"") == 0 || -+ strcmpic(rr->name, tld) == 0) return DNS_NOMATCH; -+ else break; -+ } -+ -+ for (i = 0; i < limit; i++) -+ { -+ if (ipv6) -+ { -+ /* Scan through the IPv6 reverse DNS in chunks of 16 bits worth of IP -+ address, i.e. 4 hex chars and 4 dots, i.e. 8 chars. */ -+ namesuff -= 8; -+ if (namesuff <= name) return DNS_NOMATCH; -+ } -+ else -+ /* Find the start of the preceding domain name label. */ -+ do -+ if (--namesuff <= name) return DNS_NOMATCH; -+ while (*namesuff != '.'); -+ -+ DEBUG(D_dns) debug_printf("CSA parent search at %s\n", namesuff + 1); -+ -+ srvname = string_sprintf("_client._smtp.%s", namesuff + 1); -+ rc = dns_lookup(dnsa, srvname, T_SRV, NULL); -+ if (rc == DNS_AGAIN) return rc; -+ if (rc != DNS_SUCCEED) continue; -+ -+ /* Check that the SRV record we have found is worth returning. We don't -+ just return the first one we find, because some lower level SRV record -+ might make stricter assertions than its parent domain. */ -+ -+ for (rr = dns_next_rr(dnsa, &dnss, RESET_ANSWERS); -+ rr != NULL; -+ rr = dns_next_rr(dnsa, &dnss, RESET_NEXT)) -+ { -+ if (rr->type != T_SRV) continue; -+ -+ /* Extract the numerical SRV fields (p is incremented) */ -+ p = rr->data; -+ GETSHORT(priority, p); -+ GETSHORT(weight, p); -+ GETSHORT(port, p); -+ -+ /* Check the CSA version number */ -+ if (priority != 1) continue; -+ -+ /* If it's making an interesting assertion, return this response. */ -+ if (port & 1) -+ { -+ *fully_qualified_name = namesuff + 1; -+ return DNS_SUCCEED; -+ } -+ } - } - return DNS_NOMATCH; - } ---- src/exim.h 27 Apr 2005 10:00:18 -0000 1.11 -+++ src/exim.h 10 May 2005 10:19:11 -0000 1.12 -@@ -280,12 +280,19 @@ - #define T_SRV 33 - #endif - --/* We use the private type T_ZNS for retrieving the nameservers for the --enclosing zone of a domain, and the private type T_MXH for retrieving --the MX hostnames only (without their priorities). */ -+/* We define a few private types for special DNS lookups: -+ -+ . T_ZNS gets the nameservers of the enclosing zone of a domain -+ -+ . T_MXH gets the MX hostnames only (without their priorities) -+ -+ . T_CSA gets the domain's Client SMTP Authorization SRV record -+ -+*/ - - #define T_ZNS (-1) - #define T_MXH (-2) -+#define T_CSA (-3) - - /* The resolv.h header defines __P(x) on some Solaris 2.5.1 systems (without - checking that it is already defined, in fact). This conflicts with other ---- src/expand.c 28 Apr 2005 13:29:27 -0000 1.20 -+++ src/expand.c 10 May 2005 10:19:11 -0000 1.21 -@@ -333,6 +333,7 @@ - { "caller_uid", vtype_uid, &real_uid }, - { "compile_date", vtype_stringptr, &version_date }, - { "compile_number", vtype_stringptr, &version_cnumber }, -+ { "csa_status", vtype_stringptr, &csa_status }, - #ifdef WITH_OLD_DEMIME - { "demime_errorlevel", vtype_int, &demime_errorlevel }, - { "demime_reason", vtype_stringptr, &demime_reason }, ---- src/globals.c 3 May 2005 14:20:01 -0000 1.23 -+++ src/globals.c 10 May 2005 10:19:11 -0000 1.24 -@@ -385,6 +385,8 @@ - int continue_sequence = 1; - uschar *continue_transport = NULL; - -+uschar *csa_status = NULL; -+ - BOOL daemon_listen = FALSE; - uschar *daemon_smtp_port = US"smtp"; - BOOL debug_daemon = FALSE; -@@ -473,6 +475,8 @@ - #endif - - uschar *dns_again_means_nonexist = NULL; -+int dns_csa_search_limit = 5; -+BOOL dns_csa_use_reverse = TRUE; - uschar *dns_ipv4_lookup = NULL; - int dns_retrans = 0; - int dns_retry = 0; ---- src/globals.h 3 May 2005 14:20:01 -0000 1.15 -+++ src/globals.h 10 May 2005 10:19:11 -0000 1.16 -@@ -214,6 +214,8 @@ - extern int continue_sequence; /* Sequence num for continued delivery */ - extern uschar *continue_transport; /* Transport for continued delivery */ - -+extern uschar *csa_status; /* Client SMTP Authorization result */ -+ - extern BOOL daemon_listen; /* True if listening required */ - extern uschar *daemon_smtp_port; /* Can be a list of ports */ - extern BOOL debug_daemon; /* Debug the daemon process only */ -@@ -271,6 +273,8 @@ - #endif - - extern uschar *dns_again_means_nonexist; /* Domains that are badly set up */ -+extern int dns_csa_search_limit; /* How deep to search for CSA SRV records */ -+extern BOOL dns_csa_use_reverse; /* Check CSA in reverse DNS? (non-standard) */ - extern uschar *dns_ipv4_lookup; /* For these domains, don't look for AAAA (or A6) */ - extern int dns_retrans; /* Retransmission time setting */ - extern int dns_retry; /* Number of retries */ ---- src/macros.h 7 Apr 2005 10:54:54 -0000 1.12 -+++ src/macros.h 10 May 2005 10:19:11 -0000 1.13 -@@ -178,7 +178,7 @@ - - /* Options for dns_next_rr */ - --enum { RESET_NEXT, RESET_ANSWERS, RESET_ADDITIONAL }; -+enum { RESET_NEXT, RESET_ANSWERS, RESET_AUTHORITY, RESET_ADDITIONAL }; - - /* Argument values for the time-of-day function */ - ---- src/readconf.c 5 Apr 2005 13:58:35 -0000 1.7 -+++ src/readconf.c 10 May 2005 10:19:11 -0000 1.8 -@@ -193,6 +193,8 @@ - { "delivery_date_remove", opt_bool, &delivery_date_remove }, - { "dns_again_means_nonexist", opt_stringptr, &dns_again_means_nonexist }, - { "dns_check_names_pattern", opt_stringptr, &check_dns_names_pattern }, -+ { "dns_csa_search_limit", opt_int, &dns_csa_search_limit }, -+ { "dns_csa_use_reverse", opt_bool, &dns_csa_use_reverse }, - { "dns_ipv4_lookup", opt_stringptr, &dns_ipv4_lookup }, - { "dns_retrans", opt_time, &dns_retrans }, - { "dns_retry", opt_int, &dns_retry }, ---- src/lookups/dnsdb.c 17 Feb 2005 11:58:27 -0000 1.10 -+++ src/lookups/dnsdb.c 10 May 2005 10:19:11 -0000 1.11 -@@ -31,6 +31,7 @@ - #endif - #endif - "cname", -+ "csa", - "mx", - "mxh", - "ns", -@@ -49,6 +50,7 @@ - #endif - #endif - T_CNAME, -+ T_CSA, /* Private type for "Client SMTP Authorization". */ - T_MX, - T_MXH, /* Private type for "MX hostnames" */ - T_NS, -@@ -112,7 +114,7 @@ - int type = T_TXT; - int failrc = FAIL; - uschar *outsep = US"\n"; --uschar *equals, *domain; -+uschar *equals, *domain, *found; - uschar buffer[256]; - - /* Because we're the working in the search pool, we try to reclaim as much -@@ -228,15 +230,18 @@ - != NULL) - { - uschar rbuffer[256]; -- int searchtype = (type == T_ZNS)? T_NS : /* record type we want */ -- (type == T_MXH)? T_MX : type; -+ int searchtype = (type == T_CSA)? T_SRV : /* record type we want */ -+ (type == T_MXH)? T_MX : -+ (type == T_ZNS)? T_NS : type; -+ -+ /* If the type is PTR or CSA, we have to construct the relevant magic lookup -+ key if the original is an IP address (some experimental protocols are using -+ PTR records for different purposes where the key string is a host name, and -+ Exim's extended CSA can be keyed by domains or IP addresses). This code for -+ doing the reversal is now in a separate function. */ - -- /* If the type is PTR, we have to construct the relevant magic lookup key if -- the original is an IP address (some experimental protocols are using PTR -- records for different purposes where the key string is a host name). This -- code for doing the reversal is now in a separate function. */ -- -- if (type == T_PTR && string_is_ip_address(domain, NULL) > 0) -+ if ((type == T_PTR || type == T_CSA) && -+ string_is_ip_address(domain, NULL) > 0) - { - dns_build_reverse(domain, rbuffer); - domain = rbuffer; -@@ -244,15 +249,16 @@ - - DEBUG(D_lookup) debug_printf("dnsdb key: %s\n", domain); - -- /* Do the lookup and sort out the result. There are two special types that -- are handled specially: T_ZNS and T_MXH. The former is handled in a special -- lookup function so that the facility could be used from other parts of the -- Exim code. The latter affects only what happens later on in this function, -- but for tidiness it is handled in a similar way. If the lookup fails, -- continue with the next domain. In the case of DEFER, adjust the final -- "nothing found" result, but carry on to the next domain. */ -+ /* Do the lookup and sort out the result. There are three special types that -+ are handled specially: T_CSA, T_ZNS and T_MXH. The former two are handled in -+ a special lookup function so that the facility could be used from other -+ parts of the Exim code. The latter affects only what happens later on in -+ this function, but for tidiness it is handled in a similar way. If the -+ lookup fails, continue with the next domain. In the case of DEFER, adjust -+ the final "nothing found" result, but carry on to the next domain. */ - -- rc = dns_special_lookup(&dnsa, domain, type, NULL); -+ found = domain; -+ rc = dns_special_lookup(&dnsa, domain, type, &found); - - if (rc == DNS_NOMATCH || rc == DNS_NODATA) continue; - if (rc != DNS_SUCCEED) -@@ -300,32 +311,63 @@ - yield = string_cat(yield, &size, &ptr, (uschar *)(rr->data+1), - (rr->data)[0]); - } -- else /* T_CNAME, T_MX, T_MXH, T_NS, T_SRV, T_PTR */ -+ else /* T_CNAME, T_CSA, T_MX, T_MXH, T_NS, T_PTR, T_SRV */ - { -- int num; -+ int priority, weight, port; - uschar s[264]; - uschar *p = (uschar *)(rr->data); - - if (type == T_MXH) - { - /* mxh ignores the priority number and includes only the hostnames */ -- GETSHORT(num, p); /* pointer is advanced */ -+ GETSHORT(priority, p); - } - else if (type == T_MX) - { -- GETSHORT(num, p); /* pointer is advanced */ -- sprintf(CS s, "%d ", num); -+ GETSHORT(priority, p); -+ sprintf(CS s, "%d ", priority); - yield = string_cat(yield, &size, &ptr, s, Ustrlen(s)); - } - else if (type == T_SRV) - { -- int weight, port; -- GETSHORT(num, p); /* pointer is advanced */ -+ GETSHORT(priority, p); - GETSHORT(weight, p); - GETSHORT(port, p); -- sprintf(CS s, "%d %d %d ", num, weight, port); -+ sprintf(CS s, "%d %d %d ", priority, weight, port); - yield = string_cat(yield, &size, &ptr, s, Ustrlen(s)); - } -+ else if (type == T_CSA) -+ { -+ /* See acl_verify_csa() for more comments about CSA. */ -+ -+ GETSHORT(priority, p); -+ GETSHORT(weight, p); -+ GETSHORT(port, p); -+ -+ if (priority != 1) continue; /* CSA version must be 1 */ -+ -+ /* If the CSA record we found is not the one we asked for, analyse -+ the subdomain assertions in the port field, else analyse the direct -+ authorization status in the weight field. */ -+ -+ if (found != domain) -+ { -+ if (port & 1) *s = 'X'; /* explicit authorization required */ -+ else *s = '?'; /* no subdomain assertions here */ -+ } -+ else -+ { -+ if (weight < 2) *s = 'N'; /* not authorized */ -+ else if (weight == 2) *s = 'Y'; /* authorized */ -+ else if (weight == 3) *s = '?'; /* unauthorizable */ -+ else continue; /* invalid */ -+ } -+ -+ s[1] = ' '; -+ yield = string_cat(yield, &size, &ptr, s, 2); -+ } -+ -+ /* GETSHORT() has advanced the pointer to the target domain. */ - - rc = dn_expand(dnsa.answer, dnsa.answer + dnsa.answerlen, p, - (DN_EXPAND_ARG4_TYPE)(s), sizeof(s)); ---- src/configure.default 29 Mar 2005 09:49:49 -0000 1.2 -+++ src/configure.default 10 May 2005 14:48:07 -0000 1.3 -@@ -322,6 +322,17 @@ - # warn message = X-Warning: $sender_host_address is in a black list at $dnslist_domain - # log_message = found in $dnslist_domain - # dnslists = black.list.example -+ ############################################################################# -+ -+ ############################################################################# -+ # This check is commented out because it is recognized that not every -+ # sysadmin will want to do it. If you enable it, the check performs -+ # Client SMTP Authorization (csa) checks on the sending host. These checks -+ # do DNS lookups for SRV records. The CSA proposal is currently (May 2005) -+ # an Internet draft. You can, of course, add additional conditions to this -+ # ACL statement to restrict the CSA checks to certain hosts only. -+ # -+ # require verify = csa - ############################################################################# - - # Accept if the address is in a local domain, but only if the recipient can diff --git a/exim.spec b/exim.spec index ab4a6f7..54b0d23 100644 --- a/exim.spec +++ b/exim.spec @@ -1,7 +1,7 @@ Summary: The exim mail transfer agent Name: exim -Version: 4.51 -Release: 3 +Version: 4.52 +Release: 1%{?dist} License: GPL Url: http://www.exim.org/ Group: System Environment/Daemons @@ -20,12 +20,10 @@ Source11: exim.pam Source13: http://marc.merlins.org/linux/exim/files/sa-exim-4.2.tar.gz Patch4: exim-rhl.patch Patch6: exim-4.50-config.patch -Patch7: exim-4.24-no_libc5.patch Patch8: exim-4.24-libdir.patch Patch12: exim-4.33-cyrus.patch Patch13: exim-4.43-pamconfig.patch Patch14: exim-4.50-spamdconf.patch -Patch15: http://www.cus.cam.ac.uk/~fanf2/hermes/doc/antiforgery/exim-csa.patch Requires: /etc/aliases BuildRequires: db4-devel openssl-devel openldap-devel XFree86-devel pam-devel @@ -73,12 +71,10 @@ cp exim_monitor/EDITME Local/eximon.conf %patch4 -p1 -b .rhl %patch6 -p1 -b .config -%patch7 -p1 -b .no_libc5 %patch8 -p1 -b .libdir %patch12 -p1 -b .cyrus %patch13 -p1 -b .pam %patch14 -p1 -b .spamd -%patch15 -p0 -b .csa %build %ifnarch s390 s390x @@ -287,6 +283,9 @@ fi %doc sa-exim*/{ACKNOWLEDGEMENTS,INSTALL,LICENSE,TODO} %changelog +* Fri Jul 1 2005 David Woodhouse 4.52-1 +- Update to Exim 4.52 + * Thu Jun 16 2005 David Woodhouse 4.51-3 - Rebuild for -devel diff --git a/sources b/sources index 624cf8b..462b0a3 100644 --- a/sources +++ b/sources @@ -1,2 +1,3 @@ 36c0c005e012d13beb7edfd8d124c049 exim-4.51.tar.bz2 ad76f73c6b3d01caa88078e3e622745a sa-exim-4.2.tar.gz +89601650f3b854d469451f30b369622b exim-4.52.tar.bz2 From 40b550a5b2e9afafe01a9779d49c8916aae4277c Mon Sep 17 00:00:00 2001 From: David Woodhouse Date: Fri, 1 Jul 2005 15:56:53 +0000 Subject: [PATCH 006/194] remove 4.51 from sources --- .cvsignore | 1 - sources | 1 - 2 files changed, 2 deletions(-) diff --git a/.cvsignore b/.cvsignore index 99a733b..0d998b3 100644 --- a/.cvsignore +++ b/.cvsignore @@ -1,3 +1,2 @@ -exim-4.51.tar.bz2 sa-exim-4.2.tar.gz exim-4.52.tar.bz2 diff --git a/sources b/sources index 462b0a3..84ab746 100644 --- a/sources +++ b/sources @@ -1,3 +1,2 @@ -36c0c005e012d13beb7edfd8d124c049 exim-4.51.tar.bz2 ad76f73c6b3d01caa88078e3e622745a sa-exim-4.2.tar.gz 89601650f3b854d469451f30b369622b exim-4.52.tar.bz2 From e9b6950211f336d09fe92981e0ce43c5e3d2c01b Mon Sep 17 00:00:00 2001 From: David Woodhouse Date: Thu, 25 Aug 2005 14:18:04 +0000 Subject: [PATCH 007/194] dynamic pcre --- exim-4.52-dynamic-pcre.patch | 76 ++++++++++++++++++++++++++++++++++++ exim.spec | 9 ++++- 2 files changed, 83 insertions(+), 2 deletions(-) create mode 100644 exim-4.52-dynamic-pcre.patch diff --git a/exim-4.52-dynamic-pcre.patch b/exim-4.52-dynamic-pcre.patch new file mode 100644 index 0000000..c2ca9d3 --- /dev/null +++ b/exim-4.52-dynamic-pcre.patch @@ -0,0 +1,76 @@ +--- exim-4.52/OS/Makefile-Base.pcre 2005-07-01 12:09:15.000000000 +0100 ++++ exim-4.52/OS/Makefile-Base 2005-08-25 14:28:19.000000000 +0100 +@@ -96,14 +96,14 @@ config.h: Makefile buildconfig ../src/co + # therefore always be run, even if the files exist. This shouldn't in fact be a + # problem, but it does no harm. Other make programs will just ignore this. + +-.PHONY: all allexim buildauths buildlookups buildpcre buildrouters \ ++.PHONY: all allexim buildauths buildlookups buildrouters \ + buildtransports checklocalmake clean + + + # This is the real default target for all the various exim binaries and + # scripts, once the configuring stuff is done. + +-allexim: config.h buildpcre $(EXIM_MONITOR) exicyclog exinext exiwhat \ ++allexim: config.h $(EXIM_MONITOR) exicyclog exinext exiwhat \ + exigrep eximstats exipick exiqgrep exiqsumm \ + transport-filter.pl convert4r3 convert4r4 \ + exim_checkaccess \ +@@ -314,7 +314,7 @@ OBJ_EXIM = acl.o child.o crypt16.o daemo + local_scan.o $(EXIM_PERL) $(OBJ_WITH_CONTENT_SCAN) \ + $(OBJ_WITH_OLD_DEMIME) $(OBJ_EXPERIMENTAL) + +-exim: pcre/libpcre.a lookups/lookups.a auths/auths.a \ ++exim: lookups/lookups.a auths/auths.a \ + routers/routers.a transports/transports.a \ + $(OBJ_EXIM) version.c + @echo " " +@@ -325,7 +325,7 @@ exim: pcre/libpcre.a lookups/lookups.a + rm -f exim + @echo "$(LNCC) -o exim" + $(FE)$(PURIFY) $(LNCC) -o exim $(LFLAGS) $(OBJ_EXIM) version.o \ +- pcre/libpcre.a \ ++ -lpcre \ + routers/routers.a transports/transports.a lookups/lookups.a \ + auths/auths.a \ + $(LIBRESOLV) $(LIBS) $(LIBS_EXIM) $(IPV6_LIBS) $(EXTRALIBS) \ +@@ -429,14 +429,14 @@ MONBIN = em_StripChart.o $(EXIMON_TEXTPO + + OBJ_MONBIN = util-spool_in.o util-store.o util-string.o tod.o tree.o $(MONBIN) + +-eximon.bin: $(EXIMON_EDITME) eximon $(OBJ_MONBIN) pcre/libpcre.a \ ++eximon.bin: $(EXIMON_EDITME) eximon $(OBJ_MONBIN) \ + ../exim_monitor/em_version.c + @echo "$(CC) exim_monitor/em_version.c" + $(FE)$(CC) -o em_version.o -c \ + $(CFLAGS) $(XINCLUDE) -I. ../exim_monitor/em_version.c + @echo "$(LNCC) -o eximon.bin" + $(FE)$(PURIFY) $(LNCC) -o eximon.bin em_version.o $(LFLAGS) $(XLFLAGS) \ +- $(OBJ_MONBIN) -lXaw -lXmu -lXt -lXext -lX11 pcre/libpcre.a \ ++ $(OBJ_MONBIN) -lXaw -lXmu -lXt -lXext -lX11 -lpcre \ + $(LIBS) $(LIBS_EXIMON) $(EXTRALIBS) $(EXTRALIBS_EXIMON) -lc + @if [ x"$(STRIP_COMMAND)" != x"" ]; then \ + echo $(STRIP_COMMAND) eximon.bin; \ +--- exim-4.52/src/exim.h.pcre 2005-07-01 12:09:15.000000000 +0100 ++++ exim-4.52/src/exim.h 2005-08-25 14:26:40.000000000 +0100 +@@ -414,7 +414,7 @@ extern int ferror(FILE *); + + /* The header from the PCRE regex package */ + +-#include "pcre/pcre.h" ++#include + + /* Exim includes are in several files. Note that local_scan.h #includes + mytypes.h and store.h, so we don't need to mention them explicitly. */ +--- exim-4.52/exim_monitor/em_hdr.h.pcre 2005-07-01 12:09:15.000000000 +0100 ++++ exim-4.52/exim_monitor/em_hdr.h 2005-08-25 14:26:40.000000000 +0100 +@@ -87,7 +87,7 @@ anything. */ + + /* Regular expression include */ + +-#include "pcre/pcre.h" ++#include + + /* Includes from the main source of Exim. We need to have MAXPACKET defined for + the benefit of structs.h. One of these days I should tidy up this interface so diff --git a/exim.spec b/exim.spec index 54b0d23..7722d54 100644 --- a/exim.spec +++ b/exim.spec @@ -1,7 +1,7 @@ Summary: The exim mail transfer agent Name: exim Version: 4.52 -Release: 1%{?dist} +Release: 2%{?dist} License: GPL Url: http://www.exim.org/ Group: System Environment/Daemons @@ -24,10 +24,11 @@ Patch8: exim-4.24-libdir.patch Patch12: exim-4.33-cyrus.patch Patch13: exim-4.43-pamconfig.patch Patch14: exim-4.50-spamdconf.patch +Patch15: exim-4.52-dynamic-pcre.patch Requires: /etc/aliases BuildRequires: db4-devel openssl-devel openldap-devel XFree86-devel pam-devel -BuildRequires: lynx +BuildRequires: lynx pcre-devel BuildRequires: cyrus-sasl-devel openldap-devel openssl-devel PreReq: cyrus-sasl openldap openssl @@ -75,6 +76,7 @@ cp exim_monitor/EDITME Local/eximon.conf %patch12 -p1 -b .cyrus %patch13 -p1 -b .pam %patch14 -p1 -b .spamd +%patch15 -p1 -b .pcre %build %ifnarch s390 s390x @@ -283,6 +285,9 @@ fi %doc sa-exim*/{ACKNOWLEDGEMENTS,INSTALL,LICENSE,TODO} %changelog +* Thu Aug 25 2005 David Woodhouse 4.52-2 +- Use system PCRE + * Fri Jul 1 2005 David Woodhouse 4.52-1 - Update to Exim 4.52 From aac745b2baddb73f2430527e9f255490081b8118 Mon Sep 17 00:00:00 2001 From: David Woodhouse Date: Wed, 5 Oct 2005 10:12:28 +0000 Subject: [PATCH 008/194] 4.54 --- .cvsignore | 2 +- exim-4.50-config.patch | 6 ++++-- exim.spec | 10 +++++++--- sources | 2 +- 4 files changed, 13 insertions(+), 7 deletions(-) diff --git a/.cvsignore b/.cvsignore index 0d998b3..a28359f 100644 --- a/.cvsignore +++ b/.cvsignore @@ -1,2 +1,2 @@ sa-exim-4.2.tar.gz -exim-4.52.tar.bz2 +exim-4.54.tar.bz2 diff --git a/exim-4.50-config.patch b/exim-4.50-config.patch index 6b125a9..d2e2bd7 100644 --- a/exim-4.50-config.patch +++ b/exim-4.50-config.patch @@ -58,7 +58,7 @@ #------------------------------------------------------------------------------ -@@ -255,16 +255,18 @@ +@@ -255,17 +255,19 @@ LOOKUP_DBM=yes LOOKUP_LSEARCH=yes @@ -72,7 +72,7 @@ -# LOOKUP_LDAP=yes +LOOKUP_LDAP=yes +LDAP_LIB_TYPE=OPENLDAP2 -+LOOKUP_LIBS=-lldap -llber ++LOOKUP_LIBS=-lldap -llber -lsqlite3 # LOOKUP_MYSQL=yes -# LOOKUP_NIS=yes -# LOOKUP_NISPLUS=yes @@ -82,6 +82,8 @@ -# LOOKUP_PASSWD=yes +LOOKUP_PASSWD=yes # LOOKUP_PGSQL=yes +-# LOOKUP_SQLITE=yes ++LOOKUP_SQLITE=yes # LOOKUP_WHOSON=yes @@ -272,7 +274,7 @@ diff --git a/exim.spec b/exim.spec index 7722d54..4c6de02 100644 --- a/exim.spec +++ b/exim.spec @@ -1,7 +1,7 @@ Summary: The exim mail transfer agent Name: exim -Version: 4.52 -Release: 2%{?dist} +Version: 4.54 +Release: 1%{?dist} License: GPL Url: http://www.exim.org/ Group: System Environment/Daemons @@ -28,7 +28,7 @@ Patch15: exim-4.52-dynamic-pcre.patch Requires: /etc/aliases BuildRequires: db4-devel openssl-devel openldap-devel XFree86-devel pam-devel -BuildRequires: lynx pcre-devel +BuildRequires: lynx pcre-devel sqlite-devel BuildRequires: cyrus-sasl-devel openldap-devel openssl-devel PreReq: cyrus-sasl openldap openssl @@ -285,6 +285,10 @@ fi %doc sa-exim*/{ACKNOWLEDGEMENTS,INSTALL,LICENSE,TODO} %changelog +* Wed Oct 5 2005 David Woodhouse 4.54-1 +- Update to Exim 4.54 +- Enable sqlite support + * Thu Aug 25 2005 David Woodhouse 4.52-2 - Use system PCRE diff --git a/sources b/sources index 84ab746..b8d5fd3 100644 --- a/sources +++ b/sources @@ -1,2 +1,2 @@ ad76f73c6b3d01caa88078e3e622745a sa-exim-4.2.tar.gz -89601650f3b854d469451f30b369622b exim-4.52.tar.bz2 +f3cdf5292f4bbb1ee2de42d4338b3b9f exim-4.54.tar.bz2 From ebb629c8c22e3bfc0574b94dc82913e6e4b25eb1 Mon Sep 17 00:00:00 2001 From: David Woodhouse Date: Tue, 8 Nov 2005 16:32:01 +0000 Subject: [PATCH 009/194] rebuild, enable mysql and postgres --- exim-4.50-config.patch | 11 +++++++---- exim.spec | 8 ++++++-- 2 files changed, 13 insertions(+), 6 deletions(-) diff --git a/exim-4.50-config.patch b/exim-4.50-config.patch index d2e2bd7..3199400 100644 --- a/exim-4.50-config.patch +++ b/exim-4.50-config.patch @@ -58,7 +58,7 @@ #------------------------------------------------------------------------------ -@@ -255,17 +255,19 @@ +@@ -255,17 +255,20 @@ LOOKUP_DBM=yes LOOKUP_LSEARCH=yes @@ -72,8 +72,10 @@ -# LOOKUP_LDAP=yes +LOOKUP_LDAP=yes +LDAP_LIB_TYPE=OPENLDAP2 -+LOOKUP_LIBS=-lldap -llber -lsqlite3 - # LOOKUP_MYSQL=yes ++LOOKUP_INCLUDE=-I/usr/include/mysql ++LOOKUP_LIBS=-lldap -llber -lsqlite3 -L/usr/lib/mysql -lmysqlclient -lpq +-# LOOKUP_MYSQL=yes ++LOOKUP_MYSQL=yes -# LOOKUP_NIS=yes -# LOOKUP_NISPLUS=yes +LOOKUP_NIS=yes @@ -81,7 +83,8 @@ # LOOKUP_ORACLE=yes -# LOOKUP_PASSWD=yes +LOOKUP_PASSWD=yes - # LOOKUP_PGSQL=yes +-# LOOKUP_PGSQL=yes ++# LOOKUP_PGSQL=yes -# LOOKUP_SQLITE=yes +LOOKUP_SQLITE=yes # LOOKUP_WHOSON=yes diff --git a/exim.spec b/exim.spec index 4c6de02..ab09138 100644 --- a/exim.spec +++ b/exim.spec @@ -1,7 +1,7 @@ Summary: The exim mail transfer agent Name: exim Version: 4.54 -Release: 1%{?dist} +Release: 2%{?dist} License: GPL Url: http://www.exim.org/ Group: System Environment/Daemons @@ -29,7 +29,7 @@ Patch15: exim-4.52-dynamic-pcre.patch Requires: /etc/aliases BuildRequires: db4-devel openssl-devel openldap-devel XFree86-devel pam-devel BuildRequires: lynx pcre-devel sqlite-devel -BuildRequires: cyrus-sasl-devel openldap-devel openssl-devel +BuildRequires: cyrus-sasl-devel openldap-devel openssl-devel mysql-devel postgresql-devel PreReq: cyrus-sasl openldap openssl %description @@ -285,6 +285,10 @@ fi %doc sa-exim*/{ACKNOWLEDGEMENTS,INSTALL,LICENSE,TODO} %changelog +* Wed Oct 5 2005 David Woodhouse 4.54-2 +- Rebuild for new OpenSSL +- Add MySQL and Postgres support to keep jgarzik happy + * Wed Oct 5 2005 David Woodhouse 4.54-1 - Update to Exim 4.54 - Enable sqlite support From 84df388c71f8a7295b99dfb671e3ab4862a3d5af Mon Sep 17 00:00:00 2001 From: David Woodhouse Date: Fri, 11 Nov 2005 20:17:28 +0000 Subject: [PATCH 010/194] X buildreqs --- exim.spec | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/exim.spec b/exim.spec index ab09138..118719a 100644 --- a/exim.spec +++ b/exim.spec @@ -1,7 +1,7 @@ Summary: The exim mail transfer agent Name: exim Version: 4.54 -Release: 2%{?dist} +Release: 3%{?dist} License: GPL Url: http://www.exim.org/ Group: System Environment/Daemons @@ -27,9 +27,10 @@ Patch14: exim-4.50-spamdconf.patch Patch15: exim-4.52-dynamic-pcre.patch Requires: /etc/aliases -BuildRequires: db4-devel openssl-devel openldap-devel XFree86-devel pam-devel +BuildRequires: db4-devel openssl-devel openldap-devel pam-devel BuildRequires: lynx pcre-devel sqlite-devel BuildRequires: cyrus-sasl-devel openldap-devel openssl-devel mysql-devel postgresql-devel +BuildRequires: libXaw-devel libXmu-devel libXext-devel libX11-devel libSM-devel libICE-devel libXpm-devel PreReq: cyrus-sasl openldap openssl %description @@ -285,6 +286,9 @@ fi %doc sa-exim*/{ACKNOWLEDGEMENTS,INSTALL,LICENSE,TODO} %changelog +* Fri Nov 11 2005 David Woodhouse 4.54-3 +- Update X11 BuildRequires + * Wed Oct 5 2005 David Woodhouse 4.54-2 - Rebuild for new OpenSSL - Add MySQL and Postgres support to keep jgarzik happy From b1cc5556c8155dc3e77c5291671ca80a6e5bae5a Mon Sep 17 00:00:00 2001 From: David Woodhouse Date: Sun, 13 Nov 2005 19:31:25 +0000 Subject: [PATCH 011/194] fix 64-bit build --- exim-4.50-config.patch | 2 +- exim.spec | 3 +++ 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/exim-4.50-config.patch b/exim-4.50-config.patch index 3199400..912d933 100644 --- a/exim-4.50-config.patch +++ b/exim-4.50-config.patch @@ -73,7 +73,7 @@ +LOOKUP_LDAP=yes +LDAP_LIB_TYPE=OPENLDAP2 +LOOKUP_INCLUDE=-I/usr/include/mysql -+LOOKUP_LIBS=-lldap -llber -lsqlite3 -L/usr/lib/mysql -lmysqlclient -lpq ++LOOKUP_LIBS=-lldap -llber -lsqlite3 -L/usr/$(_lib)/mysql -lmysqlclient -lpq -# LOOKUP_MYSQL=yes +LOOKUP_MYSQL=yes -# LOOKUP_NIS=yes diff --git a/exim.spec b/exim.spec index 118719a..3c43179 100644 --- a/exim.spec +++ b/exim.spec @@ -286,6 +286,9 @@ fi %doc sa-exim*/{ACKNOWLEDGEMENTS,INSTALL,LICENSE,TODO} %changelog +* Sun Nov 13 2005 David Woodhouse 4.54-4 +- Fix 64-bit build + * Fri Nov 11 2005 David Woodhouse 4.54-3 - Update X11 BuildRequires From 1fc06ca2f055a37069fc9c93522280d62d852b4e Mon Sep 17 00:00:00 2001 From: David Woodhouse Date: Sun, 13 Nov 2005 19:32:00 +0000 Subject: [PATCH 012/194] bump release --- exim.spec | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/exim.spec b/exim.spec index 3c43179..7965263 100644 --- a/exim.spec +++ b/exim.spec @@ -1,7 +1,7 @@ Summary: The exim mail transfer agent Name: exim Version: 4.54 -Release: 3%{?dist} +Release: 4%{?dist} License: GPL Url: http://www.exim.org/ Group: System Environment/Daemons From 23a23ab0fa2a6b4f3c82ee101eaaf4a823aeeeda Mon Sep 17 00:00:00 2001 From: David Woodhouse Date: Tue, 29 Nov 2005 11:41:06 +0000 Subject: [PATCH 013/194] 4.60 --- .cvsignore | 2 +- exim.spec | 7 +++++-- sources | 2 +- 3 files changed, 7 insertions(+), 4 deletions(-) diff --git a/.cvsignore b/.cvsignore index a28359f..bab42b4 100644 --- a/.cvsignore +++ b/.cvsignore @@ -1,2 +1,2 @@ sa-exim-4.2.tar.gz -exim-4.54.tar.bz2 +exim-4.60.tar.bz2 diff --git a/exim.spec b/exim.spec index 7965263..265b56b 100644 --- a/exim.spec +++ b/exim.spec @@ -1,7 +1,7 @@ Summary: The exim mail transfer agent Name: exim -Version: 4.54 -Release: 4%{?dist} +Version: 4.60 +Release: 1%{?dist} License: GPL Url: http://www.exim.org/ Group: System Environment/Daemons @@ -286,6 +286,9 @@ fi %doc sa-exim*/{ACKNOWLEDGEMENTS,INSTALL,LICENSE,TODO} %changelog +* Tue Nov 29 2005 David Woodhouse 4.60-1 +- Update to 4.60 + * Sun Nov 13 2005 David Woodhouse 4.54-4 - Fix 64-bit build diff --git a/sources b/sources index b8d5fd3..0249046 100644 --- a/sources +++ b/sources @@ -1,2 +1,2 @@ ad76f73c6b3d01caa88078e3e622745a sa-exim-4.2.tar.gz -f3cdf5292f4bbb1ee2de42d4338b3b9f exim-4.54.tar.bz2 +eed3c8fc393cf7ccc9c1079b28516128 exim-4.60.tar.bz2 From e15f6558d58c5512dfcaffb66b920ef24e5bd1e1 Mon Sep 17 00:00:00 2001 From: David Woodhouse Date: Tue, 29 Nov 2005 12:10:28 +0000 Subject: [PATCH 014/194] require libXt-devel --- exim.spec | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/exim.spec b/exim.spec index 265b56b..f6593ff 100644 --- a/exim.spec +++ b/exim.spec @@ -1,7 +1,7 @@ Summary: The exim mail transfer agent Name: exim Version: 4.60 -Release: 1%{?dist} +Release: 2%{?dist} License: GPL Url: http://www.exim.org/ Group: System Environment/Daemons @@ -30,7 +30,8 @@ Requires: /etc/aliases BuildRequires: db4-devel openssl-devel openldap-devel pam-devel BuildRequires: lynx pcre-devel sqlite-devel BuildRequires: cyrus-sasl-devel openldap-devel openssl-devel mysql-devel postgresql-devel -BuildRequires: libXaw-devel libXmu-devel libXext-devel libX11-devel libSM-devel libICE-devel libXpm-devel +BuildRequires: libXaw-devel libXmu-devel libXext-devel libX11-devel libSM-devel +BuildRequires: libICE-devel libXpm-devel libXt-devel PreReq: cyrus-sasl openldap openssl %description @@ -286,6 +287,9 @@ fi %doc sa-exim*/{ACKNOWLEDGEMENTS,INSTALL,LICENSE,TODO} %changelog +* Tue Nov 29 2005 David Woodhouse 4.60-2 +- Require libXt-devel + * Tue Nov 29 2005 David Woodhouse 4.60-1 - Update to 4.60 From 6410e546adfa04a818e8ddb0e67a06d29ccd6b4d Mon Sep 17 00:00:00 2001 From: David Woodhouse Date: Tue, 7 Mar 2006 00:24:31 +0000 Subject: [PATCH 015/194] rebuild --- exim.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/exim.spec b/exim.spec index f6593ff..f54a184 100644 --- a/exim.spec +++ b/exim.spec @@ -1,7 +1,7 @@ Summary: The exim mail transfer agent Name: exim Version: 4.60 -Release: 2%{?dist} +Release: 3%{?dist} License: GPL Url: http://www.exim.org/ Group: System Environment/Daemons @@ -287,6 +287,9 @@ fi %doc sa-exim*/{ACKNOWLEDGEMENTS,INSTALL,LICENSE,TODO} %changelog +* Tue Mar 7 2006 David Woodhouse 4.60-3 +- Rebuild + * Tue Nov 29 2005 David Woodhouse 4.60-2 - Require libXt-devel From dad813099e82cb8641276c99f58ee9623471374f Mon Sep 17 00:00:00 2001 From: David Woodhouse Date: Tue, 21 Mar 2006 10:29:09 +0000 Subject: [PATCH 016/194] actually enable pgsql --- exim-4.50-config.patch | 2 +- exim.spec | 5 ++++- 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/exim-4.50-config.patch b/exim-4.50-config.patch index 912d933..1eaa4a6 100644 --- a/exim-4.50-config.patch +++ b/exim-4.50-config.patch @@ -84,7 +84,7 @@ -# LOOKUP_PASSWD=yes +LOOKUP_PASSWD=yes -# LOOKUP_PGSQL=yes -+# LOOKUP_PGSQL=yes ++LOOKUP_PGSQL=yes -# LOOKUP_SQLITE=yes +LOOKUP_SQLITE=yes # LOOKUP_WHOSON=yes diff --git a/exim.spec b/exim.spec index f54a184..4990030 100644 --- a/exim.spec +++ b/exim.spec @@ -1,7 +1,7 @@ Summary: The exim mail transfer agent Name: exim Version: 4.60 -Release: 3%{?dist} +Release: 4%{?dist} License: GPL Url: http://www.exim.org/ Group: System Environment/Daemons @@ -287,6 +287,9 @@ fi %doc sa-exim*/{ACKNOWLEDGEMENTS,INSTALL,LICENSE,TODO} %changelog +* Tue Mar 21 2006 David Woodhouse 4.60-4 +- Actually enable Postgres + * Tue Mar 7 2006 David Woodhouse 4.60-3 - Rebuild From 4375ab63c8e65d48c4fa6d98c86aefaba21f837e Mon Sep 17 00:00:00 2001 From: David Woodhouse Date: Thu, 23 Mar 2006 12:28:38 +0000 Subject: [PATCH 017/194] fix #186303 --- exim-4.60-mon-overflow.patch | 11 +++++++++++ exim.spec | 7 ++++++- 2 files changed, 17 insertions(+), 1 deletion(-) create mode 100644 exim-4.60-mon-overflow.patch diff --git a/exim-4.60-mon-overflow.patch b/exim-4.60-mon-overflow.patch new file mode 100644 index 0000000..0e8d202 --- /dev/null +++ b/exim-4.60-mon-overflow.patch @@ -0,0 +1,11 @@ +--- exim-4.60/exim_monitor/em_queue.c~ 2005-11-28 10:57:32.000000000 +0000 ++++ exim-4.60/exim_monitor/em_queue.c 2006-03-23 12:23:20.000000000 +0000 +@@ -500,7 +500,7 @@ for (i = 0; i < subdir_max; i++) + uschar basename[SPOOL_NAME_LENGTH]; + stripchart_total[0]++; + if (!eximon_initialized) { printf("."); fflush(stdout); } +- Ustrcpy(basename, name); ++ Ustrncpy(basename, name, SPOOL_NAME_LENGTH - 2); + basename[SPOOL_NAME_LENGTH - 2] = 0; + if (full) find_queue(basename, queue_add, subdirchar); + } diff --git a/exim.spec b/exim.spec index 4990030..3506287 100644 --- a/exim.spec +++ b/exim.spec @@ -1,7 +1,7 @@ Summary: The exim mail transfer agent Name: exim Version: 4.60 -Release: 4%{?dist} +Release: 5%{?dist} License: GPL Url: http://www.exim.org/ Group: System Environment/Daemons @@ -25,6 +25,7 @@ Patch12: exim-4.33-cyrus.patch Patch13: exim-4.43-pamconfig.patch Patch14: exim-4.50-spamdconf.patch Patch15: exim-4.52-dynamic-pcre.patch +Patch16: exim-4.60-mon-overflow.patch Requires: /etc/aliases BuildRequires: db4-devel openssl-devel openldap-devel pam-devel @@ -79,6 +80,7 @@ cp exim_monitor/EDITME Local/eximon.conf %patch13 -p1 -b .pam %patch14 -p1 -b .spamd %patch15 -p1 -b .pcre +%patch16 -p1 %build %ifnarch s390 s390x @@ -287,6 +289,9 @@ fi %doc sa-exim*/{ACKNOWLEDGEMENTS,INSTALL,LICENSE,TODO} %changelog +* Thu Mar 23 2006 David Woodhouse 4.60-5 +- Fix eximon buffer overflow (#186303) + * Tue Mar 21 2006 David Woodhouse 4.60-4 - Actually enable Postgres From 4ebb355d32dd0ef9723c38dc65c9637ba541a9c3 Mon Sep 17 00:00:00 2001 From: David Woodhouse Date: Tue, 4 Apr 2006 20:03:39 +0000 Subject: [PATCH 018/194] 4.61 --- .cvsignore | 2 +- exim-4.60-mon-overflow.patch | 11 ----------- exim-4.61-c-before-d.patch | 34 ++++++++++++++++++++++++++++++++++ exim.spec | 11 +++++++---- sources | 2 +- 5 files changed, 43 insertions(+), 17 deletions(-) delete mode 100644 exim-4.60-mon-overflow.patch create mode 100644 exim-4.61-c-before-d.patch diff --git a/.cvsignore b/.cvsignore index bab42b4..36869af 100644 --- a/.cvsignore +++ b/.cvsignore @@ -1,2 +1,2 @@ sa-exim-4.2.tar.gz -exim-4.60.tar.bz2 +exim-4.61.tar.bz2 diff --git a/exim-4.60-mon-overflow.patch b/exim-4.60-mon-overflow.patch deleted file mode 100644 index 0e8d202..0000000 --- a/exim-4.60-mon-overflow.patch +++ /dev/null @@ -1,11 +0,0 @@ ---- exim-4.60/exim_monitor/em_queue.c~ 2005-11-28 10:57:32.000000000 +0000 -+++ exim-4.60/exim_monitor/em_queue.c 2006-03-23 12:23:20.000000000 +0000 -@@ -500,7 +500,7 @@ for (i = 0; i < subdir_max; i++) - uschar basename[SPOOL_NAME_LENGTH]; - stripchart_total[0]++; - if (!eximon_initialized) { printf("."); fflush(stdout); } -- Ustrcpy(basename, name); -+ Ustrncpy(basename, name, SPOOL_NAME_LENGTH - 2); - basename[SPOOL_NAME_LENGTH - 2] = 0; - if (full) find_queue(basename, queue_add, subdirchar); - } diff --git a/exim-4.61-c-before-d.patch b/exim-4.61-c-before-d.patch new file mode 100644 index 0000000..fb12f4b --- /dev/null +++ b/exim-4.61-c-before-d.patch @@ -0,0 +1,34 @@ +Index: src/acl.c +=================================================================== +RCS file: /home/cvs/exim/exim-src/src/acl.c,v +retrieving revision 1.57 +retrieving revision 1.58 +diff -u -p -r1.57 -r1.58 +--- src/acl.c 6 Mar 2006 16:05:12 -0000 1.57 ++++ src/acl.c 4 Apr 2006 17:05:45 -0000 1.58 +@@ -1,4 +1,4 @@ +-/* $Cambridge: exim/exim-src/src/acl.c,v 1.57 2006/03/06 16:05:12 ph10 Exp $ */ ++/* $Cambridge: exim/exim-src/src/acl.c,v 1.58 2006/04/04 17:05:45 fanf2 Exp $ */ + + /************************************************* + * Exim - an Internet mail transport agent * +@@ -202,8 +202,8 @@ at the outer level. In the other cases, + checking functions. */ + + static uschar cond_expand_at_top[] = { +- TRUE, /* add_header */ + TRUE, /* acl */ ++ TRUE, /* add_header */ + FALSE, /* authenticated */ + #ifdef EXPERIMENTAL_BRIGHTMAIL + TRUE, /* bmi_optin */ +@@ -260,8 +260,8 @@ static uschar cond_expand_at_top[] = { + /* Flags to identify the modifiers */ + + static uschar cond_modifiers[] = { +- TRUE, /* add_header */ + FALSE, /* acl */ ++ TRUE, /* add_header */ + FALSE, /* authenticated */ + #ifdef EXPERIMENTAL_BRIGHTMAIL + TRUE, /* bmi_optin */ diff --git a/exim.spec b/exim.spec index 3506287..4fdd016 100644 --- a/exim.spec +++ b/exim.spec @@ -1,7 +1,7 @@ Summary: The exim mail transfer agent Name: exim -Version: 4.60 -Release: 5%{?dist} +Version: 4.61 +Release: 1%{?dist} License: GPL Url: http://www.exim.org/ Group: System Environment/Daemons @@ -25,7 +25,7 @@ Patch12: exim-4.33-cyrus.patch Patch13: exim-4.43-pamconfig.patch Patch14: exim-4.50-spamdconf.patch Patch15: exim-4.52-dynamic-pcre.patch -Patch16: exim-4.60-mon-overflow.patch +Patch16: exim-4.61-c-before-d.patch Requires: /etc/aliases BuildRequires: db4-devel openssl-devel openldap-devel pam-devel @@ -80,7 +80,7 @@ cp exim_monitor/EDITME Local/eximon.conf %patch13 -p1 -b .pam %patch14 -p1 -b .spamd %patch15 -p1 -b .pcre -%patch16 -p1 +%patch16 -p0 %build %ifnarch s390 s390x @@ -289,6 +289,9 @@ fi %doc sa-exim*/{ACKNOWLEDGEMENTS,INSTALL,LICENSE,TODO} %changelog +* Tue Apr 4 2006 David Woodhouse 4.61-1 +- Update to 4.61 + * Thu Mar 23 2006 David Woodhouse 4.60-5 - Fix eximon buffer overflow (#186303) diff --git a/sources b/sources index 0249046..7a3ac9a 100644 --- a/sources +++ b/sources @@ -1,2 +1,2 @@ ad76f73c6b3d01caa88078e3e622745a sa-exim-4.2.tar.gz -eed3c8fc393cf7ccc9c1079b28516128 exim-4.60.tar.bz2 +f6bbf99a6f63c0f5045a1779e7e810c4 exim-4.61.tar.bz2 From 5c85ef9127057c782456084e055b8673e0a3011f Mon Sep 17 00:00:00 2001 From: David Woodhouse Date: Fri, 7 Apr 2006 15:05:18 +0000 Subject: [PATCH 019/194] fix ldap build --- exim-4.61-ldap-deprecated.patch | 10 ++++++++++ exim.spec | 7 ++++++- 2 files changed, 16 insertions(+), 1 deletion(-) create mode 100644 exim-4.61-ldap-deprecated.patch diff --git a/exim-4.61-ldap-deprecated.patch b/exim-4.61-ldap-deprecated.patch new file mode 100644 index 0000000..ffad7ac --- /dev/null +++ b/exim-4.61-ldap-deprecated.patch @@ -0,0 +1,10 @@ +--- exim-4.61/src/lookups/ldap.c.orig 2006-04-07 16:02:48.000000000 +0100 ++++ exim-4.61/src/lookups/ldap.c 2006-04-07 16:02:00.000000000 +0100 +@@ -33,6 +33,7 @@ static void dummy(int x) { dummy(x-1); } + + /* Include LDAP headers */ + ++#define LDAP_DEPRECATED 1 + #include + #include + diff --git a/exim.spec b/exim.spec index 4fdd016..c5a7a7e 100644 --- a/exim.spec +++ b/exim.spec @@ -1,7 +1,7 @@ Summary: The exim mail transfer agent Name: exim Version: 4.61 -Release: 1%{?dist} +Release: 2%{?dist} License: GPL Url: http://www.exim.org/ Group: System Environment/Daemons @@ -26,6 +26,7 @@ Patch13: exim-4.43-pamconfig.patch Patch14: exim-4.50-spamdconf.patch Patch15: exim-4.52-dynamic-pcre.patch Patch16: exim-4.61-c-before-d.patch +Patch17: exim-4.61-ldap-deprecated.patch Requires: /etc/aliases BuildRequires: db4-devel openssl-devel openldap-devel pam-devel @@ -81,6 +82,7 @@ cp exim_monitor/EDITME Local/eximon.conf %patch14 -p1 -b .spamd %patch15 -p1 -b .pcre %patch16 -p0 +%patch17 -p1 -b .ldap %build %ifnarch s390 s390x @@ -289,6 +291,9 @@ fi %doc sa-exim*/{ACKNOWLEDGEMENTS,INSTALL,LICENSE,TODO} %changelog +* Fri Apr 7 2006 David Woodhouse 4.61-2 +- Define LDAP_DEPRECATED to ensure ldap functions are all declared. + * Tue Apr 4 2006 David Woodhouse 4.61-1 - Update to 4.61 From f0c9110ec82b6a5e267f0f5e2c564c3140ad9f3c Mon Sep 17 00:00:00 2001 From: David Woodhouse Date: Tue, 2 May 2006 10:53:54 +0000 Subject: [PATCH 020/194] update to 4.62 --- .cvsignore | 2 +- exim-4.61-c-before-d.patch | 34 ---------------------------------- exim.spec | 9 +++++---- sources | 2 +- 4 files changed, 7 insertions(+), 40 deletions(-) delete mode 100644 exim-4.61-c-before-d.patch diff --git a/.cvsignore b/.cvsignore index 36869af..e97e64e 100644 --- a/.cvsignore +++ b/.cvsignore @@ -1,2 +1,2 @@ sa-exim-4.2.tar.gz -exim-4.61.tar.bz2 +exim-4.62.tar.bz2 diff --git a/exim-4.61-c-before-d.patch b/exim-4.61-c-before-d.patch deleted file mode 100644 index fb12f4b..0000000 --- a/exim-4.61-c-before-d.patch +++ /dev/null @@ -1,34 +0,0 @@ -Index: src/acl.c -=================================================================== -RCS file: /home/cvs/exim/exim-src/src/acl.c,v -retrieving revision 1.57 -retrieving revision 1.58 -diff -u -p -r1.57 -r1.58 ---- src/acl.c 6 Mar 2006 16:05:12 -0000 1.57 -+++ src/acl.c 4 Apr 2006 17:05:45 -0000 1.58 -@@ -1,4 +1,4 @@ --/* $Cambridge: exim/exim-src/src/acl.c,v 1.57 2006/03/06 16:05:12 ph10 Exp $ */ -+/* $Cambridge: exim/exim-src/src/acl.c,v 1.58 2006/04/04 17:05:45 fanf2 Exp $ */ - - /************************************************* - * Exim - an Internet mail transport agent * -@@ -202,8 +202,8 @@ at the outer level. In the other cases, - checking functions. */ - - static uschar cond_expand_at_top[] = { -- TRUE, /* add_header */ - TRUE, /* acl */ -+ TRUE, /* add_header */ - FALSE, /* authenticated */ - #ifdef EXPERIMENTAL_BRIGHTMAIL - TRUE, /* bmi_optin */ -@@ -260,8 +260,8 @@ static uschar cond_expand_at_top[] = { - /* Flags to identify the modifiers */ - - static uschar cond_modifiers[] = { -- TRUE, /* add_header */ - FALSE, /* acl */ -+ TRUE, /* add_header */ - FALSE, /* authenticated */ - #ifdef EXPERIMENTAL_BRIGHTMAIL - TRUE, /* bmi_optin */ diff --git a/exim.spec b/exim.spec index c5a7a7e..d707d61 100644 --- a/exim.spec +++ b/exim.spec @@ -1,7 +1,7 @@ Summary: The exim mail transfer agent Name: exim -Version: 4.61 -Release: 2%{?dist} +Version: 4.62 +Release: 1%{?dist} License: GPL Url: http://www.exim.org/ Group: System Environment/Daemons @@ -25,7 +25,6 @@ Patch12: exim-4.33-cyrus.patch Patch13: exim-4.43-pamconfig.patch Patch14: exim-4.50-spamdconf.patch Patch15: exim-4.52-dynamic-pcre.patch -Patch16: exim-4.61-c-before-d.patch Patch17: exim-4.61-ldap-deprecated.patch Requires: /etc/aliases @@ -81,7 +80,6 @@ cp exim_monitor/EDITME Local/eximon.conf %patch13 -p1 -b .pam %patch14 -p1 -b .spamd %patch15 -p1 -b .pcre -%patch16 -p0 %patch17 -p1 -b .ldap %build @@ -291,6 +289,9 @@ fi %doc sa-exim*/{ACKNOWLEDGEMENTS,INSTALL,LICENSE,TODO} %changelog +* Tue May 2 2006 David Woodhouse 4.62-1 +- Update to 4.62 + * Fri Apr 7 2006 David Woodhouse 4.61-2 - Define LDAP_DEPRECATED to ensure ldap functions are all declared. diff --git a/sources b/sources index 7a3ac9a..6c5d80f 100644 --- a/sources +++ b/sources @@ -1,2 +1,2 @@ ad76f73c6b3d01caa88078e3e622745a sa-exim-4.2.tar.gz -f6bbf99a6f63c0f5045a1779e7e810c4 exim-4.61.tar.bz2 +a8efc92427192fd3b7b5e71decc8cc31 exim-4.62.tar.bz2 From 36c5d037208201744f1da0bd6355b705c1393dec Mon Sep 17 00:00:00 2001 From: David Woodhouse Date: Tue, 2 May 2006 11:30:00 +0000 Subject: [PATCH 021/194] bump release --- exim.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/exim.spec b/exim.spec index d707d61..e9660c5 100644 --- a/exim.spec +++ b/exim.spec @@ -1,7 +1,7 @@ Summary: The exim mail transfer agent Name: exim Version: 4.62 -Release: 1%{?dist} +Release: 1.1%{?dist} License: GPL Url: http://www.exim.org/ Group: System Environment/Daemons @@ -289,6 +289,9 @@ fi %doc sa-exim*/{ACKNOWLEDGEMENTS,INSTALL,LICENSE,TODO} %changelog +* Tue May 2 2006 David Woodhouse 4.62-2 +- Bump release to work around 'make tag' error + * Tue May 2 2006 David Woodhouse 4.62-1 - Update to 4.62 From eb1039eb3d1461e47c9ff291078e9f45ca9fae04 Mon Sep 17 00:00:00 2001 From: David Woodhouse Date: Tue, 2 May 2006 11:30:19 +0000 Subject: [PATCH 022/194] be consistent --- exim.spec | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/exim.spec b/exim.spec index e9660c5..6ded3d4 100644 --- a/exim.spec +++ b/exim.spec @@ -1,7 +1,7 @@ Summary: The exim mail transfer agent Name: exim Version: 4.62 -Release: 1.1%{?dist} +Release: 2%{?dist} License: GPL Url: http://www.exim.org/ Group: System Environment/Daemons From 85a688810f325165d8f565b5c844ddb8e38deda8 Mon Sep 17 00:00:00 2001 From: David Woodhouse Date: Wed, 28 Jun 2006 11:45:06 +0000 Subject: [PATCH 023/194] Fix mock build --- exim.spec | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/exim.spec b/exim.spec index 6ded3d4..cb1cac0 100644 --- a/exim.spec +++ b/exim.spec @@ -1,7 +1,7 @@ Summary: The exim mail transfer agent Name: exim Version: 4.62 -Release: 2%{?dist} +Release: 3%{?dist} License: GPL Url: http://www.exim.org/ Group: System Environment/Daemons @@ -29,7 +29,7 @@ Patch17: exim-4.61-ldap-deprecated.patch Requires: /etc/aliases BuildRequires: db4-devel openssl-devel openldap-devel pam-devel -BuildRequires: lynx pcre-devel sqlite-devel +BuildRequires: lynx pcre-devel sqlite-devel tcp_wrappers BuildRequires: cyrus-sasl-devel openldap-devel openssl-devel mysql-devel postgresql-devel BuildRequires: libXaw-devel libXmu-devel libXext-devel libX11-devel libSM-devel BuildRequires: libICE-devel libXpm-devel libXt-devel @@ -289,6 +289,9 @@ fi %doc sa-exim*/{ACKNOWLEDGEMENTS,INSTALL,LICENSE,TODO} %changelog +* Wed Jun 28 2006 David Woodhouse 4.62-3 +- BR tcp_wrappers + * Tue May 2 2006 David Woodhouse 4.62-2 - Bump release to work around 'make tag' error From 1df8e474e12af94bda2473b10b9f15d3724b72b4 Mon Sep 17 00:00:00 2001 From: David Woodhouse Date: Fri, 14 Jul 2006 18:10:23 +0000 Subject: [PATCH 024/194] review --- exim.spec | 85 ++++++++++++++++++++++++++++--------------------------- 1 file changed, 44 insertions(+), 41 deletions(-) diff --git a/exim.spec b/exim.spec index cb1cac0..22d2816 100644 --- a/exim.spec +++ b/exim.spec @@ -1,17 +1,16 @@ Summary: The exim mail transfer agent Name: exim Version: 4.62 -Release: 3%{?dist} +Release: 4%{?dist} License: GPL Url: http://www.exim.org/ Group: System Environment/Daemons -Buildroot: %{_tmppath}/%{name}-build.root +Buildroot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) Provides: MTA smtpd smtpdaemon /usr/bin/newaliases Provides: /usr/sbin/sendmail /usr/bin/mailq /usr/bin/rmail -PreReq: /sbin/chkconfig -PreReq: /sbin/service -PreReq: %{_sbindir}/alternatives -PreReq: %{_sbindir}/groupadd, %{_sbindir}/useradd +Requires(post): /sbin/chkconfig /sbin/service %{_sbindir}/alternatives +Requires(preun): /sbin/chkconfig /sbin/service %{_sbindir}/alternatives +Requires(pre): %{_sbindir}/groupadd, %{_sbindir}/useradd Source: ftp://ftp.exim.org/pub/exim/exim4/exim-%{version}.tar.bz2 Source2: exim.init Source3: exim.sysconfig @@ -33,22 +32,21 @@ BuildRequires: lynx pcre-devel sqlite-devel tcp_wrappers BuildRequires: cyrus-sasl-devel openldap-devel openssl-devel mysql-devel postgresql-devel BuildRequires: libXaw-devel libXmu-devel libXext-devel libX11-devel libSM-devel BuildRequires: libICE-devel libXpm-devel libXt-devel -PreReq: cyrus-sasl openldap openssl -%description -Exim is a mail transport agent (MTA) developed at the University of -Cambridge for use on Unix systems connected to the Internet. In style -it is similar to Smail 3, but its facilities are more extensive, and -in particular it has options for verifying incoming sender and -recipient addresses, for refusing mail from specified hosts, networks, -or senders, and for controlling mail relaying. Exim is in production -use at quite a few sites, some of which move hundreds of thousands of -messages per day. +%description +Exim is a message transfer agent (MTA) developed at the University of +Cambridge for use on Unix systems connected to the Internet. It is +freely available under the terms of the GNU General Public Licence. In +style it is similar to Smail 3, but its facilities are more +general. There is a great deal of flexibility in the way mail can be +routed, and there are extensive facilities for checking incoming +mail. Exim can be installed in place of sendmail, although the +configuration of exim is quite different to that of sendmail. %package mon Summary: X11 monitor application for exim Group: Applications/System -License: Free +License: GPL %description mon The Exim Monitor is an optional supplement to the Exim package. It @@ -59,7 +57,7 @@ interface. %package sa Summary: Exim SpamAssassin at SMTP time - d/l plugin Group: System Environment/Daemons -Requires: exim +Requires: exim = %{version}-%{release} %description sa Allows running of SA on incoming mail and rejection at SMTP time as @@ -84,9 +82,9 @@ cp exim_monitor/EDITME Local/eximon.conf %build %ifnarch s390 s390x - make CFLAGS="$RPM_OPT_FLAGS -fpie" LFLAGS=-pie _lib=%{_lib} + make CFLAGS="$RPM_OPT_FLAGS -fpie" LFLAGS=-pie _lib=%{_lib} %else - make CFLAGS="$RPM_OPT_FLAGS -fPIE" LFLAGS=-pie _lib=%{_lib} + make CFLAGS="$RPM_OPT_FLAGS -fPIE" LFLAGS=-pie _lib=%{_lib} %endif # build sa-exim @@ -112,13 +110,13 @@ for i in eximon eximon.bin exim_dumpdb exim_fixdb exim_tidydb \ exigrep eximstats exipick exiqgrep exiqsumm \ exim_checkaccess convert4r4 do - install -m 0775 $i $RPM_BUILD_ROOT%{_sbindir} + install -m 0775 $i $RPM_BUILD_ROOT%{_sbindir} done cd .. install -m 0644 src/configure.default $RPM_BUILD_ROOT%{_sysconfdir}/exim/exim.conf -install -m 0644 $RPM_SOURCE_DIR/exim.pam $RPM_BUILD_ROOT%{_sysconfdir}/pam.d/exim +install -m 0644 %SOURCE11 $RPM_BUILD_ROOT%{_sysconfdir}/pam.d/exim mkdir -p $RPM_BUILD_ROOT/usr/lib pushd $RPM_BUILD_ROOT/usr/lib @@ -146,17 +144,17 @@ install -d -m 0750 $RPM_BUILD_ROOT%{_var}/log/exim mkdir -p $RPM_BUILD_ROOT%{_mandir}/man8 install -m644 doc/exim.8 $RPM_BUILD_ROOT%{_mandir}/man8/exim.8 pod2man --center=EXIM --section=8 \ - $RPM_BUILD_ROOT/usr/sbin/eximstats \ - $RPM_BUILD_ROOT%{_mandir}/man8/eximstats.8 + $RPM_BUILD_ROOT/usr/sbin/eximstats \ + $RPM_BUILD_ROOT%{_mandir}/man8/eximstats.8 mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}/sysconfig -install -m 644 $RPM_SOURCE_DIR/exim.sysconfig $RPM_BUILD_ROOT%{_sysconfdir}/sysconfig/exim +install -m 644 %SOURCE3 $RPM_BUILD_ROOT%{_sysconfdir}/sysconfig/exim mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}/rc.d/init.d -install $RPM_SOURCE_DIR/exim.init $RPM_BUILD_ROOT%{_sysconfdir}/rc.d/init.d/exim +install %SOURCE2 $RPM_BUILD_ROOT%{_sysconfdir}/rc.d/init.d/exim mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}/logrotate.d -install -m 0644 $RPM_SOURCE_DIR/exim.logrotate $RPM_BUILD_ROOT%{_sysconfdir}/logrotate.d/exim +install -m 0644 %SOURCE4 $RPM_BUILD_ROOT%{_sysconfdir}/logrotate.d/exim # install sa cd sa-exim* @@ -193,12 +191,14 @@ exit 0 --initscript exim if [ ! -f %{_datadir}/ssl/certs/exim.pem ] ; then - umask 077 - FQDN=`hostname` - if [ "x${FQDN}" = "x" ]; then - FQDN=localhost.localdomain - fi - cat << EOF | openssl req -new -x509 -days 365 -nodes -out %{_datadir}/ssl/certs/exim.pem -keyout %{_datadir}/ssl/private/exim.pem &>/dev/null + umask 077 + FQDN=`hostname` + if [ "x${FQDN}" = "x" ]; then + FQDN=localhost.localdomain + fi + cat << EOF | openssl req -new -x509 -days 365 -nodes \ + -out %{_datadir}/ssl/certs/exim.pem \ + -keyout %{_datadir}/ssl/private/exim.pem &>/dev/null -- SomeState SomeCity @@ -207,8 +207,8 @@ SomeOrganizationalUnit ${FQDN} root@${FQDN} EOF -chown exim.exim %{_datadir}/ssl/{private,certs}/exim.pem -chmod 600 %{_datadir}/ssl/{private,certs}/exim.pem + chown exim.exim %{_datadir}/ssl/{private,certs}/exim.pem + chmod 600 %{_datadir}/ssl/{private,certs}/exim.pem fi %preun @@ -221,10 +221,10 @@ fi %postun if [ "$1" -ge "1" ]; then /sbin/service exim condrestart > /dev/null 2>&1 - mta=`readlink /etc/alternatives/mta` - if [ "$mta" == "%{_sbindir}/sendmail.exim" ]; then - /usr/sbin/alternatives --set mta %{_sbindir}/sendmail.exim - fi + mta=`readlink /etc/alternatives/mta` + if [ "$mta" == "%{_sbindir}/sendmail.exim" ]; then + /usr/sbin/alternatives --set mta %{_sbindir}/sendmail.exim + fi fi %files @@ -266,7 +266,7 @@ fi %defattr(-,root,root) %config %{_sysconfdir}/sysconfig/exim -%config %{_sysconfdir}/rc.d/init.d/exim +%{_sysconfdir}/rc.d/init.d/exim %config %{_sysconfdir}/logrotate.d/exim %config %{_sysconfdir}/pam.d/exim @@ -289,6 +289,9 @@ fi %doc sa-exim*/{ACKNOWLEDGEMENTS,INSTALL,LICENSE,TODO} %changelog +* Fri Jul 4 2006 David Woodhouse 4.62-4 +- Package review + * Wed Jun 28 2006 David Woodhouse 4.62-3 - BR tcp_wrappers @@ -652,7 +655,7 @@ fi - Fixed wrong filenames in logrotate entry. * Sun Jul 11 1999 Mark Bergsma -- Now using the '%changelog' tag. +- Now using the '%%changelog' tag. - Removed the SysV init links - let chkconfig handle them. - Replaced install -d with mkdir -p From c11786bb5418e7287c50c2818edfb3985a7fb97b Mon Sep 17 00:00:00 2001 From: David Woodhouse Date: Thu, 27 Jul 2006 07:05:24 +0000 Subject: [PATCH 025/194] package review updates --- exim-4.43-pamconfig.patch | 4 ++-- exim.pam | 5 +++-- exim.spec | 41 +++++++++++++++++++++++++-------------- 3 files changed, 31 insertions(+), 19 deletions(-) diff --git a/exim-4.43-pamconfig.patch b/exim-4.43-pamconfig.patch index e4dd0da..0ad36e8 100644 --- a/exim-4.43-pamconfig.patch +++ b/exim-4.43-pamconfig.patch @@ -17,8 +17,8 @@ +# to do so, by commenting out the three lines below. + +tls_advertise_hosts = * -+tls_certificate = /usr/share/ssl/certs/exim.pem -+tls_privatekey = /usr/share/ssl/private/exim.pem ++tls_certificate = /etc/pki/tls/certs/exim.pem ++tls_privatekey = /etc/pki/tls/private/exim.pem + +# This setting, if uncommented, allows users to authenticate using +# their system passwords against saslauthd if they connect over a diff --git a/exim.pam b/exim.pam index 7ab2336..c368e9a 100644 --- a/exim.pam +++ b/exim.pam @@ -1,2 +1,3 @@ -auth required pam_stack.so service=system-auth -account required pam_stack.so service=system-auth +#%PAM-1.0 +auth include system-auth +account include system-auth diff --git a/exim.spec b/exim.spec index 22d2816..7a4ac0a 100644 --- a/exim.spec +++ b/exim.spec @@ -1,7 +1,7 @@ Summary: The exim mail transfer agent Name: exim Version: 4.62 -Release: 4%{?dist} +Release: 6%{?dist} License: GPL Url: http://www.exim.org/ Group: System Environment/Daemons @@ -110,7 +110,7 @@ for i in eximon eximon.bin exim_dumpdb exim_fixdb exim_tidydb \ exigrep eximstats exipick exiqgrep exiqsumm \ exim_checkaccess convert4r4 do - install -m 0775 $i $RPM_BUILD_ROOT%{_sbindir} + install -m 0755 $i $RPM_BUILD_ROOT%{_sbindir} done cd .. @@ -164,9 +164,9 @@ install -m 644 *.conf $RPM_BUILD_ROOT%{_sysconfdir}/exim ln -s sa-exim*.so $RPM_BUILD_ROOT%{_libexecdir}/exim/sa-exim.so # generate ghost .pem file -mkdir -p $RPM_BUILD_ROOT/%{_datadir}/ssl/{certs,private} -touch $RPM_BUILD_ROOT/%{_datadir}/ssl/{certs,private}/exim.pem -chmod 600 $RPM_BUILD_ROOT/%{_datadir}/ssl/{certs,private}/exim.pem +mkdir -p $RPM_BUILD_ROOT/etc/pki/tls/{certs,private} +touch $RPM_BUILD_ROOT/etc/pki/tls/{certs,private}/exim.pem +chmod 600 $RPM_BUILD_ROOT/etc/pki/tls/{certs,private}/exim.pem %clean @@ -190,15 +190,15 @@ exit 0 --slave %{_mandir}/man1/mailq.1.gz mta-mailqman %{_mandir}/man8/exim.8.gz \ --initscript exim -if [ ! -f %{_datadir}/ssl/certs/exim.pem ] ; then +if [ ! -f /etc/pki/tls/certs/exim.pem ] ; then umask 077 FQDN=`hostname` if [ "x${FQDN}" = "x" ]; then FQDN=localhost.localdomain fi cat << EOF | openssl req -new -x509 -days 365 -nodes \ - -out %{_datadir}/ssl/certs/exim.pem \ - -keyout %{_datadir}/ssl/private/exim.pem &>/dev/null + -out /etc/pki/tls/certs/exim.pem \ + -keyout /etc/pki/tls/private/exim.pem &>/dev/null -- SomeState SomeCity @@ -207,8 +207,8 @@ SomeOrganizationalUnit ${FQDN} root@${FQDN} EOF - chown exim.exim %{_datadir}/ssl/{private,certs}/exim.pem - chmod 600 %{_datadir}/ssl/{private,certs}/exim.pem + chown exim.exim /etc/pki/tls/{private,certs}/exim.pem + chmod 600 /etc/pki/tls/{private,certs}/exim.pem fi %preun @@ -265,16 +265,16 @@ fi %config(noreplace) %{_sysconfdir}/exim/exim.conf %defattr(-,root,root) -%config %{_sysconfdir}/sysconfig/exim +%config(noreplace) %{_sysconfdir}/sysconfig/exim %{_sysconfdir}/rc.d/init.d/exim -%config %{_sysconfdir}/logrotate.d/exim -%config %{_sysconfdir}/pam.d/exim +%config(noreplace) %{_sysconfdir}/logrotate.d/exim +%config(noreplace) %{_sysconfdir}/pam.d/exim %doc ACKNOWLEDGMENTS LICENCE NOTICE README.UPDATING README %doc doc util/unknownuser.sh -%attr(0600,root,root) %ghost %config(missingok,noreplace) %verify(not md5 size mtime) %{_datadir}/ssl/certs/exim.pem -%attr(0600,root,root) %ghost %config(missingok,noreplace) %verify(not md5 size mtime) %{_datadir}/ssl/private/exim.pem +%attr(0600,root,root) %ghost %config(missingok,noreplace) %verify(not md5 size mtime) /etc/pki/tls/certs/exim.pem +%attr(0600,root,root) %ghost %config(missingok,noreplace) %verify(not md5 size mtime) /etc/pki/tls/private/exim.pem %files mon %defattr(-,root,root) @@ -289,6 +289,17 @@ fi %doc sa-exim*/{ACKNOWLEDGEMENTS,INSTALL,LICENSE,TODO} %changelog +* Wed Jul 19 2006 Thomas Woerner - 4.62-6 +- final version +- changed permissions of /etc/pki/tls/*/exim.pem to 0600 +- config(noreplace) for /etc/logrotate.d/exim, /etc/pam.d/exim and + /etc/sysconfig/exim + +* Mon Jul 17 2006 Thomas Woerner - 4.62-5 +- fixed certs path +- fixed permissions for some binaries +- fixed pam file to use include instead of pam_stack + * Fri Jul 4 2006 David Woodhouse 4.62-4 - Package review From 504eb7c5e89fca9dabcaaca267c080a4ee401b83 Mon Sep 17 00:00:00 2001 From: David Woodhouse Date: Sat, 26 Aug 2006 09:30:05 +0000 Subject: [PATCH 026/194] update to 4.63, disable sa-exim --- .cvsignore | 1 + exim-4.62-dlopen-localscan.patch | 268 +++++++++++++++++++++++++++++++ exim.spec | 27 +++- sources | 1 + 4 files changed, 292 insertions(+), 5 deletions(-) create mode 100644 exim-4.62-dlopen-localscan.patch diff --git a/.cvsignore b/.cvsignore index e97e64e..d3e3c63 100644 --- a/.cvsignore +++ b/.cvsignore @@ -1,2 +1,3 @@ sa-exim-4.2.tar.gz exim-4.62.tar.bz2 +exim-4.63.tar.bz2 diff --git a/exim-4.62-dlopen-localscan.patch b/exim-4.62-dlopen-localscan.patch new file mode 100644 index 0000000..03010eb --- /dev/null +++ b/exim-4.62-dlopen-localscan.patch @@ -0,0 +1,268 @@ +The initial version of this patch was originally posted David Woodhouse, and +dman gets the credit for first integrating it with SA-Exim. + +I have since then maintained it by first making a few minor changes, and +later switching it to a major/minor number scheme to support upgrades in +the exim API that don't affect backward compatibility (you can rely on +a feature denoted by the minor number and be compatible with future versions +of exim until Philip has to break the API and increase the major number) + +Marc MERLIN + +diff -urN exim-4.14-0/src/EDITME exim-4.14-1/src/EDITME +--- exim-4.14-0/src/EDITME Tue Mar 11 04:20:18 2003 ++++ exim-4.14-1/src/EDITME Sun Mar 23 15:34:15 2003 +@@ -388,6 +388,20 @@ + + + #------------------------------------------------------------------------------ ++# On systems which support dynamic loading of shared libraries, Exim can ++# load a local_scan function specified in its config file instead of having ++# to be recompiled with the desired local_scan function. For a full ++# description of the API to this function, see the Exim specification. ++ ++DLOPEN_LOCAL_SCAN=yes ++ ++# If you set DLOPEN_LOCAL_SCAN, then you need to include -rdynamic in the ++# linker flags. Without it, the loaded .so won't be able to access any ++# functions from exim. ++ ++LFLAGS=-rdynamic -ldl ++ ++#------------------------------------------------------------------------------ + # The default distribution of Exim contains only the plain text form of the + # documentation. Other forms are available separately. If you want to install + # the documentation in "info" format, first fetch the Texinfo documentation +diff -urNad 50_localscan_dlopen.tmp/src/config.h.defaults 50_localscan_dlopen/src/config.h.defaults +--- 50_localscan_dlopen.tmp/src/config.h.defaults Sun Dec 29 11:55:42 2002 ++++ 50_localscan_dlopen/src/config.h.defaults Sun Dec 29 11:56:44 2002 +@@ -17,6 +17,8 @@ + #define AUTH_PLAINTEXT + #define AUTH_SPA + ++#define DLOPEN_LOCAL_SCAN ++ + #define BIN_DIRECTORY + + #define CONFIGURE_FILE +diff -urN exim-4.14-0/src/globals.c exim-4.14-1/src/globals.c +--- exim-4.14-0/src/globals.c Tue Mar 11 04:20:20 2003 ++++ exim-4.14-1/src/globals.c Sun Mar 23 15:34:15 2003 +@@ -103,6 +103,9 @@ + uschar *tls_verify_hosts = NULL; + #endif + ++#ifdef DLOPEN_LOCAL_SCAN ++uschar *local_scan_path = NULL; ++#endif + + /* Input-reading functions for messages, so we can use special ones for + incoming TCP/IP. The defaults use stdin. We never need these for any +diff -urN exim-4.14-0/src/globals.h exim-4.14-1/src/globals.h +--- exim-4.14-0/src/globals.h Tue Mar 11 04:20:20 2003 ++++ exim-4.14-1/src/globals.h Sun Mar 23 15:34:15 2003 +@@ -67,6 +67,9 @@ + extern uschar *tls_verify_hosts; /* Mandatory client verification */ + #endif + ++#ifdef DLOPEN_LOCAL_SCAN ++extern uschar *local_scan_path; /* Path to local_scan() library */ ++#endif + + /* Input-reading functions for messages, so we can use special ones for + incoming TCP/IP. */ +diff -urN exim-4.14-0/src/local_scan.c exim-4.14-1/src/local_scan.c +--- exim-4.14-0/src/local_scan.c Tue Mar 11 04:20:20 2003 ++++ exim-4.14-1/src/local_scan.c Sun Mar 23 15:34:15 2003 +@@ -5,60 +5,131 @@ + /* Copyright (c) University of Cambridge 1995 - 2003 */ + /* See the file NOTICE for conditions of use and distribution. */ + ++#include "exim.h" + +-/****************************************************************************** +-This file contains a template local_scan() function that just returns ACCEPT. +-If you want to implement your own version, you should copy this file to, say +-Local/local_scan.c, and edit the copy. To use your version instead of the +-default, you must set +- +-LOCAL_SCAN_SOURCE=Local/local_scan.c +- +-in your Local/Makefile. This makes it easy to copy your version for use with +-subsequent Exim releases. +- +-For a full description of the API to this function, see the Exim specification. +-******************************************************************************/ +- +- +-/* This is the only Exim header that you should include. The effect of +-including any other Exim header is not defined, and may change from release to +-release. Use only the documented interface! */ +- +-#include "local_scan.h" +- +- +-/* This is a "do-nothing" version of a local_scan() function. The arguments +-are: +- +- fd The file descriptor of the open -D file, which contains the +- body of the message. The file is open for reading and +- writing, but modifying it is dangerous and not recommended. +- +- return_text A pointer to an unsigned char* variable which you can set in +- order to return a text string. It is initialized to NULL. +- +-The return values of this function are: +- +- LOCAL_SCAN_ACCEPT +- The message is to be accepted. The return_text argument is +- saved in $local_scan_data. +- +- LOCAL_SCAN_REJECT +- The message is to be rejected. The returned text is used +- in the rejection message. +- +- LOCAL_SCAN_TEMPREJECT +- This specifies a temporary rejection. The returned text +- is used in the rejection message. +-*/ ++#ifdef DLOPEN_LOCAL_SCAN ++#include ++static int (*local_scan_fn)(int fd, uschar **return_text) = NULL; ++static int load_local_scan_library(void); ++#endif + + int + local_scan(int fd, uschar **return_text) + { + fd = fd; /* Keep picky compilers happy */ + return_text = return_text; +-return LOCAL_SCAN_ACCEPT; ++#ifdef DLOPEN_LOCAL_SCAN ++/* local_scan_path is defined AND not the empty string */ ++if (local_scan_path && *local_scan_path) ++ { ++ if (!local_scan_fn) ++ { ++ if (!load_local_scan_library()) ++ { ++ char *base_msg , *error_msg , *final_msg ; ++ int final_length = -1 ; ++ ++ base_msg=US"Local configuration error - local_scan() library failure\n"; ++ error_msg = dlerror() ; ++ ++ final_length = strlen(base_msg) + strlen(error_msg) + 1 ; ++ final_msg = (char*)malloc( final_length*sizeof(char) ) ; ++ *final_msg = '\0' ; ++ ++ strcat( final_msg , base_msg ) ; ++ strcat( final_msg , error_msg ) ; ++ ++ *return_text = final_msg ; ++ return LOCAL_SCAN_TEMPREJECT; ++ } ++ } ++ return local_scan_fn(fd, return_text); ++ } ++else ++#endif ++ return LOCAL_SCAN_ACCEPT; ++} ++ ++#ifdef DLOPEN_LOCAL_SCAN ++ ++static int load_local_scan_library(void) ++{ ++/* No point in keeping local_scan_lib since we'll never dlclose() anyway */ ++void *local_scan_lib = NULL; ++int (*local_scan_version_fn)(void); ++int vers_maj; ++int vers_min; ++ ++local_scan_lib = dlopen(local_scan_path, RTLD_NOW); ++if (!local_scan_lib) ++ { ++ log_write(0, LOG_MAIN|LOG_REJECT, "local_scan() library open failed - " ++ "message temporarily rejected"); ++ return FALSE; ++ } ++ ++local_scan_version_fn = dlsym(local_scan_lib, "local_scan_version_major"); ++if (!local_scan_version_fn) ++ { ++ dlclose(local_scan_lib); ++ log_write(0, LOG_MAIN|LOG_REJECT, "local_scan() library doesn't contain " ++ "local_scan_version_major() function - message temporarily rejected"); ++ return FALSE; ++ } ++ ++/* The major number is increased when the ABI is changed in a non ++ backward compatible way. */ ++vers_maj = local_scan_version_fn(); ++ ++local_scan_version_fn = dlsym(local_scan_lib, "local_scan_version_minor"); ++if (!local_scan_version_fn) ++ { ++ dlclose(local_scan_lib); ++ log_write(0, LOG_MAIN|LOG_REJECT, "local_scan() library doesn't contain " ++ "local_scan_version_minor() function - message temporarily rejected"); ++ return FALSE; ++ } ++ ++/* The minor number is increased each time a new feature is added (in a ++ way that doesn't break backward compatibility) -- Marc */ ++vers_min = local_scan_version_fn(); ++ ++ ++if (vers_maj != LOCAL_SCAN_ABI_VERSION_MAJOR) ++ { ++ dlclose(local_scan_lib); ++ local_scan_lib = NULL; ++ log_write(0, LOG_MAIN|LOG_REJECT, "local_scan() has an incompatible major" ++ "version number, you need to recompile your module for this version" ++ "of exim (The module was compiled for version %d.%d and this exim provides" ++ "ABI version %d.%d)", vers_maj, vers_min, LOCAL_SCAN_ABI_VERSION_MAJOR, ++ LOCAL_SCAN_ABI_VERSION_MINOR); ++ return FALSE; ++ } ++else if (vers_min > LOCAL_SCAN_ABI_VERSION_MINOR) ++ { ++ dlclose(local_scan_lib); ++ local_scan_lib = NULL; ++ log_write(0, LOG_MAIN|LOG_REJECT, "local_scan() has an incompatible minor" ++ "version number, you need to recompile your module for this version" ++ "of exim (The module was compiled for version %d.%d and this exim provides" ++ "ABI version %d.%d)", vers_maj, vers_min, LOCAL_SCAN_ABI_VERSION_MAJOR, ++ LOCAL_SCAN_ABI_VERSION_MINOR); ++ return FALSE; ++ } ++ ++local_scan_fn = dlsym(local_scan_lib, "local_scan"); ++if (!local_scan_fn) ++ { ++ dlclose(local_scan_lib); ++ log_write(0, LOG_MAIN|LOG_REJECT, "local_scan() library doesn't contain " ++ "local_scan() function - message temporarily rejected"); ++ return FALSE; ++ } ++ ++return TRUE; + } ++ ++#endif /* DLOPEN_LOCAL_SCAN */ + + /* End of local_scan.c */ +diff -urN exim-4.14-0/src/readconf.c exim-4.14-1/src/readconf.c +--- exim-4.14-0/src/readconf.c Tue Mar 11 04:20:22 2003 ++++ exim-4.14-1/src/readconf.c Sun Mar 23 15:34:15 2003 +@@ -182,6 +182,9 @@ + { "local_from_prefix", opt_stringptr, &local_from_prefix }, + { "local_from_suffix", opt_stringptr, &local_from_suffix }, + { "local_interfaces", opt_stringptr, &local_interfaces }, ++#ifdef DLOPEN_LOCAL_SCAN ++ { "local_scan_path", opt_stringptr, &local_scan_path }, ++#endif + { "local_scan_timeout", opt_time, &local_scan_timeout }, + { "local_sender_retain", opt_bool, &local_sender_retain }, + { "localhost_number", opt_stringptr, &host_number_string }, diff --git a/exim.spec b/exim.spec index 7a4ac0a..3e060be 100644 --- a/exim.spec +++ b/exim.spec @@ -1,7 +1,11 @@ +# SA-Exim has long since been obsoleted by the proper built-in ACL support +# from exiscan. Disable it for FC6 unless people scream. +# %define buildsa 1 + Summary: The exim mail transfer agent Name: exim -Version: 4.62 -Release: 6%{?dist} +Version: 4.63 +Release: 1%{?dist} License: GPL Url: http://www.exim.org/ Group: System Environment/Daemons @@ -16,7 +20,9 @@ Source2: exim.init Source3: exim.sysconfig Source4: exim.logrotate Source11: exim.pam +%if 0%{?buildsa} Source13: http://marc.merlins.org/linux/exim/files/sa-exim-4.2.tar.gz +%endif Patch4: exim-rhl.patch Patch6: exim-4.50-config.patch Patch8: exim-4.24-libdir.patch @@ -25,6 +31,7 @@ Patch13: exim-4.43-pamconfig.patch Patch14: exim-4.50-spamdconf.patch Patch15: exim-4.52-dynamic-pcre.patch Patch17: exim-4.61-ldap-deprecated.patch +Patch18: exim-4.62-dlopen-localscan.patch Requires: /etc/aliases BuildRequires: db4-devel openssl-devel openldap-devel pam-devel @@ -65,9 +72,9 @@ well as other nasty things like teergrubing. %prep %setup -q +%if 0%{?buildsa} %setup -q -T -D -a 13 -# patch sa -cat sa-exim*/localscan_dlopen_exim_4.20_or_better.patch | patch -p1 +%endif cp src/EDITME Local/Makefile cp exim_monitor/EDITME Local/eximon.conf @@ -79,6 +86,7 @@ cp exim_monitor/EDITME Local/eximon.conf %patch14 -p1 -b .spamd %patch15 -p1 -b .pcre %patch17 -p1 -b .ldap +%patch18 -p1 -b .dl %build %ifnarch s390 s390x @@ -87,11 +95,12 @@ cp exim_monitor/EDITME Local/eximon.conf make CFLAGS="$RPM_OPT_FLAGS -fPIE" LFLAGS=-pie _lib=%{_lib} %endif +%if 0%{?buildsa} # build sa-exim cd sa-exim* perl -pi -e 's|\@lynx|HOME=/ /usr/bin/lynx|g;' Makefile make SACONF=%{_sysconfdir}/exim/sa-exim.conf CFLAGS="$RPM_OPT_FLAGS -fPIC" - +%endif %install rm -rf $RPM_BUILD_ROOT @@ -156,12 +165,14 @@ install %SOURCE2 $RPM_BUILD_ROOT%{_sysconfdir}/rc.d/init.d/exim mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}/logrotate.d install -m 0644 %SOURCE4 $RPM_BUILD_ROOT%{_sysconfdir}/logrotate.d/exim +%if 0%{?buildsa} # install sa cd sa-exim* mkdir -p $RPM_BUILD_ROOT%{_libexecdir}/exim install *.so $RPM_BUILD_ROOT%{_libexecdir}/exim install -m 644 *.conf $RPM_BUILD_ROOT%{_sysconfdir}/exim ln -s sa-exim*.so $RPM_BUILD_ROOT%{_libexecdir}/exim/sa-exim.so +%endif # generate ghost .pem file mkdir -p $RPM_BUILD_ROOT/etc/pki/tls/{certs,private} @@ -281,14 +292,20 @@ fi %{_sbindir}/eximon %{_sbindir}/eximon.bin +%if 0%{?buildsa} %files sa %defattr(-,root,root) %{_libexecdir}/exim %config(noreplace) %{_sysconfdir}/exim/sa-*.conf %doc sa-exim*/*.html %doc sa-exim*/{ACKNOWLEDGEMENTS,INSTALL,LICENSE,TODO} +%endif %changelog +* Sat Aug 26 2006 David Woodhouse - 4.63-1 +- Update to 4.63 +- Disable sa-exim, but leave the dlopen patch in + * Wed Jul 19 2006 Thomas Woerner - 4.62-6 - final version - changed permissions of /etc/pki/tls/*/exim.pem to 0600 diff --git a/sources b/sources index 6c5d80f..116aac6 100644 --- a/sources +++ b/sources @@ -1,2 +1,3 @@ ad76f73c6b3d01caa88078e3e622745a sa-exim-4.2.tar.gz a8efc92427192fd3b7b5e71decc8cc31 exim-4.62.tar.bz2 +dde2d5f7106d51607409af94174db46c exim-4.63.tar.bz2 From 2e975357cf49cfb615e865d8d945900c1ae0cbc1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ville=20Skytt=C3=A4?= Date: Sun, 27 Aug 2006 20:22:46 +0000 Subject: [PATCH 027/194] http://fedoraproject.org/wiki/Extras/Schedule/FC6MassRebuild --- needs.rebuild | 1 + 1 file changed, 1 insertion(+) create mode 100644 needs.rebuild diff --git a/needs.rebuild b/needs.rebuild new file mode 100644 index 0000000..815fd29 --- /dev/null +++ b/needs.rebuild @@ -0,0 +1 @@ +http://fedoraproject.org/wiki/Extras/Schedule/FC6MassRebuild From 5bfed37f5c3a24734e347eff34216c8b0cf4768a Mon Sep 17 00:00:00 2001 From: David Woodhouse Date: Mon, 4 Sep 2006 02:51:36 +0000 Subject: [PATCH 028/194] - Add procmail router and transport (#146848) - Add localhost and localhost.localdomain as local domains (#198511) - Fix mispatched authenticators (#204591) - Other cleanups of config file and extra examples - Add exim-clamav subpackage --- exim-4.33-cyrus.patch | 4 +- exim-4.43-pamconfig.patch | 81 +++++++++------- exim-4.50-spamdconf.patch | 144 ++++++++++++++++------------- exim-4.63-allow-filter.patch | 11 +++ exim-4.63-localhost-is-local.patch | 11 +++ exim-4.63-procmail.patch | 32 +++++++ exim.spec | 106 ++++++++++++++++++++- needs.rebuild | 1 - 8 files changed, 285 insertions(+), 105 deletions(-) create mode 100644 exim-4.63-allow-filter.patch create mode 100644 exim-4.63-localhost-is-local.patch create mode 100644 exim-4.63-procmail.patch delete mode 100644 needs.rebuild diff --git a/exim-4.33-cyrus.patch b/exim-4.33-cyrus.patch index bcd144c..c1d8be8 100644 --- a/exim-4.33-cyrus.patch +++ b/exim-4.33-cyrus.patch @@ -5,9 +5,9 @@ +# This transport is used to deliver local mail to cyrus IMAP server via UNIX -+# socket. ++# socket. You'll need to configure the 'localuser' router above to use it. +# -+#local_delivery: ++#lmtp_delivery: +# driver = lmtp +# command = "/usr/lib/cyrus-imapd/deliver -l" +# batch_max = 20 diff --git a/exim-4.43-pamconfig.patch b/exim-4.43-pamconfig.patch index 0ad36e8..08d4c78 100644 --- a/exim-4.43-pamconfig.patch +++ b/exim-4.43-pamconfig.patch @@ -1,25 +1,40 @@ --- exim-4.43/src/configure.default.pam 2004-12-16 13:27:55.000000000 +0000 +++ exim-4.43/src/configure.default 2004-12-16 15:41:34.000000000 +0000 -@@ -238,6 +238,40 @@ +@@ -160,7 +160,7 @@ acl_smtp_data = acl_check_data + + # Allow any client to use TLS. + +-# tls_advertise_hosts = * ++tls_advertise_hosts = * + + # Specify the location of the Exim server's TLS certificate and private key. + # The private key must not be encrypted (password protected). You can put +@@ -168,8 +168,8 @@ acl_smtp_data = acl_check_data + # need the first setting, or in separate files, in which case you need both + # options. + +-# tls_certificate = /etc/ssl/exim.crt +-# tls_privatekey = /etc/ssl/exim.pem ++tls_certificate = /etc/pki/tls/certs/exim.pem ++tls_privatekey = /etc/pki/tls/private/exim.pem + + # In order to support roaming users who wish to send email from anywhere, + # you may want to make Exim listen on other ports as well as port 25, in +@@ -180,8 +180,8 @@ acl_smtp_data = acl_check_data + # them you should also allow TLS-on-connect on the traditional but + # non-standard port 465. + +-# daemon_smtp_ports = 25 : 465 : 587 +-# tls_on_connect_ports = 465 ++daemon_smtp_ports = 25 : 465 : 587 ++tls_on_connect_ports = 465 + + + # Specify the domain you want to be added to all unqualified addresses +@@ -238,6 +238,24 @@ timeout_frozen_after = 7d -+# This option, if uncommented, allows Exim to listen on ports other than -+# just the default port 25. For example, you may wish Exim to sldo listen -+# on the 'message submission' port 587 for roaming clients which cannot -+# use port 25 directly from their current location. (cf. RFC 2476). -+# -+# daemon_smtp_ports = smtp : msa -+ -+# This option instructs Exim to advertise the availability of encrypted -+# connections to all hosts, and uses the certificate which is automatically -+# generated when the RPM is installed. You can disable TLS, should you need -+# to do so, by commenting out the three lines below. -+ -+tls_advertise_hosts = * -+tls_certificate = /etc/pki/tls/certs/exim.pem -+tls_privatekey = /etc/pki/tls/private/exim.pem -+ +# This setting, if uncommented, allows users to authenticate using +# their system passwords against saslauthd if they connect over a +# secure connection. If you have network logins such as NIS or @@ -41,23 +56,21 @@ ###################################################################### -@@ -657,6 +691,19 @@ +@@ -850,7 +837,7 @@ begin authenticators + # driver = plaintext + # server_set_id = $auth2 + # server_prompts = : +-# server_condition = Authentication is not yet configured ++# server_condition = ${if saslauthd{{$2}{$3}{smtp}} {1}} + # server_advertise_condition = ${if def:tls_cipher } - begin authenticators - -+plain: -+ driver = plaintext -+ public_name = PLAIN -+ server_prompts = : -+ server_condition = "${if saslauthd{{$2}{$3}{smtp}} {1}}" -+ server_set_id = $2 -+ -+login: -+ driver = plaintext -+ public_name = LOGIN -+ server_prompts = "Username:: : Password::" -+ server_condition = "${if saslauthd{{$1}{$2}{smtp}} {1}}" -+ server_set_id = $1 + # LOGIN authentication has traditional prompts and responses. There is no +@@ -862,7 +849,7 @@ begin authenticators + # driver = plaintext + # server_set_id = $auth1 + # server_prompts = <| Username: | Password: +-# server_condition = Authentication is not yet configured ++# server_condition = ${if saslauthd{{$1}{$2}{smtp}} {1}} + # server_advertise_condition = ${if def:tls_cipher } - ###################################################################### diff --git a/exim-4.50-spamdconf.patch b/exim-4.50-spamdconf.patch index 3be0bac..36fe304 100644 --- a/exim-4.50-spamdconf.patch +++ b/exim-4.50-spamdconf.patch @@ -1,86 +1,102 @@ --- exim-4.50/src/configure.default.orig 2005-02-22 19:49:15.000000000 +0000 +++ exim-4.50/src/configure.default 2005-02-22 19:46:55.000000000 +0000 -@@ -108,6 +108,26 @@ +@@ -108,6 +108,7 @@ + + acl_smtp_rcpt = acl_check_rcpt + acl_smtp_data = acl_check_data ++acl_smtp_mime = acl_check_mime # You should not change that setting until you understand how ACLs work. -+# The following ACL entries are used if you want to do content scanning with -+# the exiscan-acl patch. When you uncomment one of these lines, you must also -+# review the respective entries in the ACL section further below. -+ -+# acl_smtp_mime = acl_check_mime -+# acl_smtp_data = acl_check_content -+ -+# This configuration variable defines the virus scanner that is used with -+# the 'malware' ACL condition of the exiscan acl-patch. If you do not use -+# virus scanning, leave it commented. Please read doc/exiscan-acl-readme.txt -+# for a list of supported scanners. -+ -+# av_scanner = sophie:/var/run/sophie -+ -+# The following setting is only needed if you use the 'spam' ACL condition -+# of the exiscan-acl patch. It specifies on which host and port the SpamAssassin -+# "spamd" daemon is listening. If you do not use this condition, or you use -+# the default of "127.0.0.1 783", you can omit this option. -+ -+# spamd_address = 127.0.0.1 783 +@@ -120,7 +120,7 @@ acl_smtp_mime = acl_check_mime + # of what to set for other virus scanners. The second modification is in the + # acl_check_data access control list (see below). - # Specify the domain you want to be added to all unqualified addresses - # here. An unqualified address is one that does not contain an "@" character -@@ -376,6 +396,56 @@ - deny message = relay not permitted +-# av_scanner = clamd:/tmp/clamd ++av_scanner = clamd:/var/run/clamd.exim/clamd.sock -+# These access control lists are used for content scanning with the exiscan-acl -+# patch. You must also uncomment the entries for acl_smtp_data and acl_smtp_mime -+# (scroll up), otherwise the ACLs will not be used. IMPORTANT: the default entries here -+# should be treated as EXAMPLES. You MUST read the file doc/exiscan-acl-spec.txt -+# to fully understand what you are doing ... + # For spam scanning, there is a similar option that defines the interface to +@@ -365,7 +365,8 @@ acl_check_rcpt: + accept local_parts = postmaster + domains = +local_domains + +- # Deny unless the sender address can be verified. ++ # Deny unless the sender address can be routed. For proper verification of the ++ # address, read the documentation on callouts and add the /callout modifier. + + require verify = sender + +@@ -455,26 +456,62 @@ acl_check_rcpt: + + acl_check_data: + ++ # Put simple tests first. A good one is to check for the presence of a ++ # Message-Id: header, which RFC2822 says SHOULD be present. Some broken ++ # or misconfigured mailer software occasionally omits this from genuine ++ # messages too, though -- although it's not hard for the offender to fix ++ # after they receive a bounce because of it. ++ # ++ # deny condition = ${if !def:h_Message-ID: {1}} ++ # message = RFC2822 says that all mail SHOULD have a Message-ID header.\n\ ++ # Most messages without it are spam, so your mail has been rejected. ++ + # Deny if the message contains a virus. Before enabling this check, you + # must install a virus scanner and set the av_scanner option above. + # + # deny malware = * + # message = This message contains a virus ($malware_name). + +- # Add headers to a message if it is judged to be spam. Before enabling this, +- # you must install SpamAssassin. You may also need to set the spamd_address +- # option above. +- # +- # warn spam = nobody +- # add_header = X-Spam_score: $spam_score\n\ +- # X-Spam_score_int: $spam_score_int\n\ +- # X-Spam_bar: $spam_bar\n\ +- # X-Spam_report: $spam_report ++ # Bypass SpamAssassin checks if the message is too large. ++ # ++ # accept condition = ${if >={$message_size}{100000} {1}} ++ # add_header = X-Spam-Note: SpamAssassin run bypassed due to message size + +- # Accept the message. ++ # Run SpamAssassin, but allow for it to fail or time out. Add a warning message ++ # and accept the mail if that happens. Add an X-Spam-Flag: header if the SA ++ # score exceeds the SA system threshold. ++ # ++ # warn spam = nobody/defer_ok ++ # add_header = X-Spam-Flag: YES ++ # ++ # accept condition = ${if !def:spam_score_int {1}} ++ # add_header = X-Spam-Note: SpamAssassin invocation failed ++ # ++ ++ # Unconditionally add score and report headers ++ # ++ # warn add_header = X-Spam-Score: $spam_score ($spam_bar)\n\ ++ # X-Spam-Report: $spam_report ++ ++ # And reject if the SpamAssassin score is greater than ten ++ # ++ # deny condition = ${if >{$spam_score_int}{100} {1}} ++ # message = Your message scored $spam_score SpamAssassin point. Report follows:\n\ ++ # $spam_report + + accept + + +acl_check_mime: + -+ # Decode MIME parts to disk. This will support virus scanners later. -+ warn decode = default -+ + # File extension filtering. + deny message = Blacklisted file extension detected + condition = ${if match \ + {${lc:$mime_filename}} \ + {\N(\.exe|\.pif|\.bat|\.scr|\.lnk|\.com)$\N} \ + {1}{0}} -+ -+# # Reject messages that carry chinese character sets. -+# # WARNING: This is an EXAMPLE. -+# deny message = Sorry, noone speaks chinese here -+# condition = ${if eq{$mime_charset}{gb2312}{1}{0}} + + accept -+ -+acl_check_content: -+ -+ # Reject virus infested messages. -+ deny message = This message contains malware ($malware_name) -+ malware = * -+ -+ # Always add X-Spam-Score and X-Spam-Report headers, using SA system-wide settings -+ # (user "nobody"), no matter if over threshold or not. -+ warn message = X-Spam-Score: $spam_score ($spam_bar) -+ spam = nobody:true -+ warn message = X-Spam-Report: $spam_report -+ spam = nobody:true -+ -+ # Add X-Spam-Flag if spam is over system-wide threshold -+ warn message = X-Spam-Flag: YES -+ spam = nobody -+ -+ # Reject spam messages with score over 10, using an extra condition. -+ deny message = This message scored $spam_score points. Congratulations! -+ spam = nobody:true -+ condition = ${if >{$spam_score_int}{100}{1}{0}} -+ -+ # finally accept all the rest -+ accept -+ ###################################################################### # ROUTERS CONFIGURATION # diff --git a/exim-4.63-allow-filter.patch b/exim-4.63-allow-filter.patch new file mode 100644 index 0000000..8f18ae4 --- /dev/null +++ b/exim-4.63-allow-filter.patch @@ -0,0 +1,11 @@ +--- exim-4.63/src/configure.default~ 2006-09-03 15:02:28.000000000 -0700 ++++ exim-4.63/src/configure.default 2006-09-03 15:46:53.000000000 -0700 +@@ -672,7 +672,7 @@ userforward: + # local_part_suffix = +* : -* + # local_part_suffix_optional + file = $home/.forward +-# allow_filter ++ allow_filter + no_verify + no_expn + check_ancestor diff --git a/exim-4.63-localhost-is-local.patch b/exim-4.63-localhost-is-local.patch new file mode 100644 index 0000000..e58f483 --- /dev/null +++ b/exim-4.63-localhost-is-local.patch @@ -0,0 +1,11 @@ +--- exim-4.63/src/configure.default~ 2006-09-03 19:31:28.000000000 -0700 ++++ exim-4.63/src/configure.default 2006-09-03 19:37:42.000000000 -0700 +@@ -56,7 +56,7 @@ + # +local_domains, +relay_to_domains, and +relay_from_hosts, respectively. They + # are all colon-separated lists: + +-domainlist local_domains = @ ++domainlist local_domains = @ : localhost : localhost.localdomain + domainlist relay_to_domains = + hostlist relay_from_hosts = 127.0.0.1 + diff --git a/exim-4.63-procmail.patch b/exim-4.63-procmail.patch new file mode 100644 index 0000000..b8c233c --- /dev/null +++ b/exim-4.63-procmail.patch @@ -0,0 +1,32 @@ +--- exim-4.63/src/configure.default~ 2006-09-03 15:02:28.000000000 -0700 ++++ exim-4.63/src/configure.default 2006-09-03 15:46:53.000000000 -0700 +@@ -680,6 +680,12 @@ userforward: + pipe_transport = address_pipe + reply_transport = address_reply + ++procmail: ++ driver = accept ++ check_local_user ++ require_files = ${local_part}:+${home}/.procmailrc:/usr/bin/procmail ++ transport = procmail ++ no_verify + + # This router matches local user mailboxes. If the router fails, the error + # message is "Unknown user". +@@ -717,6 +723,16 @@ begin transports + remote_smtp: + driver = smtp + ++# This transport invokes procmail to deliver mail ++procmail: ++ driver = pipe ++ command = "/usr/bin/procmail -d $local_part" ++ return_path_add ++ delivery_date_add ++ envelope_to_add ++ user = $local_part ++ initgroups ++ return_output + + # This transport is used for local delivery to user mailboxes in traditional + # BSD mailbox format. By default it will be run under the uid and gid of the diff --git a/exim.spec b/exim.spec index 3e060be..ffb54a6 100644 --- a/exim.spec +++ b/exim.spec @@ -1,11 +1,18 @@ # SA-Exim has long since been obsoleted by the proper built-in ACL support # from exiscan. Disable it for FC6 unless people scream. -# %define buildsa 1 +%if 0%{?fedora} < 6 +%define buildsa 1 +%endif + +# Build clamav subpackage for FC5 and above. +%if 0%{?fedora} >= 5 +%define buildclam 1 +%endif Summary: The exim mail transfer agent Name: exim Version: 4.63 -Release: 1%{?dist} +Release: 2%{?dist} License: GPL Url: http://www.exim.org/ Group: System Environment/Daemons @@ -15,6 +22,9 @@ Provides: /usr/sbin/sendmail /usr/bin/mailq /usr/bin/rmail Requires(post): /sbin/chkconfig /sbin/service %{_sbindir}/alternatives Requires(preun): /sbin/chkconfig /sbin/service %{_sbindir}/alternatives Requires(pre): %{_sbindir}/groupadd, %{_sbindir}/useradd +%if 0%{?buildclam} +BuildRequires: clamav-devel +%endif Source: ftp://ftp.exim.org/pub/exim/exim4/exim-%{version}.tar.bz2 Source2: exim.init Source3: exim.sysconfig @@ -32,6 +42,9 @@ Patch14: exim-4.50-spamdconf.patch Patch15: exim-4.52-dynamic-pcre.patch Patch17: exim-4.61-ldap-deprecated.patch Patch18: exim-4.62-dlopen-localscan.patch +Patch19: exim-4.63-procmail.patch +Patch20: exim-4.63-allow-filter.patch +Patch21: exim-4.63-localhost-is-local.patch Requires: /etc/aliases BuildRequires: db4-devel openssl-devel openldap-devel pam-devel @@ -70,6 +83,31 @@ Requires: exim = %{version}-%{release} Allows running of SA on incoming mail and rejection at SMTP time as well as other nasty things like teergrubing. +%package clamav +Summary: Clam Antivirus scanner dæmon configuration for use with Exim +Group: System Environment/Daemons +Requires: clamav-server +Obsoletes: clamav-exim <= 0.86.2 +Requires(post): /sbin/chkconfig /sbin/service +Requires(preun): /sbin/chkconfig /sbin/service + +%description clamav +This package contains configuration files which invoke a copy of the +clamav dæmon for use with Exim. It can be activated by adding (or +uncommenting) + + av_scanner = clamd:%{_var}/run/clamd.exim/clamd.sock + +in your exim.conf, and using the 'malware' condition in the DATA ACL, +as follows: + + deny message = This message contains malware ($malware_name) + malware = * + +For further details of Exim content scanning, see chapter 40 of the Exim +specification: +http://www.exim.org/exim-html-4.62/doc/html/spec_html/ch40.html#SECTscanvirus + %prep %setup -q %if 0%{?buildsa} @@ -87,6 +125,9 @@ cp exim_monitor/EDITME Local/eximon.conf %patch15 -p1 -b .pcre %patch17 -p1 -b .ldap %patch18 -p1 -b .dl +%patch19 -p1 -b .procmail +%patch20 -p1 -b .filter +%patch21 -p1 -b .localhost %build %ifnarch s390 s390x @@ -159,8 +200,8 @@ pod2man --center=EXIM --section=8 \ mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}/sysconfig install -m 644 %SOURCE3 $RPM_BUILD_ROOT%{_sysconfdir}/sysconfig/exim -mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}/rc.d/init.d -install %SOURCE2 $RPM_BUILD_ROOT%{_sysconfdir}/rc.d/init.d/exim +mkdir -p $RPM_BUILD_ROOT%{_initrddir} +install %SOURCE2 $RPM_BUILD_ROOT%{_initrddir}/exim mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}/logrotate.d install -m 0644 %SOURCE4 $RPM_BUILD_ROOT%{_sysconfdir}/logrotate.d/exim @@ -179,12 +220,41 @@ mkdir -p $RPM_BUILD_ROOT/etc/pki/tls/{certs,private} touch $RPM_BUILD_ROOT/etc/pki/tls/{certs,private}/exim.pem chmod 600 $RPM_BUILD_ROOT/etc/pki/tls/{certs,private}/exim.pem +%if 0%{?buildclam} +# Munge the clamav init and config files from clamav-devel. This really ought +# to be a subpackage of clamav, but this hack will have to do for now. +function clamsubst() { + sed -e "s!!$3!g;s!!$4!g;""$5" %{_datadir}/clamav/template/"$1" >"$RPM_BUILD_ROOT$2" +} + +mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}/clamd.d +clamsubst clamd.conf %{_sysconfdir}/clamd.d/exim.conf exim exim \ + 's!^##*\(\(LogFile\|LocalSocket\|PidFile\|User\)\s\|\(StreamSaveToDisk\|ScanMail\|LogTime\|ScanArchive\)$\)!\1!;s!^Example!#Example!;' + +clamsubst clamd.init %{_initrddir}/clamd.exim exim exim '' +clamsubst clamd.logrotate %{_sysconfdir}/logrotate.d/clamd.exim exim exim '' +cat < $RPM_BUILD_ROOT%{_sysconfdir}/sysconfig/clamd.exim +CLAMD_CONFIG='%_sysconfdir/clamd.d/exim.conf' +CLAMD_SOCKET=%{_var}/run/clamd.exim/clamd.sock +EOF +ln -sf clamd $RPM_BUILD_ROOT/usr/sbin/clamd.exim + +mkdir -p $RPM_BUILD_ROOT%{_var}/run/clamd.exim +%endif + %clean rm -rf $RPM_BUILD_ROOT %pre %{_sbindir}/useradd -d %{_var}/spool/exim -s /sbin/nologin -G mail -M -r -u 93 exim 2>/dev/null +# Copy TLS certs from old location to new -- don't move them, because the +# config file may be modified and may be pointing to the old location. +if [ ! -f /etc/pki/tls/certs/exim.pem -a -f %{_datadir}/ssl/certs/exim.pem ] ; then + cp %{_datadir}/ssl/certs/exim.pem /etc/pki/tls/certs/exim.pem + cp %{_datadir}/ssl/private/exim.pem /etc/pki/tls/private/exim.pem +fi + exit 0 %post @@ -301,7 +371,35 @@ fi %doc sa-exim*/{ACKNOWLEDGEMENTS,INSTALL,LICENSE,TODO} %endif +%if 0%{?buildclam} +%post clamav +/sbin/chkconfig --add clamd.exim + +%preun clamav +test "$1" != 0 || %{_initrddir}/clamd.exim stop &>/dev/null || : +test "$1" != 0 || /sbin/chkconfig --del clamd.exim + +%postun clamav +test "$1" = 0 || %{_initrddir}/clamd.exim condrestart >/dev/null || : + +%files clamav +%defattr(0644,root,root,-) +%attr(0755,root,root)%{_sbindir}/clamd.exim +%config %{_initrddir}/clamd.exim +%config(noreplace) %verify(not mtime) %{_sysconfdir}/clamd.d/exim.conf +%config(noreplace) %verify(not mtime) %{_sysconfdir}/sysconfig/clamd.exim +%config(noreplace) %verify(not mtime) %{_sysconfdir}/logrotate.d/clamd.exim +%attr(0750,exim,exim) %dir %{_var}/run/clamd.exim +%endif + %changelog +* Sun Sep 3 2006 David Woodhouse - 4.63-2 +- Add procmail router and transport (#146848) +- Add localhost and localhost.localdomain as local domains (#198511) +- Fix mispatched authenticators (#204591) +- Other cleanups of config file and extra examples +- Add exim-clamav subpackage + * Sat Aug 26 2006 David Woodhouse - 4.63-1 - Update to 4.63 - Disable sa-exim, but leave the dlopen patch in diff --git a/needs.rebuild b/needs.rebuild deleted file mode 100644 index 815fd29..0000000 --- a/needs.rebuild +++ /dev/null @@ -1 +0,0 @@ -http://fedoraproject.org/wiki/Extras/Schedule/FC6MassRebuild From ced84b5d0898356ca29f1825a2bd5f9d78d59d8e Mon Sep 17 00:00:00 2001 From: David Woodhouse Date: Mon, 4 Sep 2006 04:32:55 +0000 Subject: [PATCH 029/194] fix exim-clamav subpackage --- exim.spec | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/exim.spec b/exim.spec index ffb54a6..1ade25f 100644 --- a/exim.spec +++ b/exim.spec @@ -86,7 +86,7 @@ well as other nasty things like teergrubing. %package clamav Summary: Clam Antivirus scanner dæmon configuration for use with Exim Group: System Environment/Daemons -Requires: clamav-server +Requires: clamav-server exim Obsoletes: clamav-exim <= 0.86.2 Requires(post): /sbin/chkconfig /sbin/service Requires(preun): /sbin/chkconfig /sbin/service @@ -383,9 +383,9 @@ test "$1" != 0 || /sbin/chkconfig --del clamd.exim test "$1" = 0 || %{_initrddir}/clamd.exim condrestart >/dev/null || : %files clamav -%defattr(0644,root,root,-) -%attr(0755,root,root)%{_sbindir}/clamd.exim -%config %{_initrddir}/clamd.exim +%defattr(-,root,root,-) +%{_sbindir}/clamd.exim +%attr(0755,root,root) %config %{_initrddir}/clamd.exim %config(noreplace) %verify(not mtime) %{_sysconfdir}/clamd.d/exim.conf %config(noreplace) %verify(not mtime) %{_sysconfdir}/sysconfig/clamd.exim %config(noreplace) %verify(not mtime) %{_sysconfdir}/logrotate.d/clamd.exim @@ -393,6 +393,10 @@ test "$1" = 0 || %{_initrddir}/clamd.exim condrestart >/dev/null || : %endif %changelog +* Sun Sep 3 2006 David Woodhouse - 4.63-3 +- chmod +x /etc/init.d/clamd.exim +- Make exim-clamav package require exim (since it uses the same uid) + * Sun Sep 3 2006 David Woodhouse - 4.63-2 - Add procmail router and transport (#146848) - Add localhost and localhost.localdomain as local domains (#198511) From e6ead72dc67f5b4a36e7eb212f991074f75a843e Mon Sep 17 00:00:00 2001 From: David Woodhouse Date: Mon, 4 Sep 2006 04:33:22 +0000 Subject: [PATCH 030/194] bump release --- exim.spec | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/exim.spec b/exim.spec index 1ade25f..859dea2 100644 --- a/exim.spec +++ b/exim.spec @@ -12,7 +12,7 @@ Summary: The exim mail transfer agent Name: exim Version: 4.63 -Release: 2%{?dist} +Release: 3%{?dist} License: GPL Url: http://www.exim.org/ Group: System Environment/Daemons From 4041d10b76f58fa32805e5c21658ef647d94e227 Mon Sep 17 00:00:00 2001 From: David Woodhouse Date: Mon, 4 Sep 2006 04:34:47 +0000 Subject: [PATCH 031/194] changelog for TLS cert change --- exim.spec | 1 + 1 file changed, 1 insertion(+) diff --git a/exim.spec b/exim.spec index 859dea2..9ef8ca8 100644 --- a/exim.spec +++ b/exim.spec @@ -403,6 +403,7 @@ test "$1" = 0 || %{_initrddir}/clamd.exim condrestart >/dev/null || : - Fix mispatched authenticators (#204591) - Other cleanups of config file and extra examples - Add exim-clamav subpackage +- Use existing TLS cert on upgrade, even though it moved * Sat Aug 26 2006 David Woodhouse - 4.63-1 - Update to 4.63 From 42140672e39cb0219d256daa199487d3e2de6223 Mon Sep 17 00:00:00 2001 From: David Woodhouse Date: Mon, 4 Sep 2006 05:18:29 +0000 Subject: [PATCH 032/194] Mark exim-sa deprecated --- exim.spec | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/exim.spec b/exim.spec index 9ef8ca8..a0fb6f8 100644 --- a/exim.spec +++ b/exim.spec @@ -80,8 +80,9 @@ Group: System Environment/Daemons Requires: exim = %{version}-%{release} %description sa -Allows running of SA on incoming mail and rejection at SMTP time as -well as other nasty things like teergrubing. +The exim-sa package is an old method for allowing SpamAssassin to be run on +incoming mail at SMTP time. It is deprecated in favour of the built-in ACL +support for content scanning. %package clamav Summary: Clam Antivirus scanner dæmon configuration for use with Exim From cd526448fdf537914053ede386d4abeb9d310024 Mon Sep 17 00:00:00 2001 From: David Woodhouse Date: Mon, 25 Sep 2006 13:53:35 +0000 Subject: [PATCH 033/194] set home_directory on lmtp transport --- exim-4.33-cyrus.patch | 3 ++- exim.spec | 5 ++++- 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/exim-4.33-cyrus.patch b/exim-4.33-cyrus.patch index c1d8be8..1b0e174 100644 --- a/exim-4.33-cyrus.patch +++ b/exim-4.33-cyrus.patch @@ -1,6 +1,6 @@ --- exim-4.33/src/configure.default.cyrus 2004-07-02 15:00:27.941635455 +0200 +++ exim-4.33/src/configure.default 2004-07-02 15:41:39.505133889 +0200 -@@ -595,6 +595,15 @@ +@@ -595,6 +595,16 @@ driver = autoreply @@ -8,6 +8,7 @@ +# socket. You'll need to configure the 'localuser' router above to use it. +# +#lmtp_delivery: ++# home_directory = /var/spool/imap +# driver = lmtp +# command = "/usr/lib/cyrus-imapd/deliver -l" +# batch_max = 20 diff --git a/exim.spec b/exim.spec index a0fb6f8..31c5609 100644 --- a/exim.spec +++ b/exim.spec @@ -12,7 +12,7 @@ Summary: The exim mail transfer agent Name: exim Version: 4.63 -Release: 3%{?dist} +Release: 4%{?dist} License: GPL Url: http://www.exim.org/ Group: System Environment/Daemons @@ -394,6 +394,9 @@ test "$1" = 0 || %{_initrddir}/clamd.exim condrestart >/dev/null || : %endif %changelog +* Mon Sep 25 2006 David Woodhouse - 4.63-4 +- Set home_directory on lmtp_transport by default + * Sun Sep 3 2006 David Woodhouse - 4.63-3 - chmod +x /etc/init.d/clamd.exim - Make exim-clamav package require exim (since it uses the same uid) From 4d1bd0520129c36800c1b2c698527224473f27e3 Mon Sep 17 00:00:00 2001 From: Christian Iseli Date: Wed, 4 Oct 2006 22:18:36 +0000 Subject: [PATCH 034/194] automated bump and rebuild --- exim.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/exim.spec b/exim.spec index 31c5609..ae9ce94 100644 --- a/exim.spec +++ b/exim.spec @@ -12,7 +12,7 @@ Summary: The exim mail transfer agent Name: exim Version: 4.63 -Release: 4%{?dist} +Release: 5%{?dist} License: GPL Url: http://www.exim.org/ Group: System Environment/Daemons @@ -394,6 +394,9 @@ test "$1" = 0 || %{_initrddir}/clamd.exim condrestart >/dev/null || : %endif %changelog +* Thu Oct 05 2006 Christian Iseli 4.63-5 + - rebuilt for unwind info generation, broken in gcc-4.1.1-21 + * Mon Sep 25 2006 David Woodhouse - 4.63-4 - Set home_directory on lmtp_transport by default From 932b747164ffd280016017b0707f4bf1ce4a8a5a Mon Sep 17 00:00:00 2001 From: David Woodhouse Date: Thu, 7 Dec 2006 12:17:16 +0000 Subject: [PATCH 035/194] Own /etc/exim directory --- exim.spec | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/exim.spec b/exim.spec index ae9ce94..04b4dcb 100644 --- a/exim.spec +++ b/exim.spec @@ -12,7 +12,7 @@ Summary: The exim mail transfer agent Name: exim Version: 4.63 -Release: 5%{?dist} +Release: 6%{?dist} License: GPL Url: http://www.exim.org/ Group: System Environment/Daemons @@ -344,6 +344,7 @@ fi %dir %{_var}/log/exim %defattr(-,root,mail) +%dir %{_sysconfdir}/exim %config(noreplace) %{_sysconfdir}/exim/exim.conf %defattr(-,root,root) @@ -394,8 +395,11 @@ test "$1" = 0 || %{_initrddir}/clamd.exim condrestart >/dev/null || : %endif %changelog +* Tue Oct 17 2006 Christian Iseli 4.63-6 +- Own /etc/exim directory + * Thu Oct 05 2006 Christian Iseli 4.63-5 - - rebuilt for unwind info generation, broken in gcc-4.1.1-21 +- rebuilt for unwind info generation, broken in gcc-4.1.1-21 * Mon Sep 25 2006 David Woodhouse - 4.63-4 - Set home_directory on lmtp_transport by default From a3f96de6b637d85699eba5c23c2b135e67915dc9 Mon Sep 17 00:00:00 2001 From: David Woodhouse Date: Sat, 9 Dec 2006 21:27:45 +0000 Subject: [PATCH 036/194] it's tcp_wrappers-devel now --- exim.spec | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/exim.spec b/exim.spec index 04b4dcb..d18e99c 100644 --- a/exim.spec +++ b/exim.spec @@ -48,7 +48,7 @@ Patch21: exim-4.63-localhost-is-local.patch Requires: /etc/aliases BuildRequires: db4-devel openssl-devel openldap-devel pam-devel -BuildRequires: lynx pcre-devel sqlite-devel tcp_wrappers +BuildRequires: lynx pcre-devel sqlite-devel tcp_wrappers-devel BuildRequires: cyrus-sasl-devel openldap-devel openssl-devel mysql-devel postgresql-devel BuildRequires: libXaw-devel libXmu-devel libXext-devel libX11-devel libSM-devel BuildRequires: libICE-devel libXpm-devel libXt-devel From d62f19c94187a449bea1e4fbfaba0f3b4fff4875 Mon Sep 17 00:00:00 2001 From: David Woodhouse Date: Tue, 6 Feb 2007 18:08:56 +0000 Subject: [PATCH 037/194] 4.66 --- exim-4.50-config.patch | 15 +++++++++++++-- exim-4.62-dlopen-localscan.patch | 4 ++-- exim.init | 11 +++++++++-- exim.spec | 9 +++++++-- 4 files changed, 31 insertions(+), 8 deletions(-) diff --git a/exim-4.50-config.patch b/exim-4.50-config.patch index 1eaa4a6..aecb30b 100644 --- a/exim-4.50-config.patch +++ b/exim-4.50-config.patch @@ -115,16 +115,18 @@ #------------------------------------------------------------------------------ # Compiling Exim with experimental features. These are documented in -@@ -464,10 +466,10 @@ +@@ -464,11 +466,11 @@ # included in the Exim binary. You will then need to set up the run time # configuration to make use of the mechanism(s) selected. -# AUTH_CRAM_MD5=yes -# AUTH_CYRUS_SASL=yes +-# AUTH_DOVECOT=yes -# AUTH_PLAINTEXT=yes -# AUTH_SPA=yes +AUTH_CRAM_MD5=yes +AUTH_CYRUS_SASL=yes ++AUTH_DOVECOT=yes +AUTH_PLAINTEXT=yes +AUTH_SPA=yes @@ -206,6 +208,15 @@ +EXIM_PERL=perl.o + #------------------------------------------------------------------------------ +@@ -691,7 +696,7 @@ EXIM_PERL=perl.o + # that the local_scan API is made available by the linker. You may also need + # to add -ldl to EXTRALIBS so that dlopen() is available to Exim. + +-# EXPAND_DLFUNC=yes ++EXPAND_DLFUNC=yes + + #------------------------------------------------------------------------------ @@ -696,7 +699,7 @@ # support, which is intended for use in conjunction with the SMTP AUTH @@ -245,7 +256,7 @@ -# USE_READLINE=yes +USE_READLINE=yes - # You may need to add -ldl to EXTRA_LIBS when you set USE_READLINE=yes. + # You may need to add -ldl to EXTRALIBS when you set USE_READLINE=yes. # Note that this option adds to the size of the Exim binary, because the # dynamic loading library is not otherwise included. diff --git a/exim-4.62-dlopen-localscan.patch b/exim-4.62-dlopen-localscan.patch index 03010eb..2692ba4 100644 --- a/exim-4.62-dlopen-localscan.patch +++ b/exim-4.62-dlopen-localscan.patch @@ -10,8 +10,8 @@ of exim until Philip has to break the API and increase the major number) Marc MERLIN diff -urN exim-4.14-0/src/EDITME exim-4.14-1/src/EDITME ---- exim-4.14-0/src/EDITME Tue Mar 11 04:20:18 2003 -+++ exim-4.14-1/src/EDITME Sun Mar 23 15:34:15 2003 +--- exim-4.14-0/Local/Makefile Tue Mar 11 04:20:18 2003 ++++ exim-4.14-1/Local/Makefile Sun Mar 23 15:34:15 2003 @@ -388,6 +388,20 @@ diff --git a/exim.init b/exim.init index a22d6c2..c63d488 100644 --- a/exim.init +++ b/exim.init @@ -73,14 +73,21 @@ case "$1" in restart) restart ;; + reload) + if [ -f /var/lock/subsys/exim ]; then + echo -n $"Reloading exim:" + killproc exim -HUP + echo + fi + ;; condrestart) - [ -f /var/lock/subsys/exim ] && restart || : + [ -f /var/lock/subsys/exim ] && restart || : ;; status) status exim ;; *) - echo $"Usage: $0 {start|stop|restart|status|condrestart}" + echo $"Usage: $0 {start|stop|restart|reload|status|condrestart}" exit 1 esac diff --git a/exim.spec b/exim.spec index d18e99c..9e905ee 100644 --- a/exim.spec +++ b/exim.spec @@ -11,8 +11,8 @@ Summary: The exim mail transfer agent Name: exim -Version: 4.63 -Release: 6%{?dist} +Version: 4.66 +Release: 1%{?dist} License: GPL Url: http://www.exim.org/ Group: System Environment/Daemons @@ -395,6 +395,11 @@ test "$1" = 0 || %{_initrddir}/clamd.exim condrestart >/dev/null || : %endif %changelog +* Tue Feb 6 2007 David Woodhouse 4.66-1 +- Update to 4.66 +- Add dovecot authenticator +- Add 'reload' in init script (#219174) + * Tue Oct 17 2006 Christian Iseli 4.63-6 - Own /etc/exim directory From 02080aee53de0369681aeaf0459ddeedb4f96877 Mon Sep 17 00:00:00 2001 From: David Woodhouse Date: Tue, 6 Feb 2007 18:34:52 +0000 Subject: [PATCH 038/194] oops, and the tarball too --- .cvsignore | 3 +-- sources | 3 +-- 2 files changed, 2 insertions(+), 4 deletions(-) diff --git a/.cvsignore b/.cvsignore index d3e3c63..1e2249d 100644 --- a/.cvsignore +++ b/.cvsignore @@ -1,3 +1,2 @@ sa-exim-4.2.tar.gz -exim-4.62.tar.bz2 -exim-4.63.tar.bz2 +exim-4.66.tar.bz2 diff --git a/sources b/sources index 116aac6..c6b9760 100644 --- a/sources +++ b/sources @@ -1,3 +1,2 @@ ad76f73c6b3d01caa88078e3e622745a sa-exim-4.2.tar.gz -a8efc92427192fd3b7b5e71decc8cc31 exim-4.62.tar.bz2 -dde2d5f7106d51607409af94174db46c exim-4.63.tar.bz2 +01288e44919d8abdde5a7bd2c200449b exim-4.66.tar.bz2 From dcfda4841d1319a491dc08672e82f56f8d4350af Mon Sep 17 00:00:00 2001 From: David Woodhouse Date: Wed, 7 Feb 2007 12:18:24 +0000 Subject: [PATCH 039/194] Add greylisting --- exim-greylist.conf.inc | 104 +++++++++++++++++++++++++++++++++++++++++ exim.spec | 59 +++++++++++++++++++++-- greylist-tidy.sh | 8 ++++ mk-greylist-db.sql | 12 +++++ 4 files changed, 180 insertions(+), 3 deletions(-) create mode 100644 exim-greylist.conf.inc create mode 100755 greylist-tidy.sh create mode 100644 mk-greylist-db.sql diff --git a/exim-greylist.conf.inc b/exim-greylist.conf.inc new file mode 100644 index 0000000..66f76bd --- /dev/null +++ b/exim-greylist.conf.inc @@ -0,0 +1,104 @@ +# $Id: acl-greylist-sqlite,v 1.1 2006/06/13 13:56:54 dwmw2 Exp $ + +GREYDB=/var/spool/exim/db/greylist.db + +# ACL for greylisting. Place reason(s) for greylisting into a variable named +# $acl_m_greylistreasons before invoking with 'require acl = greylist_mail'. +# The reasons should be separate lines of text, and will be reported in +# the SMTP rejection message as well as the log message. +# +# When a suspicious mail is seen, we temporarily reject it and wait to see +# if the sender tries again. Most spam robots won't bother. Real mail hosts +# _will_ retry, and we'll accept it the second time. For hosts which are +# observed to retry, we don't bother greylisting again in the future -- +# it's obviously pointless. We remember such hosts, or 'known resenders', +# by a tuple of their IP address and the name they used in HELO. +# +# We also include the time of listing for 'known resenders', just in case +# someone wants to expire them after a certain amount of time. So the +# database table for these 'known resenders' looks like this: +# +# CREATE TABLE resenders ( +# host TEXT PRIMARY KEY, +# helo TEXT, +# time INTEGER +# ); +# +# To remember mail we've rejected, we create an 'identity' from its sender +# and recipient addresses and its Message-ID: header. We don't include the +# sending IP address in the identity, because sometimes the second and +# subsequent attempts may come from a different IP address to the original. +# +# We do record the original IP address and HELO name though, because if +# the message _is_ retried from another machine, it's the _first_ one we +# want to record as a 'known resender'; not just its backup path. +# +# Obviously we record the time too, so the main table of greylisted mail +# looks like this: +# +# CREATE TABLE greylist ( +# id TEXT PRIMARY KEY, +# expire INTEGER, +# host TEXT, +# helo TEXT +# ); +# + +greylist_mail: + # First, accept if it there's absolutely nothing suspicious about it... + accept condition = ${if eq{$acl_m_greylistreasons}{} {1}} + # ... or if it was generated locally or by authenticated clients. + accept hosts = : + accept authenticated = * + + # Secondly, there's _absolutely_ no point in greylisting mail from + # hosts which are known to resend their mail. Just accept it. + accept hosts = sqlite;GREYDB SELECT host from resenders \ + WHERE helo='${quote_sqlite:$sender_helo_name}' \ + AND host='$sender_host_address'; + + # Generate the mail identity (as described above) + warn set acl_m_greyident = ${hash{20}{62}{$sender_address$recipients$h_message-id:}} + + # Attempt to look up this mail in the greylist database. If it's there, + # remember the expiry time for it; we need to make sure they've waited + # long enough. + warn set acl_m_greyexpiry = ${lookup sqlite {GREYDB SELECT expire FROM greylist \ + WHERE id='${quote_sqlite:$acl_m_greyident}';}{$value}} + + # If the mail isn't already the database, defer it with an appropriate + # message, and add it. Do the addition to the greylist database as a + # hackish side-effect of the log-message, appending 'success' or 'failure' + # to the log-message depending on whether the SQL worked (which it always + # should). This is where the 5 minute timeout is set ($tod_epoch + 300) + # should you wish to change it. + defer condition = ${if eq {$acl_m_greyexpiry}{} {1}} + log_message = Greylisted $h_message-id: for offences: ${sg {$acl_m_greylistreasons}{\n}{,}}:\ + ${lookup sqlite {GREYDB INSERT INTO greylist \ + VALUES ( '$acl_m_greyident', \ + '${eval10:$tod_epoch+300}', \ + '$sender_host_address', \ + '${quote_sqlite:$sender_helo_name}' );}\ + {success}{failure}} + message = Your mail was considered suspicious for the following reason(s):\n$acl_m_greylistreasons \ + The mail has been greylisted for 5 minutes, after which it should be accepted. \ + We apologise for the inconvenience. Your mail system should keep the mail on \ + its queue and retry. When that happens, your system will be added to the list \ + genuine mail systems, and mail from it should not be greylisted any more. \ + In the event of problems, please contact postmaster@$qualify_domain + + # If the message was already listed but its time hasn't yet expired, keep rejecting it + defer condition = ${if > {$acl_m_greyexpiry}{$tod_epoch}} + message = Your mail was previously greylisted and the time has not yet expired.\n\ + You should wait another ${eval10:$acl_m_greyexpiry-$tod_epoch} seconds.\n\ + Reason(s) for greylisting: \n$acl_m_greylistreasons + + # The message was listed but it's been more than five minutes. Accept it now and whitelist + # the sending host by its { IP, HELO } so that we don't delay its mail again. The addition + # to the database is again done as a hackish side-effect; this time a side-effect of + # evaluating a condition which comes out as '1' whether the database bit succeeds or not. + accept condition = ${lookup sqlite {GREYDB INSERT INTO resenders \ + VALUES ( '$sender_host_address', \ + '${quote_sqlite:$sender_helo_name}', + '$tod_epoch' ); }{1}{1}} + diff --git a/exim.spec b/exim.spec index 9e905ee..70779d4 100644 --- a/exim.spec +++ b/exim.spec @@ -12,7 +12,7 @@ Summary: The exim mail transfer agent Name: exim Version: 4.66 -Release: 1%{?dist} +Release: 2%{?dist} License: GPL Url: http://www.exim.org/ Group: System Environment/Daemons @@ -33,6 +33,10 @@ Source11: exim.pam %if 0%{?buildsa} Source13: http://marc.merlins.org/linux/exim/files/sa-exim-4.2.tar.gz %endif +Source20: exim-greylist.conf.inc +Source21: mk-greylist-db.sql +Source22: greylist-tidy.sh + Patch4: exim-rhl.patch Patch6: exim-4.50-config.patch Patch8: exim-4.24-libdir.patch @@ -45,6 +49,7 @@ Patch18: exim-4.62-dlopen-localscan.patch Patch19: exim-4.63-procmail.patch Patch20: exim-4.63-allow-filter.patch Patch21: exim-4.63-localhost-is-local.patch +Patch22: exim-4.66-greylist-conf.patch Requires: /etc/aliases BuildRequires: db4-devel openssl-devel openldap-devel pam-devel @@ -105,9 +110,34 @@ as follows: deny message = This message contains malware ($malware_name) malware = * -For further details of Exim content scanning, see chapter 40 of the Exim +For further details of Exim content scanning, see chapter 41 of the Exim specification: -http://www.exim.org/exim-html-4.62/doc/html/spec_html/ch40.html#SECTscanvirus +http://www.exim.org/exim-html-%{version}/doc/html/spec_html/ch41.html + +%package greylist +Summary: Example configuration for greylisting using Exim +Group: System Environment/Daemons +Requires: sqlite exim %{_sysconfdir}/cron.daily + +%description greylist +This package contains a simple example of how to do greylisting in Exim's +ACL configuration. It contains a cron job to remove old entries from the +greylisting database, and an ACL subroutine which needs to be included +from the main exim.conf file. + +To enable greylisting, install this package and then uncomment the lines +in Exim's configuration /etc/exim.conf which enable it. You need to +uncomment at least two lines -- the '.include' directive which includes +the new ACL subroutine, and the line which invokes the new subroutine. + +By default, this implementation only greylists mails which appears +'suspicious' in some way. During normal processing of the ACLs we collect +a list of 'offended' which it's committed, which may include having +SpamAssassin points, lacking a Message-ID: header, coming from a blacklisted +host, etc. There are examples of these in the default configuration file, +mostly commented out. These should be sufficient for you to you trigger +greylisting for whatever 'offences' you can dream of, or even to make +greylisting unconditional. %prep %setup -q @@ -129,6 +159,7 @@ cp exim_monitor/EDITME Local/eximon.conf %patch19 -p1 -b .procmail %patch20 -p1 -b .filter %patch21 -p1 -b .localhost +%patch22 -p1 -b .grey %build %ifnarch s390 s390x @@ -243,6 +274,12 @@ ln -sf clamd $RPM_BUILD_ROOT/usr/sbin/clamd.exim mkdir -p $RPM_BUILD_ROOT%{_var}/run/clamd.exim %endif +# Set up the greylist subpackage +install -m644 %{SOURCE20} $RPM_BUILD_ROOT/%_sysconfdir/exim/exim-greylist.conf.inc +install -m644 %{SOURCE21} $RPM_BUILD_ROOT/%_sysconfdir/exim/mk-greylist-db.sql +mkdir -p $RPM_BUILD_ROOT/%_sysconfdir/cron.daily +install -m755 %{SOURCE22} $RPM_BUILD_ROOT/%_sysconfdir/cron.daily/greylist-tidy.sh +touch $RPM_BUILD_ROOT/%_var/spool/exim/db/greylist.db %clean rm -rf $RPM_BUILD_ROOT @@ -309,6 +346,13 @@ if [ "$1" -ge "1" ]; then fi fi +%post greylist +if [ ! -r %{_var}/spool/exim/db/greylist.db ]; then + sqlite3 %{_var}/spool/exim/db/greylist.db < %{_sysconfdir}/exim/mk-greylist-db.sql + chown exim.exim %{_var}/spool/exim/db/greylist.db + chmod 0660 %{_var}/spool/exim/db/greylist.db +fi + %files %defattr(-,root,root) %attr(4755,root,root) %{_sbindir}/exim @@ -394,7 +438,16 @@ test "$1" = 0 || %{_initrddir}/clamd.exim condrestart >/dev/null || : %attr(0750,exim,exim) %dir %{_var}/run/clamd.exim %endif +%files greylist +%config %{_sysconfdir}/exim/exim-greylist.conf.inc +%ghost %{_var}/spool/exim/db/greylist.db +%{_sysconfdir}/exim/mk-greylist-db.sql +%{_sysconfdir}/cron.daily/greylist-tidy.sh + %changelog +* Wed Feb 7 2007 David Woodhouse 4.66-2 +- Add example of greylisting implementation in Exim ACLs + * Tue Feb 6 2007 David Woodhouse 4.66-1 - Update to 4.66 - Add dovecot authenticator diff --git a/greylist-tidy.sh b/greylist-tidy.sh new file mode 100755 index 0000000..6a34bed --- /dev/null +++ b/greylist-tidy.sh @@ -0,0 +1,8 @@ +#!/bin/bash + +if [ -r /var/spool/exim/db/greylist.db ]; then + sqlite /var/spool/exim/db/greylist.db < Date: Wed, 7 Feb 2007 12:21:10 +0000 Subject: [PATCH 040/194] Stupid dwmw2. Fix it in the package as well as on the test system. --- exim-greylist.conf.inc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/exim-greylist.conf.inc b/exim-greylist.conf.inc index 66f76bd..e70f960 100644 --- a/exim-greylist.conf.inc +++ b/exim-greylist.conf.inc @@ -99,6 +99,6 @@ greylist_mail: # evaluating a condition which comes out as '1' whether the database bit succeeds or not. accept condition = ${lookup sqlite {GREYDB INSERT INTO resenders \ VALUES ( '$sender_host_address', \ - '${quote_sqlite:$sender_helo_name}', + '${quote_sqlite:$sender_helo_name}', \ '$tod_epoch' ); }{1}{1}} From ba91edb8b03b2a9b448cd042715eab18943825b7 Mon Sep 17 00:00:00 2001 From: David Woodhouse Date: Wed, 7 Feb 2007 12:32:44 +0000 Subject: [PATCH 041/194] primary key in resenders is (host,helo) not just host --- exim-greylist.conf.inc | 11 +++++------ mk-greylist-db.sql | 3 ++- 2 files changed, 7 insertions(+), 7 deletions(-) diff --git a/exim-greylist.conf.inc b/exim-greylist.conf.inc index e70f960..147fe3f 100644 --- a/exim-greylist.conf.inc +++ b/exim-greylist.conf.inc @@ -19,10 +19,10 @@ GREYDB=/var/spool/exim/db/greylist.db # database table for these 'known resenders' looks like this: # # CREATE TABLE resenders ( -# host TEXT PRIMARY KEY, +# host TEXT, # helo TEXT, -# time INTEGER -# ); +# time INTEGER, +# PRIMARY KEY (host, helo) ); # # To remember mail we've rejected, we create an 'identity' from its sender # and recipient addresses and its Message-ID: header. We don't include the @@ -37,11 +37,10 @@ GREYDB=/var/spool/exim/db/greylist.db # looks like this: # # CREATE TABLE greylist ( -# id TEXT PRIMARY KEY, +# id TEXT, # expire INTEGER, # host TEXT, -# helo TEXT -# ); +# helo TEXT); # greylist_mail: diff --git a/mk-greylist-db.sql b/mk-greylist-db.sql index 97b45df..29550e8 100644 --- a/mk-greylist-db.sql +++ b/mk-greylist-db.sql @@ -1,7 +1,8 @@ CREATE TABLE resenders ( - host TEXT PRIMARY KEY, + host TEXT, helo TEXT, time INTEGER + PRIMARY KEY (host, helo) ); CREATE TABLE greylist ( From 96ea9a4870584d3e29bfa971b6b7ddb8702e2e2f Mon Sep 17 00:00:00 2001 From: David Woodhouse Date: Wed, 7 Feb 2007 12:45:33 +0000 Subject: [PATCH 042/194] fix sql, remove bogus success/failure indication --- exim-greylist.conf.inc | 11 ++++------- mk-greylist-db.sql | 2 +- 2 files changed, 5 insertions(+), 8 deletions(-) diff --git a/exim-greylist.conf.inc b/exim-greylist.conf.inc index 147fe3f..baa890d 100644 --- a/exim-greylist.conf.inc +++ b/exim-greylist.conf.inc @@ -67,18 +67,15 @@ greylist_mail: # If the mail isn't already the database, defer it with an appropriate # message, and add it. Do the addition to the greylist database as a - # hackish side-effect of the log-message, appending 'success' or 'failure' - # to the log-message depending on whether the SQL worked (which it always - # should). This is where the 5 minute timeout is set ($tod_epoch + 300) - # should you wish to change it. + # hackish side-effect of the log-message. This is where the 5 minute + # timeout is set ($tod_epoch + 300), should you wish to change it. defer condition = ${if eq {$acl_m_greyexpiry}{} {1}} - log_message = Greylisted $h_message-id: for offences: ${sg {$acl_m_greylistreasons}{\n}{,}}:\ + log_message = Greylisted $h_message-id: for offences: ${sg {$acl_m_greylistreasons}{\n}{,}}\ ${lookup sqlite {GREYDB INSERT INTO greylist \ VALUES ( '$acl_m_greyident', \ '${eval10:$tod_epoch+300}', \ '$sender_host_address', \ - '${quote_sqlite:$sender_helo_name}' );}\ - {success}{failure}} + '${quote_sqlite:$sender_helo_name}' );}} message = Your mail was considered suspicious for the following reason(s):\n$acl_m_greylistreasons \ The mail has been greylisted for 5 minutes, after which it should be accepted. \ We apologise for the inconvenience. Your mail system should keep the mail on \ diff --git a/mk-greylist-db.sql b/mk-greylist-db.sql index 29550e8..dff48c9 100644 --- a/mk-greylist-db.sql +++ b/mk-greylist-db.sql @@ -1,7 +1,7 @@ CREATE TABLE resenders ( host TEXT, helo TEXT, - time INTEGER + time INTEGER, PRIMARY KEY (host, helo) ); From 8983e4a95f2efd0fc14d8fe36e6f4c810fefa1ca Mon Sep 17 00:00:00 2001 From: David Woodhouse Date: Wed, 7 Feb 2007 12:48:17 +0000 Subject: [PATCH 043/194] it's sqlite3 in -devel not sqlite --- greylist-tidy.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/greylist-tidy.sh b/greylist-tidy.sh index 6a34bed..928e12e 100755 --- a/greylist-tidy.sh +++ b/greylist-tidy.sh @@ -1,7 +1,7 @@ #!/bin/bash if [ -r /var/spool/exim/db/greylist.db ]; then - sqlite /var/spool/exim/db/greylist.db < Date: Wed, 7 Feb 2007 12:57:15 +0000 Subject: [PATCH 044/194] greylisting patch to make conf file --- exim-4.66-greylist-conf.patch | 78 +++++++++++++++++++++++++++++++++++ 1 file changed, 78 insertions(+) create mode 100644 exim-4.66-greylist-conf.patch diff --git a/exim-4.66-greylist-conf.patch b/exim-4.66-greylist-conf.patch new file mode 100644 index 0000000..34fe57b --- /dev/null +++ b/exim-4.66-greylist-conf.patch @@ -0,0 +1,78 @@ +--- exim-4.66/src/configure.default.grey 2007-02-07 12:01:16.000000000 +0000 ++++ exim-4.66/src/configure.default 2007-02-07 12:09:06.000000000 +0000 +@@ -435,7 +435,8 @@ acl_check_rcpt: + # There are no default checks on DNS black lists because the domains that + # contain these lists are changing all the time. However, here are two + # examples of how you can get Exim to perform a DNS black list lookup at this +- # point. The first one denies, whereas the second just warns. ++ # point. The first one denies, whereas the second just warns. The third ++ # triggers greylisting for any host in the blacklist. + # + # deny message = rejected because $sender_host_address is in a black list at $dnslist_domain\n$dnslist_text + # dnslists = black.list.example +@@ -443,6 +444,10 @@ acl_check_rcpt: + # warn dnslists = black.list.example + # add_header = X-Warning: $sender_host_address is in a black list at $dnslist_domain + # log_message = found in $dnslist_domain ++ # ++ # warn dnslists = black.list.example ++ # set acl_m_greylistreasons = Host found in $dnslist_domain\n$acl_m_greylistreasons ++ # + ############################################################################# + + ############################################################################# +@@ -456,6 +461,10 @@ acl_check_rcpt: + # require verify = csa + ############################################################################# + ++ # Alternatively, greylist for it: ++ # warn !verify = csa ++ # set acl_m_greylistreasons = Host failed CSA check\n$acl_m_greylistreasons ++ + # At this point, the address has passed all the checks that have been + # configured, so we accept it unconditionally. + +@@ -481,6 +490,12 @@ acl_check_data: + # deny condition = ${if !def:h_Message-ID: {1}} + # message = RFC2822 says that all mail SHOULD have a Message-ID header.\n\ + # Most messages without it are spam, so your mail has been rejected. ++ # ++ # Alternatively if we're feeling more lenient we could just use it to ++ # trigger greylisting instead: ++ ++ warn condition = ${if !def:h_Message-ID: {1}} ++ set acl_m_greylistreasons = Message lacks Message-Id: header. Consult RFC2822.\n$acl_m_greylistreasons + + # Deny if the message contains a virus. Before enabling this check, you + # must install a virus scanner and set the av_scanner option above. +@@ -515,8 +530,30 @@ acl_check_data: + # message = Your message scored $spam_score SpamAssassin point. Report follows:\n\ + # $spam_report + ++ # Trigger greylisting (if enabled) if the SpamAssassin score is greater than 0.5 ++ # ++ # warn condition = ${if >{$spam_score_int}{5} {1}} ++ # set acl_m_greylistreasons = Message has $spam_score SpamAssassin points\n$acl_m_greylistreasons ++ ++ ++ # If you want to greylist _all_ mail rather than only mail which looks like there ++ # might be something wrong with it, then you can do this... ++ # ++ # warn set acl_m_greylistreasons = We greylist all mail\n$acl_m_greylistreasons ++ ++ # Now, invoke the greylisting. For this you need to have installed the exim-greylist ++ # package which contains this subroutine, and you need to uncomment the bit below ++ # which includes it too. Whenever the $acl_m_greylistreasons variable is non-empty, ++ # greylisting will kick in and will defer the mail to check if the sender is a ++ # proper mail which which retries, or whether it's a zombie. For more details, see ++ # the exim-greylist.conf.inc file itself. ++ # ++ # require acl = greylist_mail ++ + accept + ++# To enable the greylisting, also uncomment this line: ++# .include /etc/exim/exim-greylist.conf.inc + + acl_check_mime: + From 04f7f891af90f9d624f225111fb19d57be4bb1c2 Mon Sep 17 00:00:00 2001 From: David Woodhouse Date: Thu, 8 Feb 2007 09:32:02 +0000 Subject: [PATCH 045/194] Improve error handling if the database goes AWOL. Record the _original_ {IP,HELO} as known resender. --- exim-greylist.conf.inc | 52 +++++++++++++++++++++++++++++------------- 1 file changed, 36 insertions(+), 16 deletions(-) diff --git a/exim-greylist.conf.inc b/exim-greylist.conf.inc index baa890d..1baf440 100644 --- a/exim-greylist.conf.inc +++ b/exim-greylist.conf.inc @@ -56,7 +56,7 @@ greylist_mail: WHERE helo='${quote_sqlite:$sender_helo_name}' \ AND host='$sender_host_address'; - # Generate the mail identity (as described above) + # Generate a hashed 'identity' for the mail, as described above. warn set acl_m_greyident = ${hash{20}{62}{$sender_address$recipients$h_message-id:}} # Attempt to look up this mail in the greylist database. If it's there, @@ -65,23 +65,39 @@ greylist_mail: warn set acl_m_greyexpiry = ${lookup sqlite {GREYDB SELECT expire FROM greylist \ WHERE id='${quote_sqlite:$acl_m_greyident}';}{$value}} - # If the mail isn't already the database, defer it with an appropriate - # message, and add it. Do the addition to the greylist database as a - # hackish side-effect of the log-message. This is where the 5 minute - # timeout is set ($tod_epoch + 300), should you wish to change it. - defer condition = ${if eq {$acl_m_greyexpiry}{} {1}} - log_message = Greylisted $h_message-id: for offences: ${sg {$acl_m_greylistreasons}{\n}{,}}\ - ${lookup sqlite {GREYDB INSERT INTO greylist \ + # If the mail isn't already the database -- i.e. if the $acl_m_greyexpiry + # variable we just looked up is empty -- then try to add it now. This is + # where the 5 minute timeout is set ($tod_epoch + 300), should you wish + # to change it. + warn condition = ${if eq {$acl_m_greyexpiry}{} {1}} + set acl_m_dontcare = ${lookup sqlite {GREYDB INSERT INTO greylist \ VALUES ( '$acl_m_greyident', \ - '${eval10:$tod_epoch+300}', \ + '${eval10:$tod_epoch+30}', \ '$sender_host_address', \ '${quote_sqlite:$sender_helo_name}' );}} + + # Be paranoid, and check if the insertion succeeded (by doing another lookup). + # Otherwise, if there's a database error we might end up deferring for ever. + defer condition = ${if eq {$acl_m_greyexpiry}{} {1}} + condition = ${lookup sqlite {GREYDB SELECT expire FROM greylist \ + WHERE id='${quote_sqlite:$acl_m_greyident}';} {1}} message = Your mail was considered suspicious for the following reason(s):\n$acl_m_greylistreasons \ The mail has been greylisted for 5 minutes, after which it should be accepted. \ We apologise for the inconvenience. Your mail system should keep the mail on \ its queue and retry. When that happens, your system will be added to the list \ genuine mail systems, and mail from it should not be greylisted any more. \ In the event of problems, please contact postmaster@$qualify_domain + log_message = Greylisted <$h_message-id:> from <$sender_address> for offences: ${sg {$acl_m_greylistreasons}{\n}{,}} + + # Handle the error case (which should never happen, but would be bad if it did). + # First by whining about it in the logs, so the admin can deal with it... + warn condition = ${if eq {$acl_m_greyexpiry}{} {1}} + log_message = Greylist insertion failed. Bypassing greylist. + # ... and then by just accepting the message. + accept condition = ${if eq {$acl_m_greyexpiry}{} {1}} + + # OK, we've dealt with the "new" messages. Now we deal with messages which + # _were_ already in the database... # If the message was already listed but its time hasn't yet expired, keep rejecting it defer condition = ${if > {$acl_m_greyexpiry}{$tod_epoch}} @@ -90,11 +106,15 @@ greylist_mail: Reason(s) for greylisting: \n$acl_m_greylistreasons # The message was listed but it's been more than five minutes. Accept it now and whitelist - # the sending host by its { IP, HELO } so that we don't delay its mail again. The addition - # to the database is again done as a hackish side-effect; this time a side-effect of - # evaluating a condition which comes out as '1' whether the database bit succeeds or not. - accept condition = ${lookup sqlite {GREYDB INSERT INTO resenders \ - VALUES ( '$sender_host_address', \ - '${quote_sqlite:$sender_helo_name}', \ - '$tod_epoch' ); }{1}{1}} + # the _original_ sending host by its { IP, HELO } so that we don't delay its mail again. + warn set acl_m_orighost = ${lookup sqlite {GREYDB SELECT host FROM greylist \ + WHERE id='${quote_sqlite:$acl_m_greyident}';}{$value}} + set acl_m_orighelo = ${lookup sqlite {GREYDB SELECT helo FROM greylist \ + WHERE id='${quote_sqlite:$acl_m_greyident}';}{$value}} + set acl_m_dontcare = ${lookup sqlite {GREYDB INSERT INTO resenders \ + VALUES ( '$acl_m_orighost', \ + '${quote_sqlite:$acl_m_orighelo}', \ + '$tod_epoch' ); }} + logwrite = Added host $acl_m_orighost with HELO '$acl_m_orighelo' to known resenders + accept From dfa8e8d440f7af1942e814dfb116e7dafadd7ac6 Mon Sep 17 00:00:00 2001 From: David Woodhouse Date: Thu, 8 Feb 2007 10:31:24 +0000 Subject: [PATCH 046/194] oops. Back to 300 seconds --- exim-greylist.conf.inc | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/exim-greylist.conf.inc b/exim-greylist.conf.inc index 1baf440..57cce1b 100644 --- a/exim-greylist.conf.inc +++ b/exim-greylist.conf.inc @@ -1,4 +1,4 @@ -# $Id: acl-greylist-sqlite,v 1.1 2006/06/13 13:56:54 dwmw2 Exp $ +# $Id: exim-greylist.conf.inc,v 1.5 2007/02/08 09:32:02 dwmw2 Exp $ GREYDB=/var/spool/exim/db/greylist.db @@ -72,7 +72,7 @@ greylist_mail: warn condition = ${if eq {$acl_m_greyexpiry}{} {1}} set acl_m_dontcare = ${lookup sqlite {GREYDB INSERT INTO greylist \ VALUES ( '$acl_m_greyident', \ - '${eval10:$tod_epoch+30}', \ + '${eval10:$tod_epoch+300}', \ '$sender_host_address', \ '${quote_sqlite:$sender_helo_name}' );}} From 56d67391a4dd19c21cd07e08a3257cd041f3d55b Mon Sep 17 00:00:00 2001 From: David Woodhouse Date: Thu, 8 Feb 2007 10:32:13 +0000 Subject: [PATCH 047/194] require helo, show how to greylist for no rdns --- exim-4.66-greylist-conf.patch | 52 ++++++++++++++++++++++++++++++----- 1 file changed, 45 insertions(+), 7 deletions(-) diff --git a/exim-4.66-greylist-conf.patch b/exim-4.66-greylist-conf.patch index 34fe57b..264212c 100644 --- a/exim-4.66-greylist-conf.patch +++ b/exim-4.66-greylist-conf.patch @@ -1,6 +1,44 @@ ---- exim-4.66/src/configure.default.grey 2007-02-07 12:01:16.000000000 +0000 -+++ exim-4.66/src/configure.default 2007-02-07 12:09:06.000000000 +0000 -@@ -435,7 +435,8 @@ acl_check_rcpt: +--- exim-4.66/src/configure.default.grey 2007-02-07 13:07:40.000000000 +0000 ++++ exim-4.66/src/configure.default 2007-02-08 10:16:17.000000000 +0000 +@@ -105,6 +105,7 @@ hostlist relay_from_hosts = 127.0.0.1 + # manual for details. The lists above are used in the access control lists for + # checking incoming messages. The names of these ACLs are defined here: + ++acl_smtp_mail = acl_check_mail + acl_smtp_rcpt = acl_check_rcpt + acl_smtp_data = acl_check_data + acl_smtp_mime = acl_check_mime +@@ -318,6 +319,29 @@ timeout_frozen_after = 7d + + begin acl + ++ ++# This access control list is used for the MAIL command in an incoming ++# SMTP message. ++ ++acl_check_mail: ++ ++ # Hosts are required to say HELO (or EHLO) before sending mail. ++ # So don't allow them to use the MAIL command if they haven't ++ # done so. ++ ++ deny condition = ${if eq{$sender_helo_name}{} {1}} ++ message = Nice boys say HELO first ++ ++ # Use the lack of reverse DNS to trigger greylisting. Some people ++ # even reject for it but that would be a little excessive. ++ ++ warn condition = ${if eq{$sender_host_name}{} {1}} ++ set acl_m_greylistreasons = Host $sender_host_address lacks reverse DNS\n$acl_m_greylistreasons ++ ++ accept ++ ++ ++ + # This access control list is used for every RCPT command in an incoming + # SMTP message. The tests are run in order until the address is either + # accepted or denied. +@@ -435,7 +459,8 @@ acl_check_rcpt: # There are no default checks on DNS black lists because the domains that # contain these lists are changing all the time. However, here are two # examples of how you can get Exim to perform a DNS black list lookup at this @@ -10,7 +48,7 @@ # # deny message = rejected because $sender_host_address is in a black list at $dnslist_domain\n$dnslist_text # dnslists = black.list.example -@@ -443,6 +444,10 @@ acl_check_rcpt: +@@ -443,6 +468,10 @@ acl_check_rcpt: # warn dnslists = black.list.example # add_header = X-Warning: $sender_host_address is in a black list at $dnslist_domain # log_message = found in $dnslist_domain @@ -21,7 +59,7 @@ ############################################################################# ############################################################################# -@@ -456,6 +461,10 @@ acl_check_rcpt: +@@ -456,6 +485,10 @@ acl_check_rcpt: # require verify = csa ############################################################################# @@ -32,7 +70,7 @@ # At this point, the address has passed all the checks that have been # configured, so we accept it unconditionally. -@@ -481,6 +490,12 @@ acl_check_data: +@@ -481,6 +514,12 @@ acl_check_data: # deny condition = ${if !def:h_Message-ID: {1}} # message = RFC2822 says that all mail SHOULD have a Message-ID header.\n\ # Most messages without it are spam, so your mail has been rejected. @@ -45,7 +83,7 @@ # Deny if the message contains a virus. Before enabling this check, you # must install a virus scanner and set the av_scanner option above. -@@ -515,8 +530,30 @@ acl_check_data: +@@ -515,8 +554,30 @@ acl_check_data: # message = Your message scored $spam_score SpamAssassin point. Report follows:\n\ # $spam_report From b40e7830aa12fc51c6e554a08f3875106374f611 Mon Sep 17 00:00:00 2001 From: David Woodhouse Date: Thu, 8 Feb 2007 10:37:55 +0000 Subject: [PATCH 048/194] build with updated greylist bits --- exim.spec | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/exim.spec b/exim.spec index 70779d4..9906e9d 100644 --- a/exim.spec +++ b/exim.spec @@ -12,7 +12,7 @@ Summary: The exim mail transfer agent Name: exim Version: 4.66 -Release: 2%{?dist} +Release: 3%{?dist} License: GPL Url: http://www.exim.org/ Group: System Environment/Daemons @@ -445,6 +445,10 @@ test "$1" = 0 || %{_initrddir}/clamd.exim condrestart >/dev/null || : %{_sysconfdir}/cron.daily/greylist-tidy.sh %changelog +* Thu Feb 8 2007 David Woodhouse 4.66-3 +- Improve documentation and error handling in greylist ACL. +- Require HELO before mail + * Wed Feb 7 2007 David Woodhouse 4.66-2 - Add example of greylisting implementation in Exim ACLs From 585faa48724c6faac2a0ab9d9f9d02c7f1631487 Mon Sep 17 00:00:00 2001 From: David Woodhouse Date: Thu, 5 Apr 2007 20:14:53 +0000 Subject: [PATCH 049/194] test commit --- mk-greylist-db.sql | 1 + 1 file changed, 1 insertion(+) diff --git a/mk-greylist-db.sql b/mk-greylist-db.sql index dff48c9..d98436d 100644 --- a/mk-greylist-db.sql +++ b/mk-greylist-db.sql @@ -5,6 +5,7 @@ CREATE TABLE resenders ( PRIMARY KEY (host, helo) ); + CREATE TABLE greylist ( id TEXT PRIMARY KEY, expire INTEGER, From 19b87d0bfc51b35b4167f16004c8241862447bfd Mon Sep 17 00:00:00 2001 From: David Woodhouse Date: Thu, 5 Apr 2007 20:15:34 +0000 Subject: [PATCH 050/194] undo test commit --- mk-greylist-db.sql | 1 - 1 file changed, 1 deletion(-) diff --git a/mk-greylist-db.sql b/mk-greylist-db.sql index d98436d..dff48c9 100644 --- a/mk-greylist-db.sql +++ b/mk-greylist-db.sql @@ -5,7 +5,6 @@ CREATE TABLE resenders ( PRIMARY KEY (host, helo) ); - CREATE TABLE greylist ( id TEXT PRIMARY KEY, expire INTEGER, From be2d7666d56d1e13f060d95b2de4281b279fa245 Mon Sep 17 00:00:00 2001 From: David Woodhouse Date: Wed, 27 Jun 2007 09:12:45 +0000 Subject: [PATCH 051/194] update to 4.67 --- .cvsignore | 2 +- exim-4.67-smarthost-config.patch | 70 ++++++++++++++++++++++++++++++++ exim.spec | 12 ++++-- sources | 2 +- 4 files changed, 81 insertions(+), 5 deletions(-) create mode 100644 exim-4.67-smarthost-config.patch diff --git a/.cvsignore b/.cvsignore index 1e2249d..c0903df 100644 --- a/.cvsignore +++ b/.cvsignore @@ -1,2 +1,2 @@ sa-exim-4.2.tar.gz -exim-4.66.tar.bz2 +exim-4.67.tar.bz2 diff --git a/exim-4.67-smarthost-config.patch b/exim-4.67-smarthost-config.patch new file mode 100644 index 0000000..5dbb4ab --- /dev/null +++ b/exim-4.67-smarthost-config.patch @@ -0,0 +1,70 @@ +--- exim-4.67/src/configure.default~ 2007-06-27 09:28:31.000000000 +0100 ++++ exim-4.67/src/configure.default 2007-06-27 09:57:09.000000000 +0100 +@@ -636,6 +636,20 @@ dnslookup: + ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8 + no_more + ++# Alternatively, comment out the above router and uncomment this one to ++# route all mail to a smarthost instead of sending it directly to the ++# intended recipients. If your smarthost requires authentication, change ++# 'remote_smtp' to 'remote_msa' and set up the 'client_auth' authenticator ++# later in this file. You might need to change the port number in the ++# remote_msa transport. ++# ++#smarthost: ++# driver = manualroute ++# domains = ! +local_domains ++# transport = remote_smtp ++# route_data = smarthost.myisp.net ++# no_more ++ + + # The remaining routers handle addresses in the local domain(s), that is those + # domains that are defined by "domainlist local_domains" above. +@@ -752,6 +766,15 @@ begin transports + remote_smtp: + driver = smtp + ++# This transport is used for delivering messages over SMTP using the ++# "message submission" port (RFC4409). ++ ++remote_msa: ++ driver = smtp ++ port 587 ++ hosts_require_auth = * ++ ++ + # This transport invokes procmail to deliver mail + procmail: + driver = pipe +@@ -854,6 +877,21 @@ begin rewrite + # AUTHENTICATION CONFIGURATION # + ###################################################################### + ++begin authenticators ++ ++# This authenticator supports CRAM-MD5 username/password authentication ++# with Exim acting as a _client_, as it might when sending its outgoing ++# mail to a smarthost rather than directly to the final recipient. ++# Replace SMTPAUTH_USERNAME and SMTPAUTH_PASSWORD as appropriate. ++ ++#client_auth: ++# driver = cram_md5 ++# public_name = CRAM-MD5 ++# client_name = SMTPAUTH_USERNAME ++# client_secret = SMTPAUTH_PASSWORD ++ ++# ++ + # The following authenticators support plaintext username/password + # authentication using the standard PLAIN mechanism and the traditional + # but non-standard LOGIN mechanism, with Exim acting as the server. +@@ -869,7 +907,7 @@ begin rewrite + # The default RCPT ACL checks for successful authentication, and will accept + # messages from authenticated users from anywhere on the Internet. + +-begin authenticators ++# + + # PLAIN authentication has no server prompts. The client sends its + # credentials in one lump, containing an authorization ID (which we do not diff --git a/exim.spec b/exim.spec index 9906e9d..cf6341c 100644 --- a/exim.spec +++ b/exim.spec @@ -11,8 +11,8 @@ Summary: The exim mail transfer agent Name: exim -Version: 4.66 -Release: 3%{?dist} +Version: 4.67 +Release: 1%{?dist} License: GPL Url: http://www.exim.org/ Group: System Environment/Daemons @@ -50,13 +50,14 @@ Patch19: exim-4.63-procmail.patch Patch20: exim-4.63-allow-filter.patch Patch21: exim-4.63-localhost-is-local.patch Patch22: exim-4.66-greylist-conf.patch +Patch23: exim-4.67-smarthost-config.patch Requires: /etc/aliases BuildRequires: db4-devel openssl-devel openldap-devel pam-devel BuildRequires: lynx pcre-devel sqlite-devel tcp_wrappers-devel BuildRequires: cyrus-sasl-devel openldap-devel openssl-devel mysql-devel postgresql-devel BuildRequires: libXaw-devel libXmu-devel libXext-devel libX11-devel libSM-devel -BuildRequires: libICE-devel libXpm-devel libXt-devel +BuildRequires: libICE-devel libXpm-devel libXt-devel perl(ExtUtils::Embed) %description Exim is a message transfer agent (MTA) developed at the University of @@ -160,6 +161,7 @@ cp exim_monitor/EDITME Local/eximon.conf %patch20 -p1 -b .filter %patch21 -p1 -b .localhost %patch22 -p1 -b .grey +%patch23 -p1 -b .smarthost %build %ifnarch s390 s390x @@ -445,6 +447,10 @@ test "$1" = 0 || %{_initrddir}/clamd.exim condrestart >/dev/null || : %{_sysconfdir}/cron.daily/greylist-tidy.sh %changelog +* Wed Jun 27 2007 David Woodhouse 4.67-1 +- Update to 4.67 +- Add config example for using a smarthost, with SMTP AUTH. + * Thu Feb 8 2007 David Woodhouse 4.66-3 - Improve documentation and error handling in greylist ACL. - Require HELO before mail diff --git a/sources b/sources index c6b9760..07e8906 100644 --- a/sources +++ b/sources @@ -1,2 +1,2 @@ ad76f73c6b3d01caa88078e3e622745a sa-exim-4.2.tar.gz -01288e44919d8abdde5a7bd2c200449b exim-4.66.tar.bz2 +9ee83186d9ac99e5ff297112aa6fddf0 exim-4.67.tar.bz2 From 5f2a3a9d245396c0dd2d1f2e12c47aba8b187c98 Mon Sep 17 00:00:00 2001 From: David Woodhouse Date: Thu, 5 Jul 2007 03:51:30 +0000 Subject: [PATCH 052/194] Fix msa port setup --- exim-4.67-smarthost-config.patch | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/exim-4.67-smarthost-config.patch b/exim-4.67-smarthost-config.patch index 5dbb4ab..84b6085 100644 --- a/exim-4.67-smarthost-config.patch +++ b/exim-4.67-smarthost-config.patch @@ -30,7 +30,7 @@ + +remote_msa: + driver = smtp -+ port 587 ++ port = 587 + hosts_require_auth = * + + From aa07f1026e00a15de2e540e16d7fdfd7d3c66c72 Mon Sep 17 00:00:00 2001 From: David Woodhouse Date: Thu, 5 Jul 2007 03:53:41 +0000 Subject: [PATCH 053/194] new 4.67 build --- exim.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/exim.spec b/exim.spec index cf6341c..64da5f7 100644 --- a/exim.spec +++ b/exim.spec @@ -12,7 +12,7 @@ Summary: The exim mail transfer agent Name: exim Version: 4.67 -Release: 1%{?dist} +Release: 2%{?dist} License: GPL Url: http://www.exim.org/ Group: System Environment/Daemons @@ -447,6 +447,9 @@ test "$1" = 0 || %{_initrddir}/clamd.exim condrestart >/dev/null || : %{_sysconfdir}/cron.daily/greylist-tidy.sh %changelog +* Wed Jun 27 2007 David Woodhouse 4.67-2 +- Fix typo in config (#246799) + * Wed Jun 27 2007 David Woodhouse 4.67-1 - Update to 4.67 - Add config example for using a smarthost, with SMTP AUTH. From eece6cd197329e6caa72bda67a876b9bb237a10b Mon Sep 17 00:00:00 2001 From: David Woodhouse Date: Wed, 22 Aug 2007 13:34:14 +0000 Subject: [PATCH 054/194] rebuild --- exim.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/exim.spec b/exim.spec index 64da5f7..03a4836 100644 --- a/exim.spec +++ b/exim.spec @@ -12,7 +12,7 @@ Summary: The exim mail transfer agent Name: exim Version: 4.67 -Release: 2%{?dist} +Release: 3%{?dist} License: GPL Url: http://www.exim.org/ Group: System Environment/Daemons @@ -447,6 +447,9 @@ test "$1" = 0 || %{_initrddir}/clamd.exim condrestart >/dev/null || : %{_sysconfdir}/cron.daily/greylist-tidy.sh %changelog +* Wed Aug 22 2007 David Woodhouse 4.67-3 +- Rebuild + * Wed Jun 27 2007 David Woodhouse 4.67-2 - Fix typo in config (#246799) From 19d3445e3df2f7640b6ac9a8df84dc0637293cc4 Mon Sep 17 00:00:00 2001 From: David Woodhouse Date: Wed, 22 Aug 2007 14:38:03 +0000 Subject: [PATCH 055/194] licence --- exim.spec | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/exim.spec b/exim.spec index 03a4836..71f4ef1 100644 --- a/exim.spec +++ b/exim.spec @@ -12,8 +12,8 @@ Summary: The exim mail transfer agent Name: exim Version: 4.67 -Release: 3%{?dist} -License: GPL +Release: 4%{?dist} +License: GPLv2+ Url: http://www.exim.org/ Group: System Environment/Daemons Buildroot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) @@ -447,6 +447,9 @@ test "$1" = 0 || %{_initrddir}/clamd.exim condrestart >/dev/null || : %{_sysconfdir}/cron.daily/greylist-tidy.sh %changelog +* Wed Aug 22 2007 David Woodhouse 4.67-4 +- Update licence + * Wed Aug 22 2007 David Woodhouse 4.67-3 - Rebuild From f0ddfa51ef81639df31f16efda4a2ac8d1f5c595 Mon Sep 17 00:00:00 2001 From: David Woodhouse Date: Wed, 22 Aug 2007 17:24:06 +0000 Subject: [PATCH 056/194] handle open checking --- exim-4.67-open-macro.patch | 20 ++++++++++++++++++++ exim.spec | 7 ++++++- 2 files changed, 26 insertions(+), 1 deletion(-) create mode 100644 exim-4.67-open-macro.patch diff --git a/exim-4.67-open-macro.patch b/exim-4.67-open-macro.patch new file mode 100644 index 0000000..7876656 --- /dev/null +++ b/exim-4.67-open-macro.patch @@ -0,0 +1,20 @@ +--- exim-4.67/src/dbstuff.h~ 2007-04-17 14:06:39.000000000 +0100 ++++ exim-4.67/src/dbstuff.h 2007-08-22 18:10:52.000000000 +0100 +@@ -135,7 +135,7 @@ API changed for DB 4.1. */ + #define EXIM_DBOPEN(name, flags, mode, dbpp) \ + if (db_create(dbpp, NULL, 0) != 0 || \ + ((*dbpp)->set_errcall(*dbpp, dbfn_bdb_error_callback), \ +- (*dbpp)->open(*dbpp, NULL, CS name, NULL, \ ++ ((*dbpp)->open)(*dbpp, NULL, CS name, NULL, \ + ((flags) == O_RDONLY)? DB_UNKNOWN : DB_HASH, \ + ((flags) == O_RDONLY)? DB_RDONLY : DB_CREATE, \ + mode)) != 0) *(dbpp) = NULL +@@ -143,7 +143,7 @@ API changed for DB 4.1. */ + #define EXIM_DBOPEN(name, flags, mode, dbpp) \ + if (db_create(dbpp, NULL, 0) != 0 || \ + ((*dbpp)->set_errcall(*dbpp, dbfn_bdb_error_callback), \ +- (*dbpp)->open(*dbpp, CS name, NULL, \ ++ ((*dbpp)->open)(*dbpp, CS name, NULL, \ + ((flags) == O_RDONLY)? DB_UNKNOWN : DB_HASH, \ + ((flags) == O_RDONLY)? DB_RDONLY : DB_CREATE, \ + mode)) != 0) *(dbpp) = NULL diff --git a/exim.spec b/exim.spec index 71f4ef1..d6dc25f 100644 --- a/exim.spec +++ b/exim.spec @@ -12,7 +12,7 @@ Summary: The exim mail transfer agent Name: exim Version: 4.67 -Release: 4%{?dist} +Release: 5%{?dist} License: GPLv2+ Url: http://www.exim.org/ Group: System Environment/Daemons @@ -51,6 +51,7 @@ Patch20: exim-4.63-allow-filter.patch Patch21: exim-4.63-localhost-is-local.patch Patch22: exim-4.66-greylist-conf.patch Patch23: exim-4.67-smarthost-config.patch +Patch24: exim-4.67-open-macro.patch Requires: /etc/aliases BuildRequires: db4-devel openssl-devel openldap-devel pam-devel @@ -162,6 +163,7 @@ cp exim_monitor/EDITME Local/eximon.conf %patch21 -p1 -b .localhost %patch22 -p1 -b .grey %patch23 -p1 -b .smarthost +%patch24 -p1 -b .open %build %ifnarch s390 s390x @@ -447,6 +449,9 @@ test "$1" = 0 || %{_initrddir}/clamd.exim condrestart >/dev/null || : %{_sysconfdir}/cron.daily/greylist-tidy.sh %changelog +* Wed Aug 22 2007 David Woodhouse 4.67-5 +- Handle open() being a macro + * Wed Aug 22 2007 David Woodhouse 4.67-4 - Update licence From 863ea38ce93ea81d6e6adcba9214b4c2f76bc607 Mon Sep 17 00:00:00 2001 From: David Woodhouse Date: Wed, 22 Aug 2007 17:58:47 +0000 Subject: [PATCH 057/194] harder --- exim-4.67-open-macro.patch | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/exim-4.67-open-macro.patch b/exim-4.67-open-macro.patch index 7876656..9d5efbf 100644 --- a/exim-4.67-open-macro.patch +++ b/exim-4.67-open-macro.patch @@ -18,3 +18,14 @@ ((flags) == O_RDONLY)? DB_UNKNOWN : DB_HASH, \ ((flags) == O_RDONLY)? DB_RDONLY : DB_CREATE, \ mode)) != 0) *(dbpp) = NULL +--- exim-4.67/src/search.c~ 2007-04-17 14:06:40.000000000 +0100 ++++ exim-4.67/src/search.c 2007-08-22 18:57:33.000000000 +0100 +@@ -397,7 +397,7 @@ if (lk->type == lookup_absfile && open_f + /* If opening is successful, call the file-checking function if there is one, + and if all is still well, enter the open database into the tree. */ + +-handle = lk->open(filename, &search_error_message); ++handle = (lk->open)(filename, &search_error_message); + if (handle == NULL) + { + store_pool = old_pool; From 23c292a5f58c1bf18ec5f55b83ad65a18f348143 Mon Sep 17 00:00:00 2001 From: David Woodhouse Date: Fri, 31 Aug 2007 10:22:34 +0000 Subject: [PATCH 058/194] 4.68 --- .cvsignore | 2 +- exim.spec | 9 +++++---- sources | 2 +- 3 files changed, 7 insertions(+), 6 deletions(-) diff --git a/.cvsignore b/.cvsignore index c0903df..b413b69 100644 --- a/.cvsignore +++ b/.cvsignore @@ -1,2 +1,2 @@ sa-exim-4.2.tar.gz -exim-4.67.tar.bz2 +exim-4.68.tar.bz2 diff --git a/exim.spec b/exim.spec index d6dc25f..aebab72 100644 --- a/exim.spec +++ b/exim.spec @@ -11,8 +11,8 @@ Summary: The exim mail transfer agent Name: exim -Version: 4.67 -Release: 5%{?dist} +Version: 4.68 +Release: 1%{?dist} License: GPLv2+ Url: http://www.exim.org/ Group: System Environment/Daemons @@ -51,7 +51,6 @@ Patch20: exim-4.63-allow-filter.patch Patch21: exim-4.63-localhost-is-local.patch Patch22: exim-4.66-greylist-conf.patch Patch23: exim-4.67-smarthost-config.patch -Patch24: exim-4.67-open-macro.patch Requires: /etc/aliases BuildRequires: db4-devel openssl-devel openldap-devel pam-devel @@ -163,7 +162,6 @@ cp exim_monitor/EDITME Local/eximon.conf %patch21 -p1 -b .localhost %patch22 -p1 -b .grey %patch23 -p1 -b .smarthost -%patch24 -p1 -b .open %build %ifnarch s390 s390x @@ -449,6 +447,9 @@ test "$1" = 0 || %{_initrddir}/clamd.exim condrestart >/dev/null || : %{_sysconfdir}/cron.daily/greylist-tidy.sh %changelog +* Fri Aug 31 2007 David Woodhouse 4.68-1 +- Update to 4.68 + * Wed Aug 22 2007 David Woodhouse 4.67-5 - Handle open() being a macro diff --git a/sources b/sources index 07e8906..4b029d7 100644 --- a/sources +++ b/sources @@ -1,2 +1,2 @@ ad76f73c6b3d01caa88078e3e622745a sa-exim-4.2.tar.gz -9ee83186d9ac99e5ff297112aa6fddf0 exim-4.67.tar.bz2 +94c46a8bc24b3ad4ad892228449f378b exim-4.68.tar.bz2 From a97b57ff913564dbbabfd9bf0b5add37eeb07ff0 Mon Sep 17 00:00:00 2001 From: David Woodhouse Date: Fri, 31 Aug 2007 10:24:24 +0000 Subject: [PATCH 059/194] remove open patch --- exim-4.67-open-macro.patch | 31 ------------------------------- 1 file changed, 31 deletions(-) delete mode 100644 exim-4.67-open-macro.patch diff --git a/exim-4.67-open-macro.patch b/exim-4.67-open-macro.patch deleted file mode 100644 index 9d5efbf..0000000 --- a/exim-4.67-open-macro.patch +++ /dev/null @@ -1,31 +0,0 @@ ---- exim-4.67/src/dbstuff.h~ 2007-04-17 14:06:39.000000000 +0100 -+++ exim-4.67/src/dbstuff.h 2007-08-22 18:10:52.000000000 +0100 -@@ -135,7 +135,7 @@ API changed for DB 4.1. */ - #define EXIM_DBOPEN(name, flags, mode, dbpp) \ - if (db_create(dbpp, NULL, 0) != 0 || \ - ((*dbpp)->set_errcall(*dbpp, dbfn_bdb_error_callback), \ -- (*dbpp)->open(*dbpp, NULL, CS name, NULL, \ -+ ((*dbpp)->open)(*dbpp, NULL, CS name, NULL, \ - ((flags) == O_RDONLY)? DB_UNKNOWN : DB_HASH, \ - ((flags) == O_RDONLY)? DB_RDONLY : DB_CREATE, \ - mode)) != 0) *(dbpp) = NULL -@@ -143,7 +143,7 @@ API changed for DB 4.1. */ - #define EXIM_DBOPEN(name, flags, mode, dbpp) \ - if (db_create(dbpp, NULL, 0) != 0 || \ - ((*dbpp)->set_errcall(*dbpp, dbfn_bdb_error_callback), \ -- (*dbpp)->open(*dbpp, CS name, NULL, \ -+ ((*dbpp)->open)(*dbpp, CS name, NULL, \ - ((flags) == O_RDONLY)? DB_UNKNOWN : DB_HASH, \ - ((flags) == O_RDONLY)? DB_RDONLY : DB_CREATE, \ - mode)) != 0) *(dbpp) = NULL ---- exim-4.67/src/search.c~ 2007-04-17 14:06:40.000000000 +0100 -+++ exim-4.67/src/search.c 2007-08-22 18:57:33.000000000 +0100 -@@ -397,7 +397,7 @@ if (lk->type == lookup_absfile && open_f - /* If opening is successful, call the file-checking function if there is one, - and if all is still well, enter the open database into the tree. */ - --handle = lk->open(filename, &search_error_message); -+handle = (lk->open)(filename, &search_error_message); - if (handle == NULL) - { - store_pool = old_pool; From e65f1fc26196bbfe8e8d8562d061db299c290f0a Mon Sep 17 00:00:00 2001 From: David Woodhouse Date: Sun, 25 Nov 2007 19:19:53 +0000 Subject: [PATCH 060/194] fix IPv6 resender handling --- exim-greylist.conf.inc | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/exim-greylist.conf.inc b/exim-greylist.conf.inc index 57cce1b..bb22907 100644 --- a/exim-greylist.conf.inc +++ b/exim-greylist.conf.inc @@ -1,4 +1,4 @@ -# $Id: exim-greylist.conf.inc,v 1.5 2007/02/08 09:32:02 dwmw2 Exp $ +# $Id: acl-greylist-sqlite,v 1.3 2007/11/25 19:17:28 dwmw2 Exp $ GREYDB=/var/spool/exim/db/greylist.db @@ -52,9 +52,9 @@ greylist_mail: # Secondly, there's _absolutely_ no point in greylisting mail from # hosts which are known to resend their mail. Just accept it. - accept hosts = sqlite;GREYDB SELECT host from resenders \ + accept condition = ${lookup sqlite {GREYDB SELECT host from resenders \ WHERE helo='${quote_sqlite:$sender_helo_name}' \ - AND host='$sender_host_address'; + AND host='$sender_host_address';} {1}} # Generate a hashed 'identity' for the mail, as described above. warn set acl_m_greyident = ${hash{20}{62}{$sender_address$recipients$h_message-id:}} From 4d8eb5bf65ac8fabd7fea2454fec061b101fb0a1 Mon Sep 17 00:00:00 2001 From: David Woodhouse Date: Sun, 25 Nov 2007 19:25:05 +0000 Subject: [PATCH 061/194] fix greylist --- exim.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/exim.spec b/exim.spec index aebab72..ded8e48 100644 --- a/exim.spec +++ b/exim.spec @@ -12,7 +12,7 @@ Summary: The exim mail transfer agent Name: exim Version: 4.68 -Release: 1%{?dist} +Release: 2%{?dist} License: GPLv2+ Url: http://www.exim.org/ Group: System Environment/Daemons @@ -447,6 +447,9 @@ test "$1" = 0 || %{_initrddir}/clamd.exim condrestart >/dev/null || : %{_sysconfdir}/cron.daily/greylist-tidy.sh %changelog +* Sun Nov 25 2007 David Woodhouse 4.68-2 +- Fix handling of IPv6 addresses as "known resenders" in greylist + * Fri Aug 31 2007 David Woodhouse 4.68-1 - Update to 4.68 From 84e82374e586d0805b07d19a11ee497ae4885e33 Mon Sep 17 00:00:00 2001 From: David Woodhouse Date: Sun, 25 Nov 2007 19:25:54 +0000 Subject: [PATCH 062/194] improve changelog message --- exim.spec | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/exim.spec b/exim.spec index ded8e48..4b6ebea 100644 --- a/exim.spec +++ b/exim.spec @@ -448,7 +448,8 @@ test "$1" = 0 || %{_initrddir}/clamd.exim condrestart >/dev/null || : %changelog * Sun Nov 25 2007 David Woodhouse 4.68-2 -- Fix handling of IPv6 addresses as "known resenders" in greylist +- Fix handling of IPv6 addresses as "known resenders" in example greylist + configuration * Fri Aug 31 2007 David Woodhouse 4.68-1 - Update to 4.68 From 8f8b1c6ffd4b5dacc9a87cec341dbf3edbbbf4cc Mon Sep 17 00:00:00 2001 From: David Woodhouse Date: Wed, 5 Dec 2007 10:18:56 +0000 Subject: [PATCH 063/194] rebuild --- exim.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/exim.spec b/exim.spec index 4b6ebea..2fcec17 100644 --- a/exim.spec +++ b/exim.spec @@ -12,7 +12,7 @@ Summary: The exim mail transfer agent Name: exim Version: 4.68 -Release: 2%{?dist} +Release: 3%{?dist} License: GPLv2+ Url: http://www.exim.org/ Group: System Environment/Daemons @@ -447,6 +447,9 @@ test "$1" = 0 || %{_initrddir}/clamd.exim condrestart >/dev/null || : %{_sysconfdir}/cron.daily/greylist-tidy.sh %changelog +* Wed Dec 05 2007 David Woodhouse 4.68-3 +- Rebuild for OpenSSL/OpenLDAP + * Sun Nov 25 2007 David Woodhouse 4.68-2 - Fix handling of IPv6 addresses as "known resenders" in example greylist configuration From 89b37a2a50ddebec96ee71a8eaf7d3567856a85e Mon Sep 17 00:00:00 2001 From: David Woodhouse Date: Thu, 3 Jan 2008 12:44:08 +0000 Subject: [PATCH 064/194] 4.69 --- .cvsignore | 2 +- exim.spec | 10 +++++++--- sources | 2 +- 3 files changed, 9 insertions(+), 5 deletions(-) diff --git a/.cvsignore b/.cvsignore index b413b69..ae2b0dd 100644 --- a/.cvsignore +++ b/.cvsignore @@ -1,2 +1,2 @@ sa-exim-4.2.tar.gz -exim-4.68.tar.bz2 +exim-4.69.tar.bz2 diff --git a/exim.spec b/exim.spec index 2fcec17..6c3721c 100644 --- a/exim.spec +++ b/exim.spec @@ -11,13 +11,13 @@ Summary: The exim mail transfer agent Name: exim -Version: 4.68 -Release: 3%{?dist} +Version: 4.69 +Release: 1%{?dist} License: GPLv2+ Url: http://www.exim.org/ Group: System Environment/Daemons Buildroot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) -Provides: MTA smtpd smtpdaemon /usr/bin/newaliases +Provides: MTA smtpd smtpdaemon server(smtp) /usr/bin/newaliases Provides: /usr/sbin/sendmail /usr/bin/mailq /usr/bin/rmail Requires(post): /sbin/chkconfig /sbin/service %{_sbindir}/alternatives Requires(preun): /sbin/chkconfig /sbin/service %{_sbindir}/alternatives @@ -447,6 +447,10 @@ test "$1" = 0 || %{_initrddir}/clamd.exim condrestart >/dev/null || : %{_sysconfdir}/cron.daily/greylist-tidy.sh %changelog +* Thu Jan 03 2008 David Woodhouse 4.69-1 +- Update to 4.69 +- Provide server(smtp) (#380611) + * Wed Dec 05 2007 David Woodhouse 4.68-3 - Rebuild for OpenSSL/OpenLDAP diff --git a/sources b/sources index 4b029d7..45970ad 100644 --- a/sources +++ b/sources @@ -1,2 +1,2 @@ ad76f73c6b3d01caa88078e3e622745a sa-exim-4.2.tar.gz -94c46a8bc24b3ad4ad892228449f378b exim-4.68.tar.bz2 +6f29f073328c858d8554b08cc0c3c2be exim-4.69.tar.bz2 From 848c358c072b90221cc0760133dc4351026df617 Mon Sep 17 00:00:00 2001 From: Dennis Gilmore Date: Mon, 4 Feb 2008 16:56:43 +0000 Subject: [PATCH 065/194] sparc needs -fPIE not -fpie --- exim.spec | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/exim.spec b/exim.spec index 6c3721c..e1cd126 100644 --- a/exim.spec +++ b/exim.spec @@ -12,7 +12,7 @@ Summary: The exim mail transfer agent Name: exim Version: 4.69 -Release: 1%{?dist} +Release: 2%{?dist} License: GPLv2+ Url: http://www.exim.org/ Group: System Environment/Daemons @@ -164,7 +164,7 @@ cp exim_monitor/EDITME Local/eximon.conf %patch23 -p1 -b .smarthost %build -%ifnarch s390 s390x +%ifnarch s390 s390x sparc sparcv9 sparcv9v sparc64 sparc64v make CFLAGS="$RPM_OPT_FLAGS -fpie" LFLAGS=-pie _lib=%{_lib} %else make CFLAGS="$RPM_OPT_FLAGS -fPIE" LFLAGS=-pie _lib=%{_lib} @@ -447,6 +447,9 @@ test "$1" = 0 || %{_initrddir}/clamd.exim condrestart >/dev/null || : %{_sysconfdir}/cron.daily/greylist-tidy.sh %changelog +* Mon Feb 04 2008 Dennis Gilmore 4.69-2 +- sparc needs -fPIE not -fpie + * Thu Jan 03 2008 David Woodhouse 4.69-1 - Update to 4.69 - Provide server(smtp) (#380611) From 4f4a953aea10b027b4ce17c31269901894e17e9d Mon Sep 17 00:00:00 2001 From: David Woodhouse Date: Mon, 17 Mar 2008 09:04:03 +0000 Subject: [PATCH 066/194] new perl --- exim.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/exim.spec b/exim.spec index e1cd126..41f1b1e 100644 --- a/exim.spec +++ b/exim.spec @@ -12,7 +12,7 @@ Summary: The exim mail transfer agent Name: exim Version: 4.69 -Release: 2%{?dist} +Release: 3%{?dist} License: GPLv2+ Url: http://www.exim.org/ Group: System Environment/Daemons @@ -447,6 +447,9 @@ test "$1" = 0 || %{_initrddir}/clamd.exim condrestart >/dev/null || : %{_sysconfdir}/cron.daily/greylist-tidy.sh %changelog +* Mon Mar 17 2008 David Woodhouse 4.59-3 +- Rebuild for new perl + * Mon Feb 04 2008 Dennis Gilmore 4.69-2 - sparc needs -fPIE not -fpie From 4398a3ba3e1d1b2ef3f677d494b133bafe0e6d2d Mon Sep 17 00:00:00 2001 From: Tom Callaway Date: Tue, 18 Mar 2008 15:45:12 +0000 Subject: [PATCH 067/194] add Requires for versioned perl (libperl.so) --- exim.spec | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/exim.spec b/exim.spec index 41f1b1e..cdfe79b 100644 --- a/exim.spec +++ b/exim.spec @@ -12,7 +12,7 @@ Summary: The exim mail transfer agent Name: exim Version: 4.69 -Release: 3%{?dist} +Release: 4%{?dist} License: GPLv2+ Url: http://www.exim.org/ Group: System Environment/Daemons @@ -53,6 +53,7 @@ Patch22: exim-4.66-greylist-conf.patch Patch23: exim-4.67-smarthost-config.patch Requires: /etc/aliases +Requires: perl(:MODULE_COMPAT_%(eval "`%{__perl} -V:version`"; echo $version)) BuildRequires: db4-devel openssl-devel openldap-devel pam-devel BuildRequires: lynx pcre-devel sqlite-devel tcp_wrappers-devel BuildRequires: cyrus-sasl-devel openldap-devel openssl-devel mysql-devel postgresql-devel @@ -447,6 +448,9 @@ test "$1" = 0 || %{_initrddir}/clamd.exim condrestart >/dev/null || : %{_sysconfdir}/cron.daily/greylist-tidy.sh %changelog +* Tue Mar 18 2008 Tom "spot" Callaway 4.59-4 +- add Requires for versioned perl (libperl.so) + * Mon Mar 17 2008 David Woodhouse 4.59-3 - Rebuild for new perl From 8df1bb0bece693a480d2de07ce1c7e3df6b42364 Mon Sep 17 00:00:00 2001 From: David Woodhouse Date: Tue, 22 Apr 2008 17:30:01 +0000 Subject: [PATCH 068/194] dynlookups --- exim-4.50-config.patch | 4 +- exim-4.62-dlopen-localscan.patch | 4 +- exim-4.69-dynlookup-config.patch | 25 + exim-4.69-dynlookup.patch | 3368 ++++++++++++++++++++++++++++++ exim.spec | 56 +- 5 files changed, 3444 insertions(+), 13 deletions(-) create mode 100644 exim-4.69-dynlookup-config.patch create mode 100644 exim-4.69-dynlookup.patch diff --git a/exim-4.50-config.patch b/exim-4.50-config.patch index aecb30b..cf92b75 100644 --- a/exim-4.50-config.patch +++ b/exim-4.50-config.patch @@ -1,5 +1,5 @@ ---- exim-4.50/Local/Makefile.conf 2005-02-22 19:12:14.000000000 +0000 -+++ exim-4.50/Local/Makefile 2005-02-22 19:15:10.000000000 +0000 +--- exim-4.50/src/EDITME 2005-02-22 19:12:14.000000000 +0000 ++++ exim-4.50/src/EDITME 2005-02-22 19:15:10.000000000 +0000 @@ -100,7 +100,7 @@ # /usr/local/sbin. The installation script will try to create this directory, # and any superior directories, if they do not exist. diff --git a/exim-4.62-dlopen-localscan.patch b/exim-4.62-dlopen-localscan.patch index 2692ba4..03010eb 100644 --- a/exim-4.62-dlopen-localscan.patch +++ b/exim-4.62-dlopen-localscan.patch @@ -10,8 +10,8 @@ of exim until Philip has to break the API and increase the major number) Marc MERLIN diff -urN exim-4.14-0/src/EDITME exim-4.14-1/src/EDITME ---- exim-4.14-0/Local/Makefile Tue Mar 11 04:20:18 2003 -+++ exim-4.14-1/Local/Makefile Sun Mar 23 15:34:15 2003 +--- exim-4.14-0/src/EDITME Tue Mar 11 04:20:18 2003 ++++ exim-4.14-1/src/EDITME Sun Mar 23 15:34:15 2003 @@ -388,6 +388,20 @@ diff --git a/exim-4.69-dynlookup-config.patch b/exim-4.69-dynlookup-config.patch new file mode 100644 index 0000000..dc02ee7 --- /dev/null +++ b/exim-4.69-dynlookup-config.patch @@ -0,0 +1,25 @@ +diff -u exim-4.69/src/EDITME exim-4.69/src/EDITME +--- exim-4.69/src/EDITME 2008-04-19 23:48:03.000000000 +0100 ++++ exim-4.69/src/EDITME 2008-04-19 23:54:46.000000000 +0100 +@@ -282,15 +282,17 @@ + # LOOKUP_IBASE=yes + LOOKUP_LDAP=yes + LDAP_LIB_TYPE=OPENLDAP2 +-LOOKUP_INCLUDE=-I/usr/include/mysql +-LOOKUP_LIBS=-lldap -llber -lsqlite3 -L/usr/$(_lib)/mysql -lmysqlclient -lpq +-LOOKUP_MYSQL=yes ++LOOKUP_LIBS=-lldap -llber -lsqlite3 ++LOOKUP_MYSQL_INCLUDE=-I/usr/include/mysql ++LOOKUP_MYSQL_LIBS=-L/usr/${_lib}/mysql -lmysqlclient ++LOOKUP_PGSQL_LIBS=-lpq ++LOOKUP_MYSQL=2 + LOOKUP_NIS=yes + LOOKUP_NISPLUS=yes + # LOOKUP_ORACLE=yes + LOOKUP_PASSWD=yes +-LOOKUP_PGSQL=yes ++LOOKUP_PGSQL=2 + LOOKUP_SQLITE=yes + # LOOKUP_WHOSON=yes + + # These two settings are obsolete; all three lookups are compiled when diff --git a/exim-4.69-dynlookup.patch b/exim-4.69-dynlookup.patch new file mode 100644 index 0000000..002a8c8 --- /dev/null +++ b/exim-4.69-dynlookup.patch @@ -0,0 +1,3368 @@ +diff --git a/Makefile b/Makefile +index 08d023b..9878b23 100644 +--- a/Makefile ++++ b/Makefile +@@ -77,11 +77,11 @@ clean:; @echo ""; echo '*** "make clean" just removes all .o and .a files' + cd build-$(buildname); \ + $(RM_COMMAND) -f *.o lookups/*.o lookups/*.a auths/*.o auths/*.a \ + routers/*.o routers/*.a transports/*.o transports/*.a \ +- pcre/*.o pcre/*.a ++ pcre/*.o pcre/*.a lookups/*.so + + clean_exim:; cd build-$(buildname); \ + $(RM_COMMAND) -f *.o lookups/*.o lookups/*.a auths/*.o auths/*.a \ +- routers/*.o routers/*.a transports/*.o transports/*.a ++ routers/*.o routers/*.a transports/*.o transports/*.a lookups/*.so + + distclean:; $(RM_COMMAND) -rf build-* + +diff --git a/OS/Makefile-Base b/OS/Makefile-Base +index a2648e5..14b0867 100644 +--- a/OS/Makefile-Base ++++ b/OS/Makefile-Base +@@ -311,6 +311,7 @@ OBJ_EXIM = acl.o child.o crypt16.o daemon.o dbfn.o debug.o deliver.o \ + rda.o readconf.o receive.o retry.o rewrite.o rfc2047.o \ + route.o search.o sieve.o smtp_in.o smtp_out.o spool_in.o spool_out.o \ + store.o string.o tls.o tod.o transport.o tree.o verify.o \ ++ lookups/lf_quote.o lookups/lf_check_file.o lookups/lf_sqlperform.o \ + local_scan.o $(EXIM_PERL) $(OBJ_WITH_CONTENT_SCAN) \ + $(OBJ_WITH_OLD_DEMIME) $(OBJ_EXPERIMENTAL) + +diff --git a/scripts/Configure-Makefile b/scripts/Configure-Makefile +index 01fd316..9cd6d60 100755 +--- a/scripts/Configure-Makefile ++++ b/scripts/Configure-Makefile +@@ -107,7 +107,7 @@ do if test -r ../$f + echo "# End of $f" + echo "" + fi +-done >> $mft || exit 1 ++done | sed 's/^LOOKUP_/export LOOKUP_/' >> $mft || exit 1 + + # See if there is a definition of EXIM_PERL in what we have built so far. + # If so, run Perl to find the default values for PERL_CC, PERL_CCOPTS, +diff --git a/scripts/MakeLinks b/scripts/MakeLinks +index 257652c..f3daee2 100755 +--- a/scripts/MakeLinks ++++ b/scripts/MakeLinks +@@ -204,6 +204,7 @@ ln -s ../src/mytypes.h mytypes.h + ln -s ../src/osfunctions.h osfunctions.h + ln -s ../src/store.h store.h + ln -s ../src/structs.h structs.h ++ln -s ../src/lookupapi.h lookupapi.h + + ln -s ../src/acl.c acl.c + ln -s ../src/buildconfig.c buildconfig.c +diff --git a/src/EDITME b/src/EDITME +index 1438a38..cb2f7f7 100644 +--- a/src/EDITME ++++ b/src/EDITME +@@ -248,6 +248,9 @@ TRANSPORT_SMTP=yes + # SUPPORT_MAILSTORE=yes + # SUPPORT_MBX=yes + ++#------------------------------------------------------------------------------ ++# See below for dynamic lookup modules. ++# LOOKUP_MODULE_DIR=/usr/lib/exim/lookups/ + + #------------------------------------------------------------------------------ + # These settings determine which file and database lookup methods are included +@@ -257,6 +260,18 @@ TRANSPORT_SMTP=yes + # LOOKUP_DNSDB does *not* refer to general mail routing using the DNS. It is + # for the specialist case of using the DNS as a general database facility (not + # common). ++# If set to "2" instead of "yes" then the corresponding lookup will be ++# built as a module and must be installed into LOOKUP_MODULE_DIR. You need to ++# add -export-dynamic -rdynamic to EXTRALIBS. You may also need to add -ldl to ++# EXTRALIBS so that dlopen() is available to Exim. You need to define ++# LOOKUP_MODULE_DIR above so the exim binary actually loads dynamic lookup ++# modules. ++# Also, instead of adding all the libraries/includes to LOOKUP_INCLUDE and ++# LOOKUP_LIBS, add them to the respective LOOKUP_*_INCLUDE and LOOKUP_*_LIBS ++# (where * is the name as given here in this list). That ensures that only ++# the dynamic library and not the exim binary will be linked against the ++# library. ++# NOTE: LDAP cannot be built as a module! + + LOOKUP_DBM=yes + LOOKUP_LSEARCH=yes +diff --git a/src/config.h.defaults b/src/config.h.defaults +index ccf2696..bd271bf 100644 +--- a/src/config.h.defaults ++++ b/src/config.h.defaults +@@ -90,6 +90,8 @@ it's a default value. */ + #define LOOKUP_WILDLSEARCH + #define LOOKUP_NWILDLSEARCH + ++#define LOOKUP_MODULE_DIR ++ + #define MAX_FILTER_SIZE (1024*1024) + #define MAX_LOCALHOST_NUMBER 256 + #define MAX_INCLUDE_SIZE (1024*1024) +diff --git a/src/drtables.c b/src/drtables.c +index 426933c..dc4e15f 100644 +--- a/src/drtables.c ++++ b/src/drtables.c +@@ -10,6 +10,8 @@ + + #include "exim.h" + ++#include ++#include + + /* This module contains tables that define the lookup methods and drivers + that are actually included in the binary. Its contents are controlled by +@@ -31,535 +33,8 @@ even pickier compilers complaining about infinite loops. */ + + static void dummy(int x) { dummy(x-1); } + +- +-/* Table of information about all possible lookup methods. The entries are +-always present, but the "open" and "find" functions are set to NULL for those +-that are not compiled into the binary. The "check" and "close" functions can +-be NULL for methods that don't need them. */ +- +-#ifdef LOOKUP_CDB +-#include "lookups/cdb.h" +-#endif +- +-#ifdef LOOKUP_DBM +-#include "lookups/dbmdb.h" +-#endif +- +-#ifdef LOOKUP_DNSDB +-#include "lookups/dnsdb.h" +-#endif +- +-#ifdef LOOKUP_DSEARCH +-#include "lookups/dsearch.h" +-#endif +- +-#ifdef LOOKUP_IBASE +-#include "lookups/ibase.h" +-#endif +- +-#ifdef LOOKUP_LDAP +-#include "lookups/ldap.h" +-#endif +- +-#ifdef LOOKUP_LSEARCH +-#include "lookups/lsearch.h" +-#endif +- +-#ifdef LOOKUP_MYSQL +-#include "lookups/mysql.h" +-#endif +- +-#ifdef LOOKUP_NIS +-#include "lookups/nis.h" +-#endif +- +-#ifdef LOOKUP_NISPLUS +-#include "lookups/nisplus.h" +-#endif +- +-#ifdef LOOKUP_ORACLE +-#include "lookups/oracle.h" +-#endif +- +-#ifdef LOOKUP_PASSWD +-#include "lookups/passwd.h" +-#endif +- +-#ifdef LOOKUP_PGSQL +-#include "lookups/pgsql.h" +-#endif +- +-#ifdef EXPERIMENTAL_SPF +-#include "lookups/spf.h" +-#endif +- +-#ifdef LOOKUP_SQLITE +-#include "lookups/sqlite.h" +-#endif +- +-#ifdef LOOKUP_TESTDB +-#include "lookups/testdb.h" +-#endif +- +-#ifdef LOOKUP_WHOSON +-#include "lookups/whoson.h" +-#endif +- +-#ifdef EXPERIMENTAL_DKIM +-#include "lookups/dkim.h" +-#endif +- +- +-/* The second field in each item below is a set of bit flags: +- +- lookup_querystyle => this is a query-style lookup, +- else single-key (+ file) style +- lookup_absfile => an absolute file name is required, +- (for single-key style only) +- +-This list must be in alphabetical order of lookup name because it is +-searched by binary chop, having got rather large for the original linear +-searching. */ +- +-lookup_info lookup_list[] = { +- +-/* cdb lookup in single file */ +- +- { +- US"cdb", /* lookup name */ +- lookup_absfile, /* uses absolute file name */ +-#ifdef LOOKUP_CDB +- cdb_open, /* open function */ +- cdb_check, /* check function */ +- cdb_find, /* find function */ +- cdb_close, /* close function */ +- NULL, /* no tidy function */ +- NULL /* no quoting function */ +-#else +- NULL, NULL, NULL, NULL, NULL, NULL /* lookup not present */ +-#endif +- }, +- +-/* DBM file lookup; called "dbm" because that is the name in Exim, +-but the code is called dbmdb to avoid name clashes. */ +- +- { +- US"dbm", /* lookup name */ +- lookup_absfile, /* uses absolute file name */ +-#ifdef LOOKUP_DBM +- dbmdb_open, /* open function */ +- dbmdb_check, /* check function */ +- dbmdb_find, /* find function */ +- dbmdb_close, /* close function */ +- NULL, /* no tidy function */ +- NULL /* no quoting function */ +-#else +- NULL, NULL, NULL, NULL, NULL, NULL /* lookup not present */ +-#endif +- }, +- +-/* This variant of DBM does not include the binary zero on the end +-of the key strings. */ +- +- { +- US"dbmnz", /* lookup name */ +- lookup_absfile, /* uses absolute file name */ +-#ifdef LOOKUP_DBM +- dbmdb_open, /* sic */ /* open function */ +- dbmdb_check, /* sic */ /* check function */ +- dbmnz_find, /* find function */ +- dbmdb_close, /* sic */ /* close function */ +- NULL, /* no tidy function */ +- NULL /* no quoting function */ +-#else +- NULL, NULL, NULL, NULL, NULL, NULL /* lookup not present */ +-#endif +- }, +- +-/* DKIM lookups */ +- +- { +- US"dkim", /* lookup name */ +- lookup_querystyle, /* query style */ +-#ifdef EXPERIMENTAL_DKIM +- dkim_open, /* open function */ +- NULL, /* check function */ +- dkim_find, /* find function */ +- NULL, /* no close function */ +- NULL, /* no tidy function */ +- NULL /* no quoting function */ +-#else +- NULL, NULL, NULL, NULL, NULL, NULL /* lookup not present */ +-#endif +- }, +- +-/* Using DNS TXT records as a database */ +- +- { +- US"dnsdb", /* lookup name */ +- lookup_querystyle, /* query style */ +-#ifdef LOOKUP_DNSDB +- dnsdb_open, /* open function */ +- NULL, /* check function */ +- dnsdb_find, /* find function */ +- NULL, /* no close function */ +- NULL, /* no tidy function */ +- NULL /* no quoting function */ +-#else +- NULL, NULL, NULL, NULL, NULL, NULL /* lookup not present */ +-#endif +- }, +- +-/* Search of files in a directory */ +- +- { +- US"dsearch", /* lookup name */ +- lookup_absfile, /* uses absolute file name */ +-#ifdef LOOKUP_DSEARCH +- dsearch_open, /* open function */ +- dsearch_check, /* check function */ +- dsearch_find, /* find function */ +- dsearch_close, /* close function */ +- NULL, /* no tidy function */ +- NULL /* no quoting function */ +-#else +- NULL, NULL, NULL, NULL, NULL, NULL /* lookup not present */ +-#endif +- }, +- +-/* Interbase lookup */ +- +- { +- US"ibase", /* lookup name */ +- lookup_querystyle, /* query-style lookup */ +-#ifdef LOOKUP_IBASE +- ibase_open, /* open function */ +- NULL, /* no check function */ +- ibase_find, /* find function */ +- NULL, /* no close function */ +- ibase_tidy, /* tidy function */ +- ibase_quote /* quoting function */ +-#else +- NULL, NULL, NULL, NULL, NULL, NULL /* lookup not present */ +-#endif +- }, +- +-/* Linear search of single file with ip-addresses and networks; shares many +-functions with lsearch. */ +- +- { +- US"iplsearch", /* lookup name */ +- lookup_absfile, /* uses absolute file name */ +-#ifdef LOOKUP_LSEARCH +- lsearch_open, /* open function */ +- lsearch_check, /* check function */ +- iplsearch_find, /* find function */ +- lsearch_close, /* close function */ +- NULL, /* no tidy function */ +- NULL /* no quoting function */ +-#else +- NULL, NULL, NULL, NULL, NULL, NULL /* lookup not present */ +-#endif +- }, +- +-/* LDAP lookup, allowing data from only one entry to be returned */ +- +- { +- US"ldap", /* lookup name */ +- lookup_querystyle, /* query-style lookup */ +-#ifdef LOOKUP_LDAP +- eldap_open, /* open function */ +- NULL, /* check function */ +- eldap_find, /* find function */ +- NULL, /* no close function */ +- eldap_tidy, /* tidy function */ +- eldap_quote /* quoting function */ +-#else +- NULL, NULL, NULL, NULL, NULL, NULL /* lookup not present */ +-#endif +- }, +- +-/* LDAP lookup, allowing the DN from more one entry to be returned */ +- +- { +- US"ldapdn", /* lookup name */ +- lookup_querystyle, /* query-style lookup */ +-#ifdef LOOKUP_LDAP +- eldap_open, /* sic */ /* open function */ +- NULL, /* check function */ +- eldapdn_find, /* find function */ +- NULL, /* no close function */ +- eldap_tidy, /* sic */ /* tidy function */ +- eldap_quote /* sic */ /* quoting function */ +-#else +- NULL, NULL, NULL, NULL, NULL, NULL /* lookup not present */ +-#endif +- }, +- +-/* LDAP lookup, allowing data from more than one entry to be returned */ +- +- { +- US"ldapm", /* lookup name */ +- lookup_querystyle, /* query-style lookup */ +-#ifdef LOOKUP_LDAP +- eldap_open, /* sic */ /* open function */ +- NULL, /* check function */ +- eldapm_find, /* find function */ +- NULL, /* no close function */ +- eldap_tidy, /* sic */ /* tidy function */ +- eldap_quote /* sic */ /* quoting function */ +-#else +- NULL, NULL, NULL, NULL, NULL, NULL /* lookup not present */ +-#endif +- }, +- +-/* Linear search of single file */ +- +- { +- US"lsearch", /* lookup name */ +- lookup_absfile, /* uses absolute file name */ +-#ifdef LOOKUP_LSEARCH +- lsearch_open, /* open function */ +- lsearch_check, /* check function */ +- lsearch_find, /* find function */ +- lsearch_close, /* close function */ +- NULL, /* no tidy function */ +- NULL /* no quoting function */ +-#else +- NULL, NULL, NULL, NULL, NULL, NULL /* lookup not present */ +-#endif +- }, +- +-/* MYSQL lookup */ +- +- { +- US"mysql", /* lookup name */ +- lookup_querystyle, /* query-style lookup */ +-#ifdef LOOKUP_MYSQL +- mysql_open, /* open function */ +- NULL, /* no check function */ +- mysql_find, /* find function */ +- NULL, /* no close function */ +- mysql_tidy, /* tidy function */ +- mysql_quote /* quoting function */ +-#else +- NULL, NULL, NULL, NULL, NULL, NULL /* lookup not present */ +-#endif +- }, +- +-/* NIS lookup, excluding trailing 0 from key */ +- +- { +- US"nis", /* lookup name */ +- 0, /* not abs file, not query style*/ +-#ifdef LOOKUP_NIS +- nis_open, /* open function */ +- NULL, /* check function */ +- nis_find, /* find function */ +- NULL, /* no close function */ +- NULL, /* no tidy function */ +- NULL /* no quoting function */ +-#else +- NULL, NULL, NULL, NULL, NULL, NULL /* lookup not present */ +-#endif +- }, +- +-/* NIS lookup, including trailing 0 in key */ +- +- { +- US"nis0", /* lookup name */ +- 0, /* not absfile, not query style */ +-#ifdef LOOKUP_NIS +- nis_open, /* sic */ /* open function */ +- NULL, /* check function */ +- nis0_find, /* find function */ +- NULL, /* no close function */ +- NULL, /* no tidy function */ +- NULL /* no quoting function */ +-#else +- NULL, NULL, NULL, NULL, NULL, NULL /* lookup not present */ +-#endif +- }, +- +-/* NIS+ lookup */ +- +- { +- US"nisplus", /* lookup name */ +- lookup_querystyle, /* query-style lookup */ +-#ifdef LOOKUP_NISPLUS +- nisplus_open, /* open function */ +- NULL, /* check function */ +- nisplus_find, /* find function */ +- NULL, /* no close function */ +- NULL, /* no tidy function */ +- nisplus_quote /* quoting function */ +-#else +- NULL, NULL, NULL, NULL, NULL, NULL /* lookup not present */ +-#endif +- }, +- +-/* Linear search of single file, with wildcarding but no pattern expansion. +-Shares many functions with lsearch. */ +- +- { +- US"nwildlsearch", /* lookup name */ +- lookup_absfile, /* uses absolute file name */ +-#ifdef LOOKUP_LSEARCH +- lsearch_open, /* open function */ +- lsearch_check, /* check function */ +- nwildlsearch_find, /* find function */ +- lsearch_close, /* close function */ +- NULL, /* no tidy function */ +- NULL /* no quoting function */ +-#else +- NULL, NULL, NULL, NULL, NULL, NULL /* lookup not present */ +-#endif +- }, +- +-/* Oracle lookup */ +- +- { +- US"oracle", /* lookup name */ +- lookup_querystyle, /* query-style lookup */ +-#ifdef LOOKUP_ORACLE +- oracle_open, /* open function */ +- NULL, /* check function */ +- oracle_find, /* find function */ +- NULL, /* no close function */ +- oracle_tidy, /* tidy function */ +- oracle_quote /* quoting function */ +-#else +- NULL, NULL, NULL, NULL, NULL, NULL /* lookup not present */ +-#endif +- }, +- +-/* passwd lookup */ +- +- { +- US"passwd", /* lookup name */ +- lookup_querystyle, /* query-style lookup */ +-#ifdef LOOKUP_PASSWD +- passwd_open, /* open function */ +- NULL, /* no check function */ +- passwd_find, /* find function */ +- NULL, /* no close function */ +- NULL, /* no tidy function */ +- NULL /* no quoting function */ +-#else +- NULL, NULL, NULL, NULL, NULL, NULL /* lookup not present */ +-#endif +- }, +- +-/* PGSQL lookup */ +- +- { +- US"pgsql", /* lookup name */ +- lookup_querystyle, /* query-style lookup */ +-#ifdef LOOKUP_PGSQL +- pgsql_open, /* open function */ +- NULL, /* no check function */ +- pgsql_find, /* find function */ +- NULL, /* no close function */ +- pgsql_tidy, /* tidy function */ +- pgsql_quote /* quoting function */ +-#else +- NULL, NULL, NULL, NULL, NULL, NULL /* lookup not present */ +-#endif +- }, +- +-/* SPF lookup */ +- +- { +- US"spf", /* lookup name */ +- 0, /* not absfile, not query style */ +-#ifdef EXPERIMENTAL_SPF +- spf_open, /* open function */ +- NULL, /* no check function */ +- spf_find, /* find function */ +- spf_close, /* close function */ +- NULL, /* no tidy function */ +- NULL /* no quoting function */ +-#else +- NULL, NULL, NULL, NULL, NULL, NULL /* lookup not present */ +-#endif +- }, +- +-/* sqlite lookup */ +- +- { +- US"sqlite", /* lookup name */ +- lookup_absfilequery, /* query-style lookup, starts with file name */ +-#ifdef LOOKUP_SQLITE +- sqlite_open, /* open function */ +- NULL, /* no check function */ +- sqlite_find, /* find function */ +- sqlite_close, /* close function */ +- NULL, /* no tidy function */ +- sqlite_quote /* quoting function */ +-#else +- NULL, NULL, NULL, NULL, NULL, NULL /* lookup not present */ +-#endif +- }, +- +-/* Testdb lookup is for testing Exim, not useful for normal running. +-For that reason, we omit the entry entirely when not building it into +-the binary, so that attempts to use it give "unknown lookup type" instead +-of "lookup type not available". */ +- +-#ifdef LOOKUP_TESTDB +- { +- US"testdb", /* lookup name */ +- lookup_querystyle, /* query-style lookup */ +- testdb_open, /* open function */ +- NULL, /* check function */ +- testdb_find, /* find function */ +- NULL, /* no close function */ +- NULL, /* no tidy function */ +- NULL /* no quoting function */ +- }, +-#endif +- +-/* "Whoson" lookup */ +- +- { +- US"whoson", /* lookup name */ +- lookup_querystyle, /* query-style lookup */ +-#ifdef LOOKUP_WHOSON +- whoson_open, /* open function */ +- NULL, /* check function */ +- whoson_find, /* find function */ +- NULL, /* no close function */ +- NULL, /* no tidy function */ +- NULL /* no quoting function */ +-#else +- NULL, NULL, NULL, NULL, NULL, NULL /* lookup not present */ +-#endif +- }, +- +-/* Linear search of single file, with wildcarding and pattern expansion. Shares +-many functions with lsearch. */ +- +- { +- US"wildlsearch", /* lookup name */ +- lookup_absfile, /* uses absolute file name */ +-#ifdef LOOKUP_LSEARCH +- lsearch_open, /* open function */ +- lsearch_check, /* check function */ +- wildlsearch_find, /* find function */ +- lsearch_close, /* close function */ +- NULL, /* no tidy function */ +- NULL /* no quoting function */ +-#else +- NULL, NULL, NULL, NULL, NULL, NULL /* lookup not present */ +-#endif +- } +-}; +- +-/* Number of entries in the list */ +- +-int lookup_list_count = sizeof(lookup_list)/sizeof(lookup_info); +- +- ++lookup_info **lookup_list; ++int lookup_list_count = 0; + + /* Table of information about all possible authentication mechamisms. All + entries are always present if any mechanism is declared, but the functions are +@@ -887,4 +362,226 @@ transport_info transports_available[] = { + { US"", NULL, NULL, NULL, 0, NULL, NULL, NULL, NULL, FALSE } + }; + ++struct lookupmodulestr ++{ ++ void *dl; ++ struct lookup_module_info *info; ++ struct lookupmodulestr *next; ++}; ++ ++static struct lookupmodulestr *lookupmodules = NULL; ++ ++static void addlookupmodule(void *dl, struct lookup_module_info *info) ++{ ++ struct lookupmodulestr *p = store_malloc(sizeof(struct lookupmodulestr)); ++ p->dl = dl; ++ p->info = info; ++ p->next = lookupmodules; ++ lookupmodules = p; ++ lookup_list_count += info->lookupcount; ++} ++ ++/* only valid after lookup_list and lookup_list_count are assigned */ ++static void add_lookup_to_list(lookup_info *info) ++{ ++ /* need to add the lookup to lookup_list, sorted */ ++ int pos = 0; ++ ++ /* strategy is to go through the list until we find ++ * either an empty spot or a name that is higher. ++ * this can't fail because we have enough space. */ ++ while (lookup_list[pos] ++ && (Ustrcmp(lookup_list[pos]->name, info->name) <= 0)) { ++ pos++; ++ } ++ if (lookup_list[pos]) { ++ /* need to insert it, so move all the other items up ++ * (last slot is still empty, of course) */ ++ memmove(&lookup_list[pos+1], ++ &lookup_list[pos], ++ sizeof(lookup_info **) * (lookup_list_count-pos-1)); ++ } ++ lookup_list[pos] = info; ++} ++ ++void init_lookup_list(void) ++{ ++ DIR *dd; ++ struct dirent *ent; ++ const pcre *regex_islookupmod = regex_must_compile("\\.so$", FALSE, TRUE); ++ int countmodules = 0; ++ int moduleerrors = 0; ++ struct lookupmodulestr *p; ++ ++#if defined(LOOKUP_CDB) && LOOKUP_CDB!=2 ++extern lookup_module_info cdb_lookup_module_info; ++ addlookupmodule(NULL, &cdb_lookup_module_info); ++#endif ++ ++#if defined(LOOKUP_DBM) && LOOKUP_DBM!=2 ++extern lookup_module_info dbmdb_lookup_module_info; ++ addlookupmodule(NULL, &dbmdb_lookup_module_info); ++#endif ++ ++#if defined(LOOKUP_DKIM) && LOOKUP_DKIM!=2 ++extern lookup_module_info dkim_lookup_module_info; ++ addlookupmodule(NULL, &dkim_lookup_module_info); ++#endif ++ ++#if defined(LOOKUP_DNSDB) && LOOKUP_DNSDB!=2 ++extern lookup_module_info dnsdb_lookup_module_info; ++ addlookupmodule(NULL, &dnsdb_lookup_module_info); ++#endif ++ ++#if defined(LOOKUP_DSEARCH) && LOOKUP_DSEARCH!=2 ++extern lookup_module_info dsearch_lookup_module_info; ++ addlookupmodule(NULL, &dsearch_lookup_module_info); ++#endif ++ ++#if defined(LOOKUP_IBASE) && LOOKUP_IBASE!=2 ++extern lookup_module_info ibase_lookup_module_info; ++ addlookupmodule(NULL, &ibase_lookup_module_info); ++#endif ++ ++#ifdef LOOKUP_LDAP ++extern lookup_module_info ldap_lookup_module_info; ++ addlookupmodule(NULL, &ldap_lookup_module_info); ++#endif ++ ++#if defined(LOOKUP_LSEARCH) && LOOKUP_LSEARCH!=2 ++extern lookup_module_info lsearch_lookup_module_info; ++ addlookupmodule(NULL, &lsearch_lookup_module_info); ++#endif ++ ++#if defined(LOOKUP_MYSQL) && LOOKUP_MYSQL!=2 ++extern lookup_module_info mysql_lookup_module_info; ++ addlookupmodule(NULL, &mysql_lookup_module_info); ++#endif ++ ++#if defined(LOOKUP_NIS) && LOOKUP_NIS!=2 ++extern lookup_module_info nis_lookup_module_info; ++ addlookupmodule(NULL, &nis_lookup_module_info); ++#endif ++ ++#if defined(LOOKUP_NISPLUS) && LOOKUP_NISPLUS!=2 ++extern lookup_module_info nisplus_lookup_module_info; ++ addlookupmodule(NULL, &nisplus_lookup_module_info); ++#endif ++ ++#if defined(LOOKUP_ORACLE) && LOOKUP_ORACLE!=2 ++extern lookup_module_info oracle_lookup_module_info; ++ addlookupmodule(NULL, &oracle_lookup_module_info); ++#endif ++ ++#if defined(LOOKUP_PASSWD) && LOOKUP_PASSWD!=2 ++extern lookup_module_info passwd_lookup_module_info; ++ addlookupmodule(NULL, &passwd_lookup_module_info); ++#endif ++ ++#if defined(LOOKUP_PGSQL) && LOOKUP_PGSQL!=2 ++extern lookup_module_info pgsql_lookup_module_info; ++ addlookupmodule(NULL, &pgsql_lookup_module_info); ++#endif ++ ++#ifdef EXPERIMENTAL_SPF ++extern lookup_module_info spf_lookup_module_info; ++ addlookupmodule(NULL, &spf_lookup_module_info); ++#endif ++ ++#if defined(LOOKUP_SQLITE) && LOOKUP_SQLITE!=2 ++extern lookup_module_info sqlite_lookup_module_info; ++ addlookupmodule(NULL, &sqlite_lookup_module_info); ++#endif ++ ++#if defined(LOOKUP_TESTDB) && LOOKUP_TESTDB!=2 ++extern lookup_module_info testdb_lookup_module_info; ++ addlookupmodule(NULL, &testdb_lookup_module_info); ++#endif ++ ++#if defined(LOOKUP_WHOSON) && LOOKUP_WHOSON!=2 ++extern lookup_module_info whoson_lookup_module_info; ++ addlookupmodule(NULL, &whoson_lookup_module_info); ++#endif ++ ++#ifdef LOOKUP_MODULE_DIR ++ dd = opendir(LOOKUP_MODULE_DIR); ++ if (dd == NULL) { ++ DEBUG(5) debug_printf("Couldn't open %s: not loading lookup modules\n", LOOKUP_MODULE_DIR); ++ } ++ else { ++ DEBUG(9) debug_printf("Loading lookup modules from %s\n", LOOKUP_MODULE_DIR); ++ while ((ent = readdir(dd)) != NULL) { ++ char *name = ent->d_name; ++ int len = (int)strlen(name); ++ if (pcre_exec(regex_islookupmod, NULL, name, len, 0, PCRE_EOPT, NULL, 0) >= 0) { ++ int pathnamelen = len + (int)strlen(LOOKUP_MODULE_DIR) + 2; ++ void *dl; ++ struct lookup_module_info *info; ++ char *errormsg; ++ ++ /* SRH: am I being paranoid here or what? */ ++ if (pathnamelen > big_buffer_size) { ++ fprintf(stderr, "%s/%s: name too long\n", LOOKUP_MODULE_DIR, name); ++ continue; ++ } ++ ++ /* SRH: snprintf here? */ ++ sprintf(big_buffer, "%s/%s", LOOKUP_MODULE_DIR, name); ++ ++ dl = dlopen(big_buffer, RTLD_NOW);// TJ was LAZY ++ if (dl == NULL) { ++ fprintf(stderr, "Error loading %s: %s\n", name, dlerror()); ++ moduleerrors++; ++ continue; ++ } ++ ++ info = (struct lookup_module_info*) dlsym(dl, "_lookup_module_info"); ++ if ((errormsg = dlerror()) != NULL) { ++ fprintf(stderr, "%s does not appear to be a lookup module (%s)\n", name, errormsg); ++ dlclose(dl); ++ moduleerrors++; ++ continue; ++ } ++ if (info->magic != LOOKUP_MODULE_INFO_MAGIC) { ++ fprintf(stderr, "Lookup module %s is not compatible with this version of Exim\n", name); ++ dlclose(dl); ++ moduleerrors++; ++ continue; ++ } ++ ++ addlookupmodule(dl, info); ++ DEBUG(9) debug_printf("Loaded \"%s\" (%d lookup types)\n", name, info->lookupcount); ++ countmodules++; ++ } ++ } ++ closedir(dd); ++ } ++ ++ DEBUG(9) debug_printf("Loaded %d lookup modules\n", countmodules); ++#endif ++ ++ store_free((void*)regex_islookupmod); ++ ++ DEBUG(4) debug_printf("Total %d lookups\n", lookup_list_count); ++ ++ lookup_list = store_malloc(sizeof(lookup_info *) * lookup_list_count); ++ memset(lookup_list, 0, sizeof(lookup_info *) * lookup_list_count); ++ ++ /* now add all lookups to the real list */ ++ p = lookupmodules; ++ while (p) { ++ int j; ++ struct lookupmodulestr *pnext; ++ ++ for (j = 0; j < p->info->lookupcount; j++) ++ add_lookup_to_list(p->info->lookups[j]); ++ ++ pnext = p->next; ++ store_free(p); ++ p = pnext; ++ } ++ /* just to be sure */ ++ lookupmodules = NULL; ++} ++ + /* End of drtables.c */ +diff --git a/src/exim.c b/src/exim.c +index 3509b1d..abf59b9 100644 +--- a/src/exim.c ++++ b/src/exim.c +@@ -928,53 +928,53 @@ fprintf(f, "Support for:"); + #endif + fprintf(f, "\n"); + +-fprintf(f, "Lookups:"); +-#ifdef LOOKUP_LSEARCH ++fprintf(f, "Lookups (built-in):"); ++#if defined(LOOKUP_LSEARCH) && LOOKUP_LSEARCH!=2 + fprintf(f, " lsearch wildlsearch nwildlsearch iplsearch"); + #endif +-#ifdef LOOKUP_CDB ++#if defined(LOOKUP_CDB) && LOOKUP_CDB!=2 + fprintf(f, " cdb"); + #endif +-#ifdef LOOKUP_DBM ++#if defined(LOOKUP_DBM) && LOOKUP_DBM!=2 + fprintf(f, " dbm dbmnz"); + #endif +-#ifdef LOOKUP_DNSDB ++#if defined(LOOKUP_DNSDB) && LOOKUP_DNSDB!=2 + fprintf(f, " dnsdb"); + #endif +-#ifdef LOOKUP_DSEARCH ++#if defined(LOOKUP_DSEARCH) && LOOKUP_DSEARCH!=2 + fprintf(f, " dsearch"); + #endif +-#ifdef LOOKUP_IBASE ++#if defined(LOOKUP_IBASE) && LOOKUP_IBASE!=2 + fprintf(f, " ibase"); + #endif +-#ifdef LOOKUP_LDAP ++#if defined(LOOKUP_LDAP) && LOOKUP_LDAP!=2 + fprintf(f, " ldap ldapdn ldapm"); + #endif +-#ifdef LOOKUP_MYSQL ++#if defined(LOOKUP_MYSQL) && LOOKUP_MYSQL!=2 + fprintf(f, " mysql"); + #endif +-#ifdef LOOKUP_NIS ++#if defined(LOOKUP_NIS) && LOOKUP_NIS!=2 + fprintf(f, " nis nis0"); + #endif +-#ifdef LOOKUP_NISPLUS ++#if defined(LOOKUP_NISPLUS) && LOOKUP_NISPLUS!=2 + fprintf(f, " nisplus"); + #endif +-#ifdef LOOKUP_ORACLE ++#if defined(LOOKUP_ORACLE) && LOOKUP_ORACLE!=2 + fprintf(f, " oracle"); + #endif +-#ifdef LOOKUP_PASSWD ++#if defined(LOOKUP_PASSWD) && LOOKUP_PASSWD!=2 + fprintf(f, " passwd"); + #endif +-#ifdef LOOKUP_PGSQL ++#if defined(LOOKUP_PGSQL) && LOOKUP_PGSQL!=2 + fprintf(f, " pgsql"); + #endif +-#ifdef LOOKUP_SQLITE ++#if defined(LOOKUP_SQLITE) && LOOKUP_SQLITE!=2 + fprintf(f, " sqlite"); + #endif +-#ifdef LOOKUP_TESTDB ++#if defined(LOOKUP_TESTDB) && LOOKUP_TESTDB!=2 + fprintf(f, " testdb"); + #endif +-#ifdef LOOKUP_WHOSON ++#if defined(LOOKUP_WHOSON) && LOOKUP_WHOSON!=2 + fprintf(f, " whoson"); + #endif + fprintf(f, "\n"); +@@ -3427,6 +3427,9 @@ if (opt_perl_at_start && opt_perl_startup != NULL) + } + #endif /* EXIM_PERL */ + ++/* Initialise lookup_list */ ++init_lookup_list(); ++ + /* Log the arguments of the call if the configuration file said so. This is + a debugging feature for finding out what arguments certain MUAs actually use. + Don't attempt it if logging is disabled, or if listing variables or if +diff --git a/src/expand.c b/src/expand.c +index 0844e8e..dc98145 100644 +--- a/src/expand.c ++++ b/src/expand.c +@@ -5378,8 +5378,8 @@ while (*s != 0) + goto EXPAND_FAILED; + } + +- if (lookup_list[n].quote != NULL) +- sub = (lookup_list[n].quote)(sub, opt); ++ if (lookup_list[n]->quote != NULL) ++ sub = (lookup_list[n]->quote)(sub, opt); + else if (opt != NULL) sub = NULL; + + if (sub == NULL) +diff --git a/src/globals.h b/src/globals.h +index 9b25958..7d20140 100644 +--- a/src/globals.h ++++ b/src/globals.h +@@ -438,7 +438,7 @@ extern BOOL log_testing_mode; /* TRUE in various testing modes */ + extern BOOL log_timezone; /* TRUE to include the timezone in log lines */ + extern unsigned int log_write_selector;/* Bit map of logging options for log_write() */ + extern uschar *login_sender_address; /* The actual sender address */ +-extern lookup_info lookup_list[]; /* Vector of available lookups */ ++extern lookup_info **lookup_list; /* Array of pointers to available lookups */ + extern int lookup_list_count; /* Number of entries in the list */ + extern int lookup_open_max; /* Max lookup files to cache */ + extern uschar *lookup_value; /* Value looked up from file */ +diff --git a/src/lookupapi.h b/src/lookupapi.h +new file mode 100644 +index 0000000..4dab4c9 +--- /dev/null ++++ b/src/lookupapi.h +@@ -0,0 +1,45 @@ ++/* The "type" field in each item is a set of bit flags: ++ ++ lookup_querystyle => this is a query-style lookup, ++ else single-key (+ file) style ++ lookup_absfile => an absolute file name is required, ++ (for single-key style only) ++*/ ++ ++typedef struct lookup_info { ++ uschar *name; /* e.g. "lsearch" */ ++ int type; /* query/singlekey/abs-file */ ++ void *(*open)( /* open function */ ++ uschar *, /* file name for those that have one */ ++ uschar **); /* for error message */ ++ BOOL (*check)( /* file checking function */ ++ void *, /* handle */ ++ uschar *, /* file name */ ++ int, /* modemask for file checking */ ++ uid_t *, /* owners for file checking */ ++ gid_t *, /* owngroups for file checking */ ++ uschar **); /* for error messages */ ++ int (*find)( /* find function */ ++ void *, /* handle */ ++ uschar *, /* file name or NULL */ ++ uschar *, /* key or query */ ++ int, /* length of key or query */ ++ uschar **, /* for returning answer */ ++ uschar **, /* for error message */ ++ BOOL *); /* to request cache cleanup */ ++ void (*close)( /* close function */ ++ void *); /* handle */ ++ void (*tidy)(void); /* tidy function */ ++ uschar *(*quote)( /* quoting function */ ++ uschar *, /* string to quote */ ++ uschar *); /* additional data from quote name */ ++} lookup_info; ++ ++/* "LMM1" */ ++#define LOOKUP_MODULE_INFO_MAGIC 0x4c4d4d31 ++ ++typedef struct lookup_module_info { ++ uint magic; ++ lookup_info **lookups; ++ uint lookupcount; ++} lookup_module_info; +diff --git a/src/lookups/Makefile b/src/lookups/Makefile +index 75b78d2..e8c9bbd 100644 +--- a/src/lookups/Makefile ++++ b/src/lookups/Makefile +@@ -1,13 +1,181 @@ + # $Cambridge: exim/exim-src/src/lookups/Makefile,v 1.8 2008/02/14 13:49:35 fanf2 Exp $ + +-# Make file for building a library containing all the available lookups and +-# calling it lookups.a. This is called from the main make file, after cd'ing +-# to the lookups subdirectory. When the relevant LOOKUP_ macros are not +-# defined, dummy modules get compiled. ++# Make file for building all the available lookups. ++# This is called from the main make file, after cd'ing ++# to the lookups subdirectory. + +-OBJ = cdb.o dbmdb.o dkim.o dnsdb.o dsearch.o ibase.o ldap.o lsearch.o mysql.o nis.o \ +- nisplus.o oracle.o passwd.o pgsql.o spf.o sqlite.o testdb.o whoson.o \ +- lf_check_file.o lf_quote.o lf_sqlperform.o ++# because the variable is EXPERIMENTAL_SPF and not LOOKUP_SPF ++# we put this one here by default and compile a dummy if ++# EXPERIMENTAL_SPF is not defined ++OBJ=spf.o ++MODS= ++ ++ifeq ($(LOOKUP_CDB),2) ++MODS += cdb.so ++LOOKUP_cdb_INCLUDE = $(LOOKUP_CDB_INCLUDE) ++LOOKUP_cdb_LIBS = $(LOOKUP_CDB_LIBS) ++else ++ifneq ($(LOOKUP_CDB),) ++OBJ += cdb.o ++endif ++endif ++ ++ifeq ($(LOOKUP_DBM),2) ++MODS += dbmdb.so ++LOOKUP_dbmdb_INCLUDE = $(LOOKUP_DBM_INCLUDE) ++LOOKUP_dbmdb_LIBS = $(LOOKUP_DBM_LIBS) ++else ++ifneq ($(LOOKUP_DBM),) ++OBJ += dbmdb.o ++endif ++endif ++ ++ifeq ($(LOOKUP_DKIM),2) ++MODS += dkim.so ++LOOKUP_dkim_INCLUDE = $(LOOKUP_DKIM_INCLUDE) ++LOOKUP_dkim_LIBS = $(LOOKUP_DKIM_LIBS) ++else ++ifneq ($(LOOKUP_DKIM),) ++OBJ += dkim.o ++endif ++endif ++ ++ifeq ($(LOOKUP_DNSDB),2) ++MODS += dnsdb.so ++LOOKUP_dnsdb_INCLUDE = $(LOOKUP_DNSDB_INCLUDE) ++LOOKUP_dnsdb_LIBS = $(LOOKUP_DNSDB_LIBS) ++else ++ifneq ($(LOOKUP_DNSDB),) ++OBJ += dnsdb.o ++endif ++endif ++ ++ifeq ($(LOOKUP_DSEARCH),2) ++MODS += dsearch.so ++LOOKUP_dsearch_INCLUDE = $(LOOKUP_DSEARCH_INCLUDE) ++LOOKUP_dsearch_LIBS = $(LOOKUP_DSEARCH_LIBS) ++else ++ifneq ($(LOOKUP_DSEARCH),) ++OBJ += dsearch.o ++endif ++endif ++ ++ifeq ($(LOOKUP_IBASE),2) ++MODS += ibase.so ++LOOKUP_ibase_INCLUDE = $(LOOKUP_IBASE_INCLUDE) ++LOOKUP_ibase_LIBS = $(LOOKUP_IBASE_LIBS) ++else ++ifneq ($(LOOKUP_IBASE),) ++OBJ += ibase.o ++endif ++endif ++ ++ifneq ($(LOOKUP_LDAP),) ++OBJ += ldap.o ++endif ++ ++ifeq ($(LOOKUP_LSEARCH),2) ++MODS += lsearch.so ++LOOKUP_lsearch_INCLUDE = $(LOOKUP_LSEARCH_INCLUDE) ++LOOKUP_lsearch_LIBS = $(LOOKUP_LSEARCH_LIBS) ++else ++ifneq ($(LOOKUP_LSEARCH),) ++OBJ += lsearch.o ++endif ++endif ++ ++ifeq ($(LOOKUP_MYSQL),2) ++MODS += mysql.so ++LOOKUP_mysql_INCLUDE = $(LOOKUP_MYSQL_INCLUDE) ++LOOKUP_mysql_LIBS = $(LOOKUP_MYSQL_LIBS) ++else ++ifneq ($(LOOKUP_MYSQL),) ++OBJ += mysql.o ++endif ++endif ++ ++ifeq ($(LOOKUP_NIS),2) ++MODS += nis.so ++LOOKUP_nis_INCLUDE = $(LOOKUP_NIS_INCLUDE) ++LOOKUP_nis_LIBS = $(LOOKUP_NIS_LIBS) ++else ++ifneq ($(LOOKUP_NIS),) ++OBJ += nis.o ++endif ++endif ++ ++ifeq ($(LOOKUP_NISPLUS),2) ++MODS += nisplus.so ++LOOKUP_nisplus_INCLUDE = $(LOOKUP_NISPLUS_INCLUDE) ++LOOKUP_nisplus_LIBS = $(LOOKUP_NISPLUS_LIBS) ++else ++ifneq ($(LOOKUP_NISPLUS),) ++OBJ += nisplus.o ++endif ++endif ++ ++ifeq ($(LOOKUP_ORACLE),2) ++MODS += oracle.so ++LOOKUP_oracle_INCLUDE = $(LOOKUP_ORACLE_INCLUDE) ++LOOKUP_oracle_LIBS = $(LOOKUP_ORACLE_LIBS) ++else ++ifneq ($(LOOKUP_ORACLE),) ++OBJ += oracle.o ++endif ++endif ++ ++ifeq ($(LOOKUP_PASSWD),2) ++MODS += passwd.so ++LOOKUP_passwd_INCLUDE = $(LOOKUP_PASSWD_INCLUDE) ++LOOKUP_passwd_LIBS = $(LOOKUP_PASSWD_LIBS) ++else ++ifneq ($(LOOKUP_PASSWD),) ++OBJ += passwd.o ++endif ++endif ++ ++ifeq ($(LOOKUP_PGSQL),2) ++MODS += pgsql.so ++LOOKUP_pgsql_INCLUDE = $(LOOKUP_PGSQL_INCLUDE) ++LOOKUP_pgsql_LIBS = $(LOOKUP_PGSQL_LIBS) ++else ++ifneq ($(LOOKUP_PGSQL),) ++OBJ += pgsql.o ++endif ++endif ++ ++ifeq ($(LOOKUP_SQLITE),2) ++MODS += sqlite.so ++LOOKUP_sqlite_INCLUDE = $(LOOKUP_SQLITE_INCLUDE) ++LOOKUP_sqlite_LIBS = $(LOOKUP_SQLITE_LIBS) ++else ++ifneq ($(LOOKUP_SQLITE),) ++OBJ += sqlite.o ++endif ++endif ++ ++ifeq ($(LOOKUP_TESTDB),2) ++MODS += testdb.so ++LOOKUP_testdb_INCLUDE = $(LOOKUP_TESTDB_INCLUDE) ++LOOKUP_testdb_LIBS = $(LOOKUP_TESTDB_LIBS) ++else ++ifneq ($(LOOKUP_TESTDB),) ++OBJ += testdb.o ++endif ++endif ++ ++ifeq ($(LOOKUP_WHOSON),2) ++MODS += whoson.so ++LOOKUP_whoson_INCLUDE = $(LOOKUP_WHOSON_INCLUDE) ++LOOKUP_whoson_LIBS = $(LOOKUP_WHOSON_LIBS) ++else ++ifneq ($(LOOKUP_WHOSON),) ++OBJ += whoson.o ++endif ++endif ++ ++ ++all: lookups.a lf_quote.o lf_check_file.o lf_sqlperform.o $(MODS) + + lookups.a: $(OBJ) + @$(RM_COMMAND) -f lookups.a +@@ -15,31 +183,54 @@ lookups.a: $(OBJ) + @$(AR) lookups.a $(OBJ) + $(RANLIB) $@ + +-.SUFFIXES: .o .c ++.SUFFIXES: .o .c .so + .c.o:; @echo "$(CC) $*.c" + $(FE)$(CC) -c $(CFLAGS) $(INCLUDE) $*.c + ++.c.so:; @echo "$(CC) -shared $*.c" ++ $(FE)$(CC) $(LOOKUP_$*_INCLUDE) $(LOOKUP_$*_LIBS) -DDYNLOOKUP -shared -rdynamic $(CFLAGS) $(INCLUDE) $(DLFLAGS) $*.c -o $@ ++ + lf_check_file.o: $(HDRS) lf_check_file.c lf_functions.h + lf_quote.o: $(HDRS) lf_quote.c lf_functions.h + lf_sqlperform.o: $(HDRS) lf_sqlperform.c lf_functions.h + +-cdb.o: $(HDRS) cdb.c cdb.h +-dbmdb.o: $(HDRS) dbmdb.c dbmdb.h +-dkim.o: $(HDRS) dkim.c dkim.h +-dnsdb.o: $(HDRS) dnsdb.c dnsdb.h +-dsearch.o: $(HDRS) dsearch.c dsearch.h +-ibase.o: $(HDRS) ibase.c ibase.h +-ldap.o: $(HDRS) ldap.c ldap.h +-lsearch.o: $(HDRS) lsearch.c lsearch.h +-mysql.o: $(HDRS) mysql.c mysql.h +-nis.o: $(HDRS) nis.c nis.h +-nisplus.o: $(HDRS) nisplus.c nisplus.h +-oracle.o: $(HDRS) oracle.c oracle.h +-passwd.o: $(HDRS) passwd.c passwd.h +-pgsql.o: $(HDRS) pgsql.c pgsql.h +-spf.o: $(HDRS) spf.c spf.h +-sqlite.o: $(HDRS) sqlite.c sqlite.h +-testdb.o: $(HDRS) testdb.c testdb.h +-whoson.o: $(HDRS) whoson.c whoson.h ++cdb.o: $(HDRS) cdb.c ++dbmdb.o: $(HDRS) dbmdb.c ++dkim.o: $(HDRS) dkim.c ++dnsdb.o: $(HDRS) dnsdb.c ++dsearch.o: $(HDRS) dsearch.c ++ibase.o: $(HDRS) ibase.c ++ldap.o: $(HDRS) ldap.c ++lsearch.o: $(HDRS) lsearch.c ++mysql.o: $(HDRS) mysql.c ++nis.o: $(HDRS) nis.c ++nisplus.o: $(HDRS) nisplus.c ++oracle.o: $(HDRS) oracle.c ++passwd.o: $(HDRS) passwd.c ++pgsql.o: $(HDRS) pgsql.c ++spf.o: $(HDRS) spf.c ++sqlite.o: $(HDRS) sqlite.c ++testdb.o: $(HDRS) testdb.c ++whoson.o: $(HDRS) whoson.c ++ ++cdb.so: $(HDRS) cdb.c ++dbmdb.so: $(HDRS) dbmdb.c ++dkim.so: $(HDRS) dkim.c ++dnsdb.so: $(HDRS) dnsdb.c ++dsearch.so: $(HDRS) dsearch.c ++ibase.so: $(HDRS) ibase.c ++ldap.so: $(HDRS) ldap.c ++lsearch.so: $(HDRS) lsearch.c ++mysql.so: $(HDRS) mysql.c ++nis.so: $(HDRS) nis.c ++nisplus.so: $(HDRS) nisplus.c ++oracle.so: $(HDRS) oracle.c ++passwd.so: $(HDRS) passwd.c ++pgsql.so: $(HDRS) pgsql.c ++spf.so: $(HDRS) spf.c ++sqlite.so: $(HDRS) sqlite.c ++testdb.so: $(HDRS) testdb.c ++whoson.so: $(HDRS) whoson.c ++ + + # End +diff --git a/src/lookups/cdb.c b/src/lookups/cdb.c +index cb4c727..23d0152 100644 +--- a/src/lookups/cdb.c ++++ b/src/lookups/cdb.c +@@ -56,7 +56,6 @@ + + #include "../exim.h" + #include "lf_functions.h" +-#include "cdb.h" + + #ifdef HAVE_MMAP + # include +@@ -144,7 +143,9 @@ cdb_unpack(uschar *buf) + return num; + } + +-void * ++static void cdb_close(void *handle); ++ ++static void * + cdb_open(uschar *filename, + uschar **errmsg) + { +@@ -245,7 +246,7 @@ cdb_open(uschar *filename, + * Check entry point * + *************************************************/ + +-BOOL ++static BOOL + cdb_check(void *handle, + uschar *filename, + int modemask, +@@ -270,7 +271,7 @@ cdb_check(void *handle, + * Find entry point * + *************************************************/ + +-int ++static int + cdb_find(void *handle, + uschar *filename, + uschar *keystring, +@@ -418,7 +419,7 @@ cdb_find(void *handle, + + /* See local README for interface description */ + +-void ++static void + cdb_close(void *handle) + { + struct cdb_state * cdbp = handle; +@@ -434,4 +435,22 @@ struct cdb_state * cdbp = handle; + (void)close(cdbp->fileno); + } + ++lookup_info cdb_lookup_info = { ++ US"cdb", /* lookup name */ ++ lookup_absfile, /* uses absolute file name */ ++ cdb_open, /* open function */ ++ cdb_check, /* check function */ ++ cdb_find, /* find function */ ++ cdb_close, /* close function */ ++ NULL, /* no tidy function */ ++ NULL /* no quoting function */ ++}; ++ ++#ifdef DYNLOOKUP ++#define cdb_lookup_module_info _lookup_module_info ++#endif ++ ++static lookup_info *_lookup_list[] = { &cdb_lookup_info }; ++lookup_module_info cdb_lookup_module_info = { LOOKUP_MODULE_INFO_MAGIC, _lookup_list, 1 }; ++ + /* End of lookups/cdb.c */ +diff --git a/src/lookups/cdb.h b/src/lookups/cdb.h +deleted file mode 100644 +index df9fb2c..0000000 +--- a/src/lookups/cdb.h ++++ /dev/null +@@ -1,59 +0,0 @@ +-/* $Cambridge: exim/exim-src/src/lookups/cdb.h,v 1.1 2004/10/07 13:10:01 ph10 Exp $ */ +- +-/************************************************* +-* Exim - an Internet mail transport agent * +-*************************************************/ +- +-/* +- * $Id: cdb.h,v 1.2.2.1 1998/05/29 16:21:36 cvs Exp $ +- * +- * Exim - CDB database lookup module +- * ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +- * +- * Copyright (c) 1998 Nigel Metheringham, Planet Online Ltd +- * +- * This program is free software; you can redistribute it and/or +- * modify it under the terms of the GNU General Public License +- * as published by the Free Software Foundation; either version 2 +- * of the License, or (at your option) any later version. +- * +- * This program is distributed in the hope that it will be useful, +- * but WITHOUT ANY WARRANTY; without even the implied warranty of +- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +- * GNU General Public License for more details. +- * +- * You should have received a copy of the GNU General Public License +- * along with this program; if not, write to the Free Software +- * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA +- * 02111-1307, USA. +- * +- * +- * This code implements Dan Bernstein's Constant DataBase (cdb) spec. +- * Information, the spec and sample code for cdb can be obtained from +- * http://www.pobox.com/~djb/cdb.html +- * +- * This implementation borrows some code from Dan Bernstein's +- * implementation (which has no license restrictions applied to it). +- * This (read-only) implementation is completely contained within +- * cdb.[ch] it does *not* link against an external cdb library. +- * +- * +- * There are 2 varients included within this code. One uses MMAP and +- * should give better performance especially for multiple lookups on a +- * modern machine. The other is the default implementation which is +- * used in the case where the MMAP fails or if MMAP was not compiled +- * in. this implementation is the same as the original reference cdb +- * implementation. +- * +- */ +- +- +-/* Functions for reading exim cdb files */ +- +-extern void *cdb_open(uschar *, uschar **); +-extern BOOL cdb_check(void *, uschar *, int, uid_t *, gid_t *, uschar **); +-extern int cdb_find(void *, uschar *, uschar *, int, uschar **, uschar **, +- BOOL *); +-extern void cdb_close(void *); +- +-/* End of cdb.h */ +diff --git a/src/lookups/dbmdb.c b/src/lookups/dbmdb.c +index 0d79522..8e459b9 100644 +--- a/src/lookups/dbmdb.c ++++ b/src/lookups/dbmdb.c +@@ -9,7 +9,6 @@ + + #include "../exim.h" + #include "lf_functions.h" +-#include "dbmdb.h" + + + /************************************************* +@@ -18,7 +17,7 @@ + + /* See local README for interface description */ + +-void * ++static void * + dbmdb_open(uschar *filename, uschar **errmsg) + { + EXIM_DB *yield; +@@ -45,7 +44,7 @@ file name. If USE_TDB or USE_GDBM is set, we know it is tdb or gdbm, which do + the same. Otherwise, for safety, we have to check for x.db or x.dir and x.pag. + */ + +-BOOL ++static BOOL + dbmdb_check(void *handle, uschar *filename, int modemask, uid_t *owners, + gid_t *owngroups, uschar **errmsg) + { +@@ -88,7 +87,7 @@ return rc == 0; + /* See local README for interface description. This function adds 1 to + the keylength in order to include the terminating zero. */ + +-int ++static int + dbmdb_find(void *handle, uschar *filename, uschar *keystring, int length, + uschar **result, uschar **errmsg, BOOL *do_cache) + { +@@ -121,7 +120,7 @@ return FAIL; + + /* See local README for interface description */ + +-int ++static int + dbmnz_find(void *handle, uschar *filename, uschar *keystring, int length, + uschar **result, uschar **errmsg, BOOL *do_cache) + { +@@ -137,10 +136,39 @@ return dbmdb_find(handle, filename, keystring, length-1, result, errmsg, + + /* See local README for interface description */ + +-void ++static void + dbmdb_close(void *handle) + { + EXIM_DBCLOSE((EXIM_DB *)handle); + } + ++lookup_info dbm_lookup_info = { ++ US"dbm", /* lookup name */ ++ lookup_absfile, /* uses absolute file name */ ++ dbmdb_open, /* open function */ ++ dbmdb_check, /* check function */ ++ dbmdb_find, /* find function */ ++ dbmdb_close, /* close function */ ++ NULL, /* no tidy function */ ++ NULL /* no quoting function */ ++}; ++ ++lookup_info dbmz_lookup_info = { ++ US"dbmnz", /* lookup name */ ++ lookup_absfile, /* uses absolute file name */ ++ dbmdb_open, /* sic */ /* open function */ ++ dbmdb_check, /* sic */ /* check function */ ++ dbmnz_find, /* find function */ ++ dbmdb_close, /* sic */ /* close function */ ++ NULL, /* no tidy function */ ++ NULL /* no quoting function */ ++}; ++ ++#ifdef DYNLOOKUP ++#define dbmdb_lookup_module_info _lookup_module_info ++#endif ++ ++static lookup_info *_lookup_list[] = { &dbm_lookup_info, &dbmz_lookup_info }; ++lookup_module_info dbmdb_lookup_module_info = { LOOKUP_MODULE_INFO_MAGIC, _lookup_list, 2 }; ++ + /* End of lookups/dbmdb.c */ +diff --git a/src/lookups/dbmdb.h b/src/lookups/dbmdb.h +deleted file mode 100644 +index 26bd792..0000000 +--- a/src/lookups/dbmdb.h ++++ /dev/null +@@ -1,21 +0,0 @@ +-/* $Cambridge: exim/exim-src/src/lookups/dbmdb.h,v 1.4 2007/01/08 10:50:19 ph10 Exp $ */ +- +-/************************************************* +-* Exim - an Internet mail transport agent * +-*************************************************/ +- +-/* Copyright (c) University of Cambridge 1995 - 2007 */ +-/* See the file NOTICE for conditions of use and distribution. */ +- +-/* Header for the dbm lookup. Use dbmdb in the code to avoid name +-clashes with external library names. */ +- +-extern void *dbmdb_open(uschar *, uschar **); +-extern BOOL dbmdb_check(void *, uschar *, int, uid_t *, gid_t *, uschar **); +-extern int dbmdb_find(void *, uschar *, uschar *, int, uschar **, uschar **, +- BOOL *); +-extern int dbmnz_find(void *, uschar *, uschar *, int, uschar **, uschar **, +- BOOL *); +-extern void dbmdb_close(void *); +- +-/* End of lookups/dbmdb.h */ +diff --git a/src/lookups/dkim.c b/src/lookups/dkim.c +index fa2ecf2..3c55913 100755 +--- a/src/lookups/dkim.c ++++ b/src/lookups/dkim.c +@@ -8,7 +8,6 @@ + /* See the file NOTICE for conditions of use and distribution. */ + + #include "../exim.h" +-#include "dkim.h" + + + +@@ -18,7 +17,7 @@ + + /* See local README for interface description */ + +-void * ++static void * + dkim_open(uschar *filename, uschar **errmsg) + { + filename = filename; /* Keep picky compilers happy */ +@@ -35,7 +34,7 @@ return (void *)(-1); /* Just return something non-null */ + + /* See local README for interface description */ + +-int ++static int + dkim_find(void *handle, uschar *filename, uschar *keystring, int length, + uschar **result, uschar **errmsg, BOOL *do_cache) + { +@@ -49,4 +48,22 @@ dkim_find(void *handle, uschar *filename, uschar *keystring, int length, + #endif + } + ++lookup_info cdb_lookup_info = { ++ US"dkim", /* lookup name */ ++ lookup_querystyle, /* query style */ ++ dkim_open, /* open function */ ++ NULL, /* check function */ ++ dkim_find, /* find function */ ++ NULL, /* no close function */ ++ NULL, /* no tidy function */ ++ NULL /* no quoting function */ ++}; ++ ++#ifdef DYNLOOKUP ++#define cdb_lookup_module_info _lookup_module_info ++#endif ++ ++static lookup_info *_lookup_list[] = { &dkim_lookup_info }; ++lookup_module_info cdb_lookup_module_info = { LOOKUP_MODULE_INFO_MAGIC, _lookup_list, 1 }; ++ + /* End of lookups/dkim.c */ +diff --git a/src/lookups/dkim.h b/src/lookups/dkim.h +deleted file mode 100755 +index cc57697..0000000 +--- a/src/lookups/dkim.h ++++ /dev/null +@@ -1,16 +0,0 @@ +-/* $Cambridge: exim/exim-src/src/lookups/dkim.h,v 1.1 2007/09/28 12:21:57 tom Exp $ */ +- +-/************************************************* +-* Exim - an Internet mail transport agent * +-*************************************************/ +- +-/* Copyright (c) University of Cambridge 1995 - 2007 */ +-/* See the file NOTICE for conditions of use and distribution. */ +- +-/* Header for the DKIM lookup */ +- +-extern void *dkim_open(uschar *, uschar **); +-extern int dkim_find(void *, uschar *, uschar *, int, uschar **, uschar **, +- BOOL *); +- +-/* End of lookups/dkim.h */ +diff --git a/src/lookups/dnsdb.c b/src/lookups/dnsdb.c +index bda714c..bea9a8c 100644 +--- a/src/lookups/dnsdb.c ++++ b/src/lookups/dnsdb.c +@@ -9,8 +9,6 @@ + + #include "../exim.h" + #include "lf_functions.h" +-#include "dnsdb.h" +- + + + /* Ancient systems (e.g. SunOS4) don't appear to have T_TXT defined in their +@@ -67,7 +65,7 @@ static int type_values[] = { + + /* See local README for interface description. */ + +-void * ++static void * + dnsdb_open(uschar *filename, uschar **errmsg) + { + filename = filename; /* Keep picky compilers happy */ +@@ -102,7 +100,7 @@ default is "TXT". + which may start with '<' in order to set a specific separator. The default + separator, as always, is colon. */ + +-int ++static int + dnsdb_find(void *handle, uschar *filename, uschar *keystring, int length, + uschar **result, uschar **errmsg, BOOL *do_cache) + { +@@ -394,4 +392,22 @@ yield[ptr] = 0; + return OK; + } + ++static lookup_info _lookup_info = { ++ US"dnsdb", /* lookup name */ ++ lookup_querystyle, /* query style */ ++ dnsdb_open, /* open function */ ++ NULL, /* check function */ ++ dnsdb_find, /* find function */ ++ NULL, /* no close function */ ++ NULL, /* no tidy function */ ++ NULL /* no quoting function */ ++}; ++ ++#ifdef DYNLOOKUP ++#define dnsdb_lookup_module_info _lookup_module_info ++#endif ++ ++static lookup_info *_lookup_list[] = { &_lookup_info }; ++lookup_module_info dnsdb_lookup_module_info = { LOOKUP_MODULE_INFO_MAGIC, _lookup_list, 1 }; ++ + /* End of lookups/dnsdb.c */ +diff --git a/src/lookups/dnsdb.h b/src/lookups/dnsdb.h +deleted file mode 100644 +index 98bdf92..0000000 +--- a/src/lookups/dnsdb.h ++++ /dev/null +@@ -1,16 +0,0 @@ +-/* $Cambridge: exim/exim-src/src/lookups/dnsdb.h,v 1.4 2007/01/08 10:50:19 ph10 Exp $ */ +- +-/************************************************* +-* Exim - an Internet mail transport agent * +-*************************************************/ +- +-/* Copyright (c) University of Cambridge 1995 - 2007 */ +-/* See the file NOTICE for conditions of use and distribution. */ +- +-/* Header for the dnsdb lookup */ +- +-extern void *dnsdb_open(uschar *, uschar **); +-extern int dnsdb_find(void *, uschar *, uschar *, int, uschar **, uschar **, +- BOOL *); +- +-/* End of lookups/dnsdb.h */ +diff --git a/src/lookups/dsearch.c b/src/lookups/dsearch.c +index 661021d..7befda3 100644 +--- a/src/lookups/dsearch.c ++++ b/src/lookups/dsearch.c +@@ -14,8 +14,6 @@ lstat()) rather than a directory scan). */ + + #include "../exim.h" + #include "lf_functions.h" +-#include "dsearch.h" +- + + + /************************************************* +@@ -27,7 +25,7 @@ whether it exists and whether it is searchable. However, we don't need to keep + it open, because the "search" can be done by a call to lstat() rather than + actually scanning through the list of files. */ + +-void * ++static void * + dsearch_open(uschar *dirname, uschar **errmsg) + { + DIR *dp = opendir(CS dirname); +@@ -50,7 +48,7 @@ return (void *)(-1); + /* The handle will always be (void *)(-1), but don't try casting it to an + integer as this gives warnings on 64-bit systems. */ + +-BOOL ++static BOOL + dsearch_check(void *handle, uschar *filename, int modemask, uid_t *owners, + gid_t *owngroups, uschar **errmsg) + { +@@ -68,7 +66,7 @@ return lf_check_file(-1, filename, S_IFDIR, modemask, owners, owngroups, + scanning the directory, as it is hopefully faster to let the OS do the scanning + for us. */ + +-int ++static int + dsearch_find(void *handle, uschar *dirname, uschar *keystring, int length, + uschar **result, uschar **errmsg, BOOL *do_cache) + { +@@ -114,10 +112,28 @@ return DEFER; + + /* See local README for interface description */ + +-void ++static void + dsearch_close(void *handle) + { + handle = handle; /* Avoid compiler warning */ + } + ++static lookup_info _lookup_info = { ++ US"dsearch", /* lookup name */ ++ lookup_absfile, /* uses absolute file name */ ++ dsearch_open, /* open function */ ++ dsearch_check, /* check function */ ++ dsearch_find, /* find function */ ++ dsearch_close, /* close function */ ++ NULL, /* no tidy function */ ++ NULL /* no quoting function */ ++}; ++ ++#ifdef DYNLOOKUP ++#define dsearch_lookup_module_info _lookup_module_info ++#endif ++ ++static lookup_info *_lookup_list[] = { &_lookup_info }; ++lookup_module_info dsearch_lookup_module_info = { LOOKUP_MODULE_INFO_MAGIC, _lookup_list, 1 }; ++ + /* End of lookups/dsearch.c */ +diff --git a/src/lookups/dsearch.h b/src/lookups/dsearch.h +deleted file mode 100644 +index e686824..0000000 +--- a/src/lookups/dsearch.h ++++ /dev/null +@@ -1,18 +0,0 @@ +-/* $Cambridge: exim/exim-src/src/lookups/dsearch.h,v 1.4 2007/01/08 10:50:19 ph10 Exp $ */ +- +-/************************************************* +-* Exim - an Internet mail transport agent * +-*************************************************/ +- +-/* Copyright (c) University of Cambridge 1995 - 2007 */ +-/* See the file NOTICE for conditions of use and distribution. */ +- +-/* Header for the dsearch lookup */ +- +-extern void *dsearch_open(uschar *, uschar **); +-extern BOOL dsearch_check(void *, uschar *, int, uid_t *, gid_t *, uschar **); +-extern int dsearch_find(void *, uschar *, uschar *, int, uschar **, uschar **, +- BOOL *); +-extern void dsearch_close(void *); +- +-/* End of lookups/dsearch.h */ +diff --git a/src/lookups/ibase.c b/src/lookups/ibase.c +index 54699a1..ae9c04f 100644 +--- a/src/lookups/ibase.c ++++ b/src/lookups/ibase.c +@@ -11,14 +11,7 @@ + + #include "../exim.h" + #include "lf_functions.h" +-#include "ibase.h" + +-#ifndef LOOKUP_IBASE +-static void dummy(int x) +-{ +- dummy(x - 1); +-} +-#else + #include /* The system header */ + + /* Structure and anchor for caching connections. */ +@@ -40,7 +33,7 @@ static ibase_connection *ibase_connections = NULL; + + /* See local README for interface description. */ + +-void *ibase_open(uschar * filename, uschar ** errmsg) ++static void *ibase_open(uschar * filename, uschar ** errmsg) + { + return (void *) (1); /* Just return something non-null */ + } +@@ -53,7 +46,7 @@ void *ibase_open(uschar * filename, uschar ** errmsg) + + /* See local README for interface description. */ + +-void ibase_tidy(void) ++static void ibase_tidy(void) + { + ibase_connection *cn; + ISC_STATUS status[20]; +@@ -458,7 +451,7 @@ always leaves enough room for a terminating zero. */ + arguments are not used. Loop through a list of servers while the query is + deferred with a retryable error. */ + +-int ++static int + ibase_find(void *handle, uschar * filename, uschar * query, int length, + uschar ** result, uschar ** errmsg, BOOL *do_cache) + { +@@ -510,7 +503,7 @@ Arguments: + Returns: the processed string or NULL for a bad option + */ + +-uschar *ibase_quote(uschar * s, uschar * opt) ++static uschar *ibase_quote(uschar * s, uschar * opt) + { + register int c; + int count = 0; +@@ -553,6 +546,22 @@ uschar *ibase_quote(uschar * s, uschar * opt) + return quoted; + } + ++static lookup_info _lookup_info = { ++ US"ibase", /* lookup name */ ++ lookup_querystyle, /* query-style lookup */ ++ ibase_open, /* open function */ ++ NULL, /* no check function */ ++ ibase_find, /* find function */ ++ NULL, /* no close function */ ++ ibase_tidy, /* tidy function */ ++ ibase_quote /* quoting function */ ++}; ++ ++#ifdef DYNLOOKUP ++#define ibase_lookup_module_info _lookup_module_info + #endif + ++static lookup_info *_lookup_list[] = { &_lookup_info }; ++lookup_module_info ibase_lookup_module_info = { LOOKUP_MODULE_INFO_MAGIC, _lookup_list, 1 }; ++ + /* End of lookups/ibase.c */ +diff --git a/src/lookups/ibase.h b/src/lookups/ibase.h +deleted file mode 100644 +index cc64230..0000000 +--- a/src/lookups/ibase.h ++++ /dev/null +@@ -1,18 +0,0 @@ +-/* $Cambridge: exim/exim-src/src/lookups/ibase.h,v 1.4 2007/01/08 10:50:19 ph10 Exp $ */ +- +-/************************************************* +-* Exim - an Internet mail transport agent * +-*************************************************/ +- +-/* Copyright (c) University of Cambridge 1995 - 2007 */ +-/* See the file NOTICE for conditions of use and distribution. */ +- +-/* Header for the Interbase lookup functions */ +- +-extern void *ibase_open(uschar *, uschar **); +-extern int ibase_find(void *, uschar *, uschar *, int, uschar **, uschar **, +- BOOL *); +-extern void ibase_tidy(void); +-extern uschar *ibase_quote(uschar *, uschar *); +- +-/* End of lookups/ibase.h */ +diff --git a/src/lookups/ldap.c b/src/lookups/ldap.c +index f704f88..ec2a3e5 100644 +--- a/src/lookups/ldap.c ++++ b/src/lookups/ldap.c +@@ -15,21 +15,6 @@ researching how to handle the different kinds of error. */ + + #include "../exim.h" + #include "lf_functions.h" +-#include "ldap.h" +- +- +-/* We can't just compile this code and allow the library mechanism to omit the +-functions if they are not wanted, because we need to have the LDAP headers +-available for compiling. Therefore, compile these functions only if LOOKUP_LDAP +-is defined. However, some compilers don't like compiling empty modules, so keep +-them happy with a dummy when skipping the rest. Make it reference itself to +-stop picky compilers complaining that it is unused, and put in a dummy argument +-to stop even pickier compilers complaining about infinite loops. */ +- +-#ifndef LOOKUP_LDAP +-static void dummy(int x) { dummy(x-1); } +-#else +- + + /* Include LDAP headers. The code below uses some "old" LDAP interfaces that + are deprecated in OpenLDAP. I don't know their status in other LDAP +@@ -1196,7 +1181,7 @@ return DEFER; + are handled by a common function, with a flag to differentiate between them. + The handle and filename arguments are not used. */ + +-int ++static int + eldap_find(void *handle, uschar *filename, uschar *ldap_url, int length, + uschar **result, uschar **errmsg, BOOL *do_cache) + { +@@ -1205,7 +1190,7 @@ do_cache = do_cache; + return(control_ldap_search(ldap_url, SEARCH_LDAP_SINGLE, result, errmsg)); + } + +-int ++static int + eldapm_find(void *handle, uschar *filename, uschar *ldap_url, int length, + uschar **result, uschar **errmsg, BOOL *do_cache) + { +@@ -1214,7 +1199,7 @@ do_cache = do_cache; + return(control_ldap_search(ldap_url, SEARCH_LDAP_MULTIPLE, result, errmsg)); + } + +-int ++static int + eldapdn_find(void *handle, uschar *filename, uschar *ldap_url, int length, + uschar **result, uschar **errmsg, BOOL *do_cache) + { +@@ -1240,7 +1225,7 @@ return(control_ldap_search(ldap_url, SEARCH_LDAP_AUTH, result, errmsg)); + + /* See local README for interface description. */ + +-void * ++static void * + eldap_open(uschar *filename, uschar **errmsg) + { + return (void *)(1); /* Just return something non-null */ +@@ -1255,7 +1240,7 @@ return (void *)(1); /* Just return something non-null */ + /* See local README for interface description. + Make sure that eldap_dn does not refer to reclaimed or worse, freed store */ + +-void ++static void + eldap_tidy(void) + { + LDAP_CONNECTION *lcp = NULL; +@@ -1351,7 +1336,7 @@ quote_ldap_dn, respectively. */ + + + +-uschar * ++static uschar * + eldap_quote(uschar *s, uschar *opt) + { + register int c; +@@ -1470,6 +1455,44 @@ else + return quoted; + } + +-#endif /* LOOKUP_LDAP */ ++static lookup_info ldap_lookup_info = { ++ US"ldap", /* lookup name */ ++ lookup_querystyle, /* query-style lookup */ ++ eldap_open, /* open function */ ++ NULL, /* check function */ ++ eldap_find, /* find function */ ++ NULL, /* no close function */ ++ eldap_tidy, /* tidy function */ ++ eldap_quote /* quoting function */ ++}; ++ ++static lookup_info ldapdn_lookup_info = { ++ US"ldapdn", /* lookup name */ ++ lookup_querystyle, /* query-style lookup */ ++ eldap_open, /* sic */ /* open function */ ++ NULL, /* check function */ ++ eldapdn_find, /* find function */ ++ NULL, /* no close function */ ++ eldap_tidy, /* sic */ /* tidy function */ ++ eldap_quote /* sic */ /* quoting function */ ++}; ++ ++static lookup_info ldapm_lookup_info = { ++ US"ldapm", /* lookup name */ ++ lookup_querystyle, /* query-style lookup */ ++ eldap_open, /* sic */ /* open function */ ++ NULL, /* check function */ ++ eldapm_find, /* find function */ ++ NULL, /* no close function */ ++ eldap_tidy, /* sic */ /* tidy function */ ++ eldap_quote /* sic */ /* quoting function */ ++}; ++ ++#ifdef DYNLOOKUP ++#define ldap_lookup_module_info _lookup_module_info ++#endif ++ ++static lookup_info *_lookup_list[] = { &ldap_lookup_info, &ldapdn_lookup_info, &ldapm_lookup_info }; ++lookup_module_info ldap_lookup_module_info = { LOOKUP_MODULE_INFO_MAGIC, _lookup_list, 3 }; + + /* End of lookups/ldap.c */ +diff --git a/src/lookups/ldap.h b/src/lookups/ldap.h +index 9e1d716..62383b8 100644 +--- a/src/lookups/ldap.h ++++ b/src/lookups/ldap.h +@@ -7,18 +7,9 @@ + /* Copyright (c) University of Cambridge 1995 - 2007 */ + /* See the file NOTICE for conditions of use and distribution. */ + +-/* Header for the ldap lookups */ ++/* Header for eldapauth_find */ + +-extern void *eldap_open(uschar *, uschar **); +-extern int eldap_find(void *, uschar *, uschar *, int, uschar **, uschar **, +- BOOL *); + extern int eldapauth_find(void *, uschar *, uschar *, int, uschar **, + uschar **, BOOL *); +-extern int eldapdn_find(void *, uschar *, uschar *, int, uschar **, +- uschar **, BOOL *); +-extern int eldapm_find(void *, uschar *, uschar *, int, uschar **, +- uschar **, BOOL *); +-extern void eldap_tidy(void); +-extern uschar *eldap_quote(uschar *, uschar *); + + /* End of lookups/ldap.h */ +diff --git a/src/lookups/lsearch.c b/src/lookups/lsearch.c +index d9ff9d4..4ac7b65 100644 +--- a/src/lookups/lsearch.c ++++ b/src/lookups/lsearch.c +@@ -9,7 +9,6 @@ + + #include "../exim.h" + #include "lf_functions.h" +-#include "lsearch.h" + + /* Codes for the different kinds of lsearch that are supported */ + +@@ -28,7 +27,7 @@ enum { + + /* See local README for interface description */ + +-void * ++static void * + lsearch_open(uschar *filename, uschar **errmsg) + { + FILE *f = Ufopen(filename, "rb"); +@@ -48,7 +47,7 @@ return f; + * Check entry point * + *************************************************/ + +-BOOL ++static BOOL + lsearch_check(void *handle, uschar *filename, int modemask, uid_t *owners, + gid_t *owngroups, uschar **errmsg) + { +@@ -320,7 +319,7 @@ return FAIL; + + /* See local README for interface description */ + +-int ++static int + lsearch_find(void *handle, uschar *filename, uschar *keystring, int length, + uschar **result, uschar **errmsg, BOOL *do_cache) + { +@@ -337,7 +336,7 @@ return internal_lsearch_find(handle, filename, keystring, length, result, + + /* See local README for interface description */ + +-int ++static int + wildlsearch_find(void *handle, uschar *filename, uschar *keystring, int length, + uschar **result, uschar **errmsg, BOOL *do_cache) + { +@@ -354,7 +353,7 @@ return internal_lsearch_find(handle, filename, keystring, length, result, + + /* See local README for interface description */ + +-int ++static int + nwildlsearch_find(void *handle, uschar *filename, uschar *keystring, int length, + uschar **result, uschar **errmsg, BOOL *do_cache) + { +@@ -372,7 +371,7 @@ return internal_lsearch_find(handle, filename, keystring, length, result, + + /* See local README for interface description */ + +-int ++static int + iplsearch_find(void *handle, uschar *filename, uschar *keystring, int length, + uschar **result, uschar **errmsg, BOOL *do_cache) + { +@@ -401,10 +400,64 @@ else + + /* See local README for interface description */ + +-void ++static void + lsearch_close(void *handle) + { + (void)fclose((FILE *)handle); + } + ++static lookup_info iplsearch_lookup_info = { ++ US"iplsearch", /* lookup name */ ++ lookup_absfile, /* uses absolute file name */ ++ lsearch_open, /* open function */ ++ lsearch_check, /* check function */ ++ iplsearch_find, /* find function */ ++ lsearch_close, /* close function */ ++ NULL, /* no tidy function */ ++ NULL /* no quoting function */ ++}; ++ ++static lookup_info lsearch_lookup_info = { ++ US"lsearch", /* lookup name */ ++ lookup_absfile, /* uses absolute file name */ ++ lsearch_open, /* open function */ ++ lsearch_check, /* check function */ ++ lsearch_find, /* find function */ ++ lsearch_close, /* close function */ ++ NULL, /* no tidy function */ ++ NULL /* no quoting function */ ++}; ++ ++static lookup_info nwildlsearch_lookup_info = { ++ US"nwildlsearch", /* lookup name */ ++ lookup_absfile, /* uses absolute file name */ ++ lsearch_open, /* open function */ ++ lsearch_check, /* check function */ ++ nwildlsearch_find, /* find function */ ++ lsearch_close, /* close function */ ++ NULL, /* no tidy function */ ++ NULL /* no quoting function */ ++}; ++ ++static lookup_info wildlsearch_lookup_info = { ++ US"wildlsearch", /* lookup name */ ++ lookup_absfile, /* uses absolute file name */ ++ lsearch_open, /* open function */ ++ lsearch_check, /* check function */ ++ wildlsearch_find, /* find function */ ++ lsearch_close, /* close function */ ++ NULL, /* no tidy function */ ++ NULL /* no quoting function */ ++}; ++ ++#ifdef DYNLOOKUP ++#define lsearch_lookup_module_info _lookup_module_info ++#endif ++ ++static lookup_info *_lookup_list[] = { &iplsearch_lookup_info, ++ &lsearch_lookup_info, ++ &nwildlsearch_lookup_info, ++ &wildlsearch_lookup_info }; ++lookup_module_info lsearch_lookup_module_info = { LOOKUP_MODULE_INFO_MAGIC, _lookup_list, 4 }; ++ + /* End of lookups/lsearch.c */ +diff --git a/src/lookups/lsearch.h b/src/lookups/lsearch.h +deleted file mode 100644 +index 7245d4c..0000000 +--- a/src/lookups/lsearch.h ++++ /dev/null +@@ -1,25 +0,0 @@ +-/* $Cambridge: exim/exim-src/src/lookups/lsearch.h,v 1.4 2007/01/08 10:50:19 ph10 Exp $ */ +- +-/************************************************* +-* Exim - an Internet mail transport agent * +-*************************************************/ +- +-/* Copyright (c) University of Cambridge 1995 - 2007 */ +-/* See the file NOTICE for conditions of use and distribution. */ +- +-/* Header for the lsearch and wildlsearch lookups */ +- +-extern void *lsearch_open(uschar *, uschar **); +-extern BOOL lsearch_check(void *, uschar *, int, uid_t *, gid_t *, uschar **); +-extern int lsearch_find(void *, uschar *, uschar *, int, uschar **, +- uschar **, BOOL *); +-extern void lsearch_close(void *); +- +-extern int wildlsearch_find(void *, uschar *, uschar *, int, uschar **, +- uschar **, BOOL *); +-extern int nwildlsearch_find(void *, uschar *, uschar *, int, uschar **, +- uschar **, BOOL *); +-extern int iplsearch_find(void *, uschar *, uschar *, int, uschar **, +- uschar **, BOOL *); +- +-/* End of lookups/lsearch.h */ +diff --git a/src/lookups/mysql.c b/src/lookups/mysql.c +index 9b2dda9..279ee95 100644 +--- a/src/lookups/mysql.c ++++ b/src/lookups/mysql.c +@@ -13,22 +13,6 @@ functions. */ + + #include "../exim.h" + #include "lf_functions.h" +-#include "mysql.h" /* The local header */ +- +- +-/* We can't just compile this code and allow the library mechanism to omit the +-functions if they are not wanted, because we need to have the MYSQL header +-available for compiling. Therefore, compile these functions only if +-LOOKUP_MYSQL is defined. However, some compilers don't like compiling empty +-modules, so keep them happy with a dummy when skipping the rest. Make it +-reference itself to stop picky compilers complaining that it is unused, and put +-in a dummy argument to stop even pickier compilers complaining about infinite +-loops. */ +- +-#ifndef LOOKUP_MYSQL +-static void dummy(int x) { dummy(x-1); } +-#else +- + + #include /* The system header */ + +@@ -51,7 +35,7 @@ static mysql_connection *mysql_connections = NULL; + + /* See local README for interface description. */ + +-void * ++static void * + mysql_open(uschar *filename, uschar **errmsg) + { + return (void *)(1); /* Just return something non-null */ +@@ -65,7 +49,7 @@ return (void *)(1); /* Just return something non-null */ + + /* See local README for interface description. */ + +-void ++static void + mysql_tidy(void) + { + mysql_connection *cn; +@@ -342,7 +326,7 @@ arguments are not used. The code to loop through a list of servers while the + query is deferred with a retryable error is now in a separate function that is + shared with other SQL lookups. */ + +-int ++static int + mysql_find(void *handle, uschar *filename, uschar *query, int length, + uschar **result, uschar **errmsg, BOOL *do_cache) + { +@@ -372,7 +356,7 @@ Arguments: + Returns: the processed string or NULL for a bad option + */ + +-uschar * ++static uschar * + mysql_quote(uschar *s, uschar *opt) + { + register int c; +@@ -414,7 +398,24 @@ while ((c = *s++) != 0) + return quoted; + } + +- +-#endif /* MYSQL_LOOKUP */ ++/* These are the lookup_info blocks for this driver */ ++ ++static lookup_info mysql_lookup_info = { ++ US"mysql", /* lookup name */ ++ lookup_querystyle, /* query-style lookup */ ++ mysql_open, /* open function */ ++ NULL, /* no check function */ ++ mysql_find, /* find function */ ++ NULL, /* no close function */ ++ mysql_tidy, /* tidy function */ ++ mysql_quote /* quoting function */ ++}; ++ ++#ifdef DYNLOOKUP ++#define mysql_lookup_module_info _lookup_module_info ++#endif ++ ++static lookup_info *_lookup_list[] = { &mysql_lookup_info }; ++lookup_module_info mysql_lookup_module_info = { LOOKUP_MODULE_INFO_MAGIC, _lookup_list, 1 }; + + /* End of lookups/mysql.c */ +diff --git a/src/lookups/mysql.h b/src/lookups/mysql.h +deleted file mode 100644 +index 05c65ce..0000000 +--- a/src/lookups/mysql.h ++++ /dev/null +@@ -1,18 +0,0 @@ +-/* $Cambridge: exim/exim-src/src/lookups/mysql.h,v 1.4 2007/01/08 10:50:19 ph10 Exp $ */ +- +-/************************************************* +-* Exim - an Internet mail transport agent * +-*************************************************/ +- +-/* Copyright (c) University of Cambridge 1995 - 2007 */ +-/* See the file NOTICE for conditions of use and distribution. */ +- +-/* Header for the mysql lookup functions */ +- +-extern void *mysql_open(uschar *, uschar **); +-extern int mysql_find(void *, uschar *, uschar *, int, uschar **, uschar **, +- BOOL *); +-extern void mysql_tidy(void); +-extern uschar *mysql_quote(uschar *, uschar *); +- +-/* End of lookups/mysql.h */ +diff --git a/src/lookups/nis.c b/src/lookups/nis.c +index 3728e20..e64523e 100644 +--- a/src/lookups/nis.c ++++ b/src/lookups/nis.c +@@ -9,19 +9,6 @@ + + #include "../exim.h" + #include "lf_functions.h" +-#include "nis.h" +- +-/* We can't just compile this code and allow the library mechanism to omit the +-functions if they are not wanted, because we need to have the NIS header +-available for compiling. Therefore, compile these functions only if LOOKUP_NIS +-is defined. However, some compilers don't like compiling empty modules, so keep +-them happy with a dummy when skipping the rest. Make it reference itself to +-stop picky compilers complaining that it is unused, and put in a dummy argument +-to stop even pickier compilers complaining about infinite loops. */ +- +-#ifndef LOOKUP_NIS +-static void dummy(int x) { dummy(x-1); } +-#else + + #include + +@@ -33,7 +20,7 @@ static void dummy(int x) { dummy(x-1); } + /* See local README for interface description. This serves for both + the "nis" and "nis0" lookup types. */ + +-void * ++static void * + nis_open(uschar *filename, uschar **errmsg) + { + char *nis_domain; +@@ -55,7 +42,7 @@ return nis_domain; + for nis0 because they are so short it isn't worth trying to use any common + code. */ + +-int ++static int + nis_find(void *handle, uschar *filename, uschar *keystring, int length, + uschar **result, uschar **errmsg, BOOL *do_cache) + { +@@ -81,7 +68,7 @@ return (rc == YPERR_KEY || rc == YPERR_MAP)? FAIL : DEFER; + + /* See local README for interface description. */ + +-int ++static int + nis0_find(void *handle, uschar *filename, uschar *keystring, int length, + uschar **result, uschar **errmsg, BOOL *do_cache) + { +@@ -99,6 +86,33 @@ if ((rc = yp_match(CS handle, CS filename, CS keystring, length + 1, + return (rc == YPERR_KEY || rc == YPERR_MAP)? FAIL : DEFER; + } + +-#endif /* LOOKUP_NIS */ ++static lookup_info nis_lookup_info = { ++ US"nis", /* lookup name */ ++ 0, /* not abs file, not query style*/ ++ nis_open, /* open function */ ++ NULL, /* check function */ ++ nis_find, /* find function */ ++ NULL, /* no close function */ ++ NULL, /* no tidy function */ ++ NULL /* no quoting function */ ++}; ++ ++static lookup_info nis0_lookup_info = { ++ US"nis0", /* lookup name */ ++ 0, /* not absfile, not query style */ ++ nis_open, /* sic */ /* open function */ ++ NULL, /* check function */ ++ nis0_find, /* find function */ ++ NULL, /* no close function */ ++ NULL, /* no tidy function */ ++ NULL /* no quoting function */ ++}; ++ ++#ifdef DYNLOOKUP ++#define nis_lookup_module_info _lookup_module_info ++#endif ++ ++static lookup_info *_lookup_list[] = { &nis_lookup_info, &nis0_lookup_info }; ++lookup_module_info nis_lookup_module_info = { LOOKUP_MODULE_INFO_MAGIC, _lookup_list, 2 }; + + /* End of lookups/nis.c */ +diff --git a/src/lookups/nis.h b/src/lookups/nis.h +deleted file mode 100644 +index b427a71..0000000 +--- a/src/lookups/nis.h ++++ /dev/null +@@ -1,18 +0,0 @@ +-/* $Cambridge: exim/exim-src/src/lookups/nis.h,v 1.4 2007/01/08 10:50:19 ph10 Exp $ */ +- +-/************************************************* +-* Exim - an Internet mail transport agent * +-*************************************************/ +- +-/* Copyright (c) University of Cambridge 1995 - 2007 */ +-/* See the file NOTICE for conditions of use and distribution. */ +- +-/* Header for the nis and nis0 lookups */ +- +-extern void *nis_open(uschar *, uschar **); +-extern int nis_find(void *, uschar *, uschar *, int, uschar **, uschar **, +- BOOL *); +-extern int nis0_find(void *, uschar *, uschar *, int, uschar **, uschar **, +- BOOL *); +- +-/* End of lookups/nis.h */ +diff --git a/src/lookups/nisplus.c b/src/lookups/nisplus.c +index cbf6187..68c122c 100644 +--- a/src/lookups/nisplus.c ++++ b/src/lookups/nisplus.c +@@ -9,21 +9,6 @@ + + #include "../exim.h" + #include "lf_functions.h" +-#include "nisplus.h" +- +-/* We can't just compile this code and allow the library mechanism to omit the +-functions if they are not wanted, because we need to have the NIS+ header +-available for compiling. Therefore, compile these functions only if +-LOOKUP_NISPLUS is defined. However, some compilers don't like compiling empty +-modules, so keep them happy with a dummy when skipping the rest. Make it +-reference itself to stop picky compilers complaining that it is unused, and put +-in a dummy argument to stop even pickier compilers complaining about infinite +-loops. */ +- +-#ifndef LOOKUP_NISPLUS +-static void dummy(int x) { dummy(x-1); } +-#else +- + + #include + +@@ -34,7 +19,7 @@ static void dummy(int x) { dummy(x-1); } + + /* See local README for interface description. */ + +-void * ++static void * + nisplus_open(uschar *filename, uschar **errmsg) + { + return (void *)(1); /* Just return something non-null */ +@@ -58,7 +43,7 @@ name tagged on the end after a colon. If there is no result-field name, the + yield is the concatenation of all the fields, preceded by their names and an + equals sign. */ + +-int ++static int + nisplus_find(void *handle, uschar *filename, uschar *query, int length, + uschar **result, uschar **errmsg, BOOL *do_cache) + { +@@ -250,7 +235,7 @@ Arguments: + Returns: the processed string or NULL for a bad option + */ + +-uschar * ++static uschar * + nisplus_quote(uschar *s, uschar *opt) + { + int count = 0; +@@ -274,6 +259,22 @@ while (*s != 0) + return quoted; + } + +-#endif /* LOOKUP_NISPLUS */ ++static lookup_info _lookup_info = { ++ US"nisplus", /* lookup name */ ++ lookup_querystyle, /* query-style lookup */ ++ nisplus_open, /* open function */ ++ NULL, /* check function */ ++ nisplus_find, /* find function */ ++ NULL, /* no close function */ ++ NULL, /* no tidy function */ ++ nisplus_quote /* quoting function */ ++}; ++ ++#ifdef DYNLOOKUP ++#define nisplus_lookup_module_info _lookup_module_info ++#endif ++ ++static lookup_info *_lookup_list[] = { &_lookup_info }; ++lookup_module_info nisplus_lookup_module_info = { LOOKUP_MODULE_INFO_MAGIC, _lookup_list, 1 }; + + /* End of lookups/nisplus.c */ +diff --git a/src/lookups/nisplus.h b/src/lookups/nisplus.h +deleted file mode 100644 +index 9c0f1cb..0000000 +--- a/src/lookups/nisplus.h ++++ /dev/null +@@ -1,17 +0,0 @@ +-/* $Cambridge: exim/exim-src/src/lookups/nisplus.h,v 1.4 2007/01/08 10:50:19 ph10 Exp $ */ +- +-/************************************************* +-* Exim - an Internet mail transport agent * +-*************************************************/ +- +-/* Copyright (c) University of Cambridge 1995 - 2007 */ +-/* See the file NOTICE for conditions of use and distribution. */ +- +-/* Header for the nisplus lookup */ +- +-extern void *nisplus_open(uschar *, uschar **); +-extern int nisplus_find(void *, uschar *, uschar *, int, uschar **, +- uschar **, BOOL *); +-extern uschar *nisplus_quote(uschar *, uschar *); +- +-/* End of lookups/nisplus.h */ +diff --git a/src/lookups/oracle.c b/src/lookups/oracle.c +index 7cb2163..f6eadac 100644 +--- a/src/lookups/oracle.c ++++ b/src/lookups/oracle.c +@@ -15,27 +15,12 @@ some comments from my position of Oracle ignorance. */ + #include "../exim.h" + + +-/* We can't just compile this code and allow the library mechanism to omit the +-functions if they are not wanted, because we need to have the ORACLE headers +-available for compiling. Therefore, compile these functions only if +-LOOKUP_ORACLE is defined. However, some compilers don't like compiling empty +-modules, so keep them happy with a dummy when skipping the rest. Make it +-reference itself to stop picky compilers complaining that it is unused, and put +-in a dummy argument to stop even pickier compilers complaining about infinite +-loops. */ +- +-#ifndef LOOKUP_ORACLE +-static void dummy(int x) { dummy(x-1); } +-#else +- + /* The Oracle system headers */ + + #include + #include + #include + +-#include "oracle.h" /* The local header */ +- + #define PARSE_NO_DEFER 0 /* parse straight away */ + #define PARSE_V7_LNG 2 + #define MAX_ITEM_BUFFER_SIZE 1024 /* largest size of a cell of data */ +@@ -212,7 +197,7 @@ return col; + + /* See local README for interface description. */ + +-void * ++static void * + oracle_open(uschar *filename, uschar **errmsg) + { + return (void *)(1); /* Just return something non-null */ +@@ -226,7 +211,7 @@ return (void *)(1); /* Just return something non-null */ + + /* See local README for interface description. */ + +-void ++static void + oracle_tidy(void) + { + oracle_connection *cn; +@@ -532,7 +517,7 @@ else + arguments are not used. Loop through a list of servers while the query is + deferred with a retryable error. */ + +-int ++static int + oracle_find(void *handle, uschar *filename, uschar *query, int length, + uschar **result, uschar **errmsg, BOOL *do_cache) + { +@@ -577,7 +562,7 @@ Arguments: + Returns: the processed string or NULL for a bad option + */ + +-uschar * ++static uschar * + oracle_quote(uschar *s, uschar *opt) + { + register int c; +@@ -619,6 +604,22 @@ while ((c = *s++) != 0) + return quoted; + } + +-#endif /* LOOKUP_ORACLE */ ++static lookup_info _lookup_info = { ++ US"oracle", /* lookup name */ ++ lookup_querystyle, /* query-style lookup */ ++ oracle_open, /* open function */ ++ NULL, /* check function */ ++ oracle_find, /* find function */ ++ NULL, /* no close function */ ++ oracle_tidy, /* tidy function */ ++ oracle_quote /* quoting function */ ++}; ++ ++#ifdef DYNLOOKUP ++#define oracle_lookup_module_info _lookup_module_info ++#endif ++ ++static lookup_info *_lookup_list[] = { &_lookup_info }; ++lookup_module_info oracle_lookup_module_info = { LOOKUP_MODULE_INFO_MAGIC, _lookup_list, 1 }; + + /* End of lookups/oracle.c */ +diff --git a/src/lookups/oracle.h b/src/lookups/oracle.h +deleted file mode 100644 +index ea87c3f..0000000 +--- a/src/lookups/oracle.h ++++ /dev/null +@@ -1,18 +0,0 @@ +-/* $Cambridge: exim/exim-src/src/lookups/oracle.h,v 1.4 2007/01/08 10:50:19 ph10 Exp $ */ +- +-/************************************************* +-* Exim - an Internet mail transport agent * +-*************************************************/ +- +-/* Copyright (c) University of Cambridge 1995 - 2007 */ +-/* See the file NOTICE for conditions of use and distribution. */ +- +-/* Header for the Oracle lookup functions */ +- +-extern void *oracle_open(uschar *, uschar **); +-extern int oracle_find(void *, uschar *, uschar *, int, uschar **, +- uschar **, BOOL *); +-extern void oracle_tidy(void); +-extern uschar *oracle_quote(uschar *, uschar *); +- +-/* End of lookups/oracle.h */ +diff --git a/src/lookups/passwd.c b/src/lookups/passwd.c +index 90f5348..6d64a63 100644 +--- a/src/lookups/passwd.c ++++ b/src/lookups/passwd.c +@@ -8,8 +8,6 @@ + /* See the file NOTICE for conditions of use and distribution. */ + + #include "../exim.h" +-#include "passwd.h" +- + + + /************************************************* +@@ -18,7 +16,7 @@ + + /* See local README for interface description */ + +-void * ++static void * + passwd_open(uschar *filename, uschar **errmsg) + { + filename = filename; /* Keep picky compilers happy */ +@@ -35,7 +33,7 @@ return (void *)(-1); /* Just return something non-null */ + + /* See local README for interface description */ + +-int ++static int + passwd_find(void *handle, uschar *filename, uschar *keystring, int length, + uschar **result, uschar **errmsg, BOOL *do_cache) + { +@@ -53,4 +51,22 @@ if (!route_finduser(keystring, &pw, NULL)) return FAIL; + return OK; + } + ++static lookup_info _lookup_info = { ++ US"passwd", /* lookup name */ ++ lookup_querystyle, /* query-style lookup */ ++ passwd_open, /* open function */ ++ NULL, /* no check function */ ++ passwd_find, /* find function */ ++ NULL, /* no close function */ ++ NULL, /* no tidy function */ ++ NULL /* no quoting function */ ++}; ++ ++#ifdef DYNLOOKUP ++#define passwd_lookup_module_info _lookup_module_info ++#endif ++ ++static lookup_info *_lookup_list[] = { &_lookup_info }; ++lookup_module_info passwd_lookup_module_info = { LOOKUP_MODULE_INFO_MAGIC, _lookup_list, 1 }; ++ + /* End of lookups/passwd.c */ +diff --git a/src/lookups/passwd.h b/src/lookups/passwd.h +deleted file mode 100644 +index 2350842..0000000 +--- a/src/lookups/passwd.h ++++ /dev/null +@@ -1,16 +0,0 @@ +-/* $Cambridge: exim/exim-src/src/lookups/passwd.h,v 1.4 2007/01/08 10:50:19 ph10 Exp $ */ +- +-/************************************************* +-* Exim - an Internet mail transport agent * +-*************************************************/ +- +-/* Copyright (c) University of Cambridge 1995 - 2007 */ +-/* See the file NOTICE for conditions of use and distribution. */ +- +-/* Header for the passwd lookup */ +- +-extern void *passwd_open(uschar *, uschar **); +-extern int passwd_find(void *, uschar *, uschar *, int, uschar **, uschar **, +- BOOL *); +- +-/* End of lookups/passwd.h */ +diff --git a/src/lookups/pgsql.c b/src/lookups/pgsql.c +index f53cca0..c39086e 100644 +--- a/src/lookups/pgsql.c ++++ b/src/lookups/pgsql.c +@@ -13,21 +13,6 @@ socket extension. */ + + #include "../exim.h" + #include "lf_functions.h" +-#include "pgsql.h" /* The local header */ +- +-/* We can't just compile this code and allow the library mechanism to omit the +-functions if they are not wanted, because we need to have the PGSQL header +-available for compiling. Therefore, compile these functions only if +-LOOKUP_PGSQL is defined. However, some compilers don't like compiling empty +-modules, so keep them happy with a dummy when skipping the rest. Make it +-reference itself to stop picky compilers complaining that it is unused, and put +-in a dummy argument to stop even pickier compilers complaining about infinite +-loops. */ +- +-#ifndef LOOKUP_PGSQL +-static void dummy(int x) { dummy(x-1); } +-#else +- + + #include /* The system header */ + +@@ -49,7 +34,7 @@ static pgsql_connection *pgsql_connections = NULL; + + /* See local README for interface description. */ + +-void * ++static void * + pgsql_open(uschar *filename, uschar **errmsg) + { + return (void *)(1); /* Just return something non-null */ +@@ -63,7 +48,7 @@ return (void *)(1); /* Just return something non-null */ + + /* See local README for interface description. */ + +-void ++static void + pgsql_tidy(void) + { + pgsql_connection *cn; +@@ -414,7 +399,7 @@ arguments are not used. The code to loop through a list of servers while the + query is deferred with a retryable error is now in a separate function that is + shared with other SQL lookups. */ + +-int ++static int + pgsql_find(void *handle, uschar *filename, uschar *query, int length, + uschar **result, uschar **errmsg, BOOL *do_cache) + { +@@ -454,7 +439,7 @@ Arguments: + Returns: the processed string or NULL for a bad option + */ + +-uschar * ++static uschar * + pgsql_quote(uschar *s, uschar *opt) + { + register int c; +@@ -501,6 +486,22 @@ while ((c = *s++) != 0) + return quoted; + } + +-#endif /* PGSQL_LOOKUP */ ++static lookup_info _lookup_info = { ++ US"pgsql", /* lookup name */ ++ lookup_querystyle, /* query-style lookup */ ++ pgsql_open, /* open function */ ++ NULL, /* no check function */ ++ pgsql_find, /* find function */ ++ NULL, /* no close function */ ++ pgsql_tidy, /* tidy function */ ++ pgsql_quote /* quoting function */ ++}; ++ ++#ifdef DYNLOOKUP ++#define pgsql_lookup_module_info _lookup_module_info ++#endif ++ ++static lookup_info *_lookup_list[] = { &_lookup_info }; ++lookup_module_info pgsql_lookup_module_info = { LOOKUP_MODULE_INFO_MAGIC, _lookup_list, 1 }; + + /* End of lookups/pgsql.c */ +diff --git a/src/lookups/pgsql.h b/src/lookups/pgsql.h +deleted file mode 100644 +index a4f0792..0000000 +--- a/src/lookups/pgsql.h ++++ /dev/null +@@ -1,18 +0,0 @@ +-/* $Cambridge: exim/exim-src/src/lookups/pgsql.h,v 1.4 2007/01/08 10:50:19 ph10 Exp $ */ +- +-/************************************************* +-* Exim - an Internet mail transport agent * +-*************************************************/ +- +-/* Copyright (c) University of Cambridge 1995 - 2007 */ +-/* See the file NOTICE for conditions of use and distribution. */ +- +-/* Header for the pgsql lookup functions */ +- +-extern void *pgsql_open(uschar *, uschar **); +-extern int pgsql_find(void *, uschar *, uschar *, int, uschar **, uschar **, +- BOOL *); +-extern void pgsql_tidy(void); +-extern uschar *pgsql_quote(uschar *, uschar *); +- +-/* End of lookups/pgsql.h */ +diff --git a/src/lookups/spf.c b/src/lookups/spf.c +index 9bd65c5..8b4d8e9 100644 +--- a/src/lookups/spf.c ++++ b/src/lookups/spf.c +@@ -24,7 +24,6 @@ static void dummy(int x) { dummy(x-1); } + #else + + #include "lf_functions.h" +-#include "spf.h" + #ifndef HAVE_NS_TYPE + #define HAVE_NS_TYPE + #endif +@@ -32,7 +31,7 @@ static void dummy(int x) { dummy(x-1); } + #include + #include + +-void *spf_open(uschar *filename, uschar **errmsg) { ++static void *spf_open(uschar *filename, uschar **errmsg) { + SPF_server_t *spf_server = NULL; + spf_server = SPF_server_new(SPF_DNS_CACHE, 0); + if (spf_server == NULL) { +@@ -42,13 +41,14 @@ void *spf_open(uschar *filename, uschar **errmsg) { + return (void *) spf_server; + } + +-void spf_close(void *handle) { ++static void spf_close(void *handle) { + SPF_server_t *spf_server = handle; + if (spf_server) SPF_server_free(spf_server); + } + +-int spf_find(void *handle, uschar *filename, uschar *keystring, int key_len, +- uschar **result, uschar **errmsg, BOOL *do_cache) { ++static int ++spf_find(void *handle, uschar *filename, uschar *keystring, int key_len, ++ uschar **result, uschar **errmsg, BOOL *do_cache) { + SPF_server_t *spf_server = handle; + SPF_request_t *spf_request = NULL; + SPF_response_t *spf_response = NULL; +@@ -75,4 +75,22 @@ int spf_find(void *handle, uschar *filename, uschar *keystring, int key_len, + return OK; + } + ++static lookup_info _lookup_info = { ++ US"spf", /* lookup name */ ++ 0, /* not absfile, not query style */ ++ spf_open, /* open function */ ++ NULL, /* no check function */ ++ spf_find, /* find function */ ++ spf_close, /* close function */ ++ NULL, /* no tidy function */ ++ NULL /* no quoting function */ ++}; ++ ++#ifdef DYNLOOKUP ++#define spf_lookup_module_info _lookup_module_info ++#endif ++ ++static lookup_info *_lookup_list[] = { &_lookup_info }; ++lookup_module_info spf_lookup_module_info = { LOOKUP_MODULE_INFO_MAGIC, _lookup_list, 1 }; ++ + #endif /* EXPERIMENTAL_SPF */ +diff --git a/src/lookups/spf.h b/src/lookups/spf.h +deleted file mode 100644 +index 5280f52..0000000 +--- a/src/lookups/spf.h ++++ /dev/null +@@ -1,26 +0,0 @@ +-/* $Cambridge: exim/exim-src/src/lookups/spf.h,v 1.1 2005/05/25 20:07:55 tom Exp $ */ +- +-/************************************************* +-* Exim - an Internet mail transport agent * +-*************************************************/ +- +-/* +- * Exim - SPF lookup module using libspf2 +- * ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +- * +- * Copyright (c) 2005 Chris Webb, Arachsys Internet Services Ltd +- * +- * This program is free software; you can redistribute it and/or +- * modify it under the terms of the GNU General Public License +- * as published by the Free Software Foundation; either version 2 +- * of the License, or (at your option) any later version. +- * +-*/ +- +- +- +-extern void *spf_open(uschar *, uschar **); +-extern void spf_close(void *); +-extern int spf_find(void *, uschar *, uschar *, int, uschar **, uschar **, +- BOOL *); +- +diff --git a/src/lookups/sqlite.c b/src/lookups/sqlite.c +index e4aa4ea..b5d4175 100644 +--- a/src/lookups/sqlite.c ++++ b/src/lookups/sqlite.c +@@ -9,11 +9,7 @@ + + #include "../exim.h" + #include "lf_functions.h" +-#include "sqlite.h" + +-#ifndef LOOKUP_SQLITE +-static void dummy(int x) { dummy(x-1); } +-#else + #include + + +@@ -23,7 +19,7 @@ static void dummy(int x) { dummy(x-1); } + + /* See local README for interface description. */ + +-void * ++static void * + sqlite_open(uschar *filename, uschar **errmsg) + { + sqlite3 *db = NULL; +@@ -85,7 +81,7 @@ return 0; + } + + +-int ++static int + sqlite_find(void *handle, uschar *filename, uschar *query, int length, + uschar **result, uschar **errmsg, BOOL *do_cache) + { +@@ -113,7 +109,7 @@ return OK; + + /* See local README for interface description. */ + +-void sqlite_close(void *handle) ++static void sqlite_close(void *handle) + { + sqlite3_close(handle); + } +@@ -134,7 +130,7 @@ Arguments: + Returns: the processed string or NULL for a bad option + */ + +-uschar * ++static uschar * + sqlite_quote(uschar *s, uschar *opt) + { + register int c; +@@ -159,6 +155,22 @@ while ((c = *s++) != 0) + return quoted; + } + +-#endif /* LOOKUP_SQLITE */ ++static lookup_info _lookup_info = { ++ US"sqlite", /* lookup name */ ++ lookup_absfilequery, /* query-style lookup, starts with file name */ ++ sqlite_open, /* open function */ ++ NULL, /* no check function */ ++ sqlite_find, /* find function */ ++ sqlite_close, /* close function */ ++ NULL, /* no tidy function */ ++ sqlite_quote /* quoting function */ ++}; ++ ++#ifdef DYNLOOKUP ++#define sqlite_lookup_module_info _lookup_module_info ++#endif ++ ++static lookup_info *_lookup_list[] = { &_lookup_info }; ++lookup_module_info sqlite_lookup_module_info = { LOOKUP_MODULE_INFO_MAGIC, _lookup_list, 1 }; + + /* End of lookups/sqlite.c */ +diff --git a/src/lookups/sqlite.h b/src/lookups/sqlite.h +deleted file mode 100644 +index 1f3b421..0000000 +--- a/src/lookups/sqlite.h ++++ /dev/null +@@ -1,18 +0,0 @@ +-/* $Cambridge: exim/exim-src/src/lookups/sqlite.h,v 1.3 2007/01/08 10:50:19 ph10 Exp $ */ +- +-/************************************************* +-* Exim - an Internet mail transport agent * +-*************************************************/ +- +-/* Copyright (c) University of Cambridge 1995 - 2007 */ +-/* See the file NOTICE for conditions of use and distribution. */ +- +-/* Header for the sqlite lookup */ +- +-extern void *sqlite_open(uschar *, uschar **); +-extern int sqlite_find(void *, uschar *, uschar *, int, uschar **, +- uschar **, BOOL *); +-extern void sqlite_close(void *); +-extern uschar *sqlite_quote(uschar *, uschar *); +- +-/* End of lookups/sqlite.h */ +diff --git a/src/lookups/testdb.c b/src/lookups/testdb.c +index c20275f..ca29a37 100644 +--- a/src/lookups/testdb.c ++++ b/src/lookups/testdb.c +@@ -9,8 +9,6 @@ + + #include "../exim.h" + #include "lf_functions.h" +-#include "testdb.h" +- + + /* These are not real lookup functions; they are just a way of testing the + rest of Exim by providing an easy way of specifying particular yields from +@@ -23,7 +21,7 @@ the find function. */ + + /* See local README for interface description. */ + +-void * ++static void * + testdb_open(uschar *filename, uschar **errmsg) + { + filename = filename; /* Keep picky compilers happy */ +@@ -39,7 +37,7 @@ return (void *)(1); /* Just return something non-null */ + + /* See local README for interface description. */ + +-int ++static int + testdb_find(void *handle, uschar *filename, uschar *query, int length, + uschar **result, uschar **errmsg, BOOL *do_cache) + { +@@ -66,4 +64,22 @@ if (Ustrcmp(query, "nocache") == 0) *do_cache = FALSE; + return OK; + } + ++static lookup_info _lookup_info = { ++ US"testdb", /* lookup name */ ++ lookup_querystyle, /* query-style lookup */ ++ testdb_open, /* open function */ ++ NULL, /* check function */ ++ testdb_find, /* find function */ ++ NULL, /* no close function */ ++ NULL, /* no tidy function */ ++ NULL /* no quoting function */ ++}; ++ ++#ifdef DYNLOOKUP ++#define testdb_lookup_module_info _lookup_module_info ++#endif ++ ++static lookup_info *_lookup_list[] = { &_lookup_info }; ++lookup_module_info testdb_lookup_module_info = { LOOKUP_MODULE_INFO_MAGIC, _lookup_list, 1 }; ++ + /* End of lookups/testdb.c */ +diff --git a/src/lookups/testdb.h b/src/lookups/testdb.h +deleted file mode 100644 +index 39c0e41..0000000 +--- a/src/lookups/testdb.h ++++ /dev/null +@@ -1,16 +0,0 @@ +-/* $Cambridge: exim/exim-src/src/lookups/testdb.h,v 1.4 2007/01/08 10:50:19 ph10 Exp $ */ +- +-/************************************************* +-* Exim - an Internet mail transport agent * +-*************************************************/ +- +-/* Copyright (c) University of Cambridge 1995 - 2007 */ +-/* See the file NOTICE for conditions of use and distribution. */ +- +-/* Header for the testdb lookup */ +- +-extern void *testdb_open(uschar *, uschar **); +-extern int testdb_find(void *, uschar *, uschar *, int, uschar **, uschar **, +- BOOL *); +- +-/* End of lookups/testdb.h */ +diff --git a/src/lookups/whoson.c b/src/lookups/whoson.c +index 298937c..6517f9d 100644 +--- a/src/lookups/whoson.c ++++ b/src/lookups/whoson.c +@@ -12,23 +12,7 @@ + #include "../exim.h" + + +-/* We can't just compile this code and allow the library mechanism to omit the +-functions if they are not wanted, because we need to have the WHOSON headers +-available for compiling. Therefore, compile these functions only if +-LOOKUP_WHOSON is defined. However, some compilers don't like compiling empty +-modules, so keep them happy with a dummy when skipping the rest. Make it +-reference itself to stop picky compilers complaining that it is unused, and put +-in a dummy argument to stop even pickier compilers complaining about infinite +-loops. */ +- +-#ifndef LOOKUP_WHOSON +-static void dummy(int x) { dummy(x-1); } +-#else +- +- + #include /* Public header */ +-#include "whoson.h" /* Local header */ +- + + /************************************************* + * Open entry point * +@@ -36,7 +20,7 @@ static void dummy(int x) { dummy(x-1); } + + /* See local README for interface description. */ + +-void * ++static void * + whoson_open(uschar *filename, uschar **errmsg) + { + filename = filename; /* Keep picky compilers happy */ +@@ -51,7 +35,7 @@ return (void *)(1); /* Just return something non-null */ + + /* See local README for interface description. */ + +-int ++static int + whoson_find(void *handle, uschar *filename, uschar *query, int length, + uschar **result, uschar **errmsg, BOOL *do_cache) + { +@@ -77,6 +61,22 @@ switch (wso_query(query, CS buffer, sizeof(buffer))) + } + } + +-#endif /* LOOKUP_WHOSON */ ++static lookup_info _lookup_info = { ++ US"whoson", /* lookup name */ ++ lookup_querystyle, /* query-style lookup */ ++ whoson_open, /* open function */ ++ NULL, /* check function */ ++ whoson_find, /* find function */ ++ NULL, /* no close function */ ++ NULL, /* no tidy function */ ++ NULL /* no quoting function */ ++}; ++ ++#ifdef DYNLOOKUP ++#define whoson_lookup_module_info _lookup_module_info ++#endif ++ ++static lookup_info *_lookup_list[] = { &_lookup_info }; ++lookup_module_info whoson_lookup_module_info = { LOOKUP_MODULE_INFO_MAGIC, _lookup_list, 1 }; + + /* End of lookups/whoson.c */ +diff --git a/src/lookups/whoson.h b/src/lookups/whoson.h +deleted file mode 100644 +index 3490383..0000000 +--- a/src/lookups/whoson.h ++++ /dev/null +@@ -1,16 +0,0 @@ +-/* $Cambridge: exim/exim-src/src/lookups/whoson.h,v 1.4 2007/01/08 10:50:19 ph10 Exp $ */ +- +-/************************************************* +-* Exim - an Internet mail transport agent * +-*************************************************/ +- +-/* Copyright (c) University of Cambridge 1995 - 2007 */ +-/* See the file NOTICE for conditions of use and distribution. */ +- +-/* Header for the whoson lookup */ +- +-extern void *whoson_open(uschar *, uschar **); +-extern int whoson_find(void *, uschar *, uschar *, int, uschar **, uschar **, +- BOOL *); +- +-/* End of lookups/whoson.h */ +diff --git a/src/macros.h b/src/macros.h +index 4ca353c..a70aa85 100644 +--- a/src/macros.h ++++ b/src/macros.h +@@ -96,7 +96,7 @@ don't make the file descriptors two-way. */ + + /* A macro to simplify testing bits in lookup types */ + +-#define mac_islookup(a,b) ((lookup_list[a].type & (b)) != 0) ++#define mac_islookup(a,b) ((lookup_list[a]->type & (b)) != 0) + + /* Debugging control */ + +diff --git a/src/search.c b/src/search.c +index 8181285..3510d33 100644 +--- a/src/search.c ++++ b/src/search.c +@@ -71,7 +71,7 @@ int top = lookup_list_count; + while (top > bot) + { + int mid = (top + bot)/2; +- int c = Ustrncmp(name, lookup_list[mid].name, len); ++ int c = Ustrncmp(name, lookup_list[mid]->name, len); + + /* If c == 0 we have matched the incoming name with the start of the search + type name. However, some search types are substrings of others (e.g. nis and +@@ -81,9 +81,9 @@ while (top > bot) + are testing. By leaving c == 0 when the lengths are different, and doing a + > 0 test below, this all falls out correctly. */ + +- if (c == 0 && Ustrlen(lookup_list[mid].name) == len) ++ if (c == 0 && Ustrlen(lookup_list[mid]->name) == len) + { +- if (lookup_list[mid].find != NULL) return mid; ++ if (lookup_list[mid]->find != NULL) return mid; + search_error_message = string_sprintf("lookup type \"%.*s\" is not " + "available (not in the binary - check buildtime LOOKUP configuration)", + len, name); +@@ -237,8 +237,8 @@ if (t->left != NULL) tidyup_subtree(t->left); + if (t->right != NULL) tidyup_subtree(t->right); + if (c != NULL && + c->handle != NULL && +- lookup_list[c->search_type].close != NULL) +- lookup_list[c->search_type].close(c->handle); ++ lookup_list[c->search_type]->close != NULL) ++ lookup_list[c->search_type]->close(c->handle); + } + + +@@ -270,7 +270,7 @@ open_filecount = 0; + /* Call the general tidyup entry for any drivers that have one. */ + + for (i = 0; i < lookup_list_count; i++) +- if (lookup_list[i].tidy != NULL) (lookup_list[i].tidy)(); ++ if (lookup_list[i]->tidy != NULL) (lookup_list[i]->tidy)(); + + if (search_reset_point != NULL) store_reset(search_reset_point); + search_reset_point = NULL; +@@ -335,7 +335,7 @@ search_open(uschar *filename, int search_type, int modemask, uid_t *owners, + void *handle; + tree_node *t; + search_cache *c; +-lookup_info *lk = lookup_list + search_type; ++lookup_info *lk = lookup_list[search_type]; + uschar keybuffer[256]; + int old_pool = store_pool; + +@@ -388,7 +388,7 @@ if (lk->type == lookup_absfile && open_filecount >= lookup_open_max) + ((search_cache *)(open_bot->data.ptr))->down = NULL; + else + open_top = NULL; +- ((lookup_list + c->search_type)->close)(c->handle); ++ ((lookup_list[c->search_type])->close)(c->handle); + c->handle = NULL; + open_filecount--; + } +@@ -480,7 +480,7 @@ search_find_defer = FALSE; + + DEBUG(D_lookup) debug_printf("internal_search_find: file=\"%s\"\n " + "type=%s key=\"%s\"\n", filename, +- lookup_list[search_type].name, keystring); ++ lookup_list[search_type]->name, keystring); + + /* Insurance. If the keystring is empty, just fail. */ + +@@ -511,7 +511,7 @@ if ((t = tree_search(c->item_cache, keystring)) == NULL) + like FAIL, except that search_find_defer is set so the caller can + distinguish if necessary. */ + +- if (lookup_list[search_type].find(c->handle, filename, keystring, keylength, ++ if (lookup_list[search_type]->find(c->handle, filename, keystring, keylength, + &data, &search_error_message, &do_cache) == DEFER) + { + search_find_defer = TRUE; +@@ -622,7 +622,7 @@ DEBUG(D_lookup) + that opens real files. */ + + if (open_top != (tree_node *)handle && +- lookup_list[t->name[0]-'0'].type == lookup_absfile) ++ lookup_list[t->name[0]-'0']->type == lookup_absfile) + { + search_cache *c = (search_cache *)(t->data.ptr); + tree_node *up = c->up; +diff --git a/src/structs.h b/src/structs.h +index 2000e04..915e100 100644 +--- a/src/structs.h ++++ b/src/structs.h +@@ -322,34 +322,7 @@ typedef struct router_info { + + /* Structure for holding information about a lookup type. */ + +-typedef struct lookup_info { +- uschar *name; /* e.g. "lsearch" */ +- int type; /* query/singlekey/abs-file */ +- void *(*open)( /* open function */ +- uschar *, /* file name for those that have one */ +- uschar **); /* for error message */ +- BOOL (*check)( /* file checking function */ +- void *, /* handle */ +- uschar *, /* file name */ +- int, /* modemask for file checking */ +- uid_t *, /* owners for file checking */ +- gid_t *, /* owngroups for file checking */ +- uschar **); /* for error messages */ +- int (*find)( /* find function */ +- void *, /* handle */ +- uschar *, /* file name or NULL */ +- uschar *, /* key or query */ +- int, /* length of key or query */ +- uschar **, /* for returning answer */ +- uschar **, /* for error message */ +- BOOL *); /* to request cache cleanup */ +- void (*close)( /* close function */ +- void *); /* handle */ +- void (*tidy)(void); /* tidy function */ +- uschar *(*quote)( /* quoting function */ +- uschar *, /* string to quote */ +- uschar *); /* additional data from quote name */ +-} lookup_info; ++#include "lookupapi.h" + + + /* Structure for holding information about the configured authentication +diff --git a/src/verify.c b/src/verify.c +index fcbcd04..95bcc73 100644 +--- a/src/verify.c ++++ b/src/verify.c +@@ -2219,7 +2219,7 @@ if (iplookup) + } + else /* Single-key style */ + { +- int sep = (Ustrcmp(lookup_list[search_type].name, "iplsearch") == 0)? ++ int sep = (Ustrcmp(lookup_list[search_type]->name, "iplsearch") == 0)? + ':' : '.'; + insize = host_aton(cb->host_address, incoming); + host_mask(insize, incoming, mlen); diff --git a/exim.spec b/exim.spec index cdfe79b..cb4d94b 100644 --- a/exim.spec +++ b/exim.spec @@ -12,7 +12,7 @@ Summary: The exim mail transfer agent Name: exim Version: 4.69 -Release: 4%{?dist} +Release: 5%{?dist} License: GPLv2+ Url: http://www.exim.org/ Group: System Environment/Daemons @@ -51,6 +51,8 @@ Patch20: exim-4.63-allow-filter.patch Patch21: exim-4.63-localhost-is-local.patch Patch22: exim-4.66-greylist-conf.patch Patch23: exim-4.67-smarthost-config.patch +Patch24: exim-4.69-dynlookup.patch +Patch25: exim-4.69-dynlookup-config.patch Requires: /etc/aliases Requires: perl(:MODULE_COMPAT_%(eval "`%{__perl} -V:version`"; echo $version)) @@ -70,10 +72,23 @@ routed, and there are extensive facilities for checking incoming mail. Exim can be installed in place of sendmail, although the configuration of exim is quite different to that of sendmail. +%package mysql +Summary: MySQL lookup support for Exim +Group: System Environment/Daemons + +%description mysql +This package contains the MySQL lookup module for Exim + +%package pgsql +Summary: PostgreSQL lookup support for Exim +Group: System Environment/Daemons + +%description pgsql +This package contains the PostgreSQL lookup module for Exim + %package mon -Summary: X11 monitor application for exim +Summary: X11 monitor application for Exim Group: Applications/System -License: GPL %description mon The Exim Monitor is an optional supplement to the Exim package. It @@ -146,8 +161,6 @@ greylisting unconditional. %if 0%{?buildsa} %setup -q -T -D -a 13 %endif -cp src/EDITME Local/Makefile -cp exim_monitor/EDITME Local/eximon.conf %patch4 -p1 -b .rhl %patch6 -p1 -b .config @@ -163,13 +176,21 @@ cp exim_monitor/EDITME Local/eximon.conf %patch21 -p1 -b .localhost %patch22 -p1 -b .grey %patch23 -p1 -b .smarthost +%patch24 -p1 -b .dynlookup +%patch25 -p1 -b .dynconfig + +cp src/EDITME Local/Makefile +sed -i 's@^# LOOKUP_MODULE_DIR=.*@LOOKUP_MODULE_DIR=%{_libdir}/exim/%{version}-%{release}/lookups@' Local/Makefile +cp exim_monitor/EDITME Local/eximon.conf + %build %ifnarch s390 s390x sparc sparcv9 sparcv9v sparc64 sparc64v - make CFLAGS="$RPM_OPT_FLAGS -fpie" LFLAGS=-pie _lib=%{_lib} + PIE=-fpie %else - make CFLAGS="$RPM_OPT_FLAGS -fPIE" LFLAGS=-pie _lib=%{_lib} + PIE=-fPIE %endif +make CFLAGS="$RPM_OPT_FLAGS $PIE" LFLAGS=-pie _lib=%{_lib} FULLECHO= %if 0%{?buildsa} # build sa-exim @@ -198,6 +219,13 @@ do install -m 0755 $i $RPM_BUILD_ROOT%{_sbindir} done +mkdir -p $RPM_BUILD_ROOT%{_libdir}/exim/%{version}-%{release}/lookups +for i in mysql.so pgsql.so +do + install -m755 lookups/$i \ + $RPM_BUILD_ROOT%{_libdir}/exim/%{version}-%{release}/lookups +done + cd .. install -m 0644 src/configure.default $RPM_BUILD_ROOT%{_sysconfdir}/exim/exim.conf @@ -382,6 +410,7 @@ fi %{_bindir}/newaliases.exim /usr/lib/sendmail.exim %{_mandir}/*/* +%dir %{_libdir}/exim/%{version}-%{release}/lookups %defattr(-,exim,exim) %dir %{_var}/spool/exim @@ -406,6 +435,12 @@ fi %attr(0600,root,root) %ghost %config(missingok,noreplace) %verify(not md5 size mtime) /etc/pki/tls/certs/exim.pem %attr(0600,root,root) %ghost %config(missingok,noreplace) %verify(not md5 size mtime) /etc/pki/tls/private/exim.pem +%files mysql +%{_libdir}/exim/%{version}-%{release}/lookups/mysql.so + +%files pgsql +%{_libdir}/exim/%{version}-%{release}/lookups/pgsql.so + %files mon %defattr(-,root,root) %{_sbindir}/eximon @@ -448,10 +483,13 @@ test "$1" = 0 || %{_initrddir}/clamd.exim condrestart >/dev/null || : %{_sysconfdir}/cron.daily/greylist-tidy.sh %changelog -* Tue Mar 18 2008 Tom "spot" Callaway 4.59-4 +* Sat Apr 19 2008 David Woodhouse 4.69-5 +- Add dynamic lookup patch, split into subpackages (#199256) + +* Tue Mar 18 2008 Tom "spot" Callaway 4.69-4 - add Requires for versioned perl (libperl.so) -* Mon Mar 17 2008 David Woodhouse 4.59-3 +* Mon Mar 17 2008 David Woodhouse 4.69-3 - Rebuild for new perl * Mon Feb 04 2008 Dennis Gilmore 4.69-2 From 5bf75c4a15a7af0fd6a334c560612260804e75f7 Mon Sep 17 00:00:00 2001 From: David Woodhouse Date: Wed, 13 Aug 2008 13:29:53 +0000 Subject: [PATCH 069/194] fix largefile support --- exim-4.50-config.patch | 2 +- exim.spec | 12 ++++++++---- 2 files changed, 9 insertions(+), 5 deletions(-) diff --git a/exim-4.50-config.patch b/exim-4.50-config.patch index cf92b75..558f6f4 100644 --- a/exim-4.50-config.patch +++ b/exim-4.50-config.patch @@ -244,7 +244,7 @@ -# CFLAGS=-O -I/usr/local/include -# EXTRALIBS_EXIM=-L/usr/local/lib -lwrap +USE_TCP_WRAPPERS=yes -+CFLAGS=-g -O ++CFLAGS += $(RPM_OPT_FLAGS) $(PIE) +EXTRALIBS_EXIM=-lwrap -lpam -ldl # # but of course there may need to be other things in CFLAGS and EXTRALIBS_EXIM diff --git a/exim.spec b/exim.spec index cb4d94b..b27cf3e 100644 --- a/exim.spec +++ b/exim.spec @@ -12,7 +12,7 @@ Summary: The exim mail transfer agent Name: exim Version: 4.69 -Release: 5%{?dist} +Release: 6%{?dist} License: GPLv2+ Url: http://www.exim.org/ Group: System Environment/Daemons @@ -186,11 +186,11 @@ cp exim_monitor/EDITME Local/eximon.conf %build %ifnarch s390 s390x sparc sparcv9 sparcv9v sparc64 sparc64v - PIE=-fpie + export PIE=-fpie %else - PIE=-fPIE + export PIE=-fPIE %endif -make CFLAGS="$RPM_OPT_FLAGS $PIE" LFLAGS=-pie _lib=%{_lib} FULLECHO= +make LFLAGS=-pie _lib=%{_lib} FULLECHO= %if 0%{?buildsa} # build sa-exim @@ -483,6 +483,10 @@ test "$1" = 0 || %{_initrddir}/clamd.exim condrestart >/dev/null || : %{_sysconfdir}/cron.daily/greylist-tidy.sh %changelog +* Wed Aug 13 2008 David Woodhouse 4.69-6 +- Add $RPM_OPT_FLAGS in config instead of overriding on make command line. + (to fix the setting of largefile options which we were killing) + * Sat Apr 19 2008 David Woodhouse 4.69-5 - Add dynamic lookup patch, split into subpackages (#199256) From be4f17c9bed637533ee589de2eb665df65862d9f Mon Sep 17 00:00:00 2001 From: David Woodhouse Date: Wed, 13 Aug 2008 14:36:02 +0000 Subject: [PATCH 070/194] no fuzz --- exim-4.43-pamconfig.patch | 23 +- exim-4.50-config.patch | 82 +- exim-4.50-spamdconf.patch | 18 +- exim-4.52-dynamic-pcre.patch | 45 +- exim-4.62-dlopen-localscan.patch | 81 +- exim-4.69-dynlookup-config.patch | 8 +- exim-4.69-dynlookup.patch | 2278 +++++++++++++++--------------- exim-rhl.patch | 9 +- exim.spec | 7 +- 9 files changed, 1239 insertions(+), 1312 deletions(-) diff --git a/exim-4.43-pamconfig.patch b/exim-4.43-pamconfig.patch index 08d4c78..3c76bd8 100644 --- a/exim-4.43-pamconfig.patch +++ b/exim-4.43-pamconfig.patch @@ -1,6 +1,7 @@ ---- exim-4.43/src/configure.default.pam 2004-12-16 13:27:55.000000000 +0000 -+++ exim-4.43/src/configure.default 2004-12-16 15:41:34.000000000 +0000 -@@ -160,7 +160,7 @@ acl_smtp_data = acl_check_data +diff -uNr exim-4.69-new/src/configure.default exim-4.69/src/configure.default +--- exim-4.69-new/src/configure.default 2008-08-13 15:15:01.000000000 +0100 ++++ exim-4.69/src/configure.default 2008-08-13 15:16:44.000000000 +0100 +@@ -140,7 +140,7 @@ # Allow any client to use TLS. @@ -9,7 +10,7 @@ # Specify the location of the Exim server's TLS certificate and private key. # The private key must not be encrypted (password protected). You can put -@@ -168,8 +168,8 @@ acl_smtp_data = acl_check_data +@@ -148,8 +148,8 @@ # need the first setting, or in separate files, in which case you need both # options. @@ -20,7 +21,7 @@ # In order to support roaming users who wish to send email from anywhere, # you may want to make Exim listen on other ports as well as port 25, in -@@ -180,8 +180,8 @@ acl_smtp_data = acl_check_data +@@ -160,8 +160,8 @@ # them you should also allow TLS-on-connect on the traditional but # non-standard port 465. @@ -31,9 +32,9 @@ # Specify the domain you want to be added to all unqualified addresses -@@ -238,6 +238,24 @@ +@@ -219,6 +219,24 @@ - timeout_frozen_after = 7d + host_lookup = * +# This setting, if uncommented, allows users to authenticate using +# their system passwords against saslauthd if they connect over a @@ -54,9 +55,9 @@ +# +auth_advertise_hosts = - - ###################################################################### -@@ -850,7 +837,7 @@ begin authenticators + # The settings below, which are actually the same as the defaults in the + # code, cause Exim to make RFC 1413 (ident) callbacks for all incoming SMTP +@@ -756,7 +774,7 @@ # driver = plaintext # server_set_id = $auth2 # server_prompts = : @@ -65,7 +66,7 @@ # server_advertise_condition = ${if def:tls_cipher } # LOGIN authentication has traditional prompts and responses. There is no -@@ -862,7 +849,7 @@ begin authenticators +@@ -768,7 +786,7 @@ # driver = plaintext # server_set_id = $auth1 # server_prompts = <| Username: | Password: diff --git a/exim-4.50-config.patch b/exim-4.50-config.patch index 558f6f4..ef39e17 100644 --- a/exim-4.50-config.patch +++ b/exim-4.50-config.patch @@ -1,5 +1,18 @@ ---- exim-4.50/src/EDITME 2005-02-22 19:12:14.000000000 +0000 -+++ exim-4.50/src/EDITME 2005-02-22 19:15:10.000000000 +0000 +diff -uNr exim-4.69.orig/scripts/Configure-Makefile exim-4.69/scripts/Configure-Makefile +--- exim-4.69.orig/scripts/Configure-Makefile 2005-09-19 15:42:31.000000000 +0100 ++++ exim-4.69/scripts/Configure-Makefile 2008-08-13 14:44:59.000000000 +0100 +@@ -131,7 +131,7 @@ + + mv $mft $mftt + echo "PERL_CC=`$PERL_COMMAND -MConfig -e 'print $Config{cc}'`" >>$mft +- echo "PERL_CCOPTS=`$PERL_COMMAND -MExtUtils::Embed -e ccopts`" >>$mft ++ echo "PERL_CCOPTS=`$PERL_COMMAND -MExtUtils::Embed -e ccopts` \$(CFLAGS)" >>$mft + echo "PERL_LIBS=`$PERL_COMMAND -MExtUtils::Embed -e ldopts`" >>$mft + echo "" >>$mft + cat $mftt >> $mft +diff -uNr exim-4.69.orig/src/EDITME exim-4.69/src/EDITME +--- exim-4.69.orig/src/EDITME 2007-01-22 16:29:54.000000000 +0000 ++++ exim-4.69/src/EDITME 2008-08-13 14:44:59.000000000 +0100 @@ -100,7 +100,7 @@ # /usr/local/sbin. The installation script will try to create this directory, # and any superior directories, if they do not exist. @@ -36,7 +49,7 @@ # Many sites define a user called "exim", with an appropriate default group, # and use -@@ -229,7 +229,7 @@ +@@ -235,7 +235,7 @@ # This one is special-purpose, and commonly not required, so it is not # included by default. @@ -45,7 +58,7 @@ #------------------------------------------------------------------------------ -@@ -238,9 +238,9 @@ +@@ -244,9 +244,9 @@ # MBX, is included only when requested. If you do not know what this is about, # leave these settings commented out. @@ -58,7 +71,7 @@ #------------------------------------------------------------------------------ -@@ -255,17 +255,20 @@ +@@ -261,25 +261,28 @@ LOOKUP_DBM=yes LOOKUP_LSEARCH=yes @@ -70,26 +83,26 @@ +LOOKUP_DSEARCH=yes # LOOKUP_IBASE=yes -# LOOKUP_LDAP=yes +-# LOOKUP_MYSQL=yes +-# LOOKUP_NIS=yes +-# LOOKUP_NISPLUS=yes +LOOKUP_LDAP=yes +LDAP_LIB_TYPE=OPENLDAP2 +LOOKUP_INCLUDE=-I/usr/include/mysql +LOOKUP_LIBS=-lldap -llber -lsqlite3 -L/usr/$(_lib)/mysql -lmysqlclient -lpq --# LOOKUP_MYSQL=yes +LOOKUP_MYSQL=yes --# LOOKUP_NIS=yes --# LOOKUP_NISPLUS=yes +LOOKUP_NIS=yes +LOOKUP_NISPLUS=yes # LOOKUP_ORACLE=yes -# LOOKUP_PASSWD=yes -+LOOKUP_PASSWD=yes -# LOOKUP_PGSQL=yes -+LOOKUP_PGSQL=yes -# LOOKUP_SQLITE=yes ++LOOKUP_PASSWD=yes ++LOOKUP_PGSQL=yes +LOOKUP_SQLITE=yes # LOOKUP_WHOSON=yes -@@ -272,7 +274,7 @@ + # These two settings are obsolete; all three lookups are compiled when # LOOKUP_LSEARCH is enabled. However, we retain these for backward # compatibility. Setting one forces LOOKUP_LSEARCH if it is not set. @@ -98,7 +111,7 @@ # LOOKUP_NWILDLSEARCH=yes -@@ -321,14 +323,14 @@ +@@ -330,14 +333,14 @@ # and the MIME ACL. Please read the documentation to learn more about these # features. @@ -115,7 +128,7 @@ #------------------------------------------------------------------------------ # Compiling Exim with experimental features. These are documented in -@@ -464,11 +466,11 @@ +@@ -473,11 +476,11 @@ # included in the Exim binary. You will then need to set up the run time # configuration to make use of the mechanism(s) selected. @@ -132,7 +145,7 @@ #------------------------------------------------------------------------------ -@@ -484,7 +486,7 @@ +@@ -494,7 +497,7 @@ # one that is set in the headers_charset option. The default setting is # defined by this setting: @@ -141,7 +154,7 @@ # If you are going to make use of $header_xxx expansions in your configuration # file, or if your users are going to use them in filter files, and the normal -@@ -504,7 +506,7 @@ +@@ -514,7 +517,7 @@ # the Sieve filter support. For those OS where iconv() is known to be installed # as standard, the file in OS/Makefile-xxxx contains # @@ -150,7 +163,7 @@ # # If you are not using one of those systems, but have installed iconv(), you # need to uncomment that line above. In some cases, you may find that iconv() -@@ -553,10 +555,11 @@ +@@ -576,10 +579,11 @@ # leave these settings commented out. # This setting is required for any TLS support (either OpenSSL or GnuTLS) @@ -164,7 +177,7 @@ # Uncomment these settings if you are using GnuTLS # USE_GNUTLS=yes -@@ -607,7 +610,7 @@ +@@ -630,7 +634,7 @@ # Once you have done this, "make install" will build the info files and # install them in the directory you have defined. @@ -173,7 +186,7 @@ #------------------------------------------------------------------------------ -@@ -620,7 +623,7 @@ +@@ -643,7 +647,7 @@ # %s. This will be replaced by one of the strings "main", "panic", or "reject" # to form the final file names. Some installations may want something like this: @@ -182,7 +195,7 @@ # which results in files with names /var/log/exim_mainlog, etc. The directory # in which the log files are placed must exist; Exim does not try to create -@@ -669,7 +672,7 @@ +@@ -692,7 +696,7 @@ # files. Both the name of the command and the suffix that it adds to files # need to be defined here. See also the EXICYCLOG_MAX configuration. @@ -191,7 +204,7 @@ COMPRESS_SUFFIX=gz -@@ -677,7 +680,7 @@ +@@ -700,7 +704,7 @@ # If the exigrep utility is fed compressed log files, it tries to uncompress # them using this command. @@ -200,7 +213,7 @@ #------------------------------------------------------------------------------ -@@ -686,7 +689,7 @@ +@@ -709,7 +713,7 @@ # (version 5.004 or later) installed, set EXIM_PERL to perl.o. Using embedded # Perl costs quite a lot of resources. Only do this if you really need it. @@ -209,7 +222,7 @@ #------------------------------------------------------------------------------ -@@ -691,7 +696,7 @@ EXIM_PERL=perl.o +@@ -719,7 +723,7 @@ # that the local_scan API is made available by the linker. You may also need # to add -ldl to EXTRALIBS so that dlopen() is available to Exim. @@ -218,7 +231,7 @@ #------------------------------------------------------------------------------ -@@ -696,7 +699,7 @@ +@@ -729,7 +733,7 @@ # support, which is intended for use in conjunction with the SMTP AUTH # facilities, is included only when requested by the following setting: @@ -227,7 +240,7 @@ # You probably need to add -lpam to EXTRALIBS, and in some releases of # GNU/Linux -ldl is also needed. -@@ -757,7 +760,7 @@ +@@ -797,7 +801,7 @@ # group. Once you have installed saslauthd, you should arrange for it to be # started by root at boot time. @@ -236,7 +249,7 @@ #------------------------------------------------------------------------------ -@@ -770,9 +773,9 @@ +@@ -810,9 +814,9 @@ # You may well also have to specify a local "include" file and an additional # library for TCP wrappers, so you probably need something like this: # @@ -244,12 +257,12 @@ -# CFLAGS=-O -I/usr/local/include -# EXTRALIBS_EXIM=-L/usr/local/lib -lwrap +USE_TCP_WRAPPERS=yes -+CFLAGS += $(RPM_OPT_FLAGS) $(PIE) ++CFLAGS+=$(RPM_OPT_FLAGS) $(PIE) +EXTRALIBS_EXIM=-lwrap -lpam -ldl # # but of course there may need to be other things in CFLAGS and EXTRALIBS_EXIM # as well. -@@ -817,13 +820,13 @@ +@@ -857,13 +861,13 @@ # is "yes", as well as supporting line editing, a history of input lines in the # current run is maintained. @@ -265,7 +278,7 @@ ############################################################################### # THINGS YOU ALMOST NEVER NEED TO MENTION # -@@ -844,11 +847,12 @@ +@@ -884,11 +888,12 @@ # haven't got Perl, Exim will still build and run; you just won't be able to # use those utilities. @@ -283,7 +296,7 @@ #------------------------------------------------------------------------------ -@@ -1042,7 +1046,7 @@ +@@ -1082,7 +1087,7 @@ # (process id) to a file so that it can easily be identified. The path of the # file can be specified here. Some installations may want something like this: @@ -292,14 +305,3 @@ # If PID_FILE_PATH is not defined, Exim writes a file in its spool directory # using the name "exim-daemon.pid". ---- exim-4.50/scripts/Configure-Makefile.conf 2005-02-17 14:49:11.000000000 +0000 -+++ exim-4.50/scripts/Configure-Makefile 2005-02-22 19:12:21.000000000 +0000 -@@ -131,7 +131,7 @@ - - mv $mft $mftt - echo "PERL_CC=`$PERL_COMMAND -MConfig -e 'print $Config{cc}'`" >>$mft -- echo "PERL_CCOPTS=`$PERL_COMMAND -MExtUtils::Embed -e ccopts`" >>$mft -+ echo "PERL_CCOPTS=`$PERL_COMMAND -MExtUtils::Embed -e ccopts` \$(CFLAGS)" >>$mft - echo "PERL_LIBS=`$PERL_COMMAND -MExtUtils::Embed -e ldopts`" >>$mft - echo "" >>$mft - cat $mftt >> $mft diff --git a/exim-4.50-spamdconf.patch b/exim-4.50-spamdconf.patch index 36fe304..98cafdd 100644 --- a/exim-4.50-spamdconf.patch +++ b/exim-4.50-spamdconf.patch @@ -1,14 +1,15 @@ ---- exim-4.50/src/configure.default.orig 2005-02-22 19:49:15.000000000 +0000 -+++ exim-4.50/src/configure.default 2005-02-22 19:46:55.000000000 +0000 -@@ -108,6 +108,7 @@ +diff -uNr exim-4.69-old/src/configure.default exim-4.69/src/configure.default +--- exim-4.69-old/src/configure.default 2008-08-13 15:20:18.000000000 +0100 ++++ exim-4.69/src/configure.default 2008-08-13 15:20:36.000000000 +0100 +@@ -107,6 +107,7 @@ acl_smtp_rcpt = acl_check_rcpt acl_smtp_data = acl_check_data +acl_smtp_mime = acl_check_mime - # You should not change that setting until you understand how ACLs work. + # You should not change those settings until you understand how ACLs work. -@@ -120,7 +120,7 @@ acl_smtp_mime = acl_check_mime +@@ -119,7 +120,7 @@ # of what to set for other virus scanners. The second modification is in the # acl_check_data access control list (see below). @@ -17,7 +18,7 @@ # For spam scanning, there is a similar option that defines the interface to -@@ -365,7 +365,8 @@ acl_check_rcpt: +@@ -380,7 +381,8 @@ accept local_parts = postmaster domains = +local_domains @@ -27,7 +28,7 @@ require verify = sender -@@ -455,26 +456,62 @@ acl_check_rcpt: +@@ -470,27 +472,63 @@ acl_check_data: @@ -86,7 +87,7 @@ accept -+ + +acl_check_mime: + + # File extension filtering. @@ -97,6 +98,7 @@ + {1}{0}} + + accept ++ ###################################################################### # ROUTERS CONFIGURATION # diff --git a/exim-4.52-dynamic-pcre.patch b/exim-4.52-dynamic-pcre.patch index c2ca9d3..5de73da 100644 --- a/exim-4.52-dynamic-pcre.patch +++ b/exim-4.52-dynamic-pcre.patch @@ -1,6 +1,19 @@ ---- exim-4.52/OS/Makefile-Base.pcre 2005-07-01 12:09:15.000000000 +0100 -+++ exim-4.52/OS/Makefile-Base 2005-08-25 14:28:19.000000000 +0100 -@@ -96,14 +96,14 @@ config.h: Makefile buildconfig ../src/co +diff -uNr exim-4.69-old/exim_monitor/em_hdr.h exim-4.69/exim_monitor/em_hdr.h +--- exim-4.69-old/exim_monitor/em_hdr.h 2007-01-08 10:50:17.000000000 +0000 ++++ exim-4.69/exim_monitor/em_hdr.h 2008-08-13 15:22:37.000000000 +0100 +@@ -87,7 +87,7 @@ + + /* Regular expression include */ + +-#include "pcre/pcre.h" ++#include + + /* Includes from the main source of Exim. We need to have MAXPACKET defined for + the benefit of structs.h. One of these days I should tidy up this interface so +diff -uNr exim-4.69-old/OS/Makefile-Base exim-4.69/OS/Makefile-Base +--- exim-4.69-old/OS/Makefile-Base 2007-11-12 13:02:19.000000000 +0000 ++++ exim-4.69/OS/Makefile-Base 2008-08-13 15:22:37.000000000 +0100 +@@ -96,14 +96,14 @@ # therefore always be run, even if the files exist. This shouldn't in fact be a # problem, but it does no harm. Other make programs will just ignore this. @@ -17,7 +30,7 @@ exigrep eximstats exipick exiqgrep exiqsumm \ transport-filter.pl convert4r3 convert4r4 \ exim_checkaccess \ -@@ -314,7 +314,7 @@ OBJ_EXIM = acl.o child.o crypt16.o daemo +@@ -314,7 +314,7 @@ local_scan.o $(EXIM_PERL) $(OBJ_WITH_CONTENT_SCAN) \ $(OBJ_WITH_OLD_DEMIME) $(OBJ_EXPERIMENTAL) @@ -26,7 +39,7 @@ routers/routers.a transports/transports.a \ $(OBJ_EXIM) version.c @echo " " -@@ -325,7 +325,7 @@ exim: pcre/libpcre.a lookups/lookups.a +@@ -325,7 +325,7 @@ rm -f exim @echo "$(LNCC) -o exim" $(FE)$(PURIFY) $(LNCC) -o exim $(LFLAGS) $(OBJ_EXIM) version.o \ @@ -35,7 +48,7 @@ routers/routers.a transports/transports.a lookups/lookups.a \ auths/auths.a \ $(LIBRESOLV) $(LIBS) $(LIBS_EXIM) $(IPV6_LIBS) $(EXTRALIBS) \ -@@ -429,14 +429,14 @@ MONBIN = em_StripChart.o $(EXIMON_TEXTPO +@@ -429,14 +429,14 @@ OBJ_MONBIN = util-spool_in.o util-store.o util-string.o tod.o tree.o $(MONBIN) @@ -52,9 +65,10 @@ $(LIBS) $(LIBS_EXIMON) $(EXTRALIBS) $(EXTRALIBS_EXIMON) -lc @if [ x"$(STRIP_COMMAND)" != x"" ]; then \ echo $(STRIP_COMMAND) eximon.bin; \ ---- exim-4.52/src/exim.h.pcre 2005-07-01 12:09:15.000000000 +0100 -+++ exim-4.52/src/exim.h 2005-08-25 14:26:40.000000000 +0100 -@@ -414,7 +414,7 @@ extern int ferror(FILE *); +diff -uNr exim-4.69-old/src/exim.h exim-4.69/src/exim.h +--- exim-4.69-old/src/exim.h 2007-09-28 13:21:57.000000000 +0100 ++++ exim-4.69/src/exim.h 2008-08-13 15:22:37.000000000 +0100 +@@ -422,7 +422,7 @@ /* The header from the PCRE regex package */ @@ -62,15 +76,4 @@ +#include /* Exim includes are in several files. Note that local_scan.h #includes - mytypes.h and store.h, so we don't need to mention them explicitly. */ ---- exim-4.52/exim_monitor/em_hdr.h.pcre 2005-07-01 12:09:15.000000000 +0100 -+++ exim-4.52/exim_monitor/em_hdr.h 2005-08-25 14:26:40.000000000 +0100 -@@ -87,7 +87,7 @@ anything. */ - - /* Regular expression include */ - --#include "pcre/pcre.h" -+#include - - /* Includes from the main source of Exim. We need to have MAXPACKET defined for - the benefit of structs.h. One of these days I should tidy up this interface so + config.h, mytypes.h, and store.h, so we don't need to mention them explicitly. diff --git a/exim-4.62-dlopen-localscan.patch b/exim-4.62-dlopen-localscan.patch index 03010eb..7a7c9d2 100644 --- a/exim-4.62-dlopen-localscan.patch +++ b/exim-4.62-dlopen-localscan.patch @@ -1,18 +1,19 @@ -The initial version of this patch was originally posted David Woodhouse, and -dman gets the credit for first integrating it with SA-Exim. - -I have since then maintained it by first making a few minor changes, and -later switching it to a major/minor number scheme to support upgrades in -the exim API that don't affect backward compatibility (you can rely on -a feature denoted by the minor number and be compatible with future versions -of exim until Philip has to break the API and increase the major number) - -Marc MERLIN - -diff -urN exim-4.14-0/src/EDITME exim-4.14-1/src/EDITME ---- exim-4.14-0/src/EDITME Tue Mar 11 04:20:18 2003 -+++ exim-4.14-1/src/EDITME Sun Mar 23 15:34:15 2003 -@@ -388,6 +388,20 @@ +diff -uNr exim-4.69-old/src/config.h.defaults exim-4.69/src/config.h.defaults +--- exim-4.69-old/src/config.h.defaults 2007-09-28 13:21:57.000000000 +0100 ++++ exim-4.69/src/config.h.defaults 2008-08-13 15:25:31.000000000 +0100 +@@ -27,6 +27,8 @@ + + #define AUTH_VARS 3 + ++#define DLOPEN_LOCAL_SCAN ++ + #define BIN_DIRECTORY + + #define CONFIGURE_FILE +diff -uNr exim-4.69-old/src/EDITME exim-4.69/src/EDITME +--- exim-4.69-old/src/EDITME 2008-08-13 15:25:05.000000000 +0100 ++++ exim-4.69/src/EDITME 2008-08-13 15:25:31.000000000 +0100 +@@ -619,6 +619,20 @@ #------------------------------------------------------------------------------ @@ -33,22 +34,10 @@ diff -urN exim-4.14-0/src/EDITME exim-4.14-1/src/EDITME # The default distribution of Exim contains only the plain text form of the # documentation. Other forms are available separately. If you want to install # the documentation in "info" format, first fetch the Texinfo documentation -diff -urNad 50_localscan_dlopen.tmp/src/config.h.defaults 50_localscan_dlopen/src/config.h.defaults ---- 50_localscan_dlopen.tmp/src/config.h.defaults Sun Dec 29 11:55:42 2002 -+++ 50_localscan_dlopen/src/config.h.defaults Sun Dec 29 11:56:44 2002 -@@ -17,6 +17,8 @@ - #define AUTH_PLAINTEXT - #define AUTH_SPA - -+#define DLOPEN_LOCAL_SCAN -+ - #define BIN_DIRECTORY - - #define CONFIGURE_FILE -diff -urN exim-4.14-0/src/globals.c exim-4.14-1/src/globals.c ---- exim-4.14-0/src/globals.c Tue Mar 11 04:20:20 2003 -+++ exim-4.14-1/src/globals.c Sun Mar 23 15:34:15 2003 -@@ -103,6 +103,9 @@ +diff -uNr exim-4.69-old/src/globals.c exim-4.69/src/globals.c +--- exim-4.69-old/src/globals.c 2007-09-28 13:21:57.000000000 +0100 ++++ exim-4.69/src/globals.c 2008-08-13 15:25:31.000000000 +0100 +@@ -128,6 +128,9 @@ uschar *tls_verify_hosts = NULL; #endif @@ -58,10 +47,10 @@ diff -urN exim-4.14-0/src/globals.c exim-4.14-1/src/globals.c /* Input-reading functions for messages, so we can use special ones for incoming TCP/IP. The defaults use stdin. We never need these for any -diff -urN exim-4.14-0/src/globals.h exim-4.14-1/src/globals.h ---- exim-4.14-0/src/globals.h Tue Mar 11 04:20:20 2003 -+++ exim-4.14-1/src/globals.h Sun Mar 23 15:34:15 2003 -@@ -67,6 +67,9 @@ +diff -uNr exim-4.69-old/src/globals.h exim-4.69/src/globals.h +--- exim-4.69-old/src/globals.h 2007-09-28 13:21:57.000000000 +0100 ++++ exim-4.69/src/globals.h 2008-08-13 15:25:31.000000000 +0100 +@@ -88,6 +88,9 @@ extern uschar *tls_verify_hosts; /* Mandatory client verification */ #endif @@ -71,11 +60,11 @@ diff -urN exim-4.14-0/src/globals.h exim-4.14-1/src/globals.h /* Input-reading functions for messages, so we can use special ones for incoming TCP/IP. */ -diff -urN exim-4.14-0/src/local_scan.c exim-4.14-1/src/local_scan.c ---- exim-4.14-0/src/local_scan.c Tue Mar 11 04:20:20 2003 -+++ exim-4.14-1/src/local_scan.c Sun Mar 23 15:34:15 2003 -@@ -5,60 +5,131 @@ - /* Copyright (c) University of Cambridge 1995 - 2003 */ +diff -uNr exim-4.69-old/src/local_scan.c exim-4.69/src/local_scan.c +--- exim-4.69-old/src/local_scan.c 2007-01-08 10:50:18.000000000 +0000 ++++ exim-4.69/src/local_scan.c 2008-08-13 15:25:31.000000000 +0100 +@@ -7,60 +7,131 @@ + /* Copyright (c) University of Cambridge 1995 - 2007 */ /* See the file NOTICE for conditions of use and distribution. */ +#include "exim.h" @@ -249,14 +238,14 @@ diff -urN exim-4.14-0/src/local_scan.c exim-4.14-1/src/local_scan.c + +return TRUE; } -+ -+#endif /* DLOPEN_LOCAL_SCAN */ ++#endif /* DLOPEN_LOCAL_SCAN */ ++ /* End of local_scan.c */ -diff -urN exim-4.14-0/src/readconf.c exim-4.14-1/src/readconf.c ---- exim-4.14-0/src/readconf.c Tue Mar 11 04:20:22 2003 -+++ exim-4.14-1/src/readconf.c Sun Mar 23 15:34:15 2003 -@@ -182,6 +182,9 @@ +diff -uNr exim-4.69-old/src/readconf.c exim-4.69/src/readconf.c +--- exim-4.69-old/src/readconf.c 2007-08-23 12:01:49.000000000 +0100 ++++ exim-4.69/src/readconf.c 2008-08-13 15:25:31.000000000 +0100 +@@ -257,6 +257,9 @@ { "local_from_prefix", opt_stringptr, &local_from_prefix }, { "local_from_suffix", opt_stringptr, &local_from_suffix }, { "local_interfaces", opt_stringptr, &local_interfaces }, diff --git a/exim-4.69-dynlookup-config.patch b/exim-4.69-dynlookup-config.patch index dc02ee7..0792b89 100644 --- a/exim-4.69-dynlookup-config.patch +++ b/exim-4.69-dynlookup-config.patch @@ -1,7 +1,6 @@ -diff -u exim-4.69/src/EDITME exim-4.69/src/EDITME ---- exim-4.69/src/EDITME 2008-04-19 23:48:03.000000000 +0100 -+++ exim-4.69/src/EDITME 2008-04-19 23:54:46.000000000 +0100 -@@ -282,15 +282,17 @@ +--- exim-4.69/src/EDITME.orig 2008-08-13 15:30:05.000000000 +0100 ++++ exim-4.69/src/EDITME 2008-08-13 15:30:56.000000000 +0100 +@@ -282,14 +282,16 @@ # LOOKUP_IBASE=yes LOOKUP_LDAP=yes LDAP_LIB_TYPE=OPENLDAP2 @@ -22,4 +21,3 @@ diff -u exim-4.69/src/EDITME exim-4.69/src/EDITME LOOKUP_SQLITE=yes # LOOKUP_WHOSON=yes - # These two settings are obsolete; all three lookups are compiled when diff --git a/exim-4.69-dynlookup.patch b/exim-4.69-dynlookup.patch index 002a8c8..e3cd669 100644 --- a/exim-4.69-dynlookup.patch +++ b/exim-4.69-dynlookup.patch @@ -1,8 +1,7 @@ -diff --git a/Makefile b/Makefile -index 08d023b..9878b23 100644 ---- a/Makefile -+++ b/Makefile -@@ -77,11 +77,11 @@ clean:; @echo ""; echo '*** "make clean" just removes all .o and .a files' +diff -uNr exim-4.69-old/Makefile exim-4.69/Makefile +--- exim-4.69-old/Makefile 2005-09-12 14:55:54.000000000 +0100 ++++ exim-4.69/Makefile 2008-08-13 15:30:05.000000000 +0100 +@@ -80,11 +80,11 @@ cd build-$(buildname); \ $(RM_COMMAND) -f *.o lookups/*.o lookups/*.a auths/*.o auths/*.a \ routers/*.o routers/*.a transports/*.o transports/*.a \ @@ -16,11 +15,10 @@ index 08d023b..9878b23 100644 distclean:; $(RM_COMMAND) -rf build-* -diff --git a/OS/Makefile-Base b/OS/Makefile-Base -index a2648e5..14b0867 100644 ---- a/OS/Makefile-Base -+++ b/OS/Makefile-Base -@@ -311,6 +311,7 @@ OBJ_EXIM = acl.o child.o crypt16.o daemon.o dbfn.o debug.o deliver.o \ +diff -uNr exim-4.69-old/OS/Makefile-Base exim-4.69/OS/Makefile-Base +--- exim-4.69-old/OS/Makefile-Base 2008-08-13 15:29:21.000000000 +0100 ++++ exim-4.69/OS/Makefile-Base 2008-08-13 15:30:05.000000000 +0100 +@@ -311,6 +311,7 @@ rda.o readconf.o receive.o retry.o rewrite.o rfc2047.o \ route.o search.o sieve.o smtp_in.o smtp_out.o spool_in.o spool_out.o \ store.o string.o tls.o tod.o transport.o tree.o verify.o \ @@ -28,11 +26,10 @@ index a2648e5..14b0867 100644 local_scan.o $(EXIM_PERL) $(OBJ_WITH_CONTENT_SCAN) \ $(OBJ_WITH_OLD_DEMIME) $(OBJ_EXPERIMENTAL) -diff --git a/scripts/Configure-Makefile b/scripts/Configure-Makefile -index 01fd316..9cd6d60 100755 ---- a/scripts/Configure-Makefile -+++ b/scripts/Configure-Makefile -@@ -107,7 +107,7 @@ do if test -r ../$f +diff -uNr exim-4.69-old/scripts/Configure-Makefile exim-4.69/scripts/Configure-Makefile +--- exim-4.69-old/scripts/Configure-Makefile 2008-08-13 15:29:21.000000000 +0100 ++++ exim-4.69/scripts/Configure-Makefile 2008-08-13 15:30:05.000000000 +0100 +@@ -107,7 +107,7 @@ echo "# End of $f" echo "" fi @@ -41,11 +38,10 @@ index 01fd316..9cd6d60 100755 # See if there is a definition of EXIM_PERL in what we have built so far. # If so, run Perl to find the default values for PERL_CC, PERL_CCOPTS, -diff --git a/scripts/MakeLinks b/scripts/MakeLinks -index 257652c..f3daee2 100755 ---- a/scripts/MakeLinks -+++ b/scripts/MakeLinks -@@ -204,6 +204,7 @@ ln -s ../src/mytypes.h mytypes.h +diff -uNr exim-4.69-old/scripts/MakeLinks exim-4.69/scripts/MakeLinks +--- exim-4.69-old/scripts/MakeLinks 2007-09-28 13:21:57.000000000 +0100 ++++ exim-4.69/scripts/MakeLinks 2008-08-13 15:30:05.000000000 +0100 +@@ -204,6 +204,7 @@ ln -s ../src/osfunctions.h osfunctions.h ln -s ../src/store.h store.h ln -s ../src/structs.h structs.h @@ -53,44 +49,10 @@ index 257652c..f3daee2 100755 ln -s ../src/acl.c acl.c ln -s ../src/buildconfig.c buildconfig.c -diff --git a/src/EDITME b/src/EDITME -index 1438a38..cb2f7f7 100644 ---- a/src/EDITME -+++ b/src/EDITME -@@ -248,6 +248,9 @@ TRANSPORT_SMTP=yes - # SUPPORT_MAILSTORE=yes - # SUPPORT_MBX=yes - -+#------------------------------------------------------------------------------ -+# See below for dynamic lookup modules. -+# LOOKUP_MODULE_DIR=/usr/lib/exim/lookups/ - - #------------------------------------------------------------------------------ - # These settings determine which file and database lookup methods are included -@@ -257,6 +260,18 @@ TRANSPORT_SMTP=yes - # LOOKUP_DNSDB does *not* refer to general mail routing using the DNS. It is - # for the specialist case of using the DNS as a general database facility (not - # common). -+# If set to "2" instead of "yes" then the corresponding lookup will be -+# built as a module and must be installed into LOOKUP_MODULE_DIR. You need to -+# add -export-dynamic -rdynamic to EXTRALIBS. You may also need to add -ldl to -+# EXTRALIBS so that dlopen() is available to Exim. You need to define -+# LOOKUP_MODULE_DIR above so the exim binary actually loads dynamic lookup -+# modules. -+# Also, instead of adding all the libraries/includes to LOOKUP_INCLUDE and -+# LOOKUP_LIBS, add them to the respective LOOKUP_*_INCLUDE and LOOKUP_*_LIBS -+# (where * is the name as given here in this list). That ensures that only -+# the dynamic library and not the exim binary will be linked against the -+# library. -+# NOTE: LDAP cannot be built as a module! - - LOOKUP_DBM=yes - LOOKUP_LSEARCH=yes -diff --git a/src/config.h.defaults b/src/config.h.defaults -index ccf2696..bd271bf 100644 ---- a/src/config.h.defaults -+++ b/src/config.h.defaults -@@ -90,6 +90,8 @@ it's a default value. */ +diff -uNr exim-4.69-old/src/config.h.defaults exim-4.69/src/config.h.defaults +--- exim-4.69-old/src/config.h.defaults 2008-08-13 15:29:21.000000000 +0100 ++++ exim-4.69/src/config.h.defaults 2008-08-13 15:30:05.000000000 +0100 +@@ -92,6 +92,8 @@ #define LOOKUP_WILDLSEARCH #define LOOKUP_NWILDLSEARCH @@ -99,10 +61,9 @@ index ccf2696..bd271bf 100644 #define MAX_FILTER_SIZE (1024*1024) #define MAX_LOCALHOST_NUMBER 256 #define MAX_INCLUDE_SIZE (1024*1024) -diff --git a/src/drtables.c b/src/drtables.c -index 426933c..dc4e15f 100644 ---- a/src/drtables.c -+++ b/src/drtables.c +diff -uNr exim-4.69-old/src/drtables.c exim-4.69/src/drtables.c +--- exim-4.69-old/src/drtables.c 2007-09-28 13:21:57.000000000 +0100 ++++ exim-4.69/src/drtables.c 2008-08-13 15:30:05.000000000 +0100 @@ -10,6 +10,8 @@ #include "exim.h" @@ -112,7 +73,7 @@ index 426933c..dc4e15f 100644 /* This module contains tables that define the lookup methods and drivers that are actually included in the binary. Its contents are controlled by -@@ -31,535 +33,8 @@ even pickier compilers complaining about infinite loops. */ +@@ -31,535 +33,8 @@ static void dummy(int x) { dummy(x-1); } @@ -650,7 +611,7 @@ index 426933c..dc4e15f 100644 /* Table of information about all possible authentication mechamisms. All entries are always present if any mechanism is declared, but the functions are -@@ -887,4 +362,226 @@ transport_info transports_available[] = { +@@ -887,4 +362,226 @@ { US"", NULL, NULL, NULL, 0, NULL, NULL, NULL, NULL, FALSE } }; @@ -877,11 +838,42 @@ index 426933c..dc4e15f 100644 +} + /* End of drtables.c */ -diff --git a/src/exim.c b/src/exim.c -index 3509b1d..abf59b9 100644 ---- a/src/exim.c -+++ b/src/exim.c -@@ -928,53 +928,53 @@ fprintf(f, "Support for:"); +diff -uNr exim-4.69-old/src/EDITME exim-4.69/src/EDITME +--- exim-4.69-old/src/EDITME 2008-08-13 15:29:21.000000000 +0100 ++++ exim-4.69/src/EDITME 2008-08-13 15:30:05.000000000 +0100 +@@ -248,6 +248,9 @@ + SUPPORT_MAILSTORE=yes + SUPPORT_MBX=yes + ++#------------------------------------------------------------------------------ ++# See below for dynamic lookup modules. ++# LOOKUP_MODULE_DIR=/usr/lib/exim/lookups/ + + #------------------------------------------------------------------------------ + # These settings determine which file and database lookup methods are included +@@ -257,6 +260,18 @@ + # LOOKUP_DNSDB does *not* refer to general mail routing using the DNS. It is + # for the specialist case of using the DNS as a general database facility (not + # common). ++# If set to "2" instead of "yes" then the corresponding lookup will be ++# built as a module and must be installed into LOOKUP_MODULE_DIR. You need to ++# add -export-dynamic -rdynamic to EXTRALIBS. You may also need to add -ldl to ++# EXTRALIBS so that dlopen() is available to Exim. You need to define ++# LOOKUP_MODULE_DIR above so the exim binary actually loads dynamic lookup ++# modules. ++# Also, instead of adding all the libraries/includes to LOOKUP_INCLUDE and ++# LOOKUP_LIBS, add them to the respective LOOKUP_*_INCLUDE and LOOKUP_*_LIBS ++# (where * is the name as given here in this list). That ensures that only ++# the dynamic library and not the exim binary will be linked against the ++# library. ++# NOTE: LDAP cannot be built as a module! + + LOOKUP_DBM=yes + LOOKUP_LSEARCH=yes +diff -uNr exim-4.69-old/src/exim.c exim-4.69/src/exim.c +--- exim-4.69-old/src/exim.c 2007-09-28 13:21:57.000000000 +0100 ++++ exim-4.69/src/exim.c 2008-08-13 15:30:05.000000000 +0100 +@@ -925,53 +925,53 @@ #endif fprintf(f, "\n"); @@ -952,7 +944,7 @@ index 3509b1d..abf59b9 100644 fprintf(f, " whoson"); #endif fprintf(f, "\n"); -@@ -3427,6 +3427,9 @@ if (opt_perl_at_start && opt_perl_startup != NULL) +@@ -3424,6 +3424,9 @@ } #endif /* EXIM_PERL */ @@ -962,11 +954,10 @@ index 3509b1d..abf59b9 100644 /* Log the arguments of the call if the configuration file said so. This is a debugging feature for finding out what arguments certain MUAs actually use. Don't attempt it if logging is disabled, or if listing variables or if -diff --git a/src/expand.c b/src/expand.c -index 0844e8e..dc98145 100644 ---- a/src/expand.c -+++ b/src/expand.c -@@ -5378,8 +5378,8 @@ while (*s != 0) +diff -uNr exim-4.69-old/src/expand.c exim-4.69/src/expand.c +--- exim-4.69-old/src/expand.c 2007-10-04 14:23:05.000000000 +0100 ++++ exim-4.69/src/expand.c 2008-08-13 15:30:05.000000000 +0100 +@@ -5373,8 +5373,8 @@ goto EXPAND_FAILED; } @@ -977,11 +968,10 @@ index 0844e8e..dc98145 100644 else if (opt != NULL) sub = NULL; if (sub == NULL) -diff --git a/src/globals.h b/src/globals.h -index 9b25958..7d20140 100644 ---- a/src/globals.h -+++ b/src/globals.h -@@ -438,7 +438,7 @@ extern BOOL log_testing_mode; /* TRUE in various testing modes */ +diff -uNr exim-4.69-old/src/globals.h exim-4.69/src/globals.h +--- exim-4.69-old/src/globals.h 2008-08-13 15:29:21.000000000 +0100 ++++ exim-4.69/src/globals.h 2008-08-13 15:30:05.000000000 +0100 +@@ -432,7 +432,7 @@ extern BOOL log_timezone; /* TRUE to include the timezone in log lines */ extern unsigned int log_write_selector;/* Bit map of logging options for log_write() */ extern uschar *login_sender_address; /* The actual sender address */ @@ -990,11 +980,9 @@ index 9b25958..7d20140 100644 extern int lookup_list_count; /* Number of entries in the list */ extern int lookup_open_max; /* Max lookup files to cache */ extern uschar *lookup_value; /* Value looked up from file */ -diff --git a/src/lookupapi.h b/src/lookupapi.h -new file mode 100644 -index 0000000..4dab4c9 ---- /dev/null -+++ b/src/lookupapi.h +diff -uNr exim-4.69-old/src/lookupapi.h exim-4.69/src/lookupapi.h +--- exim-4.69-old/src/lookupapi.h 1970-01-01 01:00:00.000000000 +0100 ++++ exim-4.69/src/lookupapi.h 2008-08-13 15:30:05.000000000 +0100 @@ -0,0 +1,45 @@ +/* The "type" field in each item is a set of bit flags: + @@ -1041,24 +1029,915 @@ index 0000000..4dab4c9 + lookup_info **lookups; + uint lookupcount; +} lookup_module_info; -diff --git a/src/lookups/Makefile b/src/lookups/Makefile -index 75b78d2..e8c9bbd 100644 ---- a/src/lookups/Makefile -+++ b/src/lookups/Makefile +diff -uNr exim-4.69-old/src/lookups/cdb.c exim-4.69/src/lookups/cdb.c +--- exim-4.69-old/src/lookups/cdb.c 2005-06-27 15:29:44.000000000 +0100 ++++ exim-4.69/src/lookups/cdb.c 2008-08-13 15:30:05.000000000 +0100 +@@ -56,7 +56,6 @@ + + #include "../exim.h" + #include "lf_functions.h" +-#include "cdb.h" + + #ifdef HAVE_MMAP + # include +@@ -144,7 +143,9 @@ + return num; + } + +-void * ++static void cdb_close(void *handle); ++ ++static void * + cdb_open(uschar *filename, + uschar **errmsg) + { +@@ -245,7 +246,7 @@ + * Check entry point * + *************************************************/ + +-BOOL ++static BOOL + cdb_check(void *handle, + uschar *filename, + int modemask, +@@ -270,7 +271,7 @@ + * Find entry point * + *************************************************/ + +-int ++static int + cdb_find(void *handle, + uschar *filename, + uschar *keystring, +@@ -418,7 +419,7 @@ + + /* See local README for interface description */ + +-void ++static void + cdb_close(void *handle) + { + struct cdb_state * cdbp = handle; +@@ -434,4 +435,22 @@ + (void)close(cdbp->fileno); + } + ++lookup_info cdb_lookup_info = { ++ US"cdb", /* lookup name */ ++ lookup_absfile, /* uses absolute file name */ ++ cdb_open, /* open function */ ++ cdb_check, /* check function */ ++ cdb_find, /* find function */ ++ cdb_close, /* close function */ ++ NULL, /* no tidy function */ ++ NULL /* no quoting function */ ++}; ++ ++#ifdef DYNLOOKUP ++#define cdb_lookup_module_info _lookup_module_info ++#endif ++ ++static lookup_info *_lookup_list[] = { &cdb_lookup_info }; ++lookup_module_info cdb_lookup_module_info = { LOOKUP_MODULE_INFO_MAGIC, _lookup_list, 1 }; ++ + /* End of lookups/cdb.c */ +diff -uNr exim-4.69-old/src/lookups/cdb.h exim-4.69/src/lookups/cdb.h +--- exim-4.69-old/src/lookups/cdb.h 2004-10-07 14:10:01.000000000 +0100 ++++ exim-4.69/src/lookups/cdb.h 1970-01-01 01:00:00.000000000 +0100 +@@ -1,59 +0,0 @@ +-/* $Cambridge: exim/exim-src/src/lookups/cdb.h,v 1.1 2004/10/07 13:10:01 ph10 Exp $ */ +- +-/************************************************* +-* Exim - an Internet mail transport agent * +-*************************************************/ +- +-/* +- * $Id: cdb.h,v 1.2.2.1 1998/05/29 16:21:36 cvs Exp $ +- * +- * Exim - CDB database lookup module +- * ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +- * +- * Copyright (c) 1998 Nigel Metheringham, Planet Online Ltd +- * +- * This program is free software; you can redistribute it and/or +- * modify it under the terms of the GNU General Public License +- * as published by the Free Software Foundation; either version 2 +- * of the License, or (at your option) any later version. +- * +- * This program is distributed in the hope that it will be useful, +- * but WITHOUT ANY WARRANTY; without even the implied warranty of +- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +- * GNU General Public License for more details. +- * +- * You should have received a copy of the GNU General Public License +- * along with this program; if not, write to the Free Software +- * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA +- * 02111-1307, USA. +- * +- * +- * This code implements Dan Bernstein's Constant DataBase (cdb) spec. +- * Information, the spec and sample code for cdb can be obtained from +- * http://www.pobox.com/~djb/cdb.html +- * +- * This implementation borrows some code from Dan Bernstein's +- * implementation (which has no license restrictions applied to it). +- * This (read-only) implementation is completely contained within +- * cdb.[ch] it does *not* link against an external cdb library. +- * +- * +- * There are 2 varients included within this code. One uses MMAP and +- * should give better performance especially for multiple lookups on a +- * modern machine. The other is the default implementation which is +- * used in the case where the MMAP fails or if MMAP was not compiled +- * in. this implementation is the same as the original reference cdb +- * implementation. +- * +- */ +- +- +-/* Functions for reading exim cdb files */ +- +-extern void *cdb_open(uschar *, uschar **); +-extern BOOL cdb_check(void *, uschar *, int, uid_t *, gid_t *, uschar **); +-extern int cdb_find(void *, uschar *, uschar *, int, uschar **, uschar **, +- BOOL *); +-extern void cdb_close(void *); +- +-/* End of cdb.h */ +diff -uNr exim-4.69-old/src/lookups/dbmdb.c exim-4.69/src/lookups/dbmdb.c +--- exim-4.69-old/src/lookups/dbmdb.c 2007-01-08 10:50:19.000000000 +0000 ++++ exim-4.69/src/lookups/dbmdb.c 2008-08-13 15:30:05.000000000 +0100 +@@ -9,7 +9,6 @@ + + #include "../exim.h" + #include "lf_functions.h" +-#include "dbmdb.h" + + + /************************************************* +@@ -18,7 +17,7 @@ + + /* See local README for interface description */ + +-void * ++static void * + dbmdb_open(uschar *filename, uschar **errmsg) + { + EXIM_DB *yield; +@@ -45,7 +44,7 @@ + the same. Otherwise, for safety, we have to check for x.db or x.dir and x.pag. + */ + +-BOOL ++static BOOL + dbmdb_check(void *handle, uschar *filename, int modemask, uid_t *owners, + gid_t *owngroups, uschar **errmsg) + { +@@ -88,7 +87,7 @@ + /* See local README for interface description. This function adds 1 to + the keylength in order to include the terminating zero. */ + +-int ++static int + dbmdb_find(void *handle, uschar *filename, uschar *keystring, int length, + uschar **result, uschar **errmsg, BOOL *do_cache) + { +@@ -121,7 +120,7 @@ + + /* See local README for interface description */ + +-int ++static int + dbmnz_find(void *handle, uschar *filename, uschar *keystring, int length, + uschar **result, uschar **errmsg, BOOL *do_cache) + { +@@ -137,10 +136,39 @@ + + /* See local README for interface description */ + +-void ++static void + dbmdb_close(void *handle) + { + EXIM_DBCLOSE((EXIM_DB *)handle); + } + ++lookup_info dbm_lookup_info = { ++ US"dbm", /* lookup name */ ++ lookup_absfile, /* uses absolute file name */ ++ dbmdb_open, /* open function */ ++ dbmdb_check, /* check function */ ++ dbmdb_find, /* find function */ ++ dbmdb_close, /* close function */ ++ NULL, /* no tidy function */ ++ NULL /* no quoting function */ ++}; ++ ++lookup_info dbmz_lookup_info = { ++ US"dbmnz", /* lookup name */ ++ lookup_absfile, /* uses absolute file name */ ++ dbmdb_open, /* sic */ /* open function */ ++ dbmdb_check, /* sic */ /* check function */ ++ dbmnz_find, /* find function */ ++ dbmdb_close, /* sic */ /* close function */ ++ NULL, /* no tidy function */ ++ NULL /* no quoting function */ ++}; ++ ++#ifdef DYNLOOKUP ++#define dbmdb_lookup_module_info _lookup_module_info ++#endif ++ ++static lookup_info *_lookup_list[] = { &dbm_lookup_info, &dbmz_lookup_info }; ++lookup_module_info dbmdb_lookup_module_info = { LOOKUP_MODULE_INFO_MAGIC, _lookup_list, 2 }; ++ + /* End of lookups/dbmdb.c */ +diff -uNr exim-4.69-old/src/lookups/dbmdb.h exim-4.69/src/lookups/dbmdb.h +--- exim-4.69-old/src/lookups/dbmdb.h 2007-01-08 10:50:19.000000000 +0000 ++++ exim-4.69/src/lookups/dbmdb.h 1970-01-01 01:00:00.000000000 +0100 +@@ -1,21 +0,0 @@ +-/* $Cambridge: exim/exim-src/src/lookups/dbmdb.h,v 1.4 2007/01/08 10:50:19 ph10 Exp $ */ +- +-/************************************************* +-* Exim - an Internet mail transport agent * +-*************************************************/ +- +-/* Copyright (c) University of Cambridge 1995 - 2007 */ +-/* See the file NOTICE for conditions of use and distribution. */ +- +-/* Header for the dbm lookup. Use dbmdb in the code to avoid name +-clashes with external library names. */ +- +-extern void *dbmdb_open(uschar *, uschar **); +-extern BOOL dbmdb_check(void *, uschar *, int, uid_t *, gid_t *, uschar **); +-extern int dbmdb_find(void *, uschar *, uschar *, int, uschar **, uschar **, +- BOOL *); +-extern int dbmnz_find(void *, uschar *, uschar *, int, uschar **, uschar **, +- BOOL *); +-extern void dbmdb_close(void *); +- +-/* End of lookups/dbmdb.h */ +diff -uNr exim-4.69-old/src/lookups/dkim.c exim-4.69/src/lookups/dkim.c +--- exim-4.69-old/src/lookups/dkim.c 2007-09-28 13:21:57.000000000 +0100 ++++ exim-4.69/src/lookups/dkim.c 2008-08-13 15:30:05.000000000 +0100 +@@ -8,7 +8,6 @@ + /* See the file NOTICE for conditions of use and distribution. */ + + #include "../exim.h" +-#include "dkim.h" + + + +@@ -18,7 +17,7 @@ + + /* See local README for interface description */ + +-void * ++static void * + dkim_open(uschar *filename, uschar **errmsg) + { + filename = filename; /* Keep picky compilers happy */ +@@ -35,7 +34,7 @@ + + /* See local README for interface description */ + +-int ++static int + dkim_find(void *handle, uschar *filename, uschar *keystring, int length, + uschar **result, uschar **errmsg, BOOL *do_cache) + { +@@ -49,4 +48,22 @@ + #endif + } + ++lookup_info cdb_lookup_info = { ++ US"dkim", /* lookup name */ ++ lookup_querystyle, /* query style */ ++ dkim_open, /* open function */ ++ NULL, /* check function */ ++ dkim_find, /* find function */ ++ NULL, /* no close function */ ++ NULL, /* no tidy function */ ++ NULL /* no quoting function */ ++}; ++ ++#ifdef DYNLOOKUP ++#define cdb_lookup_module_info _lookup_module_info ++#endif ++ ++static lookup_info *_lookup_list[] = { &dkim_lookup_info }; ++lookup_module_info cdb_lookup_module_info = { LOOKUP_MODULE_INFO_MAGIC, _lookup_list, 1 }; ++ + /* End of lookups/dkim.c */ +diff -uNr exim-4.69-old/src/lookups/dkim.h exim-4.69/src/lookups/dkim.h +--- exim-4.69-old/src/lookups/dkim.h 2007-09-28 13:21:57.000000000 +0100 ++++ exim-4.69/src/lookups/dkim.h 1970-01-01 01:00:00.000000000 +0100 +@@ -1,16 +0,0 @@ +-/* $Cambridge: exim/exim-src/src/lookups/dkim.h,v 1.1 2007/09/28 12:21:57 tom Exp $ */ +- +-/************************************************* +-* Exim - an Internet mail transport agent * +-*************************************************/ +- +-/* Copyright (c) University of Cambridge 1995 - 2007 */ +-/* See the file NOTICE for conditions of use and distribution. */ +- +-/* Header for the DKIM lookup */ +- +-extern void *dkim_open(uschar *, uschar **); +-extern int dkim_find(void *, uschar *, uschar *, int, uschar **, uschar **, +- BOOL *); +- +-/* End of lookups/dkim.h */ +diff -uNr exim-4.69-old/src/lookups/dnsdb.c exim-4.69/src/lookups/dnsdb.c +--- exim-4.69-old/src/lookups/dnsdb.c 2007-01-08 10:50:19.000000000 +0000 ++++ exim-4.69/src/lookups/dnsdb.c 2008-08-13 15:30:05.000000000 +0100 +@@ -9,8 +9,6 @@ + + #include "../exim.h" + #include "lf_functions.h" +-#include "dnsdb.h" +- + + + /* Ancient systems (e.g. SunOS4) don't appear to have T_TXT defined in their +@@ -67,7 +65,7 @@ + + /* See local README for interface description. */ + +-void * ++static void * + dnsdb_open(uschar *filename, uschar **errmsg) + { + filename = filename; /* Keep picky compilers happy */ +@@ -102,7 +100,7 @@ + which may start with '<' in order to set a specific separator. The default + separator, as always, is colon. */ + +-int ++static int + dnsdb_find(void *handle, uschar *filename, uschar *keystring, int length, + uschar **result, uschar **errmsg, BOOL *do_cache) + { +@@ -394,4 +392,22 @@ + return OK; + } + ++static lookup_info _lookup_info = { ++ US"dnsdb", /* lookup name */ ++ lookup_querystyle, /* query style */ ++ dnsdb_open, /* open function */ ++ NULL, /* check function */ ++ dnsdb_find, /* find function */ ++ NULL, /* no close function */ ++ NULL, /* no tidy function */ ++ NULL /* no quoting function */ ++}; ++ ++#ifdef DYNLOOKUP ++#define dnsdb_lookup_module_info _lookup_module_info ++#endif ++ ++static lookup_info *_lookup_list[] = { &_lookup_info }; ++lookup_module_info dnsdb_lookup_module_info = { LOOKUP_MODULE_INFO_MAGIC, _lookup_list, 1 }; ++ + /* End of lookups/dnsdb.c */ +diff -uNr exim-4.69-old/src/lookups/dnsdb.h exim-4.69/src/lookups/dnsdb.h +--- exim-4.69-old/src/lookups/dnsdb.h 2007-01-08 10:50:19.000000000 +0000 ++++ exim-4.69/src/lookups/dnsdb.h 1970-01-01 01:00:00.000000000 +0100 +@@ -1,16 +0,0 @@ +-/* $Cambridge: exim/exim-src/src/lookups/dnsdb.h,v 1.4 2007/01/08 10:50:19 ph10 Exp $ */ +- +-/************************************************* +-* Exim - an Internet mail transport agent * +-*************************************************/ +- +-/* Copyright (c) University of Cambridge 1995 - 2007 */ +-/* See the file NOTICE for conditions of use and distribution. */ +- +-/* Header for the dnsdb lookup */ +- +-extern void *dnsdb_open(uschar *, uschar **); +-extern int dnsdb_find(void *, uschar *, uschar *, int, uschar **, uschar **, +- BOOL *); +- +-/* End of lookups/dnsdb.h */ +diff -uNr exim-4.69-old/src/lookups/dsearch.c exim-4.69/src/lookups/dsearch.c +--- exim-4.69-old/src/lookups/dsearch.c 2007-05-31 13:42:07.000000000 +0100 ++++ exim-4.69/src/lookups/dsearch.c 2008-08-13 15:30:05.000000000 +0100 +@@ -14,8 +14,6 @@ + + #include "../exim.h" + #include "lf_functions.h" +-#include "dsearch.h" +- + + + /************************************************* +@@ -27,7 +25,7 @@ + it open, because the "search" can be done by a call to lstat() rather than + actually scanning through the list of files. */ + +-void * ++static void * + dsearch_open(uschar *dirname, uschar **errmsg) + { + DIR *dp = opendir(CS dirname); +@@ -50,7 +48,7 @@ + /* The handle will always be (void *)(-1), but don't try casting it to an + integer as this gives warnings on 64-bit systems. */ + +-BOOL ++static BOOL + dsearch_check(void *handle, uschar *filename, int modemask, uid_t *owners, + gid_t *owngroups, uschar **errmsg) + { +@@ -68,7 +66,7 @@ + scanning the directory, as it is hopefully faster to let the OS do the scanning + for us. */ + +-int ++static int + dsearch_find(void *handle, uschar *dirname, uschar *keystring, int length, + uschar **result, uschar **errmsg, BOOL *do_cache) + { +@@ -114,10 +112,28 @@ + + /* See local README for interface description */ + +-void ++static void + dsearch_close(void *handle) + { + handle = handle; /* Avoid compiler warning */ + } + ++static lookup_info _lookup_info = { ++ US"dsearch", /* lookup name */ ++ lookup_absfile, /* uses absolute file name */ ++ dsearch_open, /* open function */ ++ dsearch_check, /* check function */ ++ dsearch_find, /* find function */ ++ dsearch_close, /* close function */ ++ NULL, /* no tidy function */ ++ NULL /* no quoting function */ ++}; ++ ++#ifdef DYNLOOKUP ++#define dsearch_lookup_module_info _lookup_module_info ++#endif ++ ++static lookup_info *_lookup_list[] = { &_lookup_info }; ++lookup_module_info dsearch_lookup_module_info = { LOOKUP_MODULE_INFO_MAGIC, _lookup_list, 1 }; ++ + /* End of lookups/dsearch.c */ +diff -uNr exim-4.69-old/src/lookups/dsearch.h exim-4.69/src/lookups/dsearch.h +--- exim-4.69-old/src/lookups/dsearch.h 2007-01-08 10:50:19.000000000 +0000 ++++ exim-4.69/src/lookups/dsearch.h 1970-01-01 01:00:00.000000000 +0100 +@@ -1,18 +0,0 @@ +-/* $Cambridge: exim/exim-src/src/lookups/dsearch.h,v 1.4 2007/01/08 10:50:19 ph10 Exp $ */ +- +-/************************************************* +-* Exim - an Internet mail transport agent * +-*************************************************/ +- +-/* Copyright (c) University of Cambridge 1995 - 2007 */ +-/* See the file NOTICE for conditions of use and distribution. */ +- +-/* Header for the dsearch lookup */ +- +-extern void *dsearch_open(uschar *, uschar **); +-extern BOOL dsearch_check(void *, uschar *, int, uid_t *, gid_t *, uschar **); +-extern int dsearch_find(void *, uschar *, uschar *, int, uschar **, uschar **, +- BOOL *); +-extern void dsearch_close(void *); +- +-/* End of lookups/dsearch.h */ +diff -uNr exim-4.69-old/src/lookups/ibase.c exim-4.69/src/lookups/ibase.c +--- exim-4.69-old/src/lookups/ibase.c 2007-01-08 10:50:19.000000000 +0000 ++++ exim-4.69/src/lookups/ibase.c 2008-08-13 15:30:05.000000000 +0100 +@@ -11,14 +11,7 @@ + + #include "../exim.h" + #include "lf_functions.h" +-#include "ibase.h" + +-#ifndef LOOKUP_IBASE +-static void dummy(int x) +-{ +- dummy(x - 1); +-} +-#else + #include /* The system header */ + + /* Structure and anchor for caching connections. */ +@@ -40,7 +33,7 @@ + + /* See local README for interface description. */ + +-void *ibase_open(uschar * filename, uschar ** errmsg) ++static void *ibase_open(uschar * filename, uschar ** errmsg) + { + return (void *) (1); /* Just return something non-null */ + } +@@ -53,7 +46,7 @@ + + /* See local README for interface description. */ + +-void ibase_tidy(void) ++static void ibase_tidy(void) + { + ibase_connection *cn; + ISC_STATUS status[20]; +@@ -458,7 +451,7 @@ + arguments are not used. Loop through a list of servers while the query is + deferred with a retryable error. */ + +-int ++static int + ibase_find(void *handle, uschar * filename, uschar * query, int length, + uschar ** result, uschar ** errmsg, BOOL *do_cache) + { +@@ -510,7 +503,7 @@ + Returns: the processed string or NULL for a bad option + */ + +-uschar *ibase_quote(uschar * s, uschar * opt) ++static uschar *ibase_quote(uschar * s, uschar * opt) + { + register int c; + int count = 0; +@@ -553,6 +546,22 @@ + return quoted; + } + ++static lookup_info _lookup_info = { ++ US"ibase", /* lookup name */ ++ lookup_querystyle, /* query-style lookup */ ++ ibase_open, /* open function */ ++ NULL, /* no check function */ ++ ibase_find, /* find function */ ++ NULL, /* no close function */ ++ ibase_tidy, /* tidy function */ ++ ibase_quote /* quoting function */ ++}; ++ ++#ifdef DYNLOOKUP ++#define ibase_lookup_module_info _lookup_module_info + #endif + ++static lookup_info *_lookup_list[] = { &_lookup_info }; ++lookup_module_info ibase_lookup_module_info = { LOOKUP_MODULE_INFO_MAGIC, _lookup_list, 1 }; ++ + /* End of lookups/ibase.c */ +diff -uNr exim-4.69-old/src/lookups/ibase.h exim-4.69/src/lookups/ibase.h +--- exim-4.69-old/src/lookups/ibase.h 2007-01-08 10:50:19.000000000 +0000 ++++ exim-4.69/src/lookups/ibase.h 1970-01-01 01:00:00.000000000 +0100 +@@ -1,18 +0,0 @@ +-/* $Cambridge: exim/exim-src/src/lookups/ibase.h,v 1.4 2007/01/08 10:50:19 ph10 Exp $ */ +- +-/************************************************* +-* Exim - an Internet mail transport agent * +-*************************************************/ +- +-/* Copyright (c) University of Cambridge 1995 - 2007 */ +-/* See the file NOTICE for conditions of use and distribution. */ +- +-/* Header for the Interbase lookup functions */ +- +-extern void *ibase_open(uschar *, uschar **); +-extern int ibase_find(void *, uschar *, uschar *, int, uschar **, uschar **, +- BOOL *); +-extern void ibase_tidy(void); +-extern uschar *ibase_quote(uschar *, uschar *); +- +-/* End of lookups/ibase.h */ +diff -uNr exim-4.69-old/src/lookups/ldap.c exim-4.69/src/lookups/ldap.c +--- exim-4.69-old/src/lookups/ldap.c 2007-01-08 10:50:19.000000000 +0000 ++++ exim-4.69/src/lookups/ldap.c 2008-08-13 15:30:05.000000000 +0100 +@@ -15,21 +15,6 @@ + + #include "../exim.h" + #include "lf_functions.h" +-#include "ldap.h" +- +- +-/* We can't just compile this code and allow the library mechanism to omit the +-functions if they are not wanted, because we need to have the LDAP headers +-available for compiling. Therefore, compile these functions only if LOOKUP_LDAP +-is defined. However, some compilers don't like compiling empty modules, so keep +-them happy with a dummy when skipping the rest. Make it reference itself to +-stop picky compilers complaining that it is unused, and put in a dummy argument +-to stop even pickier compilers complaining about infinite loops. */ +- +-#ifndef LOOKUP_LDAP +-static void dummy(int x) { dummy(x-1); } +-#else +- + + /* Include LDAP headers. The code below uses some "old" LDAP interfaces that + are deprecated in OpenLDAP. I don't know their status in other LDAP +@@ -1196,7 +1181,7 @@ + are handled by a common function, with a flag to differentiate between them. + The handle and filename arguments are not used. */ + +-int ++static int + eldap_find(void *handle, uschar *filename, uschar *ldap_url, int length, + uschar **result, uschar **errmsg, BOOL *do_cache) + { +@@ -1205,7 +1190,7 @@ + return(control_ldap_search(ldap_url, SEARCH_LDAP_SINGLE, result, errmsg)); + } + +-int ++static int + eldapm_find(void *handle, uschar *filename, uschar *ldap_url, int length, + uschar **result, uschar **errmsg, BOOL *do_cache) + { +@@ -1214,7 +1199,7 @@ + return(control_ldap_search(ldap_url, SEARCH_LDAP_MULTIPLE, result, errmsg)); + } + +-int ++static int + eldapdn_find(void *handle, uschar *filename, uschar *ldap_url, int length, + uschar **result, uschar **errmsg, BOOL *do_cache) + { +@@ -1240,7 +1225,7 @@ + + /* See local README for interface description. */ + +-void * ++static void * + eldap_open(uschar *filename, uschar **errmsg) + { + return (void *)(1); /* Just return something non-null */ +@@ -1255,7 +1240,7 @@ + /* See local README for interface description. + Make sure that eldap_dn does not refer to reclaimed or worse, freed store */ + +-void ++static void + eldap_tidy(void) + { + LDAP_CONNECTION *lcp = NULL; +@@ -1351,7 +1336,7 @@ + + + +-uschar * ++static uschar * + eldap_quote(uschar *s, uschar *opt) + { + register int c; +@@ -1470,6 +1455,44 @@ + return quoted; + } + +-#endif /* LOOKUP_LDAP */ ++static lookup_info ldap_lookup_info = { ++ US"ldap", /* lookup name */ ++ lookup_querystyle, /* query-style lookup */ ++ eldap_open, /* open function */ ++ NULL, /* check function */ ++ eldap_find, /* find function */ ++ NULL, /* no close function */ ++ eldap_tidy, /* tidy function */ ++ eldap_quote /* quoting function */ ++}; ++ ++static lookup_info ldapdn_lookup_info = { ++ US"ldapdn", /* lookup name */ ++ lookup_querystyle, /* query-style lookup */ ++ eldap_open, /* sic */ /* open function */ ++ NULL, /* check function */ ++ eldapdn_find, /* find function */ ++ NULL, /* no close function */ ++ eldap_tidy, /* sic */ /* tidy function */ ++ eldap_quote /* sic */ /* quoting function */ ++}; ++ ++static lookup_info ldapm_lookup_info = { ++ US"ldapm", /* lookup name */ ++ lookup_querystyle, /* query-style lookup */ ++ eldap_open, /* sic */ /* open function */ ++ NULL, /* check function */ ++ eldapm_find, /* find function */ ++ NULL, /* no close function */ ++ eldap_tidy, /* sic */ /* tidy function */ ++ eldap_quote /* sic */ /* quoting function */ ++}; ++ ++#ifdef DYNLOOKUP ++#define ldap_lookup_module_info _lookup_module_info ++#endif ++ ++static lookup_info *_lookup_list[] = { &ldap_lookup_info, &ldapdn_lookup_info, &ldapm_lookup_info }; ++lookup_module_info ldap_lookup_module_info = { LOOKUP_MODULE_INFO_MAGIC, _lookup_list, 3 }; + + /* End of lookups/ldap.c */ +diff -uNr exim-4.69-old/src/lookups/ldap.h exim-4.69/src/lookups/ldap.h +--- exim-4.69-old/src/lookups/ldap.h 2007-01-08 10:50:19.000000000 +0000 ++++ exim-4.69/src/lookups/ldap.h 2008-08-13 15:30:05.000000000 +0100 +@@ -7,18 +7,9 @@ + /* Copyright (c) University of Cambridge 1995 - 2007 */ + /* See the file NOTICE for conditions of use and distribution. */ + +-/* Header for the ldap lookups */ ++/* Header for eldapauth_find */ + +-extern void *eldap_open(uschar *, uschar **); +-extern int eldap_find(void *, uschar *, uschar *, int, uschar **, uschar **, +- BOOL *); + extern int eldapauth_find(void *, uschar *, uschar *, int, uschar **, + uschar **, BOOL *); +-extern int eldapdn_find(void *, uschar *, uschar *, int, uschar **, +- uschar **, BOOL *); +-extern int eldapm_find(void *, uschar *, uschar *, int, uschar **, +- uschar **, BOOL *); +-extern void eldap_tidy(void); +-extern uschar *eldap_quote(uschar *, uschar *); + + /* End of lookups/ldap.h */ +diff -uNr exim-4.69-old/src/lookups/lsearch.c exim-4.69/src/lookups/lsearch.c +--- exim-4.69-old/src/lookups/lsearch.c 2007-01-08 10:50:19.000000000 +0000 ++++ exim-4.69/src/lookups/lsearch.c 2008-08-13 15:30:05.000000000 +0100 +@@ -9,7 +9,6 @@ + + #include "../exim.h" + #include "lf_functions.h" +-#include "lsearch.h" + + /* Codes for the different kinds of lsearch that are supported */ + +@@ -28,7 +27,7 @@ + + /* See local README for interface description */ + +-void * ++static void * + lsearch_open(uschar *filename, uschar **errmsg) + { + FILE *f = Ufopen(filename, "rb"); +@@ -48,7 +47,7 @@ + * Check entry point * + *************************************************/ + +-BOOL ++static BOOL + lsearch_check(void *handle, uschar *filename, int modemask, uid_t *owners, + gid_t *owngroups, uschar **errmsg) + { +@@ -320,7 +319,7 @@ + + /* See local README for interface description */ + +-int ++static int + lsearch_find(void *handle, uschar *filename, uschar *keystring, int length, + uschar **result, uschar **errmsg, BOOL *do_cache) + { +@@ -337,7 +336,7 @@ + + /* See local README for interface description */ + +-int ++static int + wildlsearch_find(void *handle, uschar *filename, uschar *keystring, int length, + uschar **result, uschar **errmsg, BOOL *do_cache) + { +@@ -354,7 +353,7 @@ + + /* See local README for interface description */ + +-int ++static int + nwildlsearch_find(void *handle, uschar *filename, uschar *keystring, int length, + uschar **result, uschar **errmsg, BOOL *do_cache) + { +@@ -372,7 +371,7 @@ + + /* See local README for interface description */ + +-int ++static int + iplsearch_find(void *handle, uschar *filename, uschar *keystring, int length, + uschar **result, uschar **errmsg, BOOL *do_cache) + { +@@ -401,10 +400,64 @@ + + /* See local README for interface description */ + +-void ++static void + lsearch_close(void *handle) + { + (void)fclose((FILE *)handle); + } + ++static lookup_info iplsearch_lookup_info = { ++ US"iplsearch", /* lookup name */ ++ lookup_absfile, /* uses absolute file name */ ++ lsearch_open, /* open function */ ++ lsearch_check, /* check function */ ++ iplsearch_find, /* find function */ ++ lsearch_close, /* close function */ ++ NULL, /* no tidy function */ ++ NULL /* no quoting function */ ++}; ++ ++static lookup_info lsearch_lookup_info = { ++ US"lsearch", /* lookup name */ ++ lookup_absfile, /* uses absolute file name */ ++ lsearch_open, /* open function */ ++ lsearch_check, /* check function */ ++ lsearch_find, /* find function */ ++ lsearch_close, /* close function */ ++ NULL, /* no tidy function */ ++ NULL /* no quoting function */ ++}; ++ ++static lookup_info nwildlsearch_lookup_info = { ++ US"nwildlsearch", /* lookup name */ ++ lookup_absfile, /* uses absolute file name */ ++ lsearch_open, /* open function */ ++ lsearch_check, /* check function */ ++ nwildlsearch_find, /* find function */ ++ lsearch_close, /* close function */ ++ NULL, /* no tidy function */ ++ NULL /* no quoting function */ ++}; ++ ++static lookup_info wildlsearch_lookup_info = { ++ US"wildlsearch", /* lookup name */ ++ lookup_absfile, /* uses absolute file name */ ++ lsearch_open, /* open function */ ++ lsearch_check, /* check function */ ++ wildlsearch_find, /* find function */ ++ lsearch_close, /* close function */ ++ NULL, /* no tidy function */ ++ NULL /* no quoting function */ ++}; ++ ++#ifdef DYNLOOKUP ++#define lsearch_lookup_module_info _lookup_module_info ++#endif ++ ++static lookup_info *_lookup_list[] = { &iplsearch_lookup_info, ++ &lsearch_lookup_info, ++ &nwildlsearch_lookup_info, ++ &wildlsearch_lookup_info }; ++lookup_module_info lsearch_lookup_module_info = { LOOKUP_MODULE_INFO_MAGIC, _lookup_list, 4 }; ++ + /* End of lookups/lsearch.c */ +diff -uNr exim-4.69-old/src/lookups/lsearch.h exim-4.69/src/lookups/lsearch.h +--- exim-4.69-old/src/lookups/lsearch.h 2007-01-08 10:50:19.000000000 +0000 ++++ exim-4.69/src/lookups/lsearch.h 1970-01-01 01:00:00.000000000 +0100 +@@ -1,25 +0,0 @@ +-/* $Cambridge: exim/exim-src/src/lookups/lsearch.h,v 1.4 2007/01/08 10:50:19 ph10 Exp $ */ +- +-/************************************************* +-* Exim - an Internet mail transport agent * +-*************************************************/ +- +-/* Copyright (c) University of Cambridge 1995 - 2007 */ +-/* See the file NOTICE for conditions of use and distribution. */ +- +-/* Header for the lsearch and wildlsearch lookups */ +- +-extern void *lsearch_open(uschar *, uschar **); +-extern BOOL lsearch_check(void *, uschar *, int, uid_t *, gid_t *, uschar **); +-extern int lsearch_find(void *, uschar *, uschar *, int, uschar **, +- uschar **, BOOL *); +-extern void lsearch_close(void *); +- +-extern int wildlsearch_find(void *, uschar *, uschar *, int, uschar **, +- uschar **, BOOL *); +-extern int nwildlsearch_find(void *, uschar *, uschar *, int, uschar **, +- uschar **, BOOL *); +-extern int iplsearch_find(void *, uschar *, uschar *, int, uschar **, +- uschar **, BOOL *); +- +-/* End of lookups/lsearch.h */ +diff -uNr exim-4.69-old/src/lookups/Makefile exim-4.69/src/lookups/Makefile +--- exim-4.69-old/src/lookups/Makefile 2007-09-28 13:21:57.000000000 +0100 ++++ exim-4.69/src/lookups/Makefile 2008-08-13 15:30:05.000000000 +0100 @@ -1,13 +1,181 @@ - # $Cambridge: exim/exim-src/src/lookups/Makefile,v 1.8 2008/02/14 13:49:35 fanf2 Exp $ + # $Cambridge: exim/exim-src/src/lookups/Makefile,v 1.7 2007/09/28 12:21:57 tom Exp $ -# Make file for building a library containing all the available lookups and -# calling it lookups.a. This is called from the main make file, after cd'ing -# to the lookups subdirectory. When the relevant LOOKUP_ macros are not -# defined, dummy modules get compiled. -+# Make file for building all the available lookups. -+# This is called from the main make file, after cd'ing -+# to the lookups subdirectory. - +- -OBJ = cdb.o dbmdb.o dkim.o dnsdb.o dsearch.o ibase.o ldap.o lsearch.o mysql.o nis.o \ - nisplus.o oracle.o passwd.o pgsql.o spf.o sqlite.o testdb.o whoson.o \ - lf_check_file.o lf_quote.o lf_sqlperform.o ++# Make file for building all the available lookups. ++# This is called from the main make file, after cd'ing ++# to the lookups subdirectory. ++ +# because the variable is EXPERIMENTAL_SPF and not LOOKUP_SPF +# we put this one here by default and compile a dummy if +# EXPERIMENTAL_SPF is not defined @@ -1234,9 +2113,9 @@ index 75b78d2..e8c9bbd 100644 lookups.a: $(OBJ) @$(RM_COMMAND) -f lookups.a -@@ -15,31 +183,54 @@ lookups.a: $(OBJ) - @$(AR) lookups.a $(OBJ) +@@ -16,31 +184,54 @@ $(RANLIB) $@ + @$(RM_COMMAND) -rf ../drtables.o -.SUFFIXES: .o .c +.SUFFIXES: .o .c .so @@ -1308,925 +2187,10 @@ index 75b78d2..e8c9bbd 100644 + # End -diff --git a/src/lookups/cdb.c b/src/lookups/cdb.c -index cb4c727..23d0152 100644 ---- a/src/lookups/cdb.c -+++ b/src/lookups/cdb.c -@@ -56,7 +56,6 @@ - - #include "../exim.h" - #include "lf_functions.h" --#include "cdb.h" - - #ifdef HAVE_MMAP - # include -@@ -144,7 +143,9 @@ cdb_unpack(uschar *buf) - return num; - } - --void * -+static void cdb_close(void *handle); -+ -+static void * - cdb_open(uschar *filename, - uschar **errmsg) - { -@@ -245,7 +246,7 @@ cdb_open(uschar *filename, - * Check entry point * - *************************************************/ - --BOOL -+static BOOL - cdb_check(void *handle, - uschar *filename, - int modemask, -@@ -270,7 +271,7 @@ cdb_check(void *handle, - * Find entry point * - *************************************************/ - --int -+static int - cdb_find(void *handle, - uschar *filename, - uschar *keystring, -@@ -418,7 +419,7 @@ cdb_find(void *handle, - - /* See local README for interface description */ - --void -+static void - cdb_close(void *handle) - { - struct cdb_state * cdbp = handle; -@@ -434,4 +435,22 @@ struct cdb_state * cdbp = handle; - (void)close(cdbp->fileno); - } - -+lookup_info cdb_lookup_info = { -+ US"cdb", /* lookup name */ -+ lookup_absfile, /* uses absolute file name */ -+ cdb_open, /* open function */ -+ cdb_check, /* check function */ -+ cdb_find, /* find function */ -+ cdb_close, /* close function */ -+ NULL, /* no tidy function */ -+ NULL /* no quoting function */ -+}; -+ -+#ifdef DYNLOOKUP -+#define cdb_lookup_module_info _lookup_module_info -+#endif -+ -+static lookup_info *_lookup_list[] = { &cdb_lookup_info }; -+lookup_module_info cdb_lookup_module_info = { LOOKUP_MODULE_INFO_MAGIC, _lookup_list, 1 }; -+ - /* End of lookups/cdb.c */ -diff --git a/src/lookups/cdb.h b/src/lookups/cdb.h -deleted file mode 100644 -index df9fb2c..0000000 ---- a/src/lookups/cdb.h -+++ /dev/null -@@ -1,59 +0,0 @@ --/* $Cambridge: exim/exim-src/src/lookups/cdb.h,v 1.1 2004/10/07 13:10:01 ph10 Exp $ */ -- --/************************************************* --* Exim - an Internet mail transport agent * --*************************************************/ -- --/* -- * $Id: cdb.h,v 1.2.2.1 1998/05/29 16:21:36 cvs Exp $ -- * -- * Exim - CDB database lookup module -- * ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -- * -- * Copyright (c) 1998 Nigel Metheringham, Planet Online Ltd -- * -- * This program is free software; you can redistribute it and/or -- * modify it under the terms of the GNU General Public License -- * as published by the Free Software Foundation; either version 2 -- * of the License, or (at your option) any later version. -- * -- * This program is distributed in the hope that it will be useful, -- * but WITHOUT ANY WARRANTY; without even the implied warranty of -- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -- * GNU General Public License for more details. -- * -- * You should have received a copy of the GNU General Public License -- * along with this program; if not, write to the Free Software -- * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA -- * 02111-1307, USA. -- * -- * -- * This code implements Dan Bernstein's Constant DataBase (cdb) spec. -- * Information, the spec and sample code for cdb can be obtained from -- * http://www.pobox.com/~djb/cdb.html -- * -- * This implementation borrows some code from Dan Bernstein's -- * implementation (which has no license restrictions applied to it). -- * This (read-only) implementation is completely contained within -- * cdb.[ch] it does *not* link against an external cdb library. -- * -- * -- * There are 2 varients included within this code. One uses MMAP and -- * should give better performance especially for multiple lookups on a -- * modern machine. The other is the default implementation which is -- * used in the case where the MMAP fails or if MMAP was not compiled -- * in. this implementation is the same as the original reference cdb -- * implementation. -- * -- */ -- -- --/* Functions for reading exim cdb files */ -- --extern void *cdb_open(uschar *, uschar **); --extern BOOL cdb_check(void *, uschar *, int, uid_t *, gid_t *, uschar **); --extern int cdb_find(void *, uschar *, uschar *, int, uschar **, uschar **, -- BOOL *); --extern void cdb_close(void *); -- --/* End of cdb.h */ -diff --git a/src/lookups/dbmdb.c b/src/lookups/dbmdb.c -index 0d79522..8e459b9 100644 ---- a/src/lookups/dbmdb.c -+++ b/src/lookups/dbmdb.c -@@ -9,7 +9,6 @@ - - #include "../exim.h" - #include "lf_functions.h" --#include "dbmdb.h" - - - /************************************************* -@@ -18,7 +17,7 @@ - - /* See local README for interface description */ - --void * -+static void * - dbmdb_open(uschar *filename, uschar **errmsg) - { - EXIM_DB *yield; -@@ -45,7 +44,7 @@ file name. If USE_TDB or USE_GDBM is set, we know it is tdb or gdbm, which do - the same. Otherwise, for safety, we have to check for x.db or x.dir and x.pag. - */ - --BOOL -+static BOOL - dbmdb_check(void *handle, uschar *filename, int modemask, uid_t *owners, - gid_t *owngroups, uschar **errmsg) - { -@@ -88,7 +87,7 @@ return rc == 0; - /* See local README for interface description. This function adds 1 to - the keylength in order to include the terminating zero. */ - --int -+static int - dbmdb_find(void *handle, uschar *filename, uschar *keystring, int length, - uschar **result, uschar **errmsg, BOOL *do_cache) - { -@@ -121,7 +120,7 @@ return FAIL; - - /* See local README for interface description */ - --int -+static int - dbmnz_find(void *handle, uschar *filename, uschar *keystring, int length, - uschar **result, uschar **errmsg, BOOL *do_cache) - { -@@ -137,10 +136,39 @@ return dbmdb_find(handle, filename, keystring, length-1, result, errmsg, - - /* See local README for interface description */ - --void -+static void - dbmdb_close(void *handle) - { - EXIM_DBCLOSE((EXIM_DB *)handle); - } - -+lookup_info dbm_lookup_info = { -+ US"dbm", /* lookup name */ -+ lookup_absfile, /* uses absolute file name */ -+ dbmdb_open, /* open function */ -+ dbmdb_check, /* check function */ -+ dbmdb_find, /* find function */ -+ dbmdb_close, /* close function */ -+ NULL, /* no tidy function */ -+ NULL /* no quoting function */ -+}; -+ -+lookup_info dbmz_lookup_info = { -+ US"dbmnz", /* lookup name */ -+ lookup_absfile, /* uses absolute file name */ -+ dbmdb_open, /* sic */ /* open function */ -+ dbmdb_check, /* sic */ /* check function */ -+ dbmnz_find, /* find function */ -+ dbmdb_close, /* sic */ /* close function */ -+ NULL, /* no tidy function */ -+ NULL /* no quoting function */ -+}; -+ -+#ifdef DYNLOOKUP -+#define dbmdb_lookup_module_info _lookup_module_info -+#endif -+ -+static lookup_info *_lookup_list[] = { &dbm_lookup_info, &dbmz_lookup_info }; -+lookup_module_info dbmdb_lookup_module_info = { LOOKUP_MODULE_INFO_MAGIC, _lookup_list, 2 }; -+ - /* End of lookups/dbmdb.c */ -diff --git a/src/lookups/dbmdb.h b/src/lookups/dbmdb.h -deleted file mode 100644 -index 26bd792..0000000 ---- a/src/lookups/dbmdb.h -+++ /dev/null -@@ -1,21 +0,0 @@ --/* $Cambridge: exim/exim-src/src/lookups/dbmdb.h,v 1.4 2007/01/08 10:50:19 ph10 Exp $ */ -- --/************************************************* --* Exim - an Internet mail transport agent * --*************************************************/ -- --/* Copyright (c) University of Cambridge 1995 - 2007 */ --/* See the file NOTICE for conditions of use and distribution. */ -- --/* Header for the dbm lookup. Use dbmdb in the code to avoid name --clashes with external library names. */ -- --extern void *dbmdb_open(uschar *, uschar **); --extern BOOL dbmdb_check(void *, uschar *, int, uid_t *, gid_t *, uschar **); --extern int dbmdb_find(void *, uschar *, uschar *, int, uschar **, uschar **, -- BOOL *); --extern int dbmnz_find(void *, uschar *, uschar *, int, uschar **, uschar **, -- BOOL *); --extern void dbmdb_close(void *); -- --/* End of lookups/dbmdb.h */ -diff --git a/src/lookups/dkim.c b/src/lookups/dkim.c -index fa2ecf2..3c55913 100755 ---- a/src/lookups/dkim.c -+++ b/src/lookups/dkim.c -@@ -8,7 +8,6 @@ - /* See the file NOTICE for conditions of use and distribution. */ - - #include "../exim.h" --#include "dkim.h" - - - -@@ -18,7 +17,7 @@ - - /* See local README for interface description */ - --void * -+static void * - dkim_open(uschar *filename, uschar **errmsg) - { - filename = filename; /* Keep picky compilers happy */ -@@ -35,7 +34,7 @@ return (void *)(-1); /* Just return something non-null */ - - /* See local README for interface description */ - --int -+static int - dkim_find(void *handle, uschar *filename, uschar *keystring, int length, - uschar **result, uschar **errmsg, BOOL *do_cache) - { -@@ -49,4 +48,22 @@ dkim_find(void *handle, uschar *filename, uschar *keystring, int length, - #endif - } - -+lookup_info cdb_lookup_info = { -+ US"dkim", /* lookup name */ -+ lookup_querystyle, /* query style */ -+ dkim_open, /* open function */ -+ NULL, /* check function */ -+ dkim_find, /* find function */ -+ NULL, /* no close function */ -+ NULL, /* no tidy function */ -+ NULL /* no quoting function */ -+}; -+ -+#ifdef DYNLOOKUP -+#define cdb_lookup_module_info _lookup_module_info -+#endif -+ -+static lookup_info *_lookup_list[] = { &dkim_lookup_info }; -+lookup_module_info cdb_lookup_module_info = { LOOKUP_MODULE_INFO_MAGIC, _lookup_list, 1 }; -+ - /* End of lookups/dkim.c */ -diff --git a/src/lookups/dkim.h b/src/lookups/dkim.h -deleted file mode 100755 -index cc57697..0000000 ---- a/src/lookups/dkim.h -+++ /dev/null -@@ -1,16 +0,0 @@ --/* $Cambridge: exim/exim-src/src/lookups/dkim.h,v 1.1 2007/09/28 12:21:57 tom Exp $ */ -- --/************************************************* --* Exim - an Internet mail transport agent * --*************************************************/ -- --/* Copyright (c) University of Cambridge 1995 - 2007 */ --/* See the file NOTICE for conditions of use and distribution. */ -- --/* Header for the DKIM lookup */ -- --extern void *dkim_open(uschar *, uschar **); --extern int dkim_find(void *, uschar *, uschar *, int, uschar **, uschar **, -- BOOL *); -- --/* End of lookups/dkim.h */ -diff --git a/src/lookups/dnsdb.c b/src/lookups/dnsdb.c -index bda714c..bea9a8c 100644 ---- a/src/lookups/dnsdb.c -+++ b/src/lookups/dnsdb.c -@@ -9,8 +9,6 @@ - - #include "../exim.h" - #include "lf_functions.h" --#include "dnsdb.h" -- - - - /* Ancient systems (e.g. SunOS4) don't appear to have T_TXT defined in their -@@ -67,7 +65,7 @@ static int type_values[] = { - - /* See local README for interface description. */ - --void * -+static void * - dnsdb_open(uschar *filename, uschar **errmsg) - { - filename = filename; /* Keep picky compilers happy */ -@@ -102,7 +100,7 @@ default is "TXT". - which may start with '<' in order to set a specific separator. The default - separator, as always, is colon. */ - --int -+static int - dnsdb_find(void *handle, uschar *filename, uschar *keystring, int length, - uschar **result, uschar **errmsg, BOOL *do_cache) - { -@@ -394,4 +392,22 @@ yield[ptr] = 0; - return OK; - } - -+static lookup_info _lookup_info = { -+ US"dnsdb", /* lookup name */ -+ lookup_querystyle, /* query style */ -+ dnsdb_open, /* open function */ -+ NULL, /* check function */ -+ dnsdb_find, /* find function */ -+ NULL, /* no close function */ -+ NULL, /* no tidy function */ -+ NULL /* no quoting function */ -+}; -+ -+#ifdef DYNLOOKUP -+#define dnsdb_lookup_module_info _lookup_module_info -+#endif -+ -+static lookup_info *_lookup_list[] = { &_lookup_info }; -+lookup_module_info dnsdb_lookup_module_info = { LOOKUP_MODULE_INFO_MAGIC, _lookup_list, 1 }; -+ - /* End of lookups/dnsdb.c */ -diff --git a/src/lookups/dnsdb.h b/src/lookups/dnsdb.h -deleted file mode 100644 -index 98bdf92..0000000 ---- a/src/lookups/dnsdb.h -+++ /dev/null -@@ -1,16 +0,0 @@ --/* $Cambridge: exim/exim-src/src/lookups/dnsdb.h,v 1.4 2007/01/08 10:50:19 ph10 Exp $ */ -- --/************************************************* --* Exim - an Internet mail transport agent * --*************************************************/ -- --/* Copyright (c) University of Cambridge 1995 - 2007 */ --/* See the file NOTICE for conditions of use and distribution. */ -- --/* Header for the dnsdb lookup */ -- --extern void *dnsdb_open(uschar *, uschar **); --extern int dnsdb_find(void *, uschar *, uschar *, int, uschar **, uschar **, -- BOOL *); -- --/* End of lookups/dnsdb.h */ -diff --git a/src/lookups/dsearch.c b/src/lookups/dsearch.c -index 661021d..7befda3 100644 ---- a/src/lookups/dsearch.c -+++ b/src/lookups/dsearch.c -@@ -14,8 +14,6 @@ lstat()) rather than a directory scan). */ - - #include "../exim.h" - #include "lf_functions.h" --#include "dsearch.h" -- - - - /************************************************* -@@ -27,7 +25,7 @@ whether it exists and whether it is searchable. However, we don't need to keep - it open, because the "search" can be done by a call to lstat() rather than - actually scanning through the list of files. */ - --void * -+static void * - dsearch_open(uschar *dirname, uschar **errmsg) - { - DIR *dp = opendir(CS dirname); -@@ -50,7 +48,7 @@ return (void *)(-1); - /* The handle will always be (void *)(-1), but don't try casting it to an - integer as this gives warnings on 64-bit systems. */ - --BOOL -+static BOOL - dsearch_check(void *handle, uschar *filename, int modemask, uid_t *owners, - gid_t *owngroups, uschar **errmsg) - { -@@ -68,7 +66,7 @@ return lf_check_file(-1, filename, S_IFDIR, modemask, owners, owngroups, - scanning the directory, as it is hopefully faster to let the OS do the scanning - for us. */ - --int -+static int - dsearch_find(void *handle, uschar *dirname, uschar *keystring, int length, - uschar **result, uschar **errmsg, BOOL *do_cache) - { -@@ -114,10 +112,28 @@ return DEFER; - - /* See local README for interface description */ - --void -+static void - dsearch_close(void *handle) - { - handle = handle; /* Avoid compiler warning */ - } - -+static lookup_info _lookup_info = { -+ US"dsearch", /* lookup name */ -+ lookup_absfile, /* uses absolute file name */ -+ dsearch_open, /* open function */ -+ dsearch_check, /* check function */ -+ dsearch_find, /* find function */ -+ dsearch_close, /* close function */ -+ NULL, /* no tidy function */ -+ NULL /* no quoting function */ -+}; -+ -+#ifdef DYNLOOKUP -+#define dsearch_lookup_module_info _lookup_module_info -+#endif -+ -+static lookup_info *_lookup_list[] = { &_lookup_info }; -+lookup_module_info dsearch_lookup_module_info = { LOOKUP_MODULE_INFO_MAGIC, _lookup_list, 1 }; -+ - /* End of lookups/dsearch.c */ -diff --git a/src/lookups/dsearch.h b/src/lookups/dsearch.h -deleted file mode 100644 -index e686824..0000000 ---- a/src/lookups/dsearch.h -+++ /dev/null -@@ -1,18 +0,0 @@ --/* $Cambridge: exim/exim-src/src/lookups/dsearch.h,v 1.4 2007/01/08 10:50:19 ph10 Exp $ */ -- --/************************************************* --* Exim - an Internet mail transport agent * --*************************************************/ -- --/* Copyright (c) University of Cambridge 1995 - 2007 */ --/* See the file NOTICE for conditions of use and distribution. */ -- --/* Header for the dsearch lookup */ -- --extern void *dsearch_open(uschar *, uschar **); --extern BOOL dsearch_check(void *, uschar *, int, uid_t *, gid_t *, uschar **); --extern int dsearch_find(void *, uschar *, uschar *, int, uschar **, uschar **, -- BOOL *); --extern void dsearch_close(void *); -- --/* End of lookups/dsearch.h */ -diff --git a/src/lookups/ibase.c b/src/lookups/ibase.c -index 54699a1..ae9c04f 100644 ---- a/src/lookups/ibase.c -+++ b/src/lookups/ibase.c -@@ -11,14 +11,7 @@ - - #include "../exim.h" - #include "lf_functions.h" --#include "ibase.h" - --#ifndef LOOKUP_IBASE --static void dummy(int x) --{ -- dummy(x - 1); --} --#else - #include /* The system header */ - - /* Structure and anchor for caching connections. */ -@@ -40,7 +33,7 @@ static ibase_connection *ibase_connections = NULL; - - /* See local README for interface description. */ - --void *ibase_open(uschar * filename, uschar ** errmsg) -+static void *ibase_open(uschar * filename, uschar ** errmsg) - { - return (void *) (1); /* Just return something non-null */ - } -@@ -53,7 +46,7 @@ void *ibase_open(uschar * filename, uschar ** errmsg) - - /* See local README for interface description. */ - --void ibase_tidy(void) -+static void ibase_tidy(void) - { - ibase_connection *cn; - ISC_STATUS status[20]; -@@ -458,7 +451,7 @@ always leaves enough room for a terminating zero. */ - arguments are not used. Loop through a list of servers while the query is - deferred with a retryable error. */ - --int -+static int - ibase_find(void *handle, uschar * filename, uschar * query, int length, - uschar ** result, uschar ** errmsg, BOOL *do_cache) - { -@@ -510,7 +503,7 @@ Arguments: - Returns: the processed string or NULL for a bad option - */ - --uschar *ibase_quote(uschar * s, uschar * opt) -+static uschar *ibase_quote(uschar * s, uschar * opt) - { - register int c; - int count = 0; -@@ -553,6 +546,22 @@ uschar *ibase_quote(uschar * s, uschar * opt) - return quoted; - } - -+static lookup_info _lookup_info = { -+ US"ibase", /* lookup name */ -+ lookup_querystyle, /* query-style lookup */ -+ ibase_open, /* open function */ -+ NULL, /* no check function */ -+ ibase_find, /* find function */ -+ NULL, /* no close function */ -+ ibase_tidy, /* tidy function */ -+ ibase_quote /* quoting function */ -+}; -+ -+#ifdef DYNLOOKUP -+#define ibase_lookup_module_info _lookup_module_info - #endif - -+static lookup_info *_lookup_list[] = { &_lookup_info }; -+lookup_module_info ibase_lookup_module_info = { LOOKUP_MODULE_INFO_MAGIC, _lookup_list, 1 }; -+ - /* End of lookups/ibase.c */ -diff --git a/src/lookups/ibase.h b/src/lookups/ibase.h -deleted file mode 100644 -index cc64230..0000000 ---- a/src/lookups/ibase.h -+++ /dev/null -@@ -1,18 +0,0 @@ --/* $Cambridge: exim/exim-src/src/lookups/ibase.h,v 1.4 2007/01/08 10:50:19 ph10 Exp $ */ -- --/************************************************* --* Exim - an Internet mail transport agent * --*************************************************/ -- --/* Copyright (c) University of Cambridge 1995 - 2007 */ --/* See the file NOTICE for conditions of use and distribution. */ -- --/* Header for the Interbase lookup functions */ -- --extern void *ibase_open(uschar *, uschar **); --extern int ibase_find(void *, uschar *, uschar *, int, uschar **, uschar **, -- BOOL *); --extern void ibase_tidy(void); --extern uschar *ibase_quote(uschar *, uschar *); -- --/* End of lookups/ibase.h */ -diff --git a/src/lookups/ldap.c b/src/lookups/ldap.c -index f704f88..ec2a3e5 100644 ---- a/src/lookups/ldap.c -+++ b/src/lookups/ldap.c -@@ -15,21 +15,6 @@ researching how to handle the different kinds of error. */ - - #include "../exim.h" - #include "lf_functions.h" --#include "ldap.h" -- -- --/* We can't just compile this code and allow the library mechanism to omit the --functions if they are not wanted, because we need to have the LDAP headers --available for compiling. Therefore, compile these functions only if LOOKUP_LDAP --is defined. However, some compilers don't like compiling empty modules, so keep --them happy with a dummy when skipping the rest. Make it reference itself to --stop picky compilers complaining that it is unused, and put in a dummy argument --to stop even pickier compilers complaining about infinite loops. */ -- --#ifndef LOOKUP_LDAP --static void dummy(int x) { dummy(x-1); } --#else -- - - /* Include LDAP headers. The code below uses some "old" LDAP interfaces that - are deprecated in OpenLDAP. I don't know their status in other LDAP -@@ -1196,7 +1181,7 @@ return DEFER; - are handled by a common function, with a flag to differentiate between them. - The handle and filename arguments are not used. */ - --int -+static int - eldap_find(void *handle, uschar *filename, uschar *ldap_url, int length, - uschar **result, uschar **errmsg, BOOL *do_cache) - { -@@ -1205,7 +1190,7 @@ do_cache = do_cache; - return(control_ldap_search(ldap_url, SEARCH_LDAP_SINGLE, result, errmsg)); - } - --int -+static int - eldapm_find(void *handle, uschar *filename, uschar *ldap_url, int length, - uschar **result, uschar **errmsg, BOOL *do_cache) - { -@@ -1214,7 +1199,7 @@ do_cache = do_cache; - return(control_ldap_search(ldap_url, SEARCH_LDAP_MULTIPLE, result, errmsg)); - } - --int -+static int - eldapdn_find(void *handle, uschar *filename, uschar *ldap_url, int length, - uschar **result, uschar **errmsg, BOOL *do_cache) - { -@@ -1240,7 +1225,7 @@ return(control_ldap_search(ldap_url, SEARCH_LDAP_AUTH, result, errmsg)); - - /* See local README for interface description. */ - --void * -+static void * - eldap_open(uschar *filename, uschar **errmsg) - { - return (void *)(1); /* Just return something non-null */ -@@ -1255,7 +1240,7 @@ return (void *)(1); /* Just return something non-null */ - /* See local README for interface description. - Make sure that eldap_dn does not refer to reclaimed or worse, freed store */ - --void -+static void - eldap_tidy(void) - { - LDAP_CONNECTION *lcp = NULL; -@@ -1351,7 +1336,7 @@ quote_ldap_dn, respectively. */ - - - --uschar * -+static uschar * - eldap_quote(uschar *s, uschar *opt) - { - register int c; -@@ -1470,6 +1455,44 @@ else - return quoted; - } - --#endif /* LOOKUP_LDAP */ -+static lookup_info ldap_lookup_info = { -+ US"ldap", /* lookup name */ -+ lookup_querystyle, /* query-style lookup */ -+ eldap_open, /* open function */ -+ NULL, /* check function */ -+ eldap_find, /* find function */ -+ NULL, /* no close function */ -+ eldap_tidy, /* tidy function */ -+ eldap_quote /* quoting function */ -+}; -+ -+static lookup_info ldapdn_lookup_info = { -+ US"ldapdn", /* lookup name */ -+ lookup_querystyle, /* query-style lookup */ -+ eldap_open, /* sic */ /* open function */ -+ NULL, /* check function */ -+ eldapdn_find, /* find function */ -+ NULL, /* no close function */ -+ eldap_tidy, /* sic */ /* tidy function */ -+ eldap_quote /* sic */ /* quoting function */ -+}; -+ -+static lookup_info ldapm_lookup_info = { -+ US"ldapm", /* lookup name */ -+ lookup_querystyle, /* query-style lookup */ -+ eldap_open, /* sic */ /* open function */ -+ NULL, /* check function */ -+ eldapm_find, /* find function */ -+ NULL, /* no close function */ -+ eldap_tidy, /* sic */ /* tidy function */ -+ eldap_quote /* sic */ /* quoting function */ -+}; -+ -+#ifdef DYNLOOKUP -+#define ldap_lookup_module_info _lookup_module_info -+#endif -+ -+static lookup_info *_lookup_list[] = { &ldap_lookup_info, &ldapdn_lookup_info, &ldapm_lookup_info }; -+lookup_module_info ldap_lookup_module_info = { LOOKUP_MODULE_INFO_MAGIC, _lookup_list, 3 }; - - /* End of lookups/ldap.c */ -diff --git a/src/lookups/ldap.h b/src/lookups/ldap.h -index 9e1d716..62383b8 100644 ---- a/src/lookups/ldap.h -+++ b/src/lookups/ldap.h -@@ -7,18 +7,9 @@ - /* Copyright (c) University of Cambridge 1995 - 2007 */ - /* See the file NOTICE for conditions of use and distribution. */ - --/* Header for the ldap lookups */ -+/* Header for eldapauth_find */ - --extern void *eldap_open(uschar *, uschar **); --extern int eldap_find(void *, uschar *, uschar *, int, uschar **, uschar **, -- BOOL *); - extern int eldapauth_find(void *, uschar *, uschar *, int, uschar **, - uschar **, BOOL *); --extern int eldapdn_find(void *, uschar *, uschar *, int, uschar **, -- uschar **, BOOL *); --extern int eldapm_find(void *, uschar *, uschar *, int, uschar **, -- uschar **, BOOL *); --extern void eldap_tidy(void); --extern uschar *eldap_quote(uschar *, uschar *); - - /* End of lookups/ldap.h */ -diff --git a/src/lookups/lsearch.c b/src/lookups/lsearch.c -index d9ff9d4..4ac7b65 100644 ---- a/src/lookups/lsearch.c -+++ b/src/lookups/lsearch.c -@@ -9,7 +9,6 @@ - - #include "../exim.h" - #include "lf_functions.h" --#include "lsearch.h" - - /* Codes for the different kinds of lsearch that are supported */ - -@@ -28,7 +27,7 @@ enum { - - /* See local README for interface description */ - --void * -+static void * - lsearch_open(uschar *filename, uschar **errmsg) - { - FILE *f = Ufopen(filename, "rb"); -@@ -48,7 +47,7 @@ return f; - * Check entry point * - *************************************************/ - --BOOL -+static BOOL - lsearch_check(void *handle, uschar *filename, int modemask, uid_t *owners, - gid_t *owngroups, uschar **errmsg) - { -@@ -320,7 +319,7 @@ return FAIL; - - /* See local README for interface description */ - --int -+static int - lsearch_find(void *handle, uschar *filename, uschar *keystring, int length, - uschar **result, uschar **errmsg, BOOL *do_cache) - { -@@ -337,7 +336,7 @@ return internal_lsearch_find(handle, filename, keystring, length, result, - - /* See local README for interface description */ - --int -+static int - wildlsearch_find(void *handle, uschar *filename, uschar *keystring, int length, - uschar **result, uschar **errmsg, BOOL *do_cache) - { -@@ -354,7 +353,7 @@ return internal_lsearch_find(handle, filename, keystring, length, result, - - /* See local README for interface description */ - --int -+static int - nwildlsearch_find(void *handle, uschar *filename, uschar *keystring, int length, - uschar **result, uschar **errmsg, BOOL *do_cache) - { -@@ -372,7 +371,7 @@ return internal_lsearch_find(handle, filename, keystring, length, result, - - /* See local README for interface description */ - --int -+static int - iplsearch_find(void *handle, uschar *filename, uschar *keystring, int length, - uschar **result, uschar **errmsg, BOOL *do_cache) - { -@@ -401,10 +400,64 @@ else - - /* See local README for interface description */ - --void -+static void - lsearch_close(void *handle) - { - (void)fclose((FILE *)handle); - } - -+static lookup_info iplsearch_lookup_info = { -+ US"iplsearch", /* lookup name */ -+ lookup_absfile, /* uses absolute file name */ -+ lsearch_open, /* open function */ -+ lsearch_check, /* check function */ -+ iplsearch_find, /* find function */ -+ lsearch_close, /* close function */ -+ NULL, /* no tidy function */ -+ NULL /* no quoting function */ -+}; -+ -+static lookup_info lsearch_lookup_info = { -+ US"lsearch", /* lookup name */ -+ lookup_absfile, /* uses absolute file name */ -+ lsearch_open, /* open function */ -+ lsearch_check, /* check function */ -+ lsearch_find, /* find function */ -+ lsearch_close, /* close function */ -+ NULL, /* no tidy function */ -+ NULL /* no quoting function */ -+}; -+ -+static lookup_info nwildlsearch_lookup_info = { -+ US"nwildlsearch", /* lookup name */ -+ lookup_absfile, /* uses absolute file name */ -+ lsearch_open, /* open function */ -+ lsearch_check, /* check function */ -+ nwildlsearch_find, /* find function */ -+ lsearch_close, /* close function */ -+ NULL, /* no tidy function */ -+ NULL /* no quoting function */ -+}; -+ -+static lookup_info wildlsearch_lookup_info = { -+ US"wildlsearch", /* lookup name */ -+ lookup_absfile, /* uses absolute file name */ -+ lsearch_open, /* open function */ -+ lsearch_check, /* check function */ -+ wildlsearch_find, /* find function */ -+ lsearch_close, /* close function */ -+ NULL, /* no tidy function */ -+ NULL /* no quoting function */ -+}; -+ -+#ifdef DYNLOOKUP -+#define lsearch_lookup_module_info _lookup_module_info -+#endif -+ -+static lookup_info *_lookup_list[] = { &iplsearch_lookup_info, -+ &lsearch_lookup_info, -+ &nwildlsearch_lookup_info, -+ &wildlsearch_lookup_info }; -+lookup_module_info lsearch_lookup_module_info = { LOOKUP_MODULE_INFO_MAGIC, _lookup_list, 4 }; -+ - /* End of lookups/lsearch.c */ -diff --git a/src/lookups/lsearch.h b/src/lookups/lsearch.h -deleted file mode 100644 -index 7245d4c..0000000 ---- a/src/lookups/lsearch.h -+++ /dev/null -@@ -1,25 +0,0 @@ --/* $Cambridge: exim/exim-src/src/lookups/lsearch.h,v 1.4 2007/01/08 10:50:19 ph10 Exp $ */ -- --/************************************************* --* Exim - an Internet mail transport agent * --*************************************************/ -- --/* Copyright (c) University of Cambridge 1995 - 2007 */ --/* See the file NOTICE for conditions of use and distribution. */ -- --/* Header for the lsearch and wildlsearch lookups */ -- --extern void *lsearch_open(uschar *, uschar **); --extern BOOL lsearch_check(void *, uschar *, int, uid_t *, gid_t *, uschar **); --extern int lsearch_find(void *, uschar *, uschar *, int, uschar **, -- uschar **, BOOL *); --extern void lsearch_close(void *); -- --extern int wildlsearch_find(void *, uschar *, uschar *, int, uschar **, -- uschar **, BOOL *); --extern int nwildlsearch_find(void *, uschar *, uschar *, int, uschar **, -- uschar **, BOOL *); --extern int iplsearch_find(void *, uschar *, uschar *, int, uschar **, -- uschar **, BOOL *); -- --/* End of lookups/lsearch.h */ -diff --git a/src/lookups/mysql.c b/src/lookups/mysql.c -index 9b2dda9..279ee95 100644 ---- a/src/lookups/mysql.c -+++ b/src/lookups/mysql.c -@@ -13,22 +13,6 @@ functions. */ +diff -uNr exim-4.69-old/src/lookups/mysql.c exim-4.69/src/lookups/mysql.c +--- exim-4.69-old/src/lookups/mysql.c 2007-08-23 11:16:51.000000000 +0100 ++++ exim-4.69/src/lookups/mysql.c 2008-08-13 15:30:05.000000000 +0100 +@@ -13,22 +13,6 @@ #include "../exim.h" #include "lf_functions.h" @@ -2249,7 +2213,7 @@ index 9b2dda9..279ee95 100644 #include /* The system header */ -@@ -51,7 +35,7 @@ static mysql_connection *mysql_connections = NULL; +@@ -51,7 +35,7 @@ /* See local README for interface description. */ @@ -2258,7 +2222,7 @@ index 9b2dda9..279ee95 100644 mysql_open(uschar *filename, uschar **errmsg) { return (void *)(1); /* Just return something non-null */ -@@ -65,7 +49,7 @@ return (void *)(1); /* Just return something non-null */ +@@ -65,7 +49,7 @@ /* See local README for interface description. */ @@ -2267,7 +2231,7 @@ index 9b2dda9..279ee95 100644 mysql_tidy(void) { mysql_connection *cn; -@@ -342,7 +326,7 @@ arguments are not used. The code to loop through a list of servers while the +@@ -342,7 +326,7 @@ query is deferred with a retryable error is now in a separate function that is shared with other SQL lookups. */ @@ -2276,7 +2240,7 @@ index 9b2dda9..279ee95 100644 mysql_find(void *handle, uschar *filename, uschar *query, int length, uschar **result, uschar **errmsg, BOOL *do_cache) { -@@ -372,7 +356,7 @@ Arguments: +@@ -372,7 +356,7 @@ Returns: the processed string or NULL for a bad option */ @@ -2285,12 +2249,10 @@ index 9b2dda9..279ee95 100644 mysql_quote(uschar *s, uschar *opt) { register int c; -@@ -414,7 +398,24 @@ while ((c = *s++) != 0) +@@ -414,7 +398,24 @@ return quoted; } -- --#endif /* MYSQL_LOOKUP */ +/* These are the lookup_info blocks for this driver */ + +static lookup_info mysql_lookup_info = { @@ -2307,16 +2269,15 @@ index 9b2dda9..279ee95 100644 +#ifdef DYNLOOKUP +#define mysql_lookup_module_info _lookup_module_info +#endif -+ + +-#endif /* MYSQL_LOOKUP */ +static lookup_info *_lookup_list[] = { &mysql_lookup_info }; +lookup_module_info mysql_lookup_module_info = { LOOKUP_MODULE_INFO_MAGIC, _lookup_list, 1 }; /* End of lookups/mysql.c */ -diff --git a/src/lookups/mysql.h b/src/lookups/mysql.h -deleted file mode 100644 -index 05c65ce..0000000 ---- a/src/lookups/mysql.h -+++ /dev/null +diff -uNr exim-4.69-old/src/lookups/mysql.h exim-4.69/src/lookups/mysql.h +--- exim-4.69-old/src/lookups/mysql.h 2007-01-08 10:50:19.000000000 +0000 ++++ exim-4.69/src/lookups/mysql.h 1970-01-01 01:00:00.000000000 +0100 @@ -1,18 +0,0 @@ -/* $Cambridge: exim/exim-src/src/lookups/mysql.h,v 1.4 2007/01/08 10:50:19 ph10 Exp $ */ - @@ -2336,10 +2297,9 @@ index 05c65ce..0000000 -extern uschar *mysql_quote(uschar *, uschar *); - -/* End of lookups/mysql.h */ -diff --git a/src/lookups/nis.c b/src/lookups/nis.c -index 3728e20..e64523e 100644 ---- a/src/lookups/nis.c -+++ b/src/lookups/nis.c +diff -uNr exim-4.69-old/src/lookups/nis.c exim-4.69/src/lookups/nis.c +--- exim-4.69-old/src/lookups/nis.c 2007-01-08 10:50:19.000000000 +0000 ++++ exim-4.69/src/lookups/nis.c 2008-08-13 15:30:05.000000000 +0100 @@ -9,19 +9,6 @@ #include "../exim.h" @@ -2360,7 +2320,7 @@ index 3728e20..e64523e 100644 #include -@@ -33,7 +20,7 @@ static void dummy(int x) { dummy(x-1); } +@@ -33,7 +20,7 @@ /* See local README for interface description. This serves for both the "nis" and "nis0" lookup types. */ @@ -2369,7 +2329,7 @@ index 3728e20..e64523e 100644 nis_open(uschar *filename, uschar **errmsg) { char *nis_domain; -@@ -55,7 +42,7 @@ return nis_domain; +@@ -55,7 +42,7 @@ for nis0 because they are so short it isn't worth trying to use any common code. */ @@ -2378,7 +2338,7 @@ index 3728e20..e64523e 100644 nis_find(void *handle, uschar *filename, uschar *keystring, int length, uschar **result, uschar **errmsg, BOOL *do_cache) { -@@ -81,7 +68,7 @@ return (rc == YPERR_KEY || rc == YPERR_MAP)? FAIL : DEFER; +@@ -81,7 +68,7 @@ /* See local README for interface description. */ @@ -2387,7 +2347,7 @@ index 3728e20..e64523e 100644 nis0_find(void *handle, uschar *filename, uschar *keystring, int length, uschar **result, uschar **errmsg, BOOL *do_cache) { -@@ -99,6 +86,33 @@ if ((rc = yp_match(CS handle, CS filename, CS keystring, length + 1, +@@ -99,6 +86,33 @@ return (rc == YPERR_KEY || rc == YPERR_MAP)? FAIL : DEFER; } @@ -2422,11 +2382,9 @@ index 3728e20..e64523e 100644 +lookup_module_info nis_lookup_module_info = { LOOKUP_MODULE_INFO_MAGIC, _lookup_list, 2 }; /* End of lookups/nis.c */ -diff --git a/src/lookups/nis.h b/src/lookups/nis.h -deleted file mode 100644 -index b427a71..0000000 ---- a/src/lookups/nis.h -+++ /dev/null +diff -uNr exim-4.69-old/src/lookups/nis.h exim-4.69/src/lookups/nis.h +--- exim-4.69-old/src/lookups/nis.h 2007-01-08 10:50:19.000000000 +0000 ++++ exim-4.69/src/lookups/nis.h 1970-01-01 01:00:00.000000000 +0100 @@ -1,18 +0,0 @@ -/* $Cambridge: exim/exim-src/src/lookups/nis.h,v 1.4 2007/01/08 10:50:19 ph10 Exp $ */ - @@ -2446,10 +2404,9 @@ index b427a71..0000000 - BOOL *); - -/* End of lookups/nis.h */ -diff --git a/src/lookups/nisplus.c b/src/lookups/nisplus.c -index cbf6187..68c122c 100644 ---- a/src/lookups/nisplus.c -+++ b/src/lookups/nisplus.c +diff -uNr exim-4.69-old/src/lookups/nisplus.c exim-4.69/src/lookups/nisplus.c +--- exim-4.69-old/src/lookups/nisplus.c 2007-01-08 10:50:19.000000000 +0000 ++++ exim-4.69/src/lookups/nisplus.c 2008-08-13 15:30:05.000000000 +0100 @@ -9,21 +9,6 @@ #include "../exim.h" @@ -2472,7 +2429,7 @@ index cbf6187..68c122c 100644 #include -@@ -34,7 +19,7 @@ static void dummy(int x) { dummy(x-1); } +@@ -34,7 +19,7 @@ /* See local README for interface description. */ @@ -2481,7 +2438,7 @@ index cbf6187..68c122c 100644 nisplus_open(uschar *filename, uschar **errmsg) { return (void *)(1); /* Just return something non-null */ -@@ -58,7 +43,7 @@ name tagged on the end after a colon. If there is no result-field name, the +@@ -58,7 +43,7 @@ yield is the concatenation of all the fields, preceded by their names and an equals sign. */ @@ -2490,7 +2447,7 @@ index cbf6187..68c122c 100644 nisplus_find(void *handle, uschar *filename, uschar *query, int length, uschar **result, uschar **errmsg, BOOL *do_cache) { -@@ -250,7 +235,7 @@ Arguments: +@@ -250,7 +235,7 @@ Returns: the processed string or NULL for a bad option */ @@ -2499,7 +2456,7 @@ index cbf6187..68c122c 100644 nisplus_quote(uschar *s, uschar *opt) { int count = 0; -@@ -274,6 +259,22 @@ while (*s != 0) +@@ -274,6 +259,22 @@ return quoted; } @@ -2523,11 +2480,9 @@ index cbf6187..68c122c 100644 +lookup_module_info nisplus_lookup_module_info = { LOOKUP_MODULE_INFO_MAGIC, _lookup_list, 1 }; /* End of lookups/nisplus.c */ -diff --git a/src/lookups/nisplus.h b/src/lookups/nisplus.h -deleted file mode 100644 -index 9c0f1cb..0000000 ---- a/src/lookups/nisplus.h -+++ /dev/null +diff -uNr exim-4.69-old/src/lookups/nisplus.h exim-4.69/src/lookups/nisplus.h +--- exim-4.69-old/src/lookups/nisplus.h 2007-01-08 10:50:19.000000000 +0000 ++++ exim-4.69/src/lookups/nisplus.h 1970-01-01 01:00:00.000000000 +0100 @@ -1,17 +0,0 @@ -/* $Cambridge: exim/exim-src/src/lookups/nisplus.h,v 1.4 2007/01/08 10:50:19 ph10 Exp $ */ - @@ -2546,11 +2501,10 @@ index 9c0f1cb..0000000 -extern uschar *nisplus_quote(uschar *, uschar *); - -/* End of lookups/nisplus.h */ -diff --git a/src/lookups/oracle.c b/src/lookups/oracle.c -index 7cb2163..f6eadac 100644 ---- a/src/lookups/oracle.c -+++ b/src/lookups/oracle.c -@@ -15,27 +15,12 @@ some comments from my position of Oracle ignorance. */ +diff -uNr exim-4.69-old/src/lookups/oracle.c exim-4.69/src/lookups/oracle.c +--- exim-4.69-old/src/lookups/oracle.c 2007-03-13 09:59:07.000000000 +0000 ++++ exim-4.69/src/lookups/oracle.c 2008-08-13 15:30:05.000000000 +0100 +@@ -15,27 +15,12 @@ #include "../exim.h" @@ -2578,7 +2532,7 @@ index 7cb2163..f6eadac 100644 #define PARSE_NO_DEFER 0 /* parse straight away */ #define PARSE_V7_LNG 2 #define MAX_ITEM_BUFFER_SIZE 1024 /* largest size of a cell of data */ -@@ -212,7 +197,7 @@ return col; +@@ -212,7 +197,7 @@ /* See local README for interface description. */ @@ -2587,7 +2541,7 @@ index 7cb2163..f6eadac 100644 oracle_open(uschar *filename, uschar **errmsg) { return (void *)(1); /* Just return something non-null */ -@@ -226,7 +211,7 @@ return (void *)(1); /* Just return something non-null */ +@@ -226,7 +211,7 @@ /* See local README for interface description. */ @@ -2596,7 +2550,7 @@ index 7cb2163..f6eadac 100644 oracle_tidy(void) { oracle_connection *cn; -@@ -532,7 +517,7 @@ else +@@ -532,7 +517,7 @@ arguments are not used. Loop through a list of servers while the query is deferred with a retryable error. */ @@ -2605,7 +2559,7 @@ index 7cb2163..f6eadac 100644 oracle_find(void *handle, uschar *filename, uschar *query, int length, uschar **result, uschar **errmsg, BOOL *do_cache) { -@@ -577,7 +562,7 @@ Arguments: +@@ -577,7 +562,7 @@ Returns: the processed string or NULL for a bad option */ @@ -2614,7 +2568,7 @@ index 7cb2163..f6eadac 100644 oracle_quote(uschar *s, uschar *opt) { register int c; -@@ -619,6 +604,22 @@ while ((c = *s++) != 0) +@@ -619,6 +604,22 @@ return quoted; } @@ -2638,11 +2592,9 @@ index 7cb2163..f6eadac 100644 +lookup_module_info oracle_lookup_module_info = { LOOKUP_MODULE_INFO_MAGIC, _lookup_list, 1 }; /* End of lookups/oracle.c */ -diff --git a/src/lookups/oracle.h b/src/lookups/oracle.h -deleted file mode 100644 -index ea87c3f..0000000 ---- a/src/lookups/oracle.h -+++ /dev/null +diff -uNr exim-4.69-old/src/lookups/oracle.h exim-4.69/src/lookups/oracle.h +--- exim-4.69-old/src/lookups/oracle.h 2007-01-08 10:50:19.000000000 +0000 ++++ exim-4.69/src/lookups/oracle.h 1970-01-01 01:00:00.000000000 +0100 @@ -1,18 +0,0 @@ -/* $Cambridge: exim/exim-src/src/lookups/oracle.h,v 1.4 2007/01/08 10:50:19 ph10 Exp $ */ - @@ -2662,10 +2614,9 @@ index ea87c3f..0000000 -extern uschar *oracle_quote(uschar *, uschar *); - -/* End of lookups/oracle.h */ -diff --git a/src/lookups/passwd.c b/src/lookups/passwd.c -index 90f5348..6d64a63 100644 ---- a/src/lookups/passwd.c -+++ b/src/lookups/passwd.c +diff -uNr exim-4.69-old/src/lookups/passwd.c exim-4.69/src/lookups/passwd.c +--- exim-4.69-old/src/lookups/passwd.c 2007-01-08 10:50:19.000000000 +0000 ++++ exim-4.69/src/lookups/passwd.c 2008-08-13 15:30:05.000000000 +0100 @@ -8,8 +8,6 @@ /* See the file NOTICE for conditions of use and distribution. */ @@ -2684,7 +2635,7 @@ index 90f5348..6d64a63 100644 passwd_open(uschar *filename, uschar **errmsg) { filename = filename; /* Keep picky compilers happy */ -@@ -35,7 +33,7 @@ return (void *)(-1); /* Just return something non-null */ +@@ -35,7 +33,7 @@ /* See local README for interface description */ @@ -2693,7 +2644,7 @@ index 90f5348..6d64a63 100644 passwd_find(void *handle, uschar *filename, uschar *keystring, int length, uschar **result, uschar **errmsg, BOOL *do_cache) { -@@ -53,4 +51,22 @@ if (!route_finduser(keystring, &pw, NULL)) return FAIL; +@@ -53,4 +51,22 @@ return OK; } @@ -2716,11 +2667,9 @@ index 90f5348..6d64a63 100644 +lookup_module_info passwd_lookup_module_info = { LOOKUP_MODULE_INFO_MAGIC, _lookup_list, 1 }; + /* End of lookups/passwd.c */ -diff --git a/src/lookups/passwd.h b/src/lookups/passwd.h -deleted file mode 100644 -index 2350842..0000000 ---- a/src/lookups/passwd.h -+++ /dev/null +diff -uNr exim-4.69-old/src/lookups/passwd.h exim-4.69/src/lookups/passwd.h +--- exim-4.69-old/src/lookups/passwd.h 2007-01-08 10:50:19.000000000 +0000 ++++ exim-4.69/src/lookups/passwd.h 1970-01-01 01:00:00.000000000 +0100 @@ -1,16 +0,0 @@ -/* $Cambridge: exim/exim-src/src/lookups/passwd.h,v 1.4 2007/01/08 10:50:19 ph10 Exp $ */ - @@ -2738,11 +2687,10 @@ index 2350842..0000000 - BOOL *); - -/* End of lookups/passwd.h */ -diff --git a/src/lookups/pgsql.c b/src/lookups/pgsql.c -index f53cca0..c39086e 100644 ---- a/src/lookups/pgsql.c -+++ b/src/lookups/pgsql.c -@@ -13,21 +13,6 @@ socket extension. */ +diff -uNr exim-4.69-old/src/lookups/pgsql.c exim-4.69/src/lookups/pgsql.c +--- exim-4.69-old/src/lookups/pgsql.c 2007-08-23 11:16:51.000000000 +0100 ++++ exim-4.69/src/lookups/pgsql.c 2008-08-13 15:30:05.000000000 +0100 +@@ -13,21 +13,6 @@ #include "../exim.h" #include "lf_functions.h" @@ -2764,7 +2712,7 @@ index f53cca0..c39086e 100644 #include /* The system header */ -@@ -49,7 +34,7 @@ static pgsql_connection *pgsql_connections = NULL; +@@ -49,7 +34,7 @@ /* See local README for interface description. */ @@ -2773,7 +2721,7 @@ index f53cca0..c39086e 100644 pgsql_open(uschar *filename, uschar **errmsg) { return (void *)(1); /* Just return something non-null */ -@@ -63,7 +48,7 @@ return (void *)(1); /* Just return something non-null */ +@@ -63,7 +48,7 @@ /* See local README for interface description. */ @@ -2782,7 +2730,7 @@ index f53cca0..c39086e 100644 pgsql_tidy(void) { pgsql_connection *cn; -@@ -414,7 +399,7 @@ arguments are not used. The code to loop through a list of servers while the +@@ -414,7 +399,7 @@ query is deferred with a retryable error is now in a separate function that is shared with other SQL lookups. */ @@ -2791,7 +2739,7 @@ index f53cca0..c39086e 100644 pgsql_find(void *handle, uschar *filename, uschar *query, int length, uschar **result, uschar **errmsg, BOOL *do_cache) { -@@ -454,7 +439,7 @@ Arguments: +@@ -454,7 +439,7 @@ Returns: the processed string or NULL for a bad option */ @@ -2800,7 +2748,7 @@ index f53cca0..c39086e 100644 pgsql_quote(uschar *s, uschar *opt) { register int c; -@@ -501,6 +486,22 @@ while ((c = *s++) != 0) +@@ -501,6 +486,22 @@ return quoted; } @@ -2824,11 +2772,9 @@ index f53cca0..c39086e 100644 +lookup_module_info pgsql_lookup_module_info = { LOOKUP_MODULE_INFO_MAGIC, _lookup_list, 1 }; /* End of lookups/pgsql.c */ -diff --git a/src/lookups/pgsql.h b/src/lookups/pgsql.h -deleted file mode 100644 -index a4f0792..0000000 ---- a/src/lookups/pgsql.h -+++ /dev/null +diff -uNr exim-4.69-old/src/lookups/pgsql.h exim-4.69/src/lookups/pgsql.h +--- exim-4.69-old/src/lookups/pgsql.h 2007-01-08 10:50:19.000000000 +0000 ++++ exim-4.69/src/lookups/pgsql.h 1970-01-01 01:00:00.000000000 +0100 @@ -1,18 +0,0 @@ -/* $Cambridge: exim/exim-src/src/lookups/pgsql.h,v 1.4 2007/01/08 10:50:19 ph10 Exp $ */ - @@ -2848,11 +2794,10 @@ index a4f0792..0000000 -extern uschar *pgsql_quote(uschar *, uschar *); - -/* End of lookups/pgsql.h */ -diff --git a/src/lookups/spf.c b/src/lookups/spf.c -index 9bd65c5..8b4d8e9 100644 ---- a/src/lookups/spf.c -+++ b/src/lookups/spf.c -@@ -24,7 +24,6 @@ static void dummy(int x) { dummy(x-1); } +diff -uNr exim-4.69-old/src/lookups/spf.c exim-4.69/src/lookups/spf.c +--- exim-4.69-old/src/lookups/spf.c 2005-06-27 19:01:02.000000000 +0100 ++++ exim-4.69/src/lookups/spf.c 2008-08-13 15:30:05.000000000 +0100 +@@ -24,7 +24,6 @@ #else #include "lf_functions.h" @@ -2860,7 +2805,7 @@ index 9bd65c5..8b4d8e9 100644 #ifndef HAVE_NS_TYPE #define HAVE_NS_TYPE #endif -@@ -32,7 +31,7 @@ static void dummy(int x) { dummy(x-1); } +@@ -32,7 +31,7 @@ #include #include @@ -2869,7 +2814,7 @@ index 9bd65c5..8b4d8e9 100644 SPF_server_t *spf_server = NULL; spf_server = SPF_server_new(SPF_DNS_CACHE, 0); if (spf_server == NULL) { -@@ -42,13 +41,14 @@ void *spf_open(uschar *filename, uschar **errmsg) { +@@ -42,13 +41,14 @@ return (void *) spf_server; } @@ -2887,7 +2832,7 @@ index 9bd65c5..8b4d8e9 100644 SPF_server_t *spf_server = handle; SPF_request_t *spf_request = NULL; SPF_response_t *spf_response = NULL; -@@ -75,4 +75,22 @@ int spf_find(void *handle, uschar *filename, uschar *keystring, int key_len, +@@ -75,4 +75,22 @@ return OK; } @@ -2910,11 +2855,9 @@ index 9bd65c5..8b4d8e9 100644 +lookup_module_info spf_lookup_module_info = { LOOKUP_MODULE_INFO_MAGIC, _lookup_list, 1 }; + #endif /* EXPERIMENTAL_SPF */ -diff --git a/src/lookups/spf.h b/src/lookups/spf.h -deleted file mode 100644 -index 5280f52..0000000 ---- a/src/lookups/spf.h -+++ /dev/null +diff -uNr exim-4.69-old/src/lookups/spf.h exim-4.69/src/lookups/spf.h +--- exim-4.69-old/src/lookups/spf.h 2005-05-25 21:07:55.000000000 +0100 ++++ exim-4.69/src/lookups/spf.h 1970-01-01 01:00:00.000000000 +0100 @@ -1,26 +0,0 @@ -/* $Cambridge: exim/exim-src/src/lookups/spf.h,v 1.1 2005/05/25 20:07:55 tom Exp $ */ - @@ -2942,10 +2885,9 @@ index 5280f52..0000000 -extern int spf_find(void *, uschar *, uschar *, int, uschar **, uschar **, - BOOL *); - -diff --git a/src/lookups/sqlite.c b/src/lookups/sqlite.c -index e4aa4ea..b5d4175 100644 ---- a/src/lookups/sqlite.c -+++ b/src/lookups/sqlite.c +diff -uNr exim-4.69-old/src/lookups/sqlite.c exim-4.69/src/lookups/sqlite.c +--- exim-4.69-old/src/lookups/sqlite.c 2007-01-08 10:50:19.000000000 +0000 ++++ exim-4.69/src/lookups/sqlite.c 2008-08-13 15:30:05.000000000 +0100 @@ -9,11 +9,7 @@ #include "../exim.h" @@ -2958,7 +2900,7 @@ index e4aa4ea..b5d4175 100644 #include -@@ -23,7 +19,7 @@ static void dummy(int x) { dummy(x-1); } +@@ -23,7 +19,7 @@ /* See local README for interface description. */ @@ -2967,7 +2909,7 @@ index e4aa4ea..b5d4175 100644 sqlite_open(uschar *filename, uschar **errmsg) { sqlite3 *db = NULL; -@@ -85,7 +81,7 @@ return 0; +@@ -85,7 +81,7 @@ } @@ -2976,7 +2918,7 @@ index e4aa4ea..b5d4175 100644 sqlite_find(void *handle, uschar *filename, uschar *query, int length, uschar **result, uschar **errmsg, BOOL *do_cache) { -@@ -113,7 +109,7 @@ return OK; +@@ -113,7 +109,7 @@ /* See local README for interface description. */ @@ -2985,7 +2927,7 @@ index e4aa4ea..b5d4175 100644 { sqlite3_close(handle); } -@@ -134,7 +130,7 @@ Arguments: +@@ -134,7 +130,7 @@ Returns: the processed string or NULL for a bad option */ @@ -2994,7 +2936,7 @@ index e4aa4ea..b5d4175 100644 sqlite_quote(uschar *s, uschar *opt) { register int c; -@@ -159,6 +155,22 @@ while ((c = *s++) != 0) +@@ -159,6 +155,22 @@ return quoted; } @@ -3018,11 +2960,9 @@ index e4aa4ea..b5d4175 100644 +lookup_module_info sqlite_lookup_module_info = { LOOKUP_MODULE_INFO_MAGIC, _lookup_list, 1 }; /* End of lookups/sqlite.c */ -diff --git a/src/lookups/sqlite.h b/src/lookups/sqlite.h -deleted file mode 100644 -index 1f3b421..0000000 ---- a/src/lookups/sqlite.h -+++ /dev/null +diff -uNr exim-4.69-old/src/lookups/sqlite.h exim-4.69/src/lookups/sqlite.h +--- exim-4.69-old/src/lookups/sqlite.h 2007-01-08 10:50:19.000000000 +0000 ++++ exim-4.69/src/lookups/sqlite.h 1970-01-01 01:00:00.000000000 +0100 @@ -1,18 +0,0 @@ -/* $Cambridge: exim/exim-src/src/lookups/sqlite.h,v 1.3 2007/01/08 10:50:19 ph10 Exp $ */ - @@ -3042,10 +2982,9 @@ index 1f3b421..0000000 -extern uschar *sqlite_quote(uschar *, uschar *); - -/* End of lookups/sqlite.h */ -diff --git a/src/lookups/testdb.c b/src/lookups/testdb.c -index c20275f..ca29a37 100644 ---- a/src/lookups/testdb.c -+++ b/src/lookups/testdb.c +diff -uNr exim-4.69-old/src/lookups/testdb.c exim-4.69/src/lookups/testdb.c +--- exim-4.69-old/src/lookups/testdb.c 2007-01-08 10:50:19.000000000 +0000 ++++ exim-4.69/src/lookups/testdb.c 2008-08-13 15:30:05.000000000 +0100 @@ -9,8 +9,6 @@ #include "../exim.h" @@ -3055,7 +2994,7 @@ index c20275f..ca29a37 100644 /* These are not real lookup functions; they are just a way of testing the rest of Exim by providing an easy way of specifying particular yields from -@@ -23,7 +21,7 @@ the find function. */ +@@ -23,7 +21,7 @@ /* See local README for interface description. */ @@ -3064,7 +3003,7 @@ index c20275f..ca29a37 100644 testdb_open(uschar *filename, uschar **errmsg) { filename = filename; /* Keep picky compilers happy */ -@@ -39,7 +37,7 @@ return (void *)(1); /* Just return something non-null */ +@@ -39,7 +37,7 @@ /* See local README for interface description. */ @@ -3073,7 +3012,7 @@ index c20275f..ca29a37 100644 testdb_find(void *handle, uschar *filename, uschar *query, int length, uschar **result, uschar **errmsg, BOOL *do_cache) { -@@ -66,4 +64,22 @@ if (Ustrcmp(query, "nocache") == 0) *do_cache = FALSE; +@@ -66,4 +64,22 @@ return OK; } @@ -3096,11 +3035,9 @@ index c20275f..ca29a37 100644 +lookup_module_info testdb_lookup_module_info = { LOOKUP_MODULE_INFO_MAGIC, _lookup_list, 1 }; + /* End of lookups/testdb.c */ -diff --git a/src/lookups/testdb.h b/src/lookups/testdb.h -deleted file mode 100644 -index 39c0e41..0000000 ---- a/src/lookups/testdb.h -+++ /dev/null +diff -uNr exim-4.69-old/src/lookups/testdb.h exim-4.69/src/lookups/testdb.h +--- exim-4.69-old/src/lookups/testdb.h 2007-01-08 10:50:19.000000000 +0000 ++++ exim-4.69/src/lookups/testdb.h 1970-01-01 01:00:00.000000000 +0100 @@ -1,16 +0,0 @@ -/* $Cambridge: exim/exim-src/src/lookups/testdb.h,v 1.4 2007/01/08 10:50:19 ph10 Exp $ */ - @@ -3118,10 +3055,9 @@ index 39c0e41..0000000 - BOOL *); - -/* End of lookups/testdb.h */ -diff --git a/src/lookups/whoson.c b/src/lookups/whoson.c -index 298937c..6517f9d 100644 ---- a/src/lookups/whoson.c -+++ b/src/lookups/whoson.c +diff -uNr exim-4.69-old/src/lookups/whoson.c exim-4.69/src/lookups/whoson.c +--- exim-4.69-old/src/lookups/whoson.c 2007-01-08 10:50:19.000000000 +0000 ++++ exim-4.69/src/lookups/whoson.c 2008-08-13 15:30:05.000000000 +0100 @@ -12,23 +12,7 @@ #include "../exim.h" @@ -3146,7 +3082,7 @@ index 298937c..6517f9d 100644 /************************************************* * Open entry point * -@@ -36,7 +20,7 @@ static void dummy(int x) { dummy(x-1); } +@@ -36,7 +20,7 @@ /* See local README for interface description. */ @@ -3155,7 +3091,7 @@ index 298937c..6517f9d 100644 whoson_open(uschar *filename, uschar **errmsg) { filename = filename; /* Keep picky compilers happy */ -@@ -51,7 +35,7 @@ return (void *)(1); /* Just return something non-null */ +@@ -51,7 +35,7 @@ /* See local README for interface description. */ @@ -3164,7 +3100,7 @@ index 298937c..6517f9d 100644 whoson_find(void *handle, uschar *filename, uschar *query, int length, uschar **result, uschar **errmsg, BOOL *do_cache) { -@@ -77,6 +61,22 @@ switch (wso_query(query, CS buffer, sizeof(buffer))) +@@ -77,6 +61,22 @@ } } @@ -3188,11 +3124,9 @@ index 298937c..6517f9d 100644 +lookup_module_info whoson_lookup_module_info = { LOOKUP_MODULE_INFO_MAGIC, _lookup_list, 1 }; /* End of lookups/whoson.c */ -diff --git a/src/lookups/whoson.h b/src/lookups/whoson.h -deleted file mode 100644 -index 3490383..0000000 ---- a/src/lookups/whoson.h -+++ /dev/null +diff -uNr exim-4.69-old/src/lookups/whoson.h exim-4.69/src/lookups/whoson.h +--- exim-4.69-old/src/lookups/whoson.h 2007-01-08 10:50:19.000000000 +0000 ++++ exim-4.69/src/lookups/whoson.h 1970-01-01 01:00:00.000000000 +0100 @@ -1,16 +0,0 @@ -/* $Cambridge: exim/exim-src/src/lookups/whoson.h,v 1.4 2007/01/08 10:50:19 ph10 Exp $ */ - @@ -3210,11 +3144,10 @@ index 3490383..0000000 - BOOL *); - -/* End of lookups/whoson.h */ -diff --git a/src/macros.h b/src/macros.h -index 4ca353c..a70aa85 100644 ---- a/src/macros.h -+++ b/src/macros.h -@@ -96,7 +96,7 @@ don't make the file descriptors two-way. */ +diff -uNr exim-4.69-old/src/macros.h exim-4.69/src/macros.h +--- exim-4.69-old/src/macros.h 2007-08-22 11:10:23.000000000 +0100 ++++ exim-4.69/src/macros.h 2008-08-13 15:30:05.000000000 +0100 +@@ -96,7 +96,7 @@ /* A macro to simplify testing bits in lookup types */ @@ -3223,11 +3156,10 @@ index 4ca353c..a70aa85 100644 /* Debugging control */ -diff --git a/src/search.c b/src/search.c -index 8181285..3510d33 100644 ---- a/src/search.c -+++ b/src/search.c -@@ -71,7 +71,7 @@ int top = lookup_list_count; +diff -uNr exim-4.69-old/src/search.c exim-4.69/src/search.c +--- exim-4.69-old/src/search.c 2007-08-29 15:02:22.000000000 +0100 ++++ exim-4.69/src/search.c 2008-08-13 15:30:05.000000000 +0100 +@@ -71,7 +71,7 @@ while (top > bot) { int mid = (top + bot)/2; @@ -3236,7 +3168,7 @@ index 8181285..3510d33 100644 /* If c == 0 we have matched the incoming name with the start of the search type name. However, some search types are substrings of others (e.g. nis and -@@ -81,9 +81,9 @@ while (top > bot) +@@ -81,9 +81,9 @@ are testing. By leaving c == 0 when the lengths are different, and doing a > 0 test below, this all falls out correctly. */ @@ -3248,7 +3180,7 @@ index 8181285..3510d33 100644 search_error_message = string_sprintf("lookup type \"%.*s\" is not " "available (not in the binary - check buildtime LOOKUP configuration)", len, name); -@@ -237,8 +237,8 @@ if (t->left != NULL) tidyup_subtree(t->left); +@@ -237,8 +237,8 @@ if (t->right != NULL) tidyup_subtree(t->right); if (c != NULL && c->handle != NULL && @@ -3259,7 +3191,7 @@ index 8181285..3510d33 100644 } -@@ -270,7 +270,7 @@ open_filecount = 0; +@@ -270,7 +270,7 @@ /* Call the general tidyup entry for any drivers that have one. */ for (i = 0; i < lookup_list_count; i++) @@ -3268,7 +3200,7 @@ index 8181285..3510d33 100644 if (search_reset_point != NULL) store_reset(search_reset_point); search_reset_point = NULL; -@@ -335,7 +335,7 @@ search_open(uschar *filename, int search_type, int modemask, uid_t *owners, +@@ -335,7 +335,7 @@ void *handle; tree_node *t; search_cache *c; @@ -3277,7 +3209,7 @@ index 8181285..3510d33 100644 uschar keybuffer[256]; int old_pool = store_pool; -@@ -388,7 +388,7 @@ if (lk->type == lookup_absfile && open_filecount >= lookup_open_max) +@@ -388,7 +388,7 @@ ((search_cache *)(open_bot->data.ptr))->down = NULL; else open_top = NULL; @@ -3286,7 +3218,7 @@ index 8181285..3510d33 100644 c->handle = NULL; open_filecount--; } -@@ -480,7 +480,7 @@ search_find_defer = FALSE; +@@ -480,7 +480,7 @@ DEBUG(D_lookup) debug_printf("internal_search_find: file=\"%s\"\n " "type=%s key=\"%s\"\n", filename, @@ -3295,7 +3227,7 @@ index 8181285..3510d33 100644 /* Insurance. If the keystring is empty, just fail. */ -@@ -511,7 +511,7 @@ if ((t = tree_search(c->item_cache, keystring)) == NULL) +@@ -511,7 +511,7 @@ like FAIL, except that search_find_defer is set so the caller can distinguish if necessary. */ @@ -3304,7 +3236,7 @@ index 8181285..3510d33 100644 &data, &search_error_message, &do_cache) == DEFER) { search_find_defer = TRUE; -@@ -622,7 +622,7 @@ DEBUG(D_lookup) +@@ -622,7 +622,7 @@ that opens real files. */ if (open_top != (tree_node *)handle && @@ -3313,11 +3245,10 @@ index 8181285..3510d33 100644 { search_cache *c = (search_cache *)(t->data.ptr); tree_node *up = c->up; -diff --git a/src/structs.h b/src/structs.h -index 2000e04..915e100 100644 ---- a/src/structs.h -+++ b/src/structs.h -@@ -322,34 +322,7 @@ typedef struct router_info { +diff -uNr exim-4.69-old/src/structs.h exim-4.69/src/structs.h +--- exim-4.69-old/src/structs.h 2007-06-18 14:57:50.000000000 +0100 ++++ exim-4.69/src/structs.h 2008-08-13 15:30:05.000000000 +0100 +@@ -322,34 +322,7 @@ /* Structure for holding information about a lookup type. */ @@ -3353,11 +3284,10 @@ index 2000e04..915e100 100644 /* Structure for holding information about the configured authentication -diff --git a/src/verify.c b/src/verify.c -index fcbcd04..95bcc73 100644 ---- a/src/verify.c -+++ b/src/verify.c -@@ -2219,7 +2219,7 @@ if (iplookup) +diff -uNr exim-4.69-old/src/verify.c exim-4.69/src/verify.c +--- exim-4.69-old/src/verify.c 2007-06-14 15:18:19.000000000 +0100 ++++ exim-4.69/src/verify.c 2008-08-13 15:30:05.000000000 +0100 +@@ -2219,7 +2219,7 @@ } else /* Single-key style */ { diff --git a/exim-rhl.patch b/exim-rhl.patch index a9d2ccf..8143c0d 100644 --- a/exim-rhl.patch +++ b/exim-rhl.patch @@ -1,6 +1,7 @@ ---- exim-4.32/src/configure.default.rhl 2004-04-15 04:27:01.000000000 -0400 -+++ exim-4.32/src/configure.default 2004-04-15 12:30:03.367749456 -0400 -@@ -411,7 +411,7 @@ +diff -uNr exim-4.69.orig/src/configure.default exim-4.69/src/configure.default +--- exim-4.69.orig/src/configure.default 2007-06-26 12:21:36.000000000 +0100 ++++ exim-4.69/src/configure.default 2008-08-13 14:41:14.000000000 +0100 +@@ -548,7 +548,7 @@ driver = redirect allow_fail allow_defer @@ -9,7 +10,7 @@ # user = exim file_transport = address_file pipe_transport = address_pipe -@@ -491,8 +491,8 @@ +@@ -643,8 +643,8 @@ delivery_date_add envelope_to_add return_path_add diff --git a/exim.spec b/exim.spec index b27cf3e..283985d 100644 --- a/exim.spec +++ b/exim.spec @@ -12,7 +12,7 @@ Summary: The exim mail transfer agent Name: exim Version: 4.69 -Release: 6%{?dist} +Release: 7%{?dist} License: GPLv2+ Url: http://www.exim.org/ Group: System Environment/Daemons @@ -44,7 +44,6 @@ Patch12: exim-4.33-cyrus.patch Patch13: exim-4.43-pamconfig.patch Patch14: exim-4.50-spamdconf.patch Patch15: exim-4.52-dynamic-pcre.patch -Patch17: exim-4.61-ldap-deprecated.patch Patch18: exim-4.62-dlopen-localscan.patch Patch19: exim-4.63-procmail.patch Patch20: exim-4.63-allow-filter.patch @@ -169,7 +168,6 @@ greylisting unconditional. %patch13 -p1 -b .pam %patch14 -p1 -b .spamd %patch15 -p1 -b .pcre -%patch17 -p1 -b .ldap %patch18 -p1 -b .dl %patch19 -p1 -b .procmail %patch20 -p1 -b .filter @@ -483,6 +481,9 @@ test "$1" = 0 || %{_initrddir}/clamd.exim condrestart >/dev/null || : %{_sysconfdir}/cron.daily/greylist-tidy.sh %changelog +* Wed Aug 13 2008 David Woodhouse 4.69-7 +- Rediff all patches to cope with new zero-fuzz policy + * Wed Aug 13 2008 David Woodhouse 4.69-6 - Add $RPM_OPT_FLAGS in config instead of overriding on make command line. (to fix the setting of largefile options which we were killing) From 9f33132d0bd6300926b8ac7fe8ab7527847efc93 Mon Sep 17 00:00:00 2001 From: Michael Schwendt Date: Thu, 28 Aug 2008 21:05:31 +0000 Subject: [PATCH 071/194] - Include unowned directories. No build-job. --- exim.spec | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/exim.spec b/exim.spec index 283985d..75e05b8 100644 --- a/exim.spec +++ b/exim.spec @@ -12,7 +12,7 @@ Summary: The exim mail transfer agent Name: exim Version: 4.69 -Release: 7%{?dist} +Release: 8%{?dist} License: GPLv2+ Url: http://www.exim.org/ Group: System Environment/Daemons @@ -408,6 +408,8 @@ fi %{_bindir}/newaliases.exim /usr/lib/sendmail.exim %{_mandir}/*/* +%dir %{_libdir}/exim +%dir %{_libdir}/exim/%{version}-%{release} %dir %{_libdir}/exim/%{version}-%{release}/lookups %defattr(-,exim,exim) @@ -481,6 +483,9 @@ test "$1" = 0 || %{_initrddir}/clamd.exim condrestart >/dev/null || : %{_sysconfdir}/cron.daily/greylist-tidy.sh %changelog +* Thu Aug 28 2008 Michael Schwendt 4.69-8 +- Include unowned directories. + * Wed Aug 13 2008 David Woodhouse 4.69-7 - Rediff all patches to cope with new zero-fuzz policy From ea9c3903126c7fb5e660efc0154bc5ba77eb74d5 Mon Sep 17 00:00:00 2001 From: Caolan McNamara Date: Sat, 24 Jan 2009 17:14:15 +0000 Subject: [PATCH 072/194] rebuild for dependencies --- exim.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/exim.spec b/exim.spec index 75e05b8..6f79af5 100644 --- a/exim.spec +++ b/exim.spec @@ -12,7 +12,7 @@ Summary: The exim mail transfer agent Name: exim Version: 4.69 -Release: 8%{?dist} +Release: 9%{?dist} License: GPLv2+ Url: http://www.exim.org/ Group: System Environment/Daemons @@ -483,6 +483,9 @@ test "$1" = 0 || %{_initrddir}/clamd.exim condrestart >/dev/null || : %{_sysconfdir}/cron.daily/greylist-tidy.sh %changelog +* Sat Jan 24 2009 Caolán McNamara 4.69-9 +- rebuild for dependencies + * Thu Aug 28 2008 Michael Schwendt 4.69-8 - Include unowned directories. From dc9e03e94deb298c693969b1d31092fa543de99b Mon Sep 17 00:00:00 2001 From: Jesse Keating Date: Tue, 24 Feb 2009 15:50:56 +0000 Subject: [PATCH 073/194] - Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild --- exim.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/exim.spec b/exim.spec index 6f79af5..997c27f 100644 --- a/exim.spec +++ b/exim.spec @@ -12,7 +12,7 @@ Summary: The exim mail transfer agent Name: exim Version: 4.69 -Release: 9%{?dist} +Release: 10%{?dist} License: GPLv2+ Url: http://www.exim.org/ Group: System Environment/Daemons @@ -483,6 +483,9 @@ test "$1" = 0 || %{_initrddir}/clamd.exim condrestart >/dev/null || : %{_sysconfdir}/cron.daily/greylist-tidy.sh %changelog +* Tue Feb 24 2009 Fedora Release Engineering - 4.69-10 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild + * Sat Jan 24 2009 Caolán McNamara 4.69-9 - rebuild for dependencies From 6797dd950986f285b4aaf6fe00ea9fe4fb8994e4 Mon Sep 17 00:00:00 2001 From: Michael Schwendt Date: Sat, 23 May 2009 08:14:39 +0000 Subject: [PATCH 074/194] - Add subpackage dependencies to fix unowned directories (#474869). - Add missing defattr. --- exim.spec | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/exim.spec b/exim.spec index 997c27f..cffc8b3 100644 --- a/exim.spec +++ b/exim.spec @@ -12,7 +12,7 @@ Summary: The exim mail transfer agent Name: exim Version: 4.69 -Release: 10%{?dist} +Release: 11%{?dist} License: GPLv2+ Url: http://www.exim.org/ Group: System Environment/Daemons @@ -74,6 +74,7 @@ configuration of exim is quite different to that of sendmail. %package mysql Summary: MySQL lookup support for Exim Group: System Environment/Daemons +Requires: exim = %{version}-%{release} %description mysql This package contains the MySQL lookup module for Exim @@ -81,6 +82,7 @@ This package contains the MySQL lookup module for Exim %package pgsql Summary: PostgreSQL lookup support for Exim Group: System Environment/Daemons +Requires: exim = %{version}-%{release} %description pgsql This package contains the PostgreSQL lookup module for Exim @@ -436,9 +438,11 @@ fi %attr(0600,root,root) %ghost %config(missingok,noreplace) %verify(not md5 size mtime) /etc/pki/tls/private/exim.pem %files mysql +%defattr(-,root,root,-) %{_libdir}/exim/%{version}-%{release}/lookups/mysql.so %files pgsql +%defattr(-,root,root,-) %{_libdir}/exim/%{version}-%{release}/lookups/pgsql.so %files mon @@ -477,12 +481,17 @@ test "$1" = 0 || %{_initrddir}/clamd.exim condrestart >/dev/null || : %endif %files greylist +%defattr(-,root,root,-) %config %{_sysconfdir}/exim/exim-greylist.conf.inc %ghost %{_var}/spool/exim/db/greylist.db %{_sysconfdir}/exim/mk-greylist-db.sql %{_sysconfdir}/cron.daily/greylist-tidy.sh %changelog +* Sat May 23 2009 Michael Schwendt - 4.69-11 +- Add subpackage dependencies to fix unowned directories (#474869). +- Add missing defattr. + * Tue Feb 24 2009 Fedora Release Engineering - 4.69-10 - Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild From 4c896097dca5d11682de2b839d1d622684260f25 Mon Sep 17 00:00:00 2001 From: Jesse Keating Date: Fri, 24 Jul 2009 22:25:29 +0000 Subject: [PATCH 075/194] - Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild --- exim.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/exim.spec b/exim.spec index cffc8b3..06a7df7 100644 --- a/exim.spec +++ b/exim.spec @@ -12,7 +12,7 @@ Summary: The exim mail transfer agent Name: exim Version: 4.69 -Release: 11%{?dist} +Release: 12%{?dist} License: GPLv2+ Url: http://www.exim.org/ Group: System Environment/Daemons @@ -488,6 +488,9 @@ test "$1" = 0 || %{_initrddir}/clamd.exim condrestart >/dev/null || : %{_sysconfdir}/cron.daily/greylist-tidy.sh %changelog +* Fri Jul 24 2009 Fedora Release Engineering - 4.69-12 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild + * Sat May 23 2009 Michael Schwendt - 4.69-11 - Add subpackage dependencies to fix unowned directories (#474869). - Add missing defattr. From b9addd26d27edb677c4856153e8d47420e39d23c Mon Sep 17 00:00:00 2001 From: David Woodhouse Date: Fri, 7 Aug 2009 07:19:06 +0000 Subject: [PATCH 076/194] Don't complain if /etc/sysconfig/network absent --- exim.init | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/exim.init b/exim.init index c63d488..09d7908 100644 --- a/exim.init +++ b/exim.init @@ -13,7 +13,7 @@ . /etc/init.d/functions # Source networking configuration. -. /etc/sysconfig/network +[ -r /etc/sysconfig/network ] && . /etc/sysconfig/network # Source exim configureation. if [ -f /etc/sysconfig/exim ] ; then From 04c6bfd0294e6d3298a7829f901e85f778a0df24 Mon Sep 17 00:00:00 2001 From: David Woodhouse Date: Wed, 12 Aug 2009 11:08:58 +0000 Subject: [PATCH 077/194] Various small fixes --- exim-tidydb.sh | 10 ++++++++++ exim.spec | 25 +++++++++++++++++++++++-- 2 files changed, 33 insertions(+), 2 deletions(-) create mode 100755 exim-tidydb.sh diff --git a/exim-tidydb.sh b/exim-tidydb.sh new file mode 100755 index 0000000..1b3dddc --- /dev/null +++ b/exim-tidydb.sh @@ -0,0 +1,10 @@ +#!/bin/bash + +SPOOLDIR=/var/spool/exim + +cd $SPOOLDIR/db +for a in retry misc wait-* callout ratelimit; do + [ -r "$a" ] || continue + [ "${a%%.lockfile}" = "$a" ] || continue + /usr/sbin/exim_tidydb $SPOOLDIR $a >/dev/null +done diff --git a/exim.spec b/exim.spec index 06a7df7..3baf124 100644 --- a/exim.spec +++ b/exim.spec @@ -29,6 +29,7 @@ Source: ftp://ftp.exim.org/pub/exim/exim4/exim-%{version}.tar.bz2 Source2: exim.init Source3: exim.sysconfig Source4: exim.logrotate +Source5: exim-tidydb.sh Source11: exim.pam %if 0%{?buildsa} Source13: http://marc.merlins.org/linux/exim/files/sa-exim-4.2.tar.gz @@ -53,11 +54,15 @@ Patch23: exim-4.67-smarthost-config.patch Patch24: exim-4.69-dynlookup.patch Patch25: exim-4.69-dynlookup-config.patch +Requires: /etc/pki/tls/certs /etc/pki/tls/private Requires: /etc/aliases Requires: perl(:MODULE_COMPAT_%(eval "`%{__perl} -V:version`"; echo $version)) BuildRequires: db4-devel openssl-devel openldap-devel pam-devel -BuildRequires: lynx pcre-devel sqlite-devel tcp_wrappers-devel -BuildRequires: cyrus-sasl-devel openldap-devel openssl-devel mysql-devel postgresql-devel +%if 0%{?buildsa} +BuildRequires: lynx +%endif +BuildRequires: pcre-devel sqlite-devel tcp_wrappers-devel cyrus-sasl-devel +BuildRequires: openldap-devel openssl-devel mysql-devel postgresql-devel BuildRequires: libXaw-devel libXmu-devel libXext-devel libX11-devel libSM-devel BuildRequires: libICE-devel libXpm-devel libXt-devel perl(ExtUtils::Embed) @@ -269,6 +274,9 @@ install %SOURCE2 $RPM_BUILD_ROOT%{_initrddir}/exim mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}/logrotate.d install -m 0644 %SOURCE4 $RPM_BUILD_ROOT%{_sysconfdir}/logrotate.d/exim +mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}/cron.daily +install -m 0755 %SOURCE5 $RPM_BUILD_ROOT%{_sysconfdir}/cron.daily/exim-tidydb + %if 0%{?buildsa} # install sa cd sa-exim* @@ -303,6 +311,9 @@ EOF ln -sf clamd $RPM_BUILD_ROOT/usr/sbin/clamd.exim mkdir -p $RPM_BUILD_ROOT%{_var}/run/clamd.exim +mkdir -p $RPM_BUILD_ROOT%{_var}/log +touch $RPM_BUILD_ROOT%{_var}/log/clamd.exim + %endif # Set up the greylist subpackage @@ -430,6 +441,7 @@ fi %{_sysconfdir}/rc.d/init.d/exim %config(noreplace) %{_sysconfdir}/logrotate.d/exim %config(noreplace) %{_sysconfdir}/pam.d/exim +%{_sysconfdir}/cron.daily/exim-tidydb %doc ACKNOWLEDGMENTS LICENCE NOTICE README.UPDATING README %doc doc util/unknownuser.sh @@ -461,6 +473,8 @@ fi %if 0%{?buildclam} %post clamav +/bin/touch %{_var}/log/clamd.exim +/bin/chown exim.exim %{_var}log/clamd.exim /sbin/chkconfig --add clamd.exim %preun clamav @@ -478,6 +492,7 @@ test "$1" = 0 || %{_initrddir}/clamd.exim condrestart >/dev/null || : %config(noreplace) %verify(not mtime) %{_sysconfdir}/sysconfig/clamd.exim %config(noreplace) %verify(not mtime) %{_sysconfdir}/logrotate.d/clamd.exim %attr(0750,exim,exim) %dir %{_var}/run/clamd.exim +%ghost %attr(0644,exim,exim) %{_var}/log/clamd.exim %endif %files greylist @@ -488,6 +503,12 @@ test "$1" = 0 || %{_initrddir}/clamd.exim condrestart >/dev/null || : %{_sysconfdir}/cron.daily/greylist-tidy.sh %changelog +* Wed Aug 12 2009 David Woodhouse - 4.69-13 +- Cope with lack of /etc/sysconfig/network (#506330) +- Require /etc/pki/tls/ directories +- Provide exim-tidydb cron job (#481426) +- Provide clamd.exim log file (#452358) + * Fri Jul 24 2009 Fedora Release Engineering - 4.69-12 - Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild From 15fb3559b4c584b6fce025b6c32ba8f4d871fe1c Mon Sep 17 00:00:00 2001 From: David Woodhouse Date: Wed, 12 Aug 2009 11:11:29 +0000 Subject: [PATCH 078/194] bump release --- exim.spec | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/exim.spec b/exim.spec index 3baf124..7c90f47 100644 --- a/exim.spec +++ b/exim.spec @@ -12,7 +12,7 @@ Summary: The exim mail transfer agent Name: exim Version: 4.69 -Release: 12%{?dist} +Release: 13%{?dist} License: GPLv2+ Url: http://www.exim.org/ Group: System Environment/Daemons From 3ff652a75041d7436e4a37411d6fdbae8e2e46e2 Mon Sep 17 00:00:00 2001 From: David Woodhouse Date: Wed, 12 Aug 2009 13:54:32 +0000 Subject: [PATCH 079/194] require openssl for post --- exim.spec | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/exim.spec b/exim.spec index 7c90f47..aa8561f 100644 --- a/exim.spec +++ b/exim.spec @@ -12,14 +12,14 @@ Summary: The exim mail transfer agent Name: exim Version: 4.69 -Release: 13%{?dist} +Release: 14%{?dist} License: GPLv2+ Url: http://www.exim.org/ Group: System Environment/Daemons Buildroot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) Provides: MTA smtpd smtpdaemon server(smtp) /usr/bin/newaliases Provides: /usr/sbin/sendmail /usr/bin/mailq /usr/bin/rmail -Requires(post): /sbin/chkconfig /sbin/service %{_sbindir}/alternatives +Requires(post): /sbin/chkconfig /sbin/service %{_sbindir}/alternatives openssl Requires(preun): /sbin/chkconfig /sbin/service %{_sbindir}/alternatives Requires(pre): %{_sbindir}/groupadd, %{_sbindir}/useradd %if 0%{?buildclam} @@ -503,6 +503,9 @@ test "$1" = 0 || %{_initrddir}/clamd.exim condrestart >/dev/null || : %{_sysconfdir}/cron.daily/greylist-tidy.sh %changelog +* Wed Aug 12 2009 David Woodhouse +- Require openssl for %post + * Wed Aug 12 2009 David Woodhouse - 4.69-13 - Cope with lack of /etc/sysconfig/network (#506330) - Require /etc/pki/tls/ directories From 8b299cf91b569eb11a3faa4e01c73806f51841d4 Mon Sep 17 00:00:00 2001 From: Miroslav Lichvar Date: Tue, 18 Aug 2009 13:38:20 +0000 Subject: [PATCH 080/194] - Move certificate generation to init script (#517013) - Fix strict aliasing warning --- exim-4.69-strictaliasing.patch | 11 +++++++++++ exim.init | 34 ++++++++++++++++++++++++++++++++++ exim.spec | 30 ++++++------------------------ 3 files changed, 51 insertions(+), 24 deletions(-) create mode 100644 exim-4.69-strictaliasing.patch diff --git a/exim-4.69-strictaliasing.patch b/exim-4.69-strictaliasing.patch new file mode 100644 index 0000000..7eb9d13 --- /dev/null +++ b/exim-4.69-strictaliasing.patch @@ -0,0 +1,11 @@ +diff -up exim-4.69/src/exim.h.strictaliasing exim-4.69/src/exim.h +--- exim-4.69/src/exim.h.strictaliasing 2009-08-18 15:10:42.000000000 +0200 ++++ exim-4.69/src/exim.h 2009-08-18 15:16:01.000000000 +0200 +@@ -484,6 +484,7 @@ union sockaddr_46 { + #if HAVE_IPV6 + struct sockaddr_in6 v6; + #endif ++ struct sockaddr g; + }; + + /* If SUPPORT_TLS is not defined, ensure that USE_GNUTLS is also not defined diff --git a/exim.init b/exim.init index 09d7908..1a86e30 100644 --- a/exim.init +++ b/exim.init @@ -28,6 +28,36 @@ fi [ -f /usr/sbin/exim ] || exit 0 +gen_cert() { + if [ ! -f /etc/pki/tls/certs/exim.pem ] ; then + umask 077 + FQDN=`hostname` + if [ "x${FQDN}" = "x" ]; then + FQDN=localhost.localdomain + fi + echo -n $"Generating exim certificate: " + cat << EOF | openssl req -new -x509 -days 365 -nodes \ + -out /etc/pki/tls/certs/exim.pem \ + -keyout /etc/pki/tls/private/exim.pem &>/dev/null +-- +SomeState +SomeCity +SomeOrganization +SomeOrganizationalUnit +${FQDN} +root@${FQDN} +EOF + if [ $? -eq 0 ]; then + success + chown exim.exim /etc/pki/tls/{private,certs}/exim.pem + chmod 600 /etc/pki/tls/{private,certs}/exim.pem + else + failure + fi + echo + fi +} + start() { # check ownerships # do this by seeing if /var/log/exim/main.log exists and is @@ -39,6 +69,10 @@ start() { chown -R exim:exim /var/log/exim /var/spool/exim fi fi + + # generate certificate if doesn't exist + gen_cert + # Start daemons. echo -n $"Starting exim: " daemon /usr/sbin/exim $([ "$DAEMON" = yes ] && echo -bd) \ diff --git a/exim.spec b/exim.spec index aa8561f..992ab77 100644 --- a/exim.spec +++ b/exim.spec @@ -19,7 +19,7 @@ Group: System Environment/Daemons Buildroot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) Provides: MTA smtpd smtpdaemon server(smtp) /usr/bin/newaliases Provides: /usr/sbin/sendmail /usr/bin/mailq /usr/bin/rmail -Requires(post): /sbin/chkconfig /sbin/service %{_sbindir}/alternatives openssl +Requires(post): /sbin/chkconfig /sbin/service %{_sbindir}/alternatives Requires(preun): /sbin/chkconfig /sbin/service %{_sbindir}/alternatives Requires(pre): %{_sbindir}/groupadd, %{_sbindir}/useradd %if 0%{?buildclam} @@ -53,6 +53,7 @@ Patch22: exim-4.66-greylist-conf.patch Patch23: exim-4.67-smarthost-config.patch Patch24: exim-4.69-dynlookup.patch Patch25: exim-4.69-dynlookup-config.patch +Patch26: exim-4.69-strictaliasing.patch Requires: /etc/pki/tls/certs /etc/pki/tls/private Requires: /etc/aliases @@ -183,6 +184,7 @@ greylisting unconditional. %patch23 -p1 -b .smarthost %patch24 -p1 -b .dynlookup %patch25 -p1 -b .dynconfig +%patch26 -p1 -b .strictaliasing cp src/EDITME Local/Makefile sed -i 's@^# LOOKUP_MODULE_DIR=.*@LOOKUP_MODULE_DIR=%{_libdir}/exim/%{version}-%{release}/lookups@' Local/Makefile @@ -351,27 +353,6 @@ exit 0 --slave %{_mandir}/man1/mailq.1.gz mta-mailqman %{_mandir}/man8/exim.8.gz \ --initscript exim -if [ ! -f /etc/pki/tls/certs/exim.pem ] ; then - umask 077 - FQDN=`hostname` - if [ "x${FQDN}" = "x" ]; then - FQDN=localhost.localdomain - fi - cat << EOF | openssl req -new -x509 -days 365 -nodes \ - -out /etc/pki/tls/certs/exim.pem \ - -keyout /etc/pki/tls/private/exim.pem &>/dev/null --- -SomeState -SomeCity -SomeOrganization -SomeOrganizationalUnit -${FQDN} -root@${FQDN} -EOF - chown exim.exim /etc/pki/tls/{private,certs}/exim.pem - chmod 600 /etc/pki/tls/{private,certs}/exim.pem -fi - %preun if [ $1 = 0 ]; then /sbin/service exim stop > /dev/null 2>&1 @@ -503,8 +484,9 @@ test "$1" = 0 || %{_initrddir}/clamd.exim condrestart >/dev/null || : %{_sysconfdir}/cron.daily/greylist-tidy.sh %changelog -* Wed Aug 12 2009 David Woodhouse -- Require openssl for %post +* Tue Aug 18 2009 Miroslav Lichvar - 4.69-14 +- Move certificate generation to init script (#517013) +- Fix strict aliasing warning * Wed Aug 12 2009 David Woodhouse - 4.69-13 - Cope with lack of /etc/sysconfig/network (#506330) From fb50724d6d28b1650086cb7125b151bd640d416c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tom=C3=A1=C5=A1=20Mr=C3=A1z?= Date: Fri, 21 Aug 2009 13:22:05 +0000 Subject: [PATCH 081/194] - rebuilt with new openssl --- exim.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/exim.spec b/exim.spec index 992ab77..ddca163 100644 --- a/exim.spec +++ b/exim.spec @@ -12,7 +12,7 @@ Summary: The exim mail transfer agent Name: exim Version: 4.69 -Release: 14%{?dist} +Release: 15%{?dist} License: GPLv2+ Url: http://www.exim.org/ Group: System Environment/Daemons @@ -484,6 +484,9 @@ test "$1" = 0 || %{_initrddir}/clamd.exim condrestart >/dev/null || : %{_sysconfdir}/cron.daily/greylist-tidy.sh %changelog +* Fri Aug 21 2009 Tomas Mraz - 4.69-15 +- rebuilt with new openssl + * Tue Aug 18 2009 Miroslav Lichvar - 4.69-14 - Move certificate generation to init script (#517013) - Fix strict aliasing warning From 0b15a2ca9e1c8f2ee8632fd2bbeef0148e8b8ec4 Mon Sep 17 00:00:00 2001 From: David Woodhouse Date: Mon, 31 Aug 2009 13:23:00 +0000 Subject: [PATCH 082/194] Fix gid on exim group (#518706) --- exim.spec | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/exim.spec b/exim.spec index ddca163..289a588 100644 --- a/exim.spec +++ b/exim.spec @@ -186,6 +186,7 @@ greylisting unconditional. %patch25 -p1 -b .dynconfig %patch26 -p1 -b .strictaliasing + cp src/EDITME Local/Makefile sed -i 's@^# LOOKUP_MODULE_DIR=.*@LOOKUP_MODULE_DIR=%{_libdir}/exim/%{version}-%{release}/lookups@' Local/Makefile cp exim_monitor/EDITME Local/eximon.conf @@ -329,7 +330,8 @@ touch $RPM_BUILD_ROOT/%_var/spool/exim/db/greylist.db rm -rf $RPM_BUILD_ROOT %pre -%{_sbindir}/useradd -d %{_var}/spool/exim -s /sbin/nologin -G mail -M -r -u 93 exim 2>/dev/null +%{_sbindir}/groupadd -g 93 exim 2>&1 +%{_sbindir}/useradd -d %{_var}/spool/exim -s /sbin/nologin -G mail -M -r -u 93 -g exim exim 2>/dev/null # Copy TLS certs from old location to new -- don't move them, because the # config file may be modified and may be pointing to the old location. if [ ! -f /etc/pki/tls/certs/exim.pem -a -f %{_datadir}/ssl/certs/exim.pem ] ; then @@ -484,6 +486,9 @@ test "$1" = 0 || %{_initrddir}/clamd.exim condrestart >/dev/null || : %{_sysconfdir}/cron.daily/greylist-tidy.sh %changelog +* Mon Aug 31 2009 David Woodhouse - 4.69-16 +- Create group for exim with correct gid (#518706) + * Fri Aug 21 2009 Tomas Mraz - 4.69-15 - rebuilt with new openssl From 93ecfd866a755df2d1b5fb6cc745973775459bba Mon Sep 17 00:00:00 2001 From: David Woodhouse Date: Mon, 31 Aug 2009 13:25:16 +0000 Subject: [PATCH 083/194] expand --- exim-4.69-expand-spamd.patch | 77 ++++++++++++++++++++++++++++++++++++ exim.spec | 6 ++- 2 files changed, 81 insertions(+), 2 deletions(-) create mode 100644 exim-4.69-expand-spamd.patch diff --git a/exim-4.69-expand-spamd.patch b/exim-4.69-expand-spamd.patch new file mode 100644 index 0000000..dbd17c2 --- /dev/null +++ b/exim-4.69-expand-spamd.patch @@ -0,0 +1,77 @@ +diff --git a/src/spam.c b/src/spam.c +index bf2470c..aab96c6 100644 +--- a/src/spam.c ++++ b/src/spam.c +@@ -1,4 +1,4 @@ +-/* $Cambridge: exim/exim-src/src/spam.c,v 1.14 2007/05/14 18:56:25 magnus Exp $ */ ++/* $Cambridge: exim/exim-src/src/spam.c,v 1.16 2008/01/28 13:14:48 tom Exp $ */ + + /************************************************* + * Exim - an Internet mail transport agent * +@@ -46,6 +46,7 @@ int spam(uschar **listptr) { + struct timeval select_tv; /* and applied by PH */ + fd_set select_fd; + #endif ++ uschar *spamd_address_work; + + /* stop compiler warning */ + result = 0; +@@ -89,14 +90,26 @@ int spam(uschar **listptr) { + }; + + start = time(NULL); ++ ++ if (*spamd_address == '$') { ++ spamd_address_work = expand_string(spamd_address); ++ if (spamd_address_work == NULL) { ++ log_write(0, LOG_MAIN|LOG_PANIC, ++ "spamassassin acl condition: spamd_address starts with $, but expansion failed: %s", expand_string_message); ++ return DEFER; ++ } ++ } ++ else ++ spamd_address_work = spamd_address; ++ + /* socket does not start with '/' -> network socket */ +- if (*spamd_address != '/') { ++ if (*spamd_address_work != '/') { + time_t now = time(NULL); + int num_servers = 0; + int current_server = 0; + int start_server = 0; + uschar *address = NULL; +- uschar *spamd_address_list_ptr = spamd_address; ++ uschar *spamd_address_list_ptr = spamd_address_work; + uschar address_buffer[256]; + spamd_address_container * spamd_address_vector[32]; + +@@ -184,12 +197,12 @@ int spam(uschar **listptr) { + } + + server.sun_family = AF_UNIX; +- Ustrcpy(server.sun_path, spamd_address); ++ Ustrcpy(server.sun_path, spamd_address_work); + + if (connect(spamd_sock, (struct sockaddr *) &server, sizeof(struct sockaddr_un)) < 0) { + log_write(0, LOG_MAIN|LOG_PANIC, + "malware acl condition: spamd: unable to connect to UNIX socket %s (%s)", +- spamd_address, strerror(errno) ); ++ spamd_address_work, strerror(errno) ); + (void)fclose(mbox_file); + (void)close(spamd_sock); + return DEFER; +@@ -395,9 +408,11 @@ again: + spam_rc = FAIL; + }; + +- /* remember user name and "been here" for it */ +- Ustrcpy(prev_user_name, user_name); +- spam_ok = 1; ++ /* remember user name and "been here" for it unless spamd_socket was expanded */ ++ if (spamd_address_work == spamd_address) { ++ Ustrcpy(prev_user_name, user_name); ++ spam_ok = 1; ++ } + + if (override) { + /* always return OK, no matter what the score */ diff --git a/exim.spec b/exim.spec index 289a588..f0c5a5b 100644 --- a/exim.spec +++ b/exim.spec @@ -12,7 +12,7 @@ Summary: The exim mail transfer agent Name: exim Version: 4.69 -Release: 15%{?dist} +Release: 16%{?dist} License: GPLv2+ Url: http://www.exim.org/ Group: System Environment/Daemons @@ -54,6 +54,7 @@ Patch23: exim-4.67-smarthost-config.patch Patch24: exim-4.69-dynlookup.patch Patch25: exim-4.69-dynlookup-config.patch Patch26: exim-4.69-strictaliasing.patch +Patch27: exim-4.69-expand-spamd.patch Requires: /etc/pki/tls/certs /etc/pki/tls/private Requires: /etc/aliases @@ -185,7 +186,7 @@ greylisting unconditional. %patch24 -p1 -b .dynlookup %patch25 -p1 -b .dynconfig %patch26 -p1 -b .strictaliasing - +%patch27 -p1 -b .expandspamd cp src/EDITME Local/Makefile sed -i 's@^# LOOKUP_MODULE_DIR=.*@LOOKUP_MODULE_DIR=%{_libdir}/exim/%{version}-%{release}/lookups@' Local/Makefile @@ -488,6 +489,7 @@ test "$1" = 0 || %{_initrddir}/clamd.exim condrestart >/dev/null || : %changelog * Mon Aug 31 2009 David Woodhouse - 4.69-16 - Create group for exim with correct gid (#518706) +- Allow expansion of spamd_address * Fri Aug 21 2009 Tomas Mraz - 4.69-15 - rebuilt with new openssl From a3e02effed4d25ae2a069892ce8a1931cd5c5283 Mon Sep 17 00:00:00 2001 From: David Woodhouse Date: Mon, 31 Aug 2009 16:00:33 +0000 Subject: [PATCH 084/194] redirect stderr of groupadd to /dev/null, not stdout --- exim.spec | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/exim.spec b/exim.spec index f0c5a5b..0859deb 100644 --- a/exim.spec +++ b/exim.spec @@ -331,7 +331,7 @@ touch $RPM_BUILD_ROOT/%_var/spool/exim/db/greylist.db rm -rf $RPM_BUILD_ROOT %pre -%{_sbindir}/groupadd -g 93 exim 2>&1 +%{_sbindir}/groupadd -g 93 exim 2>/dev/null %{_sbindir}/useradd -d %{_var}/spool/exim -s /sbin/nologin -G mail -M -r -u 93 -g exim exim 2>/dev/null # Copy TLS certs from old location to new -- don't move them, because the # config file may be modified and may be pointing to the old location. From d2ce2139d3e0887422a40059b981b025b4e3ff8c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tom=C3=A1=C5=A1=20Mr=C3=A1z?= Date: Wed, 16 Sep 2009 12:07:47 +0000 Subject: [PATCH 085/194] - Use password-auth common PAM configuration instead of system-auth --- exim.pam | 4 ++-- exim.spec | 5 ++++- 2 files changed, 6 insertions(+), 3 deletions(-) diff --git a/exim.pam b/exim.pam index c368e9a..1d78594 100644 --- a/exim.pam +++ b/exim.pam @@ -1,3 +1,3 @@ #%PAM-1.0 -auth include system-auth -account include system-auth +auth include password-auth +account include password-auth diff --git a/exim.spec b/exim.spec index 0859deb..e92cf75 100644 --- a/exim.spec +++ b/exim.spec @@ -12,7 +12,7 @@ Summary: The exim mail transfer agent Name: exim Version: 4.69 -Release: 16%{?dist} +Release: 17%{?dist} License: GPLv2+ Url: http://www.exim.org/ Group: System Environment/Daemons @@ -487,6 +487,9 @@ test "$1" = 0 || %{_initrddir}/clamd.exim condrestart >/dev/null || : %{_sysconfdir}/cron.daily/greylist-tidy.sh %changelog +* Wed Aug 16 2009 Tomas Mraz - 4.69-17 +- Use password-auth common PAM configuration instead of system-auth + * Mon Aug 31 2009 David Woodhouse - 4.69-16 - Create group for exim with correct gid (#518706) - Allow expansion of spamd_address From c0de55948078a004e384f956bbd74f7e40111fa1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tom=C3=A1=C5=A1=20Mr=C3=A1z?= Date: Wed, 16 Sep 2009 12:09:02 +0000 Subject: [PATCH 086/194] - Use password-auth common PAM configuration instead of system-auth --- exim.spec | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/exim.spec b/exim.spec index e92cf75..3a72e0d 100644 --- a/exim.spec +++ b/exim.spec @@ -487,7 +487,7 @@ test "$1" = 0 || %{_initrddir}/clamd.exim condrestart >/dev/null || : %{_sysconfdir}/cron.daily/greylist-tidy.sh %changelog -* Wed Aug 16 2009 Tomas Mraz - 4.69-17 +* Wed Sep 16 2009 Tomas Mraz - 4.69-17 - Use password-auth common PAM configuration instead of system-auth * Mon Aug 31 2009 David Woodhouse - 4.69-16 From 62fb7a4d5a468524ccd31e53c491dd3119dfbbff Mon Sep 17 00:00:00 2001 From: David Woodhouse Date: Mon, 5 Oct 2009 06:43:53 +0000 Subject: [PATCH 087/194] fix %post typo --- exim.spec | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/exim.spec b/exim.spec index 3a72e0d..a32ced4 100644 --- a/exim.spec +++ b/exim.spec @@ -12,7 +12,7 @@ Summary: The exim mail transfer agent Name: exim Version: 4.69 -Release: 17%{?dist} +Release: 18%{?dist} License: GPLv2+ Url: http://www.exim.org/ Group: System Environment/Daemons @@ -458,7 +458,7 @@ fi %if 0%{?buildclam} %post clamav /bin/touch %{_var}/log/clamd.exim -/bin/chown exim.exim %{_var}log/clamd.exim +/bin/chown exim.exim %{_var}/log/clamd.exim /sbin/chkconfig --add clamd.exim %preun clamav @@ -487,6 +487,9 @@ test "$1" = 0 || %{_initrddir}/clamd.exim condrestart >/dev/null || : %{_sysconfdir}/cron.daily/greylist-tidy.sh %changelog +* Mon Oct 05 2009 David Woodhouse - 4.69-18 +- Fix typo in clamd %%post (#527085) + * Wed Sep 16 2009 Tomas Mraz - 4.69-17 - Use password-auth common PAM configuration instead of system-auth From d38ede693462726cdc3846b1fb28e28311cf5f85 Mon Sep 17 00:00:00 2001 From: Bill Nottingham Date: Wed, 25 Nov 2009 22:50:06 +0000 Subject: [PATCH 088/194] Fix typo that causes a failure to update the common directory. (releng #2781) --- Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Makefile b/Makefile index 5f82566..8d64618 100644 --- a/Makefile +++ b/Makefile @@ -4,7 +4,7 @@ NAME := exim SPECFILE = $(firstword $(wildcard *.spec)) define find-makefile-common -for d in common ../common ../../common ; do if [ -f $$d/Makefile.common ] ; then if [ -f $$d/CVS/Root -a -w $$/Makefile.common ] ; then cd $$d ; cvs -Q update ; fi ; echo "$$d/Makefile.common" ; break ; fi ; done +for d in common ../common ../../common ; do if [ -f $$d/Makefile.common ] ; then if [ -f $$d/CVS/Root -a -w $$d/Makefile.common ] ; then cd $$d ; cvs -Q update ; fi ; echo "$$d/Makefile.common" ; break ; fi ; done endef MAKEFILE_COMMON := $(shell $(find-makefile-common)) From 5754bb15fdee7fef865143ba24bcaec3030c0475 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C5=A0t=C4=9Bp=C3=A1n=20Kasal?= Date: Fri, 4 Dec 2009 02:06:41 +0000 Subject: [PATCH 089/194] - rebuild against perl 5.10.1 --- exim.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/exim.spec b/exim.spec index a32ced4..a3a77be 100644 --- a/exim.spec +++ b/exim.spec @@ -12,7 +12,7 @@ Summary: The exim mail transfer agent Name: exim Version: 4.69 -Release: 18%{?dist} +Release: 19%{?dist} License: GPLv2+ Url: http://www.exim.org/ Group: System Environment/Daemons @@ -487,6 +487,9 @@ test "$1" = 0 || %{_initrddir}/clamd.exim condrestart >/dev/null || : %{_sysconfdir}/cron.daily/greylist-tidy.sh %changelog +* Fri Dec 4 2009 Stepan Kasal - 4.69-19 +- rebuild against perl 5.10.1 + * Mon Oct 05 2009 David Woodhouse - 4.69-18 - Fix typo in clamd %%post (#527085) From b1c3dc2df558ae295bbadd196452aedb092c1e1a Mon Sep 17 00:00:00 2001 From: David Woodhouse Date: Thu, 24 Dec 2009 20:11:03 +0000 Subject: [PATCH 090/194] 4.71 --- .cvsignore | 2 +- exim-4.50-config.patch | 93 +-- exim-4.52-dynamic-pcre.patch | 79 -- exim-4.69-expand-spamd.patch | 77 -- ....patch => exim-4.71-dlopen-localscan.patch | 124 ++- ...nlookup.patch => exim-4.71-dynlookup.patch | 736 ++++++++---------- exim.spec | 15 +- sources | 2 +- 8 files changed, 443 insertions(+), 685 deletions(-) delete mode 100644 exim-4.52-dynamic-pcre.patch delete mode 100644 exim-4.69-expand-spamd.patch rename exim-4.62-dlopen-localscan.patch => exim-4.71-dlopen-localscan.patch (85%) rename exim-4.69-dynlookup.patch => exim-4.71-dynlookup.patch (83%) diff --git a/.cvsignore b/.cvsignore index ae2b0dd..7c4b032 100644 --- a/.cvsignore +++ b/.cvsignore @@ -1,2 +1,2 @@ sa-exim-4.2.tar.gz -exim-4.69.tar.bz2 +exim-4.71.tar.bz2 diff --git a/exim-4.50-config.patch b/exim-4.50-config.patch index ef39e17..e42168b 100644 --- a/exim-4.50-config.patch +++ b/exim-4.50-config.patch @@ -1,18 +1,5 @@ -diff -uNr exim-4.69.orig/scripts/Configure-Makefile exim-4.69/scripts/Configure-Makefile ---- exim-4.69.orig/scripts/Configure-Makefile 2005-09-19 15:42:31.000000000 +0100 -+++ exim-4.69/scripts/Configure-Makefile 2008-08-13 14:44:59.000000000 +0100 -@@ -131,7 +131,7 @@ - - mv $mft $mftt - echo "PERL_CC=`$PERL_COMMAND -MConfig -e 'print $Config{cc}'`" >>$mft -- echo "PERL_CCOPTS=`$PERL_COMMAND -MExtUtils::Embed -e ccopts`" >>$mft -+ echo "PERL_CCOPTS=`$PERL_COMMAND -MExtUtils::Embed -e ccopts` \$(CFLAGS)" >>$mft - echo "PERL_LIBS=`$PERL_COMMAND -MExtUtils::Embed -e ldopts`" >>$mft - echo "" >>$mft - cat $mftt >> $mft -diff -uNr exim-4.69.orig/src/EDITME exim-4.69/src/EDITME ---- exim-4.69.orig/src/EDITME 2007-01-22 16:29:54.000000000 +0000 -+++ exim-4.69/src/EDITME 2008-08-13 14:44:59.000000000 +0100 +--- exim-4.71/src/EDITME.config 2009-11-20 12:18:19.000000000 +0000 ++++ exim-4.71/src/EDITME 2009-12-24 19:02:19.000000000 +0000 @@ -100,7 +100,7 @@ # /usr/local/sbin. The installation script will try to create this directory, # and any superior directories, if they do not exist. @@ -22,7 +9,7 @@ diff -uNr exim-4.69.orig/src/EDITME exim-4.69/src/EDITME #------------------------------------------------------------------------------ -@@ -116,7 +116,7 @@ +@@ -116,7 +116,7 @@ BIN_DIRECTORY=/usr/exim/bin # don't exist. It will also install a default runtime configuration if this # file does not exist. @@ -31,7 +18,7 @@ diff -uNr exim-4.69.orig/src/EDITME exim-4.69/src/EDITME # It is possible to specify a colon-separated list of files for CONFIGURE_FILE. # In this case, Exim will use the first of them that exists when it is run. -@@ -134,7 +134,7 @@ +@@ -134,7 +134,7 @@ CONFIGURE_FILE=/usr/exim/configure # owner of a local mailbox.) Specifying these values as root is very strongly # discouraged. @@ -40,7 +27,7 @@ diff -uNr exim-4.69.orig/src/EDITME exim-4.69/src/EDITME # If you specify EXIM_USER as a name, this is looked up at build time, and the # uid number is built into the binary. However, you can specify that this -@@ -155,7 +155,7 @@ +@@ -155,7 +155,7 @@ EXIM_USER= # for EXIM_USER (e.g. EXIM_USER=exim), you don't need to set EXIM_GROUP unless # you want to use a group other than the default group for the given user. @@ -49,7 +36,7 @@ diff -uNr exim-4.69.orig/src/EDITME exim-4.69/src/EDITME # Many sites define a user called "exim", with an appropriate default group, # and use -@@ -235,7 +235,7 @@ +@@ -235,7 +235,7 @@ TRANSPORT_SMTP=yes # This one is special-purpose, and commonly not required, so it is not # included by default. @@ -58,7 +45,7 @@ diff -uNr exim-4.69.orig/src/EDITME exim-4.69/src/EDITME #------------------------------------------------------------------------------ -@@ -244,9 +244,9 @@ +@@ -244,9 +244,9 @@ TRANSPORT_SMTP=yes # MBX, is included only when requested. If you do not know what this is about, # leave these settings commented out. @@ -71,15 +58,13 @@ diff -uNr exim-4.69.orig/src/EDITME exim-4.69/src/EDITME #------------------------------------------------------------------------------ -@@ -261,25 +261,28 @@ - LOOKUP_DBM=yes +@@ -262,17 +262,20 @@ LOOKUP_DBM=yes LOOKUP_LSEARCH=yes + LOOKUP_DNSDB=yes -# LOOKUP_CDB=yes --# LOOKUP_DNSDB=yes -# LOOKUP_DSEARCH=yes +LOOKUP_CDB=yes -+LOOKUP_DNSDB=yes +LOOKUP_DSEARCH=yes # LOOKUP_IBASE=yes -# LOOKUP_LDAP=yes @@ -103,15 +88,7 @@ diff -uNr exim-4.69.orig/src/EDITME exim-4.69/src/EDITME # LOOKUP_WHOSON=yes # These two settings are obsolete; all three lookups are compiled when - # LOOKUP_LSEARCH is enabled. However, we retain these for backward - # compatibility. Setting one forces LOOKUP_LSEARCH if it is not set. - --# LOOKUP_WILDLSEARCH=yes -+LOOKUP_WILDLSEARCH=yes - # LOOKUP_NWILDLSEARCH=yes - - -@@ -330,14 +333,14 @@ +@@ -343,14 +346,14 @@ EXIM_MONITOR=eximon.bin # and the MIME ACL. Please read the documentation to learn more about these # features. @@ -128,7 +105,7 @@ diff -uNr exim-4.69.orig/src/EDITME exim-4.69/src/EDITME #------------------------------------------------------------------------------ # Compiling Exim with experimental features. These are documented in -@@ -473,11 +476,11 @@ +@@ -486,11 +489,11 @@ FIXED_NEVER_USERS=root # included in the Exim binary. You will then need to set up the run time # configuration to make use of the mechanism(s) selected. @@ -145,7 +122,7 @@ diff -uNr exim-4.69.orig/src/EDITME exim-4.69/src/EDITME #------------------------------------------------------------------------------ -@@ -494,7 +497,7 @@ +@@ -507,7 +510,7 @@ FIXED_NEVER_USERS=root # one that is set in the headers_charset option. The default setting is # defined by this setting: @@ -154,7 +131,7 @@ diff -uNr exim-4.69.orig/src/EDITME exim-4.69/src/EDITME # If you are going to make use of $header_xxx expansions in your configuration # file, or if your users are going to use them in filter files, and the normal -@@ -514,7 +517,7 @@ +@@ -527,7 +530,7 @@ HEADERS_CHARSET="ISO-8859-1" # the Sieve filter support. For those OS where iconv() is known to be installed # as standard, the file in OS/Makefile-xxxx contains # @@ -163,7 +140,7 @@ diff -uNr exim-4.69.orig/src/EDITME exim-4.69/src/EDITME # # If you are not using one of those systems, but have installed iconv(), you # need to uncomment that line above. In some cases, you may find that iconv() -@@ -576,10 +579,11 @@ +@@ -589,10 +592,11 @@ HEADERS_CHARSET="ISO-8859-1" # leave these settings commented out. # This setting is required for any TLS support (either OpenSSL or GnuTLS) @@ -177,7 +154,7 @@ diff -uNr exim-4.69.orig/src/EDITME exim-4.69/src/EDITME # Uncomment these settings if you are using GnuTLS # USE_GNUTLS=yes -@@ -630,7 +634,7 @@ +@@ -643,7 +647,7 @@ HEADERS_CHARSET="ISO-8859-1" # Once you have done this, "make install" will build the info files and # install them in the directory you have defined. @@ -186,7 +163,7 @@ diff -uNr exim-4.69.orig/src/EDITME exim-4.69/src/EDITME #------------------------------------------------------------------------------ -@@ -643,7 +647,7 @@ +@@ -656,7 +660,7 @@ HEADERS_CHARSET="ISO-8859-1" # %s. This will be replaced by one of the strings "main", "panic", or "reject" # to form the final file names. Some installations may want something like this: @@ -195,7 +172,7 @@ diff -uNr exim-4.69.orig/src/EDITME exim-4.69/src/EDITME # which results in files with names /var/log/exim_mainlog, etc. The directory # in which the log files are placed must exist; Exim does not try to create -@@ -692,7 +696,7 @@ +@@ -705,7 +709,7 @@ EXICYCLOG_MAX=10 # files. Both the name of the command and the suffix that it adds to files # need to be defined here. See also the EXICYCLOG_MAX configuration. @@ -204,7 +181,7 @@ diff -uNr exim-4.69.orig/src/EDITME exim-4.69/src/EDITME COMPRESS_SUFFIX=gz -@@ -700,7 +704,7 @@ +@@ -713,7 +717,7 @@ COMPRESS_SUFFIX=gz # If the exigrep utility is fed compressed log files, it tries to uncompress # them using this command. @@ -213,7 +190,7 @@ diff -uNr exim-4.69.orig/src/EDITME exim-4.69/src/EDITME #------------------------------------------------------------------------------ -@@ -709,7 +713,7 @@ +@@ -722,7 +726,7 @@ ZCAT_COMMAND=/usr/bin/zcat # (version 5.004 or later) installed, set EXIM_PERL to perl.o. Using embedded # Perl costs quite a lot of resources. Only do this if you really need it. @@ -222,7 +199,7 @@ diff -uNr exim-4.69.orig/src/EDITME exim-4.69/src/EDITME #------------------------------------------------------------------------------ -@@ -719,7 +723,7 @@ +@@ -732,7 +736,7 @@ ZCAT_COMMAND=/usr/bin/zcat # that the local_scan API is made available by the linker. You may also need # to add -ldl to EXTRALIBS so that dlopen() is available to Exim. @@ -231,7 +208,7 @@ diff -uNr exim-4.69.orig/src/EDITME exim-4.69/src/EDITME #------------------------------------------------------------------------------ -@@ -729,7 +733,7 @@ +@@ -742,7 +746,7 @@ ZCAT_COMMAND=/usr/bin/zcat # support, which is intended for use in conjunction with the SMTP AUTH # facilities, is included only when requested by the following setting: @@ -240,7 +217,7 @@ diff -uNr exim-4.69.orig/src/EDITME exim-4.69/src/EDITME # You probably need to add -lpam to EXTRALIBS, and in some releases of # GNU/Linux -ldl is also needed. -@@ -797,7 +801,7 @@ +@@ -810,7 +814,7 @@ ZCAT_COMMAND=/usr/bin/zcat # group. Once you have installed saslauthd, you should arrange for it to be # started by root at boot time. @@ -249,7 +226,7 @@ diff -uNr exim-4.69.orig/src/EDITME exim-4.69/src/EDITME #------------------------------------------------------------------------------ -@@ -810,9 +814,9 @@ +@@ -823,9 +827,9 @@ ZCAT_COMMAND=/usr/bin/zcat # You may well also have to specify a local "include" file and an additional # library for TCP wrappers, so you probably need something like this: # @@ -262,7 +239,7 @@ diff -uNr exim-4.69.orig/src/EDITME exim-4.69/src/EDITME # # but of course there may need to be other things in CFLAGS and EXTRALIBS_EXIM # as well. -@@ -857,13 +861,13 @@ +@@ -870,13 +874,13 @@ SYSTEM_ALIASES_FILE=/etc/aliases # is "yes", as well as supporting line editing, a history of input lines in the # current run is maintained. @@ -278,25 +255,28 @@ diff -uNr exim-4.69.orig/src/EDITME exim-4.69/src/EDITME ############################################################################### # THINGS YOU ALMOST NEVER NEED TO MENTION # -@@ -884,11 +888,12 @@ +@@ -897,13 +901,13 @@ SYSTEM_ALIASES_FILE=/etc/aliases # haven't got Perl, Exim will still build and run; you just won't be able to # use those utilities. -# CHOWN_COMMAND=/usr/bin/chown -# CHGRP_COMMAND=/usr/bin/chgrp +-# CHMOD_COMMAND=/usr/bin/chmod -# MV_COMMAND=/bin/mv -# RM_COMMAND=/bin/rm +-# TOUCH_COMMAND=/usr/bin/touch -# PERL_COMMAND=/usr/bin/perl +CHOWN_COMMAND=/bin/chown +CHGRP_COMMAND=/bin/chgrp -+ -+MV_COMAND=/bin/mv ++CHMOD_COMMAND=/bin/chmod ++MV_COMMAND=/bin/mv +RM_COMMAND=/bin/rm ++TOUCH_COMMAND=/bin/touch +PERL_COMMAND=/usr/bin/perl #------------------------------------------------------------------------------ -@@ -1082,7 +1087,7 @@ +@@ -1097,7 +1101,7 @@ TMPDIR="/tmp" # (process id) to a file so that it can easily be identified. The path of the # file can be specified here. Some installations may want something like this: @@ -305,3 +285,14 @@ diff -uNr exim-4.69.orig/src/EDITME exim-4.69/src/EDITME # If PID_FILE_PATH is not defined, Exim writes a file in its spool directory # using the name "exim-daemon.pid". +--- exim-4.71/scripts/Configure-Makefile.config 2009-11-20 21:22:20.000000000 +0000 ++++ exim-4.71/scripts/Configure-Makefile 2009-12-24 18:59:48.000000000 +0000 +@@ -137,7 +137,7 @@ if [ "${EXIM_PERL}" != "" ] ; then + + mv $mft $mftt + echo "PERL_CC=`$PERL_COMMAND -MConfig -e 'print $Config{cc}'`" >>$mft +- echo "PERL_CCOPTS=`$PERL_COMMAND -MExtUtils::Embed -e ccopts`" >>$mft ++ echo "PERL_CCOPTS=`$PERL_COMMAND -MExtUtils::Embed -e ccopts` \$(CFLAGS)" >>$mft + echo "PERL_LIBS=`$PERL_COMMAND -MExtUtils::Embed -e ldopts`" >>$mft + echo "" >>$mft + cat $mftt >> $mft diff --git a/exim-4.52-dynamic-pcre.patch b/exim-4.52-dynamic-pcre.patch deleted file mode 100644 index 5de73da..0000000 --- a/exim-4.52-dynamic-pcre.patch +++ /dev/null @@ -1,79 +0,0 @@ -diff -uNr exim-4.69-old/exim_monitor/em_hdr.h exim-4.69/exim_monitor/em_hdr.h ---- exim-4.69-old/exim_monitor/em_hdr.h 2007-01-08 10:50:17.000000000 +0000 -+++ exim-4.69/exim_monitor/em_hdr.h 2008-08-13 15:22:37.000000000 +0100 -@@ -87,7 +87,7 @@ - - /* Regular expression include */ - --#include "pcre/pcre.h" -+#include - - /* Includes from the main source of Exim. We need to have MAXPACKET defined for - the benefit of structs.h. One of these days I should tidy up this interface so -diff -uNr exim-4.69-old/OS/Makefile-Base exim-4.69/OS/Makefile-Base ---- exim-4.69-old/OS/Makefile-Base 2007-11-12 13:02:19.000000000 +0000 -+++ exim-4.69/OS/Makefile-Base 2008-08-13 15:22:37.000000000 +0100 -@@ -96,14 +96,14 @@ - # therefore always be run, even if the files exist. This shouldn't in fact be a - # problem, but it does no harm. Other make programs will just ignore this. - --.PHONY: all allexim buildauths buildlookups buildpcre buildrouters \ -+.PHONY: all allexim buildauths buildlookups buildrouters \ - buildtransports checklocalmake clean - - - # This is the real default target for all the various exim binaries and - # scripts, once the configuring stuff is done. - --allexim: config.h buildpcre $(EXIM_MONITOR) exicyclog exinext exiwhat \ -+allexim: config.h $(EXIM_MONITOR) exicyclog exinext exiwhat \ - exigrep eximstats exipick exiqgrep exiqsumm \ - transport-filter.pl convert4r3 convert4r4 \ - exim_checkaccess \ -@@ -314,7 +314,7 @@ - local_scan.o $(EXIM_PERL) $(OBJ_WITH_CONTENT_SCAN) \ - $(OBJ_WITH_OLD_DEMIME) $(OBJ_EXPERIMENTAL) - --exim: pcre/libpcre.a lookups/lookups.a auths/auths.a \ -+exim: lookups/lookups.a auths/auths.a \ - routers/routers.a transports/transports.a \ - $(OBJ_EXIM) version.c - @echo " " -@@ -325,7 +325,7 @@ - rm -f exim - @echo "$(LNCC) -o exim" - $(FE)$(PURIFY) $(LNCC) -o exim $(LFLAGS) $(OBJ_EXIM) version.o \ -- pcre/libpcre.a \ -+ -lpcre \ - routers/routers.a transports/transports.a lookups/lookups.a \ - auths/auths.a \ - $(LIBRESOLV) $(LIBS) $(LIBS_EXIM) $(IPV6_LIBS) $(EXTRALIBS) \ -@@ -429,14 +429,14 @@ - - OBJ_MONBIN = util-spool_in.o util-store.o util-string.o tod.o tree.o $(MONBIN) - --eximon.bin: $(EXIMON_EDITME) eximon $(OBJ_MONBIN) pcre/libpcre.a \ -+eximon.bin: $(EXIMON_EDITME) eximon $(OBJ_MONBIN) \ - ../exim_monitor/em_version.c - @echo "$(CC) exim_monitor/em_version.c" - $(FE)$(CC) -o em_version.o -c \ - $(CFLAGS) $(XINCLUDE) -I. ../exim_monitor/em_version.c - @echo "$(LNCC) -o eximon.bin" - $(FE)$(PURIFY) $(LNCC) -o eximon.bin em_version.o $(LFLAGS) $(XLFLAGS) \ -- $(OBJ_MONBIN) -lXaw -lXmu -lXt -lXext -lX11 pcre/libpcre.a \ -+ $(OBJ_MONBIN) -lXaw -lXmu -lXt -lXext -lX11 -lpcre \ - $(LIBS) $(LIBS_EXIMON) $(EXTRALIBS) $(EXTRALIBS_EXIMON) -lc - @if [ x"$(STRIP_COMMAND)" != x"" ]; then \ - echo $(STRIP_COMMAND) eximon.bin; \ -diff -uNr exim-4.69-old/src/exim.h exim-4.69/src/exim.h ---- exim-4.69-old/src/exim.h 2007-09-28 13:21:57.000000000 +0100 -+++ exim-4.69/src/exim.h 2008-08-13 15:22:37.000000000 +0100 -@@ -422,7 +422,7 @@ - - /* The header from the PCRE regex package */ - --#include "pcre/pcre.h" -+#include - - /* Exim includes are in several files. Note that local_scan.h #includes - config.h, mytypes.h, and store.h, so we don't need to mention them explicitly. diff --git a/exim-4.69-expand-spamd.patch b/exim-4.69-expand-spamd.patch deleted file mode 100644 index dbd17c2..0000000 --- a/exim-4.69-expand-spamd.patch +++ /dev/null @@ -1,77 +0,0 @@ -diff --git a/src/spam.c b/src/spam.c -index bf2470c..aab96c6 100644 ---- a/src/spam.c -+++ b/src/spam.c -@@ -1,4 +1,4 @@ --/* $Cambridge: exim/exim-src/src/spam.c,v 1.14 2007/05/14 18:56:25 magnus Exp $ */ -+/* $Cambridge: exim/exim-src/src/spam.c,v 1.16 2008/01/28 13:14:48 tom Exp $ */ - - /************************************************* - * Exim - an Internet mail transport agent * -@@ -46,6 +46,7 @@ int spam(uschar **listptr) { - struct timeval select_tv; /* and applied by PH */ - fd_set select_fd; - #endif -+ uschar *spamd_address_work; - - /* stop compiler warning */ - result = 0; -@@ -89,14 +90,26 @@ int spam(uschar **listptr) { - }; - - start = time(NULL); -+ -+ if (*spamd_address == '$') { -+ spamd_address_work = expand_string(spamd_address); -+ if (spamd_address_work == NULL) { -+ log_write(0, LOG_MAIN|LOG_PANIC, -+ "spamassassin acl condition: spamd_address starts with $, but expansion failed: %s", expand_string_message); -+ return DEFER; -+ } -+ } -+ else -+ spamd_address_work = spamd_address; -+ - /* socket does not start with '/' -> network socket */ -- if (*spamd_address != '/') { -+ if (*spamd_address_work != '/') { - time_t now = time(NULL); - int num_servers = 0; - int current_server = 0; - int start_server = 0; - uschar *address = NULL; -- uschar *spamd_address_list_ptr = spamd_address; -+ uschar *spamd_address_list_ptr = spamd_address_work; - uschar address_buffer[256]; - spamd_address_container * spamd_address_vector[32]; - -@@ -184,12 +197,12 @@ int spam(uschar **listptr) { - } - - server.sun_family = AF_UNIX; -- Ustrcpy(server.sun_path, spamd_address); -+ Ustrcpy(server.sun_path, spamd_address_work); - - if (connect(spamd_sock, (struct sockaddr *) &server, sizeof(struct sockaddr_un)) < 0) { - log_write(0, LOG_MAIN|LOG_PANIC, - "malware acl condition: spamd: unable to connect to UNIX socket %s (%s)", -- spamd_address, strerror(errno) ); -+ spamd_address_work, strerror(errno) ); - (void)fclose(mbox_file); - (void)close(spamd_sock); - return DEFER; -@@ -395,9 +408,11 @@ again: - spam_rc = FAIL; - }; - -- /* remember user name and "been here" for it */ -- Ustrcpy(prev_user_name, user_name); -- spam_ok = 1; -+ /* remember user name and "been here" for it unless spamd_socket was expanded */ -+ if (spamd_address_work == spamd_address) { -+ Ustrcpy(prev_user_name, user_name); -+ spam_ok = 1; -+ } - - if (override) { - /* always return OK, no matter what the score */ diff --git a/exim-4.62-dlopen-localscan.patch b/exim-4.71-dlopen-localscan.patch similarity index 85% rename from exim-4.62-dlopen-localscan.patch rename to exim-4.71-dlopen-localscan.patch index 7a7c9d2..09ebad8 100644 --- a/exim-4.62-dlopen-localscan.patch +++ b/exim-4.71-dlopen-localscan.patch @@ -1,43 +1,6 @@ -diff -uNr exim-4.69-old/src/config.h.defaults exim-4.69/src/config.h.defaults ---- exim-4.69-old/src/config.h.defaults 2007-09-28 13:21:57.000000000 +0100 -+++ exim-4.69/src/config.h.defaults 2008-08-13 15:25:31.000000000 +0100 -@@ -27,6 +27,8 @@ - - #define AUTH_VARS 3 - -+#define DLOPEN_LOCAL_SCAN -+ - #define BIN_DIRECTORY - - #define CONFIGURE_FILE -diff -uNr exim-4.69-old/src/EDITME exim-4.69/src/EDITME ---- exim-4.69-old/src/EDITME 2008-08-13 15:25:05.000000000 +0100 -+++ exim-4.69/src/EDITME 2008-08-13 15:25:31.000000000 +0100 -@@ -619,6 +619,20 @@ - - - #------------------------------------------------------------------------------ -+# On systems which support dynamic loading of shared libraries, Exim can -+# load a local_scan function specified in its config file instead of having -+# to be recompiled with the desired local_scan function. For a full -+# description of the API to this function, see the Exim specification. -+ -+DLOPEN_LOCAL_SCAN=yes -+ -+# If you set DLOPEN_LOCAL_SCAN, then you need to include -rdynamic in the -+# linker flags. Without it, the loaded .so won't be able to access any -+# functions from exim. -+ -+LFLAGS=-rdynamic -ldl -+ -+#------------------------------------------------------------------------------ - # The default distribution of Exim contains only the plain text form of the - # documentation. Other forms are available separately. If you want to install - # the documentation in "info" format, first fetch the Texinfo documentation -diff -uNr exim-4.69-old/src/globals.c exim-4.69/src/globals.c ---- exim-4.69-old/src/globals.c 2007-09-28 13:21:57.000000000 +0100 -+++ exim-4.69/src/globals.c 2008-08-13 15:25:31.000000000 +0100 -@@ -128,6 +128,9 @@ +--- exim-4.71/src/globals.c.dl 2009-11-16 19:50:37.000000000 +0000 ++++ exim-4.71/src/globals.c 2009-12-24 19:27:17.000000000 +0000 +@@ -129,6 +129,9 @@ uschar *tls_verify_certificates= NULL; uschar *tls_verify_hosts = NULL; #endif @@ -47,24 +10,33 @@ diff -uNr exim-4.69-old/src/globals.c exim-4.69/src/globals.c /* Input-reading functions for messages, so we can use special ones for incoming TCP/IP. The defaults use stdin. We never need these for any -diff -uNr exim-4.69-old/src/globals.h exim-4.69/src/globals.h ---- exim-4.69-old/src/globals.h 2007-09-28 13:21:57.000000000 +0100 -+++ exim-4.69/src/globals.h 2008-08-13 15:25:31.000000000 +0100 -@@ -88,6 +88,9 @@ - extern uschar *tls_verify_hosts; /* Mandatory client verification */ - #endif +--- exim-4.71/src/config.h.defaults.dl 2009-11-16 19:50:36.000000000 +0000 ++++ exim-4.71/src/config.h.defaults 2009-12-24 19:27:17.000000000 +0000 +@@ -27,6 +27,8 @@ it's a default value. */ + #define AUTH_VARS 3 + ++#define DLOPEN_LOCAL_SCAN ++ + #define BIN_DIRECTORY + + #define CONFIGURE_FILE +--- exim-4.71/src/readconf.c.dl 2009-11-16 19:50:37.000000000 +0000 ++++ exim-4.71/src/readconf.c 2009-12-24 19:27:17.000000000 +0000 +@@ -269,6 +269,9 @@ static optionlist optionlist_config[] = + { "local_from_prefix", opt_stringptr, &local_from_prefix }, + { "local_from_suffix", opt_stringptr, &local_from_suffix }, + { "local_interfaces", opt_stringptr, &local_interfaces }, +#ifdef DLOPEN_LOCAL_SCAN -+extern uschar *local_scan_path; /* Path to local_scan() library */ ++ { "local_scan_path", opt_stringptr, &local_scan_path }, +#endif - - /* Input-reading functions for messages, so we can use special ones for - incoming TCP/IP. */ -diff -uNr exim-4.69-old/src/local_scan.c exim-4.69/src/local_scan.c ---- exim-4.69-old/src/local_scan.c 2007-01-08 10:50:18.000000000 +0000 -+++ exim-4.69/src/local_scan.c 2008-08-13 15:25:31.000000000 +0100 + { "local_scan_timeout", opt_time, &local_scan_timeout }, + { "local_sender_retain", opt_bool, &local_sender_retain }, + { "localhost_number", opt_stringptr, &host_number_string }, +--- exim-4.71/src/local_scan.c.dl 2009-11-16 19:50:37.000000000 +0000 ++++ exim-4.71/src/local_scan.c 2009-12-24 19:27:17.000000000 +0000 @@ -7,60 +7,131 @@ - /* Copyright (c) University of Cambridge 1995 - 2007 */ + /* Copyright (c) University of Cambridge 1995 - 2009 */ /* See the file NOTICE for conditions of use and distribution. */ +#include "exim.h" @@ -242,16 +214,38 @@ diff -uNr exim-4.69-old/src/local_scan.c exim-4.69/src/local_scan.c +#endif /* DLOPEN_LOCAL_SCAN */ + /* End of local_scan.c */ -diff -uNr exim-4.69-old/src/readconf.c exim-4.69/src/readconf.c ---- exim-4.69-old/src/readconf.c 2007-08-23 12:01:49.000000000 +0100 -+++ exim-4.69/src/readconf.c 2008-08-13 15:25:31.000000000 +0100 -@@ -257,6 +257,9 @@ - { "local_from_prefix", opt_stringptr, &local_from_prefix }, - { "local_from_suffix", opt_stringptr, &local_from_suffix }, - { "local_interfaces", opt_stringptr, &local_interfaces }, +--- exim-4.71/src/globals.h.dl 2009-11-16 19:50:37.000000000 +0000 ++++ exim-4.71/src/globals.h 2009-12-24 19:27:17.000000000 +0000 +@@ -89,6 +89,9 @@ extern uschar *tls_verify_certificates;/ + extern uschar *tls_verify_hosts; /* Mandatory client verification */ + #endif + +#ifdef DLOPEN_LOCAL_SCAN -+ { "local_scan_path", opt_stringptr, &local_scan_path }, ++extern uschar *local_scan_path; /* Path to local_scan() library */ +#endif - { "local_scan_timeout", opt_time, &local_scan_timeout }, - { "local_sender_retain", opt_bool, &local_sender_retain }, - { "localhost_number", opt_stringptr, &host_number_string }, + + /* Input-reading functions for messages, so we can use special ones for + incoming TCP/IP. */ +--- exim-4.71/src/EDITME.dl 2009-12-24 19:26:59.000000000 +0000 ++++ exim-4.71/src/EDITME 2009-12-24 19:27:17.000000000 +0000 +@@ -632,6 +632,20 @@ TLS_LIBS=-lssl -lcrypto + + + #------------------------------------------------------------------------------ ++# On systems which support dynamic loading of shared libraries, Exim can ++# load a local_scan function specified in its config file instead of having ++# to be recompiled with the desired local_scan function. For a full ++# description of the API to this function, see the Exim specification. ++ ++DLOPEN_LOCAL_SCAN=yes ++ ++# If you set DLOPEN_LOCAL_SCAN, then you need to include -rdynamic in the ++# linker flags. Without it, the loaded .so won't be able to access any ++# functions from exim. ++ ++LFLAGS=-rdynamic -ldl ++ ++#------------------------------------------------------------------------------ + # The default distribution of Exim contains only the plain text form of the + # documentation. Other forms are available separately. If you want to install + # the documentation in "info" format, first fetch the Texinfo documentation diff --git a/exim-4.69-dynlookup.patch b/exim-4.71-dynlookup.patch similarity index 83% rename from exim-4.69-dynlookup.patch rename to exim-4.71-dynlookup.patch index e3cd669..cbfd244 100644 --- a/exim-4.69-dynlookup.patch +++ b/exim-4.71-dynlookup.patch @@ -1,12 +1,7 @@ -diff -uNr exim-4.69-old/Makefile exim-4.69/Makefile ---- exim-4.69-old/Makefile 2005-09-12 14:55:54.000000000 +0100 -+++ exim-4.69/Makefile 2008-08-13 15:30:05.000000000 +0100 -@@ -80,11 +80,11 @@ - cd build-$(buildname); \ - $(RM_COMMAND) -f *.o lookups/*.o lookups/*.a auths/*.o auths/*.a \ - routers/*.o routers/*.a transports/*.o transports/*.a \ -- pcre/*.o pcre/*.a -+ pcre/*.o pcre/*.a lookups/*.so +diff -uNr exim-4.71/Makefile exim-4.71-dynlookup/Makefile +--- exim-4.71/Makefile 2009-11-16 19:50:36.000000000 +0000 ++++ exim-4.71-dynlookup/Makefile 2009-12-24 19:54:45.000000000 +0000 +@@ -81,7 +81,7 @@ clean_exim:; cd build-$(buildname); \ $(RM_COMMAND) -f *.o lookups/*.o lookups/*.a auths/*.o auths/*.a \ @@ -15,10 +10,10 @@ diff -uNr exim-4.69-old/Makefile exim-4.69/Makefile distclean:; $(RM_COMMAND) -rf build-* -diff -uNr exim-4.69-old/OS/Makefile-Base exim-4.69/OS/Makefile-Base ---- exim-4.69-old/OS/Makefile-Base 2008-08-13 15:29:21.000000000 +0100 -+++ exim-4.69/OS/Makefile-Base 2008-08-13 15:30:05.000000000 +0100 -@@ -311,6 +311,7 @@ +diff -uNr exim-4.71/OS/Makefile-Base exim-4.71-dynlookup/OS/Makefile-Base +--- exim-4.71/OS/Makefile-Base 2009-06-10 08:34:04.000000000 +0100 ++++ exim-4.71-dynlookup/OS/Makefile-Base 2009-12-24 19:54:45.000000000 +0000 +@@ -313,6 +313,7 @@ rda.o readconf.o receive.o retry.o rewrite.o rfc2047.o \ route.o search.o sieve.o smtp_in.o smtp_out.o spool_in.o spool_out.o \ store.o string.o tls.o tod.o transport.o tree.o verify.o \ @@ -26,9 +21,9 @@ diff -uNr exim-4.69-old/OS/Makefile-Base exim-4.69/OS/Makefile-Base local_scan.o $(EXIM_PERL) $(OBJ_WITH_CONTENT_SCAN) \ $(OBJ_WITH_OLD_DEMIME) $(OBJ_EXPERIMENTAL) -diff -uNr exim-4.69-old/scripts/Configure-Makefile exim-4.69/scripts/Configure-Makefile ---- exim-4.69-old/scripts/Configure-Makefile 2008-08-13 15:29:21.000000000 +0100 -+++ exim-4.69/scripts/Configure-Makefile 2008-08-13 15:30:05.000000000 +0100 +diff -uNr exim-4.71/scripts/Configure-Makefile exim-4.71-dynlookup/scripts/Configure-Makefile +--- exim-4.71/scripts/Configure-Makefile 2009-11-20 21:22:20.000000000 +0000 ++++ exim-4.71-dynlookup/scripts/Configure-Makefile 2009-12-24 19:54:45.000000000 +0000 @@ -107,7 +107,7 @@ echo "# End of $f" echo "" @@ -38,10 +33,10 @@ diff -uNr exim-4.69-old/scripts/Configure-Makefile exim-4.69/scripts/Configure-M # See if there is a definition of EXIM_PERL in what we have built so far. # If so, run Perl to find the default values for PERL_CC, PERL_CCOPTS, -diff -uNr exim-4.69-old/scripts/MakeLinks exim-4.69/scripts/MakeLinks ---- exim-4.69-old/scripts/MakeLinks 2007-09-28 13:21:57.000000000 +0100 -+++ exim-4.69/scripts/MakeLinks 2008-08-13 15:30:05.000000000 +0100 -@@ -204,6 +204,7 @@ +diff -uNr exim-4.71/scripts/MakeLinks exim-4.71-dynlookup/scripts/MakeLinks +--- exim-4.71/scripts/MakeLinks 2009-11-13 15:58:17.000000000 +0000 ++++ exim-4.71-dynlookup/scripts/MakeLinks 2009-12-24 19:54:45.000000000 +0000 +@@ -197,6 +197,7 @@ ln -s ../src/osfunctions.h osfunctions.h ln -s ../src/store.h store.h ln -s ../src/structs.h structs.h @@ -49,10 +44,10 @@ diff -uNr exim-4.69-old/scripts/MakeLinks exim-4.69/scripts/MakeLinks ln -s ../src/acl.c acl.c ln -s ../src/buildconfig.c buildconfig.c -diff -uNr exim-4.69-old/src/config.h.defaults exim-4.69/src/config.h.defaults ---- exim-4.69-old/src/config.h.defaults 2008-08-13 15:29:21.000000000 +0100 -+++ exim-4.69/src/config.h.defaults 2008-08-13 15:30:05.000000000 +0100 -@@ -92,6 +92,8 @@ +diff -uNr exim-4.71/src/config.h.defaults exim-4.71-dynlookup/src/config.h.defaults +--- exim-4.71/src/config.h.defaults 2009-11-16 19:50:36.000000000 +0000 ++++ exim-4.71-dynlookup/src/config.h.defaults 2009-12-24 19:54:45.000000000 +0000 +@@ -90,6 +90,8 @@ #define LOOKUP_WILDLSEARCH #define LOOKUP_NWILDLSEARCH @@ -61,9 +56,9 @@ diff -uNr exim-4.69-old/src/config.h.defaults exim-4.69/src/config.h.defaults #define MAX_FILTER_SIZE (1024*1024) #define MAX_LOCALHOST_NUMBER 256 #define MAX_INCLUDE_SIZE (1024*1024) -diff -uNr exim-4.69-old/src/drtables.c exim-4.69/src/drtables.c ---- exim-4.69-old/src/drtables.c 2007-09-28 13:21:57.000000000 +0100 -+++ exim-4.69/src/drtables.c 2008-08-13 15:30:05.000000000 +0100 +diff -uNr exim-4.71/src/drtables.c exim-4.71-dynlookup/src/drtables.c +--- exim-4.71/src/drtables.c 2009-11-16 19:50:36.000000000 +0000 ++++ exim-4.71-dynlookup/src/drtables.c 2009-12-24 19:54:45.000000000 +0000 @@ -10,6 +10,8 @@ #include "exim.h" @@ -73,10 +68,24 @@ diff -uNr exim-4.69-old/src/drtables.c exim-4.69/src/drtables.c /* This module contains tables that define the lookup methods and drivers that are actually included in the binary. Its contents are controlled by -@@ -31,535 +33,8 @@ +@@ -17,527 +19,8 @@ + all described in src/EDITME. */ - static void dummy(int x) { dummy(x-1); } +-/* The OSF1 (Digital Unix) linker puts out a worrying warning if any sections +-contain no executable code. It says +- +-Warning: Linking some objects which contain exception information sections +- and some which do not. This may cause fatal runtime exception handling +- problems. +- +-As this may cause people to worry needlessly, include a dummy function here +-to stop the message from appearing. Make it call itself to stop picky compilers +-compilers complaining that it is unused, and put in a dummy argument to stop +-even pickier compilers complaining about infinite loops. */ +- +-static void dummy(int x) { dummy(x-1); } +- - -/* Table of information about all possible lookup methods. The entries are -always present, but the "open" and "find" functions are set to NULL for those @@ -151,11 +160,6 @@ diff -uNr exim-4.69-old/src/drtables.c exim-4.69/src/drtables.c -#include "lookups/whoson.h" -#endif - --#ifdef EXPERIMENTAL_DKIM --#include "lookups/dkim.h" --#endif -- -- -/* The second field in each item below is a set of bit flags: - - lookup_querystyle => this is a query-style lookup, @@ -222,23 +226,6 @@ diff -uNr exim-4.69-old/src/drtables.c exim-4.69/src/drtables.c -#endif - }, - --/* DKIM lookups */ -- -- { -- US"dkim", /* lookup name */ -- lookup_querystyle, /* query style */ --#ifdef EXPERIMENTAL_DKIM -- dkim_open, /* open function */ -- NULL, /* check function */ -- dkim_find, /* find function */ -- NULL, /* no close function */ -- NULL, /* no tidy function */ -- NULL /* no quoting function */ --#else -- NULL, NULL, NULL, NULL, NULL, NULL /* lookup not present */ --#endif -- }, -- -/* Using DNS TXT records as a database */ - - { @@ -611,7 +598,7 @@ diff -uNr exim-4.69-old/src/drtables.c exim-4.69/src/drtables.c /* Table of information about all possible authentication mechamisms. All entries are always present if any mechanism is declared, but the functions are -@@ -887,4 +362,226 @@ +@@ -865,4 +348,226 @@ { US"", NULL, NULL, NULL, 0, NULL, NULL, NULL, NULL, FALSE } }; @@ -661,7 +648,7 @@ diff -uNr exim-4.69-old/src/drtables.c exim-4.69/src/drtables.c +{ + DIR *dd; + struct dirent *ent; -+ const pcre *regex_islookupmod = regex_must_compile("\\.so$", FALSE, TRUE); ++ const pcre *regex_islookupmod = regex_must_compile(US"\\.so$", FALSE, TRUE); + int countmodules = 0; + int moduleerrors = 0; + struct lookupmodulestr *p; @@ -676,11 +663,6 @@ diff -uNr exim-4.69-old/src/drtables.c exim-4.69/src/drtables.c + addlookupmodule(NULL, &dbmdb_lookup_module_info); +#endif + -+#if defined(LOOKUP_DKIM) && LOOKUP_DKIM!=2 -+extern lookup_module_info dkim_lookup_module_info; -+ addlookupmodule(NULL, &dkim_lookup_module_info); -+#endif -+ +#if defined(LOOKUP_DNSDB) && LOOKUP_DNSDB!=2 +extern lookup_module_info dnsdb_lookup_module_info; + addlookupmodule(NULL, &dnsdb_lookup_module_info); @@ -760,6 +742,7 @@ diff -uNr exim-4.69-old/src/drtables.c exim-4.69/src/drtables.c + dd = opendir(LOOKUP_MODULE_DIR); + if (dd == NULL) { + DEBUG(5) debug_printf("Couldn't open %s: not loading lookup modules\n", LOOKUP_MODULE_DIR); ++ log_write(0, LOG_MAIN, "Couldn't open %s: not loading lookup modules\n", LOOKUP_MODULE_DIR); + } + else { + DEBUG(9) debug_printf("Loading lookup modules from %s\n", LOOKUP_MODULE_DIR); @@ -774,17 +757,19 @@ diff -uNr exim-4.69-old/src/drtables.c exim-4.69/src/drtables.c + + /* SRH: am I being paranoid here or what? */ + if (pathnamelen > big_buffer_size) { -+ fprintf(stderr, "%s/%s: name too long\n", LOOKUP_MODULE_DIR, name); ++ fprintf(stderr, "Loading lookup modules: %s/%s: name too long\n", LOOKUP_MODULE_DIR, name); ++ log_write(0, LOG_MAIN|LOG_PANIC, "%s/%s: name too long\n", LOOKUP_MODULE_DIR, name); + continue; + } + + /* SRH: snprintf here? */ -+ sprintf(big_buffer, "%s/%s", LOOKUP_MODULE_DIR, name); ++ sprintf(CS big_buffer, "%s/%s", LOOKUP_MODULE_DIR, name); + -+ dl = dlopen(big_buffer, RTLD_NOW);// TJ was LAZY ++ dl = dlopen(CS big_buffer, RTLD_NOW);// TJ was LAZY + if (dl == NULL) { + fprintf(stderr, "Error loading %s: %s\n", name, dlerror()); + moduleerrors++; ++ log_write(0, LOG_MAIN|LOG_PANIC, "Error loading lookup module %s: %s\n", name, dlerror()); + continue; + } + @@ -793,12 +778,14 @@ diff -uNr exim-4.69-old/src/drtables.c exim-4.69/src/drtables.c + fprintf(stderr, "%s does not appear to be a lookup module (%s)\n", name, errormsg); + dlclose(dl); + moduleerrors++; ++ log_write(0, LOG_MAIN|LOG_PANIC, "%s does not appear to be a lookup module (%s)\n", name, errormsg); + continue; + } + if (info->magic != LOOKUP_MODULE_INFO_MAGIC) { + fprintf(stderr, "Lookup module %s is not compatible with this version of Exim\n", name); + dlclose(dl); + moduleerrors++; ++ log_write(0, LOG_MAIN|LOG_PANIC, "Lookup module %s is not compatible with this version of Exim\n", name); + continue; + } + @@ -838,20 +825,21 @@ diff -uNr exim-4.69-old/src/drtables.c exim-4.69/src/drtables.c +} + /* End of drtables.c */ -diff -uNr exim-4.69-old/src/EDITME exim-4.69/src/EDITME ---- exim-4.69-old/src/EDITME 2008-08-13 15:29:21.000000000 +0100 -+++ exim-4.69/src/EDITME 2008-08-13 15:30:05.000000000 +0100 -@@ -248,6 +248,9 @@ - SUPPORT_MAILSTORE=yes - SUPPORT_MBX=yes +diff -uNr exim-4.71/src/EDITME exim-4.71-dynlookup/src/EDITME +--- exim-4.71/src/EDITME 2009-11-20 12:18:19.000000000 +0000 ++++ exim-4.71-dynlookup/src/EDITME 2009-12-24 19:54:45.000000000 +0000 +@@ -250,6 +250,10 @@ -+#------------------------------------------------------------------------------ -+# See below for dynamic lookup modules. -+# LOOKUP_MODULE_DIR=/usr/lib/exim/lookups/ #------------------------------------------------------------------------------ ++# See below for dynamic lookup modules. ++# LOOKUP_MODULE_DIR=/usr/lib/exim/lookups/ ++ ++#------------------------------------------------------------------------------ # These settings determine which file and database lookup methods are included -@@ -257,6 +260,18 @@ + # in the binary. See the manual chapter entitled "File and database lookups" + # for discussion. DBM and lsearch (linear search) are included by default. If +@@ -257,6 +261,18 @@ # LOOKUP_DNSDB does *not* refer to general mail routing using the DNS. It is # for the specialist case of using the DNS as a general database facility (not # common). @@ -870,9 +858,9 @@ diff -uNr exim-4.69-old/src/EDITME exim-4.69/src/EDITME LOOKUP_DBM=yes LOOKUP_LSEARCH=yes -diff -uNr exim-4.69-old/src/exim.c exim-4.69/src/exim.c ---- exim-4.69-old/src/exim.c 2007-09-28 13:21:57.000000000 +0100 -+++ exim-4.69/src/exim.c 2008-08-13 15:30:05.000000000 +0100 +diff -uNr exim-4.71/src/exim.c exim-4.71-dynlookup/src/exim.c +--- exim-4.71/src/exim.c 2009-11-16 19:50:36.000000000 +0000 ++++ exim-4.71-dynlookup/src/exim.c 2009-12-24 19:54:45.000000000 +0000 @@ -925,53 +925,53 @@ #endif fprintf(f, "\n"); @@ -944,20 +932,21 @@ diff -uNr exim-4.69-old/src/exim.c exim-4.69/src/exim.c fprintf(f, " whoson"); #endif fprintf(f, "\n"); -@@ -3424,6 +3424,9 @@ +@@ -3432,6 +3432,10 @@ } #endif /* EXIM_PERL */ +/* Initialise lookup_list */ ++extern void init_lookup_list(void); +init_lookup_list(); + /* Log the arguments of the call if the configuration file said so. This is a debugging feature for finding out what arguments certain MUAs actually use. Don't attempt it if logging is disabled, or if listing variables or if -diff -uNr exim-4.69-old/src/expand.c exim-4.69/src/expand.c ---- exim-4.69-old/src/expand.c 2007-10-04 14:23:05.000000000 +0100 -+++ exim-4.69/src/expand.c 2008-08-13 15:30:05.000000000 +0100 -@@ -5373,8 +5373,8 @@ +diff -uNr exim-4.71/src/expand.c exim-4.71-dynlookup/src/expand.c +--- exim-4.71/src/expand.c 2009-11-16 19:50:36.000000000 +0000 ++++ exim-4.71-dynlookup/src/expand.c 2009-12-24 19:54:45.000000000 +0000 +@@ -5473,8 +5473,8 @@ goto EXPAND_FAILED; } @@ -968,10 +957,35 @@ diff -uNr exim-4.69-old/src/expand.c exim-4.69/src/expand.c else if (opt != NULL) sub = NULL; if (sub == NULL) -diff -uNr exim-4.69-old/src/globals.h exim-4.69/src/globals.h ---- exim-4.69-old/src/globals.h 2008-08-13 15:29:21.000000000 +0100 -+++ exim-4.69/src/globals.h 2008-08-13 15:30:05.000000000 +0100 -@@ -432,7 +432,7 @@ +diff -uNr exim-4.71/src/globals.c exim-4.71-dynlookup/src/globals.c +--- exim-4.71/src/globals.c 2009-11-16 19:50:37.000000000 +0000 ++++ exim-4.71-dynlookup/src/globals.c 2009-12-24 19:54:45.000000000 +0000 +@@ -13,21 +13,6 @@ + #include "exim.h" + + +-/* The OSF1 linker puts out a worrying warning if any sections contain no +-executable code. It says +- +-Warning: Linking some objects which contain exception information sections +- and some which do not. This may cause fatal runtime exception handling +- problems. +- +-As this may cause people to worry needlessly, include a dummy function here +-to stop the message from appearing. Make it reference itself to stop picky +-compilers complaining that it is unused, and put in a dummy argument to stop +-even pickier compilers complaining about infinite loops. */ +- +-static void dummy(int x) { dummy(x-1); } +- +- + /* Generic options for auths, all of which live inside auth_instance + data blocks and hence have the opt_public flag set. */ + +diff -uNr exim-4.71/src/globals.h exim-4.71-dynlookup/src/globals.h +--- exim-4.71/src/globals.h 2009-11-16 19:50:37.000000000 +0000 ++++ exim-4.71-dynlookup/src/globals.h 2009-12-24 19:54:45.000000000 +0000 +@@ -440,7 +440,7 @@ extern BOOL log_timezone; /* TRUE to include the timezone in log lines */ extern unsigned int log_write_selector;/* Bit map of logging options for log_write() */ extern uschar *login_sender_address; /* The actual sender address */ @@ -980,10 +994,20 @@ diff -uNr exim-4.69-old/src/globals.h exim-4.69/src/globals.h extern int lookup_list_count; /* Number of entries in the list */ extern int lookup_open_max; /* Max lookup files to cache */ extern uschar *lookup_value; /* Value looked up from file */ -diff -uNr exim-4.69-old/src/lookupapi.h exim-4.69/src/lookupapi.h ---- exim-4.69-old/src/lookupapi.h 1970-01-01 01:00:00.000000000 +0100 -+++ exim-4.69/src/lookupapi.h 2008-08-13 15:30:05.000000000 +0100 -@@ -0,0 +1,45 @@ +diff -uNr exim-4.71/src/lookupapi.h exim-4.71-dynlookup/src/lookupapi.h +--- exim-4.71/src/lookupapi.h 1970-01-01 01:00:00.000000000 +0100 ++++ exim-4.71-dynlookup/src/lookupapi.h 2009-12-24 19:54:45.000000000 +0000 +@@ -0,0 +1,58 @@ ++/* $Cambridge$ */ ++ ++/************************************************* ++* Exim - an Internet mail transport agent * ++*************************************************/ ++ ++/* Copyright (c) University of Cambridge 1995 - 2009 */ ++/* See the file NOTICE for conditions of use and distribution. */ ++ ++ +/* The "type" field in each item is a set of bit flags: + + lookup_querystyle => this is a query-style lookup, @@ -1021,7 +1045,8 @@ diff -uNr exim-4.69-old/src/lookupapi.h exim-4.69/src/lookupapi.h + uschar *); /* additional data from quote name */ +} lookup_info; + -+/* "LMM1" */ ++/* This magic number is used by the following lookup_module_info structure ++ for checking API compatibility. It's equivalent to the string"LMM1" */ +#define LOOKUP_MODULE_INFO_MAGIC 0x4c4d4d31 + +typedef struct lookup_module_info { @@ -1029,9 +1054,11 @@ diff -uNr exim-4.69-old/src/lookupapi.h exim-4.69/src/lookupapi.h + lookup_info **lookups; + uint lookupcount; +} lookup_module_info; -diff -uNr exim-4.69-old/src/lookups/cdb.c exim-4.69/src/lookups/cdb.c ---- exim-4.69-old/src/lookups/cdb.c 2005-06-27 15:29:44.000000000 +0100 -+++ exim-4.69/src/lookups/cdb.c 2008-08-13 15:30:05.000000000 +0100 ++ ++/* End of lookupapi.h */ +diff -uNr exim-4.71/src/lookups/cdb.c exim-4.71-dynlookup/src/lookups/cdb.c +--- exim-4.71/src/lookups/cdb.c 2005-06-27 15:29:44.000000000 +0100 ++++ exim-4.71-dynlookup/src/lookups/cdb.c 2009-12-24 19:54:45.000000000 +0000 @@ -56,7 +56,6 @@ #include "../exim.h" @@ -1101,9 +1128,9 @@ diff -uNr exim-4.69-old/src/lookups/cdb.c exim-4.69/src/lookups/cdb.c +lookup_module_info cdb_lookup_module_info = { LOOKUP_MODULE_INFO_MAGIC, _lookup_list, 1 }; + /* End of lookups/cdb.c */ -diff -uNr exim-4.69-old/src/lookups/cdb.h exim-4.69/src/lookups/cdb.h ---- exim-4.69-old/src/lookups/cdb.h 2004-10-07 14:10:01.000000000 +0100 -+++ exim-4.69/src/lookups/cdb.h 1970-01-01 01:00:00.000000000 +0100 +diff -uNr exim-4.71/src/lookups/cdb.h exim-4.71-dynlookup/src/lookups/cdb.h +--- exim-4.71/src/lookups/cdb.h 2004-10-07 14:10:01.000000000 +0100 ++++ exim-4.71-dynlookup/src/lookups/cdb.h 2009-12-24 19:54:45.000000000 +0000 @@ -1,59 +0,0 @@ -/* $Cambridge: exim/exim-src/src/lookups/cdb.h,v 1.1 2004/10/07 13:10:01 ph10 Exp $ */ - @@ -1164,9 +1191,9 @@ diff -uNr exim-4.69-old/src/lookups/cdb.h exim-4.69/src/lookups/cdb.h -extern void cdb_close(void *); - -/* End of cdb.h */ -diff -uNr exim-4.69-old/src/lookups/dbmdb.c exim-4.69/src/lookups/dbmdb.c ---- exim-4.69-old/src/lookups/dbmdb.c 2007-01-08 10:50:19.000000000 +0000 -+++ exim-4.69/src/lookups/dbmdb.c 2008-08-13 15:30:05.000000000 +0100 +diff -uNr exim-4.71/src/lookups/dbmdb.c exim-4.71-dynlookup/src/lookups/dbmdb.c +--- exim-4.71/src/lookups/dbmdb.c 2009-11-16 19:50:38.000000000 +0000 ++++ exim-4.71-dynlookup/src/lookups/dbmdb.c 2009-12-24 19:54:45.000000000 +0000 @@ -9,7 +9,6 @@ #include "../exim.h" @@ -1202,22 +1229,21 @@ diff -uNr exim-4.69-old/src/lookups/dbmdb.c exim-4.69/src/lookups/dbmdb.c dbmdb_find(void *handle, uschar *filename, uschar *keystring, int length, uschar **result, uschar **errmsg, BOOL *do_cache) { -@@ -121,7 +120,7 @@ - +@@ -122,7 +121,7 @@ /* See local README for interface description */ --int -+static int - dbmnz_find(void *handle, uschar *filename, uschar *keystring, int length, + int +-dbmnz_find(void *handle, uschar *filename, uschar *keystring, int length, ++static dbmnz_find(void *handle, uschar *filename, uschar *keystring, int length, uschar **result, uschar **errmsg, BOOL *do_cache) { -@@ -137,10 +136,39 @@ - + return dbmdb_find(handle, filename, keystring, length-1, result, errmsg, +@@ -138,9 +137,38 @@ /* See local README for interface description */ --void -+static void - dbmdb_close(void *handle) + void +-dbmdb_close(void *handle) ++static dbmdb_close(void *handle) { EXIM_DBCLOSE((EXIM_DB *)handle); } @@ -1252,17 +1278,17 @@ diff -uNr exim-4.69-old/src/lookups/dbmdb.c exim-4.69/src/lookups/dbmdb.c +lookup_module_info dbmdb_lookup_module_info = { LOOKUP_MODULE_INFO_MAGIC, _lookup_list, 2 }; + /* End of lookups/dbmdb.c */ -diff -uNr exim-4.69-old/src/lookups/dbmdb.h exim-4.69/src/lookups/dbmdb.h ---- exim-4.69-old/src/lookups/dbmdb.h 2007-01-08 10:50:19.000000000 +0000 -+++ exim-4.69/src/lookups/dbmdb.h 1970-01-01 01:00:00.000000000 +0100 +diff -uNr exim-4.71/src/lookups/dbmdb.h exim-4.71-dynlookup/src/lookups/dbmdb.h +--- exim-4.71/src/lookups/dbmdb.h 2009-11-16 19:50:38.000000000 +0000 ++++ exim-4.71-dynlookup/src/lookups/dbmdb.h 1970-01-01 01:00:00.000000000 +0100 @@ -1,21 +0,0 @@ --/* $Cambridge: exim/exim-src/src/lookups/dbmdb.h,v 1.4 2007/01/08 10:50:19 ph10 Exp $ */ +-/* $Cambridge: exim/exim-src/src/lookups/dbmdb.h,v 1.5 2009/11/16 19:50:38 nm4 Exp $ */ - -/************************************************* -* Exim - an Internet mail transport agent * -*************************************************/ - --/* Copyright (c) University of Cambridge 1995 - 2007 */ +-/* Copyright (c) University of Cambridge 1995 - 2009 */ -/* See the file NOTICE for conditions of use and distribution. */ - -/* Header for the dbm lookup. Use dbmdb in the code to avoid name @@ -1277,91 +1303,18 @@ diff -uNr exim-4.69-old/src/lookups/dbmdb.h exim-4.69/src/lookups/dbmdb.h -extern void dbmdb_close(void *); - -/* End of lookups/dbmdb.h */ -diff -uNr exim-4.69-old/src/lookups/dkim.c exim-4.69/src/lookups/dkim.c ---- exim-4.69-old/src/lookups/dkim.c 2007-09-28 13:21:57.000000000 +0100 -+++ exim-4.69/src/lookups/dkim.c 2008-08-13 15:30:05.000000000 +0100 -@@ -8,7 +8,6 @@ - /* See the file NOTICE for conditions of use and distribution. */ - - #include "../exim.h" --#include "dkim.h" - - - -@@ -18,7 +17,7 @@ - - /* See local README for interface description */ - --void * -+static void * - dkim_open(uschar *filename, uschar **errmsg) - { - filename = filename; /* Keep picky compilers happy */ -@@ -35,7 +34,7 @@ - - /* See local README for interface description */ - --int -+static int - dkim_find(void *handle, uschar *filename, uschar *keystring, int length, - uschar **result, uschar **errmsg, BOOL *do_cache) - { -@@ -49,4 +48,22 @@ - #endif - } - -+lookup_info cdb_lookup_info = { -+ US"dkim", /* lookup name */ -+ lookup_querystyle, /* query style */ -+ dkim_open, /* open function */ -+ NULL, /* check function */ -+ dkim_find, /* find function */ -+ NULL, /* no close function */ -+ NULL, /* no tidy function */ -+ NULL /* no quoting function */ -+}; -+ -+#ifdef DYNLOOKUP -+#define cdb_lookup_module_info _lookup_module_info -+#endif -+ -+static lookup_info *_lookup_list[] = { &dkim_lookup_info }; -+lookup_module_info cdb_lookup_module_info = { LOOKUP_MODULE_INFO_MAGIC, _lookup_list, 1 }; -+ - /* End of lookups/dkim.c */ -diff -uNr exim-4.69-old/src/lookups/dkim.h exim-4.69/src/lookups/dkim.h ---- exim-4.69-old/src/lookups/dkim.h 2007-09-28 13:21:57.000000000 +0100 -+++ exim-4.69/src/lookups/dkim.h 1970-01-01 01:00:00.000000000 +0100 -@@ -1,16 +0,0 @@ --/* $Cambridge: exim/exim-src/src/lookups/dkim.h,v 1.1 2007/09/28 12:21:57 tom Exp $ */ -- --/************************************************* --* Exim - an Internet mail transport agent * --*************************************************/ -- --/* Copyright (c) University of Cambridge 1995 - 2007 */ --/* See the file NOTICE for conditions of use and distribution. */ -- --/* Header for the DKIM lookup */ -- --extern void *dkim_open(uschar *, uschar **); --extern int dkim_find(void *, uschar *, uschar *, int, uschar **, uschar **, -- BOOL *); -- --/* End of lookups/dkim.h */ -diff -uNr exim-4.69-old/src/lookups/dnsdb.c exim-4.69/src/lookups/dnsdb.c ---- exim-4.69-old/src/lookups/dnsdb.c 2007-01-08 10:50:19.000000000 +0000 -+++ exim-4.69/src/lookups/dnsdb.c 2008-08-13 15:30:05.000000000 +0100 -@@ -9,8 +9,6 @@ +diff -uNr exim-4.71/src/lookups/dnsdb.c exim-4.71-dynlookup/src/lookups/dnsdb.c +--- exim-4.71/src/lookups/dnsdb.c 2009-11-16 19:50:38.000000000 +0000 ++++ exim-4.71-dynlookup/src/lookups/dnsdb.c 2009-12-24 19:54:47.000000000 +0000 +@@ -9,7 +9,6 @@ #include "../exim.h" #include "lf_functions.h" -#include "dnsdb.h" -- - /* Ancient systems (e.g. SunOS4) don't appear to have T_TXT defined in their -@@ -67,7 +65,7 @@ + +@@ -67,7 +66,7 @@ /* See local README for interface description. */ @@ -1370,7 +1323,7 @@ diff -uNr exim-4.69-old/src/lookups/dnsdb.c exim-4.69/src/lookups/dnsdb.c dnsdb_open(uschar *filename, uschar **errmsg) { filename = filename; /* Keep picky compilers happy */ -@@ -102,7 +100,7 @@ +@@ -102,7 +101,7 @@ which may start with '<' in order to set a specific separator. The default separator, as always, is colon. */ @@ -1379,7 +1332,7 @@ diff -uNr exim-4.69-old/src/lookups/dnsdb.c exim-4.69/src/lookups/dnsdb.c dnsdb_find(void *handle, uschar *filename, uschar *keystring, int length, uschar **result, uschar **errmsg, BOOL *do_cache) { -@@ -394,4 +392,22 @@ +@@ -400,4 +399,22 @@ return OK; } @@ -1402,17 +1355,17 @@ diff -uNr exim-4.69-old/src/lookups/dnsdb.c exim-4.69/src/lookups/dnsdb.c +lookup_module_info dnsdb_lookup_module_info = { LOOKUP_MODULE_INFO_MAGIC, _lookup_list, 1 }; + /* End of lookups/dnsdb.c */ -diff -uNr exim-4.69-old/src/lookups/dnsdb.h exim-4.69/src/lookups/dnsdb.h ---- exim-4.69-old/src/lookups/dnsdb.h 2007-01-08 10:50:19.000000000 +0000 -+++ exim-4.69/src/lookups/dnsdb.h 1970-01-01 01:00:00.000000000 +0100 +diff -uNr exim-4.71/src/lookups/dnsdb.h exim-4.71-dynlookup/src/lookups/dnsdb.h +--- exim-4.71/src/lookups/dnsdb.h 2009-11-16 19:50:38.000000000 +0000 ++++ exim-4.71-dynlookup/src/lookups/dnsdb.h 1970-01-01 01:00:00.000000000 +0100 @@ -1,16 +0,0 @@ --/* $Cambridge: exim/exim-src/src/lookups/dnsdb.h,v 1.4 2007/01/08 10:50:19 ph10 Exp $ */ +-/* $Cambridge: exim/exim-src/src/lookups/dnsdb.h,v 1.5 2009/11/16 19:50:38 nm4 Exp $ */ - -/************************************************* -* Exim - an Internet mail transport agent * -*************************************************/ - --/* Copyright (c) University of Cambridge 1995 - 2007 */ +-/* Copyright (c) University of Cambridge 1995 - 2009 */ -/* See the file NOTICE for conditions of use and distribution. */ - -/* Header for the dnsdb lookup */ @@ -1422,19 +1375,18 @@ diff -uNr exim-4.69-old/src/lookups/dnsdb.h exim-4.69/src/lookups/dnsdb.h - BOOL *); - -/* End of lookups/dnsdb.h */ -diff -uNr exim-4.69-old/src/lookups/dsearch.c exim-4.69/src/lookups/dsearch.c ---- exim-4.69-old/src/lookups/dsearch.c 2007-05-31 13:42:07.000000000 +0100 -+++ exim-4.69/src/lookups/dsearch.c 2008-08-13 15:30:05.000000000 +0100 -@@ -14,8 +14,6 @@ +diff -uNr exim-4.71/src/lookups/dsearch.c exim-4.71-dynlookup/src/lookups/dsearch.c +--- exim-4.71/src/lookups/dsearch.c 2009-11-16 19:50:38.000000000 +0000 ++++ exim-4.71-dynlookup/src/lookups/dsearch.c 2009-12-24 19:54:47.000000000 +0000 +@@ -14,7 +14,6 @@ #include "../exim.h" #include "lf_functions.h" -#include "dsearch.h" -- - /************************************************* -@@ -27,7 +25,7 @@ + +@@ -27,7 +26,7 @@ it open, because the "search" can be done by a call to lstat() rather than actually scanning through the list of files. */ @@ -1443,31 +1395,30 @@ diff -uNr exim-4.69-old/src/lookups/dsearch.c exim-4.69/src/lookups/dsearch.c dsearch_open(uschar *dirname, uschar **errmsg) { DIR *dp = opendir(CS dirname); -@@ -50,7 +48,7 @@ - /* The handle will always be (void *)(-1), but don't try casting it to an +@@ -51,7 +50,7 @@ integer as this gives warnings on 64-bit systems. */ --BOOL -+static BOOL - dsearch_check(void *handle, uschar *filename, int modemask, uid_t *owners, + BOOL +-dsearch_check(void *handle, uschar *filename, int modemask, uid_t *owners, ++static dsearch_check(void *handle, uschar *filename, int modemask, uid_t *owners, gid_t *owngroups, uschar **errmsg) { -@@ -68,7 +66,7 @@ - scanning the directory, as it is hopefully faster to let the OS do the scanning + handle = handle; +@@ -69,7 +68,7 @@ for us. */ --int -+static int - dsearch_find(void *handle, uschar *dirname, uschar *keystring, int length, + int +-dsearch_find(void *handle, uschar *dirname, uschar *keystring, int length, ++static dsearch_find(void *handle, uschar *dirname, uschar *keystring, int length, uschar **result, uschar **errmsg, BOOL *do_cache) { -@@ -114,10 +112,28 @@ - + struct stat statbuf; +@@ -115,9 +114,27 @@ /* See local README for interface description */ --void -+static void - dsearch_close(void *handle) + void +-dsearch_close(void *handle) ++static dsearch_close(void *handle) { handle = handle; /* Avoid compiler warning */ } @@ -1491,17 +1442,17 @@ diff -uNr exim-4.69-old/src/lookups/dsearch.c exim-4.69/src/lookups/dsearch.c +lookup_module_info dsearch_lookup_module_info = { LOOKUP_MODULE_INFO_MAGIC, _lookup_list, 1 }; + /* End of lookups/dsearch.c */ -diff -uNr exim-4.69-old/src/lookups/dsearch.h exim-4.69/src/lookups/dsearch.h ---- exim-4.69-old/src/lookups/dsearch.h 2007-01-08 10:50:19.000000000 +0000 -+++ exim-4.69/src/lookups/dsearch.h 1970-01-01 01:00:00.000000000 +0100 +diff -uNr exim-4.71/src/lookups/dsearch.h exim-4.71-dynlookup/src/lookups/dsearch.h +--- exim-4.71/src/lookups/dsearch.h 2009-11-16 19:50:38.000000000 +0000 ++++ exim-4.71-dynlookup/src/lookups/dsearch.h 1970-01-01 01:00:00.000000000 +0100 @@ -1,18 +0,0 @@ --/* $Cambridge: exim/exim-src/src/lookups/dsearch.h,v 1.4 2007/01/08 10:50:19 ph10 Exp $ */ +-/* $Cambridge: exim/exim-src/src/lookups/dsearch.h,v 1.5 2009/11/16 19:50:38 nm4 Exp $ */ - -/************************************************* -* Exim - an Internet mail transport agent * -*************************************************/ - --/* Copyright (c) University of Cambridge 1995 - 2007 */ +-/* Copyright (c) University of Cambridge 1995 - 2009 */ -/* See the file NOTICE for conditions of use and distribution. */ - -/* Header for the dsearch lookup */ @@ -1513,9 +1464,9 @@ diff -uNr exim-4.69-old/src/lookups/dsearch.h exim-4.69/src/lookups/dsearch.h -extern void dsearch_close(void *); - -/* End of lookups/dsearch.h */ -diff -uNr exim-4.69-old/src/lookups/ibase.c exim-4.69/src/lookups/ibase.c ---- exim-4.69-old/src/lookups/ibase.c 2007-01-08 10:50:19.000000000 +0000 -+++ exim-4.69/src/lookups/ibase.c 2008-08-13 15:30:05.000000000 +0100 +diff -uNr exim-4.71/src/lookups/ibase.c exim-4.71-dynlookup/src/lookups/ibase.c +--- exim-4.71/src/lookups/ibase.c 2009-11-16 19:50:38.000000000 +0000 ++++ exim-4.71-dynlookup/src/lookups/ibase.c 2009-12-24 19:54:48.000000000 +0000 @@ -11,14 +11,7 @@ #include "../exim.h" @@ -1585,22 +1536,22 @@ diff -uNr exim-4.69-old/src/lookups/ibase.c exim-4.69/src/lookups/ibase.c +#ifdef DYNLOOKUP +#define ibase_lookup_module_info _lookup_module_info #endif - ++ +static lookup_info *_lookup_list[] = { &_lookup_info }; +lookup_module_info ibase_lookup_module_info = { LOOKUP_MODULE_INFO_MAGIC, _lookup_list, 1 }; -+ + /* End of lookups/ibase.c */ -diff -uNr exim-4.69-old/src/lookups/ibase.h exim-4.69/src/lookups/ibase.h ---- exim-4.69-old/src/lookups/ibase.h 2007-01-08 10:50:19.000000000 +0000 -+++ exim-4.69/src/lookups/ibase.h 1970-01-01 01:00:00.000000000 +0100 +diff -uNr exim-4.71/src/lookups/ibase.h exim-4.71-dynlookup/src/lookups/ibase.h +--- exim-4.71/src/lookups/ibase.h 2009-11-16 19:50:38.000000000 +0000 ++++ exim-4.71-dynlookup/src/lookups/ibase.h 1970-01-01 01:00:00.000000000 +0100 @@ -1,18 +0,0 @@ --/* $Cambridge: exim/exim-src/src/lookups/ibase.h,v 1.4 2007/01/08 10:50:19 ph10 Exp $ */ +-/* $Cambridge: exim/exim-src/src/lookups/ibase.h,v 1.5 2009/11/16 19:50:38 nm4 Exp $ */ - -/************************************************* -* Exim - an Internet mail transport agent * -*************************************************/ - --/* Copyright (c) University of Cambridge 1995 - 2007 */ +-/* Copyright (c) University of Cambridge 1995 - 2009 */ -/* See the file NOTICE for conditions of use and distribution. */ - -/* Header for the Interbase lookup functions */ @@ -1612,10 +1563,10 @@ diff -uNr exim-4.69-old/src/lookups/ibase.h exim-4.69/src/lookups/ibase.h -extern uschar *ibase_quote(uschar *, uschar *); - -/* End of lookups/ibase.h */ -diff -uNr exim-4.69-old/src/lookups/ldap.c exim-4.69/src/lookups/ldap.c ---- exim-4.69-old/src/lookups/ldap.c 2007-01-08 10:50:19.000000000 +0000 -+++ exim-4.69/src/lookups/ldap.c 2008-08-13 15:30:05.000000000 +0100 -@@ -15,21 +15,6 @@ +diff -uNr exim-4.71/src/lookups/ldap.c exim-4.71-dynlookup/src/lookups/ldap.c +--- exim-4.71/src/lookups/ldap.c 2009-11-16 19:50:38.000000000 +0000 ++++ exim-4.71-dynlookup/src/lookups/ldap.c 2009-12-24 19:54:49.000000000 +0000 +@@ -15,20 +15,6 @@ #include "../exim.h" #include "lf_functions.h" @@ -1633,11 +1584,10 @@ diff -uNr exim-4.69-old/src/lookups/ldap.c exim-4.69/src/lookups/ldap.c -#ifndef LOOKUP_LDAP -static void dummy(int x) { dummy(x-1); } -#else -- + /* Include LDAP headers. The code below uses some "old" LDAP interfaces that - are deprecated in OpenLDAP. I don't know their status in other LDAP -@@ -1196,7 +1181,7 @@ +@@ -1196,7 +1182,7 @@ are handled by a common function, with a flag to differentiate between them. The handle and filename arguments are not used. */ @@ -1646,7 +1596,7 @@ diff -uNr exim-4.69-old/src/lookups/ldap.c exim-4.69/src/lookups/ldap.c eldap_find(void *handle, uschar *filename, uschar *ldap_url, int length, uschar **result, uschar **errmsg, BOOL *do_cache) { -@@ -1205,7 +1190,7 @@ +@@ -1205,7 +1191,7 @@ return(control_ldap_search(ldap_url, SEARCH_LDAP_SINGLE, result, errmsg)); } @@ -1655,7 +1605,7 @@ diff -uNr exim-4.69-old/src/lookups/ldap.c exim-4.69/src/lookups/ldap.c eldapm_find(void *handle, uschar *filename, uschar *ldap_url, int length, uschar **result, uschar **errmsg, BOOL *do_cache) { -@@ -1214,7 +1199,7 @@ +@@ -1214,7 +1200,7 @@ return(control_ldap_search(ldap_url, SEARCH_LDAP_MULTIPLE, result, errmsg)); } @@ -1664,7 +1614,7 @@ diff -uNr exim-4.69-old/src/lookups/ldap.c exim-4.69/src/lookups/ldap.c eldapdn_find(void *handle, uschar *filename, uschar *ldap_url, int length, uschar **result, uschar **errmsg, BOOL *do_cache) { -@@ -1240,7 +1225,7 @@ +@@ -1240,7 +1226,7 @@ /* See local README for interface description. */ @@ -1673,7 +1623,7 @@ diff -uNr exim-4.69-old/src/lookups/ldap.c exim-4.69/src/lookups/ldap.c eldap_open(uschar *filename, uschar **errmsg) { return (void *)(1); /* Just return something non-null */ -@@ -1255,7 +1240,7 @@ +@@ -1255,7 +1241,7 @@ /* See local README for interface description. Make sure that eldap_dn does not refer to reclaimed or worse, freed store */ @@ -1682,7 +1632,7 @@ diff -uNr exim-4.69-old/src/lookups/ldap.c exim-4.69/src/lookups/ldap.c eldap_tidy(void) { LDAP_CONNECTION *lcp = NULL; -@@ -1351,7 +1336,7 @@ +@@ -1351,7 +1337,7 @@ @@ -1691,7 +1641,7 @@ diff -uNr exim-4.69-old/src/lookups/ldap.c exim-4.69/src/lookups/ldap.c eldap_quote(uschar *s, uschar *opt) { register int c; -@@ -1470,6 +1455,44 @@ +@@ -1470,6 +1456,44 @@ return quoted; } @@ -1737,11 +1687,11 @@ diff -uNr exim-4.69-old/src/lookups/ldap.c exim-4.69/src/lookups/ldap.c +lookup_module_info ldap_lookup_module_info = { LOOKUP_MODULE_INFO_MAGIC, _lookup_list, 3 }; /* End of lookups/ldap.c */ -diff -uNr exim-4.69-old/src/lookups/ldap.h exim-4.69/src/lookups/ldap.h ---- exim-4.69-old/src/lookups/ldap.h 2007-01-08 10:50:19.000000000 +0000 -+++ exim-4.69/src/lookups/ldap.h 2008-08-13 15:30:05.000000000 +0100 +diff -uNr exim-4.71/src/lookups/ldap.h exim-4.71-dynlookup/src/lookups/ldap.h +--- exim-4.71/src/lookups/ldap.h 2009-11-16 19:50:38.000000000 +0000 ++++ exim-4.71-dynlookup/src/lookups/ldap.h 2009-12-24 19:54:49.000000000 +0000 @@ -7,18 +7,9 @@ - /* Copyright (c) University of Cambridge 1995 - 2007 */ + /* Copyright (c) University of Cambridge 1995 - 2009 */ /* See the file NOTICE for conditions of use and distribution. */ -/* Header for the ldap lookups */ @@ -1760,9 +1710,9 @@ diff -uNr exim-4.69-old/src/lookups/ldap.h exim-4.69/src/lookups/ldap.h -extern uschar *eldap_quote(uschar *, uschar *); /* End of lookups/ldap.h */ -diff -uNr exim-4.69-old/src/lookups/lsearch.c exim-4.69/src/lookups/lsearch.c ---- exim-4.69-old/src/lookups/lsearch.c 2007-01-08 10:50:19.000000000 +0000 -+++ exim-4.69/src/lookups/lsearch.c 2008-08-13 15:30:05.000000000 +0100 +diff -uNr exim-4.71/src/lookups/lsearch.c exim-4.71-dynlookup/src/lookups/lsearch.c +--- exim-4.71/src/lookups/lsearch.c 2009-11-16 19:50:38.000000000 +0000 ++++ exim-4.71-dynlookup/src/lookups/lsearch.c 2009-12-24 19:54:49.000000000 +0000 @@ -9,7 +9,6 @@ #include "../exim.h" @@ -1789,7 +1739,7 @@ diff -uNr exim-4.69-old/src/lookups/lsearch.c exim-4.69/src/lookups/lsearch.c lsearch_check(void *handle, uschar *filename, int modemask, uid_t *owners, gid_t *owngroups, uschar **errmsg) { -@@ -320,7 +319,7 @@ +@@ -324,7 +323,7 @@ /* See local README for interface description */ @@ -1798,7 +1748,7 @@ diff -uNr exim-4.69-old/src/lookups/lsearch.c exim-4.69/src/lookups/lsearch.c lsearch_find(void *handle, uschar *filename, uschar *keystring, int length, uschar **result, uschar **errmsg, BOOL *do_cache) { -@@ -337,7 +336,7 @@ +@@ -341,7 +340,7 @@ /* See local README for interface description */ @@ -1807,7 +1757,7 @@ diff -uNr exim-4.69-old/src/lookups/lsearch.c exim-4.69/src/lookups/lsearch.c wildlsearch_find(void *handle, uschar *filename, uschar *keystring, int length, uschar **result, uschar **errmsg, BOOL *do_cache) { -@@ -354,7 +353,7 @@ +@@ -358,7 +357,7 @@ /* See local README for interface description */ @@ -1816,7 +1766,7 @@ diff -uNr exim-4.69-old/src/lookups/lsearch.c exim-4.69/src/lookups/lsearch.c nwildlsearch_find(void *handle, uschar *filename, uschar *keystring, int length, uschar **result, uschar **errmsg, BOOL *do_cache) { -@@ -372,7 +371,7 @@ +@@ -376,7 +375,7 @@ /* See local README for interface description */ @@ -1825,7 +1775,7 @@ diff -uNr exim-4.69-old/src/lookups/lsearch.c exim-4.69/src/lookups/lsearch.c iplsearch_find(void *handle, uschar *filename, uschar *keystring, int length, uschar **result, uschar **errmsg, BOOL *do_cache) { -@@ -401,10 +400,64 @@ +@@ -405,10 +404,64 @@ /* See local README for interface description */ @@ -1891,17 +1841,17 @@ diff -uNr exim-4.69-old/src/lookups/lsearch.c exim-4.69/src/lookups/lsearch.c +lookup_module_info lsearch_lookup_module_info = { LOOKUP_MODULE_INFO_MAGIC, _lookup_list, 4 }; + /* End of lookups/lsearch.c */ -diff -uNr exim-4.69-old/src/lookups/lsearch.h exim-4.69/src/lookups/lsearch.h ---- exim-4.69-old/src/lookups/lsearch.h 2007-01-08 10:50:19.000000000 +0000 -+++ exim-4.69/src/lookups/lsearch.h 1970-01-01 01:00:00.000000000 +0100 +diff -uNr exim-4.71/src/lookups/lsearch.h exim-4.71-dynlookup/src/lookups/lsearch.h +--- exim-4.71/src/lookups/lsearch.h 2009-11-16 19:50:38.000000000 +0000 ++++ exim-4.71-dynlookup/src/lookups/lsearch.h 1970-01-01 01:00:00.000000000 +0100 @@ -1,25 +0,0 @@ --/* $Cambridge: exim/exim-src/src/lookups/lsearch.h,v 1.4 2007/01/08 10:50:19 ph10 Exp $ */ +-/* $Cambridge: exim/exim-src/src/lookups/lsearch.h,v 1.5 2009/11/16 19:50:38 nm4 Exp $ */ - -/************************************************* -* Exim - an Internet mail transport agent * -*************************************************/ - --/* Copyright (c) University of Cambridge 1995 - 2007 */ +-/* Copyright (c) University of Cambridge 1995 - 2009 */ -/* See the file NOTICE for conditions of use and distribution. */ - -/* Header for the lsearch and wildlsearch lookups */ @@ -1920,18 +1870,18 @@ diff -uNr exim-4.69-old/src/lookups/lsearch.h exim-4.69/src/lookups/lsearch.h - uschar **, BOOL *); - -/* End of lookups/lsearch.h */ -diff -uNr exim-4.69-old/src/lookups/Makefile exim-4.69/src/lookups/Makefile ---- exim-4.69-old/src/lookups/Makefile 2007-09-28 13:21:57.000000000 +0100 -+++ exim-4.69/src/lookups/Makefile 2008-08-13 15:30:05.000000000 +0100 -@@ -1,13 +1,181 @@ - # $Cambridge: exim/exim-src/src/lookups/Makefile,v 1.7 2007/09/28 12:21:57 tom Exp $ +diff -uNr exim-4.71/src/lookups/Makefile exim-4.71-dynlookup/src/lookups/Makefile +--- exim-4.71/src/lookups/Makefile 2009-06-10 08:34:05.000000000 +0100 ++++ exim-4.71-dynlookup/src/lookups/Makefile 2009-12-24 19:54:45.000000000 +0000 +@@ -1,13 +1,171 @@ + # $Cambridge: exim/exim-src/src/lookups/Makefile,v 1.9 2009/06/10 07:34:05 tom Exp $ -# Make file for building a library containing all the available lookups and -# calling it lookups.a. This is called from the main make file, after cd'ing -# to the lookups subdirectory. When the relevant LOOKUP_ macros are not -# defined, dummy modules get compiled. - --OBJ = cdb.o dbmdb.o dkim.o dnsdb.o dsearch.o ibase.o ldap.o lsearch.o mysql.o nis.o \ +-OBJ = cdb.o dbmdb.o dnsdb.o dsearch.o ibase.o ldap.o lsearch.o mysql.o nis.o \ - nisplus.o oracle.o passwd.o pgsql.o spf.o sqlite.o testdb.o whoson.o \ - lf_check_file.o lf_quote.o lf_sqlperform.o +# Make file for building all the available lookups. @@ -1964,16 +1914,6 @@ diff -uNr exim-4.69-old/src/lookups/Makefile exim-4.69/src/lookups/Makefile +endif +endif + -+ifeq ($(LOOKUP_DKIM),2) -+MODS += dkim.so -+LOOKUP_dkim_INCLUDE = $(LOOKUP_DKIM_INCLUDE) -+LOOKUP_dkim_LIBS = $(LOOKUP_DKIM_LIBS) -+else -+ifneq ($(LOOKUP_DKIM),) -+OBJ += dkim.o -+endif -+endif -+ +ifeq ($(LOOKUP_DNSDB),2) +MODS += dnsdb.so +LOOKUP_dnsdb_INCLUDE = $(LOOKUP_DNSDB_INCLUDE) @@ -2113,9 +2053,9 @@ diff -uNr exim-4.69-old/src/lookups/Makefile exim-4.69/src/lookups/Makefile lookups.a: $(OBJ) @$(RM_COMMAND) -f lookups.a -@@ -16,31 +184,54 @@ +@@ -15,30 +173,51 @@ + @$(AR) lookups.a $(OBJ) $(RANLIB) $@ - @$(RM_COMMAND) -rf ../drtables.o -.SUFFIXES: .o .c +.SUFFIXES: .o .c .so @@ -2131,7 +2071,6 @@ diff -uNr exim-4.69-old/src/lookups/Makefile exim-4.69/src/lookups/Makefile -cdb.o: $(HDRS) cdb.c cdb.h -dbmdb.o: $(HDRS) dbmdb.c dbmdb.h --dkim.o: $(HDRS) dkim.c dkim.h -dnsdb.o: $(HDRS) dnsdb.c dnsdb.h -dsearch.o: $(HDRS) dsearch.c dsearch.h -ibase.o: $(HDRS) ibase.c ibase.h @@ -2149,7 +2088,6 @@ diff -uNr exim-4.69-old/src/lookups/Makefile exim-4.69/src/lookups/Makefile -whoson.o: $(HDRS) whoson.c whoson.h +cdb.o: $(HDRS) cdb.c +dbmdb.o: $(HDRS) dbmdb.c -+dkim.o: $(HDRS) dkim.c +dnsdb.o: $(HDRS) dnsdb.c +dsearch.o: $(HDRS) dsearch.c +ibase.o: $(HDRS) ibase.c @@ -2168,7 +2106,6 @@ diff -uNr exim-4.69-old/src/lookups/Makefile exim-4.69/src/lookups/Makefile + +cdb.so: $(HDRS) cdb.c +dbmdb.so: $(HDRS) dbmdb.c -+dkim.so: $(HDRS) dkim.c +dnsdb.so: $(HDRS) dnsdb.c +dsearch.so: $(HDRS) dsearch.c +ibase.so: $(HDRS) ibase.c @@ -2184,12 +2121,11 @@ diff -uNr exim-4.69-old/src/lookups/Makefile exim-4.69/src/lookups/Makefile +sqlite.so: $(HDRS) sqlite.c +testdb.so: $(HDRS) testdb.c +whoson.so: $(HDRS) whoson.c -+ # End -diff -uNr exim-4.69-old/src/lookups/mysql.c exim-4.69/src/lookups/mysql.c ---- exim-4.69-old/src/lookups/mysql.c 2007-08-23 11:16:51.000000000 +0100 -+++ exim-4.69/src/lookups/mysql.c 2008-08-13 15:30:05.000000000 +0100 +diff -uNr exim-4.71/src/lookups/mysql.c exim-4.71-dynlookup/src/lookups/mysql.c +--- exim-4.71/src/lookups/mysql.c 2009-11-16 19:50:38.000000000 +0000 ++++ exim-4.71-dynlookup/src/lookups/mysql.c 2009-12-24 19:54:49.000000000 +0000 @@ -13,22 +13,6 @@ #include "../exim.h" @@ -2275,17 +2211,17 @@ diff -uNr exim-4.69-old/src/lookups/mysql.c exim-4.69/src/lookups/mysql.c +lookup_module_info mysql_lookup_module_info = { LOOKUP_MODULE_INFO_MAGIC, _lookup_list, 1 }; /* End of lookups/mysql.c */ -diff -uNr exim-4.69-old/src/lookups/mysql.h exim-4.69/src/lookups/mysql.h ---- exim-4.69-old/src/lookups/mysql.h 2007-01-08 10:50:19.000000000 +0000 -+++ exim-4.69/src/lookups/mysql.h 1970-01-01 01:00:00.000000000 +0100 +diff -uNr exim-4.71/src/lookups/mysql.h exim-4.71-dynlookup/src/lookups/mysql.h +--- exim-4.71/src/lookups/mysql.h 2009-11-16 19:50:38.000000000 +0000 ++++ exim-4.71-dynlookup/src/lookups/mysql.h 1970-01-01 01:00:00.000000000 +0100 @@ -1,18 +0,0 @@ --/* $Cambridge: exim/exim-src/src/lookups/mysql.h,v 1.4 2007/01/08 10:50:19 ph10 Exp $ */ +-/* $Cambridge: exim/exim-src/src/lookups/mysql.h,v 1.5 2009/11/16 19:50:38 nm4 Exp $ */ - -/************************************************* -* Exim - an Internet mail transport agent * -*************************************************/ - --/* Copyright (c) University of Cambridge 1995 - 2007 */ +-/* Copyright (c) University of Cambridge 1995 - 2009 */ -/* See the file NOTICE for conditions of use and distribution. */ - -/* Header for the mysql lookup functions */ @@ -2297,9 +2233,9 @@ diff -uNr exim-4.69-old/src/lookups/mysql.h exim-4.69/src/lookups/mysql.h -extern uschar *mysql_quote(uschar *, uschar *); - -/* End of lookups/mysql.h */ -diff -uNr exim-4.69-old/src/lookups/nis.c exim-4.69/src/lookups/nis.c ---- exim-4.69-old/src/lookups/nis.c 2007-01-08 10:50:19.000000000 +0000 -+++ exim-4.69/src/lookups/nis.c 2008-08-13 15:30:05.000000000 +0100 +diff -uNr exim-4.71/src/lookups/nis.c exim-4.71-dynlookup/src/lookups/nis.c +--- exim-4.71/src/lookups/nis.c 2009-11-16 19:50:38.000000000 +0000 ++++ exim-4.71-dynlookup/src/lookups/nis.c 2009-12-24 19:54:50.000000000 +0000 @@ -9,19 +9,6 @@ #include "../exim.h" @@ -2382,17 +2318,17 @@ diff -uNr exim-4.69-old/src/lookups/nis.c exim-4.69/src/lookups/nis.c +lookup_module_info nis_lookup_module_info = { LOOKUP_MODULE_INFO_MAGIC, _lookup_list, 2 }; /* End of lookups/nis.c */ -diff -uNr exim-4.69-old/src/lookups/nis.h exim-4.69/src/lookups/nis.h ---- exim-4.69-old/src/lookups/nis.h 2007-01-08 10:50:19.000000000 +0000 -+++ exim-4.69/src/lookups/nis.h 1970-01-01 01:00:00.000000000 +0100 +diff -uNr exim-4.71/src/lookups/nis.h exim-4.71-dynlookup/src/lookups/nis.h +--- exim-4.71/src/lookups/nis.h 2009-11-16 19:50:38.000000000 +0000 ++++ exim-4.71-dynlookup/src/lookups/nis.h 1970-01-01 01:00:00.000000000 +0100 @@ -1,18 +0,0 @@ --/* $Cambridge: exim/exim-src/src/lookups/nis.h,v 1.4 2007/01/08 10:50:19 ph10 Exp $ */ +-/* $Cambridge: exim/exim-src/src/lookups/nis.h,v 1.5 2009/11/16 19:50:38 nm4 Exp $ */ - -/************************************************* -* Exim - an Internet mail transport agent * -*************************************************/ - --/* Copyright (c) University of Cambridge 1995 - 2007 */ +-/* Copyright (c) University of Cambridge 1995 - 2009 */ -/* See the file NOTICE for conditions of use and distribution. */ - -/* Header for the nis and nis0 lookups */ @@ -2404,9 +2340,9 @@ diff -uNr exim-4.69-old/src/lookups/nis.h exim-4.69/src/lookups/nis.h - BOOL *); - -/* End of lookups/nis.h */ -diff -uNr exim-4.69-old/src/lookups/nisplus.c exim-4.69/src/lookups/nisplus.c ---- exim-4.69-old/src/lookups/nisplus.c 2007-01-08 10:50:19.000000000 +0000 -+++ exim-4.69/src/lookups/nisplus.c 2008-08-13 15:30:05.000000000 +0100 +diff -uNr exim-4.71/src/lookups/nisplus.c exim-4.71-dynlookup/src/lookups/nisplus.c +--- exim-4.71/src/lookups/nisplus.c 2009-11-16 19:50:38.000000000 +0000 ++++ exim-4.71-dynlookup/src/lookups/nisplus.c 2009-12-24 19:54:51.000000000 +0000 @@ -9,21 +9,6 @@ #include "../exim.h" @@ -2480,17 +2416,17 @@ diff -uNr exim-4.69-old/src/lookups/nisplus.c exim-4.69/src/lookups/nisplus.c +lookup_module_info nisplus_lookup_module_info = { LOOKUP_MODULE_INFO_MAGIC, _lookup_list, 1 }; /* End of lookups/nisplus.c */ -diff -uNr exim-4.69-old/src/lookups/nisplus.h exim-4.69/src/lookups/nisplus.h ---- exim-4.69-old/src/lookups/nisplus.h 2007-01-08 10:50:19.000000000 +0000 -+++ exim-4.69/src/lookups/nisplus.h 1970-01-01 01:00:00.000000000 +0100 +diff -uNr exim-4.71/src/lookups/nisplus.h exim-4.71-dynlookup/src/lookups/nisplus.h +--- exim-4.71/src/lookups/nisplus.h 2009-11-16 19:50:38.000000000 +0000 ++++ exim-4.71-dynlookup/src/lookups/nisplus.h 1970-01-01 01:00:00.000000000 +0100 @@ -1,17 +0,0 @@ --/* $Cambridge: exim/exim-src/src/lookups/nisplus.h,v 1.4 2007/01/08 10:50:19 ph10 Exp $ */ +-/* $Cambridge: exim/exim-src/src/lookups/nisplus.h,v 1.5 2009/11/16 19:50:38 nm4 Exp $ */ - -/************************************************* -* Exim - an Internet mail transport agent * -*************************************************/ - --/* Copyright (c) University of Cambridge 1995 - 2007 */ +-/* Copyright (c) University of Cambridge 1995 - 2009 */ -/* See the file NOTICE for conditions of use and distribution. */ - -/* Header for the nisplus lookup */ @@ -2501,9 +2437,9 @@ diff -uNr exim-4.69-old/src/lookups/nisplus.h exim-4.69/src/lookups/nisplus.h -extern uschar *nisplus_quote(uschar *, uschar *); - -/* End of lookups/nisplus.h */ -diff -uNr exim-4.69-old/src/lookups/oracle.c exim-4.69/src/lookups/oracle.c ---- exim-4.69-old/src/lookups/oracle.c 2007-03-13 09:59:07.000000000 +0000 -+++ exim-4.69/src/lookups/oracle.c 2008-08-13 15:30:05.000000000 +0100 +diff -uNr exim-4.71/src/lookups/oracle.c exim-4.71-dynlookup/src/lookups/oracle.c +--- exim-4.71/src/lookups/oracle.c 2009-11-16 19:50:38.000000000 +0000 ++++ exim-4.71-dynlookup/src/lookups/oracle.c 2009-12-24 19:54:51.000000000 +0000 @@ -15,27 +15,12 @@ #include "../exim.h" @@ -2592,17 +2528,17 @@ diff -uNr exim-4.69-old/src/lookups/oracle.c exim-4.69/src/lookups/oracle.c +lookup_module_info oracle_lookup_module_info = { LOOKUP_MODULE_INFO_MAGIC, _lookup_list, 1 }; /* End of lookups/oracle.c */ -diff -uNr exim-4.69-old/src/lookups/oracle.h exim-4.69/src/lookups/oracle.h ---- exim-4.69-old/src/lookups/oracle.h 2007-01-08 10:50:19.000000000 +0000 -+++ exim-4.69/src/lookups/oracle.h 1970-01-01 01:00:00.000000000 +0100 +diff -uNr exim-4.71/src/lookups/oracle.h exim-4.71-dynlookup/src/lookups/oracle.h +--- exim-4.71/src/lookups/oracle.h 2009-11-16 19:50:38.000000000 +0000 ++++ exim-4.71-dynlookup/src/lookups/oracle.h 1970-01-01 01:00:00.000000000 +0100 @@ -1,18 +0,0 @@ --/* $Cambridge: exim/exim-src/src/lookups/oracle.h,v 1.4 2007/01/08 10:50:19 ph10 Exp $ */ +-/* $Cambridge: exim/exim-src/src/lookups/oracle.h,v 1.5 2009/11/16 19:50:38 nm4 Exp $ */ - -/************************************************* -* Exim - an Internet mail transport agent * -*************************************************/ - --/* Copyright (c) University of Cambridge 1995 - 2007 */ +-/* Copyright (c) University of Cambridge 1995 - 2009 */ -/* See the file NOTICE for conditions of use and distribution. */ - -/* Header for the Oracle lookup functions */ @@ -2614,19 +2550,18 @@ diff -uNr exim-4.69-old/src/lookups/oracle.h exim-4.69/src/lookups/oracle.h -extern uschar *oracle_quote(uschar *, uschar *); - -/* End of lookups/oracle.h */ -diff -uNr exim-4.69-old/src/lookups/passwd.c exim-4.69/src/lookups/passwd.c ---- exim-4.69-old/src/lookups/passwd.c 2007-01-08 10:50:19.000000000 +0000 -+++ exim-4.69/src/lookups/passwd.c 2008-08-13 15:30:05.000000000 +0100 -@@ -8,8 +8,6 @@ +diff -uNr exim-4.71/src/lookups/passwd.c exim-4.71-dynlookup/src/lookups/passwd.c +--- exim-4.71/src/lookups/passwd.c 2009-11-16 19:50:38.000000000 +0000 ++++ exim-4.71-dynlookup/src/lookups/passwd.c 2009-12-24 19:54:52.000000000 +0000 +@@ -8,7 +8,6 @@ /* See the file NOTICE for conditions of use and distribution. */ #include "../exim.h" -#include "passwd.h" -- - /************************************************* -@@ -18,7 +16,7 @@ + +@@ -18,7 +17,7 @@ /* See local README for interface description */ @@ -2635,7 +2570,7 @@ diff -uNr exim-4.69-old/src/lookups/passwd.c exim-4.69/src/lookups/passwd.c passwd_open(uschar *filename, uschar **errmsg) { filename = filename; /* Keep picky compilers happy */ -@@ -35,7 +33,7 @@ +@@ -35,7 +34,7 @@ /* See local README for interface description */ @@ -2644,7 +2579,7 @@ diff -uNr exim-4.69-old/src/lookups/passwd.c exim-4.69/src/lookups/passwd.c passwd_find(void *handle, uschar *filename, uschar *keystring, int length, uschar **result, uschar **errmsg, BOOL *do_cache) { -@@ -53,4 +51,22 @@ +@@ -53,4 +52,22 @@ return OK; } @@ -2667,17 +2602,17 @@ diff -uNr exim-4.69-old/src/lookups/passwd.c exim-4.69/src/lookups/passwd.c +lookup_module_info passwd_lookup_module_info = { LOOKUP_MODULE_INFO_MAGIC, _lookup_list, 1 }; + /* End of lookups/passwd.c */ -diff -uNr exim-4.69-old/src/lookups/passwd.h exim-4.69/src/lookups/passwd.h ---- exim-4.69-old/src/lookups/passwd.h 2007-01-08 10:50:19.000000000 +0000 -+++ exim-4.69/src/lookups/passwd.h 1970-01-01 01:00:00.000000000 +0100 +diff -uNr exim-4.71/src/lookups/passwd.h exim-4.71-dynlookup/src/lookups/passwd.h +--- exim-4.71/src/lookups/passwd.h 2009-11-16 19:50:38.000000000 +0000 ++++ exim-4.71-dynlookup/src/lookups/passwd.h 1970-01-01 01:00:00.000000000 +0100 @@ -1,16 +0,0 @@ --/* $Cambridge: exim/exim-src/src/lookups/passwd.h,v 1.4 2007/01/08 10:50:19 ph10 Exp $ */ +-/* $Cambridge: exim/exim-src/src/lookups/passwd.h,v 1.5 2009/11/16 19:50:38 nm4 Exp $ */ - -/************************************************* -* Exim - an Internet mail transport agent * -*************************************************/ - --/* Copyright (c) University of Cambridge 1995 - 2007 */ +-/* Copyright (c) University of Cambridge 1995 - 2009 */ -/* See the file NOTICE for conditions of use and distribution. */ - -/* Header for the passwd lookup */ @@ -2687,9 +2622,9 @@ diff -uNr exim-4.69-old/src/lookups/passwd.h exim-4.69/src/lookups/passwd.h - BOOL *); - -/* End of lookups/passwd.h */ -diff -uNr exim-4.69-old/src/lookups/pgsql.c exim-4.69/src/lookups/pgsql.c ---- exim-4.69-old/src/lookups/pgsql.c 2007-08-23 11:16:51.000000000 +0100 -+++ exim-4.69/src/lookups/pgsql.c 2008-08-13 15:30:05.000000000 +0100 +diff -uNr exim-4.71/src/lookups/pgsql.c exim-4.71-dynlookup/src/lookups/pgsql.c +--- exim-4.71/src/lookups/pgsql.c 2009-11-16 19:50:38.000000000 +0000 ++++ exim-4.71-dynlookup/src/lookups/pgsql.c 2009-12-24 19:54:52.000000000 +0000 @@ -13,21 +13,6 @@ #include "../exim.h" @@ -2772,17 +2707,17 @@ diff -uNr exim-4.69-old/src/lookups/pgsql.c exim-4.69/src/lookups/pgsql.c +lookup_module_info pgsql_lookup_module_info = { LOOKUP_MODULE_INFO_MAGIC, _lookup_list, 1 }; /* End of lookups/pgsql.c */ -diff -uNr exim-4.69-old/src/lookups/pgsql.h exim-4.69/src/lookups/pgsql.h ---- exim-4.69-old/src/lookups/pgsql.h 2007-01-08 10:50:19.000000000 +0000 -+++ exim-4.69/src/lookups/pgsql.h 1970-01-01 01:00:00.000000000 +0100 +diff -uNr exim-4.71/src/lookups/pgsql.h exim-4.71-dynlookup/src/lookups/pgsql.h +--- exim-4.71/src/lookups/pgsql.h 2009-11-16 19:50:38.000000000 +0000 ++++ exim-4.71-dynlookup/src/lookups/pgsql.h 1970-01-01 01:00:00.000000000 +0100 @@ -1,18 +0,0 @@ --/* $Cambridge: exim/exim-src/src/lookups/pgsql.h,v 1.4 2007/01/08 10:50:19 ph10 Exp $ */ +-/* $Cambridge: exim/exim-src/src/lookups/pgsql.h,v 1.5 2009/11/16 19:50:38 nm4 Exp $ */ - -/************************************************* -* Exim - an Internet mail transport agent * -*************************************************/ - --/* Copyright (c) University of Cambridge 1995 - 2007 */ +-/* Copyright (c) University of Cambridge 1995 - 2009 */ -/* See the file NOTICE for conditions of use and distribution. */ - -/* Header for the pgsql lookup functions */ @@ -2794,9 +2729,9 @@ diff -uNr exim-4.69-old/src/lookups/pgsql.h exim-4.69/src/lookups/pgsql.h -extern uschar *pgsql_quote(uschar *, uschar *); - -/* End of lookups/pgsql.h */ -diff -uNr exim-4.69-old/src/lookups/spf.c exim-4.69/src/lookups/spf.c ---- exim-4.69-old/src/lookups/spf.c 2005-06-27 19:01:02.000000000 +0100 -+++ exim-4.69/src/lookups/spf.c 2008-08-13 15:30:05.000000000 +0100 +diff -uNr exim-4.71/src/lookups/spf.c exim-4.71-dynlookup/src/lookups/spf.c +--- exim-4.71/src/lookups/spf.c 2009-11-11 14:43:28.000000000 +0000 ++++ exim-4.71-dynlookup/src/lookups/spf.c 2009-12-24 19:54:53.000000000 +0000 @@ -24,7 +24,6 @@ #else @@ -2814,7 +2749,7 @@ diff -uNr exim-4.69-old/src/lookups/spf.c exim-4.69/src/lookups/spf.c SPF_server_t *spf_server = NULL; spf_server = SPF_server_new(SPF_DNS_CACHE, 0); if (spf_server == NULL) { -@@ -42,13 +41,14 @@ +@@ -42,12 +41,12 @@ return (void *) spf_server; } @@ -2825,14 +2760,11 @@ diff -uNr exim-4.69-old/src/lookups/spf.c exim-4.69/src/lookups/spf.c } -int spf_find(void *handle, uschar *filename, uschar *keystring, int key_len, -- uschar **result, uschar **errmsg, BOOL *do_cache) { -+static int -+spf_find(void *handle, uschar *filename, uschar *keystring, int key_len, -+ uschar **result, uschar **errmsg, BOOL *do_cache) { ++static int spf_find(void *handle, uschar *filename, uschar *keystring, int key_len, + uschar **result, uschar **errmsg, BOOL *do_cache) { SPF_server_t *spf_server = handle; SPF_request_t *spf_request = NULL; - SPF_response_t *spf_response = NULL; -@@ -75,4 +75,22 @@ +@@ -75,4 +74,22 @@ return OK; } @@ -2855,9 +2787,9 @@ diff -uNr exim-4.69-old/src/lookups/spf.c exim-4.69/src/lookups/spf.c +lookup_module_info spf_lookup_module_info = { LOOKUP_MODULE_INFO_MAGIC, _lookup_list, 1 }; + #endif /* EXPERIMENTAL_SPF */ -diff -uNr exim-4.69-old/src/lookups/spf.h exim-4.69/src/lookups/spf.h ---- exim-4.69-old/src/lookups/spf.h 2005-05-25 21:07:55.000000000 +0100 -+++ exim-4.69/src/lookups/spf.h 1970-01-01 01:00:00.000000000 +0100 +diff -uNr exim-4.71/src/lookups/spf.h exim-4.71-dynlookup/src/lookups/spf.h +--- exim-4.71/src/lookups/spf.h 2005-05-25 21:07:55.000000000 +0100 ++++ exim-4.71-dynlookup/src/lookups/spf.h 2009-12-24 19:54:53.000000000 +0000 @@ -1,26 +0,0 @@ -/* $Cambridge: exim/exim-src/src/lookups/spf.h,v 1.1 2005/05/25 20:07:55 tom Exp $ */ - @@ -2885,9 +2817,9 @@ diff -uNr exim-4.69-old/src/lookups/spf.h exim-4.69/src/lookups/spf.h -extern int spf_find(void *, uschar *, uschar *, int, uschar **, uschar **, - BOOL *); - -diff -uNr exim-4.69-old/src/lookups/sqlite.c exim-4.69/src/lookups/sqlite.c ---- exim-4.69-old/src/lookups/sqlite.c 2007-01-08 10:50:19.000000000 +0000 -+++ exim-4.69/src/lookups/sqlite.c 2008-08-13 15:30:05.000000000 +0100 +diff -uNr exim-4.71/src/lookups/sqlite.c exim-4.71-dynlookup/src/lookups/sqlite.c +--- exim-4.71/src/lookups/sqlite.c 2009-11-16 19:50:38.000000000 +0000 ++++ exim-4.71-dynlookup/src/lookups/sqlite.c 2009-12-24 19:54:53.000000000 +0000 @@ -9,11 +9,7 @@ #include "../exim.h" @@ -2960,17 +2892,17 @@ diff -uNr exim-4.69-old/src/lookups/sqlite.c exim-4.69/src/lookups/sqlite.c +lookup_module_info sqlite_lookup_module_info = { LOOKUP_MODULE_INFO_MAGIC, _lookup_list, 1 }; /* End of lookups/sqlite.c */ -diff -uNr exim-4.69-old/src/lookups/sqlite.h exim-4.69/src/lookups/sqlite.h ---- exim-4.69-old/src/lookups/sqlite.h 2007-01-08 10:50:19.000000000 +0000 -+++ exim-4.69/src/lookups/sqlite.h 1970-01-01 01:00:00.000000000 +0100 +diff -uNr exim-4.71/src/lookups/sqlite.h exim-4.71-dynlookup/src/lookups/sqlite.h +--- exim-4.71/src/lookups/sqlite.h 2009-11-16 19:50:38.000000000 +0000 ++++ exim-4.71-dynlookup/src/lookups/sqlite.h 1970-01-01 01:00:00.000000000 +0100 @@ -1,18 +0,0 @@ --/* $Cambridge: exim/exim-src/src/lookups/sqlite.h,v 1.3 2007/01/08 10:50:19 ph10 Exp $ */ +-/* $Cambridge: exim/exim-src/src/lookups/sqlite.h,v 1.4 2009/11/16 19:50:38 nm4 Exp $ */ - -/************************************************* -* Exim - an Internet mail transport agent * -*************************************************/ - --/* Copyright (c) University of Cambridge 1995 - 2007 */ +-/* Copyright (c) University of Cambridge 1995 - 2009 */ -/* See the file NOTICE for conditions of use and distribution. */ - -/* Header for the sqlite lookup */ @@ -2982,19 +2914,18 @@ diff -uNr exim-4.69-old/src/lookups/sqlite.h exim-4.69/src/lookups/sqlite.h -extern uschar *sqlite_quote(uschar *, uschar *); - -/* End of lookups/sqlite.h */ -diff -uNr exim-4.69-old/src/lookups/testdb.c exim-4.69/src/lookups/testdb.c ---- exim-4.69-old/src/lookups/testdb.c 2007-01-08 10:50:19.000000000 +0000 -+++ exim-4.69/src/lookups/testdb.c 2008-08-13 15:30:05.000000000 +0100 -@@ -9,8 +9,6 @@ +diff -uNr exim-4.71/src/lookups/testdb.c exim-4.71-dynlookup/src/lookups/testdb.c +--- exim-4.71/src/lookups/testdb.c 2009-11-16 19:50:38.000000000 +0000 ++++ exim-4.71-dynlookup/src/lookups/testdb.c 2009-12-24 19:54:54.000000000 +0000 +@@ -9,7 +9,6 @@ #include "../exim.h" #include "lf_functions.h" -#include "testdb.h" -- + /* These are not real lookup functions; they are just a way of testing the - rest of Exim by providing an easy way of specifying particular yields from -@@ -23,7 +21,7 @@ +@@ -23,7 +22,7 @@ /* See local README for interface description. */ @@ -3003,7 +2934,7 @@ diff -uNr exim-4.69-old/src/lookups/testdb.c exim-4.69/src/lookups/testdb.c testdb_open(uschar *filename, uschar **errmsg) { filename = filename; /* Keep picky compilers happy */ -@@ -39,7 +37,7 @@ +@@ -39,7 +38,7 @@ /* See local README for interface description. */ @@ -3012,7 +2943,7 @@ diff -uNr exim-4.69-old/src/lookups/testdb.c exim-4.69/src/lookups/testdb.c testdb_find(void *handle, uschar *filename, uschar *query, int length, uschar **result, uschar **errmsg, BOOL *do_cache) { -@@ -66,4 +64,22 @@ +@@ -66,4 +65,22 @@ return OK; } @@ -3035,17 +2966,17 @@ diff -uNr exim-4.69-old/src/lookups/testdb.c exim-4.69/src/lookups/testdb.c +lookup_module_info testdb_lookup_module_info = { LOOKUP_MODULE_INFO_MAGIC, _lookup_list, 1 }; + /* End of lookups/testdb.c */ -diff -uNr exim-4.69-old/src/lookups/testdb.h exim-4.69/src/lookups/testdb.h ---- exim-4.69-old/src/lookups/testdb.h 2007-01-08 10:50:19.000000000 +0000 -+++ exim-4.69/src/lookups/testdb.h 1970-01-01 01:00:00.000000000 +0100 +diff -uNr exim-4.71/src/lookups/testdb.h exim-4.71-dynlookup/src/lookups/testdb.h +--- exim-4.71/src/lookups/testdb.h 2009-11-16 19:50:38.000000000 +0000 ++++ exim-4.71-dynlookup/src/lookups/testdb.h 1970-01-01 01:00:00.000000000 +0100 @@ -1,16 +0,0 @@ --/* $Cambridge: exim/exim-src/src/lookups/testdb.h,v 1.4 2007/01/08 10:50:19 ph10 Exp $ */ +-/* $Cambridge: exim/exim-src/src/lookups/testdb.h,v 1.5 2009/11/16 19:50:38 nm4 Exp $ */ - -/************************************************* -* Exim - an Internet mail transport agent * -*************************************************/ - --/* Copyright (c) University of Cambridge 1995 - 2007 */ +-/* Copyright (c) University of Cambridge 1995 - 2009 */ -/* See the file NOTICE for conditions of use and distribution. */ - -/* Header for the testdb lookup */ @@ -3055,10 +2986,10 @@ diff -uNr exim-4.69-old/src/lookups/testdb.h exim-4.69/src/lookups/testdb.h - BOOL *); - -/* End of lookups/testdb.h */ -diff -uNr exim-4.69-old/src/lookups/whoson.c exim-4.69/src/lookups/whoson.c ---- exim-4.69-old/src/lookups/whoson.c 2007-01-08 10:50:19.000000000 +0000 -+++ exim-4.69/src/lookups/whoson.c 2008-08-13 15:30:05.000000000 +0100 -@@ -12,23 +12,7 @@ +diff -uNr exim-4.71/src/lookups/whoson.c exim-4.71-dynlookup/src/lookups/whoson.c +--- exim-4.71/src/lookups/whoson.c 2009-11-16 19:50:38.000000000 +0000 ++++ exim-4.71-dynlookup/src/lookups/whoson.c 2009-12-24 19:54:54.000000000 +0000 +@@ -12,22 +12,7 @@ #include "../exim.h" @@ -3078,11 +3009,10 @@ diff -uNr exim-4.69-old/src/lookups/whoson.c exim-4.69/src/lookups/whoson.c - #include /* Public header */ -#include "whoson.h" /* Local header */ -- + /************************************************* - * Open entry point * -@@ -36,7 +20,7 @@ +@@ -36,7 +21,7 @@ /* See local README for interface description. */ @@ -3091,7 +3021,7 @@ diff -uNr exim-4.69-old/src/lookups/whoson.c exim-4.69/src/lookups/whoson.c whoson_open(uschar *filename, uschar **errmsg) { filename = filename; /* Keep picky compilers happy */ -@@ -51,7 +35,7 @@ +@@ -51,7 +36,7 @@ /* See local README for interface description. */ @@ -3100,7 +3030,7 @@ diff -uNr exim-4.69-old/src/lookups/whoson.c exim-4.69/src/lookups/whoson.c whoson_find(void *handle, uschar *filename, uschar *query, int length, uschar **result, uschar **errmsg, BOOL *do_cache) { -@@ -77,6 +61,22 @@ +@@ -77,6 +62,22 @@ } } @@ -3124,17 +3054,17 @@ diff -uNr exim-4.69-old/src/lookups/whoson.c exim-4.69/src/lookups/whoson.c +lookup_module_info whoson_lookup_module_info = { LOOKUP_MODULE_INFO_MAGIC, _lookup_list, 1 }; /* End of lookups/whoson.c */ -diff -uNr exim-4.69-old/src/lookups/whoson.h exim-4.69/src/lookups/whoson.h ---- exim-4.69-old/src/lookups/whoson.h 2007-01-08 10:50:19.000000000 +0000 -+++ exim-4.69/src/lookups/whoson.h 1970-01-01 01:00:00.000000000 +0100 +diff -uNr exim-4.71/src/lookups/whoson.h exim-4.71-dynlookup/src/lookups/whoson.h +--- exim-4.71/src/lookups/whoson.h 2009-11-16 19:50:38.000000000 +0000 ++++ exim-4.71-dynlookup/src/lookups/whoson.h 1970-01-01 01:00:00.000000000 +0100 @@ -1,16 +0,0 @@ --/* $Cambridge: exim/exim-src/src/lookups/whoson.h,v 1.4 2007/01/08 10:50:19 ph10 Exp $ */ +-/* $Cambridge: exim/exim-src/src/lookups/whoson.h,v 1.5 2009/11/16 19:50:38 nm4 Exp $ */ - -/************************************************* -* Exim - an Internet mail transport agent * -*************************************************/ - --/* Copyright (c) University of Cambridge 1995 - 2007 */ +-/* Copyright (c) University of Cambridge 1995 - 2009 */ -/* See the file NOTICE for conditions of use and distribution. */ - -/* Header for the whoson lookup */ @@ -3144,9 +3074,9 @@ diff -uNr exim-4.69-old/src/lookups/whoson.h exim-4.69/src/lookups/whoson.h - BOOL *); - -/* End of lookups/whoson.h */ -diff -uNr exim-4.69-old/src/macros.h exim-4.69/src/macros.h ---- exim-4.69-old/src/macros.h 2007-08-22 11:10:23.000000000 +0100 -+++ exim-4.69/src/macros.h 2008-08-13 15:30:05.000000000 +0100 +diff -uNr exim-4.71/src/macros.h exim-4.71-dynlookup/src/macros.h +--- exim-4.71/src/macros.h 2009-11-16 19:50:37.000000000 +0000 ++++ exim-4.71-dynlookup/src/macros.h 2009-12-24 19:54:55.000000000 +0000 @@ -96,7 +96,7 @@ /* A macro to simplify testing bits in lookup types */ @@ -3156,9 +3086,9 @@ diff -uNr exim-4.69-old/src/macros.h exim-4.69/src/macros.h /* Debugging control */ -diff -uNr exim-4.69-old/src/search.c exim-4.69/src/search.c ---- exim-4.69-old/src/search.c 2007-08-29 15:02:22.000000000 +0100 -+++ exim-4.69/src/search.c 2008-08-13 15:30:05.000000000 +0100 +diff -uNr exim-4.71/src/search.c exim-4.71-dynlookup/src/search.c +--- exim-4.71/src/search.c 2009-11-16 19:50:37.000000000 +0000 ++++ exim-4.71-dynlookup/src/search.c 2009-12-24 19:54:55.000000000 +0000 @@ -71,7 +71,7 @@ while (top > bot) { @@ -3245,9 +3175,9 @@ diff -uNr exim-4.69-old/src/search.c exim-4.69/src/search.c { search_cache *c = (search_cache *)(t->data.ptr); tree_node *up = c->up; -diff -uNr exim-4.69-old/src/structs.h exim-4.69/src/structs.h ---- exim-4.69-old/src/structs.h 2007-06-18 14:57:50.000000000 +0100 -+++ exim-4.69/src/structs.h 2008-08-13 15:30:05.000000000 +0100 +diff -uNr exim-4.71/src/structs.h exim-4.71-dynlookup/src/structs.h +--- exim-4.71/src/structs.h 2009-11-16 19:50:37.000000000 +0000 ++++ exim-4.71-dynlookup/src/structs.h 2009-12-24 19:54:55.000000000 +0000 @@ -322,34 +322,7 @@ /* Structure for holding information about a lookup type. */ @@ -3284,10 +3214,10 @@ diff -uNr exim-4.69-old/src/structs.h exim-4.69/src/structs.h /* Structure for holding information about the configured authentication -diff -uNr exim-4.69-old/src/verify.c exim-4.69/src/verify.c ---- exim-4.69-old/src/verify.c 2007-06-14 15:18:19.000000000 +0100 -+++ exim-4.69/src/verify.c 2008-08-13 15:30:05.000000000 +0100 -@@ -2219,7 +2219,7 @@ +diff -uNr exim-4.71/src/verify.c exim-4.71-dynlookup/src/verify.c +--- exim-4.71/src/verify.c 2009-11-16 19:50:37.000000000 +0000 ++++ exim-4.71-dynlookup/src/verify.c 2009-12-24 19:54:55.000000000 +0000 +@@ -2256,7 +2256,7 @@ } else /* Single-key style */ { diff --git a/exim.spec b/exim.spec index a3a77be..ad36a5d 100644 --- a/exim.spec +++ b/exim.spec @@ -11,8 +11,8 @@ Summary: The exim mail transfer agent Name: exim -Version: 4.69 -Release: 19%{?dist} +Version: 4.71 +Release: 1%{?dist} License: GPLv2+ Url: http://www.exim.org/ Group: System Environment/Daemons @@ -44,17 +44,15 @@ Patch8: exim-4.24-libdir.patch Patch12: exim-4.33-cyrus.patch Patch13: exim-4.43-pamconfig.patch Patch14: exim-4.50-spamdconf.patch -Patch15: exim-4.52-dynamic-pcre.patch -Patch18: exim-4.62-dlopen-localscan.patch +Patch18: exim-4.71-dlopen-localscan.patch Patch19: exim-4.63-procmail.patch Patch20: exim-4.63-allow-filter.patch Patch21: exim-4.63-localhost-is-local.patch Patch22: exim-4.66-greylist-conf.patch Patch23: exim-4.67-smarthost-config.patch -Patch24: exim-4.69-dynlookup.patch +Patch24: exim-4.71-dynlookup.patch Patch25: exim-4.69-dynlookup-config.patch Patch26: exim-4.69-strictaliasing.patch -Patch27: exim-4.69-expand-spamd.patch Requires: /etc/pki/tls/certs /etc/pki/tls/private Requires: /etc/aliases @@ -176,7 +174,6 @@ greylisting unconditional. %patch12 -p1 -b .cyrus %patch13 -p1 -b .pam %patch14 -p1 -b .spamd -%patch15 -p1 -b .pcre %patch18 -p1 -b .dl %patch19 -p1 -b .procmail %patch20 -p1 -b .filter @@ -186,7 +183,6 @@ greylisting unconditional. %patch24 -p1 -b .dynlookup %patch25 -p1 -b .dynconfig %patch26 -p1 -b .strictaliasing -%patch27 -p1 -b .expandspamd cp src/EDITME Local/Makefile sed -i 's@^# LOOKUP_MODULE_DIR=.*@LOOKUP_MODULE_DIR=%{_libdir}/exim/%{version}-%{release}/lookups@' Local/Makefile @@ -487,6 +483,9 @@ test "$1" = 0 || %{_initrddir}/clamd.exim condrestart >/dev/null || : %{_sysconfdir}/cron.daily/greylist-tidy.sh %changelog +* Thu Dec 24 2009 David Woodhouse - 4.69-20 +- Update to 4.71 + * Fri Dec 4 2009 Stepan Kasal - 4.69-19 - rebuild against perl 5.10.1 diff --git a/sources b/sources index 45970ad..0790472 100644 --- a/sources +++ b/sources @@ -1,2 +1,2 @@ ad76f73c6b3d01caa88078e3e622745a sa-exim-4.2.tar.gz -6f29f073328c858d8554b08cc0c3c2be exim-4.69.tar.bz2 +f9c5a2d94b5bb132d06e2fff85bef75e exim-4.71.tar.bz2 From b7b8814988363fc395d4f164e549de7ab09e14f1 Mon Sep 17 00:00:00 2001 From: Adam Jackson Date: Tue, 9 Feb 2010 22:46:09 +0000 Subject: [PATCH 091/194] - Fix FTBFS with --no-add-needed --- exim.spec | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/exim.spec b/exim.spec index ad36a5d..4778e40 100644 --- a/exim.spec +++ b/exim.spec @@ -12,7 +12,7 @@ Summary: The exim mail transfer agent Name: exim Version: 4.71 -Release: 1%{?dist} +Release: 2%{?dist} License: GPLv2+ Url: http://www.exim.org/ Group: System Environment/Daemons @@ -186,6 +186,7 @@ greylisting unconditional. cp src/EDITME Local/Makefile sed -i 's@^# LOOKUP_MODULE_DIR=.*@LOOKUP_MODULE_DIR=%{_libdir}/exim/%{version}-%{release}/lookups@' Local/Makefile +sed -i 's@^# AUTH_LIBS=-lsasl2@AUTH_LIBS=-lsasl2@' Local/Makefile cp exim_monitor/EDITME Local/eximon.conf @@ -483,6 +484,9 @@ test "$1" = 0 || %{_initrddir}/clamd.exim condrestart >/dev/null || : %{_sysconfdir}/cron.daily/greylist-tidy.sh %changelog +* Tue Feb 09 2010 Adam Jackson 4.71-2 +- Fix FTBFS with --no-add-needed + * Thu Dec 24 2009 David Woodhouse - 4.69-20 - Update to 4.71 From 15a096b486b9403c1d493ae35ee78b7946537b52 Mon Sep 17 00:00:00 2001 From: Miroslav Lichvar Date: Thu, 18 Mar 2010 15:46:04 +0000 Subject: [PATCH 092/194] - follow guidelines for alternatives (#570800) - fix init script LSB compliance (#523238) - handle undefined NETWORKING in init script (#483528) --- exim.init | 30 +++++++++++++++--------------- exim.spec | 28 +++++++++++++++++++++++++--- 2 files changed, 40 insertions(+), 18 deletions(-) diff --git a/exim.init b/exim.init index 1a86e30..58ffd51 100644 --- a/exim.init +++ b/exim.init @@ -23,11 +23,6 @@ else QUEUE=1h fi -# Check that networking is up. -[ ${NETWORKING} = "no" ] && exit 0 - -[ -f /usr/sbin/exim ] || exit 0 - gen_cert() { if [ ! -f /etc/pki/tls/certs/exim.pem ] ; then umask 077 @@ -59,6 +54,10 @@ EOF } start() { + [ "$EUID" != "0" ] && exit 4 + [ "${NETWORKING}" = "no" ] && exit 1 + [ -f /usr/sbin/exim ] || exit 5 + # check ownerships # do this by seeing if /var/log/exim/main.log exists and is # owned by exim - if owned by someone else we fix it up @@ -83,6 +82,7 @@ start() { } stop() { + [ "$EUID" != "0" ] && exit 4 # Stop daemons. echo -n $"Shutting down exim: " killproc exim @@ -107,22 +107,22 @@ case "$1" in restart) restart ;; - reload) - if [ -f /var/lock/subsys/exim ]; then - echo -n $"Reloading exim:" - killproc exim -HUP - echo - fi + reload|force-reload) + status exim > /dev/null || exit 7 + echo -n $"Reloading exim:" + killproc exim -HUP + echo ;; - condrestart) - [ -f /var/lock/subsys/exim ] && restart || : + condrestart|try-restart) + status exim > /dev/null || exit 0 + restart ;; status) status exim ;; *) - echo $"Usage: $0 {start|stop|restart|reload|status|condrestart}" - exit 1 + echo $"Usage: $0 {start|stop|restart|reload|force-reload|status|condrestart|try-restart}" + exit 2 esac exit $RETVAL diff --git a/exim.spec b/exim.spec index 4778e40..64f3fb3 100644 --- a/exim.spec +++ b/exim.spec @@ -12,13 +12,12 @@ Summary: The exim mail transfer agent Name: exim Version: 4.71 -Release: 2%{?dist} +Release: 3%{?dist} License: GPLv2+ Url: http://www.exim.org/ Group: System Environment/Daemons Buildroot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) -Provides: MTA smtpd smtpdaemon server(smtp) /usr/bin/newaliases -Provides: /usr/sbin/sendmail /usr/bin/mailq /usr/bin/rmail +Provides: MTA smtpd smtpdaemon server(smtp) Requires(post): /sbin/chkconfig /sbin/service %{_sbindir}/alternatives Requires(preun): /sbin/chkconfig /sbin/service %{_sbindir}/alternatives Requires(pre): %{_sbindir}/groupadd, %{_sbindir}/useradd @@ -292,6 +291,14 @@ mkdir -p $RPM_BUILD_ROOT/etc/pki/tls/{certs,private} touch $RPM_BUILD_ROOT/etc/pki/tls/{certs,private}/exim.pem chmod 600 $RPM_BUILD_ROOT/etc/pki/tls/{certs,private}/exim.pem +# generate alternatives ghosts +mkdir -p $RPM_BUILD_ROOT%{_mandir}/man1 +for i in %{_sbindir}/sendmail %{_bindir}/{mailq,runq,rsmtp,rmail,newaliases} \ + /usr/lib/sendmail %{_sysconfdir}/pam.d/smtp %{_mandir}/man1/mailq.1.gz +do + touch $RPM_BUILD_ROOT$i +done + %if 0%{?buildclam} # Munge the clamav init and config files from clamav-devel. This really ought # to be a subpackage of clamav, but this hack will have to do for now. @@ -430,6 +437,16 @@ fi %attr(0600,root,root) %ghost %config(missingok,noreplace) %verify(not md5 size mtime) /etc/pki/tls/certs/exim.pem %attr(0600,root,root) %ghost %config(missingok,noreplace) %verify(not md5 size mtime) /etc/pki/tls/private/exim.pem +%attr(0755,root,root) %ghost %{_sbindir}/sendmail +%attr(0755,root,root) %ghost %{_bindir}/mailq +%attr(0755,root,root) %ghost %{_bindir}/runq +%attr(0755,root,root) %ghost %{_bindir}/rsmtp +%attr(0755,root,root) %ghost %{_bindir}/rmail +%attr(0755,root,root) %ghost %{_bindir}/newaliases +%attr(0755,root,root) %ghost /usr/lib/sendmail +%ghost %{_sysconfdir}/pam.d/smtp +%ghost %{_mandir}/man1/mailq.1.gz + %files mysql %defattr(-,root,root,-) %{_libdir}/exim/%{version}-%{release}/lookups/mysql.so @@ -484,6 +501,11 @@ test "$1" = 0 || %{_initrddir}/clamd.exim condrestart >/dev/null || : %{_sysconfdir}/cron.daily/greylist-tidy.sh %changelog +* Thu Mar 18 2010 Miroslav Lichvar - 4.71-3 +- follow guidelines for alternatives (#570800) +- fix init script LSB compliance (#523238) +- handle undefined NETWORKING in init script (#483528) + * Tue Feb 09 2010 Adam Jackson 4.71-2 - Fix FTBFS with --no-add-needed From bdade3dc7fd4efa23a8293dbacf423a625e13e5c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marcela=20Ma=C5=A1l=C3=A1=C5=88ov=C3=A1?= Date: Tue, 1 Jun 2010 14:49:55 +0000 Subject: [PATCH 093/194] - Mass rebuild with perl-5.12.0 --- exim.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/exim.spec b/exim.spec index 64f3fb3..b6e25d4 100644 --- a/exim.spec +++ b/exim.spec @@ -12,7 +12,7 @@ Summary: The exim mail transfer agent Name: exim Version: 4.71 -Release: 3%{?dist} +Release: 4%{?dist} License: GPLv2+ Url: http://www.exim.org/ Group: System Environment/Daemons @@ -501,6 +501,9 @@ test "$1" = 0 || %{_initrddir}/clamd.exim condrestart >/dev/null || : %{_sysconfdir}/cron.daily/greylist-tidy.sh %changelog +* Tue Jun 01 2010 Marcela Maslanova - 4.71-4 +- Mass rebuild with perl-5.12.0 + * Thu Mar 18 2010 Miroslav Lichvar - 4.71-3 - follow guidelines for alternatives (#570800) - fix init script LSB compliance (#523238) From 367e8b3761a5db7d636e78c73ef8d99c8c00a620 Mon Sep 17 00:00:00 2001 From: David Woodhouse Date: Thu, 3 Jun 2010 22:59:12 +0000 Subject: [PATCH 094/194] 4.72 --- .cvsignore | 2 +- exim.spec | 7 +++++-- sources | 2 +- 3 files changed, 7 insertions(+), 4 deletions(-) diff --git a/.cvsignore b/.cvsignore index 7c4b032..8f0b2c8 100644 --- a/.cvsignore +++ b/.cvsignore @@ -1,2 +1,2 @@ sa-exim-4.2.tar.gz -exim-4.71.tar.bz2 +exim-4.72.tar.bz2 diff --git a/exim.spec b/exim.spec index b6e25d4..a0bc4a0 100644 --- a/exim.spec +++ b/exim.spec @@ -11,8 +11,8 @@ Summary: The exim mail transfer agent Name: exim -Version: 4.71 -Release: 4%{?dist} +Version: 4.72 +Release: 1%{?dist} License: GPLv2+ Url: http://www.exim.org/ Group: System Environment/Daemons @@ -501,6 +501,9 @@ test "$1" = 0 || %{_initrddir}/clamd.exim condrestart >/dev/null || : %{_sysconfdir}/cron.daily/greylist-tidy.sh %changelog +* Thu Jun 03 2010 David Woodhouse - 4.72-1 +- Update to 4.72 (fixes CVE-2010-2023, CVS-2010-2024) + * Tue Jun 01 2010 Marcela Maslanova - 4.71-4 - Mass rebuild with perl-5.12.0 diff --git a/sources b/sources index 0790472..f0b23ba 100644 --- a/sources +++ b/sources @@ -1,2 +1,2 @@ ad76f73c6b3d01caa88078e3e622745a sa-exim-4.2.tar.gz -f9c5a2d94b5bb132d06e2fff85bef75e exim-4.71.tar.bz2 +ccc937b533568e5e8340f181a3b3d2ff exim-4.72.tar.bz2 From 83a73d4cfdff7e5665c9e0e6d47956af5ee01f44 Mon Sep 17 00:00:00 2001 From: Fedora Release Engineering Date: Wed, 28 Jul 2010 14:07:43 +0000 Subject: [PATCH 095/194] dist-git conversion --- .cvsignore => .gitignore | 0 Makefile | 21 --------------------- 2 files changed, 21 deletions(-) rename .cvsignore => .gitignore (100%) delete mode 100644 Makefile diff --git a/.cvsignore b/.gitignore similarity index 100% rename from .cvsignore rename to .gitignore diff --git a/Makefile b/Makefile deleted file mode 100644 index 8d64618..0000000 --- a/Makefile +++ /dev/null @@ -1,21 +0,0 @@ -# Makefile for source rpm: exim -# $Id$ -NAME := exim -SPECFILE = $(firstword $(wildcard *.spec)) - -define find-makefile-common -for d in common ../common ../../common ; do if [ -f $$d/Makefile.common ] ; then if [ -f $$d/CVS/Root -a -w $$d/Makefile.common ] ; then cd $$d ; cvs -Q update ; fi ; echo "$$d/Makefile.common" ; break ; fi ; done -endef - -MAKEFILE_COMMON := $(shell $(find-makefile-common)) - -ifeq ($(MAKEFILE_COMMON),) -# attept a checkout -define checkout-makefile-common -test -f CVS/Root && { cvs -Q -d $$(cat CVS/Root) checkout common && echo "common/Makefile.common" ; } || { echo "ERROR: I can't figure out how to checkout the 'common' module." ; exit -1 ; } >&2 -endef - -MAKEFILE_COMMON := $(shell $(checkout-makefile-common)) -endif - -include $(MAKEFILE_COMMON) From 15be3211fcc6c322f9d362844519f5934cf56e3e Mon Sep 17 00:00:00 2001 From: David Woodhouse Date: Sat, 7 Aug 2010 21:33:01 +0100 Subject: [PATCH 096/194] bump --- exim.spec | 3 +++ 1 file changed, 3 insertions(+) diff --git a/exim.spec b/exim.spec index a0bc4a0..53e9b74 100644 --- a/exim.spec +++ b/exim.spec @@ -501,6 +501,9 @@ test "$1" = 0 || %{_initrddir}/clamd.exim condrestart >/dev/null || : %{_sysconfdir}/cron.daily/greylist-tidy.sh %changelog +* Sat Aug 07 2010 David Woodhouse - 4.72-2 +- Fedora infrastructure ate my package; bump release and rebuild + * Thu Jun 03 2010 David Woodhouse - 4.72-1 - Update to 4.72 (fixes CVE-2010-2023, CVS-2010-2024) From ebd9bc34901dc6834dd3bfc77bf52e5063f107c8 Mon Sep 17 00:00:00 2001 From: David Woodhouse Date: Sat, 7 Aug 2010 21:34:41 +0100 Subject: [PATCH 097/194] really bump --- exim.spec | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/exim.spec b/exim.spec index 53e9b74..75d3385 100644 --- a/exim.spec +++ b/exim.spec @@ -12,7 +12,7 @@ Summary: The exim mail transfer agent Name: exim Version: 4.72 -Release: 1%{?dist} +Release: 2%{?dist} License: GPLv2+ Url: http://www.exim.org/ Group: System Environment/Daemons From 40aaa859ca302b9301f019dd245e907ebf4bedd3 Mon Sep 17 00:00:00 2001 From: David Woodhouse Date: Wed, 5 Jan 2011 23:11:46 +0000 Subject: [PATCH 098/194] Update to 4.73 --- .gitignore | 1 + ....50-config.patch => exim-4.73-config.patch | 85 +- ...nlookup.patch => exim-4.73-dynlookup.patch | 2198 +++++++++-------- exim.spec | 20 +- sources | 3 +- trusted-configs | 6 + 6 files changed, 1224 insertions(+), 1089 deletions(-) rename exim-4.50-config.patch => exim-4.73-config.patch (83%) rename exim-4.71-dynlookup.patch => exim-4.73-dynlookup.patch (84%) create mode 100644 trusted-configs diff --git a/.gitignore b/.gitignore index 8f0b2c8..62993dc 100644 --- a/.gitignore +++ b/.gitignore @@ -1,2 +1,3 @@ sa-exim-4.2.tar.gz exim-4.72.tar.bz2 +/exim-4.73.tar.bz2 diff --git a/exim-4.50-config.patch b/exim-4.73-config.patch similarity index 83% rename from exim-4.50-config.patch rename to exim-4.73-config.patch index e42168b..06418e7 100644 --- a/exim-4.50-config.patch +++ b/exim-4.73-config.patch @@ -1,5 +1,16 @@ ---- exim-4.71/src/EDITME.config 2009-11-20 12:18:19.000000000 +0000 -+++ exim-4.71/src/EDITME 2009-12-24 19:02:19.000000000 +0000 +--- exim-4.73/scripts/Configure-Makefile.config 2010-12-26 18:17:23.000000000 +0000 ++++ exim-4.73/scripts/Configure-Makefile 2011-01-05 22:25:49.000000000 +0000 +@@ -137,7 +137,7 @@ if [ "${EXIM_PERL}" != "" ] ; then + + mv $mft $mftt + echo "PERL_CC=`$PERL_COMMAND -MConfig -e 'print $Config{cc}'`" >>$mft +- echo "PERL_CCOPTS=`$PERL_COMMAND -MExtUtils::Embed -e ccopts`" >>$mft ++ echo "PERL_CCOPTS=`$PERL_COMMAND -MExtUtils::Embed -e ccopts` \$(CFLAGS)" >>$mft + echo "PERL_LIBS=`$PERL_COMMAND -MExtUtils::Embed -e ldopts`" >>$mft + echo "" >>$mft + cat $mftt >> $mft +--- exim-4.73/src/EDITME.config 2010-12-26 18:17:23.000000000 +0000 ++++ exim-4.73/src/EDITME 2011-01-05 22:29:05.000000000 +0000 @@ -100,7 +100,7 @@ # /usr/local/sbin. The installation script will try to create this directory, # and any superior directories, if they do not exist. @@ -18,16 +29,16 @@ # It is possible to specify a colon-separated list of files for CONFIGURE_FILE. # In this case, Exim will use the first of them that exists when it is run. -@@ -134,7 +134,7 @@ CONFIGURE_FILE=/usr/exim/configure - # owner of a local mailbox.) Specifying these values as root is very strongly - # discouraged. +@@ -133,7 +133,7 @@ CONFIGURE_FILE=/usr/exim/configure + # deliveries. (Local deliveries run as various non-root users, typically as the + # owner of a local mailbox.) Specifying these values as root is not supported. -EXIM_USER= +EXIM_USER=93 # If you specify EXIM_USER as a name, this is looked up at build time, and the # uid number is built into the binary. However, you can specify that this -@@ -155,7 +155,7 @@ EXIM_USER= +@@ -154,7 +154,7 @@ EXIM_USER= # for EXIM_USER (e.g. EXIM_USER=exim), you don't need to set EXIM_GROUP unless # you want to use a group other than the default group for the given user. @@ -36,7 +47,7 @@ # Many sites define a user called "exim", with an appropriate default group, # and use -@@ -235,7 +235,7 @@ TRANSPORT_SMTP=yes +@@ -234,7 +234,7 @@ TRANSPORT_SMTP=yes # This one is special-purpose, and commonly not required, so it is not # included by default. @@ -45,7 +56,7 @@ #------------------------------------------------------------------------------ -@@ -244,9 +244,9 @@ TRANSPORT_SMTP=yes +@@ -243,9 +243,9 @@ TRANSPORT_SMTP=yes # MBX, is included only when requested. If you do not know what this is about, # leave these settings commented out. @@ -58,7 +69,7 @@ #------------------------------------------------------------------------------ -@@ -262,17 +262,20 @@ LOOKUP_DBM=yes +@@ -261,17 +261,20 @@ LOOKUP_DBM=yes LOOKUP_LSEARCH=yes LOOKUP_DNSDB=yes @@ -88,7 +99,7 @@ # LOOKUP_WHOSON=yes # These two settings are obsolete; all three lookups are compiled when -@@ -343,14 +346,14 @@ EXIM_MONITOR=eximon.bin +@@ -342,14 +345,14 @@ EXIM_MONITOR=eximon.bin # and the MIME ACL. Please read the documentation to learn more about these # features. @@ -103,9 +114,18 @@ -# WITH_OLD_DEMIME=yes +WITH_OLD_DEMIME=yes + # If you're using ClamAV and are backporting fixes to an old version, instead + # of staying current (which is the more usual approach) then you may need to +@@ -482,7 +485,7 @@ FIXED_NEVER_USERS=root + # CONFIGURE_OWNER setting, to specify a configuration file which is listed in + # the TRUSTED_CONFIG_LIST file, then root privileges are not dropped by Exim. + +-# TRUSTED_CONFIG_LIST=/usr/exim/trusted_configs ++TRUSTED_CONFIG_LIST=/etc/exim/trusted-configs + + #------------------------------------------------------------------------------ - # Compiling Exim with experimental features. These are documented in -@@ -486,11 +489,11 @@ FIXED_NEVER_USERS=root +@@ -527,11 +530,11 @@ FIXED_NEVER_USERS=root # included in the Exim binary. You will then need to set up the run time # configuration to make use of the mechanism(s) selected. @@ -122,7 +142,7 @@ #------------------------------------------------------------------------------ -@@ -507,7 +510,7 @@ FIXED_NEVER_USERS=root +@@ -548,7 +551,7 @@ FIXED_NEVER_USERS=root # one that is set in the headers_charset option. The default setting is # defined by this setting: @@ -131,7 +151,7 @@ # If you are going to make use of $header_xxx expansions in your configuration # file, or if your users are going to use them in filter files, and the normal -@@ -527,7 +530,7 @@ HEADERS_CHARSET="ISO-8859-1" +@@ -568,7 +571,7 @@ HEADERS_CHARSET="ISO-8859-1" # the Sieve filter support. For those OS where iconv() is known to be installed # as standard, the file in OS/Makefile-xxxx contains # @@ -140,7 +160,7 @@ # # If you are not using one of those systems, but have installed iconv(), you # need to uncomment that line above. In some cases, you may find that iconv() -@@ -589,10 +592,11 @@ HEADERS_CHARSET="ISO-8859-1" +@@ -630,10 +633,11 @@ HEADERS_CHARSET="ISO-8859-1" # leave these settings commented out. # This setting is required for any TLS support (either OpenSSL or GnuTLS) @@ -154,7 +174,7 @@ # Uncomment these settings if you are using GnuTLS # USE_GNUTLS=yes -@@ -643,7 +647,7 @@ HEADERS_CHARSET="ISO-8859-1" +@@ -684,7 +688,7 @@ HEADERS_CHARSET="ISO-8859-1" # Once you have done this, "make install" will build the info files and # install them in the directory you have defined. @@ -163,7 +183,7 @@ #------------------------------------------------------------------------------ -@@ -656,7 +660,7 @@ HEADERS_CHARSET="ISO-8859-1" +@@ -697,7 +701,7 @@ HEADERS_CHARSET="ISO-8859-1" # %s. This will be replaced by one of the strings "main", "panic", or "reject" # to form the final file names. Some installations may want something like this: @@ -172,7 +192,7 @@ # which results in files with names /var/log/exim_mainlog, etc. The directory # in which the log files are placed must exist; Exim does not try to create -@@ -705,7 +709,7 @@ EXICYCLOG_MAX=10 +@@ -746,7 +750,7 @@ EXICYCLOG_MAX=10 # files. Both the name of the command and the suffix that it adds to files # need to be defined here. See also the EXICYCLOG_MAX configuration. @@ -181,7 +201,7 @@ COMPRESS_SUFFIX=gz -@@ -713,7 +717,7 @@ COMPRESS_SUFFIX=gz +@@ -754,7 +758,7 @@ COMPRESS_SUFFIX=gz # If the exigrep utility is fed compressed log files, it tries to uncompress # them using this command. @@ -190,7 +210,7 @@ #------------------------------------------------------------------------------ -@@ -722,7 +726,7 @@ ZCAT_COMMAND=/usr/bin/zcat +@@ -763,7 +767,7 @@ ZCAT_COMMAND=/usr/bin/zcat # (version 5.004 or later) installed, set EXIM_PERL to perl.o. Using embedded # Perl costs quite a lot of resources. Only do this if you really need it. @@ -199,7 +219,7 @@ #------------------------------------------------------------------------------ -@@ -732,7 +736,7 @@ ZCAT_COMMAND=/usr/bin/zcat +@@ -773,7 +777,7 @@ ZCAT_COMMAND=/usr/bin/zcat # that the local_scan API is made available by the linker. You may also need # to add -ldl to EXTRALIBS so that dlopen() is available to Exim. @@ -208,7 +228,7 @@ #------------------------------------------------------------------------------ -@@ -742,7 +746,7 @@ ZCAT_COMMAND=/usr/bin/zcat +@@ -783,7 +787,7 @@ ZCAT_COMMAND=/usr/bin/zcat # support, which is intended for use in conjunction with the SMTP AUTH # facilities, is included only when requested by the following setting: @@ -217,7 +237,7 @@ # You probably need to add -lpam to EXTRALIBS, and in some releases of # GNU/Linux -ldl is also needed. -@@ -810,7 +814,7 @@ ZCAT_COMMAND=/usr/bin/zcat +@@ -851,7 +855,7 @@ ZCAT_COMMAND=/usr/bin/zcat # group. Once you have installed saslauthd, you should arrange for it to be # started by root at boot time. @@ -226,7 +246,7 @@ #------------------------------------------------------------------------------ -@@ -823,9 +827,9 @@ ZCAT_COMMAND=/usr/bin/zcat +@@ -864,9 +868,9 @@ ZCAT_COMMAND=/usr/bin/zcat # You may well also have to specify a local "include" file and an additional # library for TCP wrappers, so you probably need something like this: # @@ -239,7 +259,7 @@ # # but of course there may need to be other things in CFLAGS and EXTRALIBS_EXIM # as well. -@@ -870,13 +874,13 @@ SYSTEM_ALIASES_FILE=/etc/aliases +@@ -918,13 +922,13 @@ SYSTEM_ALIASES_FILE=/etc/aliases # is "yes", as well as supporting line editing, a history of input lines in the # current run is maintained. @@ -255,7 +275,7 @@ ############################################################################### # THINGS YOU ALMOST NEVER NEED TO MENTION # -@@ -897,13 +901,13 @@ SYSTEM_ALIASES_FILE=/etc/aliases +@@ -945,13 +949,13 @@ SYSTEM_ALIASES_FILE=/etc/aliases # haven't got Perl, Exim will still build and run; you just won't be able to # use those utilities. @@ -276,7 +296,7 @@ #------------------------------------------------------------------------------ -@@ -1097,7 +1101,7 @@ TMPDIR="/tmp" +@@ -1145,7 +1149,7 @@ TMPDIR="/tmp" # (process id) to a file so that it can easily be identified. The path of the # file can be specified here. Some installations may want something like this: @@ -285,14 +305,3 @@ # If PID_FILE_PATH is not defined, Exim writes a file in its spool directory # using the name "exim-daemon.pid". ---- exim-4.71/scripts/Configure-Makefile.config 2009-11-20 21:22:20.000000000 +0000 -+++ exim-4.71/scripts/Configure-Makefile 2009-12-24 18:59:48.000000000 +0000 -@@ -137,7 +137,7 @@ if [ "${EXIM_PERL}" != "" ] ; then - - mv $mft $mftt - echo "PERL_CC=`$PERL_COMMAND -MConfig -e 'print $Config{cc}'`" >>$mft -- echo "PERL_CCOPTS=`$PERL_COMMAND -MExtUtils::Embed -e ccopts`" >>$mft -+ echo "PERL_CCOPTS=`$PERL_COMMAND -MExtUtils::Embed -e ccopts` \$(CFLAGS)" >>$mft - echo "PERL_LIBS=`$PERL_COMMAND -MExtUtils::Embed -e ldopts`" >>$mft - echo "" >>$mft - cat $mftt >> $mft diff --git a/exim-4.71-dynlookup.patch b/exim-4.73-dynlookup.patch similarity index 84% rename from exim-4.71-dynlookup.patch rename to exim-4.73-dynlookup.patch index cbfd244..de15008 100644 --- a/exim-4.71-dynlookup.patch +++ b/exim-4.73-dynlookup.patch @@ -1,7 +1,16 @@ -diff -uNr exim-4.71/Makefile exim-4.71-dynlookup/Makefile ---- exim-4.71/Makefile 2009-11-16 19:50:36.000000000 +0000 -+++ exim-4.71-dynlookup/Makefile 2009-12-24 19:54:45.000000000 +0000 -@@ -81,7 +81,7 @@ +commit e6d225ae6e6811d3c88dc201642a2127ff6c11bd +Author: David Woodhouse +Date: Wed Jan 5 22:55:50 2011 +0000 + + Add dynamic lookup support + + Fixed: bug #139 + +diff --git a/src/Makefile b/src/Makefile +index 0a48ff9..eb9df50 100644 +--- a/src/Makefile ++++ b/src/Makefile +@@ -81,7 +81,7 @@ clean:; @echo ""; echo '*** "make clean" just removes all .o and .a files' clean_exim:; cd build-$(buildname); \ $(RM_COMMAND) -f *.o lookups/*.o lookups/*.a auths/*.o auths/*.a \ @@ -10,10 +19,11 @@ diff -uNr exim-4.71/Makefile exim-4.71-dynlookup/Makefile distclean:; $(RM_COMMAND) -rf build-* -diff -uNr exim-4.71/OS/Makefile-Base exim-4.71-dynlookup/OS/Makefile-Base ---- exim-4.71/OS/Makefile-Base 2009-06-10 08:34:04.000000000 +0100 -+++ exim-4.71-dynlookup/OS/Makefile-Base 2009-12-24 19:54:45.000000000 +0000 -@@ -313,6 +313,7 @@ +diff --git a/src/OS/Makefile-Base b/src/OS/Makefile-Base +index 451fcd2..5793869 100644 +--- a/src/OS/Makefile-Base ++++ b/src/OS/Makefile-Base +@@ -313,6 +313,7 @@ OBJ_EXIM = acl.o child.o crypt16.o daemon.o dbfn.o debug.o deliver.o \ rda.o readconf.o receive.o retry.o rewrite.o rfc2047.o \ route.o search.o sieve.o smtp_in.o smtp_out.o spool_in.o spool_out.o \ store.o string.o tls.o tod.o transport.o tree.o verify.o \ @@ -21,10 +31,11 @@ diff -uNr exim-4.71/OS/Makefile-Base exim-4.71-dynlookup/OS/Makefile-Base local_scan.o $(EXIM_PERL) $(OBJ_WITH_CONTENT_SCAN) \ $(OBJ_WITH_OLD_DEMIME) $(OBJ_EXPERIMENTAL) -diff -uNr exim-4.71/scripts/Configure-Makefile exim-4.71-dynlookup/scripts/Configure-Makefile ---- exim-4.71/scripts/Configure-Makefile 2009-11-20 21:22:20.000000000 +0000 -+++ exim-4.71-dynlookup/scripts/Configure-Makefile 2009-12-24 19:54:45.000000000 +0000 -@@ -107,7 +107,7 @@ +diff --git a/src/scripts/Configure-Makefile b/src/scripts/Configure-Makefile +index 35bb2c3..1b2ea1e 100755 +--- a/src/scripts/Configure-Makefile ++++ b/src/scripts/Configure-Makefile +@@ -107,7 +107,7 @@ do if test -r ../$f echo "# End of $f" echo "" fi @@ -33,10 +44,51 @@ diff -uNr exim-4.71/scripts/Configure-Makefile exim-4.71-dynlookup/scripts/Confi # See if there is a definition of EXIM_PERL in what we have built so far. # If so, run Perl to find the default values for PERL_CC, PERL_CCOPTS, -diff -uNr exim-4.71/scripts/MakeLinks exim-4.71-dynlookup/scripts/MakeLinks ---- exim-4.71/scripts/MakeLinks 2009-11-13 15:58:17.000000000 +0000 -+++ exim-4.71-dynlookup/scripts/MakeLinks 2009-12-24 19:54:45.000000000 +0000 -@@ -197,6 +197,7 @@ +diff --git a/src/scripts/MakeLinks b/src/scripts/MakeLinks +index bb6dd49..5918139 100755 +--- a/src/scripts/MakeLinks ++++ b/src/scripts/MakeLinks +@@ -32,39 +32,23 @@ mkdir lookups + cd lookups + ln -s ../../src/lookups/README README + ln -s ../../src/lookups/Makefile Makefile +-ln -s ../../src/lookups/cdb.h cdb.h + ln -s ../../src/lookups/cdb.c cdb.c +-ln -s ../../src/lookups/dbmdb.h dbmdb.h + ln -s ../../src/lookups/dbmdb.c dbmdb.c +-ln -s ../../src/lookups/dnsdb.h dnsdb.h + ln -s ../../src/lookups/dnsdb.c dnsdb.c +-ln -s ../../src/lookups/dsearch.h dsearch.h + ln -s ../../src/lookups/dsearch.c dsearch.c +-ln -s ../../src/lookups/ibase.h ibase.h + ln -s ../../src/lookups/ibase.c ibase.c + ln -s ../../src/lookups/ldap.h ldap.h + ln -s ../../src/lookups/ldap.c ldap.c +-ln -s ../../src/lookups/lsearch.h lsearch.h + ln -s ../../src/lookups/lsearch.c lsearch.c +-ln -s ../../src/lookups/mysql.h mysql.h + ln -s ../../src/lookups/mysql.c mysql.c +-ln -s ../../src/lookups/nis.h nis.h + ln -s ../../src/lookups/nis.c nis.c +-ln -s ../../src/lookups/nisplus.h nisplus.h + ln -s ../../src/lookups/nisplus.c nisplus.c +-ln -s ../../src/lookups/oracle.h oracle.h + ln -s ../../src/lookups/oracle.c oracle.c +-ln -s ../../src/lookups/passwd.h passwd.h + ln -s ../../src/lookups/passwd.c passwd.c +-ln -s ../../src/lookups/pgsql.h pgsql.h + ln -s ../../src/lookups/pgsql.c pgsql.c +-ln -s ../../src/lookups/spf.h spf.h + ln -s ../../src/lookups/spf.c spf.c +-ln -s ../../src/lookups/sqlite.h sqlite.h + ln -s ../../src/lookups/sqlite.c sqlite.c +-ln -s ../../src/lookups/testdb.h testdb.h + ln -s ../../src/lookups/testdb.c testdb.c +-ln -s ../../src/lookups/whoson.h whoson.h + ln -s ../../src/lookups/whoson.c whoson.c + + ln -s ../../src/lookups/lf_functions.h lf_functions.h +@@ -197,6 +181,7 @@ ln -s ../src/mytypes.h mytypes.h ln -s ../src/osfunctions.h osfunctions.h ln -s ../src/store.h store.h ln -s ../src/structs.h structs.h @@ -44,10 +96,45 @@ diff -uNr exim-4.71/scripts/MakeLinks exim-4.71-dynlookup/scripts/MakeLinks ln -s ../src/acl.c acl.c ln -s ../src/buildconfig.c buildconfig.c -diff -uNr exim-4.71/src/config.h.defaults exim-4.71-dynlookup/src/config.h.defaults ---- exim-4.71/src/config.h.defaults 2009-11-16 19:50:36.000000000 +0000 -+++ exim-4.71-dynlookup/src/config.h.defaults 2009-12-24 19:54:45.000000000 +0000 -@@ -90,6 +90,8 @@ +diff --git a/src/src/EDITME b/src/src/EDITME +index 3c162c9..be15e4e 100644 +--- a/src/src/EDITME ++++ b/src/src/EDITME +@@ -249,6 +249,10 @@ TRANSPORT_SMTP=yes + + + #------------------------------------------------------------------------------ ++# See below for dynamic lookup modules. ++# LOOKUP_MODULE_DIR=/usr/lib/exim/lookups/ ++ ++#------------------------------------------------------------------------------ + # These settings determine which file and database lookup methods are included + # in the binary. See the manual chapter entitled "File and database lookups" + # for discussion. DBM and lsearch (linear search) are included by default. If +@@ -256,6 +260,18 @@ TRANSPORT_SMTP=yes + # LOOKUP_DNSDB does *not* refer to general mail routing using the DNS. It is + # for the specialist case of using the DNS as a general database facility (not + # common). ++# If set to "2" instead of "yes" then the corresponding lookup will be ++# built as a module and must be installed into LOOKUP_MODULE_DIR. You need to ++# add -export-dynamic -rdynamic to EXTRALIBS. You may also need to add -ldl to ++# EXTRALIBS so that dlopen() is available to Exim. You need to define ++# LOOKUP_MODULE_DIR above so the exim binary actually loads dynamic lookup ++# modules. ++# Also, instead of adding all the libraries/includes to LOOKUP_INCLUDE and ++# LOOKUP_LIBS, add them to the respective LOOKUP_*_INCLUDE and LOOKUP_*_LIBS ++# (where * is the name as given here in this list). That ensures that only ++# the dynamic library and not the exim binary will be linked against the ++# library. ++# NOTE: LDAP cannot be built as a module! + + LOOKUP_DBM=yes + LOOKUP_LSEARCH=yes +diff --git a/src/src/config.h.defaults b/src/src/config.h.defaults +index 5cff6ad..8d951ae 100644 +--- a/src/src/config.h.defaults ++++ b/src/src/config.h.defaults +@@ -90,6 +90,8 @@ it's a default value. */ #define LOOKUP_WILDLSEARCH #define LOOKUP_NWILDLSEARCH @@ -56,9 +143,10 @@ diff -uNr exim-4.71/src/config.h.defaults exim-4.71-dynlookup/src/config.h.defau #define MAX_FILTER_SIZE (1024*1024) #define MAX_LOCALHOST_NUMBER 256 #define MAX_INCLUDE_SIZE (1024*1024) -diff -uNr exim-4.71/src/drtables.c exim-4.71-dynlookup/src/drtables.c ---- exim-4.71/src/drtables.c 2009-11-16 19:50:36.000000000 +0000 -+++ exim-4.71-dynlookup/src/drtables.c 2009-12-24 19:54:45.000000000 +0000 +diff --git a/src/src/drtables.c b/src/src/drtables.c +index e2d989c..92b4878 100644 +--- a/src/src/drtables.c ++++ b/src/src/drtables.c @@ -10,6 +10,8 @@ #include "exim.h" @@ -68,7 +156,7 @@ diff -uNr exim-4.71/src/drtables.c exim-4.71-dynlookup/src/drtables.c /* This module contains tables that define the lookup methods and drivers that are actually included in the binary. Its contents are controlled by -@@ -17,527 +19,8 @@ +@@ -17,527 +19,8 @@ various macros in config.h that ultimately come from Local/Makefile. They are all described in src/EDITME. */ @@ -598,7 +686,7 @@ diff -uNr exim-4.71/src/drtables.c exim-4.71-dynlookup/src/drtables.c /* Table of information about all possible authentication mechamisms. All entries are always present if any mechanism is declared, but the functions are -@@ -865,4 +348,226 @@ +@@ -865,4 +348,226 @@ transport_info transports_available[] = { { US"", NULL, NULL, NULL, 0, NULL, NULL, NULL, NULL, FALSE } }; @@ -825,43 +913,11 @@ diff -uNr exim-4.71/src/drtables.c exim-4.71-dynlookup/src/drtables.c +} + /* End of drtables.c */ -diff -uNr exim-4.71/src/EDITME exim-4.71-dynlookup/src/EDITME ---- exim-4.71/src/EDITME 2009-11-20 12:18:19.000000000 +0000 -+++ exim-4.71-dynlookup/src/EDITME 2009-12-24 19:54:45.000000000 +0000 -@@ -250,6 +250,10 @@ - - - #------------------------------------------------------------------------------ -+# See below for dynamic lookup modules. -+# LOOKUP_MODULE_DIR=/usr/lib/exim/lookups/ -+ -+#------------------------------------------------------------------------------ - # These settings determine which file and database lookup methods are included - # in the binary. See the manual chapter entitled "File and database lookups" - # for discussion. DBM and lsearch (linear search) are included by default. If -@@ -257,6 +261,18 @@ - # LOOKUP_DNSDB does *not* refer to general mail routing using the DNS. It is - # for the specialist case of using the DNS as a general database facility (not - # common). -+# If set to "2" instead of "yes" then the corresponding lookup will be -+# built as a module and must be installed into LOOKUP_MODULE_DIR. You need to -+# add -export-dynamic -rdynamic to EXTRALIBS. You may also need to add -ldl to -+# EXTRALIBS so that dlopen() is available to Exim. You need to define -+# LOOKUP_MODULE_DIR above so the exim binary actually loads dynamic lookup -+# modules. -+# Also, instead of adding all the libraries/includes to LOOKUP_INCLUDE and -+# LOOKUP_LIBS, add them to the respective LOOKUP_*_INCLUDE and LOOKUP_*_LIBS -+# (where * is the name as given here in this list). That ensures that only -+# the dynamic library and not the exim binary will be linked against the -+# library. -+# NOTE: LDAP cannot be built as a module! - - LOOKUP_DBM=yes - LOOKUP_LSEARCH=yes -diff -uNr exim-4.71/src/exim.c exim-4.71-dynlookup/src/exim.c ---- exim-4.71/src/exim.c 2009-11-16 19:50:36.000000000 +0000 -+++ exim-4.71-dynlookup/src/exim.c 2009-12-24 19:54:45.000000000 +0000 -@@ -925,53 +925,53 @@ +diff --git a/src/src/exim.c b/src/src/exim.c +index dce42f0..bda6190 100644 +--- a/src/src/exim.c ++++ b/src/src/exim.c +@@ -776,53 +776,53 @@ fprintf(f, "Support for:"); #endif fprintf(f, "\n"); @@ -932,7 +988,7 @@ diff -uNr exim-4.71/src/exim.c exim-4.71-dynlookup/src/exim.c fprintf(f, " whoson"); #endif fprintf(f, "\n"); -@@ -3432,6 +3432,10 @@ +@@ -3510,6 +3510,10 @@ if (opt_perl_at_start && opt_perl_startup != NULL) } #endif /* EXIM_PERL */ @@ -943,10 +999,11 @@ diff -uNr exim-4.71/src/exim.c exim-4.71-dynlookup/src/exim.c /* Log the arguments of the call if the configuration file said so. This is a debugging feature for finding out what arguments certain MUAs actually use. Don't attempt it if logging is disabled, or if listing variables or if -diff -uNr exim-4.71/src/expand.c exim-4.71-dynlookup/src/expand.c ---- exim-4.71/src/expand.c 2009-11-16 19:50:36.000000000 +0000 -+++ exim-4.71-dynlookup/src/expand.c 2009-12-24 19:54:45.000000000 +0000 -@@ -5473,8 +5473,8 @@ +diff --git a/src/src/expand.c b/src/src/expand.c +index 7adf673..702faab 100644 +--- a/src/src/expand.c ++++ b/src/src/expand.c +@@ -5506,8 +5506,8 @@ while (*s != 0) goto EXPAND_FAILED; } @@ -957,10 +1014,11 @@ diff -uNr exim-4.71/src/expand.c exim-4.71-dynlookup/src/expand.c else if (opt != NULL) sub = NULL; if (sub == NULL) -diff -uNr exim-4.71/src/globals.c exim-4.71-dynlookup/src/globals.c ---- exim-4.71/src/globals.c 2009-11-16 19:50:37.000000000 +0000 -+++ exim-4.71-dynlookup/src/globals.c 2009-12-24 19:54:45.000000000 +0000 -@@ -13,21 +13,6 @@ +diff --git a/src/src/globals.c b/src/src/globals.c +index 71de52a..6653d62 100644 +--- a/src/src/globals.c ++++ b/src/src/globals.c +@@ -13,21 +13,6 @@ that they are easy to find. */ #include "exim.h" @@ -982,10 +1040,11 @@ diff -uNr exim-4.71/src/globals.c exim-4.71-dynlookup/src/globals.c /* Generic options for auths, all of which live inside auth_instance data blocks and hence have the opt_public flag set. */ -diff -uNr exim-4.71/src/globals.h exim-4.71-dynlookup/src/globals.h ---- exim-4.71/src/globals.h 2009-11-16 19:50:37.000000000 +0000 -+++ exim-4.71-dynlookup/src/globals.h 2009-12-24 19:54:45.000000000 +0000 -@@ -440,7 +440,7 @@ +diff --git a/src/src/globals.h b/src/src/globals.h +index b4e3f2a..db7a79b 100644 +--- a/src/src/globals.h ++++ b/src/src/globals.h +@@ -441,7 +441,7 @@ extern BOOL log_testing_mode; /* TRUE in various testing modes */ extern BOOL log_timezone; /* TRUE to include the timezone in log lines */ extern unsigned int log_write_selector;/* Bit map of logging options for log_write() */ extern uschar *login_sender_address; /* The actual sender address */ @@ -994,9 +1053,11 @@ diff -uNr exim-4.71/src/globals.h exim-4.71-dynlookup/src/globals.h extern int lookup_list_count; /* Number of entries in the list */ extern int lookup_open_max; /* Max lookup files to cache */ extern uschar *lookup_value; /* Value looked up from file */ -diff -uNr exim-4.71/src/lookupapi.h exim-4.71-dynlookup/src/lookupapi.h ---- exim-4.71/src/lookupapi.h 1970-01-01 01:00:00.000000000 +0100 -+++ exim-4.71-dynlookup/src/lookupapi.h 2009-12-24 19:54:45.000000000 +0000 +diff --git a/src/src/lookupapi.h b/src/src/lookupapi.h +new file mode 100644 +index 0000000..97f92ab +--- /dev/null ++++ b/src/src/lookupapi.h @@ -0,0 +1,58 @@ +/* $Cambridge$ */ + @@ -1056,838 +1117,24 @@ diff -uNr exim-4.71/src/lookupapi.h exim-4.71-dynlookup/src/lookupapi.h +} lookup_module_info; + +/* End of lookupapi.h */ -diff -uNr exim-4.71/src/lookups/cdb.c exim-4.71-dynlookup/src/lookups/cdb.c ---- exim-4.71/src/lookups/cdb.c 2005-06-27 15:29:44.000000000 +0100 -+++ exim-4.71-dynlookup/src/lookups/cdb.c 2009-12-24 19:54:45.000000000 +0000 -@@ -56,7 +56,6 @@ - - #include "../exim.h" - #include "lf_functions.h" --#include "cdb.h" - - #ifdef HAVE_MMAP - # include -@@ -144,7 +143,9 @@ - return num; - } - --void * -+static void cdb_close(void *handle); -+ -+static void * - cdb_open(uschar *filename, - uschar **errmsg) - { -@@ -245,7 +246,7 @@ - * Check entry point * - *************************************************/ - --BOOL -+static BOOL - cdb_check(void *handle, - uschar *filename, - int modemask, -@@ -270,7 +271,7 @@ - * Find entry point * - *************************************************/ - --int -+static int - cdb_find(void *handle, - uschar *filename, - uschar *keystring, -@@ -418,7 +419,7 @@ - - /* See local README for interface description */ - --void -+static void - cdb_close(void *handle) - { - struct cdb_state * cdbp = handle; -@@ -434,4 +435,22 @@ - (void)close(cdbp->fileno); - } - -+lookup_info cdb_lookup_info = { -+ US"cdb", /* lookup name */ -+ lookup_absfile, /* uses absolute file name */ -+ cdb_open, /* open function */ -+ cdb_check, /* check function */ -+ cdb_find, /* find function */ -+ cdb_close, /* close function */ -+ NULL, /* no tidy function */ -+ NULL /* no quoting function */ -+}; -+ -+#ifdef DYNLOOKUP -+#define cdb_lookup_module_info _lookup_module_info -+#endif -+ -+static lookup_info *_lookup_list[] = { &cdb_lookup_info }; -+lookup_module_info cdb_lookup_module_info = { LOOKUP_MODULE_INFO_MAGIC, _lookup_list, 1 }; -+ - /* End of lookups/cdb.c */ -diff -uNr exim-4.71/src/lookups/cdb.h exim-4.71-dynlookup/src/lookups/cdb.h ---- exim-4.71/src/lookups/cdb.h 2004-10-07 14:10:01.000000000 +0100 -+++ exim-4.71-dynlookup/src/lookups/cdb.h 2009-12-24 19:54:45.000000000 +0000 -@@ -1,59 +0,0 @@ --/* $Cambridge: exim/exim-src/src/lookups/cdb.h,v 1.1 2004/10/07 13:10:01 ph10 Exp $ */ -- --/************************************************* --* Exim - an Internet mail transport agent * --*************************************************/ -- --/* -- * $Id: cdb.h,v 1.2.2.1 1998/05/29 16:21:36 cvs Exp $ -- * -- * Exim - CDB database lookup module -- * ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -- * -- * Copyright (c) 1998 Nigel Metheringham, Planet Online Ltd -- * -- * This program is free software; you can redistribute it and/or -- * modify it under the terms of the GNU General Public License -- * as published by the Free Software Foundation; either version 2 -- * of the License, or (at your option) any later version. -- * -- * This program is distributed in the hope that it will be useful, -- * but WITHOUT ANY WARRANTY; without even the implied warranty of -- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -- * GNU General Public License for more details. -- * -- * You should have received a copy of the GNU General Public License -- * along with this program; if not, write to the Free Software -- * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA -- * 02111-1307, USA. -- * -- * -- * This code implements Dan Bernstein's Constant DataBase (cdb) spec. -- * Information, the spec and sample code for cdb can be obtained from -- * http://www.pobox.com/~djb/cdb.html -- * -- * This implementation borrows some code from Dan Bernstein's -- * implementation (which has no license restrictions applied to it). -- * This (read-only) implementation is completely contained within -- * cdb.[ch] it does *not* link against an external cdb library. -- * -- * -- * There are 2 varients included within this code. One uses MMAP and -- * should give better performance especially for multiple lookups on a -- * modern machine. The other is the default implementation which is -- * used in the case where the MMAP fails or if MMAP was not compiled -- * in. this implementation is the same as the original reference cdb -- * implementation. -- * -- */ -- -- --/* Functions for reading exim cdb files */ -- --extern void *cdb_open(uschar *, uschar **); --extern BOOL cdb_check(void *, uschar *, int, uid_t *, gid_t *, uschar **); --extern int cdb_find(void *, uschar *, uschar *, int, uschar **, uschar **, -- BOOL *); --extern void cdb_close(void *); -- --/* End of cdb.h */ -diff -uNr exim-4.71/src/lookups/dbmdb.c exim-4.71-dynlookup/src/lookups/dbmdb.c ---- exim-4.71/src/lookups/dbmdb.c 2009-11-16 19:50:38.000000000 +0000 -+++ exim-4.71-dynlookup/src/lookups/dbmdb.c 2009-12-24 19:54:45.000000000 +0000 -@@ -9,7 +9,6 @@ - - #include "../exim.h" - #include "lf_functions.h" --#include "dbmdb.h" - - - /************************************************* -@@ -18,7 +17,7 @@ - - /* See local README for interface description */ - --void * -+static void * - dbmdb_open(uschar *filename, uschar **errmsg) - { - EXIM_DB *yield; -@@ -45,7 +44,7 @@ - the same. Otherwise, for safety, we have to check for x.db or x.dir and x.pag. - */ - --BOOL -+static BOOL - dbmdb_check(void *handle, uschar *filename, int modemask, uid_t *owners, - gid_t *owngroups, uschar **errmsg) - { -@@ -88,7 +87,7 @@ - /* See local README for interface description. This function adds 1 to - the keylength in order to include the terminating zero. */ - --int -+static int - dbmdb_find(void *handle, uschar *filename, uschar *keystring, int length, - uschar **result, uschar **errmsg, BOOL *do_cache) - { -@@ -122,7 +121,7 @@ - /* See local README for interface description */ - - int --dbmnz_find(void *handle, uschar *filename, uschar *keystring, int length, -+static dbmnz_find(void *handle, uschar *filename, uschar *keystring, int length, - uschar **result, uschar **errmsg, BOOL *do_cache) - { - return dbmdb_find(handle, filename, keystring, length-1, result, errmsg, -@@ -138,9 +137,38 @@ - /* See local README for interface description */ - - void --dbmdb_close(void *handle) -+static dbmdb_close(void *handle) - { - EXIM_DBCLOSE((EXIM_DB *)handle); - } - -+lookup_info dbm_lookup_info = { -+ US"dbm", /* lookup name */ -+ lookup_absfile, /* uses absolute file name */ -+ dbmdb_open, /* open function */ -+ dbmdb_check, /* check function */ -+ dbmdb_find, /* find function */ -+ dbmdb_close, /* close function */ -+ NULL, /* no tidy function */ -+ NULL /* no quoting function */ -+}; -+ -+lookup_info dbmz_lookup_info = { -+ US"dbmnz", /* lookup name */ -+ lookup_absfile, /* uses absolute file name */ -+ dbmdb_open, /* sic */ /* open function */ -+ dbmdb_check, /* sic */ /* check function */ -+ dbmnz_find, /* find function */ -+ dbmdb_close, /* sic */ /* close function */ -+ NULL, /* no tidy function */ -+ NULL /* no quoting function */ -+}; -+ -+#ifdef DYNLOOKUP -+#define dbmdb_lookup_module_info _lookup_module_info -+#endif -+ -+static lookup_info *_lookup_list[] = { &dbm_lookup_info, &dbmz_lookup_info }; -+lookup_module_info dbmdb_lookup_module_info = { LOOKUP_MODULE_INFO_MAGIC, _lookup_list, 2 }; -+ - /* End of lookups/dbmdb.c */ -diff -uNr exim-4.71/src/lookups/dbmdb.h exim-4.71-dynlookup/src/lookups/dbmdb.h ---- exim-4.71/src/lookups/dbmdb.h 2009-11-16 19:50:38.000000000 +0000 -+++ exim-4.71-dynlookup/src/lookups/dbmdb.h 1970-01-01 01:00:00.000000000 +0100 -@@ -1,21 +0,0 @@ --/* $Cambridge: exim/exim-src/src/lookups/dbmdb.h,v 1.5 2009/11/16 19:50:38 nm4 Exp $ */ -- --/************************************************* --* Exim - an Internet mail transport agent * --*************************************************/ -- --/* Copyright (c) University of Cambridge 1995 - 2009 */ --/* See the file NOTICE for conditions of use and distribution. */ -- --/* Header for the dbm lookup. Use dbmdb in the code to avoid name --clashes with external library names. */ -- --extern void *dbmdb_open(uschar *, uschar **); --extern BOOL dbmdb_check(void *, uschar *, int, uid_t *, gid_t *, uschar **); --extern int dbmdb_find(void *, uschar *, uschar *, int, uschar **, uschar **, -- BOOL *); --extern int dbmnz_find(void *, uschar *, uschar *, int, uschar **, uschar **, -- BOOL *); --extern void dbmdb_close(void *); -- --/* End of lookups/dbmdb.h */ -diff -uNr exim-4.71/src/lookups/dnsdb.c exim-4.71-dynlookup/src/lookups/dnsdb.c ---- exim-4.71/src/lookups/dnsdb.c 2009-11-16 19:50:38.000000000 +0000 -+++ exim-4.71-dynlookup/src/lookups/dnsdb.c 2009-12-24 19:54:47.000000000 +0000 -@@ -9,7 +9,6 @@ - - #include "../exim.h" - #include "lf_functions.h" --#include "dnsdb.h" - - - -@@ -67,7 +66,7 @@ - - /* See local README for interface description. */ - --void * -+static void * - dnsdb_open(uschar *filename, uschar **errmsg) - { - filename = filename; /* Keep picky compilers happy */ -@@ -102,7 +101,7 @@ - which may start with '<' in order to set a specific separator. The default - separator, as always, is colon. */ - --int -+static int - dnsdb_find(void *handle, uschar *filename, uschar *keystring, int length, - uschar **result, uschar **errmsg, BOOL *do_cache) - { -@@ -400,4 +399,22 @@ - return OK; - } - -+static lookup_info _lookup_info = { -+ US"dnsdb", /* lookup name */ -+ lookup_querystyle, /* query style */ -+ dnsdb_open, /* open function */ -+ NULL, /* check function */ -+ dnsdb_find, /* find function */ -+ NULL, /* no close function */ -+ NULL, /* no tidy function */ -+ NULL /* no quoting function */ -+}; -+ -+#ifdef DYNLOOKUP -+#define dnsdb_lookup_module_info _lookup_module_info -+#endif -+ -+static lookup_info *_lookup_list[] = { &_lookup_info }; -+lookup_module_info dnsdb_lookup_module_info = { LOOKUP_MODULE_INFO_MAGIC, _lookup_list, 1 }; -+ - /* End of lookups/dnsdb.c */ -diff -uNr exim-4.71/src/lookups/dnsdb.h exim-4.71-dynlookup/src/lookups/dnsdb.h ---- exim-4.71/src/lookups/dnsdb.h 2009-11-16 19:50:38.000000000 +0000 -+++ exim-4.71-dynlookup/src/lookups/dnsdb.h 1970-01-01 01:00:00.000000000 +0100 -@@ -1,16 +0,0 @@ --/* $Cambridge: exim/exim-src/src/lookups/dnsdb.h,v 1.5 2009/11/16 19:50:38 nm4 Exp $ */ -- --/************************************************* --* Exim - an Internet mail transport agent * --*************************************************/ -- --/* Copyright (c) University of Cambridge 1995 - 2009 */ --/* See the file NOTICE for conditions of use and distribution. */ -- --/* Header for the dnsdb lookup */ -- --extern void *dnsdb_open(uschar *, uschar **); --extern int dnsdb_find(void *, uschar *, uschar *, int, uschar **, uschar **, -- BOOL *); -- --/* End of lookups/dnsdb.h */ -diff -uNr exim-4.71/src/lookups/dsearch.c exim-4.71-dynlookup/src/lookups/dsearch.c ---- exim-4.71/src/lookups/dsearch.c 2009-11-16 19:50:38.000000000 +0000 -+++ exim-4.71-dynlookup/src/lookups/dsearch.c 2009-12-24 19:54:47.000000000 +0000 -@@ -14,7 +14,6 @@ - - #include "../exim.h" - #include "lf_functions.h" --#include "dsearch.h" - - - -@@ -27,7 +26,7 @@ - it open, because the "search" can be done by a call to lstat() rather than - actually scanning through the list of files. */ - --void * -+static void * - dsearch_open(uschar *dirname, uschar **errmsg) - { - DIR *dp = opendir(CS dirname); -@@ -51,7 +50,7 @@ - integer as this gives warnings on 64-bit systems. */ - - BOOL --dsearch_check(void *handle, uschar *filename, int modemask, uid_t *owners, -+static dsearch_check(void *handle, uschar *filename, int modemask, uid_t *owners, - gid_t *owngroups, uschar **errmsg) - { - handle = handle; -@@ -69,7 +68,7 @@ - for us. */ - - int --dsearch_find(void *handle, uschar *dirname, uschar *keystring, int length, -+static dsearch_find(void *handle, uschar *dirname, uschar *keystring, int length, - uschar **result, uschar **errmsg, BOOL *do_cache) - { - struct stat statbuf; -@@ -115,9 +114,27 @@ - /* See local README for interface description */ - - void --dsearch_close(void *handle) -+static dsearch_close(void *handle) - { - handle = handle; /* Avoid compiler warning */ - } - -+static lookup_info _lookup_info = { -+ US"dsearch", /* lookup name */ -+ lookup_absfile, /* uses absolute file name */ -+ dsearch_open, /* open function */ -+ dsearch_check, /* check function */ -+ dsearch_find, /* find function */ -+ dsearch_close, /* close function */ -+ NULL, /* no tidy function */ -+ NULL /* no quoting function */ -+}; -+ -+#ifdef DYNLOOKUP -+#define dsearch_lookup_module_info _lookup_module_info -+#endif -+ -+static lookup_info *_lookup_list[] = { &_lookup_info }; -+lookup_module_info dsearch_lookup_module_info = { LOOKUP_MODULE_INFO_MAGIC, _lookup_list, 1 }; -+ - /* End of lookups/dsearch.c */ -diff -uNr exim-4.71/src/lookups/dsearch.h exim-4.71-dynlookup/src/lookups/dsearch.h ---- exim-4.71/src/lookups/dsearch.h 2009-11-16 19:50:38.000000000 +0000 -+++ exim-4.71-dynlookup/src/lookups/dsearch.h 1970-01-01 01:00:00.000000000 +0100 -@@ -1,18 +0,0 @@ --/* $Cambridge: exim/exim-src/src/lookups/dsearch.h,v 1.5 2009/11/16 19:50:38 nm4 Exp $ */ -- --/************************************************* --* Exim - an Internet mail transport agent * --*************************************************/ -- --/* Copyright (c) University of Cambridge 1995 - 2009 */ --/* See the file NOTICE for conditions of use and distribution. */ -- --/* Header for the dsearch lookup */ -- --extern void *dsearch_open(uschar *, uschar **); --extern BOOL dsearch_check(void *, uschar *, int, uid_t *, gid_t *, uschar **); --extern int dsearch_find(void *, uschar *, uschar *, int, uschar **, uschar **, -- BOOL *); --extern void dsearch_close(void *); -- --/* End of lookups/dsearch.h */ -diff -uNr exim-4.71/src/lookups/ibase.c exim-4.71-dynlookup/src/lookups/ibase.c ---- exim-4.71/src/lookups/ibase.c 2009-11-16 19:50:38.000000000 +0000 -+++ exim-4.71-dynlookup/src/lookups/ibase.c 2009-12-24 19:54:48.000000000 +0000 -@@ -11,14 +11,7 @@ - - #include "../exim.h" - #include "lf_functions.h" --#include "ibase.h" - --#ifndef LOOKUP_IBASE --static void dummy(int x) --{ -- dummy(x - 1); --} --#else - #include /* The system header */ - - /* Structure and anchor for caching connections. */ -@@ -40,7 +33,7 @@ - - /* See local README for interface description. */ - --void *ibase_open(uschar * filename, uschar ** errmsg) -+static void *ibase_open(uschar * filename, uschar ** errmsg) - { - return (void *) (1); /* Just return something non-null */ - } -@@ -53,7 +46,7 @@ - - /* See local README for interface description. */ - --void ibase_tidy(void) -+static void ibase_tidy(void) - { - ibase_connection *cn; - ISC_STATUS status[20]; -@@ -458,7 +451,7 @@ - arguments are not used. Loop through a list of servers while the query is - deferred with a retryable error. */ - --int -+static int - ibase_find(void *handle, uschar * filename, uschar * query, int length, - uschar ** result, uschar ** errmsg, BOOL *do_cache) - { -@@ -510,7 +503,7 @@ - Returns: the processed string or NULL for a bad option - */ - --uschar *ibase_quote(uschar * s, uschar * opt) -+static uschar *ibase_quote(uschar * s, uschar * opt) - { - register int c; - int count = 0; -@@ -553,6 +546,22 @@ - return quoted; - } - -+static lookup_info _lookup_info = { -+ US"ibase", /* lookup name */ -+ lookup_querystyle, /* query-style lookup */ -+ ibase_open, /* open function */ -+ NULL, /* no check function */ -+ ibase_find, /* find function */ -+ NULL, /* no close function */ -+ ibase_tidy, /* tidy function */ -+ ibase_quote /* quoting function */ -+}; -+ -+#ifdef DYNLOOKUP -+#define ibase_lookup_module_info _lookup_module_info - #endif -+ -+static lookup_info *_lookup_list[] = { &_lookup_info }; -+lookup_module_info ibase_lookup_module_info = { LOOKUP_MODULE_INFO_MAGIC, _lookup_list, 1 }; - - /* End of lookups/ibase.c */ -diff -uNr exim-4.71/src/lookups/ibase.h exim-4.71-dynlookup/src/lookups/ibase.h ---- exim-4.71/src/lookups/ibase.h 2009-11-16 19:50:38.000000000 +0000 -+++ exim-4.71-dynlookup/src/lookups/ibase.h 1970-01-01 01:00:00.000000000 +0100 -@@ -1,18 +0,0 @@ --/* $Cambridge: exim/exim-src/src/lookups/ibase.h,v 1.5 2009/11/16 19:50:38 nm4 Exp $ */ -- --/************************************************* --* Exim - an Internet mail transport agent * --*************************************************/ -- --/* Copyright (c) University of Cambridge 1995 - 2009 */ --/* See the file NOTICE for conditions of use and distribution. */ -- --/* Header for the Interbase lookup functions */ -- --extern void *ibase_open(uschar *, uschar **); --extern int ibase_find(void *, uschar *, uschar *, int, uschar **, uschar **, -- BOOL *); --extern void ibase_tidy(void); --extern uschar *ibase_quote(uschar *, uschar *); -- --/* End of lookups/ibase.h */ -diff -uNr exim-4.71/src/lookups/ldap.c exim-4.71-dynlookup/src/lookups/ldap.c ---- exim-4.71/src/lookups/ldap.c 2009-11-16 19:50:38.000000000 +0000 -+++ exim-4.71-dynlookup/src/lookups/ldap.c 2009-12-24 19:54:49.000000000 +0000 -@@ -15,20 +15,6 @@ - - #include "../exim.h" - #include "lf_functions.h" --#include "ldap.h" -- -- --/* We can't just compile this code and allow the library mechanism to omit the --functions if they are not wanted, because we need to have the LDAP headers --available for compiling. Therefore, compile these functions only if LOOKUP_LDAP --is defined. However, some compilers don't like compiling empty modules, so keep --them happy with a dummy when skipping the rest. Make it reference itself to --stop picky compilers complaining that it is unused, and put in a dummy argument --to stop even pickier compilers complaining about infinite loops. */ -- --#ifndef LOOKUP_LDAP --static void dummy(int x) { dummy(x-1); } --#else - - - /* Include LDAP headers. The code below uses some "old" LDAP interfaces that -@@ -1196,7 +1182,7 @@ - are handled by a common function, with a flag to differentiate between them. - The handle and filename arguments are not used. */ - --int -+static int - eldap_find(void *handle, uschar *filename, uschar *ldap_url, int length, - uschar **result, uschar **errmsg, BOOL *do_cache) - { -@@ -1205,7 +1191,7 @@ - return(control_ldap_search(ldap_url, SEARCH_LDAP_SINGLE, result, errmsg)); - } - --int -+static int - eldapm_find(void *handle, uschar *filename, uschar *ldap_url, int length, - uschar **result, uschar **errmsg, BOOL *do_cache) - { -@@ -1214,7 +1200,7 @@ - return(control_ldap_search(ldap_url, SEARCH_LDAP_MULTIPLE, result, errmsg)); - } - --int -+static int - eldapdn_find(void *handle, uschar *filename, uschar *ldap_url, int length, - uschar **result, uschar **errmsg, BOOL *do_cache) - { -@@ -1240,7 +1226,7 @@ - - /* See local README for interface description. */ - --void * -+static void * - eldap_open(uschar *filename, uschar **errmsg) - { - return (void *)(1); /* Just return something non-null */ -@@ -1255,7 +1241,7 @@ - /* See local README for interface description. - Make sure that eldap_dn does not refer to reclaimed or worse, freed store */ - --void -+static void - eldap_tidy(void) - { - LDAP_CONNECTION *lcp = NULL; -@@ -1351,7 +1337,7 @@ - - - --uschar * -+static uschar * - eldap_quote(uschar *s, uschar *opt) - { - register int c; -@@ -1470,6 +1456,44 @@ - return quoted; - } - --#endif /* LOOKUP_LDAP */ -+static lookup_info ldap_lookup_info = { -+ US"ldap", /* lookup name */ -+ lookup_querystyle, /* query-style lookup */ -+ eldap_open, /* open function */ -+ NULL, /* check function */ -+ eldap_find, /* find function */ -+ NULL, /* no close function */ -+ eldap_tidy, /* tidy function */ -+ eldap_quote /* quoting function */ -+}; -+ -+static lookup_info ldapdn_lookup_info = { -+ US"ldapdn", /* lookup name */ -+ lookup_querystyle, /* query-style lookup */ -+ eldap_open, /* sic */ /* open function */ -+ NULL, /* check function */ -+ eldapdn_find, /* find function */ -+ NULL, /* no close function */ -+ eldap_tidy, /* sic */ /* tidy function */ -+ eldap_quote /* sic */ /* quoting function */ -+}; -+ -+static lookup_info ldapm_lookup_info = { -+ US"ldapm", /* lookup name */ -+ lookup_querystyle, /* query-style lookup */ -+ eldap_open, /* sic */ /* open function */ -+ NULL, /* check function */ -+ eldapm_find, /* find function */ -+ NULL, /* no close function */ -+ eldap_tidy, /* sic */ /* tidy function */ -+ eldap_quote /* sic */ /* quoting function */ -+}; -+ -+#ifdef DYNLOOKUP -+#define ldap_lookup_module_info _lookup_module_info -+#endif -+ -+static lookup_info *_lookup_list[] = { &ldap_lookup_info, &ldapdn_lookup_info, &ldapm_lookup_info }; -+lookup_module_info ldap_lookup_module_info = { LOOKUP_MODULE_INFO_MAGIC, _lookup_list, 3 }; - - /* End of lookups/ldap.c */ -diff -uNr exim-4.71/src/lookups/ldap.h exim-4.71-dynlookup/src/lookups/ldap.h ---- exim-4.71/src/lookups/ldap.h 2009-11-16 19:50:38.000000000 +0000 -+++ exim-4.71-dynlookup/src/lookups/ldap.h 2009-12-24 19:54:49.000000000 +0000 -@@ -7,18 +7,9 @@ - /* Copyright (c) University of Cambridge 1995 - 2009 */ - /* See the file NOTICE for conditions of use and distribution. */ - --/* Header for the ldap lookups */ -+/* Header for eldapauth_find */ - --extern void *eldap_open(uschar *, uschar **); --extern int eldap_find(void *, uschar *, uschar *, int, uschar **, uschar **, -- BOOL *); - extern int eldapauth_find(void *, uschar *, uschar *, int, uschar **, - uschar **, BOOL *); --extern int eldapdn_find(void *, uschar *, uschar *, int, uschar **, -- uschar **, BOOL *); --extern int eldapm_find(void *, uschar *, uschar *, int, uschar **, -- uschar **, BOOL *); --extern void eldap_tidy(void); --extern uschar *eldap_quote(uschar *, uschar *); - - /* End of lookups/ldap.h */ -diff -uNr exim-4.71/src/lookups/lsearch.c exim-4.71-dynlookup/src/lookups/lsearch.c ---- exim-4.71/src/lookups/lsearch.c 2009-11-16 19:50:38.000000000 +0000 -+++ exim-4.71-dynlookup/src/lookups/lsearch.c 2009-12-24 19:54:49.000000000 +0000 -@@ -9,7 +9,6 @@ - - #include "../exim.h" - #include "lf_functions.h" --#include "lsearch.h" - - /* Codes for the different kinds of lsearch that are supported */ - -@@ -28,7 +27,7 @@ - - /* See local README for interface description */ - --void * -+static void * - lsearch_open(uschar *filename, uschar **errmsg) - { - FILE *f = Ufopen(filename, "rb"); -@@ -48,7 +47,7 @@ - * Check entry point * - *************************************************/ - --BOOL -+static BOOL - lsearch_check(void *handle, uschar *filename, int modemask, uid_t *owners, - gid_t *owngroups, uschar **errmsg) - { -@@ -324,7 +323,7 @@ - - /* See local README for interface description */ - --int -+static int - lsearch_find(void *handle, uschar *filename, uschar *keystring, int length, - uschar **result, uschar **errmsg, BOOL *do_cache) - { -@@ -341,7 +340,7 @@ - - /* See local README for interface description */ - --int -+static int - wildlsearch_find(void *handle, uschar *filename, uschar *keystring, int length, - uschar **result, uschar **errmsg, BOOL *do_cache) - { -@@ -358,7 +357,7 @@ - - /* See local README for interface description */ - --int -+static int - nwildlsearch_find(void *handle, uschar *filename, uschar *keystring, int length, - uschar **result, uschar **errmsg, BOOL *do_cache) - { -@@ -376,7 +375,7 @@ - - /* See local README for interface description */ - --int -+static int - iplsearch_find(void *handle, uschar *filename, uschar *keystring, int length, - uschar **result, uschar **errmsg, BOOL *do_cache) - { -@@ -405,10 +404,64 @@ - - /* See local README for interface description */ - --void -+static void - lsearch_close(void *handle) - { - (void)fclose((FILE *)handle); - } - -+static lookup_info iplsearch_lookup_info = { -+ US"iplsearch", /* lookup name */ -+ lookup_absfile, /* uses absolute file name */ -+ lsearch_open, /* open function */ -+ lsearch_check, /* check function */ -+ iplsearch_find, /* find function */ -+ lsearch_close, /* close function */ -+ NULL, /* no tidy function */ -+ NULL /* no quoting function */ -+}; -+ -+static lookup_info lsearch_lookup_info = { -+ US"lsearch", /* lookup name */ -+ lookup_absfile, /* uses absolute file name */ -+ lsearch_open, /* open function */ -+ lsearch_check, /* check function */ -+ lsearch_find, /* find function */ -+ lsearch_close, /* close function */ -+ NULL, /* no tidy function */ -+ NULL /* no quoting function */ -+}; -+ -+static lookup_info nwildlsearch_lookup_info = { -+ US"nwildlsearch", /* lookup name */ -+ lookup_absfile, /* uses absolute file name */ -+ lsearch_open, /* open function */ -+ lsearch_check, /* check function */ -+ nwildlsearch_find, /* find function */ -+ lsearch_close, /* close function */ -+ NULL, /* no tidy function */ -+ NULL /* no quoting function */ -+}; -+ -+static lookup_info wildlsearch_lookup_info = { -+ US"wildlsearch", /* lookup name */ -+ lookup_absfile, /* uses absolute file name */ -+ lsearch_open, /* open function */ -+ lsearch_check, /* check function */ -+ wildlsearch_find, /* find function */ -+ lsearch_close, /* close function */ -+ NULL, /* no tidy function */ -+ NULL /* no quoting function */ -+}; -+ -+#ifdef DYNLOOKUP -+#define lsearch_lookup_module_info _lookup_module_info -+#endif -+ -+static lookup_info *_lookup_list[] = { &iplsearch_lookup_info, -+ &lsearch_lookup_info, -+ &nwildlsearch_lookup_info, -+ &wildlsearch_lookup_info }; -+lookup_module_info lsearch_lookup_module_info = { LOOKUP_MODULE_INFO_MAGIC, _lookup_list, 4 }; -+ - /* End of lookups/lsearch.c */ -diff -uNr exim-4.71/src/lookups/lsearch.h exim-4.71-dynlookup/src/lookups/lsearch.h ---- exim-4.71/src/lookups/lsearch.h 2009-11-16 19:50:38.000000000 +0000 -+++ exim-4.71-dynlookup/src/lookups/lsearch.h 1970-01-01 01:00:00.000000000 +0100 -@@ -1,25 +0,0 @@ --/* $Cambridge: exim/exim-src/src/lookups/lsearch.h,v 1.5 2009/11/16 19:50:38 nm4 Exp $ */ -- --/************************************************* --* Exim - an Internet mail transport agent * --*************************************************/ -- --/* Copyright (c) University of Cambridge 1995 - 2009 */ --/* See the file NOTICE for conditions of use and distribution. */ -- --/* Header for the lsearch and wildlsearch lookups */ -- --extern void *lsearch_open(uschar *, uschar **); --extern BOOL lsearch_check(void *, uschar *, int, uid_t *, gid_t *, uschar **); --extern int lsearch_find(void *, uschar *, uschar *, int, uschar **, -- uschar **, BOOL *); --extern void lsearch_close(void *); -- --extern int wildlsearch_find(void *, uschar *, uschar *, int, uschar **, -- uschar **, BOOL *); --extern int nwildlsearch_find(void *, uschar *, uschar *, int, uschar **, -- uschar **, BOOL *); --extern int iplsearch_find(void *, uschar *, uschar *, int, uschar **, -- uschar **, BOOL *); -- --/* End of lookups/lsearch.h */ -diff -uNr exim-4.71/src/lookups/Makefile exim-4.71-dynlookup/src/lookups/Makefile ---- exim-4.71/src/lookups/Makefile 2009-06-10 08:34:05.000000000 +0100 -+++ exim-4.71-dynlookup/src/lookups/Makefile 2009-12-24 19:54:45.000000000 +0000 +diff --git a/src/src/lookups/Makefile b/src/src/lookups/Makefile +index 2c7cb87..76e56da 100644 +--- a/src/src/lookups/Makefile ++++ b/src/src/lookups/Makefile @@ -1,13 +1,171 @@ - # $Cambridge: exim/exim-src/src/lookups/Makefile,v 1.9 2009/06/10 07:34:05 tom Exp $ + # $Cambridge: exim/src/src/lookups/Makefile,v 1.9 2009/06/10 07:34:05 tom Exp $ -# Make file for building a library containing all the available lookups and -# calling it lookups.a. This is called from the main make file, after cd'ing -# to the lookups subdirectory. When the relevant LOOKUP_ macros are not -# defined, dummy modules get compiled. -- --OBJ = cdb.o dbmdb.o dnsdb.o dsearch.o ibase.o ldap.o lsearch.o mysql.o nis.o \ -- nisplus.o oracle.o passwd.o pgsql.o spf.o sqlite.o testdb.o whoson.o \ -- lf_check_file.o lf_quote.o lf_sqlperform.o +# Make file for building all the available lookups. +# This is called from the main make file, after cd'ing +# to the lookups subdirectory. -+ + +-OBJ = cdb.o dbmdb.o dnsdb.o dsearch.o ibase.o ldap.o lsearch.o mysql.o nis.o \ +- nisplus.o oracle.o passwd.o pgsql.o spf.o sqlite.o testdb.o whoson.o \ +- lf_check_file.o lf_quote.o lf_sqlperform.o +# because the variable is EXPERIMENTAL_SPF and not LOOKUP_SPF +# we put this one here by default and compile a dummy if +# EXPERIMENTAL_SPF is not defined @@ -2053,7 +1300,7 @@ diff -uNr exim-4.71/src/lookups/Makefile exim-4.71-dynlookup/src/lookups/Makefil lookups.a: $(OBJ) @$(RM_COMMAND) -f lookups.a -@@ -15,30 +173,51 @@ +@@ -15,30 +173,51 @@ lookups.a: $(OBJ) @$(AR) lookups.a $(OBJ) $(RANLIB) $@ @@ -2123,10 +1370,845 @@ diff -uNr exim-4.71/src/lookups/Makefile exim-4.71-dynlookup/src/lookups/Makefil +whoson.so: $(HDRS) whoson.c # End -diff -uNr exim-4.71/src/lookups/mysql.c exim-4.71-dynlookup/src/lookups/mysql.c ---- exim-4.71/src/lookups/mysql.c 2009-11-16 19:50:38.000000000 +0000 -+++ exim-4.71-dynlookup/src/lookups/mysql.c 2009-12-24 19:54:49.000000000 +0000 -@@ -13,22 +13,6 @@ +diff --git a/src/src/lookups/cdb.c b/src/src/lookups/cdb.c +index 68000c6..6e8b887 100644 +--- a/src/src/lookups/cdb.c ++++ b/src/src/lookups/cdb.c +@@ -56,7 +56,6 @@ + + #include "../exim.h" + #include "lf_functions.h" +-#include "cdb.h" + + #ifdef HAVE_MMAP + # include +@@ -144,7 +143,9 @@ cdb_unpack(uschar *buf) + return num; + } + +-void * ++static void cdb_close(void *handle); ++ ++static void * + cdb_open(uschar *filename, + uschar **errmsg) + { +@@ -245,7 +246,7 @@ cdb_open(uschar *filename, + * Check entry point * + *************************************************/ + +-BOOL ++static BOOL + cdb_check(void *handle, + uschar *filename, + int modemask, +@@ -270,7 +271,7 @@ cdb_check(void *handle, + * Find entry point * + *************************************************/ + +-int ++static int + cdb_find(void *handle, + uschar *filename, + uschar *keystring, +@@ -418,7 +419,7 @@ cdb_find(void *handle, + + /* See local README for interface description */ + +-void ++static void + cdb_close(void *handle) + { + struct cdb_state * cdbp = handle; +@@ -434,4 +435,22 @@ struct cdb_state * cdbp = handle; + (void)close(cdbp->fileno); + } + ++lookup_info cdb_lookup_info = { ++ US"cdb", /* lookup name */ ++ lookup_absfile, /* uses absolute file name */ ++ cdb_open, /* open function */ ++ cdb_check, /* check function */ ++ cdb_find, /* find function */ ++ cdb_close, /* close function */ ++ NULL, /* no tidy function */ ++ NULL /* no quoting function */ ++}; ++ ++#ifdef DYNLOOKUP ++#define cdb_lookup_module_info _lookup_module_info ++#endif ++ ++static lookup_info *_lookup_list[] = { &cdb_lookup_info }; ++lookup_module_info cdb_lookup_module_info = { LOOKUP_MODULE_INFO_MAGIC, _lookup_list, 1 }; ++ + /* End of lookups/cdb.c */ +diff --git a/src/src/lookups/cdb.h b/src/src/lookups/cdb.h +deleted file mode 100644 +index 084cafc..0000000 +--- a/src/src/lookups/cdb.h ++++ /dev/null +@@ -1,59 +0,0 @@ +-/* $Cambridge: exim/src/src/lookups/cdb.h,v 1.1 2004/10/07 13:10:01 ph10 Exp $ */ +- +-/************************************************* +-* Exim - an Internet mail transport agent * +-*************************************************/ +- +-/* +- * $Id: cdb.h,v 1.2.2.1 1998/05/29 16:21:36 cvs Exp $ +- * +- * Exim - CDB database lookup module +- * ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +- * +- * Copyright (c) 1998 Nigel Metheringham, Planet Online Ltd +- * +- * This program is free software; you can redistribute it and/or +- * modify it under the terms of the GNU General Public License +- * as published by the Free Software Foundation; either version 2 +- * of the License, or (at your option) any later version. +- * +- * This program is distributed in the hope that it will be useful, +- * but WITHOUT ANY WARRANTY; without even the implied warranty of +- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +- * GNU General Public License for more details. +- * +- * You should have received a copy of the GNU General Public License +- * along with this program; if not, write to the Free Software +- * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA +- * 02111-1307, USA. +- * +- * +- * This code implements Dan Bernstein's Constant DataBase (cdb) spec. +- * Information, the spec and sample code for cdb can be obtained from +- * http://www.pobox.com/~djb/cdb.html +- * +- * This implementation borrows some code from Dan Bernstein's +- * implementation (which has no license restrictions applied to it). +- * This (read-only) implementation is completely contained within +- * cdb.[ch] it does *not* link against an external cdb library. +- * +- * +- * There are 2 varients included within this code. One uses MMAP and +- * should give better performance especially for multiple lookups on a +- * modern machine. The other is the default implementation which is +- * used in the case where the MMAP fails or if MMAP was not compiled +- * in. this implementation is the same as the original reference cdb +- * implementation. +- * +- */ +- +- +-/* Functions for reading exim cdb files */ +- +-extern void *cdb_open(uschar *, uschar **); +-extern BOOL cdb_check(void *, uschar *, int, uid_t *, gid_t *, uschar **); +-extern int cdb_find(void *, uschar *, uschar *, int, uschar **, uschar **, +- BOOL *); +-extern void cdb_close(void *); +- +-/* End of cdb.h */ +diff --git a/src/src/lookups/dbmdb.c b/src/src/lookups/dbmdb.c +index 200a204..29a4a3a 100644 +--- a/src/src/lookups/dbmdb.c ++++ b/src/src/lookups/dbmdb.c +@@ -9,7 +9,6 @@ + + #include "../exim.h" + #include "lf_functions.h" +-#include "dbmdb.h" + + + /************************************************* +@@ -18,7 +17,7 @@ + + /* See local README for interface description */ + +-void * ++static void * + dbmdb_open(uschar *filename, uschar **errmsg) + { + EXIM_DB *yield; +@@ -45,7 +44,7 @@ file name. If USE_TDB or USE_GDBM is set, we know it is tdb or gdbm, which do + the same. Otherwise, for safety, we have to check for x.db or x.dir and x.pag. + */ + +-BOOL ++static BOOL + dbmdb_check(void *handle, uschar *filename, int modemask, uid_t *owners, + gid_t *owngroups, uschar **errmsg) + { +@@ -88,7 +87,7 @@ return rc == 0; + /* See local README for interface description. This function adds 1 to + the keylength in order to include the terminating zero. */ + +-int ++static int + dbmdb_find(void *handle, uschar *filename, uschar *keystring, int length, + uschar **result, uschar **errmsg, BOOL *do_cache) + { +@@ -122,7 +121,7 @@ return FAIL; + /* See local README for interface description */ + + int +-dbmnz_find(void *handle, uschar *filename, uschar *keystring, int length, ++static dbmnz_find(void *handle, uschar *filename, uschar *keystring, int length, + uschar **result, uschar **errmsg, BOOL *do_cache) + { + return dbmdb_find(handle, filename, keystring, length-1, result, errmsg, +@@ -138,9 +137,38 @@ return dbmdb_find(handle, filename, keystring, length-1, result, errmsg, + /* See local README for interface description */ + + void +-dbmdb_close(void *handle) ++static dbmdb_close(void *handle) + { + EXIM_DBCLOSE((EXIM_DB *)handle); + } + ++lookup_info dbm_lookup_info = { ++ US"dbm", /* lookup name */ ++ lookup_absfile, /* uses absolute file name */ ++ dbmdb_open, /* open function */ ++ dbmdb_check, /* check function */ ++ dbmdb_find, /* find function */ ++ dbmdb_close, /* close function */ ++ NULL, /* no tidy function */ ++ NULL /* no quoting function */ ++}; ++ ++lookup_info dbmz_lookup_info = { ++ US"dbmnz", /* lookup name */ ++ lookup_absfile, /* uses absolute file name */ ++ dbmdb_open, /* sic */ /* open function */ ++ dbmdb_check, /* sic */ /* check function */ ++ dbmnz_find, /* find function */ ++ dbmdb_close, /* sic */ /* close function */ ++ NULL, /* no tidy function */ ++ NULL /* no quoting function */ ++}; ++ ++#ifdef DYNLOOKUP ++#define dbmdb_lookup_module_info _lookup_module_info ++#endif ++ ++static lookup_info *_lookup_list[] = { &dbm_lookup_info, &dbmz_lookup_info }; ++lookup_module_info dbmdb_lookup_module_info = { LOOKUP_MODULE_INFO_MAGIC, _lookup_list, 2 }; ++ + /* End of lookups/dbmdb.c */ +diff --git a/src/src/lookups/dbmdb.h b/src/src/lookups/dbmdb.h +deleted file mode 100644 +index d791383..0000000 +--- a/src/src/lookups/dbmdb.h ++++ /dev/null +@@ -1,21 +0,0 @@ +-/* $Cambridge: exim/src/src/lookups/dbmdb.h,v 1.5 2009/11/16 19:50:38 nm4 Exp $ */ +- +-/************************************************* +-* Exim - an Internet mail transport agent * +-*************************************************/ +- +-/* Copyright (c) University of Cambridge 1995 - 2009 */ +-/* See the file NOTICE for conditions of use and distribution. */ +- +-/* Header for the dbm lookup. Use dbmdb in the code to avoid name +-clashes with external library names. */ +- +-extern void *dbmdb_open(uschar *, uschar **); +-extern BOOL dbmdb_check(void *, uschar *, int, uid_t *, gid_t *, uschar **); +-extern int dbmdb_find(void *, uschar *, uschar *, int, uschar **, uschar **, +- BOOL *); +-extern int dbmnz_find(void *, uschar *, uschar *, int, uschar **, uschar **, +- BOOL *); +-extern void dbmdb_close(void *); +- +-/* End of lookups/dbmdb.h */ +diff --git a/src/src/lookups/dnsdb.c b/src/src/lookups/dnsdb.c +index 89ad67d..5c9f96b 100644 +--- a/src/src/lookups/dnsdb.c ++++ b/src/src/lookups/dnsdb.c +@@ -9,7 +9,6 @@ + + #include "../exim.h" + #include "lf_functions.h" +-#include "dnsdb.h" + + + +@@ -67,7 +66,7 @@ static int type_values[] = { + + /* See local README for interface description. */ + +-void * ++static void * + dnsdb_open(uschar *filename, uschar **errmsg) + { + filename = filename; /* Keep picky compilers happy */ +@@ -108,7 +107,7 @@ default is "TXT". + which may start with '<' in order to set a specific separator. The default + separator, as always, is colon. */ + +-int ++static int + dnsdb_find(void *handle, uschar *filename, uschar *keystring, int length, + uschar **result, uschar **errmsg, BOOL *do_cache) + { +@@ -430,4 +429,22 @@ yield[ptr] = 0; + return OK; + } + ++static lookup_info _lookup_info = { ++ US"dnsdb", /* lookup name */ ++ lookup_querystyle, /* query style */ ++ dnsdb_open, /* open function */ ++ NULL, /* check function */ ++ dnsdb_find, /* find function */ ++ NULL, /* no close function */ ++ NULL, /* no tidy function */ ++ NULL /* no quoting function */ ++}; ++ ++#ifdef DYNLOOKUP ++#define dnsdb_lookup_module_info _lookup_module_info ++#endif ++ ++static lookup_info *_lookup_list[] = { &_lookup_info }; ++lookup_module_info dnsdb_lookup_module_info = { LOOKUP_MODULE_INFO_MAGIC, _lookup_list, 1 }; ++ + /* End of lookups/dnsdb.c */ +diff --git a/src/src/lookups/dnsdb.h b/src/src/lookups/dnsdb.h +deleted file mode 100644 +index c0e3a55..0000000 +--- a/src/src/lookups/dnsdb.h ++++ /dev/null +@@ -1,16 +0,0 @@ +-/* $Cambridge: exim/src/src/lookups/dnsdb.h,v 1.5 2009/11/16 19:50:38 nm4 Exp $ */ +- +-/************************************************* +-* Exim - an Internet mail transport agent * +-*************************************************/ +- +-/* Copyright (c) University of Cambridge 1995 - 2009 */ +-/* See the file NOTICE for conditions of use and distribution. */ +- +-/* Header for the dnsdb lookup */ +- +-extern void *dnsdb_open(uschar *, uschar **); +-extern int dnsdb_find(void *, uschar *, uschar *, int, uschar **, uschar **, +- BOOL *); +- +-/* End of lookups/dnsdb.h */ +diff --git a/src/src/lookups/dsearch.c b/src/src/lookups/dsearch.c +index ab468ca..575872c 100644 +--- a/src/src/lookups/dsearch.c ++++ b/src/src/lookups/dsearch.c +@@ -14,7 +14,6 @@ lstat()) rather than a directory scan). */ + + #include "../exim.h" + #include "lf_functions.h" +-#include "dsearch.h" + + + +@@ -27,7 +26,7 @@ whether it exists and whether it is searchable. However, we don't need to keep + it open, because the "search" can be done by a call to lstat() rather than + actually scanning through the list of files. */ + +-void * ++static void * + dsearch_open(uschar *dirname, uschar **errmsg) + { + DIR *dp = opendir(CS dirname); +@@ -51,7 +50,7 @@ return (void *)(-1); + integer as this gives warnings on 64-bit systems. */ + + BOOL +-dsearch_check(void *handle, uschar *filename, int modemask, uid_t *owners, ++static dsearch_check(void *handle, uschar *filename, int modemask, uid_t *owners, + gid_t *owngroups, uschar **errmsg) + { + handle = handle; +@@ -69,7 +68,7 @@ scanning the directory, as it is hopefully faster to let the OS do the scanning + for us. */ + + int +-dsearch_find(void *handle, uschar *dirname, uschar *keystring, int length, ++static dsearch_find(void *handle, uschar *dirname, uschar *keystring, int length, + uschar **result, uschar **errmsg, BOOL *do_cache) + { + struct stat statbuf; +@@ -115,9 +114,27 @@ return DEFER; + /* See local README for interface description */ + + void +-dsearch_close(void *handle) ++static dsearch_close(void *handle) + { + handle = handle; /* Avoid compiler warning */ + } + ++static lookup_info _lookup_info = { ++ US"dsearch", /* lookup name */ ++ lookup_absfile, /* uses absolute file name */ ++ dsearch_open, /* open function */ ++ dsearch_check, /* check function */ ++ dsearch_find, /* find function */ ++ dsearch_close, /* close function */ ++ NULL, /* no tidy function */ ++ NULL /* no quoting function */ ++}; ++ ++#ifdef DYNLOOKUP ++#define dsearch_lookup_module_info _lookup_module_info ++#endif ++ ++static lookup_info *_lookup_list[] = { &_lookup_info }; ++lookup_module_info dsearch_lookup_module_info = { LOOKUP_MODULE_INFO_MAGIC, _lookup_list, 1 }; ++ + /* End of lookups/dsearch.c */ +diff --git a/src/src/lookups/dsearch.h b/src/src/lookups/dsearch.h +deleted file mode 100644 +index 771e736..0000000 +--- a/src/src/lookups/dsearch.h ++++ /dev/null +@@ -1,18 +0,0 @@ +-/* $Cambridge: exim/src/src/lookups/dsearch.h,v 1.5 2009/11/16 19:50:38 nm4 Exp $ */ +- +-/************************************************* +-* Exim - an Internet mail transport agent * +-*************************************************/ +- +-/* Copyright (c) University of Cambridge 1995 - 2009 */ +-/* See the file NOTICE for conditions of use and distribution. */ +- +-/* Header for the dsearch lookup */ +- +-extern void *dsearch_open(uschar *, uschar **); +-extern BOOL dsearch_check(void *, uschar *, int, uid_t *, gid_t *, uschar **); +-extern int dsearch_find(void *, uschar *, uschar *, int, uschar **, uschar **, +- BOOL *); +-extern void dsearch_close(void *); +- +-/* End of lookups/dsearch.h */ +diff --git a/src/src/lookups/ibase.c b/src/src/lookups/ibase.c +index 4ab153d..553d368 100644 +--- a/src/src/lookups/ibase.c ++++ b/src/src/lookups/ibase.c +@@ -11,14 +11,7 @@ + + #include "../exim.h" + #include "lf_functions.h" +-#include "ibase.h" + +-#ifndef LOOKUP_IBASE +-static void dummy(int x) +-{ +- dummy(x - 1); +-} +-#else + #include /* The system header */ + + /* Structure and anchor for caching connections. */ +@@ -40,7 +33,7 @@ static ibase_connection *ibase_connections = NULL; + + /* See local README for interface description. */ + +-void *ibase_open(uschar * filename, uschar ** errmsg) ++static void *ibase_open(uschar * filename, uschar ** errmsg) + { + return (void *) (1); /* Just return something non-null */ + } +@@ -53,7 +46,7 @@ void *ibase_open(uschar * filename, uschar ** errmsg) + + /* See local README for interface description. */ + +-void ibase_tidy(void) ++static void ibase_tidy(void) + { + ibase_connection *cn; + ISC_STATUS status[20]; +@@ -458,7 +451,7 @@ always leaves enough room for a terminating zero. */ + arguments are not used. Loop through a list of servers while the query is + deferred with a retryable error. */ + +-int ++static int + ibase_find(void *handle, uschar * filename, uschar * query, int length, + uschar ** result, uschar ** errmsg, BOOL *do_cache) + { +@@ -510,7 +503,7 @@ Arguments: + Returns: the processed string or NULL for a bad option + */ + +-uschar *ibase_quote(uschar * s, uschar * opt) ++static uschar *ibase_quote(uschar * s, uschar * opt) + { + register int c; + int count = 0; +@@ -553,6 +546,22 @@ uschar *ibase_quote(uschar * s, uschar * opt) + return quoted; + } + ++static lookup_info _lookup_info = { ++ US"ibase", /* lookup name */ ++ lookup_querystyle, /* query-style lookup */ ++ ibase_open, /* open function */ ++ NULL, /* no check function */ ++ ibase_find, /* find function */ ++ NULL, /* no close function */ ++ ibase_tidy, /* tidy function */ ++ ibase_quote /* quoting function */ ++}; ++ ++#ifdef DYNLOOKUP ++#define ibase_lookup_module_info _lookup_module_info + #endif ++ ++static lookup_info *_lookup_list[] = { &_lookup_info }; ++lookup_module_info ibase_lookup_module_info = { LOOKUP_MODULE_INFO_MAGIC, _lookup_list, 1 }; + + /* End of lookups/ibase.c */ +diff --git a/src/src/lookups/ibase.h b/src/src/lookups/ibase.h +deleted file mode 100644 +index 640772a..0000000 +--- a/src/src/lookups/ibase.h ++++ /dev/null +@@ -1,18 +0,0 @@ +-/* $Cambridge: exim/src/src/lookups/ibase.h,v 1.5 2009/11/16 19:50:38 nm4 Exp $ */ +- +-/************************************************* +-* Exim - an Internet mail transport agent * +-*************************************************/ +- +-/* Copyright (c) University of Cambridge 1995 - 2009 */ +-/* See the file NOTICE for conditions of use and distribution. */ +- +-/* Header for the Interbase lookup functions */ +- +-extern void *ibase_open(uschar *, uschar **); +-extern int ibase_find(void *, uschar *, uschar *, int, uschar **, uschar **, +- BOOL *); +-extern void ibase_tidy(void); +-extern uschar *ibase_quote(uschar *, uschar *); +- +-/* End of lookups/ibase.h */ +diff --git a/src/src/lookups/ldap.c b/src/src/lookups/ldap.c +index 936fe36..461ec15 100644 +--- a/src/src/lookups/ldap.c ++++ b/src/src/lookups/ldap.c +@@ -15,20 +15,6 @@ researching how to handle the different kinds of error. */ + + #include "../exim.h" + #include "lf_functions.h" +-#include "ldap.h" +- +- +-/* We can't just compile this code and allow the library mechanism to omit the +-functions if they are not wanted, because we need to have the LDAP headers +-available for compiling. Therefore, compile these functions only if LOOKUP_LDAP +-is defined. However, some compilers don't like compiling empty modules, so keep +-them happy with a dummy when skipping the rest. Make it reference itself to +-stop picky compilers complaining that it is unused, and put in a dummy argument +-to stop even pickier compilers complaining about infinite loops. */ +- +-#ifndef LOOKUP_LDAP +-static void dummy(int x) { dummy(x-1); } +-#else + + + /* Include LDAP headers. The code below uses some "old" LDAP interfaces that +@@ -1196,7 +1182,7 @@ return DEFER; + are handled by a common function, with a flag to differentiate between them. + The handle and filename arguments are not used. */ + +-int ++static int + eldap_find(void *handle, uschar *filename, uschar *ldap_url, int length, + uschar **result, uschar **errmsg, BOOL *do_cache) + { +@@ -1205,7 +1191,7 @@ do_cache = do_cache; + return(control_ldap_search(ldap_url, SEARCH_LDAP_SINGLE, result, errmsg)); + } + +-int ++static int + eldapm_find(void *handle, uschar *filename, uschar *ldap_url, int length, + uschar **result, uschar **errmsg, BOOL *do_cache) + { +@@ -1214,7 +1200,7 @@ do_cache = do_cache; + return(control_ldap_search(ldap_url, SEARCH_LDAP_MULTIPLE, result, errmsg)); + } + +-int ++static int + eldapdn_find(void *handle, uschar *filename, uschar *ldap_url, int length, + uschar **result, uschar **errmsg, BOOL *do_cache) + { +@@ -1240,7 +1226,7 @@ return(control_ldap_search(ldap_url, SEARCH_LDAP_AUTH, result, errmsg)); + + /* See local README for interface description. */ + +-void * ++static void * + eldap_open(uschar *filename, uschar **errmsg) + { + return (void *)(1); /* Just return something non-null */ +@@ -1255,7 +1241,7 @@ return (void *)(1); /* Just return something non-null */ + /* See local README for interface description. + Make sure that eldap_dn does not refer to reclaimed or worse, freed store */ + +-void ++static void + eldap_tidy(void) + { + LDAP_CONNECTION *lcp = NULL; +@@ -1351,7 +1337,7 @@ quote_ldap_dn, respectively. */ + + + +-uschar * ++static uschar * + eldap_quote(uschar *s, uschar *opt) + { + register int c; +@@ -1470,6 +1456,44 @@ else + return quoted; + } + +-#endif /* LOOKUP_LDAP */ ++static lookup_info ldap_lookup_info = { ++ US"ldap", /* lookup name */ ++ lookup_querystyle, /* query-style lookup */ ++ eldap_open, /* open function */ ++ NULL, /* check function */ ++ eldap_find, /* find function */ ++ NULL, /* no close function */ ++ eldap_tidy, /* tidy function */ ++ eldap_quote /* quoting function */ ++}; ++ ++static lookup_info ldapdn_lookup_info = { ++ US"ldapdn", /* lookup name */ ++ lookup_querystyle, /* query-style lookup */ ++ eldap_open, /* sic */ /* open function */ ++ NULL, /* check function */ ++ eldapdn_find, /* find function */ ++ NULL, /* no close function */ ++ eldap_tidy, /* sic */ /* tidy function */ ++ eldap_quote /* sic */ /* quoting function */ ++}; ++ ++static lookup_info ldapm_lookup_info = { ++ US"ldapm", /* lookup name */ ++ lookup_querystyle, /* query-style lookup */ ++ eldap_open, /* sic */ /* open function */ ++ NULL, /* check function */ ++ eldapm_find, /* find function */ ++ NULL, /* no close function */ ++ eldap_tidy, /* sic */ /* tidy function */ ++ eldap_quote /* sic */ /* quoting function */ ++}; ++ ++#ifdef DYNLOOKUP ++#define ldap_lookup_module_info _lookup_module_info ++#endif ++ ++static lookup_info *_lookup_list[] = { &ldap_lookup_info, &ldapdn_lookup_info, &ldapm_lookup_info }; ++lookup_module_info ldap_lookup_module_info = { LOOKUP_MODULE_INFO_MAGIC, _lookup_list, 3 }; + + /* End of lookups/ldap.c */ +diff --git a/src/src/lookups/ldap.h b/src/src/lookups/ldap.h +index b0f0ae5..21069e0 100644 +--- a/src/src/lookups/ldap.h ++++ b/src/src/lookups/ldap.h +@@ -7,18 +7,9 @@ + /* Copyright (c) University of Cambridge 1995 - 2009 */ + /* See the file NOTICE for conditions of use and distribution. */ + +-/* Header for the ldap lookups */ ++/* Header for eldapauth_find */ + +-extern void *eldap_open(uschar *, uschar **); +-extern int eldap_find(void *, uschar *, uschar *, int, uschar **, uschar **, +- BOOL *); + extern int eldapauth_find(void *, uschar *, uschar *, int, uschar **, + uschar **, BOOL *); +-extern int eldapdn_find(void *, uschar *, uschar *, int, uschar **, +- uschar **, BOOL *); +-extern int eldapm_find(void *, uschar *, uschar *, int, uschar **, +- uschar **, BOOL *); +-extern void eldap_tidy(void); +-extern uschar *eldap_quote(uschar *, uschar *); + + /* End of lookups/ldap.h */ +diff --git a/src/src/lookups/lsearch.c b/src/src/lookups/lsearch.c +index ccb4850..5d64638 100644 +--- a/src/src/lookups/lsearch.c ++++ b/src/src/lookups/lsearch.c +@@ -9,7 +9,6 @@ + + #include "../exim.h" + #include "lf_functions.h" +-#include "lsearch.h" + + /* Codes for the different kinds of lsearch that are supported */ + +@@ -28,7 +27,7 @@ enum { + + /* See local README for interface description */ + +-void * ++static void * + lsearch_open(uschar *filename, uschar **errmsg) + { + FILE *f = Ufopen(filename, "rb"); +@@ -48,7 +47,7 @@ return f; + * Check entry point * + *************************************************/ + +-BOOL ++static BOOL + lsearch_check(void *handle, uschar *filename, int modemask, uid_t *owners, + gid_t *owngroups, uschar **errmsg) + { +@@ -324,7 +323,7 @@ return FAIL; + + /* See local README for interface description */ + +-int ++static int + lsearch_find(void *handle, uschar *filename, uschar *keystring, int length, + uschar **result, uschar **errmsg, BOOL *do_cache) + { +@@ -341,7 +340,7 @@ return internal_lsearch_find(handle, filename, keystring, length, result, + + /* See local README for interface description */ + +-int ++static int + wildlsearch_find(void *handle, uschar *filename, uschar *keystring, int length, + uschar **result, uschar **errmsg, BOOL *do_cache) + { +@@ -358,7 +357,7 @@ return internal_lsearch_find(handle, filename, keystring, length, result, + + /* See local README for interface description */ + +-int ++static int + nwildlsearch_find(void *handle, uschar *filename, uschar *keystring, int length, + uschar **result, uschar **errmsg, BOOL *do_cache) + { +@@ -376,7 +375,7 @@ return internal_lsearch_find(handle, filename, keystring, length, result, + + /* See local README for interface description */ + +-int ++static int + iplsearch_find(void *handle, uschar *filename, uschar *keystring, int length, + uschar **result, uschar **errmsg, BOOL *do_cache) + { +@@ -405,10 +404,64 @@ else + + /* See local README for interface description */ + +-void ++static void + lsearch_close(void *handle) + { + (void)fclose((FILE *)handle); + } + ++static lookup_info iplsearch_lookup_info = { ++ US"iplsearch", /* lookup name */ ++ lookup_absfile, /* uses absolute file name */ ++ lsearch_open, /* open function */ ++ lsearch_check, /* check function */ ++ iplsearch_find, /* find function */ ++ lsearch_close, /* close function */ ++ NULL, /* no tidy function */ ++ NULL /* no quoting function */ ++}; ++ ++static lookup_info lsearch_lookup_info = { ++ US"lsearch", /* lookup name */ ++ lookup_absfile, /* uses absolute file name */ ++ lsearch_open, /* open function */ ++ lsearch_check, /* check function */ ++ lsearch_find, /* find function */ ++ lsearch_close, /* close function */ ++ NULL, /* no tidy function */ ++ NULL /* no quoting function */ ++}; ++ ++static lookup_info nwildlsearch_lookup_info = { ++ US"nwildlsearch", /* lookup name */ ++ lookup_absfile, /* uses absolute file name */ ++ lsearch_open, /* open function */ ++ lsearch_check, /* check function */ ++ nwildlsearch_find, /* find function */ ++ lsearch_close, /* close function */ ++ NULL, /* no tidy function */ ++ NULL /* no quoting function */ ++}; ++ ++static lookup_info wildlsearch_lookup_info = { ++ US"wildlsearch", /* lookup name */ ++ lookup_absfile, /* uses absolute file name */ ++ lsearch_open, /* open function */ ++ lsearch_check, /* check function */ ++ wildlsearch_find, /* find function */ ++ lsearch_close, /* close function */ ++ NULL, /* no tidy function */ ++ NULL /* no quoting function */ ++}; ++ ++#ifdef DYNLOOKUP ++#define lsearch_lookup_module_info _lookup_module_info ++#endif ++ ++static lookup_info *_lookup_list[] = { &iplsearch_lookup_info, ++ &lsearch_lookup_info, ++ &nwildlsearch_lookup_info, ++ &wildlsearch_lookup_info }; ++lookup_module_info lsearch_lookup_module_info = { LOOKUP_MODULE_INFO_MAGIC, _lookup_list, 4 }; ++ + /* End of lookups/lsearch.c */ +diff --git a/src/src/lookups/lsearch.h b/src/src/lookups/lsearch.h +deleted file mode 100644 +index 332b01c..0000000 +--- a/src/src/lookups/lsearch.h ++++ /dev/null +@@ -1,25 +0,0 @@ +-/* $Cambridge: exim/src/src/lookups/lsearch.h,v 1.5 2009/11/16 19:50:38 nm4 Exp $ */ +- +-/************************************************* +-* Exim - an Internet mail transport agent * +-*************************************************/ +- +-/* Copyright (c) University of Cambridge 1995 - 2009 */ +-/* See the file NOTICE for conditions of use and distribution. */ +- +-/* Header for the lsearch and wildlsearch lookups */ +- +-extern void *lsearch_open(uschar *, uschar **); +-extern BOOL lsearch_check(void *, uschar *, int, uid_t *, gid_t *, uschar **); +-extern int lsearch_find(void *, uschar *, uschar *, int, uschar **, +- uschar **, BOOL *); +-extern void lsearch_close(void *); +- +-extern int wildlsearch_find(void *, uschar *, uschar *, int, uschar **, +- uschar **, BOOL *); +-extern int nwildlsearch_find(void *, uschar *, uschar *, int, uschar **, +- uschar **, BOOL *); +-extern int iplsearch_find(void *, uschar *, uschar *, int, uschar **, +- uschar **, BOOL *); +- +-/* End of lookups/lsearch.h */ +diff --git a/src/src/lookups/mysql.c b/src/src/lookups/mysql.c +index f2e9a15..97b9c11 100644 +--- a/src/src/lookups/mysql.c ++++ b/src/src/lookups/mysql.c +@@ -13,22 +13,6 @@ functions. */ #include "../exim.h" #include "lf_functions.h" @@ -2149,7 +2231,7 @@ diff -uNr exim-4.71/src/lookups/mysql.c exim-4.71-dynlookup/src/lookups/mysql.c #include /* The system header */ -@@ -51,7 +35,7 @@ +@@ -51,7 +35,7 @@ static mysql_connection *mysql_connections = NULL; /* See local README for interface description. */ @@ -2158,7 +2240,7 @@ diff -uNr exim-4.71/src/lookups/mysql.c exim-4.71-dynlookup/src/lookups/mysql.c mysql_open(uschar *filename, uschar **errmsg) { return (void *)(1); /* Just return something non-null */ -@@ -65,7 +49,7 @@ +@@ -65,7 +49,7 @@ return (void *)(1); /* Just return something non-null */ /* See local README for interface description. */ @@ -2167,7 +2249,7 @@ diff -uNr exim-4.71/src/lookups/mysql.c exim-4.71-dynlookup/src/lookups/mysql.c mysql_tidy(void) { mysql_connection *cn; -@@ -342,7 +326,7 @@ +@@ -357,7 +341,7 @@ arguments are not used. The code to loop through a list of servers while the query is deferred with a retryable error is now in a separate function that is shared with other SQL lookups. */ @@ -2176,7 +2258,7 @@ diff -uNr exim-4.71/src/lookups/mysql.c exim-4.71-dynlookup/src/lookups/mysql.c mysql_find(void *handle, uschar *filename, uschar *query, int length, uschar **result, uschar **errmsg, BOOL *do_cache) { -@@ -372,7 +356,7 @@ +@@ -387,7 +371,7 @@ Arguments: Returns: the processed string or NULL for a bad option */ @@ -2185,10 +2267,12 @@ diff -uNr exim-4.71/src/lookups/mysql.c exim-4.71-dynlookup/src/lookups/mysql.c mysql_quote(uschar *s, uschar *opt) { register int c; -@@ -414,7 +398,24 @@ +@@ -429,7 +413,24 @@ while ((c = *s++) != 0) return quoted; } +- +-#endif /* MYSQL_LOOKUP */ +/* These are the lookup_info blocks for this driver */ + +static lookup_info mysql_lookup_info = { @@ -2205,17 +2289,18 @@ diff -uNr exim-4.71/src/lookups/mysql.c exim-4.71-dynlookup/src/lookups/mysql.c +#ifdef DYNLOOKUP +#define mysql_lookup_module_info _lookup_module_info +#endif - --#endif /* MYSQL_LOOKUP */ ++ +static lookup_info *_lookup_list[] = { &mysql_lookup_info }; +lookup_module_info mysql_lookup_module_info = { LOOKUP_MODULE_INFO_MAGIC, _lookup_list, 1 }; /* End of lookups/mysql.c */ -diff -uNr exim-4.71/src/lookups/mysql.h exim-4.71-dynlookup/src/lookups/mysql.h ---- exim-4.71/src/lookups/mysql.h 2009-11-16 19:50:38.000000000 +0000 -+++ exim-4.71-dynlookup/src/lookups/mysql.h 1970-01-01 01:00:00.000000000 +0100 +diff --git a/src/src/lookups/mysql.h b/src/src/lookups/mysql.h +deleted file mode 100644 +index df7b555..0000000 +--- a/src/src/lookups/mysql.h ++++ /dev/null @@ -1,18 +0,0 @@ --/* $Cambridge: exim/exim-src/src/lookups/mysql.h,v 1.5 2009/11/16 19:50:38 nm4 Exp $ */ +-/* $Cambridge: exim/src/src/lookups/mysql.h,v 1.5 2009/11/16 19:50:38 nm4 Exp $ */ - -/************************************************* -* Exim - an Internet mail transport agent * @@ -2233,9 +2318,10 @@ diff -uNr exim-4.71/src/lookups/mysql.h exim-4.71-dynlookup/src/lookups/mysql.h -extern uschar *mysql_quote(uschar *, uschar *); - -/* End of lookups/mysql.h */ -diff -uNr exim-4.71/src/lookups/nis.c exim-4.71-dynlookup/src/lookups/nis.c ---- exim-4.71/src/lookups/nis.c 2009-11-16 19:50:38.000000000 +0000 -+++ exim-4.71-dynlookup/src/lookups/nis.c 2009-12-24 19:54:50.000000000 +0000 +diff --git a/src/src/lookups/nis.c b/src/src/lookups/nis.c +index ad04e0a..8177f4b 100644 +--- a/src/src/lookups/nis.c ++++ b/src/src/lookups/nis.c @@ -9,19 +9,6 @@ #include "../exim.h" @@ -2256,7 +2342,7 @@ diff -uNr exim-4.71/src/lookups/nis.c exim-4.71-dynlookup/src/lookups/nis.c #include -@@ -33,7 +20,7 @@ +@@ -33,7 +20,7 @@ static void dummy(int x) { dummy(x-1); } /* See local README for interface description. This serves for both the "nis" and "nis0" lookup types. */ @@ -2265,7 +2351,7 @@ diff -uNr exim-4.71/src/lookups/nis.c exim-4.71-dynlookup/src/lookups/nis.c nis_open(uschar *filename, uschar **errmsg) { char *nis_domain; -@@ -55,7 +42,7 @@ +@@ -55,7 +42,7 @@ return nis_domain; for nis0 because they are so short it isn't worth trying to use any common code. */ @@ -2274,7 +2360,7 @@ diff -uNr exim-4.71/src/lookups/nis.c exim-4.71-dynlookup/src/lookups/nis.c nis_find(void *handle, uschar *filename, uschar *keystring, int length, uschar **result, uschar **errmsg, BOOL *do_cache) { -@@ -81,7 +68,7 @@ +@@ -81,7 +68,7 @@ return (rc == YPERR_KEY || rc == YPERR_MAP)? FAIL : DEFER; /* See local README for interface description. */ @@ -2283,7 +2369,7 @@ diff -uNr exim-4.71/src/lookups/nis.c exim-4.71-dynlookup/src/lookups/nis.c nis0_find(void *handle, uschar *filename, uschar *keystring, int length, uschar **result, uschar **errmsg, BOOL *do_cache) { -@@ -99,6 +86,33 @@ +@@ -99,6 +86,33 @@ if ((rc = yp_match(CS handle, CS filename, CS keystring, length + 1, return (rc == YPERR_KEY || rc == YPERR_MAP)? FAIL : DEFER; } @@ -2318,11 +2404,13 @@ diff -uNr exim-4.71/src/lookups/nis.c exim-4.71-dynlookup/src/lookups/nis.c +lookup_module_info nis_lookup_module_info = { LOOKUP_MODULE_INFO_MAGIC, _lookup_list, 2 }; /* End of lookups/nis.c */ -diff -uNr exim-4.71/src/lookups/nis.h exim-4.71-dynlookup/src/lookups/nis.h ---- exim-4.71/src/lookups/nis.h 2009-11-16 19:50:38.000000000 +0000 -+++ exim-4.71-dynlookup/src/lookups/nis.h 1970-01-01 01:00:00.000000000 +0100 +diff --git a/src/src/lookups/nis.h b/src/src/lookups/nis.h +deleted file mode 100644 +index cd4ca58..0000000 +--- a/src/src/lookups/nis.h ++++ /dev/null @@ -1,18 +0,0 @@ --/* $Cambridge: exim/exim-src/src/lookups/nis.h,v 1.5 2009/11/16 19:50:38 nm4 Exp $ */ +-/* $Cambridge: exim/src/src/lookups/nis.h,v 1.5 2009/11/16 19:50:38 nm4 Exp $ */ - -/************************************************* -* Exim - an Internet mail transport agent * @@ -2340,9 +2428,10 @@ diff -uNr exim-4.71/src/lookups/nis.h exim-4.71-dynlookup/src/lookups/nis.h - BOOL *); - -/* End of lookups/nis.h */ -diff -uNr exim-4.71/src/lookups/nisplus.c exim-4.71-dynlookup/src/lookups/nisplus.c ---- exim-4.71/src/lookups/nisplus.c 2009-11-16 19:50:38.000000000 +0000 -+++ exim-4.71-dynlookup/src/lookups/nisplus.c 2009-12-24 19:54:51.000000000 +0000 +diff --git a/src/src/lookups/nisplus.c b/src/src/lookups/nisplus.c +index 33d4ffe..5213af3 100644 +--- a/src/src/lookups/nisplus.c ++++ b/src/src/lookups/nisplus.c @@ -9,21 +9,6 @@ #include "../exim.h" @@ -2365,7 +2454,7 @@ diff -uNr exim-4.71/src/lookups/nisplus.c exim-4.71-dynlookup/src/lookups/nisplu #include -@@ -34,7 +19,7 @@ +@@ -34,7 +19,7 @@ static void dummy(int x) { dummy(x-1); } /* See local README for interface description. */ @@ -2374,7 +2463,7 @@ diff -uNr exim-4.71/src/lookups/nisplus.c exim-4.71-dynlookup/src/lookups/nisplu nisplus_open(uschar *filename, uschar **errmsg) { return (void *)(1); /* Just return something non-null */ -@@ -58,7 +43,7 @@ +@@ -58,7 +43,7 @@ name tagged on the end after a colon. If there is no result-field name, the yield is the concatenation of all the fields, preceded by their names and an equals sign. */ @@ -2383,7 +2472,7 @@ diff -uNr exim-4.71/src/lookups/nisplus.c exim-4.71-dynlookup/src/lookups/nisplu nisplus_find(void *handle, uschar *filename, uschar *query, int length, uschar **result, uschar **errmsg, BOOL *do_cache) { -@@ -250,7 +235,7 @@ +@@ -250,7 +235,7 @@ Arguments: Returns: the processed string or NULL for a bad option */ @@ -2392,7 +2481,7 @@ diff -uNr exim-4.71/src/lookups/nisplus.c exim-4.71-dynlookup/src/lookups/nisplu nisplus_quote(uschar *s, uschar *opt) { int count = 0; -@@ -274,6 +259,22 @@ +@@ -274,6 +259,22 @@ while (*s != 0) return quoted; } @@ -2416,11 +2505,13 @@ diff -uNr exim-4.71/src/lookups/nisplus.c exim-4.71-dynlookup/src/lookups/nisplu +lookup_module_info nisplus_lookup_module_info = { LOOKUP_MODULE_INFO_MAGIC, _lookup_list, 1 }; /* End of lookups/nisplus.c */ -diff -uNr exim-4.71/src/lookups/nisplus.h exim-4.71-dynlookup/src/lookups/nisplus.h ---- exim-4.71/src/lookups/nisplus.h 2009-11-16 19:50:38.000000000 +0000 -+++ exim-4.71-dynlookup/src/lookups/nisplus.h 1970-01-01 01:00:00.000000000 +0100 +diff --git a/src/src/lookups/nisplus.h b/src/src/lookups/nisplus.h +deleted file mode 100644 +index aa25696..0000000 +--- a/src/src/lookups/nisplus.h ++++ /dev/null @@ -1,17 +0,0 @@ --/* $Cambridge: exim/exim-src/src/lookups/nisplus.h,v 1.5 2009/11/16 19:50:38 nm4 Exp $ */ +-/* $Cambridge: exim/src/src/lookups/nisplus.h,v 1.5 2009/11/16 19:50:38 nm4 Exp $ */ - -/************************************************* -* Exim - an Internet mail transport agent * @@ -2437,10 +2528,11 @@ diff -uNr exim-4.71/src/lookups/nisplus.h exim-4.71-dynlookup/src/lookups/nisplu -extern uschar *nisplus_quote(uschar *, uschar *); - -/* End of lookups/nisplus.h */ -diff -uNr exim-4.71/src/lookups/oracle.c exim-4.71-dynlookup/src/lookups/oracle.c ---- exim-4.71/src/lookups/oracle.c 2009-11-16 19:50:38.000000000 +0000 -+++ exim-4.71-dynlookup/src/lookups/oracle.c 2009-12-24 19:54:51.000000000 +0000 -@@ -15,27 +15,12 @@ +diff --git a/src/src/lookups/oracle.c b/src/src/lookups/oracle.c +index 5997f19..50dfb4a 100644 +--- a/src/src/lookups/oracle.c ++++ b/src/src/lookups/oracle.c +@@ -15,27 +15,12 @@ some comments from my position of Oracle ignorance. */ #include "../exim.h" @@ -2468,7 +2560,7 @@ diff -uNr exim-4.71/src/lookups/oracle.c exim-4.71-dynlookup/src/lookups/oracle. #define PARSE_NO_DEFER 0 /* parse straight away */ #define PARSE_V7_LNG 2 #define MAX_ITEM_BUFFER_SIZE 1024 /* largest size of a cell of data */ -@@ -212,7 +197,7 @@ +@@ -212,7 +197,7 @@ return col; /* See local README for interface description. */ @@ -2477,7 +2569,7 @@ diff -uNr exim-4.71/src/lookups/oracle.c exim-4.71-dynlookup/src/lookups/oracle. oracle_open(uschar *filename, uschar **errmsg) { return (void *)(1); /* Just return something non-null */ -@@ -226,7 +211,7 @@ +@@ -226,7 +211,7 @@ return (void *)(1); /* Just return something non-null */ /* See local README for interface description. */ @@ -2486,7 +2578,7 @@ diff -uNr exim-4.71/src/lookups/oracle.c exim-4.71-dynlookup/src/lookups/oracle. oracle_tidy(void) { oracle_connection *cn; -@@ -532,7 +517,7 @@ +@@ -532,7 +517,7 @@ else arguments are not used. Loop through a list of servers while the query is deferred with a retryable error. */ @@ -2495,7 +2587,7 @@ diff -uNr exim-4.71/src/lookups/oracle.c exim-4.71-dynlookup/src/lookups/oracle. oracle_find(void *handle, uschar *filename, uschar *query, int length, uschar **result, uschar **errmsg, BOOL *do_cache) { -@@ -577,7 +562,7 @@ +@@ -577,7 +562,7 @@ Arguments: Returns: the processed string or NULL for a bad option */ @@ -2504,7 +2596,7 @@ diff -uNr exim-4.71/src/lookups/oracle.c exim-4.71-dynlookup/src/lookups/oracle. oracle_quote(uschar *s, uschar *opt) { register int c; -@@ -619,6 +604,22 @@ +@@ -619,6 +604,22 @@ while ((c = *s++) != 0) return quoted; } @@ -2528,11 +2620,13 @@ diff -uNr exim-4.71/src/lookups/oracle.c exim-4.71-dynlookup/src/lookups/oracle. +lookup_module_info oracle_lookup_module_info = { LOOKUP_MODULE_INFO_MAGIC, _lookup_list, 1 }; /* End of lookups/oracle.c */ -diff -uNr exim-4.71/src/lookups/oracle.h exim-4.71-dynlookup/src/lookups/oracle.h ---- exim-4.71/src/lookups/oracle.h 2009-11-16 19:50:38.000000000 +0000 -+++ exim-4.71-dynlookup/src/lookups/oracle.h 1970-01-01 01:00:00.000000000 +0100 +diff --git a/src/src/lookups/oracle.h b/src/src/lookups/oracle.h +deleted file mode 100644 +index b642796..0000000 +--- a/src/src/lookups/oracle.h ++++ /dev/null @@ -1,18 +0,0 @@ --/* $Cambridge: exim/exim-src/src/lookups/oracle.h,v 1.5 2009/11/16 19:50:38 nm4 Exp $ */ +-/* $Cambridge: exim/src/src/lookups/oracle.h,v 1.5 2009/11/16 19:50:38 nm4 Exp $ */ - -/************************************************* -* Exim - an Internet mail transport agent * @@ -2550,9 +2644,10 @@ diff -uNr exim-4.71/src/lookups/oracle.h exim-4.71-dynlookup/src/lookups/oracle. -extern uschar *oracle_quote(uschar *, uschar *); - -/* End of lookups/oracle.h */ -diff -uNr exim-4.71/src/lookups/passwd.c exim-4.71-dynlookup/src/lookups/passwd.c ---- exim-4.71/src/lookups/passwd.c 2009-11-16 19:50:38.000000000 +0000 -+++ exim-4.71-dynlookup/src/lookups/passwd.c 2009-12-24 19:54:52.000000000 +0000 +diff --git a/src/src/lookups/passwd.c b/src/src/lookups/passwd.c +index 481be2c..420eefc 100644 +--- a/src/src/lookups/passwd.c ++++ b/src/src/lookups/passwd.c @@ -8,7 +8,6 @@ /* See the file NOTICE for conditions of use and distribution. */ @@ -2570,7 +2665,7 @@ diff -uNr exim-4.71/src/lookups/passwd.c exim-4.71-dynlookup/src/lookups/passwd. passwd_open(uschar *filename, uschar **errmsg) { filename = filename; /* Keep picky compilers happy */ -@@ -35,7 +34,7 @@ +@@ -35,7 +34,7 @@ return (void *)(-1); /* Just return something non-null */ /* See local README for interface description */ @@ -2579,7 +2674,7 @@ diff -uNr exim-4.71/src/lookups/passwd.c exim-4.71-dynlookup/src/lookups/passwd. passwd_find(void *handle, uschar *filename, uschar *keystring, int length, uschar **result, uschar **errmsg, BOOL *do_cache) { -@@ -53,4 +52,22 @@ +@@ -53,4 +52,22 @@ if (!route_finduser(keystring, &pw, NULL)) return FAIL; return OK; } @@ -2602,11 +2697,13 @@ diff -uNr exim-4.71/src/lookups/passwd.c exim-4.71-dynlookup/src/lookups/passwd. +lookup_module_info passwd_lookup_module_info = { LOOKUP_MODULE_INFO_MAGIC, _lookup_list, 1 }; + /* End of lookups/passwd.c */ -diff -uNr exim-4.71/src/lookups/passwd.h exim-4.71-dynlookup/src/lookups/passwd.h ---- exim-4.71/src/lookups/passwd.h 2009-11-16 19:50:38.000000000 +0000 -+++ exim-4.71-dynlookup/src/lookups/passwd.h 1970-01-01 01:00:00.000000000 +0100 +diff --git a/src/src/lookups/passwd.h b/src/src/lookups/passwd.h +deleted file mode 100644 +index 5624a01..0000000 +--- a/src/src/lookups/passwd.h ++++ /dev/null @@ -1,16 +0,0 @@ --/* $Cambridge: exim/exim-src/src/lookups/passwd.h,v 1.5 2009/11/16 19:50:38 nm4 Exp $ */ +-/* $Cambridge: exim/src/src/lookups/passwd.h,v 1.5 2009/11/16 19:50:38 nm4 Exp $ */ - -/************************************************* -* Exim - an Internet mail transport agent * @@ -2622,10 +2719,11 @@ diff -uNr exim-4.71/src/lookups/passwd.h exim-4.71-dynlookup/src/lookups/passwd. - BOOL *); - -/* End of lookups/passwd.h */ -diff -uNr exim-4.71/src/lookups/pgsql.c exim-4.71-dynlookup/src/lookups/pgsql.c ---- exim-4.71/src/lookups/pgsql.c 2009-11-16 19:50:38.000000000 +0000 -+++ exim-4.71-dynlookup/src/lookups/pgsql.c 2009-12-24 19:54:52.000000000 +0000 -@@ -13,21 +13,6 @@ +diff --git a/src/src/lookups/pgsql.c b/src/src/lookups/pgsql.c +index 287ddcd..5bd9627 100644 +--- a/src/src/lookups/pgsql.c ++++ b/src/src/lookups/pgsql.c +@@ -13,21 +13,6 @@ socket extension. */ #include "../exim.h" #include "lf_functions.h" @@ -2647,7 +2745,7 @@ diff -uNr exim-4.71/src/lookups/pgsql.c exim-4.71-dynlookup/src/lookups/pgsql.c #include /* The system header */ -@@ -49,7 +34,7 @@ +@@ -49,7 +34,7 @@ static pgsql_connection *pgsql_connections = NULL; /* See local README for interface description. */ @@ -2656,7 +2754,7 @@ diff -uNr exim-4.71/src/lookups/pgsql.c exim-4.71-dynlookup/src/lookups/pgsql.c pgsql_open(uschar *filename, uschar **errmsg) { return (void *)(1); /* Just return something non-null */ -@@ -63,7 +48,7 @@ +@@ -63,7 +48,7 @@ return (void *)(1); /* Just return something non-null */ /* See local README for interface description. */ @@ -2665,7 +2763,7 @@ diff -uNr exim-4.71/src/lookups/pgsql.c exim-4.71-dynlookup/src/lookups/pgsql.c pgsql_tidy(void) { pgsql_connection *cn; -@@ -414,7 +399,7 @@ +@@ -414,7 +399,7 @@ arguments are not used. The code to loop through a list of servers while the query is deferred with a retryable error is now in a separate function that is shared with other SQL lookups. */ @@ -2674,7 +2772,7 @@ diff -uNr exim-4.71/src/lookups/pgsql.c exim-4.71-dynlookup/src/lookups/pgsql.c pgsql_find(void *handle, uschar *filename, uschar *query, int length, uschar **result, uschar **errmsg, BOOL *do_cache) { -@@ -454,7 +439,7 @@ +@@ -454,7 +439,7 @@ Arguments: Returns: the processed string or NULL for a bad option */ @@ -2683,7 +2781,7 @@ diff -uNr exim-4.71/src/lookups/pgsql.c exim-4.71-dynlookup/src/lookups/pgsql.c pgsql_quote(uschar *s, uschar *opt) { register int c; -@@ -501,6 +486,22 @@ +@@ -501,6 +486,22 @@ while ((c = *s++) != 0) return quoted; } @@ -2707,11 +2805,13 @@ diff -uNr exim-4.71/src/lookups/pgsql.c exim-4.71-dynlookup/src/lookups/pgsql.c +lookup_module_info pgsql_lookup_module_info = { LOOKUP_MODULE_INFO_MAGIC, _lookup_list, 1 }; /* End of lookups/pgsql.c */ -diff -uNr exim-4.71/src/lookups/pgsql.h exim-4.71-dynlookup/src/lookups/pgsql.h ---- exim-4.71/src/lookups/pgsql.h 2009-11-16 19:50:38.000000000 +0000 -+++ exim-4.71-dynlookup/src/lookups/pgsql.h 1970-01-01 01:00:00.000000000 +0100 +diff --git a/src/src/lookups/pgsql.h b/src/src/lookups/pgsql.h +deleted file mode 100644 +index 228e314..0000000 +--- a/src/src/lookups/pgsql.h ++++ /dev/null @@ -1,18 +0,0 @@ --/* $Cambridge: exim/exim-src/src/lookups/pgsql.h,v 1.5 2009/11/16 19:50:38 nm4 Exp $ */ +-/* $Cambridge: exim/src/src/lookups/pgsql.h,v 1.5 2009/11/16 19:50:38 nm4 Exp $ */ - -/************************************************* -* Exim - an Internet mail transport agent * @@ -2729,10 +2829,11 @@ diff -uNr exim-4.71/src/lookups/pgsql.h exim-4.71-dynlookup/src/lookups/pgsql.h -extern uschar *pgsql_quote(uschar *, uschar *); - -/* End of lookups/pgsql.h */ -diff -uNr exim-4.71/src/lookups/spf.c exim-4.71-dynlookup/src/lookups/spf.c ---- exim-4.71/src/lookups/spf.c 2009-11-11 14:43:28.000000000 +0000 -+++ exim-4.71-dynlookup/src/lookups/spf.c 2009-12-24 19:54:53.000000000 +0000 -@@ -24,7 +24,6 @@ +diff --git a/src/src/lookups/spf.c b/src/src/lookups/spf.c +index ee2a2c7..2ca4bba 100644 +--- a/src/src/lookups/spf.c ++++ b/src/src/lookups/spf.c +@@ -24,7 +24,6 @@ static void dummy(int x) { dummy(x-1); } #else #include "lf_functions.h" @@ -2740,7 +2841,7 @@ diff -uNr exim-4.71/src/lookups/spf.c exim-4.71-dynlookup/src/lookups/spf.c #ifndef HAVE_NS_TYPE #define HAVE_NS_TYPE #endif -@@ -32,7 +31,7 @@ +@@ -32,7 +31,7 @@ static void dummy(int x) { dummy(x-1); } #include #include @@ -2749,7 +2850,7 @@ diff -uNr exim-4.71/src/lookups/spf.c exim-4.71-dynlookup/src/lookups/spf.c SPF_server_t *spf_server = NULL; spf_server = SPF_server_new(SPF_DNS_CACHE, 0); if (spf_server == NULL) { -@@ -42,12 +41,12 @@ +@@ -42,12 +41,12 @@ void *spf_open(uschar *filename, uschar **errmsg) { return (void *) spf_server; } @@ -2764,7 +2865,7 @@ diff -uNr exim-4.71/src/lookups/spf.c exim-4.71-dynlookup/src/lookups/spf.c uschar **result, uschar **errmsg, BOOL *do_cache) { SPF_server_t *spf_server = handle; SPF_request_t *spf_request = NULL; -@@ -75,4 +74,22 @@ +@@ -75,4 +74,22 @@ int spf_find(void *handle, uschar *filename, uschar *keystring, int key_len, return OK; } @@ -2787,11 +2888,13 @@ diff -uNr exim-4.71/src/lookups/spf.c exim-4.71-dynlookup/src/lookups/spf.c +lookup_module_info spf_lookup_module_info = { LOOKUP_MODULE_INFO_MAGIC, _lookup_list, 1 }; + #endif /* EXPERIMENTAL_SPF */ -diff -uNr exim-4.71/src/lookups/spf.h exim-4.71-dynlookup/src/lookups/spf.h ---- exim-4.71/src/lookups/spf.h 2005-05-25 21:07:55.000000000 +0100 -+++ exim-4.71-dynlookup/src/lookups/spf.h 2009-12-24 19:54:53.000000000 +0000 +diff --git a/src/src/lookups/spf.h b/src/src/lookups/spf.h +deleted file mode 100644 +index 6b9056a..0000000 +--- a/src/src/lookups/spf.h ++++ /dev/null @@ -1,26 +0,0 @@ --/* $Cambridge: exim/exim-src/src/lookups/spf.h,v 1.1 2005/05/25 20:07:55 tom Exp $ */ +-/* $Cambridge: exim/src/src/lookups/spf.h,v 1.1 2005/05/25 20:07:55 tom Exp $ */ - -/************************************************* -* Exim - an Internet mail transport agent * @@ -2817,9 +2920,10 @@ diff -uNr exim-4.71/src/lookups/spf.h exim-4.71-dynlookup/src/lookups/spf.h -extern int spf_find(void *, uschar *, uschar *, int, uschar **, uschar **, - BOOL *); - -diff -uNr exim-4.71/src/lookups/sqlite.c exim-4.71-dynlookup/src/lookups/sqlite.c ---- exim-4.71/src/lookups/sqlite.c 2009-11-16 19:50:38.000000000 +0000 -+++ exim-4.71-dynlookup/src/lookups/sqlite.c 2009-12-24 19:54:53.000000000 +0000 +diff --git a/src/src/lookups/sqlite.c b/src/src/lookups/sqlite.c +index 654c5c6..5759c43 100644 +--- a/src/src/lookups/sqlite.c ++++ b/src/src/lookups/sqlite.c @@ -9,11 +9,7 @@ #include "../exim.h" @@ -2832,7 +2936,7 @@ diff -uNr exim-4.71/src/lookups/sqlite.c exim-4.71-dynlookup/src/lookups/sqlite. #include -@@ -23,7 +19,7 @@ +@@ -23,7 +19,7 @@ static void dummy(int x) { dummy(x-1); } /* See local README for interface description. */ @@ -2841,7 +2945,7 @@ diff -uNr exim-4.71/src/lookups/sqlite.c exim-4.71-dynlookup/src/lookups/sqlite. sqlite_open(uschar *filename, uschar **errmsg) { sqlite3 *db = NULL; -@@ -85,7 +81,7 @@ +@@ -85,7 +81,7 @@ return 0; } @@ -2850,7 +2954,7 @@ diff -uNr exim-4.71/src/lookups/sqlite.c exim-4.71-dynlookup/src/lookups/sqlite. sqlite_find(void *handle, uschar *filename, uschar *query, int length, uschar **result, uschar **errmsg, BOOL *do_cache) { -@@ -113,7 +109,7 @@ +@@ -113,7 +109,7 @@ return OK; /* See local README for interface description. */ @@ -2859,7 +2963,7 @@ diff -uNr exim-4.71/src/lookups/sqlite.c exim-4.71-dynlookup/src/lookups/sqlite. { sqlite3_close(handle); } -@@ -134,7 +130,7 @@ +@@ -134,7 +130,7 @@ Arguments: Returns: the processed string or NULL for a bad option */ @@ -2868,7 +2972,7 @@ diff -uNr exim-4.71/src/lookups/sqlite.c exim-4.71-dynlookup/src/lookups/sqlite. sqlite_quote(uschar *s, uschar *opt) { register int c; -@@ -159,6 +155,22 @@ +@@ -159,6 +155,22 @@ while ((c = *s++) != 0) return quoted; } @@ -2892,11 +2996,13 @@ diff -uNr exim-4.71/src/lookups/sqlite.c exim-4.71-dynlookup/src/lookups/sqlite. +lookup_module_info sqlite_lookup_module_info = { LOOKUP_MODULE_INFO_MAGIC, _lookup_list, 1 }; /* End of lookups/sqlite.c */ -diff -uNr exim-4.71/src/lookups/sqlite.h exim-4.71-dynlookup/src/lookups/sqlite.h ---- exim-4.71/src/lookups/sqlite.h 2009-11-16 19:50:38.000000000 +0000 -+++ exim-4.71-dynlookup/src/lookups/sqlite.h 1970-01-01 01:00:00.000000000 +0100 +diff --git a/src/src/lookups/sqlite.h b/src/src/lookups/sqlite.h +deleted file mode 100644 +index 15df25f..0000000 +--- a/src/src/lookups/sqlite.h ++++ /dev/null @@ -1,18 +0,0 @@ --/* $Cambridge: exim/exim-src/src/lookups/sqlite.h,v 1.4 2009/11/16 19:50:38 nm4 Exp $ */ +-/* $Cambridge: exim/src/src/lookups/sqlite.h,v 1.4 2009/11/16 19:50:38 nm4 Exp $ */ - -/************************************************* -* Exim - an Internet mail transport agent * @@ -2914,9 +3020,10 @@ diff -uNr exim-4.71/src/lookups/sqlite.h exim-4.71-dynlookup/src/lookups/sqlite. -extern uschar *sqlite_quote(uschar *, uschar *); - -/* End of lookups/sqlite.h */ -diff -uNr exim-4.71/src/lookups/testdb.c exim-4.71-dynlookup/src/lookups/testdb.c ---- exim-4.71/src/lookups/testdb.c 2009-11-16 19:50:38.000000000 +0000 -+++ exim-4.71-dynlookup/src/lookups/testdb.c 2009-12-24 19:54:54.000000000 +0000 +diff --git a/src/src/lookups/testdb.c b/src/src/lookups/testdb.c +index ec23e13..03404d8 100644 +--- a/src/src/lookups/testdb.c ++++ b/src/src/lookups/testdb.c @@ -9,7 +9,6 @@ #include "../exim.h" @@ -2925,7 +3032,7 @@ diff -uNr exim-4.71/src/lookups/testdb.c exim-4.71-dynlookup/src/lookups/testdb. /* These are not real lookup functions; they are just a way of testing the -@@ -23,7 +22,7 @@ +@@ -23,7 +22,7 @@ the find function. */ /* See local README for interface description. */ @@ -2934,7 +3041,7 @@ diff -uNr exim-4.71/src/lookups/testdb.c exim-4.71-dynlookup/src/lookups/testdb. testdb_open(uschar *filename, uschar **errmsg) { filename = filename; /* Keep picky compilers happy */ -@@ -39,7 +38,7 @@ +@@ -39,7 +38,7 @@ return (void *)(1); /* Just return something non-null */ /* See local README for interface description. */ @@ -2943,7 +3050,7 @@ diff -uNr exim-4.71/src/lookups/testdb.c exim-4.71-dynlookup/src/lookups/testdb. testdb_find(void *handle, uschar *filename, uschar *query, int length, uschar **result, uschar **errmsg, BOOL *do_cache) { -@@ -66,4 +65,22 @@ +@@ -66,4 +65,22 @@ if (Ustrcmp(query, "nocache") == 0) *do_cache = FALSE; return OK; } @@ -2966,11 +3073,13 @@ diff -uNr exim-4.71/src/lookups/testdb.c exim-4.71-dynlookup/src/lookups/testdb. +lookup_module_info testdb_lookup_module_info = { LOOKUP_MODULE_INFO_MAGIC, _lookup_list, 1 }; + /* End of lookups/testdb.c */ -diff -uNr exim-4.71/src/lookups/testdb.h exim-4.71-dynlookup/src/lookups/testdb.h ---- exim-4.71/src/lookups/testdb.h 2009-11-16 19:50:38.000000000 +0000 -+++ exim-4.71-dynlookup/src/lookups/testdb.h 1970-01-01 01:00:00.000000000 +0100 +diff --git a/src/src/lookups/testdb.h b/src/src/lookups/testdb.h +deleted file mode 100644 +index 0e9cdde..0000000 +--- a/src/src/lookups/testdb.h ++++ /dev/null @@ -1,16 +0,0 @@ --/* $Cambridge: exim/exim-src/src/lookups/testdb.h,v 1.5 2009/11/16 19:50:38 nm4 Exp $ */ +-/* $Cambridge: exim/src/src/lookups/testdb.h,v 1.5 2009/11/16 19:50:38 nm4 Exp $ */ - -/************************************************* -* Exim - an Internet mail transport agent * @@ -2986,9 +3095,10 @@ diff -uNr exim-4.71/src/lookups/testdb.h exim-4.71-dynlookup/src/lookups/testdb. - BOOL *); - -/* End of lookups/testdb.h */ -diff -uNr exim-4.71/src/lookups/whoson.c exim-4.71-dynlookup/src/lookups/whoson.c ---- exim-4.71/src/lookups/whoson.c 2009-11-16 19:50:38.000000000 +0000 -+++ exim-4.71-dynlookup/src/lookups/whoson.c 2009-12-24 19:54:54.000000000 +0000 +diff --git a/src/src/lookups/whoson.c b/src/src/lookups/whoson.c +index 3b0960f..d197905 100644 +--- a/src/src/lookups/whoson.c ++++ b/src/src/lookups/whoson.c @@ -12,22 +12,7 @@ #include "../exim.h" @@ -3012,7 +3122,7 @@ diff -uNr exim-4.71/src/lookups/whoson.c exim-4.71-dynlookup/src/lookups/whoson. /************************************************* -@@ -36,7 +21,7 @@ +@@ -36,7 +21,7 @@ static void dummy(int x) { dummy(x-1); } /* See local README for interface description. */ @@ -3021,7 +3131,7 @@ diff -uNr exim-4.71/src/lookups/whoson.c exim-4.71-dynlookup/src/lookups/whoson. whoson_open(uschar *filename, uschar **errmsg) { filename = filename; /* Keep picky compilers happy */ -@@ -51,7 +36,7 @@ +@@ -51,7 +36,7 @@ return (void *)(1); /* Just return something non-null */ /* See local README for interface description. */ @@ -3030,7 +3140,7 @@ diff -uNr exim-4.71/src/lookups/whoson.c exim-4.71-dynlookup/src/lookups/whoson. whoson_find(void *handle, uschar *filename, uschar *query, int length, uschar **result, uschar **errmsg, BOOL *do_cache) { -@@ -77,6 +62,22 @@ +@@ -77,6 +62,22 @@ switch (wso_query(query, CS buffer, sizeof(buffer))) } } @@ -3054,11 +3164,13 @@ diff -uNr exim-4.71/src/lookups/whoson.c exim-4.71-dynlookup/src/lookups/whoson. +lookup_module_info whoson_lookup_module_info = { LOOKUP_MODULE_INFO_MAGIC, _lookup_list, 1 }; /* End of lookups/whoson.c */ -diff -uNr exim-4.71/src/lookups/whoson.h exim-4.71-dynlookup/src/lookups/whoson.h ---- exim-4.71/src/lookups/whoson.h 2009-11-16 19:50:38.000000000 +0000 -+++ exim-4.71-dynlookup/src/lookups/whoson.h 1970-01-01 01:00:00.000000000 +0100 +diff --git a/src/src/lookups/whoson.h b/src/src/lookups/whoson.h +deleted file mode 100644 +index 2a3a5c0..0000000 +--- a/src/src/lookups/whoson.h ++++ /dev/null @@ -1,16 +0,0 @@ --/* $Cambridge: exim/exim-src/src/lookups/whoson.h,v 1.5 2009/11/16 19:50:38 nm4 Exp $ */ +-/* $Cambridge: exim/src/src/lookups/whoson.h,v 1.5 2009/11/16 19:50:38 nm4 Exp $ */ - -/************************************************* -* Exim - an Internet mail transport agent * @@ -3074,10 +3186,11 @@ diff -uNr exim-4.71/src/lookups/whoson.h exim-4.71-dynlookup/src/lookups/whoson. - BOOL *); - -/* End of lookups/whoson.h */ -diff -uNr exim-4.71/src/macros.h exim-4.71-dynlookup/src/macros.h ---- exim-4.71/src/macros.h 2009-11-16 19:50:37.000000000 +0000 -+++ exim-4.71-dynlookup/src/macros.h 2009-12-24 19:54:55.000000000 +0000 -@@ -96,7 +96,7 @@ +diff --git a/src/src/macros.h b/src/src/macros.h +index 09bc601..3f24025 100644 +--- a/src/src/macros.h ++++ b/src/src/macros.h +@@ -96,7 +96,7 @@ don't make the file descriptors two-way. */ /* A macro to simplify testing bits in lookup types */ @@ -3086,10 +3199,11 @@ diff -uNr exim-4.71/src/macros.h exim-4.71-dynlookup/src/macros.h /* Debugging control */ -diff -uNr exim-4.71/src/search.c exim-4.71-dynlookup/src/search.c ---- exim-4.71/src/search.c 2009-11-16 19:50:37.000000000 +0000 -+++ exim-4.71-dynlookup/src/search.c 2009-12-24 19:54:55.000000000 +0000 -@@ -71,7 +71,7 @@ +diff --git a/src/src/search.c b/src/src/search.c +index 6e52cf2..528dc72 100644 +--- a/src/src/search.c ++++ b/src/src/search.c +@@ -71,7 +71,7 @@ int top = lookup_list_count; while (top > bot) { int mid = (top + bot)/2; @@ -3098,7 +3212,7 @@ diff -uNr exim-4.71/src/search.c exim-4.71-dynlookup/src/search.c /* If c == 0 we have matched the incoming name with the start of the search type name. However, some search types are substrings of others (e.g. nis and -@@ -81,9 +81,9 @@ +@@ -81,9 +81,9 @@ while (top > bot) are testing. By leaving c == 0 when the lengths are different, and doing a > 0 test below, this all falls out correctly. */ @@ -3110,7 +3224,7 @@ diff -uNr exim-4.71/src/search.c exim-4.71-dynlookup/src/search.c search_error_message = string_sprintf("lookup type \"%.*s\" is not " "available (not in the binary - check buildtime LOOKUP configuration)", len, name); -@@ -237,8 +237,8 @@ +@@ -237,8 +237,8 @@ if (t->left != NULL) tidyup_subtree(t->left); if (t->right != NULL) tidyup_subtree(t->right); if (c != NULL && c->handle != NULL && @@ -3121,7 +3235,7 @@ diff -uNr exim-4.71/src/search.c exim-4.71-dynlookup/src/search.c } -@@ -270,7 +270,7 @@ +@@ -270,7 +270,7 @@ open_filecount = 0; /* Call the general tidyup entry for any drivers that have one. */ for (i = 0; i < lookup_list_count; i++) @@ -3130,7 +3244,7 @@ diff -uNr exim-4.71/src/search.c exim-4.71-dynlookup/src/search.c if (search_reset_point != NULL) store_reset(search_reset_point); search_reset_point = NULL; -@@ -335,7 +335,7 @@ +@@ -335,7 +335,7 @@ search_open(uschar *filename, int search_type, int modemask, uid_t *owners, void *handle; tree_node *t; search_cache *c; @@ -3139,7 +3253,7 @@ diff -uNr exim-4.71/src/search.c exim-4.71-dynlookup/src/search.c uschar keybuffer[256]; int old_pool = store_pool; -@@ -388,7 +388,7 @@ +@@ -388,7 +388,7 @@ if (lk->type == lookup_absfile && open_filecount >= lookup_open_max) ((search_cache *)(open_bot->data.ptr))->down = NULL; else open_top = NULL; @@ -3148,7 +3262,7 @@ diff -uNr exim-4.71/src/search.c exim-4.71-dynlookup/src/search.c c->handle = NULL; open_filecount--; } -@@ -480,7 +480,7 @@ +@@ -480,7 +480,7 @@ search_find_defer = FALSE; DEBUG(D_lookup) debug_printf("internal_search_find: file=\"%s\"\n " "type=%s key=\"%s\"\n", filename, @@ -3157,7 +3271,7 @@ diff -uNr exim-4.71/src/search.c exim-4.71-dynlookup/src/search.c /* Insurance. If the keystring is empty, just fail. */ -@@ -511,7 +511,7 @@ +@@ -511,7 +511,7 @@ if ((t = tree_search(c->item_cache, keystring)) == NULL) like FAIL, except that search_find_defer is set so the caller can distinguish if necessary. */ @@ -3166,7 +3280,7 @@ diff -uNr exim-4.71/src/search.c exim-4.71-dynlookup/src/search.c &data, &search_error_message, &do_cache) == DEFER) { search_find_defer = TRUE; -@@ -622,7 +622,7 @@ +@@ -622,7 +622,7 @@ DEBUG(D_lookup) that opens real files. */ if (open_top != (tree_node *)handle && @@ -3175,10 +3289,11 @@ diff -uNr exim-4.71/src/search.c exim-4.71-dynlookup/src/search.c { search_cache *c = (search_cache *)(t->data.ptr); tree_node *up = c->up; -diff -uNr exim-4.71/src/structs.h exim-4.71-dynlookup/src/structs.h ---- exim-4.71/src/structs.h 2009-11-16 19:50:37.000000000 +0000 -+++ exim-4.71-dynlookup/src/structs.h 2009-12-24 19:54:55.000000000 +0000 -@@ -322,34 +322,7 @@ +diff --git a/src/src/structs.h b/src/src/structs.h +index cf967a6..483539f 100644 +--- a/src/src/structs.h ++++ b/src/src/structs.h +@@ -322,34 +322,7 @@ typedef struct router_info { /* Structure for holding information about a lookup type. */ @@ -3214,10 +3329,11 @@ diff -uNr exim-4.71/src/structs.h exim-4.71-dynlookup/src/structs.h /* Structure for holding information about the configured authentication -diff -uNr exim-4.71/src/verify.c exim-4.71-dynlookup/src/verify.c ---- exim-4.71/src/verify.c 2009-11-16 19:50:37.000000000 +0000 -+++ exim-4.71-dynlookup/src/verify.c 2009-12-24 19:54:55.000000000 +0000 -@@ -2256,7 +2256,7 @@ +diff --git a/src/src/verify.c b/src/src/verify.c +index 371883a..1ead302 100644 +--- a/src/src/verify.c ++++ b/src/src/verify.c +@@ -2256,7 +2256,7 @@ if (iplookup) } else /* Single-key style */ { diff --git a/exim.spec b/exim.spec index 75d3385..8fa78d6 100644 --- a/exim.spec +++ b/exim.spec @@ -11,8 +11,8 @@ Summary: The exim mail transfer agent Name: exim -Version: 4.72 -Release: 2%{?dist} +Version: 4.73 +Release: 1%{?dist} License: GPLv2+ Url: http://www.exim.org/ Group: System Environment/Daemons @@ -36,9 +36,10 @@ Source13: http://marc.merlins.org/linux/exim/files/sa-exim-4.2.tar.gz Source20: exim-greylist.conf.inc Source21: mk-greylist-db.sql Source22: greylist-tidy.sh +Source23: trusted-configs Patch4: exim-rhl.patch -Patch6: exim-4.50-config.patch +Patch6: exim-4.73-config.patch Patch8: exim-4.24-libdir.patch Patch12: exim-4.33-cyrus.patch Patch13: exim-4.43-pamconfig.patch @@ -49,7 +50,7 @@ Patch20: exim-4.63-allow-filter.patch Patch21: exim-4.63-localhost-is-local.patch Patch22: exim-4.66-greylist-conf.patch Patch23: exim-4.67-smarthost-config.patch -Patch24: exim-4.71-dynlookup.patch +Patch24: exim-4.73-dynlookup.patch Patch25: exim-4.69-dynlookup-config.patch Patch26: exim-4.69-strictaliasing.patch @@ -179,7 +180,7 @@ greylisting unconditional. %patch21 -p1 -b .localhost %patch22 -p1 -b .grey %patch23 -p1 -b .smarthost -%patch24 -p1 -b .dynlookup +%patch24 -p2 -b .dynlookup %patch25 -p1 -b .dynconfig %patch26 -p1 -b .strictaliasing @@ -329,6 +330,7 @@ install -m644 %{SOURCE20} $RPM_BUILD_ROOT/%_sysconfdir/exim/exim-greylist.conf.i install -m644 %{SOURCE21} $RPM_BUILD_ROOT/%_sysconfdir/exim/mk-greylist-db.sql mkdir -p $RPM_BUILD_ROOT/%_sysconfdir/cron.daily install -m755 %{SOURCE22} $RPM_BUILD_ROOT/%_sysconfdir/cron.daily/greylist-tidy.sh +install -m644 %{SOURCE23} $RPM_BUILD_ROOT/%_sysconfdir/exim/trusted-configs touch $RPM_BUILD_ROOT/%_var/spool/exim/db/greylist.db %clean @@ -420,11 +422,10 @@ fi %dir %{_var}/spool/exim/msglog %dir %{_var}/log/exim -%defattr(-,root,mail) +%defattr(-,root,root) %dir %{_sysconfdir}/exim %config(noreplace) %{_sysconfdir}/exim/exim.conf - -%defattr(-,root,root) +%config(noreplace) %{_sysconfdir}/exim/trusted-configs %config(noreplace) %{_sysconfdir}/sysconfig/exim %{_sysconfdir}/rc.d/init.d/exim %config(noreplace) %{_sysconfdir}/logrotate.d/exim @@ -501,6 +502,9 @@ test "$1" = 0 || %{_initrddir}/clamd.exim condrestart >/dev/null || : %{_sysconfdir}/cron.daily/greylist-tidy.sh %changelog +* Wed Jan 05 2011 David Woodhouse - 4.73-1 +- Update to 4.73 + * Sat Aug 07 2010 David Woodhouse - 4.72-2 - Fedora infrastructure ate my package; bump release and rebuild diff --git a/sources b/sources index f0b23ba..49c10e7 100644 --- a/sources +++ b/sources @@ -1,2 +1 @@ -ad76f73c6b3d01caa88078e3e622745a sa-exim-4.2.tar.gz -ccc937b533568e5e8340f181a3b3d2ff exim-4.72.tar.bz2 +b32fb85c5161ad2fabfe9ba860a1ad2c exim-4.73.tar.bz2 diff --git a/trusted-configs b/trusted-configs new file mode 100644 index 0000000..135206b --- /dev/null +++ b/trusted-configs @@ -0,0 +1,6 @@ +# This file contains a list, one per line, of the files which are permitted +# to be used as Exim configuration files with root privileges. If you want +# to be able to run Exim with the -C option, and have it re-execute itself +# for local delivery, then you'll need to add your configuration file here. +/etc/exim/exim4.conf +/etc/exim/exim.conf From 1d77c1303140fd0e3b4d83cb7daa3a864a5d2e46 Mon Sep 17 00:00:00 2001 From: Dennis Gilmore Date: Tue, 8 Feb 2011 12:57:33 -0600 Subject: [PATCH 099/194] - Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild --- exim.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/exim.spec b/exim.spec index 8fa78d6..a0f02d3 100644 --- a/exim.spec +++ b/exim.spec @@ -12,7 +12,7 @@ Summary: The exim mail transfer agent Name: exim Version: 4.73 -Release: 1%{?dist} +Release: 2%{?dist} License: GPLv2+ Url: http://www.exim.org/ Group: System Environment/Daemons @@ -502,6 +502,9 @@ test "$1" = 0 || %{_initrddir}/clamd.exim condrestart >/dev/null || : %{_sysconfdir}/cron.daily/greylist-tidy.sh %changelog +* Tue Feb 08 2011 Fedora Release Engineering - 4.73-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild + * Wed Jan 05 2011 David Woodhouse - 4.73-1 - Update to 4.73 From 26e8775d860bab91a8203c97689fb8d32700064f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Dan=20Hor=C3=A1k?= Date: Wed, 23 Mar 2011 19:12:23 +0100 Subject: [PATCH 100/194] rebuilt for mysql 5.5.10 (soname bump in libmysqlclient) --- exim.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/exim.spec b/exim.spec index a0f02d3..2207ec7 100644 --- a/exim.spec +++ b/exim.spec @@ -12,7 +12,7 @@ Summary: The exim mail transfer agent Name: exim Version: 4.73 -Release: 2%{?dist} +Release: 3%{?dist} License: GPLv2+ Url: http://www.exim.org/ Group: System Environment/Daemons @@ -502,6 +502,9 @@ test "$1" = 0 || %{_initrddir}/clamd.exim condrestart >/dev/null || : %{_sysconfdir}/cron.daily/greylist-tidy.sh %changelog +* Wed Mar 23 2011 Dan Horák - 4.73-3 +- rebuilt for mysql 5.5.10 (soname bump in libmysqlclient) + * Tue Feb 08 2011 Fedora Release Engineering - 4.73-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild From 4b85f1e92916b5ff650b75db3a6341d01805fdf0 Mon Sep 17 00:00:00 2001 From: David Woodhouse Date: Mon, 9 May 2011 13:10:15 +0100 Subject: [PATCH 101/194] Update to 4.76 --- .gitignore | 1 + exim-4.73-dynlookup.patch | 3344 ------------------------------------- sources | 2 +- 3 files changed, 2 insertions(+), 3345 deletions(-) delete mode 100644 exim-4.73-dynlookup.patch diff --git a/.gitignore b/.gitignore index 62993dc..3f3e4c8 100644 --- a/.gitignore +++ b/.gitignore @@ -1,3 +1,4 @@ sa-exim-4.2.tar.gz exim-4.72.tar.bz2 /exim-4.73.tar.bz2 +/exim-4.76.tar.bz2 diff --git a/exim-4.73-dynlookup.patch b/exim-4.73-dynlookup.patch deleted file mode 100644 index de15008..0000000 --- a/exim-4.73-dynlookup.patch +++ /dev/null @@ -1,3344 +0,0 @@ -commit e6d225ae6e6811d3c88dc201642a2127ff6c11bd -Author: David Woodhouse -Date: Wed Jan 5 22:55:50 2011 +0000 - - Add dynamic lookup support - - Fixed: bug #139 - -diff --git a/src/Makefile b/src/Makefile -index 0a48ff9..eb9df50 100644 ---- a/src/Makefile -+++ b/src/Makefile -@@ -81,7 +81,7 @@ clean:; @echo ""; echo '*** "make clean" just removes all .o and .a files' - - clean_exim:; cd build-$(buildname); \ - $(RM_COMMAND) -f *.o lookups/*.o lookups/*.a auths/*.o auths/*.a \ -- routers/*.o routers/*.a transports/*.o transports/*.a -+ routers/*.o routers/*.a transports/*.o transports/*.a lookups/*.so - - distclean:; $(RM_COMMAND) -rf build-* - -diff --git a/src/OS/Makefile-Base b/src/OS/Makefile-Base -index 451fcd2..5793869 100644 ---- a/src/OS/Makefile-Base -+++ b/src/OS/Makefile-Base -@@ -313,6 +313,7 @@ OBJ_EXIM = acl.o child.o crypt16.o daemon.o dbfn.o debug.o deliver.o \ - rda.o readconf.o receive.o retry.o rewrite.o rfc2047.o \ - route.o search.o sieve.o smtp_in.o smtp_out.o spool_in.o spool_out.o \ - store.o string.o tls.o tod.o transport.o tree.o verify.o \ -+ lookups/lf_quote.o lookups/lf_check_file.o lookups/lf_sqlperform.o \ - local_scan.o $(EXIM_PERL) $(OBJ_WITH_CONTENT_SCAN) \ - $(OBJ_WITH_OLD_DEMIME) $(OBJ_EXPERIMENTAL) - -diff --git a/src/scripts/Configure-Makefile b/src/scripts/Configure-Makefile -index 35bb2c3..1b2ea1e 100755 ---- a/src/scripts/Configure-Makefile -+++ b/src/scripts/Configure-Makefile -@@ -107,7 +107,7 @@ do if test -r ../$f - echo "# End of $f" - echo "" - fi --done >> $mft || exit 1 -+done | sed 's/^LOOKUP_/export LOOKUP_/' >> $mft || exit 1 - - # See if there is a definition of EXIM_PERL in what we have built so far. - # If so, run Perl to find the default values for PERL_CC, PERL_CCOPTS, -diff --git a/src/scripts/MakeLinks b/src/scripts/MakeLinks -index bb6dd49..5918139 100755 ---- a/src/scripts/MakeLinks -+++ b/src/scripts/MakeLinks -@@ -32,39 +32,23 @@ mkdir lookups - cd lookups - ln -s ../../src/lookups/README README - ln -s ../../src/lookups/Makefile Makefile --ln -s ../../src/lookups/cdb.h cdb.h - ln -s ../../src/lookups/cdb.c cdb.c --ln -s ../../src/lookups/dbmdb.h dbmdb.h - ln -s ../../src/lookups/dbmdb.c dbmdb.c --ln -s ../../src/lookups/dnsdb.h dnsdb.h - ln -s ../../src/lookups/dnsdb.c dnsdb.c --ln -s ../../src/lookups/dsearch.h dsearch.h - ln -s ../../src/lookups/dsearch.c dsearch.c --ln -s ../../src/lookups/ibase.h ibase.h - ln -s ../../src/lookups/ibase.c ibase.c - ln -s ../../src/lookups/ldap.h ldap.h - ln -s ../../src/lookups/ldap.c ldap.c --ln -s ../../src/lookups/lsearch.h lsearch.h - ln -s ../../src/lookups/lsearch.c lsearch.c --ln -s ../../src/lookups/mysql.h mysql.h - ln -s ../../src/lookups/mysql.c mysql.c --ln -s ../../src/lookups/nis.h nis.h - ln -s ../../src/lookups/nis.c nis.c --ln -s ../../src/lookups/nisplus.h nisplus.h - ln -s ../../src/lookups/nisplus.c nisplus.c --ln -s ../../src/lookups/oracle.h oracle.h - ln -s ../../src/lookups/oracle.c oracle.c --ln -s ../../src/lookups/passwd.h passwd.h - ln -s ../../src/lookups/passwd.c passwd.c --ln -s ../../src/lookups/pgsql.h pgsql.h - ln -s ../../src/lookups/pgsql.c pgsql.c --ln -s ../../src/lookups/spf.h spf.h - ln -s ../../src/lookups/spf.c spf.c --ln -s ../../src/lookups/sqlite.h sqlite.h - ln -s ../../src/lookups/sqlite.c sqlite.c --ln -s ../../src/lookups/testdb.h testdb.h - ln -s ../../src/lookups/testdb.c testdb.c --ln -s ../../src/lookups/whoson.h whoson.h - ln -s ../../src/lookups/whoson.c whoson.c - - ln -s ../../src/lookups/lf_functions.h lf_functions.h -@@ -197,6 +181,7 @@ ln -s ../src/mytypes.h mytypes.h - ln -s ../src/osfunctions.h osfunctions.h - ln -s ../src/store.h store.h - ln -s ../src/structs.h structs.h -+ln -s ../src/lookupapi.h lookupapi.h - - ln -s ../src/acl.c acl.c - ln -s ../src/buildconfig.c buildconfig.c -diff --git a/src/src/EDITME b/src/src/EDITME -index 3c162c9..be15e4e 100644 ---- a/src/src/EDITME -+++ b/src/src/EDITME -@@ -249,6 +249,10 @@ TRANSPORT_SMTP=yes - - - #------------------------------------------------------------------------------ -+# See below for dynamic lookup modules. -+# LOOKUP_MODULE_DIR=/usr/lib/exim/lookups/ -+ -+#------------------------------------------------------------------------------ - # These settings determine which file and database lookup methods are included - # in the binary. See the manual chapter entitled "File and database lookups" - # for discussion. DBM and lsearch (linear search) are included by default. If -@@ -256,6 +260,18 @@ TRANSPORT_SMTP=yes - # LOOKUP_DNSDB does *not* refer to general mail routing using the DNS. It is - # for the specialist case of using the DNS as a general database facility (not - # common). -+# If set to "2" instead of "yes" then the corresponding lookup will be -+# built as a module and must be installed into LOOKUP_MODULE_DIR. You need to -+# add -export-dynamic -rdynamic to EXTRALIBS. You may also need to add -ldl to -+# EXTRALIBS so that dlopen() is available to Exim. You need to define -+# LOOKUP_MODULE_DIR above so the exim binary actually loads dynamic lookup -+# modules. -+# Also, instead of adding all the libraries/includes to LOOKUP_INCLUDE and -+# LOOKUP_LIBS, add them to the respective LOOKUP_*_INCLUDE and LOOKUP_*_LIBS -+# (where * is the name as given here in this list). That ensures that only -+# the dynamic library and not the exim binary will be linked against the -+# library. -+# NOTE: LDAP cannot be built as a module! - - LOOKUP_DBM=yes - LOOKUP_LSEARCH=yes -diff --git a/src/src/config.h.defaults b/src/src/config.h.defaults -index 5cff6ad..8d951ae 100644 ---- a/src/src/config.h.defaults -+++ b/src/src/config.h.defaults -@@ -90,6 +90,8 @@ it's a default value. */ - #define LOOKUP_WILDLSEARCH - #define LOOKUP_NWILDLSEARCH - -+#define LOOKUP_MODULE_DIR -+ - #define MAX_FILTER_SIZE (1024*1024) - #define MAX_LOCALHOST_NUMBER 256 - #define MAX_INCLUDE_SIZE (1024*1024) -diff --git a/src/src/drtables.c b/src/src/drtables.c -index e2d989c..92b4878 100644 ---- a/src/src/drtables.c -+++ b/src/src/drtables.c -@@ -10,6 +10,8 @@ - - #include "exim.h" - -+#include -+#include - - /* This module contains tables that define the lookup methods and drivers - that are actually included in the binary. Its contents are controlled by -@@ -17,527 +19,8 @@ various macros in config.h that ultimately come from Local/Makefile. They are - all described in src/EDITME. */ - - --/* The OSF1 (Digital Unix) linker puts out a worrying warning if any sections --contain no executable code. It says -- --Warning: Linking some objects which contain exception information sections -- and some which do not. This may cause fatal runtime exception handling -- problems. -- --As this may cause people to worry needlessly, include a dummy function here --to stop the message from appearing. Make it call itself to stop picky compilers --compilers complaining that it is unused, and put in a dummy argument to stop --even pickier compilers complaining about infinite loops. */ -- --static void dummy(int x) { dummy(x-1); } -- -- --/* Table of information about all possible lookup methods. The entries are --always present, but the "open" and "find" functions are set to NULL for those --that are not compiled into the binary. The "check" and "close" functions can --be NULL for methods that don't need them. */ -- --#ifdef LOOKUP_CDB --#include "lookups/cdb.h" --#endif -- --#ifdef LOOKUP_DBM --#include "lookups/dbmdb.h" --#endif -- --#ifdef LOOKUP_DNSDB --#include "lookups/dnsdb.h" --#endif -- --#ifdef LOOKUP_DSEARCH --#include "lookups/dsearch.h" --#endif -- --#ifdef LOOKUP_IBASE --#include "lookups/ibase.h" --#endif -- --#ifdef LOOKUP_LDAP --#include "lookups/ldap.h" --#endif -- --#ifdef LOOKUP_LSEARCH --#include "lookups/lsearch.h" --#endif -- --#ifdef LOOKUP_MYSQL --#include "lookups/mysql.h" --#endif -- --#ifdef LOOKUP_NIS --#include "lookups/nis.h" --#endif -- --#ifdef LOOKUP_NISPLUS --#include "lookups/nisplus.h" --#endif -- --#ifdef LOOKUP_ORACLE --#include "lookups/oracle.h" --#endif -- --#ifdef LOOKUP_PASSWD --#include "lookups/passwd.h" --#endif -- --#ifdef LOOKUP_PGSQL --#include "lookups/pgsql.h" --#endif -- --#ifdef EXPERIMENTAL_SPF --#include "lookups/spf.h" --#endif -- --#ifdef LOOKUP_SQLITE --#include "lookups/sqlite.h" --#endif -- --#ifdef LOOKUP_TESTDB --#include "lookups/testdb.h" --#endif -- --#ifdef LOOKUP_WHOSON --#include "lookups/whoson.h" --#endif -- --/* The second field in each item below is a set of bit flags: -- -- lookup_querystyle => this is a query-style lookup, -- else single-key (+ file) style -- lookup_absfile => an absolute file name is required, -- (for single-key style only) -- --This list must be in alphabetical order of lookup name because it is --searched by binary chop, having got rather large for the original linear --searching. */ -- --lookup_info lookup_list[] = { -- --/* cdb lookup in single file */ -- -- { -- US"cdb", /* lookup name */ -- lookup_absfile, /* uses absolute file name */ --#ifdef LOOKUP_CDB -- cdb_open, /* open function */ -- cdb_check, /* check function */ -- cdb_find, /* find function */ -- cdb_close, /* close function */ -- NULL, /* no tidy function */ -- NULL /* no quoting function */ --#else -- NULL, NULL, NULL, NULL, NULL, NULL /* lookup not present */ --#endif -- }, -- --/* DBM file lookup; called "dbm" because that is the name in Exim, --but the code is called dbmdb to avoid name clashes. */ -- -- { -- US"dbm", /* lookup name */ -- lookup_absfile, /* uses absolute file name */ --#ifdef LOOKUP_DBM -- dbmdb_open, /* open function */ -- dbmdb_check, /* check function */ -- dbmdb_find, /* find function */ -- dbmdb_close, /* close function */ -- NULL, /* no tidy function */ -- NULL /* no quoting function */ --#else -- NULL, NULL, NULL, NULL, NULL, NULL /* lookup not present */ --#endif -- }, -- --/* This variant of DBM does not include the binary zero on the end --of the key strings. */ -- -- { -- US"dbmnz", /* lookup name */ -- lookup_absfile, /* uses absolute file name */ --#ifdef LOOKUP_DBM -- dbmdb_open, /* sic */ /* open function */ -- dbmdb_check, /* sic */ /* check function */ -- dbmnz_find, /* find function */ -- dbmdb_close, /* sic */ /* close function */ -- NULL, /* no tidy function */ -- NULL /* no quoting function */ --#else -- NULL, NULL, NULL, NULL, NULL, NULL /* lookup not present */ --#endif -- }, -- --/* Using DNS TXT records as a database */ -- -- { -- US"dnsdb", /* lookup name */ -- lookup_querystyle, /* query style */ --#ifdef LOOKUP_DNSDB -- dnsdb_open, /* open function */ -- NULL, /* check function */ -- dnsdb_find, /* find function */ -- NULL, /* no close function */ -- NULL, /* no tidy function */ -- NULL /* no quoting function */ --#else -- NULL, NULL, NULL, NULL, NULL, NULL /* lookup not present */ --#endif -- }, -- --/* Search of files in a directory */ -- -- { -- US"dsearch", /* lookup name */ -- lookup_absfile, /* uses absolute file name */ --#ifdef LOOKUP_DSEARCH -- dsearch_open, /* open function */ -- dsearch_check, /* check function */ -- dsearch_find, /* find function */ -- dsearch_close, /* close function */ -- NULL, /* no tidy function */ -- NULL /* no quoting function */ --#else -- NULL, NULL, NULL, NULL, NULL, NULL /* lookup not present */ --#endif -- }, -- --/* Interbase lookup */ -- -- { -- US"ibase", /* lookup name */ -- lookup_querystyle, /* query-style lookup */ --#ifdef LOOKUP_IBASE -- ibase_open, /* open function */ -- NULL, /* no check function */ -- ibase_find, /* find function */ -- NULL, /* no close function */ -- ibase_tidy, /* tidy function */ -- ibase_quote /* quoting function */ --#else -- NULL, NULL, NULL, NULL, NULL, NULL /* lookup not present */ --#endif -- }, -- --/* Linear search of single file with ip-addresses and networks; shares many --functions with lsearch. */ -- -- { -- US"iplsearch", /* lookup name */ -- lookup_absfile, /* uses absolute file name */ --#ifdef LOOKUP_LSEARCH -- lsearch_open, /* open function */ -- lsearch_check, /* check function */ -- iplsearch_find, /* find function */ -- lsearch_close, /* close function */ -- NULL, /* no tidy function */ -- NULL /* no quoting function */ --#else -- NULL, NULL, NULL, NULL, NULL, NULL /* lookup not present */ --#endif -- }, -- --/* LDAP lookup, allowing data from only one entry to be returned */ -- -- { -- US"ldap", /* lookup name */ -- lookup_querystyle, /* query-style lookup */ --#ifdef LOOKUP_LDAP -- eldap_open, /* open function */ -- NULL, /* check function */ -- eldap_find, /* find function */ -- NULL, /* no close function */ -- eldap_tidy, /* tidy function */ -- eldap_quote /* quoting function */ --#else -- NULL, NULL, NULL, NULL, NULL, NULL /* lookup not present */ --#endif -- }, -- --/* LDAP lookup, allowing the DN from more one entry to be returned */ -- -- { -- US"ldapdn", /* lookup name */ -- lookup_querystyle, /* query-style lookup */ --#ifdef LOOKUP_LDAP -- eldap_open, /* sic */ /* open function */ -- NULL, /* check function */ -- eldapdn_find, /* find function */ -- NULL, /* no close function */ -- eldap_tidy, /* sic */ /* tidy function */ -- eldap_quote /* sic */ /* quoting function */ --#else -- NULL, NULL, NULL, NULL, NULL, NULL /* lookup not present */ --#endif -- }, -- --/* LDAP lookup, allowing data from more than one entry to be returned */ -- -- { -- US"ldapm", /* lookup name */ -- lookup_querystyle, /* query-style lookup */ --#ifdef LOOKUP_LDAP -- eldap_open, /* sic */ /* open function */ -- NULL, /* check function */ -- eldapm_find, /* find function */ -- NULL, /* no close function */ -- eldap_tidy, /* sic */ /* tidy function */ -- eldap_quote /* sic */ /* quoting function */ --#else -- NULL, NULL, NULL, NULL, NULL, NULL /* lookup not present */ --#endif -- }, -- --/* Linear search of single file */ -- -- { -- US"lsearch", /* lookup name */ -- lookup_absfile, /* uses absolute file name */ --#ifdef LOOKUP_LSEARCH -- lsearch_open, /* open function */ -- lsearch_check, /* check function */ -- lsearch_find, /* find function */ -- lsearch_close, /* close function */ -- NULL, /* no tidy function */ -- NULL /* no quoting function */ --#else -- NULL, NULL, NULL, NULL, NULL, NULL /* lookup not present */ --#endif -- }, -- --/* MYSQL lookup */ -- -- { -- US"mysql", /* lookup name */ -- lookup_querystyle, /* query-style lookup */ --#ifdef LOOKUP_MYSQL -- mysql_open, /* open function */ -- NULL, /* no check function */ -- mysql_find, /* find function */ -- NULL, /* no close function */ -- mysql_tidy, /* tidy function */ -- mysql_quote /* quoting function */ --#else -- NULL, NULL, NULL, NULL, NULL, NULL /* lookup not present */ --#endif -- }, -- --/* NIS lookup, excluding trailing 0 from key */ -- -- { -- US"nis", /* lookup name */ -- 0, /* not abs file, not query style*/ --#ifdef LOOKUP_NIS -- nis_open, /* open function */ -- NULL, /* check function */ -- nis_find, /* find function */ -- NULL, /* no close function */ -- NULL, /* no tidy function */ -- NULL /* no quoting function */ --#else -- NULL, NULL, NULL, NULL, NULL, NULL /* lookup not present */ --#endif -- }, -- --/* NIS lookup, including trailing 0 in key */ -- -- { -- US"nis0", /* lookup name */ -- 0, /* not absfile, not query style */ --#ifdef LOOKUP_NIS -- nis_open, /* sic */ /* open function */ -- NULL, /* check function */ -- nis0_find, /* find function */ -- NULL, /* no close function */ -- NULL, /* no tidy function */ -- NULL /* no quoting function */ --#else -- NULL, NULL, NULL, NULL, NULL, NULL /* lookup not present */ --#endif -- }, -- --/* NIS+ lookup */ -- -- { -- US"nisplus", /* lookup name */ -- lookup_querystyle, /* query-style lookup */ --#ifdef LOOKUP_NISPLUS -- nisplus_open, /* open function */ -- NULL, /* check function */ -- nisplus_find, /* find function */ -- NULL, /* no close function */ -- NULL, /* no tidy function */ -- nisplus_quote /* quoting function */ --#else -- NULL, NULL, NULL, NULL, NULL, NULL /* lookup not present */ --#endif -- }, -- --/* Linear search of single file, with wildcarding but no pattern expansion. --Shares many functions with lsearch. */ -- -- { -- US"nwildlsearch", /* lookup name */ -- lookup_absfile, /* uses absolute file name */ --#ifdef LOOKUP_LSEARCH -- lsearch_open, /* open function */ -- lsearch_check, /* check function */ -- nwildlsearch_find, /* find function */ -- lsearch_close, /* close function */ -- NULL, /* no tidy function */ -- NULL /* no quoting function */ --#else -- NULL, NULL, NULL, NULL, NULL, NULL /* lookup not present */ --#endif -- }, -- --/* Oracle lookup */ -- -- { -- US"oracle", /* lookup name */ -- lookup_querystyle, /* query-style lookup */ --#ifdef LOOKUP_ORACLE -- oracle_open, /* open function */ -- NULL, /* check function */ -- oracle_find, /* find function */ -- NULL, /* no close function */ -- oracle_tidy, /* tidy function */ -- oracle_quote /* quoting function */ --#else -- NULL, NULL, NULL, NULL, NULL, NULL /* lookup not present */ --#endif -- }, -- --/* passwd lookup */ -- -- { -- US"passwd", /* lookup name */ -- lookup_querystyle, /* query-style lookup */ --#ifdef LOOKUP_PASSWD -- passwd_open, /* open function */ -- NULL, /* no check function */ -- passwd_find, /* find function */ -- NULL, /* no close function */ -- NULL, /* no tidy function */ -- NULL /* no quoting function */ --#else -- NULL, NULL, NULL, NULL, NULL, NULL /* lookup not present */ --#endif -- }, -- --/* PGSQL lookup */ -- -- { -- US"pgsql", /* lookup name */ -- lookup_querystyle, /* query-style lookup */ --#ifdef LOOKUP_PGSQL -- pgsql_open, /* open function */ -- NULL, /* no check function */ -- pgsql_find, /* find function */ -- NULL, /* no close function */ -- pgsql_tidy, /* tidy function */ -- pgsql_quote /* quoting function */ --#else -- NULL, NULL, NULL, NULL, NULL, NULL /* lookup not present */ --#endif -- }, -- --/* SPF lookup */ -- -- { -- US"spf", /* lookup name */ -- 0, /* not absfile, not query style */ --#ifdef EXPERIMENTAL_SPF -- spf_open, /* open function */ -- NULL, /* no check function */ -- spf_find, /* find function */ -- spf_close, /* close function */ -- NULL, /* no tidy function */ -- NULL /* no quoting function */ --#else -- NULL, NULL, NULL, NULL, NULL, NULL /* lookup not present */ --#endif -- }, -- --/* sqlite lookup */ -- -- { -- US"sqlite", /* lookup name */ -- lookup_absfilequery, /* query-style lookup, starts with file name */ --#ifdef LOOKUP_SQLITE -- sqlite_open, /* open function */ -- NULL, /* no check function */ -- sqlite_find, /* find function */ -- sqlite_close, /* close function */ -- NULL, /* no tidy function */ -- sqlite_quote /* quoting function */ --#else -- NULL, NULL, NULL, NULL, NULL, NULL /* lookup not present */ --#endif -- }, -- --/* Testdb lookup is for testing Exim, not useful for normal running. --For that reason, we omit the entry entirely when not building it into --the binary, so that attempts to use it give "unknown lookup type" instead --of "lookup type not available". */ -- --#ifdef LOOKUP_TESTDB -- { -- US"testdb", /* lookup name */ -- lookup_querystyle, /* query-style lookup */ -- testdb_open, /* open function */ -- NULL, /* check function */ -- testdb_find, /* find function */ -- NULL, /* no close function */ -- NULL, /* no tidy function */ -- NULL /* no quoting function */ -- }, --#endif -- --/* "Whoson" lookup */ -- -- { -- US"whoson", /* lookup name */ -- lookup_querystyle, /* query-style lookup */ --#ifdef LOOKUP_WHOSON -- whoson_open, /* open function */ -- NULL, /* check function */ -- whoson_find, /* find function */ -- NULL, /* no close function */ -- NULL, /* no tidy function */ -- NULL /* no quoting function */ --#else -- NULL, NULL, NULL, NULL, NULL, NULL /* lookup not present */ --#endif -- }, -- --/* Linear search of single file, with wildcarding and pattern expansion. Shares --many functions with lsearch. */ -- -- { -- US"wildlsearch", /* lookup name */ -- lookup_absfile, /* uses absolute file name */ --#ifdef LOOKUP_LSEARCH -- lsearch_open, /* open function */ -- lsearch_check, /* check function */ -- wildlsearch_find, /* find function */ -- lsearch_close, /* close function */ -- NULL, /* no tidy function */ -- NULL /* no quoting function */ --#else -- NULL, NULL, NULL, NULL, NULL, NULL /* lookup not present */ --#endif -- } --}; -- --/* Number of entries in the list */ -- --int lookup_list_count = sizeof(lookup_list)/sizeof(lookup_info); -- -- -+lookup_info **lookup_list; -+int lookup_list_count = 0; - - /* Table of information about all possible authentication mechamisms. All - entries are always present if any mechanism is declared, but the functions are -@@ -865,4 +348,226 @@ transport_info transports_available[] = { - { US"", NULL, NULL, NULL, 0, NULL, NULL, NULL, NULL, FALSE } - }; - -+struct lookupmodulestr -+{ -+ void *dl; -+ struct lookup_module_info *info; -+ struct lookupmodulestr *next; -+}; -+ -+static struct lookupmodulestr *lookupmodules = NULL; -+ -+static void addlookupmodule(void *dl, struct lookup_module_info *info) -+{ -+ struct lookupmodulestr *p = store_malloc(sizeof(struct lookupmodulestr)); -+ p->dl = dl; -+ p->info = info; -+ p->next = lookupmodules; -+ lookupmodules = p; -+ lookup_list_count += info->lookupcount; -+} -+ -+/* only valid after lookup_list and lookup_list_count are assigned */ -+static void add_lookup_to_list(lookup_info *info) -+{ -+ /* need to add the lookup to lookup_list, sorted */ -+ int pos = 0; -+ -+ /* strategy is to go through the list until we find -+ * either an empty spot or a name that is higher. -+ * this can't fail because we have enough space. */ -+ while (lookup_list[pos] -+ && (Ustrcmp(lookup_list[pos]->name, info->name) <= 0)) { -+ pos++; -+ } -+ if (lookup_list[pos]) { -+ /* need to insert it, so move all the other items up -+ * (last slot is still empty, of course) */ -+ memmove(&lookup_list[pos+1], -+ &lookup_list[pos], -+ sizeof(lookup_info **) * (lookup_list_count-pos-1)); -+ } -+ lookup_list[pos] = info; -+} -+ -+void init_lookup_list(void) -+{ -+ DIR *dd; -+ struct dirent *ent; -+ const pcre *regex_islookupmod = regex_must_compile(US"\\.so$", FALSE, TRUE); -+ int countmodules = 0; -+ int moduleerrors = 0; -+ struct lookupmodulestr *p; -+ -+#if defined(LOOKUP_CDB) && LOOKUP_CDB!=2 -+extern lookup_module_info cdb_lookup_module_info; -+ addlookupmodule(NULL, &cdb_lookup_module_info); -+#endif -+ -+#if defined(LOOKUP_DBM) && LOOKUP_DBM!=2 -+extern lookup_module_info dbmdb_lookup_module_info; -+ addlookupmodule(NULL, &dbmdb_lookup_module_info); -+#endif -+ -+#if defined(LOOKUP_DNSDB) && LOOKUP_DNSDB!=2 -+extern lookup_module_info dnsdb_lookup_module_info; -+ addlookupmodule(NULL, &dnsdb_lookup_module_info); -+#endif -+ -+#if defined(LOOKUP_DSEARCH) && LOOKUP_DSEARCH!=2 -+extern lookup_module_info dsearch_lookup_module_info; -+ addlookupmodule(NULL, &dsearch_lookup_module_info); -+#endif -+ -+#if defined(LOOKUP_IBASE) && LOOKUP_IBASE!=2 -+extern lookup_module_info ibase_lookup_module_info; -+ addlookupmodule(NULL, &ibase_lookup_module_info); -+#endif -+ -+#ifdef LOOKUP_LDAP -+extern lookup_module_info ldap_lookup_module_info; -+ addlookupmodule(NULL, &ldap_lookup_module_info); -+#endif -+ -+#if defined(LOOKUP_LSEARCH) && LOOKUP_LSEARCH!=2 -+extern lookup_module_info lsearch_lookup_module_info; -+ addlookupmodule(NULL, &lsearch_lookup_module_info); -+#endif -+ -+#if defined(LOOKUP_MYSQL) && LOOKUP_MYSQL!=2 -+extern lookup_module_info mysql_lookup_module_info; -+ addlookupmodule(NULL, &mysql_lookup_module_info); -+#endif -+ -+#if defined(LOOKUP_NIS) && LOOKUP_NIS!=2 -+extern lookup_module_info nis_lookup_module_info; -+ addlookupmodule(NULL, &nis_lookup_module_info); -+#endif -+ -+#if defined(LOOKUP_NISPLUS) && LOOKUP_NISPLUS!=2 -+extern lookup_module_info nisplus_lookup_module_info; -+ addlookupmodule(NULL, &nisplus_lookup_module_info); -+#endif -+ -+#if defined(LOOKUP_ORACLE) && LOOKUP_ORACLE!=2 -+extern lookup_module_info oracle_lookup_module_info; -+ addlookupmodule(NULL, &oracle_lookup_module_info); -+#endif -+ -+#if defined(LOOKUP_PASSWD) && LOOKUP_PASSWD!=2 -+extern lookup_module_info passwd_lookup_module_info; -+ addlookupmodule(NULL, &passwd_lookup_module_info); -+#endif -+ -+#if defined(LOOKUP_PGSQL) && LOOKUP_PGSQL!=2 -+extern lookup_module_info pgsql_lookup_module_info; -+ addlookupmodule(NULL, &pgsql_lookup_module_info); -+#endif -+ -+#ifdef EXPERIMENTAL_SPF -+extern lookup_module_info spf_lookup_module_info; -+ addlookupmodule(NULL, &spf_lookup_module_info); -+#endif -+ -+#if defined(LOOKUP_SQLITE) && LOOKUP_SQLITE!=2 -+extern lookup_module_info sqlite_lookup_module_info; -+ addlookupmodule(NULL, &sqlite_lookup_module_info); -+#endif -+ -+#if defined(LOOKUP_TESTDB) && LOOKUP_TESTDB!=2 -+extern lookup_module_info testdb_lookup_module_info; -+ addlookupmodule(NULL, &testdb_lookup_module_info); -+#endif -+ -+#if defined(LOOKUP_WHOSON) && LOOKUP_WHOSON!=2 -+extern lookup_module_info whoson_lookup_module_info; -+ addlookupmodule(NULL, &whoson_lookup_module_info); -+#endif -+ -+#ifdef LOOKUP_MODULE_DIR -+ dd = opendir(LOOKUP_MODULE_DIR); -+ if (dd == NULL) { -+ DEBUG(5) debug_printf("Couldn't open %s: not loading lookup modules\n", LOOKUP_MODULE_DIR); -+ log_write(0, LOG_MAIN, "Couldn't open %s: not loading lookup modules\n", LOOKUP_MODULE_DIR); -+ } -+ else { -+ DEBUG(9) debug_printf("Loading lookup modules from %s\n", LOOKUP_MODULE_DIR); -+ while ((ent = readdir(dd)) != NULL) { -+ char *name = ent->d_name; -+ int len = (int)strlen(name); -+ if (pcre_exec(regex_islookupmod, NULL, name, len, 0, PCRE_EOPT, NULL, 0) >= 0) { -+ int pathnamelen = len + (int)strlen(LOOKUP_MODULE_DIR) + 2; -+ void *dl; -+ struct lookup_module_info *info; -+ char *errormsg; -+ -+ /* SRH: am I being paranoid here or what? */ -+ if (pathnamelen > big_buffer_size) { -+ fprintf(stderr, "Loading lookup modules: %s/%s: name too long\n", LOOKUP_MODULE_DIR, name); -+ log_write(0, LOG_MAIN|LOG_PANIC, "%s/%s: name too long\n", LOOKUP_MODULE_DIR, name); -+ continue; -+ } -+ -+ /* SRH: snprintf here? */ -+ sprintf(CS big_buffer, "%s/%s", LOOKUP_MODULE_DIR, name); -+ -+ dl = dlopen(CS big_buffer, RTLD_NOW);// TJ was LAZY -+ if (dl == NULL) { -+ fprintf(stderr, "Error loading %s: %s\n", name, dlerror()); -+ moduleerrors++; -+ log_write(0, LOG_MAIN|LOG_PANIC, "Error loading lookup module %s: %s\n", name, dlerror()); -+ continue; -+ } -+ -+ info = (struct lookup_module_info*) dlsym(dl, "_lookup_module_info"); -+ if ((errormsg = dlerror()) != NULL) { -+ fprintf(stderr, "%s does not appear to be a lookup module (%s)\n", name, errormsg); -+ dlclose(dl); -+ moduleerrors++; -+ log_write(0, LOG_MAIN|LOG_PANIC, "%s does not appear to be a lookup module (%s)\n", name, errormsg); -+ continue; -+ } -+ if (info->magic != LOOKUP_MODULE_INFO_MAGIC) { -+ fprintf(stderr, "Lookup module %s is not compatible with this version of Exim\n", name); -+ dlclose(dl); -+ moduleerrors++; -+ log_write(0, LOG_MAIN|LOG_PANIC, "Lookup module %s is not compatible with this version of Exim\n", name); -+ continue; -+ } -+ -+ addlookupmodule(dl, info); -+ DEBUG(9) debug_printf("Loaded \"%s\" (%d lookup types)\n", name, info->lookupcount); -+ countmodules++; -+ } -+ } -+ closedir(dd); -+ } -+ -+ DEBUG(9) debug_printf("Loaded %d lookup modules\n", countmodules); -+#endif -+ -+ store_free((void*)regex_islookupmod); -+ -+ DEBUG(4) debug_printf("Total %d lookups\n", lookup_list_count); -+ -+ lookup_list = store_malloc(sizeof(lookup_info *) * lookup_list_count); -+ memset(lookup_list, 0, sizeof(lookup_info *) * lookup_list_count); -+ -+ /* now add all lookups to the real list */ -+ p = lookupmodules; -+ while (p) { -+ int j; -+ struct lookupmodulestr *pnext; -+ -+ for (j = 0; j < p->info->lookupcount; j++) -+ add_lookup_to_list(p->info->lookups[j]); -+ -+ pnext = p->next; -+ store_free(p); -+ p = pnext; -+ } -+ /* just to be sure */ -+ lookupmodules = NULL; -+} -+ - /* End of drtables.c */ -diff --git a/src/src/exim.c b/src/src/exim.c -index dce42f0..bda6190 100644 ---- a/src/src/exim.c -+++ b/src/src/exim.c -@@ -776,53 +776,53 @@ fprintf(f, "Support for:"); - #endif - fprintf(f, "\n"); - --fprintf(f, "Lookups:"); --#ifdef LOOKUP_LSEARCH -+fprintf(f, "Lookups (built-in):"); -+#if defined(LOOKUP_LSEARCH) && LOOKUP_LSEARCH!=2 - fprintf(f, " lsearch wildlsearch nwildlsearch iplsearch"); - #endif --#ifdef LOOKUP_CDB -+#if defined(LOOKUP_CDB) && LOOKUP_CDB!=2 - fprintf(f, " cdb"); - #endif --#ifdef LOOKUP_DBM -+#if defined(LOOKUP_DBM) && LOOKUP_DBM!=2 - fprintf(f, " dbm dbmnz"); - #endif --#ifdef LOOKUP_DNSDB -+#if defined(LOOKUP_DNSDB) && LOOKUP_DNSDB!=2 - fprintf(f, " dnsdb"); - #endif --#ifdef LOOKUP_DSEARCH -+#if defined(LOOKUP_DSEARCH) && LOOKUP_DSEARCH!=2 - fprintf(f, " dsearch"); - #endif --#ifdef LOOKUP_IBASE -+#if defined(LOOKUP_IBASE) && LOOKUP_IBASE!=2 - fprintf(f, " ibase"); - #endif --#ifdef LOOKUP_LDAP -+#if defined(LOOKUP_LDAP) && LOOKUP_LDAP!=2 - fprintf(f, " ldap ldapdn ldapm"); - #endif --#ifdef LOOKUP_MYSQL -+#if defined(LOOKUP_MYSQL) && LOOKUP_MYSQL!=2 - fprintf(f, " mysql"); - #endif --#ifdef LOOKUP_NIS -+#if defined(LOOKUP_NIS) && LOOKUP_NIS!=2 - fprintf(f, " nis nis0"); - #endif --#ifdef LOOKUP_NISPLUS -+#if defined(LOOKUP_NISPLUS) && LOOKUP_NISPLUS!=2 - fprintf(f, " nisplus"); - #endif --#ifdef LOOKUP_ORACLE -+#if defined(LOOKUP_ORACLE) && LOOKUP_ORACLE!=2 - fprintf(f, " oracle"); - #endif --#ifdef LOOKUP_PASSWD -+#if defined(LOOKUP_PASSWD) && LOOKUP_PASSWD!=2 - fprintf(f, " passwd"); - #endif --#ifdef LOOKUP_PGSQL -+#if defined(LOOKUP_PGSQL) && LOOKUP_PGSQL!=2 - fprintf(f, " pgsql"); - #endif --#ifdef LOOKUP_SQLITE -+#if defined(LOOKUP_SQLITE) && LOOKUP_SQLITE!=2 - fprintf(f, " sqlite"); - #endif --#ifdef LOOKUP_TESTDB -+#if defined(LOOKUP_TESTDB) && LOOKUP_TESTDB!=2 - fprintf(f, " testdb"); - #endif --#ifdef LOOKUP_WHOSON -+#if defined(LOOKUP_WHOSON) && LOOKUP_WHOSON!=2 - fprintf(f, " whoson"); - #endif - fprintf(f, "\n"); -@@ -3510,6 +3510,10 @@ if (opt_perl_at_start && opt_perl_startup != NULL) - } - #endif /* EXIM_PERL */ - -+/* Initialise lookup_list */ -+extern void init_lookup_list(void); -+init_lookup_list(); -+ - /* Log the arguments of the call if the configuration file said so. This is - a debugging feature for finding out what arguments certain MUAs actually use. - Don't attempt it if logging is disabled, or if listing variables or if -diff --git a/src/src/expand.c b/src/src/expand.c -index 7adf673..702faab 100644 ---- a/src/src/expand.c -+++ b/src/src/expand.c -@@ -5506,8 +5506,8 @@ while (*s != 0) - goto EXPAND_FAILED; - } - -- if (lookup_list[n].quote != NULL) -- sub = (lookup_list[n].quote)(sub, opt); -+ if (lookup_list[n]->quote != NULL) -+ sub = (lookup_list[n]->quote)(sub, opt); - else if (opt != NULL) sub = NULL; - - if (sub == NULL) -diff --git a/src/src/globals.c b/src/src/globals.c -index 71de52a..6653d62 100644 ---- a/src/src/globals.c -+++ b/src/src/globals.c -@@ -13,21 +13,6 @@ that they are easy to find. */ - #include "exim.h" - - --/* The OSF1 linker puts out a worrying warning if any sections contain no --executable code. It says -- --Warning: Linking some objects which contain exception information sections -- and some which do not. This may cause fatal runtime exception handling -- problems. -- --As this may cause people to worry needlessly, include a dummy function here --to stop the message from appearing. Make it reference itself to stop picky --compilers complaining that it is unused, and put in a dummy argument to stop --even pickier compilers complaining about infinite loops. */ -- --static void dummy(int x) { dummy(x-1); } -- -- - /* Generic options for auths, all of which live inside auth_instance - data blocks and hence have the opt_public flag set. */ - -diff --git a/src/src/globals.h b/src/src/globals.h -index b4e3f2a..db7a79b 100644 ---- a/src/src/globals.h -+++ b/src/src/globals.h -@@ -441,7 +441,7 @@ extern BOOL log_testing_mode; /* TRUE in various testing modes */ - extern BOOL log_timezone; /* TRUE to include the timezone in log lines */ - extern unsigned int log_write_selector;/* Bit map of logging options for log_write() */ - extern uschar *login_sender_address; /* The actual sender address */ --extern lookup_info lookup_list[]; /* Vector of available lookups */ -+extern lookup_info **lookup_list; /* Array of pointers to available lookups */ - extern int lookup_list_count; /* Number of entries in the list */ - extern int lookup_open_max; /* Max lookup files to cache */ - extern uschar *lookup_value; /* Value looked up from file */ -diff --git a/src/src/lookupapi.h b/src/src/lookupapi.h -new file mode 100644 -index 0000000..97f92ab ---- /dev/null -+++ b/src/src/lookupapi.h -@@ -0,0 +1,58 @@ -+/* $Cambridge$ */ -+ -+/************************************************* -+* Exim - an Internet mail transport agent * -+*************************************************/ -+ -+/* Copyright (c) University of Cambridge 1995 - 2009 */ -+/* See the file NOTICE for conditions of use and distribution. */ -+ -+ -+/* The "type" field in each item is a set of bit flags: -+ -+ lookup_querystyle => this is a query-style lookup, -+ else single-key (+ file) style -+ lookup_absfile => an absolute file name is required, -+ (for single-key style only) -+*/ -+ -+typedef struct lookup_info { -+ uschar *name; /* e.g. "lsearch" */ -+ int type; /* query/singlekey/abs-file */ -+ void *(*open)( /* open function */ -+ uschar *, /* file name for those that have one */ -+ uschar **); /* for error message */ -+ BOOL (*check)( /* file checking function */ -+ void *, /* handle */ -+ uschar *, /* file name */ -+ int, /* modemask for file checking */ -+ uid_t *, /* owners for file checking */ -+ gid_t *, /* owngroups for file checking */ -+ uschar **); /* for error messages */ -+ int (*find)( /* find function */ -+ void *, /* handle */ -+ uschar *, /* file name or NULL */ -+ uschar *, /* key or query */ -+ int, /* length of key or query */ -+ uschar **, /* for returning answer */ -+ uschar **, /* for error message */ -+ BOOL *); /* to request cache cleanup */ -+ void (*close)( /* close function */ -+ void *); /* handle */ -+ void (*tidy)(void); /* tidy function */ -+ uschar *(*quote)( /* quoting function */ -+ uschar *, /* string to quote */ -+ uschar *); /* additional data from quote name */ -+} lookup_info; -+ -+/* This magic number is used by the following lookup_module_info structure -+ for checking API compatibility. It's equivalent to the string"LMM1" */ -+#define LOOKUP_MODULE_INFO_MAGIC 0x4c4d4d31 -+ -+typedef struct lookup_module_info { -+ uint magic; -+ lookup_info **lookups; -+ uint lookupcount; -+} lookup_module_info; -+ -+/* End of lookupapi.h */ -diff --git a/src/src/lookups/Makefile b/src/src/lookups/Makefile -index 2c7cb87..76e56da 100644 ---- a/src/src/lookups/Makefile -+++ b/src/src/lookups/Makefile -@@ -1,13 +1,171 @@ - # $Cambridge: exim/src/src/lookups/Makefile,v 1.9 2009/06/10 07:34:05 tom Exp $ - --# Make file for building a library containing all the available lookups and --# calling it lookups.a. This is called from the main make file, after cd'ing --# to the lookups subdirectory. When the relevant LOOKUP_ macros are not --# defined, dummy modules get compiled. -+# Make file for building all the available lookups. -+# This is called from the main make file, after cd'ing -+# to the lookups subdirectory. - --OBJ = cdb.o dbmdb.o dnsdb.o dsearch.o ibase.o ldap.o lsearch.o mysql.o nis.o \ -- nisplus.o oracle.o passwd.o pgsql.o spf.o sqlite.o testdb.o whoson.o \ -- lf_check_file.o lf_quote.o lf_sqlperform.o -+# because the variable is EXPERIMENTAL_SPF and not LOOKUP_SPF -+# we put this one here by default and compile a dummy if -+# EXPERIMENTAL_SPF is not defined -+OBJ=spf.o -+MODS= -+ -+ifeq ($(LOOKUP_CDB),2) -+MODS += cdb.so -+LOOKUP_cdb_INCLUDE = $(LOOKUP_CDB_INCLUDE) -+LOOKUP_cdb_LIBS = $(LOOKUP_CDB_LIBS) -+else -+ifneq ($(LOOKUP_CDB),) -+OBJ += cdb.o -+endif -+endif -+ -+ifeq ($(LOOKUP_DBM),2) -+MODS += dbmdb.so -+LOOKUP_dbmdb_INCLUDE = $(LOOKUP_DBM_INCLUDE) -+LOOKUP_dbmdb_LIBS = $(LOOKUP_DBM_LIBS) -+else -+ifneq ($(LOOKUP_DBM),) -+OBJ += dbmdb.o -+endif -+endif -+ -+ifeq ($(LOOKUP_DNSDB),2) -+MODS += dnsdb.so -+LOOKUP_dnsdb_INCLUDE = $(LOOKUP_DNSDB_INCLUDE) -+LOOKUP_dnsdb_LIBS = $(LOOKUP_DNSDB_LIBS) -+else -+ifneq ($(LOOKUP_DNSDB),) -+OBJ += dnsdb.o -+endif -+endif -+ -+ifeq ($(LOOKUP_DSEARCH),2) -+MODS += dsearch.so -+LOOKUP_dsearch_INCLUDE = $(LOOKUP_DSEARCH_INCLUDE) -+LOOKUP_dsearch_LIBS = $(LOOKUP_DSEARCH_LIBS) -+else -+ifneq ($(LOOKUP_DSEARCH),) -+OBJ += dsearch.o -+endif -+endif -+ -+ifeq ($(LOOKUP_IBASE),2) -+MODS += ibase.so -+LOOKUP_ibase_INCLUDE = $(LOOKUP_IBASE_INCLUDE) -+LOOKUP_ibase_LIBS = $(LOOKUP_IBASE_LIBS) -+else -+ifneq ($(LOOKUP_IBASE),) -+OBJ += ibase.o -+endif -+endif -+ -+ifneq ($(LOOKUP_LDAP),) -+OBJ += ldap.o -+endif -+ -+ifeq ($(LOOKUP_LSEARCH),2) -+MODS += lsearch.so -+LOOKUP_lsearch_INCLUDE = $(LOOKUP_LSEARCH_INCLUDE) -+LOOKUP_lsearch_LIBS = $(LOOKUP_LSEARCH_LIBS) -+else -+ifneq ($(LOOKUP_LSEARCH),) -+OBJ += lsearch.o -+endif -+endif -+ -+ifeq ($(LOOKUP_MYSQL),2) -+MODS += mysql.so -+LOOKUP_mysql_INCLUDE = $(LOOKUP_MYSQL_INCLUDE) -+LOOKUP_mysql_LIBS = $(LOOKUP_MYSQL_LIBS) -+else -+ifneq ($(LOOKUP_MYSQL),) -+OBJ += mysql.o -+endif -+endif -+ -+ifeq ($(LOOKUP_NIS),2) -+MODS += nis.so -+LOOKUP_nis_INCLUDE = $(LOOKUP_NIS_INCLUDE) -+LOOKUP_nis_LIBS = $(LOOKUP_NIS_LIBS) -+else -+ifneq ($(LOOKUP_NIS),) -+OBJ += nis.o -+endif -+endif -+ -+ifeq ($(LOOKUP_NISPLUS),2) -+MODS += nisplus.so -+LOOKUP_nisplus_INCLUDE = $(LOOKUP_NISPLUS_INCLUDE) -+LOOKUP_nisplus_LIBS = $(LOOKUP_NISPLUS_LIBS) -+else -+ifneq ($(LOOKUP_NISPLUS),) -+OBJ += nisplus.o -+endif -+endif -+ -+ifeq ($(LOOKUP_ORACLE),2) -+MODS += oracle.so -+LOOKUP_oracle_INCLUDE = $(LOOKUP_ORACLE_INCLUDE) -+LOOKUP_oracle_LIBS = $(LOOKUP_ORACLE_LIBS) -+else -+ifneq ($(LOOKUP_ORACLE),) -+OBJ += oracle.o -+endif -+endif -+ -+ifeq ($(LOOKUP_PASSWD),2) -+MODS += passwd.so -+LOOKUP_passwd_INCLUDE = $(LOOKUP_PASSWD_INCLUDE) -+LOOKUP_passwd_LIBS = $(LOOKUP_PASSWD_LIBS) -+else -+ifneq ($(LOOKUP_PASSWD),) -+OBJ += passwd.o -+endif -+endif -+ -+ifeq ($(LOOKUP_PGSQL),2) -+MODS += pgsql.so -+LOOKUP_pgsql_INCLUDE = $(LOOKUP_PGSQL_INCLUDE) -+LOOKUP_pgsql_LIBS = $(LOOKUP_PGSQL_LIBS) -+else -+ifneq ($(LOOKUP_PGSQL),) -+OBJ += pgsql.o -+endif -+endif -+ -+ifeq ($(LOOKUP_SQLITE),2) -+MODS += sqlite.so -+LOOKUP_sqlite_INCLUDE = $(LOOKUP_SQLITE_INCLUDE) -+LOOKUP_sqlite_LIBS = $(LOOKUP_SQLITE_LIBS) -+else -+ifneq ($(LOOKUP_SQLITE),) -+OBJ += sqlite.o -+endif -+endif -+ -+ifeq ($(LOOKUP_TESTDB),2) -+MODS += testdb.so -+LOOKUP_testdb_INCLUDE = $(LOOKUP_TESTDB_INCLUDE) -+LOOKUP_testdb_LIBS = $(LOOKUP_TESTDB_LIBS) -+else -+ifneq ($(LOOKUP_TESTDB),) -+OBJ += testdb.o -+endif -+endif -+ -+ifeq ($(LOOKUP_WHOSON),2) -+MODS += whoson.so -+LOOKUP_whoson_INCLUDE = $(LOOKUP_WHOSON_INCLUDE) -+LOOKUP_whoson_LIBS = $(LOOKUP_WHOSON_LIBS) -+else -+ifneq ($(LOOKUP_WHOSON),) -+OBJ += whoson.o -+endif -+endif -+ -+ -+all: lookups.a lf_quote.o lf_check_file.o lf_sqlperform.o $(MODS) - - lookups.a: $(OBJ) - @$(RM_COMMAND) -f lookups.a -@@ -15,30 +173,51 @@ lookups.a: $(OBJ) - @$(AR) lookups.a $(OBJ) - $(RANLIB) $@ - --.SUFFIXES: .o .c -+.SUFFIXES: .o .c .so - .c.o:; @echo "$(CC) $*.c" - $(FE)$(CC) -c $(CFLAGS) $(INCLUDE) $*.c - -+.c.so:; @echo "$(CC) -shared $*.c" -+ $(FE)$(CC) $(LOOKUP_$*_INCLUDE) $(LOOKUP_$*_LIBS) -DDYNLOOKUP -shared -rdynamic $(CFLAGS) $(INCLUDE) $(DLFLAGS) $*.c -o $@ -+ - lf_check_file.o: $(HDRS) lf_check_file.c lf_functions.h - lf_quote.o: $(HDRS) lf_quote.c lf_functions.h - lf_sqlperform.o: $(HDRS) lf_sqlperform.c lf_functions.h - --cdb.o: $(HDRS) cdb.c cdb.h --dbmdb.o: $(HDRS) dbmdb.c dbmdb.h --dnsdb.o: $(HDRS) dnsdb.c dnsdb.h --dsearch.o: $(HDRS) dsearch.c dsearch.h --ibase.o: $(HDRS) ibase.c ibase.h --ldap.o: $(HDRS) ldap.c ldap.h --lsearch.o: $(HDRS) lsearch.c lsearch.h --mysql.o: $(HDRS) mysql.c mysql.h --nis.o: $(HDRS) nis.c nis.h --nisplus.o: $(HDRS) nisplus.c nisplus.h --oracle.o: $(HDRS) oracle.c oracle.h --passwd.o: $(HDRS) passwd.c passwd.h --pgsql.o: $(HDRS) pgsql.c pgsql.h --spf.o: $(HDRS) spf.c spf.h --sqlite.o: $(HDRS) sqlite.c sqlite.h --testdb.o: $(HDRS) testdb.c testdb.h --whoson.o: $(HDRS) whoson.c whoson.h -+cdb.o: $(HDRS) cdb.c -+dbmdb.o: $(HDRS) dbmdb.c -+dnsdb.o: $(HDRS) dnsdb.c -+dsearch.o: $(HDRS) dsearch.c -+ibase.o: $(HDRS) ibase.c -+ldap.o: $(HDRS) ldap.c -+lsearch.o: $(HDRS) lsearch.c -+mysql.o: $(HDRS) mysql.c -+nis.o: $(HDRS) nis.c -+nisplus.o: $(HDRS) nisplus.c -+oracle.o: $(HDRS) oracle.c -+passwd.o: $(HDRS) passwd.c -+pgsql.o: $(HDRS) pgsql.c -+spf.o: $(HDRS) spf.c -+sqlite.o: $(HDRS) sqlite.c -+testdb.o: $(HDRS) testdb.c -+whoson.o: $(HDRS) whoson.c -+ -+cdb.so: $(HDRS) cdb.c -+dbmdb.so: $(HDRS) dbmdb.c -+dnsdb.so: $(HDRS) dnsdb.c -+dsearch.so: $(HDRS) dsearch.c -+ibase.so: $(HDRS) ibase.c -+ldap.so: $(HDRS) ldap.c -+lsearch.so: $(HDRS) lsearch.c -+mysql.so: $(HDRS) mysql.c -+nis.so: $(HDRS) nis.c -+nisplus.so: $(HDRS) nisplus.c -+oracle.so: $(HDRS) oracle.c -+passwd.so: $(HDRS) passwd.c -+pgsql.so: $(HDRS) pgsql.c -+spf.so: $(HDRS) spf.c -+sqlite.so: $(HDRS) sqlite.c -+testdb.so: $(HDRS) testdb.c -+whoson.so: $(HDRS) whoson.c - - # End -diff --git a/src/src/lookups/cdb.c b/src/src/lookups/cdb.c -index 68000c6..6e8b887 100644 ---- a/src/src/lookups/cdb.c -+++ b/src/src/lookups/cdb.c -@@ -56,7 +56,6 @@ - - #include "../exim.h" - #include "lf_functions.h" --#include "cdb.h" - - #ifdef HAVE_MMAP - # include -@@ -144,7 +143,9 @@ cdb_unpack(uschar *buf) - return num; - } - --void * -+static void cdb_close(void *handle); -+ -+static void * - cdb_open(uschar *filename, - uschar **errmsg) - { -@@ -245,7 +246,7 @@ cdb_open(uschar *filename, - * Check entry point * - *************************************************/ - --BOOL -+static BOOL - cdb_check(void *handle, - uschar *filename, - int modemask, -@@ -270,7 +271,7 @@ cdb_check(void *handle, - * Find entry point * - *************************************************/ - --int -+static int - cdb_find(void *handle, - uschar *filename, - uschar *keystring, -@@ -418,7 +419,7 @@ cdb_find(void *handle, - - /* See local README for interface description */ - --void -+static void - cdb_close(void *handle) - { - struct cdb_state * cdbp = handle; -@@ -434,4 +435,22 @@ struct cdb_state * cdbp = handle; - (void)close(cdbp->fileno); - } - -+lookup_info cdb_lookup_info = { -+ US"cdb", /* lookup name */ -+ lookup_absfile, /* uses absolute file name */ -+ cdb_open, /* open function */ -+ cdb_check, /* check function */ -+ cdb_find, /* find function */ -+ cdb_close, /* close function */ -+ NULL, /* no tidy function */ -+ NULL /* no quoting function */ -+}; -+ -+#ifdef DYNLOOKUP -+#define cdb_lookup_module_info _lookup_module_info -+#endif -+ -+static lookup_info *_lookup_list[] = { &cdb_lookup_info }; -+lookup_module_info cdb_lookup_module_info = { LOOKUP_MODULE_INFO_MAGIC, _lookup_list, 1 }; -+ - /* End of lookups/cdb.c */ -diff --git a/src/src/lookups/cdb.h b/src/src/lookups/cdb.h -deleted file mode 100644 -index 084cafc..0000000 ---- a/src/src/lookups/cdb.h -+++ /dev/null -@@ -1,59 +0,0 @@ --/* $Cambridge: exim/src/src/lookups/cdb.h,v 1.1 2004/10/07 13:10:01 ph10 Exp $ */ -- --/************************************************* --* Exim - an Internet mail transport agent * --*************************************************/ -- --/* -- * $Id: cdb.h,v 1.2.2.1 1998/05/29 16:21:36 cvs Exp $ -- * -- * Exim - CDB database lookup module -- * ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -- * -- * Copyright (c) 1998 Nigel Metheringham, Planet Online Ltd -- * -- * This program is free software; you can redistribute it and/or -- * modify it under the terms of the GNU General Public License -- * as published by the Free Software Foundation; either version 2 -- * of the License, or (at your option) any later version. -- * -- * This program is distributed in the hope that it will be useful, -- * but WITHOUT ANY WARRANTY; without even the implied warranty of -- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -- * GNU General Public License for more details. -- * -- * You should have received a copy of the GNU General Public License -- * along with this program; if not, write to the Free Software -- * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA -- * 02111-1307, USA. -- * -- * -- * This code implements Dan Bernstein's Constant DataBase (cdb) spec. -- * Information, the spec and sample code for cdb can be obtained from -- * http://www.pobox.com/~djb/cdb.html -- * -- * This implementation borrows some code from Dan Bernstein's -- * implementation (which has no license restrictions applied to it). -- * This (read-only) implementation is completely contained within -- * cdb.[ch] it does *not* link against an external cdb library. -- * -- * -- * There are 2 varients included within this code. One uses MMAP and -- * should give better performance especially for multiple lookups on a -- * modern machine. The other is the default implementation which is -- * used in the case where the MMAP fails or if MMAP was not compiled -- * in. this implementation is the same as the original reference cdb -- * implementation. -- * -- */ -- -- --/* Functions for reading exim cdb files */ -- --extern void *cdb_open(uschar *, uschar **); --extern BOOL cdb_check(void *, uschar *, int, uid_t *, gid_t *, uschar **); --extern int cdb_find(void *, uschar *, uschar *, int, uschar **, uschar **, -- BOOL *); --extern void cdb_close(void *); -- --/* End of cdb.h */ -diff --git a/src/src/lookups/dbmdb.c b/src/src/lookups/dbmdb.c -index 200a204..29a4a3a 100644 ---- a/src/src/lookups/dbmdb.c -+++ b/src/src/lookups/dbmdb.c -@@ -9,7 +9,6 @@ - - #include "../exim.h" - #include "lf_functions.h" --#include "dbmdb.h" - - - /************************************************* -@@ -18,7 +17,7 @@ - - /* See local README for interface description */ - --void * -+static void * - dbmdb_open(uschar *filename, uschar **errmsg) - { - EXIM_DB *yield; -@@ -45,7 +44,7 @@ file name. If USE_TDB or USE_GDBM is set, we know it is tdb or gdbm, which do - the same. Otherwise, for safety, we have to check for x.db or x.dir and x.pag. - */ - --BOOL -+static BOOL - dbmdb_check(void *handle, uschar *filename, int modemask, uid_t *owners, - gid_t *owngroups, uschar **errmsg) - { -@@ -88,7 +87,7 @@ return rc == 0; - /* See local README for interface description. This function adds 1 to - the keylength in order to include the terminating zero. */ - --int -+static int - dbmdb_find(void *handle, uschar *filename, uschar *keystring, int length, - uschar **result, uschar **errmsg, BOOL *do_cache) - { -@@ -122,7 +121,7 @@ return FAIL; - /* See local README for interface description */ - - int --dbmnz_find(void *handle, uschar *filename, uschar *keystring, int length, -+static dbmnz_find(void *handle, uschar *filename, uschar *keystring, int length, - uschar **result, uschar **errmsg, BOOL *do_cache) - { - return dbmdb_find(handle, filename, keystring, length-1, result, errmsg, -@@ -138,9 +137,38 @@ return dbmdb_find(handle, filename, keystring, length-1, result, errmsg, - /* See local README for interface description */ - - void --dbmdb_close(void *handle) -+static dbmdb_close(void *handle) - { - EXIM_DBCLOSE((EXIM_DB *)handle); - } - -+lookup_info dbm_lookup_info = { -+ US"dbm", /* lookup name */ -+ lookup_absfile, /* uses absolute file name */ -+ dbmdb_open, /* open function */ -+ dbmdb_check, /* check function */ -+ dbmdb_find, /* find function */ -+ dbmdb_close, /* close function */ -+ NULL, /* no tidy function */ -+ NULL /* no quoting function */ -+}; -+ -+lookup_info dbmz_lookup_info = { -+ US"dbmnz", /* lookup name */ -+ lookup_absfile, /* uses absolute file name */ -+ dbmdb_open, /* sic */ /* open function */ -+ dbmdb_check, /* sic */ /* check function */ -+ dbmnz_find, /* find function */ -+ dbmdb_close, /* sic */ /* close function */ -+ NULL, /* no tidy function */ -+ NULL /* no quoting function */ -+}; -+ -+#ifdef DYNLOOKUP -+#define dbmdb_lookup_module_info _lookup_module_info -+#endif -+ -+static lookup_info *_lookup_list[] = { &dbm_lookup_info, &dbmz_lookup_info }; -+lookup_module_info dbmdb_lookup_module_info = { LOOKUP_MODULE_INFO_MAGIC, _lookup_list, 2 }; -+ - /* End of lookups/dbmdb.c */ -diff --git a/src/src/lookups/dbmdb.h b/src/src/lookups/dbmdb.h -deleted file mode 100644 -index d791383..0000000 ---- a/src/src/lookups/dbmdb.h -+++ /dev/null -@@ -1,21 +0,0 @@ --/* $Cambridge: exim/src/src/lookups/dbmdb.h,v 1.5 2009/11/16 19:50:38 nm4 Exp $ */ -- --/************************************************* --* Exim - an Internet mail transport agent * --*************************************************/ -- --/* Copyright (c) University of Cambridge 1995 - 2009 */ --/* See the file NOTICE for conditions of use and distribution. */ -- --/* Header for the dbm lookup. Use dbmdb in the code to avoid name --clashes with external library names. */ -- --extern void *dbmdb_open(uschar *, uschar **); --extern BOOL dbmdb_check(void *, uschar *, int, uid_t *, gid_t *, uschar **); --extern int dbmdb_find(void *, uschar *, uschar *, int, uschar **, uschar **, -- BOOL *); --extern int dbmnz_find(void *, uschar *, uschar *, int, uschar **, uschar **, -- BOOL *); --extern void dbmdb_close(void *); -- --/* End of lookups/dbmdb.h */ -diff --git a/src/src/lookups/dnsdb.c b/src/src/lookups/dnsdb.c -index 89ad67d..5c9f96b 100644 ---- a/src/src/lookups/dnsdb.c -+++ b/src/src/lookups/dnsdb.c -@@ -9,7 +9,6 @@ - - #include "../exim.h" - #include "lf_functions.h" --#include "dnsdb.h" - - - -@@ -67,7 +66,7 @@ static int type_values[] = { - - /* See local README for interface description. */ - --void * -+static void * - dnsdb_open(uschar *filename, uschar **errmsg) - { - filename = filename; /* Keep picky compilers happy */ -@@ -108,7 +107,7 @@ default is "TXT". - which may start with '<' in order to set a specific separator. The default - separator, as always, is colon. */ - --int -+static int - dnsdb_find(void *handle, uschar *filename, uschar *keystring, int length, - uschar **result, uschar **errmsg, BOOL *do_cache) - { -@@ -430,4 +429,22 @@ yield[ptr] = 0; - return OK; - } - -+static lookup_info _lookup_info = { -+ US"dnsdb", /* lookup name */ -+ lookup_querystyle, /* query style */ -+ dnsdb_open, /* open function */ -+ NULL, /* check function */ -+ dnsdb_find, /* find function */ -+ NULL, /* no close function */ -+ NULL, /* no tidy function */ -+ NULL /* no quoting function */ -+}; -+ -+#ifdef DYNLOOKUP -+#define dnsdb_lookup_module_info _lookup_module_info -+#endif -+ -+static lookup_info *_lookup_list[] = { &_lookup_info }; -+lookup_module_info dnsdb_lookup_module_info = { LOOKUP_MODULE_INFO_MAGIC, _lookup_list, 1 }; -+ - /* End of lookups/dnsdb.c */ -diff --git a/src/src/lookups/dnsdb.h b/src/src/lookups/dnsdb.h -deleted file mode 100644 -index c0e3a55..0000000 ---- a/src/src/lookups/dnsdb.h -+++ /dev/null -@@ -1,16 +0,0 @@ --/* $Cambridge: exim/src/src/lookups/dnsdb.h,v 1.5 2009/11/16 19:50:38 nm4 Exp $ */ -- --/************************************************* --* Exim - an Internet mail transport agent * --*************************************************/ -- --/* Copyright (c) University of Cambridge 1995 - 2009 */ --/* See the file NOTICE for conditions of use and distribution. */ -- --/* Header for the dnsdb lookup */ -- --extern void *dnsdb_open(uschar *, uschar **); --extern int dnsdb_find(void *, uschar *, uschar *, int, uschar **, uschar **, -- BOOL *); -- --/* End of lookups/dnsdb.h */ -diff --git a/src/src/lookups/dsearch.c b/src/src/lookups/dsearch.c -index ab468ca..575872c 100644 ---- a/src/src/lookups/dsearch.c -+++ b/src/src/lookups/dsearch.c -@@ -14,7 +14,6 @@ lstat()) rather than a directory scan). */ - - #include "../exim.h" - #include "lf_functions.h" --#include "dsearch.h" - - - -@@ -27,7 +26,7 @@ whether it exists and whether it is searchable. However, we don't need to keep - it open, because the "search" can be done by a call to lstat() rather than - actually scanning through the list of files. */ - --void * -+static void * - dsearch_open(uschar *dirname, uschar **errmsg) - { - DIR *dp = opendir(CS dirname); -@@ -51,7 +50,7 @@ return (void *)(-1); - integer as this gives warnings on 64-bit systems. */ - - BOOL --dsearch_check(void *handle, uschar *filename, int modemask, uid_t *owners, -+static dsearch_check(void *handle, uschar *filename, int modemask, uid_t *owners, - gid_t *owngroups, uschar **errmsg) - { - handle = handle; -@@ -69,7 +68,7 @@ scanning the directory, as it is hopefully faster to let the OS do the scanning - for us. */ - - int --dsearch_find(void *handle, uschar *dirname, uschar *keystring, int length, -+static dsearch_find(void *handle, uschar *dirname, uschar *keystring, int length, - uschar **result, uschar **errmsg, BOOL *do_cache) - { - struct stat statbuf; -@@ -115,9 +114,27 @@ return DEFER; - /* See local README for interface description */ - - void --dsearch_close(void *handle) -+static dsearch_close(void *handle) - { - handle = handle; /* Avoid compiler warning */ - } - -+static lookup_info _lookup_info = { -+ US"dsearch", /* lookup name */ -+ lookup_absfile, /* uses absolute file name */ -+ dsearch_open, /* open function */ -+ dsearch_check, /* check function */ -+ dsearch_find, /* find function */ -+ dsearch_close, /* close function */ -+ NULL, /* no tidy function */ -+ NULL /* no quoting function */ -+}; -+ -+#ifdef DYNLOOKUP -+#define dsearch_lookup_module_info _lookup_module_info -+#endif -+ -+static lookup_info *_lookup_list[] = { &_lookup_info }; -+lookup_module_info dsearch_lookup_module_info = { LOOKUP_MODULE_INFO_MAGIC, _lookup_list, 1 }; -+ - /* End of lookups/dsearch.c */ -diff --git a/src/src/lookups/dsearch.h b/src/src/lookups/dsearch.h -deleted file mode 100644 -index 771e736..0000000 ---- a/src/src/lookups/dsearch.h -+++ /dev/null -@@ -1,18 +0,0 @@ --/* $Cambridge: exim/src/src/lookups/dsearch.h,v 1.5 2009/11/16 19:50:38 nm4 Exp $ */ -- --/************************************************* --* Exim - an Internet mail transport agent * --*************************************************/ -- --/* Copyright (c) University of Cambridge 1995 - 2009 */ --/* See the file NOTICE for conditions of use and distribution. */ -- --/* Header for the dsearch lookup */ -- --extern void *dsearch_open(uschar *, uschar **); --extern BOOL dsearch_check(void *, uschar *, int, uid_t *, gid_t *, uschar **); --extern int dsearch_find(void *, uschar *, uschar *, int, uschar **, uschar **, -- BOOL *); --extern void dsearch_close(void *); -- --/* End of lookups/dsearch.h */ -diff --git a/src/src/lookups/ibase.c b/src/src/lookups/ibase.c -index 4ab153d..553d368 100644 ---- a/src/src/lookups/ibase.c -+++ b/src/src/lookups/ibase.c -@@ -11,14 +11,7 @@ - - #include "../exim.h" - #include "lf_functions.h" --#include "ibase.h" - --#ifndef LOOKUP_IBASE --static void dummy(int x) --{ -- dummy(x - 1); --} --#else - #include /* The system header */ - - /* Structure and anchor for caching connections. */ -@@ -40,7 +33,7 @@ static ibase_connection *ibase_connections = NULL; - - /* See local README for interface description. */ - --void *ibase_open(uschar * filename, uschar ** errmsg) -+static void *ibase_open(uschar * filename, uschar ** errmsg) - { - return (void *) (1); /* Just return something non-null */ - } -@@ -53,7 +46,7 @@ void *ibase_open(uschar * filename, uschar ** errmsg) - - /* See local README for interface description. */ - --void ibase_tidy(void) -+static void ibase_tidy(void) - { - ibase_connection *cn; - ISC_STATUS status[20]; -@@ -458,7 +451,7 @@ always leaves enough room for a terminating zero. */ - arguments are not used. Loop through a list of servers while the query is - deferred with a retryable error. */ - --int -+static int - ibase_find(void *handle, uschar * filename, uschar * query, int length, - uschar ** result, uschar ** errmsg, BOOL *do_cache) - { -@@ -510,7 +503,7 @@ Arguments: - Returns: the processed string or NULL for a bad option - */ - --uschar *ibase_quote(uschar * s, uschar * opt) -+static uschar *ibase_quote(uschar * s, uschar * opt) - { - register int c; - int count = 0; -@@ -553,6 +546,22 @@ uschar *ibase_quote(uschar * s, uschar * opt) - return quoted; - } - -+static lookup_info _lookup_info = { -+ US"ibase", /* lookup name */ -+ lookup_querystyle, /* query-style lookup */ -+ ibase_open, /* open function */ -+ NULL, /* no check function */ -+ ibase_find, /* find function */ -+ NULL, /* no close function */ -+ ibase_tidy, /* tidy function */ -+ ibase_quote /* quoting function */ -+}; -+ -+#ifdef DYNLOOKUP -+#define ibase_lookup_module_info _lookup_module_info - #endif -+ -+static lookup_info *_lookup_list[] = { &_lookup_info }; -+lookup_module_info ibase_lookup_module_info = { LOOKUP_MODULE_INFO_MAGIC, _lookup_list, 1 }; - - /* End of lookups/ibase.c */ -diff --git a/src/src/lookups/ibase.h b/src/src/lookups/ibase.h -deleted file mode 100644 -index 640772a..0000000 ---- a/src/src/lookups/ibase.h -+++ /dev/null -@@ -1,18 +0,0 @@ --/* $Cambridge: exim/src/src/lookups/ibase.h,v 1.5 2009/11/16 19:50:38 nm4 Exp $ */ -- --/************************************************* --* Exim - an Internet mail transport agent * --*************************************************/ -- --/* Copyright (c) University of Cambridge 1995 - 2009 */ --/* See the file NOTICE for conditions of use and distribution. */ -- --/* Header for the Interbase lookup functions */ -- --extern void *ibase_open(uschar *, uschar **); --extern int ibase_find(void *, uschar *, uschar *, int, uschar **, uschar **, -- BOOL *); --extern void ibase_tidy(void); --extern uschar *ibase_quote(uschar *, uschar *); -- --/* End of lookups/ibase.h */ -diff --git a/src/src/lookups/ldap.c b/src/src/lookups/ldap.c -index 936fe36..461ec15 100644 ---- a/src/src/lookups/ldap.c -+++ b/src/src/lookups/ldap.c -@@ -15,20 +15,6 @@ researching how to handle the different kinds of error. */ - - #include "../exim.h" - #include "lf_functions.h" --#include "ldap.h" -- -- --/* We can't just compile this code and allow the library mechanism to omit the --functions if they are not wanted, because we need to have the LDAP headers --available for compiling. Therefore, compile these functions only if LOOKUP_LDAP --is defined. However, some compilers don't like compiling empty modules, so keep --them happy with a dummy when skipping the rest. Make it reference itself to --stop picky compilers complaining that it is unused, and put in a dummy argument --to stop even pickier compilers complaining about infinite loops. */ -- --#ifndef LOOKUP_LDAP --static void dummy(int x) { dummy(x-1); } --#else - - - /* Include LDAP headers. The code below uses some "old" LDAP interfaces that -@@ -1196,7 +1182,7 @@ return DEFER; - are handled by a common function, with a flag to differentiate between them. - The handle and filename arguments are not used. */ - --int -+static int - eldap_find(void *handle, uschar *filename, uschar *ldap_url, int length, - uschar **result, uschar **errmsg, BOOL *do_cache) - { -@@ -1205,7 +1191,7 @@ do_cache = do_cache; - return(control_ldap_search(ldap_url, SEARCH_LDAP_SINGLE, result, errmsg)); - } - --int -+static int - eldapm_find(void *handle, uschar *filename, uschar *ldap_url, int length, - uschar **result, uschar **errmsg, BOOL *do_cache) - { -@@ -1214,7 +1200,7 @@ do_cache = do_cache; - return(control_ldap_search(ldap_url, SEARCH_LDAP_MULTIPLE, result, errmsg)); - } - --int -+static int - eldapdn_find(void *handle, uschar *filename, uschar *ldap_url, int length, - uschar **result, uschar **errmsg, BOOL *do_cache) - { -@@ -1240,7 +1226,7 @@ return(control_ldap_search(ldap_url, SEARCH_LDAP_AUTH, result, errmsg)); - - /* See local README for interface description. */ - --void * -+static void * - eldap_open(uschar *filename, uschar **errmsg) - { - return (void *)(1); /* Just return something non-null */ -@@ -1255,7 +1241,7 @@ return (void *)(1); /* Just return something non-null */ - /* See local README for interface description. - Make sure that eldap_dn does not refer to reclaimed or worse, freed store */ - --void -+static void - eldap_tidy(void) - { - LDAP_CONNECTION *lcp = NULL; -@@ -1351,7 +1337,7 @@ quote_ldap_dn, respectively. */ - - - --uschar * -+static uschar * - eldap_quote(uschar *s, uschar *opt) - { - register int c; -@@ -1470,6 +1456,44 @@ else - return quoted; - } - --#endif /* LOOKUP_LDAP */ -+static lookup_info ldap_lookup_info = { -+ US"ldap", /* lookup name */ -+ lookup_querystyle, /* query-style lookup */ -+ eldap_open, /* open function */ -+ NULL, /* check function */ -+ eldap_find, /* find function */ -+ NULL, /* no close function */ -+ eldap_tidy, /* tidy function */ -+ eldap_quote /* quoting function */ -+}; -+ -+static lookup_info ldapdn_lookup_info = { -+ US"ldapdn", /* lookup name */ -+ lookup_querystyle, /* query-style lookup */ -+ eldap_open, /* sic */ /* open function */ -+ NULL, /* check function */ -+ eldapdn_find, /* find function */ -+ NULL, /* no close function */ -+ eldap_tidy, /* sic */ /* tidy function */ -+ eldap_quote /* sic */ /* quoting function */ -+}; -+ -+static lookup_info ldapm_lookup_info = { -+ US"ldapm", /* lookup name */ -+ lookup_querystyle, /* query-style lookup */ -+ eldap_open, /* sic */ /* open function */ -+ NULL, /* check function */ -+ eldapm_find, /* find function */ -+ NULL, /* no close function */ -+ eldap_tidy, /* sic */ /* tidy function */ -+ eldap_quote /* sic */ /* quoting function */ -+}; -+ -+#ifdef DYNLOOKUP -+#define ldap_lookup_module_info _lookup_module_info -+#endif -+ -+static lookup_info *_lookup_list[] = { &ldap_lookup_info, &ldapdn_lookup_info, &ldapm_lookup_info }; -+lookup_module_info ldap_lookup_module_info = { LOOKUP_MODULE_INFO_MAGIC, _lookup_list, 3 }; - - /* End of lookups/ldap.c */ -diff --git a/src/src/lookups/ldap.h b/src/src/lookups/ldap.h -index b0f0ae5..21069e0 100644 ---- a/src/src/lookups/ldap.h -+++ b/src/src/lookups/ldap.h -@@ -7,18 +7,9 @@ - /* Copyright (c) University of Cambridge 1995 - 2009 */ - /* See the file NOTICE for conditions of use and distribution. */ - --/* Header for the ldap lookups */ -+/* Header for eldapauth_find */ - --extern void *eldap_open(uschar *, uschar **); --extern int eldap_find(void *, uschar *, uschar *, int, uschar **, uschar **, -- BOOL *); - extern int eldapauth_find(void *, uschar *, uschar *, int, uschar **, - uschar **, BOOL *); --extern int eldapdn_find(void *, uschar *, uschar *, int, uschar **, -- uschar **, BOOL *); --extern int eldapm_find(void *, uschar *, uschar *, int, uschar **, -- uschar **, BOOL *); --extern void eldap_tidy(void); --extern uschar *eldap_quote(uschar *, uschar *); - - /* End of lookups/ldap.h */ -diff --git a/src/src/lookups/lsearch.c b/src/src/lookups/lsearch.c -index ccb4850..5d64638 100644 ---- a/src/src/lookups/lsearch.c -+++ b/src/src/lookups/lsearch.c -@@ -9,7 +9,6 @@ - - #include "../exim.h" - #include "lf_functions.h" --#include "lsearch.h" - - /* Codes for the different kinds of lsearch that are supported */ - -@@ -28,7 +27,7 @@ enum { - - /* See local README for interface description */ - --void * -+static void * - lsearch_open(uschar *filename, uschar **errmsg) - { - FILE *f = Ufopen(filename, "rb"); -@@ -48,7 +47,7 @@ return f; - * Check entry point * - *************************************************/ - --BOOL -+static BOOL - lsearch_check(void *handle, uschar *filename, int modemask, uid_t *owners, - gid_t *owngroups, uschar **errmsg) - { -@@ -324,7 +323,7 @@ return FAIL; - - /* See local README for interface description */ - --int -+static int - lsearch_find(void *handle, uschar *filename, uschar *keystring, int length, - uschar **result, uschar **errmsg, BOOL *do_cache) - { -@@ -341,7 +340,7 @@ return internal_lsearch_find(handle, filename, keystring, length, result, - - /* See local README for interface description */ - --int -+static int - wildlsearch_find(void *handle, uschar *filename, uschar *keystring, int length, - uschar **result, uschar **errmsg, BOOL *do_cache) - { -@@ -358,7 +357,7 @@ return internal_lsearch_find(handle, filename, keystring, length, result, - - /* See local README for interface description */ - --int -+static int - nwildlsearch_find(void *handle, uschar *filename, uschar *keystring, int length, - uschar **result, uschar **errmsg, BOOL *do_cache) - { -@@ -376,7 +375,7 @@ return internal_lsearch_find(handle, filename, keystring, length, result, - - /* See local README for interface description */ - --int -+static int - iplsearch_find(void *handle, uschar *filename, uschar *keystring, int length, - uschar **result, uschar **errmsg, BOOL *do_cache) - { -@@ -405,10 +404,64 @@ else - - /* See local README for interface description */ - --void -+static void - lsearch_close(void *handle) - { - (void)fclose((FILE *)handle); - } - -+static lookup_info iplsearch_lookup_info = { -+ US"iplsearch", /* lookup name */ -+ lookup_absfile, /* uses absolute file name */ -+ lsearch_open, /* open function */ -+ lsearch_check, /* check function */ -+ iplsearch_find, /* find function */ -+ lsearch_close, /* close function */ -+ NULL, /* no tidy function */ -+ NULL /* no quoting function */ -+}; -+ -+static lookup_info lsearch_lookup_info = { -+ US"lsearch", /* lookup name */ -+ lookup_absfile, /* uses absolute file name */ -+ lsearch_open, /* open function */ -+ lsearch_check, /* check function */ -+ lsearch_find, /* find function */ -+ lsearch_close, /* close function */ -+ NULL, /* no tidy function */ -+ NULL /* no quoting function */ -+}; -+ -+static lookup_info nwildlsearch_lookup_info = { -+ US"nwildlsearch", /* lookup name */ -+ lookup_absfile, /* uses absolute file name */ -+ lsearch_open, /* open function */ -+ lsearch_check, /* check function */ -+ nwildlsearch_find, /* find function */ -+ lsearch_close, /* close function */ -+ NULL, /* no tidy function */ -+ NULL /* no quoting function */ -+}; -+ -+static lookup_info wildlsearch_lookup_info = { -+ US"wildlsearch", /* lookup name */ -+ lookup_absfile, /* uses absolute file name */ -+ lsearch_open, /* open function */ -+ lsearch_check, /* check function */ -+ wildlsearch_find, /* find function */ -+ lsearch_close, /* close function */ -+ NULL, /* no tidy function */ -+ NULL /* no quoting function */ -+}; -+ -+#ifdef DYNLOOKUP -+#define lsearch_lookup_module_info _lookup_module_info -+#endif -+ -+static lookup_info *_lookup_list[] = { &iplsearch_lookup_info, -+ &lsearch_lookup_info, -+ &nwildlsearch_lookup_info, -+ &wildlsearch_lookup_info }; -+lookup_module_info lsearch_lookup_module_info = { LOOKUP_MODULE_INFO_MAGIC, _lookup_list, 4 }; -+ - /* End of lookups/lsearch.c */ -diff --git a/src/src/lookups/lsearch.h b/src/src/lookups/lsearch.h -deleted file mode 100644 -index 332b01c..0000000 ---- a/src/src/lookups/lsearch.h -+++ /dev/null -@@ -1,25 +0,0 @@ --/* $Cambridge: exim/src/src/lookups/lsearch.h,v 1.5 2009/11/16 19:50:38 nm4 Exp $ */ -- --/************************************************* --* Exim - an Internet mail transport agent * --*************************************************/ -- --/* Copyright (c) University of Cambridge 1995 - 2009 */ --/* See the file NOTICE for conditions of use and distribution. */ -- --/* Header for the lsearch and wildlsearch lookups */ -- --extern void *lsearch_open(uschar *, uschar **); --extern BOOL lsearch_check(void *, uschar *, int, uid_t *, gid_t *, uschar **); --extern int lsearch_find(void *, uschar *, uschar *, int, uschar **, -- uschar **, BOOL *); --extern void lsearch_close(void *); -- --extern int wildlsearch_find(void *, uschar *, uschar *, int, uschar **, -- uschar **, BOOL *); --extern int nwildlsearch_find(void *, uschar *, uschar *, int, uschar **, -- uschar **, BOOL *); --extern int iplsearch_find(void *, uschar *, uschar *, int, uschar **, -- uschar **, BOOL *); -- --/* End of lookups/lsearch.h */ -diff --git a/src/src/lookups/mysql.c b/src/src/lookups/mysql.c -index f2e9a15..97b9c11 100644 ---- a/src/src/lookups/mysql.c -+++ b/src/src/lookups/mysql.c -@@ -13,22 +13,6 @@ functions. */ - - #include "../exim.h" - #include "lf_functions.h" --#include "mysql.h" /* The local header */ -- -- --/* We can't just compile this code and allow the library mechanism to omit the --functions if they are not wanted, because we need to have the MYSQL header --available for compiling. Therefore, compile these functions only if --LOOKUP_MYSQL is defined. However, some compilers don't like compiling empty --modules, so keep them happy with a dummy when skipping the rest. Make it --reference itself to stop picky compilers complaining that it is unused, and put --in a dummy argument to stop even pickier compilers complaining about infinite --loops. */ -- --#ifndef LOOKUP_MYSQL --static void dummy(int x) { dummy(x-1); } --#else -- - - #include /* The system header */ - -@@ -51,7 +35,7 @@ static mysql_connection *mysql_connections = NULL; - - /* See local README for interface description. */ - --void * -+static void * - mysql_open(uschar *filename, uschar **errmsg) - { - return (void *)(1); /* Just return something non-null */ -@@ -65,7 +49,7 @@ return (void *)(1); /* Just return something non-null */ - - /* See local README for interface description. */ - --void -+static void - mysql_tidy(void) - { - mysql_connection *cn; -@@ -357,7 +341,7 @@ arguments are not used. The code to loop through a list of servers while the - query is deferred with a retryable error is now in a separate function that is - shared with other SQL lookups. */ - --int -+static int - mysql_find(void *handle, uschar *filename, uschar *query, int length, - uschar **result, uschar **errmsg, BOOL *do_cache) - { -@@ -387,7 +371,7 @@ Arguments: - Returns: the processed string or NULL for a bad option - */ - --uschar * -+static uschar * - mysql_quote(uschar *s, uschar *opt) - { - register int c; -@@ -429,7 +413,24 @@ while ((c = *s++) != 0) - return quoted; - } - -- --#endif /* MYSQL_LOOKUP */ -+/* These are the lookup_info blocks for this driver */ -+ -+static lookup_info mysql_lookup_info = { -+ US"mysql", /* lookup name */ -+ lookup_querystyle, /* query-style lookup */ -+ mysql_open, /* open function */ -+ NULL, /* no check function */ -+ mysql_find, /* find function */ -+ NULL, /* no close function */ -+ mysql_tidy, /* tidy function */ -+ mysql_quote /* quoting function */ -+}; -+ -+#ifdef DYNLOOKUP -+#define mysql_lookup_module_info _lookup_module_info -+#endif -+ -+static lookup_info *_lookup_list[] = { &mysql_lookup_info }; -+lookup_module_info mysql_lookup_module_info = { LOOKUP_MODULE_INFO_MAGIC, _lookup_list, 1 }; - - /* End of lookups/mysql.c */ -diff --git a/src/src/lookups/mysql.h b/src/src/lookups/mysql.h -deleted file mode 100644 -index df7b555..0000000 ---- a/src/src/lookups/mysql.h -+++ /dev/null -@@ -1,18 +0,0 @@ --/* $Cambridge: exim/src/src/lookups/mysql.h,v 1.5 2009/11/16 19:50:38 nm4 Exp $ */ -- --/************************************************* --* Exim - an Internet mail transport agent * --*************************************************/ -- --/* Copyright (c) University of Cambridge 1995 - 2009 */ --/* See the file NOTICE for conditions of use and distribution. */ -- --/* Header for the mysql lookup functions */ -- --extern void *mysql_open(uschar *, uschar **); --extern int mysql_find(void *, uschar *, uschar *, int, uschar **, uschar **, -- BOOL *); --extern void mysql_tidy(void); --extern uschar *mysql_quote(uschar *, uschar *); -- --/* End of lookups/mysql.h */ -diff --git a/src/src/lookups/nis.c b/src/src/lookups/nis.c -index ad04e0a..8177f4b 100644 ---- a/src/src/lookups/nis.c -+++ b/src/src/lookups/nis.c -@@ -9,19 +9,6 @@ - - #include "../exim.h" - #include "lf_functions.h" --#include "nis.h" -- --/* We can't just compile this code and allow the library mechanism to omit the --functions if they are not wanted, because we need to have the NIS header --available for compiling. Therefore, compile these functions only if LOOKUP_NIS --is defined. However, some compilers don't like compiling empty modules, so keep --them happy with a dummy when skipping the rest. Make it reference itself to --stop picky compilers complaining that it is unused, and put in a dummy argument --to stop even pickier compilers complaining about infinite loops. */ -- --#ifndef LOOKUP_NIS --static void dummy(int x) { dummy(x-1); } --#else - - #include - -@@ -33,7 +20,7 @@ static void dummy(int x) { dummy(x-1); } - /* See local README for interface description. This serves for both - the "nis" and "nis0" lookup types. */ - --void * -+static void * - nis_open(uschar *filename, uschar **errmsg) - { - char *nis_domain; -@@ -55,7 +42,7 @@ return nis_domain; - for nis0 because they are so short it isn't worth trying to use any common - code. */ - --int -+static int - nis_find(void *handle, uschar *filename, uschar *keystring, int length, - uschar **result, uschar **errmsg, BOOL *do_cache) - { -@@ -81,7 +68,7 @@ return (rc == YPERR_KEY || rc == YPERR_MAP)? FAIL : DEFER; - - /* See local README for interface description. */ - --int -+static int - nis0_find(void *handle, uschar *filename, uschar *keystring, int length, - uschar **result, uschar **errmsg, BOOL *do_cache) - { -@@ -99,6 +86,33 @@ if ((rc = yp_match(CS handle, CS filename, CS keystring, length + 1, - return (rc == YPERR_KEY || rc == YPERR_MAP)? FAIL : DEFER; - } - --#endif /* LOOKUP_NIS */ -+static lookup_info nis_lookup_info = { -+ US"nis", /* lookup name */ -+ 0, /* not abs file, not query style*/ -+ nis_open, /* open function */ -+ NULL, /* check function */ -+ nis_find, /* find function */ -+ NULL, /* no close function */ -+ NULL, /* no tidy function */ -+ NULL /* no quoting function */ -+}; -+ -+static lookup_info nis0_lookup_info = { -+ US"nis0", /* lookup name */ -+ 0, /* not absfile, not query style */ -+ nis_open, /* sic */ /* open function */ -+ NULL, /* check function */ -+ nis0_find, /* find function */ -+ NULL, /* no close function */ -+ NULL, /* no tidy function */ -+ NULL /* no quoting function */ -+}; -+ -+#ifdef DYNLOOKUP -+#define nis_lookup_module_info _lookup_module_info -+#endif -+ -+static lookup_info *_lookup_list[] = { &nis_lookup_info, &nis0_lookup_info }; -+lookup_module_info nis_lookup_module_info = { LOOKUP_MODULE_INFO_MAGIC, _lookup_list, 2 }; - - /* End of lookups/nis.c */ -diff --git a/src/src/lookups/nis.h b/src/src/lookups/nis.h -deleted file mode 100644 -index cd4ca58..0000000 ---- a/src/src/lookups/nis.h -+++ /dev/null -@@ -1,18 +0,0 @@ --/* $Cambridge: exim/src/src/lookups/nis.h,v 1.5 2009/11/16 19:50:38 nm4 Exp $ */ -- --/************************************************* --* Exim - an Internet mail transport agent * --*************************************************/ -- --/* Copyright (c) University of Cambridge 1995 - 2009 */ --/* See the file NOTICE for conditions of use and distribution. */ -- --/* Header for the nis and nis0 lookups */ -- --extern void *nis_open(uschar *, uschar **); --extern int nis_find(void *, uschar *, uschar *, int, uschar **, uschar **, -- BOOL *); --extern int nis0_find(void *, uschar *, uschar *, int, uschar **, uschar **, -- BOOL *); -- --/* End of lookups/nis.h */ -diff --git a/src/src/lookups/nisplus.c b/src/src/lookups/nisplus.c -index 33d4ffe..5213af3 100644 ---- a/src/src/lookups/nisplus.c -+++ b/src/src/lookups/nisplus.c -@@ -9,21 +9,6 @@ - - #include "../exim.h" - #include "lf_functions.h" --#include "nisplus.h" -- --/* We can't just compile this code and allow the library mechanism to omit the --functions if they are not wanted, because we need to have the NIS+ header --available for compiling. Therefore, compile these functions only if --LOOKUP_NISPLUS is defined. However, some compilers don't like compiling empty --modules, so keep them happy with a dummy when skipping the rest. Make it --reference itself to stop picky compilers complaining that it is unused, and put --in a dummy argument to stop even pickier compilers complaining about infinite --loops. */ -- --#ifndef LOOKUP_NISPLUS --static void dummy(int x) { dummy(x-1); } --#else -- - - #include - -@@ -34,7 +19,7 @@ static void dummy(int x) { dummy(x-1); } - - /* See local README for interface description. */ - --void * -+static void * - nisplus_open(uschar *filename, uschar **errmsg) - { - return (void *)(1); /* Just return something non-null */ -@@ -58,7 +43,7 @@ name tagged on the end after a colon. If there is no result-field name, the - yield is the concatenation of all the fields, preceded by their names and an - equals sign. */ - --int -+static int - nisplus_find(void *handle, uschar *filename, uschar *query, int length, - uschar **result, uschar **errmsg, BOOL *do_cache) - { -@@ -250,7 +235,7 @@ Arguments: - Returns: the processed string or NULL for a bad option - */ - --uschar * -+static uschar * - nisplus_quote(uschar *s, uschar *opt) - { - int count = 0; -@@ -274,6 +259,22 @@ while (*s != 0) - return quoted; - } - --#endif /* LOOKUP_NISPLUS */ -+static lookup_info _lookup_info = { -+ US"nisplus", /* lookup name */ -+ lookup_querystyle, /* query-style lookup */ -+ nisplus_open, /* open function */ -+ NULL, /* check function */ -+ nisplus_find, /* find function */ -+ NULL, /* no close function */ -+ NULL, /* no tidy function */ -+ nisplus_quote /* quoting function */ -+}; -+ -+#ifdef DYNLOOKUP -+#define nisplus_lookup_module_info _lookup_module_info -+#endif -+ -+static lookup_info *_lookup_list[] = { &_lookup_info }; -+lookup_module_info nisplus_lookup_module_info = { LOOKUP_MODULE_INFO_MAGIC, _lookup_list, 1 }; - - /* End of lookups/nisplus.c */ -diff --git a/src/src/lookups/nisplus.h b/src/src/lookups/nisplus.h -deleted file mode 100644 -index aa25696..0000000 ---- a/src/src/lookups/nisplus.h -+++ /dev/null -@@ -1,17 +0,0 @@ --/* $Cambridge: exim/src/src/lookups/nisplus.h,v 1.5 2009/11/16 19:50:38 nm4 Exp $ */ -- --/************************************************* --* Exim - an Internet mail transport agent * --*************************************************/ -- --/* Copyright (c) University of Cambridge 1995 - 2009 */ --/* See the file NOTICE for conditions of use and distribution. */ -- --/* Header for the nisplus lookup */ -- --extern void *nisplus_open(uschar *, uschar **); --extern int nisplus_find(void *, uschar *, uschar *, int, uschar **, -- uschar **, BOOL *); --extern uschar *nisplus_quote(uschar *, uschar *); -- --/* End of lookups/nisplus.h */ -diff --git a/src/src/lookups/oracle.c b/src/src/lookups/oracle.c -index 5997f19..50dfb4a 100644 ---- a/src/src/lookups/oracle.c -+++ b/src/src/lookups/oracle.c -@@ -15,27 +15,12 @@ some comments from my position of Oracle ignorance. */ - #include "../exim.h" - - --/* We can't just compile this code and allow the library mechanism to omit the --functions if they are not wanted, because we need to have the ORACLE headers --available for compiling. Therefore, compile these functions only if --LOOKUP_ORACLE is defined. However, some compilers don't like compiling empty --modules, so keep them happy with a dummy when skipping the rest. Make it --reference itself to stop picky compilers complaining that it is unused, and put --in a dummy argument to stop even pickier compilers complaining about infinite --loops. */ -- --#ifndef LOOKUP_ORACLE --static void dummy(int x) { dummy(x-1); } --#else -- - /* The Oracle system headers */ - - #include - #include - #include - --#include "oracle.h" /* The local header */ -- - #define PARSE_NO_DEFER 0 /* parse straight away */ - #define PARSE_V7_LNG 2 - #define MAX_ITEM_BUFFER_SIZE 1024 /* largest size of a cell of data */ -@@ -212,7 +197,7 @@ return col; - - /* See local README for interface description. */ - --void * -+static void * - oracle_open(uschar *filename, uschar **errmsg) - { - return (void *)(1); /* Just return something non-null */ -@@ -226,7 +211,7 @@ return (void *)(1); /* Just return something non-null */ - - /* See local README for interface description. */ - --void -+static void - oracle_tidy(void) - { - oracle_connection *cn; -@@ -532,7 +517,7 @@ else - arguments are not used. Loop through a list of servers while the query is - deferred with a retryable error. */ - --int -+static int - oracle_find(void *handle, uschar *filename, uschar *query, int length, - uschar **result, uschar **errmsg, BOOL *do_cache) - { -@@ -577,7 +562,7 @@ Arguments: - Returns: the processed string or NULL for a bad option - */ - --uschar * -+static uschar * - oracle_quote(uschar *s, uschar *opt) - { - register int c; -@@ -619,6 +604,22 @@ while ((c = *s++) != 0) - return quoted; - } - --#endif /* LOOKUP_ORACLE */ -+static lookup_info _lookup_info = { -+ US"oracle", /* lookup name */ -+ lookup_querystyle, /* query-style lookup */ -+ oracle_open, /* open function */ -+ NULL, /* check function */ -+ oracle_find, /* find function */ -+ NULL, /* no close function */ -+ oracle_tidy, /* tidy function */ -+ oracle_quote /* quoting function */ -+}; -+ -+#ifdef DYNLOOKUP -+#define oracle_lookup_module_info _lookup_module_info -+#endif -+ -+static lookup_info *_lookup_list[] = { &_lookup_info }; -+lookup_module_info oracle_lookup_module_info = { LOOKUP_MODULE_INFO_MAGIC, _lookup_list, 1 }; - - /* End of lookups/oracle.c */ -diff --git a/src/src/lookups/oracle.h b/src/src/lookups/oracle.h -deleted file mode 100644 -index b642796..0000000 ---- a/src/src/lookups/oracle.h -+++ /dev/null -@@ -1,18 +0,0 @@ --/* $Cambridge: exim/src/src/lookups/oracle.h,v 1.5 2009/11/16 19:50:38 nm4 Exp $ */ -- --/************************************************* --* Exim - an Internet mail transport agent * --*************************************************/ -- --/* Copyright (c) University of Cambridge 1995 - 2009 */ --/* See the file NOTICE for conditions of use and distribution. */ -- --/* Header for the Oracle lookup functions */ -- --extern void *oracle_open(uschar *, uschar **); --extern int oracle_find(void *, uschar *, uschar *, int, uschar **, -- uschar **, BOOL *); --extern void oracle_tidy(void); --extern uschar *oracle_quote(uschar *, uschar *); -- --/* End of lookups/oracle.h */ -diff --git a/src/src/lookups/passwd.c b/src/src/lookups/passwd.c -index 481be2c..420eefc 100644 ---- a/src/src/lookups/passwd.c -+++ b/src/src/lookups/passwd.c -@@ -8,7 +8,6 @@ - /* See the file NOTICE for conditions of use and distribution. */ - - #include "../exim.h" --#include "passwd.h" - - - -@@ -18,7 +17,7 @@ - - /* See local README for interface description */ - --void * -+static void * - passwd_open(uschar *filename, uschar **errmsg) - { - filename = filename; /* Keep picky compilers happy */ -@@ -35,7 +34,7 @@ return (void *)(-1); /* Just return something non-null */ - - /* See local README for interface description */ - --int -+static int - passwd_find(void *handle, uschar *filename, uschar *keystring, int length, - uschar **result, uschar **errmsg, BOOL *do_cache) - { -@@ -53,4 +52,22 @@ if (!route_finduser(keystring, &pw, NULL)) return FAIL; - return OK; - } - -+static lookup_info _lookup_info = { -+ US"passwd", /* lookup name */ -+ lookup_querystyle, /* query-style lookup */ -+ passwd_open, /* open function */ -+ NULL, /* no check function */ -+ passwd_find, /* find function */ -+ NULL, /* no close function */ -+ NULL, /* no tidy function */ -+ NULL /* no quoting function */ -+}; -+ -+#ifdef DYNLOOKUP -+#define passwd_lookup_module_info _lookup_module_info -+#endif -+ -+static lookup_info *_lookup_list[] = { &_lookup_info }; -+lookup_module_info passwd_lookup_module_info = { LOOKUP_MODULE_INFO_MAGIC, _lookup_list, 1 }; -+ - /* End of lookups/passwd.c */ -diff --git a/src/src/lookups/passwd.h b/src/src/lookups/passwd.h -deleted file mode 100644 -index 5624a01..0000000 ---- a/src/src/lookups/passwd.h -+++ /dev/null -@@ -1,16 +0,0 @@ --/* $Cambridge: exim/src/src/lookups/passwd.h,v 1.5 2009/11/16 19:50:38 nm4 Exp $ */ -- --/************************************************* --* Exim - an Internet mail transport agent * --*************************************************/ -- --/* Copyright (c) University of Cambridge 1995 - 2009 */ --/* See the file NOTICE for conditions of use and distribution. */ -- --/* Header for the passwd lookup */ -- --extern void *passwd_open(uschar *, uschar **); --extern int passwd_find(void *, uschar *, uschar *, int, uschar **, uschar **, -- BOOL *); -- --/* End of lookups/passwd.h */ -diff --git a/src/src/lookups/pgsql.c b/src/src/lookups/pgsql.c -index 287ddcd..5bd9627 100644 ---- a/src/src/lookups/pgsql.c -+++ b/src/src/lookups/pgsql.c -@@ -13,21 +13,6 @@ socket extension. */ - - #include "../exim.h" - #include "lf_functions.h" --#include "pgsql.h" /* The local header */ -- --/* We can't just compile this code and allow the library mechanism to omit the --functions if they are not wanted, because we need to have the PGSQL header --available for compiling. Therefore, compile these functions only if --LOOKUP_PGSQL is defined. However, some compilers don't like compiling empty --modules, so keep them happy with a dummy when skipping the rest. Make it --reference itself to stop picky compilers complaining that it is unused, and put --in a dummy argument to stop even pickier compilers complaining about infinite --loops. */ -- --#ifndef LOOKUP_PGSQL --static void dummy(int x) { dummy(x-1); } --#else -- - - #include /* The system header */ - -@@ -49,7 +34,7 @@ static pgsql_connection *pgsql_connections = NULL; - - /* See local README for interface description. */ - --void * -+static void * - pgsql_open(uschar *filename, uschar **errmsg) - { - return (void *)(1); /* Just return something non-null */ -@@ -63,7 +48,7 @@ return (void *)(1); /* Just return something non-null */ - - /* See local README for interface description. */ - --void -+static void - pgsql_tidy(void) - { - pgsql_connection *cn; -@@ -414,7 +399,7 @@ arguments are not used. The code to loop through a list of servers while the - query is deferred with a retryable error is now in a separate function that is - shared with other SQL lookups. */ - --int -+static int - pgsql_find(void *handle, uschar *filename, uschar *query, int length, - uschar **result, uschar **errmsg, BOOL *do_cache) - { -@@ -454,7 +439,7 @@ Arguments: - Returns: the processed string or NULL for a bad option - */ - --uschar * -+static uschar * - pgsql_quote(uschar *s, uschar *opt) - { - register int c; -@@ -501,6 +486,22 @@ while ((c = *s++) != 0) - return quoted; - } - --#endif /* PGSQL_LOOKUP */ -+static lookup_info _lookup_info = { -+ US"pgsql", /* lookup name */ -+ lookup_querystyle, /* query-style lookup */ -+ pgsql_open, /* open function */ -+ NULL, /* no check function */ -+ pgsql_find, /* find function */ -+ NULL, /* no close function */ -+ pgsql_tidy, /* tidy function */ -+ pgsql_quote /* quoting function */ -+}; -+ -+#ifdef DYNLOOKUP -+#define pgsql_lookup_module_info _lookup_module_info -+#endif -+ -+static lookup_info *_lookup_list[] = { &_lookup_info }; -+lookup_module_info pgsql_lookup_module_info = { LOOKUP_MODULE_INFO_MAGIC, _lookup_list, 1 }; - - /* End of lookups/pgsql.c */ -diff --git a/src/src/lookups/pgsql.h b/src/src/lookups/pgsql.h -deleted file mode 100644 -index 228e314..0000000 ---- a/src/src/lookups/pgsql.h -+++ /dev/null -@@ -1,18 +0,0 @@ --/* $Cambridge: exim/src/src/lookups/pgsql.h,v 1.5 2009/11/16 19:50:38 nm4 Exp $ */ -- --/************************************************* --* Exim - an Internet mail transport agent * --*************************************************/ -- --/* Copyright (c) University of Cambridge 1995 - 2009 */ --/* See the file NOTICE for conditions of use and distribution. */ -- --/* Header for the pgsql lookup functions */ -- --extern void *pgsql_open(uschar *, uschar **); --extern int pgsql_find(void *, uschar *, uschar *, int, uschar **, uschar **, -- BOOL *); --extern void pgsql_tidy(void); --extern uschar *pgsql_quote(uschar *, uschar *); -- --/* End of lookups/pgsql.h */ -diff --git a/src/src/lookups/spf.c b/src/src/lookups/spf.c -index ee2a2c7..2ca4bba 100644 ---- a/src/src/lookups/spf.c -+++ b/src/src/lookups/spf.c -@@ -24,7 +24,6 @@ static void dummy(int x) { dummy(x-1); } - #else - - #include "lf_functions.h" --#include "spf.h" - #ifndef HAVE_NS_TYPE - #define HAVE_NS_TYPE - #endif -@@ -32,7 +31,7 @@ static void dummy(int x) { dummy(x-1); } - #include - #include - --void *spf_open(uschar *filename, uschar **errmsg) { -+static void *spf_open(uschar *filename, uschar **errmsg) { - SPF_server_t *spf_server = NULL; - spf_server = SPF_server_new(SPF_DNS_CACHE, 0); - if (spf_server == NULL) { -@@ -42,12 +41,12 @@ void *spf_open(uschar *filename, uschar **errmsg) { - return (void *) spf_server; - } - --void spf_close(void *handle) { -+static void spf_close(void *handle) { - SPF_server_t *spf_server = handle; - if (spf_server) SPF_server_free(spf_server); - } - --int spf_find(void *handle, uschar *filename, uschar *keystring, int key_len, -+static int spf_find(void *handle, uschar *filename, uschar *keystring, int key_len, - uschar **result, uschar **errmsg, BOOL *do_cache) { - SPF_server_t *spf_server = handle; - SPF_request_t *spf_request = NULL; -@@ -75,4 +74,22 @@ int spf_find(void *handle, uschar *filename, uschar *keystring, int key_len, - return OK; - } - -+static lookup_info _lookup_info = { -+ US"spf", /* lookup name */ -+ 0, /* not absfile, not query style */ -+ spf_open, /* open function */ -+ NULL, /* no check function */ -+ spf_find, /* find function */ -+ spf_close, /* close function */ -+ NULL, /* no tidy function */ -+ NULL /* no quoting function */ -+}; -+ -+#ifdef DYNLOOKUP -+#define spf_lookup_module_info _lookup_module_info -+#endif -+ -+static lookup_info *_lookup_list[] = { &_lookup_info }; -+lookup_module_info spf_lookup_module_info = { LOOKUP_MODULE_INFO_MAGIC, _lookup_list, 1 }; -+ - #endif /* EXPERIMENTAL_SPF */ -diff --git a/src/src/lookups/spf.h b/src/src/lookups/spf.h -deleted file mode 100644 -index 6b9056a..0000000 ---- a/src/src/lookups/spf.h -+++ /dev/null -@@ -1,26 +0,0 @@ --/* $Cambridge: exim/src/src/lookups/spf.h,v 1.1 2005/05/25 20:07:55 tom Exp $ */ -- --/************************************************* --* Exim - an Internet mail transport agent * --*************************************************/ -- --/* -- * Exim - SPF lookup module using libspf2 -- * ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -- * -- * Copyright (c) 2005 Chris Webb, Arachsys Internet Services Ltd -- * -- * This program is free software; you can redistribute it and/or -- * modify it under the terms of the GNU General Public License -- * as published by the Free Software Foundation; either version 2 -- * of the License, or (at your option) any later version. -- * --*/ -- -- -- --extern void *spf_open(uschar *, uschar **); --extern void spf_close(void *); --extern int spf_find(void *, uschar *, uschar *, int, uschar **, uschar **, -- BOOL *); -- -diff --git a/src/src/lookups/sqlite.c b/src/src/lookups/sqlite.c -index 654c5c6..5759c43 100644 ---- a/src/src/lookups/sqlite.c -+++ b/src/src/lookups/sqlite.c -@@ -9,11 +9,7 @@ - - #include "../exim.h" - #include "lf_functions.h" --#include "sqlite.h" - --#ifndef LOOKUP_SQLITE --static void dummy(int x) { dummy(x-1); } --#else - #include - - -@@ -23,7 +19,7 @@ static void dummy(int x) { dummy(x-1); } - - /* See local README for interface description. */ - --void * -+static void * - sqlite_open(uschar *filename, uschar **errmsg) - { - sqlite3 *db = NULL; -@@ -85,7 +81,7 @@ return 0; - } - - --int -+static int - sqlite_find(void *handle, uschar *filename, uschar *query, int length, - uschar **result, uschar **errmsg, BOOL *do_cache) - { -@@ -113,7 +109,7 @@ return OK; - - /* See local README for interface description. */ - --void sqlite_close(void *handle) -+static void sqlite_close(void *handle) - { - sqlite3_close(handle); - } -@@ -134,7 +130,7 @@ Arguments: - Returns: the processed string or NULL for a bad option - */ - --uschar * -+static uschar * - sqlite_quote(uschar *s, uschar *opt) - { - register int c; -@@ -159,6 +155,22 @@ while ((c = *s++) != 0) - return quoted; - } - --#endif /* LOOKUP_SQLITE */ -+static lookup_info _lookup_info = { -+ US"sqlite", /* lookup name */ -+ lookup_absfilequery, /* query-style lookup, starts with file name */ -+ sqlite_open, /* open function */ -+ NULL, /* no check function */ -+ sqlite_find, /* find function */ -+ sqlite_close, /* close function */ -+ NULL, /* no tidy function */ -+ sqlite_quote /* quoting function */ -+}; -+ -+#ifdef DYNLOOKUP -+#define sqlite_lookup_module_info _lookup_module_info -+#endif -+ -+static lookup_info *_lookup_list[] = { &_lookup_info }; -+lookup_module_info sqlite_lookup_module_info = { LOOKUP_MODULE_INFO_MAGIC, _lookup_list, 1 }; - - /* End of lookups/sqlite.c */ -diff --git a/src/src/lookups/sqlite.h b/src/src/lookups/sqlite.h -deleted file mode 100644 -index 15df25f..0000000 ---- a/src/src/lookups/sqlite.h -+++ /dev/null -@@ -1,18 +0,0 @@ --/* $Cambridge: exim/src/src/lookups/sqlite.h,v 1.4 2009/11/16 19:50:38 nm4 Exp $ */ -- --/************************************************* --* Exim - an Internet mail transport agent * --*************************************************/ -- --/* Copyright (c) University of Cambridge 1995 - 2009 */ --/* See the file NOTICE for conditions of use and distribution. */ -- --/* Header for the sqlite lookup */ -- --extern void *sqlite_open(uschar *, uschar **); --extern int sqlite_find(void *, uschar *, uschar *, int, uschar **, -- uschar **, BOOL *); --extern void sqlite_close(void *); --extern uschar *sqlite_quote(uschar *, uschar *); -- --/* End of lookups/sqlite.h */ -diff --git a/src/src/lookups/testdb.c b/src/src/lookups/testdb.c -index ec23e13..03404d8 100644 ---- a/src/src/lookups/testdb.c -+++ b/src/src/lookups/testdb.c -@@ -9,7 +9,6 @@ - - #include "../exim.h" - #include "lf_functions.h" --#include "testdb.h" - - - /* These are not real lookup functions; they are just a way of testing the -@@ -23,7 +22,7 @@ the find function. */ - - /* See local README for interface description. */ - --void * -+static void * - testdb_open(uschar *filename, uschar **errmsg) - { - filename = filename; /* Keep picky compilers happy */ -@@ -39,7 +38,7 @@ return (void *)(1); /* Just return something non-null */ - - /* See local README for interface description. */ - --int -+static int - testdb_find(void *handle, uschar *filename, uschar *query, int length, - uschar **result, uschar **errmsg, BOOL *do_cache) - { -@@ -66,4 +65,22 @@ if (Ustrcmp(query, "nocache") == 0) *do_cache = FALSE; - return OK; - } - -+static lookup_info _lookup_info = { -+ US"testdb", /* lookup name */ -+ lookup_querystyle, /* query-style lookup */ -+ testdb_open, /* open function */ -+ NULL, /* check function */ -+ testdb_find, /* find function */ -+ NULL, /* no close function */ -+ NULL, /* no tidy function */ -+ NULL /* no quoting function */ -+}; -+ -+#ifdef DYNLOOKUP -+#define testdb_lookup_module_info _lookup_module_info -+#endif -+ -+static lookup_info *_lookup_list[] = { &_lookup_info }; -+lookup_module_info testdb_lookup_module_info = { LOOKUP_MODULE_INFO_MAGIC, _lookup_list, 1 }; -+ - /* End of lookups/testdb.c */ -diff --git a/src/src/lookups/testdb.h b/src/src/lookups/testdb.h -deleted file mode 100644 -index 0e9cdde..0000000 ---- a/src/src/lookups/testdb.h -+++ /dev/null -@@ -1,16 +0,0 @@ --/* $Cambridge: exim/src/src/lookups/testdb.h,v 1.5 2009/11/16 19:50:38 nm4 Exp $ */ -- --/************************************************* --* Exim - an Internet mail transport agent * --*************************************************/ -- --/* Copyright (c) University of Cambridge 1995 - 2009 */ --/* See the file NOTICE for conditions of use and distribution. */ -- --/* Header for the testdb lookup */ -- --extern void *testdb_open(uschar *, uschar **); --extern int testdb_find(void *, uschar *, uschar *, int, uschar **, uschar **, -- BOOL *); -- --/* End of lookups/testdb.h */ -diff --git a/src/src/lookups/whoson.c b/src/src/lookups/whoson.c -index 3b0960f..d197905 100644 ---- a/src/src/lookups/whoson.c -+++ b/src/src/lookups/whoson.c -@@ -12,22 +12,7 @@ - #include "../exim.h" - - --/* We can't just compile this code and allow the library mechanism to omit the --functions if they are not wanted, because we need to have the WHOSON headers --available for compiling. Therefore, compile these functions only if --LOOKUP_WHOSON is defined. However, some compilers don't like compiling empty --modules, so keep them happy with a dummy when skipping the rest. Make it --reference itself to stop picky compilers complaining that it is unused, and put --in a dummy argument to stop even pickier compilers complaining about infinite --loops. */ -- --#ifndef LOOKUP_WHOSON --static void dummy(int x) { dummy(x-1); } --#else -- -- - #include /* Public header */ --#include "whoson.h" /* Local header */ - - - /************************************************* -@@ -36,7 +21,7 @@ static void dummy(int x) { dummy(x-1); } - - /* See local README for interface description. */ - --void * -+static void * - whoson_open(uschar *filename, uschar **errmsg) - { - filename = filename; /* Keep picky compilers happy */ -@@ -51,7 +36,7 @@ return (void *)(1); /* Just return something non-null */ - - /* See local README for interface description. */ - --int -+static int - whoson_find(void *handle, uschar *filename, uschar *query, int length, - uschar **result, uschar **errmsg, BOOL *do_cache) - { -@@ -77,6 +62,22 @@ switch (wso_query(query, CS buffer, sizeof(buffer))) - } - } - --#endif /* LOOKUP_WHOSON */ -+static lookup_info _lookup_info = { -+ US"whoson", /* lookup name */ -+ lookup_querystyle, /* query-style lookup */ -+ whoson_open, /* open function */ -+ NULL, /* check function */ -+ whoson_find, /* find function */ -+ NULL, /* no close function */ -+ NULL, /* no tidy function */ -+ NULL /* no quoting function */ -+}; -+ -+#ifdef DYNLOOKUP -+#define whoson_lookup_module_info _lookup_module_info -+#endif -+ -+static lookup_info *_lookup_list[] = { &_lookup_info }; -+lookup_module_info whoson_lookup_module_info = { LOOKUP_MODULE_INFO_MAGIC, _lookup_list, 1 }; - - /* End of lookups/whoson.c */ -diff --git a/src/src/lookups/whoson.h b/src/src/lookups/whoson.h -deleted file mode 100644 -index 2a3a5c0..0000000 ---- a/src/src/lookups/whoson.h -+++ /dev/null -@@ -1,16 +0,0 @@ --/* $Cambridge: exim/src/src/lookups/whoson.h,v 1.5 2009/11/16 19:50:38 nm4 Exp $ */ -- --/************************************************* --* Exim - an Internet mail transport agent * --*************************************************/ -- --/* Copyright (c) University of Cambridge 1995 - 2009 */ --/* See the file NOTICE for conditions of use and distribution. */ -- --/* Header for the whoson lookup */ -- --extern void *whoson_open(uschar *, uschar **); --extern int whoson_find(void *, uschar *, uschar *, int, uschar **, uschar **, -- BOOL *); -- --/* End of lookups/whoson.h */ -diff --git a/src/src/macros.h b/src/src/macros.h -index 09bc601..3f24025 100644 ---- a/src/src/macros.h -+++ b/src/src/macros.h -@@ -96,7 +96,7 @@ don't make the file descriptors two-way. */ - - /* A macro to simplify testing bits in lookup types */ - --#define mac_islookup(a,b) ((lookup_list[a].type & (b)) != 0) -+#define mac_islookup(a,b) ((lookup_list[a]->type & (b)) != 0) - - /* Debugging control */ - -diff --git a/src/src/search.c b/src/src/search.c -index 6e52cf2..528dc72 100644 ---- a/src/src/search.c -+++ b/src/src/search.c -@@ -71,7 +71,7 @@ int top = lookup_list_count; - while (top > bot) - { - int mid = (top + bot)/2; -- int c = Ustrncmp(name, lookup_list[mid].name, len); -+ int c = Ustrncmp(name, lookup_list[mid]->name, len); - - /* If c == 0 we have matched the incoming name with the start of the search - type name. However, some search types are substrings of others (e.g. nis and -@@ -81,9 +81,9 @@ while (top > bot) - are testing. By leaving c == 0 when the lengths are different, and doing a - > 0 test below, this all falls out correctly. */ - -- if (c == 0 && Ustrlen(lookup_list[mid].name) == len) -+ if (c == 0 && Ustrlen(lookup_list[mid]->name) == len) - { -- if (lookup_list[mid].find != NULL) return mid; -+ if (lookup_list[mid]->find != NULL) return mid; - search_error_message = string_sprintf("lookup type \"%.*s\" is not " - "available (not in the binary - check buildtime LOOKUP configuration)", - len, name); -@@ -237,8 +237,8 @@ if (t->left != NULL) tidyup_subtree(t->left); - if (t->right != NULL) tidyup_subtree(t->right); - if (c != NULL && - c->handle != NULL && -- lookup_list[c->search_type].close != NULL) -- lookup_list[c->search_type].close(c->handle); -+ lookup_list[c->search_type]->close != NULL) -+ lookup_list[c->search_type]->close(c->handle); - } - - -@@ -270,7 +270,7 @@ open_filecount = 0; - /* Call the general tidyup entry for any drivers that have one. */ - - for (i = 0; i < lookup_list_count; i++) -- if (lookup_list[i].tidy != NULL) (lookup_list[i].tidy)(); -+ if (lookup_list[i]->tidy != NULL) (lookup_list[i]->tidy)(); - - if (search_reset_point != NULL) store_reset(search_reset_point); - search_reset_point = NULL; -@@ -335,7 +335,7 @@ search_open(uschar *filename, int search_type, int modemask, uid_t *owners, - void *handle; - tree_node *t; - search_cache *c; --lookup_info *lk = lookup_list + search_type; -+lookup_info *lk = lookup_list[search_type]; - uschar keybuffer[256]; - int old_pool = store_pool; - -@@ -388,7 +388,7 @@ if (lk->type == lookup_absfile && open_filecount >= lookup_open_max) - ((search_cache *)(open_bot->data.ptr))->down = NULL; - else - open_top = NULL; -- ((lookup_list + c->search_type)->close)(c->handle); -+ ((lookup_list[c->search_type])->close)(c->handle); - c->handle = NULL; - open_filecount--; - } -@@ -480,7 +480,7 @@ search_find_defer = FALSE; - - DEBUG(D_lookup) debug_printf("internal_search_find: file=\"%s\"\n " - "type=%s key=\"%s\"\n", filename, -- lookup_list[search_type].name, keystring); -+ lookup_list[search_type]->name, keystring); - - /* Insurance. If the keystring is empty, just fail. */ - -@@ -511,7 +511,7 @@ if ((t = tree_search(c->item_cache, keystring)) == NULL) - like FAIL, except that search_find_defer is set so the caller can - distinguish if necessary. */ - -- if (lookup_list[search_type].find(c->handle, filename, keystring, keylength, -+ if (lookup_list[search_type]->find(c->handle, filename, keystring, keylength, - &data, &search_error_message, &do_cache) == DEFER) - { - search_find_defer = TRUE; -@@ -622,7 +622,7 @@ DEBUG(D_lookup) - that opens real files. */ - - if (open_top != (tree_node *)handle && -- lookup_list[t->name[0]-'0'].type == lookup_absfile) -+ lookup_list[t->name[0]-'0']->type == lookup_absfile) - { - search_cache *c = (search_cache *)(t->data.ptr); - tree_node *up = c->up; -diff --git a/src/src/structs.h b/src/src/structs.h -index cf967a6..483539f 100644 ---- a/src/src/structs.h -+++ b/src/src/structs.h -@@ -322,34 +322,7 @@ typedef struct router_info { - - /* Structure for holding information about a lookup type. */ - --typedef struct lookup_info { -- uschar *name; /* e.g. "lsearch" */ -- int type; /* query/singlekey/abs-file */ -- void *(*open)( /* open function */ -- uschar *, /* file name for those that have one */ -- uschar **); /* for error message */ -- BOOL (*check)( /* file checking function */ -- void *, /* handle */ -- uschar *, /* file name */ -- int, /* modemask for file checking */ -- uid_t *, /* owners for file checking */ -- gid_t *, /* owngroups for file checking */ -- uschar **); /* for error messages */ -- int (*find)( /* find function */ -- void *, /* handle */ -- uschar *, /* file name or NULL */ -- uschar *, /* key or query */ -- int, /* length of key or query */ -- uschar **, /* for returning answer */ -- uschar **, /* for error message */ -- BOOL *); /* to request cache cleanup */ -- void (*close)( /* close function */ -- void *); /* handle */ -- void (*tidy)(void); /* tidy function */ -- uschar *(*quote)( /* quoting function */ -- uschar *, /* string to quote */ -- uschar *); /* additional data from quote name */ --} lookup_info; -+#include "lookupapi.h" - - - /* Structure for holding information about the configured authentication -diff --git a/src/src/verify.c b/src/src/verify.c -index 371883a..1ead302 100644 ---- a/src/src/verify.c -+++ b/src/src/verify.c -@@ -2256,7 +2256,7 @@ if (iplookup) - } - else /* Single-key style */ - { -- int sep = (Ustrcmp(lookup_list[search_type].name, "iplsearch") == 0)? -+ int sep = (Ustrcmp(lookup_list[search_type]->name, "iplsearch") == 0)? - ':' : '.'; - insize = host_aton(cb->host_address, incoming); - host_mask(insize, incoming, mlen); diff --git a/sources b/sources index 49c10e7..5e3db47 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -b32fb85c5161ad2fabfe9ba860a1ad2c exim-4.73.tar.bz2 +58e784b33c7a2ab335ec6400346d6362 exim-4.76.tar.bz2 From a5d6cb30b4bc8876858c64a4ea5bd3f3a286b608 Mon Sep 17 00:00:00 2001 From: David Woodhouse Date: Mon, 9 May 2011 13:11:27 +0100 Subject: [PATCH 102/194] Update to 4.76 --- exim-4.73-config.patch | 2 +- exim.spec | 9 +++++---- 2 files changed, 6 insertions(+), 5 deletions(-) diff --git a/exim-4.73-config.patch b/exim-4.73-config.patch index 06418e7..40d16cd 100644 --- a/exim-4.73-config.patch +++ b/exim-4.73-config.patch @@ -255,7 +255,7 @@ -# EXTRALIBS_EXIM=-L/usr/local/lib -lwrap +USE_TCP_WRAPPERS=yes +CFLAGS+=$(RPM_OPT_FLAGS) $(PIE) -+EXTRALIBS_EXIM=-lwrap -lpam -ldl ++EXTRALIBS_EXIM=-lwrap -lpam -ldl -export-dynamic -rdynamic # # but of course there may need to be other things in CFLAGS and EXTRALIBS_EXIM # as well. diff --git a/exim.spec b/exim.spec index 2207ec7..a5c2dd5 100644 --- a/exim.spec +++ b/exim.spec @@ -11,8 +11,8 @@ Summary: The exim mail transfer agent Name: exim -Version: 4.73 -Release: 3%{?dist} +Version: 4.76 +Release: 1%{?dist} License: GPLv2+ Url: http://www.exim.org/ Group: System Environment/Daemons @@ -50,7 +50,6 @@ Patch20: exim-4.63-allow-filter.patch Patch21: exim-4.63-localhost-is-local.patch Patch22: exim-4.66-greylist-conf.patch Patch23: exim-4.67-smarthost-config.patch -Patch24: exim-4.73-dynlookup.patch Patch25: exim-4.69-dynlookup-config.patch Patch26: exim-4.69-strictaliasing.patch @@ -180,7 +179,6 @@ greylisting unconditional. %patch21 -p1 -b .localhost %patch22 -p1 -b .grey %patch23 -p1 -b .smarthost -%patch24 -p2 -b .dynlookup %patch25 -p1 -b .dynconfig %patch26 -p1 -b .strictaliasing @@ -502,6 +500,9 @@ test "$1" = 0 || %{_initrddir}/clamd.exim condrestart >/dev/null || : %{_sysconfdir}/cron.daily/greylist-tidy.sh %changelog +* Mon May 09 2011 David Woodhouse - 4.76-1 +- Update to 4.76 (fixes CVS-2011-1764) + * Wed Mar 23 2011 Dan Horák - 4.73-3 - rebuilt for mysql 5.5.10 (soname bump in libmysqlclient) From 63e4d61bcd54cfe740a697110775b32fba60c253 Mon Sep 17 00:00:00 2001 From: David Woodhouse Date: Mon, 9 May 2011 13:12:06 +0100 Subject: [PATCH 103/194] Bump release. fedpkg lets you *tag* with outstanding changes but not build. Useful! --- exim.spec | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/exim.spec b/exim.spec index a5c2dd5..d9101a0 100644 --- a/exim.spec +++ b/exim.spec @@ -12,7 +12,7 @@ Summary: The exim mail transfer agent Name: exim Version: 4.76 -Release: 1%{?dist} +Release: 2%{?dist} License: GPLv2+ Url: http://www.exim.org/ Group: System Environment/Daemons From d83e6fc83b06069c5c9b249f5112ca75fcaa80d3 Mon Sep 17 00:00:00 2001 From: David Woodhouse Date: Sun, 15 May 2011 22:27:56 +0100 Subject: [PATCH 104/194] fix CVE and bug references in changelog (and bump release for it --- exim.spec | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/exim.spec b/exim.spec index d9101a0..10f449a 100644 --- a/exim.spec +++ b/exim.spec @@ -12,7 +12,7 @@ Summary: The exim mail transfer agent Name: exim Version: 4.76 -Release: 2%{?dist} +Release: 3%{?dist} License: GPLv2+ Url: http://www.exim.org/ Group: System Environment/Daemons @@ -500,8 +500,8 @@ test "$1" = 0 || %{_initrddir}/clamd.exim condrestart >/dev/null || : %{_sysconfdir}/cron.daily/greylist-tidy.sh %changelog -* Mon May 09 2011 David Woodhouse - 4.76-1 -- Update to 4.76 (fixes CVS-2011-1764) +* Mon May 09 2011 David Woodhouse - 4.76-3 +- Update to 4.76 (fixes CVE-2011-1407, CVE-2011-1764) (#702474) * Wed Mar 23 2011 Dan Horák - 4.73-3 - rebuilt for mysql 5.5.10 (soname bump in libmysqlclient) From 6f5296494f3e64b4224df0cce172a9240c774379 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marcela=20Ma=C5=A1l=C3=A1=C5=88ov=C3=A1?= Date: Thu, 16 Jun 2011 13:33:32 +0200 Subject: [PATCH 105/194] Perl mass rebuild --- exim.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/exim.spec b/exim.spec index 10f449a..0e9f01c 100644 --- a/exim.spec +++ b/exim.spec @@ -12,7 +12,7 @@ Summary: The exim mail transfer agent Name: exim Version: 4.76 -Release: 3%{?dist} +Release: 4%{?dist} License: GPLv2+ Url: http://www.exim.org/ Group: System Environment/Daemons @@ -500,6 +500,9 @@ test "$1" = 0 || %{_initrddir}/clamd.exim condrestart >/dev/null || : %{_sysconfdir}/cron.daily/greylist-tidy.sh %changelog +* Thu Jun 16 2011 Marcela Mašláňová - 4.76-4 +- Perl mass rebuild + * Mon May 09 2011 David Woodhouse - 4.76-3 - Update to 4.76 (fixes CVE-2011-1407, CVE-2011-1764) (#702474) From a764d9907cd1476504e5ce453162228529aa03fa Mon Sep 17 00:00:00 2001 From: Dennis Gilmore Date: Thu, 12 Jan 2012 20:07:49 -0600 Subject: [PATCH 106/194] - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild --- exim.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/exim.spec b/exim.spec index 0e9f01c..e2bb54a 100644 --- a/exim.spec +++ b/exim.spec @@ -12,7 +12,7 @@ Summary: The exim mail transfer agent Name: exim Version: 4.76 -Release: 4%{?dist} +Release: 5%{?dist} License: GPLv2+ Url: http://www.exim.org/ Group: System Environment/Daemons @@ -500,6 +500,9 @@ test "$1" = 0 || %{_initrddir}/clamd.exim condrestart >/dev/null || : %{_sysconfdir}/cron.daily/greylist-tidy.sh %changelog +* Fri Jan 13 2012 Fedora Release Engineering - 4.76-5 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild + * Thu Jun 16 2011 Marcela Mašláňová - 4.76-4 - Perl mass rebuild From d66e6e70e0d6da62cd2b310bbb218ccb7dc7a472 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jaroslav=20=C5=A0karvada?= Date: Thu, 2 Feb 2012 11:06:27 +0100 Subject: [PATCH 107/194] =?UTF-8?q?Introduced=20systemd=20unit=20file,=20t?= =?UTF-8?q?hanks=20to=20J=C3=B3hann=20B.=20Gu=C3=B0mundsson=20?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Resoloves: rhbz#721354 - Provided SysV initscripts in sysvinit subpackages - Used PrivateTmp Resolves: rhbz#782502 --- clamd.exim.service | 11 ++++ exim-gen-cert | 37 +++++++++++++ exim.service | 14 +++++ exim.spec | 132 +++++++++++++++++++++++++++++++++++++++------ 4 files changed, 179 insertions(+), 15 deletions(-) create mode 100644 clamd.exim.service create mode 100644 exim-gen-cert create mode 100644 exim.service diff --git a/clamd.exim.service b/clamd.exim.service new file mode 100644 index 0000000..2f60a66 --- /dev/null +++ b/clamd.exim.service @@ -0,0 +1,11 @@ +[Unit] +Description=Clamd Exim An Interface Between MTA And Content Checkers +After=network.target + +[Service] +Type=forking +PIDFile=/run/clamd.exim/clamd.pid +ExecStart=/usr/sbin/clamd -c /etc/clamd.d/exim.conf + +[Install] +WantedBy=multi-user.target diff --git a/exim-gen-cert b/exim-gen-cert new file mode 100644 index 0000000..811efda --- /dev/null +++ b/exim-gen-cert @@ -0,0 +1,37 @@ +#!/bin/bash + +. /etc/sysconfig/network + +gen_cert() { + if [ ! -f /etc/pki/tls/certs/exim.pem ] ; then + umask 077 + FQDN=`hostname` + if [ "x${FQDN}" = "x" ]; then + FQDN=localhost.localdomain + fi + echo -n $"Generating exim certificate: " + cat << EOF | openssl req -new -x509 -days 365 -nodes \ + -out /etc/pki/tls/certs/exim.pem \ + -keyout /etc/pki/tls/private/exim.pem &>/dev/null +-- +SomeState +SomeCity +SomeOrganization +SomeOrganizationalUnit +${FQDN} +root@${FQDN} +EOF + if [ $? -eq 0 ]; then + success + chown exim.exim /etc/pki/tls/{private,certs}/exim.pem + chmod 600 /etc/pki/tls/{private,certs}/exim.pem + else + failure + fi + echo + fi +} + +gen_cert + +exit 0 diff --git a/exim.service b/exim.service new file mode 100644 index 0000000..e6a82ba --- /dev/null +++ b/exim.service @@ -0,0 +1,14 @@ +[Unit] +Description=Exim Mail Transport Agent +After=network.target +Conflicts=sendmail.service postfix.service + +[Service] +PrivateTmp=true +Environment=QUEUE=1h +EnvironmentFile=-/etc/sysconfig/exim +ExecStartPre=-/usr/libexec/exim-gen-cert +ExecStart=/usr/sbin/exim -bd -q${QUEUE} + +[Install] +WantedBy=multi-user.target diff --git a/exim.spec b/exim.spec index e2bb54a..111a193 100644 --- a/exim.spec +++ b/exim.spec @@ -9,17 +9,20 @@ %define buildclam 1 %endif +%global sysv2systemdnvr 4.76-6 + Summary: The exim mail transfer agent Name: exim Version: 4.76 -Release: 5%{?dist} +Release: 6%{?dist} License: GPLv2+ Url: http://www.exim.org/ Group: System Environment/Daemons Buildroot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) Provides: MTA smtpd smtpdaemon server(smtp) -Requires(post): /sbin/chkconfig /sbin/service %{_sbindir}/alternatives -Requires(preun): /sbin/chkconfig /sbin/service %{_sbindir}/alternatives +Requires(post): /sbin/chkconfig /sbin/service %{_sbindir}/alternatives systemd-units systemd-sysv +Requires(preun): %{_sbindir}/alternatives systemd-units +Requires(postun): %{_sbindir}/alternatives systemd-units Requires(pre): %{_sbindir}/groupadd, %{_sbindir}/useradd %if 0%{?buildclam} BuildRequires: clamav-devel @@ -37,6 +40,9 @@ Source20: exim-greylist.conf.inc Source21: mk-greylist-db.sql Source22: greylist-tidy.sh Source23: trusted-configs +Source24: exim.service +Source25: exim-gen-cert +Source26: clamd.exim.service Patch4: exim-rhl.patch Patch6: exim-4.73-config.patch @@ -64,8 +70,9 @@ BuildRequires: pcre-devel sqlite-devel tcp_wrappers-devel cyrus-sasl-devel BuildRequires: openldap-devel openssl-devel mysql-devel postgresql-devel BuildRequires: libXaw-devel libXmu-devel libXext-devel libX11-devel libSM-devel BuildRequires: libICE-devel libXpm-devel libXt-devel perl(ExtUtils::Embed) +BuildRequires: systemd-units -%description +%description Exim is a message transfer agent (MTA) developed at the University of Cambridge for use on Unix systems connected to the Internet. It is freely available under the terms of the GNU General Public Licence. In @@ -75,6 +82,17 @@ routed, and there are extensive facilities for checking incoming mail. Exim can be installed in place of sendmail, although the configuration of exim is quite different to that of sendmail. +%package sysvinit +Summary: SysV initscript for Exim +Group: System Environment/Daemons +BuildArch: noarch +Requires: %{name} = %{version}-%{release} +Requires(preun): chkconfig +Requires(post): chkconfig + +%description sysvinit +This package contains the SysV initscript for Exim. + %package mysql Summary: MySQL lookup support for Exim Group: System Environment/Daemons @@ -111,6 +129,7 @@ The exim-sa package is an old method for allowing SpamAssassin to be run on incoming mail at SMTP time. It is deprecated in favour of the built-in ACL support for content scanning. +%if 0%{?buildclam} %package clamav Summary: Clam Antivirus scanner dæmon configuration for use with Exim Group: System Environment/Daemons @@ -136,6 +155,18 @@ For further details of Exim content scanning, see chapter 41 of the Exim specification: http://www.exim.org/exim-html-%{version}/doc/html/spec_html/ch41.html +%package clamav-sysvinit +Summary: SysV initscript for Clam Antivirus scanner for Exim +Group: System Environment/Daemons +BuildArch: noarch +Requires: exim-clamav = %{version}-%{release} +Requires(preun): chkconfig +Requires(post): chkconfig + +%description clamav-sysvinit +This package contains the SysV initscript. +%endif + %package greylist Summary: Example configuration for greylisting using Exim Group: System Environment/Daemons @@ -270,6 +301,13 @@ install -m 644 %SOURCE3 $RPM_BUILD_ROOT%{_sysconfdir}/sysconfig/exim mkdir -p $RPM_BUILD_ROOT%{_initrddir} install %SOURCE2 $RPM_BUILD_ROOT%{_initrddir}/exim +# Systemd +mkdir -p %{buildroot}%{_unitdir} +mkdir -p $RPM_BUILD_ROOT%{_libexecdir} +install -m644 %{SOURCE24} %{buildroot}%{_unitdir} +install -m755 %{SOURCE25} %{buildroot}%{_libexecdir} +install -m644 %{SOURCE26} %{buildroot}%{_unitdir} + mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}/logrotate.d install -m 0644 %SOURCE4 $RPM_BUILD_ROOT%{_sysconfdir}/logrotate.d/exim @@ -347,7 +385,7 @@ fi exit 0 %post -/sbin/chkconfig --add exim +[ $1 -eq 1 ] && /bin/systemctl daemon-reload >/dev/null 2>&1 || : %{_sbindir}/alternatives --install %{_sbindir}/sendmail mta %{_sbindir}/sendmail.exim 10 \ --slave %{_bindir}/mailq mta-mailq %{_bindir}/mailq.exim \ @@ -362,20 +400,42 @@ exit 0 %preun if [ $1 = 0 ]; then - /sbin/service exim stop > /dev/null 2>&1 - /sbin/chkconfig --del exim + /bin/systemctl --no-reload exim.service > /dev/null 2>&1 || : + /bin/systemctl stop exim.service > /dev/null 2>&1 || : %{_sbindir}/alternatives --remove mta %{_sbindir}/sendmail.exim fi %postun -if [ "$1" -ge "1" ]; then - /sbin/service exim condrestart > /dev/null 2>&1 +/bin/systemctl daemon-reload >/dev/null 2>&1 || : +if [ $1 -ge 1 ]; then + /bin/systemctl try-restart exim.service >/dev/null 2>&1 || : mta=`readlink /etc/alternatives/mta` if [ "$mta" == "%{_sbindir}/sendmail.exim" ]; then /usr/sbin/alternatives --set mta %{_sbindir}/sendmail.exim fi fi +%triggerun -- exim < %{sysv2systemdnvr} +%{_bindir}/systemd-sysv-convert --save exim >/dev/null 2>&1 ||: +/bin/systemctl enable exim.service >/dev/null 2>&1 +/sbin/chkconfig --del exim >/dev/null 2>&1 || : +/bin/systemctl try-restart exim.service >/dev/null 2>&1 || : + +%triggerpostun -n exim-sysvinit -- exim < %{sysv2systemdnvr} +/sbin/chkconfig --add exim >/dev/null 2>&1 || : + +%post sysvinit +/sbin/chkconfig --add exim >/dev/null 2>&1 ||: + +%preun sysvinit +if [ "$1" = 0 ]; then + %{_initrddir}/exim stop >/dev/null 2>&1 ||: + /sbin/chkconfig --del exim >/dev/null 2>&1 ||: +fi + +%postun sysvinit +[ "$1" -ge "1" ] && %{_initrddir}/exim condrestart >/dev/null 2>&1 ||: + %post greylist if [ ! -r %{_var}/spool/exim/db/greylist.db ]; then sqlite3 %{_var}/spool/exim/db/greylist.db < %{_sysconfdir}/exim/mk-greylist-db.sql @@ -425,7 +485,8 @@ fi %config(noreplace) %{_sysconfdir}/exim/exim.conf %config(noreplace) %{_sysconfdir}/exim/trusted-configs %config(noreplace) %{_sysconfdir}/sysconfig/exim -%{_sysconfdir}/rc.d/init.d/exim +%{_unitdir}/exim.service +%{_libexecdir}/exim-gen-cert %config(noreplace) %{_sysconfdir}/logrotate.d/exim %config(noreplace) %{_sysconfdir}/pam.d/exim %{_sysconfdir}/cron.daily/exim-tidydb @@ -446,6 +507,10 @@ fi %ghost %{_sysconfdir}/pam.d/smtp %ghost %{_mandir}/man1/mailq.1.gz +%files sysvinit +%defattr(-,root,root,-) +%{_initrddir}/exim + %files mysql %defattr(-,root,root,-) %{_libdir}/exim/%{version}-%{release}/lookups/mysql.so @@ -472,24 +537,54 @@ fi %post clamav /bin/touch %{_var}/log/clamd.exim /bin/chown exim.exim %{_var}/log/clamd.exim -/sbin/chkconfig --add clamd.exim +if [ $1 -eq 1 ] ; then + /bin/systemctl daemon-reload >/dev/null 2>&1 || : +fi %preun clamav -test "$1" != 0 || %{_initrddir}/clamd.exim stop &>/dev/null || : -test "$1" != 0 || /sbin/chkconfig --del clamd.exim +if [ $1 = 0 ]; then + /bin/systemctl --no-reload clamd.exim.service > /dev/null 2>&1 || : + /bin/systemctl stop clamd.exim.service > /dev/null 2>&1 || : +fi %postun clamav -test "$1" = 0 || %{_initrddir}/clamd.exim condrestart >/dev/null || : +/bin/systemctl daemon-reload >/dev/null 2>&1 || : +if [ $1 -ge 1 ] ; then + /bin/systemctl try-restart clamd.exim.service >/dev/null 2>&1 || : +fi + +%triggerun -- clamav < %{sysv2systemdnvr} +%{_bindir}/systemd-sysv-convert --save clamd.exim >/dev/null 2>&1 ||: +/bin/systemctl enable clamd.exim.service >/dev/null 2>&1 +/sbin/chkconfig --del clamd.exim >/dev/null 2>&1 || : +/bin/systemctl try-restart clamd.exim.service >/dev/null 2>&1 || : + +%triggerpostun -n exim-clamav-sysvinit -- exim < %{sysv2systemdnvr} +/sbin/chkconfig --add clamd.exim >/dev/null 2>&1 ||: + +%post clamav-sysvinit +/sbin/chkconfig --add clamd.exim >/dev/null 2>&1 ||: + +%preun clamav-sysvinit +test "$1" != 0 || %{_initrddir}/clamd.exim stop >/dev/null 2>&1 || : +test "$1" != 0 || /sbin/chkconfig --del clamd.exim >/dev/null 2>&1 || : + +%postun clamav-sysvinit +test "$1" = 0 || %{_initrddir}/clamd.exim condrestart >/dev/null 2>&1 || : %files clamav %defattr(-,root,root,-) %{_sbindir}/clamd.exim -%attr(0755,root,root) %config %{_initrddir}/clamd.exim +%{_unitdir}/clamd.exim.service %config(noreplace) %verify(not mtime) %{_sysconfdir}/clamd.d/exim.conf %config(noreplace) %verify(not mtime) %{_sysconfdir}/sysconfig/clamd.exim %config(noreplace) %verify(not mtime) %{_sysconfdir}/logrotate.d/clamd.exim %attr(0750,exim,exim) %dir %{_var}/run/clamd.exim %ghost %attr(0644,exim,exim) %{_var}/log/clamd.exim + +%files clamav-sysvinit +%defattr(-,root,root,-) +%attr(0755,root,root) %config %{_initrddir}/clamd.exim %endif %files greylist @@ -500,6 +595,13 @@ test "$1" = 0 || %{_initrddir}/clamd.exim condrestart >/dev/null || : %{_sysconfdir}/cron.daily/greylist-tidy.sh %changelog +* Mon Jan 30 2012 Jaroslav Škarvada - 4.76-6 +- Introduced systemd unit file, thanks to Jóhann B. Guðmundsson + Resoloves: rhbz#721354 +- Provided SysV initscripts in sysvinit subpackages +- Used PrivateTmp + Resolves: rhbz#782502 + * Fri Jan 13 2012 Fedora Release Engineering - 4.76-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild From ac41166122e3f3e5c2fc5894d5466e5c163f7527 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jaroslav=20=C5=A0karvada?= Date: Fri, 3 Feb 2012 11:01:14 +0100 Subject: [PATCH 108/194] Fixed exim-clamav to work with /var/run on tmpfs --- exim-clamav-tmpfiles.conf | 1 + exim.spec | 19 ++++++++++++++++--- 2 files changed, 17 insertions(+), 3 deletions(-) create mode 100644 exim-clamav-tmpfiles.conf diff --git a/exim-clamav-tmpfiles.conf b/exim-clamav-tmpfiles.conf new file mode 100644 index 0000000..df45687 --- /dev/null +++ b/exim-clamav-tmpfiles.conf @@ -0,0 +1 @@ +D /var/run/clamd.exim 0750 exim exim - diff --git a/exim.spec b/exim.spec index 111a193..c10aaa8 100644 --- a/exim.spec +++ b/exim.spec @@ -14,7 +14,7 @@ Summary: The exim mail transfer agent Name: exim Version: 4.76 -Release: 6%{?dist} +Release: 7%{?dist} License: GPLv2+ Url: http://www.exim.org/ Group: System Environment/Daemons @@ -25,6 +25,7 @@ Requires(preun): %{_sbindir}/alternatives systemd-units Requires(postun): %{_sbindir}/alternatives systemd-units Requires(pre): %{_sbindir}/groupadd, %{_sbindir}/useradd %if 0%{?buildclam} +Requires: initscripts BuildRequires: clamav-devel %endif Source: ftp://ftp.exim.org/pub/exim/exim4/exim-%{version}.tar.bz2 @@ -33,6 +34,10 @@ Source3: exim.sysconfig Source4: exim.logrotate Source5: exim-tidydb.sh Source11: exim.pam +%if 0%{?buildclam} +Source12: exim-clamav-tmpfiles.conf +%endif + %if 0%{?buildsa} Source13: http://marc.merlins.org/linux/exim/files/sa-exim-4.2.tar.gz %endif @@ -70,7 +75,7 @@ BuildRequires: pcre-devel sqlite-devel tcp_wrappers-devel cyrus-sasl-devel BuildRequires: openldap-devel openssl-devel mysql-devel postgresql-devel BuildRequires: libXaw-devel libXmu-devel libXext-devel libX11-devel libSM-devel BuildRequires: libICE-devel libXpm-devel libXt-devel perl(ExtUtils::Embed) -BuildRequires: systemd-units +BuildRequires: systemd-units %description Exim is a message transfer agent (MTA) developed at the University of @@ -355,6 +360,8 @@ CLAMD_SOCKET=%{_var}/run/clamd.exim/clamd.sock EOF ln -sf clamd $RPM_BUILD_ROOT/usr/sbin/clamd.exim +mkdir -p %{buildroot}%{_sysconfdir}/tmpfiles.d +install -m 0644 %{SOURCE12} %{buildroot}%{_sysconfdir}/tmpfiles.d/exim-clamav.conf mkdir -p $RPM_BUILD_ROOT%{_var}/run/clamd.exim mkdir -p $RPM_BUILD_ROOT%{_var}/log touch $RPM_BUILD_ROOT%{_var}/log/clamd.exim @@ -535,6 +542,8 @@ fi %if 0%{?buildclam} %post clamav +/bin/mkdir -p 0750 %{_var}/run/clamd.exim +/bin/chown exim:exim %{_var}/run/clamd.exim /bin/touch %{_var}/log/clamd.exim /bin/chown exim.exim %{_var}/log/clamd.exim if [ $1 -eq 1 ] ; then @@ -579,7 +588,8 @@ test "$1" = 0 || %{_initrddir}/clamd.exim condrestart >/dev/null 2>&1 || : %config(noreplace) %verify(not mtime) %{_sysconfdir}/clamd.d/exim.conf %config(noreplace) %verify(not mtime) %{_sysconfdir}/sysconfig/clamd.exim %config(noreplace) %verify(not mtime) %{_sysconfdir}/logrotate.d/clamd.exim -%attr(0750,exim,exim) %dir %{_var}/run/clamd.exim +%config(noreplace) %{_sysconfdir}/tmpfiles.d/exim-clamav.conf +%ghost %attr(0750,exim,exim) %dir %{_var}/run/clamd.exim %ghost %attr(0644,exim,exim) %{_var}/log/clamd.exim %files clamav-sysvinit @@ -595,6 +605,9 @@ test "$1" = 0 || %{_initrddir}/clamd.exim condrestart >/dev/null 2>&1 || : %{_sysconfdir}/cron.daily/greylist-tidy.sh %changelog +* Thu Feb 2 2012 Jaroslav Škarvada - 4.76-7 +- Fixed exim-clamav to work with /var/run on tmpfs + * Mon Jan 30 2012 Jaroslav Škarvada - 4.76-6 - Introduced systemd unit file, thanks to Jóhann B. Guðmundsson Resoloves: rhbz#721354 From 59b420bbfa41ddcbf1e3cf91061f34057bf23a96 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jaroslav=20=C5=A0karvada?= Date: Mon, 6 Feb 2012 10:33:56 +0100 Subject: [PATCH 109/194] Workarounded wrong SELinux context of /var/log/clamd.exim --- exim.spec | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/exim.spec b/exim.spec index c10aaa8..59b606c 100644 --- a/exim.spec +++ b/exim.spec @@ -14,13 +14,13 @@ Summary: The exim mail transfer agent Name: exim Version: 4.76 -Release: 7%{?dist} +Release: 8%{?dist} License: GPLv2+ Url: http://www.exim.org/ Group: System Environment/Daemons Buildroot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) Provides: MTA smtpd smtpdaemon server(smtp) -Requires(post): /sbin/chkconfig /sbin/service %{_sbindir}/alternatives systemd-units systemd-sysv +Requires(post): /sbin/chkconfig /sbin/service /sbin/restorecon %{_sbindir}/alternatives systemd-units systemd-sysv Requires(preun): %{_sbindir}/alternatives systemd-units Requires(postun): %{_sbindir}/alternatives systemd-units Requires(pre): %{_sbindir}/groupadd, %{_sbindir}/useradd @@ -546,6 +546,7 @@ fi /bin/chown exim:exim %{_var}/run/clamd.exim /bin/touch %{_var}/log/clamd.exim /bin/chown exim.exim %{_var}/log/clamd.exim +/sbin/restorecon %{_var}/log/clamd.exim if [ $1 -eq 1 ] ; then /bin/systemctl daemon-reload >/dev/null 2>&1 || : fi @@ -605,6 +606,9 @@ test "$1" = 0 || %{_initrddir}/clamd.exim condrestart >/dev/null 2>&1 || : %{_sysconfdir}/cron.daily/greylist-tidy.sh %changelog +* Mon Feb 6 2012 Jaroslav Škarvada - 4.76-8 +- Workarounded wrong SELinux context of /var/log/clamd.exim + * Thu Feb 2 2012 Jaroslav Škarvada - 4.76-7 - Fixed exim-clamav to work with /var/run on tmpfs From dfe984f4c0a6874bfc0e9ee92d8b0a6bd7e414c2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Petr=20P=C3=ADsa=C5=99?= Date: Fri, 10 Feb 2012 15:27:25 +0100 Subject: [PATCH 110/194] Rebuild against PCRE 8.30 --- exim.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/exim.spec b/exim.spec index 59b606c..943ec2a 100644 --- a/exim.spec +++ b/exim.spec @@ -14,7 +14,7 @@ Summary: The exim mail transfer agent Name: exim Version: 4.76 -Release: 8%{?dist} +Release: 9%{?dist} License: GPLv2+ Url: http://www.exim.org/ Group: System Environment/Daemons @@ -606,6 +606,9 @@ test "$1" = 0 || %{_initrddir}/clamd.exim condrestart >/dev/null 2>&1 || : %{_sysconfdir}/cron.daily/greylist-tidy.sh %changelog +* Fri Feb 10 2012 Petr Pisar - 4.76-9 +- Rebuild against PCRE 8.30 + * Mon Feb 6 2012 Jaroslav Škarvada - 4.76-8 - Workarounded wrong SELinux context of /var/log/clamd.exim From 4562baf1c651c2a19ab1e3f3b35152cd56bc4e67 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jaroslav=20=C5=A0karvada?= Date: Tue, 6 Mar 2012 09:28:17 +0100 Subject: [PATCH 111/194] New version - Removed unused ldap-deprecated patch - Dropped strict aliasing patch - Built with libdb-5.2 --- .gitignore | 5 +---- exim-4.61-ldap-deprecated.patch | 10 ---------- exim-4.69-strictaliasing.patch | 11 ----------- exim.spec | 14 +++++++++----- sources | 2 +- 5 files changed, 11 insertions(+), 31 deletions(-) delete mode 100644 exim-4.61-ldap-deprecated.patch delete mode 100644 exim-4.69-strictaliasing.patch diff --git a/.gitignore b/.gitignore index 3f3e4c8..d4101b7 100644 --- a/.gitignore +++ b/.gitignore @@ -1,4 +1 @@ -sa-exim-4.2.tar.gz -exim-4.72.tar.bz2 -/exim-4.73.tar.bz2 -/exim-4.76.tar.bz2 +exim-*.tar.bz2 diff --git a/exim-4.61-ldap-deprecated.patch b/exim-4.61-ldap-deprecated.patch deleted file mode 100644 index ffad7ac..0000000 --- a/exim-4.61-ldap-deprecated.patch +++ /dev/null @@ -1,10 +0,0 @@ ---- exim-4.61/src/lookups/ldap.c.orig 2006-04-07 16:02:48.000000000 +0100 -+++ exim-4.61/src/lookups/ldap.c 2006-04-07 16:02:00.000000000 +0100 -@@ -33,6 +33,7 @@ static void dummy(int x) { dummy(x-1); } - - /* Include LDAP headers */ - -+#define LDAP_DEPRECATED 1 - #include - #include - diff --git a/exim-4.69-strictaliasing.patch b/exim-4.69-strictaliasing.patch deleted file mode 100644 index 7eb9d13..0000000 --- a/exim-4.69-strictaliasing.patch +++ /dev/null @@ -1,11 +0,0 @@ -diff -up exim-4.69/src/exim.h.strictaliasing exim-4.69/src/exim.h ---- exim-4.69/src/exim.h.strictaliasing 2009-08-18 15:10:42.000000000 +0200 -+++ exim-4.69/src/exim.h 2009-08-18 15:16:01.000000000 +0200 -@@ -484,6 +484,7 @@ union sockaddr_46 { - #if HAVE_IPV6 - struct sockaddr_in6 v6; - #endif -+ struct sockaddr g; - }; - - /* If SUPPORT_TLS is not defined, ensure that USE_GNUTLS is also not defined diff --git a/exim.spec b/exim.spec index 943ec2a..7f10420 100644 --- a/exim.spec +++ b/exim.spec @@ -13,8 +13,8 @@ Summary: The exim mail transfer agent Name: exim -Version: 4.76 -Release: 9%{?dist} +Version: 4.77 +Release: 1%{?dist} License: GPLv2+ Url: http://www.exim.org/ Group: System Environment/Daemons @@ -62,12 +62,11 @@ Patch21: exim-4.63-localhost-is-local.patch Patch22: exim-4.66-greylist-conf.patch Patch23: exim-4.67-smarthost-config.patch Patch25: exim-4.69-dynlookup-config.patch -Patch26: exim-4.69-strictaliasing.patch Requires: /etc/pki/tls/certs /etc/pki/tls/private Requires: /etc/aliases Requires: perl(:MODULE_COMPAT_%(eval "`%{__perl} -V:version`"; echo $version)) -BuildRequires: db4-devel openssl-devel openldap-devel pam-devel +BuildRequires: libdb-devel openssl-devel openldap-devel pam-devel %if 0%{?buildsa} BuildRequires: lynx %endif @@ -216,7 +215,6 @@ greylisting unconditional. %patch22 -p1 -b .grey %patch23 -p1 -b .smarthost %patch25 -p1 -b .dynconfig -%patch26 -p1 -b .strictaliasing cp src/EDITME Local/Makefile sed -i 's@^# LOOKUP_MODULE_DIR=.*@LOOKUP_MODULE_DIR=%{_libdir}/exim/%{version}-%{release}/lookups@' Local/Makefile @@ -606,6 +604,12 @@ test "$1" = 0 || %{_initrddir}/clamd.exim condrestart >/dev/null 2>&1 || : %{_sysconfdir}/cron.daily/greylist-tidy.sh %changelog +* Wed Feb 29 2012 Jaroslav Škarvada - 4.77-1 +- New version +- Removed unused ldap-deprecated patch +- Dropped strict aliasing patch +- Built with libdb-5.2 + * Fri Feb 10 2012 Petr Pisar - 4.76-9 - Rebuild against PCRE 8.30 diff --git a/sources b/sources index 5e3db47..bde3674 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -58e784b33c7a2ab335ec6400346d6362 exim-4.76.tar.bz2 +5d746275f2cc85845567f9d5eb84a57a exim-4.77.tar.bz2 From 0a988a67d5826c6604d4b4d97eca4860b4f03bb3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jaroslav=20=C5=A0karvada?= Date: Fri, 6 Apr 2012 17:53:10 +0200 Subject: [PATCH 112/194] Rebuilt with libdb-5.2 --- exim.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/exim.spec b/exim.spec index 7f10420..c7a8cb0 100644 --- a/exim.spec +++ b/exim.spec @@ -14,7 +14,7 @@ Summary: The exim mail transfer agent Name: exim Version: 4.77 -Release: 1%{?dist} +Release: 2%{?dist} License: GPLv2+ Url: http://www.exim.org/ Group: System Environment/Daemons @@ -604,6 +604,9 @@ test "$1" = 0 || %{_initrddir}/clamd.exim condrestart >/dev/null 2>&1 || : %{_sysconfdir}/cron.daily/greylist-tidy.sh %changelog +* Fri Apr 6 2012 Jaroslav Škarvada - 4.77-2 +- Rebuilt with libdb-5.2 + * Wed Feb 29 2012 Jaroslav Škarvada - 4.77-1 - New version - Removed unused ldap-deprecated patch From dcac391434c3a3a6785a191476331d74baba9205 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jaroslav=20=C5=A0karvada?= Date: Mon, 4 Jun 2012 12:08:07 +0200 Subject: [PATCH 113/194] New version Resolves: rhbz#827963 --- ....73-config.patch => exim-4.80-config.patch | 28 +++++++++++++------ exim.spec | 12 +++++--- sources | 2 +- 3 files changed, 29 insertions(+), 13 deletions(-) rename exim-4.73-config.patch => exim-4.80-config.patch (93%) diff --git a/exim-4.73-config.patch b/exim-4.80-config.patch similarity index 93% rename from exim-4.73-config.patch rename to exim-4.80-config.patch index 40d16cd..94a0dc1 100644 --- a/exim-4.73-config.patch +++ b/exim-4.80-config.patch @@ -69,7 +69,7 @@ #------------------------------------------------------------------------------ -@@ -261,17 +261,20 @@ LOOKUP_DBM=yes +@@ -261,18 +261,20 @@ LOOKUP_DBM=yes LOOKUP_LSEARCH=yes LOOKUP_DNSDB=yes @@ -93,6 +93,7 @@ -# LOOKUP_PASSWD=yes -# LOOKUP_PGSQL=yes -# LOOKUP_SQLITE=yes +-# LOOKUP_SQLITE_PC=sqlite3 +LOOKUP_PASSWD=yes +LOOKUP_PGSQL=yes +LOOKUP_SQLITE=yes @@ -125,18 +126,24 @@ #------------------------------------------------------------------------------ -@@ -527,11 +530,11 @@ FIXED_NEVER_USERS=root +@@ -527,15 +530,13 @@ FIXED_NEVER_USERS=root # included in the Exim binary. You will then need to set up the run time # configuration to make use of the mechanism(s) selected. -# AUTH_CRAM_MD5=yes -# AUTH_CYRUS_SASL=yes -# AUTH_DOVECOT=yes +-# AUTH_GSASL=yes +-# AUTH_GSASL_PC=libgsasl +-# AUTH_HEIMDAL_GSSAPI=yes +-# AUTH_HEIMDAL_GSSAPI_PC=heimdal-gssapi -# AUTH_PLAINTEXT=yes -# AUTH_SPA=yes +AUTH_CRAM_MD5=yes +AUTH_CYRUS_SASL=yes +AUTH_DOVECOT=yes ++AUTH_GSASL=yes ++AUTH_GSASL_PC=libgsasl +AUTH_PLAINTEXT=yes +AUTH_SPA=yes @@ -160,20 +167,21 @@ # # If you are not using one of those systems, but have installed iconv(), you # need to uncomment that line above. In some cases, you may find that iconv() -@@ -630,10 +633,11 @@ HEADERS_CHARSET="ISO-8859-1" +@@ -630,11 +633,11 @@ HEADERS_CHARSET="ISO-8859-1" # leave these settings commented out. # This setting is required for any TLS support (either OpenSSL or GnuTLS) -# SUPPORT_TLS=yes +SUPPORT_TLS=yes - # Uncomment this setting if you are using OpenSSL + # Uncomment one of these settings if you are using OpenSSL; pkg-config vs not +-# USE_OPENSSL_PC=openssl -# TLS_LIBS=-lssl -lcrypto +TLS_INCLUDE=-I/usr/kerberos/include +TLS_LIBS=-lssl -lcrypto - # Uncomment these settings if you are using GnuTLS - # USE_GNUTLS=yes + # Uncomment the first and either the second or the third of these if you + # are using GnuTLS. If you have pkg-config, then the second, else the third. @@ -684,7 +688,7 @@ HEADERS_CHARSET="ISO-8859-1" # Once you have done this, "make install" will build the info files and # install them in the directory you have defined. @@ -259,7 +267,7 @@ # # but of course there may need to be other things in CFLAGS and EXTRALIBS_EXIM # as well. -@@ -918,13 +922,13 @@ SYSTEM_ALIASES_FILE=/etc/aliases +@@ -918,17 +922,17 @@ SYSTEM_ALIASES_FILE=/etc/aliases # is "yes", as well as supporting line editing, a history of input lines in the # current run is maintained. @@ -270,7 +278,11 @@ # Note that this option adds to the size of the Exim binary, because the # dynamic loading library is not otherwise included. -- + + #------------------------------------------------------------------------------ + # Uncomment this setting to include IPv6 support. + +-# HAVE_IPV6=yes +HAVE_IPV6=yes ############################################################################### diff --git a/exim.spec b/exim.spec index c7a8cb0..caae1ea 100644 --- a/exim.spec +++ b/exim.spec @@ -13,8 +13,8 @@ Summary: The exim mail transfer agent Name: exim -Version: 4.77 -Release: 2%{?dist} +Version: 4.80 +Release: 1%{?dist} License: GPLv2+ Url: http://www.exim.org/ Group: System Environment/Daemons @@ -50,7 +50,7 @@ Source25: exim-gen-cert Source26: clamd.exim.service Patch4: exim-rhl.patch -Patch6: exim-4.73-config.patch +Patch6: exim-4.80-config.patch Patch8: exim-4.24-libdir.patch Patch12: exim-4.33-cyrus.patch Patch13: exim-4.43-pamconfig.patch @@ -74,7 +74,7 @@ BuildRequires: pcre-devel sqlite-devel tcp_wrappers-devel cyrus-sasl-devel BuildRequires: openldap-devel openssl-devel mysql-devel postgresql-devel BuildRequires: libXaw-devel libXmu-devel libXext-devel libX11-devel libSM-devel BuildRequires: libICE-devel libXpm-devel libXt-devel perl(ExtUtils::Embed) -BuildRequires: systemd-units +BuildRequires: systemd-units libgsasl-devel %description Exim is a message transfer agent (MTA) developed at the University of @@ -604,6 +604,10 @@ test "$1" = 0 || %{_initrddir}/clamd.exim condrestart >/dev/null 2>&1 || : %{_sysconfdir}/cron.daily/greylist-tidy.sh %changelog +* Mon Jun 4 2012 Jaroslav Škarvada - 4.80-1 +- New version + Resolves: rhbz#827963 + * Fri Apr 6 2012 Jaroslav Škarvada - 4.77-2 - Rebuilt with libdb-5.2 diff --git a/sources b/sources index bde3674..4110246 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -5d746275f2cc85845567f9d5eb84a57a exim-4.77.tar.bz2 +de93a242e9e148de28d67056e5c1b34f exim-4.80.tar.bz2 From 47337e734e1a4143b8951344a3c79faa2f1344c9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Petr=20P=C3=ADsa=C5=99?= Date: Mon, 11 Jun 2012 13:37:17 +0200 Subject: [PATCH 114/194] Perl 5.16 rebuild --- exim.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/exim.spec b/exim.spec index caae1ea..c4be48a 100644 --- a/exim.spec +++ b/exim.spec @@ -14,7 +14,7 @@ Summary: The exim mail transfer agent Name: exim Version: 4.80 -Release: 1%{?dist} +Release: 2%{?dist} License: GPLv2+ Url: http://www.exim.org/ Group: System Environment/Daemons @@ -604,6 +604,9 @@ test "$1" = 0 || %{_initrddir}/clamd.exim condrestart >/dev/null 2>&1 || : %{_sysconfdir}/cron.daily/greylist-tidy.sh %changelog +* Mon Jun 11 2012 Petr Pisar - 4.80-2 +- Perl 5.16 rebuild + * Mon Jun 4 2012 Jaroslav Škarvada - 4.80-1 - New version Resolves: rhbz#827963 From 4a8c42f9ac989db8409082ae964fd6645c6afadd Mon Sep 17 00:00:00 2001 From: Dennis Gilmore Date: Wed, 18 Jul 2012 20:00:15 -0500 Subject: [PATCH 115/194] - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild --- exim.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/exim.spec b/exim.spec index c4be48a..708c1de 100644 --- a/exim.spec +++ b/exim.spec @@ -14,7 +14,7 @@ Summary: The exim mail transfer agent Name: exim Version: 4.80 -Release: 2%{?dist} +Release: 3%{?dist} License: GPLv2+ Url: http://www.exim.org/ Group: System Environment/Daemons @@ -604,6 +604,9 @@ test "$1" = 0 || %{_initrddir}/clamd.exim condrestart >/dev/null 2>&1 || : %{_sysconfdir}/cron.daily/greylist-tidy.sh %changelog +* Thu Jul 19 2012 Fedora Release Engineering - 4.80-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild + * Mon Jun 11 2012 Petr Pisar - 4.80-2 - Perl 5.16 rebuild From b916d7ca0178379c8db0a2b0247eac8700cc5464 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jaroslav=20=C5=A0karvada?= Date: Fri, 26 Oct 2012 10:23:27 +0200 Subject: [PATCH 116/194] New version Resolves: CVE-2012-5671 --- exim.spec | 8 ++++++-- sources | 2 +- 2 files changed, 7 insertions(+), 3 deletions(-) diff --git a/exim.spec b/exim.spec index 708c1de..5f83634 100644 --- a/exim.spec +++ b/exim.spec @@ -13,8 +13,8 @@ Summary: The exim mail transfer agent Name: exim -Version: 4.80 -Release: 3%{?dist} +Version: 4.80.1 +Release: 1%{?dist} License: GPLv2+ Url: http://www.exim.org/ Group: System Environment/Daemons @@ -604,6 +604,10 @@ test "$1" = 0 || %{_initrddir}/clamd.exim condrestart >/dev/null 2>&1 || : %{_sysconfdir}/cron.daily/greylist-tidy.sh %changelog +* Fri Oct 26 2012 Jaroslav Škarvada - 4.80.1-1 +- New version + Resolves: CVE-2012-5671 + * Thu Jul 19 2012 Fedora Release Engineering - 4.80-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild diff --git a/sources b/sources index 4110246..d622a66 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -de93a242e9e148de28d67056e5c1b34f exim-4.80.tar.bz2 +1a95dc9f02834b1b7430403a75edf162 exim-4.80.1.tar.bz2 From 76f77d180b13a26f4ede5d3087cc673cf1a41198 Mon Sep 17 00:00:00 2001 From: Dennis Gilmore Date: Wed, 13 Feb 2013 15:17:15 -0600 Subject: [PATCH 117/194] - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild --- exim.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/exim.spec b/exim.spec index 5f83634..1e8216e 100644 --- a/exim.spec +++ b/exim.spec @@ -14,7 +14,7 @@ Summary: The exim mail transfer agent Name: exim Version: 4.80.1 -Release: 1%{?dist} +Release: 2%{?dist} License: GPLv2+ Url: http://www.exim.org/ Group: System Environment/Daemons @@ -604,6 +604,9 @@ test "$1" = 0 || %{_initrddir}/clamd.exim condrestart >/dev/null 2>&1 || : %{_sysconfdir}/cron.daily/greylist-tidy.sh %changelog +* Wed Feb 13 2013 Fedora Release Engineering - 4.80.1-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild + * Fri Oct 26 2012 Jaroslav Škarvada - 4.80.1-1 - New version Resolves: CVE-2012-5671 From 43db2f211f689ce41ae9ec176f6995d4bcbec400 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jaroslav=20=C5=A0karvada?= Date: Tue, 26 Feb 2013 13:38:52 +0100 Subject: [PATCH 118/194] Switched to systemd-rpm macros Resolves: rhbz#850102 --- exim.spec | 20 +++++++++++--------- 1 file changed, 11 insertions(+), 9 deletions(-) diff --git a/exim.spec b/exim.spec index 1e8216e..af56c1b 100644 --- a/exim.spec +++ b/exim.spec @@ -14,15 +14,15 @@ Summary: The exim mail transfer agent Name: exim Version: 4.80.1 -Release: 2%{?dist} +Release: 3%{?dist} License: GPLv2+ Url: http://www.exim.org/ Group: System Environment/Daemons Buildroot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) Provides: MTA smtpd smtpdaemon server(smtp) -Requires(post): /sbin/chkconfig /sbin/service /sbin/restorecon %{_sbindir}/alternatives systemd-units systemd-sysv -Requires(preun): %{_sbindir}/alternatives systemd-units -Requires(postun): %{_sbindir}/alternatives systemd-units +Requires(post): /sbin/chkconfig /sbin/service /sbin/restorecon %{_sbindir}/alternatives systemd systemd-sysv +Requires(preun): %{_sbindir}/alternatives systemd +Requires(postun): %{_sbindir}/alternatives systemd Requires(pre): %{_sbindir}/groupadd, %{_sbindir}/useradd %if 0%{?buildclam} Requires: initscripts @@ -390,7 +390,7 @@ fi exit 0 %post -[ $1 -eq 1 ] && /bin/systemctl daemon-reload >/dev/null 2>&1 || : +%systemd_post %{name}.service %{_sbindir}/alternatives --install %{_sbindir}/sendmail mta %{_sbindir}/sendmail.exim 10 \ --slave %{_bindir}/mailq mta-mailq %{_bindir}/mailq.exim \ @@ -404,16 +404,14 @@ exit 0 --initscript exim %preun +%systemd_preun %{name}.service if [ $1 = 0 ]; then - /bin/systemctl --no-reload exim.service > /dev/null 2>&1 || : - /bin/systemctl stop exim.service > /dev/null 2>&1 || : %{_sbindir}/alternatives --remove mta %{_sbindir}/sendmail.exim fi %postun -/bin/systemctl daemon-reload >/dev/null 2>&1 || : +%systemd_postun_with_restart %{name}.service if [ $1 -ge 1 ]; then - /bin/systemctl try-restart exim.service >/dev/null 2>&1 || : mta=`readlink /etc/alternatives/mta` if [ "$mta" == "%{_sbindir}/sendmail.exim" ]; then /usr/sbin/alternatives --set mta %{_sbindir}/sendmail.exim @@ -604,6 +602,10 @@ test "$1" = 0 || %{_initrddir}/clamd.exim condrestart >/dev/null 2>&1 || : %{_sysconfdir}/cron.daily/greylist-tidy.sh %changelog +* Tue Feb 26 2013 Jaroslav Škarvada - 4.80.1-3 +- Switched to systemd-rpm macros + Resolves: rhbz#850102 + * Wed Feb 13 2013 Fedora Release Engineering - 4.80.1-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild From b5a960bdaafa5d15e4028016a934528866aedc4a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Petr=20P=C3=ADsa=C5=99?= Date: Thu, 18 Jul 2013 00:06:02 +0200 Subject: [PATCH 119/194] Perl 5.18 rebuild --- exim.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/exim.spec b/exim.spec index af56c1b..c67ba9a 100644 --- a/exim.spec +++ b/exim.spec @@ -14,7 +14,7 @@ Summary: The exim mail transfer agent Name: exim Version: 4.80.1 -Release: 3%{?dist} +Release: 4%{?dist} License: GPLv2+ Url: http://www.exim.org/ Group: System Environment/Daemons @@ -602,6 +602,9 @@ test "$1" = 0 || %{_initrddir}/clamd.exim condrestart >/dev/null 2>&1 || : %{_sysconfdir}/cron.daily/greylist-tidy.sh %changelog +* Wed Jul 17 2013 Petr Pisar - 4.80.1-4 +- Perl 5.18 rebuild + * Tue Feb 26 2013 Jaroslav Škarvada - 4.80.1-3 - Switched to systemd-rpm macros Resolves: rhbz#850102 From a6750d6c7cf8080a217cd828030c584c53beb99f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jaroslav=20=C5=A0karvada?= Date: Sun, 28 Jul 2013 19:24:31 +0200 Subject: [PATCH 120/194] Add a missing requirement on crontabs to spec file --- exim.spec | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/exim.spec b/exim.spec index c67ba9a..f78a9de 100644 --- a/exim.spec +++ b/exim.spec @@ -14,7 +14,7 @@ Summary: The exim mail transfer agent Name: exim Version: 4.80.1 -Release: 4%{?dist} +Release: 5%{?dist} License: GPLv2+ Url: http://www.exim.org/ Group: System Environment/Daemons @@ -174,7 +174,8 @@ This package contains the SysV initscript. %package greylist Summary: Example configuration for greylisting using Exim Group: System Environment/Daemons -Requires: sqlite exim %{_sysconfdir}/cron.daily +Requires: sqlite exim +Requires: crontabs %description greylist This package contains a simple example of how to do greylisting in Exim's @@ -602,6 +603,9 @@ test "$1" = 0 || %{_initrddir}/clamd.exim condrestart >/dev/null 2>&1 || : %{_sysconfdir}/cron.daily/greylist-tidy.sh %changelog +* Sat Jul 27 2013 Jóhann B. Guðmundsson - 4.80.1-5 +- Add a missing requirement on crontabs to spec file + * Wed Jul 17 2013 Petr Pisar - 4.80.1-4 - Perl 5.18 rebuild From 6929a9adbd07525050009340118f56f4617d9321 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Petr=20P=C3=ADsa=C5=99?= Date: Sat, 3 Aug 2013 15:46:10 +0200 Subject: [PATCH 121/194] Perl 5.18 rebuild --- exim.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/exim.spec b/exim.spec index f78a9de..e6f97a3 100644 --- a/exim.spec +++ b/exim.spec @@ -14,7 +14,7 @@ Summary: The exim mail transfer agent Name: exim Version: 4.80.1 -Release: 5%{?dist} +Release: 6%{?dist} License: GPLv2+ Url: http://www.exim.org/ Group: System Environment/Daemons @@ -603,6 +603,9 @@ test "$1" = 0 || %{_initrddir}/clamd.exim condrestart >/dev/null 2>&1 || : %{_sysconfdir}/cron.daily/greylist-tidy.sh %changelog +* Sat Aug 03 2013 Petr Pisar - 4.80.1-6 +- Perl 5.18 rebuild + * Sat Jul 27 2013 Jóhann B. Guðmundsson - 4.80.1-5 - Add a missing requirement on crontabs to spec file From 1f50e557055a9b64849503f6b5a1dded00055bd7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jaroslav=20=C5=A0karvada?= Date: Tue, 29 Oct 2013 18:42:20 +0100 Subject: [PATCH 122/194] New version Resolves: rhbz#1024196 - Fixed bogus dates in the changelog (best effort) - De-fuzzified patches - Fixed double packaging of mailq.1.gz --- exim-4.63-allow-filter.patch | 11 -- exim-4.63-localhost-is-local.patch | 11 -- exim-4.82-allow-filter.patch | 13 ++ ....80-config.patch => exim-4.82-config.patch | 94 +++++------- ...-4.33-cyrus.patch => exim-4.82-cyrus.patch | 8 +- ....patch => exim-4.82-dlopen-localscan.patch | 139 ++++++++++-------- ....patch => exim-4.82-dynlookup-config.patch | 8 +- ...onf.patch => exim-4.82-greylist-conf.patch | 28 ++-- ....24-libdir.patch => exim-4.82-libdir.patch | 8 +- exim-4.82-localhost-is-local.patch | 13 ++ ...mconfig.patch => exim-4.82-pamconfig.patch | 23 +-- ...procmail.patch => exim-4.82-procmail.patch | 10 +- ....patch => exim-4.82-smarthost-config.patch | 35 +---- ...amdconf.patch => exim-4.82-spamdconf.patch | 34 ++--- exim-rhl.patch | 11 +- exim.spec | 41 +++--- sources | 2 +- 17 files changed, 245 insertions(+), 244 deletions(-) delete mode 100644 exim-4.63-allow-filter.patch delete mode 100644 exim-4.63-localhost-is-local.patch create mode 100644 exim-4.82-allow-filter.patch rename exim-4.80-config.patch => exim-4.82-config.patch (81%) rename exim-4.33-cyrus.patch => exim-4.82-cyrus.patch (72%) rename exim-4.71-dlopen-localscan.patch => exim-4.82-dlopen-localscan.patch (86%) rename exim-4.69-dynlookup-config.patch => exim-4.82-dynlookup-config.patch (77%) rename exim-4.66-greylist-conf.patch => exim-4.82-greylist-conf.patch (89%) rename exim-4.24-libdir.patch => exim-4.82-libdir.patch (53%) create mode 100644 exim-4.82-localhost-is-local.patch rename exim-4.43-pamconfig.patch => exim-4.82-pamconfig.patch (82%) rename exim-4.63-procmail.patch => exim-4.82-procmail.patch (77%) rename exim-4.67-smarthost-config.patch => exim-4.82-smarthost-config.patch (57%) rename exim-4.50-spamdconf.patch => exim-4.82-spamdconf.patch (91%) diff --git a/exim-4.63-allow-filter.patch b/exim-4.63-allow-filter.patch deleted file mode 100644 index 8f18ae4..0000000 --- a/exim-4.63-allow-filter.patch +++ /dev/null @@ -1,11 +0,0 @@ ---- exim-4.63/src/configure.default~ 2006-09-03 15:02:28.000000000 -0700 -+++ exim-4.63/src/configure.default 2006-09-03 15:46:53.000000000 -0700 -@@ -672,7 +672,7 @@ userforward: - # local_part_suffix = +* : -* - # local_part_suffix_optional - file = $home/.forward --# allow_filter -+ allow_filter - no_verify - no_expn - check_ancestor diff --git a/exim-4.63-localhost-is-local.patch b/exim-4.63-localhost-is-local.patch deleted file mode 100644 index e58f483..0000000 --- a/exim-4.63-localhost-is-local.patch +++ /dev/null @@ -1,11 +0,0 @@ ---- exim-4.63/src/configure.default~ 2006-09-03 19:31:28.000000000 -0700 -+++ exim-4.63/src/configure.default 2006-09-03 19:37:42.000000000 -0700 -@@ -56,7 +56,7 @@ - # +local_domains, +relay_to_domains, and +relay_from_hosts, respectively. They - # are all colon-separated lists: - --domainlist local_domains = @ -+domainlist local_domains = @ : localhost : localhost.localdomain - domainlist relay_to_domains = - hostlist relay_from_hosts = 127.0.0.1 - diff --git a/exim-4.82-allow-filter.patch b/exim-4.82-allow-filter.patch new file mode 100644 index 0000000..5772252 --- /dev/null +++ b/exim-4.82-allow-filter.patch @@ -0,0 +1,13 @@ +diff --git a/src/configure.default b/src/configure.default +index 37a6a00..52e0536 100644 +--- a/src/configure.default ++++ b/src/configure.default +@@ -684,7 +684,7 @@ userforward: + # local_part_suffix = +* : -* + # local_part_suffix_optional + file = $home/.forward +-# allow_filter ++ allow_filter + no_verify + no_expn + check_ancestor diff --git a/exim-4.80-config.patch b/exim-4.82-config.patch similarity index 81% rename from exim-4.80-config.patch rename to exim-4.82-config.patch index 94a0dc1..d20928b 100644 --- a/exim-4.80-config.patch +++ b/exim-4.82-config.patch @@ -1,6 +1,8 @@ ---- exim-4.73/scripts/Configure-Makefile.config 2010-12-26 18:17:23.000000000 +0000 -+++ exim-4.73/scripts/Configure-Makefile 2011-01-05 22:25:49.000000000 +0000 -@@ -137,7 +137,7 @@ if [ "${EXIM_PERL}" != "" ] ; then +diff --git a/scripts/Configure-Makefile b/scripts/Configure-Makefile +index 5e8a726..31a5aad 100755 +--- a/scripts/Configure-Makefile ++++ b/scripts/Configure-Makefile +@@ -233,7 +233,7 @@ if [ "${EXIM_PERL}" != "" ] ; then mv $mft $mftt echo "PERL_CC=`$PERL_COMMAND -MConfig -e 'print $Config{cc}'`" >>$mft @@ -9,9 +11,11 @@ echo "PERL_LIBS=`$PERL_COMMAND -MExtUtils::Embed -e ldopts`" >>$mft echo "" >>$mft cat $mftt >> $mft ---- exim-4.73/src/EDITME.config 2010-12-26 18:17:23.000000000 +0000 -+++ exim-4.73/src/EDITME 2011-01-05 22:29:05.000000000 +0000 -@@ -100,7 +100,7 @@ +diff --git a/src/EDITME b/src/EDITME +index 3f818f3..6cc58a8 100644 +--- a/src/EDITME ++++ b/src/EDITME +@@ -98,7 +98,7 @@ # /usr/local/sbin. The installation script will try to create this directory, # and any superior directories, if they do not exist. @@ -20,7 +24,7 @@ #------------------------------------------------------------------------------ -@@ -116,7 +116,7 @@ BIN_DIRECTORY=/usr/exim/bin +@@ -114,7 +114,7 @@ BIN_DIRECTORY=/usr/exim/bin # don't exist. It will also install a default runtime configuration if this # file does not exist. @@ -29,7 +33,7 @@ # It is possible to specify a colon-separated list of files for CONFIGURE_FILE. # In this case, Exim will use the first of them that exists when it is run. -@@ -133,7 +133,7 @@ CONFIGURE_FILE=/usr/exim/configure +@@ -131,7 +131,7 @@ CONFIGURE_FILE=/usr/exim/configure # deliveries. (Local deliveries run as various non-root users, typically as the # owner of a local mailbox.) Specifying these values as root is not supported. @@ -38,7 +42,7 @@ # If you specify EXIM_USER as a name, this is looked up at build time, and the # uid number is built into the binary. However, you can specify that this -@@ -154,7 +154,7 @@ EXIM_USER= +@@ -152,7 +152,7 @@ EXIM_USER= # for EXIM_USER (e.g. EXIM_USER=exim), you don't need to set EXIM_GROUP unless # you want to use a group other than the default group for the given user. @@ -47,7 +51,7 @@ # Many sites define a user called "exim", with an appropriate default group, # and use -@@ -234,7 +234,7 @@ TRANSPORT_SMTP=yes +@@ -232,7 +232,7 @@ TRANSPORT_SMTP=yes # This one is special-purpose, and commonly not required, so it is not # included by default. @@ -56,7 +60,7 @@ #------------------------------------------------------------------------------ -@@ -243,9 +243,9 @@ TRANSPORT_SMTP=yes +@@ -241,9 +241,9 @@ TRANSPORT_SMTP=yes # MBX, is included only when requested. If you do not know what this is about, # leave these settings commented out. @@ -69,7 +73,7 @@ #------------------------------------------------------------------------------ -@@ -261,18 +261,20 @@ LOOKUP_DBM=yes +@@ -296,18 +296,20 @@ LOOKUP_DBM=yes LOOKUP_LSEARCH=yes LOOKUP_DNSDB=yes @@ -100,7 +104,7 @@ # LOOKUP_WHOSON=yes # These two settings are obsolete; all three lookups are compiled when -@@ -342,14 +345,14 @@ EXIM_MONITOR=eximon.bin +@@ -383,14 +385,14 @@ EXIM_MONITOR=eximon.bin # and the MIME ACL. Please read the documentation to learn more about these # features. @@ -117,7 +121,7 @@ # If you're using ClamAV and are backporting fixes to an old version, instead # of staying current (which is the more usual approach) then you may need to -@@ -482,7 +485,7 @@ FIXED_NEVER_USERS=root +@@ -560,7 +562,7 @@ FIXED_NEVER_USERS=root # CONFIGURE_OWNER setting, to specify a configuration file which is listed in # the TRUSTED_CONFIG_LIST file, then root privileges are not dropped by Exim. @@ -126,7 +130,7 @@ #------------------------------------------------------------------------------ -@@ -527,15 +530,13 @@ FIXED_NEVER_USERS=root +@@ -605,15 +607,13 @@ FIXED_NEVER_USERS=root # included in the Exim binary. You will then need to set up the run time # configuration to make use of the mechanism(s) selected. @@ -149,7 +153,7 @@ #------------------------------------------------------------------------------ -@@ -548,7 +551,7 @@ FIXED_NEVER_USERS=root +@@ -634,7 +634,7 @@ FIXED_NEVER_USERS=root # one that is set in the headers_charset option. The default setting is # defined by this setting: @@ -158,7 +162,7 @@ # If you are going to make use of $header_xxx expansions in your configuration # file, or if your users are going to use them in filter files, and the normal -@@ -568,7 +571,7 @@ HEADERS_CHARSET="ISO-8859-1" +@@ -654,7 +654,7 @@ HEADERS_CHARSET="ISO-8859-1" # the Sieve filter support. For those OS where iconv() is known to be installed # as standard, the file in OS/Makefile-xxxx contains # @@ -167,7 +171,7 @@ # # If you are not using one of those systems, but have installed iconv(), you # need to uncomment that line above. In some cases, you may find that iconv() -@@ -630,11 +633,11 @@ HEADERS_CHARSET="ISO-8859-1" +@@ -716,11 +716,11 @@ HEADERS_CHARSET="ISO-8859-1" # leave these settings commented out. # This setting is required for any TLS support (either OpenSSL or GnuTLS) @@ -182,7 +186,7 @@ # Uncomment the first and either the second or the third of these if you # are using GnuTLS. If you have pkg-config, then the second, else the third. -@@ -684,7 +688,7 @@ HEADERS_CHARSET="ISO-8859-1" +@@ -785,7 +785,7 @@ HEADERS_CHARSET="ISO-8859-1" # Once you have done this, "make install" will build the info files and # install them in the directory you have defined. @@ -191,7 +195,7 @@ #------------------------------------------------------------------------------ -@@ -697,7 +701,7 @@ HEADERS_CHARSET="ISO-8859-1" +@@ -798,7 +798,7 @@ HEADERS_CHARSET="ISO-8859-1" # %s. This will be replaced by one of the strings "main", "panic", or "reject" # to form the final file names. Some installations may want something like this: @@ -200,25 +204,7 @@ # which results in files with names /var/log/exim_mainlog, etc. The directory # in which the log files are placed must exist; Exim does not try to create -@@ -746,7 +750,7 @@ EXICYCLOG_MAX=10 - # files. Both the name of the command and the suffix that it adds to files - # need to be defined here. See also the EXICYCLOG_MAX configuration. - --COMPRESS_COMMAND=/usr/bin/gzip -+COMPRESS_COMMAND=/bin/gzip - COMPRESS_SUFFIX=gz - - -@@ -754,7 +758,7 @@ COMPRESS_SUFFIX=gz - # If the exigrep utility is fed compressed log files, it tries to uncompress - # them using this command. - --ZCAT_COMMAND=/usr/bin/zcat -+ZCAT_COMMAND=/bin/zcat - - - #------------------------------------------------------------------------------ -@@ -763,7 +767,7 @@ ZCAT_COMMAND=/usr/bin/zcat +@@ -864,7 +864,7 @@ ZCAT_COMMAND=/usr/bin/zcat # (version 5.004 or later) installed, set EXIM_PERL to perl.o. Using embedded # Perl costs quite a lot of resources. Only do this if you really need it. @@ -227,7 +213,7 @@ #------------------------------------------------------------------------------ -@@ -773,7 +777,7 @@ ZCAT_COMMAND=/usr/bin/zcat +@@ -874,7 +874,7 @@ ZCAT_COMMAND=/usr/bin/zcat # that the local_scan API is made available by the linker. You may also need # to add -ldl to EXTRALIBS so that dlopen() is available to Exim. @@ -236,7 +222,7 @@ #------------------------------------------------------------------------------ -@@ -783,7 +787,7 @@ ZCAT_COMMAND=/usr/bin/zcat +@@ -884,7 +884,7 @@ ZCAT_COMMAND=/usr/bin/zcat # support, which is intended for use in conjunction with the SMTP AUTH # facilities, is included only when requested by the following setting: @@ -245,7 +231,7 @@ # You probably need to add -lpam to EXTRALIBS, and in some releases of # GNU/Linux -ldl is also needed. -@@ -851,7 +855,7 @@ ZCAT_COMMAND=/usr/bin/zcat +@@ -952,7 +952,7 @@ ZCAT_COMMAND=/usr/bin/zcat # group. Once you have installed saslauthd, you should arrange for it to be # started by root at boot time. @@ -254,7 +240,7 @@ #------------------------------------------------------------------------------ -@@ -864,9 +868,9 @@ ZCAT_COMMAND=/usr/bin/zcat +@@ -965,9 +965,9 @@ ZCAT_COMMAND=/usr/bin/zcat # You may well also have to specify a local "include" file and an additional # library for TCP wrappers, so you probably need something like this: # @@ -267,7 +253,7 @@ # # but of course there may need to be other things in CFLAGS and EXTRALIBS_EXIM # as well. -@@ -918,17 +922,17 @@ SYSTEM_ALIASES_FILE=/etc/aliases +@@ -1019,7 +1019,7 @@ SYSTEM_ALIASES_FILE=/etc/aliases # is "yes", as well as supporting line editing, a history of input lines in the # current run is maintained. @@ -276,9 +262,7 @@ # You may need to add -ldl to EXTRALIBS when you set USE_READLINE=yes. # Note that this option adds to the size of the Exim binary, because the - # dynamic loading library is not otherwise included. - - +@@ -1029,7 +1029,7 @@ SYSTEM_ALIASES_FILE=/etc/aliases #------------------------------------------------------------------------------ # Uncomment this setting to include IPv6 support. @@ -287,7 +271,7 @@ ############################################################################### # THINGS YOU ALMOST NEVER NEED TO MENTION # -@@ -945,13 +949,13 @@ SYSTEM_ALIASES_FILE=/etc/aliases +@@ -1050,13 +1050,13 @@ SYSTEM_ALIASES_FILE=/etc/aliases # haven't got Perl, Exim will still build and run; you just won't be able to # use those utilities. @@ -298,17 +282,17 @@ -# RM_COMMAND=/bin/rm -# TOUCH_COMMAND=/usr/bin/touch -# PERL_COMMAND=/usr/bin/perl -+CHOWN_COMMAND=/bin/chown -+CHGRP_COMMAND=/bin/chgrp -+CHMOD_COMMAND=/bin/chmod -+MV_COMMAND=/bin/mv -+RM_COMMAND=/bin/rm -+TOUCH_COMMAND=/bin/touch ++CHOWN_COMMAND=/usr/bin/chown ++CHGRP_COMMAND=/usr/bin/chgrp ++CHMOD_COMMAND=/usr/bin/chmod ++MV_COMMAND=/usr/bin/mv ++RM_COMMAND=/usr/bin/rm ++TOUCH_COMMAND=/usr/bin/touch +PERL_COMMAND=/usr/bin/perl #------------------------------------------------------------------------------ -@@ -1145,7 +1149,7 @@ TMPDIR="/tmp" +@@ -1256,7 +1256,7 @@ TMPDIR="/tmp" # (process id) to a file so that it can easily be identified. The path of the # file can be specified here. Some installations may want something like this: diff --git a/exim-4.33-cyrus.patch b/exim-4.82-cyrus.patch similarity index 72% rename from exim-4.33-cyrus.patch rename to exim-4.82-cyrus.patch index 1b0e174..e4978da 100644 --- a/exim-4.33-cyrus.patch +++ b/exim-4.82-cyrus.patch @@ -1,6 +1,8 @@ ---- exim-4.33/src/configure.default.cyrus 2004-07-02 15:00:27.941635455 +0200 -+++ exim-4.33/src/configure.default 2004-07-02 15:41:39.505133889 +0200 -@@ -595,6 +595,16 @@ +diff --git a/src/configure.default b/src/configure.default +index b631a4d..153c77b 100644 +--- a/src/configure.default ++++ b/src/configure.default +@@ -721,6 +721,16 @@ address_reply: driver = autoreply diff --git a/exim-4.71-dlopen-localscan.patch b/exim-4.82-dlopen-localscan.patch similarity index 86% rename from exim-4.71-dlopen-localscan.patch rename to exim-4.82-dlopen-localscan.patch index 09ebad8..ac5233c 100644 --- a/exim-4.71-dlopen-localscan.patch +++ b/exim-4.82-dlopen-localscan.patch @@ -1,17 +1,32 @@ ---- exim-4.71/src/globals.c.dl 2009-11-16 19:50:37.000000000 +0000 -+++ exim-4.71/src/globals.c 2009-12-24 19:27:17.000000000 +0000 -@@ -129,6 +129,9 @@ uschar *tls_verify_certificates= NULL; - uschar *tls_verify_hosts = NULL; - #endif +diff --git a/src/EDITME b/src/EDITME +index 6cc58a8..07f8211 100644 +--- a/src/EDITME ++++ b/src/EDITME +@@ -770,6 +770,20 @@ TLS_LIBS=-lssl -lcrypto -+#ifdef DLOPEN_LOCAL_SCAN -+uschar *local_scan_path = NULL; -+#endif - /* Input-reading functions for messages, so we can use special ones for - incoming TCP/IP. The defaults use stdin. We never need these for any ---- exim-4.71/src/config.h.defaults.dl 2009-11-16 19:50:36.000000000 +0000 -+++ exim-4.71/src/config.h.defaults 2009-12-24 19:27:17.000000000 +0000 + #------------------------------------------------------------------------------ ++# On systems which support dynamic loading of shared libraries, Exim can ++# load a local_scan function specified in its config file instead of having ++# to be recompiled with the desired local_scan function. For a full ++# description of the API to this function, see the Exim specification. ++ ++DLOPEN_LOCAL_SCAN=yes ++ ++# If you set DLOPEN_LOCAL_SCAN, then you need to include -rdynamic in the ++# linker flags. Without it, the loaded .so won't be able to access any ++# functions from exim. ++ ++LFLAGS=-rdynamic -ldl ++ ++#------------------------------------------------------------------------------ + # The default distribution of Exim contains only the plain text form of the + # documentation. Other forms are available separately. If you want to install + # the documentation in "info" format, first fetch the Texinfo documentation +diff --git a/src/config.h.defaults b/src/config.h.defaults +index 8c1e799..d5f9e55 100644 +--- a/src/config.h.defaults ++++ b/src/config.h.defaults @@ -27,6 +27,8 @@ it's a default value. */ #define AUTH_VARS 3 @@ -21,21 +36,40 @@ #define BIN_DIRECTORY #define CONFIGURE_FILE ---- exim-4.71/src/readconf.c.dl 2009-11-16 19:50:37.000000000 +0000 -+++ exim-4.71/src/readconf.c 2009-12-24 19:27:17.000000000 +0000 -@@ -269,6 +269,9 @@ static optionlist optionlist_config[] = - { "local_from_prefix", opt_stringptr, &local_from_prefix }, - { "local_from_suffix", opt_stringptr, &local_from_suffix }, - { "local_interfaces", opt_stringptr, &local_interfaces }, +diff --git a/src/globals.c b/src/globals.c +index 133a7bf..4423f07 100644 +--- a/src/globals.c ++++ b/src/globals.c +@@ -149,6 +149,10 @@ uschar *tls_verify_certificates= NULL; + uschar *tls_verify_hosts = NULL; + #endif + +#ifdef DLOPEN_LOCAL_SCAN -+ { "local_scan_path", opt_stringptr, &local_scan_path }, ++uschar *local_scan_path = NULL; +#endif - { "local_scan_timeout", opt_time, &local_scan_timeout }, - { "local_sender_retain", opt_bool, &local_sender_retain }, - { "localhost_number", opt_stringptr, &host_number_string }, ---- exim-4.71/src/local_scan.c.dl 2009-11-16 19:50:37.000000000 +0000 -+++ exim-4.71/src/local_scan.c 2009-12-24 19:27:17.000000000 +0000 -@@ -7,60 +7,131 @@ ++ + #ifdef EXPERIMENTAL_PRDR + /* Per Recipient Data Response variables */ + BOOL prdr_enable = FALSE; +diff --git a/src/globals.h b/src/globals.h +index 265f94e..fde0f47 100644 +--- a/src/globals.h ++++ b/src/globals.h +@@ -117,6 +117,9 @@ extern uschar *tls_verify_certificates;/* Path for certificates to check */ + extern uschar *tls_verify_hosts; /* Mandatory client verification */ + #endif + ++#ifdef DLOPEN_LOCAL_SCAN ++extern uschar *local_scan_path; /* Path to local_scan() library */ ++#endif + + /* Input-reading functions for messages, so we can use special ones for + incoming TCP/IP. */ +diff --git a/src/local_scan.c b/src/local_scan.c +index 3500047..8599172 100644 +--- a/src/local_scan.c ++++ b/src/local_scan.c +@@ -5,60 +5,131 @@ /* Copyright (c) University of Cambridge 1995 - 2009 */ /* See the file NOTICE for conditions of use and distribution. */ @@ -129,8 +163,8 @@ +else +#endif + return LOCAL_SCAN_ACCEPT; -+} -+ + } + +#ifdef DLOPEN_LOCAL_SCAN + +static int load_local_scan_library(void) @@ -204,48 +238,27 @@ + { + dlclose(local_scan_lib); + log_write(0, LOG_MAIN|LOG_REJECT, "local_scan() library doesn't contain " -+ "local_scan() function - message temporarily rejected"); ++ "local_scan() function - message temporarily rejected"); + return FALSE; + } + +return TRUE; - } - ++} ++ +#endif /* DLOPEN_LOCAL_SCAN */ + /* End of local_scan.c */ ---- exim-4.71/src/globals.h.dl 2009-11-16 19:50:37.000000000 +0000 -+++ exim-4.71/src/globals.h 2009-12-24 19:27:17.000000000 +0000 -@@ -89,6 +89,9 @@ extern uschar *tls_verify_certificates;/ - extern uschar *tls_verify_hosts; /* Mandatory client verification */ - #endif - +diff --git a/src/readconf.c b/src/readconf.c +index 77c7984..da9d582 100644 +--- a/src/readconf.c ++++ b/src/readconf.c +@@ -286,6 +286,9 @@ static optionlist optionlist_config[] = { + { "local_from_prefix", opt_stringptr, &local_from_prefix }, + { "local_from_suffix", opt_stringptr, &local_from_suffix }, + { "local_interfaces", opt_stringptr, &local_interfaces }, +#ifdef DLOPEN_LOCAL_SCAN -+extern uschar *local_scan_path; /* Path to local_scan() library */ ++ { "local_scan_path", opt_stringptr, &local_scan_path }, +#endif - - /* Input-reading functions for messages, so we can use special ones for - incoming TCP/IP. */ ---- exim-4.71/src/EDITME.dl 2009-12-24 19:26:59.000000000 +0000 -+++ exim-4.71/src/EDITME 2009-12-24 19:27:17.000000000 +0000 -@@ -632,6 +632,20 @@ TLS_LIBS=-lssl -lcrypto - - - #------------------------------------------------------------------------------ -+# On systems which support dynamic loading of shared libraries, Exim can -+# load a local_scan function specified in its config file instead of having -+# to be recompiled with the desired local_scan function. For a full -+# description of the API to this function, see the Exim specification. -+ -+DLOPEN_LOCAL_SCAN=yes -+ -+# If you set DLOPEN_LOCAL_SCAN, then you need to include -rdynamic in the -+# linker flags. Without it, the loaded .so won't be able to access any -+# functions from exim. -+ -+LFLAGS=-rdynamic -ldl -+ -+#------------------------------------------------------------------------------ - # The default distribution of Exim contains only the plain text form of the - # documentation. Other forms are available separately. If you want to install - # the documentation in "info" format, first fetch the Texinfo documentation + { "local_scan_timeout", opt_time, &local_scan_timeout }, + { "local_sender_retain", opt_bool, &local_sender_retain }, + { "localhost_number", opt_stringptr, &host_number_string }, diff --git a/exim-4.69-dynlookup-config.patch b/exim-4.82-dynlookup-config.patch similarity index 77% rename from exim-4.69-dynlookup-config.patch rename to exim-4.82-dynlookup-config.patch index 0792b89..a768af2 100644 --- a/exim-4.69-dynlookup-config.patch +++ b/exim-4.82-dynlookup-config.patch @@ -1,6 +1,8 @@ ---- exim-4.69/src/EDITME.orig 2008-08-13 15:30:05.000000000 +0100 -+++ exim-4.69/src/EDITME 2008-08-13 15:30:56.000000000 +0100 -@@ -282,14 +282,16 @@ +diff --git a/src/EDITME b/src/EDITME +index 07f8211..7d7a4a4 100644 +--- a/src/EDITME ++++ b/src/EDITME +@@ -301,14 +301,16 @@ LOOKUP_DSEARCH=yes # LOOKUP_IBASE=yes LOOKUP_LDAP=yes LDAP_LIB_TYPE=OPENLDAP2 diff --git a/exim-4.66-greylist-conf.patch b/exim-4.82-greylist-conf.patch similarity index 89% rename from exim-4.66-greylist-conf.patch rename to exim-4.82-greylist-conf.patch index 264212c..eac3cbc 100644 --- a/exim-4.66-greylist-conf.patch +++ b/exim-4.82-greylist-conf.patch @@ -1,6 +1,8 @@ ---- exim-4.66/src/configure.default.grey 2007-02-07 13:07:40.000000000 +0000 -+++ exim-4.66/src/configure.default 2007-02-08 10:16:17.000000000 +0000 -@@ -105,6 +105,7 @@ hostlist relay_from_hosts = 127.0.0.1 +diff --git a/src/configure.default b/src/configure.default +index 3728043..0126880 100644 +--- a/src/configure.default ++++ b/src/configure.default +@@ -106,6 +106,7 @@ hostlist relay_from_hosts = localhost # manual for details. The lists above are used in the access control lists for # checking incoming messages. The names of these ACLs are defined here: @@ -8,7 +10,7 @@ acl_smtp_rcpt = acl_check_rcpt acl_smtp_data = acl_check_data acl_smtp_mime = acl_check_mime -@@ -318,6 +319,29 @@ timeout_frozen_after = 7d +@@ -340,6 +341,29 @@ timeout_frozen_after = 7d begin acl @@ -27,10 +29,10 @@ + + # Use the lack of reverse DNS to trigger greylisting. Some people + # even reject for it but that would be a little excessive. -+ ++ + warn condition = ${if eq{$sender_host_name}{} {1}} + set acl_m_greylistreasons = Host $sender_host_address lacks reverse DNS\n$acl_m_greylistreasons -+ ++ + accept + + @@ -38,7 +40,7 @@ # This access control list is used for every RCPT command in an incoming # SMTP message. The tests are run in order until the address is either # accepted or denied. -@@ -435,7 +459,8 @@ acl_check_rcpt: +@@ -460,7 +484,8 @@ acl_check_rcpt: # There are no default checks on DNS black lists because the domains that # contain these lists are changing all the time. However, here are two # examples of how you can get Exim to perform a DNS black list lookup at this @@ -48,7 +50,7 @@ # # deny message = rejected because $sender_host_address is in a black list at $dnslist_domain\n$dnslist_text # dnslists = black.list.example -@@ -443,6 +468,10 @@ acl_check_rcpt: +@@ -468,6 +493,10 @@ acl_check_rcpt: # warn dnslists = black.list.example # add_header = X-Warning: $sender_host_address is in a black list at $dnslist_domain # log_message = found in $dnslist_domain @@ -59,7 +61,7 @@ ############################################################################# ############################################################################# -@@ -456,6 +485,10 @@ acl_check_rcpt: +@@ -481,6 +510,10 @@ acl_check_rcpt: # require verify = csa ############################################################################# @@ -70,12 +72,12 @@ # At this point, the address has passed all the checks that have been # configured, so we accept it unconditionally. -@@ -481,6 +514,12 @@ acl_check_data: +@@ -506,6 +539,12 @@ acl_check_data: # deny condition = ${if !def:h_Message-ID: {1}} # message = RFC2822 says that all mail SHOULD have a Message-ID header.\n\ # Most messages without it are spam, so your mail has been rejected. + # -+ # Alternatively if we're feeling more lenient we could just use it to ++ # Alternatively if we're feeling more lenient we could just use it to + # trigger greylisting instead: + + warn condition = ${if !def:h_Message-ID: {1}} @@ -83,7 +85,7 @@ # Deny if the message contains a virus. Before enabling this check, you # must install a virus scanner and set the av_scanner option above. -@@ -515,8 +554,30 @@ acl_check_data: +@@ -540,8 +579,30 @@ acl_check_data: # message = Your message scored $spam_score SpamAssassin point. Report follows:\n\ # $spam_report @@ -109,7 +111,7 @@ + accept -+# To enable the greylisting, also uncomment this line: ++# To enable the greylisting, also uncomment this line: +# .include /etc/exim/exim-greylist.conf.inc acl_check_mime: diff --git a/exim-4.24-libdir.patch b/exim-4.82-libdir.patch similarity index 53% rename from exim-4.24-libdir.patch rename to exim-4.82-libdir.patch index 7144305..bf3cc3a 100644 --- a/exim-4.24-libdir.patch +++ b/exim-4.82-libdir.patch @@ -1,6 +1,8 @@ ---- exim-4.24/OS/Makefile-Linux.libdir 2003-09-22 10:29:52.000000000 +0200 -+++ exim-4.24/OS/Makefile-Linux 2003-11-13 12:05:15.000000000 +0100 -@@ -17,8 +17,8 @@ +diff --git a/OS/Makefile-Linux b/OS/Makefile-Linux +index 990f884..d1ef114 100644 +--- a/OS/Makefile-Linux ++++ b/OS/Makefile-Linux +@@ -24,8 +24,8 @@ LIBRESOLV = -lresolv X11=/usr/X11R6 XINCLUDE=-I$(X11)/include diff --git a/exim-4.82-localhost-is-local.patch b/exim-4.82-localhost-is-local.patch new file mode 100644 index 0000000..47cff55 --- /dev/null +++ b/exim-4.82-localhost-is-local.patch @@ -0,0 +1,13 @@ +diff --git a/src/configure.default b/src/configure.default +index 52e0536..3728043 100644 +--- a/src/configure.default ++++ b/src/configure.default +@@ -54,7 +54,7 @@ + # +local_domains, +relay_to_domains, and +relay_from_hosts, respectively. They + # are all colon-separated lists: + +-domainlist local_domains = @ ++domainlist local_domains = @ : localhost : localhost.localdomain + domainlist relay_to_domains = + hostlist relay_from_hosts = localhost + # (We rely upon hostname resolution working for localhost, because the default diff --git a/exim-4.43-pamconfig.patch b/exim-4.82-pamconfig.patch similarity index 82% rename from exim-4.43-pamconfig.patch rename to exim-4.82-pamconfig.patch index 3c76bd8..3906975 100644 --- a/exim-4.43-pamconfig.patch +++ b/exim-4.82-pamconfig.patch @@ -1,7 +1,8 @@ -diff -uNr exim-4.69-new/src/configure.default exim-4.69/src/configure.default ---- exim-4.69-new/src/configure.default 2008-08-13 15:15:01.000000000 +0100 -+++ exim-4.69/src/configure.default 2008-08-13 15:16:44.000000000 +0100 -@@ -140,7 +140,7 @@ +diff --git a/src/configure.default b/src/configure.default +index 153c77b..38f0f56 100644 +--- a/src/configure.default ++++ b/src/configure.default +@@ -141,7 +141,7 @@ acl_smtp_data = acl_check_data # Allow any client to use TLS. @@ -10,7 +11,7 @@ diff -uNr exim-4.69-new/src/configure.default exim-4.69/src/configure.default # Specify the location of the Exim server's TLS certificate and private key. # The private key must not be encrypted (password protected). You can put -@@ -148,8 +148,8 @@ +@@ -149,8 +149,8 @@ acl_smtp_data = acl_check_data # need the first setting, or in separate files, in which case you need both # options. @@ -21,7 +22,7 @@ diff -uNr exim-4.69-new/src/configure.default exim-4.69/src/configure.default # In order to support roaming users who wish to send email from anywhere, # you may want to make Exim listen on other ports as well as port 25, in -@@ -160,8 +160,8 @@ +@@ -161,8 +161,8 @@ acl_smtp_data = acl_check_data # them you should also allow TLS-on-connect on the traditional but # non-standard port 465. @@ -32,7 +33,7 @@ diff -uNr exim-4.69-new/src/configure.default exim-4.69/src/configure.default # Specify the domain you want to be added to all unqualified addresses -@@ -219,6 +219,24 @@ +@@ -220,6 +220,24 @@ never_users = root host_lookup = * @@ -57,21 +58,21 @@ diff -uNr exim-4.69-new/src/configure.default exim-4.69/src/configure.default # The settings below, which are actually the same as the defaults in the # code, cause Exim to make RFC 1413 (ident) callbacks for all incoming SMTP -@@ -756,7 +774,7 @@ +@@ -800,7 +818,7 @@ begin authenticators # driver = plaintext # server_set_id = $auth2 # server_prompts = : -# server_condition = Authentication is not yet configured +# server_condition = ${if saslauthd{{$2}{$3}{smtp}} {1}} - # server_advertise_condition = ${if def:tls_cipher } + # server_advertise_condition = ${if def:tls_in_cipher } # LOGIN authentication has traditional prompts and responses. There is no -@@ -768,7 +786,7 @@ +@@ -812,7 +830,7 @@ begin authenticators # driver = plaintext # server_set_id = $auth1 # server_prompts = <| Username: | Password: -# server_condition = Authentication is not yet configured +# server_condition = ${if saslauthd{{$1}{$2}{smtp}} {1}} - # server_advertise_condition = ${if def:tls_cipher } + # server_advertise_condition = ${if def:tls_in_cipher } diff --git a/exim-4.63-procmail.patch b/exim-4.82-procmail.patch similarity index 77% rename from exim-4.63-procmail.patch rename to exim-4.82-procmail.patch index b8c233c..06e6e46 100644 --- a/exim-4.63-procmail.patch +++ b/exim-4.82-procmail.patch @@ -1,6 +1,8 @@ ---- exim-4.63/src/configure.default~ 2006-09-03 15:02:28.000000000 -0700 -+++ exim-4.63/src/configure.default 2006-09-03 15:46:53.000000000 -0700 -@@ -680,6 +680,12 @@ userforward: +diff --git a/src/configure.default b/src/configure.default +index 8b599d2..37a6a00 100644 +--- a/src/configure.default ++++ b/src/configure.default +@@ -692,6 +692,12 @@ userforward: pipe_transport = address_pipe reply_transport = address_reply @@ -13,7 +15,7 @@ # This router matches local user mailboxes. If the router fails, the error # message is "Unknown user". -@@ -717,6 +723,16 @@ begin transports +@@ -729,6 +735,16 @@ begin transports remote_smtp: driver = smtp diff --git a/exim-4.67-smarthost-config.patch b/exim-4.82-smarthost-config.patch similarity index 57% rename from exim-4.67-smarthost-config.patch rename to exim-4.82-smarthost-config.patch index 84b6085..89254b1 100644 --- a/exim-4.67-smarthost-config.patch +++ b/exim-4.82-smarthost-config.patch @@ -1,27 +1,8 @@ ---- exim-4.67/src/configure.default~ 2007-06-27 09:28:31.000000000 +0100 -+++ exim-4.67/src/configure.default 2007-06-27 09:57:09.000000000 +0100 -@@ -636,6 +636,20 @@ dnslookup: - ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8 - no_more - -+# Alternatively, comment out the above router and uncomment this one to -+# route all mail to a smarthost instead of sending it directly to the -+# intended recipients. If your smarthost requires authentication, change -+# 'remote_smtp' to 'remote_msa' and set up the 'client_auth' authenticator -+# later in this file. You might need to change the port number in the -+# remote_msa transport. -+# -+#smarthost: -+# driver = manualroute -+# domains = ! +local_domains -+# transport = remote_smtp -+# route_data = smarthost.myisp.net -+# no_more -+ - - # The remaining routers handle addresses in the local domain(s), that is those - # domains that are defined by "domainlist local_domains" above. -@@ -752,6 +766,15 @@ begin transports +diff --git a/src/configure.default b/src/configure.default +index 0126880..b7c30ac 100644 +--- a/src/configure.default ++++ b/src/configure.default +@@ -796,6 +796,15 @@ begin transports remote_smtp: driver = smtp @@ -37,7 +18,7 @@ # This transport invokes procmail to deliver mail procmail: driver = pipe -@@ -854,6 +877,21 @@ begin rewrite +@@ -904,6 +913,21 @@ begin rewrite # AUTHENTICATION CONFIGURATION # ###################################################################### @@ -59,12 +40,12 @@ # The following authenticators support plaintext username/password # authentication using the standard PLAIN mechanism and the traditional # but non-standard LOGIN mechanism, with Exim acting as the server. -@@ -869,7 +907,7 @@ begin rewrite +@@ -919,7 +943,7 @@ begin rewrite # The default RCPT ACL checks for successful authentication, and will accept # messages from authenticated users from anywhere on the Internet. -begin authenticators -+# ++# # PLAIN authentication has no server prompts. The client sends its # credentials in one lump, containing an authorization ID (which we do not diff --git a/exim-4.50-spamdconf.patch b/exim-4.82-spamdconf.patch similarity index 91% rename from exim-4.50-spamdconf.patch rename to exim-4.82-spamdconf.patch index 98cafdd..e13b57f 100644 --- a/exim-4.50-spamdconf.patch +++ b/exim-4.82-spamdconf.patch @@ -1,7 +1,8 @@ -diff -uNr exim-4.69-old/src/configure.default exim-4.69/src/configure.default ---- exim-4.69-old/src/configure.default 2008-08-13 15:20:18.000000000 +0100 -+++ exim-4.69/src/configure.default 2008-08-13 15:20:36.000000000 +0100 -@@ -107,6 +107,7 @@ +diff --git a/src/configure.default b/src/configure.default +index 38f0f56..8b599d2 100644 +--- a/src/configure.default ++++ b/src/configure.default +@@ -108,6 +108,7 @@ hostlist relay_from_hosts = localhost acl_smtp_rcpt = acl_check_rcpt acl_smtp_data = acl_check_data @@ -9,7 +10,7 @@ diff -uNr exim-4.69-old/src/configure.default exim-4.69/src/configure.default # You should not change those settings until you understand how ACLs work. -@@ -119,7 +120,7 @@ +@@ -120,7 +121,7 @@ acl_smtp_data = acl_check_data # of what to set for other virus scanners. The second modification is in the # acl_check_data access control list (see below). @@ -18,7 +19,7 @@ diff -uNr exim-4.69-old/src/configure.default exim-4.69/src/configure.default # For spam scanning, there is a similar option that defines the interface to -@@ -380,7 +381,8 @@ +@@ -403,7 +404,8 @@ acl_check_rcpt: accept local_parts = postmaster domains = +local_domains @@ -28,7 +29,7 @@ diff -uNr exim-4.69-old/src/configure.default exim-4.69/src/configure.default require verify = sender -@@ -470,27 +472,63 @@ +@@ -495,27 +497,63 @@ acl_check_rcpt: acl_check_data: @@ -51,18 +52,11 @@ diff -uNr exim-4.69-old/src/configure.default exim-4.69/src/configure.default - # Add headers to a message if it is judged to be spam. Before enabling this, - # you must install SpamAssassin. You may also need to set the spamd_address - # option above. -- # -- # warn spam = nobody -- # add_header = X-Spam_score: $spam_score\n\ -- # X-Spam_score_int: $spam_score_int\n\ -- # X-Spam_bar: $spam_bar\n\ -- # X-Spam_report: $spam_report + # Bypass SpamAssassin checks if the message is too large. + # + # accept condition = ${if >={$message_size}{100000} {1}} + # add_header = X-Spam-Note: SpamAssassin run bypassed due to message size - -- # Accept the message. ++ + # Run SpamAssassin, but allow for it to fail or time out. Add a warning message + # and accept the mail if that happens. Add an X-Spam-Flag: header if the SA + # score exceeds the SA system threshold. @@ -72,13 +66,19 @@ diff -uNr exim-4.69-old/src/configure.default exim-4.69/src/configure.default + # + # accept condition = ${if !def:spam_score_int {1}} + # add_header = X-Spam-Note: SpamAssassin invocation failed -+ # + # +- # warn spam = nobody +- # add_header = X-Spam_score: $spam_score\n\ +- # X-Spam_score_int: $spam_score_int\n\ +- # X-Spam_bar: $spam_bar\n\ +- # X-Spam_report: $spam_report + + # Unconditionally add score and report headers + # + # warn add_header = X-Spam-Score: $spam_score ($spam_bar)\n\ + # X-Spam-Report: $spam_report -+ + +- # Accept the message. + # And reject if the SpamAssassin score is greater than ten + # + # deny condition = ${if >{$spam_score_int}{100} {1}} diff --git a/exim-rhl.patch b/exim-rhl.patch index 8143c0d..c91b528 100644 --- a/exim-rhl.patch +++ b/exim-rhl.patch @@ -1,7 +1,8 @@ -diff -uNr exim-4.69.orig/src/configure.default exim-4.69/src/configure.default ---- exim-4.69.orig/src/configure.default 2007-06-26 12:21:36.000000000 +0100 -+++ exim-4.69/src/configure.default 2008-08-13 14:41:14.000000000 +0100 -@@ -548,7 +548,7 @@ +diff --git a/src/configure.default b/src/configure.default +index 1274349..b631a4d 100644 +--- a/src/configure.default ++++ b/src/configure.default +@@ -590,7 +590,7 @@ system_aliases: driver = redirect allow_fail allow_defer @@ -10,7 +11,7 @@ diff -uNr exim-4.69.orig/src/configure.default exim-4.69/src/configure.default # user = exim file_transport = address_file pipe_transport = address_pipe -@@ -643,8 +643,8 @@ +@@ -687,8 +687,8 @@ local_delivery: delivery_date_add envelope_to_add return_path_add diff --git a/exim.spec b/exim.spec index e6f97a3..9213205 100644 --- a/exim.spec +++ b/exim.spec @@ -13,8 +13,8 @@ Summary: The exim mail transfer agent Name: exim -Version: 4.80.1 -Release: 6%{?dist} +Version: 4.82 +Release: 1%{?dist} License: GPLv2+ Url: http://www.exim.org/ Group: System Environment/Daemons @@ -50,18 +50,18 @@ Source25: exim-gen-cert Source26: clamd.exim.service Patch4: exim-rhl.patch -Patch6: exim-4.80-config.patch -Patch8: exim-4.24-libdir.patch -Patch12: exim-4.33-cyrus.patch -Patch13: exim-4.43-pamconfig.patch -Patch14: exim-4.50-spamdconf.patch -Patch18: exim-4.71-dlopen-localscan.patch -Patch19: exim-4.63-procmail.patch -Patch20: exim-4.63-allow-filter.patch -Patch21: exim-4.63-localhost-is-local.patch -Patch22: exim-4.66-greylist-conf.patch -Patch23: exim-4.67-smarthost-config.patch -Patch25: exim-4.69-dynlookup-config.patch +Patch6: exim-4.82-config.patch +Patch8: exim-4.82-libdir.patch +Patch12: exim-4.82-cyrus.patch +Patch13: exim-4.82-pamconfig.patch +Patch14: exim-4.82-spamdconf.patch +Patch18: exim-4.82-dlopen-localscan.patch +Patch19: exim-4.82-procmail.patch +Patch20: exim-4.82-allow-filter.patch +Patch21: exim-4.82-localhost-is-local.patch +Patch22: exim-4.82-greylist-conf.patch +Patch23: exim-4.82-smarthost-config.patch +Patch25: exim-4.82-dynlookup-config.patch Requires: /etc/pki/tls/certs /etc/pki/tls/private Requires: /etc/aliases @@ -472,7 +472,7 @@ fi %{_bindir}/rmail.exim %{_bindir}/newaliases.exim /usr/lib/sendmail.exim -%{_mandir}/*/* +%{_mandir}/man8/* %dir %{_libdir}/exim %dir %{_libdir}/exim/%{version}-%{release} %dir %{_libdir}/exim/%{version}-%{release}/lookups @@ -603,6 +603,13 @@ test "$1" = 0 || %{_initrddir}/clamd.exim condrestart >/dev/null 2>&1 || : %{_sysconfdir}/cron.daily/greylist-tidy.sh %changelog +* Tue Oct 29 2013 Jaroslav Škarvada - 4.82-1 +- New version + Resolves: rhbz#1024196 +- Fixed bogus dates in the changelog (best effort) +- De-fuzzified patches +- Fixed double packaging of mailq.1.gz + * Sat Aug 03 2013 Petr Pisar - 4.80.1-6 - Perl 5.18 rebuild @@ -835,7 +842,7 @@ test "$1" = 0 || %{_initrddir}/clamd.exim condrestart >/dev/null 2>&1 || : - fixed permissions for some binaries - fixed pam file to use include instead of pam_stack -* Fri Jul 4 2006 David Woodhouse 4.62-4 +* Tue Jul 4 2006 David Woodhouse 4.62-4 - Package review * Wed Jun 28 2006 David Woodhouse 4.62-3 @@ -1187,7 +1194,7 @@ test "$1" = 0 || %{_initrddir}/clamd.exim condrestart >/dev/null 2>&1 || : - Added eximconfig script, thanks to Mark Baker - Exim now uses the Berkeley DB library. -* Fri Aug 4 1999 Mark Bergsma +* Wed Aug 4 1999 Mark Bergsma - Upgraded to version 3.03 - Removed version number out of the spec file name. diff --git a/sources b/sources index d622a66..e3268cf 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -1a95dc9f02834b1b7430403a75edf162 exim-4.80.1.tar.bz2 +feb933baa4db773c2ef76b794c60b647 exim-4.82.tar.bz2 From af098d03b9fe9979773efadc406c7134b3864930 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jaroslav=20=C5=A0karvada?= Date: Mon, 2 Jun 2014 14:50:50 +0200 Subject: [PATCH 123/194] New version --- exim.spec | 5 ++++- sources | 2 +- 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/exim.spec b/exim.spec index 9213205..97dc51e 100644 --- a/exim.spec +++ b/exim.spec @@ -13,7 +13,7 @@ Summary: The exim mail transfer agent Name: exim -Version: 4.82 +Version: 4.82.1 Release: 1%{?dist} License: GPLv2+ Url: http://www.exim.org/ @@ -603,6 +603,9 @@ test "$1" = 0 || %{_initrddir}/clamd.exim condrestart >/dev/null 2>&1 || : %{_sysconfdir}/cron.daily/greylist-tidy.sh %changelog +* Mon Jun 2 2014 Jaroslav Škarvada - 4.82.1-1 +- New version + * Tue Oct 29 2013 Jaroslav Škarvada - 4.82-1 - New version Resolves: rhbz#1024196 diff --git a/sources b/sources index e3268cf..f34ddca 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -feb933baa4db773c2ef76b794c60b647 exim-4.82.tar.bz2 +4544696ce6689ba9141a0697f25a74cb exim-4.82.1.tar.bz2 From d9be75467e4410137cad39784559ece06d9b242a Mon Sep 17 00:00:00 2001 From: Dennis Gilmore Date: Sat, 7 Jun 2014 06:13:41 -0500 Subject: [PATCH 124/194] - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild --- exim.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/exim.spec b/exim.spec index 97dc51e..3e7658c 100644 --- a/exim.spec +++ b/exim.spec @@ -14,7 +14,7 @@ Summary: The exim mail transfer agent Name: exim Version: 4.82.1 -Release: 1%{?dist} +Release: 2%{?dist} License: GPLv2+ Url: http://www.exim.org/ Group: System Environment/Daemons @@ -603,6 +603,9 @@ test "$1" = 0 || %{_initrddir}/clamd.exim condrestart >/dev/null 2>&1 || : %{_sysconfdir}/cron.daily/greylist-tidy.sh %changelog +* Sat Jun 07 2014 Fedora Release Engineering - 4.82.1-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild + * Mon Jun 2 2014 Jaroslav Škarvada - 4.82.1-1 - New version From 75dfce713c0b93f827f2b02ac4d1bea84e4caadd Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jaroslav=20=C5=A0karvada?= Date: Wed, 9 Jul 2014 15:03:25 +0200 Subject: [PATCH 125/194] Dropped support for FC6 and earlier, without sa and with clamav are now the defaults, they can be overriden by --with / --without --- exim.spec | 42 ++++++++++++++++++++++-------------------- 1 file changed, 22 insertions(+), 20 deletions(-) diff --git a/exim.spec b/exim.spec index 3e7658c..bb787cd 100644 --- a/exim.spec +++ b/exim.spec @@ -1,20 +1,16 @@ # SA-Exim has long since been obsoleted by the proper built-in ACL support -# from exiscan. Disable it for FC6 unless people scream. -%if 0%{?fedora} < 6 -%define buildsa 1 -%endif +# from exiscan. Disable it by default +%bcond_with sa -# Build clamav subpackage for FC5 and above. -%if 0%{?fedora} >= 5 -%define buildclam 1 -%endif +# Build clamav subpackage by default +%bcond_without clamav %global sysv2systemdnvr 4.76-6 Summary: The exim mail transfer agent Name: exim Version: 4.82.1 -Release: 2%{?dist} +Release: 3%{?dist} License: GPLv2+ Url: http://www.exim.org/ Group: System Environment/Daemons @@ -24,7 +20,7 @@ Requires(post): /sbin/chkconfig /sbin/service /sbin/restorecon %{_sbindir}/alter Requires(preun): %{_sbindir}/alternatives systemd Requires(postun): %{_sbindir}/alternatives systemd Requires(pre): %{_sbindir}/groupadd, %{_sbindir}/useradd -%if 0%{?buildclam} +%if %{with clamav} Requires: initscripts BuildRequires: clamav-devel %endif @@ -34,11 +30,11 @@ Source3: exim.sysconfig Source4: exim.logrotate Source5: exim-tidydb.sh Source11: exim.pam -%if 0%{?buildclam} +%if %{with clamav} Source12: exim-clamav-tmpfiles.conf %endif -%if 0%{?buildsa} +%if %{with sa} Source13: http://marc.merlins.org/linux/exim/files/sa-exim-4.2.tar.gz %endif Source20: exim-greylist.conf.inc @@ -67,7 +63,7 @@ Requires: /etc/pki/tls/certs /etc/pki/tls/private Requires: /etc/aliases Requires: perl(:MODULE_COMPAT_%(eval "`%{__perl} -V:version`"; echo $version)) BuildRequires: libdb-devel openssl-devel openldap-devel pam-devel -%if 0%{?buildsa} +%if %{with sa} BuildRequires: lynx %endif BuildRequires: pcre-devel sqlite-devel tcp_wrappers-devel cyrus-sasl-devel @@ -123,6 +119,7 @@ displays information about Exim's processing in an X window, and an administrator can perform a number of control actions from the window interface. +%if %{with sa} %package sa Summary: Exim SpamAssassin at SMTP time - d/l plugin Group: System Environment/Daemons @@ -132,8 +129,9 @@ Requires: exim = %{version}-%{release} The exim-sa package is an old method for allowing SpamAssassin to be run on incoming mail at SMTP time. It is deprecated in favour of the built-in ACL support for content scanning. +%endif -%if 0%{?buildclam} +%if %{with clamav} %package clamav Summary: Clam Antivirus scanner dæmon configuration for use with Exim Group: System Environment/Daemons @@ -199,7 +197,7 @@ greylisting unconditional. %prep %setup -q -%if 0%{?buildsa} +%if %{with sa} %setup -q -T -D -a 13 %endif @@ -231,7 +229,7 @@ cp exim_monitor/EDITME Local/eximon.conf %endif make LFLAGS=-pie _lib=%{_lib} FULLECHO= -%if 0%{?buildsa} +%if %{with sa} # build sa-exim cd sa-exim* perl -pi -e 's|\@lynx|HOME=/ /usr/bin/lynx|g;' Makefile @@ -318,7 +316,7 @@ install -m 0644 %SOURCE4 $RPM_BUILD_ROOT%{_sysconfdir}/logrotate.d/exim mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}/cron.daily install -m 0755 %SOURCE5 $RPM_BUILD_ROOT%{_sysconfdir}/cron.daily/exim-tidydb -%if 0%{?buildsa} +%if %{with sa} # install sa cd sa-exim* mkdir -p $RPM_BUILD_ROOT%{_libexecdir}/exim @@ -340,7 +338,7 @@ do touch $RPM_BUILD_ROOT$i done -%if 0%{?buildclam} +%if %{with clamav} # Munge the clamav init and config files from clamav-devel. This really ought # to be a subpackage of clamav, but this hack will have to do for now. function clamsubst() { @@ -528,7 +526,7 @@ fi %{_sbindir}/eximon %{_sbindir}/eximon.bin -%if 0%{?buildsa} +%if %{with sa} %files sa %defattr(-,root,root) %{_libexecdir}/exim @@ -537,7 +535,7 @@ fi %doc sa-exim*/{ACKNOWLEDGEMENTS,INSTALL,LICENSE,TODO} %endif -%if 0%{?buildclam} +%if %{with clamav} %post clamav /bin/mkdir -p 0750 %{_var}/run/clamd.exim /bin/chown exim:exim %{_var}/run/clamd.exim @@ -603,6 +601,10 @@ test "$1" = 0 || %{_initrddir}/clamd.exim condrestart >/dev/null 2>&1 || : %{_sysconfdir}/cron.daily/greylist-tidy.sh %changelog +* Wed Jul 9 2014 Jaroslav Škarvada - 4.82.1-3 +- Dropped support for FC6 and earlier, without sa and with clamav are + now the defaults, they can be overriden by --with / --without + * Sat Jun 07 2014 Fedora Release Engineering - 4.82.1-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild From 6795df81d8e5a68546e8f79d57cefe6448b5688b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jaroslav=20=C5=A0karvada?= Date: Wed, 9 Jul 2014 16:38:39 +0200 Subject: [PATCH 126/194] Do not build clamav on RHEL - Fixed build without clamav --- exim.spec | 18 ++++++++++++++++-- 1 file changed, 16 insertions(+), 2 deletions(-) diff --git a/exim.spec b/exim.spec index bb787cd..5abad44 100644 --- a/exim.spec +++ b/exim.spec @@ -2,15 +2,20 @@ # from exiscan. Disable it by default %bcond_with sa -# Build clamav subpackage by default +# By default build clamav subpackage on Fedora, +# do not build on RHEL +%if 0%{?rhel} +%bcond_with clamav +%else %bcond_without clamav +%endif %global sysv2systemdnvr 4.76-6 Summary: The exim mail transfer agent Name: exim Version: 4.82.1 -Release: 3%{?dist} +Release: 4%{?dist} License: GPLv2+ Url: http://www.exim.org/ Group: System Environment/Daemons @@ -43,7 +48,9 @@ Source22: greylist-tidy.sh Source23: trusted-configs Source24: exim.service Source25: exim-gen-cert +%if %{with clamav} Source26: clamd.exim.service +%endif Patch4: exim-rhl.patch Patch6: exim-4.82-config.patch @@ -308,7 +315,10 @@ mkdir -p %{buildroot}%{_unitdir} mkdir -p $RPM_BUILD_ROOT%{_libexecdir} install -m644 %{SOURCE24} %{buildroot}%{_unitdir} install -m755 %{SOURCE25} %{buildroot}%{_libexecdir} + +%if %{with clamav} install -m644 %{SOURCE26} %{buildroot}%{_unitdir} +%endif mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}/logrotate.d install -m 0644 %SOURCE4 $RPM_BUILD_ROOT%{_sysconfdir}/logrotate.d/exim @@ -601,6 +611,10 @@ test "$1" = 0 || %{_initrddir}/clamd.exim condrestart >/dev/null 2>&1 || : %{_sysconfdir}/cron.daily/greylist-tidy.sh %changelog +* Wed Jul 9 2014 Jaroslav Škarvada - 4.82.1-4 +- Do not build clamav on RHEL +- Fixed build without clamav + * Wed Jul 9 2014 Jaroslav Škarvada - 4.82.1-3 - Dropped support for FC6 and earlier, without sa and with clamav are now the defaults, they can be overriden by --with / --without From 84967cdd477f8cb9992d3eafe55b23ff6c1d8b6b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jaroslav=20=C5=A0karvada?= Date: Wed, 23 Jul 2014 17:44:25 +0200 Subject: [PATCH 127/194] New version Resolves: CVE-2014-2972 - De-fuzzified patches --- ....82-config.patch => exim-4.83-config.patch | 38 +++++++++---------- ....patch => exim-4.83-dlopen-localscan.patch | 25 ++++++------ ...amdconf.patch => exim-4.83-spamdconf.patch | 2 +- exim.spec | 15 +++++--- 4 files changed, 43 insertions(+), 37 deletions(-) rename exim-4.82-config.patch => exim-4.83-config.patch (92%) rename exim-4.82-dlopen-localscan.patch => exim-4.83-dlopen-localscan.patch (93%) rename exim-4.82-spamdconf.patch => exim-4.83-spamdconf.patch (99%) diff --git a/exim-4.82-config.patch b/exim-4.83-config.patch similarity index 92% rename from exim-4.82-config.patch rename to exim-4.83-config.patch index d20928b..252e00a 100644 --- a/exim-4.82-config.patch +++ b/exim-4.83-config.patch @@ -1,8 +1,8 @@ diff --git a/scripts/Configure-Makefile b/scripts/Configure-Makefile -index 5e8a726..31a5aad 100755 +index eeb26ee..9cb6385 100755 --- a/scripts/Configure-Makefile +++ b/scripts/Configure-Makefile -@@ -233,7 +233,7 @@ if [ "${EXIM_PERL}" != "" ] ; then +@@ -249,7 +249,7 @@ if [ "${EXIM_PERL}" != "" ] ; then mv $mft $mftt echo "PERL_CC=`$PERL_COMMAND -MConfig -e 'print $Config{cc}'`" >>$mft @@ -12,7 +12,7 @@ index 5e8a726..31a5aad 100755 echo "" >>$mft cat $mftt >> $mft diff --git a/src/EDITME b/src/EDITME -index 3f818f3..6cc58a8 100644 +index d576fd7..a3ffd48 100644 --- a/src/EDITME +++ b/src/EDITME @@ -98,7 +98,7 @@ @@ -121,7 +121,7 @@ index 3f818f3..6cc58a8 100644 # If you're using ClamAV and are backporting fixes to an old version, instead # of staying current (which is the more usual approach) then you may need to -@@ -560,7 +562,7 @@ FIXED_NEVER_USERS=root +@@ -573,7 +575,7 @@ FIXED_NEVER_USERS=root # CONFIGURE_OWNER setting, to specify a configuration file which is listed in # the TRUSTED_CONFIG_LIST file, then root privileges are not dropped by Exim. @@ -130,7 +130,7 @@ index 3f818f3..6cc58a8 100644 #------------------------------------------------------------------------------ -@@ -605,15 +607,13 @@ FIXED_NEVER_USERS=root +@@ -618,15 +620,13 @@ FIXED_NEVER_USERS=root # included in the Exim binary. You will then need to set up the run time # configuration to make use of the mechanism(s) selected. @@ -153,7 +153,7 @@ index 3f818f3..6cc58a8 100644 #------------------------------------------------------------------------------ -@@ -634,7 +634,7 @@ FIXED_NEVER_USERS=root +@@ -647,7 +647,7 @@ FIXED_NEVER_USERS=root # one that is set in the headers_charset option. The default setting is # defined by this setting: @@ -162,7 +162,7 @@ index 3f818f3..6cc58a8 100644 # If you are going to make use of $header_xxx expansions in your configuration # file, or if your users are going to use them in filter files, and the normal -@@ -654,7 +654,7 @@ HEADERS_CHARSET="ISO-8859-1" +@@ -667,7 +667,7 @@ HEADERS_CHARSET="ISO-8859-1" # the Sieve filter support. For those OS where iconv() is known to be installed # as standard, the file in OS/Makefile-xxxx contains # @@ -171,7 +171,7 @@ index 3f818f3..6cc58a8 100644 # # If you are not using one of those systems, but have installed iconv(), you # need to uncomment that line above. In some cases, you may find that iconv() -@@ -716,11 +716,11 @@ HEADERS_CHARSET="ISO-8859-1" +@@ -729,11 +729,11 @@ HEADERS_CHARSET="ISO-8859-1" # leave these settings commented out. # This setting is required for any TLS support (either OpenSSL or GnuTLS) @@ -186,7 +186,7 @@ index 3f818f3..6cc58a8 100644 # Uncomment the first and either the second or the third of these if you # are using GnuTLS. If you have pkg-config, then the second, else the third. -@@ -785,7 +785,7 @@ HEADERS_CHARSET="ISO-8859-1" +@@ -798,7 +798,7 @@ HEADERS_CHARSET="ISO-8859-1" # Once you have done this, "make install" will build the info files and # install them in the directory you have defined. @@ -195,7 +195,7 @@ index 3f818f3..6cc58a8 100644 #------------------------------------------------------------------------------ -@@ -798,7 +798,7 @@ HEADERS_CHARSET="ISO-8859-1" +@@ -811,7 +811,7 @@ HEADERS_CHARSET="ISO-8859-1" # %s. This will be replaced by one of the strings "main", "panic", or "reject" # to form the final file names. Some installations may want something like this: @@ -204,7 +204,7 @@ index 3f818f3..6cc58a8 100644 # which results in files with names /var/log/exim_mainlog, etc. The directory # in which the log files are placed must exist; Exim does not try to create -@@ -864,7 +864,7 @@ ZCAT_COMMAND=/usr/bin/zcat +@@ -877,7 +877,7 @@ ZCAT_COMMAND=/usr/bin/zcat # (version 5.004 or later) installed, set EXIM_PERL to perl.o. Using embedded # Perl costs quite a lot of resources. Only do this if you really need it. @@ -213,7 +213,7 @@ index 3f818f3..6cc58a8 100644 #------------------------------------------------------------------------------ -@@ -874,7 +874,7 @@ ZCAT_COMMAND=/usr/bin/zcat +@@ -887,7 +887,7 @@ ZCAT_COMMAND=/usr/bin/zcat # that the local_scan API is made available by the linker. You may also need # to add -ldl to EXTRALIBS so that dlopen() is available to Exim. @@ -222,7 +222,7 @@ index 3f818f3..6cc58a8 100644 #------------------------------------------------------------------------------ -@@ -884,7 +884,7 @@ ZCAT_COMMAND=/usr/bin/zcat +@@ -897,7 +897,7 @@ ZCAT_COMMAND=/usr/bin/zcat # support, which is intended for use in conjunction with the SMTP AUTH # facilities, is included only when requested by the following setting: @@ -231,7 +231,7 @@ index 3f818f3..6cc58a8 100644 # You probably need to add -lpam to EXTRALIBS, and in some releases of # GNU/Linux -ldl is also needed. -@@ -952,7 +952,7 @@ ZCAT_COMMAND=/usr/bin/zcat +@@ -965,7 +965,7 @@ ZCAT_COMMAND=/usr/bin/zcat # group. Once you have installed saslauthd, you should arrange for it to be # started by root at boot time. @@ -240,7 +240,7 @@ index 3f818f3..6cc58a8 100644 #------------------------------------------------------------------------------ -@@ -965,9 +965,9 @@ ZCAT_COMMAND=/usr/bin/zcat +@@ -978,9 +978,9 @@ ZCAT_COMMAND=/usr/bin/zcat # You may well also have to specify a local "include" file and an additional # library for TCP wrappers, so you probably need something like this: # @@ -253,7 +253,7 @@ index 3f818f3..6cc58a8 100644 # # but of course there may need to be other things in CFLAGS and EXTRALIBS_EXIM # as well. -@@ -1019,7 +1019,7 @@ SYSTEM_ALIASES_FILE=/etc/aliases +@@ -1032,7 +1032,7 @@ SYSTEM_ALIASES_FILE=/etc/aliases # is "yes", as well as supporting line editing, a history of input lines in the # current run is maintained. @@ -262,7 +262,7 @@ index 3f818f3..6cc58a8 100644 # You may need to add -ldl to EXTRALIBS when you set USE_READLINE=yes. # Note that this option adds to the size of the Exim binary, because the -@@ -1029,7 +1029,7 @@ SYSTEM_ALIASES_FILE=/etc/aliases +@@ -1042,7 +1042,7 @@ SYSTEM_ALIASES_FILE=/etc/aliases #------------------------------------------------------------------------------ # Uncomment this setting to include IPv6 support. @@ -271,7 +271,7 @@ index 3f818f3..6cc58a8 100644 ############################################################################### # THINGS YOU ALMOST NEVER NEED TO MENTION # -@@ -1050,13 +1050,13 @@ SYSTEM_ALIASES_FILE=/etc/aliases +@@ -1063,13 +1063,13 @@ SYSTEM_ALIASES_FILE=/etc/aliases # haven't got Perl, Exim will still build and run; you just won't be able to # use those utilities. @@ -292,7 +292,7 @@ index 3f818f3..6cc58a8 100644 #------------------------------------------------------------------------------ -@@ -1256,7 +1256,7 @@ TMPDIR="/tmp" +@@ -1269,7 +1269,7 @@ TMPDIR="/tmp" # (process id) to a file so that it can easily be identified. The path of the # file can be specified here. Some installations may want something like this: diff --git a/exim-4.82-dlopen-localscan.patch b/exim-4.83-dlopen-localscan.patch similarity index 93% rename from exim-4.82-dlopen-localscan.patch rename to exim-4.83-dlopen-localscan.patch index ac5233c..9538345 100644 --- a/exim-4.82-dlopen-localscan.patch +++ b/exim-4.83-dlopen-localscan.patch @@ -1,8 +1,8 @@ diff --git a/src/EDITME b/src/EDITME -index 6cc58a8..07f8211 100644 +index a3ffd48..c186529 100644 --- a/src/EDITME +++ b/src/EDITME -@@ -770,6 +770,20 @@ TLS_LIBS=-lssl -lcrypto +@@ -783,6 +783,20 @@ TLS_LIBS=-lssl -lcrypto #------------------------------------------------------------------------------ @@ -24,7 +24,7 @@ index 6cc58a8..07f8211 100644 # documentation. Other forms are available separately. If you want to install # the documentation in "info" format, first fetch the Texinfo documentation diff --git a/src/config.h.defaults b/src/config.h.defaults -index 8c1e799..d5f9e55 100644 +index ba4615c..878e687 100644 --- a/src/config.h.defaults +++ b/src/config.h.defaults @@ -27,6 +27,8 @@ it's a default value. */ @@ -37,10 +37,10 @@ index 8c1e799..d5f9e55 100644 #define CONFIGURE_FILE diff --git a/src/globals.c b/src/globals.c -index 133a7bf..4423f07 100644 +index d3f9987..c01d430 100644 --- a/src/globals.c +++ b/src/globals.c -@@ -149,6 +149,10 @@ uschar *tls_verify_certificates= NULL; +@@ -162,6 +162,10 @@ uschar *tls_verify_certificates= NULL; uschar *tls_verify_hosts = NULL; #endif @@ -48,23 +48,24 @@ index 133a7bf..4423f07 100644 +uschar *local_scan_path = NULL; +#endif + - #ifdef EXPERIMENTAL_PRDR + #ifndef DISABLE_PRDR /* Per Recipient Data Response variables */ BOOL prdr_enable = FALSE; diff --git a/src/globals.h b/src/globals.h index 265f94e..fde0f47 100644 --- a/src/globals.h +++ b/src/globals.h -@@ -117,6 +117,9 @@ extern uschar *tls_verify_certificates;/* Path for certificates to check */ +@@ -117,6 +117,10 @@ extern uschar *tls_verify_certificates;/* Path for certificates to check */ extern uschar *tls_verify_hosts; /* Mandatory client verification */ #endif +#ifdef DLOPEN_LOCAL_SCAN +extern uschar *local_scan_path; /* Path to local_scan() library */ +#endif - - /* Input-reading functions for messages, so we can use special ones for - incoming TCP/IP. */ ++ + #ifdef EXPERIMENTAL_DSN + extern uschar *dsn_envid; /* DSN envid string */ + extern int dsn_ret; /* DSN ret type*/ diff --git a/src/local_scan.c b/src/local_scan.c index 3500047..8599172 100644 --- a/src/local_scan.c @@ -249,10 +250,10 @@ index 3500047..8599172 100644 + /* End of local_scan.c */ diff --git a/src/readconf.c b/src/readconf.c -index 77c7984..da9d582 100644 +index adb538c..d378b3a 100644 --- a/src/readconf.c +++ b/src/readconf.c -@@ -286,6 +286,9 @@ static optionlist optionlist_config[] = { +@@ -290,6 +290,9 @@ static optionlist optionlist_config[] = { { "local_from_prefix", opt_stringptr, &local_from_prefix }, { "local_from_suffix", opt_stringptr, &local_from_suffix }, { "local_interfaces", opt_stringptr, &local_interfaces }, diff --git a/exim-4.82-spamdconf.patch b/exim-4.83-spamdconf.patch similarity index 99% rename from exim-4.82-spamdconf.patch rename to exim-4.83-spamdconf.patch index e13b57f..b931f11 100644 --- a/exim-4.82-spamdconf.patch +++ b/exim-4.83-spamdconf.patch @@ -72,7 +72,7 @@ index 38f0f56..8b599d2 100644 - # X-Spam_score_int: $spam_score_int\n\ - # X-Spam_bar: $spam_bar\n\ - # X-Spam_report: $spam_report -+ ++ + # Unconditionally add score and report headers + # + # warn add_header = X-Spam-Score: $spam_score ($spam_bar)\n\ diff --git a/exim.spec b/exim.spec index 5abad44..cf4f016 100644 --- a/exim.spec +++ b/exim.spec @@ -14,8 +14,8 @@ Summary: The exim mail transfer agent Name: exim -Version: 4.82.1 -Release: 4%{?dist} +Version: 4.83 +Release: 1%{?dist} License: GPLv2+ Url: http://www.exim.org/ Group: System Environment/Daemons @@ -53,12 +53,12 @@ Source26: clamd.exim.service %endif Patch4: exim-rhl.patch -Patch6: exim-4.82-config.patch +Patch6: exim-4.83-config.patch Patch8: exim-4.82-libdir.patch Patch12: exim-4.82-cyrus.patch Patch13: exim-4.82-pamconfig.patch -Patch14: exim-4.82-spamdconf.patch -Patch18: exim-4.82-dlopen-localscan.patch +Patch14: exim-4.83-spamdconf.patch +Patch18: exim-4.83-dlopen-localscan.patch Patch19: exim-4.82-procmail.patch Patch20: exim-4.82-allow-filter.patch Patch21: exim-4.82-localhost-is-local.patch @@ -611,6 +611,11 @@ test "$1" = 0 || %{_initrddir}/clamd.exim condrestart >/dev/null 2>&1 || : %{_sysconfdir}/cron.daily/greylist-tidy.sh %changelog +* Wed Jul 23 2014 Jaroslav Škarvada - 4.83-1 +- New version + Resolves: CVE-2014-2972 +- De-fuzzified patches + * Wed Jul 9 2014 Jaroslav Škarvada - 4.82.1-4 - Do not build clamav on RHEL - Fixed build without clamav From f74dbf773383f85f339f83ced11ef675ce7ccdb3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jaroslav=20=C5=A0karvada?= Date: Wed, 23 Jul 2014 18:15:10 +0200 Subject: [PATCH 128/194] Added sources --- sources | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sources b/sources index f34ddca..ce741c2 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -4544696ce6689ba9141a0697f25a74cb exim-4.82.1.tar.bz2 +fc6790f346a50a3c87be96b335b9c8ae exim-4.83.tar.bz2 From d6fb3ac66a6f4265f4f856d773e0e77604964919 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jaroslav=20=C5=A0karvada?= Date: Tue, 12 Aug 2014 10:37:59 +0200 Subject: [PATCH 129/194] New version Resolves: rhbz#1129036 - De-fuzzified dlopen-localscan patch --- ...n-localscan.patch => exim-4.84-dlopen-localscan.patch | 4 ++-- exim.spec | 9 +++++++-- sources | 2 +- 3 files changed, 10 insertions(+), 5 deletions(-) rename exim-4.83-dlopen-localscan.patch => exim-4.84-dlopen-localscan.patch (98%) diff --git a/exim-4.83-dlopen-localscan.patch b/exim-4.84-dlopen-localscan.patch similarity index 98% rename from exim-4.83-dlopen-localscan.patch rename to exim-4.84-dlopen-localscan.patch index 9538345..67cccb3 100644 --- a/exim-4.83-dlopen-localscan.patch +++ b/exim-4.84-dlopen-localscan.patch @@ -52,10 +52,10 @@ index d3f9987..c01d430 100644 /* Per Recipient Data Response variables */ BOOL prdr_enable = FALSE; diff --git a/src/globals.h b/src/globals.h -index 265f94e..fde0f47 100644 +index 2bedcf5..6085955 100644 --- a/src/globals.h +++ b/src/globals.h -@@ -117,6 +117,10 @@ extern uschar *tls_verify_certificates;/* Path for certificates to check */ +@@ -126,6 +126,10 @@ extern uschar *tls_verify_certificates;/* Path for certificates to check */ extern uschar *tls_verify_hosts; /* Mandatory client verification */ #endif diff --git a/exim.spec b/exim.spec index cf4f016..c4fda32 100644 --- a/exim.spec +++ b/exim.spec @@ -14,7 +14,7 @@ Summary: The exim mail transfer agent Name: exim -Version: 4.83 +Version: 4.84 Release: 1%{?dist} License: GPLv2+ Url: http://www.exim.org/ @@ -58,7 +58,7 @@ Patch8: exim-4.82-libdir.patch Patch12: exim-4.82-cyrus.patch Patch13: exim-4.82-pamconfig.patch Patch14: exim-4.83-spamdconf.patch -Patch18: exim-4.83-dlopen-localscan.patch +Patch18: exim-4.84-dlopen-localscan.patch Patch19: exim-4.82-procmail.patch Patch20: exim-4.82-allow-filter.patch Patch21: exim-4.82-localhost-is-local.patch @@ -611,6 +611,11 @@ test "$1" = 0 || %{_initrddir}/clamd.exim condrestart >/dev/null 2>&1 || : %{_sysconfdir}/cron.daily/greylist-tidy.sh %changelog +* Tue Aug 12 2014 Jaroslav Škarvada - 4.84-1 +- New version + Resolves: rhbz#1129036 +- De-fuzzified dlopen-localscan patch + * Wed Jul 23 2014 Jaroslav Škarvada - 4.83-1 - New version Resolves: CVE-2014-2972 diff --git a/sources b/sources index ce741c2..9c4f21d 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -fc6790f346a50a3c87be96b335b9c8ae exim-4.83.tar.bz2 +3d14522e604b687b9e515f5aa739b2c0 exim-4.84.tar.bz2 From b8596f52a2ec28f08af7d62cf6c2a288a262e7f7 Mon Sep 17 00:00:00 2001 From: Peter Robinson Date: Sat, 16 Aug 2014 11:45:23 +0000 Subject: [PATCH 130/194] - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild --- exim.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/exim.spec b/exim.spec index c4fda32..7ccf697 100644 --- a/exim.spec +++ b/exim.spec @@ -15,7 +15,7 @@ Summary: The exim mail transfer agent Name: exim Version: 4.84 -Release: 1%{?dist} +Release: 2%{?dist} License: GPLv2+ Url: http://www.exim.org/ Group: System Environment/Daemons @@ -611,6 +611,9 @@ test "$1" = 0 || %{_initrddir}/clamd.exim condrestart >/dev/null 2>&1 || : %{_sysconfdir}/cron.daily/greylist-tidy.sh %changelog +* Sat Aug 16 2014 Fedora Release Engineering - 4.84-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild + * Tue Aug 12 2014 Jaroslav Škarvada - 4.84-1 - New version Resolves: rhbz#1129036 From 537eef5f95a8d9fdbf1c963a539fd45a5d748ced Mon Sep 17 00:00:00 2001 From: Jitka Plesnikova Date: Wed, 27 Aug 2014 01:54:49 +0200 Subject: [PATCH 131/194] Perl 5.20 rebuild --- exim.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/exim.spec b/exim.spec index 7ccf697..d59ac6d 100644 --- a/exim.spec +++ b/exim.spec @@ -15,7 +15,7 @@ Summary: The exim mail transfer agent Name: exim Version: 4.84 -Release: 2%{?dist} +Release: 3%{?dist} License: GPLv2+ Url: http://www.exim.org/ Group: System Environment/Daemons @@ -611,6 +611,9 @@ test "$1" = 0 || %{_initrddir}/clamd.exim condrestart >/dev/null 2>&1 || : %{_sysconfdir}/cron.daily/greylist-tidy.sh %changelog +* Tue Aug 26 2014 Jitka Plesnikova - 4.84-3 +- Perl 5.20 rebuild + * Sat Aug 16 2014 Fedora Release Engineering - 4.84-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild From 899921474ef499f57c9183b1a1378e3f9859dd75 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jaroslav=20=C5=A0karvada?= Date: Fri, 10 Oct 2014 10:36:59 +0200 Subject: [PATCH 132/194] Perl 5.20 rebuild --- exim-4.84-dlopen-localscan.patch | 2 +- exim.spec | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/exim-4.84-dlopen-localscan.patch b/exim-4.84-dlopen-localscan.patch index 67cccb3..09854e0 100644 --- a/exim-4.84-dlopen-localscan.patch +++ b/exim-4.84-dlopen-localscan.patch @@ -17,7 +17,7 @@ index a3ffd48..c186529 100644 +# linker flags. Without it, the loaded .so won't be able to access any +# functions from exim. + -+LFLAGS=-rdynamic -ldl ++LFLAGS=-rdynamic -ldl -pie + +#------------------------------------------------------------------------------ # The default distribution of Exim contains only the plain text form of the diff --git a/exim.spec b/exim.spec index d59ac6d..1c2c1fa 100644 --- a/exim.spec +++ b/exim.spec @@ -234,7 +234,7 @@ cp exim_monitor/EDITME Local/eximon.conf %else export PIE=-fPIE %endif -make LFLAGS=-pie _lib=%{_lib} FULLECHO= +make _lib=%{_lib} FULLECHO= %if %{with sa} # build sa-exim From f44fc2848a3c07a257dfeeb79edc3de6c026e23a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jaroslav=20=C5=A0karvada?= Date: Fri, 10 Oct 2014 10:41:23 +0200 Subject: [PATCH 133/194] Do not override LFLAGS (problem reported by Todd Lyons) --- exim.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/exim.spec b/exim.spec index 1c2c1fa..00d982a 100644 --- a/exim.spec +++ b/exim.spec @@ -15,7 +15,7 @@ Summary: The exim mail transfer agent Name: exim Version: 4.84 -Release: 3%{?dist} +Release: 4%{?dist} License: GPLv2+ Url: http://www.exim.org/ Group: System Environment/Daemons @@ -611,6 +611,9 @@ test "$1" = 0 || %{_initrddir}/clamd.exim condrestart >/dev/null 2>&1 || : %{_sysconfdir}/cron.daily/greylist-tidy.sh %changelog +* Fri Oct 10 2014 Jaroslav Škarvada - 4.84-4 +- Do not override LFLAGS (problem reported by Todd Lyons) + * Tue Aug 26 2014 Jitka Plesnikova - 4.84-3 - Perl 5.20 rebuild From 2ca260ba158e5444e5295048f09bd23af7fe4b0c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jaroslav=20=C5=A0karvada?= Date: Tue, 13 Jan 2015 17:55:59 +0100 Subject: [PATCH 134/194] New version Resolves: rhbz#1181479 - De-fuzzified config and dlopen-localscan patches --- ....83-config.patch => exim-4.85-config.patch | 34 +++++++++---------- ....patch => exim-4.85-dlopen-localscan.patch | 18 +++++----- exim.spec | 13 ++++--- sources | 2 +- 4 files changed, 36 insertions(+), 31 deletions(-) rename exim-4.83-config.patch => exim-4.85-config.patch (92%) rename exim-4.84-dlopen-localscan.patch => exim-4.85-dlopen-localscan.patch (95%) diff --git a/exim-4.83-config.patch b/exim-4.85-config.patch similarity index 92% rename from exim-4.83-config.patch rename to exim-4.85-config.patch index 252e00a..020f17a 100644 --- a/exim-4.83-config.patch +++ b/exim-4.85-config.patch @@ -12,7 +12,7 @@ index eeb26ee..9cb6385 100755 echo "" >>$mft cat $mftt >> $mft diff --git a/src/EDITME b/src/EDITME -index d576fd7..a3ffd48 100644 +index 4a290a4..b4c60cb 100644 --- a/src/EDITME +++ b/src/EDITME @@ -98,7 +98,7 @@ @@ -121,7 +121,7 @@ index d576fd7..a3ffd48 100644 # If you're using ClamAV and are backporting fixes to an old version, instead # of staying current (which is the more usual approach) then you may need to -@@ -573,7 +575,7 @@ FIXED_NEVER_USERS=root +@@ -576,7 +578,7 @@ FIXED_NEVER_USERS=root # CONFIGURE_OWNER setting, to specify a configuration file which is listed in # the TRUSTED_CONFIG_LIST file, then root privileges are not dropped by Exim. @@ -130,7 +130,7 @@ index d576fd7..a3ffd48 100644 #------------------------------------------------------------------------------ -@@ -618,15 +620,13 @@ FIXED_NEVER_USERS=root +@@ -621,15 +623,13 @@ FIXED_NEVER_USERS=root # included in the Exim binary. You will then need to set up the run time # configuration to make use of the mechanism(s) selected. @@ -153,7 +153,7 @@ index d576fd7..a3ffd48 100644 #------------------------------------------------------------------------------ -@@ -647,7 +647,7 @@ FIXED_NEVER_USERS=root +@@ -650,7 +650,7 @@ FIXED_NEVER_USERS=root # one that is set in the headers_charset option. The default setting is # defined by this setting: @@ -162,7 +162,7 @@ index d576fd7..a3ffd48 100644 # If you are going to make use of $header_xxx expansions in your configuration # file, or if your users are going to use them in filter files, and the normal -@@ -667,7 +667,7 @@ HEADERS_CHARSET="ISO-8859-1" +@@ -670,7 +670,7 @@ HEADERS_CHARSET="ISO-8859-1" # the Sieve filter support. For those OS where iconv() is known to be installed # as standard, the file in OS/Makefile-xxxx contains # @@ -171,7 +171,7 @@ index d576fd7..a3ffd48 100644 # # If you are not using one of those systems, but have installed iconv(), you # need to uncomment that line above. In some cases, you may find that iconv() -@@ -729,11 +729,11 @@ HEADERS_CHARSET="ISO-8859-1" +@@ -732,11 +732,11 @@ HEADERS_CHARSET="ISO-8859-1" # leave these settings commented out. # This setting is required for any TLS support (either OpenSSL or GnuTLS) @@ -186,7 +186,7 @@ index d576fd7..a3ffd48 100644 # Uncomment the first and either the second or the third of these if you # are using GnuTLS. If you have pkg-config, then the second, else the third. -@@ -798,7 +798,7 @@ HEADERS_CHARSET="ISO-8859-1" +@@ -801,7 +801,7 @@ HEADERS_CHARSET="ISO-8859-1" # Once you have done this, "make install" will build the info files and # install them in the directory you have defined. @@ -195,7 +195,7 @@ index d576fd7..a3ffd48 100644 #------------------------------------------------------------------------------ -@@ -811,7 +811,7 @@ HEADERS_CHARSET="ISO-8859-1" +@@ -814,7 +814,7 @@ HEADERS_CHARSET="ISO-8859-1" # %s. This will be replaced by one of the strings "main", "panic", or "reject" # to form the final file names. Some installations may want something like this: @@ -204,7 +204,7 @@ index d576fd7..a3ffd48 100644 # which results in files with names /var/log/exim_mainlog, etc. The directory # in which the log files are placed must exist; Exim does not try to create -@@ -877,7 +877,7 @@ ZCAT_COMMAND=/usr/bin/zcat +@@ -880,7 +880,7 @@ ZCAT_COMMAND=/usr/bin/zcat # (version 5.004 or later) installed, set EXIM_PERL to perl.o. Using embedded # Perl costs quite a lot of resources. Only do this if you really need it. @@ -213,7 +213,7 @@ index d576fd7..a3ffd48 100644 #------------------------------------------------------------------------------ -@@ -887,7 +887,7 @@ ZCAT_COMMAND=/usr/bin/zcat +@@ -890,7 +890,7 @@ ZCAT_COMMAND=/usr/bin/zcat # that the local_scan API is made available by the linker. You may also need # to add -ldl to EXTRALIBS so that dlopen() is available to Exim. @@ -222,7 +222,7 @@ index d576fd7..a3ffd48 100644 #------------------------------------------------------------------------------ -@@ -897,7 +897,7 @@ ZCAT_COMMAND=/usr/bin/zcat +@@ -900,7 +900,7 @@ ZCAT_COMMAND=/usr/bin/zcat # support, which is intended for use in conjunction with the SMTP AUTH # facilities, is included only when requested by the following setting: @@ -231,7 +231,7 @@ index d576fd7..a3ffd48 100644 # You probably need to add -lpam to EXTRALIBS, and in some releases of # GNU/Linux -ldl is also needed. -@@ -965,7 +965,7 @@ ZCAT_COMMAND=/usr/bin/zcat +@@ -968,7 +968,7 @@ ZCAT_COMMAND=/usr/bin/zcat # group. Once you have installed saslauthd, you should arrange for it to be # started by root at boot time. @@ -240,7 +240,7 @@ index d576fd7..a3ffd48 100644 #------------------------------------------------------------------------------ -@@ -978,9 +978,9 @@ ZCAT_COMMAND=/usr/bin/zcat +@@ -981,9 +981,9 @@ ZCAT_COMMAND=/usr/bin/zcat # You may well also have to specify a local "include" file and an additional # library for TCP wrappers, so you probably need something like this: # @@ -253,7 +253,7 @@ index d576fd7..a3ffd48 100644 # # but of course there may need to be other things in CFLAGS and EXTRALIBS_EXIM # as well. -@@ -1032,7 +1032,7 @@ SYSTEM_ALIASES_FILE=/etc/aliases +@@ -1035,7 +1035,7 @@ SYSTEM_ALIASES_FILE=/etc/aliases # is "yes", as well as supporting line editing, a history of input lines in the # current run is maintained. @@ -262,7 +262,7 @@ index d576fd7..a3ffd48 100644 # You may need to add -ldl to EXTRALIBS when you set USE_READLINE=yes. # Note that this option adds to the size of the Exim binary, because the -@@ -1042,7 +1042,7 @@ SYSTEM_ALIASES_FILE=/etc/aliases +@@ -1045,7 +1045,7 @@ SYSTEM_ALIASES_FILE=/etc/aliases #------------------------------------------------------------------------------ # Uncomment this setting to include IPv6 support. @@ -271,7 +271,7 @@ index d576fd7..a3ffd48 100644 ############################################################################### # THINGS YOU ALMOST NEVER NEED TO MENTION # -@@ -1063,13 +1063,13 @@ SYSTEM_ALIASES_FILE=/etc/aliases +@@ -1066,13 +1066,13 @@ SYSTEM_ALIASES_FILE=/etc/aliases # haven't got Perl, Exim will still build and run; you just won't be able to # use those utilities. @@ -292,7 +292,7 @@ index d576fd7..a3ffd48 100644 #------------------------------------------------------------------------------ -@@ -1269,7 +1269,7 @@ TMPDIR="/tmp" +@@ -1272,7 +1272,7 @@ TMPDIR="/tmp" # (process id) to a file so that it can easily be identified. The path of the # file can be specified here. Some installations may want something like this: diff --git a/exim-4.84-dlopen-localscan.patch b/exim-4.85-dlopen-localscan.patch similarity index 95% rename from exim-4.84-dlopen-localscan.patch rename to exim-4.85-dlopen-localscan.patch index 09854e0..384dde0 100644 --- a/exim-4.84-dlopen-localscan.patch +++ b/exim-4.85-dlopen-localscan.patch @@ -1,8 +1,8 @@ diff --git a/src/EDITME b/src/EDITME -index a3ffd48..c186529 100644 +index b4c60cb..5f95c89 100644 --- a/src/EDITME +++ b/src/EDITME -@@ -783,6 +783,20 @@ TLS_LIBS=-lssl -lcrypto +@@ -786,6 +786,20 @@ TLS_LIBS=-lssl -lcrypto #------------------------------------------------------------------------------ @@ -24,7 +24,7 @@ index a3ffd48..c186529 100644 # documentation. Other forms are available separately. If you want to install # the documentation in "info" format, first fetch the Texinfo documentation diff --git a/src/config.h.defaults b/src/config.h.defaults -index ba4615c..878e687 100644 +index a0997a0..9dd84f8 100644 --- a/src/config.h.defaults +++ b/src/config.h.defaults @@ -27,6 +27,8 @@ it's a default value. */ @@ -37,10 +37,10 @@ index ba4615c..878e687 100644 #define CONFIGURE_FILE diff --git a/src/globals.c b/src/globals.c -index d3f9987..c01d430 100644 +index fb705d9..efee424 100644 --- a/src/globals.c +++ b/src/globals.c -@@ -162,6 +162,10 @@ uschar *tls_verify_certificates= NULL; +@@ -170,6 +170,10 @@ uschar *tls_verify_certificates= NULL; uschar *tls_verify_hosts = NULL; #endif @@ -52,10 +52,10 @@ index d3f9987..c01d430 100644 /* Per Recipient Data Response variables */ BOOL prdr_enable = FALSE; diff --git a/src/globals.h b/src/globals.h -index 2bedcf5..6085955 100644 +index f4baa0b..729426c 100644 --- a/src/globals.h +++ b/src/globals.h -@@ -126,6 +126,10 @@ extern uschar *tls_verify_certificates;/* Path for certificates to check */ +@@ -130,6 +130,10 @@ extern uschar *tls_verify_certificates;/* Path for certificates to check */ extern uschar *tls_verify_hosts; /* Mandatory client verification */ #endif @@ -250,10 +250,10 @@ index 3500047..8599172 100644 + /* End of local_scan.c */ diff --git a/src/readconf.c b/src/readconf.c -index adb538c..d378b3a 100644 +index 40af940..81be47f 100644 --- a/src/readconf.c +++ b/src/readconf.c -@@ -290,6 +290,9 @@ static optionlist optionlist_config[] = { +@@ -293,6 +293,9 @@ static optionlist optionlist_config[] = { { "local_from_prefix", opt_stringptr, &local_from_prefix }, { "local_from_suffix", opt_stringptr, &local_from_suffix }, { "local_interfaces", opt_stringptr, &local_interfaces }, diff --git a/exim.spec b/exim.spec index 00d982a..8a2b612 100644 --- a/exim.spec +++ b/exim.spec @@ -14,8 +14,8 @@ Summary: The exim mail transfer agent Name: exim -Version: 4.84 -Release: 4%{?dist} +Version: 4.85 +Release: 1%{?dist} License: GPLv2+ Url: http://www.exim.org/ Group: System Environment/Daemons @@ -53,12 +53,12 @@ Source26: clamd.exim.service %endif Patch4: exim-rhl.patch -Patch6: exim-4.83-config.patch +Patch6: exim-4.85-config.patch Patch8: exim-4.82-libdir.patch Patch12: exim-4.82-cyrus.patch Patch13: exim-4.82-pamconfig.patch Patch14: exim-4.83-spamdconf.patch -Patch18: exim-4.84-dlopen-localscan.patch +Patch18: exim-4.85-dlopen-localscan.patch Patch19: exim-4.82-procmail.patch Patch20: exim-4.82-allow-filter.patch Patch21: exim-4.82-localhost-is-local.patch @@ -611,6 +611,11 @@ test "$1" = 0 || %{_initrddir}/clamd.exim condrestart >/dev/null 2>&1 || : %{_sysconfdir}/cron.daily/greylist-tidy.sh %changelog +* Tue Jan 13 2015 Jaroslav Škarvada - 4.85-1 +- New version + Resolves: rhbz#1181479 +- De-fuzzified config and dlopen-localscan patches + * Fri Oct 10 2014 Jaroslav Škarvada - 4.84-4 - Do not override LFLAGS (problem reported by Todd Lyons) diff --git a/sources b/sources index 9c4f21d..e66e025 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -3d14522e604b687b9e515f5aa739b2c0 exim-4.84.tar.bz2 +ebae28762b6f125726283dc9434e8709 exim-4.85.tar.bz2 From b0e7a3ba8e4a1f9adfadf10e04ab4f5f7e6037b4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jaroslav=20=C5=A0karvada?= Date: Mon, 9 Feb 2015 18:24:07 +0100 Subject: [PATCH 135/194] Workaround for PIC compilation problem with gcc-5 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Upstream ticket: http://bugs.exim.org/show_bug.cgi?id=1584 Resolves: rhbz#1190784 Signed-off-by: Jaroslav Škarvada --- exim-4.85-pic.patch | 13 +++++++++++++ exim.spec | 12 +++++++++++- 2 files changed, 24 insertions(+), 1 deletion(-) create mode 100644 exim-4.85-pic.patch diff --git a/exim-4.85-pic.patch b/exim-4.85-pic.patch new file mode 100644 index 0000000..d61edba --- /dev/null +++ b/exim-4.85-pic.patch @@ -0,0 +1,13 @@ +diff --git a/src/lookups/Makefile b/src/lookups/Makefile +index 6ba0cb1..21a7ad7 100644 +--- a/src/lookups/Makefile ++++ b/src/lookups/Makefile +@@ -22,7 +22,7 @@ lookups.a: $(OBJ) + $(FE)$(CC) -c $(CFLAGS) $(INCLUDE) $*.c + + .c.so:; @echo "$(CC) -shared $*.c" +- $(FE)$(CC) $(LOOKUP_$*_INCLUDE) $(LOOKUP_$*_LIBS) -DDYNLOOKUP $(CFLAGS_DYNAMIC) $(CFLAGS) $(INCLUDE) $(DLFLAGS) $*.c -o $@ ++ $(FE)$(CC) $(LOOKUP_$*_INCLUDE) $(LOOKUP_$*_LIBS) -DDYNLOOKUP $(CFLAGS_DYNAMIC) $(CFLAGS) $(INCLUDE) $(DLFLAGS) $(PIC) $*.c -o $@ + + lf_check_file.o: $(PHDRS) lf_check_file.c lf_functions.h + lf_quote.o: $(PHDRS) lf_quote.c lf_functions.h diff --git a/exim.spec b/exim.spec index 8a2b612..0e61cc4 100644 --- a/exim.spec +++ b/exim.spec @@ -15,7 +15,7 @@ Summary: The exim mail transfer agent Name: exim Version: 4.85 -Release: 1%{?dist} +Release: 2%{?dist} License: GPLv2+ Url: http://www.exim.org/ Group: System Environment/Daemons @@ -65,6 +65,8 @@ Patch21: exim-4.82-localhost-is-local.patch Patch22: exim-4.82-greylist-conf.patch Patch23: exim-4.82-smarthost-config.patch Patch25: exim-4.82-dynlookup-config.patch +# Upstream ticket: http://bugs.exim.org/show_bug.cgi?id=1584 +Patch26: exim-4.85-pic.patch Requires: /etc/pki/tls/certs /etc/pki/tls/private Requires: /etc/aliases @@ -221,6 +223,7 @@ greylisting unconditional. %patch22 -p1 -b .grey %patch23 -p1 -b .smarthost %patch25 -p1 -b .dynconfig +%patch26 -p1 -b .fpic cp src/EDITME Local/Makefile sed -i 's@^# LOOKUP_MODULE_DIR=.*@LOOKUP_MODULE_DIR=%{_libdir}/exim/%{version}-%{release}/lookups@' Local/Makefile @@ -231,8 +234,10 @@ cp exim_monitor/EDITME Local/eximon.conf %build %ifnarch s390 s390x sparc sparcv9 sparcv9v sparc64 sparc64v export PIE=-fpie + export PIC=-fpic %else export PIE=-fPIE + export PIC=-fPIC %endif make _lib=%{_lib} FULLECHO= @@ -611,6 +616,11 @@ test "$1" = 0 || %{_initrddir}/clamd.exim condrestart >/dev/null 2>&1 || : %{_sysconfdir}/cron.daily/greylist-tidy.sh %changelog +* Tue Feb 10 2015 Jaroslav Škarvada - 4.85-2 +- Shared objects are now compiled with PIC, not PIE, which is needed for gcc-5, + (by pic patch) + Resolves: rhbz#1190784 + * Tue Jan 13 2015 Jaroslav Škarvada - 4.85-1 - New version Resolves: rhbz#1181479 From e21b21c36962b7bc9cd15dede0a849e5cf92c701 Mon Sep 17 00:00:00 2001 From: Adam Jackson Date: Tue, 10 Mar 2015 14:25:18 -0400 Subject: [PATCH 136/194] Drop sysvinit subpackages for F23+ --- exim.spec | 23 ++++++++++++++++++++++- 1 file changed, 22 insertions(+), 1 deletion(-) diff --git a/exim.spec b/exim.spec index 0e61cc4..78cf947 100644 --- a/exim.spec +++ b/exim.spec @@ -15,7 +15,7 @@ Summary: The exim mail transfer agent Name: exim Version: 4.85 -Release: 2%{?dist} +Release: 3%{?dist} License: GPLv2+ Url: http://www.exim.org/ Group: System Environment/Daemons @@ -26,7 +26,9 @@ Requires(preun): %{_sbindir}/alternatives systemd Requires(postun): %{_sbindir}/alternatives systemd Requires(pre): %{_sbindir}/groupadd, %{_sbindir}/useradd %if %{with clamav} +%if 0%{?fedora} < 23 Requires: initscripts +%endif BuildRequires: clamav-devel %endif Source: ftp://ftp.exim.org/pub/exim/exim4/exim-%{version}.tar.bz2 @@ -91,6 +93,7 @@ routed, and there are extensive facilities for checking incoming mail. Exim can be installed in place of sendmail, although the configuration of exim is quite different to that of sendmail. +%if 0%{?fedora} < 23 %package sysvinit Summary: SysV initscript for Exim Group: System Environment/Daemons @@ -101,6 +104,7 @@ Requires(post): chkconfig %description sysvinit This package contains the SysV initscript for Exim. +%endif %package mysql Summary: MySQL lookup support for Exim @@ -166,6 +170,7 @@ For further details of Exim content scanning, see chapter 41 of the Exim specification: http://www.exim.org/exim-html-%{version}/doc/html/spec_html/ch41.html +%if 0%{?fedora} < 23 %package clamav-sysvinit Summary: SysV initscript for Clam Antivirus scanner for Exim Group: System Environment/Daemons @@ -177,6 +182,7 @@ Requires(post): chkconfig %description clamav-sysvinit This package contains the SysV initscript. %endif +%endif %package greylist Summary: Example configuration for greylisting using Exim @@ -312,8 +318,10 @@ pod2man --center=EXIM --section=8 \ mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}/sysconfig install -m 644 %SOURCE3 $RPM_BUILD_ROOT%{_sysconfdir}/sysconfig/exim +%if 0%{?fedora} < 23 mkdir -p $RPM_BUILD_ROOT%{_initrddir} install %SOURCE2 $RPM_BUILD_ROOT%{_initrddir}/exim +%endif # Systemd mkdir -p %{buildroot}%{_unitdir} @@ -364,7 +372,9 @@ mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}/clamd.d clamsubst clamd.conf %{_sysconfdir}/clamd.d/exim.conf exim exim \ 's!^##*\(\(LogFile\|LocalSocket\|PidFile\|User\)\s\|\(StreamSaveToDisk\|ScanMail\|LogTime\|ScanArchive\)$\)!\1!;s!^Example!#Example!;' +%if 0%{?fedora} < 23 clamsubst clamd.init %{_initrddir}/clamd.exim exim exim '' +%endif clamsubst clamd.logrotate %{_sysconfdir}/logrotate.d/clamd.exim exim exim '' cat < $RPM_BUILD_ROOT%{_sysconfdir}/sysconfig/clamd.exim CLAMD_CONFIG='%_sysconfdir/clamd.d/exim.conf' @@ -438,6 +448,7 @@ fi /sbin/chkconfig --del exim >/dev/null 2>&1 || : /bin/systemctl try-restart exim.service >/dev/null 2>&1 || : +%if 0%{?fedora} < 23 %triggerpostun -n exim-sysvinit -- exim < %{sysv2systemdnvr} /sbin/chkconfig --add exim >/dev/null 2>&1 || : @@ -452,6 +463,7 @@ fi %postun sysvinit [ "$1" -ge "1" ] && %{_initrddir}/exim condrestart >/dev/null 2>&1 ||: +%endif %post greylist if [ ! -r %{_var}/spool/exim/db/greylist.db ]; then @@ -524,9 +536,11 @@ fi %ghost %{_sysconfdir}/pam.d/smtp %ghost %{_mandir}/man1/mailq.1.gz +%if 0%{?fedora} < 23 %files sysvinit %defattr(-,root,root,-) %{_initrddir}/exim +%endif %files mysql %defattr(-,root,root,-) @@ -579,6 +593,7 @@ fi /sbin/chkconfig --del clamd.exim >/dev/null 2>&1 || : /bin/systemctl try-restart clamd.exim.service >/dev/null 2>&1 || : +%if 0%{?fedora} < 23 %triggerpostun -n exim-clamav-sysvinit -- exim < %{sysv2systemdnvr} /sbin/chkconfig --add clamd.exim >/dev/null 2>&1 ||: @@ -591,6 +606,7 @@ test "$1" != 0 || /sbin/chkconfig --del clamd.exim >/dev/null 2>&1 || : %postun clamav-sysvinit test "$1" = 0 || %{_initrddir}/clamd.exim condrestart >/dev/null 2>&1 || : +%endif %files clamav %defattr(-,root,root,-) @@ -603,10 +619,12 @@ test "$1" = 0 || %{_initrddir}/clamd.exim condrestart >/dev/null 2>&1 || : %ghost %attr(0750,exim,exim) %dir %{_var}/run/clamd.exim %ghost %attr(0644,exim,exim) %{_var}/log/clamd.exim +%if 0%{?fedora} < 23 %files clamav-sysvinit %defattr(-,root,root,-) %attr(0755,root,root) %config %{_initrddir}/clamd.exim %endif +%endif %files greylist %defattr(-,root,root,-) @@ -616,6 +634,9 @@ test "$1" = 0 || %{_initrddir}/clamd.exim condrestart >/dev/null 2>&1 || : %{_sysconfdir}/cron.daily/greylist-tidy.sh %changelog +* Tue Mar 10 2015 Adam Jackson 4.85-3 +- Drop sysvinit subpackages for F23+ + * Tue Feb 10 2015 Jaroslav Škarvada - 4.85-2 - Shared objects are now compiled with PIC, not PIE, which is needed for gcc-5, (by pic patch) From cf1b3d9a90ccafc1234d5e8646bf83861ed3097e Mon Sep 17 00:00:00 2001 From: Jitka Plesnikova Date: Wed, 3 Jun 2015 13:21:29 +0200 Subject: [PATCH 137/194] Perl 5.22 rebuild --- exim.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/exim.spec b/exim.spec index 78cf947..36e26f4 100644 --- a/exim.spec +++ b/exim.spec @@ -15,7 +15,7 @@ Summary: The exim mail transfer agent Name: exim Version: 4.85 -Release: 3%{?dist} +Release: 4%{?dist} License: GPLv2+ Url: http://www.exim.org/ Group: System Environment/Daemons @@ -634,6 +634,9 @@ test "$1" = 0 || %{_initrddir}/clamd.exim condrestart >/dev/null 2>&1 || : %{_sysconfdir}/cron.daily/greylist-tidy.sh %changelog +* Wed Jun 03 2015 Jitka Plesnikova - 4.85-4 +- Perl 5.22 rebuild + * Tue Mar 10 2015 Adam Jackson 4.85-3 - Drop sysvinit subpackages for F23+ From e30dd5b6f915626ef2710f4b8f8cf64ec746f018 Mon Sep 17 00:00:00 2001 From: Dennis Gilmore Date: Wed, 17 Jun 2015 05:52:12 +0000 Subject: [PATCH 138/194] - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild --- exim.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/exim.spec b/exim.spec index 36e26f4..96d7b0a 100644 --- a/exim.spec +++ b/exim.spec @@ -15,7 +15,7 @@ Summary: The exim mail transfer agent Name: exim Version: 4.85 -Release: 4%{?dist} +Release: 5%{?dist} License: GPLv2+ Url: http://www.exim.org/ Group: System Environment/Daemons @@ -634,6 +634,9 @@ test "$1" = 0 || %{_initrddir}/clamd.exim condrestart >/dev/null 2>&1 || : %{_sysconfdir}/cron.daily/greylist-tidy.sh %changelog +* Wed Jun 17 2015 Fedora Release Engineering - 4.85-5 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild + * Wed Jun 03 2015 Jitka Plesnikova - 4.85-4 - Perl 5.22 rebuild From 1329eeaea1bbf7bc39cdff4f199b52db13d245ff Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jaroslav=20=C5=A0karvada?= Date: Mon, 27 Jul 2015 14:43:48 +0200 Subject: [PATCH 139/194] New version Resolves: rhbz#1246923 - Updated and defuzzified patches --- ...lter.patch => exim-4.86-allow-filter.patch | 4 +-- ....85-config.patch => exim-4.86-config.patch | 36 ++++++++++--------- ...-4.82-cyrus.patch => exim-4.86-cyrus.patch | 4 +-- ....patch => exim-4.86-dlopen-localscan.patch | 22 ++++++------ ...onf.patch => exim-4.86-greylist-conf.patch | 14 ++++---- ...mconfig.patch => exim-4.86-pamconfig.patch | 10 +++--- ...procmail.patch => exim-4.86-procmail.patch | 6 ++-- exim-rhl.patch => exim-4.86-rhl.patch | 6 ++-- ....patch => exim-4.86-smarthost-config.patch | 8 ++--- ...amdconf.patch => exim-4.86-spamdconf.patch | 26 +++++++------- exim.spec | 29 ++++++++------- sources | 2 +- 12 files changed, 87 insertions(+), 80 deletions(-) rename exim-4.82-allow-filter.patch => exim-4.86-allow-filter.patch (81%) rename exim-4.85-config.patch => exim-4.86-config.patch (92%) rename exim-4.82-cyrus.patch => exim-4.86-cyrus.patch (90%) rename exim-4.85-dlopen-localscan.patch => exim-4.86-dlopen-localscan.patch (94%) rename exim-4.82-greylist-conf.patch => exim-4.86-greylist-conf.patch (94%) rename exim-4.82-pamconfig.patch => exim-4.86-pamconfig.patch (91%) rename exim-4.82-procmail.patch => exim-4.86-procmail.patch (89%) rename exim-rhl.patch => exim-4.86-rhl.patch (84%) rename exim-4.82-smarthost-config.patch => exim-4.86-smarthost-config.patch (91%) rename exim-4.83-spamdconf.patch => exim-4.86-spamdconf.patch (97%) diff --git a/exim-4.82-allow-filter.patch b/exim-4.86-allow-filter.patch similarity index 81% rename from exim-4.82-allow-filter.patch rename to exim-4.86-allow-filter.patch index 5772252..ed83b69 100644 --- a/exim-4.82-allow-filter.patch +++ b/exim-4.86-allow-filter.patch @@ -1,8 +1,8 @@ diff --git a/src/configure.default b/src/configure.default -index 37a6a00..52e0536 100644 +index 96ffe56..843edd2 100644 --- a/src/configure.default +++ b/src/configure.default -@@ -684,7 +684,7 @@ userforward: +@@ -699,7 +699,7 @@ userforward: # local_part_suffix = +* : -* # local_part_suffix_optional file = $home/.forward diff --git a/exim-4.85-config.patch b/exim-4.86-config.patch similarity index 92% rename from exim-4.85-config.patch rename to exim-4.86-config.patch index 020f17a..26a3059 100644 --- a/exim-4.85-config.patch +++ b/exim-4.86-config.patch @@ -12,7 +12,7 @@ index eeb26ee..9cb6385 100755 echo "" >>$mft cat $mftt >> $mft diff --git a/src/EDITME b/src/EDITME -index 4a290a4..b4c60cb 100644 +index d481122..9372675 100644 --- a/src/EDITME +++ b/src/EDITME @@ -98,7 +98,7 @@ @@ -121,7 +121,7 @@ index 4a290a4..b4c60cb 100644 # If you're using ClamAV and are backporting fixes to an old version, instead # of staying current (which is the more usual approach) then you may need to -@@ -576,7 +578,7 @@ FIXED_NEVER_USERS=root +@@ -583,7 +585,7 @@ FIXED_NEVER_USERS=root # CONFIGURE_OWNER setting, to specify a configuration file which is listed in # the TRUSTED_CONFIG_LIST file, then root privileges are not dropped by Exim. @@ -130,7 +130,7 @@ index 4a290a4..b4c60cb 100644 #------------------------------------------------------------------------------ -@@ -621,15 +623,13 @@ FIXED_NEVER_USERS=root +@@ -628,16 +630,14 @@ FIXED_NEVER_USERS=root # included in the Exim binary. You will then need to set up the run time # configuration to make use of the mechanism(s) selected. @@ -143,6 +143,7 @@ index 4a290a4..b4c60cb 100644 -# AUTH_HEIMDAL_GSSAPI_PC=heimdal-gssapi -# AUTH_PLAINTEXT=yes -# AUTH_SPA=yes +-# AUTH_TLS=yes +AUTH_CRAM_MD5=yes +AUTH_CYRUS_SASL=yes +AUTH_DOVECOT=yes @@ -150,10 +151,11 @@ index 4a290a4..b4c60cb 100644 +AUTH_GSASL_PC=libgsasl +AUTH_PLAINTEXT=yes +AUTH_SPA=yes ++AUTH_TLS=yes #------------------------------------------------------------------------------ -@@ -650,7 +650,7 @@ FIXED_NEVER_USERS=root +@@ -658,7 +658,7 @@ FIXED_NEVER_USERS=root # one that is set in the headers_charset option. The default setting is # defined by this setting: @@ -162,7 +164,7 @@ index 4a290a4..b4c60cb 100644 # If you are going to make use of $header_xxx expansions in your configuration # file, or if your users are going to use them in filter files, and the normal -@@ -670,7 +670,7 @@ HEADERS_CHARSET="ISO-8859-1" +@@ -678,7 +678,7 @@ HEADERS_CHARSET="ISO-8859-1" # the Sieve filter support. For those OS where iconv() is known to be installed # as standard, the file in OS/Makefile-xxxx contains # @@ -171,7 +173,7 @@ index 4a290a4..b4c60cb 100644 # # If you are not using one of those systems, but have installed iconv(), you # need to uncomment that line above. In some cases, you may find that iconv() -@@ -732,11 +732,11 @@ HEADERS_CHARSET="ISO-8859-1" +@@ -740,11 +740,11 @@ HEADERS_CHARSET="ISO-8859-1" # leave these settings commented out. # This setting is required for any TLS support (either OpenSSL or GnuTLS) @@ -186,7 +188,7 @@ index 4a290a4..b4c60cb 100644 # Uncomment the first and either the second or the third of these if you # are using GnuTLS. If you have pkg-config, then the second, else the third. -@@ -801,7 +801,7 @@ HEADERS_CHARSET="ISO-8859-1" +@@ -809,7 +809,7 @@ HEADERS_CHARSET="ISO-8859-1" # Once you have done this, "make install" will build the info files and # install them in the directory you have defined. @@ -195,7 +197,7 @@ index 4a290a4..b4c60cb 100644 #------------------------------------------------------------------------------ -@@ -814,7 +814,7 @@ HEADERS_CHARSET="ISO-8859-1" +@@ -822,7 +822,7 @@ HEADERS_CHARSET="ISO-8859-1" # %s. This will be replaced by one of the strings "main", "panic", or "reject" # to form the final file names. Some installations may want something like this: @@ -204,7 +206,7 @@ index 4a290a4..b4c60cb 100644 # which results in files with names /var/log/exim_mainlog, etc. The directory # in which the log files are placed must exist; Exim does not try to create -@@ -880,7 +880,7 @@ ZCAT_COMMAND=/usr/bin/zcat +@@ -894,7 +894,7 @@ ZCAT_COMMAND=/usr/bin/zcat # (version 5.004 or later) installed, set EXIM_PERL to perl.o. Using embedded # Perl costs quite a lot of resources. Only do this if you really need it. @@ -213,7 +215,7 @@ index 4a290a4..b4c60cb 100644 #------------------------------------------------------------------------------ -@@ -890,7 +890,7 @@ ZCAT_COMMAND=/usr/bin/zcat +@@ -904,7 +904,7 @@ ZCAT_COMMAND=/usr/bin/zcat # that the local_scan API is made available by the linker. You may also need # to add -ldl to EXTRALIBS so that dlopen() is available to Exim. @@ -222,7 +224,7 @@ index 4a290a4..b4c60cb 100644 #------------------------------------------------------------------------------ -@@ -900,7 +900,7 @@ ZCAT_COMMAND=/usr/bin/zcat +@@ -914,7 +914,7 @@ ZCAT_COMMAND=/usr/bin/zcat # support, which is intended for use in conjunction with the SMTP AUTH # facilities, is included only when requested by the following setting: @@ -231,7 +233,7 @@ index 4a290a4..b4c60cb 100644 # You probably need to add -lpam to EXTRALIBS, and in some releases of # GNU/Linux -ldl is also needed. -@@ -968,7 +968,7 @@ ZCAT_COMMAND=/usr/bin/zcat +@@ -982,7 +982,7 @@ ZCAT_COMMAND=/usr/bin/zcat # group. Once you have installed saslauthd, you should arrange for it to be # started by root at boot time. @@ -240,7 +242,7 @@ index 4a290a4..b4c60cb 100644 #------------------------------------------------------------------------------ -@@ -981,9 +981,9 @@ ZCAT_COMMAND=/usr/bin/zcat +@@ -995,9 +995,9 @@ ZCAT_COMMAND=/usr/bin/zcat # You may well also have to specify a local "include" file and an additional # library for TCP wrappers, so you probably need something like this: # @@ -253,7 +255,7 @@ index 4a290a4..b4c60cb 100644 # # but of course there may need to be other things in CFLAGS and EXTRALIBS_EXIM # as well. -@@ -1035,7 +1035,7 @@ SYSTEM_ALIASES_FILE=/etc/aliases +@@ -1049,7 +1049,7 @@ SYSTEM_ALIASES_FILE=/etc/aliases # is "yes", as well as supporting line editing, a history of input lines in the # current run is maintained. @@ -262,7 +264,7 @@ index 4a290a4..b4c60cb 100644 # You may need to add -ldl to EXTRALIBS when you set USE_READLINE=yes. # Note that this option adds to the size of the Exim binary, because the -@@ -1045,7 +1045,7 @@ SYSTEM_ALIASES_FILE=/etc/aliases +@@ -1059,7 +1059,7 @@ SYSTEM_ALIASES_FILE=/etc/aliases #------------------------------------------------------------------------------ # Uncomment this setting to include IPv6 support. @@ -271,7 +273,7 @@ index 4a290a4..b4c60cb 100644 ############################################################################### # THINGS YOU ALMOST NEVER NEED TO MENTION # -@@ -1066,13 +1066,13 @@ SYSTEM_ALIASES_FILE=/etc/aliases +@@ -1080,13 +1080,13 @@ SYSTEM_ALIASES_FILE=/etc/aliases # haven't got Perl, Exim will still build and run; you just won't be able to # use those utilities. @@ -292,7 +294,7 @@ index 4a290a4..b4c60cb 100644 #------------------------------------------------------------------------------ -@@ -1272,7 +1272,7 @@ TMPDIR="/tmp" +@@ -1286,7 +1286,7 @@ TMPDIR="/tmp" # (process id) to a file so that it can easily be identified. The path of the # file can be specified here. Some installations may want something like this: diff --git a/exim-4.82-cyrus.patch b/exim-4.86-cyrus.patch similarity index 90% rename from exim-4.82-cyrus.patch rename to exim-4.86-cyrus.patch index e4978da..07f3407 100644 --- a/exim-4.82-cyrus.patch +++ b/exim-4.86-cyrus.patch @@ -1,8 +1,8 @@ diff --git a/src/configure.default b/src/configure.default -index b631a4d..153c77b 100644 +index 97e9053..5393ca3 100644 --- a/src/configure.default +++ b/src/configure.default -@@ -721,6 +721,16 @@ address_reply: +@@ -736,6 +736,16 @@ address_reply: driver = autoreply diff --git a/exim-4.85-dlopen-localscan.patch b/exim-4.86-dlopen-localscan.patch similarity index 94% rename from exim-4.85-dlopen-localscan.patch rename to exim-4.86-dlopen-localscan.patch index 384dde0..174d9ac 100644 --- a/exim-4.85-dlopen-localscan.patch +++ b/exim-4.86-dlopen-localscan.patch @@ -1,8 +1,8 @@ diff --git a/src/EDITME b/src/EDITME -index b4c60cb..5f95c89 100644 +index 9372675..813dd41 100644 --- a/src/EDITME +++ b/src/EDITME -@@ -786,6 +786,20 @@ TLS_LIBS=-lssl -lcrypto +@@ -794,6 +794,20 @@ TLS_LIBS=-lssl -lcrypto #------------------------------------------------------------------------------ @@ -24,10 +24,10 @@ index b4c60cb..5f95c89 100644 # documentation. Other forms are available separately. If you want to install # the documentation in "info" format, first fetch the Texinfo documentation diff --git a/src/config.h.defaults b/src/config.h.defaults -index a0997a0..9dd84f8 100644 +index c33e098..6983a83 100644 --- a/src/config.h.defaults +++ b/src/config.h.defaults -@@ -27,6 +27,8 @@ it's a default value. */ +@@ -28,6 +28,8 @@ it's a default value. */ #define AUTH_VARS 3 @@ -37,10 +37,10 @@ index a0997a0..9dd84f8 100644 #define CONFIGURE_FILE diff --git a/src/globals.c b/src/globals.c -index fb705d9..efee424 100644 +index 66baffe..3a35d01 100644 --- a/src/globals.c +++ b/src/globals.c -@@ -170,6 +170,10 @@ uschar *tls_verify_certificates= NULL; +@@ -169,6 +169,10 @@ uschar *tls_verify_certificates= US"system"; uschar *tls_verify_hosts = NULL; #endif @@ -52,10 +52,10 @@ index fb705d9..efee424 100644 /* Per Recipient Data Response variables */ BOOL prdr_enable = FALSE; diff --git a/src/globals.h b/src/globals.h -index f4baa0b..729426c 100644 +index ab03302..cb2db5a 100644 --- a/src/globals.h +++ b/src/globals.h -@@ -130,6 +130,10 @@ extern uschar *tls_verify_certificates;/* Path for certificates to check */ +@@ -131,6 +131,10 @@ extern uschar *tls_verify_certificates;/* Path for certificates to check */ extern uschar *tls_verify_hosts; /* Mandatory client verification */ #endif @@ -63,9 +63,9 @@ index f4baa0b..729426c 100644 +extern uschar *local_scan_path; /* Path to local_scan() library */ +#endif + - #ifdef EXPERIMENTAL_DSN extern uschar *dsn_envid; /* DSN envid string */ extern int dsn_ret; /* DSN ret type*/ + extern const pcre *regex_DSN; /* For recognizing DSN settings */ diff --git a/src/local_scan.c b/src/local_scan.c index 3500047..8599172 100644 --- a/src/local_scan.c @@ -250,10 +250,10 @@ index 3500047..8599172 100644 + /* End of local_scan.c */ diff --git a/src/readconf.c b/src/readconf.c -index 40af940..81be47f 100644 +index 8a62d02..69c8c89 100644 --- a/src/readconf.c +++ b/src/readconf.c -@@ -293,6 +293,9 @@ static optionlist optionlist_config[] = { +@@ -295,6 +295,9 @@ static optionlist optionlist_config[] = { { "local_from_prefix", opt_stringptr, &local_from_prefix }, { "local_from_suffix", opt_stringptr, &local_from_suffix }, { "local_interfaces", opt_stringptr, &local_interfaces }, diff --git a/exim-4.82-greylist-conf.patch b/exim-4.86-greylist-conf.patch similarity index 94% rename from exim-4.82-greylist-conf.patch rename to exim-4.86-greylist-conf.patch index eac3cbc..fc20587 100644 --- a/exim-4.82-greylist-conf.patch +++ b/exim-4.86-greylist-conf.patch @@ -1,5 +1,5 @@ diff --git a/src/configure.default b/src/configure.default -index 3728043..0126880 100644 +index 915806e..8b1f3bf 100644 --- a/src/configure.default +++ b/src/configure.default @@ -106,6 +106,7 @@ hostlist relay_from_hosts = localhost @@ -10,7 +10,7 @@ index 3728043..0126880 100644 acl_smtp_rcpt = acl_check_rcpt acl_smtp_data = acl_check_data acl_smtp_mime = acl_check_mime -@@ -340,6 +341,29 @@ timeout_frozen_after = 7d +@@ -355,6 +356,29 @@ timeout_frozen_after = 7d begin acl @@ -40,7 +40,7 @@ index 3728043..0126880 100644 # This access control list is used for every RCPT command in an incoming # SMTP message. The tests are run in order until the address is either # accepted or denied. -@@ -460,7 +484,8 @@ acl_check_rcpt: +@@ -475,7 +499,8 @@ acl_check_rcpt: # There are no default checks on DNS black lists because the domains that # contain these lists are changing all the time. However, here are two # examples of how you can get Exim to perform a DNS black list lookup at this @@ -50,7 +50,7 @@ index 3728043..0126880 100644 # # deny message = rejected because $sender_host_address is in a black list at $dnslist_domain\n$dnslist_text # dnslists = black.list.example -@@ -468,6 +493,10 @@ acl_check_rcpt: +@@ -483,6 +508,10 @@ acl_check_rcpt: # warn dnslists = black.list.example # add_header = X-Warning: $sender_host_address is in a black list at $dnslist_domain # log_message = found in $dnslist_domain @@ -61,7 +61,7 @@ index 3728043..0126880 100644 ############################################################################# ############################################################################# -@@ -481,6 +510,10 @@ acl_check_rcpt: +@@ -496,6 +525,10 @@ acl_check_rcpt: # require verify = csa ############################################################################# @@ -72,7 +72,7 @@ index 3728043..0126880 100644 # At this point, the address has passed all the checks that have been # configured, so we accept it unconditionally. -@@ -506,6 +539,12 @@ acl_check_data: +@@ -521,6 +554,12 @@ acl_check_data: # deny condition = ${if !def:h_Message-ID: {1}} # message = RFC2822 says that all mail SHOULD have a Message-ID header.\n\ # Most messages without it are spam, so your mail has been rejected. @@ -85,7 +85,7 @@ index 3728043..0126880 100644 # Deny if the message contains a virus. Before enabling this check, you # must install a virus scanner and set the av_scanner option above. -@@ -540,8 +579,30 @@ acl_check_data: +@@ -555,8 +594,30 @@ acl_check_data: # message = Your message scored $spam_score SpamAssassin point. Report follows:\n\ # $spam_report diff --git a/exim-4.82-pamconfig.patch b/exim-4.86-pamconfig.patch similarity index 91% rename from exim-4.82-pamconfig.patch rename to exim-4.86-pamconfig.patch index 3906975..51691ca 100644 --- a/exim-4.82-pamconfig.patch +++ b/exim-4.86-pamconfig.patch @@ -1,5 +1,5 @@ diff --git a/src/configure.default b/src/configure.default -index 153c77b..38f0f56 100644 +index 5393ca3..dae5a54 100644 --- a/src/configure.default +++ b/src/configure.default @@ -141,7 +141,7 @@ acl_smtp_data = acl_check_data @@ -56,9 +56,9 @@ index 153c77b..38f0f56 100644 +# +auth_advertise_hosts = - # The settings below, which are actually the same as the defaults in the - # code, cause Exim to make RFC 1413 (ident) callbacks for all incoming SMTP -@@ -800,7 +818,7 @@ begin authenticators + # The settings below cause Exim to make RFC 1413 (ident) callbacks + # for all incoming SMTP calls. You can limit the hosts to which these +@@ -815,7 +833,7 @@ begin authenticators # driver = plaintext # server_set_id = $auth2 # server_prompts = : @@ -67,7 +67,7 @@ index 153c77b..38f0f56 100644 # server_advertise_condition = ${if def:tls_in_cipher } # LOGIN authentication has traditional prompts and responses. There is no -@@ -812,7 +830,7 @@ begin authenticators +@@ -827,7 +845,7 @@ begin authenticators # driver = plaintext # server_set_id = $auth1 # server_prompts = <| Username: | Password: diff --git a/exim-4.82-procmail.patch b/exim-4.86-procmail.patch similarity index 89% rename from exim-4.82-procmail.patch rename to exim-4.86-procmail.patch index 06e6e46..a995d1f 100644 --- a/exim-4.82-procmail.patch +++ b/exim-4.86-procmail.patch @@ -1,8 +1,8 @@ diff --git a/src/configure.default b/src/configure.default -index 8b599d2..37a6a00 100644 +index 5250b58..96ffe56 100644 --- a/src/configure.default +++ b/src/configure.default -@@ -692,6 +692,12 @@ userforward: +@@ -707,6 +707,12 @@ userforward: pipe_transport = address_pipe reply_transport = address_reply @@ -15,7 +15,7 @@ index 8b599d2..37a6a00 100644 # This router matches local user mailboxes. If the router fails, the error # message is "Unknown user". -@@ -729,6 +735,16 @@ begin transports +@@ -744,6 +750,16 @@ begin transports remote_smtp: driver = smtp diff --git a/exim-rhl.patch b/exim-4.86-rhl.patch similarity index 84% rename from exim-rhl.patch rename to exim-4.86-rhl.patch index c91b528..33bb25e 100644 --- a/exim-rhl.patch +++ b/exim-4.86-rhl.patch @@ -1,8 +1,8 @@ diff --git a/src/configure.default b/src/configure.default -index 1274349..b631a4d 100644 +index 3223bff..97e9053 100644 --- a/src/configure.default +++ b/src/configure.default -@@ -590,7 +590,7 @@ system_aliases: +@@ -605,7 +605,7 @@ system_aliases: driver = redirect allow_fail allow_defer @@ -11,7 +11,7 @@ index 1274349..b631a4d 100644 # user = exim file_transport = address_file pipe_transport = address_pipe -@@ -687,8 +687,8 @@ local_delivery: +@@ -702,8 +702,8 @@ local_delivery: delivery_date_add envelope_to_add return_path_add diff --git a/exim-4.82-smarthost-config.patch b/exim-4.86-smarthost-config.patch similarity index 91% rename from exim-4.82-smarthost-config.patch rename to exim-4.86-smarthost-config.patch index 89254b1..f119de0 100644 --- a/exim-4.82-smarthost-config.patch +++ b/exim-4.86-smarthost-config.patch @@ -1,8 +1,8 @@ diff --git a/src/configure.default b/src/configure.default -index 0126880..b7c30ac 100644 +index 8b1f3bf..b2c8046 100644 --- a/src/configure.default +++ b/src/configure.default -@@ -796,6 +796,15 @@ begin transports +@@ -811,6 +811,15 @@ begin transports remote_smtp: driver = smtp @@ -18,7 +18,7 @@ index 0126880..b7c30ac 100644 # This transport invokes procmail to deliver mail procmail: driver = pipe -@@ -904,6 +913,21 @@ begin rewrite +@@ -919,6 +928,21 @@ begin rewrite # AUTHENTICATION CONFIGURATION # ###################################################################### @@ -40,7 +40,7 @@ index 0126880..b7c30ac 100644 # The following authenticators support plaintext username/password # authentication using the standard PLAIN mechanism and the traditional # but non-standard LOGIN mechanism, with Exim acting as the server. -@@ -919,7 +943,7 @@ begin rewrite +@@ -934,7 +958,7 @@ begin rewrite # The default RCPT ACL checks for successful authentication, and will accept # messages from authenticated users from anywhere on the Internet. diff --git a/exim-4.83-spamdconf.patch b/exim-4.86-spamdconf.patch similarity index 97% rename from exim-4.83-spamdconf.patch rename to exim-4.86-spamdconf.patch index b931f11..f65b24f 100644 --- a/exim-4.83-spamdconf.patch +++ b/exim-4.86-spamdconf.patch @@ -1,5 +1,5 @@ diff --git a/src/configure.default b/src/configure.default -index 38f0f56..8b599d2 100644 +index dae5a54..5250b58 100644 --- a/src/configure.default +++ b/src/configure.default @@ -108,6 +108,7 @@ hostlist relay_from_hosts = localhost @@ -19,7 +19,7 @@ index 38f0f56..8b599d2 100644 # For spam scanning, there is a similar option that defines the interface to -@@ -403,7 +404,8 @@ acl_check_rcpt: +@@ -418,7 +419,8 @@ acl_check_rcpt: accept local_parts = postmaster domains = +local_domains @@ -29,7 +29,7 @@ index 38f0f56..8b599d2 100644 require verify = sender -@@ -495,27 +497,63 @@ acl_check_rcpt: +@@ -510,27 +512,63 @@ acl_check_rcpt: acl_check_data: @@ -53,10 +53,16 @@ index 38f0f56..8b599d2 100644 - # you must install SpamAssassin. You may also need to set the spamd_address - # option above. + # Bypass SpamAssassin checks if the message is too large. -+ # + # +- # warn spam = nobody +- # add_header = X-Spam_score: $spam_score\n\ +- # X-Spam_score_int: $spam_score_int\n\ +- # X-Spam_bar: $spam_bar\n\ +- # X-Spam_report: $spam_report + # accept condition = ${if >={$message_size}{100000} {1}} + # add_header = X-Spam-Note: SpamAssassin run bypassed due to message size -+ + +- # Accept the message. + # Run SpamAssassin, but allow for it to fail or time out. Add a warning message + # and accept the mail if that happens. Add an X-Spam-Flag: header if the SA + # score exceeds the SA system threshold. @@ -66,19 +72,13 @@ index 38f0f56..8b599d2 100644 + # + # accept condition = ${if !def:spam_score_int {1}} + # add_header = X-Spam-Note: SpamAssassin invocation failed - # -- # warn spam = nobody -- # add_header = X-Spam_score: $spam_score\n\ -- # X-Spam_score_int: $spam_score_int\n\ -- # X-Spam_bar: $spam_bar\n\ -- # X-Spam_report: $spam_report ++ # + + # Unconditionally add score and report headers + # + # warn add_header = X-Spam-Score: $spam_score ($spam_bar)\n\ + # X-Spam-Report: $spam_report - -- # Accept the message. ++ + # And reject if the SpamAssassin score is greater than ten + # + # deny condition = ${if >{$spam_score_int}{100} {1}} diff --git a/exim.spec b/exim.spec index 96d7b0a..6ca0e4a 100644 --- a/exim.spec +++ b/exim.spec @@ -14,8 +14,8 @@ Summary: The exim mail transfer agent Name: exim -Version: 4.85 -Release: 5%{?dist} +Version: 4.86 +Release: 1%{?dist} License: GPLv2+ Url: http://www.exim.org/ Group: System Environment/Daemons @@ -54,18 +54,18 @@ Source25: exim-gen-cert Source26: clamd.exim.service %endif -Patch4: exim-rhl.patch -Patch6: exim-4.85-config.patch +Patch4: exim-4.86-rhl.patch +Patch6: exim-4.86-config.patch Patch8: exim-4.82-libdir.patch -Patch12: exim-4.82-cyrus.patch -Patch13: exim-4.82-pamconfig.patch -Patch14: exim-4.83-spamdconf.patch -Patch18: exim-4.85-dlopen-localscan.patch -Patch19: exim-4.82-procmail.patch -Patch20: exim-4.82-allow-filter.patch +Patch12: exim-4.86-cyrus.patch +Patch13: exim-4.86-pamconfig.patch +Patch14: exim-4.86-spamdconf.patch +Patch18: exim-4.86-dlopen-localscan.patch +Patch19: exim-4.86-procmail.patch +Patch20: exim-4.86-allow-filter.patch Patch21: exim-4.82-localhost-is-local.patch -Patch22: exim-4.82-greylist-conf.patch -Patch23: exim-4.82-smarthost-config.patch +Patch22: exim-4.86-greylist-conf.patch +Patch23: exim-4.86-smarthost-config.patch Patch25: exim-4.82-dynlookup-config.patch # Upstream ticket: http://bugs.exim.org/show_bug.cgi?id=1584 Patch26: exim-4.85-pic.patch @@ -634,6 +634,11 @@ test "$1" = 0 || %{_initrddir}/clamd.exim condrestart >/dev/null 2>&1 || : %{_sysconfdir}/cron.daily/greylist-tidy.sh %changelog +* Mon Jul 27 2015 Jaroslav Škarvada - 4.86-1 +- New version + Resolves: rhbz#1246923 +- Updated and defuzzified patches + * Wed Jun 17 2015 Fedora Release Engineering - 4.85-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild diff --git a/sources b/sources index e66e025..2df38dc 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -ebae28762b6f125726283dc9434e8709 exim-4.85.tar.bz2 +797f248ef3e0c0e2f178e915f88fc4e9 exim-4.86.tar.bz2 From d8c6103723160634ae304cd0297823407a1d8bed Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jaroslav=20=C5=A0karvada?= Date: Fri, 18 Sep 2015 18:14:55 +0200 Subject: [PATCH 140/194] Hardened build, rebuilt with the full RELRO (only the daemon) --- exim.spec | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/exim.spec b/exim.spec index 6ca0e4a..edf66f6 100644 --- a/exim.spec +++ b/exim.spec @@ -12,10 +12,13 @@ %global sysv2systemdnvr 4.76-6 +# hardened build if not overridden +%{!?_hardened_build:%global _hardened_build 1} + Summary: The exim mail transfer agent Name: exim Version: 4.86 -Release: 1%{?dist} +Release: 2%{?dist} License: GPLv2+ Url: http://www.exim.org/ Group: System Environment/Daemons @@ -245,7 +248,7 @@ cp exim_monitor/EDITME Local/eximon.conf export PIE=-fPIE export PIC=-fPIC %endif -make _lib=%{_lib} FULLECHO= +make _lib=%{_lib} FULLECHO= LDFLAGS="%{?__global_ldflags} %{?_hardened_build:-pie -Wl,-z,relro,-z,now}" %if %{with sa} # build sa-exim @@ -634,6 +637,9 @@ test "$1" = 0 || %{_initrddir}/clamd.exim condrestart >/dev/null 2>&1 || : %{_sysconfdir}/cron.daily/greylist-tidy.sh %changelog +* Fri Sep 18 2015 Jaroslav Škarvada - 4.86-2 +- Hardened build, rebuilt with the full RELRO (only the daemon) + * Mon Jul 27 2015 Jaroslav Škarvada - 4.86-1 - New version Resolves: rhbz#1246923 From 6ec502e3715c7864a0fc5de3988479dfc6f1fdd7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jaroslav=20=C5=A0karvada?= Date: Mon, 2 Nov 2015 18:09:41 +0100 Subject: [PATCH 141/194] Fixed exim-gen-cert not to output error on success --- exim-gen-cert | 4 ++-- exim.spec | 5 ++++- 2 files changed, 6 insertions(+), 3 deletions(-) diff --git a/exim-gen-cert b/exim-gen-cert index 811efda..dbcd26e 100644 --- a/exim-gen-cert +++ b/exim-gen-cert @@ -22,11 +22,11 @@ ${FQDN} root@${FQDN} EOF if [ $? -eq 0 ]; then - success + echo success chown exim.exim /etc/pki/tls/{private,certs}/exim.pem chmod 600 /etc/pki/tls/{private,certs}/exim.pem else - failure + echo failure fi echo fi diff --git a/exim.spec b/exim.spec index edf66f6..4d2aa60 100644 --- a/exim.spec +++ b/exim.spec @@ -18,7 +18,7 @@ Summary: The exim mail transfer agent Name: exim Version: 4.86 -Release: 2%{?dist} +Release: 3%{?dist} License: GPLv2+ Url: http://www.exim.org/ Group: System Environment/Daemons @@ -637,6 +637,9 @@ test "$1" = 0 || %{_initrddir}/clamd.exim condrestart >/dev/null 2>&1 || : %{_sysconfdir}/cron.daily/greylist-tidy.sh %changelog +* Mon Nov 2 2015 Jaroslav Škarvada - 4.86-3 +- Fixed exim-gen-cert not to output error on success + * Fri Sep 18 2015 Jaroslav Škarvada - 4.86-2 - Hardened build, rebuilt with the full RELRO (only the daemon) From 5d0620373cea7303c178b9cee8eaf221ffc85dd0 Mon Sep 17 00:00:00 2001 From: Dennis Gilmore Date: Wed, 3 Feb 2016 20:09:12 +0000 Subject: [PATCH 142/194] - Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild --- exim.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/exim.spec b/exim.spec index 4d2aa60..aee7a42 100644 --- a/exim.spec +++ b/exim.spec @@ -18,7 +18,7 @@ Summary: The exim mail transfer agent Name: exim Version: 4.86 -Release: 3%{?dist} +Release: 4%{?dist} License: GPLv2+ Url: http://www.exim.org/ Group: System Environment/Daemons @@ -637,6 +637,9 @@ test "$1" = 0 || %{_initrddir}/clamd.exim condrestart >/dev/null 2>&1 || : %{_sysconfdir}/cron.daily/greylist-tidy.sh %changelog +* Wed Feb 03 2016 Fedora Release Engineering - 4.86-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild + * Mon Nov 2 2015 Jaroslav Škarvada - 4.86-3 - Fixed exim-gen-cert not to output error on success From d7b60f90839b283bf4ac22057aead8e393909871 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jaroslav=20=C5=A0karvada?= Date: Thu, 3 Mar 2016 13:36:11 +0100 Subject: [PATCH 143/194] New version Resolves: rhbz#1314118 - Fixed local privilege escalation for set-uid root when using perl_startup Resolves: CVE-2016-1531 - Defuzzified patches --- ...scan.patch => exim-4.86.2-dlopen-localscan.patch | 8 ++++---- exim.spec | 13 ++++++++++--- sources | 2 +- 3 files changed, 15 insertions(+), 8 deletions(-) rename exim-4.86-dlopen-localscan.patch => exim-4.86.2-dlopen-localscan.patch (98%) diff --git a/exim-4.86-dlopen-localscan.patch b/exim-4.86.2-dlopen-localscan.patch similarity index 98% rename from exim-4.86-dlopen-localscan.patch rename to exim-4.86.2-dlopen-localscan.patch index 174d9ac..b3ab1fc 100644 --- a/exim-4.86-dlopen-localscan.patch +++ b/exim-4.86.2-dlopen-localscan.patch @@ -37,7 +37,7 @@ index c33e098..6983a83 100644 #define CONFIGURE_FILE diff --git a/src/globals.c b/src/globals.c -index 66baffe..3a35d01 100644 +index 1dbc015..10fb3e4 100644 --- a/src/globals.c +++ b/src/globals.c @@ -169,6 +169,10 @@ uschar *tls_verify_certificates= US"system"; @@ -52,7 +52,7 @@ index 66baffe..3a35d01 100644 /* Per Recipient Data Response variables */ BOOL prdr_enable = FALSE; diff --git a/src/globals.h b/src/globals.h -index ab03302..cb2db5a 100644 +index f3e884b..7063d97 100644 --- a/src/globals.h +++ b/src/globals.h @@ -131,6 +131,10 @@ extern uschar *tls_verify_certificates;/* Path for certificates to check */ @@ -250,10 +250,10 @@ index 3500047..8599172 100644 + /* End of local_scan.c */ diff --git a/src/readconf.c b/src/readconf.c -index 8a62d02..69c8c89 100644 +index 1de6bd7..d1e5142 100644 --- a/src/readconf.c +++ b/src/readconf.c -@@ -295,6 +295,9 @@ static optionlist optionlist_config[] = { +@@ -300,6 +300,9 @@ static optionlist optionlist_config[] = { { "local_from_prefix", opt_stringptr, &local_from_prefix }, { "local_from_suffix", opt_stringptr, &local_from_suffix }, { "local_interfaces", opt_stringptr, &local_interfaces }, diff --git a/exim.spec b/exim.spec index aee7a42..ec2dab6 100644 --- a/exim.spec +++ b/exim.spec @@ -17,8 +17,8 @@ Summary: The exim mail transfer agent Name: exim -Version: 4.86 -Release: 4%{?dist} +Version: 4.86.2 +Release: 1%{?dist} License: GPLv2+ Url: http://www.exim.org/ Group: System Environment/Daemons @@ -63,7 +63,7 @@ Patch8: exim-4.82-libdir.patch Patch12: exim-4.86-cyrus.patch Patch13: exim-4.86-pamconfig.patch Patch14: exim-4.86-spamdconf.patch -Patch18: exim-4.86-dlopen-localscan.patch +Patch18: exim-4.86.2-dlopen-localscan.patch Patch19: exim-4.86-procmail.patch Patch20: exim-4.86-allow-filter.patch Patch21: exim-4.82-localhost-is-local.patch @@ -637,6 +637,13 @@ test "$1" = 0 || %{_initrddir}/clamd.exim condrestart >/dev/null 2>&1 || : %{_sysconfdir}/cron.daily/greylist-tidy.sh %changelog +* Thu Mar 3 2016 Jaroslav Škarvada - 4.86.2-1 +- New version + Resolves: rhbz#1314118 +- Fixed local privilege escalation for set-uid root when using perl_startup + Resolves: CVE-2016-1531 +- Defuzzified patches + * Wed Feb 03 2016 Fedora Release Engineering - 4.86-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild diff --git a/sources b/sources index 2df38dc..6c84ef6 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -797f248ef3e0c0e2f178e915f88fc4e9 exim-4.86.tar.bz2 +1443a4a88d6b78ad9b6a681c51437b55 exim-4.86.2.tar.bz2 From a4234ab10286486cd555ac63b19545f3ea4935bf Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jaroslav=20=C5=A0karvada?= Date: Sun, 10 Apr 2016 23:30:22 +0200 Subject: [PATCH 144/194] New version Resolves: rhbz#1325557 --- ...lter.patch => exim-4.87-allow-filter.patch | 4 +- ....86-config.patch => exim-4.87-config.patch | 49 ++++++++++--------- ...-4.86-cyrus.patch => exim-4.87-cyrus.patch | 4 +- ....patch => exim-4.87-dlopen-localscan.patch | 27 +++++----- ....patch => exim-4.87-dynlookup-config.patch | 6 +-- ...onf.patch => exim-4.87-greylist-conf.patch | 16 +++--- ...atch => exim-4.87-localhost-is-local.patch | 4 +- ...mconfig.patch => exim-4.87-pamconfig.patch | 14 +++--- ...procmail.patch => exim-4.87-procmail.patch | 8 +-- exim-4.86-rhl.patch => exim-4.87-rhl.patch | 6 +-- ....patch => exim-4.87-smarthost-config.patch | 10 ++-- ...amdconf.patch => exim-4.87-spamdconf.patch | 14 +++--- exim.spec | 30 +++++++----- sources | 2 +- 14 files changed, 100 insertions(+), 94 deletions(-) rename exim-4.86-allow-filter.patch => exim-4.87-allow-filter.patch (81%) rename exim-4.86-config.patch => exim-4.87-config.patch (90%) rename exim-4.86-cyrus.patch => exim-4.87-cyrus.patch (90%) rename exim-4.86.2-dlopen-localscan.patch => exim-4.87-dlopen-localscan.patch (93%) rename exim-4.82-dynlookup-config.patch => exim-4.87-dynlookup-config.patch (86%) rename exim-4.86-greylist-conf.patch => exim-4.87-greylist-conf.patch (93%) rename exim-4.82-localhost-is-local.patch => exim-4.87-localhost-is-local.patch (90%) rename exim-4.86-pamconfig.patch => exim-4.87-pamconfig.patch (90%) rename exim-4.86-procmail.patch => exim-4.87-procmail.patch (83%) rename exim-4.86-rhl.patch => exim-4.87-rhl.patch (84%) rename exim-4.86-smarthost-config.patch => exim-4.87-smarthost-config.patch (88%) rename exim-4.86-spamdconf.patch => exim-4.87-spamdconf.patch (93%) diff --git a/exim-4.86-allow-filter.patch b/exim-4.87-allow-filter.patch similarity index 81% rename from exim-4.86-allow-filter.patch rename to exim-4.87-allow-filter.patch index ed83b69..c3a94f3 100644 --- a/exim-4.86-allow-filter.patch +++ b/exim-4.87-allow-filter.patch @@ -1,8 +1,8 @@ diff --git a/src/configure.default b/src/configure.default -index 96ffe56..843edd2 100644 +index e4ca5b9..d1ce2f1 100644 --- a/src/configure.default +++ b/src/configure.default -@@ -699,7 +699,7 @@ userforward: +@@ -722,7 +722,7 @@ userforward: # local_part_suffix = +* : -* # local_part_suffix_optional file = $home/.forward diff --git a/exim-4.86-config.patch b/exim-4.87-config.patch similarity index 90% rename from exim-4.86-config.patch rename to exim-4.87-config.patch index 26a3059..78bddc4 100644 --- a/exim-4.86-config.patch +++ b/exim-4.87-config.patch @@ -1,8 +1,8 @@ diff --git a/scripts/Configure-Makefile b/scripts/Configure-Makefile -index eeb26ee..9cb6385 100755 +index 4aa7d76..3a5263c 100755 --- a/scripts/Configure-Makefile +++ b/scripts/Configure-Makefile -@@ -249,7 +249,7 @@ if [ "${EXIM_PERL}" != "" ] ; then +@@ -253,7 +253,7 @@ if [ "${EXIM_PERL}" != "" ] ; then mv $mft $mftt echo "PERL_CC=`$PERL_COMMAND -MConfig -e 'print $Config{cc}'`" >>$mft @@ -12,7 +12,7 @@ index eeb26ee..9cb6385 100755 echo "" >>$mft cat $mftt >> $mft diff --git a/src/EDITME b/src/EDITME -index d481122..9372675 100644 +index d852103..bbb7527 100644 --- a/src/EDITME +++ b/src/EDITME @@ -98,7 +98,7 @@ @@ -73,7 +73,7 @@ index d481122..9372675 100644 #------------------------------------------------------------------------------ -@@ -296,18 +296,20 @@ LOOKUP_DBM=yes +@@ -301,19 +301,21 @@ LOOKUP_DBM=yes LOOKUP_LSEARCH=yes LOOKUP_DNSDB=yes @@ -96,15 +96,16 @@ index d481122..9372675 100644 # LOOKUP_ORACLE=yes -# LOOKUP_PASSWD=yes -# LOOKUP_PGSQL=yes --# LOOKUP_SQLITE=yes --# LOOKUP_SQLITE_PC=sqlite3 +LOOKUP_PASSWD=yes +LOOKUP_PGSQL=yes + # LOOKUP_REDIS=yes +-# LOOKUP_SQLITE=yes +-# LOOKUP_SQLITE_PC=sqlite3 +LOOKUP_SQLITE=yes # LOOKUP_WHOSON=yes # These two settings are obsolete; all three lookups are compiled when -@@ -383,14 +385,14 @@ EXIM_MONITOR=eximon.bin +@@ -390,14 +392,14 @@ EXIM_MONITOR=eximon.bin # and the MIME ACL. Please read the documentation to learn more about these # features. @@ -119,9 +120,9 @@ index d481122..9372675 100644 -# WITH_OLD_DEMIME=yes +WITH_OLD_DEMIME=yes + #------------------------------------------------------------------------------ # If you're using ClamAV and are backporting fixes to an old version, instead - # of staying current (which is the more usual approach) then you may need to -@@ -583,7 +585,7 @@ FIXED_NEVER_USERS=root +@@ -573,7 +575,7 @@ FIXED_NEVER_USERS=root # CONFIGURE_OWNER setting, to specify a configuration file which is listed in # the TRUSTED_CONFIG_LIST file, then root privileges are not dropped by Exim. @@ -130,7 +131,7 @@ index d481122..9372675 100644 #------------------------------------------------------------------------------ -@@ -628,16 +630,14 @@ FIXED_NEVER_USERS=root +@@ -618,16 +620,14 @@ FIXED_NEVER_USERS=root # included in the Exim binary. You will then need to set up the run time # configuration to make use of the mechanism(s) selected. @@ -155,7 +156,7 @@ index d481122..9372675 100644 #------------------------------------------------------------------------------ -@@ -658,7 +658,7 @@ FIXED_NEVER_USERS=root +@@ -648,7 +648,7 @@ FIXED_NEVER_USERS=root # one that is set in the headers_charset option. The default setting is # defined by this setting: @@ -164,7 +165,7 @@ index d481122..9372675 100644 # If you are going to make use of $header_xxx expansions in your configuration # file, or if your users are going to use them in filter files, and the normal -@@ -678,7 +678,7 @@ HEADERS_CHARSET="ISO-8859-1" +@@ -668,7 +668,7 @@ HEADERS_CHARSET="ISO-8859-1" # the Sieve filter support. For those OS where iconv() is known to be installed # as standard, the file in OS/Makefile-xxxx contains # @@ -173,7 +174,7 @@ index d481122..9372675 100644 # # If you are not using one of those systems, but have installed iconv(), you # need to uncomment that line above. In some cases, you may find that iconv() -@@ -740,11 +740,11 @@ HEADERS_CHARSET="ISO-8859-1" +@@ -730,11 +730,11 @@ HEADERS_CHARSET="ISO-8859-1" # leave these settings commented out. # This setting is required for any TLS support (either OpenSSL or GnuTLS) @@ -188,7 +189,7 @@ index d481122..9372675 100644 # Uncomment the first and either the second or the third of these if you # are using GnuTLS. If you have pkg-config, then the second, else the third. -@@ -809,7 +809,7 @@ HEADERS_CHARSET="ISO-8859-1" +@@ -799,7 +799,7 @@ HEADERS_CHARSET="ISO-8859-1" # Once you have done this, "make install" will build the info files and # install them in the directory you have defined. @@ -197,7 +198,7 @@ index d481122..9372675 100644 #------------------------------------------------------------------------------ -@@ -822,7 +822,7 @@ HEADERS_CHARSET="ISO-8859-1" +@@ -812,7 +812,7 @@ HEADERS_CHARSET="ISO-8859-1" # %s. This will be replaced by one of the strings "main", "panic", or "reject" # to form the final file names. Some installations may want something like this: @@ -206,7 +207,7 @@ index d481122..9372675 100644 # which results in files with names /var/log/exim_mainlog, etc. The directory # in which the log files are placed must exist; Exim does not try to create -@@ -894,7 +894,7 @@ ZCAT_COMMAND=/usr/bin/zcat +@@ -884,7 +884,7 @@ ZCAT_COMMAND=/usr/bin/zcat # (version 5.004 or later) installed, set EXIM_PERL to perl.o. Using embedded # Perl costs quite a lot of resources. Only do this if you really need it. @@ -215,7 +216,7 @@ index d481122..9372675 100644 #------------------------------------------------------------------------------ -@@ -904,7 +904,7 @@ ZCAT_COMMAND=/usr/bin/zcat +@@ -894,7 +894,7 @@ ZCAT_COMMAND=/usr/bin/zcat # that the local_scan API is made available by the linker. You may also need # to add -ldl to EXTRALIBS so that dlopen() is available to Exim. @@ -224,7 +225,7 @@ index d481122..9372675 100644 #------------------------------------------------------------------------------ -@@ -914,7 +914,7 @@ ZCAT_COMMAND=/usr/bin/zcat +@@ -904,7 +904,7 @@ ZCAT_COMMAND=/usr/bin/zcat # support, which is intended for use in conjunction with the SMTP AUTH # facilities, is included only when requested by the following setting: @@ -233,7 +234,7 @@ index d481122..9372675 100644 # You probably need to add -lpam to EXTRALIBS, and in some releases of # GNU/Linux -ldl is also needed. -@@ -982,7 +982,7 @@ ZCAT_COMMAND=/usr/bin/zcat +@@ -998,7 +998,7 @@ ZCAT_COMMAND=/usr/bin/zcat # group. Once you have installed saslauthd, you should arrange for it to be # started by root at boot time. @@ -242,7 +243,7 @@ index d481122..9372675 100644 #------------------------------------------------------------------------------ -@@ -995,9 +995,9 @@ ZCAT_COMMAND=/usr/bin/zcat +@@ -1011,9 +1011,9 @@ ZCAT_COMMAND=/usr/bin/zcat # You may well also have to specify a local "include" file and an additional # library for TCP wrappers, so you probably need something like this: # @@ -255,7 +256,7 @@ index d481122..9372675 100644 # # but of course there may need to be other things in CFLAGS and EXTRALIBS_EXIM # as well. -@@ -1049,7 +1049,7 @@ SYSTEM_ALIASES_FILE=/etc/aliases +@@ -1065,7 +1065,7 @@ SYSTEM_ALIASES_FILE=/etc/aliases # is "yes", as well as supporting line editing, a history of input lines in the # current run is maintained. @@ -264,7 +265,7 @@ index d481122..9372675 100644 # You may need to add -ldl to EXTRALIBS when you set USE_READLINE=yes. # Note that this option adds to the size of the Exim binary, because the -@@ -1059,7 +1059,7 @@ SYSTEM_ALIASES_FILE=/etc/aliases +@@ -1075,7 +1075,7 @@ SYSTEM_ALIASES_FILE=/etc/aliases #------------------------------------------------------------------------------ # Uncomment this setting to include IPv6 support. @@ -273,7 +274,7 @@ index d481122..9372675 100644 ############################################################################### # THINGS YOU ALMOST NEVER NEED TO MENTION # -@@ -1080,13 +1080,13 @@ SYSTEM_ALIASES_FILE=/etc/aliases +@@ -1096,13 +1096,13 @@ SYSTEM_ALIASES_FILE=/etc/aliases # haven't got Perl, Exim will still build and run; you just won't be able to # use those utilities. @@ -294,7 +295,7 @@ index d481122..9372675 100644 #------------------------------------------------------------------------------ -@@ -1286,7 +1286,7 @@ TMPDIR="/tmp" +@@ -1304,7 +1304,7 @@ EXIM_TMPDIR="/tmp" # (process id) to a file so that it can easily be identified. The path of the # file can be specified here. Some installations may want something like this: diff --git a/exim-4.86-cyrus.patch b/exim-4.87-cyrus.patch similarity index 90% rename from exim-4.86-cyrus.patch rename to exim-4.87-cyrus.patch index 07f3407..97f2710 100644 --- a/exim-4.86-cyrus.patch +++ b/exim-4.87-cyrus.patch @@ -1,8 +1,8 @@ diff --git a/src/configure.default b/src/configure.default -index 97e9053..5393ca3 100644 +index 12ed1e0..0af6fb8 100644 --- a/src/configure.default +++ b/src/configure.default -@@ -736,6 +736,16 @@ address_reply: +@@ -763,6 +763,16 @@ address_reply: driver = autoreply diff --git a/exim-4.86.2-dlopen-localscan.patch b/exim-4.87-dlopen-localscan.patch similarity index 93% rename from exim-4.86.2-dlopen-localscan.patch rename to exim-4.87-dlopen-localscan.patch index b3ab1fc..6712860 100644 --- a/exim-4.86.2-dlopen-localscan.patch +++ b/exim-4.87-dlopen-localscan.patch @@ -1,8 +1,8 @@ diff --git a/src/EDITME b/src/EDITME -index 9372675..813dd41 100644 +index bbb7527..df3dcc8 100644 --- a/src/EDITME +++ b/src/EDITME -@@ -794,6 +794,20 @@ TLS_LIBS=-lssl -lcrypto +@@ -784,6 +784,20 @@ TLS_LIBS=-lssl -lcrypto #------------------------------------------------------------------------------ @@ -24,7 +24,7 @@ index 9372675..813dd41 100644 # documentation. Other forms are available separately. If you want to install # the documentation in "info" format, first fetch the Texinfo documentation diff --git a/src/config.h.defaults b/src/config.h.defaults -index c33e098..6983a83 100644 +index 266c268..6a4a1f8 100644 --- a/src/config.h.defaults +++ b/src/config.h.defaults @@ -28,6 +28,8 @@ it's a default value. */ @@ -37,11 +37,11 @@ index c33e098..6983a83 100644 #define CONFIGURE_FILE diff --git a/src/globals.c b/src/globals.c -index 1dbc015..10fb3e4 100644 +index ec2685b..f8375bf 100644 --- a/src/globals.c +++ b/src/globals.c -@@ -169,6 +169,10 @@ uschar *tls_verify_certificates= US"system"; - uschar *tls_verify_hosts = NULL; +@@ -171,6 +171,10 @@ uschar *tls_verify_hosts = NULL; + uschar *tls_advertise_hosts = NULL; #endif +#ifdef DLOPEN_LOCAL_SCAN @@ -52,20 +52,21 @@ index 1dbc015..10fb3e4 100644 /* Per Recipient Data Response variables */ BOOL prdr_enable = FALSE; diff --git a/src/globals.h b/src/globals.h -index f3e884b..7063d97 100644 +index 57a5695..0a60902 100644 --- a/src/globals.h +++ b/src/globals.h -@@ -131,6 +131,10 @@ extern uschar *tls_verify_certificates;/* Path for certificates to check */ +@@ -129,6 +129,11 @@ extern uschar *tls_try_verify_hosts; /* Optional client verification */ + extern uschar *tls_verify_certificates;/* Path for certificates to check */ extern uschar *tls_verify_hosts; /* Mandatory client verification */ #endif - ++ +#ifdef DLOPEN_LOCAL_SCAN +extern uschar *local_scan_path; /* Path to local_scan() library */ +#endif + + extern uschar *tls_advertise_hosts; /* host for which TLS is advertised */ + extern uschar *dsn_envid; /* DSN envid string */ - extern int dsn_ret; /* DSN ret type*/ - extern const pcre *regex_DSN; /* For recognizing DSN settings */ diff --git a/src/local_scan.c b/src/local_scan.c index 3500047..8599172 100644 --- a/src/local_scan.c @@ -250,10 +251,10 @@ index 3500047..8599172 100644 + /* End of local_scan.c */ diff --git a/src/readconf.c b/src/readconf.c -index 1de6bd7..d1e5142 100644 +index 5ca6a84..f1ec503 100644 --- a/src/readconf.c +++ b/src/readconf.c -@@ -300,6 +300,9 @@ static optionlist optionlist_config[] = { +@@ -317,6 +317,9 @@ static optionlist optionlist_config[] = { { "local_from_prefix", opt_stringptr, &local_from_prefix }, { "local_from_suffix", opt_stringptr, &local_from_suffix }, { "local_interfaces", opt_stringptr, &local_interfaces }, diff --git a/exim-4.82-dynlookup-config.patch b/exim-4.87-dynlookup-config.patch similarity index 86% rename from exim-4.82-dynlookup-config.patch rename to exim-4.87-dynlookup-config.patch index a768af2..d922078 100644 --- a/exim-4.82-dynlookup-config.patch +++ b/exim-4.87-dynlookup-config.patch @@ -1,8 +1,8 @@ diff --git a/src/EDITME b/src/EDITME -index 07f8211..7d7a4a4 100644 +index df3dcc8..de01565 100644 --- a/src/EDITME +++ b/src/EDITME -@@ -301,14 +301,16 @@ LOOKUP_DSEARCH=yes +@@ -306,14 +306,16 @@ LOOKUP_DSEARCH=yes # LOOKUP_IBASE=yes LOOKUP_LDAP=yes LDAP_LIB_TYPE=OPENLDAP2 @@ -20,6 +20,6 @@ index 07f8211..7d7a4a4 100644 LOOKUP_PASSWD=yes -LOOKUP_PGSQL=yes +LOOKUP_PGSQL=2 + # LOOKUP_REDIS=yes LOOKUP_SQLITE=yes # LOOKUP_WHOSON=yes - diff --git a/exim-4.86-greylist-conf.patch b/exim-4.87-greylist-conf.patch similarity index 93% rename from exim-4.86-greylist-conf.patch rename to exim-4.87-greylist-conf.patch index fc20587..0741a3e 100644 --- a/exim-4.86-greylist-conf.patch +++ b/exim-4.87-greylist-conf.patch @@ -1,8 +1,8 @@ diff --git a/src/configure.default b/src/configure.default -index 915806e..8b1f3bf 100644 +index 1f10008..40b3bb2 100644 --- a/src/configure.default +++ b/src/configure.default -@@ -106,6 +106,7 @@ hostlist relay_from_hosts = localhost +@@ -107,6 +107,7 @@ hostlist relay_from_hosts = localhost # manual for details. The lists above are used in the access control lists for # checking incoming messages. The names of these ACLs are defined here: @@ -10,7 +10,7 @@ index 915806e..8b1f3bf 100644 acl_smtp_rcpt = acl_check_rcpt acl_smtp_data = acl_check_data acl_smtp_mime = acl_check_mime -@@ -355,6 +356,29 @@ timeout_frozen_after = 7d +@@ -368,6 +369,29 @@ timeout_frozen_after = 7d begin acl @@ -40,7 +40,7 @@ index 915806e..8b1f3bf 100644 # This access control list is used for every RCPT command in an incoming # SMTP message. The tests are run in order until the address is either # accepted or denied. -@@ -475,7 +499,8 @@ acl_check_rcpt: +@@ -493,7 +517,8 @@ acl_check_rcpt: # There are no default checks on DNS black lists because the domains that # contain these lists are changing all the time. However, here are two # examples of how you can get Exim to perform a DNS black list lookup at this @@ -50,7 +50,7 @@ index 915806e..8b1f3bf 100644 # # deny message = rejected because $sender_host_address is in a black list at $dnslist_domain\n$dnslist_text # dnslists = black.list.example -@@ -483,6 +508,10 @@ acl_check_rcpt: +@@ -501,6 +526,10 @@ acl_check_rcpt: # warn dnslists = black.list.example # add_header = X-Warning: $sender_host_address is in a black list at $dnslist_domain # log_message = found in $dnslist_domain @@ -61,7 +61,7 @@ index 915806e..8b1f3bf 100644 ############################################################################# ############################################################################# -@@ -496,6 +525,10 @@ acl_check_rcpt: +@@ -514,6 +543,10 @@ acl_check_rcpt: # require verify = csa ############################################################################# @@ -72,7 +72,7 @@ index 915806e..8b1f3bf 100644 # At this point, the address has passed all the checks that have been # configured, so we accept it unconditionally. -@@ -521,6 +554,12 @@ acl_check_data: +@@ -544,6 +577,12 @@ acl_check_data: # deny condition = ${if !def:h_Message-ID: {1}} # message = RFC2822 says that all mail SHOULD have a Message-ID header.\n\ # Most messages without it are spam, so your mail has been rejected. @@ -85,7 +85,7 @@ index 915806e..8b1f3bf 100644 # Deny if the message contains a virus. Before enabling this check, you # must install a virus scanner and set the av_scanner option above. -@@ -555,8 +594,30 @@ acl_check_data: +@@ -578,8 +617,30 @@ acl_check_data: # message = Your message scored $spam_score SpamAssassin point. Report follows:\n\ # $spam_report diff --git a/exim-4.82-localhost-is-local.patch b/exim-4.87-localhost-is-local.patch similarity index 90% rename from exim-4.82-localhost-is-local.patch rename to exim-4.87-localhost-is-local.patch index 47cff55..5810698 100644 --- a/exim-4.82-localhost-is-local.patch +++ b/exim-4.87-localhost-is-local.patch @@ -1,8 +1,8 @@ diff --git a/src/configure.default b/src/configure.default -index 52e0536..3728043 100644 +index d1ce2f1..1f10008 100644 --- a/src/configure.default +++ b/src/configure.default -@@ -54,7 +54,7 @@ +@@ -55,7 +55,7 @@ # +local_domains, +relay_to_domains, and +relay_from_hosts, respectively. They # are all colon-separated lists: diff --git a/exim-4.86-pamconfig.patch b/exim-4.87-pamconfig.patch similarity index 90% rename from exim-4.86-pamconfig.patch rename to exim-4.87-pamconfig.patch index 51691ca..c068a96 100644 --- a/exim-4.86-pamconfig.patch +++ b/exim-4.87-pamconfig.patch @@ -1,8 +1,8 @@ diff --git a/src/configure.default b/src/configure.default -index 5393ca3..dae5a54 100644 +index 0af6fb8..531435b 100644 --- a/src/configure.default +++ b/src/configure.default -@@ -141,7 +141,7 @@ acl_smtp_data = acl_check_data +@@ -142,7 +142,7 @@ acl_smtp_data = acl_check_data # Allow any client to use TLS. @@ -11,7 +11,7 @@ index 5393ca3..dae5a54 100644 # Specify the location of the Exim server's TLS certificate and private key. # The private key must not be encrypted (password protected). You can put -@@ -149,8 +149,8 @@ acl_smtp_data = acl_check_data +@@ -150,8 +150,8 @@ acl_smtp_data = acl_check_data # need the first setting, or in separate files, in which case you need both # options. @@ -22,7 +22,7 @@ index 5393ca3..dae5a54 100644 # In order to support roaming users who wish to send email from anywhere, # you may want to make Exim listen on other ports as well as port 25, in -@@ -161,8 +161,8 @@ acl_smtp_data = acl_check_data +@@ -162,8 +162,8 @@ acl_smtp_data = acl_check_data # them you should also allow TLS-on-connect on the traditional but # non-standard port 465. @@ -33,7 +33,7 @@ index 5393ca3..dae5a54 100644 # Specify the domain you want to be added to all unqualified addresses -@@ -220,6 +220,24 @@ never_users = root +@@ -221,6 +221,24 @@ never_users = root host_lookup = * @@ -58,7 +58,7 @@ index 5393ca3..dae5a54 100644 # The settings below cause Exim to make RFC 1413 (ident) callbacks # for all incoming SMTP calls. You can limit the hosts to which these -@@ -815,7 +833,7 @@ begin authenticators +@@ -842,7 +860,7 @@ begin authenticators # driver = plaintext # server_set_id = $auth2 # server_prompts = : @@ -67,7 +67,7 @@ index 5393ca3..dae5a54 100644 # server_advertise_condition = ${if def:tls_in_cipher } # LOGIN authentication has traditional prompts and responses. There is no -@@ -827,7 +845,7 @@ begin authenticators +@@ -854,7 +872,7 @@ begin authenticators # driver = plaintext # server_set_id = $auth1 # server_prompts = <| Username: | Password: diff --git a/exim-4.86-procmail.patch b/exim-4.87-procmail.patch similarity index 83% rename from exim-4.86-procmail.patch rename to exim-4.87-procmail.patch index a995d1f..66b9fc2 100644 --- a/exim-4.86-procmail.patch +++ b/exim-4.87-procmail.patch @@ -1,8 +1,8 @@ diff --git a/src/configure.default b/src/configure.default -index 5250b58..96ffe56 100644 +index 374c51d..e4ca5b9 100644 --- a/src/configure.default +++ b/src/configure.default -@@ -707,6 +707,12 @@ userforward: +@@ -730,6 +730,12 @@ userforward: pipe_transport = address_pipe reply_transport = address_reply @@ -15,9 +15,9 @@ index 5250b58..96ffe56 100644 # This router matches local user mailboxes. If the router fails, the error # message is "Unknown user". -@@ -744,6 +750,16 @@ begin transports - remote_smtp: +@@ -771,6 +777,16 @@ remote_smtp: driver = smtp + message_size_limit = ${if > {$max_received_linelength}{998} {1}{0}} +# This transport invokes procmail to deliver mail +procmail: diff --git a/exim-4.86-rhl.patch b/exim-4.87-rhl.patch similarity index 84% rename from exim-4.86-rhl.patch rename to exim-4.87-rhl.patch index 33bb25e..8f8be4f 100644 --- a/exim-4.86-rhl.patch +++ b/exim-4.87-rhl.patch @@ -1,8 +1,8 @@ diff --git a/src/configure.default b/src/configure.default -index 3223bff..97e9053 100644 +index 3c8cf97..12ed1e0 100644 --- a/src/configure.default +++ b/src/configure.default -@@ -605,7 +605,7 @@ system_aliases: +@@ -628,7 +628,7 @@ system_aliases: driver = redirect allow_fail allow_defer @@ -11,7 +11,7 @@ index 3223bff..97e9053 100644 # user = exim file_transport = address_file pipe_transport = address_pipe -@@ -702,8 +702,8 @@ local_delivery: +@@ -729,8 +729,8 @@ local_delivery: delivery_date_add envelope_to_add return_path_add diff --git a/exim-4.86-smarthost-config.patch b/exim-4.87-smarthost-config.patch similarity index 88% rename from exim-4.86-smarthost-config.patch rename to exim-4.87-smarthost-config.patch index f119de0..8cdcebf 100644 --- a/exim-4.86-smarthost-config.patch +++ b/exim-4.87-smarthost-config.patch @@ -1,10 +1,10 @@ diff --git a/src/configure.default b/src/configure.default -index 8b1f3bf..b2c8046 100644 +index 40b3bb2..9acae90 100644 --- a/src/configure.default +++ b/src/configure.default -@@ -811,6 +811,15 @@ begin transports - remote_smtp: +@@ -838,6 +838,15 @@ remote_smtp: driver = smtp + message_size_limit = ${if > {$max_received_linelength}{998} {1}{0}} +# This transport is used for delivering messages over SMTP using the +# "message submission" port (RFC4409). @@ -18,7 +18,7 @@ index 8b1f3bf..b2c8046 100644 # This transport invokes procmail to deliver mail procmail: driver = pipe -@@ -919,6 +928,21 @@ begin rewrite +@@ -946,6 +955,21 @@ begin rewrite # AUTHENTICATION CONFIGURATION # ###################################################################### @@ -40,7 +40,7 @@ index 8b1f3bf..b2c8046 100644 # The following authenticators support plaintext username/password # authentication using the standard PLAIN mechanism and the traditional # but non-standard LOGIN mechanism, with Exim acting as the server. -@@ -934,7 +958,7 @@ begin rewrite +@@ -961,7 +985,7 @@ begin rewrite # The default RCPT ACL checks for successful authentication, and will accept # messages from authenticated users from anywhere on the Internet. diff --git a/exim-4.86-spamdconf.patch b/exim-4.87-spamdconf.patch similarity index 93% rename from exim-4.86-spamdconf.patch rename to exim-4.87-spamdconf.patch index f65b24f..031268e 100644 --- a/exim-4.86-spamdconf.patch +++ b/exim-4.87-spamdconf.patch @@ -1,8 +1,8 @@ diff --git a/src/configure.default b/src/configure.default -index dae5a54..5250b58 100644 +index 531435b..374c51d 100644 --- a/src/configure.default +++ b/src/configure.default -@@ -108,6 +108,7 @@ hostlist relay_from_hosts = localhost +@@ -109,6 +109,7 @@ hostlist relay_from_hosts = localhost acl_smtp_rcpt = acl_check_rcpt acl_smtp_data = acl_check_data @@ -10,7 +10,7 @@ index dae5a54..5250b58 100644 # You should not change those settings until you understand how ACLs work. -@@ -120,7 +121,7 @@ acl_smtp_data = acl_check_data +@@ -121,7 +122,7 @@ acl_smtp_data = acl_check_data # of what to set for other virus scanners. The second modification is in the # acl_check_data access control list (see below). @@ -19,7 +19,7 @@ index dae5a54..5250b58 100644 # For spam scanning, there is a similar option that defines the interface to -@@ -418,7 +419,8 @@ acl_check_rcpt: +@@ -431,7 +432,8 @@ acl_check_rcpt: accept local_parts = postmaster domains = +local_domains @@ -29,9 +29,9 @@ index dae5a54..5250b58 100644 require verify = sender -@@ -510,27 +512,63 @@ acl_check_rcpt: - - acl_check_data: +@@ -533,27 +535,63 @@ acl_check_data: + # + deny condition = ${if > {$max_received_linelength}{998}} + # Put simple tests first. A good one is to check for the presence of a + # Message-Id: header, which RFC2822 says SHOULD be present. Some broken diff --git a/exim.spec b/exim.spec index ec2dab6..ad3fb1c 100644 --- a/exim.spec +++ b/exim.spec @@ -17,7 +17,7 @@ Summary: The exim mail transfer agent Name: exim -Version: 4.86.2 +Version: 4.87 Release: 1%{?dist} License: GPLv2+ Url: http://www.exim.org/ @@ -57,19 +57,19 @@ Source25: exim-gen-cert Source26: clamd.exim.service %endif -Patch4: exim-4.86-rhl.patch -Patch6: exim-4.86-config.patch +Patch4: exim-4.87-rhl.patch +Patch6: exim-4.87-config.patch Patch8: exim-4.82-libdir.patch -Patch12: exim-4.86-cyrus.patch -Patch13: exim-4.86-pamconfig.patch -Patch14: exim-4.86-spamdconf.patch -Patch18: exim-4.86.2-dlopen-localscan.patch -Patch19: exim-4.86-procmail.patch -Patch20: exim-4.86-allow-filter.patch -Patch21: exim-4.82-localhost-is-local.patch -Patch22: exim-4.86-greylist-conf.patch -Patch23: exim-4.86-smarthost-config.patch -Patch25: exim-4.82-dynlookup-config.patch +Patch12: exim-4.87-cyrus.patch +Patch13: exim-4.87-pamconfig.patch +Patch14: exim-4.87-spamdconf.patch +Patch18: exim-4.87-dlopen-localscan.patch +Patch19: exim-4.87-procmail.patch +Patch20: exim-4.87-allow-filter.patch +Patch21: exim-4.87-localhost-is-local.patch +Patch22: exim-4.87-greylist-conf.patch +Patch23: exim-4.87-smarthost-config.patch +Patch25: exim-4.87-dynlookup-config.patch # Upstream ticket: http://bugs.exim.org/show_bug.cgi?id=1584 Patch26: exim-4.85-pic.patch @@ -637,6 +637,10 @@ test "$1" = 0 || %{_initrddir}/clamd.exim condrestart >/dev/null 2>&1 || : %{_sysconfdir}/cron.daily/greylist-tidy.sh %changelog +* Sun Apr 10 2016 Jaroslav Škarvada - 4.87-1 +- New version + Resolves: rhbz#1325557 + * Thu Mar 3 2016 Jaroslav Škarvada - 4.86.2-1 - New version Resolves: rhbz#1314118 diff --git a/sources b/sources index 6c84ef6..d8e24d5 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -1443a4a88d6b78ad9b6a681c51437b55 exim-4.86.2.tar.bz2 +2effc2bd47ad2dc010f655c11a1b1173 exim-4.87.tar.bz2 From 21ff2315c2c3eee047f9ceb25b7da23614dcc3d3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jaroslav=20=C5=A0karvada?= Date: Mon, 18 Apr 2016 11:46:53 +0200 Subject: [PATCH 145/194] Used sane environment defaults in default configuration Resolves: rhbz#1323775 --- exim-4.87-environment.patch | 14 ++++++++++++++ exim.spec | 8 +++++++- 2 files changed, 21 insertions(+), 1 deletion(-) create mode 100644 exim-4.87-environment.patch diff --git a/exim-4.87-environment.patch b/exim-4.87-environment.patch new file mode 100644 index 0000000..e0ea3ed --- /dev/null +++ b/exim-4.87-environment.patch @@ -0,0 +1,14 @@ +diff --git a/src/configure.default b/src/configure.default +--- a/src/configure.default ++++ b/src/configure.default +@@ -357,8 +357,8 @@ timeout_frozen_after = 7d + # Note that TZ is handled separateley by the timezone runtime option + # and TIMEZONE_DEFAULT buildtime option. + +-# keep_environment = ^LDAP +-# add_environment = PATH=/usr/bin::/bin ++keep_environment = ^LDAP ++add_environment = PATH=/usr/bin::/bin + + + diff --git a/exim.spec b/exim.spec index ad3fb1c..87af4a6 100644 --- a/exim.spec +++ b/exim.spec @@ -18,7 +18,7 @@ Summary: The exim mail transfer agent Name: exim Version: 4.87 -Release: 1%{?dist} +Release: 2%{?dist} License: GPLv2+ Url: http://www.exim.org/ Group: System Environment/Daemons @@ -72,6 +72,7 @@ Patch23: exim-4.87-smarthost-config.patch Patch25: exim-4.87-dynlookup-config.patch # Upstream ticket: http://bugs.exim.org/show_bug.cgi?id=1584 Patch26: exim-4.85-pic.patch +Patch27: exim-4.87-environment.patch Requires: /etc/pki/tls/certs /etc/pki/tls/private Requires: /etc/aliases @@ -233,6 +234,7 @@ greylisting unconditional. %patch23 -p1 -b .smarthost %patch25 -p1 -b .dynconfig %patch26 -p1 -b .fpic +%patch27 -p1 -b .environment cp src/EDITME Local/Makefile sed -i 's@^# LOOKUP_MODULE_DIR=.*@LOOKUP_MODULE_DIR=%{_libdir}/exim/%{version}-%{release}/lookups@' Local/Makefile @@ -637,6 +639,10 @@ test "$1" = 0 || %{_initrddir}/clamd.exim condrestart >/dev/null 2>&1 || : %{_sysconfdir}/cron.daily/greylist-tidy.sh %changelog +* Mon Apr 18 2016 Jaroslav Škarvada - 4.87-2 +- Used sane environment defaults in default configuration + Resolves: rhbz#1323775 + * Sun Apr 10 2016 Jaroslav Škarvada - 4.87-1 - New version Resolves: rhbz#1325557 From 1201d2cec12bf2d2dca6d63f1381e0c003637c84 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jaroslav=20=C5=A0karvada?= Date: Wed, 4 May 2016 16:12:29 +0200 Subject: [PATCH 146/194] Dropped sa-exim which has been obsoleted long time ago by the proper built-in ACL support - Unconditionalized sources Resolves: rhbz#1332211 --- exim.spec | 62 +++++++------------------------------------------------ 1 file changed, 7 insertions(+), 55 deletions(-) diff --git a/exim.spec b/exim.spec index 87af4a6..ea649d5 100644 --- a/exim.spec +++ b/exim.spec @@ -1,7 +1,3 @@ -# SA-Exim has long since been obsoleted by the proper built-in ACL support -# from exiscan. Disable it by default -%bcond_with sa - # By default build clamav subpackage on Fedora, # do not build on RHEL %if 0%{?rhel} @@ -18,7 +14,7 @@ Summary: The exim mail transfer agent Name: exim Version: 4.87 -Release: 2%{?dist} +Release: 3%{?dist} License: GPLv2+ Url: http://www.exim.org/ Group: System Environment/Daemons @@ -40,22 +36,15 @@ Source3: exim.sysconfig Source4: exim.logrotate Source5: exim-tidydb.sh Source11: exim.pam -%if %{with clamav} Source12: exim-clamav-tmpfiles.conf -%endif -%if %{with sa} -Source13: http://marc.merlins.org/linux/exim/files/sa-exim-4.2.tar.gz -%endif Source20: exim-greylist.conf.inc Source21: mk-greylist-db.sql Source22: greylist-tidy.sh Source23: trusted-configs Source24: exim.service Source25: exim-gen-cert -%if %{with clamav} Source26: clamd.exim.service -%endif Patch4: exim-4.87-rhl.patch Patch6: exim-4.87-config.patch @@ -78,9 +67,6 @@ Requires: /etc/pki/tls/certs /etc/pki/tls/private Requires: /etc/aliases Requires: perl(:MODULE_COMPAT_%(eval "`%{__perl} -V:version`"; echo $version)) BuildRequires: libdb-devel openssl-devel openldap-devel pam-devel -%if %{with sa} -BuildRequires: lynx -%endif BuildRequires: pcre-devel sqlite-devel tcp_wrappers-devel cyrus-sasl-devel BuildRequires: openldap-devel openssl-devel mysql-devel postgresql-devel BuildRequires: libXaw-devel libXmu-devel libXext-devel libX11-devel libSM-devel @@ -136,18 +122,6 @@ displays information about Exim's processing in an X window, and an administrator can perform a number of control actions from the window interface. -%if %{with sa} -%package sa -Summary: Exim SpamAssassin at SMTP time - d/l plugin -Group: System Environment/Daemons -Requires: exim = %{version}-%{release} - -%description sa -The exim-sa package is an old method for allowing SpamAssassin to be run on -incoming mail at SMTP time. It is deprecated in favour of the built-in ACL -support for content scanning. -%endif - %if %{with clamav} %package clamav Summary: Clam Antivirus scanner dæmon configuration for use with Exim @@ -216,9 +190,6 @@ greylisting unconditional. %prep %setup -q -%if %{with sa} -%setup -q -T -D -a 13 -%endif %patch4 -p1 -b .rhl %patch6 -p1 -b .config @@ -252,13 +223,6 @@ cp exim_monitor/EDITME Local/eximon.conf %endif make _lib=%{_lib} FULLECHO= LDFLAGS="%{?__global_ldflags} %{?_hardened_build:-pie -Wl,-z,relro,-z,now}" -%if %{with sa} -# build sa-exim -cd sa-exim* -perl -pi -e 's|\@lynx|HOME=/ /usr/bin/lynx|g;' Makefile -make SACONF=%{_sysconfdir}/exim/sa-exim.conf CFLAGS="$RPM_OPT_FLAGS -fPIC" -%endif - %install rm -rf $RPM_BUILD_ROOT @@ -344,15 +308,6 @@ install -m 0644 %SOURCE4 $RPM_BUILD_ROOT%{_sysconfdir}/logrotate.d/exim mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}/cron.daily install -m 0755 %SOURCE5 $RPM_BUILD_ROOT%{_sysconfdir}/cron.daily/exim-tidydb -%if %{with sa} -# install sa -cd sa-exim* -mkdir -p $RPM_BUILD_ROOT%{_libexecdir}/exim -install *.so $RPM_BUILD_ROOT%{_libexecdir}/exim -install -m 644 *.conf $RPM_BUILD_ROOT%{_sysconfdir}/exim -ln -s sa-exim*.so $RPM_BUILD_ROOT%{_libexecdir}/exim/sa-exim.so -%endif - # generate ghost .pem file mkdir -p $RPM_BUILD_ROOT/etc/pki/tls/{certs,private} touch $RPM_BUILD_ROOT/etc/pki/tls/{certs,private}/exim.pem @@ -560,15 +515,6 @@ fi %{_sbindir}/eximon %{_sbindir}/eximon.bin -%if %{with sa} -%files sa -%defattr(-,root,root) -%{_libexecdir}/exim -%config(noreplace) %{_sysconfdir}/exim/sa-*.conf -%doc sa-exim*/*.html -%doc sa-exim*/{ACKNOWLEDGEMENTS,INSTALL,LICENSE,TODO} -%endif - %if %{with clamav} %post clamav /bin/mkdir -p 0750 %{_var}/run/clamd.exim @@ -639,6 +585,12 @@ test "$1" = 0 || %{_initrddir}/clamd.exim condrestart >/dev/null 2>&1 || : %{_sysconfdir}/cron.daily/greylist-tidy.sh %changelog +* Wed May 4 2016 Jaroslav Škarvada - 4.87-3 +- Dropped sa-exim which has been obsoleted long time ago by the proper + built-in ACL support +- Unconditionalized sources + Resolves: rhbz#1332211 + * Mon Apr 18 2016 Jaroslav Škarvada - 4.87-2 - Used sane environment defaults in default configuration Resolves: rhbz#1323775 From 462797715162e2beb867cbc8c50a5527e3f79ca0 Mon Sep 17 00:00:00 2001 From: Jitka Plesnikova Date: Sun, 15 May 2016 00:37:38 +0200 Subject: [PATCH 147/194] Perl 5.24 rebuild --- exim.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/exim.spec b/exim.spec index ea649d5..f38337c 100644 --- a/exim.spec +++ b/exim.spec @@ -14,7 +14,7 @@ Summary: The exim mail transfer agent Name: exim Version: 4.87 -Release: 3%{?dist} +Release: 4%{?dist} License: GPLv2+ Url: http://www.exim.org/ Group: System Environment/Daemons @@ -585,6 +585,9 @@ test "$1" = 0 || %{_initrddir}/clamd.exim condrestart >/dev/null 2>&1 || : %{_sysconfdir}/cron.daily/greylist-tidy.sh %changelog +* Sat May 14 2016 Jitka Plesnikova - 4.87-4 +- Perl 5.24 rebuild + * Wed May 4 2016 Jaroslav Škarvada - 4.87-3 - Dropped sa-exim which has been obsoleted long time ago by the proper built-in ACL support From ea3c76ef2a0b752e188bccc629a5fcec1f56cc73 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jaroslav=20=C5=A0karvada?= Date: Thu, 9 Jun 2016 13:46:52 +0200 Subject: [PATCH 148/194] Allow configuration of user:group through sysconfig Resolves: rhbz#1344250 --- exim-gen-cert | 10 +++++++++- exim.init | 7 +++++-- exim.spec | 6 +++++- exim.sysconfig | 2 ++ 4 files changed, 21 insertions(+), 4 deletions(-) diff --git a/exim-gen-cert b/exim-gen-cert index dbcd26e..27e8448 100644 --- a/exim-gen-cert +++ b/exim-gen-cert @@ -2,6 +2,14 @@ . /etc/sysconfig/network +# Source exim configureation. +if [ -f /etc/sysconfig/exim ] ; then + . /etc/sysconfig/exim +fi + +USER=${USER:=exim} +GROUP=${GROUP:=exim} + gen_cert() { if [ ! -f /etc/pki/tls/certs/exim.pem ] ; then umask 077 @@ -23,7 +31,7 @@ root@${FQDN} EOF if [ $? -eq 0 ]; then echo success - chown exim.exim /etc/pki/tls/{private,certs}/exim.pem + chown $USER:$GROUP /etc/pki/tls/{private,certs}/exim.pem chmod 600 /etc/pki/tls/{private,certs}/exim.pem else echo failure diff --git a/exim.init b/exim.init index 58ffd51..275fae2 100644 --- a/exim.init +++ b/exim.init @@ -23,6 +23,9 @@ else QUEUE=1h fi +USER=${USER:=exim} +GROUP=${GROUP:=exim} + gen_cert() { if [ ! -f /etc/pki/tls/certs/exim.pem ] ; then umask 077 @@ -44,7 +47,7 @@ root@${FQDN} EOF if [ $? -eq 0 ]; then success - chown exim.exim /etc/pki/tls/{private,certs}/exim.pem + chown $USER:$GROUP /etc/pki/tls/{private,certs}/exim.pem chmod 600 /etc/pki/tls/{private,certs}/exim.pem else failure @@ -65,7 +68,7 @@ start() { then if [ "exim" != "`ls -l /var/log/exim/main.log | awk '{print $4}'`" ] then - chown -R exim:exim /var/log/exim /var/spool/exim + chown -R $USER:$GROUP /var/log/exim /var/spool/exim fi fi diff --git a/exim.spec b/exim.spec index f38337c..37563e2 100644 --- a/exim.spec +++ b/exim.spec @@ -14,7 +14,7 @@ Summary: The exim mail transfer agent Name: exim Version: 4.87 -Release: 4%{?dist} +Release: 5%{?dist} License: GPLv2+ Url: http://www.exim.org/ Group: System Environment/Daemons @@ -585,6 +585,10 @@ test "$1" = 0 || %{_initrddir}/clamd.exim condrestart >/dev/null 2>&1 || : %{_sysconfdir}/cron.daily/greylist-tidy.sh %changelog +* Thu Jun 9 2016 Jaroslav Škarvada - 4.87-5 +- Allow configuration of user:group through sysconfig + Resolves: rhbz#1344250 + * Sat May 14 2016 Jitka Plesnikova - 4.87-4 - Perl 5.24 rebuild diff --git a/exim.sysconfig b/exim.sysconfig index cada3c9..69e525d 100644 --- a/exim.sysconfig +++ b/exim.sysconfig @@ -1,2 +1,4 @@ DAEMON=yes QUEUE=1h +USER=exim +GROUP=exim From 94d30de7f12fadce0dc1c5a2e130b93937b7d4a6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Petr=20P=C3=ADsa=C5=99?= Date: Fri, 24 Jun 2016 09:28:42 +0200 Subject: [PATCH 149/194] Mandatory Perl build-requires added --- exim.spec | 2 ++ 1 file changed, 2 insertions(+) diff --git a/exim.spec b/exim.spec index 37563e2..a6800c5 100644 --- a/exim.spec +++ b/exim.spec @@ -70,6 +70,8 @@ BuildRequires: libdb-devel openssl-devel openldap-devel pam-devel BuildRequires: pcre-devel sqlite-devel tcp_wrappers-devel cyrus-sasl-devel BuildRequires: openldap-devel openssl-devel mysql-devel postgresql-devel BuildRequires: libXaw-devel libXmu-devel libXext-devel libX11-devel libSM-devel +BuildRequires: perl-devel +BuildRequires: perl-generators BuildRequires: libICE-devel libXpm-devel libXt-devel perl(ExtUtils::Embed) BuildRequires: systemd-units libgsasl-devel From abf48374cf53f21b90377403c50ed4e713fdc732 Mon Sep 17 00:00:00 2001 From: David Woodhouse Date: Sun, 25 Dec 2016 20:42:04 +0000 Subject: [PATCH 150/194] 4.88 --- exim.spec | 7 +++++-- sources | 2 +- 2 files changed, 6 insertions(+), 3 deletions(-) diff --git a/exim.spec b/exim.spec index a6800c5..416c598 100644 --- a/exim.spec +++ b/exim.spec @@ -13,8 +13,8 @@ Summary: The exim mail transfer agent Name: exim -Version: 4.87 -Release: 5%{?dist} +Version: 4.88 +Release: 1%{?dist} License: GPLv2+ Url: http://www.exim.org/ Group: System Environment/Daemons @@ -587,6 +587,9 @@ test "$1" = 0 || %{_initrddir}/clamd.exim condrestart >/dev/null 2>&1 || : %{_sysconfdir}/cron.daily/greylist-tidy.sh %changelog +* Sun Dec 25 2016 David Woodhouse - 4.88-1 +- Update to 4.88 (CVE-2016-9963 / rhbz#1405323) + * Thu Jun 9 2016 Jaroslav Škarvada - 4.87-5 - Allow configuration of user:group through sysconfig Resolves: rhbz#1344250 diff --git a/sources b/sources index d8e24d5..c9e82cb 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -2effc2bd47ad2dc010f655c11a1b1173 exim-4.87.tar.bz2 +SHA512 (exim-4.88.tar.bz2) = ea094bf703628c201de119fc5f09539475e52158e935f8f2a9e4138c4a1bfe885017145c3cc5e22aa9087b195091955c69385ebf1ea0baec64ed5c1b8e3b1caf From 4d3a8b6fe3145ae4e8a6358fb3f442b9684bdf9c Mon Sep 17 00:00:00 2001 From: David Woodhouse Date: Sun, 25 Dec 2016 21:20:08 +0000 Subject: [PATCH 151/194] Update patches for 4.88 --- exim-4.87-spamdconf.patch | 23 ++++---- ....87-config.patch => exim-4.88-config.patch | 52 ++++++++----------- exim.spec | 2 +- sources | 2 +- 4 files changed, 35 insertions(+), 44 deletions(-) rename exim-4.87-config.patch => exim-4.88-config.patch (87%) diff --git a/exim-4.87-spamdconf.patch b/exim-4.87-spamdconf.patch index 031268e..c5a21f6 100644 --- a/exim-4.87-spamdconf.patch +++ b/exim-4.87-spamdconf.patch @@ -1,7 +1,5 @@ -diff --git a/src/configure.default b/src/configure.default -index 531435b..374c51d 100644 ---- a/src/configure.default -+++ b/src/configure.default +--- a/src/configure.default.spamd 2016-12-25 21:06:57.453758443 +0000 ++++ b/src/configure.default 2016-12-25 21:07:49.940188407 +0000 @@ -109,6 +109,7 @@ hostlist relay_from_hosts = localhost acl_smtp_rcpt = acl_check_rcpt @@ -29,9 +27,9 @@ index 531435b..374c51d 100644 require verify = sender -@@ -533,27 +535,63 @@ acl_check_data: - # - deny condition = ${if > {$max_received_linelength}{998}} +@@ -535,27 +537,63 @@ acl_check_data: + got $max_received_linelength + condition = ${if > {$max_received_linelength}{998}} + # Put simple tests first. A good one is to check for the presence of a + # Message-Id: header, which RFC2822 says SHOULD be present. Some broken @@ -52,17 +50,17 @@ index 531435b..374c51d 100644 - # Add headers to a message if it is judged to be spam. Before enabling this, - # you must install SpamAssassin. You may also need to set the spamd_address - # option above. -+ # Bypass SpamAssassin checks if the message is too large. - # +- # - # warn spam = nobody - # add_header = X-Spam_score: $spam_score\n\ - # X-Spam_score_int: $spam_score_int\n\ - # X-Spam_bar: $spam_bar\n\ - # X-Spam_report: $spam_report ++ # Bypass SpamAssassin checks if the message is too large. ++ # + # accept condition = ${if >={$message_size}{100000} {1}} + # add_header = X-Spam-Note: SpamAssassin run bypassed due to message size - -- # Accept the message. ++ + # Run SpamAssassin, but allow for it to fail or time out. Add a warning message + # and accept the mail if that happens. Add an X-Spam-Flag: header if the SA + # score exceeds the SA system threshold. @@ -78,7 +76,8 @@ index 531435b..374c51d 100644 + # + # warn add_header = X-Spam-Score: $spam_score ($spam_bar)\n\ + # X-Spam-Report: $spam_report -+ + +- # Accept the message. + # And reject if the SpamAssassin score is greater than ten + # + # deny condition = ${if >{$spam_score_int}{100} {1}} diff --git a/exim-4.87-config.patch b/exim-4.88-config.patch similarity index 87% rename from exim-4.87-config.patch rename to exim-4.88-config.patch index 78bddc4..40baabd 100644 --- a/exim-4.87-config.patch +++ b/exim-4.88-config.patch @@ -1,8 +1,8 @@ -diff --git a/scripts/Configure-Makefile b/scripts/Configure-Makefile -index 4aa7d76..3a5263c 100755 +diff --git a/src/scripts/Configure-Makefile b/src/scripts/Configure-Makefile +index 3e486a6..6c4afec 100755 --- a/scripts/Configure-Makefile +++ b/scripts/Configure-Makefile -@@ -253,7 +253,7 @@ if [ "${EXIM_PERL}" != "" ] ; then +@@ -269,7 +269,7 @@ if [ "${EXIM_PERL}" != "" ] ; then mv $mft $mftt echo "PERL_CC=`$PERL_COMMAND -MConfig -e 'print $Config{cc}'`" >>$mft @@ -11,8 +11,8 @@ index 4aa7d76..3a5263c 100755 echo "PERL_LIBS=`$PERL_COMMAND -MExtUtils::Embed -e ldopts`" >>$mft echo "" >>$mft cat $mftt >> $mft -diff --git a/src/EDITME b/src/EDITME -index d852103..bbb7527 100644 +diff --git a/src/src/EDITME b/src/src/EDITME +index 6929346..5a08197 100644 --- a/src/EDITME +++ b/src/EDITME @@ -98,7 +98,7 @@ @@ -105,24 +105,16 @@ index d852103..bbb7527 100644 # LOOKUP_WHOSON=yes # These two settings are obsolete; all three lookups are compiled when -@@ -390,14 +392,14 @@ EXIM_MONITOR=eximon.bin +@@ -390,7 +392,7 @@ EXIM_MONITOR=eximon.bin # and the MIME ACL. Please read the documentation to learn more about these # features. -# WITH_CONTENT_SCAN=yes +WITH_CONTENT_SCAN=yes - # If you want to use the deprecated "demime" condition in the DATA ACL, - # uncomment the line below. Doing so will also explicitly turn on the - # WITH_CONTENT_SCAN option. If possible, use the MIME ACL instead of - # the "demime" condition. - --# WITH_OLD_DEMIME=yes -+WITH_OLD_DEMIME=yes - #------------------------------------------------------------------------------ # If you're using ClamAV and are backporting fixes to an old version, instead -@@ -573,7 +575,7 @@ FIXED_NEVER_USERS=root +@@ -577,7 +579,7 @@ FIXED_NEVER_USERS=root # CONFIGURE_OWNER setting, to specify a configuration file which is listed in # the TRUSTED_CONFIG_LIST file, then root privileges are not dropped by Exim. @@ -131,7 +123,7 @@ index d852103..bbb7527 100644 #------------------------------------------------------------------------------ -@@ -618,16 +620,14 @@ FIXED_NEVER_USERS=root +@@ -622,16 +624,14 @@ FIXED_NEVER_USERS=root # included in the Exim binary. You will then need to set up the run time # configuration to make use of the mechanism(s) selected. @@ -156,7 +148,7 @@ index d852103..bbb7527 100644 #------------------------------------------------------------------------------ -@@ -648,7 +648,7 @@ FIXED_NEVER_USERS=root +@@ -652,7 +652,7 @@ FIXED_NEVER_USERS=root # one that is set in the headers_charset option. The default setting is # defined by this setting: @@ -165,7 +157,7 @@ index d852103..bbb7527 100644 # If you are going to make use of $header_xxx expansions in your configuration # file, or if your users are going to use them in filter files, and the normal -@@ -668,7 +668,7 @@ HEADERS_CHARSET="ISO-8859-1" +@@ -672,7 +672,7 @@ HEADERS_CHARSET="ISO-8859-1" # the Sieve filter support. For those OS where iconv() is known to be installed # as standard, the file in OS/Makefile-xxxx contains # @@ -174,7 +166,7 @@ index d852103..bbb7527 100644 # # If you are not using one of those systems, but have installed iconv(), you # need to uncomment that line above. In some cases, you may find that iconv() -@@ -730,11 +730,11 @@ HEADERS_CHARSET="ISO-8859-1" +@@ -734,11 +734,11 @@ HEADERS_CHARSET="ISO-8859-1" # leave these settings commented out. # This setting is required for any TLS support (either OpenSSL or GnuTLS) @@ -189,7 +181,7 @@ index d852103..bbb7527 100644 # Uncomment the first and either the second or the third of these if you # are using GnuTLS. If you have pkg-config, then the second, else the third. -@@ -799,7 +799,7 @@ HEADERS_CHARSET="ISO-8859-1" +@@ -807,7 +807,7 @@ HEADERS_CHARSET="ISO-8859-1" # Once you have done this, "make install" will build the info files and # install them in the directory you have defined. @@ -198,7 +190,7 @@ index d852103..bbb7527 100644 #------------------------------------------------------------------------------ -@@ -812,7 +812,7 @@ HEADERS_CHARSET="ISO-8859-1" +@@ -820,7 +820,7 @@ HEADERS_CHARSET="ISO-8859-1" # %s. This will be replaced by one of the strings "main", "panic", or "reject" # to form the final file names. Some installations may want something like this: @@ -207,7 +199,7 @@ index d852103..bbb7527 100644 # which results in files with names /var/log/exim_mainlog, etc. The directory # in which the log files are placed must exist; Exim does not try to create -@@ -884,7 +884,7 @@ ZCAT_COMMAND=/usr/bin/zcat +@@ -892,7 +892,7 @@ ZCAT_COMMAND=/usr/bin/zcat # (version 5.004 or later) installed, set EXIM_PERL to perl.o. Using embedded # Perl costs quite a lot of resources. Only do this if you really need it. @@ -216,7 +208,7 @@ index d852103..bbb7527 100644 #------------------------------------------------------------------------------ -@@ -894,7 +894,7 @@ ZCAT_COMMAND=/usr/bin/zcat +@@ -902,7 +902,7 @@ ZCAT_COMMAND=/usr/bin/zcat # that the local_scan API is made available by the linker. You may also need # to add -ldl to EXTRALIBS so that dlopen() is available to Exim. @@ -225,7 +217,7 @@ index d852103..bbb7527 100644 #------------------------------------------------------------------------------ -@@ -904,7 +904,7 @@ ZCAT_COMMAND=/usr/bin/zcat +@@ -912,7 +912,7 @@ ZCAT_COMMAND=/usr/bin/zcat # support, which is intended for use in conjunction with the SMTP AUTH # facilities, is included only when requested by the following setting: @@ -234,7 +226,7 @@ index d852103..bbb7527 100644 # You probably need to add -lpam to EXTRALIBS, and in some releases of # GNU/Linux -ldl is also needed. -@@ -998,7 +998,7 @@ ZCAT_COMMAND=/usr/bin/zcat +@@ -1006,7 +1006,7 @@ ZCAT_COMMAND=/usr/bin/zcat # group. Once you have installed saslauthd, you should arrange for it to be # started by root at boot time. @@ -243,7 +235,7 @@ index d852103..bbb7527 100644 #------------------------------------------------------------------------------ -@@ -1011,9 +1011,9 @@ ZCAT_COMMAND=/usr/bin/zcat +@@ -1019,9 +1019,9 @@ ZCAT_COMMAND=/usr/bin/zcat # You may well also have to specify a local "include" file and an additional # library for TCP wrappers, so you probably need something like this: # @@ -256,7 +248,7 @@ index d852103..bbb7527 100644 # # but of course there may need to be other things in CFLAGS and EXTRALIBS_EXIM # as well. -@@ -1065,7 +1065,7 @@ SYSTEM_ALIASES_FILE=/etc/aliases +@@ -1073,7 +1073,7 @@ SYSTEM_ALIASES_FILE=/etc/aliases # is "yes", as well as supporting line editing, a history of input lines in the # current run is maintained. @@ -265,7 +257,7 @@ index d852103..bbb7527 100644 # You may need to add -ldl to EXTRALIBS when you set USE_READLINE=yes. # Note that this option adds to the size of the Exim binary, because the -@@ -1075,7 +1075,7 @@ SYSTEM_ALIASES_FILE=/etc/aliases +@@ -1083,7 +1083,7 @@ SYSTEM_ALIASES_FILE=/etc/aliases #------------------------------------------------------------------------------ # Uncomment this setting to include IPv6 support. @@ -274,7 +266,7 @@ index d852103..bbb7527 100644 ############################################################################### # THINGS YOU ALMOST NEVER NEED TO MENTION # -@@ -1096,13 +1096,13 @@ SYSTEM_ALIASES_FILE=/etc/aliases +@@ -1104,13 +1104,13 @@ SYSTEM_ALIASES_FILE=/etc/aliases # haven't got Perl, Exim will still build and run; you just won't be able to # use those utilities. @@ -295,7 +287,7 @@ index d852103..bbb7527 100644 #------------------------------------------------------------------------------ -@@ -1304,7 +1304,7 @@ EXIM_TMPDIR="/tmp" +@@ -1312,7 +1312,7 @@ EXIM_TMPDIR="/tmp" # (process id) to a file so that it can easily be identified. The path of the # file can be specified here. Some installations may want something like this: diff --git a/exim.spec b/exim.spec index 416c598..5e817b5 100644 --- a/exim.spec +++ b/exim.spec @@ -47,7 +47,7 @@ Source25: exim-gen-cert Source26: clamd.exim.service Patch4: exim-4.87-rhl.patch -Patch6: exim-4.87-config.patch +Patch6: exim-4.88-config.patch Patch8: exim-4.82-libdir.patch Patch12: exim-4.87-cyrus.patch Patch13: exim-4.87-pamconfig.patch diff --git a/sources b/sources index c9e82cb..059a278 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (exim-4.88.tar.bz2) = ea094bf703628c201de119fc5f09539475e52158e935f8f2a9e4138c4a1bfe885017145c3cc5e22aa9087b195091955c69385ebf1ea0baec64ed5c1b8e3b1caf +SHA512 (exim-4.87.1.tar.bz2) = bdb0a0507a8ad63abe49026250bd8206f6993cc08a01e640f8076f8accc57a33b16c336196351bf5cb124f1a435b140f908b4d6707ce0efb8d305764cf156e6b From 296d145db82dd0ba4f08990c658fdb4ac86406b4 Mon Sep 17 00:00:00 2001 From: David Woodhouse Date: Sun, 25 Dec 2016 21:23:22 +0000 Subject: [PATCH 152/194] really 4.88 --- sources | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sources b/sources index 059a278..c9e82cb 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (exim-4.87.1.tar.bz2) = bdb0a0507a8ad63abe49026250bd8206f6993cc08a01e640f8076f8accc57a33b16c336196351bf5cb124f1a435b140f908b4d6707ce0efb8d305764cf156e6b +SHA512 (exim-4.88.tar.bz2) = ea094bf703628c201de119fc5f09539475e52158e935f8f2a9e4138c4a1bfe885017145c3cc5e22aa9087b195091955c69385ebf1ea0baec64ed5c1b8e3b1caf From 45ad79fcb17838aa50ad9357f4b086a1c4025d08 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jaroslav=20=C5=A0karvada?= Date: Mon, 16 Jan 2017 15:32:52 +0100 Subject: [PATCH 153/194] Move tmpfiles.d config to %{_tmpfilesdir} Install license files as %license --- exim.spec | 15 ++++++++++----- 1 file changed, 10 insertions(+), 5 deletions(-) diff --git a/exim.spec b/exim.spec index 5e817b5..8402752 100644 --- a/exim.spec +++ b/exim.spec @@ -14,7 +14,7 @@ Summary: The exim mail transfer agent Name: exim Version: 4.88 -Release: 1%{?dist} +Release: 2%{?dist} License: GPLv2+ Url: http://www.exim.org/ Group: System Environment/Daemons @@ -344,8 +344,8 @@ CLAMD_SOCKET=%{_var}/run/clamd.exim/clamd.sock EOF ln -sf clamd $RPM_BUILD_ROOT/usr/sbin/clamd.exim -mkdir -p %{buildroot}%{_sysconfdir}/tmpfiles.d -install -m 0644 %{SOURCE12} %{buildroot}%{_sysconfdir}/tmpfiles.d/exim-clamav.conf +mkdir -p %{buildroot}%{_tmpfilesdir} +install -m 0644 %{SOURCE12} %{buildroot}%{_tmpfilesdir}/exim-clamav.conf mkdir -p $RPM_BUILD_ROOT%{_var}/run/clamd.exim mkdir -p $RPM_BUILD_ROOT%{_var}/log touch $RPM_BUILD_ROOT%{_var}/log/clamd.exim @@ -482,7 +482,8 @@ fi %config(noreplace) %{_sysconfdir}/pam.d/exim %{_sysconfdir}/cron.daily/exim-tidydb -%doc ACKNOWLEDGMENTS LICENCE NOTICE README.UPDATING README +%license LICENCE NOTICE +%doc ACKNOWLEDGMENTS README.UPDATING README %doc doc util/unknownuser.sh %attr(0600,root,root) %ghost %config(missingok,noreplace) %verify(not md5 size mtime) /etc/pki/tls/certs/exim.pem @@ -568,7 +569,7 @@ test "$1" = 0 || %{_initrddir}/clamd.exim condrestart >/dev/null 2>&1 || : %config(noreplace) %verify(not mtime) %{_sysconfdir}/clamd.d/exim.conf %config(noreplace) %verify(not mtime) %{_sysconfdir}/sysconfig/clamd.exim %config(noreplace) %verify(not mtime) %{_sysconfdir}/logrotate.d/clamd.exim -%config(noreplace) %{_sysconfdir}/tmpfiles.d/exim-clamav.conf +%{_tmpfilesdir}/exim-clamav.conf %ghost %attr(0750,exim,exim) %dir %{_var}/run/clamd.exim %ghost %attr(0644,exim,exim) %{_var}/log/clamd.exim @@ -587,6 +588,10 @@ test "$1" = 0 || %{_initrddir}/clamd.exim condrestart >/dev/null 2>&1 || : %{_sysconfdir}/cron.daily/greylist-tidy.sh %changelog +* Sat Jan 14 2017 Ville Skyttä - 4.88-2 +- Move tmpfiles.d config to %%{_tmpfilesdir} +- Install license files as %%license + * Sun Dec 25 2016 David Woodhouse - 4.88-1 - Update to 4.88 (CVE-2016-9963 / rhbz#1405323) From 5ddc95e67a111174d0b8f4b969af1b9ec672495e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jaroslav=20=C5=A0karvada?= Date: Mon, 23 Jan 2017 15:09:19 +0100 Subject: [PATCH 154/194] Fixed DKIM Defuzzified patches and fixed some whitespaces --- exim-4.88-DKIM-fix.patch | 630 ++++++++++++++++++ ...lter.patch => exim-4.88-allow-filter.patch | 4 +- ...-4.87-cyrus.patch => exim-4.88-cyrus.patch | 6 +- ....patch => exim-4.88-dlopen-localscan.patch | 18 +- ...onf.patch => exim-4.88-greylist-conf.patch | 6 +- ...mconfig.patch => exim-4.88-pamconfig.patch | 8 +- ...procmail.patch => exim-4.88-procmail.patch | 6 +- exim-4.87-rhl.patch => exim-4.88-rhl.patch | 6 +- ....patch => exim-4.88-smarthost-config.patch | 8 +- exim.spec | 26 +- 10 files changed, 678 insertions(+), 40 deletions(-) create mode 100644 exim-4.88-DKIM-fix.patch rename exim-4.87-allow-filter.patch => exim-4.88-allow-filter.patch (81%) rename exim-4.87-cyrus.patch => exim-4.88-cyrus.patch (87%) rename exim-4.87-dlopen-localscan.patch => exim-4.88-dlopen-localscan.patch (95%) rename exim-4.87-greylist-conf.patch => exim-4.88-greylist-conf.patch (97%) rename exim-4.87-pamconfig.patch => exim-4.88-pamconfig.patch (94%) rename exim-4.87-procmail.patch => exim-4.88-procmail.patch (90%) rename exim-4.87-rhl.patch => exim-4.88-rhl.patch (84%) rename exim-4.87-smarthost-config.patch => exim-4.88-smarthost-config.patch (92%) diff --git a/exim-4.88-DKIM-fix.patch b/exim-4.88-DKIM-fix.patch new file mode 100644 index 0000000..088e318 --- /dev/null +++ b/exim-4.88-DKIM-fix.patch @@ -0,0 +1,630 @@ +diff --git a/src/auths/get_data.c b/src/auths/get_data.c +index f839a01..11bc581 100644 +--- a/src/auths/get_data.c ++++ b/src/auths/get_data.c +@@ -31,7 +31,7 @@ auth_get_data(uschar **aptr, uschar *challenge, int challen) + int c; + int p = 0; + smtp_printf("334 %s\r\n", b64encode(challenge, challen)); +-while ((c = receive_getc()) != '\n' && c != EOF) ++while ((c = receive_getc(GETC_BUFFER_UNLIMITED)) != '\n' && c != EOF) + { + if (p >= big_buffer_size - 1) return BAD64; + big_buffer[p++] = c; +diff --git a/src/auths/get_no64_data.c b/src/auths/get_no64_data.c +index d3ffe08..71e7139 100644 +--- a/src/auths/get_no64_data.c ++++ b/src/auths/get_no64_data.c +@@ -32,7 +32,7 @@ auth_get_no64_data(uschar **aptr, uschar *challenge) + int c; + int p = 0; + smtp_printf("334 %s\r\n", challenge); +-while ((c = receive_getc()) != '\n' && c != EOF) ++while ((c = receive_getc(GETC_BUFFER_UNLIMITED)) != '\n' && c != EOF) + { + if (p >= big_buffer_size - 1) return BAD64; + big_buffer[p++] = c; +diff --git a/src/dkim.c b/src/dkim.c +index 70c9547..445d246 100644 +--- a/src/dkim.c ++++ b/src/dkim.c +@@ -18,6 +18,7 @@ int dkim_verify_oldpool; + pdkim_ctx *dkim_verify_ctx = NULL; + pdkim_signature *dkim_signatures = NULL; + pdkim_signature *dkim_cur_sig = NULL; ++static BOOL dkim_collect_error = FALSE; + + static int + dkim_exim_query_dns_txt(char *name, char *answer) +@@ -87,6 +88,7 @@ if (dkim_verify_ctx) + + dkim_verify_ctx = pdkim_init_verify(&dkim_exim_query_dns_txt, dot_stuffing); + dkim_collect_input = !!dkim_verify_ctx; ++dkim_collect_error = FALSE; + + /* Start feed up with any cached data */ + receive_get_cache(); +@@ -106,6 +108,7 @@ if ( dkim_collect_input + { + log_write(0, LOG_MAIN, + "DKIM: validation error: %.100s", pdkim_errstr(rc)); ++ dkim_collect_error = TRUE; + dkim_collect_input = FALSE; + } + store_pool = dkim_verify_oldpool; +@@ -127,11 +130,7 @@ store_pool = POOL_PERM; + + dkim_signatures = NULL; + +-/* If we have arrived here with dkim_collect_input == FALSE, it +-means there was a processing error somewhere along the way. +-Log the incident and disable futher verification. */ +- +-if (!dkim_collect_input) ++if (dkim_collect_error) + { + log_write(0, LOG_MAIN, + "DKIM: Error while running this message through validation," +diff --git a/src/functions.h b/src/functions.h +index 04d9410..9c60090 100644 +--- a/src/functions.h ++++ b/src/functions.h +@@ -55,7 +55,7 @@ extern int tls_export_cert(uschar *, size_t, void *); + extern int tls_feof(void); + extern int tls_ferror(void); + extern void tls_free_cert(void **); +-extern int tls_getc(void); ++extern int tls_getc(unsigned); + extern void tls_get_cache(void); + extern int tls_import_cert(const uschar *, void **); + extern int tls_read(BOOL, uschar *, size_t); +@@ -101,7 +101,7 @@ extern int auth_xtextdecode(uschar *, uschar **); + + extern uschar *b64encode(uschar *, int); + extern int b64decode(uschar *, uschar **); +-extern int bdat_getc(void); ++extern int bdat_getc(unsigned); + extern void bits_clear(unsigned int *, size_t, int *); + extern void bits_set(unsigned int *, size_t, int *); + +@@ -395,7 +395,7 @@ extern uschar *smtp_get_connection_info(void); + extern BOOL smtp_get_interface(uschar *, int, address_item *, + uschar **, uschar *); + extern BOOL smtp_get_port(uschar *, address_item *, int *, uschar *); +-extern int smtp_getc(void); ++extern int smtp_getc(unsigned); + extern void smtp_get_cache(void); + extern int smtp_handle_acl_fail(int, int, uschar *, uschar *); + extern void smtp_log_no_mail(void); +@@ -421,7 +421,7 @@ extern int spool_open_datafile(uschar *); + extern int spool_open_temp(uschar *); + extern int spool_read_header(uschar *, BOOL, BOOL); + extern int spool_write_header(uschar *, int, uschar **); +-extern int stdin_getc(void); ++extern int stdin_getc(unsigned); + extern int stdin_feof(void); + extern int stdin_ferror(void); + extern int stdin_ungetc(int); +diff --git a/src/globals.c b/src/globals.c +index c722059..649335f 100644 +--- a/src/globals.c ++++ b/src/globals.c +@@ -187,9 +187,9 @@ incoming TCP/IP. The defaults use stdin. We never need these for any + stand-alone tests. */ + + #ifndef STAND_ALONE +-int (*lwr_receive_getc)(void) = stdin_getc; ++int (*lwr_receive_getc)(unsigned) = stdin_getc; + int (*lwr_receive_ungetc)(int) = stdin_ungetc; +-int (*receive_getc)(void) = stdin_getc; ++int (*receive_getc)(unsigned) = stdin_getc; + void (*receive_get_cache)(void)= NULL; + int (*receive_ungetc)(int) = stdin_ungetc; + int (*receive_feof)(void) = stdin_feof; +diff --git a/src/globals.h b/src/globals.h +index e3dd507..344f8ef 100644 +--- a/src/globals.h ++++ b/src/globals.h +@@ -141,9 +141,9 @@ extern uschar *dsn_advertise_hosts; /* host for which TLS is advertised */ + /* Input-reading functions for messages, so we can use special ones for + incoming TCP/IP. */ + +-extern int (*lwr_receive_getc)(void); ++extern int (*lwr_receive_getc)(unsigned); + extern int (*lwr_receive_ungetc)(int); +-extern int (*receive_getc)(void); ++extern int (*receive_getc)(unsigned); + extern void (*receive_get_cache)(void); + extern int (*receive_ungetc)(int); + extern int (*receive_feof)(void); +diff --git a/src/macros.h b/src/macros.h +index 1b7cf4a..c8957d8 100644 +--- a/src/macros.h ++++ b/src/macros.h +@@ -968,5 +968,9 @@ enum { FILTER_UNSET, FILTER_FORWARD, FILTER_EXIM, FILTER_SIEVE }; + #define PEER_OFFERED_SIZE BIT(6) + #define PEER_OFFERED_CHUNKING BIT(7) + ++/* Argument for *_getc */ ++ ++#define GETC_BUFFER_UNLIMITED UINT_MAX ++ + + /* End of macros.h */ +diff --git a/src/pdkim/pdkim.c b/src/pdkim/pdkim.c +index 7bfcdf4..bcc3f09 100644 +--- a/src/pdkim/pdkim.c ++++ b/src/pdkim/pdkim.c +@@ -962,6 +962,11 @@ if (ctx->flags & PDKIM_MODE_SIGN) + /* DKIM-Signature: headers are added to the verification list */ + else + { ++ DEBUG(D_acl) ++ { ++ debug_printf("PDKIM >> raw hdr: "); ++ pdkim_quoteprint(CUS ctx->cur_header, Ustrlen(ctx->cur_header)); ++ } + if (strncasecmp(CCS ctx->cur_header, + DKIM_SIGNATURE_HEADERNAME, + Ustrlen(DKIM_SIGNATURE_HEADERNAME)) == 0) +diff --git a/src/receive.c b/src/receive.c +index e535876..9155cf1 100644 +--- a/src/receive.c ++++ b/src/receive.c +@@ -37,7 +37,7 @@ the file. (When SMTP input is occurring, different functions are used by + changing the pointer variables.) */ + + int +-stdin_getc(void) ++stdin_getc(unsigned lim) + { + return getc(stdin); + } +@@ -626,7 +626,7 @@ if (!dot_ends) + { + register int last_ch = '\n'; + +- for (; (ch = (receive_getc)()) != EOF; last_ch = ch) ++ for (; (ch = (receive_getc)(GETC_BUFFER_UNLIMITED)) != EOF; last_ch = ch) + { + if (ch == 0) body_zerocount++; + if (last_ch == '\r' && ch != '\n') +@@ -668,7 +668,7 @@ if (!dot_ends) + + ch_state = 1; + +-while ((ch = (receive_getc)()) != EOF) ++while ((ch = (receive_getc)(GETC_BUFFER_UNLIMITED)) != EOF) + { + if (ch == 0) body_zerocount++; + switch (ch_state) +@@ -786,7 +786,7 @@ int ch_state = 0; + int ch; + int linelength = 0; + +-while ((ch = (receive_getc)()) != EOF) ++while ((ch = (receive_getc)(GETC_BUFFER_UNLIMITED)) != EOF) + { + if (ch == 0) body_zerocount++; + switch (ch_state) +@@ -913,7 +913,7 @@ read_message_bdat_smtp(FILE *fout) + int ch; + int linelength = 0; + +-for (;;) switch (ch = bdat_getc()) ++for (;;) switch (ch = bdat_getc(GETC_BUFFER_UNLIMITED)) + { + case EOF: return END_EOF; + case EOD: return END_DOT; +@@ -1682,7 +1682,7 @@ next->text. */ + + for (;;) + { +- int ch = (receive_getc)(); ++ int ch = (receive_getc)(GETC_BUFFER_UNLIMITED); + + /* If we hit EOF on a SMTP connection, it's an error, since incoming + SMTP must have a correct "." terminator. */ +@@ -1761,10 +1761,10 @@ for (;;) + + if (ptr == 0 && ch == '.' && (smtp_input || dot_ends)) + { +- ch = (receive_getc)(); ++ ch = (receive_getc)(GETC_BUFFER_UNLIMITED); + if (ch == '\r') + { +- ch = (receive_getc)(); ++ ch = (receive_getc)(GETC_BUFFER_UNLIMITED); + if (ch != '\n') + { + receive_ungetc(ch); +@@ -1795,7 +1795,7 @@ for (;;) + + if (ch == '\r') + { +- ch = (receive_getc)(); ++ ch = (receive_getc)(GETC_BUFFER_UNLIMITED); + if (ch == '\n') + { + if (first_line_ended_crlf == TRUE_UNSET) first_line_ended_crlf = TRUE; +@@ -1890,7 +1890,7 @@ for (;;) + + if (ch != EOF) + { +- int nextch = (receive_getc)(); ++ int nextch = (receive_getc)(GETC_BUFFER_UNLIMITED); + if (nextch == ' ' || nextch == '\t') + { + next->text[ptr++] = nextch; +@@ -4024,7 +4024,7 @@ if (smtp_input && sender_host_address != NULL && !sender_host_notsocket && + + if (select(fileno(smtp_in) + 1, &select_check, NULL, NULL, &tv) != 0) + { +- int c = (receive_getc)(); ++ int c = (receive_getc)(GETC_BUFFER_UNLIMITED); + if (c != EOF) (receive_ungetc)(c); else + { + smtp_notquit_exit(US"connection-lost", NULL, NULL); +diff --git a/src/smtp_in.c b/src/smtp_in.c +index 1484861..82900d9 100644 +--- a/src/smtp_in.c ++++ b/src/smtp_in.c +@@ -44,11 +44,11 @@ The maximum size of a Kerberos ticket under Windows 2003 is 12000 bytes, and + we need room to handle large base64-encoded AUTHs for GSSAPI. + */ + +-#define smtp_cmd_buffer_size 16384 ++#define SMTP_CMD_BUFFER_SIZE 16384 + + /* Size of buffer for reading SMTP incoming packets */ + +-#define in_buffer_size 8192 ++#define IN_BUFFER_SIZE 8192 + + /* Structure for SMTP command list */ + +@@ -301,7 +301,7 @@ static int smtp_had_error; + + /* forward declarations */ + int bdat_ungetc(int ch); +-static int smtp_read_command(BOOL check_sync); ++static int smtp_read_command(BOOL check_sync, unsigned buffer_lim); + static int synprot_error(int type, int code, uschar *data, uschar *errmess); + static void smtp_quit_handler(uschar **, uschar **); + static void smtp_rset_handler(void); +@@ -315,12 +315,12 @@ it flushes the output, and refills the buffer, with a timeout. The signal + handler is set appropriately by the calling function. This function is not used + after a connection has negotated itself into an TLS/SSL state. + +-Arguments: none ++Arguments: lim Maximum amount to read/buffer + Returns: the next character or EOF + */ + + int +-smtp_getc(void) ++smtp_getc(unsigned lim) + { + if (smtp_inptr >= smtp_inend) + { +@@ -328,7 +328,10 @@ if (smtp_inptr >= smtp_inend) + if (!smtp_out) return EOF; + fflush(smtp_out); + if (smtp_receive_timeout > 0) alarm(smtp_receive_timeout); +- rc = read(fileno(smtp_in), smtp_inbuffer, in_buffer_size); ++ ++ /* Limit amount read, so non-message data is not fed to DKIM */ ++ ++ rc = read(fileno(smtp_in), smtp_inbuffer, MIN(IN_BUFFER_SIZE, lim)); + save_errno = errno; + alarm(0); + if (rc <= 0) +@@ -376,23 +379,26 @@ to handle the BDAT command/response. + Placed here due to the correlation with the above smtp_getc(), which it wraps, + and also by the need to do smtp command/response handling. + +-Arguments: none ++Arguments: lim (ignored) + Returns: the next character or ERR, EOD or EOF + */ + + int +-bdat_getc(void) ++bdat_getc(unsigned lim) + { + uschar * user_msg = NULL; + uschar * log_msg; + + for(;;) + { +- if (chunking_data_left-- > 0) +- return lwr_receive_getc(); ++ if (chunking_data_left > 0) ++ return lwr_receive_getc(chunking_data_left--); + + receive_getc = lwr_receive_getc; + receive_ungetc = lwr_receive_ungetc; ++#ifndef DISABLE_DKIM ++ dkim_collect_input = FALSE; ++#endif + + /* If not the last, ack the received chunk. The last response is delayed + until after the data ACL decides on it */ +@@ -405,21 +411,22 @@ for(;;) + return EOD; + } + +- chunking_state = CHUNKING_OFFERED; + smtp_printf("250 %u byte chunk received\r\n", chunking_datasize); ++ chunking_state = CHUNKING_OFFERED; ++ DEBUG(D_receive) debug_printf("chunking state %d\n", (int)chunking_state); + + /* Expect another BDAT cmd from input. RFC 3030 says nothing about + QUIT, RSET or NOOP but handling them seems obvious */ + + next_cmd: +- switch(smtp_read_command(TRUE)) ++ switch(smtp_read_command(TRUE, 1)) + { + default: + (void) synprot_error(L_smtp_protocol_error, 503, NULL, + US"only BDAT permissible after non-LAST BDAT"); + + repeat_until_rset: +- switch(smtp_read_command(TRUE)) ++ switch(smtp_read_command(TRUE, 1)) + { + case QUIT_CMD: smtp_quit_handler(&user_msg, &log_msg); /*FALLTHROUGH */ + case EOF_CMD: return EOF; +@@ -458,6 +465,8 @@ next_cmd: + chunking_state = strcmpic(smtp_cmd_data+n, US"LAST") == 0 + ? CHUNKING_LAST : CHUNKING_ACTIVE; + chunking_data_left = chunking_datasize; ++ DEBUG(D_receive) debug_printf("chunking state %d, %d bytes\n", ++ (int)chunking_state, chunking_data_left); + + if (chunking_datasize == 0) + if (chunking_state == CHUNKING_LAST) +@@ -471,6 +480,9 @@ next_cmd: + + receive_getc = bdat_getc; + receive_ungetc = bdat_ungetc; ++#ifndef DISABLE_DKIM ++ dkim_collect_input = TRUE; ++#endif + break; /* to top of main loop */ + } + } +@@ -480,15 +492,18 @@ next_cmd: + static void + bdat_flush_data(void) + { +-while (chunking_data_left-- > 0) +- if (lwr_receive_getc() < 0) ++while (chunking_data_left > 0) ++ if (lwr_receive_getc(chunking_data_left--) < 0) + break; + + receive_getc = lwr_receive_getc; + receive_ungetc = lwr_receive_ungetc; + + if (chunking_state != CHUNKING_LAST) ++ { + chunking_state = CHUNKING_OFFERED; ++ DEBUG(D_receive) debug_printf("chunking state %d\n", (int)chunking_state); ++ } + } + + +@@ -1126,13 +1141,14 @@ signal handler that closes down the session on a timeout. Control does not + return when it runs. + + Arguments: +- check_sync if TRUE, check synchronization rules if global option is TRUE ++ check_sync if TRUE, check synchronization rules if global option is TRUE ++ buffer_lim maximum to buffer in lower layer + + Returns: a code identifying the command (enumerated above) + */ + + static int +-smtp_read_command(BOOL check_sync) ++smtp_read_command(BOOL check_sync, unsigned buffer_lim) + { + int c; + int ptr = 0; +@@ -1141,9 +1157,9 @@ BOOL hadnull = FALSE; + + os_non_restarting_signal(SIGALRM, command_timeout_handler); + +-while ((c = (receive_getc)()) != '\n' && c != EOF) ++while ((c = (receive_getc)(buffer_lim)) != '\n' && c != EOF) + { +- if (ptr >= smtp_cmd_buffer_size) ++ if (ptr >= SMTP_CMD_BUFFER_SIZE) + { + os_non_restarting_signal(SIGALRM, sigalrm_handler); + return OTHER_CMD; +@@ -1301,7 +1317,7 @@ tzero.tv_usec = 0; + rc = select(fd + 1, (SELECT_ARG2_TYPE *)&fds, NULL, NULL, &tzero); + + if (rc <= 0) return TRUE; /* Not ready to read */ +-rc = smtp_getc(); ++rc = smtp_getc(GETC_BUFFER_UNLIMITED); + if (rc < 0) return TRUE; /* End of file or error */ + + smtp_ungetc(rc); +@@ -1337,7 +1353,7 @@ if (smtp_in == NULL || smtp_batched_input) return; + receive_swallow_smtp(); + smtp_printf("421 %s\r\n", message); + +-for (;;) switch(smtp_read_command(FALSE)) ++for (;;) switch(smtp_read_command(FALSE, GETC_BUFFER_UNLIMITED)) + { + case EOF_CMD: + return; +@@ -1781,7 +1797,7 @@ while (done <= 0) + uschar *recipient = NULL; + int start, end, sender_domain, recipient_domain; + +- switch(smtp_read_command(FALSE)) ++ switch(smtp_read_command(FALSE, GETC_BUFFER_UNLIMITED)) + { + /* The HELO/EHLO commands set sender_address_helo if they have + valid data; otherwise they are ignored, except that they do +@@ -2040,12 +2056,12 @@ acl_var_c = NULL; + + /* Allow for trailing 0 in the command and data buffers. */ + +-if (!(smtp_cmd_buffer = US malloc(2*smtp_cmd_buffer_size + 2))) ++if (!(smtp_cmd_buffer = US malloc(2*SMTP_CMD_BUFFER_SIZE + 2))) + log_write(0, LOG_MAIN|LOG_PANIC_DIE, + "malloc() failed for SMTP command buffer"); + + smtp_cmd_buffer[0] = 0; +-smtp_data_buffer = smtp_cmd_buffer + smtp_cmd_buffer_size + 1; ++smtp_data_buffer = smtp_cmd_buffer + SMTP_CMD_BUFFER_SIZE + 1; + + /* For batched input, the protocol setting can be overridden from the + command line by a trusted caller. */ +@@ -2065,7 +2081,7 @@ else + /* Set up the buffer for inputting using direct read() calls, and arrange to + call the local functions instead of the standard C ones. */ + +-if (!(smtp_inbuffer = (uschar *)malloc(in_buffer_size))) ++if (!(smtp_inbuffer = (uschar *)malloc(IN_BUFFER_SIZE))) + log_write(0, LOG_MAIN|LOG_PANIC_DIE, "malloc() failed for SMTP input buffer"); + + receive_getc = smtp_getc; +@@ -3550,7 +3566,7 @@ while (done <= 0) + US &off, sizeof(off)); + #endif + +- switch(smtp_read_command(TRUE)) ++ switch(smtp_read_command(TRUE, GETC_BUFFER_UNLIMITED)) + { + /* The AUTH command is not permitted to occur inside a transaction, and may + occur successfully only once per connection. Actually, that isn't quite +@@ -4750,14 +4766,14 @@ while (done <= 0) + chunking_state = strcmpic(smtp_cmd_data+n, US"LAST") == 0 + ? CHUNKING_LAST : CHUNKING_ACTIVE; + chunking_data_left = chunking_datasize; ++ DEBUG(D_receive) debug_printf("chunking state %d, %d bytes\n", ++ (int)chunking_state, chunking_data_left); + + lwr_receive_getc = receive_getc; + lwr_receive_ungetc = receive_ungetc; + receive_getc = bdat_getc; + receive_ungetc = bdat_ungetc; + +- DEBUG(D_any) +- debug_printf("chunking state %d\n", (int)chunking_state); + goto DATA_BDAT; + } + +@@ -4973,7 +4989,7 @@ while (done <= 0) + It seems safest to just wipe away the content rather than leave it as a + target to jump to. */ + +- memset(smtp_inbuffer, 0, in_buffer_size); ++ memset(smtp_inbuffer, 0, IN_BUFFER_SIZE); + + /* Attempt to start up a TLS session, and if successful, discard all + knowledge that was obtained previously. At least, that's what the RFC says, +@@ -5027,7 +5043,7 @@ while (done <= 0) + set, but we must still reject all incoming commands. */ + + DEBUG(D_tls) debug_printf("TLS failed to start\n"); +- while (done <= 0) switch(smtp_read_command(FALSE)) ++ while (done <= 0) switch(smtp_read_command(FALSE, GETC_BUFFER_UNLIMITED)) + { + case EOF_CMD: + log_write(L_smtp_connection, LOG_MAIN, "%s closed by EOF", +@@ -5315,8 +5331,8 @@ while (done <= 0) + + case BADSYN_CMD: + SYNC_FAILURE: +- if (smtp_inend >= smtp_inbuffer + in_buffer_size) +- smtp_inend = smtp_inbuffer + in_buffer_size - 1; ++ if (smtp_inend >= smtp_inbuffer + IN_BUFFER_SIZE) ++ smtp_inend = smtp_inbuffer + IN_BUFFER_SIZE - 1; + c = smtp_inend - smtp_inptr; + if (c > 150) c = 150; + smtp_inptr[c] = 0; +diff --git a/src/tls-gnu.c b/src/tls-gnu.c +index 10bfaca..181dde4 100644 +--- a/src/tls-gnu.c ++++ b/src/tls-gnu.c +@@ -2158,12 +2158,12 @@ Only used by the server-side TLS. + + This feeds DKIM and should be used for all message-body reads. + +-Arguments: none ++Arguments: lim Maximum amount to read/bufffer + Returns: the next character or EOF + */ + + int +-tls_getc(void) ++tls_getc(unsigned lim) + { + exim_gnutls_state_st *state = &state_server; + if (state->xfer_buffer_lwm >= state->xfer_buffer_hwm) +@@ -2175,7 +2175,7 @@ if (state->xfer_buffer_lwm >= state->xfer_buffer_hwm) + + if (smtp_receive_timeout > 0) alarm(smtp_receive_timeout); + inbytes = gnutls_record_recv(state->session, state->xfer_buffer, +- ssl_xfer_buffer_size); ++ MIN(ssl_xfer_buffer_size, lim)); + alarm(0); + + /* Timeouts do not get this far; see command_timeout_handler(). +@@ -2213,7 +2213,7 @@ if (state->xfer_buffer_lwm >= state->xfer_buffer_hwm) + state->tlsp->peercert = NULL; + state->tlsp->peerdn = NULL; + +- return smtp_getc(); ++ return smtp_getc(lim); + } + + /* Handle genuine errors */ +diff --git a/src/tls-openssl.c b/src/tls-openssl.c +index d9426ac..0ac7d03 100644 +--- a/src/tls-openssl.c ++++ b/src/tls-openssl.c +@@ -2360,14 +2360,14 @@ return OK; + /* This gets the next byte from the TLS input buffer. If the buffer is empty, + it refills the buffer via the SSL reading function. + +-Arguments: none ++Arguments: lim Maximum amount to read/buffer + Returns: the next character or EOF + + Only used by the server-side TLS. + */ + + int +-tls_getc(void) ++tls_getc(unsigned lim) + { + if (ssl_xfer_buffer_lwm >= ssl_xfer_buffer_hwm) + { +@@ -2378,7 +2378,8 @@ if (ssl_xfer_buffer_lwm >= ssl_xfer_buffer_hwm) + ssl_xfer_buffer, ssl_xfer_buffer_size); + + if (smtp_receive_timeout > 0) alarm(smtp_receive_timeout); +- inbytes = SSL_read(server_ssl, CS ssl_xfer_buffer, ssl_xfer_buffer_size); ++ inbytes = SSL_read(server_ssl, CS ssl_xfer_buffer, ++ MIN(ssl_xfer_buffer_size, lim)); + error = SSL_get_error(server_ssl, inbytes); + alarm(0); + +@@ -2405,7 +2406,7 @@ if (ssl_xfer_buffer_lwm >= ssl_xfer_buffer_hwm) + tls_in.peerdn = NULL; + tls_in.sni = NULL; + +- return smtp_getc(); ++ return smtp_getc(lim); + } + + /* Handle genuine errors */ diff --git a/exim-4.87-allow-filter.patch b/exim-4.88-allow-filter.patch similarity index 81% rename from exim-4.87-allow-filter.patch rename to exim-4.88-allow-filter.patch index c3a94f3..c579f40 100644 --- a/exim-4.87-allow-filter.patch +++ b/exim-4.88-allow-filter.patch @@ -1,8 +1,8 @@ diff --git a/src/configure.default b/src/configure.default -index e4ca5b9..d1ce2f1 100644 +index 1e3c63f..0e7854c 100644 --- a/src/configure.default +++ b/src/configure.default -@@ -722,7 +722,7 @@ userforward: +@@ -724,7 +724,7 @@ userforward: # local_part_suffix = +* : -* # local_part_suffix_optional file = $home/.forward diff --git a/exim-4.87-cyrus.patch b/exim-4.88-cyrus.patch similarity index 87% rename from exim-4.87-cyrus.patch rename to exim-4.88-cyrus.patch index 97f2710..395de3a 100644 --- a/exim-4.87-cyrus.patch +++ b/exim-4.88-cyrus.patch @@ -1,12 +1,12 @@ diff --git a/src/configure.default b/src/configure.default -index 12ed1e0..0af6fb8 100644 +index 8b6162b..d588898 100644 --- a/src/configure.default +++ b/src/configure.default -@@ -763,6 +763,16 @@ address_reply: +@@ -765,6 +765,16 @@ address_reply: driver = autoreply -+# This transport is used to deliver local mail to cyrus IMAP server via UNIX ++# This transport is used to deliver local mail to cyrus IMAP server via UNIX +# socket. You'll need to configure the 'localuser' router above to use it. +# +#lmtp_delivery: diff --git a/exim-4.87-dlopen-localscan.patch b/exim-4.88-dlopen-localscan.patch similarity index 95% rename from exim-4.87-dlopen-localscan.patch rename to exim-4.88-dlopen-localscan.patch index 6712860..d641f09 100644 --- a/exim-4.87-dlopen-localscan.patch +++ b/exim-4.88-dlopen-localscan.patch @@ -1,8 +1,8 @@ diff --git a/src/EDITME b/src/EDITME -index bbb7527..df3dcc8 100644 +index 5a08197..3921db6 100644 --- a/src/EDITME +++ b/src/EDITME -@@ -784,6 +784,20 @@ TLS_LIBS=-lssl -lcrypto +@@ -792,6 +792,20 @@ TLS_LIBS=-lssl -lcrypto #------------------------------------------------------------------------------ @@ -24,7 +24,7 @@ index bbb7527..df3dcc8 100644 # documentation. Other forms are available separately. If you want to install # the documentation in "info" format, first fetch the Texinfo documentation diff --git a/src/config.h.defaults b/src/config.h.defaults -index 266c268..6a4a1f8 100644 +index bafdc1b..c6ba256 100644 --- a/src/config.h.defaults +++ b/src/config.h.defaults @@ -28,6 +28,8 @@ it's a default value. */ @@ -37,10 +37,10 @@ index 266c268..6a4a1f8 100644 #define CONFIGURE_FILE diff --git a/src/globals.c b/src/globals.c -index ec2685b..f8375bf 100644 +index f83d850..c722059 100644 --- a/src/globals.c +++ b/src/globals.c -@@ -171,6 +171,10 @@ uschar *tls_verify_hosts = NULL; +@@ -167,6 +167,10 @@ uschar *tls_verify_hosts = NULL; uschar *tls_advertise_hosts = NULL; #endif @@ -52,10 +52,10 @@ index ec2685b..f8375bf 100644 /* Per Recipient Data Response variables */ BOOL prdr_enable = FALSE; diff --git a/src/globals.h b/src/globals.h -index 57a5695..0a60902 100644 +index b3747a8..e3dd507 100644 --- a/src/globals.h +++ b/src/globals.h -@@ -129,6 +129,11 @@ extern uschar *tls_try_verify_hosts; /* Optional client verification */ +@@ -126,6 +126,11 @@ extern uschar *tls_try_verify_hosts; /* Optional client verification */ extern uschar *tls_verify_certificates;/* Path for certificates to check */ extern uschar *tls_verify_hosts; /* Mandatory client verification */ #endif @@ -251,10 +251,10 @@ index 3500047..8599172 100644 + /* End of local_scan.c */ diff --git a/src/readconf.c b/src/readconf.c -index 5ca6a84..f1ec503 100644 +index b2a3c73..6f2efa0 100644 --- a/src/readconf.c +++ b/src/readconf.c -@@ -317,6 +317,9 @@ static optionlist optionlist_config[] = { +@@ -314,6 +314,9 @@ static optionlist optionlist_config[] = { { "local_from_prefix", opt_stringptr, &local_from_prefix }, { "local_from_suffix", opt_stringptr, &local_from_suffix }, { "local_interfaces", opt_stringptr, &local_interfaces }, diff --git a/exim-4.87-greylist-conf.patch b/exim-4.88-greylist-conf.patch similarity index 97% rename from exim-4.87-greylist-conf.patch rename to exim-4.88-greylist-conf.patch index 0741a3e..a579e66 100644 --- a/exim-4.87-greylist-conf.patch +++ b/exim-4.88-greylist-conf.patch @@ -1,5 +1,5 @@ diff --git a/src/configure.default b/src/configure.default -index 1f10008..40b3bb2 100644 +index 921c53b..a92c954 100644 --- a/src/configure.default +++ b/src/configure.default @@ -107,6 +107,7 @@ hostlist relay_from_hosts = localhost @@ -72,7 +72,7 @@ index 1f10008..40b3bb2 100644 # At this point, the address has passed all the checks that have been # configured, so we accept it unconditionally. -@@ -544,6 +577,12 @@ acl_check_data: +@@ -546,6 +579,12 @@ acl_check_data: # deny condition = ${if !def:h_Message-ID: {1}} # message = RFC2822 says that all mail SHOULD have a Message-ID header.\n\ # Most messages without it are spam, so your mail has been rejected. @@ -85,7 +85,7 @@ index 1f10008..40b3bb2 100644 # Deny if the message contains a virus. Before enabling this check, you # must install a virus scanner and set the av_scanner option above. -@@ -578,8 +617,30 @@ acl_check_data: +@@ -580,8 +619,30 @@ acl_check_data: # message = Your message scored $spam_score SpamAssassin point. Report follows:\n\ # $spam_report diff --git a/exim-4.87-pamconfig.patch b/exim-4.88-pamconfig.patch similarity index 94% rename from exim-4.87-pamconfig.patch rename to exim-4.88-pamconfig.patch index c068a96..031cebe 100644 --- a/exim-4.87-pamconfig.patch +++ b/exim-4.88-pamconfig.patch @@ -1,5 +1,5 @@ diff --git a/src/configure.default b/src/configure.default -index 0af6fb8..531435b 100644 +index d588898..61bdae8 100644 --- a/src/configure.default +++ b/src/configure.default @@ -142,7 +142,7 @@ acl_smtp_data = acl_check_data @@ -43,7 +43,7 @@ index 0af6fb8..531435b 100644 +# Kerberos rather than only local users, then you possibly also want +# to configure /etc/sysconfig/saslauthd to use the 'pam' mechanism +# too. Once a user is authenticated, the acl_check_rcpt ACL then -+# allows them to relay through the system. ++# allows them to relay through the system. +# +# auth_advertise_hosts = ${if eq {$tls_cipher}{}{}{*}} +# @@ -58,7 +58,7 @@ index 0af6fb8..531435b 100644 # The settings below cause Exim to make RFC 1413 (ident) callbacks # for all incoming SMTP calls. You can limit the hosts to which these -@@ -842,7 +860,7 @@ begin authenticators +@@ -844,7 +862,7 @@ begin authenticators # driver = plaintext # server_set_id = $auth2 # server_prompts = : @@ -67,7 +67,7 @@ index 0af6fb8..531435b 100644 # server_advertise_condition = ${if def:tls_in_cipher } # LOGIN authentication has traditional prompts and responses. There is no -@@ -854,7 +872,7 @@ begin authenticators +@@ -856,7 +874,7 @@ begin authenticators # driver = plaintext # server_set_id = $auth1 # server_prompts = <| Username: | Password: diff --git a/exim-4.87-procmail.patch b/exim-4.88-procmail.patch similarity index 90% rename from exim-4.87-procmail.patch rename to exim-4.88-procmail.patch index 66b9fc2..1227d84 100644 --- a/exim-4.87-procmail.patch +++ b/exim-4.88-procmail.patch @@ -1,8 +1,8 @@ diff --git a/src/configure.default b/src/configure.default -index 374c51d..e4ca5b9 100644 +index ecc3d6e..1e3c63f 100644 --- a/src/configure.default +++ b/src/configure.default -@@ -730,6 +730,12 @@ userforward: +@@ -732,6 +732,12 @@ userforward: pipe_transport = address_pipe reply_transport = address_reply @@ -15,7 +15,7 @@ index 374c51d..e4ca5b9 100644 # This router matches local user mailboxes. If the router fails, the error # message is "Unknown user". -@@ -771,6 +777,16 @@ remote_smtp: +@@ -773,6 +779,16 @@ remote_smtp: driver = smtp message_size_limit = ${if > {$max_received_linelength}{998} {1}{0}} diff --git a/exim-4.87-rhl.patch b/exim-4.88-rhl.patch similarity index 84% rename from exim-4.87-rhl.patch rename to exim-4.88-rhl.patch index 8f8be4f..0a8af5a 100644 --- a/exim-4.87-rhl.patch +++ b/exim-4.88-rhl.patch @@ -1,8 +1,8 @@ diff --git a/src/configure.default b/src/configure.default -index 3c8cf97..12ed1e0 100644 +index 985f1d0..8b6162b 100644 --- a/src/configure.default +++ b/src/configure.default -@@ -628,7 +628,7 @@ system_aliases: +@@ -630,7 +630,7 @@ system_aliases: driver = redirect allow_fail allow_defer @@ -11,7 +11,7 @@ index 3c8cf97..12ed1e0 100644 # user = exim file_transport = address_file pipe_transport = address_pipe -@@ -729,8 +729,8 @@ local_delivery: +@@ -731,8 +731,8 @@ local_delivery: delivery_date_add envelope_to_add return_path_add diff --git a/exim-4.87-smarthost-config.patch b/exim-4.88-smarthost-config.patch similarity index 92% rename from exim-4.87-smarthost-config.patch rename to exim-4.88-smarthost-config.patch index 8cdcebf..75c3fcd 100644 --- a/exim-4.87-smarthost-config.patch +++ b/exim-4.88-smarthost-config.patch @@ -1,8 +1,8 @@ diff --git a/src/configure.default b/src/configure.default -index 40b3bb2..9acae90 100644 +index a92c954..13599ae 100644 --- a/src/configure.default +++ b/src/configure.default -@@ -838,6 +838,15 @@ remote_smtp: +@@ -840,6 +840,15 @@ remote_smtp: driver = smtp message_size_limit = ${if > {$max_received_linelength}{998} {1}{0}} @@ -18,7 +18,7 @@ index 40b3bb2..9acae90 100644 # This transport invokes procmail to deliver mail procmail: driver = pipe -@@ -946,6 +955,21 @@ begin rewrite +@@ -948,6 +957,21 @@ begin rewrite # AUTHENTICATION CONFIGURATION # ###################################################################### @@ -40,7 +40,7 @@ index 40b3bb2..9acae90 100644 # The following authenticators support plaintext username/password # authentication using the standard PLAIN mechanism and the traditional # but non-standard LOGIN mechanism, with Exim acting as the server. -@@ -961,7 +985,7 @@ begin rewrite +@@ -963,7 +987,7 @@ begin rewrite # The default RCPT ACL checks for successful authentication, and will accept # messages from authenticated users from anywhere on the Internet. diff --git a/exim.spec b/exim.spec index 8402752..0fb83b2 100644 --- a/exim.spec +++ b/exim.spec @@ -14,7 +14,7 @@ Summary: The exim mail transfer agent Name: exim Version: 4.88 -Release: 2%{?dist} +Release: 3%{?dist} License: GPLv2+ Url: http://www.exim.org/ Group: System Environment/Daemons @@ -46,22 +46,25 @@ Source24: exim.service Source25: exim-gen-cert Source26: clamd.exim.service -Patch4: exim-4.87-rhl.patch +Patch4: exim-4.88-rhl.patch Patch6: exim-4.88-config.patch Patch8: exim-4.82-libdir.patch -Patch12: exim-4.87-cyrus.patch -Patch13: exim-4.87-pamconfig.patch +Patch12: exim-4.88-cyrus.patch +Patch13: exim-4.88-pamconfig.patch Patch14: exim-4.87-spamdconf.patch -Patch18: exim-4.87-dlopen-localscan.patch -Patch19: exim-4.87-procmail.patch -Patch20: exim-4.87-allow-filter.patch +Patch18: exim-4.88-dlopen-localscan.patch +Patch19: exim-4.88-procmail.patch +Patch20: exim-4.88-allow-filter.patch Patch21: exim-4.87-localhost-is-local.patch -Patch22: exim-4.87-greylist-conf.patch -Patch23: exim-4.87-smarthost-config.patch +Patch22: exim-4.88-greylist-conf.patch +Patch23: exim-4.88-smarthost-config.patch Patch25: exim-4.87-dynlookup-config.patch # Upstream ticket: http://bugs.exim.org/show_bug.cgi?id=1584 Patch26: exim-4.85-pic.patch Patch27: exim-4.87-environment.patch +# Upstream ticket: https://bugs.exim.org/show_bug.cgi?id=2016 +# Upsream patch: https://git.exim.org/exim.git/patch/bd8fbe3606d80e5a3fc02fe71b521146c6938448 +Patch28: exim-4.88-DKIM-fix.patch Requires: /etc/pki/tls/certs /etc/pki/tls/private Requires: /etc/aliases @@ -208,6 +211,7 @@ greylisting unconditional. %patch25 -p1 -b .dynconfig %patch26 -p1 -b .fpic %patch27 -p1 -b .environment +%patch28 -p1 -b .DKIM-fix cp src/EDITME Local/Makefile sed -i 's@^# LOOKUP_MODULE_DIR=.*@LOOKUP_MODULE_DIR=%{_libdir}/exim/%{version}-%{release}/lookups@' Local/Makefile @@ -588,6 +592,10 @@ test "$1" = 0 || %{_initrddir}/clamd.exim condrestart >/dev/null 2>&1 || : %{_sysconfdir}/cron.daily/greylist-tidy.sh %changelog +* Mon Jan 23 2017 Jaroslav Škarvada - 4.88-3 +- Fixed DKIM +- Defuzzified patches and fixed some whitespaces + * Sat Jan 14 2017 Ville Skyttä - 4.88-2 - Move tmpfiles.d config to %%{_tmpfilesdir} - Install license files as %%license From c6b43247f8a1c41aa452f510ddf269dcf80ef998 Mon Sep 17 00:00:00 2001 From: Fedora Release Engineering Date: Fri, 10 Feb 2017 09:29:57 +0000 Subject: [PATCH 155/194] - Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild --- exim.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/exim.spec b/exim.spec index 0fb83b2..399ee37 100644 --- a/exim.spec +++ b/exim.spec @@ -14,7 +14,7 @@ Summary: The exim mail transfer agent Name: exim Version: 4.88 -Release: 3%{?dist} +Release: 4%{?dist} License: GPLv2+ Url: http://www.exim.org/ Group: System Environment/Daemons @@ -592,6 +592,9 @@ test "$1" = 0 || %{_initrddir}/clamd.exim condrestart >/dev/null 2>&1 || : %{_sysconfdir}/cron.daily/greylist-tidy.sh %changelog +* Fri Feb 10 2017 Fedora Release Engineering - 4.88-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild + * Mon Jan 23 2017 Jaroslav Škarvada - 4.88-3 - Fixed DKIM - Defuzzified patches and fixed some whitespaces From 392e7d948b9034b52fb8effa5c52a3a41da4fc21 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jaroslav=20=C5=A0karvada?= Date: Wed, 8 Mar 2017 16:32:56 +0100 Subject: [PATCH 156/194] New version Resolves: rhbz#1430156 Switched to xz archive Dropped DKIM-fix patch (already upstream) --- .gitignore | 1 + exim-4.88-DKIM-fix.patch | 630 ------------------ ....88-config.patch => exim-4.89-config.patch | 41 +- ....patch => exim-4.89-dlopen-localscan.patch | 14 +- ...nment.patch => exim-4.89-environment.patch | 2 +- exim.spec | 22 +- sources | 2 +- 7 files changed, 43 insertions(+), 669 deletions(-) delete mode 100644 exim-4.88-DKIM-fix.patch rename exim-4.88-config.patch => exim-4.89-config.patch (89%) rename exim-4.88-dlopen-localscan.patch => exim-4.89-dlopen-localscan.patch (97%) rename exim-4.87-environment.patch => exim-4.89-environment.patch (83%) diff --git a/.gitignore b/.gitignore index d4101b7..f059899 100644 --- a/.gitignore +++ b/.gitignore @@ -1 +1,2 @@ exim-*.tar.bz2 +/exim-4.89.tar.xz diff --git a/exim-4.88-DKIM-fix.patch b/exim-4.88-DKIM-fix.patch deleted file mode 100644 index 088e318..0000000 --- a/exim-4.88-DKIM-fix.patch +++ /dev/null @@ -1,630 +0,0 @@ -diff --git a/src/auths/get_data.c b/src/auths/get_data.c -index f839a01..11bc581 100644 ---- a/src/auths/get_data.c -+++ b/src/auths/get_data.c -@@ -31,7 +31,7 @@ auth_get_data(uschar **aptr, uschar *challenge, int challen) - int c; - int p = 0; - smtp_printf("334 %s\r\n", b64encode(challenge, challen)); --while ((c = receive_getc()) != '\n' && c != EOF) -+while ((c = receive_getc(GETC_BUFFER_UNLIMITED)) != '\n' && c != EOF) - { - if (p >= big_buffer_size - 1) return BAD64; - big_buffer[p++] = c; -diff --git a/src/auths/get_no64_data.c b/src/auths/get_no64_data.c -index d3ffe08..71e7139 100644 ---- a/src/auths/get_no64_data.c -+++ b/src/auths/get_no64_data.c -@@ -32,7 +32,7 @@ auth_get_no64_data(uschar **aptr, uschar *challenge) - int c; - int p = 0; - smtp_printf("334 %s\r\n", challenge); --while ((c = receive_getc()) != '\n' && c != EOF) -+while ((c = receive_getc(GETC_BUFFER_UNLIMITED)) != '\n' && c != EOF) - { - if (p >= big_buffer_size - 1) return BAD64; - big_buffer[p++] = c; -diff --git a/src/dkim.c b/src/dkim.c -index 70c9547..445d246 100644 ---- a/src/dkim.c -+++ b/src/dkim.c -@@ -18,6 +18,7 @@ int dkim_verify_oldpool; - pdkim_ctx *dkim_verify_ctx = NULL; - pdkim_signature *dkim_signatures = NULL; - pdkim_signature *dkim_cur_sig = NULL; -+static BOOL dkim_collect_error = FALSE; - - static int - dkim_exim_query_dns_txt(char *name, char *answer) -@@ -87,6 +88,7 @@ if (dkim_verify_ctx) - - dkim_verify_ctx = pdkim_init_verify(&dkim_exim_query_dns_txt, dot_stuffing); - dkim_collect_input = !!dkim_verify_ctx; -+dkim_collect_error = FALSE; - - /* Start feed up with any cached data */ - receive_get_cache(); -@@ -106,6 +108,7 @@ if ( dkim_collect_input - { - log_write(0, LOG_MAIN, - "DKIM: validation error: %.100s", pdkim_errstr(rc)); -+ dkim_collect_error = TRUE; - dkim_collect_input = FALSE; - } - store_pool = dkim_verify_oldpool; -@@ -127,11 +130,7 @@ store_pool = POOL_PERM; - - dkim_signatures = NULL; - --/* If we have arrived here with dkim_collect_input == FALSE, it --means there was a processing error somewhere along the way. --Log the incident and disable futher verification. */ -- --if (!dkim_collect_input) -+if (dkim_collect_error) - { - log_write(0, LOG_MAIN, - "DKIM: Error while running this message through validation," -diff --git a/src/functions.h b/src/functions.h -index 04d9410..9c60090 100644 ---- a/src/functions.h -+++ b/src/functions.h -@@ -55,7 +55,7 @@ extern int tls_export_cert(uschar *, size_t, void *); - extern int tls_feof(void); - extern int tls_ferror(void); - extern void tls_free_cert(void **); --extern int tls_getc(void); -+extern int tls_getc(unsigned); - extern void tls_get_cache(void); - extern int tls_import_cert(const uschar *, void **); - extern int tls_read(BOOL, uschar *, size_t); -@@ -101,7 +101,7 @@ extern int auth_xtextdecode(uschar *, uschar **); - - extern uschar *b64encode(uschar *, int); - extern int b64decode(uschar *, uschar **); --extern int bdat_getc(void); -+extern int bdat_getc(unsigned); - extern void bits_clear(unsigned int *, size_t, int *); - extern void bits_set(unsigned int *, size_t, int *); - -@@ -395,7 +395,7 @@ extern uschar *smtp_get_connection_info(void); - extern BOOL smtp_get_interface(uschar *, int, address_item *, - uschar **, uschar *); - extern BOOL smtp_get_port(uschar *, address_item *, int *, uschar *); --extern int smtp_getc(void); -+extern int smtp_getc(unsigned); - extern void smtp_get_cache(void); - extern int smtp_handle_acl_fail(int, int, uschar *, uschar *); - extern void smtp_log_no_mail(void); -@@ -421,7 +421,7 @@ extern int spool_open_datafile(uschar *); - extern int spool_open_temp(uschar *); - extern int spool_read_header(uschar *, BOOL, BOOL); - extern int spool_write_header(uschar *, int, uschar **); --extern int stdin_getc(void); -+extern int stdin_getc(unsigned); - extern int stdin_feof(void); - extern int stdin_ferror(void); - extern int stdin_ungetc(int); -diff --git a/src/globals.c b/src/globals.c -index c722059..649335f 100644 ---- a/src/globals.c -+++ b/src/globals.c -@@ -187,9 +187,9 @@ incoming TCP/IP. The defaults use stdin. We never need these for any - stand-alone tests. */ - - #ifndef STAND_ALONE --int (*lwr_receive_getc)(void) = stdin_getc; -+int (*lwr_receive_getc)(unsigned) = stdin_getc; - int (*lwr_receive_ungetc)(int) = stdin_ungetc; --int (*receive_getc)(void) = stdin_getc; -+int (*receive_getc)(unsigned) = stdin_getc; - void (*receive_get_cache)(void)= NULL; - int (*receive_ungetc)(int) = stdin_ungetc; - int (*receive_feof)(void) = stdin_feof; -diff --git a/src/globals.h b/src/globals.h -index e3dd507..344f8ef 100644 ---- a/src/globals.h -+++ b/src/globals.h -@@ -141,9 +141,9 @@ extern uschar *dsn_advertise_hosts; /* host for which TLS is advertised */ - /* Input-reading functions for messages, so we can use special ones for - incoming TCP/IP. */ - --extern int (*lwr_receive_getc)(void); -+extern int (*lwr_receive_getc)(unsigned); - extern int (*lwr_receive_ungetc)(int); --extern int (*receive_getc)(void); -+extern int (*receive_getc)(unsigned); - extern void (*receive_get_cache)(void); - extern int (*receive_ungetc)(int); - extern int (*receive_feof)(void); -diff --git a/src/macros.h b/src/macros.h -index 1b7cf4a..c8957d8 100644 ---- a/src/macros.h -+++ b/src/macros.h -@@ -968,5 +968,9 @@ enum { FILTER_UNSET, FILTER_FORWARD, FILTER_EXIM, FILTER_SIEVE }; - #define PEER_OFFERED_SIZE BIT(6) - #define PEER_OFFERED_CHUNKING BIT(7) - -+/* Argument for *_getc */ -+ -+#define GETC_BUFFER_UNLIMITED UINT_MAX -+ - - /* End of macros.h */ -diff --git a/src/pdkim/pdkim.c b/src/pdkim/pdkim.c -index 7bfcdf4..bcc3f09 100644 ---- a/src/pdkim/pdkim.c -+++ b/src/pdkim/pdkim.c -@@ -962,6 +962,11 @@ if (ctx->flags & PDKIM_MODE_SIGN) - /* DKIM-Signature: headers are added to the verification list */ - else - { -+ DEBUG(D_acl) -+ { -+ debug_printf("PDKIM >> raw hdr: "); -+ pdkim_quoteprint(CUS ctx->cur_header, Ustrlen(ctx->cur_header)); -+ } - if (strncasecmp(CCS ctx->cur_header, - DKIM_SIGNATURE_HEADERNAME, - Ustrlen(DKIM_SIGNATURE_HEADERNAME)) == 0) -diff --git a/src/receive.c b/src/receive.c -index e535876..9155cf1 100644 ---- a/src/receive.c -+++ b/src/receive.c -@@ -37,7 +37,7 @@ the file. (When SMTP input is occurring, different functions are used by - changing the pointer variables.) */ - - int --stdin_getc(void) -+stdin_getc(unsigned lim) - { - return getc(stdin); - } -@@ -626,7 +626,7 @@ if (!dot_ends) - { - register int last_ch = '\n'; - -- for (; (ch = (receive_getc)()) != EOF; last_ch = ch) -+ for (; (ch = (receive_getc)(GETC_BUFFER_UNLIMITED)) != EOF; last_ch = ch) - { - if (ch == 0) body_zerocount++; - if (last_ch == '\r' && ch != '\n') -@@ -668,7 +668,7 @@ if (!dot_ends) - - ch_state = 1; - --while ((ch = (receive_getc)()) != EOF) -+while ((ch = (receive_getc)(GETC_BUFFER_UNLIMITED)) != EOF) - { - if (ch == 0) body_zerocount++; - switch (ch_state) -@@ -786,7 +786,7 @@ int ch_state = 0; - int ch; - int linelength = 0; - --while ((ch = (receive_getc)()) != EOF) -+while ((ch = (receive_getc)(GETC_BUFFER_UNLIMITED)) != EOF) - { - if (ch == 0) body_zerocount++; - switch (ch_state) -@@ -913,7 +913,7 @@ read_message_bdat_smtp(FILE *fout) - int ch; - int linelength = 0; - --for (;;) switch (ch = bdat_getc()) -+for (;;) switch (ch = bdat_getc(GETC_BUFFER_UNLIMITED)) - { - case EOF: return END_EOF; - case EOD: return END_DOT; -@@ -1682,7 +1682,7 @@ next->text. */ - - for (;;) - { -- int ch = (receive_getc)(); -+ int ch = (receive_getc)(GETC_BUFFER_UNLIMITED); - - /* If we hit EOF on a SMTP connection, it's an error, since incoming - SMTP must have a correct "." terminator. */ -@@ -1761,10 +1761,10 @@ for (;;) - - if (ptr == 0 && ch == '.' && (smtp_input || dot_ends)) - { -- ch = (receive_getc)(); -+ ch = (receive_getc)(GETC_BUFFER_UNLIMITED); - if (ch == '\r') - { -- ch = (receive_getc)(); -+ ch = (receive_getc)(GETC_BUFFER_UNLIMITED); - if (ch != '\n') - { - receive_ungetc(ch); -@@ -1795,7 +1795,7 @@ for (;;) - - if (ch == '\r') - { -- ch = (receive_getc)(); -+ ch = (receive_getc)(GETC_BUFFER_UNLIMITED); - if (ch == '\n') - { - if (first_line_ended_crlf == TRUE_UNSET) first_line_ended_crlf = TRUE; -@@ -1890,7 +1890,7 @@ for (;;) - - if (ch != EOF) - { -- int nextch = (receive_getc)(); -+ int nextch = (receive_getc)(GETC_BUFFER_UNLIMITED); - if (nextch == ' ' || nextch == '\t') - { - next->text[ptr++] = nextch; -@@ -4024,7 +4024,7 @@ if (smtp_input && sender_host_address != NULL && !sender_host_notsocket && - - if (select(fileno(smtp_in) + 1, &select_check, NULL, NULL, &tv) != 0) - { -- int c = (receive_getc)(); -+ int c = (receive_getc)(GETC_BUFFER_UNLIMITED); - if (c != EOF) (receive_ungetc)(c); else - { - smtp_notquit_exit(US"connection-lost", NULL, NULL); -diff --git a/src/smtp_in.c b/src/smtp_in.c -index 1484861..82900d9 100644 ---- a/src/smtp_in.c -+++ b/src/smtp_in.c -@@ -44,11 +44,11 @@ The maximum size of a Kerberos ticket under Windows 2003 is 12000 bytes, and - we need room to handle large base64-encoded AUTHs for GSSAPI. - */ - --#define smtp_cmd_buffer_size 16384 -+#define SMTP_CMD_BUFFER_SIZE 16384 - - /* Size of buffer for reading SMTP incoming packets */ - --#define in_buffer_size 8192 -+#define IN_BUFFER_SIZE 8192 - - /* Structure for SMTP command list */ - -@@ -301,7 +301,7 @@ static int smtp_had_error; - - /* forward declarations */ - int bdat_ungetc(int ch); --static int smtp_read_command(BOOL check_sync); -+static int smtp_read_command(BOOL check_sync, unsigned buffer_lim); - static int synprot_error(int type, int code, uschar *data, uschar *errmess); - static void smtp_quit_handler(uschar **, uschar **); - static void smtp_rset_handler(void); -@@ -315,12 +315,12 @@ it flushes the output, and refills the buffer, with a timeout. The signal - handler is set appropriately by the calling function. This function is not used - after a connection has negotated itself into an TLS/SSL state. - --Arguments: none -+Arguments: lim Maximum amount to read/buffer - Returns: the next character or EOF - */ - - int --smtp_getc(void) -+smtp_getc(unsigned lim) - { - if (smtp_inptr >= smtp_inend) - { -@@ -328,7 +328,10 @@ if (smtp_inptr >= smtp_inend) - if (!smtp_out) return EOF; - fflush(smtp_out); - if (smtp_receive_timeout > 0) alarm(smtp_receive_timeout); -- rc = read(fileno(smtp_in), smtp_inbuffer, in_buffer_size); -+ -+ /* Limit amount read, so non-message data is not fed to DKIM */ -+ -+ rc = read(fileno(smtp_in), smtp_inbuffer, MIN(IN_BUFFER_SIZE, lim)); - save_errno = errno; - alarm(0); - if (rc <= 0) -@@ -376,23 +379,26 @@ to handle the BDAT command/response. - Placed here due to the correlation with the above smtp_getc(), which it wraps, - and also by the need to do smtp command/response handling. - --Arguments: none -+Arguments: lim (ignored) - Returns: the next character or ERR, EOD or EOF - */ - - int --bdat_getc(void) -+bdat_getc(unsigned lim) - { - uschar * user_msg = NULL; - uschar * log_msg; - - for(;;) - { -- if (chunking_data_left-- > 0) -- return lwr_receive_getc(); -+ if (chunking_data_left > 0) -+ return lwr_receive_getc(chunking_data_left--); - - receive_getc = lwr_receive_getc; - receive_ungetc = lwr_receive_ungetc; -+#ifndef DISABLE_DKIM -+ dkim_collect_input = FALSE; -+#endif - - /* If not the last, ack the received chunk. The last response is delayed - until after the data ACL decides on it */ -@@ -405,21 +411,22 @@ for(;;) - return EOD; - } - -- chunking_state = CHUNKING_OFFERED; - smtp_printf("250 %u byte chunk received\r\n", chunking_datasize); -+ chunking_state = CHUNKING_OFFERED; -+ DEBUG(D_receive) debug_printf("chunking state %d\n", (int)chunking_state); - - /* Expect another BDAT cmd from input. RFC 3030 says nothing about - QUIT, RSET or NOOP but handling them seems obvious */ - - next_cmd: -- switch(smtp_read_command(TRUE)) -+ switch(smtp_read_command(TRUE, 1)) - { - default: - (void) synprot_error(L_smtp_protocol_error, 503, NULL, - US"only BDAT permissible after non-LAST BDAT"); - - repeat_until_rset: -- switch(smtp_read_command(TRUE)) -+ switch(smtp_read_command(TRUE, 1)) - { - case QUIT_CMD: smtp_quit_handler(&user_msg, &log_msg); /*FALLTHROUGH */ - case EOF_CMD: return EOF; -@@ -458,6 +465,8 @@ next_cmd: - chunking_state = strcmpic(smtp_cmd_data+n, US"LAST") == 0 - ? CHUNKING_LAST : CHUNKING_ACTIVE; - chunking_data_left = chunking_datasize; -+ DEBUG(D_receive) debug_printf("chunking state %d, %d bytes\n", -+ (int)chunking_state, chunking_data_left); - - if (chunking_datasize == 0) - if (chunking_state == CHUNKING_LAST) -@@ -471,6 +480,9 @@ next_cmd: - - receive_getc = bdat_getc; - receive_ungetc = bdat_ungetc; -+#ifndef DISABLE_DKIM -+ dkim_collect_input = TRUE; -+#endif - break; /* to top of main loop */ - } - } -@@ -480,15 +492,18 @@ next_cmd: - static void - bdat_flush_data(void) - { --while (chunking_data_left-- > 0) -- if (lwr_receive_getc() < 0) -+while (chunking_data_left > 0) -+ if (lwr_receive_getc(chunking_data_left--) < 0) - break; - - receive_getc = lwr_receive_getc; - receive_ungetc = lwr_receive_ungetc; - - if (chunking_state != CHUNKING_LAST) -+ { - chunking_state = CHUNKING_OFFERED; -+ DEBUG(D_receive) debug_printf("chunking state %d\n", (int)chunking_state); -+ } - } - - -@@ -1126,13 +1141,14 @@ signal handler that closes down the session on a timeout. Control does not - return when it runs. - - Arguments: -- check_sync if TRUE, check synchronization rules if global option is TRUE -+ check_sync if TRUE, check synchronization rules if global option is TRUE -+ buffer_lim maximum to buffer in lower layer - - Returns: a code identifying the command (enumerated above) - */ - - static int --smtp_read_command(BOOL check_sync) -+smtp_read_command(BOOL check_sync, unsigned buffer_lim) - { - int c; - int ptr = 0; -@@ -1141,9 +1157,9 @@ BOOL hadnull = FALSE; - - os_non_restarting_signal(SIGALRM, command_timeout_handler); - --while ((c = (receive_getc)()) != '\n' && c != EOF) -+while ((c = (receive_getc)(buffer_lim)) != '\n' && c != EOF) - { -- if (ptr >= smtp_cmd_buffer_size) -+ if (ptr >= SMTP_CMD_BUFFER_SIZE) - { - os_non_restarting_signal(SIGALRM, sigalrm_handler); - return OTHER_CMD; -@@ -1301,7 +1317,7 @@ tzero.tv_usec = 0; - rc = select(fd + 1, (SELECT_ARG2_TYPE *)&fds, NULL, NULL, &tzero); - - if (rc <= 0) return TRUE; /* Not ready to read */ --rc = smtp_getc(); -+rc = smtp_getc(GETC_BUFFER_UNLIMITED); - if (rc < 0) return TRUE; /* End of file or error */ - - smtp_ungetc(rc); -@@ -1337,7 +1353,7 @@ if (smtp_in == NULL || smtp_batched_input) return; - receive_swallow_smtp(); - smtp_printf("421 %s\r\n", message); - --for (;;) switch(smtp_read_command(FALSE)) -+for (;;) switch(smtp_read_command(FALSE, GETC_BUFFER_UNLIMITED)) - { - case EOF_CMD: - return; -@@ -1781,7 +1797,7 @@ while (done <= 0) - uschar *recipient = NULL; - int start, end, sender_domain, recipient_domain; - -- switch(smtp_read_command(FALSE)) -+ switch(smtp_read_command(FALSE, GETC_BUFFER_UNLIMITED)) - { - /* The HELO/EHLO commands set sender_address_helo if they have - valid data; otherwise they are ignored, except that they do -@@ -2040,12 +2056,12 @@ acl_var_c = NULL; - - /* Allow for trailing 0 in the command and data buffers. */ - --if (!(smtp_cmd_buffer = US malloc(2*smtp_cmd_buffer_size + 2))) -+if (!(smtp_cmd_buffer = US malloc(2*SMTP_CMD_BUFFER_SIZE + 2))) - log_write(0, LOG_MAIN|LOG_PANIC_DIE, - "malloc() failed for SMTP command buffer"); - - smtp_cmd_buffer[0] = 0; --smtp_data_buffer = smtp_cmd_buffer + smtp_cmd_buffer_size + 1; -+smtp_data_buffer = smtp_cmd_buffer + SMTP_CMD_BUFFER_SIZE + 1; - - /* For batched input, the protocol setting can be overridden from the - command line by a trusted caller. */ -@@ -2065,7 +2081,7 @@ else - /* Set up the buffer for inputting using direct read() calls, and arrange to - call the local functions instead of the standard C ones. */ - --if (!(smtp_inbuffer = (uschar *)malloc(in_buffer_size))) -+if (!(smtp_inbuffer = (uschar *)malloc(IN_BUFFER_SIZE))) - log_write(0, LOG_MAIN|LOG_PANIC_DIE, "malloc() failed for SMTP input buffer"); - - receive_getc = smtp_getc; -@@ -3550,7 +3566,7 @@ while (done <= 0) - US &off, sizeof(off)); - #endif - -- switch(smtp_read_command(TRUE)) -+ switch(smtp_read_command(TRUE, GETC_BUFFER_UNLIMITED)) - { - /* The AUTH command is not permitted to occur inside a transaction, and may - occur successfully only once per connection. Actually, that isn't quite -@@ -4750,14 +4766,14 @@ while (done <= 0) - chunking_state = strcmpic(smtp_cmd_data+n, US"LAST") == 0 - ? CHUNKING_LAST : CHUNKING_ACTIVE; - chunking_data_left = chunking_datasize; -+ DEBUG(D_receive) debug_printf("chunking state %d, %d bytes\n", -+ (int)chunking_state, chunking_data_left); - - lwr_receive_getc = receive_getc; - lwr_receive_ungetc = receive_ungetc; - receive_getc = bdat_getc; - receive_ungetc = bdat_ungetc; - -- DEBUG(D_any) -- debug_printf("chunking state %d\n", (int)chunking_state); - goto DATA_BDAT; - } - -@@ -4973,7 +4989,7 @@ while (done <= 0) - It seems safest to just wipe away the content rather than leave it as a - target to jump to. */ - -- memset(smtp_inbuffer, 0, in_buffer_size); -+ memset(smtp_inbuffer, 0, IN_BUFFER_SIZE); - - /* Attempt to start up a TLS session, and if successful, discard all - knowledge that was obtained previously. At least, that's what the RFC says, -@@ -5027,7 +5043,7 @@ while (done <= 0) - set, but we must still reject all incoming commands. */ - - DEBUG(D_tls) debug_printf("TLS failed to start\n"); -- while (done <= 0) switch(smtp_read_command(FALSE)) -+ while (done <= 0) switch(smtp_read_command(FALSE, GETC_BUFFER_UNLIMITED)) - { - case EOF_CMD: - log_write(L_smtp_connection, LOG_MAIN, "%s closed by EOF", -@@ -5315,8 +5331,8 @@ while (done <= 0) - - case BADSYN_CMD: - SYNC_FAILURE: -- if (smtp_inend >= smtp_inbuffer + in_buffer_size) -- smtp_inend = smtp_inbuffer + in_buffer_size - 1; -+ if (smtp_inend >= smtp_inbuffer + IN_BUFFER_SIZE) -+ smtp_inend = smtp_inbuffer + IN_BUFFER_SIZE - 1; - c = smtp_inend - smtp_inptr; - if (c > 150) c = 150; - smtp_inptr[c] = 0; -diff --git a/src/tls-gnu.c b/src/tls-gnu.c -index 10bfaca..181dde4 100644 ---- a/src/tls-gnu.c -+++ b/src/tls-gnu.c -@@ -2158,12 +2158,12 @@ Only used by the server-side TLS. - - This feeds DKIM and should be used for all message-body reads. - --Arguments: none -+Arguments: lim Maximum amount to read/bufffer - Returns: the next character or EOF - */ - - int --tls_getc(void) -+tls_getc(unsigned lim) - { - exim_gnutls_state_st *state = &state_server; - if (state->xfer_buffer_lwm >= state->xfer_buffer_hwm) -@@ -2175,7 +2175,7 @@ if (state->xfer_buffer_lwm >= state->xfer_buffer_hwm) - - if (smtp_receive_timeout > 0) alarm(smtp_receive_timeout); - inbytes = gnutls_record_recv(state->session, state->xfer_buffer, -- ssl_xfer_buffer_size); -+ MIN(ssl_xfer_buffer_size, lim)); - alarm(0); - - /* Timeouts do not get this far; see command_timeout_handler(). -@@ -2213,7 +2213,7 @@ if (state->xfer_buffer_lwm >= state->xfer_buffer_hwm) - state->tlsp->peercert = NULL; - state->tlsp->peerdn = NULL; - -- return smtp_getc(); -+ return smtp_getc(lim); - } - - /* Handle genuine errors */ -diff --git a/src/tls-openssl.c b/src/tls-openssl.c -index d9426ac..0ac7d03 100644 ---- a/src/tls-openssl.c -+++ b/src/tls-openssl.c -@@ -2360,14 +2360,14 @@ return OK; - /* This gets the next byte from the TLS input buffer. If the buffer is empty, - it refills the buffer via the SSL reading function. - --Arguments: none -+Arguments: lim Maximum amount to read/buffer - Returns: the next character or EOF - - Only used by the server-side TLS. - */ - - int --tls_getc(void) -+tls_getc(unsigned lim) - { - if (ssl_xfer_buffer_lwm >= ssl_xfer_buffer_hwm) - { -@@ -2378,7 +2378,8 @@ if (ssl_xfer_buffer_lwm >= ssl_xfer_buffer_hwm) - ssl_xfer_buffer, ssl_xfer_buffer_size); - - if (smtp_receive_timeout > 0) alarm(smtp_receive_timeout); -- inbytes = SSL_read(server_ssl, CS ssl_xfer_buffer, ssl_xfer_buffer_size); -+ inbytes = SSL_read(server_ssl, CS ssl_xfer_buffer, -+ MIN(ssl_xfer_buffer_size, lim)); - error = SSL_get_error(server_ssl, inbytes); - alarm(0); - -@@ -2405,7 +2406,7 @@ if (ssl_xfer_buffer_lwm >= ssl_xfer_buffer_hwm) - tls_in.peerdn = NULL; - tls_in.sni = NULL; - -- return smtp_getc(); -+ return smtp_getc(lim); - } - - /* Handle genuine errors */ diff --git a/exim-4.88-config.patch b/exim-4.89-config.patch similarity index 89% rename from exim-4.88-config.patch rename to exim-4.89-config.patch index 40baabd..3976531 100644 --- a/exim-4.88-config.patch +++ b/exim-4.89-config.patch @@ -1,4 +1,4 @@ -diff --git a/src/scripts/Configure-Makefile b/src/scripts/Configure-Makefile +diff --git a/scripts/Configure-Makefile b/scripts/Configure-Makefile index 3e486a6..6c4afec 100755 --- a/scripts/Configure-Makefile +++ b/scripts/Configure-Makefile @@ -11,8 +11,8 @@ index 3e486a6..6c4afec 100755 echo "PERL_LIBS=`$PERL_COMMAND -MExtUtils::Embed -e ldopts`" >>$mft echo "" >>$mft cat $mftt >> $mft -diff --git a/src/src/EDITME b/src/src/EDITME -index 6929346..5a08197 100644 +diff --git a/src/EDITME b/src/EDITME +index df74aac..0caf02d 100644 --- a/src/EDITME +++ b/src/EDITME @@ -98,7 +98,7 @@ @@ -123,7 +123,7 @@ index 6929346..5a08197 100644 #------------------------------------------------------------------------------ -@@ -622,16 +624,14 @@ FIXED_NEVER_USERS=root +@@ -622,17 +624,14 @@ FIXED_NEVER_USERS=root # included in the Exim binary. You will then need to set up the run time # configuration to make use of the mechanism(s) selected. @@ -134,6 +134,7 @@ index 6929346..5a08197 100644 -# AUTH_GSASL_PC=libgsasl -# AUTH_HEIMDAL_GSSAPI=yes -# AUTH_HEIMDAL_GSSAPI_PC=heimdal-gssapi +-# AUTH_HEIMDAL_GSSAPI_PC=heimdal-gssapi heimdal-krb5 -# AUTH_PLAINTEXT=yes -# AUTH_SPA=yes -# AUTH_TLS=yes @@ -146,9 +147,9 @@ index 6929346..5a08197 100644 +AUTH_SPA=yes +AUTH_TLS=yes - - #------------------------------------------------------------------------------ -@@ -652,7 +652,7 @@ FIXED_NEVER_USERS=root + # Heimdal through 1.5 required pkg-config 'heimdal-gssapi'; Heimdal 7.1 + # requires multiple pkg-config files to work with Exim, so the second example +@@ -656,7 +655,7 @@ FIXED_NEVER_USERS=root # one that is set in the headers_charset option. The default setting is # defined by this setting: @@ -157,7 +158,7 @@ index 6929346..5a08197 100644 # If you are going to make use of $header_xxx expansions in your configuration # file, or if your users are going to use them in filter files, and the normal -@@ -672,7 +672,7 @@ HEADERS_CHARSET="ISO-8859-1" +@@ -676,7 +675,7 @@ HEADERS_CHARSET="ISO-8859-1" # the Sieve filter support. For those OS where iconv() is known to be installed # as standard, the file in OS/Makefile-xxxx contains # @@ -166,7 +167,7 @@ index 6929346..5a08197 100644 # # If you are not using one of those systems, but have installed iconv(), you # need to uncomment that line above. In some cases, you may find that iconv() -@@ -734,11 +734,11 @@ HEADERS_CHARSET="ISO-8859-1" +@@ -745,11 +744,11 @@ HEADERS_CHARSET="ISO-8859-1" # leave these settings commented out. # This setting is required for any TLS support (either OpenSSL or GnuTLS) @@ -181,7 +182,7 @@ index 6929346..5a08197 100644 # Uncomment the first and either the second or the third of these if you # are using GnuTLS. If you have pkg-config, then the second, else the third. -@@ -807,7 +807,7 @@ HEADERS_CHARSET="ISO-8859-1" +@@ -818,7 +817,7 @@ HEADERS_CHARSET="ISO-8859-1" # Once you have done this, "make install" will build the info files and # install them in the directory you have defined. @@ -190,7 +191,7 @@ index 6929346..5a08197 100644 #------------------------------------------------------------------------------ -@@ -820,7 +820,7 @@ HEADERS_CHARSET="ISO-8859-1" +@@ -831,7 +830,7 @@ HEADERS_CHARSET="ISO-8859-1" # %s. This will be replaced by one of the strings "main", "panic", or "reject" # to form the final file names. Some installations may want something like this: @@ -199,7 +200,7 @@ index 6929346..5a08197 100644 # which results in files with names /var/log/exim_mainlog, etc. The directory # in which the log files are placed must exist; Exim does not try to create -@@ -892,7 +892,7 @@ ZCAT_COMMAND=/usr/bin/zcat +@@ -903,7 +902,7 @@ ZCAT_COMMAND=/usr/bin/zcat # (version 5.004 or later) installed, set EXIM_PERL to perl.o. Using embedded # Perl costs quite a lot of resources. Only do this if you really need it. @@ -208,7 +209,7 @@ index 6929346..5a08197 100644 #------------------------------------------------------------------------------ -@@ -902,7 +902,7 @@ ZCAT_COMMAND=/usr/bin/zcat +@@ -913,7 +912,7 @@ ZCAT_COMMAND=/usr/bin/zcat # that the local_scan API is made available by the linker. You may also need # to add -ldl to EXTRALIBS so that dlopen() is available to Exim. @@ -217,7 +218,7 @@ index 6929346..5a08197 100644 #------------------------------------------------------------------------------ -@@ -912,7 +912,7 @@ ZCAT_COMMAND=/usr/bin/zcat +@@ -923,7 +922,7 @@ ZCAT_COMMAND=/usr/bin/zcat # support, which is intended for use in conjunction with the SMTP AUTH # facilities, is included only when requested by the following setting: @@ -226,7 +227,7 @@ index 6929346..5a08197 100644 # You probably need to add -lpam to EXTRALIBS, and in some releases of # GNU/Linux -ldl is also needed. -@@ -1006,7 +1006,7 @@ ZCAT_COMMAND=/usr/bin/zcat +@@ -1021,7 +1020,7 @@ ZCAT_COMMAND=/usr/bin/zcat # group. Once you have installed saslauthd, you should arrange for it to be # started by root at boot time. @@ -235,7 +236,7 @@ index 6929346..5a08197 100644 #------------------------------------------------------------------------------ -@@ -1019,9 +1019,9 @@ ZCAT_COMMAND=/usr/bin/zcat +@@ -1034,9 +1033,9 @@ ZCAT_COMMAND=/usr/bin/zcat # You may well also have to specify a local "include" file and an additional # library for TCP wrappers, so you probably need something like this: # @@ -248,7 +249,7 @@ index 6929346..5a08197 100644 # # but of course there may need to be other things in CFLAGS and EXTRALIBS_EXIM # as well. -@@ -1073,7 +1073,7 @@ SYSTEM_ALIASES_FILE=/etc/aliases +@@ -1088,7 +1087,7 @@ SYSTEM_ALIASES_FILE=/etc/aliases # is "yes", as well as supporting line editing, a history of input lines in the # current run is maintained. @@ -257,7 +258,7 @@ index 6929346..5a08197 100644 # You may need to add -ldl to EXTRALIBS when you set USE_READLINE=yes. # Note that this option adds to the size of the Exim binary, because the -@@ -1083,7 +1083,7 @@ SYSTEM_ALIASES_FILE=/etc/aliases +@@ -1098,7 +1097,7 @@ SYSTEM_ALIASES_FILE=/etc/aliases #------------------------------------------------------------------------------ # Uncomment this setting to include IPv6 support. @@ -266,7 +267,7 @@ index 6929346..5a08197 100644 ############################################################################### # THINGS YOU ALMOST NEVER NEED TO MENTION # -@@ -1104,13 +1104,13 @@ SYSTEM_ALIASES_FILE=/etc/aliases +@@ -1119,13 +1118,13 @@ SYSTEM_ALIASES_FILE=/etc/aliases # haven't got Perl, Exim will still build and run; you just won't be able to # use those utilities. @@ -287,7 +288,7 @@ index 6929346..5a08197 100644 #------------------------------------------------------------------------------ -@@ -1312,7 +1312,7 @@ EXIM_TMPDIR="/tmp" +@@ -1327,7 +1326,7 @@ EXIM_TMPDIR="/tmp" # (process id) to a file so that it can easily be identified. The path of the # file can be specified here. Some installations may want something like this: diff --git a/exim-4.88-dlopen-localscan.patch b/exim-4.89-dlopen-localscan.patch similarity index 97% rename from exim-4.88-dlopen-localscan.patch rename to exim-4.89-dlopen-localscan.patch index d641f09..3e94d2e 100644 --- a/exim-4.88-dlopen-localscan.patch +++ b/exim-4.89-dlopen-localscan.patch @@ -1,8 +1,8 @@ diff --git a/src/EDITME b/src/EDITME -index 5a08197..3921db6 100644 +index 0caf02d..6957546 100644 --- a/src/EDITME +++ b/src/EDITME -@@ -792,6 +792,20 @@ TLS_LIBS=-lssl -lcrypto +@@ -802,6 +802,20 @@ TLS_LIBS=-lssl -lcrypto #------------------------------------------------------------------------------ @@ -24,7 +24,7 @@ index 5a08197..3921db6 100644 # documentation. Other forms are available separately. If you want to install # the documentation in "info" format, first fetch the Texinfo documentation diff --git a/src/config.h.defaults b/src/config.h.defaults -index bafdc1b..c6ba256 100644 +index 58e1813..9b18f98 100644 --- a/src/config.h.defaults +++ b/src/config.h.defaults @@ -28,6 +28,8 @@ it's a default value. */ @@ -37,7 +37,7 @@ index bafdc1b..c6ba256 100644 #define CONFIGURE_FILE diff --git a/src/globals.c b/src/globals.c -index f83d850..c722059 100644 +index 79ac37f..b7d690f 100644 --- a/src/globals.c +++ b/src/globals.c @@ -167,6 +167,10 @@ uschar *tls_verify_hosts = NULL; @@ -52,7 +52,7 @@ index f83d850..c722059 100644 /* Per Recipient Data Response variables */ BOOL prdr_enable = FALSE; diff --git a/src/globals.h b/src/globals.h -index b3747a8..e3dd507 100644 +index 340f1ae..4b65781 100644 --- a/src/globals.h +++ b/src/globals.h @@ -126,6 +126,11 @@ extern uschar *tls_try_verify_hosts; /* Optional client verification */ @@ -251,10 +251,10 @@ index 3500047..8599172 100644 + /* End of local_scan.c */ diff --git a/src/readconf.c b/src/readconf.c -index b2a3c73..6f2efa0 100644 +index 790f073..6e88bcd 100644 --- a/src/readconf.c +++ b/src/readconf.c -@@ -314,6 +314,9 @@ static optionlist optionlist_config[] = { +@@ -318,6 +318,9 @@ static optionlist optionlist_config[] = { { "local_from_prefix", opt_stringptr, &local_from_prefix }, { "local_from_suffix", opt_stringptr, &local_from_suffix }, { "local_interfaces", opt_stringptr, &local_interfaces }, diff --git a/exim-4.87-environment.patch b/exim-4.89-environment.patch similarity index 83% rename from exim-4.87-environment.patch rename to exim-4.89-environment.patch index e0ea3ed..c579b72 100644 --- a/exim-4.87-environment.patch +++ b/exim-4.89-environment.patch @@ -2,7 +2,7 @@ diff --git a/src/configure.default b/src/configure.default --- a/src/configure.default +++ b/src/configure.default @@ -357,8 +357,8 @@ timeout_frozen_after = 7d - # Note that TZ is handled separateley by the timezone runtime option + # Note that TZ is handled separately by the timezone runtime option # and TIMEZONE_DEFAULT buildtime option. -# keep_environment = ^LDAP diff --git a/exim.spec b/exim.spec index 399ee37..1ecad8a 100644 --- a/exim.spec +++ b/exim.spec @@ -13,8 +13,8 @@ Summary: The exim mail transfer agent Name: exim -Version: 4.88 -Release: 4%{?dist} +Version: 4.89 +Release: 1%{?dist} License: GPLv2+ Url: http://www.exim.org/ Group: System Environment/Daemons @@ -30,7 +30,7 @@ Requires: initscripts %endif BuildRequires: clamav-devel %endif -Source: ftp://ftp.exim.org/pub/exim/exim4/exim-%{version}.tar.bz2 +Source: ftp://ftp.exim.org/pub/exim/exim4/exim-%{version}.tar.xz Source2: exim.init Source3: exim.sysconfig Source4: exim.logrotate @@ -47,12 +47,12 @@ Source25: exim-gen-cert Source26: clamd.exim.service Patch4: exim-4.88-rhl.patch -Patch6: exim-4.88-config.patch +Patch6: exim-4.89-config.patch Patch8: exim-4.82-libdir.patch Patch12: exim-4.88-cyrus.patch Patch13: exim-4.88-pamconfig.patch Patch14: exim-4.87-spamdconf.patch -Patch18: exim-4.88-dlopen-localscan.patch +Patch18: exim-4.89-dlopen-localscan.patch Patch19: exim-4.88-procmail.patch Patch20: exim-4.88-allow-filter.patch Patch21: exim-4.87-localhost-is-local.patch @@ -61,10 +61,7 @@ Patch23: exim-4.88-smarthost-config.patch Patch25: exim-4.87-dynlookup-config.patch # Upstream ticket: http://bugs.exim.org/show_bug.cgi?id=1584 Patch26: exim-4.85-pic.patch -Patch27: exim-4.87-environment.patch -# Upstream ticket: https://bugs.exim.org/show_bug.cgi?id=2016 -# Upsream patch: https://git.exim.org/exim.git/patch/bd8fbe3606d80e5a3fc02fe71b521146c6938448 -Patch28: exim-4.88-DKIM-fix.patch +Patch27: exim-4.89-environment.patch Requires: /etc/pki/tls/certs /etc/pki/tls/private Requires: /etc/aliases @@ -211,7 +208,6 @@ greylisting unconditional. %patch25 -p1 -b .dynconfig %patch26 -p1 -b .fpic %patch27 -p1 -b .environment -%patch28 -p1 -b .DKIM-fix cp src/EDITME Local/Makefile sed -i 's@^# LOOKUP_MODULE_DIR=.*@LOOKUP_MODULE_DIR=%{_libdir}/exim/%{version}-%{release}/lookups@' Local/Makefile @@ -592,6 +588,12 @@ test "$1" = 0 || %{_initrddir}/clamd.exim condrestart >/dev/null 2>&1 || : %{_sysconfdir}/cron.daily/greylist-tidy.sh %changelog +* Wed Mar 8 2017 Jaroslav Škarvada - 4.89-1 +- New version + Resolves: rhbz#1430156 +- Switched to xz archive +- Dropped DKIM-fix patch (already upstream) + * Fri Feb 10 2017 Fedora Release Engineering - 4.88-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild diff --git a/sources b/sources index c9e82cb..2360d71 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (exim-4.88.tar.bz2) = ea094bf703628c201de119fc5f09539475e52158e935f8f2a9e4138c4a1bfe885017145c3cc5e22aa9087b195091955c69385ebf1ea0baec64ed5c1b8e3b1caf +SHA512 (exim-4.89.tar.xz) = ce5faef3847a5baf1b4fec1ffe46ce7efaafb24e63bcc52a61f38e8312a88eccaa816c3947ba428bef3eed38b1e91e606f6ed07bc0a3e14c6a6ed0ecb41eb9fa From 414a36e32f930eae91b58e4997767fdb5867aa9e Mon Sep 17 00:00:00 2001 From: Jitka Plesnikova Date: Sun, 4 Jun 2017 09:42:47 +0200 Subject: [PATCH 157/194] Perl 5.26 rebuild --- exim.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/exim.spec b/exim.spec index 1ecad8a..296a2d2 100644 --- a/exim.spec +++ b/exim.spec @@ -14,7 +14,7 @@ Summary: The exim mail transfer agent Name: exim Version: 4.89 -Release: 1%{?dist} +Release: 2%{?dist} License: GPLv2+ Url: http://www.exim.org/ Group: System Environment/Daemons @@ -588,6 +588,9 @@ test "$1" = 0 || %{_initrddir}/clamd.exim condrestart >/dev/null 2>&1 || : %{_sysconfdir}/cron.daily/greylist-tidy.sh %changelog +* Sun Jun 04 2017 Jitka Plesnikova - 4.89-2 +- Perl 5.26 rebuild + * Wed Mar 8 2017 Jaroslav Škarvada - 4.89-1 - New version Resolves: rhbz#1430156 From e9cb5fb734a61bfca667616c5130dee4f675104b Mon Sep 17 00:00:00 2001 From: Fedora Release Engineering Date: Wed, 26 Jul 2017 07:54:52 +0000 Subject: [PATCH 158/194] - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild --- exim.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/exim.spec b/exim.spec index 296a2d2..8bae6be 100644 --- a/exim.spec +++ b/exim.spec @@ -14,7 +14,7 @@ Summary: The exim mail transfer agent Name: exim Version: 4.89 -Release: 2%{?dist} +Release: 3%{?dist} License: GPLv2+ Url: http://www.exim.org/ Group: System Environment/Daemons @@ -588,6 +588,9 @@ test "$1" = 0 || %{_initrddir}/clamd.exim condrestart >/dev/null 2>&1 || : %{_sysconfdir}/cron.daily/greylist-tidy.sh %changelog +* Wed Jul 26 2017 Fedora Release Engineering - 4.89-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild + * Sun Jun 04 2017 Jitka Plesnikova - 4.89-2 - Perl 5.26 rebuild From 432c8d9686e890711d144a5c1e43fbdc38e7c08b Mon Sep 17 00:00:00 2001 From: Fedora Release Engineering Date: Wed, 2 Aug 2017 20:22:55 +0000 Subject: [PATCH 159/194] - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild --- exim.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/exim.spec b/exim.spec index 8bae6be..dcdb1c0 100644 --- a/exim.spec +++ b/exim.spec @@ -14,7 +14,7 @@ Summary: The exim mail transfer agent Name: exim Version: 4.89 -Release: 3%{?dist} +Release: 4%{?dist} License: GPLv2+ Url: http://www.exim.org/ Group: System Environment/Daemons @@ -588,6 +588,9 @@ test "$1" = 0 || %{_initrddir}/clamd.exim condrestart >/dev/null 2>&1 || : %{_sysconfdir}/cron.daily/greylist-tidy.sh %changelog +* Wed Aug 02 2017 Fedora Release Engineering - 4.89-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild + * Wed Jul 26 2017 Fedora Release Engineering - 4.89-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild From 1063b058b4844fbc9cca7ca75509191c9c536061 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jaroslav=20=C5=A0karvada?= Date: Fri, 18 Aug 2017 16:46:12 +0200 Subject: [PATCH 160/194] Fixed compilation with the mariadb-10.2 Resolves: rhbz#1467312 Fixed multiple memory leaks Resolves: CVE-2017-1000369 Fixed typo causing exim-clamav to create /0750 directory Resolves: rhbz#1412028 On callout avoid SIZE option when doing recipient verification with caching enabled Resolves: rhbz#1482217 Fixed some minor whitespace problems in the spec --- exim-4.89-CVE-2017-1000369.patch | 37 ++ exim-4.89-calloutsize.patch | 524 +++++++++++++++++++++++ exim-4.89-mariadb-10.2-compile-fix.patch | 10 + exim.spec | 31 +- 4 files changed, 598 insertions(+), 4 deletions(-) create mode 100644 exim-4.89-CVE-2017-1000369.patch create mode 100644 exim-4.89-calloutsize.patch create mode 100644 exim-4.89-mariadb-10.2-compile-fix.patch diff --git a/exim-4.89-CVE-2017-1000369.patch b/exim-4.89-CVE-2017-1000369.patch new file mode 100644 index 0000000..fd1e7f3 --- /dev/null +++ b/exim-4.89-CVE-2017-1000369.patch @@ -0,0 +1,37 @@ +diff --git a/src/exim.c b/src/exim.c +index a6a1ea8..394bf84 100644 +--- a/src/exim.c ++++ b/src/exim.c +@@ -3092,7 +3092,14 @@ for (i = 1; i < argc; i++) + + /* -oMr: Received protocol */ + +- else if (Ustrcmp(argrest, "Mr") == 0) received_protocol = argv[++i]; ++ else if (Ustrcmp(argrest, "Mr") == 0) ++ ++ if (received_protocol) ++ { ++ fprintf(stderr, "received_protocol is set already\n"); ++ exit(EXIT_FAILURE); ++ } ++ else received_protocol = argv[++i]; + + /* -oMs: Set sender host name */ + +@@ -3188,7 +3195,15 @@ for (i = 1; i < argc; i++) + + if (*argrest != 0) + { +- uschar *hn = Ustrchr(argrest, ':'); ++ uschar *hn; ++ ++ if (received_protocol) ++ { ++ fprintf(stderr, "received_protocol is set already\n"); ++ exit(EXIT_FAILURE); ++ } ++ ++ hn = Ustrchr(argrest, ':'); + if (hn == NULL) + { + received_protocol = argrest; diff --git a/exim-4.89-calloutsize.patch b/exim-4.89-calloutsize.patch new file mode 100644 index 0000000..02f8aba --- /dev/null +++ b/exim-4.89-calloutsize.patch @@ -0,0 +1,524 @@ +--- exim-4.89/src/exim.c.calloutsize 2017-03-04 16:21:35.000000000 -0500 ++++ exim-4.89/src/exim.c 2017-08-16 15:52:41.424866990 -0400 +@@ -2738,7 +2738,7 @@ + /* -MCD: set the smtp_use_dsn flag; this indicates that the host + that exim is connected to supports the esmtp extension DSN */ + +- case 'D': smtp_peer_options |= PEER_OFFERED_DSN; break; ++ case 'D': smtp_peer_options |= OPTION_DSN; break; + + /* -MCG: set the queue name, to a non-default value */ + +@@ -2748,12 +2748,12 @@ + + /* -MCK: the peer offered CHUNKING. Must precede -MC */ + +- case 'K': smtp_peer_options |= PEER_OFFERED_CHUNKING; break; ++ case 'K': smtp_peer_options |= OPTION_CHUNKING; break; + + /* -MCP: set the smtp_use_pipelining flag; this is useful only when + it preceded -MC (see above) */ + +- case 'P': smtp_peer_options |= PEER_OFFERED_PIPE; break; ++ case 'P': smtp_peer_options |= OPTION_PIPE; break; + + /* -MCQ: pass on the pid of the queue-running process that started + this chain of deliveries and the fd of its synchronizing pipe; this +@@ -2768,14 +2768,14 @@ + /* -MCS: set the smtp_use_size flag; this is useful only when it + precedes -MC (see above) */ + +- case 'S': smtp_peer_options |= PEER_OFFERED_SIZE; break; ++ case 'S': smtp_peer_options |= OPTION_SIZE; break; + + #ifdef SUPPORT_TLS + /* -MCT: set the tls_offered flag; this is useful only when it + precedes -MC (see above). The flag indicates that the host to which + Exim is connected has offered TLS support. */ + +- case 'T': smtp_peer_options |= PEER_OFFERED_TLS; break; ++ case 'T': smtp_peer_options |= OPTION_TLS; break; + #endif + + default: badarg = TRUE; break; +--- exim-4.89/src/macros.h.calloutsize 2017-03-04 16:21:35.000000000 -0500 ++++ exim-4.89/src/macros.h 2017-08-16 15:38:52.876969094 -0400 +@@ -959,14 +959,14 @@ + + /* Codes for ESMTP facilities offered by peer */ + +-#define PEER_OFFERED_TLS BIT(0) +-#define PEER_OFFERED_IGNQ BIT(1) +-#define PEER_OFFERED_PRDR BIT(2) +-#define PEER_OFFERED_UTF8 BIT(3) +-#define PEER_OFFERED_DSN BIT(4) +-#define PEER_OFFERED_PIPE BIT(5) +-#define PEER_OFFERED_SIZE BIT(6) +-#define PEER_OFFERED_CHUNKING BIT(7) ++#define OPTION_TLS BIT(0) ++#define OPTION_IGNQ BIT(1) ++#define OPTION_PRDR BIT(2) ++#define OPTION_UTF8 BIT(3) ++#define OPTION_DSN BIT(4) ++#define OPTION_PIPE BIT(5) ++#define OPTION_SIZE BIT(6) ++#define OPTION_CHUNKING BIT(7) + + /* Argument for *_getc */ + +--- exim-4.89/src/transport.c.calloutsize 2017-08-16 15:38:52.876969094 -0400 ++++ exim-4.89/src/transport.c 2017-08-16 15:55:23.681414193 -0400 +@@ -1976,13 +1976,12 @@ + argv = CUSS child_exec_exim(CEE_RETURN_ARGV, TRUE, &i, FALSE, 0); + + if (smtp_authenticated) argv[i++] = US"-MCA"; +- +- if (smtp_peer_options & PEER_OFFERED_CHUNKING) argv[i++] = US"-MCK"; +- if (smtp_peer_options & PEER_OFFERED_DSN) argv[i++] = US"-MCD"; +- if (smtp_peer_options & PEER_OFFERED_PIPE) argv[i++] = US"-MCP"; +- if (smtp_peer_options & PEER_OFFERED_SIZE) argv[i++] = US"-MCS"; ++ if (smtp_peer_options & OPTION_CHUNKING) argv[i++] = US"-MCK"; ++ if (smtp_peer_options & OPTION_DSN) argv[i++] = US"-MCD"; ++ if (smtp_peer_options & OPTION_PIPE) argv[i++] = US"-MCP"; ++ if (smtp_peer_options & OPTION_SIZE) argv[i++] = US"-MCS"; + #ifdef SUPPORT_TLS +- if (smtp_peer_options & PEER_OFFERED_TLS) argv[i++] = US"-MCT"; ++ if (smtp_peer_options & OPTION_TLS) argv[i++] = US"-MCT"; + #endif + + if (queue_run_pid != (pid_t)0) +--- exim-4.89/src/transports/smtp.c.calloutsize 2017-03-04 16:21:35.000000000 -0500 ++++ exim-4.89/src/transports/smtp.c 2017-08-16 16:08:51.572126172 -0400 +@@ -1291,44 +1291,44 @@ + size_t bsize = Ustrlen(buf); + + #ifdef SUPPORT_TLS +-if ( checks & PEER_OFFERED_TLS ++if ( checks & OPTION_TLS + && pcre_exec(regex_STARTTLS, NULL, CS buf, bsize, 0, PCRE_EOPT, NULL, 0) < 0) +- checks &= ~PEER_OFFERED_TLS; ++ checks &= ~OPTION_TLS; + #endif + +-if ( checks & PEER_OFFERED_IGNQ ++if ( checks & OPTION_IGNQ + && pcre_exec(regex_IGNOREQUOTA, NULL, CS buf, bsize, 0, + PCRE_EOPT, NULL, 0) < 0) +- checks &= ~PEER_OFFERED_IGNQ; ++ checks &= ~OPTION_IGNQ; + +-if ( checks & PEER_OFFERED_CHUNKING ++if ( checks & OPTION_CHUNKING + && pcre_exec(regex_CHUNKING, NULL, CS buf, bsize, 0, PCRE_EOPT, NULL, 0) < 0) +- checks &= ~PEER_OFFERED_CHUNKING; ++ checks &= ~OPTION_CHUNKING; + + #ifndef DISABLE_PRDR +-if ( checks & PEER_OFFERED_PRDR ++if ( checks & OPTION_PRDR + && pcre_exec(regex_PRDR, NULL, CS buf, bsize, 0, PCRE_EOPT, NULL, 0) < 0) +- checks &= ~PEER_OFFERED_PRDR; ++ checks &= ~OPTION_PRDR; + #endif + + #ifdef SUPPORT_I18N +-if ( checks & PEER_OFFERED_UTF8 ++if ( checks & OPTION_UTF8 + && pcre_exec(regex_UTF8, NULL, CS buf, bsize, 0, PCRE_EOPT, NULL, 0) < 0) +- checks &= ~PEER_OFFERED_UTF8; ++ checks &= ~OPTION_UTF8; + #endif + +-if ( checks & PEER_OFFERED_DSN ++if ( checks & OPTION_DSN + && pcre_exec(regex_DSN, NULL, CS buf, bsize, 0, PCRE_EOPT, NULL, 0) < 0) +- checks &= ~PEER_OFFERED_DSN; ++ checks &= ~OPTION_DSN; + +-if ( checks & PEER_OFFERED_PIPE ++if ( checks & OPTION_PIPE + && pcre_exec(regex_PIPELINING, NULL, CS buf, bsize, 0, + PCRE_EOPT, NULL, 0) < 0) +- checks &= ~PEER_OFFERED_PIPE; ++ checks &= ~OPTION_PIPE; + +-if ( checks & PEER_OFFERED_SIZE ++if ( checks & OPTION_SIZE + && pcre_exec(regex_SIZE, NULL, CS buf, bsize, 0, PCRE_EOPT, NULL, 0) < 0) +- checks &= ~PEER_OFFERED_SIZE; ++ checks &= ~OPTION_SIZE; + + return checks; + } +@@ -1479,6 +1479,7 @@ + + if ((sx->max_rcpt = sx->tblock->max_addresses) == 0) sx->max_rcpt = 999999; + sx->peer_offered = 0; ++sx->avoid_option = 0; + sx->igquotstr = US""; + if (!sx->helo_data) sx->helo_data = sx->ob->helo_data; + #ifdef EXPERIMENTAL_DSN_INFO +@@ -1715,7 +1716,7 @@ + #ifdef SUPPORT_TLS + if (sx->smtps) + { +- smtp_peer_options |= PEER_OFFERED_TLS; ++ smtp_peer_options |= OPTION_TLS; + suppress_tls = FALSE; + sx->ob->tls_tempfail_tryclear = FALSE; + smtp_command = US"SSL-on-connect"; +@@ -1780,18 +1781,18 @@ + } + } + +- sx->peer_offered = smtp_peer_options = 0; ++ sx->avoid_option = sx->peer_offered = smtp_peer_options = 0; + + if (sx->esmtp || sx->lmtp) + { + sx->peer_offered = ehlo_response(sx->buffer, +- PEER_OFFERED_TLS /* others checked later */ ++ OPTION_TLS /* others checked later */ + ); + + /* Set tls_offered if the response to EHLO specifies support for STARTTLS. */ + + #ifdef SUPPORT_TLS +- smtp_peer_options |= sx->peer_offered & PEER_OFFERED_TLS; ++ smtp_peer_options |= sx->peer_offered & OPTION_TLS; + #endif + } + } +@@ -1825,7 +1826,7 @@ + for error analysis. */ + + #ifdef SUPPORT_TLS +-if ( smtp_peer_options & PEER_OFFERED_TLS ++if ( smtp_peer_options & OPTION_TLS + && !suppress_tls + && verify_check_given_host(&sx->ob->hosts_avoid_tls, sx->host) != OK + && ( !sx->verify +@@ -1970,7 +1971,7 @@ + { + errno = ERRNO_TLSREQUIRED; + message = string_sprintf("a TLS session is required, but %s", +- smtp_peer_options & PEER_OFFERED_TLS ++ smtp_peer_options & OPTION_TLS + ? "an attempt to start TLS failed" : "the server did not offer TLS support"); + goto TLS_FAILED; + } +@@ -1991,60 +1992,60 @@ + { + sx->peer_offered = ehlo_response(sx->buffer, + 0 /* no TLS */ +- | (sx->lmtp && sx->ob->lmtp_ignore_quota ? PEER_OFFERED_IGNQ : 0) +- | PEER_OFFERED_CHUNKING +- | PEER_OFFERED_PRDR ++ | (sx->lmtp && sx->ob->lmtp_ignore_quota ? OPTION_IGNQ : 0) ++ | OPTION_CHUNKING ++ | OPTION_PRDR + #ifdef SUPPORT_I18N +- | (sx->addrlist->prop.utf8_msg ? PEER_OFFERED_UTF8 : 0) ++ | (sx->addrlist->prop.utf8_msg ? OPTION_UTF8 : 0) + /*XXX if we hand peercaps on to continued-conn processes, + must not depend on this addr */ + #endif +- | PEER_OFFERED_DSN +- | PEER_OFFERED_PIPE +- | (sx->ob->size_addition >= 0 ? PEER_OFFERED_SIZE : 0) ++ | OPTION_DSN ++ | OPTION_PIPE ++ | (sx->ob->size_addition >= 0 ? OPTION_SIZE : 0) + ); + + /* Set for IGNOREQUOTA if the response to LHLO specifies support and the + lmtp_ignore_quota option was set. */ + +- sx->igquotstr = sx->peer_offered & PEER_OFFERED_IGNQ ? US" IGNOREQUOTA" : US""; ++ sx->igquotstr = sx->peer_offered & OPTION_IGNQ ? US" IGNOREQUOTA" : US""; + + /* If the response to EHLO specified support for the SIZE parameter, note + this, provided size_addition is non-negative. */ + +- smtp_peer_options |= sx->peer_offered & PEER_OFFERED_SIZE; ++ smtp_peer_options |= sx->peer_offered & OPTION_SIZE; + + /* Note whether the server supports PIPELINING. If hosts_avoid_esmtp matched + the current host, esmtp will be false, so PIPELINING can never be used. If + the current host matches hosts_avoid_pipelining, don't do it. */ + +- if ( sx->peer_offered & PEER_OFFERED_PIPE ++ if ( sx->peer_offered & OPTION_PIPE + && verify_check_given_host(&sx->ob->hosts_avoid_pipelining, sx->host) != OK) +- smtp_peer_options |= PEER_OFFERED_PIPE; ++ smtp_peer_options |= OPTION_PIPE; + + DEBUG(D_transport) debug_printf("%susing PIPELINING\n", +- smtp_peer_options & PEER_OFFERED_PIPE ? "" : "not "); ++ smtp_peer_options & OPTION_PIPE ? "" : "not "); + +- if ( sx->peer_offered & PEER_OFFERED_CHUNKING ++ if ( sx->peer_offered & OPTION_CHUNKING + && verify_check_given_host(&sx->ob->hosts_try_chunking, sx->host) != OK) +- sx->peer_offered &= ~PEER_OFFERED_CHUNKING; ++ sx->peer_offered &= ~OPTION_CHUNKING; + +- if (sx->peer_offered & PEER_OFFERED_CHUNKING) ++ if (sx->peer_offered & OPTION_CHUNKING) + {DEBUG(D_transport) debug_printf("CHUNKING usable\n");} + + #ifndef DISABLE_PRDR +- if ( sx->peer_offered & PEER_OFFERED_PRDR ++ if ( sx->peer_offered & OPTION_PRDR + && verify_check_given_host(&sx->ob->hosts_try_prdr, sx->host) != OK) +- sx->peer_offered &= ~PEER_OFFERED_PRDR; ++ sx->peer_offered &= ~OPTION_PRDR; + +- if (sx->peer_offered & PEER_OFFERED_PRDR) ++ if (sx->peer_offered & OPTION_PRDR) + {DEBUG(D_transport) debug_printf("PRDR usable\n");} + #endif + + /* Note if the server supports DSN */ +- smtp_peer_options |= sx->peer_offered & PEER_OFFERED_DSN; ++ smtp_peer_options |= sx->peer_offered & OPTION_DSN; + DEBUG(D_transport) debug_printf("%susing DSN\n", +- sx->peer_offered & PEER_OFFERED_DSN ? "" : "not "); ++ sx->peer_offered & OPTION_DSN ? "" : "not "); + + /* Note if the response to EHLO specifies support for the AUTH extension. + If it has, check that this host is one we want to authenticate to, and do +@@ -2061,7 +2062,7 @@ + } + } + } +-pipelining_active = !!(smtp_peer_options & PEER_OFFERED_PIPE); ++pipelining_active = !!(smtp_peer_options & OPTION_PIPE); + + /* The setting up of the SMTP call is now complete. Any subsequent errors are + message-specific. */ +@@ -2079,7 +2080,7 @@ + } + + /* If this is an international message we need the host to speak SMTPUTF8 */ +-if (sx->utf8_needed && !(sx->peer_offered & PEER_OFFERED_UTF8)) ++if (sx->utf8_needed && !(sx->peer_offered & OPTION_UTF8)) + { + errno = ERRNO_UTF8_FWD; + goto RESPONSE_FAILED; +@@ -2202,14 +2203,15 @@ + + *p = 0; + +-/* If we know the receiving MTA supports the SIZE qualification, ++/* If we know the receiving MTA supports the SIZE qualification, and we know it, + send it, adding something to the message size to allow for imprecision + and things that get added en route. Exim keeps the number of lines + in a message, so we can give an accurate value for the original message, but we + need some additional to handle added headers. (Double "." characters don't get + included in the count.) */ + +-if (sx->peer_offered & PEER_OFFERED_SIZE) ++if ( message_size > 0 ++ && sx->peer_offered & OPTION_SIZE && !(sx->avoid_option & OPTION_SIZE)) + { + sprintf(CS p, " SIZE=%d", message_size+message_linecount+sx->ob->size_addition); + while (*p) p++; +@@ -2220,7 +2222,7 @@ + request that */ + + sx->prdr_active = FALSE; +-if (sx->peer_offered & PEER_OFFERED_PRDR) ++if (sx->peer_offered & OPTION_PRDR) + for (addr = addrlist; addr; addr = addr->next) + if (addr->transport_return == PENDING_DEFER) + { +@@ -2239,7 +2241,7 @@ + /* If it supports internationalised messages, and this meesage need that, + request it */ + +-if ( sx->peer_offered & PEER_OFFERED_UTF8 ++if ( sx->peer_offered & OPTION_UTF8 + && addrlist->prop.utf8_msg + && !addrlist->prop.utf8_downcvt + ) +@@ -2261,7 +2263,7 @@ + + /* Add any DSN flags to the mail command */ + +-if (sx->peer_offered & PEER_OFFERED_DSN && !sx->dsn_all_lasthop) ++if (sx->peer_offered & OPTION_DSN && !sx->dsn_all_lasthop) + { + if (dsn_ret == dsn_ret_hdrs) + { Ustrcpy(p, " RET=HDRS"); p += 9; } +@@ -2297,7 +2299,7 @@ + + /* Add any DSN flags to the rcpt command */ + +-if (sx->peer_offered & PEER_OFFERED_DSN && !(addr->dsn_flags & rf_dsnlasthop)) ++if (sx->peer_offered & OPTION_DSN && !(addr->dsn_flags & rf_dsnlasthop)) + { + if (addr->dsn_flags & rf_dsnflags) + { +@@ -2367,7 +2369,7 @@ + the delivery log line. */ + + if ( sx->addrlist->prop.utf8_msg +- && (sx->addrlist->prop.utf8_downcvt || !(sx->peer_offered & PEER_OFFERED_UTF8)) ++ && (sx->addrlist->prop.utf8_downcvt || !(sx->peer_offered & OPTION_UTF8)) + ) + { + if (s = string_address_utf8_to_alabel(s, &errstr), errstr) +@@ -2431,7 +2433,7 @@ + BOOL no_flush; + uschar * rcpt_addr; + +- addr->dsn_aware = sx->peer_offered & PEER_OFFERED_DSN ++ addr->dsn_aware = sx->peer_offered & OPTION_DSN + ? dsn_support_yes : dsn_support_no; + + address_count++; +@@ -2594,10 +2596,10 @@ + if ( transport_filter_argv + && *transport_filter_argv + && **transport_filter_argv +- && sx.peer_offered & PEER_OFFERED_CHUNKING ++ && sx.peer_offered & OPTION_CHUNKING + ) + { +- sx.peer_offered &= ~PEER_OFFERED_CHUNKING; ++ sx.peer_offered &= ~OPTION_CHUNKING; + DEBUG(D_transport) debug_printf("CHUNKING not usable due to transport filter\n"); + } + } +@@ -2656,7 +2658,7 @@ + If using CHUNKING, do not send a BDAT until we know how big a chunk we want + to send is. */ + +-if ( !(sx.peer_offered & PEER_OFFERED_CHUNKING) ++if ( !(sx.peer_offered & OPTION_CHUNKING) + && (sx.ok || (pipelining_active && !mua_wrapper))) + { + int count = smtp_write_command(&sx.outblock, FALSE, "DATA\r\n"); +@@ -2686,7 +2688,7 @@ + well as body. Set the appropriate timeout value to be used for each chunk. + (Haven't been able to make it work using select() for writing yet.) */ + +-if (!(sx.peer_offered & PEER_OFFERED_CHUNKING) && !sx.ok) ++if (!(sx.peer_offered & OPTION_CHUNKING) && !sx.ok) + { + /* Save the first address of the next batch. */ + sx.first_addr = sx.next_addr; +@@ -2712,7 +2714,7 @@ + of responses. The callback needs a whole bunch of state so set up + a transport-context structure to be passed around. */ + +- if (sx.peer_offered & PEER_OFFERED_CHUNKING) ++ if (sx.peer_offered & OPTION_CHUNKING) + { + tctx.check_string = tctx.escape_string = NULL; + tctx.options |= topt_use_bdat; +@@ -2737,7 +2739,7 @@ + transport_write_timeout = sx.ob->data_timeout; + smtp_command = US"sending data block"; /* For error messages */ + DEBUG(D_transport|D_v) +- if (sx.peer_offered & PEER_OFFERED_CHUNKING) ++ if (sx.peer_offered & OPTION_CHUNKING) + debug_printf(" will write message using CHUNKING\n"); + else + debug_printf(" SMTP>> writing message and terminating \".\"\n"); +@@ -2771,7 +2773,7 @@ + + smtp_command = US"end of data"; + +- if (sx.peer_offered & PEER_OFFERED_CHUNKING && sx.cmd_count > 1) ++ if (sx.peer_offered & OPTION_CHUNKING && sx.cmd_count > 1) + { + /* Reap any outstanding MAIL & RCPT commands, but not a DATA-go-ahead */ + switch(sync_responses(&sx, sx.cmd_count-1, 0)) +@@ -2926,7 +2928,7 @@ + #ifndef DISABLE_PRDR + if (sx.prdr_active) addr->flags |= af_prdr_used; + #endif +- if (sx.peer_offered & PEER_OFFERED_CHUNKING) addr->flags |= af_chunking_used; ++ if (sx.peer_offered & OPTION_CHUNKING) addr->flags |= af_chunking_used; + flag = '-'; + + #ifndef DISABLE_PRDR +--- exim-4.89/src/transports/smtp.h.calloutsize 2017-03-04 16:21:35.000000000 -0500 ++++ exim-4.89/src/transports/smtp.h 2017-08-16 15:38:52.877969104 -0400 +@@ -127,6 +127,7 @@ + int cmd_count; + + uschar peer_offered; ++ uschar avoid_option; + uschar * igquotstr; + uschar * helo_data; + #ifdef EXPERIMENTAL_DSN_INFO +--- exim-4.89/src/verify.c.calloutsize 2017-03-04 16:21:35.000000000 -0500 ++++ exim-4.89/src/verify.c 2017-08-16 15:51:37.913261370 -0400 +@@ -779,8 +779,12 @@ + postmaster-verify. + The sync_responses() would need to be taught about it and we'd + need another return code filtering out to here. ++ ++ Avoid using a SIZE option on the MAIL for all randon-rcpt checks. + */ + ++ sx.avoid_option = OPTION_SIZE; ++ + /* Remember when we last did a random test */ + new_domain_record.random_stamp = time(NULL); + +@@ -790,8 +794,9 @@ + case PENDING_OK: + new_domain_record.random_result = ccache_accept; + break; +- case FAIL: ++ case FAIL: /* the preferred result */ + new_domain_record.random_result = ccache_reject; ++ sx.avoid_option = 0; + + /* Between each check, issue RSET, because some servers accept only + one recipient after MAIL FROM:<>. +@@ -836,12 +841,14 @@ + else + done = TRUE; + +- /* Main verify. If the host is accepting all local parts, as determined +- by the "random" check, we don't need to waste time doing any further +- checking. */ ++ /* Main verify. For rcpt-verify use SIZE if we know it and we're not cacheing; ++ for sndr-verify never use it. */ + + if (done) + { ++ if (!(options & vopt_is_recipient && options & vopt_callout_no_cache)) ++ sx.avoid_option = OPTION_SIZE; ++ + done = FALSE; + switch(smtp_write_mail_and_rcpt_cmds(&sx, &yield)) + { +@@ -850,12 +857,12 @@ + case PENDING_OK: done = TRUE; + new_address_record.result = ccache_accept; + break; +- case FAIL: done = TRUE; ++ case FAIL: done = TRUE; + yield = FAIL; + *failure_ptr = US"recipient"; + new_address_record.result = ccache_reject; + break; +- default: break; ++ default: break; + } + break; + +@@ -908,6 +915,7 @@ + sx.ok = FALSE; + sx.send_rset = TRUE; + sx.completed_addr = FALSE; ++ sx.avoid_option = OPTION_SIZE; + + if( smtp_write_mail_and_rcpt_cmds(&sx, &yield) == 0 + && addr->transport_return == PENDING_OK diff --git a/exim-4.89-mariadb-10.2-compile-fix.patch b/exim-4.89-mariadb-10.2-compile-fix.patch new file mode 100644 index 0000000..d90a680 --- /dev/null +++ b/exim-4.89-mariadb-10.2-compile-fix.patch @@ -0,0 +1,10 @@ +--- a/src/lookups/mysql.c 2017-06-30 18:14:16.681819941 +0200 ++++ b/src/lookups/mysql.c 2017-06-30 18:14:29.776921269 +0200 +@@ -13,6 +13,7 @@ + #include "lf_functions.h" + + #include /* The system header */ ++#include + + + /* Structure and anchor for caching connections. */ diff --git a/exim.spec b/exim.spec index dcdb1c0..6891316 100644 --- a/exim.spec +++ b/exim.spec @@ -14,7 +14,7 @@ Summary: The exim mail transfer agent Name: exim Version: 4.89 -Release: 4%{?dist} +Release: 5%{?dist} License: GPLv2+ Url: http://www.exim.org/ Group: System Environment/Daemons @@ -62,6 +62,14 @@ Patch25: exim-4.87-dynlookup-config.patch # Upstream ticket: http://bugs.exim.org/show_bug.cgi?id=1584 Patch26: exim-4.85-pic.patch Patch27: exim-4.89-environment.patch +# https://github.com/Exim/exim/pull/56 +Patch28: exim-4.89-mariadb-10.2-compile-fix.patch +# Backported from upstream: +# https://github.com/Exim/exim/commit/65e061b76867a9ea7aeeb535341b790b90ae6c21 +Patch29: exim-4.89-CVE-2017-1000369.patch +# Backported from upstream: +# https://git.exim.org/exim.git/commitdiff/14de8063d82edc5bf003ed50abdea55ac542679b +Patch30: exim-4.89-calloutsize.patch Requires: /etc/pki/tls/certs /etc/pki/tls/private Requires: /etc/aliases @@ -167,7 +175,7 @@ This package contains the SysV initscript. %package greylist Summary: Example configuration for greylisting using Exim Group: System Environment/Daemons -Requires: sqlite exim +Requires: sqlite exim Requires: crontabs %description greylist @@ -187,7 +195,7 @@ a list of 'offended' which it's committed, which may include having SpamAssassin points, lacking a Message-ID: header, coming from a blacklisted host, etc. There are examples of these in the default configuration file, mostly commented out. These should be sufficient for you to you trigger -greylisting for whatever 'offences' you can dream of, or even to make +greylisting for whatever 'offences' you can dream of, or even to make greylisting unconditional. %prep @@ -208,6 +216,9 @@ greylisting unconditional. %patch25 -p1 -b .dynconfig %patch26 -p1 -b .fpic %patch27 -p1 -b .environment +%patch28 -p1 -b .mariadb-10.2-compile-fix +%patch29 -p1 -b .CVE-2017-1000369 +%patch30 -p1 -b .calloutsize cp src/EDITME Local/Makefile sed -i 's@^# LOOKUP_MODULE_DIR=.*@LOOKUP_MODULE_DIR=%{_libdir}/exim/%{version}-%{release}/lookups@' Local/Makefile @@ -520,7 +531,7 @@ fi %if %{with clamav} %post clamav -/bin/mkdir -p 0750 %{_var}/run/clamd.exim +/bin/mkdir -pm 0750 %{_var}/run/clamd.exim /bin/chown exim:exim %{_var}/run/clamd.exim /bin/touch %{_var}/log/clamd.exim /bin/chown exim.exim %{_var}/log/clamd.exim @@ -588,6 +599,18 @@ test "$1" = 0 || %{_initrddir}/clamd.exim condrestart >/dev/null 2>&1 || : %{_sysconfdir}/cron.daily/greylist-tidy.sh %changelog +* Fri Aug 18 2017 Jaroslav Škarvada - 4.89-5 +- Fixed compilation with the mariadb-10.2 + Resolves: rhbz#1467312 +- Fixed multiple memory leaks + Resolves: CVE-2017-1000369 +- Fixed typo causing exim-clamav to create /0750 directory + Resolves: rhbz#1412028 +- On callout avoid SIZE option when doing recipient verification with + caching enabled + Resolves: rhbz#1482217 +- Fixed some minor whitespace problems in the spec + * Wed Aug 02 2017 Fedora Release Engineering - 4.89-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild From 2845aec9716d64acbe840ca141fd4e8bbb1f427e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jaroslav=20=C5=A0karvada?= Date: Fri, 10 Nov 2017 18:26:31 +0100 Subject: [PATCH 161/194] Used mariadb-connector-c-devel instead of mysql-devel Resolves: rhbz#1494094 --- exim-4.87-dynlookup-config.patch | 2 +- exim-4.89-mariadb-10.2-compile-fix.patch | 10 ---- exim-4.89-mariadb-macro-fix.patch | 73 ++++++++++++++++++++++++ exim.spec | 21 ++++--- 4 files changed, 86 insertions(+), 20 deletions(-) delete mode 100644 exim-4.89-mariadb-10.2-compile-fix.patch create mode 100644 exim-4.89-mariadb-macro-fix.patch diff --git a/exim-4.87-dynlookup-config.patch b/exim-4.87-dynlookup-config.patch index d922078..a2bf35a 100644 --- a/exim-4.87-dynlookup-config.patch +++ b/exim-4.87-dynlookup-config.patch @@ -11,7 +11,7 @@ index df3dcc8..de01565 100644 -LOOKUP_MYSQL=yes +LOOKUP_LIBS=-lldap -llber -lsqlite3 +LOOKUP_MYSQL_INCLUDE=-I/usr/include/mysql -+LOOKUP_MYSQL_LIBS=-L/usr/${_lib}/mysql -lmysqlclient ++LOOKUP_MYSQL_LIBS=-lmysqlclient +LOOKUP_PGSQL_LIBS=-lpq +LOOKUP_MYSQL=2 LOOKUP_NIS=yes diff --git a/exim-4.89-mariadb-10.2-compile-fix.patch b/exim-4.89-mariadb-10.2-compile-fix.patch deleted file mode 100644 index d90a680..0000000 --- a/exim-4.89-mariadb-10.2-compile-fix.patch +++ /dev/null @@ -1,10 +0,0 @@ ---- a/src/lookups/mysql.c 2017-06-30 18:14:16.681819941 +0200 -+++ b/src/lookups/mysql.c 2017-06-30 18:14:29.776921269 +0200 -@@ -13,6 +13,7 @@ - #include "lf_functions.h" - - #include /* The system header */ -+#include - - - /* Structure and anchor for caching connections. */ diff --git a/exim-4.89-mariadb-macro-fix.patch b/exim-4.89-mariadb-macro-fix.patch new file mode 100644 index 0000000..c5b9266 --- /dev/null +++ b/exim-4.89-mariadb-macro-fix.patch @@ -0,0 +1,73 @@ +diff --git a/src/lookups/mysql.c b/src/lookups/mysql.c +index 5cf15af..b5133bc 100644 +--- a/src/lookups/mysql.c ++++ b/src/lookups/mysql.c +@@ -14,6 +14,53 @@ functions. */ + + #include /* The system header */ + ++/* We define symbols for *_VERSION_ID (numeric), *_VERSION_STR (char*) ++and *_BASE_STR (char*). It's a bit of guesswork. Especially for mariadb ++with versions before 10.2, as they do not define there there specific symbols. ++*/ ++ ++// Newer (>= 10.2) MariaDB ++#if defined MARIADB_VERSION_ID ++#define EXIM_MxSQL_VERSION_ID MARIADB_VERSION_ID ++ ++// MySQL defines MYSQL_VERSION_ID, and MariaDB does so ++// https://dev.mysql.com/doc/refman/5.7/en/c-api-server-client-versions.html ++#elif defined LIBMYSQL_VERSION_ID ++#define EXIM_MxSQL_VERSION_ID LIBMYSQL_VERSION_ID ++#elif defined MYSQL_VERSION_ID ++#define EXIM_MxSQL_VERSION_ID MYSQL_VERSION_ID ++ ++#else ++#define EXIM_MYSQL_VERSION_ID 0 ++#endif ++ ++// Newer (>= 10.2) MariaDB ++#ifdef MARIADB_CLIENT_VERSION_STR ++#define EXIM_MxSQL_VERSION_STR MARIADB_CLIENT_VERSION_STR ++ ++// Mysql uses MYSQL_SERVER_VERSION ++#elif defined LIBMYSQL_VERSION ++#define EXIM_MxSQL_VERSION_STR LIBMYSQL_VERSION ++#elif defined MYSQL_SERVER_VERSION ++#define EXIM_MxSQL_VERSION_STR MYSQL_SERVER_VERSION ++ ++#else ++#define EXIM_MxSQL_VERSION_STR "N.A." ++#endif ++ ++#if defined MARIADB_BASE_VERSION ++#define EXIM_MxSQL_BASE_STR MARIADB_BASE_VERSION ++ ++#elif defined MARIADB_PACKAGE_VERSION ++#define EXIM_MxSQL_BASE_STR "mariadb" ++ ++#elif defined MYSQL_BASE_VERSION ++#define EXIM_MxSQL_BASE_STR MYSQL_BASE_VERSION ++ ++#else ++#define EXIM_MxSQL_BASE_STR "n.A." ++#endif ++ + + /* Structure and anchor for caching connections. */ + +@@ -432,10 +479,10 @@ return quoted; + void + mysql_version_report(FILE *f) + { +-fprintf(f, "Library version: MySQL: Compile: %s [%s]\n" +- " Runtime: %s\n", +- MYSQL_SERVER_VERSION, MYSQL_COMPILATION_COMMENT, +- mysql_get_client_info()); ++fprintf(f, "Library version: MySQL: Compile: %lu %s [%s]\n" ++ " Runtime: %lu %s\n", ++ (long)EXIM_MxSQL_VERSION_ID, EXIM_MxSQL_VERSION_STR, EXIM_MxSQL_BASE_STR, ++ mysql_get_client_version(), mysql_get_client_info()); + #ifdef DYNLOOKUP + fprintf(f, " Exim version %s\n", EXIM_VERSION_STR); + #endif diff --git a/exim.spec b/exim.spec index 6891316..93d08fe 100644 --- a/exim.spec +++ b/exim.spec @@ -14,7 +14,7 @@ Summary: The exim mail transfer agent Name: exim Version: 4.89 -Release: 5%{?dist} +Release: 6%{?dist} License: GPLv2+ Url: http://www.exim.org/ Group: System Environment/Daemons @@ -62,21 +62,20 @@ Patch25: exim-4.87-dynlookup-config.patch # Upstream ticket: http://bugs.exim.org/show_bug.cgi?id=1584 Patch26: exim-4.85-pic.patch Patch27: exim-4.89-environment.patch -# https://github.com/Exim/exim/pull/56 -Patch28: exim-4.89-mariadb-10.2-compile-fix.patch # Backported from upstream: # https://github.com/Exim/exim/commit/65e061b76867a9ea7aeeb535341b790b90ae6c21 -Patch29: exim-4.89-CVE-2017-1000369.patch +Patch28: exim-4.89-CVE-2017-1000369.patch # Backported from upstream: # https://git.exim.org/exim.git/commitdiff/14de8063d82edc5bf003ed50abdea55ac542679b -Patch30: exim-4.89-calloutsize.patch +Patch29: exim-4.89-calloutsize.patch +Patch30: exim-4.89-mariadb-macro-fix.patch Requires: /etc/pki/tls/certs /etc/pki/tls/private Requires: /etc/aliases Requires: perl(:MODULE_COMPAT_%(eval "`%{__perl} -V:version`"; echo $version)) BuildRequires: libdb-devel openssl-devel openldap-devel pam-devel BuildRequires: pcre-devel sqlite-devel tcp_wrappers-devel cyrus-sasl-devel -BuildRequires: openldap-devel openssl-devel mysql-devel postgresql-devel +BuildRequires: openldap-devel openssl-devel mariadb-connector-c-devel postgresql-devel BuildRequires: libXaw-devel libXmu-devel libXext-devel libX11-devel libSM-devel BuildRequires: perl-devel BuildRequires: perl-generators @@ -216,9 +215,9 @@ greylisting unconditional. %patch25 -p1 -b .dynconfig %patch26 -p1 -b .fpic %patch27 -p1 -b .environment -%patch28 -p1 -b .mariadb-10.2-compile-fix -%patch29 -p1 -b .CVE-2017-1000369 -%patch30 -p1 -b .calloutsize +%patch28 -p1 -b .CVE-2017-1000369 +%patch29 -p1 -b .calloutsize +%patch30 -p1 -b .mariadb-macro-fix cp src/EDITME Local/Makefile sed -i 's@^# LOOKUP_MODULE_DIR=.*@LOOKUP_MODULE_DIR=%{_libdir}/exim/%{version}-%{release}/lookups@' Local/Makefile @@ -599,6 +598,10 @@ test "$1" = 0 || %{_initrddir}/clamd.exim condrestart >/dev/null 2>&1 || : %{_sysconfdir}/cron.daily/greylist-tidy.sh %changelog +* Fri Nov 10 2017 Jaroslav Škarvada - 4.89-6 +- Used mariadb-connector-c-devel instead of mysql-devel + Resolves: rhbz#1494094 + * Fri Aug 18 2017 Jaroslav Škarvada - 4.89-5 - Fixed compilation with the mariadb-10.2 Resolves: rhbz#1467312 From 9b26c63d7229c539471a30afde22c9208f75c19e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jaroslav=20=C5=A0karvada?= Date: Mon, 27 Nov 2017 14:08:06 +0100 Subject: [PATCH 162/194] Fixed use-after-free Resolves: CVE-2017-16943 --- exim-4.89-CVE-2017-16943.patch | 27 +++++++++++++++++++++++++++ exim.spec | 8 +++++++- 2 files changed, 34 insertions(+), 1 deletion(-) create mode 100644 exim-4.89-CVE-2017-16943.patch diff --git a/exim-4.89-CVE-2017-16943.patch b/exim-4.89-CVE-2017-16943.patch new file mode 100644 index 0000000..bd3468d --- /dev/null +++ b/exim-4.89-CVE-2017-16943.patch @@ -0,0 +1,27 @@ +diff --git a/src/receive.c b/src/receive.c +index 7980c32..3246621 100644 +--- a/src/receive.c ++++ b/src/receive.c +@@ -1772,8 +1772,8 @@ for (;;) + (and sometimes lunatic messages can have ones that are 100s of K long) we + call store_release() for strings that have been copied - if the string is at + the start of a block (and therefore the only thing in it, because we aren't +- doing any other gets), the block gets freed. We can only do this because we +- know there are no other calls to store_get() going on. */ ++ doing any other gets), the block gets freed. We can only do this release if ++ there were no allocations since the once that we want to free. */ + + if (ptr >= header_size - 4) + { +@@ -1782,9 +1782,10 @@ for (;;) + header_size *= 2; + if (!store_extend(next->text, oldsize, header_size)) + { ++ BOOL release_ok = store_last_get[store_pool] == next->text; + uschar *newtext = store_get(header_size); + memcpy(newtext, next->text, ptr); +- store_release(next->text); ++ if (release_ok) store_release(next->text); + next->text = newtext; + } + } diff --git a/exim.spec b/exim.spec index 93d08fe..a2ac746 100644 --- a/exim.spec +++ b/exim.spec @@ -14,7 +14,7 @@ Summary: The exim mail transfer agent Name: exim Version: 4.89 -Release: 6%{?dist} +Release: 7%{?dist} License: GPLv2+ Url: http://www.exim.org/ Group: System Environment/Daemons @@ -69,6 +69,7 @@ Patch28: exim-4.89-CVE-2017-1000369.patch # https://git.exim.org/exim.git/commitdiff/14de8063d82edc5bf003ed50abdea55ac542679b Patch29: exim-4.89-calloutsize.patch Patch30: exim-4.89-mariadb-macro-fix.patch +Patch31: exim-4.89-CVE-2017-16943.patch Requires: /etc/pki/tls/certs /etc/pki/tls/private Requires: /etc/aliases @@ -218,6 +219,7 @@ greylisting unconditional. %patch28 -p1 -b .CVE-2017-1000369 %patch29 -p1 -b .calloutsize %patch30 -p1 -b .mariadb-macro-fix +%patch31 -p1 -b .CVE-2017-16943 cp src/EDITME Local/Makefile sed -i 's@^# LOOKUP_MODULE_DIR=.*@LOOKUP_MODULE_DIR=%{_libdir}/exim/%{version}-%{release}/lookups@' Local/Makefile @@ -598,6 +600,10 @@ test "$1" = 0 || %{_initrddir}/clamd.exim condrestart >/dev/null 2>&1 || : %{_sysconfdir}/cron.daily/greylist-tidy.sh %changelog +* Mon Nov 27 2017 Jaroslav Škarvada - 4.89-7 +- Fixed use-after-free + Resolves: CVE-2017-16943 + * Fri Nov 10 2017 Jaroslav Škarvada - 4.89-6 - Used mariadb-connector-c-devel instead of mysql-devel Resolves: rhbz#1494094 From 0b307bc6ad654b06591ca979189903c1a9111b02 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jaroslav=20=C5=A0karvada?= Date: Thu, 30 Nov 2017 16:08:07 +0100 Subject: [PATCH 163/194] Dropped tcp_wrappers support Resolves: rhbz#1518763 --- exim-4.89-config.patch | 10 ++++------ exim.spec | 8 ++++++-- 2 files changed, 10 insertions(+), 8 deletions(-) diff --git a/exim-4.89-config.patch b/exim-4.89-config.patch index 3976531..f9587c3 100644 --- a/exim-4.89-config.patch +++ b/exim-4.89-config.patch @@ -12,7 +12,7 @@ index 3e486a6..6c4afec 100755 echo "" >>$mft cat $mftt >> $mft diff --git a/src/EDITME b/src/EDITME -index df74aac..0caf02d 100644 +index df74aac..7065c0c 100644 --- a/src/EDITME +++ b/src/EDITME @@ -98,7 +98,7 @@ @@ -236,16 +236,14 @@ index df74aac..0caf02d 100644 #------------------------------------------------------------------------------ -@@ -1034,9 +1033,9 @@ ZCAT_COMMAND=/usr/bin/zcat - # You may well also have to specify a local "include" file and an additional +@@ -1035,8 +1034,8 @@ ZCAT_COMMAND=/usr/bin/zcat # library for TCP wrappers, so you probably need something like this: # --# USE_TCP_WRAPPERS=yes + # USE_TCP_WRAPPERS=yes -# CFLAGS=-O -I/usr/local/include -# EXTRALIBS_EXIM=-L/usr/local/lib -lwrap -+USE_TCP_WRAPPERS=yes +CFLAGS+=$(RPM_OPT_FLAGS) $(PIE) -+EXTRALIBS_EXIM=-lwrap -lpam -ldl -export-dynamic -rdynamic ++EXTRALIBS_EXIM=-lpam -ldl -export-dynamic -rdynamic # # but of course there may need to be other things in CFLAGS and EXTRALIBS_EXIM # as well. diff --git a/exim.spec b/exim.spec index a2ac746..dc1ab73 100644 --- a/exim.spec +++ b/exim.spec @@ -14,7 +14,7 @@ Summary: The exim mail transfer agent Name: exim Version: 4.89 -Release: 7%{?dist} +Release: 8%{?dist} License: GPLv2+ Url: http://www.exim.org/ Group: System Environment/Daemons @@ -75,7 +75,7 @@ Requires: /etc/pki/tls/certs /etc/pki/tls/private Requires: /etc/aliases Requires: perl(:MODULE_COMPAT_%(eval "`%{__perl} -V:version`"; echo $version)) BuildRequires: libdb-devel openssl-devel openldap-devel pam-devel -BuildRequires: pcre-devel sqlite-devel tcp_wrappers-devel cyrus-sasl-devel +BuildRequires: pcre-devel sqlite-devel cyrus-sasl-devel BuildRequires: openldap-devel openssl-devel mariadb-connector-c-devel postgresql-devel BuildRequires: libXaw-devel libXmu-devel libXext-devel libX11-devel libSM-devel BuildRequires: perl-devel @@ -600,6 +600,10 @@ test "$1" = 0 || %{_initrddir}/clamd.exim condrestart >/dev/null 2>&1 || : %{_sysconfdir}/cron.daily/greylist-tidy.sh %changelog +* Thu Nov 30 2017 Jaroslav Škarvada - 4.89-8 +- Dropped tcp_wrappers support + Resolves: rhbz#1518763 + * Mon Nov 27 2017 Jaroslav Škarvada - 4.89-7 - Fixed use-after-free Resolves: CVE-2017-16943 From abd09da2d494e4e4c3c3ce346dab380c17d05ffe Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jaroslav=20=C5=A0karvada?= Date: Fri, 1 Dec 2017 12:25:05 +0100 Subject: [PATCH 164/194] Fixed denial of service Resolves: CVE-2017-16944 --- exim-4.89-CVE-2017-16944.patch | 41 ++++++++++++++++++++++++++++++++++ exim.spec | 10 ++++++++- 2 files changed, 50 insertions(+), 1 deletion(-) create mode 100644 exim-4.89-CVE-2017-16944.patch diff --git a/exim-4.89-CVE-2017-16944.patch b/exim-4.89-CVE-2017-16944.patch new file mode 100644 index 0000000..81e8032 --- /dev/null +++ b/exim-4.89-CVE-2017-16944.patch @@ -0,0 +1,41 @@ +diff --git a/src/receive.c b/src/receive.c +index 3246621..f19c8b9 100644 +--- a/src/receive.c ++++ b/src/receive.c +@@ -1827,7 +1827,7 @@ for (;;) + prevent further reading), and break out of the loop, having freed the + empty header, and set next = NULL to indicate no data line. */ + +- if (ptr == 0 && ch == '.' && (smtp_input || dot_ends)) ++ if (ptr == 0 && ch == '.' && dot_ends) + { + ch = (receive_getc)(GETC_BUFFER_UNLIMITED); + if (ch == '\r') +diff --git a/src/smtp_in.c b/src/smtp_in.c +index 1b45f84..0207540 100644 +--- a/src/smtp_in.c ++++ b/src/smtp_in.c +@@ -4955,16 +4955,23 @@ while (done <= 0) + DEBUG(D_receive) debug_printf("chunking state %d, %d bytes\n", + (int)chunking_state, chunking_data_left); + ++ /* push the current receive_* function on the "stack", and ++ replace them by bdat_getc(), which in turn will use the lwr_receive_* ++ functions to do the dirty work. */ + lwr_receive_getc = receive_getc; + lwr_receive_ungetc = receive_ungetc; ++ + receive_getc = bdat_getc; + receive_ungetc = bdat_ungetc; + ++ dot_ends = FALSE; ++ + goto DATA_BDAT; + } + + case DATA_CMD: + HAD(SCH_DATA); ++ dot_ends = TRUE; + + DATA_BDAT: /* Common code for DATA and BDAT */ + if (!discarded && recipients_count <= 0) diff --git a/exim.spec b/exim.spec index dc1ab73..0a498e9 100644 --- a/exim.spec +++ b/exim.spec @@ -14,7 +14,7 @@ Summary: The exim mail transfer agent Name: exim Version: 4.89 -Release: 8%{?dist} +Release: 9%{?dist} License: GPLv2+ Url: http://www.exim.org/ Group: System Environment/Daemons @@ -69,7 +69,10 @@ Patch28: exim-4.89-CVE-2017-1000369.patch # https://git.exim.org/exim.git/commitdiff/14de8063d82edc5bf003ed50abdea55ac542679b Patch29: exim-4.89-calloutsize.patch Patch30: exim-4.89-mariadb-macro-fix.patch +# Upstream ticket: https://bugs.exim.org/show_bug.cgi?id=2199 Patch31: exim-4.89-CVE-2017-16943.patch +# Upstream ticket: https://bugs.exim.org/show_bug.cgi?id=2201 +Patch32: exim-4.89-CVE-2017-16944.patch Requires: /etc/pki/tls/certs /etc/pki/tls/private Requires: /etc/aliases @@ -220,6 +223,7 @@ greylisting unconditional. %patch29 -p1 -b .calloutsize %patch30 -p1 -b .mariadb-macro-fix %patch31 -p1 -b .CVE-2017-16943 +%patch32 -p1 -b .CVE-2017-16944 cp src/EDITME Local/Makefile sed -i 's@^# LOOKUP_MODULE_DIR=.*@LOOKUP_MODULE_DIR=%{_libdir}/exim/%{version}-%{release}/lookups@' Local/Makefile @@ -600,6 +604,10 @@ test "$1" = 0 || %{_initrddir}/clamd.exim condrestart >/dev/null 2>&1 || : %{_sysconfdir}/cron.daily/greylist-tidy.sh %changelog +* Fri Dec 1 2017 Jaroslav Škarvada - 4.89-9 +- Fixed denial of service + Resolves: CVE-2017-16944 + * Thu Nov 30 2017 Jaroslav Škarvada - 4.89-8 - Dropped tcp_wrappers support Resolves: rhbz#1518763 From 65b73757ed57c31fc977e9e4331710277e5713f9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jaroslav=20=C5=A0karvada?= Date: Wed, 17 Jan 2018 14:43:08 +0100 Subject: [PATCH 165/194] Fixed FTBFS due to NIS removal from glibc Resolves: rhbz#1534920 --- exim-4.89-nsl-fix.patch | 14 ++++++++++++++ exim.spec | 11 ++++++++++- 2 files changed, 24 insertions(+), 1 deletion(-) create mode 100644 exim-4.89-nsl-fix.patch diff --git a/exim-4.89-nsl-fix.patch b/exim-4.89-nsl-fix.patch new file mode 100644 index 0000000..5c766b8 --- /dev/null +++ b/exim-4.89-nsl-fix.patch @@ -0,0 +1,14 @@ +diff --git a/src/EDITME b/src/EDITME +index 893c50c..b9caf0c 100644 +--- a/src/EDITME ++++ b/src/EDITME +@@ -313,6 +313,9 @@ LOOKUP_PGSQL_LIBS=-lpq + LOOKUP_MYSQL=2 + LOOKUP_NIS=yes + LOOKUP_NISPLUS=yes ++CFLAGS+=-I/usr/include/nsl -I/usr/include/tirpc ++LIBS+=-L/usr/$(_lib)/nsl ++ + # LOOKUP_ORACLE=yes + LOOKUP_PASSWD=yes + LOOKUP_PGSQL=2 diff --git a/exim.spec b/exim.spec index 0a498e9..4475cbe 100644 --- a/exim.spec +++ b/exim.spec @@ -14,7 +14,7 @@ Summary: The exim mail transfer agent Name: exim Version: 4.89 -Release: 9%{?dist} +Release: 10%{?dist} License: GPLv2+ Url: http://www.exim.org/ Group: System Environment/Daemons @@ -73,6 +73,8 @@ Patch30: exim-4.89-mariadb-macro-fix.patch Patch31: exim-4.89-CVE-2017-16943.patch # Upstream ticket: https://bugs.exim.org/show_bug.cgi?id=2201 Patch32: exim-4.89-CVE-2017-16944.patch +# Workaround for NIS removal from glibc, bug 1534920 +Patch33: exim-4.89-nsl-fix.patch Requires: /etc/pki/tls/certs /etc/pki/tls/private Requires: /etc/aliases @@ -85,6 +87,8 @@ BuildRequires: perl-devel BuildRequires: perl-generators BuildRequires: libICE-devel libXpm-devel libXt-devel perl(ExtUtils::Embed) BuildRequires: systemd-units libgsasl-devel +# Workaround for NIS removal from glibc, bug 1534920 +BuildRequires: libnsl2-devel libtirpc-devel %description Exim is a message transfer agent (MTA) developed at the University of @@ -224,6 +228,7 @@ greylisting unconditional. %patch30 -p1 -b .mariadb-macro-fix %patch31 -p1 -b .CVE-2017-16943 %patch32 -p1 -b .CVE-2017-16944 +%patch33 -p1 -b .nsl-fix cp src/EDITME Local/Makefile sed -i 's@^# LOOKUP_MODULE_DIR=.*@LOOKUP_MODULE_DIR=%{_libdir}/exim/%{version}-%{release}/lookups@' Local/Makefile @@ -604,6 +609,10 @@ test "$1" = 0 || %{_initrddir}/clamd.exim condrestart >/dev/null 2>&1 || : %{_sysconfdir}/cron.daily/greylist-tidy.sh %changelog +* Wed Jan 17 2018 Jaroslav Škarvada - 4.89-10 +- Fixed FTBFS due to NIS removal from glibc + Resolves: rhbz#1534920 + * Fri Dec 1 2017 Jaroslav Škarvada - 4.89-9 - Fixed denial of service Resolves: CVE-2017-16944 From d91e74ccfb35b0c482c203ccea68aff3e2a83eca Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bj=C3=B6rn=20Esser?= Date: Sat, 20 Jan 2018 23:06:42 +0100 Subject: [PATCH 166/194] Rebuilt for switch to libxcrypt --- exim.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/exim.spec b/exim.spec index 4475cbe..fcba262 100644 --- a/exim.spec +++ b/exim.spec @@ -14,7 +14,7 @@ Summary: The exim mail transfer agent Name: exim Version: 4.89 -Release: 10%{?dist} +Release: 11%{?dist} License: GPLv2+ Url: http://www.exim.org/ Group: System Environment/Daemons @@ -609,6 +609,9 @@ test "$1" = 0 || %{_initrddir}/clamd.exim condrestart >/dev/null 2>&1 || : %{_sysconfdir}/cron.daily/greylist-tidy.sh %changelog +* Sat Jan 20 2018 Björn Esser - 4.89-11 +- Rebuilt for switch to libxcrypt + * Wed Jan 17 2018 Jaroslav Škarvada - 4.89-10 - Fixed FTBFS due to NIS removal from glibc Resolves: rhbz#1534920 From a4784415a9d611c3142f22d88d2e67723f37d1a1 Mon Sep 17 00:00:00 2001 From: Fedora Release Engineering Date: Wed, 7 Feb 2018 09:04:50 +0000 Subject: [PATCH 167/194] - Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild Signed-off-by: Fedora Release Engineering --- exim.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/exim.spec b/exim.spec index fcba262..9a8c33a 100644 --- a/exim.spec +++ b/exim.spec @@ -14,7 +14,7 @@ Summary: The exim mail transfer agent Name: exim Version: 4.89 -Release: 11%{?dist} +Release: 12%{?dist} License: GPLv2+ Url: http://www.exim.org/ Group: System Environment/Daemons @@ -609,6 +609,9 @@ test "$1" = 0 || %{_initrddir}/clamd.exim condrestart >/dev/null 2>&1 || : %{_sysconfdir}/cron.daily/greylist-tidy.sh %changelog +* Wed Feb 07 2018 Fedora Release Engineering - 4.89-12 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild + * Sat Jan 20 2018 Björn Esser - 4.89-11 - Rebuilt for switch to libxcrypt From 1ced0d0ed3482953626759706342259dbe17b656 Mon Sep 17 00:00:00 2001 From: Igor Gnatenko Date: Wed, 14 Feb 2018 08:00:03 +0100 Subject: [PATCH 168/194] Remove %clean section None of currently supported distributions need that. Last one was EL5 which is EOL for a while. Signed-off-by: Igor Gnatenko --- exim.spec | 3 --- 1 file changed, 3 deletions(-) diff --git a/exim.spec b/exim.spec index 9a8c33a..c7a025b 100644 --- a/exim.spec +++ b/exim.spec @@ -381,9 +381,6 @@ install -m755 %{SOURCE22} $RPM_BUILD_ROOT/%_sysconfdir/cron.daily/greylist-tidy. install -m644 %{SOURCE23} $RPM_BUILD_ROOT/%_sysconfdir/exim/trusted-configs touch $RPM_BUILD_ROOT/%_var/spool/exim/db/greylist.db -%clean -rm -rf $RPM_BUILD_ROOT - %pre %{_sbindir}/groupadd -g 93 exim 2>/dev/null %{_sbindir}/useradd -d %{_var}/spool/exim -s /sbin/nologin -G mail -M -r -u 93 -g exim exim 2>/dev/null From 35e86f70201a4485b75b3f65049cb444a7284f2e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jaroslav=20=C5=A0karvada?= Date: Wed, 14 Feb 2018 12:27:01 +0100 Subject: [PATCH 169/194] New version Resolves: rhbz#1527710 Fixed buffer overflow in utility function Resolves: CVE-2018-6789 Updated and defuzzified patches Dropped mariadb-macro-fix patch (not needed) Dropped CVE-2017-1000369, calloutsize, CVE-2017-16943, CVE-2017-16944 patches (all upstreamed) --- .gitignore | 1 + exim-4.89-CVE-2017-1000369.patch | 37 -- exim-4.89-CVE-2017-16943.patch | 27 - exim-4.89-CVE-2017-16944.patch | 41 -- exim-4.89-calloutsize.patch | 524 ------------------ exim-4.89-mariadb-macro-fix.patch | 73 --- ...er.patch => exim-4.90.1-allow-filter.patch | 4 +- ...9-config.patch => exim-4.90.1-config.patch | 48 +- ....88-cyrus.patch => exim-4.90.1-cyrus.patch | 4 +- ...atch => exim-4.90.1-dlopen-localscan.patch | 16 +- ...atch => exim-4.90.1-dynlookup-config.patch | 7 +- ...ent.patch => exim-4.90.1-environment.patch | 3 +- ...f.patch => exim-4.90.1-greylist-conf.patch | 14 +- ...nsl-fix.patch => exim-4.90.1-nsl-fix.patch | 6 +- ...onfig.patch => exim-4.90.1-pamconfig.patch | 14 +- ...ocmail.patch => exim-4.90.1-procmail.patch | 6 +- exim-4.88-rhl.patch => exim-4.90.1-rhl.patch | 6 +- ...atch => exim-4.90.1-smarthost-config.patch | 8 +- ...dconf.patch => exim-4.90.1-spamdconf.patch | 21 +- exim.spec | 57 +- sources | 2 +- 21 files changed, 108 insertions(+), 811 deletions(-) delete mode 100644 exim-4.89-CVE-2017-1000369.patch delete mode 100644 exim-4.89-CVE-2017-16943.patch delete mode 100644 exim-4.89-CVE-2017-16944.patch delete mode 100644 exim-4.89-calloutsize.patch delete mode 100644 exim-4.89-mariadb-macro-fix.patch rename exim-4.88-allow-filter.patch => exim-4.90.1-allow-filter.patch (81%) rename exim-4.89-config.patch => exim-4.90.1-config.patch (89%) rename exim-4.88-cyrus.patch => exim-4.90.1-cyrus.patch (90%) rename exim-4.89-dlopen-localscan.patch => exim-4.90.1-dlopen-localscan.patch (96%) rename exim-4.87-dynlookup-config.patch => exim-4.90.1-dynlookup-config.patch (80%) rename exim-4.89-environment.patch => exim-4.90.1-environment.patch (82%) rename exim-4.88-greylist-conf.patch => exim-4.90.1-greylist-conf.patch (94%) rename exim-4.89-nsl-fix.patch => exim-4.90.1-nsl-fix.patch (72%) rename exim-4.88-pamconfig.patch => exim-4.90.1-pamconfig.patch (88%) rename exim-4.88-procmail.patch => exim-4.90.1-procmail.patch (90%) rename exim-4.88-rhl.patch => exim-4.90.1-rhl.patch (84%) rename exim-4.88-smarthost-config.patch => exim-4.90.1-smarthost-config.patch (92%) rename exim-4.87-spamdconf.patch => exim-4.90.1-spamdconf.patch (94%) diff --git a/.gitignore b/.gitignore index f059899..5410835 100644 --- a/.gitignore +++ b/.gitignore @@ -1,2 +1,3 @@ exim-*.tar.bz2 /exim-4.89.tar.xz +/exim-4.90.1.tar.xz diff --git a/exim-4.89-CVE-2017-1000369.patch b/exim-4.89-CVE-2017-1000369.patch deleted file mode 100644 index fd1e7f3..0000000 --- a/exim-4.89-CVE-2017-1000369.patch +++ /dev/null @@ -1,37 +0,0 @@ -diff --git a/src/exim.c b/src/exim.c -index a6a1ea8..394bf84 100644 ---- a/src/exim.c -+++ b/src/exim.c -@@ -3092,7 +3092,14 @@ for (i = 1; i < argc; i++) - - /* -oMr: Received protocol */ - -- else if (Ustrcmp(argrest, "Mr") == 0) received_protocol = argv[++i]; -+ else if (Ustrcmp(argrest, "Mr") == 0) -+ -+ if (received_protocol) -+ { -+ fprintf(stderr, "received_protocol is set already\n"); -+ exit(EXIT_FAILURE); -+ } -+ else received_protocol = argv[++i]; - - /* -oMs: Set sender host name */ - -@@ -3188,7 +3195,15 @@ for (i = 1; i < argc; i++) - - if (*argrest != 0) - { -- uschar *hn = Ustrchr(argrest, ':'); -+ uschar *hn; -+ -+ if (received_protocol) -+ { -+ fprintf(stderr, "received_protocol is set already\n"); -+ exit(EXIT_FAILURE); -+ } -+ -+ hn = Ustrchr(argrest, ':'); - if (hn == NULL) - { - received_protocol = argrest; diff --git a/exim-4.89-CVE-2017-16943.patch b/exim-4.89-CVE-2017-16943.patch deleted file mode 100644 index bd3468d..0000000 --- a/exim-4.89-CVE-2017-16943.patch +++ /dev/null @@ -1,27 +0,0 @@ -diff --git a/src/receive.c b/src/receive.c -index 7980c32..3246621 100644 ---- a/src/receive.c -+++ b/src/receive.c -@@ -1772,8 +1772,8 @@ for (;;) - (and sometimes lunatic messages can have ones that are 100s of K long) we - call store_release() for strings that have been copied - if the string is at - the start of a block (and therefore the only thing in it, because we aren't -- doing any other gets), the block gets freed. We can only do this because we -- know there are no other calls to store_get() going on. */ -+ doing any other gets), the block gets freed. We can only do this release if -+ there were no allocations since the once that we want to free. */ - - if (ptr >= header_size - 4) - { -@@ -1782,9 +1782,10 @@ for (;;) - header_size *= 2; - if (!store_extend(next->text, oldsize, header_size)) - { -+ BOOL release_ok = store_last_get[store_pool] == next->text; - uschar *newtext = store_get(header_size); - memcpy(newtext, next->text, ptr); -- store_release(next->text); -+ if (release_ok) store_release(next->text); - next->text = newtext; - } - } diff --git a/exim-4.89-CVE-2017-16944.patch b/exim-4.89-CVE-2017-16944.patch deleted file mode 100644 index 81e8032..0000000 --- a/exim-4.89-CVE-2017-16944.patch +++ /dev/null @@ -1,41 +0,0 @@ -diff --git a/src/receive.c b/src/receive.c -index 3246621..f19c8b9 100644 ---- a/src/receive.c -+++ b/src/receive.c -@@ -1827,7 +1827,7 @@ for (;;) - prevent further reading), and break out of the loop, having freed the - empty header, and set next = NULL to indicate no data line. */ - -- if (ptr == 0 && ch == '.' && (smtp_input || dot_ends)) -+ if (ptr == 0 && ch == '.' && dot_ends) - { - ch = (receive_getc)(GETC_BUFFER_UNLIMITED); - if (ch == '\r') -diff --git a/src/smtp_in.c b/src/smtp_in.c -index 1b45f84..0207540 100644 ---- a/src/smtp_in.c -+++ b/src/smtp_in.c -@@ -4955,16 +4955,23 @@ while (done <= 0) - DEBUG(D_receive) debug_printf("chunking state %d, %d bytes\n", - (int)chunking_state, chunking_data_left); - -+ /* push the current receive_* function on the "stack", and -+ replace them by bdat_getc(), which in turn will use the lwr_receive_* -+ functions to do the dirty work. */ - lwr_receive_getc = receive_getc; - lwr_receive_ungetc = receive_ungetc; -+ - receive_getc = bdat_getc; - receive_ungetc = bdat_ungetc; - -+ dot_ends = FALSE; -+ - goto DATA_BDAT; - } - - case DATA_CMD: - HAD(SCH_DATA); -+ dot_ends = TRUE; - - DATA_BDAT: /* Common code for DATA and BDAT */ - if (!discarded && recipients_count <= 0) diff --git a/exim-4.89-calloutsize.patch b/exim-4.89-calloutsize.patch deleted file mode 100644 index 02f8aba..0000000 --- a/exim-4.89-calloutsize.patch +++ /dev/null @@ -1,524 +0,0 @@ ---- exim-4.89/src/exim.c.calloutsize 2017-03-04 16:21:35.000000000 -0500 -+++ exim-4.89/src/exim.c 2017-08-16 15:52:41.424866990 -0400 -@@ -2738,7 +2738,7 @@ - /* -MCD: set the smtp_use_dsn flag; this indicates that the host - that exim is connected to supports the esmtp extension DSN */ - -- case 'D': smtp_peer_options |= PEER_OFFERED_DSN; break; -+ case 'D': smtp_peer_options |= OPTION_DSN; break; - - /* -MCG: set the queue name, to a non-default value */ - -@@ -2748,12 +2748,12 @@ - - /* -MCK: the peer offered CHUNKING. Must precede -MC */ - -- case 'K': smtp_peer_options |= PEER_OFFERED_CHUNKING; break; -+ case 'K': smtp_peer_options |= OPTION_CHUNKING; break; - - /* -MCP: set the smtp_use_pipelining flag; this is useful only when - it preceded -MC (see above) */ - -- case 'P': smtp_peer_options |= PEER_OFFERED_PIPE; break; -+ case 'P': smtp_peer_options |= OPTION_PIPE; break; - - /* -MCQ: pass on the pid of the queue-running process that started - this chain of deliveries and the fd of its synchronizing pipe; this -@@ -2768,14 +2768,14 @@ - /* -MCS: set the smtp_use_size flag; this is useful only when it - precedes -MC (see above) */ - -- case 'S': smtp_peer_options |= PEER_OFFERED_SIZE; break; -+ case 'S': smtp_peer_options |= OPTION_SIZE; break; - - #ifdef SUPPORT_TLS - /* -MCT: set the tls_offered flag; this is useful only when it - precedes -MC (see above). The flag indicates that the host to which - Exim is connected has offered TLS support. */ - -- case 'T': smtp_peer_options |= PEER_OFFERED_TLS; break; -+ case 'T': smtp_peer_options |= OPTION_TLS; break; - #endif - - default: badarg = TRUE; break; ---- exim-4.89/src/macros.h.calloutsize 2017-03-04 16:21:35.000000000 -0500 -+++ exim-4.89/src/macros.h 2017-08-16 15:38:52.876969094 -0400 -@@ -959,14 +959,14 @@ - - /* Codes for ESMTP facilities offered by peer */ - --#define PEER_OFFERED_TLS BIT(0) --#define PEER_OFFERED_IGNQ BIT(1) --#define PEER_OFFERED_PRDR BIT(2) --#define PEER_OFFERED_UTF8 BIT(3) --#define PEER_OFFERED_DSN BIT(4) --#define PEER_OFFERED_PIPE BIT(5) --#define PEER_OFFERED_SIZE BIT(6) --#define PEER_OFFERED_CHUNKING BIT(7) -+#define OPTION_TLS BIT(0) -+#define OPTION_IGNQ BIT(1) -+#define OPTION_PRDR BIT(2) -+#define OPTION_UTF8 BIT(3) -+#define OPTION_DSN BIT(4) -+#define OPTION_PIPE BIT(5) -+#define OPTION_SIZE BIT(6) -+#define OPTION_CHUNKING BIT(7) - - /* Argument for *_getc */ - ---- exim-4.89/src/transport.c.calloutsize 2017-08-16 15:38:52.876969094 -0400 -+++ exim-4.89/src/transport.c 2017-08-16 15:55:23.681414193 -0400 -@@ -1976,13 +1976,12 @@ - argv = CUSS child_exec_exim(CEE_RETURN_ARGV, TRUE, &i, FALSE, 0); - - if (smtp_authenticated) argv[i++] = US"-MCA"; -- -- if (smtp_peer_options & PEER_OFFERED_CHUNKING) argv[i++] = US"-MCK"; -- if (smtp_peer_options & PEER_OFFERED_DSN) argv[i++] = US"-MCD"; -- if (smtp_peer_options & PEER_OFFERED_PIPE) argv[i++] = US"-MCP"; -- if (smtp_peer_options & PEER_OFFERED_SIZE) argv[i++] = US"-MCS"; -+ if (smtp_peer_options & OPTION_CHUNKING) argv[i++] = US"-MCK"; -+ if (smtp_peer_options & OPTION_DSN) argv[i++] = US"-MCD"; -+ if (smtp_peer_options & OPTION_PIPE) argv[i++] = US"-MCP"; -+ if (smtp_peer_options & OPTION_SIZE) argv[i++] = US"-MCS"; - #ifdef SUPPORT_TLS -- if (smtp_peer_options & PEER_OFFERED_TLS) argv[i++] = US"-MCT"; -+ if (smtp_peer_options & OPTION_TLS) argv[i++] = US"-MCT"; - #endif - - if (queue_run_pid != (pid_t)0) ---- exim-4.89/src/transports/smtp.c.calloutsize 2017-03-04 16:21:35.000000000 -0500 -+++ exim-4.89/src/transports/smtp.c 2017-08-16 16:08:51.572126172 -0400 -@@ -1291,44 +1291,44 @@ - size_t bsize = Ustrlen(buf); - - #ifdef SUPPORT_TLS --if ( checks & PEER_OFFERED_TLS -+if ( checks & OPTION_TLS - && pcre_exec(regex_STARTTLS, NULL, CS buf, bsize, 0, PCRE_EOPT, NULL, 0) < 0) -- checks &= ~PEER_OFFERED_TLS; -+ checks &= ~OPTION_TLS; - #endif - --if ( checks & PEER_OFFERED_IGNQ -+if ( checks & OPTION_IGNQ - && pcre_exec(regex_IGNOREQUOTA, NULL, CS buf, bsize, 0, - PCRE_EOPT, NULL, 0) < 0) -- checks &= ~PEER_OFFERED_IGNQ; -+ checks &= ~OPTION_IGNQ; - --if ( checks & PEER_OFFERED_CHUNKING -+if ( checks & OPTION_CHUNKING - && pcre_exec(regex_CHUNKING, NULL, CS buf, bsize, 0, PCRE_EOPT, NULL, 0) < 0) -- checks &= ~PEER_OFFERED_CHUNKING; -+ checks &= ~OPTION_CHUNKING; - - #ifndef DISABLE_PRDR --if ( checks & PEER_OFFERED_PRDR -+if ( checks & OPTION_PRDR - && pcre_exec(regex_PRDR, NULL, CS buf, bsize, 0, PCRE_EOPT, NULL, 0) < 0) -- checks &= ~PEER_OFFERED_PRDR; -+ checks &= ~OPTION_PRDR; - #endif - - #ifdef SUPPORT_I18N --if ( checks & PEER_OFFERED_UTF8 -+if ( checks & OPTION_UTF8 - && pcre_exec(regex_UTF8, NULL, CS buf, bsize, 0, PCRE_EOPT, NULL, 0) < 0) -- checks &= ~PEER_OFFERED_UTF8; -+ checks &= ~OPTION_UTF8; - #endif - --if ( checks & PEER_OFFERED_DSN -+if ( checks & OPTION_DSN - && pcre_exec(regex_DSN, NULL, CS buf, bsize, 0, PCRE_EOPT, NULL, 0) < 0) -- checks &= ~PEER_OFFERED_DSN; -+ checks &= ~OPTION_DSN; - --if ( checks & PEER_OFFERED_PIPE -+if ( checks & OPTION_PIPE - && pcre_exec(regex_PIPELINING, NULL, CS buf, bsize, 0, - PCRE_EOPT, NULL, 0) < 0) -- checks &= ~PEER_OFFERED_PIPE; -+ checks &= ~OPTION_PIPE; - --if ( checks & PEER_OFFERED_SIZE -+if ( checks & OPTION_SIZE - && pcre_exec(regex_SIZE, NULL, CS buf, bsize, 0, PCRE_EOPT, NULL, 0) < 0) -- checks &= ~PEER_OFFERED_SIZE; -+ checks &= ~OPTION_SIZE; - - return checks; - } -@@ -1479,6 +1479,7 @@ - - if ((sx->max_rcpt = sx->tblock->max_addresses) == 0) sx->max_rcpt = 999999; - sx->peer_offered = 0; -+sx->avoid_option = 0; - sx->igquotstr = US""; - if (!sx->helo_data) sx->helo_data = sx->ob->helo_data; - #ifdef EXPERIMENTAL_DSN_INFO -@@ -1715,7 +1716,7 @@ - #ifdef SUPPORT_TLS - if (sx->smtps) - { -- smtp_peer_options |= PEER_OFFERED_TLS; -+ smtp_peer_options |= OPTION_TLS; - suppress_tls = FALSE; - sx->ob->tls_tempfail_tryclear = FALSE; - smtp_command = US"SSL-on-connect"; -@@ -1780,18 +1781,18 @@ - } - } - -- sx->peer_offered = smtp_peer_options = 0; -+ sx->avoid_option = sx->peer_offered = smtp_peer_options = 0; - - if (sx->esmtp || sx->lmtp) - { - sx->peer_offered = ehlo_response(sx->buffer, -- PEER_OFFERED_TLS /* others checked later */ -+ OPTION_TLS /* others checked later */ - ); - - /* Set tls_offered if the response to EHLO specifies support for STARTTLS. */ - - #ifdef SUPPORT_TLS -- smtp_peer_options |= sx->peer_offered & PEER_OFFERED_TLS; -+ smtp_peer_options |= sx->peer_offered & OPTION_TLS; - #endif - } - } -@@ -1825,7 +1826,7 @@ - for error analysis. */ - - #ifdef SUPPORT_TLS --if ( smtp_peer_options & PEER_OFFERED_TLS -+if ( smtp_peer_options & OPTION_TLS - && !suppress_tls - && verify_check_given_host(&sx->ob->hosts_avoid_tls, sx->host) != OK - && ( !sx->verify -@@ -1970,7 +1971,7 @@ - { - errno = ERRNO_TLSREQUIRED; - message = string_sprintf("a TLS session is required, but %s", -- smtp_peer_options & PEER_OFFERED_TLS -+ smtp_peer_options & OPTION_TLS - ? "an attempt to start TLS failed" : "the server did not offer TLS support"); - goto TLS_FAILED; - } -@@ -1991,60 +1992,60 @@ - { - sx->peer_offered = ehlo_response(sx->buffer, - 0 /* no TLS */ -- | (sx->lmtp && sx->ob->lmtp_ignore_quota ? PEER_OFFERED_IGNQ : 0) -- | PEER_OFFERED_CHUNKING -- | PEER_OFFERED_PRDR -+ | (sx->lmtp && sx->ob->lmtp_ignore_quota ? OPTION_IGNQ : 0) -+ | OPTION_CHUNKING -+ | OPTION_PRDR - #ifdef SUPPORT_I18N -- | (sx->addrlist->prop.utf8_msg ? PEER_OFFERED_UTF8 : 0) -+ | (sx->addrlist->prop.utf8_msg ? OPTION_UTF8 : 0) - /*XXX if we hand peercaps on to continued-conn processes, - must not depend on this addr */ - #endif -- | PEER_OFFERED_DSN -- | PEER_OFFERED_PIPE -- | (sx->ob->size_addition >= 0 ? PEER_OFFERED_SIZE : 0) -+ | OPTION_DSN -+ | OPTION_PIPE -+ | (sx->ob->size_addition >= 0 ? OPTION_SIZE : 0) - ); - - /* Set for IGNOREQUOTA if the response to LHLO specifies support and the - lmtp_ignore_quota option was set. */ - -- sx->igquotstr = sx->peer_offered & PEER_OFFERED_IGNQ ? US" IGNOREQUOTA" : US""; -+ sx->igquotstr = sx->peer_offered & OPTION_IGNQ ? US" IGNOREQUOTA" : US""; - - /* If the response to EHLO specified support for the SIZE parameter, note - this, provided size_addition is non-negative. */ - -- smtp_peer_options |= sx->peer_offered & PEER_OFFERED_SIZE; -+ smtp_peer_options |= sx->peer_offered & OPTION_SIZE; - - /* Note whether the server supports PIPELINING. If hosts_avoid_esmtp matched - the current host, esmtp will be false, so PIPELINING can never be used. If - the current host matches hosts_avoid_pipelining, don't do it. */ - -- if ( sx->peer_offered & PEER_OFFERED_PIPE -+ if ( sx->peer_offered & OPTION_PIPE - && verify_check_given_host(&sx->ob->hosts_avoid_pipelining, sx->host) != OK) -- smtp_peer_options |= PEER_OFFERED_PIPE; -+ smtp_peer_options |= OPTION_PIPE; - - DEBUG(D_transport) debug_printf("%susing PIPELINING\n", -- smtp_peer_options & PEER_OFFERED_PIPE ? "" : "not "); -+ smtp_peer_options & OPTION_PIPE ? "" : "not "); - -- if ( sx->peer_offered & PEER_OFFERED_CHUNKING -+ if ( sx->peer_offered & OPTION_CHUNKING - && verify_check_given_host(&sx->ob->hosts_try_chunking, sx->host) != OK) -- sx->peer_offered &= ~PEER_OFFERED_CHUNKING; -+ sx->peer_offered &= ~OPTION_CHUNKING; - -- if (sx->peer_offered & PEER_OFFERED_CHUNKING) -+ if (sx->peer_offered & OPTION_CHUNKING) - {DEBUG(D_transport) debug_printf("CHUNKING usable\n");} - - #ifndef DISABLE_PRDR -- if ( sx->peer_offered & PEER_OFFERED_PRDR -+ if ( sx->peer_offered & OPTION_PRDR - && verify_check_given_host(&sx->ob->hosts_try_prdr, sx->host) != OK) -- sx->peer_offered &= ~PEER_OFFERED_PRDR; -+ sx->peer_offered &= ~OPTION_PRDR; - -- if (sx->peer_offered & PEER_OFFERED_PRDR) -+ if (sx->peer_offered & OPTION_PRDR) - {DEBUG(D_transport) debug_printf("PRDR usable\n");} - #endif - - /* Note if the server supports DSN */ -- smtp_peer_options |= sx->peer_offered & PEER_OFFERED_DSN; -+ smtp_peer_options |= sx->peer_offered & OPTION_DSN; - DEBUG(D_transport) debug_printf("%susing DSN\n", -- sx->peer_offered & PEER_OFFERED_DSN ? "" : "not "); -+ sx->peer_offered & OPTION_DSN ? "" : "not "); - - /* Note if the response to EHLO specifies support for the AUTH extension. - If it has, check that this host is one we want to authenticate to, and do -@@ -2061,7 +2062,7 @@ - } - } - } --pipelining_active = !!(smtp_peer_options & PEER_OFFERED_PIPE); -+pipelining_active = !!(smtp_peer_options & OPTION_PIPE); - - /* The setting up of the SMTP call is now complete. Any subsequent errors are - message-specific. */ -@@ -2079,7 +2080,7 @@ - } - - /* If this is an international message we need the host to speak SMTPUTF8 */ --if (sx->utf8_needed && !(sx->peer_offered & PEER_OFFERED_UTF8)) -+if (sx->utf8_needed && !(sx->peer_offered & OPTION_UTF8)) - { - errno = ERRNO_UTF8_FWD; - goto RESPONSE_FAILED; -@@ -2202,14 +2203,15 @@ - - *p = 0; - --/* If we know the receiving MTA supports the SIZE qualification, -+/* If we know the receiving MTA supports the SIZE qualification, and we know it, - send it, adding something to the message size to allow for imprecision - and things that get added en route. Exim keeps the number of lines - in a message, so we can give an accurate value for the original message, but we - need some additional to handle added headers. (Double "." characters don't get - included in the count.) */ - --if (sx->peer_offered & PEER_OFFERED_SIZE) -+if ( message_size > 0 -+ && sx->peer_offered & OPTION_SIZE && !(sx->avoid_option & OPTION_SIZE)) - { - sprintf(CS p, " SIZE=%d", message_size+message_linecount+sx->ob->size_addition); - while (*p) p++; -@@ -2220,7 +2222,7 @@ - request that */ - - sx->prdr_active = FALSE; --if (sx->peer_offered & PEER_OFFERED_PRDR) -+if (sx->peer_offered & OPTION_PRDR) - for (addr = addrlist; addr; addr = addr->next) - if (addr->transport_return == PENDING_DEFER) - { -@@ -2239,7 +2241,7 @@ - /* If it supports internationalised messages, and this meesage need that, - request it */ - --if ( sx->peer_offered & PEER_OFFERED_UTF8 -+if ( sx->peer_offered & OPTION_UTF8 - && addrlist->prop.utf8_msg - && !addrlist->prop.utf8_downcvt - ) -@@ -2261,7 +2263,7 @@ - - /* Add any DSN flags to the mail command */ - --if (sx->peer_offered & PEER_OFFERED_DSN && !sx->dsn_all_lasthop) -+if (sx->peer_offered & OPTION_DSN && !sx->dsn_all_lasthop) - { - if (dsn_ret == dsn_ret_hdrs) - { Ustrcpy(p, " RET=HDRS"); p += 9; } -@@ -2297,7 +2299,7 @@ - - /* Add any DSN flags to the rcpt command */ - --if (sx->peer_offered & PEER_OFFERED_DSN && !(addr->dsn_flags & rf_dsnlasthop)) -+if (sx->peer_offered & OPTION_DSN && !(addr->dsn_flags & rf_dsnlasthop)) - { - if (addr->dsn_flags & rf_dsnflags) - { -@@ -2367,7 +2369,7 @@ - the delivery log line. */ - - if ( sx->addrlist->prop.utf8_msg -- && (sx->addrlist->prop.utf8_downcvt || !(sx->peer_offered & PEER_OFFERED_UTF8)) -+ && (sx->addrlist->prop.utf8_downcvt || !(sx->peer_offered & OPTION_UTF8)) - ) - { - if (s = string_address_utf8_to_alabel(s, &errstr), errstr) -@@ -2431,7 +2433,7 @@ - BOOL no_flush; - uschar * rcpt_addr; - -- addr->dsn_aware = sx->peer_offered & PEER_OFFERED_DSN -+ addr->dsn_aware = sx->peer_offered & OPTION_DSN - ? dsn_support_yes : dsn_support_no; - - address_count++; -@@ -2594,10 +2596,10 @@ - if ( transport_filter_argv - && *transport_filter_argv - && **transport_filter_argv -- && sx.peer_offered & PEER_OFFERED_CHUNKING -+ && sx.peer_offered & OPTION_CHUNKING - ) - { -- sx.peer_offered &= ~PEER_OFFERED_CHUNKING; -+ sx.peer_offered &= ~OPTION_CHUNKING; - DEBUG(D_transport) debug_printf("CHUNKING not usable due to transport filter\n"); - } - } -@@ -2656,7 +2658,7 @@ - If using CHUNKING, do not send a BDAT until we know how big a chunk we want - to send is. */ - --if ( !(sx.peer_offered & PEER_OFFERED_CHUNKING) -+if ( !(sx.peer_offered & OPTION_CHUNKING) - && (sx.ok || (pipelining_active && !mua_wrapper))) - { - int count = smtp_write_command(&sx.outblock, FALSE, "DATA\r\n"); -@@ -2686,7 +2688,7 @@ - well as body. Set the appropriate timeout value to be used for each chunk. - (Haven't been able to make it work using select() for writing yet.) */ - --if (!(sx.peer_offered & PEER_OFFERED_CHUNKING) && !sx.ok) -+if (!(sx.peer_offered & OPTION_CHUNKING) && !sx.ok) - { - /* Save the first address of the next batch. */ - sx.first_addr = sx.next_addr; -@@ -2712,7 +2714,7 @@ - of responses. The callback needs a whole bunch of state so set up - a transport-context structure to be passed around. */ - -- if (sx.peer_offered & PEER_OFFERED_CHUNKING) -+ if (sx.peer_offered & OPTION_CHUNKING) - { - tctx.check_string = tctx.escape_string = NULL; - tctx.options |= topt_use_bdat; -@@ -2737,7 +2739,7 @@ - transport_write_timeout = sx.ob->data_timeout; - smtp_command = US"sending data block"; /* For error messages */ - DEBUG(D_transport|D_v) -- if (sx.peer_offered & PEER_OFFERED_CHUNKING) -+ if (sx.peer_offered & OPTION_CHUNKING) - debug_printf(" will write message using CHUNKING\n"); - else - debug_printf(" SMTP>> writing message and terminating \".\"\n"); -@@ -2771,7 +2773,7 @@ - - smtp_command = US"end of data"; - -- if (sx.peer_offered & PEER_OFFERED_CHUNKING && sx.cmd_count > 1) -+ if (sx.peer_offered & OPTION_CHUNKING && sx.cmd_count > 1) - { - /* Reap any outstanding MAIL & RCPT commands, but not a DATA-go-ahead */ - switch(sync_responses(&sx, sx.cmd_count-1, 0)) -@@ -2926,7 +2928,7 @@ - #ifndef DISABLE_PRDR - if (sx.prdr_active) addr->flags |= af_prdr_used; - #endif -- if (sx.peer_offered & PEER_OFFERED_CHUNKING) addr->flags |= af_chunking_used; -+ if (sx.peer_offered & OPTION_CHUNKING) addr->flags |= af_chunking_used; - flag = '-'; - - #ifndef DISABLE_PRDR ---- exim-4.89/src/transports/smtp.h.calloutsize 2017-03-04 16:21:35.000000000 -0500 -+++ exim-4.89/src/transports/smtp.h 2017-08-16 15:38:52.877969104 -0400 -@@ -127,6 +127,7 @@ - int cmd_count; - - uschar peer_offered; -+ uschar avoid_option; - uschar * igquotstr; - uschar * helo_data; - #ifdef EXPERIMENTAL_DSN_INFO ---- exim-4.89/src/verify.c.calloutsize 2017-03-04 16:21:35.000000000 -0500 -+++ exim-4.89/src/verify.c 2017-08-16 15:51:37.913261370 -0400 -@@ -779,8 +779,12 @@ - postmaster-verify. - The sync_responses() would need to be taught about it and we'd - need another return code filtering out to here. -+ -+ Avoid using a SIZE option on the MAIL for all randon-rcpt checks. - */ - -+ sx.avoid_option = OPTION_SIZE; -+ - /* Remember when we last did a random test */ - new_domain_record.random_stamp = time(NULL); - -@@ -790,8 +794,9 @@ - case PENDING_OK: - new_domain_record.random_result = ccache_accept; - break; -- case FAIL: -+ case FAIL: /* the preferred result */ - new_domain_record.random_result = ccache_reject; -+ sx.avoid_option = 0; - - /* Between each check, issue RSET, because some servers accept only - one recipient after MAIL FROM:<>. -@@ -836,12 +841,14 @@ - else - done = TRUE; - -- /* Main verify. If the host is accepting all local parts, as determined -- by the "random" check, we don't need to waste time doing any further -- checking. */ -+ /* Main verify. For rcpt-verify use SIZE if we know it and we're not cacheing; -+ for sndr-verify never use it. */ - - if (done) - { -+ if (!(options & vopt_is_recipient && options & vopt_callout_no_cache)) -+ sx.avoid_option = OPTION_SIZE; -+ - done = FALSE; - switch(smtp_write_mail_and_rcpt_cmds(&sx, &yield)) - { -@@ -850,12 +857,12 @@ - case PENDING_OK: done = TRUE; - new_address_record.result = ccache_accept; - break; -- case FAIL: done = TRUE; -+ case FAIL: done = TRUE; - yield = FAIL; - *failure_ptr = US"recipient"; - new_address_record.result = ccache_reject; - break; -- default: break; -+ default: break; - } - break; - -@@ -908,6 +915,7 @@ - sx.ok = FALSE; - sx.send_rset = TRUE; - sx.completed_addr = FALSE; -+ sx.avoid_option = OPTION_SIZE; - - if( smtp_write_mail_and_rcpt_cmds(&sx, &yield) == 0 - && addr->transport_return == PENDING_OK diff --git a/exim-4.89-mariadb-macro-fix.patch b/exim-4.89-mariadb-macro-fix.patch deleted file mode 100644 index c5b9266..0000000 --- a/exim-4.89-mariadb-macro-fix.patch +++ /dev/null @@ -1,73 +0,0 @@ -diff --git a/src/lookups/mysql.c b/src/lookups/mysql.c -index 5cf15af..b5133bc 100644 ---- a/src/lookups/mysql.c -+++ b/src/lookups/mysql.c -@@ -14,6 +14,53 @@ functions. */ - - #include /* The system header */ - -+/* We define symbols for *_VERSION_ID (numeric), *_VERSION_STR (char*) -+and *_BASE_STR (char*). It's a bit of guesswork. Especially for mariadb -+with versions before 10.2, as they do not define there there specific symbols. -+*/ -+ -+// Newer (>= 10.2) MariaDB -+#if defined MARIADB_VERSION_ID -+#define EXIM_MxSQL_VERSION_ID MARIADB_VERSION_ID -+ -+// MySQL defines MYSQL_VERSION_ID, and MariaDB does so -+// https://dev.mysql.com/doc/refman/5.7/en/c-api-server-client-versions.html -+#elif defined LIBMYSQL_VERSION_ID -+#define EXIM_MxSQL_VERSION_ID LIBMYSQL_VERSION_ID -+#elif defined MYSQL_VERSION_ID -+#define EXIM_MxSQL_VERSION_ID MYSQL_VERSION_ID -+ -+#else -+#define EXIM_MYSQL_VERSION_ID 0 -+#endif -+ -+// Newer (>= 10.2) MariaDB -+#ifdef MARIADB_CLIENT_VERSION_STR -+#define EXIM_MxSQL_VERSION_STR MARIADB_CLIENT_VERSION_STR -+ -+// Mysql uses MYSQL_SERVER_VERSION -+#elif defined LIBMYSQL_VERSION -+#define EXIM_MxSQL_VERSION_STR LIBMYSQL_VERSION -+#elif defined MYSQL_SERVER_VERSION -+#define EXIM_MxSQL_VERSION_STR MYSQL_SERVER_VERSION -+ -+#else -+#define EXIM_MxSQL_VERSION_STR "N.A." -+#endif -+ -+#if defined MARIADB_BASE_VERSION -+#define EXIM_MxSQL_BASE_STR MARIADB_BASE_VERSION -+ -+#elif defined MARIADB_PACKAGE_VERSION -+#define EXIM_MxSQL_BASE_STR "mariadb" -+ -+#elif defined MYSQL_BASE_VERSION -+#define EXIM_MxSQL_BASE_STR MYSQL_BASE_VERSION -+ -+#else -+#define EXIM_MxSQL_BASE_STR "n.A." -+#endif -+ - - /* Structure and anchor for caching connections. */ - -@@ -432,10 +479,10 @@ return quoted; - void - mysql_version_report(FILE *f) - { --fprintf(f, "Library version: MySQL: Compile: %s [%s]\n" -- " Runtime: %s\n", -- MYSQL_SERVER_VERSION, MYSQL_COMPILATION_COMMENT, -- mysql_get_client_info()); -+fprintf(f, "Library version: MySQL: Compile: %lu %s [%s]\n" -+ " Runtime: %lu %s\n", -+ (long)EXIM_MxSQL_VERSION_ID, EXIM_MxSQL_VERSION_STR, EXIM_MxSQL_BASE_STR, -+ mysql_get_client_version(), mysql_get_client_info()); - #ifdef DYNLOOKUP - fprintf(f, " Exim version %s\n", EXIM_VERSION_STR); - #endif diff --git a/exim-4.88-allow-filter.patch b/exim-4.90.1-allow-filter.patch similarity index 81% rename from exim-4.88-allow-filter.patch rename to exim-4.90.1-allow-filter.patch index c579f40..644d6fa 100644 --- a/exim-4.88-allow-filter.patch +++ b/exim-4.90.1-allow-filter.patch @@ -1,8 +1,8 @@ diff --git a/src/configure.default b/src/configure.default -index 1e3c63f..0e7854c 100644 +index 2cce34b..50e9236 100644 --- a/src/configure.default +++ b/src/configure.default -@@ -724,7 +724,7 @@ userforward: +@@ -727,7 +727,7 @@ userforward: # local_part_suffix = +* : -* # local_part_suffix_optional file = $home/.forward diff --git a/exim-4.89-config.patch b/exim-4.90.1-config.patch similarity index 89% rename from exim-4.89-config.patch rename to exim-4.90.1-config.patch index f9587c3..c156cd7 100644 --- a/exim-4.89-config.patch +++ b/exim-4.90.1-config.patch @@ -1,8 +1,8 @@ diff --git a/scripts/Configure-Makefile b/scripts/Configure-Makefile -index 3e486a6..6c4afec 100755 +index 2af1927..e461505 100755 --- a/scripts/Configure-Makefile +++ b/scripts/Configure-Makefile -@@ -269,7 +269,7 @@ if [ "${EXIM_PERL}" != "" ] ; then +@@ -296,7 +296,7 @@ if [ "${EXIM_PERL}" != "" ] ; then mv $mft $mftt echo "PERL_CC=`$PERL_COMMAND -MConfig -e 'print $Config{cc}'`" >>$mft @@ -12,7 +12,7 @@ index 3e486a6..6c4afec 100755 echo "" >>$mft cat $mftt >> $mft diff --git a/src/EDITME b/src/EDITME -index df74aac..7065c0c 100644 +index 72e26ce..0bd97f1 100644 --- a/src/EDITME +++ b/src/EDITME @@ -98,7 +98,7 @@ @@ -51,7 +51,7 @@ index df74aac..7065c0c 100644 # Many sites define a user called "exim", with an appropriate default group, # and use -@@ -232,7 +232,7 @@ TRANSPORT_SMTP=yes +@@ -237,7 +237,7 @@ TRANSPORT_SMTP=yes # This one is special-purpose, and commonly not required, so it is not # included by default. @@ -60,7 +60,7 @@ index df74aac..7065c0c 100644 #------------------------------------------------------------------------------ -@@ -241,9 +241,9 @@ TRANSPORT_SMTP=yes +@@ -246,9 +246,9 @@ TRANSPORT_SMTP=yes # MBX, is included only when requested. If you do not know what this is about, # leave these settings commented out. @@ -73,7 +73,7 @@ index df74aac..7065c0c 100644 #------------------------------------------------------------------------------ -@@ -301,19 +301,21 @@ LOOKUP_DBM=yes +@@ -306,20 +306,22 @@ LOOKUP_DBM=yes LOOKUP_LSEARCH=yes LOOKUP_DNSDB=yes @@ -84,6 +84,7 @@ index df74aac..7065c0c 100644 # LOOKUP_IBASE=yes -# LOOKUP_LDAP=yes -# LOOKUP_MYSQL=yes +-# LOOKUP_MYSQL_PC=mariadb -# LOOKUP_NIS=yes -# LOOKUP_NISPLUS=yes +LOOKUP_LDAP=yes @@ -91,6 +92,7 @@ index df74aac..7065c0c 100644 +LOOKUP_INCLUDE=-I/usr/include/mysql +LOOKUP_LIBS=-lldap -llber -lsqlite3 -L/usr/$(_lib)/mysql -lmysqlclient -lpq +LOOKUP_MYSQL=yes ++LOOKUP_MYSQL_PC=mariadb +LOOKUP_NIS=yes +LOOKUP_NISPLUS=yes # LOOKUP_ORACLE=yes @@ -105,7 +107,7 @@ index df74aac..7065c0c 100644 # LOOKUP_WHOSON=yes # These two settings are obsolete; all three lookups are compiled when -@@ -390,7 +392,7 @@ EXIM_MONITOR=eximon.bin +@@ -396,7 +398,7 @@ EXIM_MONITOR=eximon.bin # and the MIME ACL. Please read the documentation to learn more about these # features. @@ -114,7 +116,7 @@ index df74aac..7065c0c 100644 #------------------------------------------------------------------------------ # If you're using ClamAV and are backporting fixes to an old version, instead -@@ -577,7 +579,7 @@ FIXED_NEVER_USERS=root +@@ -584,7 +586,7 @@ FIXED_NEVER_USERS=root # CONFIGURE_OWNER setting, to specify a configuration file which is listed in # the TRUSTED_CONFIG_LIST file, then root privileges are not dropped by Exim. @@ -123,7 +125,7 @@ index df74aac..7065c0c 100644 #------------------------------------------------------------------------------ -@@ -622,17 +624,14 @@ FIXED_NEVER_USERS=root +@@ -629,17 +631,14 @@ FIXED_NEVER_USERS=root # included in the Exim binary. You will then need to set up the run time # configuration to make use of the mechanism(s) selected. @@ -149,7 +151,7 @@ index df74aac..7065c0c 100644 # Heimdal through 1.5 required pkg-config 'heimdal-gssapi'; Heimdal 7.1 # requires multiple pkg-config files to work with Exim, so the second example -@@ -656,7 +655,7 @@ FIXED_NEVER_USERS=root +@@ -663,7 +662,7 @@ FIXED_NEVER_USERS=root # one that is set in the headers_charset option. The default setting is # defined by this setting: @@ -158,7 +160,7 @@ index df74aac..7065c0c 100644 # If you are going to make use of $header_xxx expansions in your configuration # file, or if your users are going to use them in filter files, and the normal -@@ -676,7 +675,7 @@ HEADERS_CHARSET="ISO-8859-1" +@@ -683,7 +682,7 @@ HEADERS_CHARSET="ISO-8859-1" # the Sieve filter support. For those OS where iconv() is known to be installed # as standard, the file in OS/Makefile-xxxx contains # @@ -167,7 +169,7 @@ index df74aac..7065c0c 100644 # # If you are not using one of those systems, but have installed iconv(), you # need to uncomment that line above. In some cases, you may find that iconv() -@@ -745,11 +744,11 @@ HEADERS_CHARSET="ISO-8859-1" +@@ -752,11 +751,11 @@ HEADERS_CHARSET="ISO-8859-1" # leave these settings commented out. # This setting is required for any TLS support (either OpenSSL or GnuTLS) @@ -182,7 +184,7 @@ index df74aac..7065c0c 100644 # Uncomment the first and either the second or the third of these if you # are using GnuTLS. If you have pkg-config, then the second, else the third. -@@ -818,7 +817,7 @@ HEADERS_CHARSET="ISO-8859-1" +@@ -825,7 +824,7 @@ HEADERS_CHARSET="ISO-8859-1" # Once you have done this, "make install" will build the info files and # install them in the directory you have defined. @@ -191,7 +193,7 @@ index df74aac..7065c0c 100644 #------------------------------------------------------------------------------ -@@ -831,7 +830,7 @@ HEADERS_CHARSET="ISO-8859-1" +@@ -838,7 +837,7 @@ HEADERS_CHARSET="ISO-8859-1" # %s. This will be replaced by one of the strings "main", "panic", or "reject" # to form the final file names. Some installations may want something like this: @@ -200,7 +202,7 @@ index df74aac..7065c0c 100644 # which results in files with names /var/log/exim_mainlog, etc. The directory # in which the log files are placed must exist; Exim does not try to create -@@ -903,7 +902,7 @@ ZCAT_COMMAND=/usr/bin/zcat +@@ -910,7 +909,7 @@ ZCAT_COMMAND=/usr/bin/zcat # (version 5.004 or later) installed, set EXIM_PERL to perl.o. Using embedded # Perl costs quite a lot of resources. Only do this if you really need it. @@ -209,7 +211,7 @@ index df74aac..7065c0c 100644 #------------------------------------------------------------------------------ -@@ -913,7 +912,7 @@ ZCAT_COMMAND=/usr/bin/zcat +@@ -920,7 +919,7 @@ ZCAT_COMMAND=/usr/bin/zcat # that the local_scan API is made available by the linker. You may also need # to add -ldl to EXTRALIBS so that dlopen() is available to Exim. @@ -218,7 +220,7 @@ index df74aac..7065c0c 100644 #------------------------------------------------------------------------------ -@@ -923,7 +922,7 @@ ZCAT_COMMAND=/usr/bin/zcat +@@ -930,7 +929,7 @@ ZCAT_COMMAND=/usr/bin/zcat # support, which is intended for use in conjunction with the SMTP AUTH # facilities, is included only when requested by the following setting: @@ -227,7 +229,7 @@ index df74aac..7065c0c 100644 # You probably need to add -lpam to EXTRALIBS, and in some releases of # GNU/Linux -ldl is also needed. -@@ -1021,7 +1020,7 @@ ZCAT_COMMAND=/usr/bin/zcat +@@ -1028,7 +1027,7 @@ ZCAT_COMMAND=/usr/bin/zcat # group. Once you have installed saslauthd, you should arrange for it to be # started by root at boot time. @@ -236,7 +238,7 @@ index df74aac..7065c0c 100644 #------------------------------------------------------------------------------ -@@ -1035,8 +1034,8 @@ ZCAT_COMMAND=/usr/bin/zcat +@@ -1042,8 +1041,8 @@ ZCAT_COMMAND=/usr/bin/zcat # library for TCP wrappers, so you probably need something like this: # # USE_TCP_WRAPPERS=yes @@ -247,7 +249,7 @@ index df74aac..7065c0c 100644 # # but of course there may need to be other things in CFLAGS and EXTRALIBS_EXIM # as well. -@@ -1088,7 +1087,7 @@ SYSTEM_ALIASES_FILE=/etc/aliases +@@ -1095,7 +1094,7 @@ SYSTEM_ALIASES_FILE=/etc/aliases # is "yes", as well as supporting line editing, a history of input lines in the # current run is maintained. @@ -256,7 +258,7 @@ index df74aac..7065c0c 100644 # You may need to add -ldl to EXTRALIBS when you set USE_READLINE=yes. # Note that this option adds to the size of the Exim binary, because the -@@ -1098,7 +1097,7 @@ SYSTEM_ALIASES_FILE=/etc/aliases +@@ -1112,7 +1111,7 @@ SYSTEM_ALIASES_FILE=/etc/aliases #------------------------------------------------------------------------------ # Uncomment this setting to include IPv6 support. @@ -265,7 +267,7 @@ index df74aac..7065c0c 100644 ############################################################################### # THINGS YOU ALMOST NEVER NEED TO MENTION # -@@ -1119,13 +1118,13 @@ SYSTEM_ALIASES_FILE=/etc/aliases +@@ -1133,13 +1132,13 @@ SYSTEM_ALIASES_FILE=/etc/aliases # haven't got Perl, Exim will still build and run; you just won't be able to # use those utilities. @@ -286,7 +288,7 @@ index df74aac..7065c0c 100644 #------------------------------------------------------------------------------ -@@ -1327,7 +1326,7 @@ EXIM_TMPDIR="/tmp" +@@ -1341,7 +1340,7 @@ EXIM_TMPDIR="/tmp" # (process id) to a file so that it can easily be identified. The path of the # file can be specified here. Some installations may want something like this: diff --git a/exim-4.88-cyrus.patch b/exim-4.90.1-cyrus.patch similarity index 90% rename from exim-4.88-cyrus.patch rename to exim-4.90.1-cyrus.patch index 395de3a..13d7efe 100644 --- a/exim-4.88-cyrus.patch +++ b/exim-4.90.1-cyrus.patch @@ -1,8 +1,8 @@ diff --git a/src/configure.default b/src/configure.default -index 8b6162b..d588898 100644 +index 562d0be..1138335 100644 --- a/src/configure.default +++ b/src/configure.default -@@ -765,6 +765,16 @@ address_reply: +@@ -768,6 +768,16 @@ address_reply: driver = autoreply diff --git a/exim-4.89-dlopen-localscan.patch b/exim-4.90.1-dlopen-localscan.patch similarity index 96% rename from exim-4.89-dlopen-localscan.patch rename to exim-4.90.1-dlopen-localscan.patch index 3e94d2e..39053a3 100644 --- a/exim-4.89-dlopen-localscan.patch +++ b/exim-4.90.1-dlopen-localscan.patch @@ -1,8 +1,8 @@ diff --git a/src/EDITME b/src/EDITME -index 0caf02d..6957546 100644 +index 0bd97f1..ce2b047 100644 --- a/src/EDITME +++ b/src/EDITME -@@ -802,6 +802,20 @@ TLS_LIBS=-lssl -lcrypto +@@ -809,6 +809,20 @@ TLS_LIBS=-lssl -lcrypto #------------------------------------------------------------------------------ @@ -24,10 +24,10 @@ index 0caf02d..6957546 100644 # documentation. Other forms are available separately. If you want to install # the documentation in "info" format, first fetch the Texinfo documentation diff --git a/src/config.h.defaults b/src/config.h.defaults -index 58e1813..9b18f98 100644 +index 4750523..e3943a8 100644 --- a/src/config.h.defaults +++ b/src/config.h.defaults -@@ -28,6 +28,8 @@ it's a default value. */ +@@ -31,6 +31,8 @@ Do not put spaces between # and the 'define'. #define AUTH_VARS 3 @@ -37,7 +37,7 @@ index 58e1813..9b18f98 100644 #define CONFIGURE_FILE diff --git a/src/globals.c b/src/globals.c -index 79ac37f..b7d690f 100644 +index 5df84bd..74724fd 100644 --- a/src/globals.c +++ b/src/globals.c @@ -167,6 +167,10 @@ uschar *tls_verify_hosts = NULL; @@ -52,7 +52,7 @@ index 79ac37f..b7d690f 100644 /* Per Recipient Data Response variables */ BOOL prdr_enable = FALSE; diff --git a/src/globals.h b/src/globals.h -index 340f1ae..4b65781 100644 +index 37d4cad..2b313e0 100644 --- a/src/globals.h +++ b/src/globals.h @@ -126,6 +126,11 @@ extern uschar *tls_try_verify_hosts; /* Optional client verification */ @@ -251,10 +251,10 @@ index 3500047..8599172 100644 + /* End of local_scan.c */ diff --git a/src/readconf.c b/src/readconf.c -index 790f073..6e88bcd 100644 +index 8d5f38c..73095be 100644 --- a/src/readconf.c +++ b/src/readconf.c -@@ -318,6 +318,9 @@ static optionlist optionlist_config[] = { +@@ -195,6 +195,9 @@ static optionlist optionlist_config[] = { { "local_from_prefix", opt_stringptr, &local_from_prefix }, { "local_from_suffix", opt_stringptr, &local_from_suffix }, { "local_interfaces", opt_stringptr, &local_interfaces }, diff --git a/exim-4.87-dynlookup-config.patch b/exim-4.90.1-dynlookup-config.patch similarity index 80% rename from exim-4.87-dynlookup-config.patch rename to exim-4.90.1-dynlookup-config.patch index a2bf35a..1d9a120 100644 --- a/exim-4.87-dynlookup-config.patch +++ b/exim-4.90.1-dynlookup-config.patch @@ -1,8 +1,8 @@ diff --git a/src/EDITME b/src/EDITME -index df3dcc8..de01565 100644 +index ce2b047..ad06440 100644 --- a/src/EDITME +++ b/src/EDITME -@@ -306,14 +306,16 @@ LOOKUP_DSEARCH=yes +@@ -311,15 +311,17 @@ LOOKUP_DSEARCH=yes # LOOKUP_IBASE=yes LOOKUP_LDAP=yes LDAP_LIB_TYPE=OPENLDAP2 @@ -10,10 +10,11 @@ index df3dcc8..de01565 100644 -LOOKUP_LIBS=-lldap -llber -lsqlite3 -L/usr/$(_lib)/mysql -lmysqlclient -lpq -LOOKUP_MYSQL=yes +LOOKUP_LIBS=-lldap -llber -lsqlite3 -+LOOKUP_MYSQL_INCLUDE=-I/usr/include/mysql ++LOOKUP_INCLUDE=-I/usr/include/mysql +LOOKUP_MYSQL_LIBS=-lmysqlclient +LOOKUP_PGSQL_LIBS=-lpq +LOOKUP_MYSQL=2 + LOOKUP_MYSQL_PC=mariadb LOOKUP_NIS=yes LOOKUP_NISPLUS=yes # LOOKUP_ORACLE=yes diff --git a/exim-4.89-environment.patch b/exim-4.90.1-environment.patch similarity index 82% rename from exim-4.89-environment.patch rename to exim-4.90.1-environment.patch index c579b72..aae43f6 100644 --- a/exim-4.89-environment.patch +++ b/exim-4.90.1-environment.patch @@ -1,7 +1,8 @@ diff --git a/src/configure.default b/src/configure.default +index b955c6e..590c664 100644 --- a/src/configure.default +++ b/src/configure.default -@@ -357,8 +357,8 @@ timeout_frozen_after = 7d +@@ -360,8 +360,8 @@ timeout_frozen_after = 7d # Note that TZ is handled separately by the timezone runtime option # and TIMEZONE_DEFAULT buildtime option. diff --git a/exim-4.88-greylist-conf.patch b/exim-4.90.1-greylist-conf.patch similarity index 94% rename from exim-4.88-greylist-conf.patch rename to exim-4.90.1-greylist-conf.patch index a579e66..880722f 100644 --- a/exim-4.88-greylist-conf.patch +++ b/exim-4.90.1-greylist-conf.patch @@ -1,5 +1,5 @@ diff --git a/src/configure.default b/src/configure.default -index 921c53b..a92c954 100644 +index 72675be..30ffc8c 100644 --- a/src/configure.default +++ b/src/configure.default @@ -107,6 +107,7 @@ hostlist relay_from_hosts = localhost @@ -10,7 +10,7 @@ index 921c53b..a92c954 100644 acl_smtp_rcpt = acl_check_rcpt acl_smtp_data = acl_check_data acl_smtp_mime = acl_check_mime -@@ -368,6 +369,29 @@ timeout_frozen_after = 7d +@@ -371,6 +372,29 @@ timeout_frozen_after = 7d begin acl @@ -40,7 +40,7 @@ index 921c53b..a92c954 100644 # This access control list is used for every RCPT command in an incoming # SMTP message. The tests are run in order until the address is either # accepted or denied. -@@ -493,7 +517,8 @@ acl_check_rcpt: +@@ -496,7 +520,8 @@ acl_check_rcpt: # There are no default checks on DNS black lists because the domains that # contain these lists are changing all the time. However, here are two # examples of how you can get Exim to perform a DNS black list lookup at this @@ -50,7 +50,7 @@ index 921c53b..a92c954 100644 # # deny message = rejected because $sender_host_address is in a black list at $dnslist_domain\n$dnslist_text # dnslists = black.list.example -@@ -501,6 +526,10 @@ acl_check_rcpt: +@@ -504,6 +529,10 @@ acl_check_rcpt: # warn dnslists = black.list.example # add_header = X-Warning: $sender_host_address is in a black list at $dnslist_domain # log_message = found in $dnslist_domain @@ -61,7 +61,7 @@ index 921c53b..a92c954 100644 ############################################################################# ############################################################################# -@@ -514,6 +543,10 @@ acl_check_rcpt: +@@ -517,6 +546,10 @@ acl_check_rcpt: # require verify = csa ############################################################################# @@ -72,7 +72,7 @@ index 921c53b..a92c954 100644 # At this point, the address has passed all the checks that have been # configured, so we accept it unconditionally. -@@ -546,6 +579,12 @@ acl_check_data: +@@ -549,6 +582,12 @@ acl_check_data: # deny condition = ${if !def:h_Message-ID: {1}} # message = RFC2822 says that all mail SHOULD have a Message-ID header.\n\ # Most messages without it are spam, so your mail has been rejected. @@ -85,7 +85,7 @@ index 921c53b..a92c954 100644 # Deny if the message contains a virus. Before enabling this check, you # must install a virus scanner and set the av_scanner option above. -@@ -580,8 +619,30 @@ acl_check_data: +@@ -583,8 +622,30 @@ acl_check_data: # message = Your message scored $spam_score SpamAssassin point. Report follows:\n\ # $spam_report diff --git a/exim-4.89-nsl-fix.patch b/exim-4.90.1-nsl-fix.patch similarity index 72% rename from exim-4.89-nsl-fix.patch rename to exim-4.90.1-nsl-fix.patch index 5c766b8..ab85a7c 100644 --- a/exim-4.89-nsl-fix.patch +++ b/exim-4.90.1-nsl-fix.patch @@ -1,9 +1,9 @@ diff --git a/src/EDITME b/src/EDITME -index 893c50c..b9caf0c 100644 +index ad06440..513a212 100644 --- a/src/EDITME +++ b/src/EDITME -@@ -313,6 +313,9 @@ LOOKUP_PGSQL_LIBS=-lpq - LOOKUP_MYSQL=2 +@@ -319,6 +319,9 @@ LOOKUP_MYSQL=2 + LOOKUP_MYSQL_PC=mariadb LOOKUP_NIS=yes LOOKUP_NISPLUS=yes +CFLAGS+=-I/usr/include/nsl -I/usr/include/tirpc diff --git a/exim-4.88-pamconfig.patch b/exim-4.90.1-pamconfig.patch similarity index 88% rename from exim-4.88-pamconfig.patch rename to exim-4.90.1-pamconfig.patch index 031cebe..bc8a078 100644 --- a/exim-4.88-pamconfig.patch +++ b/exim-4.90.1-pamconfig.patch @@ -1,5 +1,5 @@ diff --git a/src/configure.default b/src/configure.default -index d588898..61bdae8 100644 +index 1138335..0675b40 100644 --- a/src/configure.default +++ b/src/configure.default @@ -142,7 +142,7 @@ acl_smtp_data = acl_check_data @@ -20,9 +20,9 @@ index d588898..61bdae8 100644 +tls_certificate = /etc/pki/tls/certs/exim.pem +tls_privatekey = /etc/pki/tls/private/exim.pem - # In order to support roaming users who wish to send email from anywhere, - # you may want to make Exim listen on other ports as well as port 25, in -@@ -162,8 +162,8 @@ acl_smtp_data = acl_check_data + # For OpenSSL, prefer EC- over RSA-authenticated ciphers + # tls_require_ciphers = ECDSA:RSA:!COMPLEMENTOFDEFAULT +@@ -165,8 +165,8 @@ acl_smtp_data = acl_check_data # them you should also allow TLS-on-connect on the traditional but # non-standard port 465. @@ -33,7 +33,7 @@ index d588898..61bdae8 100644 # Specify the domain you want to be added to all unqualified addresses -@@ -221,6 +221,24 @@ never_users = root +@@ -224,6 +224,24 @@ never_users = root host_lookup = * @@ -58,7 +58,7 @@ index d588898..61bdae8 100644 # The settings below cause Exim to make RFC 1413 (ident) callbacks # for all incoming SMTP calls. You can limit the hosts to which these -@@ -844,7 +862,7 @@ begin authenticators +@@ -847,7 +865,7 @@ begin authenticators # driver = plaintext # server_set_id = $auth2 # server_prompts = : @@ -67,7 +67,7 @@ index d588898..61bdae8 100644 # server_advertise_condition = ${if def:tls_in_cipher } # LOGIN authentication has traditional prompts and responses. There is no -@@ -856,7 +874,7 @@ begin authenticators +@@ -859,7 +877,7 @@ begin authenticators # driver = plaintext # server_set_id = $auth1 # server_prompts = <| Username: | Password: diff --git a/exim-4.88-procmail.patch b/exim-4.90.1-procmail.patch similarity index 90% rename from exim-4.88-procmail.patch rename to exim-4.90.1-procmail.patch index 1227d84..e172d9d 100644 --- a/exim-4.88-procmail.patch +++ b/exim-4.90.1-procmail.patch @@ -1,8 +1,8 @@ diff --git a/src/configure.default b/src/configure.default -index ecc3d6e..1e3c63f 100644 +index 8b4575c..2cce34b 100644 --- a/src/configure.default +++ b/src/configure.default -@@ -732,6 +732,12 @@ userforward: +@@ -735,6 +735,12 @@ userforward: pipe_transport = address_pipe reply_transport = address_reply @@ -15,7 +15,7 @@ index ecc3d6e..1e3c63f 100644 # This router matches local user mailboxes. If the router fails, the error # message is "Unknown user". -@@ -773,6 +779,16 @@ remote_smtp: +@@ -776,6 +782,16 @@ remote_smtp: driver = smtp message_size_limit = ${if > {$max_received_linelength}{998} {1}{0}} diff --git a/exim-4.88-rhl.patch b/exim-4.90.1-rhl.patch similarity index 84% rename from exim-4.88-rhl.patch rename to exim-4.90.1-rhl.patch index 0a8af5a..879c640 100644 --- a/exim-4.88-rhl.patch +++ b/exim-4.90.1-rhl.patch @@ -1,8 +1,8 @@ diff --git a/src/configure.default b/src/configure.default -index 985f1d0..8b6162b 100644 +index 1dc9b91..562d0be 100644 --- a/src/configure.default +++ b/src/configure.default -@@ -630,7 +630,7 @@ system_aliases: +@@ -633,7 +633,7 @@ system_aliases: driver = redirect allow_fail allow_defer @@ -11,7 +11,7 @@ index 985f1d0..8b6162b 100644 # user = exim file_transport = address_file pipe_transport = address_pipe -@@ -731,8 +731,8 @@ local_delivery: +@@ -734,8 +734,8 @@ local_delivery: delivery_date_add envelope_to_add return_path_add diff --git a/exim-4.88-smarthost-config.patch b/exim-4.90.1-smarthost-config.patch similarity index 92% rename from exim-4.88-smarthost-config.patch rename to exim-4.90.1-smarthost-config.patch index 75c3fcd..b8bce18 100644 --- a/exim-4.88-smarthost-config.patch +++ b/exim-4.90.1-smarthost-config.patch @@ -1,8 +1,8 @@ diff --git a/src/configure.default b/src/configure.default -index a92c954..13599ae 100644 +index 30ffc8c..b955c6e 100644 --- a/src/configure.default +++ b/src/configure.default -@@ -840,6 +840,15 @@ remote_smtp: +@@ -843,6 +843,15 @@ remote_smtp: driver = smtp message_size_limit = ${if > {$max_received_linelength}{998} {1}{0}} @@ -18,7 +18,7 @@ index a92c954..13599ae 100644 # This transport invokes procmail to deliver mail procmail: driver = pipe -@@ -948,6 +957,21 @@ begin rewrite +@@ -951,6 +960,21 @@ begin rewrite # AUTHENTICATION CONFIGURATION # ###################################################################### @@ -40,7 +40,7 @@ index a92c954..13599ae 100644 # The following authenticators support plaintext username/password # authentication using the standard PLAIN mechanism and the traditional # but non-standard LOGIN mechanism, with Exim acting as the server. -@@ -963,7 +987,7 @@ begin rewrite +@@ -966,7 +990,7 @@ begin rewrite # The default RCPT ACL checks for successful authentication, and will accept # messages from authenticated users from anywhere on the Internet. diff --git a/exim-4.87-spamdconf.patch b/exim-4.90.1-spamdconf.patch similarity index 94% rename from exim-4.87-spamdconf.patch rename to exim-4.90.1-spamdconf.patch index c5a21f6..5f8816a 100644 --- a/exim-4.87-spamdconf.patch +++ b/exim-4.90.1-spamdconf.patch @@ -1,5 +1,7 @@ ---- a/src/configure.default.spamd 2016-12-25 21:06:57.453758443 +0000 -+++ b/src/configure.default 2016-12-25 21:07:49.940188407 +0000 +diff --git a/src/configure.default b/src/configure.default +index 0675b40..8b4575c 100644 +--- a/src/configure.default ++++ b/src/configure.default @@ -109,6 +109,7 @@ hostlist relay_from_hosts = localhost acl_smtp_rcpt = acl_check_rcpt @@ -17,7 +19,7 @@ # For spam scanning, there is a similar option that defines the interface to -@@ -431,7 +432,8 @@ acl_check_rcpt: +@@ -434,7 +435,8 @@ acl_check_rcpt: accept local_parts = postmaster domains = +local_domains @@ -27,7 +29,7 @@ require verify = sender -@@ -535,27 +537,63 @@ acl_check_data: +@@ -538,27 +540,63 @@ acl_check_data: got $max_received_linelength condition = ${if > {$max_received_linelength}{998}} @@ -50,17 +52,17 @@ - # Add headers to a message if it is judged to be spam. Before enabling this, - # you must install SpamAssassin. You may also need to set the spamd_address - # option above. -- # ++ # Bypass SpamAssassin checks if the message is too large. + # - # warn spam = nobody - # add_header = X-Spam_score: $spam_score\n\ - # X-Spam_score_int: $spam_score_int\n\ - # X-Spam_bar: $spam_bar\n\ - # X-Spam_report: $spam_report -+ # Bypass SpamAssassin checks if the message is too large. -+ # + # accept condition = ${if >={$message_size}{100000} {1}} + # add_header = X-Spam-Note: SpamAssassin run bypassed due to message size -+ + +- # Accept the message. + # Run SpamAssassin, but allow for it to fail or time out. Add a warning message + # and accept the mail if that happens. Add an X-Spam-Flag: header if the SA + # score exceeds the SA system threshold. @@ -76,8 +78,7 @@ + # + # warn add_header = X-Spam-Score: $spam_score ($spam_bar)\n\ + # X-Spam-Report: $spam_report - -- # Accept the message. ++ + # And reject if the SpamAssassin score is greater than ten + # + # deny condition = ${if >{$spam_score_int}{100} {1}} diff --git a/exim.spec b/exim.spec index c7a025b..d01beed 100644 --- a/exim.spec +++ b/exim.spec @@ -13,8 +13,8 @@ Summary: The exim mail transfer agent Name: exim -Version: 4.89 -Release: 12%{?dist} +Version: 4.90.1 +Release: 1%{?dist} License: GPLv2+ Url: http://www.exim.org/ Group: System Environment/Daemons @@ -46,35 +46,23 @@ Source24: exim.service Source25: exim-gen-cert Source26: clamd.exim.service -Patch4: exim-4.88-rhl.patch -Patch6: exim-4.89-config.patch +Patch4: exim-4.90.1-rhl.patch +Patch6: exim-4.90.1-config.patch Patch8: exim-4.82-libdir.patch -Patch12: exim-4.88-cyrus.patch -Patch13: exim-4.88-pamconfig.patch -Patch14: exim-4.87-spamdconf.patch -Patch18: exim-4.89-dlopen-localscan.patch -Patch19: exim-4.88-procmail.patch -Patch20: exim-4.88-allow-filter.patch +Patch12: exim-4.90.1-cyrus.patch +Patch13: exim-4.90.1-pamconfig.patch +Patch14: exim-4.90.1-spamdconf.patch +Patch18: exim-4.90.1-dlopen-localscan.patch +Patch19: exim-4.90.1-procmail.patch +Patch20: exim-4.90.1-allow-filter.patch Patch21: exim-4.87-localhost-is-local.patch -Patch22: exim-4.88-greylist-conf.patch -Patch23: exim-4.88-smarthost-config.patch -Patch25: exim-4.87-dynlookup-config.patch -# Upstream ticket: http://bugs.exim.org/show_bug.cgi?id=1584 +Patch22: exim-4.90.1-greylist-conf.patch +Patch23: exim-4.90.1-smarthost-config.patch +Patch25: exim-4.90.1-dynlookup-config.patch Patch26: exim-4.85-pic.patch -Patch27: exim-4.89-environment.patch -# Backported from upstream: -# https://github.com/Exim/exim/commit/65e061b76867a9ea7aeeb535341b790b90ae6c21 -Patch28: exim-4.89-CVE-2017-1000369.patch -# Backported from upstream: -# https://git.exim.org/exim.git/commitdiff/14de8063d82edc5bf003ed50abdea55ac542679b -Patch29: exim-4.89-calloutsize.patch -Patch30: exim-4.89-mariadb-macro-fix.patch -# Upstream ticket: https://bugs.exim.org/show_bug.cgi?id=2199 -Patch31: exim-4.89-CVE-2017-16943.patch -# Upstream ticket: https://bugs.exim.org/show_bug.cgi?id=2201 -Patch32: exim-4.89-CVE-2017-16944.patch +Patch27: exim-4.90.1-environment.patch # Workaround for NIS removal from glibc, bug 1534920 -Patch33: exim-4.89-nsl-fix.patch +Patch33: exim-4.90.1-nsl-fix.patch Requires: /etc/pki/tls/certs /etc/pki/tls/private Requires: /etc/aliases @@ -223,11 +211,6 @@ greylisting unconditional. %patch25 -p1 -b .dynconfig %patch26 -p1 -b .fpic %patch27 -p1 -b .environment -%patch28 -p1 -b .CVE-2017-1000369 -%patch29 -p1 -b .calloutsize -%patch30 -p1 -b .mariadb-macro-fix -%patch31 -p1 -b .CVE-2017-16943 -%patch32 -p1 -b .CVE-2017-16944 %patch33 -p1 -b .nsl-fix cp src/EDITME Local/Makefile @@ -606,6 +589,16 @@ test "$1" = 0 || %{_initrddir}/clamd.exim condrestart >/dev/null 2>&1 || : %{_sysconfdir}/cron.daily/greylist-tidy.sh %changelog +* Tue Feb 13 2018 Jaroslav Škarvada - 4.90.1-1 +- New version + Resolves: rhbz#1527710 +- Fixed buffer overflow in utility function + Resolves: CVE-2018-6789 +- Updated and defuzzified patches +- Dropped mariadb-macro-fix patch (not needed) +- Dropped CVE-2017-1000369, calloutsize, CVE-2017-16943, + CVE-2017-16944 patches (all upstreamed) + * Wed Feb 07 2018 Fedora Release Engineering - 4.89-12 - Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild diff --git a/sources b/sources index 2360d71..0995d54 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (exim-4.89.tar.xz) = ce5faef3847a5baf1b4fec1ffe46ce7efaafb24e63bcc52a61f38e8312a88eccaa816c3947ba428bef3eed38b1e91e606f6ed07bc0a3e14c6a6ed0ecb41eb9fa +SHA512 (exim-4.90.1.tar.xz) = b4830a2e03023b2bafc9e62535f467bb61b0f1398b6b3af0a7ef6f49e6cba60a9496e6762d0898b7ac1c2823db8cf96ed9f37e26b05809b4ba01725d9e72b806 From d4b3565e852c70ffe5ef4a45134f0117bd6daea2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jaroslav=20=C5=A0karvada?= Date: Wed, 14 Feb 2018 13:18:51 +0100 Subject: [PATCH 170/194] Fixed gitignore MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Jaroslav Škarvada --- .gitignore | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/.gitignore b/.gitignore index 5410835..53bc958 100644 --- a/.gitignore +++ b/.gitignore @@ -1,3 +1 @@ -exim-*.tar.bz2 -/exim-4.89.tar.xz -/exim-4.90.1.tar.xz +exim-*.tar.xz From 3a3d9940d2a8c23faf3edab858ea9d198dcee34a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jaroslav=20=C5=A0karvada?= Date: Fri, 16 Feb 2018 23:17:48 +0100 Subject: [PATCH 171/194] Fixed mysql module --- exim-4.90.1-dynlookup-config.patch | 6 +++--- exim.spec | 8 ++++++-- 2 files changed, 9 insertions(+), 5 deletions(-) diff --git a/exim-4.90.1-dynlookup-config.patch b/exim-4.90.1-dynlookup-config.patch index 1d9a120..a1ac3e5 100644 --- a/exim-4.90.1-dynlookup-config.patch +++ b/exim-4.90.1-dynlookup-config.patch @@ -1,5 +1,5 @@ diff --git a/src/EDITME b/src/EDITME -index ce2b047..ad06440 100644 +index ce2b047..8b773ea 100644 --- a/src/EDITME +++ b/src/EDITME @@ -311,15 +311,17 @@ LOOKUP_DSEARCH=yes @@ -10,8 +10,8 @@ index ce2b047..ad06440 100644 -LOOKUP_LIBS=-lldap -llber -lsqlite3 -L/usr/$(_lib)/mysql -lmysqlclient -lpq -LOOKUP_MYSQL=yes +LOOKUP_LIBS=-lldap -llber -lsqlite3 -+LOOKUP_INCLUDE=-I/usr/include/mysql -+LOOKUP_MYSQL_LIBS=-lmysqlclient ++# LOOKUP_INCLUDE=-I/usr/include/mysql ++# LOOKUP_MYSQL_LIBS=-lmysqlclient +LOOKUP_PGSQL_LIBS=-lpq +LOOKUP_MYSQL=2 LOOKUP_MYSQL_PC=mariadb diff --git a/exim.spec b/exim.spec index d01beed..c7819f9 100644 --- a/exim.spec +++ b/exim.spec @@ -14,7 +14,7 @@ Summary: The exim mail transfer agent Name: exim Version: 4.90.1 -Release: 1%{?dist} +Release: 2%{?dist} License: GPLv2+ Url: http://www.exim.org/ Group: System Environment/Daemons @@ -74,7 +74,8 @@ BuildRequires: libXaw-devel libXmu-devel libXext-devel libX11-devel libSM-devel BuildRequires: perl-devel BuildRequires: perl-generators BuildRequires: libICE-devel libXpm-devel libXt-devel perl(ExtUtils::Embed) -BuildRequires: systemd-units libgsasl-devel +# mariadb-devel for mariadb pkgconfig +BuildRequires: systemd-units libgsasl-devel mariadb-devel # Workaround for NIS removal from glibc, bug 1534920 BuildRequires: libnsl2-devel libtirpc-devel @@ -589,6 +590,9 @@ test "$1" = 0 || %{_initrddir}/clamd.exim condrestart >/dev/null 2>&1 || : %{_sysconfdir}/cron.daily/greylist-tidy.sh %changelog +* Fri Feb 16 2018 Jaroslav Škarvada - 4.90.1-2 +- Fixed mysql module + * Tue Feb 13 2018 Jaroslav Škarvada - 4.90.1-1 - New version Resolves: rhbz#1527710 From 37b90b260bde21d2df0b1cbda047fdd78b778d2f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jaroslav=20=C5=A0karvada?= Date: Fri, 16 Feb 2018 23:40:36 +0100 Subject: [PATCH 172/194] Dropped dynlookup-config patch (merged into config patch) --- exim-4.90.1-config.patch | 8 ++++---- exim-4.90.1-dynlookup-config.patch | 26 -------------------------- exim.spec | 7 ++++--- 3 files changed, 8 insertions(+), 33 deletions(-) delete mode 100644 exim-4.90.1-dynlookup-config.patch diff --git a/exim-4.90.1-config.patch b/exim-4.90.1-config.patch index c156cd7..1820b94 100644 --- a/exim-4.90.1-config.patch +++ b/exim-4.90.1-config.patch @@ -89,9 +89,8 @@ index 72e26ce..0bd97f1 100644 -# LOOKUP_NISPLUS=yes +LOOKUP_LDAP=yes +LDAP_LIB_TYPE=OPENLDAP2 -+LOOKUP_INCLUDE=-I/usr/include/mysql -+LOOKUP_LIBS=-lldap -llber -lsqlite3 -L/usr/$(_lib)/mysql -lmysqlclient -lpq -+LOOKUP_MYSQL=yes ++LOOKUP_LIBS=-lldap -llber -lsqlite3 ++LOOKUP_MYSQL=2 +LOOKUP_MYSQL_PC=mariadb +LOOKUP_NIS=yes +LOOKUP_NISPLUS=yes @@ -99,7 +98,8 @@ index 72e26ce..0bd97f1 100644 -# LOOKUP_PASSWD=yes -# LOOKUP_PGSQL=yes +LOOKUP_PASSWD=yes -+LOOKUP_PGSQL=yes ++LOOKUP_PGSQL=2 ++LOOKUP_PGSQL_LIBS=-lpq # LOOKUP_REDIS=yes -# LOOKUP_SQLITE=yes -# LOOKUP_SQLITE_PC=sqlite3 diff --git a/exim-4.90.1-dynlookup-config.patch b/exim-4.90.1-dynlookup-config.patch deleted file mode 100644 index a1ac3e5..0000000 --- a/exim-4.90.1-dynlookup-config.patch +++ /dev/null @@ -1,26 +0,0 @@ -diff --git a/src/EDITME b/src/EDITME -index ce2b047..8b773ea 100644 ---- a/src/EDITME -+++ b/src/EDITME -@@ -311,15 +311,17 @@ LOOKUP_DSEARCH=yes - # LOOKUP_IBASE=yes - LOOKUP_LDAP=yes - LDAP_LIB_TYPE=OPENLDAP2 --LOOKUP_INCLUDE=-I/usr/include/mysql --LOOKUP_LIBS=-lldap -llber -lsqlite3 -L/usr/$(_lib)/mysql -lmysqlclient -lpq --LOOKUP_MYSQL=yes -+LOOKUP_LIBS=-lldap -llber -lsqlite3 -+# LOOKUP_INCLUDE=-I/usr/include/mysql -+# LOOKUP_MYSQL_LIBS=-lmysqlclient -+LOOKUP_PGSQL_LIBS=-lpq -+LOOKUP_MYSQL=2 - LOOKUP_MYSQL_PC=mariadb - LOOKUP_NIS=yes - LOOKUP_NISPLUS=yes - # LOOKUP_ORACLE=yes - LOOKUP_PASSWD=yes --LOOKUP_PGSQL=yes -+LOOKUP_PGSQL=2 - # LOOKUP_REDIS=yes - LOOKUP_SQLITE=yes - # LOOKUP_WHOSON=yes diff --git a/exim.spec b/exim.spec index c7819f9..9d4571f 100644 --- a/exim.spec +++ b/exim.spec @@ -14,7 +14,7 @@ Summary: The exim mail transfer agent Name: exim Version: 4.90.1 -Release: 2%{?dist} +Release: 3%{?dist} License: GPLv2+ Url: http://www.exim.org/ Group: System Environment/Daemons @@ -58,7 +58,6 @@ Patch20: exim-4.90.1-allow-filter.patch Patch21: exim-4.87-localhost-is-local.patch Patch22: exim-4.90.1-greylist-conf.patch Patch23: exim-4.90.1-smarthost-config.patch -Patch25: exim-4.90.1-dynlookup-config.patch Patch26: exim-4.85-pic.patch Patch27: exim-4.90.1-environment.patch # Workaround for NIS removal from glibc, bug 1534920 @@ -209,7 +208,6 @@ greylisting unconditional. %patch21 -p1 -b .localhost %patch22 -p1 -b .grey %patch23 -p1 -b .smarthost -%patch25 -p1 -b .dynconfig %patch26 -p1 -b .fpic %patch27 -p1 -b .environment %patch33 -p1 -b .nsl-fix @@ -590,6 +588,9 @@ test "$1" = 0 || %{_initrddir}/clamd.exim condrestart >/dev/null 2>&1 || : %{_sysconfdir}/cron.daily/greylist-tidy.sh %changelog +* Fri Feb 16 2018 Jaroslav Škarvada - 4.90.1-3 +- Dropped dynlookup-config patch (merged into config patch) + * Fri Feb 16 2018 Jaroslav Škarvada - 4.90.1-2 - Fixed mysql module From 807d9088826cc4236ecd83cad2b5fa580960257f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jaroslav=20=C5=A0karvada?= Date: Wed, 14 Mar 2018 09:16:20 +0100 Subject: [PATCH 173/194] Fixed dec64table OOB read in b64decode De-fuzzified nsl-fix patch --- exim-4.90.1-dec64table-read-fix.patch | 16 ++++++++++++++++ exim-4.90.1-nsl-fix.patch | 4 ++-- exim.spec | 9 ++++++++- 3 files changed, 26 insertions(+), 3 deletions(-) create mode 100644 exim-4.90.1-dec64table-read-fix.patch diff --git a/exim-4.90.1-dec64table-read-fix.patch b/exim-4.90.1-dec64table-read-fix.patch new file mode 100644 index 0000000..d13bd50 --- /dev/null +++ b/exim-4.90.1-dec64table-read-fix.patch @@ -0,0 +1,16 @@ +diff --git a/src/base64.c b/src/src/base64.c +index dbbd6a4..e63522e 100644 +--- a/src/base64.c ++++ b/src/base64.c +@@ -173,7 +173,7 @@ while ((x = *code++) != 0) + + while (isspace(y = *code++)) ; + /* debug_printf("b64d: '%c'\n", y); */ +- if (y == 0 || (y = dec64table[y]) == 255) ++ if (y > 127 || (y = dec64table[y]) == 255) + return -1; + + *result++ = (x << 2) | (y >> 4); +-- +1.9.1 + diff --git a/exim-4.90.1-nsl-fix.patch b/exim-4.90.1-nsl-fix.patch index ab85a7c..bb02954 100644 --- a/exim-4.90.1-nsl-fix.patch +++ b/exim-4.90.1-nsl-fix.patch @@ -1,8 +1,8 @@ diff --git a/src/EDITME b/src/EDITME -index ad06440..513a212 100644 +index be31066..e48dd93 100644 --- a/src/EDITME +++ b/src/EDITME -@@ -319,6 +319,9 @@ LOOKUP_MYSQL=2 +@@ -316,6 +316,9 @@ LOOKUP_MYSQL=2 LOOKUP_MYSQL_PC=mariadb LOOKUP_NIS=yes LOOKUP_NISPLUS=yes diff --git a/exim.spec b/exim.spec index 9d4571f..b2031d8 100644 --- a/exim.spec +++ b/exim.spec @@ -14,7 +14,7 @@ Summary: The exim mail transfer agent Name: exim Version: 4.90.1 -Release: 3%{?dist} +Release: 4%{?dist} License: GPLv2+ Url: http://www.exim.org/ Group: System Environment/Daemons @@ -62,6 +62,8 @@ Patch26: exim-4.85-pic.patch Patch27: exim-4.90.1-environment.patch # Workaround for NIS removal from glibc, bug 1534920 Patch33: exim-4.90.1-nsl-fix.patch +# Backported from upstream +Patch34: exim-4.90.1-dec64table-read-fix.patch Requires: /etc/pki/tls/certs /etc/pki/tls/private Requires: /etc/aliases @@ -211,6 +213,7 @@ greylisting unconditional. %patch26 -p1 -b .fpic %patch27 -p1 -b .environment %patch33 -p1 -b .nsl-fix +%patch34 -p1 -b .dec64table-read-fix cp src/EDITME Local/Makefile sed -i 's@^# LOOKUP_MODULE_DIR=.*@LOOKUP_MODULE_DIR=%{_libdir}/exim/%{version}-%{release}/lookups@' Local/Makefile @@ -588,6 +591,10 @@ test "$1" = 0 || %{_initrddir}/clamd.exim condrestart >/dev/null 2>&1 || : %{_sysconfdir}/cron.daily/greylist-tidy.sh %changelog +* Wed Mar 14 2018 Jaroslav Škarvada - 4.90.1-4 +- Fixed dec64table OOB read in b64decode +- De-fuzzified nsl-fix patch + * Fri Feb 16 2018 Jaroslav Škarvada - 4.90.1-3 - Dropped dynlookup-config patch (merged into config patch) From 35982dc5b87a895118d84c3bb9d1a889b6119795 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jaroslav=20=C5=A0karvada?= Date: Thu, 19 Apr 2018 17:26:19 +0200 Subject: [PATCH 174/194] New version Resolves: rhbz#1567670 Dropped dec64table-read-fix patch (already upstream) De-fuzzified patches --- exim-4.90.1-dec64table-read-fix.patch | 16 ------- ...lter.patch => exim-4.91-allow-filter.patch | 4 +- ...0.1-config.patch => exim-4.91-config.patch | 44 +++++++++---------- ....90.1-cyrus.patch => exim-4.91-cyrus.patch | 4 +- ....patch => exim-4.91-dlopen-localscan.patch | 20 ++++----- ...onf.patch => exim-4.91-greylist-conf.patch | 6 +-- ...mconfig.patch => exim-4.91-pamconfig.patch | 6 +-- ...procmail.patch => exim-4.91-procmail.patch | 6 +-- exim-4.90.1-rhl.patch => exim-4.91-rhl.patch | 6 +-- ....patch => exim-4.91-smarthost-config.patch | 8 ++-- ...amdconf.patch => exim-4.91-spamdconf.patch | 8 ++-- exim.spec | 33 +++++++------- sources | 2 +- 13 files changed, 75 insertions(+), 88 deletions(-) delete mode 100644 exim-4.90.1-dec64table-read-fix.patch rename exim-4.90.1-allow-filter.patch => exim-4.91-allow-filter.patch (81%) rename exim-4.90.1-config.patch => exim-4.91-config.patch (89%) rename exim-4.90.1-cyrus.patch => exim-4.91-cyrus.patch (90%) rename exim-4.90.1-dlopen-localscan.patch => exim-4.91-dlopen-localscan.patch (96%) rename exim-4.90.1-greylist-conf.patch => exim-4.91-greylist-conf.patch (97%) rename exim-4.90.1-pamconfig.patch => exim-4.91-pamconfig.patch (96%) rename exim-4.90.1-procmail.patch => exim-4.91-procmail.patch (90%) rename exim-4.90.1-rhl.patch => exim-4.91-rhl.patch (84%) rename exim-4.90.1-smarthost-config.patch => exim-4.91-smarthost-config.patch (92%) rename exim-4.90.1-spamdconf.patch => exim-4.91-spamdconf.patch (95%) diff --git a/exim-4.90.1-dec64table-read-fix.patch b/exim-4.90.1-dec64table-read-fix.patch deleted file mode 100644 index d13bd50..0000000 --- a/exim-4.90.1-dec64table-read-fix.patch +++ /dev/null @@ -1,16 +0,0 @@ -diff --git a/src/base64.c b/src/src/base64.c -index dbbd6a4..e63522e 100644 ---- a/src/base64.c -+++ b/src/base64.c -@@ -173,7 +173,7 @@ while ((x = *code++) != 0) - - while (isspace(y = *code++)) ; - /* debug_printf("b64d: '%c'\n", y); */ -- if (y == 0 || (y = dec64table[y]) == 255) -+ if (y > 127 || (y = dec64table[y]) == 255) - return -1; - - *result++ = (x << 2) | (y >> 4); --- -1.9.1 - diff --git a/exim-4.90.1-allow-filter.patch b/exim-4.91-allow-filter.patch similarity index 81% rename from exim-4.90.1-allow-filter.patch rename to exim-4.91-allow-filter.patch index 644d6fa..127da02 100644 --- a/exim-4.90.1-allow-filter.patch +++ b/exim-4.91-allow-filter.patch @@ -1,8 +1,8 @@ diff --git a/src/configure.default b/src/configure.default -index 2cce34b..50e9236 100644 +index 7d26076..ce3b3b0 100644 --- a/src/configure.default +++ b/src/configure.default -@@ -727,7 +727,7 @@ userforward: +@@ -733,7 +733,7 @@ userforward: # local_part_suffix = +* : -* # local_part_suffix_optional file = $home/.forward diff --git a/exim-4.90.1-config.patch b/exim-4.91-config.patch similarity index 89% rename from exim-4.90.1-config.patch rename to exim-4.91-config.patch index 1820b94..bd770f5 100644 --- a/exim-4.90.1-config.patch +++ b/exim-4.91-config.patch @@ -1,8 +1,8 @@ diff --git a/scripts/Configure-Makefile b/scripts/Configure-Makefile -index 2af1927..e461505 100755 +index 7e0bf38..c97ccec 100755 --- a/scripts/Configure-Makefile +++ b/scripts/Configure-Makefile -@@ -296,7 +296,7 @@ if [ "${EXIM_PERL}" != "" ] ; then +@@ -297,7 +297,7 @@ if [ "${EXIM_PERL}" != "" ] ; then mv $mft $mftt echo "PERL_CC=`$PERL_COMMAND -MConfig -e 'print $Config{cc}'`" >>$mft @@ -12,7 +12,7 @@ index 2af1927..e461505 100755 echo "" >>$mft cat $mftt >> $mft diff --git a/src/EDITME b/src/EDITME -index 72e26ce..0bd97f1 100644 +index bd5151d..4cd3b4d 100644 --- a/src/EDITME +++ b/src/EDITME @@ -98,7 +98,7 @@ @@ -107,16 +107,16 @@ index 72e26ce..0bd97f1 100644 # LOOKUP_WHOSON=yes # These two settings are obsolete; all three lookups are compiled when -@@ -396,7 +398,7 @@ EXIM_MONITOR=eximon.bin +@@ -402,7 +404,7 @@ EXIM_MONITOR=eximon.bin # and the MIME ACL. Please read the documentation to learn more about these # features. -# WITH_CONTENT_SCAN=yes +WITH_CONTENT_SCAN=yes - #------------------------------------------------------------------------------ - # If you're using ClamAV and are backporting fixes to an old version, instead -@@ -584,7 +586,7 @@ FIXED_NEVER_USERS=root + # If you have content scanning you may wish to only include some of the scanner + # interfaces. Uncomment any of these lines to remove that code. +@@ -590,7 +592,7 @@ FIXED_NEVER_USERS=root # CONFIGURE_OWNER setting, to specify a configuration file which is listed in # the TRUSTED_CONFIG_LIST file, then root privileges are not dropped by Exim. @@ -125,7 +125,7 @@ index 72e26ce..0bd97f1 100644 #------------------------------------------------------------------------------ -@@ -629,17 +631,14 @@ FIXED_NEVER_USERS=root +@@ -635,17 +637,14 @@ FIXED_NEVER_USERS=root # included in the Exim binary. You will then need to set up the run time # configuration to make use of the mechanism(s) selected. @@ -151,7 +151,7 @@ index 72e26ce..0bd97f1 100644 # Heimdal through 1.5 required pkg-config 'heimdal-gssapi'; Heimdal 7.1 # requires multiple pkg-config files to work with Exim, so the second example -@@ -663,7 +662,7 @@ FIXED_NEVER_USERS=root +@@ -669,7 +668,7 @@ FIXED_NEVER_USERS=root # one that is set in the headers_charset option. The default setting is # defined by this setting: @@ -160,7 +160,7 @@ index 72e26ce..0bd97f1 100644 # If you are going to make use of $header_xxx expansions in your configuration # file, or if your users are going to use them in filter files, and the normal -@@ -683,7 +682,7 @@ HEADERS_CHARSET="ISO-8859-1" +@@ -689,7 +688,7 @@ HEADERS_CHARSET="ISO-8859-1" # the Sieve filter support. For those OS where iconv() is known to be installed # as standard, the file in OS/Makefile-xxxx contains # @@ -169,7 +169,7 @@ index 72e26ce..0bd97f1 100644 # # If you are not using one of those systems, but have installed iconv(), you # need to uncomment that line above. In some cases, you may find that iconv() -@@ -752,11 +751,11 @@ HEADERS_CHARSET="ISO-8859-1" +@@ -758,11 +757,11 @@ HEADERS_CHARSET="ISO-8859-1" # leave these settings commented out. # This setting is required for any TLS support (either OpenSSL or GnuTLS) @@ -184,7 +184,7 @@ index 72e26ce..0bd97f1 100644 # Uncomment the first and either the second or the third of these if you # are using GnuTLS. If you have pkg-config, then the second, else the third. -@@ -825,7 +824,7 @@ HEADERS_CHARSET="ISO-8859-1" +@@ -834,7 +833,7 @@ HEADERS_CHARSET="ISO-8859-1" # Once you have done this, "make install" will build the info files and # install them in the directory you have defined. @@ -193,7 +193,7 @@ index 72e26ce..0bd97f1 100644 #------------------------------------------------------------------------------ -@@ -838,7 +837,7 @@ HEADERS_CHARSET="ISO-8859-1" +@@ -847,7 +846,7 @@ HEADERS_CHARSET="ISO-8859-1" # %s. This will be replaced by one of the strings "main", "panic", or "reject" # to form the final file names. Some installations may want something like this: @@ -202,7 +202,7 @@ index 72e26ce..0bd97f1 100644 # which results in files with names /var/log/exim_mainlog, etc. The directory # in which the log files are placed must exist; Exim does not try to create -@@ -910,7 +909,7 @@ ZCAT_COMMAND=/usr/bin/zcat +@@ -919,7 +918,7 @@ ZCAT_COMMAND=/usr/bin/zcat # (version 5.004 or later) installed, set EXIM_PERL to perl.o. Using embedded # Perl costs quite a lot of resources. Only do this if you really need it. @@ -211,7 +211,7 @@ index 72e26ce..0bd97f1 100644 #------------------------------------------------------------------------------ -@@ -920,7 +919,7 @@ ZCAT_COMMAND=/usr/bin/zcat +@@ -929,7 +928,7 @@ ZCAT_COMMAND=/usr/bin/zcat # that the local_scan API is made available by the linker. You may also need # to add -ldl to EXTRALIBS so that dlopen() is available to Exim. @@ -220,7 +220,7 @@ index 72e26ce..0bd97f1 100644 #------------------------------------------------------------------------------ -@@ -930,7 +929,7 @@ ZCAT_COMMAND=/usr/bin/zcat +@@ -939,7 +938,7 @@ ZCAT_COMMAND=/usr/bin/zcat # support, which is intended for use in conjunction with the SMTP AUTH # facilities, is included only when requested by the following setting: @@ -229,7 +229,7 @@ index 72e26ce..0bd97f1 100644 # You probably need to add -lpam to EXTRALIBS, and in some releases of # GNU/Linux -ldl is also needed. -@@ -1028,7 +1027,7 @@ ZCAT_COMMAND=/usr/bin/zcat +@@ -1047,7 +1046,7 @@ ZCAT_COMMAND=/usr/bin/zcat # group. Once you have installed saslauthd, you should arrange for it to be # started by root at boot time. @@ -238,7 +238,7 @@ index 72e26ce..0bd97f1 100644 #------------------------------------------------------------------------------ -@@ -1042,8 +1041,8 @@ ZCAT_COMMAND=/usr/bin/zcat +@@ -1061,8 +1060,8 @@ ZCAT_COMMAND=/usr/bin/zcat # library for TCP wrappers, so you probably need something like this: # # USE_TCP_WRAPPERS=yes @@ -249,7 +249,7 @@ index 72e26ce..0bd97f1 100644 # # but of course there may need to be other things in CFLAGS and EXTRALIBS_EXIM # as well. -@@ -1095,7 +1094,7 @@ SYSTEM_ALIASES_FILE=/etc/aliases +@@ -1114,7 +1113,7 @@ SYSTEM_ALIASES_FILE=/etc/aliases # is "yes", as well as supporting line editing, a history of input lines in the # current run is maintained. @@ -258,7 +258,7 @@ index 72e26ce..0bd97f1 100644 # You may need to add -ldl to EXTRALIBS when you set USE_READLINE=yes. # Note that this option adds to the size of the Exim binary, because the -@@ -1112,7 +1111,7 @@ SYSTEM_ALIASES_FILE=/etc/aliases +@@ -1131,7 +1130,7 @@ SYSTEM_ALIASES_FILE=/etc/aliases #------------------------------------------------------------------------------ # Uncomment this setting to include IPv6 support. @@ -267,7 +267,7 @@ index 72e26ce..0bd97f1 100644 ############################################################################### # THINGS YOU ALMOST NEVER NEED TO MENTION # -@@ -1133,13 +1132,13 @@ SYSTEM_ALIASES_FILE=/etc/aliases +@@ -1152,13 +1151,13 @@ SYSTEM_ALIASES_FILE=/etc/aliases # haven't got Perl, Exim will still build and run; you just won't be able to # use those utilities. @@ -288,7 +288,7 @@ index 72e26ce..0bd97f1 100644 #------------------------------------------------------------------------------ -@@ -1341,7 +1340,7 @@ EXIM_TMPDIR="/tmp" +@@ -1360,7 +1359,7 @@ EXIM_TMPDIR="/tmp" # (process id) to a file so that it can easily be identified. The path of the # file can be specified here. Some installations may want something like this: diff --git a/exim-4.90.1-cyrus.patch b/exim-4.91-cyrus.patch similarity index 90% rename from exim-4.90.1-cyrus.patch rename to exim-4.91-cyrus.patch index 13d7efe..1782180 100644 --- a/exim-4.90.1-cyrus.patch +++ b/exim-4.91-cyrus.patch @@ -1,8 +1,8 @@ diff --git a/src/configure.default b/src/configure.default -index 562d0be..1138335 100644 +index 78e44d2..ae50b15 100644 --- a/src/configure.default +++ b/src/configure.default -@@ -768,6 +768,16 @@ address_reply: +@@ -774,6 +774,16 @@ address_reply: driver = autoreply diff --git a/exim-4.90.1-dlopen-localscan.patch b/exim-4.91-dlopen-localscan.patch similarity index 96% rename from exim-4.90.1-dlopen-localscan.patch rename to exim-4.91-dlopen-localscan.patch index 39053a3..c8db483 100644 --- a/exim-4.90.1-dlopen-localscan.patch +++ b/exim-4.91-dlopen-localscan.patch @@ -1,11 +1,12 @@ diff --git a/src/EDITME b/src/EDITME -index 0bd97f1..ce2b047 100644 +index 4cd3b4d..1b79e71 100644 --- a/src/EDITME +++ b/src/EDITME -@@ -809,6 +809,20 @@ TLS_LIBS=-lssl -lcrypto +@@ -817,6 +817,20 @@ TLS_LIBS=-lssl -lcrypto + # specified in INCLUDE. - #------------------------------------------------------------------------------ ++#------------------------------------------------------------------------------ +# On systems which support dynamic loading of shared libraries, Exim can +# load a local_scan function specified in its config file instead of having +# to be recompiled with the desired local_scan function. For a full @@ -19,15 +20,14 @@ index 0bd97f1..ce2b047 100644 + +LFLAGS=-rdynamic -ldl -pie + -+#------------------------------------------------------------------------------ + #------------------------------------------------------------------------------ # The default distribution of Exim contains only the plain text form of the # documentation. Other forms are available separately. If you want to install - # the documentation in "info" format, first fetch the Texinfo documentation diff --git a/src/config.h.defaults b/src/config.h.defaults -index 4750523..e3943a8 100644 +index ce478d5..6ce0d45 100644 --- a/src/config.h.defaults +++ b/src/config.h.defaults -@@ -31,6 +31,8 @@ Do not put spaces between # and the 'define'. +@@ -32,6 +32,8 @@ Do not put spaces between # and the 'define'. #define AUTH_VARS 3 @@ -37,7 +37,7 @@ index 4750523..e3943a8 100644 #define CONFIGURE_FILE diff --git a/src/globals.c b/src/globals.c -index 5df84bd..74724fd 100644 +index 7d18b38..438c993 100644 --- a/src/globals.c +++ b/src/globals.c @@ -167,6 +167,10 @@ uschar *tls_verify_hosts = NULL; @@ -52,7 +52,7 @@ index 5df84bd..74724fd 100644 /* Per Recipient Data Response variables */ BOOL prdr_enable = FALSE; diff --git a/src/globals.h b/src/globals.h -index 37d4cad..2b313e0 100644 +index da1230b..b9f0155 100644 --- a/src/globals.h +++ b/src/globals.h @@ -126,6 +126,11 @@ extern uschar *tls_try_verify_hosts; /* Optional client verification */ @@ -251,7 +251,7 @@ index 3500047..8599172 100644 + /* End of local_scan.c */ diff --git a/src/readconf.c b/src/readconf.c -index 8d5f38c..73095be 100644 +index cbbef6e..da3421a 100644 --- a/src/readconf.c +++ b/src/readconf.c @@ -195,6 +195,9 @@ static optionlist optionlist_config[] = { diff --git a/exim-4.90.1-greylist-conf.patch b/exim-4.91-greylist-conf.patch similarity index 97% rename from exim-4.90.1-greylist-conf.patch rename to exim-4.91-greylist-conf.patch index 880722f..2d02d75 100644 --- a/exim-4.90.1-greylist-conf.patch +++ b/exim-4.91-greylist-conf.patch @@ -1,5 +1,5 @@ diff --git a/src/configure.default b/src/configure.default -index 72675be..30ffc8c 100644 +index f1260cf..05e9371 100644 --- a/src/configure.default +++ b/src/configure.default @@ -107,6 +107,7 @@ hostlist relay_from_hosts = localhost @@ -72,7 +72,7 @@ index 72675be..30ffc8c 100644 # At this point, the address has passed all the checks that have been # configured, so we accept it unconditionally. -@@ -549,6 +582,12 @@ acl_check_data: +@@ -555,6 +588,12 @@ acl_check_data: # deny condition = ${if !def:h_Message-ID: {1}} # message = RFC2822 says that all mail SHOULD have a Message-ID header.\n\ # Most messages without it are spam, so your mail has been rejected. @@ -85,7 +85,7 @@ index 72675be..30ffc8c 100644 # Deny if the message contains a virus. Before enabling this check, you # must install a virus scanner and set the av_scanner option above. -@@ -583,8 +622,30 @@ acl_check_data: +@@ -589,8 +628,30 @@ acl_check_data: # message = Your message scored $spam_score SpamAssassin point. Report follows:\n\ # $spam_report diff --git a/exim-4.90.1-pamconfig.patch b/exim-4.91-pamconfig.patch similarity index 96% rename from exim-4.90.1-pamconfig.patch rename to exim-4.91-pamconfig.patch index bc8a078..b330a5b 100644 --- a/exim-4.90.1-pamconfig.patch +++ b/exim-4.91-pamconfig.patch @@ -1,5 +1,5 @@ diff --git a/src/configure.default b/src/configure.default -index 1138335..0675b40 100644 +index ae50b15..6966ad3 100644 --- a/src/configure.default +++ b/src/configure.default @@ -142,7 +142,7 @@ acl_smtp_data = acl_check_data @@ -58,7 +58,7 @@ index 1138335..0675b40 100644 # The settings below cause Exim to make RFC 1413 (ident) callbacks # for all incoming SMTP calls. You can limit the hosts to which these -@@ -847,7 +865,7 @@ begin authenticators +@@ -853,7 +871,7 @@ begin authenticators # driver = plaintext # server_set_id = $auth2 # server_prompts = : @@ -67,7 +67,7 @@ index 1138335..0675b40 100644 # server_advertise_condition = ${if def:tls_in_cipher } # LOGIN authentication has traditional prompts and responses. There is no -@@ -859,7 +877,7 @@ begin authenticators +@@ -865,7 +883,7 @@ begin authenticators # driver = plaintext # server_set_id = $auth1 # server_prompts = <| Username: | Password: diff --git a/exim-4.90.1-procmail.patch b/exim-4.91-procmail.patch similarity index 90% rename from exim-4.90.1-procmail.patch rename to exim-4.91-procmail.patch index e172d9d..5c70ae6 100644 --- a/exim-4.90.1-procmail.patch +++ b/exim-4.91-procmail.patch @@ -1,8 +1,8 @@ diff --git a/src/configure.default b/src/configure.default -index 8b4575c..2cce34b 100644 +index dd5bfeb..7d26076 100644 --- a/src/configure.default +++ b/src/configure.default -@@ -735,6 +735,12 @@ userforward: +@@ -741,6 +741,12 @@ userforward: pipe_transport = address_pipe reply_transport = address_reply @@ -15,7 +15,7 @@ index 8b4575c..2cce34b 100644 # This router matches local user mailboxes. If the router fails, the error # message is "Unknown user". -@@ -776,6 +782,16 @@ remote_smtp: +@@ -782,6 +788,16 @@ remote_smtp: driver = smtp message_size_limit = ${if > {$max_received_linelength}{998} {1}{0}} diff --git a/exim-4.90.1-rhl.patch b/exim-4.91-rhl.patch similarity index 84% rename from exim-4.90.1-rhl.patch rename to exim-4.91-rhl.patch index 879c640..7cdfba8 100644 --- a/exim-4.90.1-rhl.patch +++ b/exim-4.91-rhl.patch @@ -1,8 +1,8 @@ diff --git a/src/configure.default b/src/configure.default -index 1dc9b91..562d0be 100644 +index 79bbc8c..78e44d2 100644 --- a/src/configure.default +++ b/src/configure.default -@@ -633,7 +633,7 @@ system_aliases: +@@ -639,7 +639,7 @@ system_aliases: driver = redirect allow_fail allow_defer @@ -11,7 +11,7 @@ index 1dc9b91..562d0be 100644 # user = exim file_transport = address_file pipe_transport = address_pipe -@@ -734,8 +734,8 @@ local_delivery: +@@ -740,8 +740,8 @@ local_delivery: delivery_date_add envelope_to_add return_path_add diff --git a/exim-4.90.1-smarthost-config.patch b/exim-4.91-smarthost-config.patch similarity index 92% rename from exim-4.90.1-smarthost-config.patch rename to exim-4.91-smarthost-config.patch index b8bce18..ba1dad8 100644 --- a/exim-4.90.1-smarthost-config.patch +++ b/exim-4.91-smarthost-config.patch @@ -1,8 +1,8 @@ diff --git a/src/configure.default b/src/configure.default -index 30ffc8c..b955c6e 100644 +index 05e9371..5e61818 100644 --- a/src/configure.default +++ b/src/configure.default -@@ -843,6 +843,15 @@ remote_smtp: +@@ -849,6 +849,15 @@ remote_smtp: driver = smtp message_size_limit = ${if > {$max_received_linelength}{998} {1}{0}} @@ -18,7 +18,7 @@ index 30ffc8c..b955c6e 100644 # This transport invokes procmail to deliver mail procmail: driver = pipe -@@ -951,6 +960,21 @@ begin rewrite +@@ -957,6 +966,21 @@ begin rewrite # AUTHENTICATION CONFIGURATION # ###################################################################### @@ -40,7 +40,7 @@ index 30ffc8c..b955c6e 100644 # The following authenticators support plaintext username/password # authentication using the standard PLAIN mechanism and the traditional # but non-standard LOGIN mechanism, with Exim acting as the server. -@@ -966,7 +990,7 @@ begin rewrite +@@ -972,7 +996,7 @@ begin rewrite # The default RCPT ACL checks for successful authentication, and will accept # messages from authenticated users from anywhere on the Internet. diff --git a/exim-4.90.1-spamdconf.patch b/exim-4.91-spamdconf.patch similarity index 95% rename from exim-4.90.1-spamdconf.patch rename to exim-4.91-spamdconf.patch index 5f8816a..3edc425 100644 --- a/exim-4.90.1-spamdconf.patch +++ b/exim-4.91-spamdconf.patch @@ -1,5 +1,5 @@ diff --git a/src/configure.default b/src/configure.default -index 0675b40..8b4575c 100644 +index 6966ad3..dd5bfeb 100644 --- a/src/configure.default +++ b/src/configure.default @@ -109,6 +109,7 @@ hostlist relay_from_hosts = localhost @@ -29,9 +29,9 @@ index 0675b40..8b4575c 100644 require verify = sender -@@ -538,27 +540,63 @@ acl_check_data: - got $max_received_linelength - condition = ${if > {$max_received_linelength}{998}} +@@ -544,27 +546,63 @@ acl_check_data: + message = header syntax + log_message = header syntax ($acl_verify_message) + # Put simple tests first. A good one is to check for the presence of a + # Message-Id: header, which RFC2822 says SHOULD be present. Some broken diff --git a/exim.spec b/exim.spec index b2031d8..595ef74 100644 --- a/exim.spec +++ b/exim.spec @@ -13,8 +13,8 @@ Summary: The exim mail transfer agent Name: exim -Version: 4.90.1 -Release: 4%{?dist} +Version: 4.91 +Release: 1%{?dist} License: GPLv2+ Url: http://www.exim.org/ Group: System Environment/Daemons @@ -46,24 +46,22 @@ Source24: exim.service Source25: exim-gen-cert Source26: clamd.exim.service -Patch4: exim-4.90.1-rhl.patch -Patch6: exim-4.90.1-config.patch +Patch4: exim-4.91-rhl.patch +Patch6: exim-4.91-config.patch Patch8: exim-4.82-libdir.patch -Patch12: exim-4.90.1-cyrus.patch -Patch13: exim-4.90.1-pamconfig.patch -Patch14: exim-4.90.1-spamdconf.patch -Patch18: exim-4.90.1-dlopen-localscan.patch -Patch19: exim-4.90.1-procmail.patch -Patch20: exim-4.90.1-allow-filter.patch +Patch12: exim-4.91-cyrus.patch +Patch13: exim-4.91-pamconfig.patch +Patch14: exim-4.91-spamdconf.patch +Patch18: exim-4.91-dlopen-localscan.patch +Patch19: exim-4.91-procmail.patch +Patch20: exim-4.91-allow-filter.patch Patch21: exim-4.87-localhost-is-local.patch -Patch22: exim-4.90.1-greylist-conf.patch -Patch23: exim-4.90.1-smarthost-config.patch +Patch22: exim-4.91-greylist-conf.patch +Patch23: exim-4.91-smarthost-config.patch Patch26: exim-4.85-pic.patch Patch27: exim-4.90.1-environment.patch # Workaround for NIS removal from glibc, bug 1534920 Patch33: exim-4.90.1-nsl-fix.patch -# Backported from upstream -Patch34: exim-4.90.1-dec64table-read-fix.patch Requires: /etc/pki/tls/certs /etc/pki/tls/private Requires: /etc/aliases @@ -213,7 +211,6 @@ greylisting unconditional. %patch26 -p1 -b .fpic %patch27 -p1 -b .environment %patch33 -p1 -b .nsl-fix -%patch34 -p1 -b .dec64table-read-fix cp src/EDITME Local/Makefile sed -i 's@^# LOOKUP_MODULE_DIR=.*@LOOKUP_MODULE_DIR=%{_libdir}/exim/%{version}-%{release}/lookups@' Local/Makefile @@ -591,6 +588,12 @@ test "$1" = 0 || %{_initrddir}/clamd.exim condrestart >/dev/null 2>&1 || : %{_sysconfdir}/cron.daily/greylist-tidy.sh %changelog +* Thu Apr 19 2018 Jaroslav Škarvada - 4.91-1 +- New version + Resolves: rhbz#1567670 +- Dropped dec64table-read-fix patch (already upstream) +- De-fuzzified patches + * Wed Mar 14 2018 Jaroslav Škarvada - 4.90.1-4 - Fixed dec64table OOB read in b64decode - De-fuzzified nsl-fix patch diff --git a/sources b/sources index 0995d54..8490f67 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (exim-4.90.1.tar.xz) = b4830a2e03023b2bafc9e62535f467bb61b0f1398b6b3af0a7ef6f49e6cba60a9496e6762d0898b7ac1c2823db8cf96ed9f37e26b05809b4ba01725d9e72b806 +SHA512 (exim-4.91.tar.xz) = 35b34dda8dd0f27c0429e6eb8409756ecd3cf9e535bac421d696b1560db0ff3bf4cd0e4a00bc0b7e32137d31bb5de20776c7c1830ec125aa36b5c4376b0c71a2 From 7e5e4e2f571147897a0e596114bf7b09d6b8fb94 Mon Sep 17 00:00:00 2001 From: Jitka Plesnikova Date: Wed, 27 Jun 2018 21:08:43 +0200 Subject: [PATCH 175/194] Perl 5.28 rebuild --- exim.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/exim.spec b/exim.spec index 595ef74..6ff8901 100644 --- a/exim.spec +++ b/exim.spec @@ -14,7 +14,7 @@ Summary: The exim mail transfer agent Name: exim Version: 4.91 -Release: 1%{?dist} +Release: 2%{?dist} License: GPLv2+ Url: http://www.exim.org/ Group: System Environment/Daemons @@ -588,6 +588,9 @@ test "$1" = 0 || %{_initrddir}/clamd.exim condrestart >/dev/null 2>&1 || : %{_sysconfdir}/cron.daily/greylist-tidy.sh %changelog +* Wed Jun 27 2018 Jitka Plesnikova - 4.91-2 +- Perl 5.28 rebuild + * Thu Apr 19 2018 Jaroslav Škarvada - 4.91-1 - New version Resolves: rhbz#1567670 From 0578e3d655a074a82d24bb844546402952bd46f2 Mon Sep 17 00:00:00 2001 From: Jason Tibbitts Date: Tue, 10 Jul 2018 00:47:45 -0500 Subject: [PATCH 176/194] Remove needless use of %defattr --- exim.spec | 8 -------- 1 file changed, 8 deletions(-) diff --git a/exim.spec b/exim.spec index 6ff8901..97dfa19 100644 --- a/exim.spec +++ b/exim.spec @@ -435,7 +435,6 @@ if [ ! -r %{_var}/spool/exim/db/greylist.db ]; then fi %files -%defattr(-,root,root) %attr(4755,root,root) %{_sbindir}/exim %{_sbindir}/exim_dumpdb %{_sbindir}/exim_fixdb @@ -501,20 +500,16 @@ fi %if 0%{?fedora} < 23 %files sysvinit -%defattr(-,root,root,-) %{_initrddir}/exim %endif %files mysql -%defattr(-,root,root,-) %{_libdir}/exim/%{version}-%{release}/lookups/mysql.so %files pgsql -%defattr(-,root,root,-) %{_libdir}/exim/%{version}-%{release}/lookups/pgsql.so %files mon -%defattr(-,root,root) %{_sbindir}/eximon %{_sbindir}/eximon.bin @@ -563,7 +558,6 @@ test "$1" = 0 || %{_initrddir}/clamd.exim condrestart >/dev/null 2>&1 || : %endif %files clamav -%defattr(-,root,root,-) %{_sbindir}/clamd.exim %{_unitdir}/clamd.exim.service %config(noreplace) %verify(not mtime) %{_sysconfdir}/clamd.d/exim.conf @@ -575,13 +569,11 @@ test "$1" = 0 || %{_initrddir}/clamd.exim condrestart >/dev/null 2>&1 || : %if 0%{?fedora} < 23 %files clamav-sysvinit -%defattr(-,root,root,-) %attr(0755,root,root) %config %{_initrddir}/clamd.exim %endif %endif %files greylist -%defattr(-,root,root,-) %config %{_sysconfdir}/exim/exim-greylist.conf.inc %ghost %{_var}/spool/exim/db/greylist.db %{_sysconfdir}/exim/mk-greylist-db.sql From 4743665123be73e34f2460c3dd6901f8eaffd765 Mon Sep 17 00:00:00 2001 From: Fedora Release Engineering Date: Fri, 13 Jul 2018 00:14:40 +0000 Subject: [PATCH 177/194] - Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild Signed-off-by: Fedora Release Engineering --- exim.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/exim.spec b/exim.spec index 97dfa19..edd2ca9 100644 --- a/exim.spec +++ b/exim.spec @@ -14,7 +14,7 @@ Summary: The exim mail transfer agent Name: exim Version: 4.91 -Release: 2%{?dist} +Release: 3%{?dist} License: GPLv2+ Url: http://www.exim.org/ Group: System Environment/Daemons @@ -580,6 +580,9 @@ test "$1" = 0 || %{_initrddir}/clamd.exim condrestart >/dev/null 2>&1 || : %{_sysconfdir}/cron.daily/greylist-tidy.sh %changelog +* Fri Jul 13 2018 Fedora Release Engineering - 4.91-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild + * Wed Jun 27 2018 Jitka Plesnikova - 4.91-2 - Perl 5.28 rebuild From 7a1683fb838ba86f0deb2a110b6b42891e9604e2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jaroslav=20=C5=A0karvada?= Date: Fri, 20 Jul 2018 15:39:41 +0200 Subject: [PATCH 178/194] Fixed FTBFS by adding gcc requirement --- exim.spec | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/exim.spec b/exim.spec index edd2ca9..74c2d84 100644 --- a/exim.spec +++ b/exim.spec @@ -14,7 +14,7 @@ Summary: The exim mail transfer agent Name: exim Version: 4.91 -Release: 3%{?dist} +Release: 4%{?dist} License: GPLv2+ Url: http://www.exim.org/ Group: System Environment/Daemons @@ -66,7 +66,7 @@ Patch33: exim-4.90.1-nsl-fix.patch Requires: /etc/pki/tls/certs /etc/pki/tls/private Requires: /etc/aliases Requires: perl(:MODULE_COMPAT_%(eval "`%{__perl} -V:version`"; echo $version)) -BuildRequires: libdb-devel openssl-devel openldap-devel pam-devel +BuildRequires: gcc libdb-devel openssl-devel openldap-devel pam-devel BuildRequires: pcre-devel sqlite-devel cyrus-sasl-devel BuildRequires: openldap-devel openssl-devel mariadb-connector-c-devel postgresql-devel BuildRequires: libXaw-devel libXmu-devel libXext-devel libX11-devel libSM-devel @@ -580,6 +580,9 @@ test "$1" = 0 || %{_initrddir}/clamd.exim condrestart >/dev/null 2>&1 || : %{_sysconfdir}/cron.daily/greylist-tidy.sh %changelog +* Fri Jul 20 2018 Jaroslav Škarvada - 4.91-4 +- Fixed FTBFS by adding gcc requirement + * Fri Jul 13 2018 Fedora Release Engineering - 4.91-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild From 266f71092f6af5342282f4c1f25d235b6c6a0d12 Mon Sep 17 00:00:00 2001 From: Pavel Raiskup Date: Wed, 5 Sep 2018 15:10:09 +0200 Subject: [PATCH 179/194] BuildRequires: s/postgresql-devel/libpq-devel/ That's because we moved libpq.so.5 into libpq package. Related: rhbz#1618698, rhbz#1623764 --- exim.spec | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/exim.spec b/exim.spec index 74c2d84..162df9b 100644 --- a/exim.spec +++ b/exim.spec @@ -68,7 +68,7 @@ Requires: /etc/aliases Requires: perl(:MODULE_COMPAT_%(eval "`%{__perl} -V:version`"; echo $version)) BuildRequires: gcc libdb-devel openssl-devel openldap-devel pam-devel BuildRequires: pcre-devel sqlite-devel cyrus-sasl-devel -BuildRequires: openldap-devel openssl-devel mariadb-connector-c-devel postgresql-devel +BuildRequires: openldap-devel openssl-devel mariadb-connector-c-devel libpq-devel BuildRequires: libXaw-devel libXmu-devel libXext-devel libX11-devel libSM-devel BuildRequires: perl-devel BuildRequires: perl-generators From 16cad6146802aa244c4c0b293ce087df962cf438 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bj=C3=B6rn=20Esser?= Date: Mon, 14 Jan 2019 19:01:24 +0100 Subject: [PATCH 180/194] Rebuilt for libcrypt.so.2 (#1666033) --- exim.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/exim.spec b/exim.spec index 162df9b..526ce73 100644 --- a/exim.spec +++ b/exim.spec @@ -14,7 +14,7 @@ Summary: The exim mail transfer agent Name: exim Version: 4.91 -Release: 4%{?dist} +Release: 5%{?dist} License: GPLv2+ Url: http://www.exim.org/ Group: System Environment/Daemons @@ -580,6 +580,9 @@ test "$1" = 0 || %{_initrddir}/clamd.exim condrestart >/dev/null 2>&1 || : %{_sysconfdir}/cron.daily/greylist-tidy.sh %changelog +* Mon Jan 14 2019 Björn Esser - 4.91-5 +- Rebuilt for libcrypt.so.2 (#1666033) + * Fri Jul 20 2018 Jaroslav Škarvada - 4.91-4 - Fixed FTBFS by adding gcc requirement From ef83ce7fd6c0fa9a1048bdae161ffd02a7f520bb Mon Sep 17 00:00:00 2001 From: Igor Gnatenko Date: Mon, 28 Jan 2019 20:17:43 +0100 Subject: [PATCH 181/194] Remove obsolete Group tag References: https://fedoraproject.org/wiki/Changes/Remove_Group_Tag --- exim.spec | 8 -------- 1 file changed, 8 deletions(-) diff --git a/exim.spec b/exim.spec index 526ce73..a5462ae 100644 --- a/exim.spec +++ b/exim.spec @@ -17,7 +17,6 @@ Version: 4.91 Release: 5%{?dist} License: GPLv2+ Url: http://www.exim.org/ -Group: System Environment/Daemons Buildroot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) Provides: MTA smtpd smtpdaemon server(smtp) Requires(post): /sbin/chkconfig /sbin/service /sbin/restorecon %{_sbindir}/alternatives systemd systemd-sysv @@ -91,7 +90,6 @@ configuration of exim is quite different to that of sendmail. %if 0%{?fedora} < 23 %package sysvinit Summary: SysV initscript for Exim -Group: System Environment/Daemons BuildArch: noarch Requires: %{name} = %{version}-%{release} Requires(preun): chkconfig @@ -103,7 +101,6 @@ This package contains the SysV initscript for Exim. %package mysql Summary: MySQL lookup support for Exim -Group: System Environment/Daemons Requires: exim = %{version}-%{release} %description mysql @@ -111,7 +108,6 @@ This package contains the MySQL lookup module for Exim %package pgsql Summary: PostgreSQL lookup support for Exim -Group: System Environment/Daemons Requires: exim = %{version}-%{release} %description pgsql @@ -119,7 +115,6 @@ This package contains the PostgreSQL lookup module for Exim %package mon Summary: X11 monitor application for Exim -Group: Applications/System %description mon The Exim Monitor is an optional supplement to the Exim package. It @@ -130,7 +125,6 @@ interface. %if %{with clamav} %package clamav Summary: Clam Antivirus scanner dæmon configuration for use with Exim -Group: System Environment/Daemons Requires: clamav-server exim Obsoletes: clamav-exim <= 0.86.2 Requires(post): /sbin/chkconfig /sbin/service @@ -156,7 +150,6 @@ http://www.exim.org/exim-html-%{version}/doc/html/spec_html/ch41.html %if 0%{?fedora} < 23 %package clamav-sysvinit Summary: SysV initscript for Clam Antivirus scanner for Exim -Group: System Environment/Daemons BuildArch: noarch Requires: exim-clamav = %{version}-%{release} Requires(preun): chkconfig @@ -169,7 +162,6 @@ This package contains the SysV initscript. %package greylist Summary: Example configuration for greylisting using Exim -Group: System Environment/Daemons Requires: sqlite exim Requires: crontabs From 9267566171675d686aca69a6b94e9e0bc654ed2a Mon Sep 17 00:00:00 2001 From: Igor Gnatenko Date: Tue, 29 Jan 2019 05:34:59 +0100 Subject: [PATCH 182/194] Remove obsolete BuildRoot tag Signed-off-by: Igor Gnatenko --- exim.spec | 1 - 1 file changed, 1 deletion(-) diff --git a/exim.spec b/exim.spec index a5462ae..69296e8 100644 --- a/exim.spec +++ b/exim.spec @@ -17,7 +17,6 @@ Version: 4.91 Release: 5%{?dist} License: GPLv2+ Url: http://www.exim.org/ -Buildroot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) Provides: MTA smtpd smtpdaemon server(smtp) Requires(post): /sbin/chkconfig /sbin/service /sbin/restorecon %{_sbindir}/alternatives systemd systemd-sysv Requires(preun): %{_sbindir}/alternatives systemd From 5b8c786aa63c7f7f64f8e8cf8085d1dfd605bd25 Mon Sep 17 00:00:00 2001 From: Fedora Release Engineering Date: Thu, 31 Jan 2019 19:13:11 +0000 Subject: [PATCH 183/194] - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild Signed-off-by: Fedora Release Engineering --- exim.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/exim.spec b/exim.spec index 69296e8..444fb3d 100644 --- a/exim.spec +++ b/exim.spec @@ -14,7 +14,7 @@ Summary: The exim mail transfer agent Name: exim Version: 4.91 -Release: 5%{?dist} +Release: 6%{?dist} License: GPLv2+ Url: http://www.exim.org/ Provides: MTA smtpd smtpdaemon server(smtp) @@ -571,6 +571,9 @@ test "$1" = 0 || %{_initrddir}/clamd.exim condrestart >/dev/null 2>&1 || : %{_sysconfdir}/cron.daily/greylist-tidy.sh %changelog +* Thu Jan 31 2019 Fedora Release Engineering - 4.91-6 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild + * Mon Jan 14 2019 Björn Esser - 4.91-5 - Rebuilt for libcrypt.so.2 (#1666033) From 64667ef5f3f087a139e0660ccca3e54a74226125 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jaroslav=20=C5=A0karvada?= Date: Mon, 11 Feb 2019 21:15:08 +0100 Subject: [PATCH 184/194] New version Resolves: rhbz#1674282 --- ...lter.patch => exim-4.92-allow-filter.patch | 4 +-- ....91-config.patch => exim-4.92-config.patch | 34 +++++++++--------- ...-4.91-cyrus.patch => exim-4.92-cyrus.patch | 4 +-- ....patch => exim-4.92-dlopen-localscan.patch | 27 +++++++------- ...nment.patch => exim-4.92-environment.patch | 4 +-- ...onf.patch => exim-4.92-greylist-conf.patch | 34 +++++++++--------- ...atch => exim-4.92-localhost-is-local.patch | 4 +-- ...mconfig.patch => exim-4.92-pamconfig.patch | 18 +++++----- ...procmail.patch => exim-4.92-procmail.patch | 14 ++++---- exim-4.91-rhl.patch => exim-4.92-rhl.patch | 6 ++-- ....patch => exim-4.92-smarthost-config.patch | 12 +++---- ...amdconf.patch => exim-4.92-spamdconf.patch | 36 ++++++++++--------- exim.spec | 32 +++++++++-------- sources | 2 +- 14 files changed, 120 insertions(+), 111 deletions(-) rename exim-4.91-allow-filter.patch => exim-4.92-allow-filter.patch (81%) rename exim-4.91-config.patch => exim-4.92-config.patch (92%) rename exim-4.91-cyrus.patch => exim-4.92-cyrus.patch (90%) rename exim-4.91-dlopen-localscan.patch => exim-4.92-dlopen-localscan.patch (93%) rename exim-4.90.1-environment.patch => exim-4.92-environment.patch (82%) rename exim-4.91-greylist-conf.patch => exim-4.92-greylist-conf.patch (84%) rename exim-4.87-localhost-is-local.patch => exim-4.92-localhost-is-local.patch (90%) rename exim-4.91-pamconfig.patch => exim-4.92-pamconfig.patch (84%) rename exim-4.91-procmail.patch => exim-4.92-procmail.patch (67%) rename exim-4.91-rhl.patch => exim-4.92-rhl.patch (84%) rename exim-4.91-smarthost-config.patch => exim-4.92-smarthost-config.patch (87%) rename exim-4.91-spamdconf.patch => exim-4.92-spamdconf.patch (83%) diff --git a/exim-4.91-allow-filter.patch b/exim-4.92-allow-filter.patch similarity index 81% rename from exim-4.91-allow-filter.patch rename to exim-4.92-allow-filter.patch index 127da02..d5b5664 100644 --- a/exim-4.91-allow-filter.patch +++ b/exim-4.92-allow-filter.patch @@ -1,8 +1,8 @@ diff --git a/src/configure.default b/src/configure.default -index 7d26076..ce3b3b0 100644 +index cef3779..09f0b36 100644 --- a/src/configure.default +++ b/src/configure.default -@@ -733,7 +733,7 @@ userforward: +@@ -810,7 +810,7 @@ userforward: # local_part_suffix = +* : -* # local_part_suffix_optional file = $home/.forward diff --git a/exim-4.91-config.patch b/exim-4.92-config.patch similarity index 92% rename from exim-4.91-config.patch rename to exim-4.92-config.patch index bd770f5..83d09e8 100644 --- a/exim-4.91-config.patch +++ b/exim-4.92-config.patch @@ -12,7 +12,7 @@ index 7e0bf38..c97ccec 100755 echo "" >>$mft cat $mftt >> $mft diff --git a/src/EDITME b/src/EDITME -index bd5151d..4cd3b4d 100644 +index cbb0805..a42cd6f 100644 --- a/src/EDITME +++ b/src/EDITME @@ -98,7 +98,7 @@ @@ -116,7 +116,7 @@ index bd5151d..4cd3b4d 100644 # If you have content scanning you may wish to only include some of the scanner # interfaces. Uncomment any of these lines to remove that code. -@@ -590,7 +592,7 @@ FIXED_NEVER_USERS=root +@@ -595,7 +597,7 @@ FIXED_NEVER_USERS=root # CONFIGURE_OWNER setting, to specify a configuration file which is listed in # the TRUSTED_CONFIG_LIST file, then root privileges are not dropped by Exim. @@ -125,7 +125,7 @@ index bd5151d..4cd3b4d 100644 #------------------------------------------------------------------------------ -@@ -635,17 +637,14 @@ FIXED_NEVER_USERS=root +@@ -640,17 +642,14 @@ FIXED_NEVER_USERS=root # included in the Exim binary. You will then need to set up the run time # configuration to make use of the mechanism(s) selected. @@ -151,7 +151,7 @@ index bd5151d..4cd3b4d 100644 # Heimdal through 1.5 required pkg-config 'heimdal-gssapi'; Heimdal 7.1 # requires multiple pkg-config files to work with Exim, so the second example -@@ -669,7 +668,7 @@ FIXED_NEVER_USERS=root +@@ -674,7 +673,7 @@ FIXED_NEVER_USERS=root # one that is set in the headers_charset option. The default setting is # defined by this setting: @@ -160,7 +160,7 @@ index bd5151d..4cd3b4d 100644 # If you are going to make use of $header_xxx expansions in your configuration # file, or if your users are going to use them in filter files, and the normal -@@ -689,7 +688,7 @@ HEADERS_CHARSET="ISO-8859-1" +@@ -694,7 +693,7 @@ HEADERS_CHARSET="ISO-8859-1" # the Sieve filter support. For those OS where iconv() is known to be installed # as standard, the file in OS/Makefile-xxxx contains # @@ -169,7 +169,7 @@ index bd5151d..4cd3b4d 100644 # # If you are not using one of those systems, but have installed iconv(), you # need to uncomment that line above. In some cases, you may find that iconv() -@@ -758,11 +757,11 @@ HEADERS_CHARSET="ISO-8859-1" +@@ -763,11 +762,11 @@ HEADERS_CHARSET="ISO-8859-1" # leave these settings commented out. # This setting is required for any TLS support (either OpenSSL or GnuTLS) @@ -184,7 +184,7 @@ index bd5151d..4cd3b4d 100644 # Uncomment the first and either the second or the third of these if you # are using GnuTLS. If you have pkg-config, then the second, else the third. -@@ -834,7 +833,7 @@ HEADERS_CHARSET="ISO-8859-1" +@@ -839,7 +838,7 @@ HEADERS_CHARSET="ISO-8859-1" # Once you have done this, "make install" will build the info files and # install them in the directory you have defined. @@ -193,7 +193,7 @@ index bd5151d..4cd3b4d 100644 #------------------------------------------------------------------------------ -@@ -847,7 +846,7 @@ HEADERS_CHARSET="ISO-8859-1" +@@ -852,7 +851,7 @@ HEADERS_CHARSET="ISO-8859-1" # %s. This will be replaced by one of the strings "main", "panic", or "reject" # to form the final file names. Some installations may want something like this: @@ -202,7 +202,7 @@ index bd5151d..4cd3b4d 100644 # which results in files with names /var/log/exim_mainlog, etc. The directory # in which the log files are placed must exist; Exim does not try to create -@@ -919,7 +918,7 @@ ZCAT_COMMAND=/usr/bin/zcat +@@ -924,7 +923,7 @@ ZCAT_COMMAND=/usr/bin/zcat # (version 5.004 or later) installed, set EXIM_PERL to perl.o. Using embedded # Perl costs quite a lot of resources. Only do this if you really need it. @@ -211,7 +211,7 @@ index bd5151d..4cd3b4d 100644 #------------------------------------------------------------------------------ -@@ -929,7 +928,7 @@ ZCAT_COMMAND=/usr/bin/zcat +@@ -934,7 +933,7 @@ ZCAT_COMMAND=/usr/bin/zcat # that the local_scan API is made available by the linker. You may also need # to add -ldl to EXTRALIBS so that dlopen() is available to Exim. @@ -220,7 +220,7 @@ index bd5151d..4cd3b4d 100644 #------------------------------------------------------------------------------ -@@ -939,7 +938,7 @@ ZCAT_COMMAND=/usr/bin/zcat +@@ -944,7 +943,7 @@ ZCAT_COMMAND=/usr/bin/zcat # support, which is intended for use in conjunction with the SMTP AUTH # facilities, is included only when requested by the following setting: @@ -229,7 +229,7 @@ index bd5151d..4cd3b4d 100644 # You probably need to add -lpam to EXTRALIBS, and in some releases of # GNU/Linux -ldl is also needed. -@@ -1047,7 +1046,7 @@ ZCAT_COMMAND=/usr/bin/zcat +@@ -1052,7 +1051,7 @@ ZCAT_COMMAND=/usr/bin/zcat # group. Once you have installed saslauthd, you should arrange for it to be # started by root at boot time. @@ -238,7 +238,7 @@ index bd5151d..4cd3b4d 100644 #------------------------------------------------------------------------------ -@@ -1061,8 +1060,8 @@ ZCAT_COMMAND=/usr/bin/zcat +@@ -1066,8 +1065,8 @@ ZCAT_COMMAND=/usr/bin/zcat # library for TCP wrappers, so you probably need something like this: # # USE_TCP_WRAPPERS=yes @@ -249,7 +249,7 @@ index bd5151d..4cd3b4d 100644 # # but of course there may need to be other things in CFLAGS and EXTRALIBS_EXIM # as well. -@@ -1114,7 +1113,7 @@ SYSTEM_ALIASES_FILE=/etc/aliases +@@ -1119,7 +1118,7 @@ SYSTEM_ALIASES_FILE=/etc/aliases # is "yes", as well as supporting line editing, a history of input lines in the # current run is maintained. @@ -258,7 +258,7 @@ index bd5151d..4cd3b4d 100644 # You may need to add -ldl to EXTRALIBS when you set USE_READLINE=yes. # Note that this option adds to the size of the Exim binary, because the -@@ -1131,7 +1130,7 @@ SYSTEM_ALIASES_FILE=/etc/aliases +@@ -1136,7 +1135,7 @@ SYSTEM_ALIASES_FILE=/etc/aliases #------------------------------------------------------------------------------ # Uncomment this setting to include IPv6 support. @@ -267,7 +267,7 @@ index bd5151d..4cd3b4d 100644 ############################################################################### # THINGS YOU ALMOST NEVER NEED TO MENTION # -@@ -1152,13 +1151,13 @@ SYSTEM_ALIASES_FILE=/etc/aliases +@@ -1157,13 +1156,13 @@ SYSTEM_ALIASES_FILE=/etc/aliases # haven't got Perl, Exim will still build and run; you just won't be able to # use those utilities. @@ -288,7 +288,7 @@ index bd5151d..4cd3b4d 100644 #------------------------------------------------------------------------------ -@@ -1360,7 +1359,7 @@ EXIM_TMPDIR="/tmp" +@@ -1365,7 +1364,7 @@ EXIM_TMPDIR="/tmp" # (process id) to a file so that it can easily be identified. The path of the # file can be specified here. Some installations may want something like this: diff --git a/exim-4.91-cyrus.patch b/exim-4.92-cyrus.patch similarity index 90% rename from exim-4.91-cyrus.patch rename to exim-4.92-cyrus.patch index 1782180..f8e2984 100644 --- a/exim-4.91-cyrus.patch +++ b/exim-4.92-cyrus.patch @@ -1,8 +1,8 @@ diff --git a/src/configure.default b/src/configure.default -index 78e44d2..ae50b15 100644 +index 69e0ed1..6db4947 100644 --- a/src/configure.default +++ b/src/configure.default -@@ -774,6 +774,16 @@ address_reply: +@@ -901,6 +901,16 @@ address_reply: driver = autoreply diff --git a/exim-4.91-dlopen-localscan.patch b/exim-4.92-dlopen-localscan.patch similarity index 93% rename from exim-4.91-dlopen-localscan.patch rename to exim-4.92-dlopen-localscan.patch index c8db483..3c2f00c 100644 --- a/exim-4.91-dlopen-localscan.patch +++ b/exim-4.92-dlopen-localscan.patch @@ -1,8 +1,8 @@ diff --git a/src/EDITME b/src/EDITME -index 4cd3b4d..1b79e71 100644 +index a42cd6f..0acd673 100644 --- a/src/EDITME +++ b/src/EDITME -@@ -817,6 +817,20 @@ TLS_LIBS=-lssl -lcrypto +@@ -822,6 +822,20 @@ TLS_LIBS=-lssl -lcrypto # specified in INCLUDE. @@ -24,7 +24,7 @@ index 4cd3b4d..1b79e71 100644 # The default distribution of Exim contains only the plain text form of the # documentation. Other forms are available separately. If you want to install diff --git a/src/config.h.defaults b/src/config.h.defaults -index ce478d5..6ce0d45 100644 +index 7c2e534..3fafe61 100644 --- a/src/config.h.defaults +++ b/src/config.h.defaults @@ -32,6 +32,8 @@ Do not put spaces between # and the 'define'. @@ -37,10 +37,10 @@ index ce478d5..6ce0d45 100644 #define CONFIGURE_FILE diff --git a/src/globals.c b/src/globals.c -index 7d18b38..438c993 100644 +index b3362a3..0884fe5 100644 --- a/src/globals.c +++ b/src/globals.c -@@ -167,6 +167,10 @@ uschar *tls_verify_hosts = NULL; +@@ -173,6 +173,10 @@ uschar *tls_verify_hosts = NULL; uschar *tls_advertise_hosts = NULL; #endif @@ -52,10 +52,10 @@ index 7d18b38..438c993 100644 /* Per Recipient Data Response variables */ BOOL prdr_enable = FALSE; diff --git a/src/globals.h b/src/globals.h -index da1230b..b9f0155 100644 +index f71f104..3faf176 100644 --- a/src/globals.h +++ b/src/globals.h -@@ -126,6 +126,11 @@ extern uschar *tls_try_verify_hosts; /* Optional client verification */ +@@ -131,6 +131,11 @@ extern uschar *tls_try_verify_hosts; /* Optional client verification */ extern uschar *tls_verify_certificates;/* Path for certificates to check */ extern uschar *tls_verify_hosts; /* Mandatory client verification */ #endif @@ -68,10 +68,10 @@ index da1230b..b9f0155 100644 extern uschar *dsn_envid; /* DSN envid string */ diff --git a/src/local_scan.c b/src/local_scan.c -index 3500047..8599172 100644 +index 4dd0b2b..8599172 100644 --- a/src/local_scan.c +++ b/src/local_scan.c -@@ -5,60 +5,131 @@ +@@ -5,61 +5,131 @@ /* Copyright (c) University of Cambridge 1995 - 2009 */ /* See the file NOTICE for conditions of use and distribution. */ @@ -83,6 +83,7 @@ index 3500047..8599172 100644 -Local/local_scan.c, and edit the copy. To use your version instead of the -default, you must set - +-HAVE_LOCAL_SCAN=yes -LOCAL_SCAN_SOURCE=Local/local_scan.c - -in your Local/Makefile. This makes it easy to copy your version for use with @@ -251,16 +252,16 @@ index 3500047..8599172 100644 + /* End of local_scan.c */ diff --git a/src/readconf.c b/src/readconf.c -index cbbef6e..da3421a 100644 +index 5742d10..3f1d9c1 100644 --- a/src/readconf.c +++ b/src/readconf.c -@@ -195,6 +195,9 @@ static optionlist optionlist_config[] = { +@@ -199,6 +199,9 @@ static optionlist optionlist_config[] = { { "local_from_prefix", opt_stringptr, &local_from_prefix }, { "local_from_suffix", opt_stringptr, &local_from_suffix }, { "local_interfaces", opt_stringptr, &local_interfaces }, +#ifdef DLOPEN_LOCAL_SCAN + { "local_scan_path", opt_stringptr, &local_scan_path }, +#endif + #ifdef HAVE_LOCAL_SCAN { "local_scan_timeout", opt_time, &local_scan_timeout }, - { "local_sender_retain", opt_bool, &local_sender_retain }, - { "localhost_number", opt_stringptr, &host_number_string }, + #endif diff --git a/exim-4.90.1-environment.patch b/exim-4.92-environment.patch similarity index 82% rename from exim-4.90.1-environment.patch rename to exim-4.92-environment.patch index aae43f6..831a4e7 100644 --- a/exim-4.90.1-environment.patch +++ b/exim-4.92-environment.patch @@ -1,8 +1,8 @@ diff --git a/src/configure.default b/src/configure.default -index b955c6e..590c664 100644 +index 241a961..1403d4a 100644 --- a/src/configure.default +++ b/src/configure.default -@@ -360,8 +360,8 @@ timeout_frozen_after = 7d +@@ -384,8 +384,8 @@ timeout_frozen_after = 7d # Note that TZ is handled separately by the timezone runtime option # and TIMEZONE_DEFAULT buildtime option. diff --git a/exim-4.91-greylist-conf.patch b/exim-4.92-greylist-conf.patch similarity index 84% rename from exim-4.91-greylist-conf.patch rename to exim-4.92-greylist-conf.patch index 2d02d75..f9bfb4f 100644 --- a/exim-4.91-greylist-conf.patch +++ b/exim-4.92-greylist-conf.patch @@ -1,16 +1,16 @@ diff --git a/src/configure.default b/src/configure.default -index f1260cf..05e9371 100644 +index 9242bac..439287a 100644 --- a/src/configure.default +++ b/src/configure.default -@@ -107,6 +107,7 @@ hostlist relay_from_hosts = localhost +@@ -119,6 +119,7 @@ hostlist relay_from_hosts = localhost # manual for details. The lists above are used in the access control lists for # checking incoming messages. The names of these ACLs are defined here: -+acl_smtp_mail = acl_check_mail - acl_smtp_rcpt = acl_check_rcpt - acl_smtp_data = acl_check_data - acl_smtp_mime = acl_check_mime -@@ -371,6 +372,29 @@ timeout_frozen_after = 7d +++acl_smtp_mail = acl_check_mail + acl_smtp_rcpt = acl_check_rcpt + .ifdef _HAVE_PRDR + acl_smtp_data_prdr = acl_check_prdr +@@ -395,6 +396,29 @@ timeout_frozen_after = 7d begin acl @@ -40,7 +40,7 @@ index f1260cf..05e9371 100644 # This access control list is used for every RCPT command in an incoming # SMTP message. The tests are run in order until the address is either # accepted or denied. -@@ -496,7 +520,8 @@ acl_check_rcpt: +@@ -520,7 +544,8 @@ acl_check_rcpt: # There are no default checks on DNS black lists because the domains that # contain these lists are changing all the time. However, here are two # examples of how you can get Exim to perform a DNS black list lookup at this @@ -50,7 +50,7 @@ index f1260cf..05e9371 100644 # # deny message = rejected because $sender_host_address is in a black list at $dnslist_domain\n$dnslist_text # dnslists = black.list.example -@@ -504,6 +529,10 @@ acl_check_rcpt: +@@ -528,6 +553,10 @@ acl_check_rcpt: # warn dnslists = black.list.example # add_header = X-Warning: $sender_host_address is in a black list at $dnslist_domain # log_message = found in $dnslist_domain @@ -61,8 +61,8 @@ index f1260cf..05e9371 100644 ############################################################################# ############################################################################# -@@ -517,6 +546,10 @@ acl_check_rcpt: - # require verify = csa +@@ -554,6 +583,10 @@ acl_check_rcpt: + # set acl_m_content_filter = ${lookup PER_RCPT_CONTENT_FILTER} ############################################################################# + # Alternatively, greylist for it: @@ -72,7 +72,7 @@ index f1260cf..05e9371 100644 # At this point, the address has passed all the checks that have been # configured, so we accept it unconditionally. -@@ -555,6 +588,12 @@ acl_check_data: +@@ -612,6 +645,12 @@ acl_check_data: # deny condition = ${if !def:h_Message-ID: {1}} # message = RFC2822 says that all mail SHOULD have a Message-ID header.\n\ # Most messages without it are spam, so your mail has been rejected. @@ -85,9 +85,9 @@ index f1260cf..05e9371 100644 # Deny if the message contains a virus. Before enabling this check, you # must install a virus scanner and set the av_scanner option above. -@@ -589,8 +628,30 @@ acl_check_data: - # message = Your message scored $spam_score SpamAssassin point. Report follows:\n\ - # $spam_report +@@ -669,8 +708,30 @@ acl_check_mime: + {\N(\.exe|\.pif|\.bat|\.scr|\.lnk|\.com)$\N} \ + {1}{0}} + # Trigger greylisting (if enabled) if the SpamAssassin score is greater than 0.5 + # @@ -114,5 +114,5 @@ index f1260cf..05e9371 100644 +# To enable the greylisting, also uncomment this line: +# .include /etc/exim/exim-greylist.conf.inc - acl_check_mime: - + ###################################################################### + # ROUTERS CONFIGURATION # diff --git a/exim-4.87-localhost-is-local.patch b/exim-4.92-localhost-is-local.patch similarity index 90% rename from exim-4.87-localhost-is-local.patch rename to exim-4.92-localhost-is-local.patch index 5810698..02a10a2 100644 --- a/exim-4.87-localhost-is-local.patch +++ b/exim-4.92-localhost-is-local.patch @@ -1,8 +1,8 @@ diff --git a/src/configure.default b/src/configure.default -index d1ce2f1..1f10008 100644 +index 09f0b36..9242bac 100644 --- a/src/configure.default +++ b/src/configure.default -@@ -55,7 +55,7 @@ +@@ -67,7 +67,7 @@ # +local_domains, +relay_to_domains, and +relay_from_hosts, respectively. They # are all colon-separated lists: diff --git a/exim-4.91-pamconfig.patch b/exim-4.92-pamconfig.patch similarity index 84% rename from exim-4.91-pamconfig.patch rename to exim-4.92-pamconfig.patch index b330a5b..bbe3dde 100644 --- a/exim-4.91-pamconfig.patch +++ b/exim-4.92-pamconfig.patch @@ -1,8 +1,8 @@ diff --git a/src/configure.default b/src/configure.default -index ae50b15..6966ad3 100644 +index 6db4947..f1198b1 100644 --- a/src/configure.default +++ b/src/configure.default -@@ -142,7 +142,7 @@ acl_smtp_data = acl_check_data +@@ -157,7 +157,7 @@ acl_smtp_data = acl_check_data # Allow any client to use TLS. @@ -11,7 +11,7 @@ index ae50b15..6966ad3 100644 # Specify the location of the Exim server's TLS certificate and private key. # The private key must not be encrypted (password protected). You can put -@@ -150,8 +150,8 @@ acl_smtp_data = acl_check_data +@@ -165,8 +165,8 @@ acl_smtp_data = acl_check_data # need the first setting, or in separate files, in which case you need both # options. @@ -22,7 +22,7 @@ index ae50b15..6966ad3 100644 # For OpenSSL, prefer EC- over RSA-authenticated ciphers # tls_require_ciphers = ECDSA:RSA:!COMPLEMENTOFDEFAULT -@@ -165,8 +165,8 @@ acl_smtp_data = acl_check_data +@@ -180,8 +180,8 @@ acl_smtp_data = acl_check_data # them you should also allow TLS-on-connect on the traditional but # non-standard port 465. @@ -33,7 +33,7 @@ index ae50b15..6966ad3 100644 # Specify the domain you want to be added to all unqualified addresses -@@ -224,6 +224,24 @@ never_users = root +@@ -239,6 +239,24 @@ never_users = root host_lookup = * @@ -56,9 +56,9 @@ index ae50b15..6966ad3 100644 +# +auth_advertise_hosts = - # The settings below cause Exim to make RFC 1413 (ident) callbacks - # for all incoming SMTP calls. You can limit the hosts to which these -@@ -853,7 +871,7 @@ begin authenticators + # The setting below causes Exim to try to initialize the system resolver + # library with DNSSEC support. It has no effect if your library lacks +@@ -980,7 +998,7 @@ begin authenticators # driver = plaintext # server_set_id = $auth2 # server_prompts = : @@ -67,7 +67,7 @@ index ae50b15..6966ad3 100644 # server_advertise_condition = ${if def:tls_in_cipher } # LOGIN authentication has traditional prompts and responses. There is no -@@ -865,7 +883,7 @@ begin authenticators +@@ -992,7 +1010,7 @@ begin authenticators # driver = plaintext # server_set_id = $auth1 # server_prompts = <| Username: | Password: diff --git a/exim-4.91-procmail.patch b/exim-4.92-procmail.patch similarity index 67% rename from exim-4.91-procmail.patch rename to exim-4.92-procmail.patch index 5c70ae6..5fd6f73 100644 --- a/exim-4.91-procmail.patch +++ b/exim-4.92-procmail.patch @@ -1,8 +1,8 @@ diff --git a/src/configure.default b/src/configure.default -index dd5bfeb..7d26076 100644 +index 8f88a3b..cef3779 100644 --- a/src/configure.default +++ b/src/configure.default -@@ -741,6 +741,12 @@ userforward: +@@ -818,6 +818,12 @@ userforward: pipe_transport = address_pipe reply_transport = address_reply @@ -15,9 +15,9 @@ index dd5bfeb..7d26076 100644 # This router matches local user mailboxes. If the router fails, the error # message is "Unknown user". -@@ -782,6 +788,16 @@ remote_smtp: - driver = smtp - message_size_limit = ${if > {$max_received_linelength}{998} {1}{0}} +@@ -866,6 +872,16 @@ remote_smtp: + hosts_try_prdr = * + .endif +# This transport invokes procmail to deliver mail +procmail: @@ -30,5 +30,5 @@ index dd5bfeb..7d26076 100644 + initgroups + return_output - # This transport is used for local delivery to user mailboxes in traditional - # BSD mailbox format. By default it will be run under the uid and gid of the + # This transport is used for delivering messages to a smarthost, if the + # smarthost router is enabled. This starts from the same basis as diff --git a/exim-4.91-rhl.patch b/exim-4.92-rhl.patch similarity index 84% rename from exim-4.91-rhl.patch rename to exim-4.92-rhl.patch index 7cdfba8..236da8f 100644 --- a/exim-4.91-rhl.patch +++ b/exim-4.92-rhl.patch @@ -1,8 +1,8 @@ diff --git a/src/configure.default b/src/configure.default -index 79bbc8c..78e44d2 100644 +index 555dec3..69e0ed1 100644 --- a/src/configure.default +++ b/src/configure.default -@@ -639,7 +639,7 @@ system_aliases: +@@ -718,7 +718,7 @@ system_aliases: driver = redirect allow_fail allow_defer @@ -11,7 +11,7 @@ index 79bbc8c..78e44d2 100644 # user = exim file_transport = address_file pipe_transport = address_pipe -@@ -740,8 +740,8 @@ local_delivery: +@@ -867,8 +867,8 @@ local_delivery: delivery_date_add envelope_to_add return_path_add diff --git a/exim-4.91-smarthost-config.patch b/exim-4.92-smarthost-config.patch similarity index 87% rename from exim-4.91-smarthost-config.patch rename to exim-4.92-smarthost-config.patch index ba1dad8..42e6d1a 100644 --- a/exim-4.91-smarthost-config.patch +++ b/exim-4.92-smarthost-config.patch @@ -1,10 +1,10 @@ diff --git a/src/configure.default b/src/configure.default -index 05e9371..5e61818 100644 +index 439287a..241a961 100644 --- a/src/configure.default +++ b/src/configure.default -@@ -849,6 +849,15 @@ remote_smtp: - driver = smtp - message_size_limit = ${if > {$max_received_linelength}{998} {1}{0}} +@@ -933,6 +933,15 @@ remote_smtp: + hosts_try_prdr = * + .endif +# This transport is used for delivering messages over SMTP using the +# "message submission" port (RFC4409). @@ -18,7 +18,7 @@ index 05e9371..5e61818 100644 # This transport invokes procmail to deliver mail procmail: driver = pipe -@@ -957,6 +966,21 @@ begin rewrite +@@ -1082,6 +1091,21 @@ begin rewrite # AUTHENTICATION CONFIGURATION # ###################################################################### @@ -40,7 +40,7 @@ index 05e9371..5e61818 100644 # The following authenticators support plaintext username/password # authentication using the standard PLAIN mechanism and the traditional # but non-standard LOGIN mechanism, with Exim acting as the server. -@@ -972,7 +996,7 @@ begin rewrite +@@ -1097,7 +1121,7 @@ begin rewrite # The default RCPT ACL checks for successful authentication, and will accept # messages from authenticated users from anywhere on the Internet. diff --git a/exim-4.91-spamdconf.patch b/exim-4.92-spamdconf.patch similarity index 83% rename from exim-4.91-spamdconf.patch rename to exim-4.92-spamdconf.patch index 3edc425..cab7969 100644 --- a/exim-4.91-spamdconf.patch +++ b/exim-4.92-spamdconf.patch @@ -1,16 +1,16 @@ diff --git a/src/configure.default b/src/configure.default -index 6966ad3..dd5bfeb 100644 +index f1198b1..8f88a3b 100644 --- a/src/configure.default +++ b/src/configure.default -@@ -109,6 +109,7 @@ hostlist relay_from_hosts = localhost - - acl_smtp_rcpt = acl_check_rcpt - acl_smtp_data = acl_check_data -+acl_smtp_mime = acl_check_mime +@@ -124,6 +124,7 @@ acl_smtp_rcpt = acl_check_rcpt + acl_smtp_data_prdr = acl_check_prdr + .endif + acl_smtp_data = acl_check_data ++acl_smtp_mime = acl_check_mime # You should not change those settings until you understand how ACLs work. -@@ -121,7 +122,7 @@ acl_smtp_data = acl_check_data +@@ -136,7 +137,7 @@ acl_smtp_data = acl_check_data # of what to set for other virus scanners. The second modification is in the # acl_check_data access control list (see below). @@ -19,7 +19,7 @@ index 6966ad3..dd5bfeb 100644 # For spam scanning, there is a similar option that defines the interface to -@@ -434,7 +435,8 @@ acl_check_rcpt: +@@ -458,7 +459,8 @@ acl_check_rcpt: accept local_parts = postmaster domains = +local_domains @@ -29,9 +29,9 @@ index 6966ad3..dd5bfeb 100644 require verify = sender -@@ -544,27 +546,63 @@ acl_check_data: - message = header syntax - log_message = header syntax ($acl_verify_message) +@@ -601,21 +603,26 @@ acl_check_data: + message = header syntax + log_message = header syntax ($acl_verify_message) + # Put simple tests first. A good one is to check for the presence of a + # Message-Id: header, which RFC2822 says SHOULD be present. Some broken @@ -62,7 +62,12 @@ index 6966ad3..dd5bfeb 100644 + # accept condition = ${if >={$message_size}{100000} {1}} + # add_header = X-Spam-Note: SpamAssassin run bypassed due to message size -- # Accept the message. + ############################################################################# + # No more tests if PRDR was actively used. +@@ -629,11 +636,40 @@ acl_check_data: + # condition = ... + ############################################################################# + + # Run SpamAssassin, but allow for it to fail or time out. Add a warning message + # and accept the mail if that happens. Add an X-Spam-Flag: header if the SA + # score exceeds the SA system threshold. @@ -73,7 +78,8 @@ index 6966ad3..dd5bfeb 100644 + # accept condition = ${if !def:spam_score_int {1}} + # add_header = X-Spam-Note: SpamAssassin invocation failed + # -+ + +- # Accept the message. + # Unconditionally add score and report headers + # + # warn add_header = X-Spam-Score: $spam_score ($spam_bar)\n\ @@ -87,7 +93,6 @@ index 6966ad3..dd5bfeb 100644 accept - +acl_check_mime: + + # File extension filtering. @@ -98,7 +103,6 @@ index 6966ad3..dd5bfeb 100644 + {1}{0}} + + accept -+ + ###################################################################### - # ROUTERS CONFIGURATION # diff --git a/exim.spec b/exim.spec index 444fb3d..372f5be 100644 --- a/exim.spec +++ b/exim.spec @@ -13,8 +13,8 @@ Summary: The exim mail transfer agent Name: exim -Version: 4.91 -Release: 6%{?dist} +Version: 4.92 +Release: 1%{?dist} License: GPLv2+ Url: http://www.exim.org/ Provides: MTA smtpd smtpdaemon server(smtp) @@ -44,20 +44,20 @@ Source24: exim.service Source25: exim-gen-cert Source26: clamd.exim.service -Patch4: exim-4.91-rhl.patch -Patch6: exim-4.91-config.patch +Patch4: exim-4.92-rhl.patch +Patch6: exim-4.92-config.patch Patch8: exim-4.82-libdir.patch -Patch12: exim-4.91-cyrus.patch -Patch13: exim-4.91-pamconfig.patch -Patch14: exim-4.91-spamdconf.patch -Patch18: exim-4.91-dlopen-localscan.patch -Patch19: exim-4.91-procmail.patch -Patch20: exim-4.91-allow-filter.patch -Patch21: exim-4.87-localhost-is-local.patch -Patch22: exim-4.91-greylist-conf.patch -Patch23: exim-4.91-smarthost-config.patch +Patch12: exim-4.92-cyrus.patch +Patch13: exim-4.92-pamconfig.patch +Patch14: exim-4.92-spamdconf.patch +Patch18: exim-4.92-dlopen-localscan.patch +Patch19: exim-4.92-procmail.patch +Patch20: exim-4.92-allow-filter.patch +Patch21: exim-4.92-localhost-is-local.patch +Patch22: exim-4.92-greylist-conf.patch +Patch23: exim-4.92-smarthost-config.patch Patch26: exim-4.85-pic.patch -Patch27: exim-4.90.1-environment.patch +Patch27: exim-4.92-environment.patch # Workaround for NIS removal from glibc, bug 1534920 Patch33: exim-4.90.1-nsl-fix.patch @@ -571,6 +571,10 @@ test "$1" = 0 || %{_initrddir}/clamd.exim condrestart >/dev/null 2>&1 || : %{_sysconfdir}/cron.daily/greylist-tidy.sh %changelog +* Mon Feb 11 2019 Jaroslav Škarvada - 4.92-1 +- New version + Resolves: rhbz#1674282 + * Thu Jan 31 2019 Fedora Release Engineering - 4.91-6 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild diff --git a/sources b/sources index 8490f67..2e882ad 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (exim-4.91.tar.xz) = 35b34dda8dd0f27c0429e6eb8409756ecd3cf9e535bac421d696b1560db0ff3bf4cd0e4a00bc0b7e32137d31bb5de20776c7c1830ec125aa36b5c4376b0c71a2 +SHA512 (exim-4.92.tar.xz) = 62c327e6184a358ba7f0dbc38b44d2537234be91727a5bfac97e74af64a8d77e376b3221dcfdd8f6eca7d812f9233595503dc6e50e2972bed40a1b74eb209c31 From 0a420440104f2afd885db70570f9f4206756887f Mon Sep 17 00:00:00 2001 From: mh Date: Wed, 7 Feb 2018 10:27:04 +0100 Subject: [PATCH 185/194] Enable proxy and socks support - Resolves: rhbz#1542870 --- exim-4.89-support-proxies.patch | 18 ++++++++++++++++++ exim.spec | 8 +++++++- 2 files changed, 25 insertions(+), 1 deletion(-) create mode 100644 exim-4.89-support-proxies.patch diff --git a/exim-4.89-support-proxies.patch b/exim-4.89-support-proxies.patch new file mode 100644 index 0000000..39cb66c --- /dev/null +++ b/exim-4.89-support-proxies.patch @@ -0,0 +1,18 @@ +--- a/src/EDITME 2018-02-07 09:39:41.449345768 +0100 ++++ b/src/EDITME 2018-02-07 09:40:08.993393374 +0100 +@@ -942,12 +942,12 @@ + # If you may want to use outbound (client-side) proxying, using Socks5, + # uncomment the line below. + +-# SUPPORT_SOCKS=yes ++SUPPORT_SOCKS=yes + + # If you may want to use inbound (server-side) proxying, using Proxy Protocol, + # uncomment the line below. + +-# SUPPORT_PROXY=yes ++SUPPORT_PROXY=yes + + + #------------------------------------------------------------------------------ + diff --git a/exim.spec b/exim.spec index 372f5be..77d5602 100644 --- a/exim.spec +++ b/exim.spec @@ -14,7 +14,7 @@ Summary: The exim mail transfer agent Name: exim Version: 4.92 -Release: 1%{?dist} +Release: 2%{?dist} License: GPLv2+ Url: http://www.exim.org/ Provides: MTA smtpd smtpdaemon server(smtp) @@ -60,6 +60,7 @@ Patch26: exim-4.85-pic.patch Patch27: exim-4.92-environment.patch # Workaround for NIS removal from glibc, bug 1534920 Patch33: exim-4.90.1-nsl-fix.patch +Patch40: exim-4.89-support-proxies.patch Requires: /etc/pki/tls/certs /etc/pki/tls/private Requires: /etc/aliases @@ -202,6 +203,7 @@ greylisting unconditional. %patch26 -p1 -b .fpic %patch27 -p1 -b .environment %patch33 -p1 -b .nsl-fix +%patch40 -p1 -b .proxy cp src/EDITME Local/Makefile sed -i 's@^# LOOKUP_MODULE_DIR=.*@LOOKUP_MODULE_DIR=%{_libdir}/exim/%{version}-%{release}/lookups@' Local/Makefile @@ -571,6 +573,10 @@ test "$1" = 0 || %{_initrddir}/clamd.exim condrestart >/dev/null 2>&1 || : %{_sysconfdir}/cron.daily/greylist-tidy.sh %changelog +* Wed Feb 20 2019 Marcel Härry - 4.92-2 +- Enable proxy and socks support + Resolves: rhbz#1542870 + * Mon Feb 11 2019 Jaroslav Škarvada - 4.92-1 - New version Resolves: rhbz#1674282 From e357dd311a89e883cbbcf569aa5a645e859d2fcf Mon Sep 17 00:00:00 2001 From: Tim Landscheidt Date: Sat, 2 Mar 2019 18:10:12 +0000 Subject: [PATCH 186/194] Fix syntax error in exim.conf (#1679274) - Fix syntax error in exim.conf (#1679274) - Use properly compressed empty mailq.1.gz as ghost file - Add basic check that configuration file is valid --- exim-4.92-greylist-conf.patch | 2 +- exim.spec | 13 +++++++++++-- 2 files changed, 12 insertions(+), 3 deletions(-) diff --git a/exim-4.92-greylist-conf.patch b/exim-4.92-greylist-conf.patch index f9bfb4f..e9026a7 100644 --- a/exim-4.92-greylist-conf.patch +++ b/exim-4.92-greylist-conf.patch @@ -6,7 +6,7 @@ index 9242bac..439287a 100644 # manual for details. The lists above are used in the access control lists for # checking incoming messages. The names of these ACLs are defined here: -++acl_smtp_mail = acl_check_mail ++acl_smtp_mail = acl_check_mail acl_smtp_rcpt = acl_check_rcpt .ifdef _HAVE_PRDR acl_smtp_data_prdr = acl_check_prdr diff --git a/exim.spec b/exim.spec index 372f5be..d8ab27c 100644 --- a/exim.spec +++ b/exim.spec @@ -14,7 +14,7 @@ Summary: The exim mail transfer agent Name: exim Version: 4.92 -Release: 1%{?dist} +Release: 2%{?dist} License: GPLv2+ Url: http://www.exim.org/ Provides: MTA smtpd smtpdaemon server(smtp) @@ -312,10 +312,11 @@ chmod 600 $RPM_BUILD_ROOT/etc/pki/tls/{certs,private}/exim.pem # generate alternatives ghosts mkdir -p $RPM_BUILD_ROOT%{_mandir}/man1 for i in %{_sbindir}/sendmail %{_bindir}/{mailq,runq,rsmtp,rmail,newaliases} \ - /usr/lib/sendmail %{_sysconfdir}/pam.d/smtp %{_mandir}/man1/mailq.1.gz + /usr/lib/sendmail %{_sysconfdir}/pam.d/smtp do touch $RPM_BUILD_ROOT$i done +gzip < /dev/null > $RPM_BUILD_ROOT%{_mandir}/man1/mailq.1.gz %if %{with clamav} # Munge the clamav init and config files from clamav-devel. This really ought @@ -354,6 +355,9 @@ install -m755 %{SOURCE22} $RPM_BUILD_ROOT/%_sysconfdir/cron.daily/greylist-tidy. install -m644 %{SOURCE23} $RPM_BUILD_ROOT/%_sysconfdir/exim/trusted-configs touch $RPM_BUILD_ROOT/%_var/spool/exim/db/greylist.db +%check +build-`scripts/os-type`-`scripts/arch-type`/exim -C src/configure.default -bV + %pre %{_sbindir}/groupadd -g 93 exim 2>/dev/null %{_sbindir}/useradd -d %{_var}/spool/exim -s /sbin/nologin -G mail -M -r -u 93 -g exim exim 2>/dev/null @@ -571,6 +575,11 @@ test "$1" = 0 || %{_initrddir}/clamd.exim condrestart >/dev/null 2>&1 || : %{_sysconfdir}/cron.daily/greylist-tidy.sh %changelog +* Sat Mar 2 2019 Tim Landscheidt - 4.92-2 +- Fix syntax error in exim.conf (#1679274) +- Use properly compressed empty mailq.1.gz as ghost file +- Add basic check that configuration file is valid + * Mon Feb 11 2019 Jaroslav Škarvada - 4.92-1 - New version Resolves: rhbz#1674282 From 2600fcec66f6a2b2276f18393c92864aca631eb7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jaroslav=20=C5=A0karvada?= Date: Mon, 4 Mar 2019 12:07:09 +0100 Subject: [PATCH 187/194] Fixed greylist-conf patch Related: rhbz#1679274 --- exim-4.92-greylist-conf.patch | 13 +++++++------ exim-4.92-smarthost-config.patch | 8 ++++---- ...proxies.patch => exim-4.92-support-proxies.patch | 9 +++++---- exim.spec | 8 ++++++-- 4 files changed, 22 insertions(+), 16 deletions(-) rename exim-4.89-support-proxies.patch => exim-4.92-support-proxies.patch (73%) diff --git a/exim-4.92-greylist-conf.patch b/exim-4.92-greylist-conf.patch index e9026a7..e601fc9 100644 --- a/exim-4.92-greylist-conf.patch +++ b/exim-4.92-greylist-conf.patch @@ -1,5 +1,5 @@ diff --git a/src/configure.default b/src/configure.default -index 9242bac..439287a 100644 +index 9242bac..eabf102 100644 --- a/src/configure.default +++ b/src/configure.default @@ -119,6 +119,7 @@ hostlist relay_from_hosts = localhost @@ -85,9 +85,9 @@ index 9242bac..439287a 100644 # Deny if the message contains a virus. Before enabling this check, you # must install a virus scanner and set the av_scanner option above. -@@ -669,8 +708,30 @@ acl_check_mime: - {\N(\.exe|\.pif|\.bat|\.scr|\.lnk|\.com)$\N} \ - {1}{0}} +@@ -658,8 +697,31 @@ acl_check_data: + # message = Your message scored $spam_score SpamAssassin point. Report follows:\n\ + # $spam_report + # Trigger greylisting (if enabled) if the SpamAssassin score is greater than 0.5 + # @@ -113,6 +113,7 @@ index 9242bac..439287a 100644 +# To enable the greylisting, also uncomment this line: +# .include /etc/exim/exim-greylist.conf.inc ++ + acl_check_mime: - ###################################################################### - # ROUTERS CONFIGURATION # + # File extension filtering. diff --git a/exim-4.92-smarthost-config.patch b/exim-4.92-smarthost-config.patch index 42e6d1a..08ecc1c 100644 --- a/exim-4.92-smarthost-config.patch +++ b/exim-4.92-smarthost-config.patch @@ -1,8 +1,8 @@ diff --git a/src/configure.default b/src/configure.default -index 439287a..241a961 100644 +index eabf102..db2d98a 100644 --- a/src/configure.default +++ b/src/configure.default -@@ -933,6 +933,15 @@ remote_smtp: +@@ -934,6 +934,15 @@ remote_smtp: hosts_try_prdr = * .endif @@ -18,7 +18,7 @@ index 439287a..241a961 100644 # This transport invokes procmail to deliver mail procmail: driver = pipe -@@ -1082,6 +1091,21 @@ begin rewrite +@@ -1083,6 +1092,21 @@ begin rewrite # AUTHENTICATION CONFIGURATION # ###################################################################### @@ -40,7 +40,7 @@ index 439287a..241a961 100644 # The following authenticators support plaintext username/password # authentication using the standard PLAIN mechanism and the traditional # but non-standard LOGIN mechanism, with Exim acting as the server. -@@ -1097,7 +1121,7 @@ begin rewrite +@@ -1098,7 +1122,7 @@ begin rewrite # The default RCPT ACL checks for successful authentication, and will accept # messages from authenticated users from anywhere on the Internet. diff --git a/exim-4.89-support-proxies.patch b/exim-4.92-support-proxies.patch similarity index 73% rename from exim-4.89-support-proxies.patch rename to exim-4.92-support-proxies.patch index 39cb66c..22f20e7 100644 --- a/exim-4.89-support-proxies.patch +++ b/exim-4.92-support-proxies.patch @@ -1,6 +1,8 @@ ---- a/src/EDITME 2018-02-07 09:39:41.449345768 +0100 -+++ b/src/EDITME 2018-02-07 09:40:08.993393374 +0100 -@@ -942,12 +942,12 @@ +diff --git a/src/EDITME b/src/EDITME +index 4e3a9a3..e3b98e9 100644 +--- a/src/EDITME ++++ b/src/EDITME +@@ -972,12 +972,12 @@ SUPPORT_PAM=yes # If you may want to use outbound (client-side) proxying, using Socks5, # uncomment the line below. @@ -15,4 +17,3 @@ #------------------------------------------------------------------------------ - diff --git a/exim.spec b/exim.spec index 8a41bc8..2049e6e 100644 --- a/exim.spec +++ b/exim.spec @@ -14,7 +14,7 @@ Summary: The exim mail transfer agent Name: exim Version: 4.92 -Release: 3%{?dist} +Release: 4%{?dist} License: GPLv2+ Url: http://www.exim.org/ Provides: MTA smtpd smtpdaemon server(smtp) @@ -60,7 +60,7 @@ Patch26: exim-4.85-pic.patch Patch27: exim-4.92-environment.patch # Workaround for NIS removal from glibc, bug 1534920 Patch33: exim-4.90.1-nsl-fix.patch -Patch40: exim-4.89-support-proxies.patch +Patch40: exim-4.92-support-proxies.patch Requires: /etc/pki/tls/certs /etc/pki/tls/private Requires: /etc/aliases @@ -577,6 +577,10 @@ test "$1" = 0 || %{_initrddir}/clamd.exim condrestart >/dev/null 2>&1 || : %{_sysconfdir}/cron.daily/greylist-tidy.sh %changelog +* Mon Mar 4 2019 Jaroslav Škarvada - 4.92-4 +- Fixed greylist-conf patch + Related: rhbz#1679274 + * Sat Mar 2 2019 Tim Landscheidt - 4.92-3 - Fix syntax error in exim.conf (#1679274) - Use properly compressed empty mailq.1.gz as ghost file From 0fb4478e2e253581c613fb40f0eae98d92861d20 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jaroslav=20=C5=A0karvada?= Date: Tue, 19 Mar 2019 12:48:29 +0100 Subject: [PATCH 188/194] Processed greylist.db by cron job only if it has non zero size Resolves: rhbz#1689211 --- exim.spec | 6 +++++- greylist-tidy.sh | 2 +- 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/exim.spec b/exim.spec index 2049e6e..7829138 100644 --- a/exim.spec +++ b/exim.spec @@ -14,7 +14,7 @@ Summary: The exim mail transfer agent Name: exim Version: 4.92 -Release: 4%{?dist} +Release: 5%{?dist} License: GPLv2+ Url: http://www.exim.org/ Provides: MTA smtpd smtpdaemon server(smtp) @@ -577,6 +577,10 @@ test "$1" = 0 || %{_initrddir}/clamd.exim condrestart >/dev/null 2>&1 || : %{_sysconfdir}/cron.daily/greylist-tidy.sh %changelog +* Tue Mar 19 2019 Jaroslav Škarvada - 4.92-5 +- Processed greylist.db by cron job only if it has non zero size + Resolves: rhbz#1689211 + * Mon Mar 4 2019 Jaroslav Škarvada - 4.92-4 - Fixed greylist-conf patch Related: rhbz#1679274 diff --git a/greylist-tidy.sh b/greylist-tidy.sh index 928e12e..20251f4 100755 --- a/greylist-tidy.sh +++ b/greylist-tidy.sh @@ -1,6 +1,6 @@ #!/bin/bash -if [ -r /var/spool/exim/db/greylist.db ]; then +if [ -s /var/spool/exim/db/greylist.db ]; then sqlite3 /var/spool/exim/db/greylist.db < Date: Wed, 20 Mar 2019 23:10:06 +0000 Subject: [PATCH 189/194] Drop F-23 conditionals, and related obsolete bits --- exim.spec | 97 ++++--------------------------------------------------- 1 file changed, 6 insertions(+), 91 deletions(-) diff --git a/exim.spec b/exim.spec index 7829138..04b0c89 100644 --- a/exim.spec +++ b/exim.spec @@ -6,26 +6,22 @@ %bcond_without clamav %endif -%global sysv2systemdnvr 4.76-6 - # hardened build if not overridden %{!?_hardened_build:%global _hardened_build 1} Summary: The exim mail transfer agent Name: exim Version: 4.92 -Release: 5%{?dist} +Release: 6%{?dist} License: GPLv2+ Url: http://www.exim.org/ + Provides: MTA smtpd smtpdaemon server(smtp) -Requires(post): /sbin/chkconfig /sbin/service /sbin/restorecon %{_sbindir}/alternatives systemd systemd-sysv +Requires(post): /sbin/restorecon %{_sbindir}/alternatives systemd Requires(preun): %{_sbindir}/alternatives systemd Requires(postun): %{_sbindir}/alternatives systemd Requires(pre): %{_sbindir}/groupadd, %{_sbindir}/useradd %if %{with clamav} -%if 0%{?fedora} < 23 -Requires: initscripts -%endif BuildRequires: clamav-devel %endif Source: ftp://ftp.exim.org/pub/exim/exim4/exim-%{version}.tar.xz @@ -87,18 +83,6 @@ routed, and there are extensive facilities for checking incoming mail. Exim can be installed in place of sendmail, although the configuration of exim is quite different to that of sendmail. -%if 0%{?fedora} < 23 -%package sysvinit -Summary: SysV initscript for Exim -BuildArch: noarch -Requires: %{name} = %{version}-%{release} -Requires(preun): chkconfig -Requires(post): chkconfig - -%description sysvinit -This package contains the SysV initscript for Exim. -%endif - %package mysql Summary: MySQL lookup support for Exim Requires: exim = %{version}-%{release} @@ -127,8 +111,6 @@ interface. Summary: Clam Antivirus scanner dæmon configuration for use with Exim Requires: clamav-server exim Obsoletes: clamav-exim <= 0.86.2 -Requires(post): /sbin/chkconfig /sbin/service -Requires(preun): /sbin/chkconfig /sbin/service %description clamav This package contains configuration files which invoke a copy of the @@ -147,17 +129,6 @@ For further details of Exim content scanning, see chapter 41 of the Exim specification: http://www.exim.org/exim-html-%{version}/doc/html/spec_html/ch41.html -%if 0%{?fedora} < 23 -%package clamav-sysvinit -Summary: SysV initscript for Clam Antivirus scanner for Exim -BuildArch: noarch -Requires: exim-clamav = %{version}-%{release} -Requires(preun): chkconfig -Requires(post): chkconfig - -%description clamav-sysvinit -This package contains the SysV initscript. -%endif %endif %package greylist @@ -222,8 +193,6 @@ cp exim_monitor/EDITME Local/eximon.conf make _lib=%{_lib} FULLECHO= LDFLAGS="%{?__global_ldflags} %{?_hardened_build:-pie -Wl,-z,relro,-z,now}" %install -rm -rf $RPM_BUILD_ROOT - mkdir -p $RPM_BUILD_ROOT%{_sbindir} mkdir -p $RPM_BUILD_ROOT%{_bindir} mkdir -p $RPM_BUILD_ROOT%{_libdir} @@ -331,9 +300,6 @@ mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}/clamd.d clamsubst clamd.conf %{_sysconfdir}/clamd.d/exim.conf exim exim \ 's!^##*\(\(LogFile\|LocalSocket\|PidFile\|User\)\s\|\(StreamSaveToDisk\|ScanMail\|LogTime\|ScanArchive\)$\)!\1!;s!^Example!#Example!;' -%if 0%{?fedora} < 23 -clamsubst clamd.init %{_initrddir}/clamd.exim exim exim '' -%endif clamsubst clamd.logrotate %{_sysconfdir}/logrotate.d/clamd.exim exim exim '' cat < $RPM_BUILD_ROOT%{_sysconfdir}/sysconfig/clamd.exim CLAMD_CONFIG='%_sysconfdir/clamd.d/exim.conf' @@ -401,29 +367,6 @@ if [ $1 -ge 1 ]; then fi fi -%triggerun -- exim < %{sysv2systemdnvr} -%{_bindir}/systemd-sysv-convert --save exim >/dev/null 2>&1 ||: -/bin/systemctl enable exim.service >/dev/null 2>&1 -/sbin/chkconfig --del exim >/dev/null 2>&1 || : -/bin/systemctl try-restart exim.service >/dev/null 2>&1 || : - -%if 0%{?fedora} < 23 -%triggerpostun -n exim-sysvinit -- exim < %{sysv2systemdnvr} -/sbin/chkconfig --add exim >/dev/null 2>&1 || : - -%post sysvinit -/sbin/chkconfig --add exim >/dev/null 2>&1 ||: - -%preun sysvinit -if [ "$1" = 0 ]; then - %{_initrddir}/exim stop >/dev/null 2>&1 ||: - /sbin/chkconfig --del exim >/dev/null 2>&1 ||: -fi - -%postun sysvinit -[ "$1" -ge "1" ] && %{_initrddir}/exim condrestart >/dev/null 2>&1 ||: -%endif - %post greylist if [ ! -r %{_var}/spool/exim/db/greylist.db ]; then sqlite3 %{_var}/spool/exim/db/greylist.db < %{_sysconfdir}/exim/mk-greylist-db.sql @@ -495,11 +438,6 @@ fi %ghost %{_sysconfdir}/pam.d/smtp %ghost %{_mandir}/man1/mailq.1.gz -%if 0%{?fedora} < 23 -%files sysvinit -%{_initrddir}/exim -%endif - %files mysql %{_libdir}/exim/%{version}-%{release}/lookups/mysql.so @@ -533,27 +471,6 @@ if [ $1 -ge 1 ] ; then /bin/systemctl try-restart clamd.exim.service >/dev/null 2>&1 || : fi -%triggerun -- clamav < %{sysv2systemdnvr} -%{_bindir}/systemd-sysv-convert --save clamd.exim >/dev/null 2>&1 ||: -/bin/systemctl enable clamd.exim.service >/dev/null 2>&1 -/sbin/chkconfig --del clamd.exim >/dev/null 2>&1 || : -/bin/systemctl try-restart clamd.exim.service >/dev/null 2>&1 || : - -%if 0%{?fedora} < 23 -%triggerpostun -n exim-clamav-sysvinit -- exim < %{sysv2systemdnvr} -/sbin/chkconfig --add clamd.exim >/dev/null 2>&1 ||: - -%post clamav-sysvinit -/sbin/chkconfig --add clamd.exim >/dev/null 2>&1 ||: - -%preun clamav-sysvinit -test "$1" != 0 || %{_initrddir}/clamd.exim stop >/dev/null 2>&1 || : -test "$1" != 0 || /sbin/chkconfig --del clamd.exim >/dev/null 2>&1 || : - -%postun clamav-sysvinit -test "$1" = 0 || %{_initrddir}/clamd.exim condrestart >/dev/null 2>&1 || : -%endif - %files clamav %{_sbindir}/clamd.exim %{_unitdir}/clamd.exim.service @@ -563,11 +480,6 @@ test "$1" = 0 || %{_initrddir}/clamd.exim condrestart >/dev/null 2>&1 || : %{_tmpfilesdir}/exim-clamav.conf %ghost %attr(0750,exim,exim) %dir %{_var}/run/clamd.exim %ghost %attr(0644,exim,exim) %{_var}/log/clamd.exim - -%if 0%{?fedora} < 23 -%files clamav-sysvinit -%attr(0755,root,root) %config %{_initrddir}/clamd.exim -%endif %endif %files greylist @@ -577,6 +489,9 @@ test "$1" = 0 || %{_initrddir}/clamd.exim condrestart >/dev/null 2>&1 || : %{_sysconfdir}/cron.daily/greylist-tidy.sh %changelog +* Wed Mar 20 2019 Peter Robinson 4.92-6 +- Drop F-23 conditionals, and related obsolete bits + * Tue Mar 19 2019 Jaroslav Škarvada - 4.92-5 - Processed greylist.db by cron job only if it has non zero size Resolves: rhbz#1689211 From 2f8ce390ab19b1fb66c78300c892a18afaeefeae Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jaroslav=20=C5=A0karvada?= Date: Wed, 27 Mar 2019 13:15:13 +0100 Subject: [PATCH 190/194] Enabled DANE support Resolves: rhbz#1693202 --- exim-4.92-dane-enable.patch | 13 +++++++++++++ exim.spec | 8 +++++++- 2 files changed, 20 insertions(+), 1 deletion(-) create mode 100644 exim-4.92-dane-enable.patch diff --git a/exim-4.92-dane-enable.patch b/exim-4.92-dane-enable.patch new file mode 100644 index 0000000..32c6fc9 --- /dev/null +++ b/exim-4.92-dane-enable.patch @@ -0,0 +1,13 @@ +diff --git a/src/EDITME b/src/EDITME +index e3b98e9..d621c46 100644 +--- a/src/EDITME ++++ b/src/EDITME +@@ -372,7 +372,7 @@ PCRE_CONFIG=yes + # Uncomment the following line to add DANE support + # Note: Enabling this unconditionally overrides DISABLE_DNSSEC + # For DANE under GnuTLS we need an additional library. See TLS_LIBS below. +-# SUPPORT_DANE=yes ++SUPPORT_DANE=yes + + #------------------------------------------------------------------------------ + # Additional libraries and include directories may be required for some diff --git a/exim.spec b/exim.spec index 04b0c89..f7d5a7d 100644 --- a/exim.spec +++ b/exim.spec @@ -12,7 +12,7 @@ Summary: The exim mail transfer agent Name: exim Version: 4.92 -Release: 6%{?dist} +Release: 7%{?dist} License: GPLv2+ Url: http://www.exim.org/ @@ -57,6 +57,7 @@ Patch27: exim-4.92-environment.patch # Workaround for NIS removal from glibc, bug 1534920 Patch33: exim-4.90.1-nsl-fix.patch Patch40: exim-4.92-support-proxies.patch +Patch41: exim-4.92-dane-enable.patch Requires: /etc/pki/tls/certs /etc/pki/tls/private Requires: /etc/aliases @@ -175,6 +176,7 @@ greylisting unconditional. %patch27 -p1 -b .environment %patch33 -p1 -b .nsl-fix %patch40 -p1 -b .proxy +%patch41 -p1 -b .dane-enable cp src/EDITME Local/Makefile sed -i 's@^# LOOKUP_MODULE_DIR=.*@LOOKUP_MODULE_DIR=%{_libdir}/exim/%{version}-%{release}/lookups@' Local/Makefile @@ -489,6 +491,10 @@ fi %{_sysconfdir}/cron.daily/greylist-tidy.sh %changelog +* Wed Mar 27 2019 Jaroslav Škarvada - 4.92-7 +- Enabled DANE support + Resolves: rhbz#1693202 + * Wed Mar 20 2019 Peter Robinson 4.92-6 - Drop F-23 conditionals, and related obsolete bits From 4e715af1d997b7ae9354eedf271f1ba61eb52355 Mon Sep 17 00:00:00 2001 From: Jitka Plesnikova Date: Thu, 30 May 2019 14:12:36 +0200 Subject: [PATCH 191/194] Perl 5.30 rebuild --- exim.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/exim.spec b/exim.spec index f7d5a7d..0d85bbb 100644 --- a/exim.spec +++ b/exim.spec @@ -12,7 +12,7 @@ Summary: The exim mail transfer agent Name: exim Version: 4.92 -Release: 7%{?dist} +Release: 8%{?dist} License: GPLv2+ Url: http://www.exim.org/ @@ -491,6 +491,9 @@ fi %{_sysconfdir}/cron.daily/greylist-tidy.sh %changelog +* Thu May 30 2019 Jitka Plesnikova - 4.92-8 +- Perl 5.30 rebuild + * Wed Mar 27 2019 Jaroslav Škarvada - 4.92-7 - Enabled DANE support Resolves: rhbz#1693202 From 1135c84822e9618db37f9084f83ba398db5a25a0 Mon Sep 17 00:00:00 2001 From: Fedora Release Engineering Date: Thu, 25 Jul 2019 00:03:44 +0000 Subject: [PATCH 192/194] - Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild Signed-off-by: Fedora Release Engineering --- exim.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/exim.spec b/exim.spec index 0d85bbb..c5b7b53 100644 --- a/exim.spec +++ b/exim.spec @@ -12,7 +12,7 @@ Summary: The exim mail transfer agent Name: exim Version: 4.92 -Release: 8%{?dist} +Release: 9%{?dist} License: GPLv2+ Url: http://www.exim.org/ @@ -491,6 +491,9 @@ fi %{_sysconfdir}/cron.daily/greylist-tidy.sh %changelog +* Thu Jul 25 2019 Fedora Release Engineering - 4.92-9 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild + * Thu May 30 2019 Jitka Plesnikova - 4.92-8 - Perl 5.30 rebuild From 1b7d96c8266ad63952ac2fbd187f873f1a0ba367 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jaroslav=20=C5=A0karvada?= Date: Tue, 20 Aug 2019 17:10:00 +0200 Subject: [PATCH 193/194] New version Resolves: rhbz#1742312 --- exim.spec | 8 ++++++-- sources | 2 +- 2 files changed, 7 insertions(+), 3 deletions(-) diff --git a/exim.spec b/exim.spec index c5b7b53..e920df0 100644 --- a/exim.spec +++ b/exim.spec @@ -11,8 +11,8 @@ Summary: The exim mail transfer agent Name: exim -Version: 4.92 -Release: 9%{?dist} +Version: 4.92.1 +Release: 1%{?dist} License: GPLv2+ Url: http://www.exim.org/ @@ -491,6 +491,10 @@ fi %{_sysconfdir}/cron.daily/greylist-tidy.sh %changelog +* Tue Aug 20 2019 Jaroslav Škarvada - 4.92.1-1 +- New version + Resolves: rhbz#1742312 + * Thu Jul 25 2019 Fedora Release Engineering - 4.92-9 - Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild diff --git a/sources b/sources index 2e882ad..1cd3e84 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (exim-4.92.tar.xz) = 62c327e6184a358ba7f0dbc38b44d2537234be91727a5bfac97e74af64a8d77e376b3221dcfdd8f6eca7d812f9233595503dc6e50e2972bed40a1b74eb209c31 +SHA512 (exim-4.92.1.tar.xz) = fd43448db0aa5139f8b459322b95e258f232ac8a4bf21a19099c7768329ec20c344c4e0d8dd2e98c33a192a5f97d7666a746de2c87bdfb8da42c625c985d7e05 From 1464ae5f2b443a49e906fb631e84b77f22d0ecd3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jaroslav=20=C5=A0karvada?= Date: Fri, 6 Sep 2019 17:34:11 +0200 Subject: [PATCH 194/194] New version Resolves: CVE-2019-15846 --- exim.spec | 6 +++++- sources | 2 +- 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/exim.spec b/exim.spec index e920df0..6f93256 100644 --- a/exim.spec +++ b/exim.spec @@ -11,7 +11,7 @@ Summary: The exim mail transfer agent Name: exim -Version: 4.92.1 +Version: 4.92.2 Release: 1%{?dist} License: GPLv2+ Url: http://www.exim.org/ @@ -491,6 +491,10 @@ fi %{_sysconfdir}/cron.daily/greylist-tidy.sh %changelog +* Fri Sep 6 2019 Jaroslav Škarvada - 4.92.2-1 +- New version + Resolves: CVE-2019-15846 + * Tue Aug 20 2019 Jaroslav Škarvada - 4.92.1-1 - New version Resolves: rhbz#1742312 diff --git a/sources b/sources index 1cd3e84..ed7dec1 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (exim-4.92.1.tar.xz) = fd43448db0aa5139f8b459322b95e258f232ac8a4bf21a19099c7768329ec20c344c4e0d8dd2e98c33a192a5f97d7666a746de2c87bdfb8da42c625c985d7e05 +SHA512 (exim-4.92.2.tar.xz) = d27aca4d4e9df267b0afcbe7b3f74c9ca6e96e7e6eb4d2f86ff00b0e2234eaec90271405eb387a36a2e0d4ec5597b2920753f85318a5618ddbc8af475a7d81cd