main/postfix: upgrade to 3.2.0

Modernize APKBUILD
author: Leonardo Arena <rnalrd@alpinelinux.org> 2017-06-06 13:47:56 +0000
committer: Leonardo Arena <rnalrd@alpinelinux.org> 2017-06-06 13:47:56 +0000
commit: b7a326232d701d67e71ec1b4d4eb9e4b89b9507e (patch)
tree: ae4317632edeea103271ac6cbe2bdc51730a29f4 /main/postfix/libressl.patch
parent: dfbb23ecb7d8f133ac21827090d6c8893323bde4 (diff)
download: aports-b7a326232d701d67e71ec1b4d4eb9e4b89b9507e.tar.bz2
aports-b7a326232d701d67e71ec1b4d4eb9e4b89b9507e.tar.xz
1 files changed, 81 insertions, 59 deletions
diff --git a/main/postfix/libressl.patch b/main/postfix/libressl.patch
index 835edd689f..c54a7a01d7 100644
--- a/main/postfix/libressl.patch
+++ b/main/postfix/libressl.patch
@@ -1,43 +1,30 @@
-$OpenBSD: patch-src_tls_tls_h,v 1.1 2016/03/05 17:34:24 sthen Exp $
-
-Fix building with LibreSSL
-
---- a/src/tls/tls.h.orig	Sat Feb  6 15:09:41 2016
-+++ b/src/tls/tls.h	Fri Feb 12 20:15:25 2016
-@@ -89,7 +89,7 @@ extern const char *str_tls_level(int);
- #endif
- 
-  /* Backwards compatibility with OpenSSL < 1.1.0 */
--#if OPENSSL_VERSION_NUMBER < 0x10100000L
-+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
- #define OpenSSL_version_num SSLeay
- #define OpenSSL_version SSLeay_version
- #define OPENSSL_VERSION SSLEAY_VERSION
-diff -urp src/posttls-finger/posttls-finger.c src/posttls-finger/posttls-finger.c
---- a/src/posttls-finger/posttls-finger.c.orig	2016-08-27 22:27:50.000000000 +0200
-+++ b/src/posttls-finger/posttls-finger.c	2016-08-29 15:57:24.941368708 +0200
-@@ -1511,7 +1511,7 @@ static int finger(STATE *state)
+$OpenBSD: patch-src_posttls-finger_posttls-finger_c,v 1.2 2017/03/04 22:09:43 sthen Exp $
+--- a/src/posttls-finger/posttls-finger.c.orig	Fri Feb  3 17:43:04 2017
++++ b/src/posttls-finger/posttls-finger.c	Mon Feb 20 12:42:58 2017
+@@ -1513,7 +1513,8 @@ static int finger(STATE *state)
      return (0);
  }
  
 -#if defined(USE_TLS) && OPENSSL_VERSION_NUMBER < 0x10100000L
-+#if defined(USE_TLS) && (OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER))
++#if defined(USE_TLS) && \
++    ( OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) )
  
  /* ssl_cleanup - free memory allocated in the OpenSSL library */
  
-@@ -1958,7 +1958,7 @@ int     main(int argc, char *argv[])
+@@ -1966,7 +1967,8 @@ int     main(int argc, char *argv[])
      cleanup(&state);
  
      /* OpenSSL 1.1.0 and later (de)initialization is implicit */
 -#if defined(USE_TLS) && OPENSSL_VERSION_NUMBER < 0x10100000L
-+#if defined(USE_TLS) && OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
++#if defined(USE_TLS) && \
++    ( OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) )
      ssl_cleanup();
  #endif
  
-diff -urp src/tls/tls_client.c src/tls/tls_client.c
---- a/src/tls/tls_client.c.orig	2016-08-27 22:27:50.000000000 +0200
-+++ b/src/tls/tls_client.c	2016-08-29 16:00:17.115355822 +0200
-@@ -299,7 +299,7 @@ TLS_APPL_STATE *tls_client_init(const TL
+$OpenBSD: patch-src_tls_tls_client_c,v 1.2 2017/03/04 22:09:43 sthen Exp $
+--- a/src/tls/tls_client.c.orig	Sun Jan  1 17:22:13 2017
++++ b/src/tls/tls_client.c	Mon Feb 20 12:42:58 2017
+@@ -299,7 +299,7 @@ TLS_APPL_STATE *tls_client_init(const TLS_CLIENT_INIT_
       */
      tls_check_version();
  
@@ -46,16 +33,7 @@ diff -urp src/tls/tls_client.c src/tls/tls_client.c
  
      /*
       * Initialize the OpenSSL library by the book! To start with, we must
-@@ -356,7 +356,7 @@ TLS_APPL_STATE *tls_client_init(const TL
-      * TLS_ANY_VERSION macro.
-      */
-     ERR_clear_error();
--#if OPENSSL_VERSION_NUMBER >= 0x10100000L && defined(TLS_ANY_VERSION)
-+#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER) && defined(TLS_ANY_VERSION)
-     client_ctx = SSL_CTX_new(TLS_client_method());
- #else
-     client_ctx = SSL_CTX_new(SSLv23_client_method());
-@@ -441,7 +441,7 @@ TLS_APPL_STATE *tls_client_init(const TL
+@@ -433,7 +433,7 @@ TLS_APPL_STATE *tls_client_init(const TLS_CLIENT_INIT_
      /*
       * 2015-12-05: Ephemeral RSA removed from OpenSSL 1.1.0-dev
       */
@@ -64,10 +42,10 @@ diff -urp src/tls/tls_client.c src/tls/tls_client.c
  
      /*
       * According to the OpenSSL documentation, temporary RSA key is needed
-diff -urp src/tls/tls_dane.c src/tls/tls_dane.c
---- a/src/tls/tls_dane.c.orig	2016-08-27 22:27:50.000000000 +0200
-+++ b/src/tls/tls_dane.c	2016-08-29 15:58:30.467363804 +0200
-@@ -2163,7 +2163,7 @@ static SSL_CTX *ctx_init(const char *CAf
+$OpenBSD: patch-src_tls_tls_dane_c,v 1.2 2017/03/04 22:09:43 sthen Exp $
+--- a/src/tls/tls_dane.c.orig	Sun Jan  1 17:22:13 2017
++++ b/src/tls/tls_dane.c	Mon Feb 20 12:42:58 2017
+@@ -2125,7 +2125,7 @@ static SSL_CTX *ctx_init(const char *CAfile)
      tls_param_init();
      tls_check_version();
  
@@ -76,9 +54,49 @@ diff -urp src/tls/tls_dane.c src/tls/tls_dane.c
      SSL_load_error_strings();
      SSL_library_init();
  #endif
-diff -urp src/tls/tls_rsa.c src/tls/tls_rsa.c
---- a/src/tls/tls_rsa.c.orig	2016-01-03 15:49:51.000000000 +0100
-+++ b/src/tls/tls_rsa.c	2016-08-29 15:57:58.067366229 +0200
+$OpenBSD: patch-src_tls_tls_dh_c,v 1.1 2017/03/04 22:09:43 sthen Exp $
+
+Fix building with LibreSSL
+
+--- a/src/tls/tls_dh.c.orig	Mon Dec 26 18:47:24 2016
++++ b/src/tls/tls_dh.c	Sat Feb  4 01:45:39 2017
+@@ -314,7 +314,7 @@ void    tls_auto_eecdh_curves(SSL_CTX *ctx)
+      * This is a NOP in OpenSSL 1.1.0 and later, where curves are always
+      * auto-negotiated.
+      */
+-#if OPENSSL_VERSION_NUMBER < 0x10100000UL
++#if OPENSSL_VERSION_NUMBER < 0x10100000UL || defined(LIBRESSL_VERSION_NUMBER)
+     if (SSL_CTX_set_ecdh_auto(ctx, 1) <= 0) {
+ 	msg_warn("failed to enable automatic ECDHE curve selection");
+ 	tls_print_errors();
+$OpenBSD: patch-src_tls_tls_h,v 1.2 2017/03/04 22:09:43 sthen Exp $
+
+Fix building with LibreSSL
+
+--- a/src/tls/tls.h.orig	Sun Jan  1 17:22:13 2017
++++ b/src/tls/tls.h	Fri Jan  6 23:17:26 2017
+@@ -89,7 +89,7 @@ extern const char *str_tls_level(int);
+ #endif
+ 
+  /* Backwards compatibility with OpenSSL < 1.1.0 */
+-#if OPENSSL_VERSION_NUMBER < 0x10100000L
++#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
+ #define OpenSSL_version_num SSLeay
+ #define OpenSSL_version SSLeay_version
+ #define OPENSSL_VERSION SSLEAY_VERSION
+@@ -104,6 +104,9 @@ extern const char *str_tls_level(int);
+ #define ASN1_STRING_get0_data ASN1_STRING_data
+ #define X509_getm_notBefore X509_get_notBefore
+ #define X509_getm_notAfter X509_get_notAfter
++#endif
++
++#if OPENSSL_VERSION_NUMBER < 0x10100000L
+ #define TLS_method SSLv23_method
+ #define TLS_client_method SSLv23_client_method
+ #define TLS_server_method SSLv23_server_method
+$OpenBSD: patch-src_tls_tls_rsa_c,v 1.1 2016/09/03 15:39:58 sthen Exp $
+--- a/src/tls/tls_rsa.c.orig	Thu Sep  1 21:57:15 2016
++++ b/src/tls/tls_rsa.c	Thu Sep  1 21:58:11 2016
 @@ -57,7 +57,7 @@
   /*
    * 2015-12-05: Ephemeral RSA removed from OpenSSL 1.1.0-dev
@@ -88,7 +106,7 @@ diff -urp src/tls/tls_rsa.c src/tls/tls_rsa.c
  
  /* tls_tmp_rsa_cb - call-back to generate ephemeral RSA key */
  
-@@ -109,7 +109,7 @@ int     main(int unused_argc, char *cons
+@@ -109,7 +109,7 @@ int     main(int unused_argc, char *const argv[])
      /*
       * 2015-12-05: Ephemeral RSA removed from OpenSSL 1.1.0-dev
       */
@@ -97,10 +115,10 @@ diff -urp src/tls/tls_rsa.c src/tls/tls_rsa.c
      RSA    *rsa;
  
      msg_vstream_init(argv[0], VSTREAM_ERR);
-diff -urp src/tls/tls_server.c src/tls/tls_server.c
---- a/src/tls/tls_server.c.orig	2016-08-27 22:27:50.000000000 +0200
-+++ b/src/tls/tls_server.c	2016-08-29 15:59:41.807358465 +0200
-@@ -174,7 +174,7 @@ static const char server_session_id_cont
+$OpenBSD: patch-src_tls_tls_server_c,v 1.2 2017/03/04 22:09:43 sthen Exp $
+--- a/src/tls/tls_server.c.orig	Sun Jan  1 17:22:13 2017
++++ b/src/tls/tls_server.c	Mon Feb 20 12:42:58 2017
+@@ -174,7 +174,7 @@ static const char server_session_id_context[] = "Postf
  #endif					/* OPENSSL_VERSION_NUMBER */
  
   /* OpenSSL 1.1.0 bitrot */
@@ -109,7 +127,7 @@ diff -urp src/tls/tls_server.c src/tls/tls_server.c
  typedef const unsigned char *session_id_t;
  
  #else
-@@ -377,7 +377,7 @@ TLS_APPL_STATE *tls_server_init(const TL
+@@ -377,7 +377,7 @@ TLS_APPL_STATE *tls_server_init(const TLS_SERVER_INIT_
       */
      tls_check_version();
  
@@ -118,16 +136,7 @@ diff -urp src/tls/tls_server.c src/tls/tls_server.c
  
      /*
       * Initialize the OpenSSL library by the book! To start with, we must
-@@ -447,7 +447,7 @@ TLS_APPL_STATE *tls_server_init(const TL
-      * TLS_ANY_VERSION macro.
-      */
-     ERR_clear_error();
--#if OPENSSL_VERSION_NUMBER >= 0x10100000L && defined(TLS_ANY_VERSION)
-+#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER) && defined(TLS_ANY_VERSION)
-     server_ctx = SSL_CTX_new(TLS_server_method());
- #else
-     server_ctx = SSL_CTX_new(SSLv23_server_method());
-@@ -588,7 +588,7 @@ TLS_APPL_STATE *tls_server_init(const TL
+@@ -580,7 +580,7 @@ TLS_APPL_STATE *tls_server_init(const TLS_SERVER_INIT_
      /*
       * 2015-12-05: Ephemeral RSA removed from OpenSSL 1.1.0-dev
       */
@@ -136,3 +145,16 @@ diff -urp src/tls/tls_server.c src/tls/tls_server.c
  
      /*
       * According to OpenSSL documentation, a temporary RSA key is needed when
+
+For LibreSSL 2.4:
+--- a/src/tls/tls_dh.c.orig
++++ b/src/tls/tls_dh.c
+@@ -244,7 +244,7 @@
+ 
+ void    tls_auto_eecdh_curves(SSL_CTX *ctx)
+ {
+-#if OPENSSL_VERSION_NUMBER >= 0x1000200fUL && !defined(OPENSSL_NO_ECDH)
++#if OPENSSL_VERSION_NUMBER >= 0x1000200fUL && !defined(OPENSSL_NO_ECDH) && !defined(LIBRESSL_VERSION_NUMBER)
+     SSL_CTX *tmpctx;
+     int    *nids;
+     int     space = 5;
author	Leonardo Arena <rnalrd@alpinelinux.org>	2017-06-06 13:47:56 +0000
committer	Leonardo Arena <rnalrd@alpinelinux.org>	2017-06-06 13:47:56 +0000
commit	b7a326232d701d67e71ec1b4d4eb9e4b89b9507e (patch)
tree	ae4317632edeea103271ac6cbe2bdc51730a29f4 /main/postfix/libressl.patch
parent	dfbb23ecb7d8f133ac21827090d6c8893323bde4 (diff)
download	aports-b7a326232d701d67e71ec1b4d4eb9e4b89b9507e.tar.bz2 aports-b7a326232d701d67e71ec1b4d4eb9e4b89b9507e.tar.xz