1 |
commit: bb8b6bb78adfa6f50f37a09b7fa8b16c5fd85471 |
2 |
Author: Craig Andrews <candrews <AT> gentoo <DOT> org> |
3 |
AuthorDate: Wed Oct 24 20:57:27 2018 +0000 |
4 |
Commit: Craig Andrews <candrews <AT> gentoo <DOT> org> |
5 |
CommitDate: Thu Oct 25 13:39:26 2018 +0000 |
6 |
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=bb8b6bb7 |
7 |
|
8 |
mail-filter/opendkim: Fix building with OpenSSL 1.1.1 |
9 |
|
10 |
Closes: https://bugs.gentoo.org/669512 |
11 |
Signed-off-by: Craig Andrews <candrews <AT> gentoo.org> |
12 |
Package-Manager: Portage-2.3.51, Repoman-2.3.11 |
13 |
|
14 |
.../files/opendkim-2.10.3-openssl-1.1.1.patch | 170 +++++++++++++++++ |
15 |
mail-filter/opendkim/opendkim-2.10.3-r4.ebuild | 205 +++++++++++++++++++++ |
16 |
2 files changed, 375 insertions(+) |
17 |
|
18 |
diff --git a/mail-filter/opendkim/files/opendkim-2.10.3-openssl-1.1.1.patch b/mail-filter/opendkim/files/opendkim-2.10.3-openssl-1.1.1.patch |
19 |
new file mode 100644 |
20 |
index 00000000000..825d7753aca |
21 |
--- /dev/null |
22 |
+++ b/mail-filter/opendkim/files/opendkim-2.10.3-openssl-1.1.1.patch |
23 |
@@ -0,0 +1,170 @@ |
24 |
+From FreeBSD: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=223568 |
25 |
+--- a/configure.ac 2015-05-12 18:43:09 UTC |
26 |
++++ b/configure.ac |
27 |
+@@ -860,26 +860,28 @@ then |
28 |
+ AC_SEARCH_LIBS([ERR_peek_error], [crypto], , |
29 |
+ AC_MSG_ERROR([libcrypto not found])) |
30 |
+ |
31 |
+- AC_SEARCH_LIBS([SSL_library_init], [ssl], , |
32 |
+- [ |
33 |
+- if test x"$enable_shared" = x"yes" |
34 |
+- then |
35 |
+- AC_MSG_ERROR([Cannot build shared opendkim |
36 |
+- against static openssl libraries. |
37 |
+- Configure with --disable-shared |
38 |
+- to get this working or obtain a |
39 |
+- shared libssl library for |
40 |
+- opendkim to use.]) |
41 |
+- fi |
42 |
+ |
43 |
+- # avoid caching issue - last result of SSL_library_init |
44 |
+- # shouldn't be cached for this next check |
45 |
+- unset ac_cv_search_SSL_library_init |
46 |
+- LIBCRYPTO_LIBS="$LIBCRYPTO_LIBS -ldl" |
47 |
+- AC_SEARCH_LIBS([SSL_library_init], [ssl], , |
48 |
+- AC_MSG_ERROR([libssl not found]), [-ldl]) |
49 |
+- ] |
50 |
+- ) |
51 |
++ AC_LINK_IFELSE( |
52 |
++ [AC_LANG_PROGRAM([[#include <openssl/ssl.h>]], |
53 |
++ [[SSL_library_init();]])], |
54 |
++ [od_have_ossl="yes";], |
55 |
++ [od_have_ossl="no";]) |
56 |
++ if test x"$od_have_ossl" = x"no" |
57 |
++ then |
58 |
++ if test x"$enable_shared" = x"yes" |
59 |
++ then |
60 |
++ AC_MSG_ERROR([Cannot build shared opendkim |
61 |
++ against static openssl libraries. |
62 |
++ Configure with --disable-shared |
63 |
++ to get this working or obtain a |
64 |
++ shared libssl library for |
65 |
++ opendkim to use.]) |
66 |
++ fi |
67 |
++ |
68 |
++ LIBCRYPTO_LIBS="$LIBCRYPTO_LIBS -ldl" |
69 |
++ AC_SEARCH_LIBS([SSL_library_init], [ssl], , |
70 |
++ AC_MSG_ERROR([libssl not found]), [-ldl]) |
71 |
++ fi |
72 |
+ |
73 |
+ AC_CHECK_DECL([SHA256_DIGEST_LENGTH], |
74 |
+ AC_DEFINE([HAVE_SHA256], 1, |
75 |
+--- a/libopendkim/tests/Makefile.in 2015-05-12 18:43:48 UTC |
76 |
++++ b/libopendkim/tests/Makefile.in |
77 |
+@@ -1108,8 +1108,10 @@ am__nobase_list = $(am__nobase_strip_setup); \ |
78 |
+ { print $$2, files[$$2]; n[$$2] = 0; files[$$2] = "" } } \ |
79 |
+ END { for (dir in files) print dir, files[dir] }' |
80 |
+ am__base_list = \ |
81 |
+- sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \ |
82 |
+- sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g' |
83 |
++ sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\ |
84 |
++/ /g' | \ |
85 |
++ sed '$$!N;$$!N;$$!N;$$!N;s/\ |
86 |
++/ /g' |
87 |
+ am__uninstall_files_from_dir = { \ |
88 |
+ test -z "$$files" \ |
89 |
+ || { test ! -d "$$dir" && test ! -f "$$dir" && test ! -r "$$dir"; } \ |
90 |
+@@ -4131,16 +4133,19 @@ uninstall-am: uninstall-dist_docDATA |
91 |
+ @LCOV_TRUE@×××××××××××.txt: $(check_PROGRAMS) $(check_SCRIPTS) |
92 |
+ @LCOV_TRUE@ rm -f $@ |
93 |
+ @LCOV_TRUE@ for i in $(check_PROGRAMS); do \ |
94 |
+-@LCOV_TRUE@ testname=$${i/t-}; \ |
95 |
+-@LCOV_TRUE@ testname=$${testname//-/_}; \ |
96 |
++@LCOV_TRUE@ testname=$${i#t-}; \ |
97 |
++@LCOV_TRUE@ testname=$$(echo $${testname} | sed -e 's/-/_/g'); \ |
98 |
+ @LCOV_TRUE@ fgrep '***' $$i.c | tail -n 1 | \ |
99 |
+-@LCOV_TRUE@ (echo $${testname} ; sed -e 's/[^*]*\*\*\*\(.*\)\\n.*/\t\1\n/g' ) >> $@; \ |
100 |
++@LCOV_TRUE@ (echo $${testname} ; sed -e 's/[^*]*\*\*\*\(.*\)\\ |
101 |
++@LCOV_TRUE@.*/ \1\ |
102 |
++@LCOV_TRUE@/g' ) >> $@; \ |
103 |
+ @LCOV_TRUE@ done |
104 |
+ @LCOV_TRUE@ for i in $(check_SCRIPTS); do \ |
105 |
+-@LCOV_TRUE@ testname=$${i/t-}; \ |
106 |
+-@LCOV_TRUE@ testname=$${testname//-/_}; \ |
107 |
++@LCOV_TRUE@ testname=$${i#t-}; \ |
108 |
++@LCOV_TRUE@ testname=$$(echo $${testname} | sed -e 's/-/_/g'); \ |
109 |
+ @LCOV_TRUE@ grep '^#' $$i | tail -n 1 | \ |
110 |
+-@LCOV_TRUE@ (echo $${testname} ; sed -e 's/^# \(.*\)/\t\1\n/g' ) >> $@; \ |
111 |
++@LCOV_TRUE@ (echo $${testname} ; sed -e 's/^# \(.*\)/ \1\ |
112 |
++@LCOV_TRUE@/g' ) >> $@; \ |
113 |
+ @LCOV_TRUE@ done |
114 |
+ |
115 |
+ @LCOV_TRUE@×××××××××××.html: description.txt |
116 |
+--- a/libopendkim/dkim-canon.c 2015-05-11 03:56:13 UTC |
117 |
++++ b/libopendkim/dkim-canon.c |
118 |
+@@ -388,7 +388,7 @@ dkim_canon_header_string(struct dkim_dstring *dstr, dk |
119 |
+ } |
120 |
+ |
121 |
+ /* skip all spaces before first word */ |
122 |
+- while (*p != '\0' && DKIM_ISWSP(*p)) |
123 |
++ while (*p != '\0' && DKIM_ISLWSP(*p)) |
124 |
+ p++; |
125 |
+ |
126 |
+ space = FALSE; /* just saw a space */ |
127 |
+--- a/opendkim/tests/Makefile.in 2015-05-12 18:43:49 UTC |
128 |
++++ b/opendkim/tests/Makefile.in |
129 |
+@@ -139,8 +139,10 @@ am__nobase_list = $(am__nobase_strip_setup); \ |
130 |
+ { print $$2, files[$$2]; n[$$2] = 0; files[$$2] = "" } } \ |
131 |
+ END { for (dir in files) print dir, files[dir] }' |
132 |
+ am__base_list = \ |
133 |
+- sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \ |
134 |
+- sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g' |
135 |
++ sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\ |
136 |
++/ /g' | \ |
137 |
++ sed '$$!N;$$!N;$$!N;$$!N;s/\ |
138 |
++/ /g' |
139 |
+ am__uninstall_files_from_dir = { \ |
140 |
+ test -z "$$files" \ |
141 |
+ || { test ! -d "$$dir" && test ! -f "$$dir" && test ! -r "$$dir"; } \ |
142 |
+@@ -1298,14 +1300,16 @@ uninstall-am: uninstall-dist_docDATA |
143 |
+ @LCOV_TRUE@×××××××××××.txt: $(check_SCRIPTS) |
144 |
+ @LCOV_TRUE@ rm -f $@ |
145 |
+ @LCOV_TRUE@ for test in $? ; do \ |
146 |
+-@LCOV_TRUE@ testname=$${test/t-}; \ |
147 |
+-@LCOV_TRUE@ testname=$${testname//-/_}; \ |
148 |
++@LCOV_TRUE@ testname=$${test#t-}; \ |
149 |
++@LCOV_TRUE@ testname=$$(echo $${testname} | sed -e 's/-/_/g'); \ |
150 |
+ @LCOV_TRUE@ grep ^# $$test | tail -n 1 | \ |
151 |
+-@LCOV_TRUE@ sed -e "s/^#\(.*\)/$${testname}\n\t\1\n/g" >> $@; \ |
152 |
++@LCOV_TRUE@ sed -e "s/^#\(.*\)/$${testname}\ |
153 |
++@LCOV_TRUE@ \1\ |
154 |
++@LCOV_TRUE@/g" >> $@; \ |
155 |
+ @LCOV_TRUE@ done |
156 |
+ |
157 |
+ @LCOV_TRUE@×××××××××××.html: description.txt |
158 |
+-@LCOV_TRUE@ gendesc --output $@ $< |
159 |
++@LCOV_TRUE@ gendesc --output $@ $? |
160 |
+ |
161 |
+ @LCOV_TRUE@maintainer-clean-local: |
162 |
+ @LCOV_TRUE@ -rm -rf lcov/[^C]* |
163 |
+--- a/opendkim/opendkim-crypto.c 2013-02-25 21:02:41 UTC |
164 |
++++ b/opendkim/opendkim-crypto.c |
165 |
+@@ -222,7 +222,11 @@ dkimf_crypto_free_id(void *ptr) |
166 |
+ { |
167 |
+ assert(pthread_setspecific(id_key, ptr) == 0); |
168 |
+ |
169 |
++#if OPENSSL_VERSION_NUMBER >= 0x10100000 |
170 |
++ OPENSSL_thread_stop(); |
171 |
++#else |
172 |
+ ERR_remove_state(0); |
173 |
++#endif |
174 |
+ |
175 |
+ free(ptr); |
176 |
+ |
177 |
+@@ -392,11 +396,15 @@ dkimf_crypto_free(void) |
178 |
+ { |
179 |
+ if (crypto_init_done) |
180 |
+ { |
181 |
++#if OPENSSL_VERSION_NUMBER >= 0x10100000 |
182 |
++ OPENSSL_thread_stop(); |
183 |
++#else |
184 |
+ CRYPTO_cleanup_all_ex_data(); |
185 |
+ CONF_modules_free(); |
186 |
+ EVP_cleanup(); |
187 |
+ ERR_free_strings(); |
188 |
+ ERR_remove_state(0); |
189 |
++#endif |
190 |
+ |
191 |
+ if (nmutexes > 0) |
192 |
+ { |
193 |
+ |
194 |
|
195 |
diff --git a/mail-filter/opendkim/opendkim-2.10.3-r4.ebuild b/mail-filter/opendkim/opendkim-2.10.3-r4.ebuild |
196 |
new file mode 100644 |
197 |
index 00000000000..6c1b66b18e1 |
198 |
--- /dev/null |
199 |
+++ b/mail-filter/opendkim/opendkim-2.10.3-r4.ebuild |
200 |
@@ -0,0 +1,205 @@ |
201 |
+# Copyright 1999-2018 Gentoo Authors |
202 |
+# Distributed under the terms of the GNU General Public License v2 |
203 |
+ |
204 |
+EAPI=6 |
205 |
+ |
206 |
+inherit autotools db-use eutils systemd user |
207 |
+ |
208 |
+# for betas |
209 |
+#MY_P=${P/_b/.B} |
210 |
+#S=${WORKDIR}/${PN}-2.8.0 |
211 |
+#SRC_URI="mirror://sourceforge/opendkim/${MY_P}.tar.gz" |
212 |
+ |
213 |
+DESCRIPTION="A milter-based application to provide DKIM signing and verification" |
214 |
+HOMEPAGE="http://opendkim.org" |
215 |
+SRC_URI="mirror://sourceforge/opendkim/${P}.tar.gz" |
216 |
+ |
217 |
+LICENSE="Sendmail-Open-Source BSD" |
218 |
+SLOT="0" |
219 |
+KEYWORDS="~amd64 ~arm ~x86" |
220 |
+IUSE="+berkdb gnutls ldap libressl lmdb lua memcached opendbx poll sasl selinux +ssl static-libs unbound" |
221 |
+ |
222 |
+DEPEND="|| ( mail-filter/libmilter mail-mta/sendmail ) |
223 |
+ dev-libs/libbsd |
224 |
+ ssl? ( |
225 |
+ !libressl? ( dev-libs/openssl:0= ) |
226 |
+ libressl? ( dev-libs/libressl:0= ) |
227 |
+ ) |
228 |
+ berkdb? ( >=sys-libs/db-3.2:* ) |
229 |
+ opendbx? ( >=dev-db/opendbx-1.4.0 ) |
230 |
+ lua? ( dev-lang/lua:* ) |
231 |
+ ldap? ( net-nds/openldap ) |
232 |
+ lmdb? ( dev-db/lmdb ) |
233 |
+ memcached? ( dev-libs/libmemcached ) |
234 |
+ sasl? ( dev-libs/cyrus-sasl ) |
235 |
+ unbound? ( >=net-dns/unbound-1.4.1:= net-dns/dnssec-root ) |
236 |
+ !unbound? ( net-libs/ldns ) |
237 |
+ gnutls? ( >=net-libs/gnutls-3.3 )" |
238 |
+ |
239 |
+RDEPEND="${DEPEND} |
240 |
+ sys-process/psmisc |
241 |
+ selinux? ( sec-policy/selinux-dkim ) |
242 |
+" |
243 |
+ |
244 |
+REQUIRED_USE="sasl? ( ldap )" |
245 |
+ |
246 |
+PATCHES=( |
247 |
+ "${FILESDIR}/${P}-gnutls-3.4.patch" |
248 |
+ "${FILESDIR}/${P}-openssl-1.1.1.patch" |
249 |
+) |
250 |
+ |
251 |
+pkg_setup() { |
252 |
+ enewgroup milter |
253 |
+ # mail-milter/spamass-milter creates milter user with this home directory |
254 |
+ # For consistency reasons, milter user must be created here with this home directory |
255 |
+ # even though this package doesn't need a home directory for this user (#280571) |
256 |
+ enewuser milter -1 -1 /var/lib/milter milter |
257 |
+} |
258 |
+ |
259 |
+src_prepare() { |
260 |
+ default |
261 |
+ |
262 |
+ sed -i -e 's:/var/db/dkim:/etc/opendkim:g' \ |
263 |
+ -e 's:/var/db/opendkim:/var/lib/opendkim:g' \ |
264 |
+ -e 's:/etc/mail:/etc/opendkim:g' \ |
265 |
+ -e 's:mailnull:milter:g' \ |
266 |
+ -e 's:^#[[:space:]]*PidFile.*:PidFile /run/opendkim/opendkim.pid:' \ |
267 |
+ opendkim/opendkim.conf.sample opendkim/opendkim.conf.simple.in \ |
268 |
+ stats/opendkim-reportstats{,.in} || die |
269 |
+ |
270 |
+ sed -i -e 's:dist_doc_DATA:dist_html_DATA:' libopendkim/docs/Makefile.am \ |
271 |
+ || die |
272 |
+ |
273 |
+ sed -i -e '/sock.*mt.getcwd/s:mt.getcwd():"/tmp":' opendkim/tests/*.lua |
274 |
+ sed -i -e '/sock.*mt.getcwd/s:mt.getcwd():"/proc/self/cwd":' opendkim/tests/*.lua |
275 |
+ |
276 |
+ eautoreconf |
277 |
+} |
278 |
+ |
279 |
+src_configure() { |
280 |
+ local myconf=() |
281 |
+ if use berkdb ; then |
282 |
+ myconf+=( |
283 |
+ $(db_includedir) |
284 |
+ --with-db-incdir=${myconf#-I} |
285 |
+ --enable-popauth |
286 |
+ --enable-query_cache |
287 |
+ --enable-stats |
288 |
+ ) |
289 |
+ fi |
290 |
+ if use unbound; then |
291 |
+ myconf+=( --with-unbound ) |
292 |
+ else |
293 |
+ myconf+=( --with-ldns ) |
294 |
+ fi |
295 |
+ if use ldap; then |
296 |
+ myconf+=( $(use_with sasl) ) |
297 |
+ fi |
298 |
+ econf \ |
299 |
+ $(use_with berkdb db) \ |
300 |
+ $(use_with opendbx odbx) \ |
301 |
+ $(use_with lua) \ |
302 |
+ $(use_enable lua rbl) \ |
303 |
+ $(use_with ldap openldap) \ |
304 |
+ $(use_with lmdb) \ |
305 |
+ $(use_enable poll) \ |
306 |
+ $(use_enable static-libs static) \ |
307 |
+ $(use_with gnutls) \ |
308 |
+ $(use_with memcached libmemcached) \ |
309 |
+ "${myconf[@]}" \ |
310 |
+ --enable-filter \ |
311 |
+ --enable-atps \ |
312 |
+ --enable-identity_header \ |
313 |
+ --enable-rate_limit \ |
314 |
+ --enable-resign \ |
315 |
+ --enable-replace_rules \ |
316 |
+ --enable-default_sender \ |
317 |
+ --enable-sender_macro \ |
318 |
+ --enable-vbr \ |
319 |
+ --disable-live-testing |
320 |
+ #--with-test-socket=/tmp/opendkim-$(echo ${RANDOM})-S |
321 |
+ #--disable-rpath |
322 |
+} |
323 |
+ |
324 |
+src_install() { |
325 |
+ default |
326 |
+ prune_libtool_files |
327 |
+ |
328 |
+ dosbin stats/opendkim-reportstats |
329 |
+ |
330 |
+ newinitd "${FILESDIR}/opendkim.init.r3" opendkim |
331 |
+ systemd_newunit "${FILESDIR}/opendkim-r1.service" opendkim.service |
332 |
+ |
333 |
+ dodir /etc/opendkim /var/lib/opendkim |
334 |
+ fowners milter:milter /var/lib/opendkim |
335 |
+ |
336 |
+ # default configuration |
337 |
+ if [ ! -f "${ROOT}"/etc/opendkim/opendkim.conf ]; then |
338 |
+ grep ^[^#] "${S}"/opendkim/opendkim.conf.simple \ |
339 |
+ > "${D}"/etc/opendkim/opendkim.conf |
340 |
+ if use unbound; then |
341 |
+ echo TrustAnchorFile /etc/dnssec/root-anchors.txt >> "${D}"/etc/opendkim/opendkim.conf |
342 |
+ fi |
343 |
+ echo UserID milter >> "${D}"/etc/opendkim/opendkim.conf |
344 |
+ if use berkdb; then |
345 |
+ echo Statistics /var/lib/opendkim/stats.dat >> \ |
346 |
+ "${D}"/etc/opendkim/opendkim.conf |
347 |
+ fi |
348 |
+ fi |
349 |
+} |
350 |
+ |
351 |
+pkg_postinst() { |
352 |
+ if [[ -z ${REPLACING_VERSION} ]]; then |
353 |
+ elog "If you want to sign your mail messages and need some help" |
354 |
+ elog "please run:" |
355 |
+ elog " emerge --config ${CATEGORY}/${PN}" |
356 |
+ elog "It will help you create your key and give you hints on how" |
357 |
+ elog "to configure your DNS and MTA." |
358 |
+ |
359 |
+ ewarn "Make sure your MTA has r/w access to the socket file." |
360 |
+ ewarn "This can be done either by setting UMask to 002 and adding MTA's user" |
361 |
+ ewarn "to milter group or you can simply set UMask to 000." |
362 |
+ fi |
363 |
+} |
364 |
+ |
365 |
+pkg_config() { |
366 |
+ local selector keysize pubkey |
367 |
+ |
368 |
+ read -p "Enter the selector name (default ${HOSTNAME}): " selector |
369 |
+ [[ -n "${selector}" ]] || selector=${HOSTNAME} |
370 |
+ if [[ -z "${selector}" ]]; then |
371 |
+ eerror "Oddly enough, you don't have a HOSTNAME." |
372 |
+ return 1 |
373 |
+ fi |
374 |
+ if [[ -f "${ROOT}"etc/opendkim/${selector}.private ]]; then |
375 |
+ ewarn "The private key for this selector already exists." |
376 |
+ else |
377 |
+ keysize=1024 |
378 |
+ # generate the private and public keys |
379 |
+ opendkim-genkey -b ${keysize} -D "${ROOT}"etc/opendkim/ \ |
380 |
+ -s ${selector} -d '(your domain)' && \ |
381 |
+ chown milter:milter \ |
382 |
+ "${ROOT}"etc/opendkim/"${selector}".private || \ |
383 |
+ { eerror "Failed to create private and public keys." ; return 1; } |
384 |
+ chmod go-r "${ROOT}"etc/opendkim/"${selector}".private |
385 |
+ fi |
386 |
+ |
387 |
+ # opendkim selector configuration |
388 |
+ echo |
389 |
+ einfo "Make sure you have the following settings in your /etc/opendkim/opendkim.conf:" |
390 |
+ einfo " Keyfile /etc/opendkim/${selector}.private" |
391 |
+ einfo " Selector ${selector}" |
392 |
+ |
393 |
+ # MTA configuration |
394 |
+ echo |
395 |
+ einfo "If you are using Postfix, add following lines to your main.cf:" |
396 |
+ einfo " smtpd_milters = unix:/var/run/opendkim/opendkim.sock" |
397 |
+ einfo " non_smtpd_milters = unix:/var/run/opendkim/opendkim.sock" |
398 |
+ einfo " and read http://www.postfix.org/MILTER_README.html" |
399 |
+ |
400 |
+ # DNS configuration |
401 |
+ einfo "After you configured your MTA, publish your key by adding this TXT record to your domain:" |
402 |
+ cat "${ROOT}"etc/opendkim/${selector}.txt |
403 |
+ einfo "t=y signifies you only test the DKIM on your domain. See following page for the complete list of tags:" |
404 |
+ einfo " http://www.dkim.org/specs/rfc4871-dkimbase.html#key-text" |
405 |
+} |