summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorRaphaël Marichez <falco@gentoo.org>2008-08-14 12:33:41 +0000
committerRaphaël Marichez <falco@gentoo.org>2008-08-14 12:33:41 +0000
commitc2dad05d5804d267fa498271ef4ba20b7a53e6e6 (patch)
tree88b09835db3423b5b792d459397ffabeded81fb1 /mail-mta
parentFixed encoding in ChangeLog (diff)
downloadgentoo-2-c2dad05d5804d267fa498271ef4ba20b7a53e6e6.tar.gz
gentoo-2-c2dad05d5804d267fa498271ef4ba20b7a53e6e6.tar.bz2
gentoo-2-c2dad05d5804d267fa498271ef4ba20b7a53e6e6.zip
Revision bump, security bug 232642, straight-to-stable commit
(Portage version: 2.1.4.4, RepoMan options: --force)
Diffstat (limited to 'mail-mta')
-rw-r--r--mail-mta/postfix/ChangeLog12
-rw-r--r--mail-mta/postfix/files/postfix-2.4.7-CVE-2008-2936.patch45
-rw-r--r--mail-mta/postfix/files/postfix-2.4.7-CVE-2008-2937.patch481
-rw-r--r--mail-mta/postfix/files/postfix-2.5.3-CVE-2008-2936.patch44
-rw-r--r--mail-mta/postfix/postfix-2.4.7-r1.ebuild380
-rw-r--r--mail-mta/postfix/postfix-2.5.3-r1.ebuild385
6 files changed, 1346 insertions, 1 deletions
diff --git a/mail-mta/postfix/ChangeLog b/mail-mta/postfix/ChangeLog
index ad5fe9b67fcb..f9620b83a782 100644
--- a/mail-mta/postfix/ChangeLog
+++ b/mail-mta/postfix/ChangeLog
@@ -1,6 +1,16 @@
# ChangeLog for mail-mta/postfix
# Copyright 2002-2008 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/mail-mta/postfix/ChangeLog,v 1.165 2008/08/03 14:29:58 dertobi123 Exp $
+# $Header: /var/cvsroot/gentoo-x86/mail-mta/postfix/ChangeLog,v 1.166 2008/08/14 12:33:40 falco Exp $
+
+*postfix-2.5.3-r1 (14 Aug 2008)
+*postfix-2.4.7-r1 (14 Aug 2008)
+
+ 14 Aug 2008; Raphael Marichez <falco@gentoo.org>
+ +files/postfix-2.4.7-CVE-2008-2936.patch,
+ +files/postfix-2.4.7-CVE-2008-2937.patch,
+ +files/postfix-2.5.3-CVE-2008-2936.patch, +postfix-2.4.7-r1.ebuild,
+ +postfix-2.5.3-r1.ebuild:
+ Revision bump, security bug 232642
*postfix-2.5.3 (03 Aug 2008)
diff --git a/mail-mta/postfix/files/postfix-2.4.7-CVE-2008-2936.patch b/mail-mta/postfix/files/postfix-2.4.7-CVE-2008-2936.patch
new file mode 100644
index 000000000000..f8d6ecb5f3f7
--- /dev/null
+++ b/mail-mta/postfix/files/postfix-2.4.7-CVE-2008-2936.patch
@@ -0,0 +1,45 @@
+Index: postfix-2.4.7/src/util/safe_open.c
+===================================================================
+--- postfix-2.4.7.orig/src/util/safe_open.c
++++ postfix-2.4.7/src/util/safe_open.c
+@@ -83,6 +83,7 @@
+ #include <msg.h>
+ #include <vstream.h>
+ #include <vstring.h>
++#include <stringops.h>
+ #include <safe_open.h>
+
+ /* safe_open_exist - open existing file */
+@@ -138,13 +139,30 @@ static VSTREAM *safe_open_exist(const ch
+ * for symlinks owned by root. NEVER, NEVER, make exceptions for symlinks
+ * owned by a non-root user. This would open a security hole when
+ * delivering mail to a world-writable mailbox directory.
++ *
++ * The semantics of link(symlink, target) has changed over time.
++ * Traditionally, UNIX systems hardlink the target of the symlink.
++ * However, some systems hardlink the symlink itself. The latter behavior
++ * was introduced with Solaris 2.0, and with Linux kernel 2.0. Sebastian
++ * Krahmer of SuSE found that hardlinks to symlinks could be used to
++ * append mail for root to a sensitive file. For this reason, we not
++ * only require that a symlink is owned by root, but we now also require
++ * that its parent directory is writable only by root.
+ */
+ else if (lstat(path, &lstat_st) < 0) {
+ vstring_sprintf(why, "file status changed unexpectedly: %m");
+ errno = EPERM;
+ } else if (S_ISLNK(lstat_st.st_mode)) {
+- if (lstat_st.st_uid == 0)
+- return (fp);
++ if (lstat_st.st_uid == 0) {
++ struct stat parent_st;
++ const char *parent;
++
++ parent = sane_dirname((VSTRING *) 0, path);
++ if (stat(parent, &parent_st) == 0 /* real parent */
++ && parent_st.st_uid == 0
++ && (parent_st.st_mode & (S_IWGRP | S_IWOTH)) == 0)
++ return (fp);
++ }
+ vstring_sprintf(why, "file is a symbolic link");
+ errno = EPERM;
+ } else if (fstat_st->st_dev != lstat_st.st_dev
diff --git a/mail-mta/postfix/files/postfix-2.4.7-CVE-2008-2937.patch b/mail-mta/postfix/files/postfix-2.4.7-CVE-2008-2937.patch
new file mode 100644
index 000000000000..af38319aee09
--- /dev/null
+++ b/mail-mta/postfix/files/postfix-2.4.7-CVE-2008-2937.patch
@@ -0,0 +1,481 @@
+diff --git a/HISTORY b/HISTORY
+index 73db63f..bfc98a1 100644
+--- a/HISTORY
++++ b/HISTORY
+@@ -13599,3 +13599,9 @@ Apologies for any names omitted.
+ prevent dovecot-auth memory wastage. Timo Sirainen. File:
+ xsasl/xsasl_dovecot_server.c.
+
++20080725
++
++ Paranoia: defer delivery when a mailbox file is not owned
++ by the recipient. Requested by Sebastian Krahmer, SuSE.
++ Specify "strict_mailbox_ownership=no" to ignore ownership
++ discrepancies. Files: local/mailbox.c, virtual/mailbox.c.
+diff --git a/RELEASE_NOTES b/RELEASE_NOTES
+index cf371e5..fb5f4cd 100644
+--- a/RELEASE_NOTES
++++ b/RELEASE_NOTES
+@@ -11,6 +11,14 @@ instead, a new snapshot is released.
+ The mail_release_date configuration parameter (format: yyyymmdd)
+ specifies the release date of a stable release or snapshot release.
+
++Incompatibility with Postfix 2.4.7
++==================================
++
++When a mailbox file is not owned by its recipient, the local and
++virtual delivery agents now log a warning and defer delivery.
++Specify "strict_mailbox_ownership = no" to ignore such ownership
++discrepancies.
++
+ Incompatibility with Postfix 2.4.4
+ ==================================
+
+diff --git a/html/local.8.html b/html/local.8.html
+index de3fd4f..9cece01 100644
+--- a/html/local.8.html
++++ b/html/local.8.html
+@@ -394,6 +394,12 @@ LOCAL(8) LOCAL(8)
+ attempt; do not update the Delivered-To: address
+ while expanding aliases or .forward files.
+
++ Available in Postfix version 2.4.7-r1 and later:
++
++ <b><a href="postconf.5.html#strict_mailbox_ownership">strict_mailbox_ownership</a> (yes)</b>
++ Defer delivery when a mailbox file is not owned by
++ its recipient.
++
+ <b>DELIVERY METHOD CONTROLS</b>
+ The precedence of <a href="local.8.html"><b>local</b>(8)</a> delivery methods from high to
+ low is: aliases, .forward files, <a href="postconf.5.html#mailbox_transport_maps">mailbox_transport_maps</a>,
+@@ -532,6 +538,12 @@ LOCAL(8) LOCAL(8)
+ agent allows in $name expansions of $<a href="postconf.5.html#command_execution_directory">command_execu</a>-
+ <a href="postconf.5.html#command_execution_directory">tion_directory</a>.
+
++ Available in Postfix version 2.4.7-r1 and later:
++
++ <b><a href="postconf.5.html#strict_mailbox_ownership">strict_mailbox_ownership</a> (yes)</b>
++ Defer delivery when a mailbox file is not owned by
++ its recipient.
++
+ <b>MISCELLANEOUS CONTROLS</b>
+ <b><a href="postconf.5.html#config_directory">config_directory</a> (see 'postconf -d' output)</b>
+ The default location of the Postfix <a href="postconf.5.html">main.cf</a> and
+diff --git a/html/postconf.5.html b/html/postconf.5.html
+index a19b6b3..7952563 100644
+--- a/html/postconf.5.html
++++ b/html/postconf.5.html
+@@ -11602,6 +11602,17 @@ This feature is available in Postfix 2.0 and later.
+
+ </DD>
+
++<DT><b><a name="strict_mailbox_ownership">strict_mailbox_ownership</a>
++(default: yes)</b></DT><DD>
++
++<p> Defer delivery when a mailbox file is not owned by its recipient.
++The default setting is not backwards compatible. </p>
++
++<p> This feature is available in Postfix 2.4.7-r1 and later. </p>
++
++
++</DD>
++
+ <DT><b><a name="strict_mime_encoding_domain">strict_mime_encoding_domain</a>
+ (default: no)</b></DT><DD>
+
+diff --git a/html/virtual.8.html b/html/virtual.8.html
+index 3d7e526..0341911 100644
+--- a/html/virtual.8.html
++++ b/html/virtual.8.html
+@@ -200,9 +200,15 @@ VIRTUAL(8) VIRTUAL(8)
+ destination for final delivery to domains listed
+ with $<a href="postconf.5.html#virtual_mailbox_domains">virtual_mailbox_domains</a>.
+
++ Available in Postfix version 2.4.7-r1 and later:
++
++ <b><a href="postconf.5.html#strict_mailbox_ownership">strict_mailbox_ownership</a> (yes)</b>
++ Defer delivery when a mailbox file is not owned by
++ its recipient.
++
+ <b>LOCKING CONTROLS</b>
+ <b><a href="postconf.5.html#virtual_mailbox_lock">virtual_mailbox_lock</a> (see 'postconf -d' output)</b>
+- How to lock a UNIX-style <a href="virtual.8.html"><b>virtual</b>(8)</a> mailbox before
++ How to lock a UNIX-style <a href="virtual.8.html"><b>virtual</b>(8)</a> mailbox before
+ attempting delivery.
+
+ <b><a href="postconf.5.html#deliver_lock_attempts">deliver_lock_attempts</a> (20)</b>
+@@ -210,41 +216,41 @@ VIRTUAL(8) VIRTUAL(8)
+ sive lock on a mailbox file or <a href="bounce.8.html"><b>bounce</b>(8)</a> logfile.
+
+ <b><a href="postconf.5.html#deliver_lock_delay">deliver_lock_delay</a> (1s)</b>
+- The time between attempts to acquire an exclusive
++ The time between attempts to acquire an exclusive
+ lock on a mailbox file or <a href="bounce.8.html"><b>bounce</b>(8)</a> logfile.
+
+ <b><a href="postconf.5.html#stale_lock_time">stale_lock_time</a> (500s)</b>
+- The time after which a stale exclusive mailbox
++ The time after which a stale exclusive mailbox
+ lockfile is removed.
+
+ <b>RESOURCE AND RATE CONTROLS</b>
+ <b><a href="postconf.5.html#virtual_destination_concurrency_limit">virtual_destination_concurrency_limit</a> ($<a href="postconf.5.html#default_destination_concurrency_limit">default_destina</a>-</b>
+ <b><a href="postconf.5.html#default_destination_concurrency_limit">tion_concurrency_limit</a>)</b>
+- The maximal number of parallel deliveries to the
+- same destination via the virtual message delivery
++ The maximal number of parallel deliveries to the
++ same destination via the virtual message delivery
+ transport.
+
+ <b><a href="postconf.5.html#virtual_destination_recipient_limit">virtual_destination_recipient_limit</a> ($<a href="postconf.5.html#default_destination_recipient_limit">default_destina</a>-</b>
+ <b><a href="postconf.5.html#default_destination_recipient_limit">tion_recipient_limit</a>)</b>
+- The maximal number of recipients per delivery via
++ The maximal number of recipients per delivery via
+ the virtual message delivery transport.
+
+ <b><a href="postconf.5.html#virtual_mailbox_limit">virtual_mailbox_limit</a> (51200000)</b>
+- The maximal size in bytes of an individual mailbox
++ The maximal size in bytes of an individual mailbox
+ or maildir file, or zero (no limit).
+
+ <b>MISCELLANEOUS CONTROLS</b>
+ <b><a href="postconf.5.html#config_directory">config_directory</a> (see 'postconf -d' output)</b>
+- The default location of the Postfix <a href="postconf.5.html">main.cf</a> and
++ The default location of the Postfix <a href="postconf.5.html">main.cf</a> and
+ <a href="master.5.html">master.cf</a> configuration files.
+
+ <b><a href="postconf.5.html#daemon_timeout">daemon_timeout</a> (18000s)</b>
+- How much time a Postfix daemon process may take to
+- handle a request before it is terminated by a
++ How much time a Postfix daemon process may take to
++ handle a request before it is terminated by a
+ built-in watchdog timer.
+
+ <b><a href="postconf.5.html#delay_logging_resolution_limit">delay_logging_resolution_limit</a> (2)</b>
+- The maximal number of digits after the decimal
++ The maximal number of digits after the decimal
+ point when logging sub-second delay values.
+
+ <b><a href="postconf.5.html#ipc_timeout">ipc_timeout</a> (3600s)</b>
+@@ -252,33 +258,33 @@ VIRTUAL(8) VIRTUAL(8)
+ over an internal communication channel.
+
+ <b><a href="postconf.5.html#max_idle">max_idle</a> (100s)</b>
+- The maximum amount of time that an idle Postfix
+- daemon process waits for an incoming connection
++ The maximum amount of time that an idle Postfix
++ daemon process waits for an incoming connection
+ before terminating voluntarily.
+
+ <b><a href="postconf.5.html#max_use">max_use</a> (100)</b>
+- The maximal number of incoming connections that a
+- Postfix daemon process will service before termi-
++ The maximal number of incoming connections that a
++ Postfix daemon process will service before termi-
+ nating voluntarily.
+
+ <b><a href="postconf.5.html#process_id">process_id</a> (read-only)</b>
+- The process ID of a Postfix command or daemon
++ The process ID of a Postfix command or daemon
+ process.
+
+ <b><a href="postconf.5.html#process_name">process_name</a> (read-only)</b>
+- The process name of a Postfix command or daemon
++ The process name of a Postfix command or daemon
+ process.
+
+ <b><a href="postconf.5.html#queue_directory">queue_directory</a> (see 'postconf -d' output)</b>
+- The location of the Postfix top-level queue direc-
++ The location of the Postfix top-level queue direc-
+ tory.
+
+ <b><a href="postconf.5.html#syslog_facility">syslog_facility</a> (mail)</b>
+ The syslog facility of Postfix logging.
+
+ <b><a href="postconf.5.html#syslog_name">syslog_name</a> (postfix)</b>
+- The mail system name that is prepended to the
+- process name in syslog records, so that "smtpd"
++ The mail system name that is prepended to the
++ process name in syslog records, so that "smtpd"
+ becomes, for example, "postfix/smtpd".
+
+ <b>SEE ALSO</b>
+@@ -291,20 +297,20 @@ VIRTUAL(8) VIRTUAL(8)
+ <a href="VIRTUAL_README.html">VIRTUAL_README</a>, domain hosting howto
+
+ <b>LICENSE</b>
+- The Secure Mailer license must be distributed with this
++ The Secure Mailer license must be distributed with this
+ software.
+
+ <b>HISTORY</b>
+- This delivery agent was originally based on the Postfix
+- local delivery agent. Modifications mainly consisted of
+- removing code that either was not applicable or that was
+- not safe in this context: aliases, ~user/.forward files,
++ This delivery agent was originally based on the Postfix
++ local delivery agent. Modifications mainly consisted of
++ removing code that either was not applicable or that was
++ not safe in this context: aliases, ~user/.forward files,
+ delivery to "|command" or to /file/name.
+
+ The <b>Delivered-To:</b> message header appears in the <b>qmail</b> sys-
+ tem by Daniel Bernstein.
+
+- The <b>maildir</b> structure appears in the <b>qmail</b> system by
++ The <b>maildir</b> structure appears in the <b>qmail</b> system by
+ Daniel Bernstein.
+
+ <b>AUTHOR(S)</b>
+diff --git a/man/man5/postconf.5 b/man/man5/postconf.5
+index 7af763b..ba9f36a 100644
+--- a/man/man5/postconf.5
++++ b/man/man5/postconf.5
+@@ -7062,6 +7062,11 @@ This feature should not be enabled on a general purpose mail server,
+ because it is likely to reject legitimate email.
+ .PP
+ This feature is available in Postfix 2.0 and later.
++.SH strict_mailbox_ownership (default: yes)
++Defer delivery when a mailbox file is not owned by its recipient.
++The default setting is not backwards compatible.
++.PP
++This feature is available in Postfix 2.4.7-r1 and later.
+ .SH strict_mime_encoding_domain (default: no)
+ Reject mail with invalid Content-Transfer-Encoding: information
+ for the message/* or multipart/* MIME content types. This blocks
+diff --git a/man/man8/local.8 b/man/man8/local.8
+index 4452007..5af15a9 100644
+--- a/man/man8/local.8
++++ b/man/man8/local.8
+@@ -412,6 +412,10 @@ Update the \fBlocal\fR(8) delivery agent's idea of the Delivered-To:
+ address (see prepend_delivered_header) only once, at the start of
+ a delivery attempt; do not update the Delivered-To: address while
+ expanding aliases or .forward files.
++.PP
++Available in Postfix version 2.4.7-r1 and later:
++.IP "\fBstrict_mailbox_ownership (yes)\fR"
++Defer delivery when a mailbox file is not owned by its recipient.
+ .SH "DELIVERY METHOD CONTROLS"
+ .na
+ .nf
+@@ -510,7 +514,7 @@ Restrict \fBlocal\fR(8) mail delivery to external commands.
+ Restrict \fBlocal\fR(8) mail delivery to external files.
+ .IP "\fBcommand_expansion_filter (see 'postconf -d' output)\fR"
+ Restrict the characters that the \fBlocal\fR(8) delivery agent allows in
+-$name expansions of $mailbox_command.
++$name expansions of $mailbox_command and $command_execution_directory.
+ .IP "\fBdefault_privs (nobody)\fR"
+ The default rights used by the \fBlocal\fR(8) delivery agent for delivery
+ to external file or command.
+@@ -522,6 +526,10 @@ Available in Postfix version 2.2 and later:
+ .IP "\fBexecution_directory_expansion_filter (see 'postconf -d' output)\fR"
+ Restrict the characters that the \fBlocal\fR(8) delivery agent allows
+ in $name expansions of $command_execution_directory.
++.PP
++Available in Postfix version 2.4.7-r1 and later:
++.IP "\fBstrict_mailbox_ownership (yes)\fR"
++Defer delivery when a mailbox file is not owned by its recipient.
+ .SH "MISCELLANEOUS CONTROLS"
+ .na
+ .nf
+diff --git a/man/man8/virtual.8 b/man/man8/virtual.8
+index b45ac26..22e41b5 100644
+--- a/man/man8/virtual.8
++++ b/man/man8/virtual.8
+@@ -213,6 +213,10 @@ mail is delivered via the $virtual_transport mail delivery transport.
+ .IP "\fBvirtual_transport (virtual)\fR"
+ The default mail delivery transport and next-hop destination for
+ final delivery to domains listed with $virtual_mailbox_domains.
++.PP
++Available in Postfix version 2.4.7-r1 and later:
++.IP "\fBstrict_mailbox_ownership (yes)\fR"
++Defer delivery when a mailbox file is not owned by its recipient.
+ .SH "LOCKING CONTROLS"
+ .na
+ .nf
+diff --git a/mantools/postlink b/mantools/postlink
+index b4771d9..e2503ca 100755
+--- a/mantools/postlink
++++ b/mantools/postlink
+@@ -496,6 +496,7 @@ while (<>) {
+ s;\bstrict_8bitmime\b;<a href="postconf.5.html#strict_8bitmime">$&</a>;g;
+ s;\bstrict_8bitmime_body\b;<a href="postconf.5.html#strict_8bitmime_body">$&</a>;g;
+ s;\bstrict_mime_encoding_domain\b;<a href="postconf.5.html#strict_mime_encoding_domain">$&</a>;g;
++ s;\bstrict_mailbox_ownership\b;<a href="postconf.5.html#strict_mailbox_ownership">$&</a>;g;
+ s;\bstrict_rfc821_envelopes\b;<a href="postconf.5.html#strict_rfc821_envelopes">$&</a>;g;
+ s;\bsun_mailtool_compatibility\b;<a href="postconf.5.html#sun_mailtool_compatibility">$&</a>;g;
+ s;\bswap_bangpath\b;<a href="postconf.5.html#swap_bangpath">$&</a>;g;
+diff --git a/proto/postconf.proto b/proto/postconf.proto
+index f5a90ed..7761e7e 100644
+--- a/proto/postconf.proto
++++ b/proto/postconf.proto
+@@ -10586,3 +10586,10 @@ to the SASL authcid, but this causes inter-operability problems
+ with some SMTP servers. </p>
+
+ <p> This feature is available in Postfix 2.4.4 and later. </p>
++
++%PARAM strict_mailbox_ownership yes
++
++<p> Defer delivery when a mailbox file is not owned by its recipient.
++The default setting is not backwards compatible. </p>
++
++<p> This feature is available in Postfix 2.4.7-r1 and later. </p>
+diff --git a/src/global/mail_params.h b/src/global/mail_params.h
+index 2785921..9cf6216 100644
+--- a/src/global/mail_params.h
++++ b/src/global/mail_params.h
+@@ -2783,6 +2783,13 @@ extern char *var_milt_v;
+ #define DEF_INT_FILT_CLASSES ""
+ extern char *var_int_filt_classes;
+
++ /*
++ * Mailbox ownership.
++ */
++#define VAR_STRICT_MBOX_OWNER "strict_mailbox_ownership"
++#define DEF_STRICT_MBOX_OWNER 1
++extern bool var_strict_mbox_owner;
++
+ /* LICENSE
+ /* .ad
+ /* .fi
+diff --git a/src/global/mail_version.h b/src/global/mail_version.h
+index ae94ab9..7ceadad 100644
+--- a/src/global/mail_version.h
++++ b/src/global/mail_version.h
+@@ -20,8 +20,8 @@
+ * Patches change both the patchlevel and the release date. Snapshots have no
+ * patchlevel; they change the release date only.
+ */
+-#define MAIL_RELEASE_DATE "20080131"
+-#define MAIL_VERSION_NUMBER "2.4.7"
++#define MAIL_RELEASE_DATE "20080726"
++#define MAIL_VERSION_NUMBER "2.4.7-r1"
+
+ #ifdef SNAPSHOT
+ # define MAIL_VERSION_DATE "-" MAIL_RELEASE_DATE
+diff --git a/src/local/local.c b/src/local/local.c
+index 557be6f..72ea49f 100644
+--- a/src/local/local.c
++++ b/src/local/local.c
+@@ -378,6 +378,10 @@
+ /* address (see prepend_delivered_header) only once, at the start of
+ /* a delivery attempt; do not update the Delivered-To: address while
+ /* expanding aliases or .forward files.
++/* .PP
++/* Available in Postfix version 2.4.7-r1 and later:
++/* .IP "\fBstrict_mailbox_ownership (yes)\fR"
++/* Defer delivery when a mailbox file is not owned by its recipient.
+ /* DELIVERY METHOD CONTROLS
+ /* .ad
+ /* .fi
+@@ -468,7 +472,7 @@
+ /* Restrict \fBlocal\fR(8) mail delivery to external files.
+ /* .IP "\fBcommand_expansion_filter (see 'postconf -d' output)\fR"
+ /* Restrict the characters that the \fBlocal\fR(8) delivery agent allows in
+-/* $name expansions of $mailbox_command.
++/* $name expansions of $mailbox_command and $command_execution_directory.
+ /* .IP "\fBdefault_privs (nobody)\fR"
+ /* The default rights used by the \fBlocal\fR(8) delivery agent for delivery
+ /* to external file or command.
+@@ -480,6 +484,10 @@
+ /* .IP "\fBexecution_directory_expansion_filter (see 'postconf -d' output)\fR"
+ /* Restrict the characters that the \fBlocal\fR(8) delivery agent allows
+ /* in $name expansions of $command_execution_directory.
++/* .PP
++/* Available in Postfix version 2.4.7-r1 and later:
++/* .IP "\fBstrict_mailbox_ownership (yes)\fR"
++/* Defer delivery when a mailbox file is not owned by its recipient.
+ /* MISCELLANEOUS CONTROLS
+ /* .ad
+ /* .fi
+@@ -641,6 +649,7 @@ int var_mailtool_compat;
+ char *var_mailbox_lock;
+ int var_mailbox_limit;
+ bool var_frozen_delivered;
++bool var_strict_mbox_owner;
+
+ int local_cmd_deliver_mask;
+ int local_file_deliver_mask;
+@@ -887,6 +896,7 @@ int main(int argc, char **argv)
+ VAR_STAT_HOME_DIR, DEF_STAT_HOME_DIR, &var_stat_home_dir,
+ VAR_MAILTOOL_COMPAT, DEF_MAILTOOL_COMPAT, &var_mailtool_compat,
+ VAR_FROZEN_DELIVERED, DEF_FROZEN_DELIVERED, &var_frozen_delivered,
++ VAR_STRICT_MBOX_OWNER, DEF_STRICT_MBOX_OWNER, &var_strict_mbox_owner,
+ 0,
+ };
+
+diff --git a/src/local/mailbox.c b/src/local/mailbox.c
+index 92bd79d..d35ef66 100644
+--- a/src/local/mailbox.c
++++ b/src/local/mailbox.c
+@@ -194,6 +194,12 @@ static int deliver_mailbox_file(LOCAL_STATE state, USER_ATTR usr_attr)
+ vstream_fclose(mp->fp);
+ dsb_simple(why, "5.2.0",
+ "destination %s is not a regular file", mailbox);
++ } else if (var_strict_mbox_owner && st.st_uid != usr_attr.uid) {
++ vstream_fclose(mp->fp);
++ dsb_simple(why, "4.2.0",
++ "destination %s is not owned by recipient", mailbox);
++ msg_warn("specify \"%s = no\" to ignore mailbox ownership mismatch",
++ VAR_STRICT_MBOX_OWNER);
+ } else {
+ end = vstream_fseek(mp->fp, (off_t) 0, SEEK_END);
+ mail_copy_status = mail_copy(COPY_ATTR(state.msg_attr), mp->fp,
+diff --git a/src/virtual/mailbox.c b/src/virtual/mailbox.c
+index 09fc54b..f0ad6eb 100644
+--- a/src/virtual/mailbox.c
++++ b/src/virtual/mailbox.c
+@@ -125,6 +125,12 @@ static int deliver_mailbox_file(LOCAL_STATE state, USER_ATTR usr_attr)
+ msg_warn("recipient %s: destination %s is not a regular file",
+ state.msg_attr.rcpt.address, usr_attr.mailbox);
+ dsb_simple(why, "5.3.5", "mail system configuration error");
++ } else if (var_strict_mbox_owner && st.st_uid != usr_attr.uid) {
++ vstream_fclose(mp->fp);
++ dsb_simple(why, "4.2.0",
++ "destination %s is not owned by recipient", usr_attr.mailbox);
++ msg_warn("specify \"%s = no\" to ignore mailbox ownership mismatch",
++ VAR_STRICT_MBOX_OWNER);
+ } else {
+ end = vstream_fseek(mp->fp, (off_t) 0, SEEK_END);
+ mail_copy_status = mail_copy(COPY_ATTR(state.msg_attr), mp->fp,
+diff --git a/src/virtual/virtual.c b/src/virtual/virtual.c
+index 7d6e1b8..57b4098 100644
+--- a/src/virtual/virtual.c
++++ b/src/virtual/virtual.c
+@@ -183,6 +183,10 @@
+ /* .IP "\fBvirtual_transport (virtual)\fR"
+ /* The default mail delivery transport and next-hop destination for
+ /* final delivery to domains listed with $virtual_mailbox_domains.
++/* .PP
++/* Available in Postfix version 2.4.7-r1 and later:
++/* .IP "\fBstrict_mailbox_ownership (yes)\fR"
++/* Defer delivery when a mailbox file is not owned by its recipient.
+ /* LOCKING CONTROLS
+ /* .ad
+ /* .fi
+@@ -329,6 +333,7 @@ char *var_virt_mailbox_base;
+ char *var_virt_mailbox_lock;
+ int var_virt_mailbox_limit;
+ char *var_mail_spool_dir; /* XXX dependency fix */
++bool var_strict_mbox_owner;
+
+ /*
+ * Mappings.
+@@ -504,6 +509,10 @@ int main(int argc, char **argv)
+ VAR_VIRT_MAILBOX_LOCK, DEF_VIRT_MAILBOX_LOCK, &var_virt_mailbox_lock, 1, 0,
+ 0,
+ };
++ static const CONFIG_BOOL_TABLE bool_table[] = {
++ VAR_STRICT_MBOX_OWNER, DEF_STRICT_MBOX_OWNER, &var_strict_mbox_owner,
++ 0,
++ };
+
+ /*
+ * Fingerprint executables and core dumps.
+@@ -513,6 +522,7 @@ int main(int argc, char **argv)
+ single_server_main(argc, argv, local_service,
+ MAIL_SERVER_INT_TABLE, int_table,
+ MAIL_SERVER_STR_TABLE, str_table,
++ MAIL_SERVER_BOOL_TABLE, bool_table,
+ MAIL_SERVER_PRE_INIT, pre_init,
+ MAIL_SERVER_POST_INIT, post_init,
+ MAIL_SERVER_PRE_ACCEPT, pre_accept,
diff --git a/mail-mta/postfix/files/postfix-2.5.3-CVE-2008-2936.patch b/mail-mta/postfix/files/postfix-2.5.3-CVE-2008-2936.patch
new file mode 100644
index 000000000000..ea92d7e63f8d
--- /dev/null
+++ b/mail-mta/postfix/files/postfix-2.5.3-CVE-2008-2936.patch
@@ -0,0 +1,44 @@
+diff -Naur postfix-2.5.3.orig/src/util/safe_open.c postfix-2.5.3/src/util/safe_open.c
+--- postfix-2.5.3.orig/src/util/safe_open.c 2006-06-05 01:04:49.000000000 +0200
++++ postfix-2.5.3/src/util/safe_open.c 2008-08-03 16:42:10.882440950 +0200
+@@ -83,6 +83,7 @@
+ #include <msg.h>
+ #include <vstream.h>
+ #include <vstring.h>
++#include <stringops.h>
+ #include <safe_open.h>
+
+ /* safe_open_exist - open existing file */
+@@ -138,13 +139,30 @@
+ * for symlinks owned by root. NEVER, NEVER, make exceptions for symlinks
+ * owned by a non-root user. This would open a security hole when
+ * delivering mail to a world-writable mailbox directory.
++ *
++ * The semantics of link(symlink, target) has changed over time.
++ * Traditionally, UNIX systems hardlink the target of the symlink.
++ * However, some systems hardlink the symlink itself. The latter behavior
++ * was introduced with Solaris 2.0, and with Linux kernel 2.0. Sebastian
++ * Krahmer of SuSE found that hardlinks to symlinks could be used to
++ * append mail for root to a sensitive file. For this reason, we not
++ * only require that a symlink is owned by root, but we now also require
++ * that its parent directory is writable only by root.
+ */
+ else if (lstat(path, &lstat_st) < 0) {
+ vstring_sprintf(why, "file status changed unexpectedly: %m");
+ errno = EPERM;
+ } else if (S_ISLNK(lstat_st.st_mode)) {
+- if (lstat_st.st_uid == 0)
+- return (fp);
++ if (lstat_st.st_uid == 0) {
++ struct stat parent_st;
++ const char *parent;
++
++ parent = sane_dirname((VSTRING *) 0, path);
++ if (stat(parent, &parent_st) == 0 /* real parent */
++ && parent_st.st_uid == 0
++ && (parent_st.st_mode & (S_IWGRP | S_IWOTH)) == 0)
++ return (fp);
++ }
+ vstring_sprintf(why, "file is a symbolic link");
+ errno = EPERM;
+ } else if (fstat_st->st_dev != lstat_st.st_dev
diff --git a/mail-mta/postfix/postfix-2.4.7-r1.ebuild b/mail-mta/postfix/postfix-2.4.7-r1.ebuild
new file mode 100644
index 000000000000..5b654591c479
--- /dev/null
+++ b/mail-mta/postfix/postfix-2.4.7-r1.ebuild
@@ -0,0 +1,380 @@
+# Copyright 1999-2008 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/mail-mta/postfix/postfix-2.4.7-r1.ebuild,v 1.1 2008/08/14 12:33:40 falco Exp $
+
+# NOTE: this ebuild is a regular ebuild without mailer-config support!
+# Comment lines below "regular ebuild" and uncomment lines below "mailer-config support"
+# to turn this ebuild to a mailer-config enabled ebuild.
+
+# regular ebuild
+inherit eutils multilib ssl-cert toolchain-funcs flag-o-matic pam
+# mailer-config support
+#inherit eutils multilib ssl-cert toolchain-funcs flag-o-matic mailer pam
+
+KEYWORDS="alpha amd64 ~arm hppa ia64 ~mips ppc ppc64 ~s390 ~sh sparc x86 ~x86-fbsd"
+
+# regular ebuild
+IUSE="cdb dovecot-sasl hardened ipv6 ldap mailwrapper mbox mysql nis pam postgres sasl selinux ssl vda"
+# mailer-config support
+#IUSE="cdb dovecot-sasl hardened ipv6 ldap mbox mysql nis pam postgres sasl selinux ssl vda"
+
+MY_PV="${PV/_rc/-RC}"
+MY_SRC="${PN}-${MY_PV}"
+MY_URI="ftp://ftp.porcupine.org/mirrors/postfix-release/official"
+VDA_P="${PN}-2.4.6-vda-ng-r2"
+RC_VER="2.5"
+
+DESCRIPTION="A fast and secure drop-in replacement for sendmail."
+HOMEPAGE="http://www.postfix.org/"
+SRC_URI="${MY_URI}/${MY_SRC}.tar.gz
+ vda? ( http://gentoo.longitekk.com/${VDA_P}.patch.gz ) "
+
+LICENSE="IPL-1"
+SLOT="0"
+
+# regular ebuild
+PROVIDE="virtual/mta virtual/mda"
+# mailer-config support
+#PROVIDE="${PROVIDE} virtual/mda"
+
+DEPEND=">=sys-libs/db-3.2
+ >=dev-libs/libpcre-3.4
+ cdb? ( || ( >=dev-db/cdb-0.75-r1 >=dev-db/tinycdb-0.76 ) )
+ ldap? ( >=net-nds/openldap-1.2 )
+ mysql? ( virtual/mysql )
+ pam? ( virtual/pam )
+ postgres? ( virtual/postgresql-base )
+ sasl? ( >=dev-libs/cyrus-sasl-2 )
+ ssl? ( >=dev-libs/openssl-0.9.6g )"
+
+# regular ebuild
+RDEPEND="${DEPEND}
+ >=net-mail/mailbase-0.00
+ !mailwrapper? ( !virtual/mta )
+ mailwrapper? ( >=net-mail/mailwrapper-0.2 )
+ selinux? ( sec-policy/selinux-postfix )"
+
+# mailer-config support
+#RDEPEND="${DEPEND}
+# >=net-mail/mailbase-0.00
+# selinux? ( sec-policy/selinux-postfix )"
+
+S="${WORKDIR}/${MY_SRC}"
+
+group_user_check() {
+ einfo "Checking for postfix group ..."
+ enewgroup postfix 207
+ einfo "Checking for postdrop group ..."
+ enewgroup postdrop 208
+ einfo "Checking for postfix user ..."
+ enewuser postfix 207 -1 /var/spool/postfix postfix,mail
+}
+
+pkg_setup() {
+ # Do not upgrade live from Postfix <2.4
+ if [[ -f /var/lib/init.d/started/postfix ]] ; then
+ if has_version '<mail-mta/postfix-2.4.0' ; then
+ if [[ "${FORCE_UPGRADE}" ]] ; then
+ echo
+ ewarn "You are upgrading from an incompatible version and you have"
+ ewarn "FORCE_UPGRADE set, will build this package while Postfix is running."
+ ewarn "You MUST stop Postfix BEFORE installing this version to your system."
+ echo
+ else
+ echo
+ eerror "You are upgrading from an incompatible version."
+ eerror "You MUST stop Postfix BEFORE installing this version to your system."
+ eerror "If you want minimal downtime, emerge postfix with:"
+ eerror " FORCE_UPGRADE=1 emerge --buildpkgonly postfix"
+ eerror " /etc/init.d/postfix stop"
+ eerror " emerge --usepkgonly postfix"
+ eerror "Then run etc-update or dispatch-conf and merge the configuration files."
+ eerror "Then restart Postfix with: /etc/init.d/postfix start"
+ die "Upgrade from an incompatible version!"
+ echo
+ fi
+ else
+ echo
+ ewarn "It's safe to upgrade your current version while it's running."
+ ewarn "If you don't want to take any chance, please hit Ctrl+C now,"
+ ewarn "stop Postfix, then emerge again."
+ ewarn "You have been warned!"
+ ewarn "Waiting 5 seconds before continuing ..."
+ echo
+ epause 5
+ fi
+ fi
+
+ echo
+ ewarn "Read \"ftp://ftp.porcupine.org/mirrors/postfix-release/official/${MY_SRC}.RELEASE_NOTES\""
+ ewarn "for incompatible changes before continueing."
+ ewarn "Bugs should be filed at \"http://bugs.gentoo.org/\" and"
+ ewarn "assigned to \"net-mail@gentoo.org\"."
+ echo
+
+ # Warnings to work around bug #45764
+ if has_version '<=mail-mta/postfix-2.0.18' ; then
+ echo
+ ewarn "You are upgrading from postfix-2.0.18 or earlier, some of the empty queue"
+ ewarn "directories get deleted while unmerging the older version (see bug #45764)."
+ ewarn "Please run '/etc/postfix/post-install upgrade-source' to recreate them."
+ echo
+ fi
+
+ # TLS non-prod warning
+ if use ssl ; then
+ echo
+ ewarn "You have \"ssl\" in your USE flags, TLS will be enabled."
+ ewarn "This service is incompatible with the previous TLS patch."
+ ewarn "Visit http://www.postfix.org/TLS_README.html for more info."
+ echo
+ fi
+
+ # IPV6 non-prod warn
+ if use ipv6 ; then
+ echo
+ ewarn "You have \"ipv6\" in your USE flags, IPV6 will be enabled."
+ ewarn "Visit http://www.postfix.org/IPV6_README.html for more info."
+ echo
+ fi
+
+ # SASL non-prod warning
+ if use sasl ; then
+ echo
+ elog "Postfix 2.3 and newer supports two SASL implementations."
+ elog "Cyrus SASL and Dovecot protocol version 1 (server only)"
+ elog "Visit http://www.postfix.org/SASL_README.html for more info."
+ echo
+ fi
+
+ # Add postfix, postdrop user/group (bug #77565)
+ group_user_check || die "Failed to check/add needed user/group"
+}
+
+src_unpack() {
+ unpack ${A}
+ cd "${S}"
+
+ if use vda ; then
+ epatch "${WORKDIR}/${VDA_P}.patch"
+ fi
+
+ epatch "${FILESDIR}/${P}-CVE-2008-2936.patch"
+ epatch "${FILESDIR}/${P}-CVE-2008-2937.patch"
+
+ sed -i -e "/^#define ALIAS_DB_MAP/s|:/etc/aliases|:/etc/mail/aliases|" \
+ src/util/sys_defs.h || die "sed failed"
+
+ # change default paths to better comply with portage standard paths
+ sed -i -e "s:/usr/local/:/usr/:g" conf/master.cf || die "sed failed"
+}
+
+src_compile() {
+ # 1) Added -Wl,-z,now wrt bug #62674
+ # 2) Remove -ldl as it is not necessary, solves bug #106446
+ # 3) -Wl,-z,now replaced by $(bindnow-flags)
+ # 4) Then bindnow-flags has been simply dropped according to
+ # http://www.mail-archive.com/gentoo-dev@lists.gentoo.org/msg23679.html
+ # 5) Make sure LDFLAGS get passed down to the executables.
+ local mycc="-DHAS_PCRE" mylibs="${LDFLAGS} -lpcre -lcrypt -lpthread"
+
+ use pam && mylibs="${mylibs} -lpam"
+
+ if use ldap ; then
+ mycc="${mycc} -DHAS_LDAP"
+ mylibs="${mylibs} -lldap -llber"
+ fi
+
+ if use mysql ; then
+ mycc="${mycc} -DHAS_MYSQL -I/usr/include/mysql"
+ mylibs="${mylibs} -lmysqlclient -lm -lz"
+ fi
+
+ if use postgres ; then
+ if best_version '=virtual/postgresql-base-7.3*' ; then
+ mycc="${mycc} -DHAS_PGSQL -I/usr/include/postgresql"
+ else
+ mycc="${mycc} -DHAS_PGSQL -I/usr/include/postgresql/pgsql"
+ fi
+ mylibs="${mylibs} -lpq"
+ fi
+
+ if use ssl ; then
+ mycc="${mycc} -DUSE_TLS"
+ mylibs="${mylibs} -lssl -lcrypto"
+ fi
+
+ if use sasl ; then
+ if use dovecot-sasl ; then
+ # Set dovecot as default.
+ mycc="${mycc} -DDEF_SASL_SERVER=\\\"dovecot\\\""
+ fi
+ mycc="${mycc} -DUSE_SASL_AUTH -DUSE_CYRUS_SASL -I/usr/include/sasl"
+ mylibs="${mylibs} -lsasl2"
+ elif use dovecot-sasl ; then
+ mycc="${mycc} -DUSE_SASL_AUTH -DDEF_SERVER_SASL_TYPE=\\\"dovecot\\\""
+ fi
+
+ if ! use nis ; then
+ sed -i -e "s|#define HAS_NIS|//#define HAS_NIS|g" \
+ src/util/sys_defs.h || die "sed failed"
+ fi
+
+ if use cdb ; then
+ mycc="${mycc} -DHAS_CDB"
+ CDB_LIBS=""
+
+ # Tinycdb is preferred.
+ if has_version dev-db/tinycdb ; then
+ einfo "Building with dev-db/tinycdb"
+ CDB_LIBS="-lcdb"
+ else
+ einfo "Building with dev-db/cdb"
+ CDB_PATH="/usr/$(get_libdir)"
+ for i in cdb.a alloc.a buffer.a unix.a byte.a ; do
+ CDB_LIBS="${CDB_LIBS} ${CDB_PATH}/${i}"
+ done
+ fi
+
+ mylibs="${mylibs} ${CDB_LIBS}"
+ fi
+
+ mycc="${mycc} -DDEF_DAEMON_DIR=\\\"/usr/$(get_libdir)/postfix\\\""
+ mycc="${mycc} -DDEF_MANPAGE_DIR=\\\"/usr/share/man\\\""
+ mycc="${mycc} -DDEF_README_DIR=\\\"/usr/share/doc/${PF}/readme\\\""
+ mycc="${mycc} -DDEF_HTML_DIR=\\\"/usr/share/doc/${PF}/html\\\""
+
+ # Robin H. Johnson <robbat2@gentoo.org> 17/Nov/2006
+ # Fix because infra boxes hit 2Gb .db files that fail a 32-bit fstat signed check.
+ mycc="${mycc} -D_FILE_OFFSET_BITS=64 -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE"
+ filter-lfs-flags
+
+ local my_cc=$(tc-getCC)
+ einfo "CC=${my_cc:=gcc}"
+
+ # Workaround for bug #76512
+ [[ "$(gcc-version)" == "3.4" ]] && use hardened && replace-flags -O? -Os
+
+ make DEBUG="" CC="${my_cc:=gcc}" OPT="${CFLAGS}" CCARGS="${mycc}" AUXLIBS="${mylibs}" \
+ makefiles || die "configure problem"
+
+ emake || die "compile problem"
+}
+
+src_install () {
+ /bin/sh postfix-install \
+ -non-interactive \
+ install_root="${D}" \
+ config_directory="/usr/share/doc/${PF}/defaults" \
+ readme_directory="/usr/share/doc/${PF}/readme" \
+ || die "postfix-install failed"
+
+ # Fix spool removal on upgrade
+ rm -Rf "${D}/var"
+ keepdir /var/spool/postfix
+
+ # Install rmail for UUCP, closes bug #19127
+ dobin auxiliary/rmail/rmail
+
+ # mailwrapper stuff
+ if use mailwrapper ; then
+ mv "${D}/usr/sbin/sendmail" "${D}/usr/sbin/sendmail.postfix"
+ mv "${D}/usr/bin/rmail" "${D}/usr/bin/rmail.postfix"
+ # mailer-config support
+ #rm "${D}/usr/bin/mailq" "${D}/usr/bin/newaliases"
+
+ mv "${D}/usr/share/man/man1/sendmail.1" \
+ "${D}/usr/share/man/man1/sendmail-postfix.1"
+ mv "${D}/usr/share/man/man1/newaliases.1" \
+ "${D}/usr/share/man/man1/newaliases-postfix.1"
+ mv "${D}/usr/share/man/man1/mailq.1" \
+ "${D}/usr/share/man/man1/mailq-postfix.1"
+ mv "${D}/usr/share/man/man5/aliases.5" \
+ "${D}/usr/share/man/man5/aliases-postfix.5"
+
+ # regular ebuild
+ insinto /etc/mail
+ doins "${FILESDIR}/mailer.conf"
+ # mailer-config support
+ #mailer_install_conf
+ else
+ # Provide another link for legacy FSH
+ dosym /usr/sbin/sendmail /usr/$(get_libdir)/sendmail
+ fi
+
+ # Install qshape tool
+ dobin auxiliary/qshape/qshape.pl
+
+ # Performance tuning tools and their manuals
+ dosbin bin/smtp-{source,sink} bin/qmqp-{source,sink}
+ doman man/man1/smtp-{source,sink}.1 man/man1/qmqp-{source,sink}.1
+
+ # Set proper permissions on required files/directories
+ fowners root:postdrop /usr/sbin/post{drop,queue}
+ fperms 02711 /usr/sbin/post{drop,queue}
+
+ keepdir /etc/postfix
+ mv "${D}"/usr/share/doc/${PF}/defaults/{*.cf,post*-*} "${D}"/etc/postfix
+ if use mbox ; then
+ mypostconf="mail_spool_directory=/var/spool/mail"
+ else
+ mypostconf="home_mailbox=.maildir/"
+ fi
+ "${D}/usr/sbin/postconf" -c "${D}/etc/postfix" \
+ -e ${mypostconf} || die "postconf failed"
+
+ insinto /etc/postfix
+ newins "${FILESDIR}/smtp.pass" saslpass
+ fperms 600 /etc/postfix/saslpass
+
+ newinitd "${FILESDIR}/postfix.rc6.${RC_VER}" postfix || die "newinitd failed"
+
+ mv "${S}/examples" "${D}/usr/share/doc/${PF}/"
+ dodoc *README COMPATIBILITY HISTORY INSTALL PORTING RELEASE_NOTES*
+ dohtml html/*
+
+ pamd_mimic_system smtp auth account
+
+ if use sasl ; then
+ insinto /etc/sasl2
+ newins "${FILESDIR}/smtp.sasl" smtpd.conf
+ fi
+}
+
+pkg_postinst() {
+ # Add postfix, postdrop user/group (bug #77565)
+ group_user_check || die "Failed to check/add needed user/group"
+
+ # Do not install server.{key,pem) SSL certificates if they already exist
+ if use ssl && [[ ! -f "${ROOT}"/etc/ssl/postfix/server.key \
+ && ! -f "${ROOT}"/etc/ssl/postfix/server.pem ]] ; then
+ SSL_ORGANIZATION="${SSL_ORGANIZATION:-Postfix SMTP Server}"
+ install_cert /etc/ssl/postfix/server
+ chown postfix:mail "${ROOT}"/etc/ssl/postfix/server.{key,pem}
+ fi
+
+ ebegin "Fixing queue directories and permissions"
+ "${ROOT}/etc/postfix/post-install" upgrade-permissions
+ echo
+ ewarn "If you upgraded from Postfix-1.x, you must revisit"
+ ewarn "your configuration files. See"
+ ewarn " /usr/share/doc/${PF}/RELEASE_NOTES"
+ ewarn "for a list of changes."
+
+ if [[ ! -e /etc/mail/aliases.db ]] ; then
+ echo
+ ewarn "You must edit /etc/mail/aliases to suit your needs"
+ ewarn "and then run /usr/bin/newaliases. Postfix will not"
+ ewarn "work correctly without it."
+ fi
+
+ # regular ebuild
+ if ! use mailwrapper && [[ -e /etc/mailer.conf ]] ; then
+ einfo
+ einfo "Since you emerged Postfix without mailwrapper in USE,"
+ einfo "you may want to 'emerge -C mailwrapper' now."
+ einfo
+ fi
+ # mailer-config support
+ #mailer_pkg_postinst
+}
diff --git a/mail-mta/postfix/postfix-2.5.3-r1.ebuild b/mail-mta/postfix/postfix-2.5.3-r1.ebuild
new file mode 100644
index 000000000000..96d7af5c5ffb
--- /dev/null
+++ b/mail-mta/postfix/postfix-2.5.3-r1.ebuild
@@ -0,0 +1,385 @@
+# Copyright 1999-2008 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/mail-mta/postfix/postfix-2.5.3-r1.ebuild,v 1.1 2008/08/14 12:33:40 falco Exp $
+
+# NOTE: this ebuild is a regular ebuild without mailer-config support!
+# Comment lines below "regular ebuild" and uncomment lines below "mailer-config support"
+# to turn this ebuild to a mailer-config enabled ebuild.
+
+# regular ebuild
+inherit eutils multilib ssl-cert toolchain-funcs flag-o-matic pam
+# mailer-config support
+#inherit eutils multilib ssl-cert toolchain-funcs flag-o-matic mailer pam
+
+KEYWORDS="alpha amd64 ~arm hppa ia64 ppc ppc64 ~s390 ~sh sparc x86 ~x86-fbsd"
+
+# regular ebuild
+IUSE="cdb dovecot-sasl hardened ipv6 ldap mailwrapper mbox mysql nis pam postgres sasl selinux ssl vda"
+# mailer-config support
+#IUSE="cdb dovecot-sasl hardened ipv6 ldap mbox mysql nis pam postgres sasl selinux ssl vda"
+
+MY_PV="${PV/_rc/-RC}"
+MY_SRC="${PN}-${MY_PV}"
+MY_URI="ftp://ftp.porcupine.org/mirrors/postfix-release/official"
+VDA_PV="2.5.3"
+VDA_P="${PN}-${VDA_PV}-vda-ng"
+RC_VER="2.5"
+
+DESCRIPTION="A fast and secure drop-in replacement for sendmail."
+HOMEPAGE="http://www.postfix.org/"
+SRC_URI="${MY_URI}/${MY_SRC}.tar.gz
+ vda? ( http://vda.sourceforge.net/VDA/${VDA_P}.patch.gz ) "
+
+LICENSE="IPL-1"
+SLOT="0"
+
+# regular ebuild
+PROVIDE="virtual/mta virtual/mda"
+# mailer-config support
+#PROVIDE="${PROVIDE} virtual/mda"
+
+DEPEND=">=sys-libs/db-3.2
+ >=dev-libs/libpcre-3.4
+ cdb? ( || ( >=dev-db/cdb-0.75-r1 >=dev-db/tinycdb-0.76 ) )
+ ldap? ( >=net-nds/openldap-1.2 )
+ mysql? ( virtual/mysql )
+ pam? ( virtual/pam )
+ postgres? ( virtual/postgresql-base )
+ sasl? ( >=dev-libs/cyrus-sasl-2 )
+ ssl? ( >=dev-libs/openssl-0.9.6g )"
+
+# regular ebuild
+RDEPEND="${DEPEND}
+ >=net-mail/mailbase-0.00
+ !mailwrapper? (
+ !virtual/mta
+ !net-mail/mailwrapper
+ )
+ mailwrapper? ( >=net-mail/mailwrapper-0.2 )
+ selinux? ( sec-policy/selinux-postfix )"
+
+# mailer-config support
+#RDEPEND="${DEPEND}
+# >=net-mail/mailbase-0.00
+# selinux? ( sec-policy/selinux-postfix )"
+
+S="${WORKDIR}/${MY_SRC}"
+
+group_user_check() {
+ einfo "Checking for postfix group ..."
+ enewgroup postfix 207
+ einfo "Checking for postdrop group ..."
+ enewgroup postdrop 208
+ einfo "Checking for postfix user ..."
+ enewuser postfix 207 -1 /var/spool/postfix postfix,mail
+}
+
+pkg_setup() {
+ # Do not upgrade live from Postfix <2.5
+ if [[ -f /var/lib/init.d/started/postfix ]] ; then
+ if has_version '<mail-mta/postfix-2.5.0' ; then
+ if [[ "${FORCE_UPGRADE}" ]] ; then
+ echo
+ ewarn "You are upgrading from an incompatible version and you have"
+ ewarn "FORCE_UPGRADE set, will build this package while Postfix is running."
+ ewarn "You MUST stop Postfix BEFORE installing this version to your system."
+ echo
+ else
+ echo
+ eerror "You are upgrading from an incompatible version."
+ eerror "You MUST stop Postfix BEFORE installing this version to your system."
+ eerror "If you want minimal downtime, emerge postfix with:"
+ eerror " FORCE_UPGRADE=1 emerge --buildpkgonly postfix"
+ eerror " /etc/init.d/postfix stop"
+ eerror " emerge --usepkgonly postfix"
+ eerror "Then run etc-update or dispatch-conf and merge the configuration files."
+ eerror "Then restart Postfix with: /etc/init.d/postfix start"
+ die "Upgrade from an incompatible version!"
+ echo
+ fi
+ else
+ echo
+ ewarn "It's safe to upgrade your current version while it's running."
+ ewarn "If you don't want to take any chance, please hit Ctrl+C now,"
+ ewarn "stop Postfix, then emerge again."
+ ewarn "You have been warned!"
+ ewarn "Waiting 5 seconds before continuing ..."
+ echo
+ epause 5
+ fi
+ fi
+
+ echo
+ ewarn "Read \"ftp://ftp.porcupine.org/mirrors/postfix-release/official/${MY_SRC}.RELEASE_NOTES\""
+ ewarn "for incompatible changes before continueing."
+ ewarn "Bugs should be filed at \"http://bugs.gentoo.org/\" and"
+ ewarn "assigned to \"net-mail@gentoo.org\"."
+ echo
+
+ # Warnings to work around bug #45764
+ if has_version '<=mail-mta/postfix-2.0.18' ; then
+ echo
+ ewarn "You are upgrading from postfix-2.0.18 or earlier, some of the empty queue"
+ ewarn "directories get deleted while unmerging the older version (see bug #45764)."
+ ewarn "Please run '/etc/postfix/post-install upgrade-source' to recreate them."
+ echo
+ fi
+
+ # TLS non-prod warning
+ if use ssl ; then
+ echo
+ ewarn "You have \"ssl\" in your USE flags, TLS will be enabled."
+ ewarn "This service is incompatible with the previous TLS patch."
+ ewarn "Visit http://www.postfix.org/TLS_README.html for more info."
+ echo
+ fi
+
+ # IPV6 non-prod warn
+ if use ipv6 ; then
+ echo
+ ewarn "You have \"ipv6\" in your USE flags, IPV6 will be enabled."
+ ewarn "Visit http://www.postfix.org/IPV6_README.html for more info."
+ echo
+ fi
+
+ # SASL non-prod warning
+ if use sasl ; then
+ echo
+ elog "Postfix 2.3 and newer supports two SASL implementations."
+ elog "Cyrus SASL and Dovecot protocol version 1 (server only)"
+ elog "Visit http://www.postfix.org/SASL_README.html for more info."
+ echo
+ fi
+
+ # Add postfix, postdrop user/group (bug #77565)
+ group_user_check || die "Failed to check/add needed user/group"
+}
+
+src_unpack() {
+ unpack ${A}
+
+ # bug 232642
+ epatch "${FILESDIR}"/${P}-CVE-2008-2936.patch
+
+ cd "${S}"
+ if use vda ; then
+ epatch "${WORKDIR}/${VDA_P}.patch"
+ fi
+
+ sed -i -e "/^#define ALIAS_DB_MAP/s|:/etc/aliases|:/etc/mail/aliases|" \
+ src/util/sys_defs.h || die "sed failed"
+
+ # change default paths to better comply with portage standard paths
+ sed -i -e "s:/usr/local/:/usr/:g" conf/master.cf || die "sed failed"
+}
+
+src_compile() {
+ # 1) Added -Wl,-z,now wrt bug #62674
+ # 2) Remove -ldl as it is not necessary, solves bug #106446
+ # 3) -Wl,-z,now replaced by $(bindnow-flags)
+ # 4) Then bindnow-flags has been simply dropped according to
+ # http://www.mail-archive.com/gentoo-dev@lists.gentoo.org/msg23679.html
+ # 5) Make sure LDFLAGS get passed down to the executables.
+ local mycc="-DHAS_PCRE" mylibs="${LDFLAGS} -lpcre -lcrypt -lpthread"
+
+ use pam && mylibs="${mylibs} -lpam"
+
+ if use ldap ; then
+ mycc="${mycc} -DHAS_LDAP"
+ mylibs="${mylibs} -lldap -llber"
+ fi
+
+ if use mysql ; then
+ mycc="${mycc} -DHAS_MYSQL $(mysql_config --include)"
+ mylibs="${mylibs} -lmysqlclient -lm -lz"
+ fi
+
+ if use postgres ; then
+ mycc="${mycc} -DHAS_PGSQL -I$(pg_config --includedir)"
+ mylibs="${mylibs} -lpq -L$(pg_config --libdir)"
+ fi
+
+ if use ssl ; then
+ mycc="${mycc} -DUSE_TLS"
+ mylibs="${mylibs} -lssl -lcrypto"
+ fi
+
+ if use sasl ; then
+ if use dovecot-sasl ; then
+ # Set dovecot as default.
+ mycc="${mycc} -DDEF_SASL_SERVER=\\\"dovecot\\\""
+ fi
+ mycc="${mycc} -DUSE_SASL_AUTH -DUSE_CYRUS_SASL -I/usr/include/sasl"
+ mylibs="${mylibs} -lsasl2"
+ elif use dovecot-sasl ; then
+ mycc="${mycc} -DUSE_SASL_AUTH -DDEF_SERVER_SASL_TYPE=\\\"dovecot\\\""
+ fi
+
+ if ! use nis ; then
+ sed -i -e "s|#define HAS_NIS|//#define HAS_NIS|g" \
+ src/util/sys_defs.h || die "sed failed"
+ fi
+
+ if use cdb ; then
+ mycc="${mycc} -DHAS_CDB"
+ CDB_LIBS=""
+
+ # Tinycdb is preferred.
+ if has_version dev-db/tinycdb ; then
+ einfo "Building with dev-db/tinycdb"
+ CDB_LIBS="-lcdb"
+ else
+ einfo "Building with dev-db/cdb"
+ CDB_PATH="/usr/$(get_libdir)"
+ for i in cdb.a alloc.a buffer.a unix.a byte.a ; do
+ CDB_LIBS="${CDB_LIBS} ${CDB_PATH}/${i}"
+ done
+ fi
+
+ mylibs="${mylibs} ${CDB_LIBS}"
+ fi
+
+ mycc="${mycc} -DDEF_DAEMON_DIR=\\\"/usr/$(get_libdir)/postfix\\\""
+ mycc="${mycc} -DDEF_MANPAGE_DIR=\\\"/usr/share/man\\\""
+ mycc="${mycc} -DDEF_README_DIR=\\\"/usr/share/doc/${PF}/readme\\\""
+ mycc="${mycc} -DDEF_HTML_DIR=\\\"/usr/share/doc/${PF}/html\\\""
+
+ # Robin H. Johnson <robbat2@gentoo.org> 17/Nov/2006
+ # Fix because infra boxes hit 2Gb .db files that fail a 32-bit fstat signed check.
+ mycc="${mycc} -D_FILE_OFFSET_BITS=64 -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE"
+ filter-lfs-flags
+
+ local my_cc=$(tc-getCC)
+ einfo "CC=${my_cc:=gcc}"
+
+ # Workaround for bug #76512
+ [[ "$(gcc-version)" == "3.4" ]] && use hardened && replace-flags -O? -Os
+
+ make DEBUG="" CC="${my_cc:=gcc}" OPT="${CFLAGS}" CCARGS="${mycc}" AUXLIBS="${mylibs}" \
+ makefiles || die "configure problem"
+
+ emake || die "compile problem"
+}
+
+src_install () {
+ /bin/sh postfix-install \
+ -non-interactive \
+ install_root="${D}" \
+ config_directory="/usr/share/doc/${PF}/defaults" \
+ readme_directory="/usr/share/doc/${PF}/readme" \
+ || die "postfix-install failed"
+
+ # Fix spool removal on upgrade
+ rm -Rf "${D}/var"
+ keepdir /var/spool/postfix
+
+ # Install rmail for UUCP, closes bug #19127
+ dobin auxiliary/rmail/rmail
+
+ # mailwrapper stuff
+ if use mailwrapper ; then
+ mv "${D}/usr/sbin/sendmail" "${D}/usr/sbin/sendmail.postfix"
+ mv "${D}/usr/bin/rmail" "${D}/usr/bin/rmail.postfix"
+ # mailer-config support
+ #rm "${D}/usr/bin/mailq" "${D}/usr/bin/newaliases"
+
+ mv "${D}/usr/share/man/man1/sendmail.1" \
+ "${D}/usr/share/man/man1/sendmail-postfix.1"
+ mv "${D}/usr/share/man/man1/newaliases.1" \
+ "${D}/usr/share/man/man1/newaliases-postfix.1"
+ mv "${D}/usr/share/man/man1/mailq.1" \
+ "${D}/usr/share/man/man1/mailq-postfix.1"
+ mv "${D}/usr/share/man/man5/aliases.5" \
+ "${D}/usr/share/man/man5/aliases-postfix.5"
+
+ # regular ebuild
+ insinto /etc/mail
+ doins "${FILESDIR}/mailer.conf"
+ # mailer-config support
+ #mailer_install_conf
+ else
+ # Provide another link for legacy FSH
+ dosym /usr/sbin/sendmail /usr/$(get_libdir)/sendmail
+ fi
+
+ # Install qshape tool
+ dobin auxiliary/qshape/qshape.pl
+
+ # Performance tuning tools and their manuals
+ dosbin bin/smtp-{source,sink} bin/qmqp-{source,sink}
+ doman man/man1/smtp-{source,sink}.1 man/man1/qmqp-{source,sink}.1
+
+ # Set proper permissions on required files/directories
+ dodir /var/lib/postfix
+ keepdir /var/lib/postfix
+ fowners postfix:postfix /var/lib/postfix
+ fowners postfix:postfix /var/lib/postfix/.keep_${CATEGORY}_${PN}-${SLOT}
+ fperms 0750 /var/lib/postfix
+ fowners root:postdrop /usr/sbin/post{drop,queue}
+ fperms 02711 /usr/sbin/post{drop,queue}
+
+ keepdir /etc/postfix
+ mv "${D}"/usr/share/doc/${PF}/defaults/{*.cf,post*-*} "${D}"/etc/postfix
+ if use mbox ; then
+ mypostconf="mail_spool_directory=/var/spool/mail"
+ else
+ mypostconf="home_mailbox=.maildir/"
+ fi
+ "${D}/usr/sbin/postconf" -c "${D}/etc/postfix" \
+ -e ${mypostconf} || die "postconf failed"
+
+ insinto /etc/postfix
+ newins "${FILESDIR}/smtp.pass" saslpass
+ fperms 600 /etc/postfix/saslpass
+
+ newinitd "${FILESDIR}/postfix.rc6.${RC_VER}" postfix || die "newinitd failed"
+
+ mv "${S}/examples" "${D}/usr/share/doc/${PF}/"
+ dodoc *README COMPATIBILITY HISTORY INSTALL PORTING RELEASE_NOTES*
+ dohtml html/*
+
+ pamd_mimic_system smtp auth account
+
+ if use sasl ; then
+ insinto /etc/sasl2
+ newins "${FILESDIR}/smtp.sasl" smtpd.conf
+ fi
+}
+
+pkg_postinst() {
+ # Add postfix, postdrop user/group (bug #77565)
+ group_user_check || die "Failed to check/add needed user/group"
+
+ # Do not install server.{key,pem) SSL certificates if they already exist
+ if use ssl && [[ ! -f "${ROOT}"/etc/ssl/postfix/server.key \
+ && ! -f "${ROOT}"/etc/ssl/postfix/server.pem ]] ; then
+ SSL_ORGANIZATION="${SSL_ORGANIZATION:-Postfix SMTP Server}"
+ install_cert /etc/ssl/postfix/server
+ chown postfix:mail "${ROOT}"/etc/ssl/postfix/server.{key,pem}
+ fi
+
+ ebegin "Fixing queue directories and permissions"
+ "${ROOT}/etc/postfix/post-install" upgrade-permissions
+ echo
+ ewarn "If you upgraded from Postfix-1.x, you must revisit"
+ ewarn "your configuration files. See"
+ ewarn " /usr/share/doc/${PF}/RELEASE_NOTES"
+ ewarn "for a list of changes."
+
+ if [[ ! -e /etc/mail/aliases.db ]] ; then
+ echo
+ ewarn "You must edit /etc/mail/aliases to suit your needs"
+ ewarn "and then run /usr/bin/newaliases. Postfix will not"
+ ewarn "work correctly without it."
+ fi
+
+ # regular ebuild
+ if ! use mailwrapper && [[ -e /etc/mailer.conf ]] ; then
+ einfo
+ einfo "Since you emerged Postfix without mailwrapper in USE,"
+ einfo "you may want to 'emerge -C mailwrapper' now."
+ einfo
+ fi
+ # mailer-config support
+ #mailer_pkg_postinst
+}