From 00c4a7f9c3103caf84646f074af3ba6b261c658a Mon Sep 17 00:00:00 2001 From: Daniel Golle Date: Wed, 17 Jul 2024 02:53:35 +0100 Subject: [PATCH] exim: update to 4.98 Remove upstreamed patch 300-avoid-time-printf.patch Exim/exim@9ae8613607b12257e1fe59c603119bc5d4cd3474 Exim version 4.98 ----------------- JH/01 Support list of dkim results in the dkim_status ACL condition, making it more usable in the data ACL. JH/02 Bug 3040: Handle error on close of the spool data file during reception. Previously This was only logged, on the assumption that errors would be seen for a previous fflush(). However, a fuse filesystem has been reported as showing this an error for the fclose(). The spool is now in an uncertain state, and we have logged and responded acceptance. Change this to respond with a temp-reject, wipe spoolfiles, and log the error detail. JH/03 Bug 3030: Fix handling of DNS servfail respons for DANE TLSA. When hit during a recipient verify callout, a QUIT command was attempted on the now-closed callout channel, causing a paniclog entry. JH/04 Bug 3039: Fix handling of of an empty log_reject_target, with a connection_reject log_selector, under tls_on_connect. Previously with this combination, when the connect ACL rejected, a spurious paniclog entry was made. JH/05 Fix TLS resumption for TLS-on-connect. This was broken by the advent of loadbalancer-detection for resumption, in 4.96 - which tries to use the EHLO response. SMTPS does not have one at the time it is starting TLS. Change the default for the smtp transport host_name_extract option to be a static string, for TLS-on-connect cases; meaning that resumption will always be attempted (unless deliberately overriden). JH/06 Bug 3054: Fix dnsdb lookup for a TXT record with multiple chunks, with a chunk-separator specification. This was broken by hardening introduced for Bug 3031. JH/07 Bug 3050: Fix -bp for old message_id format spoolfiles. Previously it included the -H with the id; this also messed up exiqgrep. JH/08 Bug 3056: Tighten up parsing of DKIM DNS records. Previously, whitespace was not properly skipped and empty elements would cause mis-parsing. Tighten parsing of DKIM header records. Previously, all but lowercase alpha chars would be ignored in potential tag names. JH/09 Bug 3057: Add heuristic for spotting mistyped IPv6 addresses in lists being searched. Previously we only had one for IPv4 addresses. Per the documentation, the error results by default in a no-match result for the list. It is logged if the unknown_in_list log_selector is used. JH/10 Bug 3058: Ensure that a failing expansion in a router "set" option defers the routing operation. Previously it would silently stop routing the message. JH/11 Bug 3046: Fix queue-runs. Previously, the arrivel of a notification or info-request event close in time to a scheduled run timer could result in the latter being missed, and no further queue scheduled runs being initiated. This ouwld be more likely on high-load systems. JH/12 Refuse to accept a line "dot, LF" as end-of-DATA unless operating in LF-only mode (as detected from the first header line). Previously we did accept that in (normal) CRLF mode; this has been raised as a possible attack scenario (under the name "smtp smuggling"). JH/13 Add an fdatasync call for the received message data file in spool, before loggging reception and sending the SMTP ack. Previously we only flushed the stdio buffer so there was still the possibility of a disk error. JH/14 Bug 3061: Avoid a split log line when trying to rewrite a malformed address. Previously, for the last address in a header line (commonly there is only one) the terminating newline was part of the logged information. JH/15 Bug 3061: Ensure a log line is written for a malformed address in a header, when parsing for address-qualification. Previously one was only written if there were rewrite rules. JH/16 Two-phase queue runs are now reported in the daemon startup log line and in exiwhat output. JH/17 Bug 3064: Fix combination of "-q -R ". Introduction of the multiple-queue-runners facility for 4.97 broke this, giving only a one-time run of the queue. JH/18 Bug 3068: Log a warning for use of deprecated syntax in query-style lookups. JH/19 Fix TLS startup. When the last expansion done before the initiation of a TLS session resulted in a forced-fail, a misleading error was logged for the expansino of tls_certificates. This would affect the common case of that option being set (main-section options) but not having any variable parts. It could also potentially affect tls_privatekeys. The underlyding coding errors go back to 4.90 but were only exposed in 4.97. JH/20 Bug 3047: A recent (somewhere between 10.34 and 10.42) version of the pcre2 library starting allocating 20kB rather than 112 bytes per match call, which broke the 2GB total limitation on Exim's memory management when a user had over 104207 messages stored and the appendfile maildir_quota_directory_regex option is in use. Release the allocated memory every thosand files to avoid this. The same issue arises with the ACL regex condition, which is applied to every line of a received message. JH/21 Bug 3059: Fix crash in smtp transport. When running for a message for which all recipients had been handled (itself an issue) a null-pointer deref was done on trying to write a retry record. Fix that by counting the outstanding recipients before trying to transmit the message. The situation arose for a second MX try within a transport run, when the first had perm-rejected a recipient (the only one for the connection, in the case seen) during pipelining, and then closed the TCP connection. The transport classified that as an I/O error, leaving the message outstanding but having marked up the recipient as dealt-with. It then tried another MX because of the I/O error. Fix this by converting the message-level status to ok if there was a close but all recipients were dealt with. Thanks to Wolfgand Breyha for debug runs. JH/22 The ESMTP_LIMITS facility (RFC 9422) is promoted from experimental status and is now controlled by the build-time option DISABLE_ESMTP_LIMITS. JH/23 Bug 3066: Avoid leaking lookup database credentials to log. JH/24 Bug 3081: Fix a delivery process crash. When the router "errors_to" option specified a fixed address, later rewriting on that address would trip on the configuration data being readonly. Instead of modifying in-place, copy data. Found and fixed by Peter Benie. JH/25 Bug 3079: Fix crash in dbmnz. When a key was present for zero-length data a null pointer was followed. Find and testcase by Sebastian Bugge. JH/26 Fix encoding for an AUTH parameter on a MAIL FROM command. Previously decimal 127 chars were not encoded, and lowercase hex was used for encoded values. Outstanding since at least 1999. JH/27 Fix crash in logging. When a message with a large number of recipients had been received, and logging of recipients is enabled, the buffer used for logging could reach limit. A read using a null pointer would then be done, resulting in a crash of the receiving process before an SMTP ACK for the message was returned to the sending system. Duplicate messages were created as a result. Find and debug help by Mateusz Krawczyk JH/28 Bug 3086: Fix exinext for ipv6. Change the format of keys in the retry DB, wrapping transport record bare-ip "host names" and ipv6 "host addresses" in square-brackets. This makes the parsing that exinext does more reliable. JH/29 Bug 3087: Fix SRS encode. A zero-length quoted element in the local-part would cause a crash. JH/30 Bug 3029: Avoid feeding Resent-From: to DMARC. JH/31 Bug 3027: For -bh / -bhc tests change to using the compressed form of ipv6 addresses for the sender. Previously the uncompressed form was used, and if used in textual form this would result in behavior difference versus non-bh. JH/32 Bug 3096: MAIL before HELO/EHLO, where required by hosts_require_helo, is now classed as a protocol error and subject to smtp_max_synprot_errors. JH/33 Bug 2994: A subdir dsearch lookup should permit a directory name that starts ".." and has following characters. JH/34 Fix delivery ordering for 2-phase queue run combined with queue_run_in_order. JH/35 Bug 3099: fix parsing of MIME filename= split over multiple paramemters. Previously the $mime_filename variable would have an incorrect value. While in the code, extend coverage to name= which previously was only supported for single parameters, despite also filling in $mime_filename. Signed-off-by: Daniel Golle --- mail/exim/Makefile | 4 ++-- mail/exim/patches/030-openssl-deprecated.patch | 6 +++--- mail/exim/patches/100-localscan_dlopen.patch | 8 ++++---- mail/exim/patches/200-fix-build.patch | 2 +- mail/exim/patches/300-avoid-time-printf.patch | 11 ----------- 5 files changed, 10 insertions(+), 21 deletions(-) delete mode 100644 mail/exim/patches/300-avoid-time-printf.patch diff --git a/mail/exim/Makefile b/mail/exim/Makefile index 8fa2147114..714fe2d8df 100644 --- a/mail/exim/Makefile +++ b/mail/exim/Makefile @@ -1,12 +1,12 @@ include $(TOPDIR)/rules.mk PKG_NAME:=exim -PKG_VERSION:=4.97.1 +PKG_VERSION:=4.98 PKG_RELEASE:=1 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz PKG_SOURCE_URL:=https://ftp.exim.org/pub/exim/exim4/ -PKG_HASH:=bd782057509a793593508528590626d185ea160ce32cb34beda262e99cefdfa9 +PKG_HASH:=0ebc108a779f9293ba4b423c20818f9a3db79b60286d96abc6ba6b85a15852f7 PKG_MAINTAINER:=Daniel Golle PKG_LICENSE:=GPL-2.0-or-later diff --git a/mail/exim/patches/030-openssl-deprecated.patch b/mail/exim/patches/030-openssl-deprecated.patch index b3ecb56626..1fb90087b6 100644 --- a/mail/exim/patches/030-openssl-deprecated.patch +++ b/mail/exim/patches/030-openssl-deprecated.patch @@ -34,7 +34,7 @@ #ifndef OPENSSL_NO_ECDH # include #endif -@@ -944,8 +947,9 @@ pkey = EVP_RSA_gen(2048); +@@ -947,8 +950,9 @@ pkey = EVP_RSA_gen(2048); X509_set_version(x509, 2); /* N+1 - version 3 */ ASN1_INTEGER_set(X509_get_serialNumber(x509), 1); @@ -46,7 +46,7 @@ X509_set_pubkey(x509, pkey); name = X509_get_subject_name(x509); -@@ -4979,8 +4983,8 @@ return string_fmt_append(g, +@@ -4972,8 +4976,8 @@ return string_fmt_append(g, " Runtime: %s\n" " : %s\n", OPENSSL_VERSION_TEXT, @@ -57,7 +57,7 @@ /* third line is 38 characters for the %s and the line is 73 chars long; the OpenSSL output includes a "built on: " prefix already. */ } -@@ -5022,8 +5026,6 @@ if (pidnow != pidlast) +@@ -5015,8 +5019,6 @@ if (pidnow != pidlast) is unique for each thread", this doesn't apparently apply across processes, so our own warning from vaguely_random_number_fallback() applies here too. Fix per PostgreSQL. */ diff --git a/mail/exim/patches/100-localscan_dlopen.patch b/mail/exim/patches/100-localscan_dlopen.patch index 69f62ed38e..cdf3e3eacd 100644 --- a/mail/exim/patches/100-localscan_dlopen.patch +++ b/mail/exim/patches/100-localscan_dlopen.patch @@ -10,7 +10,7 @@ Last-Update: 2021-07-28 --- a/src/EDITME +++ b/src/EDITME -@@ -904,6 +904,21 @@ HEADERS_CHARSET="ISO-8859-1" +@@ -913,6 +913,21 @@ HEADERS_CHARSET="ISO-8859-1" #------------------------------------------------------------------------------ @@ -275,7 +275,7 @@ Last-Update: 2021-07-28 /* End of local_scan.h */ --- a/src/readconf.c +++ b/src/readconf.c -@@ -216,6 +216,9 @@ static optionlist optionlist_config[] = +@@ -219,6 +219,9 @@ static optionlist optionlist_config[] = { "local_from_prefix", opt_stringptr, {&local_from_prefix} }, { "local_from_suffix", opt_stringptr, {&local_from_suffix} }, { "local_interfaces", opt_stringptr, {&local_interfaces} }, @@ -287,7 +287,7 @@ Last-Update: 2021-07-28 #endif --- a/src/string.c +++ b/src/string.c -@@ -453,6 +453,7 @@ return ss; +@@ -455,6 +455,7 @@ return ss; #if (defined(HAVE_LOCAL_SCAN) || defined(EXPAND_DLFUNC)) \ && !defined(MACRO_PREDEF) && !defined(COMPILE_UTILITY) @@ -295,7 +295,7 @@ Last-Update: 2021-07-28 /************************************************* * Copy and save string * *************************************************/ -@@ -498,6 +499,7 @@ string_copyn_function(const uschar * s, +@@ -500,6 +501,7 @@ string_copyn_function(const uschar * s, { return string_copyn(s, n); } diff --git a/mail/exim/patches/200-fix-build.patch b/mail/exim/patches/200-fix-build.patch index e5c63c32d8..25a5298c71 100644 --- a/mail/exim/patches/200-fix-build.patch +++ b/mail/exim/patches/200-fix-build.patch @@ -1,6 +1,6 @@ --- a/src/exim.c +++ b/src/exim.c -@@ -642,13 +642,15 @@ exim_nullstd(void) +@@ -647,13 +647,15 @@ exim_nullstd(void) { int devnull = -1; struct stat statbuf; diff --git a/mail/exim/patches/300-avoid-time-printf.patch b/mail/exim/patches/300-avoid-time-printf.patch deleted file mode 100644 index f4f1c88ec0..0000000000 --- a/mail/exim/patches/300-avoid-time-printf.patch +++ /dev/null @@ -1,11 +0,0 @@ ---- a/src/transports/smtp.c -+++ b/src/transports/smtp.c -@@ -938,7 +938,7 @@ if ( sx->early_pipe_active - if (!(er = dbfn_read_enforce_length(dbm_file, ehlo_resp_key, sizeof(dbdata_ehlo_resp)))) - debug_printf("no ehlo-resp record!\n"); - else -- debug_printf("ehlo-resp record is %d seconds old\n", time(NULL) - er->time_stamp); -+ debug_printf("ehlo-resp record is %.0f seconds old\n", difftime(time(NULL), er->time_stamp)); - } - - dbfn_delete(dbm_file, ehlo_resp_key); -- 2.30.2