- update to postfix-3.3.4

Changelog: 20190312 Bugfix (introduced: Postfix 2.2): reject_multi_recipient_bounce has been producing false rejects starting with the Postfix 2.2 smtpd_end_of_data_restrictons, and for the same reasons, did the same with the Postfix 3.4 BDAT command. The latter was reported by Andreas Schulze. File: smtpd/smtpd_check.c. 20190328 Bugfix (introduced: Postfix 3.0): LMTP connections over UNIX-domain sockets were cached but not reused, due to a cache lookup key mismatch. Therefore, idle cached connections could exhaust LMTP server resources, resulting in two-second pauses between email deliveries. This problem was investigated by Juliana Rodrigueiro. File: smtp/smtp_connect.c.
svn path=/head/; revision=497399
2024-11-19 00:13:33 +00:00 · 2019-03-31 13:08:05 +00:00 · 2019-03-31 13:08:05 +00:00 · c305034bca · 2021-03-31 03:12:20 +00:00
commit c305034bca
parent d305ba17ca
5 changed files with 15 additions and 70 deletions
--- a/mail/postfix/Makefile
+++ b/mail/postfix/Makefile
@ -2,8 +2,8 @@
 # $FreeBSD$

 PORTNAME=	postfix
-DISTVERSION=	3.3.3
-PORTREVISION?=	1
+DISTVERSION=	3.3.4
+PORTREVISION?=	0
 PORTEPOCH=	1
 CATEGORIES=	mail ipv6
 MASTER_SITES=	ftp://ftp.porcupine.org/mirrors/postfix-release/ \
--- a/mail/postfix/distinfo
+++ b/mail/postfix/distinfo
@ -1,3 +1,3 @@
-TIMESTAMP = 1551226020
-SHA256 (postfix/postfix-3.3.3.tar.gz) = 8740ab65037500ee7844192cf6b798d52ecc4838cd018337a504c52da813285a
-SIZE (postfix/postfix-3.3.3.tar.gz) = 4429713
+TIMESTAMP = 1553957353
+SHA256 (postfix/postfix-3.3.4.tar.gz) = 847818bb82d0d7e83303a30206330b5d6bd035bbbb0086782cd87dcb8ac99bd3
+SIZE (postfix/postfix-3.3.4.tar.gz) = 4429964
--- a/mail/postfix/files/patch-src_tls_tls__client.c
+++ b/mail/postfix/files/patch-src_tls_tls__client.c
@ -9,12 +9,3 @@
 
     /*
      * Initialize the OpenSSL library by the book! To start with, we must
-@@ -441,7 +441,7 @@ TLS_APPL_STATE *tls_client_init(const TL
-     /*
-      * 2015-12-05: Ephemeral RSA removed from OpenSSL 1.1.0-dev
-      */
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
-+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
- 
-     /*
-      * According to the OpenSSL documentation, temporary RSA key is needed
--- a/mail/postfix/files/patch-src_tls_tls__rsa.c
+++ b/mail/postfix/files/patch-src_tls_tls__rsa.c
@ -1,20 +0,0 @@
--- src/tls/tls_rsa.c.orig	2016-01-03 14:49:51 UTC
-+++ src/tls/tls_rsa.c
-@@ -57,7 +57,7 @@
-  /*
-   * 2015-12-05: Ephemeral RSA removed from OpenSSL 1.1.0-dev
-   */
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
-+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
- 
- /* tls_tmp_rsa_cb - call-back to generate ephemeral RSA key */
- 
-@@ -109,7 +109,7 @@ int     main(int unused_argc, char *cons
-     /*
-      * 2015-12-05: Ephemeral RSA removed from OpenSSL 1.1.0-dev
-      */
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
-+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
-     RSA    *rsa;
- 
-     msg_vstream_init(argv[0], VSTREAM_ERR);
--- a/mail/postfix/files/patch-src_tls_tls__server.c
+++ b/mail/postfix/files/patch-src_tls_tls__server.c
@ -1,38 +1,12 @@
 --- src/tls/tls_server.c.orig	2018-11-17 22:33:15 UTC
 +++ src/tls/tls_server.c
-@@ -174,7 +174,7 @@ static const char server_session_id_cont
- #endif					/* OPENSSL_VERSION_NUMBER */
- 
-  /* OpenSSL 1.1.0 bitrot */
-#if OPENSSL_VERSION_NUMBER >= 0x10100000L
-+#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
- typedef const unsigned char *session_id_t;
- 
- #else
-@@ -377,7 +377,7 @@ TLS_APPL_STATE *tls_server_init(const TL
-      */
-     tls_check_version();
- 
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
-+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
- 
-     /*
-      * Initialize the OpenSSL library by the book! To start with, we must
-@@ -486,7 +486,7 @@ TLS_APPL_STATE *tls_server_init(const TL
-      * OpenSSL 0.9.8h, while SSL_NO_TICKET was added in 0.9.8f.
-      */
- #ifdef SSL_OP_NO_TICKET
-#if !defined(OPENSSL_NO_TLSEXT) && OPENSSL_VERSION_NUMBER >= 0x0090808fL
-+#if !defined(OPENSSL_NO_TLSEXT) && OPENSSL_VERSION_NUMBER >= 0x0090808fL && !defined(LIBRESSL_VERSION_NUMBER)
-     ticketable = (*var_tls_tkt_cipher && scache_timeout > 0
- 		  && !(off & SSL_OP_NO_TICKET));
-     if (ticketable) {
-@@ -595,7 +595,7 @@ TLS_APPL_STATE *tls_server_init(const TL
-     /*
-      * 2015-12-05: Ephemeral RSA removed from OpenSSL 1.1.0-dev
-      */
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
-+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
- 
-     /*
-      * According to OpenSSL documentation, a temporary RSA key is needed when
+@@ -517,7 +517,9 @@ TLS_APPL_STATE *tls_server_init(const TL
+ 	 * ticket decryption callback already (since 2.11) asks OpenSSL to
+ 	 * avoid issuing new tickets when the presented ticket is re-usable.
+ 	 */
+#ifndef LIBRESSL_VERSION_NUMBER
+ 	SSL_CTX_set_num_tickets(server_ctx, 1);
+#endif
+     }
+ #endif
+     if (!ticketable)