diff options
author | Vladimír Čunát <vcunat@gmail.com> | 2016-05-26 16:50:22 +0200 |
---|---|---|
committer | Vladimír Čunát <vcunat@gmail.com> | 2016-05-26 16:50:22 +0200 |
commit | 81039713fad72bcfb6d29e358866344c254096c2 (patch) | |
tree | 5150eb44e296607c43c5c7ece21249d0e39ff098 /pkgs/servers/mail/opensmtpd | |
parent | 21df05d1ad9ad8b3e8138138f65525d2e6324341 (diff) | |
parent | 8fbdb40ef0ce39e6605db3dfd223402636de8907 (diff) | |
download | nixpkgs-81039713fad72bcfb6d29e358866344c254096c2.tar nixpkgs-81039713fad72bcfb6d29e358866344c254096c2.tar.gz nixpkgs-81039713fad72bcfb6d29e358866344c254096c2.tar.bz2 nixpkgs-81039713fad72bcfb6d29e358866344c254096c2.tar.lz nixpkgs-81039713fad72bcfb6d29e358866344c254096c2.tar.xz nixpkgs-81039713fad72bcfb6d29e358866344c254096c2.tar.zst nixpkgs-81039713fad72bcfb6d29e358866344c254096c2.zip |
Merge branch 'master' into staging
... to get the systemd update (rebuilding ~7k jobs).
Diffstat (limited to 'pkgs/servers/mail/opensmtpd')
-rw-r--r-- | pkgs/servers/mail/opensmtpd/default.nix | 38 | ||||
-rw-r--r-- | pkgs/servers/mail/opensmtpd/proc_path.diff | 76 |
2 files changed, 70 insertions, 44 deletions
diff --git a/pkgs/servers/mail/opensmtpd/default.nix b/pkgs/servers/mail/opensmtpd/default.nix index 94bc9f2bfe9..4dada752cf6 100644 --- a/pkgs/servers/mail/opensmtpd/default.nix +++ b/pkgs/servers/mail/opensmtpd/default.nix @@ -1,21 +1,38 @@ -{ stdenv, fetchurl, autoconf, automake, libtool, bison -, libasr, libevent, zlib, openssl, db, pam, cacert +{ stdenv, lib, fetchurl, autoconf, automake, libtool, bison +, libasr, libevent, zlib, openssl, db, pam + +# opensmtpd requires root for no reason to encrypt passwords, this patch fixes it +# see also https://github.com/OpenSMTPD/OpenSMTPD/issues/678 +, unpriviledged_smtpctl_encrypt ? true + +# This enables you to override the '+' character which typically separates the user from the tag in user+tag@domain.tld +, tag_char ? null }: stdenv.mkDerivation rec { name = "opensmtpd-${version}"; - version = "5.7.3p2"; + version = "5.9.2p1"; nativeBuildInputs = [ autoconf automake libtool bison ]; buildInputs = [ libasr libevent zlib openssl db pam ]; src = fetchurl { url = "http://www.opensmtpd.org/archives/${name}.tar.gz"; - sha256 = "0d2973008d0f66bebb84bed516be6c32617735241cc54dd26643529281a8e52b"; + sha256 = "07d7f1m5sxyz6mkk228rcm7fsf7350994ayvmhgph333q5rz48im"; }; patches = [ ./proc_path.diff ]; + postPatch = with builtins; with lib; + optionalString (isString tag_char) '' + sed -i -e "s,TAG_CHAR.*'+',TAG_CHAR '${tag_char}'," smtpd/smtpd-defines.h + '' + + optionalString unpriviledged_smtpctl_encrypt '' + substituteInPlace smtpd/smtpctl.c --replace \ + 'if (geteuid())' \ + 'if (geteuid() != 0 && !(argc > 1 && !strcmp(argv[1], "encrypt")))' + ''; + configureFlags = [ "--sysconfdir=/etc" "--localstatedir=/var" @@ -23,8 +40,9 @@ stdenv.mkDerivation rec { "--with-pam" "--without-bsd-auth" "--with-sock-dir=/run" - "--with-privsep-user=smtpd" - "--with-queue-user=smtpq" + "--with-user-smtpd=smtpd" + "--with-user-queue=smtpq" + "--with-group-queue=smtpq" "--with-ca-file=/etc/ssl/certs/ca-certificates.crt" "--with-libevent-dir=${libevent.dev}" "--enable-table-db" @@ -35,14 +53,14 @@ stdenv.mkDerivation rec { "localstatedir=\${TMPDIR}" ]; - meta = { + meta = with stdenv.lib; { homepage = https://www.opensmtpd.org/; description = '' A free implementation of the server-side SMTP protocol as defined by RFC 5321, with some additional standard extensions ''; - license = stdenv.lib.licenses.isc; - platforms = stdenv.lib.platforms.linux; - maintainers = [ stdenv.lib.maintainers.rickynils ]; + license = licenses.isc; + platforms = platforms.linux; + maintainers = with maintainers; [ rickynils obadz ]; }; } diff --git a/pkgs/servers/mail/opensmtpd/proc_path.diff b/pkgs/servers/mail/opensmtpd/proc_path.diff index 0e8eac0bb83..9306685e365 100644 --- a/pkgs/servers/mail/opensmtpd/proc_path.diff +++ b/pkgs/servers/mail/opensmtpd/proc_path.diff @@ -1,11 +1,12 @@ -diff -Naur opensmtpd-5.7.1p1/smtpd/parse.y opensmtpd-5.7.1p1.patched/smtpd/parse.y ---- opensmtpd-5.7.1p1/smtpd/parse.y 2015-06-30 10:13:34.000000000 +0200 -+++ opensmtpd-5.7.1p1.patched/smtpd/parse.y 2015-09-26 08:41:17.012472516 +0200 -@@ -2519,13 +2519,19 @@ +diff --git a/smtpd/parse.y b/smtpd/parse.y +index ab02719..c1c77d9 100644 +--- a/smtpd/parse.y ++++ b/smtpd/parse.y +@@ -2534,13 +2534,19 @@ create_filter_proc(char *name, char *prog) { struct filter_conf *f; char *path; -+ const char *proc_path; ++ const char *proc_path; if (dict_get(&conf->sc_filters, name)) { yyerror("filter \"%s\" already defined", name); @@ -13,64 +14,71 @@ diff -Naur opensmtpd-5.7.1p1/smtpd/parse.y opensmtpd-5.7.1p1.patched/smtpd/parse } - if (asprintf(&path, "%s/filter-%s", PATH_LIBEXEC, prog) == -1) { -+ proc_path = getenv("OPENSMTPD_PROC_PATH"); -+ if (proc_path == NULL) { -+ proc_path = PATH_LIBEXEC; -+ } ++ proc_path = getenv("OPENSMTPD_PROC_PATH"); ++ if (proc_path == NULL) { ++ proc_path = PATH_LIBEXEC; ++ } + + if (asprintf(&path, "%s/filter-%s", proc_path, prog) == -1) { yyerror("filter \"%s\" asprintf failed", name); return (0); } -diff -Naur opensmtpd-5.7.1p1/smtpd/smtpd.c opensmtpd-5.7.1p1.patched/smtpd/smtpd.c ---- opensmtpd-5.7.1p1/smtpd/smtpd.c 2015-06-30 10:13:34.000000000 +0200 -+++ opensmtpd-5.7.1p1.patched/smtpd/smtpd.c 2015-09-26 08:41:16.998472557 +0200 -@@ -854,6 +854,7 @@ +diff --git a/smtpd/smtpd.c b/smtpd/smtpd.c +index afc8891..9b0a80f 100644 +--- a/smtpd/smtpd.c ++++ b/smtpd/smtpd.c +@@ -795,6 +795,7 @@ fork_proc_backend(const char *key, const char *conf, const char *procname) char path[PATH_MAX]; char name[PATH_MAX]; char *arg; -+ char *proc_path; ++ char *proc_path; if (strlcpy(name, conf, sizeof(name)) >= sizeof(name)) { log_warnx("warn: %s-proc: conf too long", key); -@@ -864,7 +865,12 @@ +@@ -805,7 +806,12 @@ fork_proc_backend(const char *key, const char *conf, const char *procname) if (arg) *arg++ = '\0'; - if (snprintf(path, sizeof(path), PATH_LIBEXEC "/%s-%s", key, name) >= -+ proc_path = getenv("OPENSMTPD_PROC_PATH"); -+ if (proc_path == NULL) { -+ proc_path = PATH_LIBEXEC; -+ } ++ proc_path = getenv("OPENSMTPD_PROC_PATH"); ++ if (proc_path == NULL) { ++ proc_path = PATH_LIBEXEC; ++ } + + if (snprintf(path, sizeof(path), "%s/%s-%s", proc_path, key, name) >= (ssize_t)sizeof(path)) { log_warn("warn: %s-proc: exec path too long", key); return (-1); -diff -Naur opensmtpd-5.7.1p1/smtpd/table.c opensmtpd-5.7.1p1.patched/smtpd/table.c ---- opensmtpd-5.7.1p1/smtpd/table.c 2015-06-30 10:13:34.000000000 +0200 -+++ opensmtpd-5.7.1p1.patched/smtpd/table.c 2015-09-26 08:41:17.005472536 +0200 -@@ -201,6 +201,7 @@ +diff --git a/smtpd/table.c b/smtpd/table.c +index 21ee237..95b5164 100644 +--- a/smtpd/table.c ++++ b/smtpd/table.c +@@ -193,6 +193,7 @@ table_create(const char *backend, const char *name, const char *tag, struct table_backend *tb; char buf[LINE_MAX]; char path[LINE_MAX]; -+ const char *proc_path; ++ const char *proc_path; size_t n; struct stat sb; -@@ -215,8 +216,14 @@ +@@ -207,11 +208,16 @@ table_create(const char *backend, const char *name, const char *tag, if (name && table_find(name, NULL)) fatalx("table_create: table \"%s\" already defined", name); -+ proc_path = getenv("OPENSMTPD_PROC_PATH"); -+ if (proc_path == NULL) { -+ proc_path = PATH_LIBEXEC; -+ } ++ proc_path = getenv("OPENSMTPD_PROC_PATH"); ++ if (proc_path == NULL) { ++ proc_path = PATH_LIBEXEC; ++ } + if ((tb = table_backend_lookup(backend)) == NULL) { -- if ((size_t)snprintf(path, sizeof(path), PATH_LIBEXEC "/table-%s", +- if ((size_t)snprintf(path, sizeof(path), PATH_LIBEXEC"/table-%s", +- backend) >= sizeof(path)) { +- fatalx("table_create: path too long \"" +- PATH_LIBEXEC"/table-%s\"", backend); + if ((size_t)snprintf(path, sizeof(path), "%s/table-%s", -+ proc_path, - backend) >= sizeof(path)) { - fatalx("table_create: path too long \"" - PATH_LIBEXEC "/table-%s\"", backend); ++ proc_path, backend) >= sizeof(path)) { ++ fatalx("table_create: path too long \"%s/table-%s\"", ++ proc_path, backend); + } + if (stat(path, &sb) == 0) { + tb = table_backend_lookup("proc"); |