aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorvsevolod <vsevolod@FreeBSD.org>2014-07-22 23:39:44 +0800
committervsevolod <vsevolod@FreeBSD.org>2014-07-22 23:39:44 +0800
commite0da321c1bd198034dbdf5e91d6aa5a736a5cddb (patch)
tree19bbae85fd6e60f76bc00eb82df6cb57677d18b3
parent6903463f32073f1eb9fa7908246e750e53c96614 (diff)
downloadfreebsd-ports-gnome-e0da321c1bd198034dbdf5e91d6aa5a736a5cddb.tar.gz
freebsd-ports-gnome-e0da321c1bd198034dbdf5e91d6aa5a736a5cddb.tar.zst
freebsd-ports-gnome-e0da321c1bd198034dbdf5e91d6aa5a736a5cddb.zip
Update to 4.83.
Changes in the port: - Added new options: * DNSSEC: validate peers using TLSA records * PRDR: Per-Recipient-Data-Response support * CERTNAMES: Check certiticates ownership * DSN: Delivery Status Notifications * PROXY: Experimental Proxy Protocol - Enable OCSP stapling by default - Disable NIS by default - SRS support is now radio group - DNSSEC and PRDR are now enabled by default Changes in exim itself: This release contains the following enhancements and bugfixes: + PRDR was promoted from Experimental to mainline + OCSP Stapling was promoted from Experimental to mainline + new Experimental feature Proxy Protocol + new Experimental feature DSN (Delivery Status Notifications) + TLS session improvements + TLS SNI fixes + LDAP enhancements + DMARC fixes (previous CVE-2014-2957) and new $dmarc_domain_policy + several new operations (listextract, utf8clean, md5, sha1) + enforce header formatting with verify=header_names_ascii + new commandline option -oMm + new TLSA dns lookup + new malware "sock" type + cutthrough routing enhancements + logging enhancements + DNSSEC enhancements + exiqgrep enhancements + deprecating non-standard SPF results + build and portability fixes + documentation fixes and enhancements Uncompatible changes: This release of Exim includes one incompatible fix: the behavior of expansion of arguments to math comparison functions (<, <=, =, =>, >) was unexpected, expanding the values twice. This fix also addresses a security advisory, CVE-2014-2972. This is not a remote exploit, but if content that is searched by the above math comparison functions is under the control of an attacker, specially crafted data can be inserted that will cause the Exim mail server to perform various file-system functions as the exim user.
-rw-r--r--mail/exim-doc-html/Makefile2
-rw-r--r--mail/exim-doc-html/distinfo12
-rw-r--r--mail/exim/Makefile30
-rw-r--r--mail/exim/distinfo4
-rw-r--r--mail/exim/options27
5 files changed, 51 insertions, 24 deletions
diff --git a/mail/exim-doc-html/Makefile b/mail/exim-doc-html/Makefile
index 0e0d651873a3..cdf6fbc01e3d 100644
--- a/mail/exim-doc-html/Makefile
+++ b/mail/exim-doc-html/Makefile
@@ -2,7 +2,7 @@
# $FreeBSD$
PORTNAME= exim
-PORTVERSION= 4.82.1
+PORTVERSION= 4.83
CATEGORIES= mail
MASTER_SITES= ${MASTER_SITE_EXIM:S/$/:exim/}
MASTER_SITE_SUBDIR= exim4/:exim
diff --git a/mail/exim-doc-html/distinfo b/mail/exim-doc-html/distinfo
index 80f67147bd00..15688c5f2783 100644
--- a/mail/exim-doc-html/distinfo
+++ b/mail/exim-doc-html/distinfo
@@ -1,6 +1,6 @@
-SHA256 (exim/exim-html-4.82.1.tar.bz2) = 81d0237cff64b259d47c758d5c82da93bd2e7b8ce048974d53d90e597eee122e
-SIZE (exim/exim-html-4.82.1.tar.bz2) = 458569
-SHA256 (exim/exim-pdf-4.82.1.tar.bz2) = 2e3705504f22633a14d417ffcb72c6beddc2f142e38ff4f01394b83ae583ff42
-SIZE (exim/exim-pdf-4.82.1.tar.bz2) = 1835284
-SHA256 (exim/exim-postscript-4.82.1.tar.bz2) = f9c69153b1da3ef854c73ac98ec5bcef842438c5630819bc2287dec869bd039d
-SIZE (exim/exim-postscript-4.82.1.tar.bz2) = 1008574
+SHA256 (exim/exim-html-4.83.tar.bz2) = d7b38922f2aedd9eb4db7aa0e1e1c0fcd948777a4c8bac7971eaf4b2959bf0de
+SIZE (exim/exim-html-4.83.tar.bz2) = 464789
+SHA256 (exim/exim-pdf-4.83.tar.bz2) = 478fca2c13fbda403fb0c373dc61e82aa434e7167c0341f24b83195afd294b82
+SIZE (exim/exim-pdf-4.83.tar.bz2) = 1856787
+SHA256 (exim/exim-postscript-4.83.tar.bz2) = 7f8ef825a832debdab54173bfb4e86acaaa6eb139a64e8b87a785183354375cf
+SIZE (exim/exim-postscript-4.83.tar.bz2) = 1019858
diff --git a/mail/exim/Makefile b/mail/exim/Makefile
index 9aa8e8387547..ae86747dba11 100644
--- a/mail/exim/Makefile
+++ b/mail/exim/Makefile
@@ -3,7 +3,6 @@
PORTNAME= exim
PORTVERSION?= ${EXIM_VERSION}
-PORTREVISION= 7
CATEGORIES= mail ipv6
MASTER_SITES= ${MASTER_SITE_EXIM:S/$/:exim/}
MASTER_SITE_SUBDIR= exim4/:exim
@@ -75,7 +74,7 @@ IGNORE= You cannot enable OCSP stapling with gnutls
.endif
# DMARC implies SPF
-.if ${PORT_OPTIONS:MOCSP}
+.if ${PORT_OPTIONS:MDMARC}
.if ! ${PORT_OPTIONS:MSPF} || ! ${PORT_OPTIONS:MDKIM}
IGNORE= You cannot enable DMARC without SPF and DKIM support
.endif
@@ -93,7 +92,7 @@ MASTER_SITES+= ftp://ftp.renatasystems.org/pub/FreeBSD/ports/distfiles/:so_1024
DISTFILES+= spamooborona1024-src-${SO_1024_VERSION}.tar.gz:so_1024
.endif
-EXIM_VERSION= 4.82.1
+EXIM_VERSION= 4.83
SA_EXIM_VERSION=4.2
SO_1024_VERSION=3.2
EXIM_INSTALL_ARG+= "-no_chown" "-no_symlink"
@@ -199,8 +198,28 @@ SEDLIST+= -e 's,^\# (EXPAND_LISTMATCH_RHS=),\1,'
SEDLIST+= -e 's,^\# (EXPERIMENTAL_DCC=),\1,'
.endif
-.if ${PORT_OPTIONS:MOCSP}
-SEDLIST+= -e 's,^\# (EXPERIMENTAL_OCSP=),\1,'
+.if ${PORT_OPTIONS:MPROXY}
+SEDLIST+= -e 's,^\# (EXPERIMENTAL_PROXY=),\1,'
+.endif
+
+.if ${PORT_OPTIONS:MCERTNAMES}
+SEDLIST+= -e 's,^\# (EXPERIMENTAL_CERTNAMES=),\1,'
+.endif
+
+.if ${PORT_OPTIONS:MDSN}
+SEDLIST+= -e 's,^\# (EXPERIMENTAL_DSN=),\1,'
+.endif
+
+.if !${PORT_OPTIONS:MPRDR}
+SEDLIST+= -e 's,^\# (DISABLE_PRDR=),\1,'
+.endif
+
+.if !${PORT_OPTIONS:MOCSP}
+SEDLIST+= -e 's,^\# (DISABLE_OCSP=),\1,'
+.endif
+
+.if !${PORT_OPTIONS:MDNSSEC}
+SEDLIST+= -e 's,^\# (DISABLE_DNSSEC=),\1,'
.endif
.if ${PORT_OPTIONS:MDMARC}
@@ -210,7 +229,6 @@ SEDLIST+= -e 's,XX_DMARC_LIBS_XX,-L${LOCALBASE}/lib -lopendmarc,' \
SEDLIST+= -e 's,XX_DMARC_LIBS_XX,,'
.endif
-
.if ${PORT_OPTIONS:MWISHLIST}
EXTRA_PATCHES+= `${FIND} ${PATCHDIR} -name 'wishlist-*.patch'`
.endif
diff --git a/mail/exim/distinfo b/mail/exim/distinfo
index 750ee94c2a1e..3c9ca47bf80b 100644
--- a/mail/exim/distinfo
+++ b/mail/exim/distinfo
@@ -1,5 +1,5 @@
-SHA256 (exim/exim-4.82.1.tar.bz2) = 51798cead70b9ca03df88afb63f7a0cabedee8ef82c02bd18d67591c08b14500
-SIZE (exim/exim-4.82.1.tar.bz2) = 1722912
+SHA256 (exim/exim-4.83.tar.bz2) = efa031b89ffb2ab844a4bf9d3a5d7ca4d587d82b62ae233d68c4f26e079a6a02
+SIZE (exim/exim-4.83.tar.bz2) = 1761169
SHA256 (exim/sa-exim-4.2.tar.gz) = 72e0a735547f18b05785e6c58a71d24623858f0f5234a5dc0e24cb453999e99a
SIZE (exim/sa-exim-4.2.tar.gz) = 66575
SHA256 (exim/spamooborona1024-src-3.2.tar.gz) = ab22a430f3860460045f6b213c68c89700a0cd10cbb6c7a808ece326c53787ee
diff --git a/mail/exim/options b/mail/exim/options
index 029f3f1984de..71a2b03af182 100644
--- a/mail/exim/options
+++ b/mail/exim/options
@@ -1,11 +1,10 @@
OPTIONS_DEFINE+= ALT_CONFIG_PREFIX \
CONTENT_SCAN \
DAEMON \
- DCC \
DEBUG \
DISABLE_D_OPT \
DKIM \
- DMARC \
+ DNSSEC \
DOCS \
EMBEDDED_PERL \
EXIMON \
@@ -13,12 +12,11 @@ OPTIONS_DEFINE+= ALT_CONFIG_PREFIX \
IPV6 \
LISTMATCH_RHS \
LMTP \
+ NIS \
OCSP \
OLD_DEMIME \
+ PRDR \
READLINE \
- SPF \
- SRS \
- SRS_ALT \
SUID \
TCP_WRAPPERS \
WISHLIST \
@@ -33,6 +31,7 @@ OPTIONS_DEFAULT+= AUTH_CRAM_MD5 \
DISABLE_D_OPT \
DKIM \
DNSDB \
+ DNSSEC \
DSEARCH \
EMBEDDED_PERL \
ICONV \
@@ -41,10 +40,11 @@ OPTIONS_DEFAULT+= AUTH_CRAM_MD5 \
MAILDIR \
MAILSTORE \
MBX \
- NIS \
+ OCSP \
OLD_DEMIME \
PAM \
PASSWD \
+ PRDR \
SUID \
TLS
@@ -52,7 +52,9 @@ OPTIONS_RADIO_TLS= TLS GNUTLS
TLS_DESC= TLS support
OPTIONS_RADIO_LS= SA_EXIM SO_1024 KAS
LS_DESC= Local scan patch
-OPTIONS_RADIO= TLS LS
+OPTIONS_RADIO_SRSR= SRS SRS_ALT
+SRSR_DESC= Sender Rewriting Scheme
+OPTIONS_RADIO= TLS LS SRSR
OPTIONS_GROUP_AUTH= AUTH_CRAM_MD5 AUTH_DOVECOT AUTH_PLAINTEXT AUTH_RADIUS AUTH_SASL AUTH_SPA SASLAUTHD PAM PASSWD
AUTH_DESC= SMTP Authorization
@@ -60,7 +62,9 @@ OPTIONS_GROUP_LOOKUP= CDB BDB DNSDB DSEARCH LSEARCH MYSQL NIS OPENLDAP PGSQL RED
LOOKUP_DESC= Lookup support
OPTIONS_GROUP_STORAGE= MAILDIR MAILSTORE MBX
STORAGE_DESC= Supported storage formats
-OPTIONS_GROUP= AUTH LOOKUP STORAGE
+OPTIONS_GROUP_EXPERIMENTAL= CERTNAMES DCC DMARC DSN PROXY SPF
+EXPERIMENTAL_DESC= Experimental options
+OPTIONS_GROUP= AUTH LOOKUP STORAGE EXPERIMENTAL
ALT_CONFIG_PREFIX_DESC= Restrict the set of configuration files
AUTH_CRAM_MD5_DESC= Enable CRAM-MD5 authentication mechanisms
@@ -69,6 +73,8 @@ AUTH_PLAINTEXT_DESC= Enable plaintext authentication
AUTH_RADIUS_DESC= Enable radius (RFC 2865) authentication
AUTH_SASL_DESC= Enable use of Cyrus SASL auth library
AUTH_SPA_DESC= Enable Secure Password Authentication
+CERTNAMES_DESC= Check certiticates ownership
+DSN_DESC= Enable Delivery Status Notifications
BDB_DESC= Enable Berkeley DB lookups
CDB_DESC= Enable CDB-style lookups
CONTENT_SCAN_DESC= Enable exiscan email content scanner
@@ -78,6 +84,7 @@ DISABLE_D_OPT_DESC= Disable macros overrides using option -D
DKIM_DESC= Enable support for DKIM
DMARC_DESC= Enable DMARC support
DNSDB_DESC= Enable DNS-style lookups
+DNSSEC_DESC= Enable DNSSEC validation
DSEARCH_DESC= Enable directory-list lookups
EMBEDDED_PERL_DESC= Enable embedded Perl interpreter
EXIMON_DESC= Build eximon monitor (requires X libraries)
@@ -97,8 +104,10 @@ OCSP_DESC= Enable OCSP stapling
PAM_DESC= Enable PAM authentication mechanisms
PASSWD_DESC= Enable /etc/passwd lookups
PGSQL_DESC= Enable postgresql lookups
+PRDR_DESC= Enable Per-Recipient-Data-Response support
+PROXY_DESC= Enable Experimental Proxy Protocol
READLINE_DESC= Enable readline(3) library
-REDIS_DESC= Enable redis lookups
+REDIS_DESC= Enable redis lookups (experimental)
SASLAUTHD_DESC= Enable use of Cyrus SASL auth daemon
SA_EXIM_DESC= Build with Spamassassin local scan
SO_1024_DESC= Build with Spamooborona-1024 local scan