On 2023/12/22 22:20, Stuart Henderson wrote: > On 2023/12/19 16:52, Stuart Henderson wrote: > > Here are updates to postfix stable and stable35 versions, the latter > > from tb@. I've tested both. > > New ones with smtpd_forbid_bare_newline :
oops, updated on a machine that didn't have the 3.5 openssl patch, here are the right ones: Index: stable/Makefile =================================================================== RCS file: /cvs/ports/mail/postfix/stable/Makefile,v retrieving revision 1.251 diff -u -p -r1.251 Makefile --- stable/Makefile 26 Oct 2023 20:17:58 -0000 1.251 +++ stable/Makefile 22 Dec 2023 22:22:09 -0000 @@ -1,5 +1,4 @@ -VERSION= 3.7.3 -REVISION= 13 +VERSION= 3.7.9 PORTROACH= site:http://ftp.porcupine.org/mirrors/postfix-release/official/ SITES= ${SITE_POSTFIX:=official/} Index: stable/distinfo =================================================================== RCS file: /cvs/ports/mail/postfix/stable/distinfo,v retrieving revision 1.153 diff -u -p -r1.153 distinfo --- stable/distinfo 24 Oct 2022 15:00:18 -0000 1.153 +++ stable/distinfo 22 Dec 2023 22:22:09 -0000 @@ -1,2 +1,2 @@ -SHA256 (postfix/postfix-3.7.3.tar.gz) = 0i89N+91YT1dVztW/FHvCX8sDQsOQHkjcR9xwftykRs= -SIZE (postfix/postfix-3.7.3.tar.gz) = 4825380 +SHA256 (postfix/postfix-3.7.9.tar.gz) = 112wOLPdICqQWdXBSdNv6KBdVO3E8uK+k+eS7vFpiPM= +SIZE (postfix/postfix-3.7.9.tar.gz) = 4835829 Index: stable35/Makefile =================================================================== RCS file: /cvs/ports/mail/postfix/stable35/Makefile,v retrieving revision 1.5 diff -u -p -r1.5 Makefile --- stable35/Makefile 26 Sep 2023 12:28:15 -0000 1.5 +++ stable35/Makefile 22 Dec 2023 22:22:09 -0000 @@ -1,5 +1,4 @@ -VERSION= 3.5.17 -REVISION= 2 +VERSION= 3.5.23 SITES= ${SITE_POSTFIX:=official/} Index: stable35/distinfo =================================================================== RCS file: /cvs/ports/mail/postfix/stable35/distinfo,v retrieving revision 1.1 diff -u -p -r1.1 distinfo --- stable35/distinfo 1 Nov 2022 20:39:16 -0000 1.1 +++ stable35/distinfo 22 Dec 2023 22:22:09 -0000 @@ -1,2 +1,2 @@ -SHA256 (postfix/postfix-3.5.17.tar.gz) = nLdyCkWBBZeWiMYouRtKFsk1DIWvbJfhAVjzh/0iNW8= -SIZE (postfix/postfix-3.5.17.tar.gz) = 4625699 +SHA256 (postfix/postfix-3.5.23.tar.gz) = NfwEid3Jl8yDqDWQfn3rnnJcoPW7ziydAHY0+Ic7WzE= +SIZE (postfix/postfix-3.5.23.tar.gz) = 4649997 Index: stable35/patches/patch-src_tls_tls_misc_c =================================================================== RCS file: stable35/patches/patch-src_tls_tls_misc_c diff -N stable35/patches/patch-src_tls_tls_misc_c --- /dev/null 1 Jan 1970 00:00:00 -0000 +++ stable35/patches/patch-src_tls_tls_misc_c 22 Dec 2023 22:22:09 -0000 @@ -0,0 +1,29 @@ +Index: src/tls/tls_misc.c +--- src/tls/tls_misc.c.orig ++++ src/tls/tls_misc.c +@@ -657,7 +657,7 @@ void tls_param_init(void) + + int tls_library_init(void) + { +- OPENSSL_INIT_SETTINGS *init_settings; ++ // OPENSSL_INIT_SETTINGS *init_settings; + char *conf_name = *var_tls_cnf_name ? var_tls_cnf_name : 0; + char *conf_file = 0; + unsigned long init_opts = 0; +@@ -681,6 +681,7 @@ int tls_library_init(void) + msg_info("tls_library_init: using backwards-compatible defaults"); + return (init_res = TLS_LIB_INIT_OK); + } ++#if 0 + if ((init_settings = OPENSSL_INIT_new()) == 0) { + msg_warn("error allocating OpenSSL init settings, " + "disabling TLS support"); +@@ -763,6 +764,8 @@ int tls_library_init(void) + TLS_LIB_INIT_RETURN(TLS_LIB_INIT_ERR); + } + TLS_LIB_INIT_RETURN(TLS_LIB_INIT_OK); ++#endif ++ return init_res = TLS_LIB_INIT_OK; + } + + /* tls_pre_jail_init - Load TLS related pre-jail tables */ Index: stable35/patches/patch-src_tls_tls_server_c =================================================================== RCS file: /cvs/ports/mail/postfix/stable35/patches/patch-src_tls_tls_server_c,v retrieving revision 1.1 diff -u -p -r1.1 patch-src_tls_tls_server_c --- stable35/patches/patch-src_tls_tls_server_c 1 Nov 2022 20:39:16 -0000 1.1 +++ stable35/patches/patch-src_tls_tls_server_c 22 Dec 2023 22:22:09 -0000 @@ -1,7 +1,7 @@ Index: src/tls/tls_server.c --- src/tls/tls_server.c.orig +++ src/tls/tls_server.c -@@ -518,7 +518,9 @@ TLS_APPL_STATE *tls_server_init(const TLS_SERVER_INIT_ +@@ -541,7 +541,9 @@ TLS_APPL_STATE *tls_server_init(const TLS_SERVER_INIT_ * ticket decryption callback already (since 2.11) asks OpenSSL to * avoid issuing new tickets when the presented ticket is re-usable. */
