mail-mta/sendmail: apply cyrus-sasl fix

Closes: https://bugs.gentoo.org/859172
Signed-off-by: Sam James <sam@gentoo.org>

2 files changed, 234 insertions, 0 deletions

diff --git a/mail-mta/sendmail/files/sendmail-8.17.1-cyrus-sasl-auth.patch b/mail-mta/sendmail/files/sendmail-8.17.1-cyrus-sasl-auth.patch
new file mode 100644
index 000000000000..ddbe2b1fb02e
--- /dev/null
+++ b/mail-mta/sendmail/files/sendmail-8.17.1-cyrus-sasl-auth.patch
@@ -0,0 +1,26 @@
+https://bugs.gentoo.org/859172
+https://bz-attachments.freebsd.org/attachment.cgi?id=233353
+https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=263287
+https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=262935
+--- a/sendmail/sendmail.h
++++ b/sendmail/sendmail.h
+@@ -760,7 +760,7 @@ extern bool	filesys_free __P((long));
+ # define SASL_IS_AUTH	2		/* authenticated */
+ 
+ /* SASL options */
+-# define SASL_AUTH_AUTH	0x1000		/* use auth= only if authenticated */
++# define SASL_AUTH_AUTH	0x10000		/* use auth= only if authenticated */
+ # if SASL >= 20101
+ #  define SASL_SEC_MASK	SASL_SEC_MAXIMUM /* mask for SASL_SEC_* values: sasl.h */
+ # else /* SASL >= 20101 */
+@@ -775,6 +775,9 @@ extern bool	filesys_free __P((long));
+ #  endif /* SASL_SEC_NOPLAINTEXT & SASL_SEC_MASK) == 0 ... */
+ # endif /* SASL >= 20101 */
+ # define MAXOUTLEN 8192	/* length of output buffer, should be 2^n */
++# if (SASL_AUTH_AUTH & SASL_SEC_MASK) != 0
++#  ERROR "change SASL_AUTH_AUTH notify sendmail.org!"
++# endif
+ 
+ /* functions */
+ extern char	*intersect __P((char *, char *, SM_RPOOL_T *));
+
diff --git a/mail-mta/sendmail/sendmail-8.17.1-r3.ebuild b/mail-mta/sendmail/sendmail-8.17.1-r3.ebuild
new file mode 100644
index 000000000000..a2ae30989f5d
--- /dev/null
+++ b/mail-mta/sendmail/sendmail-8.17.1-r3.ebuild
@@ -0,0 +1,208 @@
+# Copyright 1999-2022 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+
+# Note: please bump this together with mail-filter/libmilter
+
+inherit systemd toolchain-funcs
+
+DESCRIPTION="Widely-used Mail Transport Agent (MTA)"
+HOMEPAGE="https://www.sendmail.org/"
+SRC_URI="ftp://ftp.sendmail.org/pub/${PN}/${PN}.${PV}.tar.gz"
+
+LICENSE="Sendmail GPL-2" # GPL-2 is here for initscript
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86"
+IUSE="ipv6 ldap mbox nis sasl sockets ssl tcpd"
+
+BDEPEND="
+	sys-devel/m4
+	virtual/pkgconfig"
+DEPEND="
+	acct-group/smmsp
+	>=acct-user/smmsp-0-r2
+	net-mail/mailbase
+	>=sys-libs/db-3.2:=
+	ldap? ( net-nds/openldap:= )
+	nis? ( net-libs/libnsl:= )
+	sasl? ( >=dev-libs/cyrus-sasl-2.1.10 )
+	ssl? ( dev-libs/openssl:0= )
+	tcpd? ( sys-apps/tcp-wrappers )"
+RDEPEND="
+	${DEPEND}
+	>=mail-filter/libmilter-1.0.2_p2
+	!mail-mta/courier
+	!mail-mta/esmtp
+	!mail-mta/exim
+	!mail-mta/mini-qmail
+	!mail-mta/msmtp[mta]
+	!mail-mta/netqmail
+	!mail-mta/nullmailer
+	!mail-mta/opensmtpd
+	!mail-mta/postfix
+	!mail-mta/qmail-ldap
+	!>=mail-mta/ssmtp-2.64-r2[mta]
+	!net-mail/vacation"
+PDEPEND="!mbox? ( mail-filter/procmail )"
+
+src_prepare() {
+	eapply "${FILESDIR}"/${PN}-8.16.1-build-system.patch
+	eapply "${FILESDIR}"/${PN}-8.17.1-cyrus-sasl-auth.patch
+	eapply -p0 "${FILESDIR}"/${PN}-delivered_hdr.patch
+	eapply_user
+
+	local confCCOPTS="${CFLAGS}"
+	# See bug #808954 for FLOCK
+	local confENVDEF="-DMAXDAEMONS=64 -DHAS_GETHOSTBYNAME2=1 -DHASFLOCK=1"
+	local confLDOPTS="${LDFLAGS}"
+	local confLIBS=
+	local confMAPDEF="-DMAP_REGEX"
+	local conf_sendmail_LIBS=
+
+	if use ldap; then
+		confMAPDEF+=" -DLDAPMAP"
+		confLIBS+=" -lldap -llber"
+	fi
+
+	if use sasl; then
+		confCCOPTS+=" $($(tc-getPKG_CONFIG) --cflags libsasl2)"
+		confENVDEF+=" -DSASL=2"
+		conf_sendmail_LIBS+=" $($(tc-getPKG_CONFIG) --libs libsasl2)"
+	fi
+
+	if use ssl; then
+		# Bug #542370 - lets add support for modern crypto (PFS)
+		confCCOPTS+=" $($(tc-getPKG_CONFIG) --cflags openssl)"
+		confENVDEF+=" -DSTARTTLS -D_FFR_DEAL_WITH_ERROR_SSL"
+		confENVDEF+=" -D_FFR_TLS_1 -D_FFR_TLS_EC"
+		conf_sendmail_LIBS+=" $($(tc-getPKG_CONFIG) --libs openssl)"
+	fi
+
+	if use tcpd; then
+		confENVDEF+=" -DTCPWRAPPERS"
+		confLIBS+=" -lwrap"
+	fi
+
+	use ipv6 && confENVDEF+=" -DNETINET6"
+	use nis && confENVDEF+=" -DNIS"
+	use sockets && confENVDEF+=" -DSOCKETMAP"
+
+	sed -e "s|@@confCC@@|$(tc-getCC)|" \
+		-e "s|@@confCCOPTS@@|${confCCOPTS}|" \
+		-e "s|@@confENVDEF@@|${confENVDEF}|" \
+		-e "s|@@confLDOPTS@@|${confLDOPTS}|" \
+		-e "s|@@confLIBS@@|${confLIBS}|" \
+		-e "s|@@confMAPDEF@@|${confMAPDEF}|" \
+		-e "s|@@conf_sendmail_LIBS@@|${conf_sendmail_LIBS}|" \
+		"${FILESDIR}"/site.config.m4 > devtools/Site/site.config.m4 \
+		|| die "failed to generate site.config.m4"
+
+	echo "APPENDDEF(\`confLIBDIRS', \`-L${EPREFIX}/usr/$(get_libdir)')" \
+		>> devtools/Site/site.config.m4 || die "failed adding to site.config.m4"
+}
+
+src_compile() {
+	sh Build AR="$(tc-getAR)" RANLIB="$(tc-getRANLIB)" || die "compilation failed in main build script"
+}
+
+src_install() {
+	dodir /usr/{bin,$(get_libdir)}
+	dodir /usr/share/man/man{1,5,8} /usr/sbin /usr/share/sendmail-cf
+	dodir /var/spool/{mqueue,clientmqueue} /etc/conf.d
+
+	keepdir /var/spool/{clientmqueue,mqueue}
+
+	local emakeargs=(
+		DESTDIR="${D}" LIBDIR="/usr/$(get_libdir)"
+		MANROOT=/usr/share/man/man
+		SBINOWN=root SBINGRP=root UBINOWN=root UBINGRP=root
+		MANOWN=root MANGRP=root INCOWN=root INCGRP=root
+		LIBOWN=root LIBGRP=root GBINOWN=root GBINGRP=root
+		MSPQOWN=root CFOWN=root CFGRP=root
+	)
+
+	local dir
+	for dir in libsmutil sendmail mailstats praliases smrsh makemap vacation editmap; do
+		emake -j1 -C obj.*/${dir} "${emakeargs[@]}" install
+	done
+	for dir in rmail mail.local; do
+		emake -j1 -C obj.*/${dir} "${emakeargs[@]}" force-install
+	done
+
+	fowners root:smmsp /usr/sbin/sendmail
+	fperms 2555 /usr/sbin/sendmail
+	fowners smmsp:smmsp /var/spool/clientmqueue
+	fperms 770 /var/spool/clientmqueue
+	fperms 700 /var/spool/mqueue
+	dosym ../sbin/makemap /usr/bin/makemap
+	dodoc FAQ KNOWNBUGS README RELEASE_NOTES doc/op/op.ps
+
+	dodoc sendmail/{SECURITY,TUNING}
+	newdoc sendmail/README README.sendmail
+	newdoc smrsh/README README.smrsh
+
+	newdoc cf/README README.cf
+	newdoc cf/cf/README README.install-cf
+
+	dodoc -r contrib
+
+	cp -pPR cf/. "${ED}"/usr/share/sendmail-cf || die
+
+	insinto /etc/mail
+	if use mbox; then
+		newins "${FILESDIR}"/sendmail.mc-r1 sendmail.mc
+	else
+		newins "${FILESDIR}"/sendmail-procmail.mc sendmail.mc
+	fi
+
+	# See discussion on bug #730890
+	m4 "${ED}"/usr/share/sendmail-cf/m4/cf.m4 \
+		<(grep -v "${EPREFIX}"/usr/share/sendmail-cf/m4/cf.m4 "${ED}"/etc/mail/sendmail.mc) \
+		> "${ED}"/etc/mail/sendmail.cf || die "cf.m4 failed"
+
+	echo "include(\`/usr/share/sendmail-cf/m4/cf.m4')dnl" \
+		> "${ED}"/etc/mail/submit.mc || die "submit.mc echo failed"
+
+	cat "${ED}"/usr/share/sendmail-cf/cf/submit.mc \
+		>> "${ED}"/etc/mail/submit.mc || die "submit.mc cat failed"
+
+	echo "# local-host-names - include all aliases for your machine here" \
+		> "${ED}"/etc/mail/local-host-names || die "local-host-names echo failed"
+
+	cat <<- EOF > "${ED}"/etc/mail/trusted-users || die "trusted-users cat failed"
+		# trusted-users - users that can send mail as others without a warning
+		# apache, mailman, majordomo, uucp are good candidates
+	EOF
+
+	cat <<- EOF > "${ED}"/etc/mail/access || die "access cat failed"
+		# Check the /usr/share/doc/sendmail/README.cf file for a description
+		# of the format of this file. (search for access_db in that file)
+		# The /usr/share/doc/sendmail/README.cf is part of the sendmail-doc
+		# package.
+		#
+
+	EOF
+
+	cat <<- EOF > "${ED}"/etc/conf.d/sendmail || die "sendmail cat failed"
+		# Config file for /etc/init.d/sendmail
+		# add start-up options here
+		SENDMAIL_OPTS="-bd -q30m -L sm-mta" # default daemon mode
+		CLIENTMQUEUE_OPTS="-Ac -q30m -L sm-cm" # clientmqueue
+		KILL_OPTS="" # add -9/-15/your favorite evil SIG level here
+
+	EOF
+
+	if use sasl; then
+		dodir /etc/sasl2
+		cat <<- EOF > "${ED}"/etc/sasl2/Sendmail.conf || die "Sendmail.conf cat ailed"
+			pwcheck_method: saslauthd
+			mech_list: PLAIN LOGIN
+
+		EOF
+	fi
+
+	doinitd "${FILESDIR}"/sendmail
+	systemd_dounit "${FILESDIR}"/sendmail.service
+	systemd_dounit "${FILESDIR}"/sm-client.service
+}