- Add experimental LMDB lookup option
- Add experimental queuefile option
- Remove rspamd pacth which is now included in Exim
Changes: ftp://ftp.exim.org/pub/exim/exim4/NewStuff
While there replace USE_SQLITE=x by USES=sqlite:x.
PR: 208971
Submitted by: mat
Exp-run by: antoine
With hat: portmgr
Sponsored by: Absolight
Differential Revision: https://reviews.freebsd.org/D5951
- Rename the LIBDANE option DANE because that's the name of the protocol
supported by libgnutls-dane and gnutls-cli. Also clarify the option
description.
- Add an IDN option.
- libgnutls-openssl has been removed in 3.4. Some ports used this library
in their LIB_DEPENDS but no port actually required it.
- Some old API functions have been removed. Ports that used these have been
updated or patched to use the new API.
- Add a patch to print/cups to prevent overlinking of libgnutls.so.
- Bump PORTREVISION on dependent ports.
net-im/jabber: This port used the old API to give users fine grained
control over which crypto algorithms were used via a configuration file.
It's not immediately obvious how to port this to the new API so the port
always uses the defaults now.
www/hydra: Mark BROKEN. This uses more removed calls than the other ports,
is said to be alpha quality and not fully functional and has been abandoned
10 years ago.
PR: 207768
Exp-run by: antoine
Approved by: portmgr (antoine)
- Replace ${MASTER_SITE_FOO} with FOO.
- Merge MASTER_SITE_SUBDIR into MASTER_SITES when possible. (This means 99.9%
of the time.)
- Remove occurrences of MASTER_SITE_LOCAL when no subdirectory was present and
no hint of what it should be was present.
- Fix some logic.
- And generally, make things more simple and easy to understand.
While there, add magic values to the FESTIVAL, GENTOO, GIMP, GNUPG, QT and
SAMBA macros.
Also, replace some EXTRACT_SUFX occurences with USES=tar:*.
Checked by: make fetch-urlall-list
With hat: portmgr
Sponsored by: Absolight
Note: The following ports did not pass check-plist (CP) or stage-qa (QA)
tests. The sendmail port has many problems, but this was already known
by myself as I fixed it properly on DPorts last week. It's a forward
action to submit a PR against mail/sendmail.
* antivirus-milter (CP)
* dk-milter (CP)
* milter-regex (CP)
* sendmail (CP, QA)
approved by: PTHREAD blanket
- Convert to USES=libtool and bump dependent ports
- Add INSTALL_TARGET=install-strip
(Also some white space fixes in dependent ports)
Approved by: portmgr (implicit, bump unstaged port)
This is a bugfix only release of exim. The most important fix was introduced in the
ports by local patch which is not needed now.
PR: 192625
Submitted by: pi
- Remove SA_1024 as it has been adandoned long ago [1]
- Fix message in post-install stage [1]
- Bump revision
Submitted by: Victor Ustugov via jabber [1]
- Bump PORTREVISION on all ports that depend on security/gnutls and
adjust all ports that depend on security/gnutls3
- Update mail/anubis to version 4.2 which supports gnutls 3.x
- Update mail/libvmime to a development snapshot (recommended by upstream
developers)
PR: 191274
Exp-run by: antoine
Approved by: portmgr (antoine)
Changes in the port:
- Added new options:
* DNSSEC: validate peers using TLSA records
* PRDR: Per-Recipient-Data-Response support
* CERTNAMES: Check certiticates ownership
* DSN: Delivery Status Notifications
* PROXY: Experimental Proxy Protocol
- Enable OCSP stapling by default
- Disable NIS by default
- SRS support is now radio group
- DNSSEC and PRDR are now enabled by default
Changes in exim itself:
This release contains the following enhancements and bugfixes:
+ PRDR was promoted from Experimental to mainline
+ OCSP Stapling was promoted from Experimental to mainline
+ new Experimental feature Proxy Protocol
+ new Experimental feature DSN (Delivery Status Notifications)
+ TLS session improvements
+ TLS SNI fixes
+ LDAP enhancements
+ DMARC fixes (previous CVE-2014-2957) and new $dmarc_domain_policy
+ several new operations (listextract, utf8clean, md5, sha1)
+ enforce header formatting with verify=header_names_ascii
+ new commandline option -oMm
+ new TLSA dns lookup
+ new malware "sock" type
+ cutthrough routing enhancements
+ logging enhancements
+ DNSSEC enhancements
+ exiqgrep enhancements
+ deprecating non-standard SPF results
+ build and portability fixes
+ documentation fixes and enhancements
Uncompatible changes:
This release of Exim includes one incompatible fix: the behavior of
expansion of arguments to math comparison functions (<, <=, =, =>, >)
was unexpected, expanding the values twice. This fix also addresses a
security advisory, CVE-2014-2972. This is not a remote exploit, but if
content that is searched by the above math comparison functions is under
the control of an attacker, specially crafted data can be inserted that
will cause the Exim mail server to perform various file-system functions
as the exim user.
This is specifically important for DSO modules enabled in exim by default.
Without these flags modules were unable to use exim's API that has made this
feature completely unusable. [1]
- Fix minor issue with strip command by passing STRIP_CMD in the MAKE_ENV
- Bump portrevision
Submitted by: Victor Ustugov <victor at corvax.kiev.ua>
* now xclient is parsed by splitting, so xclient handling was rewritten;
* support xtext decoding;
* support of [UNAVAILABLE] and [TEMPUNAVAIL] that was broken;
* announce xclient in ehlo reply for hosts permitted for xclient;
* use verify_check_host as it seems to be the proper choice now.
- Remove blank lines from pkg-plist [1]
- Bump revision
Submitted by: bapt [1]
