On Sun, Aug 18, 2024 at 02:07:43PM +0200, Peter N. M. Hansteen wrote:
> After upgrading my mail server to the latest snapshot, exim consistently
> crashes on incoming TLS, making it unable to receive among other
> openbsd.org mail.
pdkim.c:671:12: warning: call to undeclared function 'strchrnul'; ISO C99 and
later do not support implicit function declarations
[-Wimplicit-function-declaration]
end = US strchrnul(CS ele, ';');
^
pdkim.c:671:9: warning: cast to 'unsigned char *' from smaller integer type
'int' [-Wint-to-pointer-cast]
Please try this diff.
The problem is that strchrnul has no prototype, hence it is assumed
that it returns an int, hence the 64-bit pointer it returns is truncated
to 32 bits and hence invalid.
The fix for upstream probably is to add this to src/osfunctions.h
#ifndef strchrnul
extern char *strchrnul(const char * s, int c);
#endif
but I couldn't bring myself to do that.
Index: Makefile
===================================================================
RCS file: /cvs/ports/mail/exim/Makefile,v
diff -u -p -r1.149 Makefile
--- Makefile 30 Jul 2024 21:10:05 -0000 1.149
+++ Makefile 20 Aug 2024 16:41:49 -0000
@@ -7,6 +7,8 @@ PKGNAME-main = exim-${VERSION}
FULLPKGNAME-eximon = exim-eximon-${VERSION}
FULLPKGPATH-eximon = ${PKGPATH},-eximon
+REVISION = 0
+
CATEGORIES = mail
HOMEPAGE = https://www.exim.org/
Index: patches/patch-Local_Makefile
===================================================================
RCS file: /cvs/ports/mail/exim/patches/patch-Local_Makefile,v
diff -u -p -r1.10 patch-Local_Makefile
--- patches/patch-Local_Makefile 15 Nov 2023 10:15:29 -0000 1.10
+++ patches/patch-Local_Makefile 20 Aug 2024 16:41:22 -0000
@@ -1,7 +1,7 @@
Index: Local/Makefile
--- Local/Makefile.orig
+++ Local/Makefile
-@@ -101,7 +101,7 @@
+@@ -103,7 +103,7 @@
# /usr/local/sbin. The installation script will try to create this directory,
# and any superior directories, if they do not exist.
@@ -10,7 +10,7 @@ Index: Local/Makefile
#------------------------------------------------------------------------------
-@@ -117,7 +117,7 @@ BIN_DIRECTORY=/usr/exim/bin
+@@ -119,7 +119,7 @@ BIN_DIRECTORY=/usr/exim/bin
# don't exist. It will also install a default runtime configuration if this
# file does not exist.
@@ -19,7 +19,7 @@ Index: Local/Makefile
# It is possible to specify a colon-separated list of files for
CONFIGURE_FILE.
# In this case, Exim will use the first of them that exists when it is run.
-@@ -134,7 +134,7 @@ CONFIGURE_FILE=/usr/exim/configure
+@@ -136,7 +136,7 @@ CONFIGURE_FILE=/usr/exim/configure
# deliveries. (Local deliveries run as various non-root users, typically as
the
# owner of a local mailbox.) Specifying these values as root is not supported.
@@ -28,7 +28,7 @@ Index: Local/Makefile
# If you specify EXIM_USER as a name, this is looked up at build time, and the
# uid number is built into the binary. However, you can specify that this
-@@ -212,11 +212,11 @@ SPOOL_DIRECTORY=/var/spool/exim
+@@ -214,11 +214,11 @@ SPOOL_DIRECTORY=/var/spool/exim
# If you are building with TLS, the library configuration must be done:
# Uncomment this if you are using OpenSSL
@@ -42,7 +42,7 @@ Index: Local/Makefile
# TLS_LIBS=-L/usr/local/openssl/lib -lssl -lcrypto
# Uncomment this if you are using GnuTLS
-@@ -342,7 +342,7 @@ TRANSPORT_SMTP=yes
+@@ -344,7 +344,7 @@ TRANSPORT_SMTP=yes
# This one is special-purpose, and commonly not required, so it is not
# included by default.
@@ -51,7 +51,7 @@ Index: Local/Makefile
#------------------------------------------------------------------------------
-@@ -351,9 +351,9 @@ TRANSPORT_SMTP=yes
+@@ -353,9 +353,9 @@ TRANSPORT_SMTP=yes
# MBX, is included only when requested. If you do not know what this is about,
# leave these settings commented out.
@@ -64,7 +64,7 @@ Index: Local/Makefile
#------------------------------------------------------------------------------
-@@ -411,8 +411,8 @@ LOOKUP_DBM=yes
+@@ -413,8 +413,8 @@ LOOKUP_DBM=yes
LOOKUP_LSEARCH=yes
LOOKUP_DNSDB=yes
@@ -75,7 +75,7 @@ Index: Local/Makefile
# LOOKUP_IBASE=yes
# LOOKUP_JSON=yes
# LOOKUP_LDAP=yes
-@@ -420,10 +420,10 @@ LOOKUP_DNSDB=yes
+@@ -422,10 +422,10 @@ LOOKUP_DNSDB=yes
# LOOKUP_MYSQL=yes
# LOOKUP_MYSQL_PC=mariadb
@@ -88,7 +88,7 @@ Index: Local/Makefile
# LOOKUP_PGSQL=yes
# LOOKUP_REDIS=yes
# LOOKUP_SQLITE=yes
-@@ -523,7 +523,7 @@ SUPPORT_DANE=yes
+@@ -525,7 +525,7 @@ SUPPORT_DANE=yes
# and the MIME ACL. Please read the documentation to learn more about these
# features.
@@ -97,7 +97,7 @@ Index: Local/Makefile
# If you have content scanning you may wish to only include some of the
scanner
# interfaces. Uncomment any of these lines to remove that code.
-@@ -564,7 +564,7 @@ DISABLE_MAL_MKS=yes
+@@ -566,7 +566,7 @@ DISABLE_MAL_MKS=yes
# from Exim. Note it can only be supported when built with
# GnuTLS 3.1.3 or later, or OpenSSL
@@ -106,7 +106,7 @@ Index: Local/Makefile
#------------------------------------------------------------------------------
# By default, Exim has support for checking the AD bit in a DNS response, to
-@@ -785,18 +785,18 @@ FIXED_NEVER_USERS=root
+@@ -794,18 +794,18 @@ FIXED_NEVER_USERS=root
# included in the Exim binary. You will then need to set up the run time
# configuration to make use of the mechanism(s) selected.
@@ -129,7 +129,7 @@ Index: Local/Makefile
# Heimdal through 1.5 required pkg-config 'heimdal-gssapi'; Heimdal 7.1
# requires multiple pkg-config files to work with Exim, so the second example
-@@ -843,7 +843,7 @@ HEADERS_CHARSET="ISO-8859-1"
+@@ -852,7 +852,7 @@ HEADERS_CHARSET="ISO-8859-1"
# the Sieve filter support. For those OS where iconv() is known to be
installed
# as standard, the file in OS/Makefile-xxxx contains
#
@@ -138,7 +138,7 @@ Index: Local/Makefile
#
# If you are not using one of those systems, but have installed iconv(), you
# need to uncomment that line above. In some cases, you may find that iconv()
-@@ -932,7 +932,7 @@ HEADERS_CHARSET="ISO-8859-1"
+@@ -941,7 +941,7 @@ HEADERS_CHARSET="ISO-8859-1"
# %s. This will be replaced by one of the strings "main", "panic", or "reject"
# to form the final file names. Some installations may want something like
this:
@@ -147,7 +147,7 @@ Index: Local/Makefile
# which results in files with names /var/log/exim_mainlog, etc. The directory
# in which the log files are placed must exist; Exim does not try to create
-@@ -1004,7 +1004,7 @@ ZCAT_COMMAND=/usr/bin/zcat
+@@ -1013,7 +1013,7 @@ ZCAT_COMMAND=/usr/bin/zcat
# (version 5.004 or later) installed, set EXIM_PERL to perl.o. Using embedded
# Perl costs quite a lot of resources. Only do this if you really need it.
@@ -156,7 +156,7 @@ Index: Local/Makefile
#------------------------------------------------------------------------------
-@@ -1132,7 +1132,7 @@ ZCAT_COMMAND=/usr/bin/zcat
+@@ -1141,7 +1141,7 @@ ZCAT_COMMAND=/usr/bin/zcat
# group. Once you have installed saslauthd, you should arrange for it to be
# started by root at boot time.
@@ -165,7 +165,7 @@ Index: Local/Makefile
#------------------------------------------------------------------------------
-@@ -1180,7 +1180,7 @@ ZCAT_COMMAND=/usr/bin/zcat
+@@ -1189,7 +1189,7 @@ ZCAT_COMMAND=/usr/bin/zcat
# aliases). The following setting can be changed to specify a different
# location for the system alias file.
@@ -174,7 +174,7 @@ Index: Local/Makefile
#------------------------------------------------------------------------------
-@@ -1445,7 +1445,7 @@ EXIM_TMPDIR="/tmp"
+@@ -1454,7 +1454,7 @@ EXIM_TMPDIR="/tmp"
# (process id) to a file so that it can easily be identified. The path of the
# file can be specified here. Some installations may want something like this:
Index: patches/patch-src_pdkim_pdkim_c
===================================================================
RCS file: patches/patch-src_pdkim_pdkim_c
diff -N patches/patch-src_pdkim_pdkim_c
--- /dev/null 1 Jan 1970 00:00:00 -0000
+++ patches/patch-src_pdkim_pdkim_c 20 Aug 2024 16:40:44 -0000
@@ -0,0 +1,13 @@
+Index: src/pdkim/pdkim.c
+--- src/pdkim/pdkim.c.orig
++++ src/pdkim/pdkim.c
+@@ -657,6 +657,9 @@ return sig;
+
+
+ /* --------------------------------------------------------------------------
*/
++#ifndef EXIM_HAVE_STRCHRNUL
++char *strchrnul(const char * s, int c);
++#endif
+
+ pdkim_pubkey *
+ pdkim_parse_pubkey_record(const uschar * raw_record)
Index: patches/patch-src_tls-openssl_c
===================================================================
RCS file: /cvs/ports/mail/exim/patches/patch-src_tls-openssl_c,v
diff -u -p -r1.4 patch-src_tls-openssl_c
--- patches/patch-src_tls-openssl_c 15 Jan 2024 08:11:26 -0000 1.4
+++ patches/patch-src_tls-openssl_c 20 Aug 2024 16:39:30 -0000
@@ -7,5 +7,5 @@ Index: src/tls-openssl.c
# define EXIM_HAVE_OPENSSL_CIPHER_GET_ID
+# define OPENSSL_AUTO_SHA256
#endif
-
- #if !defined(LIBRESSL_VERSION_NUMBER) && (OPENSSL_VERSION_NUMBER >=
0x030000000L)
+ #if LIBRESSL_VERSION_NUMBER >= 0x3050000fL
+ # define EXIM_HAVE_OPENSSL_OCSP_RESP_GET0_CERTS
