summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorFabian Groffen <grobian@gentoo.org>2023-10-15 22:10:51 +0200
committerFabian Groffen <grobian@gentoo.org>2023-10-15 22:10:51 +0200
commitc48d21f54a2936e6e443e8c12b048b5f167f55c3 (patch)
treecb905a1a0f107633fc29cc1337c62fd67822db98 /mail-mta
parentnet-irc/quassel: Fix cmake arg typo (diff)
downloadgentoo-c48d21f54a2936e6e443e8c12b048b5f167f55c3.tar.gz
gentoo-c48d21f54a2936e6e443e8c12b048b5f167f55c3.tar.bz2
gentoo-c48d21f54a2936e6e443e8c12b048b5f167f55c3.zip
mail-mta/exim-4.96.2: version bump for security fixes
Bug: https://bugs.gentoo.org/914923 Signed-off-by: Fabian Groffen <grobian@gentoo.org>
Diffstat (limited to 'mail-mta')
-rw-r--r--mail-mta/exim/Manifest2
-rw-r--r--mail-mta/exim/exim-4.96.2.ebuild655
2 files changed, 657 insertions, 0 deletions
diff --git a/mail-mta/exim/Manifest b/mail-mta/exim/Manifest
index 08e3a5320cb6..c253fa5f9734 100644
--- a/mail-mta/exim/Manifest
+++ b/mail-mta/exim/Manifest
@@ -1,8 +1,10 @@
DIST exim-4.94.2.tar.xz 1838076 BLAKE2B 684e115a7af3efdab15451f8e11f9b53455c9166d8c078216d7a95223d77569cec8a882ed99b9180acbd8a9e747a0bca03d56993d011de15dc35143a989ab046 SHA512 5334c236221ed4e03dbc33e6a79d939b06037fa2f4b71971607a360b67af5c85a89681ee13a5eeaf0184382c55a160cf2e89ed7afb2949f025a54f1e88f9e3fc
DIST exim-4.96-gentoo-patches-r0.tar.xz 13308 BLAKE2B e01cd8b90593329d858cced27bea9da4860e80500c0b0b3f86418931a77616ac1e4a532cfffc551de5844bfcbcd115c1591b28577c234beb551458dc0877e764 SHA512 0a8d7b5903c8cd7c2cc07e4ea3ed62200ee0116fe0b5513ec97ba7f3ab1dd5cd0dc181eb93c3c1c7f767be7df3546ac07b622a8f4352eb883323c3a005a1c7db
DIST exim-4.96.1.tar.xz 1879404 BLAKE2B fc6425be41ef7722f7d7b6b541c01774a4bafe55ca38152dc3fbb837e00ea52fabc39a42fcbf0500f4e0eda40deec3cbb0d746da9700a4a615f9ee4869e325c5 SHA512 ef1a0e57c59cdf4e915b3ac5dcdbc69f565b14dd92b0527f6796b2c46a9ec34f991f9790fb4171c99417f7e482cdd62d77e780cc71fab227c8bed876103f7fdd
+DIST exim-4.96.2.tar.xz 1879896 BLAKE2B f172340e5f896dc1996e4e3cf46515c2336c47d3390524ca91cb9ef7258a62b83426592de582aa792584cbeaace519b4edea5e62b3ebeb8e5f599379255e04a5 SHA512 dc9f6a114e64ac826489edff88d50a24195b64714428e691c10a7bfb119b3ebb6455bf80cbb34dfd0a4e2e44cbde72effb009357a8e0a6065e512fe32092e3ed
DIST exim-4.96.tar.xz 1879152 BLAKE2B 4b424f2ebc661bd0db35d7f6da86300c6d5cb5b9a52cddd24fdd452daa76c84e471d4f8f278cf951d1503b01fd46fc3e6858d6feded09f34253d2cf2ae99b45a SHA512 6b863661465a0b9897c1b71875c5196a1903cf560dd85de45b08242b9731edb2bc10eb56945d62e477e5d15cc7a8d493915bff2ca81689673a8091c66f62c89e
DIST exim-pdf-4.94.2.tar.xz 2092248 BLAKE2B 973ab4f117fdb58afa017bc41b4496fac1277e707a9926d67317c455b0bd617021c17cba6c8d793d8962aacef12c0790d5add7174017512b7b1ea070f8e8533d SHA512 3a661f69d81a992798d4b7e5b7def7cfffa297a7b3c02a6631be426cefff5a6e8783fa322a1bd105d01f7b06968d01e77963e6ab7be3157f63eb62eb6ff172b0
DIST exim-pdf-4.96.1.tar.xz 2132252 BLAKE2B 7e6d756630211b6465f9162c7a6b461774b3999ad8c3c1ace157a39b7e07f86644d206c5687991b6098aec47445319def44ddb2895b2a16146f6abd1c11d47a6 SHA512 d39ee2f9a05326809a6e8454a108d717838dacfa42c2cade72f5937b1b44d70e70152fa75f4b4e9548cd4198d54f8a8c1323e14d7d1f9a0a23c99a53db1001b0
+DIST exim-pdf-4.96.2.tar.xz 2132268 BLAKE2B 9104d42d742e7152d166b6158a6f060d0a29143b11e5064ecda177ead59ac66a9bb6ab3575e5bcaf7af5b49964d29b841285e67184592a8b64bab6099f4c8ac9 SHA512 c35eea4ab5510bba50d22813b28c9d2f5e4e2fed76993693b997f2090024dde674d58dffe044cb64642bf57b83fcae3bfc3dbcae43288fae11692ee49374df74
DIST exim-pdf-4.96.tar.xz 2137468 BLAKE2B 7f61767f91864c43a3b7b6ca36ec7f41da6ad7029687a38cfa9307c444c2ffbd3eb61d45645ffd20ec16ba64a37e1ff08c02e7e4e36499c7783679af9a399081 SHA512 05e94579631656330d95d237c58bc9fd52229a067c5846e7c3409b4c83040c9216819bcb0090673d9991fd59e2c2025340592b31b241b557c6775782106854d1
DIST system_filter.exim.gz 3075 BLAKE2B d05e872b5cef377d29126cda03fc0a74c8777b2119b76ff43da6e8de808035eb9bfcb034a85d81824f135d484e864bfc0629fc1af2c228a7277d5ee7cf9cde79 SHA512 cb358d3ce2499a0bb5920d962a06f2af8486e55ec90c8c928bd8e3aefb279aa57f5f960d5adfcef68bd94110b405eaa144e9629cfe6014a529c79c544600bbf3
diff --git a/mail-mta/exim/exim-4.96.2.ebuild b/mail-mta/exim/exim-4.96.2.ebuild
new file mode 100644
index 000000000000..2fb3f6b6970a
--- /dev/null
+++ b/mail-mta/exim/exim-4.96.2.ebuild
@@ -0,0 +1,655 @@
+# Copyright 1999-2023 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI="7"
+
+inherit db-use toolchain-funcs pam systemd
+
+IUSE="arc berkdb +dane dcc +dkim dlfunc dmarc +dnsdb doc dovecot-sasl
+dsn gdbm gnutls idn ipv6 ldap lmtp maildir mbx
+mysql nis pam perl pkcs11 postgres +prdr proxy radius redis sasl selinux
+socks5 spf sqlite srs +ssl syslog tdb tcpd +tpda X"
+REQUIRED_USE="
+ arc? ( dkim spf )
+ dane? ( ssl !gnutls )
+ dmarc? ( dkim spf )
+ dkim? ( ssl !gnutls )
+ gnutls? ( ssl )
+ pkcs11? ( ssl )
+ || ( berkdb gdbm tdb )
+"
+# NOTE on USE="gnutls dane", gnutls[dane] is masked in base, unmasked
+# for x86 and amd64 only, due to this, repoman won't allow depending on
+# gnutls[dane] for all else. Because we cannot express USE=dane when
+# USE=gnutls is in effect only in package.use.mask, the only option we
+# have left is to a) ignore the dependency (but that results in bug
+# #661164) or b) mask the usage of USE=dane with USE=gnutls. Both are
+# incorrect, but b) is the only "correct" view from repoman.
+# We cannot express a required use for berkdb/gdbm/tdb correctly because
+# berkdb and gdbm are both enabled in base profile
+
+SDIR=$([[ ${PV} == *_rc* ]] && echo /test
+ [[ ${PV} == *.*.*.* ]] && echo /fixes)
+COMM_URI="https://downloads.exim.org/exim4${SDIR}"
+
+GPV="r0"
+DESCRIPTION="A highly configurable, drop-in replacement for sendmail"
+SRC_URI="${COMM_URI}/${P//_rc/-RC}.tar.xz
+ https://dev.gentoo.org/~grobian/distfiles/${PN}-4.96-gentoo-patches-${GPV}.tar.xz
+ mirror://gentoo/system_filter.exim.gz
+ doc? ( ${COMM_URI}/${PN}-pdf-${PV//_rc/-RC}.tar.xz )"
+HOMEPAGE="https://www.exim.org/"
+
+SLOT="0"
+LICENSE="GPL-2"
+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~ppc ~ppc64 ~sparc ~x86"
+
+COMMON_DEPEND=">=sys-apps/sed-4.0.5
+ dev-libs/libpcre2:=
+ tdb? ( sys-libs/tdb:= )
+ !tdb? ( berkdb? ( >=sys-libs/db-3.2:= <sys-libs/db-6:= ) )
+ !tdb? ( !berkdb? ( sys-libs/gdbm:= ) )
+ idn? ( net-dns/libidn:= net-dns/libidn2:= )
+ perl? ( dev-lang/perl:= )
+ pam? ( sys-libs/pam )
+ tcpd? ( sys-apps/tcp-wrappers )
+ ssl? (
+ gnutls? (
+ net-libs/gnutls:0=[pkcs11?]
+ dev-libs/libtasn1
+ )
+ !gnutls? (
+ dev-libs/openssl:0=
+ )
+ )
+ ldap? ( >=net-nds/openldap-2.0.7:= )
+ elibc_glibc? (
+ net-libs/libnsl:=
+ nis? (
+ net-libs/libtirpc:=
+ >=net-libs/libnsl-1:=
+ )
+ )
+ mysql? ( dev-db/mysql-connector-c:= )
+ postgres? ( dev-db/postgresql:= )
+ sasl? ( >=dev-libs/cyrus-sasl-2.1.26-r2 )
+ redis? ( dev-libs/hiredis:= )
+ spf? ( >=mail-filter/libspf2-1.2.5-r1 )
+ dmarc? ( mail-filter/opendmarc:= )
+ X? (
+ x11-libs/libX11
+ x11-libs/libXmu
+ x11-libs/libXt
+ x11-libs/libXaw
+ )
+ sqlite? ( dev-db/sqlite )
+ radius? ( net-dialup/freeradius-client )
+ virtual/libcrypt:=
+ virtual/libiconv
+ "
+ # added X check for #57206
+BDEPEND="virtual/pkgconfig"
+DEPEND="${COMMON_DEPEND}"
+RDEPEND="${COMMON_DEPEND}
+ !mail-mta/courier
+ !mail-mta/esmtp
+ !mail-mta/msmtp[mta]
+ !mail-mta/netqmail
+ !mail-mta/nullmailer
+ !mail-mta/postfix
+ !mail-mta/sendmail
+ !mail-mta/opensmtpd
+ !mail-mta/ssmtp[mta]
+ >=net-mail/mailbase-0.00-r5
+ virtual/logger
+ dcc? ( mail-filter/dcc )
+ selinux? ( sec-policy/selinux-exim )
+ "
+
+S=${WORKDIR}/${P//_rc/-RC}
+
+src_prepare() {
+ # Legacy patches which need a respin for -p1
+ eapply -p0 "${FILESDIR}"/exim-4.14-tail.patch
+ eapply -p0 "${FILESDIR}"/exim-4.74-radius-db-ENV-clash.patch # 287426
+ eapply "${FILESDIR}"/exim-4.93-as-needed-ldflags.patch # 352265, 391279
+ eapply -p0 "${FILESDIR}"/exim-4.76-crosscompile.patch # 266591
+ eapply "${FILESDIR}"/exim-4.69-r1.27021.patch
+ eapply "${FILESDIR}"/exim-4.95-localscan_dlopen.patch
+
+ # Upstream post-release fixes :(
+ local GPVDIR=${WORKDIR}/${PN}-4.96-gentoo-patches-${GPV}
+ eapply "${GPVDIR}"/exim-4.96-rewrite-malformed-addr-fix.patch # upstr
+ eapply "${GPVDIR}"/exim-4.96-spf-memory-error-fix.patch # upstr
+ eapply "${GPVDIR}"/exim-4.96-regex-use-after-free.patch # upstr
+ eapply -p2 "${GPVDIR}"/exim-4.96-dmarc_use_after_free.patch # upstr
+ eapply "${GPVDIR}"/exim-4.96-deamon-startup-fix.patch # upstr
+ eapply "${GPVDIR}"/exim-4.96-openssl-verify-ocsp.patch # upstr
+ eapply "${GPVDIR}"/exim-4.96-openssl-double-expansion.patch # upstr
+ eapply "${GPVDIR}"/exim-4.96-recursion-dns_again.patch # upstr
+ eapply "${GPVDIR}"/exim-4.96-openssl-tls_eccurve-setting.patch # upstr
+ eapply "${GPVDIR}"/exim-4.96-openssl-tls_eccurve-lt-3.patch # upstr
+ eapply "${GPVDIR}"/exim-4.96-openssl-bad-alpn.patch # upstr
+ eapply "${GPVDIR}"/exim-4.96-dane-dns_again.patch # upstr
+ eapply "${GPVDIR}"/exim-4.96-expansion-crash.patch # upstr
+ eapply "${GPVDIR}"/exim-4.96-transport-crash.patch # upstr
+
+ # oddity, they disable berkdb as hack, and then throw an error when
+ # berkdb isn't enabled
+ sed -i \
+ -e 's/_DB_/_DONTMESS_/' \
+ -e 's/define DB void/define DONTMESS void/' \
+ src/auths/call_radius.c || die
+
+ # API changed from 1.3 to 1.4, upstream doesn't think 1.4 should be
+ # used, but 1.3 has a CVE and Gentoo (like most downstreams) only
+ # has 1.4 available
+ eapply "${FILESDIR}"/exim-4.94-opendmarc-1.4.patch
+
+ if use maildir ; then
+ eapply "${FILESDIR}"/exim-4.94-maildir.patch
+ else
+ eapply -p0 "${FILESDIR}"/exim-4.80-spool-mail-group.patch # 438606
+ fi
+
+ eapply_user
+
+ # user Exim believes it should be
+ MAILUSER=mail
+ MAILGROUP=mail
+ if use prefix && [[ ${EUID} != 0 ]] ; then
+ MAILUSER=$(id -un)
+ MAILGROUP=$(id -gn)
+ fi
+}
+
+src_configure() {
+ # general config and paths
+
+ local aliases="${EPREFIX}/etc/mail/aliases"
+ sed -i \
+ -e "/SYSTEM_ALIASES_FILE/s'SYSTEM_ALIASES_FILE'${aliases}'" \
+ src/configure.default || die
+
+ sed -i -e 's/^buildname=.*/buildname=exim-gentoo/' Makefile || die
+
+ if use elibc_musl; then
+ sed -i -e 's/^LIBS = -lnsl/LIBS =/g' OS/Makefile-Linux || die
+ fi
+
+ local conffile="${EPREFIX}/etc/exim/exim.conf"
+ sed -e "48i\CFLAGS=${CFLAGS}" \
+ -e "s:BIN_DIRECTORY=/usr/exim/bin:BIN_DIRECTORY=${EPREFIX}/usr/sbin:" \
+ -e "s;EXIM_USER=;EXIM_USER=ref:${MAILUSER};" \
+ -e "s:CONFIGURE_FILE=.*$:CONFIGURE_FILE=${conffile}:" \
+ -e "s:ZCAT_COMMAND=.*$:ZCAT_COMMAND=${EPREFIX}/bin/zcat:" \
+ -e "s:COMPRESS_COMMAND=.*$:COMPRESS_COMMAND=${EPREFIX}/bin/gzip:" \
+ src/EDITME > Local/Makefile || die
+
+ # work on Local/Makefile from now on
+ cd Local
+
+ cat >> Makefile <<- EOC
+ INFO_DIRECTORY=${EPREFIX}/usr/share/info
+ PID_FILE_PATH=${EPREFIX}/run/exim.pid
+ SPOOL_DIRECTORY=${EPREFIX}/var/spool/exim
+ HAVE_ICONV=yes
+ WITH_CONTENT_SCAN=yes
+ EOC
+
+ # configure db implementation, Exim always needs one for its hints
+ # database, we prefer tdb and gdbm, since bdb is kind of getting
+ # less and less support
+ if use tdb ; then
+ cat >> Makefile <<- EOC
+ USE_TDB=yes
+ DBMLIB = -ltdb
+ EOC
+ sed -i -e 's:^USE_DB=yes:# USE_DB=yes:' Makefile || die
+ sed -i -e 's:^USE_GDBM=yes:# USE_GDBM=yes:' Makefile || die
+ elif use gdbm ; then
+ cat >> Makefile <<- EOC
+ USE_GDBM=yes
+ DBMLIB = -lgdbm
+ EOC
+ sed -i -e 's:^USE_DB=yes:# USE_DB=yes:' Makefile || die
+ sed -i -e 's:^USE_TDB=yes:# USE_TDB=yes:' Makefile || die
+ else # must be berkdb via required_use
+ # use the "native" interfaces to the DBM and CDB libraries, support
+ # passwd and directory lookups by default
+ local DB_VERS="5.3 5.1 4.8 4.7 4.6 4.5 4.4 4.3 4.2 3.2"
+ cat >> Makefile <<- EOC
+ USE_DB=yes
+ # keep include in CFLAGS because exim.h -> dbstuff.h -> db.h
+ CFLAGS += -I$(db_includedir ${DB_VERS})
+ DBMLIB = -l$(db_libname ${DB_VERS})
+ EOC
+ sed -i -e 's:^USE_GDBM=yes:# USE_GDBM=yes:' Makefile || die
+ sed -i -e 's:^USE_TDB=yes:# USE_TDB=yes:' Makefile || die
+ fi
+
+ # if we use libiconv, now is the time to tell so
+ if use !elibc_glibc && use !elibc_musl ; then
+ cat >> Makefile <<- EOC
+ EXTRALIBS_EXIM=-liconv
+ EOC
+ fi
+
+ # support for IPv6
+ if use ipv6; then
+ cat >> Makefile <<- EOC
+ HAVE_IPV6=YES
+ EOC
+ fi
+
+ # support i18n/IDNA
+ if use idn; then
+ cat >> Makefile <<- EOC
+ SUPPORT_I18N=yes
+ SUPPORT_I18N_2008=yes
+ EXTRALIBS_EXIM += -lidn -lidn2
+ EOC
+ fi
+
+ #
+ # mail storage formats
+ #
+
+ # mailstore is Exim's traditional storage format
+ cat >> Makefile <<- EOC
+ SUPPORT_MAILSTORE=yes
+ EOC
+
+ # mbox
+ if use mbx; then
+ cat >> Makefile <<- EOC
+ SUPPORT_MBX=yes
+ EOC
+ fi
+
+ # maildir
+ if use maildir; then
+ cat >> Makefile <<- EOC
+ SUPPORT_MAILDIR=yes
+ EOC
+ fi
+
+ #
+ # lookup methods
+ #
+
+ # support passwd and directory lookups by default
+ cat >> Makefile <<- EOC
+ LOOKUP_CDB=yes
+ LOOKUP_PASSWD=yes
+ LOOKUP_DSEARCH=yes
+ EOC
+
+ if ! use dnsdb; then
+ # DNSDB lookup is enabled by default
+ sed -i -e 's:^LOOKUP_DNSDB=yes:# LOOKUP_DNSDB=yes:' Makefile || die
+ fi
+
+ if use ldap; then
+ cat >> Makefile <<- EOC
+ LOOKUP_LDAP=yes
+ LDAP_LIB_TYPE=OPENLDAP2
+ LOOKUP_INCLUDE += -I"${EPREFIX}"/usr/include/ldap
+ LOOKUP_LIBS += -lldap -llber
+ EOC
+ fi
+
+ if use mysql; then
+ cat >> Makefile <<- EOC
+ LOOKUP_MYSQL=yes
+ LOOKUP_INCLUDE += $(mysql_config --include)
+ LOOKUP_LIBS += $(mysql_config --libs)
+ EOC
+ fi
+
+ if use nis; then
+ cat >> Makefile <<- EOC
+ LOOKUP_NIS=yes
+ LOOKUP_NISPLUS=yes
+ EOC
+ if use elibc_glibc ; then
+ cat >> Makefile <<- EOC
+ LOOKUP_INCLUDE += -I"${EPREFIX}"/usr/include/tirpc
+ LOOKUP_LIBS += -lnsl
+ EOC
+ fi
+ fi
+
+ if use postgres; then
+ cat >> Makefile <<- EOC
+ LOOKUP_PGSQL=yes
+ LOOKUP_INCLUDE += -I$(pg_config --includedir)
+ LOOKUP_LIBS += -L$(pg_config --libdir) -lpq
+ EOC
+ fi
+
+ if use sqlite; then
+ cat >> Makefile <<- EOC
+ LOOKUP_SQLITE=yes
+ LOOKUP_SQLITE_PC=sqlite3
+ EOC
+ fi
+
+ if use redis; then
+ cat >> Makefile <<- EOC
+ LOOKUP_REDIS=yes
+ LOOKUP_LIBS += -lhiredis
+ EOC
+ fi
+
+ # Exim monitor, enabled by default, controlled via X USE-flag,
+ # disable if not requested, bug #46778
+ if use X; then
+ cp ../exim_monitor/EDITME eximon.conf || die
+ cat >> Makefile <<- EOC
+ EXIM_MONITOR=eximon.bin
+ EOC
+ fi
+
+ #
+ # features
+ #
+
+ # DomainKeys Identified Mail, RFC4871
+ if ! use dkim; then
+ # DKIM is enabled by default
+ cat >> Makefile <<- EOC
+ DISABLE_DKIM=yes
+ EOC
+ fi
+
+ # Per-Recipient-Data-Response
+ if ! use prdr; then
+ # PRDR is enabled by default
+ cat >> Makefile <<- EOC
+ DISABLE_PRDR=yes
+ EOC
+ fi
+
+ # Transport post-delivery actions
+ if use !tpda && use !dane; then
+ # EVENT is enabled by default
+ cat >> Makefile <<- EOC
+ DISABLE_EVENT=yes
+ EOC
+ fi
+
+ # log to syslog
+ if use syslog; then
+ local eximlog="${EPREFIX}/var/log/exim/exim_%s.log"
+ sed -i \
+ -e "s:LOG_FILE_PATH=${eximlog}:LOG_FILE_PATH=syslog:" \
+ Makefile || die
+ cat >> Makefile <<- EOC
+ LOG_FILE_PATH=syslog
+ EOC
+ else
+ cat >> Makefile <<- EOC
+ LOG_FILE_PATH=${EPREFIX}/var/log/exim/exim_%s.log
+ EOC
+ fi
+
+ # starttls support (ssl)
+ if use ssl; then
+ if use gnutls; then
+ echo "USE_GNUTLS=yes" >> Makefile
+ echo "USE_GNUTLS_PC=gnutls $(use dane && echo gnutls-dane)" \
+ >> Makefile
+ use pkcs11 || echo "AVOID_GNUTLS_PKCS11=yes" >> Makefile
+ else
+ echo "USE_OPENSSL=yes" >> Makefile
+ echo "USE_OPENSSL_PC=openssl" >> Makefile
+ fi
+ else
+ echo "DISABLE_TLS=yes" >> Makefile
+ fi
+
+ # TCP wrappers
+ if use tcpd; then
+ cat >> Makefile <<- EOC
+ USE_TCP_WRAPPERS=yes
+ EXTRALIBS_EXIM += -lwrap
+ EOC
+ fi
+
+ # Light Mail Transport Protocol
+ if use lmtp; then
+ cat >> Makefile <<- EOC
+ TRANSPORT_LMTP=yes
+ EOC
+ fi
+
+ # embedded Perl
+ if use perl; then
+ cat >> Makefile <<- EOC
+ EXIM_PERL=perl.o
+ EOC
+ fi
+
+ # dlfunc
+ if use dlfunc; then
+ cat >> Makefile <<- EOC
+ EXPAND_DLFUNC=yes
+ HAVE_LOCAL_SCAN=yes
+ DLOPEN_LOCAL_SCAN=yes
+ EOC
+ fi
+
+ # Proxy Protocol
+ if use proxy; then
+ cat >> Makefile <<- EOC
+ SUPPORT_PROXY=yes
+ EOC
+ fi
+
+ # SOCKS5 (outbound) proxy support
+ if use socks5; then
+ cat >> Makefile <<- EOC
+ SUPPORT_SOCKS=yes
+ EOC
+ fi
+
+ # DANE
+ if use !dane; then
+ # DANE is enabled by default
+ sed -i -e 's:^SUPPORT_DANE=yes:# SUPPORT_DANE=yes:' Makefile || die
+ fi
+
+ # DMARC
+ if use dmarc; then
+ cat >> Makefile <<- EOC
+ SUPPORT_DMARC=yes
+ EXTRALIBS_EXIM += -lopendmarc
+ EOC
+ fi
+
+ # Sender Policy Framework
+ if use spf; then
+ cat >> Makefile <<- EOC
+ SUPPORT_SPF=yes
+ EXTRALIBS_EXIM += -lspf2
+ EOC
+ fi
+
+ #
+ # experimental features
+ #
+
+ # Authenticated Receive Chain
+ if use arc; then
+ echo "EXPERIMENTAL_ARC=yes">> Makefile
+ fi
+
+ # Distributed Checksum Clearinghouse
+ if use dcc; then
+ echo "EXPERIMENTAL_DCC=yes">> Makefile
+ fi
+
+ # Sender Rewriting Scheme
+ if use srs; then
+ # this one is the default/supported variant since 4.95, and the
+ # only variant available since 4.96
+ cat >> Makefile <<- EOC
+ SUPPORT_SRS=yes
+ EOC
+ fi
+
+ # Delivery Sender Notifications extra information in fail message
+ if use dsn; then
+ cat >> Makefile <<- EOC
+ EXPERIMENTAL_DSN_INFO=yes
+ EOC
+ fi
+
+ #
+ # authentication (SMTP AUTH)
+ #
+
+ # standard bits
+ cat >> Makefile <<- EOC
+ AUTH_SPA=yes
+ AUTH_CRAM_MD5=yes
+ AUTH_PLAINTEXT=yes
+ EOC
+
+ # Cyrus SASL
+ if use sasl; then
+ cat >> Makefile <<- EOC
+ CYRUS_SASLAUTHD_SOCKET=${EPREFIX}/run/saslauthd/mux
+ AUTH_CYRUS_SASL=yes
+ AUTH_LIBS += -lsasl2
+ EOC
+ fi
+
+ # Dovecot
+ if use dovecot-sasl; then
+ cat >> Makefile <<- EOC
+ AUTH_DOVECOT=yes
+ EOC
+ fi
+
+ # Pluggable Authentication Modules
+ if use pam; then
+ cat >> Makefile <<- EOC
+ SUPPORT_PAM=yes
+ AUTH_LIBS += -lpam
+ EOC
+ fi
+
+ # Radius
+ if use radius; then
+ cat >> Makefile <<- EOC
+ RADIUS_CONFIG_FILE=${EPREFIX}/etc/radiusclient/radiusclient.conf
+ RADIUS_LIB_TYPE=RADIUSCLIENTNEW
+ AUTH_LIBS += -lfreeradius-client
+ EOC
+ fi
+}
+
+src_compile() {
+ emake CC="$(tc-getCC)" HOSTCC="$(tc-getBUILD_CC)" \
+ AR="$(tc-getAR) cq" RANLIB="$(tc-getRANLIB)" FULLECHO=''
+}
+
+src_install() {
+ cd "${S}"/build-exim-gentoo || die
+ dosbin exim
+ if use X; then
+ dosbin eximon.bin
+ dosbin eximon
+ fi
+ fperms 4755 /usr/sbin/exim
+
+ dosym exim /usr/sbin/sendmail
+ dosym exim /usr/sbin/rsmtp
+ dosym exim /usr/sbin/rmail
+ dosym ../sbin/exim /usr/bin/mailq
+ dosym ../sbin/exim /usr/bin/newaliases
+ dosym ../sbin/sendmail /usr/lib/sendmail
+
+ for i in exicyclog exim_dbmbuild exim_dumpdb exim_fixdb exim_lock \
+ exim_tidydb exinext exiwhat exigrep eximstats exiqsumm exiqgrep \
+ convert4r3 convert4r4 exipick
+ do
+ dosbin $i
+ done
+
+ dodoc -r "${S}"/doc/.
+ doman "${S}"/doc/exim.8
+ use dsn && dodoc "${S}"/README.DSN
+ use doc && dodoc "${WORKDIR}"/${PN}-pdf-${PV//rc/RC}/doc/*.pdf
+
+ # conf files
+ insinto /etc/exim
+ newins "${S}"/src/configure.default exim.conf.dist
+ doins "${WORKDIR}"/system_filter.exim
+ doins "${FILESDIR}"/auth_conf.sub
+
+ if use pam; then
+ pamd_mimic system-auth exim auth account
+ fi
+
+ # headers, #436406
+ if use dlfunc ; then
+ # fixup includes so they actually can be found when including
+ sed -i \
+ -e '/#include "\(config\|store\|mytypes\).h"/s:"\(.\+\)":<exim/\1>:' \
+ local_scan.h || die
+ insinto /usr/include/exim
+ doins {config,local_scan}.h ../src/{mytypes,store}.h
+ fi
+
+ insinto /etc/logrotate.d
+ newins "${FILESDIR}/exim.logrotate" exim
+
+ newinitd "${FILESDIR}"/exim.rc10 exim
+ newconfd "${FILESDIR}"/exim.confd exim
+
+ systemd_dounit \
+ "${FILESDIR}"/{exim.service,exim.socket,exim-submission.socket}
+ systemd_newunit \
+ "${FILESDIR}"/exim_at.service 'exim@.service'
+ systemd_newunit \
+ "${FILESDIR}"/exim-submission_at.service 'exim-submission@.service'
+
+ diropts -m 0750 -o ${MAILUSER} -g ${MAILGROUP}
+ keepdir /var/log/${PN}
+}
+
+pkg_postinst() {
+ if [[ ! -f ${EROOT}/etc/exim/exim.conf ]] ; then
+ einfo "${EROOT}/etc/exim/system_filter.exim is a sample system_filter."
+ einfo "${EROOT}/etc/exim/auth_conf.sub contains the configuration sub"
+ einfo "for using smtp auth."
+ einfo "Please create ${EROOT}/etc/exim/exim.conf from"
+ einfo " ${EROOT}/etc/exim/exim.conf.dist."
+ fi
+ if use berkdb && ( use gdbm || use tdb ) ; then
+ ewarn "USE=berkdb is ignored because USE=gdbm or USE=tdb is enabled!"
+ fi
+ if use dmarc ; then
+ einfo "DMARC support requires ${EROOT}/etc/exim/opendmarc.tlds"
+ einfo "you can populate this file with the contents downloaded from"
+ einfo " https://publicsuffix.org/list/public_suffix_list.dat"
+ fi
+ if use dcc ; then
+ einfo "DCC support is experimental, you can find some limited"
+ einfo "documentation at the bottom of this prerelease message:"
+ einfo " http://article.gmane.org/gmane.mail.exim.devel/3579"
+ fi
+ if use srs; then
+ einfo "SRS support using libsrs_alt was dropped in this"
+ einfo "release of Exim, you are now using the native SRS implementation"
+ fi
+ use dsn && einfo "extra information in fail DSN message is experimental"
+ einfo
+ elog "Note that this release contains a tainted variable check that"
+ elog "is likely to break your configuration used with Exim 4.93 and before."
+ elog "Please check your transports for occurences of \$local_part, and"
+ elog "use a replacement like \$local_part_data where possible."
+}