Date: Wed, 13 May 2026 12:19:38 +0000 From: Kurt Jaeger <pi@FreeBSD.org> To: ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org, dev-commits-ports-main@FreeBSD.org Cc: Xavier Beaudouin <kiwi@FreeBSD.org> Subject: git: 211f596a10af - main - mail/exim: update 4.98.2 -> 4.99.3, several CVEs Message-ID: <6a046c5a.18cb3.1802f950@gitrepo.freebsd.org>
index | next in thread | raw e-mail
The branch main has been updated by pi: URL: https://cgit.FreeBSD.org/ports/commit/?id=211f596a10af5bcbc23598710ef893ec3b9b88a3 commit 211f596a10af5bcbc23598710ef893ec3b9b88a3 Author: Xavier Beaudouin <kiwi@FreeBSD.org> AuthorDate: 2026-05-13 12:19:14 +0000 Commit: Kurt Jaeger <pi@FreeBSD.org> CommitDate: 2026-05-13 12:19:14 +0000 mail/exim: update 4.98.2 -> 4.99.3, several CVEs - some new stuff since 4.98.x - some security fixes PR: 295092 Author: Xavier Beaudouin <kiwi@FreeBSD.org> Changes: https://lists.exim.org/lurker/message/20251005.104224.82b52627.en.html https://lists.exim.org/lurker/message/20251217.151548.85d1a2bc.en.html https://lists.exim.org/lurker/message/20260429.121733.f58d9686.en.html https://lists.exim.org/lurker/message/20260512.141621.6777de24.en.html Security: CVE-2026-45185 CVE-2025-26794 CVE-2025-30232 CVE-2025-67896 CVE-2026-40684 CVE-2026-40685 CVE-2026-40686 CVE-2026-40687 MFH: 2026Q2 Approved-by: fluffy (maintainer, by private mail) --- mail/exim/Makefile | 14 ++--- mail/exim/distinfo | 6 +- mail/exim/files/extra-patch-Local-sa-exim.c | 57 +++++++++++++----- mail/exim/files/patch-Makefile | 12 ++-- mail/exim/files/patch-pass-fd-to-tcpwrappers | 32 ---------- mail/exim/files/patch-src__EDITME | 70 +++++++++++----------- ...s-call_radius.c => patch-src_miscmods_radius.c} | 44 +++++++------- mail/exim/options | 4 +- mail/exim/pkg-plist | 5 +- 9 files changed, 113 insertions(+), 131 deletions(-) diff --git a/mail/exim/Makefile b/mail/exim/Makefile index 20c5eda544a6..9737ed0d6153 100644 --- a/mail/exim/Makefile +++ b/mail/exim/Makefile @@ -102,6 +102,7 @@ IGNORE= you cannot enable DANE without DNSSEC support or without TLS support .endif .if ${PORT_OPTIONS:MSA_EXIM} || defined(FETCH_ALL) +BROKEN= Unmaintained extension MASTER_SITES+= http://marc.merlins.org/linux/exim/files/:sa_exim \ SF/sa-exim/sa-exim/${SA_EXIM_VERSION}:sa_exim DISTFILES+= sa-exim-${SA_EXIM_VERSION}.tar.gz:sa_exim @@ -109,7 +110,7 @@ EXTRA_PATCHES+= ${FILESDIR}/extra-patch-Local-sa-exim.c EXTRA_PATCHES+= ${FILESDIR}/extra-patch-Local-sa-exim.conf .endif -EXIM_VERSION= 4.98.2 +EXIM_VERSION= 4.99.3 SA_EXIM_VERSION=4.2.1 EXIM_INSTALL_ARG+= "-no_chown" "-no_symlink" EXTRA_PATCHES+= `${FIND} ${PATCHDIR} -name '74_*.patch'|${SORT} -h` @@ -136,11 +137,11 @@ EXIM_INSTALL_ARG+= "eximon" "eximon.bin" .endif # !EXIMON_ONLY PORTDOC_BASE= ACKNOWLEDGMENTS NOTICE README.UPDATING -PORTDOC_FILES= ChangeLog Exim3.upgrade Exim4.upgrade NewStuff \ +PORTDOC_FILES= ChangeLog NewStuff DANE-draft-notes \ OptionLists.txt README README.SIEVE dbm.discuss.txt \ experimental-spec.txt filter.txt spec.txt -PORT_EXAMPLES= convert4r3 convert4r4 transport-filter.pl +PORT_EXAMPLES= transport-filter.pl DAILY_SCRIPTS= 150.exim-tidydb 460.exim-mail-rejects @@ -299,13 +300,6 @@ SEDLIST+= -e 's,^\# (DISABLE_TLS=),\1,' SEDLIST+= -e 's,^\# (EXIM_PERL=),\1,' .endif -.if ${PORT_OPTIONS:MTCP_WRAPPERS} -SEDLIST+= -e 's,XX_TCP_WRAPPERS_LIBS_XX,-lwrap,' \ - -e 's,^\# (USE_TCP_WRAPPERS=),\1,' -.else -SEDLIST+= -e 's,XX_TCP_WRAPPERS_LIBS_XX,,' -.endif - .if ${PORT_OPTIONS:MICONV} SEDLIST+= -e 's,XX_ICONV_LIBS_XX,-L${LOCALBASE:S/,/\\,/g}/lib ${ICONV_LIB},' \ -e 's,^\# (HAVE_ICONV=),\1,' diff --git a/mail/exim/distinfo b/mail/exim/distinfo index 0ca53f8594f3..aaea0609a86a 100644 --- a/mail/exim/distinfo +++ b/mail/exim/distinfo @@ -1,5 +1,5 @@ -TIMESTAMP = 1743093330 -SHA256 (exim/exim-4.98.2.tar.bz2) = 14d7ead473394c8712f2d28835ea93c475603cbc2b3200b6188eac8782985cf1 -SIZE (exim/exim-4.98.2.tar.bz2) = 2098693 +TIMESTAMP = 1778635962 +SHA256 (exim/exim-4.99.3.tar.bz2) = 08f3096a9de857c040e2f5bb13517cf7eae97553b31c76f3846970de13744691 +SIZE (exim/exim-4.99.3.tar.bz2) = 2134633 SHA256 (exim/sa-exim-4.2.1.tar.gz) = 24d4bf7b0fdddaea11f132981cebb6a86a4ab20ef54111a8ebd481b421c6e2c1 SIZE (exim/sa-exim-4.2.1.tar.gz) = 68933 diff --git a/mail/exim/files/extra-patch-Local-sa-exim.c b/mail/exim/files/extra-patch-Local-sa-exim.c index b3343e3c5e26..8fe28547e2e0 100644 --- a/mail/exim/files/extra-patch-Local-sa-exim.c +++ b/mail/exim/files/extra-patch-Local-sa-exim.c @@ -1,6 +1,6 @@ ---- Local/sa-exim.c.orig 2020-02-19 03:04:43 UTC -+++ Local/sa-exim.c -@@ -29,10 +29,7 @@ http://lists.merlins.org/lists/listinfo/sa-exim +--- Local/sa-exim.c.orig 2025-12-18 04:08:13.593344000 +0100 ++++ Local/sa-exim.c 2025-12-18 04:10:17.527828000 +0100 +@@ -29,10 +29,7 @@ #include "sa-exim.h" /* Exim includes */ @@ -12,7 +12,7 @@ #ifdef DLOPEN_LOCAL_SCAN -@@ -409,6 +406,11 @@ int parsemlheader(char *buffer, FILE *readfh, char *he +@@ -409,6 +406,11 @@ if (buffer[strlen(buffer)-1] == '\n') { buffer[strlen(buffer)-1]=0; @@ -24,7 +24,7 @@ } if (SAEximDebug > 5) { -@@ -515,6 +517,7 @@ int local_scan(volatile int fd, uschar **return_text) +@@ -515,6 +517,7 @@ int pid; int writefd[2]; int readfd[2]; @@ -32,7 +32,18 @@ int i; /* These are the only values that we want working after the longjmp * The automatic ones can be clobbered, but we don't really care */ -@@ -550,8 +553,9 @@ int local_scan(volatile int fd, uschar **return_text) +@@ -536,8 +539,8 @@ + time_t beforescan; + time_t afterscan; + time_t afterwait; +- time_t scantime=0; +- time_t fulltime=0; ++ int scantime=0; ++ int fulltime=0; + struct stat stbuf; + + uschar *expand; +@@ -550,8 +553,9 @@ static char *SAspamcpath=SPAMC_LOCATION; static char *SAsafemesgidchars=SAFEMESGIDCHARS static char *SAspamcSockPath=NULL; @@ -44,7 +55,7 @@ static char *SAEximRunCond="0"; static char *SAEximRejCond="1"; static int SAmaxbody=250*1024; -@@ -602,6 +606,10 @@ int local_scan(volatile int fd, uschar **return_text) +@@ -602,6 +606,10 @@ /* Do not put a %s in there, or you'll segfault */ static char *SAmsgerror="Temporary local error while processing message, please contact postmaster"; @@ -55,7 +66,7 @@ /* New values we read from spamassassin */ char *xspamstatus=NULL; char *xspamflag=NULL; -@@ -712,6 +720,7 @@ int local_scan(volatile int fd, uschar **return_text) +@@ -712,6 +720,7 @@ M_CHECKFORSTR(SAspamcSockPath); M_CHECKFORSTR(SAspamcPort); M_CHECKFORSTR(SAspamcHost); @@ -63,7 +74,7 @@ M_CHECKFORSTR(SAEximRunCond); M_CHECKFORSTR(SAEximRejCond); M_CHECKFORVAR(SAmaxbody, "%d"); -@@ -914,6 +923,22 @@ int local_scan(volatile int fd, uschar **return_text) +@@ -914,6 +923,22 @@ ret=dup2(readfd[1],2); CHECKERR(ret,"dup2 stderr",__LINE__); @@ -86,7 +97,7 @@ /* * I could implement the spamc protocol and talk to spamd directly * instead of forking spamc, but considering the overhead spent -@@ -924,17 +949,30 @@ int local_scan(volatile int fd, uschar **return_text) +@@ -924,17 +949,30 @@ /* Ok, we cheat, spamc cares about how big the whole message is and * we only know about the body size, so I'll give an extra 16K * to account for any headers that can accompany the message */ @@ -122,7 +133,7 @@ } if (SAEximDebug > 8) -@@ -1045,6 +1083,11 @@ int local_scan(volatile int fd, uschar **return_text) +@@ -1045,6 +1083,11 @@ if (buffer[strlen(buffer)-1] == '\n') { buffer[strlen(buffer)-1]=0; @@ -134,7 +145,21 @@ } restart: if (SAEximDebug > 5) -@@ -1218,7 +1261,7 @@ restart: +@@ -1154,7 +1197,7 @@ + { + if (SAEximDebug > 5) + { +- log_write(0, LOG_MAIN, "SA: Debug6: spamc read got newline, end of headers", buffer); ++ log_write(0, LOG_MAIN, "SA: Debug6: spamc read got newline, end of headers"); + } + goto exit; + } +@@ -1214,11 +1257,11 @@ + { + if (SAEximDebug > 8) + { +- log_write(0, LOG_MAIN, "SA: Debug9: Read body from SA; line %d (read %d)", line, strlen(buffer)); ++ log_write(0, LOG_MAIN, "SA: Debug9: Read body from SA; line %d (read %zd)", line, strlen(buffer)); } stret=write(fd, buffer, strlen(buffer)); @@ -143,7 +168,7 @@ if (SAEximDebug > 8) { log_write(0, LOG_MAIN, "SA: Debug9: Wrote to msg; line %d (wrote %d)", line, ret); -@@ -1229,18 +1272,20 @@ restart: +@@ -1229,18 +1272,20 @@ } } @@ -165,7 +190,7 @@ } fclose((FILE *)readfh); -@@ -1331,6 +1376,9 @@ restart: +@@ -1331,6 +1376,9 @@ if (dorej && doteergrube) { @@ -175,7 +200,7 @@ /* By default, we'll only save temp bounces by message ID so * that when the same message is submitted several times, we * overwrite the same file on disk and not create a brand new -@@ -1353,20 +1401,8 @@ restart: +@@ -1353,20 +1401,8 @@ for (i=0;i<SAteergrubetime/10;i++) { @@ -194,7 +219,7 @@ - fprintf(smtp_out, str); - ret=fflush(smtp_out); + smtp_printf("451-%s\r\n", FALSE, teergrubewaitstr); -+ ret=smtp_fflush(); ++ ret=smtp_fflush(TRUE); if (ret != 0) { log_write(0, LOG_MAIN | LOG_REJECT, "SA: Action: teergrubed sender for %d secs until it closed the connection: %s (scanned in %d/%d secs | Message-Id: %s). %s", i*10, spamstatus, scantime, fulltime, safemesgid, mailinfo); diff --git a/mail/exim/files/patch-Makefile b/mail/exim/files/patch-Makefile index 2b184a293732..12c782734749 100644 --- a/mail/exim/files/patch-Makefile +++ b/mail/exim/files/patch-Makefile @@ -1,11 +1,11 @@ ---- Makefile.orig 2014-07-05 18:05:16.180788015 +0100 -+++ Makefile 2014-07-05 18:05:40.464360574 +0100 -@@ -53,7 +53,7 @@ +--- Makefile.orig 2025-12-17 18:05:41.764604000 +0100 ++++ Makefile 2025-12-17 18:08:15.055964000 +0100 +@@ -70,7 +70,7 @@ # Configure-Makefile script. This does its own dependency checking because of # the optional files. --configure: checks build-directory -+configure: build-directory +-configure: checks build-directory \ ++configure: build-directory \ + scripts/lookups-Makefile scripts/drivers-Makefile @cd build-$(buildname); \ build=$(build) $(SHELL) ../scripts/Configure-Makefile - diff --git a/mail/exim/files/patch-pass-fd-to-tcpwrappers b/mail/exim/files/patch-pass-fd-to-tcpwrappers deleted file mode 100644 index 91911dd12569..000000000000 --- a/mail/exim/files/patch-pass-fd-to-tcpwrappers +++ /dev/null @@ -1,32 +0,0 @@ ---- src/smtp_in.c.orig 2017-03-08 16:31:57.587957000 +0000 -+++ src/smtp_in.c 2017-03-08 16:43:44.934346000 +0000 -@@ -2246,6 +2246,9 @@ - #ifdef USE_TCP_WRAPPERS - struct request_info tcpwrap_ri; - #endif -+#ifdef USE_TCP_WRAPPERS -+struct request_info tcpwrap_ri; -+#endif - - smtp_connection_start = time(NULL); - for (smtp_ch_index = 0; smtp_ch_index < SMTP_HBUFF_SIZE; smtp_ch_index++) -@@ -2602,11 +2605,14 @@ - log_write(0, LOG_MAIN|LOG_PANIC_DIE, "Expansion of \"%s\" " - "(tcp_wrappers_name) failed: %s", string_printing(tcp_wrappers_name), - expand_string_message); -- -- if (!hosts_ctl(tcp_wrappers_name, -- sender_host_name ? CS sender_host_name : STRING_UNKNOWN, -- sender_host_address ? CS sender_host_address : STRING_UNKNOWN, -- sender_ident ? CS sender_ident : STRING_UNKNOWN)) -+ request_init(&tcpwrap_ri, -+ RQ_DAEMON, tcp_wrappers_name, -+ RQ_FILE, fileno(smtp_out), -+ RQ_CLIENT_NAME, (sender_host_name == NULL)? STRING_UNKNOWN : CS sender_host_name, -+ RQ_CLIENT_ADDR, (sender_host_address == NULL)? STRING_UNKNOWN : CS sender_host_address, -+ RQ_USER, (sender_ident == NULL)? STRING_UNKNOWN : CS sender_ident, -+ 0); -+ if (!hosts_access(&tcpwrap_ri)) - { - if (errno == 0 || errno == ENOENT) - { diff --git a/mail/exim/files/patch-src__EDITME b/mail/exim/files/patch-src__EDITME index ea4c1303bca9..a01bbba6554d 100644 --- a/mail/exim/files/patch-src__EDITME +++ b/mail/exim/files/patch-src__EDITME @@ -1,6 +1,6 @@ ---- src/EDITME.orig 2021-09-28 10:24:46.000000000 +0200 -+++ src/EDITME 2021-09-29 19:38:22.776161000 +0200 -@@ -99,7 +99,7 @@ +--- src/EDITME.orig 2025-12-14 13:38:51.000000000 +0100 ++++ src/EDITME 2025-12-18 03:31:28.070641000 +0100 +@@ -104,7 +104,7 @@ # /usr/local/sbin. The installation script will try to create this directory, # and any superior directories, if they do not exist. @@ -9,7 +9,7 @@ #------------------------------------------------------------------------------ -@@ -115,7 +115,7 @@ +@@ -120,7 +120,7 @@ # don't exist. It will also install a default runtime configuration if this # file does not exist. @@ -18,7 +18,7 @@ # It is possible to specify a colon-separated list of files for CONFIGURE_FILE. # In this case, Exim will use the first of them that exists when it is run. -@@ -132,7 +132,7 @@ +@@ -137,7 +137,7 @@ # deliveries. (Local deliveries run as various non-root users, typically as the # owner of a local mailbox.) Specifying these values as root is not supported. @@ -27,7 +27,7 @@ # If you specify EXIM_USER as a name, this is looked up at build time, and the # uid number is built into the binary. However, you can specify that this -@@ -153,7 +153,7 @@ +@@ -158,7 +158,7 @@ # for EXIM_USER (e.g. EXIM_USER=exim), you don't need to set EXIM_GROUP unless # you want to use a group other than the default group for the given user. @@ -36,7 +36,7 @@ # Many sites define a user called "exim", with an appropriate default group, # and use -@@ -451,6 +451,7 @@ +@@ -476,6 +476,7 @@ # LDAP_LIB_TYPE=OPENLDAP2 # LDAP_LIB_TYPE=NETSCAPE # LDAP_LIB_TYPE=SOLARIS @@ -44,9 +44,9 @@ # If you don't set any of these, Exim assumes the original University of # Michigan (OpenLDAP 1) library. -@@ -491,9 +492,10 @@ - # - # You do not need to use this for any lookup information added via pkg-config. +@@ -524,9 +525,10 @@ + # LSEARCH, DSEARCH & CDB have no external library needs. + # DNSDB needs the resolver library which the core uses anyway. -# LOOKUP_INCLUDE=-I /usr/local/ldap/include -I /usr/local/mysql/include -I /usr/local/pgsql/include -# LOOKUP_INCLUDE +=-I /usr/local/include @@ -56,17 +56,17 @@ +LOOKUP_LIBS=XX_MYSQL_LIBS_XX XX_PGSQL_LIBS_XX XX_LDAP_LIBS_XX XX_LMDB_LIBS_XX +DBMLIB=XX_DB_LIBS_XX - - #------------------------------------------------------------------------------ -@@ -633,6 +635,7 @@ - # Uncomment the following line to add queuefile transport support - # EXPERIMENTAL_QUEUEFILE=yes + # LOOKUP_LIBS=-L/usr/local/lib -lldap -llber + # Some platforms may need this for LOOKUP_NIS: +@@ -715,6 +717,7 @@ + # Uncomment the following line to add XCLIENT support + # EXPERIMENTAL_XCLIENT=yes +# EXPERIMENTAL_DCC=yes ############################################################################### # THESE ARE THINGS YOU MIGHT WANT TO SPECIFY # ############################################################################### -@@ -700,6 +703,7 @@ +@@ -809,6 +812,7 @@ # ALT_CONFIG_PREFIX=/some/directory/ # ALT_CONFIG_PREFIX=/some/directory/exim.conf- @@ -74,7 +74,7 @@ #------------------------------------------------------------------------------ -@@ -802,7 +806,7 @@ +@@ -917,7 +921,7 @@ # one that is set in the headers_charset option. The default setting is # defined by this setting: @@ -83,7 +83,16 @@ # If you are going to make use of $header_xxx expansions in your configuration # file, or if your users are going to use them in filter files, and the normal -@@ -898,7 +902,7 @@ +@@ -950,6 +954,8 @@ + # + # but of course there may need to be other things in CFLAGS and EXTRALIBS_EXIM + # as well. ++CFLAGS=XX_CFLAGS_XX XX_SPF_FLAGS_XX XX_SRS_FLAGS_XX XX_SQLITE_FLAGS_XX ++EXTRALIBS=XX_PAM_LIBS_XX XX_ICONV_LIBS_XX XX_SPF_LIBS_XX XX_SRS_LIBS_XX XX_RADIUS_LIBS_XX XX_SQLITE_LIBS_XX XX_DMARC_LIBS_XX XX_REDIS_LIBS_XX XX_DYNAMIC_LDFLAGS_XX XX_IDN_LIBS_XX + # + # nb: FreeBSD as of 4.89 defines LIBICONV_PLUG to pick up the system iconv + # more reliably. If you explicitly want the libiconv Port then as well +@@ -1013,7 +1019,7 @@ # Once you have done this, "make install" will build the info files and # install them in the directory you have defined. @@ -92,7 +101,7 @@ #------------------------------------------------------------------------------ -@@ -911,7 +915,7 @@ +@@ -1026,7 +1032,7 @@ # %s. This will be replaced by one of the strings "main", "panic", or "reject" # to form the final file names. Some installations may want something like this: @@ -101,7 +110,7 @@ # which results in files with names /var/log/exim_mainlog, etc. The directory # in which the log files are placed must exist; Exim does not try to create -@@ -993,7 +997,7 @@ +@@ -1114,7 +1120,7 @@ # that the local_scan API is made available by the linker. You may also need # to add -ldl to EXTRALIBS so that dlopen() is available to Exim. @@ -110,18 +119,9 @@ #------------------------------------------------------------------------------ -@@ -1130,6 +1134,8 @@ - # - # but of course there may need to be other things in CFLAGS and EXTRALIBS_EXIM - # as well. -+CFLAGS=XX_CFLAGS_XX XX_SPF_FLAGS_XX XX_SRS_FLAGS_XX XX_SQLITE_FLAGS_XX -+EXTRALIBS=XX_TCP_WRAPPERS_LIBS_XX XX_PAM_LIBS_XX XX_ICONV_LIBS_XX XX_SPF_LIBS_XX XX_SRS_LIBS_XX XX_RADIUS_LIBS_XX XX_SQLITE_LIBS_XX XX_DMARC_LIBS_XX XX_REDIS_LIBS_XX XX_DYNAMIC_LDFLAGS_XX XX_IDN_LIBS_XX - # - # To use a name other than exim in the tcpwrappers config file, - # e.g. if you're running multiple daemons with different access lists, -@@ -1138,7 +1144,15 @@ - # - # TCP_WRAPPERS_DAEMON_NAME="exim" +@@ -1180,7 +1186,15 @@ + # CFLAGS += -I/usr/local/include + # LDFLAGS += -lspf2 +# IPv6 is coming. Exim has experimental support that has been tried out on +# one or two OS. See the file README.IPV6 for the current status of this @@ -133,9 +133,9 @@ + + #------------------------------------------------------------------------------ - # The default action of the exim_install script (which is run by "make - # install") is to install the Exim binary with a unique name such as -@@ -1424,7 +1438,7 @@ + # Support for authentication via Radius is also available. The Exim support, + # which is intended for use in conjunction with the SMTP AUTH facilities, +@@ -1534,7 +1548,7 @@ # (process id) to a file so that it can easily be identified. The path of the # file can be specified here. Some installations may want something like this: diff --git a/mail/exim/files/patch-src-auths-call_radius.c b/mail/exim/files/patch-src_miscmods_radius.c similarity index 62% rename from mail/exim/files/patch-src-auths-call_radius.c rename to mail/exim/files/patch-src_miscmods_radius.c index 8b6b7de07a4e..0fdd400d9468 100644 --- a/mail/exim/files/patch-src-auths-call_radius.c +++ b/mail/exim/files/patch-src_miscmods_radius.c @@ -1,92 +1,92 @@ ---- src/auths/call_radius.c.orig 2020-05-30 22:35:38.000000000 +0200 -+++ src/auths/call_radius.c 2020-06-01 19:54:14.402105000 +0200 -@@ -113,37 +113,37 @@ +--- src/miscmods/radius.c.orig 2025-12-18 03:23:48.333630000 +0100 ++++ src/miscmods/radius.c 2025-12-18 03:28:22.528909000 +0100 +@@ -104,37 +104,37 @@ #ifdef RADIUS_LIB_RADIUSCLIENT if (rc_read_config(RADIUS_CONFIG_FILE) != 0) - *errptr = string_sprintf("RADIUS: can't open %s", RADIUS_CONFIG_FILE); -+ *errptr = string_sprintf("%s", "RADIUS: can't open %s", RADIUS_CONFIG_FILE); ++ *errptr = string_sprintf("%s","RADIUS: can't open %s", RADIUS_CONFIG_FILE); else if (rc_read_dictionary(rc_conf_str("dictionary")) != 0) - *errptr = US"RADIUS: can't read dictionary"; -+ *errptr = string_sprintf("%s", "RADIUS: can't read dictionary"); ++ *errptr = string_sprintf("%","RADIUS: can't read dictionary"); else if (!rc_avpair_add(&send, PW_USER_NAME, user, 0)) - *errptr = US"RADIUS: add user name failed"; -+ *errptr = string_sprintf("%s", "RADIUS: add user name failed\n"); ++ *errptr = string_sprintf("%","RADIUS: add user name failed"); else if (!rc_avpair_add(&send, PW_USER_PASSWORD, CS radius_args, 0)) - *errptr = US"RADIUS: add password failed"); -+ *errptr = string_sprintf("%s", "RADIUS: add password failed\n"); ++ *errptr = string_sprintf("%","RADIUS: add password failed"); else if (!rc_avpair_add(&send, PW_SERVICE_TYPE, &service, 0)) - *errptr = US"RADIUS: add service type failed"; -+ *errptr = string_sprintf("%s", "RADIUS: add service type failed\n"); ++ *errptr = string_sprintf("%","RADIUS: add service type failed"); #else /* RADIUS_LIB_RADIUSCLIENT unset => RADIUS_LIB_RADIUSCLIENT2 */ if (!(h = rc_read_config(RADIUS_CONFIG_FILE))) - *errptr = string_sprintf("RADIUS: can't open %s", RADIUS_CONFIG_FILE); -+ *errptr = string_sprintf("%s", "RADIUS: can't open %s", RADIUS_CONFIG_FILE); ++ *errptr = string_sprintf("%","RADIUS: can't open %s", RADIUS_CONFIG_FILE); else if (rc_read_dictionary(h, rc_conf_str(h, "dictionary")) != 0) - *errptr = US"RADIUS: can't read dictionary"; -+ *errptr = string_sprintf("%s", "RADIUS: can't read dictionary"); ++ *errptr = string_sprintf("%","RADIUS: can't read dictionary"); else if (!rc_avpair_add(h, &send, PW_USER_NAME, user, Ustrlen(user), 0)) - *errptr = US"RADIUS: add user name failed"; -+ *errptr = string_sprintf("%s", "RADIUS: add user name failed\n"); ++ *errptr = string_sprintf("%","RADIUS: add user name failed"); else if (!rc_avpair_add(h, &send, PW_USER_PASSWORD, CS radius_args, Ustrlen(radius_args), 0)) - *errptr = US"RADIUS: add password failed"; -+ *errptr = string_sprintf("%s", "RADIUS: add password failed\n"); ++ *errptr = string_sprintf("%","RADIUS: add password failed"); else if (!rc_avpair_add(h, &send, PW_SERVICE_TYPE, &service, 0, 0)) - *errptr = US"RADIUS: add service type failed"; -+ *errptr = string_sprintf("%s", "RADIUS: add service type failed\n"); ++ *errptr = string_sprintf("%","RADIUS: add service type failed"); #endif /* RADIUS_LIB_RADIUSCLIENT */ -@@ -176,7 +176,7 @@ +@@ -167,7 +167,7 @@ case BADRESP_RC: default: - *errptr = string_sprintf("RADIUS: unexpected response (%d)", result); -+ *errptr = string_sprintf("%s", "RADIUS: unexpected response (%d)", result); ++ *errptr = string_sprintf("%s","RADIUS: unexpected response (%d)", result); return ERROR; } -@@ -186,7 +186,7 @@ +@@ -177,7 +177,7 @@ if (!(h = rad_auth_open())) { - *errptr = string_sprintf("RADIUS: can't initialise libradius"); -+ *errptr = string_sprintf("%s", "RADIUS: can't initialise libradius"); ++ *errptr = string_sprintf("%s","RADIUS: can't initialise libradius"); return ERROR; } if (rad_config(h, RADIUS_CONFIG_FILE) != 0 || -@@ -196,7 +196,7 @@ +@@ -187,7 +187,7 @@ rad_put_int(h, RAD_SERVICE_TYPE, RAD_AUTHENTICATE_ONLY) != 0 || rad_put_string(h, RAD_NAS_IDENTIFIER, CS primary_hostname) != 0) { - *errptr = string_sprintf("RADIUS: %s", rad_strerror(h)); -+ *errptr = string_sprintf("%s", "RADIUS: %s", rad_strerror(h)); ++ *errptr = string_sprintf("%s","RADIUS: %s", rad_strerror(h)); result = ERROR; } else -@@ -211,12 +211,12 @@ +@@ -202,12 +202,12 @@ break; case -1: - *errptr = string_sprintf("RADIUS: %s", rad_strerror(h)); -+ *errptr = string_sprintf("%s", "RADIUS: %s", rad_strerror(h)); ++ *errptr = string_sprintf("%s","RADIUS: %s", rad_strerror(h)); result = ERROR; break; default: - *errptr = string_sprintf("RADIUS: unexpected response (%d)", result); -+ *errptr = string_sprintf("%s", "RADIUS: unexpected response (%d)", result); ++ *errptr = string_sprintf("%s","RADIUS: unexpected response (%d)", result); result= ERROR; break; } diff --git a/mail/exim/options b/mail/exim/options index af097c6380e1..eee5b6cfacf4 100644 --- a/mail/exim/options +++ b/mail/exim/options @@ -18,7 +18,6 @@ OPTIONS_DEFINE+= ALT_CONFIG_PREFIX \ PRDR \ READLINE \ SUID \ - TCP_WRAPPERS \ WISHLIST \ EVENT \ PROXY \ @@ -122,13 +121,12 @@ PROXY_DESC= Enable Experimental Proxy Protocol READLINE_DESC= Enable readline(3) library REDIS_DESC= Enable redis lookups SASLAUTHD_DESC= Enable use of Cyrus SASL auth daemon -SA_EXIM_DESC= Build with Spamassassin local scan +SA_EXIM_DESC= Build with Spamassassin local scan (BROKEN) SOCKS_DESC= Enable smtp transport via socks5 proxies SPF_DESC= Enable Sender Policy Framework checking SQLITE_DESC= Enable SQLite lookups SRS_DESC= Enable Sender Rewriting Scheme SUID_DESC= Install the exim binary suid root TAINTWARN_DESC= Allow insecure tainted data (pre-4.93 config style, deprecated) -TCP_WRAPPERS_DESC= Enable /etc/hosts.allow access control GNUTLS_DESC= Use GnuTLS instead of OpenSSL for TLS WISHLIST_DESC= Include the unsupported patches diff --git a/mail/exim/pkg-plist b/mail/exim/pkg-plist index 77b6af2cd4dd..925cdb19b07b 100644 --- a/mail/exim/pkg-plist +++ b/mail/exim/pkg-plist @@ -24,8 +24,7 @@ %%EXIM%%%%PORTDOCS%%%%DOCSDIR%%/NOTICE %%EXIM%%%%PORTDOCS%%%%DOCSDIR%%/README.UPDATING %%EXIM%%%%PORTDOCS%%%%DOCSDIR%%/ChangeLog -%%EXIM%%%%PORTDOCS%%%%DOCSDIR%%/Exim3.upgrade -%%EXIM%%%%PORTDOCS%%%%DOCSDIR%%/Exim4.upgrade +%%EXIM%%%%PORTDOCS%%%%DOCSDIR%%/DANE-draft-notes %%EXIM%%%%PORTDOCS%%%%DOCSDIR%%/NewStuff %%EXIM%%%%PORTDOCS%%%%DOCSDIR%%/OptionLists.txt %%EXIM%%%%PORTDOCS%%%%DOCSDIR%%/POST-INSTALL-NOTES @@ -36,8 +35,6 @@ %%EXIM%%%%PORTDOCS%%%%DOCSDIR%%/experimental-spec.txt %%EXIM%%%%PORTDOCS%%%%DOCSDIR%%/filter.txt %%EXIM%%%%PORTDOCS%%%%DOCSDIR%%/spec.txt -%%EXIM%%%%PORTDOCS%%%%EXAMPLESDIR%%/convert4r3 -%%EXIM%%%%PORTDOCS%%%%EXAMPLESDIR%%/convert4r4 %%EXIM%%%%PORTDOCS%%%%EXAMPLESDIR%%/transport-filter.pl %%EXIMDAEMON%%etc/periodic/daily/150.exim-tidydb %%EXIMDAEMON%%etc/periodic/daily/460.exim-mail-rejectshome | help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?6a046c5a.18cb3.1802f950>