Created attachment 242841 [details] opensmtpd-7.3.0p0 patch Hello, please find attached a diff to update the OpenSMTPD port to the newly released 7.3.0p0. The announce is available here: https://opensmtpd.org/announces/release-7.3.0p0.txt Regarding the port, the diff does: - drop the optional dependency on libasr. libasr-portable is no longer maintained, the bundled version in OpenSMTPD should be used instead. I'll file a separate bug to propose the removal of the port. - drops the dependency on bison. the release tarball already includes the "translated" parse.c file, but even if it didn't, base yacc is good enough - the --with-bundled-libtls is needed since libretls has a regression on OpenSSL 3.x - works around the misdetection of recallocarray and adds the missing header for fparseln(3). I'll take care of having this two fixed so they won't be needed for the next update. Cheers, Omar Polo
Created attachment 243174 [details] diff updated for opensmtpd-7.3.0p1
Now updated for 7.3.0p0 that: - fixes an issue with libressl - forces the usage of the bundled libtls and libasr - fixes a misdetection and adds a missing header for FreeBSD
This needs at least the ENGINE support removal to work with security/libressl-devel which is at 3.8.1.
Sorry, I have tested only with the openssl in base. Is it a blocker? thanks! P.S.: just to be sure; we're currently using a bundled version of libtls *regardless* of what the system has since the privsep crypto engine needs the libtls to use the exact same functions of opensmtpd. Once the signer APIs will be finalized this hack in -portable will be removed.
(In reply to Omar Polo from comment #4) Personally I consider it a blocker since LibreSSL is the expected provider anyway, despite base system OpenSSL being base here. Would need fluffy@'s input though. The bigger thing has historically been verifying that the -filter ports still work or need updating to match. libtls bundling or not doesn't affect interaction with the ENGINE functions in ca.c: --- ../../usr.sbin/smtpd/smtpd-ca.o --- ../../usr.sbin/smtpd/ca.c:782:8: warning: call to undeclared function 'ENGINE_set_name'; ISO C99 and later do not support implicit function declarations [-Wimplicit-function-declaration] if (!ENGINE_set_name(e, RSA_meth_get0_name(rsae_method))) { ^ ../../usr.sbin/smtpd/ca.c:790:28: warning: call to undeclared function 'ENGINE_get_RSA'; ISO C99 and later do not support implicit function declarations [-Wimplicit-function-declaration] } else if ((rsa_default = ENGINE_get_RSA(e)) == NULL) { ^ ../../usr.sbin/smtpd/ca.c:790:26: error: incompatible integer to pointer conversion assigning to 'const RSA_METHOD *' (aka 'const struct rsa_meth_st *') from 'int' [-Wint-conversion] } else if ((rsa_default = ENGINE_get_RSA(e)) == NULL) { ^ ~~~~~~~~~~~~~~~~~ ../../usr.sbin/smtpd/ca.c:811:7: warning: call to undeclared function 'ENGINE_set_RSA'; ISO C99 and later do not support implicit function declarations [-Wimplicit-function-declaration] if (!ENGINE_set_RSA(e, rsae_method)) { ^ ../../usr.sbin/smtpd/ca.c:899:11: warning: call to undeclared function 'ENGINE_get_default_EC'; ISO C99 and later do not support implicit function declarations [-Wimplicit-function-declaration] if ((e = ENGINE_get_default_EC()) == NULL) { ^ ../../usr.sbin/smtpd/ca.c:899:9: error: incompatible integer to pointer conversion assigning to 'ENGINE *' (aka 'struct engine_st *') from 'int' [-Wint-conversion] if ((e = ENGINE_get_default_EC()) == NULL) { ^ ~~~~~~~~~~~~~~~~~~~~~~~ ../../usr.sbin/smtpd/ca.c:904:8: warning: call to undeclared function 'ENGINE_set_name'; ISO C99 and later do not support implicit function declarations [-Wimplicit-function-declaration] if (!ENGINE_set_name(e, "ECDSA privsep engine")) { ^ ../../usr.sbin/smtpd/ca.c:912:30: warning: call to undeclared function 'ENGINE_get_EC'; ISO C99 and later do not support implicit function declarations [-Wimplicit-function-declaration] } else if ((ecdsa_default = ENGINE_get_EC(e)) == NULL) { ^ ../../usr.sbin/smtpd/ca.c:912:28: error: incompatible integer to pointer conversion assigning to 'const EC_KEY_METHOD *' (aka 'const struct ec_key_method_st *') from 'int' [-Wint-conversion] } else if ((ecdsa_default = ENGINE_get_EC(e)) == NULL) { ^ ~~~~~~~~~~~~~~~~ ../../usr.sbin/smtpd/ca.c:922:7: warning: call to undeclared function 'ENGINE_set_EC'; ISO C99 and later do not support implicit function declarations [-Wimplicit-function-declaration] if (!ENGINE_set_EC(e, ecdsae_method)) { ^ ../../usr.sbin/smtpd/ca.c:926:7: warning: call to undeclared function 'ENGINE_set_default_EC'; ISO C99 and later do not support implicit function declarations [-Wimplicit-function-declaration] if (!ENGINE_set_default_EC(e)) { ^ 8 warnings and 3 errors generated. *** [../../usr.sbin/smtpd/smtpd-ca.o] Error code 1 ...thus the five commits after release are needed.
(In reply to Charlie Li from comment #5) you're right, I misunderstood, sorry. I'm short of time right now, I'll send an updated diff with the backporting of the ENGINE removal tomorrow. Thanks,
ah, forgot, the filter-rspamd package should be updated, not due to opensmtpd itself but due to a security fix[0] which is independent of the smtpd version. [0]: https://github.com/poolpOrg/filter-rspamd/releases/tag/v0.1.8 I don't use filter-senderscore but it's at the same version we have in the OpenBSD port tree so I *guess* it works :-)
Created attachment 244853 [details] v3 This is what I have. Some new man pages appeared too.
(In reply to Charlie Li from comment #8) Thanks for providing an updated diff. It looks good to me. However, for a unrelated issue[0] I'm planning to release a p3 very soon, and I'll include the build fixes with the latest libressl. Should simplify the diff. Thanks, [0]: https://github.com/OpenSMTPD/OpenSMTPD/issues/1227
Sorry, I completely forgot to upload a new diff after the p2 release. Here it is, it's working fine for me. (i also use the updated rspamd-filter from bug 273818)
Created attachment 245301 [details] opensmtpd 7.3.0p2
A commit in branch main references this bug: URL: https://cgit.FreeBSD.org/ports/commit/?id=9b691950fc867a9d8567ffd39a69555fa1de2256 commit 9b691950fc867a9d8567ffd39a69555fa1de2256 Author: Dima Panov <fluffy@FreeBSD.org> AuthorDate: 2023-10-03 20:51:18 +0000 Commit: Dima Panov <fluffy@FreeBSD.org> CommitDate: 2023-10-03 20:54:58 +0000 mail/opensmtpd: update to 7.3.0p2 PR: 272047 Release Notes: https://github.com/OpenSMTPD/OpenSMTPD/releases/tag/7.3.0p0 https://github.com/OpenSMTPD/OpenSMTPD/releases/tag/7.3.0p1 https://github.com/OpenSMTPD/OpenSMTPD/releases/tag/7.3.0p2 mail/opensmtpd/Makefile | 12 ++++-------- mail/opensmtpd/distinfo | 6 +++--- mail/opensmtpd/pkg-plist | 7 +++++++ 3 files changed, 14 insertions(+), 11 deletions(-)
Committed, thanks!
Thanks for committing the update! :-) Since now the libasr package is not needed by anything else in the tree, do you think it could be dropped? (Bug 272048)