[gentoo-commits] repo/gentoo:master commit in: mail-mta/netqmail/, mail-mta/netqmail/files/

[gentoo-commits] repo/gentoo:master commit in: mail-mta/netqmail/, mail-mta/netqmail/files/

[Michał Górny]

commit:     41714291b8d9ae53c55d67011ac00fc0b95f3e10
Author:     Lara Maia <dev <AT> lara <DOT> click>
AuthorDate: Sun Oct 18 15:02:26 2015 +0000
Commit:     Michał Górny <mgorny <AT> gentoo <DOT> org>
CommitDate: Tue Oct 20 22:38:22 2015 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=41714291

mail-mta/netqmail: Update mkservercert to use new path for functions.sh

https://bugs.gentoo.org/show_bug.cgi?id=504392

 .../files/use-new-path-for-functions.sh.patch      |  11 ++
 mail-mta/netqmail/netqmail-1.06-r4.ebuild          | 177 +++++++++++++++++++++
 2 files changed, 188 insertions(+)

diff --git a/mail-mta/netqmail/files/use-new-path-for-functions.sh.patch b/mail-mta/netqmail/files/use-new-path-for-functions.sh.patch
new file mode 100644
index 0000000..52f3d8e
--- /dev/null
+++ b/mail-mta/netqmail/files/use-new-path-for-functions.sh.patch
@@ -0,0 +1,11 @@
+--- genqmail-20080406.orig/ssl/mkservercert.orig	2015-10-18 12:46:40.082559295 -0200
++++ genqmail-20080406/ssl/mkservercert	2015-10-18 12:49:03.749576181 -0200
+@@ -5,7 +5,7 @@
+ # Based on mkimapdcert from courier-imap.
+
+ test -x /usr/bin/openssl || exit 0
+-source /etc/init.d/functions.sh || exit 1
++source /lib/gentoo/functions.sh || exit 1
+
+ filedir="/var/qmail/control"
+ pemfile="${filedir}/servercert.pem"

diff --git a/mail-mta/netqmail/netqmail-1.06-r4.ebuild b/mail-mta/netqmail/netqmail-1.06-r4.ebuild
new file mode 100644
index 0000000..040afc2
--- /dev/null
+++ b/mail-mta/netqmail/netqmail-1.06-r4.ebuild
@@ -0,0 +1,177 @@
+# Copyright 1999-2015 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+EAPI=5
+
+GENQMAIL_PV=20080406
+QMAIL_SPP_PV=0.42
+
+QMAIL_TLS_PV=20070417
+QMAIL_TLS_F=${PN}-1.05-tls-smtpauth-${QMAIL_TLS_PV}.patch
+QMAIL_TLS_CVE=vu555316.patch
+
+QMAIL_BIGTODO_PV=103
+QMAIL_BIGTODO_F=big-todo.${QMAIL_BIGTODO_PV}.patch
+
+QMAIL_LARGE_DNS='qmail-103.patch'
+
+inherit eutils qmail
+
+DESCRIPTION="qmail -- a secure, reliable, efficient, simple message transfer agent"
+HOMEPAGE="
+	http://netqmail.org
+	http://cr.yp.to/qmail.html
+	http://qmail.org
+"
+SRC_URI="mirror://qmail/${P}.tar.gz
+	https://dev.gentoo.org/~hollow/distfiles/${GENQMAIL_F}
+	http://www.ckdhr.com/ckd/${QMAIL_LARGE_DNS}
+	http://inoa.net/qmail-tls/${QMAIL_TLS_CVE}
+	!vanilla? (
+		highvolume? ( mirror://qmail/${QMAIL_BIGTODO_F} )
+		qmail-spp? ( mirror://sourceforge/qmail-spp/${QMAIL_SPP_F} )
+		ssl? ( http://shupp.org/patches/${QMAIL_TLS_F} )
+	)
+"
+
+LICENSE="public-domain"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86"
+IUSE="authcram gencertdaily highvolume libressl qmail-spp ssl vanilla"
+REQUIRED_USE='vanilla? ( !ssl !qmail-spp !highvolume )'
+RESTRICT="test"
+
+DEPEND="
+	!mail-mta/qmail
+	net-mail/queue-repair
+	ssl? (
+		!libressl? ( dev-libs/openssl:0 )
+		libressl? ( dev-libs/libressl )
+	)
+	sys-apps/groff
+"
+RDEPEND="
+	!mail-mta/courier
+	!mail-mta/esmtp
+	!mail-mta/exim
+	!mail-mta/mini-qmail
+	!mail-mta/msmtp[mta]
+	!mail-mta/nullmailer
+	!mail-mta/postfix
+	!mail-mta/qmail-ldap
+	!mail-mta/sendmail
+	!<mail-mta/ssmtp-2.64-r2
+	!>=mail-mta/ssmtp-2.64-r2[mta]
+	>=sys-apps/ucspi-tcp-0.88-r17
+	ssl? ( >=sys-apps/ucspi-ssl-0.70-r1 )
+	virtual/daemontools
+	>=net-mail/dot-forward-0.71-r3
+	virtual/checkpassword
+	authcram? ( >=net-mail/cmd5checkpw-0.30 )
+	${DEPEND}
+"
+
+pkg_setup() {
+	if [[ -n "${QMAIL_PATCH_DIR}" ]]; then
+		eerror
+		eerror "The QMAIL_PATCH_DIR variable for custom patches"
+		eerror "has been removed from ${PN}. If you need custom patches"
+		eerror "you should create a copy of this ebuild in an overlay."
+		eerror
+		die "QMAIL_PATCH_DIR is not supported anymore"
+	fi
+
+	qmail_create_users
+}
+
+src_unpack() {
+	genqmail_src_unpack
+	use qmail-spp && qmail_spp_src_unpack
+
+	unpack ${P}.tar.gz
+}
+
+src_prepare() {
+	epatch "${FILESDIR}"/${PV}-exit.patch
+	epatch "${FILESDIR}"/${PV}-readwrite.patch
+	epatch "${DISTDIR}"/${QMAIL_LARGE_DNS}
+	epatch "${FILESDIR}"/${PV}-fbsd-utmpx.patch
+
+	ht_fix_file Makefile*
+
+	if ! use vanilla; then
+		# This patch contains relative paths and needs to be cleaned up.
+		sed 's~^--- ../../~--- ~g' \
+			<"${DISTDIR}"/${QMAIL_TLS_F} \
+			>"${T}"/${QMAIL_TLS_F} || die
+		use ssl        && epatch "${T}"/${QMAIL_TLS_F}
+		use ssl        && epatch "${DISTDIR}"/${QMAIL_TLS_CVE}
+		use highvolume && epatch "${DISTDIR}"/${QMAIL_BIGTODO_F}
+
+		if use qmail-spp; then
+			if use ssl; then
+				epatch "${QMAIL_SPP_S}"/qmail-spp-smtpauth-tls-20060105.diff
+			else
+				epatch "${QMAIL_SPP_S}"/netqmail-spp.diff
+			fi
+			cd "${WORKDIR}" || die
+			epatch "${FILESDIR}"/genqmail-20080406-ldflags.patch
+			cd - || die
+		fi
+	fi
+
+	cd "${WORKDIR}" || die
+	epatch "${FILESDIR}"/use-new-path-for-functions.sh.patch
+	cd - || die
+
+	qmail_src_postunpack
+
+	# Fix bug #33818 but for netqmail (Bug 137015)
+	if ! use authcram; then
+		einfo "Disabled CRAM_MD5 support"
+		sed -e 's,^#define CRAM_MD5$,/*&*/,' -i "${S}"/qmail-smtpd.c || die
+	else
+		einfo "Enabled CRAM_MD5 support"
+	fi
+}
+
+src_compile() {
+	qmail_src_compile
+	use qmail-spp && qmail_spp_src_compile
+}
+
+src_install() {
+	qmail_src_install
+}
+
+pkg_postinst() {
+	qmail_queue_setup
+	qmail_rootmail_fixup
+	qmail_tcprules_build
+
+	qmail_config_notice
+	qmail_supervise_config_notice
+	elog
+	elog "If you are looking for documentation, check those links:"
+	elog "https://www.gentoo.org/doc/en/qmail-howto.xml"
+	elog "  -- qmail/vpopmail Virtual Mail Hosting System Guide"
+	elog "http://www.lifewithqmail.com/"
+	elog "  -- Life with qmail"
+	elog
+}
+
+pkg_preinst() {
+	qmail_tcprules_fixup
+}
+
+pkg_config() {
+	# avoid some weird locale problems
+	export LC_ALL=C
+
+	qmail_config_fast
+	qmail_tcprules_config
+	qmail_tcprules_build
+
+	use ssl && qmail_ssl_generate
+}

[gentoo-commits] repo/gentoo:master commit in: mail-mta/netqmail/, mail-mta/netqmail/files/

[Robin H. Johnson]

commit:     656ae3db884b62b3576f24741cf18c6dc53226c5
Author:     Arnt Gulbrandsen <arnt <AT> gulbrandsen <DOT> priv <DOT> no>
AuthorDate: Tue Nov 15 14:20:37 2016 +0000
Commit:     Robin H. Johnson <robbat2 <AT> gentoo <DOT> org>
CommitDate: Sun Nov 27 16:48:11 2016 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=656ae3db

mail-mta/netqmail: Add SMTPUTF8 support for qmail

SMTPUTF8 (RFCs 6531 and 6532, plus several that aren't relevant to qmail)
allows using unencoded UTF8 almost everywhere in email, including in
localparts, domains, subjects and message bodies.

Thanks to cnnic.cn for sponsoring this work.

(cherry picked from commit 5116b83a9bf93f59fb7b7d3fcd286f7b2c4da438)
Signed-off-by: Robin H. Johnson <robbat2 <AT> gentoo.org>

 mail-mta/netqmail/Manifest                   |   1 +
 mail-mta/netqmail/files/qmail-smtputf8.patch | 242 +++++++++++++++++++++++++++
 mail-mta/netqmail/netqmail-1.06-r5.ebuild    | 183 ++++++++++++++++++++
 3 files changed, 426 insertions(+)

diff --git a/mail-mta/netqmail/Manifest b/mail-mta/netqmail/Manifest
index cedd87f..39e82f2 100644
--- a/mail-mta/netqmail/Manifest
+++ b/mail-mta/netqmail/Manifest
@@ -5,3 +5,4 @@ DIST netqmail-1.06.tar.gz 260941 SHA256 8e7d98d15211fc9f9c28109e942e2268f42a6672
 DIST qmail-103.patch 2104 SHA256 4cad53c7a6628a600c74c36bfee327db5052ca24c222d4013e4dfcd7f427653d SHA512 b81062bb0b0023f474c0b6af40601926e1c04ad395de480d114809e48a8060c06d99bdbdeb6f44d9e24ae1acedabb094b979193d305371aed958f18fc6eee354 WHIRLPOOL 5785684b98b9d9732ed14aa1b53910746bd09aa93514e0e6ef3d74831c3df8ed0a55f257057488f34a3d462e485b7a4417ed255f66abaff6dd63d881b9230063
 DIST qmail-spp-0.42.tar.gz 18689 SHA256 1518e7e82d10fbbb8ecc520f51daf503edeb9c3a9fb935be65a8185e7b53808d SHA512 03449862886a0ca20fbadab4c94b34b55d185f8df3261bd68aea99e9ded9edfab4477c6b38a8e0295e9b38b0045615da8b1a906a458f28745eadd3c4d882bcbf WHIRLPOOL 2f8525bb264fbec4b057bad6d92968e29085fdf10b8538b8e572d81ea8793e74c07c6093d0cc2a34de00b629e797b048007b30e3845dce76829037fdb44f527c
 DIST vu555316.patch 617 SHA256 cc7b2876ecb183fe55c280404c1c825a6bd1f6ccc87db67e7cfc8bc6336f9b0f SHA512 5d7810360e5eaa8e8ee141fe92c765d9458aa12198a8d0ac702e0630e08d060ad4a1d33690d434f20f5aff79eb200cd8173bebc334c411e340c0198b5d8d1a65 WHIRLPOOL 2564d5622576b89918e247de5dd830011e8ef18a50fd03e6f48e98ebf4a53db2f4994eb0fb22a76c4cd0cbb35b457ac2a5507e05159130a72685866137c5ebc1
+DIST qmail-smtputf8.patch 6693 SHA256 cf3a802d439fe53e9cecbeb82a6ce6ff5c71b5fcd0b053eac5a19df918724cfa SHA512 8cafdf1a4f1fd41e6b11ee2abddac5c3da4a1d2ab17b5d3847433875a91f867a26eb358ae8c41791f1e77758e5a2c311134a286d888ccd23fbede6d9f0b475c4 WHIRLPOOL 36d2a822cf42efbe34e0e95da6e171a3394c049cfbcf2a3b68efe789b4199f00fcdb942d1e93268283a4eec15ad3ead7a58df31a327ade517c218fb18f8a7801

diff --git a/mail-mta/netqmail/files/qmail-smtputf8.patch b/mail-mta/netqmail/files/qmail-smtputf8.patch
new file mode 100644
index 00000000..5b656b9
--- /dev/null
+++ b/mail-mta/netqmail/files/qmail-smtputf8.patch
@@ -0,0 +1,242 @@
+This patch adds EAI support to qmail; EAI allows UTF8 almost everywhere in
+email.
+
+Thanks for CNNIC for sponsoring this work.
+
+--- /dev/null
++++ netqmail-1.06/Makefile
+@@ -1446,7 +1446,7 @@ substdio.a error.a str.a fs.a auto_qmail.o dns.lib socket.lib
+ 	timeoutwrite.o timeoutconn.o tcpto.o now.o dns.o ip.o \
+ 	ipalloc.o ipme.o quote.o ndelay.a case.a sig.a open.a \
+ 	lock.a seek.a getln.a stralloc.a alloc.a substdio.a error.a \
+-	str.a fs.a auto_qmail.o  `cat dns.lib` `cat socket.lib`
++	str.a fs.a auto_qmail.o  `cat dns.lib` `cat socket.lib` -lidn2
+ 
+ qmail-remote.0: \
+ qmail-remote.8
+--- /dev/null
++++ netqmail-1.06/qmail-remote.c
+@@ -2,6 +2,7 @@
+ #include <sys/socket.h>
+ #include <netinet/in.h>
+ #include <arpa/inet.h>
++#include <idn2.h>
+ #include "sig.h"
+ #include "stralloc.h"
+ #include "substdio.h"
+@@ -42,6 +43,7 @@
+ stralloc routes = {0};
+ struct constmap maproutes;
+ stralloc host = {0};
++stralloc asciihost = {0};
+ stralloc sender = {0};
+ 
+ saa reciplist = {0};
+@@ -53,12 +55,13 @@
+ # include "tls.h"
+ # include "ssl_timeoutio.h"
+ # include <openssl/x509v3.h>
+-# define EHLO 1
+ 
+ int tls_init();
+ const char *ssl_err_str = 0;
+ #endif 
+ 
++# define EHLO 1
++
+ void out(s) char *s; { if (substdio_puts(subfdoutsmall,s) == -1) _exit(0); }
+ void zero() { if (substdio_put(subfdoutsmall,"\0",1) == -1) _exit(0); }
+ void zerodie() { zero(); substdio_flush(subfdoutsmall); _exit(0); }
+@@ -156,6 +159,7 @@
+ substdio smtpfrom = SUBSTDIO_FDBUF(saferead,-1,smtpfrombuf,sizeof smtpfrombuf);
+ 
+ stralloc smtptext = {0};
++stralloc firstpart = {0};
+ 
+ void get(ch)
+ char *ch;
+@@ -308,6 +312,8 @@
+   int r;
+   char ch;
+ 
++  substdio_put(&smtpto,firstpart.s,firstpart.len);
++
+   for (;;) {
+     r = substdio_get(&ssin,&ch,1);
+     if (r == 0) break;
+@@ -518,6 +524,88 @@
+ 
+ stralloc recip = {0};
+ 
++int containsutf8(p, l) unsigned char * p; int l;
++{
++  int i = 0;
++  while (i<l)
++    if(p[i++] > 127) return 1;
++  return 0;
++}
++
++int utf8message;
++
++void checkutf8message()
++{
++  int pos;
++  int i;
++  int r;
++  char ch;
++  int state;
++
++  if (containsutf8(sender.s, sender.len)) { utf8message = 1; return; }
++  for (i = 0;i < reciplist.len;++i)
++    if (containsutf8(reciplist.sa[i].s, reciplist.sa[i].len)) {
++      utf8message = 1;
++      return;
++    }
++
++  state = 0;
++  pos = 0;
++  for (;;) {
++    r = substdio_get(&ssin,&ch,1);
++    if (r == 0) break;
++    if (r == -1) temp_read();
++
++    if (!stralloc_append(&firstpart,&ch)) temp_nomem();
++
++    if (ch == '\r')
++      continue;
++    if (ch == '\t')
++      ch = ' ';
++
++    switch (state) {
++    case 6: /* in Received, at LF but before WITH clause */
++      if (ch == ' ') { state = 3; pos = 1; continue; }
++      state = 0;
++      /* FALL THROUGH */
++
++    case 0: /* start of header field */
++      if (ch == '\n') return;
++      state = 1;
++      pos = 0;
++      /* FALL THROUGH */
++
++    case 1: /* partway through "Received:" */
++      if (ch != "RECEIVED:"[pos] && ch != "received:"[pos]) { state = 2; continue; }
++      if (++pos == 9) { state = 3; pos = 0; }
++      continue;
++
++    case 2: /* other header field */
++      if (ch == '\n') state = 0;
++      continue;
++
++    case 3: /* in Received, before WITH clause or partway though " with " */
++      if (ch == '\n') { state = 6; continue; }
++      if (ch != " WITH "[pos] && ch != " with "[pos]) { pos = 0; continue; }
++      if (++pos == 6) { state = 4; pos = 0; }
++      continue;
++
++    case 4: /* in Received, having seen with, before the argument */
++      if (pos == 0 && (ch == ' ' || ch == '\t')) continue;
++      if (ch != "UTF8"[pos] && ch != "utf8"[pos]) { state = 5; continue; }
++      if(++pos == 4) { utf8message = 1; state = 5; continue; }
++      continue;
++
++    case 5: /* after the RECEIVED WITH argument */
++      /* blast() assumes that it copies whole lines */
++      if (ch == '\n') return;
++      state = 1;
++      pos = 0;
++      continue;
++    }
++  }
++}
++
+ void smtp()
+ {
+   unsigned long code;
+@@ -571,9 +659,12 @@
+   }
+ #endif
+  
++  checkutf8message();
+   substdio_puts(&smtpto,"MAIL FROM:<");
+   substdio_put(&smtpto,sender.s,sender.len);
+-  substdio_puts(&smtpto,">\r\n");
++  substdio_puts(&smtpto,">");
++  if (utf8message) substdio_puts(&smtpto," SMTPUTF8");
++  substdio_puts(&smtpto,"\r\n");
+   substdio_flush(&smtpto);
+   code = smtpcode();
+   if (code >= 500) quit("DConnected to "," but sender was rejected");
+@@ -702,9 +793,17 @@
+       relayhost[i] = 0;
+     }
+     if (!stralloc_copys(&host,relayhost)) temp_nomem();
++  } else {
++    char * ascii = 0;
++    host.s[host.len] = '\0';
++    switch (idn2_lookup_u8(host.s, (uint8_t**)&ascii, IDN2_NFC_INPUT)) {
++      case IDN2_OK: break;
++      case IDN2_MALLOC: temp_nomem();
++      default: perm_dns();
++    }
++    if (!stralloc_copys(&asciihost, ascii)) temp_nomem();
+   }
+ 
+-
+   addrmangle(&sender,argv[2],&flagalias,0);
+  
+   if (!saa_readyplus(&reciplist,0)) temp_nomem();
+@@ -723,7 +822,7 @@
+ 
+  
+   random = now() + (getpid() << 16);
+-  switch (relayhost ? dns_ip(&ip,&host) : dns_mxip(&ip,&host,random)) {
++  switch (relayhost ? dns_ip(&ip,&host) : dns_mxip(&ip,&asciihost,random)) {
+     case DNS_MEM: temp_nomem();
+     case DNS_SOFT: temp_dns();
+     case DNS_HARD: perm_dns();
+--- /dev/null
++++ netqmail-1.06/qmail-smtpd.c
+@@ -273,6 +273,7 @@
+ stralloc rcptto = {0};
+ stralloc fuser = {0};
+ stralloc mfparms = {0};
++int smtputf8 = 0;
+ 
+ int mailfrom_size(arg) char *arg;
+ {
+@@ -323,6 +324,7 @@
+       while (len) {
+         arg++; len--; 
+         if (*arg == ' ' || *arg == '\0' ) {
++           if (case_starts(mfparms.s,"SMTPUTF8")) smtputf8 = 1;
+            if (case_starts(mfparms.s,"SIZE=")) if (mailfrom_size(mfparms.s+5)) { flagsize = 1; return; }
+            if (case_starts(mfparms.s,"AUTH=")) mailfrom_auth(mfparms.s+5,mfparms.len-5);  
+            if (!stralloc_copys(&mfparms,"")) die_nomem;
+@@ -351,7 +353,7 @@
+     out("\r\n250-STARTTLS");
+ #endif
+   size[fmt_ulong(size,(unsigned int) databytes)] = 0;
+-  out("\r\n250-PIPELINING\r\n250-8BITMIME\r\n");
++  out("\r\n250-PIPELINING\r\n250-SMTPUTF8\r\n250-8BITMIME\r\n");
+   out("250-SIZE "); out(size); out("\r\n");
+ #ifdef CRAM_MD5
+   out("250 AUTH LOGIN PLAIN CRAM-MD5\r\n");
+@@ -516,7 +518,15 @@
+   if (qmail_open(&qqt) == -1) { err_qqt(); return; }
+   qp = qmail_qp(&qqt);
+   out("354 go ahead\r\n");
+- 
++
++  if (smtputf8) {
++    stralloc utf8proto = {0};
++    if ('E' == *protocol) protocol++;
++    if (!stralloc_copys(&utf8proto, "UTF8")) die_nomem();
++    if (!stralloc_cats(&utf8proto, protocol)) die_nomem();
++    utf8proto.s[utf8proto.len] = '\0';
++    protocol = utf8proto.s;
++  }
+   received(&qqt,protocol,local,remoteip,remotehost,remoteinfo,fakehelo);
+   blast(&hops);
+   hops = (hops >= MAXHOPS);
+

diff --git a/mail-mta/netqmail/netqmail-1.06-r5.ebuild b/mail-mta/netqmail/netqmail-1.06-r5.ebuild
new file mode 100644
index 00000000..6609bf6
--- /dev/null
+++ b/mail-mta/netqmail/netqmail-1.06-r5.ebuild
@@ -0,0 +1,183 @@
+# Copyright 1999-2015 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+EAPI=5
+
+GENQMAIL_PV=20080406
+QMAIL_SPP_PV=0.42
+
+QMAIL_TLS_PV=20070417
+QMAIL_TLS_F=${PN}-1.05-tls-smtpauth-${QMAIL_TLS_PV}.patch
+QMAIL_TLS_CVE=vu555316.patch
+
+QMAIL_BIGTODO_PV=103
+QMAIL_BIGTODO_F=big-todo.${QMAIL_BIGTODO_PV}.patch
+
+QMAIL_LARGE_DNS='qmail-103.patch'
+
+QMAIL_SMTPUTF8='qmail-smtputf8.patch'
+
+inherit eutils qmail
+
+DESCRIPTION="qmail -- a secure, reliable, efficient, simple message transfer agent"
+HOMEPAGE="
+	http://netqmail.org
+	http://cr.yp.to/qmail.html
+	http://qmail.org
+"
+SRC_URI="mirror://qmail/${P}.tar.gz
+	https://dev.gentoo.org/~hollow/distfiles/${GENQMAIL_F}
+	http://www.ckdhr.com/ckd/${QMAIL_LARGE_DNS}
+	http://inoa.net/qmail-tls/${QMAIL_TLS_CVE}
+	http://arnt.gulbrandsen.priv.no/qmail/qmail-smtputf8.patch
+	!vanilla? (
+		highvolume? ( mirror://qmail/${QMAIL_BIGTODO_F} )
+		qmail-spp? ( mirror://sourceforge/qmail-spp/${QMAIL_SPP_F} )
+		ssl? ( http://shupp.org/patches/${QMAIL_TLS_F} )
+	)
+"
+
+LICENSE="public-domain"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~arm ~hppa ~mips ~ppc ~ppc64 ~x86"
+IUSE="authcram gencertdaily highvolume libressl qmail-spp ssl vanilla"
+REQUIRED_USE='vanilla? ( !ssl !qmail-spp !highvolume )'
+RESTRICT="test"
+
+DEPEND="
+	!mail-mta/qmail
+	net-mail/queue-repair
+	ssl? (
+		!libressl? ( dev-libs/openssl:0 )
+		libressl? ( dev-libs/libressl )
+	)
+	sys-apps/gentoo-functions
+	sys-apps/groff
+	net-dns/libidn2
+"
+RDEPEND="
+	!mail-mta/courier
+	!mail-mta/esmtp
+	!mail-mta/exim
+	!mail-mta/mini-qmail
+	!mail-mta/msmtp[mta]
+	!mail-mta/nullmailer
+	!mail-mta/postfix
+	!mail-mta/qmail-ldap
+	!mail-mta/sendmail
+	!<mail-mta/ssmtp-2.64-r2
+	!>=mail-mta/ssmtp-2.64-r2[mta]
+	>=sys-apps/ucspi-tcp-0.88-r17
+	ssl? ( >=sys-apps/ucspi-ssl-0.70-r1 )
+	virtual/daemontools
+	>=net-mail/dot-forward-0.71-r3
+	virtual/checkpassword
+	authcram? ( >=net-mail/cmd5checkpw-0.30 )
+	${DEPEND}
+"
+
+pkg_setup() {
+	if [[ -n "${QMAIL_PATCH_DIR}" ]]; then
+		eerror
+		eerror "The QMAIL_PATCH_DIR variable for custom patches"
+		eerror "has been removed from ${PN}. If you need custom patches"
+		eerror "you should create a copy of this ebuild in an overlay."
+		eerror
+		die "QMAIL_PATCH_DIR is not supported anymore"
+	fi
+
+	qmail_create_users
+}
+
+src_unpack() {
+	genqmail_src_unpack
+	use qmail-spp && qmail_spp_src_unpack
+
+	unpack ${P}.tar.gz
+}
+
+src_prepare() {
+	epatch "${FILESDIR}"/${PV}-exit.patch
+	epatch "${FILESDIR}"/${PV}-readwrite.patch
+	epatch "${DISTDIR}"/${QMAIL_LARGE_DNS}
+	epatch "${FILESDIR}"/${PV}-fbsd-utmpx.patch
+
+	ht_fix_file Makefile*
+
+	if ! use vanilla; then
+		# This patch contains relative paths and needs to be cleaned up.
+		sed 's~^--- ../../~--- ~g' \
+			<"${DISTDIR}"/${QMAIL_TLS_F} \
+			>"${T}"/${QMAIL_TLS_F} || die
+		use ssl        && epatch "${T}"/${QMAIL_TLS_F}
+		use ssl        && epatch "${DISTDIR}"/${QMAIL_TLS_CVE}
+		use highvolume && epatch "${DISTDIR}"/${QMAIL_BIGTODO_F}
+
+		if use qmail-spp; then
+			if use ssl; then
+				epatch "${QMAIL_SPP_S}"/qmail-spp-smtpauth-tls-20060105.diff
+			else
+				epatch "${QMAIL_SPP_S}"/netqmail-spp.diff
+			fi
+			cd "${WORKDIR}" || die
+			epatch "${FILESDIR}"/genqmail-20080406-ldflags.patch
+			cd - || die
+		fi
+	fi
+
+	cd "${WORKDIR}" || die
+	epatch "${FILESDIR}"/use-new-path-for-functions.sh.patch
+	epatch "${FILESDIR}"/qmail-smtputf8.patch
+	cd - || die
+
+	qmail_src_postunpack
+
+	# Fix bug #33818 but for netqmail (Bug 137015)
+	if ! use authcram; then
+		einfo "Disabled CRAM_MD5 support"
+		sed -e 's,^#define CRAM_MD5$,/*&*/,' -i "${S}"/qmail-smtpd.c || die
+	else
+		einfo "Enabled CRAM_MD5 support"
+	fi
+}
+
+src_compile() {
+	qmail_src_compile
+	use qmail-spp && qmail_spp_src_compile
+}
+
+src_install() {
+	qmail_src_install
+}
+
+pkg_postinst() {
+	qmail_queue_setup
+	qmail_rootmail_fixup
+	qmail_tcprules_build
+
+	qmail_config_notice
+	qmail_supervise_config_notice
+	elog
+	elog "If you are looking for documentation, check those links:"
+	elog "https://www.gentoo.org/doc/en/qmail-howto.xml"
+	elog "  -- qmail/vpopmail Virtual Mail Hosting System Guide"
+	elog "http://www.lifewithqmail.com/"
+	elog "  -- Life with qmail"
+	elog
+}
+
+pkg_preinst() {
+	qmail_tcprules_fixup
+}
+
+pkg_config() {
+	# avoid some weird locale problems
+	export LC_ALL=C
+
+	qmail_config_fast
+	qmail_tcprules_config
+	qmail_tcprules_build
+
+	use ssl && qmail_ssl_generate
+}

[gentoo-commits] repo/gentoo:master commit in: mail-mta/netqmail/, mail-mta/netqmail/files/

[Joonas Niilola]

commit:     8c3963bfb197ed371f535dccfcae6004888b2f9c
Author:     Rolf Eike Beer <eike <AT> sf-mail <DOT> de>
AuthorDate: Thu Sep 19 19:04:30 2019 +0000
Commit:     Joonas Niilola <juippis <AT> gentoo <DOT> org>
CommitDate: Sat Sep 21 14:49:07 2019 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=8c3963bf

mail-mta/netqmail: clean up ebuild and patch

Signed-off-by: Rolf Eike Beer <eike <AT> sf-mail.de>
Closes: https://github.com/gentoo/gentoo/pull/12975
Signed-off-by: Joonas Niilola <juippis <AT> gentoo.org>

 mail-mta/netqmail/files/1.06-fbsd-utmpx.patch |  4 ++--
 mail-mta/netqmail/netqmail-1.06-r6.ebuild     | 10 ++++++----
 2 files changed, 8 insertions(+), 6 deletions(-)

diff --git a/mail-mta/netqmail/files/1.06-fbsd-utmpx.patch b/mail-mta/netqmail/files/1.06-fbsd-utmpx.patch
index 8500eb53e3e..0307a0d1941 100644
--- a/mail-mta/netqmail/files/1.06-fbsd-utmpx.patch
+++ b/mail-mta/netqmail/files/1.06-fbsd-utmpx.patch
@@ -1,5 +1,5 @@
---- qbiff.c.orig	2010-04-06 08:43:28.000000000 -0300
-+++ qbiff.c	2010-04-06 08:44:35.000000000 -0300
+--- a/qbiff.c	2010-04-06 08:43:28.000000000 -0300
++++ b/qbiff.c	2010-04-06 08:44:35.000000000 -0300
 @@ -1,13 +1,6 @@
  #include <sys/types.h>
  #include <sys/stat.h>

diff --git a/mail-mta/netqmail/netqmail-1.06-r6.ebuild b/mail-mta/netqmail/netqmail-1.06-r6.ebuild
index f58a3c0abad..ccdc0866b46 100644
--- a/mail-mta/netqmail/netqmail-1.06-r6.ebuild
+++ b/mail-mta/netqmail/netqmail-1.06-r6.ebuild
@@ -28,12 +28,14 @@ HOMEPAGE="
 SRC_URI="mirror://qmail/${P}.tar.gz
 	https://dev.gentoo.org/~hollow/distfiles/${GENQMAIL_F}
 	https://www.ckdhr.com/ckd/${QMAIL_LARGE_DNS}
-	http://inoa.net/qmail-tls/${QMAIL_TLS_CVE}
-	http://arnt.gulbrandsen.priv.no/qmail/qmail-smtputf8.patch
 	!vanilla? (
 		highvolume? ( mirror://qmail/${QMAIL_BIGTODO_F} )
 		qmail-spp? ( mirror://sourceforge/qmail-spp/${QMAIL_SPP_F} )
-		ssl? ( https://mirror.alexh.name/qmail/netqmail/${QMAIL_TLS_F} )
+		ssl? (
+			https://mirror.alexh.name/qmail/netqmail/${QMAIL_TLS_F}
+			http://inoa.net/qmail-tls/${QMAIL_TLS_CVE}
+			https://arnt.gulbrandsen.priv.no/qmail/qmail-smtputf8.patch
+		)
 	)
 "
 
@@ -81,7 +83,7 @@ pkg_setup() {
 		eerror
 		eerror "The QMAIL_PATCH_DIR variable for custom patches"
 		eerror "has been removed from ${PN}. If you need custom patches"
-		eerror "you should create a copy of this ebuild in an overlay."
+		eerror "see 'user patches' in the portage manual."
 		eerror
 		die "QMAIL_PATCH_DIR is not supported anymore"
 	fi

[gentoo-commits] repo/gentoo:master commit in: mail-mta/netqmail/, mail-mta/netqmail/files/

[Thomas Deutschmann]

commit:     3cd7e2b9721dbbf24cd4a5f9135236418a9c0cfa
Author:     Rolf Eike Beer <eike <AT> sf-mail <DOT> de>
AuthorDate: Tue May 19 14:16:07 2020 +0000
Commit:     Thomas Deutschmann <whissi <AT> gentoo <DOT> org>
CommitDate: Tue May 19 18:36:35 2020 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=3cd7e2b9

mail-mta/netqmail-1.06-r13: revbump for CVE-2005-1513, CVE-2005-1514, CVE-2005-1515

Bug: https://bugs.gentoo.org/721566
Signed-off-by: Rolf Eike Beer <kde <AT> opensource.sf-tec.de>
Closes: https://github.com/gentoo/gentoo/pull/15881
Signed-off-by: Thomas Deutschmann <whissi <AT> gentoo.org>

 .../files/netqmail-1.06-CVE-2005-1513.patch        |  66 ++++++
 .../files/netqmail-1.06-CVE-2005-1514.patch        |  39 ++++
 .../files/netqmail-1.06-CVE-2005-1515.patch        |  64 ++++++
 .../netqmail/files/netqmail-1.06-overflows.patch   | 223 +++++++++++++++++++++
 mail-mta/netqmail/netqmail-1.06-r13.ebuild         | 203 +++++++++++++++++++
 5 files changed, 595 insertions(+)

diff --git a/mail-mta/netqmail/files/netqmail-1.06-CVE-2005-1513.patch b/mail-mta/netqmail/files/netqmail-1.06-CVE-2005-1513.patch
new file mode 100644
index 00000000000..58af5a9cee1
--- /dev/null
+++ b/mail-mta/netqmail/files/netqmail-1.06-CVE-2005-1513.patch
@@ -0,0 +1,66 @@
+From bb92ea678c2a2a524d2ee6e9d598275a659168d2 Mon Sep 17 00:00:00 2001
+From: Rolf Eike Beer <eike@sf-mail.de>
+Date: Mon, 11 May 2020 18:30:13 +0200
+Subject: [PATCH 3/4] mimimum fix for CVE-2005-1513
+
+The first allocation at the tail of the function is not changed as that
+one starts with a small number of elements and grows only on
+subsequent call.s
+---
+ gen_allocdefs.h | 27 ++++++++++++++++++++++-----
+ 1 file changed, 22 insertions(+), 5 deletions(-)
+
+diff --git a/gen_allocdefs.h b/gen_allocdefs.h
+index 783a9b1..0588441 100644
+--- a/gen_allocdefs.h
++++ b/gen_allocdefs.h
+@@ -4,24 +4,41 @@
+ #define GEN_ALLOC_ready(ta,type,field,len,a,i,n,x,base,ta_ready) \
+ int ta_ready(x,n) register ta *x; register unsigned int n; \
+ { register unsigned int i; \
++  unsigned int nlen; \
+   if (x->field) { \
+     i = x->a; \
+     if (n > i) { \
+-      x->a = base + n + (n >> 3); \
+-      if (alloc_re(&x->field,i * sizeof(type),x->a * sizeof(type))) return 1; \
++      unsigned int nnum; \
++      if (__builtin_add_overflow(base, n, &nlen)) \
++        return 0; \
++      if (__builtin_add_overflow(nlen, n >> 3, &nlen)) \
++        return 0; \
++      if (__builtin_mul_overflow(nlen, sizeof(type), &nnum)) \
++        return 0; \
++      x->a = nlen; \
++      if (alloc_re(&x->field,i * sizeof(type),nnum)) return 1; \
+       x->a = i; return 0; } \
+     return 1; } \
+   x->len = 0; \
+   return !!(x->field = (type *) alloc((x->a = n) * sizeof(type))); }
+ 
+ #define GEN_ALLOC_readyplus(ta,type,field,len,a,i,n,x,base,ta_rplus) \
+-int ta_rplus(x,n) register ta *x; register unsigned int n; \
++int ta_rplus(x,n) register ta *x; unsigned int n; \
+ { register unsigned int i; \
+   if (x->field) { \
+     i = x->a; n += x->len; \
++    if (__builtin_add_overflow(n, x->len, &n)) \
++      return 0; \
+     if (n > i) { \
+-      x->a = base + n + (n >> 3); \
+-      if (alloc_re(&x->field,i * sizeof(type),x->a * sizeof(type))) return 1; \
++      unsigned int nlen, nnum; \
++      if (__builtin_add_overflow(base, n, &nlen)) \
++        return 0; \
++      if (__builtin_add_overflow(nlen, n >> 3, &nlen)) \
++        return 0; \
++      if (__builtin_mul_overflow(nlen, sizeof(type), &nnum)) \
++        return 0; \
++      x->a = nlen; \
++      if (alloc_re(&x->field,i * sizeof(type),nnum)) return 1; \
+       x->a = i; return 0; } \
+     return 1; } \
+   x->len = 0; \
+-- 
+2.26.1
+

diff --git a/mail-mta/netqmail/files/netqmail-1.06-CVE-2005-1514.patch b/mail-mta/netqmail/files/netqmail-1.06-CVE-2005-1514.patch
new file mode 100644
index 00000000000..3876c290b67
--- /dev/null
+++ b/mail-mta/netqmail/files/netqmail-1.06-CVE-2005-1514.patch
@@ -0,0 +1,39 @@
+From dc617a2f2d31e4c448b806791b3f8736cf9d1ffb Mon Sep 17 00:00:00 2001
+From: Rolf Eike Beer <eike@sf-mail.de>
+Date: Tue, 12 May 2020 20:06:38 +0200
+Subject: [PATCH 2/4] fix possible signed integer overflow in commands()
+ (CVE-2005-1514)
+
+Fix it as suggested by the Qualys Security Advisory team.
+---
+ commands.c | 7 ++++---
+ 1 file changed, 4 insertions(+), 3 deletions(-)
+
+diff --git a/commands.c b/commands.c
+index b0d3f61..90a50c9 100644
+--- a/commands.c
++++ b/commands.c
+@@ -10,16 +10,17 @@ int commands(ss,c)
+ substdio *ss;
+ struct commands *c;
+ {
+-  int i;
++  unsigned int i;
+   char *arg;
+ 
+   for (;;) {
+     if (!stralloc_copys(&cmd,"")) return -1;
+ 
+     for (;;) {
++      int j;
+       if (!stralloc_readyplus(&cmd,1)) return -1;
+-      i = substdio_get(ss,cmd.s + cmd.len,1);
+-      if (i != 1) return i;
++      j = substdio_get(ss,cmd.s + cmd.len,1);
++      if (j != 1) return j;
+       if (cmd.s[cmd.len] == '\n') break;
+       ++cmd.len;
+     }
+-- 
+2.26.1
+

diff --git a/mail-mta/netqmail/files/netqmail-1.06-CVE-2005-1515.patch b/mail-mta/netqmail/files/netqmail-1.06-CVE-2005-1515.patch
new file mode 100644
index 00000000000..f1df70022e1
--- /dev/null
+++ b/mail-mta/netqmail/files/netqmail-1.06-CVE-2005-1515.patch
@@ -0,0 +1,64 @@
+From 5540e1b47ac043033e6661b4e04dcaf958db0110 Mon Sep 17 00:00:00 2001
+From: Rolf Eike Beer <eike@sf-mail.de>
+Date: Mon, 11 May 2020 18:55:11 +0200
+Subject: [PATCH 1/4] fix signedness wraparound in substdio_put()
+ (CVE-2005-1515)
+
+---
+ qmail.c   |  2 +-
+ substdo.c | 14 ++++++++------
+ 2 files changed, 9 insertions(+), 7 deletions(-)
+
+diff --git a/qmail.c b/qmail.c
+index 186c092..7c86a04 100644
+--- a/qmail.c
++++ b/qmail.c
+@@ -61,7 +61,7 @@ void qmail_fail(qq) struct qmail *qq;
+   qq->flagerr = 1;
+ }
+ 
+-void qmail_put(qq,s,len) struct qmail *qq; char *s; int len;
++void qmail_put(qq,s,len) struct qmail *qq; char *s; unsigned int len;
+ {
+   if (!qq->flagerr) if (substdio_put(&qq->ss,s,len) == -1) qq->flagerr = 1;
+ }
+diff --git a/substdo.c b/substdo.c
+index fb616f7..bccf0d6 100644
+--- a/substdo.c
++++ b/substdo.c
+@@ -7,7 +7,7 @@ static int allwrite(op,fd,buf,len)
+ register int (*op)();
+ register int fd;
+ register char *buf;
+-register int len;
++register unsigned int len;
+ {
+   register int w;
+ 
+@@ -55,16 +55,18 @@ register int len;
+ int substdio_put(s,buf,len)
+ register substdio *s;
+ register char *buf;
+-register int len;
++register unsigned int len;
+ {
+-  register int n;
++  register unsigned int n = s->n; /* how many bytes to write in next chunk */
+  
+-  n = s->n;
+-  if (len > n - s->p) {
++  /* check if the input would fit in the buffer without flushing */
++  if (len > n - (unsigned int)s->p) {
+     if (substdio_flush(s) == -1) return -1;
+     /* now s->p == 0 */
+     if (n < SUBSTDIO_OUTSIZE) n = SUBSTDIO_OUTSIZE;
+-    while (len > s->n) {
++    /* as long as the remainder would not fit into s->x write it directly
++     * from buf to s->fd. */
++    while (len > (unsigned int)s->n) {
+       if (n > len) n = len;
+       if (allwrite(s->op,s->fd,buf,n) == -1) return -1;
+       buf += n;
+-- 
+2.26.1
+

diff --git a/mail-mta/netqmail/files/netqmail-1.06-overflows.patch b/mail-mta/netqmail/files/netqmail-1.06-overflows.patch
new file mode 100644
index 00000000000..d9932df972c
--- /dev/null
+++ b/mail-mta/netqmail/files/netqmail-1.06-overflows.patch
@@ -0,0 +1,223 @@
+From e8a1e037afc8729bd65d4bda36dedf444f301c0f Mon Sep 17 00:00:00 2001
+From: Rolf Eike Beer <eike@sf-mail.de>
+Date: Mon, 11 May 2020 18:30:13 +0200
+Subject: [PATCH 4/4] fix additional length overflows
+
+---
+ Makefile        |  6 +++---
+ alloc.c         | 21 ++++++++++++++-------
+ qmail-local.c   |  3 ++-
+ qmail-pop3d.c   |  3 ++-
+ quote.c         | 10 +++++++++-
+ stralloc_catb.c |  8 +++++++-
+ stralloc_opyb.c |  8 +++++++-
+ substdo.c       |  4 ++--
+ 8 files changed, 46 insertions(+), 17 deletions(-)
+
+diff --git a/Makefile b/Makefile
+index 0f0e31a..4b592c6 100644
+--- a/Makefile
++++ b/Makefile
+@@ -1673,7 +1673,7 @@ qsutil.h
+ 	./compile qsutil.c
+ 
+ quote.o: \
+-compile quote.c stralloc.h gen_alloc.h str.h quote.h
++compile quote.c stralloc.h gen_alloc.h str.h quote.h error.h
+ 	./compile quote.c
+ 
+ rcpthosts.o: \
+@@ -1965,7 +1965,7 @@ compile stralloc_cat.c byte.h stralloc.h gen_alloc.h
+ 	./compile stralloc_cat.c
+ 
+ stralloc_catb.o: \
+-compile stralloc_catb.c stralloc.h gen_alloc.h byte.h
++compile stralloc_catb.c stralloc.h gen_alloc.h byte.h error.h
+ 	./compile stralloc_catb.c
+ 
+ stralloc_cats.o: \
+@@ -1982,7 +1982,7 @@ gen_allocdefs.h
+ 	./compile stralloc_eady.c
+ 
+ stralloc_opyb.o: \
+-compile stralloc_opyb.c stralloc.h gen_alloc.h byte.h
++compile stralloc_opyb.c stralloc.h gen_alloc.h byte.h error.h
+ 	./compile stralloc_opyb.c
+ 
+ stralloc_opys.o: \
+diff --git a/alloc.c b/alloc.c
+index c661453..3ab5f6f 100644
+--- a/alloc.c
++++ b/alloc.c
+@@ -1,7 +1,6 @@
++#include <stdlib.h>
+ #include "alloc.h"
+ #include "error.h"
+-extern char *malloc();
+-extern void free();
+ 
+ #define ALIGNMENT 16 /* XXX: assuming that this alignment is enough */
+ #define SPACE 4096 /* must be multiple of ALIGNMENT */
+@@ -11,15 +10,23 @@ static aligned realspace[SPACE / ALIGNMENT];
+ #define space ((char *) realspace)
+ static unsigned int avail = SPACE; /* multiple of ALIGNMENT; 0<=avail<=SPACE */
+ 
++static char *m_alloc(unsigned int n)
++{
++  char *x = malloc(n);
++  if (!x) errno = error_nomem;
++  return x;
++}
++
+ /*@null@*//*@out@*/char *alloc(n)
+ unsigned int n;
+ {
+-  char *x;
+-  n = ALIGNMENT + n - (n & (ALIGNMENT - 1)); /* XXX: could overflow */
++  if (n >= SPACE)
++    return m_alloc(n);
++  /* Round it up to the next multiple of alignment. Could overflow if n is
++   * close to 2**32, but by the check above this is already ruled out. */
++  n = ALIGNMENT + n - (n & (ALIGNMENT - 1));
+   if (n <= avail) { avail -= n; return space + avail; }
+-  x = malloc(n);
+-  if (!x) errno = error_nomem;
+-  return x;
++  return m_alloc(n);
+ }
+ 
+ void alloc_free(x)
+diff --git a/qmail-local.c b/qmail-local.c
+index 6fec288..f5e33fd 100644
+--- a/qmail-local.c
++++ b/qmail-local.c
+@@ -1,5 +1,6 @@
+ #include <sys/types.h>
+ #include <sys/stat.h>
++#include <stdlib.h>
+ #include "readwrite.h"
+ #include "sig.h"
+ #include "env.h"
+@@ -633,7 +634,7 @@ char **argv;
+      i = j + 1;
+     }
+ 
+- recips = (char **) alloc((numforward + 1) * sizeof(char *));
++ recips = (char **) calloc(numforward + 1, sizeof(char *));
+  if (!recips) temp_nomem();
+  numforward = 0;
+ 
+diff --git a/qmail-pop3d.c b/qmail-pop3d.c
+index 0ca4f9c..1916433 100644
+--- a/qmail-pop3d.c
++++ b/qmail-pop3d.c
+@@ -1,5 +1,6 @@
+ #include <sys/types.h>
+ #include <sys/stat.h>
++#include <stdlib.h>
+ #include "commands.h"
+ #include "sig.h"
+ #include "getln.h"
+@@ -131,7 +132,7 @@ void getlist()
+   if (maildir_scan(&pq,&filenames,1,1) == -1) die_scan();
+  
+   numm = pq.p ? pq.len : 0;
+-  m = (struct message *) alloc(numm * sizeof(struct message));
++  m = (struct message *) calloc(numm, sizeof(struct message));
+   if (!m) die_nomem();
+  
+   for (i = 0;i < numm;++i) {
+diff --git a/quote.c b/quote.c
+index 659cfcd..73b7214 100644
+--- a/quote.c
++++ b/quote.c
+@@ -1,3 +1,4 @@
++#include "error.h"
+ #include "stralloc.h"
+ #include "str.h"
+ #include "quote.h"
+@@ -23,8 +24,15 @@ stralloc *sain;
+  char ch;
+  int i;
+  int j;
++ unsigned int nlen;
+ 
+- if (!stralloc_ready(saout,sain->len * 2 + 2)) return 0;
++ /* make sure the size calculation below does not overflow */
++ if (__builtin_mul_overflow(sain->len, 2, &nlen) ||
++     __builtin_add_overflow(nlen, 2, &nlen)) {
++   errno = error_nomem;
++   return 0;
++ }
++ if (!stralloc_ready(saout,nlen)) return 0;
+  j = 0;
+  saout->s[j++] = '"';
+  for (i = 0;i < sain->len;++i)
+diff --git a/stralloc_catb.c b/stralloc_catb.c
+index 67dbcc0..a315810 100644
+--- a/stralloc_catb.c
++++ b/stralloc_catb.c
+@@ -1,13 +1,19 @@
+ #include "stralloc.h"
+ #include "byte.h"
++#include "error.h"
+ 
+ int stralloc_catb(sa,s,n)
+ stralloc *sa;
+ char *s;
+ unsigned int n;
+ {
++  unsigned int i;
+   if (!sa->s) return stralloc_copyb(sa,s,n);
+-  if (!stralloc_readyplus(sa,n + 1)) return 0;
++  if (__builtin_add_overflow(n, 1, &i)) {
++    errno = error_nomem;
++    return 0;
++  }
++  if (!stralloc_readyplus(sa,i)) return 0;
+   byte_copy(sa->s + sa->len,n,s);
+   sa->len += n;
+   sa->s[sa->len] = 'Z'; /* ``offensive programming'' */
+diff --git a/stralloc_opyb.c b/stralloc_opyb.c
+index ac258b3..8a6f305 100644
+--- a/stralloc_opyb.c
++++ b/stralloc_opyb.c
+@@ -1,12 +1,18 @@
+ #include "stralloc.h"
+ #include "byte.h"
++#include "error.h"
+ 
+ int stralloc_copyb(sa,s,n)
+ stralloc *sa;
+ char *s;
+ unsigned int n;
+ {
+-  if (!stralloc_ready(sa,n + 1)) return 0;
++  unsigned int i;
++  if (__builtin_add_overflow(n, 1, &i)) {
++    errno = error_nomem;
++    return 0;
++  }
++  if (!stralloc_ready(sa,i)) return 0;
+   byte_copy(sa->s,n,s);
+   sa->len = n;
+   sa->s[n] = 'Z'; /* ``offensive programming'' */
+diff --git a/substdo.c b/substdo.c
+index bccf0d6..ad7232a 100644
+--- a/substdo.c
++++ b/substdo.c
+@@ -38,9 +38,9 @@ register substdio *s;
+ int substdio_bput(s,buf,len)
+ register substdio *s;
+ register char *buf;
+-register int len;
++register unsigned int len;
+ {
+-  register int n;
++  register unsigned int n;
+  
+   while (len > (n = s->n - s->p)) {
+     byte_copy(s->x + s->p,n,buf); s->p += n; buf += n; len -= n;
+-- 
+2.26.1
+

diff --git a/mail-mta/netqmail/netqmail-1.06-r13.ebuild b/mail-mta/netqmail/netqmail-1.06-r13.ebuild
new file mode 100644
index 00000000000..56be4e1891c
--- /dev/null
+++ b/mail-mta/netqmail/netqmail-1.06-r13.ebuild
@@ -0,0 +1,203 @@
+# Copyright 1999-2020 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=7
+
+GENQMAIL_PV=20191010
+QMAIL_SPP_PV=0.42
+
+QMAIL_TLS_PV=20190114
+QMAIL_TLS_F=${PN}-1.05-tls-smtpauth-${QMAIL_TLS_PV}.patch
+QMAIL_TLS_CVE=vu555316.patch
+
+QMAIL_BIGTODO_PV=103
+QMAIL_BIGTODO_F=big-todo.${QMAIL_BIGTODO_PV}.patch
+
+QMAIL_LARGE_DNS='qmail-103.patch'
+
+QMAIL_SMTPUTF8='qmail-smtputf8.patch'
+
+inherit qmail
+
+DESCRIPTION="qmail -- a secure, reliable, efficient, simple message transfer agent"
+HOMEPAGE="
+	http://netqmail.org
+	https://cr.yp.to/qmail.html
+	http://qmail.org
+"
+SRC_URI="mirror://qmail/${P}.tar.gz
+	https://github.com/DerDakon/genqmail/releases/download/genqmail-${GENQMAIL_PV}/${GENQMAIL_F}
+	https://www.ckdhr.com/ckd/${QMAIL_LARGE_DNS}
+	!vanilla? (
+		highvolume? ( mirror://qmail/${QMAIL_BIGTODO_F} )
+		qmail-spp? ( mirror://sourceforge/qmail-spp/${QMAIL_SPP_F} )
+		ssl? (
+			https://mirror.alexh.name/qmail/netqmail/${QMAIL_TLS_F}
+			http://inoa.net/qmail-tls/${QMAIL_TLS_CVE}
+			https://arnt.gulbrandsen.priv.no/qmail/qmail-smtputf8.patch
+		)
+	)
+"
+
+LICENSE="public-domain"
+SLOT="0"
+KEYWORDS="~alpha amd64 ~arm hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 sparc ~x86"
+IUSE="authcram gencertdaily highvolume libressl pop3 qmail-spp ssl vanilla"
+REQUIRED_USE="vanilla? ( !ssl !qmail-spp !highvolume )"
+RESTRICT="test"
+
+DEPEND="
+	acct-group/nofiles
+	acct-group/qmail
+	acct-user/alias
+	acct-user/qmaild
+	acct-user/qmaill
+	acct-user/qmailp
+	acct-user/qmailq
+	acct-user/qmailr
+	acct-user/qmails
+	net-dns/libidn2
+	net-mail/queue-repair
+	sys-apps/gentoo-functions
+	sys-apps/groff
+	ssl? (
+		!libressl? ( >=dev-libs/openssl-1.1:0= )
+		libressl? ( dev-libs/libressl:= )
+	)
+"
+RDEPEND="${DEPEND}
+	sys-apps/ucspi-tcp
+	virtual/checkpassword
+	virtual/daemontools
+	authcram? ( >=net-mail/cmd5checkpw-0.30 )
+	ssl? (
+		pop3? ( sys-apps/ucspi-ssl )
+	)
+	!mail-mta/courier
+	!mail-mta/esmtp
+	!mail-mta/exim
+	!mail-mta/mini-qmail
+	!mail-mta/msmtp[mta]
+	!mail-mta/nullmailer
+	!mail-mta/opensmtpd
+	!mail-mta/postfix
+	!mail-mta/qmail-ldap
+	!mail-mta/sendmail
+	!mail-mta/ssmtp[mta]
+"
+
+pkg_setup() {
+	if [[ -n "${QMAIL_PATCH_DIR}" ]]; then
+		eerror
+		eerror "The QMAIL_PATCH_DIR variable for custom patches"
+		eerror "has been removed from ${PN}. If you need custom patches"
+		eerror "see 'user patches' in the portage manual."
+		eerror
+		die "QMAIL_PATCH_DIR is not supported anymore"
+	fi
+}
+
+src_unpack() {
+	genqmail_src_unpack
+	use qmail-spp && qmail_spp_src_unpack
+
+	unpack ${P}.tar.gz
+}
+
+PATCHES=(
+	"${FILESDIR}/${PV}-exit.patch"
+	"${FILESDIR}/${PV}-readwrite.patch"
+	"${DISTDIR}/${QMAIL_LARGE_DNS}"
+	"${FILESDIR}/${PV}-fbsd-utmpx.patch"
+	"${FILESDIR}/${P}-ipme-multiple.patch"
+	"${FILESDIR}/${P}-any-to-cname.patch"
+	"${FILESDIR}/${P}-CVE-2005-1513.patch"
+	"${FILESDIR}/${P}-CVE-2005-1514.patch"
+	"${FILESDIR}/${P}-CVE-2005-1515.patch"
+	"${FILESDIR}/${P}-overflows.patch"
+)
+
+src_prepare() {
+	if ! use vanilla; then
+		if use ssl; then
+			# This patch contains relative paths and needs to be cleaned up.
+			sed 's~^--- \.\./\.\./~--- ~g' \
+				< "${DISTDIR}"/${QMAIL_TLS_F} \
+				> "${T}"/${QMAIL_TLS_F} || die
+			PATCHES+=( "${T}/${QMAIL_TLS_F}"
+				"${DISTDIR}/${QMAIL_TLS_CVE}"
+				"${FILESDIR}/qmail-smtputf8.patch"
+				"${FILESDIR}/qmail-smtputf8-crlf-fix.patch"
+			)
+		fi
+		if use highvolume; then
+			PATCHES+=( "${DISTDIR}/${QMAIL_BIGTODO_F}" )
+		fi
+
+		if use qmail-spp; then
+			if use ssl; then
+				SPP_PATCH="${QMAIL_SPP_S}/qmail-spp-smtpauth-tls-20060105.diff"
+			else
+				SPP_PATCH="${QMAIL_SPP_S}/netqmail-spp.diff"
+			fi
+			# make the patch work with "-p1"
+			sed -e 's#^--- \([Mq]\)#--- a/\1#' -e 's#^+++ \([Mq]\)#+++ b/\1#' -i ${SPP_PATCH} || die
+
+			PATCHES+=( "${SPP_PATCH}" )
+		fi
+	fi
+
+	default
+
+	qmail_src_postunpack
+
+	# Fix bug #33818 but for netqmail (Bug 137015)
+	if ! use authcram; then
+		einfo "Disabled CRAM_MD5 support"
+		sed -e 's,^#define CRAM_MD5$,/*&*/,' -i "${S}"/qmail-smtpd.c || die
+	else
+		einfo "Enabled CRAM_MD5 support"
+	fi
+
+	ht_fix_file Makefile*
+}
+
+src_compile() {
+	qmail_src_compile
+	use qmail-spp && qmail_spp_src_compile
+}
+
+src_install() {
+	qmail_src_install
+}
+
+pkg_postinst() {
+	qmail_queue_setup
+	qmail_rootmail_fixup
+	qmail_tcprules_build
+
+	qmail_config_notice
+	qmail_supervise_config_notice
+	elog
+	elog "If you are looking for documentation, check those links:"
+	elog "https://wiki.gentoo.org/wiki/Virtual_mail_hosting_with_qmail"
+	elog "  -- qmail/vpopmail Virtual Mail Hosting System Guide"
+	elog "http://www.lifewithqmail.com/"
+	elog "  -- Life with qmail"
+	elog
+}
+
+pkg_preinst() {
+	qmail_tcprules_fixup
+}
+
+pkg_config() {
+	# avoid some weird locale problems
+	export LC_ALL=C
+
+	qmail_config_fast
+	qmail_tcprules_config
+	qmail_tcprules_build
+
+	use ssl && qmail_ssl_generate
+}