commit 53a6b89cf418477ff56575bbf55a993e508ea9e1f7365c13e8263e26cb8a96b3 Author: Adrian Schröter Date: Fri May 3 14:55:37 2024 +0200 Sync from SUSE:SLFO:Main libesmtp revision 71bef88114f753ec5a8b921a776e6203 diff --git a/.gitattributes b/.gitattributes new file mode 100644 index 0000000..9b03811 --- /dev/null +++ b/.gitattributes @@ -0,0 +1,23 @@ +## Default LFS +*.7z filter=lfs diff=lfs merge=lfs -text +*.bsp filter=lfs diff=lfs merge=lfs -text +*.bz2 filter=lfs diff=lfs merge=lfs -text +*.gem filter=lfs diff=lfs merge=lfs -text +*.gz filter=lfs diff=lfs merge=lfs -text +*.jar filter=lfs diff=lfs merge=lfs -text +*.lz filter=lfs diff=lfs merge=lfs -text +*.lzma filter=lfs diff=lfs merge=lfs -text +*.obscpio filter=lfs diff=lfs merge=lfs -text +*.oxt filter=lfs diff=lfs merge=lfs -text +*.pdf filter=lfs diff=lfs merge=lfs -text +*.png filter=lfs diff=lfs merge=lfs -text +*.rpm filter=lfs diff=lfs merge=lfs -text +*.tbz filter=lfs diff=lfs merge=lfs -text +*.tbz2 filter=lfs diff=lfs merge=lfs -text +*.tgz filter=lfs diff=lfs merge=lfs -text +*.ttf filter=lfs diff=lfs merge=lfs -text +*.txz filter=lfs diff=lfs merge=lfs -text +*.whl filter=lfs diff=lfs merge=lfs -text +*.xz filter=lfs diff=lfs merge=lfs -text +*.zip filter=lfs diff=lfs merge=lfs -text +*.zst filter=lfs diff=lfs merge=lfs -text diff --git a/add_ntlm.patch b/add_ntlm.patch new file mode 100644 index 0000000..ac9a363 --- /dev/null +++ b/add_ntlm.patch @@ -0,0 +1,84 @@ +From 1c304e7886a08fb56485e41614ff3f8685afb59d Mon Sep 17 00:00:00 2001 +From: Jiaqing Zhao +Date: Tue, 8 Mar 2022 15:05:32 +0000 +Subject: [PATCH] Add build option for NTLM support + +Currently, NTLM plugin is built by default when openssl is available +and STARTTLS is enabled. But in libesmtp 1.0.6, there is a separate +build option. This commits adds the 'ntlm' option back. It's also +disabled by default. + +Like 1.0.6, it will check openssl MD4 algorithm support as MD4 is +insecure and modern systems may drop MD4 support. + +Signed-off-by: Jiaqing Zhao +--- + meson.build | 13 ++++++++++--- + meson_options.txt | 1 + + ntlm/meson.build | 2 +- + 3 files changed, 12 insertions(+), 4 deletions(-) + +Index: libESMTP-1.1.0/meson.build +=================================================================== +--- libESMTP-1.1.0.orig/meson.build ++++ libESMTP-1.1.0/meson.build +@@ -63,6 +63,7 @@ add_project_arguments(cc.get_supported_a + ################################################################################ + dldep = cc.find_library('dl') + ssldep = dependency('openssl', version : '>=1.1.0', required : get_option('tls')) ++ntlmdep = dependency('openssl', version : '>=1.1.0', required : get_option('ntlm')) + threaddep = dependency('threads', required : get_option('pthreads')) + + #XXX add test for libbind9.so +@@ -71,6 +72,7 @@ lwresdep = cc.find_library('lwres', requ + deps = [ + dldep, + ssldep, ++ ntlmdep, + threaddep, + lwresdep, + ] +@@ -220,8 +222,12 @@ include_dir = include_directories('.') + subdir('login') + subdir('plain') + subdir('crammd5') +-if ssldep.found() +- subdir('ntlm') ++if ntlmdep.found() ++ if cc.has_header('openssl/md4.h') and cc.has_function('MD4_Init', dependencies : ntlmdep) ++ subdir('ntlm') ++ else ++ error('MD4 is not supported in current openssl, unable to build NTLM plugin') ++ endif + endif + + ################################################################################ +@@ -247,4 +253,5 @@ summary({'current:revision:age': libesmt + 'STARTTLS': ssldep.found(), + 'CHUNKING': get_option('bdat'), + 'ETRN': get_option('etrn'), +- 'XUSR': get_option('xusr')}) ++ 'XUSR': get_option('xusr'), ++ 'NTLM': ntlmdep.found()}) +Index: libESMTP-1.1.0/meson_options.txt +=================================================================== +--- libESMTP-1.1.0.orig/meson_options.txt ++++ libESMTP-1.1.0/meson_options.txt +@@ -5,3 +5,4 @@ option('lwres', type : 'feature', value + option('bdat', type : 'boolean', value : 'true', description : 'enable SMTP BDAT extension') + option('etrn', type : 'boolean', value : 'true', description : 'enable SMTP ETRN extension') + option('xusr', type : 'boolean', value : 'true', description : 'enable sendmail XUSR extension') ++option('ntlm', type : 'feature', value : 'disabled', description : 'build with support for NTLM authentication') +Index: libESMTP-1.1.0/ntlm/meson.build +=================================================================== +--- libESMTP-1.1.0.orig/ntlm/meson.build ++++ libESMTP-1.1.0/ntlm/meson.build +@@ -5,7 +5,7 @@ sasl_ntlm_sources = [ + 'ntlmstruct.c', + ] + +-ntlm_deps = [ ssldep, ] ++ntlm_deps = [ ntlmdep, ] + + sasl_ntlm = shared_module('ntlm', sasl_ntlm_sources, + name_prefix : 'sasl-', diff --git a/libesmtp-1.1.0.tar.gz b/libesmtp-1.1.0.tar.gz new file mode 100644 index 0000000..5b84482 --- /dev/null +++ b/libesmtp-1.1.0.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:32bc3614ca12d21c7d933f32d43410e8744b6f91fdca7732da9877a385e4e6c3 +size 169134 diff --git a/libesmtp.changes b/libesmtp.changes new file mode 100644 index 0000000..e4541e3 --- /dev/null +++ b/libesmtp.changes @@ -0,0 +1,157 @@ +------------------------------------------------------------------- +Tue Dec 27 10:32:59 UTC 2022 - Paolo Stivanin + +- Update to 1.1.0: + * CVE-2019-19977: avoid potential stack overflow in NTLM authenticator. + * Migrate build system to Meson + * Remove GNU libltdl support, assume dlopen() always available. + * Use a linker map to restrict public symbols to API only. + * Add sentinel and ‘format printf’ attributes to function declarations. + * Remove getaddrinfo() implementation. + * Use strlcpy() for safer string copies, provide implementation + for systems that need it. + * Update ‘application data’ APIs + * Add ‘smtp_get_server_name()’ API. + * Collect replacement functions into missing.c + * Prohibit Resent-Reply-To: header. + * Use canonic domain name of MTA where known + * Implement rfc2822date() with strftime() if available. + * add option for XDG file layout convention instead of ~/.authenticate + * OpenSSL + + Remove support for OpenSSL versions before v1.1.0 + + Update OpenSSL API calls used for modern versions + + Require TLS v1 or higher + * Add add_ntlm.patch + * Drop the following patches: + + libesmtp-removedecls.diff + + libesmtp-1.0.4-bloat.patch + + libesmtp-fix-cve-2019-19977.patch + + libesmtp-openssl11.patch + + libesmtp-tlsv12.patch + +------------------------------------------------------------------- +Fri Aug 6 09:16:53 UTC 2021 - Yifan Jiang + +- Add libesmtp-fix-cve-2019-19977.patch: Fix stack-based buffer + over-read in ntlm/ntlmstruct.c (bsc#1160462 bsc#1189097). + +------------------------------------------------------------------- +Mon Jan 14 14:50:46 CET 2019 - kukuk@suse.de + +- Use %license instead of %doc [bsc#1082318] + +------------------------------------------------------------------- +Sat Mar 3 16:32:02 UTC 2018 - jengelh@inai.de + +- Drop ineffective --with-pic. Drop %__-type macro indirections. + Drop redundant %clean section. +- Implement shared library packaging guideline. + +------------------------------------------------------------------- +Fri Feb 16 20:12:12 UTC 2018 - crrodriguez@opensuse.org + +- SSL support was silently lost on openSSL 1.1 update. + libesmtp-openssl11.patch makes things work again. + +------------------------------------------------------------------- +Fri Sep 30 14:58:41 UTC 2016 - crrodriguez@opensuse.org + +- Add libesmtp-tlsv12.patch: All TLS clients must support and use + the highest TLS version available if possible not only TLS 1.0. + Patch sent to upstream long time ago, no response. website + has also vanished from the internet (bsc#1005909). +- Pass --disable-isoc to configure, pick the compiler's default C + standard mode (currently gnu11). + +------------------------------------------------------------------- +Mon Feb 4 14:39:53 UTC 2013 - coolo@suse.com + +- update license to new format + +------------------------------------------------------------------- +Tue Aug 10 14:37:42 CEST 2010 - dimstar@opensuse.org + +- Update to version 1.0.6: + + Each component matched by match-domain() is either a single + '*' which matches anything or a case-insensitive comparison + with a string of alphanumeric characters or a '-'. +- Changes from version 1.0.5: + + The Gmail server reports enhanced status codes but then fails + to provide them in some cases. The parser is now tolerant of + this but warns the application using a new event flag + SMTP_EV_SYNTAXWARNING that it is progressing despite the syntax + error. + + Fixed bug where To, Cc, Bcc etc. accepted only single values + instead of a list. + + Fix reversed comparison on the return value of gettimeofday(). +- Drop upstream fixed patches libesmtp-1.0.4-multiple-cc.patch and + libestmp-commonname.diff. +- Cleaned spec file using spec-cleaner. + +------------------------------------------------------------------- +Wed Apr 28 08:16:43 UTC 2010 - freitag@novell.com + +- Add libestmp-commonname.diff to do stricter check on commonName + bnc#585393. + +------------------------------------------------------------------- +Wed Aug 06 13:52:23 CEST 2008 - bwalle@suse.de + +- allow multiple calls of smtp_set_header() for Cc and Bcc headers +- disable lwres because we don't want to have a daemon (the lwresd) + running just for address resolution + +------------------------------------------------------------------- +Tue Sep 4 16:41:52 CEST 2007 - mrueckert@suse.de + +- remove postfix from the buildrequires +- do not package generic INSTALL file + +------------------------------------------------------------------- +Tue Sep 4 09:37:02 CEST 2007 - crrodriguez@suse.de + +- fix #307257 missing requires of the libesmtp-devel package + +------------------------------------------------------------------- +Wed Jan 25 21:32:18 CET 2006 - mls@suse.de + +- converted neededforbuild to BuildRequires + +------------------------------------------------------------------- +Tue Jan 17 14:27:06 CET 2006 - lmichnovic@suse.cz + +- Updated to version 1.0.4 +- enabled support for lwres: lwres_includedir.patch; bind-devel added into NFB +- enabled support for ntlm, etrn + +------------------------------------------------------------------- +Wed Nov 2 21:47:32 CET 2005 - dmueller@suse.de + +- don't build as root + +------------------------------------------------------------------- +Mon Sep 26 22:05:45 CEST 2005 - mls@suse.de + +- move .so symlink into devel package +- make devel package require base package + +------------------------------------------------------------------- +Sun May 8 18:08:46 CEST 2005 - mmj@suse.de + +- Don't declare things we have for sure on linux + +------------------------------------------------------------------- +Fri Mar 26 11:43:50 CET 2004 - mmj@suse.de + +- Add postfix to # neededforbuild + +------------------------------------------------------------------- +Thu Feb 19 14:53:54 CET 2004 - sbrabec@suse.cz + +- Updated to version 1.0.2. + +------------------------------------------------------------------- +Wed Jul 30 08:36:09 CEST 2003 - hhetter@suse.de + +- initial SuSE package + diff --git a/libesmtp.spec b/libesmtp.spec new file mode 100644 index 0000000..d2b5924 --- /dev/null +++ b/libesmtp.spec @@ -0,0 +1,90 @@ +# +# spec file for package libesmtp +# +# Copyright (c) 2022 SUSE LLC +# +# All modifications and additions to the file contributed by third parties +# remain the property of their copyright owners, unless otherwise agreed +# upon. The license for this file, and modifications and additions to the +# file, is the same license as for the pristine package itself (unless the +# license for the pristine package is not an Open Source License, in which +# case the license is the MIT License). An "Open Source License" is a +# license that conforms to the Open Source Definition (Version 1.9) +# published by the Open Source Initiative. + +# Please submit bugfixes or comments via https://bugs.opensuse.org/ +# + + +%define so_ver 6.2.0 +%define lname libesmtp6_2_0 +Name: libesmtp +Version: 1.1.0 +Release: 0 +Summary: A Library for Posting Electronic Mail +License: GPL-2.0-or-later AND LGPL-2.1-or-later +Group: Development/Libraries/C and C++ +URL: https://libesmtp.github.io/ +Source0: https://github.com/libesmtp/libESMTP/archive/refs/tags/v%{version}.tar.gz#/%{name}-%{version}.tar.gz +Patch0: add_ntlm.patch +BuildRequires: libtool +BuildRequires: meson >= 0.50.0 +BuildRequires: openssl-devel >= 1.1.0 +BuildRequires: pkgconfig +BuildRequires: pkgconfig(libntlm) + +%description +libESMTP is a library to manage posting (or submission of) electronic +mail using SMTP to a preconfigured Mail Transport Agent (MTA). It may +be used as part of a Mail User Agent (MUA) or another program that +must be able to post electronic mail but where mail functionality is +not that program's primary purpose. + +%package -n %{lname} +Summary: A Library for Posting Electronic Mail +Group: System/Libraries + +%description -n %{lname} +libESMTP is a library to manage posting (or submission of) electronic +mail using SMTP to a preconfigured Mail Transport Agent (MTA). It may +be used as part of a Mail User Agent (MUA) or another program that +must be able to post electronic mail but where mail functionality is +not that program's primary purpose. + +%package devel +Summary: A Library for Posting Electronic Mail +Group: Development/Libraries/C and C++ +Requires: %{lname} = %{version} + +%description devel +libESMTP is a library to manage posting (or submission of) electronic +mail using SMTP to a preconfigured Mail Transport Agent (MTA). + +This subpackage contains the API definition files. + +%prep +%autosetup -p1 -n libESMTP-%{version} + +%build +%meson \ + -Dntlm=enabled +%meson_build + +%install +%meson_install + +%post -n %{lname} -p /sbin/ldconfig +%postun -n %{lname} -p /sbin/ldconfig + +%files -n %{lname} +%license LICENSE +%doc README.md docs/* +%{_libdir}/esmtp-plugins-%{so_ver} +%{_libdir}/libesmtp.so.%{so_ver} + +%files devel +%{_includedir}/*.h +%{_libdir}/libesmtp.so +%{_libdir}/pkgconfig/libesmtp-1.0.pc + +%changelog