SHA256
1
0
forked from pool/postfix

Accepting request 320339 from home:msmeissn:branches:server:mail

- postfix-no-md5.patch: replace fingerprint defaults by sha1.

- %verifyscript is a new section, move it out of the %ifdef
  so the fillups are run afterwards.

OBS-URL: https://build.opensuse.org/request/show/320339
OBS-URL: https://build.opensuse.org/package/show/server:mail/postfix?expand=0&rev=224
This commit is contained in:
Peter Varkoly 2015-08-11 14:10:15 +00:00 committed by Git OBS Bridge
parent 9f23f174f6
commit ec92bf34f4
3 changed files with 46 additions and 5 deletions

25
postfix-no-md5.patch Normal file
View File

@ -0,0 +1,25 @@
Index: postfix-2.11.0/src/global/mail_params.h
===================================================================
--- postfix-2.11.0.orig/src/global/mail_params.h
+++ postfix-2.11.0/src/global/mail_params.h
@@ -1300,7 +1300,7 @@ extern char *var_smtpd_tls_excl_ciph;
extern char *var_smtpd_tls_mand_excl;
#define VAR_SMTPD_TLS_FPT_DGST "smtpd_tls_fingerprint_digest"
-#define DEF_SMTPD_TLS_FPT_DGST "md5"
+#define DEF_SMTPD_TLS_FPT_DGST "sha1"
extern char *var_smtpd_tls_fpt_dgst;
#define VAR_SMTPD_TLS_512_FILE "smtpd_tls_dh512_param_file"
@@ -1449,9 +1449,9 @@ extern char *var_smtp_tls_excl_ciph;
extern char *var_smtp_tls_mand_excl;
#define VAR_SMTP_TLS_FPT_DGST "smtp_tls_fingerprint_digest"
-#define DEF_SMTP_TLS_FPT_DGST "md5"
+#define DEF_SMTP_TLS_FPT_DGST "sha1"
#define VAR_LMTP_TLS_FPT_DGST "lmtp_tls_fingerprint_digest"
-#define DEF_LMTP_TLS_FPT_DGST "md5"
+#define DEF_LMTP_TLS_FPT_DGST "sha1"
extern char *var_smtp_tls_fpt_dgst;
#define VAR_SMTP_TLS_TAFILE "smtp_tls_trust_anchor_file"

View File

@ -1,3 +1,14 @@
-------------------------------------------------------------------
Tue Aug 4 09:09:04 UTC 2015 - meissner@suse.com
- postfix-no-md5.patch: replace fingerprint defaults by sha1.
-------------------------------------------------------------------
Tue Aug 4 09:07:25 UTC 2015 - meissner@suse.com
- %verifyscript is a new section, move it out of the %ifdef
so the fillups are run afterwards.
-------------------------------------------------------------------
Wed Jul 22 16:44:44 UTC 2015 - michael@stroeder.com

View File

@ -78,6 +78,7 @@ Patch100: %{name}-vda-v13-2.10.0.patch
Patch101: postfix-db6.diff
#PATCH-FIX-SLE PATCH-FIX-OPENSUSE to be able to build the agent tls_proxy
Patch102: add_missed_library.patch
Patch103: postfix-no-md5.patch
BuildRequires: cyrus-sasl-devel
BuildRequires: db-devel
BuildRequires: libopenssl-devel
@ -171,6 +172,7 @@ PostgreSQL.
%patch100 -p1
%patch101
%patch102
%patch103 -p1
# ---------------------------------------------------------------------------
%build
@ -454,17 +456,20 @@ fi
%set_permissions %{_sysconfdir}/%{name}/sasl_passwd
%set_permissions %{_sbindir}/sendmail
%verifyscript
%verify_permissions -e %{_sbindir}/postqueue
%verify_permissions -e %{_sbindir}/postdrop
%verify_permissions -e %{_sysconfdir}/%{name}/sasl_passwd
%verify_permissions -e %{_sbindir}/sendmail
%{fillup_only -y postfix}
%else
%{fillup_and_insserv -y postfix}
%endif
%{fillup_only -an mail}
/sbin/ldconfig
%if 0%{?suse_version} > 1210
%verifyscript
%verify_permissions -e %{_sbindir}/postqueue
%verify_permissions -e %{_sbindir}/postdrop
%verify_permissions -e %{_sysconfdir}/%{name}/sasl_passwd
%verify_permissions -e %{_sbindir}/sendmail
%endif
# ---------------------------------------------------------------------------
%postun