mail/opensmtpd: Moved man to share/man

Approved by:    portmgr (blanket)

mail/opensmtpd: Use the correct OpenSSL idiom to load the trust store.

Fixes:		bde578cbfcf9
PR:		274322
MFH:		2023Q4
Approved by:	fluffy
Differential Revision:	https://reviews.freebsd.org/D42123

mail/opensmtpd: Remove unneeded CA_BUNDLE option.

MFH:		2023Q4
Approved by:	fluffy
Differential Revision:	https://reviews.freebsd.org/D42073

mail/opensmtpd: update to 7.3.0p2

PR:	272047
Release Notes:	https://github.com/OpenSMTPD/OpenSMTPD/releases/tag/7.3.0p0
		https://github.com/OpenSMTPD/OpenSMTPD/releases/tag/7.3.0p1
		https://github.com/OpenSMTPD/OpenSMTPD/releases/tag/7.3.0p2

Remove WWW entries moved into port Makefiles

Commit b7f05445c00f has added WWW entries to port Makefiles based on
WWW: lines in pkg-descr files.

This commit removes the WWW: lines of moved-over URLs from these
pkg-descr files.

Approved by:		portmgr (tcberner)

Add WWW entries to port Makefiles

It has been common practice to have one or more URLs at the end of the
ports' pkg-descr files, one per line and prefixed with "WWW:". These
URLs should point at a project website or other relevant resources.

Access to these URLs required processing of the pkg-descr files, and
they have often become stale over time. If more than one such URL was
present in a pkg-descr file, only the first one was tarnsfered into
the port INDEX, but for many ports only the last line did contain the
port specific URL to further information.

There have been several proposals to make a project URL available as
a macro in the ports' Makefiles, over time.

mail: remove 'Created by' lines

A big Thank You to the original contributors of these ports:

  *  <ashish@FreeBSD.org>
  *  Aaron Dalton <aaron@FreeBSD.org>
  *  Adam David <adam@FreeBSD.org>
  *  Adam McDougall <mcdouga9@egr.msu.edu>
  *  Adam Weinberger <adamw@FreeBSD.org>
  *  Ade Lovett <ade@FreeBSD.org>
  *  Akinori MUSHA aka knu <knu@idaemons.org>
  *  Alex Deiter <tiamat@komi.mts.ru>
  *  Alex Dupre <ale@FreeBSD.org>
  *  Alex Dupre <sysadmin@alexdupre.com>
  *  Alex Perel <veers@disturbed.net>

*/*: Remove redundant '-[0-9]*' from CONFLICTS_INSTALL

The conflict checks compare the patterns first against the package
names without version (as reported by "pkg query "%n"), then - if
there was no match - agsinst the full package names including the
version (as reported by "pkg query "%n-%v").

Approved by: portmgr (blanket)

cleanup: drop support for EOL FreeBSD 11.X

Search criteria used:
- 11.4
- OSREL*
- OSVER*
- *_FreeBSD_11

Input from:
- adridg: devel/qca-legacy
- jbeich: _WITH_DPRINTF, _WITH_GETLINE, GNU bfd workarounds
- sunpoet: security/p5-*OpenSSL*

Reviewed by:	doceng, kde, multimedia, perl, python, ruby, rust
Differential Revision: https://reviews.freebsd.org/D32008
Test Plan: make index

all: Remove all other $FreeBSD keywords.

Remove # $FreeBSD$ from Makefiles.

mail/opensmtpd: update to 6.8.0p2 portable release

mail/opensmtpd: update to 6.7.1p1 portable release

- fixes a packaging issue causing asr.h to be installed in target system
- fixes a possible crash in the MTA when establishing IPv6 connections

mail/opensmtpd: update to 6.7.0p1 portable release

Changes in this release:
========================

New Features:

- Allowed use of the smtpd(8) session username in built-in filters when
available.
- Introduced a bypass keyword to smtpd(8) so that built-in filters can bypass
processing when a condition is met.
- Allowed use of 'auth' as an origin in smtpd.conf(5).
- Allowed use of mail-from and rctp-to as for and from parameters in
smtpd.conf(5).

Bug fixes:

- Ensured legacy ssl(8) session ID is persistent during a client TLS session,
fixing an issue using TLSv1.3 with smtp.mail.yahoo.com.
- Fixed security vulnerabilities in smtpd(8). Corrected an out-of-bounds read in
smtpd allowing an attacker to inject arbitrary commands into the envelope file
to be executed as root, and ensured privilege revocation in smtpctl(8) to
prevent arbitrary commands from being run with the _smtpq group.
- Allowed mail.local(8) to be run as non-root, opening a pipe to lockspool(1)
for file locking.
- Fixed a security vulnerability in smtpd(8) which could lead to a privilege
escalation on mbox deliveries and unprivileged code execution on lmtp
deliveries.
- Added support for CIDR in a: spf atoms in smtpd(8).
- Fixed a possible crash in smtpd(8) when combining "from rdns" with nested
virtual aliases under a particular configuration.

Fix missed '\' at line end

Pointyhat to: fluffy

mail/opensmtpd: We not need to care about OpenBSD here

Make configure args for mbox path unconditional

Noted by:	mat

mail/opensmtpd: honor hier(1) for mbox homedir

By default, OpenSMTPd rely on OpenBSD defaults, /var/spool/mail, instead of
/var/mail
Point it on /var/mail on all supported platforms != OpenBSD

Reported by:	Denis Fortin via private mail
MFH:		2020Q1

mail/opensmtpd: update to 6.6.4p1 security releaase

SECURITY RELEASE

An out of bounds read in smtpd allows an attacker to inject arbitrary commands
into the envelope file which are then executed as root. Separately, missing
privilege revocation in smtpctl allows arbitrary commands to be run with the
_smtpq group.

MFH:		2020Q1

mail/opensmtpd: update to 6.6.3p1 release

- switch default configuration to maildir
- allow mbox to deliver to users without requiring privileges in the daemon
- allow lmtp to receive sender/recipient in environment

MFH:		2020Q1

mil/opensmtpd: update to 6.6.2p1 relase

This update addressed LPE and RCE vulnerabilities in OpenSMTPD (CVE-2020-7247)
https://www.openwall.com/lists/oss-security/2020/01/28/3

This vulnerability is exploitable since May 2018 (commit a8e222352f, "switch
smtpd to new grammar") and allows an attacker to execute arbitrary shell
commands, as root:

- either locally, in OpenSMTPD's default configuration (which listens on
  the loopback interface and only accepts mail from localhost);

- or locally and remotely, in OpenSMTPD's "uncommented" default
  configuration (which listens on all interfaces and accepts external
  mail).

PR:		243686
Reported by:	authors via irc
MFH:		2020Q1
Relnotes:	https://www.mail-archive.com/misc@opensmtpd.org/msg04850.html

Chase rename of security/openssl111

 - Categories a-m

MFH:		2020Q1

- Update OpenSMTPd to 6.6.1p1 portable release

- Update OpenSMTPd to 6.6.0 portable release
    This release builds with LibreSSL > 3.0.2 or OpenSSL > 1.1.0.
    FreeBSD 11.x users should update to 12.x/13.x or switch system-wide
    default ssl library to openssl111/libressl

- Update -extras to 6.4.0 release
    Filters still missing, corresponded ports temporary markes
    as IGNORED

PR:		213442,228937
MFH:		2019Q4

onvert to UCL & cleanup pkg-message (categories l-m)

devel/libevent2: update to 2.1.11

Changes:	https://github.com/libevent/libevent/releases/tag/release-2.1.11-stable
ABI:		https://abi-laboratory.pro/tracker/timeline/libevent/
PR:		239599
Reported by:	GitHub (watch releases)
Approved by:	zeising (maintainer)
MFH:		2019Q3 (maybe security, partially restores 2.1.8 ABI)
Differential Revision:	https://reviews.freebsd.org/D21133

- Unbreak on 12+ with SSL_DEFAULT=libressl[-devel]

Submitted by:	gahr

- While major 6.4 update still cooking (authors dropped openssl support at all
  in favor of libressl), mark OpenSMTPd as BROKEN with openssl 1.1.x api
- Use https in pkg-descr url

MFH:		2018Q4

- Update WWW

Approved by:	portmgr blanket

- Prevent OpenSMTPD session hangs and retain a descriptor forever on empty body
    (i.e. when the dot appears on the line directly after the headers).
    This could be used by an attacker to exhaust resources.

PR:		227899
Submitted by:	grembo
Obtained from:	OpenSMTPD git repo (backported)
MFH:		2018Q2

- Pet MDA part, add brackets around Return-Path as per RFC5322 SS3.6.6.

Missing brackets lead to a panic when a malformed address line
is fed to dovecot-lda

Submitted by:	gahr
Reported by:	brnrd via dovecot ML
Obtained
from:	https://github.com/OpenSMTPD/OpenSMTPD/pull/847/commits/725ba4fa2ddf23bbcd1ff9ec92e86bbfaa6825c8

- Drop OPENSSL_PORT redefine, it was used for OSVERSION<103000 [1];
  follow system-wide DEFAULT_VERSIONS+= ssl=<openssl variant>
- Sort plist
- @sample config

PR:		225067 [1]
Reported by:	Charlie Li [1]

Register dependency on groff

PR:		213725

devel/libevent2: drop historical suffix after r362796

PR:		216777
Approved by:	mm (maintainer)

devel/libevent2: update to 2.1.8 and cleanup

- DEFAULT_VERSIONS += ssl=openssl-devel is now supported
- devel/py-event and devel/p5-Event-Lib are marked BROKEN

Changes:	https://github.com/libevent/libevent/raw/release-2.1.8-stable/whatsnew-2.1.txt
Changes:	https://github.com/libevent/libevent/raw/release-2.1.8-stable/ChangeLog
PR:		216527
Exp-run by:	antoine
Approved by:	mm (maintainer)

- Remove always-true/false conditions after FreeBSD 9, 10.1, 10.2 EOL

Approved by:	portmgr blanket

- Get rid of USE_OPENSSL, switch to USES= ssl

Assign ports to fluffy@, who is actively tracking OpenSMTPD
development, and has kindly agreed to take the maintainership
of following ports:

  - dns/libasr
  - dns/libasr-devel
  - mail/opensmtpd
  - mail/opensmtpd-devel

Thank you!

- Allow custom config file in rc script for both stable/devel ports
- While here, create makemap symlink only with TABLE_DB enabled

Reported by:	myself (for adamw)
Reviewed by:	adamw
Approved by:	miwi (mentor, implicit)

mail/opensmtpd: Fix SSL and CA problems

  - Change with-ssl to with-ssllib
  - Change with-ca-file to with-path-CAfile
  - Remove broken for libasr-devel

PR:		208991
Submitted by:	fluffy
Approved by:	maintainer (implicit)

mail/opensmtpd: Update to 5.9.2

  - Update to 5.9.2p1
  - Remove usernamelen patch (default 255+1)
  - Fix renamed configure args
  - Add symlink for makemap (now included in smtpctl)
  - Align versioning with other OpenBSD projects
  - Add _smtpq group
  - Add UPDATING entry for existing installs
  - Update pkg-message for existing installs

Reviewed by:	adamw, mat
Approved by:	adamw, maintainer (implicit)
Differential Revision: D6421

- Fix trailing whitespace in pkg-messages

Approved by:	portmgr blanket

Remove ${PORTSDIR}/ from dependencies, categories m, n, o, and p.

With hat:	portmgr
Sponsored by:	Absolight

- Add SSL_PORT option to specify if OpenSSL from ports is to be used[1]
- Make option descriptions generic[1]
- Cleanup OPTIONS[1]
- Enforce SSL_PORT for 9.x[1]
- Mark as broken with LIBASRDEVEL option, due to incompatibility

PR:		206523[1]
Submitted by:	Andrey Fesenko <andrey at bsdnir dot info>[1]

mail/opensmtpd: restore patch to install .sample config file

Notified by:	adamw@
MFH:			2016Q1

mail/opensmtpd: update to 5.7.3p2

Details at https://github.com/OpenSMTPD/OpenSMTPD/issues/650

While at it, remove a stale patch that isn't applicable anymore. Upstream
implements this logic already, and the patch doesn't actually patch anything.

PR:				206816
Submitted by:	sa.inbox@gmail.com
Approved by:	portmgr@

mail/opensmtpd: update 5.7.1 -> 5.7.3

Changes:	https://www.opensmtpd.org/announces/release-5.7.2.txt
Changes:	https://www.opensmtpd.org/announces/release-5.7.3.txt

Approved by:	ashish (maintainer, implicit from AFK notice)
Security:	42852f72-6bd3-11e5-9909-002590263bf5
Security:	ee7bdf7f-11bb-4eea-b054-c692ab848c20
Security:	CVE-2015-7687
MFH:		2015Q4

It seems some people keep adding $FreeBSD$ to patch files.

Patches must not be changed by the vcs, this includes the
svn:keyword expansion.  Set fbsd:nokeywords to a couple of patches.

With hat:	portmgr
Sponsored by:	Absolight

- Fix typos in the patch committed in r394424

Reported by:	adamw

- Add a patch to handle long usernames during SMTP authentication,
  e.g. often username exceeds the limit when it contains @host.name
  part.

Reported by:	gahr (via private email)
Obtained from:	Philipp Takacs <philipp@bureaucracy.de> (via IRC)

- Update to 5.7.1p1
- Add TABLE_DB option to add support for aliases db
- Sort options in alphabetical order

PR:		201241
Submitted by:	brnrd

- Update to 5.4.6

Changes:		http://article.gmane.org/gmane.mail.opensmtpd.general/2759

- Update to 5.4.5p1
- Remove OPTIONS for the features unsupported upstream: SQLITE, MYSQL,
  LDAP, PGSQL, and REDIS
- Add workaround to prevent unnecessary dependency on autotools, due
  to problem with tarball
- Add note to UPDATING about the removal of OPTIONS

- Add LICENSE_FILE
- Add CPE info

Approved by:	portmgr blanket

- Add OPTION to only update mailer.conf(5) on demand
- Update COMMENT so it complies with guidelines in Porter's
  Handbook

PR:		198375
Submitted by:	adamw

- Update rc.d script to add a configtest command to test configuration
  before starting/restarting service.

PR:		197587
Submitted by:	elbarto at megadrive.org

OpenSMTPD port updates

mail/opensmtpd:
 - Update to 5.4.4p1
 - Add LIBASRDEVEL option to depend on dns/libasr-devel
 - Use OpenSSL from ports, should help with migration to LibreSSL
 - Explicitly provide path to OpenSSL[1]

mail/opensmtpd-devel:
 - Update to 201502012312
 - Add LIBASR option to depend on dns/libasr
 - Remove MYSQL, PGSQL, LDAP, and REDIS options as they're removed
   upstream
 - Add a note for above to UPDATING
 - Explicitly provide path to OpenSSL[1]
 - Add a diff to fix build failure on FreeBSD[2]

Reported by:	TJ <tj at mrsk.me> (via private email)
Submitted by:	Herbert J. Skuhra <herbert at oslo.ath.cx> (via list)

Switch to USES=pgsql

Remove useless @dir*

- Drop dependency on autoconf and automake
- Use correct form of OPTIONS_SUB
- Remove FreeBSD 7 support
- Remove post-deinstall (handled by pkg)

- Fix rc.d script so it can distinguish between smtpd processes
  running between host and jail

Submitted by:	Creaky <whatexercise at gmail.com> (via private email)

- Drop .la files, no dependees require them

Approved by:	portmgr blanket

Only use libevent2

Remove libevent as libevent2 is providing a good compatibility interface as well
as providing better performances.
Remove custom patches from libevent2 and install libevent2 the regular way
Mark ports abusing private fields of the libevent1 API as broken
Import a patch from fedora to have honeyd working with libevent2
Remove most of the patches necessary to find the custom installation we used to
have for libevent2

With hat:	portmgr

Fix LIB_DEPENDS

Bump more ports that depend on libsqlite3.so:
- ports that set USE_SQLITE with the *_USE option helper
- ports that depend on libsqlite3 indirectly as reported by pkg rquery

Approved by:	portmgr (implicit)

Use modern LIB_DEPENDS

- Make rc.d script send signals only to the parent daemon process to
  fix a race condition.

Submitted by:	naddy (via private email)

- Update to 5.4.2p1
- Add OPTIONS for CA bundle, and Redis support
- Switch to OptionsNG helpers
- Remove _smtpf user (not used anymore)

Changes:	http://article.gmane.org/gmane.mail.opensmtpd.general/1415

- Add missing file

Reported by:	Nicolas EDEL (on IRC)

- Fix typo in rc scripts

Reported by:	feld

- Update to 5.4.1p1
- Update LICENSE information
- Add OPTIONS for SQLITE, MYSQL, PGSQL, and LDAP
- Add STAGE support
- Add a note to UPDATING about change in configuration

Changes:		http://article.gmane.org/gmane.mail.opensmtpd.general/1146

Add NO_STAGE all over the place in preparation for the staging support (cat:
mail)

Hack around fallout from recent update to automake-1.14

- Add opensmtpd-devel package to CONFLICTS_INSTALL
- Update LICENSE information to point to the actual LICENSE file[1]

Submitted by:	Alexander Milanov <a at amilanov.com>[1] (private mail)

- Update to 5.3.3p1
- Remove unneeded dependency on databases/sqlite3
- Use a cleaner way to pass configuration directory[1]

PR:		ports/179364[1]
Submitted by:	Emmanuel Vadot <elbarto at bocal.org>[1]
Changes:	http://article.gmane.org/gmane.mail.opensmtpd.general/630

- Update to 5.3.2p1

Changes:		http://article.gmane.org/gmane.mail.opensmtpd.general/561

- Update to 5.3.1p1
- Use CONFLICTS_INSTALL, instead of CONFLICTS[1]

Changes:	http://article.gmane.org/gmane.mail.opensmtpd.general/469
Reported by:	Vincent Gross <dermiste at kilob.yt>

- Update to 5.3p1
- Bump PORTEPOCH
- Add additional USERS for privilege separation
- Add instructions for fixing permissions in pkg-message
- Add a note about privilege separation to UPDATING file

Changes:		http://article.gmane.org/gmane.mail.opensmtpd.general/446

- Update to latest snapshot 201303011853
- Add option for PAM support

Changes:		http://article.gmane.org/gmane.mail.opensmtpd.general/435

- Update to latest snapshot 201302212015p1

Changes:	http://article.gmane.org/gmane.mail.opensmtpd.general/405

- Update to latest snapshot 201302152354

Changes:	http://thread.gmane.org/gmane.mail.opensmtpd.general/401

- Update to latest snapshot 201302141353

Changes:	http://article.gmane.org/gmane.mail.opensmtpd.general/394

- Update to latest snapshot 201302051638

- Update to latest snapshot 201301312105

- Update to latest snapshot 201301281310

- Update to latest snapshot 201301191220
- Add a note to UPDATING about flushing queue before update

Changes:	http://thread.gmane.org/gmane.mail.opensmtpd.general/341

- Update to latest snapshot 201301111154

Previous version committed few minutes ago was not latest, an error on my
part.

- Update to latest snapshot 201301050937

- Update to latest snapshot 201212222206
- Add dependency on databases/sqlite3
- Remove ABI version from LIB_DEPENDS
- Document the configuration change in UPDATING

- Update to latest snapshot 201210090136

- Update to latest snapshot 201209190752

- Update to latest snapshot 201208192045

- Update to latest snapshot 201207311144
- Fix rc.d script

PR:		ports/170577
Submitted by:	Artis Caune <Artis.Caune at gmail.com>

- Update to latest snapshot 201207281129

- Update to latest snapshot 201207111000

- Add mirror to MASTER_SITES
- Add dependency on OpenSSL and fix for brokenness on 7.3
- Bump PORTREVISION

Reported by:    pav

- Update to latest snapshot 201206212223

- Update to latest snapshot 201206161848
- Remove a patch, accepted by upstream

- Update to latest snapshot 201205220027

- Add USER/GROUP, missed from previous commit
- Add _smtpd user to UIDs/GIDs

Reported by:    Nike <k-nike@inbox.ru>

OpenSMTPD is a FREE implementation of the server-side SMTP protocol as
defined by RFC 5321, with some additional standard extensions. It
allows ordinary machines to exchange e-mails with other systems
speaking the SMTP protocol.

WWW:    http://www.OpenSMTPD.org/