main/postfix: improve build process

- added -openrc subpackage - added optional license choice as a comment - removed obsolete libressl.patch - sorted makedepends list - switched to a https mirror instead of ftp site
2025-09-04 13:21:43 +02:00 · 2018-11-28 15:55:02 -05:00 · 2018-11-28 15:55:02 -05:00 · ae9edd14cf
commit ae9edd14cf
parent fa776d0543
2 changed files with 25 additions and 170 deletions
--- a/main/postfix/APKBUILD
+++ b/main/postfix/APKBUILD
@ -3,32 +3,48 @@
 # Maintainer: Natanael Copa <ncopa@alpinelinux.org>
 pkgname=postfix
 pkgver=3.3.1
-pkgrel=4
+pkgrel=5
 pkgdesc="Secure and fast drop-in replacement for Sendmail (MTA)"
 url="http://www.postfix.org/"
 arch="all"
 license="IPL-1.0"
+#license="EPL-2.0"
 depends=
-makedepends="db-dev pcre-dev openssl-dev postgresql-dev mariadb-connector-c-dev openldap-dev
-	cyrus-sasl-dev perl file sqlite-dev linux-headers coreutils
-	lmdb-dev m4"
+makedepends="
+	coreutils
+	cyrus-sasl-dev
+	db-dev
+	linux-headers
+	lmdb-dev
+	m4
+	mariadb-connector-c-dev
+	openldap-dev
+	openssl-dev
+	pcre-dev
+	perl
+	postgresql-dev
+	sqlite-dev
+	"
+
 install="$pkgname.pre-install"
-subpackages="$pkgname-doc
+subpackages="
+	$pkgname-doc
+	$pkgname-openrc
 	$pkgname-ldap:_mv_dict
 	$pkgname-lmdb:_mv_dict
 	$pkgname-mysql:_mv_dict
 	$pkgname-pcre:_mv_dict
 	$pkgname-pgsql:_mv_dict
 	$pkgname-sqlite:_mv_dict
-	$pkgname-stone"
+	$pkgname-stone
+	"

 options="!check suid"  # No test suite.
 pkgusers="postfix"
 pkggroups="postfix postdrop"
-source="ftp://ftp.porcupine.org/mirrors/${pkgname}-release/official/${pkgname}-${pkgver}.tar.gz
+source="https://de.postfix.org/ftpmirror/official/$pkgname-$pkgver.tar.gz
 	$pkgname.initd
 	postfix-install.patch
-	libressl.patch
 	"

 _shared_libs() {
@ -172,5 +188,4 @@ stone() {

 sha512sums="2307f50f8b7dab1db46ebe4ae30bc5682a25b9c49ae5ae65aa95b4620bb5450dd5929977c0f34b9e73a92ca6af36fd8e24167732420a1a2d89167c7a3b197276  postfix-3.3.1.tar.gz
 2752e69c4e1857bdcf29444ffb458bca818bc60b9c77c20823c5f5b87c36cb5e0f3217a625a7fe5788d5bfcef7570a1f2149e1233fcd23ccf7ee14190aff47a2  postfix.initd
-25cd34f23ca909d4e33aaf3239d1e397260abc7796d9a4456dee4f005682fd3a58aab8106126e5218c95bdddae415a3ef7e2223cd3b0d7b1e2bd76158bb7eaf8  postfix-install.patch
-7d43dc0d4e44bb3c62b28b4c6dfb9dc49e4d95e948a27e309dc7d7ea6b7fe844f433d908fe87d0fee3e236a32b2e94d37804dba2a4d17cf0c44ab3a8c2d44e62  libressl.patch"
+25cd34f23ca909d4e33aaf3239d1e397260abc7796d9a4456dee4f005682fd3a58aab8106126e5218c95bdddae415a3ef7e2223cd3b0d7b1e2bd76158bb7eaf8  postfix-install.patch"
--- a/main/postfix/libressl.patch
+++ b/main/postfix/libressl.patch
@ -1,160 +0,0 @@
-$OpenBSD: patch-src_posttls-finger_posttls-finger_c,v 1.2 2017/03/04 22:09:43 sthen Exp $
--- a/src/posttls-finger/posttls-finger.c.orig	Fri Feb  3 17:43:04 2017
-+++ b/src/posttls-finger/posttls-finger.c	Mon Feb 20 12:42:58 2017
-@@ -1513,7 +1513,8 @@ static int finger(STATE *state)
-     return (0);
- }
- 
-#if defined(USE_TLS) && OPENSSL_VERSION_NUMBER < 0x10100000L
-+#if defined(USE_TLS) && \
-+    ( OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) )
- 
- /* ssl_cleanup - free memory allocated in the OpenSSL library */
- 
-@@ -1966,7 +1967,8 @@ int     main(int argc, char *argv[])
-     cleanup(&state);
- 
-     /* OpenSSL 1.1.0 and later (de)initialization is implicit */
-#if defined(USE_TLS) && OPENSSL_VERSION_NUMBER < 0x10100000L
-+#if defined(USE_TLS) && \
-+    ( OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) )
-     ssl_cleanup();
- #endif
- 
-$OpenBSD: patch-src_tls_tls_client_c,v 1.2 2017/03/04 22:09:43 sthen Exp $
--- a/src/tls/tls_client.c.orig	Sun Jan  1 17:22:13 2017
-+++ b/src/tls/tls_client.c	Mon Feb 20 12:42:58 2017
-@@ -299,7 +299,7 @@ TLS_APPL_STATE *tls_client_init(const TLS_CLIENT_INIT_
-      */
-     tls_check_version();
- 
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
-+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
- 
-     /*
-      * Initialize the OpenSSL library by the book! To start with, we must
-@@ -433,7 +433,7 @@ TLS_APPL_STATE *tls_client_init(const TLS_CLIENT_INIT_
-     /*
-      * 2015-12-05: Ephemeral RSA removed from OpenSSL 1.1.0-dev
-      */
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
-+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
- 
-     /*
-      * According to the OpenSSL documentation, temporary RSA key is needed
-$OpenBSD: patch-src_tls_tls_dane_c,v 1.2 2017/03/04 22:09:43 sthen Exp $
--- a/src/tls/tls_dane.c.orig	Sun Jan  1 17:22:13 2017
-+++ b/src/tls/tls_dane.c	Mon Feb 20 12:42:58 2017
-@@ -2125,7 +2125,7 @@ static SSL_CTX *ctx_init(const char *CAfile)
-     tls_param_init();
-     tls_check_version();
- 
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
-+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
-     SSL_load_error_strings();
-     SSL_library_init();
- #endif
-$OpenBSD: patch-src_tls_tls_dh_c,v 1.1 2017/03/04 22:09:43 sthen Exp $
-
-Fix building with LibreSSL
-
--- a/src/tls/tls_dh.c.orig	Mon Dec 26 18:47:24 2016
-+++ b/src/tls/tls_dh.c	Sat Feb  4 01:45:39 2017
-@@ -314,7 +314,7 @@ void    tls_auto_eecdh_curves(SSL_CTX *ctx)
-      * This is a NOP in OpenSSL 1.1.0 and later, where curves are always
-      * auto-negotiated.
-      */
-#if OPENSSL_VERSION_NUMBER < 0x10100000UL
-+#if OPENSSL_VERSION_NUMBER < 0x10100000UL || defined(LIBRESSL_VERSION_NUMBER)
-     if (SSL_CTX_set_ecdh_auto(ctx, 1) <= 0) {
- 	msg_warn("failed to enable automatic ECDHE curve selection");
- 	tls_print_errors();
-$OpenBSD: patch-src_tls_tls_h,v 1.2 2017/03/04 22:09:43 sthen Exp $
-
-Fix building with LibreSSL
-
--- a/src/tls/tls.h.orig	Sun Jan  1 17:22:13 2017
-+++ b/src/tls/tls.h	Fri Jan  6 23:17:26 2017
-@@ -89,7 +89,7 @@ extern const char *str_tls_level(int);
- #endif
- 
-  /* Backwards compatibility with OpenSSL < 1.1.0 */
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
-+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
- #define OpenSSL_version_num SSLeay
- #define OpenSSL_version SSLeay_version
- #define OPENSSL_VERSION SSLEAY_VERSION
-@@ -104,6 +104,9 @@ extern const char *str_tls_level(int);
- #define ASN1_STRING_get0_data ASN1_STRING_data
- #define X509_getm_notBefore X509_get_notBefore
- #define X509_getm_notAfter X509_get_notAfter
-+#endif
-+
-+#if OPENSSL_VERSION_NUMBER < 0x10100000L
- #define TLS_method SSLv23_method
- #define TLS_client_method SSLv23_client_method
- #define TLS_server_method SSLv23_server_method
-$OpenBSD: patch-src_tls_tls_rsa_c,v 1.1 2016/09/03 15:39:58 sthen Exp $
--- a/src/tls/tls_rsa.c.orig	Thu Sep  1 21:57:15 2016
-+++ b/src/tls/tls_rsa.c	Thu Sep  1 21:58:11 2016
-@@ -57,7 +57,7 @@
-  /*
-   * 2015-12-05: Ephemeral RSA removed from OpenSSL 1.1.0-dev
-   */
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
-+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
- 
- /* tls_tmp_rsa_cb - call-back to generate ephemeral RSA key */
- 
-@@ -109,7 +109,7 @@ int     main(int unused_argc, char *const argv[])
-     /*
-      * 2015-12-05: Ephemeral RSA removed from OpenSSL 1.1.0-dev
-      */
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
-+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
-     RSA    *rsa;
- 
-     msg_vstream_init(argv[0], VSTREAM_ERR);
-$OpenBSD: patch-src_tls_tls_server_c,v 1.2 2017/03/04 22:09:43 sthen Exp $
--- a/src/tls/tls_server.c.orig	Sun Jan  1 17:22:13 2017
-+++ b/src/tls/tls_server.c	Mon Feb 20 12:42:58 2017
-@@ -174,7 +174,7 @@ static const char server_session_id_context[] = "Postf
- #endif					/* OPENSSL_VERSION_NUMBER */
- 
-  /* OpenSSL 1.1.0 bitrot */
-#if OPENSSL_VERSION_NUMBER >= 0x10100000L
-+#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
- typedef const unsigned char *session_id_t;
- 
- #else
-@@ -377,7 +377,7 @@ TLS_APPL_STATE *tls_server_init(const TLS_SERVER_INIT_
-      */
-     tls_check_version();
- 
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
-+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
- 
-     /*
-      * Initialize the OpenSSL library by the book! To start with, we must
-@@ -580,7 +580,7 @@ TLS_APPL_STATE *tls_server_init(const TLS_SERVER_INIT_
-     /*
-      * 2015-12-05: Ephemeral RSA removed from OpenSSL 1.1.0-dev
-      */
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
-+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
- 
-     /*
-      * According to OpenSSL documentation, a temporary RSA key is needed when
-
-For LibreSSL 2.4:
--- a/src/tls/tls_dh.c.orig
-+++ b/src/tls/tls_dh.c
-@@ -244,7 +244,7 @@
- 
- void    tls_auto_eecdh_curves(SSL_CTX *ctx)
- {
-#if OPENSSL_VERSION_NUMBER >= 0x1000200fUL && !defined(OPENSSL_NO_ECDH)
-+#if OPENSSL_VERSION_NUMBER >= 0x1000200fUL && !defined(OPENSSL_NO_ECDH) && !defined(LIBRESSL_VERSION_NUMBER)
-     SSL_CTX *tmpctx;
-     int    *nids;
-     int     space = 5;