Commit 3c4da38a authored by Milan P. Stanić's avatar Milan P. Stanić Committed by Natanael Copa
Browse files

main/postfix: fix outgoing DANE incompatible with musl

applied patch posted by Rich Felker to issue #11455
added depends to musl>=1.1.24-r7 with backported DANE fix
fixes: #11455
parent bb369204
Pipeline #19363 passed with stages
in 2 minutes and 15 seconds
......@@ -3,11 +3,12 @@
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=postfix
pkgver=3.5.2
pkgrel=0
pkgrel=1
pkgdesc="Secure and fast drop-in replacement for Sendmail (MTA)"
url="http://www.postfix.org/"
arch="all"
license="IPL-1.0 EPL-2.0"
depends="musl>=1.1.24-r7"
makedepends="
coreutils
cyrus-sasl-dev
......@@ -42,6 +43,7 @@ pkgusers="postfix"
pkggroups="postfix postdrop"
source="https://de.postfix.org/ftpmirror/official/postfix-$pkgver.tar.gz
$pkgname.initd
postfix-musl-2.patch
postfix-install.patch
"
......@@ -191,4 +193,5 @@ stone() {
sha512sums="04e37c4542952dba0f3e44f10775c0bedf343e6382df14a9c43ebc80c005c3f6de68a4e7a7469f32ae74b8e50d10c089d4930eac0cd2e2a9ff1bd8d7481b3a76 postfix-3.5.2.tar.gz
2752e69c4e1857bdcf29444ffb458bca818bc60b9c77c20823c5f5b87c36cb5e0f3217a625a7fe5788d5bfcef7570a1f2149e1233fcd23ccf7ee14190aff47a2 postfix.initd
7b9d658a6130295b0e0bcf19db064d9daf21a783ef865d83d62eb09176380b7ee5e6a73f6c5ad82f3c1eded1f0c351ed55b203dfffe32c0071e5bb2b16edfeb5 postfix-musl-2.patch
25cd34f23ca909d4e33aaf3239d1e397260abc7796d9a4456dee4f005682fd3a58aab8106126e5218c95bdddae415a3ef7e2223cd3b0d7b1e2bd76158bb7eaf8 postfix-install.patch"
diff --git a/postfix/makedefs b/postfix/makedefs
index 64b42f44..aea15d6f 100644
--- a/makedefs
+++ b/makedefs
@@ -228,19 +228,6 @@ case $# in
*) echo usage: $0 [system release] 1>&2; exit 1;;
esac
-case "$SYSTEM" in
- Linux)
- case "`PATH=/bin:/usr/bin ldd /bin/sh`" in
- *-musl-*)
- case "$CCARGS" in
- *-DNO_DNSSEC*) ;;
- *) echo Warning: libc-musl breaks DANE/TLSA security. 1>&2
- echo This build will not support DANE/TLSA. 1>&2
- CCARGS="$CCARGS -DNO_DNSSEC";;
- esac;;
- esac;;
-esac
-
case "$SYSTEM.$RELEASE" in
SCO_SV.3.2) SYSTYPE=SCO5
# Use the native compiler by default
diff --git a/postfix/src/dns/dns_lookup.c b/postfix/src/dns/dns_lookup.c
index 11c92813..b3bd537a 100644
--- a/src/dns/dns_lookup.c
+++ b/src/dns/dns_lookup.c
@@ -350,7 +350,9 @@ static int dns_res_query(const char *name, int class, int type,
if (msg_verbose)
msg_info("res_mkquery() failed");
return (len);
- } else if ((len = res_send(msg_buf, len, answer, anslen)) < 0) {
+ }
+ msg_buf[3] |= 32; // AD flag
+ if ((len = res_send(msg_buf, len, answer, anslen)) < 0) {
SET_H_ERRNO(TRY_AGAIN);
if (msg_verbose)
msg_info("res_send() failed");
@@ -491,11 +493,12 @@ static int dns_query(const char *name, int type, unsigned flags,
for (;;) {
_res.options &= ~saved_options;
_res.options |= flags;
- if (keep_notfound && var_dns_ncache_ttl_fix) {
+ if (1) {
#ifdef HAVE_RES_SEND
len = dns_res_query((char *) name, C_IN, type, reply->buf,
reply->buf_len);
#else
+#error HAVE_RES_SEND not defined
var_dns_ncache_ttl_fix = 0;
msg_warn("system library does not support %s=yes"
" -- ignoring this setting", VAR_DNS_NCACHE_TTL_FIX);
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment