diff --git a/nixos/doc/manual/release-notes/rl-1903.xml b/nixos/doc/manual/release-notes/rl-1903.xml
index 839d75b53bd..64ccddb6c67 100644
--- a/nixos/doc/manual/release-notes/rl-1903.xml
+++ b/nixos/doc/manual/release-notes/rl-1903.xml
@@ -137,6 +137,14 @@
make sure to update your configuration if you want to keep proglodyte-wasm
+
+
+ OpenSMTPD has been upgraded to version 6.4.0p1. This release makes
+ backwards-incompatible changes to the configuration file format. See
+ man smtpd.conf for more information on the new file
+ format.
+
+
diff --git a/nixos/tests/opensmtpd.nix b/nixos/tests/opensmtpd.nix
index 4c0cbca2101..4d3479168f7 100644
--- a/nixos/tests/opensmtpd.nix
+++ b/nixos/tests/opensmtpd.nix
@@ -17,11 +17,12 @@ import ./make-test.nix {
extraServerArgs = [ "-v" ];
serverConfiguration = ''
listen on 0.0.0.0
+ action do_relay relay
# DO NOT DO THIS IN PRODUCTION!
# Setting up authentication requires a certificate which is painful in
# a test environment, but THIS WOULD BE DANGEROUS OUTSIDE OF A
# WELL-CONTROLLED ENVIRONMENT!
- accept from any for any relay
+ match from any for any action do_relay
'';
};
};
@@ -41,8 +42,9 @@ import ./make-test.nix {
extraServerArgs = [ "-v" ];
serverConfiguration = ''
listen on 0.0.0.0
- accept from any for local deliver to mda \
+ action dovecot_deliver mda \
"${pkgs.dovecot}/libexec/dovecot/deliver -d %{user.username}"
+ match from any for local action dovecot_deliver
'';
};
services.dovecot2 = {
diff --git a/pkgs/servers/mail/opensmtpd/default.nix b/pkgs/servers/mail/opensmtpd/default.nix
index 60c517230b4..d5580450444 100644
--- a/pkgs/servers/mail/opensmtpd/default.nix
+++ b/pkgs/servers/mail/opensmtpd/default.nix
@@ -1,43 +1,33 @@
{ stdenv, lib, fetchurl, fetchpatch, autoconf, automake, libtool, bison
-, libasr, libevent, zlib, openssl, db, pam
-
-# opensmtpd requires root for no reason to encrypt passwords, this patch fixes it
-# see also https://github.com/OpenSMTPD/OpenSMTPD/issues/678
-, unpriviledged_smtpctl_encrypt ? true
-
-# Deprecated: use the subaddressing-delimiter in the config file going forward
-, tag_char ? null
+, libasr, libevent, zlib, libressl, db, pam
}:
-if (tag_char != null)
-then throw "opensmtpd: the tag_char argument is deprecated as it can now be specified at runtime via the 'subaddressing-delimiter' option of the configuration file"
-else stdenv.mkDerivation rec {
+stdenv.mkDerivation rec {
name = "opensmtpd-${version}";
- version = "6.0.3p1";
+ version = "6.4.0p1";
nativeBuildInputs = [ autoconf automake libtool bison ];
- buildInputs = [ libasr libevent zlib openssl db pam ];
+ buildInputs = [ libasr libevent zlib libressl db pam ];
src = fetchurl {
url = "https://www.opensmtpd.org/archives/${name}.tar.gz";
- sha256 = "291881862888655565e8bbe3cfb743310f5dc0edb6fd28a889a9a547ad767a81";
+ sha256 = "1qxxhnlsmpfh9v4azgl0634955r085gsic1c66jdll21bd5w2mq8";
};
patches = [
./proc_path.diff
- (fetchpatch {
- url = "https://github.com/OpenSMTPD/OpenSMTPD/commit/725ba4fa2ddf23bbcd1ff9ec92e86bbfaa6825c8.diff";
- sha256 = "19rla0b2r53jpdiz25fcza29c2msz6j6paivxhp9jcy1xl457dqa";
- })
+ ./fix-build.diff # See https://github.com/OpenSMTPD/OpenSMTPD/pull/884
];
- postPatch = with builtins; with lib;
- optionalString unpriviledged_smtpctl_encrypt ''
- substituteInPlace smtpd/smtpctl.c --replace \
- 'if (geteuid())' \
- 'if (geteuid() != 0 && !(argc > 1 && !strcmp(argv[1], "encrypt")))'
- substituteInPlace mk/smtpctl/Makefile.in --replace "chmod 2555" "chmod 0555"
- '';
+ # See https://github.com/OpenSMTPD/OpenSMTPD/issues/885 for the `sh bootstrap`
+ # requirement
+ postPatch = ''
+ substituteInPlace smtpd/parse.y \
+ --replace "/usr/libexec/" "$out/libexec/opensmtpd/"
+ substituteInPlace mk/smtpctl/Makefile.am --replace "chgrp" "true"
+ substituteInPlace mk/smtpctl/Makefile.am --replace "chmod 2555" "chmod 0555"
+ sh bootstrap
+ '';
configureFlags = [
"--sysconfdir=/etc"
@@ -54,6 +44,9 @@ else stdenv.mkDerivation rec {
"--with-table-db"
];
+ # See https://github.com/OpenSMTPD/OpenSMTPD/pull/884
+ makeFlags = [ "CFLAGS=-ffunction-sections" "LDFLAGS=-Wl,--gc-sections" ];
+
installFlags = [
"sysconfdir=\${out}/etc"
"localstatedir=\${TMPDIR}"
@@ -67,6 +60,6 @@ else stdenv.mkDerivation rec {
'';
license = licenses.isc;
platforms = platforms.linux;
- maintainers = with maintainers; [ rickynils obadz ];
+ maintainers = with maintainers; [ rickynils obadz ekleog ];
};
}
diff --git a/pkgs/servers/mail/opensmtpd/fix-build.diff b/pkgs/servers/mail/opensmtpd/fix-build.diff
new file mode 100644
index 00000000000..1f995fd4f62
--- /dev/null
+++ b/pkgs/servers/mail/opensmtpd/fix-build.diff
@@ -0,0 +1,12 @@
+diff --git a/mk/smtpctl/Makefile.am b/mk/smtpctl/Makefile.am
+index 5af0b713..f0fce735 100644
+--- a/mk/smtpctl/Makefile.am
++++ b/mk/smtpctl/Makefile.am
+@@ -4,6 +4,7 @@ sbin_PROGRAMS= smtpctl
+
+ smtpctl_SOURCES= $(smtpd_srcdir)/enqueue.c
+ smtpctl_SOURCES+= $(smtpd_srcdir)/parser.c
++smtpctl_SOURCES+= $(smtpd_srcdir)/config.c
+ smtpctl_SOURCES+= $(smtpd_srcdir)/log.c
+ smtpctl_SOURCES+= $(smtpd_srcdir)/envelope.c
+ smtpctl_SOURCES+= $(smtpd_srcdir)/queue_backend.c