Bug#861442: marked as done (unblock: (pre-approval) courier/0.76.3-5)

[owner@bugs.debian.org (Debian Bug Tracking System)]

Your message dated Fri, 12 May 2017 14:31:00 +0000
with message-id <62e857e5-4232-bc07-d652-c72579c906ee@thykier.net>
and subject line Re: Bug#861442: unblock: (pre-approval) courier/0.76.3-5
has caused the Debian Bug report #861442,
regarding unblock: (pre-approval) courier/0.76.3-5
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
861442: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=861442
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems

--- Begin Message ---

• To: Debian Bug Tracking System <submit@bugs.debian.org>
• Subject: unblock: (pre-approval) courier/0.76.3-5
• From: Markus Wanner <markus@bluegap.ch>
• Date: Sat, 29 Apr 2017 10:06:51 +0200
• Message-id: <d4899435-561e-de85-d05f-f1c02c1fbb45@bluegap.ch>

Package: release.debian.org
Severity: normal
User: release.debian.org@packages.debian.org
Usertags: unblock

Dear Release Team,

only after the freeze, I realized that courier-mta is unmaintained and
got orphaned a couple moons ago. As I still use and like that MTA, but
it broke after an upgrade to stretch, I opted to adopt courier and
continue maintenance (#823807).

I realize it's pretty late in the process, but I'd appreciate keeping
courier in stretch. In any case, I plan to continue maintaining the
package for later releases.

I tried to keep the changes minimal, but mainly focused on getting
things to work. Quite a few changes for different important issues
accumulated. Note that I already have this version of courier in use on
stretch (it actually processed this very email).

Please indicate if any of the parts are not appropriate to be fixed for
stretch. I'm happy to prepare a corrected candidate. However, if too
many bugs remain unfixed, I'd rather vote for a removal from stretch,
than shipping something that breaks after an upgrade.

I commented the portions of the diff in the attached debdiff, in
relation to the changelog item added (patch can still apply the diff).
To simplify discussion via email, here's a copy of the proposed changes:

item 1: Fix Debian patch 0012-Define-and-use-PEMFILE-in-mkesmtpdcert.patch:
   do not invoke 'install -b' twice from mkesmtpdcert, eliminating
   unnecessary backup files not cleaned up by purge. Closes: #847348.

item 2: Add patch 0026-Fix-TLS-verification-for-CNAMEs.patch:
   correct TLS verification when DNS answers with CNAMEs.
   Closes: #860762.

item 3: Systemd service files: Correct delimiter of dependencies.
   Closes: #860765. (comma replaced by space)

item 4: Fix init scripts: Add proper PIDFILE declarations to init scripts.
   Replace status_of_proc with a more direct call to pidofproc and
   simplify the courier and courierfilter init scripts. Closes: #860777.

(Note that "simplify" is a bit of an understatement, here. Those init
scripts didn't actually work, before. Same applies to the replacement of
status_of_proc change.)

item 5: Take over the package. Closes #848978.

I know this is quite a bunch. And a late one. Please indicate if an
unblock of courier-0.76.3-5 is still feasible, if you like me to adjust
it or if you prefer to removed courier from stretch, instead. Thank you.

Kind Regards

Markus Wanner

#
# All of the changed documented in the changelog.
#
diff -Nru courier-0.76.3/debian/changelog courier-0.76.3/debian/changelog
--- courier-0.76.3/debian/changelog	2016-12-21 15:03:32.000000000 +0100
+++ courier-0.76.3/debian/changelog	2017-03-27 21:01:13.000000000 +0200
@@ -1,3 +1,19 @@
+courier (0.76.3-5) UNRELEASED; urgency=medium
+
+  * Fix Debian patch 0012-Define-and-use-PEMFILE-in-mkesmtpdcert.patch:
+    do not invoke 'install -b' twice from mkesmtpdcert, eliminating
+    backup files not cleaned up by purge. Closes: #847348.
+  * Add patch 0026-Fix-TLS-verification-for-CNAMEs.patch: correct TLS
+    verification when DNS answers with CNAMEs. Closes: #860762.
+  * Systemd service files: Correct delimiter of dependencies.
+    Closes: #860765.
+  * Fix init scripts: Add proper PIDFILE declarations to init scripts.
+    Replace status_of_proc with a more direct call to pidofproc and
+    simplify the courier and courierfilter init scripts. Closes: #860777.
+  * Take over the package. Closes: #848978.
+
+ -- Markus Wanner <markus@bluegap.ch>  Wed, 19 Apr 2017 21:27:14 +0200
+
 courier (0.76.3-4) unstable; urgency=medium
 
   * Orphan the package.
#
# item 1: Fix Debian patch 0012-Define-and-use-PEMFILE-in-mkesmtpdcert.patch:
#    do not invoke 'install -b' twice from mkesmtpdcert, eliminating
#    unnecessary backup files not cleaned up by purge. Closes: #847348.
#
diff -Nru courier-0.76.3/debian/patches/0012-Define-and-use-PEMFILE-in-mkesmtpdcert.patch courier-0.76.3/debian/patches/0012-Define-and-use-PEMFILE-in-mkesmtpdcert.patch
--- courier-0.76.3/debian/patches/0012-Define-and-use-PEMFILE-in-mkesmtpdcert.patch	2016-12-21 15:03:32.000000000 +0100
+++ courier-0.76.3/debian/patches/0012-Define-and-use-PEMFILE-in-mkesmtpdcert.patch	2017-03-27 21:01:13.000000000 +0200
@@ -75,7 +75,7 @@
  	exit 1
  }
  
-@@ -34,33 +45,30 @@ umask 077
+@@ -34,33 +45,28 @@ umask 077
  BITS="$BITS"
  set -e
  
@@ -119,9 +119,7 @@
 -	chown @mailuser@ @mydatadir@/esmtpd.pem
 -	cat esmtpd.key esmtpd.cert >esmtpd.pem
 -	rm -f esmtpd.key esmtpd.cert
-+	install -b -m 600 -o "@mailuser@" /dev/null "$PEMFILE"
 +	cat "$KEYFILE" "$CERTFILE" > "$PEMFILE"
-+	
 +	rm -f "$KEYFILE" "$CERTFILE"
  fi
 diff --git a/libs/imap/mkdhparams.in b/libs/imap/mkdhparams.in
#
# item 2: Add patch 0026-Fix-TLS-verification-for-CNAMEs.patch:
#         correct TLS verification when DNS answers with CNAMEs.
#         Closes: #860762.
#
diff -Nru courier-0.76.3/debian/patches/0026-Fix-TLS-verification-for-CNAMEs.patch courier-0.76.3/debian/patches/0026-Fix-TLS-verification-for-CNAMEs.patch
--- courier-0.76.3/debian/patches/0026-Fix-TLS-verification-for-CNAMEs.patch	1970-01-01 01:00:00.000000000 +0100
+++ courier-0.76.3/debian/patches/0026-Fix-TLS-verification-for-CNAMEs.patch	2017-03-27 21:01:13.000000000 +0200
@@ -0,0 +1,74 @@
+Subject: [PATCH] Fix TLS verification when DNS lookup comes back with CNAMEs.
+From: Sam Varshavchik <mrsam@courier-mta.com>
+Date: Wed, 15 Mar 2017 22:34:31 -0400
+Origin: backport, https://github.com/svarshavchik/courier-libs/commit/5e522ab14f45c6f4f43c43e32a2f72fbf6354f1c
+Reviewed-by: Markus Wanner <markus@bluegap.ch>
+
+--- a/libs/rfc1035/rfc1035mxlist.c
++++ b/libs/rfc1035/rfc1035mxlist.c
+@@ -179,18 +179,35 @@
+ 	int q_type, int *found,
+ 	int flags, int port)
+ {
+-struct rfc1035_reply *areply=0;
+-int index;
++	char	lookup_name[RFC1035_MAXNAMESIZE+1];
++
++	struct rfc1035_reply *areply=0;
++	int index;
+ #if	RFC1035_IPV6
+-struct in6_addr in;
++	struct in6_addr in;
+ #else
+-struct in_addr in;
++	struct in_addr in;
+ #endif
+ 
++	/*
++	** Make a copy of mxname, because resolve_cname modifies it.
++	** That is rather rude, since harvest_records gets called multiple
++	** times.
++	**
++	** We still need to know what resolve_cname() did, since
++	** after resolve_cname() we call replysearch_all(), which needs to
++	** have the same hostname.
++	**
++	** mxname always points to a char[RFC1035_MAXNAMESIZE_1], so what's
++	** good for the goose is good for the gander.
++	*/
++
++	strcpy(lookup_name, mxname);
++
+ 	index= -1;
+ 
+ 	if (!mxreply || (
+-		((index=rfc1035_replysearch_all( res, mxreply, mxname,
++		((index=rfc1035_replysearch_all( res, mxreply, lookup_name,
+ 					q_type,
+ 					RFC1035_CLASS_IN,
+ 					0)) < 0 ||
+@@ -198,7 +215,7 @@
+ 		&& (flags & HARVEST_AUTOQUERY))
+ 		)
+ 	{
+-		index=rfc1035_resolve_cname(res, mxname,
++		index=rfc1035_resolve_cname(res, lookup_name,
+ 			q_type,
+ 			RFC1035_CLASS_IN, &areply, RFC1035_X_RANDOMIZE);
+ 		if (index < 0)
+@@ -223,10 +240,11 @@
+ 	}
+ 
+ 	for ( ; index >= 0 ;
+-			index=rfc1035_replysearch_all( res, mxreply, mxname,
+-					q_type,
+-					RFC1035_CLASS_IN,
+-					index+1))
++			index=rfc1035_replysearch_all( res, mxreply,
++						       lookup_name,
++						       q_type,
++						       RFC1035_CLASS_IN,
++						       index+1))
+ 	{
+ 		if (mxreply->allrrs[index]->rrtype != q_type)
+ 			continue;
diff -Nru courier-0.76.3/debian/patches/series courier-0.76.3/debian/patches/series
--- courier-0.76.3/debian/patches/series	2016-12-21 15:03:32.000000000 +0100
+++ courier-0.76.3/debian/patches/series	2017-03-27 21:01:13.000000000 +0200
@@ -23,3 +23,4 @@
 0023-Fix-missing-AC_PROG_SYSCONFTOOL-macro-on-autoreconf.patch
 0024-Dynamically-resolver-mailuid-and-mailgid-on-runtime-.patch
 0025-Use-SOURCE_DATE_EPOCH-for-imapd-version-Use-the-envi.patch
+0026-Fix-TLS-verification-for-CNAMEs.patch
#
# item 3: Systemd service files: Correct delimiter of dependencies.
#    Closes: #860765. (comma replaced by space)
#
diff -Nru courier-0.76.3/debian/courier-mta.courier-msa.service courier-0.76.3/debian/courier-mta.courier-msa.service
--- courier-0.76.3/debian/courier-mta.courier-msa.service	2016-12-21 15:03:32.000000000 +0100
+++ courier-0.76.3/debian/courier-mta.courier-msa.service	2017-03-27 21:01:13.000000000 +0200
@@ -1,7 +1,7 @@
 [Unit]
 Description=Courier ESMTP Daemon
-Requires=courier-authdaemon.service,courier.service,courierfilter.service
-After=courier-authdaemon.service,courier.service,courierfilter.service
+Requires=courier-authdaemon.service courier.service courierfilter.service
+After=courier-authdaemon.service courier.service courierfilter.service
 PartOf=courier-mta.service
 
 [Service]
diff -Nru courier-0.76.3/debian/courier-mta.courier-mta-ssl.service courier-0.76.3/debian/courier-mta.courier-mta-ssl.service
--- courier-0.76.3/debian/courier-mta.courier-mta-ssl.service	2016-12-21 15:03:32.000000000 +0100
+++ courier-0.76.3/debian/courier-mta.courier-mta-ssl.service	2017-03-27 21:01:13.000000000 +0200
@@ -1,7 +1,7 @@
 [Unit]
 Description=Courier ESMTP Daemon
-Requires=courier-authdaemon.service,courier.service,courierfilter.service
-After=courier-authdaemon.service,courier.service,courierfilter.service
+Requires=courier-authdaemon.service courier.service courierfilter.service
+After=courier-authdaemon.service courier.service courierfilter.service
 PartOf=courier-mta.service
 
 [Service]
diff -Nru courier-0.76.3/debian/courier-mta.service courier-0.76.3/debian/courier-mta.service
--- courier-0.76.3/debian/courier-mta.service	2016-12-21 15:03:32.000000000 +0100
+++ courier-0.76.3/debian/courier-mta.service	2017-03-27 21:01:13.000000000 +0200
@@ -1,7 +1,7 @@
 [Unit]
 Description=Courier ESMTP Daemon
-Requires=courier-authdaemon.service,courier.service,courierfilter.service
-After=courier-authdaemon.service,courier.service,courierfilter.service
+Requires=courier-authdaemon.service courier.service courierfilter.service
+After=courier-authdaemon.service courier.service courierfilter.service
 
 [Service]
 Type=forking
#
# item 4: Fix init scripts: Add proper PIDFILE declarations to init scripts.
#    Replace status_of_proc with a more direct call to pidofproc and
#    simplify the courier and courierfilter init scripts. Closes: #860777.
#
diff -Nru courier-0.76.3/debian/courier-imap.courier-imap-ssl.init courier-0.76.3/debian/courier-imap.courier-imap-ssl.init
--- courier-0.76.3/debian/courier-imap.courier-imap-ssl.init	2016-12-21 15:03:32.000000000 +0100
+++ courier-0.76.3/debian/courier-imap.courier-imap-ssl.init	2017-03-27 21:01:13.000000000 +0200
@@ -18,5 +18,6 @@
 DESC="Courier IMAP server (TLS)"
 
 DO_START=$(sed -ne 's/^IMAPDSSLSTART=\([^[:space:]]*\)/\1/p' /etc/courier/imapd-ssl | tr "A-Z" "a-z")
+PIDFILE=$(sed -ne 's/^SSLPIDFILE=\([^[:space:]]*\)/\1/p' /etc/courier/imapd-ssl)
 
 . /usr/lib/courier/init-d-script-courier
diff -Nru courier-0.76.3/debian/courier-imap.init courier-0.76.3/debian/courier-imap.init
--- courier-0.76.3/debian/courier-imap.init	2016-12-21 15:03:32.000000000 +0100
+++ courier-0.76.3/debian/courier-imap.init	2017-03-27 21:01:13.000000000 +0200
@@ -18,5 +18,6 @@
 DESC="Courier IMAP server"
 
 DO_START=$(sed -ne 's/^IMAPDSTART=\([^[:space:]]*\)/\1/p' /etc/courier/imapd | tr "A-Z" "a-z")
+PIDFILE=$(sed -ne 's/^PIDFILE=\([^[:space:]]*\)/\1/p' /etc/courier/imapd)
 
 . /usr/lib/courier/init-d-script-courier
diff -Nru courier-0.76.3/debian/courier-mta.courier-mta-ssl.init courier-0.76.3/debian/courier-mta.courier-mta-ssl.init
--- courier-0.76.3/debian/courier-mta.courier-mta-ssl.init	2016-12-21 15:03:32.000000000 +0100
+++ courier-0.76.3/debian/courier-mta.courier-mta-ssl.init	2017-03-27 21:01:13.000000000 +0200
@@ -18,5 +18,6 @@
 DESC="Courier MTA TLS server"
 
 DO_START=$(sed -ne 's/^ESMTPDSSLSTART=\([^[:space:]]*\)/\1/p' /etc/courier/esmtpd-ssl | tr "A-Z" "a-z")
+PIDFILE=$(sed -ne 's/^SSLPIDFILE=\([^[:space:]]*\)/\1/p' /etc/courier/esmtpd-ssl)
 
 . /usr/lib/courier/init-d-script-courier
diff -Nru courier-0.76.3/debian/courier-mta.init courier-0.76.3/debian/courier-mta.init
--- courier-0.76.3/debian/courier-mta.init	2016-12-21 15:03:32.000000000 +0100
+++ courier-0.76.3/debian/courier-mta.init	2017-03-27 21:01:13.000000000 +0200
@@ -18,5 +18,6 @@
 DESC="Courier MTA server"
 
 DO_START=$(sed -ne 's/^ESMTPDSTART=\([^[:space:]]*\)/\1/p' /etc/courier/esmtpd | tr "A-Z" "a-z")
+PIDFILE=$(sed -ne 's/^PIDFILE=\([^[:space:]]*\)/\1/p' /etc/courier/esmtpd)
 
 . /usr/lib/courier/init-d-script-courier
diff -Nru courier-0.76.3/debian/courier-pop.courier-pop-ssl.init courier-0.76.3/debian/courier-pop.courier-pop-ssl.init
--- courier-0.76.3/debian/courier-pop.courier-pop-ssl.init	2016-12-21 15:03:32.000000000 +0100
+++ courier-0.76.3/debian/courier-pop.courier-pop-ssl.init	2017-03-27 21:01:13.000000000 +0200
@@ -18,5 +18,6 @@
 DESC="Courier POP3 server (TLS)"
 
 DO_START=$(sed -ne 's/^POP3DSSLSTART=\([^[:space:]]*\)/\1/p' /etc/courier/pop3d-ssl | tr "A-Z" "a-z")
+PIDFILE=$(sed -ne 's/^SSLPIDFILE=\([^[:space:]]*\)/\1/p' /etc/courier/pop3d-ssl)
 
 . /usr/lib/courier/init-d-script-courier
diff -Nru courier-0.76.3/debian/courier-pop.init courier-0.76.3/debian/courier-pop.init
--- courier-0.76.3/debian/courier-pop.init	2016-12-21 15:03:32.000000000 +0100
+++ courier-0.76.3/debian/courier-pop.init	2017-03-27 21:01:13.000000000 +0200
@@ -18,5 +18,6 @@
 DESC="Courier POP3 server"
 
 DO_START=$(sed -ne 's/^POP3DSTART=\([^[:space:]]*\)/\1/p' /etc/courier/pop3d | tr "A-Z" "a-z")
+PIDFILE=$(sed -ne 's/^PIDFILE=\([^[:space:]]*\)/\1/p' /etc/courier/pop3d)
 
 . /usr/lib/courier/init-d-script-courier
diff -Nru courier-0.76.3/debian/init-d-script-courier courier-0.76.3/debian/init-d-script-courier
--- courier-0.76.3/debian/init-d-script-courier	2016-12-21 15:03:32.000000000 +0100
+++ courier-0.76.3/debian/init-d-script-courier	2017-03-27 21:01:13.000000000 +0200
@@ -25,7 +25,7 @@
 	return 2
     fi
 
-    if call do_status >/dev/null 2>&1; then
+    if pidofproc ${PIDFILE:+-p ${PIDFILE}} "$DAEMON" >/dev/null; then
 	return 1
     fi
     
@@ -37,7 +37,7 @@
 }
 
 do_stop_cmd_override() {
-    if ! call do_status >/dev/null 2>&1; then
+    if ! pidofproc ${PIDFILE:+-p ${PIDFILE}} "$DAEMON" >/dev/null; then
 	return 1
     fi
     
diff -Nru courier-0.76.3/debian/courier-mta.courierfilter.init courier-0.76.3/debian/courier-mta.courierfilter.init
--- courier-0.76.3/debian/courier-mta.courierfilter.init	2016-12-21 15:03:32.000000000 +0100
+++ courier-0.76.3/debian/courier-mta.courierfilter.init	2017-03-27 21:01:13.000000000 +0200
@@ -19,4 +19,12 @@
 
 DO_START=yes
 
-. /usr/lib/courier/init-d-script-courier
+do_start_cmd_override() {
+    DAEMON_ARGS="start $DAEMON_ARGS"
+    do_start_cmd
+}
+
+do_stop_cmd_override() {
+    DAEMON_ARGS="stop $DAEMON_ARGS"
+    do_start_cmd
+}
diff -Nru courier-0.76.3/debian/courier-mta.courier.init courier-0.76.3/debian/courier-mta.courier.init
--- courier-0.76.3/debian/courier-mta.courier.init	2016-12-21 15:03:32.000000000 +0100
+++ courier-0.76.3/debian/courier-mta.courier.init	2017-03-27 21:01:13.000000000 +0200
@@ -20,8 +20,12 @@
 
 DO_START=yes
 
-. /usr/lib/courier/init-d-script-courier
+do_start_cmd_override() {
+    DAEMON_ARGS="start $DAEMON_ARGS"
+    do_start_cmd
+}
 
-do_status_override() {
-    status_of_proc ${PIDFILE:+-p ${PIDFILE}} "$DAEMON"d "$NAME"
+do_stop_cmd_override() {
+    DAEMON_ARGS="stop $DAEMON_ARGS"
+    do_start_cmd
 }
#
# item 5: Take over the package. Closes #848978.
#
diff -Nru courier-0.76.3/debian/control courier-0.76.3/debian/control
--- courier-0.76.3/debian/control	2016-12-21 15:03:32.000000000 +0100
+++ courier-0.76.3/debian/control	2017-03-27 21:01:13.000000000 +0200
@@ -1,7 +1,7 @@
 Source: courier
 Section: mail
 Priority: optional
-Maintainer: Debian QA Group <packages@qa.debian.org>
+Maintainer: Markus Wanner <markus@bluegap.ch>
 Standards-Version: 3.9.6
 Build-Depends: automake,
                autotools-dev,

Attachment: signature.asc
Description: OpenPGP digital signature

--- End Message ---

--- Begin Message ---

• To: Markus Wanner <markus@bluegap.ch>, 861442-done@bugs.debian.org
• Subject: Re: Bug#861442: unblock: (pre-approval) courier/0.76.3-5
• From: Niels Thykier <niels@thykier.net>
• Date: Fri, 12 May 2017 14:31:00 +0000
• Message-id: <62e857e5-4232-bc07-d652-c72579c906ee@thykier.net>
• In-reply-to: <[🔎] b09775ce-817a-c503-7963-8f3d99921d30@bluegap.ch>
• References: <d4899435-561e-de85-d05f-f1c02c1fbb45@bluegap.ch> <[🔎] 71f72c3c-f032-7718-9b41-e0f2ac2f44f5@thykier.net> <[🔎] b09775ce-817a-c503-7963-8f3d99921d30@bluegap.ch>

Markus Wanner:
> Control: tags -1 -moreinfo
> 
> On 05/07/2017 10:42 PM, Niels Thykier wrote:
>> Ack, please go ahead and remove the moreinfo tag once the upload has
>> been processed and built on all relevant release architectures.
> 
> Uploaded and built on all release arches (and most non-release ones as
> well).
> 
> Kind Regards
> 
> Markus
> 
> 

Unblocked, thanks.

~Niels

--- End Message ---