exim: update to version 4.99

See https://code.exim.org/exim/exim/releases/tag/exim-4.99

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit aed8ca7bd9)

mail/exim/Makefile

@@ -1,12 +1,12 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=exim
-PKG_VERSION:=4.98.2
+PKG_VERSION:=4.99
 PKG_RELEASE:=1
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
 PKG_SOURCE_URL:=https://ftp.exim.org/pub/exim/exim4/
-PKG_HASH:=88b8e8a67c1db6cc0b1d148161aa36e662f4ca2fef25d5b6f3694d490e42dcae
+PKG_HASH:=5df38b042ffa9a9c8d31b20bc8481558070e361b06f657608622a62a327adcba
 PKG_MAINTAINER:=Daniel Golle <daniel@makrotopia.org>
 
 PKG_LICENSE:=GPL-2.0-or-later
@@ -45,7 +45,7 @@ LOOKUPS:= \
 define Package/exim/Default
   SECTION:=mail
   CATEGORY:=Mail
-  DEPENDS:=+libdb47 +libpcre2 $(ICONV_DEPENDS) +BUILD_NLS:libidn2 +BUILD_NLS:libidn
+  DEPENDS:= +USE_GLIBC:libcrypt-compat +libdb47 +libpcre2 $(ICONV_DEPENDS) +BUILD_NLS:libidn2 +BUILD_NLS:libidn
   TITLE:=Exim message transfer agent
   URL:=http://www.exim.org/
   USERID:=exim=42:exim=42

mail/exim/patches/010-allow-json-dynamic-lookup.patch

@@ -1,11 +0,0 @@
---- a/src/drtables.c
-+++ b/src/drtables.c
-@@ -663,7 +663,7 @@ addlookupmodule(NULL, &ibase_lookup_modu
- addlookupmodule(NULL, &ldap_lookup_module_info);
- #endif
- 
--#ifdef LOOKUP_JSON
-+#if defined(LOOKUP_JSON) && LOOKUP_JSON!=2
- addlookupmodule(NULL, &json_lookup_module_info);
- #endif
- 

mail/exim/patches/030-openssl-deprecated.patch

@@ -1,6 +1,6 @@
 --- a/src/dane-openssl.c
 +++ b/src/dane-openssl.c
-@@ -1098,8 +1098,8 @@ if (dane->selectors[DANESSL_USAGE_DANE_T
+@@ -1122,8 +1122,8 @@ if (dane->selectors[DANESSL_USAGE_DANE_T
       * Check that setting the untrusted chain updates the expected
       * structure member at the expected offset.
       */
@@ -11,16 +11,6 @@
      OPENSSL_assert(dane->chain == X509_STORE_CTX_get0_untrusted(ctx));
      }
    }
---- a/src/pdkim/signing.c
-+++ b/src/pdkim/signing.c
-@@ -704,7 +704,6 @@ return NULL;
- void
- exim_dkim_init(void)
- {
--ERR_load_crypto_strings();
- }
- 
- 
 --- a/src/tls-openssl.c
 +++ b/src/tls-openssl.c
 @@ -23,7 +23,10 @@ functions from the OpenSSL library. */
@@ -31,10 +21,10 @@
 +#include <openssl/dh.h>
  #include <openssl/rand.h>
 +#include <openssl/rsa.h>
- #ifndef OPENSSL_NO_ECDH
- # include <openssl/ec.h>
- #endif
-@@ -947,8 +950,9 @@ pkey = EVP_RSA_gen(2048);
+ #include <openssl/ec.h>
+ #ifndef DISABLE_OCSP
+ # include <openssl/ocsp.h>
+@@ -909,8 +912,9 @@ pkey = EVP_RSA_gen(2048);
  
  X509_set_version(x509, 2);				/* N+1 - version 3 */
  ASN1_INTEGER_set(X509_get_serialNumber(x509), 1);
@@ -46,7 +36,7 @@
  X509_set_pubkey(x509, pkey);
  
  name = X509_get_subject_name(x509);
-@@ -4972,8 +4976,8 @@ return string_fmt_append(g,
+@@ -5031,8 +5035,8 @@ return string_fmt_append(g,
      "                          Runtime: %s\n"
      "                                 : %s\n",
  	     OPENSSL_VERSION_TEXT,
@@ -57,7 +47,7 @@
    /* third line is 38 characters for the %s and the line is 73 chars long;
    the OpenSSL output includes a "built on: " prefix already. */
  }
-@@ -5015,8 +5019,6 @@ if (pidnow != pidlast)
+@@ -5074,8 +5078,6 @@ if (pidnow != pidlast)
    is unique for each thread", this doesn't apparently apply across processes,
    so our own warning from vaguely_random_number_fallback() applies here too.
    Fix per PostgreSQL. */
@@ -70,14 +60,14 @@
 +++ b/src/tlscert-openssl.c
 @@ -219,13 +219,13 @@ return mod ? tls_field_from_dn(cp, mod)
  uschar *
- tls_cert_not_before(void * cert, uschar * mod)
+ tls_cert_not_before(void * cert, const uschar * mod)
  {
 -return asn1_time_copy(X509_get_notBefore((X509 *)cert), mod);
 +return asn1_time_copy(X509_getm_notBefore((X509 *)cert), mod);
  }
  
  uschar *
- tls_cert_not_after(void * cert, uschar * mod)
+ tls_cert_not_after(void * cert, const uschar * mod)
  {
 -return asn1_time_copy(X509_get_notAfter((X509 *)cert), mod);
 +return asn1_time_copy(X509_getm_notAfter((X509 *)cert), mod);

mail/exim/patches/050-fix-crosscompile.patch

@@ -0,0 +1,11 @@
+--- a/src/miscmods/Makefile
++++ b/src/miscmods/Makefile
+@@ -62,7 +62,7 @@ dkim.o:
+ 	$(FE)$(CC) -c $(CFLAGS) $(INCLUDE) pdkim.c
+ 	$(FE)$(CC) -c $(CFLAGS) $(INCLUDE) $(TLS_INCLUDE) signing.c
+ 	$(FE)mv dkim.o dkim_tmp.o
+-	$(FE)ld -r -o dkim.o $(LDFLAGS_PARTIAL) \
++	$(FE)$(CC) -r -o dkim.o $(LDFLAGS_PARTIAL) \
+ 		dkim_tmp.o dkim_transport.o pdkim.o signing.o
+ 
+ # Similarly, we want a single .so for the dynamic-load module

mail/exim/patches/100-localscan_dlopen.patch

@@ -10,7 +10,7 @@ Last-Update: 2021-07-28
 
 --- a/src/EDITME
 +++ b/src/EDITME
-@@ -913,6 +913,21 @@ HEADERS_CHARSET="ISO-8859-1"
+@@ -998,6 +998,21 @@ HEADERS_CHARSET="ISO-8859-1"
  
  
  #------------------------------------------------------------------------------
@@ -45,7 +45,7 @@ Last-Update: 2021-07-28
  #define CONFIGURE_FILE
 --- a/src/globals.c
 +++ b/src/globals.c
-@@ -118,6 +118,10 @@ int     dsn_ret                = 0;
+@@ -120,6 +120,10 @@ int     dsn_ret                = 0;
  const pcre2_code  *regex_DSN         = NULL;
  uschar *dsn_advertise_hosts    = NULL;
  
@@ -58,7 +58,7 @@ Last-Update: 2021-07-28
  BOOL    gnutls_allow_auto_pkcs11 = FALSE;
 --- a/src/globals.h
 +++ b/src/globals.h
-@@ -157,6 +157,9 @@ extern int      dsn_ret;               /
+@@ -164,6 +164,9 @@ extern int      dsn_ret;               /
  extern const pcre2_code  *regex_DSN;         /* For recognizing DSN settings */
  extern uschar  *dsn_advertise_hosts;   /* host for which TLS is advertised */
  
@@ -248,7 +248,7 @@ Last-Update: 2021-07-28
  /* End of local_scan.c */
 --- a/src/local_scan.h
 +++ b/src/local_scan.h
-@@ -28,6 +28,7 @@ settings, and the store functions. */
+@@ -30,6 +30,7 @@ settings, and the store functions. */
  
  #include <stdarg.h>
  #include <sys/types.h>
@@ -256,7 +256,7 @@ Last-Update: 2021-07-28
  #include "config.h"
  #include "mytypes.h"
  #include "store.h"
-@@ -177,6 +178,9 @@ extern header_line *header_list;       /
+@@ -179,6 +180,9 @@ extern header_line *header_list;       /
  extern BOOL    host_checking;          /* Set when checking a host */
  extern uschar *interface_address;      /* Interface for incoming call */
  extern int     interface_port;         /* Port number for incoming call */
@@ -266,16 +266,17 @@ Last-Update: 2021-07-28
  extern uschar *message_id;             /* Internal id of message being handled */
  extern uschar *received_protocol;      /* Name of incoming protocol */
  extern int     recipients_count;       /* Number of recipients */
-@@ -247,4 +251,6 @@ extern pid_t    child_open_exim2_functio
+@@ -249,5 +253,7 @@ extern pid_t    child_open_exim2_functio
  extern pid_t    child_open_function(uschar **, uschar **, int, int *, int *, BOOL, const uschar *);
  #endif
  
 +#pragma GCC visibility pop
 +
+ #endif	/* whole file */
  /* End of local_scan.h */
 --- a/src/readconf.c
 +++ b/src/readconf.c
-@@ -219,6 +219,9 @@ static optionlist optionlist_config[] =
+@@ -218,6 +218,9 @@ static optionlist optionlist_config[] =
    { "local_from_prefix",        opt_stringptr,   {&local_from_prefix} },
    { "local_from_suffix",        opt_stringptr,   {&local_from_suffix} },
    { "local_interfaces",         opt_stringptr,   {&local_interfaces} },
@@ -287,7 +288,7 @@ Last-Update: 2021-07-28
  #endif
 --- a/src/string.c
 +++ b/src/string.c
-@@ -455,6 +455,7 @@ return ss;
+@@ -459,6 +459,7 @@ return ss;
  
  #if (defined(HAVE_LOCAL_SCAN) || defined(EXPAND_DLFUNC)) \
  	&& !defined(MACRO_PREDEF) && !defined(COMPILE_UTILITY)
@@ -295,7 +296,7 @@ Last-Update: 2021-07-28
  /*************************************************
  *            Copy and save string                *
  *************************************************/
-@@ -500,6 +501,7 @@ string_copyn_function(const uschar * s,
+@@ -504,6 +505,7 @@ string_copyn_function(const uschar * s,
  {
  return string_copyn(s, n);
  }

mail/exim/patches/200-fix-build.patch

@@ -1,6 +1,6 @@
 --- a/src/exim.c
 +++ b/src/exim.c
-@@ -647,13 +647,15 @@ exim_nullstd(void)
+@@ -660,13 +660,15 @@ exim_nullstd(void)
  {
  int devnull = -1;
  struct stat statbuf;
@@ -12,7 +12,7 @@
      {
 -    if (devnull < 0) devnull = open("/dev/null", O_RDWR);
 +    if (devnull < 0) devnull = open(devnullpath, O_RDWR);
-     if (devnull < 0) log_write(0, LOG_MAIN|LOG_PANIC_DIE, "%s",
+     if (devnull < 0) log_write_die(0, LOG_MAIN, "%s",
 -      string_open_failed("/dev/null", NULL));
 +      string_open_failed("%s", devnullpath));
      if (devnull != i) (void)dup2(devnull, i);
@@ -20,7 +20,7 @@
    }
 --- a/src/local_scan.h
 +++ b/src/local_scan.h
-@@ -27,6 +27,7 @@ store.c
+@@ -29,6 +29,7 @@ store.c
  settings, and the store functions. */
  
  #include <stdarg.h>

mail/exim/patches/210-no-exim_id_update.patch

@@ -1,8 +1,8 @@
 --- a/OS/Makefile-Base
 +++ b/OS/Makefile-Base
-@@ -253,7 +253,7 @@ utils: $(EXIM_MONITOR) exicyclog exinext
-         transport-filter.pl convert4r3 convert4r4 \
-         exim_checkaccess \
+@@ -252,7 +252,7 @@ utils: $(EXIM_MONITOR) exicyclog exinext
+         exigrep eximstats exipick exiqgrep exiqsumm \
+         transport-filter.pl exim_checkaccess \
          exim_dbmbuild exim_dumpdb exim_fixdb exim_tidydb \
 -	exim_lock exim_msgdate exim_id_update
 +	exim_lock exim_msgdate

net/kea/Makefile

@@ -9,14 +9,14 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=kea
-PKG_VERSION:=2.6.0
+PKG_VERSION:=2.6.4
 PKG_RELEASE:=1
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
 PKG_SOURCE_URL:=https://ftp.isc.org/isc/kea/$(PKG_VERSION)
-PKG_HASH:=207ceae33eb3b81ec4e6ac5605249a85b93779333b62aadf39e489f11dbcdc8d
+PKG_HASH:=6806405e4d559abc10febd2c273dc6e2bc6ac42767afa5ca20b118ffba84a671
 
-PKG_MAINTAINER:=BangLang Huang <banglang.huang@foxmail.com>, Rosy Song <rosysong@rosinson.com>
+PKG_MAINTAINER:=Philip Prindeville <philipp@redfish-solutions.com>, Noah Meyerhans <frodo@morgul.net>
 PKG_LICENSE:=MPL-2.0
 PKG_LICENSE_FILES:=COPYING
 

net/kea/files/kea.init

@@ -8,7 +8,8 @@ BIN_PATH="/usr/sbin"
 CONF_PATH="/etc/kea"
 
 start_service() {
-	mkdir -p /var/run/kea
+	mkdir -p /var/run/kea /var/lib/kea
+    chmod 0750 /var/run/kea /var/lib/kea
 
 	config_load "kea"
 	config_foreach start_kea "service"

net/kea/patches/003-no-test-compile.patch

@@ -225,7 +225,7 @@
 +SUBDIRS = .
  
  AM_CPPFLAGS  = -I$(top_builddir)/src/lib -I$(top_srcdir)/src/lib
- AM_CPPFLAGS += $(BOOST_INCLUDES)
+ AM_CPPFLAGS += -DDEFAULT_HOOKS_PATH=\"$(libdir)/kea/hooks\"
 --- a/src/lib/http/Makefile.am
 +++ b/src/lib/http/Makefile.am
 @@ -1,4 +1,4 @@

net/kea/patches/004-use-shell-expansion-instead.patch

@@ -6,7 +6,7 @@ Date:   Sat Aug 3 10:19:05 2024 -0600
 
 --- a/src/bin/keactrl/keactrl.in
 +++ b/src/bin/keactrl/keactrl.in
-@@ -112,7 +112,8 @@ get_pid_from_file() {
+@@ -116,7 +116,8 @@ get_pid_from_file() {
  
      # Extract the name portion (from last slash to last dot) of the config file name.
      local conf_name