Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
Dear Release Team,
only after the freeze, I realized that courier-mta is unmaintained and
got orphaned a couple moons ago. As I still use and like that MTA, but
it broke after an upgrade to stretch, I opted to adopt courier and
continue maintenance (#823807).
I realize it's pretty late in the process, but I'd appreciate keeping
courier in stretch. In any case, I plan to continue maintaining the
package for later releases.
I tried to keep the changes minimal, but mainly focused on getting
things to work. Quite a few changes for different important issues
accumulated. Note that I already have this version of courier in use on
stretch (it actually processed this very email).
Please indicate if any of the parts are not appropriate to be fixed for
stretch. I'm happy to prepare a corrected candidate. However, if too
many bugs remain unfixed, I'd rather vote for a removal from stretch,
than shipping something that breaks after an upgrade.
I commented the portions of the diff in the attached debdiff, in
relation to the changelog item added (patch can still apply the diff).
To simplify discussion via email, here's a copy of the proposed changes:
item 1: Fix Debian patch 0012-Define-and-use-PEMFILE-in-mkesmtpdcert.patch:
do not invoke 'install -b' twice from mkesmtpdcert, eliminating
unnecessary backup files not cleaned up by purge. Closes: #847348.
item 2: Add patch 0026-Fix-TLS-verification-for-CNAMEs.patch:
correct TLS verification when DNS answers with CNAMEs.
Closes: #860762.
item 3: Systemd service files: Correct delimiter of dependencies.
Closes: #860765. (comma replaced by space)
item 4: Fix init scripts: Add proper PIDFILE declarations to init scripts.
Replace status_of_proc with a more direct call to pidofproc and
simplify the courier and courierfilter init scripts. Closes: #860777.
(Note that "simplify" is a bit of an understatement, here. Those init
scripts didn't actually work, before. Same applies to the replacement of
status_of_proc change.)
item 5: Take over the package. Closes #848978.
I know this is quite a bunch. And a late one. Please indicate if an
unblock of courier-0.76.3-5 is still feasible, if you like me to adjust
it or if you prefer to removed courier from stretch, instead. Thank you.
Kind Regards
Markus Wanner
#
# All of the changed documented in the changelog.
#
diff -Nru courier-0.76.3/debian/changelog courier-0.76.3/debian/changelog
--- courier-0.76.3/debian/changelog 2016-12-21 15:03:32.0 +0100
+++ courier-0.76.3/debian/changelog 2017-03-27 21:01:13.0 +0200
@@ -1,3 +1,19 @@
+courier (0.76.3-5) UNRELEASED; urgency=medium
+
+ * Fix Debian patch 0012-Define-and-use-PEMFILE-in-mkesmtpdcert.patch:
+do not invoke 'install -b' twice from mkesmtpdcert, eliminating
+backup files not cleaned up by purge. Closes: #847348.
+ * Add patch 0026-Fix-TLS-verification-for-CNAMEs.patch: correct TLS
+verification when DNS answers with CNAMEs. Closes: #860762.
+ * Systemd service files: Correct delimiter of dependencies.
+Closes: #860765.
+ * Fix init scripts: Add proper PIDFILE declarations to init scripts.
+Replace status_of_proc with a more direct call to pidofproc and
+simplify the courier and courierfilter init scripts. Closes: #860777.
+ * Take over the package. Closes: #848978.
+
+ -- Markus Wanner Wed, 19 Apr 2017 21:27:14 +0200
+
courier (0.76.3-4) unstable; urgency=medium
* Orphan the package.
#
# item 1: Fix Debian patch 0012-Define-and-use-PEMFILE-in-mkesmtpdcert.patch:
#do not invoke 'install -b' twice from mkesmtpdcert, eliminating
#unnecessary backup files not cleaned up by purge. Closes: #847348.
#
diff -Nru
courier-0.76.3/debian/patches/0012-Define-and-use-PEMFILE-in-mkesmtpdcert.patch
courier-0.76.3/debian/patches/0012-Define-and-use-PEMFILE-in-mkesmtpdcert.patch
---
courier-0.76.3/debian/patches/0012-Define-and-use-PEMFILE-in-mkesmtpdcert.patch
2016-12-21 15:03:32.0 +0100
+++
courier-0.76.3/debian/patches/0012-Define-and-use-PEMFILE-in-mkesmtpdcert.patch
2017-03-27 21:01:13.0 +0200
@@ -75,7 +75,7 @@
exit 1
}
-@@ -34,33 +45,30 @@ umask 077
+@@ -34,33 +45,28 @@ umask 077
BITS="$BITS"
set -e
@@ -119,9 +119,7 @@
- chown @mailuser@ @mydatadir@/esmtpd.pem
- cat esmtpd.key esmtpd.cert >esmtpd.pem
- rm -f esmtpd.key esmtpd.cert
-+ install -b -m 600 -o "@mailuser@" /dev/null "$PEMFILE"
+ cat "$KEYFILE" "$CERTFILE" > "$PEMFILE"
-+
+ rm -f "$KEYFILE" "$CERTFILE"
fi
diff --git a/libs/imap/mkdhparams.in b/libs/imap/mkdhparams.in
#
# item 2: Add patch 0026-Fix-TLS-verification-for-CNAMEs.patch:
# correct TLS verification when DNS answers with CNAMEs.
# Closes: #860762.
#
diff -Nru
courier-0.76.3/debian/patches/0026-Fix-TLS-verification-for-CNAMEs.patch