7 files changed, 384 insertions, 0 deletions
diff --git a/network/ssmtp/patches/01-configure_lcrypto.diff.gz b/network/ssmtp/patches/01-configure_lcrypto.diff.gz
deleted file mode 100644
index a819caf670..0000000000
--- a/network/ssmtp/patches/01-configure_lcrypto.diff.gz
+++ /dev/null
diff --git a/network/ssmtp/patches/02-configure_in_lcrypto.diff.gz b/network/ssmtp/patches/02-configure_in_lcrypto.diff.gz
deleted file mode 100644
index ea8d2e48f6..0000000000
--- a/network/ssmtp/patches/02-configure_in_lcrypto.diff.gz
+++ /dev/null
diff --git a/network/ssmtp/patches/03-557741-remote-addr.patch b/network/ssmtp/patches/03-557741-remote-addr.patch
new file mode 100644
index 0000000000..03efa81cd6
--- /dev/null
+++ b/network/ssmtp/patches/03-557741-remote-addr.patch
@@ -0,0 +1,28 @@
+http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=557741
+
+Patch by Victor Sudakov <sudakov@sibptus.tomsk.ru>
+Modified by Anibal Monsalve Salazar <anibal@debian.org>
+
+Index: ssmtp-2.64/ssmtp.c
+===================================================================
+--- ssmtp-2.64.orig/ssmtp.c
++++ ssmtp-2.64/ssmtp.c
+@@ -1421,6 +1421,7 @@ ssmtp() -- send the message (exactly one
+ int ssmtp(char *argv[])
+ {
+ 	char b[(BUF_SZ + 2)], *buf = b+1, *p, *q;
++	char *remote_addr;
+ #ifdef MD5AUTH
+ 	char challenge[(BUF_SZ + 1)];
+ #endif
+@@ -1624,6 +1625,10 @@ int ssmtp(char *argv[])
+ 		outbytes += smtp_write(sock, "From: %s", from);
+ 	}
+ 
++	if(remote_addr=getenv("REMOTE_ADDR")) {
++		outbytes += smtp_write(sock, "X-Originating-IP: %s", remote_addr);
++	}
++
+ 	if(have_date == False) {
+ 		outbytes += smtp_write(sock, "Date: %s", arpadate);
+ 	}
diff --git a/network/ssmtp/patches/04-508759-garbage.patch b/network/ssmtp/patches/04-508759-garbage.patch
new file mode 100644
index 0000000000..3e53f8bcb8
--- /dev/null
+++ b/network/ssmtp/patches/04-508759-garbage.patch
@@ -0,0 +1,23 @@
+Common subdirectories: ssmtp-original/debian and ssmtp-2.62/debian
+Common subdirectories: ssmtp-original/md5auth and ssmtp-2.62/md5auth
+Common subdirectories: ssmtp-original/.pc and ssmtp-2.62/.pc
+Index: ssmtp-2.64/ssmtp.c
+===================================================================
+--- ssmtp-2.64.orig/ssmtp.c
++++ ssmtp-2.64/ssmtp.c
+@@ -1674,12 +1674,12 @@ int ssmtp(char *argv[])
+ 			outbytes += smtp_write(sock, "%s", leadingdot ? b : buf);
+ 		} else {
+ 			if (log_level > 0) {
+-				log_event(LOG_INFO, "Sent a very long line in chunks");
++				log_event(LOG_INFO, "Sending a partial line");
+ 			}
+ 			if (leadingdot) {
+-				outbytes += fd_puts(sock, b, sizeof(b));
++				outbytes += fd_puts(sock, b, strlen(b));
+ 			} else {
+-				outbytes += fd_puts(sock, buf, bufsize);
++				outbytes += fd_puts(sock, buf, strlen(buf));
+ 			}
+ 		}
+ 		(void)alarm((unsigned) MEDWAIT);
diff --git a/network/ssmtp/patches/fix-tls1.3-handshake.patch b/network/ssmtp/patches/fix-tls1.3-handshake.patch
new file mode 100644
index 0000000000..a84f45b84a
--- /dev/null
+++ b/network/ssmtp/patches/fix-tls1.3-handshake.patch
@@ -0,0 +1,24 @@
+Subject: Fix TLS 1.3 handshake
+From: Jeff King <peff@peff.net>
+Bug-Debian: https://bugs.debian.org/932605
+Last-Update: 2019-08-13
+
+diff --git a/ssmtp.c b/ssmtp.c
+index 7ab79ab..6b2b9d0 100644
+--- a/ssmtp.c
++++ b/ssmtp.c
+@@ -1291,8 +1291,12 @@ fd_getc() -- Read a character from an fd
+ ssize_t fd_getc(int fd, void *c)
+ {
+ #ifdef HAVE_SSL
+-	if(use_tls == True) { 
+-		return(SSL_read(ssl, c, 1));
++	if(use_tls == True) {
++		int attempt = 3;
++		int ret = 0;
++		while (attempt-- > 0 && ret == 0)
++			ret = SSL_read(ssl, c, 1);
++		return ret;
+ 	}
+ #endif
+ 	return(read(fd, c, 1));
diff --git a/network/ssmtp/patches/ssmtp-bug584162-fix.patch b/network/ssmtp/patches/ssmtp-bug584162-fix.patch
new file mode 100644
index 0000000000..17ab1d908e
--- /dev/null
+++ b/network/ssmtp/patches/ssmtp-bug584162-fix.patch
@@ -0,0 +1,120 @@
+Bug-Debian: http://bugs.debian.org/584162
+Reported-By: Christoph Biedl <debian.axhn@manchmal.in-ulm.de>
+Forwarded: not-needed
+Reviewed-By: Anibal Monsalve Salazar <anibal@debian.org>
+Last-Update: 2014-08-15
+
+From: "Daniel Richard G." <skunk@iSKUNK.ORG>
+Subject: Re: ssmtp: Partial loss of message body, sending message to wrong recipicients
+Date: Thu, 19 Jun 2014 14:44:30 -0400
+
+Attached is a patch against the original 2.64 source that should address
+this bug, and hopefully not break anything. An overview of my changes:
+
+* Added code to standarise() to drop the trailing '\r' if the line
+  originally ended with "\r\n".
+
+* Added a check to header_parse() that effectively converts an "\r\n" in
+  the input into '\n'.
+
+* Added a conditional so that header_parse() doesn't pass the empty
+  string to header_save()---a behavior I observed in testing, at the end
+  of a header block with "\r\n" line endings.
+
+* Simplified the last if(in_header) conditional in header_parse(),
+  because it erroneously assumes that if in_header == True, then c could
+  have some value other than EOF. (See the condition on the previous
+  "while" loop, and the lack of any other way to exit said loop.)
+
+  header_parse() will now properly grab a header if fed a message
+  without a body (i.e. no "\n\n" ending the header block), although this
+  code will still drop a header if there is no newline at the end.
+
+Christoph, thank you for your excellent analysis, and the test cases. I
+made use of them, and with my changes sSMTP appears to do the right
+thing.
+
+Index: ssmtp-2.64/ssmtp.c
+===================================================================
+--- ssmtp-2.64.orig/ssmtp.c
++++ ssmtp-2.64/ssmtp.c
+@@ -375,6 +375,12 @@ bool_t standardise(char *str, bool_t *li
+ 	if((p = strchr(str, '\n'))) {
+ 		*p = (char)NULL;
+ 		*linestart = True;
++
++		/* If the line ended in "\r\n", then drop the '\r' too */
++		sl = strlen(str);
++		if(sl >= 1 && str[sl - 1] == '\r') {
++			str[sl - 1] = (char)NULL;
++		}
+ 	}
+ 	return(leadingdot);
+ }
+@@ -768,6 +774,14 @@ void header_parse(FILE *stream)
+ 		}
+ 		len++;
+ 
++		if(l == '\r' && c == '\n') {
++			/* Properly handle input that already has "\r\n"
++			   line endings; see https://bugs.debian.org/584162 */
++			l = (len >= 2 ? *(q - 2) : '\n');
++			q--;
++			len--;
++		}
++
+ 		if(l == '\n') {
+ 			switch(c) {
+ 				case ' ':
+@@ -790,7 +804,9 @@ void header_parse(FILE *stream)
+ 						if((q = strrchr(p, '\n'))) {
+ 							*q = (char)NULL;
+ 						}
+-						header_save(p);
++						if(len > 0) {
++							header_save(p);
++						}
+ 
+ 						q = p;
+ 						len = 0;
+@@ -800,35 +816,12 @@ void header_parse(FILE *stream)
+ 
+ 		l = c;
+ 	}
+-	if(in_header) {
+-		if(l == '\n') {
+-			switch(c) {
+-				case ' ':
+-				case '\t':
+-						/* Must insert '\r' before '\n's embedded in header
+-						   fields otherwise qmail won't accept our mail
+-						   because a bare '\n' violates some RFC */
+-						
+-						*(q - 1) = '\r';	/* Replace previous \n with \r */
+-						*q++ = '\n';		/* Insert \n */
+-						len++;
+-						
+-						break;
+-
+-				case '\n':
+-						in_header = False;
+-
+-				default:
+-						*q = (char)NULL;
+-						if((q = strrchr(p, '\n'))) {
+-							*q = (char)NULL;
+-						}
+-						header_save(p);
+-
+-						q = p;
+-						len = 0;
+-			}
++	if(in_header && l == '\n') {
++		/* Got EOF while reading the header */
++		if((q = strrchr(p, '\n'))) {
++			*q = (char)NULL;
+ 		}
++		header_save(p);
+ 	}
+ 	(void)free(p);
+ }
diff --git a/network/ssmtp/patches/zzz_fix_warnings.patch b/network/ssmtp/patches/zzz_fix_warnings.patch
new file mode 100644
index 0000000000..936dc0d4c4
--- /dev/null
+++ b/network/ssmtp/patches/zzz_fix_warnings.patch
@@ -0,0 +1,189 @@
+diff -Naur ssmtp-2.64/ssmtp.c ssmtp-2.64.patched/ssmtp.c
+--- ssmtp-2.64/ssmtp.c	2021-09-25 20:31:20.120006571 -0400
++++ ssmtp-2.64.patched/ssmtp.c	2021-09-25 20:42:51.453926150 -0400
+@@ -55,21 +55,21 @@
+ 
+ #define ARPADATE_LENGTH 32		/* Current date in RFC format */
+ char arpadate[ARPADATE_LENGTH];
+-char *auth_user = (char)NULL;
+-char *auth_pass = (char)NULL;
+-char *auth_method = (char)NULL;		/* Mechanism for SMTP authentication */
+-char *mail_domain = (char)NULL;
+-char *from = (char)NULL;		/* Use this as the From: address */
++char *auth_user = (char *)NULL;
++char *auth_pass = (char *)NULL;
++char *auth_method = (char *)NULL;		/* Mechanism for SMTP authentication */
++char *mail_domain = (char *)NULL;
++char *from = (char *)NULL;		/* Use this as the From: address */
+ char *hostname;
+ char *mailhost = "mailhub";
+-char *minus_f = (char)NULL;
+-char *minus_F = (char)NULL;
++char *minus_f = (char *)NULL;
++char *minus_F = (char *)NULL;
+ char *gecos;
+-char *prog = (char)NULL;
++char *prog = (char *)NULL;
+ char *root = NULL;
+ char *tls_cert = "/etc/ssl/certs/ssmtp.pem";	/* Default Certificate */
+-char *uad = (char)NULL;
+-char *config_file = (char)NULL;		/* alternate configuration file */
++char *uad = (char *)NULL;
++char *config_file = (char *)NULL;		/* alternate configuration file */
+ 
+ headers_t headers, *ht;
+ 
+@@ -261,7 +261,7 @@
+ 
+ 	p = (str + strlen(str));
+ 	while(isspace(*--p)) {
+-		*p = (char)NULL;
++		*p = '\0';
+ 	}
+ 
+ 	return(p);
+@@ -287,7 +287,7 @@
+ 		q++;
+ 
+ 		if((p = strchr(q, '>'))) {
+-			*p = (char)NULL;
++			*p = '\0';
+ 		}
+ 
+ #if 0
+@@ -310,7 +310,7 @@
+ 	q = strip_post_ws(p);
+ 	if(*q == ')') {
+ 		while((*--q != '('));
+-		*q = (char)NULL;
++		*q = '\0';
+ 	}
+ 	(void)strip_post_ws(p);
+ 
+@@ -363,13 +363,13 @@
+ 	*linestart = False;
+ 
+ 	if((p = strchr(str, '\n'))) {
+-		*p = (char)NULL;
++		*p = '\0';
+ 		*linestart = True;
+ 
+ 		/* If the line ended in "\r\n", then drop the '\r' too */
+ 		sl = strlen(str);
+ 		if(sl >= 1 && str[sl - 1] == '\r') {
+-			str[sl - 1] = (char)NULL;
++			str[sl - 1] = '\0';
+ 		}
+ 	}
+ 	return(leadingdot);
+@@ -390,7 +390,7 @@
+ 		while(fgets(buf, sizeof(buf), fp)) {
+ 			/* Make comments invisible */
+ 			if((p = strchr(buf, '#'))) {
+-				*p = (char)NULL;
++				*p = '\0';
+ 			}
+ 
+ 			/* Ignore malformed lines and comments */
+@@ -525,7 +525,7 @@
+ #endif
+ 
+ 	/* Ignore missing usernames */
+-	if(*str == (char)NULL) {
++	if(*str == '\0') {
+ 		return;
+ 	}
+ 
+@@ -582,7 +582,7 @@
+ 		}
+ 
+ 		/* End of string? */
+-		if(*(q + 1) == (char)NULL) {
++		if(*(q + 1) == '\0') {
+ 			got_addr = True;
+ 		}
+ 
+@@ -590,7 +590,7 @@
+ 		if((*q == ',') && (in_quotes == False)) {
+ 			got_addr = True;
+ 
+-			*q = (char)NULL;
++			*q = '\0';
+ 		}
+ 
+ 		if(got_addr) {
+@@ -682,7 +682,7 @@
+ 	if(strncasecmp(ht->string, "From:", 5) == 0) {
+ #if 1
+ 		/* Hack check for NULL From: line */
+-		if(*(p + 6) == (char)NULL) {
++		if(*(p + 6) == '\0') {
+ 			return;
+ 		}
+ #endif
+@@ -747,7 +747,7 @@
+ 	size_t size = BUF_SZ, len = 0;
+ 	char *p = (char *)NULL, *q;
+ 	bool_t in_header = True;
+-	char l = (char)NULL;
++	char l = '\0';
+ 	int c;
+ 
+ 	while(in_header && ((c = fgetc(stream)) != EOF)) {
+@@ -790,9 +790,9 @@
+ 						in_header = False;
+ 
+ 				default:
+-						*q = (char)NULL;
++						*q = '\0';
+ 						if((q = strrchr(p, '\n'))) {
+-							*q = (char)NULL;
++							*q = '\0';
+ 						}
+ 						if(len > 0) {
+ 							header_save(p);
+@@ -809,7 +809,7 @@
+ 	if(in_header && l == '\n') {
+ 		/* Got EOF while reading the header */
+ 		if((q = strrchr(p, '\n'))) {
+-			*q = (char)NULL;
++			*q = '\0';
+ 		}
+ 		header_save(p);
+ 	}
+@@ -869,7 +869,7 @@
+ 		char *rightside;
+ 		/* Make comments invisible */
+ 		if((p = strchr(buf, '#'))) {
+-			*p = (char)NULL;
++			*p = '\0';
+ 		}
+ 
+ 		/* Ignore malformed lines and comments */
+@@ -1113,7 +1113,7 @@
+ 
+ 	/* Init SSL stuff */
+ 	SSL_CTX *ctx;
+-	SSL_METHOD *meth;
++	const SSL_METHOD *meth;
+ 	X509 *server_cert;
+ 
+ 	SSL_load_error_strings();
+@@ -1307,7 +1307,7 @@
+ 			buf[i++] = c;
+ 		}
+ 	}
+-	buf[i] = (char)NULL;
++	buf[i] = '\0';
+ 
+ 	return(buf);
+ }
+@@ -1739,7 +1739,7 @@
+ 		j = 0;
+ 
+ 		add = 1;
+-		while(argv[i][++j] != (char)NULL) {
++		while(argv[i][++j] != '\0') {
+ 			switch(argv[i][j]) {
+ #ifdef INET6
+ 			case '6':