summaryrefslogtreecommitdiff
path: root/gnu/packages/patches
diff options
context:
space:
mode:
authorMathieu Othacehe <othacehe@gnu.org>2021-12-10 21:49:25 +0100
committerMathieu Othacehe <othacehe@gnu.org>2021-12-10 21:49:25 +0100
commit32750e8c3ed38df4cafb39cffa878c6851abc899 (patch)
treedcf40b321c3b492bd1d00244c78f72160e66a554 /gnu/packages/patches
parent6104071e483095f9fea9700e0317e84f64102ae2 (diff)
parente1e32303129c5aedc7236d5cc854d6b72ad35daf (diff)
Merge remote-tracking branch 'signed/master' into core-updates
Diffstat (limited to 'gnu/packages/patches')
-rw-r--r--gnu/packages/patches/bind-re-add-attr-constructor-priority.patch57
-rw-r--r--gnu/packages/patches/go-github-com-golang-snappy-32bit-test.patch53
-rw-r--r--gnu/packages/patches/icecat-CVE-2021-43527.patch354
-rw-r--r--gnu/packages/patches/monero-use-system-miniupnpc.patch12
-rw-r--r--gnu/packages/patches/rust-wl-clipboard-rs-newer-wl.patch26
-rw-r--r--gnu/packages/patches/sendgmail-accept-ignored-gsuite-flag.patch39
-rw-r--r--gnu/packages/patches/sendgmail-remove-domain-restriction.patch34
7 files changed, 216 insertions, 359 deletions
diff --git a/gnu/packages/patches/bind-re-add-attr-constructor-priority.patch b/gnu/packages/patches/bind-re-add-attr-constructor-priority.patch
new file mode 100644
index 0000000000..5d6765dd92
--- /dev/null
+++ b/gnu/packages/patches/bind-re-add-attr-constructor-priority.patch
@@ -0,0 +1,57 @@
+From 6361de07a35f2e9dc1d7201d6b26ca31da93ee69 Mon Sep 17 00:00:00 2001
+From: Tobias Geerinckx-Rice <me@tobias.gr>
+Date: Thu, 9 Dec 2021 01:07:32 +0100
+Subject: [PATCH] Revert "Remove priority from attribute
+ constructor/destructor"
+
+This reverts commit 0340df46ec5897636dd071bc8b5c4272cfa7d7be. It works
+around an irrelevant operating system and breaks compilation on Guix:
+
+mem.c:873: fatal error: RUNTIME_CHECK(((pthread_mutex_lock(((&contextslock))) == 0) ? 0 : 34) == 0) failed
+/gnu/store/pwcp239kjf7lnj5i4lkdzcfcxwcfyk72-bash-minimal-5.0.16/bin/bash: line 1: 13768 Aborted ./${fuzzer}
+
+Let's simply revert it for now---there are securities at stake!
+---
+ lib/isc/include/isc/util.h | 8 ++++----
+ lib/isc/lib.c | 4 ++--
+ 2 files changed, 6 insertions(+), 6 deletions(-)
+
+diff --git a/lib/isc/include/isc/util.h b/lib/isc/include/isc/util.h
+index f0f7f85fa4..64c26587ac 100644
+--- a/lib/isc/include/isc/util.h
++++ b/lib/isc/include/isc/util.h
+@@ -49,11 +49,11 @@
+ #endif /* __GNUC__ */
+
+ #if HAVE_FUNC_ATTRIBUTE_CONSTRUCTOR && HAVE_FUNC_ATTRIBUTE_DESTRUCTOR
+-#define ISC_CONSTRUCTOR __attribute__((constructor))
+-#define ISC_DESTRUCTOR __attribute__((destructor))
++#define ISC_CONSTRUCTOR(priority) __attribute__((constructor(priority)))
++#define ISC_DESTRUCTOR(priority) __attribute__((destructor(priority)))
+ #elif WIN32
+-#define ISC_CONSTRUCTOR
+-#define ISC_DESTRUCTOR
++#define ISC_CONSTRUCTOR(priority)
++#define ISC_DESTRUCTOR(priority)
+ #endif
+
+ /*%
+diff --git a/lib/isc/lib.c b/lib/isc/lib.c
+index f3576b2659..2a167fec21 100644
+--- a/lib/isc/lib.c
++++ b/lib/isc/lib.c
+@@ -35,9 +35,9 @@ isc_lib_register(void) {
+ }
+
+ void
+-isc__initialize(void) ISC_CONSTRUCTOR;
++isc__initialize(void) ISC_CONSTRUCTOR(101);
+ void
+-isc__shutdown(void) ISC_DESTRUCTOR;
++isc__shutdown(void) ISC_DESTRUCTOR(101);
+
+ void
+ isc__initialize(void) {
+--
+2.34.0
+
diff --git a/gnu/packages/patches/go-github-com-golang-snappy-32bit-test.patch b/gnu/packages/patches/go-github-com-golang-snappy-32bit-test.patch
new file mode 100644
index 0000000000..95b5819cdb
--- /dev/null
+++ b/gnu/packages/patches/go-github-com-golang-snappy-32bit-test.patch
@@ -0,0 +1,53 @@
+https://salsa.debian.org/go-team/packages/golang-github-golang-snappy/-/raw/debian/0.0.2-2/debian/patches/0002-Skip-failed-test-on-32bit-system.patch
+
+From: Shengjing Zhu <zhsj@debian.org>
+Date: Sun, 31 Jan 2021 22:41:42 +0800
+Subject: Skip failed test on 32bit system
+
+The test doesn't pass on old version too, not a regression.
+
+Bug: https://github.com/golang/snappy/issues/58
+---
+ snappy_test.go | 20 +++++++++++++++-----
+ 1 file changed, 15 insertions(+), 5 deletions(-)
+
+diff --git a/snappy_test.go b/snappy_test.go
+index d7c3ea6..c310ba1 100644
+--- a/snappy_test.go
++++ b/snappy_test.go
+@@ -19,6 +19,7 @@ import (
+ "runtime"
+ "strings"
+ "testing"
++ "unsafe"
+ )
+
+ var (
+@@ -316,13 +317,22 @@ func TestDecode(t *testing.T) {
+ "\x06" + "\x0cabcd" + "\x07\x03\x00\x00\x00",
+ "abcdbc",
+ nil,
+- }, {
+- `decodedLen=0; tagCopy4, 4 extra length|offset bytes; with msb set (0x93); discovered by go-fuzz`,
+- "\x00\xfc000\x93",
+- "",
+- ErrCorrupt,
+ }}
+
++ if unsafe.Sizeof(int(0)) == 8 {
++ testCases = append(testCases, struct {
++ desc string
++ input string
++ want string
++ wantErr error
++ }{
++ `decodedLen=0; tagCopy4, 4 extra length|offset bytes; with msb set (0x93); discovered by go-fuzz`,
++ "\x00\xfc000\x93",
++ "",
++ ErrCorrupt,
++ })
++ }
++
+ const (
+ // notPresentXxx defines a range of byte values [0xa0, 0xc5) that are
+ // not present in either the input or the output. It is written to dBuf
diff --git a/gnu/packages/patches/icecat-CVE-2021-43527.patch b/gnu/packages/patches/icecat-CVE-2021-43527.patch
deleted file mode 100644
index 66706ea5e0..0000000000
--- a/gnu/packages/patches/icecat-CVE-2021-43527.patch
+++ /dev/null
@@ -1,354 +0,0 @@
-Fixes CVE-2021-43527.
-Copied from <https://hg.mozilla.org/projects/nss/rev/dea71cbef9e03636f37c6cb120f8deccce6e17dd>,
-but with the file names adjusted to allow easy use within GNU Guix.
-
-# HG changeset patch
-# User Dennis Jackson <djackson@mozilla.com>
-# Date 1637577642 0
-# Node ID dea71cbef9e03636f37c6cb120f8deccce6e17dd
-# Parent da3d22d708c9cc0a32cff339658aeb627575e371
-Bug 1737470 - Ensure DER encoded signatures are within size limits. r=jschanck,mt,bbeurdouche,rrelyea
-
-Differential Revision: https://phabricator.services.mozilla.com/D129514
-
---- a/security/nss/lib/cryptohi/secvfy.c
-+++ b/security/nss/lib/cryptohi/secvfy.c
-@@ -159,58 +159,89 @@ verifyPKCS1DigestInfo(const VFYContext *
- SECItem pkcs1DigestInfo;
- pkcs1DigestInfo.data = cx->pkcs1RSADigestInfo;
- pkcs1DigestInfo.len = cx->pkcs1RSADigestInfoLen;
- return _SGN_VerifyPKCS1DigestInfo(
- cx->hashAlg, digest, &pkcs1DigestInfo,
- PR_FALSE /*XXX: unsafeAllowMissingParameters*/);
- }
-
-+static unsigned int
-+checkedSignatureLen(const SECKEYPublicKey *pubk)
-+{
-+ unsigned int sigLen = SECKEY_SignatureLen(pubk);
-+ if (sigLen == 0) {
-+ /* Error set by SECKEY_SignatureLen */
-+ return sigLen;
-+ }
-+ unsigned int maxSigLen;
-+ switch (pubk->keyType) {
-+ case rsaKey:
-+ case rsaPssKey:
-+ maxSigLen = (RSA_MAX_MODULUS_BITS + 7) / 8;
-+ break;
-+ case dsaKey:
-+ maxSigLen = DSA_MAX_SIGNATURE_LEN;
-+ break;
-+ case ecKey:
-+ maxSigLen = 2 * MAX_ECKEY_LEN;
-+ break;
-+ default:
-+ PORT_SetError(SEC_ERROR_UNSUPPORTED_KEYALG);
-+ return 0;
-+ }
-+ if (sigLen > maxSigLen) {
-+ PORT_SetError(SEC_ERROR_INVALID_KEY);
-+ return 0;
-+ }
-+ return sigLen;
-+}
-+
- /*
- * decode the ECDSA or DSA signature from it's DER wrapping.
- * The unwrapped/raw signature is placed in the buffer pointed
- * to by dsig and has enough room for len bytes.
- */
- static SECStatus
- decodeECorDSASignature(SECOidTag algid, const SECItem *sig, unsigned char *dsig,
- unsigned int len)
- {
- SECItem *dsasig = NULL; /* also used for ECDSA */
-- SECStatus rv = SECSuccess;
-
-- if ((algid != SEC_OID_ANSIX9_DSA_SIGNATURE) &&
-- (algid != SEC_OID_ANSIX962_EC_PUBLIC_KEY)) {
-- if (sig->len != len) {
-- PORT_SetError(SEC_ERROR_BAD_DER);
-- return SECFailure;
-+ /* Safety: Ensure algId is as expected and that signature size is within maxmimums */
-+ if (algid == SEC_OID_ANSIX9_DSA_SIGNATURE) {
-+ if (len > DSA_MAX_SIGNATURE_LEN) {
-+ goto loser;
- }
--
-- PORT_Memcpy(dsig, sig->data, sig->len);
-- return SECSuccess;
-+ } else if (algid == SEC_OID_ANSIX962_EC_PUBLIC_KEY) {
-+ if (len > MAX_ECKEY_LEN * 2) {
-+ goto loser;
-+ }
-+ } else {
-+ goto loser;
- }
-
-- if (algid == SEC_OID_ANSIX962_EC_PUBLIC_KEY) {
-- if (len > MAX_ECKEY_LEN * 2) {
-- PORT_SetError(SEC_ERROR_BAD_DER);
-- return SECFailure;
-- }
-+ /* Decode and pad to length */
-+ dsasig = DSAU_DecodeDerSigToLen((SECItem *)sig, len);
-+ if (dsasig == NULL) {
-+ goto loser;
- }
-- dsasig = DSAU_DecodeDerSigToLen((SECItem *)sig, len);
--
-- if ((dsasig == NULL) || (dsasig->len != len)) {
-- rv = SECFailure;
-- } else {
-- PORT_Memcpy(dsig, dsasig->data, dsasig->len);
-+ if (dsasig->len != len) {
-+ SECITEM_FreeItem(dsasig, PR_TRUE);
-+ goto loser;
- }
-
-- if (dsasig != NULL)
-- SECITEM_FreeItem(dsasig, PR_TRUE);
-- if (rv == SECFailure)
-- PORT_SetError(SEC_ERROR_BAD_DER);
-- return rv;
-+ PORT_Memcpy(dsig, dsasig->data, len);
-+ SECITEM_FreeItem(dsasig, PR_TRUE);
-+
-+ return SECSuccess;
-+
-+loser:
-+ PORT_SetError(SEC_ERROR_BAD_DER);
-+ return SECFailure;
- }
-
- const SEC_ASN1Template hashParameterTemplate[] =
- {
- { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SECItem) },
- { SEC_ASN1_OBJECT_ID, 0 },
- { SEC_ASN1_SKIP_REST },
- { 0 }
-@@ -276,17 +307,17 @@ sec_GetEncAlgFromSigAlg(SECOidTag sigAlg
- *
- * Returns: SECSuccess if the algorithm was acceptable, SECFailure if the
- * algorithm was not found or was not a signing algorithm.
- */
- SECStatus
- sec_DecodeSigAlg(const SECKEYPublicKey *key, SECOidTag sigAlg,
- const SECItem *param, SECOidTag *encalgp, SECOidTag *hashalg)
- {
-- int len;
-+ unsigned int len;
- PLArenaPool *arena;
- SECStatus rv;
- SECItem oid;
- SECOidTag encalg;
-
- PR_ASSERT(hashalg != NULL);
- PR_ASSERT(encalgp != NULL);
-
-@@ -461,58 +492,62 @@ vfy_CreateContext(const SECKEYPublicKey
- cx->wincx = wincx;
- cx->hasSignature = (sig != NULL);
- cx->encAlg = encAlg;
- cx->hashAlg = hashAlg;
- cx->key = SECKEY_CopyPublicKey(key);
- cx->pkcs1RSADigestInfo = NULL;
- rv = SECSuccess;
- if (sig) {
-- switch (type) {
-- case rsaKey:
-- rv = recoverPKCS1DigestInfo(hashAlg, &cx->hashAlg,
-- &cx->pkcs1RSADigestInfo,
-- &cx->pkcs1RSADigestInfoLen,
-- cx->key,
-- sig, wincx);
-- break;
-- case rsaPssKey:
-- sigLen = SECKEY_SignatureLen(key);
-- if (sigLen == 0) {
-- /* error set by SECKEY_SignatureLen */
-- rv = SECFailure;
-+ rv = SECFailure;
-+ if (type == rsaKey) {
-+ rv = recoverPKCS1DigestInfo(hashAlg, &cx->hashAlg,
-+ &cx->pkcs1RSADigestInfo,
-+ &cx->pkcs1RSADigestInfoLen,
-+ cx->key,
-+ sig, wincx);
-+ } else {
-+ sigLen = checkedSignatureLen(key);
-+ /* Check signature length is within limits */
-+ if (sigLen == 0) {
-+ /* error set by checkedSignatureLen */
-+ rv = SECFailure;
-+ goto loser;
-+ }
-+ if (sigLen > sizeof(cx->u)) {
-+ PORT_SetError(SEC_ERROR_BAD_SIGNATURE);
-+ rv = SECFailure;
-+ goto loser;
-+ }
-+ switch (type) {
-+ case rsaPssKey:
-+ if (sig->len != sigLen) {
-+ PORT_SetError(SEC_ERROR_BAD_SIGNATURE);
-+ rv = SECFailure;
-+ goto loser;
-+ }
-+ PORT_Memcpy(cx->u.buffer, sig->data, sigLen);
-+ rv = SECSuccess;
- break;
-- }
-- if (sig->len != sigLen) {
-- PORT_SetError(SEC_ERROR_BAD_SIGNATURE);
-+ case ecKey:
-+ case dsaKey:
-+ /* decodeECorDSASignature will check sigLen == sig->len after padding */
-+ rv = decodeECorDSASignature(encAlg, sig, cx->u.buffer, sigLen);
-+ break;
-+ default:
-+ /* Unreachable */
- rv = SECFailure;
-- break;
-- }
-- PORT_Memcpy(cx->u.buffer, sig->data, sigLen);
-- break;
-- case dsaKey:
-- case ecKey:
-- sigLen = SECKEY_SignatureLen(key);
-- if (sigLen == 0) {
-- /* error set by SECKEY_SignatureLen */
-- rv = SECFailure;
-- break;
-- }
-- rv = decodeECorDSASignature(encAlg, sig, cx->u.buffer, sigLen);
-- break;
-- default:
-- rv = SECFailure;
-- PORT_SetError(SEC_ERROR_UNSUPPORTED_KEYALG);
-- break;
-+ goto loser;
-+ }
-+ }
-+ if (rv != SECSuccess) {
-+ goto loser;
- }
- }
-
-- if (rv)
-- goto loser;
--
- /* check hash alg again, RSA may have changed it.*/
- if (HASH_GetHashTypeByOidTag(cx->hashAlg) == HASH_AlgNULL) {
- /* error set by HASH_GetHashTypeByOidTag */
- goto loser;
- }
- /* check the policy on the hash algorithm. Do this after
- * the rsa decode because some uses of this function get hash implicitly
- * from the RSA signature itself. */
-@@ -645,21 +680,26 @@ VFY_EndWithSignature(VFYContext *cx, SEC
- if (cx->hashcx == NULL) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
- return SECFailure;
- }
- (*cx->hashobj->end)(cx->hashcx, final, &part, sizeof(final));
- switch (cx->key->keyType) {
- case ecKey:
- case dsaKey:
-- dsasig.data = cx->u.buffer;
-- dsasig.len = SECKEY_SignatureLen(cx->key);
-+ dsasig.len = checkedSignatureLen(cx->key);
- if (dsasig.len == 0) {
- return SECFailure;
- }
-+ if (dsasig.len > sizeof(cx->u)) {
-+ PORT_SetError(SEC_ERROR_BAD_SIGNATURE);
-+ return SECFailure;
-+ }
-+ dsasig.data = cx->u.buffer;
-+
- if (sig) {
- rv = decodeECorDSASignature(cx->encAlg, sig, dsasig.data,
- dsasig.len);
- if (rv != SECSuccess) {
- PORT_SetError(SEC_ERROR_BAD_SIGNATURE);
- return SECFailure;
- }
- }
-@@ -681,18 +721,23 @@ VFY_EndWithSignature(VFYContext *cx, SEC
- cx->params,
- &mech);
- PORT_DestroyCheapArena(&tmpArena);
- if (rv != SECSuccess) {
- return SECFailure;
- }
-
- rsasig.data = cx->u.buffer;
-- rsasig.len = SECKEY_SignatureLen(cx->key);
-+ rsasig.len = checkedSignatureLen(cx->key);
- if (rsasig.len == 0) {
-+ /* Error set by checkedSignatureLen */
-+ return SECFailure;
-+ }
-+ if (rsasig.len > sizeof(cx->u)) {
-+ PORT_SetError(SEC_ERROR_BAD_SIGNATURE);
- return SECFailure;
- }
- if (sig) {
- if (sig->len != rsasig.len) {
- PORT_SetError(SEC_ERROR_BAD_SIGNATURE);
- return SECFailure;
- }
- PORT_Memcpy(rsasig.data, sig->data, rsasig.len);
-@@ -744,37 +789,42 @@ VFY_End(VFYContext *cx)
- static SECStatus
- vfy_VerifyDigest(const SECItem *digest, const SECKEYPublicKey *key,
- const SECItem *sig, SECOidTag encAlg, SECOidTag hashAlg,
- void *wincx)
- {
- SECStatus rv;
- VFYContext *cx;
- SECItem dsasig; /* also used for ECDSA */
--
- rv = SECFailure;
-
- cx = vfy_CreateContext(key, sig, encAlg, hashAlg, NULL, wincx);
- if (cx != NULL) {
- switch (key->keyType) {
- case rsaKey:
- rv = verifyPKCS1DigestInfo(cx, digest);
-+ /* Error (if any) set by verifyPKCS1DigestInfo */
- break;
-- case dsaKey:
- case ecKey:
-+ case dsaKey:
- dsasig.data = cx->u.buffer;
-- dsasig.len = SECKEY_SignatureLen(cx->key);
-+ dsasig.len = checkedSignatureLen(cx->key);
- if (dsasig.len == 0) {
-+ /* Error set by checkedSignatureLen */
-+ rv = SECFailure;
- break;
- }
-- if (PK11_Verify(cx->key, &dsasig, (SECItem *)digest, cx->wincx) !=
-- SECSuccess) {
-+ if (dsasig.len > sizeof(cx->u)) {
- PORT_SetError(SEC_ERROR_BAD_SIGNATURE);
-- } else {
-- rv = SECSuccess;
-+ rv = SECFailure;
-+ break;
-+ }
-+ rv = PK11_Verify(cx->key, &dsasig, (SECItem *)digest, cx->wincx);
-+ if (rv != SECSuccess) {
-+ PORT_SetError(SEC_ERROR_BAD_SIGNATURE);
- }
- break;
- default:
- break;
- }
- VFY_DestroyContext(cx, PR_TRUE);
- }
- return rv;
-
diff --git a/gnu/packages/patches/monero-use-system-miniupnpc.patch b/gnu/packages/patches/monero-use-system-miniupnpc.patch
index c5d376d793..2bd179946f 100644
--- a/gnu/packages/patches/monero-use-system-miniupnpc.patch
+++ b/gnu/packages/patches/monero-use-system-miniupnpc.patch
@@ -1,14 +1,16 @@
diff --git a/external/CMakeLists.txt b/external/CMakeLists.txt
-index 7553f87e..8e865c6c 100644
+index 5b7f69a56..3a353a0f3 100644
--- a/external/CMakeLists.txt
+++ b/external/CMakeLists.txt
-@@ -37,19 +37,7 @@
+@@ -37,21 +37,7 @@
find_package(Miniupnpc REQUIRED)
-message(STATUS "Using in-tree miniupnpc")
+-set(UPNPC_NO_INSTALL TRUE CACHE BOOL "Disable miniupnp installation" FORCE)
-add_subdirectory(miniupnp/miniupnpc)
-set_property(TARGET libminiupnpc-static PROPERTY FOLDER "external")
+-set_property(TARGET libminiupnpc-static PROPERTY POSITION_INDEPENDENT_CODE ON)
-if(MSVC)
- set_property(TARGET libminiupnpc-static APPEND_STRING PROPERTY COMPILE_FLAGS " -wd4244 -wd4267")
-elseif(NOT MSVC)
@@ -24,12 +26,12 @@ index 7553f87e..8e865c6c 100644
find_package(Unbound)
diff --git a/src/p2p/net_node.inl b/src/p2p/net_node.inl
-index 74924e4f..3554dd0d 100644
+index d4b39869c..13071d898 100644
--- a/src/p2p/net_node.inl
+++ b/src/p2p/net_node.inl
-@@ -49,9 +49,9 @@
- #include "storages/levin_abstract_invoke2.h"
+@@ -61,9 +61,9 @@
#include "cryptonote_core/cryptonote_core.h"
+ #include "net/parse.h"
-#include <miniupnp/miniupnpc/miniupnpc.h>
-#include <miniupnp/miniupnpc/upnpcommands.h>
diff --git a/gnu/packages/patches/rust-wl-clipboard-rs-newer-wl.patch b/gnu/packages/patches/rust-wl-clipboard-rs-newer-wl.patch
new file mode 100644
index 0000000000..9fb692e9a6
--- /dev/null
+++ b/gnu/packages/patches/rust-wl-clipboard-rs-newer-wl.patch
@@ -0,0 +1,26 @@
+diff --git a/Cargo.toml b/Cargo.toml
+index 7b975e0..313cb63 100644
+--- a/Cargo.toml
++++ b/Cargo.toml.new
+@@ -75,17 +75,17 @@ version = "3"
+ version = "0.2"
+
+ [dependencies.wayland-client]
+-version = "0.27"
++version = "0.28"
+
+ [dependencies.wayland-protocols]
+-version = "0.27"
++version = "0.28"
+ features = ["client", "unstable_protocols"]
+ [dev-dependencies.wayland-protocols]
+-version = "0.27"
++version = "0.28"
+ features = ["server", "unstable_protocols"]
+
+ [dev-dependencies.wayland-server]
+-version = "0.27"
++version = "0.28"
+
+ [features]
+ dlopen = ["native_lib", "wayland-client/dlopen", "wayland-server/dlopen"]
diff --git a/gnu/packages/patches/sendgmail-accept-ignored-gsuite-flag.patch b/gnu/packages/patches/sendgmail-accept-ignored-gsuite-flag.patch
new file mode 100644
index 0000000000..8405ff4e42
--- /dev/null
+++ b/gnu/packages/patches/sendgmail-accept-ignored-gsuite-flag.patch
@@ -0,0 +1,39 @@
+From 854490dc4a8a6a661b4750730c3ff749519f6e36 Mon Sep 17 00:00:00 2001
+From: Philip McGrath <philip@philipmcgrath.com>
+Date: Sun, 14 Nov 2021 10:14:24 -0500
+Subject: [PATCH] sendgmail: accept and ignore a "-gsuite" flag
+
+Accepting a "-gsuite" flag provides compatability with
+https://github.com/Flameeyes/gmail-oauth2-tools/commit/eabb456
+so users do not have to change their scripts or config files.
+
+Full hash of original: eabb45608ff4ce04045ff4ea92d05450e789ac81
+
+Related to https://github.com/google/gmail-oauth2-tools/pull/17
+---
+ go/sendgmail/main.go | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/go/sendgmail/main.go b/go/sendgmail/main.go
+index 405aa1b..5cfd0c1 100644
+--- a/go/sendgmail/main.go
++++ b/go/sendgmail/main.go
+@@ -40,6 +40,7 @@ var (
+ setUp bool
+ dummyF string
+ dummyI bool
++ gsuite bool
+ )
+
+ func init() {
+@@ -47,6 +48,7 @@ func init() {
+ flag.BoolVar(&setUp, "setup", false, "If true, sendgmail sets up the sender's OAuth2 token and then exits.")
+ flag.StringVar(&dummyF, "f", "", "Dummy flag for compatibility with sendmail.")
+ flag.BoolVar(&dummyI, "i", true, "Dummy flag for compatibility with sendmail.")
++ flag.BoolVar(&gsuite, "gsuite", true, "Dummy flag for compatibility with other forks of sendgmail.")
+ }
+
+ func main() {
+--
+2.32.0
+
diff --git a/gnu/packages/patches/sendgmail-remove-domain-restriction.patch b/gnu/packages/patches/sendgmail-remove-domain-restriction.patch
new file mode 100644
index 0000000000..d23af33375
--- /dev/null
+++ b/gnu/packages/patches/sendgmail-remove-domain-restriction.patch
@@ -0,0 +1,34 @@
+From a5ecd1b2302d0def2f6f8349747022a615a9f017 Mon Sep 17 00:00:00 2001
+From: Tamas K Lengyel <tamas@tklengyel.com>
+Date: Tue, 26 May 2020 13:27:50 -0600
+Subject: [PATCH] Don't limit to email with @gmail.com
+
+---
+ go/sendgmail/main.go | 4 ----
+ 1 file changed, 4 deletions(-)
+
+diff --git a/go/sendgmail/main.go b/go/sendgmail/main.go
+index b35ef23..405aa1b 100644
+--- a/go/sendgmail/main.go
++++ b/go/sendgmail/main.go
+@@ -30,7 +30,6 @@ import (
+ "log"
+ "net/smtp"
+ "os"
+- "strings"
+
+ "golang.org/x/oauth2"
+ googleOAuth2 "golang.org/x/oauth2/google"
+@@ -52,9 +51,6 @@ func init() {
+
+ func main() {
+ flag.Parse()
+- if atDomain := "@gmail.com"; !strings.HasSuffix(sender, atDomain) {
+- log.Fatalf("-sender must specify an %v email address.", atDomain)
+- }
+ config := getConfig()
+ tokenPath := fmt.Sprintf("%v/.sendgmail.%v.json", os.Getenv("HOME"), sender)
+ if setUp {
+--
+2.32.0
+