pkgsrc-Changes archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
CVS commit: pkgsrc
Module Name: pkgsrc
Committed By: manu
Date: Thu May 27 16:52:00 UTC 2021
Modified Files:
pkgsrc/doc: CHANGES-2021
pkgsrc/mail/opendmarc: Makefile distinfo
pkgsrc/mail/opendmarc/patches: patch-RequiredFrom
patch-libopendmarc_opendmarc__dns.c
patch-opendmarc_opendmarc-arcares.c
patch-opendmarc_opendmarc-arcseal.c
Added Files:
pkgsrc/mail/opendmarc/patches: patch-opendmarc_parse.c
Removed Files:
pkgsrc/mail/opendmarc/patches: patch-configure.ac
patch-libopendmarc_opendmarc__spf__dns.c
Log Message:
Update mail/opendmarc to 1.4.1.1
Changes since 1.4.0 from the RELEASE_NOTES file
NOTE: In response to CVE-2019-20790, opendmarc has changed
how it evaluates headers added by previous
SPF milters. Users are encouraged to read the
CVE-2019-20790 file in the "SECURITY" folder
for more details. (#49, #158). Originally reported by
Jianjun Chen, feedback by Simon Wilson and
David Bürgin <dbuergin%gluet.ch@localhost>.
NOTE: OpenDMARC's internal SPF handling will be removed
in a future version. Users are encouraged to
build linked against libspf2. Many pre-built
packages provided by OS packagers already do this.
(See https://www.libspf2.org)
Addition of defines for MUSL C Library. (#129/#133). Patches by
Marco Rebhan.
Updated opendmarc.conf manpage and opendmarc.conf.sample to point to
https://publicsuffix.org/list/.
Added a CONTRIBUTING document.
Fix two #ifdefs in arc functions for strlcpy. (#138). Reported by
Leo Bicknell.
Fixes to MySQL Schema (#98/#99). Patch by Bond Keevil.
LIBSPF2 calls would not compile on OpenBSD due to OpenBSD not
having the ns_type definition in arpa/resolv.h.
Added detection to configure script. (#134)
Reworked hcreate_r calls to use hcreate, to compile natively on
OpenBSD and MacOS. (Part of #94) Reported by Rupert
Gallagher.
Add compatibility with AutoConf 2.70. (#95)
Documentation updates about SourceForge being deprecated. (#101)
Only accept results from Received-SPF fields that indicate clearly
which identifier was being evaluated, since DMARC specifically
only wants results based on MAIL FROM.
Many build-time fixes (#100, #91, #90, #86, #85, #84, #83, #82, #81)
Patches provided by Rupert Gallagher (ruga%protonmail.com@localhost)
Added config option HoldQuarantinedMessages (default false), which
controls if messages with p=quarantine will be passed on to
the mail stream (if False) or placed in the MTA's "hold"
queue (if True). Issue #105. Patch by Marcos Moraes, on
the OpenDMARC mailing list.
Remove "--with-wall" from "configure". Suggested by Leo Bicknell.
LIBOPENDMARC: Fix bug #50: Ignore all RRTYPEs other than TXT.
Problem reported by Jan Bouwhuis.
LIBOPENDMARC: Fix bug #89: Repair absurd RRTYPE test in SPF code.
LIBOPENDMARC: Fix bug #104: Fix bogus header field parsing code.
LIBOPENDMARC: Fix bug #161: Don't pass the client IP address through
htonl() since it's already in network byte order. This
was causing SPF errors when the internal SPF
implementation was in use.
LIBOPENDMARC: Fix numerous problems with the internal SPF
implementation.
To generate a diff of this commit:
cvs rdiff -u -r1.2998 -r1.2999 pkgsrc/doc/CHANGES-2021
cvs rdiff -u -r1.25 -r1.26 pkgsrc/mail/opendmarc/Makefile
cvs rdiff -u -r1.10 -r1.11 pkgsrc/mail/opendmarc/distinfo
cvs rdiff -u -r1.1 -r1.2 pkgsrc/mail/opendmarc/patches/patch-RequiredFrom \
pkgsrc/mail/opendmarc/patches/patch-opendmarc_opendmarc-arcares.c \
pkgsrc/mail/opendmarc/patches/patch-opendmarc_opendmarc-arcseal.c
cvs rdiff -u -r1.3 -r0 pkgsrc/mail/opendmarc/patches/patch-configure.ac
cvs rdiff -u -r1.2 -r1.3 \
pkgsrc/mail/opendmarc/patches/patch-libopendmarc_opendmarc__dns.c
cvs rdiff -u -r1.2 -r0 \
pkgsrc/mail/opendmarc/patches/patch-libopendmarc_opendmarc__spf__dns.c
cvs rdiff -u -r0 -r1.1 pkgsrc/mail/opendmarc/patches/patch-opendmarc_parse.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: pkgsrc/doc/CHANGES-2021
diff -u pkgsrc/doc/CHANGES-2021:1.2998 pkgsrc/doc/CHANGES-2021:1.2999
--- pkgsrc/doc/CHANGES-2021:1.2998 Thu May 27 15:25:34 2021
+++ pkgsrc/doc/CHANGES-2021 Thu May 27 16:51:59 2021
@@ -1,4 +1,4 @@
-$NetBSD: CHANGES-2021,v 1.2998 2021/05/27 15:25:34 bsiegert Exp $
+$NetBSD: CHANGES-2021,v 1.2999 2021/05/27 16:51:59 manu Exp $
Changes to the packages collection and infrastructure in 2021:
@@ -4631,3 +4631,4 @@ Changes to the packages collection and i
Removed graphics/go-smartcrop [bsiegert 2021-05-27]
Removed graphics/go-resize [bsiegert 2021-05-27]
Removed graphics/go-imaging [bsiegert 2021-05-27]
+ Updated mail/opendmarc to 1.4.1.1 [manu 2021-05-27]
Index: pkgsrc/mail/opendmarc/Makefile
diff -u pkgsrc/mail/opendmarc/Makefile:1.25 pkgsrc/mail/opendmarc/Makefile:1.26
--- pkgsrc/mail/opendmarc/Makefile:1.25 Mon May 24 19:52:43 2021
+++ pkgsrc/mail/opendmarc/Makefile Thu May 27 16:52:00 2021
@@ -1,10 +1,10 @@
-# $NetBSD: Makefile,v 1.25 2021/05/24 19:52:43 wiz Exp $
+# $NetBSD: Makefile,v 1.26 2021/05/27 16:52:00 manu Exp $
GITHUB_PROJECT= OpenDMARC
-GITHUB_TAG= rel-opendmarc-1-4-0-Beta1
-DISTNAME= rel-opendmarc-1-4-0-Beta1
-PKGNAME= opendmarc-1.4.0b1
-PKGREVISION= 4
+GITHUB_TAG= rel-opendmarc-1-4-1-1
+DISTNAME= rel-opendmarc-1-4-1-1
+PKGNAME= opendmarc-1.4.1.1
+#PKGREVISION= 1
CATEGORIES= mail
MASTER_SITES= ${MASTER_SITE_GITHUB:=trusteddomainproject/}
DIST_SUBDIR= ${GITHUB_PROJECT}
Index: pkgsrc/mail/opendmarc/distinfo
diff -u pkgsrc/mail/opendmarc/distinfo:1.10 pkgsrc/mail/opendmarc/distinfo:1.11
--- pkgsrc/mail/opendmarc/distinfo:1.10 Mon Mar 29 09:30:59 2021
+++ pkgsrc/mail/opendmarc/distinfo Thu May 27 16:52:00 2021
@@ -1,12 +1,11 @@
-$NetBSD: distinfo,v 1.10 2021/03/29 09:30:59 manu Exp $
+$NetBSD: distinfo,v 1.11 2021/05/27 16:52:00 manu Exp $
-SHA1 (OpenDMARC/rel-opendmarc-1-4-0-Beta1.tar.gz) = 74ad1ef9f9a12b5fadef5919807cd55f7655d8d8
-RMD160 (OpenDMARC/rel-opendmarc-1-4-0-Beta1.tar.gz) = e8dda5350a734509843a04329777478d9410b796
-SHA512 (OpenDMARC/rel-opendmarc-1-4-0-Beta1.tar.gz) = d562050da9c4b96e7707157fbbf385ab3ac551cf07754b45deb6a010b4c47e7f478dfe35bc2c8625f6553af4fbf120820bf2a9f0ce246b26cabf81e7d1174405
-Size (OpenDMARC/rel-opendmarc-1-4-0-Beta1.tar.gz) = 1247386 bytes
-SHA1 (patch-RequiredFrom) = a21d77abbe93c806c6abee55e77e477c9c435c00
-SHA1 (patch-configure.ac) = d174911e4de37d3b50b525469cbe410bb7ae119f
-SHA1 (patch-libopendmarc_opendmarc__dns.c) = e76ca13707677525b72609b4a5268d77efcfba84
-SHA1 (patch-libopendmarc_opendmarc__spf__dns.c) = b6e1311be8e9ef44c333be57fef474f6b080a199
-SHA1 (patch-opendmarc_opendmarc-arcares.c) = 6bf207d9984341fe13120ff8d25a77ff7f6ae1e5
-SHA1 (patch-opendmarc_opendmarc-arcseal.c) = a2ace25f687736876ea4299a0177d3c3ed1e247b
+SHA1 (OpenDMARC/rel-opendmarc-1-4-1-1.tar.gz) = 2983653fa076f3843f3ef064d58f35d39e21a3fe
+RMD160 (OpenDMARC/rel-opendmarc-1-4-1-1.tar.gz) = 6bb61ad0e1e1a8cb3ce23cbe4eb61fb02be26610
+SHA512 (OpenDMARC/rel-opendmarc-1-4-1-1.tar.gz) = ee034386c70c75b87ca2fce0849a1a3538e10e0aebfb0fc9dcba6817d2cf71f52aa5586ccaacdee620190c5fbb81498419fb8e8db9fac15d7c71a61a7da396a6
+Size (OpenDMARC/rel-opendmarc-1-4-1-1.tar.gz) = 426618 bytes
+SHA1 (patch-RequiredFrom) = c89853a3fabcc48653b94169f49ea3c5923254d3
+SHA1 (patch-libopendmarc_opendmarc__dns.c) = b1f697c930808b5c5724331dead3cf29c024d69b
+SHA1 (patch-opendmarc_opendmarc-arcares.c) = 0984b42e943d6a17eeb5725508dfbcf107b23169
+SHA1 (patch-opendmarc_opendmarc-arcseal.c) = 98edb0d22e7c693d327ba98ba186605060d36e2f
+SHA1 (patch-opendmarc_parse.c) = c4b521a4542a4dc7db8baf088bb297493bf46a83
Index: pkgsrc/mail/opendmarc/patches/patch-RequiredFrom
diff -u pkgsrc/mail/opendmarc/patches/patch-RequiredFrom:1.1 pkgsrc/mail/opendmarc/patches/patch-RequiredFrom:1.2
--- pkgsrc/mail/opendmarc/patches/patch-RequiredFrom:1.1 Mon Mar 29 09:30:59 2021
+++ pkgsrc/mail/opendmarc/patches/patch-RequiredFrom Thu May 27 16:52:00 2021
@@ -1,4 +1,4 @@
-$NetBSD: patch-RequiredFrom,v 1.1 2021/03/29 09:30:59 manu Exp $
+$NetBSD: patch-RequiredFrom,v 1.2 2021/05/27 16:52:00 manu Exp $
Add RequiredFrom option to reject messages that lack a From header
from which a valid domain can be extracted
@@ -6,8 +6,8 @@ from which a valid domain can be extract
Submitted upstream as
https://github.com/trusteddomainproject/OpenDMARC/pull/147
---- opendmarc/opendmarc.c.orig 2021-03-29 09:13:11.534047039 +0200
-+++ opendmarc/opendmarc.c 2021-03-29 10:02:01.105977120 +0200
+--- ./opendmarc/opendmarc.c.orig 2021-04-30 18:34:43.000000000 +0200
++++ ./opendmarc/opendmarc.c 2021-05-27 10:20:33.880652427 +0200
@@ -163,8 +163,9 @@
/* DMARCF_CONFIG -- configuration object */
struct dmarcf_config
@@ -18,7 +18,7 @@ https://github.com/trusteddomainproject/
_Bool conf_afrfnone;
_Bool conf_rejectfail;
_Bool conf_dolog;
-@@ -1349,8 +1350,12 @@
+@@ -1422,8 +1423,12 @@
(void) config_get(data, "RequiredHeaders",
&conf->conf_reqhdrs,
sizeof conf->conf_reqhdrs);
@@ -31,7 +31,7 @@ https://github.com/trusteddomainproject/
&conf->conf_afrf,
sizeof conf->conf_afrf);
-@@ -2367,13 +2372,17 @@
+@@ -2453,13 +2458,17 @@
{
if (conf->conf_dolog)
{
@@ -50,11 +50,17 @@ https://github.com/trusteddomainproject/
+ return SMFIS_ACCEPT;
}
- /* extract From: domain */
+ /* extract From: addresses */
memset(addrbuf, '\0', sizeof addrbuf);
-@@ -2387,9 +2396,9 @@
- "%s: unable to parse From header field",
- dfc->mctx_jobid);
+@@ -2495,13 +2504,13 @@
+ {
+ if (conf->conf_dolog)
+ {
+ syslog(LOG_ERR,
+- "%s: unable to parse From header field",
+- dfc->mctx_jobid);
++ "%s: unable to parse From header field \"%s\"",
++ dfc->mctx_jobid, from->hdr_value);
}
- if (conf->conf_reqhdrs)
@@ -63,9 +69,9 @@ https://github.com/trusteddomainproject/
else
return SMFIS_ACCEPT;
}
---- opendmarc/opendmarc.conf.5.in.orig 2021-03-29 09:15:03.877101090 +0200
-+++ opendmarc/opendmarc.conf.5.in 2021-03-29 09:21:56.423837778 +0200
-@@ -258,8 +258,16 @@
+--- ./opendmarc/opendmarc.conf.5.in.orig 2021-04-30 18:34:43.000000000 +0200
++++ ./opendmarc/opendmarc.conf.5.in 2021-05-27 10:20:33.881043733 +0200
+@@ -287,8 +287,16 @@
failing this test are rejected without further processing. A From:
field from which no domain name could be extracted will also be rejected.
@@ -82,21 +88,21 @@ https://github.com/trusteddomainproject/
Specifies the socket that should be established by the filter to receive
connections from
.I sendmail(8)
---- opendmarc/opendmarc-config.h.orig 2021-03-29 09:19:21.345035861 +0200
-+++ opendmarc/opendmarc-config.h 2021-03-29 09:19:34.235736167 +0200
-@@ -43,8 +43,9 @@
+--- ./opendmarc/opendmarc-config.h.orig 2021-04-30 18:34:43.000000000 +0200
++++ ./opendmarc/opendmarc-config.h 2021-05-27 10:23:12.866999966 +0200
+@@ -44,8 +44,9 @@
{ "PidFile", CONFIG_TYPE_STRING, FALSE },
{ "PublicSuffixList", CONFIG_TYPE_STRING, FALSE },
{ "RecordAllMessages", CONFIG_TYPE_BOOLEAN, FALSE },
{ "RequiredHeaders", CONFIG_TYPE_BOOLEAN, FALSE },
+ { "RequiredFrom", CONFIG_TYPE_BOOLEAN, FALSE },
{ "RejectFailures", CONFIG_TYPE_BOOLEAN, FALSE },
+ { "RejectMultiValueFrom", CONFIG_TYPE_BOOLEAN, FALSE },
{ "ReportCommand", CONFIG_TYPE_STRING, FALSE },
{ "Socket", CONFIG_TYPE_STRING, FALSE },
- { "SoftwareHeader", CONFIG_TYPE_BOOLEAN, FALSE },
---- opendmarc/opendmarc.conf.sample.orig 2021-03-29 09:19:43.400961620 +0200
-+++ opendmarc/opendmarc.conf.sample 2021-03-29 09:22:23.834032438 +0200
-@@ -303,8 +303,17 @@
+--- ./opendmarc/opendmarc.conf.sample.orig 2021-04-30 18:34:43.000000000 +0200
++++ ./opendmarc/opendmarc.conf.sample 2021-05-27 10:20:33.882715995 +0200
+@@ -343,8 +343,17 @@
## rejected.
#
# RequiredHeaders false
Index: pkgsrc/mail/opendmarc/patches/patch-opendmarc_opendmarc-arcares.c
diff -u pkgsrc/mail/opendmarc/patches/patch-opendmarc_opendmarc-arcares.c:1.1 pkgsrc/mail/opendmarc/patches/patch-opendmarc_opendmarc-arcares.c:1.2
--- pkgsrc/mail/opendmarc/patches/patch-opendmarc_opendmarc-arcares.c:1.1 Wed Feb 17 01:49:12 2021
+++ pkgsrc/mail/opendmarc/patches/patch-opendmarc_opendmarc-arcares.c Thu May 27 16:52:00 2021
@@ -1,10 +1,11 @@
-$NetBSD: patch-opendmarc_opendmarc-arcares.c,v 1.1 2021/02/17 01:49:12 manu Exp $
+$NetBSD: patch-opendmarc_opendmarc-arcares.c,v 1.2 2021/05/27 16:52:00 manu Exp $
Avoid handling a NULL pointer when parsing a malformed header
---- opendmarc/opendmarc-arcares.c.orig 2021-02-16 16:33:34.454279528 +0000
-+++ opendmarc/opendmarc-arcares.c 2021-02-16 16:35:14.240570993 +0000
-@@ -324,8 +324,10 @@
+--- opendmarc/opendmarc-arcares.c.orig 2021-04-30 18:34:43.000000000 +0200
++++ opendmarc/opendmarc-arcares.c 2021-05-27 10:30:03.036068852 +0200
+@@ -265,8 +265,10 @@
+ token_ptr = token + leading_space_len;
if (*token_ptr == '\0')
return 0;
tag_label = strsep(&token_ptr, "=");
@@ -14,4 +15,3 @@ Avoid handling a NULL pointer when parsi
tag_code = opendmarc_arcares_convert(aar_arc_tags, tag_label);
switch (tag_code)
- {
Index: pkgsrc/mail/opendmarc/patches/patch-opendmarc_opendmarc-arcseal.c
diff -u pkgsrc/mail/opendmarc/patches/patch-opendmarc_opendmarc-arcseal.c:1.1 pkgsrc/mail/opendmarc/patches/patch-opendmarc_opendmarc-arcseal.c:1.2
--- pkgsrc/mail/opendmarc/patches/patch-opendmarc_opendmarc-arcseal.c:1.1 Wed Feb 17 01:49:12 2021
+++ pkgsrc/mail/opendmarc/patches/patch-opendmarc_opendmarc-arcseal.c Thu May 27 16:52:00 2021
@@ -1,10 +1,10 @@
-$NetBSD: patch-opendmarc_opendmarc-arcseal.c,v 1.1 2021/02/17 01:49:12 manu Exp $
+$NetBSD: patch-opendmarc_opendmarc-arcseal.c,v 1.2 2021/05/27 16:52:00 manu Exp $
Avoid handling a NULL pointer when parsing a malformed header
---- opendmarc/opendmarc-arcseal.c.orig 2021-02-16 23:42:14.132748160 +0100
-+++ opendmarc/opendmarc-arcseal.c 2021-02-16 23:43:43.400895411 +0100
-@@ -222,9 +222,13 @@
+--- opendmarc/opendmarc-arcseal.c.orig 2021-04-30 18:34:43.000000000 +0200
++++ opendmarc/opendmarc-arcseal.c 2021-05-27 10:31:21.308140659 +0200
+@@ -166,9 +166,13 @@
token_ptr = token + leading_space_len;
if (*token_ptr == '\0')
return 0;
Index: pkgsrc/mail/opendmarc/patches/patch-libopendmarc_opendmarc__dns.c
diff -u pkgsrc/mail/opendmarc/patches/patch-libopendmarc_opendmarc__dns.c:1.2 pkgsrc/mail/opendmarc/patches/patch-libopendmarc_opendmarc__dns.c:1.3
--- pkgsrc/mail/opendmarc/patches/patch-libopendmarc_opendmarc__dns.c:1.2 Thu Dec 24 01:10:23 2020
+++ pkgsrc/mail/opendmarc/patches/patch-libopendmarc_opendmarc__dns.c Thu May 27 16:52:00 2021
@@ -1,11 +1,10 @@
-$NetBSD: patch-libopendmarc_opendmarc__dns.c,v 1.2 2020/12/24 01:10:23 manu Exp $
+$NetBSD: patch-libopendmarc_opendmarc__dns.c,v 1.3 2021/05/27 16:52:00 manu Exp $
Make sure res_init works on zeroed structure
-Search for res_ndestroy and use it instead of res_nclose if available
---- libopendmarc/opendmarc_dns.c.orig 2018-11-15 01:58:31.000000000 +0100
-+++ libopendmarc/opendmarc_dns.c 2020-12-23 15:57:30.488718786 +0100
-@@ -201,16 +201,21 @@
+--- libopendmarc/opendmarc_dns.c.orig 2021-05-27 10:27:22.653313507 +0200
++++ libopendmarc/opendmarc_dns.c 2021-05-27 10:26:59.377412037 +0200
+@@ -202,8 +202,9 @@
while (*bp == '.')
++bp;
@@ -15,15 +14,3 @@ Search for res_ndestroy and use it inste
#ifdef RES_USE_DNSSEC
resp.options |= RES_USE_DNSSEC;
#endif
- (void) opendmarc_policy_library_dns_hook(&resp.nscount,
- &resp.nsaddr_list);
- answer_len = res_nquery(&resp, bp, C_IN, T_TXT, answer_buf, sizeof answer_buf);
-+#ifdef HAVE_RES_NDESTROY
-+ res_ndestroy(&resp);
-+#else /* HAVE_RES_NDESTROY */
- res_nclose(&resp);
-+#endif /* HAVE_RES_NDESTROY */
- #else /* HAVE_RES_NINIT */
- res_init();
- #ifdef RES_USE_DNSSEC
- _res.options |= RES_USE_DNSSEC;
Added files:
Index: pkgsrc/mail/opendmarc/patches/patch-opendmarc_parse.c
diff -u /dev/null pkgsrc/mail/opendmarc/patches/patch-opendmarc_parse.c:1.1
--- /dev/null Thu May 27 16:52:00 2021
+++ pkgsrc/mail/opendmarc/patches/patch-opendmarc_parse.c Thu May 27 16:52:00 2021
@@ -0,0 +1,30 @@
+$NetBSD: patch-opendmarc_parse.c,v 1.1 2021/05/27 16:52:00 manu Exp $
+
+Make sure a trailing brackets corresponds to a leading one
+aaa98f5
+
+This fixes the case where the sender e-mail address is user%example.net@localhost>
+Without this fix, OpenDMARC parses the domain as example.net> and skip
+DMARC processing since there is no policy for the domain.
+
+Unfortunately, the MTA or MUA tend to fix the trailing bracket on their
+own, letting forged e-mail passing through to user mailboxes.
+
+Submitted upstream https://github.com/trusteddomainproject/OpenDMARC/pull/174
+
+--- opendmarc/parse.c.orig 2021-05-27 09:45:40.873727663 +0200
++++ opendmarc/parse.c 2021-05-27 09:45:27.545312746 +0200
+@@ -444,8 +444,13 @@
+ *w++ = '\0';
+ *domain_out = w;
+ ws = 0;
+ }
++ else if (type == '>')
++ {
++ err = MAILPARSE_ERR_SUNBALANCED;
++ return err;
++ }
+ else
+ {
+
+ if (*user_out == NULL)
Home |
Main Index |
Thread Index |
Old Index