pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/trunk]: pkgsrc/mail/opendmarc opendmarc: Update to 1.4.2 and overhaul...
details: https://anonhg.NetBSD.org/pkgsrc/rev/d24309417159
branches: trunk
changeset: 379179:d24309417159
user: jperkin <jperkin%pkgsrc.org@localhost>
date: Thu May 12 13:49:28 2022 +0000
description:
opendmarc: Update to 1.4.2 and overhaul package.
pkgsrc changes:
* Use PKG_SYSCONFSUBDIR, there are a number of extra files supported in
the configuration file so everything should live in a sub-directory.
HEADS-UP! Users will need to migrate over to new config file location.
* Create opendmarc user/group, not currently used in rc.d script.
* Fix build on SunOS and add SMF support.
* Split multi-file patch correctly into separate files.
* Add TEST_TARGET.
* Various pkglint and cleanup.
opendmarc changes:
1.4.2 2021/12/19
Fix issue #175: Don't reject a multi-valued From when all of the
domains match.
Fix issue #179: Don't crash when a value in a multi-valued From field
is missing a domain name. Resolves CVE-2021-34555.
diffstat:
mail/opendmarc/Makefile | 51 +++-
mail/opendmarc/distinfo | 21 +-
mail/opendmarc/files/smf/manifest.xml | 41 +++
mail/opendmarc/files/smf/opendmarc.sh | 14 +
mail/opendmarc/patches/patch-RequiredFrom | 122 -----------
mail/opendmarc/patches/patch-libopendmarc_opendmarc__dns.c | 10 +-
mail/opendmarc/patches/patch-opendmarc_opendmarc-arcares.c | 10 +-
mail/opendmarc/patches/patch-opendmarc_opendmarc-arcseal.c | 10 +-
mail/opendmarc/patches/patch-opendmarc_opendmarc-config.h | 17 +
mail/opendmarc/patches/patch-opendmarc_opendmarc.c | 62 +++++
mail/opendmarc/patches/patch-opendmarc_opendmarc.conf.5.in | 24 ++
mail/opendmarc/patches/patch-opendmarc_opendmarc.conf.sample | 25 ++
mail/opendmarc/patches/patch-opendmarc_parse.c | 13 +-
13 files changed, 246 insertions(+), 174 deletions(-)
diffs (truncated from 556 to 300 lines):
diff -r 015c401684ce -r d24309417159 mail/opendmarc/Makefile
--- a/mail/opendmarc/Makefile Thu May 12 13:16:36 2022 +0000
+++ b/mail/opendmarc/Makefile Thu May 12 13:49:28 2022 +0000
@@ -1,13 +1,11 @@
-# $NetBSD: Makefile,v 1.26 2021/05/27 16:52:00 manu Exp $
+# $NetBSD: Makefile,v 1.27 2022/05/12 13:49:28 jperkin Exp $
-GITHUB_PROJECT= OpenDMARC
-GITHUB_TAG= rel-opendmarc-1-4-1-1
-DISTNAME= rel-opendmarc-1-4-1-1
-PKGNAME= opendmarc-1.4.1.1
-#PKGREVISION= 1
+DISTNAME= rel-${PKGNAME:C/\./-/g}
+PKGNAME= opendmarc-1.4.2
CATEGORIES= mail
MASTER_SITES= ${MASTER_SITE_GITHUB:=trusteddomainproject/}
-DIST_SUBDIR= ${GITHUB_PROJECT}
+GITHUB_PROJECT= OpenDMARC
+GITHUB_TAG= ${DISTNAME}
MAINTAINER= pettai%NetBSD.org@localhost
HOMEPAGE= http://www.trusteddomain.org/opendmarc/
@@ -15,13 +13,10 @@
LICENSE= modified-bsd
DEPENDS+= p5-DBI-[0-9]*:../../databases/p5-DBI
-DEPENDS+= p5-DBD-mysql-[0-9]*:../../databases/p5-DBD-mysql
-#DEPENDS+= {perl>=5.6.1,p5-File-Temp-[0-9]*}:../../devel/p5-File-Temp
+DEPENDS+= p5-DBD-{mariadb,mysql,percona}*-[0-9]*:../../databases/p5-DBD-mysql
DEPENDS+= p5-Switch-[0-9]*:../../lang/p5-Switch
DEPENDS+= p5-HTTP-Message-[0-9]*:../../www/p5-HTTP-Message
-RCD_SCRIPTS= opendmarc
-
USE_LIBTOOL= yes
USE_TOOLS+= perl autoconf automake
@@ -30,27 +25,49 @@
CONFIGURE_ARGS+= --with-milter=${BUILDLINK_PREFIX.libmilter}
CONFIGURE_ARGS+= --with-spf
CONFIGURE_ARGS+= --with-spf2-lib=${BUILDLINK_PREFIX.libspf2}/lib
-CONFIGURE_ARGS+= --with-spf2-include=${BUILDLINK_PREFIX.libspf2}/include/spf2
+CONFIGURE_ARGS+= --with-spf2-include=${BUILDLINK_PREFIX.libspf2}/include/spf2
+
+LDFLAGS.SunOS+= -lsocket -lnsl
+
+TEST_TARGET= check
REPLACE_PERL= reports/opendmarc-expire.in
REPLACE_PERL+= reports/opendmarc-import.in
REPLACE_PERL+= reports/opendmarc-params.in
REPLACE_PERL+= reports/opendmarc-reports.in
+OPENDMARC_USER?= opendmarc
+OPENDMARC_GROUP?= opendmarc
+PKG_GROUPS= ${OPENDMARC_GROUP}
+PKG_USERS= ${OPENDMARC_USER}:${OPENDMARC_GROUP}
+PKG_GROUPS_VARS= OPENDMARC_GROUP
+PKG_USERS_VARS= OPENDMARC_USER
+
+PKG_GECOS.${OPENDMARC_USER}= OpenDMARC user
+
EGDIR= ${PREFIX}/share/examples/${PKGBASE}
+FILES_SUBST+= OPENDMARC_USER=${OPENDMARC_USER}
+FILES_SUBST+= OPENDMARC_GROUP=${OPENDMARC_GROUP}
+
+RCD_SCRIPTS= opendmarc
+SMF_METHODS= opendmarc
+
+PKG_SYSCONFSUBDIR= opendmarc
+
+CONF_FILES+= ${EGDIR}/opendmarc.conf.sample ${PKG_SYSCONFDIR}/opendmarc.conf
+
INSTALLATION_DIRS= ${EGDIR}
pre-configure:
- set -e; cd ${WRKSRC}; \
- libtoolize; aclocal; autoheader; automake -a --foreign -i; autoconf
+ ${RUN} cd ${WRKSRC} && autoreconf -fiv
post-install:
- ${INSTALL_DATA} ${WRKSRC}/opendmarc/opendmarc.conf.sample \
- ${DESTDIR}${EGDIR}/
+ ${SED} -e 's,/usr/local/etc/opendmarc,${PKG_SYSCONFDIR},g' \
+ ${WRKSRC}/opendmarc/opendmarc.conf.sample \
+ > ${DESTDIR}${EGDIR}/opendmarc.conf.sample
.include "../../security/openssl/buildlink3.mk"
-BUILDLINK_API_DEPENDS.libmilter+= libmilter>=8.13.0
.include "../../mail/libmilter/buildlink3.mk"
.include "../../mail/libspf2/buildlink3.mk"
.include "../../mk/pthread.buildlink3.mk"
diff -r 015c401684ce -r d24309417159 mail/opendmarc/distinfo
--- a/mail/opendmarc/distinfo Thu May 12 13:16:36 2022 +0000
+++ b/mail/opendmarc/distinfo Thu May 12 13:49:28 2022 +0000
@@ -1,10 +1,13 @@
-$NetBSD: distinfo,v 1.13 2021/10/26 10:54:11 nia Exp $
+$NetBSD: distinfo,v 1.14 2022/05/12 13:49:28 jperkin Exp $
-BLAKE2s (OpenDMARC/rel-opendmarc-1-4-1-1.tar.gz) = 21878b7811a533941b51eaad28b27bdd2f6cd0fe143820eb6ac55e767ad2d923
-SHA512 (OpenDMARC/rel-opendmarc-1-4-1-1.tar.gz) = ee034386c70c75b87ca2fce0849a1a3538e10e0aebfb0fc9dcba6817d2cf71f52aa5586ccaacdee620190c5fbb81498419fb8e8db9fac15d7c71a61a7da396a6
-Size (OpenDMARC/rel-opendmarc-1-4-1-1.tar.gz) = 426618 bytes
-SHA1 (patch-RequiredFrom) = c89853a3fabcc48653b94169f49ea3c5923254d3
-SHA1 (patch-libopendmarc_opendmarc__dns.c) = b1f697c930808b5c5724331dead3cf29c024d69b
-SHA1 (patch-opendmarc_opendmarc-arcares.c) = 0984b42e943d6a17eeb5725508dfbcf107b23169
-SHA1 (patch-opendmarc_opendmarc-arcseal.c) = 98edb0d22e7c693d327ba98ba186605060d36e2f
-SHA1 (patch-opendmarc_parse.c) = c4b521a4542a4dc7db8baf088bb297493bf46a83
+BLAKE2s (rel-opendmarc-1-4-2.tar.gz) = 7b26aee1966989d89f862a8dd1771ab18c06585dcf2bba8e951d0d89d5324118
+SHA512 (rel-opendmarc-1-4-2.tar.gz) = 415278c6c09460379538ad10ea4033815a677ddad138b8a07609c287360d1739acdba5d1fe07d0e35764850af8a141c0c70a9311254104b93d2c1bbc8b6f7a69
+Size (rel-opendmarc-1-4-2.tar.gz) = 426996 bytes
+SHA1 (patch-libopendmarc_opendmarc__dns.c) = 44a8edc083c922257695835dc6de3d840ee4a7ab
+SHA1 (patch-opendmarc_opendmarc-arcares.c) = cd38a216b2c1b115c78044007d9480168302f5d8
+SHA1 (patch-opendmarc_opendmarc-arcseal.c) = 93e2779d7a46f163d28092ef71faf7bfe7eead39
+SHA1 (patch-opendmarc_opendmarc-config.h) = f488fcccdde9aa1151f6bf65bcadf2564a8acec2
+SHA1 (patch-opendmarc_opendmarc.c) = b23746dc57ac52813311890a569eb1ef6ad64f7e
+SHA1 (patch-opendmarc_opendmarc.conf.5.in) = 86ee7fb06760f9f79cddb7f8e694a0e9fb91750f
+SHA1 (patch-opendmarc_opendmarc.conf.sample) = f1a8f5d55bd6e6a14bce1d900bfd655f1b7243de
+SHA1 (patch-opendmarc_parse.c) = f0dfe945792dcf072b2a34b549814464ccb1f4e9
diff -r 015c401684ce -r d24309417159 mail/opendmarc/files/smf/manifest.xml
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/mail/opendmarc/files/smf/manifest.xml Thu May 12 13:49:28 2022 +0000
@@ -0,0 +1,41 @@
+<?xml version="1.0"?>
+<!DOCTYPE service_bundle SYSTEM "/usr/share/lib/xml/dtd/service_bundle.dtd.1">
+<service_bundle type="manifest" name="export">
+ <service name="@SMF_PREFIX@/@SMF_NAME@" type="service" version="1">
+ <create_default_instance enabled="false" />
+ <single_instance />
+ <dependency name="network" grouping="require_all" restart_on="error" type="service">
+ <service_fmri value="svc:/milestone/network:default" />
+ </dependency>
+ <dependency name="filesystem" grouping="require_all" restart_on="error" type="service">
+ <service_fmri value="svc:/system/filesystem/local" />
+ </dependency>
+ <method_context working_directory="@VARBASE@/run/opendmarc">
+ <method_credential user="@OPENDMARC_USER@" group="@OPENDMARC_USER@" />
+ </method_context>
+ <exec_method type="method" name="start" exec="@PREFIX@/@SMF_METHOD_FILE.opendmarc@ -c %{config_file}" timeout_seconds="60" />
+ <exec_method type="method" name="stop" exec=":kill" timeout_seconds="60" />
+ <property_group name="startd" type="framework">
+ <propval name="duration" type="astring" value="contract" />
+ <propval name="ignore_error" type="astring" value="core,signal" />
+ </property_group>
+ <property_group name="application" type="application">
+ <propval name="config_file" type="astring" value="@PKG_SYSCONFDIR@/opendmarc.conf" />
+ </property_group>
+ <template>
+ <common_name>
+ <loctext xml:lang="C">OpenDMARC daemon</loctext>
+ </common_name>
+ <documentation>
+ <manpage title="opendmarc.conf" section="5" manpath="@PREFIX@/@PKGMANDIR@"/>
+ <manpage title="opendmarc-check" section="8" manpath="@PREFIX@/@PKGMANDIR@"/>
+ <manpage title="opendmarc-expire" section="8" manpath="@PREFIX@/@PKGMANDIR@"/>
+ <manpage title="opendmarc-import" section="8" manpath="@PREFIX@/@PKGMANDIR@"/>
+ <manpage title="opendmarc-importstats" section="8" manpath="@PREFIX@/@PKGMANDIR@"/>
+ <manpage title="opendmarc-params" section="8" manpath="@PREFIX@/@PKGMANDIR@"/>
+ <manpage title="opendmarc-reports" section="8" manpath="@PREFIX@/@PKGMANDIR@"/>
+ <manpage title="opendmarc" section="8" manpath="@PREFIX@/@PKGMANDIR@"/>
+ </documentation>
+ </template>
+ </service>
+</service_bundle>
diff -r 015c401684ce -r d24309417159 mail/opendmarc/files/smf/opendmarc.sh
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/mail/opendmarc/files/smf/opendmarc.sh Thu May 12 13:49:28 2022 +0000
@@ -0,0 +1,14 @@
+#!@SMF_METHOD_SHELL@
+#
+# $NetBSD: opendmarc.sh,v 1.1 2022/05/12 13:49:28 jperkin Exp $
+#
+
+. /lib/svc/share/smf_include.sh
+
+if [ ! -d @VARBASE@/run/opendmarc ]; then
+ @MKDIR@ @VARBASE@/run/opendmarc
+ @CHMOD@ 0750 @VARBASE@/run/opendmarc
+ @CHOWN@ @OPENDMARC_USER@:@OPENDMARC_GROUP@ @VARBASE@/run/opendmarc
+fi
+
+@PREFIX@/sbin/opendmarc "$@"
diff -r 015c401684ce -r d24309417159 mail/opendmarc/patches/patch-RequiredFrom
--- a/mail/opendmarc/patches/patch-RequiredFrom Thu May 12 13:16:36 2022 +0000
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,122 +0,0 @@
-$NetBSD: patch-RequiredFrom,v 1.2 2021/05/27 16:52:00 manu Exp $
-
-Add RequiredFrom option to reject messages that lack a From header
-from which a valid domain can be extracted
-
-Submitted upstream as
-https://github.com/trusteddomainproject/OpenDMARC/pull/147
-
---- ./opendmarc/opendmarc.c.orig 2021-04-30 18:34:43.000000000 +0200
-+++ ./opendmarc/opendmarc.c 2021-05-27 10:20:33.880652427 +0200
-@@ -163,8 +163,9 @@
- /* DMARCF_CONFIG -- configuration object */
- struct dmarcf_config
- {
- _Bool conf_reqhdrs;
-+ _Bool conf_reqfrom;
- _Bool conf_afrf;
- _Bool conf_afrfnone;
- _Bool conf_rejectfail;
- _Bool conf_dolog;
-@@ -1422,8 +1423,12 @@
- (void) config_get(data, "RequiredHeaders",
- &conf->conf_reqhdrs,
- sizeof conf->conf_reqhdrs);
-
-+ (void) config_get(data, "RequiredFrom",
-+ &conf->conf_reqfrom,
-+ sizeof conf->conf_reqfrom);
-+
- (void) config_get(data, "FailureReports",
- &conf->conf_afrf,
- sizeof conf->conf_afrf);
-
-@@ -2453,13 +2458,17 @@
- {
- if (conf->conf_dolog)
- {
- syslog(LOG_INFO,
-- "%s: RFC5322 requirement error: missing From field; accepting",
-- dfc->mctx_jobid);
-+ "%s: RFC5322 requirement error: missing From field; %s",
-+ dfc->mctx_jobid,
-+ conf->conf_reqfrom ? "reject" : "accepting");
- }
-
-- return SMFIS_ACCEPT;
-+ if (conf->conf_reqfrom)
-+ return SMFIS_REJECT;
-+ else
-+ return SMFIS_ACCEPT;
- }
-
- /* extract From: addresses */
- memset(addrbuf, '\0', sizeof addrbuf);
-@@ -2495,13 +2504,13 @@
- {
- if (conf->conf_dolog)
- {
- syslog(LOG_ERR,
-- "%s: unable to parse From header field",
-- dfc->mctx_jobid);
-+ "%s: unable to parse From header field \"%s\"",
-+ dfc->mctx_jobid, from->hdr_value);
- }
-
-- if (conf->conf_reqhdrs)
-+ if (conf->conf_reqhdrs || conf->conf_reqfrom)
- return SMFIS_REJECT;
- else
- return SMFIS_ACCEPT;
- }
---- ./opendmarc/opendmarc.conf.5.in.orig 2021-04-30 18:34:43.000000000 +0200
-+++ ./opendmarc/opendmarc.conf.5.in 2021-05-27 10:20:33.881043733 +0200
-@@ -287,8 +287,16 @@
- failing this test are rejected without further processing. A From:
- field from which no domain name could be extracted will also be rejected.
-
- .TP
-+.I RequiredFrom (Boolean)
-+If set, the filter will reject without further processing messages that lack a
-+From: field from which a domain name could be extracted. This options is
-+without effect if
-+.I RequiredHeaders
-+is set to "true".
-+
-+.TP
- .I Socket (string)
- Specifies the socket that should be established by the filter to receive
- connections from
- .I sendmail(8)
---- ./opendmarc/opendmarc-config.h.orig 2021-04-30 18:34:43.000000000 +0200
-+++ ./opendmarc/opendmarc-config.h 2021-05-27 10:23:12.866999966 +0200
-@@ -44,8 +44,9 @@
- { "PidFile", CONFIG_TYPE_STRING, FALSE },
- { "PublicSuffixList", CONFIG_TYPE_STRING, FALSE },
- { "RecordAllMessages", CONFIG_TYPE_BOOLEAN, FALSE },
- { "RequiredHeaders", CONFIG_TYPE_BOOLEAN, FALSE },
-+ { "RequiredFrom", CONFIG_TYPE_BOOLEAN, FALSE },
- { "RejectFailures", CONFIG_TYPE_BOOLEAN, FALSE },
- { "RejectMultiValueFrom", CONFIG_TYPE_BOOLEAN, FALSE },
- { "ReportCommand", CONFIG_TYPE_STRING, FALSE },
- { "Socket", CONFIG_TYPE_STRING, FALSE },
---- ./opendmarc/opendmarc.conf.sample.orig 2021-04-30 18:34:43.000000000 +0200
-+++ ./opendmarc/opendmarc.conf.sample 2021-05-27 10:20:33.882715995 +0200
-@@ -343,8 +343,17 @@
- ## rejected.
- #
- # RequiredHeaders false
-
-+## RequiredFrom { true | false }
-+## default "false"
-+##
-+## If set, the filter will reject without further processing messages that
-+## lack a From: field from which a domain name could be extracted. This
Home |
Main Index |
Thread Index |
Old Index