pkgsrc-WIP-changes archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

opendkim: init at 2.10.3, add build option opendbx



Module Name:	pkgsrc-wip
Committed By:	teutat3s <10206665+teutat3s%users.noreply.github.com@localhost>
Pushed By:	teutat3s
Date:		Sun Feb 4 21:17:00 2024 +0100
Changeset:	ca38e33d314d0e0ab73dbf8467e09d7abdfa0d5e

Added Files:
	opendkim/DESCR
	opendkim/Makefile
	opendkim/PLIST
	opendkim/PLIST.filter
	opendkim/PLIST.opendbx
	opendkim/PLIST.stats
	opendkim/PLIST.vbr
	opendkim/distinfo
	opendkim/files/opendkim.sh
	opendkim/files/smf/manifest.xml
	opendkim/options.mk
	opendkim/patches/patch-configure.ac
	opendkim/patches/patch-libopendkim_dkim-canon.c
	opendkim/patches/patch-opendkim_opendkim-config.h
	opendkim/patches/patch-opendkim_opendkim-crypto.c
	opendkim/patches/patch-opendkim_opendkim.c
	opendkim/patches/patch-opendkim_opendkim.conf.5

Log Message:
opendkim: init at 2.10.3, add build option opendbx

To see a diff of this commit:
https://wip.pkgsrc.org/cgi-bin/gitweb.cgi?p=pkgsrc-wip.git;a=commitdiff;h=ca38e33d314d0e0ab73dbf8467e09d7abdfa0d5e

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

diffstat:
 opendkim/DESCR                                    |   8 +
 opendkim/Makefile                                 |  57 +++++
 opendkim/PLIST                                    | 153 ++++++++++++
 opendkim/PLIST.filter                             |   5 +
 opendkim/PLIST.opendbx                            |  19 ++
 opendkim/PLIST.stats                              |  12 +
 opendkim/PLIST.vbr                                |   5 +
 opendkim/distinfo                                 |  11 +
 opendkim/files/opendkim.sh                        |  40 ++++
 opendkim/files/smf/manifest.xml                   |  29 +++
 opendkim/options.mk                               |  72 ++++++
 opendkim/patches/patch-configure.ac               |  64 +++++
 opendkim/patches/patch-libopendkim_dkim-canon.c   |  25 ++
 opendkim/patches/patch-opendkim_opendkim-config.h |  22 ++
 opendkim/patches/patch-opendkim_opendkim-crypto.c |  34 +++
 opendkim/patches/patch-opendkim_opendkim.c        | 273 ++++++++++++++++++++++
 opendkim/patches/patch-opendkim_opendkim.conf.5   |  28 +++
 17 files changed, 857 insertions(+)

diffs:
diff --git a/opendkim/DESCR b/opendkim/DESCR
new file mode 100644
index 0000000000..d3f6680518
--- /dev/null
+++ b/opendkim/DESCR
@@ -0,0 +1,8 @@
+OpenDKIM is an open source implementation of the DKIM (Domain Keys Identified
+Mail) sender authentication system proposed by the E-mail Signing Technology
+Group (ESTG), now standardized by the IETF (RFC4871). It also includes
+implementations of the Author Domain Signing Practises (ADSP, RFC5617) and
+Vouch By Reference (VBR, RFC5518) proposed standards.
+
+The project started from a code fork of version 2.8.3 of the open source
+dkim-milter package developed and maintained by Sendmail, Inc.
diff --git a/opendkim/Makefile b/opendkim/Makefile
new file mode 100644
index 0000000000..5d31acbe31
--- /dev/null
+++ b/opendkim/Makefile
@@ -0,0 +1,57 @@
+# $NetBSD: Makefile,v 1.39 2023/10/24 22:09:48 wiz Exp $
+
+DISTNAME=	opendkim-2.10.3
+PKGREVISION=	11
+CATEGORIES=	mail
+MASTER_SITES=	${MASTER_SITE_SOURCEFORGE:=opendkim/}
+
+MAINTAINER=	pettai%NetBSD.org@localhost
+HOMEPAGE=	http://opendkim.org/
+COMMENT=	Open source DKIM library, MTA filter implementation and tools
+LICENSE=	sendmail-open-source-license
+
+USE_LIBTOOL=		yes
+USE_TOOLS+=		autoconf automake autoreconf
+USE_TOOLS+=		pkg-config perl:run
+GNU_CONFIGURE=		yes
+CONFIGURE_ARGS+=	--sysconfdir=${PKG_SYSCONFDIR}
+
+LDFLAGS.SunOS+=	-lsocket -lnsl
+
+REPLACE_PERL+=	opendkim/opendkim-genkey.in
+
+FILES_SUBST+=	DKIM_USER=${DKIM_USER} DKIM_GROUP=${DKIM_GROUP}
+BUILD_DEFS+=	VARBASE DKIM_USER DKIM_GROUP
+
+DKIM_USER?=		opendkim
+DKIM_GROUP?=		opendkim
+PKG_GROUPS=		${DKIM_USER}
+PKG_USERS=		${DKIM_USER}:${DKIM_GROUP}
+PKG_GROUPS_VARS+=	DKIM_GROUP
+PKG_USERS_VARS+=	DKIM_USER
+OWN_DIRS_PERMS+=	${VARBASE}/run/opendkim \
+			${DKIM_USER} ${DKIM_GROUP} 0750
+OWN_DIRS_PERMS+=	${VARBASE}/db/opendkim \
+			${DKIM_USER} ${DKIM_GROUP} 0700
+
+SUBST_CLASSES+=		path
+SUBST_STAGE.path=	pre-configure
+SUBST_MESSAGE.path=	Fixing default paths
+SUBST_FILES.path=	opendkim/opendkim.conf.sample
+SUBST_SED.path=		-e 's,/var/db/dkim,${VARBASE}/db/opendkim,g'
+
+PKGCONFIG_OVERRIDE+=	libopendkim/opendkim.pc.in
+
+.include "options.mk"
+
+pre-configure:
+	cd ${WRKSRC} && autoreconf -fiv
+
+PLIST_SRC+=		${PKGDIR}/PLIST
+
+.include "../../security/openssl/buildlink3.mk"
+.include "../../converters/libiconv/buildlink3.mk"
+.include "../../devel/opendbx/buildlink3.mk"
+.include "../../mail/libmilter/buildlink3.mk"
+.include "../../mk/pthread.buildlink3.mk"
+.include "../../mk/bsd.pkg.mk"
diff --git a/opendkim/PLIST b/opendkim/PLIST
new file mode 100644
index 0000000000..0955d2f3d4
--- /dev/null
+++ b/opendkim/PLIST
@@ -0,0 +1,153 @@
+@comment $NetBSD: PLIST,v 1.11 2015/03/15 23:02:34 pettai Exp $
+include/opendkim/dkim.h
+lib/libopendkim.la
+lib/pkgconfig/opendkim.pc
+man/man8/opendkim-genkey.8
+man/man8/opendkim-genzone.8
+man/man8/opendkim-testkey.8
+man/man8/opendkim-testmsg.8
+sbin/opendkim-genkey
+sbin/opendkim-genzone
+sbin/opendkim-testkey
+sbin/opendkim-testmsg
+share/doc/opendkim/FEATURES
+share/doc/opendkim/KNOWNBUGS
+share/doc/opendkim/LICENSE
+share/doc/opendkim/LICENSE.Sendmail
+share/doc/opendkim/README
+share/doc/opendkim/README.LDAP
+share/doc/opendkim/README.SQL
+share/doc/opendkim/README.specs.html
+share/doc/opendkim/RELEASE_NOTES.Sendmail
+share/doc/opendkim/authheaders-check-setup-hook.lua
+share/doc/opendkim/chroot
+share/doc/opendkim/convert_keylist.sh
+share/doc/opendkim/dkim.html
+share/doc/opendkim/dkim_add_querymethod.html
+share/doc/opendkim/dkim_add_xtag.html
+share/doc/opendkim/dkim_alg_t.html
+share/doc/opendkim/dkim_atps_check.html
+share/doc/opendkim/dkim_atps_t.html
+share/doc/opendkim/dkim_body.html
+share/doc/opendkim/dkim_canon_t.html
+share/doc/opendkim/dkim_cbstat.html
+share/doc/opendkim/dkim_chunk.html
+share/doc/opendkim/dkim_close.html
+share/doc/opendkim/dkim_diffheaders.html
+share/doc/opendkim/dkim_dns_close.html
+share/doc/opendkim/dkim_dns_config.html
+share/doc/opendkim/dkim_dns_init.html
+share/doc/opendkim/dkim_dns_nslist.html
+share/doc/opendkim/dkim_dns_set_close.html
+share/doc/opendkim/dkim_dns_set_config.html
+share/doc/opendkim/dkim_dns_set_init.html
+share/doc/opendkim/dkim_dns_set_nslist.html
+share/doc/opendkim/dkim_dns_set_query_cancel.html
+share/doc/opendkim/dkim_dns_set_query_service.html
+share/doc/opendkim/dkim_dns_set_query_start.html
+share/doc/opendkim/dkim_dns_set_query_waitreply.html
+share/doc/opendkim/dkim_dns_set_trustanchor.html
+share/doc/opendkim/dkim_dns_trustanchor.html
+share/doc/opendkim/dkim_dnssec.html
+share/doc/opendkim/dkim_eoh.html
+share/doc/opendkim/dkim_eom.html
+share/doc/opendkim/dkim_flush_cache.html
+share/doc/opendkim/dkim_free.html
+share/doc/opendkim/dkim_get_msgdate.html
+share/doc/opendkim/dkim_get_reputation.html
+share/doc/opendkim/dkim_get_signer.html
+share/doc/opendkim/dkim_get_sigsubstring.html
+share/doc/opendkim/dkim_get_user_context.html
+share/doc/opendkim/dkim_getcachestats.html
+share/doc/opendkim/dkim_getdomain.html
+share/doc/opendkim/dkim_geterror.html
+share/doc/opendkim/dkim_getid.html
+share/doc/opendkim/dkim_getmode.html
+share/doc/opendkim/dkim_getpartial.html
+share/doc/opendkim/dkim_getresultstr.html
+share/doc/opendkim/dkim_getsighdr.html
+share/doc/opendkim/dkim_getsighdr_d.html
+share/doc/opendkim/dkim_getsiglist.html
+share/doc/opendkim/dkim_getsignature.html
+share/doc/opendkim/dkim_getsslbuf.html
+share/doc/opendkim/dkim_getuser.html
+share/doc/opendkim/dkim_header.html
+share/doc/opendkim/dkim_init.html
+share/doc/opendkim/dkim_key_syntax.html
+share/doc/opendkim/dkim_lib.html
+share/doc/opendkim/dkim_libfeature.html
+share/doc/opendkim/dkim_libversion.html
+share/doc/opendkim/dkim_mail_parse.html
+share/doc/opendkim/dkim_minbody.html
+share/doc/opendkim/dkim_ohdrs.html
+share/doc/opendkim/dkim_options.html
+share/doc/opendkim/dkim_param_t.html
+share/doc/opendkim/dkim_privkey_load.html
+share/doc/opendkim/dkim_qi_getname.html
+share/doc/opendkim/dkim_qi_gettype.html
+share/doc/opendkim/dkim_query_t.html
+share/doc/opendkim/dkim_queryinfo.html
+share/doc/opendkim/dkim_resign.html
+share/doc/opendkim/dkim_set_dns_callback.html
+share/doc/opendkim/dkim_set_final.html
+share/doc/opendkim/dkim_set_key_lookup.html
+share/doc/opendkim/dkim_set_margin.html
+share/doc/opendkim/dkim_set_prescreen.html
+share/doc/opendkim/dkim_set_signature_handle.html
+share/doc/opendkim/dkim_set_signature_handle_free.html
+share/doc/opendkim/dkim_set_signature_tagvalues.html
+share/doc/opendkim/dkim_set_signer.html
+share/doc/opendkim/dkim_set_trust_anchor.html
+share/doc/opendkim/dkim_set_user_context.html
+share/doc/opendkim/dkim_setpartial.html
+share/doc/opendkim/dkim_sig_getbh.html
+share/doc/opendkim/dkim_sig_getcanonlen.html
+share/doc/opendkim/dkim_sig_getcanons.html
+share/doc/opendkim/dkim_sig_getcontext.html
+share/doc/opendkim/dkim_sig_getdnssec.html
+share/doc/opendkim/dkim_sig_getdomain.html
+share/doc/opendkim/dkim_sig_geterror.html
+share/doc/opendkim/dkim_sig_geterrorstr.html
+share/doc/opendkim/dkim_sig_getflags.html
+share/doc/opendkim/dkim_sig_gethashes.html
+share/doc/opendkim/dkim_sig_getidentity.html
+share/doc/opendkim/dkim_sig_getkeysize.html
+share/doc/opendkim/dkim_sig_getqueries.html
+share/doc/opendkim/dkim_sig_getreportinfo.html
+share/doc/opendkim/dkim_sig_getselector.html
+share/doc/opendkim/dkim_sig_getsignalg.html
+share/doc/opendkim/dkim_sig_getsignedhdrs.html
+share/doc/opendkim/dkim_sig_getsigntime.html
+share/doc/opendkim/dkim_sig_getsslbuf.html
+share/doc/opendkim/dkim_sig_gettagvalue.html
+share/doc/opendkim/dkim_sig_hdrsigned.html
+share/doc/opendkim/dkim_sig_ignore.html
+share/doc/opendkim/dkim_sig_process.html
+share/doc/opendkim/dkim_sig_seterror.html
+share/doc/opendkim/dkim_sig_syntax.html
+share/doc/opendkim/dkim_sigerror.html
+share/doc/opendkim/dkim_siginfo.html
+share/doc/opendkim/dkim_sigkey_t.html
+share/doc/opendkim/dkim_sign.html
+share/doc/opendkim/dkim_signhdrs.html
+share/doc/opendkim/dkim_ssl_version.html
+share/doc/opendkim/dkim_stat.html
+share/doc/opendkim/dkim_verify.html
+share/doc/opendkim/dns.html
+share/doc/opendkim/example.com.ldif
+share/doc/opendkim/index.html
+share/doc/opendkim/opendkim
+share/doc/opendkim/opendkim-default-keygen
+share/doc/opendkim/opendkim-fixipaddrs.pl
+share/doc/opendkim/opendkim-spam-ignore-cmdswitch.patch
+share/doc/opendkim/opendkim.conf.sample
+share/doc/opendkim/opendkim.conf.simple
+share/doc/opendkim/opendkim.conf.simple-verify
+share/doc/opendkim/opendkim.ldif
+share/doc/opendkim/opendkim.schema
+share/doc/opendkim/opendkim.service
+share/doc/opendkim/opendkim.spec.in
+share/doc/opendkim/opendkim.xml
+share/doc/opendkim/overview.html
+share/doc/opendkim/repute.py
+share/doc/opendkim/stats.lua
diff --git a/opendkim/PLIST.filter b/opendkim/PLIST.filter
new file mode 100644
index 0000000000..048559a841
--- /dev/null
+++ b/opendkim/PLIST.filter
@@ -0,0 +1,5 @@
+@comment $NetBSD: PLIST.filter,v 1.3 2014/03/11 14:05:04 jperkin Exp $
+man/man5/opendkim.conf.5
+man/man8/opendkim.8
+sbin/opendkim
+share/examples/opendkim/opendkim.conf.sample
diff --git a/opendkim/PLIST.opendbx b/opendkim/PLIST.opendbx
new file mode 100644
index 0000000000..e83c63e311
--- /dev/null
+++ b/opendkim/PLIST.opendbx
@@ -0,0 +1,19 @@
+@comment $NetBSD$
+bin/odbx-sql
+include/odbx.h
+include/opendbx/api
+include/opendbx/api.h
+lib/libopendbx.la
+lib/libopendbxplus.la
+lib/opendbx/libmysqlbackend.la
+lib/opendbx/libpgsqlbackend.la
+lib/opendbx/libsqlite3backend.la
+lib/pkgconfig/opendbx.pc
+lib/pkgconfig/opendbxplus.pc
+share/locale/de/LC_MESSAGES/opendbx-utils.mo
+share/locale/de/LC_MESSAGES/opendbx.mo
+share/locale/en@quot/LC_MESSAGES/opendbx-utils.mo
+share/locale/en@quot/LC_MESSAGES/opendbx.mo
+share/opendbx/keywords
+@pkgdir man/man3
+@pkgdir man/man1
diff --git a/opendkim/PLIST.stats b/opendkim/PLIST.stats
new file mode 100644
index 0000000000..f48c716754
--- /dev/null
+++ b/opendkim/PLIST.stats
@@ -0,0 +1,12 @@
+@comment $NetBSD: PLIST.stats,v 1.8 2018/01/01 22:29:41 rillig Exp $
+man/man8/opendkim-expire.8
+man/man8/opendkim-gengraphs.8
+man/man8/opendkim-genstats.8
+man/man8/opendkim-stats.8
+sbin/opendkim-expire
+sbin/opendkim-gengraphs
+sbin/opendkim-genstats
+sbin/opendkim-reportstats
+sbin/opendkim-stats
+share/doc/opendkim/README.opendkim-reportstats
+share/doc/opendkim/mkdb.mysql
diff --git a/opendkim/PLIST.vbr b/opendkim/PLIST.vbr
new file mode 100644
index 0000000000..5b339f2d4b
--- /dev/null
+++ b/opendkim/PLIST.vbr
@@ -0,0 +1,5 @@
+@comment $NetBSD: PLIST.vbr,v 1.2 2011/03/13 23:31:31 pettai Exp $
+include/vbr/vbr.h
+lib/libvbr.la
+lib/pkgconfig/vbr.pc
+man/man3/vbr.3
diff --git a/opendkim/distinfo b/opendkim/distinfo
new file mode 100644
index 0000000000..7cdc13693c
--- /dev/null
+++ b/opendkim/distinfo
@@ -0,0 +1,11 @@
+$NetBSD: distinfo,v 1.26 2023/04/21 13:03:08 manu Exp $
+
+BLAKE2s (opendkim-2.10.3.tar.gz) = b790b2fdcffd16372460f0d686845019c85d21e3530202792c5d601801030dc7
+SHA512 (opendkim-2.10.3.tar.gz) = 97923e533d072c07ae4d16a46cbed95ee799aa50f19468d8bc6d1dc534025a8616c3b4b68b5842bc899b509349a2c9a67312d574a726b048c0ea46dd4fcc45d8
+Size (opendkim-2.10.3.tar.gz) = 1210224 bytes
+SHA1 (patch-configure.ac) = c9ae182ed2c5c2ec3018fe4c6066ed7fa0d3686f
+SHA1 (patch-libopendkim_dkim-canon.c) = 3d15386a114639f2479505bc3b12c1de67dbb18a
+SHA1 (patch-opendkim_opendkim-config.h) = 26d8fc53c223cef7d7c2e8acbf9e6a085aebffaf
+SHA1 (patch-opendkim_opendkim-crypto.c) = d7d08fda3dba5bf9cb834123218b1e89b78878e5
+SHA1 (patch-opendkim_opendkim.c) = 1e983a419d0b182bce371dfb24c4df959e0bbb1e
+SHA1 (patch-opendkim_opendkim.conf.5) = d6566b01203a92f6ab7e87572043d91fa0efa63a
diff --git a/opendkim/files/opendkim.sh b/opendkim/files/opendkim.sh
new file mode 100644
index 0000000000..f841f29828
--- /dev/null
+++ b/opendkim/files/opendkim.sh
@@ -0,0 +1,40 @@
+#!@RCD_SCRIPTS_SHELL@
+#
+# $NetBSD: opendkim.sh,v 1.3 2011/06/17 13:49:35 pettai Exp $
+#
+# PROVIDE: opendkim
+# REQUIRE: DAEMON
+# BEFORE: mail
+
+if [ -f /etc/rc.subr ]; then
+	. /etc/rc.subr
+fi
+
+name="opendkim"
+rcvar=$name
+command="@PREFIX@/sbin/opendkim"
+pidfile="@VARBASE@/run/opendkim/${name}.pid"
+command_args="-P ${pidfile} -l -x @PKG_SYSCONFDIR@/opendkim.conf -u @DKIM_USER@:@DKIM_GROUP@"
+required_files="@PKG_SYSCONFDIR@/opendkim.conf"
+start_precmd="opendkim_precmd"
+
+opendkim_precmd()
+{
+	if [ ! -d @VARBASE@/run/opendkim ]; then
+		@MKDIR@ @VARBASE@/run/opendkim
+		@CHMOD@ 0750 @VARBASE@/run/opendkim
+		@CHOWN@ @DKIM_USER@:@DKIM_GROUP@ @VARBASE@/run/opendkim
+	fi
+
+	if [ -f @VARBASE@/run/opendkim/${name}.sock ]; then
+		@RM@ -f @VARBASE@/run/opendkim/${name}.sock
+	fi
+}
+
+if [ -f /etc/rc.subr ]; then
+        load_rc_config $name
+	run_rc_command "$1"
+else
+	echo -n " ${name}"
+	${command} ${opendkim_flags} ${command_args}
+fi
diff --git a/opendkim/files/smf/manifest.xml b/opendkim/files/smf/manifest.xml
new file mode 100644
index 0000000000..ef480c5899
--- /dev/null
+++ b/opendkim/files/smf/manifest.xml
@@ -0,0 +1,29 @@
+<?xml version="1.0"?>
+<!DOCTYPE service_bundle SYSTEM "/usr/share/lib/xml/dtd/service_bundle.dtd.1">
+<service_bundle type="manifest" name="export">
+  <service name="@SMF_PREFIX@/@SMF_NAME@" type="service" version="1">
+    <create_default_instance enabled="false" />
+    <single_instance />
+    <dependency name="network" grouping="require_all" restart_on="error" type="service">
+      <service_fmri value="svc:/milestone/network:default" />
+    </dependency>
+    <dependency name="filesystem" grouping="require_all" restart_on="error" type="service">
+      <service_fmri value="svc:/system/filesystem/local" />
+    </dependency>
+    <method_context working_directory="@VARBASE@/db/opendkim">
+      <method_credential user="@DKIM_USER@" group="@DKIM_GROUP@" />
+    </method_context>
+    <exec_method type="method" name="start" exec="@PREFIX@/sbin/opendkim" timeout_seconds="60" />
+    <exec_method type="method" name="stop" exec=":kill" timeout_seconds="60" />
+    <property_group name="startd" type="framework">
+      <propval name="duration" type="astring" value="contract" />
+      <propval name="ignore_error" type="astring" value="core,signal" />
+    </property_group>
+    <property_group name="application" type="application"></property_group>
+    <template>
+      <common_name>
+        <loctext xml:lang="C">OpenDKIM filter daemo filter daemonn</loctext>
+      </common_name>
+    </template>
+  </service>
+</service_bundle>
diff --git a/opendkim/options.mk b/opendkim/options.mk
new file mode 100644
index 0000000000..3ccc79ff9b
--- /dev/null
+++ b/opendkim/options.mk
@@ -0,0 +1,72 @@
+# $NetBSD: options.mk,v 1.5 2014/09/25 13:56:50 jperkin Exp $
+
+PKG_OPTIONS_VAR=	PKG_OPTIONS.opendkim
+PKG_SUPPORTED_OPTIONS=	opendkim-filter debug dkim-stats vbr opendbx
+PKG_SUGGESTED_OPTIONS=	opendkim-filter opendbx
+
+.include "../../mk/bsd.options.mk"
+
+###
+### Debug support
+###
+.if !empty(PKG_OPTIONS:Mdebug)
+CONFIGURE_ARGS+=	--enable-debug
+.else
+CONFIGURE_ARGS+=	--disable-debug
+.endif
+
+###
+### Install filter (milter) plugin
+###
+.if !empty(PKG_OPTIONS:Mopendkim-filter)
+EGDIR=		${PREFIX}/share/examples/opendkim
+RCD_SCRIPTS=	opendkim
+
+CONFIGURE_ARGS+=	--enable-filter
+CONFIGURE_ARGS+=	--with-milter=${BUILDLINK_PREFIX.libmilter}
+
+CONF_FILES=		${EGDIR}/opendkim.conf.sample \
+			${PKG_SYSCONFDIR}/opendkim.conf
+
+INSTALLATION_DIRS=	${EGDIR}
+
+post-install:
+	${INSTALL_DATA} ${WRKSRC}/opendkim/opendkim.conf.sample \
+				${DESTDIR}${EGDIR}/opendkim.conf.sample
+
+PLIST_SRC+=		${PKGDIR}/PLIST.filter
+.else
+CONFIGURE_ARGS+=	--disable-filter
+.endif
+
+###
+### Install opendbx plugin
+###
+.if !empty(PKG_OPTIONS:Mopendbx)
+CONFIGURE_ARGS+=	--with-odbx=${BUILDLINK_PREFIX.opendbx}
+.endif
+
+###
+### Build with VBR support
+###
+.if !empty(PKG_OPTIONS:Mvbr)
+CONFIGURE_ARGS+=	--enable-vbr
+PKGCONFIG_OVERRIDE+=	libvbr/vbr.pc.in
+PLIST_SRC+=		${PKGDIR}/PLIST.vbr
+.else
+CONFIGURE_ARGS+=	--disable-vbr
+.endif
+
+###
+### Install stats which outputs opendkim statistics
+###
+.if !empty(PKG_OPTIONS:Mdkim-stats)
+#.include "../../mk/db1.builtin.mk"
+CONFIGURE_ARGS+=	--enable-stats
+PLIST_SRC+=		${PKGDIR}/PLIST.stats
+REPLACE_PERL+=		stats/opendkim-expire.in
+REPLACE_PERL+=		stats/opendkim-gengraphs.in
+REPLACE_PERL+=		stats/opendkim-genstats.in
+.else
+CONFIGURE_ARGS+=	--disable-stats
+.endif
diff --git a/opendkim/patches/patch-configure.ac b/opendkim/patches/patch-configure.ac
new file mode 100644
index 0000000000..6211259691
--- /dev/null
+++ b/opendkim/patches/patch-configure.ac
@@ -0,0 +1,64 @@
+$NetBSD: patch-configure.ac,v 1.2 2020/01/07 13:35:13 sborrill Exp $
+
+- compat for OpenSSL 1.1 https://sourceforge.net/p/opendkim/patches/37/
+- fix == bashism
+
+--- configure.ac.orig	2015-05-12 19:43:09.000000000 +0100
++++ configure.ac	2020-01-07 13:30:01.000000000 +0000
+@@ -860,26 +860,28 @@
+ 	AC_SEARCH_LIBS([ERR_peek_error], [crypto], ,
+ 	               AC_MSG_ERROR([libcrypto not found]))
+ 
+-	AC_SEARCH_LIBS([SSL_library_init], [ssl], ,
+-		[
+-			if test x"$enable_shared" = x"yes"
+-			then
+-				AC_MSG_ERROR([Cannot build shared opendkim
+-				              against static openssl libraries.
+-				              Configure with --disable-shared
+-				              to get this working or obtain a
+-				              shared libssl library for
+-				              opendkim to use.])
+-			fi
+ 
+-			# avoid caching issue - last result of SSL_library_init
+-			# shouldn't be cached for this next check
+-			unset ac_cv_search_SSL_library_init
+-			LIBCRYPTO_LIBS="$LIBCRYPTO_LIBS -ldl"
+-			AC_SEARCH_LIBS([SSL_library_init], [ssl], ,
+-			               AC_MSG_ERROR([libssl not found]), [-ldl])
+-		]
+-	)
++	AC_LINK_IFELSE(
++		       [AC_LANG_PROGRAM([[#include <openssl/ssl.h>]],
++					[[SSL_library_init();]])],
++					[od_have_ossl="yes";],
++					[od_have_ossl="no";])
++	if test x"$od_have_ossl" = x"no"
++	then
++		if test x"$enable_shared" = x"yes"
++		then
++			AC_MSG_ERROR([Cannot build shared opendkim
++			              against static openssl libraries.
++			              Configure with --disable-shared
++			              to get this working or obtain a
++			              shared libssl library for
++			              opendkim to use.])
++		fi
++
++		LIBCRYPTO_LIBS="$LIBCRYPTO_LIBS -ldl"
++		AC_SEARCH_LIBS([SSL_library_init], [ssl], ,
++		               AC_MSG_ERROR([libssl not found]), [-ldl])
++	fi
+ 
+ 	AC_CHECK_DECL([SHA256_DIGEST_LENGTH],
+                       AC_DEFINE([HAVE_SHA256], 1,
+@@ -2184,7 +2186,7 @@
+ 	AC_MSG_ERROR([reputation requires libjansson])
+ fi
+ 
+-if test x"$jansson_found" == x"yes"
++if test x"$jansson_found" = x"yes"
+ then
+ 	AC_DEFINE(USE_JANSSON, 1, [use libjansson to parse REPUTE replies])
+ fi
diff --git a/opendkim/patches/patch-libopendkim_dkim-canon.c b/opendkim/patches/patch-libopendkim_dkim-canon.c
new file mode 100644
index 0000000000..fc2c8b5199
--- /dev/null
+++ b/opendkim/patches/patch-libopendkim_dkim-canon.c
@@ -0,0 +1,25 @@
+$NetBSD: patch-libopendkim_dkim-canon.c,v 1.2 2022/05/16 19:12:19 jperkin Exp $
+
+Fix DKIM canonization of headers formatted as Name:\r\n\tValue
+
+Submitted upstream as https://github.com/trusteddomainproject/OpenDKIM/pull/119
+
+--- libopendkim/dkim-canon.c.orig	2021-03-18 09:50:14.195951232 +0100
++++ libopendkim/dkim-canon.c	2021-03-19 09:49:52.141301747 +0100
+@@ -386,10 +386,14 @@
+ 				break;
+ 			}
+ 		}
+ 
+-		/* skip all spaces before first word */
+-		while (*p != '\0' && DKIM_ISWSP(*p))
++		/*
++		 * skip all spaces before first word 
++		 * we also need to skip CRLF for long header formatted as
++		 * Header-Name:\r\n\tHeader-value
++		 */
++		while (*p != '\0' && DKIM_ISLWSP(*p))
+ 			p++;
+ 
+ 		space = FALSE;				/* just saw a space */
+ 
diff --git a/opendkim/patches/patch-opendkim_opendkim-config.h b/opendkim/patches/patch-opendkim_opendkim-config.h
new file mode 100644
index 0000000000..c7ba82bd4f
--- /dev/null
+++ b/opendkim/patches/patch-opendkim_opendkim-config.h
@@ -0,0 +1,22 @@
+$NetBSD: patch-opendkim_opendkim-config.h,v 1.1 2023/04/21 13:03:09 manu Exp $
+
+Add OmitHeadersDB directive to specify file containing per-recipient 
+list of headers to not use in signature. The file format is:
+
+user%doamin.tld@localhost	header1,header2,header3
+domain.tld	header4,header5
+
+From upstream https://github.com/trusteddomainproject/OpenDKIM/pull/173
+
+--- opendkim/opendkim-config.h.orig
++++ opendkim/opendkim-config.h
+@@ -114,8 +114,9 @@
+ 	{ "MustBeSigned",		CONFIG_TYPE_STRING,	FALSE },
+ 	{ "Nameservers",		CONFIG_TYPE_STRING,	FALSE },
+ 	{ "NoHeaderB",			CONFIG_TYPE_BOOLEAN,	FALSE },
+ 	{ "OmitHeaders",		CONFIG_TYPE_STRING,	FALSE },
++	{ "OmitHeadersDB",		CONFIG_TYPE_STRING,	FALSE },
+ 	{ "On-BadSignature",		CONFIG_TYPE_STRING,	FALSE },
+ 	{ "On-Default",			CONFIG_TYPE_STRING,	FALSE },
+ 	{ "On-DNSError",		CONFIG_TYPE_STRING,	FALSE },
+ 	{ "On-InternalError",		CONFIG_TYPE_STRING,	FALSE },
diff --git a/opendkim/patches/patch-opendkim_opendkim-crypto.c b/opendkim/patches/patch-opendkim_opendkim-crypto.c
new file mode 100644
index 0000000000..216efdedcd
--- /dev/null
+++ b/opendkim/patches/patch-opendkim_opendkim-crypto.c
@@ -0,0 +1,34 @@
+$NetBSD: patch-opendkim_opendkim-crypto.c,v 1.1 2019/11/24 23:20:40 christos Exp $
+
+- OpenSSL 1.1 compat https://sourceforge.net/p/opendkim/patches/37/
+
+--- opendkim/opendkim-crypto.c.orig	2013-02-25 16:02:41.000000000 -0500
++++ opendkim/opendkim-crypto.c	2019-11-24 18:04:07.924299914 -0500
+@@ -222,7 +222,11 @@
+ 	{
+ 		assert(pthread_setspecific(id_key, ptr) == 0);
+ 
++#if OPENSSL_VERSION_NUMBER >= 0x10100000
++		OPENSSL_thread_stop();
++#else
+ 		ERR_remove_state(0);
++#endif
+ 
+ 		free(ptr);
+ 
+@@ -392,11 +396,15 @@
+ {
+ 	if (crypto_init_done)
+ 	{
++#if OPENSSL_VERSION_NUMBER >= 0x10100000
++		OPENSSL_thread_stop();
++#else
+ 		CRYPTO_cleanup_all_ex_data();
+ 		CONF_modules_free();
+ 		EVP_cleanup();
+ 		ERR_free_strings();
+ 		ERR_remove_state(0);
++#endif
+ 
+ 		if (nmutexes > 0)
+ 		{
diff --git a/opendkim/patches/patch-opendkim_opendkim.c b/opendkim/patches/patch-opendkim_opendkim.c
new file mode 100644
index 0000000000..d632f71b0d
--- /dev/null
+++ b/opendkim/patches/patch-opendkim_opendkim.c
@@ -0,0 +1,273 @@
+$NetBSD: patch-opendkim_opendkim.c,v 1.1 2023/04/21 13:03:09 manu Exp $
+
+Add OmitHeadersDB directive to specify file containing per-recipient 
+list of headers to not use in signature. The file format is:
+
+user%doamin.tld@localhost	header1,header2,header3
+domain.tld	header4,header5
+
+From upstream https://github.com/trusteddomainproject/OpenDKIM/pull/173
+
+--- opendkim/opendkim.c.orig
++++ opendkim/opendkim.c
+@@ -390,6 +390,7 @@ struct dkimf_config
+ 	DKIMF_DB	conf_domainsdb;		/* domains to sign (DB) */
+ 	DKIMF_DB	conf_omithdrdb;		/* headers to omit (DB) */
+ 	char **		conf_omithdrs;		/* headers to omit (array) */
++	DKIMF_DB	conf_omithdrkdb;	/* headers to omit (keyed DB) */
+ 	DKIMF_DB	conf_signhdrsdb;	/* headers to sign (DB) */
+ 	char **		conf_signhdrs;		/* headers to sign (array) */
+ 	DKIMF_DB	conf_senderhdrsdb;	/* sender headers (DB) */
+@@ -519,6 +520,7 @@ struct msgctx
+ 						/* primary domain */
+ 	unsigned char	mctx_dkimar[DKIM_MAXHEADER + 1];
+ 						/* DKIM Auth-Results content */
++	char **		mctx_omithdrs;		/* headers to omit (array) */
+ };
+ 
+ /*
+@@ -1053,6 +1055,188 @@ dkimf_getsymval(SMFICTX *ctx, char *sym)
+ 		return smfi_getsymval(ctx, sym);
+ }
+ 
++
++/*
++**  DKIMF_GET_OMITHEADERS -- Get per-recipient headers to not sign
++**
++**  Parameters:
++**  	conf -- configuration handle
++**  	rcpt -- recipient
++**  	hdrs -- comma-separated list of headers (returned)
++**  	hdrslen -- size of hdrs buffer
++**
++**  Return value:
++**  	0 -- success
++**  	!0 -- error
++*/
++
++static int
++dkimf_get_omitheaders(struct dkimf_config *conf, const char *rcpt,
++                      char *hdrs, size_t hdrslen)
++{
++	int status;
++	_Bool found;
++	unsigned char *user = NULL;
++	unsigned char *domain = NULL;
++	char tmp[MAXADDRESS + 1];
++	char addr[MAXADDRESS + 1];
++	struct dkimf_db_data req;
++
++	assert(conf != NULL);
++	assert(conf->conf_omithdrkdb != NULL);
++	assert(rcpt != NULL);
++	assert(hdrs != NULL);
++
++	strlcpy(tmp, rcpt, sizeof(tmp));
++	status = dkim_mail_parse(tmp, &user, &domain);
++	if (status != 0)
++	{
++		return -1;
++	}
++
++	memset(&req, '\0', sizeof req);
++	req.dbdata_buffer = hdrs;
++	req.dbdata_buflen = hdrslen;
++
++	/* first try full "user@host" */
++	found = FALSE;
++	(void)snprintf(addr, sizeof addr, "%s@%s", user, domain);
++	status = dkimf_db_get(conf->conf_omithdrkdb, addr, strlen(addr),
++			      &req, 1, &found);
++	if (status != 0 ||
++	    (found && (req.dbdata_buflen == 0 ||
++		       req.dbdata_buflen == (size_t) -1)))
++	{
++		return -1;
++	}
++	else if (found)
++	{
++		req.dbdata_buffer[req.dbdata_buflen] = '\0';
++		return 0;
++	}
++
++	/* now just "host" */
++
++	memset(&req, '\0', sizeof req);
++	req.dbdata_buffer = hdrs;
++	req.dbdata_buflen = hdrslen;
++	
++	found = FALSE;
++	status = dkimf_db_get(conf->conf_omithdrkdb, domain, strlen(domain),
++			      &req, 1, &found);
++	if (status != 0 ||
++	    (found && (req.dbdata_buflen == 0 ||
++		       req.dbdata_buflen == (size_t) -1)))
++	{
++		return -1;
++	}
++	else if (found)
++	{
++		req.dbdata_buffer[req.dbdata_buflen] = '\0';
++		return 0;
++	}
++
++	return -1;
++}
++
++/*
++**  DKIMF_APPEND_ARRAY -- Append an item to an string array 
++**                        The item is only added if it is not
++**			  alreay present. 
++**
++**  Parameters:
++**  	arrayp -- pointer to array
++**  	item -- new string to append
++**  	init -- array of strings to insert if array is empty
++**
++**  Return value:
++**  	None
++*/
++
++static void
++dkimf_append_array(char ***arrayp, char *item, const u_char **init)
++{
++	char **array;
++	int i;
++
++	assert(arrayp != NULL);
++	assert(*arrayp != NULL || init != NULL);
++
++	array = *arrayp;
++
++	if (array == NULL) {
++		for (i = 0; init[i]; i++);
++
++		array = calloc(i + 1, sizeof(*array));
++		if (array == NULL)
++		{
++			syslog(LOG_ERR, "calloc failed");
++			return;
++		}
++
++		for (i = 0; init[i]; i++)
++			array[i] = strdup(init[i]);
++	}
++
++	for (i = 0; array[i]; i++) {
++		if (strcasecmp(array[i], item) == 0)
++			return;
++	}
++	
++	if ((array = realloc(array, (i + 2) * sizeof(*array))) == NULL)
++        {
++		syslog(LOG_ERR, "realloc failed");
++		return;
++        }
++	
++	array[i] = strdup(item);
++	array[i + 1] = NULL;
++
++	*arrayp = array;
++	
++	return;
++}
++
++/*
++**  DKIMF_CONFIGURE_OMITHEADERS -- Configure per-recipient header to not sign
++**
++**  Parameters:
++**  	conf -- configuration handle
++**  	omithdrs -- comma-separated list of headers to not sign
++**
++**  Return value:
++**  	None
++*/
++
++static void
++dkimf_configure_omitheaders(msgctx mctx, struct dkimf_config *conf,
++			    char *omithdrs)
++{
++	size_t count = 0;
++	const char *delim = " ,";
++	char *p;
++	char *last;
++
++	assert(conf != NULL);
++	assert(conf->conf_libopendkim != NULL);
++
++	if (omithdrs) {
++		for (p = strtok_r(omithdrs, delim, &last);
++		     p != NULL;
++		     p = strtok_r(NULL, delim, &last))
++			dkimf_append_array(&mctx->mctx_omithdrs, p,
++					   dkim_should_not_signhdrs);
++	}
++
++	(void)dkim_options(conf->conf_libopendkim,
++			   DKIM_OP_SETOPT,
++			   DKIM_OPTS_SKIPHDRS,
++			   mctx->mctx_omithdrs, sizeof(char **));
++
++	return;
++}
++
++
+ #ifdef USE_LUA
+ /*
+ **  LUA ACCESSOR FUNCTIONS
+@@ -5920,6 +6104,9 @@ dkimf_config_free(struct dkimf_config *conf)
+ 	if (conf->conf_omithdrdb != NULL)
+ 		dkimf_db_close(conf->conf_omithdrdb);
+ 
++	if (conf->conf_omithdrkdb != NULL)
++		dkimf_db_close(conf->conf_omithdrkdb);
++
+ 	if (conf->conf_thirdpartydb != NULL)
+ 		dkimf_db_close(conf->conf_thirdpartydb);
+ 
+@@ -7293,6 +7480,29 @@ dkimf_config_load(struct config *data, struct dkimf_config *conf,
+ 		}
+ 	}
+ 
++	str = NULL;
++	if (data != NULL)
++	{
++		(void) config_get(data, "OmitHeadersDB", &str, sizeof str);
++		if (str != NULL)
++		{
++			int status;
++			char *dberr = NULL;
++
++			status = dkimf_db_open(&conf->conf_omithdrkdb, str,
++					       (dbflags |
++						DKIMF_DB_FLAG_ICASE |
++						DKIMF_DB_FLAG_READONLY),
++					       NULL, &dberr);
++			if (status != 0)
++			{
++				snprintf(err, errlen, "%s: dkimf_db_open(): %s",
++					 str, dberr);
++				return -1;
++			}	
++		}
++	}
++
+ 	str = NULL;
+ 	if (data != NULL)
+ 	{
+@@ -11238,6 +11448,15 @@ mlfi_envrcpt(SMFICTX *ctx, char **envrcpt)
+ 		dfc->mctx_rcptlist = a;
+ 	}
+ 
++	if (conf->conf_omithdrkdb != NULL) {
++		char omithdrs[MAXBUFRSZ];
++		if (dkimf_get_omitheaders(conf, envrcpt[0],
++					  omithdrs, sizeof omithdrs) != -1)
++			dkimf_configure_omitheaders(dfc, conf, omithdrs);
++		else
++			dkimf_configure_omitheaders(dfc, conf, NULL);
++	}
++
+ 	return SMFIS_CONTINUE;
+ }
+ 
diff --git a/opendkim/patches/patch-opendkim_opendkim.conf.5 b/opendkim/patches/patch-opendkim_opendkim.conf.5
new file mode 100644
index 0000000000..d70d3cc6e8
--- /dev/null
+++ b/opendkim/patches/patch-opendkim_opendkim.conf.5
@@ -0,0 +1,28 @@
+$NetBSD: patch-opendkim_opendkim.conf.5,v 1.1 2023/04/21 13:03:09 manu Exp $
+
+Add OmitHeadersDB directive to specify file containing per-recipient 
+list of headers to not use in signature. The file format is:
+
+user%doamin.tld@localhost	header1,header2,header3
+domain.tld	header4,header5
+
+From upstream https://github.com/trusteddomainproject/OpenDKIM/pull/173
+
+--- opendkim/opendkim.conf.5.in.orig
++++ opendkim/opendkim.conf.5.in
+@@ -619,6 +619,15 @@ default; for example, "*,+foobar" will use the entire default list plus
+ the name "foobar", while "*,-Bcc" would use the entire default list except
+ for the "Bcc" entry.
+ 
++.TP
++.I OmitHeadersDB (string)
++Specify a file containing a per-recipient list of headers to omit 
++when generating signatures. Return-Path, Received, Comments, and
++Keywoard are implicitely added to the list. The file should have
++two columns : a recipient as user%domain.tld@localhost or domain.tld, and 
++a comma-separated lis of headers to omit. For example 
++"list%example.net@localhost Subject,Bcc"
++
+ .TP
+ .I On-BadSignature (string)
+ Selects the action to be taken when a signature fails to validate.


Home | Main Index | Thread Index | Old Index