head 1.3; access; symbols pkgsrc-2020Q3:1.2.0.2 pkgsrc-2020Q3-base:1.2 pkgsrc-2020Q2:1.1.0.44 pkgsrc-2020Q2-base:1.1 pkgsrc-2020Q1:1.1.0.24 pkgsrc-2020Q1-base:1.1 pkgsrc-2019Q4:1.1.0.46 pkgsrc-2019Q4-base:1.1 pkgsrc-2019Q3:1.1.0.42 pkgsrc-2019Q3-base:1.1 pkgsrc-2019Q2:1.1.0.40 pkgsrc-2019Q2-base:1.1 pkgsrc-2019Q1:1.1.0.38 pkgsrc-2019Q1-base:1.1 pkgsrc-2018Q4:1.1.0.36 pkgsrc-2018Q4-base:1.1 pkgsrc-2018Q3:1.1.0.34 pkgsrc-2018Q3-base:1.1 pkgsrc-2018Q2:1.1.0.32 pkgsrc-2018Q2-base:1.1 pkgsrc-2018Q1:1.1.0.30 pkgsrc-2018Q1-base:1.1 pkgsrc-2017Q4:1.1.0.28 pkgsrc-2017Q4-base:1.1 pkgsrc-2017Q3:1.1.0.26 pkgsrc-2017Q3-base:1.1 pkgsrc-2017Q2:1.1.0.22 pkgsrc-2017Q2-base:1.1 pkgsrc-2017Q1:1.1.0.20 pkgsrc-2017Q1-base:1.1 pkgsrc-2016Q4:1.1.0.18 pkgsrc-2016Q4-base:1.1 pkgsrc-2016Q3:1.1.0.16 pkgsrc-2016Q3-base:1.1 pkgsrc-2016Q2:1.1.0.14 pkgsrc-2016Q2-base:1.1 pkgsrc-2016Q1:1.1.0.12 pkgsrc-2016Q1-base:1.1 pkgsrc-2015Q4:1.1.0.10 pkgsrc-2015Q4-base:1.1 pkgsrc-2015Q3:1.1.0.8 pkgsrc-2015Q3-base:1.1 pkgsrc-2015Q2:1.1.0.6 pkgsrc-2015Q2-base:1.1 pkgsrc-2015Q1:1.1.0.4 pkgsrc-2015Q1-base:1.1 pkgsrc-2014Q4:1.1.0.2 pkgsrc-2014Q4-base:1.1; locks; strict; comment @# @; 1.3 date 2020.12.24.01.10.23; author manu; state dead; branches; next 1.2; commitid Y4NmHrwrFVWmRVAC; 1.2 date 2020.07.27.20.41.10; author oster; state Exp; branches; next 1.1; commitid YkfmX1eLoEz4aLhC; 1.1 date 2014.12.05.16.00.23; author christos; state Exp; branches 1.1.44.1; next ; commitid iRtg1QkOmIYVRR0y; 1.1.44.1 date 2020.07.30.18.48.39; author bsiegert; state Exp; branches; next ; commitid fHPDXEWJlgVls8iC; desc @@ 1.3 log @Updated mail/opendmarc to 1.4.0beta1 Change since 1.3.1 from RELEASE_NOTES 1.4.0 2018/06/?? Add ARC support. Extensive work contributed by ValiMail. Add "DomainWhitelist" and "DomainWhitelistFile" config options. Extract client IP address for ARC reports when provided via Authentication-Results. Update SQL schema to support new reporting functionality for DKIM selectors and ARC local policy overrides (refer to the example schema.mysql file). Add experimental support for reporting of ARC local policy overrides. Add support for recording and reporting of DKIM selectors. Override a DMARC "fail" if an ARC "pass" is recorded in conjunction with an ARC policy pass. Fix bug #137: Handle base64 inside AR tokens that are values. Problem reported by Joseph Coffland. LIBOPENDMARC: Fix bug #203: Reject DMARC records that have duplicate tags in them. Reported by Dirk Stoecker. REPORTS: Feature request #146: Add option to pull input from a file. REPORTS: Fix bug #153: Suppress duplicate results from the same domain. Patch from Tomki Camp. 1.3.2 2017/03/04 Feature request #86: Change meaning of "RequiredHeaders" such that header validity is always checked, but messages are only rejected on that basis when the flag is set. Based on a patch from Andreas Schulze. Feature request #127: Log SPF results when rejecting. Requested by Patrick Wagner; patch from Andreas Schulze, follow-up patch from Juri Haberland. Feature request #138: Inculde policy and disposition information in an Authentication-Results comment. Based on a patch from Juri Haberland. Feature request #139: Include the client host name if known in failure reports. Suggested by Roland Turner; patch by Andreas Schulze. Fix bug #95: Assume IPv6 for SPF operations. Patch from Juri Haberland. Fix bug #120: Fix control logic around the SPF result. Reported by Christophe Wolfhugel; patch from Andreas Schulze. Fix bug #122: Don't skip the HELO milter phase when SPF is enabled. Reported by Christophe Wolfhugel. Fix bug #157: Fix logging of implicit authserv-ids. Reported by Andreas Schulze; patch from Juri Haberland. Fix bug #158: Log ignored connections. Patch from Andreas Schulze. Fix bug #160: Fix "SyslogFacility" handling. Patch from Juri Haberland. Fix bug #163: Use a larger buffer for the raw MAIL FROM value. Based on a patch from Andreas Schulze. Fix bug #174: Trim "!" suffixes from reporting addresses. Problem noted by Juri Haberland. Fix bug #186: When reloading the configuration file, the public suffix list was read in with the wrong comment indicator. Patch from Federico Omoto. Fix bug #194: Fix inappropriate DMARC status when "p=none" is discovered. Patch from Juri Haberland. Fix bug #195: When parsing Received-SPF, use the correct constants in the history file entries. Patch from Juri Haberland. LIBOPENDMARC: Fix bug #115: Fix type mismatch. Patch from Sebastian A. Siewior via Scott Kitterman. LIBOPENDMARC: Fix bug #121: Fix IPv6 CIDR matching in SPF code. Patch from Christophe Wolfhugel. LIBOPENDMARC: Fix bug #125: Compile time IPv6 fix. Reported by Christophe Wolfhugel. LIBOPENDMARC: Fix bug #131: Fix alignment bug. Patch from Andreas Schulze. LIBOPENDMARC: Fix bug #147: Fix stripping of whitespace from DMARC DNS records. Based on a patch from Job Noorman. LIBOPENDMARC: Fix bug #149: Apply "sp" setting, if present and applicable. Patch from Petr Novak. LIBOPENDMARC: Fix bug #154: Fix "rf" and "fo" processing logic. LIBOPENDMARC: Fix bug #156: Fix variable name. Patch by Andreas Schulze. LIBOPENDMARC: Fix bug #165: Fix logic in checking which SPF identifier was used. Patches from Marco Favero and Juri Haberland. LIBOPENDMARC: Fix bug #167: Don't return "fail" when we should return "none". Patch from Marco Favero. REPORTS: Fix bug #134: Handle SMTP errors correctly. Patch from Andreas Schulze. REPORTS: Fix bug #141: Set the HELO parameter correctly. Reported by Alan Smith; patch from Andreas Schulze. REPORTS: Fix bug #143: Fix logic in table truncation. Reported by Wayne Andersen; patch from Juri Haberland. REPORTS: Fix bug #162: Always report "sp" in aggregate reports. Patch from Juri Haberland. REPORTS: Fix bug #166: Fix report start/end time logic. Patch from Juri Haberland. REPORTS: Fix bug #188: Don't delete inputs too early in opendmarc-reports. Patch from Juri Haberland. TOOLS: Fix bug #161: "Forensic" reports were renamed "Failure" reports. Patch from Andreas Schulze. TOOLS: Fix bug #164: Handle IPv6 test addresses. Reported by Andreas Schulze; patch from Juri Haberland. DOCS: Patch #189: Replace the DMARC RFC with an HTML page referencing the relevant specs, since Debian doesn't consider RFCs to be "free". Patch from Scott Kitterman via Juri Haberland. @ text @$NetBSD: patch-configure,v 1.2 2020/07/27 20:41:10 oster Exp $ Check for res_ndestroy(), __res_init(), and __res_ndestroy(). --- configure.orig 2015-02-23 20:32:13.000000000 +0000 +++ configure @@@@ -12971,6 +12971,184 @@@@ $as_echo "#define HAVE_RES_NINIT 1" >>co fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing res_ndestroy" >&5 +$as_echo_n "checking for library containing res_ndestroy... " >&6; } +if ${ac_cv_search_res_ndestroy+:} false; then : + $as_echo_n "(cached) " >&6 +else + ac_func_search_save_LIBS=$LIBS +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +/* Override any GCC internal prototype to avoid an error. + Use char because int might match the return type of a GCC + builtin and then its argument prototype would still apply. */ +#ifdef __cplusplus +extern "C" +#endif +char res_ndestroy (); +int +main () +{ +return res_ndestroy (); + ; + return 0; +} +_ACEOF +for ac_lib in '' resolv; do + if test -z "$ac_lib"; then + ac_res="none required" + else + ac_res=-l$ac_lib + LIBS="-l$ac_lib $ac_func_search_save_LIBS" + fi + if ac_fn_c_try_link "$LINENO"; then : + ac_cv_search_res_ndestroy=$ac_res +fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext + if ${ac_cv_search_res_ndestroy+:} false; then : + break +fi +done +if ${ac_cv_search_res_ndestroy+:} false; then : + +else + ac_cv_search_res_ndestroy=no +fi +rm conftest.$ac_ext +LIBS=$ac_func_search_save_LIBS +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_res_ndestroy" >&5 +$as_echo "$ac_cv_search_res_ndestroy" >&6; } +ac_res=$ac_cv_search_res_ndestroy +if test "$ac_res" != no; then : + test "$ac_res" = "none required" || LIBS="$ac_res $LIBS" + +$as_echo "#define HAVE_RES_NDESTROY 1" >>confdefs.h + +fi + + + +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing __res_ninit" >&5 +$as_echo_n "checking for library containing __res_ninit... " >&6; } +if ${ac_cv_search___res_ninit+:} false; then : + $as_echo_n "(cached) " >&6 +else + ac_func_search_save_LIBS=$LIBS +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +/* Override any GCC internal prototype to avoid an error. + Use char because int might match the return type of a GCC + builtin and then its argument prototype would still apply. */ +#ifdef __cplusplus +extern "C" +#endif +char __res_ninit (); +int +main () +{ +return __res_ninit (); + ; + return 0; +} +_ACEOF +for ac_lib in '' resolv; do + if test -z "$ac_lib"; then + ac_res="none required" + else + ac_res=-l$ac_lib + LIBS="-l$ac_lib $ac_func_search_save_LIBS" + fi + if ac_fn_c_try_link "$LINENO"; then : + ac_cv_search___res_ninit=$ac_res +fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext + if ${ac_cv_search___res_ninit+:} false; then : + break +fi +done +if ${ac_cv_search___res_ninit+:} false; then : + +else + ac_cv_search___res_ninit=no +fi +rm conftest.$ac_ext +LIBS=$ac_func_search_save_LIBS +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search___res_ninit" >&5 +$as_echo "$ac_cv_search___res_ninit" >&6; } +ac_res=$ac_cv_search___res_ninit +if test "$ac_res" != no; then : + test "$ac_res" = "none required" || LIBS="$ac_res $LIBS" + +$as_echo "#define HAVE_RES_NINIT 1" >>confdefs.h + +fi + +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing __res_ndestroy" >&5 +$as_echo_n "checking for library containing __res_ndestroy... " >&6; } +if ${ac_cv_search___res_ndestroy+:} false; then : + $as_echo_n "(cached) " >&6 +else + ac_func_search_save_LIBS=$LIBS +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +/* Override any GCC internal prototype to avoid an error. + Use char because int might match the return type of a GCC + builtin and then its argument prototype would still apply. */ +#ifdef __cplusplus +extern "C" +#endif +char __res_ndestroy (); +int +main () +{ +return __res_ndestroy (); + ; + return 0; +} +_ACEOF +for ac_lib in '' resolv; do + if test -z "$ac_lib"; then + ac_res="none required" + else + ac_res=-l$ac_lib + LIBS="-l$ac_lib $ac_func_search_save_LIBS" + fi + if ac_fn_c_try_link "$LINENO"; then : + ac_cv_search___res_ndestroy=$ac_res +fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext + if ${ac_cv_search___res_ndestroy+:} false; then : + break +fi +done +if ${ac_cv_search___res_ndestroy+:} false; then : + +else + ac_cv_search___res_ndestroy=no +fi +rm conftest.$ac_ext +LIBS=$ac_func_search_save_LIBS +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search___res_ndestroy" >&5 +$as_echo "$ac_cv_search___res_ndestroy" >&6; } +ac_res=$ac_cv_search___res_ndestroy +if test "$ac_res" != no; then : + test "$ac_res" = "none required" || LIBS="$ac_res $LIBS" + +$as_echo "#define HAVE_RES_NDESTROY 1" >>confdefs.h + +fi + + + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for idn_free in -lidn" >&5 $as_echo_n "checking for idn_free in -lidn... " >&6; } if ${ac_cv_lib_idn_idn_free+:} false; then : @ 1.2 log @ Fix resource leakage observed when using opendmarc on NetBSD. Use res_ndestroy() instead of res_nclose() to properly cleanup resources on NetBSD (and others that use __res_ndestroy() or res_ndestroy() instead of res_nclose()). Original patch by Roy Marples. @ text @d1 1 a1 1 $NetBSD$ @ 1.1 log @detect NetBSD's res_ninit. @ text @a1 1 Search also for __res_ninit on NetBSD because of namespace protection d3 5 a7 3 --- configure.orig 2014-12-05 10:53:31.000000000 -0500 +++ configure 2014-12-05 10:54:50.000000000 -0500 @@@@ -12969,6 +12969,64 @@@@ d11 60 d129 60 @ 1.1.44.1 log @Pullup ticket #6282 - requested by oster mail/opendmarc: bugfix Revisions pulled up: - mail/opendmarc/Makefile 1.19 - mail/opendmarc/distinfo 1.7 - mail/opendmarc/patches/patch-build-config.h.in 1.1 - mail/opendmarc/patches/patch-configure 1.2 - mail/opendmarc/patches/patch-configure.ac 1.2 - mail/opendmarc/patches/patch-libopendmarc_opendmarc__dns.c 1.1 - mail/opendmarc/patches/patch-libopendmarc_opendmarc__spf__dns.c 1.1 --- Module Name: pkgsrc Committed By: oster Date: Mon Jul 27 20:41:10 UTC 2020 Modified Files: pkgsrc/mail/opendmarc: distinfo pkgsrc/mail/opendmarc/patches: patch-configure patch-configure.ac Added Files: pkgsrc/mail/opendmarc/patches: patch-build-config.h.in patch-libopendmarc_opendmarc__dns.c patch-libopendmarc_opendmarc__spf__dns.c Log Message: Fix resource leakage observed when using opendmarc on NetBSD. Use res_ndestroy() instead of res_nclose() to properly cleanup resources on NetBSD (and others that use __res_ndestroy() or res_ndestroy() instead of res_nclose()). Original patch by Roy Marples. --- Module Name: pkgsrc Committed By: oster Date: Mon Jul 27 22:28:47 UTC 2020 Modified Files: pkgsrc/mail/opendmarc: Makefile Log Message: Bump pkgrevision. Thanks, Joerg. @ text @d2 1 d4 3 a6 5 Check for res_ndestroy(), __res_init(), and __res_ndestroy(). --- configure.orig 2015-02-23 20:32:13.000000000 +0000 +++ configure @@@@ -12971,6 +12971,184 @@@@ $as_echo "#define HAVE_RES_NINIT 1" >>co a9 60 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing res_ndestroy" >&5 +$as_echo_n "checking for library containing res_ndestroy... " >&6; } +if ${ac_cv_search_res_ndestroy+:} false; then : + $as_echo_n "(cached) " >&6 +else + ac_func_search_save_LIBS=$LIBS +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +/* Override any GCC internal prototype to avoid an error. + Use char because int might match the return type of a GCC + builtin and then its argument prototype would still apply. */ +#ifdef __cplusplus +extern "C" +#endif +char res_ndestroy (); +int +main () +{ +return res_ndestroy (); + ; + return 0; +} +_ACEOF +for ac_lib in '' resolv; do + if test -z "$ac_lib"; then + ac_res="none required" + else + ac_res=-l$ac_lib + LIBS="-l$ac_lib $ac_func_search_save_LIBS" + fi + if ac_fn_c_try_link "$LINENO"; then : + ac_cv_search_res_ndestroy=$ac_res +fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext + if ${ac_cv_search_res_ndestroy+:} false; then : + break +fi +done +if ${ac_cv_search_res_ndestroy+:} false; then : + +else + ac_cv_search_res_ndestroy=no +fi +rm conftest.$ac_ext +LIBS=$ac_func_search_save_LIBS +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_res_ndestroy" >&5 +$as_echo "$ac_cv_search_res_ndestroy" >&6; } +ac_res=$ac_cv_search_res_ndestroy +if test "$ac_res" != no; then : + test "$ac_res" = "none required" || LIBS="$ac_res $LIBS" + +$as_echo "#define HAVE_RES_NDESTROY 1" >>confdefs.h + +fi + + + a67 60 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing __res_ndestroy" >&5 +$as_echo_n "checking for library containing __res_ndestroy... " >&6; } +if ${ac_cv_search___res_ndestroy+:} false; then : + $as_echo_n "(cached) " >&6 +else + ac_func_search_save_LIBS=$LIBS +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +/* Override any GCC internal prototype to avoid an error. + Use char because int might match the return type of a GCC + builtin and then its argument prototype would still apply. */ +#ifdef __cplusplus +extern "C" +#endif +char __res_ndestroy (); +int +main () +{ +return __res_ndestroy (); + ; + return 0; +} +_ACEOF +for ac_lib in '' resolv; do + if test -z "$ac_lib"; then + ac_res="none required" + else + ac_res=-l$ac_lib + LIBS="-l$ac_lib $ac_func_search_save_LIBS" + fi + if ac_fn_c_try_link "$LINENO"; then : + ac_cv_search___res_ndestroy=$ac_res +fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext + if ${ac_cv_search___res_ndestroy+:} false; then : + break +fi +done +if ${ac_cv_search___res_ndestroy+:} false; then : + +else + ac_cv_search___res_ndestroy=no +fi +rm conftest.$ac_ext +LIBS=$ac_func_search_save_LIBS +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search___res_ndestroy" >&5 +$as_echo "$ac_cv_search___res_ndestroy" >&6; } +ac_res=$ac_cv_search___res_ndestroy +if test "$ac_res" != no; then : + test "$ac_res" = "none required" || LIBS="$ac_res $LIBS" + +$as_echo "#define HAVE_RES_NDESTROY 1" >>confdefs.h + +fi + + + @