diff options
| author |   Daniel Black <dragonheart@gentoo.org> | 2010-01-21 01:53:35 +0000 |
|---|---|---|
| committer | Daniel Black <dragonheart@gentoo.org> | 2010-01-21 01:53:35 +0000 |
| commit | a7f2cd8ca47e6f7f963fbedd7d573f61b3c8aae9 (patch) | |
| tree | e480d82b0638cb313bc25a718dbda5943fcec52d /mail-filter/opendkim | |
| parent | Keyword ~amd64-linux/~x86-linux (diff) | |
| download | gentoo-2-a7f2cd8ca47e6f7f963fbedd7d573f61b3c8aae9.tar.gz gentoo-2-a7f2cd8ca47e6f7f963fbedd7d573f61b3c8aae9.tar.bz2 gentoo-2-a7f2cd8ca47e6f7f963fbedd7d573f61b3c8aae9.zip | |
fix buffer overflow error as per bug #301499. Thanks Tilman Giese. Thanks Murray for the patch. Added dnssec support.
(Portage version: 2.2_rc61/cvs/Linux x86_64)
Diffstat (limited to 'mail-filter/opendkim')
| -rw-r--r-- | mail-filter/opendkim/ChangeLog | 10 | ||||
| -rw-r--r-- | mail-filter/opendkim/files/opendkim-1.2.2-repcalc.patch | 31 | ||||
| -rw-r--r-- | mail-filter/opendkim/metadata.xml | 2 | ||||
| -rw-r--r-- | mail-filter/opendkim/opendkim-1.2.2-r1.ebuild (renamed from mail-filter/opendkim/opendkim-1.2.1.ebuild) | 23 | ||||
| -rw-r--r-- | mail-filter/opendkim/opendkim-1.2.2.ebuild | 152 |
5 files changed, 59 insertions, 159 deletions
diff --git a/mail-filter/opendkim/ChangeLog b/mail-filter/opendkim/ChangeLog index 935ef631c0bd..d7a891e17d55 100644 --- a/mail-filter/opendkim/ChangeLog +++ b/mail-filter/opendkim/ChangeLog @@ -1,6 +1,14 @@ # ChangeLog for mail-filter/opendkim # Copyright 1999-2010 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/mail-filter/opendkim/ChangeLog,v 1.6 2010/01/20 05:28:37 dragonheart Exp $ +# $Header: /var/cvsroot/gentoo-x86/mail-filter/opendkim/ChangeLog,v 1.7 2010/01/21 01:53:34 dragonheart Exp $ + +*opendkim-1.2.2-r1 (21 Jan 2010) + + 21 Jan 2010; Daniel Black <dragonheart@gentoo.org> -opendkim-1.2.1.ebuild, + -opendkim-1.2.2.ebuild, +opendkim-1.2.2-r1.ebuild, + +files/opendkim-1.2.2-repcalc.patch, metadata.xml: + fix buffer overflow error as per bug #301499. Thanks Tilman Giese. Thanks + Murray for the patch. Added dnssec support. *opendkim-1.2.2 (20 Jan 2010) diff --git a/mail-filter/opendkim/files/opendkim-1.2.2-repcalc.patch b/mail-filter/opendkim/files/opendkim-1.2.2-repcalc.patch new file mode 100644 index 000000000000..ee663e6bdffa --- /dev/null +++ b/mail-filter/opendkim/files/opendkim-1.2.2-repcalc.patch @@ -0,0 +1,31 @@ +Index: dkim-rep.c
+===================================================================
+RCS file: /cvsroot/opendkim/libopendkim/dkim-rep.c,v
+retrieving revision 1.6
+retrieving revision 1.6.4.1
+diff -u -r1.6 -r1.6.4.1
+--- dkim-rep.c 22 Nov 2009 08:15:50 -0000 1.6
++++ dkim-rep.c 20 Jan 2010 21:59:36 -0000 1.6.4.1
+@@ -4,11 +4,11 @@
+ **
+ ** Copyright (c) 2009, The OpenDKIM Project. All rights reserved.
+ **
+-** $Id: opendkim-1.2.2-repcalc.patch,v 1.1 2010/01/21 01:53:35 dragonheart Exp $
++** $Id: opendkim-1.2.2-repcalc.patch,v 1.1 2010/01/21 01:53:35 dragonheart Exp $
+ */
+
+ #ifndef lint
+-static char dkim_rep_c_id[] = "@(#)$Id: opendkim-1.2.2-repcalc.patch,v 1.1 2010/01/21 01:53:35 dragonheart Exp $";
++static char dkim_rep_c_id[] = "@(#)$Id: opendkim-1.2.2-repcalc.patch,v 1.1 2010/01/21 01:53:35 dragonheart Exp $";
+ #endif /* !lint */
+
+ #include "build-config.h"
+@@ -87,7 +87,7 @@
+ snprintf((char *) cvt, len, "%02x", digest[c]);
+ cvt += 2;
+ out += 2;
+- len -= out;
++ len -= 2;
+ }
+
+ return out;
diff --git a/mail-filter/opendkim/metadata.xml b/mail-filter/opendkim/metadata.xml index 2073d216d835..6451a00c2a66 100644 --- a/mail-filter/opendkim/metadata.xml +++ b/mail-filter/opendkim/metadata.xml @@ -15,6 +15,8 @@ using the DKIM standard. This is a fork of Sendmail's DKIM-milter</longdescripti original and the received headers to look for possible munging</flag> <flag name='asyncdns'>Use inbuilt asynchronous DNS library for queries</flag> + <flag name='unbound'>Use the unbound dnssec libary to perform DKIM DNS + queries.</flag> <flag name='multiplesigs'>Allow addition of multiple signatures when key lists are in use.</flag> <flag name='opendbx'>Use opendbx backend to faciliate dataset driven diff --git a/mail-filter/opendkim/opendkim-1.2.1.ebuild b/mail-filter/opendkim/opendkim-1.2.2-r1.ebuild index 7e329dac0c42..6a52b245ee65 100644 --- a/mail-filter/opendkim/opendkim-1.2.1.ebuild +++ b/mail-filter/opendkim/opendkim-1.2.2-r1.ebuild @@ -1,6 +1,6 @@ # Copyright 1999-2010 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/mail-filter/opendkim/opendkim-1.2.1.ebuild,v 1.1 2010/01/08 13:12:45 dragonheart Exp $ +# $Header: /var/cvsroot/gentoo-x86/mail-filter/opendkim/opendkim-1.2.2-r1.ebuild,v 1.1 2010/01/21 01:53:34 dragonheart Exp $ EAPI="2" @@ -13,15 +13,15 @@ SRC_URI="mirror://sourceforge/opendkim/${P}.tar.gz" LICENSE="Sendmail-Open-Source BSD" SLOT="0" KEYWORDS="~amd64 ~x86" -IUSE="+db asyncdns opendbx" +IUSE="+db asyncdns opendbx unbound" -# FUTURE: unbound (dnssec lib) - bug #223103 # FUTURE: diffheaders (libtre error) - bug #296813 DEPEND="dev-libs/openssl db? ( >=sys-libs/db-3.2 ) || ( mail-filter/libmilter mail-mta/sendmail ) - opendbx? ( >=dev-db/opendbx-1.4.0 )" + opendbx? ( >=dev-db/opendbx-1.4.0 ) + unbound? ( >=net-dns/unbound-1.4.1 )" # diffheaders? ( dev-libs/tre ) RDEPEND="${DEPEND}" @@ -37,17 +37,28 @@ src_prepare() { sed -i -e 's:/var/db/dkim:/etc/opendkim:g' \ -e 's:/etc/mail:/etc/opendkim:g' \ opendkim/opendkim.conf.sample + cd "${S}"/libopendkim + epatch "${FILESDIR}"/${P}-repcalc.patch } src_configure() { + local conf + if use asyncdns ; then + if use unbound; then + conf=$(use_with unbound) + else + conf="$(use_enable asyncdns arlib) $(use_enable asyncdns dnsupgrade)" + fi + else + conf="$(use_with unbound) $(use_enable asyncdns arlib) $(use_enable asyncdns dnsupgrade)" + fi econf $(use_enable db bodylength_db) \ $(use_enable db popauth) \ $(use_enable db query_cache) \ $(use_enable db report_intervals) \ $(use_enable db stats) \ - $(use_enable asyncdns arlib) \ - $(use_enable asyncdns dnsupgrade) \ $(use_with opendbx odbx) \ + ${conf} \ --without-domainkeys \ --enable-capture_unknown_errors \ --enable-dkim_reputation \ diff --git a/mail-filter/opendkim/opendkim-1.2.2.ebuild b/mail-filter/opendkim/opendkim-1.2.2.ebuild deleted file mode 100644 index c6379fc09ae6..000000000000 --- a/mail-filter/opendkim/opendkim-1.2.2.ebuild +++ /dev/null @@ -1,152 +0,0 @@ -# Copyright 1999-2010 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/mail-filter/opendkim/opendkim-1.2.2.ebuild,v 1.1 2010/01/20 05:28:37 dragonheart Exp $ - -EAPI="2" - -inherit eutils - -DESCRIPTION="A milter-based application to provide DKIM signing and verification" -HOMEPAGE="http://opendkim.org" -SRC_URI="mirror://sourceforge/opendkim/${P}.tar.gz" - -LICENSE="Sendmail-Open-Source BSD" -SLOT="0" -KEYWORDS="~amd64 ~x86" -IUSE="+db asyncdns opendbx" - -# FUTURE: unbound (dnssec lib) - bug #223103 -# FUTURE: diffheaders (libtre error) - bug #296813 - -DEPEND="dev-libs/openssl - db? ( >=sys-libs/db-3.2 ) - || ( mail-filter/libmilter mail-mta/sendmail ) - opendbx? ( >=dev-db/opendbx-1.4.0 )" -# diffheaders? ( dev-libs/tre ) -RDEPEND="${DEPEND}" - -pkg_setup() { - enewgroup milter - # mail-milter/spamass-milter creates milter user with this home directory - # For consistency reasons, milter user must be created here with this home directory - # even though this package doesn't need a home directory for this user (#280571) - enewuser milter -1 -1 /var/lib/milter milter -} - -src_prepare() { - sed -i -e 's:/var/db/dkim:/etc/opendkim:g' \ - -e 's:/etc/mail:/etc/opendkim:g' \ - opendkim/opendkim.conf.sample -} - -src_configure() { - econf $(use_enable db bodylength_db) \ - $(use_enable db popauth) \ - $(use_enable db query_cache) \ - $(use_enable db report_intervals) \ - $(use_enable db stats) \ - $(use_enable asyncdns arlib) \ - $(use_enable asyncdns dnsupgrade) \ - $(use_with opendbx odbx) \ - --without-domainkeys \ - --enable-capture_unknown_errors \ - --enable-dkim_reputation \ - --enable-identity_header \ - --enable-redirect \ - --enable-resign \ - --enable-replace_rules \ - --enable-select_canonicalization \ - --enable-selector_header \ - --enable-sender_macro \ - --enable-vbr \ - --enable-ztags -# $(use_enable diffheaders) \ -} - -src_install() { - emake DESTDIR="${D}" install - # file collision - rm "${D}"/usr/share/man/man3/ar.3 - mv "${D}"/usr/share/doc/opendkim "${D}"/usr/share/doc/${PF} - - newinitd "${FILESDIR}/opendkim.init" opendkim - dodir /etc/opendkim /var/run/opendkim /var/lib/opendkim - fowners milter:milter /var/run/opendkim /etc/opendkim /var/lib/opendkim - - # default configuration - if [ ! -f /etc/opendkim/opendkim.conf ]; then - grep ^[^#] "${S}"/opendkim/opendkim.conf.sample \ - > "${D}"/etc/opendkim/opendkim.conf - echo \# Socket local:/var/run/opendkim/opendkim.sock >> \ - "${D}"/etc/opendkim/opendkim.conf - echo UserID milter >> "${D}"/etc/opendkim/opendkim.conf - if use db; then - echo Statistics /var/lib/opendkim/stats.db >> \ - "${D}"/etc/opendkim/opendkim.conf - fi - fi -} - -pkg_postinst() { - elog "If you want to sign your mail messages, you will have to run" - elog " emerge --config ${CATEGORY}/${PN}" - elog "It will help you create your key and give you hints on how" - elog "to configure your DNS and MTA." - - ewarn "Make sure your MTA has r/w access to the socket file." - ewarn "This can be done either by setting UMask to 002 and adding MTA's user" - ewarn "to milter group or you can simply set UMask to 000." -} - -pkg_config() { - local selector keysize pubkey - - read -p "Enter the selector name (default ${HOSTNAME}): " selector - [[ -n "${selector}" ]] || selector=${HOSTNAME} - if [[ -z "${selector}" ]]; then - eerror "Oddly enough, you don't have a HOSTNAME." - return 1 - fi - if [[ -f "${ROOT}"etc/opendkim/${selector}.private ]]; then - ewarn "The private key for this selector already exists." - else - einfo "Select the size of private key:" - einfo " [1] 512 bits" - einfo " [2] 1024 bits" - while read -n 1 -s -p " Press 1 or 2 on the keyboard to select the key size " keysize ; do - [[ "${keysize}" == "1" || "${keysize}" == "2" ]] && echo && break - done - case ${keysize} in - 1) keysize=512 ;; - *) keysize=1024 ;; - esac - - # generate the private and public keys - opendkim-genkey.sh -b ${keysize} -D "${ROOT}"etc/opendkim/ \ - -s ${selector} -d '(your domain)' && \ - chown milter:milter \ - "${ROOT}"etc/opendkim/"${selector}".private || \ - { eerror "Failed to create private and public keys." ; return 1; } - chmod go-r "${ROOT}"etc/opendkim/"${selector}".private - fi - - # opendkim selector configuration - echo - einfo "Make sure you have the following settings in your /etc/opendkim/opendkim.conf:" - einfo " Keyfile /etc/opendkim/${selector}.private" - einfo " Selector ${selector}" - - # MTA configuration - echo - einfo "If you are using Postfix, add following lines to your main.cf:" - einfo " smtpd_milters = unix:/var/run/opendkim/opendkim.sock" - einfo " non_smtpd_milters = unix:/var/run/opendkim/opendkim.sock" - - # DNS configuration - einfo "After you configured your MTA, publish your key by adding this TXT record to your domain:" - cat "${ROOT}"etc/opendkim/${selector}.txt - einfo "t=y signifies you only test the DKIM on your domain. See following page for the complete list of tags:" - einfo " http://www.dkim.org/specs/rfc4871-dkimbase.html#key-text" - einfo - einfo "Also look at the ADSP http://tools.ietf.org/html/rfc5617" -} |