/dk-milter, Open source DomainKeys filter software from Sendmail, Inc
1.0.2nb1, Package name:
dk-milter-1.0.2nb1, Maintainer: pkgsrc-users
dk-milter consists of two parts: A milter-based application
(dk-filter) which plugs in to Sendmail to provide DomainKeys
service, and a library (libdk) which can be used to build
DomainKeys-compliant applications or MTAs.
Required to build:
] Package options
: arlib, inet6
Master sites: SHA1:
Version history: (Expand)
- (2016-03-05) Updated to version: dk-milter-1.0.2nb1
- (2015-03-15) Updated to version: dk-milter-1.0.2
- (2014-02-12) Updated to version: dk-milter-0.3.0nb7
- (2013-02-12) Updated to version: dk-milter-0.3.0nb6
- (2011-12-19) Updated to version: dk-milter-0.3.0nb5
- (2010-01-17) Updated to version: dk-milter-0.3.0nb4
CVS history: (Expand)
| 2016-03-05 12:29:49 by Jonathan Perkin | Files touched by this commit (1813) | |
Bump PKGREVISION for security/openssl ABI bump.
| 2015-11-04 00:27:24 by Alistair G. Crooks | Files touched by this commit (312) |
Add SHA512 digests for distfiles for mail category
Problems found locating distfiles:
Package mutt: missing distfile patch-1.5.24.rr.compressed.gz
Package p5-Email-Valid: missing distfile Email-Valid-1.198.tar.gz
Package pine: missing distfile fancy.patch.gz
Package postgrey: missing distfile targrey-0.31-postgrey-1.34.patch
Package qmail: missing distfile badrcptto.patch
Package qmail: missing distfile outgoingip.patch
Package qmail: missing distfile qmail-1.03-realrcptto-2006.12.10.patch
Package qmail: missing distfile qmail-smtpd-viruscan-1.3.patch
Package thunderbird24: missing distfile enigmail-1.7.2.tar.gz
Package thunderbird31: missing distfile enigmail-1.7.2.tar.gz
Otherwise, existing SHA1 digests verified and found to be the same on
the machine holding the existing distfiles (morden). All existing
SHA1 digests retained for now as an audit trail.
| 2015-03-15 16:28:58 by Makoto Fujiwara | Files touched by this commit (11) | |
Update 0.3 to 1.02
DK-MILTER RELEASE NOTES
This listing shows the versions of the dk-milter package, the date of
release, and a summary of the changes in that release.
Bug and feature request (RFE) numbers that start with "SF" were logged
via Sourceforge (http://www.sourceforge.net) trackers. Those not so labelled
were logged internally at Sendmail, Inc.
LIBDK: Fix bug in error message generation which could cause
crashes with very large error messages. Code copied
Set up required callbacks for OpenSSL thread-safety. Code copied
LIBDK: Fix bug in relaxed canonicalization mode when dealing with
very large input lines with cached blank lines.
Problem reported by Mark Martinec.
Use the current Authentication-Results: format (the -13 draft).
Patch from S. Moonesamy of Eland Systems.
Add improved mlfi_negotiate() function code, copied from dkim-milter,
which does things like symbol requesting and more intelligent
option negotiation. Patch from S. Moonesamy of Eland Systems.
Add hash buffering, copied from libdkim. Patch from S. Moonesamy
of Eland Systems.
Fix bug #SF1736559: in_addr_t is not universal. Problem reported
by Terry White.
Fix bug #SF1763715: Fix string management in mlfi_eoh() with respect
to mctx_domain, which could be left pointing to garbage when
using domain wildcarding. Problem noted by Ronald Huizer.
LIBDK: Copy the library options structure from libdkim.
LIBDK: Add dk_close().
LIBDK: Feature request #SF1872270: Rename parameters called "new"
in dk.h so that C++ compilers don't complain. Requested
by Paul Macintosh.
LIBAR: Eliminate a possible race condition in ar_dispatcher().
LIBAR: Timeouts passed to select() can't be bigger than 10^8.
Problem noted by S. Moonesamy of Eland Systems.
LIBAR: Fix bug #SF1852618: Handle default case of no "nameserver"
lines in /etc/resolv.conf. Problem noted by Mike Markley
of Bank of America.
LIBAR: Plug descriptor and memory leaks in ar_shutdown().
BUILD: Copy the unit test structure from libdkim and add a few basic
Fix bug #SF1728696: Repair message corruption occurring when a
message body spams multiple milter writes. Reported
by Eric Singer.
Patch #SF1705006: Fix X-header malformation.
LIBAR: Fix bug #SF1537457: Add proper support for IPv6 nameservers.
Reported by Mark Martinec.
BUILD: Copy the consolidated build system from the dkim-milter
Activate the following FFRs:
Copy several enhancements from the latest dkim-milter update:
o Support for 8.14 (milter v2) and the leading space patch from
o Fixes/enhancements under POPAUTH.
o Pass the correct length variable to RSA_sign() so that
the value returned is sane on 64-bit platforms.
o Feature request #SF1497801: _FFR_QUARANTINE
Fix bug #SF1541450: Correct header selection in dk_hdrsigned().
Reported by Mark Martinec.
LIBDK: Fix bug #SF1537918: Add dk_geterror() to retrieve additional
diagnostic data from the API when a function call returns
DK_STAT_INTERNAL or something else whose cause isn't
readily apparent. Copied from libdkim.
LIBAR: Block signals that should be caught and handled elsewhere,
such as in libmilter.
Fix bug #SF1509093, SF1611082: Set group ID as well as user ID when
"-u" is used on the command line. Patch from Vincent
Fix bug #SF1514447: Re-query for the job ID in mlfi_eom() to
accomodate postfix's milter implementation. Copied from
dkim-filter; requested by Jakob Schlyter.
Fix bug #SF1541439: Fix mis-canonicalization of skipped headers
in "nofws" mode. Reported by Mark Martinec.
Fix bug #SF1541789: Stop spurious syntax errors on unsigned messages.
Problem reported by S. Moonesamy of Eland Systems.
LIBDK: Properly handle key and policy records that don't have
whitespace after semicolons.
LIBDK: In dk_eom(), return DK_STAT_SYNTAX if dk_skipbody is set.
Failing to do so means a message with a signature header
below which there is no sender header will report a bogus
success status. Problem noted by Lennert Buytenhek.
Remove spurious CRLFs injected into canonicalization when multiple
body chunks arrive from the MTA. Patch from Suzuki Takahiko
of Internet Initiative Japan, Inc.
If _FFR_REPORTINFO is enabled, don't call dkf_report() if no DomainKeys
context was ever created for a message.
Simplify dk_sterilize() a little, and handle failures from it.
Problem reported by Fredrik Pettai.
RFC2822 doesn't require any recipient headers, so remove those checks
Fix bug #SF1485119: Canonicalize in the correct order when not using
"-H" on the command line. Problem noted by S. Moonesamy of
Activate _FFR_MACRO_LIST and _FFR_EXTERNAL_IGNORE_LIST.
LIBDK: New flag DK_OPTS_HDRLIST for dk_options().
If _FFR_REPORTINFO is enabled, send reports on all failures, not just
those which aren't in test mode.
Ignore unknown tags in keys and policies, rather than returning an
LIBDK: Return an error if the signing function returned success but
also reported a zero-length signature. Reported by
S. Moonesamy of Eland Systems.
LIBAR: Add a timeout to the I/O wait so that retransmissions
actually get done while waiting for activity.
Fix test mode check at the end of mlfi_eom(), which was overriding
any configuration settings from the command line.
Reported by Arkadi Poliakevitch of Invidi Technologies.
Copy the value of -C before parsing it so the output of "ps" doesn't
get munged. Reported by Arkadi Poliakevitch of Invidi
Fix "-o", which wasn't actually working at all. Reported by Ben
Add _FFR_LOG_SSL_ERRORS which sends to syslog errors reported by
the OpenSSL libraries.
Patch a small but definite memory leak. Reported by Ray Krebs
Tolerate "b=" in signature headers at places other than the end
of the signature (and, in fact, other things at the end
of the signature). Reported by Jason Long. (Bug SF1234164)
Don't reject or report about messages which fail verification
when the sending domain advertises that it's in test mode.
Patch from Adrian Havill.
Fixes to POPAUTH compilation from S. Moonesamy of Eland Systems.
Allow "-d" to specify a list from which domains should be read,
and allow wildcarding in domain names. Requested by
Ray Krebs of eBay. (Feature request SF1312453)
Add "-o" command line option to allow certain headers to be omitted
from signing operations. Suggested by Ben Lentz.
(Feature request SF1314350)
LIBAR: Fix a build issue introduced in the last release.
| 2014-03-11 15:05:19 by Jonathan Perkin | Files touched by this commit (350) |
Remove example rc.d scripts from PLISTs.
These are now handled dynamically if INIT_SYSTEM is set to "rc.d", or
| 2014-02-13 00:18:57 by Matthias Scheler | Files touched by this commit (1568) |
Recursive PKGREVISION bump for OpenSSL API version bump.
| 2013-04-06 23:07:37 by Blue Rats | Files touched by this commit (38) |
"Each sed command should appear in an assignment of its own."
| 2013-02-07 00:24:19 by Jonathan Perkin | Files touched by this commit (1351) | |
PKGREVISION bumps for the security/openssl 1.0.1d update.
| 2012-10-08 14:19:35 by Aleksej Saushev | Files touched by this commit (307) |
Drop PKG_DESTDIR_SUPPORT setting, "user-destdir" is default these days.