Path to this page:
Subject: CVS commit: pkgsrc/mail/opendkim
From: Fredrik Pettai
Date: 2011-02-21 01:04:22
Message id: 20110221000422.6CEE5175DD@cvs.netbsd.org
Log Message:
2.2.2 2010/11/28
Fix bug #SF2903325: Clean up numerous signed vs. unsigned warnings.
Fix bug #SF3095782: When VBR is enabled, only perform a query when
the "md" domain in the VBR-Info header field matches the
"d" field for any valid signature.
Fix bug #SF3105993: Better handling of missing records in Lua DB
lookups.
When reading keys, ensure what's being read is a regular file and
not something else.
Complain if TrustAnchorFile names something that can't be opened
for reading.
LIBOPENDKIM: Don't complain about multiple records returned if one
of them was an RRSIG.
LIBAR: Rework some I/O logic to avoid a deadlock when the nameserver
becomes unresponsive during response processing.
BUILD: Move all scripts and executables except opendkim to a bin
directory for adminstrator convenience. They were previously in
the sbin directory.
BUILD: Fix bug #SF3101842: Fix opendkim-genzone build when OpenDBX
is in use.
BUILD: opendkim-testkey can require SASL build information when used
with OpenLDAP, or Lua information when built with Lua.
BUILD: Dissociate libopendkim and libunbound, as this is now handled
through the application rather than the library.
BUILD: Convert to using git for source code management.
STATS: Additional reporting improvements.
STATS: Fix bug #SF3107659: Add additional diagnostic output to
opendkim-importstats when malformed input is found.
TOOLS: Handle input generated with and without the _FFR_STATS_I
extensions.
2.2.1 2010/10/25
Avoid assertion failures when using "-V" and arlib.
Fix "refile" loading.
Fix collision between "ReputationRoot" and \
"StatisticsName" in the
configuration file.
Convert sender's domain name to lowercase prior to doing any database
queries with it. This was done before, but lost during the
database overhaul in 1.2.0.
Fix up Authentication-Results header field generation for VBR.
Reported by Fredrik Pettai.
Add _FFR_STATS_I enabling statistics reporting of "i=" signature
properties.
LIBOPENDKIM: Fix bug #SF3081964: dkim.h requires <sys/time.h>.
LIBOPENDKIM: Fix bug #SF3087251: Use thread-safe resolver functions
when avaialble.
LIBOPENDKIM: Cancel completed reputation queries.
LIBOPENDKIM: Simplify DKIM_OPTS_ALWAYSHDRS handling.
LIBAR: Fix bug #SF3080720: Don't compute timeouts based on completed
or dead queries.
LIBVBR: Fix some pointer errors causing false negatives.
TOOLS: Write "v=" tags in key records output by opendkim-genzone.
2.2.0 2010/10/03
Feature request #SF2874043: Add _FFR_ADSP_LISTS allowing control over
action taken when mail is sent to known lists from
ADSP "discardable" sources.
Feature request #SF2964366: Allow arbitrary data set operations
from inside Lua script hooks.
Feature request #SF2981598: Add "NoHeaderB" and \
"SingleAuthResult"
settings so that only one Authentication-Results header field
is added, and reduce its variability.
Feature request #SF3013084: Add "DomainKeysCompat" setting.
Feature request #SF3017358: Allow a token in the KeyTable that gets
replaced with the sender's domain name.
Feature request #SF3019876: Enable registration and use of generic
DNS functions.
Feature request #SF3021566: Change "ADSPDiscard" to \
"ADSPAction",
allowing selection of what action to take when a message is
determined by ADSP to be "discardable".
Feature request #SF3023232: Allow selection of a signer (for the
signature's "i=" tag) when calling odkim.sign() or via an
optional second parameter in the SigningTable.
Feature request #SF3024854: Always log a warning if a key file
has unsafe group/other read/write bits set. Further, if the
new "RequireSafeKeys" setting is true, refuse to use \
the data.
Feature request #SF3030548: Add _FFR_DEFAULT_SENDER, adding the
"DefaultSender" setting.
Feature request #SF3049483: Use ReportAddress for ADSP Reports and for
the sender envelope address.
Feature request #SF3056571: Extend signer selection in the SigningTable
to include a token that will be replaced by the From:
domain.
Feature request #SF3062077: Allow the specification of additional
recipients when delivering DKIM/ADSP failure reports through
a new ReportBccAddress configuration option.
Fix bug #SF3004995: Don't apply "SenderHeaders" to the library
as that impacts how ADSP works.
Fix bug #SF3025856: Fix "AllowSHA1Only", which was not working \
at all.
Fix bug #SF3037504: Rework database schema and tools to meet revised
reporting requirements.
Fix bug #SF3051536: Allow disabling of reputation queries.
Fix bug #SF3058204: Fix numerous possible double-free() incidents in
dkimf_config_free().
Fix PeerList to work with IPv6 addresses.
Fix loop boundary check in dkimf_db_close().
Fix assertion failure in dkimf_db_get() when used with a "match \
both"
operation.
Fix "LocalADSP", which was not working at all.
Fix some Lua test mode logic and a build issue that prevented
"ScreenPolicyScript" from working.
Added MTACommand for overriding default (mainly for testing).
Ignore "Domain" and "Selector" settings if \
"KeyTable" is set.
Add "On-PolicyError" to configuration tables.
Don't automatically temp-fail messages bearing signatures that
reference revoked keys.
Some fixes to the "final" Lua script self-test code.
Include libmilter version in "-V" output.
Single-thread DB queries done via OpenDBX handles as they can't be
used to do parallel queries.
Attempt to reconnect after SQL disconnections.
Revise text/plain portion of policy reports.
Fix up DSN parsing so that it is not needlessly restrictive.
Add _FFR_STATSEXT: Allows arbitrary local extensions to statistics
gathering via a fourth Lua script that can cause the
generation of additional SQL insertion operations.
LIBOPENDKIM: Feature request #SF3026287: Add dkim_getuser() function.
LIBOPENDKIM: Feature request #SF3065035: Apply library query
configuration to ADSP lookups as well, mainly to support
auotmated testing.
LIBOPENDKIM: Fix bug #SF3071368: Fix tiny memory leak in dkim_init().
LIBOPENDKIM: Fix bug #SF3051762: Don't error out of dkim_get_key()
when in test mode by testing signature-specific features when
against dummy data.
LIBOPENDKIM: Don't build against pthread libraries if not needed.
LIBOPENDKIM: Add dkim_get_signer(), dkim_policy_state_new() and
dkim_policy_state_free().
LIBOPENDKIM: Don't assert a "g=" default when processing keys \
so that
statistics reporting can tell whether or not it was originally
there.
LIBOPENDKIM: Minor fix to internal state machine when dealing with
unsigned messages.
LIBOPENDKIM: Rename DKIM_PRESULT_AUTHOR to DKIM_PRESULT_FOUND.
LIBOPENDKIM: Improved error reporting from dkim_ohdrs().
LIBOPENDKIM: Improved re-entrancy of dkim_eoh_verify().
LIBOPENDKIM: Undefine DKIM_FEATURE_ASYNC_DNS (obsolete).
MILTERTEST: Feature request #SF3005002: Enable testing of
"unspecified" protocol family connections.
MILTERTEST: Add "-u" option to report resource usage statistics on
completion.
MILTERTEST: Add mt.signal() to allow signaling of filters for things
like configuration file reloads.
MILTERTEST: Enhance mt.connect() to accept optional retry and interval
arguments.
MILTERTEST: Add "-w" option to request no waiting for the \
child process
to exit and report status.
MILTERTEST: Allow partial seconds argument to mt.sleep().
TOOLS: Feature request #SF3004335: Add support to opendkim-testkey
to get configuration file values and validate an entire
KeyTable.
TOOLS: Update opendkim-genkeys script to support
draft-ietf-marf-dkim-reporting.
TOOLS: Flip logic of "-a" flag to opendkim-stats.
TOOLS: Fix bug #SF3037452: Change owner/group/mode of stats database
when resetting it to whatever the replaced file had.
CONTRIB: Add opendkim-reportstats, contributed by John Wood.
BUILD: Fix --with-db.
Activate _FFR_ZTAGS.
Files: