From fe95b2125cad07d59cffa0d6813b895820cf0d54 Mon Sep 17 00:00:00 2001 From: stevejenkins Date: Mon, 11 Apr 2016 10:59:57 -0700 Subject: [PATCH 1/2] Adding support for various SF ticket patches --- PATCHES/opendmarc.ticket115.patch | 15 +++++++++++ PATCHES/opendmarc.ticket131.patch | 13 +++++++++ PATCHES/opendmarc.ticket138.patch | 45 +++++++++++++++++++++++++++++++ PATCHES/opendmarc.ticket139.patch | 21 +++++++++++++++ SPECS/opendmarc.spec | 32 +++++++++++++++++++--- 5 files changed, 122 insertions(+), 4 deletions(-) create mode 100644 PATCHES/opendmarc.ticket115.patch create mode 100644 PATCHES/opendmarc.ticket131.patch create mode 100644 PATCHES/opendmarc.ticket138.patch create mode 100644 PATCHES/opendmarc.ticket139.patch diff --git a/PATCHES/opendmarc.ticket115.patch b/PATCHES/opendmarc.ticket115.patch new file mode 100644 index 0000000..8a69a21 --- /dev/null +++ b/PATCHES/opendmarc.ticket115.patch @@ -0,0 +1,15 @@ +Patch thanks to Sebastian A. Siewior + +Index: opendmarc-1.3.1+dfsg/libopendmarc/opendmarc_dns.c +=================================================================== +--- opendmarc-1.3.1+dfsg.orig/libopendmarc/opendmarc_dns.c 2015-02-23 15:31:51.000000000 -0500 ++++ opendmarc-1.3.1+dfsg/libopendmarc/opendmarc_dns.c 2015-02-25 17:59:28.302473233 -0500 +@@ -217,7 +217,7 @@ + _res.options |= RES_USE_DNSSEC; + #endif + (void) opendmarc_policy_library_dns_hook(&_res.nscount, +- &_res.nsaddr_list); ++ _res.nsaddr_list); + answer_len = res_query(bp, C_IN, T_TXT, answer_buf, sizeof answer_buf); + #endif /* HAVE_RES_NINIT */ + if (answer_len < 0) diff --git a/PATCHES/opendmarc.ticket131.patch b/PATCHES/opendmarc.ticket131.patch new file mode 100644 index 0000000..4db00b0 --- /dev/null +++ b/PATCHES/opendmarc.ticket131.patch @@ -0,0 +1,13 @@ +Index: opendmarc-1.3.1/libopendmarc/opendmarc_policy.c +=================================================================== +--- opendmarc-1.3.1.orig/libopendmarc/opendmarc_policy.c ++++ opendmarc-1.3.1/libopendmarc/opendmarc_policy.c +@@ -495,7 +495,7 @@ opendmarc_policy_store_dkim(DMARC_POLICY + * If so and if we have not already found + * a best match, make this the temporary best match. + */ +- if (opendmarc_policy_check_alignment(dp, pctx->from_domain, pctx->adkim)) ++ if (opendmarc_policy_check_alignment(dp, pctx->from_domain, pctx->adkim) == 0) + { + if (pctx->dkim_domain != NULL) + { diff --git a/PATCHES/opendmarc.ticket138.patch b/PATCHES/opendmarc.ticket138.patch new file mode 100644 index 0000000..5b410cb --- /dev/null +++ b/PATCHES/opendmarc.ticket138.patch @@ -0,0 +1,45 @@ +Index: opendmarc-code/opendmarc/opendmarc-config.h +=================================================================== +--- opendmarc-code.orig/opendmarc/opendmarc-config.h 2015-06-29 09:50:43.247001227 -0300 ++++ opendmarc-code/opendmarc/opendmarc-config.h 2015-06-29 09:59:37.092292267 -0300 +@@ -32,6 +32,7 @@ + { "FailureReportsOnNone", CONFIG_TYPE_BOOLEAN, FALSE }, + { "FailureReportsSentBy", CONFIG_TYPE_STRING, FALSE }, + { "HistoryFile", CONFIG_TYPE_STRING, FALSE }, ++ { "HoldQuarantinedMessages", CONFIG_TYPE_BOOLEAN, FALSE }, + { "IgnoreAuthenticatedClients", CONFIG_TYPE_BOOLEAN, FALSE }, + { "IgnoreHosts", CONFIG_TYPE_STRING, FALSE }, + { "IgnoreMailFrom", CONFIG_TYPE_STRING, FALSE }, +Index: opendmarc-code/opendmarc/opendmarc.c +=================================================================== +--- opendmarc-code.orig/opendmarc/opendmarc.c 2015-06-29 09:50:43.247001227 -0300 ++++ opendmarc-code/opendmarc/opendmarc.c 2015-06-29 09:58:41.148988316 -0300 +@@ -156,6 +156,7 @@ + _Bool conf_spfselfvalidate; + #endif /* WITH_SPF */ + _Bool conf_ignoreauthclients; ++ _Bool conf_holdquarantinedmessages; + unsigned int conf_refcnt; + unsigned int conf_dnstimeout; + struct config * conf_data; +@@ -1285,6 +1286,10 @@ + &conf->conf_recordall, + sizeof conf->conf_recordall); + ++ (void) config_get(data, "HoldQuarantinedMessages", ++ &conf->conf_holdquarantinedmessages, ++ sizeof conf->conf_holdquarantinedmessages); ++ + (void) config_get(data, "IgnoreAuthenticatedClients", + &conf->conf_ignoreauthclients, + sizeof conf->conf_ignoreauthclients); +@@ -2971,7 +2976,8 @@ + case DMARC_POLICY_QUARANTINE: /* Explicit quarantine */ + aresult = "fail"; + +- if (conf->conf_rejectfail && random() % 100 < pct) ++ if (conf->conf_rejectfail && conf->conf_holdquarantinedmessages && ++ random() % 100 < pct) + { + snprintf(replybuf, sizeof replybuf, + "quarantined by DMARC policy for %s", diff --git a/PATCHES/opendmarc.ticket139.patch b/PATCHES/opendmarc.ticket139.patch new file mode 100644 index 0000000..50ef182 --- /dev/null +++ b/PATCHES/opendmarc.ticket139.patch @@ -0,0 +1,21 @@ +Description: add rDNS to FailureReport Source-IP field + as suggested on dmarc-discuss +URL: http://lists.dmarc.org/pipermail/dmarc-discuss/2015-September/003237.html +Author: A. Schulze +--- +This patch header follows DEP-3: http://dep.debian.net/deps/dep3/ +Index: opendmarc-1.3.1/opendmarc/opendmarc.c +=================================================================== +--- opendmarc-1.3.1.orig/opendmarc/opendmarc.c ++++ opendmarc-1.3.1/opendmarc/opendmarc.c +@@ -2865,8 +2865,8 @@ mlfi_eom(SMFICTX *ctx) + dfc->mctx_envfrom); + + dmarcf_dstring_printf(dfc->mctx_afrf, +- "Source-IP: %s\n", +- cc->cctx_ipstr); ++ "Source-IP: %s (%s)\n", ++ cc->cctx_ipstr, cc->cctx_host); + + dmarcf_dstring_printf(dfc->mctx_afrf, + "Reported-Domain: %s\n\n", diff --git a/SPECS/opendmarc.spec b/SPECS/opendmarc.spec index b2d5c6c..fd927b7 100644 --- a/SPECS/opendmarc.spec +++ b/SPECS/opendmarc.spec @@ -5,7 +5,7 @@ Summary: A Domain-based Message Authentication, Reporting & Conformance (DMARC) milter and library Name: opendmarc Version: 1.3.1 -Release: 13%{?dist} +Release: 16%{?dist} Group: System Environment/Daemons License: BSD and Sendmail URL: http://www.trusteddomain.org/%{name}.html @@ -36,7 +36,17 @@ Requires(post): policycoreutils BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) -# Patch0: %{name}.patchname.patch +# https://sourceforge.net/p/opendmarc/tickets/115/ +Patch0: %{name}.ticket115.patch + +# https://sourceforge.net/p/opendmarc/tickets/131/ +Patch1: %{name}.ticket131.patch + +# https://sourceforge.net/p/opendmarc/tickets/138/ +Patch2: %{name}.ticket138.patch + +# https://sourceforge.net/p/opendmarc/tickets/139/ +Patch3: %{name}.ticket139.patch %description %{upname} (Domain-based Message Authentication, Reporting & Conformance) @@ -68,11 +78,16 @@ required for developing applications against libopendmarc. %prep %setup -q %if %systemd -# Apply systemd patches +# Apply systemd-only patches #%patch0 -p1 %else -# Apply SysV patches +# Apply SysV-only patches #%patch0 -p1 +# Apply Global patches +%patch0 -p1 +%patch1 -p1 +%patch2 -p1 +%patch3 -p1 %endif %build @@ -233,6 +248,15 @@ exit 0 %{_libdir}/*.so %changelog +* Mon Apr 11 2016 Steve Jenkins - 1.3.1-16 +- Added patches for SourceForge tickets 115, 131, 138, 139 + +* Thu Feb 04 2016 Fedora Release Engineering - 1.3.1-15 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild + +* Wed Jun 17 2015 Fedora Release Engineering - 1.3.1-14 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild + * Wed Apr 29 2015 Steve Jenkins - 1.3.1-13 - Replaced various commands with rpm macros - Included support for systemd macros (#1216881) From c92c873bd3a839f2fa93a47f45cd0f5c0f8c9deb Mon Sep 17 00:00:00 2001 From: stevejenkins Date: Mon, 11 Apr 2016 11:02:49 -0700 Subject: [PATCH 2/2] Updating README --- README.md | 2 -- 1 file changed, 2 deletions(-) diff --git a/README.md b/README.md index 91a69ef..9ed5911 100644 --- a/README.md +++ b/README.md @@ -8,8 +8,6 @@ This git repo contains: **CONTRIBUTORS:** Please do pull requests in the "develop" branch only. The "master" branch is just for release versions. Thanks! -For the SystemV-compatible version of this repo, visit http://github.com/stevejenkins/OpenDMARC-SysV/ - For official source code and documentation, please visit http://www.trusteddomain.org/opendmarc/ Find/follow/friend me at: