Close the configuration file after reading it, plugging a
descriptor leak.
Release memory associated with old configuration nodes (i.e. strings)
as well as the nodes themselves.
Connect the configuration handle to its allocated data so cleanup can
actually be thorough.
Fix an error message reported inside _FFR_REPLACE_RULES.
Plug a memory leak in mlfi_header() tripped when errors occur.
Since ADSP has not yet been registered by IANA, adjust its method
label in Authentication-Results accordingly.
Include selector, domain and other text if possible when logging
key retrieval failures.
Add _FFR_SENDER_HEADERS, allowing user control over which header
fields are used to make the sign/verify decision and
perform key selection.
LIBDKIM: Initialize canon_lastchar in dkim_add_canon().
LIBDKIM: Clean up any compiled regular expressions in dkim_close().
LIBDKIM: Fix some type-related compiler warnings.
2.8.2 2009/02/17
Request a signature with an "i=" tag if signing for subdomains and
a keylist entry matches. Previously this only occurred when
using an explicit domain list. Problem noted by
S. Moonesamy of Eland Systems.
Fixes in and around dkim_socket_cleanup(). Problem noted by
S. Moonesamy of Eland Systems.
LIBDKIM: When logging a d2i_PUBKEY_bio() or EVP_PKEY_get1_RSA()
failure, also log the selector and domain involved so manual
diagnostics are possible.
LIBDKIM/LIBAR: Feature request #SF2380508: Add new test for
WITHOUT_LIBSM which removes references to libsm's sm_strl*()
functions, so that libdkim and libar can stand on their own
on systems which provide the strl*() functions. Requested by
Frederik Pettai.
LIBDKIM: Report DKIM_STAT_NOSIG if the caller commands that all
signatures should be ignored.
LIBDKIM: Plug a memory leak caused when responding to a malloc()
failure.
LIBDKIM: New signature error code DKIM_SIGERROR_KEYDECODE, used if
d2i_PUBKEY_BIO() or EVP_PKEY_get1_RSA fails in
dkim_sig_process().
LIBAR: Make reference to the "_res" structure more thread-safe.
BUILD: Make use of conf_dkim_filter_ENVDEF since site.config.m4.dist
refers to it. Problem noted by S. Moonesamy of Eland Systems.
2.8.1 2009/01/16
LIBDKIM: Fix bug #SF2508602: Add a translation string for
DKIM_SIGERROR_KEYREVOKED and fix dkim_eom_verify() so it
returns DKIM_STAT_REVOKED when appropriate. Problem noted
by Mike Markley of Bank of America.
2.8.0 2009/01/08
Add configuration option "EnableCoredumps" which makes an explicit
kernel request for cores on crashes. Currently only meaningful
on Linux.
Add configuration option "AuthServID" which sets the "authserv-id"
token to use when generating Authentication-Results header
fields.
Report "fail" instead of "hardfail" on authentication failures,
in compliance with the Authentication-Results: draft.
Add _FFR_REPORT_INTERVALS, experimental support for the "ri" tag
extension to DKIM policy and key records for specifying
reporting intervals.
Feature request #SF1985886: Add _FFR_MULTIPLE_SIGNATURES, allowing
one instance of the filter to add multiple signatures.
Suggested by Dave Crocker.
Add "TemporaryDirectory" configuration file option for requesting that
libdkim use an alternate directory for creating temporary
files, and "KeepTemporaryFiles" for requesting that libdkim
not delete those files for debugging purposes.
Add optional support for the "unbound" asynchronous resolver
library as it is DNSSEC-aware. Adds four new configuration
file items: "BogusKey", "BogusPolicy", "InsecureKey" and
"InsecurePolicy". Also add dkim_sig_getdnssec()
and dkim_policy_getdnssec() to libdkim so callers can tell
what the DNSSEC evaluation result was for each query.
Based on a patch from John Dickinson.
Add "BaseDirectory" configuration file option for specifying
the desired current directory of the process.
Make use of the key and policy "rs" tag, if present, when doing
SMTP rejections.
Use MTA macro "$j" as the hostname in generated reports instead of
the output of gethostname() since on some systems the latter
may not be fully-qualified.
Remove ANTICIPATE_SENDMAIL_MUNGE, replacing it with a runtime check
for the milter v2 feature which suppresses the addition of
spaces in headers.
Add _FFR_COMMAIZE which attempts to predict the reformatting
the MTA will do to certain header fields to reduce verification
failures.
Add _FFR_DKIM_REPUTATION enabling a function used to query
an open DKIM reputation service regarding the signing user
and signing domain. The service's URL is
http://www.dkim-reputation.org. (EXPERIMENTAL)
Fix preloading of configuration defaults.
Fix bug #SF2236040: Quote all of the POSIX regular expression special
characters, not just some of them. Reported by Mark Martinec.
When possible, log the selector and domain of the signature evaluated
along with any errors in the libcrypto stack.
LIBDKIM: Add "smtpbuf", "smtplen" and "interval" parameters to
dkim_sig_getreportinfo() and dkim_policy_getreportinfo().
Also, remove the assertion that "addr" be non-NULL.
LIBDKIM: Add DKIM_LIBFLAGS_ACCEPTDK which enables compatibility
with DomainKeys-formatted key records.
LIBDKIM: Adjust signature formatting for legibility.
LIBDKIM: Check return status from dkim_canon_getfinal() to avoid
bad dereferences. Problem noted by Chris Behrens of
Concentric Network Corporation.
LIBDKIM: Render the DKIM handle unusable in dkim_eoh_sign() if a
required header was absent.
Activate _FFR_REQUIRED_HEADERS.
2.7.2 2008/09/02
Avoid memory leaks and infinite loops when releasing thread-specific
memory. Reported by Jeff Earickson.
2.7.1 2008/08/27
Set up required callbacks for OpenSSL thread-safety. Problem
noted by Zbigniew Szalbot.
Disallow empty "t=" and "x=" tags.
Return DKIM_STAT_KEYFAIL for various DNS key retrieval failures
instead of DKIM_STAT_INTERNAL.
2.7.0 2008/07/23
Update to draft-ietf-dkim-ssp-04. In doing so, rename "ASPDiscard"
to "ADSPDiscard", "ASPNoSuchDomain" to "ADSPNoSuchDomain"
and "SendASPReports" to "SendADSPReports" in the configuration
file.
Feature request #29738: Add "TrustSignaturesFrom" configuration
file item allowing fine-grained control over third-party
signature handling.
Feature request #SF2018848: Add "LocalADSP" feature allowing
policy assertions from domains known to have specific policies
but which don't publish ADSP records. Suggested by
Bruno Kraychete da Costa.
LIBDKIM: Fix an off-by-one overrun check in key and policy record
decoding. Problem noted by John Dickinson.
2.6.0 2008/06/11
Remove "signaturemissing" as an old-style configuration action
as it has been superseded by "ASPDiscard" and related
functions.
Add "SendASPReports" configuration option which generates ASP failure
reports if requested by the sending domain.
Update report generation for verification failures to use the
new Abuse Reporting Format (ARF) and DKIM Reporting
draft proposals.
Add "MustBeSigned" configuration option, requiring signatures to
cover specific headers if present.
Rename "UseASPDiscard" to "ASPDiscard".
Add "ASPNoSuchDomain" configuration option which rejects mail that
appears to come from nonexistent domains as reported by the
Author Signing Practises check.
Add "ReportAddress" configuration option, used for defining the
From: header of reports mailed out.
Yet another compatibility fix with respect to Sleepycat DB.
Fix processing of "LogWhy" configuration parameter. Problem noted
by Erik Lotspeich.
Add "-n" command line flag which parses the command line arguments
and configuration file(s), then exits with an appropriate
status code.
Report DKIM and ASP results separately via the same
Authentication-Results header field. Previous versions would
alter the DKIM result based on ASP.
Fix bug #SF1976931: Restore function of "nosignature" old-style
action configuration, connected to "AlwaysAddARHeader".
Problem noted by Lucas Brasilino.
Feature request #SF1940233: Add "DontSignMailTo" configuration option,
allowing a list of recipient patterns whose mail should not
be signed. Requested by Don Hughes.
LIBDKIM: Rename dkim_reportinfo() to dkim_sig_getreportinfo(),
and add dkim_policy_getreportinfo().
LIBDKIM: Add several more signature error codes covering various
key-related errors.
LIBDKIM: Add dkim_sig_hdrsigned() utility, DKIM_OPTS_MUSTBESIGNED
option, and DKIM_SIGERROR_MBSFAILED error code.
LIBDKIM: Fix a bug in the computation of the result for
dkim_canon_minbody().
LIBDKIM: Report corrupted base64 chunks instead of quietly
tolerating them.
LIBDKIM: Tidy up the cleanup code in dkim-canon.c.
LIBDKIM: Properly handle "tag=" at the end of a data set (i.e.
the tag exists and has an empty value).
LIBDKIM: Use larger unsigned data types in dkim_sig_future() as
was done elsewhere.
LIBDKIM: Always populate a DKIM_SIGINFO with domain and selector
before there's an opportunity for other parsing
short-circuits.
LIBDKIM: Fix bug #SF1984685: Remove the "margin" parameter from
dkim_getsighdr(); make it controlled by a new function,
dkim_set_margin(), so that the signed copy and the
user-requested copy are identical.
Activate _FFR_AUTHSERV_JOBID.
2.5.5 2008/04/25
Fix bug #SF1947301: Close up a logic problem in "UseASPDiscard"
handling which could cause false rejections of mail from
domains advertising "discardable" policies. Problem noted
by Doug Kingston.
LIBDKIM: Another compatibility fix with respect to Sleepycat DB.
- Add dkim-stats option to install dkim-stats(8) FFR
- Only install dkim-stats(8) man page if dkim-stats option has been specified
2.5.4 2008/04/17
* Skip signatures with errors in dkimf_authorsigok().
* Avoid a NULL dereference in dkimf_config_reload() when starting
without a configuration file.
* Fix an alignment problem in dkimf_checkip(). Problem reported
by Jeff A. Earickson.
* LIBDKIM: Fix bug #SF1942387: Per RFC4871, disallow "l=" values
that exceed the size of the canonicalized message body.
2.5.3 2008/04/14
* Add "AllowSHA1Only" configuration option which permits operation
of verifiers that only know about SHA1. Without this, a
filter compiled with only SHA1 support will refuse to start
in verifier mode.
* Add "LogWhy" configuration parameter and "-W" command line flag
to request detailed logging about why a message was not
signed by the filter. Intended for debugging; not intended
for normal operation.
* Another tweak to parameters passed to db->open(). Based on patches
from Jukka Salmi and S. Moonesamy.
* Fixes in ares_parse() to match the current syntax. In particular,
deal with the fact that some of our tokens can legally appear
in e-mail addresses. Problem noted by S. Moonesamy of
Eland Systems.
* LIBDKIM: Evaluate key granularity against the "i=" value rather than
the value of the From: header per RFC4871. Problem noted by
Jason Long.
* LIBDKIM: Remove the chartable stuff from dkim-tables.c as it is
not used anywhere.
* LIBDKIM: Fix bug #SF1940302: Perform stronger validation of the value
of the "h=" tag.
Update for draft-kucherawy-sender-auth-header-14.
Add "subject" to "should_signhdrs" per RFC4871 section 5.5.
Fix bug #SF1911328: Restore proper behaviour of SignHeaders and
OmitHeaders, broken in the prior release's configuration
overhaul. Problem reported by Jason Molzen.
Fix bug #SF1912332: Fix parameters passed to db->open(). Problem
reported by Tony Earnshaw.
Fix bug #SF1912569: Initialize mutexes before entering test mode.
Patch from Kaspar Brand.
LIBDKIM: More boundary checking fixes in dkim_canon_selecthdrs().
Problem noted by Warren Horvath.
LIBDKIM: Fix bug #SF1820084: Return DKIM_STAT_MULTIDNSREPLY
if a DNS query returns multiple records.
2.5.2 2008/03/28
Preserve the sender's domain name outside of mlfi_eoh() as it's
now needed in mlfi_eom(). Problem noted by Andy Fiddaman.
Fix bug #SF1921873: Pass "-K" command line switch into the new
configuration handling code. Problem noted by Al Smith.
TOOLS: Fix flags portion of the TXT record output by dkim-genkey.
Problem noted by Michael Carland.
BUILD: Fix bug #SF1922422: Fix linker problems when POPAUTH is
defined.
Add "AutoRestartCount" and "AutoRestartRate" configuration
parameters to limit runaway restart loops.
Feature request #SF1735573: Add "AlwaysAddARHeader" option, which
will add an Authentication-Results of "none" for unsigned
messages from domains without a "strict" policy.
Feature request #SF1807748: Reload the configuration file on
receipt of SIGUSR1. Requested by Florian Sager.
Feature request #SF1811969: Add _FFR_BODYLENGTH_DB which adds a
"BodyLengthDBFile" feature, allowing a per-recipient decision
on whether or not to use an "l=" tag when signing. Patch
contributed by Daniel Black.
Feature request #SF1841955: Add an "Include" facility to the
configuration file.
Feature request #SF1876941: Make the syslog facility selectable.
Based on a patch from Jose-Marcio Martins da Cruz of Ecole
des Mines de Paris.
Feature request #SF1876943: Add _FFR_AUTHSERV_JOBID allowing the
job ID to be included as part of the "authserv-id" in
Authentication-Results: headers. Based on a patch from
Jose-Marcio Martins da Cruz of Ecole des Mines de Paris.
Feature request #SF1890581: Attempt to clean up a UNIX domain
socket in the non-AutoRestart case as well. Requested
by Daniel Black.
Add "MilterDebug" configuration file option for requesting debugging
output from the filter.
Add "FixCRLF" configuration file option which activates the
DKIM_LIBFLAGS_FIXCRLF flag (see below).
Update to draft-ietf-dkim-ssp-03. In doing so, rename the
"UseSSPDeny" configuration option to "UseASPDiscard".
Handle an error from dkim_getsighdr() properly in mlfi_eom().
When VERIFY_DOMAINKEYS is active, don't short-circuit mlfi_eoh()
between dk_verify() and dk_eoh() or a segmentation fault below
dk_body() could result.
LIBDKIM: Feature request #SF1823059: Export key, signature and
policy syntax checking capability via the API. Based on
a patch from Chris Behrens of Concentric Network Corporation.
LIBDKIM: Assert defaults for "c" and "q" tags when parsing
signature headers. Patch from Chris Behrens of Concentric
Network Corporation.
LIBDKIM: Better handling of truncated DNS replies; instead of
just giving up if the "tc" (truncated) bit is set in the
reply, see if there was enough of a reply returned to be able
to complete the request.
LIBDKIM: Fix recycling bug in header canonicalizations which was
causing signatures other than the first one to fail in most
cases.
LIBDKIM: Add new dkim_chunk() interface.
LIBDKIM: Enforce DKIM_OPTS_QUERYMETHOD library option even if there
were no valid signatures.
LIBDKIM: New DKIM_LIBFLAGS_FIXCRLF which requests that "naked"
CRs and LFs be converted to CRLFs during canonicalization
when signing.
LIBDKIM: Fix bounds checking in dkim_canon_selecthdrs().
LIBAR: Eliminate a possible race condition in ar_dispatcher().
LIBAR: Timeouts passed to select() can't be bigger than 10^8.
Problem noted by S. Moonesamy of Eland Systems.
BUILD: Feature request #SF1876242: Install the filter in EBINDIR
and everything else in UBINDIR.
* LIBDKIM: Fix bug #SF1867839: 64-bit portability in rfc2822.c.
Patch from Geoff Adams.
* Update for latest Authentication-Results: header draft.
* Take advantage of some more features that were introduced with
milter v2 in sendmail 8.14.0:
* Report "hardfail" instead of "fail" on authentication failures,
in compliance with the Authentication-Results: draft.
* Fix use of "UseSSPDeny" to include handling of unsigned messages.
* Replace "gentxt.csh" with more robust "dkim-genkey" utility.
And *lots* more (the package in pkgsrc was 2 years+ old)
See RELEASE_NOTES for all the details
INSTALLATION_DIRS, as well as all occurrences of ${PREFIX}/man with
${PREFIX}/${PKGMANDIR}.
Fixes PR 35265, although I did not use the patch provided therein.
RECOMMENDED is removed. It becomes ABI_DEPENDS.
BUILDLINK_RECOMMENDED.foo becomes BUILDLINK_ABI_DEPENDS.foo.
BUILDLINK_DEPENDS.foo becomes BUILDLINK_API_DEPENDS.foo.
BUILDLINK_DEPENDS does not change.
IGNORE_RECOMMENDED (which defaulted to "no") becomes USE_ABI_DEPENDS
which defaults to "yes".
Added to obsolete.mk checking for IGNORE_RECOMMENDED.
I did not manually go through and fix any aesthetic tab/spacing issues.
I have tested the above patch on DragonFly building and packaging
subversion and pkglint and their many dependencies.
I have also tested USE_ABI_DEPENDS=no on my NetBSD workstation (where I
have used IGNORE_RECOMMENDED for a long time). I have been an active user
of IGNORE_RECOMMENDED since it was available.
As suggested, I removed the documentation sentences suggesting bumping for
"security" issues.
As discussed on tech-pkg.
I will commit to revbump, pkglint, pkg_install, createbuildlink separately.
Note that if you use wip, it will fail! I will commit to pkgsrc-wip
later (within day).
dkim-milter consists of two parts: A milter-based application
(dkim-filter) which plugs in to Sendmail to provide DomainKeys
Identified Mail service, and a library (libdkim) which can be used to
build DKIM-compliant applications or MTAs.
