Automatic conversion of the NetBSD pkgsrc CVS module, use with care
b4b3c19dd5
2.8.1 2009/01/16 LIBDKIM: Fix bug #SF2508602: Add a translation string for DKIM_SIGERROR_KEYREVOKED and fix dkim_eom_verify() so it returns DKIM_STAT_REVOKED when appropriate. Problem noted by Mike Markley of Bank of America. 2.8.0 2009/01/08 Add configuration option "EnableCoredumps" which makes an explicit kernel request for cores on crashes. Currently only meaningful on Linux. Add configuration option "AuthServID" which sets the "authserv-id" token to use when generating Authentication-Results header fields. Report "fail" instead of "hardfail" on authentication failures, in compliance with the Authentication-Results: draft. Add _FFR_REPORT_INTERVALS, experimental support for the "ri" tag extension to DKIM policy and key records for specifying reporting intervals. Feature request #SF1985886: Add _FFR_MULTIPLE_SIGNATURES, allowing one instance of the filter to add multiple signatures. Suggested by Dave Crocker. Add "TemporaryDirectory" configuration file option for requesting that libdkim use an alternate directory for creating temporary files, and "KeepTemporaryFiles" for requesting that libdkim not delete those files for debugging purposes. Add optional support for the "unbound" asynchronous resolver library as it is DNSSEC-aware. Adds four new configuration file items: "BogusKey", "BogusPolicy", "InsecureKey" and "InsecurePolicy". Also add dkim_sig_getdnssec() and dkim_policy_getdnssec() to libdkim so callers can tell what the DNSSEC evaluation result was for each query. Based on a patch from John Dickinson. Add "BaseDirectory" configuration file option for specifying the desired current directory of the process. Make use of the key and policy "rs" tag, if present, when doing SMTP rejections. Use MTA macro "$j" as the hostname in generated reports instead of the output of gethostname() since on some systems the latter may not be fully-qualified. Remove ANTICIPATE_SENDMAIL_MUNGE, replacing it with a runtime check for the milter v2 feature which suppresses the addition of spaces in headers. Add _FFR_COMMAIZE which attempts to predict the reformatting the MTA will do to certain header fields to reduce verification failures. Add _FFR_DKIM_REPUTATION enabling a function used to query an open DKIM reputation service regarding the signing user and signing domain. The service's URL is http://www.dkim-reputation.org. (EXPERIMENTAL) Fix preloading of configuration defaults. Fix bug #SF2236040: Quote all of the POSIX regular expression special characters, not just some of them. Reported by Mark Martinec. When possible, log the selector and domain of the signature evaluated along with any errors in the libcrypto stack. LIBDKIM: Add "smtpbuf", "smtplen" and "interval" parameters to dkim_sig_getreportinfo() and dkim_policy_getreportinfo(). Also, remove the assertion that "addr" be non-NULL. LIBDKIM: Add DKIM_LIBFLAGS_ACCEPTDK which enables compatibility with DomainKeys-formatted key records. LIBDKIM: Adjust signature formatting for legibility. LIBDKIM: Check return status from dkim_canon_getfinal() to avoid bad dereferences. Problem noted by Chris Behrens of Concentric Network Corporation. LIBDKIM: Render the DKIM handle unusable in dkim_eoh_sign() if a required header was absent. Activate _FFR_REQUIRED_HEADERS. 2.7.2 2008/09/02 Avoid memory leaks and infinite loops when releasing thread-specific memory. Reported by Jeff Earickson. 2.7.1 2008/08/27 Set up required callbacks for OpenSSL thread-safety. Problem noted by Zbigniew Szalbot. Disallow empty "t=" and "x=" tags. Return DKIM_STAT_KEYFAIL for various DNS key retrieval failures instead of DKIM_STAT_INTERNAL. 2.7.0 2008/07/23 Update to draft-ietf-dkim-ssp-04. In doing so, rename "ASPDiscard" to "ADSPDiscard", "ASPNoSuchDomain" to "ADSPNoSuchDomain" and "SendASPReports" to "SendADSPReports" in the configuration file. Feature request #29738: Add "TrustSignaturesFrom" configuration file item allowing fine-grained control over third-party signature handling. Feature request #SF2018848: Add "LocalADSP" feature allowing policy assertions from domains known to have specific policies but which don't publish ADSP records. Suggested by Bruno Kraychete da Costa. LIBDKIM: Fix an off-by-one overrun check in key and policy record decoding. Problem noted by John Dickinson. 2.6.0 2008/06/11 Remove "signaturemissing" as an old-style configuration action as it has been superseded by "ASPDiscard" and related functions. Add "SendASPReports" configuration option which generates ASP failure reports if requested by the sending domain. Update report generation for verification failures to use the new Abuse Reporting Format (ARF) and DKIM Reporting draft proposals. Add "MustBeSigned" configuration option, requiring signatures to cover specific headers if present. Rename "UseASPDiscard" to "ASPDiscard". Add "ASPNoSuchDomain" configuration option which rejects mail that appears to come from nonexistent domains as reported by the Author Signing Practises check. Add "ReportAddress" configuration option, used for defining the From: header of reports mailed out. Yet another compatibility fix with respect to Sleepycat DB. Fix processing of "LogWhy" configuration parameter. Problem noted by Erik Lotspeich. Add "-n" command line flag which parses the command line arguments and configuration file(s), then exits with an appropriate status code. Report DKIM and ASP results separately via the same Authentication-Results header field. Previous versions would alter the DKIM result based on ASP. Fix bug #SF1976931: Restore function of "nosignature" old-style action configuration, connected to "AlwaysAddARHeader". Problem noted by Lucas Brasilino. Feature request #SF1940233: Add "DontSignMailTo" configuration option, allowing a list of recipient patterns whose mail should not be signed. Requested by Don Hughes. LIBDKIM: Rename dkim_reportinfo() to dkim_sig_getreportinfo(), and add dkim_policy_getreportinfo(). LIBDKIM: Add several more signature error codes covering various key-related errors. LIBDKIM: Add dkim_sig_hdrsigned() utility, DKIM_OPTS_MUSTBESIGNED option, and DKIM_SIGERROR_MBSFAILED error code. LIBDKIM: Fix a bug in the computation of the result for dkim_canon_minbody(). LIBDKIM: Report corrupted base64 chunks instead of quietly tolerating them. LIBDKIM: Tidy up the cleanup code in dkim-canon.c. LIBDKIM: Properly handle "tag=" at the end of a data set (i.e. the tag exists and has an empty value). LIBDKIM: Use larger unsigned data types in dkim_sig_future() as was done elsewhere. LIBDKIM: Always populate a DKIM_SIGINFO with domain and selector before there's an opportunity for other parsing short-circuits. LIBDKIM: Fix bug #SF1984685: Remove the "margin" parameter from dkim_getsighdr(); make it controlled by a new function, dkim_set_margin(), so that the signed copy and the user-requested copy are identical. Activate _FFR_AUTHSERV_JOBID. 2.5.5 2008/04/25 Fix bug #SF1947301: Close up a logic problem in "UseASPDiscard" handling which could cause false rejections of mail from domains advertising "discardable" policies. Problem noted by Doug Kingston. LIBDKIM: Another compatibility fix with respect to Sleepycat DB. |
||
---|---|---|
archivers | ||
audio | ||
benchmarks | ||
biology | ||
bootstrap | ||
cad | ||
chat | ||
comms | ||
converters | ||
cross | ||
databases | ||
devel | ||
distfiles | ||
doc | ||
editors | ||
emulators | ||
filesystems | ||
finance | ||
fonts | ||
games | ||
geography | ||
graphics | ||
ham | ||
inputmethod | ||
lang | ||
licenses | ||
math | ||
mbone | ||
meta-pkgs | ||
misc | ||
mk | ||
multimedia | ||
net | ||
news | ||
packages | ||
parallel | ||
pkgtools | ||
regress | ||
security | ||
shells | ||
sysutils | ||
templates | ||
textproc | ||
time | ||
wm | ||
www | ||
x11 | ||
Makefile | ||
pkglocate | ||
README |
$NetBSD: README,v 1.18 2005/05/07 22:18:28 wiz Exp $ Please see doc/pkgsrc.txt for information.