--- opendmarc-1.3.1+dfsg.orig/debian/README.Debian +++ opendmarc-1.3.1+dfsg/debian/README.Debian @@ -0,0 +1,48 @@ +opendmarc for Debian +------------------- + +Configuration Notes for Debian systes +-------------------------------------------- + +The DMARC protocol is built on top of SPF and DKIM. OpenDMARC needs SPF and +DKIM verification results as an input. OpenDMARC uses RFC 5451 Authentication +Results header fields to get those results. OpenDMARC will use header fields +with an AuthservID that matches either the one specified in +/etc/opendmarc.conf or the system hostname. It is important to verify that +the AuthservID provided by SPF and DKIM verifiers matches the one that +opendmarc expects. + +In Debian, postfix-policyd-spf-python and opendkim have been tested to +generate appropriate A-R header fields. For postfix-policyd-spf-python, +however, it is not the default configuration. See man 5 policyd-spf.conf for +information on how to configure it to generate A-R header fields. + +To generate aggregate feedback reports a MySQL database is needed. See the +man pages for opendmarc-expire, opendmarc-import, opendmarc-params, and +opendmarc-reports for details on how the aggregate report data collection and +report generation works. The database schema, setup script, and README.schema +files can be found in /usr/share/doc/opendmarc. + +Notes for Postfix users +----------------------- + +Postfix users who wish to access the opendmarc service via UNIX socket +may need to add the postfix user to the opendmarc group and ensure that +UMask is set to 002 in /etc/opendkim.conf, in order to make the socket + readable by Posfix. + +Users may also need to move the socket into a directory accessible by the +Postfix chroot; this can be accomplished by setting the SOCKET variable +in /etc/default/opendmarc. + +The default is to connect to the filter over TCP. The filter can be bound to +localhost to prevent other hosts from accessing it. For example, to bind to +port 8892, specify "inet:8892@localhost". + +Changing group ownership of socket +---------------------------------- + +The group ID of the UNIX socket created by opendkim can be changed by +changing the primary GID of the opendmarc user, e.g.: +$ usermod -g mail opendmarc + --- opendmarc-1.3.1+dfsg.orig/debian/README.source +++ opendmarc-1.3.1+dfsg/debian/README.source @@ -0,0 +1,58 @@ +This package uses quilt to manage all modifications to the upstream +source. Changes are stored in the source package as diffs in +debian/patches and applied during the build. + +To configure quilt to use debian/patches instead of patches, you want +either to export QUILT_PATCHES=debian/patches in your environment +or use this snippet in your ~/.quiltrc: + + for where in ./ ../ ../../ ../../../ ../../../../ ../../../../../; do + if [ -e ${where}debian/rules -a -d ${where}debian/patches ]; then + export QUILT_PATCHES=debian/patches + break + fi + done + +To get the fully patched source after unpacking the source package, cd to +the root level of the source package and run: + + quilt push -a + +The last patch listed in debian/patches/series will become the current +patch. + +To add a new set of changes, first run quilt push -a, and then run: + + quilt new + +where is a descriptive name for the patch, used as the filename in +debian/patches. Then, for every file that will be modified by this patch, +run: + + quilt add + +before editing those files. You must tell quilt with quilt add what files +will be part of the patch before making changes or quilt will not work +properly. After editing the files, run: + + quilt refresh + +to save the results as a patch. + +Alternately, if you already have an external patch and you just want to +add it to the build system, run quilt push -a and then: + + quilt import -P /path/to/patch + quilt push -a + +(add -p 0 to quilt import if needed). as above is the filename to +use in debian/patches. The last quilt push -a will apply the patch to +make sure it works properly. + +To remove an existing patch from the list of patches that will be applied, +run: + + quilt delete + +You may need to run quilt pop -a to unapply patches first before running +this command. --- opendmarc-1.3.1+dfsg.orig/debian/changelog +++ opendmarc-1.3.1+dfsg/debian/changelog @@ -0,0 +1,188 @@ +opendmarc (1.3.1+dfsg-3) unstable; urgency=medium + + * Use system public suffix list so organizational domain can be determined + - Add publicsuffix to opendmarc depends + - Add PublicSuffixList to installed opendmarc.conf + * Fix use of Debian revision in libopendmarc2.symbols + * Update debian/watch (thanks to bartm) + + -- Scott Kitterman Tue, 26 Jan 2016 17:06:30 -0500 + +opendmarc (1.3.1+dfsg-2) unstable; urgency=medium + + * Upload to unstable + * Add debian/patches/fix-incompatible-pointer-type + - Thanks to Sebastian A. Siewior for the patch + * Fix enabling of SPF: update configure and add new symbols + (Closes: #781048) + - Thanks to Christophe Wolfhugel for both the report and the fix + * Update installed opendmarc.conf to use the term FailureReports vice + ForensiceReports (Closes: #783180) + - Thanks to Olaf Zaplinski for the report + + -- Scott Kitterman Thu, 23 Apr 2015 13:41:35 -0400 + +opendmarc (1.3.1+dfsg-1) experimental; urgency=medium + + * New upstream release (Closes: #761444, #761451) + * Bump standards version to 3.9.6 without further change) + + -- Scott Kitterman Mon, 23 Feb 2015 16:52:23 -0500 + +opendmarc (1.3.0+dfsg-1) unstable; urgency=medium + + * Upload to unstable + * New upstream release + - Drop debian/patches/missing_include.patch, incorporated upstream + - Update for new soname (rename libopendmarc1 to libopendmarc2, update + libopendmarc-dev depends, and rename install/symbols files) + * Update debian/copyright + + -- Scott Kitterman Fri, 01 Aug 2014 03:03:09 -0400 + +opendmarc (1.3.0~beta4+dfsg-2) experimental; urgency=medium + + * Update debian/patches/missing_include.patch to move the build-config.h + before the STRL checks in opendmarc/config.c and test.c + + -- Scott Kitterman Wed, 30 Jul 2014 15:45:28 -0400 + +opendmarc (1.3.0~beta4+dfsg-1) experimental; urgency=medium + + * New upstream beta release + * Patch configure.ac to add tests for presence of libbsd/string.h and + use USE_BSD_H and USE_STRL_H to select the correct include + - Based on similar changes done for opendkim + + -- Scott Kitterman Wed, 30 Jul 2014 12:00:37 -0400 + +opendmarc (1.3.0~beta3+dfsg-1) experimental; urgency=medium + + * New upstream beta release + - Repacked tarball to remove non-free internet draft + - Updated debian/libopendmarc1.symbols + - Enable new internal SPF checking with libspf2 + - Add libspf2-dev to build-depends + - Adjust configure in debian/rules + * Update standards version to 3.9.5 without further change + * Enable use of syslog by default + * Run as opendmarc:opendmarc by default + * Decluttered installed configuration file + * Improved rddmarc package description + + -- Scott Kitterman Sat, 19 Jul 2014 02:18:01 -0400 + +opendmarc (1.2.0+dfsg-1) unstable; urgency=medium + + * Upload to Unstable + * New upstream release + - Repacked tarball to remove non-free internet draft + - Fixes hard coded parameters in dmarcfail (Closes: #720392) + + -- Scott Kitterman Mon, 17 Mar 2014 20:38:42 -0400 + +opendmarc (1.2.0~beta3+dfsg-1) experimental; urgency=low + + * New upstream beta release + - Repack upstream tarball to remove non-free IETF draft + - Add libbsd-dev to build-depends to use system strlcat/strlcpy + - Update libopendkim1.symbols + - Fixes hard coded parameters in dmarcfail (Closes: #720392) + * Move dmarcfail and rddmarc to /usr/share/doc as suggested by upstream + * Update package descriptions + + -- Scott Kitterman Thu, 13 Mar 2014 00:27:01 -0400 + +opendmarc (1.1.3-1) unstable; urgency=low + + * New upstream release + - Update draft-dmarc-base version number in opendmarc.docs + + -- Scott Kitterman Sun, 14 Apr 2013 18:34:00 -0400 + +opendmarc (1.1.2-1) unstable; urgency=low + + * New upstream release + + -- Scott Kitterman Mon, 01 Apr 2013 10:58:46 -0400 + +opendmarc (1.1.1-1) unstable; urgency=low + + * New upstream release + * Update debian/watch now that we don't mangle the version anymore + + -- Scott Kitterman Mon, 18 Mar 2013 22:04:19 -0400 + +opendmarc (1.1.0-1) unstable; urgency=low + + * Uploading to unstable + * New upstream final release + + -- Scott Kitterman Fri, 08 Mar 2013 13:40:54 -0500 + +opendmarc (1.1.0~beta2-1) experimental; urgency=low + + * New upstream beta release + - Drop debian/patches/warnings_fix.patch since it is included upstream + - Update debian/copyright + - Update for new library SO name libopendmarc0* -> libopendmarc1 + - Update symbols file + + -- Scott Kitterman Thu, 28 Feb 2013 03:24:00 -0500 + +opendmarc (1.1.0~beta1-2) experimental; urgency=low + + * Fix borked dh_autoreconf change in debian/rules in the last upload + + -- Scott Kitterman Tue, 12 Feb 2013 00:21:10 -0500 + +opendmarc (1.1.0~beta1-1) experimental; urgency=low + + * New upstream beta release + - Update symbols file + - Update debian/copyright + * Add debian/patches/warnings_fix.patch for upstream changes made post- + release to address compiler warnings + * Update debian/rules for better cross-building support, based on changes + from Adam Conrad for opendkim + - Add dh-autoreconf to build-depends + + -- Scott Kitterman Mon, 11 Feb 2013 15:27:52 -0500 + +opendmarc (1.1.0~beta0-1) experimental; urgency=low + + * New upstream beta release + - Repacking on longer required because DMARC specification license is now + included in the upstream tarball + - Update symbols file + - Re-enable tests since they no longer require network access + - Added new reports/mkdb.mysql setup script to debian/opendmarc.docs + * Include MySQL schema files and readme in /usr/share/doc/opendmarc to + support DMARC aggregate reporting + * Update debian/README.Debian + * Set umask in opendmarc.conf so Unix socket has proper permissions + * Fix libopendmarc-dev package description to be about opendmarc and not + opendkim (Closes: #699278) + + -- Scott Kitterman Wed, 06 Feb 2013 10:24:23 -0500 + +opendmarc (1.0.1+dfsg-3) unstable; urgency=low + + * Upload to unstable + * Correct option for using installed configuration file in + debian/opendmarc.init + + -- Scott Kitterman Wed, 12 Dec 2012 18:48:33 -0500 + +opendmarc (1.0.1+dfsg-2) experimental; urgency=low + + * Disable opendmarc tests since they require network access + + -- Scott Kitterman Wed, 12 Dec 2012 00:49:42 -0500 + +opendmarc (1.0.1+dfsg-1) experimental; urgency=low + + * Initial release (Closes: #692940) + * Repacked upstream tarball to add license for DMARC specification + + -- Scott Kitterman Mon, 23 Jul 2012 18:17:11 -0400 --- opendmarc-1.3.1+dfsg.orig/debian/compat +++ opendmarc-1.3.1+dfsg/debian/compat @@ -0,0 +1 @@ +9 --- opendmarc-1.3.1+dfsg.orig/debian/control +++ opendmarc-1.3.1+dfsg/debian/control @@ -0,0 +1,78 @@ +Source: opendmarc +Section: mail +Priority: extra +Maintainer: Scott Kitterman +Build-Depends: debhelper (>= 9), libmilter-dev, pkg-config, opendkim-tools, + libspf2-dev, libbsd-dev, autotools-dev, automake, dh-autoreconf, quilt +Standards-Version: 3.9.6 +Homepage: http://www.trusteddomain.org/opendmarc + +Package: opendmarc +Architecture: any +Depends: ${shlibs:Depends}, ${misc:Depends}, adduser, lsb-base, publicsuffix +Recommends: libopendbx1, libopendbx1-mysql, perl, libswitch-perl, libdbi-perl, + libdbd-mysql-perl, libhttp-message-perl, ${perl:Depends} +Description: Milter implementation of DMARC + Domain-based Message Authentication, Reporting and Conformance (DMARC), + builds on the successes of technologies such as DomainKeys Identified Mail + (DKIM) and the Sender Policy Framework (SPF) to create an infrastructure that + enforces policy on domain names that are visible to end users, and creates a + feedback framework for identifying and tracking fraudulent use of domain + names in email. It uses OpenDBX as an interface layer to various SQL back + ends. + . + It provides the following new capabilities: + . + A binding between the domain name seen in the From: field of a message and + one or both of the domain names verified by DKIM and SPF; + . + The capability to request that receivers enforce strict message + authentication policy published by the author; and Comprehensive reporting, + both forensic and aggregate, regarding suspect messages. + . + This package contains the OpenDMARC mail filter (Milter) for plugging into + Milter-aware MTAs. It implements support for both message reject and DMARC + failure reporting. + + +Package: libopendmarc2 +Section: libs +Architecture: any +Depends: ${shlibs:Depends}, ${misc:Depends} +Description: Library for DMARC validation and reporting + Domain-based Message Authentication, Reporting and Conformance (DMARC), + builds on the successes of technologies such as DomainKeys Identified Mail + (DKIM) and the Sender Policy Framework (SPF) to create an infrastructure that + enforces policy on domain names that are visible to end users, and creates a + feedback framework for identifying and tracking fraudulent use of domain + names in email. + . + This package provides library for implementing mail validation and reporting + for the experimental DMARC standard. + +Package: libopendmarc-dev +Section: libdevel +Architecture: any +Depends: libopendmarc2 (= ${binary:Version}), ${misc:Depends} +Description: Headers and development libraries for the OpenDMARC library + Domain-based Message Authentication, Reporting and Conformance (DMARC), + builds on the successes of technologies such as DomainKeys Identified Mail + (DKIM) and the Sender Policy Framework (SPF) to create an infrastructure that + enforces policy on domain names that are visible to end users, and creates a + feedback framework for identifying and tracking fraudulent use of domain + names in email. + . + This package provides the required header files and development libraries for + developing against the OpenDMARC library. + +Package: rddmarc +Architecture: all +Depends: python, python-mysqldb, perl, libdbi-perl, libxml-simple-perl, + libmime-tools-perl, ${perl:Depends}, ${misc:Depends} +Description: Sample DMARC report processing scripts collection + There are currently three scripts provided: + . + - rddmarc: Perl the script to parse DMARC summary reports + - mkdmarc - SQL to create the tables + - dmarcfail: Parses DMARC forensic reports from Netease and adds them to a + MySQL database to assist in further analysis. --- opendmarc-1.3.1+dfsg.orig/debian/copyright +++ opendmarc-1.3.1+dfsg/debian/copyright @@ -0,0 +1,170 @@ +This package was debianized by Scott Kitterman on +Tue, 30 Oct 2012 14:46:53 +0100. + +It was downloaded from http://sourceforge.net/projects/opendkim + +Copyright Holder: The OpenDKIM Project. + +Based on code from DKIM Milter, copyright Sendmail Inc. + +Copyright: +Copyright (c) 2009, 2010, 2012, 2013, 2014 The Trusted Domain Project. +All rights reserved. + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions are met: + * Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + * Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + * Neither the name of The Trusted Domain Project nor the names of its + contributors may be used to endorse or promote products derived from + this software without specific prior written permission. + +Portions of this project are also covered by the Sendmail Open Source +License, available in this distribution in the file "LICENSE.Sendmail". +See the copyright notice(s) in each file to determine whether it is covered +by either or both of the licenses. For example: + + Copyright (c) Sendmail, Inc. and its suppliers. + All rights reserved. + +Files bearing the banner above are covered under the Sendmail Open Source +License (see LICENSE.Sendmail). + + Copyright (c) , The Trusted Domain Project. + All rights reserved. + +Files bearing the banner above are covered under the Trusted Domain Project +License (above). + +Files bearing both banners are covered under both sets of license terms. + +THIS SOFTWARE IS PROVIDED BY THE TRUSTED DOMAIN PROJECT ''AS IS'' AND ANY +EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED +WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE +DISCLAIMED. IN NO EVENT SHALL THE TRUSTED DOMAIN PROJECT BE LIABLE FOR ANY +DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES +(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; +LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND +ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT +(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS +SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +For files: +opendmarc/parse.h Copyright (c) 2004 Sendmail, Inc. and its suppliers. +opendmarc/opendmarc-ar.c Copyright (c) 2007-2009 Sendmail, Inc. and its suppliers. +opendmarc/opendmarc-dstring.c Copyright (c) 2005-2009 Sendmail, Inc. and its suppliers. +opendmarc/opendmarc-dstring.h Copyright (c) 2004, 2005, 2007-2009 Sendmail, Inc. and its suppliers. +opendmarc/opendmarc-ar.h Copyright (c) 2007-2009 Sendmail, Inc. and its suppliers. +opendmarc/config.c Copyright (c) 2006-2009 Sendmail, Inc. and its suppliers. +opendmarc/parse.c Copyright (c) 2005, 2007, 2008 Sendmail, Inc. and its suppliers. +opendmarc/config.h Copyright (c) 2006-2008 Sendmail, Inc. and its suppliers + + SENDMAIL OPEN SOURCE LICENSE + +The following license terms and conditions apply to this open source +software ("Software"), unless a different license is obtained directly +from Sendmail, Inc. ("Sendmail") located at 6475 Christie Ave, Suite 350, +Emeryville, CA 94608, USA. + +Use, modification and redistribution (including distribution of any +modified or derived work) of the Software in source and binary forms is +permitted only if each of the following conditions of 1-6 are met: + +1. Redistributions of the Software qualify as "freeware" or "open + source software" under one of the following terms: + + (a) Redistributions are made at no charge beyond the reasonable + cost of materials and delivery; or + + (b) Redistributions are accompanied by a copy of the modified + Source Code (on an acceptable machine-readable medium) or by an + irrevocable offer to provide a copy of the modified Source Code + (on an acceptable machine-readable medium) for up to three years + at the cost of materials and delivery. Such redistributions must + allow further use, modification, and redistribution of the Source + Code under substantially the same terms as this license. For + the purposes of redistribution "Source Code" means the complete + human-readable, compilable, linkable, and operational source + code of the redistributed module(s) including all modifications. + +2. Redistributions of the Software Source Code must retain the + copyright notices as they appear in each Source Code file, these + license terms and conditions, and the disclaimer/limitation of + liability set forth in paragraph 6 below. Redistributions of the + Software Source Code must also comply with the copyright notices + and/or license terms and conditions imposed by contributors on + embedded code. The contributors' license terms and conditions + and/or copyright notices are contained in the Source Code + distribution. + +3. Redistributions of the Software in binary form must reproduce the + Copyright Notice described below, these license terms and conditions, + and the disclaimer/limitation of liability set forth in paragraph + 6 below, in the documentation and/or other materials provided with + the binary distribution. For the purposes of binary distribution, + "Copyright Notice" refers to the following language: "Copyright (c) + 1998-2009 Sendmail, Inc. All rights reserved." + +4. Neither the name, trademark or logo of Sendmail, Inc. (including + without limitation its subsidiaries or affiliates) or its contributors + may be used to endorse or promote products, or software or services + derived from this Software without specific prior written permission. + The name "sendmail" is a registered trademark and service mark of + Sendmail, Inc. + +5. We reserve the right to cancel this license if you do not comply with + the terms. This license is governed by California law and both of us + agree that for any dispute arising out of or relating to this Software, + that jurisdiction and venue is proper in San Francisco or Alameda + counties. These license terms and conditions reflect the complete + agreement for the license of the Software (which means this supercedes + prior or contemporaneous agreements or representations). If any term + or condition under this license is found to be invalid, the remaining + terms and conditions still apply. + +6. Disclaimer/Limitation of Liability: THIS SOFTWARE IS PROVIDED BY + SENDMAIL AND ITS CONTRIBUTORS "AS IS" WITHOUT WARRANTY OF ANY KIND + AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + IMPLIED WARRANTIES OF MERCHANTABILITY, NON-INFRINGEMENT AND FITNESS FOR A + PARTICULAR PURPOSE ARE EXPRESSLY DISCLAIMED. IN NO EVENT SHALL SENDMAIL + OR ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED + TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, + OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY + OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING + WITHOUT LIMITATION NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE + USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. + +$Revision: 1.1 $ $Date: 2009/07/16 18:43:18 $ + +For file contrib/rddmarc/dmarcfail.py: + +# Copyright 2012, Taughannock Networks. All rights reserved. + +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions +# are met: + +# Redistributions of source code must retain the above copyright +# notice, this list of conditions and the following disclaimer. + +# Redistributions in binary form must reproduce the above copyright +# notice, this list of conditions and the following disclaimer in the +# documentation and/or other materials provided with the distribution. + +# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR +# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT +# HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, +# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, +# BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS +# OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED +# AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY +# WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +# POSSIBILITY OF SUCH DAMAGE. + --- opendmarc-1.3.1+dfsg.orig/debian/libopendmarc-dev.docs +++ opendmarc-1.3.1+dfsg/debian/libopendmarc-dev.docs @@ -0,0 +1 @@ +libopendmarc/docs --- opendmarc-1.3.1+dfsg.orig/debian/libopendmarc-dev.install +++ opendmarc-1.3.1+dfsg/debian/libopendmarc-dev.install @@ -0,0 +1,3 @@ +usr/include/opendmarc +usr/lib/libopendmarc*.a +usr/lib/libopendmarc*.so --- opendmarc-1.3.1+dfsg.orig/debian/libopendmarc2.install +++ opendmarc-1.3.1+dfsg/debian/libopendmarc2.install @@ -0,0 +1 @@ +usr/lib/libopendmarc.so.2* --- opendmarc-1.3.1+dfsg.orig/debian/libopendmarc2.symbols +++ opendmarc-1.3.1+dfsg/debian/libopendmarc2.symbols @@ -0,0 +1,73 @@ +libopendmarc.so.2 libopendmarc2 #MINVER# + dmarc_dns_get_record@Base 1.1.0~beta2 + dmarc_strlcat@Base 1.1.0~beta2 + dmarc_strlcpy@Base 1.1.0~beta2 + opendmarc_dns_fake_record@Base 1.1.0~beta2 + opendmarc_get_policy_to_enforce@Base 1.1.0~beta2 + opendmarc_get_tld@Base 1.1.0~beta2 + opendmarc_hash_drop@Base 1.1.0~beta2 + opendmarc_hash_expire@Base 1.1.0~beta2 + opendmarc_hash_init@Base 1.1.0~beta2 + opendmarc_hash_lookup@Base 1.1.0~beta2 + opendmarc_hash_set_callback@Base 1.1.0~beta2 + opendmarc_hash_shutdown@Base 1.1.0~beta2 + opendmarc_policy_check_alignment@Base 1.1.0~beta2 + opendmarc_policy_connect_clear@Base 1.1.0~beta2 + opendmarc_policy_connect_init@Base 1.1.0~beta2 + opendmarc_policy_connect_rset@Base 1.1.0~beta2 + opendmarc_policy_connect_shutdown@Base 1.1.0~beta2 + opendmarc_policy_fetch_adkim@Base 1.1.0~beta2 + opendmarc_policy_fetch_alignment@Base 1.1.0~beta2 + opendmarc_policy_fetch_aspf@Base 1.1.0~beta2 + opendmarc_policy_fetch_fo@Base 1.1.0~beta2 + opendmarc_policy_fetch_p@Base 1.1.0~beta2 + opendmarc_policy_fetch_pct@Base 1.1.0~beta2 + opendmarc_policy_fetch_rf@Base 1.1.0~beta2 + opendmarc_policy_fetch_rua@Base 1.1.0~beta2 + opendmarc_policy_fetch_ruf@Base 1.1.0~beta2 + opendmarc_policy_fetch_sp@Base 1.1.0~beta2 + opendmarc_policy_fetch_utilized_domain@Base 1.1.0~beta2 + opendmarc_policy_library_dns_hook@Base 1.1.0~beta2 + opendmarc_policy_library_init@Base 1.1.0~beta2 + opendmarc_policy_library_shutdown@Base 1.1.0~beta2 + opendmarc_policy_parse_dmarc@Base 1.1.0~beta2 + opendmarc_policy_query_dmarc@Base 1.1.0~beta2 + opendmarc_policy_query_dmarc_xdomain@Base 1.2.0~beta3+dfsg + opendmarc_policy_status_to_str@Base 1.1.0~beta2 + opendmarc_policy_store_dkim@Base 1.1.0~beta2 + opendmarc_policy_store_dmarc@Base 1.1.0~beta2 + opendmarc_policy_store_from_domain@Base 1.1.0~beta2 + opendmarc_policy_store_spf@Base 1.1.0~beta2 + opendmarc_policy_to_buf@Base 1.1.0~beta2 + opendmarc_reverse_domain@Base 1.1.0~beta2 + opendmarc_spf_alloc_ctx@Base 1.3.1+dfsg-2~ + opendmarc_spf_cidr_address@Base 1.3.1+dfsg-2~ + opendmarc_spf_dns_does_domain_exist@Base 1.3.1+dfsg-2~ + opendmarc_spf_dns_get_record@Base 1.3.1+dfsg-2~ + opendmarc_spf_dns_lookup_a@Base 1.3.1+dfsg-2~ + opendmarc_spf_dns_lookup_a_actual@Base 1.3.1+dfsg-2~ + opendmarc_spf_dns_lookup_mx@Base 1.3.1+dfsg-2~ + opendmarc_spf_dns_lookup_ptr@Base 1.3.1+dfsg-2~ + opendmarc_spf_free_ctx@Base 1.3.1+dfsg-2~ + opendmarc_spf_ipv6_cidr_check@Base 1.3.1+dfsg-2~ + opendmarc_spf_parse@Base 1.3.1+dfsg-2~ + opendmarc_spf_specify_helo_domain@Base 1.3.1+dfsg-2~ + opendmarc_spf_specify_ip_address@Base 1.3.1+dfsg-2~ + opendmarc_spf_specify_mailfrom@Base 1.3.1+dfsg-2~ + opendmarc_spf_specify_record@Base 1.3.1+dfsg-2~ + opendmarc_spf_status_to_msg@Base 1.3.1+dfsg-2~ + opendmarc_spf_status_to_pass@Base 1.3.1+dfsg-2~ + opendmarc_spf_subdomain@Base 1.3.1+dfsg-2~ + opendmarc_spf_test@Base 1.3.1+dfsg-2~ + opendmarc_tld_read_file@Base 1.1.0~beta2 + opendmarc_tld_shutdown@Base 1.1.0~beta2 + opendmarc_util_cleanup@Base 1.1.0~beta2 + opendmarc_util_clearargv@Base 1.1.0~beta2 + opendmarc_util_dupe_argv@Base 1.1.0~beta2 + opendmarc_util_finddomain@Base 1.1.0~beta2 + opendmarc_util_freenargv@Base 1.3.0~beta2 + opendmarc_util_pushargv@Base 1.1.0~beta2 + opendmarc_util_pushnargv@Base 1.3.0~beta2 + opendmarc_util_ultoa@Base 1.3.0~beta2 + opendmarc_xml@Base 1.1.0~beta2 + opendmarc_xml_parse@Base 1.1.0~beta2 --- opendmarc-1.3.1+dfsg.orig/debian/opendmarc.conf +++ opendmarc-1.3.1+dfsg/debian/opendmarc.conf @@ -0,0 +1,72 @@ +# This is a basic configuration that can easily be adapted to suit a standard +# installation. For more advanced options, see opendkim.conf(5) and/or +# /usr/share/doc/opendmarc/examples/opendmarc.conf.sample. + +## AuthservID (string) +## defaults to MTA name +# +# AuthservID name + +## FailureReports { true | false } +## default "false" +## +# FailureReports false + +PidFile /var/run/opendmarc.pid + +## RejectFailures { true | false } +## default "false" +## +RejectFailures false + +## Syslog { true | false } +## default "false" +## +## Log via calls to syslog(3) any interesting activity. +# +Syslog true + +## SyslogFacility facility-name +## default "mail" +## +## Log via calls to syslog(3) using the named facility. The facility names +## are the same as the ones allowed in syslog.conf(5). +# +# SyslogFacility mail + +## TrustedAuthservIDs string +## default HOSTNAME +## +## Specifies one or more "authserv-id" values to trust as relaying true +## upstream DKIM and SPF results. The default is to use the name of +## the MTA processing the message. To specify a list, separate each entry +## with a comma. The key word "HOSTNAME" will be replaced by the name of +## the host running the filter as reported by the gethostname(3) function. +# +# TrustedAuthservIDs HOSTNAME + + +## UMask mask +## default (none) +## +## Requests a specific permissions mask to be used for file creation. This +## only really applies to creation of the socket when Socket specifies a +## UNIX domain socket, and to the HistoryFile and PidFile (if any); temporary +## files are normally created by the mkstemp(3) function that enforces a +## specific file mode on creation regardless of the process umask. See +## umask(2) for more information. +# +UMask 0002 + +## UserID user[:group] +## default (none) +## +## Attempts to become the specified userid before starting operations. +## The process will be assigned all of the groups and primary group ID of +## the named userid unless an alternate group is specified. +# +UserID opendmarc:opendmarc + +## Path to system copy of PSL (needed to determine organizational domain) +# +PublicSuffixList /usr/share/publicsuffix/ --- opendmarc-1.3.1+dfsg.orig/debian/opendmarc.default +++ opendmarc-1.3.1+dfsg/debian/opendmarc.default @@ -0,0 +1,10 @@ +# Command-line options specified here will override the contents of +# /etc/opendmarc.conf. See opendmarc(8) for a complete list of options. +#DAEMON_OPTS="" +# +# Uncomment to specify an alternate socket +# Note that setting this will override any Socket value in opendkim.conf +#SOCKET="local:/var/run/opendmarc/opendmarc.sock" # default +#SOCKET="inet:54321" # listen on all interfaces on port 54321 +#SOCKET="inet:12345@localhost" # listen on loopback on port 12345 +#SOCKET="inet:12345@192.0.2.1" # listen on 192.0.2.1 on port 12345 --- opendmarc-1.3.1+dfsg.orig/debian/opendmarc.docs +++ opendmarc-1.3.1+dfsg/debian/opendmarc.docs @@ -0,0 +1,5 @@ +README +opendmarc/opendmarc.conf.sample +reports/mkdb.mysql +db/README.schema +db/schema.mysql --- opendmarc-1.3.1+dfsg.orig/debian/opendmarc.init +++ opendmarc-1.3.1+dfsg/debian/opendmarc.init @@ -0,0 +1,151 @@ +#! /bin/sh +# +### BEGIN INIT INFO +# Provides: opendmarc +# Required-Start: $syslog $time $local_fs $remote_fs $named $network +# Required-Stop: $syslog $time $local_fs $remote_fs +# Default-Start: 2 3 4 5 +# Default-Stop: 0 1 6 +# Short-Description: Start the OpenDMARC service +# Description: Enable DMAR verification and reporting provided by OpenDMARC +### END INIT INFO + +PATH=/sbin:/bin:/usr/sbin:/usr/bin +DAEMON=/usr/sbin/opendmarc +NAME=opendmarc +DESC="OpenDMARC" +RUNDIR=/var/run/$NAME +USER=opendmarc +GROUP=opendmarc +SOCKET=local:$RUNDIR/$NAME.sock +PIDFILE=$RUNDIR/$NAME.pid + +# How long to wait for the process to die on stop/restart +stoptimeout=5 + +test -x $DAEMON || exit 0 + +# Include LSB provided init functions +. /lib/lsb/init-functions + +# Include opendkim defaults if available +if [ -f /etc/default/opendmarc ] ; then + . /etc/default/opendmarc +fi + +if [ -f /etc/opendmarc.conf ]; then + CONFIG_SOCKET=`awk '$1 == "Socket" { print $2 }' /etc/opendmarc.conf` +fi + +# This can be set via Socket option in config file, so it's not required +if [ -n "$SOCKET" -a -z "$CONFIG_SOCKET" ]; then + DAEMON_OPTS="-p $SOCKET $DAEMON_OPTS" +fi + +DAEMON_OPTS="-c /etc/opendmarc.conf -u $USER -P $PIDFILE $DAEMON_OPTS" + +start() { + # Create the run directory if it doesn't exist + if [ ! -d "$RUNDIR" ]; then + install -o "$USER" -g "$GROUP" -m 755 -d "$RUNDIR" || return 2 + [ -x /sbin/restorecon ] && /sbin/restorecon "$RUNDIR" + fi + # Clean up stale sockets + if [ -f "$PIDFILE" ]; then + pid=`cat $PIDFILE` + if ! ps -C "$DAEMON" -s "$pid" >/dev/null; then + rm "$PIDFILE" + TMPSOCKET="" + if [ -n "$SOCKET" ]; then + TMPSOCKET="$SOCKET" + elif [ -n "$CONFIG_SOCKET" ]; then + TMPSOCKET="$CONFIG_SOCKET" + fi + if [ -n "$TMPSOCKET" ]; then + # UNIX sockets may be specified with or without the + # local: prefix; handle both + t=`echo $SOCKET | cut -d: -f1` + s=`echo $SOCKET | cut -d: -f2` + if [ -e "$s" -a -S "$s" ]; then + if [ "$t" = "$s" -o "$t" = "local" ]; then + rm "$s" + fi + fi + fi + fi + fi + start-stop-daemon --start --quiet --pidfile "$PIDFILE" --exec "$DAEMON" --test -- $DAEMON_OPTS || return 1 + start-stop-daemon --start --quiet --pidfile "$PIDFILE" --exec "$DAEMON" -- $DAEMON_OPTS || return 2 +} + +stop() { + start-stop-daemon --stop --retry "$stoptimeout" --exec "$DAEMON" + [ "$?" = 2 ] && return 2 +} + +reload() { + start-stop-daemon --stop --signal USR1 --exec "$DAEMON" +} + +status() { + local pidfile daemon name status + + pidfile= + OPTIND=1 + while getopts p: opt ; do + case "$opt" in + p) pidfile="$OPTARG";; + esac + done + shift $(($OPTIND - 1)) + + if [ -n "$pidfile" ]; then + pidfile="-p $pidfile" + fi + daemon="$1" + name="$2" + + status="0" + pidofproc $pidfile $daemon >/dev/null || status="$?" + if [ "$status" = 0 ]; then + log_success_msg "$name is running" + return 0 + else + log_failure_msg "$name is not running" + return $status + fi +} + +case "$1" in + start) + echo -n "Starting $DESC: " + start + echo "$NAME." + ;; + stop) + echo -n "Stopping $DESC: " + stop + echo "$NAME." + ;; + restart) + echo -n "Restarting $DESC: " + stop + start + echo "$NAME." + ;; + reload|force-reload) + echo -n "Restarting $DESC: " + reload + echo "$NAME." + ;; + status) + status $DAEMON $NAME + ;; + *) + N=/etc/init.d/$NAME + echo "Usage: $N {start|stop|restart|reload|force-reload|status}" >&2 + exit 1 + ;; +esac + +exit 0 --- opendmarc-1.3.1+dfsg.orig/debian/opendmarc.install +++ opendmarc-1.3.1+dfsg/debian/opendmarc.install @@ -0,0 +1,2 @@ +debian/tmp/usr/sbin/opendmarc* usr/sbin +debian/opendmarc.conf etc --- opendmarc-1.3.1+dfsg.orig/debian/opendmarc.manpages +++ opendmarc-1.3.1+dfsg/debian/opendmarc.manpages @@ -0,0 +1,2 @@ +debian/tmp/usr/share/man/man5/* +debian/tmp/usr/share/man/man8/* --- opendmarc-1.3.1+dfsg.orig/debian/opendmarc.postinst +++ opendmarc-1.3.1+dfsg/debian/opendmarc.postinst @@ -0,0 +1,18 @@ +#!/bin/sh + +set -e + +if [ "$1" = "configure" ]; then + if ! id -u opendmarc >/dev/null 2>&1; then + adduser --quiet --system --group --home /var/run/opendmarc opendmarc + fi + + # Set ownership if the admin has not overriden it. + if ! dpkg-statoverride --list /var/run/opendmarc >/dev/null; then + chown opendmarc:opendmarc /var/run/opendmarc + fi +fi + +#DEBHELPER# + +exit 0 --- opendmarc-1.3.1+dfsg.orig/debian/patches/fix-incompatible-pointer-type +++ opendmarc-1.3.1+dfsg/debian/patches/fix-incompatible-pointer-type @@ -0,0 +1,16 @@ +Patch thanks to Sebastian A. Siewior +https://sourceforge.net/p/opendmarc/tickets/115/ + +Index: opendmarc-1.3.1+dfsg/libopendmarc/opendmarc_dns.c +=================================================================== +--- opendmarc-1.3.1+dfsg.orig/libopendmarc/opendmarc_dns.c 2015-02-23 15:31:51.000000000 -0500 ++++ opendmarc-1.3.1+dfsg/libopendmarc/opendmarc_dns.c 2015-02-25 17:59:28.302473233 -0500 +@@ -217,7 +217,7 @@ + _res.options |= RES_USE_DNSSEC; + #endif + (void) opendmarc_policy_library_dns_hook(&_res.nscount, +- &_res.nsaddr_list); ++ _res.nsaddr_list); + answer_len = res_query(bp, C_IN, T_TXT, answer_buf, sizeof answer_buf); + #endif /* HAVE_RES_NINIT */ + if (answer_len < 0) --- opendmarc-1.3.1+dfsg.orig/debian/patches/fix-python-interpreter.diff +++ opendmarc-1.3.1+dfsg/debian/patches/fix-python-interpreter.diff @@ -0,0 +1,11 @@ +Does not need to be forwarded. Upstream uses FreeBSD. +Index: opendmarc-1.0.1+dfsg/contrib/rddmarc/dmarcfail.py +=================================================================== +--- opendmarc-1.0.1+dfsg.orig/contrib/rddmarc/dmarcfail.py 2012-11-18 00:08:28.105858463 -0500 ++++ opendmarc-1.0.1+dfsg/contrib/rddmarc/dmarcfail.py 2012-11-18 00:09:10.041857224 -0500 +@@ -1,4 +1,4 @@ +-#!/usr/local/bin/python ++#!/usr/bin/python + # $Header: /home/johnl/hack/dmarc/RCS/dmarcfail.py,v 1.1 2012/07/12 03:59:29 johnl Exp $ + # parse DMARC failure reports, add it to the mysql database + # optional arguments are names of files containing ARF messages, --- opendmarc-1.3.1+dfsg.orig/debian/patches/fix-resinit +++ opendmarc-1.3.1+dfsg/debian/patches/fix-resinit @@ -0,0 +1,24 @@ +Patch thanks to Sebastian A. Siewior + +linux / glibc have a "different" handling of res_ninit() +you need to include resolv.conf and then the header file redefines res_ninit to __res_ninit +that is why the configure check fails and this version works + +Index: opendmarc-1.3.1+dfsg/configure.ac +=================================================================== +--- opendmarc-1.3.1+dfsg.orig/configure.ac 2015-02-23 16:50:42.887242650 -0500 ++++ opendmarc-1.3.1+dfsg/configure.ac 2015-02-25 18:22:23.358531159 -0500 +@@ -123,9 +123,10 @@ + AC_CHECK_LIB(socket, connect) + AC_CHECK_LIB(resolv, hstrerror, , , [-lnsl -lsocket]) + AC_CHECK_LIB(resolv, inet_aton, , , [-lnsl -lsocket]) +-AC_SEARCH_LIBS(res_ninit, resolv, +- AC_DEFINE(HAVE_RES_NINIT, 1, +- [Define to 1 if you have the `res_ninit()' function.])) ++AC_TRY_LINK([#include ], ++ [res_ninit(NULL);], ++ AC_DEFINE(HAVE_RES_NINIT, 1, ++ [Define to 1 if you have the `res_ninit()' function.])) + AC_CHECK_LIB(idn, idn_free) + AC_CHECK_LIB(rt, nanosleep) + AC_SEARCH_LIBS(inet_addr, nsl) --- opendmarc-1.3.1+dfsg.orig/debian/patches/series +++ opendmarc-1.3.1+dfsg/debian/patches/series @@ -0,0 +1,3 @@ +fix-incompatible-pointer-type +#fix-resinit +fix-python-interpreter.diff --- opendmarc-1.3.1+dfsg.orig/debian/rddmarc.docs +++ opendmarc-1.3.1+dfsg/debian/rddmarc.docs @@ -0,0 +1,4 @@ +contrib/rddmarc/README.rddmarc +contrib/rddmarc/mkdmarc +contrib/rddmarc/rddmarc +contrib/rddmarc/dmarcfail.py --- opendmarc-1.3.1+dfsg.orig/debian/rules +++ opendmarc-1.3.1+dfsg/debian/rules @@ -0,0 +1,31 @@ +#!/usr/bin/make -f + +%: + dh $@ --with quilt, --with autoreconf --parallel + +# These are used for cross-compiling and for saving the configure script +# from having to guess our platform (since we know it already) +DEB_HOST_GNU_TYPE ?= $(shell dpkg-architecture -qDEB_HOST_GNU_TYPE) +DEB_BUILD_GNU_TYPE ?= $(shell dpkg-architecture -qDEB_BUILD_GNU_TYPE) +CROSS= --build $(DEB_BUILD_GNU_TYPE) --host $(DEB_HOST_GNU_TYPE) + +override_dh_auto_configure: + dh_testdir + ./configure $(CROSS) --prefix=/usr --mandir=\$${prefix}/share/man --infodir=\$${prefix}/share/info \ + --sysconfdir=/etc \ + CFLAGS="$(CFLAGS) $(CPPFLAGS)" \ + LDFLAGS="$(LDFLAGS) -lresolv -Wl,-z,defs -L/usr/lib/libmilter" \ + --enable-filter-tests \ + --with-spf \ + --with-spf2-include=\$${prefix}/include/spf2 \ + --with-spf2-lib=\$${prefix}/lib \ + --with-sql-backend + +override_dh_installchangelogs: + dh_installchangelogs RELEASE_NOTES + +override_dh_installdocs: + dh_installdocs + mkdir -p $(CURDIR)/debian/opendmarc/usr/share/doc/opendmarc + cp opendmarc/README $(CURDIR)/debian/opendmarc/usr/share/doc/opendmarc/README.opendmarc + --- opendmarc-1.3.1+dfsg.orig/debian/watch +++ opendmarc-1.3.1+dfsg/debian/watch @@ -0,0 +1,4 @@ +version=3 +opts=uversionmangle=s/\.(Beta\d*)$/~$1/,dversionmangle=s/\+dfsg\d*$// \ +https://qa.debian.org/cgi-bin/fakeupstream.cgi?upstream=sf/opendmarc \ +.*=opendmarc(?:[_\-]v?|)(\d[^\s/]*)\.(?:tar\.xz|txz|tar\.bz2|tbz2|tar\.gz|tgz)