Now
MAIN commitmail json YAML
pkgsrc/mail/opendkim/Makefile@1.14
/
diff
pkgsrc/mail/opendkim/PLIST@1.9 / diff
pkgsrc/mail/opendkim/distinfo@1.11 / diff
pkgsrc/mail/opendkim/PLIST@1.9 / diff
pkgsrc/mail/opendkim/distinfo@1.11 / diff
2.8.3 2013/05/04
Log something when refusing to sign because the private key was too
small. This also adds a new "On-SignatureError" handler
setting, and a new status code DKIM_STAT_SIGGEN.
Fix application of "On-InternalError" setting.
Feature request #SF3609496: Don't apply reputation checks to internal
clients.
2.8.2 2013/03/27
Authentication-Results tokens should be checked without case
sensitivity.
Fix snprintf() arguments in dkimf_checkfsnode().
CONTRIB: Patch #SF3608716: Fixes to spec/opendkim.spec.in
2.8.1 2013/03/19
Fix bug #SF3607071: Report the reason why a key file is determined
to be unsafe.
Fix bug #SF3607072: When checking for key file safety, take any
"-u" value provided on the command line into account.
Fix bug #SF3608401: Solaris 10 doesn't have strsep().
BUILD: Fix build for versions of libdb between 3.1 and 4.6.
2.8.0 2013/02/25
Feature request #SF2964383: Add DKIM_LIBFLAGS_STRICTRESIGN, which
inhibits signing of a handle tagged for resigning when the
attached verifying handle had no valid signatures in it.
Feature request #SF3155117: Do a more thorough check for writeable
key files, checking more of the filesystem permission tree.
Feature request #SF3530734: Add "LDAPDisableCache", which suppresses
the creation of a local cache in front of LDAP queries.
Feature request #SF3547359: If compiled with libcurl, add "SMTPURI"
configuration option that allows direct SMTP transmission
failure reports.
Feature request #SF3578197: Allow per-message override of the list of
header fields to be signed.
Feature request #SF3590860: Combine collected reputation values into
an overall allowed rate under _FFR_REPRRD, as is done for the
other reputation code.
Feature request #SF3598991: Add odkim.signfor() function to the Lua
setup script.
Feature request #SF3599409: Modify dkimf_checkip() to try surrounding
the IP address part of every query with square brackets, which
is a common way to do IP address literals in email contexts.
Fix bug #SF3531477: Add (hopefully temporary) configuration option
"DisableCryptoInit" so that opendkim's initialization of the
crypto library doesn't conflict with the same work done by
other libraries.
Fix bug #SF3599901: Rename "InsecureKey" to "UnprotectedKey" and
"InsecurePolicy" to "UnprotectedPolicy", as the term "insecure"
in reference to a key is sometimes interpreted to mean "not
enough random bits" rather than as a keyword describing the
presence or absence of DNSSEC protection. What's logged in
Authentication-Results header fields has been similarly
modified.
Fix bug #SF3604525: Don't divide by zero when the query cache hasn't
been used.
Protect against handling of signatures with empty domains, which could
cause a NULL dereference and a crash.
Do ATPS checks when enabled even if ADSP is disabled.
Don't fail to start on empty or null configuration files.
Patch #SF3593422: Update for MDB 0.9.5 support.
LIBOPENDKIM: Fix header canonicalization when DKIM_LIBFLAG_FIXCRLF is
used in combination with dkim_chunk().
LIBOPENDKIM: Enable dkim_getcachestats() and the underlying function
to extract the current number of keys in the cache, and also
provide a counter reset mechanism.
BUILD: Feature request #SF3547151: Check for Lua package name variants
in use on Debian.
BUILD: Feature request #SF3599902: Change OpenSSL existence test
to help with Debian packaging.
BUILD: Add "--with-test-socket" to force all of the filter unit tests
to use a specific socket.
BUILD: Add checks for strlcat()/strlcpy() in libbsd.
CONTRIB: Fix bug #SF3575666: Pass pid file path to killproc.
CONTRIB: Add systemd directory.
CONTRIB: Split out initial key generation function from
contrib/init/redhat/opendkim.
MILTERTEST: Don't crash in mt_connect() if the socketspec doesn't
contain a colon.
MILTERTEST: When connect() fails for an AF_INET socket, it apparently
leaves the socket unusable. Discard the socket when that
happens and get a new one.
MILTERTEST: Add a way to extend the mt.connect() retry interval via
environment variables so a large test suite can be easily
extended on slow systems.
TOOLS: Register DNS functions before calling dkim_dns_init() in
opendkim-testkey.
TOOLS: Add "-K" (keep temporary files) flag for opendkim-testmsg
Log something when refusing to sign because the private key was too
small. This also adds a new "On-SignatureError" handler
setting, and a new status code DKIM_STAT_SIGGEN.
Fix application of "On-InternalError" setting.
Feature request #SF3609496: Don't apply reputation checks to internal
clients.
2.8.2 2013/03/27
Authentication-Results tokens should be checked without case
sensitivity.
Fix snprintf() arguments in dkimf_checkfsnode().
CONTRIB: Patch #SF3608716: Fixes to spec/opendkim.spec.in
2.8.1 2013/03/19
Fix bug #SF3607071: Report the reason why a key file is determined
to be unsafe.
Fix bug #SF3607072: When checking for key file safety, take any
"-u" value provided on the command line into account.
Fix bug #SF3608401: Solaris 10 doesn't have strsep().
BUILD: Fix build for versions of libdb between 3.1 and 4.6.
2.8.0 2013/02/25
Feature request #SF2964383: Add DKIM_LIBFLAGS_STRICTRESIGN, which
inhibits signing of a handle tagged for resigning when the
attached verifying handle had no valid signatures in it.
Feature request #SF3155117: Do a more thorough check for writeable
key files, checking more of the filesystem permission tree.
Feature request #SF3530734: Add "LDAPDisableCache", which suppresses
the creation of a local cache in front of LDAP queries.
Feature request #SF3547359: If compiled with libcurl, add "SMTPURI"
configuration option that allows direct SMTP transmission
failure reports.
Feature request #SF3578197: Allow per-message override of the list of
header fields to be signed.
Feature request #SF3590860: Combine collected reputation values into
an overall allowed rate under _FFR_REPRRD, as is done for the
other reputation code.
Feature request #SF3598991: Add odkim.signfor() function to the Lua
setup script.
Feature request #SF3599409: Modify dkimf_checkip() to try surrounding
the IP address part of every query with square brackets, which
is a common way to do IP address literals in email contexts.
Fix bug #SF3531477: Add (hopefully temporary) configuration option
"DisableCryptoInit" so that opendkim's initialization of the
crypto library doesn't conflict with the same work done by
other libraries.
Fix bug #SF3599901: Rename "InsecureKey" to "UnprotectedKey" and
"InsecurePolicy" to "UnprotectedPolicy", as the term "insecure"
in reference to a key is sometimes interpreted to mean "not
enough random bits" rather than as a keyword describing the
presence or absence of DNSSEC protection. What's logged in
Authentication-Results header fields has been similarly
modified.
Fix bug #SF3604525: Don't divide by zero when the query cache hasn't
been used.
Protect against handling of signatures with empty domains, which could
cause a NULL dereference and a crash.
Do ATPS checks when enabled even if ADSP is disabled.
Don't fail to start on empty or null configuration files.
Patch #SF3593422: Update for MDB 0.9.5 support.
LIBOPENDKIM: Fix header canonicalization when DKIM_LIBFLAG_FIXCRLF is
used in combination with dkim_chunk().
LIBOPENDKIM: Enable dkim_getcachestats() and the underlying function
to extract the current number of keys in the cache, and also
provide a counter reset mechanism.
BUILD: Feature request #SF3547151: Check for Lua package name variants
in use on Debian.
BUILD: Feature request #SF3599902: Change OpenSSL existence test
to help with Debian packaging.
BUILD: Add "--with-test-socket" to force all of the filter unit tests
to use a specific socket.
BUILD: Add checks for strlcat()/strlcpy() in libbsd.
CONTRIB: Fix bug #SF3575666: Pass pid file path to killproc.
CONTRIB: Add systemd directory.
CONTRIB: Split out initial key generation function from
contrib/init/redhat/opendkim.
MILTERTEST: Don't crash in mt_connect() if the socketspec doesn't
contain a colon.
MILTERTEST: When connect() fails for an AF_INET socket, it apparently
leaves the socket unusable. Discard the socket when that
happens and get a new one.
MILTERTEST: Add a way to extend the mt.connect() retry interval via
environment variables so a large test suite can be easily
extended on slow systems.
TOOLS: Register DNS functions before calling dkim_dns_init() in
opendkim-testkey.
TOOLS: Add "-K" (keep temporary files) flag for opendkim-testmsg