Received: from mail.netbsd.org (mail.netbsd.org [204.152.190.11])
	by narn.NetBSD.org (Postfix) with ESMTP id 1C5BE63BFC7
	for <mhonarc+pkgsrc-changes@mail-index.netbsd.org>; Mon, 19 Jan 2009 23:24:31 +0000 (UTC)
Received: by mail.netbsd.org (Postfix, from userid 0)
	id C23A763B31B; Mon, 19 Jan 2009 23:24:30 +0000 (UTC)
Received: from cvs.netbsd.org (unknown [IPv6:2001:4f8:4:7:2e0:81ff:fe25:eab4])
	by mail.netbsd.org (Postfix) with ESMTP id C951863B31D
	for <pkgsrc-changes@NetBSD.org>; Mon, 19 Jan 2009 23:24:28 +0000 (UTC)
Received: by cvs.netbsd.org (Postfix, from userid 500)
	id BA072175D0; Mon, 19 Jan 2009 23:24:28 +0000 (UTC)
From: Adrian Portelli <adrianp@netbsd.org>
Subject: CVS commit: pkgsrc/mail/dkim-milter
To: pkgsrc-changes@NetBSD.org
Reply-To: adrianp@netbsd.org
Message-Id: <20090119232428.BA072175D0@cvs.netbsd.org>
Date: Mon, 19 Jan 2009 23:24:28 +0000 (UTC)
Sender: pkgsrc-changes-owner@NetBSD.org
List-Id: pkgsrc-changes
Precedence: list


Module Name:	pkgsrc
Committed By:	adrianp
Date:		Mon Jan 19 23:24:28 UTC 2009

Modified Files:
	pkgsrc/mail/dkim-milter: Makefile PLIST distinfo
	pkgsrc/mail/dkim-milter/patches: patch-aa

Log Message:
Update to 2.8.1

2.8.1		2009/01/16
	LIBDKIM: Fix bug #SF2508602: Add a translation string for
		DKIM_SIGERROR_KEYREVOKED and fix dkim_eom_verify() so it
		returns DKIM_STAT_REVOKED when appropriate.  Problem noted
		by Mike Markley of Bank of America.

2.8.0		2009/01/08
	Add configuration option "EnableCoredumps" which makes an explicit
		kernel request for cores on crashes.  Currently only meaningful
		on Linux.
	Add configuration option "AuthServID" which sets the "authserv-id"
		token to use when generating Authentication-Results header
		fields.
	Report "fail" instead of "hardfail" on authentication failures,
		in compliance with the Authentication-Results: draft.
	Add _FFR_REPORT_INTERVALS, experimental support for the "ri" tag
		extension to DKIM policy and key records for specifying
		reporting intervals.
	Feature request #SF1985886: Add _FFR_MULTIPLE_SIGNATURES, allowing
		one instance of the filter to add multiple signatures.
		Suggested by Dave Crocker.
	Add "TemporaryDirectory" configuration file option for requesting that
		libdkim use an alternate directory for creating temporary
		files, and "KeepTemporaryFiles" for requesting that libdkim
		not delete those files for debugging purposes.
	Add optional support for the "unbound" asynchronous resolver
		library as it is DNSSEC-aware.  Adds four new configuration
		file items: "BogusKey", "BogusPolicy", "InsecureKey" and
		"InsecurePolicy".  Also add dkim_sig_getdnssec()
		and dkim_policy_getdnssec() to libdkim so callers can tell
		what the DNSSEC evaluation result was for each query.
		Based on a patch from John Dickinson.
	Add "BaseDirectory" configuration file option for specifying
		the desired current directory of the process.
	Make use of the key and policy "rs" tag, if present, when doing
		SMTP rejections.
	Use MTA macro "$j" as the hostname in generated reports instead of
		the output of gethostname() since on some systems the latter
		may not be fully-qualified.
	Remove ANTICIPATE_SENDMAIL_MUNGE, replacing it with a runtime check
		for the milter v2 feature which suppresses the addition of
		spaces in headers.
	Add _FFR_COMMAIZE which attempts to predict the reformatting
		the MTA will do to certain header fields to reduce verification
		failures.
	Add _FFR_DKIM_REPUTATION enabling a function used to query
		an open DKIM reputation service regarding the signing user
		and signing domain.  The service's URL is
		http://www.dkim-reputation.org. (EXPERIMENTAL)
	Fix preloading of configuration defaults.
	Fix bug #SF2236040: Quote all of the POSIX regular expression special
		characters, not just some of them.  Reported by Mark Martinec.
	When possible, log the selector and domain of the signature evaluated
		along with any errors in the libcrypto stack.
	LIBDKIM: Add "smtpbuf", "smtplen" and "interval" parameters to
		dkim_sig_getreportinfo() and dkim_policy_getreportinfo().
		Also, remove the assertion that "addr" be non-NULL.
	LIBDKIM: Add DKIM_LIBFLAGS_ACCEPTDK which enables compatibility
		with DomainKeys-formatted key records.
	LIBDKIM: Adjust signature formatting for legibility.
	LIBDKIM: Check return status from dkim_canon_getfinal() to avoid
		bad dereferences.  Problem noted by Chris Behrens of
		Concentric Network Corporation.
	LIBDKIM: Render the DKIM handle unusable in dkim_eoh_sign() if a
		required header was absent.
	Activate _FFR_REQUIRED_HEADERS.

2.7.2		2008/09/02
	Avoid memory leaks and infinite loops when releasing thread-specific
		memory.  Reported by Jeff Earickson.

2.7.1		2008/08/27
	Set up required callbacks for OpenSSL thread-safety.  Problem
		noted by Zbigniew Szalbot.
	Disallow empty "t=" and "x=" tags.
	Return DKIM_STAT_KEYFAIL for various DNS key retrieval failures
		instead of DKIM_STAT_INTERNAL.

2.7.0		2008/07/23
	Update to draft-ietf-dkim-ssp-04.  In doing so, rename "ASPDiscard"
		to "ADSPDiscard", "ASPNoSuchDomain" to "ADSPNoSuchDomain"
		and "SendASPReports" to "SendADSPReports" in the configuration
		file.
	Feature request #29738: Add "TrustSignaturesFrom" configuration
		file item allowing fine-grained control over third-party
		signature handling.
	Feature request #SF2018848: Add "LocalADSP" feature allowing
		policy assertions from domains known to have specific policies
		but which don't publish ADSP records.  Suggested by
		Bruno Kraychete da Costa.
	LIBDKIM: Fix an off-by-one overrun check in key and policy record
		decoding.  Problem noted by John Dickinson.

2.6.0		2008/06/11
	Remove "signaturemissing" as an old-style configuration action
		as it has been superseded by "ASPDiscard" and related
		functions.
	Add "SendASPReports" configuration option which generates ASP failure
		reports if requested by the sending domain.
	Update report generation for verification failures to use the
		new Abuse Reporting Format (ARF) and DKIM Reporting
		draft proposals.
	Add "MustBeSigned" configuration option, requiring signatures to
		cover specific headers if present.
	Rename "UseASPDiscard" to "ASPDiscard".
	Add "ASPNoSuchDomain" configuration option which rejects mail that
		appears to come from nonexistent domains as reported by the
		Author Signing Practises check.
	Add "ReportAddress" configuration option, used for defining the
		From: header of reports mailed out.
	Yet another compatibility fix with respect to Sleepycat DB.
	Fix processing of "LogWhy" configuration parameter.  Problem noted
		by Erik Lotspeich.
	Add "-n" command line flag which parses the command line arguments
		and configuration file(s), then exits with an appropriate
		status code.
	Report DKIM and ASP results separately via the same
		Authentication-Results header field.  Previous versions would
		alter the DKIM result based on ASP.
	Fix bug #SF1976931: Restore function of "nosignature" old-style
		action configuration, connected to "AlwaysAddARHeader".
		Problem noted by Lucas Brasilino.
	Feature request #SF1940233: Add "DontSignMailTo" configuration option,
		allowing a list of recipient patterns whose mail should not
		be signed.  Requested by Don Hughes.
	LIBDKIM: Rename dkim_reportinfo() to dkim_sig_getreportinfo(),
		and add dkim_policy_getreportinfo().
	LIBDKIM: Add several more signature error codes covering various
		key-related errors.
	LIBDKIM: Add dkim_sig_hdrsigned() utility, DKIM_OPTS_MUSTBESIGNED
		option, and DKIM_SIGERROR_MBSFAILED error code.
	LIBDKIM: Fix a bug in the computation of the result for
		dkim_canon_minbody().
	LIBDKIM: Report corrupted base64 chunks instead of quietly
		tolerating them.
	LIBDKIM: Tidy up the cleanup code in dkim-canon.c.
	LIBDKIM: Properly handle "tag=" at the end of a data set (i.e.
		the tag exists and has an empty value).
	LIBDKIM: Use larger unsigned data types in dkim_sig_future() as
		was done elsewhere.
	LIBDKIM: Always populate a DKIM_SIGINFO with domain and selector
		before there's an opportunity for other parsing
		short-circuits.
	LIBDKIM: Fix bug #SF1984685: Remove the "margin" parameter from
		dkim_getsighdr(); make it controlled by a new function,
		dkim_set_margin(), so that the signed copy and the
		user-requested copy are identical.
	Activate _FFR_AUTHSERV_JOBID.

2.5.5		2008/04/25
	Fix bug #SF1947301: Close up a logic problem in "UseASPDiscard"
		handling which could cause false rejections of mail from
		domains advertising "discardable" policies.  Problem noted
		by Doug Kingston.
	LIBDKIM: Another compatibility fix with respect to Sleepycat DB.


To generate a diff of this commit:
cvs rdiff -r1.16 -r1.17 pkgsrc/mail/dkim-milter/Makefile
cvs rdiff -r1.8 -r1.9 pkgsrc/mail/dkim-milter/PLIST
cvs rdiff -r1.7 -r1.8 pkgsrc/mail/dkim-milter/distinfo
cvs rdiff -r1.5 -r1.6 pkgsrc/mail/dkim-milter/patches/patch-aa

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.