Content-Transfer-Encoding: 7bit
Content-Type: multipart/mixed; boundary="_----------=_1693746043142570"
MIME-Version: 1.0
Date: Sun, 3 Sep 2023 13:00:43 +0000
From: "Paolo Vincenzo Olivo" <vins@netbsd.org>
Subject: CVS commit: pkgsrc/mail/opensmtpd-filter-dkimsign
To: pkgsrc-changes@NetBSD.org
Approved: commit_and_comment
Reply-To: vins@netbsd.org
Message-Id: <20230903130043.67B33FBDB@cvs.NetBSD.org>

This is a multi-part message in MIME format.

--_----------=_1693746043142570
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
Content-Type: text/plain; charset="US-ASCII"

Module Name:	pkgsrc
Committed By:	vins
Date:		Sun Sep  3 13:00:43 UTC 2023

Added Files:
	pkgsrc/mail/opensmtpd-filter-dkimsign: DESCR Makefile PLIST distinfo
	pkgsrc/mail/opensmtpd-filter-dkimsign/files: README.dkim
	pkgsrc/mail/opensmtpd-filter-dkimsign/patches: patch-Makefile.gnu
	    patch-openbsd-compat_explicit__bzero.c

Log Message:
mail/opensmtpd-filter-dkimsign: import opensmtpd-filter-dkimsign-0.6

filter-dkim is an opensmtpd filter that signs email with a dkim
signature.


To generate a diff of this commit:
cvs rdiff -u -r0 -r1.1 pkgsrc/mail/opensmtpd-filter-dkimsign/DESCR \
    pkgsrc/mail/opensmtpd-filter-dkimsign/Makefile \
    pkgsrc/mail/opensmtpd-filter-dkimsign/PLIST \
    pkgsrc/mail/opensmtpd-filter-dkimsign/distinfo
cvs rdiff -u -r0 -r1.1 \
    pkgsrc/mail/opensmtpd-filter-dkimsign/files/README.dkim
cvs rdiff -u -r0 -r1.1 \
    pkgsrc/mail/opensmtpd-filter-dkimsign/patches/patch-Makefile.gnu \
    pkgsrc/mail/opensmtpd-filter-dkimsign/patches/patch-openbsd-compat_explicit__bzero.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.


--_----------=_1693746043142570
Content-Disposition: inline
Content-Length: 9798
Content-Transfer-Encoding: binary
Content-Type: text/x-diff; charset=us-ascii

Added files:

Index: pkgsrc/mail/opensmtpd-filter-dkimsign/DESCR
diff -u /dev/null pkgsrc/mail/opensmtpd-filter-dkimsign/DESCR:1.1
--- /dev/null	Sun Sep  3 13:00:43 2023
+++ pkgsrc/mail/opensmtpd-filter-dkimsign/DESCR	Sun Sep  3 13:00:42 2023
@@ -0,0 +1,2 @@
+filter-dkim is an opensmtpd filter that signs email with a dkim
+signature.
Index: pkgsrc/mail/opensmtpd-filter-dkimsign/Makefile
diff -u /dev/null pkgsrc/mail/opensmtpd-filter-dkimsign/Makefile:1.1
--- /dev/null	Sun Sep  3 13:00:43 2023
+++ pkgsrc/mail/opensmtpd-filter-dkimsign/Makefile	Sun Sep  3 13:00:42 2023
@@ -0,0 +1,74 @@
+# $NetBSD: Makefile,v 1.1 2023/09/03 13:00:42 vins Exp $
+
+DISTNAME=	filter-dkimsign-0.6
+PKGNAME=	${DISTNAME:S|^|opensmtpd-|}
+CATEGORIES=	mail
+MASTER_SITES=	https://imperialat.at/releases/
+
+MAINTAINER=	vins@NetBSD.org
+HOMEPAGE=	https://imperialat.at/releases/
+COMMENT=	OpenSMTPD filter integration for signing mail with DKIM
+LICENSE=	isc
+
+USE_TOOLS+=	gmake
+
+DEPENDS+=	opensmtpd-[0-9]*:../../mail/opensmtpd
+
+CFLAGS.NetBSD+=	-D_OPENBSD_SOURCE   # strtonum()
+
+LD_ADD=		-lcrypto -lopensmtpd
+LDFLAGS+=	${COMPILER_RPATH_FLAG}${SSLBASE}/lib -L${SSLBASE}/lib
+LDFLAGS+=	${COMPILER_RPATH_FLAG}${BUILDLINK_PREFIX.libopensmtpd}/lib
+LDFLAGS+=	-L${BUILDLINK_PREFIX.libopensmtpd}/lib ${LD_ADD}
+
+PKG_GROUPS=		_dkimsign
+PKG_USERS=		_dkimsign:_dkimsign
+PKG_GECOS._smtpd=	OpenSMTPD DKIM signer
+PKG_HOME._smtpd=	${SMTPD_HOME}
+
+OWN_DIRS+=	${PKG_SYSCONFDIR}/smtpd/dkim
+
+SUBST_CLASSES+=		prefix
+SUBST_STAGE.prefix=	pre-configure
+SUBST_FILES.prefix=	README.dkim
+SUBST_VARS.prefix=	PKG_SYSCONFDIR PREFIX
+SUBST_MESSAGE.prefix=	Replacing pkgsrc placeholders.
+
+MAKE_FILE=	Makefile.gnu
+MAKE_ENV+=	LOCALBASE=${PREFIX:Q}
+MAKE_ENV+=	MANDIR=${PREFIX}/${PKGMANDIR}/man3
+MAKE_ENV+=	MANFORMAT=man
+MAKE_ENV+=	HAVE_ED25519=1
+
+.include "../../mk/bsd.prefs.mk"
+
+.if ${OPSYS} != "OpenBSD"
+MAKE_ENV+=	NEED_PLEDGE=1
+.  if ${OPSYS} == "SunOS" && ${OPSYS_VERSION} >= 051100
+MAKE_ENV+=	NEED_RECALLOCARRAY=0
+.  else
+MAKE_ENV+=	NEED_RECALLOCARRAY=1
+.  endif
+.endif
+
+MAKE_ENV.NetBSD+=	NEED_EXPLICIT_BZERO=1
+MAKE_ENV.Darwin+=	NEED_STRTONUM=1
+MAKE_ENV.Linux+=	NEED_STRLCAT=1
+MAKE_ENV.Linux+=	NEED_STRLCPY=1
+MAKE_ENV.Linux+=	NEED_STRTONUM=1
+
+
+INSTALL_ENV=		INSTALL=${INSTALL:Q}
+INSTALLATION_DIRS+=	libexec/opensmtpd ${PKGMANDIR}/man8
+INSTALLATION_DIRS+=	share/doc/opensmtpd/filters
+
+post-extract:
+	${RUN}${CP} ${FILESDIR}/README.dkim ${WRKSRC}
+
+post-install:
+	${INSTALL_DATA} ${WRKSRC}/README.dkim	\
+		${DESTDIR}${PREFIX}/share/doc/opensmtpd/filters
+
+.include "../../devel/libopensmtpd/buildlink3.mk"
+.include "../../security/openssl/buildlink3.mk"
+.include "../../mk/bsd.pkg.mk"
Index: pkgsrc/mail/opensmtpd-filter-dkimsign/PLIST
diff -u /dev/null pkgsrc/mail/opensmtpd-filter-dkimsign/PLIST:1.1
--- /dev/null	Sun Sep  3 13:00:43 2023
+++ pkgsrc/mail/opensmtpd-filter-dkimsign/PLIST	Sun Sep  3 13:00:42 2023
@@ -0,0 +1,4 @@
+@comment $NetBSD: PLIST,v 1.1 2023/09/03 13:00:42 vins Exp $
+libexec/opensmtpd/filter-dkimsign
+man/man8/filter-dkimsign.8
+share/doc/opensmtpd/filters/README.dkim
Index: pkgsrc/mail/opensmtpd-filter-dkimsign/distinfo
diff -u /dev/null pkgsrc/mail/opensmtpd-filter-dkimsign/distinfo:1.1
--- /dev/null	Sun Sep  3 13:00:43 2023
+++ pkgsrc/mail/opensmtpd-filter-dkimsign/distinfo	Sun Sep  3 13:00:42 2023
@@ -0,0 +1,7 @@
+$NetBSD: distinfo,v 1.1 2023/09/03 13:00:42 vins Exp $
+
+BLAKE2s (filter-dkimsign-0.6.tar.gz) = 3cd58fa566252d49330a500c7a81af9a4e479faa083fb09fd972326df588aaab
+SHA512 (filter-dkimsign-0.6.tar.gz) = 1efab386a020c6a3cbf6059ce0feea539fa62be0990fd8538c4b152fa0c302d7bfffa7c7bb74643c25e47c20250f600f1371d2725dc3178ad103ce585530c0ce
+Size (filter-dkimsign-0.6.tar.gz) = 24163 bytes
+SHA1 (patch-Makefile.gnu) = aafeedae76d938ed769442059d16848bfa0c4de5
+SHA1 (patch-openbsd-compat_explicit__bzero.c) = 77f4725a1bf4b8fc7f4040755e9f0b61db6b19e6

Index: pkgsrc/mail/opensmtpd-filter-dkimsign/files/README.dkim
diff -u /dev/null pkgsrc/mail/opensmtpd-filter-dkimsign/files/README.dkim:1.1
--- /dev/null	Sun Sep  3 13:00:43 2023
+++ pkgsrc/mail/opensmtpd-filter-dkimsign/files/README.dkim	Sun Sep  3 13:00:43 2023
@@ -0,0 +1,50 @@
++-----------------------------------------------------------------------
+| DKIM filter setup
++-----------------------------------------------------------------------
+
+To use filter-dkimsign, you must first generate a private key:
+
+  doas -u _dkimsign openssl genrsa -out @PKG_SYSCONFDIR@/smtpd/dkim/private.rsa.key 2048
+
+To generate the public key ready for dns:
+
+  openssl rsa -in @PKG_SYSCONFDIR@/smtpd/dkim/private.rsa.key -pubout | \
+    sed '1s/.*/v=DKIM1;p=/;:nl;${s/-----.*//;q;};N;s/\n//g;b nl;'
+
+This value needs to be placed in a DNS txt record with the following syntax:
+   <selector>._domainkey.<domain>
+
+Edit the @PKG_SYSCONFDIR@/smtpd.conf file to declare the filter:
+
+  filter "dkimsign_rsa" \
+	proc-exec "@PREFIX@/libexec/opensmtpd/filter-dkimsign -d <domain> -s <selector> \
+	-k @PKG_SYSCONFDIR@/smtpd/dkim/private.rsa.key" user _dkimsign group _dkimsign
+
+Then add the filter to each listener that should be signed:
+
+  listen on all filter dkimsign_rsa
+
+-----------------------------------------------------------------------
+
+To use Ed25519 similar steps must be taken.
+
+To generate the private key:
+
+  doas -u _dkimsign openssl genpkey -algorithm ed25519 -outform PEM -out @PKG_SYSCONFDIR@/smtpd/dkim/private.ed25519.key
+
+To generate the public key ready for dns:
+
+  printf "v=DKIM1;k=ed25519;p=%s\n" "$(doas -u _dkimsign openssl pkey -outform DER -pubout -in @PKG_SYSCONFDIR@/smtpd/dkim/private.ed25519.key | tail -c +13 | openssl base64)"
+
+Edit the @PKG_SYSCONFDIR@/smtpd/smtpd.conf file to declare the filter:
+
+  filter "dkimsign_ed25519" \
+	proc-exec "@PREFIX@/libexec/opensmtpd/filter-dkimsign -a ed25519-sha256 -d <domain> -s <selector> \
+	-k @PKG_SYSCONFDIR@/smtpd/dkim/private.ed25519.key" user _dkimsign group _dkimsign
+
+To add both filters to each listener that should be signed:
+
+  filter dkimsign chain { dkimsign_rsa, dkimsign_ed25519 }
+  listen on all filter dkimsign
+
+For a full list of options see filter-dkimsign(8).

Index: pkgsrc/mail/opensmtpd-filter-dkimsign/patches/patch-Makefile.gnu
diff -u /dev/null pkgsrc/mail/opensmtpd-filter-dkimsign/patches/patch-Makefile.gnu:1.1
--- /dev/null	Sun Sep  3 13:00:43 2023
+++ pkgsrc/mail/opensmtpd-filter-dkimsign/patches/patch-Makefile.gnu	Sun Sep  3 13:00:43 2023
@@ -0,0 +1,87 @@
+$NetBSD: patch-Makefile.gnu,v 1.1 2023/09/03 13:00:43 vins Exp $
+
+Portability fixes for pkgsc.
+
+--- Makefile.gnu.orig	2021-06-02 10:12:42.000000000 +0000
++++ Makefile.gnu
+@@ -3,28 +3,15 @@ LOCALBASE?=	/usr/
+ PROG=		filter-dkimsign
+ MAN=		filter-dkimsign.8
+ BINDIR=		${LOCALBASE}/libexec/opensmtpd/
+-MANDIR=		${LOCALBASE}/share/man/man8
++MANDIR=		${LOCALBASE}/man/man8
+ 
+ SRCS+=		main.c mheader.c
+ 
+ ifdef HAVE_ED25519
+ CFLAGS+=	-DHAVE_ED25519
+ endif
+-ifdef LIBCRYPTOPC
+-CRYPT_CFLAGS!=	pkg-config --cflags ${LIBCRYPTOPC}
+-CRYPT_LDFLAGS_L!=pkg-config --libs-only-L ${LIBCRYPTOPC}
+-CRYPT_LDFLAGS_libdir!=pkg-config --variable libdir ${LIBCRYPTOPC}
+-CRYPT_LDFLAGS=	${CRYPT_LDFLAGS_L}
+-CRYPT_LDFLAGS+=	-Wl,-rpath,${CRYPT_LDFLAGS_libdir}
+-CRYPT_LDADD!=	pkg-config --libs-only-l ${LIBCRYPTOPC}
+-else
+-CRYPT_CFLAGS=
+-CRYPT_LDFLAGS=
+-CRYPT_LDADD=	-lcrypto
+-endif
+ 
+-CFLAGS+=	-I${LOCALBASE}/include
+-CFLAGS+=	-Wall -I${.CURDIR}
++CFLAGS+=	-Wall
+ CFLAGS+=	-Wstrict-prototypes -Wmissing-prototypes
+ CFLAGS+=	-Wmissing-declarations
+ CFLAGS+=	-Wshadow -Wpointer-arith -Wcast-qual
+@@ -32,27 +19,10 @@ CFLAGS+=	-Wsign-compare
+ CFLAGS+=	${CRYPT_CFLAGS}
+ CFLAGS+=	-I${CURDIR} -I${CURDIR}/openbsd-compat/
+ 
+-LDFLAGS+=	-L${LOCALBASE}/lib
+-LDFLAGS+=	${CRYPT_LDFLAGS}
+-LDADD+=		${CRYPT_LDADD} -lopensmtpd
+-
+ INSTALL?=	install
+ 
+-NEED_REALLOCARRAY?=	1
+-NEED_RECALLOCARRAY?=	1
+-NEED_STRLCAT?=		1
+-NEED_STRTONUM?=		1
+-NEED_PLEDGE?=		1
+-
+ MANFORMAT?=		mangz
+ 
+-BINOWN?=	root
+-BINGRP?=	root
+-BINPERM?=	755
+-MANOWN?=	root
+-MANGRP?=	root
+-MANPERM?=	644
+-
+ ifeq (${MANFORMAT}, mangz)
+ TARGET_MAN=		${MAN}.gz
+ CLEANFILES+=		${TARGET_MAN}
+@@ -62,6 +32,13 @@ else
+ TARGET_MAN=		${MAN}
+ endif
+ 
++ifeq (${NEED_EXPLICIT_BZERO}, 1)
++SRCS+=		${CURDIR}/openbsd-compat/explicit_bzero.c
++CFLAGS+=	-DNEED_EXPLICIT_BZERO=1
++
++explicit_bzero.o: ${CURDIR}/openbsd-compat/explicit_bzero.c
++	${CC} ${CFLAGS} -c -o explicit_bzero.o ${CURDIR}/openbsd-compat/explicit_bzero.c
++endif
+ ifeq (${NEED_REALLOCARRAY}, 1)
+ SRCS+=		${CURDIR}/openbsd-compat/reallocarray.c
+ CFLAGS+=	-DNEED_REALLOCARRAY=1
+@@ -115,5 +92,5 @@ clean:
+ 
+ .PHONY: install
+ install: ${PROG}
+-	${INSTALL} -D -o ${BINOWN} -g ${BINGRP} -m ${BINPERM} ${PROG} ${DESTDIR}${BINDIR}/${PROG}
+-	${INSTALL} -D -o ${MANOWN} -g ${MANGRP} -m ${MANPERM} ${TARGET_MAN} ${DESTDIR}${MANDIR}/${TARGET_MAN}
++	${BSD_INSTALL_PROGRAM} ${PROG} ${DESTDIR}${BINDIR}/${PROG}
++	${BSD_INSTALL_MAN} ${TARGET_MAN} ${DESTDIR}${MANDIR}/${TARGET_MAN}
Index: pkgsrc/mail/opensmtpd-filter-dkimsign/patches/patch-openbsd-compat_explicit__bzero.c
diff -u /dev/null pkgsrc/mail/opensmtpd-filter-dkimsign/patches/patch-openbsd-compat_explicit__bzero.c:1.1
--- /dev/null	Sun Sep  3 13:00:43 2023
+++ pkgsrc/mail/opensmtpd-filter-dkimsign/patches/patch-openbsd-compat_explicit__bzero.c	Sun Sep  3 13:00:43 2023
@@ -0,0 +1,16 @@
+$NetBSD: patch-openbsd-compat_explicit__bzero.c,v 1.1 2023/09/03 13:00:43 vins Exp $
+
+Use explicit_memset() on NetBSD. 
+
+--- openbsd-compat/explicit_bzero.c.orig	2019-11-14 18:23:50.000000000 +0000
++++ openbsd-compat/explicit_bzero.c
+@@ -11,5 +11,9 @@
+ void
+ explicit_bzero(void *buf, size_t len)
+ {
++#if defined(__NetBSD__)
++	explicit_memset(buf, 0, len);
++#else
+ 	memset(buf, 0, len);
++#endif
+ }


--_----------=_1693746043142570--