webbuilder_pel7ppc64lebuilder0
1 year ago
10 changed files with 812 additions and 0 deletions
@ -0,0 +1,271 @@ |
|||||||
|
From b15794f391547a983c64afed029a883fed3c3c1c Mon Sep 17 00:00:00 2001 |
||||||
|
From: Matt Domsch <matt@domsch.com> |
||||||
|
Date: Sat, 25 Apr 2020 23:04:38 -0500 |
||||||
|
Subject: [PATCH] support for lua 5.3 |
||||||
|
|
||||||
|
--- |
||||||
|
miltertest/miltertest.c | 14 +++---- |
||||||
|
opendkim/opendkim-lua.c | 82 +++++++++++++++++++++++++---------------- |
||||||
|
2 files changed, 58 insertions(+), 38 deletions(-) |
||||||
|
|
||||||
|
diff --git a/miltertest/miltertest.c b/miltertest/miltertest.c |
||||||
|
index 04e50c04..37dc601d 100644 |
||||||
|
--- a/miltertest/miltertest.c |
||||||
|
+++ b/miltertest/miltertest.c |
||||||
|
@@ -4009,12 +4009,12 @@ main(int argc, char **argv) |
||||||
|
} |
||||||
|
|
||||||
|
/* register functions */ |
||||||
|
-#if LUA_VERSION_NUM == 502 |
||||||
|
- luaL_newlib(l, mt_library); |
||||||
|
+#if LUA_VERSION_NUM >= 502 |
||||||
|
+ luaL_newlib(l, mt_library); |
||||||
|
lua_setglobal(l, "mt"); |
||||||
|
-#else /* LUA_VERSION_NUM == 502 */ |
||||||
|
+#else /* LUA_VERSION_NUM >= 502 */ |
||||||
|
luaL_register(l, "mt", mt_library); |
||||||
|
-#endif /* LUA_VERSION_NUM == 502 */ |
||||||
|
+#endif /* LUA_VERSION_NUM >= 502 */ |
||||||
|
lua_pop(l, 1); |
||||||
|
|
||||||
|
/* register constants */ |
||||||
|
@@ -4163,13 +4163,13 @@ main(int argc, char **argv) |
||||||
|
lua_setglobal(l, "SMFIF_SETSYMLIST"); |
||||||
|
#endif /* SMFIF_SETSYMLIST */ |
||||||
|
|
||||||
|
-#if LUA_VERSION_NUM == 502 |
||||||
|
+#if LUA_VERSION_NUM >= 502 |
||||||
|
switch (lua_load(l, mt_lua_reader, (void *) &io, |
||||||
|
script == NULL ? "(stdin)" : script, NULL)) |
||||||
|
-#else /* LUA_VERSION_NUM == 502 */ |
||||||
|
+#else /* LUA_VERSION_NUM >= 502 */ |
||||||
|
switch (lua_load(l, mt_lua_reader, (void *) &io, |
||||||
|
script == NULL ? "(stdin)" : script)) |
||||||
|
-#endif /* LUA_VERSION_NUM == 502 */ |
||||||
|
+#endif /* LUA_VERSION_NUM >= 502 */ |
||||||
|
{ |
||||||
|
case 0: |
||||||
|
break; |
||||||
|
diff --git a/opendkim/opendkim-lua.c b/opendkim/opendkim-lua.c |
||||||
|
index 4720862c..3786aa4b 100644 |
||||||
|
--- a/opendkim/opendkim-lua.c |
||||||
|
+++ b/opendkim/opendkim-lua.c |
||||||
|
@@ -285,11 +285,11 @@ dkimf_lua_alloc(void *ud, void *ptr, size_t osize, size_t nsize) |
||||||
|
free(ptr); |
||||||
|
return NULL; |
||||||
|
} |
||||||
|
-# if LUA_VERSION_NUM == 502 |
||||||
|
+# if LUA_VERSION_NUM >= 502 |
||||||
|
else if (nsize != 0 && ptr == NULL) |
||||||
|
-# else /* LUA_VERSION_NUM == 502 */ |
||||||
|
+# else /* LUA_VERSION_NUM >= 502 */ |
||||||
|
else if (nsize != 0 && osize == 0) |
||||||
|
-# endif /* LUA_VERSION_NUM == 502 */ |
||||||
|
+# endif /* LUA_VERSION_NUM >= 502 */ |
||||||
|
{ |
||||||
|
return malloc(nsize); |
||||||
|
} |
||||||
|
@@ -485,12 +485,12 @@ dkimf_lua_setup_hook(void *ctx, const char *script, size_t scriptlen, |
||||||
|
** Register functions. |
||||||
|
*/ |
||||||
|
|
||||||
|
-# if LUA_VERSION_NUM == 502 |
||||||
|
+# if LUA_VERSION_NUM >= 502 |
||||||
|
luaL_newlib(l, dkimf_lua_lib_setup); |
||||||
|
lua_setglobal(l, "odkim"); |
||||||
|
-# else /* LUA_VERSION_NUM == 502 */ |
||||||
|
+# else /* LUA_VERSION_NUM >= 502 */ |
||||||
|
luaL_register(l, "odkim", dkimf_lua_lib_setup); |
||||||
|
-# endif /* LUA_VERSION_NUM == 502 */ |
||||||
|
+# endif /* LUA_VERSION_NUM >= 502 */ |
||||||
|
lua_pop(l, 1); |
||||||
|
|
||||||
|
/* |
||||||
|
@@ -532,11 +532,11 @@ dkimf_lua_setup_hook(void *ctx, const char *script, size_t scriptlen, |
||||||
|
/* import other globals */ |
||||||
|
dkimf_import_globals(ctx, l); |
||||||
|
|
||||||
|
-# if LUA_VERSION_NUM == 502 |
||||||
|
+# if LUA_VERSION_NUM >= 502 |
||||||
|
switch (lua_load(l, dkimf_lua_reader, (void *) &io, name, NULL)) |
||||||
|
-# else /* LUA_VERSION_NUM == 502 */ |
||||||
|
+# else /* LUA_VERSION_NUM >= 502 */ |
||||||
|
switch (lua_load(l, dkimf_lua_reader, (void *) &io, name)) |
||||||
|
-# endif /* LUA_VERSION_NUM == 502 */ |
||||||
|
+# endif /* LUA_VERSION_NUM >= 502 */ |
||||||
|
{ |
||||||
|
case 0: |
||||||
|
break; |
||||||
|
@@ -564,8 +564,12 @@ dkimf_lua_setup_hook(void *ctx, const char *script, size_t scriptlen, |
||||||
|
io.lua_io_len = 0; |
||||||
|
io.lua_io_alloc = 0; |
||||||
|
|
||||||
|
+#if LUA_VERSION_NUM >= 503 |
||||||
|
+ if (lua_dump(l, dkimf_lua_writer, &io, 0) == 0) |
||||||
|
+#else |
||||||
|
if (lua_dump(l, dkimf_lua_writer, &io) == 0) |
||||||
|
- { |
||||||
|
+#endif |
||||||
|
+ { |
||||||
|
*keep = (void *) io.lua_io_script; |
||||||
|
*funclen = io.lua_io_len; |
||||||
|
} |
||||||
|
@@ -640,12 +644,12 @@ dkimf_lua_screen_hook(void *ctx, const char *script, size_t scriptlen, |
||||||
|
** Register functions. |
||||||
|
*/ |
||||||
|
|
||||||
|
-# if LUA_VERSION_NUM == 502 |
||||||
|
+# if LUA_VERSION_NUM >= 502 |
||||||
|
luaL_newlib(l, dkimf_lua_lib_screen); |
||||||
|
lua_setglobal(l, "odkim"); |
||||||
|
-# else /* LUA_VERSION_NUM == 502 */ |
||||||
|
+# else /* LUA_VERSION_NUM >= 502 */ |
||||||
|
luaL_register(l, "odkim", dkimf_lua_lib_screen); |
||||||
|
-# endif /* LUA_VERSION_NUM == 502 */ |
||||||
|
+# endif /* LUA_VERSION_NUM >= 502 */ |
||||||
|
lua_pop(l, 1); |
||||||
|
|
||||||
|
/* |
||||||
|
@@ -677,11 +681,11 @@ dkimf_lua_screen_hook(void *ctx, const char *script, size_t scriptlen, |
||||||
|
/* import other globals */ |
||||||
|
dkimf_import_globals(ctx, l); |
||||||
|
|
||||||
|
-# if LUA_VERSION_NUM == 502 |
||||||
|
+# if LUA_VERSION_NUM >= 502 |
||||||
|
switch (lua_load(l, dkimf_lua_reader, (void *) &io, name, NULL)) |
||||||
|
-# else /* LUA_VERSION_NUM == 502 */ |
||||||
|
+# else /* LUA_VERSION_NUM >= 502 */ |
||||||
|
switch (lua_load(l, dkimf_lua_reader, (void *) &io, name)) |
||||||
|
-# endif /* LUA_VERSION_NUM == 502 */ |
||||||
|
+# endif /* LUA_VERSION_NUM >= 502 */ |
||||||
|
{ |
||||||
|
case 0: |
||||||
|
break; |
||||||
|
@@ -709,7 +713,11 @@ dkimf_lua_screen_hook(void *ctx, const char *script, size_t scriptlen, |
||||||
|
io.lua_io_len = 0; |
||||||
|
io.lua_io_alloc = 0; |
||||||
|
|
||||||
|
+#if LUA_VERSION_NUM >= 503 |
||||||
|
+ if (lua_dump(l, dkimf_lua_writer, &io, 0) == 0) |
||||||
|
+#else |
||||||
|
if (lua_dump(l, dkimf_lua_writer, &io) == 0) |
||||||
|
+#endif |
||||||
|
{ |
||||||
|
*keep = (void *) io.lua_io_script; |
||||||
|
*funclen = io.lua_io_len; |
||||||
|
@@ -785,12 +793,12 @@ dkimf_lua_stats_hook(void *ctx, const char *script, size_t scriptlen, |
||||||
|
** Register functions. |
||||||
|
*/ |
||||||
|
|
||||||
|
-# if LUA_VERSION_NUM == 502 |
||||||
|
+# if LUA_VERSION_NUM >= 502 |
||||||
|
luaL_newlib(l, dkimf_lua_lib_stats); |
||||||
|
lua_setglobal(l, "odkim"); |
||||||
|
-# else /* LUA_VERSION_NUM == 502 */ |
||||||
|
+# else /* LUA_VERSION_NUM >= 502 */ |
||||||
|
luaL_register(l, "odkim", dkimf_lua_lib_stats); |
||||||
|
-# endif /* LUA_VERSION_NUM == 502 */ |
||||||
|
+# endif /* LUA_VERSION_NUM >= 502 */ |
||||||
|
lua_pop(l, 1); |
||||||
|
|
||||||
|
/* |
||||||
|
@@ -914,11 +922,11 @@ dkimf_lua_stats_hook(void *ctx, const char *script, size_t scriptlen, |
||||||
|
/* import other globals */ |
||||||
|
dkimf_import_globals(ctx, l); |
||||||
|
|
||||||
|
-# if LUA_VERSION_NUM == 502 |
||||||
|
+# if LUA_VERSION_NUM >= 502 |
||||||
|
switch (lua_load(l, dkimf_lua_reader, (void *) &io, name, NULL)) |
||||||
|
-# else /* LUA_VERSION_NUM == 502 */ |
||||||
|
+# else /* LUA_VERSION_NUM >= 502 */ |
||||||
|
switch (lua_load(l, dkimf_lua_reader, (void *) &io, name)) |
||||||
|
-# endif /* LUA_VERSION_NUM == 502 */ |
||||||
|
+# endif /* LUA_VERSION_NUM >= 502 */ |
||||||
|
{ |
||||||
|
case 0: |
||||||
|
break; |
||||||
|
@@ -946,7 +954,11 @@ dkimf_lua_stats_hook(void *ctx, const char *script, size_t scriptlen, |
||||||
|
io.lua_io_len = 0; |
||||||
|
io.lua_io_alloc = 0; |
||||||
|
|
||||||
|
+#if LUA_VERSION_NUM >= 503 |
||||||
|
+ if (lua_dump(l, dkimf_lua_writer, &io, 0) == 0) |
||||||
|
+#else |
||||||
|
if (lua_dump(l, dkimf_lua_writer, &io) == 0) |
||||||
|
+#endif |
||||||
|
{ |
||||||
|
*keep = (void *) io.lua_io_script; |
||||||
|
*funclen = io.lua_io_len; |
||||||
|
@@ -1022,12 +1034,12 @@ dkimf_lua_final_hook(void *ctx, const char *script, size_t scriptlen, |
||||||
|
** Register functions. |
||||||
|
*/ |
||||||
|
|
||||||
|
-# if LUA_VERSION_NUM == 502 |
||||||
|
+# if LUA_VERSION_NUM >= 502 |
||||||
|
luaL_newlib(l, dkimf_lua_lib_final); |
||||||
|
lua_setglobal(l, "odkim"); |
||||||
|
-# else /* LUA_VERSION_NUM == 502 */ |
||||||
|
+# else /* LUA_VERSION_NUM >= 502 */ |
||||||
|
luaL_register(l, "odkim", dkimf_lua_lib_final); |
||||||
|
-# endif /* LUA_VERSION_NUM == 502 */ |
||||||
|
+# endif /* LUA_VERSION_NUM >= 502 */ |
||||||
|
lua_pop(l, 1); |
||||||
|
|
||||||
|
/* |
||||||
|
@@ -1151,11 +1163,11 @@ dkimf_lua_final_hook(void *ctx, const char *script, size_t scriptlen, |
||||||
|
/* import other globals */ |
||||||
|
dkimf_import_globals(ctx, l); |
||||||
|
|
||||||
|
-# if LUA_VERSION_NUM == 502 |
||||||
|
+# if LUA_VERSION_NUM >= 502 |
||||||
|
switch (lua_load(l, dkimf_lua_reader, (void *) &io, name, NULL)) |
||||||
|
-# else /* LUA_VERSION_NUM == 502 */ |
||||||
|
+# else /* LUA_VERSION_NUM >= 502 */ |
||||||
|
switch (lua_load(l, dkimf_lua_reader, (void *) &io, name)) |
||||||
|
-# endif /* LUA_VERSION_NUM == 502 */ |
||||||
|
+# endif /* LUA_VERSION_NUM >= 502 */ |
||||||
|
{ |
||||||
|
case 0: |
||||||
|
break; |
||||||
|
@@ -1183,7 +1195,11 @@ dkimf_lua_final_hook(void *ctx, const char *script, size_t scriptlen, |
||||||
|
io.lua_io_len = 0; |
||||||
|
io.lua_io_alloc = 0; |
||||||
|
|
||||||
|
+#if LUA_VERSION_NUM >= 503 |
||||||
|
+ if (lua_dump(l, dkimf_lua_writer, &io, 0) == 0) |
||||||
|
+#else |
||||||
|
if (lua_dump(l, dkimf_lua_writer, &io) == 0) |
||||||
|
+#endif |
||||||
|
{ |
||||||
|
*keep = (void *) io.lua_io_script; |
||||||
|
*funclen = io.lua_io_len; |
||||||
|
@@ -1252,11 +1268,11 @@ dkimf_lua_db_hook(const char *script, size_t scriptlen, const char *query, |
||||||
|
lua_pushstring(l, query); |
||||||
|
lua_setglobal(l, "query"); |
||||||
|
|
||||||
|
-# if LUA_VERSION_NUM == 502 |
||||||
|
+# if LUA_VERSION_NUM >= 502 |
||||||
|
switch (lua_load(l, dkimf_lua_reader, (void *) &io, script, NULL)) |
||||||
|
-# else /* LUA_VERSION_NUM == 502 */ |
||||||
|
+# else /* LUA_VERSION_NUM >= 502 */ |
||||||
|
switch (lua_load(l, dkimf_lua_reader, (void *) &io, script)) |
||||||
|
-# endif /* LUA_VERSION_NUM == 502 */ |
||||||
|
+# endif /* LUA_VERSION_NUM >= 502 */ |
||||||
|
{ |
||||||
|
case 0: |
||||||
|
break; |
||||||
|
@@ -1284,7 +1300,11 @@ dkimf_lua_db_hook(const char *script, size_t scriptlen, const char *query, |
||||||
|
io.lua_io_len = 0; |
||||||
|
io.lua_io_alloc = 0; |
||||||
|
|
||||||
|
+#if LUA_VERSION_NUM >= 503 |
||||||
|
+ if (lua_dump(l, dkimf_lua_writer, &io, 0) == 0) |
||||||
|
+#else |
||||||
|
if (lua_dump(l, dkimf_lua_writer, &io) == 0) |
||||||
|
+#endif |
||||||
|
{ |
||||||
|
*keep = (void *) io.lua_io_script; |
||||||
|
*funclen = io.lua_io_len; |
||||||
|
-- |
||||||
|
2.25.4 |
||||||
|
|
@ -0,0 +1,6 @@ |
|||||||
|
# OPENDKIM KEY TABLE |
||||||
|
# To use this file, uncomment the #KeyTable option in /etc/opendkim.conf, |
||||||
|
# then uncomment the following line and replace example.com with your domain |
||||||
|
# name, then restart OpenDKIM. Additional keys may be added on separate lines. |
||||||
|
|
||||||
|
#default._domainkey.example.com example.com:default:/etc/opendkim/keys/default.private |
@ -0,0 +1,102 @@ |
|||||||
|
##################################### |
||||||
|
#FEDORA-SPECIFIC README FOR OPENDKIM# |
||||||
|
##################################### |
||||||
|
Last updated: Apr 30, 2015 by Steve Jenkins (steve@stevejenkins.com) |
||||||
|
|
||||||
|
Generating keys for OpenDKIM |
||||||
|
============================ |
||||||
|
After installing the opendkim package, you MUST generate a pair of keys (public and private) before |
||||||
|
attempting to start the opendkim service. |
||||||
|
|
||||||
|
A valid private key must exist in the location expected by /etc/opendkim.conf before the service will start. |
||||||
|
|
||||||
|
A matching public key must be included in your domain's DNS records before remote systems can validate |
||||||
|
your outgoing mail's DKIM signature. |
||||||
|
|
||||||
|
|
||||||
|
Generating Keys Automatically |
||||||
|
============================= |
||||||
|
To automatically create a pair of default keys for the local domain, do: |
||||||
|
|
||||||
|
% sudo /usr/sbin/opendkim-default-keygen |
||||||
|
|
||||||
|
The default keygen script will attempt to fetch the local domain name, generate a private and public key for |
||||||
|
the domain, then save them in /etc/opendkim/keys as default.private and default.txt with the proper |
||||||
|
ownership and permissions. |
||||||
|
|
||||||
|
NOTE: The default key generation script MUST be run by a privileged user (or root). Otherwise, the resulting |
||||||
|
private key ownership and permissions will not be correct. |
||||||
|
|
||||||
|
|
||||||
|
Generating Keys Manually |
||||||
|
======================== |
||||||
|
A privileged user (or root) can manually generate a set of keys by doing the following: |
||||||
|
|
||||||
|
1) Create a directory to store the new keys: |
||||||
|
|
||||||
|
% sudo mkdir /etc/opendkim/keys/example.com |
||||||
|
|
||||||
|
2) Generate keys in that directory for a specific domain name and selector: |
||||||
|
|
||||||
|
% sudo /usr/sbin/opendkim-genkey -D /etc/opendkim/keys/example.com/ -d example.com -s default |
||||||
|
|
||||||
|
3) Set the proper ownership for the directory and private key: |
||||||
|
|
||||||
|
% sudo chown -R root:opendkim /etc/opendkim/keys/example.com |
||||||
|
|
||||||
|
4) Set secure permissions for the private key: |
||||||
|
|
||||||
|
% sudo chmod 640 /etc/opendkim/keys/example.com/default.private |
||||||
|
|
||||||
|
5) Set standard permissions for the public key: |
||||||
|
|
||||||
|
% sudo chmod 644 /etc/opendkim/keys/example.com/default.txt |
||||||
|
|
||||||
|
|
||||||
|
Updating Key Location(s) in Configuration Files |
||||||
|
=============================================== |
||||||
|
If you run the opendkim-default-keygen script, the default keys will be saved in /etc/opendkim/keys as |
||||||
|
default.private and default.txt, which is the location expected by the default /etc/opendkim.conf file. |
||||||
|
|
||||||
|
If you manually generate your own keys, you must update the key location and name in /etc/opendkim.conf |
||||||
|
before attempting to start the opendkim service. |
||||||
|
|
||||||
|
Using OpenDKIM with SQL Datasets |
||||||
|
================================ |
||||||
|
OpenDKIM on RedHat-based systems relies on OpenDBX for database access. Depending on which database you use, |
||||||
|
you may have to manually install one of the following OpenDBX subpackages (all of which are available via yum): |
||||||
|
|
||||||
|
- opendbx-firebird |
||||||
|
- opendbx-mssql |
||||||
|
- opendbx-mysql |
||||||
|
- opendbx-postgresql |
||||||
|
- opendbx-sqlite |
||||||
|
- opendbx-sqlite2 |
||||||
|
- opendbx-sybase |
||||||
|
|
||||||
|
If you have OpenDKIM configured to use SQL datasets on a systemd-based server, it might also be necessary to start |
||||||
|
the opendkim service after the database servers by referencing your database unit file(s) in the "After" section of |
||||||
|
the OpenDKIM unit file. |
||||||
|
|
||||||
|
For example, if using both MariaDB and PostgreSQL, in /usr/lib/systemd/system/opendkim.service change: |
||||||
|
|
||||||
|
After=network.target nss-lookup.target syslog.target |
||||||
|
|
||||||
|
to: |
||||||
|
|
||||||
|
After=network.target nss-lookup.target syslog.target mariadb.service postgresql.service |
||||||
|
|
||||||
|
|
||||||
|
Additional Configuration Help |
||||||
|
============================= |
||||||
|
For help configuring your MTA (Postfix, Sendmail, etc.) with OpenDKIM, setting up DNS records with your |
||||||
|
public DKIM key, as well as instructions on configuring OpenDKIM to sign outgoing mail for multiple |
||||||
|
domains, follow the how-to at: |
||||||
|
|
||||||
|
http://wp.me/p1iGgP-ou |
||||||
|
|
||||||
|
Official documentation for OpenDKIM is available at http://opendkim.org/ |
||||||
|
|
||||||
|
OpenDKIM mailing lists are available at http://lists.opendkim.org/ |
||||||
|
|
||||||
|
### |
@ -0,0 +1,25 @@ |
|||||||
|
# OPENDKIM SIGNING TABLE |
||||||
|
# This table controls how to apply one or more signatures to outgoing messages based |
||||||
|
# on the address found in the From: header field. In simple terms, this tells |
||||||
|
# OpenDKIM "how" to apply your keys. |
||||||
|
|
||||||
|
# To use this file, uncomment the SigningTable option in /etc/opendkim.conf, |
||||||
|
# then uncomment one of the usage examples below and replace example.com with your |
||||||
|
# domain name, then restart OpenDKIM. |
||||||
|
|
||||||
|
# WILDCARD EXAMPLE |
||||||
|
# Enables signing for any address on the listed domain(s), but will work only if |
||||||
|
# "refile:/etc/opendkim/SigningTable" is included in /etc/opendkim.conf. |
||||||
|
# Create additional lines for additional domains. |
||||||
|
|
||||||
|
#*@example.com default._domainkey.example.com |
||||||
|
|
||||||
|
# NON-WILDCARD EXAMPLE |
||||||
|
# If "file:" (instead of "refile:") is specified in /etc/opendkim.conf, then |
||||||
|
# wildcards will not work. Instead, full user@host is checked first, then simply host, |
||||||
|
# then user@.domain (with all superdomains checked in sequence, so "foo.example.com" |
||||||
|
# would first check "user@foo.example.com", then "user@.example.com", then "user@.com"), |
||||||
|
# then .domain, then user@*, and finally *. See the opendkim.conf(5) man page under |
||||||
|
# "SigningTable" for more details. |
||||||
|
|
||||||
|
#example.com default._domainkey.example.com |
@ -0,0 +1,9 @@ |
|||||||
|
# OPENDKIM TRUSTED HOSTS |
||||||
|
# To use this file, uncomment the #ExternalIgnoreList and/or the #InternalHosts |
||||||
|
# option in /etc/opendkim.conf then restart OpenDKIM. Additional hosts |
||||||
|
# may be added on separate lines (IP addresses, hostnames, or CIDR ranges). |
||||||
|
# The localhost IP (127.0.0.1) should always be the first entry in this file. |
||||||
|
127.0.0.1 |
||||||
|
::1 |
||||||
|
#host.example.com |
||||||
|
#192.168.1.0/24 |
@ -0,0 +1,13 @@ |
|||||||
|
diff --git a/opendkim/opendkim.c b/opendkim/opendkim.c |
||||||
|
index 803f37b0..c9dd782d 100644 |
||||||
|
--- a/opendkim/opendkim.c |
||||||
|
+++ b/opendkim/opendkim.c |
||||||
|
@@ -10766,7 +10766,7 @@ dkimf_ar_all_sigs(char *hdr, size_t hdrlen, struct dkimf_dstring *tmpstr, |
||||||
|
" (%u-bit key%s%s)", |
||||||
|
keybits, |
||||||
|
dnssec == NULL ? "" |
||||||
|
- : "; ", |
||||||
|
+ : ", ", |
||||||
|
dnssec == NULL ? "" |
||||||
|
: dnssec); |
||||||
|
} |
@ -0,0 +1,24 @@ |
|||||||
|
--- OpenDKIM-2.11.0-Beta2.orig/contrib/systemd/opendkim.service.in 2022-09-05 13:34:39.099662836 -0400 |
||||||
|
+++ OpenDKIM-2.11.0-Beta2/contrib/systemd/opendkim.service.in 2022-09-05 13:36:33.580356467 -0400 |
||||||
|
@@ -8,13 +8,18 @@ Documentation=man:opendkim(8) man:opendk |
||||||
|
After=network.target nss-lookup.target syslog.target |
||||||
|
|
||||||
|
[Service] |
||||||
|
-Type=forking |
||||||
|
-PIDFile=@localstatedir@/run/opendkim/opendkim.pid |
||||||
|
+Type=simple |
||||||
|
EnvironmentFile=-@sysconfdir@/sysconfig/opendkim |
||||||
|
-ExecStart=@sbindir@/opendkim $OPTIONS |
||||||
|
+ExecStart=@sbindir@/opendkim -f $OPTIONS |
||||||
|
ExecReload=/bin/kill -USR1 $MAINPID |
||||||
|
User=opendkim |
||||||
|
Group=opendkim |
||||||
|
+Restart=on-failure |
||||||
|
+StandardOutput=null |
||||||
|
+StandardError=null |
||||||
|
+ProtectSystem=strict |
||||||
|
+ProtectHome=true |
||||||
|
+ReadWritePaths=@logdir@/opendkim |
||||||
|
|
||||||
|
[Install] |
||||||
|
WantedBy=multi-user.target |
@ -0,0 +1,133 @@ |
|||||||
|
## BASIC OPENDKIM CONFIGURATION FILE |
||||||
|
## See opendkim.conf(5) or /usr/share/doc/opendkim/opendkim.conf.sample for more |
||||||
|
|
||||||
|
## BEFORE running OpenDKIM you must: |
||||||
|
|
||||||
|
## - make your MTA (Postfix, Sendmail, etc.) aware of OpenDKIM |
||||||
|
## - generate keys for your domain (if signing) |
||||||
|
## - edit your DNS records to publish your public keys (if signing) |
||||||
|
|
||||||
|
## See /usr/share/doc/opendkim/INSTALL for detailed instructions. |
||||||
|
|
||||||
|
## DEPRECATED CONFIGURATION OPTIONS |
||||||
|
## |
||||||
|
## The following configuration options are no longer valid. They should be |
||||||
|
## removed from your existing configuration file to prevent potential issues. |
||||||
|
## Failure to do so may result in opendkim being unable to start. |
||||||
|
## |
||||||
|
## Removed in 2.10.0: |
||||||
|
## AddAllSignatureResults |
||||||
|
## ADSPAction |
||||||
|
## ADSPNoSuchDomain |
||||||
|
## BogusPolicy |
||||||
|
## DisableADSP |
||||||
|
## LDAPSoftStart |
||||||
|
## LocalADSP |
||||||
|
## NoDiscardableMailTo |
||||||
|
## On-PolicyError |
||||||
|
## SendADSPReports |
||||||
|
## UnprotectedPolicy |
||||||
|
|
||||||
|
## CONFIGURATION OPTIONS |
||||||
|
|
||||||
|
## Specifies the path to the process ID file. |
||||||
|
PidFile /run/opendkim/opendkim.pid |
||||||
|
|
||||||
|
## Selects operating modes. Valid modes are s (sign) and v (verify). Default is v. |
||||||
|
## Must be changed to s (sign only) or sv (sign and verify) in order to sign outgoing |
||||||
|
## messages. |
||||||
|
Mode v |
||||||
|
|
||||||
|
## Log activity to the system log. |
||||||
|
Syslog yes |
||||||
|
|
||||||
|
## Log additional entries indicating successful signing or verification of messages. |
||||||
|
SyslogSuccess yes |
||||||
|
|
||||||
|
## If logging is enabled, include detailed logging about why or why not a message was |
||||||
|
## signed or verified. This causes an increase in the amount of log data generated |
||||||
|
## for each message, so set this to No (or comment it out) if it gets too noisy. |
||||||
|
LogWhy yes |
||||||
|
|
||||||
|
## Attempt to become the specified user before starting operations. |
||||||
|
UserID opendkim:opendkim |
||||||
|
|
||||||
|
## Create a socket through which your MTA can communicate. |
||||||
|
Socket inet:8891@localhost |
||||||
|
|
||||||
|
## Required to use local socket with MTAs that access the socket as a non- |
||||||
|
## privileged user (e.g. Postfix) |
||||||
|
Umask 002 |
||||||
|
|
||||||
|
## This specifies a text file in which to store DKIM transaction statistics. |
||||||
|
## OpenDKIM must be manually compiled with --enable-stats to enable this feature. |
||||||
|
# Statistics /var/spool/opendkim/stats.dat |
||||||
|
|
||||||
|
## Specifies whether or not the filter should generate report mail back |
||||||
|
## to senders when verification fails and an address for such a purpose |
||||||
|
## is provided. See opendkim.conf(5) for details. |
||||||
|
SendReports yes |
||||||
|
|
||||||
|
## Specifies the sending address to be used on From: headers of outgoing |
||||||
|
## failure reports. By default, the e-mail address of the user executing |
||||||
|
## the filter is used (executing_user@hostname). |
||||||
|
# ReportAddress "Example.com Postmaster" <postmaster@example.com> |
||||||
|
|
||||||
|
## Add a DKIM-Filter header field to messages passing through this filter |
||||||
|
## to identify messages it has processed. |
||||||
|
SoftwareHeader yes |
||||||
|
|
||||||
|
## SIGNING OPTIONS |
||||||
|
|
||||||
|
## Selects the canonicalization method(s) to be used when signing messages. |
||||||
|
Canonicalization relaxed/relaxed |
||||||
|
|
||||||
|
## Domain(s) whose mail should be signed by this filter. Mail from other domains will |
||||||
|
## be verified rather than being signed. Uncomment and use your domain name. |
||||||
|
## This parameter is not required if a SigningTable is in use. |
||||||
|
# Domain example.com |
||||||
|
|
||||||
|
## Defines the name of the selector to be used when signing messages. |
||||||
|
Selector default |
||||||
|
|
||||||
|
## Specifies the minimum number of key bits for acceptable keys and signatures. |
||||||
|
MinimumKeyBits 1024 |
||||||
|
|
||||||
|
## Gives the location of a private key to be used for signing ALL messages. This |
||||||
|
## directive is ignored if KeyTable is enabled. |
||||||
|
KeyFile /etc/opendkim/keys/default.private |
||||||
|
|
||||||
|
## Gives the location of a file mapping key names to signing keys. In simple terms, |
||||||
|
## this tells OpenDKIM where to find your keys. If present, overrides any KeyFile |
||||||
|
## directive in the configuration file. Requires SigningTable be enabled. |
||||||
|
# KeyTable /etc/opendkim/KeyTable |
||||||
|
|
||||||
|
## Defines a table used to select one or more signatures to apply to a message based |
||||||
|
## on the address found in the From: header field. In simple terms, this tells |
||||||
|
## OpenDKIM how to use your keys. Requires KeyTable be enabled. |
||||||
|
# SigningTable refile:/etc/opendkim/SigningTable |
||||||
|
|
||||||
|
## Identifies a set of "external" hosts that may send mail through the server as one |
||||||
|
## of the signing domains without credentials as such. |
||||||
|
# ExternalIgnoreList refile:/etc/opendkim/TrustedHosts |
||||||
|
|
||||||
|
## Identifies a set "internal" hosts whose mail should be signed rather than verified. |
||||||
|
# InternalHosts refile:/etc/opendkim/TrustedHosts |
||||||
|
|
||||||
|
## Contains a list of IP addresses, CIDR blocks, hostnames or domain names |
||||||
|
## whose mail should be neither signed nor verified by this filter. See man |
||||||
|
## page for file format. |
||||||
|
# PeerList X.X.X.X |
||||||
|
|
||||||
|
## Always oversign From (sign using actual From and a null From to prevent |
||||||
|
## malicious signatures header fields (From and/or others) between the signer |
||||||
|
## and the verifier. From is oversigned by default in the Fedora package |
||||||
|
## because it is often the identity key used by reputation systems and thus |
||||||
|
## somewhat security sensitive. |
||||||
|
OversignHeaders From |
||||||
|
|
||||||
|
## Instructs the DKIM library to maintain its own local cache of keys and |
||||||
|
## policies retrieved from DNS, rather than relying on the nameserver for |
||||||
|
## caching service. Useful if the nameserver being used by the filter is |
||||||
|
## not local. |
||||||
|
# QueryCache yes |
@ -0,0 +1,8 @@ |
|||||||
|
# Set the necessary startup options |
||||||
|
OPTIONS="-x /etc/opendkim.conf" |
||||||
|
|
||||||
|
# Set the default DKIM selector |
||||||
|
DKIM_SELECTOR=default |
||||||
|
|
||||||
|
# Set the default DKIM key location |
||||||
|
DKIM_KEYDIR=/etc/opendkim/keys |
@ -0,0 +1,221 @@ |
|||||||
|
%global upname OpenDKIM |
||||||
|
%global bigname OPENDKIM |
||||||
|
%global full_version 2.11.0-Beta2 |
||||||
|
|
||||||
|
Summary: A DomainKeys Identified Mail (DKIM) milter to sign and/or verify mail |
||||||
|
Name: opendkim |
||||||
|
Version: 2.11.0 |
||||||
|
Release: 0.31%{?dist} |
||||||
|
License: BSD and Sendmail |
||||||
|
URL: http://%{name}.org/ |
||||||
|
Source0: https://github.com/trusteddomainproject/OpenDKIM/archive/%{full_version}.tar.gz |
||||||
|
Source1: opendkim.conf |
||||||
|
Source2: opendkim.sysconfig |
||||||
|
Source3: SigningTable |
||||||
|
Source4: KeyTable |
||||||
|
Source5: TrustedHosts |
||||||
|
Source6: README.fedora |
||||||
|
# https://github.com/trusteddomainproject/OpenDKIM/pull/70 |
||||||
|
Patch0: 0001-support-for-lua-5.3.patch |
||||||
|
# https://github.com/trusteddomainproject/OpenDKIM/pull/136 |
||||||
|
Patch1: opendkim-2.11.0-comment-separator.patch |
||||||
|
# systemd service type=simple |
||||||
|
Patch2: opendkim-systemd-service-simple.patch |
||||||
|
# Required for all versions |
||||||
|
Requires: lib%{name}%{?_isa} = %{version}-%{release} |
||||||
|
BuildRequires: make |
||||||
|
BuildRequires: openssl-devel |
||||||
|
BuildRequires: libtool |
||||||
|
BuildRequires: pkgconfig |
||||||
|
BuildRequires: libbsd |
||||||
|
BuildRequires: libbsd-devel |
||||||
|
BuildRequires: tre-devel |
||||||
|
#BuildRequires: opendbx-devel |
||||||
|
BuildRequires: lua-devel |
||||||
|
Requires(pre): shadow-utils |
||||||
|
%{?systemd_requires} |
||||||
|
BuildRequires: systemd |
||||||
|
BuildRequires: libdb-devel |
||||||
|
#BuildRequires: libmemcached-devel |
||||||
|
BuildRequires: sendmail-devel |
||||||
|
BuildRequires: openldap-devel |
||||||
|
|
||||||
|
|
||||||
|
%description |
||||||
|
%{upname} allows signing and/or verification of email through an open source |
||||||
|
library that implements the DKIM service, plus a milter-based filter |
||||||
|
application that can plug in to any milter-aware MTA, including sendmail, |
||||||
|
Postfix, or any other MTA that supports the milter protocol. |
||||||
|
|
||||||
|
|
||||||
|
%package -n %{name}-tools |
||||||
|
Summary: An open source DKIM library |
||||||
|
%description -n %{name}-tools |
||||||
|
This package contains the tools necessary to create artifacts needed |
||||||
|
by opendkim. |
||||||
|
|
||||||
|
|
||||||
|
%package -n lib%{name} |
||||||
|
Summary: An open source DKIM library |
||||||
|
Obsoletes: %{name}-sysvinit < 2.10.1-5 |
||||||
|
%description -n lib%{name} |
||||||
|
This package contains the library files required for running services built |
||||||
|
using libopendkim. |
||||||
|
|
||||||
|
|
||||||
|
%package -n lib%{name}-devel |
||||||
|
Summary: Development files for lib%{name} |
||||||
|
Requires: lib%{name}%{?_isa} = %{version}-%{release} |
||||||
|
%description -n lib%{name}-devel |
||||||
|
This package contains the static libraries, headers, and other support files |
||||||
|
required for developing applications against libopendkim. |
||||||
|
|
||||||
|
|
||||||
|
%prep |
||||||
|
%autosetup -p1 -n %{upname}-%{full_version} |
||||||
|
|
||||||
|
|
||||||
|
%build |
||||||
|
autoreconf -iv |
||||||
|
# Always use system libtool instead of pacakge-provided one to |
||||||
|
# properly handle 32 versus 64 bit detection and settings |
||||||
|
%define LIBTOOL LIBTOOL=`which libtool` |
||||||
|
%configure \ |
||||||
|
--without-odbx \ |
||||||
|
--with-db \ |
||||||
|
--without-libmemcached \ |
||||||
|
--with-openldap \ |
||||||
|
--enable-query_cache \ |
||||||
|
--with-lua \ |
||||||
|
--enable-stats \ |
||||||
|
--enable-rbl \ |
||||||
|
--enable-rate_limit \ |
||||||
|
--enable-diffheaders \ |
||||||
|
--enable-identity_header \ |
||||||
|
--with-milter %{_includedir}/libmilter/ |
||||||
|
# Remove rpath |
||||||
|
sed -i 's|^hardcode_libdir_flag_spec=.*|hardcode_libdir_flag_spec=""|g' libtool |
||||||
|
sed -i 's|^runpath_var=LD_RUN_PATH|runpath_var=DIE_RPATH_DIE|g' libtool |
||||||
|
|
||||||
|
|
||||||
|
%install |
||||||
|
make DESTDIR=%{buildroot} install %{?_smp_mflags} |
||||||
|
install -d %{buildroot}%{_sysconfdir} |
||||||
|
install -d %{buildroot}%{_sysconfdir}/sysconfig |
||||||
|
install -m 0755 contrib/init/redhat/%{name}-default-keygen %{buildroot}%{_sbindir}/%{name}-default-keygen |
||||||
|
install -d -m 0755 %{buildroot}%{_unitdir} |
||||||
|
# fix service file for rundir |
||||||
|
sed -i -e "s:PIDFile=/var/run/opendkim/opendkim.pid:PIDFile=%{_rundir}/opendkim/opendkim.pid:" contrib/systemd/%{name}.service |
||||||
|
install -m 0644 contrib/systemd/%{name}.service %{buildroot}%{_unitdir}/%{name}.service |
||||||
|
install -m 0644 %{SOURCE1} %{buildroot}%{_sysconfdir}/%{name}.conf |
||||||
|
install -m 0644 %{SOURCE2} %{buildroot}%{_sysconfdir}/sysconfig/%{name} |
||||||
|
mkdir -p %{buildroot}%{_sysconfdir}/%{name} |
||||||
|
install -m 0644 %{SOURCE3} %{buildroot}%{_sysconfdir}/%{name}/SigningTable |
||||||
|
install -m 0644 %{SOURCE4} %{buildroot}%{_sysconfdir}/%{name}/KeyTable |
||||||
|
install -m 0644 %{SOURCE5} %{buildroot}%{_sysconfdir}/%{name}/TrustedHosts |
||||||
|
cp %{SOURCE6} ./README.fedora |
||||||
|
install -p -d %{buildroot}/usr/lib/tmpfiles.d |
||||||
|
cat > %{buildroot}/usr/lib/tmpfiles.d/%{name}.conf <<'EOF' |
||||||
|
D %{_rundir}/%{name} 0750 %{name} %{name} - |
||||||
|
EOF |
||||||
|
rm -r %{buildroot}%{_prefix}/share/doc/%{name} |
||||||
|
rm %{buildroot}%{_libdir}/*.a |
||||||
|
rm %{buildroot}%{_libdir}/*.la |
||||||
|
mkdir -p %{buildroot}%{_localstatedir}/spool/%{name} |
||||||
|
mkdir -p %{buildroot}%{_rundir}/%{name} |
||||||
|
mkdir -p %{buildroot}%{_sysconfdir}/%{name} |
||||||
|
mkdir %{buildroot}%{_sysconfdir}/%{name}/keys |
||||||
|
install -m 0755 stats/%{name}-reportstats %{buildroot}%{_prefix}/sbin/%{name}-reportstats |
||||||
|
sed -i 's|^%{bigname}STATSDIR="/var/db/%{name}"|%{bigname}STATSDIR="%{_localstatedir}/spool/%{name}"|g' %{buildroot}%{_prefix}/sbin/%{name}-reportstats |
||||||
|
sed -i 's|^%{bigname}DATOWNER="mailnull:mailnull"|%{bigname}DATOWNER="%{name}:%{name}"|g' %{buildroot}%{_prefix}/sbin/%{name}-reportstats |
||||||
|
chmod 0644 contrib/convert/convert_keylist.sh |
||||||
|
|
||||||
|
|
||||||
|
%pre |
||||||
|
getent group %{name} >/dev/null || groupadd -r %{name} |
||||||
|
getent passwd %{name} >/dev/null || \ |
||||||
|
useradd -r -g %{name} -G mail -d %{_rundir}/%{name} -s /sbin/nologin \ |
||||||
|
-c "%{upname} Milter" %{name} |
||||||
|
exit 0 |
||||||
|
%post |
||||||
|
%systemd_post %{name}.service |
||||||
|
%preun |
||||||
|
%systemd_preun %{name}.service |
||||||
|
%postun |
||||||
|
%systemd_postun_with_restart %{name}.service |
||||||
|
# For the switchover from initscript to service file |
||||||
|
%triggerun -- %{name} < 2.8.0-1 |
||||||
|
%systemd_post %{name}.service |
||||||
|
/sbin/chkconfig --del %{name} >/dev/null 2>&1 || : |
||||||
|
%systemd_postun_with_restart %{name}.service |
||||||
|
|
||||||
|
|
||||||
|
%post -n libopendkim -p /sbin/ldconfig |
||||||
|
%postun -n libopendkim -p /sbin/ldconfig |
||||||
|
|
||||||
|
|
||||||
|
%files |
||||||
|
%license LICENSE LICENSE.Sendmail |
||||||
|
%doc FEATURES KNOWNBUGS RELEASE_NOTES RELEASE_NOTES.Sendmail |
||||||
|
%doc contrib/convert/convert_keylist.sh %{name}/*.sample |
||||||
|
%doc %{name}/%{name}.conf.simple-verify %{name}/%{name}.conf.simple |
||||||
|
%doc %{name}/README contrib/lua/*.lua |
||||||
|
%doc README.fedora |
||||||
|
%config(noreplace) %{_sysconfdir}/%{name}.conf |
||||||
|
%config(noreplace) /usr/lib/tmpfiles.d/%{name}.conf |
||||||
|
%config(noreplace) %attr(0640,%{name},%{name}) %{_sysconfdir}/%{name}/SigningTable |
||||||
|
%config(noreplace) %attr(0640,%{name},%{name}) %{_sysconfdir}/%{name}/KeyTable |
||||||
|
%config(noreplace) %attr(0640,%{name},%{name}) %{_sysconfdir}/%{name}/TrustedHosts |
||||||
|
%config(noreplace) %{_sysconfdir}/sysconfig/%{name} |
||||||
|
%{_bindir}/miltertest |
||||||
|
%{_sbindir}/opendkim |
||||||
|
%{_sbindir}/opendkim-reportstats |
||||||
|
%{_mandir}/man3/* |
||||||
|
%{_mandir}/man5/* |
||||||
|
%{_mandir}/man8/miltertest.8.gz |
||||||
|
%{_mandir}/man8/opendkim.8.gz |
||||||
|
%dir %attr(-,%{name},%{name}) %{_localstatedir}/spool/%{name} |
||||||
|
%dir %attr(0750,%{name},%{name}) %{_rundir}/%{name} |
||||||
|
%dir %attr(-,root,%{name}) %{_sysconfdir}/%{name} |
||||||
|
%dir %attr(0750,root,%{name}) %{_sysconfdir}/%{name}/keys |
||||||
|
%attr(0755,root,root) %{_sbindir}/%{name}-default-keygen |
||||||
|
%attr(0644,root,root) %{_unitdir}/%{name}.service |
||||||
|
|
||||||
|
|
||||||
|
%files -n libopendkim |
||||||
|
%license LICENSE LICENSE.Sendmail |
||||||
|
%doc README |
||||||
|
%{_libdir}/lib%{name}.so.* |
||||||
|
%{_libdir}/librbl.so.* |
||||||
|
|
||||||
|
|
||||||
|
%files -n opendkim-tools |
||||||
|
%license LICENSE LICENSE.Sendmail |
||||||
|
%{_mandir}/man8/opendkim-genkey.8.gz |
||||||
|
%{_mandir}/man8/opendkim-genzone.8.gz |
||||||
|
%{_mandir}/man8/opendkim-testkey.8.gz |
||||||
|
%{_mandir}/man8/opendkim-testmsg.8.gz |
||||||
|
%{_mandir}/man8/opendkim-expire.8.gz |
||||||
|
%{_mandir}/man8/opendkim-gengraphs.8.gz |
||||||
|
%{_mandir}/man8/opendkim-genstats.8.gz |
||||||
|
%{_mandir}/man8/opendkim-stats.8.gz |
||||||
|
%{_sbindir}/opendkim-genkey |
||||||
|
%{_sbindir}/opendkim-genzone |
||||||
|
%{_sbindir}/opendkim-testkey |
||||||
|
%{_sbindir}/opendkim-testmsg |
||||||
|
%{_sbindir}/opendkim-expire |
||||||
|
%{_sbindir}/opendkim-gengraphs |
||||||
|
%{_sbindir}/opendkim-genstats |
||||||
|
%{_sbindir}/opendkim-stats |
||||||
|
|
||||||
|
|
||||||
|
%files -n libopendkim-devel |
||||||
|
%license LICENSE LICENSE.Sendmail |
||||||
|
%doc lib%{name}/docs/*.html |
||||||
|
%{_includedir}/%{name} |
||||||
|
%{_includedir}/rbl/rbl.h |
||||||
|
%{_libdir}/*.so |
||||||
|
%{_libdir}/pkgconfig/*.pc |
||||||
|
|
||||||
|
|
||||||
|
%changelog |
Loading…
Reference in new issue