Updated mail/opendmarc to 1.4.0beta1

Change since 1.3.1 from RELEASE_NOTES

1.4.0           2018/06/??
        Add ARC support.  Extensive work contributed by ValiMail.
        Add "DomainWhitelist" and "DomainWhitelistFile" config options.
        Extract client IP address for ARC reports when provided via
                Authentication-Results.
        Update SQL schema to support new reporting functionality for DKIM
                selectors and ARC local policy overrides (refer to the example
                schema.mysql file).
        Add experimental support for reporting of ARC local policy overrides.
        Add support for recording and reporting of DKIM selectors.
        Override a DMARC "fail" if an ARC "pass" is recorded in conjunction with
                an ARC policy pass.
        Fix bug #137: Handle base64 inside AR tokens that are values.
                Problem reported by Joseph Coffland.
        LIBOPENDMARC: Fix bug #203: Reject DMARC records that have duplicate
                tags in them.  Reported by Dirk Stoecker.
        REPORTS: Feature request #146: Add option to pull input from a file.
        REPORTS: Fix bug #153: Suppress duplicate results from the same
                domain.  Patch from Tomki Camp.

1.3.2           2017/03/04
        Feature request #86: Change meaning of "RequiredHeaders" such that
                header validity is always checked, but messages are only
                rejected on that basis when the flag is set.  Based
                on a patch from Andreas Schulze.
        Feature request #127: Log SPF results when rejecting.  Requested
                by Patrick Wagner; patch from Andreas Schulze, follow-up
                patch from Juri Haberland.
        Feature request #138: Inculde policy and disposition information
                in an Authentication-Results comment.  Based on a patch
                from Juri Haberland.
        Feature request #139: Include the client host name if known
                in failure reports.  Suggested by Roland Turner;
                patch by Andreas Schulze.
        Fix bug #95: Assume IPv6 for SPF operations.  Patch from Juri Haberland.
        Fix bug #120: Fix control logic around the SPF result.
                Reported by Christophe Wolfhugel; patch from Andreas Schulze.
        Fix bug #122: Don't skip the HELO milter phase when SPF is enabled.
                Reported by Christophe Wolfhugel.
        Fix bug #157: Fix logging of implicit authserv-ids.  Reported
                by Andreas Schulze; patch from Juri Haberland.
        Fix bug #158: Log ignored connections.  Patch from Andreas Schulze.
        Fix bug #160: Fix "SyslogFacility" handling.  Patch from
                Juri Haberland.
        Fix bug #163: Use a larger buffer for the raw MAIL FROM value.
                Based on a patch from Andreas Schulze.
        Fix bug #174: Trim "!" suffixes from reporting addresses.  Problem
                noted by Juri Haberland.
        Fix bug #186: When reloading the configuration file, the public
                suffix list was read in with the wrong comment indicator.
                Patch from Federico Omoto.
        Fix bug #194: Fix inappropriate DMARC status when "p=none" is
                discovered.  Patch from Juri Haberland.
        Fix bug #195: When parsing Received-SPF, use the correct constants
                in the history file entries.  Patch from Juri Haberland.
        LIBOPENDMARC: Fix bug #115: Fix type mismatch.  Patch from
                Sebastian A. Siewior via Scott Kitterman.
        LIBOPENDMARC: Fix bug #121: Fix IPv6 CIDR matching in SPF code.
                Patch from Christophe Wolfhugel.
        LIBOPENDMARC: Fix bug #125: Compile time IPv6 fix.  Reported by
                Christophe Wolfhugel.
        LIBOPENDMARC: Fix bug #131: Fix alignment bug.  Patch from
                Andreas Schulze.
        LIBOPENDMARC: Fix bug #147: Fix stripping of whitespace from
                DMARC DNS records.  Based on a patch from Job Noorman.
        LIBOPENDMARC: Fix bug #149: Apply "sp" setting, if present and
                applicable.  Patch from Petr Novak.
        LIBOPENDMARC: Fix bug #154: Fix "rf" and "fo" processing logic.
        LIBOPENDMARC: Fix bug #156: Fix variable name.  Patch by
                Andreas Schulze.
        LIBOPENDMARC: Fix bug #165: Fix logic in checking which SPF
                identifier was used.  Patches from Marco Favero and
                Juri Haberland.
        LIBOPENDMARC: Fix bug #167: Don't return "fail" when we should
                return "none".  Patch from Marco Favero.
        REPORTS: Fix bug #134: Handle SMTP errors correctly.  Patch from
                Andreas Schulze.
        REPORTS: Fix bug #141: Set the HELO parameter correctly.
                Reported by Alan Smith; patch from Andreas Schulze.
        REPORTS: Fix bug #143: Fix logic in table truncation.
                Reported by Wayne Andersen; patch from Juri Haberland.
        REPORTS: Fix bug #162: Always report "sp" in aggregate reports.
                Patch from Juri Haberland.
        REPORTS: Fix bug #166: Fix report start/end time logic.
                Patch from Juri Haberland.
        REPORTS: Fix bug #188: Don't delete inputs too early in
                opendmarc-reports.  Patch from Juri Haberland.
        TOOLS: Fix bug #161: "Forensic" reports were renamed "Failure"
                reports.  Patch from Andreas Schulze.
        TOOLS: Fix bug #164: Handle IPv6 test addresses.  Reported by
                Andreas Schulze; patch from Juri Haberland.
        DOCS: Patch #189: Replace the DMARC RFC with an HTML page
                referencing the relevant specs, since Debian doesn't
                consider RFCs to be "free".  Patch from Scott Kitterman
                via Juri Haberland.

doc/CHANGES-2020

@@ -1,4 +1,4 @@
-$NetBSD: CHANGES-2020,v 1.6848 2020/12/22 00:29:08 gutteridge Exp $
+$NetBSD: CHANGES-2020,v 1.6849 2020/12/24 01:10:22 manu Exp $
 
 Changes to the packages collection and infrastructure in 2020:
 
@@ -9923,3 +9923,4 @@ Changes to the packages collection and infrastructure in 2020:
 	Added security/R-credentials version 1.3.0 [mef 2020-12-21]
 	mk/bsd.pkg.mk: started freeze for pkgsrc-2020Q4 branch [gdt 2020-12-21]
 	Updated x11/xfce4-notifyd to 0.6.2nb1 [gutteridge 2020-12-22]
+	Updated mail/opendmarc to 1.4.0beta1 [manu 2020-12-24]

mail/opendmarc/Makefile

@@ -1,9 +1,13 @@
-# $NetBSD: Makefile,v 1.21 2020/08/31 18:09:59 wiz Exp $
+# $NetBSD: Makefile,v 1.22 2020/12/24 01:10:23 manu Exp $
 
-DISTNAME=	opendmarc-1.3.1
-PKGREVISION=	9
+GITHUB_PROJECT=	OpenDMARC
+GITHUB_TAG=	rel-opendmarc-1-4-0-Beta1
+DISTNAME=	rel-opendmarc-1-4-0-Beta1
+PKGNAME=	opendmarc-1.4.0b1
+#PKGREVISION=	1
 CATEGORIES=	mail
-MASTER_SITES=	${MASTER_SITE_SOURCEFORGE:=opendmarc/}
+MASTER_SITES=	${MASTER_SITE_GITHUB:=trusteddomainproject/}
+DIST_SUBDIR=	${GITHUB_PROJECT}
 
 MAINTAINER=	[email protected]
 HOMEPAGE=	http://www.trusteddomain.org/opendmarc/
@@ -19,11 +23,14 @@ DEPENDS+=	p5-HTTP-Message-[0-9]*:../../www/p5-HTTP-Message
 RCD_SCRIPTS=	opendmarc
 
 USE_LIBTOOL=	yes
-USE_TOOLS+=	perl
+USE_TOOLS+=	perl autoconf automake
 
 GNU_CONFIGURE=		yes
 CONFIGURE_ARGS+=	--sysconfdir=${PKG_SYSCONFDIR}
 CONFIGURE_ARGS+=	--with-milter=${BUILDLINK_PREFIX.libmilter}
+CONFIGURE_ARGS+=	--with-spf
+CONFIGURE_ARGS+=	--with-spf2-lib=${BUILDLINK_PREFIX.libspf2}/lib
+CONFIGURE_ARGS+= --with-spf2-include=${BUILDLINK_PREFIX.libspf2}/include/spf2
 
 REPLACE_PERL=	reports/opendmarc-expire.in
 REPLACE_PERL+=	reports/opendmarc-import.in
@@ -34,11 +41,17 @@ EGDIR=		${PREFIX}/share/examples/${PKGBASE}
 
 INSTALLATION_DIRS=	${EGDIR}
 
+pre-configure:
+	set -e; cd ${WRKSRC}; \
+	libtoolize; aclocal; autoheader; automake -a --foreign -i; autoconf
+
 post-install:
 	${INSTALL_DATA} ${WRKSRC}/opendmarc/opendmarc.conf.sample \
 		${DESTDIR}${EGDIR}/
 
 .include "../../security/openssl/buildlink3.mk"
+BUILDLINK_API_DEPENDS.libmilter+=	libmilter>=8.13.0
 .include "../../mail/libmilter/buildlink3.mk"
+.include "../../mail/libspf2/buildlink3.mk"
 .include "../../mk/pthread.buildlink3.mk"
 .include "../../mk/bsd.pkg.mk"

mail/opendmarc/PLIST

@@ -1,4 +1,4 @@
-@comment $NetBSD: PLIST,v 1.5 2015/03/15 22:26:34 pettai Exp $
+@comment $NetBSD: PLIST,v 1.6 2020/12/24 01:10:23 manu Exp $
 include/opendmarc/dmarc.h
 lib/libopendmarc.la
 man/man5/opendmarc.conf.5
@@ -21,15 +21,15 @@ share/doc/opendmarc/LICENSE.Sendmail
 share/doc/opendmarc/README
 share/doc/opendmarc/README.rddmarc
 share/doc/opendmarc/README.schema
+share/doc/opendmarc/README.specs.html
 share/doc/opendmarc/dmarc_policy_t.html
 share/doc/opendmarc/dmarcfail.py
-share/doc/opendmarc/draft-dmarc-base-13.txt
 share/doc/opendmarc/index.html
-share/doc/opendmarc/mkdb.mysql
 share/doc/opendmarc/mkdmarc
 share/doc/opendmarc/mysql_ip6.c
 share/doc/opendmarc/opendmarc
 share/doc/opendmarc/opendmarc.conf.sample
+share/doc/opendmarc/opendmarc.service.in
 share/doc/opendmarc/opendmarc.spec.in
 share/doc/opendmarc/opendmarc_dns_fake_record.html
 share/doc/opendmarc/opendmarc_get_policy_to_enforce.html

mail/opendmarc/distinfo

@@ -1,11 +1,9 @@
-$NetBSD: distinfo,v 1.7 2020/07/27 20:41:09 oster Exp $
+$NetBSD: distinfo,v 1.8 2020/12/24 01:10:23 manu Exp $
 
-SHA1 (opendmarc-1.3.1.tar.gz) = bdd12713888c16e77334281238f88990df225929
-RMD160 (opendmarc-1.3.1.tar.gz) = 623b51544f428ade14f0a5d6204f8bf41af8375a
-SHA512 (opendmarc-1.3.1.tar.gz) = 0be11540bc26bd3b3e6cc9817bc379a5d290b63ef16c5d3559bf96b241ad6628bea7a9daeb468afac855bc16be16676f722b3c1d468ea82c8d8364e8a8137226
-Size (opendmarc-1.3.1.tar.gz) = 640151 bytes
-SHA1 (patch-build-config.h.in) = 14723ab0a578978117be7dcc1d60fe5af955b610
-SHA1 (patch-configure) = 1af3b346ac6db51d1701af8ba4e123e0e6a6b973
-SHA1 (patch-configure.ac) = bfd2c16d22e25b564d33220b5e7ceadedc5ee016
-SHA1 (patch-libopendmarc_opendmarc__dns.c) = 7c75d464bcdba6baf963cb002e7ba94a60593ecc
-SHA1 (patch-libopendmarc_opendmarc__spf__dns.c) = 82f22fd2e224ddef1cd3c6788518e629fdea125f
+SHA1 (OpenDMARC/rel-opendmarc-1-4-0-Beta1.tar.gz) = 74ad1ef9f9a12b5fadef5919807cd55f7655d8d8
+RMD160 (OpenDMARC/rel-opendmarc-1-4-0-Beta1.tar.gz) = e8dda5350a734509843a04329777478d9410b796
+SHA512 (OpenDMARC/rel-opendmarc-1-4-0-Beta1.tar.gz) = d562050da9c4b96e7707157fbbf385ab3ac551cf07754b45deb6a010b4c47e7f478dfe35bc2c8625f6553af4fbf120820bf2a9f0ce246b26cabf81e7d1174405
+Size (OpenDMARC/rel-opendmarc-1-4-0-Beta1.tar.gz) = 1247386 bytes
+SHA1 (patch-configure.ac) = d174911e4de37d3b50b525469cbe410bb7ae119f
+SHA1 (patch-libopendmarc_opendmarc__dns.c) = e76ca13707677525b72609b4a5268d77efcfba84
+SHA1 (patch-libopendmarc_opendmarc__spf__dns.c) = b6e1311be8e9ef44c333be57fef474f6b080a199

mail/opendmarc/patches/patch-configure.ac

@@ -1,24 +1,29 @@
-$NetBSD: patch-configure.ac,v 1.2 2020/07/27 20:41:10 oster Exp $
+$NetBSD: patch-configure.ac,v 1.3 2020/12/24 01:10:23 manu Exp $
 
-Add appropriate flags if res_ndestroy(), __res_ninit(),  or 
-__res_ndestroy() are found.
+Search for res_ndestroy and use it instead of res_nclose if available
 
---- configure.ac.orig	2015-02-23 20:31:50.000000000 +0000
-+++ configure.ac
-@@ -126,6 +126,16 @@ AC_CHECK_LIB(resolv, inet_aton, , , [-ln
+--- configure.ac.orig	2020-09-22 02:55:01.853002338 +0200
++++ configure.ac	2020-09-22 02:55:47.922944675 +0200
+@@ -138,8 +138,22 @@
+                                            [return res_ninit(NULL);])])
  AC_SEARCH_LIBS(res_ninit, resolv,
  	AC_DEFINE(HAVE_RES_NINIT, 1,
  	[Define to 1 if you have the `res_ninit()' function.]))
-+AC_SEARCH_LIBS(res_ndestroy, resolv,
-+       AC_DEFINE(HAVE_RES_NDESTROY, 1,
-+       [Define to 1 if you have the `res_ndestroy()' function.]))
-+AC_SEARCH_LIBS(__res_ninit, resolv,
-+	AC_DEFINE(HAVE_RES_NINIT, 1,
-+	[Define to 1 if you have the `__res_ninit()' function.]))
-+AC_SEARCH_LIBS(__res_ndestroy, resolv,
-+       AC_DEFINE(HAVE_RES_NDESTROY, 1,
-+       [Define to 1 if you have the `__res_ndestroy()' function.]))
++AC_MSG_CHECKING([if res_ndestroy is available])
++AC_LINK_IFELSE([AC_LANG_PROGRAM([
++		#include <sys/types.h>
++		#include <netinet/in.h>
++		#include <arpa/nameser.h>
++		#include <resolv.h>
++	],[
++		struct __res_state res;
++		res_ndestroy(&res);
++	])], [AC_DEFINE([HAVE_RES_NDESTROY], [1],
++	    [we have res_ndestroy]) res_ndestroy=yes],
++	    [res_ndestroy=no])
++AC_MSG_RESULT([$res_ndestroy])
 +
+ m4_rename_force([saved_AC_LANG_CALL], [AC_LANG_CALL])
  AC_CHECK_LIB(idn, idn_free)
  AC_CHECK_LIB(rt, nanosleep)
  AC_SEARCH_LIBS(inet_addr, nsl)

mail/opendmarc/patches/patch-libopendmarc_opendmarc__dns.c

@@ -1,18 +1,29 @@
-$NetBSD: patch-libopendmarc_opendmarc__dns.c,v 1.1 2020/07/27 20:41:10 oster Exp $
+$NetBSD: patch-libopendmarc_opendmarc__dns.c,v 1.2 2020/12/24 01:10:23 manu Exp $
 
-Patch from Roy Marples: if we have res_ndestroy(), use that in place of just res_nclose().
+Make sure res_init works on zeroed structure
+Search for res_ndestroy and use it instead of res_nclose if available
 
---- libopendmarc/opendmarc_dns.c.orig	2015-02-23 20:31:51.000000000 +0000
-+++ libopendmarc/opendmarc_dns.c
-@@ -211,7 +211,11 @@ dmarc_dns_get_record(char *domain, int *
+--- libopendmarc/opendmarc_dns.c.orig	2018-11-15 01:58:31.000000000 +0100
++++ libopendmarc/opendmarc_dns.c	2020-12-23 15:57:30.488718786 +0100
+@@ -201,16 +201,21 @@
+ 	while (*bp == '.')
+ 		++bp;
+
+ #ifdef HAVE_RES_NINIT   
++	memset(&resp, 0, sizeof(resp));
+ 	res_ninit(&resp);
+ #ifdef RES_USE_DNSSEC
+ 	resp.options |= RES_USE_DNSSEC;
+ #endif
  	(void) opendmarc_policy_library_dns_hook(&resp.nscount,
                                                   &resp.nsaddr_list);
  	answer_len = res_nquery(&resp, bp, C_IN, T_TXT, answer_buf, sizeof answer_buf);
 +#ifdef HAVE_RES_NDESTROY
 +	res_ndestroy(&resp);
-+#else
++#else /* HAVE_RES_NDESTROY */
  	res_nclose(&resp);
-+#endif
++#endif /* HAVE_RES_NDESTROY */
  #else /* HAVE_RES_NINIT */
- #if defined RES_USE_DNSSEC
+ 	res_init();
+ #ifdef RES_USE_DNSSEC
  	_res.options |= RES_USE_DNSSEC;