Subversion Repositories libspf2

Compare Revisions

Ignore whitespace Rev 30 → Rev 29

/trunk/debian/libspf2-2.symbols
File deleted
/trunk/debian/changelog
1,25 → 1,3
libspf2 (1.2.8~dfsg-1) unstable; urgency=low
 
* Merge changes from Ubuntu.
 
-- Magnus Holmgren <holmgren@debian.org> Tue, 21 Oct 2008 21:01:49 +0200
 
libspf2 (1.2.8~dfsg-0ubuntu1) intrepid; urgency=low
 
* New upstream release (LP: #283920)
- Fixes multiple memory leaks
- CVE2008-2469 buffer overflows
- Adds new documentation
- Drop all patches except 20_spf_dns_include_std_headers.dpatch (included
upstream)
- Freshen 20_spf_dns_include_std_headers.dpatch
- Update debian/rules for new release
* Repack tarball to remove non-DFSG Free IETF draft
* Added debian/libspf2-2.symbols and updated for new version
* Drop README.Debian since it no longer applies.
 
-- Scott Kitterman <scott@kitterman.com> Sun, 19 Oct 2008 01:00:13 -0400
 
libspf2 (1.2.5.dfsg-5) unstable; urgency=low
 
* 43_new_explanation_url.dpatch: Bring default explanation up to date by
/trunk/debian/patches/42_empty_sender.dpatch
0,0 → 1,33
#!/bin/sh /usr/share/dpatch/dpatch-run
## 42_empty_sender.dpatch by Magnus Holmgren <magnus@kibibyte.se>
##
## DP: If SPF_request_set_env_from() is called with from set to the empty
## DP: string (i.e. a DSN), use the HELO identity. Also fix incorrect
## DP: handling when the local part is empty (but the "@" is present).
 
@DPATCH@
diff -urNad trunk~/src/libspf2/spf_request.c trunk/src/libspf2/spf_request.c
--- trunk~/src/libspf2/spf_request.c 2005-02-22 03:38:57.000000000 +0100
+++ trunk/src/libspf2/spf_request.c 2007-07-30 21:58:48.000000000 +0200
@@ -142,14 +142,19 @@
SPF_FREE(sr->env_from_lp);
SPF_FREE(sr->env_from_dp);
+ if (*from == '\0' && sr->helo_dom != NULL) {
+ from = sr->helo_dom;
+ }
cp = strrchr(from, '@');
if (cp && (cp != from)) {
sr->env_from = strdup(from);
- sr->env_from_lp = strdup(from); /* Too long, but simple */
- sr->env_from_lp[(cp - from)] = '\0';
+ *cp = '\0';
+ sr->env_from_lp = strdup(from);
sr->env_from_dp = strdup(cp + 1);
+ *cp = '@';
}
else {
+ if (cp == from) from++; /* "@domain.example" */
len = sizeof("postmaster@") + strlen(from);
sr->env_from = malloc(len + 1); /* sizeof("") == 1? */
sprintf(sr->env_from, "postmaster@%s", from);
/trunk/debian/patches/43_new_explanation_url.dpatch
0,0 → 1,20
#! /bin/sh /usr/share/dpatch/dpatch-run
## 43_new_explanation_url.dpatch by <magnus@proffe.kibibyte.se>
##
## All lines beginning with `## DP:' are a description of the patch.
## DP: Bring default explanation up to date by referring to
## DP: www.openspf.org instead of spf.pobox.com.
 
@DPATCH@
diff -urNad trunk~/src/include/spf.h trunk/src/include/spf.h
--- trunk~/src/include/spf.h 2007-09-06 13:57:32.000000000 +0200
+++ trunk/src/include/spf.h 2007-09-06 13:58:59.000000000 +0200
@@ -57,7 +57,7 @@
#define SPF_DEFAULT_SANITIZE 1
#define SPF_DEFAULT_WHITELIST "include:spf.trusted-forwarder.org"
#define SPF_EXP_MOD_NAME "exp-text"
-#define SPF_DEFAULT_EXP "Please see http://spf.pobox.com/why.html?sender=%{S}&ip=%{C}&receiver=%{R}"
+#define SPF_DEFAULT_EXP "Please see http://www.openspf.org/Why?id=%{S}&ip=%{C}&receiver=%{R}"
Property changes:
Added: svn:executable
## -0,0 +1 ##
+*
\ No newline at end of property
Index: debian/patches/00list
===================================================================
--- debian/patches/00list (revision 30)
+++ debian/patches/00list (revision 29)
@@ -1 +1,16 @@
+#01_line-endings
+02_wrong_lib_version_h
+20_64bit_types
+20_printf_types
20_spf_dns_include_std_headers
+20_spf_server_unnecessary_include
+21_spfquery_infininte_loop
+22_spfquery_fallback_segfault
+23_spfquery_ipv6
+25_maxvals
+30_spfd_check_unlink_failure
+35_untabify_help
+40_permanent_include_errors
+41_none_not_neutral
+42_empty_sender
+43_new_explanation_url
Index: debian/patches/35_untabify_help.dpatch
===================================================================
--- debian/patches/35_untabify_help.dpatch (nonexistent)
+++ debian/patches/35_untabify_help.dpatch (revision 29)
@@ -0,0 +1,25 @@
+#!/bin/sh
+## 35_untabify_help.dpatch by Magnus Holmgren <magnus@kibibyte.se>
+##
+## All lines beginning with `## DP:' are a description of the patch.
+## DP: Tidy up --help messages by converting tabs to four spaces (" ").
+
+FILES_TO_PROCESS="src/spfquery/spfquery.c
+ src/spftest/spftest.c
+ src/spf_example/spf_example.c"
+
+dpatch_patch() {
+ # Change line endings to LF in files with CRLF
+ perl -pi -e 's/("[^"]*?)\t/$1 / and redo;' $FILES_TO_PROCESS
+}
+
+dpatch_unpatch() {
+ # Change line endings back to CRLF in files that had it in the tarball
+ # Unfortunately there are exceptions ... have to watch out for changes
+ # in future upstream versions (or simply make backups instead).
+ perl -pi -e 's/("[^"]*?) /$1\t/ and redo;' $FILES_TO_PROCESS
+}
+
+DPATCH_LIB_NO_DEFAULT=1
+
+. /usr/share/dpatch/dpatch.lib.sh
Index: debian/patches/23_spfquery_ipv6.dpatch
===================================================================
--- debian/patches/23_spfquery_ipv6.dpatch (nonexistent)
+++ debian/patches/23_spfquery_ipv6.dpatch (revision 29)
@@ -0,0 +1,20 @@
+#! /bin/sh /usr/share/dpatch/dpatch-run
+## 23_spfquery_ipv6.dpatch by Matthias Cramer <matthias.cramer@interway.ch>
+##
+## All lines beginning with `## DP:' are a description of the patch.
+## DP: Make spfquery accept IPv6 addresses
+
+@DPATCH@
+
+--- libspf2-1.2.5.orig/src/spfquery/spfquery.c 2005-02-22 03:36:55.000000000 +0100
++++ libspf2-1.2.5.dfsg/src/spfquery/spfquery.c 2007-08-30 09:39:32.000000000 +0200
+@@ -604,7 +602,8 @@
+
+ spf_request = SPF_request_new(spf_server);
+
+- if (SPF_request_set_ipv4_str(spf_request, req->ip)) {
++ if (SPF_request_set_ipv4_str(spf_request, req->ip)
++ && SPF_request_set_ipv6_str(spf_request, req->ip)) {
+ printf( "Invalid IP address.\n" );
+ CONTINUE_ERROR;
+
Index: debian/patches/22_spfquery_fallback_segfault.dpatch
===================================================================
--- debian/patches/22_spfquery_fallback_segfault.dpatch (nonexistent)
+++ debian/patches/22_spfquery_fallback_segfault.dpatch (revision 29)
@@ -0,0 +1,45 @@
+#! /bin/sh /usr/share/dpatch/dpatch-run
+## 22_spfquery_fallback_segfault.dpatch by Robert Millan <rmh@aybabtu.com>
+##
+## All lines beginning with `## DP:' are a description of the patch.
+## DP: Fix segfault with malformed -guess argument
+
+@DPATCH@
+
+diff -ur libspf2-1.2.5.dfsg.old/src/spfquery/spfquery.c libspf2-1.2.5.dfsg/src/spfquery/spfquery.c
+--- libspf2-1.2.5.dfsg.old/src/spfquery/spfquery.c 2005-02-22 03:36:55.000000000 +0100
++++ libspf2-1.2.5.dfsg/src/spfquery/spfquery.c 2007-06-24 13:17:34.000000000 +0200
+@@ -341,6 +341,7 @@
+ SPF_request_t *spf_request = NULL;
+ SPF_response_t *spf_response = NULL;
+ SPF_response_t *spf_response_2mx = NULL;
++ SPF_response_t *spf_response_fallback = NULL;
+ SPF_errcode_t err;
+
+ char *opt_file = NULL;
+@@ -670,20 +671,20 @@
+ /* We now have an option to call SPF_request_query_fallback */
+ if (opts->fallback) {
+ err = SPF_request_query_fallback(spf_request,
+- &spf_response, opts->fallback);
++ &spf_response_fallback, opts->fallback);
+ if (opts->debug)
+- response_print("fallback query", spf_response_2mx);
++ response_print("fallback query", spf_response_fallback);
+ if (err) {
+ response_print_errors("Failed to query best-guess",
+- spf_response, err);
++ spf_response_fallback, err);
+ CONTINUE_ERROR;
+ }
+
+ /* append the result */
+- APPEND_RESULT(SPF_response_result(spf_response_2mx));
++ APPEND_RESULT(SPF_response_result(spf_response_fallback));
+
+ spf_response = SPF_response_combine(spf_response,
+- spf_response_2mx);
++ spf_response_fallback);
+ }
+
+ printf( "%s\n%s\n%s\n%s\n",
Index: debian/patches/41_none_not_neutral.dpatch
===================================================================
--- debian/patches/41_none_not_neutral.dpatch (nonexistent)
+++ debian/patches/41_none_not_neutral.dpatch (revision 29)
@@ -0,0 +1,48 @@
+#!/bin/sh /usr/share/dpatch/dpatch-run
+## 41_none_not_neutral.dpatch by Robert Millan <rmh@aybabtu.com>, edited by Magnus Holmgren
+##
+## DP: Differentiate between SPF_RESULT_NONE and
+## DP: SPF_RESULT_NEUTRAL in the header comment.
+
+@DPATCH@
+
+diff -ur libspf2-1.2.5.dfsg.old/src/libspf2/spf_interpret.c libspf2-1.2.5.dfsg/src/libspf2/spf_interpret.c
+--- libspf2-1.2.5.dfsg.old/src/libspf2/spf_interpret.c 2005-02-22 04:41:27.000000000 +0100
++++ libspf2-1.2.5.dfsg/src/libspf2/spf_interpret.c 2007-07-01 01:03:17.000000000 +0200
+@@ -214,11 +226,15 @@
+ break;
+
+ case SPF_RESULT_NEUTRAL:
+- case SPF_RESULT_NONE:
+ snprintf( p, p_end - p, "%s is neither permitted nor denied by %s",
+ ip, spf_source );
+ break;
+
++ case SPF_RESULT_NONE:
++ snprintf( p, p_end - p, "%s does not provide an SPF record",
++ spf_source );
++ break;
++
+ case SPF_RESULT_TEMPERROR:
+ snprintf( p, p_end - p, "encountered temporary error during SPF processing of %s",
+ spf_source );
+diff -ur libspf2-1.2.5.dfsg.old/src/libspf2/spf_result.c libspf2-1.2.5.dfsg/src/libspf2/spf_result.c
+--- libspf2-1.2.5.dfsg.old/src/libspf2/spf_result.c 2004-08-10 15:04:02.000000000 +0200
++++ libspf2-1.2.5.dfsg/src/libspf2/spf_result.c 2007-07-01 01:03:29.000000000 +0200
+@@ -187,11 +197,15 @@
+ break;
+
+ case SPF_RESULT_NEUTRAL:
+- case SPF_RESULT_NONE:
+ snprintf( p, p_end - p, "%s is neither permitted nor denied by %s",
+ ip, spf_source );
+ break;
+
++ case SPF_RESULT_NONE:
++ snprintf( p, p_end - p, "%s does not provide an SPF record",
++ spf_source );
++ break;
++
+ case SPF_RESULT_ERROR:
+ snprintf( p, p_end - p, "encountered temporary error during SPF processing of %s",
+ spf_source );
Index: debian/patches/40_permanent_include_errors.dpatch
===================================================================
--- debian/patches/40_permanent_include_errors.dpatch (nonexistent)
+++ debian/patches/40_permanent_include_errors.dpatch (revision 29)
@@ -0,0 +1,23 @@
+#!/bin/sh /usr/share/dpatch/dpatch-run
+## 40_permanent_include_errors.dpatch by Robert Millan <rmh@aybabtu.com>, edited by Magnus Holmgren
+##
+## DP: Permanent error when processing an include: directive should in turn
+## DP: produce permanent error (see the table in RFC 4408 / section 5.2).
+
+@DPATCH@
+
+diff -ur libspf2-1.2.5.dfsg.old/src/libspf2/spf_interpret.c libspf2-1.2.5.dfsg/src/libspf2/spf_interpret.c
+--- libspf2-1.2.5.dfsg.old/src/libspf2/spf_interpret.c 2005-02-22 04:41:27.000000000 +0100
++++ libspf2-1.2.5.dfsg/src/libspf2/spf_interpret.c 2007-07-01 01:03:17.000000000 +0200
+@@ -1022,7 +1042,10 @@
+ if (spf_record_subr)
+ SPF_record_free(spf_record_subr);
+ SPF_FREE_LOOKUP_DATA();
+- return DONE_TEMPERR( err );
++ if (err == SPF_E_DNS_ERROR)
++ return DONE_TEMPERR( err );
++ else
++ return DONE_PERMERR( err );
+ }
+
+ /*
Index: debian/patches/20_printf_types.dpatch
===================================================================
--- debian/patches/20_printf_types.dpatch (nonexistent)
+++ debian/patches/20_printf_types.dpatch (revision 29)
@@ -0,0 +1,64 @@
+#! /bin/sh /usr/share/dpatch/dpatch-run
+## 20_printf_types.dpatch by Magnus Holmgren <magnus@kibibyte.se>
+##
+## All lines beginning with `## DP:' are a description of the patch.
+## DP: Change the format strings of various calls to printf-style functions to
+## DP: match the arguments.
+
+@DPATCH@
+diff -urNad libspf2-1.2.5.dfsg~/src/libspf2/spf_compile.c libspf2-1.2.5.dfsg/src/libspf2/spf_compile.c
+--- libspf2-1.2.5.dfsg~/src/libspf2/spf_compile.c 2007-03-27 14:28:00.931960929 +0200
++++ libspf2-1.2.5.dfsg/src/libspf2/spf_compile.c 2007-03-27 14:30:04.000000000 +0200
+@@ -470,7 +470,7 @@
+ len = end - p;
+ if (spf_server->debug)
+ SPF_debugf("Adding string literal (%d): '%*.*s'",
+- len, len, len, p);
++ (int)len, (int)len, (int)len, p);
+ memcpy( dst, p, len );
+ ds_len += len;
+ dst += len;
+diff -urNad libspf2-1.2.5.dfsg~/src/libspf2/spf_id2str.c libspf2-1.2.5.dfsg/src/libspf2/spf_id2str.c
+--- libspf2-1.2.5.dfsg~/src/libspf2/spf_id2str.c 2007-03-27 14:27:58.171600935 +0200
++++ libspf2-1.2.5.dfsg/src/libspf2/spf_id2str.c 2007-03-27 14:30:51.000000000 +0200
+@@ -309,7 +309,7 @@
+ p_end = *bufp + *buflenp;
+
+ if (debug)
+- SPF_debugf("stringify: Buffer length is %d\n", *buflenp);
++ SPF_debugf("stringify: Buffer length is %u\n", (unsigned int)*buflenp);
+
+
+ /*
+diff -urNad libspf2-1.2.5.dfsg~/src/libspf2/spf_print.c libspf2-1.2.5.dfsg/src/libspf2/spf_print.c
+--- libspf2-1.2.5.dfsg~/src/libspf2/spf_print.c 2007-03-27 14:27:58.231608763 +0200
++++ libspf2-1.2.5.dfsg/src/libspf2/spf_print.c 2007-03-27 14:47:39.000000000 +0200
+@@ -54,12 +54,12 @@
+ return SPF_E_SUCCESS;
+ }
+
+- SPF_infof( "SPF header: version: %d mech %d/%d mod %d/%d len=%d",
++ SPF_infof( "SPF header: version: %d mech %d/%u mod %d/%u len=%u",
+ spf_record->version,
+- spf_record->num_mech, spf_record->mech_len,
+- spf_record->num_mod, spf_record->mod_len,
+- sizeof(SPF_record_t) + spf_record->mech_len
+- + spf_record->mod_len);
++ (int)spf_record->num_mech, (unsigned int)spf_record->mech_len,
++ (int)spf_record->num_mod, (unsigned int)spf_record->mod_len,
++ (unsigned int)(sizeof(SPF_record_t) + spf_record->mech_len
++ + spf_record->mod_len));
+
+ err = SPF_record_stringify(spf_record, &prt_buf, &prt_len);
+ if ( err == SPF_E_RESULT_UNKNOWN )
+@@ -81,7 +81,7 @@
+ void SPF_print_sizeof(void)
+ {
+ // SPF_infof( "sizeof(SPF_rec_header_t)=%u", sizeof(SPF_rec_header_t));
+- SPF_infof( "sizeof(SPF_mech_t)=%u", sizeof(SPF_mech_t));
+- SPF_infof( "sizeof(SPF_data_t)=%u", sizeof(SPF_data_t));
+- SPF_infof( "sizeof(SPF_mod_t)=%u", sizeof(SPF_mod_t));
++ SPF_infof( "sizeof(SPF_mech_t)=%u", (unsigned int)sizeof(SPF_mech_t));
++ SPF_infof( "sizeof(SPF_data_t)=%u", (unsigned int)sizeof(SPF_data_t));
++ SPF_infof( "sizeof(SPF_mod_t)=%u", (unsigned int)sizeof(SPF_mod_t));
+ }
/debian/patches/20_printf_types.dpatch
Property changes:
Added: svn:executable
## -0,0 +1 ##
+*
\ No newline at end of property
Index: debian/patches/01_line-endings.dpatch
===================================================================
--- debian/patches/01_line-endings.dpatch (nonexistent)
+++ debian/patches/01_line-endings.dpatch (revision 29)
@@ -0,0 +1,30 @@
+#!/bin/sh
+## 01_line-endings.dpatch by Magnus Holmgren <magnus@kibibyte.se>
+##
+## All lines beginning with `## DP:' are a description of the patch.
+## DP: Convert CRLF line endings to LF in certain Windows-related files
+
+FILES_WITH_CRLF="src/libspf2/spf_dns_windns.c
+ src/libspf2/spf_win32.c
+ src/libreplace/win32_config.h
+ src/include/spf_dns_windns.h
+ src/include/spf_win32.h"
+
+set -e
+
+dpatch_patch() {
+ if [ ! -f debian/patched/patched-line-endings.tar.gz ]; then
+ tar -czf debian/patched/patched-line-endings.tar.gz $FILES_WITH_CRLF
+ # Change line endings to LF in files with CRLF
+ sed -ri -e 's/\r$//' $FILES_WITH_CRLF
+ fi
+}
+
+dpatch_unpatch() {
+ # Change line endings back to CRLF in files that had it in the tarball
+ tar -xzf debian/patched/patched-line-endings.tar.gz
+}
+
+DPATCH_LIB_NO_DEFAULT=1
+
+. /usr/share/dpatch/dpatch.lib.sh
/debian/patches/01_line-endings.dpatch
Property changes:
Added: svn:executable
## -0,0 +1 ##
+*
\ No newline at end of property
Index: debian/patches/21_spfquery_infininte_loop.dpatch
===================================================================
--- debian/patches/21_spfquery_infininte_loop.dpatch (nonexistent)
+++ debian/patches/21_spfquery_infininte_loop.dpatch (revision 29)
@@ -0,0 +1,21 @@
+#! /bin/sh /usr/share/dpatch/dpatch-run
+## 21_spfquery_infininte_loop.dpatch by Magnus Holmgren <magnus@kibibyte.se>
+##
+## All lines beginning with `## DP:' are a description of the patch.
+## DP: Fix infinite loop in spfquery.c:unimplemented().
+
+@DPATCH@
+diff -urNad libspf2-1.2.5.dfsg~/src/spfquery/spfquery.c libspf2-1.2.5.dfsg/src/spfquery/spfquery.c
+--- libspf2-1.2.5.dfsg~/src/spfquery/spfquery.c 2005-02-22 03:36:55.000000000 +0100
++++ libspf2-1.2.5.dfsg/src/spfquery/spfquery.c 2007-03-24 22:28:15.000000000 +0100
+@@ -174,9 +174,7 @@
+ struct option *opt;
+ int i;
+
+- i = 0;
+- opt = &long_options[i];
+- while (opt->name) {
++ for (i = 0; (opt = &long_options[i])->name; i++) {
+ if (flag == opt->val) {
+ fprintf(stderr, "Unimplemented option: -%s or -%c\n",
+ opt->name, flag);
/debian/patches/21_spfquery_infininte_loop.dpatch
Property changes:
Added: svn:executable
## -0,0 +1 ##
+*
\ No newline at end of property
Index: debian/patches/20_64bit_types.dpatch
===================================================================
--- debian/patches/20_64bit_types.dpatch (nonexistent)
+++ debian/patches/20_64bit_types.dpatch (revision 29)
@@ -0,0 +1,105 @@
+#! /bin/sh /usr/share/dpatch/dpatch-run
+## 20_64bit_types.dpatch by Magnus Holmgren <magnus@kibibyte.se>
+##
+## All lines beginning with `## DP:' are a description of the patch.
+## DP: Change various ints to size_t etc, to avoid crashes on 64-bit
+## DP: architectures.
+
+@DPATCH@
+
+diff -Nur libspf2-1.2.5.dfsg/src/include/spf_internal.h libspf2-1.2.5.dfsg.new/src/include/spf_internal.h
+--- libspf2-1.2.5.dfsg/src/include/spf_internal.h 2007-03-23 22:37:26.000000000 +0100
++++ libspf2-1.2.5.dfsg.new/src/include/spf_internal.h 2007-03-23 23:08:54.000000000 +0100
+@@ -71,7 +71,7 @@
+ static inline size_t _align_sz(size_t s)
+ { return (s + (_ALIGN_SZ - 1 - (((s - 1) & (_ALIGN_SZ - 1))))); }
+ static inline char * _align_ptr(char *s)
+- { return (s + (_ALIGN_SZ - 1 - ((((unsigned int)s - 1) & (_ALIGN_SZ - 1))))); }
++ { return (s + (_ALIGN_SZ - 1 - ((((size_t)s - 1) & (_ALIGN_SZ - 1))))); }
+ #else
+ static inline size_t _align_sz(size_t s) { return s; }
+ static inline char * _align_ptr(char *s) { return s; }
+diff -Nur libspf2-1.2.5.dfsg/src/include/spf_record.h libspf2-1.2.5.dfsg.new/src/include/spf_record.h
+--- libspf2-1.2.5.dfsg/src/include/spf_record.h 2007-03-23 22:37:26.000000000 +0100
++++ libspf2-1.2.5.dfsg.new/src/include/spf_record.h 2007-03-23 23:08:54.000000000 +0100
+@@ -224,7 +224,7 @@
+
+ struct SPF_macro_struct
+ {
+- unsigned int macro_len; /* bytes of data */
++ size_t macro_len; /* bytes of data */
+ /* data: (SPF_data_t[] = char[macro_len]) follows */
+ };
+
+diff -Nur libspf2-1.2.5.dfsg/src/libspf2/spf_compile.c libspf2-1.2.5.dfsg.new/src/libspf2/spf_compile.c
+--- libspf2-1.2.5.dfsg/src/libspf2/spf_compile.c 2007-03-23 22:37:26.000000000 +0100
++++ libspf2-1.2.5.dfsg.new/src/libspf2/spf_compile.c 2007-03-23 23:18:41.000000000 +0100
+@@ -98,7 +98,7 @@
+ }
+
+ static void
+-SPF_c_ensure_capacity(void **datap, int *sizep, int length)
++SPF_c_ensure_capacity(void **datap, size_t *sizep, int length)
+ {
+ int size = *sizep;
+ if (length > size)
+@@ -435,7 +435,7 @@
+ static SPF_errcode_t
+ SPF_c_parse_macro(SPF_server_t *spf_server,
+ SPF_response_t *spf_response,
+- SPF_data_t *data, int *data_len,
++ SPF_data_t *data, size_t *data_len,
+ const char **startp, const char **endp,
+ size_t max_len, SPF_errcode_t big_err,
+ int is_mod)
+@@ -551,10 +551,10 @@
+ static SPF_errcode_t
+ SPF_c_parse_domainspec(SPF_server_t *spf_server,
+ SPF_response_t *spf_response,
+- SPF_data_t *data, int *data_len,
++ SPF_data_t *data, size_t *data_len,
+ const char **startp, const char **endp,
+ size_t max_len, SPF_errcode_t big_err,
+- int cidr_ok, int is_mod)
++ SPF_cidr_t cidr_ok, int is_mod)
+ {
+ SPF_errcode_t err;
+ /* Generic parsing iterators and boundaries */
+diff -Nur libspf2-1.2.5.dfsg/src/libspf2/spf_dns_resolv.c libspf2-1.2.5.dfsg.new/src/libspf2/spf_dns_resolv.c
+--- libspf2-1.2.5.dfsg/src/libspf2/spf_dns_resolv.c 2007-03-23 22:37:26.000000000 +0100
++++ libspf2-1.2.5.dfsg.new/src/libspf2/spf_dns_resolv.c 2007-03-23 23:08:54.000000000 +0100
+@@ -393,7 +393,7 @@
+ if ( SPF_dns_rr_buf_realloc( spfrr, cnt, rdlen ) != SPF_E_SUCCESS )
+ return spfrr;
+
+- dst = spfrr->rr[cnt]->txt;
++ dst = (u_char *)(spfrr->rr[cnt]->txt);
+ len = 0;
+ src = (u_char *)rdata;
+ while ( rdlen > 0 )
+diff -Nur libspf2-1.2.5.dfsg/src/libspf2/spf_interpret.c libspf2-1.2.5.dfsg.new/src/libspf2/spf_interpret.c
+--- libspf2-1.2.5.dfsg/src/libspf2/spf_interpret.c 2007-03-23 22:37:26.000000000 +0100
++++ libspf2-1.2.5.dfsg.new/src/libspf2/spf_interpret.c 2007-03-23 23:20:30.000000000 +0100
+@@ -49,8 +49,8 @@
+ SPF_record_t *spf_record;
+ SPF_errcode_t err;
+ char *buf;
+- int buflen;
+- int len;
++ size_t buflen;
++ size_t len;
+
+ SPF_ASSERT_NOTNULL(spf_response);
+ spf_request = spf_response->spf_request;
+diff -Nur libspf2-1.2.5.dfsg/src/spfd/spfd.c libspf2-1.2.5.dfsg.new/src/spfd/spfd.c
+--- libspf2-1.2.5.dfsg/src/spfd/spfd.c 2007-03-23 22:37:26.000000000 +0100
++++ libspf2-1.2.5.dfsg.new/src/spfd/spfd.c 2007-03-23 23:08:54.000000000 +0100
+@@ -168,7 +168,7 @@
+ struct sockaddr_in in;
+ struct sockaddr_un un;
+ } addr;
+- int addrlen;
++ socklen_t addrlen;
+ char *data;
+ int datalen;
+
/debian/patches/20_64bit_types.dpatch
Property changes:
Added: svn:executable
## -0,0 +1 ##
+*
\ No newline at end of property
Index: debian/patches/02_wrong_lib_version_h.dpatch
===================================================================
--- debian/patches/02_wrong_lib_version_h.dpatch (nonexistent)
+++ debian/patches/02_wrong_lib_version_h.dpatch (revision 29)
@@ -0,0 +1,30 @@
+#!/bin/sh
+## 02_wrong_lib_version_h.dpatch by Magnus Holmgren <magnus@kibibyte.se>
+##
+## All lines beginning with `## DP:' are a description of the patch.
+## DP: Move static spf_lib_version.h out of the way and patch configure to put
+## DP: the autogenerated one in the right place.
+
+set -e
+
+lib_version_h=src/include/spf_lib_version.h
+
+dpatch_patch() {
+ # Update configure script so that it writes to the right .h file
+ test -e configure.old || \
+ sed -ri.old -e 's%src/libspf2/spf_lib_version%src/include/spf_lib_version%' configure
+ # Move the bad .h file out of the way
+ test -e $lib_version_h.old || mv -f $lib_version_h $lib_version_h.old
+}
+
+dpatch_unpatch() {
+ # Move the bad .h file back to its position
+ if test -e $lib_version_h.old; then mv -f $lib_version_h.old $lib_version_h; fi
+ # Move the original configure script back
+ if test -e configure.old; then mv -f configure.old configure; fi
+}
+
+
+DPATCH_LIB_NO_DEFAULT=1
+
+. /usr/share/dpatch/dpatch.lib.sh
/debian/patches/02_wrong_lib_version_h.dpatch
Property changes:
Added: svn:executable
## -0,0 +1 ##
+*
\ No newline at end of property
Index: debian/patches/20_spf_server_unnecessary_include.dpatch
===================================================================
--- debian/patches/20_spf_server_unnecessary_include.dpatch (nonexistent)
+++ debian/patches/20_spf_server_unnecessary_include.dpatch (revision 29)
@@ -0,0 +1,18 @@
+#! /bin/sh /usr/share/dpatch/dpatch-run
+## 20_spf_server_unnecessary_include.dpatch by Magnus Holmgren <magnus@kibibyte.se>
+##
+## All lines beginning with `## DP:' are a description of the patch.
+## DP: src/include/spf_server.h: Remove useless include of spf_dns_internal.h.
+
+@DPATCH@
+
+--- libspf2-1.2.5.dfsg.orig/src/include/spf_server.h
++++ libspf2-1.2.5.dfsg/src/include/spf_server.h
+@@ -20,7 +20,6 @@
+
+ #include "spf_record.h"
+ #include "spf_dns.h"
+-#include "spf_dns_internal.h"
+
+ #ifndef SPF_MAX_DNS_MECH
+ /* It is a bad idea to change this for two reasons.
/debian/patches/20_spf_server_unnecessary_include.dpatch
Property changes:
Added: svn:executable
## -0,0 +1 ##
+*
\ No newline at end of property
Index: debian/patches/25_maxvals.dpatch
===================================================================
--- debian/patches/25_maxvals.dpatch (nonexistent)
+++ debian/patches/25_maxvals.dpatch (revision 29)
@@ -0,0 +1,61 @@
+#! /bin/sh /usr/share/dpatch/dpatch-run
+## 25_maxvals.dpatch by Thomas Jacob <jacob@internet24.de>
+##
+## All lines beginning with `## DP:' are a description of the patch.
+## DP: Bring certain processing limits (meant to mitigate DoS attacks) in line
+## DP: with RFC 4408.
+
+@DPATCH@
+
+diff -ruN libspf2-1.2.5/src/include/spf.h libspf2-1.2.5.patched/src/include/spf.h
+--- libspf2-1.2.5/src/include/spf.h 2005-02-17 01:56:55.000000000 +0100
++++ libspf2-1.2.5.patched/src/include/spf.h 2007-03-14 16:58:21.000000000 +0100
+@@ -52,8 +52,8 @@
+
+ /* FYI only -- defaults can't be changed without recompiling the library */
+ #define SPF_DEFAULT_MAX_DNS_MECH 10 /* DoS limit on SPF mechanisms */
+-#define SPF_DEFAULT_MAX_DNS_PTR 5 /* DoS limit on PTR records */
+-#define SPF_DEFAULT_MAX_DNS_MX 5 /* DoS limit on MX records */
++#define SPF_DEFAULT_MAX_DNS_PTR 10 /* DoS limit on PTR records */
++#define SPF_DEFAULT_MAX_DNS_MX 10 /* DoS limit on MX records */
+ #define SPF_DEFAULT_SANITIZE 1
+ #define SPF_DEFAULT_WHITELIST "include:spf.trusted-forwarder.org"
+ #define SPF_EXP_MOD_NAME "exp-text"
+diff -ruN libspf2-1.2.5/src/include/spf_internal.h libspf2-1.2.5.patched/src/include/spf_internal.h
+--- libspf2-1.2.5/src/include/spf_internal.h 2005-02-24 05:10:49.000000000 +0100
++++ libspf2-1.2.5.patched/src/include/spf_internal.h 2007-03-14 16:58:04.000000000 +0100
+@@ -57,13 +57,13 @@
+ /* It is a bad idea to change this for the same reasons as mentioned
+ * above for SPF_MAX_DNS_MECH
+ */
+-#define SPF_MAX_DNS_PTR 5
++#define SPF_MAX_DNS_PTR 10
+ #endif
+ #ifndef SPF_MAX_DNS_MX
+ /* It is a bad idea to change this for the same reasons as mentioned
+ * above for SPF_MAX_DNS_MECH
+ */
+-#define SPF_MAX_DNS_MX 5
++#define SPF_MAX_DNS_MX 10
+ #endif
+
+ #if 1
+diff -ruN libspf2-1.2.5/src/include/spf_server.h libspf2-1.2.5.patched/src/include/spf_server.h
+--- libspf2-1.2.5/src/include/spf_server.h 2004-09-29 12:33:09.000000000 +0200
++++ libspf2-1.2.5.patched/src/include/spf_server.h 2007-03-14 16:58:54.000000000 +0100
+@@ -44,13 +44,13 @@
+ /* It is a bad idea to change this for the same reasons as mentioned
+ * above for SPF_MAX_DNS_MECH
+ */
+-#define SPF_MAX_DNS_PTR 5
++#define SPF_MAX_DNS_PTR 10
+ #endif
+ #ifndef SPF_MAX_DNS_MX
+ /* It is a bad idea to change this for the same reasons as mentioned
+ * above for SPF_MAX_DNS_MECH
+ */
+-#define SPF_MAX_DNS_MX 5
++#define SPF_MAX_DNS_MX 10
+ #endif
+
+ struct SPF_server_struct {
/debian/patches/25_maxvals.dpatch
Property changes:
Added: svn:executable
## -0,0 +1 ##
+*
\ No newline at end of property
Index: debian/patches/30_spfd_check_unlink_failure.dpatch
===================================================================
--- debian/patches/30_spfd_check_unlink_failure.dpatch (nonexistent)
+++ debian/patches/30_spfd_check_unlink_failure.dpatch (revision 29)
@@ -0,0 +1,20 @@
+#! /bin/sh /usr/share/dpatch/dpatch-run
+## 30_spfd_check_unlink_failure.dpatch by Thomas Jacob <jacob@internet24.de>
+##
+## All lines beginning with `## DP:' are a description of the patch.
+## DP: Fix a call to unlink() in spfd.c. It passed 'path < 0' as the argument
+## DP: instead of checking whether the return value < 0.
+
+@DPATCH@
+
+--- libspf2-1.2.5/src/spfd/spfd.c 2005-02-19 03:40:35.000000000 +0100
++++ libspf2-1.2.5-amd64/src/spfd/spfd.c 2007-03-08 21:17:09.000000000 +0100
+@@ -640,7 +640,7 @@
+ memset(&addr, 0, sizeof(addr));
+ addr.sun_family = AF_UNIX;
+ strcpy(addr.sun_path, spfd_config.path);
+- if (unlink(spfd_config.path < 0)) {
++ if (unlink(spfd_config.path) < 0) {
+ if (errno != ENOENT) {
+ perror("unlink");
+ DIE("Failed to unlink socket");
/debian/patches/30_spfd_check_unlink_failure.dpatch
Property changes:
Added: svn:executable
## -0,0 +1 ##
+*
\ No newline at end of property
Index: debian/patches/20_spf_dns_include_std_headers.dpatch
===================================================================
--- debian/patches/20_spf_dns_include_std_headers.dpatch (revision 30)
+++ debian/patches/20_spf_dns_include_std_headers.dpatch (revision 29)
@@ -10,7 +10,7 @@
diff -Nur libspf2-1.2.5.dfsg/src/include/spf_dns.h libspf2-1.2.5.dfsg.new/src/include/spf_dns.h
--- libspf2-1.2.5.dfsg/src/include/spf_dns.h 2004-08-29 16:59:33.000000000 +0200
+++ libspf2-1.2.5.dfsg.new/src/include/spf_dns.h 2007-03-23 18:04:17.000000000 +0100
-@@ -61,48 +61,16 @@
+@@ -61,43 +61,12 @@
*
*/
@@ -23,7 +23,6 @@
+#include <arpa/nameser.h>
+#include <netdb.h>
--/* XXX This should use a more sensible define. */
-#if !defined( HAVE_NS_TYPE )
-
-#define ns_t_invalid 0
@@ -40,11 +39,7 @@
-typedef int ns_type;
-#endif
-
- #if ! HAVE_DECL_NS_T_SPF
- #define ns_t_spf 99
- #endif
-
--#if ! HAVE_DECL_NS_T_INVALID
+-#ifndef ns_t_invalid
-#define ns_t_invalid 0
-#endif
-
/trunk/debian/README.Debian
0,0 → 1,22
libspf2 for Debian
==================
 
Debian's version of libspf2 does a couple of things slightly
differently compared to the upstream version (usually meaning: more
RFC-compliantly). You can always see all applied patches by
downloading the source package and looking in the debian/patches
subdirectory. All patches should also be mentioned in the Debian
changelog. Some deserve further comment, though:
 
* 42_empty_sender.dpatch changes SPF_request_set_env_sender() so that
if called with an empty envelope sender, the envelope sender in the
SPF_request_struct structure will be set to the HELO identity
instead ("postmaster@" + the HELO domain), provided that
SPF_request_set_helo_dom() has been called beforehand. This should
improve behaviour of applications that (incorrectly) call
SPF_request_set_env_sender() with an empty envelope sender address.
However, applications SHOULD NOT RELY ON THIS, but should check if
the envelope sender address is empty, and in that case pass the HELO
identity instead, or use the result of an earlier HELO check.
 
-- Magnus Holmgren <magnus@kibibyte.se>, Wed, 22 Aug 2007 17:10:07 +0200
/trunk/debian/rules
6,7 → 6,7
include /usr/share/cdbs/1/rules/debhelper.mk
include /usr/share/cdbs/1/rules/dpatch.mk
 
DEB_DH_MAKESHLIBS_ARGS_libspf2-2 = -V 'libspf2-2 (>= 1.2.8)'
DEB_DH_MAKESHLIBS_ARGS_libspf2-2 = -V 'libspf2-2 (>= 1.2.5)'
 
binary-install/spfquery::
# Rename the `spfquery` tool for the alternatives system:
14,4 → 14,4
mv debian/spfquery/usr/sbin/spfd debian/spfquery/usr/sbin/spfd.$(SOURCE_PACKAGE)
 
get-orig-source:
wget http://www.libspf2.org/spf/libspf2-1.2.8.tar.gz
wget http://www.libspf2.org/spf/libspf2-1.2.5.tar.gz