/trunk/debian/libspf2-2.symbols |
---|
File deleted |
/trunk/debian/changelog |
---|
1,25 → 1,3 |
libspf2 (1.2.8~dfsg-1) unstable; urgency=low |
* Merge changes from Ubuntu. |
-- Magnus Holmgren <holmgren@debian.org> Tue, 21 Oct 2008 21:01:49 +0200 |
libspf2 (1.2.8~dfsg-0ubuntu1) intrepid; urgency=low |
* New upstream release (LP: #283920) |
- Fixes multiple memory leaks |
- CVE2008-2469 buffer overflows |
- Adds new documentation |
- Drop all patches except 20_spf_dns_include_std_headers.dpatch (included |
upstream) |
- Freshen 20_spf_dns_include_std_headers.dpatch |
- Update debian/rules for new release |
* Repack tarball to remove non-DFSG Free IETF draft |
* Added debian/libspf2-2.symbols and updated for new version |
* Drop README.Debian since it no longer applies. |
-- Scott Kitterman <scott@kitterman.com> Sun, 19 Oct 2008 01:00:13 -0400 |
libspf2 (1.2.5.dfsg-5) unstable; urgency=low |
* 43_new_explanation_url.dpatch: Bring default explanation up to date by |
/trunk/debian/patches/42_empty_sender.dpatch |
---|
0,0 → 1,33 |
#!/bin/sh /usr/share/dpatch/dpatch-run |
## 42_empty_sender.dpatch by Magnus Holmgren <magnus@kibibyte.se> |
## |
## DP: If SPF_request_set_env_from() is called with from set to the empty |
## DP: string (i.e. a DSN), use the HELO identity. Also fix incorrect |
## DP: handling when the local part is empty (but the "@" is present). |
@DPATCH@ |
diff -urNad trunk~/src/libspf2/spf_request.c trunk/src/libspf2/spf_request.c |
--- trunk~/src/libspf2/spf_request.c 2005-02-22 03:38:57.000000000 +0100 |
+++ trunk/src/libspf2/spf_request.c 2007-07-30 21:58:48.000000000 +0200 |
@@ -142,14 +142,19 @@ |
SPF_FREE(sr->env_from_lp); |
SPF_FREE(sr->env_from_dp); |
+ if (*from == '\0' && sr->helo_dom != NULL) { |
+ from = sr->helo_dom; |
+ } |
cp = strrchr(from, '@'); |
if (cp && (cp != from)) { |
sr->env_from = strdup(from); |
- sr->env_from_lp = strdup(from); /* Too long, but simple */ |
- sr->env_from_lp[(cp - from)] = '\0'; |
+ *cp = '\0'; |
+ sr->env_from_lp = strdup(from); |
sr->env_from_dp = strdup(cp + 1); |
+ *cp = '@'; |
} |
else { |
+ if (cp == from) from++; /* "@domain.example" */ |
len = sizeof("postmaster@") + strlen(from); |
sr->env_from = malloc(len + 1); /* sizeof("") == 1? */ |
sprintf(sr->env_from, "postmaster@%s", from); |
/trunk/debian/patches/43_new_explanation_url.dpatch |
---|
0,0 → 1,20 |
#! /bin/sh /usr/share/dpatch/dpatch-run |
## 43_new_explanation_url.dpatch by <magnus@proffe.kibibyte.se> |
## |
## All lines beginning with `## DP:' are a description of the patch. |
## DP: Bring default explanation up to date by referring to |
## DP: www.openspf.org instead of spf.pobox.com. |
@DPATCH@ |
diff -urNad trunk~/src/include/spf.h trunk/src/include/spf.h |
--- trunk~/src/include/spf.h 2007-09-06 13:57:32.000000000 +0200 |
+++ trunk/src/include/spf.h 2007-09-06 13:58:59.000000000 +0200 |
@@ -57,7 +57,7 @@ |
#define SPF_DEFAULT_SANITIZE 1 |
#define SPF_DEFAULT_WHITELIST "include:spf.trusted-forwarder.org" |
#define SPF_EXP_MOD_NAME "exp-text" |
-#define SPF_DEFAULT_EXP "Please see http://spf.pobox.com/why.html?sender=%{S}&ip=%{C}&receiver=%{R}" |
+#define SPF_DEFAULT_EXP "Please see http://www.openspf.org/Why?id=%{S}&ip=%{C}&receiver=%{R}" |
Property changes: |
Added: svn:executable |
## -0,0 +1 ## |
+* |
\ No newline at end of property |
Index: debian/patches/00list |
=================================================================== |
--- debian/patches/00list (revision 30) |
+++ debian/patches/00list (revision 29) |
@@ -1 +1,16 @@ |
+#01_line-endings |
+02_wrong_lib_version_h |
+20_64bit_types |
+20_printf_types |
20_spf_dns_include_std_headers |
+20_spf_server_unnecessary_include |
+21_spfquery_infininte_loop |
+22_spfquery_fallback_segfault |
+23_spfquery_ipv6 |
+25_maxvals |
+30_spfd_check_unlink_failure |
+35_untabify_help |
+40_permanent_include_errors |
+41_none_not_neutral |
+42_empty_sender |
+43_new_explanation_url |
Index: debian/patches/35_untabify_help.dpatch |
=================================================================== |
--- debian/patches/35_untabify_help.dpatch (nonexistent) |
+++ debian/patches/35_untabify_help.dpatch (revision 29) |
@@ -0,0 +1,25 @@ |
+#!/bin/sh |
+## 35_untabify_help.dpatch by Magnus Holmgren <magnus@kibibyte.se> |
+## |
+## All lines beginning with `## DP:' are a description of the patch. |
+## DP: Tidy up --help messages by converting tabs to four spaces (" "). |
+ |
+FILES_TO_PROCESS="src/spfquery/spfquery.c |
+ src/spftest/spftest.c |
+ src/spf_example/spf_example.c" |
+ |
+dpatch_patch() { |
+ # Change line endings to LF in files with CRLF |
+ perl -pi -e 's/("[^"]*?)\t/$1 / and redo;' $FILES_TO_PROCESS |
+} |
+ |
+dpatch_unpatch() { |
+ # Change line endings back to CRLF in files that had it in the tarball |
+ # Unfortunately there are exceptions ... have to watch out for changes |
+ # in future upstream versions (or simply make backups instead). |
+ perl -pi -e 's/("[^"]*?) /$1\t/ and redo;' $FILES_TO_PROCESS |
+} |
+ |
+DPATCH_LIB_NO_DEFAULT=1 |
+ |
+. /usr/share/dpatch/dpatch.lib.sh |
Index: debian/patches/23_spfquery_ipv6.dpatch |
=================================================================== |
--- debian/patches/23_spfquery_ipv6.dpatch (nonexistent) |
+++ debian/patches/23_spfquery_ipv6.dpatch (revision 29) |
@@ -0,0 +1,20 @@ |
+#! /bin/sh /usr/share/dpatch/dpatch-run |
+## 23_spfquery_ipv6.dpatch by Matthias Cramer <matthias.cramer@interway.ch> |
+## |
+## All lines beginning with `## DP:' are a description of the patch. |
+## DP: Make spfquery accept IPv6 addresses |
+ |
+@DPATCH@ |
+ |
+--- libspf2-1.2.5.orig/src/spfquery/spfquery.c 2005-02-22 03:36:55.000000000 +0100 |
++++ libspf2-1.2.5.dfsg/src/spfquery/spfquery.c 2007-08-30 09:39:32.000000000 +0200 |
+@@ -604,7 +602,8 @@ |
+ |
+ spf_request = SPF_request_new(spf_server); |
+ |
+- if (SPF_request_set_ipv4_str(spf_request, req->ip)) { |
++ if (SPF_request_set_ipv4_str(spf_request, req->ip) |
++ && SPF_request_set_ipv6_str(spf_request, req->ip)) { |
+ printf( "Invalid IP address.\n" ); |
+ CONTINUE_ERROR; |
+ |
Index: debian/patches/22_spfquery_fallback_segfault.dpatch |
=================================================================== |
--- debian/patches/22_spfquery_fallback_segfault.dpatch (nonexistent) |
+++ debian/patches/22_spfquery_fallback_segfault.dpatch (revision 29) |
@@ -0,0 +1,45 @@ |
+#! /bin/sh /usr/share/dpatch/dpatch-run |
+## 22_spfquery_fallback_segfault.dpatch by Robert Millan <rmh@aybabtu.com> |
+## |
+## All lines beginning with `## DP:' are a description of the patch. |
+## DP: Fix segfault with malformed -guess argument |
+ |
+@DPATCH@ |
+ |
+diff -ur libspf2-1.2.5.dfsg.old/src/spfquery/spfquery.c libspf2-1.2.5.dfsg/src/spfquery/spfquery.c |
+--- libspf2-1.2.5.dfsg.old/src/spfquery/spfquery.c 2005-02-22 03:36:55.000000000 +0100 |
++++ libspf2-1.2.5.dfsg/src/spfquery/spfquery.c 2007-06-24 13:17:34.000000000 +0200 |
+@@ -341,6 +341,7 @@ |
+ SPF_request_t *spf_request = NULL; |
+ SPF_response_t *spf_response = NULL; |
+ SPF_response_t *spf_response_2mx = NULL; |
++ SPF_response_t *spf_response_fallback = NULL; |
+ SPF_errcode_t err; |
+ |
+ char *opt_file = NULL; |
+@@ -670,20 +671,20 @@ |
+ /* We now have an option to call SPF_request_query_fallback */ |
+ if (opts->fallback) { |
+ err = SPF_request_query_fallback(spf_request, |
+- &spf_response, opts->fallback); |
++ &spf_response_fallback, opts->fallback); |
+ if (opts->debug) |
+- response_print("fallback query", spf_response_2mx); |
++ response_print("fallback query", spf_response_fallback); |
+ if (err) { |
+ response_print_errors("Failed to query best-guess", |
+- spf_response, err); |
++ spf_response_fallback, err); |
+ CONTINUE_ERROR; |
+ } |
+ |
+ /* append the result */ |
+- APPEND_RESULT(SPF_response_result(spf_response_2mx)); |
++ APPEND_RESULT(SPF_response_result(spf_response_fallback)); |
+ |
+ spf_response = SPF_response_combine(spf_response, |
+- spf_response_2mx); |
++ spf_response_fallback); |
+ } |
+ |
+ printf( "%s\n%s\n%s\n%s\n", |
Index: debian/patches/41_none_not_neutral.dpatch |
=================================================================== |
--- debian/patches/41_none_not_neutral.dpatch (nonexistent) |
+++ debian/patches/41_none_not_neutral.dpatch (revision 29) |
@@ -0,0 +1,48 @@ |
+#!/bin/sh /usr/share/dpatch/dpatch-run |
+## 41_none_not_neutral.dpatch by Robert Millan <rmh@aybabtu.com>, edited by Magnus Holmgren |
+## |
+## DP: Differentiate between SPF_RESULT_NONE and |
+## DP: SPF_RESULT_NEUTRAL in the header comment. |
+ |
+@DPATCH@ |
+ |
+diff -ur libspf2-1.2.5.dfsg.old/src/libspf2/spf_interpret.c libspf2-1.2.5.dfsg/src/libspf2/spf_interpret.c |
+--- libspf2-1.2.5.dfsg.old/src/libspf2/spf_interpret.c 2005-02-22 04:41:27.000000000 +0100 |
++++ libspf2-1.2.5.dfsg/src/libspf2/spf_interpret.c 2007-07-01 01:03:17.000000000 +0200 |
+@@ -214,11 +226,15 @@ |
+ break; |
+ |
+ case SPF_RESULT_NEUTRAL: |
+- case SPF_RESULT_NONE: |
+ snprintf( p, p_end - p, "%s is neither permitted nor denied by %s", |
+ ip, spf_source ); |
+ break; |
+ |
++ case SPF_RESULT_NONE: |
++ snprintf( p, p_end - p, "%s does not provide an SPF record", |
++ spf_source ); |
++ break; |
++ |
+ case SPF_RESULT_TEMPERROR: |
+ snprintf( p, p_end - p, "encountered temporary error during SPF processing of %s", |
+ spf_source ); |
+diff -ur libspf2-1.2.5.dfsg.old/src/libspf2/spf_result.c libspf2-1.2.5.dfsg/src/libspf2/spf_result.c |
+--- libspf2-1.2.5.dfsg.old/src/libspf2/spf_result.c 2004-08-10 15:04:02.000000000 +0200 |
++++ libspf2-1.2.5.dfsg/src/libspf2/spf_result.c 2007-07-01 01:03:29.000000000 +0200 |
+@@ -187,11 +197,15 @@ |
+ break; |
+ |
+ case SPF_RESULT_NEUTRAL: |
+- case SPF_RESULT_NONE: |
+ snprintf( p, p_end - p, "%s is neither permitted nor denied by %s", |
+ ip, spf_source ); |
+ break; |
+ |
++ case SPF_RESULT_NONE: |
++ snprintf( p, p_end - p, "%s does not provide an SPF record", |
++ spf_source ); |
++ break; |
++ |
+ case SPF_RESULT_ERROR: |
+ snprintf( p, p_end - p, "encountered temporary error during SPF processing of %s", |
+ spf_source ); |
Index: debian/patches/40_permanent_include_errors.dpatch |
=================================================================== |
--- debian/patches/40_permanent_include_errors.dpatch (nonexistent) |
+++ debian/patches/40_permanent_include_errors.dpatch (revision 29) |
@@ -0,0 +1,23 @@ |
+#!/bin/sh /usr/share/dpatch/dpatch-run |
+## 40_permanent_include_errors.dpatch by Robert Millan <rmh@aybabtu.com>, edited by Magnus Holmgren |
+## |
+## DP: Permanent error when processing an include: directive should in turn |
+## DP: produce permanent error (see the table in RFC 4408 / section 5.2). |
+ |
+@DPATCH@ |
+ |
+diff -ur libspf2-1.2.5.dfsg.old/src/libspf2/spf_interpret.c libspf2-1.2.5.dfsg/src/libspf2/spf_interpret.c |
+--- libspf2-1.2.5.dfsg.old/src/libspf2/spf_interpret.c 2005-02-22 04:41:27.000000000 +0100 |
++++ libspf2-1.2.5.dfsg/src/libspf2/spf_interpret.c 2007-07-01 01:03:17.000000000 +0200 |
+@@ -1022,7 +1042,10 @@ |
+ if (spf_record_subr) |
+ SPF_record_free(spf_record_subr); |
+ SPF_FREE_LOOKUP_DATA(); |
+- return DONE_TEMPERR( err ); |
++ if (err == SPF_E_DNS_ERROR) |
++ return DONE_TEMPERR( err ); |
++ else |
++ return DONE_PERMERR( err ); |
+ } |
+ |
+ /* |
Index: debian/patches/20_printf_types.dpatch |
=================================================================== |
--- debian/patches/20_printf_types.dpatch (nonexistent) |
+++ debian/patches/20_printf_types.dpatch (revision 29) |
@@ -0,0 +1,64 @@ |
+#! /bin/sh /usr/share/dpatch/dpatch-run |
+## 20_printf_types.dpatch by Magnus Holmgren <magnus@kibibyte.se> |
+## |
+## All lines beginning with `## DP:' are a description of the patch. |
+## DP: Change the format strings of various calls to printf-style functions to |
+## DP: match the arguments. |
+ |
+@DPATCH@ |
+diff -urNad libspf2-1.2.5.dfsg~/src/libspf2/spf_compile.c libspf2-1.2.5.dfsg/src/libspf2/spf_compile.c |
+--- libspf2-1.2.5.dfsg~/src/libspf2/spf_compile.c 2007-03-27 14:28:00.931960929 +0200 |
++++ libspf2-1.2.5.dfsg/src/libspf2/spf_compile.c 2007-03-27 14:30:04.000000000 +0200 |
+@@ -470,7 +470,7 @@ |
+ len = end - p; |
+ if (spf_server->debug) |
+ SPF_debugf("Adding string literal (%d): '%*.*s'", |
+- len, len, len, p); |
++ (int)len, (int)len, (int)len, p); |
+ memcpy( dst, p, len ); |
+ ds_len += len; |
+ dst += len; |
+diff -urNad libspf2-1.2.5.dfsg~/src/libspf2/spf_id2str.c libspf2-1.2.5.dfsg/src/libspf2/spf_id2str.c |
+--- libspf2-1.2.5.dfsg~/src/libspf2/spf_id2str.c 2007-03-27 14:27:58.171600935 +0200 |
++++ libspf2-1.2.5.dfsg/src/libspf2/spf_id2str.c 2007-03-27 14:30:51.000000000 +0200 |
+@@ -309,7 +309,7 @@ |
+ p_end = *bufp + *buflenp; |
+ |
+ if (debug) |
+- SPF_debugf("stringify: Buffer length is %d\n", *buflenp); |
++ SPF_debugf("stringify: Buffer length is %u\n", (unsigned int)*buflenp); |
+ |
+ |
+ /* |
+diff -urNad libspf2-1.2.5.dfsg~/src/libspf2/spf_print.c libspf2-1.2.5.dfsg/src/libspf2/spf_print.c |
+--- libspf2-1.2.5.dfsg~/src/libspf2/spf_print.c 2007-03-27 14:27:58.231608763 +0200 |
++++ libspf2-1.2.5.dfsg/src/libspf2/spf_print.c 2007-03-27 14:47:39.000000000 +0200 |
+@@ -54,12 +54,12 @@ |
+ return SPF_E_SUCCESS; |
+ } |
+ |
+- SPF_infof( "SPF header: version: %d mech %d/%d mod %d/%d len=%d", |
++ SPF_infof( "SPF header: version: %d mech %d/%u mod %d/%u len=%u", |
+ spf_record->version, |
+- spf_record->num_mech, spf_record->mech_len, |
+- spf_record->num_mod, spf_record->mod_len, |
+- sizeof(SPF_record_t) + spf_record->mech_len |
+- + spf_record->mod_len); |
++ (int)spf_record->num_mech, (unsigned int)spf_record->mech_len, |
++ (int)spf_record->num_mod, (unsigned int)spf_record->mod_len, |
++ (unsigned int)(sizeof(SPF_record_t) + spf_record->mech_len |
++ + spf_record->mod_len)); |
+ |
+ err = SPF_record_stringify(spf_record, &prt_buf, &prt_len); |
+ if ( err == SPF_E_RESULT_UNKNOWN ) |
+@@ -81,7 +81,7 @@ |
+ void SPF_print_sizeof(void) |
+ { |
+ // SPF_infof( "sizeof(SPF_rec_header_t)=%u", sizeof(SPF_rec_header_t)); |
+- SPF_infof( "sizeof(SPF_mech_t)=%u", sizeof(SPF_mech_t)); |
+- SPF_infof( "sizeof(SPF_data_t)=%u", sizeof(SPF_data_t)); |
+- SPF_infof( "sizeof(SPF_mod_t)=%u", sizeof(SPF_mod_t)); |
++ SPF_infof( "sizeof(SPF_mech_t)=%u", (unsigned int)sizeof(SPF_mech_t)); |
++ SPF_infof( "sizeof(SPF_data_t)=%u", (unsigned int)sizeof(SPF_data_t)); |
++ SPF_infof( "sizeof(SPF_mod_t)=%u", (unsigned int)sizeof(SPF_mod_t)); |
+ } |
/debian/patches/20_printf_types.dpatch |
---|
Property changes: |
Added: svn:executable |
## -0,0 +1 ## |
+* |
\ No newline at end of property |
Index: debian/patches/01_line-endings.dpatch |
=================================================================== |
--- debian/patches/01_line-endings.dpatch (nonexistent) |
+++ debian/patches/01_line-endings.dpatch (revision 29) |
@@ -0,0 +1,30 @@ |
+#!/bin/sh |
+## 01_line-endings.dpatch by Magnus Holmgren <magnus@kibibyte.se> |
+## |
+## All lines beginning with `## DP:' are a description of the patch. |
+## DP: Convert CRLF line endings to LF in certain Windows-related files |
+ |
+FILES_WITH_CRLF="src/libspf2/spf_dns_windns.c |
+ src/libspf2/spf_win32.c |
+ src/libreplace/win32_config.h |
+ src/include/spf_dns_windns.h |
+ src/include/spf_win32.h" |
+ |
+set -e |
+ |
+dpatch_patch() { |
+ if [ ! -f debian/patched/patched-line-endings.tar.gz ]; then |
+ tar -czf debian/patched/patched-line-endings.tar.gz $FILES_WITH_CRLF |
+ # Change line endings to LF in files with CRLF |
+ sed -ri -e 's/\r$//' $FILES_WITH_CRLF |
+ fi |
+} |
+ |
+dpatch_unpatch() { |
+ # Change line endings back to CRLF in files that had it in the tarball |
+ tar -xzf debian/patched/patched-line-endings.tar.gz |
+} |
+ |
+DPATCH_LIB_NO_DEFAULT=1 |
+ |
+. /usr/share/dpatch/dpatch.lib.sh |
/debian/patches/01_line-endings.dpatch |
---|
Property changes: |
Added: svn:executable |
## -0,0 +1 ## |
+* |
\ No newline at end of property |
Index: debian/patches/21_spfquery_infininte_loop.dpatch |
=================================================================== |
--- debian/patches/21_spfquery_infininte_loop.dpatch (nonexistent) |
+++ debian/patches/21_spfquery_infininte_loop.dpatch (revision 29) |
@@ -0,0 +1,21 @@ |
+#! /bin/sh /usr/share/dpatch/dpatch-run |
+## 21_spfquery_infininte_loop.dpatch by Magnus Holmgren <magnus@kibibyte.se> |
+## |
+## All lines beginning with `## DP:' are a description of the patch. |
+## DP: Fix infinite loop in spfquery.c:unimplemented(). |
+ |
+@DPATCH@ |
+diff -urNad libspf2-1.2.5.dfsg~/src/spfquery/spfquery.c libspf2-1.2.5.dfsg/src/spfquery/spfquery.c |
+--- libspf2-1.2.5.dfsg~/src/spfquery/spfquery.c 2005-02-22 03:36:55.000000000 +0100 |
++++ libspf2-1.2.5.dfsg/src/spfquery/spfquery.c 2007-03-24 22:28:15.000000000 +0100 |
+@@ -174,9 +174,7 @@ |
+ struct option *opt; |
+ int i; |
+ |
+- i = 0; |
+- opt = &long_options[i]; |
+- while (opt->name) { |
++ for (i = 0; (opt = &long_options[i])->name; i++) { |
+ if (flag == opt->val) { |
+ fprintf(stderr, "Unimplemented option: -%s or -%c\n", |
+ opt->name, flag); |
/debian/patches/21_spfquery_infininte_loop.dpatch |
---|
Property changes: |
Added: svn:executable |
## -0,0 +1 ## |
+* |
\ No newline at end of property |
Index: debian/patches/20_64bit_types.dpatch |
=================================================================== |
--- debian/patches/20_64bit_types.dpatch (nonexistent) |
+++ debian/patches/20_64bit_types.dpatch (revision 29) |
@@ -0,0 +1,105 @@ |
+#! /bin/sh /usr/share/dpatch/dpatch-run |
+## 20_64bit_types.dpatch by Magnus Holmgren <magnus@kibibyte.se> |
+## |
+## All lines beginning with `## DP:' are a description of the patch. |
+## DP: Change various ints to size_t etc, to avoid crashes on 64-bit |
+## DP: architectures. |
+ |
+@DPATCH@ |
+ |
+diff -Nur libspf2-1.2.5.dfsg/src/include/spf_internal.h libspf2-1.2.5.dfsg.new/src/include/spf_internal.h |
+--- libspf2-1.2.5.dfsg/src/include/spf_internal.h 2007-03-23 22:37:26.000000000 +0100 |
++++ libspf2-1.2.5.dfsg.new/src/include/spf_internal.h 2007-03-23 23:08:54.000000000 +0100 |
+@@ -71,7 +71,7 @@ |
+ static inline size_t _align_sz(size_t s) |
+ { return (s + (_ALIGN_SZ - 1 - (((s - 1) & (_ALIGN_SZ - 1))))); } |
+ static inline char * _align_ptr(char *s) |
+- { return (s + (_ALIGN_SZ - 1 - ((((unsigned int)s - 1) & (_ALIGN_SZ - 1))))); } |
++ { return (s + (_ALIGN_SZ - 1 - ((((size_t)s - 1) & (_ALIGN_SZ - 1))))); } |
+ #else |
+ static inline size_t _align_sz(size_t s) { return s; } |
+ static inline char * _align_ptr(char *s) { return s; } |
+diff -Nur libspf2-1.2.5.dfsg/src/include/spf_record.h libspf2-1.2.5.dfsg.new/src/include/spf_record.h |
+--- libspf2-1.2.5.dfsg/src/include/spf_record.h 2007-03-23 22:37:26.000000000 +0100 |
++++ libspf2-1.2.5.dfsg.new/src/include/spf_record.h 2007-03-23 23:08:54.000000000 +0100 |
+@@ -224,7 +224,7 @@ |
+ |
+ struct SPF_macro_struct |
+ { |
+- unsigned int macro_len; /* bytes of data */ |
++ size_t macro_len; /* bytes of data */ |
+ /* data: (SPF_data_t[] = char[macro_len]) follows */ |
+ }; |
+ |
+diff -Nur libspf2-1.2.5.dfsg/src/libspf2/spf_compile.c libspf2-1.2.5.dfsg.new/src/libspf2/spf_compile.c |
+--- libspf2-1.2.5.dfsg/src/libspf2/spf_compile.c 2007-03-23 22:37:26.000000000 +0100 |
++++ libspf2-1.2.5.dfsg.new/src/libspf2/spf_compile.c 2007-03-23 23:18:41.000000000 +0100 |
+@@ -98,7 +98,7 @@ |
+ } |
+ |
+ static void |
+-SPF_c_ensure_capacity(void **datap, int *sizep, int length) |
++SPF_c_ensure_capacity(void **datap, size_t *sizep, int length) |
+ { |
+ int size = *sizep; |
+ if (length > size) |
+@@ -435,7 +435,7 @@ |
+ static SPF_errcode_t |
+ SPF_c_parse_macro(SPF_server_t *spf_server, |
+ SPF_response_t *spf_response, |
+- SPF_data_t *data, int *data_len, |
++ SPF_data_t *data, size_t *data_len, |
+ const char **startp, const char **endp, |
+ size_t max_len, SPF_errcode_t big_err, |
+ int is_mod) |
+@@ -551,10 +551,10 @@ |
+ static SPF_errcode_t |
+ SPF_c_parse_domainspec(SPF_server_t *spf_server, |
+ SPF_response_t *spf_response, |
+- SPF_data_t *data, int *data_len, |
++ SPF_data_t *data, size_t *data_len, |
+ const char **startp, const char **endp, |
+ size_t max_len, SPF_errcode_t big_err, |
+- int cidr_ok, int is_mod) |
++ SPF_cidr_t cidr_ok, int is_mod) |
+ { |
+ SPF_errcode_t err; |
+ /* Generic parsing iterators and boundaries */ |
+diff -Nur libspf2-1.2.5.dfsg/src/libspf2/spf_dns_resolv.c libspf2-1.2.5.dfsg.new/src/libspf2/spf_dns_resolv.c |
+--- libspf2-1.2.5.dfsg/src/libspf2/spf_dns_resolv.c 2007-03-23 22:37:26.000000000 +0100 |
++++ libspf2-1.2.5.dfsg.new/src/libspf2/spf_dns_resolv.c 2007-03-23 23:08:54.000000000 +0100 |
+@@ -393,7 +393,7 @@ |
+ if ( SPF_dns_rr_buf_realloc( spfrr, cnt, rdlen ) != SPF_E_SUCCESS ) |
+ return spfrr; |
+ |
+- dst = spfrr->rr[cnt]->txt; |
++ dst = (u_char *)(spfrr->rr[cnt]->txt); |
+ len = 0; |
+ src = (u_char *)rdata; |
+ while ( rdlen > 0 ) |
+diff -Nur libspf2-1.2.5.dfsg/src/libspf2/spf_interpret.c libspf2-1.2.5.dfsg.new/src/libspf2/spf_interpret.c |
+--- libspf2-1.2.5.dfsg/src/libspf2/spf_interpret.c 2007-03-23 22:37:26.000000000 +0100 |
++++ libspf2-1.2.5.dfsg.new/src/libspf2/spf_interpret.c 2007-03-23 23:20:30.000000000 +0100 |
+@@ -49,8 +49,8 @@ |
+ SPF_record_t *spf_record; |
+ SPF_errcode_t err; |
+ char *buf; |
+- int buflen; |
+- int len; |
++ size_t buflen; |
++ size_t len; |
+ |
+ SPF_ASSERT_NOTNULL(spf_response); |
+ spf_request = spf_response->spf_request; |
+diff -Nur libspf2-1.2.5.dfsg/src/spfd/spfd.c libspf2-1.2.5.dfsg.new/src/spfd/spfd.c |
+--- libspf2-1.2.5.dfsg/src/spfd/spfd.c 2007-03-23 22:37:26.000000000 +0100 |
++++ libspf2-1.2.5.dfsg.new/src/spfd/spfd.c 2007-03-23 23:08:54.000000000 +0100 |
+@@ -168,7 +168,7 @@ |
+ struct sockaddr_in in; |
+ struct sockaddr_un un; |
+ } addr; |
+- int addrlen; |
++ socklen_t addrlen; |
+ char *data; |
+ int datalen; |
+ |
/debian/patches/20_64bit_types.dpatch |
---|
Property changes: |
Added: svn:executable |
## -0,0 +1 ## |
+* |
\ No newline at end of property |
Index: debian/patches/02_wrong_lib_version_h.dpatch |
=================================================================== |
--- debian/patches/02_wrong_lib_version_h.dpatch (nonexistent) |
+++ debian/patches/02_wrong_lib_version_h.dpatch (revision 29) |
@@ -0,0 +1,30 @@ |
+#!/bin/sh |
+## 02_wrong_lib_version_h.dpatch by Magnus Holmgren <magnus@kibibyte.se> |
+## |
+## All lines beginning with `## DP:' are a description of the patch. |
+## DP: Move static spf_lib_version.h out of the way and patch configure to put |
+## DP: the autogenerated one in the right place. |
+ |
+set -e |
+ |
+lib_version_h=src/include/spf_lib_version.h |
+ |
+dpatch_patch() { |
+ # Update configure script so that it writes to the right .h file |
+ test -e configure.old || \ |
+ sed -ri.old -e 's%src/libspf2/spf_lib_version%src/include/spf_lib_version%' configure |
+ # Move the bad .h file out of the way |
+ test -e $lib_version_h.old || mv -f $lib_version_h $lib_version_h.old |
+} |
+ |
+dpatch_unpatch() { |
+ # Move the bad .h file back to its position |
+ if test -e $lib_version_h.old; then mv -f $lib_version_h.old $lib_version_h; fi |
+ # Move the original configure script back |
+ if test -e configure.old; then mv -f configure.old configure; fi |
+} |
+ |
+ |
+DPATCH_LIB_NO_DEFAULT=1 |
+ |
+. /usr/share/dpatch/dpatch.lib.sh |
/debian/patches/02_wrong_lib_version_h.dpatch |
---|
Property changes: |
Added: svn:executable |
## -0,0 +1 ## |
+* |
\ No newline at end of property |
Index: debian/patches/20_spf_server_unnecessary_include.dpatch |
=================================================================== |
--- debian/patches/20_spf_server_unnecessary_include.dpatch (nonexistent) |
+++ debian/patches/20_spf_server_unnecessary_include.dpatch (revision 29) |
@@ -0,0 +1,18 @@ |
+#! /bin/sh /usr/share/dpatch/dpatch-run |
+## 20_spf_server_unnecessary_include.dpatch by Magnus Holmgren <magnus@kibibyte.se> |
+## |
+## All lines beginning with `## DP:' are a description of the patch. |
+## DP: src/include/spf_server.h: Remove useless include of spf_dns_internal.h. |
+ |
+@DPATCH@ |
+ |
+--- libspf2-1.2.5.dfsg.orig/src/include/spf_server.h |
++++ libspf2-1.2.5.dfsg/src/include/spf_server.h |
+@@ -20,7 +20,6 @@ |
+ |
+ #include "spf_record.h" |
+ #include "spf_dns.h" |
+-#include "spf_dns_internal.h" |
+ |
+ #ifndef SPF_MAX_DNS_MECH |
+ /* It is a bad idea to change this for two reasons. |
/debian/patches/20_spf_server_unnecessary_include.dpatch |
---|
Property changes: |
Added: svn:executable |
## -0,0 +1 ## |
+* |
\ No newline at end of property |
Index: debian/patches/25_maxvals.dpatch |
=================================================================== |
--- debian/patches/25_maxvals.dpatch (nonexistent) |
+++ debian/patches/25_maxvals.dpatch (revision 29) |
@@ -0,0 +1,61 @@ |
+#! /bin/sh /usr/share/dpatch/dpatch-run |
+## 25_maxvals.dpatch by Thomas Jacob <jacob@internet24.de> |
+## |
+## All lines beginning with `## DP:' are a description of the patch. |
+## DP: Bring certain processing limits (meant to mitigate DoS attacks) in line |
+## DP: with RFC 4408. |
+ |
+@DPATCH@ |
+ |
+diff -ruN libspf2-1.2.5/src/include/spf.h libspf2-1.2.5.patched/src/include/spf.h |
+--- libspf2-1.2.5/src/include/spf.h 2005-02-17 01:56:55.000000000 +0100 |
++++ libspf2-1.2.5.patched/src/include/spf.h 2007-03-14 16:58:21.000000000 +0100 |
+@@ -52,8 +52,8 @@ |
+ |
+ /* FYI only -- defaults can't be changed without recompiling the library */ |
+ #define SPF_DEFAULT_MAX_DNS_MECH 10 /* DoS limit on SPF mechanisms */ |
+-#define SPF_DEFAULT_MAX_DNS_PTR 5 /* DoS limit on PTR records */ |
+-#define SPF_DEFAULT_MAX_DNS_MX 5 /* DoS limit on MX records */ |
++#define SPF_DEFAULT_MAX_DNS_PTR 10 /* DoS limit on PTR records */ |
++#define SPF_DEFAULT_MAX_DNS_MX 10 /* DoS limit on MX records */ |
+ #define SPF_DEFAULT_SANITIZE 1 |
+ #define SPF_DEFAULT_WHITELIST "include:spf.trusted-forwarder.org" |
+ #define SPF_EXP_MOD_NAME "exp-text" |
+diff -ruN libspf2-1.2.5/src/include/spf_internal.h libspf2-1.2.5.patched/src/include/spf_internal.h |
+--- libspf2-1.2.5/src/include/spf_internal.h 2005-02-24 05:10:49.000000000 +0100 |
++++ libspf2-1.2.5.patched/src/include/spf_internal.h 2007-03-14 16:58:04.000000000 +0100 |
+@@ -57,13 +57,13 @@ |
+ /* It is a bad idea to change this for the same reasons as mentioned |
+ * above for SPF_MAX_DNS_MECH |
+ */ |
+-#define SPF_MAX_DNS_PTR 5 |
++#define SPF_MAX_DNS_PTR 10 |
+ #endif |
+ #ifndef SPF_MAX_DNS_MX |
+ /* It is a bad idea to change this for the same reasons as mentioned |
+ * above for SPF_MAX_DNS_MECH |
+ */ |
+-#define SPF_MAX_DNS_MX 5 |
++#define SPF_MAX_DNS_MX 10 |
+ #endif |
+ |
+ #if 1 |
+diff -ruN libspf2-1.2.5/src/include/spf_server.h libspf2-1.2.5.patched/src/include/spf_server.h |
+--- libspf2-1.2.5/src/include/spf_server.h 2004-09-29 12:33:09.000000000 +0200 |
++++ libspf2-1.2.5.patched/src/include/spf_server.h 2007-03-14 16:58:54.000000000 +0100 |
+@@ -44,13 +44,13 @@ |
+ /* It is a bad idea to change this for the same reasons as mentioned |
+ * above for SPF_MAX_DNS_MECH |
+ */ |
+-#define SPF_MAX_DNS_PTR 5 |
++#define SPF_MAX_DNS_PTR 10 |
+ #endif |
+ #ifndef SPF_MAX_DNS_MX |
+ /* It is a bad idea to change this for the same reasons as mentioned |
+ * above for SPF_MAX_DNS_MECH |
+ */ |
+-#define SPF_MAX_DNS_MX 5 |
++#define SPF_MAX_DNS_MX 10 |
+ #endif |
+ |
+ struct SPF_server_struct { |
/debian/patches/25_maxvals.dpatch |
---|
Property changes: |
Added: svn:executable |
## -0,0 +1 ## |
+* |
\ No newline at end of property |
Index: debian/patches/30_spfd_check_unlink_failure.dpatch |
=================================================================== |
--- debian/patches/30_spfd_check_unlink_failure.dpatch (nonexistent) |
+++ debian/patches/30_spfd_check_unlink_failure.dpatch (revision 29) |
@@ -0,0 +1,20 @@ |
+#! /bin/sh /usr/share/dpatch/dpatch-run |
+## 30_spfd_check_unlink_failure.dpatch by Thomas Jacob <jacob@internet24.de> |
+## |
+## All lines beginning with `## DP:' are a description of the patch. |
+## DP: Fix a call to unlink() in spfd.c. It passed 'path < 0' as the argument |
+## DP: instead of checking whether the return value < 0. |
+ |
+@DPATCH@ |
+ |
+--- libspf2-1.2.5/src/spfd/spfd.c 2005-02-19 03:40:35.000000000 +0100 |
++++ libspf2-1.2.5-amd64/src/spfd/spfd.c 2007-03-08 21:17:09.000000000 +0100 |
+@@ -640,7 +640,7 @@ |
+ memset(&addr, 0, sizeof(addr)); |
+ addr.sun_family = AF_UNIX; |
+ strcpy(addr.sun_path, spfd_config.path); |
+- if (unlink(spfd_config.path < 0)) { |
++ if (unlink(spfd_config.path) < 0) { |
+ if (errno != ENOENT) { |
+ perror("unlink"); |
+ DIE("Failed to unlink socket"); |
/debian/patches/30_spfd_check_unlink_failure.dpatch |
---|
Property changes: |
Added: svn:executable |
## -0,0 +1 ## |
+* |
\ No newline at end of property |
Index: debian/patches/20_spf_dns_include_std_headers.dpatch |
=================================================================== |
--- debian/patches/20_spf_dns_include_std_headers.dpatch (revision 30) |
+++ debian/patches/20_spf_dns_include_std_headers.dpatch (revision 29) |
@@ -10,7 +10,7 @@ |
diff -Nur libspf2-1.2.5.dfsg/src/include/spf_dns.h libspf2-1.2.5.dfsg.new/src/include/spf_dns.h |
--- libspf2-1.2.5.dfsg/src/include/spf_dns.h 2004-08-29 16:59:33.000000000 +0200 |
+++ libspf2-1.2.5.dfsg.new/src/include/spf_dns.h 2007-03-23 18:04:17.000000000 +0100 |
-@@ -61,48 +61,16 @@ |
+@@ -61,43 +61,12 @@ |
* |
*/ |
@@ -23,7 +23,6 @@ |
+#include <arpa/nameser.h> |
+#include <netdb.h> |
--/* XXX This should use a more sensible define. */ |
-#if !defined( HAVE_NS_TYPE ) |
- |
-#define ns_t_invalid 0 |
@@ -40,11 +39,7 @@ |
-typedef int ns_type; |
-#endif |
- |
- #if ! HAVE_DECL_NS_T_SPF |
- #define ns_t_spf 99 |
- #endif |
- |
--#if ! HAVE_DECL_NS_T_INVALID |
+-#ifndef ns_t_invalid |
-#define ns_t_invalid 0 |
-#endif |
- |
/trunk/debian/README.Debian |
---|
0,0 → 1,22 |
libspf2 for Debian |
================== |
Debian's version of libspf2 does a couple of things slightly |
differently compared to the upstream version (usually meaning: more |
RFC-compliantly). You can always see all applied patches by |
downloading the source package and looking in the debian/patches |
subdirectory. All patches should also be mentioned in the Debian |
changelog. Some deserve further comment, though: |
* 42_empty_sender.dpatch changes SPF_request_set_env_sender() so that |
if called with an empty envelope sender, the envelope sender in the |
SPF_request_struct structure will be set to the HELO identity |
instead ("postmaster@" + the HELO domain), provided that |
SPF_request_set_helo_dom() has been called beforehand. This should |
improve behaviour of applications that (incorrectly) call |
SPF_request_set_env_sender() with an empty envelope sender address. |
However, applications SHOULD NOT RELY ON THIS, but should check if |
the envelope sender address is empty, and in that case pass the HELO |
identity instead, or use the result of an earlier HELO check. |
-- Magnus Holmgren <magnus@kibibyte.se>, Wed, 22 Aug 2007 17:10:07 +0200 |
/trunk/debian/rules |
---|
6,7 → 6,7 |
include /usr/share/cdbs/1/rules/debhelper.mk |
include /usr/share/cdbs/1/rules/dpatch.mk |
DEB_DH_MAKESHLIBS_ARGS_libspf2-2 = -V 'libspf2-2 (>= 1.2.8)' |
DEB_DH_MAKESHLIBS_ARGS_libspf2-2 = -V 'libspf2-2 (>= 1.2.5)' |
binary-install/spfquery:: |
# Rename the `spfquery` tool for the alternatives system: |
14,4 → 14,4 |
mv debian/spfquery/usr/sbin/spfd debian/spfquery/usr/sbin/spfd.$(SOURCE_PACKAGE) |
get-orig-source: |
wget http://www.libspf2.org/spf/libspf2-1.2.8.tar.gz |
wget http://www.libspf2.org/spf/libspf2-1.2.5.tar.gz |