From 6cf011f5246b46f78e2b3a4f7b1e4a61046c14f0 Mon Sep 17 00:00:00 2001 From: Ralph Seichter Date: Mon, 22 Jul 2019 19:01:39 +0200 Subject: mail-filter/opendkim: Remove obsolete ebuilds Removed obsolete ebuild versions and their supporting files. Signed-off-by: Ralph Seichter Package-Manager: Portage-2.3.66, Repoman-2.3.11 Signed-off-by: Michael Orlitzky --- .../files/opendkim-2.10.3-gnutls-3.4.patch | 52 ----- .../files/opendkim-2.10.3-openssl-1.1.1.patch | 170 --------------- mail-filter/opendkim/files/opendkim-r3.service | 15 -- mail-filter/opendkim/files/opendkim.confd | 18 -- mail-filter/opendkim/files/opendkim.init.r5 | 73 ------- mail-filter/opendkim/files/opendkim.service | 11 - mail-filter/opendkim/files/opendkim.service.conf | 2 - mail-filter/opendkim/opendkim-2.10.3-r15.ebuild | 230 --------------------- mail-filter/opendkim/opendkim-2.10.3-r8.ebuild | 223 -------------------- 9 files changed, 794 deletions(-) delete mode 100644 mail-filter/opendkim/files/opendkim-2.10.3-gnutls-3.4.patch delete mode 100644 mail-filter/opendkim/files/opendkim-2.10.3-openssl-1.1.1.patch delete mode 100644 mail-filter/opendkim/files/opendkim-r3.service delete mode 100644 mail-filter/opendkim/files/opendkim.confd delete mode 100644 mail-filter/opendkim/files/opendkim.init.r5 delete mode 100644 mail-filter/opendkim/files/opendkim.service delete mode 100644 mail-filter/opendkim/files/opendkim.service.conf delete mode 100644 mail-filter/opendkim/opendkim-2.10.3-r15.ebuild delete mode 100644 mail-filter/opendkim/opendkim-2.10.3-r8.ebuild (limited to 'mail-filter/opendkim') diff --git a/mail-filter/opendkim/files/opendkim-2.10.3-gnutls-3.4.patch b/mail-filter/opendkim/files/opendkim-2.10.3-gnutls-3.4.patch deleted file mode 100644 index f4594efaac94..000000000000 --- a/mail-filter/opendkim/files/opendkim-2.10.3-gnutls-3.4.patch +++ /dev/null @@ -1,52 +0,0 @@ -From 3eea12e5f9af7739d5d009c6888b65bd4875a554 Mon Sep 17 00:00:00 2001 -From: Alon Bar-Lev -Date: Sat, 4 Mar 2017 00:41:35 +0200 -Subject: [PATCH] crypto: support gnutls-3.4 - -https://sourceforge.net/p/opendkim/patches/36/ - -Signed-off-by: Alon Bar-Lev ---- - libopendkim/dkim.c | 19 ++++++++++++++++++- - 1 file changed, 18 insertions(+), 1 deletion(-) - -diff --git a/libopendkim/dkim.c b/libopendkim/dkim.c -index d0d75a5..0c2278e 100644 ---- a/libopendkim/dkim.c -+++ b/libopendkim/dkim.c -@@ -5301,6 +5301,8 @@ dkim_sig_process(DKIM *dkim, DKIM_SIGINFO *sig) - size_t diglen = 0; - #ifdef USE_GNUTLS - gnutls_datum_t key; -+ gnutls_digest_algorithm_t hash; -+ gnutls_sign_algorithm_t sign_algo; - #else /* USE_GNUTLS */ - BIO *key; - #endif /* USE_GNUTLS */ -@@ -5442,7 +5444,22 @@ dkim_sig_process(DKIM *dkim, DKIM_SIGINFO *sig) - return DKIM_STAT_OK; - } - -- rsastat = gnutls_pubkey_verify_hash(rsa->rsa_pubkey, 0, -+ hash = GNUTLS_DIG_SHA1; -+ -+ if (dkim_libfeature(dkim->dkim_libhandle, -+ DKIM_FEATURE_SHA256) && -+ sig->sig_hashtype == DKIM_HASHTYPE_SHA256) -+ hash = GNUTLS_DIG_SHA256; -+ -+ sign_algo = gnutls_pk_to_sign(GNUTLS_PK_RSA, hash); -+ if (sign_algo == GNUTLS_SIGN_UNKNOWN) -+ { -+ assert(0); -+ /* NOTREACHED */ -+ } -+ -+ rsastat = gnutls_pubkey_verify_hash2(rsa->rsa_pubkey, -+ sign_algo, 0, - &rsa->rsa_digest, - &rsa->rsa_sig); - if (rsastat < 0) --- -2.10.2 - diff --git a/mail-filter/opendkim/files/opendkim-2.10.3-openssl-1.1.1.patch b/mail-filter/opendkim/files/opendkim-2.10.3-openssl-1.1.1.patch deleted file mode 100644 index 825d7753aca2..000000000000 --- a/mail-filter/opendkim/files/opendkim-2.10.3-openssl-1.1.1.patch +++ /dev/null @@ -1,170 +0,0 @@ -From FreeBSD: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=223568 ---- a/configure.ac 2015-05-12 18:43:09 UTC -+++ b/configure.ac -@@ -860,26 +860,28 @@ then - AC_SEARCH_LIBS([ERR_peek_error], [crypto], , - AC_MSG_ERROR([libcrypto not found])) - -- AC_SEARCH_LIBS([SSL_library_init], [ssl], , -- [ -- if test x"$enable_shared" = x"yes" -- then -- AC_MSG_ERROR([Cannot build shared opendkim -- against static openssl libraries. -- Configure with --disable-shared -- to get this working or obtain a -- shared libssl library for -- opendkim to use.]) -- fi - -- # avoid caching issue - last result of SSL_library_init -- # shouldn't be cached for this next check -- unset ac_cv_search_SSL_library_init -- LIBCRYPTO_LIBS="$LIBCRYPTO_LIBS -ldl" -- AC_SEARCH_LIBS([SSL_library_init], [ssl], , -- AC_MSG_ERROR([libssl not found]), [-ldl]) -- ] -- ) -+ AC_LINK_IFELSE( -+ [AC_LANG_PROGRAM([[#include ]], -+ [[SSL_library_init();]])], -+ [od_have_ossl="yes";], -+ [od_have_ossl="no";]) -+ if test x"$od_have_ossl" = x"no" -+ then -+ if test x"$enable_shared" = x"yes" -+ then -+ AC_MSG_ERROR([Cannot build shared opendkim -+ against static openssl libraries. -+ Configure with --disable-shared -+ to get this working or obtain a -+ shared libssl library for -+ opendkim to use.]) -+ fi -+ -+ LIBCRYPTO_LIBS="$LIBCRYPTO_LIBS -ldl" -+ AC_SEARCH_LIBS([SSL_library_init], [ssl], , -+ AC_MSG_ERROR([libssl not found]), [-ldl]) -+ fi - - AC_CHECK_DECL([SHA256_DIGEST_LENGTH], - AC_DEFINE([HAVE_SHA256], 1, ---- a/libopendkim/tests/Makefile.in 2015-05-12 18:43:48 UTC -+++ b/libopendkim/tests/Makefile.in -@@ -1108,8 +1108,10 @@ am__nobase_list = $(am__nobase_strip_setup); \ - { print $$2, files[$$2]; n[$$2] = 0; files[$$2] = "" } } \ - END { for (dir in files) print dir, files[dir] }' - am__base_list = \ -- sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \ -- sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g' -+ sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\ -+/ /g' | \ -+ sed '$$!N;$$!N;$$!N;$$!N;s/\ -+/ /g' - am__uninstall_files_from_dir = { \ - test -z "$$files" \ - || { test ! -d "$$dir" && test ! -f "$$dir" && test ! -r "$$dir"; } \ -@@ -4131,16 +4133,19 @@ uninstall-am: uninstall-dist_docDATA - @LCOV_TRUE@description.txt: $(check_PROGRAMS) $(check_SCRIPTS) - @LCOV_TRUE@ rm -f $@ - @LCOV_TRUE@ for i in $(check_PROGRAMS); do \ --@LCOV_TRUE@ testname=$${i/t-}; \ --@LCOV_TRUE@ testname=$${testname//-/_}; \ -+@LCOV_TRUE@ testname=$${i#t-}; \ -+@LCOV_TRUE@ testname=$$(echo $${testname} | sed -e 's/-/_/g'); \ - @LCOV_TRUE@ fgrep '***' $$i.c | tail -n 1 | \ --@LCOV_TRUE@ (echo $${testname} ; sed -e 's/[^*]*\*\*\*\(.*\)\\n.*/\t\1\n/g' ) >> $@; \ -+@LCOV_TRUE@ (echo $${testname} ; sed -e 's/[^*]*\*\*\*\(.*\)\\ -+@LCOV_TRUE@.*/ \1\ -+@LCOV_TRUE@/g' ) >> $@; \ - @LCOV_TRUE@ done - @LCOV_TRUE@ for i in $(check_SCRIPTS); do \ --@LCOV_TRUE@ testname=$${i/t-}; \ --@LCOV_TRUE@ testname=$${testname//-/_}; \ -+@LCOV_TRUE@ testname=$${i#t-}; \ -+@LCOV_TRUE@ testname=$$(echo $${testname} | sed -e 's/-/_/g'); \ - @LCOV_TRUE@ grep '^#' $$i | tail -n 1 | \ --@LCOV_TRUE@ (echo $${testname} ; sed -e 's/^# \(.*\)/\t\1\n/g' ) >> $@; \ -+@LCOV_TRUE@ (echo $${testname} ; sed -e 's/^# \(.*\)/ \1\ -+@LCOV_TRUE@/g' ) >> $@; \ - @LCOV_TRUE@ done - - @LCOV_TRUE@description.html: description.txt ---- a/libopendkim/dkim-canon.c 2015-05-11 03:56:13 UTC -+++ b/libopendkim/dkim-canon.c -@@ -388,7 +388,7 @@ dkim_canon_header_string(struct dkim_dstring *dstr, dk - } - - /* skip all spaces before first word */ -- while (*p != '\0' && DKIM_ISWSP(*p)) -+ while (*p != '\0' && DKIM_ISLWSP(*p)) - p++; - - space = FALSE; /* just saw a space */ ---- a/opendkim/tests/Makefile.in 2015-05-12 18:43:49 UTC -+++ b/opendkim/tests/Makefile.in -@@ -139,8 +139,10 @@ am__nobase_list = $(am__nobase_strip_setup); \ - { print $$2, files[$$2]; n[$$2] = 0; files[$$2] = "" } } \ - END { for (dir in files) print dir, files[dir] }' - am__base_list = \ -- sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \ -- sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g' -+ sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\ -+/ /g' | \ -+ sed '$$!N;$$!N;$$!N;$$!N;s/\ -+/ /g' - am__uninstall_files_from_dir = { \ - test -z "$$files" \ - || { test ! -d "$$dir" && test ! -f "$$dir" && test ! -r "$$dir"; } \ -@@ -1298,14 +1300,16 @@ uninstall-am: uninstall-dist_docDATA - @LCOV_TRUE@description.txt: $(check_SCRIPTS) - @LCOV_TRUE@ rm -f $@ - @LCOV_TRUE@ for test in $? ; do \ --@LCOV_TRUE@ testname=$${test/t-}; \ --@LCOV_TRUE@ testname=$${testname//-/_}; \ -+@LCOV_TRUE@ testname=$${test#t-}; \ -+@LCOV_TRUE@ testname=$$(echo $${testname} | sed -e 's/-/_/g'); \ - @LCOV_TRUE@ grep ^# $$test | tail -n 1 | \ --@LCOV_TRUE@ sed -e "s/^#\(.*\)/$${testname}\n\t\1\n/g" >> $@; \ -+@LCOV_TRUE@ sed -e "s/^#\(.*\)/$${testname}\ -+@LCOV_TRUE@ \1\ -+@LCOV_TRUE@/g" >> $@; \ - @LCOV_TRUE@ done - - @LCOV_TRUE@description.html: description.txt --@LCOV_TRUE@ gendesc --output $@ $< -+@LCOV_TRUE@ gendesc --output $@ $? - - @LCOV_TRUE@maintainer-clean-local: - @LCOV_TRUE@ -rm -rf lcov/[^C]* ---- a/opendkim/opendkim-crypto.c 2013-02-25 21:02:41 UTC -+++ b/opendkim/opendkim-crypto.c -@@ -222,7 +222,11 @@ dkimf_crypto_free_id(void *ptr) - { - assert(pthread_setspecific(id_key, ptr) == 0); - -+#if OPENSSL_VERSION_NUMBER >= 0x10100000 -+ OPENSSL_thread_stop(); -+#else - ERR_remove_state(0); -+#endif - - free(ptr); - -@@ -392,11 +396,15 @@ dkimf_crypto_free(void) - { - if (crypto_init_done) - { -+#if OPENSSL_VERSION_NUMBER >= 0x10100000 -+ OPENSSL_thread_stop(); -+#else - CRYPTO_cleanup_all_ex_data(); - CONF_modules_free(); - EVP_cleanup(); - ERR_free_strings(); - ERR_remove_state(0); -+#endif - - if (nmutexes > 0) - { - diff --git a/mail-filter/opendkim/files/opendkim-r3.service b/mail-filter/opendkim/files/opendkim-r3.service deleted file mode 100644 index a102c0a69006..000000000000 --- a/mail-filter/opendkim/files/opendkim-r3.service +++ /dev/null @@ -1,15 +0,0 @@ -[Unit] -Description=DomainKeys Identified Mail (DKIM) Milter -Documentation=man:opendkim(8) man:opendkim.conf(5) man:opendkim-genkey(8) man:opendkim-genzone(8) man:opendkim-testadsp(8) man:opendkim-testkey http://www.opendkim.org/docs.html -After=network.target nss-lookup.target syslog.target - -[Service] -ExecStart=/usr/sbin/opendkim -f -x /etc/opendkim/opendkim.conf -p $OPENDKIM_SOCKET -ExecReload=/bin/kill -USR1 $MAINPID -RuntimeDirectory=opendkim -RuntimeDirectoryMode=0750 -User=opendkim -Group=opendkim - -[Install] -WantedBy=multi-user.target diff --git a/mail-filter/opendkim/files/opendkim.confd b/mail-filter/opendkim/files/opendkim.confd deleted file mode 100644 index 03bb8d88e2b5..000000000000 --- a/mail-filter/opendkim/files/opendkim.confd +++ /dev/null @@ -1,18 +0,0 @@ -# This overrides the "Socket" line in your opendkim.conf configuration -# file, and is required (so that we don't have to try to parse the -# configuration file in an init script). The default below listens -# on the network. -# -# If you would rather use a local (UNIX) socket, try the following: -# -# WARNING: The directory containing this socket will have its owner -# changed to "opendkim". -# -#OPENDKIM_SOCKET="local:/run/opendkim/opendkim.sock" -# -# More examples of valid socket syntax can be found in the opendkim(8) -# man page, under the "-p socketspec" option. However -- contrary to -# what that man page says -- if you want to use a local socket, the -# "local:" prefix is not optional here. -# -OPENDKIM_SOCKET="inet:8891@localhost" diff --git a/mail-filter/opendkim/files/opendkim.init.r5 b/mail-filter/opendkim/files/opendkim.init.r5 deleted file mode 100644 index ad45f420e3c4..000000000000 --- a/mail-filter/opendkim/files/opendkim.init.r5 +++ /dev/null @@ -1,73 +0,0 @@ -#!/sbin/openrc-run -# Copyright 1999-2019 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -CONFFILE="/etc/opendkim/${RC_SVCNAME}.conf" -required_files="${CONFFILE}" - -command="/usr/sbin/opendkim" -pidfile="/run/${RC_SVCNAME}.pid" -command_args="-P ${pidfile} -x ${CONFFILE} -p ${OPENDKIM_SOCKET}" - -depend() { - use dns logger net - before mta -} - -check_cfg() { - # - # The opendkim.conf man page says, - # - # For parameters that are Boolean in nature, only the first byte - # of the value is processed... For negative values, the following - # are accepted: "F", "f", "N", "n", "0".' - # - if grep --quiet '^[[:space:]]*Background[[:space:]]\+[FfNn0]' \ - "${CONFFILE}"; then - eerror "${RC_SVCNAME} cannot run in the foreground!" - return 1 - fi -} - -start_pre() { - # If this isn't a restart, make sure that the user's config isn't - # busted before we try to start the daemon (this will produce - # better error messages than if we just try to start it blindly). - # - # If, on the other hand, this *is* a restart, then the stop_pre - # action will have ensured that the config is usable and we don't - # need to do that again. - if [ "${RC_CMD}" != "restart" ]; then - check_cfg || return $? - fi - - if [ -S "${OPENDKIM_SOCKET}" ] && ! fuser -s "${OPENDKIM_SOCKET}"; then - # Remove stalled Unix socket if no other process is - # using it - if ! rm "${UNIX_SOCKET}"; then - eerror "failed to remove stale unix socket ${OPENDKIM_SOCKET}" - return 2 - fi - fi - - # This relies on the "local:" prefix being there, but the conf.d - # file explicitly states that it's not optional (contrary to what - # the opendkim(8) man page says). - if [ "${OPENDKIM_SOCKET#local:}" != "${OPENDKIM_SOCKET}" ]; then - # The socket begins with "local:" - OPENDKIM_SOCKET_PATH="${OPENDKIM_SOCKET#local:}" - OPENDKIM_SOCKET_DIR="${OPENDKIM_SOCKET_PATH%/*}" - - # This is dangerous, but there's a big warning about it - # in the conf.d file. - checkpath --directory --owner opendkim "${OPENDKIM_SOCKET_DIR}" - fi -} - -stop_pre() { - # If this is a restart, check to make sure the user's config - # isn't busted before we stop the running daemon. - if [ "${RC_CMD}" = "restart" ]; then - check_cfg || return $? - fi -} diff --git a/mail-filter/opendkim/files/opendkim.service b/mail-filter/opendkim/files/opendkim.service deleted file mode 100644 index be534d670bca..000000000000 --- a/mail-filter/opendkim/files/opendkim.service +++ /dev/null @@ -1,11 +0,0 @@ -[Unit] -Description=DomainKeys Identified Mail (DKIM) Milter -Documentation=man:opendkim(8) man:opendkim.conf(5) man:opendkim-genkey(8) man:opendkim-genzone(8) man:opendkim-testadsp(8) man:opendkim-testkey http://www.opendkim.org/docs.html -After=network.target nss-lookup.target syslog.target - -[Service] -ExecStart=/usr/sbin/opendkim -f -x /etc/opendkim/opendkim.conf -ExecReload=/bin/kill -USR1 $MAINPID - -[Install] -WantedBy=multi-user.target diff --git a/mail-filter/opendkim/files/opendkim.service.conf b/mail-filter/opendkim/files/opendkim.service.conf deleted file mode 100644 index 380ba22ac941..000000000000 --- a/mail-filter/opendkim/files/opendkim.service.conf +++ /dev/null @@ -1,2 +0,0 @@ -[Service] -Environment="OPENDKIM_SOCKET=inet:8891@localhost" diff --git a/mail-filter/opendkim/opendkim-2.10.3-r15.ebuild b/mail-filter/opendkim/opendkim-2.10.3-r15.ebuild deleted file mode 100644 index 2a84537cc6a6..000000000000 --- a/mail-filter/opendkim/opendkim-2.10.3-r15.ebuild +++ /dev/null @@ -1,230 +0,0 @@ -# Copyright 1999-2019 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=6 - -inherit autotools db-use eutils systemd tmpfiles user - -DESCRIPTION="A milter providing DKIM signing and verification" -HOMEPAGE="http://opendkim.org/" -SRC_URI="mirror://sourceforge/opendkim/${P}.tar.gz" - -# The GPL-2 is for the init script, bug 425960. -LICENSE="BSD GPL-2 Sendmail-Open-Source" -SLOT="0" -KEYWORDS="~amd64 ~arm ~x86" -IUSE="+berkdb ldap libressl lmdb lua memcached opendbx poll sasl selinux +ssl static-libs test unbound" - -COMMON_DEPEND="|| ( mail-filter/libmilter mail-mta/sendmail ) - dev-libs/libbsd - sys-apps/grep - ssl? ( - !libressl? ( dev-libs/openssl:0= ) - libressl? ( dev-libs/libressl:0= ) - ) - berkdb? ( >=sys-libs/db-3.2:* ) - opendbx? ( >=dev-db/opendbx-1.4.0 ) - lua? ( dev-lang/lua:* ) - ldap? ( net-nds/openldap ) - lmdb? ( dev-db/lmdb ) - memcached? ( dev-libs/libmemcached ) - sasl? ( dev-libs/cyrus-sasl ) - unbound? ( >=net-dns/unbound-1.4.1:= net-dns/dnssec-root ) - !unbound? ( net-libs/ldns )" - -DEPEND="${COMMON_DEPEND} - test? ( dev-lang/lua:* )" - -RDEPEND="${COMMON_DEPEND} - sys-process/psmisc - selinux? ( sec-policy/selinux-dkim )" - -REQUIRED_USE="sasl? ( ldap )" - -PATCHES=( - "${FILESDIR}/${P}-openrc.patch" - "${FILESDIR}/${P}-openssl-1.1.1.patch.r2" -) - -pkg_setup() { - # This user can read your private keys, and must therefore not be - # shared with any other package. - enewgroup opendkim - enewuser opendkim -1 -1 -1 opendkim -} - -src_prepare() { - default - sed -e 's:/var/db/dkim:/var/lib/opendkim:g' \ - -i opendkim/opendkim.conf.sample opendkim/opendkim.conf.simple.in \ - || die - sed -e 's:dist_doc_DATA:dist_html_DATA:' \ - -i libopendkim/docs/Makefile.am \ - || die - eautoreconf -} - -src_configure() { - local myconf=() - if use berkdb ; then - myconf+=( - --with-db-incdir=$(db_includedir) - --enable-query_cache - --enable-stats - ) - fi - if use unbound; then - myconf+=( --with-unbound ) - else - myconf+=( --with-ldns ) - fi - if use ldap; then - myconf+=( $(use_with sasl) ) - fi - - # We install the our configuration filed under e.g. /etc/opendkim, - # so the next line is necessary to point the daemon and all of its - # documentation to the right location by default. - myconf+=( --sysconfdir="${EPREFIX}/etc/${PN}" ) - - econf \ - $(use_with berkdb db) \ - $(use_with opendbx odbx) \ - $(use_with lua) \ - $(use_enable lua rbl) \ - $(use_with ldap openldap) \ - $(use_with lmdb) \ - $(use_enable poll) \ - $(use_enable static-libs static) \ - $(use_with memcached libmemcached) \ - "${myconf[@]}" \ - --enable-filter \ - --enable-atps \ - --enable-identity_header \ - --enable-rate_limit \ - --enable-resign \ - --enable-replace_rules \ - --enable-default_sender \ - --enable-sender_macro \ - --enable-vbr \ - --disable-live-testing \ - --with-test-socket="${T}/opendkim.sock" -} - -src_compile() { - emake runstatedir=/run -} - -src_install() { - default - find "${D}" -name '*.la' -type f -delete || die - - dosbin stats/opendkim-reportstats - - newinitd "${S}/contrib/OpenRC/opendkim.openrc" "${PN}" - systemd_newtmpfilesd "${S}/contrib/systemd/opendkim.tmpfiles" "${PN}.conf" - systemd_newunit "contrib/systemd/opendkim.service" "${PN}.service" - - dodir /etc/opendkim - keepdir /var/lib/opendkim - - # The OpenDKIM data (particularly, your keys) should be read-only to - # the UserID that the daemon runs as. - fowners root:opendkim /var/lib/opendkim - fperms 750 /var/lib/opendkim - - # Tweak the "simple" example configuration a bit before installing - # it unconditionally. - local cf="${T}/opendkim.conf" - # Some MTAs are known to break DKIM signatures with "simple" - # canonicalization [1], so we choose the "relaxed" policy - # over OpenDKIM's current default settings. - # [1] https://wordtothewise.com/2016/12/dkim-canonicalization-or-why-microsoft-breaks-your-mail/ - sed -E -e 's:^(Canonicalization)[[:space:]]+.*:\1\trelaxed/relaxed:' \ - "${S}/opendkim/opendkim.conf.simple" >"${cf}" || die - cat >>"${cf}" < "${T}/opendkim.conf" || die - - # and tweak it a bit before installing it unconditionally. - echo "# For use with unbound" >> "${T}/opendkim.conf" || die - echo "#TrustAnchorFile /etc/dnssec/root-anchors.txt" \ - >> "${T}/opendkim.conf" || die - echo UserID opendkim >> "${T}/opendkim.conf" || die - insinto /etc/opendkim - doins "${T}/opendkim.conf" -} - -pkg_postinst() { - if [[ -z ${REPLACING_VERSION} ]]; then - elog "If you want to sign your mail messages and need some help" - elog "please run:" - elog " emerge --config ${CATEGORY}/${PN}" - elog "It will help you create your key and give you hints on how" - elog "to configure your DNS and MTA." - - # TODO: This is tricky, we really need a good wiki page showing - # how to share a local socket with an MTA! - elog "If you are using a local (UNIX) socket, then you will" - elog "need to make sure that your MTA has read/write access" - elog "to the socket file. This is best accomplished by creating" - elog "a completely-new group with only your MTA user and the " - elog "\"opendkim\" user in it. You would then set \"UMask 0112\"" - elog "in your opendkim.conf, and switch the primary group of your" - elog "\"opendkim\" user to the group that you just created. The" - elog "last step is necessary for the socket to be created as the" - elog "new group (and not as group \"opendkim\")". - else - ewarn "The user account for the OpenDKIM daemon has changed" - ewarn "from \"milter\" to \"opendkim\" to prevent unrelated services" - ewarn "from being able to read your private keys. You should" - ewarn "adjust your existing configuration to use the \"opendkim\"" - ewarn "user and group, and change the permissions on" - ewarn "${ROOT}var/lib/opendkim to root:opendkim with mode 0750." - ewarn "The owner and group of the files within that directory" - ewarn "will likely need to be adjusted as well." - fi -} - -pkg_config() { - local selector keysize pubkey - - read -p "Enter the selector name (default ${HOSTNAME}): " selector - [[ -n "${selector}" ]] || selector="${HOSTNAME}" - if [[ -z "${selector}" ]]; then - eerror "Oddly enough, you don't have a HOSTNAME." - return 1 - fi - if [[ -f "${ROOT}var/lib/opendkim/${selector}.private" ]]; then - ewarn "The private key for this selector already exists." - else - keysize=1024 - # Generate the private and public keys. Note that opendkim-genkeys - # sets umask=077 on its own to keep these safe. However, we want - # them to be readable (only!) to the opendkim user, and we manage - # that by changing their groups and making everything group-readable. - opendkim-genkey -b ${keysize} -D "${ROOT}"var/lib/opendkim/ \ - -s "${selector}" -d '(your domain)' && \ - chgrp --no-dereference opendkim \ - "${ROOT}var/lib/opendkim/${selector}".{private,txt} || \ - { eerror "Failed to create private and public keys." ; - return 1; } - chmod g+r "${ROOT}var/lib/opendkim/${selector}".{private,txt} - fi - - # opendkim selector configuration - echo - einfo "Make sure you have the following settings in your /etc/opendkim/opendkim.conf:" - einfo " Keyfile /var/lib/opendkim/${selector}.private" - einfo " Selector ${selector}" - - # MTA configuration - echo - einfo "If you are using Postfix, add following lines to your main.cf:" - einfo " smtpd_milters = unix:/run/opendkim/opendkim.sock" - einfo " non_smtpd_milters = unix:/run/opendkim/opendkim.sock" - einfo " and read http://www.postfix.org/MILTER_README.html" - - # DNS configuration - einfo "After you configured your MTA, publish your key by adding this TXT record to your domain:" - cat "${ROOT}var/lib/opendkim/${selector}.txt" - einfo "t=y signifies you only test the DKIM on your domain. See following page for the complete list of tags:" - einfo " http://www.dkim.org/specs/rfc4871-dkimbase.html#key-text" -} -- cgit v1.2.3-65-gdbad