DKIM patch upgraded to v. 1.47

- fixed a bug which was preventing filterargs' wildcards to work properly on sender domain

CHANGELOG.md

@@ -1,5 +1,9 @@
 # Changelog
 
+- Feb 6, 2023
+  - DKIM patch upgraded to v. 1.47
+    - fixed a bug which was preventing filterargs' wildcards to work properly on sender domain
+
 - Jan 20, 2024 [diff](https://github.com/sagredo-dev/qmail/pull/2/commits/3caabe095eae6ab74508b3d56a0398f64a4a5c73)
   - liberal-lf: bare LF no longer allowed due to smuggling vulnerability ([CVE-2023-51765](https://nvd.nist.gov/vuln/detail/CVE-2023-51765)). Enable bare LF by defining ALLOW_BARELF in tcprules or in run file.
 

Makefile

@@ -1213,13 +1213,13 @@ qmail-control.9 conf-break conf-spawn
 
 qmail-dkim: \
 load qmail-dkim.o triggerpull.o fmtqfn.o now.o date822fmt.o \
-subgetopt.o MakeArgs.o datetime.a seek.a ndelay.a \
+subgetopt.o makeargs.o datetime.a seek.a ndelay.a \
 dns_text.o open.a sig.a alloc.a substdio.a error.a \
 wildmat.o str.a case.a fs.a auto_qmail.o auto_split.o \
 parse_env.o auto_uids.o fd.a wait.a getDomainToken.o \
 env.a getln.a control.o stralloc.a dns.lib libdkim.a
 	g++ -o qmail-dkim qmail-dkim.o triggerpull.o fmtqfn.o now.o \
-	subgetopt.o MakeArgs.o date822fmt.o datetime.a seek.a ndelay.a \
+	subgetopt.o makeargs.o date822fmt.o datetime.a seek.a ndelay.a \
 	dns_text.o open.a sig.a substdio.a error.a auto_qmail.o \
 	wildmat.o auto_split.o auto_uids.o fd.a wait.a \
 	getDomainToken.o parse_env.o \
@@ -2398,28 +2398,29 @@ compile wait_nohang.c haswaitp.h
 wait_pid.o: \
 compile wait_pid.c error.h haswaitp.h
 	./compile wait_pid.c
-MakeArgs.o: compile MakeArgs.c alloc.h str.h alloc.h stralloc.h
-	./compile MakeArgs.c
+makeargs.o: compile makeargs.c alloc.h str.h alloc.h stralloc.h
+	./compile makeargs.c
 
 spawn-filter: \
 load spawn-filter.o auto_qmail.o getDomainToken.o \
 parse_env.o fmt_ulong.o scan_ulong.o control.o \
-open_read.o wildmat.o qregex.o MakeArgs.o \
+open_read.o wildmat.o qregex.o makeargs.o report.o \
 case_lowerb.o constmap.o byte_chr.o byte_cr.o case_diffb.o \
 error.a env.a stralloc.a wait.a strerr.a str.a \
 getln.a substdio.a alloc.a
 	./load spawn-filter getDomainToken.o parse_env.o \
 	fmt_ulong.o scan_ulong.o control.o open_read.o \
-	wildmat.o qregex.o MakeArgs.o case_lowerb.o \
+	wildmat.o qregex.o makeargs.o case_lowerb.o \
 	constmap.o byte_chr.o byte_cr.o case_diffb.o \
-	auto_qmail.o \
+	auto_qmail.o report.o \
 	error.a env.a stralloc.a wait.a strerr.a str.a \
 	getln.a substdio.a alloc.a
 
 spawn-filter.o: \
 compile spawn-filter.c fmt.h str.h strerr.h env.h \
-substdio.h stralloc.h error.h \
-wait.h qregex.h
+substdio.h stralloc.h error.h wait.h qregex.h \
+getDomainToken.h makeargs.h scan.h control.h \
+report.h qregex.h auto_qmail.h
 	./compile spawn-filter.c
 
 qregex.o: \
@@ -2439,6 +2440,11 @@ wildmat.o: \
 compile wildmat.c
 	./compile wildmat.c
 
+report.o: \
+compile report.c substdio.h subfd.h strerr.h report.h \
+getDomainToken.h
+	./compile report.c
+
 spawn-filter.0: \
 spawn-filter.8
 	nroff -man spawn-filter.8 > spawn-filter.0

README.md

@@ -63,7 +63,7 @@ This distribution of qmail puts together netqmail-1.06 with the following patche
   adds a user-definable delay after SMTP clients have initiated SMTP sessions, prior to qmail-smtpd responding
   with "220 ESMTP". It can reject connections from clients which tried to send commands before greeting.
   https://notes.sagredo.eu/files/qmail/patches/qmail-greetdelay.patch
-* Manvendra Bhangui's DKIM and SURBL filter v.1.46 patch
+* Manvendra Bhangui's DKIM and SURBL filter v.1.47 patch
   adds DKIM signing & verification and SURBL filtering support to qmail.
   qmail-dk is based on Russ Nelson's patch: http//:www.qmail.org/qmail-1.03-dk-0.54.patch
   qmail-dkim uses hacked libdkim libraries from libdkim project at http://libdkim.sourceforge.net/

TARGETS

@@ -436,8 +436,9 @@ qmail-dkim.8
 qmail-dkim.0
 str_cpyb.o
 dkimfuncs.o
-MakeArgs.o
-spawn-filter spawn-filter.o qregex.o wildmat.o
+makeargs.o
+report.o
+spawn-filter spawn-filter.o qregex.o wildmat.o wildmat
 spawn-filter.8
 spawn-filter.0
 case_startb.o

MakeArgs.c → makeargs.c

@@ -36,6 +36,7 @@
 #include "stralloc.h"
 #include "env.h"
 #include <ctype.h>
+#include "makeargs.h"
 
 #define isEscape(ch) ((ch) == '"' || (ch) == '\'')
 
@@ -48,7 +49,7 @@
  *
  */
 char          **
-MakeArgs(char *cmmd)
+makeargs(char *cmmd)
 {
 	char           *ptr, *marker;
 	char          **argv;
@@ -128,7 +129,7 @@ MakeArgs(char *cmmd)
 }
 
 void
-FreeMakeArgs(char **argv)
+free_makeargs(char **argv)
 {
 	alloc_free(argv);
 	return;

makeargs.h

@@ -0,0 +1,17 @@
+/*
+ * $Log: makeargs.h,v $
+ * Revision 1.1  2021-06-09 21:27:06+05:30  Cprogrammer
+ * Initial revision
+ *
+ */
+#ifndef MAKEARGS_H
+#define MAKEARGS_H
+
+#ifndef	lint
+static char     sccsidmakeargsh[] = "$Id: makeargs.h,v 1.1 2021-06-09 21:27:06+05:30 Cprogrammer Exp mbhangui $";
+#endif
+
+char          **makeargs(char *);
+void            free_makeargs(char **);
+
+#endif

qmail-dkim.c

@@ -1,5 +1,5 @@
 /*
- * $Id: qmail-dkim.c,v 1.71 2023-01-30 10:42:16+05:30 Cprogrammer Exp mbhangui $
+ * $Id: qmail-dkim.c,v 1.76 2024-01-10 23:01:23+05:30 Cprogrammer Exp mbhangui $
  */
 #include <unistd.h>
 #include <stdlib.h>
@@ -26,6 +26,7 @@
 #include "control.h"
 #include "error.h"
 #include "getDomainToken.h"
+#include "makeargs.h"
 #ifdef HAVE_CONFIG_H
 #include "config.h"
 #endif
@@ -63,9 +64,6 @@ static char    *controldir;
 static stralloc fntmp = {0};
 static stralloc bouncehost = {0};
 
-char          **MakeArgs(char *);
-void            FreeMakeArgs(char **);
-
 void
 die(int e, int what)
 {
@@ -332,7 +330,7 @@ dkim_setoptions(DKIMSignOptions *opts, char *signOptions)
 			!stralloc_cats(&dkimopts, signOptions) ||
 			!stralloc_0(&dkimopts))
 		die(51, 0);
-	if (!(argv = MakeArgs(dkimopts.s)))
+	if (!(argv = makeargs(dkimopts.s)))
 		die(51, 0);
 	for (argc = 0;argv[argc];argc++);
 	while ((ch = sgopt(argc, argv, "b:c:li:qthx:z:")) != sgoptdone) {
@@ -356,7 +354,7 @@ dkim_setoptions(DKIMSignOptions *opts, char *signOptions)
 				opts->nCanon = DKIM_SIGN_SIMPLE_RELAXED;
 				break;
 			default:
-				FreeMakeArgs(argv);
+				free_makeargs(argv);
 				return (1);
 			}
 			break;
@@ -404,16 +402,16 @@ dkim_setoptions(DKIMSignOptions *opts, char *signOptions)
 				break;
 #endif
 			default:
-				FreeMakeArgs(argv);
+				free_makeargs(argv);
 				return (1);
 			}
 			break;
 		default:
-			FreeMakeArgs(argv);
+			free_makeargs(argv);
 			return (1);
 		} /*- switch (ch) */
 	} /*- while (1) */
-	FreeMakeArgs(argv);
+	free_makeargs(argv);
 	return (0);
 }
 
@@ -1358,7 +1356,7 @@ main(int argc, char *argv[])
 void
 getversion_qmail_dkim_c()
 {
-	static char    *x = "$Id: qmail-dkim.c,v 1.72 2023-02-01 18:15:33+05:30 Cprogrammer Exp mbhangui $";
+	static char    *x = "$Id: qmail-dkim.c,v 1.76 2024-01-10 23:01:23+05:30 Cprogrammer Exp mbhangui $";
 
 #ifdef HASDKIM
 	x = sccsidmakeargsh;
@@ -1372,7 +1370,18 @@ getversion_qmail_dkim_c()
 
 /*
  * $Log: qmail-dkim.c,v $
- * Revision 1.75  2023-02-17 11:49:48+05:30  Cprogrammer
+ * Revision 1.76  2024-01-10 23:01:23+05:30  Cprogrammer
+ * reset sgoptind, sgoptpos for repeated calls to subgetopt
+ *
+ * Revision 1.75  2024-01-10 10:05:58+05:30  Cprogrammer
+ * use bouncehost/me control file if BOUNCEDOMAIN is not set
+ * set DKIMSIGN to private key from dkimkeys control file
+ *
+ * Revision 1.74  2023-11-20 11:03:04+05:30  Cprogrammer
+ * Added env variable EXCLUDE_DKIMSIGN to exclude headers from DKIM signing
+ * exclude Arc-Authentication-Results header from DKIM signing
+ *
+ * Revision 1.73  2023-02-17 11:49:48+05:30  Cprogrammer
  * added env variable NODKIMKEYS to disable reading of dkimkeys control file
  * disable dkimkeys when doing DKIMSIGNEXTRA
  *

report.c

@@ -0,0 +1,119 @@
+/*
+ * $Log: report.c,v $
+ * Revision 1.6  2023-12-06 17:02:13+05:30  Cprogrammer
+ * added comment on report format for qmail-rspawn
+ *
+ * Revision 1.5  2021-08-29 23:27:08+05:30  Cprogrammer
+ * define functions as noreturn
+ *
+ * Revision 1.4  2021-08-28 23:07:59+05:30  Cprogrammer
+ * moved dtype enum delivery variable from variables.h to getDomainToken.h
+ *
+ * Revision 1.3  2021-05-30 00:16:51+05:30  Cprogrammer
+ * renamed local to local_delivery
+ *
+ * Revision 1.2  2021-05-26 07:36:54+05:30  Cprogrammer
+ * fixed extra colon char in error messages
+ *
+ * Revision 1.1  2021-05-23 06:35:28+05:30  Cprogrammer
+ * Initial revision
+ *
+ */
+#include <unistd.h>
+#include "substdio.h"
+#include "subfd.h"
+#include "strerr.h"
+#include "report.h"
+#include "getDomainToken.h"
+
+extern dtype    delivery;
+
+/*-
+ * qmail-rspawn doesn't use exit code of qmail-remote. It needs a report in
+ * the following format
+ * "[r,h,s]recipient_report\0[K,Z,D]message_report\0"
+ *
+ * recipient_report start with one of the letters r, h, s
+ * as below
+ * r - Recipient report: acceptance.
+ * s - Recipient report: temporary rejection.
+ * h - Recipient report: permanent rejection.
+ *
+ * message_report start with one of the letters K, Z, D
+ * as below
+ * K - Message report: success.
+ * Z - Message report: temporary failure.
+ * D - Message report: permanent failure.
+ *
+ * Examples of qmail-remote report
+ *
+ * Success
+ * "rFrom <xxx@example.com> RCPT <yyy@example.org>\0\n"
+ * "KHost example.com accepted message\0\n"
+ *
+ * temp failure
+ * "sFrom <xxx@example.com> RCPT <yyy@example.org>\0\n"
+ * "ZTemporary failure accepting message\0\n"
+ *
+ * perm failure
+ * "hFrom <xxx@example.com> RCPT <yyy@example.org>\0\n"
+ * "Dexample.org does not like recipient\0\n"
+ *
+ * qmail-lspawn uses the exit code of qmail-local
+ * 0   - Success
+ * 111 - Temporary failure
+ * 100 - Permanent failure
+ */
+void
+report(int errCode, char *s1, char *s2, char *s3, char *s4, char *s5, char *s6)
+{
+	if (delivery == local_delivery) /*- strerr_die does not return */
+		strerr_die6x(errCode, s1, s2, s3, s4, s5, s6);
+	if (!errCode) { /*- should never happen */
+		if (substdio_put(subfdoutsmall, "r\0Kspawn accepted message.\n\0", 28) == -1)
+			_exit(111);
+		if (s1) {
+			if (substdio_puts(subfdoutsmall, s1) == -1 ||
+					substdio_put(subfdoutsmall, "\n", 1) == -1)
+				_exit(111);
+		} else
+		if (substdio_put(subfdoutsmall, "spawn said: 250 ok notification queued\n\0", 41) == -1)
+			_exit(111);
+	} else {
+		/*- h - hard, s - soft */
+		if (substdio_put(subfdoutsmall, errCode == 111 ? "s" : "h", 1) == -1)
+			_exit(111);
+		if (s1 && substdio_puts(subfdoutsmall, s1) == -1)
+			_exit(111);
+		if (s2 && substdio_puts(subfdoutsmall, s2) == -1)
+			_exit(111);
+		if (s3 && substdio_puts(subfdoutsmall, s3) == -1)
+			_exit(111);
+		if (s4 && substdio_puts(subfdoutsmall, s4) == -1)
+			_exit(111);
+		if (s5 && substdio_puts(subfdoutsmall, s5) == -1)
+			_exit(111);
+		if (s6 && substdio_puts(subfdoutsmall, s6) == -1)
+			_exit(111);
+		if (substdio_put(subfdoutsmall, "\0", 1) == -1)
+			_exit(111);
+		if (substdio_puts(subfdoutsmall,
+			errCode == 111 ?  "Zspawn said: Message deferred" : "Dspawn said: Giving up on filter\n") == -1)
+			_exit(111);
+		if (substdio_put(subfdoutsmall, "\0", 1) == -1)
+			_exit(111);
+	}
+	substdio_flush(subfdoutsmall);
+	/*- For qmail-rspawn to stop complaining unable to run qmail-remote */
+	_exit(0);
+}
+
+void
+getversion_report_c()
+{
+	static char    *x = "$Id: report.c,v 1.6 2023-12-06 17:02:13+05:30 Cprogrammer Exp mbhangui $";
+
+	x = sccsidreporth;
+	x = sccsidgetdomainth;
+	x++;
+}

report.h

@@ -0,0 +1,25 @@
+/*
+ * $Log: report.h,v $
+ * Revision 1.4  2022-01-30 09:38:19+05:30  Cprogrammer
+ * define report() as no_return
+ *
+ * Revision 1.3  2021-05-30 00:17:09+05:30  Cprogrammer
+ * moved dtype enum to variables.h
+ *
+ * Revision 1.2  2021-05-26 07:37:41+05:30  Cprogrammer
+ * made delivery variable extern
+ *
+ * Revision 1.1  2021-05-23 06:35:03+05:30  Cprogrammer
+ * Initial revision
+ *
+ */
+#ifndef _REPORT_H
+#define _REPORT_H
+
+#ifndef	lint
+static char     sccsidreporth[] = "$Id: report.h,v 1.4 2022-01-30 09:38:19+05:30 Cprogrammer Exp mbhangui $";
+#endif
+
+void  report(int, char *, char *, char *, char *, char *, char *);
+
+#endif