From 73e85c617ef15afc1122d101e37100a9fb1cda7e Mon Sep 17 00:00:00 2001 From: "Heiko Schlittermann (HS12-RIPE)" Date: Sat, 15 Oct 2022 19:30:58 +0200 Subject: Fix: Build with libopendmarc 1.4.x (fixes 2728) (cherry picked from commit 1561c5d88b3a23a4348d8e3c1ce28554fcbcfe46) --- doc/doc-txt/ChangeLog | 5 +++++ src/src/EDITME | 7 +++++-- src/src/config.h.defaults | 1 + src/src/dmarc.c | 7 ++++++- 4 files changed, 17 insertions(+), 3 deletions(-) diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog index b5cc1a889..f943054ba 100644 --- a/doc/doc-txt/ChangeLog +++ b/doc/doc-txt/ChangeLog @@ -2,6 +2,11 @@ This document describes *changes* to previous versions, that might affect Exim's operation, with an unchanged configuration file. For new options, and new features, see the NewStuff file next to this ChangeLog. +Backported from master +---------------------- + +HS/01 Bug 2728: Introduce EDITME option "DMARC_API" to work around incompatible + API changes in libopendmarc. Exim version 4.95 ----------------- diff --git a/src/src/EDITME b/src/src/EDITME index f4329fabf..a87e6d7e2 100644 --- a/src/src/EDITME +++ b/src/src/EDITME @@ -605,14 +605,17 @@ DISABLE_MAL_MKS=yes # Uncomment the following line to add DMARC checking capability, implemented # using libopendmarc libraries. You must have SPF and DKIM support enabled also. -# Library version libopendmarc-1.4.1-1.fc33.x86_64 (on Fedora 33) is known broken; -# 1.3.2-3 works. I seems that the OpenDMARC project broke their API. # SUPPORT_DMARC=yes # CFLAGS += -I/usr/local/include # LDFLAGS += -lopendmarc # Uncomment the following if you need to change the default. You can # override it at runtime (main config option dmarc_tld_file) # DMARC_TLD_FILE=/etc/exim/opendmarc.tlds +# +# Library version libopendmarc-1.4.1-1.fc33.x86_64 (on Fedora 33) is known broken; +# 1.3.2-3 works. It seems that the OpenDMARC project broke their API. +# Use this option if you need to build with an old library (1.3.x) +# DMARC_API=100300 # Uncomment the following line to add ARC (Authenticated Received Chain) # support. You must have SPF and DKIM support enabled also. diff --git a/src/src/config.h.defaults b/src/src/config.h.defaults index 877cc7bc4..5dde056a0 100644 --- a/src/src/config.h.defaults +++ b/src/src/config.h.defaults @@ -150,6 +150,7 @@ Do not put spaces between # and the 'define'. #define SUPPORT_CRYPTEQ #define SUPPORT_DANE #define SUPPORT_DMARC +#define DMARC_API 100400 #define DMARC_TLD_FILE "/etc/exim/opendmarc.tlds" #define SUPPORT_I18N #define SUPPORT_I18N_2008 diff --git a/src/src/dmarc.c b/src/src/dmarc.c index 8a9cdce0d..0705601b4 100644 --- a/src/src/dmarc.c +++ b/src/src/dmarc.c @@ -461,7 +461,12 @@ if (!dmarc_abort && !sender_host_authenticated) vs == PDKIM_VERIFY_INVALID ? DMARC_POLICY_DKIM_OUTCOME_TMPFAIL : DMARC_POLICY_DKIM_OUTCOME_NONE; libdm_status = opendmarc_policy_store_dkim(dmarc_pctx, US sig->domain, - dkim_result, US""); +/* The opendmarc project broke its API in a way we can't detect * easily. + * The EDITME provides a DMARC_API variable */ +#if DMARC_API >= 100400 + sig->selector, +#endif + dkim_result, US""); DEBUG(D_receive) debug_printf("DMARC adding DKIM sender domain = %s\n", sig->domain); if (libdm_status != DMARC_PARSE_OKAY) -- cgit v1.2.1