-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi there!
dkimproxy currently in Lenny has a file conflict with python-dkim. They both ship a /usr/bin/dkimverify that doesn't exactly do the same thing. This new release of the Debian package renames the dkimproxy /usr/bin/dkimverify to /usr/bin/dkimproxy-verify, and updates the manpages accordingly. Also in this release, a patch given from the upstream author that corrects a nasty bug: dkimproxy was reporting failed signature when syslogd was down. The patch is included in upstream version 1.1, and I have included it in 1.0.1-8 as I thought it was quite a bad thing to keep it in Debian. Please unblock dkimproxy 1.0.1-8 asap so both problems can be corrected. Interdiff between the 2 versions is attached. Thanks to all member of the release team for the huge work, Thomas Goirand -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAklNQXgACgkQl4M9yZjvmkk8lgCcCUfDriJGib5p8M//PImJhZpN JQYAoIOXa0mQIE+aFL9UuTQzWl0/eJmf =M1VD -----END PGP SIGNATURE-----
diff -u dkimproxy-1.0.1/debian/control dkimproxy-1.0.1/debian/control --- dkimproxy-1.0.1/debian/control +++ dkimproxy-1.0.1/debian/control @@ -4,7 +4,8 @@ Maintainer: Thomas Goirand <[email protected]> Build-Depends: debhelper (>= 5) Build-Depends-Indep: autotools-dev, liberror-perl, libnet-server-perl, libmail-dkim-perl (>= 0.29) -Standards-Version: 3.7.3 +Standards-Version: 3.8.0 +Dm-Upload-Allowed: yes Homepage: http://dkimproxy.sourceforge.net/ Package: dkimproxy diff -u dkimproxy-1.0.1/debian/rules dkimproxy-1.0.1/debian/rules --- dkimproxy-1.0.1/debian/rules +++ dkimproxy-1.0.1/debian/rules @@ -41,7 +41,7 @@ mv $(CURDIR)/debian/$(DK_PKGNAME)/usr/lib/* $(CURDIR)/debian/$(DK_PKGNAME)/usr/share/perl5 rmdir $(CURDIR)/debian/$(DK_PKGNAME)/usr/lib mv $(CURDIR)/debian/$(DK_PKGNAME)/usr/bin/dkim_responder.pl $(CURDIR)/debian/$(DK_PKGNAME)/usr/bin/dkim_responder - mv $(CURDIR)/debian/$(DK_PKGNAME)/usr/bin/dkimverify.pl $(CURDIR)/debian/$(DK_PKGNAME)/usr/bin/dkimverify + mv $(CURDIR)/debian/$(DK_PKGNAME)/usr/bin/dkimverify.pl $(CURDIR)/debian/$(DK_PKGNAME)/usr/bin/dkimproxy-verify mv $(CURDIR)/debian/$(DK_PKGNAME)/usr/bin/dkimsign.pl $(CURDIR)/debian/$(DK_PKGNAME)/usr/bin/dkimsign # These are deamons, they have nothing to do in /usr/bin !!! mv $(CURDIR)/debian/$(DK_PKGNAME)/usr/bin/dkimproxy.in $(CURDIR)/debian/$(DK_PKGNAME)/usr/sbin diff -u dkimproxy-1.0.1/debian/manpages dkimproxy-1.0.1/debian/manpages --- dkimproxy-1.0.1/debian/manpages +++ dkimproxy-1.0.1/debian/manpages @@ -5 +5 @@ -debian/man/dkimverify.1 +debian/man/dkimproxy-verify.1 diff -u dkimproxy-1.0.1/debian/changelog dkimproxy-1.0.1/debian/changelog --- dkimproxy-1.0.1/debian/changelog +++ dkimproxy-1.0.1/debian/changelog @@ -1,3 +1,12 @@ +dkimproxy (1.0.1-8) unstable; urgency=low + + * Added a patch given by upstream so that dkimproxy continues to work if + syslogd is not running. + * Renamed /usr/bin/dkimverify to dkimproxy-verify so it doesn't conflicts + with dkimverify from python-dkim (Closes: #509045). + + -- Thomas Goirand <[email protected]> Fri, 19 Dec 2008 18:03:22 +0800 + dkimproxy (1.0.1-7) unstable; urgency=low * Better Unix rights for the keys in /var/lib/dkimproxy diff -u dkimproxy-1.0.1/debian/man/dkimsign.1 dkimproxy-1.0.1/debian/man/dkimsign.1 --- dkimproxy-1.0.1/debian/man/dkimsign.1 +++ dkimproxy-1.0.1/debian/man/dkimsign.1 @@ -29 +29 @@ -dkimproxy.in(8), dkimproxy.out(8), dkimverify(1), dkim_responder(1) +dkimproxy.in(8), dkimproxy.out(8), dkimproxy-verify(1), dkim_responder(1) reverted: --- dkimproxy-1.0.1/debian/man/dkimverify.1 +++ dkimproxy-1.0.1.orig/debian/man/dkimverify.1 @@ -1,10 +0,0 @@ -.TH dkimverify 1 - -.SH NAME -dkimverify \- insert here a description - -.SH DESCRIPTION -This man page is a stub, please contribute - -.SH "SEE ALSO" -dkimproxy.in(8), dkimproxy.out(8), dkimsign(1), dkim_responder(1) diff -u dkimproxy-1.0.1/debian/man/dkim_responder.1 dkimproxy-1.0.1/debian/man/dkim_responder.1 --- dkimproxy-1.0.1/debian/man/dkim_responder.1 +++ dkimproxy-1.0.1/debian/man/dkim_responder.1 @@ -10 +10 @@ -dkimproxy.in(8), dkimproxy.out(8), dkimsign(1), dkimverify(1) +dkimproxy.in(8), dkimproxy.out(8), dkimsign(1), dkimproxy-verify(1) diff -u dkimproxy-1.0.1/debian/man/dkimproxy.in.8 dkimproxy-1.0.1/debian/man/dkimproxy.in.8 --- dkimproxy-1.0.1/debian/man/dkimproxy.in.8 +++ dkimproxy-1.0.1/debian/man/dkimproxy.in.8 @@ -112 +112 @@ -dkimproxy.out(8), dkim_responder(1), dkimsign(1), dkimverify(1) +dkimproxy.out(8), dkim_responder(1), dkimsign(1), dkimproxy-verify(1) diff -u dkimproxy-1.0.1/debian/man/dkimproxy.out.8 dkimproxy-1.0.1/debian/man/dkimproxy.out.8 --- dkimproxy-1.0.1/debian/man/dkimproxy.out.8 +++ dkimproxy-1.0.1/debian/man/dkimproxy.out.8 @@ -197 +197 @@ -dkimproxy.in(8), dkim_responder(8), dkimsign(8), dkimverify(8) +dkimproxy.in(8), dkim_responder(8), dkimsign(8), dkimproxy-verify(8) only in patch2: unchanged: --- dkimproxy-1.0.1.orig/debian/man/dkimproxy-verify.1 +++ dkimproxy-1.0.1/debian/man/dkimproxy-verify.1 @@ -0,0 +1,13 @@ +.TH dkimproxy-verify 1 + +.SH NAME +dkimproxy-verify \- insert here a description + +.SH DESCRIPTION +The dkimproxy verify script that is bundled with DKIMproxy is not a component +of the proxy itself. It's just useful in terms of troubleshooting a signature. + +This man page is a stub, please contribute. + +.SH "SEE ALSO" +dkimproxy.in(8), dkimproxy.out(8), dkimsign(1), dkim_responder(1) only in patch2: unchanged: --- dkimproxy-1.0.1.orig/scripts/dkimproxy.in +++ dkimproxy-1.0.1/scripts/dkimproxy.in @@ -138,9 +138,16 @@ # create an object for sending the outgoing SMTP commands # (and the verified message) - my $client = MSDW::SMTP::Client->new( + my $client = eval { MSDW::SMTP::Client->new( interface => $self->{server}->{relay_host}, - port => $self->{server}->{relay_port}); + port => $self->{server}->{relay_port}) }; + if (my $E = $@) + { + chomp $E; + print "421 Internal error (Next hop is down)\n"; + die "$E\n"; + } + return $client; } @@ -148,10 +155,25 @@ { my $self = shift; - print STDERR "got new connection\n"; + # try to determine peer's address + use Socket; + my $peersockaddr = getpeername(STDOUT); + my ($port, $iaddr) = sockaddr_in($peersockaddr); + $ENV{REMOTE_ADDR} = inet_ntoa($iaddr); # initialize syslog - openlog("dkimproxy.in", "cons,pid", "mail"); + eval + { + openlog("dkimproxy.in", "perror,pid,ndelay", "mail"); + syslog("debug", '%s', "connect from $ENV{REMOTE_ADDR}"); + }; + if (my $E = $@) + { + chomp $E; + print "421 Internal error (Syslog is down)\n"; + die "$E\n"; + } + $self->{debug} = $debugtrace; $self->SUPER::process_request; @@ -187,7 +209,8 @@ { my $E = $@; chomp $E; - syslog("warning", '%s', "verify error: $E"); + $E =~ s/\n/ /gs; + eval { syslog("warning", '%s', "verify error: $E") }; print STDERR "verify error: $E\n"; $verify_result = "temperror"; $verify_detail = "$verify_result ($E)"; only in patch2: unchanged: --- dkimproxy-1.0.1.orig/scripts/dkimproxy.out +++ dkimproxy-1.0.1/scripts/dkimproxy.out @@ -256,9 +256,15 @@ # create an object for sending the outgoing SMTP commands # (and the signed message) - my $client = MSDW::SMTP::Client->new( + my $client = eval { MSDW::SMTP::Client->new( interface => $self->{server}->{relay_host}, - port => $self->{server}->{relay_port}); + port => $self->{server}->{relay_port}) }; + if (my $E = $@) + { + chomp $E; + print "421 Internal error (Next hop is down)\n"; + die "$E\n"; + } return $client; } @@ -266,8 +272,25 @@ { my $self = shift; + # try to determine peer's address + use Socket; + my $peersockaddr = getpeername(STDOUT); + my ($port, $iaddr) = sockaddr_in($peersockaddr); + $ENV{REMOTE_ADDR} = inet_ntoa($iaddr); + # initialize syslog - openlog("dkimproxy.out", "cons,pid", "mail"); + eval + { + openlog("dkimproxy.out", "perror,pid,ndelay", "mail"); + syslog("debug", '%s', "connect from $ENV{REMOTE_ADDR}"); + }; + if (my $E = $@) + { + chomp $E; + print "421 Internal error (Syslog is down)\n"; + die "$E\n"; + } + $self->{debug} = $debugtrace; $self->SUPER::process_request; @@ -322,7 +345,8 @@ { my $E = $@; chomp $E; - syslog("warning", '%s', "signing error: $E"); + $E =~ s/\n/ /gs; + eval { syslog("warning", '%s', "signing error: $E") }; print STDERR "Warning: signing error: $E\n"; $result = "temperror"; $result_detail = "$result ($E)";
