Fix: Build with libopendmarc 1.4.x (fixes 2728)

diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog
index 9d7d02d0ee56a78cc954877645598344e314ca90..2ca0f7e00db532379923f0b8dc4952fe0b3f2bf8 100644 (file)
--- a/doc/doc-txt/ChangeLog
+++ b/doc/doc-txt/ChangeLog
@@ -47,6 +47,9 @@ JH/11 OpenSSL: fix for ancient clients needing TLS support for versions earlier
       than TLSv1,2,  Previously, more-recent versions of OpenSSL were permitting
       the systemwide configuration to override the Exim config.
 
       than TLSv1,2,  Previously, more-recent versions of OpenSSL were permitting
       the systemwide configuration to override the Exim config.
 

+HS/01 Bug 2728: Introduce EDITME option "DMARC_API" to work around incompatible
+      API changes in libopendmarc.
+

 
 Exim version 4.96
 -----------------
 
 Exim version 4.96
 -----------------

diff --git a/src/src/EDITME b/src/src/EDITME
index 80bd078170793d4aea3d43ccc958d5500ea6e82e..28d3d538ed80a80160dc5b9efbb3f3bce857157b 100644 (file)
--- a/src/src/EDITME
+++ b/src/src/EDITME
@@ -602,14 +602,17 @@ DISABLE_MAL_MKS=yes
 
 # Uncomment the following line to add DMARC checking capability, implemented
 # using libopendmarc libraries. You must have SPF and DKIM support enabled also.
 
 # Uncomment the following line to add DMARC checking capability, implemented
 # using libopendmarc libraries. You must have SPF and DKIM support enabled also.

-# Library version libopendmarc-1.4.1-1.fc33.x86_64  (on Fedora 33) is known broken;
-# 1.3.2-3 works.  I seems that the OpenDMARC project broke their API.

 # SUPPORT_DMARC=yes
 # CFLAGS += -I/usr/local/include
 # LDFLAGS += -lopendmarc
 # Uncomment the following if you need to change the default. You can
 # override it at runtime (main config option dmarc_tld_file)
 # DMARC_TLD_FILE=/etc/exim/opendmarc.tlds
 # SUPPORT_DMARC=yes
 # CFLAGS += -I/usr/local/include
 # LDFLAGS += -lopendmarc
 # Uncomment the following if you need to change the default. You can
 # override it at runtime (main config option dmarc_tld_file)
 # DMARC_TLD_FILE=/etc/exim/opendmarc.tlds

+#
+# Library version libopendmarc-1.4.1-1.fc33.x86_64  (on Fedora 33) is known broken;
+# 1.3.2-3 works.  It seems that the OpenDMARC project broke their API.
+# Use this option if you need to build with an old library (1.3.x)
+# DMARC_API=100300

 
 # Uncomment the following line to add ARC (Authenticated Received Chain)
 # support.  You must have SPF and DKIM support enabled also.
 
 # Uncomment the following line to add ARC (Authenticated Received Chain)
 # support.  You must have SPF and DKIM support enabled also.

diff --git a/src/src/config.h.defaults b/src/src/config.h.defaults
index 25ab7550689a3ab8a382339138c18d06640601b8..22170522467b52c590761ea71a319eddb00cbe19 100644 (file)
--- a/src/src/config.h.defaults
+++ b/src/src/config.h.defaults
@@ -150,6 +150,7 @@ Do not put spaces between # and the 'define'.
 #define SUPPORT_CRYPTEQ
 #define SUPPORT_DANE
 #define SUPPORT_DMARC
 #define SUPPORT_CRYPTEQ
 #define SUPPORT_DANE
 #define SUPPORT_DMARC

+#define DMARC_API 100400

 #define DMARC_TLD_FILE "/etc/exim/opendmarc.tlds"
 #define SUPPORT_I18N
 #define SUPPORT_I18N_2008
 #define DMARC_TLD_FILE "/etc/exim/opendmarc.tlds"
 #define SUPPORT_I18N
 #define SUPPORT_I18N_2008

diff --git a/src/src/dmarc.c b/src/src/dmarc.c
index 17bba9d75b7adbe08251c9f7da301f43b5e1f81f..ad0c26c91829a40d2c7cd3480d88a3b89b72fb2b 100644 (file)
--- a/src/src/dmarc.c
+++ b/src/src/dmarc.c
@@ -459,7 +459,12 @@ if (!dmarc_abort && !sender_host_authenticated)
                  vs == PDKIM_VERIFY_INVALID ? DMARC_POLICY_DKIM_OUTCOME_TMPFAIL :
                  DMARC_POLICY_DKIM_OUTCOME_NONE;
     libdm_status = opendmarc_policy_store_dkim(dmarc_pctx, US sig->domain,
                  vs == PDKIM_VERIFY_INVALID ? DMARC_POLICY_DKIM_OUTCOME_TMPFAIL :
                  DMARC_POLICY_DKIM_OUTCOME_NONE;
     libdm_status = opendmarc_policy_store_dkim(dmarc_pctx, US sig->domain,

-                                              dkim_result, US"");
+/* The opendmarc project broke its API in a way we can't detect * easily.
+ * The EDITME provides a DMARC_API variable */
+#if DMARC_API >= 100400
+                                               sig->selector,
+#endif
+                                               dkim_result, US"");

     DEBUG(D_receive)
       debug_printf("DMARC adding DKIM sender domain = %s\n", sig->domain);
     if (libdm_status != DMARC_PARSE_OKAY)
     DEBUG(D_receive)
       debug_printf("DMARC adding DKIM sender domain = %s\n", sig->domain);
     if (libdm_status != DMARC_PARSE_OKAY)