blob: 36c2a9954958934300ed6d35102606c7f2bba879 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
|
# Copyright 1999-2019 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
EAPI=6
inherit autotools db-use eutils systemd user
DESCRIPTION="A milter-based application to provide DKIM signing and verification"
HOMEPAGE="http://opendkim.org"
SRC_URI="mirror://sourceforge/opendkim/${P}.tar.gz"
LICENSE="Sendmail-Open-Source BSD"
SLOT="0"
KEYWORDS="~amd64 ~arm ~x86"
IUSE="+berkdb gnutls ldap libressl lmdb lua memcached opendbx poll sasl selinux +ssl static-libs unbound"
DEPEND="|| ( mail-filter/libmilter mail-mta/sendmail )
dev-libs/libbsd
ssl? (
!libressl? ( dev-libs/openssl:0= )
libressl? ( dev-libs/libressl:0= )
)
berkdb? ( >=sys-libs/db-3.2:* )
opendbx? ( >=dev-db/opendbx-1.4.0 )
lua? ( dev-lang/lua:* )
ldap? ( net-nds/openldap )
lmdb? ( dev-db/lmdb )
memcached? ( dev-libs/libmemcached )
sasl? ( dev-libs/cyrus-sasl )
unbound? ( >=net-dns/unbound-1.4.1:= net-dns/dnssec-root )
!unbound? ( net-libs/ldns )
gnutls? ( >=net-libs/gnutls-3.3 )"
RDEPEND="${DEPEND}
sys-process/psmisc
selinux? ( sec-policy/selinux-dkim )
"
REQUIRED_USE="sasl? ( ldap )"
PATCHES=(
"${FILESDIR}/${P}-gnutls-3.4.patch"
"${FILESDIR}/${P}-openssl-1.1.1.patch"
)
pkg_setup() {
enewgroup milter
# mail-milter/spamass-milter creates milter user with this home directory
# For consistency reasons, milter user must be created here with this home directory
# even though this package doesn't need a home directory for this user (#280571)
enewuser milter -1 -1 /var/lib/milter milter
}
src_prepare() {
default
sed -i -e 's:/var/db/dkim:/etc/opendkim:g' \
-e 's:/var/db/opendkim:/var/lib/opendkim:g' \
-e 's:/etc/mail:/etc/opendkim:g' \
-e 's:mailnull:milter:g' \
-e 's:^#[[:space:]]*PidFile.*:PidFile /run/opendkim/opendkim.pid:' \
opendkim/opendkim.conf.sample opendkim/opendkim.conf.simple.in \
stats/opendkim-reportstats{,.in} || die
sed -i -e 's:dist_doc_DATA:dist_html_DATA:' libopendkim/docs/Makefile.am \
|| die
sed -i -e '/sock.*mt.getcwd/s:mt.getcwd():"/tmp":' opendkim/tests/*.lua
sed -i -e '/sock.*mt.getcwd/s:mt.getcwd():"/proc/self/cwd":' opendkim/tests/*.lua
eautoreconf
}
src_configure() {
local myconf=()
if use berkdb ; then
myconf+=(
$(db_includedir)
--with-db-incdir=${myconf#-I}
--enable-popauth
--enable-query_cache
--enable-stats
)
fi
if use unbound; then
myconf+=( --with-unbound )
else
myconf+=( --with-ldns )
fi
if use ldap; then
myconf+=( $(use_with sasl) )
fi
econf \
$(use_with berkdb db) \
$(use_with opendbx odbx) \
$(use_with lua) \
$(use_enable lua rbl) \
$(use_with ldap openldap) \
$(use_with lmdb) \
$(use_enable poll) \
$(use_enable static-libs static) \
$(use_with gnutls) \
$(use_with memcached libmemcached) \
"${myconf[@]}" \
--enable-filter \
--enable-atps \
--enable-identity_header \
--enable-rate_limit \
--enable-resign \
--enable-replace_rules \
--enable-default_sender \
--enable-sender_macro \
--enable-vbr \
--disable-live-testing
#--with-test-socket=/tmp/opendkim-$(echo ${RANDOM})-S
#--disable-rpath
}
src_install() {
default
prune_libtool_files
dosbin stats/opendkim-reportstats
newinitd "${FILESDIR}/opendkim.init.r3" opendkim
systemd_newunit "${FILESDIR}/opendkim-r1.service" opendkim.service
dodir /etc/opendkim /var/lib/opendkim
fowners milter:milter /var/lib/opendkim
# default configuration
if [ ! -f "${ROOT}"/etc/opendkim/opendkim.conf ]; then
grep ^[^#] "${S}"/opendkim/opendkim.conf.simple \
> "${D}"/etc/opendkim/opendkim.conf
if use unbound; then
echo TrustAnchorFile /etc/dnssec/root-anchors.txt >> "${D}"/etc/opendkim/opendkim.conf
fi
echo UserID milter >> "${D}"/etc/opendkim/opendkim.conf
if use berkdb; then
echo Statistics /var/lib/opendkim/stats.dat >> \
"${D}"/etc/opendkim/opendkim.conf
fi
fi
}
pkg_postinst() {
if [[ -z ${REPLACING_VERSION} ]]; then
elog "If you want to sign your mail messages and need some help"
elog "please run:"
elog " emerge --config ${CATEGORY}/${PN}"
elog "It will help you create your key and give you hints on how"
elog "to configure your DNS and MTA."
ewarn "Make sure your MTA has r/w access to the socket file."
ewarn "This can be done either by setting UMask to 002 and adding MTA's user"
ewarn "to milter group or you can simply set UMask to 000."
fi
}
pkg_config() {
local selector keysize pubkey
read -p "Enter the selector name (default ${HOSTNAME}): " selector
[[ -n "${selector}" ]] || selector=${HOSTNAME}
if [[ -z "${selector}" ]]; then
eerror "Oddly enough, you don't have a HOSTNAME."
return 1
fi
if [[ -f "${ROOT}"etc/opendkim/${selector}.private ]]; then
ewarn "The private key for this selector already exists."
else
keysize=1024
# generate the private and public keys
opendkim-genkey -b ${keysize} -D "${ROOT}"etc/opendkim/ \
-s ${selector} -d '(your domain)' && \
chown milter:milter \
"${ROOT}"etc/opendkim/"${selector}".private || \
{ eerror "Failed to create private and public keys." ; return 1; }
chmod go-r "${ROOT}"etc/opendkim/"${selector}".private
fi
# opendkim selector configuration
echo
einfo "Make sure you have the following settings in your /etc/opendkim/opendkim.conf:"
einfo " Keyfile /etc/opendkim/${selector}.private"
einfo " Selector ${selector}"
# MTA configuration
echo
einfo "If you are using Postfix, add following lines to your main.cf:"
einfo " smtpd_milters = unix:/var/run/opendkim/opendkim.sock"
einfo " non_smtpd_milters = unix:/var/run/opendkim/opendkim.sock"
einfo " and read http://www.postfix.org/MILTER_README.html"
# DNS configuration
einfo "After you configured your MTA, publish your key by adding this TXT record to your domain:"
cat "${ROOT}"etc/opendkim/${selector}.txt
einfo "t=y signifies you only test the DKIM on your domain. See following page for the complete list of tags:"
einfo " http://www.dkim.org/specs/rfc4871-dkimbase.html#key-text"
}
|