Version in base suite: 1.0.2-1 Base version: dkimpy-milter_1.0.2-1 Target version: dkimpy-milter_1.0.3-1 Base file: /srv/ftp-master.debian.org/ftp/pool/main/d/dkimpy-milter/dkimpy-milter_1.0.2-1.dsc Target file: /srv/ftp-master.debian.org/policy/pool/main/d/dkimpy-milter/dkimpy-milter_1.0.3-1.dsc CHANGES | 7 +++++++ PKG-INFO | 2 +- debian/changelog | 13 +++++++++++++ dkimpy_milter.egg-info/PKG-INFO | 2 +- dkimpy_milter/__init__.py | 6 ++---- dkimpy_milter/util.py | 10 ---------- setup.py | 2 +- 7 files changed, 25 insertions(+), 17 deletions(-) diff -Nru dkimpy-milter-1.0.2/CHANGES dkimpy-milter-1.0.3/CHANGES --- dkimpy-milter-1.0.2/CHANGES 2019-10-07 04:12:30.000000000 +0000 +++ dkimpy-milter-1.0.3/CHANGES 2019-11-23 01:37:23.000000000 +0000 @@ -1,3 +1,10 @@ +1.0.3 2019-11-22 + - Make error logging more explicit to aid debugging + - Delete own_socketfile to resolve race condition where the permissions + change fails on a Unix socket because it hasn't been created yet (libmilter + will do this correctly on its own based on umask, the milter doesn't need + to do it) (LP: #1849712) + 1.0.2 2019-10-07 - Fix startup logging so it provides information at a useful time - Fix message extraction so that signing in the same pass through the milter diff -Nru dkimpy-milter-1.0.2/PKG-INFO dkimpy-milter-1.0.3/PKG-INFO --- dkimpy-milter-1.0.2/PKG-INFO 2019-10-07 04:14:32.000000000 +0000 +++ dkimpy-milter-1.0.3/PKG-INFO 2019-11-23 01:42:41.000000000 +0000 @@ -1,6 +1,6 @@ Metadata-Version: 1.1 Name: dkimpy-milter -Version: 1.0.2 +Version: 1.0.3 Summary: Domain Keys Identified Mail (DKIM) signing/verifying milter for Postfix/Sendmail. Home-page: https://launchpad.net/dkimpy-milter Author: Scott Kitterman diff -Nru dkimpy-milter-1.0.2/debian/changelog dkimpy-milter-1.0.3/debian/changelog --- dkimpy-milter-1.0.2/debian/changelog 2019-10-07 04:31:48.000000000 +0000 +++ dkimpy-milter-1.0.3/debian/changelog 2020-01-15 13:43:45.000000000 +0000 @@ -1,3 +1,16 @@ +dkimpy-milter (1.0.3-1) buster; urgency=medium + + * New upstream release: + * Fix priviledge managment at startup so Unix sockets work: + Milter: Move drop_privileges before Milter.runmilter and delete + own_socketfile so that the milter interface runs as the correct user + without race conditions about changing ownership of the socket file when + it hasn't been created yet (When the milter is started, it will create the + socket based on uMask, so we don't need to manually change it) + * Improve error log messages to aid troublshooting + + -- Scott Kitterman Wed, 15 Jan 2020 08:43:45 -0500 + dkimpy-milter (1.0.2-1) buster; urgency=medium * New upstream release diff -Nru dkimpy-milter-1.0.2/dkimpy_milter/__init__.py dkimpy-milter-1.0.3/dkimpy_milter/__init__.py --- dkimpy-milter-1.0.2/dkimpy_milter/__init__.py 2019-10-07 03:49:01.000000000 +0000 +++ dkimpy-milter-1.0.3/dkimpy_milter/__init__.py 2019-11-23 01:36:30.000000000 +0000 @@ -36,7 +36,6 @@ from dkimpy_milter.util import setExceptHook from dkimpy_milter.util import write_pid from dkimpy_milter.util import read_keyfile -from dkimpy_milter.util import own_socketfile from dkimpy_milter.util import fold __version__ = "1.0.1" @@ -285,7 +284,7 @@ except Exception as x: self.dkim_comment = str(x) if milterconfig.get('Syslog'): - syslog.syslog("check_dkim: {0}".format(x)) + syslog.syslog("check_dkim: Internal program fault while verifying: {0}".format(x)) try: self.header_i = d.signature_fields.get(b'i') except TypeError as x: @@ -296,7 +295,7 @@ except Exception as x: self.dkim_comment = str(x) if milterconfig.get('Syslog'): - syslog.syslog("check_dkim: {0}".format(x)) + syslog.syslog("check_dkim: Internal proram fuault extracting header a or d: {0}".format(x)) self.header_d = None if not self.header_a: self.header_a = 'rsa-sha256' @@ -371,7 +370,6 @@ Milter.set_flags(Milter.CHGHDRS + Milter.ADDHDRS) miltername = 'dkimpy-filter' socketname = milterconfig.get('Socket') - own_socketfile(milterconfig) drop_privileges(milterconfig) sys.stdout.flush() if milterconfig.get('Syslog'): diff -Nru dkimpy-milter-1.0.2/dkimpy_milter/util.py dkimpy-milter-1.0.3/dkimpy_milter/util.py --- dkimpy-milter-1.0.2/dkimpy_milter/util.py 2019-10-07 03:49:01.000000000 +0000 +++ dkimpy-milter-1.0.3/dkimpy_milter/util.py 2019-11-23 01:36:30.000000000 +0000 @@ -146,16 +146,6 @@ return pid -def own_socketfile(milterconfig): - """If socket is Unix socket, chown to UserID before dropping privileges""" - import os - user, group = user_group(milterconfig.get('UserID')) - if milterconfig.get('Socket')[:1] == '/': - os.chown(milterconfig.get('Socket')[1:], user, group) - if milterconfig.get('Socket')[:6] == "local:": - os.chown(milterconfig.get('Socket')[6:], user, group) - - def read_keyfile(milterconfig, keytype): """Read private key from file.""" import syslog diff -Nru dkimpy-milter-1.0.2/dkimpy_milter.egg-info/PKG-INFO dkimpy-milter-1.0.3/dkimpy_milter.egg-info/PKG-INFO --- dkimpy-milter-1.0.2/dkimpy_milter.egg-info/PKG-INFO 2019-10-07 04:14:32.000000000 +0000 +++ dkimpy-milter-1.0.3/dkimpy_milter.egg-info/PKG-INFO 2019-11-23 01:42:41.000000000 +0000 @@ -1,6 +1,6 @@ Metadata-Version: 1.1 Name: dkimpy-milter -Version: 1.0.2 +Version: 1.0.3 Summary: Domain Keys Identified Mail (DKIM) signing/verifying milter for Postfix/Sendmail. Home-page: https://launchpad.net/dkimpy-milter Author: Scott Kitterman diff -Nru dkimpy-milter-1.0.2/setup.py dkimpy-milter-1.0.3/setup.py --- dkimpy-milter-1.0.2/setup.py 2019-10-07 04:11:42.000000000 +0000 +++ dkimpy-milter-1.0.3/setup.py 2019-11-23 01:42:32.000000000 +0000 @@ -30,7 +30,7 @@ setup( name='dkimpy-milter', - version='1.0.2', + version='1.0.3', author='Scott Kitterman', author_email='scott@kitterman.com', url='https://launchpad.net/dkimpy-milter',