From ef4083f0d057db48e21e4081142ed511c5f3e060 Mon Sep 17 00:00:00 2001
From: Kurt Jaeger <pi@FreeBSD.org>
Date: Sun, 15 Sep 2019 09:51:20 +0000
Subject: [PATCH] mail/opendmarc: fix multiple addresses in From vulnerability

- please note that it might only be a partial fix, see
  https://github.com/trusteddomainproject/OpenDMARC/pull/48#issuecomment-530375590

PR:		240505
Reported by:	protonmail
Approved by:	ports-secteam (delphij)
Obtained from:	https://github.com/trusteddomainproject/OpenDMARC/pull/48
MFH:		2019Q3
Security:	https://protonmail.com/blog/bellingcat-cyberattack-phishing/
---
 mail/opendmarc/Makefile                               |  2 +-
 .../files/patch-libopendmarc_tests_test__finddomain.c | 10 ++++++++++
 mail/opendmarc/files/patch-opendmarc_opendmarc.c      | 11 +++++++++++
 3 files changed, 22 insertions(+), 1 deletion(-)
 create mode 100644 mail/opendmarc/files/patch-libopendmarc_tests_test__finddomain.c
 create mode 100644 mail/opendmarc/files/patch-opendmarc_opendmarc.c

diff --git a/mail/opendmarc/Makefile b/mail/opendmarc/Makefile
index 2a6f92f252fb..883a1f6b1198 100644
--- a/mail/opendmarc/Makefile
+++ b/mail/opendmarc/Makefile
@@ -3,7 +3,7 @@
 
 PORTNAME=	opendmarc
 PORTVERSION=	1.3.2
-PORTREVISION=	1
+PORTREVISION=	2
 CATEGORIES=	mail security
 MASTER_SITES=	SF/${PORTNAME} \
 		SF/${PORTNAME}/Previous%20Releases
diff --git a/mail/opendmarc/files/patch-libopendmarc_tests_test__finddomain.c b/mail/opendmarc/files/patch-libopendmarc_tests_test__finddomain.c
new file mode 100644
index 000000000000..8765c76e029b
--- /dev/null
+++ b/mail/opendmarc/files/patch-libopendmarc_tests_test__finddomain.c
@@ -0,0 +1,10 @@
+--- libopendmarc/tests/test_finddomain.c.orig	2012-10-25 15:38:55 UTC
++++ libopendmarc/tests/test_finddomain.c
+@@ -23,6 +23,7 @@ main(int argc, char **argv)
+ 		/* 11 */ {"(,) joe@joe.com", "joe.com"},
+ 		/* 12 */ {"\"( bob@bob.com)\" joe@joe.com", "joe.com"},
+ 		/* 12 */ {"From: Davide D'Marco <user@blah.com>", "blah.com"},
++		/* 13 */ {"blah.com>", "blah.com"},
+ 			 {NULL, NULL},
+ 	};
+ 	u_char dbuf[256];
diff --git a/mail/opendmarc/files/patch-opendmarc_opendmarc.c b/mail/opendmarc/files/patch-opendmarc_opendmarc.c
new file mode 100644
index 000000000000..818f761b8529
--- /dev/null
+++ b/mail/opendmarc/files/patch-opendmarc_opendmarc.c
@@ -0,0 +1,11 @@
+--- opendmarc/opendmarc.c.orig	2017-03-04 13:28:39 UTC
++++ opendmarc/opendmarc.c
+@@ -2193,7 +2193,7 @@ mlfi_eom(SMFICTX *ctx)
+ 	strncpy(dfc->mctx_fromdomain, domain, sizeof dfc->mctx_fromdomain - 1);
+ 
+ 	ostatus = opendmarc_policy_store_from_domain(cc->cctx_dmarc,
+-	                                             from->hdr_value);
++	                                             dfc->mctx_fromdomain);
+ 	if (ostatus != DMARC_PARSE_OKAY)
+ 	{
+ 		if (conf->conf_dolog)