Bug 2399960
| Summary: | opendmarc compile no longer uses libspf2 even when told to | ||
|---|---|---|---|
| Product: | [Fedora] Fedora | Reporter: | Jeffrey Goh <bugs> |
| Component: | opendmarc | Assignee: | Mikel Olasagasti Uranga <mikel> |
| Status: | CLOSED ERRATA | QA Contact: | Fedora Extras Quality Assurance <extras-qa> |
| Severity: | high | Docs Contact: | |
| Priority: | unspecified | ||
| Version: | 42 | CC: | abo, kevin, mikel |
| Target Milestone: | --- | Keywords: | Regression |
| Target Release: | --- | ||
| Hardware: | x86_64 | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | opendmarc-1.4.2-33.fc44 opendmarc-1.4.2-33.el10_2 opendmarc-1.4.2-33.el10_1 opendmarc-1.4.2-33.el9 opendmarc-1.4.2-33.fc42 opendmarc-1.4.2-33.el10_0 opendmarc-1.4.2-33.fc41 opendmarc-1.4.2-33.fc43 | Doc Type: | --- |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2025-09-30 15:49:28 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
|
Description
Jeffrey Goh
2025-09-28 06:09:17 UTC
Upon further testing, I found that the last version to include SPF2 is this: Name : opendmarc Version : 1.4.2 Release : 22.fc41 Architecture: x86_64 Install Date: Fri 03 Jan 2025 05:19:21 PM Looks like first version that excludes WITH_SPF2 is 1.4.2-25 in Fedora 42 Binary and library are linked against libspf2: # rpm -qa |grep opendma libopendmarc-1.4.2-32.fc43.x86_64 opendmarc-1.4.2-32.fc43.x86_64 # ldd /usr/bin/opendmarc linux-vdso.so.1 (0x00007fcfde7a6000) libopendmarc.so.2 => /lib64/libopendmarc.so.2 (0x00007fcfde76f000) libmilter.so.1.0 => /lib64/libmilter.so.1.0 (0x00007fcfde75e000) libc.so.6 => /lib64/libc.so.6 (0x00007fcfde56a000) libm.so.6 => /lib64/libm.so.6 (0x00007fcfde476000) libspf2.so.2 => /lib64/libspf2.so.2 (0x00007fcfde459000) <-- /lib64/ld-linux-x86-64.so.2 (0x00007fcfde7a8000) libresolv.so.2 => /lib64/libresolv.so.2 (0x00007fcfde445000) # ldd /usr/lib64/libopendmarc.so.2 linux-vdso.so.1 (0x00007f724cedd000) libm.so.6 => /lib64/libm.so.6 (0x00007f724cdc9000) libspf2.so.2 => /lib64/libspf2.so.2 (0x00007f724cdac000) <-- libc.so.6 => /lib64/libc.so.6 (0x00007f724cbb8000) /lib64/ld-linux-x86-64.so.2 (0x00007f724cedf000) libresolv.so.2 => /lib64/libresolv.so.2 (0x00007f724cba6000) I'll check why it doesn't show with "-V" yes, I can confirm the libspf2 library is linked in for all versions between 1.4.2-24 and 1.4.2-25. The configure run looks ok, but in the opendmarc/opendmarc.c there's this: # if HAVE_SPF2_H spf_result = opendmarc_spf2_test( # else /* HAVE_SPF2_H */ spf_result = opendmarc_spf_test( # endif /* HAVE_SPF2_H */ and near as I can tell, it is somehow failing HAVE_SPF2_H (verified using "strings | grep spf2" on both old and new binaries ) Arguably opendmarc_spf_test should be deprecated in favor of opendmarc_spf2_test as it's missing even IPv6 compatibility for A and MX records, which is the symptom that led me down this rabbit hole. I think I found the issue. After gcc15 was introduced opendmarc started to fail and I introduced this patch https://src.fedoraproject.org/rpms/opendmarc/c/c8a9332c3cc0fddd78adc3af06eb542e1050e627?branch=rawhide that doesn't work as it should. It allows the package to be built... but just fails to detect spf.h and thus HAVE_SPF2_H is not enabled. I think the correct fix would be this new patch https://src.fedoraproject.org/fork/mikelo2/rpms/opendmarc/c/40551d875966146048a8f9f9458fb3e8dd26aee3?branch=drop-gcc15-patch Can you verify the fix using the builds in this COPR? https://copr.fedorainfracloud.org/coprs/mikelo2/opendmarc-bz2399960/build/9630470/ Once confirmed I'll polish it and submit the patch upstream and I'll close previous patch PR https://github.com/trusteddomainproject/OpenDMARC/pull/281 # rpm -Uvh *33* warning: libopendmarc-1.4.2-33.fc42.x86_64.rpm: Header V4 RSA/SHA256 Signature, key ID 81455310: NOKEY Verifying... ################################# [100%] Preparing... ################################# [100%] Updating / installing... 1:libopendmarc-1.4.2-33.fc42 ################################# [ 25%] 2:opendmarc-1.4.2-33.fc42 ################################# [ 50%] Cleaning up / removing... 3:opendmarc-1.4.2-22.fc41 ################################# [ 75%] 4:libopendmarc-1.4.2-22.fc41 ################################# [100%] root@frodo:~# opendmarc -V opendmarc: OpenDMARC Filter v1.4.2 SMFI_VERSION 0x1000001 libmilter version 1.0.1 Active code options: WITH_SPF WITH_SPF2 testing w IPv6 also works a charm! Thank you so much - I managed to revert to 1.4.2-22 from F41, but definitely much prefer this path. FEDORA-2025-1aa75bd11c (opendmarc-1.4.2-33.fc44) has been submitted as an update to Fedora 44. https://bodhi.fedoraproject.org/updates/FEDORA-2025-1aa75bd11c FEDORA-EPEL-2025-31cde20181 (opendmarc-1.4.2-33.el10_1) has been submitted as an update to Fedora EPEL 10.1. https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2025-31cde20181 FEDORA-2025-a393c2585d (opendmarc-1.4.2-33.fc43) has been submitted as an update to Fedora 43. https://bodhi.fedoraproject.org/updates/FEDORA-2025-a393c2585d FEDORA-EPEL-2025-883e1c0734 (opendmarc-1.4.2-33.el10_0) has been submitted as an update to Fedora EPEL 10.0. https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2025-883e1c0734 FEDORA-EPEL-2025-60fd9282ce (opendmarc-1.4.2-33.el10_2) has been submitted as an update to Fedora EPEL 10.2. https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2025-60fd9282ce FEDORA-EPEL-2025-aaa6df7fdb (opendmarc-1.4.2-33.el9) has been submitted as an update to Fedora EPEL 9. https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2025-aaa6df7fdb FEDORA-2025-88ba9c2bfa (opendmarc-1.4.2-33.fc41) has been submitted as an update to Fedora 41. https://bodhi.fedoraproject.org/updates/FEDORA-2025-88ba9c2bfa FEDORA-2025-1aa75bd11c (opendmarc-1.4.2-33.fc44) has been pushed to the Fedora 44 stable repository. If problem still persists, please make note of it in this bug report. FEDORA-2025-5f200d6f25 has been pushed to the Fedora 42 testing repository. Soon you'll be able to install the update with the following command: `sudo dnf upgrade --enablerepo=updates-testing --refresh --advisory=FEDORA-2025-5f200d6f25` You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2025-5f200d6f25 See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates. FEDORA-EPEL-2025-31cde20181 has been pushed to the Fedora EPEL 10.1 testing repository. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2025-31cde20181 See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates. FEDORA-EPEL-2025-60fd9282ce has been pushed to the Fedora EPEL 10.2 testing repository. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2025-60fd9282ce See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates. FEDORA-EPEL-2025-883e1c0734 has been pushed to the Fedora EPEL 10.0 testing repository. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2025-883e1c0734 See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates. FEDORA-EPEL-2025-aaa6df7fdb has been pushed to the Fedora EPEL 9 testing repository. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2025-aaa6df7fdb See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates. FEDORA-2025-88ba9c2bfa has been pushed to the Fedora 41 testing repository. Soon you'll be able to install the update with the following command: `sudo dnf upgrade --enablerepo=updates-testing --refresh --advisory=FEDORA-2025-88ba9c2bfa` You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2025-88ba9c2bfa See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates. FEDORA-2025-a393c2585d has been pushed to the Fedora 43 testing repository. Soon you'll be able to install the update with the following command: `sudo dnf upgrade --enablerepo=updates-testing --refresh --advisory=FEDORA-2025-a393c2585d` You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2025-a393c2585d See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates. FEDORA-EPEL-2025-60fd9282ce (opendmarc-1.4.2-33.el10_2) has been pushed to the Fedora EPEL 10.2 stable repository. If problem still persists, please make note of it in this bug report. FEDORA-EPEL-2025-31cde20181 (opendmarc-1.4.2-33.el10_1) has been pushed to the Fedora EPEL 10.1 stable repository. If problem still persists, please make note of it in this bug report. FEDORA-EPEL-2025-aaa6df7fdb (opendmarc-1.4.2-33.el9) has been pushed to the Fedora EPEL 9 stable repository. If problem still persists, please make note of it in this bug report. FEDORA-2025-5f200d6f25 (opendmarc-1.4.2-33.fc42) has been pushed to the Fedora 42 stable repository. If problem still persists, please make note of it in this bug report. FEDORA-EPEL-2025-883e1c0734 (opendmarc-1.4.2-33.el10_0) has been pushed to the Fedora EPEL 10.0 stable repository. If problem still persists, please make note of it in this bug report. FEDORA-2025-88ba9c2bfa (opendmarc-1.4.2-33.fc41) has been pushed to the Fedora 41 stable repository. If problem still persists, please make note of it in this bug report. FEDORA-2025-a393c2585d (opendmarc-1.4.2-33.fc43) has been pushed to the Fedora 43 stable repository. If problem still persists, please make note of it in this bug report. |