TDP issues and PRs

[flowerysong]

PRs:

• Added ability to use custom resolver trusteddomainproject/OpenARC#91: superseded by 207e585
• Spec file cleanup trusteddomainproject/OpenARC#103: outdated
• ignore unknown methods trusteddomainproject/OpenARC#116
• Docker Support and INSTALL.md trusteddomainproject/OpenARC#120: no
• Insert initial headers like Authentication-Results before the MTA’s Received header trusteddomainproject/OpenARC#141
• Add ‘UMask’ parameter trusteddomainproject/OpenARC#144
• Quote results in Authentication-Results if necessary trusteddomainproject/OpenARC#145
• systemd: use Type=simple and no fork to avoid PIDFile race trusteddomainproject/OpenARC#154
• Add human readable name of chain state to info message (develop) trusteddomainproject/OpenARC#158
• Domain/Selector/KeyFile no longer mandatory in verifying mode trusteddomainproject/OpenARC#159
• fix header canonicalization eol wrap trusteddomainproject/OpenARC#160: mismatch between description and code, unclear what problem this is attempting to address.
• BUFRSZ too small truncating arc sig trusteddomainproject/OpenARC#161
• Fix null deref in arc_message() / Add signature margin wrapping / Add arc_get_cv() trusteddomainproject/OpenARC#166: based on wrong branch, mix of unrelated changes
• Fix invalid ARC-Seal when email contains existing sets trusteddomainproject/OpenARC#167
• Fix verification when key specifies hash algorithm trusteddomainproject/OpenARC#168
• Ensure received emails with no chain are signed correctly trusteddomainproject/OpenARC#170: duplicate of bbe5279
• autoconf.ac: Remove obsolete macros and fix AC_OUTPUT trusteddomainproject/OpenARC#171: superseded by 0676227
• Fix failed signatures with multiple transitions trusteddomainproject/OpenARC#173: superseded by 63fd6e8
• issue #174: Fix incomplete AAR header if there is no own AR header trusteddomainproject/OpenARC#176: superseded by 9dc8658 and 63fd6e8
• Improve AR parser trusteddomainproject/OpenARC#177
• Remove unused buffer 'confstr' in arcf_config_load trusteddomainproject/OpenARC#178
• libopenarc: Check length of header field name tightly. trusteddomainproject/OpenARC#179
• openarc: Avoid truncate ARC set headers trusteddomainproject/OpenARC#180

Issues:

• Add ability to control tag ordering in signature/seal generation trusteddomainproject/OpenARC#21: the ValiMail test suite is dead and nothing has taken its place, our tests don't currently have a reason they would need this
• Please provide correct/detailed pointer to Mailing lists mentioned in README trusteddomainproject/OpenARC#49: mailing list references have been removed
• Core Dump if cert ownership not same as process user trusteddomainproject/OpenARC#65: failure is expected without Add RequireSafeKeys #5, core dump is not but is also not replicable
• Google fails to verify ARC trusteddomainproject/OpenARC#66: last user report was that Google verification worked
• crash on check configuration trusteddomainproject/OpenARC#72: configs with and without InternalHosts are tested by the test suite, and do not crash
• OpenARC failing to sign previously ARC signed messages trusteddomainproject/OpenARC#74: last user report was that it was fixed
• OpenARC doesn't sign the correct headers when a failing chain is detected trusteddomainproject/OpenARC#75: Sign only our ARC headers when sealing failed chains #6
• "Simple" header canonicalization tests from ValiMail suite failing trusteddomainproject/OpenARC#87: Fix simple canonicalization #11 fixes generation of signatures with simple header canonicalization, but it's very hard to find another piece of software capable of generating these signatures to check if validation is still wrong in some way (everyone else seems to hardcode relaxed.) The ValiMail test suite examples currently pass but are unsuitable for ongoing use because they predate several hard requirements in the spec.
• Memory leak in OpenARC-1.0.0.Beta.0 trusteddomainproject/OpenARC#97: probably fixed in TDP or by 4601503, there were some paths where things weren't freed that I addressed.
• beta0 possible fails trusteddomainproject/OpenARC#98: fixed in Beta1
• [patch] Fix a bug preventing load of InternalHosts network/host list trusteddomainproject/OpenARC#101: bug had already been fixed before report was opened
• openSUSE build service failures for RHEL7 trusteddomainproject/OpenARC#102: uninteresting
• openarc beta0 crash trusteddomainproject/OpenARC#111: 839052d
• OpenARC is generating invalid ARC headers trusteddomainproject/OpenARC#113: fixed
• Where's the INSTALL file? trusteddomainproject/OpenARC#118: 3cb5100
• Support KeyTable & SigningTable parameters trusteddomainproject/OpenARC#122: I'm not convinced this is a useful configuration for ARC signers, I'm not going to prioritize implementing it.
• ares_parse() fails on outlook.com/alum.mit.edu added header trusteddomainproject/OpenARC#131: the reported AR headers are invalid, so OpenARC is correct to say that they're invalid.
• RequireSafeKeys config option missing in openarc trusteddomainproject/OpenARC#132: Add RequireSafeKeys #5
• autoconf 2.70 - configure.ac has obselete macros  trusteddomainproject/OpenARC#134: 0676227
• Please create a "Stable" tag that I can base a freebsd port on trusteddomainproject/OpenARC#135: uninteresting
• Please create a tag to base a FreeBSD port on. trusteddomainproject/OpenARC#136: duplicate of 135
• messages from o365: arc=fail trusteddomainproject/OpenARC#137: 3ff7b30
• Domain/Selector/KeyFile should not be mandatory in verifying mode trusteddomainproject/OpenARC#142: c2344f0
• OpenARC produces invalid Authentication-Results trusteddomainproject/OpenARC#143: 9542167 and 52b28e9 (more comprehensive application of quoting)
• Do not add Authentication-Results header when no ARC chain is present trusteddomainproject/OpenARC#146: Add AuthResIP config flag #10
• arcf_config_free(): don't assert conf->conf_refcnt == 0 trusteddomainproject/OpenARC#147: duplicate of 111
• OpenARC is (according to Zoho) creating a bad signature on outbound email trusteddomainproject/OpenARC#149: last user report was that Zoho verification worked
• Release Key for OpenARC Builds has expired trusteddomainproject/OpenARC#150: uninteresting
• Post-install script bug - part of openARC or the package maintainer? trusteddomainproject/OpenARC#151: uninteresting
• Link to mailing lists is broken, please replace "http://www.trusteddomain.org" by "https://openarc.org" in README.md trusteddomainproject/OpenARC#156: duplicate of 49
• Should I be using this? trusteddomainproject/OpenARC#157: uninteresting
• Simple tweak greatly improves header readability trusteddomainproject/OpenARC#162: I'm going to assume this is something like b50efaa
• openARC handles Authentication-Results parsing badly, and thus ignores valid auth headers. trusteddomainproject/OpenARC#163: the reported AR headers parse fine under both old and updated AR parsing
• ARC-Authentication-Results, openarc not working correctly, RHEL7 trusteddomainproject/OpenARC#164: user configuration issue
• Verifying, modifying and then signing emails results broken chain trusteddomainproject/OpenARC#169: bbe5279
• Messages transitioning multiple times in the same Authserv-ID produce result of fail trusteddomainproject/OpenARC#172: 63fd6e8
• Incomplete AAR header is generated if there is no own AR header. trusteddomainproject/OpenARC#174: 9dc8658 and 63fd6e8

[flowerysong]

All open issues and PRs from https://github.com/trusteddomainproject/OpenARC have been reviewed and either addressed or rejected.

[lquidfire]

Thank you for doing this mountain of work!

The Archlinux wiki now includes a link to this OpenARC fork.