Todd Lyons [Wed, 28 May 2014 12:12:00 +0000 (05:12 -0700)]
Merge tag 'exim-4_82_1'
Fix Conflicts:
src/src/dmarc.c
Todd Lyons [Mon, 26 May 2014 19:14:16 +0000 (12:14 -0700)]
SECURITY: DMARC uses From header untrusted data
CVE-2014-2957
To find the sending domain, expand_string() was used to directly parse
the contents of the From header. This passes untrusted data directly
into an internal function. Convert to use standard internal parsing
functions.
Jeremy Harris [Mon, 26 May 2014 15:26:58 +0000 (16:26 +0100)]
Increase limit of smtp_confirmation logging from 100 to 256 chars. Bug 1408
Jeremy Harris [Mon, 26 May 2014 10:47:30 +0000 (11:47 +0100)]
Errorcheck TLS library calls
Jeremy Harris [Mon, 26 May 2014 09:35:50 +0000 (10:35 +0100)]
Restrict certificate name checkin for wildcards.
On more recent OpenSSL library versions the builtin wildcard checking
can take a restriction option that we want, to disallow the more
complex possibilities of wildcarding.
Jeremy Harris [Sun, 25 May 2014 12:21:39 +0000 (13:21 +0100)]
Missing initialiser
Jeremy Harris [Fri, 23 May 2014 17:46:03 +0000 (18:46 +0100)]
Add OpenSSL version check
Jeremy Harris [Fri, 23 May 2014 17:32:48 +0000 (18:32 +0100)]
Add GnuTLS version check
Jeremy Harris [Fri, 23 May 2014 14:50:07 +0000 (15:50 +0100)]
Move OCSP out of EXPERIMENTAL
Jeremy Harris [Thu, 22 May 2014 20:50:27 +0000 (21:50 +0100)]
Compiler quietening. Bug 907
Todd Lyons [Thu, 22 May 2014 20:24:42 +0000 (13:24 -0700)]
Bug 1394: Document how to do per host conn limits
Since the max connections per host setting is computed and enforced
in the master listening process before the fork, there is no easy
way to get an accurate connection count once the Proxy Protocol
negotiation has been done (i.e. in a child process, after the
fork). Rather than try to use a shared mmap file using CAS in the
children to manipulate it, we just advise of a crude version of
max connections per IP be achieved by using ratelimit per_conn in
the connect ACL.
Jeremy Harris [Thu, 22 May 2014 15:22:53 +0000 (16:22 +0100)]
Fix doc for dovecot authenticator. Bugs 1448, 1483
Wolfgang Breyha [Wed, 21 May 2014 15:21:46 +0000 (16:21 +0100)]
RFC3461 support - MIME DSN messages. Bug 118
Jeremy Harris [Tue, 20 May 2014 21:53:48 +0000 (22:53 +0100)]
Eliminate one foolish way to break the build
Todd Lyons [Wed, 21 May 2014 14:03:29 +0000 (07:03 -0700)]
Add PRDR feature output in -bV
Jeremy Harris [Tue, 20 May 2014 20:25:10 +0000 (21:25 +0100)]
Support optional server certificate name checking. Bug 1479
Enable EXPERIMENTAL_CERTNAMES to include.
Jeremy Harris [Tue, 20 May 2014 20:21:11 +0000 (21:21 +0100)]
Final tidyout of EXPERIMENTAL_PRDR
Jeremy Harris [Sat, 17 May 2014 22:43:23 +0000 (23:43 +0100)]
Use accessor functions for OpenSSL internal data
Jeremy Harris [Tue, 13 May 2014 11:27:04 +0000 (12:27 +0100)]
General tidying
Jeremy Harris [Thu, 15 May 2014 23:07:31 +0000 (00:07 +0100)]
Tidy certificate verification logic under OpenSSL
Jeremy Harris [Tue, 13 May 2014 22:50:13 +0000 (23:50 +0100)]
Extractors for certificate time fields support integer output modifier
Jeremy Harris [Tue, 13 May 2014 21:02:51 +0000 (22:02 +0100)]
Extractor for named RDN element types from a certificate DN field.
Todd Lyons [Tue, 13 May 2014 18:36:35 +0000 (11:36 -0700)]
Updated changelog.
Accidentally included the fix for Bug 1119 in the same commit fixing
Proxy Protocol version 2 to match the API change in May 2014.
Todd Lyons [Mon, 12 May 2014 23:15:07 +0000 (16:15 -0700)]
Bug 1394: PPv2 header modifed
The HAProxy dev team adjusted the layout of the 16 byte header to allow
it to be used for SSL connections. Had to adjust PPv2 handling code
and perl proxy emulation script.
Added link to this HAProxy commit in the documentation.
Jeremy Harris [Tue, 13 May 2014 17:54:06 +0000 (18:54 +0100)]
Fix cert fingerprint path to deny noncerts
Jeremy Harris [Tue, 13 May 2014 16:47:04 +0000 (17:47 +0100)]
certextract tidying
Jeremy Harris [Tue, 13 May 2014 14:38:14 +0000 (15:38 +0100)]
Add doc notes on verifying self-signing hosts
Jeremy Harris [Tue, 13 May 2014 15:37:41 +0000 (16:37 +0100)]
Update docs for suggested Ident and PRDR settings
Todd Lyons [Tue, 13 May 2014 15:36:22 +0000 (08:36 -0700)]
Merge branch 'master' of ssh://git.exim.org/home/git/exim
Todd Lyons [Tue, 13 May 2014 15:36:08 +0000 (08:36 -0700)]
Test suite normalize TLS 1.[12] to TLS1
Jeremy Harris [Tue, 13 May 2014 14:44:09 +0000 (15:44 +0100)]
Move PRDR out of EXPERIMENTAL
Todd Lyons [Mon, 12 May 2014 15:12:17 +0000 (08:12 -0700)]
Merge branch 'master' of ssh://git.exim.org/home/git/exim
Todd Lyons [Mon, 12 May 2014 15:03:08 +0000 (08:03 -0700)]
Provide better sprintf debug output for callers
Jeremy Harris [Mon, 12 May 2014 14:30:47 +0000 (15:30 +0100)]
Propagate dnssec status from dnslookup router through transport to tpda
Jeremy Harris [Mon, 12 May 2014 12:54:33 +0000 (13:54 +0100)]
Fix pair of buffer size errors. Bug 1478
Reported-by: David Binderman
Jeremy Harris [Sat, 10 May 2014 14:37:52 +0000 (15:37 +0100)]
New expansion operator sha256 for certificates. Bug 1170
Jeremy Harris [Sun, 11 May 2014 19:27:04 +0000 (20:27 +0100)]
More testcase serialization
Jeremy Harris [Sun, 11 May 2014 11:27:29 +0000 (12:27 +0100)]
Compiler quietening and testcase consistency
Fix an unterminated comment from
018058b
Jeremy Harris [Fri, 9 May 2014 20:40:25 +0000 (21:40 +0100)]
Remove extraneous debug
Jeremy Harris [Wed, 7 May 2014 19:46:49 +0000 (20:46 +0100)]
Make $tls_out_ocsp visible to TPDA (mostly testsuite)
Jeremy Harris [Thu, 8 May 2014 22:29:35 +0000 (23:29 +0100)]
Certificate-related routines only present when TLS is supported
Jeremy Harris [Thu, 8 May 2014 19:38:46 +0000 (20:38 +0100)]
Enable operator md5 and sha1 use on certificate variables. Bug 1170
Jeremy Harris [Tue, 6 May 2014 13:44:21 +0000 (14:44 +0100)]
OCSP observability: variables $tls_{in,out}_ocsp
and smtp transport option hosts_request_ocsp
Jeremy Harris [Tue, 6 May 2014 07:44:59 +0000 (08:44 +0100)]
Refactor tls_client_init interface
Jeremy Harris [Mon, 5 May 2014 15:53:48 +0000 (16:53 +0100)]
Extractors for subject-alternate-name, ocsp-uri, crl-uri return list. Bug 1358
Jeremy Harris [Sun, 4 May 2014 17:28:51 +0000 (18:28 +0100)]
Fix build with OpenSSL on earlier versions.
Centos 6.5 and earlier had a build fail with GENERAL_NAME etc. undefined.
Just include the file defining it even if it's a duplicate on later versions.
Jeremy Harris [Sat, 3 May 2014 20:36:14 +0000 (21:36 +0100)]
More debug output
Jeremy Harris [Sat, 3 May 2014 17:08:19 +0000 (18:08 +0100)]
Restore testsuite operation on earlier GnuTLS libraries
Typo
Jeremy Harris [Sat, 3 May 2014 16:46:23 +0000 (17:46 +0100)]
Restore testsuite operation on earlier GnuTLS libraries
Jeremy Harris [Fri, 2 May 2014 17:50:34 +0000 (18:50 +0100)]
Certificate variables and field-extractor expansions. Bug 1358
Jeremy Harris [Thu, 1 May 2014 22:26:14 +0000 (23:26 +0100)]
Support dnssec in verify-callout use of smtp transport.
Use of dnslookup router support is already present.
Jeremy Harris [Tue, 29 Apr 2014 23:16:30 +0000 (00:16 +0100)]
Cancel in-progress or reject requeted cutthrough when fakereject. Bug 1475
Todd Lyons [Wed, 30 Apr 2014 00:07:04 +0000 (17:07 -0700)]
Merge branch 'master' of ssh://git.exim.org/home/git/exim
Heiko Schlichting [Tue, 2 Apr 2013 19:06:03 +0000 (21:06 +0200)]
Bug 1454: Option -oMm for message reference
Includes docs and test suite
Jeremy Harris [Sun, 27 Apr 2014 17:17:29 +0000 (18:17 +0100)]
Add options dnssec_request_domains, dnssec_require_domains to the smtp transport
Note there are no testsuite cases included.
TODO in this area:
- dnssec during verify-callouts
- dnssec on the forward lookup of a verify=helo and verify=reverse_host_lookup
Jeremy Harris [Thu, 24 Apr 2014 22:28:24 +0000 (23:28 +0100)]
Support OCSP Stapling under GnuTLS. Bug 1459
Requires GnuTLS version 3.1.3 or later.
Under EXPERIMENTAL_OCSP
Jeremy Harris [Thu, 24 Apr 2014 15:41:11 +0000 (16:41 +0100)]
Dnssec observability: add variable $lookup_dnssec_authenticated
Todd Lyons [Thu, 24 Apr 2014 14:54:36 +0000 (07:54 -0700)]
Fix typo in markup. Add .new/.wen.
Lars Timmann [Thu, 24 Apr 2014 00:03:06 +0000 (17:03 -0700)]
Bug 609: Add -C option to exiqgrep
Option is a passthrough to the exim process that it spawns that
generates the queue list.
Fixed Conflicts:
doc/doc-txt/ChangeLog
Jeremy Harris [Wed, 23 Apr 2014 23:49:56 +0000 (00:49 +0100)]
dnssec_strict, _lax, _never modifiers for dnsdb lookups
Lacking testsuite coverage
Heiko Schlichting [Wed, 23 Apr 2014 14:30:41 +0000 (07:30 -0700)]
Bug 1453: Add SERVERS ldap server list override
Todd Lyons [Wed, 23 Apr 2014 12:26:34 +0000 (05:26 -0700)]
Merge branch 'master' of git://git.exim.org/exim
Todd Lyons [Wed, 23 Apr 2014 12:25:54 +0000 (05:25 -0700)]
Make --verbose propogate to html generation script
Phil Pennock [Mon, 21 Apr 2014 23:42:21 +0000 (19:42 -0400)]
Merge remote-tracking branch 'github/pr/13'
(exiqgrep -a support)
mg [Mon, 21 Apr 2014 22:41:34 +0000 (00:41 +0200)]
exiqgrep: add -a to use all recipients (including delivered)
Jeremy Harris [Mon, 21 Apr 2014 15:50:46 +0000 (16:50 +0100)]
Updated GnuTLS error messages
Jeremy Harris [Mon, 21 Apr 2014 15:34:01 +0000 (16:34 +0100)]
Fix testcase "server missing/empty certificate file"
GnuTLS early versions (pre 3.0.0 ?) fail to send a reasonable
client-cert request when tls_verify_certificates is an empty file.
Since the test is for missing *server* certs (tls_certificate)
avoid this by pointing to a real (if non-verifying) cert in
tls_verify_certificates.
Jeremy Harris [Mon, 21 Apr 2014 12:07:17 +0000 (13:07 +0100)]
Fix DISABLE_DNSSEC build
Bad syntax possibly only affected some compilers.
Jeremy Harris [Sun, 20 Apr 2014 22:28:34 +0000 (23:28 +0100)]
Make testcase more robust vs. timing variations
by restricting operations and logging to fewer items of interest
Jeremy Harris [Sun, 20 Apr 2014 20:50:48 +0000 (21:50 +0100)]
Restore testsuite operation under gnuTLS 2.8.5
Jeremy Harris [Sun, 20 Apr 2014 19:53:32 +0000 (20:53 +0100)]
Update testsuite for gnuTLS 3.1.23
Jeremy Harris [Sun, 20 Apr 2014 15:44:52 +0000 (16:44 +0100)]
Add options dnssec_request_domains, dnssec_require_domains to the dnslookup router
Note there are no testsuite cases included.
TODO in this area:
- dnssec during verify-callouts
- dnssec during dnsdb expansions
- dnssec on the forward lookup of a verify=helo and verify=reverse_host_lookup
- observability of status of requested dnssec
Jeremy Harris [Sun, 20 Apr 2014 15:44:52 +0000 (16:44 +0100)]
Fix handling of $tls_cipher et.al. in (non-verify) transport. Bug 1455
The split of these variables into _in and _out sets introduced by d9b231
in 4.82 was incomplete, leaving the deprecated legacy variables nonfunctional
during a transport and associated client authenticator.
Fix by repointing the legacy set to the outbound connection set at
transport startup (and do not clear out the inbound set at this
time, either).
Todd Lyons [Sat, 19 Apr 2014 17:28:32 +0000 (10:28 -0700)]
Copyright year updates:
vim $(git whatchanged --since=2014-01-01 | grep '^:100' | sed 's/^[^M]*M//' | sort -u | fgrep -v test/)
Todd Lyons [Thu, 17 Apr 2014 18:58:09 +0000 (11:58 -0700)]
Fix Proxy Protocol v2 handling
Change recv() to not use MSGPEEK and eliminated flush_input().
Add proxy_target_address/port expansions.
Convert ipv6 decoding to memmove().
Use sizeof() for variable sizing.
Correct struct member access.
Enhance debug output when passed invalid command/family.
Add to and enhance documentation.
Client script to test Proxy Protocol, interactive on STDIN/STDOUT,
so can be chained (ie a swaks pipe), useful for any service, not
just Exim and/or smtp.
Jeremy Harris [Fri, 18 Apr 2014 13:21:59 +0000 (14:21 +0100)]
Fix logging of nomail
When built with TLS support, non-TLS connections not resulting in mail transfer were crashing while
building a log line. Fix by not returning a non-extensible string from the routine added in
67d81c1.
Phil Pennock [Wed, 16 Apr 2014 06:25:45 +0000 (23:25 -0700)]
Bail configuration on missing package
If we're configured to use pkg-config (or pcre-config) and the tool is
not available or does not know about the package we ask for, that should
be a fatal configuration error.
We should not silently ignore the missing package, then try to compile,
and have missing header warnings from the compiler. Eg, if we're told
to support GSASL, we'll try to compile the client code, and without
compiler flags, we'll either fail to compile (missing headers) or fail
to link, which obscures the source of the errors.
This change will only break people who had builds set to have Exim
depend upon non-existent packages, and that _needs_ to break.
Phil Pennock [Wed, 16 Apr 2014 02:43:31 +0000 (19:43 -0700)]
Report OpenSSL build date too.
Adjust `-d -bV` output for OpenSSL to include library build date.
Some OS packagers have backported heartbleed security fixes without
changing anything in the reported version number. The closest we can
get to a reassuring sign for administrators is to report the OpenSSL
library build date, as picked by the library which Exim is using at run
time.
```
Library version: OpenSSL: Compile: OpenSSL 1.0.1g 7 Apr 2014
Runtime: OpenSSL 1.0.1g 7 Apr 2014
: built on: Mon Apr 7 15:08:30 PDT 2014
```
For comparison, the version information for OpenSSL on Ubuntu (where
Exim is by default built with GnuTLS, but this provides for context for
comparison):
```
$ openssl version -v -b
OpenSSL 1.0.1 14 Mar 2012
built on: Mon Apr 7 20:33:29 UTC 2014
```
GnuTLS: the closest I can find to a runtime value is the call we are
already making; if an OS vendor patches GnuTLS without changing the
version which would be returned by `gnutls_check_version(NULL)` then the
sysadmin is SOL and will have to explore library linkages more
carefully.
Todd Lyons [Tue, 15 Apr 2014 20:22:46 +0000 (13:22 -0700)]
Make dmarc code c89 compliant
Todd Lyons [Tue, 15 Apr 2014 20:10:59 +0000 (13:10 -0700)]
Add back deprecated SPF error conditions
Previous patch introduced a change that could break existing SPF
configurations. Add back the two non-standard "err_temp" and
"err_perm" result values, with note that it is deprecated and
will be removed in a future release.
Todd Lyons [Sat, 12 Apr 2014 17:42:52 +0000 (10:42 -0700)]
Add expansion for DMARC policy
New variable is $dmarc_domain_policy
Todd Lyons [Tue, 15 Apr 2014 16:53:43 +0000 (09:53 -0700)]
Merge branch 'master' of ssh://git.exim.org/home/git/exim
Fixed Conflicts:
doc/doc-txt/ChangeLog
Todd Lyons [Tue, 15 Apr 2014 16:52:22 +0000 (09:52 -0700)]
De-duplicate two documentation sections
Axel Rau [Mon, 14 Apr 2014 19:02:41 +0000 (20:02 +0100)]
Update ${utf8clean }. Bug 1401
Jeremy Harris [Sun, 13 Apr 2014 16:43:11 +0000 (17:43 +0100)]
Fix build for update on library component.
When, eg, the smtp transport is changed the transports library must be rebuilt.
Fix the main makefile to not assume that the date on the library .a is sufficient,
but always call the library subdir makefiles.
Jeremy Harris [Sun, 30 Mar 2014 20:48:32 +0000 (21:48 +0100)]
More care with headers add/remove lists. Bug 1452
As a side-effect, playing games with newlines no longer gives an altered message body/
Testcase 0324 is questionable (though passing)
Todd Lyons [Wed, 9 Apr 2014 16:11:21 +0000 (17:11 +0100)]
dnsdb tlsa lookup
Todd Lyons [Wed, 26 Mar 2014 23:05:13 +0000 (16:05 -0700)]
Print support for Experimental Proxy with -bV
Jeremy Harris [Sun, 23 Mar 2014 22:53:06 +0000 (22:53 +0000)]
Fix string_unprinting()
Jeremy Harris [Thu, 20 Mar 2014 20:09:08 +0000 (20:09 +0000)]
Future-proof OpenSSL version string. Bug 1421
Jeremy Harris [Wed, 19 Mar 2014 21:16:37 +0000 (21:16 +0000)]
Fix testcase for GnuTLS tls_require_ciphers
Jeremy Harris [Wed, 19 Mar 2014 20:14:24 +0000 (20:14 +0000)]
Docs for transport tls_verify_hosts &c.
Wolfgang Breyha [Tue, 18 Mar 2014 16:03:43 +0000 (16:03 +0000)]
Add tls_verify_hosts and tls_try_verify_hosts to smtp transport, GnuTLS.
Jeremy Harris [Wed, 19 Mar 2014 19:46:35 +0000 (19:46 +0000)]
Fix testsuite GnuTLS case for
511a6c1
Jeremy Harris [Tue, 18 Mar 2014 16:17:56 +0000 (16:17 +0000)]
Fix ACL "condition =" for negative number values. Bug 1005
Fix conditional "bool{<string>}" for negative number values, to match.
Heiko Schlittermann [Sun, 16 Mar 2014 22:29:59 +0000 (22:29 +0000)]
Enforce that only smtp transports can be used for verify callouts. Bug 1445
Jeremy Harris [Sun, 16 Mar 2014 17:22:56 +0000 (17:22 +0000)]
Support transport-added headers under cutthrough delivery. Bug 1431
Wolfgang Breyha [Sat, 15 Mar 2014 14:16:05 +0000 (14:16 +0000)]
Add tls_verify_hosts and tls_try_verify_hosts to smtp transport. Bug 1371
Code by Wolfgang Breyha, docs and testsuite by Jeremy Harris
Jeremy Harris [Sat, 15 Mar 2014 14:06:07 +0000 (14:06 +0000)]
Testcases
Jeremy Harris [Sat, 15 Mar 2014 12:29:31 +0000 (12:29 +0000)]
Add documentation