Phil Pennock [Sat, 31 Mar 2018 02:28:20 +0000 (22:28 -0400)]
Merge branch 'dane_require_tls_ciphers'
New SMTP Transport option for simplified improved security for DANE.
Jeremy Harris [Fri, 30 Mar 2018 16:36:30 +0000 (17:36 +0100)]
Testsuite: avoid ipv6 use in dane_require_tls_ciphers testcases
Jeremy Harris [Fri, 30 Mar 2018 14:50:35 +0000 (15:50 +0100)]
Testcases for dane_require_tls_ciphers
Phil Pennock [Thu, 29 Mar 2018 03:01:34 +0000 (23:01 -0400)]
Implement dane_require_tls_ciphers (theoretically)
It compiles with OpenSSL, on Darwin (if restore Darwin OS).
It doesn't crash immediately, but more testing is needed from a place
where port 25 is not just blocked.
Phil Pennock [Thu, 29 Mar 2018 01:41:20 +0000 (21:41 -0400)]
Document new dane_require_tls_ciphers
Haven't written the code yet, but writing the docs first helped me
affirm that this makes sense and feels clean. Code in next commit.
Jeremy Harris [Wed, 28 Mar 2018 13:15:23 +0000 (14:15 +0100)]
ARC: log signing-spec errors in mainlog only, not paniclog
Jeremy Harris [Tue, 27 Mar 2018 21:01:03 +0000 (22:01 +0100)]
ARC: enhance debug for signing; explicitly init signing context
Jeremy Harris [Mon, 26 Mar 2018 17:44:33 +0000 (18:44 +0100)]
Fix non-ARC build
Jeremy Harris [Mon, 26 Mar 2018 16:30:47 +0000 (17:30 +0100)]
ARC: add guard in verify against lack of the dkim-verify context
needed for body-hashing
Jeremy Harris [Mon, 26 Mar 2018 15:59:29 +0000 (16:59 +0100)]
Cutthrough: for an onward finaldot timeout, generate an initator 450 in defer=pass mode
Jeremy Harris [Mon, 26 Mar 2018 14:59:25 +0000 (15:59 +0100)]
ARC: cutthrough delivery may not be used with ARC signing
Jeremy Harris [Mon, 26 Mar 2018 14:53:49 +0000 (15:53 +0100)]
Cutthrough: enforce non-use in combination with DKIM signing or transport filter
Broken-by: 02b41d7106
Phil Pennock [Mon, 26 Mar 2018 16:24:48 +0000 (12:24 -0400)]
Add ARC signing caveats
Jeremy Harris [Mon, 26 Mar 2018 12:49:52 +0000 (13:49 +0100)]
SPF: remove the deprecated "err_temp" and "err_perm" result names
Jeremy Harris [Mon, 26 Mar 2018 12:30:13 +0000 (13:30 +0100)]
DKIM: document proper
Ed25519 key-generation methods; remove helper program
Jeremy Harris [Mon, 26 Mar 2018 11:23:59 +0000 (12:23 +0100)]
Expand directory opetion for queuefile transport
Jeremy Harris [Mon, 26 Mar 2018 11:20:50 +0000 (12:20 +0100)]
Remove extraneus line - benign but pointless.
Broken-by: 9e70917d0a
Jeremy Harris [Sun, 25 Mar 2018 16:14:41 +0000 (17:14 +0100)]
Testsuite: for SPF tests, avoid using the ipv4 address
Jeremy Harris [Sun, 25 Mar 2018 15:42:34 +0000 (16:42 +0100)]
Add non-mtp source info to ${authres }
Jeremy Harris [Sun, 25 Mar 2018 13:08:36 +0000 (14:08 +0100)]
DKIM: document generation of RSA keys
Jeremy Harris [Sat, 24 Mar 2018 23:35:00 +0000 (23:35 +0000)]
DKIM: document
Ed25519 private key generation under OpenSSL (1.1.1+)
Jeremy Harris [Sat, 24 Mar 2018 15:19:27 +0000 (15:19 +0000)]
DKIM: move ed25519_privkey_pem_to_pubkey_raw_b64 to src/util/ and add usage notes to docs
Jeremy Harris [Sat, 24 Mar 2018 18:38:15 +0000 (18:38 +0000)]
Docs: more on ${authresults }
Jeremy Harris [Sat, 24 Mar 2018 13:53:50 +0000 (13:53 +0000)]
ARC: give more detail with "bad signing-spec" message
Jeremy Harris [Sat, 24 Mar 2018 13:43:01 +0000 (13:43 +0000)]
Mark variables that are unused before release of store in the queue-list loop
Phil Pennock [Fri, 23 Mar 2018 22:34:21 +0000 (18:34 -0400)]
Address jgh notes re OpenSSL
* `/usr/local` is fair, on Linux, but I deliberately picked something
specific to OpenSSL to make the context clear and limit bad
interactions with other locally-installed software.
* `RPATH` and `RUNPATH` are not the same and are deeply twisty in their
interactions.
<https://blog.qt.io/blog/2011/10/28/rpath-and-runpath/> is a decent
summary.
Jeremy Harris [Fri, 23 Mar 2018 16:45:03 +0000 (16:45 +0000)]
ARC: For signing, accept A-R header lacking ARC info as equivalent to "none"
Jeremy Harris [Fri, 23 Mar 2018 16:42:47 +0000 (16:42 +0000)]
Docs: typo
Jeremy Harris [Fri, 23 Mar 2018 12:18:53 +0000 (12:18 +0000)]
Fix spool_wireformat final-dot on LMTP transport. Bug 2258
Broken-by: 328c5688db
Jeremy Harris [Fri, 23 Mar 2018 11:06:35 +0000 (11:06 +0000)]
ARC: add independent-source testcase. Fix signatures by not line-terminating
last header line being hashed.
Graeme Fowler [Fri, 23 Mar 2018 12:00:54 +0000 (12:00 +0000)]
exiqsumm fix: Check @ARGV exists before testing it
Heiko Schlittermann (HS12-RIPE) [Thu, 22 Mar 2018 22:32:53 +0000 (23:32 +0100)]
Set a TERM handler to terminate properly if running as PID 1
Jeremy Harris [Thu, 22 Mar 2018 13:26:58 +0000 (13:26 +0000)]
SPF: additional variable $spf_result_guessed; tweak authresults string indicating guess
Jeremy Harris [Wed, 21 Mar 2018 11:34:22 +0000 (11:34 +0000)]
Pipe transport, part two. Bug 2257
Jeremy Harris [Tue, 20 Mar 2018 22:11:24 +0000 (22:11 +0000)]
ARC: AS header should have no c= tag
Jeremy Harris [Tue, 20 Mar 2018 19:58:00 +0000 (19:58 +0000)]
ARC: on the smtp transport option take empty or forced-fail to disable signing
Phil Pennock [Wed, 21 Mar 2018 01:43:16 +0000 (21:43 -0400)]
Not all the world is binutils ld
Jeremy Harris [Tue, 20 Mar 2018 17:54:47 +0000 (17:54 +0000)]
Fix pipe transport to not use a socket-only syscall. Bug 2257
Broken-by: 42055a3385
Jeremy Harris [Tue, 20 Mar 2018 16:40:31 +0000 (16:40 +0000)]
DKIM: harden signature header parsing
Jeremy Harris [Mon, 19 Mar 2018 00:37:28 +0000 (00:37 +0000)]
LibreSSL version numbering differe from OpenSSL
Jeremy Harris [Sun, 18 Mar 2018 19:07:50 +0000 (19:07 +0000)]
DMARC: tescase
Extremely basic; we have no control of the DNS use of the dmarc library
Jeremy Harris [Sun, 18 Mar 2018 18:56:13 +0000 (18:56 +0000)]
DMARC: if ACL condition not called, do not add anything to authres string
Previously "skipped" was added; that is no only done for an actual
call which could not be completed
Jeremy Harris [Sun, 18 Mar 2018 18:48:13 +0000 (18:48 +0000)]
Unbreak DMARC
Broken-by: c780096c29
Jeremy Harris [Sun, 18 Mar 2018 15:42:39 +0000 (15:42 +0000)]
DMARC: add results to generic authres string; remove $dmarc_ar_header
Jeremy Harris [Sat, 17 Mar 2018 23:50:19 +0000 (23:50 +0000)]
typo
Jeremy Harris [Sat, 17 Mar 2018 23:39:54 +0000 (23:39 +0000)]
DKIM:
Ed25519 signatures under OpenSSL (1.1.1 or later)
OpenSSL 1.1.1 is not released yet, but operation has been checked against the current source
Jeremy Harris [Sat, 17 Mar 2018 15:19:08 +0000 (15:19 +0000)]
DMARC: add variables to list of those now-unused at the tail of the SMTP per-message loop
Jeremy Harris [Sat, 17 Mar 2018 14:56:49 +0000 (14:56 +0000)]
Build-variant tidyup
Phil Pennock [Sat, 17 Mar 2018 01:57:14 +0000 (21:57 -0400)]
openssl: use += for LDFLAGS, drop env PC docs
Using `LDFLAGS=` instead of `LDFLAGS+=` will stomp over an earlier
setting of LDFLAGS, and the DMARC support is now further up in
`src/EDITME`, thus likely to get stomped upon.
Rather than continue to document using `PKG_CONFIG_PATH` via env, the
in-Local/Makefile support has been around for a little while now, so go
ahead and make that the only way we suggest here.
Add a mention of _why_ we use both `USE_OPENSSL_PC` and `LDFLAGS`.
Jeremy Harris [Wed, 14 Mar 2018 12:43:58 +0000 (12:43 +0000)]
Fix heavy-pipeline SMTP command input corruption. Bug 2250
Jeremy Harris [Thu, 15 Mar 2018 20:22:06 +0000 (20:22 +0000)]
Docs: copyright year
Jeremy Harris [Thu, 15 Mar 2018 15:44:58 +0000 (15:44 +0000)]
Docs: changemar markup
Jeremy Harris [Thu, 15 Mar 2018 14:23:04 +0000 (14:23 +0000)]
Mark variables that are unused before release of store in the receive message loop
Graeme Fowler [Thu, 15 Mar 2018 12:22:43 +0000 (12:22 +0000)]
NewStuff & doc addition for redis cluster changes
Jeremy Harris [Tue, 13 Mar 2018 20:04:03 +0000 (20:04 +0000)]
ARC: add $arc_state, $arc_state_reason and add reason to authres string
Jeremy Harris [Tue, 13 Mar 2018 16:27:54 +0000 (16:27 +0000)]
Mark variables unused before release of store in the queue-runner loop
Jeremy Harris [Tue, 13 Mar 2018 15:01:42 +0000 (15:01 +0000)]
tidying
Jeremy Harris [Tue, 13 Mar 2018 13:52:26 +0000 (13:52 +0000)]
Mark variables unused before release of store in the daemon loop
Jeremy Harris [Mon, 12 Mar 2018 14:04:11 +0000 (14:04 +0000)]
Compiler quietening
Heiko Schlittermann (HS12-RIPE) [Mon, 12 Mar 2018 22:53:13 +0000 (23:53 +0100)]
Fix memory leak during build process (Bug 2183)
(Normally we don't care about leaks in short lived processes we use
during build time. But as -fsanitize=address breaks the build in an
early stage, the leak is fixed now.)
Thanks to Andrew Aitchison.
Tomas Hoger [Wed, 7 Mar 2018 10:30:18 +0000 (11:30 +0100)]
Fix dec64table[] OOB read in b64decode()
Possible values for y at this point are 0..255. However, dec64table[]
only has 128 entries and hence valid indexes are 0..127. The values of
y greater than 127 trigger out of bounds read. As dec64table[] is in
the data segment, the OOB access is not detected by tools as valgrind or
ASAN. This adds a check to ensure y is less than or equal to 127, just
like in other cases where dec64table[] is accessed.
Note that removal of the y == 0 condition is not a problem, as
dec64table[0] == 255, so the second part of the condition is true.
Heiko Schlittermann (HS12-RIPE) [Sat, 10 Mar 2018 03:30:56 +0000 (04:30 +0100)]
Update to protocol used by avast 2.2.0 (Multiline responses) (Bug 2112)
Based on a patch by Victor Ustugov.
Jeremy Harris [Sun, 11 Mar 2018 21:38:57 +0000 (21:38 +0000)]
ARC: options on the verify
Jeremy Harris [Sun, 11 Mar 2018 18:46:23 +0000 (18:46 +0000)]
Fix ldap lookups for zero-length attribute value. Bug 2251
Broken-by: acec9514b1
Jeremy Harris [Sun, 11 Mar 2018 18:52:54 +0000 (18:52 +0000)]
tidying
Jeremy Harris [Sun, 11 Mar 2018 17:18:01 +0000 (17:18 +0000)]
ARC: compiler quietening
Simon Arlott [Sun, 11 Mar 2018 16:25:28 +0000 (16:25 +0000)]
PRDR: append overall DATA acceptance message to delivery log line "C=" item. Bug 2253
It can have useful tracking info from the destination, eg. their message Id.
Jeremy Harris [Fri, 9 Mar 2018 16:34:08 +0000 (16:34 +0000)]
Extra checks on inbound SMTP stream buffer refill
Heiko Schlittermann (HS12-RIPE) [Sat, 10 Mar 2018 00:51:20 +0000 (01:51 +0100)]
Do not use bashism in /bin/sh scrit (Bug 2249)
Graeme Fowler [Fri, 9 Mar 2018 17:32:55 +0000 (17:32 +0000)]
Copy/paste fail on end of Perl line (thanks JGH)
Graeme Fowler [Fri, 9 Mar 2018 15:34:13 +0000 (15:34 +0000)]
Handle testsuite dual-daemon redis start/reap
Graeme Fowler [Wed, 7 Mar 2018 17:41:23 +0000 (17:41 +0000)]
Redis cluster DEFER & test results corrected
Jeremy Harris [Tue, 6 Mar 2018 12:13:14 +0000 (12:13 +0000)]
DANE: add dane:fail event
Jeremy Harris [Tue, 6 Mar 2018 16:23:31 +0000 (16:23 +0000)]
Testsuite: GnuTLS version of DANE/events testcase
Followon from:
c0635b6dfe
Jeremy Harris [Mon, 5 Mar 2018 11:14:28 +0000 (11:14 +0000)]
Docs: expand DKIM verification notes
Graeme Fowler [Tue, 6 Mar 2018 15:38:31 +0000 (15:38 +0000)]
Test suite case for redis cluster MOVED response
Graeme Fowler [Tue, 6 Mar 2018 15:36:55 +0000 (15:36 +0000)]
Correction on string comparison
Graeme Fowler [Tue, 6 Mar 2018 11:32:08 +0000 (11:32 +0000)]
Changelog entry for redis cluster MOVED handling
Graeme Fowler [Tue, 6 Mar 2018 11:24:10 +0000 (11:24 +0000)]
Cheap method to follow redis cluster MOVED replies
Jeremy Harris [Sun, 4 Mar 2018 15:48:32 +0000 (15:48 +0000)]
Testsuite: make 4560 more testhost-name independent
Jeremy Harris [Sat, 3 Mar 2018 18:45:23 +0000 (18:45 +0000)]
Testsuite: for DKIM sha512 verify, use a test signed mail produced by Exim
This is a temporary measure until Mail::DKIM::Signer can handle rsa-sha512 -
it gives us the internal consistency check but not we would like the independent
confirmation of correctness
Jeremy Harris [Sat, 3 Mar 2018 18:13:58 +0000 (18:13 +0000)]
Testsuite: for DKIM signing, store resulting mail for comparison
Jeremy Harris [Fri, 2 Mar 2018 23:53:32 +0000 (23:53 +0000)]
ARC initial implementation. Experimental. Bug 2162
Jeremy Harris [Mon, 26 Feb 2018 14:55:31 +0000 (14:55 +0000)]
Testsuite: ensure logging path is set
Jeremy Harris [Sun, 25 Feb 2018 15:24:26 +0000 (15:24 +0000)]
Auths: for A-R header, and SMTP auth, note the public-name not the authenticator name
Also, for TLS auth use a custom propspec
Phil Pennock [Sun, 25 Feb 2018 07:51:22 +0000 (02:51 -0500)]
meta: git controls for text changelogs; github controls
For the ChangeLog and files like it, use `merge=union` to bring in
content from both sides instead of having conflicts block merges because
someone else added a feature.
For GitHub, provide some "templates" which really just point people in
the right direction, but if the repointing fails, at least reduces the
pain a little.
Jeremy Harris [Sat, 24 Feb 2018 20:04:25 +0000 (20:04 +0000)]
I18N: Fix utf8_downconvert propagation through a redirect router
Jeremy Harris [Thu, 22 Feb 2018 23:52:17 +0000 (23:52 +0000)]
OpenSSL: revert needless free of certificate list. The library handlies it internally.
Reported-by: Torsten Tributh
Jeremy Harris [Thu, 22 Feb 2018 14:26:57 +0000 (14:26 +0000)]
WIP
Jeremy Harris [Thu, 22 Feb 2018 12:15:35 +0000 (12:15 +0000)]
Testsuite: output changes in SPF testcase
Jeremy Harris [Thu, 22 Feb 2018 11:26:34 +0000 (11:26 +0000)]
Fix exim_dbmbuild to permit directoryless filenames. Bug 2242
Broken-by: 0a6c178c6c
Wolfgang Breyha [Mon, 19 Feb 2018 18:27:55 +0000 (18:27 +0000)]
OpenSSL: Fix memory leak during multi-message connections using STARTTLS
Reported-by: Wolfgang Breyha
Fix-by: Wolfgang Breyha, with additions from Jeremy Harris
Jeremy Harris [Sun, 18 Feb 2018 16:22:52 +0000 (16:22 +0000)]
Expansions: make ${authresults } usable in a named ACL
This will be more common than directly in the acl_smtp_data option,
and suffers one less expansion in operation.
Jeremy Harris [Sun, 18 Feb 2018 15:52:33 +0000 (15:52 +0000)]
Debug: fix output for acl add_header
Jeremy Harris [Sun, 18 Feb 2018 12:17:30 +0000 (12:17 +0000)]
typo
Jeremy Harris [Sun, 18 Feb 2018 11:25:33 +0000 (11:25 +0000)]
DMARC: fix result reporting when a DKIM ACL overrides the verify result. Bug 2236
Jeremy Harris [Sun, 18 Feb 2018 00:33:28 +0000 (00:33 +0000)]
Expansions: new ${authresults {mch}} for an Authentication-Results header
Jeremy Harris [Sat, 17 Feb 2018 16:53:27 +0000 (16:53 +0000)]
Fix memory leak during multi-message reception using STARTTLS
Reported-by: Wolfgang Breyha
Jeremy Harris [Sat, 17 Feb 2018 16:44:47 +0000 (16:44 +0000)]
Avoid minor memleak during multi-message STARTTLS'd conns
As STARTTLS/EHLO is repeated per message, we should free mem used for EHLO-dependent hostnames
Jeremy Harris [Sat, 17 Feb 2018 16:43:44 +0000 (16:43 +0000)]
tidying