diff options
Diffstat (limited to 'Changelog')
-rw-r--r-- | Changelog | 156 |
1 files changed, 151 insertions, 5 deletions
@@ -1,3 +1,149 @@ +interimap (0.5.7) upstream; + + * interimap: create database with mode 0600 (but don't change mode of + existing databases). The file was previously created with mode 0644 + minus umask restrictions, which for permissive umask(2)s is too open. + That being said its parent directory is created with restricted mode + 0700 so the impact is limited. pullimap, on the other hand, already + used mode 0600 for state file creation. + * Major Makefile refactoring: improve DESTDIR= handling, add new + targets 'all-nodoc', 'install-nodoc', and 'installcheck'. Also, + rename 'test' target to 'check'. + * `make install` now installs Net/IMAP/InterIMAP.pm to + /usr/local/lib/site_perl by default rather than /usr/local/share/perl5 + (which is not in @INC as of perl 5.34.0-3 from Debian sid). The + installation directory is configurable with sitelib=. + * Refactor test harness so one can check the source with `tests/run + foo`; what's been built with `INTERIMAP_I=./lib INTERIMAP_PATH=./build + ./tests/run foo`, and what's installed with `INTERIMAP_I="" + INTERIMAP_PATH=/usr/bin tests/run foo`. + * Split interimap and pullimap test suites. + + Improve message for missing untagged UIDNEXT responses, which we + require but are omitted from some servers. + + tests/tls-protocols: downgrade OpenSSL security level to 0, which is + required to test TLS version <1.2 on systems with higher security + levels, see SSL_CTX_set_security_level(3ssl). Adapted from a patch + from <xnox> for Unbuntu. + + tests/tls-*: bump Dovecot's ssl_min_protocol to TLSv1.2, which is the + default as of dovecot 1:2.3.18+dfsg1-1 from Debian sid. + + `make clean` now cleans test certificates and key material. + + Add 'use lib "./lib";' to interimap and pullimap, so the programs can + be run directly from the source directory. The directory is + substituted with $(sitelib) at compile time (and the line is commented + out if $(sitelib) is found in @INC). + + doc/build.md: update documentation, and add a new section for how to + install without root privileges. + + Add Documentation=https://guilhem.org/interimap/... URIs to .service + files. + - Don't hardcode path to interimap/pullimap in .service files, and + instead use $(bindir) (expanded at compile time). + - tests/certs/generate: redirect known error output to the standard + output. + - tests/certs/generate: use custom openssl.cnf to avoid depending on + the system default. + - tests/pullimap: allow easy exclusion of --idle'ing tests. + + -- Guilhem Moulin <guilhem@fripost.org> Sun, 27 Feb 2022 16:24:31 +0100 + +interimap (0.5.6) upstream; + + - Bump required Net::SSLeay version to 1.86_06 as it's when get_version() + was introduced. + - doc/template.html: remove type attribute from <style/> element. + + -- Guilhem Moulin <guilhem@fripost.org> Fri, 01 Jan 2021 16:05:53 +0100 + +interimap (0.5.5) upstream; + + * libinterimap: remove default SSL_protocols value "!SSLv2 !SSLv3 + !TLSv1 !TLSv1.1" and use the system default instead. As of Debian + Buster (OpenSSL 1.1.1) this does not make a difference, however using + the system default provides better compatibility with future libssl + versions. + * libinterimap: deprecate SSL_protocols, obsoleted by new settings + SSL_protocol_{min,max}. Using the libssl interface simplifies our + protocol black/whitelist greatly; this only allows simple min/max + bounds, but holes are arguably not very useful here. + * libinterimap: use default locations for trusted CA certificates when + neither CAfile nor CApath are set. In particular, OpenSSL's default + locations can be overridden by the SSL_CERT_FILE resp. SSL_CERT_DIR + environment variables, see SSL_CTX_load_verify_locations(3ssl). + * libinterimap: _start_ssl() now fails immediately with OpenSSL <1.1.0. + It could in principle still work with earlier versions if the new + settings SSL_protocol_{min,max} are not used, however it's cumbersome + to do individual checks for specific settings, let alone maintain + test coverage with multiple OpenSSL versions. + * libinterimap: new option SSL_ciphersuites to set the TLSv1.3 + ciphersuites; also, clarify that SSL_cipherlist only applies to + TLSv1.2 and below, see SSL_CTX_set_cipher_list(3ssl). + + `make release`: also bump libinterimap version and pin it in 'use' + declarations. + + Make error messages more uniform and consistent. + - libinterimap: use Net::SSLeay::get_version() to get the protocol + version string. + - test suite: `mv tests/snippets tests/config` + - tests/tls-protocols: use custom OpenSSL configuration file with + MinProtocol=None so we can test TLSv1 as well, not just TLSv1.2 and + later. + - test suite: explicitly set ssl_min_protocol=TLSv1 in the Dovecot + configuration file (the default as of 2.3.11.3), hence running TLS + tests now require Dovecot 2.3 or later. + - documentation: simplify SSL options in the sample configuration files. + - README: suggest 'restrict,command="/usr/bin/doveadm exec imap"' as + authorized_keys(5) options. + - README: suggest ControlPath=$XDG_RUNTIME_DIR/ssh-imap-%C for the SSH + transport (note that variable expansion is only available in OpenSSH + 8.4 and later). + - test suite: ensure we haven't started speaking IMAP when the SSL/TLS + handshake is aborted (unless STARTTLS is used to upgrade to + connection). + - documentation: clarify that known TLS protocol versions depend on the + OpenSSL version used. + + -- Guilhem Moulin <guilhem@fripost.org> Sat, 26 Dec 2020 23:11:10 +0100 + +interimap (0.5.4) upstream; + + * libinterimap: make SSL_verify also checks that the certificate + Subject Alternative Name (SAN) or Subject CommonName (CN) matches the + hostname or IP literal specified by the 'host' option. Previously it + was only checking the chain of trust. This bumps the minimum + Net::SSLeay version to 1.83 and OpenSSL version to 1.0.2 (when + SSL_verify is used). + * libinterimap: add support for the TLS SNI (Server Name Indication) + extension, controlled by the new 'SSL_hostname' option. The default + value of that option is the value of the 'host' option when it is + hostname, and the empty string (which disables SNI) when it is an IP + literal. + + libinterimap: show the matching pinned SPKI in --debug mode. + + test suite: always generate new certificates on `make test`. + + test suite: sign all test certificates with the same root CA. + + libinterimap: factor out hostname/IP parsing. + + document that enclosing 'host' value in square brackets forces its + interpretation as an IP literal (hence skips name resolution). + + Makefile: new 'release' target; also, change the tag format from + upstream/$VERSION to v$VERSION. + - documentation: replace example.org with example.net for consistency. + - rename 'debian' branch to 'debian/latest' for DEP-14 compliance. + + -- Guilhem Moulin <guilhem@fripost.org> Fri, 11 Dec 2020 11:21:17 +0100 + +interimap (0.5.3) upstream; + + * libinterimap: SSL_fingerprint now supports a space-separated list of + digests to pin, and succeeds if, and only if, the peer certificate + SPKI matches one of the pinned digest values. Specifying multiple + digest values can key useful in key rollover scenarios and/or when + the server supports certificates of different types (for instance + RSA+ECDSA). + - libinterimap: 'null-stderr' is now ignored when the 'debug' flag is + set (the standard error is never sent to /dev/null). + - test suite: use a RSA certificate rather than ECDSA. + - test suite: new test with a server offering both RSA+ECDSA + certificates. This test requires dovecot-imapd 2.2.31 or later. + + -- Guilhem Moulin <guilhem@fripost.org> Wed, 09 Dec 2020 15:32:01 +0100 + interimap (0.5.2) upstream; - Makefile: remove 'smart' extension from pandoc call to generate @@ -33,7 +179,7 @@ interimap (0.5) upstream; (regardless of the hierarchy delimiter in use). Other changes: - * interimap: the space-speparated list of names and/or patterns in + * interimap: the space-separated list of names and/or patterns in 'list-mailbox' can now contain C-style escape sequences (backslash and hexadecimal escape). * interimap: fail when two non-INBOX LIST replies return different @@ -41,7 +187,7 @@ interimap (0.5) upstream; happen if mailboxes from different namespaces are being listed. The workaround here is to run a new interimap instance for each namespace. - * libinterimap: in tunnel mode, use a socketpair rather than two pipes + * libinterimap: in tunnel mode, use a socket pair rather than two pipes for IPC between the interimap and the IMAP server. Also, use SOCK_CLOEXEC to save an fcntl() call when setting the close-on-exec flag on the socket. @@ -104,7 +250,7 @@ interimap (0.5) upstream; - libinterimap: use directories relative to $HOME for the XDG environment variables default values. Previously getpwuid() was called to determine the user's home directory, while the XDG - specification explicitely mentions $HOME. Conveniently our docs + specification explicitly mentions $HOME. Conveniently our docs always mentioned ~/, which on POSIX-compliant systems expands to the value of the variable HOME. (Cf. Shell and Utilities volume of POSIX.1-2017, sec. 2.6.1.) @@ -118,7 +264,7 @@ interimap (0.5) upstream; - libinterimap: push_flag_updates(): ignore UIDs for which no untagged FETCH response was received. - libinterimap: push_flag_updates(): don't ignores received updates (by - another client) to a superset of the desigred flag list. + another client) to a superset of the desired flag list. - libinterimap: avoid sending large UID EXPUNGE|FETCH|STORE commands as they might exceed the server's max acceptable command size; these commands are now split into multiple (sequential) commands when their @@ -128,7 +274,7 @@ interimap (0.5) upstream; This is a also a workaround for a bug in Dovecot 2.3.4: https://dovecot.org/pipermail/dovecot/2019-November/117522.html - interimap: for the reason explained above, limit number of messages - to 128 per APPEND command (only on servers advertizing MULTIAPPEND, + to 128 per APPEND command (only on servers advertising MULTIAPPEND, for other servers the number remains 1). - interimap: gracefully ignore messages with a NIL RFC822 attribute. - pullimap: treat messages with a NIL RFC822 attribute as empty. |