|  | Commit message (Collapse) | Author | Age | Files | 
|---|
| | |  | 
| | 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| | Per RFC3501 §6.3.1 and §6.3.2 ‘UIDNEXT’ must be returned in an OK
untagged response.  See also Appendix B#34.
However §6.3.1 suggests that it's in fact optional: “If this is missing,
the client can not make any assumptions about the next unique identifier
value.”
A correction was proposed in Errata ID 3445 https://www.rfc-editor.org/errata/eid3445 ,
and rejected on the ground that clients SHOULD support the implement
default behavior for missing data.
We heavily rely on the ‘UIDNEXT’ presence and won't implement a
workaround for its absence; instead we panic() with a more informative
message. | 
| | |  | 
| | 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| | That's when get_version() was introduced.  Unfortunately the manual
doesn't mention it, but 1.85 is lacking the function, see
    https://github.com/radiator-software/p5-net-ssleay/blob/1.88/Changes#L216
    https://github.com/radiator-software/p5-net-ssleay/commit/ae33bb5405dadde973bc25a0c5e3941d5c83f8b1
Compatibility with Net::SSLeay 1.83 can be restored by reverting this
commit and 35f4ecefa9c9ff55acfdb337b215e3d13345c86d. | 
| | |  | 
| | 
| 
| 
| 
| | Also, clarify that SSL_cipherlist only applies to TLSv1.2 and below.
See SSL_CTX_set_cipher_list(3ssl). | 
| | |  | 
| | 
| 
| 
| 
| 
| 
| | It could in principle still work with earlier versions if the new
settings SSL_protocol_{min,max} are not used, however it's cumbersome to
do individual checks for specific settings, let alone maintain test
coverage with multiple OpenSSL versions. | 
| | 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| | CAfile nor CApath are set.
In particular, OpenSSL's default locations can be overridden by the
SSL_CERT_FILE resp. SSL_CERT_DIR environment variables, see
SSL_CTX_load_verify_locations(3ssl).
This bumps the minimum OpenSSL version to 1.1.0 (when SSL_verify is
used). | 
| | |  | 
| | |  | 
| | |  | 
| | |  | 
| | 
| 
| 
| 
| 
| 
| 
| | Using the libssl interface simplifies our protocol black/whitelist
greatly; this only allows simple min/max bounds, but holes are arguably
not very useful here.
Using the new settings bumps the required libssl version to 1.1.0. | 
| | 
| 
| 
| | This avoids maintaing our own map. | 
| | |  | 
| | 
| 
| 
| 
| 
| 
| 
| | Namely, use the system default instead of "!SSLv2 !SSLv3 !TLSv1 !TLSv1.1".
As of Debian Buster (OpenSSL 1.1.1) this does not make a difference,
however using the system default provides better compatibility with
future libssl versions. | 
| | |  | 
| | |  | 
| | 
| 
| 
| 
| 
| | This is controlled by the new 'SSL_hostname' option.  The default value
of that option is the value of the 'host' option when it is hostname,
and the empty string (which disables SNI) when it is an IP literal. | 
| | 
| 
| 
| 
| 
| 
| 
| 
| 
| | More precisely, ensure that the certificate Subject Alternative Name
(SAN) or Subject CommonName (CN) matches the hostname or IP literal
specified by the 'host' option.  Previously it was only verifying the
chain of trust.
This bumps the minimum Net::SSLeay version to 1.83 and OpenSSL version
1.0.2. | 
| | 
| 
| 
| 
| | Also, document that enclosing 'host' value in square brackets forces its
interpretation as an IP literal (hence skips name resolution). | 
| | |  | 
| | 
| 
| 
| 
| 
| 
| 
| 
| | to pin.
And succeeds if, and only if, the peer certificate SPKI matches one of
the pinned digest values.  Specifying multiple digest values can key
useful in key rollover scenarios and/or when the server supports
certificates of different types (for instance RSA+ECDSA). | 
| | 
| 
| 
| 
| 
| | The standard error is never sent to /dev/null in debug mode.
Closes: deb#968392 | 
| | |  | 
| | 
| 
| 
| 
| | Set "STARTTLS = NO" to ignore.  This is similar to CVE-2020-12398 and
CVE-2020-14093. | 
| | 
| 
| 
| | For background see https://gitlab.com/muttmua/mutt/-/issues/248 . | 
| | |  | 
| | 
| 
| 
| | CAPABILITY listing. | 
| | 
| 
| 
| 
| | Mention the name of the problematic mailbox.  (We may detect the
violation while not in SELECTED state.) | 
| | |  | 
| | 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| | UID EXPUNGE|FETCH|STORE commands are now split into multiple (sequential)
commands when their set representation exceeds 4096 bytes in size.  Without
splitting logic set representations could grow arbitrarily large, and
exceed the server's maximum command size.
This adds roundtrips which could be eliminated by pipelining, but it's
unlikely to make any difference in typical synchronization work.  While set
representations seem to remain small in practice, they might grow
significantly if many non-contiguous UIDs were flagged and/or expunged, and
later synchronized at once.
Furthermore, for MULTIAPPEND-capable servers, the number of messages is
limited to 128 per APPEND command (also subject to a combined literal size of
1MiB like before).
These numbers are currently not configurable.  They're intentionally lower
than Dovecot's default maximum command size (64k) in order to avoid a
deadlock situation after sending 8k-long commands under COMPRESS=DEFLATE:
https://dovecot.org/pipermail/dovecot/2019-November/117522.html . | 
| | |  | 
| | 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| | The UNCHANGEDSINCE test from the CONDSTORE extension was incorrectly
placed after the flag list in UID STORE commands.  In practice this
meant the server didn't add the MODIFIED code when needed.
The server won't send an untagged FETCH command (and won't increase the
message's MODSEQ) if no change was made to the flag list.  A panic() was
incorrectly triggered in that case.
When the flag list was set (by another client) to a superset of the UID
STORE command currently processed, the extra flags were not synchronized.
Cf. RFC 7162 sec. 3.1.3 ex. 10. | 
| | 
| 
| 
| 
| | We're using s///r which was introduced in 5.14, and hash slices which
were introduced in 5.20. | 
| | 
| 
| 
| 
| | SSL connections are accepted on TCP port 10993.  Also, fix STARTTLS
directive, broken since fba1c36… | 
| | |  | 
| | |  | 
| | 
| 
| 
| 
| 
| 
| | Also, introduce new option 'logger-prefix' to determine the prefix of
each log line.
Closes: #942725. | 
| | 
| 
| 
| 
| | Cf. Compress::Raw::Zlib's documentation.  Z_STREAM_END denotes a
successful state. | 
| | 
| 
| 
| 
| 
| 
| 
| | (We don't need the function anymore once the handshake is established).
Otherwise the reference count of that IMAP client never gets to 0 before
the global destruction phase.  For interimap, this causes traffic stats
to be printed not by the cleanup() function as intended, but just before
the program exits. | 
| | |  | 
| | |  | 
| | 
| 
| 
| 
| 
| | RFC 2222 sec. 3 says that values are “from 1 to 20 characters in length,
consisting of upper-case letters, digits, hyphens, and/or underscores”
so we always upper-case the value. | 
| | 
| 
| 
| 
| 
| | In --debug mode in order to avoid inadvertently receiving credentials in
bug reports.  --debug can be set twice to spell out these commands in
full. | 
| | 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| | Previously getpwuid() was called to determine the user's home directory,
while the XDG specification explicitely mentions $HOME.
Conveniently our docs always mentioned ~/, which on POSIX-compliant
systems expands to the value of the variable HOME (and the result is
unspecified when the variable is unset).  Cf. Shell and Utilities volume
of POSIX.1-2017, sec. 2.6.1:
    https://pubs.opengroup.org/onlinepubs/9699919799/utilities/V3_chap02.html#tag_18_06_01 | 
| | |  | 
| | 
| 
| 
| 
| 
| | Since we now use socketpair(2) for type=tunnel (instead of a pair of
unnamed pipes) we can unify communication endpoints creation and
teardown. | 
| | 
| 
| 
| 
| 
| | Rather than two pipe(2).  Also, use SOCK_CLOEXEC to save a fcntl() call
when setting the close-on-exec flag on the socket (even though Perl will
likely call fcntl() anyway). |