Skip to content

v3.0.0-beta11

Pre-release
Pre-release

Choose a tag to compare

View all tags
@edmundlod edmundlod released this 21 May 11:57
· 637 commits to master since this release
v3.0.0-beta11
This tag was signed with the committer’s verified signature.
edmundlod Edmund Lodewijks
GPG key ID: 5D0AC5211E8D1C4C
Verified
Learn about vigilant mode.
849b739
This commit was signed with the committer’s verified signature.
edmundlod Edmund Lodewijks
GPG key ID: 5D0AC5211E8D1C4C
Verified
Learn about vigilant mode.

This release completes the compiler-warning remediation work started in earlier
betas and adds several new features, security hardening, and bug fixes.

Security

  • Fix A-R stripping bypass via trailing-dot authserv-id
  • Fix TXT chunk-length OOB read in DNS key extraction
  • Sandbox Lua policy hooks against dangerous standard libraries (os/io/debug)
  • Zero per-signrequest private key data before free
  • Fix mlfi_connect config-refcount race (curconf dereferenced without refcnt)
  • Fix dkimf_add_signrequest reading global curconf instead of per-connection config

Bug fixes

  • Fix dkim_ohdrs z= decode: plist storage overwrite, wrong strlcpy size, scratch buffer ignored
  • Fix header.b quoting in Authentication-Results (bug #235)
  • Fix header.b substring for duplicate signatures (bug #233)
  • Fix header fields wrapped before any content (bug #226)
  • Fix RequiredHeaders to report specific error and reject (issue #28)
  • Fix body skip when only one canonicalization mode finished (issue #15)
  • Fix A-R leading space when noleadspc is negotiated
  • Fix standard resolver DNSSEC-awareness
  • Fix ub_ctx_config() unprotected concurrent calls (issue #14)
  • Widen password file critical section in dkimf_securefile (issue #8)
  • Fix reportaddr buffer too small for user@host worst case
  • Fix UB from (int) buflen cast when buflen > INT_MAX
  • Fix dkim_options API: split into const-correct dkim_setopt / dkim_getopt

New features

  • Add header.a and header.s to Authentication-Results output
  • Add SyslogName configuration option
  • Add odkim.internal_ip() to screen and final Lua policy hooks
  • Reject non-printable characters in domain/selector in dkim_sign() (feature #190)
  • Additional cross-implementation DKIM test suite (additional-test-suite/)

Build system

  • Port missing autotools HAVE_* probes to CMake; add HAVE_LIBCURL
  • Add OpenSSL version string to build-config.h and -V output
  • Support OpenSSL 4 builds by deferring version probe to runtime
  • Add CMake hardening infrastructure (-D_FORTIFY_SOURCE, stack protector, etc.)
  • Fix USE_LUA / WITH_REDIS propagation to build-config.h
  • Warn when SHA1 RSA verification is blocked by active crypto policy
  • Probe realpath() / strsep() in CMake; enable secure-path check

Legacy removal

  • Remove POPAUTH (POP-before-SMTP) support
  • Remove QUERY_CACHE (BerkeleyDB-backed DNS-result cache)
  • Remove USE_GNUTLS conditionals from test programs

Compiler warning remediation (PR #3)

Systematic elimination of all -Wcast-qual, -Wshadow, -Wpointer-sign,
-Wsign-compare, -Wmissing-prototypes, and -Wunused-parameter diagnostics
across libopendkim, the daemon, miltertest, and all test programs. This
required propagating const through the entire libopendkim public API,
splitting dkim_options() into const-correct dkim_setopt() / dkim_getopt(),
and touching approximately 100 source files.

Assets 24
Loading