aboutsummaryrefslogtreecommitdiffstats
path: root/socket.c
Commit message (Collapse)AuthorAgeFilesLines
* socket.c: invalid sslproto no longer abort()sMatthias Andree2021-08-281-2/+0
|
* socket.c: plugin/plugout SIGSEGV and memleak fixesMatthias Andree2021-08-261-12/+26
|
* socket.c: SSL_use_PrivateKey_file <- SSL_use_RSAPrivateKey_file,Matthias Andree2021-03-131-1/+1
| | | | | the latter is deprecated in OpenSSL 3, and the user might use some other key than RSA.
* OpenSSL: permit deprecated features,Matthias Andree2021-03-131-1/+5
| | | | to avoid compatibility issues with new OpenSSL versions later on.
* socket.c clean up code duplication.Matthias Andree2021-02-271-2/+2
|
* --version: print OpenSSL versions build/run-time and directoriesMatthias Andree2021-01-301-8/+5
|
* socket.c: Update copyright according to code changes.Matthias Andree2021-01-031-1/+1
|
* "Require" OpenSSL 1.1.1 and tolerate/warn 1.0.2.Matthias Andree2020-03-301-0/+4
| | | | | | | | | | | OpenSSL 1.0.2 is EOL since end of 2019, so warn if it is to be used at configure and compile time. The assumption is that 1.0.2 may still be in use by maintainers that backport security fixes. Also warn, at configure time, about "OpenSSL" API-compatible libraries that do not declare TLS1_3_VERSION.
* socket.c: add reference to README.SSL in error messageMatthias Andree2020-03-301-1/+2
| | | | | | | and fix a typo in README.SSL. The reference will be printed if there is no trust anchor. Fixes #4 (Gitlab issue).
* Fix garbage at end of plugin string with %h and/or %pMatthias Andree2020-03-291-2/+3
| | | | | | | | | | | Commit 418cda65 from merge request !5 fixed an input buffer overrun but at the same time caused the terminating NUL byte in the output buffer to be written too late, 2 bytes per placeholder. Fix the size calculation for correctness, and use the output index and not the output length to terminate the output string. Fixes #16, reported by Stefan Thurner. [All references for Gitlab.]
* Rename s -> vecsiz (vector size) to hint to its purposeMatthias Andree2020-03-291-4/+4
|
* socket.c: Make SockKeepalive static, and readability variable renames.Matthias Andree2019-09-271-9/+9
|
* Align with legacy_6x.Matthias Andree2019-08-251-4/+10
| | | | | | * Normalize include order. * Backport missed bug fixes. * Remove dead code.
* fetchmail no longer reports System error during SSL_connect(): Success.Matthias Andree2019-08-051-3/+6
| | | | Fixes Debian Bug#928916, reported by Paul Kimoto.
* Bump copyrights, and bump version to beta6.Matthias Andree2019-08-051-1/+4
|
* FreeBSD cleanups to header shuffling.Matthias Andree2019-08-051-4/+1
|
* Replace most strncpy() by strlcpy() calls.Matthias Andree2019-05-121-1/+1
|
* Enable OpenSSL >= 1.0.2 native name verification.Matthias Andree2019-01-271-0/+22
|
* Make compatible with a pure OpenSSL 1.1.0 API, ...Matthias Andree2018-06-061-1/+8
| | | | | ...when deprecated functions are disabled, for instance, through -DOPENSSL_API_COMPAT=0x10100000L.
* Add a FIXME comment.Matthias Andree2017-08-111-0/+2
|
* Do not overrun plugin string when copying it.Alexander Bluhm2017-08-101-1/+1
| | | | | | | | parse_plugin() expands the % in plugin string to plugin_copy. It checks that is does not write behind the end of the destination memory, but the source length was not checked. This resulted in reading from a possibly invalid memory location which may cause a segmentation fault. Add a check for the string length of the source.
* Cast argument to quiet -Wformat warning in C89 mode.Matthias Andree2017-04-231-1/+1
|
* Reformat.Matthias Andree2017-02-111-2/+2
|
* TLS: set hostname for SNI.Matthias Andree2017-02-111-0/+14
|
* Initial TLSv1.3 support code.Matthias Andree2017-02-111-1/+27
|
* Fixup protocol version handling in OpenSSL 1.0.X.Matthias Andree2016-12-121-0/+4
|
* Support for Debian/Ubuntu mutilated SSLv3 support.Matthias Andree2016-12-121-0/+4
| | | | | | | | | | Ubuntu 16.04 LTS, in a misguided attempt to avoid SSLv3 without breaking the API, does not declare SSLv3 unsupported through the headers, so applications can only detect this situation at run-time. The symptom is that SSL_CTX_new errors out with SSL_R_NULL_SSL_METHOD_PASSED on the error stack, issue an additional note telling the user to select a newer version.
* OpenSSL 1.1.0 API support.Matthias Andree2016-12-121-4/+76
| | | | | | | This avoids functions marked deprecated in OpenSSL 1.1.0. At the same time, warn about unsupported use of LibreSSL, and treat LibreSSL the same as OpenSSL 1.0.X WRT protocol version logic.
* Refactor OpenSSL protocol version selection logic.Matthias Andree2016-12-121-44/+54
|
* Bump OpenSSL requirement to v1.0.2.Matthias Andree2016-12-111-2/+2
|
* Really try to continue if OpenSSL lib newer than headers used at compile-time.Matthias Andree2016-04-241-1/+0
|
* Enable TLS 1.1/1.2 options on LibreSSL.Matthias Andree2016-04-241-2/+2
| | | | LibreSSL does not provide a TLS_MAX_VERSION, so do not refer to it.
* Avoid another C99-style comment.Matthias Andree2016-01-301-3/+2
|
* Avoid C99-style comment.Matthias Andree2016-01-301-2/+1
|
* Add OpenSSL version sanity checking.Matthias Andree2016-01-301-1/+24
|
* Support ssl3+ tls1.1, tls1.2 in --sslproto. Report TLS1.1/1.2 if unsupported ↵Matthias Andree2015-04-111-2/+19
| | | | | | by OpenSSL. Uses TLS_MAX_VERSION checks against TLS1_1_VERSION or TLS1_2_VERSION.
* Fix typo regarding SSL_OP_NO_SSLv3, and carry over one basic block from ↵Matthias Andree2015-04-111-2/+7
| | | | master branch.
* Detect/report server hang-up in SSL_connect().Matthias Andree2015-04-081-1/+12
| | | | | | This condition does not leave traces in the SSL error queue, and must be checked explicitly. Result from debugging Jerry Seibert's issue with outlook.com/pop3.live.com.
* TLS overhaul, bumping version to 6.4Matthias Andree2015-01-261-11/+17
| | | | | | | | | | | | | | | Removes SSLv2, enables TLSv1.1 and v1.2 more easily, permits SSLv3 (only if specified) and newer TLSv1.1+ for STLS/STARTTLS. Only negotiates TLSv1 and newer by default, SSLv3 must now be specified explicitly, as a consequence of the POODLE attack. This is meant to be a minimally upgraded version, and cannot be usefully done as a 6.3.X release. It is strongly recommended that users review their configuration - especially --sslproto - per instructions in the NEWS file and manual page. It has changed semantics and in many cases --sslproto auto or perhaps --sslproto tls1.2+ should be used now.
* Also report SSL/TLS protocol version in verbose mode.Matthias Andree2015-01-161-2/+6
|
* Report SSL/TLS cipher, in verbose mode.Matthias Andree2015-01-161-0/+14
| | | | (socket.c cherry-pick from master)
* Also recognize OPENSSL_NO_SSLx.Matthias Andree2015-01-161-2/+2
| | | | | These are the macros OpenSSL defines when configured with no-ssl2 or no-ssl3, the actual macro names are OPENSSL_NO_SSL2 and OPENSSL_NO_SSL3.
* Permit build on SSLv3-disabled OpenSSL,Matthias Andree2015-01-161-1/+6
| | | | | | | providing that these also omit the declaration of SSLv3_client_method(). Related to Debian Bug#775255. Version report lists -SSLv3 on +SSL builds that omit SSLv3_client_method(). Version report lists -SSLv2 on +SSL builds that omit SSLv2_client_method().
* Minor bug fixes for socket.cJohn Beck2013-02-181-0/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | While running a static code analysis tool (Parfait) on fetchmail, it found some bugs: Error: Memory leak (CWE 401) Memory leak of pointer 'plugin_copy' allocated with malloc((plugin_copy_len + 1)) at line 137 of components/fetchmail/fetchmail-6.3.22/socket.c in function 'parse_plugin'. 'plugin_copy' allocated at line 107 with malloc((plugin_copy_len + 1)). plugin_copy leaks when plugin_copy_offset >= plugin_copy_len at line 114. Error: Null pointer dereference (CWE 476) Read from null pointer 'argvec' at line 189 of components/fetchmail/fetchmail-6.3.22/socket.c in function 'handle_plugin'. Function 'parse_plugin' may return constant 'NULL' at line 137, called at line 188. Null pointer introduced at line 137 in function 'parse_plugin'. at line 190 of components/fetchmail/fetchmail-6.3.22/socket.c in function 'handle_plugin'. Function 'parse_plugin' may return constant 'NULL' at line 137, called at line 188. Null pointer introduced at line 137 in function 'parse_plugin'. (I realize these are on 6.3.22; I checked and verified that this portion of the code is the same in 6.3.24.) The attached patch fixes each of these. (Note by Matthias Andree: The NULL pointer dereference fix does not require error reporting, because parse_plugin() will already have reported the out-of-memory error that causes the NULL to be returned.)
* Improve X.509 certificate validation reporting.Matthias Andree2013-02-061-13/+42
| | | | | | | | | * Improved reporting when SSL/TLS X.509 certificate validation has failed, working around a not-so-recent swapping of two OpenSSL error codes, and a practical impossibility to distinguish broken certification chains from missing trust anchors (root certificates). * OpenSSL decoded errors are now reported through report(), rather than dumped to stderr, so that they should show up in logfiles and/or syslog.
* Plug a memory leak in OpenSSL's certificate verification callback.Matthias Andree2012-12-131-1/+1
| | | | | | | | | | | This would affect fetchmail configurations running with SSL in daemon mode more than one-shot runs. Reported by Erik Thiele, and pinned by Dominik, Debian Bug #688015. This bug was introduced into fetchmail 6.2.9 (committed 2005-10-29) when support for subjectAltName was added through a patch by Roland Stigge, submitted as Debian Bug#201113.
* Clear SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS without SSL_CTX_clear_options()Earl Chew2012-09-031-3/+4
| | | | | | | | | | | | A patch to clear SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS was added recently: http://gitorious.org/fetchmail/fetchmail/commit/48809c5b9f6c9081f4031fa938dd63b060c18a4b?format=patch Older implementations of OpenSSL do not support SSL_CTX_clear_options(). This patch reworks the previous change to avoid the use of SL_CTX_clear_options() and instead clears the corresponding bit in SSL_OP_ALL before calling SSL_CTX_set_options().
* Fix CVE-2011-3389 by clearing SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS...Matthias Andree2012-05-031-0/+6
| | | | | | | ...from SSL options, unless FETCHMAIL_DISABLE_CBC_IV_COUNTERMEASURE is a non-empty environment variable. Suggested by Apple.
* Fix build on SSLv2-disabled OpenSSL setupsMatthias Andree2011-10-261-0/+5
| | | | | | | | On systems where SSLv2_client_method isn't defined in OpenSSL (such as newer Debian, and Ubuntu starting with 11.10 oneiric ocelot), don't reference it (to fix the build) and print a run-time error that the OS does not support SSLv2. Fixes Debian Bug #622054, but note that that bug report has a more thorough patch that does away with SSLv2 altogether.
* Print Server certificate: banner on stdout rather than stderr.Matthias Andree2011-08-301-1/+1
| | | | Reported by Henry Jensen, fixes Debian Bug #639807.