libqmail 1.4

• Tue Aug 06 2024 12:35:02 +0000 Manvendra Bhangui [email protected] 1.4-11%{?dist}
  Release 1.4-1.1 Start 29/04/2024 End 06/08/2024

• envdir.c: handle symbolic links to .envdir and .envfile correctly
• tryshsgr.c, tryulong32.c, tryulong64.c: fix compiler warnings
• fix discarded-qualifier compiler warnings
• fix function prototypes
• mkpasswd.c, qdirname.c: fix discarded-qualifier-warnings
• added wildmat function
• scan_short.c: added scan_short function
• authmethods.c, authmethods.h: Added XOAUTH2 auth methods

libqmail 1.3

ChangeLog

• Sun Mar 03 2024 15:45:13 +0000 Manvendra Bhangui [email protected] 1.3-1.1%{?dist}
  Release 1.3-1.1 Start 30/11/2023 End 03/02/2024

• scan_int.c, scan_ulong.c: fix conversion when string has non-numeric
  characters
• str_spn.c: added str_spn() function
• moved repository to indimail org
• added buffer library interface
• subsdio.h, subfdins.c, subfdouts.c, subfderr.c: use SUBSTDIO_SMALL
  definition from substdio.h
• timeoutread.c, timeoutwrite.c: added version using poll() instead of
  select() - taken from Erwin Hofman's fehQlibs
• envdir.c: handle symbolic links to .evndir and .envfile correctly

libqmail 1.2

ChangeLog

• Fri Sep 08 2023 12:40:38 +0000 Manvendra Bhangui [email protected] 1.2-1.1%{?dist}
  Release 1.2-1.1 Start 24/04/2023 End 08/09/2023

1. error.c, error.h: fixed error code numbering
2. libqmail.spec.in: updated SPEC post fedora review
3. tcpopen.c: added missing return for unix domain socket
4. added tcpremoteip() function
5. base/mkpasswd.c: allow storage space for salt to be dynamically allocated
6. base/makesalt.c: added YESCRYPT. use crypt_gensalt if available to generate salt for yescrypt
7. configure.ac, base/hashmethods.h.in: added YESCRYPT_HASH
8. renamed ssl directory to tls
9. base/strerr.h: protect STRERR, STRERR_SYS macro parameters
10. tls/tls.c, tls/tls.h: store ssl, system error for tlsread, tlswrite in strerr_tls structure
11. tls/tls.c: added get_tls_method function
12. tls/tls.c: use SSL_CTX_set_ciphersuites() for TLSv1_3 and above instead of SSL_CTX_set_cipher_list()
13. tls/tls.c: pass pointer to tls method in set_tls_method()
14. tls/tls.c: set default cipher PROFILE=SYSTEM only for TLSv1_2 and below
15. tls/tls.h: added get_tls_method function
16. tls/tls.h: added pointer to tls method variable as a new argument to tls_set_method()
17. tls/tls.c: adjusted OPENSSL_VERSION_NUMBER for TLSv1_3
18. tls/tls.c: corrected bug invalid cipher caused SIGSEGV
19. tls/tls.c: tlsclientmethod, tlsservermethod can have min:max as version
20. tls/tls.c: set errno = EPROTO when protocol is unavailable
21. tls/tls.c: fixed few warnings without ssl errors
22. tls/tls.c: BUG. SSL_CTX_set_cipher_list incorrectly called instead of SSL_CTX_set_ciphersuites when method is auto
23. tls/tls.c: set min/max proto version only when min/max version variable is non-zero
24. tls/tls.c: refactored tls_get_method(), tls_set_method()
25. matchregex.[c,h]: added matchregex function

libqmail 1.1.3

Date: Sun Apr 23 2023 16:57:15 +0000

DNF / YUM / APT / Arch Binary Downloads

Open Build Service Binary Download

ChangeLog

Release 1.1.3-1.1 Start 08/02/2023 End 23/04/2023

• 08/02/2023

1. include qmailconfig.h if HAVE_CONFIG_H is not defined

• 13/02/2023

2. ssl/tls.c: removed SSL_CTX_free in tls_session on SSL_new failure
3. base/setuserid.c: rewind passwd file using qsetpwent, setpwent

• 15/02/2023

4. base/tls.c: self generate rsa/dh parameters if rsa/dh files are missing or unreadable

• 17/02/2023

5. base/commands.c: return -3 for out of memory error

• 20/02/2023

6. base/setuserid.c: added set_additional_groups function, refactored setuserid.c
7. qgetpwgr.c: allow alternate passwd, group, service for uid 0 using env variables
8. isnum.c: refactored isnum.c

• 15/04/2023

9. configure.ac: fixed setting of pkgconfigdir

libqmail 1.1.2

Date: Mon Jan 30 2023 12:46:04 +0000

DNF / YUM / APT / Arch Binary Downloads

Open Build Service Binary Download

Release Highlights

• tls functions for indimail-mta, ucspi-tcp, indimail-virtualdomains
• subprintf function - substdio equivalent of printf
• qsnprintf, qsprintf functions - equivalent of snprintf and sprintf functions using stralloc instead of fixed size buffer.

ChangeLog

• 10/10/2022

1. configure.ac: Fixed leapsecs.dat path

• 05/11/2022

2. digest-md5.c: return incorrect password for invalid arguments
3. pw_comp.c: added documentary comments.

• 06/12/2022

4. tcpbind.c: display servicename, hostname in getaddrinfo error

• 13/12/2022

5. wait.h: use system defined wait macros from sys/wait.h
6. error.c, error.h: added error_child for ECHILD

• 17/12/2022

7. wait.h: added wait_handler() and wait_exited macro
8. wait_handler.c: added wait_handler() function wrapper for handling wait status

• 02/01/2023

9. tls.c, tls.h: added tls/ssl functions
10. allwrite.c: added allwrite() function
11. commands.c: return -2 for command too long
12. ndelay.c: added ndelay() function to get value of DELAY flag for descriptor

• 03/01/2023

13. tls.c: set default ciphers to "PROFILE=SYSTEM" to quell rpmlint warning
14. tls.c: SSL_CTX_set_ecdh_auto supported only on openssl 1.0.2 and above

• 07/01/2023

15. tls.c: replaced SSH_shutdown + SSL_free with ssl_free function

• 12/01/2023

16. timeoutwrite.c: replaced write() with allwrite()

• 13/01/2023

17. tls.c: added check for crlfile
18. tls.c: use SSL_pending, SSL_has_pending to read complete application data
19. restore ndelay if changed in ssl_timeoutconn, ssl_timeoutaccept

• 16/01/2023

20. snprintf.c: added snprintf, vsnprintf, subprintf, qsnprintf() functions

• 21/01/2023

21. snprintf.c: added attribute ((format (printf, x, y))) for compile time warnings
22. snprintf.c: added qsprintf function
23. configure.ac, Makefile.am: Turned on automatic dependency tracking

libqmail 1.1.1

Date: Thu 08 Sep 2022 03:42:16 +0000

DNF / YUM / APT / Arch Binary Downloads

Open Build Service Binary Download

Release Highlights

• added libc replacements qgetservent, qgetservbyname, qgetservbyport along with re-entrant versions
• Support SCRAM-SHA1, SCRAM-SHA-256, SCRAM-SHA1-PLUS, SCRAM-SHA256-PLUS, auth methods #8
• Converted man pages to markdown for indimail wiki

ChangeLog

• 05/08/2021

1. added r_mkdir function

• 10/07/2021

2. qgetpwgr.c: added qgetserv.. functions to read /etc/services

• 11/07/2021

3. envdir.c: set variables from .envdir first to prevent .envdir from overriding main

• 12/07/2021

4. envdir.c: added feature to process .envfile and .envdir as a file containing list of directories

• 13/07/2021

5. envdir.c: return directory/filenames in error

• 14/07/2021

6. pathexec.[c,h]: added pathexec_clear() to clear env variables
7. envdir.c: refactored to remove use of chdir to traverse directories.

• 15/07/2021

8. str.h: fixed prototypes (str_chr, str_chrn, str_rchr) use const char '*'

• 16/07/2021

9. envdir.c: treat openreadclose returning 0 as an error

• 17/08/2021

10. configure.ac, qgetpwgr.c: added arpa/inet.h for htons()

• 21/08/2021

11. added no_of_days() function

• 24/08/2021

12. strerr.h, strerr_die.c, strerr_sys.c: added addtional members to struct strerr
13. added check_domain() function

• 29/08/2021

14. added noreturn.h for defining noreturn
15. strerr.h: use noreturn instead of attribute((noreturn))

• 12/09/2021 - libqmail-1.1.1
• 12/09/2021

16. added replacestr function

• 05/03/2022

17. base/envdir.c: fixed variable sa getting overwritten by openreadclose()

• 09/03/2022

18. base/use_qgetpwgr.c: use 4096 as default buffer size on FreeBSD
    sysconf _SC_GETPW_R_SIZE_MAX returns -1.

• 18/03/2022

19. base/use_qgetpwgr.c: Fixed SIGSEG caused by extra copy in byte_copy

• 29/03/2022

20. added arc4random() function for linux

• 17/04/2022

31. added getEnvConfigDouble() function

• 10/05/2022

32. added tcpbind.c, tcpopen.c, udpopen.c, qdirname.c, isnum.c

• 17/05/2022

33. base/cdb.c: added comment on mmap return value

• 20/06/2022

34. base/commands.c: set errno=0 for EOF

• 03/08/2022

35. added base/hexdump.c
36. r_mkdir: skip chown if running as non-root
37. makesalt.c: include stdint.h for uint32_t

• 04/08/2022

38. added get_scram_secrets() function

• 05/08/2022

39. added sodium_random() function
40. mkpasswd.c: encrypt when encrypt_flag is non-zero

• 06/08/2022

41. configure.ac: add -I/usr/local/include -L/usr/local/lib for FreeBSD
    libsodium

• 14/08/2022

42. base/authmethods.h: added AUTH_SCRAM_SHA1_PLUS, AUTH_SCRAM_SHA256_PLUS, AUTH_SCRAM_SHA512_PLUS auth methods

• 20/08/2022

43. base/envdir.c: skip leading spaces, blank lines and comments in envfile

• 23/08/2022

44. base/authmethods.c: added get_authmethod function

• 24/08/2022

45. base/makesalt.c: changed default hash method to SHA256
46. configure.ac: generate base/hashmethods.h header file

• 25/08/2022

47. base/get_scram_secrets.c: handle additional CRAM-* formats if set in password field

• 26/08/2022

48. base/in_crypt.c: use crypt(3) if first char is '$'
49. base/valid_passwd_chars.c: added valid_passwd_chars function
50. base/makesalt.c: added additional characters to random generated passwords

• 27/08/2022

51. base/pw_comp.c: use AUTH methods definition from authmethods.h
52. base/strerr_die.c: BUG: added missing substdio output for argument 16

• 28/08/2022

53. base/makesalt.c: add missing terminating '$' character for salt
54. base/mkpasswd.c: allow variable salt size using environment variable SALTSIZE
55. base/makesalt.c: return -1 for insufficient length

• 29/08/2022

56. base/envdir.c: BUG: advance to next line for blank lines/comments

• 07/09/2022

57. base/envdir.c: allow .envfile, .envdir to be softlinks

• 08/09/2022 - Final release libqmail-1.1.1

libqmail 1.1

Date: Saturday 17 July 2021 08:07:27 PM IST

DNF / YUM / APT / Arch Binary Downloads

Open Build Service Binary Download

Release Highlights

• added date822fmt, pathexec_run, pathexec_env, envdir, makeargs, mktempfile cdbmss, token822, openreadclose, prot_uid, prot_gid functions to libqmail
• added glibc wrappers for qgetpwent, setpwent, endpwent, qgetpwent_r, qgetpwnam, qgetpwuid, qgetpwnam_r, qgetpwuid_r, qgetgrent, qsetgrent, qendgrent, qgetgrnam, qgetgrgid, qgetgrnam_r, qgetgrgid_r, qgetservent, qgetservbyname, qgetservbyport, qsetservent, qendservent, qgetservent_r, qgetservbyname_r, qgetservbyport_r
• envdir: complete recode. Added hyperlink feature to link another directory to the main directory. Added ability to read multiple directories using .envdir and key=value pairs from .envfile

ChangeLog

• 03/03/2021

1. timeoutread, timeoutwrite - fix data types

• 17/03/2021

2. Open Build Service integration

• 18/04/2021

3. added date822fmt() and date822fmt.h

• 03/05/2021

4. added timestamp() function
5. uint16.h, uint32.h1, uint32.h2: fixed function prototype and warning -Warray-parameter

• 04/05/2021

6. Removed linking libqmail with openssl library

• 12/05/2021

7. added pathexec_run.c, pathexec_env.c, pathexec.h

• 13/05/2021

8. added envdir.c, envdir.h, dirent.h

• 22/05/2021

9. added evaluate.c, evaluate.h, for evaluate()

• 26/05/2021

10. qprintf: pad with zeros for numbers

• 29/05/2021

11. configure.ac: define SYSCONFDIR for leapsecs.dat
12. leapsecs_read.c: use SYSCONFDIR for leapsecs.dat
13. default.configure: added --syscondir=/etc/indimail

• 01/06/2021

14. added qtime() function - qtime.c, qtime.h, qtime.3

• 10/06/2021

15. fixed compiler warnings
16. added makeargs.c, mktempfile.c

• 15/06/2021

17. added token822.c, cdbmss.c, open_exclr.c

• 16/06/2021

18. configure.ac: added AC_CHECK_LIB(ssl, SSL_CTX_new, ...)
19. added hmac_sha224, hmac_sha384 functions

• 30/06/2021

20. strerr.h: added STRERR2, STRERR3, STRERR_SYS2 macros
21. envdir.c: hyperlink feature using .envdir link/dir to traverse multiple directories.

• 03/07/2021

22. added prot.c, prot.h, qgetpw functions
23. added qgetpwent, qgetgrent routines in qsetpwgr.c

• 05/07/2021

24. setuserid.c: use qgepwnam, qgetgrent if USE_QPWGR is set

• 07/07/2021

25. envdir.c: do lstat after chdir to fix false recursive loop error

• 09/07/2021

26. qgetpwgr.c: fixed incorrect size passed to alloc_re()

• 10/07/2021

27. qgetpwgr.c: added qgetserv.. functions to read /etc/services

• 11/07/2021

28. envdir.c: set variables from .envdir first to prevent .envdir from overriding main

• 12/07/2021

21. envdir.c: added feature to process .envfile and .envdir as a file containing list of directories

• 13/07/2021

22. envdir.c: return directory/filenames in error

• 14/07/2021

23. patheec.[c,h]: added pathexec_clear() to clear new env variables added
24. envdir.c: refactored to remove use of chdir to traverse directories.

• 15/07/2021

25. str.h: fixed prototypes (str_chr, str_chrn, str_rchr) use const char '*'

• 16/07/2021

26. envdir.c: treat openreadclose returning 0 as an error

libqmail 1.0

Date: Sunday 14 February 2021 11:27:21 PM IST

ChangeLog

Release 1.0 Start 21/05/2020

1. added --release option to specify release on command line

• 13/09/2020

2. libqmail.spec: added Provides: qmail-libs

• 15/09/2020

3. added mess822, commands, rewritehost, sconfig functions from indimail-mta

• 16/09/2020

4. FreeBSD fixes

• 01/10/2020

5. Darwin Port (fmt_ushort.c, default.configure, configure.ac)

• 04/10/2020

6. fixed broken crypt(3) implemetation on Darwin Mac OS X
7. reorgnized directory structure. All qmail functions moved to 'base'
8. textcode/fmt_utf8.c: updated with upstream libowfat-0.32

• 09/10/2020

9. replaced fmt_tohex() with tohex()
10. global.h, hmac_md5.c, hmac_ripemd.c, md5.c, md5.h: replaced updated
    functions from indimail-mta

• 18/10/2020

11. alloc_re.c: fix overwriting unallocate memory location when
    new_size < old_size

• 22/10/2020

12. Remove definition of INSTALL program in configure.ac, Makefile.am

• 22/11/2020

13. added tai_add.c. tai_uint.c
14. use const keyword

• 24/11/2020

15. added readclose(), openreadclose()
16. added noreturn attribute for strerr_die()
17. removed exit.h

• 26/11/2020

18. constmap.c: allow delimiter to be changed from the default colon
    character.
19. added man page for constmap function
20. constmap.c, constmap.h: added constmap_index(), constmap_get() functions

• 28/11/2020

31. +HeaderName feature by Erwin Hoffman: display all headers which have
    HeaderName as the initial text

• 02/12/2020

32. changed return type of alloc to void *

• 11/01/2021

33. libqmail.spec: removed redhat-lsb-core from BuildRequires

libqmail 0.3

ChangeLog

Release 0.3 Start 21/05/2020

1. Debian build - use /usr/lib/ (e.g. /usr/lib/x86_64-linux-gnu)
2. configur.ac - use LIB_SSL, LIB_CRYPTO
3. debian/control - use ${shlibs:Depends}

• 16/06/2020

4. added setuserid.c, setuserid.h
5. Makefile.am: use BUILT_SOURCES to build all needed header files

• 20/06/2020

6. added AC_PROG_CC_C99 to configure.ac
7. use m4_normalize(m4_include([conf-version])) in AC_INIT
   01/07/2020
8. Added textcode from libowfat, http://www.fefe.de/libowfat/
9. added array library from http://cr.yp.to/lib/array.html

• 04/07/2020

10. fmt.h: include sys/types.h if config.h is not included
11. setuserid.h: include sys/types.h, grp.h if config.h is not included
12. uint16.h: include inttypes.h if config.h is not included
13. libqmail.spec: use smp_mflags for parallel make
14. debian/libqmail.dsc: use Debtransform-Release to increment build number

• 07/07/2020

15. taia_now.c: renamed variable now to tmval
16. added CFLAGS="$CFLAGS -O4 -Wall -Wimplicit -fPIC -fno-strict-aliasing
    -Wunused -Wcomment -Wchar-subscripts -Wuninitialized -Wshadow
    -Wcast-align -Wwrite-strings -Wno-discarded-qualifiers"

• 23/07/2020

17. scan.h: added scan_double(), scan_hexdump() prototyps
18. configure.ac: used comprehensive CFLAGS
19. default.configure: create conf-release if not exists

• 03/08/2020

20. cdb.h: added cdb_free() prototype
21. sig.h, sig.c: added sig_usr1, sig_usr2
22. fmt.h: added tohex() proto
23. fmt_hexbyte.c: added tohex() function
24. libqmail.spec: added iopause.h header file
25. Makefile.am: added tohex(), iopause.c, uint16, functions
26. added safe multiplication functions from libowfat, http://www.fefe.de/libowfat/

Release 0.2 of libqmail

ChangeLog

• 19/07/2019

1. added tai, taia functions for indimail-mta
2. fixed data type of length argument of stralloc_readyplus(), stralloc_copyb(), stralloc_catb()
3. fixed generation of hasmkffo.h
4. fixed incorrect definitions of signals in sig.h
5. define env_isinit as extern in env.h as it is already defined in env.c

• 26/10/2019

6. added authentication crytographic routines digest_md5, hmac_md5, hmac_ripemd, hmac_sha1, hmac_sha256, hmac_sha512, md5
7. added md5_crypt, sha256_crypt, sha512_crypt
8. added mkpasswd function to generate password

• 09/05/2020

9. gen_allocdefs.h - added wrapper functions for builtin_add_overflow(), builtin_mul_overflow() for compilers missing built-in overflow functions - Vulnerabilities inherited from qmail 1.03, reported by Qualys
10. gen_allocdefs.h - use __builtin_add_overflow(), __builtin_mul_overflow() to avoid overflow CVE-2005-1513

• 10/05/2020

11. fixed shadowing of global variables by local variables

• 11/05/2020

12. alloc.c use malloc instead of custom allocator for memory allocation >= 4096
13. gen_allocdefs.h - set errno to error_nomem on overflow

• 12/05/2020

14. substdio.c - converted to C89 prototype and len argument changed to size_t
15. substdio.h - changed len argument of substdio_fdbuf to size_t
16. substdio.h - length argument for substdio_put(), substdio_bput(), substdio_putflush() changed to unsigned to fix integer signedness error CVE-2005-1515
17. substdo.c - length argument for allwrite(), substdio_put(), substdio_bput(), substdio_putflsh() changed to unsigned to fix integer signedness error CVE-2005-1515

• 13/05/2020

18. stralloc_arts.c, stralloc_catb.c, stralloc_copyb.c - fix possible integer overflow

• 15/05/2020

19. env.c - convert function prototypes to c89 standards
20. env.c - fix possible integer overflow