All notable changes to this project will be documented in this file.
1.2.0 - 2024-11-22
Big thanks to @lquidfire, @futatuki, and @simotuki11 for reporting the issues addressed in this release and/or providing fixes.
- libopenarc -
ARC_OPTS_SIGNATURE_TTL - milter -
SignatureTTLconfiguration option.
- libopenarc - Expired signatures cause chain validation to fail.
- Build issues on FreeBSD.
- RPM spec typo that could result in installation failure.
- libopenarc -
arc_free()accepts NULL. - libopenarc -
cis not a required tag inARC-Message-Signature. - libopenarc -
ARC-Message-Signatureheaders covering a limited body length are processed correctly.
1.1.0 - 2024-11-05
In this development cycle all open issues and PRs in https://github.com/trusteddomainproject/OpenARC were reviewed and either addressed or rejected, changes in the ARC spec between the drafts OpenARC initially implemented and the final version of RFC 8617 were reviewed and addressed, and all embedded comments indicating a known issue with the code were addressed.
Other efforts focused on housekeeping tasks such as cleaning up unused and broken parts of the build system, reducing code duplication, and increasing test coverage.
oldest-passprocessing per RFC 8617 section 5.2.openarc-keygen- libopenarc -
arc_chain_oldest_pass() - milter -
AuthResIPconfiguration option. - milter -
RequireSafeKeysconfiguration option. - milter -
MinimumKeySizeRSAconfiguration option. - milter -
ResponseDisabled,ResponseUnable, andResponseUnwillingconfiguration options.
- Custom OpenSSL locations must be configured using
OPENSSL_CFLAGSandOPENSSL_LIBSenvironment variables instead of passing--with-openssl=/pathtoconfigure. - Custom Jansson locations must be configured using
LIBJANSSON_CFLAGSandLIBJANSSON_LIBSenvironment variables instead of passing--with-libjansson=/pathtoconfigure. - Custom libmilter locations must be configured using
LIBMILTER_CPPFLAGSandLIBMILTER_LDFLAGSenvironment variables instead of passing--with-milter=/pathtoconfigure. - Building the milter defaults to requiring Jansson. You can explicitly
disable it by passing
--without-libjanssontoconfigure. - Libidn2 is now required to build OpenARC.
- libopenarc -
ARC-Message-SignatureandARC-Authentication-Resultsheaders are excluded from the AMS, as required by RFC 8617 section 4.1.2. - libopenarc - ARC headers are returned with a space before the header value.
- libopenarc - String arguments are marked as
constwhere applicable. - libopenarc - String arguments are normal strings (
char *) unless the argument expects a binary string. - libopenarc -
ARC-Sealheaders containingh=tags cause a validation failure, as required by RFC 8617 section 4.1.3. - milter -
Authentication-ResultsandARC-Authentication-Resultsincludeheader.oldest-passwhen appropriate. - milter - An
ar-testprogram for seeing howAuthentication-Resultsheaders are parsed is built without making you jump through weird hoops. - milter - The default behaviour for messages that fail basic validity checks (malformed headers, too many headers) is to reject them.
- milter -
PermitAuthenticationOverridesdefaults tofalse.
- libopenarc -
arc_mail_parse()
- libopenarc - Seals on failed chains only cover the latest ARC header set, as required by RFC 8617 section 5.1.2.
- libopenarc - Signing with simple header canonicalization works.
- libopenarc - ARC headers with a misplaced instance tag are rejected.
- libopenarc - Unlikely memory leak after memory allocation failures.
- libopenarc - The installed pkg-config file is more correct.
- libopenarc - U-labels (domain labels encoded as UTF-8) are allowed in
d=ands=tags. - libopenarc -
arc_eom()propagates internal errors like memory allocation failure instead of marking the chain as failed. - libopenarc - Signature fields are wrapped at the configured margin.
- libopenarc - Header margin wrapping is more accurate and precise.
- libopenarc - Signatures with FWS after the tag-name are canonicalized correctly.
- milter - Use after free.
- milter - Unlikely division by zero.
- milter - Small memory leak during config loading.
- milter - The
Authentication-Resultsauthserv-id can contain UTF-8.
1.0.0 - 2024-10-18
No notable changes.
1.0.0rc0 - 2024-10-15
Changes since the last Trusted Domain Project release.
This release contains patches originally contributed by:
- Test suite.
- libopenarc - Support for custom resolvers.
- milter -
UMaskconfiguration option. - milter -
TestKeysconfiguration option. - milter -
PermitAuthenticationOverridesconfiguration option.
- OpenSSL < 1.0.0 is no longer supported. OpenSSL 3 with deprecated interfaces disabled is.
- libopenarc - The RFC 8617 limit of 50 ARC sets is respected.
- milter - Trace headers are inserted at index 0 instead of index 1.
- milter - Verify mode can be used without configuring signing-specific options.
- milter - The current ARC validation state is always added to
ARC-Authentication-Results.
- Multiple buffer overruns.
- libopenarc - The "t" flag on seals is optional.
- libopenarc -
arc_chain_custody_string()no longer returns an empty first field. - libopenarc - Previous ARC sets are still validated in sign mode.
- libopenarc - Key lookups respect the algorithm specified in the seal instead of always rejecting keys with "h=sha256".
- libopenarc -
arc_set_cv()can ignore attempts to set an invalid chain status. - libopenarc -
ARC-Authentication-Resultsnow uses "none" to indicate a lack of authentication results, as required by RFC 8601. - libopenarc -
ARC_QUERY_FILEis now usable. - libopenarc -
arc_header_field()will now reject invalid ASCII characters, as intended. - milter - Log messages about the chain validation state use human-readable strings for the state.
- milter - General overhaul of
Authentication-Resultsparsing andARC-Authentication-Resultsgeneration, fixing multiple issues. - milter - Removed incorrect reference count assertion.
- milter - Large ARC header sets are not truncated.
- milter -
MaximumHeadersconfiguration option now has an effect. - milter - Multiple arc
Authentication-Resultsfrom the local authserv-id no longer forces the chain to fail.