Commit Graph

46 Commits

Author SHA1 Message Date
David Goulet
50feac9298
Update version to v2.1.0
Signed-off-by: David Goulet <dgoulet@riseup.net>
2017-03-17 12:43:49 -04:00
David Goulet
146993d0f4
Fix an overflow validation
The transition from assert() to if() used the wrong comparaison making
the plugin to not work.

Fixes #10

Signed-off-by: David Goulet <dgoulet@riseup.net>
2017-03-17 12:38:43 -04:00
elijah
006059c8a4 Merge branch 'master' into 'master'
unbreak link to scrambler in README.md (caused 404)

See merge request !2
2017-02-18 07:42:24 +00:00
David Goulet
84c0978a3e Update version to v2.0.0
Signed-off-by: David Goulet <dgoulet@riseup.net>
2017-02-17 15:13:52 -05:00
David Goulet
2d77a432a3 Don't use assert() for an overflow check
assert() can be removed so let's not rely on that to detect the possible
overflow.

Signed-off-by: David Goulet <dgoulet@riseup.net>
2017-02-17 14:27:57 -05:00
David Goulet
619b7e463a Use SSIZE_MAX in trees_ostream_send_chunk() check
The overflow check should use SSIZE_MAX since the function returns the
chunk_size of size_t which in theory "could be" bigger but in practice
very unlikely.

Reported-by: Tomasz Miąsko <tomasz.miasko@gmail.com>
Signed-off-by: David Goulet <dgoulet@riseup.net>
2017-02-17 14:24:55 -05:00
David Goulet
5a81de94f2 Handle error code in trees_ostream_send_header()
Properly handle the returned value of o_stream_send() so we make sure
the entire header was sent else error on that.

Reported-by: Tomasz Miąsko <tomasz.miasko@gmail.com>
Signed-off-by: David Goulet <dgoulet@riseup.net>
2017-02-17 14:20:29 -05:00
David Goulet
6838535f3a Handle error code in trees_ostream_send_chunk()
In trees_ostream_send_chunk result of o_stream_send was not checked for
errors, and function always returns chunk_size it was given. Instead,
properly set the errno value from the parent stream and return an error.

Reported-by: Tomasz Miąsko <tomasz.miasko@gmail.com>
Signed-off-by: David Goulet <dgoulet@riseup.net>
2017-02-17 14:20:29 -05:00
David Goulet
e9c4588659 Remove buggy use of trees_password_fd
Tomasz Miąsko reported multiple issues with the trees_read_line_fd using
the trees_password_fd field. It is currently unused which used to be
used by the unit tests and dovadm in the Posteo scrambler plugin.

The issues are:

    In trees_read_line_fd(), this check is bad:

        if (bytes_read > MAXIMAL_PASSWORD_LENGTH)

    Currently it is incorrect because when "bytes_read >
    MAXIMAL_PASSWORD_LENGTH" is true, then buffer capacity is already
    exceeded (or just right if you take into account one byte slack
    allocated in str_new for terminating null). Moreover, the buffer
    will be overrun by one more byte in "pointer[0] = 0;" after leaving
    the loop.

Reported-by: Tomasz Miąsko <tomasz.miasko@gmail.com>
Signed-off-by: David Goulet <dgoulet@riseup.net>
2017-02-17 14:20:29 -05:00
Christian
4acea66ade unbreak link to scrambler in README.md (caused 404) 2017-02-17 13:11:27 +00:00
David Goulet
300f0dbf69 Rename project from tofu-scrambler to trees
Signed-off-by: David Goulet <dgoulet@riseup.net>
2017-02-12 13:19:45 -05:00
David Goulet
cc076fec13 Fix README with compile instruction
Signed-off-by: David Goulet <dgoulet@riseup.net>
2017-02-06 20:15:45 -05:00
David Goulet
41d9edec47 Update README with latest info
Signed-off-by: David Goulet <dgoulet@riseup.net>
2017-02-06 18:57:11 -05:00
David Goulet
02de935b88 Update author and remove uneeded CONTRIBUTORS file
Signed-off-by: David Goulet <dgoulet@ev0ke.net>
2017-02-06 18:52:39 -05:00
David Goulet
c3b35b51b7 Massive cleanup of unused files
Those files were useful for the old scrambler version made by Posteo
found here https://github.com/posteo/scrambler-plugin.

Now, the plugin has considerably changed thus all those aren't needed
anymore.

Signed-off-by: David Goulet <dgoulet@ev0ke.net>
2017-02-06 18:45:56 -05:00
David Goulet
86087de471 Handle missing switch case found by GCC
Signed-off-by: David Goulet <dgoulet@ev0ke.net>
2017-02-06 18:43:09 -05:00
David Goulet
c68e3a9772 Add autoconf support for a proper build system
Signed-off-by: David Goulet <dgoulet@ev0ke.net>
2017-02-06 18:40:31 -05:00
David Goulet
754ac580a7 Validate the version from the header
Signed-off-by: David Goulet <dgoulet@ev0ke.net>
2017-01-25 11:58:55 -05:00
David Goulet
b89c16a077 Actually write the version in the email header
Signed-off-by: David Goulet <dgoulet@ev0ke.net>
2017-01-23 19:57:02 -05:00
David Goulet
b4b348a430 Add version capability
This version is extracted from the user data and put in the email header
but currently not used at all.

Future version will probably use it in order to do different actions
based on that value.

Currently version should be a 1.

Signed-off-by: David Goulet <dgoulet@ev0ke.net>
2017-01-20 14:40:00 -05:00
micah
f7fb97a364 Merge branch 'feature/tofu-create' into 'master'
added tofu-create script, for testing purposes

See merge request !1
2016-12-19 15:47:39 +00:00
elijah
15a583c0aa fix typos in README.md 2016-12-15 10:35:39 -08:00
elijah
17d04e75f4 updated README.md 2016-12-15 10:20:43 -08:00
David Goulet
95302087ee Don't check private key if detecting header
Signed-off-by: David Goulet <dgoulet@ev0ke.net>
2016-12-10 11:37:41 -05:00
David Goulet
7ae2ab49ba Pass a NULL pointer if no private key set
Signed-off-by: David Goulet <dgoulet@ev0ke.net>
2016-12-08 19:50:56 -05:00
David Goulet
47eded2b2b Extra protection on the private key when decrypting
Signed-off-by: David Goulet <dgoulet@ev0ke.net>
2016-12-08 19:33:41 -05:00
David Goulet
1acf27e3dc Don't fail if private key not found. Also, set errno on decrypt error
Signed-off-by: David Goulet <dgoulet@ev0ke.net>
2016-12-08 19:25:10 -05:00
David Goulet
8f64f478fd Really fix the enabled flag
Signed-off-by: David Goulet <dgoulet@ev0ke.net>
2016-12-08 18:59:29 -05:00
elijah
9ce3fb6691 added tofu-create script, for testing purposes 2016-12-08 15:34:49 -08:00
David Goulet
c4f48ffde0 Actually check for a disabled user
Signed-off-by: David Goulet <dgoulet@ev0ke.net>
2016-12-08 15:14:39 -05:00
David Goulet
ac14d7f325 Enable flag has to be signed to detect errors
Signed-off-by: David Goulet <dgoulet@ev0ke.net>
2016-12-08 14:58:05 -05:00
David Goulet
5562850d45 Remove unused OpenSSL header file include
Signed-off-by: David Goulet <dgoulet@ev0ke.net>
2016-12-08 14:38:49 -05:00
David Goulet
36ce2bbec3 Massive amount of fixes
At this commit, the plugin is in theory working correctly and has been
minimally tested.

Lots of work has been done in a debug branch and this commit merges all the
fixes at once as we are still consider in development at this stage.

Signed-off-by: David Goulet <dgoulet@ev0ke.net>
2016-12-07 16:52:19 -05:00
David Goulet
5623337b21 Skip private key if no user password
Signed-off-by: David Goulet <dgoulet@ev0ke.net>
2016-11-25 13:42:09 -05:00
David Goulet
5c9c2b9be5 Implement private key unlocked by password
This commit implements ticket #2 but is missing documentation and not been
tested.

Signed-off-by: David Goulet <dgoulet@ev0ke.net>
2016-11-24 14:40:31 -05:00
David Goulet
06f2f17981 Use libsodium memzero function to wipe private key
Signed-off-by: David Goulet <dgoulet@ev0ke.net>
2016-11-10 10:37:19 -05:00
David Goulet
9b01cb760d Use libsodium crypto box and dump OpenSSL RSA/AES
Signed-off-by: David Goulet <dgoulet@ev0ke.net>
2016-11-09 17:14:04 -05:00
David Goulet
6b6ba91254 Beautify the rest of the code base
Signed-off-by: David Goulet <dgoulet@ev0ke.net>
2016-11-09 15:46:15 -05:00
David Goulet
90c7ce691d Beautify scrambler-plugin.c
Signed-off-by: David Goulet <dgoulet@ev0ke.net>
2016-11-09 13:34:08 -05:00
Philipp Brüll
cf23c9998f updated dovecot version in readme 2016-02-01 11:15:37 +01:00
Philipp Brüll
c0cbefd97c extended readme 2016-02-01 10:39:26 +01:00
Philipp Brüll
a7b074a5ec worked on tests 2015-04-13 16:25:17 +02:00
Philipp Brüll
ae592c6aef fixed test suite 2015-04-13 14:57:22 +02:00
Philipp Brüll
229c85afc2 extended makefile to include dovecot build instructions 2015-04-13 12:36:28 +02:00
Philipp Brüll
20d3258f3d extended makefile 2015-04-13 11:01:31 +02:00
Philipp Brüll
53d49d6d6b first release 2015-04-10 11:44:28 +02:00