From: Jeremy Harris Date: Thu, 15 Feb 2018 21:32:30 +0000 (+0000) Subject: DANE: move to mainline X-Git-Tag: exim-4_91_RC1~51 X-Git-Url: https://vcs.fsf.org/?a=commitdiff_plain;h=c0635b6dfe65ee24c2fb8d165beabc608d2fd1a5;p=exim.git DANE: move to mainline --- diff --git a/doc/doc-docbook/spec.xfpt b/doc/doc-docbook/spec.xfpt index e237ce1f2..bb7e2cf97 100644 --- a/doc/doc-docbook/spec.xfpt +++ b/doc/doc-docbook/spec.xfpt @@ -12985,6 +12985,10 @@ and then set to the outgoing cipher suite if one is negotiated. See chapter &<>& for details of TLS support and chapter &<>& for details of the &(smtp)& transport. +.vitem &$tls_out_dane$& +.vindex &$tls_out_dane$& +DANE active status. See section &<>&. + .vitem &$tls_in_ocsp$& .vindex "&$tls_in_ocsp$&" When a message is received from a remote client connection @@ -13050,6 +13054,10 @@ During outbound SMTP deliveries, this variable reflects the value of the &%tls_sni%& option on the transport. +.vitem &$tls_out_tlsa_usage$& +.vindex &$tls_out_tlsa_usage$& +Bitfield of TLSA record types found. See section &<>&. + .vitem &$tod_bsdinbox$& .vindex "&$tod_bsdinbox$&" The time of day and the date, in the format required for BSD-style mailbox @@ -24201,6 +24209,17 @@ Exim will request a Certificate Status on a TLS session for any host that matches this list. &%tls_verify_certificates%& should also be set for the transport. +.new +.option hosts_require_dane smtp "host list&!!" unset +.cindex DANE "transport options" +.cindex DANE "requiring for certain servers" +If built with DANE support, Exim will require that a DNSSEC-validated +TLSA record is present for any host matching the list, +and that a DANE-verified TLS connection is made. +There will be no fallback to in-clear communication. +See section &<>&. +.wen + .option hosts_require_ocsp smtp "host list&!!" unset .cindex "TLS" "requiring for certain servers" Exim will request, and check for a valid Certificate Status being given, on a @@ -24230,6 +24249,18 @@ This option provides a list of servers to which, provided they announce CHUNKING support, Exim will attempt to use BDAT commands rather than DATA. BDAT will not be used in conjunction with a transport filter. +.new +.option hosts_try_dane smtp "host list&!!" unset +.cindex DANE "transport options" +.cindex DANE "attempting for certain servers" +If built with DANE support, Exim will lookup a +TLSA record for any host matching the list. +If found and verified by DNSSEC, +a DANE-verified TLS connection is made to that host; +there will be no fallback to in-clear communication. +See section &<>&. +.wen + .option hosts_try_fastopen smtp "host list&!!" unset .cindex "fast open, TCP" "enabling, in client" .cindex "TCP Fast Open" "enabling, in client" @@ -27986,6 +28017,124 @@ Open-source PKI book, available online at +.new +.section DANE "SECDANE" +.cindex DANE +DNS-based Authentication of Named Entities, as applied to SMTP over TLS, provides assurance to a client that +it is actually talking to the server it wants to rather than some attacker operating a Man In The Middle (MITM) +operation. The latter can terminate the TLS connection you make, and make another one to the server (so both +you and the server still think you have an encrypted connection) and, if one of the "well known" set of +Certificate Authorities has been suborned - something which *has* been seen already (2014), a verifiable +certificate (if you're using normal root CAs, eg. the Mozilla set, as your trust anchors). + +What DANE does is replace the CAs with the DNS as the trust anchor. The assurance is limited to a) the possibility +that the DNS has been suborned, b) mistakes made by the admins of the target server. The attack surface presented +by (a) is thought to be smaller than that of the set of root CAs. + +It also allows the server to declare (implicitly) that connections to it should use TLS. An MITM could simply +fail to pass on a server's STARTTLS. + +DANE scales better than having to maintain (and side-channel communicate) copies of server certificates +for every possible target server. It also scales (slightly) better than having to maintain on an SMTP +client a copy of the standard CAs bundle. It also means not having to pay a CA for certificates. + +DANE requires a server operator to do three things: 1) run DNSSEC. This provides assurance to clients +that DNS lookups they do for the server have not been tampered with. The domain MX record applying +to this server, its A record, its TLSA record and any associated CNAME records must all be covered by +DNSSEC. +2) add TLSA DNS records. These say what the server certificate for a TLS connection should be. +3) offer a server certificate, or certificate chain, in TLS connections which is traceable to the one +defined by (one of?) the TSLA records + +There are no changes to Exim specific to server-side operation of DANE. +Support for client-side operation of DANE can be included at compile time by defining SUPPORT_DANE=yes +in &_Local/Makefile_&. +If it has been included, the macro "_HAVE_DANE" will be defined. + +The TLSA record for the server may have "certificate usage" of DANE-TA(2) or DANE-EE(3). The latter specifies +the End Entity directly, i.e. the certificate involved is that of the server (and should be the sole one transmitted +during the TLS handshake); this is appropriate for a single system, using a self-signed certificate. +DANE-TA usage is effectively declaring a specific CA to be used; this might be a private CA or a public, +well-known one. A private CA at simplest is just a self-signed certificate which is used to sign +cerver certificates, but running one securely does require careful arrangement. If a private CA is used +then either all clients must be primed with it, or (probably simpler) the server TLS handshake must transmit +the entire certificate chain from CA to server-certificate. If a public CA is used then all clients must be primed with it +(losing one advantage of DANE) - but the attack surface is reduced from all public CAs to that single CA. +DANE-TA is commonly used for several services and/or servers, each having a TLSA query-domain CNAME record, +all of which point to a single TLSA record. + +The TLSA record should have a Selector field of SPKI(1) and a Matching Type field of SHA2-512(2). + +At the time of writing, &url(https://www.huque.com/bin/gen_tlsa) +is useful for quickly generating TLSA records; and commands like + +.code + openssl x509 -in -pubkey -noout /dev/null \ + | openssl sha512 \ + | awk '{print $2}' +.endd + +are workable for 4th-field hashes. + +For use with the DANE-TA model, server certificates must have a correct name (SubjectName or SubjectAltName). + +The use of OCSP-stapling should be considered, allowing for fast revocation of certificates (which would otherwise +be limited by the DNS TTL on the TLSA records). However, this is likely to only be usable with DANE-TA. NOTE: the +default of requesting OCSP for all hosts is modified iff DANE is in use, to: + +.code + hosts_request_ocsp = ${if or { {= {0}{$tls_out_tlsa_usage}} \ + {= {4}{$tls_out_tlsa_usage}} } \ + {*}{}} +.endd + +The (new) variable &$tls_out_tlsa_usage$& is a bitfield with numbered bits set for TLSA record usage codes. +The zero above means DANE was not in use, the four means that only DANE-TA usage TLSA records were +found. If the definition of &%hosts_request_ocsp%& includes the +string "tls_out_tlsa_usage", they are re-expanded in time to +control the OCSP request. + +This modification of hosts_request_ocsp is only done if it has the default value of "*". Admins who change it, and +those who use &%hosts_require_ocsp%&, should consider the interaction with DANE in their OCSP settings. + + +For client-side DANE there are two new smtp transport options, &%hosts_try_dane%& and &%hosts_require_dane%&. +The latter variant will result in failure if the target host is not DNSSEC-secured. + +DANE will only be usable if the target host has DNSSEC-secured MX, A and TLSA records. + +A TLSA lookup will be done if either of the above options match and the host-lookup succeeded using dnssec. +If a TLSA lookup is done and succeeds, a DANE-verified TLS connection +will be required for the host. If it does not, the host will not +be used; there is no fallback to non-DANE or non-TLS. + +If DANE is requested and useable (see above) the following transport options are ignored: +.code + hosts_require_tls + tls_verify_hosts + tls_try_verify_hosts + tls_verify_certificates + tls_crl + tls_verify_cert_hostnames +.endd + +If DANE is not usable, whether requested or not, and CA-anchored +verification evaluation is wanted, the above variables should be set appropriately. + +Currently the &%dnssec_request_domains%& must be active and &%dnssec_require_domains%& is ignored. + +If verification was successful using DANE then the "CV" item in the delivery log line will show as "CV=dane". + +There is a new variable &$tls_out_dane$& which will have "yes" if +verification succeeded using DANE and "no" otherwise (only useful +in combination with EXPERIMENTAL_EVENT), and a new variable &$tls_out_tlsa_usage$& (detailed above). + +Under GnuTLS, DANE is only supported from version 3.0.0 onwards. +.wen + + + . //////////////////////////////////////////////////////////////////////////// . //////////////////////////////////////////////////////////////////////////// @@ -36627,9 +36776,16 @@ specifies whether characters with values greater than 127 should be logged unchanged, or whether they should be rendered as escape sequences. .next .cindex "log" "certificate verification" +.cindex log DANE +.cindex DANE logging &%tls_certificate_verified%&: An extra item is added to <= and => log lines when TLS is in use. The item is &`CV=yes`& if the peer's certificate was -verified, and &`CV=no`& if not. +verified +.new +using a CA trust anchor, +&`CA=dane`& if using a DNS trust anchor, +.wen +and &`CV=no`& if not. .next .cindex "log" "TLS cipher" .cindex "TLS" "logging cipher" diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog index 370e1b7e7..988c509bb 100644 --- a/doc/doc-txt/ChangeLog +++ b/doc/doc-txt/ChangeLog @@ -103,6 +103,9 @@ JH/19 Speed up macro lookups during configuration file read, by skipping non- macro text after a replacement (previously it was only once per line) and by skipping builtin macros when searching for an uppercase lead character. +JH/20 DANE support moved from Experimental to mainline. The Makefile control + for the build is renamed. + Exim version 4.90 ----------------- diff --git a/doc/doc-txt/NewStuff b/doc/doc-txt/NewStuff index e123910c2..180f4b8a7 100644 --- a/doc/doc-txt/NewStuff +++ b/doc/doc-txt/NewStuff @@ -12,8 +12,8 @@ Version 4.91 1. Dual-certificate stacks on servers now support OCSP stapling, under GnuTLS version 3.5.6 or later. - 2. DANE is now supported under GnuTLS version 3.0.0 or later (adding to the - previous OpenSSL implementation, but still Experimental). + 2. DANE is now supported under GnuTLS version 3.0.0 or later. Both GnuTLS and + OpenSSL versions are moved to mainline support from Experimental. 3. Feature macros for the compiled-in set of malware scanner interfaces. diff --git a/doc/doc-txt/experimental-spec.txt b/doc/doc-txt/experimental-spec.txt index 855f9899a..d5140d58b 100644 --- a/doc/doc-txt/experimental-spec.txt +++ b/doc/doc-txt/experimental-spec.txt @@ -611,162 +611,6 @@ b. Configure, somewhere before the DATA ACL, the control option to -DANE ------------------------------------------------------------- -DNS-based Authentication of Named Entities, as applied -to SMTP over TLS, provides assurance to a client that -it is actually talking to the server it wants to rather -than some attacker operating a Man In The Middle (MITM) -operation. The latter can terminate the TLS connection -you make, and make another one to the server (so both -you and the server still think you have an encrypted -connection) and, if one of the "well known" set of -Certificate Authorities has been suborned - something -which *has* been seen already (2014), a verifiable -certificate (if you're using normal root CAs, eg. the -Mozilla set, as your trust anchors). - -What DANE does is replace the CAs with the DNS as the -trust anchor. The assurance is limited to a) the possibility -that the DNS has been suborned, b) mistakes made by the -admins of the target server. The attack surface presented -by (a) is thought to be smaller than that of the set -of root CAs. - -It also allows the server to declare (implicitly) that -connections to it should use TLS. An MITM could simply -fail to pass on a server's STARTTLS. - -DANE scales better than having to maintain (and -side-channel communicate) copies of server certificates -for every possible target server. It also scales -(slightly) better than having to maintain on an SMTP -client a copy of the standard CAs bundle. It also -means not having to pay a CA for certificates. - -DANE requires a server operator to do three things: -1) run DNSSEC. This provides assurance to clients -that DNS lookups they do for the server have not -been tampered with. The domain MX record applying -to this server, its A record, its TLSA record and -any associated CNAME records must all be covered by -DNSSEC. -2) add TLSA DNS records. These say what the server -certificate for a TLS connection should be. -3) offer a server certificate, or certificate chain, -in TLS connections which is traceable to the one -defined by (one of?) the TSLA records - -There are no changes to Exim specific to server-side -operation of DANE. - -The TLSA record for the server may have "certificate -usage" of DANE-TA(2) or DANE-EE(3). The latter specifies -the End Entity directly, i.e. the certificate involved -is that of the server (and should be the sole one transmitted -during the TLS handshake); this is appropriate for a -single system, using a self-signed certificate. - DANE-TA usage is effectively declaring a specific CA -to be used; this might be a private CA or a public, -well-known one. A private CA at simplest is just -a self-signed certificate which is used to sign -cerver certificates, but running one securely does -require careful arrangement. If a private CA is used -then either all clients must be primed with it, or -(probably simpler) the server TLS handshake must transmit -the entire certificate chain from CA to server-certificate. -If a public CA is used then all clients must be primed with it -(losing one advantage of DANE) - but the attack surface is -reduced from all public CAs to that single CA. -DANE-TA is commonly used for several services and/or -servers, each having a TLSA query-domain CNAME record, -all of which point to a single TLSA record. - -The TLSA record should have a Selector field of SPKI(1) -and a Matching Type field of SHA2-512(2). - -At the time of writing, https://www.huque.com/bin/gen_tlsa -is useful for quickly generating TLSA records; and commands like - - openssl x509 -in -pubkey -noout /dev/null \ - | openssl sha512 \ - | awk '{print $2}' - -are workable for 4th-field hashes. - -For use with the DANE-TA model, server certificates -must have a correct name (SubjectName or SubjectAltName). - -The use of OCSP-stapling should be considered, allowing -for fast revocation of certificates (which would otherwise -be limited by the DNS TTL on the TLSA records). However, -this is likely to only be usable with DANE-TA. NOTE: the -default of requesting OCSP for all hosts is modified iff -DANE is in use, to: - - hosts_request_ocsp = ${if or { {= {0}{$tls_out_tlsa_usage}} \ - {= {4}{$tls_out_tlsa_usage}} } \ - {*}{}} - -The (new) variable $tls_out_tlsa_usage is a bitfield with -numbered bits set for TLSA record usage codes. -The zero above means DANE was not in use, -the four means that only DANE-TA usage TLSA records were -found. If the definition of hosts_request_ocsp includes the -string "tls_out_tlsa_usage", they are re-expanded in time to -control the OCSP request. - -This modification of hosts_request_ocsp is only done if -it has the default value of "*". Admins who change it, and -those who use hosts_require_ocsp, should consider the interaction -with DANE in their OCSP settings. - - -For client-side DANE there are two new smtp transport options, -hosts_try_dane and hosts_require_dane. -[ should they be domain-based rather than host-based? ] - -Hosts_require_dane will result in failure if the target host -is not DNSSEC-secured. - -DANE will only be usable if the target host has DNSSEC-secured -MX, A and TLSA records. - -A TLSA lookup will be done if either of the above options match -and the host-lookup succeeded using dnssec. -If a TLSA lookup is done and succeeds, a DANE-verified TLS connection -will be required for the host. If it does not, the host will not -be used; there is no fallback to non-DANE or non-TLS. - -If DANE is requested and useable (see above) the following transport -options are ignored: - hosts_require_tls - tls_verify_hosts - tls_try_verify_hosts - tls_verify_certificates - tls_crl - tls_verify_cert_hostnames - -If DANE is not usable, whether requested or not, and CA-anchored -verification evaluation is wanted, the above variables should be set -appropriately. - -Currently dnssec_request_domains must be active (need to think about that) -and dnssec_require_domains is ignored. - -If verification was successful using DANE then the "CV" item -in the delivery log line will show as "CV=dane". - -There is a new variable $tls_out_dane which will have "yes" if -verification succeeded using DANE and "no" otherwise (only useful -in combination with EXPERIMENTAL_EVENT), and a new variable -$tls_out_tlsa_usage (detailed above). - -Under GnuTLS, DANE is only supported from versin 3.0.0 onwards - - - DSN extra information --------------------- If compiled with EXPERIMENTAL_DSN_INFO extra information will be added diff --git a/src/exim_monitor/em_globals.c b/src/exim_monitor/em_globals.c index e3e00c33b..50da58c82 100644 --- a/src/exim_monitor/em_globals.c +++ b/src/exim_monitor/em_globals.c @@ -220,7 +220,7 @@ tls_support tls_in = { -1, /* tls_active */ 0, /* bits */ FALSE, /* tls_certificate_verified */ -#ifdef EXPERIMENTAL_DANE +#ifdef SUPPORT_DANE FALSE, /* dane_verified */ 0, /* tlsa_usage */ #endif diff --git a/src/src/EDITME b/src/src/EDITME index 9dcd174ca..b1b9af2c6 100644 --- a/src/src/EDITME +++ b/src/src/EDITME @@ -363,6 +363,12 @@ PCRE_CONFIG=yes # PCRE_LIBS=-lpcre +#------------------------------------------------------------------------------ +# Uncomment the following line to add DANE support +# Note: Enabling this unconditionally overrides DISABLE_DNSSEC +# For DANE under GnuTLS we need an additional library. See TLS_LIBS below. +# SUPPORT_DANE=yes + #------------------------------------------------------------------------------ # Additional libraries and include directories may be required for some # lookup styles (e.g. LDAP, MYSQL or PGSQL). LOOKUP_LIBS is included only on @@ -443,7 +449,7 @@ DISABLE_MAL_MKS=yes # By default, Exim has support for checking the AD bit in a DNS response, to # determine if DNSSEC validation was successful. If your system libraries # do not support that bit, then set DISABLE_DNSSEC to "yes" -# Note: Enabling EXPERIMENTAL_DANE unconditionally overrides this setting. +# Note: Enabling SUPPORT_DANE unconditionally overrides this setting. # DISABLE_DNSSEC=yes @@ -488,11 +494,6 @@ DISABLE_MAL_MKS=yes # CFLAGS += -I/opt/brightmail/bsdk-6.0/include # LDFLAGS += -lxml2_single -lbmiclient_single -L/opt/brightmail/bsdk-6.0/lib -# Uncomment the following line to add DANE support -# Note: Enabling this unconditionally overrides DISABLE_DNSSEC -# For DANE under GnuTLS we need an additional library. See TLS_LIBS below. -# EXPERIMENTAL_DANE=yes - # Uncomment the following to include extra information in fail DSN message (bounces) # EXPERIMENTAL_DSN_INFO=yes diff --git a/src/src/config.h.defaults b/src/src/config.h.defaults index eddd02e50..2e6985aea 100644 --- a/src/src/config.h.defaults +++ b/src/src/config.h.defaults @@ -138,6 +138,7 @@ Do not put spaces between # and the 'define'. #define STRING_SPRINTF_BUFFER_SIZE (8192 * 4) #define SUPPORT_CRYPTEQ +#define SUPPORT_DANE #define SUPPORT_I18N #define SUPPORT_I18N_2008 #define SUPPORT_MAILDIR @@ -190,7 +191,6 @@ Do not put spaces between # and the 'define'. /* EXPERIMENTAL features */ #define EXPERIMENTAL_BRIGHTMAIL -#define EXPERIMENTAL_DANE #define EXPERIMENTAL_DCC #define EXPERIMENTAL_DSN_INFO #define EXPERIMENTAL_DMARC diff --git a/src/src/dane.c b/src/src/dane.c index b632d80dd..541e9cb02 100644 --- a/src/src/dane.c +++ b/src/src/dane.c @@ -24,7 +24,7 @@ reference itself to stop picky compilers complaining that it is unused, and put in a dummy argument to stop even pickier compilers complaining about infinite loops. */ -#ifndef EXPERIMENTAL_DANE +#ifndef SUPPORT_DANE static void dummy(int x) { dummy(x-1); } #else @@ -43,6 +43,6 @@ static void dummy(int x) { dummy(x-1); } # endif -#endif /* EXPERIMENTAL_DANE */ +#endif /* SUPPORT_DANE */ /* End of dane.c */ diff --git a/src/src/deliver.c b/src/src/deliver.c index 5c34b929c..255b4d9c9 100644 --- a/src/src/deliver.c +++ b/src/src/deliver.c @@ -817,7 +817,7 @@ if (LOGGING(tls_certificate_verified) && addr->cipher) s = string_append(s, 2, US" CV=", testflag(addr, af_cert_verified) ? -#ifdef EXPERIMENTAL_DANE +#ifdef SUPPORT_DANE testflag(addr, af_dane_verified) ? "dane" : @@ -1619,7 +1619,7 @@ if (result == OK) tls_out.cipher = addr->cipher; tls_out.peerdn = addr->peerdn; tls_out.ocsp = addr->ocsp; -# ifdef EXPERIMENTAL_DANE +# ifdef SUPPORT_DANE tls_out.dane_verified = testflag(addr, af_dane_verified); # endif #endif @@ -1632,7 +1632,7 @@ if (result == OK) tls_out.cipher = NULL; tls_out.peerdn = NULL; tls_out.ocsp = OCSP_NOT_REQ; -# ifdef EXPERIMENTAL_DANE +# ifdef SUPPORT_DANE tls_out.dane_verified = FALSE; # endif #endif @@ -4785,7 +4785,7 @@ all pipes, so I do not see a reason to use non-blocking IO here /* The certificate verification status goes into the flags */ if (tls_out.certificate_verified) setflag(addr, af_cert_verified); -#ifdef EXPERIMENTAL_DANE +#ifdef SUPPORT_DANE if (tls_out.dane_verified) setflag(addr, af_dane_verified); #endif diff --git a/src/src/exim.c b/src/src/exim.c index fe1b1c19d..f95c10747 100644 --- a/src/src/exim.c +++ b/src/src/exim.c @@ -832,6 +832,9 @@ fprintf(f, "Support for:"); #ifdef WITH_CONTENT_SCAN fprintf(f, " Content_Scanning"); #endif +#ifdef SUPPORT_DANE + fprintf(f, " DANE"); +#endif #ifndef DISABLE_DKIM fprintf(f, " DKIM"); #endif @@ -875,9 +878,6 @@ fprintf(f, "Support for:"); #ifdef EXPERIMENTAL_BRIGHTMAIL fprintf(f, " Experimental_Brightmail"); #endif -#ifdef EXPERIMENTAL_DANE - fprintf(f, " Experimental_DANE"); -#endif #ifdef EXPERIMENTAL_DCC fprintf(f, " Experimental_DCC"); #endif diff --git a/src/src/exim.h b/src/src/exim.h index c272a0147..54e8d002d 100644 --- a/src/src/exim.h +++ b/src/src/exim.h @@ -593,7 +593,7 @@ default to EDQUOT if it exists, otherwise ENOSPC. */ #endif /* DANE w/o DNSSEC is useless */ -#if defined(EXPERIMENTAL_DANE) && defined(DISABLE_DNSSEC) +#if defined(SUPPORT_DANE) && defined(DISABLE_DNSSEC) # undef DISABLE_DNSSEC #endif diff --git a/src/src/expand.c b/src/src/expand.c index aaeec24b4..de38e3acb 100644 --- a/src/src/expand.c +++ b/src/src/expand.c @@ -738,7 +738,7 @@ static var_entry var_table[] = { { "tls_out_bits", vtype_int, &tls_out.bits }, { "tls_out_certificate_verified", vtype_int,&tls_out.certificate_verified }, { "tls_out_cipher", vtype_stringptr, &tls_out.cipher }, -#ifdef EXPERIMENTAL_DANE +#ifdef SUPPORT_DANE { "tls_out_dane", vtype_bool, &tls_out.dane_verified }, #endif { "tls_out_ocsp", vtype_int, &tls_out.ocsp }, @@ -748,7 +748,7 @@ static var_entry var_table[] = { #if defined(SUPPORT_TLS) { "tls_out_sni", vtype_stringptr, &tls_out.sni }, #endif -#ifdef EXPERIMENTAL_DANE +#ifdef SUPPORT_DANE { "tls_out_tlsa_usage", vtype_int, &tls_out.tlsa_usage }, #endif diff --git a/src/src/functions.h b/src/src/functions.h index 00da0cf20..6dc3e4973 100644 --- a/src/src/functions.h +++ b/src/src/functions.h @@ -46,7 +46,7 @@ extern uschar * tls_cert_fprt_sha256(void *); extern int tls_client_start(int, host_item *, address_item *, transport_instance *, -# ifdef EXPERIMENTAL_DANE +# ifdef SUPPORT_DANE dns_answer *, # endif uschar **); @@ -73,7 +73,7 @@ extern BOOL tls_openssl_options_parse(uschar *, long *); extern uschar * tls_field_from_dn(uschar *, const uschar *); extern BOOL tls_is_name_for_cert(const uschar *, void *); -# ifdef EXPERIMENTAL_DANE +# ifdef SUPPORT_DANE extern int tlsa_lookup(const host_item *, dns_answer *, BOOL); # endif diff --git a/src/src/globals.c b/src/src/globals.c index bcc2a7a32..7e228d098 100644 --- a/src/src/globals.c +++ b/src/src/globals.c @@ -104,7 +104,7 @@ tls_support tls_in = { .active = -1, .bits = 0, .certificate_verified = FALSE, -#ifdef EXPERIMENTAL_DANE +#ifdef SUPPORT_DANE .dane_verified = FALSE, .tlsa_usage = 0, #endif @@ -121,7 +121,7 @@ tls_support tls_out = { .active = -1, .bits = 0, .certificate_verified = FALSE, -#ifdef EXPERIMENTAL_DANE +#ifdef SUPPORT_DANE .dane_verified = FALSE, .tlsa_usage = 0, #endif @@ -688,7 +688,7 @@ BOOL dmarc_enable_forensic = FALSE; uschar *dns_again_means_nonexist = NULL; int dns_csa_search_limit = 5; BOOL dns_csa_use_reverse = TRUE; -#ifdef EXPERIMENTAL_DANE +#ifdef SUPPORT_DANE int dns_dane_ok = -1; #endif uschar *dns_ipv4_lookup = NULL; diff --git a/src/src/globals.h b/src/src/globals.h index d6bc96a83..b5cb6407b 100644 --- a/src/src/globals.h +++ b/src/src/globals.h @@ -83,7 +83,7 @@ typedef struct { int active; /* fd/socket when in a TLS session */ int bits; /* bits used in TLS session */ BOOL certificate_verified; /* Client certificate verified */ -#ifdef EXPERIMENTAL_DANE +#ifdef SUPPORT_DANE BOOL dane_verified; /* ... via DANE */ int tlsa_usage; /* TLSA record(s) usage */ #endif @@ -414,7 +414,7 @@ extern uschar *dns_again_means_nonexist; /* Domains that are badly set up */ extern int dns_csa_search_limit; /* How deep to search for CSA SRV records */ extern BOOL dns_csa_use_reverse; /* Check CSA in reverse DNS? (non-standard) */ extern uschar *dns_ipv4_lookup; /* For these domains, don't look for AAAA (or A6) */ -#ifdef EXPERIMENTAL_DANE +#ifdef SUPPORT_DANE extern int dns_dane_ok; /* Ok to use DANE when checking TLS authenticity */ #endif extern int dns_retrans; /* Retransmission time setting */ diff --git a/src/src/macro_predef.c b/src/src/macro_predef.c index 0d70826bb..601ceef66 100644 --- a/src/src/macro_predef.c +++ b/src/src/macro_predef.c @@ -183,7 +183,7 @@ due to conflicts with other common macros. */ #ifdef EXPERIMENTAL_BRIGHTMAIL builtin_macro_create(US"_HAVE_BRIGHTMAIL"); #endif -#ifdef EXPERIMENTAL_DANE +#ifdef SUPPORT_DANE builtin_macro_create(US"_HAVE_DANE"); #endif #ifdef EXPERIMENTAL_DCC diff --git a/src/src/spool_in.c b/src/src/spool_in.c index d8272aa09..c8ddffe41 100644 --- a/src/src/spool_in.c +++ b/src/src/spool_in.c @@ -302,7 +302,7 @@ dkim_collect_input = FALSE; #ifdef SUPPORT_TLS tls_in.certificate_verified = FALSE; -# ifdef EXPERIMENTAL_DANE +# ifdef SUPPORT_DANE tls_in.dane_verified = FALSE; # endif tls_in.cipher = NULL; diff --git a/src/src/structs.h b/src/src/structs.h index dfe5685e6..29dee2dbe 100644 --- a/src/src/structs.h +++ b/src/src/structs.h @@ -620,7 +620,7 @@ typedef struct address_item { #endif BOOL af_chunking_used:1; /* delivery used SMTP CHUNKING */ BOOL af_force_command:1; /* force_command in pipe transport */ -#ifdef EXPERIMENTAL_DANE +#ifdef SUPPORT_DANE BOOL af_dane_verified:1; /* TLS cert verify done with DANE */ #endif #ifdef SUPPORT_I18N diff --git a/src/src/tls-gnu.c b/src/src/tls-gnu.c index b5bf17be6..dab96974c 100644 --- a/src/src/tls-gnu.c +++ b/src/src/tls-gnu.c @@ -66,13 +66,17 @@ require current GnuTLS, then we'll drop support for the ancient libraries). #if GNUTLS_VERSION_NUMBER >= 0x030506 && !defined(DISABLE_OCSP) # define SUPPORT_SRV_OCSP_STACK #endif -#if GNUTLS_VERSION_NUMBER >= 0x030000 && defined(EXPERIMENTAL_DANE) -# define SUPPORT_DANE -# define DANESSL_USAGE_DANE_TA 2 -# define DANESSL_USAGE_DANE_EE 3 -#endif -#if GNUTLS_VERSION_NUMBER < 0x999999 && defined(EXPERIMENTAL_DANE) -# define GNUTLS_BROKEN_DANE_VALIDATION + +#ifdef SUPPORT_DANE +# if GNUTLS_VERSION_NUMBER >= 0x030000 +# define DANESSL_USAGE_DANE_TA 2 +# define DANESSL_USAGE_DANE_EE 3 +# else +# error GnuTLS version too early for DANE +# endif +# if GNUTLS_VERSION_NUMBER < 0x999999 +# define GNUTLS_BROKEN_DANE_VALIDATION +# endif #endif #ifndef DISABLE_OCSP @@ -2249,7 +2253,7 @@ int tls_client_start(int fd, host_item *host, address_item *addr ARG_UNUSED, transport_instance * tb, -#ifdef EXPERIMENTAL_DANE +#ifdef SUPPORT_DANE dns_answer * tlsa_dnsa, #endif uschar ** errstr) diff --git a/src/src/tls-openssl.c b/src/src/tls-openssl.c index 7a3ca81c2..71d748f5c 100644 --- a/src/src/tls-openssl.c +++ b/src/src/tls-openssl.c @@ -28,7 +28,7 @@ functions from the OpenSSL library. */ #ifndef DISABLE_OCSP # include #endif -#ifdef EXPERIMENTAL_DANE +#ifdef SUPPORT_DANE # include "danessl.h" #endif @@ -512,7 +512,7 @@ return verify_callback(preverify_ok, x509ctx, &tls_in, } -#ifdef EXPERIMENTAL_DANE +#ifdef SUPPORT_DANE /* This gets called *by* the dane library verify callback, which interposes itself. @@ -566,7 +566,7 @@ else return preverify_ok; } -#endif /*EXPERIMENTAL_DANE*/ +#endif /*SUPPORT_DANE*/ /************************************************* @@ -1996,7 +1996,7 @@ if (expciphers) optional, set up appropriately. */ tls_in.certificate_verified = FALSE; -#ifdef EXPERIMENTAL_DANE +#ifdef SUPPORT_DANE tls_in.dane_verified = FALSE; #endif server_verify_callback_called = FALSE; @@ -2155,7 +2155,7 @@ return OK; } -#ifdef EXPERIMENTAL_DANE +#ifdef SUPPORT_DANE static int dane_tlsa_load(SSL * ssl, host_item * host, dns_answer * dnsa, uschar ** errstr) { @@ -2210,7 +2210,7 @@ if (found) log_write(0, LOG_MAIN, "DANE error: No usable TLSA records"); return DEFER; } -#endif /*EXPERIMENTAL_DANE*/ +#endif /*SUPPORT_DANE*/ @@ -2236,7 +2236,7 @@ Returns: OK on success int tls_client_start(int fd, host_item *host, address_item *addr, transport_instance * tb, -#ifdef EXPERIMENTAL_DANE +#ifdef SUPPORT_DANE dns_answer * tlsa_dnsa, #endif uschar ** errstr) @@ -2253,13 +2253,13 @@ BOOL request_ocsp = FALSE; BOOL require_ocsp = FALSE; #endif -#ifdef EXPERIMENTAL_DANE +#ifdef SUPPORT_DANE tls_out.tlsa_usage = 0; #endif #ifndef DISABLE_OCSP { -# ifdef EXPERIMENTAL_DANE +# ifdef SUPPORT_DANE if ( tlsa_dnsa && ob->hosts_request_ocsp[0] == '*' && ob->hosts_request_ocsp[1] == '\0' @@ -2277,7 +2277,7 @@ tls_out.tlsa_usage = 0; verify_check_given_host(&ob->hosts_require_ocsp, host) == OK)) request_ocsp = TRUE; else -# ifdef EXPERIMENTAL_DANE +# ifdef SUPPORT_DANE if (!request_ocsp) # endif request_ocsp = @@ -2313,7 +2313,7 @@ if (expciphers) return tls_error(US"SSL_CTX_set_cipher_list", host, NULL, errstr); } -#ifdef EXPERIMENTAL_DANE +#ifdef SUPPORT_DANE if (tlsa_dnsa) { SSL_CTX_set_verify(client_ctx, @@ -2361,7 +2361,7 @@ if (ob->tls_sni) } } -#ifdef EXPERIMENTAL_DANE +#ifdef SUPPORT_DANE if (tlsa_dnsa) if ((rc = dane_tlsa_load(client_ssl, host, tlsa_dnsa, errstr)) != OK) return rc; @@ -2370,7 +2370,7 @@ if (tlsa_dnsa) #ifndef DISABLE_OCSP /* Request certificate status at connection-time. If the server does OCSP stapling we will get the callback (set in tls_init()) */ -# ifdef EXPERIMENTAL_DANE +# ifdef SUPPORT_DANE if (request_ocsp) { const uschar * s; @@ -2407,7 +2407,7 @@ alarm(ob->command_timeout); rc = SSL_connect(client_ssl); alarm(0); -#ifdef EXPERIMENTAL_DANE +#ifdef SUPPORT_DANE if (tlsa_dnsa) DANESSL_cleanup(client_ssl); #endif diff --git a/src/src/transports/smtp.c b/src/src/transports/smtp.c index 1d78f2195..38660f797 100644 --- a/src/src/transports/smtp.c +++ b/src/src/transports/smtp.c @@ -105,7 +105,7 @@ optionlist smtp_transport_options[] = { { "hosts_require_auth", opt_stringptr, (void *)offsetof(smtp_transport_options_block, hosts_require_auth) }, #ifdef SUPPORT_TLS -# ifdef EXPERIMENTAL_DANE +# ifdef SUPPORT_DANE { "hosts_require_dane", opt_stringptr, (void *)offsetof(smtp_transport_options_block, hosts_require_dane) }, # endif @@ -120,7 +120,7 @@ optionlist smtp_transport_options[] = { (void *)offsetof(smtp_transport_options_block, hosts_try_auth) }, { "hosts_try_chunking", opt_stringptr, (void *)offsetof(smtp_transport_options_block, hosts_try_chunking) }, -#if defined(SUPPORT_TLS) && defined(EXPERIMENTAL_DANE) +#if defined(SUPPORT_TLS) && defined(SUPPORT_DANE) { "hosts_try_dane", opt_stringptr, (void *)offsetof(smtp_transport_options_block, hosts_try_dane) }, #endif @@ -219,7 +219,7 @@ smtp_transport_options_block smtp_transport_option_defaults = { .hosts_try_auth = NULL, .hosts_require_auth = NULL, .hosts_try_chunking = US"*", -#ifdef EXPERIMENTAL_DANE +#ifdef SUPPORT_DANE .hosts_try_dane = NULL, .hosts_require_dane = NULL, #endif @@ -1190,7 +1190,7 @@ return FALSE; -#ifdef EXPERIMENTAL_DANE +#ifdef SUPPORT_DANE /* Lookup TLSA record for host/port. Return: OK success with dnssec; DANE mode DEFER Do not use this host now, may retry later @@ -1490,7 +1490,7 @@ Returns: OK - the connection was made and the delivery attempted; int smtp_setup_conn(smtp_context * sx, BOOL suppress_tls) { -#if defined(SUPPORT_TLS) && defined(EXPERIMENTAL_DANE) +#if defined(SUPPORT_TLS) && defined(SUPPORT_DANE) dns_answer tlsa_dnsa; #endif BOOL pass_message = FALSE; @@ -1512,7 +1512,7 @@ sx->esmtp_sent = FALSE; sx->utf8_needed = FALSE; #endif sx->dsn_all_lasthop = TRUE; -#if defined(SUPPORT_TLS) && defined(EXPERIMENTAL_DANE) +#if defined(SUPPORT_TLS) && defined(SUPPORT_DANE) sx->dane = FALSE; sx->dane_required = verify_check_given_host(&sx->ob->hosts_require_dane, sx->host) == OK; #endif @@ -1586,7 +1586,7 @@ if (!continue_hostname) smtp_port_for_connect(sx->host, sx->port); -#if defined(SUPPORT_TLS) && defined(EXPERIMENTAL_DANE) +#if defined(SUPPORT_TLS) && defined(SUPPORT_DANE) /* Do TLSA lookup for DANE */ { tls_out.dane_verified = FALSE; @@ -1936,7 +1936,7 @@ if ( smtp_peer_options & OPTION_TLS address_item * addr; uschar * errstr; int rc = tls_client_start(sx->inblock.sock, sx->host, sx->addrlist, sx->tblock, -# ifdef EXPERIMENTAL_DANE +# ifdef SUPPORT_DANE sx->dane ? &tlsa_dnsa : NULL, # endif &errstr); @@ -1947,7 +1947,7 @@ if ( smtp_peer_options & OPTION_TLS if (rc != OK) { -# ifdef EXPERIMENTAL_DANE +# ifdef SUPPORT_DANE if (sx->dane) log_write(0, LOG_MAIN, "DANE attempt failed; TLS connection to %s [%s]: %s", sx->host->name, sx->host->address, errstr); @@ -2034,7 +2034,7 @@ if (tls_out.active >= 0) have one. */ else if ( sx->smtps -# ifdef EXPERIMENTAL_DANE +# ifdef SUPPORT_DANE || sx->dane # endif || verify_check_given_host(&sx->ob->hosts_require_tls, sx->host) == OK diff --git a/src/src/transports/smtp.h b/src/src/transports/smtp.h index 33c5aaf03..14c0c7556 100644 --- a/src/src/transports/smtp.h +++ b/src/src/transports/smtp.h @@ -29,7 +29,7 @@ typedef struct { uschar *hosts_try_auth; uschar *hosts_require_auth; uschar *hosts_try_chunking; -#ifdef EXPERIMENTAL_DANE +#ifdef SUPPORT_DANE uschar *hosts_try_dane; uschar *hosts_require_dane; #endif @@ -115,7 +115,7 @@ typedef struct { BOOL utf8_needed:1; #endif BOOL dsn_all_lasthop:1; -#if defined(SUPPORT_TLS) && defined(EXPERIMENTAL_DANE) +#if defined(SUPPORT_TLS) && defined(SUPPORT_DANE) BOOL dane:1; BOOL dane_required:1; #endif diff --git a/test/scripts/5800-DANE/REQUIRES b/test/scripts/5800-DANE/REQUIRES index e6a22bec3..491153ad2 100644 --- a/test/scripts/5800-DANE/REQUIRES +++ b/test/scripts/5800-DANE/REQUIRES @@ -1,2 +1,2 @@ -support Experimental_DANE +support DANE lookup dnsdb diff --git a/test/scripts/5820-DANE-GnuTLS/REQUIRES b/test/scripts/5820-DANE-GnuTLS/REQUIRES index 4234c92f8..d60899399 100644 --- a/test/scripts/5820-DANE-GnuTLS/REQUIRES +++ b/test/scripts/5820-DANE-GnuTLS/REQUIRES @@ -1,3 +1,3 @@ -support Experimental_DANE +support DANE support GnuTLS running IPv4 diff --git a/test/scripts/5840-DANE-OpenSSL/REQUIRES b/test/scripts/5840-DANE-OpenSSL/REQUIRES index 59cb7dc91..6f71dc82d 100644 --- a/test/scripts/5840-DANE-OpenSSL/REQUIRES +++ b/test/scripts/5840-DANE-OpenSSL/REQUIRES @@ -1,3 +1,3 @@ -support Experimental_DANE +support DANE support OpenSSL running IPv4 diff --git a/test/scripts/5860-DANE-OpenSSL-events/REQUIRES b/test/scripts/5860-DANE-OpenSSL-events/REQUIRES index ca172cfad..6f57c635d 100644 --- a/test/scripts/5860-DANE-OpenSSL-events/REQUIRES +++ b/test/scripts/5860-DANE-OpenSSL-events/REQUIRES @@ -1,4 +1,4 @@ -support Experimental_DANE +support DANE support Event support OpenSSL running IPv4