zorp 3.0.14c Fri, 07 Feb 2007 09:40:32 +0100 Changes since 3.0.14 Core: * Fixed default location of policy and various python files. VBuster: * Fixed default location for VBuster 4.2 database files. zorp 3.0.14 Wed, 17 Jan 2007 14:33:37 +0100 Changes since 3.0.13 Core: * Fixed a race condition triggered mostly on SMP with high load, causing an abnormal program termination. Http: * Support the 125 status code from FTP servers to confirm data channels. * Added a new parameter named timeout_response which applies to reading the first part of HTTP responses. VBuster: * Added support for VirusBuster 4.3 engine. Mime: * Fixed zero-timeout setting for a stream used internally when messages are processed. This could result in mail data loss at high load. zorp 3.0.13 Fri, 04 Aug 2006 15:05:09 +0200 Changes since 3.0.12 Http: * Fixed a possible interoperability problem with Firefox 1.5.0.4 and possibly later when the proxy forces a HTTP/1.0 response to chunked mode. * Fixed displaying the error page when the request content is rejected. Mime: * Changed a misleading log message about exceeding the overall header size limit to: 'Header is too long'. Imap: * Exceeding of username/password length limit in command AUTHENTICATE now produces an error towards the client instead of terminating the connection. * Handling of special characters in imap atoms like username/password improved * Support for IMAP request 'SEARCH HEADER fieldname fieldvalue' enhanced to support arbitrary fields, too. zorp 3.0.12 Fri, 07 Jul 2006 14:20:34 +0200 Changes since 3.0.11 Core: * Added more robust handling of failed thread creation. * Fixed authentication cache behavior for inband authentication. * Fixed a blob bookkeeping problem that caused blob-using proxies to stall when reaching the blob limit. Pssl: * Use inter-instance locking on the KeyBridge database to make it possible to use the same KeyBridge objects in multiple instances. Http: * Fixed an interoperability problem with HTTP/0.9 webservers when keep_persistent was set to TRUE. * Allow an entity to be transmitted with 205 response code. SQLNet: * Added support for inband routing with connect strings lacking an ADDRESS_LIST element. Ftp: * Added answer code 250 to the set of accepted answers for the CDUP command. TFtp: * Fixed handling the last packet in the tftp conversation. Rsh: * Fixed a possible abnormal program termination when the client dropped the connection before completing the handshake. Smtp: * Fixed a possible memory leak that affects policies where the same entry of the response hash is written multiple times. zorp 3.0.11 Mon, 06 Mar 2006 13:50:35 +0100 Changes since 3.0.9 Mime: * Fixed attachement counting problem causing attachements to be silently dropped. * Reverted error action default to ACCEPT what changed in version 3.0.9 by accident. * Fixed a header parsing problem. Pssl: * Fixed cached key validation as Zorp always regenerated all certificates. zorp 3.0.9 Fri, 10 Feb 2006 15:17:22 +0100 Changes since 3.0.8 Core: * Fixed a race condition possibly causing abnormal program termination if the threaded parameter for one or more Listeners is enabled. * Fixed a race condition in the fastpath setup code possibly causing abnormal program termination under high load. * Added group handling to inband authentication. * Fixed a possible abnormal program termination when using inband authentication (applies to 3.0.8 only). * Fixed possible memory leak in inband authentication. * Fixed a possible memory leak when Certificate Revocation List revocation was performed was in use (requires libzorpll 3.0.6.5). * Added possibility to defer inband authentication to stacked proxies by setting the auth_inband_defer class attribute to TRUE. Mime: * Customisable handling of MIME format errors added. * Fixed a possible memory leak when starting a stacked proxy fails and also fixed a possible failure in starting stacked proxies. Pop3: * Fixed a possible memory leak when stack decision was made by the policy level. Smtp: * Added some more detailed log messages about sender/recipient addresses. * Take the value of the error_soft attribute into account and return a temporary error code when sender_matcher rejects the sender. * Added bind_name argument to SmtpInvalidRecipientMatcher to allow specifying the source hostname where SMTP queries are initiated from. Pssl: * Added certificate subject validation for protocols where the hostname is recovered from the protocol. Currently only used by HTTP and is disabled by default. * Fixed a possible race condition in KeyBridging which caused some unharmful I/O error messages. * Fixed the expiry dates of certificates generated by KeyBridge. * Fixed the handling of expired certificates when keybridge was in use. Previously the proxy always regenerated expired certificates which might confuse some browsers, it now caches the server certificate and only regenerates certificates whenever the certificate of the server changes. Imap: * Support for option 'HEADER' in 'SEARCH' requests added * The proxy was converted to use the blob subsystem for mail bodies to decrease memory load, at the same time the max_literal_count limit was increased from 16 to 32 and the max_literal_length (which limits message/attachment sizes) was increased from 128kB to 2MB. * An interoperability problem causing Outlook Express and Horde to fail to show attachments in some circumstances was fixed. Ldap: * Implemented dummy SASL wrapped LDAP support used by Microsoft Active Directory in some cases. Please note that LDAP analysis is disabled for SASL wrapped packets. Ftp: * Abort the control connection if the data connection fails for some reason as this scenario might cause hangup problems for some clients/servers. Http: * Added a new attribute to control URL canonicalization. * Fixed possible memory leak in FTP over HTTP implementation. VBuster: * Fixed a possible memory leak on database reloads. zorp 3.0.8 Thu, 03 Nov 2005 09:57:24 +0100 Changes since 3.0.7 Core: * Fixed a possible Python traceback whenever a ZoneListener or CSZoneListener referred to a non-existant service. * Clarified some satyr log messages. * Fixed possible memory leaks in Satyr authentication. * Fixed a possible deadlock in processing UDP traffic. * Added support for changing the Satyr connection timeout, previously a value of 60 seconds was hard-coded. * Added round_robin parameter to FailoverChainer to make it possible to explicitly speicify round-robin and failover behaviour when establishing server connections. * Fixed umbrella behaviour for zones which had no inbound or outbound service list. zorpctl: * Fixed a possible segmentation fault in "zorpctl szig". Ftp: * Added a log message about rejected login attempts for anonymous-only FTP connections. * Fixed a possible memory leak active data connection establishment. * Fixed a possible deadlock in data session initiation. Ldap: * Fixed a possible parse error in long SEARCH requests. Pssl: * Changed all cipher suites to explicitly disallow not-authenticating algorithms such as anonymous-DH. * Fixed timeout processing during SSL handshake. * Added new handshake_timeout parameter to control the timeout used during SSL handshake. Imap: * Fixed a problem causing the proxy to never exit on connection timeout. * Fixed IMAP folder name validation to accept accented characters. * Fixed a possible memory leak. * Fixed verbosity level for some log messages. * Fixed capability filtering in untagged OK responses. * Fixed a possible segmentation fault in processing requests containing literals exceeding max_literal_count. Http: * Added countermeasures for various request/response smuggling attacks. * Fixed an interoperability problem to automatically reconnect when the server drops the connection while to proxy is waiting for the client. Smtp: * Added reporting of the server message ID in the SMTP accounting message. * Added 500/501/421 as valid responses to all SMTP commands, previously these responses were converted to "500 Invalid command" by the proxy. Rsh: * Changed proxy behaviour not to wait for 30 seconds for the standard error connection once the main RSH connection was terminated by the server. VBuster: * Reject module loading if the VBuster engine cannot be initialized (like in the case of missing database). zorp 3.0.7 Mon, 19 Sep 2005 10:59:38 +0200 Changes since 3.0.6 Core: * Added a more specific error reporting to Satyr authentication. Mime: * Fixed a bug in base64 encoder possibly causing trimmed MIME objects. zorp 3.0.6 Wed, 17 Aug 2005 16:31:13 +0200 Changes since 3.0.5 Core: * Fixed a confusing message about an invalid ToS value when secondary sessions are used. * Fixed a possibly unhandled Python exception in FailoverChainer when no state timeout was specified. * Fixed a race condition possibly causing segmentation fault when the child proxy was communicating with its parent while that was being destroyed. The window of the race was very small, the problem occurs with large amounts of traffic only. Pssl: * Fixed a possible memory leak in Certificate Revocation List validation. Mime: * Improved robustness of the base64 decoder to handle whitespace within base64 encoded data. * Fixed a memory allocation problem possibly causing a segmentation fault when receiving a syntactically incorrect message. Http: * Changed the default value for max_chunk_length to unlimited, as the previous limit of 256kB caused interoperability problems with various web servers/applications. * Fixed a possible problem in reconnection handling, causing data transfer timeouts for POST requests. Telnet: * Fixed a problem in processing multi-byte telnet sequences occurring on the buffer boundary. Imap: * Fixed a possible segmentation fault problem in authentication message handling. VBuster: * The vbupgrade script automatically removes the installed engine and database packages from the apt cache. * Fixed the processing of the 'scan_method' and 'heuristic_sensitivity' attributes making it possible to set them to any VBuster supported values. zorp 3.0.5 Tue, 07 Jun 2005 16:14:36 +0200 Changes since 3.0.4 Core: * Fixed an Authentication cache problem where an authenticated service would work without a cache although one was specified. * Added the command line option --log-escape which enables the filtering of non-printable characters in the log file. zorpctl: * Manpage of zorpctl.conf updated. Ftp: * Added ToS value propagation to the data channel. Http: * Accept non-ASCII characters in URLs and reencode them using the standard URL encoding scheme. * Removed some special characters from the set of escaped characters in HTTP URL filenames. Mime: * Fixed a bug in error detection which caused messages to be sent to quarantine by mistake. * Fixed a problem which caused 100% processor usage while the message was being virus scanned. Nntp: * Added support to send NNTP messages to stacked proxies.. SQLNet: * Fixed a possible interoperability problem with Oracle9 and 10 which was triggered if the CONNECT data exceeded 198 bytes but was below 231. * Added a new attribute named split_connect_threshold to control connect packet splitting. zorp 3.0.4 Thu, 07 Apr 2005 12:42:41 +0200 Changes since 3.0.3 Core: * Added the possibility to change verbosity level and logspec at runtime. * Fixed a confusing log message about failed authorization. * Fixed the connection setup to satyr when the satyr port number is explicitly specified. * Changed the behaviour of FailoverChainer: when all the targets fail during the cache timeout, the chainer does not wait until the timeout expires, but re-checks the targets immediately. * Warning message printed to the console if zorp runs with a demo license. * Fixed source port selection when forge_port parameter of Routers are set to Z_PORT_GROUP * Fixed InbandAuthentication caching problem. * Added an easier to use interface to access attributes exported by parent proxies. * Fixed a possible segmentation fault in the DNS resolving * Introduced a new memory management subsystem called the blob system. It is a globally sized pool of blobs stored either in RAM or on disk which is to be used as a temporary storage for non-streamable objects like MIME envelopes and virus scanned objects. * Added quarantine checking utility to ensure that the storage requirements of the quarantine are bounded. For details see the manpage zorpqc(1). zorpctl: * Added new command to control Zorp log settings. * Various usability fixes (report errors when instances.conf cannot be opened, handle invalid arguments in instances.conf, clarified some log messages). * zorpctl now checks whether it could start/stop the specified Zorp instance or not by waiting while Zorp starts up or shuts down which slows down zorpctl processing. For timing parameters check the manpage for zorpctl.conf(5). Ftp: * ALLO parameter checking is stricter now. Http: * Fixed the usage of content-length hinting when the MIME headers are sent to the stacked proxy. * Make it easier to change and query header information during request processing in the policy layer. * Fixed Transfer-Encoding header processing for HTTP uploads when a stacked proxy is used. * Added URL canonicalization to change various different encodings of the same URL to a common format. * Support for the FTP protocol in non-transparent mode. * Fixed possible "Invalid file descriptor" error messages. * Added new use_default_port_in_transparent_mode attribute which forces the use of default_port in server address hints in transparent mode. Imap: * Fixed handling the tagged form of the IMAP CAPABILITY response. * Ignore case when comparing capability names. * Changed to use the blob subsystem. Mime: * Changed to use the blob subsystem. * Intoduced header manipulation (remove, add, change). * Added the possibility to append a constant MIME object into every message. * Added a new attribute named "permit_empty_headers" which instructs the proxy to take the first line as the message body provided it cannot be parsed as a header. Pssl: * Fixed a problem in proxy startup, affects the GPLd version only. * Fixed IOError handling during KeyBridge initialization, keys not present at the specified location will be reported with a nice error message instead of a backtrace. * Fixed a typo which prevents using server-side key generation feature. * Added the possibility to use password encrypted private keys. Smtp: * Extension identifiers are accepted also in mixed case. * Added some more detail to "Copying request" messages * Added the possibility to cut long server answers instead of just aborting the connection. Pop3: * Fixed a possible missing linefeed in some rare situations. * Added support for the AUTH command. * Updated documentation. VBuster: * The upgrade script handles correctly when the upgrading the engine is disabled via configuration but a new version is available. * VBuster proxy is now able to do quarantining on its own. * Added the possibility to control the maximum compression ratio and uncompressed size of archives which are virus checked to avoid archive bombing. * Added some more possible error codes to make changing the "error" policy easier. * Improved log messages. zorp 3.0.3 Wed, 22 Dec 2004 10:13:37 +0100 Changes since 3.0.2 Core: * Fixed Solaris packaging problem, configuration files such as zorpctl.conf are not overwritten by default. * Fixed FailoverChainer to work correctly when the preferred source address was specified by the router. (e.g. forge_addr/forge_port was set) * Fixed possible segmentation fault when the keys used for authenticating the ZAS SSL channels were not readable. * Added the possibility to specify certificate verification depth to ZAS connections. * Fixed possible deadlock in UDP proxying. * Fixed non-transparent UDP proxying problem triggered by for example ICMP port unreachable. * Fixed NATPolicy cacheable attribute setting, it was always set to TRUE regardless what the administrator specified. * Added authorization failure reporting to satyr, previously a successfully authenticated but unauthorized connections were first accepted (Satyr reported authentication success), and then rejected by closing the proxied connection. This confused some users. * Updated man pages. zorpctl: * Improved error reporting, the errors during the performed action are accumulated and reported when zorpctl exits to make the output more readable. * Increased default per-thread file limit to 64 as VBuster might use a lot of file descriptors for temporary files. * Renamed APPEND_ARGS zorpctl option to ZORP_APPEND_ARGS (old name also works), also added ZORPCTL_APPEND_ARGS to make it possible to specify options for zorpctl globally. * Fixed CHECK_PERMS processing to check proper permissions for the /etc/zorp directory. * Added AUTH_RESTART_DELAY option which specifies the number of seconds to wait before Zorp is restarted. * Improved Zorp restart code, in addition of Zorp exiting due to signals it is also restarted when it exits with a non-zero return code. VBuster: * Made some improvements in vbuster upgrade script logging. * Added logrotation to /var/log/vbuster.log * Fixed a possible scanning error when the object is swapped to disk. * Added FTPOVERHTTPPROXY option to vbuster.options. * Added configurable error handling to the proxy to make it possible to cleanly handle bad and/or password protected archive files. * Clarified and unified virus scanning result messages. Lp: * Cleaned up log messages. Nntp: * Cleaned up log messages. Pssl: * Added support for PSSL_VERIFY_OPTIONAL_TRUSTED which only accepts trusted certificates, but does not require the peer to specify one. The old PSSL_VERIFY_OPTIONAL is was renamed to PSSL_VERIFY_OPTIONAL_UNTRUSTED while keeping the old name for compatibility. * Added permit_invalid_certificates attribute which turns of UNTRUSTED certificate validation completely, e.g. it accepts any certificate even if it is expired. * Fixed problem with the communication to sites which optionally asked for certificates. Smtp: * Removed trailing spaces from MAIL commands containing ESMTP extensions, as some MTAs complained about them. * Fixed the default values for max_request_length & max_response_length to match documentation. (512 instead of the previous 256 as required by the RFC) * Added support for the unconnected_response_code attribute which specifies what response to return when the proxy is unable to connect to the server. The value defaults to 554 as this was the previous behaviour of the proxy, however it is known to cause some problems with various MTAs so it might be changed to 421 in the future. * Clarified a couple of log messages. * Fixed SmtpInvalidRecipientMatcher to avoid possible fd leak. * Added 550 as a permitted response to the DATA command. Http: * Changed CONNECT handling to use the original client request if parent proxy is used. This changes makes it possible to allow the upstream proxy to do authentication. * Added a couple of missing log messages in various error scenarios. * Added workaround for some buggy browsers which send a CRLF after their POST request and become confused when the proxy closes the connection without fetching these extra bytes. zorp 3.0.2 Thu, 28 Oct 2004 09:56:26 +0100 Changes since 3.0.1 Core: * Fixed performance problems in non-transparent HTTP proxying, DNS lookups are unserialized as the memory leak preventing this was fixed in libc (from 2.2.5-11.5zorpos1). * Fixed a bug in FailoverChainer which prevented it from working when timeout was not specified. * Fixed a compatibility problem with 2.1: startUp and shutDown functions were renamed to their lower case equivalent in earlier 3.0.x releases and compatibility was not ensured, this was fixed. * Fixed a possible problem which may cause incoming lines to be interpreted as two separate lines during data transfer. * Zorp refuses to start if the autobind IP address is not available. * Added a Z_ERROR verdict to the proxy decision logic which makes it possible to soft-fail a transaction when the stacked proxy detects some non-protocol specific failure (for example virus scanning is unable to load its database). * Added connection Type of Service support, the value of the TOS byte is propagated from the client to the server side connections. * Added some more details to some log messages, and tuned the verbosity level in some cases. Ftp: * Fixed a dead-lock in EPSV command introduced in 3.0.1 Http: * Introduced a new option to keep the client connection persistent even if the server requests the connection to close. Nntp: * Fixed a bug which caused rejecting command lines with trailing whitespaces. Smtp: * Fixed a bug in recipients tracking, email addresses not accepted by the server are not reported as successful recipients in the SMTP accounting message. * Added support for Z_ERROR verdict returned by stacked proxies, it returns a temporary- instead of a persistent failure to the client when the proxy reports some non-protocol specific failure. * SmtpInvalidRecipientMatcher automatically detects the method to verify the validity of an email address. It always tries VRFY first (unless force_delivery_attempt is TRUE), and falls back to mail sending automatically if the target does not support VRFY. Pssl: * Implement online key generation to fake the identity of the other side. Telnet: * Added support for the EOR option to TelnetProxy & TelnetProxyStrict VBuster: * Encrypted archives are not rejected. * Fixed a bug which could result in dropping the first part of the file. zorp 3.0.1 Thu, 16 Sep 2004 19:03:49 +0200 Changes since 3.0.0 Core: * Fixed a timeout in core transfer code which triggered timeouts in the SMTP proxy when delivering mails. * Added a more detailed error message if no matching zone can be found for an IP address. * Fixed UDP packet handling when packet size is more than 1500 bytes. * Fixed a race condition in ZAS authentication (might cause SIGSEGV). * Added a more detailed error message if the specified Zorp instance could not be found in the policy file. Ftp: * More detailed messages about data connections. Http: * Fixed a HTTP/0.9 interoperability problem when using virus stacking in HTTP. * New attributes (request_mime_type and response_miem_type) which contain the MIME type of the entity to be transferrred. * Moved the "postfilter" header logging to a later stage in processing to make it absolutely sure that it matches the actually sent headers. Mime: * Fixed two possible cases which resulted in a lot of "Error decoding data" messages to be printed. Pop3: * Fixed an erroneous extra error message sent to the client, when the stacked proxy rejected the mail content, and some data had already been sent. Smtp: * Fixed an erroneous 500 response in response to an EOF sent by the client. * Fail nicely if an error occurs in SmtpInvalidRecipientMatcher. (ie. cannot connect to server) Telnet: * Added a possibility to specify telnet command negotiation options. VBuster: * New script to automatically get updated versions of virus database. * Start virus scanning only after the full object was downloaded and not while being downloaded, because the number of parallel virus scanning is limited. * Reject everything if virus database could not be loaded, unless vdb_error_soft_fail has been set. * Fixed content-length hinting for oversized files, this caused possible content corruption when used in the HTTP proxy. zorp 3.0.0 Fri, 16 Jul 2004 15:10:42 +0200 Changes since 3.0beta3 Core: * Fixed setting the default stack-limit (might cause SIGSEGV with pre-2.4 kernels). * Fixed ugly warning messages when a proxy initiated two connections to the same server host. * Fixed authentication problems after the authentication server was restarted. * Fixed a possible segmentation fault caused by a race condition in the authentication code. * Fixed a possible segmentation fault, usually triggerred by a loaded FTP proxy. * Fixed thread average calculation in SZIG. Pop3: * Fixed a possible mail retrieval problem. * Fixed handling messages containing NUL messages, these messages were previously rejected. Smtp: * Fixed handling messages containing NUL characters in mail messages, these messages were previously rejected. * Added a new SmtpValidRecipientMatcher class, which allows filtering the accepted recipients in the SMTP proxy based on the responses of a third SMTP server. Ftp: * Fixed a possible "Internal error" condition which caused data connection establishment to fail. Http: * Fixed a possible "Proxy-Connection" header duplication. * Added Content-Length hinting, to avoid changing the transfer mode to "chunked" mode when possible when content checking is performed. * Does not touch the headers returned to a HEAD request, even if we would change to chunked mode, some clients are confused when a HEAD response does not contain a Content-Length field. * Added the possibility to allow both the "Connection" and "Proxy-Connection" header to be present, controllable by the permit_both_connection_headers attribute (defaults to FALSE) VBuster: * Added an automatic cron job to automatically ret * Introduced some global variables to change the default location of the virus database (substitutes the now defunct /etc/vbuster.cfg file).