Merge pull request #86 from jetmore/release/v20240103.0

Release/v20240103.0

App-swaks/Changes

@@ -1,6 +1,11 @@
 Revision history for Perl extension App::swaks.
 
-20201014.0  Web Oct 14 17:00:00 2020
+20240103.0  Wed Jan  3 17:00:00 2024
+	- tracking Swaks release 20240103.0.  See
+		http://jetmore.org/john/code/swaks/versions.html
+		for full details.
+
+20201014.0  Wed Oct 14 17:00:00 2020
 	- tracking Swaks release 20201014.0.  See
 		http://jetmore.org/john/code/swaks/versions.html
 		for full details.

App-swaks/Makefile.PL

@@ -4,7 +4,7 @@ use ExtUtils::MakeMaker;
 # the contents of the Makefile that is written.
 WriteMakefile(
     NAME              => 'App::swaks',
-    VERSION           => '20201014.0',
+    VERSION           => '20240103.0',
     ABSTRACT          => 'Swiss Army Knife for SMTP testing',
     AUTHOR            => 'John Jetmore <[email protected]>',
     LICENSE           => 'gpl',

App-swaks/README

@@ -1,4 +1,4 @@
-App-swaks version 20201014.0
+App-swaks version 20240103.0
 ======================
 
 App::swaks is a perl package which distributes the Swaks SMTP test
@@ -27,7 +27,7 @@ modules may be desired.
 
 COPYRIGHT AND LICENSE
 
-Copyright (c) 2003-2008,2010-2020 John Jetmore <[email protected]>
+Copyright (c) 2003-2008,2010-2024 John Jetmore <[email protected]>
 
 This program is free software; you can redistribute it and/or modify
 it under the terms of the GNU General Public License as published by

Changes

@@ -1044,3 +1044,4 @@
            date expiration (notBefore/notAfter)
 * 20240103 Previously-deprecated option -g removed entirely
 * 20240103 Improve test suite experience on FreeBSD
+> 20240102 released 20240102.0

README.md

@@ -11,7 +11,7 @@ The official project page is <https://jetmore.org/john/code/swaks/>.
 
 ## Download
 
-The latest version of Swaks is **20201014.0** ([announcement][release_announce]), which can be downloaded as a [package][release_package] or a [standalone script][release_script].
+The latest version of Swaks is **20240103.0** ([announcement][release_announce]), which can be downloaded as a [package][release_package] or a [standalone script][release_script].
 
 See the [installation page][installation_page] for details on installing in multiple environments.
 
@@ -52,7 +52,7 @@ Feedback and meaningful questions about how to use Swaks are welcome. However, s
 [issues]: https://github.com/jetmore/swaks/issues
 [blog]: https://www.jetmore.org/john/blog/c/swaks/
 [blog_rss]: https://www.jetmore.org/john/blog/c/swaks/feed/
-[release_announce]: https://www.jetmore.org/john/blog/2020/10/swaks-release-20201014-0-available/
-[release_package]: https://jetmore.org/john/code/swaks/files/swaks-20201014.0.tar.gz
-[release_script]: https://jetmore.org/john/code/swaks/files/swaks-20201014.0/swaks
-[rendered_doc]: https://github.com/jetmore/swaks/blob/v20201014.0/doc/base.pod
+[release_announce]: https://www.jetmore.org/john/blog/2020/10/swaks-release-20240103-0-available/
+[release_package]: https://jetmore.org/john/code/swaks/files/swaks-20240103.0.tar.gz
+[release_script]: https://jetmore.org/john/code/swaks/files/swaks-20240103.0/swaks
+[rendered_doc]: https://github.com/jetmore/swaks/blob/v20240103.0/doc/base.pod

RELEASE/README.txt

@@ -19,13 +19,15 @@ missing functionality, and how to get that functionality.  Example output:
     === Basic AUTH supported
     === Date Manipulation supported
     === High Resolution Timing supported
-    === IPv6 supported
+    === IPv4/v6 Socket Transport supported
+    === Legacy IPv4 Socket Transport supported
+    === Legacy IPv4/v6 Socket Transport supported
     === Local Hostname Detection supported
     === MX Routing supported
     === Netrc Credentials supported
     === Pipe Transport supported
-    === Socket Transport supported
     === TLS supported
+    === UNIX Socket Transport supported
 
 ------------------------------
 Documentation
@@ -88,16 +90,38 @@ A full copy of this license should be available in the LICENSE.txt file.
 ------------------------------
 Change Summary
 ------------------------------
-v20201014.0
+v20240103.0
   New Features:
-    * None
+    * Added --cc and --bcc options
+    * Numerous TLS debugging and verification improvements
+      * Debug output contains whether a client cert was requested and whether
+        one was sent
+      * Add new options --tls-verify-ca and --tls-verify-host to differentiate
+        between types of certificate verification (--tls-verify does both)
+      * Add --tls-target option to allow setting of hostname to be used in
+        hostname verification.  This is useful in some inet debugging situations
+        and required to do hostname verification with --socket or --pipe
+      * Add --tls-chain (#60, initial implementation by Wolfgang Karall-Ahlborn)
+      * Add --tls-get-peer-chain option (analogous to --tls-get-peer-cert, #73)
+      * Certificate debug now includes all client and peer certs, it a chain
+        was used (#73)
+      * Certificate debug now includes notAfter, commonName, and subjectAltName
   Notable Changes:
-    * None
+    * --output-file, --output-file-stderr, and --output-file-stdout now truncate
+      the specified file if it already exists
+    * Documentation improvements
+    * Extensive test harness improvements
+    * Add new stop-point XCLIENT-HELO to address lack of specificity when
+      mixing XCLIENT usage with the HELO stop-point
+    * Add new stop-point PROXY
+    * Use IO::Socket::IP by default.  Will still use IO::Socket::INET/INET6
+      to cover transition, but this is deprecated and will be removed in the
+      future (#43)
+    * TLS session debug information is now printed even if we decide not to
+      continue the session (eg for failed verification)
+    * Previously-deprecated functionality to allow some options to be either
+      a filename or a literal string has been removed.  Using the '@' sigil is
+      now the only was to specify file contents
+    * Previously-deprecated -g option removed
   Notable Bugs Fixed:
-    * Last release introduced a bug where Date: headers were localized, which
-      is against RFC.  Further, that localization then broke character rendering
-      in some locales.  A new fix for the original issue (#17) was put in place,
-      which no longer localizes the Date: header and fixes the newly introduced
-      rendering issue (#25)
-    * Last release introduced a bug which prevented --protect-prompt from
-      working.  This is now fixed (#26)
+    * TLS certificate verification did not always work.  It should now

RELEASE/doc/Changes.txt

@@ -1,3 +1,119 @@
+> 20240102 released 20240102.0
+* 20240103 Improve test suite experience on FreeBSD
+* 20240103 Previously-deprecated option -g removed entirely
+* 20240102 Clarify --tls-verify-ca docs, this verifies both signing and
+           date expiration (notBefore/notAfter)
+* 20240102 Rework tls verification. On cert verification failure, print
+           openssl's error message.  Get rid of verify callback.
+* 20240102 Print all available certificate information even if TLS was not
+           successfully negotiated
+* 20240102 Update copyright year to 2024
+* 20231203 Clean up the output when we print local and peer cert info, make it
+           more compact and uniform
+* 20231203 Switch method for getting peer certs, making debug way more
+           reliable
+* 20231203 Reorganize TLS internals to make support easier
+* 20231202 Add --tls-get-peer-chain option.  Analogous to --tls-get-peer-cert
+           but shows every cert sent by the peer, not just the first one (#72)
+* 20231130 Show debug for entire peer cert chain, not just for the end
+           cert (#73)
+* 20231130 Flesh out printing of certs to include notBefore/After,
+           commonName (not as part of the DN), and subjectAltName
+* 20231126 In prep for handling peer chains properly, change the printing
+           of local cert labeling from local/chain to local[i], but
+           only if there is more than one local cert.
+* 20231110 implement --tls-chain (based on initial implementation by
+           Wolfgang Karall-Ahlborn in #60)
+* 20231105 Fix bug which caused the "I really mean a filename" @sigil to
+           be included in the attachment filename in the body of the email.
+           It is now stripped from the filename before use (#55)
+* 20231105 Remove deprecated ability to infer filename vs. inline data for
+           --data, --body, --attach, and --attach-body options
+* 20231104 Switch to using IO::Socket::IP by default.  Fall back to
+           IO::Socket::INET/INET6; deprecate the use of these libraries #43
+* 20231103 Fix unreliable results certificate/hostname verification
+* 20231103 Update copyright year to 2023
+* 20220505 Fix broken POD formatting for the default --data argument #47
+* 20220505 Fix double-entry for Linux on installations.html #46
+* 20220505 Update copyright year to 2022
+* 20211208 Fix deprecated use of --body in doc (#39)
+* 20210123 Add PROXY as a valid --quit-after, --drop-after, and
+           --drop-after-send argument.
+* 20210123 Adding --cc and --bcc options.
+* 20210123 Clarify --auth-optional-strict documentation
+* 20210117 Add --tls-verify-target to set a host to be used for verification,
+           overriding the internal connection information.
+* 20210117 Change --tls-verify to require both cert and hostname verification.
+           Add --tls-verify-ca (previous behavior of --tls-verify) and
+           --tls-verify-host to just require verification of the certificate
+           against the local CA or the target hostname or IP, respectively.
+* 20210117 Add TLS informational line showing the verification status of
+           the server certificate.
+* 20210116 Use named constant in TLS code instead of magic number
+* 20210116 Add TLS informational line showing whether client certificate was
+           by the server and whether swaks sent it.
+* 20210116 Update copyright year to 2021
+* 20210116 Fix dead link to openssl cipher list format documentation in
+           --tls-cipher doc.
+* 20201225 Add exit code checking to regression tests
+* 20201225 Add autocat feature to test tools
+* 20201224 --no-hints should also include --no-info-hints, analogous to
+           --hide-informational/--hide-all which already worked this way.
+* 20201224 Change error message when missing --proxy* option to list every
+           missing option instead of just the first missing.
+* 20201224 Allow --proxy to read string from a file, and allow it to be
+           base64 encoded.
+* 20201224 --proxy argument can now (optionally) be provided with the protocol
+           prefix.
+* 20201224 In --dump output, print a raw proxy string in base64 if version 2
+* 20201224 Add new stop-point XCLIENT-HELO to address lack of specificity
+           when mixing XCLIENT and HELO stop-point.
+* 20201224 Fix --quit-after/--drop-after/--drop-after-send with XCLIENT
+           stop-point when XCLIENT is not negotiated.
+* 20201223 Fix several --drop-after-send bugs and inconsistencies.
+* 20201223 Don't print "Exiting" in the XCLIENT attempted but failed message.
+           It is always unnecessary (Auth doesn't print it) and is wrong
+           when --xclient-optional is in use.
+* 20201223 When an unsupported XCLIENT attribute is requested, print the
+           missing attribute in the error.
+* 20201223 Remove documentation note about which Authen::NTLM version to use,
+           there's only one on CPAN anymore.
+* 20201223 Add missing option hints from --proxy-version documentation
+* 20201222 Add transaction-level tests
+* 20201126 --port and --local-port should override a port set in --server or
+           --local-interface.
+* 20201126 --output-file (and -stdout and -stderr) now truncate the output
+           file if it already existed.
+* 20201126 Turn releases back on and add release for v20201024.0 (#13)
+* 20201126 Rework interactive tests and enable on Windows
+* 20201126 Add tools for visualizing errors caused by line ending issues
+* 20201116 Previously changed %DATE% to %MESSAGE_ID% in some tests to protect
+           against accidental expansion on Windows.  Change back to ..DATE..
+           now that it's an option.
+* 20201107 Add ..TOKEN.. form of tokens to more-easily allow tokens to be
+           specified from Windows command line.
+* 20201106 Testing: Extensive changes to allow test tools to run on Windows
+           cmd.exe
+* 20201101 Change the generation of help text from a manual perldoc call to
+           Pod::Usage
+* 20201101 Windows: Allow LOGNAME environment variable to override default
+           email sender
+* 20201031 Allow a value of '<>' in an environment variable to mean empty
+           string.  Usable everywhere, but needed on Windows since it doesn't
+           support set-but-empty environment variables.
+* 20201031 Windows: Explicitly revoke support for providing header names
+           embedded in environment variable names (%SWAKS_OPT_header_From%
+           will result in an error)
+* 20201031 Windows: Fix setting options via environment variable  (this fix
+           now means that -S is not supported on Windows)
+* 20201030 Windows: use binmode on STDERR/STDOUT to prevent line ending
+           translation.
+* 20201030 Fix date generation by confirming environment's strftime supports
+           %z format token.  Windows supports strftime but not %z.
+* 20201018 Testing: Add --winnow to run-all.pl
+* 20201018 Change script interpreter line to use /usr/bin/env for portability
+* 20201016 Testing: Document and improve automated testing to make it easier
+           for new users to run in new environments
 > 20201014 released 20201014.0
 * 20201014 Add newline echo after entering password with --protect-prompt
 * 20201014 Fix --protect-prompt. Not implemented correctly after option