croessner / sigh Goto Github PK
View Code? Open in Web Editor NEWS/MIME signing milter
License: GNU General Public License v3.0
S/MIME signing milter
License: GNU General Public License v3.0
Hello,
https://superuser.com/questions/885435/signing-milter-smime-how-are-this-email-signed-incorrectly
Outlook 2016 at least is claiming email modification. is there any fix for that issue?
Tried it with sigh and sign-milter
thanks,
Stefan
Just a heads up, I'm not sure if this is much of a problem in practice: signals and pthreads don't really mix well.
In particular:
std::cout
and friends are not async-safe and thus not safe to be called from a signal handler. The same probably holds for resetting and re-reading the mapfile during signal handling.mapfile::Map
isn't thread safe (and probably cannot be used safely from a signal handler, too). this might also be a potential concurrency issue.Given the fact that you cannot really to anything pthread-related while a signal handler is active (none of the pthread*()
functions are async-safe), to be on the safe side, one needs a special signal handler thread that continuously loops over sigsuspend()
and does the appropriate actions, while all other threads run with blocked signals.
I'll see if I can fix this via some patches.
I'm using sigh with two postfix nodes for quite a while now. So far without any problems. Two days ago sigh started to eat up my cpu on both nodes, which is interesting, as one node is passive and not handling any mails. After a restart everything settles down but start to raise after some minutes.
The logfile says:
sigh: /opt/sigh/src/client.cpp:95: static const string mlt::Client::prepareIPandPort(sockaddr*): Assertion `hostaddr != nullptr' failed.
So far I mitigate the problem by restarting sigh
every hour, but I'm afraid loosing mails or send out unsigned mails by doing so.
Hello,
noticed a warning when assembling, is it okay?
/usr/src/sigh# make
[ 16%] Building CXX object CMakeFiles/sigh.dir/src/milter.cpp.o
[ 33%] Building CXX object CMakeFiles/sigh.dir/src/client.cpp.o
[ 50%] Building CXX object CMakeFiles/sigh.dir/src/config.cpp.o
[ 66%] Building CXX object CMakeFiles/sigh.dir/src/smime.cpp.o
/usr/src/sigh/src/smime.cpp:42:22: warning: ‘long unsigned int thread_id()’ defined but not used [-Wunused-function]
static unsigned long thread_id(void) {
^~~~~~~~~
/usr/src/sigh/src/smime.cpp:30:13: warning: ‘void lock_callback(int, int, char*, int)’ defined but not used [-Wunused-function]
static void lock_callback(int mode, int type, char *file, int line) {
^~~~~~~~~~~~~
[ 83%] Building CXX object CMakeFiles/sigh.dir/src/mapfile.cpp.o
[100%] Linking CXX executable sigh
The file itself is assembled and the letters are signed.
Just noticed when I raised sigh -c /etc/sigh/sigh.cfg -d on mta
I send a test letter from the email client from the address for which there is an s/mime certificate, then outlook says there are problems with the signature https://pasteboard.co/I3myDIS.png
Thanks.
Hi there,
i would like to also sign every E-Mail which is sent to a certain addresse or even better a certain domain. For archiving purposes. Is this already possible?
Cheers,
Alex
With GCC 11.2 and GNU ld 2.38, I get the following link errors:
/usr/bin/ld: CMakeFiles/sigh.dir/src/smime.cpp.o:(.bss+0x0): multiple definition of `util::ccp'; CMakeFiles/sigh.dir/src/milter.cpp.o:(.bss+0x0): first defined here
/usr/bin/ld: CMakeFiles/sigh.dir/src/smime.cpp.o:(.bss+0x1): multiple definition of `util::mlfipriv'; CMakeFiles/sigh.dir/src/milter.cpp.o:(.bss+0x1): first defined here
Hi,
I'm using Postfix 3.4.1 as MTA and sigh as a milter.
When Postfix passes sigh a mail, sigh aborts unexpectedly.
Debug Output:
$ /etc/smime/sigh --debug --config /etc/smime/conf/sigh.conf
Configuration file values:
user=smime
group=smime
socket=inet:10004@localhost
pidfile=/var/run/sigh/sigh.pid
daemon=false
mapfile=/etc/smime/conf/mapfile.txt
tmpdir=/etc/smime/tmp
[email protected] valuecol=cert:/etc/certificate.crt,key:/etc/key.key
Initialized group access list
Switched to group smime
Switched to user smime
PID file created
id=1 connect from hostname= socket=[MY:IPV6]:47070
-> sign()
-> loadIntermediate()
X509_INFO_free() called
stack empty
sk_X509_free() called
sk_X509_INFO_free() called
BIO_free() called
<- loadIntermediate()
BUF_MEM_free() called
double free or corruption (fasttop)
Aborted
Certificate and Key are PEM encoded.
Already checked file permissions and socket connection, and they both work, any idea?
Thanks!
Is tickets remain open since several years and there were no updates or new releases.
Is the project still active?
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.