X-Git-Url: https://git.exim.org/exim.git/blobdiff_plain/adc426215052297d694fcc08786e87a140171e76..2a23f96499d49162afc70fef92ff9bf49aa7ab5c:/doc/doc-txt/ChangeLog diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog index 50309b1f1..03c031106 100644 --- a/doc/doc-txt/ChangeLog +++ b/doc/doc-txt/ChangeLog @@ -28,13 +28,57 @@ PP/02 GitHub PR 52: many spelling fixes, which include fixing parsing of no_require_dnssec option and creation of _HAVE_TRANSPORT_APPEND_MAILDIR macro. Patches provided by Josh Soref. -JH/05 Bug 2017: Fix DKIM verification in -bh test mode. The data feed into +JH/05 Have the EHLO response advertise VRFY, if there is a vrfy ACL defined. + Previously we did not; the RFC seems ambiguous and VRFY is not listed + by IANA as a service extension. However, John Klensin suggests that we + should. + +JH/06 Bug 2017: Fix DKIM verification in -bh test mode. The data feed into the dkim code may be unix-mode line endings rather than smtp wire-format CRLF, so prepend a CR to any bare LF. -JH/06 Rationalise the coding for callout smtp conversations and transport ones. +JH/07 Rationalise the coding for callout smtp conversations and transport ones. As a side-benfit, callouts can now use PIPELINING hence fewer round-trips. +JH/08 Bug 2016: Fix DKIM verification vs. CHUNKING. Any BDAT commands after + the first were themselves being wrongly included in the feed into dkim + processing; with most chunk sizes in use this resulted in an incorrect + body hash calculated value. + +JH/09 Bug 2014: permit inclusion of a DKIM-Signature header in a received + DKIM signature block, for verification. Although advised against by + standards it is specifically not ruled illegal. + +JH/10 Bug 2025: Fix reception of (quoted) local-parts with embedded spaces. + +JH/11 Bug 2029: Fix crash in DKIM verification when a message signature block is + missing a body hash (the bh= tag). + +JH/12 Bug 2018: Re-order Proxy Protocol startup versus TLS-on-connect startup. + It seems that HAProxy sends the Proxy Protocol information in clear and + only then does a TLS startup, so do the same. + +JH/13 Bug 2027: Avoid attempting to use TCP Fast Open for non-transport client + TCP connections (such as for Spamd) unless the daemon successfully set + Fast Open mode on its listening sockets. This fixes breakage seen on + too-old kernels or those not configured for Fast Open, at the cost of + requiring both directions being enabled for TFO, and TFO never being used + by non-daemon-related Exim processes. + +JH/14 Bug 2000: Reject messages recieved with CHUNKING but with malformed line + endings, at least on the first header line. Try to canonify any that get + past that check, despite the cost. + +JH/15 Angle-bracket nesting (an error inserted by broken sendmails) levels are + now limited to an arbitrary five deep, while parsing addresses with the + strip_excess_angle_brackets option enabled. + +PP/03 Bug 2018: For Proxy Protocol and TLS-on-connect, do not over-read and + instead leave the unprompted TLS handshake in socket buffer for the + TLS library to consume. + +PP/04 Bug 2018: Also handle Proxy Protocol v2 safely. + Exim version 4.88 -----------------