exim.git
4 years agogen_pkcs3: Terminate string before calling BH_hex2bn()
Simon Arlott [Thu, 24 Sep 2020 22:03:14 +0000 (23:03 +0100)]
gen_pkcs3: Terminate string before calling BH_hex2bn()

Signed-off-by: Phil Pennock <pdp@exim.org>
4 years agoRe-ran the conversion of all DH parameters
Phil Pennock [Fri, 18 Sep 2020 14:25:42 +0000 (10:25 -0400)]
Re-ran the conversion of all DH parameters

I get different results now to those I got before.

Now, using gen_pkcs3 linked against OpenSSL 1.1.1f-1ubuntu2 on Focal Fossa, I
get the results below.  The ffdhe2048 value now matches that at
<https://ssl-config.mozilla.org/ffdhe2048.txt>.

I ran the same code yesterday for just the ffdhe2048 item and got code which
seemed to me then to match what was already in the C file.  Something hinky is
going on, perhaps with my sanity.

4 years agoTestsuite: avoid cipher vs. cert validity problem
Jeremy Harris [Sun, 20 Sep 2020 22:40:40 +0000 (23:40 +0100)]
Testsuite: avoid cipher vs. cert validity problem

4 years agoDocs: add crossref
Jeremy Harris [Tue, 15 Sep 2020 13:48:49 +0000 (14:48 +0100)]
Docs: add crossref

4 years agodefault DH prime choice consistency
Phil Pennock [Thu, 17 Sep 2020 20:44:52 +0000 (16:44 -0400)]
default DH prime choice consistency

A function returning a default and a list which defined the value of "default"
disagreed.  Switch both to a macro to make it harder for them to fall out of
sync.

4 years agoeximon: tidying
Jeremy Harris [Sat, 12 Sep 2020 21:11:00 +0000 (22:11 +0100)]
eximon: tidying

4 years agoeximon: fix FreeBSD build
Richard Clayton [Sat, 12 Sep 2020 21:10:04 +0000 (22:10 +0100)]
eximon: fix FreeBSD build

4 years agoDocs: fix typo.
Heiko Schlittermann (HS12-RIPE) [Fri, 11 Sep 2020 08:41:10 +0000 (10:41 +0200)]
Docs: fix typo.

Credits to u34@net9.ga

4 years agoGnuTLS: clear errno before any data i/o op, so error logging does not see stale values
Jeremy Harris [Sun, 6 Sep 2020 11:15:10 +0000 (12:15 +0100)]
GnuTLS: clear errno before any data i/o op, so error logging does not see stale values

4 years agoARC: Add basic error-checking on permitted chars in admd & sel for signing. Bug...
Jeremy Harris [Tue, 1 Sep 2020 15:17:42 +0000 (16:17 +0100)]
ARC: Add basic error-checking on permitted chars in admd & sel for signing.  Bug 2639

4 years agoTaint: enforce checking of directory creates
Jeremy Harris [Sat, 29 Aug 2020 18:18:35 +0000 (19:18 +0100)]
Taint: enforce checking of directory creates

4 years agoadd an internal error code definition
Jeremy Harris [Sat, 29 Aug 2020 16:39:51 +0000 (17:39 +0100)]
add an internal error code definition

4 years agoFix non-TLS build
Jeremy Harris [Thu, 27 Aug 2020 20:15:19 +0000 (21:15 +0100)]
Fix non-TLS build

4 years agoFix utilities indexing
Phil Pennock [Fri, 28 Aug 2020 23:58:36 +0000 (19:58 -0400)]
Fix utilities indexing

It looks like there used to be another level of hierarchy here, with all three
of the hints database commands described in one section.  They're now distinct
sections in their own right, so fix how they're linked to.

Reported by: Peter Gervai
Fixes: 2637
4 years agoDocs: add to A= log-line element description
Jeremy Harris [Thu, 27 Aug 2020 10:22:55 +0000 (11:22 +0100)]
Docs: add to A= log-line element description

4 years agoFix non-DANE build
Jeremy Harris [Wed, 26 Aug 2020 22:59:28 +0000 (23:59 +0100)]
Fix non-DANE build

4 years agoDANE: Fix 2 messages from queue case
Jeremy Harris [Wed, 26 Aug 2020 22:43:54 +0000 (23:43 +0100)]
DANE: Fix 2 messages from queue case

4 years agotidying
Jeremy Harris [Mon, 24 Aug 2020 19:15:48 +0000 (20:15 +0100)]
tidying

4 years agoBuild: ifdef guard for EXPERIMENTAL_QUEUEFILE
Jeremy Harris [Mon, 24 Aug 2020 19:14:34 +0000 (20:14 +0100)]
Build: ifdef guard for EXPERIMENTAL_QUEUEFILE

4 years agoFix non-DANE build
Jeremy Harris [Sun, 23 Aug 2020 16:27:30 +0000 (17:27 +0100)]
Fix non-DANE build

4 years agoDANE: Fix 2-rcpt message, diff domins case. Bug 2265
Jeremy Harris [Sun, 23 Aug 2020 14:32:48 +0000 (15:32 +0100)]
DANE: Fix 2-rcpt message, diff domins case.  Bug 2265

4 years agotidying
Jeremy Harris [Sun, 23 Aug 2020 09:02:30 +0000 (10:02 +0100)]
tidying

4 years agoDebug: minor updates
Jeremy Harris [Sun, 23 Aug 2020 10:40:32 +0000 (11:40 +0100)]
Debug: minor updates

4 years agoTaint: fix off-by-one in is_tainted(). Bug 2634
Gavan [Fri, 21 Aug 2020 14:46:01 +0000 (15:46 +0100)]
Taint: fix off-by-one in is_tainted().  Bug 2634

4 years agoDANE: force SNI to use $domain. Bug 2265
Jeremy Harris [Wed, 19 Aug 2020 20:09:04 +0000 (21:09 +0100)]
DANE: force SNI to use $domain.  Bug 2265

Note: this is not a complete fix for the issue

4 years agoFix ${readsocket } eol-replacement. Bug 2630
Jeremy Harris [Fri, 14 Aug 2020 12:09:53 +0000 (13:09 +0100)]
Fix ${readsocket } eol-replacement.  Bug 2630

4 years agodnslists: hardwired return value check. Bug 2631
Jeremy Harris [Mon, 10 Aug 2020 21:28:48 +0000 (22:28 +0100)]
dnslists: hardwired return value check.  Bug 2631

4 years agoBuild: Split out dnsbl code
Jeremy Harris [Mon, 10 Aug 2020 18:51:18 +0000 (19:51 +0100)]
Build: Split out dnsbl code

4 years agoConstify
Jeremy Harris [Mon, 10 Aug 2020 19:19:39 +0000 (20:19 +0100)]
Constify

4 years agoBuild: tidying
Jeremy Harris [Mon, 10 Aug 2020 19:17:06 +0000 (20:17 +0100)]
Build: tidying

4 years agoFix spelling of local_part_data in docs and debug output
Jeremy Harris [Sun, 9 Aug 2020 00:38:00 +0000 (01:38 +0100)]
Fix spelling of local_part_data in docs and debug output

4 years agoTestsuite: separate cases for TLS resumption with/out OCSP
Jeremy Harris [Sun, 2 Aug 2020 22:56:58 +0000 (23:56 +0100)]
Testsuite: separate cases for TLS resumption with/out OCSP

4 years agoFix lsearch ret=full
Jeremy Harris [Sun, 2 Aug 2020 14:25:43 +0000 (15:25 +0100)]
Fix lsearch ret=full

4 years agoEnforce STARTTLS sync point, client side
Jeremy Harris [Thu, 30 Jul 2020 19:16:01 +0000 (20:16 +0100)]
Enforce STARTTLS sync point, client side

Tested by appending to the "220 TLS go ahead\r\n" at src/tls-gnu.c line 2500
Testcase 2008, string "synch error before connect" becomes visible in log.

To get the debug output:
  Testcase 2008, initial block; add -d+all to the exi -qf

4 years agoSPF: enhance A-R result
Jeremy Harris [Sat, 1 Aug 2020 20:16:19 +0000 (21:16 +0100)]
SPF: enhance A-R result

4 years agoTestsuite: add EAI local-part testcase
Jeremy Harris [Sat, 1 Aug 2020 16:22:48 +0000 (17:22 +0100)]
Testsuite: add EAI local-part testcase

4 years agoGnuTLS: in server, detect TCP RST from client after QUIT under SSL,
Jeremy Harris [Sat, 25 Jul 2020 22:58:32 +0000 (23:58 +0100)]
GnuTLS: in server, detect TCP RST from client after QUIT under SSL,
and log different message (under new log_selector)

4 years ago OpenSSL: in server, detect TCP RST from client after QUIT under SSL,
Jeremy Harris [Thu, 23 Jul 2020 15:32:29 +0000 (16:32 +0100)]
  OpenSSL: in server, detect TCP RST from client after QUIT under SSL,
  and log different message (under new log_selector)

4 years agodebug_print_socket(): output formatting
Heiko Schlittermann (HS12-RIPE) [Thu, 16 Jul 2020 21:53:27 +0000 (23:53 +0200)]
debug_print_socket(): output formatting

(cherry picked from exim-4.94+fixes, commit 73b748711caf8a4b18dd1c0d7c662b5d57798dfe)

4 years agoFix debug_print_socket()
Heiko Schlittermann (HS12-RIPE) [Thu, 16 Jul 2020 21:45:55 +0000 (23:45 +0200)]
Fix debug_print_socket()

debug_print_socket() crashed on AF_UNIX sockets

(cherry picked from exim-4.94+fixes, commit 81cc39a7f5c17099f93b5c611bde5f58daaab71b)

4 years agoDocs: typos and clarification of DMARC sender
Heiko Schlittermann (HS12-RIPE) [Thu, 11 Jun 2020 09:42:10 +0000 (11:42 +0200)]
Docs: typos and clarification of DMARC sender

4 years agoTaint: fix ACL "spam" condition, to permit tainted name arguments
Jeremy Harris [Mon, 13 Jul 2020 12:46:14 +0000 (13:46 +0100)]
Taint: fix ACL "spam" condition, to permit tainted name arguments

Follow-on from: 62b2ccce05

4 years agoDocs: add note on non-functionality of "exists" for de-tainting
Jeremy Harris [Sun, 12 Jul 2020 12:36:10 +0000 (13:36 +0100)]
Docs: add note on non-functionality of "exists" for de-tainting

4 years agoRelease unused memory in parse_quote_2047()
Jeremy Harris [Fri, 10 Jul 2020 21:49:56 +0000 (22:49 +0100)]
Release unused memory in parse_quote_2047()

4 years agoCommand-line option for no notifier socket. Bug 2616
Jeremy Harris [Fri, 10 Jul 2020 12:55:25 +0000 (13:55 +0100)]
Command-line option for no notifier socket.  Bug 2616

4 years agoFix taint trap in parse_fix_phrase(). Bug 2617
Jeremy Harris [Thu, 9 Jul 2020 14:30:55 +0000 (15:30 +0100)]
Fix taint trap in parse_fix_phrase().  Bug 2617

4 years agotidying
Jeremy Harris [Thu, 9 Jul 2020 11:27:12 +0000 (12:27 +0100)]
tidying

4 years agoFix DKIM signing to always ;-terminate. Bug 2295
Guillaume Outters [Mon, 6 Jul 2020 21:31:51 +0000 (22:31 +0100)]
Fix DKIM signing to always ;-terminate.  Bug 2295

4 years agoSupport ret-full on lsearch. Bug 2611
Jeremy Harris [Sun, 5 Jul 2020 15:32:27 +0000 (16:32 +0100)]
Support ret-full on lsearch.  Bug 2611

4 years agoMove errno-protection into string_open_failed()
Jeremy Harris [Sun, 5 Jul 2020 12:15:00 +0000 (13:15 +0100)]
Move errno-protection into string_open_failed()

4 years agotypoes
Jeremy Harris [Fri, 3 Jul 2020 19:34:37 +0000 (20:34 +0100)]
typoes

4 years agoFix message-reception clock usage. Bug 2615
Jeremy Harris [Tue, 30 Jun 2020 20:16:42 +0000 (21:16 +0100)]
Fix message-reception clock usage.  Bug 2615

Broken-by: 6906c131d1 (4.94)
4 years agoTaint: fix ACL "spam" condition, to permit tainted name arguments.
Jeremy Harris [Mon, 29 Jun 2020 16:14:07 +0000 (17:14 +0100)]
Taint: fix ACL "spam" condition, to permit tainted name arguments.

4 years agoSqlite: fix segfault on bad/missing sqlite_dbfile. Bug 2606
Jeremy Harris [Sun, 28 Jun 2020 14:24:21 +0000 (15:24 +0100)]
Sqlite: fix segfault on bad/missing sqlite_dbfile.  Bug 2606

4 years agoTestsuite: output changes resulting
Jeremy Harris [Sun, 28 Jun 2020 13:59:44 +0000 (14:59 +0100)]
Testsuite: output changes resulting

4 years ago Remove attempts to quieten compiler static-checking (more)
Jeremy Harris [Sun, 28 Jun 2020 13:16:20 +0000 (14:16 +0100)]
Remove attempts to quieten compiler static-checking (more)

4 years agoTestsuite: munging
Jeremy Harris [Sat, 27 Jun 2020 13:11:10 +0000 (14:11 +0100)]
Testsuite: munging

4 years agoRemove attempts to quieten compiler static-checking
Jeremy Harris [Sat, 27 Jun 2020 12:21:59 +0000 (13:21 +0100)]
Remove attempts to quieten compiler static-checking

The rash of output from -Wself-assign on Darwin demonstrates just how pointless this war is

4 years agoBuild: separate guard for futimens()
Jeremy Harris [Sat, 27 Jun 2020 11:41:21 +0000 (12:41 +0100)]
Build: separate guard for futimens()

Darwin does not have the data element we manipulate with futimens()

4 years agotypo
Jeremy Harris [Sat, 27 Jun 2020 11:24:24 +0000 (12:24 +0100)]
typo

4 years agoFix build for non-Linux platforms having openat.
Jeremy Harris [Sat, 27 Jun 2020 10:27:59 +0000 (11:27 +0100)]
Fix build for non-Linux platforms having openat.

Broken-by: 1077d3c3f9
4 years agoDocs: list further ways $domain_data &c may be filled in
Jeremy Harris [Thu, 25 Jun 2020 20:30:43 +0000 (21:30 +0100)]
Docs: list further ways $domain_data &c may be filled in

4 years agoLookups: Fix "subdir" filter on a dsearch.
Jeremy Harris [Thu, 25 Jun 2020 10:16:54 +0000 (11:16 +0100)]
Lookups: Fix "subdir" filter on a dsearch.

4 years agoBuild: guards on openat()
Jeremy Harris [Thu, 25 Jun 2020 09:41:49 +0000 (10:41 +0100)]
Build: guards on openat()

4 years agoHandle quoted local_part input to ${srs_encode }. Bug 2607
Jeremy Harris [Tue, 23 Jun 2020 23:04:13 +0000 (00:04 +0100)]
Handle quoted local_part input to ${srs_encode }.  Bug 2607

4 years agoCutthrough: handle request when a callout-hold is active. Bug 2604
Jeremy Harris [Mon, 22 Jun 2020 16:27:18 +0000 (17:27 +0100)]
Cutthrough: handle request when a callout-hold is active.  Bug 2604

4 years agoTestsuite: the munge for SRS must accept a variable-length timestamp element
Jeremy Harris [Sun, 21 Jun 2020 11:53:36 +0000 (12:53 +0100)]
Testsuite: the munge for SRS must accept a variable-length timestamp element

4 years agoFix string_copy() macro to not multiple-eval args. Bug 2603
Jeremy Harris [Fri, 19 Jun 2020 23:54:05 +0000 (00:54 +0100)]
Fix string_copy() macro to not multiple-eval args. Bug 2603

Broken-by: a76d120aed
4 years agoDocs: tidy more uses of tainted variables
Jeremy Harris [Thu, 18 Jun 2020 19:27:52 +0000 (20:27 +0100)]
Docs: tidy more uses of tainted variables

4 years agoDocs: more indexing for SNI
Jeremy Harris [Wed, 17 Jun 2020 20:37:55 +0000 (21:37 +0100)]
Docs: more indexing for SNI

4 years agoTaint: treat $message_body & $message_body_end as tainted
Jeremy Harris [Wed, 17 Jun 2020 15:14:16 +0000 (16:14 +0100)]
Taint: treat $message_body & $message_body_end as tainted

4 years agoDocs: minor tweaks
Jeremy Harris [Thu, 11 Jun 2020 19:40:08 +0000 (20:40 +0100)]
Docs: minor tweaks

4 years agoRelax restrictions on which ACLs verify conditions may be used
Jeremy Harris [Sun, 14 Jun 2020 20:29:08 +0000 (21:29 +0100)]
Relax restrictions on which ACLs verify conditions may be used

4 years agoTaint: fix verify. Bug 2598
Jeremy Harris [Sun, 14 Jun 2020 19:43:06 +0000 (20:43 +0100)]
Taint: fix verify.  Bug 2598

4 years agosmtp_accept_map_per_host: call search_tidyup in fail path. Bug 2597
Jeremy Harris [Fri, 12 Jun 2020 19:17:56 +0000 (20:17 +0100)]
smtp_accept_map_per_host: call search_tidyup in fail path.  Bug 2597

4 years agoTaint: fix radius expansion condition
Jeremy Harris [Thu, 11 Jun 2020 23:46:34 +0000 (00:46 +0100)]
Taint: fix radius expansion condition

4 years agoGnuTLS: fix build on older library versions
Jeremy Harris [Thu, 11 Jun 2020 20:52:28 +0000 (21:52 +0100)]
GnuTLS: fix build on older library versions

4 years agoGnuTLS: more info on accept zero-error
Jeremy Harris [Mon, 8 Jun 2020 10:09:44 +0000 (11:09 +0100)]
GnuTLS: more info on accept zero-error

4 years agoTLS: use RFC 6125 rules for certifucate name checks when CNAMES are present. Bug...
Jeremy Harris [Thu, 11 Jun 2020 19:21:38 +0000 (20:21 +0100)]
TLS: use RFC 6125 rules for certifucate name checks when CNAMES are present. Bug 2594

4 years agoDocs: typo
Heiko Schlittermann (HS12-RIPE) [Thu, 11 Jun 2020 09:37:45 +0000 (11:37 +0200)]
Docs: typo

4 years agoTestsuite: missing file update for 59eee1bc90
Jeremy Harris [Mon, 8 Jun 2020 13:24:53 +0000 (14:24 +0100)]
Testsuite: missing file update for 59eee1bc90

4 years agoFilters: fix "vacation" in Exim filter. Bug 2593
Jeremy Harris [Mon, 8 Jun 2020 12:00:55 +0000 (13:00 +0100)]
Filters: fix "vacation" in Exim filter.  Bug 2593

Broken-by: cfb9cf20cb (4.90)
4 years agowip
Jeremy Harris [Mon, 8 Jun 2020 10:50:37 +0000 (11:50 +0100)]
wip

4 years agoOpenSSL: more info on accept zero-error
Jeremy Harris [Sun, 7 Jun 2020 15:38:28 +0000 (16:38 +0100)]
OpenSSL: more info on accept zero-error

4 years agoTestsuite: tidy debug
Jeremy Harris [Sun, 7 Jun 2020 14:27:12 +0000 (15:27 +0100)]
Testsuite: tidy debug

4 years agoDocs: typoes
Jeremy Harris [Sun, 7 Jun 2020 14:26:17 +0000 (15:26 +0100)]
Docs: typoes

4 years agoCopyright year. Bug 2592
Jeremy Harris [Sun, 7 Jun 2020 13:06:27 +0000 (14:06 +0100)]
Copyright year.  Bug 2592

4 years agoSqlite: new-style option to specify db file
Jeremy Harris [Sat, 6 Jun 2020 17:04:36 +0000 (18:04 +0100)]
Sqlite: new-style option to specify db file

4 years agoRefactor lookup argument shuffling
Jeremy Harris [Sat, 6 Jun 2020 13:45:47 +0000 (14:45 +0100)]
Refactor lookup argument shuffling

4 years agoDocs: more info on taint
Jeremy Harris [Fri, 5 Jun 2020 09:37:57 +0000 (10:37 +0100)]
Docs: more info on taint

4 years agoFix -bi. Bug 2590
Jeremy Harris [Thu, 4 Jun 2020 12:54:55 +0000 (13:54 +0100)]
Fix -bi.  Bug 2590

Actual fix from pierre.labastie@neuf.fr ; additional coding and testcase bu jgh
Broken-by: bdcc6f2bd5
4 years agotidying
Jeremy Harris [Wed, 3 Jun 2020 11:59:18 +0000 (12:59 +0100)]
tidying

4 years agoTaint: fix multiple ACL actions to properly manage tainted argument data
Jeremy Harris [Wed, 3 Jun 2020 10:40:17 +0000 (11:40 +0100)]
Taint: fix multiple ACL actions to properly manage tainted argument data

4 years agoDocs: typoes
Jeremy Harris [Tue, 2 Jun 2020 15:35:08 +0000 (16:35 +0100)]
Docs: typoes

4 years agoDocs: fix layout
Jeremy Harris [Tue, 2 Jun 2020 14:39:27 +0000 (15:39 +0100)]
Docs: fix layout

4 years agoDocs: fix mistaken variable name
Patrick Boutilier [Tue, 2 Jun 2020 14:16:10 +0000 (15:16 +0100)]
Docs: fix mistaken variable name

4 years agoTaint: fix listcount expansion operator. Bug 2586
Jeremy Harris [Tue, 2 Jun 2020 14:03:36 +0000 (15:03 +0100)]
Taint: fix listcount expansion operator.  Bug 2586

4 years agotidying
Jeremy Harris [Tue, 2 Jun 2020 13:59:16 +0000 (14:59 +0100)]
tidying

4 years agoTaint: fix pam expansion condition. Bug 2587
Jeremy Harris [Tue, 2 Jun 2020 13:50:31 +0000 (14:50 +0100)]
Taint: fix pam expansion condition.  Bug 2587

4 years agoDocs: ${listitem }
Jeremy Harris [Tue, 2 Jun 2020 12:35:06 +0000 (13:35 +0100)]
Docs: ${listitem }