exim.git
6 years agoDKIM: permit dkim_private_key to override dkim_strict on signing. Bug 2220
Jeremy Harris [Sun, 7 Jan 2018 15:03:25 +0000 (15:03 +0000)]
DKIM: permit dkim_private_key to override dkim_strict on signing.  Bug 2220

6 years agoMIME ACL: fix SMTP response for non-accept result of the ACL. Bug 2214.
Jeremy Harris [Sat, 30 Dec 2017 13:55:54 +0000 (13:55 +0000)]
MIME ACL: fix SMTP response for non-accept result of the ACL.  Bug 2214.

As far as I can see this was broken back in 2013, f4c1088 for 4.82

6 years agoFix issue with continued-connections when the DNS shifts unreliably
Jeremy Harris [Wed, 27 Dec 2017 23:32:02 +0000 (23:32 +0000)]
Fix issue with continued-connections when the DNS shifts unreliably

6 years agoFix crash associated with dnsdb lookup done from DKIM ACL. Bug 2215
Jeremy Harris [Thu, 28 Dec 2017 20:09:05 +0000 (20:09 +0000)]
Fix crash associated with dnsdb lookup done from DKIM ACL.  Bug 2215

Broken-by: cc55f4208e
6 years agoDKIM: tighter checking while parsing signature headers. Bug 2217
Jeremy Harris [Thu, 28 Dec 2017 20:51:28 +0000 (20:51 +0000)]
DKIM: tighter checking while parsing signature headers.  Bug 2217

6 years agoLookups: fix pgsql multiple-row, single-column return
Jeremy Harris [Sun, 24 Dec 2017 21:30:20 +0000 (21:30 +0000)]
Lookups: fix pgsql multiple-row, single-column return

Report & fix from James <list@xdrv.co.uk>; additional tidying and testcase by JGH

Broken-by: acec9514b1
6 years agoFix const issue in nisplus lookup
Jeremy Harris [Fri, 22 Dec 2017 10:25:56 +0000 (10:25 +0000)]
Fix const issue in nisplus lookup

6 years agoFix build of nisplus lookup
Andreas Piesk [Fri, 22 Dec 2017 10:05:02 +0000 (10:05 +0000)]
Fix build of nisplus lookup

6 years agoDKIM: Ignore non-DKIM TXT records in DNS response. Bug 2207
Heiko Schlittermann (HS12-RIPE) [Sun, 3 Dec 2017 17:17:43 +0000 (18:17 +0100)]
DKIM: Ignore non-DKIM TXT records in DNS response. Bug 2207

6 years agoDebug: fix coding in dnssec reporting. Bug 2205
Jeremy Harris [Fri, 1 Dec 2017 22:43:19 +0000 (22:43 +0000)]
Debug: fix coding in dnssec reporting.  Bug 2205

6 years agoTLS: avoid calling smtp_auth_acl on client cert when no tls authenticator is configured
Jeremy Harris [Wed, 29 Nov 2017 23:22:34 +0000 (23:22 +0000)]
TLS: avoid calling smtp_auth_acl on client cert when no tls authenticator is configured

6 years agoTLS: Fix excessive calling of smtp_auth_acl under AUTH_TLS. Bug 2203
Jeremy Harris [Wed, 29 Nov 2017 22:18:18 +0000 (22:18 +0000)]
TLS: Fix excessive calling of smtp_auth_acl under AUTH_TLS.  Bug 2203

6 years agoCHUNKING: flush input stream after message-fatal error detection. Bug 2201 exim-4_90 exim-4_90_RC4
Jeremy Harris [Tue, 12 Dec 2017 21:52:33 +0000 (21:52 +0000)]
CHUNKING: flush input stream after message-fatal error detection.  Bug 2201

6 years agoTestsuite: regen TLSA records, to match cert tree
Jeremy Harris [Sat, 9 Dec 2017 15:05:14 +0000 (15:05 +0000)]
Testsuite: regen TLSA records, to match cert tree

6 years agoopenssl guidance: install shared libraries too
Phil Pennock [Fri, 8 Dec 2017 19:21:45 +0000 (14:21 -0500)]
openssl guidance: install shared libraries too

6 years agoFix non-OCSP OpenSSL build
Jeremy Harris [Mon, 4 Dec 2017 14:32:44 +0000 (14:32 +0000)]
Fix non-OCSP OpenSSL build

Issue found by: Frank Elsner

6 years agoDocs: clarify smtp transport tls_verify_certificates option
Jeremy Harris [Sun, 3 Dec 2017 20:36:12 +0000 (20:36 +0000)]
Docs: clarify smtp transport tls_verify_certificates option

6 years agoFix initialiser in smtp transport
Jeremy Harris [Sat, 2 Dec 2017 21:11:46 +0000 (21:11 +0000)]
Fix initialiser in smtp transport

Broken-by: 838d897c8e
6 years agoDocs: add notes on lack of multiple-OCSP-proof support
Jeremy Harris [Sat, 2 Dec 2017 20:10:18 +0000 (20:10 +0000)]
Docs: add notes on lack of multiple-OCSP-proof support

This would be wanted for server OCSP stapling in a dual RSA/ECDSA certificate installation

6 years agoChange log update exim-4_90_RC3
Jeremy Harris [Tue, 28 Nov 2017 20:44:14 +0000 (20:44 +0000)]
Change log update

6 years agoChunking: do not treat the first lonely dot special. CVE-2017-16944, Bug 2201
Heiko Schlittermann (HS12-RIPE) [Mon, 27 Nov 2017 21:42:33 +0000 (22:42 +0100)]
Chunking: do not treat the first lonely dot special. CVE-2017-16944, Bug 2201

7 years agoLogging: fix log line for local_scan() rejection
Jeremy Harris [Sun, 26 Nov 2017 15:28:26 +0000 (15:28 +0000)]
Logging: fix log line for local_scan() rejection

7 years agoDKIM: fix tolerating spaces round tag values
Jeremy Harris [Sun, 26 Nov 2017 15:26:42 +0000 (15:26 +0000)]
DKIM: fix tolerating spaces round tag values

7 years agoFix filename length check in mime-handling
Jeremy Harris [Sun, 26 Nov 2017 15:22:38 +0000 (15:22 +0000)]
Fix filename length check in mime-handling

7 years agotidying
Jeremy Harris [Sun, 26 Nov 2017 15:20:04 +0000 (15:20 +0000)]
tidying

7 years agoChange note for 445d03d4ea
Jeremy Harris [Sat, 25 Nov 2017 16:21:14 +0000 (16:21 +0000)]
Change note for 445d03d4ea

7 years agoAvoid release of store if there have been later allocations. Bug 2199
Jeremy Harris [Fri, 24 Nov 2017 20:22:33 +0000 (20:22 +0000)]
Avoid release of store if there have been later allocations.  Bug 2199

7 years agoAdd comment on GnuTLS library debugging facility
Jeremy Harris [Fri, 24 Nov 2017 20:24:40 +0000 (20:24 +0000)]
Add comment on GnuTLS library debugging facility

7 years agoTestsuite: more pre-run configuration checks
Jeremy Harris [Sat, 18 Nov 2017 15:22:48 +0000 (15:22 +0000)]
Testsuite: more pre-run configuration checks

7 years agotidying
Jeremy Harris [Thu, 16 Nov 2017 20:46:10 +0000 (20:46 +0000)]
tidying

7 years agoTestsuite: delays for debug output ordering (again)
Jeremy Harris [Thu, 16 Nov 2017 18:31:23 +0000 (18:31 +0000)]
Testsuite: delays for debug output ordering (again)

7 years agoOpenSSL: avoid using now-deprecated routines on newer versions
Jeremy Harris [Thu, 16 Nov 2017 12:12:48 +0000 (12:12 +0000)]
OpenSSL: avoid using now-deprecated routines on newer versions

7 years agoTestsuite: OpenSSL/LibreSSL version output variances
Jeremy Harris [Wed, 15 Nov 2017 23:24:23 +0000 (23:24 +0000)]
Testsuite: OpenSSL/LibreSSL version output variances

7 years agoTestsuite: OpenSSL/LibreSSL version output variances
Jeremy Harris [Wed, 15 Nov 2017 22:09:10 +0000 (22:09 +0000)]
Testsuite: OpenSSL/LibreSSL version output variances

7 years agoTestsuite: OpenSSL/LibreSSL version output variances
Jeremy Harris [Wed, 15 Nov 2017 20:38:19 +0000 (20:38 +0000)]
Testsuite: OpenSSL/LibreSSL version output variances

7 years agoTestsuite: better debug output from "server" script-runner
Jeremy Harris [Wed, 15 Nov 2017 19:06:00 +0000 (19:06 +0000)]
Testsuite: better debug output from "server" script-runner

7 years agoTestsuite: delays for debug output ordering
Jeremy Harris [Wed, 15 Nov 2017 18:56:21 +0000 (18:56 +0000)]
Testsuite: delays for debug output ordering

OpenBSD seems to prioritize the child of a fork; Linux & FreeBSD the parent

7 years agoTestsuite: force RSA auth for testcase loading dual certs
Jeremy Harris [Wed, 15 Nov 2017 18:38:44 +0000 (18:38 +0000)]
Testsuite: force RSA auth for testcase loading dual certs

More recent OpenSSL versions (1.1.0) reasonably prefer ECDSA when available,
where older (1.0.2) preferred RSA

7 years agoTypo in sample configuration
Jeremy Harris [Wed, 15 Nov 2017 17:48:55 +0000 (17:48 +0000)]
Typo in sample configuration

7 years agoDocs: PRVS validity. Bug 2033 exim-4_90_RC2
Jeremy Harris [Sun, 12 Nov 2017 19:08:43 +0000 (19:08 +0000)]
Docs: PRVS validity.  Bug 2033

7 years agoTestsuite output updates
Jeremy Harris [Tue, 14 Nov 2017 19:32:50 +0000 (19:32 +0000)]
Testsuite output updates

7 years agoAdd host detail on all deferred deliveries, not only the last one
Heiko Schlittermann (HS12-RIPE) [Sun, 5 Nov 2017 22:57:16 +0000 (23:57 +0100)]
Add host detail on all deferred deliveries, not only the last one

7 years agoTestsuite: another go at munging cipher-suite strings
Jeremy Harris [Sat, 11 Nov 2017 21:19:50 +0000 (21:19 +0000)]
Testsuite: another go at munging cipher-suite strings

7 years agoDebug: remove router DSN config dump on startup
Jeremy Harris [Sat, 11 Nov 2017 21:04:21 +0000 (21:04 +0000)]
Debug: remove router DSN config dump on startup

7 years agoTestsuite: another go at munging cipher-suite strings
Jeremy Harris [Sat, 11 Nov 2017 18:39:09 +0000 (18:39 +0000)]
Testsuite: another go at munging cipher-suite strings

7 years agoDowngrade an unfound-list name from panic to DEFER. Bug 1645
Jeremy Harris [Sat, 11 Nov 2017 16:11:06 +0000 (16:11 +0000)]
Downgrade an unfound-list name from panic to DEFER.  Bug 1645

7 years agoTestsuite: another go at munging cipher-suite strings
Jeremy Harris [Thu, 9 Nov 2017 21:35:08 +0000 (21:35 +0000)]
Testsuite: another go at munging cipher-suite strings

7 years agoTestsuite: another go at munging cipher-suite strings
Jeremy Harris [Thu, 9 Nov 2017 19:49:49 +0000 (19:49 +0000)]
Testsuite: another go at munging cipher-suite strings

7 years agodocs: typo
Jeremy Harris [Wed, 8 Nov 2017 12:37:22 +0000 (12:37 +0000)]
docs: typo

7 years agotidying
Jeremy Harris [Wed, 8 Nov 2017 12:01:20 +0000 (12:01 +0000)]
tidying

7 years agoDKIM: call ACL once for each signature matching the identity from dkim_verify_signers...
Jeremy Harris [Wed, 8 Nov 2017 10:43:28 +0000 (10:43 +0000)]
DKIM: call ACL once for each signature matching the identity from dkim_verify_signers.  Bug 2189

7 years agoDKIM: make verification results visible in data ACL
Jeremy Harris [Tue, 7 Nov 2017 21:40:19 +0000 (21:40 +0000)]
DKIM: make verification results visible in data ACL

7 years agoDKIM: Allow the DKIM ACL to override verification results. Bug 2186
Jeremy Harris [Tue, 7 Nov 2017 19:01:42 +0000 (19:01 +0000)]
DKIM: Allow the DKIM ACL to override verification results.  Bug 2186

This provides generic support, though is covers the need introduced
by https://datatracker.ietf.org/doc/draft-ietf-dcrup-dkim-usage/?include_text=1
(deprecating sha-1 and RSA keys shorter than 1024 bits).

7 years agoTLS: support multiple certificate files in server. Bug 2092
Jeremy Harris [Tue, 7 Nov 2017 16:09:28 +0000 (16:09 +0000)]
TLS: support multiple certificate files in server.  Bug 2092

7 years agoDocs: add index entry
Jeremy Harris [Fri, 3 Nov 2017 13:05:16 +0000 (13:05 +0000)]
Docs: add index entry

7 years agoDKIM: better syntax for control of oversigning. Bug 2180
Jeremy Harris [Fri, 3 Nov 2017 11:02:19 +0000 (11:02 +0000)]
DKIM: better syntax for control of oversigning.  Bug 2180

7 years agoUse LDFLAGS not EXTRALIBS_EXIM; 1.0.2 needs ldl too
Phil Pennock [Thu, 2 Nov 2017 18:48:30 +0000 (14:48 -0400)]
Use LDFLAGS not EXTRALIBS_EXIM; 1.0.2 needs ldl too

7 years agoexigrep: we need to run with perl 5.8.x
Heiko Schlittermann (HS12-RIPE) [Wed, 1 Nov 2017 21:38:43 +0000 (22:38 +0100)]
exigrep: we need to run with perl 5.8.x

The defined-or operator '//' does not exist yet.

7 years agoUse back-compatible variable for perl version
Jeremy Harris [Wed, 1 Nov 2017 12:32:13 +0000 (12:32 +0000)]
Use back-compatible variable for perl version
The modern $^V is not present in some buildfarm animals' perl versions.

7 years agoTestsuite: Output the --version from exigrep, exinext, eximstats
Heiko Schlittermann (HS12-RIPE) [Wed, 1 Nov 2017 06:45:55 +0000 (07:45 +0100)]
Testsuite: Output the --version from exigrep, exinext, eximstats

7 years agoAdd --version to all installed Perl and Shell scripts.
Heiko Schlittermann (HS12-RIPE) [Wed, 1 Nov 2017 06:45:14 +0000 (07:45 +0100)]
Add --version to all installed Perl and Shell scripts.

This option outputs the build info, and for Perl scripts it additionally
outputs the Perl version that is running the current script.

7 years agoLose extraneous line
Jeremy Harris [Tue, 31 Oct 2017 16:31:34 +0000 (16:31 +0000)]
Lose extraneous line
Broken-by: 9650d98a07
7 years ago Add macro support to -be expansion test mode. Bug 1623
Jeremy Harris [Tue, 31 Oct 2017 15:31:50 +0000 (15:31 +0000)]
Add macro support to -be expansion test mode.  Bug 1623

7 years agoTestsuite: notify perl version at runtest startup
Jeremy Harris [Mon, 30 Oct 2017 10:15:26 +0000 (10:15 +0000)]
Testsuite: notify perl version at runtest startup

7 years agoMake exim_monitor build reproducible.
Andreas Metzler [Sat, 28 Oct 2017 17:45:30 +0000 (19:45 +0200)]
Make exim_monitor build reproducible.

Adapt changes to exim for SOURCE_DATE_EPOCH from exim
6e411084a29a7658f7bc88aa5a62ab9016c22c79 to exim_monitor.

7 years agoDo not exit when cwd has no name. Bug 2078
Jeremy Harris [Sat, 28 Oct 2017 14:09:05 +0000 (15:09 +0100)]
Do not exit when cwd has no name.  Bug 2078

7 years agoBuild: fix repeatable-build typo
Andreas Metzler [Sat, 28 Oct 2017 13:23:50 +0000 (14:23 +0100)]
Build: fix repeatable-build typo

7 years agoFix build warning. Bug 2181
Jeremy Harris [Sat, 28 Oct 2017 13:04:12 +0000 (14:04 +0100)]
Fix build warning.  Bug 2181

7 years agoCorrect typo "psuedo" in exipick documentation.
Andreas Metzler [Sat, 28 Oct 2017 12:26:48 +0000 (14:26 +0200)]
Correct typo "psuedo" in exipick documentation.

7 years agonit: typo-fix in comment (my goof)
Phil Pennock [Fri, 27 Oct 2017 17:07:48 +0000 (13:07 -0400)]
nit: typo-fix in comment (my goof)

7 years agoCopyright year bumps for substantive changes 2017 exim-4_90_RC1
Jeremy Harris [Thu, 26 Oct 2017 20:48:12 +0000 (21:48 +0100)]
Copyright year bumps for substantive changes 2017

7 years agoTestsuite: OpenSSL version output variances
Jeremy Harris [Thu, 26 Oct 2017 19:20:41 +0000 (20:20 +0100)]
Testsuite: OpenSSL version output variances

7 years agoTestsuite: support platform variance in debug output
Jeremy Harris [Thu, 26 Oct 2017 17:43:55 +0000 (18:43 +0100)]
Testsuite: support platform variance in debug output
Solaris printf %p gives hex without a leading 0x

7 years agoTestsuite: add missing testcase files
Jeremy Harris [Thu, 26 Oct 2017 17:34:48 +0000 (18:34 +0100)]
Testsuite: add missing testcase files

7 years agoTestsuite: create test db on-the-fliy for LMDB testcase
Jeremy Harris [Thu, 26 Oct 2017 17:26:37 +0000 (18:26 +0100)]
Testsuite: create test db on-the-fliy for LMDB testcase

7 years agoTestsuite: more time for slow test platform
Jeremy Harris [Thu, 26 Oct 2017 16:17:22 +0000 (17:17 +0100)]
Testsuite: more time for slow test platform

7 years agoRevert "Build: tidying"
Jeremy Harris [Thu, 26 Oct 2017 13:54:02 +0000 (14:54 +0100)]
Revert "Build: tidying"

This reverts commit 3a40b2f9648ce9737b3f8f542e5079e58c4db3c3.

It didn't work with Pmake (FreeBSD/OpenBSD)

7 years agoDebug: add trace in the inlist expansion condition
Jeremy Harris [Thu, 26 Oct 2017 13:47:11 +0000 (14:47 +0100)]
Debug: add trace in the inlist expansion condition

7 years agoBuild: tidying
Jeremy Harris [Wed, 25 Oct 2017 17:13:19 +0000 (18:13 +0100)]
Build: tidying

7 years agoTestsuite: more time for slow test platform
Jeremy Harris [Wed, 25 Oct 2017 15:59:30 +0000 (16:59 +0100)]
Testsuite: more time for slow test platform

7 years agoDocs: clarify DKIM default signing. Bug 2179
Jeremy Harris [Wed, 25 Oct 2017 14:54:31 +0000 (15:54 +0100)]
Docs: clarify DKIM default signing.  Bug 2179

7 years agoTestsuite: ignore timezone-specific debug output
Jeremy Harris [Wed, 25 Oct 2017 14:19:32 +0000 (15:19 +0100)]
Testsuite: ignore timezone-specific debug output

7 years agoUnbreak non-DKIM build
Jeremy Harris [Wed, 25 Oct 2017 13:51:17 +0000 (14:51 +0100)]
Unbreak non-DKIM build

7 years agoDKIM: add builtin macro with default list of headers for signing
Jeremy Harris [Wed, 25 Oct 2017 09:58:18 +0000 (10:58 +0100)]
DKIM: add builtin macro with default list of headers for signing

7 years agoDocs: expand TFO information
Jeremy Harris [Sun, 22 Oct 2017 19:40:11 +0000 (20:40 +0100)]
Docs: expand TFO information

7 years agoTestsuite: ignore optional-config output
Jeremy Harris [Sun, 22 Oct 2017 14:47:13 +0000 (15:47 +0100)]
Testsuite: ignore optional-config output

7 years agotidying
Jeremy Harris [Sat, 21 Oct 2017 20:52:54 +0000 (21:52 +0100)]
tidying

7 years agotidying
Jeremy Harris [Sat, 21 Oct 2017 20:20:46 +0000 (21:20 +0100)]
tidying

7 years agoAdd equivalent for missing poll(2) #define
Jeremy Harris [Sat, 21 Oct 2017 19:29:25 +0000 (20:29 +0100)]
Add equivalent for missing poll(2) #define
Needed in FreeBSD and OpenBSD, and probably Solaris

7 years agoCHUNKING: Fix flush of chunk on error
Jeremy Harris [Sat, 21 Oct 2017 18:27:01 +0000 (19:27 +0100)]
CHUNKING: Fix flush of chunk on error

7 years agoTestsuite: make debug output for proxied TLS less indeterminate
Jeremy Harris [Sat, 21 Oct 2017 17:36:31 +0000 (18:36 +0100)]
Testsuite: make debug output for proxied TLS less indeterminate

7 years agoUse safer routine for possibly-overlapping copy
Jeremy Harris [Fri, 20 Oct 2017 22:21:27 +0000 (23:21 +0100)]
Use safer routine for possibly-overlapping copy
Fixes a logging bug seen on aarch64

7 years agoTestsuite: make debug output for proxied TLS less indeterminate
Jeremy Harris [Fri, 20 Oct 2017 22:20:57 +0000 (23:20 +0100)]
Testsuite: make debug output for proxied TLS less indeterminate

7 years agoDebug: output type of process as it terminates
Jeremy Harris [Fri, 20 Oct 2017 18:30:20 +0000 (19:30 +0100)]
Debug: output type of process as it terminates

7 years agoTestsuite: accept changed output from perl version difference
Jeremy Harris [Fri, 20 Oct 2017 16:45:21 +0000 (17:45 +0100)]
Testsuite: accept changed output from perl version difference

7 years agoTestsuite: ignore optional-config output
Jeremy Harris [Fri, 20 Oct 2017 15:21:32 +0000 (16:21 +0100)]
Testsuite: ignore optional-config output

7 years agoTestsuite: dump stdout for a force-continue
Jeremy Harris [Fri, 20 Oct 2017 14:40:42 +0000 (15:40 +0100)]
Testsuite: dump stdout for a force-continue

7 years agoAdd equivalent for missing poll(2) #define in OpenBSD
Jeremy Harris [Fri, 20 Oct 2017 14:28:07 +0000 (15:28 +0100)]
Add equivalent for missing poll(2) #define in OpenBSD

7 years agoDocs: note that } chars in a RE are also needing escaping for ${sg }
Jeremy Harris [Wed, 18 Oct 2017 21:34:12 +0000 (22:34 +0100)]
Docs: note that } chars in a RE are also needing escaping for ${sg }

7 years agoInclude sys/uio.h for writev()
Heiko Schlittermann (HS12-RIPE) [Wed, 18 Oct 2017 20:38:20 +0000 (22:38 +0200)]
Include sys/uio.h for writev()