Jeremy Harris [Mon, 31 Oct 2022 10:18:28 +0000 (10:18 +0000)]
Release process: permit minor version numbers after 99
Jeremy Harris [Sun, 23 Oct 2022 08:58:41 +0000 (09:58 +0100)]
Testsuite: clarify OCSP tests
Jeremy Harris [Sun, 23 Oct 2022 08:56:45 +0000 (09:56 +0100)]
Docs: fix description for hosts_request_ocsp default under DANE
Lorenz Brun [Fri, 14 Oct 2022 19:02:51 +0000 (21:02 +0200)]
DMARC: fix use-after-free in dmarc_dns_lookup
This fixes a use-after-free in dmarc_dns_lookup where the result
of dns_lookup in dnsa is freed before the required data is copied out.
Fixes: 9258363 ("DNS: explicit alloc/free of workspace")
Heiko Schlittermann (HS12-RIPE) [Sat, 15 Oct 2022 17:30:58 +0000 (19:30 +0200)]
Fix: Build with libopendmarc 1.4.x (fixes 2728)
Jeremy Harris [Tue, 4 Oct 2022 20:30:55 +0000 (21:30 +0100)]
Unbreak FreeBSD build
Broken-by: 96751ae76e
Jeremy Harris [Tue, 4 Oct 2022 18:12:13 +0000 (19:12 +0100)]
Quieten clang build
Jeremy Harris [Tue, 4 Oct 2022 18:11:03 +0000 (19:11 +0100)]
Fix build with older OpenSSL.
Broken-by: 96751ae76e
Jeremy Harris [Tue, 4 Oct 2022 12:20:29 +0000 (13:20 +0100)]
OpenSSL: fix configuration of older TLS protocol versions
Jasen Betts [Fri, 30 Sep 2022 12:49:41 +0000 (13:49 +0100)]
GnuTLS: fix for clients offering no TLS extensions
Jeremy Harris [Sun, 25 Sep 2022 11:44:23 +0000 (12:44 +0100)]
docs internal note
Jeremy Harris [Thu, 22 Sep 2022 14:09:07 +0000 (15:09 +0100)]
Fix ${filter } for conditions modifying $value
Jeremy Harris [Thu, 22 Sep 2022 12:11:41 +0000 (13:11 +0100)]
Docs: more indexing
Jeremy Harris [Fri, 2 Sep 2022 10:15:33 +0000 (11:15 +0100)]
EXPERIMENTAL_DCC: make build without WITH_CONTENT_SCAN fail
rather than auto-include the support
Jeremy Harris [Thu, 1 Sep 2022 14:54:35 +0000 (15:54 +0100)]
Fix non-WITH_CONTENT_SCAN build (3)
Broken-by: d8ecc7bf97
Jeremy Harris [Wed, 31 Aug 2022 16:17:59 +0000 (17:17 +0100)]
Fix non-WITH_CONTENT_SCAN build (2)
Broken-by: d8ecc7bf97
Jeremy Harris [Wed, 31 Aug 2022 16:03:37 +0000 (17:03 +0100)]
Fix non-WITH_CONTENT_SCAN build.
Broken-by: 4e9ed49f8f
Jeremy Harris [Wed, 31 Aug 2022 14:37:40 +0000 (15:37 +0100)]
Fix $regex<n> use-after-free. Bug 2915
Jeremy Harris [Tue, 23 Aug 2022 17:34:29 +0000 (18:34 +0100)]
OpenSSL: fix non-OCSP build
Broken-by: 9641b6648d
Jeremy Harris [Sat, 20 Aug 2022 15:43:03 +0000 (16:43 +0100)]
OpenSSL: fix reload of changed OCSP proof
Jeremy Harris [Thu, 18 Aug 2022 20:20:15 +0000 (21:20 +0100)]
OpenSSL: unbreak build with older library version
Broken-by: 4e3a01c260
Jeremy Harris [Thu, 18 Aug 2022 19:47:01 +0000 (20:47 +0100)]
GSASL: use tls-exporter for SCRAM*PLUS methods under TLSv1.3
Jeremy Harris [Tue, 16 Aug 2022 09:06:02 +0000 (10:06 +0100)]
Testsuite: platform variations
Jeremy Harris [Mon, 15 Aug 2022 19:40:13 +0000 (20:40 +0100)]
Testsuite: OpenSSL version variances
Jeremy Harris [Mon, 15 Aug 2022 17:42:28 +0000 (18:42 +0100)]
OpenSSL: strip spaces & newlines from cert signature expansion
Ulrich Landgraf [Mon, 15 Aug 2022 15:50:36 +0000 (16:50 +0100)]
Fix symlink-following. Bug 2909
Broken-by: ef57b25bfa
Jeremy Harris [Sat, 13 Aug 2022 19:19:16 +0000 (20:19 +0100)]
Partial workaround for TCP Fast Open issue. Bug 2907
Jeremy Harris [Sat, 13 Aug 2022 19:42:07 +0000 (20:42 +0100)]
Testsuite: use more reliable IP for TFO testcases
Jeremy Harris [Sat, 13 Aug 2022 19:58:29 +0000 (20:58 +0100)]
Dump stack for "bad memory reference". Bug 2904
Jeremy Harris [Sun, 14 Aug 2022 11:39:01 +0000 (12:39 +0100)]
Testsuite: tweak pgsql testcase
Jeremy Harris [Tue, 9 Aug 2022 09:57:56 +0000 (10:57 +0100)]
Filter rDNS returns for bad chars
Jeremy Harris [Mon, 8 Aug 2022 18:46:03 +0000 (19:46 +0100)]
Symlink following for TLS creds files
Jeremy Harris [Sun, 7 Aug 2022 16:00:27 +0000 (17:00 +0100)]
SPF: fix memory accounting for error case
Jeremy Harris [Tue, 26 Jul 2022 21:15:35 +0000 (22:15 +0100)]
Docs: ratelimit tidying
Jeremy Harris [Tue, 26 Jul 2022 20:49:47 +0000 (21:49 +0100)]
Docs: tidy DANE info
Jeremy Harris [Tue, 26 Jul 2022 20:24:16 +0000 (21:24 +0100)]
Docs: subsections for TLS server/client config
Jeremy Harris [Tue, 26 Jul 2022 19:00:23 +0000 (20:00 +0100)]
Docs: subsections and direct indexing for lookup types
Jeremy Harris [Tue, 26 Jul 2022 18:05:33 +0000 (19:05 +0100)]
Docs: tweak list-syntax description
Jeremy Harris [Mon, 25 Jul 2022 11:02:40 +0000 (12:02 +0100)]
typo
Jeremy Harris [Fri, 22 Jul 2022 13:41:16 +0000 (14:41 +0100)]
Docs: direct indexing for command-line options
Requires exim-website
db06108b14.
Jeremy Harris [Thu, 21 Jul 2022 15:41:25 +0000 (16:41 +0100)]
Event for auth fail: client side
Jeremy Harris [Tue, 19 Jul 2022 22:37:27 +0000 (23:37 +0100)]
Event for auth fail
Jeremy Harris [Tue, 12 Jul 2022 21:14:04 +0000 (22:14 +0100)]
Fix exit on attempt to rewrite a malformed address. Bug 2903
Jeremy Harris [Tue, 12 Jul 2022 14:22:13 +0000 (15:22 +0100)]
Docs: subsections
Jeremy Harris [Tue, 5 Jul 2022 20:06:25 +0000 (21:06 +0100)]
Docs: subsections
Jeremy Harris [Tue, 5 Jul 2022 20:05:15 +0000 (21:05 +0100)]
Docs: fix tables in PDF
Broken-by: e73e1b8f9d
Jeremy Harris [Sun, 3 Jul 2022 11:42:31 +0000 (12:42 +0100)]
OpenSSL: add IP & DN to OCSP fail log line
Jeremy Harris [Fri, 1 Jul 2022 20:53:08 +0000 (21:53 +0100)]
Docs: tidy bug comment; fixed in exim-website git
Jeremy Harris [Fri, 1 Jul 2022 17:27:12 +0000 (18:27 +0100)]
Docs: macros for index "see also" entries
Jeremy Harris [Thu, 30 Jun 2022 16:02:08 +0000 (17:02 +0100)]
Docs: bug notes
Jeremy Harris [Thu, 30 Jun 2022 16:01:42 +0000 (17:01 +0100)]
Docs: typoes
Jeremy Harris [Thu, 30 Jun 2022 12:36:38 +0000 (13:36 +0100)]
Docs: clarify recipient-checking ACL conditions applicability
Jeremy Harris [Wed, 29 Jun 2022 13:14:44 +0000 (14:14 +0100)]
Build: fix commentary describing configuration directives
Jeremy Harris [Sun, 26 Jun 2022 14:27:32 +0000 (15:27 +0100)]
Variable setting in -be
Jeremy Harris [Sun, 26 Jun 2022 11:29:05 +0000 (12:29 +0100)]
typo
Jeremy Harris [Sun, 26 Jun 2022 11:10:03 +0000 (12:10 +0100)]
Merge branch '4.next'
Jeremy Harris [Sun, 26 Jun 2022 11:05:47 +0000 (12:05 +0100)]
Docs: tidy for next release
Jeremy Harris [Thu, 23 Jun 2022 13:41:10 +0000 (14:41 +0100)]
Docs: more indexing
Jeremy Harris [Mon, 20 Jun 2022 11:38:20 +0000 (12:38 +0100)]
Regex cache observability
Jeremy Harris [Sun, 19 Jun 2022 20:17:17 +0000 (21:17 +0100)]
Args count reduction in expansions coding
Jeremy Harris [Sun, 19 Jun 2022 16:15:25 +0000 (17:15 +0100)]
Regex compile cacheing
Jeremy Harris [Fri, 17 Jun 2022 20:40:21 +0000 (21:40 +0100)]
tidying
Jeremy Harris [Fri, 17 Jun 2022 19:37:44 +0000 (20:37 +0100)]
Testsuite: pid & port numbers
Jeremy Harris [Fri, 17 Jun 2022 13:38:02 +0000 (14:38 +0100)]
Testsuite: port numbers
Jeremy Harris [Fri, 17 Jun 2022 10:21:05 +0000 (11:21 +0100)]
Testsuite: pid tracking
Jeremy Harris [Sat, 11 Jun 2022 12:20:17 +0000 (13:20 +0100)]
helper fn for daemon notifier
Jeremy Harris [Tue, 7 Jun 2022 17:44:36 +0000 (18:44 +0100)]
Testsuite: OpenSSL version differences
(cherry picked from commit
4468bfff7dc28b9c54a5225d3f10a6aa6a67a1d9)
Jeremy Harris [Fri, 10 Jun 2022 10:54:17 +0000 (11:54 +0100)]
Use pool storage for regex operations
Jeremy Harris [Tue, 7 Jun 2022 17:44:36 +0000 (18:44 +0100)]
Testsuite: OpenSSL version differences
Jeremy Harris [Sun, 5 Jun 2022 15:37:28 +0000 (16:37 +0100)]
Avoid processing in ${sg...} when skipping
Jeremy Harris [Sun, 5 Jun 2022 14:38:24 +0000 (15:38 +0100)]
Update option defaults
Jeremy Harris [Sat, 4 Jun 2022 14:00:03 +0000 (15:00 +0100)]
tidying
Jeremy Harris [Fri, 3 Jun 2022 15:58:12 +0000 (16:58 +0100)]
Logging: expand hosts_connection_nolog coverage
Jeremy Harris [Fri, 3 Jun 2022 14:34:03 +0000 (15:34 +0100)]
SRS: avoid expanding ${srs_encode...} when guarded by ${if...}
Jeremy Harris [Wed, 1 Jun 2022 14:06:31 +0000 (15:06 +0100)]
Unbreak DISABLE_PIPE_CONNECT build
Broken-by: b326f3a87a
(cherry picked from commit
c2046b73572e3b2ea94b4bf7fea9810b73d606c4)
Jeremy Harris [Thu, 2 Jun 2022 14:33:32 +0000 (15:33 +0100)]
Deduplicate coding between exim and eximon
Jeremy Harris [Mon, 30 May 2022 16:55:12 +0000 (17:55 +0100)]
tidying
Jeremy Harris [Fri, 27 May 2022 22:03:02 +0000 (23:03 +0100)]
Handle a v4mapped sender address given us by a proxy. Bug 2855
Jeremy Harris [Wed, 1 Jun 2022 14:06:31 +0000 (15:06 +0100)]
Unbreak DISABLE_PIPE_CONNECT build
Broken-by: b326f3a87a
Jeremy Harris [Wed, 1 Jun 2022 10:19:05 +0000 (11:19 +0100)]
SRS: fix encode operation for empty sender addresses.
Jeremy Harris [Mon, 30 May 2022 14:57:18 +0000 (15:57 +0100)]
Fix build on BSDs & Solaris
Broken-by: 204a7a2c2e
Jeremy Harris [Mon, 30 May 2022 09:49:54 +0000 (10:49 +0100)]
panic_coredump option. Bug 2892
Jeremy Harris [Mon, 30 May 2022 08:40:02 +0000 (09:40 +0100)]
Docs: fix host_require_helo
Broken-by: 2f8e0a5f6b
Jeremy Harris [Thu, 26 May 2022 21:31:35 +0000 (22:31 +0100)]
Fix build with DISABLE_TLS_RESUME
Jeremy Harris [Thu, 26 May 2022 19:11:43 +0000 (20:11 +0100)]
CHUNKING: handle protocol errors during reception
Jeremy Harris [Thu, 26 May 2022 12:46:08 +0000 (13:46 +0100)]
CHUNKING: fix second message on conn when first rejected
Jeremy Harris [Thu, 26 May 2022 11:10:27 +0000 (12:10 +0100)]
DEBUG: clarify multiline smtp responses
Jeremy Harris [Tue, 24 May 2022 19:27:38 +0000 (20:27 +0100)]
TLS resumption: fix for PIPECONNECT
When actively initiating a connection with PIPECONNECT, evaluate
the EHLO response for possible lbserver indication when we do
eventually reap that response, before acting on the STARTTLS response.
Jeremy Harris [Tue, 24 May 2022 11:30:14 +0000 (12:30 +0100)]
typo
Jeremy Harris [Mon, 23 May 2022 14:48:38 +0000 (15:48 +0100)]
Logging: distinguish mem-allocation errors
Jeremy Harris [Mon, 23 May 2022 11:09:43 +0000 (12:09 +0100)]
TLS resumption: disable on continued-connection
When we have an open TCP connection and are start a second TLS session
we do not have the host-lbserver string (being in a freshly exec'd
process) needed for session-cache lookup, so resumptino is not safe.
Jeremy Harris [Fri, 20 May 2022 21:38:09 +0000 (22:38 +0100)]
Docs: more info on PIPECONNECT
Jeremy Harris [Mon, 23 May 2022 13:15:15 +0000 (14:15 +0100)]
Debug: clarify SMTP DATA ops in transport
Jeremy Harris [Thu, 19 May 2022 13:24:48 +0000 (14:24 +0100)]
ARC: reset headers before signing for secondary MX. Bug 2886
Jeremy Harris [Thu, 19 May 2022 13:23:02 +0000 (14:23 +0100)]
GnuTLS: Do not free the cached creds on transport connection close. Bug 2886
Jeremy Harris [Sun, 15 May 2022 16:10:59 +0000 (17:10 +0100)]
Debug: pass ACL-initiated debug through spool residency
Jeremy Harris [Sun, 15 May 2022 11:47:30 +0000 (12:47 +0100)]
Testsuite: munge for recent GnuTLS
Jeremy Harris [Sat, 14 May 2022 19:20:21 +0000 (20:20 +0100)]
tidying
Jeremy Harris [Wed, 11 May 2022 18:42:17 +0000 (19:42 +0100)]
Revert "LibreSSL: maintain buildability on versions after 3.5.0"
Breaks Solaris builds.
This reverts commit
c0418936da7c7ec6674e6d60dac5fa33a84e0618.
Kirill Miazine [Wed, 11 May 2022 13:13:22 +0000 (14:13 +0100)]
LibreSSL: maintain buildability on versions after 3.5.0