exim.git
2 years agoDocs: fix description for hosts_request_ocsp default under DANE
Jeremy Harris [Sun, 23 Oct 2022 08:56:45 +0000 (09:56 +0100)]
Docs: fix description for hosts_request_ocsp default under DANE

2 years agoDMARC: fix use-after-free in dmarc_dns_lookup
Lorenz Brun [Fri, 14 Oct 2022 19:02:51 +0000 (21:02 +0200)]
DMARC: fix use-after-free in dmarc_dns_lookup

This fixes a use-after-free in dmarc_dns_lookup where the result
of dns_lookup in dnsa is freed before the required data is copied out.

Fixes: 9258363 ("DNS: explicit alloc/free of workspace")
2 years agoFix: Build with libopendmarc 1.4.x (fixes 2728)
Heiko Schlittermann (HS12-RIPE) [Sat, 15 Oct 2022 17:30:58 +0000 (19:30 +0200)]
Fix: Build with libopendmarc 1.4.x (fixes 2728)

2 years agoUnbreak FreeBSD build
Jeremy Harris [Tue, 4 Oct 2022 20:30:55 +0000 (21:30 +0100)]
Unbreak FreeBSD build

Broken-by: 96751ae76e
2 years agoQuieten clang build
Jeremy Harris [Tue, 4 Oct 2022 18:12:13 +0000 (19:12 +0100)]
Quieten clang build

2 years agoFix build with older OpenSSL.
Jeremy Harris [Tue, 4 Oct 2022 18:11:03 +0000 (19:11 +0100)]
Fix build with older OpenSSL.

Broken-by: 96751ae76e
2 years agoOpenSSL: fix configuration of older TLS protocol versions
Jeremy Harris [Tue, 4 Oct 2022 12:20:29 +0000 (13:20 +0100)]
OpenSSL: fix configuration of older TLS protocol versions

2 years agoGnuTLS: fix for clients offering no TLS extensions
Jasen Betts [Fri, 30 Sep 2022 12:49:41 +0000 (13:49 +0100)]
GnuTLS: fix for clients offering no TLS extensions

2 years agodocs internal note
Jeremy Harris [Sun, 25 Sep 2022 11:44:23 +0000 (12:44 +0100)]
docs internal note

2 years agoFix ${filter } for conditions modifying $value
Jeremy Harris [Thu, 22 Sep 2022 14:09:07 +0000 (15:09 +0100)]
Fix ${filter } for conditions modifying $value

2 years agoDocs: more indexing
Jeremy Harris [Thu, 22 Sep 2022 12:11:41 +0000 (13:11 +0100)]
Docs: more indexing

2 years agoEXPERIMENTAL_DCC: make build without WITH_CONTENT_SCAN fail
Jeremy Harris [Fri, 2 Sep 2022 10:15:33 +0000 (11:15 +0100)]
EXPERIMENTAL_DCC: make build without WITH_CONTENT_SCAN fail
rather than auto-include the support

2 years agoFix non-WITH_CONTENT_SCAN build (3)
Jeremy Harris [Thu, 1 Sep 2022 14:54:35 +0000 (15:54 +0100)]
Fix non-WITH_CONTENT_SCAN build (3)

Broken-by: d8ecc7bf97
2 years agoFix non-WITH_CONTENT_SCAN build (2)
Jeremy Harris [Wed, 31 Aug 2022 16:17:59 +0000 (17:17 +0100)]
Fix non-WITH_CONTENT_SCAN build (2)

Broken-by: d8ecc7bf97
2 years agoFix non-WITH_CONTENT_SCAN build.
Jeremy Harris [Wed, 31 Aug 2022 16:03:37 +0000 (17:03 +0100)]
Fix non-WITH_CONTENT_SCAN build.

Broken-by: 4e9ed49f8f
2 years agoFix $regex<n> use-after-free. Bug 2915
Jeremy Harris [Wed, 31 Aug 2022 14:37:40 +0000 (15:37 +0100)]
Fix $regex<n> use-after-free.  Bug 2915

2 years agoOpenSSL: fix non-OCSP build
Jeremy Harris [Tue, 23 Aug 2022 17:34:29 +0000 (18:34 +0100)]
OpenSSL: fix non-OCSP build

Broken-by: 9641b6648d
2 years agoOpenSSL: fix reload of changed OCSP proof
Jeremy Harris [Sat, 20 Aug 2022 15:43:03 +0000 (16:43 +0100)]
OpenSSL: fix reload of changed OCSP proof

2 years agoOpenSSL: unbreak build with older library version
Jeremy Harris [Thu, 18 Aug 2022 20:20:15 +0000 (21:20 +0100)]
OpenSSL: unbreak build with older library version

Broken-by: 4e3a01c260
2 years agoGSASL: use tls-exporter for SCRAM*PLUS methods under TLSv1.3
Jeremy Harris [Thu, 18 Aug 2022 19:47:01 +0000 (20:47 +0100)]
GSASL: use tls-exporter for SCRAM*PLUS methods under TLSv1.3

2 years agoTestsuite: platform variations
Jeremy Harris [Tue, 16 Aug 2022 09:06:02 +0000 (10:06 +0100)]
Testsuite: platform variations

2 years agoTestsuite: OpenSSL version variances
Jeremy Harris [Mon, 15 Aug 2022 19:40:13 +0000 (20:40 +0100)]
Testsuite: OpenSSL version variances

2 years agoOpenSSL: strip spaces & newlines from cert signature expansion
Jeremy Harris [Mon, 15 Aug 2022 17:42:28 +0000 (18:42 +0100)]
OpenSSL: strip spaces & newlines from cert signature expansion

2 years agoFix symlink-following. Bug 2909
Ulrich Landgraf [Mon, 15 Aug 2022 15:50:36 +0000 (16:50 +0100)]
Fix symlink-following.  Bug 2909

Broken-by: ef57b25bfa
2 years agoPartial workaround for TCP Fast Open issue. Bug 2907
Jeremy Harris [Sat, 13 Aug 2022 19:19:16 +0000 (20:19 +0100)]
Partial workaround for TCP Fast Open issue.  Bug 2907

2 years agoTestsuite: use more reliable IP for TFO testcases
Jeremy Harris [Sat, 13 Aug 2022 19:42:07 +0000 (20:42 +0100)]
Testsuite: use more reliable IP for TFO testcases

2 years agoDump stack for "bad memory reference". Bug 2904
Jeremy Harris [Sat, 13 Aug 2022 19:58:29 +0000 (20:58 +0100)]
Dump stack for "bad memory reference".  Bug 2904

2 years agoTestsuite: tweak pgsql testcase
Jeremy Harris [Sun, 14 Aug 2022 11:39:01 +0000 (12:39 +0100)]
Testsuite: tweak pgsql testcase

2 years agoFilter rDNS returns for bad chars
Jeremy Harris [Tue, 9 Aug 2022 09:57:56 +0000 (10:57 +0100)]
Filter rDNS returns for bad chars

2 years agoSymlink following for TLS creds files
Jeremy Harris [Mon, 8 Aug 2022 18:46:03 +0000 (19:46 +0100)]
Symlink following for TLS creds files

2 years agoSPF: fix memory accounting for error case
Jeremy Harris [Sun, 7 Aug 2022 16:00:27 +0000 (17:00 +0100)]
SPF: fix memory accounting for error case

2 years agoDocs: ratelimit tidying
Jeremy Harris [Tue, 26 Jul 2022 21:15:35 +0000 (22:15 +0100)]
Docs: ratelimit tidying

2 years agoDocs: tidy DANE info
Jeremy Harris [Tue, 26 Jul 2022 20:49:47 +0000 (21:49 +0100)]
Docs: tidy DANE info

2 years agoDocs: subsections for TLS server/client config
Jeremy Harris [Tue, 26 Jul 2022 20:24:16 +0000 (21:24 +0100)]
Docs: subsections for TLS server/client config

2 years agoDocs: subsections and direct indexing for lookup types
Jeremy Harris [Tue, 26 Jul 2022 19:00:23 +0000 (20:00 +0100)]
Docs: subsections and direct indexing for lookup types

2 years agoDocs: tweak list-syntax description
Jeremy Harris [Tue, 26 Jul 2022 18:05:33 +0000 (19:05 +0100)]
Docs: tweak list-syntax description

2 years agotypo
Jeremy Harris [Mon, 25 Jul 2022 11:02:40 +0000 (12:02 +0100)]
typo

2 years agoDocs: direct indexing for command-line options
Jeremy Harris [Fri, 22 Jul 2022 13:41:16 +0000 (14:41 +0100)]
Docs: direct indexing for command-line options
Requires exim-website db06108b14.

2 years agoEvent for auth fail: client side
Jeremy Harris [Thu, 21 Jul 2022 15:41:25 +0000 (16:41 +0100)]
Event for auth fail: client side

2 years agoEvent for auth fail
Jeremy Harris [Tue, 19 Jul 2022 22:37:27 +0000 (23:37 +0100)]
Event for auth fail

2 years agoFix exit on attempt to rewrite a malformed address. Bug 2903
Jeremy Harris [Tue, 12 Jul 2022 21:14:04 +0000 (22:14 +0100)]
Fix exit on attempt to rewrite a malformed address.  Bug 2903

2 years agoDocs: subsections
Jeremy Harris [Tue, 12 Jul 2022 14:22:13 +0000 (15:22 +0100)]
Docs: subsections

2 years agoDocs: subsections
Jeremy Harris [Tue, 5 Jul 2022 20:06:25 +0000 (21:06 +0100)]
Docs: subsections

2 years agoDocs: fix tables in PDF
Jeremy Harris [Tue, 5 Jul 2022 20:05:15 +0000 (21:05 +0100)]
Docs: fix tables in PDF

Broken-by: e73e1b8f9d
2 years agoOpenSSL: add IP & DN to OCSP fail log line
Jeremy Harris [Sun, 3 Jul 2022 11:42:31 +0000 (12:42 +0100)]
OpenSSL: add IP & DN to OCSP fail log line

2 years agoDocs: tidy bug comment; fixed in exim-website git
Jeremy Harris [Fri, 1 Jul 2022 20:53:08 +0000 (21:53 +0100)]
Docs: tidy bug comment; fixed in exim-website git

2 years agoDocs: macros for index "see also" entries
Jeremy Harris [Fri, 1 Jul 2022 17:27:12 +0000 (18:27 +0100)]
Docs: macros for index "see also" entries

2 years agoDocs: bug notes
Jeremy Harris [Thu, 30 Jun 2022 16:02:08 +0000 (17:02 +0100)]
Docs: bug notes

2 years agoDocs: typoes
Jeremy Harris [Thu, 30 Jun 2022 16:01:42 +0000 (17:01 +0100)]
Docs: typoes

2 years agoDocs: clarify recipient-checking ACL conditions applicability
Jeremy Harris [Thu, 30 Jun 2022 12:36:38 +0000 (13:36 +0100)]
Docs: clarify recipient-checking ACL conditions applicability

2 years agoBuild: fix commentary describing configuration directives
Jeremy Harris [Wed, 29 Jun 2022 13:14:44 +0000 (14:14 +0100)]
Build: fix commentary describing configuration directives

2 years agoVariable setting in -be
Jeremy Harris [Sun, 26 Jun 2022 14:27:32 +0000 (15:27 +0100)]
Variable setting in -be

2 years agotypo
Jeremy Harris [Sun, 26 Jun 2022 11:29:05 +0000 (12:29 +0100)]
typo

2 years agoMerge branch '4.next'
Jeremy Harris [Sun, 26 Jun 2022 11:10:03 +0000 (12:10 +0100)]
Merge branch '4.next'

2 years agoDocs: tidy for next release
Jeremy Harris [Sun, 26 Jun 2022 11:05:47 +0000 (12:05 +0100)]
Docs: tidy for next release

2 years agoDocs: more indexing exim-4.96
Jeremy Harris [Thu, 23 Jun 2022 13:41:10 +0000 (14:41 +0100)]
Docs: more indexing

2 years agoRegex cache observability
Jeremy Harris [Mon, 20 Jun 2022 11:38:20 +0000 (12:38 +0100)]
Regex cache observability

2 years agoArgs count reduction in expansions coding
Jeremy Harris [Sun, 19 Jun 2022 20:17:17 +0000 (21:17 +0100)]
Args count reduction in expansions coding

2 years agoRegex compile cacheing
Jeremy Harris [Sun, 19 Jun 2022 16:15:25 +0000 (17:15 +0100)]
Regex compile cacheing

2 years agotidying
Jeremy Harris [Fri, 17 Jun 2022 20:40:21 +0000 (21:40 +0100)]
tidying

2 years agoTestsuite: pid & port numbers
Jeremy Harris [Fri, 17 Jun 2022 19:37:44 +0000 (20:37 +0100)]
Testsuite: pid & port numbers

2 years agoTestsuite: port numbers
Jeremy Harris [Fri, 17 Jun 2022 13:38:02 +0000 (14:38 +0100)]
Testsuite: port numbers

2 years agoTestsuite: pid tracking
Jeremy Harris [Fri, 17 Jun 2022 10:21:05 +0000 (11:21 +0100)]
Testsuite: pid tracking

2 years agohelper fn for daemon notifier
Jeremy Harris [Sat, 11 Jun 2022 12:20:17 +0000 (13:20 +0100)]
helper fn for daemon notifier

2 years agoTestsuite: OpenSSL version differences
Jeremy Harris [Tue, 7 Jun 2022 17:44:36 +0000 (18:44 +0100)]
Testsuite: OpenSSL version differences

(cherry picked from commit 4468bfff7dc28b9c54a5225d3f10a6aa6a67a1d9)

2 years agoUse pool storage for regex operations
Jeremy Harris [Fri, 10 Jun 2022 10:54:17 +0000 (11:54 +0100)]
Use pool storage for regex operations

2 years agoTestsuite: OpenSSL version differences exim-4.96-RC2
Jeremy Harris [Tue, 7 Jun 2022 17:44:36 +0000 (18:44 +0100)]
Testsuite: OpenSSL version differences

2 years agoAvoid processing in ${sg...} when skipping
Jeremy Harris [Sun, 5 Jun 2022 15:37:28 +0000 (16:37 +0100)]
Avoid processing in ${sg...} when skipping

2 years agoUpdate option defaults
Jeremy Harris [Sun, 5 Jun 2022 14:38:24 +0000 (15:38 +0100)]
Update option defaults

2 years agotidying
Jeremy Harris [Sat, 4 Jun 2022 14:00:03 +0000 (15:00 +0100)]
tidying

2 years agoLogging: expand hosts_connection_nolog coverage
Jeremy Harris [Fri, 3 Jun 2022 15:58:12 +0000 (16:58 +0100)]
Logging: expand hosts_connection_nolog coverage

2 years agoSRS: avoid expanding ${srs_encode...} when guarded by ${if...}
Jeremy Harris [Fri, 3 Jun 2022 14:34:03 +0000 (15:34 +0100)]
SRS: avoid expanding ${srs_encode...} when guarded by ${if...}

2 years agoUnbreak DISABLE_PIPE_CONNECT build
Jeremy Harris [Wed, 1 Jun 2022 14:06:31 +0000 (15:06 +0100)]
Unbreak DISABLE_PIPE_CONNECT build

Broken-by: b326f3a87a
(cherry picked from commit c2046b73572e3b2ea94b4bf7fea9810b73d606c4)

2 years agoDeduplicate coding between exim and eximon
Jeremy Harris [Thu, 2 Jun 2022 14:33:32 +0000 (15:33 +0100)]
Deduplicate coding between exim and eximon

2 years agotidying
Jeremy Harris [Mon, 30 May 2022 16:55:12 +0000 (17:55 +0100)]
tidying

2 years agoHandle a v4mapped sender address given us by a proxy. Bug 2855
Jeremy Harris [Fri, 27 May 2022 22:03:02 +0000 (23:03 +0100)]
Handle a v4mapped sender address given us by a proxy.  Bug 2855

2 years agoUnbreak DISABLE_PIPE_CONNECT build
Jeremy Harris [Wed, 1 Jun 2022 14:06:31 +0000 (15:06 +0100)]
Unbreak DISABLE_PIPE_CONNECT build

Broken-by: b326f3a87a
2 years agoSRS: fix encode operation for empty sender addresses.
Jeremy Harris [Wed, 1 Jun 2022 10:19:05 +0000 (11:19 +0100)]
SRS: fix encode operation for empty sender addresses.

2 years agoFix build on BSDs & Solaris
Jeremy Harris [Mon, 30 May 2022 14:57:18 +0000 (15:57 +0100)]
Fix build on BSDs & Solaris

Broken-by: 204a7a2c2e
2 years agopanic_coredump option. Bug 2892
Jeremy Harris [Mon, 30 May 2022 09:49:54 +0000 (10:49 +0100)]
panic_coredump option.  Bug 2892

2 years agoDocs: fix host_require_helo
Jeremy Harris [Mon, 30 May 2022 08:40:02 +0000 (09:40 +0100)]
Docs: fix host_require_helo

Broken-by: 2f8e0a5f6b
2 years agoFix build with DISABLE_TLS_RESUME
Jeremy Harris [Thu, 26 May 2022 21:31:35 +0000 (22:31 +0100)]
Fix build with DISABLE_TLS_RESUME

2 years agoCHUNKING: handle protocol errors during reception
Jeremy Harris [Thu, 26 May 2022 19:11:43 +0000 (20:11 +0100)]
CHUNKING: handle protocol errors during reception

2 years agoCHUNKING: fix second message on conn when first rejected
Jeremy Harris [Thu, 26 May 2022 12:46:08 +0000 (13:46 +0100)]
CHUNKING: fix second message on conn when first rejected

2 years agoDEBUG: clarify multiline smtp responses
Jeremy Harris [Thu, 26 May 2022 11:10:27 +0000 (12:10 +0100)]
DEBUG: clarify multiline smtp responses

2 years agoTLS resumption: fix for PIPECONNECT
Jeremy Harris [Tue, 24 May 2022 19:27:38 +0000 (20:27 +0100)]
TLS resumption: fix for PIPECONNECT

When actively initiating a connection with PIPECONNECT, evaluate
the EHLO response for possible lbserver indication when we do
eventually reap that response, before acting on the STARTTLS response.

2 years agotypo
Jeremy Harris [Tue, 24 May 2022 11:30:14 +0000 (12:30 +0100)]
typo

2 years agoLogging: distinguish mem-allocation errors
Jeremy Harris [Mon, 23 May 2022 14:48:38 +0000 (15:48 +0100)]
Logging: distinguish mem-allocation errors

2 years agoTLS resumption: disable on continued-connection
Jeremy Harris [Mon, 23 May 2022 11:09:43 +0000 (12:09 +0100)]
TLS resumption: disable on continued-connection

When we have an open TCP connection and are start a second TLS session
we do not have the host-lbserver string (being in a freshly exec'd
process) needed for session-cache lookup, so resumptino is not safe.

2 years agoDocs: more info on PIPECONNECT
Jeremy Harris [Fri, 20 May 2022 21:38:09 +0000 (22:38 +0100)]
Docs: more info on PIPECONNECT

2 years agoDebug: clarify SMTP DATA ops in transport
Jeremy Harris [Mon, 23 May 2022 13:15:15 +0000 (14:15 +0100)]
Debug: clarify SMTP DATA ops in transport

2 years agoARC: reset headers before signing for secondary MX. Bug 2886
Jeremy Harris [Thu, 19 May 2022 13:24:48 +0000 (14:24 +0100)]
ARC: reset headers before signing for secondary MX.  Bug 2886

2 years agoGnuTLS: Do not free the cached creds on transport connection close. Bug 2886
Jeremy Harris [Thu, 19 May 2022 13:23:02 +0000 (14:23 +0100)]
GnuTLS: Do not free the cached creds on transport connection close.  Bug 2886

2 years ago Debug: pass ACL-initiated debug through spool residency exim-4.96-RC1
Jeremy Harris [Sun, 15 May 2022 16:10:59 +0000 (17:10 +0100)]
Debug: pass ACL-initiated debug through spool residency

2 years agoTestsuite: munge for recent GnuTLS
Jeremy Harris [Sun, 15 May 2022 11:47:30 +0000 (12:47 +0100)]
Testsuite: munge for recent GnuTLS

2 years agotidying
Jeremy Harris [Sat, 14 May 2022 19:20:21 +0000 (20:20 +0100)]
tidying

2 years agoRevert "LibreSSL: maintain buildability on versions after 3.5.0"
Jeremy Harris [Wed, 11 May 2022 18:42:17 +0000 (19:42 +0100)]
Revert "LibreSSL: maintain buildability on versions after 3.5.0"
Breaks Solaris builds.

This reverts commit c0418936da7c7ec6674e6d60dac5fa33a84e0618.

2 years agoLibreSSL: maintain buildability on versions after 3.5.0
Kirill Miazine [Wed, 11 May 2022 13:13:22 +0000 (14:13 +0100)]
LibreSSL: maintain buildability on versions after 3.5.0

2 years agoFix string_copyn() for limit greater than actual string length
Jeremy Harris [Mon, 9 May 2022 13:45:53 +0000 (14:45 +0100)]
Fix string_copyn() for limit greater than actual string length

Broken-by: a76d120aed
2 years agoDocs: clarify distinction between config file and Makefile, for log_file_path. Bug...
Jeremy Harris [Sun, 8 May 2022 13:01:03 +0000 (14:01 +0100)]
Docs: clarify distinction between config file and Makefile, for log_file_path.  Bug 2825