exim.git
4 years agoARC: harden parsing of signing spec. Bug 2639
Jeremy Harris [Tue, 24 Nov 2020 22:11:09 +0000 (22:11 +0000)]
ARC: harden parsing of signing spec.  Bug 2639

4 years agoDocs: wording fixes.
u34 [Tue, 24 Nov 2020 21:53:48 +0000 (21:53 +0000)]
Docs: wording fixes.

4 years agoDocs: list $spam_ variables in expansions chapter
Jeremy Harris [Mon, 23 Nov 2020 12:17:14 +0000 (12:17 +0000)]
Docs: list $spam_ variables in expansions chapter

4 years agoLogging: add I= element to transport-defer lines. Bug 2675
Jeremy Harris [Thu, 19 Nov 2020 19:05:54 +0000 (19:05 +0000)]
Logging: add I= element to transport-defer lines.  Bug 2675

4 years agoMore taint notes
Jeremy Harris [Thu, 12 Nov 2020 22:16:50 +0000 (22:16 +0000)]
More taint notes

4 years agoDocs: clarify client-side auth options for smtp transport
Jeremy Harris [Tue, 10 Nov 2020 22:33:40 +0000 (22:33 +0000)]
Docs: clarify client-side auth options for smtp transport

4 years agoMore taint discussion in docs
Jeremy Harris [Tue, 10 Nov 2020 21:10:56 +0000 (21:10 +0000)]
More taint discussion in docs

4 years agotidying
Jeremy Harris [Wed, 28 Oct 2020 19:52:12 +0000 (19:52 +0000)]
tidying

4 years agoTestsuite: ignore cert-rotation debug output
Jeremy Harris [Tue, 3 Nov 2020 13:15:15 +0000 (13:15 +0000)]
Testsuite: ignore cert-rotation debug output

4 years agoFix spurious logging of select error
Jeremy Harris [Tue, 3 Nov 2020 13:14:11 +0000 (13:14 +0000)]
Fix spurious logging of select error

4 years agotypo
Jeremy Harris [Mon, 2 Nov 2020 22:34:54 +0000 (22:34 +0000)]
typo

4 years agokevent: handle OpenBSD API anomaly, redux
Jeremy Harris [Mon, 2 Nov 2020 22:31:34 +0000 (22:31 +0000)]
kevent: handle OpenBSD API anomaly, redux

4 years agoPass authenticator pubname through spool. Bug 2648
Jeremy Harris [Sat, 31 Oct 2020 23:58:11 +0000 (23:58 +0000)]
Pass authenticator pubname through spool.  Bug 2648

4 years agoLDAP: fix taint-check in server list walk. Bug 2646
Jeremy Harris [Fri, 30 Oct 2020 12:46:05 +0000 (12:46 +0000)]
LDAP: fix taint-check in server list walk.  Bug 2646

4 years agoFix build on platforms lacking TIOCOUTQ ioctl
Jeremy Harris [Fri, 30 Oct 2020 12:43:39 +0000 (12:43 +0000)]
Fix build on platforms lacking TIOCOUTQ ioctl

4 years agoFix build on platforms lacking TIOCOUTQ ioctl
Jeremy Harris [Thu, 29 Oct 2020 21:37:42 +0000 (21:37 +0000)]
Fix build on platforms lacking TIOCOUTQ ioctl

4 years agoDebug: show stalled send-data count on message-errors
Jeremy Harris [Thu, 29 Oct 2020 20:09:25 +0000 (20:09 +0000)]
Debug: show stalled send-data count on message-errors

4 years agoDocs: index smtp transport timeouts
Jeremy Harris [Wed, 28 Oct 2020 18:36:34 +0000 (18:36 +0000)]
Docs: index smtp transport timeouts

4 years agoAvoid manually-counted long strings
Jeremy Harris [Wed, 28 Oct 2020 00:43:53 +0000 (00:43 +0000)]
Avoid manually-counted long strings

4 years agoDocs: another detaint mention
Jeremy Harris [Mon, 26 Oct 2020 17:55:53 +0000 (17:55 +0000)]
Docs: another detaint mention

4 years agoRevert "Testsuite: allow 1s timing slop in dumpdb output"
Jeremy Harris [Tue, 13 Oct 2020 19:06:08 +0000 (20:06 +0100)]
Revert "Testsuite: allow 1s timing slop in dumpdb output"

This reverts commit 625cd9501315e1010ecbf8718c88c8b79ce09e94.

4 years agoTestsuite: munge & delay for early selfsign generate
Jeremy Harris [Tue, 13 Oct 2020 18:59:43 +0000 (19:59 +0100)]
Testsuite: munge & delay for early selfsign generate

Broken-by: 48e9099006
4 years ago TLS: pre-generate and load server selfsigned cert, when one is to be used
Jeremy Harris [Tue, 13 Oct 2020 16:12:33 +0000 (17:12 +0100)]
TLS: pre-generate and load server selfsigned cert, when one is to be used

4 years agoTestsuite: case-number shuffling
Jeremy Harris [Sun, 11 Oct 2020 11:42:20 +0000 (12:42 +0100)]
Testsuite: case-number shuffling

4 years agoTestsuite: more time for loaded test platforms
Jeremy Harris [Sun, 11 Oct 2020 09:50:35 +0000 (10:50 +0100)]
Testsuite: more time for loaded test platforms

4 years agoDocs: Mention issues with TLS client cert and Exim <= 4.85
Heiko Schlittermann (HS12-RIPE) [Sat, 10 Oct 2020 16:56:50 +0000 (18:56 +0200)]
Docs: Mention issues with TLS client cert and Exim <= 4.85

cb1d783072c488a4a558607b2ee122efba95aa4b
8c40856083f3a2e89350ab3aacfb95256fbadd9d

> Author: Jeremy Harris <jgh146exb@wizmail.org>
> Date:   Sun Nov 23 16:10:30 2014 +0000
>
>    Support use of system default CA bundle

4 years agoTestsuite & OpenSSL debug: regularise debug output, and fix test munging
Jeremy Harris [Sat, 10 Oct 2020 17:18:01 +0000 (18:18 +0100)]
Testsuite & OpenSSL debug: regularise debug output, and fix test munging

4 years agokevent: handle OpenBSD API anomaly
Jeremy Harris [Sat, 10 Oct 2020 15:06:02 +0000 (16:06 +0100)]
kevent: handle OpenBSD API anomaly

4 years agokevent: fix directory check
Jeremy Harris [Sat, 10 Oct 2020 14:04:53 +0000 (15:04 +0100)]
kevent: fix directory check

4 years agoOpenBSD, NetBSD: TLS preload
Jeremy Harris [Sat, 10 Oct 2020 09:25:40 +0000 (10:25 +0100)]
OpenBSD, NetBSD: TLS preload

NetBSD is not actually really supported by the project, but a user
did pop up this year asking for a build

4 years agoMore debug for fail cases in kevent set-watch
Jeremy Harris [Sat, 10 Oct 2020 09:02:53 +0000 (10:02 +0100)]
More debug for fail cases in kevent set-watch

4 years agoUnbreak no-TLS build
Jeremy Harris [Fri, 9 Oct 2020 22:01:14 +0000 (23:01 +0100)]
Unbreak no-TLS build

Broken-by: dc4ab0a186
4 years agoFreeBSD: TLS: preload configuration items
Jeremy Harris [Thu, 8 Oct 2020 12:30:41 +0000 (13:30 +0100)]
FreeBSD: TLS: preload configuration items

4 years agoTestsuite: allow 1s timing slop in dumpdb output
Jeremy Harris [Thu, 8 Oct 2020 09:24:59 +0000 (10:24 +0100)]
Testsuite: allow 1s timing slop in dumpdb output

4 years agoUnbreak non-ipv6 build
Jeremy Harris [Mon, 5 Oct 2020 16:52:04 +0000 (17:52 +0100)]
Unbreak non-ipv6 build

Broken-by: 261fc93208
4 years agoGnuTLS: when library too old for system CA bundle support, do not default options...
Jeremy Harris [Sun, 4 Oct 2020 22:08:45 +0000 (23:08 +0100)]
GnuTLS: when library too old for system CA bundle support, do not default options to using it

4 years agoDebug output: regularise host lookup tracing
Jeremy Harris [Mon, 5 Oct 2020 14:28:10 +0000 (15:28 +0100)]
Debug output: regularise host lookup tracing

4 years agoAdd proxy_protocol_timeout main config option.
Heiko Schlittermann (HS12-RIPE) [Sun, 4 Oct 2020 10:22:01 +0000 (12:22 +0200)]
Add proxy_protocol_timeout main config option.

4 years agoTestsuite: Allow input lines starting with ":<cmd>:", like ":sleep:".
Heiko Schlittermann (HS12-RIPE) [Mon, 5 Oct 2020 06:59:25 +0000 (08:59 +0200)]
Testsuite: Allow input lines starting with ":<cmd>:", like ":sleep:".

This somehow mimics the behaviour of the client tool, but works for
*any* input line that is sent to the application. This reverts the
unfortunate take abusing the client's special notation '>>> '.

Currently implemented:

        - :eval:
        - :neol:
        - :sleep:

4 years agoTestsuite: README: improve searchability of ">>> ", "??? ", …
Heiko Schlittermann (HS12-RIPE) [Mon, 5 Oct 2020 06:59:16 +0000 (08:59 +0200)]
Testsuite: README: improve searchability of ">>> ", "??? ", …

4 years agoTestsuite: missing stdout file
Jeremy Harris [Sun, 4 Oct 2020 16:16:37 +0000 (17:16 +0100)]
Testsuite: missing stdout file
Testsuite: library version variances

Broken-by: 6a9cf7f890
4 years agoUnbreak build on non-inotify platforms
Jeremy Harris [Sun, 4 Oct 2020 14:34:29 +0000 (15:34 +0100)]
Unbreak build on non-inotify platforms

Broken-by: 6a9cf7f890
4 years agoFix build on earlier library version
Jeremy Harris [Sun, 4 Oct 2020 13:15:09 +0000 (14:15 +0100)]
Fix build on earlier library version

Broken-by: 6a9cf7f890
4 years agoTestsuite: missing log file
Jeremy Harris [Sun, 4 Oct 2020 11:48:33 +0000 (12:48 +0100)]
Testsuite: missing log file

Broken-by: 6a9cf7f890
4 years agoFix non-OCSP build
Jeremy Harris [Sun, 4 Oct 2020 11:37:12 +0000 (12:37 +0100)]
Fix non-OCSP build

Broken-by: 6a9cf7f890
4 years agoTestsuite: TLS system CA dirs vary across platforms
Jeremy Harris [Sun, 4 Oct 2020 11:00:00 +0000 (12:00 +0100)]
Testsuite: TLS system CA dirs vary across platforms

Broken-by: 6a9cf7f890
4 years agoGnuTLS: fix build on earlier library version.
Jeremy Harris [Sun, 4 Oct 2020 10:43:04 +0000 (11:43 +0100)]
GnuTLS: fix build on earlier library version.

Broken-by: 6a9cf7f890
4 years agoMerge branch 'hs/fix-proxy-bh' (Closes 2656)
Heiko Schlittermann (HS12-RIPE) [Sun, 4 Oct 2020 10:33:18 +0000 (12:33 +0200)]
Merge branch 'hs/fix-proxy-bh' (Closes 2656)

4 years agoTestsuite: Add test for proxy and -bh (Bug 2656)
Heiko Schlittermann (HS12-RIPE) [Sat, 3 Oct 2020 16:58:11 +0000 (18:58 +0200)]
Testsuite: Add test for proxy and -bh (Bug 2656)

4 years agoUse ALARM() to set deadline on reading the proxy header (Bug 2656)
Heiko Schlittermann (HS12-RIPE) [Fri, 2 Oct 2020 06:19:12 +0000 (08:19 +0200)]
Use ALARM() to set deadline on reading the proxy header (Bug 2656)

4 years agoReplace recv() by read() (Bug 2656)
Heiko Schlittermann (HS12-RIPE) [Fri, 2 Oct 2020 06:17:39 +0000 (08:17 +0200)]
Replace recv() by read() (Bug 2656)

4 years agoTestsuite: Provide '>>> ' for script input to allow binary data (take 2)
Heiko Schlittermann (HS12-RIPE) [Sat, 3 Oct 2020 17:43:48 +0000 (19:43 +0200)]
Testsuite: Provide '>>> ' for script input to allow binary data (take 2)

This mimics the '>>> ' prefix known for the test client. Any line prefixed
with '>>> ' will be processed by Perl's string eval().

As '>>> ' is generic and documented, it replaces the (undocumented)
'\NONL\' tag.

The client input lines starting with '>>> ' are now changed to '\>>> '
to avoid evaluation by the runtest script. (Test 4030, 1101).

4 years agoTestsuite: add .editorconfig to keep the trailing spaces
Heiko Schlittermann (HS12-RIPE) [Sat, 3 Oct 2020 21:32:56 +0000 (23:32 +0200)]
Testsuite: add .editorconfig to keep the trailing spaces

4 years agoTLS: preload configuration items
Jeremy Harris [Sat, 3 Oct 2020 19:59:15 +0000 (20:59 +0100)]
TLS: preload configuration items

4 years agotidying
Jeremy Harris [Mon, 7 Sep 2020 18:56:49 +0000 (19:56 +0100)]
tidying

4 years agoTestsuite: Use 127.x.x.x for PROXY v2
Heiko Schlittermann (HS12-RIPE) [Sat, 3 Oct 2020 13:24:31 +0000 (15:24 +0200)]
Testsuite: Use 127.x.x.x for PROXY v2

This avoids depencies on DNS timeouts on the host running the testsuite.

4 years agoRevert "Testsuite: Provide '>>> ' for script input to allow binary data"
Heiko Schlittermann (HS12-RIPE) [Sat, 3 Oct 2020 18:00:21 +0000 (20:00 +0200)]
Revert "Testsuite: Provide '>>> ' for script input to allow binary data"

This reverts commit f7ec095232186edba2b7137594bfdd7d7b7f9504.

4 years agoTestsuite: Provide '>>> ' for script input to allow binary data
Heiko Schlittermann (HS12-RIPE) [Sat, 3 Oct 2020 17:43:48 +0000 (19:43 +0200)]
Testsuite: Provide '>>> ' for script input to allow binary data

This mimics the '>>> ' prefix for the test client. Any line prefixed
with '>>> ' will be processed by Perl's string eval().

As '>>> ' is generic and documented, it replaces the
(undocumented) '\NONL\' tag.

4 years agoDocs: Add note regarding DANE vs. the smtp transport multi_domain option. Bug 2265
Jeremy Harris [Mon, 28 Sep 2020 21:41:10 +0000 (22:41 +0100)]
Docs: Add note regarding DANE vs. the smtp transport multi_domain option.  Bug 2265

4 years agoOpenSSL: Fix client-side tls_verify_cert_hostnames behaviour
Jeremy Harris [Sat, 26 Sep 2020 14:35:58 +0000 (15:35 +0100)]
OpenSSL: Fix client-side tls_verify_cert_hostnames behaviour

4 years agoDocs: Fix various typos (Closes 2650, 2651)
Nicolas R [Thu, 24 Sep 2020 21:38:24 +0000 (15:38 -0600)]
Docs: Fix various typos (Closes 2650, 2651)

4 years agoDocs: fix descriptions for dkim_domain, dkim_selector
Jeremy Harris [Wed, 23 Sep 2020 19:14:53 +0000 (20:14 +0100)]
Docs: fix descriptions for dkim_domain, dkim_selector

4 years agoDocs: Minor typos in spec and NewStuff (Closes 2649)
Andreas Metzler [Fri, 25 Sep 2020 06:54:00 +0000 (08:54 +0200)]
Docs: Minor typos in spec and NewStuff (Closes 2649)

4 years agoDoc: Fix a typo in NewStuff for 4.94 (Closes 2649)
Nicolas R [Thu, 24 Sep 2020 21:26:48 +0000 (15:26 -0600)]
Doc: Fix a typo in NewStuff for 4.94 (Closes 2649)

4 years agoDoc: remove trailing spaces
Heiko Schlittermann (HS12-RIPE) [Fri, 25 Sep 2020 06:48:23 +0000 (08:48 +0200)]
Doc: remove trailing spaces

4 years agoTestsuite: avoid cipher vs. cert validity problem
Jeremy Harris [Sun, 20 Sep 2020 22:40:40 +0000 (23:40 +0100)]
Testsuite: avoid cipher vs. cert validity problem

4 years agoDocs: add crossref
Jeremy Harris [Tue, 15 Sep 2020 13:48:49 +0000 (14:48 +0100)]
Docs: add crossref

4 years agodefault DH prime choice consistency
Phil Pennock [Thu, 17 Sep 2020 20:44:52 +0000 (16:44 -0400)]
default DH prime choice consistency

A function returning a default and a list which defined the value of "default"
disagreed.  Switch both to a macro to make it harder for them to fall out of
sync.

4 years agoeximon: tidying
Jeremy Harris [Sat, 12 Sep 2020 21:11:00 +0000 (22:11 +0100)]
eximon: tidying

4 years agoeximon: fix FreeBSD build
Richard Clayton [Sat, 12 Sep 2020 21:10:04 +0000 (22:10 +0100)]
eximon: fix FreeBSD build

4 years agoDocs: fix typo.
Heiko Schlittermann (HS12-RIPE) [Fri, 11 Sep 2020 08:41:10 +0000 (10:41 +0200)]
Docs: fix typo.

Credits to u34@net9.ga

4 years agoGnuTLS: clear errno before any data i/o op, so error logging does not see stale values
Jeremy Harris [Sun, 6 Sep 2020 11:15:10 +0000 (12:15 +0100)]
GnuTLS: clear errno before any data i/o op, so error logging does not see stale values

4 years agoARC: Add basic error-checking on permitted chars in admd & sel for signing. Bug...
Jeremy Harris [Tue, 1 Sep 2020 15:17:42 +0000 (16:17 +0100)]
ARC: Add basic error-checking on permitted chars in admd & sel for signing.  Bug 2639

4 years agoTaint: enforce checking of directory creates
Jeremy Harris [Sat, 29 Aug 2020 18:18:35 +0000 (19:18 +0100)]
Taint: enforce checking of directory creates

4 years agoadd an internal error code definition
Jeremy Harris [Sat, 29 Aug 2020 16:39:51 +0000 (17:39 +0100)]
add an internal error code definition

4 years agoFix non-TLS build
Jeremy Harris [Thu, 27 Aug 2020 20:15:19 +0000 (21:15 +0100)]
Fix non-TLS build

4 years agoFix utilities indexing
Phil Pennock [Fri, 28 Aug 2020 23:58:36 +0000 (19:58 -0400)]
Fix utilities indexing

It looks like there used to be another level of hierarchy here, with all three
of the hints database commands described in one section.  They're now distinct
sections in their own right, so fix how they're linked to.

Reported by: Peter Gervai
Fixes: 2637
4 years agoDocs: add to A= log-line element description
Jeremy Harris [Thu, 27 Aug 2020 10:22:55 +0000 (11:22 +0100)]
Docs: add to A= log-line element description

4 years agoFix non-DANE build
Jeremy Harris [Wed, 26 Aug 2020 22:59:28 +0000 (23:59 +0100)]
Fix non-DANE build

4 years agoDANE: Fix 2 messages from queue case
Jeremy Harris [Wed, 26 Aug 2020 22:43:54 +0000 (23:43 +0100)]
DANE: Fix 2 messages from queue case

4 years agotidying
Jeremy Harris [Mon, 24 Aug 2020 19:15:48 +0000 (20:15 +0100)]
tidying

4 years agoBuild: ifdef guard for EXPERIMENTAL_QUEUEFILE
Jeremy Harris [Mon, 24 Aug 2020 19:14:34 +0000 (20:14 +0100)]
Build: ifdef guard for EXPERIMENTAL_QUEUEFILE

4 years agoFix non-DANE build
Jeremy Harris [Sun, 23 Aug 2020 16:27:30 +0000 (17:27 +0100)]
Fix non-DANE build

4 years agoDANE: Fix 2-rcpt message, diff domins case. Bug 2265
Jeremy Harris [Sun, 23 Aug 2020 14:32:48 +0000 (15:32 +0100)]
DANE: Fix 2-rcpt message, diff domins case.  Bug 2265

4 years agotidying
Jeremy Harris [Sun, 23 Aug 2020 09:02:30 +0000 (10:02 +0100)]
tidying

4 years agoDebug: minor updates
Jeremy Harris [Sun, 23 Aug 2020 10:40:32 +0000 (11:40 +0100)]
Debug: minor updates

4 years agoTaint: fix off-by-one in is_tainted(). Bug 2634
Gavan [Fri, 21 Aug 2020 14:46:01 +0000 (15:46 +0100)]
Taint: fix off-by-one in is_tainted().  Bug 2634

4 years agoDANE: force SNI to use $domain. Bug 2265
Jeremy Harris [Wed, 19 Aug 2020 20:09:04 +0000 (21:09 +0100)]
DANE: force SNI to use $domain.  Bug 2265

Note: this is not a complete fix for the issue

4 years agoFix ${readsocket } eol-replacement. Bug 2630
Jeremy Harris [Fri, 14 Aug 2020 12:09:53 +0000 (13:09 +0100)]
Fix ${readsocket } eol-replacement.  Bug 2630

4 years agodnslists: hardwired return value check. Bug 2631
Jeremy Harris [Mon, 10 Aug 2020 21:28:48 +0000 (22:28 +0100)]
dnslists: hardwired return value check.  Bug 2631

4 years agoBuild: Split out dnsbl code
Jeremy Harris [Mon, 10 Aug 2020 18:51:18 +0000 (19:51 +0100)]
Build: Split out dnsbl code

4 years agoConstify
Jeremy Harris [Mon, 10 Aug 2020 19:19:39 +0000 (20:19 +0100)]
Constify

4 years agoBuild: tidying
Jeremy Harris [Mon, 10 Aug 2020 19:17:06 +0000 (20:17 +0100)]
Build: tidying

4 years agoFix spelling of local_part_data in docs and debug output
Jeremy Harris [Sun, 9 Aug 2020 00:38:00 +0000 (01:38 +0100)]
Fix spelling of local_part_data in docs and debug output

4 years agoTestsuite: separate cases for TLS resumption with/out OCSP
Jeremy Harris [Sun, 2 Aug 2020 22:56:58 +0000 (23:56 +0100)]
Testsuite: separate cases for TLS resumption with/out OCSP

4 years agoFix lsearch ret=full
Jeremy Harris [Sun, 2 Aug 2020 14:25:43 +0000 (15:25 +0100)]
Fix lsearch ret=full

4 years agoEnforce STARTTLS sync point, client side
Jeremy Harris [Thu, 30 Jul 2020 19:16:01 +0000 (20:16 +0100)]
Enforce STARTTLS sync point, client side

Tested by appending to the "220 TLS go ahead\r\n" at src/tls-gnu.c line 2500
Testcase 2008, string "synch error before connect" becomes visible in log.

To get the debug output:
  Testcase 2008, initial block; add -d+all to the exi -qf

4 years agoSPF: enhance A-R result
Jeremy Harris [Sat, 1 Aug 2020 20:16:19 +0000 (21:16 +0100)]
SPF: enhance A-R result

4 years agoTestsuite: add EAI local-part testcase
Jeremy Harris [Sat, 1 Aug 2020 16:22:48 +0000 (17:22 +0100)]
Testsuite: add EAI local-part testcase

4 years agoGnuTLS: in server, detect TCP RST from client after QUIT under SSL,
Jeremy Harris [Sat, 25 Jul 2020 22:58:32 +0000 (23:58 +0100)]
GnuTLS: in server, detect TCP RST from client after QUIT under SSL,
and log different message (under new log_selector)