Jeremy Harris [Tue, 28 Jan 2020 22:40:57 +0000 (22:40 +0000)]
Taint: mmap no longer needed
Jeremy Harris [Tue, 28 Jan 2020 21:10:17 +0000 (21:10 +0000)]
Taint: slow-mode checking only
Jeremy Harris [Sun, 26 Jan 2020 20:28:36 +0000 (20:28 +0000)]
Taint: fix hybrid-mode transition
Jeremy Harris [Sun, 26 Jan 2020 19:44:07 +0000 (19:44 +0000)]
tidying
Jeremy Harris [Sun, 26 Jan 2020 20:54:07 +0000 (20:54 +0000)]
Docs: tidy authentication indexing
Jeremy Harris [Sun, 26 Jan 2020 20:46:19 +0000 (20:46 +0000)]
Docs: better indexing for named-queues
Jeremy Harris [Sun, 26 Jan 2020 17:43:10 +0000 (17:43 +0000)]
Docs: fix validation
Broken-by: 9438970c97
Jeremy Harris [Sun, 26 Jan 2020 14:02:31 +0000 (14:02 +0000)]
ACL: control = queue/first_pass_route
Jeremy Harris [Fri, 24 Jan 2020 20:00:43 +0000 (20:00 +0000)]
tidying
Brian Foley [Sat, 25 Jan 2020 15:27:49 +0000 (15:27 +0000)]
TFO: even in binary built for modern Linux, handle error returned by old Linux kernel. Bug 2518
Jeremy Harris [Fri, 24 Jan 2020 19:29:21 +0000 (19:29 +0000)]
Testsuite: change port used for identd test
Jeremy Harris [Fri, 24 Jan 2020 13:17:03 +0000 (13:17 +0000)]
Docs: fix layout
Arkadiusz Miśkiewicz [Thu, 23 Jan 2020 07:51:01 +0000 (08:51 +0100)]
Add support for zstd compressed .zst files (Bug 2515)
Jeremy Harris [Thu, 23 Jan 2020 15:29:31 +0000 (15:29 +0000)]
Dovecot auth: inet socket. Bug 2280
Jeremy Harris [Wed, 22 Jan 2020 17:06:48 +0000 (17:06 +0000)]
Testsuite: Solaris munge
Jeremy Harris [Wed, 22 Jan 2020 14:08:10 +0000 (14:08 +0000)]
Compiler quietening: initialisers
Jeremy Harris [Wed, 22 Jan 2020 11:27:34 +0000 (11:27 +0000)]
Avoid Solaris compiler issue
Jeremy Harris [Tue, 21 Jan 2020 20:05:49 +0000 (20:05 +0000)]
Build: try another dummy for Solaris 10 compile
Jeremy Harris [Tue, 21 Jan 2020 16:47:56 +0000 (16:47 +0000)]
Use dedicated union member for option offsets
Jeremy Harris [Tue, 21 Jan 2020 00:44:47 +0000 (00:44 +0000)]
Compiler quietening: C fn ptrs are officially not intercastable with object pointers
and the Solaris 11 compiler warned on this. Use a union instead
Jeremy Harris [Mon, 20 Jan 2020 23:30:26 +0000 (23:30 +0000)]
Fix build on Solaris 11
Compiler is picky about pointer signedness
Jeremy Harris [Sun, 19 Jan 2020 17:22:58 +0000 (17:22 +0000)]
Support "hide" on named-list definition lines
Phil Pennock [Fri, 17 Jan 2020 15:40:51 +0000 (10:40 -0500)]
Update openssl_options values to 1.1.1c
Not compiled, but heavily inspected and double-checked sorting.
Jeremy Harris [Thu, 16 Jan 2020 22:51:53 +0000 (22:51 +0000)]
Fix taint hybrid-checking on BSD
Jeremy Harris [Thu, 16 Jan 2020 14:12:56 +0000 (14:12 +0000)]
Taint: hybrid checking mode
Jeremy Harris [Wed, 15 Jan 2020 16:57:49 +0000 (16:57 +0000)]
typo
Jeremy Harris [Wed, 15 Jan 2020 14:22:42 +0000 (14:22 +0000)]
gsasl authenticator: support crypted secrets, server side
Jeremy Harris [Thu, 24 Oct 2019 09:03:19 +0000 (10:03 +0100)]
tidying
Jeremy Harris [Tue, 14 Jan 2020 17:48:57 +0000 (17:48 +0000)]
heimdal auth: fix the increase of big_buffer size. Bug 2501
Jeremy Harris [Sun, 12 Jan 2020 14:52:00 +0000 (14:52 +0000)]
string handling: strlen for gstring
Jeremy Harris [Sun, 12 Jan 2020 00:14:27 +0000 (00:14 +0000)]
Testsuite: taint-enforcement issues
Jeremy Harris [Sat, 11 Jan 2020 23:07:53 +0000 (23:07 +0000)]
Fix build with DRWEB malware scanner
Broken-by: 9e21ce8fc4
Phil Pennock [Sat, 11 Jan 2020 23:51:28 +0000 (18:51 -0500)]
Warn updating folks to use $local_part_verified
This tainting change to appendfile seems likely to cause pain, breaking
previously working configurations. Note it in README.UPDATING.
Jeremy Harris [Sat, 11 Jan 2020 21:52:24 +0000 (21:52 +0000)]
taint enforce: file access backstops
Jeremy Harris [Sat, 11 Jan 2020 21:51:42 +0000 (21:51 +0000)]
ACL: taint-enforce queue modifier
Jeremy Harris [Sat, 11 Jan 2020 21:50:58 +0000 (21:50 +0000)]
autoreply transport: taint-enfoce options
Jeremy Harris [Sat, 11 Jan 2020 21:50:05 +0000 (21:50 +0000)]
taint-enforce DB filenames
Jeremy Harris [Sat, 11 Jan 2020 21:49:10 +0000 (21:49 +0000)]
redirect router: taint-enforce filenames
Jeremy Harris [Sat, 11 Jan 2020 21:48:25 +0000 (21:48 +0000)]
pipe transport: taint-enforce command
Jeremy Harris [Sat, 11 Jan 2020 21:46:43 +0000 (21:46 +0000)]
appendfile: taint-enforce file & directory options
testsuite: bless facility
Jeremy Harris [Sat, 11 Jan 2020 20:50:47 +0000 (20:50 +0000)]
appendfile: refactor
Jeremy Harris [Sat, 11 Jan 2020 20:49:48 +0000 (20:49 +0000)]
appendfile: tidying
Jeremy Harris [Sat, 11 Jan 2020 20:48:38 +0000 (20:48 +0000)]
tidying: CCSS macro
Jeremy Harris [Sat, 11 Jan 2020 18:07:10 +0000 (18:07 +0000)]
$local_part_verified
Jeremy Harris [Fri, 10 Jan 2020 12:07:19 +0000 (12:07 +0000)]
Docs: add explicit warnings for some variables likely tainted
Arkadiusz Miskiewicz [Wed, 8 Jan 2020 16:43:46 +0000 (16:43 +0000)]
Fix error logging for dynamically-loaded modules. Bug 2507
Jeremy Harris [Wed, 8 Jan 2020 13:51:42 +0000 (13:51 +0000)]
Docs: warn against using $local_part directly in delivery
Jeremy Harris [Wed, 8 Jan 2020 11:31:03 +0000 (11:31 +0000)]
Add debug for content of file tainted due to faile name taint
Jeremy Harris [Wed, 8 Jan 2020 10:49:31 +0000 (10:49 +0000)]
Fix error logging for dynamically-loaded modules. Bug 2507
Jeremy Harris [Wed, 8 Jan 2020 10:36:40 +0000 (10:36 +0000)]
coding standards
Wolfgang Breyha [Tue, 7 Jan 2020 13:31:20 +0000 (13:31 +0000)]
SPF: switch to NO_DATA for SPF-rr lookups. Bug 1294
Wolfgang Breyha [Thu, 2 Jan 2020 13:27:25 +0000 (13:27 +0000)]
SPF: shortcircuit SPF RR lookups. Bug 1294
Wolfgang Breyha [Tue, 7 Jan 2020 13:03:18 +0000 (13:03 +0000)]
SPF: fix result for case of only non-spf TXT RRs. Bug 2499
Samuel Thibault [Mon, 6 Jan 2020 13:46:54 +0000 (13:46 +0000)]
Hurd: account for setgroups() being callable unprivileged
Jeremy Harris [Sat, 4 Jan 2020 19:49:54 +0000 (19:49 +0000)]
SPF: additional debug
Wolfgang Breyha [Thu, 2 Jan 2020 13:16:52 +0000 (13:16 +0000)]
SPF: handle DNS NO_DATA return. Bug 2499
Jeremy Harris [Wed, 1 Jan 2020 15:19:52 +0000 (15:19 +0000)]
GSASL: provide $autnN for scram option expansions
Jeremy Harris [Tue, 31 Dec 2019 14:24:29 +0000 (14:24 +0000)]
GSASL: remove unneeded stringprep operations; library does it for us
Jeremy Harris [Mon, 30 Dec 2019 22:45:21 +0000 (22:45 +0000)]
Testsuite: testcase for GSASL SCRAM-SHA-256
Jeremy Harris [Mon, 30 Dec 2019 20:53:26 +0000 (20:53 +0000)]
GSASL: feature macro
Jeremy Harris [Sun, 29 Dec 2019 13:41:17 +0000 (13:41 +0000)]
Logging: Add DT= to defer & fail message lines. Bug 322
Jeremy Harris [Sat, 28 Dec 2019 21:54:51 +0000 (21:54 +0000)]
SPF: library version reporting
Jeremy Harris [Sat, 28 Dec 2019 18:27:54 +0000 (18:27 +0000)]
Fix build with older TLS library versions
Broken-by: 1c519e07b9
Wolfgang Breyha [Sat, 28 Dec 2019 17:14:42 +0000 (17:14 +0000)]
SPF: fix handling mix of spf and other txt records. Bug 2499
Jeremy Harris [Sat, 28 Dec 2019 17:44:28 +0000 (17:44 +0000)]
Testsuite: SPF testcase additions
Jeremy Harris [Sat, 28 Dec 2019 17:00:30 +0000 (17:00 +0000)]
GSASL channel-binding: TLS resumption checks
Jeremy Harris [Fri, 27 Dec 2019 21:14:02 +0000 (21:14 +0000)]
Docs: typo
Jeremy Harris [Fri, 27 Dec 2019 18:46:14 +0000 (18:46 +0000)]
Testsuite: new output
Jeremy Harris [Fri, 27 Dec 2019 18:37:19 +0000 (18:37 +0000)]
Authenticator gsasl: client support. Bug 2349
Jeremy Harris [Sun, 22 Dec 2019 19:56:15 +0000 (19:56 +0000)]
SPF: support uppercase in v=spf1, permerror-on-multiple-RRs. Bug 2499
Jeremy Harris [Tue, 24 Dec 2019 15:53:56 +0000 (15:53 +0000)]
Testsuite output
Broken-by: 98eb959291
Jeremy Harris [Tue, 24 Dec 2019 15:43:00 +0000 (15:43 +0000)]
Fix the variables set by gsasl authenticator
Jeremy Harris [Mon, 23 Dec 2019 22:40:06 +0000 (22:40 +0000)]
tidying
Jeremy Harris [Mon, 23 Dec 2019 20:07:34 +0000 (20:07 +0000)]
Docs: more info for dovecot auth driver
Jeremy Harris [Sun, 22 Dec 2019 21:51:53 +0000 (21:51 +0000)]
Fix build with heimdal-gssapi. Bug 2501
Jeremy Harris [Sun, 22 Dec 2019 21:24:24 +0000 (21:24 +0000)]
Fix Solaris build (pt.2)
Broken-by: 8aa16eb712
Jeremy Harris [Sun, 22 Dec 2019 19:53:39 +0000 (19:53 +0000)]
PIPELINING: break and check for 452 every hundred RCPTs
Jeremy Harris [Sat, 21 Dec 2019 22:07:41 +0000 (22:07 +0000)]
Fix Solaris build
Broken-by: 8aa16eb712
Jeremy Harris [Sat, 21 Dec 2019 20:31:31 +0000 (20:31 +0000)]
Eximon: fix string-handling. Bug 2500
Wolfgang Breyha [Fri, 20 Dec 2019 14:01:23 +0000 (14:01 +0000)]
SPF: only require "v=spf1" on TXT DNS records during lookups. Bug 2499
Jeremy Harris [Wed, 18 Dec 2019 16:07:38 +0000 (16:07 +0000)]
Gnu/Hurd: revert pipe-i/o EINTR handling changes
Jeremy Harris [Wed, 18 Dec 2019 16:07:38 +0000 (16:07 +0000)]
Fix Hurd build, another go
Jeremy Harris [Wed, 18 Dec 2019 13:59:22 +0000 (13:59 +0000)]
Fix Hurd build, another go
Jeremy Harris [Wed, 18 Dec 2019 09:21:12 +0000 (09:21 +0000)]
Fix Hurd build: typoes
Broken-by: 2791749f22
Jeremy Harris [Tue, 17 Dec 2019 20:35:28 +0000 (20:35 +0000)]
GNU/Hurd: retry EINTR returns from pipe I/O
Replaces:
a76f64c3d4
Jeremy Harris [Tue, 17 Dec 2019 19:04:00 +0000 (19:04 +0000)]
Testsuite: account for 4-component version numbers
Jeremy Harris [Tue, 17 Dec 2019 17:38:02 +0000 (17:38 +0000)]
Testsuite: longer timeout on identd testcase
Jeremy Harris [Tue, 17 Dec 2019 16:55:25 +0000 (16:55 +0000)]
Handle EINTR from transport-pipe write
Jeremy Harris [Tue, 17 Dec 2019 16:24:18 +0000 (16:24 +0000)]
Better information on queue-runner pipe error
Jeremy Harris [Tue, 17 Dec 2019 10:46:21 +0000 (10:46 +0000)]
ARC: Reset received ARC instance counter before next message on a connection. Bug 2498
Jeremy Harris [Mon, 16 Dec 2019 13:33:26 +0000 (13:33 +0000)]
Testsuite: avoid using STARTTLS in a non-TLS testcase
Jeremy Harris [Sun, 15 Dec 2019 20:21:50 +0000 (20:21 +0000)]
Testsuite: tidying
Jeremy Harris [Sun, 15 Dec 2019 20:13:04 +0000 (20:13 +0000)]
GNU/Hurd: handle platform-specific behaviour of setgroups()
Jeremy Harris [Sun, 15 Dec 2019 18:40:08 +0000 (18:40 +0000)]
Testsuite: handle platforms having distinct bints for O_RDONLY/OWRONLY (Hurd)
Jeremy Harris [Sun, 15 Dec 2019 15:03:47 +0000 (15:03 +0000)]
Testsuite: avoid one fixed UID
This gets us out of a hole on one test system which had UID 1234 in use;
it is not a full fix as we also (try to) use 5768.
Jeremy Harris [Sun, 15 Dec 2019 15:58:25 +0000 (15:58 +0000)]
Testsuite: output changes resulting
Broken-by: 78598e6a6a
Jeremy Harris [Sat, 14 Dec 2019 23:01:03 +0000 (23:01 +0000)]
Events: add msg:defer Bug 2477
Jeremy Harris [Sat, 14 Dec 2019 14:47:16 +0000 (14:47 +0000)]
Zero smtp context structure after allocation
Jeremy Harris [Fri, 13 Dec 2019 16:33:59 +0000 (16:33 +0000)]
Fix build on older Linux
Broken-by: 6906c131d1
Jeremy Harris [Fri, 13 Dec 2019 15:48:55 +0000 (15:48 +0000)]
Early-pipe: clear unused feature bits