Gavan [Fri, 21 Aug 2020 14:46:01 +0000 (15:46 +0100)]
Taint: fix off-by-one in is_tainted(). Bug 2634
(cherry picked from commit
e0ae68c8ee6788508da4989ee0d6fcbaf40c7b97)
Jeremy Harris [Mon, 24 Aug 2020 19:14:34 +0000 (20:14 +0100)]
Build: ifdef guard for EXPERIMENTAL_QUEUEFILE
(cherry picked from commit
1f5d0a9551205febf6729c7ee36c27626a76b4a4)
Gavan [Fri, 21 Aug 2020 14:46:01 +0000 (15:46 +0100)]
Taint: fix off-by-one in is_tainted(). Bug 2634
(cherry picked from commit
e0ae68c8ee6788508da4989ee0d6fcbaf40c7b97)
Jeremy Harris [Fri, 14 Aug 2020 12:09:53 +0000 (13:09 +0100)]
Fix ${readsocket } eol-replacement. Bug 2630
(cherry picked from commit
7f83b348ccf4cd815e9758ab9ca1012e66324e9d)
Jeremy Harris [Sun, 9 Aug 2020 00:38:00 +0000 (01:38 +0100)]
Fix spelling of local_part_data in docs and debug output
(cherry picked from commit
ccec2d82e2fda6d764f6cd1a9dd21c4f6285b614)
Heiko Schlittermann (HS12-RIPE) [Thu, 16 Jul 2020 21:53:27 +0000 (23:53 +0200)]
debug_print_socket(): output formatting
Heiko Schlittermann (HS12-RIPE) [Thu, 16 Jul 2020 21:45:55 +0000 (23:45 +0200)]
Fix debug_print_socket()
debug_print_socket() crashed on AF_UNIX sockets
Jeremy Harris [Mon, 13 Jul 2020 12:46:14 +0000 (13:46 +0100)]
Taint: fix ACL "spam" condition, to permit tainted name arguments
Follow-on from:
62b2ccce05
(cherry picked from commit
532800c8bf0e4bc2c27739477e70e0d7eef7df21)
Jeremy Harris [Thu, 9 Jul 2020 14:30:55 +0000 (15:30 +0100)]
Fix taint trap in parse_fix_phrase(). Bug 2617
(cherry picked from commit
3c90bbcdc7cf73298156f7bcd5f5e750e7814e72)
Guillaume Outters [Mon, 6 Jul 2020 21:31:51 +0000 (22:31 +0100)]
Fix DKIM signing to always ;-terminate. Bug 2295
(cherry picked from commit
65fe780259d0009354b5dfc9a4f1b48ad6513db2)
Jeremy Harris [Fri, 3 Jul 2020 19:35:58 +0000 (20:35 +0100)]
typoes
Jeremy Harris [Tue, 30 Jun 2020 20:16:42 +0000 (21:16 +0100)]
Fix message-reception clock usage. Bug 2615
Broken-by: 6906c131d1 (4.94)
(cherry picked from commit
c9bce82e3064126be34d85280d0a7fbf65b3abec)
Jeremy Harris [Mon, 29 Jun 2020 16:26:36 +0000 (17:26 +0100)]
Taint: fix ACL "spam" condition, to permit tainted name arguments.
Cherry-picked from:
62b2ccce05
Jeremy Harris [Sun, 28 Jun 2020 14:24:21 +0000 (15:24 +0100)]
Sqlite: fix segfault on bad/missing sqlite_dbfile. Bug 2606
(cherry picked from commit
3d0472791a0928963a3f8184fe28479e80d1a47d)
Jeremy Harris [Thu, 25 Jun 2020 20:30:43 +0000 (21:30 +0100)]
Docs: list further ways $domain_data &c may be filled in
(cherry picked from commit
f5ee670dc5eb90c68ee684f478598bd9af6fbf36)
Jeremy Harris [Thu, 25 Jun 2020 10:16:54 +0000 (11:16 +0100)]
Lookups: Fix "subdir" filter on a dsearch.
(cherry picked from commit
e0e21929b7426b9b5bbf5e3747797043801b1151)
Jeremy Harris [Mon, 22 Jun 2020 16:27:18 +0000 (17:27 +0100)]
Cutthrough: handle request when a callout-hold is active. Bug 2604
(cherry picked from commit
99bfcf2b678e7bd8125a7eb44409e46549bfc111)
Jeremy Harris [Fri, 19 Jun 2020 23:54:05 +0000 (00:54 +0100)]
Fix string_copy() macro to not multiple-eval args. Bug 2603
Broken-by: a76d120aed
(cherry picked from commit
80c2ec2e47c556daff00c79ee068ce68f25fd264)
Jeremy Harris [Sun, 14 Jun 2020 21:14:11 +0000 (22:14 +0100)]
Taint: fix verify. Bug 2598
(cherry-picked from
2b60ac1021 and
9eed571fd7)
Jeremy Harris [Fri, 12 Jun 2020 19:43:43 +0000 (20:43 +0100)]
smtp_accept_map_per_host: call search_tidyup in fail path. Bug 2597
(cherry-picked from:
d3a538c8fe)
Jeremy Harris [Thu, 11 Jun 2020 23:46:34 +0000 (00:46 +0100)]
Taint: fix radius expansion condition
(cherry picked from commit
f91219c114a3d95792d052555664a5a7a3984a8d)
Jeremy Harris [Thu, 11 Jun 2020 19:45:05 +0000 (20:45 +0100)]
TLS: use RFC 6125 rules for certifucate name checks when CNAMES are present. Bug 2594
(cherry picked from commit
0851a3bbf4667081d47f5d85b6b3a5cb33cbdba6)
Jeremy Harris [Mon, 8 Jun 2020 12:00:55 +0000 (13:00 +0100)]
Filters: fix "vacation" in Exim filter. Bug 2593
Broken-by: cfb9cf20cb (4.90)
(cherry picked from commit
59eee1bc902f106d20f507ba16f37cb8ab5a5e8d)
Jeremy Harris [Thu, 4 Jun 2020 14:28:15 +0000 (15:28 +0100)]
Fix -bi. Bug 2590
Actual fix from pierre.labastie@neuf.fr ; additional coding and testcase bu jgh
Broken-by: bdcc6f2bd5
(Cherry-picked from:
0e0e171628)
Jeremy Harris [Wed, 3 Jun 2020 10:40:17 +0000 (11:40 +0100)]
Taint: fix multiple ACL actions to properly manage tainted argument data
(cherry picked from commit
12b7f811de4a540d0724585aecfa33b5881e2a30)
Jeremy Harris [Tue, 2 Jun 2020 15:34:42 +0000 (16:34 +0100)]
Docs: typoes
Cherry-picked from:
1195f8f2a4
Jeremy Harris [Tue, 2 Jun 2020 14:39:27 +0000 (15:39 +0100)]
Docs: fix layout
(cherry picked from commit
7090df68161b4ed1c86e5adde7800d9049c47433)
Patrick Boutilier [Tue, 2 Jun 2020 14:16:10 +0000 (15:16 +0100)]
Docs: fix mistaken variable name
(cherry picked from commit
eb55cb1d2c5552209e24345e9d21f83ec1eaccf6)
Jeremy Harris [Tue, 2 Jun 2020 14:03:36 +0000 (15:03 +0100)]
Taint: fix listcount expansion operator. Bug 2586
(cherry picked from commit
44644c2e404a3ea0191db0b0458e86924fb240bb)
Jeremy Harris [Tue, 2 Jun 2020 13:50:31 +0000 (14:50 +0100)]
Taint: fix pam expansion condition. Bug 2587
(cherry picked from commit
f7f933a199be8bb7362c715e0040545b514cddca)
Jeremy Harris [Tue, 2 Jun 2020 12:35:06 +0000 (13:35 +0100)]
Docs: ${listitem }
(cherry picked from commit
29f5141e7cb1ee65369d8e49250134edc4e6120a)
Jeremy Harris [Sat, 30 May 2020 20:35:38 +0000 (21:35 +0100)]
Testsuite: munge for Postgres version
Jeremy Harris [Sat, 30 May 2020 20:05:25 +0000 (21:05 +0100)]
Testsuite: MySQL: use password on account used for test access
Forced on us by security tightning in Mariadb 10.4
Heiko Schlittermann (HS12-RIPE) [Tue, 26 May 2020 10:28:43 +0000 (12:28 +0200)]
Make def:<var> compatible between "static" and "dynamic" vars.
Some variables are simple pointers to internal memory (e.g.
vtype_stringptr), other variables are dynamically filled with content
(e.g. vtype_string_func).
The static variables contain "" if they're not defined yet.
At least on dynamic variable (recipients, backed by fn_recipients())
returned NULL instead of "", which lead to unexpected results on
def:recipients.
To keep the functions usable in places where it makes sense to return
NULL and "" as distinct values, I didn't touch the functions, but the
evaluation logic in find_variable().
Jeremy Harris [Mon, 25 May 2020 11:41:20 +0000 (12:41 +0100)]
Testsuite: avoid fail on non-TLS bulid
Jeremy Harris [Mon, 25 May 2020 10:38:25 +0000 (11:38 +0100)]
Fix listquote expansion item to handle empty-string input
Heiko Schlittermann (HS12-RIPE) [Sun, 24 May 2020 20:53:01 +0000 (22:53 +0200)]
EDITME: Shorten the explanation of <osname> and <build>
Jeremy Harris [Sun, 24 May 2020 18:17:59 +0000 (19:17 +0100)]
Docs: SPF options
Heiko Schlittermann (HS12-RIPE) [Sat, 23 May 2020 13:50:23 +0000 (15:50 +0200)]
Doc: Clarify variables for spf_smtp_comment_template
Heiko Schlittermann (HS12-RIPE) [Fri, 22 May 2020 15:32:33 +0000 (17:32 +0200)]
SPF: Add main config option "spf_smtp_comment_template
Heiko Schlittermann (HS12-RIPE) [Mon, 18 May 2020 20:40:24 +0000 (22:40 +0200)]
SPF: Remove the parameters of the broken explanation link
The complete www.open-spf.org is a static copy of the formerly working
openspf.org page. The explanation form doesn't work anymore.
Jeremy Harris [Wed, 20 May 2020 21:14:59 +0000 (22:14 +0100)]
OpenSSL: clear error stack before avery I/O operation
Jeremy Harris [Tue, 19 May 2020 00:14:55 +0000 (01:14 +0100)]
Docs: remove reduundant transport configu lines
Jeremy Harris [Sat, 16 May 2020 18:38:59 +0000 (19:38 +0100)]
Docs: options on lookups
Jeremy Harris [Sat, 16 May 2020 15:36:08 +0000 (16:36 +0100)]
Log additional command-history on too-many-syntax-errors
Jeremy Harris [Sat, 16 May 2020 12:27:43 +0000 (13:27 +0100)]
Docs: DMARC options
Andreas Metzler [Sat, 16 May 2020 12:02:17 +0000 (13:02 +0100)]
Docs: another mention of $local_part_verified
Broken-by: d8024efa36
Jeremy Harris [Fri, 15 May 2020 13:15:10 +0000 (14:15 +0100)]
Add debug for lookup ret=key
Jeremy Harris [Wed, 13 May 2020 11:15:57 +0000 (12:15 +0100)]
Debug: quieten DSN
Jeremy Harris [Tue, 12 May 2020 23:58:32 +0000 (00:58 +0100)]
Fix over-long line in DSN
Jeremy Harris [Tue, 12 May 2020 21:20:24 +0000 (22:20 +0100)]
Docs: set message after conditions in ACL verb wherever possible
= Fabian Groffen [Sat, 9 May 2020 14:06:06 +0000 (15:06 +0100)]
Fix build with Radius auth expansion condition support. Bug 2572
Jeremy Harris [Sat, 9 May 2020 14:04:17 +0000 (15:04 +0100)]
Performance: workaround Linux kernel bug
Jeremy Harris [Fri, 8 May 2020 10:47:43 +0000 (11:47 +0100)]
Docs: tweaks
Jeremy Harris [Thu, 7 May 2020 18:02:09 +0000 (19:02 +0100)]
Testsuite: unbreak testcase
Broken-by: 0006e6d8e1
Jeremy Harris [Thu, 7 May 2020 15:38:04 +0000 (16:38 +0100)]
Lookups: ret=key option
Jeremy Harris [Thu, 7 May 2020 13:11:49 +0000 (14:11 +0100)]
I18N: change default on smtp transport, to downconvert-when-needed
Jeremy Harris [Thu, 7 May 2020 12:01:18 +0000 (13:01 +0100)]
Docs: clarify downconversion of internationalized addresses
Jeremy Harris [Thu, 7 May 2020 10:37:48 +0000 (11:37 +0100)]
Docs: ESMTP extensions indexing
Jeremy Harris [Wed, 6 May 2020 21:31:25 +0000 (22:31 +0100)]
Rework SPA fix to avoid overflows. Bug 2571
Amends:
57aa14b216
Jeremy Harris [Wed, 6 May 2020 18:55:17 +0000 (19:55 +0100)]
Numeric variable returns
Jeremy Harris [Wed, 6 May 2020 14:19:24 +0000 (15:19 +0100)]
testcases for value return
Jeremy Harris [Wed, 6 May 2020 13:04:44 +0000 (14:04 +0100)]
docs & more debug
Jeremy Harris [Wed, 6 May 2020 10:56:16 +0000 (11:56 +0100)]
value return
Jeremy Harris [Tue, 5 May 2020 13:22:45 +0000 (14:22 +0100)]
wip - see failed-summary.log.list_match_value. Pretty much ok.
tofo: testcases, docs
Jeremy Harris [Tue, 5 May 2020 20:02:14 +0000 (21:02 +0100)]
Fix SPA authenticator, checking client-supplied data before using it. Bug 2571
Jeremy Harris [Tue, 5 May 2020 18:37:00 +0000 (19:37 +0100)]
tidying
Jeremy Harris [Tue, 5 May 2020 17:47:29 +0000 (18:47 +0100)]
Ensure lookup-result variables are dropped between messages on a connection
Jeremy Harris [Tue, 5 May 2020 14:50:26 +0000 (15:50 +0100)]
Testsuite: output changes resulting
Broken-by: d8024efa36
Jeremy Harris [Tue, 5 May 2020 14:36:57 +0000 (15:36 +0100)]
Docs: tweaks
Jeremy Harris [Mon, 4 May 2020 21:38:08 +0000 (22:38 +0100)]
Consolidate $local_part_verified into $local_part_data
This removes the former; the latter having been around since before the last
release. The router check_local_user option now writes the latter
and -verified no longer exists.
Jeremy Harris [Mon, 4 May 2020 21:12:52 +0000 (22:12 +0100)]
Docs: local-part affix variables
Jeremy Harris [Mon, 4 May 2020 20:33:59 +0000 (21:33 +0100)]
Taint: When a non-wildcarded localpart affix is matched in a router,
make affix variables untainted
Jeremy Harris [Mon, 4 May 2020 15:10:57 +0000 (16:10 +0100)]
Make {bounce,warn}_message_file expanded. Bug 2522
Jeremy Harris [Mon, 4 May 2020 11:25:23 +0000 (12:25 +0100)]
Testsuite: bounce_message_file and warn_message_file
Luca Ceresoli [Sun, 3 May 2020 15:54:28 +0000 (16:54 +0100)]
Build: fix parallelism problem. Bug 2566
Jeremy Harris [Sat, 2 May 2020 20:09:38 +0000 (21:09 +0100)]
Fix build on platforms not supporting sockopt SO_PROTOCOL
Broken-by: a8e46b3b71
Andreas Metzler [Sat, 2 May 2020 18:08:55 +0000 (19:08 +0100)]
Docs: fix mention of (the nonexistent) $domain_verified. Bug 2567
Broken-by: 163144aab0
Jeremy Harris [Sat, 2 May 2020 13:22:31 +0000 (14:22 +0100)]
Debug: socket details
Jeremy Harris [Fri, 1 May 2020 20:15:12 +0000 (21:15 +0100)]
Testsuite: tidying
Jeremy Harris [Fri, 1 May 2020 13:18:55 +0000 (14:18 +0100)]
Docs: fix more uses of $local_part in examples
Jeremy Harris [Fri, 1 May 2020 11:47:25 +0000 (12:47 +0100)]
Testsuite: handle RC tagging convention
Jeremy Harris [Fri, 1 May 2020 10:42:35 +0000 (11:42 +0100)]
Fix $local_part_verified for remote-delivery routing following local. Bug 2565
Andreas Metzler [Fri, 1 May 2020 08:28:30 +0000 (09:28 +0100)]
Docs: use verified version of local_part variable in router require_files example
Jeremy Harris [Thu, 30 Apr 2020 12:08:07 +0000 (13:08 +0100)]
Copyright updates:
vi $(git log --name-status exim-4.93..master | awk '/^M/{print $2}' | grep -v '^test/' | sort -u)
Jeremy Harris [Mon, 27 Apr 2020 17:56:08 +0000 (18:56 +0100)]
Testsuite: output changes resulting
Broken-by: 26831938fd
Jeremy Harris [Sun, 26 Apr 2020 20:40:43 +0000 (21:40 +0100)]
tidying
Jeremy Harris [Sun, 26 Apr 2020 19:58:44 +0000 (20:58 +0100)]
Bump buffer size for exiwhat info lines
Jeremy Harris [Sun, 26 Apr 2020 19:57:26 +0000 (20:57 +0100)]
Fix reporting of 2-phase queue-runner daemon, in daemon start log line and in exiwhat
Jeremy Harris [Sat, 25 Apr 2020 19:50:07 +0000 (20:50 +0100)]
DKIM: dkim_verify_min_keysizes option
Jeremy Harris [Sat, 25 Apr 2020 20:03:51 +0000 (21:03 +0100)]
DKIM: fix $dkim_key_length in verify
Jeremy Harris [Thu, 23 Apr 2020 16:13:27 +0000 (17:13 +0100)]
Logging: bump limit on initial-connect synch-error log line
Jeremy Harris [Wed, 22 Apr 2020 21:03:09 +0000 (22:03 +0100)]
Debug: internal consistency under testsuite
Jeremy Harris [Wed, 22 Apr 2020 20:05:55 +0000 (21:05 +0100)]
Testsuite: more tidying for Alpine
Jeremy Harris [Sat, 18 Apr 2020 14:36:54 +0000 (15:36 +0100)]
readsocket expansion: response caching
Jeremy Harris [Tue, 21 Apr 2020 22:21:24 +0000 (23:21 +0100)]
tidying
Jeremy Harris [Tue, 21 Apr 2020 22:17:53 +0000 (23:17 +0100)]
Testsuite: use name for nonexistent host that the testsuite forces to not-resolve
Avoids going to the plaform resolver, which can have varying behaviour
Phil Pennock [Tue, 21 Apr 2020 22:59:15 +0000 (18:59 -0400)]
stop-gap: doc glibc 2.31 RES_TRUSTAD/trust-ad
In glibc from release 2.31 onwards (change added in their commit
446997ff14) setting `dns_dnssec_ok` will not be sufficient. glibc has
added a new `options trust-ad` toggle for `/etc/resolv.conf` and a C
macro `RES_TRUSTAD`.
This will break existing deployments and binaries.
Our current mechanism for enabling DNSSEC is with an option named to
closely match the DNS feature required, so it is probably inappropriate
to tinker with a second option there. Instead we probably need a new
meta-option for the concept of DNSSEC, add the second new flag there,
and move `dns_dnssec_ok` to a legacy deprecated option.
That will only work if the machine Exim is built on has the new C macro,
but will need to be conditional upon that macro being defined, so
binaries built aren't going to be forward-compatible to other systems
with newer glibc. There is no good solution to solve this.
In the meantime, document the issue and point administrators at how to
work around the issue with a setting in `/etc/resolv.conf`
Thanks to Viktor Dukhovni for highlighting the existence of this
problem.
Heiko Schlichting [Mon, 20 Apr 2020 21:21:35 +0000 (22:21 +0100)]
Docs: fix mention of deprecated variables. Bug 2534
Erik Lax [Mon, 20 Apr 2020 20:34:33 +0000 (21:34 +0100)]
Fix spool space check to account for SIZE. Bug 2552