Jeremy Harris [Tue, 28 Sep 2021 22:27:59 +0000 (23:27 +0100)]
Merge branch '4.next'
Jeremy Harris [Tue, 28 Sep 2021 22:22:20 +0000 (23:22 +0100)]
Docs: tidy for next release
Heiko Schlittermann (HS12-RIPE) [Tue, 28 Sep 2021 08:24:46 +0000 (10:24 +0200)]
Release process: keep temp directory (fix --no-cleanup)
Heiko Schlittermann (HS12-RIPE) [Mon, 27 Sep 2021 12:49:01 +0000 (14:49 +0200)]
Docs: Change the copyright holder to "The Exim Maintainers"
Heiko Schlittermann (HS12-RIPE) [Mon, 27 Sep 2021 12:37:09 +0000 (14:37 +0200)]
Docs: Copyright year for spec.xfpt
Heiko Schlittermann (HS12-RIPE) [Mon, 27 Sep 2021 11:46:01 +0000 (13:46 +0200)]
Docs: typo
Jeremy Harris [Mon, 20 Sep 2021 21:41:04 +0000 (22:41 +0100)]
OpenBSD: disable compiler-time param checking for string_sprintf() etc
Jeremy Harris [Mon, 20 Sep 2021 21:19:59 +0000 (22:19 +0100)]
Docs: update for constification
Broken-by: ecb371298c
Jeremy Harris [Mon, 20 Sep 2021 21:07:48 +0000 (22:07 +0100)]
Docs: fix closed-mailinglist example
Thomas Noll [Wed, 15 Sep 2021 15:29:41 +0000 (16:29 +0100)]
Constification
Jeremy Harris [Tue, 14 Sep 2021 13:21:47 +0000 (14:21 +0100)]
DCC: fix loop expression
Renaud Allard [Tue, 14 Sep 2021 09:47:52 +0000 (10:47 +0100)]
TLS: build dependency for LibreSSL
(cherry picked from commit
48505c2b8095289f1226fe9a9fc63d4bcb387c87)
Renaud Allard [Tue, 14 Sep 2021 09:47:52 +0000 (10:47 +0100)]
TLS: build dependency for LibreSSL
Jeremy Harris [Mon, 13 Sep 2021 11:37:35 +0000 (12:37 +0100)]
constification
Jeremy Harris [Sun, 12 Sep 2021 17:01:09 +0000 (18:01 +0100)]
Use %ld not %l
Jeremy Harris [Sun, 12 Sep 2021 14:42:51 +0000 (15:42 +0100)]
pcre2
Jeremy Harris [Mon, 6 Sep 2021 15:09:28 +0000 (16:09 +0100)]
Docs: tidying
Jeremy Harris [Sun, 5 Sep 2021 10:32:09 +0000 (11:32 +0100)]
Fix validation of domain-literals in Message_ID: headers. Bug 2805
Jeremy Harris [Thu, 2 Sep 2021 16:08:20 +0000 (17:08 +0100)]
Avoid wait-for-tick on single-message connections
Jeremy Harris [Thu, 2 Sep 2021 14:16:46 +0000 (15:16 +0100)]
tidying
Jeremy Harris [Tue, 31 Aug 2021 20:55:00 +0000 (21:55 +0100)]
Avoid using CLOCK_MONOTONIC for $received_time. Bug 2615
(cherry picked from commit
8dcd5efb1f89d17b0b214e1face4146d3a1edd28)
Jeremy Harris [Wed, 1 Sep 2021 14:25:18 +0000 (15:25 +0100)]
Generalise "send failed" message in smtp transport
Jeremy Harris [Tue, 31 Aug 2021 20:55:00 +0000 (21:55 +0100)]
Avoid using CLOCK_MONOTONIC for $received_time. Bug 2615
Neil Youngman [Mon, 23 Aug 2021 19:36:21 +0000 (21:36 +0200)]
Fix small typo
Jeremy Harris [Thu, 19 Aug 2021 10:23:08 +0000 (11:23 +0100)]
Logging: specific error for tainted tag in debug filename
Jeremy Harris [Mon, 16 Aug 2021 20:01:04 +0000 (21:01 +0100)]
DKIM: Avoid spurious tls read timeout after signing failure
Jeremy Harris [Sun, 15 Aug 2021 09:40:02 +0000 (10:40 +0100)]
UTC output option for exim_dumpdb, exim_fixdb
Jeremy Harris [Wed, 11 Aug 2021 11:41:16 +0000 (12:41 +0100)]
Fix name of option in error log line
Jeremy Harris [Wed, 11 Aug 2021 11:39:41 +0000 (12:39 +0100)]
Docs: addition mention of lookup caching option
Jeremy Harris [Wed, 11 Aug 2021 10:10:59 +0000 (11:10 +0100)]
Docs: fix option crossref
Broken-by: adc03e3489
Jeremy Harris [Tue, 10 Aug 2021 20:32:18 +0000 (21:32 +0100)]
DKIM: fix verify under TLS & chunking, with pipelined next command
Jeremy Harris [Tue, 10 Aug 2021 16:36:03 +0000 (17:36 +0100)]
Testsuite: testcases for DKIM under TLS
Jeremy Harris [Tue, 10 Aug 2021 14:24:48 +0000 (15:24 +0100)]
Testsuite: testcase shuffling
Jeremy Harris [Tue, 10 Aug 2021 23:06:45 +0000 (00:06 +0100)]
Drop support for MacOS (darwin)
Heiko Schlittermann (HS12-RIPE) [Sat, 7 Aug 2021 22:00:10 +0000 (00:00 +0200)]
Drop support for MacOS (darwin)
Jeremy Harris [Mon, 9 Aug 2021 12:58:48 +0000 (13:58 +0100)]
Fix ClamAV command send
Broken-by: 64cc4714ab
Jeremy Harris [Sun, 8 Aug 2021 16:38:01 +0000 (17:38 +0100)]
Testsuite: add missing mask / ipv6 expansion
Jeremy Harris [Sun, 8 Aug 2021 16:34:49 +0000 (17:34 +0100)]
Expansions: mask_n operator
Jeremy Harris [Sun, 8 Aug 2021 12:57:24 +0000 (13:57 +0100)]
typo
Jeremy Harris [Sat, 7 Aug 2021 23:19:43 +0000 (00:19 +0100)]
Docs: add warning on use of envelope_to_add
Jeremy Harris [Wed, 4 Aug 2021 13:11:49 +0000 (14:11 +0100)]
Builtin macros for ACL conditions & modifiers
Jeremy Harris [Thu, 29 Jul 2021 18:35:02 +0000 (19:35 +0100)]
Update comments in example config file to match current default for TLS
Jeremy Harris [Sun, 1 Aug 2021 17:15:39 +0000 (18:15 +0100)]
ACL: "seen" condition
Jeremy Harris [Thu, 29 Jul 2021 18:35:02 +0000 (19:35 +0100)]
Update comments in expample config file to match current default for TLS
Jeremy Harris [Fri, 23 Jul 2021 11:08:02 +0000 (12:08 +0100)]
Docs: tidy variables lists
Jeremy Harris [Fri, 23 Jul 2021 11:05:49 +0000 (12:05 +0100)]
DKIM: fix build with older GnuTLS
Jeremy Harris [Thu, 22 Jul 2021 21:01:10 +0000 (22:01 +0100)]
TLS: fix tls_verify_certificates handling of "system"
A previous try at managing it for new-enough versions of GnuTLS actually
broke it for everything:
744170d4d3
Jeremy Harris [Thu, 22 Jul 2021 20:59:01 +0000 (21:59 +0100)]
Testsuite: output chnges resulting
Broken-by: 9138b6973b
Jeremy Harris [Wed, 21 Jul 2021 08:38:25 +0000 (09:38 +0100)]
typo
Andreas Metzler [Wed, 21 Jul 2021 08:30:56 +0000 (09:30 +0100)]
Docs: enhance SPF description
Jeremy Harris [Tue, 20 Jul 2021 10:00:03 +0000 (11:00 +0100)]
Docs: remove extraneous file copy
Jeremy Harris [Sun, 18 Jul 2021 19:30:24 +0000 (20:30 +0100)]
typo
Jeremy Harris [Sun, 18 Jul 2021 18:23:52 +0000 (19:23 +0100)]
ALPN: not supported under LibreSSL
Jeremy Harris [Sun, 18 Jul 2021 16:34:31 +0000 (17:34 +0100)]
Fix no-TLS bulid
Broken-by: c4b4086235
Jeremy Harris [Sun, 18 Jul 2021 14:51:16 +0000 (15:51 +0100)]
ALPN: feature macro
Jeremy Harris [Sun, 18 Jul 2021 14:11:32 +0000 (15:11 +0100)]
typo
Broken-by: c4b4086235
Jeremy Harris [Sun, 18 Jul 2021 13:25:14 +0000 (14:25 +0100)]
typo
Broken-by: c4b4086235
Jeremy Harris [Sat, 17 Jul 2021 23:15:01 +0000 (00:15 +0100)]
TLS: ALPN options
Jeremy Harris [Sat, 17 Jul 2021 12:53:22 +0000 (13:53 +0100)]
Remove the must-helo check from the example config
given that there is now a default-set option and hard code (
2f8e0a5f6b)
Heiko Schlittermann (HS12-RIPE) [Thu, 15 Jul 2021 20:55:05 +0000 (22:55 +0200)]
NewStuff typo
Jeremy Harris [Thu, 15 Jul 2021 20:05:27 +0000 (21:05 +0100)]
Docs: Clarify $acl_verify_message lifetime
Jeremy Harris [Mon, 12 Jul 2021 18:55:02 +0000 (19:55 +0100)]
Docs: fix formatting
Heiko Schlittermann (HS12-RIPE) [Sat, 10 Jul 2021 21:50:01 +0000 (23:50 +0200)]
Remove duplicate 4.95 section from NewStuff
Heiko Schlittermann (HS12-RIPE) [Sat, 10 Jul 2021 21:58:21 +0000 (23:58 +0200)]
Update OptionsList.txt
Heiko Schlittermann (HS12-RIPE) [Sat, 10 Jul 2021 21:49:35 +0000 (23:49 +0200)]
Fix various doc typos
Jeremy Harris [Sun, 11 Jul 2021 11:21:54 +0000 (12:21 +0100)]
GnuTLS: Fix certextract expansion
Jeremy Harris [Fri, 25 Jun 2021 14:23:38 +0000 (15:23 +0100)]
tidying
Jeremy Harris [Wed, 7 Jul 2021 21:19:07 +0000 (22:19 +0100)]
Fix tainted message for fakereject
Jeremy Harris [Fri, 2 Jul 2021 18:33:29 +0000 (19:33 +0100)]
Docs: additional possible result from spf check. Bug 2786
Jeremy Harris [Mon, 28 Jun 2021 21:17:22 +0000 (22:17 +0100)]
LibreSSL: TLS-write-shutdown does not push data
Jeremy Harris [Mon, 28 Jun 2021 18:49:00 +0000 (19:49 +0100)]
Readonly-config: not supported by Solaris 10
Broken-by: 753739fdef
Jeremy Harris [Mon, 28 Jun 2021 17:50:27 +0000 (18:50 +0100)]
Testsuite: munge for LibreSSL TLSv1.3
Jeremy Harris [Sun, 27 Jun 2021 23:35:57 +0000 (00:35 +0100)]
Merge branch 'readonly_config'
Jeremy Harris [Mon, 17 May 2021 21:13:21 +0000 (22:13 +0100)]
Doc note
Jeremy Harris [Mon, 17 May 2021 11:40:51 +0000 (12:40 +0100)]
gsasl authenticator: do not try to clear server password after use, if
from config text
Jeremy Harris [Sun, 16 May 2021 19:22:45 +0000 (20:22 +0100)]
Small config, with:
----Exit nonpool max: 18 kB in 8 blocks
----Exit npools max: 95 kB
----Exit pool 0 max: 12 kB in 2 blocks at order 13 untainted main
----Exit pool 1 max: 4 kB in 1 blocks at order 13 untainted perm
----Exit pool 2 max: 4 kB in 1 blocks at order 13 untainted config
----Exit pool 3 max: 4 kB in 1 blocks at order 13 untainted search
----Exit pool 4 max: 4 kB in 1 blocks at order 13 untainted message
----Exit pool 5 max: 4 kB in 1 blocks at order 13 tainted main
----Exit pool 6 max: 52 kB in 3 blocks at order 15 tainted perm
----Exit pool 7 max: 4 kB in 1 blocks at order 13 tainted config
----Exit pool 8 max: 4 kB in 1 blocks at order 13 tainted search
----Exit pool 9 max: 4 kB in 1 blocks at order 13 tainted message
Small config, without:
----Exit nonpool max: 18 kB in 8 blocks
----Exit npools max: 87 kB
----Exit pool 0 max: 12 kB in 2 blocks at order 13 untainted main
----Exit pool 1 max: 4 kB in 1 blocks at order 13 untainted perm
----Exit pool 2 max: 4 kB in 1 blocks at order 13 untainted search
----Exit pool 3 max: 4 kB in 1 blocks at order 13 untainted message
----Exit pool 4 max: 4 kB in 1 blocks at order 13 tainted main
----Exit pool 5 max: 52 kB in 3 blocks at order 15 tainted perm
----Exit pool 6 max: 4 kB in 1 blocks at order 13 tainted search
----Exit pool 7 max: 4 kB in 1 blocks at order 13 tainted message
Large config, with:
----Exit nonpool max: 17 kB in 30 blocks
----Exit npools max: 309 kB
----Exit pool 0 max: 124 kB in 5 blocks at order 17 untainted main
----Exit pool 1 max: 60 kB in 4 blocks at order 15 untainted perm
----Exit pool 2 max: 298 kB in 2 blocks at order 13 untainted config
----Exit pool 3 max: 12 kB in 2 blocks at order 13 untainted search
----Exit pool 4 max: 4 kB in 1 blocks at order 13 untainted message
----Exit pool 5 max: 60 kB in 4 blocks at order 15 tainted main
----Exit pool 6 max: 52 kB in 3 blocks at order 15 tainted perm
----Exit pool 7 max: 4 kB in 1 blocks at order 13 tainted config
----Exit pool 8 max: 4 kB in 1 blocks at order 13 tainted search
----Exit pool 9 max: 4 kB in 1 blocks at order 13 tainted message
Large config, without:
----Exit nonpool max: 212 kB in 30 blocks
----Exit npools max: 591 kB
----Exit pool 0 max: 508 kB in 7 blocks at order 19 untainted main
----Exit pool 1 max: 12 kB in 2 blocks at order 13 untainted perm
----Exit pool 2 max: 4 kB in 1 blocks at order 13 untainted search
----Exit pool 3 max: 4 kB in 1 blocks at order 13 untainted message
----Exit pool 4 max: 4 kB in 1 blocks at order 13 tainted main
----Exit pool 5 max: 52 kB in 3 blocks at order 15 tainted perm
----Exit pool 6 max: 4 kB in 1 blocks at order 13 tainted search
----Exit pool 7 max: 4 kB in 1 blocks at order 13 tainted message
Jeremy Harris [Sun, 16 May 2021 14:37:18 +0000 (15:37 +0100)]
paniclog sigsegv events
Jeremy Harris [Sun, 16 May 2021 12:22:20 +0000 (13:22 +0100)]
openssl config strings are immutable
Jeremy Harris [Sun, 16 May 2021 11:52:36 +0000 (12:52 +0100)]
Config lines are immutable during -bP config dump
Jeremy Harris [Sat, 15 May 2021 15:52:12 +0000 (16:52 +0100)]
autorepy never_mail strings are immutable
Jeremy Harris [Sat, 15 May 2021 15:32:57 +0000 (16:32 +0100)]
avoid mofying config text
Jeremy Harris [Sat, 15 May 2021 14:41:43 +0000 (15:41 +0100)]
smtp tpt fallback_hosts list must be mutable
Jeremy Harris [Sat, 15 May 2021 14:18:22 +0000 (15:18 +0100)]
acceptable log output change
Jeremy Harris [Sat, 15 May 2021 00:11:41 +0000 (01:11 +0100)]
hostlist for router fallback_hosts must be mutable
Jeremy Harris [Fri, 14 May 2021 23:48:40 +0000 (00:48 +0100)]
consification
Jeremy Harris [Fri, 14 May 2021 23:37:43 +0000 (00:37 +0100)]
avoid modifying source text in parse_forward_list()
Jeremy Harris [Fri, 14 May 2021 23:19:26 +0000 (00:19 +0100)]
avoid modifying source text, in appendfile
Jeremy Harris [Fri, 14 May 2021 23:03:01 +0000 (00:03 +0100)]
tree nodes for acls must be mutable
Jeremy Harris [Fri, 14 May 2021 23:01:27 +0000 (00:01 +0100)]
avoid modifying possible config text during :fail: delivery
Jeremy Harris [Fri, 14 May 2021 23:00:06 +0000 (00:00 +0100)]
copy transport struct for modifying for **bypassed** postprocess
Jeremy Harris [Fri, 14 May 2021 22:58:32 +0000 (23:58 +0100)]
use store_get_perm()
Jeremy Harris [Thu, 13 May 2021 21:19:10 +0000 (22:19 +0100)]
driver options blocks must be mutable
Jeremy Harris [Thu, 13 May 2021 20:59:25 +0000 (21:59 +0100)]
router instance must be mutable
Jeremy Harris [Thu, 13 May 2021 20:31:16 +0000 (21:31 +0100)]
namedlist_block has to be allocated mutably, to cache lookups
paniclog from 5 - subprocess crashes
Jeremy Harris [Mon, 10 May 2021 21:47:01 +0000 (22:47 +0100)]
first go. crashes in 0003
Jeremy Harris [Fri, 7 May 2021 12:09:12 +0000 (13:09 +0100)]
Suggestion from Qalys:
If I may add one more thing, there is an issue that should be addressed
sooner rather than later: the writable configuration at the beginning of
the heap. A short-term (and hopefully non-intrusive) solution may be to
mmap() the configuration instead, and then mprotect(PROT_READ) it. This
would mitigate the exploitation technique that almost all Exim exploits
have been using.
Jeremy Harris [Sun, 27 Jun 2021 23:29:09 +0000 (00:29 +0100)]
Fix Solaris 10 build, more
Jeremy Harris [Sun, 27 Jun 2021 20:15:45 +0000 (21:15 +0100)]
Fix Solaris 10 build, for intro of taintwarn
Broken-by: f9a3fcddba
Jeremy Harris [Sun, 27 Jun 2021 17:58:44 +0000 (18:58 +0100)]
TLS: track changing fd of file-watcher when creds are releaded.
Broken-by: 5fd673807d
Heiko Schlittermann (HS12-RIPE) [Fri, 25 Jun 2021 08:02:47 +0000 (10:02 +0200)]
Merge branch 'hs/taintwarn'
This is a "forward" port of the taintwarn patches that are applied to
4.94.2+fixes.