Jeremy Harris [Fri, 27 Jan 2023 20:02:58 +0000 (20:02 +0000)]
Docs: add note on daemon shutdown
Jeremy Harris [Fri, 27 Jan 2023 10:31:11 +0000 (10:31 +0000)]
Support use-but-not-create of notifier socket
Jeremy Harris [Fri, 27 Jan 2023 10:30:25 +0000 (10:30 +0000)]
Docs: expand info on two-phase queue runs
Jeremy Harris [Fri, 27 Jan 2023 09:57:40 +0000 (09:57 +0000)]
Docs: groom OCSP explanation
Jeremy Harris [Thu, 26 Jan 2023 21:09:27 +0000 (21:09 +0000)]
Testsuite: split out utility-target probes
Jeremy Harris [Wed, 18 Jan 2023 11:34:07 +0000 (11:34 +0000)]
Logging: Add "D=" to more connection closure log lines. Bug 2434
Jeremy Harris [Sun, 15 Jan 2023 22:08:48 +0000 (22:08 +0000)]
tidying
Jeremy Harris [Sat, 14 Jan 2023 13:14:15 +0000 (13:14 +0000)]
Docs: expand OCSP description
Jeremy Harris [Wed, 11 Jan 2023 21:55:15 +0000 (21:55 +0000)]
Testsuite: operational notes for TFO
Jeremy Harris [Mon, 9 Jan 2023 11:52:33 +0000 (11:52 +0000)]
Docs: add note on EC groups under GnuTLS
Jeremy Harris [Sat, 7 Jan 2023 20:19:38 +0000 (20:19 +0000)]
Testsuite: OpenSSL version differences
Jeremy Harris [Sat, 7 Jan 2023 16:15:46 +0000 (16:15 +0000)]
OpenSSL: fix build for pre-1.1.0
Broken-by: 42f1855e94bd
Jeremy Harris [Sat, 7 Jan 2023 00:17:08 +0000 (00:17 +0000)]
OpenSSL: tls_eccurves list support. Bug 2955
Jeremy Harris [Fri, 6 Jan 2023 20:50:23 +0000 (20:50 +0000)]
Debug: show received Proxy Protocol bytes
Jeremy Harris [Thu, 5 Jan 2023 18:39:51 +0000 (18:39 +0000)]
DANE: do not check dns_again_means_nonexist for TLSA results of TRY_AGAIN
Jeremy Harris [Thu, 5 Jan 2023 13:03:37 +0000 (13:03 +0000)]
OpenSSL: log conns rejected for bad ALPN, with the offered value
Unfortunately, no way to do this under GnuTLS
Jeremy Harris [Mon, 2 Jan 2023 15:04:14 +0000 (15:04 +0000)]
OpenSSL: Fix tls_eccurve on earlier versions than 3.0.0. Bug 2954
Broken-by: ca4014de81e6
Jeremy Harris [Sun, 1 Jan 2023 14:00:11 +0000 (14:00 +0000)]
Testsuite: munge changes
Jeremy Harris [Sun, 1 Jan 2023 12:18:38 +0000 (12:18 +0000)]
OpenSSL: fix tls_eccurve setting explicit curve/group. Bug 2954
Jeremy Harris [Sun, 1 Jan 2023 09:48:45 +0000 (09:48 +0000)]
Testsuite: fix PID-matching for 4-digit case, in munge
Jeremy Harris [Sat, 31 Dec 2022 18:32:37 +0000 (18:32 +0000)]
Testsuite: longer timing for OpenSSL resumption tests
Jeremy Harris [Sat, 31 Dec 2022 13:37:17 +0000 (13:37 +0000)]
Close server smtp socket explicitly on connect ACL "drop"
Jeremy Harris [Fri, 30 Dec 2022 18:53:51 +0000 (18:53 +0000)]
FreeBSD: fix listener-socket backlog monitoring
Jeremy Harris [Fri, 30 Dec 2022 12:21:40 +0000 (12:21 +0000)]
Testsuite: more PATH munge cases
cf:
caf28f95ce0a
Jeremy Harris [Thu, 29 Dec 2022 23:03:14 +0000 (23:03 +0000)]
Testsuite: munges for builds with varying numbers of lookup types
Jeremy Harris [Thu, 29 Dec 2022 22:43:53 +0000 (22:43 +0000)]
Testsuite: munges to support no-ssl builds
Jeremy Harris [Thu, 29 Dec 2022 18:53:44 +0000 (18:53 +0000)]
Testsuite: munge for list-search debug output of build-time options
Broken-by: 6fc54bd18aa7
Jeremy Harris [Thu, 29 Dec 2022 17:14:31 +0000 (17:14 +0000)]
Debug: quieten environment-cleaning
Jeremy Harris [Thu, 29 Dec 2022 00:50:50 +0000 (00:50 +0000)]
Debug: list searching
Jeremy Harris [Wed, 28 Dec 2022 19:39:06 +0000 (19:39 +0000)]
Fix recursion on dns_again_means_nonexist. Bug 2911
Jeremy Harris [Sun, 25 Dec 2022 21:05:42 +0000 (21:05 +0000)]
FreeBSD: fix notifier socket use
Jeremy Harris [Sun, 25 Dec 2022 21:01:21 +0000 (21:01 +0000)]
Testsuite: tidy spurious fails from TFO use
Jeremy Harris [Fri, 23 Dec 2022 18:02:25 +0000 (18:02 +0000)]
Expand max_rcpt option on smtp transport. Bug 2946
Jeremy Harris [Thu, 22 Dec 2022 19:34:33 +0000 (19:34 +0000)]
Testsuite: fix munge for GnuTLS ALPN
Broken-by: 520ef00f56ce
Jeremy Harris [Thu, 22 Dec 2022 14:58:57 +0000 (14:58 +0000)]
Testsuite: fix munging for leading-space on PID
Jeremy Harris [Tue, 20 Dec 2022 21:58:25 +0000 (21:58 +0000)]
Testsuite: output changes resulting
Broken-by: 4b98b16dbae9
Jeremy Harris [Tue, 20 Dec 2022 20:31:58 +0000 (20:31 +0000)]
Testsuite: avoid munge false-pos spotting a new PID
Jeremy Harris [Sun, 18 Dec 2022 18:44:54 +0000 (18:44 +0000)]
Rework "compiler quietening"
This partially reverts commit
0da41dc541d0f2536f9d2afc7188e9dfb97b0c09.
Jeremy Harris [Tue, 20 Dec 2022 14:38:26 +0000 (14:38 +0000)]
cppcheck sliencing
Jeremy Harris [Mon, 19 Dec 2022 21:09:17 +0000 (21:09 +0000)]
Fix logging of max-size log line
Broken-by: d12746bc15d8
Jeremy Harris [Sun, 18 Dec 2022 17:11:17 +0000 (17:11 +0000)]
Docs: tidying
Jeremy Harris [Sat, 17 Dec 2022 16:20:19 +0000 (16:20 +0000)]
Add template lines for alternate DBM libraries, in the teplate Makefile
Jeremy Harris [Thu, 15 Dec 2022 20:22:01 +0000 (20:22 +0000)]
Testsuite: quieten timing-dependent testcase
Jeremy Harris [Fri, 16 Dec 2022 21:01:57 +0000 (21:01 +0000)]
Docs: note on logging local port
Jeremy Harris [Tue, 13 Dec 2022 15:46:01 +0000 (15:46 +0000)]
ACL: Permit the "encrypted" condition to be used in a HELO/EHLO ACL
Jeremy Harris [Tue, 13 Dec 2022 15:43:52 +0000 (15:43 +0000)]
Testsuite: output changes resulting
Broken-by: 520ef00f56ce
Jeremy Harris [Tue, 13 Dec 2022 13:38:53 +0000 (13:38 +0000)]
GnuTLS: fix cert loading
Broken-by: 520ef00f56ce
Jeremy Harris [Sat, 12 Nov 2022 20:13:32 +0000 (20:13 +0000)]
tidying
Jeremy Harris [Sun, 11 Dec 2022 15:14:54 +0000 (15:14 +0000)]
TLS: Fix handling for server cert/key file SNI re-expansion forced-fail
Jeremy Harris [Sat, 10 Dec 2022 16:19:16 +0000 (16:19 +0000)]
Allow a forced-fail for banner expansion to close connection without panic-log
Jeremy Harris [Sat, 10 Dec 2022 10:47:05 +0000 (10:47 +0000)]
Move connect ACL before TLS-on-connect
Jeremy Harris [Sun, 4 Dec 2022 14:57:14 +0000 (14:57 +0000)]
Docs: note redefined macros for expansions
Jeremy Harris [Sat, 3 Dec 2022 23:13:53 +0000 (23:13 +0000)]
Fix ${run } arg parsing
Broken-by: cfe6acff2ddc
Jeremy Harris [Sat, 3 Dec 2022 17:50:17 +0000 (17:50 +0000)]
compiler quietening
Jeremy Harris [Sat, 3 Dec 2022 15:16:48 +0000 (15:16 +0000)]
tidying
Jeremy Harris [Tue, 29 Nov 2022 14:34:25 +0000 (14:34 +0000)]
Add variable $sender_helo_verified
Jeremy Harris [Tue, 29 Nov 2022 15:55:05 +0000 (15:55 +0000)]
Add predefined macros for expansions
Jeremy Harris [Tue, 29 Nov 2022 15:02:01 +0000 (15:02 +0000)]
Tweak debug output
Jeremy Harris [Tue, 29 Nov 2022 12:25:27 +0000 (12:25 +0000)]
Docs: fix typo in markup
Jeremy Harris [Tue, 29 Nov 2022 11:59:21 +0000 (11:59 +0000)]
Docs: update note on host_reject_connection
Jeremy Harris [Mon, 15 Aug 2022 19:41:56 +0000 (20:41 +0100)]
tidying
Jeremy Harris [Sun, 27 Nov 2022 14:40:20 +0000 (14:40 +0000)]
SPDX: Mass-update to GPL-2.0-or-later
This is based on the text in src/NOTICE
which is taken to override text in individual files
Jeremy Harris [Sun, 27 Nov 2022 14:38:37 +0000 (14:38 +0000)]
SPDX: license tags (mostly by guesswork)
Jeremy Harris [Sun, 27 Nov 2022 11:29:40 +0000 (11:29 +0000)]
Fix LibreSSL build
Jeremy Harris [Fri, 25 Nov 2022 12:33:28 +0000 (12:33 +0000)]
OpenSSL: fix build on older library version
Jeremy Harris [Thu, 24 Nov 2022 20:40:23 +0000 (20:40 +0000)]
Testsuite: fix TLSA record
Jeremy Harris [Thu, 24 Nov 2022 18:05:44 +0000 (18:05 +0000)]
Testsuite: avoid generating leaf certs expiring after signer expiry
Jeremy Harris [Tue, 22 Nov 2022 22:32:59 +0000 (22:32 +0000)]
OpenSSL: OCSP under DANE
Jeremy Harris [Wed, 23 Nov 2022 00:06:01 +0000 (00:06 +0000)]
Testsuite: output changes resulting
Jeremy Harris [Tue, 22 Nov 2022 20:49:05 +0000 (20:49 +0000)]
Testsuite: regularize client_anytls OCSP trace output
Jeremy Harris [Sat, 29 Oct 2022 21:33:43 +0000 (22:33 +0100)]
OpenSSL: fix double-expansion of tls_verify_certificates
Jeremy Harris [Tue, 25 Oct 2022 20:26:30 +0000 (21:26 +0100)]
OpenSSL: when preloading creds do the server certs before the OCSP proofs so that the latter can ve verified before loading
Jeremy Harris [Sat, 29 Oct 2022 18:25:23 +0000 (19:25 +0100)]
Lose duplicated cert in ocsp response
Jeremy Harris [Sun, 23 Oct 2022 13:51:33 +0000 (14:51 +0100)]
Testsuite: regenerate OCSP proofs with proof-signer certs
Jeremy Harris [Thu, 17 Nov 2022 18:56:34 +0000 (18:56 +0000)]
Docs: lose extra quotes
Jeremy Harris [Sat, 12 Nov 2022 20:17:55 +0000 (20:17 +0000)]
tidy segv stacktrace logging
Jeremy Harris [Sat, 12 Nov 2022 12:38:22 +0000 (12:38 +0000)]
Fix regex substring capture - commentary. Bug 2933
Broken-by (corrected):
22ed7a5295f1
Jeremy Harris [Fri, 11 Nov 2022 22:36:45 +0000 (22:36 +0000)]
Testsuite: fix poor choice of localpart
Jeremy Harris [Fri, 11 Nov 2022 18:22:00 +0000 (18:22 +0000)]
Fix regex substring capture variables for null matches (again). Bug 2933
Broken-by: 59d66fdc13f0
Jeremy Harris [Fri, 11 Nov 2022 00:05:59 +0000 (00:05 +0000)]
Fix regext substring capture variables for null matches. Bug 2933
broken-by:
59d66fdc13f0
Jeremy Harris [Thu, 10 Nov 2022 23:56:57 +0000 (23:56 +0000)]
Testsuite: certs output dependencies
Tim Gates [Thu, 17 Dec 2020 10:07:18 +0000 (21:07 +1100)]
typo: code comment signture -> signature
There is a small typo in src/src/globals.h.
Should read `signature` rather than `signture`.
Mehmet Suslu [Tue, 1 Mar 2022 07:33:23 +0000 (10:33 +0300)]
typo: error message referenced wrong option
Fix typo, -oMas -> -oMai
(cherry picked from commit
330ab60ef29c01fb472b6ce14e935ccb93e905ac)
Heiko Schlittermann (HS12-RIPE) [Thu, 3 Nov 2022 13:17:15 +0000 (14:17 +0100)]
docs: typo
Naim Addad [Thu, 3 Nov 2022 13:16:59 +0000 (14:16 +0100)]
docs: typo
Jeremy Harris [Sun, 30 Oct 2022 13:05:55 +0000 (13:05 +0000)]
Testsuite: fix munge of timestamp with timezone name
Jeremy Harris [Thu, 3 Nov 2022 22:50:12 +0000 (22:50 +0000)]
Testsuite: regenerate certificates tree
The OCSP proofs had become out-of-date
Jeremy Harris [Wed, 26 Oct 2022 13:42:03 +0000 (14:42 +0100)]
Testsuite: Automation for TLDA regen
Jeremy Harris [Thu, 3 Nov 2022 22:16:48 +0000 (22:16 +0000)]
Testsuite: library version variances
Ruben Jenster [Thu, 3 Nov 2022 21:38:15 +0000 (21:38 +0000)]
Fix $reccipients after ${run...}. Bug 2929
Broken-by: cfe6acff2d
Jeremy Harris [Thu, 3 Nov 2022 20:08:25 +0000 (20:08 +0000)]
Fix daemon startup. Bug 2930
Broken-by: 7d5055276a
Naim Addad [Tue, 1 Nov 2022 12:05:31 +0000 (13:05 +0100)]
doc: typo
Jeremy Harris [Mon, 31 Oct 2022 10:18:28 +0000 (10:18 +0000)]
Release process: permit minor version numbers after 99
Jeremy Harris [Sun, 23 Oct 2022 08:58:41 +0000 (09:58 +0100)]
Testsuite: clarify OCSP tests
Jeremy Harris [Sun, 23 Oct 2022 08:56:45 +0000 (09:56 +0100)]
Docs: fix description for hosts_request_ocsp default under DANE
Lorenz Brun [Fri, 14 Oct 2022 19:02:51 +0000 (21:02 +0200)]
DMARC: fix use-after-free in dmarc_dns_lookup
This fixes a use-after-free in dmarc_dns_lookup where the result
of dns_lookup in dnsa is freed before the required data is copied out.
Fixes: 9258363 ("DNS: explicit alloc/free of workspace")
Heiko Schlittermann (HS12-RIPE) [Sat, 15 Oct 2022 17:30:58 +0000 (19:30 +0200)]
Fix: Build with libopendmarc 1.4.x (fixes 2728)
Jeremy Harris [Tue, 4 Oct 2022 20:30:55 +0000 (21:30 +0100)]
Unbreak FreeBSD build
Broken-by: 96751ae76e
Jeremy Harris [Tue, 4 Oct 2022 18:12:13 +0000 (19:12 +0100)]
Quieten clang build
Jeremy Harris [Tue, 4 Oct 2022 18:11:03 +0000 (19:11 +0100)]
Fix build with older OpenSSL.
Broken-by: 96751ae76e