JH/34 Bug 1192: replace the embedded copy of PolarSSL RSA routines in the DKIM
support, by using OpenSSL or GnuTLS library ones. This means DKIM is
- only supported when built with TLS support.
+ only supported when built with TLS support. The PolarSSL SHA routines
+ are still used when the TLS library is too old for convenient support.
JH/35 Require SINGLE_DH_USE by default in OpenSSL (main config option
openssl_options), for security. OpenSSL forces this from version 1.1.0
server-side so match that on older versions.
-JH/36 Fix a longstanding bug in memory use by the ${run } expansion: A fresh
+JH/36 Bug 1778: longstanding bug in memory use by the ${run } expansion: A fresh
allocation for $value could be released as the expansion processing
- concluded, but leaving the global pointer active for it. Possibly
- involved in Bug 1778.
+ concluded, but leaving the global pointer active for it.
JH/37 Bug 1769: Permit a VRFY ACL to override the default 252 response,
and to use the domains and local_parts ACL conditions.