users/heiko/exim.git
7 years agoDebug: indent ACL and expreassion tracing by evaluation depth
Jeremy Harris [Sun, 5 Feb 2017 23:19:56 +0000 (23:19 +0000)]
Debug: indent ACL and expreassion tracing by evaluation depth

7 years agoDKIM: trim debug verbosity
Jeremy Harris [Wed, 8 Feb 2017 14:04:47 +0000 (14:04 +0000)]
DKIM: trim debug verbosity

This tidies some buildfarm fails on animals buildding without DKIM

7 years agoFix non-contentscan build
Jeremy Harris [Wed, 8 Feb 2017 10:48:33 +0000 (10:48 +0000)]
Fix non-contentscan build

Broken-by: 90341c71c19c
7 years agoMemory management: drop variables identified as going out-of-scope
Jeremy Harris [Wed, 8 Feb 2017 01:19:39 +0000 (01:19 +0000)]
Memory management: drop variables identified as going out-of-scope

Fixes crash in transport re-using bad $sender_ip_address from callout

7 years agoMemory management: when running under the testsuite, check every string variable...
Jeremy Harris [Tue, 7 Feb 2017 21:48:48 +0000 (21:48 +0000)]
Memory management: when running under the testsuite, check every string variable on store_reset

On spotting data in a region being freed, panic

7 years agoDocÖ Fix typo about spf lookup (experimental)
Heiko Schlittermann (HS12-RIPE) [Tue, 7 Feb 2017 19:08:58 +0000 (20:08 +0100)]
DocÖ Fix typo about spf lookup (experimental)

7 years agoTestsuite: tidy generation and sorting of exim -bp output
Heiko Schlittermann (HS12-RIPE) [Thu, 2 Feb 2017 08:21:13 +0000 (09:21 +0100)]
Testsuite: tidy generation and sorting of exim -bp output

The root cause is, that exim -bp doesn't always return the message
ids in the order they were created, but sorted. The 2nd
part of the message id (PID) can be random on *BSD.

7 years agodoc-fix: reference current libsrs_alt availability
Phil Pennock [Mon, 6 Feb 2017 18:25:30 +0000 (13:25 -0500)]
doc-fix: reference current libsrs_alt availability

Matches site from Wiki, from Google SERP, etc.

7 years agoCHUNKING: fix transport crash on temp-reject of pipelined non-first chunk
Jeremy Harris [Mon, 6 Feb 2017 14:16:14 +0000 (14:16 +0000)]
CHUNKING: fix transport crash on temp-reject of pipelined non-first chunk

7 years agoDKIM: more care over untrustworthy data during verify
Jeremy Harris [Fri, 3 Feb 2017 13:55:58 +0000 (13:55 +0000)]
DKIM: more care over untrustworthy data during verify

7 years agoFix no-SSL build
Jeremy Harris [Fri, 3 Feb 2017 14:00:40 +0000 (14:00 +0000)]
Fix no-SSL build

7 years agoFreeBSD: Perl no longer in /usr/bin from Ports
Phil Pennock [Thu, 2 Feb 2017 21:02:40 +0000 (16:02 -0500)]
FreeBSD: Perl no longer in /usr/bin from Ports

FreeBSD Ports by policy no longer allows symlinks in /usr/bin for things
like Perl, so we have to look in /usr/local/bin for it instead.

7 years agoSpec docs for IDNA2008 support
Phil Pennock [Thu, 2 Feb 2017 20:13:53 +0000 (15:13 -0500)]
Spec docs for IDNA2008 support

7 years agoGnuTLS: fix use of SHA3 hashes
Jeremy Harris [Thu, 2 Feb 2017 14:22:07 +0000 (14:22 +0000)]
GnuTLS: fix use of SHA3 hashes

7 years agoTestsuite: Fix 0207 (message order)
Heiko Schlittermann (HS12-RIPE) [Thu, 2 Feb 2017 00:32:21 +0000 (01:32 +0100)]
Testsuite: Fix 0207 (message order)

Message ids are not always in ascending order (PIDs may be randomized)
Thanks to Kirill Miazine.

7 years agoTestsuite: output changes from a26fb6a77384
Jeremy Harris [Wed, 1 Feb 2017 17:46:26 +0000 (17:46 +0000)]
Testsuite: output changes from a26fb6a77384

7 years agobug-fix test-driving input
Phil Pennock [Wed, 1 Feb 2017 17:34:52 +0000 (12:34 -0500)]
bug-fix test-driving input

The client driver is a little restrictive in the escape sequences it
handles; two octets here were missing the `x` after the `\`, so `\05` is
two octets, a 0 and then a 5, where `\x05` would be one octet.

So we were sending two more octets than expected, not catching that Exim
was parsing the wrong IP/port at the end, and now that Exim only reads
as much of the proxy protocol header as belongs in it, instead of "up to
the largest it could be", this test-bug has been exposed.

7 years agoProxy clarification & nit fixes.
Phil Pennock [Wed, 1 Feb 2017 04:55:51 +0000 (23:55 -0500)]
Proxy clarification & nit fixes.

Release: should be cherry-picked into 4.89RC series

7 years agoHandle Proxy Protocol v2 safely as well.
Phil Pennock [Wed, 1 Feb 2017 03:15:55 +0000 (22:15 -0500)]
Handle Proxy Protocol v2 safely as well.

We had test suite failures (test suite success!) because Proxy Protocol
v2 (PPv2) wasn't being detected; by only reading 12 octets, the >= 16
check was failing.  But in fact I had previously only fixed reading
"only enough" for PPv1.

Handling both PPv1 and PPv2 is complicated because the minimum valid
length for PPv1 is 15 octets but for PPv2 the size to read is in the
15th and 16th octets.

So refactored a little and we now use a total of 3 reads for the PPv2
case (assuming no fragmentation, etc; we'll actually keep reading now
instead of aborting) to get the entire PPv2 header of exactly the right
size, so that TLS handshake immediately following the PP header is not
also swallowed.

Fixes: 2018
Tested: manually, TLS and non-TLS, PPv1 and PPv2, all ways.
Release: should be cherry-picked into 4.89RC series

7 years agoFix error logged for send failure
Jeremy Harris [Tue, 31 Jan 2017 21:38:22 +0000 (21:38 +0000)]
Fix error logged for send failure

Broken-by: de6273b487f1
7 years agoTestsuite: use certs expring before end of 2037, to avoid GnuTLS top-limit clamp...
Jeremy Harris [Tue, 31 Jan 2017 17:45:51 +0000 (17:45 +0000)]
Testsuite: use certs expring before end of 2037, to avoid GnuTLS top-limit clamp on small-size_t platforms

7 years agoCallouts: fix recipient verify/random
Jeremy Harris [Tue, 31 Jan 2017 16:00:54 +0000 (16:00 +0000)]
Callouts: fix recipient verify/random

Broken-by: e9166683487c
7 years agoFix logging of drop-after-EHLO-reject.
Jeremy Harris [Tue, 31 Jan 2017 01:22:17 +0000 (01:22 +0000)]
Fix logging of drop-after-EHLO-reject.
An unset variable went wrong with clang, was fortuitously right with gcc.

7 years agoTestsuite: perl may live in /usr/local/bin
Jeremy Harris [Mon, 30 Jan 2017 17:52:50 +0000 (17:52 +0000)]
Testsuite: perl may live in /usr/local/bin

7 years agoAvoid using "-w" option in perl script shebang lines, being incompatible with "env...
Jeremy Harris [Mon, 30 Jan 2017 17:27:15 +0000 (17:27 +0000)]
Avoid using "-w" option in perl script shebang lines, being incompatible with "env perl"

7 years agoAbort release process if generated .txt empty
Phil Pennock [Tue, 31 Jan 2017 03:57:52 +0000 (22:57 -0500)]
Abort release process if generated .txt empty

7 years agoOpen umask before creating release packages
Phil Pennock [Tue, 31 Jan 2017 03:44:45 +0000 (22:44 -0500)]
Open umask before creating release packages

7 years agoCopyright year bumps for substantive changes 2017 exim-4_89_RC1
Phil Pennock [Tue, 31 Jan 2017 01:41:31 +0000 (20:41 -0500)]
Copyright year bumps for substantive changes 2017

7 years agoDocument that fixed 2018
Phil Pennock [Tue, 31 Jan 2017 00:54:47 +0000 (19:54 -0500)]
Document that fixed 2018

Fixes: 2018
7 years agoAvoid reading too much data before TLS handshake
Phil Pennock [Tue, 31 Jan 2017 00:51:01 +0000 (19:51 -0500)]
Avoid reading too much data before TLS handshake

7 years agoFix size calculation, log unhandled amount.
Phil Pennock [Mon, 30 Jan 2017 23:38:16 +0000 (18:38 -0500)]
Fix size calculation, log unhandled amount.

We did a `string_copy()` so `hdr.v1.line` is not the right base for an
accurate size.  Fix.

Log unhanded amount.  For clients waiting on the server before sending,
this has to be 0.  For clients speaking first (TLS) this can be
non-zero.

7 years agoRestrict address-parsing to a maximum of five layers of nested angle-brackets,
Jeremy Harris [Mon, 30 Jan 2017 15:37:50 +0000 (15:37 +0000)]
Restrict address-parsing to a maximum of five layers of nested angle-brackets,
under main-option strip_excess_angle_brackets

7 years agoTidying: Coverity
Jeremy Harris [Sun, 29 Jan 2017 22:58:47 +0000 (22:58 +0000)]
Tidying: Coverity

7 years agoTestsuite: add missing output file.
Jeremy Harris [Sun, 29 Jan 2017 20:18:07 +0000 (20:18 +0000)]
Testsuite: add missing output file.

Broken-by: 560e71cc5451
7 years agoUpdate change log
Jeremy Harris [Sun, 29 Jan 2017 19:15:12 +0000 (19:15 +0000)]
Update change log

7 years agoCHUNKING: Reject messages with malformed line ending. Bug 2000
Jeremy Harris [Sun, 29 Jan 2017 18:03:40 +0000 (18:03 +0000)]
CHUNKING: Reject messages with malformed line ending.  Bug 2000

Actually test only the first header line, but still do full line-ending canonicalisation on the
remainder of the message in case a Evil Person slips past that.

7 years agoDocs: add note on verify = senders= . Bug 2028
Jeremy Harris [Sun, 29 Jan 2017 15:30:28 +0000 (15:30 +0000)]
Docs: add note on verify = senders= .  Bug 2028

7 years agoTFO: remember setsockopt results, to condition non-transport client use. Bug 2027
Jeremy Harris [Thu, 26 Jan 2017 20:21:57 +0000 (20:21 +0000)]
TFO: remember setsockopt results, to condition non-transport client use.  Bug 2027

7 years agoShuffle proxy-protocol to wrap TLS-on-connect startup. Bug 2018
Jeremy Harris [Tue, 17 Jan 2017 00:39:41 +0000 (00:39 +0000)]
Shuffle proxy-protocol to wrap TLS-on-connect startup.  Bug 2018

7 years agoDANE: fix build under LibreSSL. Bug 2020
Kirill Miazine [Sun, 29 Jan 2017 14:55:58 +0000 (14:55 +0000)]
DANE: fix build under LibreSSL.  Bug 2020

7 years agoTestsuite: add dnsdb testcase for defer when used in ACL
Jeremy Harris [Sat, 28 Jan 2017 17:53:29 +0000 (17:53 +0000)]
Testsuite: add dnsdb testcase for defer when used in ACL

7 years agoDocs: add note on system_filter forced expansion fail
Jeremy Harris [Sat, 28 Jan 2017 16:13:26 +0000 (16:13 +0000)]
Docs: add note on system_filter forced expansion fail

7 years agoLMDB: include filename in open-error message
Jeremy Harris [Sat, 28 Jan 2017 15:08:22 +0000 (15:08 +0000)]
LMDB: include filename in open-error message

7 years agoDKIM: check pointer to calculated body hash before verify comparison. Bug 2029
Jeremy Harris [Sat, 28 Jan 2017 12:30:29 +0000 (12:30 +0000)]
DKIM: check pointer to calculated body hash before verify comparison.  Bug 2029

We can have a missing body hash from a malformed DKIM-Signature: header

7 years agoTestsuite: testcase for DKIM bug 2029
Jeremy Harris [Sat, 28 Jan 2017 14:21:19 +0000 (14:21 +0000)]
Testsuite: testcase for DKIM bug 2029

7 years agoDKIM: rename variables for clarity
Jeremy Harris [Sat, 28 Jan 2017 12:29:47 +0000 (12:29 +0000)]
DKIM: rename variables for clarity

7 years agoTestsuite: get same certextract samples for GnuTLS and OpenSSL
Jeremy Harris [Wed, 25 Jan 2017 17:08:53 +0000 (17:08 +0000)]
Testsuite: get same certextract samples for GnuTLS and OpenSSL

7 years agoTestsuite: output file changes from d7a2c8337f7b
Jeremy Harris [Tue, 24 Jan 2017 21:01:04 +0000 (21:01 +0000)]
Testsuite: output file changes from d7a2c8337f7b

7 years agoTestsuite: fix delay-dependent testcase for really slow systems
Jeremy Harris [Tue, 24 Jan 2017 20:46:47 +0000 (20:46 +0000)]
Testsuite: fix delay-dependent testcase for really slow systems

7 years agoTestsuite: missing output files
Jeremy Harris [Tue, 24 Jan 2017 19:46:36 +0000 (19:46 +0000)]
Testsuite: missing output files

7 years agoFix reception of (quoted) local-parts with embedded spaces. Bug 2025
Jeremy Harris [Tue, 24 Jan 2017 18:17:10 +0000 (18:17 +0000)]
Fix reception of (quoted) local-parts with embedded spaces.  Bug 2025

7 years agoTFO: Support compilation on Linus platforms which define TCP_FASTOPEN but not MSG_FAS...
Jeremy Harris [Tue, 24 Jan 2017 16:52:01 +0000 (16:52 +0000)]
TFO: Support compilation on Linus platforms which define TCP_FASTOPEN but not MSG_FASTOPEN

7 years agoDefine MIN and MAX for Solaris
Jeremy Harris [Tue, 24 Jan 2017 15:03:03 +0000 (15:03 +0000)]
Define MIN and MAX for Solaris

7 years agoFix build with OpenSSL, EXPERIMENTAL_DANE and DISABLE_EVENT
Jeremy Harris [Mon, 23 Jan 2017 19:12:37 +0000 (19:12 +0000)]
Fix build with OpenSSL, EXPERIMENTAL_DANE and DISABLE_EVENT

7 years agoDocument OpenBSD resolver ignoring EDNS0
Phil Pennock [Mon, 23 Jan 2017 02:36:21 +0000 (21:36 -0500)]
Document OpenBSD resolver ignoring EDNS0

7 years agoDKIM: permit verify of sig blocks that sign other sig blocks. Bug 2014
Jeremy Harris [Sun, 22 Jan 2017 17:35:08 +0000 (17:35 +0000)]
DKIM: permit verify of sig blocks that sign other sig blocks.  Bug 2014

7 years agoMerge branch 'fix-2016-dkim'
Jeremy Harris [Sun, 22 Jan 2017 14:05:38 +0000 (14:05 +0000)]
Merge branch 'fix-2016-dkim'

7 years agoFix DKIM verify when used with CHUNKING. Bug 2016
Jeremy Harris [Thu, 19 Jan 2017 15:37:16 +0000 (15:37 +0000)]
Fix DKIM verify when used with CHUNKING.  Bug 2016

7 years agoTestsuite: Add DKIM Chunking test
Heiko Schlittermann (HS12-RIPE) [Wed, 18 Jan 2017 21:31:05 +0000 (22:31 +0100)]
Testsuite: Add DKIM Chunking test

7 years agoTestsuite: Rename 4500-Domain-Keys-Identified-Mail for consistency
Heiko Schlittermann (HS12-RIPE) [Wed, 18 Jan 2017 21:27:45 +0000 (22:27 +0100)]
Testsuite: Rename 4500-Domain-Keys-Identified-Mail for consistency

7 years agoTestsuite: Rename 4510-DKIM
Heiko Schlittermann (HS12-RIPE) [Wed, 18 Jan 2017 21:25:20 +0000 (22:25 +0100)]
Testsuite: Rename 4510-DKIM

We need some additional tests in 4500

7 years agoMerge branch 'callout_smtp_tpt_merge'
Jeremy Harris [Sat, 21 Jan 2017 22:30:00 +0000 (22:30 +0000)]
Merge branch 'callout_smtp_tpt_merge'

7 years agoTestcases for pipelined callout
Jeremy Harris [Sat, 14 Jan 2017 17:34:57 +0000 (17:34 +0000)]
Testcases for pipelined callout

7 years agoUse smtp_write_mail_and_rcpt_cmds() for verify callout
Jeremy Harris [Tue, 10 Jan 2017 23:04:49 +0000 (23:04 +0000)]
Use smtp_write_mail_and_rcpt_cmds() for verify callout

7 years agouse smtp_context struct for sync_responses()
Jeremy Harris [Wed, 11 Jan 2017 20:22:42 +0000 (20:22 +0000)]
use smtp_context struct for sync_responses()

7 years agoSplit out smtp_write_mail_and_rcpt_cmds() from smtp_deliver()
Jeremy Harris [Tue, 10 Jan 2017 19:22:04 +0000 (19:22 +0000)]
Split out smtp_write_mail_and_rcpt_cmds() from smtp_deliver()

7 years agoSplit out cutthrough connection-cache / subsequent-rcpt handling, from do_callout()
Jeremy Harris [Mon, 9 Jan 2017 15:54:26 +0000 (15:54 +0000)]
Split out cutthrough connection-cache / subsequent-rcpt handling, from do_callout()

7 years agoSplit out callout-cache handling from do_callout()
Jeremy Harris [Mon, 9 Jan 2017 11:46:30 +0000 (11:46 +0000)]
Split out callout-cache handling from do_callout()

7 years agoUse smtp_setup_conn() for verify callout
Jeremy Harris [Sat, 24 Dec 2016 21:04:20 +0000 (21:04 +0000)]
Use smtp_setup_conn() for verify callout

7 years agoSplit out smtp MAIL and RCPT option string building
Jeremy Harris [Sat, 24 Dec 2016 19:24:56 +0000 (19:24 +0000)]
Split out smtp MAIL and RCPT option string building

7 years agoSplit out smtp_setup_conn() from smtp_deliver, in the transport
Jeremy Harris [Mon, 19 Dec 2016 13:10:29 +0000 (13:10 +0000)]
Split out smtp_setup_conn() from smtp_deliver, in the transport

7 years agoFix DKIM verify operation in -bh test mode. Bug 2017
Jeremy Harris [Sat, 21 Jan 2017 18:54:56 +0000 (18:54 +0000)]
Fix DKIM verify operation in -bh test mode.  Bug 2017

7 years agoTestsuite: Make patchexim work with dirty tag checkouts
Heiko Schlittermann (HS12-RIPE) [Wed, 18 Jan 2017 21:33:51 +0000 (22:33 +0100)]
Testsuite: Make patchexim work with dirty tag checkouts

7 years agofix example command-line
Phil Pennock [Fri, 20 Jan 2017 12:07:54 +0000 (07:07 -0500)]
fix example command-line

7 years agoTestsuite: output changes from 4c04137d7
Jeremy Harris [Thu, 19 Jan 2017 13:20:47 +0000 (13:20 +0000)]
Testsuite: output changes from 4c04137d7

7 years agoVRFY: advertise in EHLO response, if there is an ACL defined
Jeremy Harris [Thu, 19 Jan 2017 13:12:02 +0000 (13:12 +0000)]
VRFY: advertise in EHLO response, if there is an ACL defined

7 years agoVRFY: add docs note on results, and additional test cases
Jeremy Harris [Thu, 19 Jan 2017 12:26:35 +0000 (12:26 +0000)]
VRFY: add docs note on results, and additional test cases

7 years agoDocs: add note on round-robin DNS problems vs. authentication
Jeremy Harris [Tue, 17 Jan 2017 18:03:15 +0000 (18:03 +0000)]
Docs: add note on round-robin DNS problems vs. authentication

7 years agospelling: Mavrogiannopoulos
Josh Soref [Wed, 18 Jan 2017 23:20:12 +0000 (18:20 -0500)]
spelling: Mavrogiannopoulos

Committer note: the name was spelt as was used by Nikos at the time, but
he's since switched to the other latinization form and is using it
everywhere these days.  Part of his response was "Feel free to use the
Mavrogiannopoulos variant everywhere.", so I'm merging this commit too.

7 years agoreplace keept with rotation
Josh Soref [Wed, 18 Jan 2017 17:58:52 +0000 (17:58 +0000)]
replace keept with rotation

Log rotate documentation does not actually give a term for this portion
of a filename, but to the extent that I can find a term, a number of
places call it a "rotation number".

Replacing keept which is inaccurate and misleading with rotation makes
the code a little easier to read.

7 years agoRecording merge technique in git history
Phil Pennock [Wed, 18 Jan 2017 16:39:24 +0000 (11:39 -0500)]
Recording merge technique in git history

This is an empty commit which exists for this commit message,
documenting how I handled GitHub PR 52, which was 228 separate commits,
each fixing the spelling of one word.  The submitter's approach made it
easy to consider and approve/reject each independently, so was valuable,
but I didn't want so many commits in our history.

A few aspects of the shell commands rely upon Zsh: `read -q` for
getting a single Y/N response; `$IFS` containing ASCII NUL (and
builtins handling NUL inside strings) for parsing `.git/MERGE_RR`;
anonymous function calls so that I could abort cleanly if I wanted to.

    git log --pretty=tformat:%h master..github/pr/52  > ../1.consider
    touch ../2.keep
    for F in $(<../1.consider); do git show $F | cat -v; read -q "keep?Keep $F ? " && echo $F >> ../2.keep; echo; echo =============================; done

That let me iterate through each, selecting 214/228 commits to apply in
one pass.  Two PR commits were held for a separate commit, because they
fixed behavioural bugs.  So 216/228 were accepted.  A couple warranted
minor post-fixing as part of the first PR.

    for F in $(<../2.keep ) ; do (){ git cherry-pick -n $F && continue; for junk fn in $(<.git/MERGE_RR); do [[ -n $fn ]] || break; if vi $fn; then git add $fn; else return 1; fi; done } || break; done
    vi src/src/filter.c && git add src/src/filter.c
    vi src/src/dns.c && git add src/src/dns.c
    GIT_AUTHOR_NAME='Josh Soref' GIT_AUTHOR_EMAIL='jsoref@users.noreply.github.com' git commit

and similarly for the second commit.

One more commit from the PR requires chasing with a contributor whose
name is natively in a non-Roman alphabet and who appears to have changed
the Romanisation, to check how they'd like it handled.  I will chase
under separate cover.

7 years agoBug-fix no_require_dnssec parsing & spelling fixes
Josh Soref [Wed, 18 Jan 2017 16:36:24 +0000 (11:36 -0500)]
Bug-fix no_require_dnssec parsing & spelling fixes

Patches from Josh Soref fixing spelling fixed two bugs:
* Parsing `no_require_dnssec` configuration option
* Setting `_HAVE_TRANSPORT_APPEND_MAILDIR` macro (for config parsing)

[ PP pulled these two out into a separate commit to update the ChangeLog
  accordingly. ]

7 years ago214 spelling fixes
Josh Soref [Wed, 18 Jan 2017 16:30:26 +0000 (11:30 -0500)]
214 spelling fixes

7 years agoProvide alternative Heimdal pkg-config example
Phil Pennock [Fri, 13 Jan 2017 04:37:50 +0000 (23:37 -0500)]
Provide alternative Heimdal pkg-config example

Building Exim against Heimdal 1.5, heimdal-gssapi.pc was needed.
There's been a major version bump in Heimdal, and against 7.1 that
doesn't work; using heimdal-krb5.pc fails on missing `gss_*` functions.

I can find no build documentation for Heimdal which describes what
should be needed.  heimdal-gssapi.pc does reference heimdal-krb5.pc
in `Requires.private` but it's not being used by FreeBSD pkgconf in
such a way that it's available when building on FreeBSD 10.3.

Fortunately, our `*_PC` logic works with multiple packages listed,
so provide that example.

7 years agoDocs: add note on DKIM ACL triggers
Jeremy Harris [Wed, 11 Jan 2017 12:12:49 +0000 (12:12 +0000)]
Docs: add note on DKIM ACL triggers

7 years agoTestsuite: moved output file
Jeremy Harris [Wed, 4 Jan 2017 13:58:29 +0000 (13:58 +0000)]
Testsuite: moved output file

Broken-by: f4630439f888
7 years agoCHUNKING: fix non-pipelined synch checks. Bug 2004
Jeremy Harris [Tue, 3 Jan 2017 20:15:39 +0000 (20:15 +0000)]
CHUNKING: fix non-pipelined synch checks.  Bug 2004

7 years agoPROXY: fix v2 protocol decode. Bugs 2003, 1747
Jeremy Harris [Mon, 2 Jan 2017 17:20:26 +0000 (17:20 +0000)]
PROXY: fix v2 protocol decode.  Bugs 2003, 1747

7 years agowip: OpenSSL docs on custom install
Phil Pennock [Mon, 2 Jan 2017 13:59:17 +0000 (08:59 -0500)]
wip: OpenSSL docs on custom install

To fix before merge: ability to use `$ORIGIN` in linker line via Exim
config file.

7 years agoDocs: fix smtp transport TFO option indexing
Jeremy Harris [Sun, 1 Jan 2017 13:21:39 +0000 (13:21 +0000)]
Docs: fix smtp transport TFO option indexing

7 years agoMerge remote-tracking branch 'github/pr/50'
Phil Pennock [Sun, 1 Jan 2017 04:22:22 +0000 (23:22 -0500)]
Merge remote-tracking branch 'github/pr/50'

GitHub user @YmrDtnJu "Björn" provided a patch to fix that we called
ldap_start_tls_s on ldapi:// connections.

This is obviously a correct change, since above we've avoiding
initializing the TLS state if using ldapi.

Added documentation noting this behaviour.

7 years agoDKIM: Under debug, when signing do an extra check on the dns record that will be
Jeremy Harris [Sat, 31 Dec 2016 15:24:38 +0000 (15:24 +0000)]
DKIM: Under debug, when signing do an extra check on the dns record that will be
used for verification.  Bug 1926

7 years agoDo not call ldap_start_tls_s on ldapi:// connections.
YmrDtnJu [Sat, 31 Dec 2016 12:57:49 +0000 (13:57 +0100)]
Do not call ldap_start_tls_s on ldapi:// connections.

The code already skips the initialisation of TLS on LDAP connections over unix
sockets but the call to ldap_start_tls_s is done nonetheless.

7 years agoDocs: Add .new/wen marker for relative includes (Bug 1971)
Heiko Schlittermann (HS12-RIPE) [Fri, 30 Dec 2016 13:05:08 +0000 (14:05 +0100)]
Docs: Add .new/wen marker for relative includes (Bug 1971)

7 years agoTidy and add \0 after string_append() for relative .includes
Heiko Schlittermann (HS12-RIPE) [Fri, 30 Dec 2016 11:35:47 +0000 (12:35 +0100)]
Tidy and add \0 after string_append() for relative .includes

7 years agotidying
Jeremy Harris [Tue, 8 Nov 2016 22:41:42 +0000 (22:41 +0000)]
tidying

7 years agoDocs: typoes
Jeremy Harris [Mon, 26 Dec 2016 18:05:38 +0000 (18:05 +0000)]
Docs: typoes

7 years agoI18N: avoid trying to downconvert all-ascii domain names.
Jeremy Harris [Thu, 29 Dec 2016 15:55:45 +0000 (15:55 +0000)]
I18N: avoid trying to downconvert all-ascii domain names.

With the IDNA-2008 handling downconversion results in lowercasing;
so avoid doing that if possible.

7 years agoTestsuite: use custom-munge for dsn-info in 4510
Jeremy Harris [Wed, 28 Dec 2016 21:15:49 +0000 (21:15 +0000)]
Testsuite: use custom-munge for dsn-info in 4510

Broken-by: 87cb4a166c47
7 years agoAllow relative file names in .include lines (Closes 1971)
Heiko Schlittermann (HS12-RIPE) [Fri, 9 Dec 2016 23:15:47 +0000 (23:15 +0000)]
Allow relative file names in .include lines (Closes 1971)