Jeremy Harris [Thu, 11 Jun 2020 19:45:05 +0000 (20:45 +0100)]
TLS: use RFC 6125 rules for certifucate name checks when CNAMES are present. Bug 2594
(cherry picked from commit
0851a3bbf4667081d47f5d85b6b3a5cb33cbdba6)
Jeremy Harris [Mon, 8 Jun 2020 12:00:55 +0000 (13:00 +0100)]
Filters: fix "vacation" in Exim filter. Bug 2593
Broken-by: cfb9cf20cb (4.90)
(cherry picked from commit
59eee1bc902f106d20f507ba16f37cb8ab5a5e8d)
Jeremy Harris [Thu, 4 Jun 2020 14:28:15 +0000 (15:28 +0100)]
Fix -bi. Bug 2590
Actual fix from pierre.labastie@neuf.fr ; additional coding and testcase bu jgh
Broken-by: bdcc6f2bd5
(Cherry-picked from:
0e0e171628)
Jeremy Harris [Wed, 3 Jun 2020 10:40:17 +0000 (11:40 +0100)]
Taint: fix multiple ACL actions to properly manage tainted argument data
(cherry picked from commit
12b7f811de4a540d0724585aecfa33b5881e2a30)
Jeremy Harris [Tue, 2 Jun 2020 15:34:42 +0000 (16:34 +0100)]
Docs: typoes
Cherry-picked from:
1195f8f2a4
Jeremy Harris [Tue, 2 Jun 2020 14:39:27 +0000 (15:39 +0100)]
Docs: fix layout
(cherry picked from commit
7090df68161b4ed1c86e5adde7800d9049c47433)
Patrick Boutilier [Tue, 2 Jun 2020 14:16:10 +0000 (15:16 +0100)]
Docs: fix mistaken variable name
(cherry picked from commit
eb55cb1d2c5552209e24345e9d21f83ec1eaccf6)
Jeremy Harris [Tue, 2 Jun 2020 14:03:36 +0000 (15:03 +0100)]
Taint: fix listcount expansion operator. Bug 2586
(cherry picked from commit
44644c2e404a3ea0191db0b0458e86924fb240bb)
Jeremy Harris [Tue, 2 Jun 2020 13:50:31 +0000 (14:50 +0100)]
Taint: fix pam expansion condition. Bug 2587
(cherry picked from commit
f7f933a199be8bb7362c715e0040545b514cddca)
Jeremy Harris [Tue, 2 Jun 2020 12:35:06 +0000 (13:35 +0100)]
Docs: ${listitem }
(cherry picked from commit
29f5141e7cb1ee65369d8e49250134edc4e6120a)
Jeremy Harris [Sat, 30 May 2020 20:35:38 +0000 (21:35 +0100)]
Testsuite: munge for Postgres version
Jeremy Harris [Sat, 30 May 2020 20:05:25 +0000 (21:05 +0100)]
Testsuite: MySQL: use password on account used for test access
Forced on us by security tightning in Mariadb 10.4
Heiko Schlittermann (HS12-RIPE) [Tue, 26 May 2020 10:28:43 +0000 (12:28 +0200)]
Make def:<var> compatible between "static" and "dynamic" vars.
Some variables are simple pointers to internal memory (e.g.
vtype_stringptr), other variables are dynamically filled with content
(e.g. vtype_string_func).
The static variables contain "" if they're not defined yet.
At least on dynamic variable (recipients, backed by fn_recipients())
returned NULL instead of "", which lead to unexpected results on
def:recipients.
To keep the functions usable in places where it makes sense to return
NULL and "" as distinct values, I didn't touch the functions, but the
evaluation logic in find_variable().
Jeremy Harris [Mon, 25 May 2020 11:41:20 +0000 (12:41 +0100)]
Testsuite: avoid fail on non-TLS bulid
Jeremy Harris [Mon, 25 May 2020 10:38:25 +0000 (11:38 +0100)]
Fix listquote expansion item to handle empty-string input
Heiko Schlittermann (HS12-RIPE) [Sun, 24 May 2020 20:53:01 +0000 (22:53 +0200)]
EDITME: Shorten the explanation of <osname> and <build>
Jeremy Harris [Sun, 24 May 2020 18:17:59 +0000 (19:17 +0100)]
Docs: SPF options
Heiko Schlittermann (HS12-RIPE) [Sat, 23 May 2020 13:50:23 +0000 (15:50 +0200)]
Doc: Clarify variables for spf_smtp_comment_template
Heiko Schlittermann (HS12-RIPE) [Fri, 22 May 2020 15:32:33 +0000 (17:32 +0200)]
SPF: Add main config option "spf_smtp_comment_template
Heiko Schlittermann (HS12-RIPE) [Mon, 18 May 2020 20:40:24 +0000 (22:40 +0200)]
SPF: Remove the parameters of the broken explanation link
The complete www.open-spf.org is a static copy of the formerly working
openspf.org page. The explanation form doesn't work anymore.
Jeremy Harris [Wed, 20 May 2020 21:14:59 +0000 (22:14 +0100)]
OpenSSL: clear error stack before avery I/O operation
Jeremy Harris [Tue, 19 May 2020 00:14:55 +0000 (01:14 +0100)]
Docs: remove reduundant transport configu lines
Jeremy Harris [Sat, 16 May 2020 18:38:59 +0000 (19:38 +0100)]
Docs: options on lookups
Jeremy Harris [Sat, 16 May 2020 15:36:08 +0000 (16:36 +0100)]
Log additional command-history on too-many-syntax-errors
Jeremy Harris [Sat, 16 May 2020 12:27:43 +0000 (13:27 +0100)]
Docs: DMARC options
Andreas Metzler [Sat, 16 May 2020 12:02:17 +0000 (13:02 +0100)]
Docs: another mention of $local_part_verified
Broken-by: d8024efa36
Jeremy Harris [Fri, 15 May 2020 13:15:10 +0000 (14:15 +0100)]
Add debug for lookup ret=key
Jeremy Harris [Wed, 13 May 2020 11:15:57 +0000 (12:15 +0100)]
Debug: quieten DSN
Jeremy Harris [Tue, 12 May 2020 23:58:32 +0000 (00:58 +0100)]
Fix over-long line in DSN
Jeremy Harris [Tue, 12 May 2020 21:20:24 +0000 (22:20 +0100)]
Docs: set message after conditions in ACL verb wherever possible
= Fabian Groffen [Sat, 9 May 2020 14:06:06 +0000 (15:06 +0100)]
Fix build with Radius auth expansion condition support. Bug 2572
Jeremy Harris [Sat, 9 May 2020 14:04:17 +0000 (15:04 +0100)]
Performance: workaround Linux kernel bug
Jeremy Harris [Fri, 8 May 2020 10:47:43 +0000 (11:47 +0100)]
Docs: tweaks
Jeremy Harris [Thu, 7 May 2020 18:02:09 +0000 (19:02 +0100)]
Testsuite: unbreak testcase
Broken-by: 0006e6d8e1
Jeremy Harris [Thu, 7 May 2020 15:38:04 +0000 (16:38 +0100)]
Lookups: ret=key option
Jeremy Harris [Thu, 7 May 2020 13:11:49 +0000 (14:11 +0100)]
I18N: change default on smtp transport, to downconvert-when-needed
Jeremy Harris [Thu, 7 May 2020 12:01:18 +0000 (13:01 +0100)]
Docs: clarify downconversion of internationalized addresses
Jeremy Harris [Thu, 7 May 2020 10:37:48 +0000 (11:37 +0100)]
Docs: ESMTP extensions indexing
Jeremy Harris [Wed, 6 May 2020 21:31:25 +0000 (22:31 +0100)]
Rework SPA fix to avoid overflows. Bug 2571
Amends:
57aa14b216
Jeremy Harris [Wed, 6 May 2020 18:55:17 +0000 (19:55 +0100)]
Numeric variable returns
Jeremy Harris [Wed, 6 May 2020 14:19:24 +0000 (15:19 +0100)]
testcases for value return
Jeremy Harris [Wed, 6 May 2020 13:04:44 +0000 (14:04 +0100)]
docs & more debug
Jeremy Harris [Wed, 6 May 2020 10:56:16 +0000 (11:56 +0100)]
value return
Jeremy Harris [Tue, 5 May 2020 13:22:45 +0000 (14:22 +0100)]
wip - see failed-summary.log.list_match_value. Pretty much ok.
tofo: testcases, docs
Jeremy Harris [Tue, 5 May 2020 20:02:14 +0000 (21:02 +0100)]
Fix SPA authenticator, checking client-supplied data before using it. Bug 2571
Jeremy Harris [Tue, 5 May 2020 18:37:00 +0000 (19:37 +0100)]
tidying
Jeremy Harris [Tue, 5 May 2020 17:47:29 +0000 (18:47 +0100)]
Ensure lookup-result variables are dropped between messages on a connection
Jeremy Harris [Tue, 5 May 2020 14:50:26 +0000 (15:50 +0100)]
Testsuite: output changes resulting
Broken-by: d8024efa36
Jeremy Harris [Tue, 5 May 2020 14:36:57 +0000 (15:36 +0100)]
Docs: tweaks
Jeremy Harris [Mon, 4 May 2020 21:38:08 +0000 (22:38 +0100)]
Consolidate $local_part_verified into $local_part_data
This removes the former; the latter having been around since before the last
release. The router check_local_user option now writes the latter
and -verified no longer exists.
Jeremy Harris [Mon, 4 May 2020 21:12:52 +0000 (22:12 +0100)]
Docs: local-part affix variables
Jeremy Harris [Mon, 4 May 2020 20:33:59 +0000 (21:33 +0100)]
Taint: When a non-wildcarded localpart affix is matched in a router,
make affix variables untainted
Jeremy Harris [Mon, 4 May 2020 15:10:57 +0000 (16:10 +0100)]
Make {bounce,warn}_message_file expanded. Bug 2522
Jeremy Harris [Mon, 4 May 2020 11:25:23 +0000 (12:25 +0100)]
Testsuite: bounce_message_file and warn_message_file
Luca Ceresoli [Sun, 3 May 2020 15:54:28 +0000 (16:54 +0100)]
Build: fix parallelism problem. Bug 2566
Jeremy Harris [Sat, 2 May 2020 20:09:38 +0000 (21:09 +0100)]
Fix build on platforms not supporting sockopt SO_PROTOCOL
Broken-by: a8e46b3b71
Andreas Metzler [Sat, 2 May 2020 18:08:55 +0000 (19:08 +0100)]
Docs: fix mention of (the nonexistent) $domain_verified. Bug 2567
Broken-by: 163144aab0
Jeremy Harris [Sat, 2 May 2020 13:22:31 +0000 (14:22 +0100)]
Debug: socket details
Jeremy Harris [Fri, 1 May 2020 20:15:12 +0000 (21:15 +0100)]
Testsuite: tidying
Jeremy Harris [Fri, 1 May 2020 13:18:55 +0000 (14:18 +0100)]
Docs: fix more uses of $local_part in examples
Jeremy Harris [Fri, 1 May 2020 11:47:25 +0000 (12:47 +0100)]
Testsuite: handle RC tagging convention
Jeremy Harris [Fri, 1 May 2020 10:42:35 +0000 (11:42 +0100)]
Fix $local_part_verified for remote-delivery routing following local. Bug 2565
Andreas Metzler [Fri, 1 May 2020 08:28:30 +0000 (09:28 +0100)]
Docs: use verified version of local_part variable in router require_files example
Jeremy Harris [Thu, 30 Apr 2020 12:08:07 +0000 (13:08 +0100)]
Copyright updates:
vi $(git log --name-status exim-4.93..master | awk '/^M/{print $2}' | grep -v '^test/' | sort -u)
Jeremy Harris [Mon, 27 Apr 2020 17:56:08 +0000 (18:56 +0100)]
Testsuite: output changes resulting
Broken-by: 26831938fd
Jeremy Harris [Sun, 26 Apr 2020 20:40:43 +0000 (21:40 +0100)]
tidying
Jeremy Harris [Sun, 26 Apr 2020 19:58:44 +0000 (20:58 +0100)]
Bump buffer size for exiwhat info lines
Jeremy Harris [Sun, 26 Apr 2020 19:57:26 +0000 (20:57 +0100)]
Fix reporting of 2-phase queue-runner daemon, in daemon start log line and in exiwhat
Jeremy Harris [Sat, 25 Apr 2020 19:50:07 +0000 (20:50 +0100)]
DKIM: dkim_verify_min_keysizes option
Jeremy Harris [Sat, 25 Apr 2020 20:03:51 +0000 (21:03 +0100)]
DKIM: fix $dkim_key_length in verify
Jeremy Harris [Thu, 23 Apr 2020 16:13:27 +0000 (17:13 +0100)]
Logging: bump limit on initial-connect synch-error log line
Jeremy Harris [Wed, 22 Apr 2020 21:03:09 +0000 (22:03 +0100)]
Debug: internal consistency under testsuite
Jeremy Harris [Wed, 22 Apr 2020 20:05:55 +0000 (21:05 +0100)]
Testsuite: more tidying for Alpine
Jeremy Harris [Sat, 18 Apr 2020 14:36:54 +0000 (15:36 +0100)]
readsocket expansion: response caching
Jeremy Harris [Tue, 21 Apr 2020 22:21:24 +0000 (23:21 +0100)]
tidying
Jeremy Harris [Tue, 21 Apr 2020 22:17:53 +0000 (23:17 +0100)]
Testsuite: use name for nonexistent host that the testsuite forces to not-resolve
Avoids going to the plaform resolver, which can have varying behaviour
Phil Pennock [Tue, 21 Apr 2020 22:59:15 +0000 (18:59 -0400)]
stop-gap: doc glibc 2.31 RES_TRUSTAD/trust-ad
In glibc from release 2.31 onwards (change added in their commit
446997ff14) setting `dns_dnssec_ok` will not be sufficient. glibc has
added a new `options trust-ad` toggle for `/etc/resolv.conf` and a C
macro `RES_TRUSTAD`.
This will break existing deployments and binaries.
Our current mechanism for enabling DNSSEC is with an option named to
closely match the DNS feature required, so it is probably inappropriate
to tinker with a second option there. Instead we probably need a new
meta-option for the concept of DNSSEC, add the second new flag there,
and move `dns_dnssec_ok` to a legacy deprecated option.
That will only work if the machine Exim is built on has the new C macro,
but will need to be conditional upon that macro being defined, so
binaries built aren't going to be forward-compatible to other systems
with newer glibc. There is no good solution to solve this.
In the meantime, document the issue and point administrators at how to
work around the issue with a setting in `/etc/resolv.conf`
Thanks to Viktor Dukhovni for highlighting the existence of this
problem.
Heiko Schlichting [Mon, 20 Apr 2020 21:21:35 +0000 (22:21 +0100)]
Docs: fix mention of deprecated variables. Bug 2534
Erik Lax [Mon, 20 Apr 2020 20:34:33 +0000 (21:34 +0100)]
Fix spool space check to account for SIZE. Bug 2552
Jeremy Harris [Mon, 20 Apr 2020 10:30:28 +0000 (11:30 +0100)]
OpenSSL: fix bulid on older library versions
Broken-by: a89b6bd32a
Jeremy Harris [Sun, 19 Apr 2020 20:18:21 +0000 (21:18 +0100)]
Events: Fix msg:defer event for the hosts_max_try_hardlimit case. Bug 2554
Jeremy Harris [Sun, 19 Apr 2020 10:32:57 +0000 (11:32 +0100)]
OpenSSL: More info on accept "version too low"
Jeremy Harris [Tue, 14 Apr 2020 20:51:51 +0000 (21:51 +0100)]
Early-pipe: invalidate cache on a failure of required-auth
Jeremy Harris [Mon, 13 Apr 2020 12:17:51 +0000 (13:17 +0100)]
Testsuite: munge for platform variances
Jeremy Harris [Sun, 12 Apr 2020 21:24:21 +0000 (22:24 +0100)]
Better fix for crash
Broken-by: 0b4dfe7aa1
Jeremy Harris [Sun, 12 Apr 2020 15:48:10 +0000 (16:48 +0100)]
OpenSSL: More info on accept "unsupported protocol"
Jeremy Harris [Sun, 12 Apr 2020 16:47:27 +0000 (17:47 +0100)]
Taint: fix parsing of ACL ratelimit condition
Jeremy Harris [Sat, 11 Apr 2020 18:12:57 +0000 (19:12 +0100)]
DKIM: Predefined macro for standard headers, oversigned
Jeremy Harris [Thu, 9 Apr 2020 13:45:31 +0000 (14:45 +0100)]
tidying
Jeremy Harris [Thu, 9 Apr 2020 13:39:03 +0000 (14:39 +0100)]
C99 initialisers
Jeremy Harris [Tue, 7 Apr 2020 18:41:31 +0000 (19:41 +0100)]
tidying
Jeremy Harris [Mon, 6 Apr 2020 19:15:47 +0000 (20:15 +0100)]
Fix crash
Broken-by: 0b4dfe7aa1
Jeremy Harris [Mon, 6 Apr 2020 15:20:35 +0000 (16:20 +0100)]
Expansion item ${listquote }. Bug 1066
Jeremy Harris [Sun, 5 Apr 2020 23:28:06 +0000 (00:28 +0100)]
MySQL, pgsql: per-query server options outside the lookup string. Bug 2546
Jeremy Harris [Sun, 5 Apr 2020 22:21:40 +0000 (23:21 +0100)]
Taint: check on supplied buffer vs. list when extracting elements
Jeremy Harris [Sat, 4 Apr 2020 20:27:30 +0000 (21:27 +0100)]
Avoid the long whats_supported line being mixed with output from other processes
Jeremy Harris [Sat, 4 Apr 2020 13:25:07 +0000 (14:25 +0100)]
tidying: skip_whitespace
Jeremy Harris [Fri, 3 Apr 2020 20:48:21 +0000 (21:48 +0100)]
Log fast-ramp queue-run trigger
Jeremy Harris [Fri, 3 Apr 2020 13:38:31 +0000 (14:38 +0100)]
dsearch: filter-matches option
Jeremy Harris [Fri, 3 Apr 2020 13:36:17 +0000 (14:36 +0100)]
dsearch: full-path return option