Heiko Schlittermann (HS12-RIPE) [Tue, 3 Mar 2020 07:06:22 +0000 (08:06 +0100)]
Revert "GnuTLS: remove GNUTLS_E_AGAIN handling"
This reverts commit
0b049796b89a59fc322119b54199d92c404ef687.
Thanks to Andreas Metzler for pointing me to:
https://gitlab.com/gnutls/gnutls/issues/644#note_123363338
Heiko Schlittermann (HS12-RIPE) [Mon, 2 Mar 2020 21:56:32 +0000 (22:56 +0100)]
GnuTLS: Do not care about corked data when uncorking
Heiko Schlittermann (HS12-RIPE) [Mon, 2 Mar 2020 21:44:13 +0000 (22:44 +0100)]
GnuTLS: remove GNUTLS_E_AGAIN handling
The AGAIN shouldn't happen, as we are using blocking sockets
Jeremy Harris [Sun, 1 Mar 2020 14:05:43 +0000 (14:05 +0000)]
Fix $mime_part_count for non-mime message on multi-message connection. Bug 2537
Jeremy Harris [Sat, 29 Feb 2020 18:18:46 +0000 (18:18 +0000)]
Testsuite: ignore differentce in libgsasl version
Jeremy Harris [Sat, 29 Feb 2020 16:30:35 +0000 (16:30 +0000)]
Add variables for wildcard portion of local-part affix. Bug 281
Heiko Schlittermann (HS12-RIPE) [Wed, 26 Feb 2020 22:44:31 +0000 (23:44 +0100)]
Testsuite: Move 2040 to 1101 (hanging pipelining connections)
While this was a bug using GnuTLS, the test is rather generic
and the expected behaviour does not depend on the TLS implementation.
Heiko Schlittermann (HS12-RIPE) [Wed, 26 Feb 2020 22:32:46 +0000 (23:32 +0100)]
Testsuite: build a generic tls enabled client: client-anytls
Jeremy Harris [Wed, 26 Feb 2020 10:54:56 +0000 (10:54 +0000)]
Fix ${tr } expansion item. Bug 2533
Broken-by: acec9514b1
Arne Wörner [Mon, 24 Feb 2020 17:07:22 +0000 (17:07 +0000)]
Fix timestamp outputs for TAI timezone. Bug 2530
Jeremy Harris [Sun, 23 Feb 2020 22:35:22 +0000 (22:35 +0000)]
GnuTLS: avoid hang in older library, in selfsigned-cert creation
Jeremy Harris [Sun, 23 Feb 2020 17:36:52 +0000 (17:36 +0000)]
Replace "Try to fix Solaris build" with compatibility compiler flags
This reverts commit
b11989b8d73c17ccb70e22ca7e8a13540ecca73d.
Jeremy Harris [Sun, 23 Feb 2020 17:08:42 +0000 (17:08 +0000)]
Try to fix Solaris build
Jeremy Harris [Sat, 22 Feb 2020 18:49:30 +0000 (18:49 +0000)]
When counting queue, avoid building & sorting list of names
This is worth maybe 30% time of a 10^5-sized queue
Jeremy Harris [Sat, 22 Feb 2020 17:31:33 +0000 (17:31 +0000)]
Handle non-response from daemon for $queue_size
Jeremy Harris [Sat, 22 Feb 2020 17:11:05 +0000 (17:11 +0000)]
Unix socket creds: FreeBSD needs level 0 not SOL_SOCKET
Jeremy Harris [Sat, 22 Feb 2020 15:54:27 +0000 (15:54 +0000)]
Unix socket struct naming: avoid "sun" due to conflict on Solaris
Jeremy Harris [Thu, 20 Feb 2020 14:39:14 +0000 (14:39 +0000)]
Allow for platforms not support abstract naming for Unix sockets
Jeremy Harris [Wed, 19 Feb 2020 17:00:23 +0000 (17:00 +0000)]
Unix socket creds sockopt for BSD-ish platforms
Jeremy Harris [Wed, 19 Feb 2020 13:54:59 +0000 (13:54 +0000)]
Unix socket creds definitions for BSD-ish platforms
Heiko Schlittermann (HS12-RIPE) [Tue, 18 Feb 2020 17:59:49 +0000 (18:59 +0100)]
GnuTLS: tls_write(): wait after uncorking the session
Heiko Schlittermann (HS12-RIPE) [Wed, 12 Feb 2020 22:39:32 +0000 (23:39 +0100)]
GnuTLS: Tweak debug output
Heiko Schlittermann (HS12-RIPE) [Wed, 12 Feb 2020 22:41:03 +0000 (23:41 +0100)]
GnuTLS: Clarify the use of SSLKEYFILE
Jeremy Harris [Sat, 10 Jan 2015 21:39:44 +0000 (21:39 +0000)]
Add queue_size variable. Bug 1406
Jeremy Harris [Tue, 18 Feb 2020 16:47:56 +0000 (16:47 +0000)]
Move notifier socket to general availability
Jeremy Harris [Tue, 18 Feb 2020 16:26:51 +0000 (16:26 +0000)]
Docs: clarify DKIM key generation
Heiko Schlittermann (HS12-RIPE) [Fri, 14 Feb 2020 10:20:39 +0000 (11:20 +0100)]
Testsuite: add test for hanging callout connections
Fixed in
bd95ffc2ba87fbd3c752df17bc8fd9c01586d45a
Jeremy Harris [Tue, 18 Feb 2020 11:30:57 +0000 (11:30 +0000)]
Overlapped twophase-queue-run and delivery. Experimental.
Jeremy Harris [Sun, 16 Feb 2020 21:03:46 +0000 (21:03 +0000)]
Fix continued-connection SIZE parameter on MAIL commmand. Bug 2525
Jeremy Harris [Sat, 15 Feb 2020 20:56:14 +0000 (20:56 +0000)]
tidying
Jeremy Harris [Fri, 14 Feb 2020 13:50:14 +0000 (13:50 +0000)]
Docs: ETRN default command
Jeremy Harris [Thu, 13 Feb 2020 16:45:38 +0000 (16:45 +0000)]
GnuTLS: fix hanging callout connections
Broken-by: 925ac8e4f1
Jeremy Harris [Thu, 13 Feb 2020 13:43:45 +0000 (13:43 +0000)]
Auths: fix cyrus-sasl driver for gssapi use. Bug 2524
Broken-by: c0fb53b74e
Jeremy Harris [Wed, 12 Feb 2020 14:45:05 +0000 (14:45 +0000)]
GnuTLS: tweak debug output
Jeremy Harris [Wed, 12 Feb 2020 12:17:34 +0000 (12:17 +0000)]
tidying
Jeremy Harris [Tue, 4 Feb 2020 14:32:17 +0000 (14:32 +0000)]
ACL: Fix parsing of control=queue_only
Broken-by: 9438970c97
Jeremy Harris [Tue, 4 Feb 2020 11:27:12 +0000 (11:27 +0000)]
Docs: tweak local_scan chapter
Jeremy Harris [Mon, 3 Feb 2020 18:12:36 +0000 (18:12 +0000)]
Incompatibility warning
Jeremy Harris [Mon, 3 Feb 2020 15:30:43 +0000 (15:30 +0000)]
Testsuite: headers_remove globbing. Bug 159
Peder Stray [Mon, 3 Feb 2020 14:35:03 +0000 (14:35 +0000)]
Support tail-glob in headers_remove. Bug 159
Jeremy Harris [Mon, 3 Feb 2020 14:21:00 +0000 (14:21 +0000)]
Avoid needless arg on queue-runner exec
Jeremy Harris [Mon, 3 Feb 2020 14:19:20 +0000 (14:19 +0000)]
Local_scan: more guards in included files
Jeremy Harris [Wed, 29 Jan 2020 13:30:24 +0000 (13:30 +0000)]
Two-phase queue run perf: parallel processes for phase one
Jeremy Harris [Tue, 28 Jan 2020 22:40:57 +0000 (22:40 +0000)]
Taint: mmap no longer needed
Jeremy Harris [Tue, 28 Jan 2020 21:10:17 +0000 (21:10 +0000)]
Taint: slow-mode checking only
Jeremy Harris [Sun, 26 Jan 2020 20:28:36 +0000 (20:28 +0000)]
Taint: fix hybrid-mode transition
Jeremy Harris [Sun, 26 Jan 2020 19:44:07 +0000 (19:44 +0000)]
tidying
Jeremy Harris [Sun, 26 Jan 2020 20:54:07 +0000 (20:54 +0000)]
Docs: tidy authentication indexing
Jeremy Harris [Sun, 26 Jan 2020 20:46:19 +0000 (20:46 +0000)]
Docs: better indexing for named-queues
Jeremy Harris [Sun, 26 Jan 2020 17:43:10 +0000 (17:43 +0000)]
Docs: fix validation
Broken-by: 9438970c97
Jeremy Harris [Sun, 26 Jan 2020 14:02:31 +0000 (14:02 +0000)]
ACL: control = queue/first_pass_route
Jeremy Harris [Fri, 24 Jan 2020 20:00:43 +0000 (20:00 +0000)]
tidying
Brian Foley [Sat, 25 Jan 2020 15:27:49 +0000 (15:27 +0000)]
TFO: even in binary built for modern Linux, handle error returned by old Linux kernel. Bug 2518
Jeremy Harris [Fri, 24 Jan 2020 19:29:21 +0000 (19:29 +0000)]
Testsuite: change port used for identd test
Jeremy Harris [Fri, 24 Jan 2020 13:17:03 +0000 (13:17 +0000)]
Docs: fix layout
Arkadiusz Miśkiewicz [Thu, 23 Jan 2020 07:51:01 +0000 (08:51 +0100)]
Add support for zstd compressed .zst files (Bug 2515)
Jeremy Harris [Thu, 23 Jan 2020 15:29:31 +0000 (15:29 +0000)]
Dovecot auth: inet socket. Bug 2280
Jeremy Harris [Wed, 22 Jan 2020 17:06:48 +0000 (17:06 +0000)]
Testsuite: Solaris munge
Jeremy Harris [Wed, 22 Jan 2020 14:08:10 +0000 (14:08 +0000)]
Compiler quietening: initialisers
Jeremy Harris [Wed, 22 Jan 2020 11:27:34 +0000 (11:27 +0000)]
Avoid Solaris compiler issue
Jeremy Harris [Tue, 21 Jan 2020 20:05:49 +0000 (20:05 +0000)]
Build: try another dummy for Solaris 10 compile
Jeremy Harris [Tue, 21 Jan 2020 16:47:56 +0000 (16:47 +0000)]
Use dedicated union member for option offsets
Jeremy Harris [Tue, 21 Jan 2020 00:44:47 +0000 (00:44 +0000)]
Compiler quietening: C fn ptrs are officially not intercastable with object pointers
and the Solaris 11 compiler warned on this. Use a union instead
Jeremy Harris [Mon, 20 Jan 2020 23:30:26 +0000 (23:30 +0000)]
Fix build on Solaris 11
Compiler is picky about pointer signedness
Jeremy Harris [Sun, 19 Jan 2020 17:22:58 +0000 (17:22 +0000)]
Support "hide" on named-list definition lines
Phil Pennock [Fri, 17 Jan 2020 15:40:51 +0000 (10:40 -0500)]
Update openssl_options values to 1.1.1c
Not compiled, but heavily inspected and double-checked sorting.
Jeremy Harris [Thu, 16 Jan 2020 22:51:53 +0000 (22:51 +0000)]
Fix taint hybrid-checking on BSD
Jeremy Harris [Thu, 16 Jan 2020 14:12:56 +0000 (14:12 +0000)]
Taint: hybrid checking mode
Jeremy Harris [Wed, 15 Jan 2020 16:57:49 +0000 (16:57 +0000)]
typo
Jeremy Harris [Wed, 15 Jan 2020 14:22:42 +0000 (14:22 +0000)]
gsasl authenticator: support crypted secrets, server side
Jeremy Harris [Thu, 24 Oct 2019 09:03:19 +0000 (10:03 +0100)]
tidying
Jeremy Harris [Tue, 14 Jan 2020 17:48:57 +0000 (17:48 +0000)]
heimdal auth: fix the increase of big_buffer size. Bug 2501
Jeremy Harris [Sun, 12 Jan 2020 14:52:00 +0000 (14:52 +0000)]
string handling: strlen for gstring
Jeremy Harris [Sun, 12 Jan 2020 00:14:27 +0000 (00:14 +0000)]
Testsuite: taint-enforcement issues
Jeremy Harris [Sat, 11 Jan 2020 23:07:53 +0000 (23:07 +0000)]
Fix build with DRWEB malware scanner
Broken-by: 9e21ce8fc4
Phil Pennock [Sat, 11 Jan 2020 23:51:28 +0000 (18:51 -0500)]
Warn updating folks to use $local_part_verified
This tainting change to appendfile seems likely to cause pain, breaking
previously working configurations. Note it in README.UPDATING.
Jeremy Harris [Sat, 11 Jan 2020 21:52:24 +0000 (21:52 +0000)]
taint enforce: file access backstops
Jeremy Harris [Sat, 11 Jan 2020 21:51:42 +0000 (21:51 +0000)]
ACL: taint-enforce queue modifier
Jeremy Harris [Sat, 11 Jan 2020 21:50:58 +0000 (21:50 +0000)]
autoreply transport: taint-enfoce options
Jeremy Harris [Sat, 11 Jan 2020 21:50:05 +0000 (21:50 +0000)]
taint-enforce DB filenames
Jeremy Harris [Sat, 11 Jan 2020 21:49:10 +0000 (21:49 +0000)]
redirect router: taint-enforce filenames
Jeremy Harris [Sat, 11 Jan 2020 21:48:25 +0000 (21:48 +0000)]
pipe transport: taint-enforce command
Jeremy Harris [Sat, 11 Jan 2020 21:46:43 +0000 (21:46 +0000)]
appendfile: taint-enforce file & directory options
testsuite: bless facility
Jeremy Harris [Sat, 11 Jan 2020 20:50:47 +0000 (20:50 +0000)]
appendfile: refactor
Jeremy Harris [Sat, 11 Jan 2020 20:49:48 +0000 (20:49 +0000)]
appendfile: tidying
Jeremy Harris [Sat, 11 Jan 2020 20:48:38 +0000 (20:48 +0000)]
tidying: CCSS macro
Jeremy Harris [Sat, 11 Jan 2020 18:07:10 +0000 (18:07 +0000)]
$local_part_verified
Jeremy Harris [Fri, 10 Jan 2020 12:07:19 +0000 (12:07 +0000)]
Docs: add explicit warnings for some variables likely tainted
Arkadiusz Miskiewicz [Wed, 8 Jan 2020 16:43:46 +0000 (16:43 +0000)]
Fix error logging for dynamically-loaded modules. Bug 2507
Jeremy Harris [Wed, 8 Jan 2020 13:51:42 +0000 (13:51 +0000)]
Docs: warn against using $local_part directly in delivery
Jeremy Harris [Wed, 8 Jan 2020 11:31:03 +0000 (11:31 +0000)]
Add debug for content of file tainted due to faile name taint
Jeremy Harris [Wed, 8 Jan 2020 10:49:31 +0000 (10:49 +0000)]
Fix error logging for dynamically-loaded modules. Bug 2507
Jeremy Harris [Wed, 8 Jan 2020 10:36:40 +0000 (10:36 +0000)]
coding standards
Wolfgang Breyha [Tue, 7 Jan 2020 13:31:20 +0000 (13:31 +0000)]
SPF: switch to NO_DATA for SPF-rr lookups. Bug 1294
Wolfgang Breyha [Thu, 2 Jan 2020 13:27:25 +0000 (13:27 +0000)]
SPF: shortcircuit SPF RR lookups. Bug 1294
Wolfgang Breyha [Tue, 7 Jan 2020 13:03:18 +0000 (13:03 +0000)]
SPF: fix result for case of only non-spf TXT RRs. Bug 2499
Samuel Thibault [Mon, 6 Jan 2020 13:46:54 +0000 (13:46 +0000)]
Hurd: account for setgroups() being callable unprivileged
Jeremy Harris [Sat, 4 Jan 2020 19:49:54 +0000 (19:49 +0000)]
SPF: additional debug
Wolfgang Breyha [Thu, 2 Jan 2020 13:16:52 +0000 (13:16 +0000)]
SPF: handle DNS NO_DATA return. Bug 2499
Jeremy Harris [Wed, 1 Jan 2020 15:19:52 +0000 (15:19 +0000)]
GSASL: provide $autnN for scram option expansions