Heiko Schlittermann (HS12-RIPE) [Tue, 1 Mar 2016 23:14:28 +0000 (00:14 +0100)]
Make qsort() in readconf.c more portable
Heiko Schlittermann (HS12-RIPE) [Tue, 1 Mar 2016 20:11:42 +0000 (21:11 +0100)]
Make environment.c more portable
Heiko Schlittermann (HS12-RIPE) [Wed, 24 Feb 2016 22:59:26 +0000 (23:59 +0100)]
Release: fix release script
- accept minor version number
- allow to skip the build-of-documentation step
- allow release of "any" version from anywhere
- avoid calling "old" reversion scripts, create version.sh
Heiko Schlittermann (HS12-RIPE) [Thu, 28 Jan 2016 21:20:33 +0000 (22:20 +0100)]
Fix CVE-2016-1531
Add keep_environment, add_environment.
Change the working directory to "/" during the early startup
phase.
(cherry picked from commit
2b92b67bfc33efe05e6ff2ea3852731ac2273832)
(cherry picked from commit
14b82c8b736c8ed24eda144f57703cb9feac6323)
(cherry picked from commit
9ca92d0c6e9c6f161bd8111366c6952d3a9315e2)
(cherry picked from commit
0020c6d9ecfd98ed7b2b337ed4f898fdc409784b)
(cherry picked from commit
e8f96966360ea8867ad6a8b5affda6c37fa4958c)
(cherry picked from commit
ef6fb807c1e1a665f444f644c60c77269f7c5209)
Jeremy Harris [Thu, 18 Feb 2016 14:20:43 +0000 (14:20 +0000)]
Docs: clarify unit of S= log line element
Jeremy Harris [Mon, 15 Feb 2016 18:03:04 +0000 (18:03 +0000)]
Compiler quietening
Jeremy Harris [Sun, 14 Feb 2016 23:04:08 +0000 (23:04 +0000)]
Malware: fix error logged on a scanner connect fail. Bug 1796
Jeremy Harris [Mon, 8 Feb 2016 22:43:54 +0000 (22:43 +0000)]
TLS: support build with OpenSSL 1.1.0 Bug 1771
Heiko Schlittermann (HS12-RIPE) [Wed, 10 Feb 2016 09:48:13 +0000 (10:48 +0100)]
Doc: correct minor typo
Jeremy Harris [Tue, 9 Feb 2016 23:27:59 +0000 (23:27 +0000)]
DKIM: fix selection of header for signing/verification given several. Bug 1792
Jeremy Harris [Sun, 7 Feb 2016 21:14:37 +0000 (21:14 +0000)]
DKIM: support oversigning. Bugs 1309, 1310
Jeremy Harris [Sun, 7 Feb 2016 12:12:19 +0000 (12:12 +0000)]
Testsuite: Support running exim under valgrind
Fails mostly thanks to lack of suid handling, but -be tests usable
if you retry after de-suid of eximdir/exim
Heiko Schlittermann (HS12-RIPE) [Mon, 8 Feb 2016 22:59:40 +0000 (23:59 +0100)]
Remove empty lines from .mailmap, fix root
Heiko Schlittermann (HS12-RIPE) [Mon, 8 Feb 2016 22:57:35 +0000 (23:57 +0100)]
Add .mailmap for git
Jeremy Harris [Sat, 6 Feb 2016 20:25:06 +0000 (20:25 +0000)]
Testsuite: avoid retry db issue after deliberate fail subtests
Jeremy Harris [Sat, 6 Feb 2016 19:58:36 +0000 (19:58 +0000)]
Testsuite: avoid assuming 127.0.0.2 is a viable sending address
Jeremy Harris [Sat, 6 Feb 2016 19:20:06 +0000 (19:20 +0000)]
Testsuite: allow for different data arrival in SMTP synch check
Jeremy Harris [Sat, 6 Feb 2016 16:24:37 +0000 (16:24 +0000)]
Testsuite: log some stderr output on bad exit-code in --CONTINUE mode
Jeremy Harris [Sat, 6 Feb 2016 16:22:00 +0000 (16:22 +0000)]
SRS: fix crash in queryprogram router when compiled with EXPERIMENTAL_SRS
Jeremy Harris [Fri, 5 Feb 2016 18:47:45 +0000 (18:47 +0000)]
TLS: Whine to log on client config of SNI under too-old OpenSSL version
Jeremy Harris [Fri, 5 Feb 2016 18:16:30 +0000 (18:16 +0000)]
Testsuite: enforce different exim/testuser group numbers
Jeremy Harris [Fri, 5 Feb 2016 17:37:43 +0000 (17:37 +0000)]
Testsuite: sort logs in cases where we do parallel deliveries
Jeremy Harris [Fri, 5 Feb 2016 16:58:22 +0000 (16:58 +0000)]
Fix EXPERIMENTAL_DMARC build
Broken-by: df3def24
Jeremy Harris [Fri, 5 Feb 2016 15:55:04 +0000 (15:55 +0000)]
Testsuite: nuke retry db after deliberate-fail subtests in ocsp testcase
Heiko Schlittermann (HS12-RIPE) [Thu, 4 Feb 2016 09:00:50 +0000 (10:00 +0100)]
Add backward compatibility for EXIM_TMPDIR
Alexander Tsoy [Tue, 2 Feb 2016 17:56:15 +0000 (20:56 +0300)]
Rename build-time option TMPDIR to EXIM_TMPDIR
Build-time option TMPDIR included in Makefile clashes with environment
variable of the same name. This breaks tools that make use of that
variable, such as distcc.
The following example demonstrates what's going on:
$ cat Makefile
TMPDIR="/tmp"
all:
env
$ export TMPDIR=test
$ make | grep ^TMPDIR
TMPDIR="/tmp"
distcc error (note the extra quotes):
ERROR: can't use TMPDIR ""/tmp"": No such file or directory
Jeremy Harris [Thu, 4 Feb 2016 19:08:56 +0000 (19:08 +0000)]
Testsuite: case should not depend on build-option
Heiko Schlittermann (HS12) [Thu, 4 Feb 2016 21:12:10 +0000 (22:12 +0100)]
Testsuite: (more) complete usage message for server
Jeremy Harris [Thu, 4 Feb 2016 19:02:52 +0000 (20:02 +0100)]
Use GCRYPT if GNUTLS isn't good enough
Jeremy Harris [Thu, 4 Feb 2016 14:51:31 +0000 (14:51 +0000)]
Testsuite: output library versions during startup
Jeremy Harris [Thu, 4 Feb 2016 10:30:54 +0000 (10:30 +0000)]
Docs: add note on costs of cutthrough delivery in local-rejection cases
Heiko Schlittermann (HS12-RIPE) [Wed, 3 Feb 2016 22:31:58 +0000 (23:31 +0100)]
Testsuite: 3454: debian8 flavour
Heiko Schlittermann (HS12-RIPE) [Wed, 3 Feb 2016 22:16:05 +0000 (23:16 +0100)]
Testsuite: 3450: debian8 flavour
Jeremy Harris [Tue, 2 Feb 2016 12:44:41 +0000 (12:44 +0000)]
Docs: note DKIM signing options in smtp transport chapter
Jeremy Harris [Mon, 1 Feb 2016 18:18:56 +0000 (18:18 +0000)]
DKIM: replace SHA and RSA routines from gnutls, under earlier library
versions, using libgcrypt and libtasn1 directly. Bug 1772
Heiko Schlittermann (HS12-RIPE) [Sun, 31 Jan 2016 18:21:47 +0000 (19:21 +0100)]
Keep options ordered alphabetical
Graeme Fowler [Sat, 30 Jan 2016 17:12:24 +0000 (17:12 +0000)]
GEF
20160130 Tiny corrections to Readme.pod
Graeme Fowler [Sat, 30 Jan 2016 12:29:58 +0000 (12:29 +0000)]
GEF
20160130 Changed date in header in test/README
Heiko Schlittermann (HS12-RIPE) [Thu, 28 Jan 2016 21:43:28 +0000 (22:43 +0100)]
Fix typo
Jeremy Harris [Thu, 28 Jan 2016 14:52:19 +0000 (14:52 +0000)]
Docs: clarify command string content in ${readsocket }
Heiko Schlittermann (HS12-RIPE) [Mon, 25 Jan 2016 11:52:07 +0000 (12:52 +0100)]
Fix typo on ChangeLog
Jeremy Harris [Fri, 22 Jan 2016 13:20:01 +0000 (13:20 +0000)]
Docs: clarify use of $dkim_selector variable
Jeremy Harris [Fri, 22 Jan 2016 13:17:34 +0000 (13:17 +0000)]
PDKIM: Fix use of private-keys having trailing '=' in the base-64. Bug 1781
Jeremy Harris [Thu, 21 Jan 2016 15:37:08 +0000 (15:37 +0000)]
Cutthrough: Fix bug with dot-only line
Jeremy Harris [Mon, 18 Jan 2016 16:54:45 +0000 (16:54 +0000)]
Testuite: tidying
Jeremy Harris [Mon, 18 Jan 2016 15:11:44 +0000 (15:11 +0000)]
Copyright dates 2014, 2015
via: vi $(git whatchanged --since=2014-12-31 --until=2016-01-01 | grep '^:100' | sed 's/^[^M]*M//' | grep -v 000000 | sort -u | fgrep -v test/)
(etc)
Jeremy Harris [Mon, 18 Jan 2016 14:34:07 +0000 (14:34 +0000)]
Change notes
Jeremy Harris [Sun, 17 Jan 2016 23:36:11 +0000 (23:36 +0000)]
Testsuite: bounce_return_linesize_limit. Bug 1760
Jeremy Harris [Sun, 17 Jan 2016 22:45:55 +0000 (22:45 +0000)]
Tidying
Jeremy Harris [Sun, 17 Jan 2016 22:44:46 +0000 (22:44 +0000)]
Testsuite: changes for VFRY update,
4f6ae5c314e5
Jeremy Harris [Sun, 17 Jan 2016 21:14:31 +0000 (21:14 +0000)]
Restrict line lengths in bounces. Bug 1760
Jeremy Harris [Sat, 16 Jan 2016 22:17:33 +0000 (22:17 +0000)]
VRFY: Permit an ACL to override the default 252 response, to support
verify-by-ACL instead of the more usual verify-by-routers. Bug 1769
Jeremy Harris [Sat, 16 Jan 2016 15:06:28 +0000 (15:06 +0000)]
Tidying
Jeremy Harris [Sat, 16 Jan 2016 19:54:57 +0000 (19:54 +0000)]
Tidying
Jeremy Harris [Sat, 16 Jan 2016 19:14:58 +0000 (19:14 +0000)]
Expansions: avoid releasing memory used for $value in ${run }
Jeremy Harris [Sat, 16 Jan 2016 18:04:55 +0000 (18:04 +0000)]
Testsuite: ignore optional OCSP output from -bP testcase
Jeremy Harris [Thu, 14 Jan 2016 22:08:56 +0000 (22:08 +0000)]
Expansions: more detail in error messages
Jeremy Harris [Thu, 14 Jan 2016 21:13:01 +0000 (21:13 +0000)]
OpenSSL: Default the SINGLE_DH_USE option flag set
Jeremy Harris [Tue, 12 Jan 2016 17:52:30 +0000 (17:52 +0000)]
Docs: add note on HELO rejections, and add requirment on good HELO in
the example configuration
Jeremy Harris [Mon, 11 Jan 2016 15:50:22 +0000 (15:50 +0000)]
Expansions: Fix crash in crypteq: On OpenBSD a bad second-arg
results in an error-return from crypt(). Errorcheck that return.
Jeremy Harris [Mon, 11 Jan 2016 14:25:02 +0000 (14:25 +0000)]
Testsuite: split out conf for -bP test and lose dependency on Proxy/Socks
Jeremy Harris [Mon, 11 Jan 2016 14:09:41 +0000 (14:09 +0000)]
DNS: fix crash in megahomed test case, on OpenBSD. Sanity-check
pointers when stepping through resolver returns, as the return
may have been truncated if it seemed oversize. Bug 1773
Jeremy Harris [Mon, 11 Jan 2016 13:49:59 +0000 (13:49 +0000)]
SOCKS: fix build on OpenBSD
Jeremy Harris [Mon, 11 Jan 2016 13:52:14 +0000 (13:52 +0000)]
DANE: fix build with LibreSSL
Jeremy Harris [Thu, 7 Jan 2016 20:47:13 +0000 (20:47 +0000)]
DKIM: reinstate embedded Polarssl SHA routines under older GnuTLS. Bug 1772
We need an incremental build of the hash, and GnuTLS did not expose the
required interfaces until version 2.10.0
Jeremy Harris [Wed, 6 Jan 2016 21:43:51 +0000 (21:43 +0000)]
Testsuite: allow time for retry-time expiry
Jeremy Harris [Wed, 6 Jan 2016 21:33:19 +0000 (21:33 +0000)]
Testsuite: ignore dane for -bP output
Jeremy Harris [Wed, 6 Jan 2016 20:31:44 +0000 (20:31 +0000)]
typo
Jeremy Harris [Wed, 6 Jan 2016 17:50:06 +0000 (17:50 +0000)]
DKIM: Remove embedded copy of PolarSSL and use OpenSSL/GnuTLS library.
Bug 1192
Jeremy Harris [Wed, 6 Jan 2016 12:25:16 +0000 (12:25 +0000)]
fix no-ssl build
Jeremy Harris [Tue, 5 Jan 2016 14:54:02 +0000 (14:54 +0000)]
DKIM: fix base64 decode to ignore whitespace; needed for private-key input
from file. Use this for general-purpose b64decode also.
Testsuite: DKIM signing testcase
Jeremy Harris [Wed, 30 Dec 2015 20:39:45 +0000 (20:39 +0000)]
Support certificates in base64 expansion operator. Bug 1762
Jeremy Harris [Wed, 30 Dec 2015 18:12:19 +0000 (18:12 +0000)]
New expansion operator base64d, and base64 as synonym for str2b64. Bug 1746
Jeremy Harris [Wed, 30 Dec 2015 18:23:33 +0000 (18:23 +0000)]
Consolidate base64 encode/decode routines.
The functions previously in the auth directory, which allocate
exim-standard strings for output, are the main pair. The file-IO
variant decode routine use by mime-handling is brought into
the same new source file. The PDKIM functions are dropped.
Jeremy Harris [Mon, 28 Dec 2015 14:04:58 +0000 (14:04 +0000)]
tidying
Jeremy Harris [Mon, 28 Dec 2015 14:01:30 +0000 (14:01 +0000)]
Docs: more certs info
Jeremy Harris [Sun, 27 Dec 2015 14:25:39 +0000 (14:25 +0000)]
Testsuite: testcase for -bP
Jeremy Harris [Sun, 27 Dec 2015 13:18:42 +0000 (13:18 +0000)]
Provide setenv/unsetenv for environments lacking them. Bug 1578
Currently this covers HP-UX and older Solaris.
Heiko Schlittermann (HS12-RIPE) [Sat, 26 Dec 2015 13:16:43 +0000 (14:16 +0100)]
Pretty print for -bP config
Jeremy Harris [Sun, 20 Dec 2015 18:28:12 +0000 (18:28 +0000)]
tidying
Jeremy Harris [Mon, 21 Dec 2015 16:49:35 +0000 (16:49 +0000)]
Fix build on OpenBSD. Bug 1761
Jeremy Harris [Mon, 21 Dec 2015 11:36:44 +0000 (11:36 +0000)]
dnslists: testsuite output
Jeremy Harris [Sun, 20 Dec 2015 20:01:52 +0000 (20:01 +0000)]
dnslists: permit use with explicit key(s) in nonsmtp ACLs. Bug 1748
Richard Clayton [Sun, 20 Dec 2015 19:12:21 +0000 (19:12 +0000)]
Malware: Fix potential spin-on-read-error with kavdaemon
Jeremy Harris [Sun, 20 Dec 2015 18:08:11 +0000 (18:08 +0000)]
Testsuite: OpenSSL version variances
Richard Clayton [Sun, 20 Dec 2015 18:07:18 +0000 (18:07 +0000)]
Compiler quietening
Richard Clayton [Sun, 20 Dec 2015 17:54:18 +0000 (17:54 +0000)]
DKIM: fix quoted-printable decode
Jeremy Harris [Sun, 20 Dec 2015 13:37:45 +0000 (13:37 +0000)]
build dependencies
Jeremy Harris [Wed, 16 Dec 2015 12:05:41 +0000 (12:05 +0000)]
tidying
Michael Haardt [Sun, 20 Dec 2015 12:52:21 +0000 (12:52 +0000)]
DNSSEC: un-ifdef code uncompilable under DISABLE_DNSSSEC
Michael Haardt [Sun, 20 Dec 2015 12:50:31 +0000 (12:50 +0000)]
OS: define sockaddr_storage for HP-UX
Jeremy Harris [Sun, 13 Dec 2015 17:12:43 +0000 (17:12 +0000)]
Redis: move from Experimental to mainline
Jasen Betts [Fri, 18 Dec 2015 13:42:27 +0000 (13:42 +0000)]
Redis: fix server-specified-in-lookup
Affects Bug 1745. Broken-by:
2d8d625b2b96
Jeremy Harris [Thu, 17 Dec 2015 23:22:09 +0000 (23:22 +0000)]
Fix hosts_connection_nolog ensuring that sender_host_cache is not
incorrectly filled in by the daemon, where the sender_host will
be varying.
Jeremy Harris [Wed, 16 Dec 2015 21:50:03 +0000 (21:50 +0000)]
DANE: do not override a cert verify failure, in callback. Also fix some test mistakes
Viktor Dukhovni [Tue, 15 Dec 2015 17:35:26 +0000 (17:35 +0000)]
DANE: When PKIX-EE matches don't clobber depth by trying PKIX-TA
Viktor Dukhovni [Wed, 16 Dec 2015 21:47:49 +0000 (21:47 +0000)]
DANE: current src version
Jeremy Harris [Tue, 15 Dec 2015 18:52:14 +0000 (18:52 +0000)]
DANE: fix testcase 2/0/1 TLSA record
Jeremy Harris [Wed, 16 Dec 2015 12:04:41 +0000 (12:04 +0000)]
Testsuite: GnuTLS version changes
Jeremy Harris [Tue, 15 Dec 2015 21:28:45 +0000 (21:28 +0000)]
Testsuite: OpenSSL version changes