users/heiko/exim.git
8 years agoMerge branch 'master'
Heiko Schlittermann (HS12-RIPE) [Wed, 2 Mar 2016 18:53:07 +0000 (19:53 +0100)]
Merge branch 'master'

8 years agoUse right type casts in string_compare_by_pointer fix-CVE-2016-1531 hs12/fix-CVE-2016-1531 origin/fix-CVE-2016-1531 security/fix-CVE-2016-1531 exim-4_87_RC5
Heiko Schlittermann (HS12-RIPE) [Wed, 2 Mar 2016 16:25:01 +0000 (17:25 +0100)]
Use right type casts in string_compare_by_pointer

8 years agoRemove confusing #ifndef environ
Heiko Schlittermann (HS12-RIPE) [Wed, 2 Mar 2016 07:12:49 +0000 (08:12 +0100)]
Remove confusing #ifndef environ

8 years agoTestsuite: Adapt to portability fix in environment.c
Heiko Schlittermann (HS12-RIPE) [Wed, 2 Mar 2016 07:12:16 +0000 (08:12 +0100)]
Testsuite: Adapt to portability fix in environment.c

8 years agoMake qsort() in readconf.c more portable
Heiko Schlittermann (HS12-RIPE) [Tue, 1 Mar 2016 23:14:28 +0000 (00:14 +0100)]
Make qsort() in readconf.c more portable

8 years agoMake environment.c more portable
Heiko Schlittermann (HS12-RIPE) [Tue, 1 Mar 2016 20:11:42 +0000 (21:11 +0100)]
Make environment.c more portable

8 years agoRelease: fix release script
Heiko Schlittermann (HS12-RIPE) [Wed, 24 Feb 2016 22:59:26 +0000 (23:59 +0100)]
Release: fix release script

- accept minor version number
- allow to skip the build-of-documentation step
- allow release of "any" version from anywhere
- avoid calling "old" reversion scripts, create version.sh

8 years agoRemoved doc references to relay-test.mail-abuse.org
Nigel Metheringham [Wed, 24 Feb 2016 16:44:59 +0000 (16:44 +0000)]
Removed doc references to relay-test.mail-abuse.org

As per github ticket #37 - https://github.com/Exim/exim/issues/37

relay-test.mail-abuse.org is no longer available so references to it have been removed from the documentation.

8 years agoFix CVE-2016-1531 exim-4_87_RC4
Heiko Schlittermann (HS12-RIPE) [Thu, 28 Jan 2016 21:20:33 +0000 (22:20 +0100)]
Fix CVE-2016-1531

Add keep_environment, add_environment.
Change the working directory to "/" during the early startup
phase.

(cherry picked from commit 2b92b67bfc33efe05e6ff2ea3852731ac2273832)
(cherry picked from commit 14b82c8b736c8ed24eda144f57703cb9feac6323)
(cherry picked from commit 9ca92d0c6e9c6f161bd8111366c6952d3a9315e2)
(cherry picked from commit 0020c6d9ecfd98ed7b2b337ed4f898fdc409784b)
(cherry picked from commit e8f96966360ea8867ad6a8b5affda6c37fa4958c)
(cherry picked from commit ef6fb807c1e1a665f444f644c60c77269f7c5209)

8 years agoDocs: clarify unit of S= log line element
Jeremy Harris [Thu, 18 Feb 2016 14:20:43 +0000 (14:20 +0000)]
Docs: clarify unit of S= log line element

8 years agoCompiler quietening
Jeremy Harris [Mon, 15 Feb 2016 18:03:04 +0000 (18:03 +0000)]
Compiler quietening

8 years agoMalware: fix error logged on a scanner connect fail. Bug 1796
Jeremy Harris [Sun, 14 Feb 2016 23:04:08 +0000 (23:04 +0000)]
Malware: fix error logged on a scanner connect fail.  Bug 1796

8 years agoTLS: support build with OpenSSL 1.1.0 Bug 1771
Jeremy Harris [Mon, 8 Feb 2016 22:43:54 +0000 (22:43 +0000)]
TLS: support build with OpenSSL 1.1.0   Bug 1771

8 years agoDoc: correct minor typo
Heiko Schlittermann (HS12-RIPE) [Wed, 10 Feb 2016 09:48:13 +0000 (10:48 +0100)]
Doc: correct minor typo

8 years agoDKIM: fix selection of header for signing/verification given several. Bug 1792
Jeremy Harris [Tue, 9 Feb 2016 23:27:59 +0000 (23:27 +0000)]
DKIM: fix selection of header for signing/verification given several.  Bug 1792

8 years agoDKIM: support oversigning. Bugs 1309, 1310
Jeremy Harris [Sun, 7 Feb 2016 21:14:37 +0000 (21:14 +0000)]
DKIM: support oversigning.  Bugs 1309, 1310

8 years agoTestsuite: Support running exim under valgrind
Jeremy Harris [Sun, 7 Feb 2016 12:12:19 +0000 (12:12 +0000)]
Testsuite: Support running exim under valgrind

Fails mostly thanks to lack of suid handling, but -be tests usable
if you retry after de-suid of eximdir/exim

8 years agoRemove empty lines from .mailmap, fix root
Heiko Schlittermann (HS12-RIPE) [Mon, 8 Feb 2016 22:59:40 +0000 (23:59 +0100)]
Remove empty lines from .mailmap, fix root

8 years agoAdd .mailmap for git
Heiko Schlittermann (HS12-RIPE) [Mon, 8 Feb 2016 22:57:35 +0000 (23:57 +0100)]
Add .mailmap for git

8 years agoTestsuite: avoid retry db issue after deliberate fail subtests
Jeremy Harris [Sat, 6 Feb 2016 20:25:06 +0000 (20:25 +0000)]
Testsuite: avoid retry db issue after deliberate fail subtests

8 years agoTestsuite: avoid assuming 127.0.0.2 is a viable sending address
Jeremy Harris [Sat, 6 Feb 2016 19:58:36 +0000 (19:58 +0000)]
Testsuite: avoid assuming 127.0.0.2 is a viable sending address

8 years agoTestsuite: allow for different data arrival in SMTP synch check
Jeremy Harris [Sat, 6 Feb 2016 19:20:06 +0000 (19:20 +0000)]
Testsuite: allow for different data arrival in SMTP synch check

8 years agoTestsuite: log some stderr output on bad exit-code in --CONTINUE mode
Jeremy Harris [Sat, 6 Feb 2016 16:24:37 +0000 (16:24 +0000)]
Testsuite: log some stderr output on bad exit-code in --CONTINUE mode

8 years agoSRS: fix crash in queryprogram router when compiled with EXPERIMENTAL_SRS
Jeremy Harris [Sat, 6 Feb 2016 16:22:00 +0000 (16:22 +0000)]
SRS: fix crash in queryprogram router when compiled with EXPERIMENTAL_SRS

8 years agoTLS: Whine to log on client config of SNI under too-old OpenSSL version
Jeremy Harris [Fri, 5 Feb 2016 18:47:45 +0000 (18:47 +0000)]
TLS: Whine to log on client config of SNI under too-old OpenSSL version

8 years agoTestsuite: enforce different exim/testuser group numbers
Jeremy Harris [Fri, 5 Feb 2016 18:16:30 +0000 (18:16 +0000)]
Testsuite: enforce different exim/testuser group numbers

8 years agoTestsuite: sort logs in cases where we do parallel deliveries
Jeremy Harris [Fri, 5 Feb 2016 17:37:43 +0000 (17:37 +0000)]
Testsuite: sort logs in cases where we do parallel deliveries

8 years agoFix EXPERIMENTAL_DMARC build
Jeremy Harris [Fri, 5 Feb 2016 16:58:22 +0000 (16:58 +0000)]
Fix EXPERIMENTAL_DMARC build

Broken-by: df3def24
8 years agoTestsuite: nuke retry db after deliberate-fail subtests in ocsp testcase
Jeremy Harris [Fri, 5 Feb 2016 15:55:04 +0000 (15:55 +0000)]
Testsuite: nuke retry db after deliberate-fail subtests in ocsp testcase

8 years agoAdd backward compatibility for EXIM_TMPDIR
Heiko Schlittermann (HS12-RIPE) [Thu, 4 Feb 2016 09:00:50 +0000 (10:00 +0100)]
Add backward compatibility for EXIM_TMPDIR

8 years agoRename build-time option TMPDIR to EXIM_TMPDIR
Alexander Tsoy [Tue, 2 Feb 2016 17:56:15 +0000 (20:56 +0300)]
Rename build-time option TMPDIR to EXIM_TMPDIR

Build-time option TMPDIR included in Makefile clashes with environment
variable of the same name. This breaks tools that make use of that
variable, such as distcc.

The following example demonstrates what's going on:

$ cat Makefile
TMPDIR="/tmp"
all:
env
$ export TMPDIR=test
$ make | grep ^TMPDIR
TMPDIR="/tmp"

distcc error (note the extra quotes):
ERROR: can't use TMPDIR ""/tmp"": No such file or directory

8 years agoTestsuite: case should not depend on build-option
Jeremy Harris [Thu, 4 Feb 2016 19:08:56 +0000 (19:08 +0000)]
Testsuite: case should not depend on build-option

8 years agoTestsuite: (more) complete usage message for server
Heiko Schlittermann (HS12) [Thu, 4 Feb 2016 21:12:10 +0000 (22:12 +0100)]
Testsuite: (more) complete usage message for server

8 years agoUse GCRYPT if GNUTLS isn't good enough
Jeremy Harris [Thu, 4 Feb 2016 19:02:52 +0000 (20:02 +0100)]
Use GCRYPT if GNUTLS isn't good enough

8 years agoTestsuite: output library versions during startup
Jeremy Harris [Thu, 4 Feb 2016 14:51:31 +0000 (14:51 +0000)]
Testsuite: output library versions during startup

8 years agoDocs: add note on costs of cutthrough delivery in local-rejection cases
Jeremy Harris [Thu, 4 Feb 2016 10:30:54 +0000 (10:30 +0000)]
Docs: add note on costs of cutthrough delivery in local-rejection cases

8 years agoTestsuite: 3454: debian8 flavour
Heiko Schlittermann (HS12-RIPE) [Wed, 3 Feb 2016 22:31:58 +0000 (23:31 +0100)]
Testsuite: 3454: debian8 flavour

8 years agoTestsuite: 3450: debian8 flavour
Heiko Schlittermann (HS12-RIPE) [Wed, 3 Feb 2016 22:16:05 +0000 (23:16 +0100)]
Testsuite: 3450: debian8 flavour

8 years agoDocs: note DKIM signing options in smtp transport chapter
Jeremy Harris [Tue, 2 Feb 2016 12:44:41 +0000 (12:44 +0000)]
Docs: note DKIM signing options in smtp transport chapter

8 years agoDKIM: replace SHA and RSA routines from gnutls, under earlier library
Jeremy Harris [Mon, 1 Feb 2016 18:18:56 +0000 (18:18 +0000)]
DKIM: replace SHA and RSA routines from gnutls, under earlier library
versions, using libgcrypt and libtasn1 directly.  Bug 1772

8 years agoKeep options ordered alphabetical
Heiko Schlittermann (HS12-RIPE) [Sun, 31 Jan 2016 18:21:47 +0000 (19:21 +0100)]
Keep options ordered alphabetical

8 years agoGEF 20160130 Tiny corrections to Readme.pod
Graeme Fowler [Sat, 30 Jan 2016 17:12:24 +0000 (17:12 +0000)]
GEF 20160130 Tiny corrections to Readme.pod

8 years agoGEF 20160130 Changed date in header in test/README
Graeme Fowler [Sat, 30 Jan 2016 12:29:58 +0000 (12:29 +0000)]
GEF 20160130 Changed date in header in test/README

8 years agoFix typo
Heiko Schlittermann (HS12-RIPE) [Thu, 28 Jan 2016 21:43:28 +0000 (22:43 +0100)]
Fix typo

8 years agoDocs: clarify command string content in ${readsocket }
Jeremy Harris [Thu, 28 Jan 2016 14:52:19 +0000 (14:52 +0000)]
Docs: clarify command string content in ${readsocket }

8 years agoFix typo on ChangeLog
Heiko Schlittermann (HS12-RIPE) [Mon, 25 Jan 2016 11:52:07 +0000 (12:52 +0100)]
Fix typo on ChangeLog

8 years agoDocs: clarify use of $dkim_selector variable
Jeremy Harris [Fri, 22 Jan 2016 13:20:01 +0000 (13:20 +0000)]
Docs: clarify use of $dkim_selector variable

8 years agoPDKIM: Fix use of private-keys having trailing '=' in the base-64. Bug 1781
Jeremy Harris [Fri, 22 Jan 2016 13:17:34 +0000 (13:17 +0000)]
PDKIM: Fix use of private-keys having trailing '=' in the base-64.  Bug 1781

8 years agoCutthrough: Fix bug with dot-only line
Jeremy Harris [Thu, 21 Jan 2016 15:37:08 +0000 (15:37 +0000)]
Cutthrough: Fix bug with dot-only line

8 years agoTestuite: tidying exim-4_87_RC3
Jeremy Harris [Mon, 18 Jan 2016 16:54:45 +0000 (16:54 +0000)]
Testuite: tidying

8 years agoCopyright dates 2014, 2015
Jeremy Harris [Mon, 18 Jan 2016 15:11:44 +0000 (15:11 +0000)]
Copyright dates 2014, 2015

via:  vi $(git whatchanged --since=2014-12-31 --until=2016-01-01 | grep '^:100' | sed 's/^[^M]*M//' | grep -v 000000 | sort -u | fgrep -v test/)
(etc)

8 years agoChange notes
Jeremy Harris [Mon, 18 Jan 2016 14:34:07 +0000 (14:34 +0000)]
Change notes

8 years agoTestsuite: bounce_return_linesize_limit. Bug 1760
Jeremy Harris [Sun, 17 Jan 2016 23:36:11 +0000 (23:36 +0000)]
Testsuite: bounce_return_linesize_limit.  Bug 1760

8 years agoTidying
Jeremy Harris [Sun, 17 Jan 2016 22:45:55 +0000 (22:45 +0000)]
Tidying

8 years agoTestsuite: changes for VFRY update, 4f6ae5c314e5
Jeremy Harris [Sun, 17 Jan 2016 22:44:46 +0000 (22:44 +0000)]
Testsuite: changes for VFRY update, 4f6ae5c314e5

8 years agoRestrict line lengths in bounces. Bug 1760
Jeremy Harris [Sun, 17 Jan 2016 21:14:31 +0000 (21:14 +0000)]
Restrict line lengths in bounces.  Bug 1760

8 years agoVRFY: Permit an ACL to override the default 252 response, to support
Jeremy Harris [Sat, 16 Jan 2016 22:17:33 +0000 (22:17 +0000)]
VRFY: Permit an ACL to override the default 252 response, to support
verify-by-ACL instead of the more usual verify-by-routers.  Bug 1769

8 years agoTidying
Jeremy Harris [Sat, 16 Jan 2016 15:06:28 +0000 (15:06 +0000)]
Tidying

8 years agoTidying
Jeremy Harris [Sat, 16 Jan 2016 19:54:57 +0000 (19:54 +0000)]
Tidying

8 years agoExpansions: avoid releasing memory used for $value in ${run }
Jeremy Harris [Sat, 16 Jan 2016 19:14:58 +0000 (19:14 +0000)]
Expansions: avoid releasing memory used for $value in ${run }

8 years agoTestsuite: ignore optional OCSP output from -bP testcase
Jeremy Harris [Sat, 16 Jan 2016 18:04:55 +0000 (18:04 +0000)]
Testsuite: ignore optional OCSP output from -bP testcase

8 years agoExpansions: more detail in error messages
Jeremy Harris [Thu, 14 Jan 2016 22:08:56 +0000 (22:08 +0000)]
Expansions: more detail in error messages

8 years agoOpenSSL: Default the SINGLE_DH_USE option flag set
Jeremy Harris [Thu, 14 Jan 2016 21:13:01 +0000 (21:13 +0000)]
OpenSSL: Default the SINGLE_DH_USE option flag set

8 years agoDocs: add note on HELO rejections, and add requirment on good HELO in
Jeremy Harris [Tue, 12 Jan 2016 17:52:30 +0000 (17:52 +0000)]
Docs: add note on HELO rejections, and add requirment on good HELO in
the example configuration

8 years agoExpansions: Fix crash in crypteq: On OpenBSD a bad second-arg
Jeremy Harris [Mon, 11 Jan 2016 15:50:22 +0000 (15:50 +0000)]
Expansions: Fix crash in crypteq: On OpenBSD a bad second-arg
results in an error-return from crypt().  Errorcheck that return.

8 years agoTestsuite: split out conf for -bP test and lose dependency on Proxy/Socks
Jeremy Harris [Mon, 11 Jan 2016 14:25:02 +0000 (14:25 +0000)]
Testsuite: split out conf for -bP test and lose dependency on Proxy/Socks

8 years agoDNS: fix crash in megahomed test case, on OpenBSD. Sanity-check
Jeremy Harris [Mon, 11 Jan 2016 14:09:41 +0000 (14:09 +0000)]
DNS: fix crash in megahomed test case, on OpenBSD.  Sanity-check
pointers when stepping through resolver returns, as the return
may have been truncated if it seemed oversize.  Bug 1773

8 years agoSOCKS: fix build on OpenBSD
Jeremy Harris [Mon, 11 Jan 2016 13:49:59 +0000 (13:49 +0000)]
SOCKS: fix build on OpenBSD

8 years agoDANE: fix build with LibreSSL
Jeremy Harris [Mon, 11 Jan 2016 13:52:14 +0000 (13:52 +0000)]
DANE: fix build with LibreSSL

8 years agoDKIM: reinstate embedded Polarssl SHA routines under older GnuTLS. Bug 1772
Jeremy Harris [Thu, 7 Jan 2016 20:47:13 +0000 (20:47 +0000)]
DKIM: reinstate embedded Polarssl SHA routines under older GnuTLS.  Bug 1772

We need an incremental build of the hash, and GnuTLS did not expose the
required interfaces until version 2.10.0

8 years agoTestsuite: allow time for retry-time expiry
Jeremy Harris [Wed, 6 Jan 2016 21:43:51 +0000 (21:43 +0000)]
Testsuite: allow time for retry-time expiry

8 years agoTestsuite: ignore dane for -bP output
Jeremy Harris [Wed, 6 Jan 2016 21:33:19 +0000 (21:33 +0000)]
Testsuite: ignore dane for -bP output

8 years agotypo
Jeremy Harris [Wed, 6 Jan 2016 20:31:44 +0000 (20:31 +0000)]
typo

8 years agoDKIM: Remove embedded copy of PolarSSL and use OpenSSL/GnuTLS library.
Jeremy Harris [Wed, 6 Jan 2016 17:50:06 +0000 (17:50 +0000)]
DKIM: Remove embedded copy of PolarSSL and use OpenSSL/GnuTLS library.
      Bug 1192

8 years agofix no-ssl build
Jeremy Harris [Wed, 6 Jan 2016 12:25:16 +0000 (12:25 +0000)]
fix no-ssl build

8 years agoDKIM: fix base64 decode to ignore whitespace; needed for private-key input
Jeremy Harris [Tue, 5 Jan 2016 14:54:02 +0000 (14:54 +0000)]
DKIM: fix base64 decode to ignore whitespace; needed for private-key input
from file.  Use this for general-purpose b64decode also.
Testsuite: DKIM signing testcase

8 years agoSupport certificates in base64 expansion operator. Bug 1762
Jeremy Harris [Wed, 30 Dec 2015 20:39:45 +0000 (20:39 +0000)]
Support certificates in base64 expansion operator.  Bug 1762

8 years agoNew expansion operator base64d, and base64 as synonym for str2b64. Bug 1746
Jeremy Harris [Wed, 30 Dec 2015 18:12:19 +0000 (18:12 +0000)]
New expansion operator base64d, and base64 as synonym for str2b64.  Bug 1746

8 years agoConsolidate base64 encode/decode routines.
Jeremy Harris [Wed, 30 Dec 2015 18:23:33 +0000 (18:23 +0000)]
Consolidate base64 encode/decode routines.

The functions previously in the auth directory, which allocate
exim-standard strings for output, are the main pair.  The file-IO
variant decode routine use by mime-handling is brought into
the same new source file.  The PDKIM functions are dropped.

8 years agotidying
Jeremy Harris [Mon, 28 Dec 2015 14:04:58 +0000 (14:04 +0000)]
tidying

8 years agoDocs: more certs info
Jeremy Harris [Mon, 28 Dec 2015 14:01:30 +0000 (14:01 +0000)]
Docs: more certs info

8 years agoTestsuite: testcase for -bP
Jeremy Harris [Sun, 27 Dec 2015 14:25:39 +0000 (14:25 +0000)]
Testsuite: testcase for -bP

8 years agoProvide setenv/unsetenv for environments lacking them. Bug 1578
Jeremy Harris [Sun, 27 Dec 2015 13:18:42 +0000 (13:18 +0000)]
Provide setenv/unsetenv for environments lacking them.  Bug 1578
Currently this covers HP-UX and older Solaris.

8 years agoPretty print for -bP config
Heiko Schlittermann (HS12-RIPE) [Sat, 26 Dec 2015 13:16:43 +0000 (14:16 +0100)]
Pretty print for -bP config

8 years agotidying
Jeremy Harris [Sun, 20 Dec 2015 18:28:12 +0000 (18:28 +0000)]
tidying

8 years agoFix build on OpenBSD. Bug 1761
Jeremy Harris [Mon, 21 Dec 2015 16:49:35 +0000 (16:49 +0000)]
Fix build on OpenBSD.  Bug 1761

8 years agodnslists: testsuite output
Jeremy Harris [Mon, 21 Dec 2015 11:36:44 +0000 (11:36 +0000)]
dnslists: testsuite output

9 years agodnslists: permit use with explicit key(s) in nonsmtp ACLs. Bug 1748
Jeremy Harris [Sun, 20 Dec 2015 20:01:52 +0000 (20:01 +0000)]
dnslists: permit use with explicit key(s) in nonsmtp ACLs.  Bug 1748

9 years agoMalware: Fix potential spin-on-read-error with kavdaemon
Richard Clayton [Sun, 20 Dec 2015 19:12:21 +0000 (19:12 +0000)]
Malware: Fix potential spin-on-read-error with kavdaemon

9 years agoTestsuite: OpenSSL version variances
Jeremy Harris [Sun, 20 Dec 2015 18:08:11 +0000 (18:08 +0000)]
Testsuite: OpenSSL version variances

9 years agoCompiler quietening
Richard Clayton [Sun, 20 Dec 2015 18:07:18 +0000 (18:07 +0000)]
Compiler quietening

9 years agoDKIM: fix quoted-printable decode
Richard Clayton [Sun, 20 Dec 2015 17:54:18 +0000 (17:54 +0000)]
DKIM: fix quoted-printable decode

9 years agobuild dependencies
Jeremy Harris [Sun, 20 Dec 2015 13:37:45 +0000 (13:37 +0000)]
build dependencies

9 years agotidying
Jeremy Harris [Wed, 16 Dec 2015 12:05:41 +0000 (12:05 +0000)]
tidying

9 years agoDNSSEC: un-ifdef code uncompilable under DISABLE_DNSSSEC
Michael Haardt [Sun, 20 Dec 2015 12:52:21 +0000 (12:52 +0000)]
DNSSEC: un-ifdef code uncompilable under DISABLE_DNSSSEC

9 years agoOS: define sockaddr_storage for HP-UX
Michael Haardt [Sun, 20 Dec 2015 12:50:31 +0000 (12:50 +0000)]
OS: define sockaddr_storage for HP-UX

9 years agoRedis: move from Experimental to mainline exim-4_87_RC2
Jeremy Harris [Sun, 13 Dec 2015 17:12:43 +0000 (17:12 +0000)]
Redis: move from Experimental to mainline

9 years agoRedis: fix server-specified-in-lookup
Jasen Betts [Fri, 18 Dec 2015 13:42:27 +0000 (13:42 +0000)]
Redis: fix server-specified-in-lookup

Affects Bug 1745.  Broken-by: 2d8d625b2b96

9 years agoFix hosts_connection_nolog ensuring that sender_host_cache is not
Jeremy Harris [Thu, 17 Dec 2015 23:22:09 +0000 (23:22 +0000)]
Fix hosts_connection_nolog ensuring that sender_host_cache is not
incorrectly filled in by the daemon, where the sender_host will
be varying.

9 years agoDANE: do not override a cert verify failure, in callback. Also fix some test mistakes
Jeremy Harris [Wed, 16 Dec 2015 21:50:03 +0000 (21:50 +0000)]
DANE: do not override a cert verify failure, in callback.  Also fix some test mistakes