Jeremy Harris [Fri, 1 Jan 2021 13:25:29 +0000 (13:25 +0000)]
FreeBSD: harden against ClamAV connection errors
Jeremy Harris [Fri, 1 Jan 2021 12:09:37 +0000 (12:09 +0000)]
Avoid needless socket close
Jeremy Harris [Thu, 31 Dec 2020 22:18:30 +0000 (22:18 +0000)]
malware: avoid slurping entire spoolfile for sending to ClamAV
Jeremy Harris [Thu, 31 Dec 2020 21:52:02 +0000 (21:52 +0000)]
TFO: better observability (slightly) on FreeBSD
Jeremy Harris [Mon, 28 Dec 2020 20:20:44 +0000 (20:20 +0000)]
typo
Jeremy Harris [Mon, 28 Dec 2020 18:31:24 +0000 (18:31 +0000)]
Logging: make placement of continued-delivery asterisk consistent
Jeremy Harris [Sun, 27 Dec 2020 20:51:42 +0000 (20:51 +0000)]
GSASL: More recent versions of the library no longer need a hack for channel-binding
Jeremy Harris [Sat, 26 Dec 2020 18:55:29 +0000 (18:55 +0000)]
Fix build on GNU/Hurd [supports openat()]. Bug 2608
Jeremy Harris [Sat, 26 Dec 2020 18:18:33 +0000 (18:18 +0000)]
Fix build warning on 32-bit int platfowms. Bug 2678
Jeremy Harris [Thu, 24 Dec 2020 21:05:40 +0000 (21:05 +0000)]
Expansions: Reduce memory use of ${listcount }
Jeremy Harris [Thu, 24 Dec 2020 21:04:34 +0000 (21:04 +0000)]
Replace internal string-expansion call with a direct recursion
Jeremy Harris [Thu, 24 Dec 2020 20:59:29 +0000 (20:59 +0000)]
Convert more cases of list-walking to use self-assigned memory for the list-item
Jeremy Harris [Wed, 23 Dec 2020 22:35:04 +0000 (22:35 +0000)]
Fix ${listextract } from a tainted list
Jeremy Harris [Sun, 20 Dec 2020 15:49:39 +0000 (15:49 +0000)]
Fix local delivery delay when combined with remote callout/hold. Bug 2599
Jeremy Harris [Thu, 17 Dec 2020 09:59:23 +0000 (09:59 +0000)]
Fix the PIPE_CONNECT feature control in the template Makefile, the
default having changed to "included" for 4.93
Broken-by: 81344b40e3
Jeremy Harris [Thu, 17 Dec 2020 09:39:59 +0000 (09:39 +0000)]
Remove the X_ prefix from the PIPE_CONNECT SMTP service extension keyword.
Jeremy Harris [Wed, 16 Dec 2020 19:07:51 +0000 (19:07 +0000)]
Fix matching of long addresses. Bug 2677
Jeremy Harris [Wed, 2 Dec 2020 10:14:23 +0000 (10:14 +0000)]
Docs: add info on router variable evaluation order
Jeremy Harris [Tue, 24 Nov 2020 22:11:09 +0000 (22:11 +0000)]
ARC: harden parsing of signing spec. Bug 2639
u34 [Tue, 24 Nov 2020 21:53:48 +0000 (21:53 +0000)]
Docs: wording fixes.
Jeremy Harris [Mon, 23 Nov 2020 12:17:14 +0000 (12:17 +0000)]
Docs: list $spam_ variables in expansions chapter
Jeremy Harris [Thu, 19 Nov 2020 19:05:54 +0000 (19:05 +0000)]
Logging: add I= element to transport-defer lines. Bug 2675
Jeremy Harris [Thu, 12 Nov 2020 22:16:50 +0000 (22:16 +0000)]
More taint notes
Jeremy Harris [Tue, 10 Nov 2020 22:33:40 +0000 (22:33 +0000)]
Docs: clarify client-side auth options for smtp transport
Jeremy Harris [Tue, 10 Nov 2020 21:10:56 +0000 (21:10 +0000)]
More taint discussion in docs
Jeremy Harris [Wed, 28 Oct 2020 19:52:12 +0000 (19:52 +0000)]
tidying
Jeremy Harris [Tue, 3 Nov 2020 13:15:15 +0000 (13:15 +0000)]
Testsuite: ignore cert-rotation debug output
Jeremy Harris [Tue, 3 Nov 2020 13:14:11 +0000 (13:14 +0000)]
Fix spurious logging of select error
Jeremy Harris [Mon, 2 Nov 2020 22:34:54 +0000 (22:34 +0000)]
typo
Jeremy Harris [Mon, 2 Nov 2020 22:31:34 +0000 (22:31 +0000)]
kevent: handle OpenBSD API anomaly, redux
Jeremy Harris [Sat, 31 Oct 2020 23:58:11 +0000 (23:58 +0000)]
Pass authenticator pubname through spool. Bug 2648
Jeremy Harris [Fri, 30 Oct 2020 12:46:05 +0000 (12:46 +0000)]
LDAP: fix taint-check in server list walk. Bug 2646
Jeremy Harris [Fri, 30 Oct 2020 12:43:39 +0000 (12:43 +0000)]
Fix build on platforms lacking TIOCOUTQ ioctl
Jeremy Harris [Thu, 29 Oct 2020 21:37:42 +0000 (21:37 +0000)]
Fix build on platforms lacking TIOCOUTQ ioctl
Jeremy Harris [Thu, 29 Oct 2020 20:09:25 +0000 (20:09 +0000)]
Debug: show stalled send-data count on message-errors
Jeremy Harris [Wed, 28 Oct 2020 18:36:34 +0000 (18:36 +0000)]
Docs: index smtp transport timeouts
Jeremy Harris [Wed, 28 Oct 2020 00:43:53 +0000 (00:43 +0000)]
Avoid manually-counted long strings
Jeremy Harris [Mon, 26 Oct 2020 17:55:53 +0000 (17:55 +0000)]
Docs: another detaint mention
Jeremy Harris [Tue, 13 Oct 2020 19:06:08 +0000 (20:06 +0100)]
Revert "Testsuite: allow 1s timing slop in dumpdb output"
This reverts commit
625cd9501315e1010ecbf8718c88c8b79ce09e94.
Jeremy Harris [Tue, 13 Oct 2020 18:59:43 +0000 (19:59 +0100)]
Testsuite: munge & delay for early selfsign generate
Broken-by: 48e9099006
Jeremy Harris [Tue, 13 Oct 2020 16:12:33 +0000 (17:12 +0100)]
TLS: pre-generate and load server selfsigned cert, when one is to be used
Jeremy Harris [Sun, 11 Oct 2020 11:42:20 +0000 (12:42 +0100)]
Testsuite: case-number shuffling
Jeremy Harris [Sun, 11 Oct 2020 09:50:35 +0000 (10:50 +0100)]
Testsuite: more time for loaded test platforms
Heiko Schlittermann (HS12-RIPE) [Sat, 10 Oct 2020 16:56:50 +0000 (18:56 +0200)]
Docs: Mention issues with TLS client cert and Exim <= 4.85
*
cb1d783072c488a4a558607b2ee122efba95aa4b
*
8c40856083f3a2e89350ab3aacfb95256fbadd9d
> Author: Jeremy Harris <jgh146exb@wizmail.org>
> Date: Sun Nov 23 16:10:30 2014 +0000
>
> Support use of system default CA bundle
Jeremy Harris [Sat, 10 Oct 2020 17:18:01 +0000 (18:18 +0100)]
Testsuite & OpenSSL debug: regularise debug output, and fix test munging
Jeremy Harris [Sat, 10 Oct 2020 15:06:02 +0000 (16:06 +0100)]
kevent: handle OpenBSD API anomaly
Jeremy Harris [Sat, 10 Oct 2020 14:04:53 +0000 (15:04 +0100)]
kevent: fix directory check
Jeremy Harris [Sat, 10 Oct 2020 09:25:40 +0000 (10:25 +0100)]
OpenBSD, NetBSD: TLS preload
NetBSD is not actually really supported by the project, but a user
did pop up this year asking for a build
Jeremy Harris [Sat, 10 Oct 2020 09:02:53 +0000 (10:02 +0100)]
More debug for fail cases in kevent set-watch
Jeremy Harris [Fri, 9 Oct 2020 22:01:14 +0000 (23:01 +0100)]
Unbreak no-TLS build
Broken-by: dc4ab0a186
Jeremy Harris [Thu, 8 Oct 2020 12:30:41 +0000 (13:30 +0100)]
FreeBSD: TLS: preload configuration items
Jeremy Harris [Thu, 8 Oct 2020 09:24:59 +0000 (10:24 +0100)]
Testsuite: allow 1s timing slop in dumpdb output
Jeremy Harris [Mon, 5 Oct 2020 16:52:04 +0000 (17:52 +0100)]
Unbreak non-ipv6 build
Broken-by: 261fc93208
Jeremy Harris [Sun, 4 Oct 2020 22:08:45 +0000 (23:08 +0100)]
GnuTLS: when library too old for system CA bundle support, do not default options to using it
Jeremy Harris [Mon, 5 Oct 2020 14:28:10 +0000 (15:28 +0100)]
Debug output: regularise host lookup tracing
Heiko Schlittermann (HS12-RIPE) [Sun, 4 Oct 2020 10:22:01 +0000 (12:22 +0200)]
Add proxy_protocol_timeout main config option.
Heiko Schlittermann (HS12-RIPE) [Mon, 5 Oct 2020 06:59:25 +0000 (08:59 +0200)]
Testsuite: Allow input lines starting with ":<cmd>:", like ":sleep:".
This somehow mimics the behaviour of the client tool, but works for
*any* input line that is sent to the application. This reverts the
unfortunate take abusing the client's special notation '>>> '.
Currently implemented:
- :eval:
- :neol:
- :sleep:
Heiko Schlittermann (HS12-RIPE) [Mon, 5 Oct 2020 06:59:16 +0000 (08:59 +0200)]
Testsuite: README: improve searchability of ">>> ", "??? ", …
Jeremy Harris [Sun, 4 Oct 2020 16:16:37 +0000 (17:16 +0100)]
Testsuite: missing stdout file
Testsuite: library version variances
Broken-by: 6a9cf7f890
Jeremy Harris [Sun, 4 Oct 2020 14:34:29 +0000 (15:34 +0100)]
Unbreak build on non-inotify platforms
Broken-by: 6a9cf7f890
Jeremy Harris [Sun, 4 Oct 2020 13:15:09 +0000 (14:15 +0100)]
Fix build on earlier library version
Broken-by: 6a9cf7f890
Jeremy Harris [Sun, 4 Oct 2020 11:48:33 +0000 (12:48 +0100)]
Testsuite: missing log file
Broken-by: 6a9cf7f890
Jeremy Harris [Sun, 4 Oct 2020 11:37:12 +0000 (12:37 +0100)]
Fix non-OCSP build
Broken-by: 6a9cf7f890
Jeremy Harris [Sun, 4 Oct 2020 11:00:00 +0000 (12:00 +0100)]
Testsuite: TLS system CA dirs vary across platforms
Broken-by: 6a9cf7f890
Jeremy Harris [Sun, 4 Oct 2020 10:43:04 +0000 (11:43 +0100)]
GnuTLS: fix build on earlier library version.
Broken-by: 6a9cf7f890
Heiko Schlittermann (HS12-RIPE) [Sun, 4 Oct 2020 10:33:18 +0000 (12:33 +0200)]
Merge branch 'hs/fix-proxy-bh' (Closes 2656)
Heiko Schlittermann (HS12-RIPE) [Sat, 3 Oct 2020 16:58:11 +0000 (18:58 +0200)]
Testsuite: Add test for proxy and -bh (Bug 2656)
Heiko Schlittermann (HS12-RIPE) [Fri, 2 Oct 2020 06:19:12 +0000 (08:19 +0200)]
Use ALARM() to set deadline on reading the proxy header (Bug 2656)
Heiko Schlittermann (HS12-RIPE) [Fri, 2 Oct 2020 06:17:39 +0000 (08:17 +0200)]
Replace recv() by read() (Bug 2656)
Heiko Schlittermann (HS12-RIPE) [Sat, 3 Oct 2020 17:43:48 +0000 (19:43 +0200)]
Testsuite: Provide '>>> ' for script input to allow binary data (take 2)
This mimics the '>>> ' prefix known for the test client. Any line prefixed
with '>>> ' will be processed by Perl's string eval().
As '>>> ' is generic and documented, it replaces the (undocumented)
'\NONL\' tag.
The client input lines starting with '>>> ' are now changed to '\>>> '
to avoid evaluation by the runtest script. (Test 4030, 1101).
Heiko Schlittermann (HS12-RIPE) [Sat, 3 Oct 2020 21:32:56 +0000 (23:32 +0200)]
Testsuite: add .editorconfig to keep the trailing spaces
Jeremy Harris [Sat, 3 Oct 2020 19:59:15 +0000 (20:59 +0100)]
TLS: preload configuration items
Jeremy Harris [Mon, 7 Sep 2020 18:56:49 +0000 (19:56 +0100)]
tidying
Heiko Schlittermann (HS12-RIPE) [Sat, 3 Oct 2020 13:24:31 +0000 (15:24 +0200)]
Testsuite: Use 127.x.x.x for PROXY v2
This avoids depencies on DNS timeouts on the host running the testsuite.
Heiko Schlittermann (HS12-RIPE) [Sat, 3 Oct 2020 18:00:21 +0000 (20:00 +0200)]
Revert "Testsuite: Provide '>>> ' for script input to allow binary data"
This reverts commit
f7ec095232186edba2b7137594bfdd7d7b7f9504.
Heiko Schlittermann (HS12-RIPE) [Sat, 3 Oct 2020 17:43:48 +0000 (19:43 +0200)]
Testsuite: Provide '>>> ' for script input to allow binary data
This mimics the '>>> ' prefix for the test client. Any line prefixed
with '>>> ' will be processed by Perl's string eval().
As '>>> ' is generic and documented, it replaces the
(undocumented) '\NONL\' tag.
Jeremy Harris [Mon, 28 Sep 2020 21:41:10 +0000 (22:41 +0100)]
Docs: Add note regarding DANE vs. the smtp transport multi_domain option. Bug 2265
Jeremy Harris [Sat, 26 Sep 2020 14:35:58 +0000 (15:35 +0100)]
OpenSSL: Fix client-side tls_verify_cert_hostnames behaviour
Nicolas R [Thu, 24 Sep 2020 21:38:24 +0000 (15:38 -0600)]
Docs: Fix various typos (Closes 2650, 2651)
Jeremy Harris [Wed, 23 Sep 2020 19:14:53 +0000 (20:14 +0100)]
Docs: fix descriptions for dkim_domain, dkim_selector
Andreas Metzler [Fri, 25 Sep 2020 06:54:00 +0000 (08:54 +0200)]
Docs: Minor typos in spec and NewStuff (Closes 2649)
Nicolas R [Thu, 24 Sep 2020 21:26:48 +0000 (15:26 -0600)]
Doc: Fix a typo in NewStuff for 4.94 (Closes 2649)
Heiko Schlittermann (HS12-RIPE) [Fri, 25 Sep 2020 06:48:23 +0000 (08:48 +0200)]
Doc: remove trailing spaces
Jeremy Harris [Sun, 20 Sep 2020 22:40:40 +0000 (23:40 +0100)]
Testsuite: avoid cipher vs. cert validity problem
Jeremy Harris [Tue, 15 Sep 2020 13:48:49 +0000 (14:48 +0100)]
Docs: add crossref
Phil Pennock [Thu, 17 Sep 2020 20:44:52 +0000 (16:44 -0400)]
default DH prime choice consistency
A function returning a default and a list which defined the value of "default"
disagreed. Switch both to a macro to make it harder for them to fall out of
sync.
Jeremy Harris [Sat, 12 Sep 2020 21:11:00 +0000 (22:11 +0100)]
eximon: tidying
Richard Clayton [Sat, 12 Sep 2020 21:10:04 +0000 (22:10 +0100)]
eximon: fix FreeBSD build
Heiko Schlittermann (HS12-RIPE) [Fri, 11 Sep 2020 08:41:10 +0000 (10:41 +0200)]
Docs: fix typo.
Credits to u34@net9.ga
Jeremy Harris [Sun, 6 Sep 2020 11:15:10 +0000 (12:15 +0100)]
GnuTLS: clear errno before any data i/o op, so error logging does not see stale values
Jeremy Harris [Tue, 1 Sep 2020 15:17:42 +0000 (16:17 +0100)]
ARC: Add basic error-checking on permitted chars in admd & sel for signing. Bug 2639
Jeremy Harris [Sat, 29 Aug 2020 18:18:35 +0000 (19:18 +0100)]
Taint: enforce checking of directory creates
Jeremy Harris [Sat, 29 Aug 2020 16:39:51 +0000 (17:39 +0100)]
add an internal error code definition
Jeremy Harris [Thu, 27 Aug 2020 20:15:19 +0000 (21:15 +0100)]
Fix non-TLS build
Phil Pennock [Fri, 28 Aug 2020 23:58:36 +0000 (19:58 -0400)]
Fix utilities indexing
It looks like there used to be another level of hierarchy here, with all three
of the hints database commands described in one section. They're now distinct
sections in their own right, so fix how they're linked to.
Reported by: Peter Gervai
Fixes: 2637
Jeremy Harris [Thu, 27 Aug 2020 10:22:55 +0000 (11:22 +0100)]
Docs: add to A= log-line element description
Jeremy Harris [Wed, 26 Aug 2020 22:59:28 +0000 (23:59 +0100)]
Fix non-DANE build
Jeremy Harris [Wed, 26 Aug 2020 22:43:54 +0000 (23:43 +0100)]
DANE: Fix 2 messages from queue case
Jeremy Harris [Mon, 24 Aug 2020 19:15:48 +0000 (20:15 +0100)]
tidying
Jeremy Harris [Mon, 24 Aug 2020 19:14:34 +0000 (20:14 +0100)]
Build: ifdef guard for EXPERIMENTAL_QUEUEFILE