Jeremy Harris [Wed, 3 Apr 2019 19:29:15 +0000 (20:29 +0100)]
OpenSSL: tidy options debug output
Jeremy Harris [Wed, 3 Apr 2019 19:13:22 +0000 (20:13 +0100)]
OpenSSL: tidy coding of session keys debug
Kirill Miazine [Tue, 2 Apr 2019 12:29:39 +0000 (14:29 +0200)]
More fixes to build with DANE support with LibreSSL >= 2.9.0.
Jeremy Harris [Mon, 1 Apr 2019 16:09:59 +0000 (17:09 +0100)]
Fix build with recent LibreSSL, when including DANE. Bug 2386
Heiko Schlittermann (HS12-RIPE) [Sun, 31 Mar 2019 16:04:35 +0000 (18:04 +0200)]
EDITME: Add comment about DMARC_TLD_FILE
Jeremy Harris [Sat, 30 Mar 2019 15:41:52 +0000 (15:41 +0000)]
DMARC: check for empty filename for TLD file. Patch testsuite to not break on missing default TLD file.
Jeremy Harris [Fri, 22 Mar 2019 15:00:23 +0000 (15:00 +0000)]
Fix "-bP smtp_receive_timeout". Bug 2384
Heiko Schlittermann (HS12-RIPE) [Thu, 21 Mar 2019 21:42:05 +0000 (22:42 +0100)]
Use the DMARC_TLD_FILE from config.h.defaults and Local/Makefile
Jeremy Harris [Thu, 21 Mar 2019 19:54:31 +0000 (19:54 +0000)]
Harden plaintext authenticator
Jeremy Harris [Wed, 20 Mar 2019 21:21:18 +0000 (21:21 +0000)]
Testsuite: tidy removed testcase files
Jeremy Harris [Tue, 19 Mar 2019 15:33:31 +0000 (15:33 +0000)]
OpenSSL: Fix aggregation of messages.
Broken-by: a5ffa9b475
Jeremy Harris [Mon, 18 Mar 2019 00:31:43 +0000 (00:31 +0000)]
Logging: fix initial listening-on log line
Simon Arlott [Sat, 16 Mar 2019 16:01:15 +0000 (16:01 +0000)]
Add caseless option to verify=not_blind. Bug 2356
Jeremy Harris [Fri, 15 Mar 2019 22:01:07 +0000 (22:01 +0000)]
Retire EXPERIMENTAL_REQUIRETLS
Jeremy Harris [Fri, 15 Mar 2019 18:28:23 +0000 (18:28 +0000)]
Docs: more indexing for daemon-reload
Jeremy Harris [Thu, 14 Mar 2019 12:26:34 +0000 (12:26 +0000)]
Fix crash from SRV lookup hitting a CNAME
Heiko Schlittermann (HS12-RIPE) [Wed, 13 Mar 2019 20:53:12 +0000 (21:53 +0100)]
doc: Clarify the IPv4-mapped IPv6 lookups.
Credits to Andreas Metzler <eximusers@bebt.de>.
Heiko Schlittermann (HS12-RIPE) [Wed, 13 Mar 2019 20:43:52 +0000 (21:43 +0100)]
Build process: Mention Local/Makefile-<buildname>
Jeremy Harris [Tue, 12 Mar 2019 23:30:03 +0000 (23:30 +0000)]
Fix debug output of TLS keying info, client-side with OpenSSL
Jeremy Harris [Tue, 12 Mar 2019 22:50:10 +0000 (22:50 +0000)]
Testsuite: add testcase showing outgoing-conn local interface
Jeremy Harris [Tue, 12 Mar 2019 20:17:22 +0000 (20:17 +0000)]
Testsuite: munge standard port numbers in logs
Heiko Schlittermann (HS12-RIPE) [Fri, 8 Mar 2019 17:29:20 +0000 (18:29 +0100)]
Add missing colon when logging outgoing I=
Credits to Larry Rosenman <ler@lerctr.org> for reporting this.
Jeremy Harris [Tue, 26 Feb 2019 20:18:51 +0000 (20:18 +0000)]
Docs: Add note on lsearch for IPv4-mapped IPv6 addresses
Jeremy Harris [Tue, 26 Feb 2019 18:10:12 +0000 (18:10 +0000)]
Docs: Add note on lsearch for IPv4-mapped IPv6 addresses
Heiko Schlittermann (HS12-RIPE) [Sun, 24 Feb 2019 22:39:31 +0000 (23:39 +0100)]
Testsuite: fix version mismatch caused by new version scheme
Jeremy Harris [Sun, 24 Feb 2019 01:49:43 +0000 (01:49 +0000)]
Testsuite: fix installation-error message
Broken-by: 01c5946016
Jeremy Harris [Wed, 20 Feb 2019 16:12:16 +0000 (16:12 +0000)]
Fix use of unintialized variable
Broken-by: c05bdbd6fc
Heiko Schlittermann (HS12-RIPE) [Wed, 20 Feb 2019 14:33:43 +0000 (15:33 +0100)]
Do not output the version from reversion script run
Heiko Schlittermann (HS12-RIPE) [Wed, 20 Feb 2019 14:22:07 +0000 (15:22 +0100)]
mk_exim_release: enable flexible compressor selection
Heiko Schlittermann (HS12-RIPE) [Wed, 20 Feb 2019 12:48:33 +0000 (13:48 +0100)]
mk_exim_release: include *full* version in docs
This matches the output from exim -bV
Heiko Schlittermann (HS12-RIPE) [Wed, 20 Feb 2019 14:50:40 +0000 (15:50 +0100)]
mk_exim_release: add --no-sizes option
Heiko Schlittermann (HS12-RIPE) [Tue, 19 Feb 2019 20:20:36 +0000 (21:20 +0100)]
mk_exim_release: add --quick option
This allows to cut a "release" on any commit
Jeremy Harris [Fri, 28 Dec 2018 11:52:43 +0000 (11:52 +0000)]
TLS: refactor client-start interface
Jasen Betts [Mon, 18 Feb 2019 13:52:16 +0000 (13:52 +0000)]
Fix expansions for RFC 822 addresses having comments in local-part and/or domain. Bug 2375
Jeremy Harris [Sat, 16 Feb 2019 12:59:23 +0000 (12:59 +0000)]
GnuTLS: Fix client detection of server reject of client cert under TLS1.3
Jeremy Harris [Thu, 14 Feb 2019 17:14:34 +0000 (17:14 +0000)]
Fix info on using local_scan() in the default Makefile
Broken-by: 9723f96673
Jeremy Harris [Thu, 14 Feb 2019 16:44:46 +0000 (16:44 +0000)]
Docs: update DKIM standards info
Jeremy Harris [Tue, 12 Feb 2019 16:52:51 +0000 (16:52 +0000)]
Fix transport buffer size handling
Broken-by: 59932f7dcd
Jeremy Harris [Tue, 12 Feb 2019 16:06:46 +0000 (16:06 +0000)]
Testsuite: output changes for OpenSSL versions
Jeremy Harris [Tue, 12 Feb 2019 15:53:11 +0000 (15:53 +0000)]
Testsuite: output changes arising
Jeremy Harris [Tue, 1 Jan 2019 16:21:02 +0000 (16:21 +0000)]
Logging: created Message-IDs. Selectors for created and all IDs. Bugs 219, 1840, 2339
Jeremy Harris [Tue, 12 Feb 2019 11:32:08 +0000 (11:32 +0000)]
Merge branch '4.next'
Jeremy Harris [Sun, 10 Feb 2019 20:25:59 +0000 (20:25 +0000)]
Testsuite: account for (now) properly working Perl locale
Jeremy Harris [Sun, 10 Feb 2019 19:48:57 +0000 (19:48 +0000)]
GnuTLS: trim error messages
Jeremy Harris [Sun, 10 Feb 2019 19:15:43 +0000 (19:15 +0000)]
Testsuite: harden for TLS1.3 under GnuTLS
Jeremy Harris [Sun, 10 Feb 2019 14:32:46 +0000 (14:32 +0000)]
Testsuite: For GnuTLS when we're testing authentications requested via pri-string, disable TLS1.3
On GnuTLS 3.6.5 is appears to ignore the given priority, if it can use 1.3
Jeremy Harris [Tue, 5 Feb 2019 23:19:00 +0000 (23:19 +0000)]
DKIM: ensure that dkim_domain elements are lowercased before use. Bug 2371
(cherry picked from commit
f3c73adaa541ae54092467a29668ac32894ef1dc)
Jeremy Harris [Tue, 5 Feb 2019 18:49:46 +0000 (18:49 +0000)]
Docs: extra detail on proxy-protocol
(cherry picked from commit
5376b7ca07e9b00e2552f33270e79c59840a9778)
Jeremy Harris [Sun, 3 Feb 2019 22:12:48 +0000 (22:12 +0000)]
TLS: add variables for the IETF standard name for the connection ciphersuite
(cherry picked from commit
ffc3d145e3819e1a3762caa1bbe8b07e723fbaf2)
Jeremy Harris [Sun, 3 Feb 2019 21:00:37 +0000 (21:00 +0000)]
Testsuite: munge GnuTLS and OpenSSL ciphersuite strings to be more similar
(cherry picked from commit
25d5d9f98ebb30acc8b269c6594f4bc1e1abe654)
Jeremy Harris [Sun, 3 Feb 2019 11:35:30 +0000 (11:35 +0000)]
tidying
Jeremy Harris [Sat, 2 Feb 2019 15:32:50 +0000 (15:32 +0000)]
Use separate routine for translating return-codes to printable strings
(cherry picked from commit
9c5e54499afef5167bee6ecdcbf8dd5f023f51e0)
Jeremy Harris [Sun, 27 Jan 2019 22:23:31 +0000 (22:23 +0000)]
Debug: config file name & line number for each ACL verb
(cherry picked from commit
9e160d8100cd15517a3444c1ad8ab81e51399582)
Jeremy Harris [Sun, 10 Feb 2019 23:50:39 +0000 (23:50 +0000)]
JSON: add iterative conditions for arrays
(cherry picked from commit
c5c57c4eafde32a0632c2a00bdc634860fc5d06d)
Jeremy Harris [Sat, 9 Feb 2019 17:07:23 +0000 (17:07 +0000)]
JSON: add jsons extract variant, to strip quotes from string results
Jeremy Harris [Sat, 19 Jan 2019 22:28:54 +0000 (22:28 +0000)]
Events: log a non-success when a client connect is denied by an event
(cherry picked from commit
6bc9c745b64e669161a04f4dd72de4dbba9fbdd2)
Jeremy Harris [Wed, 16 Jan 2019 15:12:33 +0000 (15:12 +0000)]
GnuTLS: Debug output keying info. OpenSSL: TLS1.2 keying.
(cherry picked from commit
385b593e795430036b1685eed9d78d6c83cfcd67)
Jeremy Harris [Sat, 9 Feb 2019 16:56:59 +0000 (16:56 +0000)]
Fix json extract operator for unfound case
Jeremy Harris [Sat, 9 Feb 2019 16:48:08 +0000 (16:48 +0000)]
Jeremy Harris [Sat, 5 Jan 2019 20:40:08 +0000 (20:40 +0000)]
EXTERNAL authenticator
(cherry picked from commit
c4a8c663b74a35b547d8320547079ca56b3b772e)
Jeremy Harris [Sat, 5 Jan 2019 17:57:01 +0000 (17:57 +0000)]
Authenticators: refactor SASL support code
(cherry picked from commit
a310a8d09c56e6049714ae4e4070c16ecb6aa2b1)
Jeremy Harris [Sat, 5 Jan 2019 18:51:19 +0000 (18:51 +0000)]
constification
(cherry picked from commit
e8a25e05698e39a45cf5f188476808ef3609dbdd)
Jeremy Harris [Sun, 30 Dec 2018 22:46:25 +0000 (22:46 +0000)]
OpenSSL: send no TLS1.3 session tickets
(cherry picked from commit
09fa60df6e9929364a2c0830eff1e0f4f27ba095)
Jeremy Harris [Sun, 30 Dec 2018 22:51:18 +0000 (22:51 +0000)]
OpenSSL: Debug output TLS 1.3 keying
(cherry picked from commit
3c1f3b85aa4139ba062268ca958bab0dd0d64140)
Jeremy Harris [Sun, 30 Dec 2018 18:17:56 +0000 (18:17 +0000)]
Jeremy Harris [Sat, 29 Dec 2018 19:27:20 +0000 (19:27 +0000)]
Use single TCP segment for SMTP, TLS and TCP closes.
(cherry picked from commit
a7846940c876fd2a76b89240aa83e7083ae9650a)
Jeremy Harris [Sat, 29 Dec 2018 18:41:48 +0000 (18:41 +0000)]
OpenSSSL: support write-with-more-intent in client
(cherry picked from commit
f6a1bb920eebdba0d4a6c295c4d054307b49b2b1)
Jeremy Harris [Sun, 16 Dec 2018 22:24:00 +0000 (22:24 +0000)]
Use C99 initialisations for iterators
(cherry picked from commit
db3f7b6972f3b003c0413b78afcfbe295ffe0b97)
Jeremy Harris [Sun, 10 Feb 2019 23:09:57 +0000 (23:09 +0000)]
Docs: clean for next release
Jeremy Harris [Sun, 10 Feb 2019 20:25:59 +0000 (20:25 +0000)]
Testsuite: account for (now) properly working Perl locale
Jeremy Harris [Sun, 10 Feb 2019 19:48:57 +0000 (19:48 +0000)]
GnuTLS: trim error messages
Jeremy Harris [Sun, 10 Feb 2019 19:15:43 +0000 (19:15 +0000)]
Testsuite: harden for TLS1.3 under GnuTLS
Jeremy Harris [Sun, 10 Feb 2019 19:13:42 +0000 (19:13 +0000)]
Testsuite: output changes resulting
Jeremy Harris [Sun, 10 Feb 2019 15:12:25 +0000 (15:12 +0000)]
Testsuite: munge for TLS1.3 under GnuTLS
Jeremy Harris [Sun, 10 Feb 2019 14:32:46 +0000 (14:32 +0000)]
Testsuite: For GnuTLS when we're testing authentications requested via pri-string, disable TLS1.3
On GnuTLS 3.6.5 is appears to ignore the given priority, if it can use 1.3
Jeremy Harris [Sat, 9 Feb 2019 14:57:46 +0000 (14:57 +0000)]
JSON: fix crashes in ${extract jsons } and ${extract json {digits} }
Broken-by: 386ab6457b and 8fdf20fd84
Jeremy Harris [Tue, 5 Feb 2019 23:19:00 +0000 (23:19 +0000)]
DKIM: ensure that dkim_domain elements are lowercased before use. Bug 2371
Jeremy Harris [Tue, 5 Feb 2019 18:49:46 +0000 (18:49 +0000)]
Docs: extra detail on proxy-protocol
Jeremy Harris [Sun, 3 Feb 2019 22:12:48 +0000 (22:12 +0000)]
TLS: add variables for the IETF standard name for the connection ciphersuite
Jeremy Harris [Sun, 3 Feb 2019 21:00:37 +0000 (21:00 +0000)]
Testsuite: munge GnuTLS and OpenSSL ciphersuite strings to be more similar
Jeremy Harris [Sun, 3 Feb 2019 11:35:30 +0000 (11:35 +0000)]
tidying
Jeremy Harris [Sat, 2 Feb 2019 15:35:14 +0000 (15:35 +0000)]
Testsuite: output changes arising
Broken-by: 9e160d8100
Jeremy Harris [Sat, 2 Feb 2019 15:32:50 +0000 (15:32 +0000)]
Use separate routine for translating return-codes to printable strings
Mad Alex [Wed, 30 Jan 2019 13:57:36 +0000 (13:57 +0000)]
Fix dkim_verify_signers option. Bug 2366
Testsuite coverage by jgh.
Broken-by: d342446f29
Jeremy Harris [Tue, 29 Jan 2019 15:27:26 +0000 (15:27 +0000)]
Docs: clarify quoting for $pipe_addresses
The texinfo output version has single-quotes round a variable,
so the sentence saying "precisely the text" was difficult to
interpret.
Odihambo Washington [Tue, 29 Jan 2019 11:10:26 +0000 (11:10 +0000)]
Docs: correct spamd port
Jeremy Harris [Sun, 27 Jan 2019 22:23:31 +0000 (22:23 +0000)]
Debug: config file name & line number for each ACL verb
Heiko Schlittermann (HS12-RIPE) [Sun, 27 Jan 2019 18:53:31 +0000 (19:53 +0100)]
configure.default: spacing, de-tabbing
Jeremy Harris [Sat, 12 Jan 2019 20:47:23 +0000 (20:47 +0000)]
Add basic framework for PRDR use with per-user content filters to example config.
Mostly commented-out and with dummy lookups since we do not know what sorts
of filtering may be employed.
(cherry picked from commit
b220576b3ba5396af6b3e0f45739f269079f8fc5)
Heiko Schlittermann (HS12-RIPE) [Tue, 22 Jan 2019 21:33:47 +0000 (22:33 +0100)]
mk_exim_release: tidy
Jeremy Harris [Thu, 24 Jan 2019 21:35:22 +0000 (21:35 +0000)]
Docs: crossref list-separator changing
Jeremy Harris [Thu, 24 Jan 2019 21:21:29 +0000 (21:21 +0000)]
Docs: crossref dlfunc API
Jeremy Harris [Wed, 23 Jan 2019 12:45:44 +0000 (12:45 +0000)]
Docs: fix xml
Broken-by: 386ab6457b
Jeremy Harris [Tue, 22 Jan 2019 22:48:14 +0000 (22:48 +0000)]
JSON: add iterative conditions for arrays
Jeremy Harris [Tue, 22 Jan 2019 20:57:58 +0000 (20:57 +0000)]
JSON: add jsons extract variant, to strip quotes from string results
Jeremy Harris [Sat, 19 Jan 2019 22:28:54 +0000 (22:28 +0000)]
Events: log a non-success when a client connect is denied by an event
Jeremy Harris [Wed, 16 Jan 2019 16:52:33 +0000 (16:52 +0000)]
Fix build with older TLS library versions
Jeremy Harris [Wed, 16 Jan 2019 15:12:33 +0000 (15:12 +0000)]
GnuTLS: Debug output keying info. OpenSSL: TLS1.2 keying.
Jeremy Harris [Sun, 13 Jan 2019 17:11:18 +0000 (17:11 +0000)]
Docs: add warning on OCSP must-staple certs vs. client-cert use.
Jeremy Harris [Sat, 12 Jan 2019 20:47:23 +0000 (20:47 +0000)]
Add basic framework for PRDR use with per-user content filters to example config.
Mostly commented-out and with dummy lookups since we do not know what sorts
of filtering may be employed.