Jeremy Harris [Sun, 23 Apr 2017 12:52:15 +0000 (13:52 +0100)]
Fix DISABLE_DKIM biuld
Jeremy Harris [Sun, 23 Apr 2017 11:20:43 +0000 (12:20 +0100)]
DKIM: avoid use of temporary file for signing
Jeremy Harris [Tue, 18 Apr 2017 14:13:20 +0000 (15:13 +0100)]
CHUNKING: pipeline data right after the BDAT command
Jeremy Harris [Mon, 17 Apr 2017 19:43:23 +0000 (20:43 +0100)]
Reduce number of places knowing about filename-construction for mbox file-for-scanning
Jeremy Harris [Sun, 16 Apr 2017 15:32:06 +0000 (16:32 +0100)]
Rework detection of multiple ports on a given IP, for the daemon status line
Previously only spotted adjacent cases in the address list, now a full scan
Jeremy Harris [Sun, 16 Apr 2017 16:19:23 +0000 (17:19 +0100)]
tidying
Jeremy Harris [Sat, 15 Apr 2017 15:22:52 +0000 (16:22 +0100)]
Transport: fix smtp under combo of mua_wrapper and limited max_rcpt
Jeremy Harris [Fri, 14 Apr 2017 13:29:40 +0000 (14:29 +0100)]
Builtin macros: note config trigger line in debug output
Phil Pennock [Thu, 13 Apr 2017 03:22:36 +0000 (23:22 -0400)]
$SOURCE_DATE_EPOCH support for build date stamp
If, and _only_ if, $SOURCE_DATE_EPOCH is found in environ during build,
use it to set the timestamp embedded in the binary instead of using
__DATE__ and __TIME__ cpp directives.
This per <https://reproducible-builds.org/specs/source-date-epoch/>
spec. It's sane and sensible, without removing date stamping which
matters. The examples encourage packagers to use timestamps which
do change when they backport patches, so that the date remains useful
for distinguishing builds instead of claiming one date forever across
multiple patchlevels.
This change written so that the old behaviour and code is used if the
environment variable is not found, to better continue to support ancient
platforms with other variants of date(1).
Built with and without an override, on macOS.
Jeremy Harris [Sun, 9 Apr 2017 14:42:49 +0000 (15:42 +0100)]
compiler quietening
Nigel Metheringham [Mon, 10 Apr 2017 19:21:36 +0000 (20:21 +0100)]
Remove references to some csx.cam sites
The ftp.csx.cam.ac.uk server is no longer authoratative not even up to date.
The training courses are no longer happening.
Jeremy Harris [Sun, 9 Apr 2017 13:03:31 +0000 (14:03 +0100)]
typo
Jeremy Harris [Sat, 8 Apr 2017 20:59:32 +0000 (21:59 +0100)]
tidying
Jeremy Harris [Thu, 6 Apr 2017 22:39:16 +0000 (23:39 +0100)]
tidying
Jeremy Harris [Thu, 6 Apr 2017 21:58:46 +0000 (22:58 +0100)]
Callout/hold: ensure TLS-proxy process is not waited for as a transport process
Jeremy Harris [Thu, 6 Apr 2017 20:17:29 +0000 (21:17 +0100)]
Debug: show error for SMTP read response
Jeremy Harris [Wed, 5 Apr 2017 22:37:41 +0000 (23:37 +0100)]
Callout/hold: fix uninitialized variable
Jeremy Harris [Mon, 3 Apr 2017 17:12:49 +0000 (18:12 +0100)]
Docs: expand descriptiong of control=debug
Jeremy Harris [Sun, 2 Apr 2017 13:54:39 +0000 (14:54 +0100)]
Openssl: disable session-tickets by default and session-cache always
Jeremy Harris [Sun, 2 Apr 2017 11:50:56 +0000 (12:50 +0100)]
Docs: fix definition of msg:fail:delivery event
Jeremy Harris [Sun, 2 Apr 2017 11:12:56 +0000 (12:12 +0100)]
tidying
Heiko Schlittermann (HS12-RIPE) [Fri, 24 Mar 2017 21:20:37 +0000 (22:20 +0100)]
Documentation: replace http by https where possible
I didn't change the schema for external links. This
needs further checking if the content of https://…
matches the content of http://…
Jeremy Harris [Wed, 22 Mar 2017 21:02:24 +0000 (21:02 +0000)]
tidying
Heiko Schlittermann (HS12-RIPE) [Wed, 22 Mar 2017 15:44:39 +0000 (16:44 +0100)]
Doc: clarify location of DMARC dmarc_tld_file
Jeremy Harris [Tue, 21 Mar 2017 16:16:38 +0000 (16:16 +0000)]
Callouts: a "hold" option for receipient-verify, which keeps the connection open both for
further recipients and for eventual delivery.
Jeremy Harris [Tue, 21 Mar 2017 15:54:00 +0000 (15:54 +0000)]
Logging: make cipher info available for continued-TLS connection deliveries
Heiko Schlittermann (HS12-RIPE) [Mon, 20 Mar 2017 22:04:44 +0000 (23:04 +0100)]
exigrep: migrate to Getopt::Long, allow --no-pager
This gives us long/more descriptive option names.
Add an option to supress the use of a pager.
Heiko Schlittermann (HS12-RIPE) [Sun, 19 Mar 2017 00:12:38 +0000 (01:12 +0100)]
exigrep: use a pager if stdout is connected to a terminal
Heiko Schlittermann (HS12-RIPE) [Sat, 18 Mar 2017 23:44:06 +0000 (00:44 +0100)]
exigrep: add POD and -h, -m
Heiko Schlittermann (HS12-RIPE) [Sat, 18 Mar 2017 17:55:46 +0000 (18:55 +0100)]
Testsuite: allow --range <number> +
Now `runtest <number> +` and `runtest --range <number> +`
do the same.
Heiko Schlittermann (HS12-RIPE) [Sat, 18 Mar 2017 14:34:33 +0000 (15:34 +0100)]
Testsuite: fixup testsuite test about flavours
Support for flavours isn't dropped, but currently
we do not have flavour specific files.
Jeremy Harris [Sat, 18 Mar 2017 14:41:50 +0000 (14:41 +0000)]
Expansions: check numeric values of IPv4 address components
Jeremy Harris [Tue, 14 Mar 2017 16:38:41 +0000 (16:38 +0000)]
Logging: mark continued-TLS connection deliveries with "X-*"
Heiko Schlittermann (HS12-RIPE) [Wed, 1 Mar 2017 23:00:41 +0000 (00:00 +0100)]
Testsuite: add --test and --range options
Heiko Schlittermann (HS12-RIPE) [Wed, 1 Mar 2017 19:22:07 +0000 (20:22 +0100)]
Testsuite: Getopt::Long, --help, --man for runtest
Andrew Colin Kissa [Sun, 12 Mar 2017 19:14:47 +0000 (19:14 +0000)]
Malware: new connection type "f-prot6d" for FPSCAND protocol over TCP
Jeremy Harris [Sat, 11 Mar 2017 20:42:36 +0000 (20:42 +0000)]
Docs: fix description of tls_advertise_hosts
Bernd Kuhls [Sun, 12 Mar 2017 02:01:00 +0000 (21:01 -0500)]
uClibc does not contain gnu/libc-version.h
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Heiko Schlittermann (HS12-RIPE) [Sat, 11 Mar 2017 10:22:02 +0000 (11:22 +0100)]
Testsuite: remove debug "ps" output from 0420
Jeremy Harris [Thu, 9 Mar 2017 09:01:51 +0000 (09:01 +0000)]
Debug: Use UTF-8 linedrawing, for indent partial-markers
Jeremy Harris [Wed, 8 Mar 2017 16:01:54 +0000 (16:01 +0000)]
Shorten long daemon-startup log lines
Jeremy Harris [Wed, 8 Mar 2017 12:42:58 +0000 (12:42 +0000)]
Some platforms (Solaris) do not have AF_LOCAL; use AF_UNIX
Jeremy Harris [Wed, 8 Mar 2017 12:13:18 +0000 (12:13 +0000)]
Docs: fix macro typo
Jeremy Harris [Tue, 7 Mar 2017 22:35:18 +0000 (22:35 +0000)]
Delivery: contined-connection maintaining TLS
Jeremy Harris [Tue, 7 Mar 2017 23:18:53 +0000 (23:18 +0000)]
Docs: clean for next release
Jeremy Harris [Sat, 4 Mar 2017 21:53:33 +0000 (21:53 +0000)]
Debug: Use UTF-8 linedrawing rather than ASCII lineart for grouping expansion tracing messages
Jeremy Harris [Sat, 4 Mar 2017 18:19:24 +0000 (18:19 +0000)]
Testsuite: sys_errlist[] not supported on all platforms
Jeremy Harris [Sat, 4 Mar 2017 17:02:15 +0000 (17:02 +0000)]
Testsuite: do not wait forever for exim daemon to start up
Phil Pennock [Fri, 3 Mar 2017 07:24:11 +0000 (02:24 -0500)]
openssl.txt: stamp RPATH into library too
Jeremy Harris [Tue, 28 Feb 2017 23:57:36 +0000 (23:57 +0000)]
Coverity fixes
Phil Pennock [Tue, 28 Feb 2017 22:39:33 +0000 (17:39 -0500)]
Document Jeremy's ref-count bug-fix as 4.89 JH/19
Jeremy Harris [Tue, 28 Feb 2017 23:15:41 +0000 (23:15 +0000)]
Memory Management: drop another variable ($callout_address) as it goes out of scope.
Jeremy Harris [Tue, 28 Feb 2017 18:24:40 +0000 (18:24 +0000)]
Fix child-address counting.
When a new address was created by a routing step it was possible for the parent address in the tree to
be marked as having zero children, despite the new child having a pointer to the parent. When the child
was then delivered, the count on the parent could go negative or, if other children had been added which
correctly incremented the count, arrive at zero while some children were outstanding. Fix this to
maintin the invariant. While there, make the counter unsigned.
Jeremy Harris [Tue, 28 Feb 2017 09:40:04 +0000 (09:40 +0000)]
Docs: add more Redis info
Heiko Schlittermann (HS12-RIPE) [Mon, 27 Feb 2017 14:11:00 +0000 (15:11 +0100)]
Testsuite: tidying
Heiko Schlittermann (HS12-RIPE) [Mon, 27 Feb 2017 07:16:36 +0000 (08:16 +0100)]
Testsuite: Fix more end-of-input markers (****)
These wrong markers didn't have any impact.
Jeremy Harris [Mon, 27 Feb 2017 14:58:08 +0000 (14:58 +0000)]
Docs: tidy a table
Jeremy Harris [Mon, 27 Feb 2017 13:38:53 +0000 (13:38 +0000)]
Testsuite: reduce trailing 0372 subtest to queue-only
Suboptimal, but sufficient to regression-test the reason it was added (a live acl_m_
variable being store_reset over, after reception (and ACLs) and then referenced
later. The problem was, child procs of the daemon were still running as the following
0373 started up, and left unexpected output files there.
Heiko Schlittermann (HS12-RIPE) [Sun, 26 Feb 2017 22:22:18 +0000 (23:22 +0100)]
Testsuite: Terminate the client input properly
Heiko Schlittermann (HS12-RIPE) [Sun, 26 Feb 2017 22:20:36 +0000 (23:20 +0100)]
Testsuite: Add EXIM_TEST_NUMBER to the environment
Jeremy Harris [Sun, 26 Feb 2017 18:53:06 +0000 (18:53 +0000)]
Add option to control use of shutdown by ${readsocket }. Bug 400
Phil Pennock [Sun, 26 Feb 2017 18:31:28 +0000 (13:31 -0500)]
ChangeLog entry JH/18; applying to 4.89 release
Jeremy Harris [Sun, 26 Feb 2017 14:58:54 +0000 (14:58 +0000)]
DKIM: rework error logging - compiler quietening. Bug 966
Jeremy Harris [Sun, 26 Feb 2017 14:19:27 +0000 (14:19 +0000)]
Testsuite: in force-continue mode, always dump any unexpected paniclog files
Jeremy Harris [Sun, 26 Feb 2017 13:34:10 +0000 (13:34 +0000)]
Testsuite: regression test for Bug 2061
Jeremy Harris [Sun, 26 Feb 2017 01:07:47 +0000 (01:07 +0000)]
Fix ${extract } corrupting an enclosing ${reduce } $value. Bug 2061
Broken-by: 20fcb1e7be45 - Bug 1870
Phil Pennock [Sun, 26 Feb 2017 01:18:08 +0000 (20:18 -0500)]
Point at readline fix on macOS
dlopen() without a qualified path searches env vars and paths stamped
into the binary; Exim is usually setuid, so this becomes just the paths
stamped into the binary. On some platforms (*cough* macOS) libreadline
is not in the usual places.
So show how to stamp the Homebrew location of libreadline into the Exim
binary.
Jeremy Harris [Sat, 25 Feb 2017 21:36:12 +0000 (21:36 +0000)]
Testsuite: set cmdline before running testcase not after
Jeremy Harris [Sat, 25 Feb 2017 18:42:51 +0000 (18:42 +0000)]
DKIM: rework error logging to pass strings back to caller for logging. Bug 966
Jeremy Harris [Sat, 25 Feb 2017 18:32:11 +0000 (18:32 +0000)]
Testsuite: add file-inclusion facility to "client" scripts
Jeremy Harris [Sat, 11 Feb 2017 16:36:23 +0000 (16:36 +0000)]
Memory Management: new main-section config option "debug_store" to control extra internal checking
(cherry picked from commit
10919584f8ad580434442c7d971083f91c315bc0)
Signed-off-by: Phil Pennock <pdp@exim.org>
Phil Pennock [Sat, 25 Feb 2017 03:39:02 +0000 (22:39 -0500)]
Pull in vdukhovni/ssl_dane
8270afba fix
Negating an int and comparing to another int was a bug which we got
lucky on.
Jeremy Harris [Mon, 6 Feb 2017 13:07:42 +0000 (13:07 +0000)]
tidying
Jeremy Harris [Fri, 24 Feb 2017 15:00:40 +0000 (15:00 +0000)]
Memory management: drop $acl_m_ variables explicitly as they go out-of-scope
between message receptions in an SMTP connection
Jeremy Harris [Thu, 23 Feb 2017 09:34:12 +0000 (09:34 +0000)]
Docs: clarify non-applicability of the tls_eccurve option to GnuTLS
Phil Pennock [Thu, 23 Feb 2017 02:24:03 +0000 (21:24 -0500)]
Move bdat_ungetc decl to hdr ∵ receive.c uses too
Phil Pennock [Sun, 19 Feb 2017 22:27:11 +0000 (17:27 -0500)]
releng: able to use gnupg default keys for signing
Git and our previous "must specify one keyid" approach is more
constraining than GnuPG allows; cleanest and simplest way, without
breaking support for people with multiple keys and such like, is to just
provide a way to break out of our logic and say "use the configured
default GnuPG keys".
My PGP key has multiple signing subkeys, one RSA and one
Ed25519; I
think I might try a dual-signature in an upcoming RC to see how many
people scream with broken OpenPGP clients.
Jeremy Harris [Sat, 18 Feb 2017 23:07:14 +0000 (23:07 +0000)]
Testsuite: add option to insert delays, for very slow test platforms
An emulated PPC, running as a VM on x86_64, was seeing testcase fails where
the trailing few log line were missing in munged output, despite on inspection
being present in the spool. Adding a delay before the munge-and-compare
made the issue go away.
Heiko Schlittermann (HS12-RIPE) [Wed, 15 Feb 2017 22:49:20 +0000 (23:49 +0100)]
testsuite: make patchexim more relaxed for tag names
Jeremy Harris [Wed, 15 Feb 2017 21:43:50 +0000 (21:43 +0000)]
Docs: Add commandline option used for chunking on continued connection
Heiko Schlittermann (HS12-RIPE) [Wed, 15 Feb 2017 18:04:56 +0000 (19:04 +0100)]
Tidy quickrelease
Phil Pennock [Wed, 15 Feb 2017 03:22:17 +0000 (22:22 -0500)]
Fix broken-in-queue messages predating CHUNKING fix
util/chunking_fixqueue_finalnewlines.pl walks the queue, fixing any
affected messages; see README.UPDATING.
We're extremely cautious about operation failure.
We do one check without locking messages, so that we can quickly skip
past before trying to lock and contending with an actual delivery. Then
we lock and do another fix.
Note that we use flock, not fcntl, because that's what Perl makes
readily available; we use an OS-guard to barf if the OS is not handled.
Phil Pennock [Tue, 14 Feb 2017 23:20:52 +0000 (18:20 -0500)]
nit: document that `fout` must be open for reading too
Heiko Schlittermann (HS12-RIPE) [Tue, 14 Feb 2017 18:38:41 +0000 (19:38 +0100)]
Fix missing line termination on the last received BDAT chunk (Bug 1974)
Heiko Schlittermann (HS12-RIPE) [Tue, 14 Feb 2017 18:37:28 +0000 (19:37 +0100)]
Use enum { SEEN_LF, …} for ch_state(s)
Phil Pennock [Mon, 13 Feb 2017 02:22:02 +0000 (21:22 -0500)]
Handle PKG_CONFIG_PATH in Local/Makefile
Handle PKG_CONFIG_PATH, stripping whitespace expanding globs, collecting
multiple sets and just build one variable, and use it in environment at
configure time so that the libraries are found.
Phil Pennock [Sun, 12 Feb 2017 22:42:28 +0000 (17:42 -0500)]
Forward-port ChangeLog entries written for release branch
Heiko Schlittermann (HS12-RIPE) [Sun, 12 Feb 2017 18:23:12 +0000 (19:23 +0100)]
os_getcwd(): do not realloc if there was no malloc().
Jeremy Harris [Sun, 12 Feb 2017 16:44:09 +0000 (16:44 +0000)]
DKIM: fix crash with a verification when dkim disabled, under CHUNKING
Jeremy Harris [Sun, 12 Feb 2017 16:30:28 +0000 (16:30 +0000)]
Debug: avoid indenting line-prefixes (timestamp, pid, host-checking marker)
Phil Pennock [Sun, 12 Feb 2017 11:52:36 +0000 (06:52 -0500)]
FreeBSD: only assume iconv for FreeBSD >= 10
Since FreeBSD 10 is the oldest version of the OS supported by the
FreeBSD Project, we shouldn't need this. But people are still using
older versions. On closer examination, it's only been 6 weeks since 9.3
stopped being supported. People ignoring the status are playing with
fire, getting no security updates, but let's not make that _our_
problem.
Guard the "use system iconv" #define for the libiconv package with an OS
version #ifdef.
Phil Pennock [Sun, 12 Feb 2017 11:47:24 +0000 (06:47 -0500)]
4.89 JH/17 -> 4.90 JH/01
Phil Pennock [Sun, 12 Feb 2017 00:56:50 +0000 (19:56 -0500)]
Fix missing Changelog entries for recent work
Phil Pennock [Sun, 12 Feb 2017 00:37:04 +0000 (19:37 -0500)]
Unbreak test_dbfn make-target
doc/dbm.discuss.txt describes how to make and use `test_dbfn` for
testing DB functionality.
Commit
cf0812d5 adds a call to assert_no_variables into store.c which
depends upon expand.c functionality and we can't link that in for
test_dbfn without pulling in half of Exim.
So adjust the test_dbfn target to rebuild store.o in COMPILE_UTILITY
mode and link against that variant, then remove the custom-built store.o
after the executable has been linked.
Jeremy Harris [Sat, 11 Feb 2017 18:20:41 +0000 (18:20 +0000)]
DNS: return explicit error code to caller on dnssec failure, for better logging
Phil Pennock [Sat, 11 Feb 2017 21:10:16 +0000 (16:10 -0500)]
Mention FreeBSD/iconv in README.UPDATING
Phil Pennock [Sat, 11 Feb 2017 02:00:02 +0000 (21:00 -0500)]
Compilation warnings shushing
With this patch, in clang 3.4.1 we get no compilation complaints if
Local/Makefile contains:
CC=clang
CFLAGS+=-Wno-dangling-else -Wno-logical-op-parentheses
* In hash.c, for the OpenSSL case, use assert() to guard the paths which
can't happen, instead of just assuming that the calling code never has
a mistake
* Fix some signed/unsigned issues
* Be explicit about some ignored return values
* Some parens around bit-twiddling
* Use our os_getcwd with its extra guards in one place where getcwd was
called
* FreeBSD: use system iconv, safely, always
(cherry picked from commit
845a3ced80964f562872aba841099adbc8933b40)
Signed-off-by: Phil Pennock <pdp@exim.org>
Phil Pennock [Sat, 11 Feb 2017 00:37:44 +0000 (19:37 -0500)]
perl paranoia about @INC
Jeremy Harris [Sun, 15 Jan 2017 16:50:20 +0000 (16:50 +0000)]
TLS: rework error logging to pass more string back to caller for logging
This permits a library-sourced error to be associated with an address
being delivered, collapsing pairs of log lines
Jeremy Harris [Fri, 10 Feb 2017 11:36:52 +0000 (11:36 +0000)]
Testsuite: fix munging of now-indented date in stdout
Broken-by: e1d04f48a45c