Jeremy Harris [Tue, 22 Nov 2016 15:22:11 +0000 (15:22 +0000)]
DKIM: More validation of DNS key record. Bug 1926
Jeremy Harris [Sun, 11 Dec 2016 16:36:09 +0000 (16:36 +0000)]
OpenSSL: add detail to certname verify fail log line
Jeremy Harris [Sun, 4 Dec 2016 11:21:55 +0000 (11:21 +0000)]
Pipe transport: expand the path option
Jeremy Harris [Sat, 26 Nov 2016 18:35:48 +0000 (18:35 +0000)]
Testsuite: enhance IDNA examples; move to IDNA-2008 conversions
Jeremy Harris [Tue, 27 Dec 2016 16:47:36 +0000 (16:47 +0000)]
Docs: clarify headers availability in data-time ACLs
Jeremy Harris [Sat, 26 Nov 2016 18:35:48 +0000 (18:35 +0000)]
I18N: support IDNA2008. Bug 1911
Jeremy Harris [Sun, 25 Dec 2016 11:54:37 +0000 (11:54 +0000)]
Docs: Clean for next release
Heiko Schlittermann (HS12-RIPE) [Thu, 22 Dec 2016 11:01:16 +0000 (12:01 +0100)]
Doc: clarify CVE-2016-9963
Heiko Schlittermann (HS12-RIPE) [Sat, 17 Dec 2016 17:15:35 +0000 (18:15 +0100)]
Doc: short description of CVE-2016-9963
Jeremy Harris [Fri, 16 Dec 2016 20:45:44 +0000 (20:45 +0000)]
Fix DKIM information leakage
Jeremy Harris [Fri, 16 Dec 2016 23:05:54 +0000 (23:05 +0000)]
Docs: typo
Heiko Schlittermann (HS12-RIPE) [Sun, 4 Dec 2016 17:40:21 +0000 (18:40 +0100)]
Use long names for the _DRIVER_*, and _OPT_* macros
Heiko Schlittermann (HS12-RIPE) [Fri, 9 Dec 2016 12:18:09 +0000 (13:18 +0100)]
Doc: fix minor typos
Jeremy Harris [Wed, 7 Dec 2016 15:00:37 +0000 (15:00 +0000)]
Testsuite: ipv6 output changes
Heiko Schlittermann (HS12-RIPE) [Sun, 4 Dec 2016 22:34:13 +0000 (23:34 +0100)]
Testsuite: honour the "build" environment variable
Heiko Schlittermann (HS12-RIPE) [Fri, 2 Dec 2016 13:32:08 +0000 (14:32 +0100)]
OpenSSL: default to tls_eccurve = auto
For OpenSSL < 1.0.2: fallback to prime256v1, for newer libraries
rely on auto-selection.
Jeremy Harris [Sun, 4 Dec 2016 13:00:26 +0000 (13:00 +0000)]
Testsuite: more pipe transport / perl cases
Jeremy Harris [Sun, 4 Dec 2016 10:53:17 +0000 (10:53 +0000)]
Testsuite: set path for use of perl by pipe transport
FreeBSD places perl in a nonstandard (for the pipe transport) directory
Jeremy Harris [Sun, 4 Dec 2016 00:12:17 +0000 (00:12 +0000)]
Testsuite: remove outdated flavour result files
Jeremy Harris [Sat, 3 Dec 2016 23:41:13 +0000 (23:41 +0000)]
Testsuite: platform variance for perl utility location
Jeremy Harris [Sat, 3 Dec 2016 23:26:26 +0000 (23:26 +0000)]
Testsuite: ipv6 source address platform variance
Jeremy Harris [Sat, 3 Dec 2016 23:07:12 +0000 (23:07 +0000)]
Testsuite: ensure delivery order
Jeremy Harris [Sat, 3 Dec 2016 21:51:14 +0000 (21:51 +0000)]
Testsuite: OpenSSL error lines change going to 1.1
Jeremy Harris [Sat, 3 Dec 2016 19:37:16 +0000 (19:37 +0000)]
Build: disable OCSP, AUTH_TLS and EXPERIMENTAL_CERTNAMES if SUPPORT_TLS is not enabled
Jeremy Harris [Sat, 3 Dec 2016 19:18:28 +0000 (19:18 +0000)]
Testsuite: OpenSSL info output during conn changes going to 1.1; give up trying to track changes
Heiko Schlittermann (HS12-RIPE) [Tue, 29 Nov 2016 14:57:11 +0000 (15:57 +0100)]
Doc: Add hint about spamd and half-closed connections
Heiko Schlittermann (HS12-RIPE) [Mon, 28 Nov 2016 10:34:57 +0000 (11:34 +0100)]
Doc: Minor corrections/additions
Jeremy Harris [Sat, 26 Nov 2016 18:38:57 +0000 (18:38 +0000)]
Testsuite: annotate I18N conversions
Jeremy Harris [Fri, 25 Nov 2016 12:17:54 +0000 (12:17 +0000)]
Update ChangeLog
Heiko Schlittermann (HS12-RIPE) [Thu, 24 Nov 2016 14:11:12 +0000 (15:11 +0100)]
Testsuite: distribute configure script
configure needs to be created by autoreconf. Autoconf
It is not always available.
Heiko Schlittermann (HS12-RIPE) [Thu, 24 Nov 2016 14:10:06 +0000 (15:10 +0100)]
Testsuite: do not use VPATH and $<
It is not portable, was a GNU extension, available in GNU make
only.
Heiko Schlittermann (HS12-RIPE) [Thu, 24 Nov 2016 12:02:53 +0000 (13:02 +0100)]
Testsuite: patchexim now uses /usr/bin/env
Heiko Schlittermann (HS12-RIPE) [Thu, 24 Nov 2016 11:59:07 +0000 (12:59 +0100)]
Testsuite: ignore run-summary.log
Heiko Schlittermann (HS12-RIPE) [Thu, 24 Nov 2016 11:56:37 +0000 (12:56 +0100)]
Testsuite: fix minor warning in runtest
Heiko Schlittermann (HS12-RIPE) [Wed, 23 Nov 2016 18:51:59 +0000 (19:51 +0100)]
Testsuite: more diag info if initial Exim startup fails
Heiko Schlittermann (HS12-RIPE) [Wed, 23 Nov 2016 16:36:26 +0000 (17:36 +0100)]
Testsuite: show output from failed exim -d -bP exim_user
Heiko Schlittermann (HS12-RIPE) [Wed, 23 Nov 2016 15:04:24 +0000 (16:04 +0100)]
Testsuite: fix warning
Heiko Schlittermann (HS12-RIPE) [Wed, 23 Nov 2016 14:36:51 +0000 (15:36 +0100)]
Revert "Testsuite: Debian8 GnuTLS does not support OCSP. Add flavour files."
This reverts commit
28660ab6ff99d24fdabe3ce0d9feb3478de1015b.
On Debian8 OCSP doesn't work with GnuTLS. Local/Makefile allows
to configure this (DISABLE_OCSP=yes), thus neither it is a test failure,
nor is it a specific flavour, it's just a build mis-configuration.
Heiko Schlittermann (HS12-RIPE) [Wed, 23 Nov 2016 12:42:43 +0000 (13:42 +0100)]
Testsuite: Debian8 GnuTLS does not support OCSP. Add flavour files.
5651 is still unstable.
Heiko Schlittermann (HS12-RIPE) [Wed, 23 Nov 2016 11:02:26 +0000 (12:02 +0100)]
Fix memory leak on (Gnu)TLS close.
This leak doesn't show up under normal operation, as the process
normally dies right after closing the session.
But during callout repetitive TLS sessions are opened and closed from
the same process (the process receiving the message). Depending on
the amount of RAM and the number of callouts the same process does,
this may be a problem. (On an amd64 machine with 4GB RAM, at about 1000
recipients the memory is exhausted.)
Heiko Schlittermann (HS12-RIPE) [Wed, 23 Nov 2016 09:51:51 +0000 (10:51 +0100)]
Fix crash in (Gnu)TLS debug output
Heiko Schlittermann (HS12-RIPE) [Mon, 21 Nov 2016 22:41:16 +0000 (23:41 +0100)]
Testsuite: prepare shadow (vpath) builds
Jeremy Harris [Sat, 19 Nov 2016 20:58:18 +0000 (20:58 +0000)]
Testsuite: fix for not-previously-existing logfile
Jeremy Harris [Sat, 19 Nov 2016 20:44:05 +0000 (20:44 +0000)]
Testsuite: output a machine-readable results summary file
The intent is for finegrain results display in the buildfarm.
Jeremy Harris [Sat, 19 Nov 2016 17:35:12 +0000 (17:35 +0000)]
Testsuite another platform difference in errstr
Jeremy Harris [Sat, 19 Nov 2016 14:11:03 +0000 (14:11 +0000)]
Testsuite: fix platforn TFO nonsupprt munge
Jeremy Harris [Sat, 19 Nov 2016 13:37:02 +0000 (13:37 +0000)]
Testsuite: Munge for platform TFO nonsupport
Jeremy Harris [Tue, 15 Nov 2016 14:32:40 +0000 (14:32 +0000)]
Callout: wait for response to QUIT before closing
Heiko Schlittermann (HS12-RIPE) [Mon, 14 Nov 2016 21:04:17 +0000 (22:04 +0100)]
Testsuite: tidyup runtest (quotes and some my variables)
Heiko Schlittermann (HS12-RIPE) [Mon, 14 Nov 2016 20:18:01 +0000 (21:18 +0100)]
Testsuite: make 4009,4015 independend on user name length
Heiko Schlittermann (HS12-RIPE) [Sat, 12 Nov 2016 12:42:20 +0000 (13:42 +0100)]
Testsuite: Add verbose comments to 5840
Heiko Schlittermann (HS12-RIPE) [Sat, 12 Nov 2016 12:36:38 +0000 (13:36 +0100)]
Testsuite: enable verbose comments
Comments in script files, matching /^###\s/, will be copied
to test-{stdout,err}{,-server}. This is intended to ease the
mapping between error messages (failed comparisons) to the script part,
causing the failure.
Heiko Schlittermann (HS12-RIPE) [Sat, 12 Nov 2016 12:34:22 +0000 (13:34 +0100)]
Testsuite: tidy-up runtest
This will be done step by step, to get a more readable(?)
version. At least the result will be more consistent in coding style
somewhen
Jeremy Harris [Tue, 8 Nov 2016 23:40:09 +0000 (23:40 +0000)]
Tidying: coverity issues
Jeremy Harris [Sun, 13 Nov 2016 16:33:03 +0000 (16:33 +0000)]
OpenSSL 1.1 - update testsuite for retired ciphers
Heiko Schlittermann (HS12-RIPE) [Sat, 12 Nov 2016 21:48:37 +0000 (22:48 +0100)]
Testsuite: Assume '' for missing VERSION_ID
Jeremy Harris [Sat, 12 Nov 2016 20:50:21 +0000 (20:50 +0000)]
OpenLLS 1.1 - Testsuite
Jeremy Harris [Sat, 12 Nov 2016 20:16:31 +0000 (20:16 +0000)]
DANE: Bitrot: Port to OpenSSL >= 1.1.0
Jeremy Harris [Sat, 12 Nov 2016 19:13:25 +0000 (19:13 +0000)]
OpenSSL 1.1 - STORE_CTX accessor functions
Jeremy Harris [Sat, 12 Nov 2016 15:44:51 +0000 (15:44 +0000)]
OpenSSL 1.1 - rework OCSP proof verification at load time in server
Jeremy Harris [Fri, 11 Nov 2016 16:11:00 +0000 (16:11 +0000)]
Revert "Testsuite: tidyup runtest"
This reverts commit
2d47f67729aecd3dcbacdfd303b719893f2d61fa.
Fails on some buildfarm animals (older perl version?); the "r" option on a / edit
Jeremy Harris [Tue, 8 Nov 2016 23:04:56 +0000 (23:04 +0000)]
Testsuite: 4509 independent of calling user
Jeremy Harris [Tue, 8 Nov 2016 22:56:13 +0000 (22:56 +0000)]
Testsuite: 2091,5403 independent of calling user
Heiko Schlittermann (HS12-RIPE) [Tue, 8 Nov 2016 21:28:05 +0000 (22:28 +0100)]
Testsuite: 2191 independend on calling user
Heiko Schlittermann (HS12-RIPE) [Tue, 8 Nov 2016 21:22:11 +0000 (22:22 +0100)]
Testsuite: tidyup runtest
Jeremy Harris [Sun, 6 Nov 2016 23:10:34 +0000 (23:10 +0000)]
Ensure socket is nonblocking before draining. Bug 1914
Jeremy Harris [Sun, 6 Nov 2016 13:56:46 +0000 (13:56 +0000)]
tidying
Heiko Schlittermann (HS12-RIPE) [Fri, 4 Nov 2016 23:57:23 +0000 (00:57 +0100)]
Testsuite: use @ISA instead of 'parent'
Use parent is available on Perl >= 5.10.1, some old CentOS
do not have it.
Heiko Schlittermann (HS12-RIPE) [Fri, 4 Nov 2016 23:50:37 +0000 (00:50 +0100)]
Testsuite: limited support for Content-length:
The simulation of the rspamd protocol needs this, as rspamd-client
sends this Content-length header and newer rspamd-servers
honour this header in favour of a half closed connection.
Heiko Schlittermann (HS12-RIPE) [Fri, 4 Nov 2016 23:49:52 +0000 (00:49 +0100)]
Testsuite: remove \r line endings from script file
Heiko Schlittermann (HS12-RIPE) [Fri, 4 Nov 2016 15:27:50 +0000 (16:27 +0100)]
Testsuite: Update debian8 flavour
Heiko Schlittermann (HS12-RIPE) [Fri, 4 Nov 2016 14:36:50 +0000 (15:36 +0100)]
Testsuite: Add flavour detection
Heiko Schlittermann (HS12-RIPE) [Fri, 4 Nov 2016 14:02:47 +0000 (15:02 +0100)]
Testsuite: fixe lower/upper case fix in OpenSSL munging
Heiko Schlittermann (HS12-RIPE) [Fri, 4 Nov 2016 13:26:35 +0000 (14:26 +0100)]
Add syslog_pid option.
This option suppresses the PID duplication to syslog. As syslog/systemd
add the PID of the logging process automatically.
Heiko Schlittermann (HS12-RIPE) [Fri, 4 Nov 2016 11:02:32 +0000 (12:02 +0100)]
Testsuite: tidyup
Andrew Lewis [Tue, 11 Oct 2016 15:48:23 +0000 (17:48 +0200)]
Do not use shutdown() when talking to rspamd. Fixes 1802
Heiko Schlittermann (HS12-RIPE) [Thu, 3 Nov 2016 23:08:59 +0000 (00:08 +0100)]
Introduce EXIM_BUILD_SUFFIX for src/Makefile and testsuite
This enables parallel builds in a shared directory, if they have
the same os-type and arch-type. Think about EXIM_BUILD_SUFFIX
as 'name of your linux distro'
Heiko Schlittermann (HS12-RIPE) [Thu, 3 Nov 2016 19:19:06 +0000 (20:19 +0100)]
Testsuite: Exim::Runtest uses parent Exporter
Heiko Schlittermann (HS12-RIPE) [Thu, 3 Nov 2016 09:15:16 +0000 (10:15 +0100)]
Testsuite: Add more tests to Exim::Runtest tests
Heiko Schlittermann (HS12-RIPE) [Thu, 3 Nov 2016 09:14:54 +0000 (10:14 +0100)]
Testsuite: Add POD to Exim::Runtest
Heiko Schlittermann (HS12-RIPE) [Thu, 3 Nov 2016 08:45:17 +0000 (09:45 +0100)]
Testsuite: check dynamic port >= 1024 to avoid permission problems
Heiko Schlittermann (HS12-RIPE) [Thu, 3 Nov 2016 08:37:02 +0000 (09:37 +0100)]
Testsuite: move dynamic_socket to Exim::Runtest
Heiko Schlittermann (HS12-RIPE) [Thu, 3 Nov 2016 08:36:25 +0000 (09:36 +0100)]
Testsuite: structure the testsuite test
Heiko Schlittermann (HS12-RIPE) [Wed, 2 Nov 2016 22:19:31 +0000 (23:19 +0100)]
Testsuite: README for t/
Heiko Schlittermann (HS12-RIPE) [Wed, 2 Nov 2016 22:16:49 +0000 (23:16 +0100)]
Testsuite: started t/ to add tests for the testsuite
Jeremy Harris [Wed, 2 Nov 2016 21:30:16 +0000 (21:30 +0000)]
Fix OCSP proof verification for direct-signed proofs. Bug 1909
Jeremy Harris [Wed, 2 Nov 2016 21:25:49 +0000 (21:25 +0000)]
Testsuite: replicate testcases for LE OCSP
Jeremy Harris [Tue, 1 Nov 2016 18:35:39 +0000 (18:35 +0000)]
Testsuite: regen certs, now with additional LetsEncrypt-style OCSP proofs
Jeremy Harris [Sun, 30 Oct 2016 19:05:26 +0000 (19:05 +0000)]
Reverse the scan direction for option-table builtin macros
so that names with substring-names work usefully
Heiko Schlittermann (HS12-RIPE) [Wed, 2 Nov 2016 21:28:18 +0000 (22:28 +0100)]
Testsuite: find a group name if 'mail' is not available.
If the group 'mail' does not exist (as on some *BSD systems),
test 0001 fails. We now use a randomly choosen group, if necessary.
The group name isn't used for anything else than testing the config
file parser.
Heiko Schlittermann (HS12-RIPE) [Tue, 1 Nov 2016 12:58:36 +0000 (13:58 +0100)]
Testsuite: do not attempt to open /dev/tty if in -CONTINUE mode
Jeremy Harris [Sat, 29 Oct 2016 22:06:49 +0000 (23:06 +0100)]
Testsuite: tidying
Jeremy Harris [Sat, 29 Oct 2016 19:51:44 +0000 (20:51 +0100)]
Tidying: coverity issues
Jeremy Harris [Sat, 29 Oct 2016 17:54:49 +0000 (18:54 +0100)]
Fix dns authority-name lookup
Jeremy Harris [Sat, 29 Oct 2016 16:51:38 +0000 (17:51 +0100)]
constification
Jeremy Harris [Sat, 29 Oct 2016 14:22:23 +0000 (15:22 +0100)]
Testsuite: tidying
Jeremy Harris [Sat, 29 Oct 2016 12:35:52 +0000 (13:35 +0100)]
Testsuite: tidying
Jeremy Harris [Sun, 23 Oct 2016 17:15:26 +0000 (18:15 +0100)]
tidying
Jeremy Harris [Tue, 25 Oct 2016 22:48:23 +0000 (23:48 +0100)]
Testsuite: for $parm_hostname use method more similar to readconf() $primary_hostname coding
Jeremy Harris [Tue, 25 Oct 2016 13:59:44 +0000 (14:59 +0100)]
TFO: use IPPROTO_TCP not SOL_TCL for setsockopt, being present on more platforms
Also downgrade errors from panic-log to debug