users/jgh/exim.git
8 years agoTestsuite: tidyup runtest (quotes and some my variables)
Heiko Schlittermann (HS12-RIPE) [Mon, 14 Nov 2016 21:04:17 +0000 (22:04 +0100)]
Testsuite: tidyup runtest (quotes and some my variables)

8 years agoTestsuite: make 4009,4015 independend on user name length
Heiko Schlittermann (HS12-RIPE) [Mon, 14 Nov 2016 20:18:01 +0000 (21:18 +0100)]
Testsuite: make 4009,4015 independend on user name length

8 years agoTestsuite: Add verbose comments to 5840
Heiko Schlittermann (HS12-RIPE) [Sat, 12 Nov 2016 12:42:20 +0000 (13:42 +0100)]
Testsuite: Add verbose comments to 5840

8 years agoTestsuite: enable verbose comments
Heiko Schlittermann (HS12-RIPE) [Sat, 12 Nov 2016 12:36:38 +0000 (13:36 +0100)]
Testsuite: enable verbose comments

Comments in script files, matching /^###\s/, will be copied
to test-{stdout,err}{,-server}. This is intended to ease the
mapping between error messages (failed comparisons) to the script part,
causing the failure.

8 years agoTestsuite: tidy-up runtest
Heiko Schlittermann (HS12-RIPE) [Sat, 12 Nov 2016 12:34:22 +0000 (13:34 +0100)]
Testsuite: tidy-up runtest

This will be done step by step, to get a more readable(?)
version. At least the result will be more consistent in coding style
somewhen

8 years agoTidying: coverity issues
Jeremy Harris [Tue, 8 Nov 2016 23:40:09 +0000 (23:40 +0000)]
Tidying: coverity issues

8 years agoOpenSSL 1.1 - update testsuite for retired ciphers
Jeremy Harris [Sun, 13 Nov 2016 16:33:03 +0000 (16:33 +0000)]
OpenSSL 1.1 - update testsuite for retired ciphers

8 years agoTestsuite: Assume '' for missing VERSION_ID
Heiko Schlittermann (HS12-RIPE) [Sat, 12 Nov 2016 21:48:37 +0000 (22:48 +0100)]
Testsuite: Assume '' for missing VERSION_ID

8 years agoOpenLLS 1.1 - Testsuite
Jeremy Harris [Sat, 12 Nov 2016 20:50:21 +0000 (20:50 +0000)]
OpenLLS 1.1 - Testsuite

8 years agoDANE: Bitrot: Port to OpenSSL >= 1.1.0
Jeremy Harris [Sat, 12 Nov 2016 20:16:31 +0000 (20:16 +0000)]
DANE: Bitrot: Port to OpenSSL >= 1.1.0

8 years agoOpenSSL 1.1 - STORE_CTX accessor functions
Jeremy Harris [Sat, 12 Nov 2016 19:13:25 +0000 (19:13 +0000)]
OpenSSL 1.1 - STORE_CTX accessor functions

8 years agoOpenSSL 1.1 - rework OCSP proof verification at load time in server
Jeremy Harris [Sat, 12 Nov 2016 15:44:51 +0000 (15:44 +0000)]
OpenSSL 1.1 - rework OCSP proof verification at load time in server

8 years agoRevert "Testsuite: tidyup runtest"
Jeremy Harris [Fri, 11 Nov 2016 16:11:00 +0000 (16:11 +0000)]
Revert "Testsuite: tidyup runtest"

This reverts commit 2d47f67729aecd3dcbacdfd303b719893f2d61fa.
Fails on some buildfarm animals (older perl version?); the "r" option on a / edit

8 years agoTestsuite: 4509 independent of calling user
Jeremy Harris [Tue, 8 Nov 2016 23:04:56 +0000 (23:04 +0000)]
Testsuite: 4509 independent of calling user

8 years agoTestsuite: 2091,5403 independent of calling user
Jeremy Harris [Tue, 8 Nov 2016 22:56:13 +0000 (22:56 +0000)]
Testsuite: 2091,5403 independent of calling user

8 years agoTestsuite: 2191 independend on calling user
Heiko Schlittermann (HS12-RIPE) [Tue, 8 Nov 2016 21:28:05 +0000 (22:28 +0100)]
Testsuite: 2191 independend on calling user

8 years agoTestsuite: tidyup runtest
Heiko Schlittermann (HS12-RIPE) [Tue, 8 Nov 2016 21:22:11 +0000 (22:22 +0100)]
Testsuite: tidyup runtest

8 years agoEnsure socket is nonblocking before draining. Bug 1914
Jeremy Harris [Sun, 6 Nov 2016 23:10:34 +0000 (23:10 +0000)]
Ensure socket is nonblocking before draining.  Bug 1914

8 years agotidying exim-4_88_RC4
Jeremy Harris [Sun, 6 Nov 2016 13:56:46 +0000 (13:56 +0000)]
tidying

8 years agoTestsuite: use @ISA instead of 'parent'
Heiko Schlittermann (HS12-RIPE) [Fri, 4 Nov 2016 23:57:23 +0000 (00:57 +0100)]
Testsuite: use @ISA instead of 'parent'

Use parent is available on Perl >= 5.10.1, some old CentOS
do not have it.

8 years agoTestsuite: limited support for Content-length:
Heiko Schlittermann (HS12-RIPE) [Fri, 4 Nov 2016 23:50:37 +0000 (00:50 +0100)]
Testsuite: limited support for Content-length:

The simulation of the rspamd protocol needs this, as rspamd-client
sends this Content-length header and newer rspamd-servers
honour this header in favour of a half closed connection.

8 years agoTestsuite: remove \r line endings from script file
Heiko Schlittermann (HS12-RIPE) [Fri, 4 Nov 2016 23:49:52 +0000 (00:49 +0100)]
Testsuite: remove \r line endings from script file

8 years agoTestsuite: Update debian8 flavour
Heiko Schlittermann (HS12-RIPE) [Fri, 4 Nov 2016 15:27:50 +0000 (16:27 +0100)]
Testsuite: Update debian8 flavour

8 years agoTestsuite: Add flavour detection
Heiko Schlittermann (HS12-RIPE) [Fri, 4 Nov 2016 14:36:50 +0000 (15:36 +0100)]
Testsuite: Add flavour detection

8 years agoTestsuite: fixe lower/upper case fix in OpenSSL munging
Heiko Schlittermann (HS12-RIPE) [Fri, 4 Nov 2016 14:02:47 +0000 (15:02 +0100)]
Testsuite: fixe lower/upper case fix in OpenSSL munging

8 years agoAdd syslog_pid option.
Heiko Schlittermann (HS12-RIPE) [Fri, 4 Nov 2016 13:26:35 +0000 (14:26 +0100)]
Add syslog_pid option.

This option suppresses the PID duplication to syslog. As syslog/systemd
add the PID of the logging process automatically.

8 years agoTestsuite: tidyup
Heiko Schlittermann (HS12-RIPE) [Fri, 4 Nov 2016 11:02:32 +0000 (12:02 +0100)]
Testsuite: tidyup

8 years agoDo not use shutdown() when talking to rspamd. Fixes 1802
Andrew Lewis [Tue, 11 Oct 2016 15:48:23 +0000 (17:48 +0200)]
Do not use shutdown() when talking to rspamd. Fixes 1802

8 years agoIntroduce EXIM_BUILD_SUFFIX for src/Makefile and testsuite
Heiko Schlittermann (HS12-RIPE) [Thu, 3 Nov 2016 23:08:59 +0000 (00:08 +0100)]
Introduce EXIM_BUILD_SUFFIX for src/Makefile and testsuite

This enables parallel builds in a shared directory, if they have
the same os-type and arch-type. Think about EXIM_BUILD_SUFFIX
as 'name of your linux distro'

8 years agoTestsuite: Exim::Runtest uses parent Exporter
Heiko Schlittermann (HS12-RIPE) [Thu, 3 Nov 2016 19:19:06 +0000 (20:19 +0100)]
Testsuite: Exim::Runtest uses parent Exporter

8 years agoTestsuite: Add more tests to Exim::Runtest tests
Heiko Schlittermann (HS12-RIPE) [Thu, 3 Nov 2016 09:15:16 +0000 (10:15 +0100)]
Testsuite: Add more tests to Exim::Runtest tests

8 years agoTestsuite: Add POD to Exim::Runtest
Heiko Schlittermann (HS12-RIPE) [Thu, 3 Nov 2016 09:14:54 +0000 (10:14 +0100)]
Testsuite: Add POD to Exim::Runtest

8 years agoTestsuite: check dynamic port >= 1024 to avoid permission problems
Heiko Schlittermann (HS12-RIPE) [Thu, 3 Nov 2016 08:45:17 +0000 (09:45 +0100)]
Testsuite: check dynamic port >= 1024 to avoid permission problems

8 years agoTestsuite: move dynamic_socket to Exim::Runtest
Heiko Schlittermann (HS12-RIPE) [Thu, 3 Nov 2016 08:37:02 +0000 (09:37 +0100)]
Testsuite: move dynamic_socket to Exim::Runtest

8 years agoTestsuite: structure the testsuite test
Heiko Schlittermann (HS12-RIPE) [Thu, 3 Nov 2016 08:36:25 +0000 (09:36 +0100)]
Testsuite: structure the testsuite test

8 years agoTestsuite: README for t/
Heiko Schlittermann (HS12-RIPE) [Wed, 2 Nov 2016 22:19:31 +0000 (23:19 +0100)]
Testsuite: README for t/

8 years agoTestsuite: started t/ to add tests for the testsuite
Heiko Schlittermann (HS12-RIPE) [Wed, 2 Nov 2016 22:16:49 +0000 (23:16 +0100)]
Testsuite: started t/ to add tests for the testsuite

8 years agoFix OCSP proof verification for direct-signed proofs. Bug 1909
Jeremy Harris [Wed, 2 Nov 2016 21:30:16 +0000 (21:30 +0000)]
Fix OCSP proof verification for direct-signed proofs.  Bug 1909

8 years agoTestsuite: replicate testcases for LE OCSP
Jeremy Harris [Wed, 2 Nov 2016 21:25:49 +0000 (21:25 +0000)]
Testsuite: replicate testcases for LE OCSP

8 years agoTestsuite: regen certs, now with additional LetsEncrypt-style OCSP proofs
Jeremy Harris [Tue, 1 Nov 2016 18:35:39 +0000 (18:35 +0000)]
Testsuite: regen certs, now with additional LetsEncrypt-style OCSP proofs

8 years agoReverse the scan direction for option-table builtin macros
Jeremy Harris [Sun, 30 Oct 2016 19:05:26 +0000 (19:05 +0000)]
Reverse the scan direction for option-table builtin macros
so that names with substring-names work usefully

8 years agoTestsuite: find a group name if 'mail' is not available.
Heiko Schlittermann (HS12-RIPE) [Wed, 2 Nov 2016 21:28:18 +0000 (22:28 +0100)]
Testsuite: find a group name if 'mail' is not available.

If the group 'mail' does not exist (as on some *BSD systems),
test 0001 fails. We now use a randomly choosen group, if necessary.

The group name isn't used for anything else than testing the config
file parser.

8 years agoTestsuite: do not attempt to open /dev/tty if in -CONTINUE mode
Heiko Schlittermann (HS12-RIPE) [Tue, 1 Nov 2016 12:58:36 +0000 (13:58 +0100)]
Testsuite: do not attempt to open /dev/tty if in -CONTINUE mode

8 years agoTestsuite: tidying
Jeremy Harris [Sat, 29 Oct 2016 22:06:49 +0000 (23:06 +0100)]
Testsuite: tidying

8 years agoTidying: coverity issues
Jeremy Harris [Sat, 29 Oct 2016 19:51:44 +0000 (20:51 +0100)]
Tidying: coverity issues

8 years agoFix dns authority-name lookup
Jeremy Harris [Sat, 29 Oct 2016 17:54:49 +0000 (18:54 +0100)]
Fix dns authority-name lookup

8 years agoconstification
Jeremy Harris [Sat, 29 Oct 2016 16:51:38 +0000 (17:51 +0100)]
constification

8 years agoTestsuite: tidying
Jeremy Harris [Sat, 29 Oct 2016 14:22:23 +0000 (15:22 +0100)]
Testsuite: tidying

8 years agoTestsuite: tidying
Jeremy Harris [Sat, 29 Oct 2016 12:35:52 +0000 (13:35 +0100)]
Testsuite: tidying

8 years agotidying
Jeremy Harris [Sun, 23 Oct 2016 17:15:26 +0000 (18:15 +0100)]
tidying

8 years agoTestsuite: for $parm_hostname use method more similar to readconf() $primary_hostname...
Jeremy Harris [Tue, 25 Oct 2016 22:48:23 +0000 (23:48 +0100)]
Testsuite: for $parm_hostname use method more similar to readconf() $primary_hostname coding

8 years agoTFO: use IPPROTO_TCP not SOL_TCL for setsockopt, being present on more platforms
Jeremy Harris [Tue, 25 Oct 2016 13:59:44 +0000 (14:59 +0100)]
TFO: use IPPROTO_TCP not SOL_TCL for setsockopt, being present on more platforms
Also downgrade errors from panic-log to debug

8 years agoTestsuite: make common-code config usable in non-TLS builds
Jeremy Harris [Tue, 25 Oct 2016 13:58:03 +0000 (14:58 +0100)]
Testsuite: make common-code config usable in non-TLS builds

8 years agoUpdate README.UPDATING; fix typos in ChangeLog/NewStuff
Phil Pennock [Mon, 24 Oct 2016 01:59:30 +0000 (21:59 -0400)]
Update README.UPDATING; fix typos in ChangeLog/NewStuff

8 years agoTestsuite: account for platforms not supporting TFO, redux
Heiko Schlittermann (HS12-RIPE) [Sun, 23 Oct 2016 21:43:18 +0000 (22:43 +0100)]
Testsuite: account for platforms not supporting TFO, redux

8 years agoTFO: feature advertisement exim-4_88_RC3
Jeremy Harris [Sun, 23 Oct 2016 16:57:43 +0000 (17:57 +0100)]
TFO: feature advertisement

8 years agoTestsuite: account for platforms not supporting TFO
Jeremy Harris [Sun, 23 Oct 2016 16:23:49 +0000 (17:23 +0100)]
Testsuite: account for platforms not supporting TFO

8 years agoFix bug with aborted server TLS connection, under GnuTLS
Jeremy Harris [Sun, 23 Oct 2016 13:09:55 +0000 (14:09 +0100)]
Fix bug with aborted server TLS connection, under GnuTLS

Longstanding, but exposed by 60d10ce

8 years agoTFO: Support compilation on systems which define TCP_FASTOPEN but not MSG_FASTOPEN
Jeremy Harris [Sat, 22 Oct 2016 21:40:39 +0000 (22:40 +0100)]
TFO: Support compilation on systems which define TCP_FASTOPEN but not MSG_FASTOPEN

RHEL 7.0 does that, oddly

8 years agoTestsuite: Add testcase for GnuTLS disconnect after STARTTLS
Jeremy Harris [Sat, 22 Oct 2016 20:12:52 +0000 (21:12 +0100)]
Testsuite: Add testcase for GnuTLS disconnect after STARTTLS

8 years agoTestsuite: More help with getting testsuite running
Jeremy Harris [Sat, 22 Oct 2016 20:44:46 +0000 (21:44 +0100)]
Testsuite: More help with getting testsuite running

8 years agotidying
Jeremy Harris [Sat, 22 Oct 2016 13:47:59 +0000 (14:47 +0100)]
tidying

8 years agoTCP Fast Open
Jeremy Harris [Thu, 20 Oct 2016 23:26:14 +0000 (00:26 +0100)]
TCP Fast Open

8 years agoExpansions: errorcheck use of crypt() in the open-coded version of crypteq/crypt16
Jeremy Harris [Fri, 21 Oct 2016 11:36:55 +0000 (12:36 +0100)]
Expansions: errorcheck use of crypt() in the open-coded version of crypteq/crypt16

Previously, bad arguments crashed under OpenBSD

8 years agotidying
Jeremy Harris [Wed, 19 Oct 2016 20:55:44 +0000 (21:55 +0100)]
tidying

8 years agoTestsuite: munge for platform errno variance
Jeremy Harris [Thu, 20 Oct 2016 20:49:50 +0000 (21:49 +0100)]
Testsuite: munge for platform errno variance

8 years agoTestsuite: use /usr/bin/env perl to get Perl from $PATH
Heiko Schlittermann (HS12-RIPE) [Thu, 20 Oct 2016 14:53:32 +0000 (16:53 +0200)]
Testsuite: use /usr/bin/env perl to get Perl from $PATH

Some buildfarm animals may have more recent versions of Perl
installed in some directory accessable via $PATH. So we don't hardwire
/usr/bin/perl. (e.g. verily)

8 years agoTestsuite: Add doc for PORT_DYNAMIC
Heiko Schlittermann (HS12-RIPE) [Thu, 20 Oct 2016 14:46:10 +0000 (16:46 +0200)]
Testsuite: Add doc for PORT_DYNAMIC

8 years agoTestsuite: cosmetical change
Heiko Schlittermann (HS12-RIPE) [Wed, 19 Oct 2016 22:15:03 +0000 (00:15 +0200)]
Testsuite: cosmetical change

8 years agoTestsuite: Use .editorconfig for test/runtest
Heiko Schlittermann (HS12-RIPE) [Wed, 19 Oct 2016 22:14:08 +0000 (00:14 +0200)]
Testsuite: Use .editorconfig for test/runtest

8 years agoTestsuite: Add PORT_DYNAMIC (Bug 1775)
Heiko Schlittermann (HS12-RIPE) [Wed, 19 Oct 2016 14:56:37 +0000 (16:56 +0200)]
Testsuite: Add PORT_DYNAMIC (Bug 1775)

This avoids problems on OpenBSD with SO_REUSEADDR.

On OpenBSD SO_REUSEADDR only works if the IP address AND the EUID
of the bind(2) calls match. In 0562 Exim binds to 1225 as euid=0,
in 0564 runtest tries to bind to 01225 as the user running the tests.

Thanks to Kirill Miazine for working this out.

8 years agoTestsuite: Fix IPv4 address detection.
Heiko Schlittermann (HS12-RIPE) [Wed, 19 Oct 2016 21:13:20 +0000 (23:13 +0200)]
Testsuite: Fix IPv4 address detection.

Broken-by: d63a95630
8 years agoTestsuite: Test for existence if 'ip'
Heiko Schlittermann (HS12-RIPE) [Tue, 18 Oct 2016 20:16:24 +0000 (22:16 +0200)]
Testsuite: Test for existence if 'ip'

8 years agoUnbreak build: crypto hdrs not in system includes
Phil Pennock [Wed, 19 Oct 2016 03:22:03 +0000 (23:22 -0400)]
Unbreak build: crypto hdrs not in system includes

If using pkg-config to get the paths for various packages and the crypto
library headers are not in the system headers, then the hash work broke
the Exim build by requiring the CFLAGS manipulation for _all_ builds,
not just the TLS libraries.

Shows up on MacOS where there's a system OpenSSL but not system OpenSSL
headers (because only SecureTransport is supported) and using
brew-installed OpenSSL.

I've also coded the fix for GnuTLS on the same basis, but that's
untested.

Fixes bug 1906

8 years agoAvoid pure-ACK TCP segments during command phase
Jeremy Harris [Tue, 18 Oct 2016 22:35:35 +0000 (23:35 +0100)]
Avoid pure-ACK TCP segments during command phase

8 years agoTestsuite: Check version of binary against current git revision
Heiko Schlittermann (HS12-RIPE) [Sun, 16 Oct 2016 22:14:55 +0000 (00:14 +0200)]
Testsuite: Check version of binary against current git revision

8 years agoTidying: coverity issues
Jeremy Harris [Sun, 16 Oct 2016 18:28:01 +0000 (19:28 +0100)]
Tidying: coverity issues

8 years agoFix sender-verify callout to not use trigger-message SIZE
Jeremy Harris [Sun, 16 Oct 2016 17:08:33 +0000 (18:08 +0100)]
Fix sender-verify callout to not use trigger-message SIZE

Broken-by: 9094b84b4cce
8 years agoTidying: coverity issues
Jeremy Harris [Sun, 16 Oct 2016 15:34:18 +0000 (16:34 +0100)]
Tidying: coverity issues

8 years agoQueuefile: avoid using buffered I/O - no point for a block-copy
Jeremy Harris [Sun, 16 Oct 2016 14:29:20 +0000 (15:29 +0100)]
Queuefile: avoid using buffered I/O - no point for a block-copy
and it meant (an admittedly ingnorable) Coverity whine about a FILE leak

Take the oppurtunity to constify a utility function

8 years agoTestsuite: revert some of the modernish Perl constructs
Heiko Schlittermann (HS12-RIPE) [Sat, 15 Oct 2016 22:26:31 +0000 (00:26 +0200)]
Testsuite: revert some of the modernish Perl constructs

Solaris10 needs to be supported, they use Perl 5.8

8 years agoTestsuite: re-insert munge expression about size/inode
Heiko Schlittermann (HS12-RIPE) [Sat, 15 Oct 2016 21:51:43 +0000 (23:51 +0200)]
Testsuite: re-insert munge expression about size/inode

8 years agoTestsuite: detect "hidden" IPs
Heiko Schlittermann (HS12-RIPE) [Sat, 15 Oct 2016 21:01:36 +0000 (23:01 +0200)]
Testsuite: detect "hidden" IPs

`ifconfig -a` doesn't show all addresses, it skippes addresses that
do not have a label. `ip a` show even these.

Bonus: some small cosmetical changes to get a more modern Perl
style.

8 years agoTestsuite: stabilize disk space/inode munging
Heiko Schlittermann (HS12-RIPE) [Sat, 15 Oct 2016 20:48:26 +0000 (22:48 +0200)]
Testsuite: stabilize disk space/inode munging

8 years agoTestsuite: add tests/munges for configure owner
Heiko Schlittermann (HS12-RIPE) [Sat, 15 Oct 2016 20:52:23 +0000 (22:52 +0200)]
Testsuite: add tests/munges for configure owner

8 years agoInclude 'Configure owner' in -bV output
Heiko Schlittermann (HS12-RIPE) [Sat, 15 Oct 2016 19:53:47 +0000 (21:53 +0200)]
Include 'Configure owner' in -bV output

8 years agoTestsuite: add clarification about the permissions of the trusted-configs file
Heiko Schlittermann (HS12-RIPE) [Sat, 15 Oct 2016 13:38:21 +0000 (15:38 +0200)]
Testsuite: add clarification about the permissions of the trusted-configs file

8 years agotidying
Jeremy Harris [Sat, 1 Oct 2016 18:50:24 +0000 (19:50 +0100)]
tidying

8 years agoQueuefile: refactor
Jeremy Harris [Sat, 15 Oct 2016 19:29:30 +0000 (20:29 +0100)]
Queuefile: refactor

8 years agoTestsuite: for queuefile transport, avoid using named-queues as part of test
Jeremy Harris [Sat, 15 Oct 2016 17:56:16 +0000 (18:56 +0100)]
Testsuite: for queuefile transport, avoid using named-queues as part of test
Also avoid using aux-var as a testing temporary area

8 years agoNew: queuefile transport, under EXPERIMENTAL_QUEUEFILE
Andrew Colin Kissa [Sat, 15 Oct 2016 17:33:31 +0000 (18:33 +0100)]
New: queuefile transport, under EXPERIMENTAL_QUEUEFILE

8 years agoTestsuite: (named queues) add testcase for 3rd-party queue transfer
Jeremy Harris [Fri, 14 Oct 2016 12:57:01 +0000 (13:57 +0100)]
Testsuite: (named queues) add testcase for 3rd-party queue transfer

8 years agoDocs: add warning on SNI-dependent certfile expansion needing a good default
Jeremy Harris [Wed, 12 Oct 2016 12:40:19 +0000 (13:40 +0100)]
Docs: add warning on SNI-dependent certfile expansion needing a good default

8 years agoLazy-create builtin macros
Jeremy Harris [Mon, 10 Oct 2016 19:24:34 +0000 (20:24 +0100)]
Lazy-create builtin macros

By only filling out the internal macro representation for the builtin macros
when a config line includes an underscore followed by a letter which might be one
we should save startup effort on configs which never use a builtin.

8 years agoFix check for commandline macro definition
Jeremy Harris [Mon, 10 Oct 2016 13:20:30 +0000 (14:20 +0100)]
Fix check for commandline macro definition
Without this, mailq (done by unpriv user) and daemon SIGHUP handling fail

Broken-by: c0b9d3e87264
8 years agoDocs: add section on builtin macros
Jeremy Harris [Sun, 9 Oct 2016 13:14:57 +0000 (14:14 +0100)]
Docs: add section on builtin macros

8 years agoDH parameters update, new values & default exim-4_88_RC2
Phil Pennock [Sun, 29 May 2016 06:31:18 +0000 (02:31 -0400)]
DH parameters update, new values & default

* Add three new Exim-specific DH parameter constants; state provenance,
  but no way for others to verify; this is a signed commit, which is
  about as much as we can do for the truly paranoid: provide an audit
  trail.
* Add the RFC 7919 DH primes
  + No TLS feature negotiation, per 7919, but the DH primes can be used
    if folks so choose
* Fixed broken format string in util/gen_pkcs3.c
* Tried to make gen_pkcs3.c support q values.
  + Turns out, q doesn't affect the PEM and that's not a mistake in my
    initialisation; I've checked with a cryptographer, we're losing some
    server-side optimizations but not any security properties for our
    scenario.

Fixes: 1895
8 years agoFix callouts connection fallback from TLS to cleartext. Bug 1897
Jeremy Harris [Sat, 8 Oct 2016 18:21:41 +0000 (19:21 +0100)]
Fix callouts connection fallback from TLS to cleartext.  Bug 1897

8 years agoDocs: add another index entry for delay_warning
Jeremy Harris [Wed, 5 Oct 2016 12:03:01 +0000 (13:03 +0100)]
Docs: add another index entry for delay_warning

8 years agoTestsuite: for CHUNKING set sender name explicitly
Jeremy Harris [Mon, 3 Oct 2016 23:11:32 +0000 (00:11 +0100)]
Testsuite: for CHUNKING set sender name explicitly
for consistent chunk size on different platforms