users/jgh/exim.git
8 years agoTestsuite: README for t/
Heiko Schlittermann (HS12-RIPE) [Wed, 2 Nov 2016 22:19:31 +0000 (23:19 +0100)]
Testsuite: README for t/

8 years agoTestsuite: started t/ to add tests for the testsuite
Heiko Schlittermann (HS12-RIPE) [Wed, 2 Nov 2016 22:16:49 +0000 (23:16 +0100)]
Testsuite: started t/ to add tests for the testsuite

8 years agoFix OCSP proof verification for direct-signed proofs. Bug 1909
Jeremy Harris [Wed, 2 Nov 2016 21:30:16 +0000 (21:30 +0000)]
Fix OCSP proof verification for direct-signed proofs.  Bug 1909

8 years agoTestsuite: replicate testcases for LE OCSP
Jeremy Harris [Wed, 2 Nov 2016 21:25:49 +0000 (21:25 +0000)]
Testsuite: replicate testcases for LE OCSP

8 years agoTestsuite: regen certs, now with additional LetsEncrypt-style OCSP proofs
Jeremy Harris [Tue, 1 Nov 2016 18:35:39 +0000 (18:35 +0000)]
Testsuite: regen certs, now with additional LetsEncrypt-style OCSP proofs

8 years agoReverse the scan direction for option-table builtin macros
Jeremy Harris [Sun, 30 Oct 2016 19:05:26 +0000 (19:05 +0000)]
Reverse the scan direction for option-table builtin macros
so that names with substring-names work usefully

8 years agoTestsuite: find a group name if 'mail' is not available.
Heiko Schlittermann (HS12-RIPE) [Wed, 2 Nov 2016 21:28:18 +0000 (22:28 +0100)]
Testsuite: find a group name if 'mail' is not available.

If the group 'mail' does not exist (as on some *BSD systems),
test 0001 fails. We now use a randomly choosen group, if necessary.

The group name isn't used for anything else than testing the config
file parser.

8 years agoTestsuite: do not attempt to open /dev/tty if in -CONTINUE mode
Heiko Schlittermann (HS12-RIPE) [Tue, 1 Nov 2016 12:58:36 +0000 (13:58 +0100)]
Testsuite: do not attempt to open /dev/tty if in -CONTINUE mode

8 years agoTestsuite: tidying
Jeremy Harris [Sat, 29 Oct 2016 22:06:49 +0000 (23:06 +0100)]
Testsuite: tidying

8 years agoTidying: coverity issues
Jeremy Harris [Sat, 29 Oct 2016 19:51:44 +0000 (20:51 +0100)]
Tidying: coverity issues

8 years agoFix dns authority-name lookup
Jeremy Harris [Sat, 29 Oct 2016 17:54:49 +0000 (18:54 +0100)]
Fix dns authority-name lookup

8 years agoconstification
Jeremy Harris [Sat, 29 Oct 2016 16:51:38 +0000 (17:51 +0100)]
constification

8 years agoTestsuite: tidying
Jeremy Harris [Sat, 29 Oct 2016 14:22:23 +0000 (15:22 +0100)]
Testsuite: tidying

8 years agoTestsuite: tidying
Jeremy Harris [Sat, 29 Oct 2016 12:35:52 +0000 (13:35 +0100)]
Testsuite: tidying

8 years agotidying
Jeremy Harris [Sun, 23 Oct 2016 17:15:26 +0000 (18:15 +0100)]
tidying

8 years agoTestsuite: for $parm_hostname use method more similar to readconf() $primary_hostname...
Jeremy Harris [Tue, 25 Oct 2016 22:48:23 +0000 (23:48 +0100)]
Testsuite: for $parm_hostname use method more similar to readconf() $primary_hostname coding

8 years agoTFO: use IPPROTO_TCP not SOL_TCL for setsockopt, being present on more platforms
Jeremy Harris [Tue, 25 Oct 2016 13:59:44 +0000 (14:59 +0100)]
TFO: use IPPROTO_TCP not SOL_TCL for setsockopt, being present on more platforms
Also downgrade errors from panic-log to debug

8 years agoTestsuite: make common-code config usable in non-TLS builds
Jeremy Harris [Tue, 25 Oct 2016 13:58:03 +0000 (14:58 +0100)]
Testsuite: make common-code config usable in non-TLS builds

8 years agoUpdate README.UPDATING; fix typos in ChangeLog/NewStuff
Phil Pennock [Mon, 24 Oct 2016 01:59:30 +0000 (21:59 -0400)]
Update README.UPDATING; fix typos in ChangeLog/NewStuff

8 years agoTestsuite: account for platforms not supporting TFO, redux
Heiko Schlittermann (HS12-RIPE) [Sun, 23 Oct 2016 21:43:18 +0000 (22:43 +0100)]
Testsuite: account for platforms not supporting TFO, redux

8 years agoTFO: feature advertisement exim-4_88_RC3
Jeremy Harris [Sun, 23 Oct 2016 16:57:43 +0000 (17:57 +0100)]
TFO: feature advertisement

8 years agoTestsuite: account for platforms not supporting TFO
Jeremy Harris [Sun, 23 Oct 2016 16:23:49 +0000 (17:23 +0100)]
Testsuite: account for platforms not supporting TFO

8 years agoFix bug with aborted server TLS connection, under GnuTLS
Jeremy Harris [Sun, 23 Oct 2016 13:09:55 +0000 (14:09 +0100)]
Fix bug with aborted server TLS connection, under GnuTLS

Longstanding, but exposed by 60d10ce

8 years agoTFO: Support compilation on systems which define TCP_FASTOPEN but not MSG_FASTOPEN
Jeremy Harris [Sat, 22 Oct 2016 21:40:39 +0000 (22:40 +0100)]
TFO: Support compilation on systems which define TCP_FASTOPEN but not MSG_FASTOPEN

RHEL 7.0 does that, oddly

8 years agoTestsuite: Add testcase for GnuTLS disconnect after STARTTLS
Jeremy Harris [Sat, 22 Oct 2016 20:12:52 +0000 (21:12 +0100)]
Testsuite: Add testcase for GnuTLS disconnect after STARTTLS

8 years agoTestsuite: More help with getting testsuite running
Jeremy Harris [Sat, 22 Oct 2016 20:44:46 +0000 (21:44 +0100)]
Testsuite: More help with getting testsuite running

8 years agotidying
Jeremy Harris [Sat, 22 Oct 2016 13:47:59 +0000 (14:47 +0100)]
tidying

8 years agoTCP Fast Open
Jeremy Harris [Thu, 20 Oct 2016 23:26:14 +0000 (00:26 +0100)]
TCP Fast Open

8 years agoExpansions: errorcheck use of crypt() in the open-coded version of crypteq/crypt16
Jeremy Harris [Fri, 21 Oct 2016 11:36:55 +0000 (12:36 +0100)]
Expansions: errorcheck use of crypt() in the open-coded version of crypteq/crypt16

Previously, bad arguments crashed under OpenBSD

8 years agotidying
Jeremy Harris [Wed, 19 Oct 2016 20:55:44 +0000 (21:55 +0100)]
tidying

8 years agoTestsuite: munge for platform errno variance
Jeremy Harris [Thu, 20 Oct 2016 20:49:50 +0000 (21:49 +0100)]
Testsuite: munge for platform errno variance

8 years agoTestsuite: use /usr/bin/env perl to get Perl from $PATH
Heiko Schlittermann (HS12-RIPE) [Thu, 20 Oct 2016 14:53:32 +0000 (16:53 +0200)]
Testsuite: use /usr/bin/env perl to get Perl from $PATH

Some buildfarm animals may have more recent versions of Perl
installed in some directory accessable via $PATH. So we don't hardwire
/usr/bin/perl. (e.g. verily)

8 years agoTestsuite: Add doc for PORT_DYNAMIC
Heiko Schlittermann (HS12-RIPE) [Thu, 20 Oct 2016 14:46:10 +0000 (16:46 +0200)]
Testsuite: Add doc for PORT_DYNAMIC

8 years agoTestsuite: cosmetical change
Heiko Schlittermann (HS12-RIPE) [Wed, 19 Oct 2016 22:15:03 +0000 (00:15 +0200)]
Testsuite: cosmetical change

8 years agoTestsuite: Use .editorconfig for test/runtest
Heiko Schlittermann (HS12-RIPE) [Wed, 19 Oct 2016 22:14:08 +0000 (00:14 +0200)]
Testsuite: Use .editorconfig for test/runtest

8 years agoTestsuite: Add PORT_DYNAMIC (Bug 1775)
Heiko Schlittermann (HS12-RIPE) [Wed, 19 Oct 2016 14:56:37 +0000 (16:56 +0200)]
Testsuite: Add PORT_DYNAMIC (Bug 1775)

This avoids problems on OpenBSD with SO_REUSEADDR.

On OpenBSD SO_REUSEADDR only works if the IP address AND the EUID
of the bind(2) calls match. In 0562 Exim binds to 1225 as euid=0,
in 0564 runtest tries to bind to 01225 as the user running the tests.

Thanks to Kirill Miazine for working this out.

8 years agoTestsuite: Fix IPv4 address detection.
Heiko Schlittermann (HS12-RIPE) [Wed, 19 Oct 2016 21:13:20 +0000 (23:13 +0200)]
Testsuite: Fix IPv4 address detection.

Broken-by: d63a95630
8 years agoTestsuite: Test for existence if 'ip'
Heiko Schlittermann (HS12-RIPE) [Tue, 18 Oct 2016 20:16:24 +0000 (22:16 +0200)]
Testsuite: Test for existence if 'ip'

8 years agoUnbreak build: crypto hdrs not in system includes
Phil Pennock [Wed, 19 Oct 2016 03:22:03 +0000 (23:22 -0400)]
Unbreak build: crypto hdrs not in system includes

If using pkg-config to get the paths for various packages and the crypto
library headers are not in the system headers, then the hash work broke
the Exim build by requiring the CFLAGS manipulation for _all_ builds,
not just the TLS libraries.

Shows up on MacOS where there's a system OpenSSL but not system OpenSSL
headers (because only SecureTransport is supported) and using
brew-installed OpenSSL.

I've also coded the fix for GnuTLS on the same basis, but that's
untested.

Fixes bug 1906

8 years agoAvoid pure-ACK TCP segments during command phase
Jeremy Harris [Tue, 18 Oct 2016 22:35:35 +0000 (23:35 +0100)]
Avoid pure-ACK TCP segments during command phase

8 years agoTestsuite: Check version of binary against current git revision
Heiko Schlittermann (HS12-RIPE) [Sun, 16 Oct 2016 22:14:55 +0000 (00:14 +0200)]
Testsuite: Check version of binary against current git revision

8 years agoTidying: coverity issues
Jeremy Harris [Sun, 16 Oct 2016 18:28:01 +0000 (19:28 +0100)]
Tidying: coverity issues

8 years agoFix sender-verify callout to not use trigger-message SIZE
Jeremy Harris [Sun, 16 Oct 2016 17:08:33 +0000 (18:08 +0100)]
Fix sender-verify callout to not use trigger-message SIZE

Broken-by: 9094b84b4cce
8 years agoTidying: coverity issues
Jeremy Harris [Sun, 16 Oct 2016 15:34:18 +0000 (16:34 +0100)]
Tidying: coverity issues

8 years agoQueuefile: avoid using buffered I/O - no point for a block-copy
Jeremy Harris [Sun, 16 Oct 2016 14:29:20 +0000 (15:29 +0100)]
Queuefile: avoid using buffered I/O - no point for a block-copy
and it meant (an admittedly ingnorable) Coverity whine about a FILE leak

Take the oppurtunity to constify a utility function

8 years agoTestsuite: revert some of the modernish Perl constructs
Heiko Schlittermann (HS12-RIPE) [Sat, 15 Oct 2016 22:26:31 +0000 (00:26 +0200)]
Testsuite: revert some of the modernish Perl constructs

Solaris10 needs to be supported, they use Perl 5.8

8 years agoTestsuite: re-insert munge expression about size/inode
Heiko Schlittermann (HS12-RIPE) [Sat, 15 Oct 2016 21:51:43 +0000 (23:51 +0200)]
Testsuite: re-insert munge expression about size/inode

8 years agoTestsuite: detect "hidden" IPs
Heiko Schlittermann (HS12-RIPE) [Sat, 15 Oct 2016 21:01:36 +0000 (23:01 +0200)]
Testsuite: detect "hidden" IPs

`ifconfig -a` doesn't show all addresses, it skippes addresses that
do not have a label. `ip a` show even these.

Bonus: some small cosmetical changes to get a more modern Perl
style.

8 years agoTestsuite: stabilize disk space/inode munging
Heiko Schlittermann (HS12-RIPE) [Sat, 15 Oct 2016 20:48:26 +0000 (22:48 +0200)]
Testsuite: stabilize disk space/inode munging

8 years agoTestsuite: add tests/munges for configure owner
Heiko Schlittermann (HS12-RIPE) [Sat, 15 Oct 2016 20:52:23 +0000 (22:52 +0200)]
Testsuite: add tests/munges for configure owner

8 years agoInclude 'Configure owner' in -bV output
Heiko Schlittermann (HS12-RIPE) [Sat, 15 Oct 2016 19:53:47 +0000 (21:53 +0200)]
Include 'Configure owner' in -bV output

8 years agoTestsuite: add clarification about the permissions of the trusted-configs file
Heiko Schlittermann (HS12-RIPE) [Sat, 15 Oct 2016 13:38:21 +0000 (15:38 +0200)]
Testsuite: add clarification about the permissions of the trusted-configs file

8 years agotidying
Jeremy Harris [Sat, 1 Oct 2016 18:50:24 +0000 (19:50 +0100)]
tidying

8 years agoQueuefile: refactor
Jeremy Harris [Sat, 15 Oct 2016 19:29:30 +0000 (20:29 +0100)]
Queuefile: refactor

8 years agoTestsuite: for queuefile transport, avoid using named-queues as part of test
Jeremy Harris [Sat, 15 Oct 2016 17:56:16 +0000 (18:56 +0100)]
Testsuite: for queuefile transport, avoid using named-queues as part of test
Also avoid using aux-var as a testing temporary area

8 years agoNew: queuefile transport, under EXPERIMENTAL_QUEUEFILE
Andrew Colin Kissa [Sat, 15 Oct 2016 17:33:31 +0000 (18:33 +0100)]
New: queuefile transport, under EXPERIMENTAL_QUEUEFILE

8 years agoTestsuite: (named queues) add testcase for 3rd-party queue transfer
Jeremy Harris [Fri, 14 Oct 2016 12:57:01 +0000 (13:57 +0100)]
Testsuite: (named queues) add testcase for 3rd-party queue transfer

8 years agoDocs: add warning on SNI-dependent certfile expansion needing a good default
Jeremy Harris [Wed, 12 Oct 2016 12:40:19 +0000 (13:40 +0100)]
Docs: add warning on SNI-dependent certfile expansion needing a good default

8 years agoLazy-create builtin macros
Jeremy Harris [Mon, 10 Oct 2016 19:24:34 +0000 (20:24 +0100)]
Lazy-create builtin macros

By only filling out the internal macro representation for the builtin macros
when a config line includes an underscore followed by a letter which might be one
we should save startup effort on configs which never use a builtin.

8 years agoFix check for commandline macro definition
Jeremy Harris [Mon, 10 Oct 2016 13:20:30 +0000 (14:20 +0100)]
Fix check for commandline macro definition
Without this, mailq (done by unpriv user) and daemon SIGHUP handling fail

Broken-by: c0b9d3e87264
8 years agoDocs: add section on builtin macros
Jeremy Harris [Sun, 9 Oct 2016 13:14:57 +0000 (14:14 +0100)]
Docs: add section on builtin macros

8 years agoDH parameters update, new values & default exim-4_88_RC2
Phil Pennock [Sun, 29 May 2016 06:31:18 +0000 (02:31 -0400)]
DH parameters update, new values & default

* Add three new Exim-specific DH parameter constants; state provenance,
  but no way for others to verify; this is a signed commit, which is
  about as much as we can do for the truly paranoid: provide an audit
  trail.
* Add the RFC 7919 DH primes
  + No TLS feature negotiation, per 7919, but the DH primes can be used
    if folks so choose
* Fixed broken format string in util/gen_pkcs3.c
* Tried to make gen_pkcs3.c support q values.
  + Turns out, q doesn't affect the PEM and that's not a mistake in my
    initialisation; I've checked with a cryptographer, we're losing some
    server-side optimizations but not any security properties for our
    scenario.

Fixes: 1895
8 years agoFix callouts connection fallback from TLS to cleartext. Bug 1897
Jeremy Harris [Sat, 8 Oct 2016 18:21:41 +0000 (19:21 +0100)]
Fix callouts connection fallback from TLS to cleartext.  Bug 1897

8 years agoDocs: add another index entry for delay_warning
Jeremy Harris [Wed, 5 Oct 2016 12:03:01 +0000 (13:03 +0100)]
Docs: add another index entry for delay_warning

8 years agoTestsuite: for CHUNKING set sender name explicitly
Jeremy Harris [Mon, 3 Oct 2016 23:11:32 +0000 (00:11 +0100)]
Testsuite: for CHUNKING set sender name explicitly
for consistent chunk size on different platforms

8 years agoTestsuite: for CHUNKING rewrite sender name in headers to consistent value
Jeremy Harris [Mon, 3 Oct 2016 16:00:05 +0000 (17:00 +0100)]
Testsuite: for CHUNKING rewrite sender name in headers to consistent value
for consistent chunk size on different test platforms

8 years agoClose logfile after a while waiting for non-smtp input. Bug 1891
Jeremy Harris [Sun, 2 Oct 2016 18:58:19 +0000 (19:58 +0100)]
Close logfile after a while waiting for non-smtp input.  Bug 1891

8 years agoAvoid parsing cost for auto-macro creates
Jeremy Harris [Sun, 2 Oct 2016 16:39:18 +0000 (17:39 +0100)]
Avoid parsing cost for auto-macro creates

8 years agoLogging: connection_reject log selector should apply also to the connect acl
Jeremy Harris [Sun, 2 Oct 2016 13:03:09 +0000 (14:03 +0100)]
Logging: connection_reject log selector should apply also to the connect acl

8 years agoFix mime ACL filename decode
Jeremy Harris [Fri, 30 Sep 2016 13:59:04 +0000 (14:59 +0100)]
Fix mime ACL filename decode

A latent bug (uninitialised memory referred to by $mime_decoded_filename)
uncovered by 40c90bca9f7e

8 years agoFix checking for -D option use
Jeremy Harris [Thu, 29 Sep 2016 22:18:54 +0000 (23:18 +0100)]
Fix checking for -D option use

Broken-by: c0b9d3e87264
8 years agoFeature macros should be uppercase
Jeremy Harris [Thu, 29 Sep 2016 21:56:02 +0000 (22:56 +0100)]
Feature macros should be uppercase

8 years agoDebug: fix openssl tls_close() debug output
Jeremy Harris [Thu, 29 Sep 2016 21:44:14 +0000 (22:44 +0100)]
Debug: fix openssl tls_close() debug output

8 years agoTestsuite: tidying
Jeremy Harris [Thu, 29 Sep 2016 20:25:47 +0000 (21:25 +0100)]
Testsuite: tidying

8 years agoRefactor driver feature-macro generation to be driven by existing tables
Jeremy Harris [Wed, 28 Sep 2016 21:24:00 +0000 (22:24 +0100)]
Refactor driver feature-macro generation to be driven by existing tables

Would like to do lookup drivers too but unsure about dyn-linked variants

8 years agoDefault to filesystem space/inode checking enabled
Jeremy Harris [Wed, 28 Sep 2016 18:41:08 +0000 (19:41 +0100)]
Default to filesystem space/inode checking enabled

8 years agoDrain socket to get clean TCP FINs
Jeremy Harris [Tue, 27 Sep 2016 22:23:52 +0000 (23:23 +0100)]
Drain socket to get clean TCP FINs

8 years agoAdd automatic macros for config-file options. Bug 1819
Jeremy Harris [Sun, 25 Sep 2016 21:59:36 +0000 (22:59 +0100)]
Add automatic macros for config-file options.  Bug 1819

8 years agoDocs: fix quotes
Jeremy Harris [Sat, 24 Sep 2016 16:59:51 +0000 (17:59 +0100)]
Docs: fix quotes

8 years agoDelivery: fix memory leak
Jeremy Harris [Sat, 24 Sep 2016 16:11:19 +0000 (17:11 +0100)]
Delivery: fix memory leak

8 years agoDoc: add clarification for DKIM example exim-4_88_RC1
Jeremy Harris [Fri, 23 Sep 2016 08:24:16 +0000 (09:24 +0100)]
Doc: add clarification for DKIM example

8 years agoDefend against symlink attack by another process running as exim
Jeremy Harris [Thu, 22 Sep 2016 21:55:49 +0000 (22:55 +0100)]
Defend against symlink attack by another process running as exim

Reported-by:
http://www.halfdog.net/Security/2016/DebianEximSpoolLocalRoot/

8 years agoRouting: avoid doing the one_time replacement operation when a redirect leaves the...
Jeremy Harris [Thu, 22 Sep 2016 18:59:48 +0000 (19:59 +0100)]
Routing: avoid doing the one_time replacement operation when a redirect leaves the address unchanged

When done, in combination with a defer the retry would see the address as delivered, hence losing mail.

8 years agoRouting: for efficiency, avoid complexifying the "condition" string until the second...
Jeremy Harris [Thu, 22 Sep 2016 18:29:49 +0000 (19:29 +0100)]
Routing: for efficiency, avoid complexifying the "condition" string until the second is read from config

8 years agoACL: merge the tables used for codition/modifier decode
Jeremy Harris [Sun, 18 Sep 2016 21:47:22 +0000 (22:47 +0100)]
ACL: merge the tables used for codition/modifier decode

8 years ago ACL: bsearch for controls
Jeremy Harris [Sun, 18 Sep 2016 17:14:29 +0000 (18:14 +0100)]
ACL: bsearch for controls

8 years agotidying
Jeremy Harris [Thu, 15 Sep 2016 22:58:57 +0000 (23:58 +0100)]
tidying

8 years agoDocs: mention Perl manpages for PCRE. Bug 1881
Jeremy Harris [Thu, 15 Sep 2016 20:43:22 +0000 (21:43 +0100)]
Docs: mention Perl manpages for PCRE.  Bug 1881

8 years agoLogging: fix errno decodes
Jeremy Harris [Tue, 13 Sep 2016 22:49:09 +0000 (23:49 +0100)]
Logging: fix errno decodes

8 years agoAuth: fix error check in CRAM-MD5
Jeremy Harris [Tue, 13 Sep 2016 22:41:55 +0000 (23:41 +0100)]
Auth: fix error check in CRAM-MD5

8 years agotidying
Jeremy Harris [Wed, 7 Sep 2016 20:58:04 +0000 (21:58 +0100)]
tidying

8 years agoLog EHLO response on getting conn-close response for HELO. Bug 1832
Jeremy Harris [Sat, 10 Sep 2016 20:37:56 +0000 (21:37 +0100)]
Log EHLO response on getting conn-close response for HELO.  Bug 1832

8 years agoReduce space used by flags in smtp transport
Jeremy Harris [Sat, 10 Sep 2016 20:36:33 +0000 (21:36 +0100)]
Reduce space used by flags in smtp transport

8 years agoMake BOOL unsigned; fix resulting latent bugs
Jeremy Harris [Sun, 11 Sep 2016 12:30:45 +0000 (13:30 +0100)]
Make BOOL unsigned; fix resulting latent bugs

8 years agoCutthrough: option to reflect 4xx errors from target to initiator
Jeremy Harris [Sun, 4 Sep 2016 13:54:18 +0000 (14:54 +0100)]
Cutthrough: option to reflect 4xx errors from target to initiator

8 years agoTestsuite: missing output file
Jeremy Harris [Sun, 4 Sep 2016 13:46:42 +0000 (14:46 +0100)]
Testsuite: missing output file

8 years agoDocs: prettify code examples. Bug 1284
Jeremy Harris [Sat, 3 Sep 2016 12:43:33 +0000 (13:43 +0100)]
Docs: prettify code examples.   Bug 1284

8 years agoDocs: add note on strict DKIM verification
Jeremy Harris [Sat, 3 Sep 2016 12:33:57 +0000 (13:33 +0100)]
Docs: add note on strict DKIM verification

8 years agoTestsuite: fix GnuTLS OCSP testing
Jeremy Harris [Thu, 1 Sep 2016 20:08:32 +0000 (21:08 +0100)]
Testsuite: fix GnuTLS OCSP testing

8 years agoSupport "G" multiplier on integer configuration values
Jeremy Harris [Thu, 1 Sep 2016 18:20:11 +0000 (19:20 +0100)]
Support "G" multiplier on integer configuration values