summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* Testsuite: avoid ipv6 use in dane_require_tls_ciphers testcasesdane_require_tls_ciphersJeremy Harris2018-03-304-16/+10
|
* Testcases for dane_require_tls_ciphersJeremy Harris2018-03-3011-5/+294
|
* Implement dane_require_tls_ciphers (theoretically)Phil Pennock2018-03-285-5/+62
| | | | | | It compiles with OpenSSL, on Darwin (if restore Darwin OS). It doesn't crash immediately, but more testing is needed from a place where port 25 is not just blocked.
* Document new dane_require_tls_ciphersPhil Pennock2018-03-284-5/+20
| | | | | Haven't written the code yet, but writing the docs first helped me affirm that this makes sense and feels clean. Code in next commit.
* ARC: log signing-spec errors in mainlog only, not paniclogJeremy Harris2018-03-281-5/+5
|
* ARC: enhance debug for signing; explicitly init signing contextJeremy Harris2018-03-277-22/+108
|
* Fix non-ARC buildJeremy Harris2018-03-261-2/+11
|
* ARC: add guard in verify against lack of the dkim-verify contextJeremy Harris2018-03-261-0/+6
| | | | needed for body-hashing
* Cutthrough: for an onward finaldot timeout, generate an initator 450 in ↵Jeremy Harris2018-03-265-1/+67
| | | | defer=pass mode
* ARC: cutthrough delivery may not be used with ARC signingJeremy Harris2018-03-263-2/+7
|
* Cutthrough: enforce non-use in combination with DKIM signing or transport filterJeremy Harris2018-03-262-0/+18
| | | | Broken-by: 02b41d7106
* Add ARC signing caveatsPhil Pennock2018-03-261-0/+14
|
* SPF: remove the deprecated "err_temp" and "err_perm" result namesJeremy Harris2018-03-263-10/+5
|
* DKIM: document proper Ed25519 key-generation methods; remove helper programJeremy Harris2018-03-264-4812/+4
|
* Expand directory opetion for queuefile transportJeremy Harris2018-03-263-17/+24
|
* Remove extraneus line - benign but pointless.Jeremy Harris2018-03-261-1/+0
| | | | Broken-by: 9e70917d0a
* Testsuite: for SPF tests, avoid using the ipv4 addressJeremy Harris2018-03-258-43/+37
|
* Add non-mtp source info to ${authres }Jeremy Harris2018-03-258-7/+33
|
* DKIM: document generation of RSA keysJeremy Harris2018-03-251-0/+14
|
* DKIM: document Ed25519 private key generation under OpenSSL (1.1.1+)Jeremy Harris2018-03-251-1/+2
|
* DKIM: move ed25519_privkey_pem_to_pubkey_raw_b64 to src/util/ and add usage ↵Jeremy Harris2018-03-257-20/+4682
| | | | notes to docs
* Docs: more on ${authresults }Jeremy Harris2018-03-252-1/+32
|
* ARC: give more detail with "bad signing-spec" messageJeremy Harris2018-03-242-2/+4
|
* Mark variables that are unused before release of store in the queue-list loopJeremy Harris2018-03-242-18/+12
|
* Address jgh notes re OpenSSLPhil Pennock2018-03-231-3/+23
| | | | | | | | | | * `/usr/local` is fair, on Linux, but I deliberately picked something specific to OpenSSL to make the context clear and limit bad interactions with other locally-installed software. * `RPATH` and `RUNPATH` are not the same and are deeply twisty in their interactions. <https://blog.qt.io/blog/2011/10/28/rpath-and-runpath/> is a decent summary.
* ARC: For signing, accept A-R header lacking ARC info as equivalent to "none"Jeremy Harris2018-03-231-1/+1
|
* Docs: typoJeremy Harris2018-03-231-1/+1
|
* Fix spool_wireformat final-dot on LMTP transport. Bug 2258Jeremy Harris2018-03-232-1/+6
| | | | Broken-by: 328c5688db
* ARC: add independent-source testcase. Fix signatures by not line-terminatingJeremy Harris2018-03-237-155/+298
| | | | last header line being hashed.
* exiqsumm fix: Check @ARGV exists before testing itGraeme Fowler2018-03-232-1/+4
|
* Set a TERM handler to terminate properly if running as PID 1Heiko Schlittermann (HS12-RIPE)2018-03-222-0/+15
|
* SPF: additional variable $spf_result_guessed; tweak authresults string ↵Jeremy Harris2018-03-2212-9/+60
| | | | indicating guess
* Pipe transport, part two. Bug 2257exim-4_91_RC2Jeremy Harris2018-03-211-1/+2
|
* ARC: AS header should have no c= tagJeremy Harris2018-03-212-45/+45
|
* ARC: on the smtp transport option take empty or forced-fail to disable signingJeremy Harris2018-03-212-7/+14
|
* Not all the world is binutils ldPhil Pennock2018-03-201-0/+4
|
* Fix pipe transport to not use a socket-only syscall. Bug 2257Jeremy Harris2018-03-206-25/+28
| | | | Broken-by: 42055a3385
* DKIM: harden signature header parsingJeremy Harris2018-03-201-12/+12
|
* LibreSSL version numbering differe from OpenSSLJeremy Harris2018-03-191-1/+1
|
* DMARC: tescaseJeremy Harris2018-03-187-0/+98
| | | | Extremely basic; we have no control of the DNS use of the dmarc library
* DMARC: if ACL condition not called, do not add anything to authres stringJeremy Harris2018-03-182-15/+23
| | | | | Previously "skipped" was added; that is no only done for an actual call which could not be completed
* Unbreak DMARCJeremy Harris2018-03-181-1/+1
| | | | Broken-by: c780096c29
* DMARC: add results to generic authres string; remove $dmarc_ar_headerJeremy Harris2018-03-188-63/+36
|
* typoJeremy Harris2018-03-171-1/+1
|
* DKIM: Ed25519 signatures under OpenSSL (1.1.1 or later)Jeremy Harris2018-03-177-72/+85
| | | | OpenSSL 1.1.1 is not released yet, but operation has been checked against the current source
* DMARC: add variables to list of those now-unused at the tail of the SMTP ↵Jeremy Harris2018-03-171-0/+6
| | | | per-message loop
* Build-variant tidyupJeremy Harris2018-03-173-5/+5
|
* openssl: use += for LDFLAGS, drop env PC docsPhil Pennock2018-03-161-8/+7
| | | | | | | | | | | | Using `LDFLAGS=` instead of `LDFLAGS+=` will stomp over an earlier setting of LDFLAGS, and the DMARC support is now further up in `src/EDITME`, thus likely to get stomped upon. Rather than continue to document using `PKG_CONFIG_PATH` via env, the in-Local/Makefile support has been around for a little while now, so go ahead and make that the only way we suggest here. Add a mention of _why_ we use both `USE_OPENSSL_PC` and `LDFLAGS`.
* Fix heavy-pipeline SMTP command input corruption. Bug 2250Jeremy Harris2018-03-164-18/+29
|
* Docs: copyright yearexim-4_91_RC1Jeremy Harris2018-03-152-2/+2
|
View Lorry Controller Status