Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Testsuite: avoid ipv6 use in dane_require_tls_ciphers testcasesdane_require_tls_ciphers | Jeremy Harris | 2018-03-30 | 4 | -16/+10 |
| | |||||
* | Testcases for dane_require_tls_ciphers | Jeremy Harris | 2018-03-30 | 11 | -5/+294 |
| | |||||
* | Implement dane_require_tls_ciphers (theoretically) | Phil Pennock | 2018-03-28 | 5 | -5/+62 |
| | | | | | | It compiles with OpenSSL, on Darwin (if restore Darwin OS). It doesn't crash immediately, but more testing is needed from a place where port 25 is not just blocked. | ||||
* | Document new dane_require_tls_ciphers | Phil Pennock | 2018-03-28 | 4 | -5/+20 |
| | | | | | Haven't written the code yet, but writing the docs first helped me affirm that this makes sense and feels clean. Code in next commit. | ||||
* | ARC: log signing-spec errors in mainlog only, not paniclog | Jeremy Harris | 2018-03-28 | 1 | -5/+5 |
| | |||||
* | ARC: enhance debug for signing; explicitly init signing context | Jeremy Harris | 2018-03-27 | 7 | -22/+108 |
| | |||||
* | Fix non-ARC build | Jeremy Harris | 2018-03-26 | 1 | -2/+11 |
| | |||||
* | ARC: add guard in verify against lack of the dkim-verify context | Jeremy Harris | 2018-03-26 | 1 | -0/+6 |
| | | | | needed for body-hashing | ||||
* | Cutthrough: for an onward finaldot timeout, generate an initator 450 in ↵ | Jeremy Harris | 2018-03-26 | 5 | -1/+67 |
| | | | | defer=pass mode | ||||
* | ARC: cutthrough delivery may not be used with ARC signing | Jeremy Harris | 2018-03-26 | 3 | -2/+7 |
| | |||||
* | Cutthrough: enforce non-use in combination with DKIM signing or transport filter | Jeremy Harris | 2018-03-26 | 2 | -0/+18 |
| | | | | Broken-by: 02b41d7106 | ||||
* | Add ARC signing caveats | Phil Pennock | 2018-03-26 | 1 | -0/+14 |
| | |||||
* | SPF: remove the deprecated "err_temp" and "err_perm" result names | Jeremy Harris | 2018-03-26 | 3 | -10/+5 |
| | |||||
* | DKIM: document proper Ed25519 key-generation methods; remove helper program | Jeremy Harris | 2018-03-26 | 4 | -4812/+4 |
| | |||||
* | Expand directory opetion for queuefile transport | Jeremy Harris | 2018-03-26 | 3 | -17/+24 |
| | |||||
* | Remove extraneus line - benign but pointless. | Jeremy Harris | 2018-03-26 | 1 | -1/+0 |
| | | | | Broken-by: 9e70917d0a | ||||
* | Testsuite: for SPF tests, avoid using the ipv4 address | Jeremy Harris | 2018-03-25 | 8 | -43/+37 |
| | |||||
* | Add non-mtp source info to ${authres } | Jeremy Harris | 2018-03-25 | 8 | -7/+33 |
| | |||||
* | DKIM: document generation of RSA keys | Jeremy Harris | 2018-03-25 | 1 | -0/+14 |
| | |||||
* | DKIM: document Ed25519 private key generation under OpenSSL (1.1.1+) | Jeremy Harris | 2018-03-25 | 1 | -1/+2 |
| | |||||
* | DKIM: move ed25519_privkey_pem_to_pubkey_raw_b64 to src/util/ and add usage ↵ | Jeremy Harris | 2018-03-25 | 7 | -20/+4682 |
| | | | | notes to docs | ||||
* | Docs: more on ${authresults } | Jeremy Harris | 2018-03-25 | 2 | -1/+32 |
| | |||||
* | ARC: give more detail with "bad signing-spec" message | Jeremy Harris | 2018-03-24 | 2 | -2/+4 |
| | |||||
* | Mark variables that are unused before release of store in the queue-list loop | Jeremy Harris | 2018-03-24 | 2 | -18/+12 |
| | |||||
* | Address jgh notes re OpenSSL | Phil Pennock | 2018-03-23 | 1 | -3/+23 |
| | | | | | | | | | | * `/usr/local` is fair, on Linux, but I deliberately picked something specific to OpenSSL to make the context clear and limit bad interactions with other locally-installed software. * `RPATH` and `RUNPATH` are not the same and are deeply twisty in their interactions. <https://blog.qt.io/blog/2011/10/28/rpath-and-runpath/> is a decent summary. | ||||
* | ARC: For signing, accept A-R header lacking ARC info as equivalent to "none" | Jeremy Harris | 2018-03-23 | 1 | -1/+1 |
| | |||||
* | Docs: typo | Jeremy Harris | 2018-03-23 | 1 | -1/+1 |
| | |||||
* | Fix spool_wireformat final-dot on LMTP transport. Bug 2258 | Jeremy Harris | 2018-03-23 | 2 | -1/+6 |
| | | | | Broken-by: 328c5688db | ||||
* | ARC: add independent-source testcase. Fix signatures by not line-terminating | Jeremy Harris | 2018-03-23 | 7 | -155/+298 |
| | | | | last header line being hashed. | ||||
* | exiqsumm fix: Check @ARGV exists before testing it | Graeme Fowler | 2018-03-23 | 2 | -1/+4 |
| | |||||
* | Set a TERM handler to terminate properly if running as PID 1 | Heiko Schlittermann (HS12-RIPE) | 2018-03-22 | 2 | -0/+15 |
| | |||||
* | SPF: additional variable $spf_result_guessed; tweak authresults string ↵ | Jeremy Harris | 2018-03-22 | 12 | -9/+60 |
| | | | | indicating guess | ||||
* | Pipe transport, part two. Bug 2257exim-4_91_RC2 | Jeremy Harris | 2018-03-21 | 1 | -1/+2 |
| | |||||
* | ARC: AS header should have no c= tag | Jeremy Harris | 2018-03-21 | 2 | -45/+45 |
| | |||||
* | ARC: on the smtp transport option take empty or forced-fail to disable signing | Jeremy Harris | 2018-03-21 | 2 | -7/+14 |
| | |||||
* | Not all the world is binutils ld | Phil Pennock | 2018-03-20 | 1 | -0/+4 |
| | |||||
* | Fix pipe transport to not use a socket-only syscall. Bug 2257 | Jeremy Harris | 2018-03-20 | 6 | -25/+28 |
| | | | | Broken-by: 42055a3385 | ||||
* | DKIM: harden signature header parsing | Jeremy Harris | 2018-03-20 | 1 | -12/+12 |
| | |||||
* | LibreSSL version numbering differe from OpenSSL | Jeremy Harris | 2018-03-19 | 1 | -1/+1 |
| | |||||
* | DMARC: tescase | Jeremy Harris | 2018-03-18 | 7 | -0/+98 |
| | | | | Extremely basic; we have no control of the DNS use of the dmarc library | ||||
* | DMARC: if ACL condition not called, do not add anything to authres string | Jeremy Harris | 2018-03-18 | 2 | -15/+23 |
| | | | | | Previously "skipped" was added; that is no only done for an actual call which could not be completed | ||||
* | Unbreak DMARC | Jeremy Harris | 2018-03-18 | 1 | -1/+1 |
| | | | | Broken-by: c780096c29 | ||||
* | DMARC: add results to generic authres string; remove $dmarc_ar_header | Jeremy Harris | 2018-03-18 | 8 | -63/+36 |
| | |||||
* | typo | Jeremy Harris | 2018-03-17 | 1 | -1/+1 |
| | |||||
* | DKIM: Ed25519 signatures under OpenSSL (1.1.1 or later) | Jeremy Harris | 2018-03-17 | 7 | -72/+85 |
| | | | | OpenSSL 1.1.1 is not released yet, but operation has been checked against the current source | ||||
* | DMARC: add variables to list of those now-unused at the tail of the SMTP ↵ | Jeremy Harris | 2018-03-17 | 1 | -0/+6 |
| | | | | per-message loop | ||||
* | Build-variant tidyup | Jeremy Harris | 2018-03-17 | 3 | -5/+5 |
| | |||||
* | openssl: use += for LDFLAGS, drop env PC docs | Phil Pennock | 2018-03-16 | 1 | -8/+7 |
| | | | | | | | | | | | | Using `LDFLAGS=` instead of `LDFLAGS+=` will stomp over an earlier setting of LDFLAGS, and the DMARC support is now further up in `src/EDITME`, thus likely to get stomped upon. Rather than continue to document using `PKG_CONFIG_PATH` via env, the in-Local/Makefile support has been around for a little while now, so go ahead and make that the only way we suggest here. Add a mention of _why_ we use both `USE_OPENSSL_PC` and `LDFLAGS`. | ||||
* | Fix heavy-pipeline SMTP command input corruption. Bug 2250 | Jeremy Harris | 2018-03-16 | 4 | -18/+29 |
| | |||||
* | Docs: copyright yearexim-4_91_RC1 | Jeremy Harris | 2018-03-15 | 2 | -2/+2 |
| |