summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* base64url{,d} & base32hex{,d} expansion operatorsrfc4648Phil Pennock2016-10-196-22/+136
| | | | | | | | | | | | | We need ${base64url:....} to provide a sane / safe format for encoding data to be safe for filenames (and URLs) without containing a `/` character. This comes from RFC 4648. Expand base32 to include the hex variants while in there too: this alphabet (for character inputs) preserves sort order. Document them all. Add test suites. NB: have not invoked test suites (recent reinstall).
* Unbreak build: crypto hdrs not in system includesPhil Pennock2016-10-184-0/+30
| | | | | | | | | | | | | | | | If using pkg-config to get the paths for various packages and the crypto library headers are not in the system headers, then the hash work broke the Exim build by requiring the CFLAGS manipulation for _all_ builds, not just the TLS libraries. Shows up on MacOS where there's a system OpenSSL but not system OpenSSL headers (because only SecureTransport is supported) and using brew-installed OpenSSL. I've also coded the fix for GnuTLS on the same basis, but that's untested. Fixes bug 1906
* Avoid pure-ACK TCP segments during command phaseJeremy Harris2016-10-183-2/+26
|
* Testsuite: Check version of binary against current git revisionHeiko Schlittermann (HS12-RIPE)2016-10-171-0/+11
|
* Tidying: coverity issuesJeremy Harris2016-10-167-150/+216
|
* Fix sender-verify callout to not use trigger-message SIZEJeremy Harris2016-10-165-1/+63
| | | | Broken-by: 9094b84b4cce
* Tidying: coverity issuesJeremy Harris2016-10-166-39/+32
|
* Queuefile: avoid using buffered I/O - no point for a block-copyJeremy Harris2016-10-163-73/+50
| | | | | | and it meant (an admittedly ingnorable) Coverity whine about a FILE leak Take the oppurtunity to constify a utility function
* Testsuite: revert some of the modernish Perl constructsHeiko Schlittermann (HS12-RIPE)2016-10-161-5/+6
| | | | Solaris10 needs to be supported, they use Perl 5.8
* Testsuite: re-insert munge expression about size/inodeHeiko Schlittermann (HS12-RIPE)2016-10-151-0/+4
|
* Testsuite: detect "hidden" IPsHeiko Schlittermann (HS12-RIPE)2016-10-151-28/+23
| | | | | | | | `ifconfig -a` doesn't show all addresses, it skippes addresses that do not have a label. `ip a` show even these. Bonus: some small cosmetical changes to get a more modern Perl style.
* Testsuite: stabilize disk space/inode mungingHeiko Schlittermann (HS12-RIPE)2016-10-1530-44/+40
|
* Testsuite: add tests/munges for configure ownerHeiko Schlittermann (HS12-RIPE)2016-10-151-0/+11
|
* Include 'Configure owner' in -bV outputHeiko Schlittermann (HS12-RIPE)2016-10-153-4/+6
|
* Testsuite: add clarification about the permissions of the trusted-configs fileHeiko Schlittermann (HS12-RIPE)2016-10-151-2/+3
|
* tidyingJeremy Harris2016-10-154-9/+3
|
* Queuefile: refactorJeremy Harris2016-10-151-170/+111
|
* Testsuite: for queuefile transport, avoid using named-queues as part of testJeremy Harris2016-10-155-59/+32
| | | | Also avoid using aux-var as a testing temporary area
* New: queuefile transport, under EXPERIMENTAL_QUEUEFILEAndrew Colin Kissa2016-10-1528-4/+656
|
* Testsuite: (named queues) add testcase for 3rd-party queue transferJeremy Harris2016-10-144-3/+28
|
* Docs: add warning on SNI-dependent certfile expansion needing a good defaultJeremy Harris2016-10-121-1/+6
|
* Lazy-create builtin macrosJeremy Harris2016-10-108-207/+249
| | | | | | By only filling out the internal macro representation for the builtin macros when a config line includes an underscore followed by a letter which might be one we should save startup effort on configs which never use a builtin.
* Fix check for commandline macro definitionJeremy Harris2016-10-102-5/+5
| | | | | | Without this, mailq (done by unpriv user) and daemon SIGHUP handling fail Broken-by: c0b9d3e87264
* Docs: add section on builtin macrosJeremy Harris2016-10-091-0/+21
|
* DH parameters update, new values & defaultexim-4_88_RC2pdp_new_dhparamPhil Pennock2016-10-087-16/+574
| | | | | | | | | | | | | | | | | | * Add three new Exim-specific DH parameter constants; state provenance, but no way for others to verify; this is a signed commit, which is about as much as we can do for the truly paranoid: provide an audit trail. * Add the RFC 7919 DH primes + No TLS feature negotiation, per 7919, but the DH primes can be used if folks so choose * Fixed broken format string in util/gen_pkcs3.c * Tried to make gen_pkcs3.c support q values. + Turns out, q doesn't affect the PEM and that's not a mistake in my initialisation; I've checked with a cryptographer, we're losing some server-side optimizations but not any security properties for our scenario. Fixes: 1895
* Fix callouts connection fallback from TLS to cleartext. Bug 1897Jeremy Harris2016-10-0819-20/+156
|
* Docs: add another index entry for delay_warningJeremy Harris2016-10-051-0/+1
|
* Testsuite: for CHUNKING set sender name explicitlyJeremy Harris2016-10-0413-122/+259
| | | | for consistent chunk size on different platforms
* Testsuite: for CHUNKING rewrite sender name in headers to consistent valueJeremy Harris2016-10-0310-73/+75
| | | | for consistent chunk size on different test platforms
* Close logfile after a while waiting for non-smtp input. Bug 1891Jeremy Harris2016-10-023-8/+25
|
* Avoid parsing cost for auto-macro createsJeremy Harris2016-10-028-113/+109
|
* Logging: connection_reject log selector should apply also to the connect aclJeremy Harris2016-10-0216-56/+74
|
* Fix mime ACL filename decodeJeremy Harris2016-09-301-18/+10
| | | | | A latent bug (uninitialised memory referred to by $mime_decoded_filename) uncovered by 40c90bca9f7e
* Fix checking for -D option useJeremy Harris2016-09-291-4/+5
| | | | Broken-by: c0b9d3e87264
* Feature macros should be uppercaseJeremy Harris2016-09-291-1/+1
|
* Debug: fix openssl tls_close() debug outputJeremy Harris2016-09-291-1/+1
|
* Testsuite: tidyingJeremy Harris2016-09-291-4/+0
|
* Refactor driver feature-macro generation to be driven by existing tablesJeremy Harris2016-09-285-64/+15
| | | | Would like to do lookup drivers too but unsure about dyn-linked variants
* Default to filesystem space/inode checking enabledJeremy Harris2016-09-2839-18/+178
|
* Drain socket to get clean TCP FINsJeremy Harris2016-09-2815-88/+117
|
* Add automatic macros for config-file options. Bug 1819Jeremy Harris2016-09-258-18/+82
|
* Docs: fix quotesJeremy Harris2016-09-251-1/+1
|
* Delivery: fix memory leakJeremy Harris2016-09-241-1/+5
|
* Doc: add clarification for DKIM exampleexim-4_88_RC1Jeremy Harris2016-09-231-2/+7
|
* Defend against symlink attack by another process running as eximJeremy Harris2016-09-226-77/+152
| | | | | Reported-by: http://www.halfdog.net/Security/2016/DebianEximSpoolLocalRoot/
* Routing: avoid doing the one_time replacement operation when a redirect ↵Jeremy Harris2016-09-223-26/+23
| | | | | | leaves the address unchanged When done, in combination with a defer the retry would see the address as delivered, hence losing mail.
* Routing: for efficiency, avoid complexifying the "condition" string until ↵Jeremy Harris2016-09-226-29/+27
| | | | the second is read from config
* ACL: merge the tables used for codition/modifier decodeJeremy Harris2016-09-183-382/+243
|
* ACL: bsearch for controlsJeremy Harris2016-09-184-235/+192
|
* tidyingJeremy Harris2016-09-1720-160/+163
|
View Lorry Controller Status