| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
| |
(Normally we don't care about leaks in short lived processes we use
during build time. But as -fsanitize=address breaks the build in an
early stage, the leak is fixed now.)
Thanks to Andrew Aitchison.
|
| |
|
|
|
| |
Partly change a single year into a range, starting back in 1995, or
later, if indicated by other copyright information.
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
| |
The exemplar was Ubuntu 14.04 LTS 32-bit - but probably many
32-bit systems would be affected
|
| |
|
|
|
|
|
|
| |
Update current year in docs and banner copyright in src/src/globals.c
Rest of changes from:
vi $(git whatchanged --since=2016-01-01 | grep '^:100' | sed -n 's/^[^M]*M//p' | sort -u | fgrep -v test/)
|
| |
|
|
| |
Bug 1192
|
| |
|
|
| |
Could not find an API for use with OpenSSL, so GnuTLS only
|
| | |
|
| |
|
|
|
|
|
| |
Mostly care about EXIM_GNUTLS_LIBRARY_LOG_LEVEL for debugging.
If someone screams that we kept the default dh-bits at 1024 for old GnuTLS,
we can point them at EXIM_SERVER_DH_BITS_PRE2_12. The name itself will
tell them to shut up and update their library if they care about security. :)
|
| |
|
|
|
|
|
| |
Updated all files modified in 2012 which contained a copyright year
already, unless the range was specified as open-ended.
vi $(git whatchanged --since=2012-01-01 | grep '^:100' | sed 's/^[^M]*M//' | sort -u | fgrep -v test/)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
GnuTLS code re-done, using cut&paste for preservation where appropriate.
Stop using deprecated APIs. Stop hard-coding lists of ciphers.
Use gnutls_priority_init() instead.
Turns tls_require_ciphers into a string in the GnuTLS case, not just
OpenSSL case.
Deprecate three gnutls_require_* options; now ignored but not errors.
(No warnings yet).
Added TLS SNI support.
Made the channel binding integration theoretically actually work. I had
it guarded by an #ifdef but the value used was an enum instead. Oops.
Fixed.
New code much more amenable to future work permitting TLS in callouts.
DH param sizes now chosen by GnuTLS maintainers, we use "normal"; that's
suddenly a lot more bits, so the saved filename was changed too.
(GNUTLS_SEC_PARAM_NORMAL).
DH param setup only done for servers now, since clients don't need/use
it.
GnuTLS a lot more robust to library negotiation using stuff we don't
support, error-ing out quickly for other authentication systems (PGP,
etc).
Renamed pseudo_random_number() to vaguely_random_number() which makes
the nature clearer.
GnuTLS now provides a vaguely_random_number() implementation, to match
OpenSSL.
Pull in <inttypes.h> to make the recent arithmetic changes compile on
MacOS.
Nuke test 2011 which related to the gnutls_require_* options now
non-functional.
|
| | |
|
| |
|
|
|
| |
I have also de-CVSed the ABOUT files and cleaned up a few
introductory comments.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Exim successfully builds with clang, albeit with a number of warnings.
* Our %n usage in printf() calls appears to be correct and safe, AFAICT.
* dummy functions are, unsurprisingly, unused
* Valgrind macros cause vociferous complaints
* Dynamic modules *not* tested
Further clang testing on my part will require an OS update and clang
2.9 to get -rdynamic support.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Be able to build most of Exim with:
-Werror -Wwrite-strings -Wunused-function -Waddress -Wpointer-sign
-Wformat -Wuninitialized -Winit-self
Skipped a change to auth-spa which I was uncertain of. That is not
the most readable of code.
Temporarily gave up on src/src/pdkim/pdkim.c, as header_name_match()
treats the second param as const or not depending on the third param.
(I hacked the build-*/pdkim/Makefile to continue past this)
Much of this change is const propagation.
|
| | |
|
| |
|
|
| |
when size_t is 32-bit but the system supports 64-bit integers.
|
| |
|
|
| |
(I honestly have no memory of writing this patch...)
|
| | |
|
| |
|
|
|
|
| |
should use PRIdMAX; this was disabled because I was testing the other logic
and forgot to restore before commit. Bleh, sorry.
Add #if to protect against unused variable complaints for this too.
|
| |
|
|
|
|
|
|
|
|
|
| |
the ClamAV and openssl_options patches in this release.
Logic in buildconfig.c for adjusting some print format strings assumed that
long ints were four bytes; adjust to test this against reality, to remove
spurious warnings on my dev box (FreeBSD/amd64).
Note: this commit adds a buildconfig.h dependency upon inttypes.h, which was in
SUSv2, so should be safe.
|
| | |
|
| |
|
|
| |
exim_checkaccess.src
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
| |
Tom's prvs patch to avoid the hardwired use of "%lld" and "long long".
Replaced the call to snprintf() with a call to string_vformat().
|
| |
|
|
|
|
| |
off_t values as appropriate. Assume that %lld is available if the size
of off_t is greater than 4. This involved some modifications to
string_vformat() in order to handle %lld.
|
| |
|
|
| |
changed the API.
|
| |
|
|
|
| |
(2) Last-minute typo fix in spec.
(3) Trailing space removal ready for the release.
|
| |
|
|
| |
copyright notices to 2005.
|
| |
|
|
|
|
|
|
|
| |
to compile; WITH_CONTENT_SCAN was forced in exim.h in this case, but was
not forced for eximon. I have updated buildconfig so that it gets set in
config.h and thus applies everywhere. (2) Fixed some compiler warnings
in the demime.c module. (3) Moved the inclusion of config.h above the
inclusion of mytypes.h and macros.h for eximon, to be the same as for
exim itself.
|
| |
|
|
| |
contained uid 0.
|
| | |
|
| |
|
