summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2010-09-05OpenSSL and XSL changes documented.Phil Pennock
Plus typo fixed.
2010-09-05Document the ClamAV ExtendedDetectionInfo response handling.Phil Pennock
2010-09-05OpenSSL 1.0.0 const fix for SSL_get_current_cipherPhil Pennock
OpenSSL 1.0.0 changes SSL_get_current_cipher()'s return value to include const. It looks like a safe change for older OpenSSL, so treat it appropriately and cast as needed.
2010-09-05Guidance on contributing to Exim.Phil Pennock
2010-09-05Use public http: URLs for XSL includes.Phil Pennock
Adjust OS-Fixups, document how this works in HowItWorks.txt
2010-09-05Rework clamd response handling to be more robust.Phil Pennock
In particular, clamd's ExtendedDetectionInfo option broke our parsing.
2010-07-19Merge ssh://tahini.csx.cam.ac.uk/home/git/eximJohn Jetmore
2010-07-19Somehow in learning how to use git I lost half the changes needed to fix the ↵John Jetmore
collision between 0383.f and 0383.F on HFS+. this is the second half of 04a45836676516936d791202928e249b711c03ee
2010-07-19Bugzilla #1006: Keep EHLO attributes in case STARTTLS errors are ignoredTom Kistner
Applied patch submitted by Micha Lenk. Thanks!
2010-07-16The test architecture can't support having the testsuite user and the Exim ↵John Jetmore
user the same. restrict it in runtest and add a note about it in the README
2010-07-16Change to allow test 0383 to work on HFS+ (non-case-sensitive FS)John Jetmore
2010-07-04Fix malware regression for cmdline scanner introduced in PP/08.Phil Pennock
Notification from Dr Andrew Aitchison. (Also: make the PP/08 description more complete)
2010-06-14added expansion tests for bool{} and bool_lax{}John Jetmore
2010-06-14print sizeof(off_t) in initial -bV output. Refuse to tun tests is ↵John Jetmore
sizeof(off_t) > 32.
2010-06-14Clarify that the ACL framework is not invoked for -bmalware, so that usingPhil Pennock
ACL variables in av_scanner blindly will not work.
2010-06-13Remove logic branch which can use PRIdMAX for SIZE_T_FMT because it failsPhil Pennock
when size_t is 32-bit but the system supports 64-bit integers.
2010-06-12account for new information TLS log line added in tls-openssl.c 1.23John Jetmore
2010-06-12removed extraneous "\n" from the end of some log_write lines, removed ↵John Jetmore
"magic" string " => " from a non-delivery log line
2010-06-12Add tcp_wrappers_daemon_name (closes: bug #278)John Jetmore
(I honestly have no memory of writing this patch...)
2010-06-12iaddressing bug 966 and my own concerns, stop sending non-panic error to ↵John Jetmore
panic log in dkim.c
2010-06-09Minor doc updates:Phil Pennock
* -bmalware, note that not running as invoking user and emphasize that it's for debugging Exim, not for general scanning. * permit_codedump ? coRedump. * Anon SSL lacking cert has been confirmed, fix works, remove the "(I believe)" (which also might have been inferred to mean I did the diagnosis; I didn't, I just convinced myself that Martin's analysis was correct).
2010-06-08another change related to Date/Message-Id order, just took me a while to ↵John Jetmore
realize how it was related.
2010-06-08log/5101 - header order, plus new wording for appendfile to dir from MBX ↵John Jetmore
security checks stdout/0390 - allow for new option permit_coredump in output (from bug 834)
2010-06-07Run when EXIM_USER=notroot specified.Phil Pennock
2010-06-07For the new SIZE_T_FMT, if not C99 then our size_t conversion specifierPhil Pennock
should use PRIdMAX; this was disabled because I was testing the other logic and forgot to restore before commit. Bleh, sorry. Add #if to protect against unused variable complaints for this too.
2010-06-07Both bool{} and bool_lax{} should ignore trailing whitespace.Phil Pennock
2010-06-07Added bool_lax{} expansion operator, which uses Router condition logic toPhil Pennock
determine whether or not a string is true. Switch the multiple-condition logic to use bool_lax{}. Add note where we combine multiple conditions regarding the memory leak.
2010-06-07Allow Routers to have multiple conditions, IF each one yields a strict bool.Phil Pennock
Fixes: #816
2010-06-07Clean up compiler warnings from { gcc -Wall }, many of which I introduced withPhil Pennock
the ClamAV and openssl_options patches in this release. Logic in buildconfig.c for adjusting some print format strings assumed that long ints were four bytes; adjust to test this against reality, to remove spurious warnings on my dev box (FreeBSD/amd64). Note: this commit adds a buildconfig.h dependency upon inttypes.h, which was in SUSv2, so should be safe.
2010-06-06Build without WITH_CONTENT_SCAN.Phil Pennock
Broken by -bmalware option added while reworking ClamAV to new API. Path from Andreas Metzler (adjusted slightly).
2010-06-06No longer permit the exim user to be root. Fixes: #752Phil Pennock
2010-06-06Implement --version. Fixes: #973Phil Pennock
2010-06-06Light documentation dusting from patch provided by John Horne.Phil Pennock
Fixes: #922
2010-06-06Implement "control = debug" ACL control. Fixes: #937Phil Pennock
2010-06-05New expansion operator: reverse_ipPhil Pennock
2010-06-05Update OptionLists. (Claim for 4.72 because 4.73 not yet complete and don'tPhil Pennock
want to claim have *more* than we do, but okay to make a lesser claim). Typo fix in RFC reference in spec.xfpt.
2010-06-05ClamAV INSTREAM scanning by default, unless built with WITH_OLD_CLAMAV_STREAM.Phil Pennock
New command-line option, -bmalware (restricted to admin_user). Fixes: #926
2010-06-05Deal with anonymous SSL giving us no peer certificate.Phil Pennock
2010-06-05Handle SASL Initial Response.Phil Pennock
See discussion at: http://lists.exim.org/lurker/message/20090125.014515.3746c882.en.html and the code is "correct by inspection", for whatever that's worth.
2010-06-05Add permit_coredump pipe transport option. Fixes: #834Phil Pennock
2010-06-05Doh, fix the error message to say SSL_read not SSL_write.Phil Pennock
2010-06-05Log a diagnostic when an SSL write fails, to help admins debug SSL interop ↵Phil Pennock
issues. Fixes: #995
2010-06-05Add an openssl_options main configuration option, to allow administrators toPhil Pennock
shoot themselves in each foot in turn. The default value is chosen to avoid a change in behaviour, but since it is disabling a security countermeasure, I'd like to change the default to be "no options". Fixes: #994
2010-06-05two more header order changesJohn Jetmore
2010-06-05fix output for SSL logging format changeJohn Jetmore
2010-06-05munge caller's GECOS in output to make more portable across test accountsJohn Jetmore
2010-06-05runtest - trim trailing whitespace from otherwise un-rewritten host lines in ↵John Jetmore
munge function 0190, 0244, 0297, 0350, 0430 - standardize trailing whitespace 0403 - lingering header order fix, fix change in lookup type encoding after dkim lookup type removal
2010-06-04With a few minor exceptions for tests that had additional concerns and tests ↵John Jetmore
I don't have working in my environment yet, this should be the last of the header-order-related changes
2010-06-03updating test suite - rolling back incomplete fix for header order change ↵John Jetmore
(header order changed back to old behavior)
2010-06-03Added DISABLE_DKIM option to EDITME, leaving some breadcrumbs about it being ↵John Jetmore
turned on by default