summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2017-12-09Testsuite: regen TLSA records, to match cert treeJeremy Harris
2017-12-08tidyingJeremy Harris
2017-12-08Add compile-time guard against BDB library version 6Jeremy Harris
2017-12-03Docs: amend warning on on lack of multiple-OCSP-proof supportJeremy Harris
2017-12-03GnuTLS: multiple server certs, OCSP stapling. Bug 2092Jeremy Harris
2017-12-03Testsuite: regen certs trees, now with OCSP response for one EC certJeremy Harris
2017-12-03DKIM: Ignore non-DKIM TXT records in DNS response. Bug 2207Heiko Schlittermann (HS12-RIPE)
2017-12-03Fix initialiser in smtp transportJeremy Harris
Broken-by: 838d897c8e
2017-12-03Docs: add notes on lack of multiple-OCSP-proof supportJeremy Harris
This would be wanted for server OCSP stapling in a dual RSA/ECDSA certificate installation
2017-12-03Change log updateJeremy Harris
2017-12-03Chunking: do not treat the first lonely dot special. CVE-2017-16944, Bug 2201Heiko Schlittermann (HS12-RIPE)
2017-12-03Logging: fix log line for local_scan() rejectionJeremy Harris
2017-12-03DKIM: fix tolerating spaces round tag valuesJeremy Harris
2017-12-03Fix filename length check in mime-handlingJeremy Harris
2017-12-03tidyingJeremy Harris
2017-12-01Debug: fix coding in dnssec reporting. Bug 2205Jeremy Harris
2017-11-30TLS: avoid calling smtp_auth_acl on client cert when no tls authenticator is ↵Jeremy Harris
configured
2017-11-29TLS: Fix excessive calling of smtp_auth_acl under AUTH_TLS. Bug 2203Jeremy Harris
2017-11-25tidyingJeremy Harris
2017-11-25Replace the store_release() internal interface, which was excessively unsafe.Jeremy Harris
The new store_newblock() includes the required safety checck, plus the alocate and data-copy operations.
2017-11-25Merge branch 'master' into 4.nextJeremy Harris
2017-11-25Change note for 445d03d4eaJeremy Harris
2017-11-25Avoid release of store if there have been later allocations. Bug 2199Jeremy Harris
2017-11-24Add comment on GnuTLS library debugging facilityJeremy Harris
2017-11-18Testsuite: more pre-run configuration checksJeremy Harris
2017-11-16tidyingJeremy Harris
2017-11-16Testsuite: delays for debug output ordering (again)Jeremy Harris
2017-11-16OpenSSL: avoid using now-deprecated routines on newer versionsJeremy Harris
2017-11-15Testsuite: OpenSSL/LibreSSL version output variancesJeremy Harris
2017-11-15Testsuite: OpenSSL/LibreSSL version output variancesJeremy Harris
2017-11-15Testsuite: OpenSSL/LibreSSL version output variancesJeremy Harris
2017-11-15Testsuite: better debug output from "server" script-runnerJeremy Harris
2017-11-15Testsuite: delays for debug output orderingJeremy Harris
OpenBSD seems to prioritize the child of a fork; Linux & FreeBSD the parent
2017-11-15Testsuite: force RSA auth for testcase loading dual certsJeremy Harris
More recent OpenSSL versions (1.1.0) reasonably prefer ECDSA when available, where older (1.0.2) preferred RSA
2017-11-15Typo in sample configurationJeremy Harris
2017-11-14Docs: PRVS validity. Bug 2033exim-4_90_RC2Jeremy Harris
2017-11-14Testsuite output updatesJeremy Harris
2017-11-12Add host detail on all deferred deliveries, not only the last oneHeiko Schlittermann (HS12-RIPE)
2017-11-11Testsuite: another go at munging cipher-suite stringsJeremy Harris
2017-11-11Debug: remove router DSN config dump on startupJeremy Harris
2017-11-11Testsuite: another go at munging cipher-suite stringsJeremy Harris
2017-11-11Merge branch 'master' into 4.nextJeremy Harris
2017-11-11Downgrade an unfound-list name from panic to DEFER. Bug 1645Jeremy Harris
2017-11-09Testsuite: another go at munging cipher-suite stringsJeremy Harris
2017-11-09Testsuite: another go at munging cipher-suite stringsJeremy Harris
2017-11-08docs: typoJeremy Harris
2017-11-08tidyingJeremy Harris
2017-11-08DKIM: call ACL once for each signature matching the identity from ↵Jeremy Harris
dkim_verify_signers. Bug 2189
2017-11-07DKIM: make verification results visible in data ACLJeremy Harris
2017-11-07DKIM: Allow the DKIM ACL to override verification results. Bug 2186Jeremy Harris
This provides generic support, though is covers the need introduced by https://datatracker.ietf.org/doc/draft-ietf-dcrup-dkim-usage/?include_text=1 (deprecating sha-1 and RSA keys shorter than 1024 bits).
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-30 22:08:18 +0000