summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2010-12-26LDAP Authetication documentation example syntax fixNigel Metheringham
Fixes: bug #999
2010-12-26Reword BSMTP ACL documentationNigel Metheringham
Fixes: bug #974
2010-12-26Eximstats documentstion - s/delivery_time/deliver_time/Nigel Metheringham
Fixes: bug #1034
2010-12-26drop unwanted paragraph break.Andreas Metzler
Fixes: bug #1052 Signed-off-by: Nigel Metheringham <nigel@exim.org>
2010-12-26fix grammar error: s/this/that/Andreas Metzler
Fixes: bug #1051 Signed-off-by: Nigel Metheringham <nigel@exim.org>
2010-12-23Merge branch 'master' of ssh://git.exim.org/home/git/eximNigel Metheringham
2010-12-21Do not refer to TRUSTED_CONFIG_PREFIX_FILE.Andreas Metzler
Refer to TRUSTED_CONFIG_LIST instead of TRUSTED_CONFIG_PREFIX_FILE in documentation and comments.
2010-12-19Inserted change notifications into the documentation sourceNigel Metheringham
2010-12-18Make the documentation cleared that TRUSTED_CONFIG_LIST is pathname one per lineDavid Woodhouse
2010-12-18Release script now generates the HTML documentationNigel Metheringham
This is really rather crude... but should work.
2010-12-18Updated version numbers of code and documentationNigel Metheringham
2010-12-17Merge branch 'master' of ssh://git.exim.org/home/git/eximDavid Woodhouse
2010-12-17Stripped old HTML doc generation - will add new HTML gen soonNigel Metheringham
2010-12-16Turn TRUSTED_CONFIG_PREFIX_LIST into TRUSTED_CONFIG_LIST. No prefix or regexesDavid Woodhouse
2010-12-16Updated mk_exim_release.pl to work with gitNigel Metheringham
However this still builds docs as before - ie it does not use the new HTML generation. Will work on that next.
2010-12-15Allow only Exim or CONFIGURE_OWNER to use whitelisted configs with -CDavid Woodhouse
We only added TRUSTED_CONFIG_PREFIX_FILE to compensate for the enforcing of ALT_CONFIG_ROOT_ONLY. Let's not open it up any further than we need to; other users don't get to make use of it.
2010-12-15Kil va_copy(). It isn't present on some ancient systems.David Woodhouse
2010-12-15Implement -D whitelist invoking user restriction.Phil Pennock
Document WHITELIST_D_MACROS.
2010-12-14doc-txt updates for the security changesPhil Pennock
2010-12-14Implement -D filtering, first pass.Phil Pennock
2010-12-14Document the change to system_filter_user's default.Phil Pennock
2010-12-14Change the default for system_filter_user.Phil Pennock
If the system filter needs to be run as root, let that be explicitly configured. The default is now the Exim run-time user. Document this, and a couple of other points, in IncompatibleChanges.
2010-12-12Allow only absolute paths in TRUSTED_CONFIG_PREFIX_LIST, fix store leakDavid Woodhouse
2010-12-12Set FD_CLOEXEC on SMTP sockets after forking to handle the connection.David Woodhouse
2010-12-12Add TRUSTED_CONFIG_PREFIX_FILE optionDavid Woodhouse
(Bug 1044, CVE-2010-4345)
2010-12-12Remove ALT_CONFIG_ROOT_ONLY build option, effectively making it always true.David Woodhouse
We *never* want the Exim user to be able to specify arbitrary configuration files. Don't let them build it that way. (Bug 1044, CVE-2010-4345)
2010-12-11Check configure file permissions even for non-default files if still privilegedDavid Woodhouse
(Bug 1044, CVE-2010-4345)
2010-12-11Don't allow a configure file which is writeable by the Exim user or groupDavid Woodhouse
(Bug 1044, CVE-2010-4345)
2010-12-11Add Valgrind hooks for memory poolsDavid Woodhouse
It's useful to tell Valgrind when memory is undefined because it's been freed by store_reset(), and when it's not supposed to be accessed because although it's been allocated for the store it hasn't actually been given out by store_get() yet.
2010-09-05OpenSSL and XSL changes documented.Phil Pennock
Plus typo fixed.
2010-09-05Document the ClamAV ExtendedDetectionInfo response handling.Phil Pennock
2010-09-05OpenSSL 1.0.0 const fix for SSL_get_current_cipherPhil Pennock
OpenSSL 1.0.0 changes SSL_get_current_cipher()'s return value to include const. It looks like a safe change for older OpenSSL, so treat it appropriately and cast as needed.
2010-09-05Guidance on contributing to Exim.Phil Pennock
2010-09-05Use public http: URLs for XSL includes.Phil Pennock
Adjust OS-Fixups, document how this works in HowItWorks.txt
2010-09-05Rework clamd response handling to be more robust.Phil Pennock
In particular, clamd's ExtendedDetectionInfo option broke our parsing.
2010-07-19Merge ssh://tahini.csx.cam.ac.uk/home/git/eximJohn Jetmore
2010-07-19Somehow in learning how to use git I lost half the changes needed to fix the ↵John Jetmore
collision between 0383.f and 0383.F on HFS+. this is the second half of 04a45836676516936d791202928e249b711c03ee
2010-07-19Bugzilla #1006: Keep EHLO attributes in case STARTTLS errors are ignoredTom Kistner
Applied patch submitted by Micha Lenk. Thanks!
2010-07-16The test architecture can't support having the testsuite user and the Exim ↵John Jetmore
user the same. restrict it in runtest and add a note about it in the README
2010-07-16Change to allow test 0383 to work on HFS+ (non-case-sensitive FS)John Jetmore
2010-07-04Fix malware regression for cmdline scanner introduced in PP/08.Phil Pennock
Notification from Dr Andrew Aitchison. (Also: make the PP/08 description more complete)
2010-06-14added expansion tests for bool{} and bool_lax{}John Jetmore
2010-06-14print sizeof(off_t) in initial -bV output. Refuse to tun tests is ↵John Jetmore
sizeof(off_t) > 32.
2010-06-14Clarify that the ACL framework is not invoked for -bmalware, so that usingPhil Pennock
ACL variables in av_scanner blindly will not work.
2010-06-13Remove logic branch which can use PRIdMAX for SIZE_T_FMT because it failsPhil Pennock
when size_t is 32-bit but the system supports 64-bit integers.
2010-06-12account for new information TLS log line added in tls-openssl.c 1.23John Jetmore
2010-06-12removed extraneous "\n" from the end of some log_write lines, removed ↵John Jetmore
"magic" string " => " from a non-delivery log line
2010-06-12Add tcp_wrappers_daemon_name (closes: bug #278)John Jetmore
(I honestly have no memory of writing this patch...)
2010-06-12iaddressing bug 966 and my own concerns, stop sending non-panic error to ↵John Jetmore
panic log in dkim.c
2010-06-09Minor doc updates:Phil Pennock
* -bmalware, note that not running as invoking user and emphasize that it's for debugging Exim, not for general scanning. * permit_codedump ? coRedump. * Anon SSL lacking cert has been confirmed, fix works, remove the "(I believe)" (which also might have been inferred to mean I did the diagnosis; I didn't, I just convinced myself that Martin's analysis was correct).