summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2018-03-25DKIM: move ed25519_privkey_pem_to_pubkey_raw_b64 to src/util/ and add usage ↵Jeremy Harris
notes to docs
2018-03-25Docs: more on ${authresults }Jeremy Harris
2018-03-24ARC: give more detail with "bad signing-spec" messageJeremy Harris
2018-03-24Mark variables that are unused before release of store in the queue-list loopJeremy Harris
2018-03-23Address jgh notes re OpenSSLPhil Pennock
* `/usr/local` is fair, on Linux, but I deliberately picked something specific to OpenSSL to make the context clear and limit bad interactions with other locally-installed software. * `RPATH` and `RUNPATH` are not the same and are deeply twisty in their interactions. <https://blog.qt.io/blog/2011/10/28/rpath-and-runpath/> is a decent summary.
2018-03-23ARC: For signing, accept A-R header lacking ARC info as equivalent to "none"Jeremy Harris
2018-03-23Docs: typoJeremy Harris
2018-03-23Fix spool_wireformat final-dot on LMTP transport. Bug 2258Jeremy Harris
Broken-by: 328c5688db
2018-03-23ARC: add independent-source testcase. Fix signatures by not line-terminatingJeremy Harris
last header line being hashed.
2018-03-23exiqsumm fix: Check @ARGV exists before testing itGraeme Fowler
2018-03-22Set a TERM handler to terminate properly if running as PID 1Heiko Schlittermann (HS12-RIPE)
2018-03-22SPF: additional variable $spf_result_guessed; tweak authresults string ↵Jeremy Harris
indicating guess
2018-03-21Pipe transport, part two. Bug 2257exim-4_91_RC2Jeremy Harris
2018-03-21ARC: AS header should have no c= tagJeremy Harris
2018-03-21ARC: on the smtp transport option take empty or forced-fail to disable signingJeremy Harris
2018-03-20Not all the world is binutils ldPhil Pennock
2018-03-20Fix pipe transport to not use a socket-only syscall. Bug 2257Jeremy Harris
Broken-by: 42055a3385
2018-03-20DKIM: harden signature header parsingJeremy Harris
2018-03-19LibreSSL version numbering differe from OpenSSLJeremy Harris
2018-03-18DMARC: tescaseJeremy Harris
Extremely basic; we have no control of the DNS use of the dmarc library
2018-03-18DMARC: if ACL condition not called, do not add anything to authres stringJeremy Harris
Previously "skipped" was added; that is no only done for an actual call which could not be completed
2018-03-18Unbreak DMARCJeremy Harris
Broken-by: c780096c29
2018-03-18DMARC: add results to generic authres string; remove $dmarc_ar_headerJeremy Harris
2018-03-17typoJeremy Harris
2018-03-17DKIM: Ed25519 signatures under OpenSSL (1.1.1 or later)Jeremy Harris
OpenSSL 1.1.1 is not released yet, but operation has been checked against the current source
2018-03-17DMARC: add variables to list of those now-unused at the tail of the SMTP ↵Jeremy Harris
per-message loop
2018-03-17Build-variant tidyupJeremy Harris
2018-03-16openssl: use += for LDFLAGS, drop env PC docsPhil Pennock
Using `LDFLAGS=` instead of `LDFLAGS+=` will stomp over an earlier setting of LDFLAGS, and the DMARC support is now further up in `src/EDITME`, thus likely to get stomped upon. Rather than continue to document using `PKG_CONFIG_PATH` via env, the in-Local/Makefile support has been around for a little while now, so go ahead and make that the only way we suggest here. Add a mention of _why_ we use both `USE_OPENSSL_PC` and `LDFLAGS`.
2018-03-16Fix heavy-pipeline SMTP command input corruption. Bug 2250Jeremy Harris
2018-03-15Docs: copyright yearexim-4_91_RC1Jeremy Harris
2018-03-15Docs: changemar markupJeremy Harris
2018-03-15Mark variables that are unused before release of store in the receive ↵Jeremy Harris
message loop
2018-03-15NewStuff & doc addition for redis cluster changesGraeme Fowler
2018-03-13ARC: add $arc_state, $arc_state_reason and add reason to authres stringJeremy Harris
2018-03-13Mark variables unused before release of store in the queue-runner loopJeremy Harris
2018-03-13tidyingJeremy Harris
2018-03-13Mark variables unused before release of store in the daemon loopJeremy Harris
2018-03-13Compiler quieteningJeremy Harris
2018-03-12Fix memory leak during build process (Bug 2183)Heiko Schlittermann (HS12-RIPE)
(Normally we don't care about leaks in short lived processes we use during build time. But as -fsanitize=address breaks the build in an early stage, the leak is fixed now.) Thanks to Andrew Aitchison.
2018-03-12Fix dec64table[] OOB read in b64decode()Tomas Hoger
Possible values for y at this point are 0..255. However, dec64table[] only has 128 entries and hence valid indexes are 0..127. The values of y greater than 127 trigger out of bounds read. As dec64table[] is in the data segment, the OOB access is not detected by tools as valgrind or ASAN. This adds a check to ensure y is less than or equal to 127, just like in other cases where dec64table[] is accessed. Note that removal of the y == 0 condition is not a problem, as dec64table[0] == 255, so the second part of the condition is true.
2018-03-12Update to protocol used by avast 2.2.0 (Multiline responses) (Bug 2112)Heiko Schlittermann (HS12-RIPE)
Based on a patch by Victor Ustugov.
2018-03-11ARC: options on the verifyJeremy Harris
2018-03-11Fix ldap lookups for zero-length attribute value. Bug 2251Jeremy Harris
Broken-by: acec9514b1
2018-03-11tidyingJeremy Harris
2018-03-11ARC: compiler quieteningJeremy Harris
2018-03-11PRDR: append overall DATA acceptance message to delivery log line "C=" item. ↵Simon Arlott
Bug 2253 It can have useful tracking info from the destination, eg. their message Id.
2018-03-10Extra checks on inbound SMTP stream buffer refillJeremy Harris
2018-03-10Do not use bashism in /bin/sh scrit (Bug 2249)Heiko Schlittermann (HS12-RIPE)
2018-03-09Copy/paste fail on end of Perl line (thanks JGH)Graeme Fowler
2018-03-09Handle testsuite dual-daemon redis start/reapGraeme Fowler