summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2012-06-04Fix post-rebase merge issues.Jeremy Harris
2012-06-04Split out OpenSSL and GnuTLS versions of tests.Jeremy Harris
2012-06-04Change use of $tls_cipher in client context to $tls_out_cipher.Jeremy Harris
2012-06-04Fix bug verifying certs on dual-tls.Jeremy Harris
2012-06-04Support transport hosts_avoid_tls for cutthrough.Jeremy Harris
2012-06-04Add testcase for callout fallback from ESMTP to SMTP.Jeremy Harris
2012-06-04Better debug.Jeremy Harris
2012-06-04Fix testsuite cases affected by 8bitmime-as-default.Jeremy Harris
2012-06-04Fix tls variables order, and testsuite case 5401 (cutthrough) for changes ↵Jeremy Harris
that went in with dual-tls.
2012-06-04Deal explicitly with attempt to callout via null transport; fixes crash.Jeremy Harris
2012-06-04Fixup testsuite cases affected by dual-tls - mainly EHLO on callouts.Jeremy Harris
2012-06-04Dual-tls - split management of TLS into in- and out-bound connection-handling.Jeremy Harris
Enables concurrent use from a single process, and thereby use for cutthrough delivery. As a side-effect EHLO and TLS use for verify callouts introduced. This was a manual import from elsewhere and is known to fail the test-suite.
2012-06-04Testsuite cases for basic cutthrough_delivery.Jeremy Harris
Also fixed bug where a predata acl was required for cutthrough.
2012-06-04Basic cutthrough delivery.Jeremy Harris
2012-06-04Test for proper parsing of optional MAIL FROM args.Todd Lyons
2012-06-04Refactor optional MAIL FROM argsTodd Lyons
2012-06-04Test system - parse ipv6 addresses with no :: in them.Todd Lyons
2012-06-04Remove extraneous #ifndef guards from config.h.defaultJeremy Harris
2012-06-03Implement -G => "control=suppress_local_fixups"Phil Pennock
fixes bug 1117
2012-06-03Cmdline -L option; also -Ac -Am -X<logfile>Phil Pennock
These are for Sendmail compatibility. bug 1117
2012-06-03ChangeLog: note cyrus plugin use situationPhil Pennock
2012-06-03Cyrus SASL: set host;port properties on auth driverPhil Pennock
2012-06-03copyright yearPhil Pennock
2012-06-03DSCP: inbound via control = dscp/<value>Phil Pennock
2012-06-02Docs: pipes in redirect, need for quote cautionPhil Pennock
2012-06-02Christof Meerwald (for patches in bug 1095)Phil Pennock
2012-06-02DSCP: take numeric values too.Phil Pennock
Also fix doc claim that value is unexpanded. Also strip affix whitespace before numeric conversion and fixed string comparison.
2012-06-02FreeBSD is ELF and has been for a long timePhil Pennock
2012-06-02DSCP: document; hex print; -bI:dscpPhil Pennock
2012-06-01DSCP support, tentativePhil Pennock
2012-06-01DNSSEC babystep: dns_use_dnssec & $sender_host_dnssecPhil Pennock
2012-06-01improve PH entry, per Bill Hacker's suggestionPhil Pennock
2012-06-01ACKNOWLEDGEMENTS update, covering a few yearsPhil Pennock
2012-06-01tls_dh_min_bits smtp transport optionPhil Pennock
Could not find an API for use with OpenSSL, so GnuTLS only
2012-06-01Make -n combine with -bP to inhibit namesPhil Pennock
2012-06-01Add -bI:help and -bI:sievePhil Pennock
2012-05-31Doc: drop .new/.wen, update previousversion.Phil Pennock
Also, drop fix one place which claimed TLS SNI support was OpenSSL only.
2012-05-30Revert "Lower EXIM_CLIENT_DH_MIN_BITS 1024 -> 512."exim-4_80Phil Pennock
This reverts commit 83f4c7515f3eb06dc070e78edd2694c1d088e5fd. This was not a new check! The call to gnutls_dh_set_prime_bits() was made with DH_BITS in Exim 4.77, so the only difference is that now an administrator can choose at compile time to change the lower bound. So keeping this at 1024 is not a regression and if we can't talk to them now, we couldn't before, and we shouldn't lower security by default. The reverted commit was only acceptable IF it was still better than what we had in Exim 4.77.
2012-05-30Lower EXIM_CLIENT_DH_MIN_BITS 1024 -> 512.Phil Pennock
Wolfgang Breyha saw a real-world site using 768 bits.
2012-05-28Merge openssl_disable_ssl2 branchexim-4_80_RC7Phil Pennock
2012-05-27typo fix: "overriden" -> "overridden" from Andreas MetzlerPhil Pennock
2012-05-27release: don't try to sign .tar.lz filesPhil Pennock
2012-05-27Test: update for new tls_dhparam (suite used on Scientific Linux 6 test host).Jeremy Harris
2012-05-27Doc: fix glitchexim-4_80_RC6Phil Pennock
2012-05-27Test: update for new tls_dhparamPhil Pennock
2012-05-27Doc: SECTgnutlsparam referencing tls_dhparamPhil Pennock
2012-05-27For DH, use standard primes from RFCsPhil Pennock
2012-05-27">" -> ">=" for EXIM_CLIENT_DH_MIN_BITS+10Phil Pennock
2012-05-27Deal with GnuTLS DH generation overshootPhil Pennock
2012-05-26FAQ for GnuTLSPhil Pennock