summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2015-08-06Dup GnuTLS test to OpenSSLJeremy Harris
2015-08-05Testsuite: Avoid requesting TLS cert-status requests from GnuTLS test ↵Jeremy Harris
utility unless wanted
2015-08-02Testsuite: pass GnuTLS despite OCSP whiningJeremy Harris
2015-08-02Docs: add notes on library version limitations on OCSP stapling. Bug 1664Jeremy Harris
2015-08-02GnuTLS: avoid using OCSP on buggy library versions. Bug 1664Jeremy Harris
2015-08-02Testsuite: Add testcase for OCSP-nonaware client, to supporting server. Bug ↵Jeremy Harris
1664 The logfile here is for (I hope) the passing case, though the fixed GnuTLS library is not yet available. Also due to the bug, client-gnutls is not usable for the test; client-openssl must be used - meaning that a GnuTLS-only system cannot run the testcase: OCSP-GnuTLS/5650 OCSP stapling, server ** Command 15 ("client-ssl", starting at line 98) ** Return code 127 (expected 0)
2015-07-30Docs: Add a note about the maximum spam bar lengthHeiko Schlittermann (HS12-RIPE)
2015-07-29Docs: Clarify the "any output" phraseHeiko Schlittermann (HS12-RIPE)
2015-07-26Add ref from logging chapter to slow_lookup_log main config optionJeremy Harris
2015-07-26Compiler quieteningJeremy Harris
2015-07-26Docs: add detail on keys for lookupsJeremy Harris
2015-07-26Clean docs for next releaseJeremy Harris
2015-07-23Doc: parallel builds (make -j) workexim-4_86Heiko Schlittermann (HS12-RIPE)
2015-07-16Docs: emphasize that the smtp_connection log selector applies to inboundexim-4_86_RC5Jeremy Harris
2015-07-15Add check on tls_auth pseudo-command. Bug 1659Jeremy Harris
2015-07-12Compile with DISABLE_PRDR setPhil Pennock
2015-07-04Multiple typo fixes.Andreas Metzler
2015-07-04Bump LOCAL_SCAN_ABI_VERSION.Andreas Metzler
In 4.86 the size of struct recipient_item changed when EXPERIMENTAL_DSN was made default. This broke the local scan ABI (rebuild required). See <http://bugs.debian.org/790616>.
2015-06-27Change noteexim-4_86_RC4Jeremy Harris
2015-06-25Docs: add note on string listsJeremy Harris
2015-06-23Fix error message for router headers_remove expansion failureJeremy Harris
Associated with Bug 1533
2015-06-22Doc: Fix typoHeiko Schlittermann (HS12-RIPE)
2015-06-22Doc: Update dns_trust_aa documentationHeiko Schlittermann (HS12)
2015-06-22Docs: mark up with changebarsJeremy Harris
2015-06-22Fix support of $spam_ variables at delivery time. Bug 1647Jeremy Harris
This change is forced on us by the documentation claiming clearly the support is there, though the code does not and never has. The doc change that introduced the claim is 7d9f747b5ef8
2015-06-22Testsuite: fix operator precedence in dns_extract_auth_name()Jeremy Harris
2015-06-22Testsuite: Add a first test for dns_trust_aaHeiko Schlittermann (HS12)
2015-06-22Testsuite: fakens may return AUTHORITY recordsHeiko Schlittermann (HS12)
If an entry in db.<zone> is prefixed with "AA ", fakens will put a valid NS record into the AUTHORITY section of the returned packet. This will be used by dns_trust_aa checks.
2015-06-22Before importing a certificate, free any previous one. Bug 1648Jeremy Harris
Second try
2015-06-21Extract NS/SOA in dns_extract_auth_name() more precisly.Heiko Schlittermann (HS12)
2015-06-21Fix and extend the checks in dns_is_secure()Heiko Schlittermann (HS12)
2015-06-21Change noteJeremy Harris
2015-06-21Before importing a certificate, free any previous one. Bug 1648Jeremy Harris
Because the SSL libraries do not use Exim's heap management this was a memory-leak in "exim -bp".
2015-06-21Docs: add warning on list-sep in headerss_removeJeremy Harris
2015-06-20Docs typoexim-4_86_RC3Jeremy Harris
2015-06-20Fix build script. Bug 1646Gedalya
2015-06-20Add docs and massage coding standards for dns_trust_aaJeremy Harris
2015-06-20Add dns_trust_aaHeiko Schlittermann (HS12)
This new global option allows to trust the AA bit for specific domains the same way we'd trust the AD bit.
2015-06-16Docs: clarify notes on .ifdef Bug 1155Jeremy Harris
2015-06-15Docs: clarify notes on EventsJeremy Harris
2015-06-15DSN: fix null deref when bounce is due to conn-timeout. Bug 1630Wolfgang Breyha
2015-06-15Clarify that preceding 10ca4f was provided by Wolfgang BreyhaWolfgang Breyha
Massaged by JH
2015-06-14Add tls_eccurve main config option. Bug 1397Jeremy Harris
Patch from Suse, massaged by JH
2015-06-14minor tidyingJeremy Harris
2015-06-13Doc fix: server_secret expansions should failexim-4_86_RC2Phil Pennock
The `cyrusless_sasl` authenticator example failed to explicitly fail if no result was found from the lookup. Using `server_secret`, we should _always_ fail instead of expanding to an empty string. Doc-fix only.
2015-06-10Testsuite: additional EC encryptions seenJeremy Harris
2015-06-10Testsuite: Increase test delays and retry rule timesJeremy Harris
to allow slow hosts more reliable testing
2015-06-09Testsuite: less agressive PID-hidingJeremy Harris
2015-06-09Testsuite: quieteningJeremy Harris
2015-06-09Revert "Show the DNSSEC status (ad=) always in -bt/-bv output"Heiko Schlittermann (HS12)
This reverts commit e7a1b6ff65f1bebbc290f2a4fd7554fde00ae2f6. It's not production grade, since the wording (ad vs. trusted) is not final yet.
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-26 15:40:08 +0000