Age | Commit message (Collapse) | Author | |
---|---|---|---|
2014-05-22 | Compiler quietening. Bug 907 | Jeremy Harris | |
2014-05-22 | Bug 1394: Document how to do per host conn limits | Todd Lyons | |
Since the max connections per host setting is computed and enforced in the master listening process before the fork, there is no easy way to get an accurate connection count once the Proxy Protocol negotiation has been done (i.e. in a child process, after the fork). Rather than try to use a shared mmap file using CAS in the children to manipulate it, we just advise of a crude version of max connections per IP be achieved by using ratelimit per_conn in the connect ACL. | |||
2014-05-22 | Fix doc for dovecot authenticator. Bugs 1448, 1483 | Jeremy Harris | |
2014-05-21 | RFC3461 support - MIME DSN messages. Bug 118 | Wolfgang Breyha | |
2014-05-21 | Eliminate one foolish way to break the build | Jeremy Harris | |
2014-05-21 | Add PRDR feature output in -bV | Todd Lyons | |
2014-05-20 | Support optional server certificate name checking. Bug 1479 | Jeremy Harris | |
Enable EXPERIMENTAL_CERTNAMES to include. | |||
2014-05-20 | Final tidyout of EXPERIMENTAL_PRDR | Jeremy Harris | |
2014-05-17 | Use accessor functions for OpenSSL internal data | Jeremy Harris | |
2014-05-16 | General tidying | Jeremy Harris | |
2014-05-16 | Tidy certificate verification logic under OpenSSL | Jeremy Harris | |
2014-05-13 | Extractors for certificate time fields support integer output modifier | Jeremy Harris | |
2014-05-13 | Extractor for named RDN element types from a certificate DN field. | Jeremy Harris | |
2014-05-13 | Updated changelog. | Todd Lyons | |
Accidentally included the fix for Bug 1119 in the same commit fixing Proxy Protocol version 2 to match the API change in May 2014. | |||
2014-05-13 | Bug 1394: PPv2 header modifed | Todd Lyons | |
The HAProxy dev team adjusted the layout of the 16 byte header to allow it to be used for SSL connections. Had to adjust PPv2 handling code and perl proxy emulation script. Added link to this HAProxy commit in the documentation. | |||
2014-05-13 | Fix cert fingerprint path to deny noncerts | Jeremy Harris | |
2014-05-13 | certextract tidying | Jeremy Harris | |
2014-05-13 | Add doc notes on verifying self-signing hosts | Jeremy Harris | |
2014-05-13 | Update docs for suggested Ident and PRDR settings | Jeremy Harris | |
2014-05-13 | Merge branch 'master' of ssh://git.exim.org/home/git/exim | Todd Lyons | |
2014-05-13 | Test suite normalize TLS 1.[12] to TLS1 | Todd Lyons | |
2014-05-13 | Move PRDR out of EXPERIMENTAL | Jeremy Harris | |
2014-05-12 | Merge branch 'master' of ssh://git.exim.org/home/git/exim | Todd Lyons | |
2014-05-12 | Provide better sprintf debug output for callers | Todd Lyons | |
2014-05-12 | Propagate dnssec status from dnslookup router through transport to tpda | Jeremy Harris | |
2014-05-12 | Fix pair of buffer size errors. Bug 1478 | Jeremy Harris | |
Reported-by: David Binderman | |||
2014-05-11 | New expansion operator sha256 for certificates. Bug 1170 | Jeremy Harris | |
2014-05-11 | More testcase serialization | Jeremy Harris | |
2014-05-11 | Compiler quietening and testcase consistency | Jeremy Harris | |
Fix an unterminated comment from 018058b | |||
2014-05-09 | Remove extraneous debug | Jeremy Harris | |
2014-05-09 | Make $tls_out_ocsp visible to TPDA (mostly testsuite) | Jeremy Harris | |
2014-05-08 | Certificate-related routines only present when TLS is supported | Jeremy Harris | |
2014-05-08 | Enable operator md5 and sha1 use on certificate variables. Bug 1170 | Jeremy Harris | |
2014-05-06 | OCSP observability: variables $tls_{in,out}_ocsp | Jeremy Harris | |
and smtp transport option hosts_request_ocsp | |||
2014-05-06 | Refactor tls_client_init interface | Jeremy Harris | |
2014-05-05 | Extractors for subject-alternate-name, ocsp-uri, crl-uri return list. Bug 1358 | Jeremy Harris | |
2014-05-04 | Fix build with OpenSSL on earlier versions. | Jeremy Harris | |
Centos 6.5 and earlier had a build fail with GENERAL_NAME etc. undefined. Just include the file defining it even if it's a duplicate on later versions. | |||
2014-05-03 | More debug output | Jeremy Harris | |
2014-05-03 | Restore testsuite operation on earlier GnuTLS libraries | Jeremy Harris | |
Typo | |||
2014-05-03 | Restore testsuite operation on earlier GnuTLS libraries | Jeremy Harris | |
2014-05-02 | Certificate variables and field-extractor expansions. Bug 1358 | Jeremy Harris | |
2014-05-01 | Support dnssec in verify-callout use of smtp transport. | Jeremy Harris | |
Use of dnslookup router support is already present. | |||
2014-05-01 | Cancel in-progress or reject requeted cutthrough when fakereject. Bug 1475 | Jeremy Harris | |
2014-04-29 | Merge branch 'master' of ssh://git.exim.org/home/git/exim | Todd Lyons | |
2014-04-29 | Bug 1454: Option -oMm for message reference | Heiko Schlichting | |
Includes docs and test suite | |||
2014-04-27 | Add options dnssec_request_domains, dnssec_require_domains to the smtp transport | Jeremy Harris | |
Note there are no testsuite cases included. TODO in this area: - dnssec during verify-callouts - dnssec on the forward lookup of a verify=helo and verify=reverse_host_lookup | |||
2014-04-24 | Support OCSP Stapling under GnuTLS. Bug 1459 | Jeremy Harris | |
Requires GnuTLS version 3.1.3 or later. Under EXPERIMENTAL_OCSP | |||
2014-04-24 | Dnssec observability: add variable $lookup_dnssec_authenticated | Jeremy Harris | |
2014-04-24 | Fix typo in markup. Add .new/.wen. | Todd Lyons | |
2014-04-24 | Bug 609: Add -C option to exiqgrep | Lars Timmann | |
Option is a passthrough to the exim process that it spawns that generates the queue list. Fixed Conflicts: doc/doc-txt/ChangeLog |