summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2014-08-17Properly detect/set test variables from scripts.Todd Lyons
2014-08-17Override an unchanged default hosts_request_ocsp when DANE is usedJeremy Harris
2014-08-17Feature compile-guardJeremy Harris
2014-08-17Add observability variables and provision for avoiding OCSP conflictsJeremy Harris
2014-08-16Break out dane code to separate functionsJeremy Harris
2014-08-15Compiler quieteningJeremy Harris
2014-08-14Fix fakens TLSA generation and DANE TLSA lookupJeremy Harris
2014-08-14Shuffle test orderJeremy Harris
2014-08-14Add testcase for TLSA record accessJeremy Harris
2014-08-14Fix non-dane buildJeremy Harris
2014-08-10Enable OCSPJeremy Harris
2014-08-10Add (2 0 1) testJeremy Harris
2014-08-10Change CV= log line element for dane-verified certJeremy Harris
2014-08-10Capture the knowlege that verification succeededJeremy Harris
2014-08-10Add direct-A testJeremy Harris
2014-08-10Verifiable conn with DANE-EE(3) / SPKI(1) / SHA2-512(2)Jeremy Harris
2014-08-10Diffs for draft 11Jeremy Harris
2014-08-10Copy latest SMTP-with-DANE - draft 11Jeremy Harris
2014-08-10Add support in the fakens utility for TLSA recordsJeremy Harris
2014-08-10Add support in the fakens utility for marking records as "secure"Jeremy Harris
and returning an AD bit for lookups.
2014-08-10On a host lookup name->MX->A->ip sequence, require both stages toJeremy Harris
be dnssec before declaring the lookup was secure.
2014-08-09Ignore dane-related debug out in non-dane testcasesJeremy Harris
2014-08-08Test developmentJeremy Harris
2014-08-08Testsuite basics.Jeremy Harris
Not actually excercising DANE yet, this will take additions in the fakedns and probably changes in certificates.
2014-08-07Sketch in library interfaceJeremy Harris
2014-08-07General discussion of DANE usageJeremy Harris
2014-08-01Fix development-testing induced crash on second useJeremy Harris
2014-08-01Basic DANE entry pointsJeremy Harris
2014-07-31Add interface documentation for the DANE libraryJeremy Harris
2014-07-29Coding style closer to project normsJeremy Harris
2014-07-29Add DANE RFC (6698) for referenceTodd Lyons
2014-07-29Add current draft of SMTP with DANETodd Lyons
2014-07-29Create a hosts_try_dane transport option, does nothing yetTodd Lyons
2014-07-29Framework to build dane supportTodd Lyons
2014-07-29Fix doc parse errorTodd Lyons
2014-07-26Document acl args variables in main variables sectionJeremy Harris
2014-07-24Fix "default config" section wrt. rfc1413_hostsJeremy Harris
2014-07-23Bug 1506: document change madeTodd Lyons
2014-07-23Bug 1506: Silence static checkers.Lars Mueller
Re-adds a return NULL which was removed because it was redundant. Static checkers don't parse the logic, so adding it back to make them happy.
2014-07-23Bug 1506: Fix static typechecker outputTodd Lyons
The end of the function can never be reached because the switch is only reached if the value it is checking is valid. Putting this return silences the warnings.
2014-07-23Update version numbers, clean docs for next releaseTodd Lyons
2014-07-22Massage coding style to project normJeremy Harris
2014-07-21Documentation/Tests for CVE-2014-2972 fixexim-4_83Todd Lyons
2014-07-16Only expand integers for integer math onceTony Finch
2014-07-15Fix regex for Suse when converting spec to ASCIITodd Lyons
2014-07-14Fix parsing of mime headersJeremy Harris
RFC2045 allows parameter values to be quoted; an embedded semicolon must then not terminate the parameter.
2014-07-14DNSSEC: fix clang warning re && in || precedencePhil Pennock
I looked and AFAICT the compiler guidance gives the correct logical binding for the code intention. ``` dnsdb.c:362:32: warning: '&&' within '||' [-Wlogical-op-parentheses] || dnssec_mode == DEFER && !dns_is_secure(&dnsa) ~~ ~~~~~~~~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~ dnsdb.c:362:32: note: place parentheses around the '&&' expression to silence this warning || dnssec_mode == DEFER && !dns_is_secure(&dnsa) ^ ( ) ```
2014-07-14MacOS: fix clang redef warningPhil Pennock
2014-07-14Use Ustrlen() on a uscharPhil Pennock
2014-07-14Fix unsigned < 0 checkPhil Pennock
Two places in malware.c were using `fsize`, defined as `unsigned int`, to receive the result of `lseek()` and then checking if the value was less than 0. As clang says: ``` malware.c:1228:46: warning: comparison of unsigned expression < 0 is always false [-Wtautological-compare] if ((fsize = lseek(clam_fd, 0, SEEK_END)) < 0) { ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ^ ~ ``` Fix. Use `off_t`, which we're already using elsewhere, then use `fsize_uint` to handle off_t being potentially 64-bit, and a sanity-check on conversion which hopefully won't be optimised away by compilers.
generated by cgit v1.2.3 (git 2.39.1) at 2025-01-02 18:27:29 +0000