summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2014-05-13Updated changelog.Todd Lyons
Accidentally included the fix for Bug 1119 in the same commit fixing Proxy Protocol version 2 to match the API change in May 2014.
2014-05-13Bug 1394: PPv2 header modifedTodd Lyons
The HAProxy dev team adjusted the layout of the 16 byte header to allow it to be used for SSL connections. Had to adjust PPv2 handling code and perl proxy emulation script. Added link to this HAProxy commit in the documentation.
2014-05-13Fix cert fingerprint path to deny noncertsJeremy Harris
2014-05-13certextract tidyingJeremy Harris
2014-05-13Add doc notes on verifying self-signing hostsJeremy Harris
2014-05-13Update docs for suggested Ident and PRDR settingsJeremy Harris
2014-05-13Merge branch 'master' of ssh://git.exim.org/home/git/eximTodd Lyons
2014-05-13Test suite normalize TLS 1.[12] to TLS1Todd Lyons
2014-05-13Move PRDR out of EXPERIMENTALJeremy Harris
2014-05-12Merge branch 'master' of ssh://git.exim.org/home/git/eximTodd Lyons
2014-05-12Provide better sprintf debug output for callersTodd Lyons
2014-05-12Propagate dnssec status from dnslookup router through transport to tpdaJeremy Harris
2014-05-12Fix pair of buffer size errors. Bug 1478Jeremy Harris
Reported-by: David Binderman
2014-05-11New expansion operator sha256 for certificates. Bug 1170Jeremy Harris
2014-05-11More testcase serializationJeremy Harris
2014-05-11Compiler quietening and testcase consistencyJeremy Harris
Fix an unterminated comment from 018058b
2014-05-09Remove extraneous debugJeremy Harris
2014-05-09Make $tls_out_ocsp visible to TPDA (mostly testsuite)Jeremy Harris
2014-05-08Certificate-related routines only present when TLS is supportedJeremy Harris
2014-05-08Enable operator md5 and sha1 use on certificate variables. Bug 1170Jeremy Harris
2014-05-06OCSP observability: variables $tls_{in,out}_ocspJeremy Harris
and smtp transport option hosts_request_ocsp
2014-05-06Refactor tls_client_init interfaceJeremy Harris
2014-05-05Extractors for subject-alternate-name, ocsp-uri, crl-uri return list. Bug 1358Jeremy Harris
2014-05-04Fix build with OpenSSL on earlier versions.Jeremy Harris
Centos 6.5 and earlier had a build fail with GENERAL_NAME etc. undefined. Just include the file defining it even if it's a duplicate on later versions.
2014-05-03More debug outputJeremy Harris
2014-05-03Restore testsuite operation on earlier GnuTLS librariesJeremy Harris
Typo
2014-05-03Restore testsuite operation on earlier GnuTLS librariesJeremy Harris
2014-05-02Certificate variables and field-extractor expansions. Bug 1358Jeremy Harris
2014-05-01Support dnssec in verify-callout use of smtp transport.Jeremy Harris
Use of dnslookup router support is already present.
2014-05-01Cancel in-progress or reject requeted cutthrough when fakereject. Bug 1475Jeremy Harris
2014-04-29Merge branch 'master' of ssh://git.exim.org/home/git/eximTodd Lyons
2014-04-29Bug 1454: Option -oMm for message referenceHeiko Schlichting
Includes docs and test suite
2014-04-27Add options dnssec_request_domains, dnssec_require_domains to the smtp transportJeremy Harris
Note there are no testsuite cases included. TODO in this area: - dnssec during verify-callouts - dnssec on the forward lookup of a verify=helo and verify=reverse_host_lookup
2014-04-24Support OCSP Stapling under GnuTLS. Bug 1459Jeremy Harris
Requires GnuTLS version 3.1.3 or later. Under EXPERIMENTAL_OCSP
2014-04-24Dnssec observability: add variable $lookup_dnssec_authenticatedJeremy Harris
2014-04-24Fix typo in markup. Add .new/.wen.Todd Lyons
2014-04-24Bug 609: Add -C option to exiqgrepLars Timmann
Option is a passthrough to the exim process that it spawns that generates the queue list. Fixed Conflicts: doc/doc-txt/ChangeLog
2014-04-24dnssec_strict, _lax, _never modifiers for dnsdb lookupsJeremy Harris
Lacking testsuite coverage
2014-04-23Bug 1453: Add SERVERS ldap server list overrideHeiko Schlichting
2014-04-23Merge branch 'master' of git://git.exim.org/eximTodd Lyons
2014-04-23Make --verbose propogate to html generation scriptTodd Lyons
2014-04-21Merge remote-tracking branch 'github/pr/13'Phil Pennock
(exiqgrep -a support)
2014-04-22exiqgrep: add -a to use all recipients (including delivered)mg
2014-04-21Updated GnuTLS error messagesJeremy Harris
2014-04-21Fix testcase "server missing/empty certificate file"Jeremy Harris
GnuTLS early versions (pre 3.0.0 ?) fail to send a reasonable client-cert request when tls_verify_certificates is an empty file. Since the test is for missing *server* certs (tls_certificate) avoid this by pointing to a real (if non-verifying) cert in tls_verify_certificates.
2014-04-21Fix DISABLE_DNSSEC buildJeremy Harris
Bad syntax possibly only affected some compilers.
2014-04-20Make testcase more robust vs. timing variationsJeremy Harris
by restricting operations and logging to fewer items of interest
2014-04-20Restore testsuite operation under gnuTLS 2.8.5Jeremy Harris
2014-04-20Update testsuite for gnuTLS 3.1.23Jeremy Harris
2014-04-20Add options dnssec_request_domains, dnssec_require_domains to the dnslookup ↵Jeremy Harris
router Note there are no testsuite cases included. TODO in this area: - dnssec during verify-callouts - dnssec during dnsdb expansions - dnssec on the forward lookup of a verify=helo and verify=reverse_host_lookup - observability of status of requested dnssec
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-14 21:41:24 +0000