summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2010-06-14Clarify that the ACL framework is not invoked for -bmalware, so that usingPhil Pennock
ACL variables in av_scanner blindly will not work.
2010-06-13Remove logic branch which can use PRIdMAX for SIZE_T_FMT because it failsPhil Pennock
when size_t is 32-bit but the system supports 64-bit integers.
2010-06-12account for new information TLS log line added in tls-openssl.c 1.23John Jetmore
2010-06-12removed extraneous "\n" from the end of some log_write lines, removed ↵John Jetmore
"magic" string " => " from a non-delivery log line
2010-06-12Add tcp_wrappers_daemon_name (closes: bug #278)John Jetmore
(I honestly have no memory of writing this patch...)
2010-06-12iaddressing bug 966 and my own concerns, stop sending non-panic error to ↵John Jetmore
panic log in dkim.c
2010-06-09Minor doc updates:Phil Pennock
* -bmalware, note that not running as invoking user and emphasize that it's for debugging Exim, not for general scanning. * permit_codedump ? coRedump. * Anon SSL lacking cert has been confirmed, fix works, remove the "(I believe)" (which also might have been inferred to mean I did the diagnosis; I didn't, I just convinced myself that Martin's analysis was correct).
2010-06-08another change related to Date/Message-Id order, just took me a while to ↵John Jetmore
realize how it was related.
2010-06-08log/5101 - header order, plus new wording for appendfile to dir from MBX ↵John Jetmore
security checks stdout/0390 - allow for new option permit_coredump in output (from bug 834)
2010-06-07Run when EXIM_USER=notroot specified.Phil Pennock
2010-06-07For the new SIZE_T_FMT, if not C99 then our size_t conversion specifierPhil Pennock
should use PRIdMAX; this was disabled because I was testing the other logic and forgot to restore before commit. Bleh, sorry. Add #if to protect against unused variable complaints for this too.
2010-06-07Both bool{} and bool_lax{} should ignore trailing whitespace.Phil Pennock
2010-06-07Added bool_lax{} expansion operator, which uses Router condition logic toPhil Pennock
determine whether or not a string is true. Switch the multiple-condition logic to use bool_lax{}. Add note where we combine multiple conditions regarding the memory leak.
2010-06-07Allow Routers to have multiple conditions, IF each one yields a strict bool.Phil Pennock
Fixes: #816
2010-06-07Clean up compiler warnings from { gcc -Wall }, many of which I introduced withPhil Pennock
the ClamAV and openssl_options patches in this release. Logic in buildconfig.c for adjusting some print format strings assumed that long ints were four bytes; adjust to test this against reality, to remove spurious warnings on my dev box (FreeBSD/amd64). Note: this commit adds a buildconfig.h dependency upon inttypes.h, which was in SUSv2, so should be safe.
2010-06-06Build without WITH_CONTENT_SCAN.Phil Pennock
Broken by -bmalware option added while reworking ClamAV to new API. Path from Andreas Metzler (adjusted slightly).
2010-06-06No longer permit the exim user to be root. Fixes: #752Phil Pennock
2010-06-06Implement --version. Fixes: #973Phil Pennock
2010-06-06Light documentation dusting from patch provided by John Horne.Phil Pennock
Fixes: #922
2010-06-06Implement "control = debug" ACL control. Fixes: #937Phil Pennock
2010-06-05New expansion operator: reverse_ipPhil Pennock
2010-06-05Update OptionLists. (Claim for 4.72 because 4.73 not yet complete and don'tPhil Pennock
want to claim have *more* than we do, but okay to make a lesser claim). Typo fix in RFC reference in spec.xfpt.
2010-06-05ClamAV INSTREAM scanning by default, unless built with WITH_OLD_CLAMAV_STREAM.Phil Pennock
New command-line option, -bmalware (restricted to admin_user). Fixes: #926
2010-06-05Deal with anonymous SSL giving us no peer certificate.Phil Pennock
2010-06-05Handle SASL Initial Response.Phil Pennock
See discussion at: http://lists.exim.org/lurker/message/20090125.014515.3746c882.en.html and the code is "correct by inspection", for whatever that's worth.
2010-06-05Add permit_coredump pipe transport option. Fixes: #834Phil Pennock
2010-06-05Doh, fix the error message to say SSL_read not SSL_write.Phil Pennock
2010-06-05Log a diagnostic when an SSL write fails, to help admins debug SSL interop ↵Phil Pennock
issues. Fixes: #995
2010-06-05Add an openssl_options main configuration option, to allow administrators toPhil Pennock
shoot themselves in each foot in turn. The default value is chosen to avoid a change in behaviour, but since it is disabling a security countermeasure, I'd like to change the default to be "no options". Fixes: #994
2010-06-05two more header order changesJohn Jetmore
2010-06-05fix output for SSL logging format changeJohn Jetmore
2010-06-05munge caller's GECOS in output to make more portable across test accountsJohn Jetmore
2010-06-05runtest - trim trailing whitespace from otherwise un-rewritten host lines in ↵John Jetmore
munge function 0190, 0244, 0297, 0350, 0430 - standardize trailing whitespace 0403 - lingering header order fix, fix change in lookup type encoding after dkim lookup type removal
2010-06-04With a few minor exceptions for tests that had additional concerns and tests ↵John Jetmore
I don't have working in my environment yet, this should be the last of the header-order-related changes
2010-06-03updating test suite - rolling back incomplete fix for header order change ↵John Jetmore
(header order changed back to old behavior)
2010-06-03Added DISABLE_DKIM option to EDITME, leaving some breadcrumbs about it being ↵John Jetmore
turned on by default
2010-06-03Added some release maintenance stuffNigel Metheringham
2010-06-03Include check_rfc2047_length in configure.default to raise the visibilityPhil Pennock
because we're seeing more Russian administrators get bitten by this. Idealism says this option is set correctly by default. Pragmatism says not. There's a good argument for the idealism but if we see the problems escalate then the idealism will have lost and we should, IMO, switch.
2010-06-03Document Date/Message-Id/Resent-* as first 4.73 patch.Phil Pennock
2010-06-03The Date: and Message-Id: headers should normally be *appended* to a message,Phil Pennock
and only *prepended* when are Resent-* headers. Regression was introduced with the prepend logic in Exim 4.70, for bug #607.
2010-06-03updates to test suite - roll back lookup changes after dkim lookup removed, ↵John Jetmore
strip OpenSSL version info
2010-06-01My understanding of the new dnsdb txt lookup syntax was flawed.Phil Pennock
Fixed the description and the last example.
2010-06-01Provide a NewStuff description for 4.72.Phil Pennock
Don't blame Dan Rosenberg for the incomplete hack I applied to the MBX case.
2010-05-30Revert previous incorrect change to XSL files.Nigel Metheringham
2010-05-30Added changelog entry for MBX fixNigel Metheringham
2010-05-29Fix documentation version numbersNigel Metheringham
2010-05-29DKIM DNS TXT record bug fix. Fixes: #967Nigel Metheringham
2010-05-29Null initialise DKIM variable. Fixes: #986Nigel Metheringham
2010-05-29Null terminate pdkim string. Fixes: #985Nigel Metheringham
2010-05-29Stripped excess debug newline yet again...Nigel Metheringham