summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2017-02-10TLS: rework error logging to pass more string back to caller for loggingJeremy Harris
This permits a library-sourced error to be associated with an address being delivered, collapsing pairs of log lines
2017-02-10Testsuite: fix munging of now-indented date in stdoutJeremy Harris
Broken-by: e1d04f48a45c
2017-02-09Fix release RC stamping & tarball ownershipPhil Pennock
The ability to release 4.XX.Y via hardcoding a version.sh as part of release broke the ability to do properly versioned RC releases. Fix that. Try to fix ownership of files in tarballs to not be local system user. (cherry picked from commit 7677a8673f89843326aab3944e608c6be4339039) Signed-off-by: Phil Pennock <pdp@exim.org>
2017-02-09Release packaging & scripting improvements.exim-4_89_RC3Phil Pennock
* Make the .xz tarball variant too, and work harder on compressing our files for distribution. + The .xz files have gained more positive feedback than any other part of the 4.89 release. * Drop usercodes from tarball + We shouldn't be embedding own-system-specifc ownership information into software release tarballs. That's for local system backups, not distribution. * Script for the size/checksums + We include checksums in the mail; this gets the format fixed and not including checksums-of-signatures, etc. I've also experimented with including the size, so let's script that to be portably generated. * Better tarball signing script + Automatically find the signing directory (if not already in it) + Sign all files, properly skipping existing .asc files + Find the signing key from git config, if available, else error out (Nigel is not on the hook as the default victim now) + Show what we're doing as we do it All changes made on the original `release_4_89` branch with `RELEASE EXPERIMENT` subject tags.
2017-02-08Fix DKIM/GnuTLS buildJeremy Harris
Broken-by: e1d04f48a45c
2017-02-08Debug: indent ACL and expreassion tracing by evaluation depthJeremy Harris
2017-02-08DKIM: trim debug verbosityJeremy Harris
This tidies some buildfarm fails on animals buildding without DKIM
2017-02-08Fix non-contentscan buildJeremy Harris
Broken-by: 90341c71c19c
2017-02-08Memory management: drop variables identified as going out-of-scopeJeremy Harris
Fixes crash in transport re-using bad $sender_ip_address from callout
2017-02-08Memory management: when running under the testsuite, check every string ↵Jeremy Harris
variable on store_reset On spotting data in a region being freed, panic
2017-02-07DocÖ Fix typo about spf lookup (experimental)Heiko Schlittermann (HS12-RIPE)
2017-02-07Testsuite: tidy generation and sorting of exim -bp outputHeiko Schlittermann (HS12-RIPE)
The root cause is, that exim -bp doesn't always return the message ids in the order they were created, but sorted. The 2nd part of the message id (PID) can be random on *BSD.
2017-02-06doc-fix: reference current libsrs_alt availabilityPhil Pennock
Matches site from Wiki, from Google SERP, etc.
2017-02-06CHUNKING: fix transport crash on temp-reject of pipelined non-first chunkJeremy Harris
2017-02-03DKIM: more care over untrustworthy data during verifyJeremy Harris
2017-02-03Fix no-SSL buildJeremy Harris
2017-02-02FreeBSD: Perl no longer in /usr/bin from PortsPhil Pennock
FreeBSD Ports by policy no longer allows symlinks in /usr/bin for things like Perl, so we have to look in /usr/local/bin for it instead.
2017-02-02Spec docs for IDNA2008 supportPhil Pennock
2017-02-02GnuTLS: fix use of SHA3 hashesJeremy Harris
2017-02-02Testsuite: Fix 0207 (message order)Heiko Schlittermann (HS12-RIPE)
Message ids are not always in ascending order (PIDs may be randomized) Thanks to Kirill Miazine.
2017-02-01Testsuite: output changes from a26fb6a77384Jeremy Harris
2017-02-01bug-fix test-driving inputPhil Pennock
The client driver is a little restrictive in the escape sequences it handles; two octets here were missing the `x` after the `\`, so `\05` is two octets, a 0 and then a 5, where `\x05` would be one octet. So we were sending two more octets than expected, not catching that Exim was parsing the wrong IP/port at the end, and now that Exim only reads as much of the proxy protocol header as belongs in it, instead of "up to the largest it could be", this test-bug has been exposed.
2017-01-31Proxy clarification & nit fixes.Phil Pennock
Release: should be cherry-picked into 4.89RC series
2017-01-31Handle Proxy Protocol v2 safely as well.Phil Pennock
We had test suite failures (test suite success!) because Proxy Protocol v2 (PPv2) wasn't being detected; by only reading 12 octets, the >= 16 check was failing. But in fact I had previously only fixed reading "only enough" for PPv1. Handling both PPv1 and PPv2 is complicated because the minimum valid length for PPv1 is 15 octets but for PPv2 the size to read is in the 15th and 16th octets. So refactored a little and we now use a total of 3 reads for the PPv2 case (assuming no fragmentation, etc; we'll actually keep reading now instead of aborting) to get the entire PPv2 header of exactly the right size, so that TLS handshake immediately following the PP header is not also swallowed. Fixes: 2018 Tested: manually, TLS and non-TLS, PPv1 and PPv2, all ways. Release: should be cherry-picked into 4.89RC series
2017-01-31Fix error logged for send failureJeremy Harris
Broken-by: de6273b487f1
2017-01-31Testsuite: use certs expring before end of 2037, to avoid GnuTLS top-limit ↵Jeremy Harris
clamp on small-size_t platforms
2017-01-31Callouts: fix recipient verify/randomJeremy Harris
Broken-by: e9166683487c
2017-01-31Fix logging of drop-after-EHLO-reject.Jeremy Harris
An unset variable went wrong with clang, was fortuitously right with gcc.
2017-01-31Testsuite: perl may live in /usr/local/binJeremy Harris
2017-01-31Avoid using "-w" option in perl script shebang lines, being incompatible ↵Jeremy Harris
with "env perl"
2017-01-30Abort release process if generated .txt emptyPhil Pennock
2017-01-30Open umask before creating release packagesPhil Pennock
2017-01-30Copyright year bumps for substantive changes 2017exim-4_89_RC1Phil Pennock
2017-01-30Document that fixed 2018Phil Pennock
Fixes: 2018
2017-01-30Avoid reading too much data before TLS handshakePhil Pennock
2017-01-30Fix size calculation, log unhandled amount.Phil Pennock
We did a `string_copy()` so `hdr.v1.line` is not the right base for an accurate size. Fix. Log unhanded amount. For clients waiting on the server before sending, this has to be 0. For clients speaking first (TLS) this can be non-zero.
2017-01-30Restrict address-parsing to a maximum of five layers of nested angle-brackets,Jeremy Harris
under main-option strip_excess_angle_brackets
2017-01-30Tidying: CoverityJeremy Harris
2017-01-29Testsuite: add missing output file.Jeremy Harris
Broken-by: 560e71cc5451
2017-01-29Update change logJeremy Harris
2017-01-29CHUNKING: Reject messages with malformed line ending. Bug 2000Jeremy Harris
Actually test only the first header line, but still do full line-ending canonicalisation on the remainder of the message in case a Evil Person slips past that.
2017-01-29Docs: add note on verify = senders= . Bug 2028Jeremy Harris
2017-01-29TFO: remember setsockopt results, to condition non-transport client use. ↵Jeremy Harris
Bug 2027
2017-01-29Shuffle proxy-protocol to wrap TLS-on-connect startup. Bug 2018Jeremy Harris
2017-01-29DANE: fix build under LibreSSL. Bug 2020Kirill Miazine
2017-01-28Testsuite: add dnsdb testcase for defer when used in ACLJeremy Harris
2017-01-28Docs: add note on system_filter forced expansion failJeremy Harris
2017-01-28LMDB: include filename in open-error messageJeremy Harris
2017-01-28DKIM: check pointer to calculated body hash before verify comparison. Bug 2029Jeremy Harris
We can have a missing body hash from a malformed DKIM-Signature: header
2017-01-28Testsuite: testcase for DKIM bug 2029Jeremy Harris
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-28 19:41:38 +0000