summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2012-04-28describe spool file changes for -tls_peerdnPhil Pennock
2012-04-27Handle \n in tls_peerdn for spool files.Phil Pennock
Fixes bug 1240.
2012-04-26Fix testsuite case 0373.Jeremy Harris
The subtest does a readsocket (with 1s timeout) into a server which closes immediately. The expected output in the testcase was null, the output actually seen was the error-return expansion, which seems more correct. Accepting the actual output.
2012-04-25New testcase output from SSL library.Jeremy Harris
2012-04-25Add ACL name to debug output of condition result (bug 1238).Jeremy Harris
2012-04-23Ensure $smtp_command is initialized before it can be expanded (bug 1182).Jeremy Harris
2012-04-23Add pointer to IPv6 support in prototype Makefile (bug 1232).Jeremy Harris
2012-04-23Update testsuite case enabled by fix for bug 1227, with changes require by ↵Jeremy Harris
bug 1224.
2012-04-22Always init_lookup_list before readconf_main.Phil Pennock
This happens while still root. Be more emphatic in EDITME about the security implications of loadable modules.
2012-04-22Better ls output fixing.Phil Pennock
fixes bug 1226 Further investigation from Jeremy Harris showed the previous fix left trailing whitespace on output which previously ended after the permission bits (eg, test 0240). This works better for me.
2012-04-22Merge branch 'master' of git://git.exim.org/eximJeremy Harris
2012-04-22Mark cases where printf format strings are usedDirk Mueller
Bug report from Lars Müller <lars@samba.org> (via SUSE), Patch from Dirk Mueller <dmueller@suse.com>
2012-04-22Bug 1224: fixup testsuite case output from testdb.Jeremy Harris
2012-04-22Add testsuite case retry (without update) option on failed file compare.Jeremy Harris
2012-04-22Accept change in testcase munged output for -btJeremy Harris
Trailing spaces were trimmed by commit 37acd760db
2012-04-19Bug 1224 followon - avoid breaking other testcases.Jeremy Harris
Add specific patterns to avoid when munging the output. This is fragile and may still be broken outside my specific test environment.
2012-04-19Fix bug 1224.Jeremy Harris
Replace the lookup index char in sterr traces with a zero; update testcase expected stderr files to match.
2012-04-18Fix bug 1229.Jeremy Harris
Update testcase output with now-expected info.
2012-04-17Testcase changes to match changes introduced by bug 1214.root
Additional "A=" authenticator info was added to log lines for rejections.
2012-04-16Merge remote branch 'origin'root
2012-04-12Handle TAB, not just SP, in MAIL args.Phil Pennock
Analysis, diagnosis and variant patch by Todd Lyons.
2012-04-12Updated OptionsList with gsasl, heimdal_gssapi, _PC changes.Phil Pennock
Also maildir_use_size_file is now expanded
2012-04-12Two clarifications.Phil Pennock
String expansion, draw more attention to &dagger; marking. Document the order in which parameters are supplied to relative comparators.
2012-04-02Fix IPv6 REroot
2012-03-31fix gsasl / cyrus claimsPhil Pennock
Point 1 for 4.78 said gsasl could *not* be used to replace cyrus. This was obsoleted by point 5. Remove claim from point 1, add additional note to point 5.
2012-03-30Handle alternate access method flag in ls.Phil Pennock
Jeremy Harris found ls output not parsing on SELinux systems. I identified this as SUSv3's "optional alternate access method flag". Jeremy wrote the patch, I adjusted a little. fixes bug 1226
2012-03-30set umaskPhil Pennock
fixes bug 1228
2012-03-30handle more of the new format version numbersPhil Pennock
2012-03-21Merge branch 'dbmjz'Phil Pennock
2012-03-21heimdal_gssapi: accept SASL with empty authzidPhil Pennock
Saw this happening with Apple Mail; accept it, dup the GSS Display Name
2012-03-02Add dbmjz lookup typePhil Pennock
2012-02-19Log auth data in rejectlog.Phil Pennock
http://bugs.exim.org/attachment.cgi?id=547&action=edit fixes bug: 1214 Patch by Jeremy Harris
2012-02-18expand cyrus_sasl server_realm optionPhil Pennock
2012-02-18Merge branch 'sasl_fixes'Phil Pennock
2012-02-18Use gsasl_property_fast() in property callback.Phil Pennock
Avoids the loops which we only cancel out anyway.
2012-02-18Document pkg-config for TLSPhil Pennock
2012-02-18Support pkg-config for SSL libraries.Phil Pennock
Also: update EDITME to refer to pkg-config & AUTH_HEIMDAL_GSSAPI.
2012-02-18Document pkg-configPhil Pennock
2012-02-18Swap gsasl GSSAPI $auth1/$auth2Phil Pennock
2012-02-18Drop server_realm from heimdal_gssapiPhil Pennock
2012-02-18Document heimdal_gssapi as it works now.Phil Pennock
2012-02-18Minor cleanups.Phil Pennock
multi-blank-line protection never set the bool needed OID-method for keytab setting cleanup (drop <roken.h> and fix comments)
2012-02-17Use gsskrb5_register_acceptor_identityPhil Pennock
Drop the OID and pseudo-standard GSSAPI extension mechanism. Found Heimdal-specific API call I needed, works great. gsskrb5_register_acceptor_identity(filename) Separately: add various debug statements.
2012-02-15First pass heimdal_gssapi authenticator.Phil Pennock
Not yet working, failing to set keytab. Also: support (AUTH|LOOKUP)_*_PC=foo to use `pkg-config foo` for cflags/libs.
2012-02-13Document gsasl integrationPhil Pennock
2012-02-05More bug-fixes, GSASL DIGEST-MD5 now works.Phil Pennock
Defined helper streqic() since I seem tired enough to be forgetting ==0 checks. Deal with left-over-data-to-send correctly. Now tested with PLAIN, CRAM-MD5, DIGEST-MD5. For DIGEST-MD5, check for server_realm, since GSASL doesn't error out without it.
2012-02-05remove stray globals blockPhil Pennock
2012-02-05Implemented gsasl driver for authentication.Phil Pennock
Missing: documentation; tests. Tested: PLAIN auth. Status: probably buggy
2012-02-04Documentation for $tls_bits and SASL changesPhil Pennock
2012-02-04Various SASL fixes.Phil Pennock
Export $tls_bits new expansion variable (not yet documented). Fix tls-gnu.c so that ciphername string construction uses bit-count, not byte-count. Avoid hard-coding primary_hostname in first call to init Cyrus SASL. Cast fix for function pointer (Cyrus-SASL uses void params in struct entry funcptr, so need to cast). Many more debug statements in cyrus_sasl.c Pass external SSF from TLS cipher into Cyrus SASL initialisation. Detect when we can't get an identity from SASL properties (error out correctly). Detect when SASL negotiated a protection layer and error out, since we do not support those.