summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2021-07-11GnuTLS: Fix certextract expansionJeremy Harris
2021-07-07tidyingJeremy Harris
2021-07-07Fix tainted message for fakerejectJeremy Harris
2021-07-02Docs: additional possible result from spf check. Bug 2786Jeremy Harris
2021-06-28LibreSSL: TLS-write-shutdown does not push dataJeremy Harris
2021-06-28Readonly-config: not supported by Solaris 10Jeremy Harris
Broken-by: 753739fdef
2021-06-28Testsuite: munge for LibreSSL TLSv1.3Jeremy Harris
2021-06-28Merge branch 'readonly_config'Jeremy Harris
2021-06-28Doc noteJeremy Harris
2021-06-28gsasl authenticator: do not try to clear server password after use, ifJeremy Harris
from config text
2021-06-28Small config, with:Jeremy Harris
----Exit nonpool max: 18 kB in 8 blocks ----Exit npools max: 95 kB ----Exit pool 0 max: 12 kB in 2 blocks at order 13 untainted main ----Exit pool 1 max: 4 kB in 1 blocks at order 13 untainted perm ----Exit pool 2 max: 4 kB in 1 blocks at order 13 untainted config ----Exit pool 3 max: 4 kB in 1 blocks at order 13 untainted search ----Exit pool 4 max: 4 kB in 1 blocks at order 13 untainted message ----Exit pool 5 max: 4 kB in 1 blocks at order 13 tainted main ----Exit pool 6 max: 52 kB in 3 blocks at order 15 tainted perm ----Exit pool 7 max: 4 kB in 1 blocks at order 13 tainted config ----Exit pool 8 max: 4 kB in 1 blocks at order 13 tainted search ----Exit pool 9 max: 4 kB in 1 blocks at order 13 tainted message Small config, without: ----Exit nonpool max: 18 kB in 8 blocks ----Exit npools max: 87 kB ----Exit pool 0 max: 12 kB in 2 blocks at order 13 untainted main ----Exit pool 1 max: 4 kB in 1 blocks at order 13 untainted perm ----Exit pool 2 max: 4 kB in 1 blocks at order 13 untainted search ----Exit pool 3 max: 4 kB in 1 blocks at order 13 untainted message ----Exit pool 4 max: 4 kB in 1 blocks at order 13 tainted main ----Exit pool 5 max: 52 kB in 3 blocks at order 15 tainted perm ----Exit pool 6 max: 4 kB in 1 blocks at order 13 tainted search ----Exit pool 7 max: 4 kB in 1 blocks at order 13 tainted message Large config, with: ----Exit nonpool max: 17 kB in 30 blocks ----Exit npools max: 309 kB ----Exit pool 0 max: 124 kB in 5 blocks at order 17 untainted main ----Exit pool 1 max: 60 kB in 4 blocks at order 15 untainted perm ----Exit pool 2 max: 298 kB in 2 blocks at order 13 untainted config ----Exit pool 3 max: 12 kB in 2 blocks at order 13 untainted search ----Exit pool 4 max: 4 kB in 1 blocks at order 13 untainted message ----Exit pool 5 max: 60 kB in 4 blocks at order 15 tainted main ----Exit pool 6 max: 52 kB in 3 blocks at order 15 tainted perm ----Exit pool 7 max: 4 kB in 1 blocks at order 13 tainted config ----Exit pool 8 max: 4 kB in 1 blocks at order 13 tainted search ----Exit pool 9 max: 4 kB in 1 blocks at order 13 tainted message Large config, without: ----Exit nonpool max: 212 kB in 30 blocks ----Exit npools max: 591 kB ----Exit pool 0 max: 508 kB in 7 blocks at order 19 untainted main ----Exit pool 1 max: 12 kB in 2 blocks at order 13 untainted perm ----Exit pool 2 max: 4 kB in 1 blocks at order 13 untainted search ----Exit pool 3 max: 4 kB in 1 blocks at order 13 untainted message ----Exit pool 4 max: 4 kB in 1 blocks at order 13 tainted main ----Exit pool 5 max: 52 kB in 3 blocks at order 15 tainted perm ----Exit pool 6 max: 4 kB in 1 blocks at order 13 tainted search ----Exit pool 7 max: 4 kB in 1 blocks at order 13 tainted message
2021-06-28paniclog sigsegv eventsJeremy Harris
2021-06-28openssl config strings are immutableJeremy Harris
2021-06-28Config lines are immutable during -bP config dumpJeremy Harris
2021-06-28autorepy never_mail strings are immutableJeremy Harris
2021-06-28avoid mofying config textJeremy Harris
2021-06-28smtp tpt fallback_hosts list must be mutableJeremy Harris
2021-06-28acceptable log output changeJeremy Harris
2021-06-28hostlist for router fallback_hosts must be mutableJeremy Harris
2021-06-28consificationJeremy Harris
2021-06-28avoid modifying source text in parse_forward_list()Jeremy Harris
2021-06-28avoid modifying source text, in appendfileJeremy Harris
2021-06-28tree nodes for acls must be mutableJeremy Harris
2021-06-28avoid modifying possible config text during :fail: deliveryJeremy Harris
2021-06-28copy transport struct for modifying for **bypassed** postprocessJeremy Harris
2021-06-28use store_get_perm()Jeremy Harris
2021-06-28driver options blocks must be mutableJeremy Harris
2021-06-28router instance must be mutableJeremy Harris
2021-06-28namedlist_block has to be allocated mutably, to cache lookupsJeremy Harris
paniclog from 5 - subprocess crashes
2021-06-28first go. crashes in 0003Jeremy Harris
2021-06-28Suggestion from Qalys:Jeremy Harris
If I may add one more thing, there is an issue that should be addressed sooner rather than later: the writable configuration at the beginning of the heap. A short-term (and hopefully non-intrusive) solution may be to mmap() the configuration instead, and then mprotect(PROT_READ) it. This would mitigate the exploitation technique that almost all Exim exploits have been using.
2021-06-28Fix Solaris 10 build, moreJeremy Harris
2021-06-27Fix Solaris 10 build, for intro of taintwarnJeremy Harris
Broken-by: f9a3fcddba
2021-06-27TLS: track changing fd of file-watcher when creds are releaded.Jeremy Harris
Broken-by: 5fd673807d
2021-06-25Merge branch 'hs/taintwarn'Heiko Schlittermann (HS12-RIPE)
This is a "forward" port of the taintwarn patches that are applied to 4.94.2+fixes.
2021-06-24Testsuite: Fix 608Heiko Schlittermann (HS12-RIPE)
2021-06-24Fix logging with build-time config and empty elements (Closes 2733)Heiko Schlittermann (HS12-RIPE)
(cherry picked from commit 66392b270e3a6c8202e4626d43bbc9b77545ae23)
2021-06-24Fix logging with empty element in log_file_path (Bug 2733)Jeremy Harris
(cherry picked from commit e19790f7707cc901435849e78d20f249056c16b5)
2021-06-24Revert "testsuite: adjust 622 for taintwarn"Heiko Schlittermann (HS12-RIPE)
This reverts commit 7ab3a6cd7fe7b033b5e267617f3be8a99b33db31.
2021-06-24testsuite: adjust 622 for taintwarnHeiko Schlittermann (HS12-RIPE)
(cherry picked from commit 460aac0eb9a289af1ab0f32a242a27dab851fa18)
2021-06-24Silence the compilerHeiko Schlittermann (HS12-RIPE)
(cherry picked from commit 33d5b8e8e4c2f23b4e834e3a095e3c9dd9f0686b)
2021-06-24Do not close the (main)_log, if we do not see a chance to open it again.Heiko Schlittermann (HS12-RIPE)
The process doing local deliveries runs as an unprivileged user. If this process needs to log failures or warnings (as caused by the is_tainting2() function), it can't re-open the main_log and just exits. (cherry picked from commit 235c7030ee9ee1c1aad507786506a470b580bfe2)
2021-06-24Silence compilerHeiko Schlittermann (HS12-RIPE)
(cherry picked from commit 2c9869d0622cc690b424cc74166d4a8393017ece)
2021-06-24tidy log.cHeiko Schlittermann (HS12-RIPE)
(cherry picked from commit 0327b6460eec64da6b0c1543c7e9b3d0f8cb9294) (cherry picked from commit 8021b95c2e266861aba29c97b4bb90dc6f7637a2)
2021-06-24testsuite: add 0990 for allow_insecure_tainted_dataHeiko Schlittermann (HS12-RIPE)
(cherry picked from commit 56213337357265eb42c40dd04a22f6ac433b9e81)
2021-06-24update docHeiko Schlittermann (HS12-RIPE)
(cherry picked from commit 77cc1ad3058e4ef7ae82adb914ccff0be9fe2c8b)
2021-06-24smtpHeiko Schlittermann (HS12-RIPE)
(cherry picked from commit 8b7d4ba8903ace7e3e3db70343798a5a0b7cea23)
2021-06-24smtp_outHeiko Schlittermann (HS12-RIPE)
(cherry picked from commit b9b967cca71a4da51506f8ba596b9ae40cfcef57)
2021-06-24deliverHeiko Schlittermann (HS12-RIPE)
(cherry picked from commit 2bafe3fc82cf62f0c21f939f5891b8d067f3abc7)
2021-06-24rf_get_transportHeiko Schlittermann (HS12-RIPE)
(cherry picked from commit 015fff57c854184f8bce61476c46a2830a97daf8)
generated by cgit v1.2.3 (git 2.39.1) at 2025-01-07 19:08:09 +0000