summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2021-07-18typoJeremy Harris
2021-07-18ALPN: not supported under LibreSSLJeremy Harris
2021-07-18Fix no-TLS bulidJeremy Harris
Broken-by: c4b4086235
2021-07-18ALPN: feature macroJeremy Harris
2021-07-18 typoJeremy Harris
Broken-by: c4b4086235
2021-07-18typoJeremy Harris
Broken-by: c4b4086235
2021-07-18TLS: ALPN optionsJeremy Harris
2021-07-17Remove the must-helo check from the example configJeremy Harris
given that there is now a default-set option and hard code (2f8e0a5f6b)
2021-07-15NewStuff typoHeiko Schlittermann (HS12-RIPE)
2021-07-15Docs: Clarify $acl_verify_message lifetimeJeremy Harris
2021-07-12Docs: fix formattingJeremy Harris
2021-07-11Remove duplicate 4.95 section from NewStuffexim-4.95-RC0Heiko Schlittermann (HS12-RIPE)
2021-07-11Update OptionsList.txtHeiko Schlittermann (HS12-RIPE)
2021-07-11Fix various doc typosHeiko Schlittermann (HS12-RIPE)
2021-07-11GnuTLS: Fix certextract expansionJeremy Harris
2021-07-07tidyingJeremy Harris
2021-07-07Fix tainted message for fakerejectJeremy Harris
2021-07-02Docs: additional possible result from spf check. Bug 2786Jeremy Harris
2021-06-28LibreSSL: TLS-write-shutdown does not push dataJeremy Harris
2021-06-28Readonly-config: not supported by Solaris 10Jeremy Harris
Broken-by: 753739fdef
2021-06-28Testsuite: munge for LibreSSL TLSv1.3Jeremy Harris
2021-06-28Merge branch 'readonly_config'Jeremy Harris
2021-06-28Doc noteJeremy Harris
2021-06-28gsasl authenticator: do not try to clear server password after use, ifJeremy Harris
from config text
2021-06-28Small config, with:Jeremy Harris
----Exit nonpool max: 18 kB in 8 blocks ----Exit npools max: 95 kB ----Exit pool 0 max: 12 kB in 2 blocks at order 13 untainted main ----Exit pool 1 max: 4 kB in 1 blocks at order 13 untainted perm ----Exit pool 2 max: 4 kB in 1 blocks at order 13 untainted config ----Exit pool 3 max: 4 kB in 1 blocks at order 13 untainted search ----Exit pool 4 max: 4 kB in 1 blocks at order 13 untainted message ----Exit pool 5 max: 4 kB in 1 blocks at order 13 tainted main ----Exit pool 6 max: 52 kB in 3 blocks at order 15 tainted perm ----Exit pool 7 max: 4 kB in 1 blocks at order 13 tainted config ----Exit pool 8 max: 4 kB in 1 blocks at order 13 tainted search ----Exit pool 9 max: 4 kB in 1 blocks at order 13 tainted message Small config, without: ----Exit nonpool max: 18 kB in 8 blocks ----Exit npools max: 87 kB ----Exit pool 0 max: 12 kB in 2 blocks at order 13 untainted main ----Exit pool 1 max: 4 kB in 1 blocks at order 13 untainted perm ----Exit pool 2 max: 4 kB in 1 blocks at order 13 untainted search ----Exit pool 3 max: 4 kB in 1 blocks at order 13 untainted message ----Exit pool 4 max: 4 kB in 1 blocks at order 13 tainted main ----Exit pool 5 max: 52 kB in 3 blocks at order 15 tainted perm ----Exit pool 6 max: 4 kB in 1 blocks at order 13 tainted search ----Exit pool 7 max: 4 kB in 1 blocks at order 13 tainted message Large config, with: ----Exit nonpool max: 17 kB in 30 blocks ----Exit npools max: 309 kB ----Exit pool 0 max: 124 kB in 5 blocks at order 17 untainted main ----Exit pool 1 max: 60 kB in 4 blocks at order 15 untainted perm ----Exit pool 2 max: 298 kB in 2 blocks at order 13 untainted config ----Exit pool 3 max: 12 kB in 2 blocks at order 13 untainted search ----Exit pool 4 max: 4 kB in 1 blocks at order 13 untainted message ----Exit pool 5 max: 60 kB in 4 blocks at order 15 tainted main ----Exit pool 6 max: 52 kB in 3 blocks at order 15 tainted perm ----Exit pool 7 max: 4 kB in 1 blocks at order 13 tainted config ----Exit pool 8 max: 4 kB in 1 blocks at order 13 tainted search ----Exit pool 9 max: 4 kB in 1 blocks at order 13 tainted message Large config, without: ----Exit nonpool max: 212 kB in 30 blocks ----Exit npools max: 591 kB ----Exit pool 0 max: 508 kB in 7 blocks at order 19 untainted main ----Exit pool 1 max: 12 kB in 2 blocks at order 13 untainted perm ----Exit pool 2 max: 4 kB in 1 blocks at order 13 untainted search ----Exit pool 3 max: 4 kB in 1 blocks at order 13 untainted message ----Exit pool 4 max: 4 kB in 1 blocks at order 13 tainted main ----Exit pool 5 max: 52 kB in 3 blocks at order 15 tainted perm ----Exit pool 6 max: 4 kB in 1 blocks at order 13 tainted search ----Exit pool 7 max: 4 kB in 1 blocks at order 13 tainted message
2021-06-28paniclog sigsegv eventsJeremy Harris
2021-06-28openssl config strings are immutableJeremy Harris
2021-06-28Config lines are immutable during -bP config dumpJeremy Harris
2021-06-28autorepy never_mail strings are immutableJeremy Harris
2021-06-28avoid mofying config textJeremy Harris
2021-06-28smtp tpt fallback_hosts list must be mutableJeremy Harris
2021-06-28acceptable log output changeJeremy Harris
2021-06-28hostlist for router fallback_hosts must be mutableJeremy Harris
2021-06-28consificationJeremy Harris
2021-06-28avoid modifying source text in parse_forward_list()Jeremy Harris
2021-06-28avoid modifying source text, in appendfileJeremy Harris
2021-06-28tree nodes for acls must be mutableJeremy Harris
2021-06-28avoid modifying possible config text during :fail: deliveryJeremy Harris
2021-06-28copy transport struct for modifying for **bypassed** postprocessJeremy Harris
2021-06-28use store_get_perm()Jeremy Harris
2021-06-28driver options blocks must be mutableJeremy Harris
2021-06-28router instance must be mutableJeremy Harris
2021-06-28namedlist_block has to be allocated mutably, to cache lookupsJeremy Harris
paniclog from 5 - subprocess crashes
2021-06-28first go. crashes in 0003Jeremy Harris
2021-06-28Suggestion from Qalys:Jeremy Harris
If I may add one more thing, there is an issue that should be addressed sooner rather than later: the writable configuration at the beginning of the heap. A short-term (and hopefully non-intrusive) solution may be to mmap() the configuration instead, and then mprotect(PROT_READ) it. This would mitigate the exploitation technique that almost all Exim exploits have been using.
2021-06-28Fix Solaris 10 build, moreJeremy Harris
2021-06-27Fix Solaris 10 build, for intro of taintwarnJeremy Harris
Broken-by: f9a3fcddba
2021-06-27TLS: track changing fd of file-watcher when creds are releaded.Jeremy Harris
Broken-by: 5fd673807d
2021-06-25Merge branch 'hs/taintwarn'Heiko Schlittermann (HS12-RIPE)
This is a "forward" port of the taintwarn patches that are applied to 4.94.2+fixes.
2021-06-24Testsuite: Fix 608Heiko Schlittermann (HS12-RIPE)