summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2019-09-26GnuTLS: full-chain OCSP stapling. Bug 1466Jeremy Harris
2019-09-22DNS: do not skip initial two components of SRV & TLSA lookups before ↵Simon Arlott
checking name syntax. The introduction of DKIM added _ to the permitted chars, so those components will pass.
2019-09-22DMARC: promote the support from Experimental to mainlineJeremy Harris
2019-09-22Docs: expansion items should use &%name%&Jeremy Harris
2019-09-22Testsuite: handle non-exim-writable testcase spoolfilesJeremy Harris
2019-09-22Fix taint-checking on SolarisJeremy Harris
2019-09-22Testsuite: strip trailing / from "pwd" outputJeremy Harris
2019-09-21GnuTLS: fix build on older librariesJeremy Harris
2019-09-21Testsuite: comment future workJeremy Harris
2019-09-21Docs: usability of malware ACL conditionJeremy Harris
2019-09-21GnuTLS: fix build on intermediate-age librariesJeremy Harris
Broken-by: e54893330b
2019-09-20GnuTLS: fix non-OCSP bulidJeremy Harris
Broken-by: 7613df821d
2019-09-20GnuTLS: Move to more-modern stapling APIJeremy Harris
2019-09-20Testsuite: avoid picking 0.0.0.0 as the HOSTIPV4; permit 10.0/8 apart from ↵Jeremy Harris
10.250.0/16 Solaris leaves 0.0.0.0 lying around (for not-UP interfaces) The suite only needs testspace under 10.250.0/16 so we can permit the ret, making testing on many NATted 10.0/8 subnets possible.
2019-09-19Fix taint-checking on SolarisJeremy Harris
2019-09-19Build: Solaris workaroundsMartin Preen
2019-09-19Docs: more detail on log_file_path, in the main-config chapterJeremy Harris
2019-09-17Docs: Adjust on TLSA, dnssec_request_domainsHeiko Schlittermann (HS12-RIPE)
2019-09-16Consistent logging, always use DKIM instead of mixed DKIM/PDKIMHeiko Schlittermann (HS12-RIPE)
2019-09-16Testsuite: do not use trailing spaces in runtestHeiko Schlittermann (HS12-RIPE)
Some editors may swallow it. Encode trailing space as \x20.
2019-09-15Testsuite: bump timeouts, for slower platformsJeremy Harris
2019-09-15Doc: Improve pointer to DKIM signing optionsHeiko Schlittermann (HS12-RIPE)
2019-09-13Doc: TyposHeiko Schlittermann (HS12-RIPE)
2019-09-10Refuse to open a msglog file with .. in the path.Jeremy Harris
Recent exploits have use this as a step for overwriting system files, and msglog file should always be under the spooldir, so add this as a defence-in-depth tactic
2019-09-10tidyingJeremy Harris
2019-09-10Move the regression test for CVE-2019-15846 to 1100-Basic-TLS/1100Heiko Schlittermann (HS12-RIPE)
2019-09-08Testsuite: munge for timing varianceJeremy Harris
2019-09-08Fix unaligned access (more cleanly) in DNS regative-cachingJeremy Harris
2019-09-08Fix unaligned access in DNS negative-cachingJeremy Harris
2019-09-08string.c: do not interpret '\\' before '\0' (CVE-2019-15846)Heiko Schlittermann (HS12-RIPE)
Add documents about CVE-2019-15846 Add testcase for CVE-2019-15846 Update Changelog Add Announcements (cherry picked from commit 2600301ba6dbac5c9d640c87007a07ee6dcea1f4, 6693563381 and cdc7f9a966)
2019-09-07Testsuite: increase RBL record TTLJeremy Harris
2019-09-05Testsuite: drop test.ex domain neg-cache ttl to 3000Jeremy Harris
2019-09-05Support TTL from SOA for NXDOMAIN & NODATA cache entries for dnslists. Bug 1395Jeremy Harris
2019-09-05Build: do not override the system "cc", on Linux and OpenBSDJeremy Harris
2019-09-05tidyingJeremy Harris
2019-09-04Fix taint-checking on FreeBSDJeremy Harris
2019-09-03tidyingJeremy Harris
2019-09-02Testsuite: platform differences for resolver flags bitsJeremy Harris
2019-09-02Build: another go at Solaris workaroundsJeremy Harris
2019-09-01Testsuite: keep noqualify testcase from using external DNSJeremy Harris
2019-09-01Testsuite: platform differences for resolver flags bitsJeremy Harris
2019-09-01Testsuite: fix non-ipv6 platformsJeremy Harris
Broken-by: 7d8d08c484
2019-09-01Support TTL from SOA for NXDOMAIN & NODATA cache entries. Bug 1395Jeremy Harris
2019-08-30Always check return from tls_export_cert()Heiko Schlittermann (HS12-RIPE)
Invert the meaning of the return.
2019-08-29Testcase for handling of -H files for excessive long '-KEY' linesHeiko Schlittermann (HS12-RIPE)
Thanks to Qualys for their analysis. This bug was fixed independently by JGH. Tidy.
2019-08-27Fix ${domain:} for a bare local-part input. Bug 2375Jeremy Harris
Broken-by: e2ff8e24f4
2019-08-19typosJeremy Harris
2019-08-19Build: workaround inlining problems on SolarisJeremy Harris
2019-08-19taint SNI values supplied by clientJeremy Harris
2019-08-19Build: workaround inlining problems on SolarisJeremy Harris
generated by cgit v1.2.3 (git 2.39.1) at 2024-10-21 09:42:12 +0000