summaryrefslogtreecommitdiff
path: root/src
AgeCommit message (Collapse)Author
2011-01-16Bug 139: portability fixes and documentation.Phil Pennock
Document the dynamic lookup module capability in spec.xfpt. Include a ChangeLog item. Avoid the GNU-specific "export" make(1) directive. Build the lookups Makefile using the existing framework. Build with BSD Make once more. The src/lookups/Makefile that is used at build time now has the dynamic content come from scripts/lookups-Makefile. Add CFLAGS_DYNAMIC support, which can be set in Local/Makefile. Provide defaults for Linux & FreeBSD. Ensure that build fails early if a dynamic module is requested but CFLAGS_DYNAMIC is not defined.
2011-01-14src/deliver.c: log the error message when unlink(spoolname) failsTony Finch
2011-01-14src/transports/smtp.c: log LMTP confirmation same as SMTPTony Finch
2011-01-14src/dbfn.c: write lock aquisition failures to the panic logTony Finch
2011-01-14CONTRIBUTING: correct expansion of GPLTony Finch
2011-01-12Bugzilla #1067 - DKIM: Fix relaxed header canon for headers ending with ↵Tom Kistner
whitespace.
2011-01-05Include <dlfcn.h> only when necessaryDavid Woodhouse
2011-01-05Add dynamic lookup supportDavid Woodhouse
Fixed: bug #139
2010-12-26Fixes: bug #1002 - Message loss when using multiple deliveriesMiroslav Lichvar
2010-12-26Eximstats documentstion - s/delivery_time/deliver_time/Nigel Metheringham
Fixes: bug #1034
2010-12-21Do not refer to TRUSTED_CONFIG_PREFIX_FILE.Andreas Metzler
Refer to TRUSTED_CONFIG_LIST instead of TRUSTED_CONFIG_PREFIX_FILE in documentation and comments.
2010-12-18Updated version numbers of code and documentationNigel Metheringham
2010-12-16Turn TRUSTED_CONFIG_PREFIX_LIST into TRUSTED_CONFIG_LIST. No prefix or regexesDavid Woodhouse
2010-12-15Allow only Exim or CONFIGURE_OWNER to use whitelisted configs with -CDavid Woodhouse
We only added TRUSTED_CONFIG_PREFIX_FILE to compensate for the enforcing of ALT_CONFIG_ROOT_ONLY. Let's not open it up any further than we need to; other users don't get to make use of it.
2010-12-15Kil va_copy(). It isn't present on some ancient systems.David Woodhouse
2010-12-15Implement -D whitelist invoking user restriction.Phil Pennock
Document WHITELIST_D_MACROS.
2010-12-14Implement -D filtering, first pass.Phil Pennock
2010-12-14Change the default for system_filter_user.Phil Pennock
If the system filter needs to be run as root, let that be explicitly configured. The default is now the Exim run-time user. Document this, and a couple of other points, in IncompatibleChanges.
2010-12-12Allow only absolute paths in TRUSTED_CONFIG_PREFIX_LIST, fix store leakDavid Woodhouse
2010-12-12Set FD_CLOEXEC on SMTP sockets after forking to handle the connection.David Woodhouse
2010-12-12Add TRUSTED_CONFIG_PREFIX_FILE optionDavid Woodhouse
(Bug 1044, CVE-2010-4345)
2010-12-12Remove ALT_CONFIG_ROOT_ONLY build option, effectively making it always true.David Woodhouse
We *never* want the Exim user to be able to specify arbitrary configuration files. Don't let them build it that way. (Bug 1044, CVE-2010-4345)
2010-12-11Check configure file permissions even for non-default files if still privilegedDavid Woodhouse
(Bug 1044, CVE-2010-4345)
2010-12-11Don't allow a configure file which is writeable by the Exim user or groupDavid Woodhouse
(Bug 1044, CVE-2010-4345)
2010-12-11Add Valgrind hooks for memory poolsDavid Woodhouse
It's useful to tell Valgrind when memory is undefined because it's been freed by store_reset(), and when it's not supposed to be accessed because although it's been allocated for the store it hasn't actually been given out by store_get() yet.
2010-09-05OpenSSL 1.0.0 const fix for SSL_get_current_cipherPhil Pennock
OpenSSL 1.0.0 changes SSL_get_current_cipher()'s return value to include const. It looks like a safe change for older OpenSSL, so treat it appropriately and cast as needed.
2010-09-05Guidance on contributing to Exim.Phil Pennock
2010-09-05Rework clamd response handling to be more robust.Phil Pennock
In particular, clamd's ExtendedDetectionInfo option broke our parsing.
2010-07-19Bugzilla #1006: Keep EHLO attributes in case STARTTLS errors are ignoredTom Kistner
Applied patch submitted by Micha Lenk. Thanks!
2010-07-04Fix malware regression for cmdline scanner introduced in PP/08.Phil Pennock
Notification from Dr Andrew Aitchison. (Also: make the PP/08 description more complete)
2010-06-13Remove logic branch which can use PRIdMAX for SIZE_T_FMT because it failsPhil Pennock
when size_t is 32-bit but the system supports 64-bit integers.
2010-06-12removed extraneous "\n" from the end of some log_write lines, removed ↵John Jetmore
"magic" string " => " from a non-delivery log line
2010-06-12Add tcp_wrappers_daemon_name (closes: bug #278)John Jetmore
(I honestly have no memory of writing this patch...)
2010-06-12iaddressing bug 966 and my own concerns, stop sending non-panic error to ↵John Jetmore
panic log in dkim.c
2010-06-07Run when EXIM_USER=notroot specified.Phil Pennock
2010-06-07For the new SIZE_T_FMT, if not C99 then our size_t conversion specifierPhil Pennock
should use PRIdMAX; this was disabled because I was testing the other logic and forgot to restore before commit. Bleh, sorry. Add #if to protect against unused variable complaints for this too.
2010-06-07Both bool{} and bool_lax{} should ignore trailing whitespace.Phil Pennock
2010-06-07Added bool_lax{} expansion operator, which uses Router condition logic toPhil Pennock
determine whether or not a string is true. Switch the multiple-condition logic to use bool_lax{}. Add note where we combine multiple conditions regarding the memory leak.
2010-06-07Allow Routers to have multiple conditions, IF each one yields a strict bool.Phil Pennock
Fixes: #816
2010-06-07Clean up compiler warnings from { gcc -Wall }, many of which I introduced withPhil Pennock
the ClamAV and openssl_options patches in this release. Logic in buildconfig.c for adjusting some print format strings assumed that long ints were four bytes; adjust to test this against reality, to remove spurious warnings on my dev box (FreeBSD/amd64). Note: this commit adds a buildconfig.h dependency upon inttypes.h, which was in SUSv2, so should be safe.
2010-06-06Build without WITH_CONTENT_SCAN.Phil Pennock
Broken by -bmalware option added while reworking ClamAV to new API. Path from Andreas Metzler (adjusted slightly).
2010-06-06No longer permit the exim user to be root. Fixes: #752Phil Pennock
2010-06-06Implement --version. Fixes: #973Phil Pennock
2010-06-06Implement "control = debug" ACL control. Fixes: #937Phil Pennock
2010-06-05New expansion operator: reverse_ipPhil Pennock
2010-06-05ClamAV INSTREAM scanning by default, unless built with WITH_OLD_CLAMAV_STREAM.Phil Pennock
New command-line option, -bmalware (restricted to admin_user). Fixes: #926
2010-06-05Deal with anonymous SSL giving us no peer certificate.Phil Pennock
2010-06-05Handle SASL Initial Response.Phil Pennock
See discussion at: http://lists.exim.org/lurker/message/20090125.014515.3746c882.en.html and the code is "correct by inspection", for whatever that's worth.
2010-06-05Add permit_coredump pipe transport option. Fixes: #834Phil Pennock
2010-06-05Doh, fix the error message to say SSL_read not SSL_write.Phil Pennock