summaryrefslogtreecommitdiff
path: root/src
AgeCommit message (Collapse)Author
2015-06-21Before importing a certificate, free any previous one. Bug 1648Jeremy Harris
Because the SSL libraries do not use Exim's heap management this was a memory-leak in "exim -bp".
2015-06-20Add docs and massage coding standards for dns_trust_aaJeremy Harris
2015-06-20Add dns_trust_aaHeiko Schlittermann (HS12)
This new global option allows to trust the AA bit for specific domains the same way we'd trust the AD bit.
2015-06-15DSN: fix null deref when bounce is due to conn-timeout. Bug 1630Wolfgang Breyha
2015-06-14Add tls_eccurve main config option. Bug 1397Jeremy Harris
Patch from Suse, massaged by JH
2015-06-14minor tidyingJeremy Harris
2015-06-09Revert "Show the DNSSEC status (ad=) always in -bt/-bv output"Heiko Schlittermann (HS12)
This reverts commit e7a1b6ff65f1bebbc290f2a4fd7554fde00ae2f6. It's not production grade, since the wording (ad vs. trusted) is not final yet.
2015-06-09Tighter guard for POLLRDHUPJeremy Harris
2015-06-08Truncate delay when peer closes connection. Bug 348Jeremy Harris
This is now possible on Linux, at least.
2015-06-07Content scan: Use ETIMEDOUT not ETIME, as having better portability. Bug 1640Andreas Metzler
2015-06-06PRDR: enable server-side in the default configJeremy Harris
2015-06-06Logging: add log_selector items in the default config. Bug 1333Jeremy Harris
2015-06-06DSN: fix null deref when bounce is due to conn-timeout. Bug 1630Wolfgang Breyha
2015-06-06Spamd: add missing initialiser. Rspamd mode was incorrectly sometimes seen.Jeremy Harris
Reported-by: Andreas Metzler
2015-06-05Guard routing against a null-deref. Bug 1639Jeremy Harris
2015-06-04Copyright year updates (things touched in 2015)Phil Pennock
Update current year in docs and banner copyright in src/src/globals.c Rest of changes from: vi $(git whatchanged --since=2015-01-01 | grep '^:100' | sed -n 's/^[^M]*M//p' | sort -u | fgrep -v test/) Note that there are a lot of changes made because of const propagation; I opted to include the copyright year updates in that, but we could be doing a better job with who gets the copyright credit for these changes. Changes visible with: git diff $(git rev-list -n1 --before="2015-01-01" master)
2015-06-04TLS authenticatorJeremy Harris
2015-06-04refactor build scriptJeremy Harris
2015-05-29Adjust my maintainership status to reflect realityPhil Pennock
2015-05-29OpenSSL: guard X509_check_host against LibreSSLPhil Pennock
LibreSSL's fork does not have this new function; as well as adding a `LIBRESSL_VERSION_NUMBER` value, that project bumped the OpenSSL version number in such a way as to conflict with our existing version checks. * Add a guard. * Add commentary, suggesting how to avoid getting into twistier knots with API divergence. Reported by Jasper Wallace, who provided a slightly different patch. Fixes bug 1635
2015-05-27Expand docs re. logs dir, and make eximon logs dir match exim's. Bug 1324Andreas Metzler
2015-05-27Note MAIL commands in -bS batch, to avoid smtp_no_mail logline. Bug 1346Jeremy Harris
2015-05-26Fix some typos in EDITMEHeiko Schlittermann (HS12)
2015-05-26TLS: Enable ECDHE on OpenSSL, just the NIST P-256 curve. Bug 1397Phil Pennock
Original by Phil Pennock; tweaked by JH.
2015-05-23New ${env {NAME}} expansion. Bug 1604Jeremy Harris
2015-05-23Testsuite: move test.again.dns and test.fail.dns handling to fakensJeremy Harris
2015-05-23tidyingJeremy Harris
2015-05-22DANE: do not fail/defer message due to TLSA lookup but dane is only requestedJeremy Harris
2015-05-21Fix DANE for multiple-MX when all TLSA lookup defer. Bug 1634Jeremy Harris
2015-05-20Add DNS debug aid if we requested AD but got AAHeiko Schlittermann (HS12)
If the resolver we ask is authoritive (AA) for some domain, we never ever get the AD (authentic data) bit in the answer.
2015-05-20Add DNS debug aid if we requsted AD but got AAHeiko Schlittermann (HS12)
If the resolver we ask is authoritive (AA) for some domain, we never ever get the AD (authentic data) bit in the answer.
2015-05-19Change HELO-verify forward case from byname to bydns and add DNSSEC trackingJeremy Harris
2015-05-19Change host_lookup re-forward from byname to bydns; checking DNSSECJeremy Harris
2015-05-19struct dnssec_domainsJeremy Harris
2015-05-18Show the DNSSEC status (ad=) always in -bt/-bv outputHeiko Schlittermann (HS12)
2015-05-18Fix truncated dns-lookup return record handlingJeremy Harris
2015-05-18Testsuite: move manyhome.test,ex handling from exim to fakensJeremy Harris
2015-05-17Remove word "rejected" from ACL-discard log lines. Bug 1632Jeremy Harris
2015-05-16tidyingJeremy Harris
2015-05-15Callout: additional debug on cache operationsJeremy Harris
2015-05-15Testsuite: reverted: Output of path to fakensHeiko Schlittermann (HS12)
This partially reverts 5f3d09836.
2015-05-13Testsuite: Check dnssec_{request,require}_domains for dnslookupHeiko Schlittermann (HS12)
2015-05-12Testsuite: locate fakens relative to the config_main_directoryHeiko Schlittermann (HS12)
This makes the test configs more intuitive, because the spool_directory=SPOOL/spool does not need to be there anymore, except we really need a spool directory.
2015-05-12Output dnssec status in -bt/-bv modeHeiko Schlittermann (HS12)
Currently this feature is enabled only if running_in_test_harness, because I don't want to break anything else.
2015-05-11Diagnostic debug message if fakens is not foundHeiko Schlittermann (HS12)
2015-05-11Do not use the A lookup following an AAAA for setting the FQDN. Bug 1588Jeremy Harris
Normally benign, it bites when the pair was led to by a CNAME; modern usage is to not canoicalize the domain to a cname target (and we were inconsistent anyway for A-only vs AAAA+A).
2015-05-10Override DISABLE_DNSSEC when EXPERIMENTAL_DANE is in useHeiko Schlittermann (HS12)
2015-05-10Add feature tag for DNSSECHeiko Schlittermann (HS12)
2015-05-09Support SOA lookup in dnsdb lookups. Bug 286Jeremy Harris
2015-05-09Add retrans/retry options to dnsdb lookup. Bug 1539Jeremy Harris
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-28 01:30:50 +0000