summaryrefslogtreecommitdiff
path: root/src
AgeCommit message (Collapse)Author
2011-02-13Implement freeze_signal on pipe transport.Phil Pennock
Patch from Jakob Hirsch. fixes bug 1042
2011-02-12Escape lookup deferral error message when logging.Phil Pennock
closes bug 1083 Patch from John Horne.
2011-02-06Fix exiqgrep issue where malformed lines not parsedNigel Metheringham
Fixes bug 943 Lightly tested, but not with report error condition, would like reporter to check this fix on their system.
2011-02-05LDAP TLS negotiation support.Phil Pennock
closes bug 230 Applies patches provided by Adam Ciarcinski of NetBSD in bug 230. Adds documentation. Tested the negotiation and server verification, not tested the client certificate presentation but looks sane.
2011-01-30Allow underscore in dnslist lookupsNigel Metheringham
Fixes bug 1026 Patch from Graeme Fowler
2011-01-30Fix wide character breakage in the rfc2047 codingNigel Metheringham
Fixes bug 1064 Patch frome Andrey N. Oktyabrski
2011-01-30Merge branch 'master' of ssh://git.exim.org/home/git/eximNigel Metheringham
2011-01-30child_open_uid: restore default SIGPIPE handlerNigel Metheringham
Fixes bug 968 Merge branch 'sigpipe-fix' of git://github.com/lp0/exim into master
2011-01-30macros_trusted overriden message only if debugging.Phil Pennock
DEBUG(D_any) missing. Fixed.
2011-01-27Use LC_ALL=C for building lookups/Makefile.Phil Pennock
2011-01-27Pulled spamd_address-expanded caching fix.Phil Pennock
Author: Wolfgang Breyha Bugzilla: 935 Attachment: 378 (looks like it could do with a strcmp check at the end before the extra string_copy, but that's a nicety and the author has presumably been running with this).
2011-01-27Permit make values to be indented or in env.Phil Pennock
It appears some make(1)s are not complaining about variables defined with leading whitespace on the line. Permit that where we can, for the lookups, but it's not tenable for CFLAGS_DYNAMIC. Some people are specifying knobs on the make command-line, so we get them via the environment. Tested: indented LOOKUP_CDB and commented out LOOKUP_DNSDB, supplying it via { make LOOKUP_DNSDB=yes }. { exim -d --version } shows both are built-in, no results from { fgrep DNSDB build-*/Makefile }.
2011-01-27Fix portability of Makefiles to HP-UX and other non-extended makes.Tony Finch
2011-01-26Fix portability bugs in valgrind support.Tony Finch
Update valgrind.h and memcheck.h to copies from valgrind-3.6.0. This fixes portability to compilers other than gcc, notably Solaris CC and HP-UX CC. Fixes: bug #1050.
2011-01-26Workround compile error with old PCRE versionsNigel Metheringham
Fixes bug #1073
2011-01-24Bug-fix the xpg4 Solaris logic.exim-4_74Phil Pennock
Should not code at 9am when still awake then. Should sanity-review such code changes before submitting (after sleep). Should s,/usr/xpg4/bin/sh,/bin/bash, as a convenient test to confirm what I suspected. But should do so pre-submit. Doh.
2011-01-24Compatibility fixes for dynlookup makefile builder.Phil Pennock
Don't abort if CFLAGS_DYNAMIC not defined. Oops! Attempt to get a POSIX environment on Solaris. Document POSIXy assumptions going forward. Problems reported by: Dennis Davis
2011-01-23Loadable modules: fix debug invocationsPhil Pennock
The new code was calling DEBUG(<n>) for values of n including 4, 5, 9; that was an Exim 3 API, we now use bits; -v sets bit 0x1, -bP implies -v, so { exim -bP } was pulling up random debug messages. Switched all the DEBUG checks to be DEBUG(D_lookup).
2011-01-23Bug 1071: fix delivery logging with untrusted macros.Phil Pennock
If dropping privileges for untrusted macros, we disabled normal logging on the basis that it would fail; for the Exim run-time user, this is not the case, and it resulted in successful deliveries going unlogged. Fixed. Reported by Andreas Metzler.
2011-01-23Report TRUSTED_CONFIG_LIST & WHITELIST_D_MACROS.Phil Pennock
When invoked { exim -d -bV } show these build-time options that affect what can be done.
2011-01-22Bugzilla 1041: pull patch id=425, DCC fixes.Phil Pennock
DCC return codes were not always correct. Patch from DCC code maintainer, Wolfgang Breyha.
2011-01-21Tests compat. setgid failure / dropped_privilegePhil Pennock
If we've *dropped* privilege, it's okay to not abort if setgid fails. Document some of what's now needed for the test suite. Adjust the test suide for better post-4.73 compat.
2011-01-21Bump version to 4.74.Phil Pennock
Docs deliberately keep changebars since v4.72 as 4.73 has not been out for long. OptionLists updates for dynamic modules and for the security changes from 4.73.
2011-01-21IncompatibleChanges out, README.UPDATING updated.Phil Pennock
I forgot about README.UPDATING and introduced a new txt file with the 4.73 release, noting incompatible changes. Because these weren't documented in the normal place, some people missed them. Mea culpa. Integrated the notes from IncompatibleChanges into README.UPDATING. Added a note on the ABI of the dynlookups.
2011-01-21Check return values of setgid/setuid.Phil Pennock
CVE-2011-0017 One assertion of the unimportance of checking the return value was wrong, in the event of a compromised exim run-time user.
2011-01-21Version reporting & module ABI change.Phil Pennock
Debug version display reports library info. Bumps lookup API magic constant, adds new field to module API. When invoking { exim -d -bV } we can display more version information. Show versions for many external libraries, including both compile-time and run-time information if we can. Optional for modules, may be NULL. Implemented for MySQL, SQLite & Whoson lookups. For all lookups, if dynamically loaded, report the Exim version number from the build. (Packagers will bundle stuff, but dynamic modules are no longer just available for packagers, so we need to deal with less managed environments and people forgetting to install new modules). Suggest in EDITME that users of modules not using package management consider embedding a version number in the path to the modules. Should consider removing the TLS (OpenSSL/GnuTLS) reporting from the default -bV display and moving it into the debug display. Not done. Created version.h, now support a version extension string for distributors who patch heavily. Henceforth release engineer should change the version in version.h not version.c.
2011-01-17Module loading working on FreeBSD (and unbreak).Phil Pennock
(1) Commit eec525c43adade97ff94d839810faf7cb35bd87f broke module support, because we *do* still need some exported variable definitions, as for a module to actually work, we need the per-module _INCLUDE/_LIBS settings. (2) FreeBSD's nsdispatch() will leave dlerror() returning a complaint about "_nss_cache_cycle_prevention_function"; we need to clear the error state before the dlsym() call, so that any error found afterwards must have come from that dlsym() call. Fix is just an extra call to dlerror(), which should be portable. I can now use sqlite3 from a module, in FreeBSD.
2011-01-16Let /dev/null have normal permissions.Phil Pennock
The 4.73 fixes were a little too stringent and complained about the permissions on /dev/null. Exempt it from some checks. Reported by Andreas M. Kirchwitz
2011-01-16Bug-fix for bash and no-dynamic case.Phil Pennock
When writing the patch, originally nothing other than a cp was needed if there were no dynamic modules. That changed, but the guard at the top did not. Remove that check. bash does not like a block which consists solely of a comment. Provide a ':' invocation. Both problems spotted by Simon Arlott -- thanks.
2011-01-16Bug 139: portability fixes and documentation.Phil Pennock
Document the dynamic lookup module capability in spec.xfpt. Include a ChangeLog item. Avoid the GNU-specific "export" make(1) directive. Build the lookups Makefile using the existing framework. Build with BSD Make once more. The src/lookups/Makefile that is used at build time now has the dynamic content come from scripts/lookups-Makefile. Add CFLAGS_DYNAMIC support, which can be set in Local/Makefile. Provide defaults for Linux & FreeBSD. Ensure that build fails early if a dynamic module is requested but CFLAGS_DYNAMIC is not defined.
2011-01-14src/deliver.c: log the error message when unlink(spoolname) failsTony Finch
2011-01-14src/transports/smtp.c: log LMTP confirmation same as SMTPTony Finch
2011-01-14src/dbfn.c: write lock aquisition failures to the panic logTony Finch
2011-01-14CONTRIBUTING: correct expansion of GPLTony Finch
2011-01-12Bugzilla #1067 - DKIM: Fix relaxed header canon for headers ending with ↵Tom Kistner
whitespace.
2011-01-05Include <dlfcn.h> only when necessaryDavid Woodhouse
2011-01-05Add dynamic lookup supportDavid Woodhouse
Fixed: bug #139
2010-12-26Fixes: bug #1002 - Message loss when using multiple deliveriesMiroslav Lichvar
2010-12-26Eximstats documentstion - s/delivery_time/deliver_time/Nigel Metheringham
Fixes: bug #1034
2010-12-21Do not refer to TRUSTED_CONFIG_PREFIX_FILE.Andreas Metzler
Refer to TRUSTED_CONFIG_LIST instead of TRUSTED_CONFIG_PREFIX_FILE in documentation and comments.
2010-12-18Updated version numbers of code and documentationNigel Metheringham
2010-12-16Turn TRUSTED_CONFIG_PREFIX_LIST into TRUSTED_CONFIG_LIST. No prefix or regexesDavid Woodhouse
2010-12-15Allow only Exim or CONFIGURE_OWNER to use whitelisted configs with -CDavid Woodhouse
We only added TRUSTED_CONFIG_PREFIX_FILE to compensate for the enforcing of ALT_CONFIG_ROOT_ONLY. Let's not open it up any further than we need to; other users don't get to make use of it.
2010-12-15Kil va_copy(). It isn't present on some ancient systems.David Woodhouse
2010-12-15Implement -D whitelist invoking user restriction.Phil Pennock
Document WHITELIST_D_MACROS.
2010-12-14Implement -D filtering, first pass.Phil Pennock
2010-12-14Change the default for system_filter_user.Phil Pennock
If the system filter needs to be run as root, let that be explicitly configured. The default is now the Exim run-time user. Document this, and a couple of other points, in IncompatibleChanges.
2010-12-12Allow only absolute paths in TRUSTED_CONFIG_PREFIX_LIST, fix store leakDavid Woodhouse
2010-12-12Set FD_CLOEXEC on SMTP sockets after forking to handle the connection.David Woodhouse
2010-12-12Add TRUSTED_CONFIG_PREFIX_FILE optionDavid Woodhouse
(Bug 1044, CVE-2010-4345)