summaryrefslogtreecommitdiff
path: root/src
AgeCommit message (Collapse)Author
2013-04-07Merge branch 'ocsp_staple_rollup'Jeremy Harris
* ocsp_staple_rollup: tidying OCSP-stapling enhancement and testing.
2013-04-02Ensure OpenSSL entropy state reset across forks.Phil Pennock
Note that this function is never going to be called pre-fork unless the admin is doing something highly unusual with ${randint:..} in a context evaluated in the listening daemon. Other forks should result in a re-exec(), thus resetting state. Nonetheless, be more cautious, explicitly reset state. Fix per PostgreSQL. PS: why does OpenSSL not document RAND_cleanup() on the same page as all the other entropy pool maintenance functions?
2013-04-01Clean & integrate force_command.Phil Pennock
Work by J. Nick Koston, for cPanel, Inc.
2013-04-01tidyingJeremy Harris
2013-04-01Add the force_command option to the pipe transportJ. Nick Koston
Normally when a router redirects an address directly to a pipe command the command option on the transport is ignored. If force_command is set, the command option will expanded and used. This is especially useful for forcing a wrapper or additional argument to be added to the command.
2013-03-25OCSP-stapling enhancement and testing.Jeremy Harris
Server: Honor environment variable as well as running_in_test_harness in permitting bogus staplings Update server tests Add "-ocsp" option to client-ssl. Server side: add verification of stapled status. First cut server-mode ocsp testing. Fix some uninitialized ocsp-related data. Client (new): Verify stapling using only the chain that verified the server cert, not any acceptable chain. Add check for multiple responses in a stapling, which is not handled Refuse verification on expired and revoking staplings. Handle OCSP client refusal on lack of stapling from server. More fixing in client OCSP: use the server cert signing chain to verify the OCSP info. Add transport hosts_require_ocsp option. Log stapling responses. Start on tests for client-side. Testing support: Add CRL generation code and documentation update Initial CA & certificate set for testing. BUGFIX: Once a single OCSP response has been extracted the validation routine return code is no longer about the structure, but the actual returned OCSP status.
2013-03-23Rename dns_use_dnssec to dns_dnssec_ok.Phil Pennock
This per Tony's suggestion; this makes it clearer that we are merely setting resolver flags, not performing validation ourselves. Well, clearer to those who understand DNSSEC. For everyone else, they'll still be dependent upon a forthcoming new chapter to the Specification.
2013-03-13OpenSSL fix empty tls_verify_certificates.Phil Pennock
New behaviour matches GnuTLS handling, and is documented. Previously, a tls_verify_certificates expansion forced failure was the only portable way to avoid setting this option. Now, an empty string is equivalent.
2013-03-11Guard smtp_user_msg() with EXPERIMENTAL_PRDR check.Phil Pennock
Resolves: gcc receive.c receive.c:520: warning: 'smtp_user_msg' defined but not used
2013-03-11configure.default handle IPv6 localhost better.Phil Pennock
Base patch by Alain Williams. Tweaked, to avoid putting an IPv6-dependency into the default uncommented form, and some rewording. Bugzilla 880. GitHub PR #1.
2013-03-05Handle recursion better, caused by ACLs.Phil Pennock
Issue debugged by Todd Lyons, this fix from me.
2013-02-19Bug 1339: DCC update (Wolfgang Breyha)Jeremy Harris
2013-02-03tls_out.sni fix for ancient-OpenSSL #ifdef branchPhil Pennock
2013-01-26PRDR support, if compiled with EXPERIMENTAL_PRDRJeremy Harris
2013-01-14Update eximstats to watch out for senders sending 'HELO [IpAddr]'Steve Campbell
2013-01-14Fix GNU Hurd interface IPv6 address detection.Phil Pennock
Define SIOCGIFCONF_GIVES_ADDR in OS/os.h-GNU Fixes 1331.
2013-01-06Restrict lifetime of $router_name and $transport_name. Bug 308.Jeremy Harris
The router name is explicitly nulled after the router exits; the transport name is set only in the subprocess it runs in.
2012-12-25Add $router_name and $transport_name variables. Bug 308.Jeremy Harris
2012-12-23gen_pkcs3: add comment explaining rationalePhil Pennock
Wondering why you wrote some code and having to grep the source code to find out, in the same year that you wrote it, is generally a sign of missing information. Fixed.
2012-12-23Add notification of OCSP-stapling facility inclusion.Jeremy Harris
2012-12-18Initialise OCSP-related pointers before use.Jeremy Harris
2012-12-09OCSP/SNI: set correct callback.Phil Pennock
Caught by Jeremy; was wrong in (my) original commit, the dual-TLS work had just renamed the variables and theoretically made it more visible. I still missed it. The server_sni context initialisation was setting the OCSP status callback context parameter back on the original server_ctx instead of the new server_sni context. I guess OCSP and SNI aren't being used together in Exim much yet.
2012-12-07Avoid unnecessary rebuilds of lookup helper functions.Tony Finch
2012-12-07Avoid spurious rebuilds of the dynamic lookups Makefile.Tony Finch
This was noticable when re-building as a non-privileged user after installing as root; lookups/Makefile had been rebuilt by root and when it was rebuilt again by the unprivileged user `mv` demanded confirmation before overwriting the file.
2012-12-07A safer version of the check for gecos expansion.Tony Finch
2012-12-06Make gecos expansion work with test 0412 as well as 0254.Tony Finch
2012-12-06Fix my earlier "fix" for intermittently deliverable recipients.Tony Finch
Only do the ultimate address timeout check if there is an address retry record and there is not a domain retry record; this implies that previous attempts to handle the address had the retry_use_local_parts option turned on. We use this as an approximation for the destination being like a local delivery, as in LMTP.
2012-12-06Correct gecos expansion when From: is a prefix of the username.Tony Finch
Test 0254 submits a message to Exim with the header Resent-From: f When I ran the test suite under the user fanf2, Exim expanded the header to contain my full name, whereas it should have added a Resent-Sender: header. It erroneously treats any prefix of the username as equal to the username. This change corrects that bug.
2012-12-02Explain the 3 SSL_CTX we havePhil Pennock
2012-12-02Fix eximon build.Jeremy Harris
2012-11-29Fix ultimate retry timeouts for intermittently deliverable recipients.Tony Finch
When a queue runner is handling a message, Exim first routes the recipient addresses, during which it prunes them based on the retry hints database. After that it attempts to deliver the message to any remaining recipients. It then updates the hints database using the retry rules. So if a recipient address works intermittently, it can get repeatedly deferred at routing time. The retry hints record remains fresh so the address never reaches the final cutoff time. This is a fairly common occurrence when a user is bumping up against their storage quota. Exim had some logic in its local delivery code to deal with this. However it did not apply to per-recipient defers in remote deliveries, e.g. over LMTP to a separate IMAP message store. This commit adds a proper retry rule check during routing so that the final cutoff time is checked against the message's age. I also took the opportunity to unify three very similar blocks of code. I suspect this new check makes the old local delivery cutoff check redundant, but I have not verified this so I left the code in place.
2012-11-23DCC debug and logging tidyGraeme Fowler
2012-11-23Fix merge problem.Jeremy Harris
2012-11-23Check syscall return values.Jeremy Harris
Mostly just compiler-quietening rather than intelligent error-handling. This deals with complaints of "attribute warn_unused_result" during an rpm build for SL6 (probably for Fedora also).
2012-11-22Fix 64b build.Jeremy Harris
2012-11-19Dovecot: robustness; better msg on missing mech.Phil Pennock
If the dovecot protocol response doesn't include the MECH message for the SMTP AUTH protocol the client has requested, that's not a protocol failure, don't log it as such. Instead, explicitly log that it didn't advertise the mechanism we're looking for. This lets administrators fix either their Exim or their Dovecot configurations. Also: make the Dovecot handling more resistant to bad data from the auth server; handle too many fields with debug-log message to explain what's going on, permit lines of 8192 length per spec and detect if the line is too long, so that we can fail auth instead of becoming unsynchronised. Stop using the CUID from the server as the AUTH id counter. They're different, by my reading of the spec. TESTED: works against Dovecot 2.1.10. Thanks to Brady Catherman for reporting the problem with diagnosis.
2012-11-18More compiler quietening.Jeremy Harris
2012-11-18More compiler quietening.Jeremy Harris
2012-11-18More compiler quitening.Jeremy Harris
2012-11-17Fix initializer for struct tls_support, per edc33b5f1aca and 817d9f576cd.Jeremy Harris
2012-11-16Configure should stop on error.Phil Pennock
Set the POSIX -e option on the #! line invoking /bin/sh. If any of the sub-commands fail, the Configure as a whole should fail.
2012-11-09Auth info from transports must be tracked per-address.Jeremy Harris
2012-11-08Ensure that recipient is well-defined for expansion-called acl at RCPT-time.Jeremy Harris
2012-11-07Fix server_set_id for SPA/NTLM auth.Phil Pennock
Broken in 4.80 release, commit 08488c86. We need to leave $auth1 available after the authenticator returns, so that server_set_id can be evaluated by the caller. We need to do this whether we succeed or fail, because server_set_id only makes it into $authenticated_id if we return OK, but is logged regardless. Updated test config to set server_set_id; updated logs.
2012-11-06Add optional authenticated_sender info to A= elements of log lines; bug 1314.Jeremy Harris
New log_selector, smtp_mailauth, to enable.
2012-11-04Add A= to delivery log lines, and a client_set_id option to authenticators.Jeremy Harris
2012-10-29Track ACL context through ${acl expansions. Bug 1305.Jeremy Harris
Rather than pass "where" around all the string-expansion calls I've used a global; and unpleasant mismatch with the existing "where" tracking done for nested ACL calls.
2012-10-28Quieten complaining compilers.Jeremy Harris
2012-10-264.81 to 4.82Phil Pennock
Avoiding confusion of 4.80.1 vs 4.81, we went with skipping to 4.82 instead.
2012-10-26Merge 4.80.1 security fix in.Phil Pennock
Merge commit '4263f395efd136dece52d765dfcff3c96f17506e' Amendment to ChangeLog to handle changes.