Age | Commit message (Collapse) | Author |
|
Also: update EDITME to refer to pkg-config & AUTH_HEIMDAL_GSSAPI.
|
|
|
|
|
|
multi-blank-line protection never set the bool needed
OID-method for keytab setting cleanup (drop <roken.h> and fix comments)
|
|
Drop the OID and pseudo-standard GSSAPI extension mechanism.
Found Heimdal-specific API call I needed, works great.
gsskrb5_register_acceptor_identity(filename)
Separately: add various debug statements.
|
|
Not yet working, failing to set keytab.
Also: support (AUTH|LOOKUP)_*_PC=foo to use `pkg-config foo` for cflags/libs.
|
|
Defined helper streqic() since I seem tired enough to be forgetting ==0 checks.
Deal with left-over-data-to-send correctly.
Now tested with PLAIN, CRAM-MD5, DIGEST-MD5.
For DIGEST-MD5, check for server_realm, since GSASL doesn't error out without it.
|
|
|
|
Missing: documentation; tests.
Tested: PLAIN auth.
Status: probably buggy
|
|
|
|
fixes bug 1053
|
|
|
|
Make lookups depend upon PHDRS not HDRS.
Make parent dir depend upon child build target for lookups
|
|
|
|
the match_<type> changes
|
|
|
|
Loosely based on suggestion from Julian Gilbey.
fixes bug 1139.
|
|
|
|
fixes bug 1152.
|
|
Was code correct before, but storing a ptr of 0 or 1, from bool initialiser.
I meant to use a BOOL and it is more type-safe to do so, so fixed.
|
|
syntax error
|
|
|
|
|
|
Tested for version.sh in cwd, but used . to source, assuming that
would pull in file from cwd. True on BSD (checked after $PATH) but
not part of POSIX and not true for bash when in POSIX mode.
|
|
|
|
(gnutls fixes had updated some text docs)
|
|
Tested builds both with and without this option, behaviour matches expectations.
|
|
EXPAND_LISTMATCH_RHS define is checked, but not yet plumbed that into build system.
|
|
|
|
|
|
|
|
|
|
|
|
mime_decode_*() functions can return -1 for error, which would be lost when assigning to unsigned int.
Sprinkled ssize_t across function return types and result variables.
|
|
Patch from Wolfgang Breyha.
Also, slight improvements to some debug statements.
fixes bug 860
|
|
Patch from Holger Weiß.
fixes bug 1131
|
|
Patch from Heiko Schlittermann.
Fixes bug 1089
|
|
Patch from Heiko Schlittermann.
Fixes bug 1087
|
|
Patch from John Horne.
Fixes bug 1078
|
|
Not tested the drtables.c change for dynamically loaded lookups, only
the readline loading for -be interactive mode.
|
|
Permits SSL-on-connect for outbound connections.
Heavily based on Simon Arlott's patch, but with enough modifications to
risk new bugs.
nb: am on a plane, change confirmed to compile on MacOS, nothing more
fixes bug 97
|
|
Needed to interoperate with SASL commands containing a large
initial-response; in practice, GSSAPI with authorisation data, such as
in a Windows domain.
Patch from Paul Fisher.
fixes bug 879
|
|
One-line code change in unattributed .patch file bundled in someone's
.src.rpm.
We cause plenty of warnings for -Wstrict-aliasing=2, most appear to be
signed/unsigned char issues.
|
|
Adapted from git itself via unifdef. This does not (yet) include
the equivalent automation for the doc build.
|
|
|
|
|
|
I have also de-CVSed the ABOUT files and cleaned up a few
introductory comments.
|
|
Replace /noupdate with simpler /readonly option. (/noupdate is
supported for backwards compatibility but no longer documented.)
Better checking of the compatibility between per_* options and the
ACL in which the ratelimit condition appears.
Better handling of the start of a burst of email and of very low-rate
clients.
The new /count= option generalizes the per_byte and per_rcpt options.
The new /unique= option is a rather groovy use for a Bloom filter.
|
|
exiwhat sends a SIGUSR1 to all exim processes to make them write
their status to the process log. This is all done in the signal
handler, but the logging code makes a number of calls that are not
signal safe. These can all cause crashes or recursive locking in
libc.
Firstly, obtaining and formatting the timestamp is not safe.
Doing so is unnecessary since exiwhat strips off the timestamp.
This change removes timestamps from the process log.
Secondly, exim closes all the logs after writing the process
log. Closing syslog is not signal safe, and isn't necessary.
We now only close the process log after writing to it.
Thirdly, exim may calculate the process_log_path inside the signal
handler which involves some possibly-unsafe string handling code.
This change calculates the path when reading the configuration.
Fourthly, when exim creates the process log file it might have to
call the unsafe directory_create() though this is unlikely in
practice. After this change exim only calls log_create() in a
subprocess which is safe - it sometimes needs to do so anyway, if
it is running as root and needs to drop privileges.
The new code has no process log handling in log.c which eliminates
some awkward special cases. It uses very simple code to write to
the file in the signal handler, so it is obviously safe by inspection.
|
|
See also commit ID 0761d44e
|