Age | Commit message (Collapse) | Author | |
---|---|---|---|
2014-06-04 | Ensure output buffer big enough for DSN additions to MAIL FROM. Bug 1482 | Jeremy Harris | |
2014-05-31 | Support service names for tls_on_connect_ports. Bug 72 | Jeremy Harris | |
2014-05-30 | Fix no-ssl build | Jeremy Harris | |
2014-05-29 | Fix delivery $host in client authenticator in verify/callout. Bug 1476 | Jeremy Harris | |
2014-05-29 | Log warnings on presence of deperecated options | Jeremy Harris | |
2014-05-29 | Fix dnssec dnsdb lookup in defer_never mode | Jeremy Harris | |
2014-05-28 | Bug 1444: Fix \r\n handling writing spool file | Todd Lyons | |
Fix a bug which causes DKIM signatures to fail because what gets written to the spool file is different than what gets passed through the DKIM code. | |||
2014-05-28 | Merge tag 'exim-4_82_1'exim-4_83_RC1 | Todd Lyons | |
Fix Conflicts: src/src/dmarc.c | |||
2014-05-26 | SECURITY: DMARC uses From header untrusted dataexim-4_82_1 | Todd Lyons | |
CVE-2014-2957 To find the sending domain, expand_string() was used to directly parse the contents of the From header. This passes untrusted data directly into an internal function. Convert to use standard internal parsing functions. | |||
2014-05-26 | Increase limit of smtp_confirmation logging from 100 to 256 chars. Bug 1408 | Jeremy Harris | |
2014-05-26 | Errorcheck TLS library calls | Jeremy Harris | |
2014-05-26 | Restrict certificate name checkin for wildcards. | Jeremy Harris | |
On more recent OpenSSL library versions the builtin wildcard checking can take a restriction option that we want, to disallow the more complex possibilities of wildcarding. | |||
2014-05-25 | Missing initialiser | Jeremy Harris | |
2014-05-23 | Add OpenSSL version check | Jeremy Harris | |
2014-05-23 | Add GnuTLS version check | Jeremy Harris | |
2014-05-23 | Move OCSP out of EXPERIMENTAL | Jeremy Harris | |
2014-05-22 | Compiler quietening. Bug 907 | Jeremy Harris | |
2014-05-21 | RFC3461 support - MIME DSN messages. Bug 118 | Wolfgang Breyha | |
2014-05-21 | Eliminate one foolish way to break the build | Jeremy Harris | |
2014-05-21 | Add PRDR feature output in -bV | Todd Lyons | |
2014-05-20 | Support optional server certificate name checking. Bug 1479 | Jeremy Harris | |
Enable EXPERIMENTAL_CERTNAMES to include. | |||
2014-05-20 | Final tidyout of EXPERIMENTAL_PRDR | Jeremy Harris | |
2014-05-17 | Use accessor functions for OpenSSL internal data | Jeremy Harris | |
2014-05-16 | General tidying | Jeremy Harris | |
2014-05-16 | Tidy certificate verification logic under OpenSSL | Jeremy Harris | |
2014-05-13 | Extractors for certificate time fields support integer output modifier | Jeremy Harris | |
2014-05-13 | Extractor for named RDN element types from a certificate DN field. | Jeremy Harris | |
2014-05-13 | Bug 1394: PPv2 header modifed | Todd Lyons | |
The HAProxy dev team adjusted the layout of the 16 byte header to allow it to be used for SSL connections. Had to adjust PPv2 handling code and perl proxy emulation script. Added link to this HAProxy commit in the documentation. | |||
2014-05-13 | Fix cert fingerprint path to deny noncerts | Jeremy Harris | |
2014-05-13 | certextract tidying | Jeremy Harris | |
2014-05-13 | Move PRDR out of EXPERIMENTAL | Jeremy Harris | |
2014-05-12 | Merge branch 'master' of ssh://git.exim.org/home/git/exim | Todd Lyons | |
2014-05-12 | Provide better sprintf debug output for callers | Todd Lyons | |
2014-05-12 | Propagate dnssec status from dnslookup router through transport to tpda | Jeremy Harris | |
2014-05-12 | Fix pair of buffer size errors. Bug 1478 | Jeremy Harris | |
Reported-by: David Binderman | |||
2014-05-11 | New expansion operator sha256 for certificates. Bug 1170 | Jeremy Harris | |
2014-05-11 | More testcase serialization | Jeremy Harris | |
2014-05-11 | Compiler quietening and testcase consistency | Jeremy Harris | |
Fix an unterminated comment from 018058b | |||
2014-05-09 | Remove extraneous debug | Jeremy Harris | |
2014-05-09 | Make $tls_out_ocsp visible to TPDA (mostly testsuite) | Jeremy Harris | |
2014-05-08 | Certificate-related routines only present when TLS is supported | Jeremy Harris | |
2014-05-08 | Enable operator md5 and sha1 use on certificate variables. Bug 1170 | Jeremy Harris | |
2014-05-06 | OCSP observability: variables $tls_{in,out}_ocsp | Jeremy Harris | |
and smtp transport option hosts_request_ocsp | |||
2014-05-06 | Refactor tls_client_init interface | Jeremy Harris | |
2014-05-05 | Extractors for subject-alternate-name, ocsp-uri, crl-uri return list. Bug 1358 | Jeremy Harris | |
2014-05-04 | Fix build with OpenSSL on earlier versions. | Jeremy Harris | |
Centos 6.5 and earlier had a build fail with GENERAL_NAME etc. undefined. Just include the file defining it even if it's a duplicate on later versions. | |||
2014-05-03 | More debug output | Jeremy Harris | |
2014-05-02 | Certificate variables and field-extractor expansions. Bug 1358 | Jeremy Harris | |
2014-05-01 | Support dnssec in verify-callout use of smtp transport. | Jeremy Harris | |
Use of dnslookup router support is already present. | |||
2014-05-01 | Cancel in-progress or reject requeted cutthrough when fakereject. Bug 1475 | Jeremy Harris | |