summaryrefslogtreecommitdiff
path: root/src
AgeCommit message (Collapse)Author
2014-11-29TidyingJeremy Harris
2014-11-27Fix buffer overrun in spam= acl condition. Bug 1552Jeremy Harris
2014-11-27TidyingJeremy Harris
2014-11-27Reformat to project standardJeremy Harris
2014-11-23Log certificate verification status by defaultJeremy Harris
2014-11-23Make smtp transport try server cert verify by defaultJeremy Harris
This is an exim client checking a server certificate.
2014-11-23Make "system" location for certificate CA bundle the defaultJeremy Harris
2014-11-23Support use of system default CA bundleJeremy Harris
2014-11-23Move certificate name checking to mainline, default enabledJeremy Harris
This is an exim client checking a server certificate.
2014-11-21As client, request PRDR by default if the server offers itJeremy Harris
2014-11-20Refactor common uses of list-checkingJeremy Harris
2014-11-18Make the multi_domain smtp transport option expandedJeremy Harris
2014-11-18Make the retry_include_ip_address smtp transport option expanded. Bug 1545Jeremy Harris
2014-11-18Compiler quieteningJeremy Harris
2014-11-16Fix debug output of name of transport option list being matchedJeremy Harris
2014-11-11Handle UTC vs specified-timezone for certificate extractors. Bug 1541Jeremy Harris
2014-11-08Fix smtp transport certificate-verification option matching to use correct hostJeremy Harris
Fix certificate name verification done with tls_try_verify_hosts Affected tls_verify_hosts, tls_try_verify_hosts, tls_verify_cert_hostnames.
2014-11-06EXPERIMENTAL_CERTNAMES: Hostlist for cert name checks should match hostJeremy Harris
connected-to, not be list of acceptable names. The name checked is the host name.
2014-11-05Do not permit multi-component wildcards on certificate names (OpenSSL, ↵Jeremy Harris
EXPERIMENTAL_CERTNAMES)
2014-11-05Do not permit multi-component wildcards on certificate names (OpenSSL)Jeremy Harris
2014-11-04Fix dnssec indication variable when used from verify-callout smtp:commect eventJeremy Harris
2014-10-30Fix cert-try-verify when denied by event actionJeremy Harris
2014-10-30Fix dnssec indication variable when used from smtp:commect eventJeremy Harris
2014-10-30For connects and certificate-verifies denied by event actions, logJeremy Harris
the string resulting from the event expansion
2014-10-26Do not claim OCSP support when compiled with too-old GnuTLS versionJeremy Harris
2014-10-26Fix cert-try-verify when denied by event actionJeremy Harris
2014-10-26Fix feature-ifdef for OpenSSL builtin certname checkingJeremy Harris
2014-10-25Add event for inbound cert visibilityJeremy Harris
2014-10-25Make transport name available in verify-callouts. Add verify_mode variableJeremy Harris
2014-10-25Rename facility to Event Actions, ifdeffed on EXPERIMENTAL_EVENTJeremy Harris
2014-10-22Make $host available in tpda delivery event, for cutthrough. Bug 1529Jeremy Harris
2014-10-22More regular logging use of H=<name> [<ip>]Jeremy Harris
Note this may affect utilities which parse logs.
2014-10-16Handle certificate dir under GnuTLS, if recent enoughJeremy Harris
Add testcases for certificate directories The GnuTLS implementation has been tested on Fedora 21 (alpha), using GnuTLS 3.3.9. The testsuite case is here but with the script commented-out. When enabled, the log/mail/stdout/stderr files will be created fresh.
2014-10-12Make dnssec status available in tpda delivery event, for cutthroughJeremy Harris
2014-10-12Quieten noisy compilerJeremy Harris
As usual, gcc whining that perfectly valid C coding is "ambiguous". Wrongly.
2014-10-05Remove limit on remove_headers item size. Bug 1533Jeremy Harris
2014-09-29Fix Solaris buildJeremy Harris
2014-09-28Fix transport-results pipe for multiple recipients combined with certs.Wolfgang Breyha
The previous parsing failed when a result item split over a buffer boundary; fix by prefixing sizes to items, and checking enough has been read as the initial parsing stage.
2014-09-25Clarify error message for host-connect fail. Bug 1505Jeremy Harris
2014-09-25Amplify comment on server requests for client certificatesJeremy Harris
2014-09-23Merge remote-tracking branch 'exim_github/pr/18'Todd Lyons
2014-09-16Replace use of index() with Ustrchr()Jeremy Harris
2014-09-13Restrict dane to DANE-TA(2) and DANE-EE(3) usage TLSA recordsJeremy Harris
Also, just ignore TLSA records with unsipported match types.
2014-09-12Fix needless OCSP request under DANEJeremy Harris
usage 3 and with require_ocsp in play though inactive
2014-09-12Bug 1216: Add -M (related) to exigrep.Todd Lyons
Thanks to Arkadiusz for pointing out that this was never merged.
2014-09-11Fix ldap lookup for single-attr request, multiple-attr return. Bug 1521Heiko Schlittermann
Exim documented behaviour is that the single-request case controls the output format (by not labelling attributes with names). The code is broken for the case where attrs B, C are derived from A and A is requested (and the LDAP server used isn't buggy here; some are and only return A rather than A, B, C).
2014-09-11Add debug for number of CA certs, for OpenSSL/file loadJeremy Harris
2014-09-10Fix undersized buffer use by eximon. Bug 1527Jeremy Harris
The long spoolfile line now used for certificate info was too big, resulting in an apparent syntax error in the file. Apart from using a decent size, do autogrow in case of immense certificates.
2014-09-10TPDA tidyingJeremy Harris
2014-09-06Add expansion item for sorting listsJeremy Harris
generated by cgit v1.2.3 (git 2.39.1) at 2025-01-31 20:55:46 +0000