| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2014-11-08 | Fix smtp transport certificate-verification option matching to use correct host | Jeremy Harris | |
| Fix certificate name verification done with tls_try_verify_hosts Affected tls_verify_hosts, tls_try_verify_hosts, tls_verify_cert_hostnames. | |||
| 2014-11-06 | EXPERIMENTAL_CERTNAMES: Hostlist for cert name checks should match host | Jeremy Harris | |
| connected-to, not be list of acceptable names. The name checked is the host name. | |||
| 2014-11-05 | Do not permit multi-component wildcards on certificate names (OpenSSL, ↵ | Jeremy Harris | |
| EXPERIMENTAL_CERTNAMES) | |||
| 2014-11-05 | Do not permit multi-component wildcards on certificate names (OpenSSL) | Jeremy Harris | |
| 2014-11-04 | Fix dnssec indication variable when used from verify-callout smtp:commect event | Jeremy Harris | |
| 2014-10-30 | Fix cert-try-verify when denied by event action | Jeremy Harris | |
| 2014-10-30 | Fix dnssec indication variable when used from smtp:commect event | Jeremy Harris | |
| 2014-10-30 | For connects and certificate-verifies denied by event actions, log | Jeremy Harris | |
| the string resulting from the event expansion | |||
| 2014-10-26 | Do not claim OCSP support when compiled with too-old GnuTLS version | Jeremy Harris | |
| 2014-10-26 | Fix cert-try-verify when denied by event action | Jeremy Harris | |
| 2014-10-26 | Fix feature-ifdef for OpenSSL builtin certname checking | Jeremy Harris | |
| 2014-10-25 | Add event for inbound cert visibility | Jeremy Harris | |
| 2014-10-25 | Make transport name available in verify-callouts. Add verify_mode variable | Jeremy Harris | |
| 2014-10-25 | Rename facility to Event Actions, ifdeffed on EXPERIMENTAL_EVENT | Jeremy Harris | |
| 2014-10-22 | Make $host available in tpda delivery event, for cutthrough. Bug 1529 | Jeremy Harris | |
| 2014-10-22 | More regular logging use of H=<name> [<ip>] | Jeremy Harris | |
| Note this may affect utilities which parse logs. | |||
| 2014-10-16 | Handle certificate dir under GnuTLS, if recent enough | Jeremy Harris | |
| Add testcases for certificate directories The GnuTLS implementation has been tested on Fedora 21 (alpha), using GnuTLS 3.3.9. The testsuite case is here but with the script commented-out. When enabled, the log/mail/stdout/stderr files will be created fresh. | |||
| 2014-10-12 | Make dnssec status available in tpda delivery event, for cutthrough | Jeremy Harris | |
| 2014-10-12 | Quieten noisy compiler | Jeremy Harris | |
| As usual, gcc whining that perfectly valid C coding is "ambiguous". Wrongly. | |||
| 2014-10-05 | Remove limit on remove_headers item size. Bug 1533 | Jeremy Harris | |
| 2014-09-29 | Fix Solaris build | Jeremy Harris | |
| 2014-09-28 | Fix transport-results pipe for multiple recipients combined with certs. | Wolfgang Breyha | |
| The previous parsing failed when a result item split over a buffer boundary; fix by prefixing sizes to items, and checking enough has been read as the initial parsing stage. | |||
| 2014-09-25 | Clarify error message for host-connect fail. Bug 1505 | Jeremy Harris | |
| 2014-09-25 | Amplify comment on server requests for client certificates | Jeremy Harris | |
| 2014-09-23 | Merge remote-tracking branch 'exim_github/pr/18' | Todd Lyons | |
| 2014-09-16 | Replace use of index() with Ustrchr() | Jeremy Harris | |
| 2014-09-13 | Restrict dane to DANE-TA(2) and DANE-EE(3) usage TLSA records | Jeremy Harris | |
| Also, just ignore TLSA records with unsipported match types. | |||
| 2014-09-12 | Fix needless OCSP request under DANE | Jeremy Harris | |
| usage 3 and with require_ocsp in play though inactive | |||
| 2014-09-12 | Bug 1216: Add -M (related) to exigrep. | Todd Lyons | |
| Thanks to Arkadiusz for pointing out that this was never merged. | |||
| 2014-09-11 | Fix ldap lookup for single-attr request, multiple-attr return. Bug 1521 | Heiko Schlittermann | |
| Exim documented behaviour is that the single-request case controls the output format (by not labelling attributes with names). The code is broken for the case where attrs B, C are derived from A and A is requested (and the LDAP server used isn't buggy here; some are and only return A rather than A, B, C). | |||
| 2014-09-11 | Add debug for number of CA certs, for OpenSSL/file load | Jeremy Harris | |
| 2014-09-10 | Fix undersized buffer use by eximon. Bug 1527 | Jeremy Harris | |
| The long spoolfile line now used for certificate info was too big, resulting in an apparent syntax error in the file. Apart from using a decent size, do autogrow in case of immense certificates. | |||
| 2014-09-10 | TPDA tidying | Jeremy Harris | |
| 2014-09-06 | Add expansion item for sorting lists | Jeremy Harris | |
| 2014-09-06 | Support secondary-separator specifier for MX, SRV and TLSA dnsdb lookups | Jeremy Harris | |
| 2014-09-04 | Enforce TLS under DANE when host has TLSA records | Jeremy Harris | |
| 2014-09-02 | Fix ${extract expansion for use within ${if inlist etc. Bug 1524 | Jeremy Harris | |
| The coding of the numeric test on the key decided that empty was numeric, and insisted on a third substring even in syntax-check "skip" mode. This failed when a single expansion variable was used for the key (eg. $item) and the defaults for string2, string3 were being assumed. Skip the test in skip mode. | |||
| 2014-09-02 | Introduce EXPERIMENTAL_DANE feature | Jeremy Harris | |
| 2014-09-02 | redis lookup returns false for things that should be true | Sebastian Wiedenroth | |
| If redis returns an integer the lookup code currently checks if the value is 1 and returns false for all other values. This is problematic if you want to use redis commands that return counts (ZCARD etc.) because you can't check for "does not exist" or "exists at least once". (It will be 0->false, 1->true, 2 or more-> false again) This commit changes the code to handle integer values like C: 0 is false and everything else is true. For the simple 0 and 1 values nothing changes to existing queries so this diff is backwards compatible. For queries that return other values exim now gets the bool that would be expected. | |||
| 2014-08-31 | Update comment | Jeremy Harris | |
| 2014-08-29 | Fix crash in mime acl when a parameter is zero-length | Jeremy Harris | |
| 2014-08-27 | Further TPDA events | Jeremy Harris | |
| msg:complete msg:fail:internal msg:fail:delivery | |||
| 2014-08-20 | Merge branch dane-tpda into dane | Jeremy Harris | |
| Conflicts: doc/doc-txt/experimental-spec.txt src/src/deliver.c src/src/functions.h src/src/smtp_out.c src/src/tls-openssl.c src/src/transports/smtp.c src/src/verify.c | |||
| 2014-08-20 | Merge branch 'master' into dane | Jeremy Harris | |
| Conflicts: doc/doc-txt/ChangeLog src/src/tls-openssl.c src/src/transports/smtp.c src/src/verify.c | |||
| 2014-08-20 | Expanded EXPERIMENTAL_TPDA feature | Jeremy Harris | |
| Note this introduces incompatible changes; users who are compiling the feature in, and with configuration files using it, will need to change their configurations appropriately. See the experimental-spec.txt file. | |||
| 2014-08-18 | Merge remote-tracking branch 'exim_github/pr/16' | Todd Lyons | |
| 2014-08-17 | Safer coding for utf8clean expansion operator | Jeremy Harris | |
| 2014-08-17 | Log an error (instead of hanging) if Dovecot auth is configured to use the ↵ | Timo Sirainen | |
| wrong auth-master/auth-userdb socket. | |||
| 2014-08-17 | Unbreak utf8clean testcase. | Jeremy Harris | |
| Broken by my compile quitening; the issue was a variable declared local in a loop body and used for carrying data from one iteration to the next. I'd blindly added an initialiser, destroying the data. However, I *think* that compilers might be at liberty to not use the same location for separate iterations; if so the code was broken (and only worked by chance). Fix by moving the declaration outside the loop. | |||
| 2014-08-17 | Override an unchanged default hosts_request_ocsp when DANE is used | Jeremy Harris | |
 |
index : user/henk/code/exim.git | |
| [no description] | git repository hosting |
| summaryrefslogtreecommitdiff |