summaryrefslogtreecommitdiff
path: root/src
AgeCommit message (Collapse)Author
2014-12-25Fix null-indirection in certextract expansionJeremy Harris
Found-by: Roman Rybalko
2014-12-23Use TIME_T_FMT for formatting tv_sec. Bug 1561Jeremy Harris
2014-12-19EXPERIMENTAL_DSN: use the SMTP return messsage for Diagnostic-Code lines. ↵Wolfgang Breyha
Bug 1559 Minor tweaking by JH.
2014-12-14Account properly for quoted or 2047-encoded MIME parameters while walking ↵Jeremy Harris
headers. Bug 1558
2014-12-04Fail a DANE-mode verify on totally missing certificateJeremy Harris
2014-11-29Compiler quietening. Bug 1555Jeremy Harris
2014-11-29Compiler quieteningJeremy Harris
2014-11-28Git: ignore a few more nonsource filesJeremy Harris
2014-11-27Fix buffer overrun in spam= acl condition. Bug 1552Jeremy Harris
2014-11-25Error the build if DANE included but DNSSEC not availableJeremy Harris
2014-11-20When following a CNAME chain, if any lookup is insecure the whole must be tooJeremy Harris
2014-11-20Const-ificationJeremy Harris
2014-11-20Const-ificationJeremy Harris
2014-11-20Fix copying of host_used in smtp transportJeremy Harris
Following c562f "More regular logging use of H=<name> [<ip>]" there were error cases where a host-item that was being expanded per-call was used. Move the copy earlier so these are covered.
2014-11-18Compiler quieteningJeremy Harris
2014-11-16Fix debug output of name of transport option list being matchedJeremy Harris
2014-11-11Handle UTC vs specified-timezone for certificate extractors. Bug 1541Jeremy Harris
2014-11-08Fix smtp transport certificate-verification option matching to use correct hostJeremy Harris
Fix certificate name verification done with tls_try_verify_hosts Affected tls_verify_hosts, tls_try_verify_hosts, tls_verify_cert_hostnames.
2014-11-06EXPERIMENTAL_CERTNAMES: Hostlist for cert name checks should match hostJeremy Harris
connected-to, not be list of acceptable names. The name checked is the host name.
2014-11-05Do not permit multi-component wildcards on certificate names (OpenSSL, ↵Jeremy Harris
EXPERIMENTAL_CERTNAMES)
2014-11-05Do not permit multi-component wildcards on certificate names (OpenSSL)Jeremy Harris
2014-11-04Fix dnssec indication variable when used from verify-callout smtp:commect eventJeremy Harris
2014-10-30Fix cert-try-verify when denied by event actionJeremy Harris
2014-10-30Fix dnssec indication variable when used from smtp:commect eventJeremy Harris
2014-10-30For connects and certificate-verifies denied by event actions, logJeremy Harris
the string resulting from the event expansion
2014-10-26Do not claim OCSP support when compiled with too-old GnuTLS versionJeremy Harris
2014-10-26Fix cert-try-verify when denied by event actionJeremy Harris
2014-10-26Fix feature-ifdef for OpenSSL builtin certname checkingJeremy Harris
2014-10-25Add event for inbound cert visibilityJeremy Harris
2014-10-25Make transport name available in verify-callouts. Add verify_mode variableJeremy Harris
2014-10-25Rename facility to Event Actions, ifdeffed on EXPERIMENTAL_EVENTJeremy Harris
2014-10-22Make $host available in tpda delivery event, for cutthrough. Bug 1529Jeremy Harris
2014-10-22More regular logging use of H=<name> [<ip>]Jeremy Harris
Note this may affect utilities which parse logs.
2014-10-16Handle certificate dir under GnuTLS, if recent enoughJeremy Harris
Add testcases for certificate directories The GnuTLS implementation has been tested on Fedora 21 (alpha), using GnuTLS 3.3.9. The testsuite case is here but with the script commented-out. When enabled, the log/mail/stdout/stderr files will be created fresh.
2014-10-12Make dnssec status available in tpda delivery event, for cutthroughJeremy Harris
2014-10-12Quieten noisy compilerJeremy Harris
As usual, gcc whining that perfectly valid C coding is "ambiguous". Wrongly.
2014-10-05Remove limit on remove_headers item size. Bug 1533Jeremy Harris
2014-09-29Fix Solaris buildJeremy Harris
2014-09-28Fix transport-results pipe for multiple recipients combined with certs.Wolfgang Breyha
The previous parsing failed when a result item split over a buffer boundary; fix by prefixing sizes to items, and checking enough has been read as the initial parsing stage.
2014-09-25Clarify error message for host-connect fail. Bug 1505Jeremy Harris
2014-09-25Amplify comment on server requests for client certificatesJeremy Harris
2014-09-23Merge remote-tracking branch 'exim_github/pr/18'Todd Lyons
2014-09-16Replace use of index() with Ustrchr()Jeremy Harris
2014-09-13Restrict dane to DANE-TA(2) and DANE-EE(3) usage TLSA recordsJeremy Harris
Also, just ignore TLSA records with unsipported match types.
2014-09-12Fix needless OCSP request under DANEJeremy Harris
usage 3 and with require_ocsp in play though inactive
2014-09-12Bug 1216: Add -M (related) to exigrep.Todd Lyons
Thanks to Arkadiusz for pointing out that this was never merged.
2014-09-11Fix ldap lookup for single-attr request, multiple-attr return. Bug 1521Heiko Schlittermann
Exim documented behaviour is that the single-request case controls the output format (by not labelling attributes with names). The code is broken for the case where attrs B, C are derived from A and A is requested (and the LDAP server used isn't buggy here; some are and only return A rather than A, B, C).
2014-09-11Add debug for number of CA certs, for OpenSSL/file loadJeremy Harris
2014-09-10Fix undersized buffer use by eximon. Bug 1527Jeremy Harris
The long spoolfile line now used for certificate info was too big, resulting in an apparent syntax error in the file. Apart from using a decent size, do autogrow in case of immense certificates.
2014-09-10TPDA tidyingJeremy Harris
generated by cgit v1.2.3 (git 2.39.1) at 2024-10-24 10:21:05 +0000