summaryrefslogtreecommitdiff
path: root/src
AgeCommit message (Collapse)Author
2012-05-07revert "%s" addition in em_main.c, broke %D in log_file.Phil Pennock
Also added gdb support. This leaves us with a printf warning. We accept that as the cost of using PRINTF_FORMAT for strings that aren't libc formats.
2012-05-06Unbreak build on Solaris.Phil Pennock
Solaris needs -lresolv, ie $(LIBRESOLV), for anything referencing DNS. I added _res stuff to os.c. os.c is used by multiple tools, but of those only Exim needs the DNS functionality. So used a !defined(COMPILE_UTILITY) guard.
2012-05-05DNS resolver init changes for NetBSD compatibility.Phil Pennock
2012-05-05Fix eximon build (tls_sni)Jeremy Harris
2012-05-04Check localhost_number expansion for failure.Phil Pennock
Avoids NULL dereference. Report and patch from Alun Jones. Also a couple of SIZE_T_FMT sizeof() printf string fixes while I was in there. fixes bug 1122
2012-05-04silence various compiler complaints; expose NVALGRINDPhil Pennock
2012-05-04More tls_sni support: outbound, logging.Phil Pennock
tls_sni as SMTP transport option. Use correct storage pool for copying tls_sni, so survives for life of process. Add +tls_sni log-selector, for inbound tls_sni. Update exipick to handle -tls_sni in spool files. Also reset tls_bits at start of outbound connection (was missing).
2012-05-04TLS SNI support for OpenSSL ($tls_sni)Phil Pennock
2012-05-03Guard loadable module vars with LOOKUP_MODULE_DIR.Phil Pennock
Fixes compiler complaints about unused variables.
2012-05-03spurious compiler warning of unused var fixPhil Pennock
(but added check in case wrong about spuriousness)
2012-05-03OpenSSL fixes and backwards compat break.Phil Pennock
Drop SSL_clear() after SSL_new() which causes protocol negotiation failures for TLS1.0 vs TLS1.1/1.2 in OpenSSL 1.0.1b. Remove SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS (+dont_insert_empty_fragments) from default of openssl_options.
2012-05-03LDAP: Check for errors of TLS initialisationPhil Pennock
Report and patch from Dmitry Banschikov.
2012-05-01Code refactoring in acl.c (bug 1184)Jeremy Harris
Move to a table-driven approach for the parsing of "verify =".
2012-05-01Change notes for bug 660.Jeremy Harris
2012-05-01Return multi-values attributes from an LDAP lookup in parsable form (bug 660).Jeremy Harris
2012-04-30Fix verification when DKIM Signatures are not inserted as tracking headers. ↵Tom Kistner
Thanks to Wolfgang Breyha for the patch! (bug 1239)
2012-04-29Include string_interpret_escape() in COMPILE_UTILITY cases.Jeremy Harris
Eximon needs it, via util-spool_in.o It needed a private hex_digits[] to avoid bringing in all of globals.c to COMPILE_UTILITY.
2012-04-28include string_unprinting() in COMPILE_UTILITY cases.Phil Pennock
jgh debugged eximon build failure; util-spool_in.o needs it
2012-04-28TLS fixes for OpenSSL.Phil Pennock
Support TLS 1.1 & 1.2 New "openssl_options" values (all now documented). Set SSL_MODE_AUTO_RETRY so that OpenSSL will retry a read or write after TLS renegotiation, which otherwise led to messages "Got SSL error 2".
2012-04-28describe spool file changes for -tls_peerdnPhil Pennock
2012-04-27Handle \n in tls_peerdn for spool files.Phil Pennock
Fixes bug 1240.
2012-04-25Add ACL name to debug output of condition result (bug 1238).Jeremy Harris
2012-04-23Ensure $smtp_command is initialized before it can be expanded (bug 1182).Jeremy Harris
2012-04-23Add pointer to IPv6 support in prototype Makefile (bug 1232).Jeremy Harris
2012-04-22Always init_lookup_list before readconf_main.Phil Pennock
This happens while still root. Be more emphatic in EDITME about the security implications of loadable modules.
2012-04-22Mark cases where printf format strings are usedDirk Mueller
Bug report from Lars Müller <lars@samba.org> (via SUSE), Patch from Dirk Mueller <dmueller@suse.com>
2012-04-12Handle TAB, not just SP, in MAIL args.Phil Pennock
Analysis, diagnosis and variant patch by Todd Lyons.
2012-03-21Merge branch 'dbmjz'Phil Pennock
2012-03-21heimdal_gssapi: accept SASL with empty authzidPhil Pennock
Saw this happening with Apple Mail; accept it, dup the GSS Display Name
2012-03-02Add dbmjz lookup typePhil Pennock
2012-02-19Log auth data in rejectlog.Phil Pennock
http://bugs.exim.org/attachment.cgi?id=547&action=edit fixes bug: 1214 Patch by Jeremy Harris
2012-02-18expand cyrus_sasl server_realm optionPhil Pennock
2012-02-18Merge branch 'sasl_fixes'Phil Pennock
2012-02-18Use gsasl_property_fast() in property callback.Phil Pennock
Avoids the loops which we only cancel out anyway.
2012-02-18Support pkg-config for SSL libraries.Phil Pennock
Also: update EDITME to refer to pkg-config & AUTH_HEIMDAL_GSSAPI.
2012-02-18Swap gsasl GSSAPI $auth1/$auth2Phil Pennock
2012-02-18Drop server_realm from heimdal_gssapiPhil Pennock
2012-02-18Minor cleanups.Phil Pennock
multi-blank-line protection never set the bool needed OID-method for keytab setting cleanup (drop <roken.h> and fix comments)
2012-02-17Use gsskrb5_register_acceptor_identityPhil Pennock
Drop the OID and pseudo-standard GSSAPI extension mechanism. Found Heimdal-specific API call I needed, works great. gsskrb5_register_acceptor_identity(filename) Separately: add various debug statements.
2012-02-15First pass heimdal_gssapi authenticator.Phil Pennock
Not yet working, failing to set keytab. Also: support (AUTH|LOOKUP)_*_PC=foo to use `pkg-config foo` for cflags/libs.
2012-02-05More bug-fixes, GSASL DIGEST-MD5 now works.Phil Pennock
Defined helper streqic() since I seem tired enough to be forgetting ==0 checks. Deal with left-over-data-to-send correctly. Now tested with PLAIN, CRAM-MD5, DIGEST-MD5. For DIGEST-MD5, check for server_realm, since GSASL doesn't error out without it.
2012-02-05remove stray globals blockPhil Pennock
2012-02-05Implemented gsasl driver for authentication.Phil Pennock
Missing: documentation; tests. Tested: PLAIN auth. Status: probably buggy
2012-02-04Various SASL fixes.Phil Pennock
Export $tls_bits new expansion variable (not yet documented). Fix tls-gnu.c so that ciphername string construction uses bit-count, not byte-count. Avoid hard-coding primary_hostname in first call to init Cyrus SASL. Cast fix for function pointer (Cyrus-SASL uses void params in struct entry funcptr, so need to cast). Many more debug statements in cyrus_sasl.c Pass external SSF from TLS cipher into Cyrus SASL initialisation. Detect when we can't get an identity from SASL properties (error out correctly). Detect when SASL negotiated a protection layer and error out, since we do not support those.
2011-11-30eximstats DATA reject detection regexps improved. Fixes: #1093Nigel Metheringham
2011-11-22Handle short writes on logfiles.Phil Pennock
fixes bug 1053
2011-11-13log_write EINTR handling on write()Phil Pennock
2011-11-10Parallel build fixes for lookupsPhil Pennock
Make lookups depend upon PHDRS not HDRS. Make parent dir depend upon child build target for lookups
2011-10-11PCRE_PRERELEASE is a bare sequence, not a string.Phil Pennock
2011-10-08Make README.UPDATING more explicit, with more examples, about the impact of ↵Phil Pennock
the match_<type> changes