summaryrefslogtreecommitdiff
path: root/src
AgeCommit message (Collapse)Author
2010-06-12iaddressing bug 966 and my own concerns, stop sending non-panic error to ↵John Jetmore
panic log in dkim.c
2010-06-07Run when EXIM_USER=notroot specified.Phil Pennock
2010-06-07For the new SIZE_T_FMT, if not C99 then our size_t conversion specifierPhil Pennock
should use PRIdMAX; this was disabled because I was testing the other logic and forgot to restore before commit. Bleh, sorry. Add #if to protect against unused variable complaints for this too.
2010-06-07Both bool{} and bool_lax{} should ignore trailing whitespace.Phil Pennock
2010-06-07Added bool_lax{} expansion operator, which uses Router condition logic toPhil Pennock
determine whether or not a string is true. Switch the multiple-condition logic to use bool_lax{}. Add note where we combine multiple conditions regarding the memory leak.
2010-06-07Allow Routers to have multiple conditions, IF each one yields a strict bool.Phil Pennock
Fixes: #816
2010-06-07Clean up compiler warnings from { gcc -Wall }, many of which I introduced withPhil Pennock
the ClamAV and openssl_options patches in this release. Logic in buildconfig.c for adjusting some print format strings assumed that long ints were four bytes; adjust to test this against reality, to remove spurious warnings on my dev box (FreeBSD/amd64). Note: this commit adds a buildconfig.h dependency upon inttypes.h, which was in SUSv2, so should be safe.
2010-06-06Build without WITH_CONTENT_SCAN.Phil Pennock
Broken by -bmalware option added while reworking ClamAV to new API. Path from Andreas Metzler (adjusted slightly).
2010-06-06No longer permit the exim user to be root. Fixes: #752Phil Pennock
2010-06-06Implement --version. Fixes: #973Phil Pennock
2010-06-06Implement "control = debug" ACL control. Fixes: #937Phil Pennock
2010-06-05New expansion operator: reverse_ipPhil Pennock
2010-06-05ClamAV INSTREAM scanning by default, unless built with WITH_OLD_CLAMAV_STREAM.Phil Pennock
New command-line option, -bmalware (restricted to admin_user). Fixes: #926
2010-06-05Deal with anonymous SSL giving us no peer certificate.Phil Pennock
2010-06-05Handle SASL Initial Response.Phil Pennock
See discussion at: http://lists.exim.org/lurker/message/20090125.014515.3746c882.en.html and the code is "correct by inspection", for whatever that's worth.
2010-06-05Add permit_coredump pipe transport option. Fixes: #834Phil Pennock
2010-06-05Doh, fix the error message to say SSL_read not SSL_write.Phil Pennock
2010-06-05Log a diagnostic when an SSL write fails, to help admins debug SSL interop ↵Phil Pennock
issues. Fixes: #995
2010-06-05Add an openssl_options main configuration option, to allow administrators toPhil Pennock
shoot themselves in each foot in turn. The default value is chosen to avoid a change in behaviour, but since it is disabling a security countermeasure, I'd like to change the default to be "no options". Fixes: #994
2010-06-03Added DISABLE_DKIM option to EDITME, leaving some breadcrumbs about it being ↵John Jetmore
turned on by default
2010-06-03Include check_rfc2047_length in configure.default to raise the visibilityPhil Pennock
because we're seeing more Russian administrators get bitten by this. Idealism says this option is set correctly by default. Pragmatism says not. There's a good argument for the idealism but if we see the problems escalate then the idealism will have lost and we should, IMO, switch.
2010-06-03The Date: and Message-Id: headers should normally be *appended* to a message,Phil Pennock
and only *prepended* when are Resent-* headers. Regression was introduced with the prepend logic in Exim 4.70, for bug #607.
2010-05-29DKIM DNS TXT record bug fix. Fixes: #967Nigel Metheringham
2010-05-29Null initialise DKIM variable. Fixes: #986Nigel Metheringham
2010-05-29Null terminate pdkim string. Fixes: #985Nigel Metheringham
2010-05-29Stripped excess debug newline yet again...Nigel Metheringham
2010-05-29Protect against symlink attacks on MBX lockfile in /tmp as best we can:Phil Pennock
* if system supports O_NOFOLLOW, use it, protection complete * else detect the attack "too late" and abort, where at worst an empty file has been created as the attacked user Our hands are tied by not changing the locking algorithm. fixes: bug #989
2010-05-26Prevent hardlink attack on mbox sticky mail directory. fixes: bug #988Nigel Metheringham
2010-03-23JJ/03 installed exipick 20100323.0, fixing doc bug (debian 574778)John Jetmore
2010-03-05Fix for unknown responses from Dovecot authenticator. Fixes: #954Nigel Metheringham
2010-03-05Spacing change on Makefile directives (syntax fix). Fixes: #961Nigel Metheringham
2010-03-05Support mysql stored procedures. Fixes: #965Nigel Metheringham
2010-02-23Adding exipick 20100222.0, --input-dir and --finputJohn Jetmore
2010-02-19Bug fix for yesterday's change, which worked in a production systemMichael Haardt
for quite some time and broke right after comitting it to CVS.
2010-02-18Treat the transport option dkim_domain as a colon separated list, notMichael Haardt
as a single string, and sign the message with each element, omitting multiple occurences of the same signer. The transport option dkim_domain should be renamed to dkim_add_signers. The values of dkim_selector and dkim_private_key are expanded for each signer available in $dkim_domain. It is unclear if signatures for domains that already signed the mail should be omitted and if we need a new variable for signatures to omit or if it could be hardcoded, but this question is independent of this patch.
2010-01-04Reset environment for 4.72 developmentNigel Metheringham
2010-01-04Updating exipick from 20061117.2 to 20100104.1, adding ↵John Jetmore
$max_received_linelength, $data_path, and $header_path variables; fixing documentation bugs and typos
2009-12-15Improve log output when DKIM signing operation fails.Tom Kistner
2009-12-07PDKIM: Upgrade PolarSSL files to upstream version 0.12.1. Thanks to Andreas ↵Tom Kistner
Metzler for doing the work!
2009-11-23Recommitted change to remove excess newline from debug outputNigel Metheringham
2009-11-23DKIM: fix wrong "pass" result on bodyhash mismatchTom Kistner
2009-11-20Flag broken perl installation during build. Fixes: #915Nigel Metheringham
2009-11-20Enable DNSDB lookup by default. Fixes: #847Nigel Metheringham
2009-11-19Fixes for FreeBSD outside of ports. Fixes: #914Nigel Metheringham
2009-11-19Removed excessive newline in debug modeNigel Metheringham
2009-11-16Update all copyright messages to cover 1995 - 2009. Remove tab from ↵Nigel Metheringham
exim_checkaccess.src
2009-11-16Update all copyright messages to cover 1995 - 2009. Remove tab from ↵Nigel Metheringham
exim_checkaccess.src
2009-11-16Documentation for randint. Better randomness defaults. Fixes: #722Nigel Metheringham
2009-11-16Fix unsigned message rejection when dkim_verify_signers is empty, and ↵Tom Kistner
acl_smtp_dkim is defined
2009-11-14Changes to work towards a 4.71 releaseNigel Metheringham