| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2012-05-06 | Disable SSLv2 by default. | Phil Pennock | |
| 2012-05-05 | DNS resolver init changes for NetBSD compatibility. | Phil Pennock | |
| 2012-05-05 | Fix eximon build (tls_sni) | Jeremy Harris | |
| 2012-05-04 | Check localhost_number expansion for failure. | Phil Pennock | |
| Avoids NULL dereference. Report and patch from Alun Jones. Also a couple of SIZE_T_FMT sizeof() printf string fixes while I was in there. fixes bug 1122 | |||
| 2012-05-04 | silence various compiler complaints; expose NVALGRIND | Phil Pennock | |
| 2012-05-04 | More tls_sni support: outbound, logging. | Phil Pennock | |
| tls_sni as SMTP transport option. Use correct storage pool for copying tls_sni, so survives for life of process. Add +tls_sni log-selector, for inbound tls_sni. Update exipick to handle -tls_sni in spool files. Also reset tls_bits at start of outbound connection (was missing). | |||
| 2012-05-04 | TLS SNI support for OpenSSL ($tls_sni) | Phil Pennock | |
| 2012-05-03 | Guard loadable module vars with LOOKUP_MODULE_DIR. | Phil Pennock | |
| Fixes compiler complaints about unused variables. | |||
| 2012-05-03 | spurious compiler warning of unused var fix | Phil Pennock | |
| (but added check in case wrong about spuriousness) | |||
| 2012-05-03 | OpenSSL fixes and backwards compat break. | Phil Pennock | |
| Drop SSL_clear() after SSL_new() which causes protocol negotiation failures for TLS1.0 vs TLS1.1/1.2 in OpenSSL 1.0.1b. Remove SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS (+dont_insert_empty_fragments) from default of openssl_options. | |||
| 2012-05-03 | LDAP: Check for errors of TLS initialisation | Phil Pennock | |
| Report and patch from Dmitry Banschikov. | |||
| 2012-05-01 | Code refactoring in acl.c (bug 1184) | Jeremy Harris | |
| Move to a table-driven approach for the parsing of "verify =". | |||
| 2012-05-01 | Change notes for bug 660. | Jeremy Harris | |
| 2012-05-01 | Return multi-values attributes from an LDAP lookup in parsable form (bug 660). | Jeremy Harris | |
| 2012-04-30 | Fix verification when DKIM Signatures are not inserted as tracking headers. ↵ | Tom Kistner | |
| Thanks to Wolfgang Breyha for the patch! (bug 1239) | |||
| 2012-04-29 | Include string_interpret_escape() in COMPILE_UTILITY cases. | Jeremy Harris | |
| Eximon needs it, via util-spool_in.o It needed a private hex_digits[] to avoid bringing in all of globals.c to COMPILE_UTILITY. | |||
| 2012-04-28 | include string_unprinting() in COMPILE_UTILITY cases. | Phil Pennock | |
| jgh debugged eximon build failure; util-spool_in.o needs it | |||
| 2012-04-28 | TLS fixes for OpenSSL. | Phil Pennock | |
| Support TLS 1.1 & 1.2 New "openssl_options" values (all now documented). Set SSL_MODE_AUTO_RETRY so that OpenSSL will retry a read or write after TLS renegotiation, which otherwise led to messages "Got SSL error 2". | |||
| 2012-04-28 | describe spool file changes for -tls_peerdn | Phil Pennock | |
| 2012-04-27 | Handle \n in tls_peerdn for spool files. | Phil Pennock | |
| Fixes bug 1240. | |||
| 2012-04-25 | Add ACL name to debug output of condition result (bug 1238). | Jeremy Harris | |
| 2012-04-23 | Ensure $smtp_command is initialized before it can be expanded (bug 1182). | Jeremy Harris | |
| 2012-04-23 | Add pointer to IPv6 support in prototype Makefile (bug 1232). | Jeremy Harris | |
| 2012-04-22 | Always init_lookup_list before readconf_main. | Phil Pennock | |
| This happens while still root. Be more emphatic in EDITME about the security implications of loadable modules. | |||
| 2012-04-22 | Mark cases where printf format strings are used | Dirk Mueller | |
| Bug report from Lars Müller <lars@samba.org> (via SUSE), Patch from Dirk Mueller <dmueller@suse.com> | |||
| 2012-04-12 | Handle TAB, not just SP, in MAIL args. | Phil Pennock | |
| Analysis, diagnosis and variant patch by Todd Lyons. | |||
| 2012-03-21 | Merge branch 'dbmjz' | Phil Pennock | |
| 2012-03-21 | heimdal_gssapi: accept SASL with empty authzid | Phil Pennock | |
| Saw this happening with Apple Mail; accept it, dup the GSS Display Name | |||
| 2012-03-02 | Add dbmjz lookup type | Phil Pennock | |
| 2012-02-19 | Log auth data in rejectlog. | Phil Pennock | |
| http://bugs.exim.org/attachment.cgi?id=547&action=edit fixes bug: 1214 Patch by Jeremy Harris | |||
| 2012-02-18 | expand cyrus_sasl server_realm option | Phil Pennock | |
| 2012-02-18 | Merge branch 'sasl_fixes' | Phil Pennock | |
| 2012-02-18 | Use gsasl_property_fast() in property callback. | Phil Pennock | |
| Avoids the loops which we only cancel out anyway. | |||
| 2012-02-18 | Support pkg-config for SSL libraries. | Phil Pennock | |
| Also: update EDITME to refer to pkg-config & AUTH_HEIMDAL_GSSAPI. | |||
| 2012-02-18 | Swap gsasl GSSAPI $auth1/$auth2 | Phil Pennock | |
| 2012-02-18 | Drop server_realm from heimdal_gssapi | Phil Pennock | |
| 2012-02-18 | Minor cleanups. | Phil Pennock | |
| multi-blank-line protection never set the bool needed OID-method for keytab setting cleanup (drop <roken.h> and fix comments) | |||
| 2012-02-17 | Use gsskrb5_register_acceptor_identity | Phil Pennock | |
| Drop the OID and pseudo-standard GSSAPI extension mechanism. Found Heimdal-specific API call I needed, works great. gsskrb5_register_acceptor_identity(filename) Separately: add various debug statements. | |||
| 2012-02-15 | First pass heimdal_gssapi authenticator. | Phil Pennock | |
| Not yet working, failing to set keytab. Also: support (AUTH|LOOKUP)_*_PC=foo to use `pkg-config foo` for cflags/libs. | |||
| 2012-02-05 | More bug-fixes, GSASL DIGEST-MD5 now works. | Phil Pennock | |
| Defined helper streqic() since I seem tired enough to be forgetting ==0 checks. Deal with left-over-data-to-send correctly. Now tested with PLAIN, CRAM-MD5, DIGEST-MD5. For DIGEST-MD5, check for server_realm, since GSASL doesn't error out without it. | |||
| 2012-02-05 | remove stray globals block | Phil Pennock | |
| 2012-02-05 | Implemented gsasl driver for authentication. | Phil Pennock | |
| Missing: documentation; tests. Tested: PLAIN auth. Status: probably buggy | |||
| 2012-02-04 | Various SASL fixes. | Phil Pennock | |
| Export $tls_bits new expansion variable (not yet documented). Fix tls-gnu.c so that ciphername string construction uses bit-count, not byte-count. Avoid hard-coding primary_hostname in first call to init Cyrus SASL. Cast fix for function pointer (Cyrus-SASL uses void params in struct entry funcptr, so need to cast). Many more debug statements in cyrus_sasl.c Pass external SSF from TLS cipher into Cyrus SASL initialisation. Detect when we can't get an identity from SASL properties (error out correctly). Detect when SASL negotiated a protection layer and error out, since we do not support those. | |||
| 2011-11-30 | eximstats DATA reject detection regexps improved. Fixes: #1093 | Nigel Metheringham | |
| 2011-11-22 | Handle short writes on logfiles. | Phil Pennock | |
| fixes bug 1053 | |||
| 2011-11-13 | log_write EINTR handling on write() | Phil Pennock | |
| 2011-11-10 | Parallel build fixes for lookups | Phil Pennock | |
| Make lookups depend upon PHDRS not HDRS. Make parent dir depend upon child build target for lookups | |||
| 2011-10-11 | PCRE_PRERELEASE is a bare sequence, not a string. | Phil Pennock | |
| 2011-10-08 | Make README.UPDATING more explicit, with more examples, about the impact of ↵ | Phil Pennock | |
| the match_<type> changes | |||
| 2011-10-07 | exiqgrep: handle queue line size output too small for K | Phil Pennock | |
 |
index : user/henk/code/exim.git | |
| [no description] | git repository hosting |
| summaryrefslogtreecommitdiff |