Age | Commit message (Collapse) | Author | |
---|---|---|---|
2019-02-11 | JSON lookup | Jeremy Harris | |
(cherry picked from commits 854bd65fa7, 11b31159ac, 19cb5e2f14, 9669c6e06f, 6db8b72c86) | |||
2018-12-20 | spelling fixes | klemens | |
2018-11-27 | Testsuite: regenerate CA trees with 2048-bit keys | Jeremy Harris | |
This is to support RHEL 8.0 where OpenSSL dislikes 1024 | |||
2018-10-26 | testsuite: diet for aux-fixed/3000.pl | Heiko Schlittermann (HS12-RIPE) | |
2018-09-28 | Events: Fire msg:fail:internal for a non-system filter "fail" command. Bug ↵ | Matthias Kurz | |
2322 | |||
2018-09-28 | Events: Fire msg:fail:delivery event even when error is being ignored. Bug ↵ | Matthias Kurz | |
2314 | |||
2018-09-16 | Fix filter noerror command. Bug 2318 | Matthias Kurz | |
2018-09-09 | DANE - testcase for fail under GnuTLS with TA-mode to a selfsigned server cert | Jeremy Harris | |
2018-03-23 | ARC: add independent-source testcase. Fix signatures by not line-terminating | Jeremy Harris | |
last header line being hashed. | |||
2018-03-18 | DMARC: tescase | Jeremy Harris | |
Extremely basic; we have no control of the DNS use of the dmarc library | |||
2018-03-03 | ARC initial implementation. Experimental. Bug 2162 | Jeremy Harris | |
2018-02-06 | DKIM: Ed25519 signatures (GnuTLS 3.6.0 and later) | Jeremy Harris | |
2018-01-01 | Feature macros, show-supported and build-time selection for malware interfaces | Jeremy Harris | |
2017-12-18 | Testsuite: move CRL testcases away from using SHA1-signed certs | Jeremy Harris | |
2017-12-16 | Testsuite: regenerate certs tree | Jeremy Harris | |
2017-12-16 | Testsuite: restore generation of OCSP status for EC certs | Jeremy Harris | |
Broken-by: 854586e149 | |||
2017-12-16 | Testsuite: testcase for Bug 2198 | Jeremy Harris | |
2017-12-03 | Testsuite: regen certs trees, now with OCSP response for one EC cert | Jeremy Harris | |
2017-11-07 | TLS: support multiple certificate files in server. Bug 2092 | Jeremy Harris | |
2017-10-26 | Testsuite: create test db on-the-fliy for LMDB testcase | Jeremy Harris | |
2017-01-31 | Testsuite: use certs expring before end of 2037, to avoid GnuTLS top-limit ↵ | Jeremy Harris | |
clamp on small-size_t platforms | |||
2017-01-21 | Testsuite: Add DKIM Chunking test | Heiko Schlittermann (HS12-RIPE) | |
2016-12-04 | Testsuite: more pipe transport / perl cases | Jeremy Harris | |
2016-12-03 | Testsuite: platform variance for perl utility location | Jeremy Harris | |
2016-11-02 | Testsuite: regen certs, now with additional LetsEncrypt-style OCSP proofs | Jeremy Harris | |
2016-08-14 | LMDB: introduce as Experimental. Bug 1856 | Andrew Colin Kissa | |
2016-02-10 | Testsuite: Support running exim under valgrind | Jeremy Harris | |
Fails mostly thanks to lack of suid handling, but -be tests usable if you retry after de-suid of eximdir/exim | |||
2016-02-01 | DKIM: replace SHA and RSA routines from gnutls, under earlier library | Jeremy Harris | |
versions, using libgcrypt and libtasn1 directly. Bug 1772 | |||
2015-12-17 | DANE: do not override a cert verify failure, in callback. Also fix some ↵ | Jeremy Harris | |
test mistakes | |||
2015-12-02 | DKIM: fix simple body verify for trailing empty lines after text | Jeremy Harris | |
2015-12-01 | DKIM: $dkim_key_length visibility variable. Bug 1311 | Jeremy Harris | |
2015-11-29 | DKIM: fix relaxed body verify for a newline-only body. Bug 963 | Jeremy Harris | |
2015-11-29 | DKIM: relaxed body canonicalisation should ignore whitespace at EOL | Jeremy Harris | |
and empty lines at EOM. Bug 1721 | |||
2015-01-12 | Support timeout option on malware= | Jeremy Harris | |
2014-12-27 | Testsuite: case for malware= cmdline | Jeremy Harris | |
2014-11-21 | Testsuite: case 0601 logging ordering | Jeremy Harris | |
2014-11-03 | Testsuite: tidying | Jeremy Harris | |
2014-11-01 | Testsuite: tidying | Jeremy Harris | |
2014-10-24 | Testsuite: more portable implementation of "showenv" | Jeremy Harris | |
At least one Solaris installation seems not to have "whoami" | |||
2014-10-16 | Handle certificate dir under GnuTLS, if recent enough | Jeremy Harris | |
Add testcases for certificate directories The GnuTLS implementation has been tested on Fedora 21 (alpha), using GnuTLS 3.3.9. The testsuite case is here but with the script commented-out. When enabled, the log/mail/stdout/stderr files will be created fresh. | |||
2014-08-10 | Add (2 0 1) test | Jeremy Harris | |
2014-07-21 | Documentation/Tests for CVE-2014-2972 fixexim-4_83 | Todd Lyons | |
2014-06-08 | Testcase for udpsend | Jeremy Harris | |
2014-04-24 | Support OCSP Stapling under GnuTLS. Bug 1459 | Jeremy Harris | |
Requires GnuTLS version 3.1.3 or later. Under EXPERIMENTAL_OCSP | |||
2013-12-15 | Increase test CA key sizes from 512 to 1024 to handle TLS1.2 digest sizes. | Jeremy Harris | |
2013-03-25 | OCSP-stapling enhancement and testing. | Jeremy Harris | |
Server: Honor environment variable as well as running_in_test_harness in permitting bogus staplings Update server tests Add "-ocsp" option to client-ssl. Server side: add verification of stapled status. First cut server-mode ocsp testing. Fix some uninitialized ocsp-related data. Client (new): Verify stapling using only the chain that verified the server cert, not any acceptable chain. Add check for multiple responses in a stapling, which is not handled Refuse verification on expired and revoking staplings. Handle OCSP client refusal on lack of stapling from server. More fixing in client OCSP: use the server cert signing chain to verify the OCSP info. Add transport hosts_require_ocsp option. Log stapling responses. Start on tests for client-side. Testing support: Add CRL generation code and documentation update Initial CA & certificate set for testing. BUGFIX: Once a single OCSP response has been extracted the validation routine return code is no longer about the structure, but the actual returned OCSP status. | |||
2012-05-17 | More GnuTLS cleanups/fixes. | Phil Pennock | |
Decided "unknown (reason)" in tls_peerdn was wrong, stripped that, added replacement guard. Moved cipherbuf construction to where it makes more sense, where peerdn is extracted, so that setting the exim vars gets back closer to just some pointer switching. Fix missing failure check after handshake in client. Fix tls.c tls_ungetc() and friends by pointing watermark vars at state content. Regenerated test-suite D-H params so we don't have too small values, which was causing connection rejections. Test-suite output where new test cert info is logged (there will be a couple more, when I fix a lingering problem with tls_peerdn being unset in client log-lines). Give test-suite client command some --help. | |||
2012-05-17 | Handle absent tls_require_ciphers correctly. | Phil Pennock | |
Fix test-suite certs to not use MD5. Document that we do not support MD5 certs any longer. Make test-suite generate probably-correct gnutls-params filename for us. | |||
2007-08-22 | Test suite data file had got accidentally deleted. | Philip Hazel | |
2007-07-04 | Remove unwanted (int) case when reading SIZE. Fix runtest for 64-bit | Philip Hazel | |
systems. Tidy obsolete stuff in test 46. |