Age | Commit message (Collapse) | Author | |
---|---|---|---|
2014-07-13 | Fix TLS SNI, and add regression test cases | Jeremy Harris | |
2014-06-08 | Testcase for udpsend | Jeremy Harris | |
2014-06-06 | Fix testcase for 984702 - the buffer boundary was deliberately | Jeremy Harris | |
being explored by the test | |||
2014-05-20 | Support optional server certificate name checking. Bug 1479 | Jeremy Harris | |
Enable EXPERIMENTAL_CERTNAMES to include. | |||
2014-05-13 | Extractors for certificate time fields support integer output modifier | Jeremy Harris | |
2014-05-13 | Extractor for named RDN element types from a certificate DN field. | Jeremy Harris | |
2014-05-11 | New expansion operator sha256 for certificates. Bug 1170 | Jeremy Harris | |
2014-05-09 | Make $tls_out_ocsp visible to TPDA (mostly testsuite) | Jeremy Harris | |
2014-05-08 | Enable operator md5 and sha1 use on certificate variables. Bug 1170 | Jeremy Harris | |
2014-05-06 | OCSP observability: variables $tls_{in,out}_ocsp | Jeremy Harris | |
and smtp transport option hosts_request_ocsp | |||
2014-05-05 | Extractors for subject-alternate-name, ocsp-uri, crl-uri return list. Bug 1358 | Jeremy Harris | |
2014-05-03 | Restore testsuite operation on earlier GnuTLS libraries | Jeremy Harris | |
2014-05-02 | Certificate variables and field-extractor expansions. Bug 1358 | Jeremy Harris | |
2014-04-24 | Support OCSP Stapling under GnuTLS. Bug 1459 | Jeremy Harris | |
Requires GnuTLS version 3.1.3 or later. Under EXPERIMENTAL_OCSP | |||
2014-04-21 | Fix testcase "server missing/empty certificate file" | Jeremy Harris | |
GnuTLS early versions (pre 3.0.0 ?) fail to send a reasonable client-cert request when tls_verify_certificates is an empty file. Since the test is for missing *server* certs (tls_certificate) avoid this by pointing to a real (if non-verifying) cert in tls_verify_certificates. | |||
2014-04-20 | Make testcase more robust vs. timing variations | Jeremy Harris | |
by restricting operations and logging to fewer items of interest | |||
2014-04-20 | Fix handling of $tls_cipher et.al. in (non-verify) transport. Bug 1455 | Jeremy Harris | |
The split of these variables into _in and _out sets introduced by d9b231 in 4.82 was incomplete, leaving the deprecated legacy variables nonfunctional during a transport and associated client authenticator. Fix by repointing the legacy set to the outbound connection set at transport startup (and do not clear out the inbound set at this time, either). | |||
2014-04-09 | More care with headers add/remove lists. Bug 1452 | Jeremy Harris | |
As a side-effect, playing games with newlines no longer gives an altered message body/ Testcase 0324 is questionable (though passing) | |||
2014-03-19 | Fix testcase for GnuTLS tls_require_ciphers | Jeremy Harris | |
2014-03-19 | Add tls_verify_hosts and tls_try_verify_hosts to smtp transport, GnuTLS. | Wolfgang Breyha | |
2014-03-16 | Support transport-added headers under cutthrough delivery. Bug 1431 | Jeremy Harris | |
2014-03-15 | Add tls_verify_hosts and tls_try_verify_hosts to smtp transport. Bug 1371 | Wolfgang Breyha | |
Code by Wolfgang Breyha, docs and testsuite by Jeremy Harris | |||
2014-03-15 | Testcases | Jeremy Harris | |
2014-03-08 | ${utf8clean:string} expansion operator. Bug 1401 | Axel Rau | |
2014-03-06 | Code for verify=header_names_ascii | Michael Fischer v. Mollard | |
Documentation and test included. Fixed Conflicts: doc/doc-txt/ChangeLog | |||
2013-10-19 | Bugzilla 1402 - Handle upper case chars in tests | Todd Lyons | |
Test 533 fails if there are any upper case chars in the path to the test suite. Added caseful_local_part=true to the router which calls the pipe. | |||
2013-09-30 | Bug 1031: Experimental TPDA | Jeremy Harris | |
Remove whitespace | |||
2013-07-21 | Remove ACL-config skip so that ${acl } expansions work from queue-runs. | Jeremy Harris | |
Previously we skipped parsing the ACL section when not needed. Now it is potentially needed in all cases. The skip was ~5% faster than a full parse so probably not a large part of the exim process startup. Fix up testsuite output files affected by the removal and add a regression test. | |||
2013-05-20 | Support AUTH for verify-callout and cutthrough-delivery. | Jeremy Harris | |
Refactored smtp transport to pull out AUTH-related routines so they could be also called from the verify code. Bugs 321, 823. | |||
2013-03-25 | OCSP-stapling enhancement and testing. | Jeremy Harris | |
Server: Honor environment variable as well as running_in_test_harness in permitting bogus staplings Update server tests Add "-ocsp" option to client-ssl. Server side: add verification of stapled status. First cut server-mode ocsp testing. Fix some uninitialized ocsp-related data. Client (new): Verify stapling using only the chain that verified the server cert, not any acceptable chain. Add check for multiple responses in a stapling, which is not handled Refuse verification on expired and revoking staplings. Handle OCSP client refusal on lack of stapling from server. More fixing in client OCSP: use the server cert signing chain to verify the OCSP info. Add transport hosts_require_ocsp option. Log stapling responses. Start on tests for client-side. Testing support: Add CRL generation code and documentation update Initial CA & certificate set for testing. BUGFIX: Once a single OCSP response has been extracted the validation routine return code is no longer about the structure, but the actual returned OCSP status. | |||
2013-01-26 | PRDR support, if compiled with EXPERIMENTAL_PRDR | Jeremy Harris | |
2013-01-06 | Restrict lifetime of $router_name and $transport_name. Bug 308. | Jeremy Harris | |
The router name is explicitly nulled after the router exits; the transport name is set only in the subprocess it runs in. | |||
2012-12-25 | Add $router_name and $transport_name variables. Bug 308. | Jeremy Harris | |
2012-11-08 | Ensure that recipient is well-defined for expansion-called acl at RCPT-time. | Jeremy Harris | |
2012-11-07 | Fix server_set_id for SPA/NTLM auth. | Phil Pennock | |
Broken in 4.80 release, commit 08488c86. We need to leave $auth1 available after the authenticator returns, so that server_set_id can be evaluated by the caller. We need to do this whether we succeed or fail, because server_set_id only makes it into $authenticated_id if we return OK, but is logged regardless. Updated test config to set server_set_id; updated logs. | |||
2012-11-06 | Add optional authenticated_sender info to A= elements of log lines; bug 1314. | Jeremy Harris | |
New log_selector, smtp_mailauth, to enable. | |||
2012-11-04 | Add A= to delivery log lines, and a client_set_id option to authenticators. | Jeremy Harris | |
2012-10-25 | Save/restore $acl_arg1 ... across acl calls, making them local variables. | Jeremy Harris | |
2012-10-06 | Logging-only patch for 8BITMIME; bug 817. | Jeremy Harris | |
2012-10-04 | Add expansion variable $headers_added returning newline-sep list of headers | Jeremy Harris | |
added in ACLs. Bug 199. | |||
2012-10-04 | Strip leading/trailing newlines on list of headers for addition; bug 884. | Jeremy Harris | |
NB: this means a bare "X-ACL-Warn:" header is harder to add. | |||
2012-07-27 | Bug #198: Add remove_header ACL modifier. | Todd Lyons | |
Used patch from Magnus Holmgren dated 2007-02-20. Added documentation. Added tests to detect proper operation. | |||
2012-07-08 | Multiple headers_add/remove options per router/transport - fixes bug 337 | Jeremy Harris | |
2012-06-27 | Acl expansions: tests and documentation | Jeremy Harris | |
2012-06-12 | Use custom variables for ACL args, up to nine. Add an arg-count variable. | Jeremy Harris | |
2012-06-12 | Add ${acl {name}{arg}} expansion item. | Jeremy Harris | |
2012-06-10 | Add ${list:name} and ${nlist:string} expansion operators. | Jeremy Harris | |
2012-06-04 | Add hosts_verify_avoid_tls option to smtp transport. | Jeremy Harris | |
2012-06-04 | Split out OpenSSL and GnuTLS versions of tests. | Jeremy Harris | |
2012-06-04 | Change use of $tls_cipher in client context to $tls_out_cipher. | Jeremy Harris | |