summaryrefslogtreecommitdiff
path: root/test
AgeCommit message (Collapse)Author
2021-08-08Testsuite: add missing mask / ipv6 expansionJeremy Harris
2021-07-23DKIM: fix build with older GnuTLSJeremy Harris
2021-07-22TLS: fix tls_verify_certificates handling of "system"Jeremy Harris
A previous try at managing it for new-enough versions of GnuTLS actually broke it for everything: 744170d4d3
2021-07-22Testsuite: output chnges resultingJeremy Harris
Broken-by: 9138b6973b
2021-07-18ALPN: not supported under LibreSSLJeremy Harris
2021-07-18ALPN: feature macroJeremy Harris
2021-07-18TLS: ALPN optionsJeremy Harris
2021-07-11GnuTLS: Fix certextract expansionJeremy Harris
2021-06-28Testsuite: munge for LibreSSL TLSv1.3Jeremy Harris
2021-06-28acceptable log output changeJeremy Harris
2021-06-24Testsuite: Fix 608Heiko Schlittermann (HS12-RIPE)
2021-06-24Revert "testsuite: adjust 622 for taintwarn"Heiko Schlittermann (HS12-RIPE)
This reverts commit 7ab3a6cd7fe7b033b5e267617f3be8a99b33db31.
2021-06-24testsuite: adjust 622 for taintwarnHeiko Schlittermann (HS12-RIPE)
(cherry picked from commit 460aac0eb9a289af1ab0f32a242a27dab851fa18)
2021-06-24testsuite: add 0990 for allow_insecure_tainted_dataHeiko Schlittermann (HS12-RIPE)
(cherry picked from commit 56213337357265eb42c40dd04a22f6ac433b9e81)
2021-06-24deliverHeiko Schlittermann (HS12-RIPE)
(cherry picked from commit 2bafe3fc82cf62f0c21f939f5891b8d067f3abc7)
2021-06-21Testsuite: fix testcases for non-TLS buildJeremy Harris
2021-06-21Testsuite: fix munging for no-TLS buildJeremy Harris
Broken-by: da40b1ec6b
2021-06-19Testsuite: split out OpenSSL TLS1.3 resume testsJeremy Harris
Older library versions do not support 1.3 so a separate numbered testcase is needed
2021-06-19Testsuite: allow time for daemon to listen before terminatingJeremy Harris
2021-06-17Testsuite: output changes for OpenSSL library variantsJeremy Harris
Broken-by: 2f8e0a5f6b
2021-06-15hosts_require_heloJeremy Harris
2021-06-13Testsuite: EC certJeremy Harris
2021-06-06Observability: listen queue backlogJeremy Harris
2021-06-06Testsuite: testcase for multiple listener sockets readyJeremy Harris
2021-06-05Testsuite: fix OCSP/OpenSSL/1.3 testcaseJeremy Harris
2021-06-04debug: fix openssl outputJeremy Harris
2021-06-04Testsuite: regen certificates suite with fixed Authority IdentifierJeremy Harris
2021-06-03Testsuite: use higher-spec certs, for more-recent GnuTLS versions which ↵Jeremy Harris
deprecate weaker ones Needed for GnuTLS 3.6.15 (on Fedora 33)
2021-05-28Update testcase output to match newly applied default config limitJeremy Harris
Broken-by: f07847e436
2021-05-28Fix testsuite output for DB casesJeremy Harris
Broken-by: 186e99bafc
2021-05-27testsuite: reproduce BDAT with missing eol (Bug 1974)Heiko Schlittermann (HS12-RIPE)
(cherry picked from commit e9cecc465a570c1a4f34b199eae6bdd0a52ee2b0)
2021-05-27Honour the outcome of parse_extract_address(), testsuite 471Heiko Schlittermann (HS12-RIPE)
(cherry picked from commit 39d83bf19fc0c4364e0a665360b14194c62e4ab4)
2021-05-27CVE-2020-28007: Link attack in Exim's log directoryQualys Security Advisory
We patch this vulnerability by opening (instead of just creating) the log file in an unprivileged (exim) child process, and by passing this file descriptor back to the privileged (root) parent process. The two functions log_send_fd() and log_recv_fd() are inspired by OpenSSH's functions mm_send_fd() and mm_receive_fd(); thanks! This patch also fixes: - a NULL-pointer dereference in usr1_handler() (this signal handler is installed before process_log_path is initialized); - a file-descriptor leak in dmarc_write_history_file() (two return paths did not close history_file_fd). Note: the use of log_open_as_exim() in dmarc_write_history_file() should be fine because the documentation explicitly states "Make sure the directory of this file is writable by the user exim runs as." (cherry picked from commit 2502cc41d1d92c1413eca6a4ba035c21162662bd) (cherry picked from commit 93e9a18fbf09deb59bd133986f4c89aeb2d2d86a)
2021-05-27CVE-2020-28014, CVE-2021-27216: PID file handlingHeiko Schlittermann (HS12-RIPE)
Arbitrary PID file creation, clobbering, and deletion. Patch provided by Qualys. (cherry picked from commit 974f32939a922512b27d9f0a8a1cb5dec60e7d37) (cherry picked from commit 43c6f0b83200b7082353c50187ef75de3704580a)
2021-05-27Add priv.c: reworked version of priv dropping codeHeiko Schlittermann (HS12-RIPE)
(cherry picked from commit 82b545236e6dc82b7af34528c532811bfc74ea19) (cherry picked from commit be31ef213f118abe5fc68732f5492b6b16d28b87)
2021-05-27Handle SIGINT as we do with SIGTERMHeiko Schlittermann (HS12-RIPE)
(cherry picked from commit cdc5c672e1c309294626cd5ed90acdccb05baaa1) (cherry picked from commit f9c8211fb0ad0dd362f471978a5e0abc5dfa71b4)
2021-05-27testsuite: tidy logs/4520 and confs/4520Heiko Schlittermann (HS12-RIPE)
This fixed 4520 failure en-passant, but I'm sure it's a timing issue here (the order of the mainlog output lines didn't exactly match the logs/4520) (cherry picked from commit 95306ca61531d9d79c5dac808a5a571158acd29c) (cherry picked from commit 0439d2e0566d64c84feaf1434e0e4a3fd8ce29b3)
2021-05-25Use separate line in Received: header for timestampJeremy Harris
2021-05-12Named Queues: fix immediate-delivery. Bug 2743Jeremy Harris
2021-05-11TLS DANE to multiple recipients w/ different DNSSec statusHeiko Schlittermann (HS12-RIPE)
2021-05-11Fix DANE + SNI handling (Bug 2265)Heiko Schlittermann (HS12-RIPE)
Broken in d8e99d6047e709b35eabb1395c2046100d1a1dda Thanks to JGH and Wolfgang Breyha for contributions. (cherry picked from commit e8ac8be0a3d56ba0a189fb970c339ac6e84769be)
2021-05-08DNS: Better handling of SOA when negative-caching lookupsJeremy Harris
2021-05-05wipJeremy Harris
2021-05-04Fix ${ipv6norm:}Jeremy Harris
2021-04-25Testsuite: tidyingJeremy Harris
2021-04-18Experimental: ESMTP LIMITS extensionJeremy Harris
2021-04-18Testsuite: output changes arisingJeremy Harris
Somewhere recently (possibly 3f06b9b4c7) we stopped overwriting errno; the "Permission denied" seen now in 4520 for the ${bogus} expansion is as expected.
2021-04-16Log queue_time and queue_time_overall exclusive of receive time. Bug 2672Jeremy Harris
2021-04-14 taint: allow appendfile create_file option to specify a de-tainting safe ↵Jeremy Harris
path
2021-04-10Logging: better tracking of continued-connection useJeremy Harris