exim.git
4 years agostop-gap: doc glibc 2.31 RES_TRUSTAD/trust-ad
Phil Pennock [Tue, 21 Apr 2020 22:59:15 +0000 (18:59 -0400)]
stop-gap: doc glibc 2.31 RES_TRUSTAD/trust-ad

In glibc from release 2.31 onwards (change added in their commit
446997ff14) setting `dns_dnssec_ok` will not be sufficient.  glibc has
added a new `options trust-ad` toggle for `/etc/resolv.conf` and a C
macro `RES_TRUSTAD`.

This will break existing deployments and binaries.

Our current mechanism for enabling DNSSEC is with an option named to
closely match the DNS feature required, so it is probably inappropriate
to tinker with a second option there.  Instead we probably need a new
meta-option for the concept of DNSSEC, add the second new flag there,
and move `dns_dnssec_ok` to a legacy deprecated option.

That will only work if the machine Exim is built on has the new C macro,
but will need to be conditional upon that macro being defined, so
binaries built aren't going to be forward-compatible to other systems
with newer glibc.  There is no good solution to solve this.

In the meantime, document the issue and point administrators at how to
work around the issue with a setting in `/etc/resolv.conf`

Thanks to Viktor Dukhovni for highlighting the existence of this
problem.

4 years agoDocs: fix mention of deprecated variables. Bug 2534
Heiko Schlichting [Mon, 20 Apr 2020 21:21:35 +0000 (22:21 +0100)]
Docs: fix mention of deprecated variables.  Bug 2534

4 years agoFix spool space check to account for SIZE. Bug 2552
Erik Lax [Mon, 20 Apr 2020 20:34:33 +0000 (21:34 +0100)]
Fix spool space check to account for SIZE.  Bug 2552

4 years agoOpenSSL: fix bulid on older library versions
Jeremy Harris [Mon, 20 Apr 2020 10:30:28 +0000 (11:30 +0100)]
OpenSSL: fix bulid on older library versions

Broken-by: a89b6bd32a
4 years agoEvents: Fix msg:defer event for the hosts_max_try_hardlimit case. Bug 2554
Jeremy Harris [Sun, 19 Apr 2020 20:18:21 +0000 (21:18 +0100)]
Events: Fix msg:defer event for the hosts_max_try_hardlimit case.  Bug 2554

4 years agoOpenSSL: More info on accept "version too low"
Jeremy Harris [Sun, 19 Apr 2020 10:32:57 +0000 (11:32 +0100)]
OpenSSL: More info on accept "version too low"

4 years agoEarly-pipe: invalidate cache on a failure of required-auth
Jeremy Harris [Tue, 14 Apr 2020 20:51:51 +0000 (21:51 +0100)]
Early-pipe: invalidate cache on a failure of required-auth

4 years agoTestsuite: munge for platform variances
Jeremy Harris [Mon, 13 Apr 2020 12:17:51 +0000 (13:17 +0100)]
Testsuite: munge for platform variances

4 years agoBetter fix for crash
Jeremy Harris [Sun, 12 Apr 2020 21:24:21 +0000 (22:24 +0100)]
Better fix for crash

Broken-by: 0b4dfe7aa1
4 years agoOpenSSL: More info on accept "unsupported protocol"
Jeremy Harris [Sun, 12 Apr 2020 15:48:10 +0000 (16:48 +0100)]
OpenSSL: More info on accept "unsupported protocol"

4 years agoTaint: fix parsing of ACL ratelimit condition
Jeremy Harris [Sun, 12 Apr 2020 16:47:27 +0000 (17:47 +0100)]
Taint: fix parsing of ACL ratelimit condition

4 years agoDKIM: Predefined macro for standard headers, oversigned
Jeremy Harris [Sat, 11 Apr 2020 18:12:57 +0000 (19:12 +0100)]
DKIM: Predefined macro for standard headers, oversigned

4 years agotidying
Jeremy Harris [Thu, 9 Apr 2020 13:45:31 +0000 (14:45 +0100)]
tidying

4 years agoC99 initialisers
Jeremy Harris [Thu, 9 Apr 2020 13:39:03 +0000 (14:39 +0100)]
C99 initialisers

4 years agotidying
Jeremy Harris [Tue, 7 Apr 2020 18:41:31 +0000 (19:41 +0100)]
tidying

4 years agoFix crash
Jeremy Harris [Mon, 6 Apr 2020 19:15:47 +0000 (20:15 +0100)]
Fix crash

Broken-by: 0b4dfe7aa1
4 years agoExpansion item ${listquote }. Bug 1066
Jeremy Harris [Mon, 6 Apr 2020 15:20:35 +0000 (16:20 +0100)]
Expansion item ${listquote }.  Bug 1066

4 years agoMySQL, pgsql: per-query server options outside the lookup string. Bug 2546
Jeremy Harris [Sun, 5 Apr 2020 23:28:06 +0000 (00:28 +0100)]
MySQL, pgsql: per-query server options outside the lookup string.  Bug 2546

4 years agoTaint: check on supplied buffer vs. list when extracting elements
Jeremy Harris [Sun, 5 Apr 2020 22:21:40 +0000 (23:21 +0100)]
Taint: check on supplied buffer vs. list when extracting elements

4 years agoAvoid the long whats_supported line being mixed with output from other processes
Jeremy Harris [Sat, 4 Apr 2020 20:27:30 +0000 (21:27 +0100)]
Avoid the long whats_supported line being mixed with output from other processes

4 years agotidying: skip_whitespace
Jeremy Harris [Sat, 4 Apr 2020 13:25:07 +0000 (14:25 +0100)]
tidying: skip_whitespace

4 years agoLog fast-ramp queue-run trigger
Jeremy Harris [Fri, 3 Apr 2020 20:48:21 +0000 (21:48 +0100)]
Log fast-ramp queue-run trigger

4 years agodsearch: filter-matches option
Jeremy Harris [Fri, 3 Apr 2020 13:38:31 +0000 (14:38 +0100)]
dsearch: filter-matches option

4 years agodsearch: full-path return option
Jeremy Harris [Fri, 3 Apr 2020 13:36:17 +0000 (14:36 +0100)]
dsearch: full-path return option

4 years agoLookups: per-searchtype options framework
Jeremy Harris [Fri, 3 Apr 2020 13:10:43 +0000 (14:10 +0100)]
Lookups: per-searchtype options framework

4 years agoSqlite: new main option sqlite_dbfile
Jeremy Harris [Wed, 1 Apr 2020 22:29:40 +0000 (23:29 +0100)]
Sqlite: new main option sqlite_dbfile

4 years agoTestsuite: ignore all fork-time debug
Jeremy Harris [Mon, 30 Mar 2020 21:26:09 +0000 (22:26 +0100)]
Testsuite: ignore all fork-time debug

4 years agoDsearch: require absolute dirname
Jeremy Harris [Sun, 29 Mar 2020 19:59:49 +0000 (20:59 +0100)]
Dsearch: require absolute dirname

4 years agoconstify
Jeremy Harris [Sun, 29 Mar 2020 18:07:48 +0000 (19:07 +0100)]
constify

4 years agoOpenSSL: under resumption open ticket DB writable, for record delete
Jeremy Harris [Sun, 29 Mar 2020 14:00:07 +0000 (15:00 +0100)]
OpenSSL: under resumption open ticket DB writable, for record delete

4 years agoTaint enforce: directory open backstops, single-key search filename
Jeremy Harris [Sat, 28 Mar 2020 20:01:10 +0000 (20:01 +0000)]
Taint enforce: directory open backstops, single-key search filename

4 years agoTestsuite: output changes resulting
Jeremy Harris [Sat, 28 Mar 2020 18:22:22 +0000 (18:22 +0000)]
Testsuite: output changes resulting

Broken-by: 836c3e4102
4 years agoBuild: fix Solaris
Jeremy Harris [Sat, 28 Mar 2020 16:12:56 +0000 (16:12 +0000)]
Build: fix Solaris

4 years agoTestsuite: ignore fakens fork debug line, avoiding ipv6-support differences
Jeremy Harris [Sat, 28 Mar 2020 16:06:48 +0000 (16:06 +0000)]
Testsuite: ignore fakens fork debug line, avoiding ipv6-support differences

4 years agoOpenSSL: avoid loading server's CA-list-for-client-notification on client
Jeremy Harris [Fri, 27 Mar 2020 21:07:50 +0000 (21:07 +0000)]
OpenSSL: avoid loading server's CA-list-for-client-notification on client

4 years agoFix argument checking for ${readsocket }
Jeremy Harris [Thu, 26 Mar 2020 16:05:19 +0000 (16:05 +0000)]
Fix argument checking for ${readsocket }

4 years agoMerge branch 'debug_fork'
Jeremy Harris [Sun, 22 Mar 2020 20:15:33 +0000 (20:15 +0000)]
Merge branch 'debug_fork'

4 years agoexit-time debug
Jeremy Harris [Sun, 22 Mar 2020 18:30:18 +0000 (18:30 +0000)]
exit-time debug

4 years agodebug tidying
Jeremy Harris [Fri, 20 Mar 2020 22:48:41 +0000 (22:48 +0000)]
debug tidying

4 years agopass through exec
Jeremy Harris [Sat, 21 Mar 2020 23:27:06 +0000 (23:27 +0000)]
pass through exec

4 years agochild-open debug
Jeremy Harris [Fri, 20 Mar 2020 14:44:07 +0000 (14:44 +0000)]
child-open debug

4 years agoTestsuite: move dsearch-dependent testcase
Jeremy Harris [Sun, 22 Mar 2020 11:13:49 +0000 (11:13 +0000)]
Testsuite: move dsearch-dependent testcase

4 years agoTaint: fix dsearch result to be untainted
Jeremy Harris [Sun, 22 Mar 2020 00:55:59 +0000 (00:55 +0000)]
Taint: fix dsearch result to be untainted

4 years agoTaint: mark more command-line arguments
Jeremy Harris [Sat, 21 Mar 2020 17:09:53 +0000 (17:09 +0000)]
Taint: mark more command-line arguments

4 years agotidying
Jeremy Harris [Sun, 15 Mar 2020 14:32:05 +0000 (14:32 +0000)]
tidying

4 years agoFix segfault on bad cmdline -f (sender) argument. Bug 2541
Jeremy Harris [Fri, 20 Mar 2020 19:14:45 +0000 (19:14 +0000)]
Fix segfault on bad cmdline -f (sender) argument.  Bug 2541

4 years agoconsistent fork-time debug
Jeremy Harris [Wed, 18 Mar 2020 13:47:42 +0000 (13:47 +0000)]
consistent fork-time debug

Testcase issues: 0366 2035

4 years agofixes
Jeremy Harris [Wed, 18 Mar 2020 12:33:24 +0000 (12:33 +0000)]
fixes

4 years agotidying
Jeremy Harris [Wed, 18 Mar 2020 11:36:59 +0000 (11:36 +0000)]
tidying

4 years agoAvoid corrupting globals during time-pauses
Jeremy Harris [Tue, 17 Mar 2020 12:33:47 +0000 (12:33 +0000)]
Avoid corrupting globals during time-pauses

4 years agoFix spurious detection of timeout while writing to transport filter
Jeremy Harris [Sun, 15 Mar 2020 21:08:28 +0000 (21:08 +0000)]
Fix spurious detection of timeout while writing to transport filter

4 years agolabelled-process fork function
Jeremy Harris [Sun, 15 Mar 2020 17:34:02 +0000 (17:34 +0000)]
labelled-process fork function

4 years agoTestsuite: missing output file
Jeremy Harris [Sat, 14 Mar 2020 22:30:45 +0000 (22:30 +0000)]
Testsuite: missing output file

4 years agoTestsuite: use correct client for GnuTLS platform
Jeremy Harris [Sat, 14 Mar 2020 22:47:07 +0000 (22:47 +0000)]
Testsuite: use correct client for GnuTLS platform

4 years agoTestsuite: make "client" util TLS variants more similar
Jeremy Harris [Sat, 14 Mar 2020 20:50:55 +0000 (20:50 +0000)]
Testsuite: make "client" util TLS variants more similar

4 years agoTesttsuite: portability
Jeremy Harris [Sat, 14 Mar 2020 16:50:28 +0000 (16:50 +0000)]
Testtsuite: portability

4 years agoTestsuite: fix munge
Jeremy Harris [Fri, 13 Mar 2020 14:16:15 +0000 (14:16 +0000)]
Testsuite: fix munge

4 years agoTestsuite: fix case for TLS library differences
Jeremy Harris [Thu, 12 Mar 2020 20:14:32 +0000 (20:14 +0000)]
Testsuite: fix case for TLS library differences

4 years agoRetry once a single-item delivery from the queue, when lock causes no attempt
Jeremy Harris [Thu, 12 Mar 2020 18:00:50 +0000 (18:00 +0000)]
Retry once a single-item delivery from the queue, when lock causes no attempt

4 years agoDebug: _exit() process-termination
Jeremy Harris [Thu, 12 Mar 2020 17:13:47 +0000 (17:13 +0000)]
Debug: _exit() process-termination

4 years agoTestsuite: fix build on non-gnumake platforms
Jeremy Harris [Tue, 10 Mar 2020 22:53:31 +0000 (22:53 +0000)]
Testsuite: fix build on non-gnumake platforms

4 years agoTestsuite: fix build on non-gnumake platforms
Jeremy Harris [Tue, 10 Mar 2020 22:40:27 +0000 (22:40 +0000)]
Testsuite: fix build on non-gnumake platforms

Broken-by: effbc122d
4 years agoEarly-pipe: retry without pipelining on first-response failure
Jeremy Harris [Tue, 10 Mar 2020 17:06:26 +0000 (17:06 +0000)]
Early-pipe: retry without pipelining on first-response failure

4 years agoDefault notifier socket name to spooldir-dependent path even for abstract names
Jeremy Harris [Sun, 8 Mar 2020 22:24:37 +0000 (22:24 +0000)]
Default notifier socket name to spooldir-dependent path even for abstract names

4 years agoClose notifier socket before re-exec of daemon. Bug 2539
Jeremy Harris [Sun, 8 Mar 2020 20:26:19 +0000 (20:26 +0000)]
Close notifier socket before re-exec of daemon.  Bug 2539

4 years agotidying
Jeremy Harris [Sun, 1 Mar 2020 16:36:19 +0000 (16:36 +0000)]
tidying

4 years agoFix parsing of cmdline -os & -pr options. Bug 2538
Heiko Schlichting [Sun, 8 Mar 2020 19:28:37 +0000 (19:28 +0000)]
Fix parsing of cmdline -os & -pr options.  Bug 2538

Incorrect attibution in 305e4faec2 commit

        Found & fixed by Heiko; coding massaged by jgh
Broken-by: 777cc7485c
4 years agoTestsuite: better restriction of parallel 2-stage-queue-runners
Jeremy Harris [Sun, 8 Mar 2020 18:37:14 +0000 (18:37 +0000)]
Testsuite: better restriction of parallel 2-stage-queue-runners

4 years ago Fix parsing of cmdline -os & -pr options. Bug 2538
Heiko Schlittermann (HS12-RIPE) [Sun, 8 Mar 2020 16:00:28 +0000 (16:00 +0000)]
Fix parsing of cmdline -os & -pr options.  Bug 2538

    Found & fixed by Heiko; coding massaged by jgh
Broken-by: 777cc7485c
4 years agoTestsuite: testcases for bug 2538
Jeremy Harris [Sun, 8 Mar 2020 15:20:10 +0000 (15:20 +0000)]
Testsuite: testcases for bug 2538

4 years agoTaint: track in ${utf8clean:} operator
Jeremy Harris [Thu, 5 Mar 2020 16:20:26 +0000 (16:20 +0000)]
Taint: track in ${utf8clean:} operator

4 years agoDocs: tidying
Jeremy Harris [Wed, 19 Feb 2020 13:19:58 +0000 (13:19 +0000)]
Docs: tidying

4 years agoDocs: typo in example config file. Bug 2528
David Restall [Sun, 1 Mar 2020 22:10:49 +0000 (22:10 +0000)]
Docs: typo in example config file.  Bug 2528

4 years agoRevert "GnuTLS: remove GNUTLS_E_AGAIN handling"
Heiko Schlittermann (HS12-RIPE) [Tue, 3 Mar 2020 07:06:22 +0000 (08:06 +0100)]
Revert "GnuTLS: remove GNUTLS_E_AGAIN handling"

This reverts commit 0b049796b89a59fc322119b54199d92c404ef687.

Thanks to Andreas Metzler for pointing me to:
https://gitlab.com/gnutls/gnutls/issues/644#note_123363338

4 years agoGnuTLS: Do not care about corked data when uncorking
Heiko Schlittermann (HS12-RIPE) [Mon, 2 Mar 2020 21:56:32 +0000 (22:56 +0100)]
GnuTLS: Do not care about corked data when uncorking

4 years agoGnuTLS: remove GNUTLS_E_AGAIN handling
Heiko Schlittermann (HS12-RIPE) [Mon, 2 Mar 2020 21:44:13 +0000 (22:44 +0100)]
GnuTLS: remove GNUTLS_E_AGAIN handling

The AGAIN shouldn't happen, as we are using blocking sockets

4 years agoFix $mime_part_count for non-mime message on multi-message connection. Bug 2537
Jeremy Harris [Sun, 1 Mar 2020 14:05:43 +0000 (14:05 +0000)]
Fix $mime_part_count for non-mime message on multi-message connection.  Bug 2537

4 years agoTestsuite: ignore differentce in libgsasl version
Jeremy Harris [Sat, 29 Feb 2020 18:18:46 +0000 (18:18 +0000)]
Testsuite: ignore differentce in libgsasl version

4 years agoAdd variables for wildcard portion of local-part affix. Bug 281
Jeremy Harris [Sat, 29 Feb 2020 16:30:35 +0000 (16:30 +0000)]
Add variables for wildcard portion of local-part affix.  Bug 281

4 years agoTestsuite: Move 2040 to 1101 (hanging pipelining connections)
Heiko Schlittermann (HS12-RIPE) [Wed, 26 Feb 2020 22:44:31 +0000 (23:44 +0100)]
Testsuite: Move 2040 to 1101 (hanging pipelining connections)

While this was a bug using GnuTLS, the test is rather generic
and the expected behaviour does not depend on the TLS implementation.

4 years agoTestsuite: build a generic tls enabled client: client-anytls
Heiko Schlittermann (HS12-RIPE) [Wed, 26 Feb 2020 22:32:46 +0000 (23:32 +0100)]
Testsuite: build a generic tls enabled client: client-anytls

4 years agoFix ${tr } expansion item. Bug 2533
Jeremy Harris [Wed, 26 Feb 2020 10:54:56 +0000 (10:54 +0000)]
Fix ${tr } expansion item.  Bug 2533

Broken-by: acec9514b1
4 years agoFix timestamp outputs for TAI timezone. Bug 2530
Arne Wörner [Mon, 24 Feb 2020 17:07:22 +0000 (17:07 +0000)]
Fix timestamp outputs for TAI timezone.  Bug 2530

4 years agoGnuTLS: avoid hang in older library, in selfsigned-cert creation
Jeremy Harris [Sun, 23 Feb 2020 22:35:22 +0000 (22:35 +0000)]
GnuTLS: avoid hang in older library, in selfsigned-cert creation

4 years agoReplace "Try to fix Solaris build" with compatibility compiler flags
Jeremy Harris [Sun, 23 Feb 2020 17:36:52 +0000 (17:36 +0000)]
Replace "Try to fix Solaris build" with compatibility compiler flags

This reverts commit b11989b8d73c17ccb70e22ca7e8a13540ecca73d.

4 years agoTry to fix Solaris build
Jeremy Harris [Sun, 23 Feb 2020 17:08:42 +0000 (17:08 +0000)]
Try to fix Solaris build

4 years agoWhen counting queue, avoid building & sorting list of names
Jeremy Harris [Sat, 22 Feb 2020 18:49:30 +0000 (18:49 +0000)]
When counting queue, avoid building & sorting list of names

This is worth maybe 30% time of a 10^5-sized queue

4 years agoHandle non-response from daemon for $queue_size
Jeremy Harris [Sat, 22 Feb 2020 17:31:33 +0000 (17:31 +0000)]
Handle non-response from daemon for $queue_size

4 years agoUnix socket creds: FreeBSD needs level 0 not SOL_SOCKET
Jeremy Harris [Sat, 22 Feb 2020 17:11:05 +0000 (17:11 +0000)]
Unix socket creds: FreeBSD needs level 0 not SOL_SOCKET

4 years agoUnix socket struct naming: avoid "sun" due to conflict on Solaris
Jeremy Harris [Sat, 22 Feb 2020 15:54:27 +0000 (15:54 +0000)]
Unix socket struct naming: avoid "sun" due to conflict on Solaris

4 years agoAllow for platforms not support abstract naming for Unix sockets
Jeremy Harris [Thu, 20 Feb 2020 14:39:14 +0000 (14:39 +0000)]
Allow for platforms not support abstract naming for Unix sockets

4 years agoUnix socket creds sockopt for BSD-ish platforms
Jeremy Harris [Wed, 19 Feb 2020 17:00:23 +0000 (17:00 +0000)]
Unix socket creds sockopt for BSD-ish platforms

4 years agoUnix socket creds definitions for BSD-ish platforms
Jeremy Harris [Wed, 19 Feb 2020 13:54:59 +0000 (13:54 +0000)]
Unix socket creds definitions for BSD-ish platforms

4 years agoGnuTLS: tls_write(): wait after uncorking the session
Heiko Schlittermann (HS12-RIPE) [Tue, 18 Feb 2020 17:59:49 +0000 (18:59 +0100)]
GnuTLS: tls_write(): wait after uncorking the session

4 years agoGnuTLS: Tweak debug output
Heiko Schlittermann (HS12-RIPE) [Wed, 12 Feb 2020 22:39:32 +0000 (23:39 +0100)]
GnuTLS: Tweak debug output

4 years agoGnuTLS: Clarify the use of SSLKEYFILE
Heiko Schlittermann (HS12-RIPE) [Wed, 12 Feb 2020 22:41:03 +0000 (23:41 +0100)]
GnuTLS: Clarify the use of SSLKEYFILE

4 years agoAdd queue_size variable. Bug 1406
Jeremy Harris [Sat, 10 Jan 2015 21:39:44 +0000 (21:39 +0000)]
Add queue_size variable.  Bug 1406

4 years agoMove notifier socket to general availability
Jeremy Harris [Tue, 18 Feb 2020 16:47:56 +0000 (16:47 +0000)]
Move notifier socket to general availability

4 years agoDocs: clarify DKIM key generation
Jeremy Harris [Tue, 18 Feb 2020 16:26:51 +0000 (16:26 +0000)]
Docs: clarify DKIM key generation

4 years agoTestsuite: add test for hanging callout connections
Heiko Schlittermann (HS12-RIPE) [Fri, 14 Feb 2020 10:20:39 +0000 (11:20 +0100)]
Testsuite: add test for hanging callout connections

Fixed in bd95ffc2ba87fbd3c752df17bc8fd9c01586d45a