From: Phil Pennock Date: Thu, 17 May 2012 15:21:54 +0000 (-0400) Subject: 4.78 -> 4.80 X-Git-Tag: exim-4_80_RC1~11 X-Git-Url: https://vcs.fsf.org/?p=exim.git;a=commitdiff_plain;h=b1770b6e4e865e3422e18e903b8e918df8802aa0 4.78 -> 4.80 --- diff --git a/doc/doc-docbook/spec.xfpt b/doc/doc-docbook/spec.xfpt index 6d1802b6b..c2aa07fb0 100644 --- a/doc/doc-docbook/spec.xfpt +++ b/doc/doc-docbook/spec.xfpt @@ -14399,7 +14399,7 @@ adjusted lightly. An unrecognised item will be detected at startup, by invoking Exim with the &%-bV%& flag. .new -Historical note: prior to release 4.78, Exim defaulted this value to +Historical note: prior to release 4.80, Exim defaulted this value to "+dont_insert_empty_fragments", which may still be needed for compatibility with some clients, but which lowers security by increasing exposure to some now infamous attacks. @@ -24552,7 +24552,7 @@ who authenticated is placed in &$auth1$&. .cindex "authentication" "CRAM-MD5" .cindex "authentication" "SCRAM-SHA-1" The &(gsasl)& authenticator provides server integration for the GNU SASL -library and the mechanisms it provides. This is new as of the 4.78 release +library and the mechanisms it provides. This is new as of the 4.80 release and there are a few areas where the library does not let Exim smoothly scale to handle future authentication mechanisms, so no guarantee can be made that any particular new authentication mechanism will be supported @@ -25006,7 +25006,7 @@ renaming. The relevant commands are something like this: If Exim never has to generate the parameters itself, the possibility of stalling is removed. -The filename changed in Exim 4.78, to gain the -bits suffix. The value which +The filename changed in Exim 4.80, to gain the -bits suffix. The value which Exim will choose depends upon the version of GnuTLS in use. For older GnuTLS, the value remains hard-coded in Exim as 1024. As of GnuTLS 2.12.x, there is a way for Exim to ask for the "normal" number of bits for D-H public-key usage, @@ -25090,7 +25090,7 @@ Documentation of the strings accepted may be found in the GnuTLS manual, under "Priority strings". This is online as &url(http://www.gnu.org/software/gnutls/manual/html_node/Priority-Strings.html). -Prior to Exim 4.78, an older API of GnuTLS was used, and Exim supported three +Prior to Exim 4.80, an older API of GnuTLS was used, and Exim supported three additional options, "&%gnutls_require_kx%&", "&%gnutls_require_mac%&" and "&%gnutls_require_protocols%&". &%tls_require_ciphers%& was an Exim list. .wen diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog index a93041e62..2bcdea8e9 100644 --- a/doc/doc-txt/ChangeLog +++ b/doc/doc-txt/ChangeLog @@ -1,7 +1,7 @@ Change log file for Exim from version 4.21 ------------------------------------------- -Exim version 4.78 +Exim version 4.80 ----------------- PP/01 Handle short writes when writing local log-files. diff --git a/doc/doc-txt/NewStuff b/doc/doc-txt/NewStuff index 7b3b5aff0..9421cb504 100644 --- a/doc/doc-txt/NewStuff +++ b/doc/doc-txt/NewStuff @@ -6,7 +6,7 @@ Before a formal release, there may be quite a lot of detail so that people can test from the snapshots or the CVS before the documentation is updated. Once the documentation is updated, this file is reduced to a short list. -Version 4.78 +Version 4.80 ------------ 1. New authenticator driver, "gsasl". Server-only (at present). diff --git a/doc/doc-txt/OptionLists.txt b/doc/doc-txt/OptionLists.txt index 576eaf3d2..4202f4312 100644 --- a/doc/doc-txt/OptionLists.txt +++ b/doc/doc-txt/OptionLists.txt @@ -48,7 +48,7 @@ release 4.00, and so no router options are shown as earlier than 4.00, though in fact some of them were inherited from earlier versions. ----------------------------------------------------------------------------------------- -accept_8bitmime boolean true main 1.60 changed to true in 4.78 +accept_8bitmime boolean true main 1.60 changed to true in 4.80 acl_not_smtp string* unset main 4.11 acl_not_smtp_mime string* unset main 4.51 with content scan acl_smtp_auth string* unset main 4.00 @@ -373,7 +373,7 @@ once string* unset autoreply once_file_size integer 0 autoreply 3.20 once_repeat time 0s autoreply 2.95 one_time boolean false redirect 4.00 -openssl_options string unset main 4.73 default to unset in 4.78 +openssl_options string unset main 4.73 default to unset in 4.80 optional boolean false iplookup 4.00 oracle_servers string unset main 4.00 owners string list unset redirect 4.00 @@ -466,19 +466,19 @@ sender_unqualified_hosts host list unset main senders address list unset routers 4.00 serialize_hosts host list unset smtp 1.60 server_advertise_condition string* unset authenticators 4.14 -server_channelbinding bool false gsasl 4.78 +server_channelbinding bool false gsasl 4.80 server_condition string* unset authenticators 3.10 (plaintext) 4.64 (others) -server_hostname string* "$primary_hostname" cyrus_sasl,gsasl,heimdal_gssapi (cyrus-only) 4.78 (others) -server_keytab string* unset heimdal_gssapi 4.78 +server_hostname string* "$primary_hostname" cyrus_sasl,gsasl,heimdal_gssapi (cyrus-only) 4.80 (others) +server_keytab string* unset heimdal_gssapi 4.80 server_mail_auth_condition string* unset authenticators 3.22 -server_mech string public_name cyrus_sasl,gsasl 4.43 (cyrus-only) 4.78 (others) -server_password string unset gsasl 4.78 +server_mech string public_name cyrus_sasl,gsasl 4.43 (cyrus-only) 4.80 (others) +server_password string unset gsasl 4.80 server_prompts string* unset plaintext 3.10 -server_realm string unset cyrus_sasl,gsasl 4.43 (cyrus-only) 4.78 (others) -server_scram_iter string* unset gsasl 4.78 -server_scram_salt string* unset gsasl 4.78 +server_realm string unset cyrus_sasl,gsasl 4.43 (cyrus-only) 4.80 (others) +server_scram_iter string* unset gsasl 4.80 +server_scram_salt string* unset gsasl 4.80 server_secret string* unset cram_md5 3.10 -server_service string "smtp" cyrus_sasl,gsasl,heimdal_gssapi (cyrus-only) 4.78 (others) +server_service string "smtp" cyrus_sasl,gsasl,heimdal_gssapi (cyrus-only) 4.80 (others) server_set_id string* unset authenticators 3.10 shadow_condition string* unset transports shadow_transport string unset transports @@ -554,7 +554,7 @@ tls_privatekey string* unset main tls_remember_emstp boolean false main 4.21 tls_require_ciphers string* unset smtp 4.00 replaces tls_verify_ciphers string* unset main 4.33 -tls_sni string* unset main 4.78 +tls_sni string* unset main 4.80 tls_tempfail_tryclear boolean true smtp 4.05 tls_try_verify_hosts host list unset main 4.00 tls_verify_certificates string* unset main 3.20 diff --git a/src/src/readconf.c b/src/src/readconf.c index 95e155ff3..6b8f8d23e 100644 --- a/src/src/readconf.c +++ b/src/src/readconf.c @@ -235,7 +235,7 @@ static optionlist optionlist_config[] = { { "gecos_pattern", opt_stringptr, &gecos_pattern }, #ifdef SUPPORT_TLS { "gnutls_compat_mode", opt_bool, &gnutls_compat_mode }, - /* These three gnutls_require_* options stopped working in Exim 4.78 */ + /* These three gnutls_require_* options stopped working in Exim 4.80 */ { "gnutls_require_kx", opt_stringptr, &gnutls_require_kx }, { "gnutls_require_mac", opt_stringptr, &gnutls_require_mac }, { "gnutls_require_protocols", opt_stringptr, &gnutls_require_proto }, diff --git a/src/src/tls-openssl.c b/src/src/tls-openssl.c index e485aa67d..4cdb28905 100644 --- a/src/src/tls-openssl.c +++ b/src/src/tls-openssl.c @@ -1751,7 +1751,7 @@ uschar keep_c; BOOL adding, item_parsed; result = 0L; -/* Prior to 4.78 we or'd in SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS; removed +/* Prior to 4.80 we or'd in SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS; removed * from default because it increases BEAST susceptibility. */ if (option_spec == NULL) diff --git a/src/src/transports/smtp.c b/src/src/transports/smtp.c index b01322662..e317c095c 100644 --- a/src/src/transports/smtp.c +++ b/src/src/transports/smtp.c @@ -62,7 +62,7 @@ optionlist smtp_transport_options[] = { { "gethostbyname", opt_bool, (void *)offsetof(smtp_transport_options_block, gethostbyname) }, #ifdef SUPPORT_TLS - /* These are no longer honoured, as of Exim 4.78; for now, we silently + /* These are no longer honoured, as of Exim 4.80; for now, we silently ignore; a later release will warn, and a later-still release will remove these options, so that using them becomes an error. */ { "gnutls_require_kx", opt_stringptr, diff --git a/test/runtest b/test/runtest index 53516d00a..9bcace082 100755 --- a/test/runtest +++ b/test/runtest @@ -23,7 +23,7 @@ use Time::Local; # Start by initializing some global variables -$testversion = "4.78 (08-May-12)"; +$testversion = "4.80 (08-May-12)"; # This gets embedded in the D-H params filename, and the value comes # from asking GnuTLS for "normal", but there appears to be no way to