Phil Pennock [Thu, 3 Oct 2013 18:50:09 +0000 (14:50 -0400)]
Unbreak HTML build for RC candidates.
The HTML build now uses the website repo, which extracts the version
number from the XML (generated from the .xfpt). Meanwhile, commit 2aee48d6 made the version number in the build process dynamic, taking
the value from the release script (via an environ variable).
This change fixes the invocation to pass the version _without_ an RC
suffix to the XML build, letting HTML generation happen.
Todd Lyons [Tue, 1 Oct 2013 16:24:19 +0000 (09:24 -0700)]
Bugzilla 1217: Experimental Redis lookup
Add want_experimental() test in the script to create the lookups
Makefile to ease detection of requested Experimental features, and
simplify the #ifdef guards in the redis.c.
Phil Pennock [Mon, 30 Sep 2013 04:57:07 +0000 (00:57 -0400)]
Fix dovecot with empty 334 challenge.
Thomas Morper reported, with 4.82RC1, that he saw "334 NULL" as the
challenge when using AUTH PLAIN to Dovecot when the client does not send
an initial response. I could replicate.
This was caused by commit 3f1df0e3 on 2012-11-19 (PP/13 of 4.82); I was
too cautious in the robustness fixes; the clue came in this line of
debug output:
76430 dovecot: warning: ignoring trailing tab
This change removes that check, and documents in a comment that this
input is acceptable protocol-wise, and why.
Phil Pennock [Thu, 26 Sep 2013 18:18:09 +0000 (11:18 -0700)]
Clarify CL: the CVE security fix already in 4.80.1
On re-reading the text for 4.82, it read as though there were a new
security fix which might require an upgrade. Clarified that this fix
has already been released (in 4.80.1).
Phil Pennock [Wed, 31 Jul 2013 22:50:04 +0000 (18:50 -0400)]
Fix segfault in stdio with non-SMTP MIME ACL.
When injecting a message locally in non-SMTP mode, and with MIME ACLs
configured, if the ACL rejected the message, Exim would try to
`fprintf(NULL, "%s", the_message)`. This fixes that.
Most ACLs are plumbed in SMTP-only and looking through the others in
receive.c, they all appear to be safely guarded, so it was just this one
that slipped through.
Crash report and assistance tracking down the root cause from Warren
Baker.
Jeremy Harris [Sun, 21 Jul 2013 11:50:53 +0000 (12:50 +0100)]
Remove ACL-config skip so that ${acl } expansions work from queue-runs.
Previously we skipped parsing the ACL section when not needed. Now it is
potentially needed in all cases. The skip was ~5% faster than a full parse
so probably not a large part of the exim process startup.
Fix up testsuite output files affected by the removal and add a regression test.
Phil Pennock [Mon, 10 Jun 2013 06:50:18 +0000 (02:50 -0400)]
Guard LDAP TLS usage against Solaris LDAP variant.
PP/22
Report from Prashanth Katuri.
This variant ensures that if TLS won't be activated because of
compile-time guards, but was requested, then we at least debug-log _why_
we're not doing anything.
Phil Pennock [Tue, 2 Apr 2013 16:37:03 +0000 (12:37 -0400)]
Ensure OpenSSL entropy state reset across forks.
Note that this function is never going to be called pre-fork unless the
admin is doing something highly unusual with ${randint:..} in a context
evaluated in the listening daemon. Other forks should result in a
re-exec(), thus resetting state.
Nonetheless, be more cautious, explicitly reset state.
Fix per PostgreSQL.
PS: why does OpenSSL not document RAND_cleanup() on the same page as all
the other entropy pool maintenance functions?
J. Nick Koston [Sat, 30 Mar 2013 07:22:53 +0000 (02:22 -0500)]
Add the force_command option to the pipe transport
Normally when a router redirects an address directly to a pipe command
the command option on the transport is ignored. If force_command
is set, the command option will expanded and used. This is especially
useful for forcing a wrapper or additional argument to be added to the
command.
Jeremy Harris [Sun, 24 Mar 2013 21:49:12 +0000 (21:49 +0000)]
OCSP-stapling enhancement and testing.
Server:
Honor environment variable as well as running_in_test_harness in permitting bogus staplings
Update server tests
Add "-ocsp" option to client-ssl.
Server side: add verification of stapled status.
First cut server-mode ocsp testing.
Fix some uninitialized ocsp-related data.
Client (new):
Verify stapling using only the chain that verified the server cert, not any acceptable chain.
Add check for multiple responses in a stapling, which is not handled
Refuse verification on expired and revoking staplings.
Handle OCSP client refusal on lack of stapling from server.
More fixing in client OCSP: use the server cert signing chain to verify the OCSP info.
Add transport hosts_require_ocsp option.
Log stapling responses.
Start on tests for client-side.
Testing support:
Add CRL generation code and documentation update
Initial CA & certificate set for testing.
BUGFIX:
Once a single OCSP response has been extracted the validation
routine return code is no longer about the structure, but the actual
returned OCSP status.
Phil Pennock [Wed, 13 Mar 2013 23:48:22 +0000 (19:48 -0400)]
OpenSSL fix empty tls_verify_certificates.
New behaviour matches GnuTLS handling, and is documented.
Previously, a tls_verify_certificates expansion forced failure was the
only portable way to avoid setting this option. Now, an empty string is
equivalent.
Phil Pennock [Sun, 23 Dec 2012 19:23:01 +0000 (14:23 -0500)]
gen_pkcs3: add comment explaining rationale
Wondering why you wrote some code and having to grep the source code to find out,
in the same year that you wrote it, is generally a sign of missing information.