src - OpenBSD base system

Age	Commit message (Collapse)	Author
2019-11-12	a long long time ago, there was no such thing as "from socket" and the	Gilles Chehade
	socket listener was tagged "local" so we could trick "from local" into matching non-network connections. this hack was removed years ago and the socket listener still had this "local" tag hardcoded. this commit teaches parse.y how to assign a tag to a socket listener and removes the hardcoded "local".
2019-11-12	fix a logic bug in ruleset matching that makes `from socket` rules possibly	Gilles Chehade
	crash depending on how the ruleset is crafted.
2019-11-11	fix 'mx:' mechanism in smtpd spf walk	Gilles Chehade
	diff from Quentin Rameau <quinq@fifth.space>
2019-11-04	fix a possible crash when combining "from rdns", nested virtual aliases and	Gilles Chehade
	a particular sequence of rules causing "from rdns" to be hit again from the expanded aliases. this requires crafting a specific configuration.
2019-11-03	6.6.0 -> 6.6.1	Gilles Chehade

2019-11-02	switch ASN1_STRING_data() with constified ASN1_STRING_get0_data()	Gilles Chehade

2019-10-04	remove strict \r check, the downside overweights the advantages, we'll	Gilles Chehade
	revisit a proper fix post release committing on behalf of martijn@, ok eric@ and I
2019-10-03	no need to increment argv and decrement argc, we're not using them later	Gilles Chehade

2019-10-03	no need to set n to 0 right before assigning it ret value from io_printf()	Gilles Chehade

2019-10-03	remove useless check and dead code	Gilles Chehade

2019-10-03	check imsg_flush() return value and fatal() if == -1	Gilles Chehade

2019-10-03	make it obvious we don't care about text_to_mailaddr() return values, we've	Gilles Chehade
	already checked it upfront and wouldn't reach this point if it didn't parse correctly.
2019-10-03	free() destination server copy, not a real leak since the program is short	Gilles Chehade
	lived but still
2019-10-03	fix wrong sizeof in lka reporters init	Gilles Chehade

2019-10-03	we should never hit the smtp reports with an s->tx set to NULL but better	Gilles Chehade
	be safe than sorry, check upfront
2019-10-03	fix possible use-after-free in error code path	Gilles Chehade

2019-10-03	fatal() if imsg_flush() call fails in table proc	Gilles Chehade

2019-10-03	fix memory leak in error code path	Gilles Chehade

2019-09-30	add smtpd-version config key in filters handshake	Gilles Chehade

2019-09-30	Allow maildir and mbox MDAs to tempfail on situations that might be	Martijn van Duren
	resolved over time. While here remove mkdirs component from utils.c, which isn't used anywhere. OK gilles@, millert@
2019-09-29	- remove specific cases for +a and +mx as the + prefix is handled earlier	Gilles Chehade
	- support mx: notation diff from Quentin Rameau <quinq@fifth.space>
2019-09-29	SRS uses base64 encoding for the checksum, however while this is ok when we	Gilles Chehade
	only have MTA in the loop, some implementations like Dovecot's LMTP dislike finding '/' in an e-mail address. Since checksum is meant to be verified at the MX that generated the SRS encoding, use alternate rfc354 base64 encode, swapping '/' with '_' and '+' with '-'. ok eric@ millert@
2019-09-22	few corrections on srs grammar	Sebastien Marie
	ok gilles@
2019-09-21	remove dead assignment.	Sebastien Marie
	the return code of ssl_check_name() doesn't need to be checked as `match' is always initialized to 0, and get 1 only on success. ok gilles@
2019-09-21	remove dead assignment	Sebastien Marie
	ok gilles@
2019-09-21	in report_smtp_broadcast(), the direction is expected to be "smtp-in" or	Sebastien Marie
	"smtp-out", but if something else happen, the `struct dict *d' will be uninitialized when used in `dict_xget(d, event)'. makes a logic error in smtpd to be visible instead of accessing uninitialized memory. ok gilles@
2019-09-21	properly initialize errstr before going to fail label.	Sebastien Marie
	ok gilles@
2019-09-21	there is no need to compute timestamp for SRS1: remove dead assignments.	Sebastien Marie
	ok gilles@
2019-09-20	tweak previous;	Jason McIntyre

2019-09-20	teach smtpd how to do SRS so hosts that act as forwarders don't break SPF.	Gilles Chehade
	this basic implementation does SRS0/SRS1 encoding/decoding, validating time and checksums. with insight from semarie@, ok eric@ and millert@
2019-09-19	second attempt at fixing how we display inet6 addresses in smtpd. this diff	Gilles Chehade
	is simpler than my initial reverted attempt, corrects the likely reason for the initial revert and has been running successfully for the day on my MX with tons of incoming and outgoing inet6 trafic. ok millert@
2019-09-19	in tx-mail / tx-rcpt reports, do not pass the brackets <> and remove any	Gilles Chehade
	of the MAIL FROM / RCPT TO options. filters use the mail-from and rcpt-to hooks to retrieve these should they need it. fixes bogus tx-mail / tc-rcpt reports
2019-09-19	unescape / and ^ in the general delivery case, they only need to be for	Gilles Chehade
	maildir ok eric@
2019-09-18	Implement server certificate validation in smtp(1).	Eric Faurot
	Check certificate against MX name in smtpd(8) mta. ok gilles@
2019-09-14	in mta_relay_cmp() properly check that authlabel or backupname are not NULL	Gilles Chehade
	before comparing their value with other relays diff from Caspar Schutijser <caspar@schutijser.com>
2019-09-11	when replace tree_xget() with tree_get() ... actually use tree_get() so the	Gilles Chehade
	change actually does something.
2019-09-11	Sprinkle around some __attribute__((__format__ (printf(...))).	Martijn van Duren
	OK gilles@
2019-09-10	do not use tree_xget() between filters resume as a session may legitimately	Gilles Chehade
	go away due to a disconnection before a filter responds. diff from martijn@, committing on his behalf
2019-09-10	immediatly close the connection if the cert is not valid, rather than	Eric Faurot
	ending the smtp session. ok gilles@
2019-09-10	simplify lka reporting functions by moving the reqid inside the broadcast	Gilles Chehade
	function: reqid is a mandatory part of the header. lka reporting functions now only append their own specific parameters. ok martijn@
2019-09-06	Add support for filter-reports. These allow filters to send freetext	Martijn van Duren
	reports to other filters/report handlers. Builtin filters work via the new "report" keyword. Proc filters can send reports via: "report\|<seconds.<microseconds>\|smtp-in\|<reqid>\|<message>" Subscribing to these reports can be done via the the "filter-report" keyword. The reports themselves contain the usual elements followed by: <type>\|<name>\|<message> Type can be builtin or proc. Name is the process name for type proc and the filter name for type builtin. OK gilles@
2019-09-04	bump version	Gilles Chehade

2019-09-04	disallow proc filters from responding with junk action at commit	Gilles Chehade
	spotted by martijn@
2019-09-04	introduce the 'junk' builtin filter action which marks a session or	Gilles Chehade
	transaction as junked when a filter matches. this with the maildir junk option allows classifying messages in Spam folder instead of rejecting/disconnecting. ok semarie@, eric@, martijn@
2019-09-03	Exectute procs and filters from /usr/local/libexec/smtpd/ if no absolute	Martijn van Duren
	path is given. OK gilles@
2019-09-02	the rule_to_text() function which is used to display rules when debug	Gilles Chehade
	tracing ruleset matching had a few "spacing" issues, fix it reported by Reio Remma
2019-09-02	Request a new SSL structure for each TLS session.	Eric Faurot
	Fix a crash reported by Ross L Richardson. ok gilles@
2019-09-02	in standalone smtp client, smtps schema should use ... smtps port	Gilles Chehade
	diff from Ross L Richardson <openbsd@rlr.id.au>
2019-08-29	the latest commit introduced a regression in DATA filters	Gilles Chehade
	ok martijn@
2019-08-29	the builtin filters matching used to be reversed, as in "function must not	Gilles Chehade
	match", because it made code smaller, however it also made it harder to understand so it was reworked to have a function must match logic. the check_fcrdns function was not reversed, fix it spotted by otto@