[exim-dev] [Bug 2371] dkim_domain option should lowercase its elements
https://bugs.exim.org/show_bug.cgi?id=2371 Git Commit changed: What|Removed |Added CC||g...@exim.org --- Comment #1 from Git Commit --- Git commit: https://git.exim.org/exim.git/commitdiff/fe12ec888ef7b81ee0f5874ca6201ba11b0e9b19 commit fe12ec888ef7b81ee0f5874ca6201ba11b0e9b19 Author: Jeremy Harris AuthorDate: Tue Feb 5 23:19:00 2019 + Commit: Jeremy Harris CommitDate: Mon Feb 11 00:17:22 2019 + dkim: ensure that dkim_domain elements are lowercased before use. bug 2371 (cherry picked from commit f3c73adaa541ae54092467a29668ac32894ef1dc) doc/doc-docbook/spec.xfpt | 16 ++-- doc/doc-txt/ChangeLog | 2 ++ src/src/dkim.c| 1 + 3 files changed, 17 insertions(+), 2 deletions(-) -- You are receiving this mail because: You are on the CC list for the bug. -- ## List details at https://lists.exim.org/mailman/listinfo/exim-dev Exim details at http://www.exim.org/ ##
Re: [exim-dev] Bug 2369: single-key lookup type based on libcorkipset
On 10/02/2019 22:42, Ian Zimmerman via Exim-dev wrote: > Turns out the underlying library wants IPv6 addresses colon separated; > but in contexts where a host address is being tested for list > membership, exim passes it to the lookup as dot-separated. This is of > course documented in the Spec, section 10.12. > > Since IP addresses are the only things worth testing by this lookup, > maybe I should internally translate them from dot to colon, before I > pass them to libcork? If you can reliably detect the ipv6-ness, yes, that sounds like the minimally intrusive way. -- Cheers, Jeremy -- ## List details at https://lists.exim.org/mailman/listinfo/exim-dev Exim details at http://www.exim.org/ ##
Re: [exim-dev] Bug 2369: single-key lookup type based on libcorkipset
Turns out the underlying library wants IPv6 addresses colon separated; but in contexts where a host address is being tested for list membership, exim passes it to the lookup as dot-separated. This is of course documented in the Spec, section 10.12. Since IP addresses are the only things worth testing by this lookup, maybe I should internally translate them from dot to colon, before I pass them to libcork? -- Please don't Cc: me privately on mailing lists and Usenet, if you also post the followup to the list or newsgroup. To reply privately _only_ on Usenet and on broken lists which rewrite From, fetch the TXT record for no-use.mooo.com. -- ## List details at https://lists.exim.org/mailman/listinfo/exim-dev Exim details at http://www.exim.org/ ##
[exim-dev] [Bug 2372] New: GnuTLS 1.3 and no client cert, required by server, fails to retry in clear
https://bugs.exim.org/show_bug.cgi?id=2372 Bug ID: 2372 Summary: GnuTLS 1.3 and no client cert, required by server, fails to retry in clear Product: Exim Version: 4.91 Hardware: All OS: Linux Status: NEW Severity: bug Priority: high Component: TLS Assignee: jgh146...@wizmail.org Reporter: jgh146...@wizmail.org CC: exim-dev@exim.org Possibly associated with late-verification of cert on server; the TLS handshake succeeds and the client does not see an error until the first data read, for the (crypted) EHLO-response. This is treated as a dataphase error during TLS, not as a TLS handshake failure, and the message is queued for retry. We expect the retries to fail the same way. Seen with GnuTLS 3.6.5 on f29, which is about the earliest TLS1.3-capable version. Workaround: tls_require_ciphers = NORMAL:-VERS-TLS1.3 -- You are receiving this mail because: You are on the CC list for the bug. -- ## List details at https://lists.exim.org/mailman/listinfo/exim-dev Exim details at http://www.exim.org/ ##
[exim-dev] [Bug 2372] GnuTLS 1.3 and no client cert, required by server, fails to retry in clear
https://bugs.exim.org/show_bug.cgi?id=2372 Jeremy Harris changed: What|Removed |Added Target Milestone|Exim 4.92 |Exim_4.93+ -- You are receiving this mail because: You are on the CC list for the bug. -- ## List details at https://lists.exim.org/mailman/listinfo/exim-dev Exim details at http://www.exim.org/ ##