nginx.git/src/mail, branch release-1.11.11 nginx Mail: don't emit separator in capability lists for APOP. 2017-03-06T14:56:23+00:00 Sergey Kandaurov pluknet@nginx.com 2017-03-06T14:56:23+00:00 fbe9759e4b8d0a80863a4000a724111b0741a9ab Notably, this fixes CAPA and AUTH output. The bug had appeared in nginx 1.11.6 (73b451d304c0). 
Notably, this fixes CAPA and AUTH output.

The bug had appeared in nginx 1.11.6 (73b451d304c0).
Mail: make it possible to disable SASL EXTERNAL. 2017-01-12T16:22:03+00:00 Sergey Kandaurov pluknet@nginx.com 2017-01-12T16:22:03+00:00 b5a3cc3781e95068cd8d0d8c84a7d8296b6682e6 






Win32: fixed some warnings reported by Borland C.
2016-12-24T15:01:14+00:00

Maxim Dounin
mdounin@mdounin.ru

2016-12-24T15:01:14+00:00

c17009ee756bf16e702ed48ef667765c121e36d6

Most notably, warning W8012 (comparing signed and unsigned values) reported
in multiple places where an unsigned value of small type (e.g., u_short) is
promoted to an int and compared to an unsigned value.

Warning W8072 (suspicious pointer arithmetic) disabled, it is reported
when we increment base pointer in ngx_shm_alloc().





Most notably, warning W8012 (comparing signed and unsigned values) reported
in multiple places where an unsigned value of small type (e.g., u_short) is
promoted to an int and compared to an unsigned value.

Warning W8072 (suspicious pointer arithmetic) disabled, it is reported
when we increment base pointer in ngx_shm_alloc().







Mail: support SASL EXTERNAL (RFC 4422).
2016-10-08T07:05:00+00:00

Rob N ★
robn@fastmail.com

2016-10-08T07:05:00+00:00

66c23edf6308867572d5c4b8341e7a3fe7e97864

This is needed to allow TLS client certificate auth to work. With
ssl_verify_client configured, the auth daemon can choose to allow the
connection to proceed based on the certificate data.

This has been tested with Thunderbird for IMAP only. I've not yet found a
client that will do client certificate auth for POP3 or SMTP, and the method is
not really documented anywhere that I can find. That said, its simple enough
that the way I've done is probably right.





This is needed to allow TLS client certificate auth to work. With
ssl_verify_client configured, the auth daemon can choose to allow the
connection to proceed based on the certificate data.

This has been tested with Thunderbird for IMAP only. I've not yet found a
client that will do client certificate auth for POP3 or SMTP, and the method is
not really documented anywhere that I can find. That said, its simple enough
that the way I've done is probably right.







Mail: extensible auth methods in pop3 module.
2016-10-18T16:38:46+00:00

Maxim Dounin
mdounin@mdounin.ru

2016-10-18T16:38:46+00:00

a747089a1dd63f323111c82000debfd83a5e6719












Modules compatibility: removed dependencies on NGX_MAIL_SSL.
2016-10-10T15:44:17+00:00

Maxim Dounin
mdounin@mdounin.ru

2016-10-10T15:44:17+00:00

a6cb8210905f35977276cb3861184e4dad99cc2a

External structures are now identical regardless of mail SSL module
compiled in or not.





External structures are now identical regardless of mail SSL module
compiled in or not.







Modules compatibility: removed unneeded IPV6_V6ONLY checks.
2016-10-03T12:58:25+00:00

Maxim Dounin
mdounin@mdounin.ru

2016-10-03T12:58:25+00:00

0a961a09171fc1de3f3a70aa6b15e29d3882f7f0

The IPV6_V6ONLY macro is now checked only while parsing appropriate flag
and when using the macro.

The ipv6only field in listen structures is always initialized to 1,
even if not supported on a given platform.  This is expected to prevent
a module compiled without IPV6_V6ONLY from accidentally creating dual
sockets if loaded into main binary with proper IPV6_V6ONLY support.





The IPV6_V6ONLY macro is now checked only while parsing appropriate flag
and when using the macro.

The ipv6only field in listen structures is always initialized to 1,
even if not supported on a given platform.  This is expected to prevent
a module compiled without IPV6_V6ONLY from accidentally creating dual
sockets if loaded into main binary with proper IPV6_V6ONLY support.







Fixed log levels of configuration parsing errors.
2016-09-20T12:07:16+00:00

Valentin Bartenev
vbart@nginx.com

2016-09-20T12:07:16+00:00

89f82c1155d0e2291f30819c38d438e112ba569a

All the errors that prevent loading configuration must be printed on the "emerg"
log level.  Previously, nginx might silently fail to load configuration in some
cases as the default log level is "error".





All the errors that prevent loading configuration must be printed on the "emerg"
log level.  Previously, nginx might silently fail to load configuration in some
cases as the default log level is "error".







Ensure "listen" exists in a mail or stream server (ticket #1049).
2016-08-17T08:26:51+00:00

Roman Arutyunyan
arut@nginx.com

2016-08-17T08:26:51+00:00

dabbf30377d422a0e40093e3f429fca352c633a1












Fixed wrong type of the "line" field.
2016-08-18T14:13:07+00:00

Roman Arutyunyan
arut@nginx.com

2016-08-18T14:13:07+00:00

eecc68ce1787a519e4cf195f12c887d7d2ba9b0a

The new type ngx_uint_t was supposed when formatting the line number.





The new type ngx_uint_t was supposed when formatting the line number.