nginx.git/src/mail, branch release-1.11.7 nginx Mail: support SASL EXTERNAL (RFC 4422). 2016-10-08T07:05:00+00:00 Rob N ★ robn@fastmail.com 2016-10-08T07:05:00+00:00 66c23edf6308867572d5c4b8341e7a3fe7e97864 This is needed to allow TLS client certificate auth to work. With ssl_verify_client configured, the auth daemon can choose to allow the connection to proceed based on the certificate data. This has been tested with Thunderbird for IMAP only. I've not yet found a client that will do client certificate auth for POP3 or SMTP, and the method is not really documented anywhere that I can find. That said, its simple enough that the way I've done is probably right. 
This is needed to allow TLS client certificate auth to work. With
ssl_verify_client configured, the auth daemon can choose to allow the
connection to proceed based on the certificate data.

This has been tested with Thunderbird for IMAP only. I've not yet found a
client that will do client certificate auth for POP3 or SMTP, and the method is
not really documented anywhere that I can find. That said, its simple enough
that the way I've done is probably right.
Mail: extensible auth methods in pop3 module. 2016-10-18T16:38:46+00:00 Maxim Dounin mdounin@mdounin.ru 2016-10-18T16:38:46+00:00 a747089a1dd63f323111c82000debfd83a5e6719 






Modules compatibility: removed dependencies on NGX_MAIL_SSL.
2016-10-10T15:44:17+00:00

Maxim Dounin
mdounin@mdounin.ru

2016-10-10T15:44:17+00:00

a6cb8210905f35977276cb3861184e4dad99cc2a

External structures are now identical regardless of mail SSL module
compiled in or not.





External structures are now identical regardless of mail SSL module
compiled in or not.







Modules compatibility: removed unneeded IPV6_V6ONLY checks.
2016-10-03T12:58:25+00:00

Maxim Dounin
mdounin@mdounin.ru

2016-10-03T12:58:25+00:00

0a961a09171fc1de3f3a70aa6b15e29d3882f7f0

The IPV6_V6ONLY macro is now checked only while parsing appropriate flag
and when using the macro.

The ipv6only field in listen structures is always initialized to 1,
even if not supported on a given platform.  This is expected to prevent
a module compiled without IPV6_V6ONLY from accidentally creating dual
sockets if loaded into main binary with proper IPV6_V6ONLY support.





The IPV6_V6ONLY macro is now checked only while parsing appropriate flag
and when using the macro.

The ipv6only field in listen structures is always initialized to 1,
even if not supported on a given platform.  This is expected to prevent
a module compiled without IPV6_V6ONLY from accidentally creating dual
sockets if loaded into main binary with proper IPV6_V6ONLY support.







Fixed log levels of configuration parsing errors.
2016-09-20T12:07:16+00:00

Valentin Bartenev
vbart@nginx.com

2016-09-20T12:07:16+00:00

89f82c1155d0e2291f30819c38d438e112ba569a

All the errors that prevent loading configuration must be printed on the "emerg"
log level.  Previously, nginx might silently fail to load configuration in some
cases as the default log level is "error".





All the errors that prevent loading configuration must be printed on the "emerg"
log level.  Previously, nginx might silently fail to load configuration in some
cases as the default log level is "error".







Ensure "listen" exists in a mail or stream server (ticket #1049).
2016-08-17T08:26:51+00:00

Roman Arutyunyan
arut@nginx.com

2016-08-17T08:26:51+00:00

dabbf30377d422a0e40093e3f429fca352c633a1












Fixed wrong type of the "line" field.
2016-08-18T14:13:07+00:00

Roman Arutyunyan
arut@nginx.com

2016-08-18T14:13:07+00:00

eecc68ce1787a519e4cf195f12c887d7d2ba9b0a

The new type ngx_uint_t was supposed when formatting the line number.





The new type ngx_uint_t was supposed when formatting the line number.







Fixed build on MSVC.
2016-06-20T12:11:50+00:00

Roman Arutyunyan
arut@nginx.com

2016-06-20T12:11:50+00:00

9810fd06cb3358dbc880ccfcb30a49e693623d0c












Introduced ngx_inet_get_port() and ngx_inet_set_port() functions.
2016-06-20T08:50:39+00:00

Roman Arutyunyan
arut@nginx.com

2016-06-20T08:50:39+00:00

5b201ac31f968d13f1165e7f29967e5826ccb9a1












SSL: ngx_ssl_ciphers() to set list of ciphers.
2016-06-15T20:05:30+00:00

Tim Taubert
tim@timtaubert.de

2016-06-15T20:05:30+00:00

4f578bfcab740fcfbbb8824822803ad9b3f176cc

This patch moves various OpenSSL-specific function calls into the
OpenSSL module and introduces ngx_ssl_ciphers() to make nginx more
crypto-library-agnostic.





This patch moves various OpenSSL-specific function calls into the
OpenSSL module and introduces ngx_ssl_ciphers() to make nginx more
crypto-library-agnostic.