* Fri Sep 08 2023 16:32:02 +0000 Manvendra Bhangui <indimail-mta@indimail.org> 3.0.4-1.1%{?dist}
Release 3.0.4-1.1 Start 24/04/2023 End --/--/20--
- svctool: when replacing in recontrol, use exact match
- qmail-send.c, qmta-send.c, slowq-send.c, qsutil.c, delivery_rate.c: Use
  NULL instead of 0 for null pointer
- custom_error.c: removed use of static variables as function is noreturn
- svctool: synced daemontools/minisvc, indimail-mta/svctool create_svscan
  function
- svctool: added --config=selinux option to create selinux module from .te
  file
- indimail-mta.te: updated selinux rules
- create_services: allow creation of mysql db even if indimail is not
  installed
- skip creation of indimail user, database if mysql_user is null
- Fixes for amazon linux in indimail-mta.spec
- set_environment.c: skip local env variable processing of .defaultqueue if
  SKIP_LOCAL_ENVIRONMENT is set
- qmail-showctl.c: restore HOME env variable after env_clear
- dknewkey: allow non-root user to execute dknewkey
- indimail-mta.spec, debian/indimail-mta.postinst, create_services: create
  defaultqueue parameters without DKIM signing
- svctool:updated for pwdlookup, inlookup changes for using /run, /var/run
- svctool: fixes for clamd service
- indimail-mta.spec, debian/*: add timestamps to installation logs
- svctool: added --config=nssd option to create nssd config file
- qsutil.c: removed extra / from defaultdelivery control filename path
- svctool: fix MySQL db creation for MariaDB 11.x
- qmail-remote.c, smtpd.c, qmail-greyd.c, mail_acl.c, starttls.c: use NULL
  instead of 0 for null pointer
- mail_acl.c: fixed incorrect call to out()
- dossl.c: fixed potential SIGSEGV
- svctool: set permission of logrotate.mysql to mysql:mysql
- condredirect.c, condtomaildir.c: added -r reverse option to forward when
  program fails instead of when program succeeds.
- dnstlsarr.c: refactored code to reduce loc
- auto-uid.c, auto-gid.c: replaced outs() with subprintf
- ldap-checkpwd.c, sys-checkpwd.c: replaced out() with subprintf()
- qmail-rm.c: replaced out(), logerr() with subprintf()
- whois.c: replaced logerr(), logerrf() with subprintf()
- sys-checkpwd.c: Fixed out of memory error for POSTAUTH
- create_services: fixed typo for mysql_pass in create_services
- smtpd.c: renamed check_recipient_cdb() to recipients_ext()
- svctool: use mariadb-admin if present instead of mysqladmin
- svctool: fixed nodnscheck update in recontrol
- svctool: put max supported protocol in tls[client|server]method
- queue-fix.c: added argument for -b option to specify bigtodo or nobigtodo
- qmail-remote.c: BUG qmail-remote trying SMTP AUTH when it shouldn't
  [25] https://sourceforge.net/p/indimail/support-requests/25/
- drate.c: added missing call to uidinit()
- smtpd.c: refactored error logging using die_read, die_write
- sslerator.c: use strerr_tls for tls errors
- recipients.c: allow any number of arguments for pluggable address
  verification module
- smtpd.c: use sleep before sending message to client
- test-recipients.c: handle all exit codes of pavm
- smtpd.c: initialize few left out variables in smtp_init
- qmail-local.c: display program/command if crashed in logs
- svctool: preserve permission of control files in recontrol
- dossl.c: use clientcipherlist for tlsv1_2 and below, clientciphersuite for
  tlsv1_3 and above
- dossl.c: use TLS_CIPHER_LIST for tlsv1_2 and below, TLS_CIPHER_SUITE for
  tlsv1_3 and above
- dossl.c: use SSL_set_cipher_list for tlsv1_2 and below,
  SSL_set_ciphersuits for tlsv1_3 and above.
- dossl.c: return 0 for connnection/negotiation failure in do_tls()
  for qmail-remote to retry connection in non-tls mode
- qmail-remote.c: removed unused function perm_tlslcientmethod()
- qmail-remote.c: BUG: Fixed wrong usage of quit()
- qmail-remote.c: retry failed TLS/SSL connection attempt with non-TLS connection
- qlocal_uprade.in: move tlsclientciphers to clientcipherlist,
  move tlsserverciphers to servercipherlist
- smtpd.c: use servercipherlist for tlsv1_2 and below, serverciphersuite for tlsv1_3 and above
- smtpd.c: use TLS_CIPHER_LIST for tlsv1_2 and below, TLS_CIPHER_SUITE for
  tlsv1_3 and above
- smtpd.c, qmail-remote.c: No defaults for missing tlsservermethod,
  tlsclientmethod
- qmail-smtpd.c: added TLS_CIPHER_SUITE env variables in print_details
- sslerator.c: let default ciphers be set by tls_init()
- sslerator.c: use TLS_CIPHER_LIST for tlsv1_2 and below, TLS_CIPHER_SUITE
  for tlsv1_3 and above
- svctool: renamed tlsclientciphers, tlsserverciphers to clientcipherlist,
  servercipherlist for TLSv1_2
- svctool: added clientciphersuite, serverciphersuite control files for
  TLSv1_3
- svctool: link TLS_CIPHER_LIST to servercipherlist, TLS_CIPHER_SUITE to
  serverciphersuite as default CIPHERS for TLSv1_2, TLSv1_3
- smtpd.c, dossl.c: new feature Min:Max format for tlsclientmethod,
  tlservermethod
- smtpd.c: changed location of flagbarfspf check
- test-indimail-mta: use default ciphers set by svctool
- qmail-remote.c: BUG from 52: fixed extra connect being made for servers
  without STARTTLS capability
- dossl.c: return 2 for tls connection/negotiation failure
- Makefile, indimail-mta.spec, PLUGINS: removed example plugin
- debian/rules: added -fno-lto flag
- tests/test-indimail-mta: added test for qmail-remote to do STARTTLS and
  SMTPS
- qregex.h, matchregex.[c.h]: moved matchregex.c, matchregex.h to libqmail
- dk-filter.sh: Added missing NODKIMKEY feature to turn off dkimkeyfn
- surbfilter.c: Log debug messages on descriptor 5
- surblqueue: Redirect debug messages from surbfilter to SURBL_DEBUG_FN if
  set
- smtpd.c: Use last line to set error message from error strings returned by
  qmail_close()
- surblfilter.c: display the SURBL blocked uri in message
- qfrontend: make libexecdir, controldir configurable using env variables
- qmail-qfilter: BUG FIX: qmail-multi, qmail-queue wasn't getting executed
