CVE-2020-28008: Assorted attacks in Exim's spool directory

[exim.git] / src / src / smtp_out.c

diff --git a/src/src/smtp_out.c b/src/src/smtp_out.c
index 6f7fb85c11a28da11d59de583d0b0ea1b546a43c..d6dfba52e02840197012b9cf683a2052a78d912f 100644 (file)
--- a/src/src/smtp_out.c
+++ b/src/src/smtp_out.c
@@ -375,7 +375,7 @@ smtp_port_for_connect(host_item * host, int port)
 {
 if (host->port != PORT_NONE)
   {
-  HDEBUG(D_transport|D_acl|D_v)
+  HDEBUG(D_transport|D_acl|D_v) if (port != host->port)
     debug_printf_indent("Transport port=%d replaced by host-specific port=%d\n", port,
       host->port);
   port = host->port;
@@ -425,7 +425,7 @@ if (ob->socks_proxy)
   {
   int sock = socks_sock_connect(sc->host, sc->host_af, port, sc->interface,
                                sc->tblock, ob->connect_timeout);
-  
+
   if (sock >= 0)
     {
     if (early_data && early_data->data && early_data->len)
@@ -509,6 +509,16 @@ else
              0
 #endif
             );
+
+#if defined(__linux__)
+    /* This is a workaround for a current linux kernel bug: as of
+    5.6.8-200.fc31.x86_64  small (<MSS) writes get delayed by about 200ms,
+    This is despite NODELAY being active.
+    https://bugzilla.redhat.com/show_bug.cgi?id=1803806 */
+
+    if (!more)
+      setsockopt(outblock->cctx->sock, IPPROTO_TCP, TCP_CORK, &off, sizeof(off));
+#endif
     }
   }
 
@@ -633,7 +643,7 @@ Arguments:
   timelimit deadline for reading the lime, seconds past epoch
 
 Returns:    length of a line that has been put in the buffer
-            -1 otherwise, with errno set
+            -1 otherwise, with errno set, and inblock->ptr adjusted
 */
 
 static int
@@ -674,6 +684,7 @@ for (;;)
       {
       *p = 0;                     /* Leave malformed line for error message */
       errno = ERRNO_SMTPFORMAT;
+      inblock->ptr = ptr;
       return -1;
       }
     }