* Exim - an Internet mail transport agent *
*************************************************/
-/* Copyright (c) University of Cambridge 1995 - 2009 */
+/* Copyright (c) University of Cambridge 1995 - 2012 */
/* See the file NOTICE for conditions of use and distribution. */
/* Functions for handling an incoming SMTP call. */
if ((log_extra_selector & LX_tls_peerdn) != 0 && tls_peerdn != NULL)
s = string_append(s, &size, &ptr, 3, US" DN=\"",
string_printing(tls_peerdn), US"\"");
+if ((log_extra_selector & LX_tls_sni) != 0 && tls_sni != NULL)
+ s = string_append(s, &size, &ptr, 3, US" SNI=\"",
+ string_printing(tls_sni), US"\"");
#endif
sep = (smtp_connection_had[SMTP_HBUFF_SIZE-1] != SCH_NONE)?
n = v;
while(isalpha(n[-1])) n--;
-if (n[-1] != ' ') return FALSE;
+/* RFC says SP, but TAB seen in wild and other major MTAs accept it */
+if (!isspace(n[-1])) return FALSE;
n[-1] = 0;
*name = n;
if (smtp_cmd_buffer == NULL)
log_write(0, LOG_MAIN|LOG_PANIC_DIE,
"malloc() failed for SMTP command buffer");
+smtp_cmd_buffer[0] = 0;
smtp_data_buffer = smtp_cmd_buffer + smtp_cmd_buffer_size + 1;
/* For batched input, the protocol setting can be overridden from the
#ifdef SUPPORT_TLS
if (tls_on_connect &&
- tls_server_start(tls_require_ciphers,
- gnutls_require_mac, gnutls_require_kx, gnutls_require_proto) != OK)
+ tls_server_start(tls_require_ciphers) != OK)
return FALSE;
#endif
if (where == ACL_WHERE_RCPT || where == ACL_WHERE_DATA || where == ACL_WHERE_MIME)
#endif
{
- sender_info = string_sprintf("F=<%s> ", (sender_address_unrewritten != NULL)?
- sender_address_unrewritten : sender_address);
+ sender_info = string_sprintf("F=<%s>%s%s%s%s ",
+ sender_address_unrewritten ? sender_address_unrewritten : sender_address,
+ sender_host_authenticated ? US" A=" : US"",
+ sender_host_authenticated ? sender_host_authenticated : US"",
+ sender_host_authenticated && authenticated_id ? US":" : US"",
+ sender_host_authenticated && authenticated_id ? authenticated_id : US""
+ );
}
/* If there's been a sender verification failure with a specific message, and
We must allow for an extra EHLO command and an extra AUTH command after
STARTTLS that don't add to the nonmail command count. */
- if ((rc = tls_server_start(tls_require_ciphers, gnutls_require_mac,
- gnutls_require_kx, gnutls_require_proto)) == OK)
+ if ((rc = tls_server_start(tls_require_ciphers)) == OK)
{
if (!tls_remember_esmtp)
helo_seen = esmtp = auth_advertised = pipelining_advertised = FALSE;