X-Git-Url: https://git.exim.org/exim.git/blobdiff_plain/37688315a566d2bfaeae040ee1cbaae3102efced..HEAD:/src/src/tls.c diff --git a/src/src/tls.c b/src/src/tls.c index 8f4344c6c..a1ae1abd1 100644 --- a/src/src/tls.c +++ b/src/src/tls.c @@ -2,7 +2,7 @@ * Exim - an Internet mail transport agent * *************************************************/ -/* Copyright (c) The Exim Maintainers 2020 - 2022 */ +/* Copyright (c) The Exim Maintainers 2020 - 2024 */ /* Copyright (c) University of Cambridge 1995 - 2018 */ /* See the file NOTICE for conditions of use and distribution. */ /* SPDX-License-Identifier: GPL-2.0-or-later */ @@ -40,13 +40,16 @@ functions from the OpenSSL or GNU TLS libraries. */ static void tls_per_lib_daemon_init(void); static void tls_per_lib_daemon_tick(void); static unsigned tls_server_creds_init(void); -static void tls_server_creds_invalidate(void); static void tls_client_creds_init(transport_instance *, BOOL); -static void tls_client_creds_invalidate(transport_instance *); static void tls_daemon_creds_reload(void); static BOOL opt_set_and_noexpand(const uschar *); static BOOL opt_unset_or_noexpand(const uschar *); +#if defined(EXIM_HAVE_INOTIFY) || defined(EXIM_HAVE_KEVENT) +static void tls_server_creds_invalidate(void); +static void tls_client_creds_invalidate(transport_instance *); +#endif + /* This module is compiled only when it is specifically requested in the @@ -105,7 +108,10 @@ expand_check(const uschar * s, const uschar * name, uschar ** result, uschar ** errstr) { if (!s) + { + f.expand_string_forcedfail = FALSE; *result = NULL; + } else if ( !(*result = expand_string(US s)) /* need to clean up const more */ && !f.expand_string_forcedfail ) @@ -321,7 +327,9 @@ tls_client_creds_reload(BOOL watch) for(transport_instance * t = transports; t; t = t->next) if (Ustrcmp(t->driver_name, "smtp") == 0) { +#if defined(EXIM_HAVE_INOTIFY) || defined(EXIM_HAVE_KEVENT) tls_client_creds_invalidate(t); +#endif tls_client_creds_init(t, watch); } } @@ -357,7 +365,9 @@ unsigned lifetime; tls_watch_invalidate(); #endif +#if defined(EXIM_HAVE_INOTIFY) || defined(EXIM_HAVE_KEVENT) tls_server_creds_invalidate(); +#endif /* _expire is for a time-limited selfsign server cert */ tls_creds_expire = (lifetime = tls_server_creds_init())