lines for the second and subsequent messages.
.new
When two or more messages are delivered down a single TLS connection, the
-TLS-related information logged for the first message delivered
-(which may not be the earliest line in the log)
+DNS and TLS-related information logged for the first message delivered
will not be present in the log lines for the second and subsequent messages.
+A TLS-marker indication of &'X=*'& is added to the log line instead of
+cipher information.
.wen
.cindex "delivery" "cutthrough; logging"
&`T `& on &`<=`& lines: message subject (topic)
&` `& on &`=>`& &`**`& and &`==`& lines: transport name
&`U `& local user or RFC 1413 identity
-&`X `& TLS cipher suite
+&`X `& TLS cipher suite, or TLS usage mark
.endd
the passed-on TCP connection. Instead, proxy the child (and any
subsequent ones) for TLS via a unix-domain socket channel. Logging is
affected: the continued delivery log lines do not have any DNSSEC, TLS
- cipher, Certificate or OCSP information.
+ cipher, Certificate or OCSP information. A "continued-TLS" marker is
+ added instead of the cipher information: "X=*".
JH/04 Shorten the log line for daemon startup by collapsing adjacent sets of
identical IP addresses on different listening ports. Will also affect
/* Cut out any "delete" items on the list. */
- for (rp = &(addr->retries); (r = *rp); rp = &r->next)
+ for (rp = &addr->retries; (r = *rp); rp = &r->next)
if (Ustrcmp(r->key, ptr+1) == 0) /* Found item with same key */
{
if ((r->flags & rf_delete) == 0) break; /* It was not "delete" */
/* We want to add a delete item only if there is no non-delete item;
however we still have to step ptr through the data. */
- if (!r || (*ptr & rf_delete) == 0)
+ if (!r || !(*ptr & rf_delete))
{
r = store_get(sizeof(retry_item));
r->next = addr->retries;
switch (subid)
{
case '1':
- addr->cipher = NULL;
- addr->peerdn = NULL;
-
- if (*ptr)
- addr->cipher = string_copy(ptr);
- while (*ptr++);
- if (*ptr)
- addr->peerdn = string_copy(ptr);
- break;
+ addr->cipher = NULL;
+ addr->peerdn = NULL;
+
+ if (*ptr)
+ addr->cipher = string_copy(ptr);
+ while (*ptr++);
+ if (*ptr)
+ addr->peerdn = string_copy(ptr);
+ break;
case '2':
- if (*ptr)
- (void) tls_import_cert(ptr, &addr->peercert);
- else
- addr->peercert = NULL;
- break;
+ if (*ptr)
+ (void) tls_import_cert(ptr, &addr->peercert);
+ else
+ addr->peercert = NULL;
+ break;
case '3':
- if (*ptr)
- (void) tls_import_cert(ptr, &addr->ourcert);
- else
- addr->ourcert = NULL;
- break;
+ if (*ptr)
+ (void) tls_import_cert(ptr, &addr->ourcert);
+ else
+ addr->ourcert = NULL;
+ break;
# ifndef DISABLE_OCSP
case '4':
- addr->ocsp = OCSP_NOT_REQ;
- if (*ptr)
- addr->ocsp = *ptr - '0';
- break;
+ addr->ocsp = *ptr ? *ptr - '0' : OCSP_NOT_REQ;
+ break;
# endif
}
while (*ptr++);
if (!addr->peerdn)
*ptr++ = 0;
else
- {
- ptr += sprintf(CS ptr, "%.512s", addr->peerdn);
- ptr++;
- }
+ ptr += sprintf(CS ptr, "%.512s", addr->peerdn) + 1;
rmt_dlv_checked_write(fd, 'X', '1', big_buffer, ptr - big_buffer);
}
+ else if (continue_proxy) /* known TLS, but no cipher info */
+ rmt_dlv_checked_write(fd, 'X', '1', US"*\0", 3);
+
if (addr->peercert)
{
ptr = big_buffer;
1999-03-02 09:44:33 Start queue run: pid=pppp -qqf
1999-03-02 09:44:33 10HmaX-0005vi-00 => userx@test.ex R=client T=send_to_server H=127.0.0.1 [127.0.0.1] X=TLS1.x:xxxxRSA_AES_256_CBC_SHAnnn:256 CV=no DN="C=UK,O=The Exim Maintainers,OU=Test Suite,CN=Phil Pennock" C="250 OK id=10HmbA-0005vi-00"
1999-03-02 09:44:33 10HmaX-0005vi-00 Completed
-1999-03-02 09:44:33 10HmaZ-0005vi-00 => userz@test.ex R=client T=send_to_server H=127.0.0.1 [127.0.0.1]* C="250 OK id=10HmbB-0005vi-00"
+1999-03-02 09:44:33 10HmaZ-0005vi-00 => userz@test.ex R=client T=send_to_server H=127.0.0.1 [127.0.0.1]* X=* CV=no C="250 OK id=10HmbB-0005vi-00"
1999-03-02 09:44:33 10HmaZ-0005vi-00 Completed
-1999-03-02 09:44:33 10HmaY-0005vi-00 => usery@test.ex R=client T=send_to_server H=127.0.0.1 [127.0.0.1]* C="250 OK id=10HmbC-0005vi-00"
+1999-03-02 09:44:33 10HmaY-0005vi-00 => usery@test.ex R=client T=send_to_server H=127.0.0.1 [127.0.0.1]* X=* CV=no C="250 OK id=10HmbC-0005vi-00"
1999-03-02 09:44:33 10HmaY-0005vi-00 Completed
1999-03-02 09:44:33 End queue run: pid=pppp -qqf
1999-03-02 09:44:33 Start queue run: pid=pppp -qqf
1999-03-02 09:44:33 10HmaX-0005vi-00 => userx@test.ex R=client T=send_to_server H=127.0.0.1 [127.0.0.1] X=TLSv1:AES256-SHA:256 CV=no DN="/C=UK/O=The Exim Maintainers/OU=Test Suite/CN=Phil Pennock" C="250 OK id=10HmbA-0005vi-00"
1999-03-02 09:44:33 10HmaX-0005vi-00 Completed
-1999-03-02 09:44:33 10HmaZ-0005vi-00 => userz@test.ex R=client T=send_to_server H=127.0.0.1 [127.0.0.1]* C="250 OK id=10HmbB-0005vi-00"
+1999-03-02 09:44:33 10HmaZ-0005vi-00 => userz@test.ex R=client T=send_to_server H=127.0.0.1 [127.0.0.1]* X=* CV=no C="250 OK id=10HmbB-0005vi-00"
1999-03-02 09:44:33 10HmaZ-0005vi-00 Completed
-1999-03-02 09:44:33 10HmaY-0005vi-00 => usery@test.ex R=client T=send_to_server H=127.0.0.1 [127.0.0.1]* C="250 OK id=10HmbC-0005vi-00"
+1999-03-02 09:44:33 10HmaY-0005vi-00 => usery@test.ex R=client T=send_to_server H=127.0.0.1 [127.0.0.1]* X=* CV=no C="250 OK id=10HmbC-0005vi-00"
1999-03-02 09:44:33 10HmaY-0005vi-00 Completed
1999-03-02 09:44:33 End queue run: pid=pppp -qqf
SMTP<< 250 OK id=10HmbB-0005vi-00
SMTP(close)>>
LOG: MAIN
- => userz@test.ex R=client T=send_to_server H=127.0.0.1 [127.0.0.1]* C="250 OK id=10HmbB-0005vi-00"
+ => userz@test.ex R=client T=send_to_server H=127.0.0.1 [127.0.0.1]* X=* CV=no C="250 OK id=10HmbB-0005vi-00"
LOG: MAIN
Completed
>>>>>>>>>>>>>>>> Exim pid=pppp terminating with rc=0 >>>>>>>>>>>>>>>>
SMTP(close)>>
>>>>>>>>>>>>>>>> Exim pid=pppp terminating with rc=0 >>>>>>>>>>>>>>>>
LOG: MAIN
- => usery@test.ex R=client T=send_to_server H=127.0.0.1 [127.0.0.1]* C="250 OK id=10HmbC-0005vi-00"
+ => usery@test.ex R=client T=send_to_server H=127.0.0.1 [127.0.0.1]* X=* CV=no C="250 OK id=10HmbC-0005vi-00"
LOG: MAIN
Completed
>>>>>>>>>>>>>>>> Exim pid=pppp terminating with rc=0 >>>>>>>>>>>>>>>>
SMTP<< 250 OK id=10HmbB-0005vi-00
SMTP(close)>>
LOG: MAIN
- => userz@test.ex R=client T=send_to_server H=127.0.0.1 [127.0.0.1]* C="250 OK id=10HmbB-0005vi-00"
+ => userz@test.ex R=client T=send_to_server H=127.0.0.1 [127.0.0.1]* X=* CV=no C="250 OK id=10HmbB-0005vi-00"
LOG: MAIN
Completed
>>>>>>>>>>>>>>>> Exim pid=pppp terminating with rc=0 >>>>>>>>>>>>>>>>
SMTP(close)>>
>>>>>>>>>>>>>>>> Exim pid=pppp terminating with rc=0 >>>>>>>>>>>>>>>>
LOG: MAIN
- => usery@test.ex R=client T=send_to_server H=127.0.0.1 [127.0.0.1]* C="250 OK id=10HmbC-0005vi-00"
+ => usery@test.ex R=client T=send_to_server H=127.0.0.1 [127.0.0.1]* X=* CV=no C="250 OK id=10HmbC-0005vi-00"
LOG: MAIN
Completed
>>>>>>>>>>>>>>>> Exim pid=pppp terminating with rc=0 >>>>>>>>>>>>>>>>
git://git.exim.org / exim.git / commitdiff