{
if (host->port != PORT_NONE)
{
- HDEBUG(D_transport|D_acl|D_v)
+ HDEBUG(D_transport|D_acl|D_v) if (port != host->port)
debug_printf_indent("Transport port=%d replaced by host-specific port=%d\n", port,
host->port);
port = host->port;
if (tls_out.sni)
{
- argv[i++] = tls_out.dane_verified ? US"-MCr" : US"-MCs";
+ argv[i++] =
+#ifdef SUPPORT_DANE
+ tls_out.dane_verified ? US"-MCr" :
+#endif
+ US"-MCs";
argv[i++] = tls_out.sni;
}
}
}
#endif
-#ifdef SUPPORT_DANE
/* If we have a proxied TLS connection, check usability for this message */
if (continue_hostname && continue_proxy_cipher)
int rc;
const uschar * sni = US"";
+#ifdef SUPPORT_DANE
/* Check if the message will be DANE-verified; if so force its SNI */
+ tls_out.dane_verified = FALSE;
smtp_port_for_connect(sx->conn_args.host, sx->port);
if ( sx->conn_args.host->dnssec == DS_YES
&& ( sx->dane_required
# endif
return rc;
}
+#endif
- /* If the SNI required for the new message differs from the existing conn
- drop the connection to force a new one. */
+ /* If the SNI or the DANE status required for the new message differs from the
+ existing conn drop the connection to force a new one. */
if (ob->tls_sni && !(sni = expand_cstring(ob->tls_sni)))
log_write(0, LOG_MAIN|LOG_PANIC,
"<%s>: failed to expand transport's tls_sni value: %s",
sx->addrlist->address, expand_string_message);
+#ifdef SUPPORT_DANE
if ( (continue_proxy_sni ? (Ustrcmp(continue_proxy_sni, sni) == 0) : !*sni)
&& continue_proxy_dane == sx->conn_args.dane)
{
if ((tls_out.dane_verified = continue_proxy_dane))
sx->conn_args.host->dnssec = DS_YES;
}
+#else
+ if ((continue_proxy_sni ? (Ustrcmp(continue_proxy_sni, sni) == 0) : !*sni))
+ tls_out.sni = US sni;
+#endif
else
{
DEBUG(D_transport)
HDEBUG(D_transport|D_acl|D_v) debug_printf_indent(" SMTP>> QUIT\n");
write(0, "QUIT\r\n", 6);
close(0);
- tls_out.dane_verified = FALSE;
continue_hostname = continue_proxy_cipher = NULL;
f.continue_more = FALSE;
continue_sequence = 1; /* Unfortunately, this process cannot affect success log
back through reporting pipe. */
}
}
-#endif
/* Make a connection to the host if this isn't a continued delivery, and handle
trusted user
admin user
dropping to exim gid; retaining priv uid
-Transport port=1225 replaced by host-specific port=1225
SMTP>> MAIL FROM:<CALLER@myhost.test.ex> SIZE=ssss
SMTP>> RCPT TO:<userz@test.ex>
SMTP>> DATA
trusted user
admin user
dropping to exim gid; retaining priv uid
-Transport port=1225 replaced by host-specific port=1225
SMTP>> MAIL FROM:<CALLER@myhost.test.ex> SIZE=ssss
SMTP>> RCPT TO:<usery@test.ex>
SMTP>> DATA
trusted user
admin user
dropping to exim gid; retaining priv uid
-Transport port=1225 replaced by host-specific port=1225
SMTP>> MAIL FROM:<CALLER@myhost.test.ex> SIZE=ssss
SMTP>> RCPT TO:<userc@test.ex>
SMTP>> DATA
trusted user
admin user
dropping to exim gid; retaining priv uid
-Transport port=1225 replaced by host-specific port=1225
SMTP>> MAIL FROM:<CALLER@myhost.test.ex> SIZE=ssss
SMTP>> RCPT TO:<userb@test.ex>
SMTP>> DATA
trusted user
admin user
dropping to exim gid; retaining priv uid
-Transport port=1225 replaced by host-specific port=1225
SMTP>> MAIL FROM:<CALLER@myhost.test.ex> SIZE=ssss
SMTP>> RCPT TO:<userz@test.ex>
SMTP>> DATA
trusted user
admin user
dropping to exim gid; retaining priv uid
-Transport port=1225 replaced by host-specific port=1225
SMTP>> MAIL FROM:<CALLER@myhost.test.ex> SIZE=ssss
SMTP>> RCPT TO:<usery@test.ex>
SMTP>> DATA
trusted user
admin user
dropping to exim gid; retaining priv uid
-Transport port=1225 replaced by host-specific port=1225
SMTP>> MAIL FROM:<CALLER@myhost.test.ex> SIZE=ssss
SMTP>> RCPT TO:<userc@test.ex>
SMTP>> DATA
trusted user
admin user
dropping to exim gid; retaining priv uid
-Transport port=1225 replaced by host-specific port=1225
SMTP>> MAIL FROM:<CALLER@myhost.test.ex> SIZE=ssss
SMTP>> RCPT TO:<userb@test.ex>
SMTP>> DATA
127.0.0.1 [127.0.0.1]:1111 retry-status = usable
delivering 10HmaX-0005vi-00 to 127.0.0.1 [127.0.0.1] (userb@test.ex)
Transport port=25 replaced by host-specific port=1225
-Transport port=25 replaced by host-specific port=1225
continued connection, proxied TLS
SMTP>> DATA
cmd buf flush ddd bytes
git://git.exim.org / exim.git / commitdiff