Fix use of empty log_reject_target. Bug 3039

Broken-by: 4243a209fd94

diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog
index 2ea8caf23b95b232cfbfe540ea28b5fe9124452d..c74c0c0c6bbb6be11d0a7c44d68cfc2f439b01ae 100644 (file)
--- a/doc/doc-txt/ChangeLog
+++ b/doc/doc-txt/ChangeLog
@@ -16,10 +16,15 @@ JH/02 Bug 3040: Handle error on close of the spool data file during reception.
       this to respond with a temp-reject, wipe spoolfiles, and log the error
       detail.
 
-JH/03 Bug 3030: fix handling of DNS servfail respons for DANE TLSA.  When hit
+JH/03 Bug 3030: Fix handling of DNS servfail respons for DANE TLSA.  When hit
       during a recipient verify callout, a QUIT command was attempted on the
       now-closed callout channel, causing a paniclog entry.
 
+JH/04 Bug 3039: Fix handling of of an empty log_reject_target, with
+      a connection_reject log_selector, under tls_on_connect.  Previously
+      with this combination, when the connect ACL rejected, a spurious
+      paniclog entry was made.
+
 
 Exim version 4.97
 -----------------

diff --git a/src/src/smtp_in.c b/src/src/smtp_in.c
index c565d522d9a27779a85ae73695ee3937fc2b1d2d..e19c86ff87145062554df64c0d473d09f66a461b 100644 (file)
--- a/src/src/smtp_in.c
+++ b/src/src/smtp_in.c
@@ -2051,16 +2051,19 @@ else DEBUG(D_receive)
 static void
 log_connect_tls_drop(const uschar * what, const uschar * log_msg)
 {
-gstring * g = s_tlslog(NULL);
-uschar * tls = string_from_gstring(g);
-
-log_write(L_connection_reject,
-  log_reject_target, "%s%s%s dropped by %s%s%s",
-  LOGGING(dnssec) && sender_host_dnssec ? US" DS" : US"",
-  host_and_ident(TRUE),
-  tls ? tls : US"",
-  what,
-  log_msg ? US": " : US"", log_msg);
+if (log_reject_target)
+  {
+  gstring * g = s_tlslog(NULL);
+  uschar * tls = string_from_gstring(g);
+
+  log_write(L_connection_reject,
+    log_reject_target, "%s%s%s dropped by %s%s%s",
+    LOGGING(dnssec) && sender_host_dnssec ? US" DS" : US"",
+    host_and_ident(TRUE),
+    tls ? tls : US"",
+    what,
+    log_msg ? US": " : US"", log_msg);
+  }
 }
 
 
@@ -3085,7 +3088,7 @@ else
 the connection is not forcibly to be dropped, return 0. Otherwise, log why it
 is closing if required and return 2.  */
 
-if (log_reject_target != 0)
+if (log_reject_target)
   {
 #ifndef DISABLE_TLS
   gstring * g = s_tlslog(NULL);

diff --git a/test/confs/1115 b/test/confs/1115
new file mode 100644 (file)
index 0000000..c6247a4
--- /dev/null
+++ b/test/confs/1115
@@ -0,0 +1,24 @@
+# Exim test configuration 1115
+
+SERVER=
+
+.include DIR/aux-var/std_conf_prefix
+
+primary_hostname = myhost.test.ex
+
+# ----- Main settings -----
+
+tls_on_connect_ports = PORT_D2
+
+acl_smtp_connect = check_conn
+
+log_selector = +connection_reject
+
+# ----- ACLs -----
+
+begin acl
+
+check_conn:
+  deny log_reject_target =
+
+# End

diff --git a/test/log/1115 b/test/log/1115
new file mode 100644 (file)
index 0000000..d09da31
--- /dev/null
+++ b/test/log/1115
@@ -0,0 +1,3 @@
+
+******** SERVER ********
+1999-03-02 09:44:33 exim x.yz daemon started: pid=p1234, no queue runs, listening for SMTPS on port PORT_D2

diff --git a/test/scripts/1100-Basic-TLS/1115 b/test/scripts/1100-Basic-TLS/1115
new file mode 100644 (file)
index 0000000..fe53cb1
--- /dev/null
+++ b/test/scripts/1100-Basic-TLS/1115
@@ -0,0 +1,7 @@
+# server: tls_on_connect and log_reject_target empty
+exim -bd -DSERVER=server -oX PORT_D2
+****
+client-anytls -tls-on-connect 127.0.0.1 PORT_D2
+???*
+****
+killdaemon

diff --git a/test/stdout/1115 b/test/stdout/1115
new file mode 100644 (file)
index 0000000..43eac05
--- /dev/null
+++ b/test/stdout/1115
@@ -0,0 +1,6 @@
+Connecting to 127.0.0.1 port 1226 ... connected
+Attempting to start TLS
+Failed to start TLS
+???*
+Expected EOF read
+End of script