git://git.exim.org / exim.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | combined (merge: 05ec18d 2c9a0e8)
BUGFIX: forced-fail smtp option tls_sni would dereference NULL
authorPhil Pennock <pdp@exim.org>
Wed, 6 Jun 2012 23:51:44 +0000 (19:51 -0400)
committerPhil Pennock <pdp@exim.org>
Wed, 6 Jun 2012 23:51:44 +0000 (19:51 -0400)
1  2 
doc/doc-txt/ChangeLog patch | diff1 | diff2 | blob | history
src/src/tls-openssl.c patch | diff1 | diff2 | blob | history

diff --cc doc/doc-txt/ChangeLog
index 71d239288b808422aa6bb71805a10602d9a29e57,6c0554b5afc66ae78dd279bcd94eb8773c29557a..66fb1ca322f4fe27110aa28a947b5d4236671b71
--- 1/doc/doc-txt/ChangeLog
--- 2/doc/doc-txt/ChangeLog
+++ b/doc/doc-txt/ChangeLog
@@@ -1,42 -1,6 +1,45 @@@
  Change log file for Exim from version 4.21
  -------------------------------------------
  
 +Exim version 4.81
 +-----------------
 +
 +PP/01 Add -bI: framework, and -bI:sieve for querying sieve capabilities.
 +
 +PP/02 Make -n do something, by making it not do something.
 +      When combined with -bP, the name of an option is not output.
 +
 +PP/03 Added tls_dh_min_bits SMTP transport driver option, only honoured
 +      by GnuTLS.
 +
 +PP/04 First step towards DNSSEC, provide $sender_host_dnssec for
 +      $sender_host_name and config options to manage this, and basic check
 +      routines.
 +
 +PP/05 DSCP support for outbound connections and control modifier for inbound.
 +
 +PP/06 Cyrus SASL: set local and remote IP;port properties for driver.
 +      (Only plugin which currently uses this is kerberos4, which nobody should
 +      be using, but we should make it available and other future plugins might
 +      conceivably use it, even though it would break NAT; stuff *should* be
 +      using channel bindings instead).
 +
 +PP/07 Handle "exim -L <tag>" to indicate to use syslog with tag as the process
 +      name; added for Sendmail compatibility; requires admin caller.
 +      Handle -G as equivalent to "control = suppress_local_fixups" (we used to
 +      just ignore it); requires trusted caller.
 +      Also parse but ignore: -Ac -Am -X<logfile>
 +      Bugzilla 1117.
 +
 +TL/01 Bugzilla 1258 - Refactor MAIL FROM optional args processing.
 +
 +JH/01 Bugzilla 1201 & 304 - New cutthrough-delivery feature, with TLS support.
 +
 +JH/02 Support "G" suffix to numbers in ${if comparisons.
 +
++PP/08 Handle smtp transport tls_sni option forced-fail for OpenSSL.
++
++
  Exim version 4.80
  -----------------
  
diff --cc src/src/tls-openssl.c
index a8a62fe8cbbc2ad7e263abe9342f7a9c585af0ee,17cc72133daf5e1afd9f2aed0678c59d37a52eb2..64aa689fb74ab727a0cee93b0c1538d720afb645
--- 1/src/src/tls-openssl.c
--- 2/src/src/tls-openssl.c
+++ b/src/src/tls-openssl.c
@@@ -1336,10 -1287,14 +1336,14 @@@ SSL_set_connect_state(client_ssl)
  
  if (sni)
    {
 -  if (!expand_check(sni, US"tls_sni", &tls_sni))
 +  if (!expand_check(sni, US"tls_sni", &tls_out.sni))
      return FAIL;
-   if (!Ustrlen(tls_out.sni))
 -  if (tls_sni == NULL)
++  if (tls_out.sni == NULL)
+     {
+     DEBUG(D_tls) debug_printf("Setting TLS SNI forced to fail, not sending\n");
+     }
 -  else if (!Ustrlen(tls_sni))
 -    tls_sni = NULL;
++  else if (!Ustrlen(tls_out.sni))
 +    tls_out.sni = NULL;
    else
      {
  #ifdef EXIM_HAVE_OPENSSL_TLSEXT
Master Exim source repository