DANE: treat a TLSA response having only non-TLSA records the same as a no-match response

author Jeremy Harris <jgh146exb@wizmail.org>

Wed, 3 Aug 2016 10:32:32 +0000 (11:32 +0100)

committer Jeremy Harris <jgh146exb@wizmail.org>

Wed, 3 Aug 2016 11:49:45 +0000 (12:49 +0100)
author Jeremy Harris <jgh146exb@wizmail.org>
Wed, 3 Aug 2016 10:32:32 +0000 (11:32 +0100)
committer Jeremy Harris <jgh146exb@wizmail.org>
Wed, 3 Aug 2016 11:49:45 +0000 (12:49 +0100)
diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog

index e1471b627950b03da265cd0f511ae38d99278cec..d99370a7e8a3497e31d688c5270a95caf5141484 100644 (file)
--- a/doc/doc-txt/ChangeLog
+++ b/doc/doc-txt/ChangeLog
@@ -61,6 +61,10 @@ JH/14 Fix logging of errors under PIPELINING.  Previously the log line giving
  JH/15 Fix counting of empty lines in $body_linecount and $message_linecount.
        Previously they were not counted.
  
+JH/16 DANE: treat a TLSA lookup response having all non-TLSA RRs, the same
+      as one having no matching records.  Previously we deferred the message
+      that needed the lookup.
+
  
  Exim version 4.87
  -----------------
diff --git a/src/src/transports/smtp.c b/src/src/transports/smtp.c

index c84323c17141f9729893709ac0e0233c29044dbb..bbfef0632a61181905de5113a62e4770aa67ebe7 100644 (file)
--- a/src/src/transports/smtp.c
+++ b/src/src/transports/smtp.c
@@ -1217,7 +1217,8 @@ switch (dns_lookup(dnsa, buffer, T_TLSA, &fullname))
    case DNS_AGAIN:
      return DEFER; /* just defer this TLS'd conn */
  
-  case DNS_NOMATCH:
+  case DNS_NODATA:     /* no TLSA RR for this lookup */
+  case DNS_NOMATCH:    /* no records at all for this lookup */
      return dane_required ? FAIL : FAIL_FORCED;
  
    default:
author	Jeremy Harris <jgh146exb@wizmail.org>
	Wed, 3 Aug 2016 10:32:32 +0000 (11:32 +0100)
committer	Jeremy Harris <jgh146exb@wizmail.org>
	Wed, 3 Aug 2016 11:49:45 +0000 (12:49 +0100)
doc/doc-txt/ChangeLog		patch \| blob \| history
src/src/transports/smtp.c		patch \| blob \| history