From: Phil Pennock Date: Wed, 6 Jun 2012 23:51:44 +0000 (-0400) Subject: BUGFIX: forced-fail smtp option tls_sni would dereference NULL X-Git-Tag: exim-4_81_RC1~60 X-Git-Url: https://git.exim.org/exim.git/commitdiff_plain/ec4b68e5d820109e5954329013a911d4032bc4dc BUGFIX: forced-fail smtp option tls_sni would dereference NULL --- ec4b68e5d820109e5954329013a911d4032bc4dc diff --cc doc/doc-txt/ChangeLog index 71d239288,6c0554b5a..66fb1ca32 --- a/doc/doc-txt/ChangeLog +++ b/doc/doc-txt/ChangeLog @@@ -1,42 -1,6 +1,45 @@@ Change log file for Exim from version 4.21 ------------------------------------------- +Exim version 4.81 +----------------- + +PP/01 Add -bI: framework, and -bI:sieve for querying sieve capabilities. + +PP/02 Make -n do something, by making it not do something. + When combined with -bP, the name of an option is not output. + +PP/03 Added tls_dh_min_bits SMTP transport driver option, only honoured + by GnuTLS. + +PP/04 First step towards DNSSEC, provide $sender_host_dnssec for + $sender_host_name and config options to manage this, and basic check + routines. + +PP/05 DSCP support for outbound connections and control modifier for inbound. + +PP/06 Cyrus SASL: set local and remote IP;port properties for driver. + (Only plugin which currently uses this is kerberos4, which nobody should + be using, but we should make it available and other future plugins might + conceivably use it, even though it would break NAT; stuff *should* be + using channel bindings instead). + +PP/07 Handle "exim -L " to indicate to use syslog with tag as the process + name; added for Sendmail compatibility; requires admin caller. + Handle -G as equivalent to "control = suppress_local_fixups" (we used to + just ignore it); requires trusted caller. + Also parse but ignore: -Ac -Am -X + Bugzilla 1117. + +TL/01 Bugzilla 1258 - Refactor MAIL FROM optional args processing. + +JH/01 Bugzilla 1201 & 304 - New cutthrough-delivery feature, with TLS support. + +JH/02 Support "G" suffix to numbers in ${if comparisons. + ++PP/08 Handle smtp transport tls_sni option forced-fail for OpenSSL. ++ ++ Exim version 4.80 ----------------- diff --cc src/src/tls-openssl.c index a8a62fe8c,17cc72133..64aa689fb --- a/src/src/tls-openssl.c +++ b/src/src/tls-openssl.c @@@ -1336,10 -1287,14 +1336,14 @@@ SSL_set_connect_state(client_ssl) if (sni) { - if (!expand_check(sni, US"tls_sni", &tls_sni)) + if (!expand_check(sni, US"tls_sni", &tls_out.sni)) return FAIL; - if (!Ustrlen(tls_out.sni)) - if (tls_sni == NULL) ++ if (tls_out.sni == NULL) + { + DEBUG(D_tls) debug_printf("Setting TLS SNI forced to fail, not sending\n"); + } - else if (!Ustrlen(tls_sni)) - tls_sni = NULL; ++ else if (!Ustrlen(tls_out.sni)) + tls_out.sni = NULL; else { #ifdef EXIM_HAVE_OPENSSL_TLSEXT