git://git.exim.org
/
users
/
heiko
/
exim.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
|
inline
| side by side (from parent 1:
b605489
)
Fix non-DANE build
author
Jeremy Harris
<jgh146exb@wizmail.org>
Wed, 26 Aug 2020 22:59:28 +0000
(23:59 +0100)
committer
Jeremy Harris
<jgh146exb@wizmail.org>
Thu, 27 Aug 2020 10:18:14 +0000
(11:18 +0100)
src/src/smtp_out.c
patch
|
blob
|
history
src/src/transport.c
patch
|
blob
|
history
src/src/transports/smtp.c
patch
|
blob
|
history
test/stderr/2013
patch
|
blob
|
history
test/stderr/2113
patch
|
blob
|
history
test/stderr/2135
patch
|
blob
|
history
diff --git
a/src/src/smtp_out.c
b/src/src/smtp_out.c
index 86c3e412775cc53d3feed2f5112864257af69d13..c4c409677689f5ffaa74b55721640997fe72cc83 100644
(file)
--- a/
src/src/smtp_out.c
+++ b/
src/src/smtp_out.c
@@
-375,7
+375,7
@@
smtp_port_for_connect(host_item * host, int port)
{
if (host->port != PORT_NONE)
{
{
if (host->port != PORT_NONE)
{
- HDEBUG(D_transport|D_acl|D_v)
+ HDEBUG(D_transport|D_acl|D_v)
if (port != host->port)
debug_printf_indent("Transport port=%d replaced by host-specific port=%d\n", port,
host->port);
port = host->port;
debug_printf_indent("Transport port=%d replaced by host-specific port=%d\n", port,
host->port);
port = host->port;
diff --git
a/src/src/transport.c
b/src/src/transport.c
index fd8da0f08c74386941dc2c51dc9ef885effb12a5..c2062e6331138be04a0bd97b5603e0280db4a742 100644
(file)
--- a/
src/src/transport.c
+++ b/
src/src/transport.c
@@
-1901,7
+1901,11
@@
if (smtp_peer_options & OPTION_TLS)
if (tls_out.sni)
{
if (tls_out.sni)
{
- argv[i++] = tls_out.dane_verified ? US"-MCr" : US"-MCs";
+ argv[i++] =
+#ifdef SUPPORT_DANE
+ tls_out.dane_verified ? US"-MCr" :
+#endif
+ US"-MCs";
argv[i++] = tls_out.sni;
}
}
argv[i++] = tls_out.sni;
}
}
diff --git
a/src/src/transports/smtp.c
b/src/src/transports/smtp.c
index dfc1c767c1aea7e5731c0e88c1a69230d302273b..dcff355e12abb78d8d51b1d75f570d7f2403601e 100644
(file)
--- a/
src/src/transports/smtp.c
+++ b/
src/src/transports/smtp.c
@@
-1989,8
+1989,6
@@
if (sx->smtps)
}
#endif
}
#endif
-#ifdef SUPPORT_DANE
-/*XXX new */
/* If we have a proxied TLS connection, check usability for this message */
if (continue_hostname && continue_proxy_cipher)
/* If we have a proxied TLS connection, check usability for this message */
if (continue_hostname && continue_proxy_cipher)
@@
-1998,8
+1996,10
@@
if (continue_hostname && continue_proxy_cipher)
int rc;
const uschar * sni = US"";
int rc;
const uschar * sni = US"";
+#ifdef SUPPORT_DANE
/* Check if the message will be DANE-verified; if so force its SNI */
/* Check if the message will be DANE-verified; if so force its SNI */
+ tls_out.dane_verified = FALSE;
smtp_port_for_connect(sx->conn_args.host, sx->port);
if ( sx->conn_args.host->dnssec == DS_YES
&& ( sx->dane_required
smtp_port_for_connect(sx->conn_args.host, sx->port);
if ( sx->conn_args.host->dnssec == DS_YES
&& ( sx->dane_required
@@
-2023,15
+2023,17
@@
if (continue_hostname && continue_proxy_cipher)
# endif
return rc;
}
# endif
return rc;
}
+#endif
- /* If the SNI
required for the new message differs from the existing conn
- drop the connection to force a new one. */
+ /* If the SNI
or the DANE status required for the new message differs from the
+
existing conn
drop the connection to force a new one. */
if (ob->tls_sni && !(sni = expand_cstring(ob->tls_sni)))
log_write(0, LOG_MAIN|LOG_PANIC,
"<%s>: failed to expand transport's tls_sni value: %s",
sx->addrlist->address, expand_string_message);
if (ob->tls_sni && !(sni = expand_cstring(ob->tls_sni)))
log_write(0, LOG_MAIN|LOG_PANIC,
"<%s>: failed to expand transport's tls_sni value: %s",
sx->addrlist->address, expand_string_message);
+#ifdef SUPPORT_DANE
if ( (continue_proxy_sni ? (Ustrcmp(continue_proxy_sni, sni) == 0) : !*sni)
&& continue_proxy_dane == sx->conn_args.dane)
{
if ( (continue_proxy_sni ? (Ustrcmp(continue_proxy_sni, sni) == 0) : !*sni)
&& continue_proxy_dane == sx->conn_args.dane)
{
@@
-2039,6
+2041,10
@@
if (continue_hostname && continue_proxy_cipher)
if ((tls_out.dane_verified = continue_proxy_dane))
sx->conn_args.host->dnssec = DS_YES;
}
if ((tls_out.dane_verified = continue_proxy_dane))
sx->conn_args.host->dnssec = DS_YES;
}
+#else
+ if ((continue_proxy_sni ? (Ustrcmp(continue_proxy_sni, sni) == 0) : !*sni))
+ tls_out.sni = US sni;
+#endif
else
{
DEBUG(D_transport)
else
{
DEBUG(D_transport)
@@
-2047,7
+2053,6
@@
if (continue_hostname && continue_proxy_cipher)
HDEBUG(D_transport|D_acl|D_v) debug_printf_indent(" SMTP>> QUIT\n");
write(0, "QUIT\r\n", 6);
close(0);
HDEBUG(D_transport|D_acl|D_v) debug_printf_indent(" SMTP>> QUIT\n");
write(0, "QUIT\r\n", 6);
close(0);
- tls_out.dane_verified = FALSE;
continue_hostname = continue_proxy_cipher = NULL;
f.continue_more = FALSE;
continue_sequence = 1; /* Unfortunately, this process cannot affect success log
continue_hostname = continue_proxy_cipher = NULL;
f.continue_more = FALSE;
continue_sequence = 1; /* Unfortunately, this process cannot affect success log
@@
-2055,7
+2060,6
@@
if (continue_hostname && continue_proxy_cipher)
back through reporting pipe. */
}
}
back through reporting pipe. */
}
}
-#endif
/* Make a connection to the host if this isn't a continued delivery, and handle
/* Make a connection to the host if this isn't a continued delivery, and handle
@@
-4251,16
+4255,6
@@
connection to a new process. However, not all servers can handle this (Exim
can), so we do not pass such a connection on if the host matches
hosts_nopass_tls. */
can), so we do not pass such a connection on if the host matches
hosts_nopass_tls. */
-/*XXX do we have to veto all passing of DANE'd connections?
-Can we be any more intelligent?
-
-I could see that unpleasantly impacting high-vol mailinglist.
-Where many messages are queued for a single dest MX.
-
-But the wait-DB used by transport_check_waiting only records hosts, not domains.
-So we cannot look for a domain mismatch.
-*/
-
DEBUG(D_transport)
debug_printf("ok=%d send_quit=%d send_rset=%d continue_more=%d "
"yield=%d first_address is %sNULL\n", sx->ok, sx->send_quit,
DEBUG(D_transport)
debug_printf("ok=%d send_quit=%d send_rset=%d continue_more=%d "
"yield=%d first_address is %sNULL\n", sx->ok, sx->send_quit,
diff --git
a/test/stderr/2013
b/test/stderr/2013
index 682b53efc95440798b4ad5a8068472b8430cab5c..f3c5421e3ed06630da7550441bffeab71def9b58 100644
(file)
--- a/
test/stderr/2013
+++ b/
test/stderr/2013
@@
-45,7
+45,6
@@
configuration file is TESTSUITE/test-config
trusted user
admin user
dropping to exim gid; retaining priv uid
trusted user
admin user
dropping to exim gid; retaining priv uid
-Transport port=1225 replaced by host-specific port=1225
SMTP>> MAIL FROM:<CALLER@myhost.test.ex> SIZE=ssss
SMTP>> RCPT TO:<userz@test.ex>
SMTP>> DATA
SMTP>> MAIL FROM:<CALLER@myhost.test.ex> SIZE=ssss
SMTP>> RCPT TO:<userz@test.ex>
SMTP>> DATA
@@
-65,7
+64,6
@@
configuration file is TESTSUITE/test-config
trusted user
admin user
dropping to exim gid; retaining priv uid
trusted user
admin user
dropping to exim gid; retaining priv uid
-Transport port=1225 replaced by host-specific port=1225
SMTP>> MAIL FROM:<CALLER@myhost.test.ex> SIZE=ssss
SMTP>> RCPT TO:<usery@test.ex>
SMTP>> DATA
SMTP>> MAIL FROM:<CALLER@myhost.test.ex> SIZE=ssss
SMTP>> RCPT TO:<usery@test.ex>
SMTP>> DATA
@@
-133,7
+131,6
@@
configuration file is TESTSUITE/test-config
trusted user
admin user
dropping to exim gid; retaining priv uid
trusted user
admin user
dropping to exim gid; retaining priv uid
-Transport port=1225 replaced by host-specific port=1225
SMTP>> MAIL FROM:<CALLER@myhost.test.ex> SIZE=ssss
SMTP>> RCPT TO:<userc@test.ex>
SMTP>> DATA
SMTP>> MAIL FROM:<CALLER@myhost.test.ex> SIZE=ssss
SMTP>> RCPT TO:<userc@test.ex>
SMTP>> DATA
@@
-153,7
+150,6
@@
configuration file is TESTSUITE/test-config
trusted user
admin user
dropping to exim gid; retaining priv uid
trusted user
admin user
dropping to exim gid; retaining priv uid
-Transport port=1225 replaced by host-specific port=1225
SMTP>> MAIL FROM:<CALLER@myhost.test.ex> SIZE=ssss
SMTP>> RCPT TO:<userb@test.ex>
SMTP>> DATA
SMTP>> MAIL FROM:<CALLER@myhost.test.ex> SIZE=ssss
SMTP>> RCPT TO:<userb@test.ex>
SMTP>> DATA
diff --git
a/test/stderr/2113
b/test/stderr/2113
index 6ccdea8c7f54072fbbfbda34aaac3b7800f63576..9541b65a25ae9b945cdb6fe84c23838137818552 100644
(file)
--- a/
test/stderr/2113
+++ b/
test/stderr/2113
@@
-45,7
+45,6
@@
configuration file is TESTSUITE/test-config
trusted user
admin user
dropping to exim gid; retaining priv uid
trusted user
admin user
dropping to exim gid; retaining priv uid
-Transport port=1225 replaced by host-specific port=1225
SMTP>> MAIL FROM:<CALLER@myhost.test.ex> SIZE=ssss
SMTP>> RCPT TO:<userz@test.ex>
SMTP>> DATA
SMTP>> MAIL FROM:<CALLER@myhost.test.ex> SIZE=ssss
SMTP>> RCPT TO:<userz@test.ex>
SMTP>> DATA
@@
-65,7
+64,6
@@
configuration file is TESTSUITE/test-config
trusted user
admin user
dropping to exim gid; retaining priv uid
trusted user
admin user
dropping to exim gid; retaining priv uid
-Transport port=1225 replaced by host-specific port=1225
SMTP>> MAIL FROM:<CALLER@myhost.test.ex> SIZE=ssss
SMTP>> RCPT TO:<usery@test.ex>
SMTP>> DATA
SMTP>> MAIL FROM:<CALLER@myhost.test.ex> SIZE=ssss
SMTP>> RCPT TO:<usery@test.ex>
SMTP>> DATA
@@
-133,7
+131,6
@@
configuration file is TESTSUITE/test-config
trusted user
admin user
dropping to exim gid; retaining priv uid
trusted user
admin user
dropping to exim gid; retaining priv uid
-Transport port=1225 replaced by host-specific port=1225
SMTP>> MAIL FROM:<CALLER@myhost.test.ex> SIZE=ssss
SMTP>> RCPT TO:<userc@test.ex>
SMTP>> DATA
SMTP>> MAIL FROM:<CALLER@myhost.test.ex> SIZE=ssss
SMTP>> RCPT TO:<userc@test.ex>
SMTP>> DATA
@@
-153,7
+150,6
@@
configuration file is TESTSUITE/test-config
trusted user
admin user
dropping to exim gid; retaining priv uid
trusted user
admin user
dropping to exim gid; retaining priv uid
-Transport port=1225 replaced by host-specific port=1225
SMTP>> MAIL FROM:<CALLER@myhost.test.ex> SIZE=ssss
SMTP>> RCPT TO:<userb@test.ex>
SMTP>> DATA
SMTP>> MAIL FROM:<CALLER@myhost.test.ex> SIZE=ssss
SMTP>> RCPT TO:<userb@test.ex>
SMTP>> DATA
diff --git
a/test/stderr/2135
b/test/stderr/2135
index 7187d0d3e08caac50b9da82ff195a1e928a93ce5..70759060ff813b6a7a4be245fb3ee6b9a0e800eb 100644
(file)
--- a/
test/stderr/2135
+++ b/
test/stderr/2135
@@
-54,7
+54,6
@@
checking status of 127.0.0.1
127.0.0.1 [127.0.0.1]:1111 retry-status = usable
delivering 10HmaX-0005vi-00 to 127.0.0.1 [127.0.0.1] (userb@test.ex)
Transport port=25 replaced by host-specific port=1225
127.0.0.1 [127.0.0.1]:1111 retry-status = usable
delivering 10HmaX-0005vi-00 to 127.0.0.1 [127.0.0.1] (userb@test.ex)
Transport port=25 replaced by host-specific port=1225
-Transport port=25 replaced by host-specific port=1225
continued connection, proxied TLS
SMTP>> DATA
cmd buf flush ddd bytes
continued connection, proxied TLS
SMTP>> DATA
cmd buf flush ddd bytes