OpenSSL: in server, detect TCP RST from client after QUIT under SSL,

[users/jgh/exim.git] / src / src / tls-openssl.c

diff --git a/src/src/tls-openssl.c b/src/src/tls-openssl.c
index 525afd65078dd66f6b321dc89ae7700d5acad2cd..64f60b7e4c86e09380afea24a3597ceadf709f7f 100644 (file)
--- a/src/src/tls-openssl.c
+++ b/src/src/tls-openssl.c
@@ -496,7 +496,6 @@ RSA *rsa_key;
 BIGNUM *bn = BN_new();
 #endif
 
-export = export;     /* Shut picky compilers up */
 DEBUG(D_tls) debug_printf("Generating %d bit RSA key...\n", keylength);
 
 #ifdef EXIM_HAVE_RSA_GENKEY_EX
@@ -3674,7 +3673,7 @@ context for the stashed information. */
 a store reset there, so use POOL_PERM. */
 /* + if CHUNKING, cmds EHLO,MAIL,RCPT(s),BDAT */
 
-if ((more || corked))
+if (more || corked)
   {
   if (!len) buff = US &error;  /* dummy just so that string_catn is ok */
 
@@ -3723,9 +3722,16 @@ for (int left = len; left > 0;)
       return -1;
 
     case SSL_ERROR_SYSCALL:
-      log_write(0, LOG_MAIN, "SSL_write: (from %s) syscall: %s",
-       sender_fullhost ? sender_fullhost : US"<unknown>",
-       strerror(errno));
+      if (ct_ctx || errno != ECONNRESET || !f.smtp_in_quit)
+       log_write(0, LOG_MAIN, "SSL_write: (from %s) syscall: %s",
+         sender_fullhost ? sender_fullhost : US"<unknown>",
+         strerror(errno));
+      else if (LOGGING(protocol_detail))
+       log_write(0, LOG_MAIN, "[%s] after QUIT, client reset TCP before"
+         " SMTP response and TLS close\n", sender_host_address);
+      else
+       DEBUG(D_tls) debug_printf("[%s] SSL_write: after QUIT,"
+         " client reset TCP before TLS close\n", sender_host_address);
       return -1;
 
     default: