From: Jeremy Harris Date: Sat, 31 May 2014 14:36:13 +0000 (+0100) Subject: Support service names for tls_on_connect_ports. Bug 72 X-Git-Tag: exim-4_83_RC2~5 X-Git-Url: https://git.exim.org/users/jgh/exim.git/commitdiff_plain/071c51f70266916a7be153ce67c0045beb58b841?ds=inline Support service names for tls_on_connect_ports. Bug 72 --- diff --git a/doc/doc-docbook/spec.xfpt b/doc/doc-docbook/spec.xfpt index 365bd58dd..a1422b09b 100644 --- a/doc/doc-docbook/spec.xfpt +++ b/doc/doc-docbook/spec.xfpt @@ -12724,8 +12724,9 @@ option), the interfaces and ports on which it listens are controlled by the following options: .ilist -&%daemon_smtp_ports%& contains a list of default ports. (For backward -compatibility, this option can also be specified in the singular.) +&%daemon_smtp_ports%& contains a list of default ports +or service names. +(For backward compatibility, this option can also be specified in the singular.) .next &%local_interfaces%& contains list of interface IP addresses on which to listen. Each item may optionally also specify a port. @@ -12826,7 +12827,8 @@ value of &%daemon_smtp_ports%& is no longer relevant in this example.) Exim supports the obsolete SSMTP protocol (also known as SMTPS) that was used before the STARTTLS command was standardized for SMTP. Some legacy clients still use this protocol. If the &%tls_on_connect_ports%& option is set to a -list of port numbers, connections to those ports must use SSMTP. The most +list of port numbers or service names, +connections to those ports must use SSMTP. The most common use of this option is expected to be .code tls_on_connect_ports = 465 diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog index 541eac704..f4cfff913 100644 --- a/doc/doc-txt/ChangeLog +++ b/doc/doc-txt/ChangeLog @@ -129,6 +129,9 @@ TL/12 Bug 1444: Fix improper \r\n sequence handling when writing spool JH/25 Expand the coverage of the delivery $host and $host_address to client authenticators run in verify callout. Bug 1476. +JH/26 Port service names are now accepted for tls_on_connect_ports, to + align with daemon_smtp_ports. Bug 72. + Exim version 4.82 ----------------- diff --git a/src/src/daemon.c b/src/src/daemon.c index 66ed22440..5c6420547 100644 --- a/src/src/daemon.c +++ b/src/src/daemon.c @@ -1127,13 +1127,13 @@ if (daemon_listen && !inetd_wait_mode) list = daemon_smtp_port; sep = 0; - while ((s = string_nextinlist(&list,&sep,big_buffer,big_buffer_size)) != NULL) + while ((s = string_nextinlist(&list,&sep,big_buffer,big_buffer_size))) pct++; default_smtp_port = store_get((pct+1) * sizeof(int)); list = daemon_smtp_port; sep = 0; for (pct = 0; - (s = string_nextinlist(&list,&sep,big_buffer,big_buffer_size)) != NULL; + (s = string_nextinlist(&list,&sep,big_buffer,big_buffer_size)); pct++) { if (isdigit(*s)) @@ -1146,13 +1146,38 @@ if (daemon_listen && !inetd_wait_mode) else { struct servent *smtp_service = getservbyname(CS s, "tcp"); - if (smtp_service == NULL) + if (!smtp_service) log_write(0, LOG_PANIC_DIE|LOG_CONFIG, "TCP port \"%s\" not found", s); default_smtp_port[pct] = ntohs(smtp_service->s_port); } } default_smtp_port[pct] = 0; + /* Check the list of TLS-on-connect ports and do name lookups if needed */ + + list = tls_in.on_connect_ports; + sep = 0; + while ((s = string_nextinlist(&list, &sep, big_buffer, big_buffer_size))) + if (!isdigit(*s)) + { + list = tls_in.on_connect_ports; + tls_in.on_connect_ports = NULL; + sep = 0; + while ((s = string_nextinlist(&list, &sep, big_buffer, big_buffer_size))) + { + if (!isdigit(*s)) + { + struct servent *smtp_service = getservbyname(CS s, "tcp"); + if (!smtp_service) + log_write(0, LOG_PANIC_DIE|LOG_CONFIG, "TCP port \"%s\" not found", s); + s= string_sprintf("%d", (int)ntohs(smtp_service->s_port)); + } + tls_in.on_connect_ports = string_append_listele(tls_in.on_connect_ports, + ':', s); + } + break; + } + /* Create the list of local interfaces, possibly with ports included. This list may contain references to 0.0.0.0 and ::0 as wildcards. These special values are converted below. */ @@ -2065,5 +2090,6 @@ for (;;) /* Control never reaches here */ } +/* vi: aw ai sw=2 +*/ /* End of exim_daemon.c */ - diff --git a/src/src/host.c b/src/src/host.c index a59c4381b..00524f416 100644 --- a/src/src/host.c +++ b/src/src/host.c @@ -1181,17 +1181,13 @@ int sep = 0; uschar buffer[32]; uschar *list = tls_in.on_connect_ports; uschar *s; +uschar *end; if (tls_in.on_connect) return TRUE; -while ((s = string_nextinlist(&list, &sep, buffer, sizeof(buffer))) != NULL) - { - uschar *end; - int lport = Ustrtol(s, &end, 10); - if (*end != 0) log_write(0, LOG_MAIN|LOG_PANIC_DIE, "tls_on_connect_ports " - "contains \"%s\", which is not a port number: exim abandoned", s); - if (lport == port) return TRUE; - } +while ((s = string_nextinlist(&list, &sep, buffer, sizeof(buffer)))) + if (Ustrtol(s, &end, 10) == port) + return TRUE; return FALSE; }