BUGFIX: forced-fail smtp option tls_sni would dereference NULL

author Phil Pennock <pdp@exim.org>

Wed, 6 Jun 2012 23:51:44 +0000 (19:51 -0400)

committer Phil Pennock <pdp@exim.org>

Wed, 6 Jun 2012 23:51:44 +0000 (19:51 -0400)
author Phil Pennock <pdp@exim.org>
Wed, 6 Jun 2012 23:51:44 +0000 (19:51 -0400)
committer Phil Pennock <pdp@exim.org>
Wed, 6 Jun 2012 23:51:44 +0000 (19:51 -0400)
diff --cc doc/doc-txt/ChangeLog

index 71d239288b808422aa6bb71805a10602d9a29e57,6c0554b5afc66ae78dd279bcd94eb8773c29557a..66fb1ca322f4fe27110aa28a947b5d4236671b71
--- 1/doc/doc-txt/ChangeLog
--- 2/doc/doc-txt/ChangeLog
+++ b/doc/doc-txt/ChangeLog
@@@ -1,42 -1,6 +1,45 @@@
   Change log file for Exim from version 4.21
   -------------------------------------------
   
+ +Exim version 4.81
+ +-----------------
+ +
+ +PP/01 Add -bI: framework, and -bI:sieve for querying sieve capabilities.
+ +
+ +PP/02 Make -n do something, by making it not do something.
+ +      When combined with -bP, the name of an option is not output.
+ +
+ +PP/03 Added tls_dh_min_bits SMTP transport driver option, only honoured
+ +      by GnuTLS.
+ +
+ +PP/04 First step towards DNSSEC, provide $sender_host_dnssec for
+ +      $sender_host_name and config options to manage this, and basic check
+ +      routines.
+ +
+ +PP/05 DSCP support for outbound connections and control modifier for inbound.
+ +
+ +PP/06 Cyrus SASL: set local and remote IP;port properties for driver.
+ +      (Only plugin which currently uses this is kerberos4, which nobody should
+ +      be using, but we should make it available and other future plugins might
+ +      conceivably use it, even though it would break NAT; stuff *should* be
+ +      using channel bindings instead).
+ +
+ +PP/07 Handle "exim -L <tag>" to indicate to use syslog with tag as the process
+ +      name; added for Sendmail compatibility; requires admin caller.
+ +      Handle -G as equivalent to "control = suppress_local_fixups" (we used to
+ +      just ignore it); requires trusted caller.
+ +      Also parse but ignore: -Ac -Am -X<logfile>
+ +      Bugzilla 1117.
+ +
+ +TL/01 Bugzilla 1258 - Refactor MAIL FROM optional args processing.
+ +
+ +JH/01 Bugzilla 1201 & 304 - New cutthrough-delivery feature, with TLS support.
+ +
+ +JH/02 Support "G" suffix to numbers in ${if comparisons.
+ +
++PP/08 Handle smtp transport tls_sni option forced-fail for OpenSSL.
++
++
   Exim version 4.80
   -----------------
   
diff --cc src/src/tls-openssl.c

index a8a62fe8cbbc2ad7e263abe9342f7a9c585af0ee,17cc72133daf5e1afd9f2aed0678c59d37a52eb2..64aa689fb74ab727a0cee93b0c1538d720afb645
--- 1/src/src/tls-openssl.c
--- 2/src/src/tls-openssl.c
+++ b/src/src/tls-openssl.c
@@@ -1336,10 -1287,14 +1336,14 @@@ SSL_set_connect_state(client_ssl)
   
   if (sni)
     {
- -  if (!expand_check(sni, US"tls_sni", &tls_sni))
+ +  if (!expand_check(sni, US"tls_sni", &tls_out.sni))
       return FAIL;
-   if (!Ustrlen(tls_out.sni))
- -  if (tls_sni == NULL)
++  if (tls_out.sni == NULL)
+     {
+     DEBUG(D_tls) debug_printf("Setting TLS SNI forced to fail, not sending\n");
+     }
- -  else if (!Ustrlen(tls_sni))
- -    tls_sni = NULL;
++  else if (!Ustrlen(tls_out.sni))
+ +    tls_out.sni = NULL;
     else
       {
   #ifdef EXIM_HAVE_OPENSSL_TLSEXT
author	Phil Pennock <pdp@exim.org>
	Wed, 6 Jun 2012 23:51:44 +0000 (19:51 -0400)
committer	Phil Pennock <pdp@exim.org>
	Wed, 6 Jun 2012 23:51:44 +0000 (19:51 -0400)
		1	2
doc/doc-txt/ChangeLog	patch \|	diff1 \|	diff2 \|	blob \| history
src/src/tls-openssl.c	patch \|	diff1 \|	diff2 \|	blob \| history