From: Philip Hazel Date: Tue, 28 Jun 2005 08:49:38 +0000 (+0000) Subject: Fixed GnuTLS bug that stopped it generating its parameters cache file if X-Git-Tag: exim-4_52~12 X-Git-Url: https://vcs.fsf.org/?p=exim.git;a=commitdiff_plain;h=182ad5cf717e9c4641323df53012d585b925f4d9;ds=sidebyside Fixed GnuTLS bug that stopped it generating its parameters cache file if the file did not previously exist. --- diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog index a0d7b39cf..c1f8c197e 100644 --- a/doc/doc-txt/ChangeLog +++ b/doc/doc-txt/ChangeLog @@ -1,4 +1,4 @@ -$Cambridge: exim/doc/doc-txt/ChangeLog,v 1.175 2005/06/27 18:34:35 tom Exp $ +$Cambridge: exim/doc/doc-txt/ChangeLog,v 1.176 2005/06/28 08:49:38 ph10 Exp $ Change log file for Exim from version 4.21 ------------------------------------------- @@ -210,6 +210,12 @@ PH/30 Exim's DNS code uses the original T_xxx names for DNS record times. These ones like T_AAAA, and defining it itself. I've added checks for all the record types that Exim uses. +PH/31 When using GnuTLS, if the parameters cache file did not exist, Exim was + not automatically generating a new one, as it is supposed to. This + prevented TLS from working. If the file did exist, but contained invalid + data, a new version was generated, as expected. It was only the case of a + non-existent file that was broken. + TK/10 Domainkeys: Fix a bug in verification that caused a crash in conjunction with a change in libdomainkeys > 0.64. @@ -220,7 +226,6 @@ TK/11 Domainkeys: Change the logic how the "testing" policy flag is retrieved TK/12 Cleared some compiler warnings related to SPF, SRS and DK code. - Exim version 4.51 ----------------- diff --git a/src/ACKNOWLEDGMENTS b/src/ACKNOWLEDGMENTS index 7baa785f6..cd5a9a090 100644 --- a/src/ACKNOWLEDGMENTS +++ b/src/ACKNOWLEDGMENTS @@ -1,4 +1,4 @@ -$Cambridge: exim/src/ACKNOWLEDGMENTS,v 1.27 2005/06/16 15:48:58 ph10 Exp $ +$Cambridge: exim/src/ACKNOWLEDGMENTS,v 1.28 2005/06/28 08:49:38 ph10 Exp $ EXIM ACKNOWLEDGEMENTS @@ -20,7 +20,7 @@ relatively small patches. Philip Hazel Lists created: 20 November 2002 -Last updated: 16 June 2005 +Last updated: 28 June 2005 THE OLD LIST @@ -185,6 +185,7 @@ Marc Merlin Many suggestions and patches for callouts and SMTP error message features Andreas Metzler Patch for message_id_header_domain Suggested patch for multi-config files in scripts bug + GnuTLS non-existent parameter file bug fix Alex Miller Suggested readline() patch Patch for LDAP_RES_SEARCH_REFERENCE handling Support for the DrWeb content scanner diff --git a/src/src/tls-gnu.c b/src/src/tls-gnu.c index a3ecbeb10..adbfe4347 100644 --- a/src/src/tls-gnu.c +++ b/src/src/tls-gnu.c @@ -1,4 +1,4 @@ -/* $Cambridge: exim/src/src/tls-gnu.c,v 1.9 2005/06/27 14:29:44 ph10 Exp $ */ +/* $Cambridge: exim/src/src/tls-gnu.c,v 1.10 2005/06/28 08:49:38 ph10 Exp $ */ /************************************************* * Exim - an Internet mail transport agent * @@ -256,7 +256,7 @@ static int init_rsa_dh(host_item *host) { int fd; -int ret = -1; +int ret; gnutls_datum m; uschar filename[200]; @@ -299,6 +299,7 @@ if (fd >= 0) (void)close(fd); ret = gnutls_rsa_params_import_pkcs1(rsa_params, &m, GNUTLS_X509_FMT_PEM); + if (ret < 0) { DEBUG(D_tls) @@ -318,7 +319,13 @@ if (fd >= 0) /* If the file does not exist, fall through to compute new data and cache it. If there was any other opening error, it is serious. */ -else if (errno != ENOENT) +else if (errno == ENOENT) + { + ret = -1; + DEBUG(D_tls) + debug_printf("parameter cache file %s does not exist\n", filename); + } +else return tls_error(string_open_failed(errno, "%s for reading", filename), host, 0); @@ -391,7 +398,8 @@ if (ret < 0) return tls_error(string_sprintf("failed to rename %s as %s: %s", tempfilename, filename, strerror(errno)), host, 0); - DEBUG(D_tls) debug_printf("wrote RSA and D-H parameters to file\n"); + DEBUG(D_tls) debug_printf("wrote RSA and D-H parameters to file %s\n", + filename); } DEBUG(D_tls) debug_printf("initialized RSA and D-H parameters\n");