Gitweb:
https://git.exim.org/exim.git/commitdiff/85f4056d71b45977bf269c7e595386647538d14b
Commit: 85f4056d71b45977bf269c7e595386647538d14b
Parent: 959a371aa5b6b8496755ffcc7116cfcb03921dae
Author: Jeremy Harris <jgh146exb@???>
AuthorDate: Tue Dec 13 15:46:01 2022 +0000
Committer: Jeremy Harris <jgh146exb@???>
CommitDate: Tue Dec 13 15:46:01 2022 +0000
ACL: Permit the "encrypted" condition to be used in a HELO/EHLO ACL
---
doc/doc-txt/ChangeLog | 6 ++++++
src/src/acl.c | 2 +-
2 files changed, 7 insertions(+), 1 deletion(-)
diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog
index f8ab5da0c..db37c22bb 100644
--- a/doc/doc-txt/ChangeLog
+++ b/doc/doc-txt/ChangeLog
@@ -75,6 +75,12 @@ JH/16 Move running the smtp connect ACL to before, for TLS-on-connect ports,
Also, avoid sending any SMTP fail response for either the connect ACL
or host_reject_connection, for TLS-on-connect ports.
+JH/17 Permit the ACL "encrypted" condition to be used in a HELO/EHLO ACL,
+ Previously this was not permitted, but it makes reasonable sense.
+ While there, restore a restriction on using it from a connect ACL; given
+ the change JH/16 it could only return false (and before 4.91 was not
+ permitted).
+
Exim version 4.96
-----------------
diff --git a/src/src/acl.c b/src/src/acl.c
index 8e1d92457..74b59b0fe 100644
--- a/src/src/acl.c
+++ b/src/src/acl.c
@@ -223,7 +223,7 @@ static condition_def conditions[] = {
},
[ACLC_ENCRYPTED] = { US"encrypted", FALSE, FALSE,
ACL_BIT_NOTSMTP | ACL_BIT_NOTSMTP_START |
- ACL_BIT_HELO,
+ ACL_BIT_CONNECT
},
[ACLC_ENDPASS] = { US"endpass", TRUE, TRUE, 0 },
