Gitweb:
https://git.exim.org/exim.git/commitdiff/eb09d0da1fb995ad88f9a1c2998766c3e530be68
Commit: eb09d0da1fb995ad88f9a1c2998766c3e530be68
Parent: 37b849dca4dfd855212a763662825e967a4d77b1
Author: Jeremy Harris <jgh146exb@???>
AuthorDate: Tue Nov 7 19:38:22 2023 +0000
Committer: Jeremy Harris <jgh146exb@???>
CommitDate: Tue Nov 7 19:52:23 2023 +0000
Fix use of empty log_reject_target. Bug 3039
Broken-by: 4243a209fd94
---
doc/doc-txt/ChangeLog | 7 ++++++-
src/src/smtp_in.c | 25 ++++++++++++++-----------
test/confs/1115 | 24 ++++++++++++++++++++++++
test/log/1115 | 3 +++
test/scripts/1100-Basic-TLS/1115 | 7 +++++++
test/stdout/1115 | 6 ++++++
6 files changed, 60 insertions(+), 12 deletions(-)
diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog
index 2ea8caf23..c74c0c0c6 100644
--- a/doc/doc-txt/ChangeLog
+++ b/doc/doc-txt/ChangeLog
@@ -16,10 +16,15 @@ JH/02 Bug 3040: Handle error on close of the spool data file during reception.
this to respond with a temp-reject, wipe spoolfiles, and log the error
detail.
-JH/03 Bug 3030: fix handling of DNS servfail respons for DANE TLSA. When hit
+JH/03 Bug 3030: Fix handling of DNS servfail respons for DANE TLSA. When hit
during a recipient verify callout, a QUIT command was attempted on the
now-closed callout channel, causing a paniclog entry.
+JH/04 Bug 3039: Fix handling of of an empty log_reject_target, with
+ a connection_reject log_selector, under tls_on_connect. Previously
+ with this combination, when the connect ACL rejected, a spurious
+ paniclog entry was made.
+
Exim version 4.97
-----------------
diff --git a/src/src/smtp_in.c b/src/src/smtp_in.c
index c565d522d..e19c86ff8 100644
--- a/src/src/smtp_in.c
+++ b/src/src/smtp_in.c
@@ -2051,16 +2051,19 @@ else DEBUG(D_receive)
static void
log_connect_tls_drop(const uschar * what, const uschar * log_msg)
{
-gstring * g = s_tlslog(NULL);
-uschar * tls = string_from_gstring(g);
-
-log_write(L_connection_reject,
- log_reject_target, "%s%s%s dropped by %s%s%s",
- LOGGING(dnssec) && sender_host_dnssec ? US" DS" : US"",
- host_and_ident(TRUE),
- tls ? tls : US"",
- what,
- log_msg ? US": " : US"", log_msg);
+if (log_reject_target)
+ {
+ gstring * g = s_tlslog(NULL);
+ uschar * tls = string_from_gstring(g);
+
+ log_write(L_connection_reject,
+ log_reject_target, "%s%s%s dropped by %s%s%s",
+ LOGGING(dnssec) && sender_host_dnssec ? US" DS" : US"",
+ host_and_ident(TRUE),
+ tls ? tls : US"",
+ what,
+ log_msg ? US": " : US"", log_msg);
+ }
}
@@ -3085,7 +3088,7 @@ else
the connection is not forcibly to be dropped, return 0. Otherwise, log why it
is closing if required and return 2. */
-if (log_reject_target != 0)
+if (log_reject_target)
{
#ifndef DISABLE_TLS
gstring * g = s_tlslog(NULL);
diff --git a/test/confs/1115 b/test/confs/1115
new file mode 100644
index 000000000..c6247a4e0
--- /dev/null
+++ b/test/confs/1115
@@ -0,0 +1,24 @@
+# Exim test configuration 1115
+
+SERVER=
+
+.include DIR/aux-var/std_conf_prefix
+
+primary_hostname = myhost.test.ex
+
+# ----- Main settings -----
+
+tls_on_connect_ports = PORT_D2
+
+acl_smtp_connect = check_conn
+
+log_selector = +connection_reject
+
+# ----- ACLs -----
+
+begin acl
+
+check_conn:
+ deny log_reject_target =
+
+# End
diff --git a/test/log/1115 b/test/log/1115
new file mode 100644
index 000000000..d09da31a0
--- /dev/null
+++ b/test/log/1115
@@ -0,0 +1,3 @@
+
+******** SERVER ********
+1999-03-02 09:44:33 exim x.yz daemon started: pid=p1234, no queue runs, listening for SMTPS on port PORT_D2
diff --git a/test/scripts/1100-Basic-TLS/1115 b/test/scripts/1100-Basic-TLS/1115
new file mode 100644
index 000000000..fe53cb15d
--- /dev/null
+++ b/test/scripts/1100-Basic-TLS/1115
@@ -0,0 +1,7 @@
+# server: tls_on_connect and log_reject_target empty
+exim -bd -DSERVER=server -oX PORT_D2
+****
+client-anytls -tls-on-connect 127.0.0.1 PORT_D2
+???*
+****
+killdaemon
diff --git a/test/stdout/1115 b/test/stdout/1115
new file mode 100644
index 000000000..43eac051c
--- /dev/null
+++ b/test/stdout/1115
@@ -0,0 +1,6 @@
+Connecting to 127.0.0.1 port 1226 ... connected
+Attempting to start TLS
+Failed to start TLS
+???*
+Expected EOF read
+End of script
--
## subscription configuration (requires account):
##
https://lists.exim.org/mailman3/postorius/lists/exim-cvs.lists.exim.org/
## unsubscribe (doesn't require an account):
## exim-cvs-unsubscribe@???
## Exim details at
http://www.exim.org/
## Please use the Wiki with this list -
http://wiki.exim.org/