diff options
author | Andreas Metzler <ametzler@debian.org> | 2012-06-08 08:47:15 +0000 |
---|---|---|
committer | Andreas Metzler <ametzler@debian.org> | 2012-06-08 08:47:15 +0000 |
commit | 9b9c4be6fcb2c49ac5db7de84f913505848dbd8c (patch) | |
tree | 3a7770db02e81125bcf5a82ab2a0675d93cb82e9 | |
parent | 1d91ee3bfcc466d2c717826649477846f25cce2e (diff) | |
download | exim4-9b9c4be6fcb2c49ac5db7de84f913505848dbd8c.tar.gz |
Pull 75_openssl_sni.diff from upstream. - Segfault caused by NULL
dereference if Exim is built using OpenSSL, tls_sni is used and a
forced expansion failure is configured.
svn path=/exim/trunk/; revision=2740
-rw-r--r-- | debian/changelog | 3 | ||||
-rw-r--r-- | debian/patches/75_openssl_sni.diff | 30 | ||||
-rw-r--r-- | debian/patches/series | 1 |
3 files changed, 34 insertions, 0 deletions
diff --git a/debian/changelog b/debian/changelog index 64eccdf..590d95e 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,6 +1,9 @@ exim4 (4.80-3) UNRELEASED; urgency=low * NOT RELEASED YET + * Pull 75_openssl_sni.diff from upstream. - Segfault caused by NULL + dereference if Exim is built using OpenSSL, tls_sni is used and a + forced expansion failure is configured. -- Andreas Metzler <ametzler@debian.org> Sun, 03 Jun 2012 17:29:00 +0200 diff --git a/debian/patches/75_openssl_sni.diff b/debian/patches/75_openssl_sni.diff new file mode 100644 index 0000000..f68cc91 --- /dev/null +++ b/debian/patches/75_openssl_sni.diff @@ -0,0 +1,30 @@ +From 2c9a0e86055f1e86ca5cdde421f5f8c9a48b0194 Mon Sep 17 00:00:00 2001 +From: Phil Pennock <pdp@exim.org> +Date: Wed, 6 Jun 2012 19:46:40 -0400 +Subject: [PATCH] BUGFIX: forced-fail smtp option tls_sni would dereference + NULL + +--- + src/tls-openssl.c | 6 +++++- + 1 file changed, 5 insertions(+), 1 deletion(-) + +diff --git a/src/tls-openssl.c b/src/tls-openssl.c +index 22c0730..17cc721 100644 +--- a/src/tls-openssl.c ++++ b/src/tls-openssl.c +@@ -1289,7 +1289,11 @@ if (sni) + { + if (!expand_check(sni, US"tls_sni", &tls_sni)) + return FAIL; +- if (!Ustrlen(tls_sni)) ++ if (tls_sni == NULL) ++ { ++ DEBUG(D_tls) debug_printf("Setting TLS SNI forced to fail, not sending\n"); ++ } ++ else if (!Ustrlen(tls_sni)) + tls_sni = NULL; + else + { +-- +1.7.10 + diff --git a/debian/patches/series b/debian/patches/series index cfc6970..8f6e15d 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -9,3 +9,4 @@ 66_enlarge-dh-parameters-size.dpatch 67_unnecessaryCopt.diff 70_remove_exim-users_references.dpatch +75_openssl_sni.diff |