Pull 75_openssl_sni.diff from upstream. - Segfault caused by NULL

dereference if Exim is built using OpenSSL, tls_sni is used and a
forced expansion failure is configured.

svn path=/exim/trunk/; revision=2740

3 files changed, 34 insertions, 0 deletions

diff --git a/debian/changelog b/debian/changelog
index 64eccdf..590d95e 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,6 +1,9 @@
 exim4 (4.80-3) UNRELEASED; urgency=low
 
   * NOT RELEASED YET
+  * Pull 75_openssl_sni.diff from upstream. - Segfault caused by NULL
+    dereference if Exim is built using OpenSSL, tls_sni is used and a
+    forced expansion failure is configured.
 
  -- Andreas Metzler <ametzler@debian.org>  Sun, 03 Jun 2012 17:29:00 +0200
 
diff --git a/debian/patches/75_openssl_sni.diff b/debian/patches/75_openssl_sni.diff
new file mode 100644
index 0000000..f68cc91
--- /dev/null
+++ b/debian/patches/75_openssl_sni.diff
@@ -0,0 +1,30 @@
+From 2c9a0e86055f1e86ca5cdde421f5f8c9a48b0194 Mon Sep 17 00:00:00 2001
+From: Phil Pennock <pdp@exim.org>
+Date: Wed, 6 Jun 2012 19:46:40 -0400
+Subject: [PATCH] BUGFIX: forced-fail smtp option tls_sni would dereference
+ NULL
+
+---
+ src/tls-openssl.c |    6 +++++-
+ 1 file changed, 5 insertions(+), 1 deletion(-)
+
+diff --git a/src/tls-openssl.c b/src/tls-openssl.c
+index 22c0730..17cc721 100644
+--- a/src/tls-openssl.c
++++ b/src/tls-openssl.c
+@@ -1289,7 +1289,11 @@ if (sni)
+   {
+   if (!expand_check(sni, US"tls_sni", &tls_sni))
+     return FAIL;
+-  if (!Ustrlen(tls_sni))
++  if (tls_sni == NULL)
++    {
++    DEBUG(D_tls) debug_printf("Setting TLS SNI forced to fail, not sending\n");
++    }
++  else if (!Ustrlen(tls_sni))
+     tls_sni = NULL;
+   else
+     {
+-- 
+1.7.10
+
diff --git a/debian/patches/series b/debian/patches/series
index cfc6970..8f6e15d 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -9,3 +9,4 @@
 66_enlarge-dh-parameters-size.dpatch
 67_unnecessaryCopt.diff
 70_remove_exim-users_references.dpatch
+75_openssl_sni.diff