diff options
| author | Jeremy Harris <jgh146exb@wizmail.org> | 2016-08-03 11:32:32 +0100 |
|---|---|---|
| committer | Jeremy Harris <jgh146exb@wizmail.org> | 2016-08-03 12:49:45 +0100 |
| commit | ef3a1a30b2d5edba53f1a8c8d1dc594940cb39c1 (patch) | |
| tree | c39d01e6a0ef11ef033dc7fafdf2415d7c4a7494 | |
| parent | 3581f3213f74d47833cc710dfc678f1d79debaa7 (diff) | |
DANE: treat a TLSA response having only non-TLSA records the same as a no-match response
| -rw-r--r-- | doc/doc-txt/ChangeLog | 4 | ||||
| -rw-r--r-- | src/src/transports/smtp.c | 3 |
2 files changed, 6 insertions, 1 deletions
diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog index e1471b627..d99370a7e 100644 --- a/doc/doc-txt/ChangeLog +++ b/doc/doc-txt/ChangeLog @@ -61,6 +61,10 @@ JH/14 Fix logging of errors under PIPELINING. Previously the log line giving JH/15 Fix counting of empty lines in $body_linecount and $message_linecount. Previously they were not counted. +JH/16 DANE: treat a TLSA lookup response having all non-TLSA RRs, the same + as one having no matching records. Previously we deferred the message + that needed the lookup. + Exim version 4.87 ----------------- diff --git a/src/src/transports/smtp.c b/src/src/transports/smtp.c index c84323c17..bbfef0632 100644 --- a/src/src/transports/smtp.c +++ b/src/src/transports/smtp.c @@ -1217,7 +1217,8 @@ switch (dns_lookup(dnsa, buffer, T_TLSA, &fullname)) case DNS_AGAIN: return DEFER; /* just defer this TLS'd conn */ - case DNS_NOMATCH: + case DNS_NODATA: /* no TLSA RR for this lookup */ + case DNS_NOMATCH: /* no records at all for this lookup */ return dane_required ? FAIL : FAIL_FORCED; default: |