diff options
-rw-r--r-- | doc/doc-docbook/spec.xfpt | 3 | ||||
-rw-r--r-- | doc/doc-txt/ChangeLog | 12 | ||||
-rw-r--r-- | src/src/lookups/ldap.c | 2 |
3 files changed, 14 insertions, 3 deletions
diff --git a/doc/doc-docbook/spec.xfpt b/doc/doc-docbook/spec.xfpt index 769b9e1c9..465a30525 100644 --- a/doc/doc-docbook/spec.xfpt +++ b/doc/doc-docbook/spec.xfpt @@ -15293,6 +15293,9 @@ connecting on a regular LDAP port. This is the LDAP equivalent of SMTP's of SSL-on-connect. In the event of failure to negotiate TLS, the action taken is controlled by &%ldap_require_cert%&. +.new +This option is ignored for &`ldapi`& connections. +.wen .option ldap_version main integer unset diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog index 5427392b9..7e02d30bc 100644 --- a/doc/doc-txt/ChangeLog +++ b/doc/doc-txt/ChangeLog @@ -4,16 +4,22 @@ This document describes *changes* to previous versions, that might affect Exim's operation, with an unchanged configuration file. For new options, and new features, see the NewStuff file next to this ChangeLog. + Exim version 4.89 ------------------- + JH/01 Bug 1922: Support IDNA2008. This has slightly different conversion rules than -2003 did; needs libidn2 in addition to linidn. JH/02 The path option on a pipe transport is now expanded before use. +PP/01 GitHub PR 50: Do not call ldap_start_tls_s on ldapi:// connections. + Patch provided by "Björn", documentation fix added too. + Exim version 4.88 ----------------- + JH/01 Use SIZE on MAIL FROM in a cutthrough connection, if the destination supports it and a size is available (ie. the sending peer gave us one). @@ -152,11 +158,12 @@ HS/03 Use "auto" as the default EC curve parameter. For OpenSSL < 1.0.2 fallback to "prime256v1". JH/34 SECURITY: Use proper copy of DATA command in error message. - Could leak key material. Remotely explaoitable. CVE-2016-9963. + Could leak key material. Remotely exploitable. CVE-2016-9963. Exim version 4.87 ----------------- + JH/01 Bug 1664: Disable OCSP for GnuTLS library versions at/before 3.3.16 and 3.4.4 - once the server is enabled to respond to an OCSP request it does even when not requested, resulting in a stapling non-aware @@ -353,9 +360,9 @@ JH/48 Bug 1807: Fix ${extract } for the numeric/3-string case. While preparsing extraction. Accept either. - Exim version 4.86 ----------------- + JH/01 Bug 1545: The smtp transport option "retry_include_ip_address" is now expanded. @@ -478,6 +485,7 @@ HS/03 Add perl_taintmode main config option Exim version 4.85 ----------------- + TL/01 When running the test suite, the README says that variables such as no_msglog_check are global and can be placed anywhere in a specific test's script, however it was observed that placement needed to be near diff --git a/src/src/lookups/ldap.c b/src/src/lookups/ldap.c index 3db787cce..b8a326834 100644 --- a/src/src/lookups/ldap.c +++ b/src/src/lookups/ldap.c @@ -580,7 +580,7 @@ if (!lcp->bound || { DEBUG(D_lookup) debug_printf("%sbinding with user=%s password=%s\n", (lcp->bound)? "re-" : "", user, password); - if (eldap_start_tls && !lcp->is_start_tls_called) + if (eldap_start_tls && !lcp->is_start_tls_called && !ldapi) { #if defined(LDAP_OPT_X_TLS) && !defined(LDAP_LIB_SOLARIS) /* The Oracle LDAP libraries (LDAP_LIB_TYPE=SOLARIS) don't support this. |