3 files changed, 12 insertions, 1 deletions

diff --git a/doc/doc-docbook/spec.xfpt b/doc/doc-docbook/spec.xfpt
index 7440a4c06..c06fb9c4f 100644
--- a/doc/doc-docbook/spec.xfpt
+++ b/doc/doc-docbook/spec.xfpt
@@ -17136,7 +17136,7 @@ be the name of a file that contains CRLs in PEM format.
 .new
 Under OpenSSL the option can specify a directory with CRL files.
 
-&*Note: Under OpenSSL the option must, if given, supply a CRL
+&*Note:*& Under OpenSSL the option must, if given, supply a CRL
 for each signing element of the certificate chain (i.e. all but the leaf).
 For the file variant this can be multiple PEM blocks in the one file.
 .wen
@@ -28998,6 +28998,8 @@ effect.
 
 
 .vitem &*queue*&&~=&~<&'text'&>
+.cindex "&%queue%& ACL modifier"
+.cindex "named queues" "selecting in ACL"
 This modifier specifies the use of a named queue for spool files
 for the message.
 It can only be used before the message is received (i.e. not in
diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog
index d4b1820d5..4897f4a0c 100644
--- a/doc/doc-txt/ChangeLog
+++ b/doc/doc-txt/ChangeLog
@@ -13,6 +13,9 @@ JH/01 Replace the store_release() internal interface with store_newblock(),
       the allocate and data copy operations duplicated in both (!) of the
       extant use locations.
 
+JH/02 Disallow '/' characters in queue names specified for the "queue=" ACL
+      modifier.  This matches the restriction on the commandline.
+
 Exim version 4.90
 -----------------
 
diff --git a/src/src/acl.c b/src/src/acl.c
index 477b059a5..b8a4b8865 100644
--- a/src/src/acl.c
+++ b/src/src/acl.c
@@ -3597,6 +3597,12 @@ for (; cb != NULL; cb = cb->next)
     #endif
 
     case ACLC_QUEUE:
+    if (Ustrchr(arg, '/'))
+      {
+      *log_msgptr = string_sprintf(
+	      "Directory separator not permitted in queue name: '%s'", arg);
+      return ERROR;
+      }
     queue_name = string_copy_malloc(arg);
     break;