X-Git-Url: https://git.hcoop.net/hcoop/debian/exim4.git/blobdiff_plain/f84d3f9f4fa61b9cc6cc2472bf7fc7f9be8347c3..6ff1d76370acc9772ba83f0424e8d3d6ba16fabe:/debian/patches/80_01-GnuTLS-fix-hanging-callout-connections.patch diff --git a/debian/patches/80_01-GnuTLS-fix-hanging-callout-connections.patch b/debian/patches/80_01-GnuTLS-fix-hanging-callout-connections.patch new file mode 100644 index 0000000..0f36d73 --- /dev/null +++ b/debian/patches/80_01-GnuTLS-fix-hanging-callout-connections.patch @@ -0,0 +1,83 @@ +From 97c5e07c220b55d1c506a1798c9ce3ae3105adea Mon Sep 17 00:00:00 2001 +From: Jeremy Harris +Date: Thu, 13 Feb 2020 16:45:38 +0000 +Subject: [PATCH 4/6] GnuTLS: fix hanging callout connections + +Broken-by: 925ac8e4f1 +(cherry picked from commit bd95ffc2ba87fbd3c752df17bc8fd9c01586d45a) +--- + doc/ChangeLog | 81 ++++--------------------------------------- + src/tls-gnu.c | 24 +++++++------ + 2 files changed, 20 insertions(+), 85 deletions(-) + +--- a/doc/ChangeLog ++++ b/doc/ChangeLog +@@ -67,6 +67,11 @@ JH/41 Bug 2571: Fix SPA authenticator. + being used. A malicious client could thus cause an out-of-bounds read and + possibly gain authentication. Fix by adding the check. + ++JH/25 Fix use of concurrent TLS connections under GnuTLS. When a callout was ++ done during a receiving connection, and both used TLS, global info was ++ used rather than per-connection info for tracking the state of data ++ queued for transmission. This could result in a connection hang. ++ + + Exim version 4.92 + ----------------- +--- a/src/tls-gnu.c ++++ b/src/tls-gnu.c +@@ -124,10 +124,17 @@ typedef struct exim_gnutls_state { + enum peer_verify_requirement verify_requirement; + int fd_in; + int fd_out; +- BOOL peer_cert_verified; +- BOOL peer_dane_verified; +- BOOL trigger_sni_changes; +- BOOL have_set_peerdn; ++ ++ BOOL peer_cert_verified:1; ++ BOOL peer_dane_verified:1; ++ BOOL trigger_sni_changes:1; ++ BOOL have_set_peerdn:1; ++ BOOL xfer_eof:1; /*XXX never gets set! */ ++ BOOL xfer_error:1; ++#ifdef SUPPORT_CORK ++ BOOL corked:1; ++#endif ++ + const struct host_item *host; /* NULL if server */ + gnutls_x509_crt_t peercert; + uschar *peerdn; +@@ -160,8 +167,6 @@ typedef struct exim_gnutls_state { + uschar *xfer_buffer; + int xfer_buffer_lwm; + int xfer_buffer_hwm; +- BOOL xfer_eof; /*XXX never gets set! */ +- BOOL xfer_error; + } exim_gnutls_state_st; + + static const exim_gnutls_state_st exim_gnutls_state_init = { +@@ -2790,9 +2795,8 @@ ssize_t outbytes; + size_t left = len; + exim_gnutls_state_st * state = ct_ctx ? ct_ctx : &state_server; + #ifdef SUPPORT_CORK +-static BOOL corked = FALSE; + +-if (more && !corked) gnutls_record_cork(state->session); ++if (more && !state->corked) gnutls_record_cork(state->session); + #endif + + DEBUG(D_tls) debug_printf("%s(%p, " SIZE_T_FMT "%s)\n", __FUNCTION__, +@@ -2833,10 +2837,10 @@ if (len > INT_MAX) + } + + #ifdef SUPPORT_CORK +-if (more != corked) ++if (more != state->corked) + { + if (!more) (void) gnutls_record_uncork(state->session, 0); +- corked = more; ++ state->corked = more; + } + #endif +