https://bugs.exim.org/show_bug.cgi?id=3048
Bug ID: 3048
Summary: If SUPPORT_DANE is commented in Local/Makefile,
compilation of exim 4.97 fails.
Product: Exim
Version: 4.97
Hardware: All
OS: Linux
Status: NEW
Severity: bug
Priority: medium
Component: TLS
Assignee: jgh146exb@wizmail.org
Reporter: phj556@gmail.com
CC: exim-dev@lists.exim.org
If SUPPORT_DANE is commented in Local/Makefile, compilation of exim
4.97 fails.
In Local/Makefile I commented SUPPORT_DANE like so:
## SUPPORT_DANE=yes
Subsequently make fails:
.
.
.
cc string.c
cc tls.c
In file included from tls.c:473:
tls-openssl.c: In function ‘tls_client_stapling_cb’:
tls-openssl.c:2611:19: error: ‘tls_support’ {aka ‘struct <anonymous>’} has no
member named ‘dane_verified’; did you mean ‘certificate_verified’?
if ( tls_out.dane_verified
^~~~~~~~~~~~~
certificate_verified
make[1]: *** [Makefile:842: tls.o] Error 1
make[1]: Leaving directory
'/home/ballgame/src/exim/exim-4.97/build-Linux-aarch64'
make: *** [Makefile:37: all] Error 2
To me, the problem is that:
1. in globals.h, in typedef struct definition of tls_support, field:
BOOL dane_verified; /* ... via DANE */
is added to the struct depending on whether SUPPORT_DANE is defined
2. but in tls_openssl.c, field dane_verified is referenced at line 2611
depending on whether EXIM_HAVE_OPENSSL_OCSP_RESP_GET0_SIGNER is defined.
The comment preceding line 2611 includes: “It still will for non-DANE.”
where
“It” means, I believe, function OCSP_resp_get0_signer().
To make my compilation run to completion, in globals.h in the typedef struct
definition of tls_support, I changed:
#ifdef SUPPORT_DANE
BOOL dane_verified; /* ... via DANE */
int tlsa_usage; /* TLSA record(s) usage */
#endif
to:
BOOL dane_verified; /* ... via DANE */
int tlsa_usage; /* TLSA record(s) usage */
To me this is a fairly gentle change. You all who maintain
the source will have to decide if the change is valid.
Thanks to all of you who work on/maintain exim source.
I wouldn't have a mail server if not for your work.
--
You are receiving this mail because:
You are on the CC list for the bug.
--
## subscription configuration (requires account):
## https://lists.exim.org/mailman3/postorius/lists/exim-dev.lists.exim.org/
## unsubscribe (doesn't require an account):
## exim-dev-unsubscribe@lists.exim.org
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
Bug ID: 3048
Summary: If SUPPORT_DANE is commented in Local/Makefile,
compilation of exim 4.97 fails.
Product: Exim
Version: 4.97
Hardware: All
OS: Linux
Status: NEW
Severity: bug
Priority: medium
Component: TLS
Assignee: jgh146exb@wizmail.org
Reporter: phj556@gmail.com
CC: exim-dev@lists.exim.org
If SUPPORT_DANE is commented in Local/Makefile, compilation of exim
4.97 fails.
In Local/Makefile I commented SUPPORT_DANE like so:
## SUPPORT_DANE=yes
Subsequently make fails:
.
.
.
cc string.c
cc tls.c
In file included from tls.c:473:
tls-openssl.c: In function ‘tls_client_stapling_cb’:
tls-openssl.c:2611:19: error: ‘tls_support’ {aka ‘struct <anonymous>’} has no
member named ‘dane_verified’; did you mean ‘certificate_verified’?
if ( tls_out.dane_verified
^~~~~~~~~~~~~
certificate_verified
make[1]: *** [Makefile:842: tls.o] Error 1
make[1]: Leaving directory
'/home/ballgame/src/exim/exim-4.97/build-Linux-aarch64'
make: *** [Makefile:37: all] Error 2
To me, the problem is that:
1. in globals.h, in typedef struct definition of tls_support, field:
BOOL dane_verified; /* ... via DANE */
is added to the struct depending on whether SUPPORT_DANE is defined
2. but in tls_openssl.c, field dane_verified is referenced at line 2611
depending on whether EXIM_HAVE_OPENSSL_OCSP_RESP_GET0_SIGNER is defined.
The comment preceding line 2611 includes: “It still will for non-DANE.”
where
“It” means, I believe, function OCSP_resp_get0_signer().
To make my compilation run to completion, in globals.h in the typedef struct
definition of tls_support, I changed:
#ifdef SUPPORT_DANE
BOOL dane_verified; /* ... via DANE */
int tlsa_usage; /* TLSA record(s) usage */
#endif
to:
BOOL dane_verified; /* ... via DANE */
int tlsa_usage; /* TLSA record(s) usage */
To me this is a fairly gentle change. You all who maintain
the source will have to decide if the change is valid.
Thanks to all of you who work on/maintain exim source.
I wouldn't have a mail server if not for your work.
--
You are receiving this mail because:
You are on the CC list for the bug.
--
## subscription configuration (requires account):
## https://lists.exim.org/mailman3/postorius/lists/exim-dev.lists.exim.org/
## unsubscribe (doesn't require an account):
## exim-dev-unsubscribe@lists.exim.org
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/