Mailing List Archive

Exim 4.96-RC0 released
Hi all,

Enough changes have accumulated since 4.95 for it to be worth
spinning another release. The first Release Candidate is available

- as tarball: https://ftp.exim.org/pub/exim/exim4/test
- directly from Git: https://git.exim.org
tag exim-4.96-RC0

The signatures on the release tarballs (and this mail) should be
mine, key ID 0xBCE58C8CE41F32DF.

Please test and give feedback on the RC so that we can shake out
issues before 4.96 goes official.

The sourcebase is still open for feature additions at this point
in the release process.


New stuff we've added since 4.95:

- A new ACL condition: seen. Records/tests a timestamp against a key.
- A variant of the "mask" expansion operator to give normalised IPv6.
- UTC output option for exim_dumpdb, exim_fixdb.
- An event for failing TLS connects to the daemon.
- The ACL "debug" control gains options "stop", "pretrigger" and "trigger".
- Query-style lookups are now checked for quoting, if the query string is
built using untrusted data ("tainted"). For now lack of quoting is merely
logged; a future release will upgrade this to an error.
- The expansion conditions match_<list-type> and inlist now set $value for
the expansion of the "true" result of the ${if}. With a static list, this
can be used for de-tainting.

Notable removals since 4.95:

- the "allow_insecure_tainted_data" main config option and the
"taint" log_selector. These were previously deprecated.

As usual, you should read the ChangeLog file for other changes.
--
Cheers,
Jeremy
Re: Exim 4.96-RC0 released [ In reply to ]
On Sat, 23 Apr 2022 20:23:58 +0100 Jeremy Harris via Exim-users wrote:
> Hi all,
>
> Enough changes have accumulated since 4.95 for it to be worth
> spinning another release. The first Release Candidate is available

Trying to compile on Fedora 35 system with openssl-1.1.1n-1.fc35.x86_64
results in

cc tls.c
In file included from tls.c:456:
tls-openssl.c: In function ‘tls_server_start’:
tls-openssl.c:3344:14: warning: implicit declaration of function ‘event_raise’ [-Wimplicit-function-declaration]
3344 | (void) event_raise(event_action, US"tls:fail:connect", *errstr, NULL);
| ^~~~~~~~~~~
tls-openssl.c:3344:26: error: ‘event_action’ undeclared (first use in this function); did you mean ‘queue_action’?
3344 | (void) event_raise(event_action, US"tls:fail:connect", *errstr, NULL);
| ^~~~~~~~~~~~
| queue_action
tls-openssl.c:3344:26: note: each undeclared identifier is reported only once for each function it appears in
make[1]: *** [Makefile:800: tls.o] Error 1
make[1]: Leaving directory '/usr/local/exim/src/exim-4.96-RC0/build-Linux-x86_64'


What now?


Kind regards, Frank

--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
Re: Exim 4.96-RC0 released [ In reply to ]
On 25/04/2022 15:03, Frank Elsner via Exim-users wrote:
> tls-openssl.c:3344:14: warning: implicit declaration of function ‘event_raise’ [-Wimplicit-function-declaration]
> 3344 | (void) event_raise(event_action, US"tls:fail:connect", *errstr, NULL);

> What now?

Probably a missing guard
#ifndef DISABLE_EVENT

for that one line (and you are compiling
with DISABLE_EVENT).

Thanks for finding this.
--
Cheers,
Jeremy

--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
Re: Exim 4.96-RC0 released [ In reply to ]
On 2022-04-23 Jeremy Harris via Exim-users <exim-users@exim.org> wrote:
> Hi all,

> Enough changes have accumulated since 4.95 for it to be worth
> spinning another release. The first Release Candidate is available

> - as tarball: https://ftp.exim.org/pub/exim/exim4/test
> - directly from Git: https://git.exim.org
> tag exim-4.96-RC0
[...]

Thak you.

Binaries are available in Debian/experimental.

cu Andreas

--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
Re: [exim-announce] Exim 4.96-RC0 released [ In reply to ]
On Mon, Apr 25, 2022 at 3:32 PM Jeremy Harris via Exim-announce <
exim-announce@exim.org> wrote:

> Hi all,
>
> Enough changes have accumulated since 4.95 for it to be worth
> spinning another release. The first Release Candidate is available
>
> - as tarball: https://ftp.exim.org/pub/exim/exim4/test
> - directly from Git: https://git.exim.org
> tag exim-4.96-RC0
>
>
Trying to compile on FreeBSD-13-amd64:

root@gw:/usr/local/SRC/Exim/exim-4.96-RC0 # make
/bin/sh scripts/source_checks
`Makefile' is up to date.

clang -g -DMACRO_PREDEF macro_predef.c
In file included from macro_predef.c:12:
In file included from ./exim.h:535:
./hintsdb.h:461:4: error: Berkeley DB version 1 is no longer supported
# error Berkeley DB version 1 is no longer supported
^
./hintsdb.h:751:15: error: unknown type name 'EXIM_DB'
static inline EXIM_DB *
^
./hintsdb.h:755:8: warning: implicit declaration of function
'exim_dbopen__' is invalid in C99 [-Wimplicit-function-declaration]
return exim_dbopen__(name, dirname, flags, mode);
^
./hintsdb.h:755:8: warning: incompatible integer to pointer conversion
returning 'int' from a function with result type 'int *' [-Wint-conversion]
return exim_dbopen__(name, dirname, flags, mode);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
./hintsdb.h:759:14: error: unknown type name 'EXIM_DB'
exim_dbclose(EXIM_DB * dbp)
^
./hintsdb.h:760:3: warning: implicit declaration of function
'exim_dbclose__' is invalid in C99 [-Wimplicit-function-declaration]
{ exim_dbclose__(dbp); }
^
In file included from macro_predef.c:12:
In file included from ./exim.h:542:
./dbfunctions.h:19:37: error: unknown type name 'EXIM_CURSOR'
uschar *dbfn_scan(open_db *, BOOL, EXIM_CURSOR **);
^
3 warnings and 4 errors generated.
*** Error code 1

Stop.
make[1]: stopped in /usr/local/SRC/Exim/exim-4.96-RC0/build-FreeBSD-amd64
*** Error code 1

Stop.
make: stopped in /usr/local/SRC/Exim/exim-4.96-RC0

My Local/Makefile - https://pastebin.ubuntu.com/p/wVk28zxjh2/



--
Best regards,
Odhiambo WASHINGTON,
Nairobi,KE
+254 7 3200 0004/+254 7 2274 3223
"Oh, the cruft.", egrep -v '^$|^.*#' ¯\_(?)_/¯ :-)
--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
Re: [exim-announce] Exim 4.96-RC0 released [ In reply to ]
On 25/04/2022 20:14, Odhiambo Washington via Exim-users wrote:
> Trying to compile on FreeBSD-13-amd64:
>
> root@gw:/usr/local/SRC/Exim/exim-4.96-RC0 # make
> /bin/sh scripts/source_checks
> `Makefile' is up to date.
>
> clang -g -DMACRO_PREDEF macro_predef.c
> In file included from macro_predef.c:12:
> In file included from ./exim.h:535:
> ./hintsdb.h:461:4: error: Berkeley DB version 1 is no longer supported
> # error Berkeley DB version 1 is no longer supported

What it says.
--
Cheers,
Jeremy

--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
Re: [exim-announce] Exim 4.96-RC0 released [ In reply to ]
On Tue, Apr 26, 2022 at 1:25 AM Jeremy Harris via Exim-users <
exim-users@exim.org> wrote:

> On 25/04/2022 20:14, Odhiambo Washington via Exim-users wrote:
> > Trying to compile on FreeBSD-13-amd64:
> >
> > root@gw:/usr/local/SRC/Exim/exim-4.96-RC0 # make
> > /bin/sh scripts/source_checks
> > `Makefile' is up to date.
> >
> > clang -g -DMACRO_PREDEF macro_predef.c
> > In file included from macro_predef.c:12:
> > In file included from ./exim.h:535:
> > ./hintsdb.h:461:4: error: Berkeley DB version 1 is no longer supported
> > # error Berkeley DB version 1 is no longer supported
>
> What it says.
>

I am a bit confused about this. Does it refer to "The Oracle Berkeley DB"?
If that is the case, my server has "The Oracle Berkeley DB, revision 5.3"

--
Best regards,
Odhiambo WASHINGTON,
Nairobi,KE
+254 7 3200 0004/+254 7 2274 3223
"Oh, the cruft.", egrep -v '^$|^.*#' ¯\_(?)_/¯ :-)
--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
Re: Exim 4.96-RC0 released [ In reply to ]
> - Query-style lookups are now checked for quoting, if the query string is
> built using untrusted data ("tainted"). For now lack of quoting is
> merely logged; a future release will upgrade this to an error.

Does it apply to dnsdb?

If yes then how to quote for ptr, a, mxh, txt?

--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
Re: [exim-announce] Exim 4.96-RC0 released [ In reply to ]
• Odhiambo Washington via Exim-users [2022-04-26 09:22]:
> On Tue, Apr 26, 2022 at 1:25 AM Jeremy Harris via Exim-users <
> exim-users@exim.org> wrote:
>
> > On 25/04/2022 20:14, Odhiambo Washington via Exim-users wrote:
> > > Trying to compile on FreeBSD-13-amd64:
> > >
> > > root@gw:/usr/local/SRC/Exim/exim-4.96-RC0 # make
> > > /bin/sh scripts/source_checks
> > > `Makefile' is up to date.
> > >
> > > clang -g -DMACRO_PREDEF macro_predef.c
> > > In file included from macro_predef.c:12:
> > > In file included from ./exim.h:535:
> > > ./hintsdb.h:461:4: error: Berkeley DB version 1 is no longer supported
> > > # error Berkeley DB version 1 is no longer supported
> >
> > What it says.
> >
>
> I am a bit confused about this. Does it refer to "The Oracle Berkeley DB"?
> If that is the case, my server has "The Oracle Berkeley DB, revision 5.3"

You might have it, but Exim has not been told to use it.

Hint:

Add -I/usr/local/include/db5 to CFLAGS
Add -L/usr/local/lib/db5 -ldb to EXTRALIBS

> --
> Best regards,
> Odhiambo WASHINGTON,
> Nairobi,KE
> +254 7 3200 0004/+254 7 2274 3223
> "Oh, the cruft.", egrep -v '^$|^.*#' ¯\_(?)_/¯ :-)
> --
> ## List details at https://lists.exim.org/mailman/listinfo/exim-users
> ## Exim details at http://www.exim.org/
> ## Please use the Wiki with this list - http://wiki.exim.org/

--
-- Kirill Miazine <km@krot.org>

--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
Re: [exim-announce] Exim 4.96-RC0 released [ In reply to ]
On 26/04/2022 07:22, Odhiambo Washington via Exim-users wrote:
> I am a bit confused about this. Does it refer to "The Oracle Berkeley DB"?

Yes.

> If that is the case, my server has "The Oracle Berkeley DB, revision 5.3"

The db.h your compile is picking up is for version 1.
Perhaps you have both.
--
Cheers,
Jeremy

--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
Re: Exim 4.96-RC0 released [ In reply to ]
On 26/04/2022 08:07, Lena--- via Exim-users wrote:
>> - Query-style lookups are now checked for quoting, if the query string is
>> built using untrusted data ("tainted"). For now lack of quoting is
>> merely logged; a future release will upgrade this to an error.
> Does it apply to dnsdb?

No. No quoting is needed for dnsdb.
--
Cheers,
Jeremy

--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
Re: Exim 4.96-RC0 released [ In reply to ]
I'm concerned with the "EXPIRATION_DATE=2022-06-30" below:

FreeBSD 12.3 base contains /usr/include/db.h without DB_VERSION_STRING
with

* @(#)db.h 8.7 (Berkeley) 6/16/94
* $FreeBSD: releng/12.3/include/db.h 326024 2017-11-20 19:45:28Z pfg $

Ports have:

databases/db18:

PORTVERSION= 18.1.40
COMMENT= Oracle Berkeley DB, Release ${BDBVER}

databases/db5:

PORTVERSION= 5.3.28
DEPRECATED= EOLd, potential security issues, maybe use db18 instead
EXPIRATION_DATE=2022-06-30
COMMENT= Oracle Berkeley DB, revision ${BDBVER}

Exim 4.96 src/hintsdb.h :

# include <db.h>

/* 1.x did no locking
2.x had facilities, but exim does it's own
3.x+ unknown
*/

/* We can distinguish between versions 1.x and 2.x/3.x by looking for a
definition of DB_VERSION_STRING, which is present in versions 2.x onwards. */

# ifdef DB_VERSION_STRING

# if DB_VERSION_MAJOR >= 6
# error Version 6 and later BDB API is not supported


--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
Re: Exim 4.96-RC0 released [ In reply to ]
On 27/04/2022 13:25, Lena--- via Exim-users wrote:
> I'm concerned with the "EXPIRATION_DATE=2022-06-30"

TDB and GDBM are possible alternates to BDB;
GDBM having two separately supported APIs.
--
Cheers,
Jeremy

--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/