Compare commits
2 Commits
Author | SHA1 | Date | |
---|---|---|---|
|
dfe5f0fc79 | ||
|
566176665d |
@ -1,13 +1,13 @@
|
||||
diff --git a/src/lookups/Makefile b/src/lookups/Makefile
|
||||
index 19585bf..a0d355f 100644
|
||||
index 6ba0cb1..21a7ad7 100644
|
||||
--- a/src/lookups/Makefile
|
||||
+++ b/src/lookups/Makefile
|
||||
@@ -24,7 +24,7 @@ lookups.a: $(OBJ)
|
||||
@@ -22,7 +22,7 @@ lookups.a: $(OBJ)
|
||||
$(FE)$(CC) -c $(CFLAGS) $(INCLUDE) $*.c
|
||||
|
||||
.c.so:; @echo "$(CC) -shared $*.c"
|
||||
- $(FE)$(CC) $(LOOKUP_$*_INCLUDE) $(LOOKUP_$*_LIBS) -DDYNLOOKUP $(CFLAGS_DYNAMIC) $(CFLAGS) $(INCLUDE) $(DLFLAGS) $*.c -o $@
|
||||
+ $(FE)$(CC) $(LOOKUP_$*_INCLUDE) $(LOOKUP_$*_LIBS) -DDYNLOOKUP $(CFLAGS_DYNAMIC) $(CFLAGS) $(INCLUDE) $(DLFLAGS) $(PIC) $*.c -o $@
|
||||
|
||||
lf_check_file.o: $(HDRS) lf_check_file.c lf_functions.h
|
||||
lf_quote.o: $(HDRS) lf_quote.c lf_functions.h
|
||||
lf_check_file.o: $(PHDRS) lf_check_file.c lf_functions.h
|
||||
lf_quote.o: $(PHDRS) lf_quote.c lf_functions.h
|
@ -1,8 +1,8 @@
|
||||
diff --git a/src/EDITME b/src/EDITME
|
||||
index cf0b33e..7d4cbf3 100644
|
||||
index 65082b5..757a1a3 100644
|
||||
--- a/src/EDITME
|
||||
+++ b/src/EDITME
|
||||
@@ -878,6 +878,21 @@ HAVE_ICONV=yes
|
||||
@@ -882,6 +882,21 @@ HAVE_ICONV=yes
|
||||
# *** WARNING *** WARNING *** WARNING *** WARNING *** WARNING ***
|
||||
|
||||
|
||||
@ -25,12 +25,12 @@ index cf0b33e..7d4cbf3 100644
|
||||
# The default distribution of Exim contains only the plain text form of the
|
||||
# documentation. Other forms are available separately. If you want to install
|
||||
diff --git a/src/config.h.defaults b/src/config.h.defaults
|
||||
index 25ab755..e27a51d 100644
|
||||
index e17f015..008b97b 100644
|
||||
--- a/src/config.h.defaults
|
||||
+++ b/src/config.h.defaults
|
||||
@@ -33,6 +33,8 @@ Do not put spaces between # and the 'define'.
|
||||
|
||||
#define AUTH_VARS 4
|
||||
#define AUTH_VARS 3
|
||||
|
||||
+#define DLOPEN_LOCAL_SCAN
|
||||
+
|
||||
@ -38,10 +38,10 @@ index 25ab755..e27a51d 100644
|
||||
|
||||
#define CONFIGURE_FILE
|
||||
diff --git a/src/globals.c b/src/globals.c
|
||||
index ff246fe..b9dfbbb 100644
|
||||
index fc3086f..aa11a9b 100644
|
||||
--- a/src/globals.c
|
||||
+++ b/src/globals.c
|
||||
@@ -151,6 +151,10 @@ time_t tls_watch_trigger_time = (time_t)0;
|
||||
@@ -147,6 +147,10 @@ uschar *tls_verify_hosts = NULL;
|
||||
uschar *tls_advertise_hosts = NULL;
|
||||
#endif
|
||||
|
||||
@ -53,12 +53,12 @@ index ff246fe..b9dfbbb 100644
|
||||
/* Per Recipient Data Response variables */
|
||||
BOOL prdr_enable = FALSE;
|
||||
diff --git a/src/globals.h b/src/globals.h
|
||||
index fe099e4..7530a76 100644
|
||||
index c80c853..333455c 100644
|
||||
--- a/src/globals.h
|
||||
+++ b/src/globals.h
|
||||
@@ -148,6 +148,11 @@ extern uschar *tls_verify_hosts; /* Mandatory client verification */
|
||||
extern int tls_watch_fd; /* for inotify of creds files */
|
||||
extern time_t tls_watch_trigger_time; /* non-0: triggered */
|
||||
@@ -141,6 +141,11 @@ extern uschar *tls_try_verify_hosts; /* Optional client verification */
|
||||
extern uschar *tls_verify_certificates;/* Path for certificates to check */
|
||||
extern uschar *tls_verify_hosts; /* Mandatory client verification */
|
||||
#endif
|
||||
+
|
||||
+#ifdef DLOPEN_LOCAL_SCAN
|
||||
@ -69,11 +69,11 @@ index fe099e4..7530a76 100644
|
||||
|
||||
extern uschar *dsn_envid; /* DSN envid string */
|
||||
diff --git a/src/local_scan.c b/src/local_scan.c
|
||||
index 7a3bae7..6ea5d2d 100644
|
||||
index 4dd0b2b..72e0033 100644
|
||||
--- a/src/local_scan.c
|
||||
+++ b/src/local_scan.c
|
||||
@@ -6,59 +6,133 @@
|
||||
/* Copyright (c) The Exim Maintainers 2021 */
|
||||
@@ -5,61 +5,135 @@
|
||||
/* Copyright (c) University of Cambridge 1995 - 2009 */
|
||||
/* See the file NOTICE for conditions of use and distribution. */
|
||||
|
||||
+#include <local_scan.h>
|
||||
@ -137,6 +137,8 @@ index 7a3bae7..6ea5d2d 100644
|
||||
int
|
||||
local_scan(int fd, uschar **return_text)
|
||||
{
|
||||
fd = fd; /* Keep picky compilers happy */
|
||||
return_text = return_text;
|
||||
-return LOCAL_SCAN_ACCEPT;
|
||||
+#ifdef DLOPEN_LOCAL_SCAN
|
||||
+/* local_scan_path is defined AND not the empty string */
|
||||
@ -168,8 +170,8 @@ index 7a3bae7..6ea5d2d 100644
|
||||
+else
|
||||
+#endif
|
||||
+ return LOCAL_SCAN_ACCEPT;
|
||||
+ }
|
||||
+
|
||||
}
|
||||
|
||||
+#ifdef DLOPEN_LOCAL_SCAN
|
||||
+
|
||||
+static int load_local_scan_library(void)
|
||||
@ -248,16 +250,16 @@ index 7a3bae7..6ea5d2d 100644
|
||||
+ }
|
||||
+
|
||||
+return TRUE;
|
||||
}
|
||||
|
||||
+}
|
||||
+
|
||||
+#endif /* DLOPEN_LOCAL_SCAN */
|
||||
+
|
||||
/* End of local_scan.c */
|
||||
diff --git a/src/readconf.c b/src/readconf.c
|
||||
index 06bc50f..6ecb0af 100644
|
||||
index 0d0769c..f1bb0ef 100644
|
||||
--- a/src/readconf.c
|
||||
+++ b/src/readconf.c
|
||||
@@ -212,6 +212,9 @@ static optionlist optionlist_config[] = {
|
||||
@@ -205,6 +205,9 @@ static optionlist optionlist_config[] = {
|
||||
{ "local_from_prefix", opt_stringptr, {&local_from_prefix} },
|
||||
{ "local_from_suffix", opt_stringptr, {&local_from_suffix} },
|
||||
{ "local_interfaces", opt_stringptr, {&local_interfaces} },
|
@ -1,8 +1,8 @@
|
||||
diff --git a/scripts/Configure-Makefile b/scripts/Configure-Makefile
|
||||
index ed77b6a..b9eb64d 100755
|
||||
index 61368ec..e8fe9ef 100755
|
||||
--- a/scripts/Configure-Makefile
|
||||
+++ b/scripts/Configure-Makefile
|
||||
@@ -317,7 +317,7 @@ if [ "${EXIM_PERL}" != "" ] ; then
|
||||
@@ -297,7 +297,7 @@ if [ "${EXIM_PERL}" != "" ] ; then
|
||||
|
||||
mv $mft $mftt
|
||||
echo "PERL_CC=`$PERL_COMMAND -MConfig -e 'print $Config{cc}'`" >>$mft
|
||||
@ -12,7 +12,7 @@ index ed77b6a..b9eb64d 100755
|
||||
echo "" >>$mft
|
||||
cat $mftt >> $mft
|
||||
diff --git a/src/EDITME b/src/EDITME
|
||||
index 53022e5..cf0b33e 100644
|
||||
index 8da36a3..9b7682c 100644
|
||||
--- a/src/EDITME
|
||||
+++ b/src/EDITME
|
||||
@@ -99,7 +99,7 @@
|
||||
@ -52,7 +52,7 @@ index 53022e5..cf0b33e 100644
|
||||
# Many sites define a user called "exim", with an appropriate default group,
|
||||
# and use
|
||||
@@ -210,10 +210,10 @@ SPOOL_DIRECTORY=/var/spool/exim
|
||||
# If you are building with TLS, the library configuration must be done:
|
||||
# If you are buliding with TLS, the library configuration must be done:
|
||||
|
||||
# Uncomment this if you are using OpenSSL
|
||||
-# USE_OPENSSL=yes
|
||||
@ -64,7 +64,7 @@ index 53022e5..cf0b33e 100644
|
||||
# TLS_LIBS=-lssl -lcrypto
|
||||
# TLS_LIBS=-L/usr/local/openssl/lib -lssl -lcrypto
|
||||
|
||||
@@ -340,7 +340,7 @@ TRANSPORT_SMTP=yes
|
||||
@@ -337,7 +337,7 @@ TRANSPORT_SMTP=yes
|
||||
# This one is special-purpose, and commonly not required, so it is not
|
||||
# included by default.
|
||||
|
||||
@ -73,7 +73,7 @@ index 53022e5..cf0b33e 100644
|
||||
|
||||
|
||||
#------------------------------------------------------------------------------
|
||||
@@ -349,9 +349,9 @@ TRANSPORT_SMTP=yes
|
||||
@@ -346,9 +346,9 @@ TRANSPORT_SMTP=yes
|
||||
# MBX, is included only when requested. If you do not know what this is about,
|
||||
# leave these settings commented out.
|
||||
|
||||
@ -86,7 +86,7 @@ index 53022e5..cf0b33e 100644
|
||||
|
||||
|
||||
#------------------------------------------------------------------------------
|
||||
@@ -409,22 +409,28 @@ LOOKUP_DBM=yes
|
||||
@@ -406,20 +406,26 @@ LOOKUP_DBM=yes
|
||||
LOOKUP_LSEARCH=yes
|
||||
LOOKUP_DNSDB=yes
|
||||
|
||||
@ -97,18 +97,17 @@ index 53022e5..cf0b33e 100644
|
||||
# LOOKUP_IBASE=yes
|
||||
# LOOKUP_JSON=yes
|
||||
-# LOOKUP_LDAP=yes
|
||||
+LOOKUP_LDAP=yes
|
||||
+LDAP_LIB_TYPE=OPENLDAP2
|
||||
+LOOKUP_LIBS=-lldap -llber -lsqlite3
|
||||
# LOOKUP_LMDB=yes
|
||||
|
||||
-# LOOKUP_MYSQL=yes
|
||||
-# LOOKUP_MYSQL_PC=mariadb
|
||||
-# LOOKUP_NIS=yes
|
||||
-# LOOKUP_NISPLUS=yes
|
||||
+LOOKUP_LDAP=yes
|
||||
+LDAP_LIB_TYPE=OPENLDAP2
|
||||
+LOOKUP_LIBS=-lldap -llber -lsqlite3
|
||||
+LOOKUP_MYSQL=2
|
||||
+LOOKUP_MYSQL_PC=mariadb
|
||||
+LOOKUP_NIS=yes
|
||||
# LOOKUP_NISPLUS=yes
|
||||
+LOOKUP_NISPLUS=yes
|
||||
+CFLAGS+=-I/usr/include/nsl -I/usr/include/tirpc
|
||||
+LIBS+=-L/usr/$(_lib)/nsl
|
||||
+
|
||||
@ -124,7 +123,7 @@ index 53022e5..cf0b33e 100644
|
||||
# LOOKUP_SQLITE_PC=sqlite3
|
||||
# LOOKUP_WHOSON=yes
|
||||
|
||||
@@ -437,7 +443,7 @@ LOOKUP_DNSDB=yes
|
||||
@@ -432,7 +438,7 @@ LOOKUP_DNSDB=yes
|
||||
|
||||
|
||||
# Some platforms may need this for LOOKUP_NIS:
|
||||
@ -133,7 +132,7 @@ index 53022e5..cf0b33e 100644
|
||||
|
||||
#------------------------------------------------------------------------------
|
||||
# If you have set LOOKUP_LDAP=yes, you should set LDAP_LIB_TYPE to indicate
|
||||
@@ -511,7 +517,7 @@ SUPPORT_DANE=yes
|
||||
@@ -498,7 +504,7 @@ SUPPORT_DANE=yes
|
||||
# files are defaulted in the OS/Makefile-Default file, but can be overridden in
|
||||
# local OS-specific make files.
|
||||
|
||||
@ -142,7 +141,7 @@ index 53022e5..cf0b33e 100644
|
||||
|
||||
|
||||
#------------------------------------------------------------------------------
|
||||
@@ -521,7 +527,7 @@ SUPPORT_DANE=yes
|
||||
@@ -508,7 +514,7 @@ SUPPORT_DANE=yes
|
||||
# and the MIME ACL. Please read the documentation to learn more about these
|
||||
# features.
|
||||
|
||||
@ -151,10 +150,10 @@ index 53022e5..cf0b33e 100644
|
||||
|
||||
# If you have content scanning you may wish to only include some of the scanner
|
||||
# interfaces. Uncomment any of these lines to remove that code.
|
||||
@@ -604,12 +610,12 @@ DISABLE_MAL_MKS=yes
|
||||
@@ -595,12 +601,12 @@ DISABLE_MAL_MKS=yes
|
||||
|
||||
# Uncomment the following line to add DMARC checking capability, implemented
|
||||
# using libopendmarc libraries. You must have SPF and DKIM support enabled also.
|
||||
# Library version libopendmarc-1.4.1-1.fc33.x86_64 (on Fedora 33) is known broken;
|
||||
# 1.3.2-3 works. I seems that the OpenDMARC project broke their API.
|
||||
-# SUPPORT_DMARC=yes
|
||||
+SUPPORT_DMARC=yes
|
||||
# CFLAGS += -I/usr/local/include
|
||||
@ -167,7 +166,7 @@ index 53022e5..cf0b33e 100644
|
||||
|
||||
# Uncomment the following line to add ARC (Authenticated Received Chain)
|
||||
# support. You must have SPF and DKIM support enabled also.
|
||||
@@ -709,7 +715,7 @@ FIXED_NEVER_USERS=root
|
||||
@@ -713,7 +719,7 @@ FIXED_NEVER_USERS=root
|
||||
# CONFIGURE_OWNER setting, to specify a configuration file which is listed in
|
||||
# the TRUSTED_CONFIG_LIST file, then root privileges are not dropped by Exim.
|
||||
|
||||
@ -176,7 +175,7 @@ index 53022e5..cf0b33e 100644
|
||||
|
||||
|
||||
#------------------------------------------------------------------------------
|
||||
@@ -754,18 +760,18 @@ FIXED_NEVER_USERS=root
|
||||
@@ -758,18 +764,18 @@ FIXED_NEVER_USERS=root
|
||||
# included in the Exim binary. You will then need to set up the run time
|
||||
# configuration to make use of the mechanism(s) selected.
|
||||
|
||||
@ -203,7 +202,7 @@ index 53022e5..cf0b33e 100644
|
||||
|
||||
# Heimdal through 1.5 required pkg-config 'heimdal-gssapi'; Heimdal 7.1
|
||||
# requires multiple pkg-config files to work with Exim, so the second example
|
||||
@@ -792,7 +798,7 @@ FIXED_NEVER_USERS=root
|
||||
@@ -796,7 +802,7 @@ FIXED_NEVER_USERS=root
|
||||
# one that is set in the headers_charset option. The default setting is
|
||||
# defined by this setting:
|
||||
|
||||
@ -212,7 +211,7 @@ index 53022e5..cf0b33e 100644
|
||||
|
||||
# If you are going to make use of $header_xxx expansions in your configuration
|
||||
# file, or if your users are going to use them in filter files, and the normal
|
||||
@@ -812,7 +818,7 @@ HEADERS_CHARSET="ISO-8859-1"
|
||||
@@ -816,7 +822,7 @@ HEADERS_CHARSET="ISO-8859-1"
|
||||
# the Sieve filter support. For those OS where iconv() is known to be installed
|
||||
# as standard, the file in OS/Makefile-xxxx contains
|
||||
#
|
||||
@ -221,7 +220,7 @@ index 53022e5..cf0b33e 100644
|
||||
#
|
||||
# If you are not using one of those systems, but have installed iconv(), you
|
||||
# need to uncomment that line above. In some cases, you may find that iconv()
|
||||
@@ -888,7 +894,7 @@ HEADERS_CHARSET="ISO-8859-1"
|
||||
@@ -892,7 +898,7 @@ HEADERS_CHARSET="ISO-8859-1"
|
||||
# Once you have done this, "make install" will build the info files and
|
||||
# install them in the directory you have defined.
|
||||
|
||||
@ -230,7 +229,7 @@ index 53022e5..cf0b33e 100644
|
||||
|
||||
|
||||
#------------------------------------------------------------------------------
|
||||
@@ -901,7 +907,7 @@ HEADERS_CHARSET="ISO-8859-1"
|
||||
@@ -905,7 +911,7 @@ HEADERS_CHARSET="ISO-8859-1"
|
||||
# %s. This will be replaced by one of the strings "main", "panic", or "reject"
|
||||
# to form the final file names. Some installations may want something like this:
|
||||
|
||||
@ -239,7 +238,7 @@ index 53022e5..cf0b33e 100644
|
||||
|
||||
# which results in files with names /var/log/exim_mainlog, etc. The directory
|
||||
# in which the log files are placed must exist; Exim does not try to create
|
||||
@@ -973,7 +979,7 @@ ZCAT_COMMAND=/usr/bin/zcat
|
||||
@@ -977,7 +983,7 @@ ZCAT_COMMAND=/usr/bin/zcat
|
||||
# (version 5.004 or later) installed, set EXIM_PERL to perl.o. Using embedded
|
||||
# Perl costs quite a lot of resources. Only do this if you really need it.
|
||||
|
||||
@ -248,7 +247,7 @@ index 53022e5..cf0b33e 100644
|
||||
|
||||
|
||||
#------------------------------------------------------------------------------
|
||||
@@ -983,7 +989,7 @@ ZCAT_COMMAND=/usr/bin/zcat
|
||||
@@ -987,7 +993,7 @@ ZCAT_COMMAND=/usr/bin/zcat
|
||||
# that the local_scan API is made available by the linker. You may also need
|
||||
# to add -ldl to EXTRALIBS so that dlopen() is available to Exim.
|
||||
|
||||
@ -257,7 +256,7 @@ index 53022e5..cf0b33e 100644
|
||||
|
||||
|
||||
#------------------------------------------------------------------------------
|
||||
@@ -993,7 +999,7 @@ ZCAT_COMMAND=/usr/bin/zcat
|
||||
@@ -997,7 +1003,7 @@ ZCAT_COMMAND=/usr/bin/zcat
|
||||
# support, which is intended for use in conjunction with the SMTP AUTH
|
||||
# facilities, is included only when requested by the following setting:
|
||||
|
||||
@ -266,7 +265,7 @@ index 53022e5..cf0b33e 100644
|
||||
|
||||
# You probably need to add -lpam to EXTRALIBS, and in some releases of
|
||||
# GNU/Linux -ldl is also needed.
|
||||
@@ -1005,12 +1011,12 @@ ZCAT_COMMAND=/usr/bin/zcat
|
||||
@@ -1009,12 +1015,12 @@ ZCAT_COMMAND=/usr/bin/zcat
|
||||
# If you may want to use outbound (client-side) proxying, using Socks5,
|
||||
# uncomment the line below.
|
||||
|
||||
@ -281,7 +280,7 @@ index 53022e5..cf0b33e 100644
|
||||
|
||||
|
||||
#------------------------------------------------------------------------------
|
||||
@@ -1034,9 +1040,9 @@ ZCAT_COMMAND=/usr/bin/zcat
|
||||
@@ -1038,9 +1044,9 @@ ZCAT_COMMAND=/usr/bin/zcat
|
||||
# installed on your system (www.libspf2.org). Depending on where it is installed
|
||||
# you may have to edit the CFLAGS and LDFLAGS lines.
|
||||
|
||||
@ -293,7 +292,7 @@ index 53022e5..cf0b33e 100644
|
||||
|
||||
|
||||
#------------------------------------------------------------------------------
|
||||
@@ -1101,7 +1107,7 @@ ZCAT_COMMAND=/usr/bin/zcat
|
||||
@@ -1105,7 +1111,7 @@ ZCAT_COMMAND=/usr/bin/zcat
|
||||
# group. Once you have installed saslauthd, you should arrange for it to be
|
||||
# started by root at boot time.
|
||||
|
||||
@ -302,7 +301,7 @@ index 53022e5..cf0b33e 100644
|
||||
|
||||
|
||||
#------------------------------------------------------------------------------
|
||||
@@ -1115,8 +1121,8 @@ ZCAT_COMMAND=/usr/bin/zcat
|
||||
@@ -1119,8 +1125,8 @@ ZCAT_COMMAND=/usr/bin/zcat
|
||||
# library for TCP wrappers, so you probably need something like this:
|
||||
#
|
||||
# USE_TCP_WRAPPERS=yes
|
||||
@ -313,7 +312,7 @@ index 53022e5..cf0b33e 100644
|
||||
#
|
||||
# but of course there may need to be other things in CFLAGS and EXTRALIBS_EXIM
|
||||
# as well.
|
||||
@@ -1168,7 +1174,7 @@ SYSTEM_ALIASES_FILE=/etc/aliases
|
||||
@@ -1172,7 +1178,7 @@ SYSTEM_ALIASES_FILE=/etc/aliases
|
||||
# is "yes", as well as supporting line editing, a history of input lines in the
|
||||
# current run is maintained.
|
||||
|
||||
@ -322,7 +321,7 @@ index 53022e5..cf0b33e 100644
|
||||
|
||||
# You may need to add -ldl to EXTRALIBS when you set USE_READLINE=yes.
|
||||
# Note that this option adds to the size of the Exim binary, because the
|
||||
@@ -1185,7 +1191,7 @@ SYSTEM_ALIASES_FILE=/etc/aliases
|
||||
@@ -1189,7 +1195,7 @@ SYSTEM_ALIASES_FILE=/etc/aliases
|
||||
#------------------------------------------------------------------------------
|
||||
# Uncomment this setting to include IPv6 support.
|
||||
|
||||
@ -331,7 +330,7 @@ index 53022e5..cf0b33e 100644
|
||||
|
||||
###############################################################################
|
||||
# THINGS YOU ALMOST NEVER NEED TO MENTION #
|
||||
@@ -1206,13 +1212,13 @@ SYSTEM_ALIASES_FILE=/etc/aliases
|
||||
@@ -1210,13 +1216,13 @@ SYSTEM_ALIASES_FILE=/etc/aliases
|
||||
# haven't got Perl, Exim will still build and run; you just won't be able to
|
||||
# use those utilities.
|
||||
|
||||
@ -352,7 +351,7 @@ index 53022e5..cf0b33e 100644
|
||||
|
||||
|
||||
#------------------------------------------------------------------------------
|
||||
@@ -1414,7 +1420,7 @@ EXIM_TMPDIR="/tmp"
|
||||
@@ -1418,7 +1424,7 @@ EXIM_TMPDIR="/tmp"
|
||||
# (process id) to a file so that it can easily be identified. The path of the
|
||||
# file can be specified here. Some installations may want something like this:
|
||||
|
||||
@ -362,7 +361,7 @@ index 53022e5..cf0b33e 100644
|
||||
# If PID_FILE_PATH is not defined, Exim writes a file in its spool directory
|
||||
# using the name "exim-daemon.pid".
|
||||
diff --git a/src/configure.default b/src/configure.default
|
||||
index 3761daf..a5d3718 100644
|
||||
index d94c148..1f6afd4 100644
|
||||
--- a/src/configure.default
|
||||
+++ b/src/configure.default
|
||||
@@ -67,7 +67,7 @@
|
||||
@ -407,12 +406,12 @@ index 3761daf..a5d3718 100644
|
||||
+# sqlite_dbfile = /var/spool/exim/db/greylist.db
|
||||
+
|
||||
+
|
||||
# If Exim is compiled with support for TLS, you may want to change the
|
||||
# following option so that Exim disallows certain clients from makeing encrypted
|
||||
# connections. The default is to allow all.
|
||||
# If Exim is compiled with support for TLS, you may want to enable the
|
||||
# following options so that Exim allows clients to make encrypted
|
||||
# connections. In the authenticators section below, there are template
|
||||
@@ -157,7 +165,7 @@ acl_smtp_data = acl_check_data
|
||||
|
||||
# This is equivalent to the default.
|
||||
# Allow any client to use TLS.
|
||||
|
||||
-# tls_advertise_hosts = *
|
||||
+tls_advertise_hosts = *
|
||||
@ -429,8 +428,8 @@ index 3761daf..a5d3718 100644
|
||||
+tls_privatekey = /etc/pki/tls/private/exim.pem
|
||||
|
||||
# For OpenSSL, prefer EC- over RSA-authenticated ciphers
|
||||
.ifdef _HAVE_OPENSSL
|
||||
@@ -189,8 +197,8 @@ tls_resumption_hosts = ${if inlist {$received_port}{587:465} {:}{*}}
|
||||
# tls_require_ciphers = ECDSA:RSA:!COMPLEMENTOFDEFAULT
|
||||
@@ -180,8 +188,8 @@ acl_smtp_data = acl_check_data
|
||||
# them you should also allow TLS-on-connect on the traditional but
|
||||
# non-standard port 465.
|
||||
|
||||
@ -441,7 +440,7 @@ index 3761daf..a5d3718 100644
|
||||
|
||||
|
||||
# Specify the domain you want to be added to all unqualified addresses
|
||||
@@ -248,6 +256,24 @@ never_users = root
|
||||
@@ -239,6 +247,24 @@ never_users = root
|
||||
|
||||
host_lookup = *
|
||||
|
||||
@ -466,7 +465,7 @@ index 3761daf..a5d3718 100644
|
||||
|
||||
# The setting below causes Exim to try to initialize the system resolver
|
||||
# library with DNSSEC support. It has no effect if your library lacks
|
||||
@@ -378,8 +404,8 @@ timeout_frozen_after = 7d
|
||||
@@ -369,8 +395,8 @@ timeout_frozen_after = 7d
|
||||
# Note that TZ is handled separately by the timezone runtime option
|
||||
# and TIMEZONE_DEFAULT buildtime option.
|
||||
|
||||
@ -477,7 +476,7 @@ index 3761daf..a5d3718 100644
|
||||
|
||||
|
||||
|
||||
@@ -390,6 +416,29 @@ timeout_frozen_after = 7d
|
||||
@@ -381,6 +407,29 @@ timeout_frozen_after = 7d
|
||||
|
||||
begin acl
|
||||
|
||||
@ -507,7 +506,7 @@ index 3761daf..a5d3718 100644
|
||||
# This access control list is used for every RCPT command in an incoming
|
||||
# SMTP message. The tests are run in order until the address is either
|
||||
# accepted or denied.
|
||||
@@ -401,6 +450,7 @@ acl_check_rcpt:
|
||||
@@ -392,6 +441,7 @@ acl_check_rcpt:
|
||||
|
||||
accept hosts = :
|
||||
control = dkim_disable_verify
|
||||
@ -515,7 +514,7 @@ index 3761daf..a5d3718 100644
|
||||
|
||||
#############################################################################
|
||||
# The following section of the ACL is concerned with local parts that contain
|
||||
@@ -454,7 +504,8 @@ acl_check_rcpt:
|
||||
@@ -445,7 +495,8 @@ acl_check_rcpt:
|
||||
accept local_parts = postmaster
|
||||
domains = +local_domains
|
||||
|
||||
@ -525,7 +524,7 @@ index 3761daf..a5d3718 100644
|
||||
|
||||
require verify = sender
|
||||
|
||||
@@ -494,6 +545,7 @@ acl_check_rcpt:
|
||||
@@ -485,6 +536,7 @@ acl_check_rcpt:
|
||||
accept hosts = +relay_from_hosts
|
||||
control = submission
|
||||
control = dkim_disable_verify
|
||||
@ -533,15 +532,15 @@ index 3761daf..a5d3718 100644
|
||||
|
||||
# Accept if the message arrived over an authenticated connection, from
|
||||
# any host. Again, these messages are usually from MUAs, so recipient
|
||||
@@ -503,6 +555,7 @@ acl_check_rcpt:
|
||||
@@ -494,6 +546,7 @@ acl_check_rcpt:
|
||||
accept authenticated = *
|
||||
control = submission
|
||||
control = dkim_disable_verify
|
||||
+ control = dmarc_disable_verify
|
||||
|
||||
# Insist that any other recipient address that we accept is either in one of
|
||||
# our local domains, or is in a domain for which we explicitly allow
|
||||
@@ -523,7 +576,8 @@ acl_check_rcpt:
|
||||
# Insist that a HELO/EHLO was accepted.
|
||||
|
||||
@@ -519,7 +572,8 @@ acl_check_rcpt:
|
||||
# There are no default checks on DNS black lists because the domains that
|
||||
# contain these lists are changing all the time. However, here are two
|
||||
# examples of how you can get Exim to perform a DNS black list lookup at this
|
||||
@ -551,7 +550,7 @@ index 3761daf..a5d3718 100644
|
||||
#
|
||||
# deny dnslists = black.list.example
|
||||
# message = rejected because $sender_host_address is in a black list at $dnslist_domain\n$dnslist_text
|
||||
@@ -531,6 +585,10 @@ acl_check_rcpt:
|
||||
@@ -527,6 +581,10 @@ acl_check_rcpt:
|
||||
# warn dnslists = black.list.example
|
||||
# add_header = X-Warning: $sender_host_address is in a black list at $dnslist_domain
|
||||
# log_message = found in $dnslist_domain
|
||||
@ -562,7 +561,7 @@ index 3761daf..a5d3718 100644
|
||||
#############################################################################
|
||||
|
||||
#############################################################################
|
||||
@@ -557,6 +615,10 @@ acl_check_rcpt:
|
||||
@@ -553,6 +611,10 @@ acl_check_rcpt:
|
||||
# set acl_m_content_filter = ${lookup PER_RCPT_CONTENT_FILTER}
|
||||
#############################################################################
|
||||
|
||||
@ -573,7 +572,7 @@ index 3761daf..a5d3718 100644
|
||||
# At this point, the address has passed all the checks that have been
|
||||
# configured, so we accept it unconditionally.
|
||||
|
||||
@@ -606,21 +668,32 @@ acl_check_data:
|
||||
@@ -602,21 +664,32 @@ acl_check_data:
|
||||
message = header syntax
|
||||
log_message = header syntax ($acl_verify_message)
|
||||
|
||||
@ -614,7 +613,7 @@ index 3761daf..a5d3718 100644
|
||||
|
||||
#############################################################################
|
||||
# No more tests if PRDR was actively used.
|
||||
@@ -634,11 +707,63 @@ acl_check_data:
|
||||
@@ -630,11 +703,63 @@ acl_check_data:
|
||||
# condition = ...
|
||||
#############################################################################
|
||||
|
||||
@ -679,7 +678,7 @@ index 3761daf..a5d3718 100644
|
||||
|
||||
|
||||
######################################################################
|
||||
@@ -740,7 +865,7 @@ system_aliases:
|
||||
@@ -736,7 +861,7 @@ system_aliases:
|
||||
driver = redirect
|
||||
allow_fail
|
||||
allow_defer
|
||||
@ -688,7 +687,7 @@ index 3761daf..a5d3718 100644
|
||||
# user = exim
|
||||
file_transport = address_file
|
||||
pipe_transport = address_pipe
|
||||
@@ -778,7 +903,7 @@ userforward:
|
||||
@@ -774,7 +899,7 @@ userforward:
|
||||
# local_part_suffix = +* : -*
|
||||
# local_part_suffix_optional
|
||||
file = $home/.forward
|
||||
@ -697,7 +696,7 @@ index 3761daf..a5d3718 100644
|
||||
no_verify
|
||||
no_expn
|
||||
check_ancestor
|
||||
@@ -786,6 +911,12 @@ userforward:
|
||||
@@ -782,6 +907,12 @@ userforward:
|
||||
pipe_transport = address_pipe
|
||||
reply_transport = address_reply
|
||||
|
||||
@ -710,9 +709,9 @@ index 3761daf..a5d3718 100644
|
||||
|
||||
# This router matches local user mailboxes. If the router fails, the error
|
||||
# message is "Unknown user".
|
||||
@@ -826,6 +957,25 @@ remote_smtp:
|
||||
tls_resumption_hosts = *
|
||||
.endif
|
||||
@@ -823,6 +954,25 @@ remote_smtp:
|
||||
driver = smtp
|
||||
message_size_limit = ${if > {$max_received_linelength}{998} {1}{0}}
|
||||
|
||||
+# This transport is used for delivering messages over SMTP using the
|
||||
+# "message submission" port (RFC4409).
|
||||
@ -736,7 +735,7 @@ index 3761daf..a5d3718 100644
|
||||
|
||||
# This transport is used for delivering messages to a smarthost, if the
|
||||
# smarthost router is enabled. This starts from the same basis as
|
||||
@@ -880,8 +1030,8 @@ local_delivery:
|
||||
@@ -875,8 +1025,8 @@ local_delivery:
|
||||
delivery_date_add
|
||||
envelope_to_add
|
||||
return_path_add
|
||||
@ -747,7 +746,7 @@ index 3761daf..a5d3718 100644
|
||||
|
||||
|
||||
# This transport is used for handling pipe deliveries generated by alias or
|
||||
@@ -914,6 +1064,16 @@ address_reply:
|
||||
@@ -909,6 +1059,16 @@ address_reply:
|
||||
driver = autoreply
|
||||
|
||||
|
||||
@ -764,7 +763,7 @@ index 3761daf..a5d3718 100644
|
||||
|
||||
######################################################################
|
||||
# RETRY CONFIGURATION #
|
||||
@@ -954,6 +1114,21 @@ begin rewrite
|
||||
@@ -949,6 +1109,21 @@ begin rewrite
|
||||
# AUTHENTICATION CONFIGURATION #
|
||||
######################################################################
|
||||
|
||||
@ -786,7 +785,7 @@ index 3761daf..a5d3718 100644
|
||||
# The following authenticators support plaintext username/password
|
||||
# authentication using the standard PLAIN mechanism and the traditional
|
||||
# but non-standard LOGIN mechanism, with Exim acting as the server.
|
||||
@@ -969,7 +1144,7 @@ begin rewrite
|
||||
@@ -964,7 +1139,7 @@ begin rewrite
|
||||
# The default RCPT ACL checks for successful authentication, and will accept
|
||||
# messages from authenticated users from anywhere on the Internet.
|
||||
|
||||
@ -795,7 +794,7 @@ index 3761daf..a5d3718 100644
|
||||
|
||||
# PLAIN authentication has no server prompts. The client sends its
|
||||
# credentials in one lump, containing an authorization ID (which we do not
|
||||
@@ -983,7 +1158,7 @@ begin authenticators
|
||||
@@ -978,7 +1153,7 @@ begin authenticators
|
||||
# driver = plaintext
|
||||
# server_set_id = $auth2
|
||||
# server_prompts = :
|
||||
@ -804,7 +803,7 @@ index 3761daf..a5d3718 100644
|
||||
# server_advertise_condition = ${if def:tls_in_cipher }
|
||||
|
||||
# LOGIN authentication has traditional prompts and responses. There is no
|
||||
@@ -995,7 +1170,7 @@ begin authenticators
|
||||
@@ -990,7 +1165,7 @@ begin authenticators
|
||||
# driver = plaintext
|
||||
# server_set_id = $auth1
|
||||
# server_prompts = <| Username: | Password:
|
@ -1,8 +1,6 @@
|
||||
diff --git a/src/dmarc.c b/src/dmarc.c
|
||||
index 17bba9d..a218380 100644
|
||||
--- a/src/dmarc.c
|
||||
+++ b/src/dmarc.c
|
||||
@@ -459,7 +459,7 @@ if (!dmarc_abort && !sender_host_authenticated)
|
||||
@@ -446,7 +446,7 @@ if (!dmarc_abort && !sender_host_authenticated)
|
||||
vs == PDKIM_VERIFY_INVALID ? DMARC_POLICY_DKIM_OUTCOME_TMPFAIL :
|
||||
DMARC_POLICY_DKIM_OUTCOME_NONE;
|
||||
libdm_status = opendmarc_policy_store_dkim(dmarc_pctx, US sig->domain,
|
@ -1,13 +0,0 @@
|
||||
diff --git a/src/drtables.c b/src/drtables.c
|
||||
index 513ef6c..3fa5c92 100644
|
||||
--- a/src/drtables.c
|
||||
+++ b/src/drtables.c
|
||||
@@ -736,7 +736,7 @@ else
|
||||
{
|
||||
char * name = ent->d_name;
|
||||
int len = (int)strlen(name);
|
||||
- if (regex_match(regex_islookupmod, US name, len, NUL))
|
||||
+ if (regex_match(regex_islookupmod, US name, len, NULL))
|
||||
{
|
||||
int pathnamelen = len + (int)strlen(LOOKUP_MODULE_DIR) + 2;
|
||||
void *dl;
|
86
exim.spec
86
exim.spec
@ -11,7 +11,7 @@
|
||||
|
||||
Summary: The exim mail transfer agent
|
||||
Name: exim
|
||||
Version: 4.96
|
||||
Version: 4.94.2
|
||||
Release: 2%{?dist}
|
||||
License: GPLv2+
|
||||
Url: https://www.exim.org/
|
||||
@ -42,53 +42,30 @@ Source24: exim.service
|
||||
Source25: exim-gen-cert
|
||||
Source26: clamd.exim.service
|
||||
|
||||
Patch0: exim-4.96-config.patch
|
||||
Patch0: exim-4.94.2-config.patch
|
||||
Patch1: exim-4.94-libdir.patch
|
||||
Patch2: exim-4.96-dlopen-localscan.patch
|
||||
Patch3: exim-4.96-pic.patch
|
||||
Patch2: exim-4.94-dlopen-localscan.patch
|
||||
Patch3: exim-4.85-pic.patch
|
||||
# https://bugs.exim.org/show_bug.cgi?id=2728
|
||||
Patch4: exim-4.96-opendmarc-1.4-build-fix.patch
|
||||
# https://bugs.exim.org/show_bug.cgi?id=2899
|
||||
Patch5: exim-4.96-build-fix.patch
|
||||
Patch4: exim-4.94.2-opendmarc-1.4-build-fix.patch
|
||||
|
||||
Requires: /etc/pki/tls/certs /etc/pki/tls/private
|
||||
Requires: /etc/aliases
|
||||
Requires: perl(:MODULE_COMPAT_%(eval "`%{__perl} -V:version`"; echo $version))
|
||||
Recommends: publicsuffix-list
|
||||
BuildRequires: gcc
|
||||
BuildRequires: libdb-devel
|
||||
BuildRequires: openssl-devel
|
||||
BuildRequires: openldap-devel
|
||||
BuildRequires: pam-devel
|
||||
BuildRequires: pcre2-devel
|
||||
BuildRequires: sqlite-devel
|
||||
BuildRequires: cyrus-sasl-devel
|
||||
BuildRequires: libspf2-devel
|
||||
BuildRequires: libopendmarc-devel
|
||||
BuildRequires: openldap-devel
|
||||
BuildRequires: openssl-devel
|
||||
BuildRequires: mariadb-connector-c-devel
|
||||
BuildRequires: libpq-devel
|
||||
BuildRequires: libXaw-devel
|
||||
BuildRequires: libXmu-devel
|
||||
BuildRequires: libXext-devel
|
||||
BuildRequires: libX11-devel
|
||||
BuildRequires: libSM-devel
|
||||
BuildRequires: gcc libdb-devel openssl-devel openldap-devel pam-devel
|
||||
BuildRequires: pcre-devel sqlite-devel cyrus-sasl-devel
|
||||
BuildRequires: libspf2-devel libopendmarc-devel
|
||||
BuildRequires: openldap-devel openssl-devel mariadb-connector-c-devel libpq-devel
|
||||
BuildRequires: libXaw-devel libXmu-devel libXext-devel libX11-devel libSM-devel
|
||||
BuildRequires: perl-devel
|
||||
BuildRequires: perl-generators
|
||||
BuildRequires: libICE-devel
|
||||
BuildRequires: libXpm-devel
|
||||
BuildRequires: libXt-devel
|
||||
BuildRequires: perl(ExtUtils::Embed)
|
||||
BuildRequires: libICE-devel libXpm-devel libXt-devel perl(ExtUtils::Embed)
|
||||
# mariadb-devel for mariadb pkgconfig
|
||||
BuildRequires: systemd-units
|
||||
BuildRequires: libgsasl-devel
|
||||
BuildRequires: mariadb-devel
|
||||
BuildRequires: systemd-units libgsasl-devel mariadb-devel
|
||||
# Workaround for NIS removal from glibc, bug 1534920
|
||||
BuildRequires: libnsl2-devel
|
||||
BuildRequires: libtirpc-devel
|
||||
BuildRequires: gnupg2
|
||||
BuildRequires: grep
|
||||
BuildRequires: libnsl2-devel libtirpc-devel
|
||||
BuildRequires: gnupg2 grep
|
||||
%if 0%{?rhel} == 8
|
||||
BuildRequires: epel-rpm-macros >= 8-5
|
||||
%endif
|
||||
@ -179,7 +156,13 @@ greylisting unconditional.
|
||||
|
||||
%prep
|
||||
%{gpgverify} --keyring='%{SOURCE2}' --signature='%{SOURCE1}' --data='%{SOURCE0}'
|
||||
%autosetup -p1
|
||||
%setup -q
|
||||
|
||||
%patch0 -p1 -b .config
|
||||
%patch1 -p1 -b .libdir
|
||||
%patch2 -p1 -b .dl
|
||||
%patch3 -p1 -b .fpic
|
||||
%patch4 -p1 -b .opendmarc-1.4-build-fix
|
||||
|
||||
cp src/EDITME Local/Makefile
|
||||
sed -i 's@^# LOOKUP_MODULE_DIR=.*@LOOKUP_MODULE_DIR=%{_libdir}/exim/%{version}-%{release}/lookups@' Local/Makefile
|
||||
@ -497,33 +480,6 @@ fi
|
||||
%{_sysconfdir}/cron.daily/greylist-tidy.sh
|
||||
|
||||
%changelog
|
||||
* Thu Jul 21 2022 Fedora Release Engineering <releng@fedoraproject.org> - 4.96-2
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
|
||||
|
||||
* Tue Jun 28 2022 Jaroslav Škarvada <jskarvad@redhat.com> - 4.96-1
|
||||
- New version
|
||||
Resolves: rhbz#2101104
|
||||
|
||||
* Mon May 30 2022 Jitka Plesnikova <jplesnik@redhat.com> - 4.95-4
|
||||
- Perl 5.36 rebuild
|
||||
|
||||
* Thu Jan 20 2022 Fedora Release Engineering <releng@fedoraproject.org> - 4.95-3
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
|
||||
|
||||
* Fri Nov 12 2021 Björn Esser <besser82@fedoraproject.org> - 4.95-2
|
||||
- Rebuild(libnsl2)
|
||||
- Drop support for NISPLUS, as libnsl2 >= 2.0.0 does not support it anymore
|
||||
|
||||
* Mon Oct 4 2021 Jaroslav Škarvada <jskarvad@redhat.com> - 4.95-1
|
||||
- New version
|
||||
Resolves: rhbz#2008452
|
||||
|
||||
* Tue Sep 14 2021 Sahana Prasad <sahana@redhat.com> - 4.94.2-4
|
||||
- Rebuilt with OpenSSL 3.0.0
|
||||
|
||||
* Wed Jul 21 2021 Fedora Release Engineering <releng@fedoraproject.org> - 4.94.2-3
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
|
||||
|
||||
* Fri May 21 2021 Jitka Plesnikova <jplesnik@redhat.com> - 4.94.2-2
|
||||
- Perl 5.34 rebuild
|
||||
|
||||
|
4
sources
4
sources
@ -1,2 +1,2 @@
|
||||
SHA512 (exim-4.96.tar.xz) = 6b863661465a0b9897c1b71875c5196a1903cf560dd85de45b08242b9731edb2bc10eb56945d62e477e5d15cc7a8d493915bff2ca81689673a8091c66f62c89e
|
||||
SHA512 (exim-4.96.tar.xz.asc) = a231c97e44a7365ac5961f2827b89d8cdf6ad94964633814f31e44d94ada9900f76664c45c2f55e378245e44739a0ef323786ca29b4093e44ce2b008eca4ad64
|
||||
SHA512 (exim-4.94.2.tar.xz) = 5334c236221ed4e03dbc33e6a79d939b06037fa2f4b71971607a360b67af5c85a89681ee13a5eeaf0184382c55a160cf2e89ed7afb2949f025a54f1e88f9e3fc
|
||||
SHA512 (exim-4.94.2.tar.xz.asc) = 982c93530b8c8e13e6d8ea6032c8db27ede6692bc584ea5507b39bba6b4c3082285fb453affdc06e8d962c894c04ee9fc039523c5f329f785f918f831d9803a3
|
||||
|
Loading…
Reference in New Issue
Block a user