diff options
author | Nathaniel Clark | 2022-07-05 11:58:22 -0400 |
---|---|---|
committer | Nathaniel Clark | 2022-07-05 11:58:22 -0400 |
commit | 4d4462ca854466648ea184e5ea4f4b35c3a711fb (patch) | |
tree | e4b9286160ded8735f8c3aa67c9b953d03b04ad3 | |
parent | 18b2ac436031d1bba8bbdfb623c700a890d36184 (diff) | |
download | aur-4d4462ca854466648ea184e5ea4f4b35c3a711fb.tar.gz |
Update to 4.96
Requires pcre2 (instead of pcre)
Add patches
* Typo in drtables (already landed to exim master)
* OpenDMARC 1.4.x fix (Fedora patch to exim) requires opendmarc >= 1.4.0
Signed-off-by: Nathaniel Clark <Nathaniel.Clark@misrule.us>
-rw-r--r-- | .SRCINFO | 19 | ||||
-rw-r--r-- | PKGBUILD | 19 | ||||
-rw-r--r-- | exim-opendmarc-1.4.patch | 12 | ||||
-rw-r--r-- | exim-typo-d05685413.patch | 19 | ||||
-rw-r--r-- | exim.Makefile | 269 |
5 files changed, 218 insertions, 120 deletions
@@ -1,6 +1,6 @@ pkgbase = exim-heavy pkgdesc = Message Transfer Agent with maximal-enabled features - pkgver = 4.95 + pkgver = 4.96 pkgrel = 1 url = https://www.exim.org/ arch = x86_64 @@ -22,10 +22,11 @@ pkgbase = exim-heavy depends = libspf2 depends = libidn depends = libidn2 - depends = opendmarc - depends = libsrs_alt - source = https://ftp.exim.org/pub/exim/exim4/exim-4.95.tar.bz2 - source = https://ftp.exim.org/pub/exim/exim4/exim-4.95.tar.bz2.asc + depends = opendmarc>=1.4.0 + source = https://ftp.exim.org/pub/exim/exim4/exim-4.96.tar.xz + source = https://ftp.exim.org/pub/exim/exim4/exim-4.96.tar.xz.asc + source = exim-typo-d05685413.patch + source = exim-opendmarc-1.4.patch source = aliases source = exim.logrotate source = exim.Makefile @@ -41,11 +42,13 @@ pkgbase = exim-heavy validpgpkeys = E5CA331D44AB8E4C806FDBEE26101B62F69376CE validpgpkeys = D0BFD6B9ECA5694A6F149DCEAF4CC676A6B6C142 validpgpkeys = A986F3A6BD6377D8730958DEBCE58C8CE41F32DF - sha512sums = 2ece1bf862553c747fda765698ae0d99ce1c37b6006576661580ec7671f6e25590d21fb2862058a276d8cc1862ecb703e8d72240e5395d8f00d67babbfc3dbbc + sha512sums = 6b863661465a0b9897c1b71875c5196a1903cf560dd85de45b08242b9731edb2bc10eb56945d62e477e5d15cc7a8d493915bff2ca81689673a8091c66f62c89e sha512sums = SKIP + sha512sums = f98d43e42e11d05d3016b9eae2dec860c551cbf3977fff99d0813576114da9a0996facc51f91e4a05510d93115059a6da6c4f005009661c5247574ab31652523 + sha512sums = f9fd9f857c024cb72989da9344506c4cba0cdb4c270dec048d1f85c92cf4b3423988c545e0783cda1fb6c1b3b541a829181a8ff09ea3ede0db012056b9063963 sha512sums = a91c6a9e5b3ac9d143741dba01e11616812ba44c3a8c768c8232364026460f0b8fdeeb120a2f2b86742a6e3ebbfc9d6335b86d108b044e43108b4a6f0374c9ad sha512sums = d8e3b466e0bba8175cfe762058dec49018495a260aa5efd139f4ef435284c305958cbd7fc514e81042146368b749ae38f0bf276fc0b4b91918ef33126900aa81 - sha512sums = dcb61b84f008e0de439df6be6628d0e0140d0f698af2a87c3f9c1d422b53ccd8fa9d1321c1fb4f226ef0837106b587c53fec7bcd05ca4706657f615c123db02f + sha512sums = db778e7ca3d41d20499fe587b4e04b869adb092f7d636d8d794f5487f626ba03ab8343824b8729fbb05cc580e30e0143fb4bc9f202b3ab0115d47585aa45a421 sha512sums = dc28698f15e8eaa4614ae81fc8cb76d92fed1110ce02f7a6ee8feace418dbb194711eb2d4dd444cf818628c11721e21d80b7b974879ab6ddd78cc717cce17c2f sha512sums = b3c3b18652df435cb87d647cfd4f19e182fbf12b0b56f9c91f72b27ae5a819fb3d8c4c25445c5a3c184f70a0c181925fabda891f2057b8a917070d6c40529b8d sha512sums = 11c8133ee15b3e5193c9b1c59aed66c81b6e045dd23310bede9fcde6c88905db5ef08afdb798b53b75a7465915ea1247e980edf95db07a7f9b7bb58ce95fbb5a @@ -60,7 +63,7 @@ pkgname = exim-heavy depends = libnsl depends = openssl depends = pam - depends = pcre + depends = pcre2 depends = sqlite optdepends = exim-lookup-mysql: for MariaDB/MySQL lookup support optdepends = exim-lookup-passwd: for passwd lookup support @@ -13,15 +13,17 @@ pkgname=(exim-heavy exim-lookup-passwd exim-lookup-pgsql) pkgname=exim-heavy -pkgver=4.95 +pkgver=4.96 pkgrel=1 pkgdesc='Message Transfer Agent with maximal-enabled features' arch=('x86_64' 'i686' 'arm' 'armv6h' 'armv7h' 'aarch64') url='https://www.exim.org/' license=('GPL') -depends=('gdbm' 'libldap' 'libnsl' 'openssl' 'pam' 'pcre' 'sqlite' 'libspf2' 'libidn' 'libidn2' 'opendmarc' 'libsrs_alt') +depends=('gdbm' 'libldap' 'libnsl' 'openssl' 'pam' 'pcre' 'sqlite' 'libspf2' 'libidn' 'libidn2' 'opendmarc>=1.4.0') makedepends=('postgresql-libs' 'libmariadbclient') -source=("https://ftp.exim.org/pub/exim/exim4/exim-$pkgver.tar.bz2"{,.asc} +source=("https://ftp.exim.org/pub/exim/exim4/exim-$pkgver.tar.xz"{,.asc} + exim-typo-d05685413.patch + exim-opendmarc-1.4.patch aliases exim.logrotate exim.Makefile @@ -32,11 +34,13 @@ source=("https://ftp.exim.org/pub/exim/exim4/exim-$pkgver.tar.bz2"{,.asc} exim-submission.socket exim.sysusers exim.tmpfiles) -sha512sums=('2ece1bf862553c747fda765698ae0d99ce1c37b6006576661580ec7671f6e25590d21fb2862058a276d8cc1862ecb703e8d72240e5395d8f00d67babbfc3dbbc' +sha512sums=('6b863661465a0b9897c1b71875c5196a1903cf560dd85de45b08242b9731edb2bc10eb56945d62e477e5d15cc7a8d493915bff2ca81689673a8091c66f62c89e' 'SKIP' + 'f98d43e42e11d05d3016b9eae2dec860c551cbf3977fff99d0813576114da9a0996facc51f91e4a05510d93115059a6da6c4f005009661c5247574ab31652523' + 'f9fd9f857c024cb72989da9344506c4cba0cdb4c270dec048d1f85c92cf4b3423988c545e0783cda1fb6c1b3b541a829181a8ff09ea3ede0db012056b9063963' 'a91c6a9e5b3ac9d143741dba01e11616812ba44c3a8c768c8232364026460f0b8fdeeb120a2f2b86742a6e3ebbfc9d6335b86d108b044e43108b4a6f0374c9ad' 'd8e3b466e0bba8175cfe762058dec49018495a260aa5efd139f4ef435284c305958cbd7fc514e81042146368b749ae38f0bf276fc0b4b91918ef33126900aa81' - 'dcb61b84f008e0de439df6be6628d0e0140d0f698af2a87c3f9c1d422b53ccd8fa9d1321c1fb4f226ef0837106b587c53fec7bcd05ca4706657f615c123db02f' + 'db778e7ca3d41d20499fe587b4e04b869adb092f7d636d8d794f5487f626ba03ab8343824b8729fbb05cc580e30e0143fb4bc9f202b3ab0115d47585aa45a421' 'dc28698f15e8eaa4614ae81fc8cb76d92fed1110ce02f7a6ee8feace418dbb194711eb2d4dd444cf818628c11721e21d80b7b974879ab6ddd78cc717cce17c2f' 'b3c3b18652df435cb87d647cfd4f19e182fbf12b0b56f9c91f72b27ae5a819fb3d8c4c25445c5a3c184f70a0c181925fabda891f2057b8a917070d6c40529b8d' '11c8133ee15b3e5193c9b1c59aed66c81b6e045dd23310bede9fcde6c88905db5ef08afdb798b53b75a7465915ea1247e980edf95db07a7f9b7bb58ce95fbb5a' @@ -54,6 +58,9 @@ prepare() { cd $_pkgname-$pkgver cp $srcdir/$_pkgname.Makefile Local/Makefile + + patch -p2 < $srcdir/exim-typo-d05685413.patch + patch -p1 < $srcdir/exim-opendmarc-1.4.patch } build() { @@ -63,7 +70,7 @@ build() { } package_exim-heavy() { - depends=('gdbm' 'libldap' 'libnsl' 'openssl' 'pam' 'pcre' 'sqlite') + depends=('gdbm' 'libldap' 'libnsl' 'openssl' 'pam' 'pcre2' 'sqlite') optdepends=('exim-lookup-mysql: for MariaDB/MySQL lookup support' 'exim-lookup-passwd: for passwd lookup support' 'exim-lookup-pgsql: for PostgreSQL lookup support') diff --git a/exim-opendmarc-1.4.patch b/exim-opendmarc-1.4.patch new file mode 100644 index 000000000000..c128e7998027 --- /dev/null +++ b/exim-opendmarc-1.4.patch @@ -0,0 +1,12 @@ +diff --git a/src/dmarc.c b/src/dmarc.c +--- a/src/dmarc.c ++++ b/src/dmarc.c +@@ -459,7 +459,7 @@ if (!dmarc_abort && !sender_host_authenticated) + vs == PDKIM_VERIFY_INVALID ? DMARC_POLICY_DKIM_OUTCOME_TMPFAIL : + DMARC_POLICY_DKIM_OUTCOME_NONE; + libdm_status = opendmarc_policy_store_dkim(dmarc_pctx, US sig->domain, +- dkim_result, US""); ++ sig->selector, dkim_result, US""); + DEBUG(D_receive) + debug_printf("DMARC adding DKIM sender domain = %s\n", sig->domain); + if (libdm_status != DMARC_PARSE_OKAY) diff --git a/exim-typo-d05685413.patch b/exim-typo-d05685413.patch new file mode 100644 index 000000000000..45869bd2bc29 --- /dev/null +++ b/exim-typo-d05685413.patch @@ -0,0 +1,19 @@ +commit d05685413efd3262b4a5622717f90bba351f1074 +Author: Jeremy Harris <jgh146exb@wizmail.org> +Date: Sun Jun 26 12:29:05 2022 +0100 + + typo + +diff --git a/src/src/drtables.c b/src/src/drtables.c +index b2f2a4b33..30eb855e3 100644 +--- a/src/src/drtables.c ++++ b/src/src/drtables.c +@@ -736,7 +736,7 @@ else + { + char * name = ent->d_name; + int len = (int)strlen(name); +- if (regex_match(regex_islookupmod, US name, len, NUL)) ++ if (regex_match(regex_islookupmod, US name, len, NULL)) + { + int pathnamelen = len + (int)strlen(LOOKUP_MODULE_DIR) + 2; + void *dl; diff --git a/exim.Makefile b/exim.Makefile index 1c0ad85a90e7..f27c828e6142 100644 --- a/exim.Makefile +++ b/exim.Makefile @@ -12,11 +12,12 @@ # Exim distribution directory before running the "make" command. # Things that depend on the operating system have default settings in -# OS/Makefile-Default, but these are overridden for some OS by files called -# called OS/Makefile-<osname>. You can further override these by creating files -# called Local/Makefile-<osname>, where "<osname>" stands for the name of your -# operating system - look at the names in the OS directory to see which names -# are recognized. +# OS/Makefile-Default, but these are overridden for some OS by files +# called OS/Makefile-<osname>. You can further override these settings by +# creating files Local/Makefile-<osname>, and Local/Makefile-<build>. +# The suffix "<osname>" stands for the name of your operating system - look +# at the names in the OS directory to see which names are recognized, +# and "<build>" is the content of the environment variable "build". # However, if you are building Exim for a single OS only, you don't need to # worry about setting up Local/Makefile-<osname>. Any build-time configuration @@ -178,6 +179,108 @@ SPOOL_DIRECTORY=/var/spool/exim ############################################################################### +# TLS # +############################################################################### +# Exim is built by default to support the SMTP STARTTLS command, which implements +# Transport Layer Security using SSL (Secure Sockets Layer). This requires you +# must install the OpenSSL library package or the GnuTLS library. Exim contains +# no cryptographic code of its own. + +# If you are running Exim as a (TLS) server, just building it with TLS support +# is all you need to do, as tls_advertise_hosts is set to '*' by +# default. But you are advised to create a suiteable certificate, and tell +# Exim about it by means of the tls_certificate and tls_privatekey run +# time options, otherwise Exim will create a self signed certificate on +# the fly. If you are running Exim only as a (TLS) client, building it with +# TLS support is all you need to do. +# +# If you are using pkg-config then you should not need to worry where +# the libraries and headers are installed, as the pkg-config .pc +# specification should include all -L/-I information necessary. +# Enabling the USE_*_PC options should be sufficient. If not using +# pkg-config, then you have to specify the libraries, and you might +# need to specify the locations too. + +# Uncomment the following lines if you want +# to build Exim without any TLS support (either OpenSSL or GnuTLS): +# DISABLE_TLS=yes +# Unless you do this, you must define one of USE_OPENSSL or USE_GNUTLS +# below. + +# If you are building with TLS, the library configuration must be done: + +# Uncomment this if you are using OpenSSL +USE_OPENSSL=yes +# Uncomment one of these settings if you are using OpenSSL; pkg-config vs not +# and an optional location. +USE_OPENSSL_PC=openssl +# TLS_LIBS=-lssl -lcrypto +# TLS_LIBS=-L/usr/local/openssl/lib -lssl -lcrypto + +# Uncomment this if you are using GnuTLS +# USE_GNUTLS=yes +# Uncomment one of these settings if you are using GnuTLS; pkg-config vs not +# and an optional location. If you disable SUPPORT_DANE below, you +# can remove the gnutls-dane references here. Earlier versions of GnuTLS +# required libtasn1 and libgrypt also; add if needed. +# USE_GNUTLS_PC=gnutls gnutls-dane +# TLS_LIBS=-lgnutls -lgnutls-dane +# TLS_LIBS=-L/usr/local/gnu/lib -lgnutls -ltasn1 -lgcrypt -lgnutls-dane + +# If using GnuTLS older than 2.10 and using pkg-config then note that Exim's +# build process will require libgcrypt-config to exist in your $PATH. A +# version that old is likely to become unsupported by Exim in 2017. + +# The security fix we provide with the gnutls_allow_auto_pkcs11 option +# (4.82 PP/09) introduces a compatibility regression. The symbol is +# not available if GnuTLS is build without p11-kit (--without-p11-kit +# configure option). In this case use AVOID_GNUTLS_PKCS11=yes when +# building Exim. +# AVOID_GNUTLS_PKCS11=yes + +# If you are running Exim as a server, note that just building it with TLS +# support is not all you need to do. You also need to set up a suitable +# certificate, and tell Exim about it by means of the tls_certificate +# and tls_privatekey run time options. You also need to set tls_advertise_hosts +# to specify the hosts to which Exim advertises TLS support. On the other hand, +# if you are running Exim only as a client, building it with TLS support +# is all you need to do. + +# If you are using pkg-config then you should not need to worry where the +# libraries and headers are installed, as the pkg-config .pc specification +# should include all -L/-I information necessary. If not using pkg-config +# then you might need to specify the locations too. + +# Additional libraries and include files are required for both OpenSSL and +# GnuTLS. The TLS_LIBS settings above assume that the libraries are installed +# with all your other libraries. If they are in a special directory, you may +# need something like + +# TLS_LIBS=-L/usr/local/openssl/lib -lssl -lcrypto + +# or + +# TLS_LIBS=-L/opt/gnu/lib -lgnutls -ltasn1 -lgcrypt -lgnutls-dane +# If not using DANE under GnuTLS we can lose one library +# TLS_LIBS=-L/opt/gnu/lib -lgnutls -ltasn1 -lgcrypt + +# TLS_LIBS is included only on the command for linking Exim itself, not on any +# auxiliary programs. If the include files are not in a standard place, you can +# set TLS_INCLUDE to specify where they are, for example: + +# TLS_INCLUDE=-I/usr/local/openssl/include/ +# or +# TLS_INCLUDE=-I/opt/gnu/include + +# You don't need to set TLS_INCLUDE if the relevant directories are already +# specified in INCLUDE. + + +# Uncomment the following line to remove support for TLS Resumption +# DISABLE_TLS_RESUME=yes + + +############################################################################### # THESE ARE THINGS YOU PROBABLY WANT TO SPECIFY # ############################################################################### @@ -332,6 +435,9 @@ LOOKUP_SQLITE_PC=sqlite3 # LOOKUP_NWILDLSEARCH=yes +# Some platforms may need this for LOOKUP_NIS: +# LIBS += -lnsl + #------------------------------------------------------------------------------ # If you have set LOOKUP_LDAP=yes, you should set LDAP_LIB_TYPE to indicate # which LDAP library you have. Unfortunately, though most of their functions @@ -350,25 +456,27 @@ LDAP_LIB_TYPE=OPENLDAP2 #------------------------------------------------------------------------------ -# The PCRE library is required for Exim. There is no longer an embedded +# The PCRE2 library is required for Exim. There is no longer an embedded # version of the PCRE library included with the source code, instead you -# must use a system library or build your own copy of PCRE. +# must use a system library or build your own copy of PCRE2. # In either case you must specify the library link info here. If the -# PCRE header files are not in the standard search path you must also +# PCRE2 header files are not in the standard search path you must also # modify the INCLUDE path (above) # # Use PCRE_CONFIG to query the pcre-config command (first found in $PATH) # to find the include files and libraries, else use PCRE_LIBS and set INCLUDE # too if needed. -PCRE_CONFIG=yes -# PCRE_LIBS=-lpcre +PCRE2_CONFIG=yes +# PCRE_LIBS=-lpcre2 #------------------------------------------------------------------------------ -# Uncomment the following line to add DANE support +# Comment out the following line to remove DANE support # Note: Enabling this unconditionally overrides DISABLE_DNSSEC -# For DANE under GnuTLS we need an additional library. See TLS_LIBS below. +# forces you to have SUPPORT_TLS enabled (the default). For DANE under +# GnuTLS we need an additional library. See TLS_LIBS or USE_GNUTLS_PC +# below. SUPPORT_DANE=yes #------------------------------------------------------------------------------ @@ -378,23 +486,31 @@ SUPPORT_DANE=yes # don't need to set LOOKUP_INCLUDE if the relevant directories are already # specified in INCLUDE. The settings below are just examples; -lpq is for # PostgreSQL, -lgds is for Interbase, -lsqlite3 is for SQLite, -lhiredis -# is for Redis. +# is for Redis, -ljansson for JSON. # # You do not need to use this for any lookup information added via pkg-config. # LOOKUP_INCLUDE=-I /usr/local/ldap/include -I /usr/local/mysql/include -I /usr/local/pgsql/include -# LOOKUP_LIBS=-L/usr/local/lib -lldap -llber -lmysqlclient -lpq -lgds -lsqlite3 +# LOOKUP_INCLUDE +=-I /usr/local/include +# LOOKUP_LIBS=-L/usr/local/lib -lldap -llber -lmysqlclient -lpq -lgds -lsqlite3 -llmdb + +#------------------------------------------------------------------------------ +# If you included LOOKUP_LMDB above you will need the library. Depending +# on where installed you may also need an include directory +# +# LOOKUP_INCLUDE += -I/usr/local/include +# LOOKUP_LIBS += -llmdb #------------------------------------------------------------------------------ # Compiling the Exim monitor: If you want to compile the Exim monitor, a # program that requires an X11 display, then EXIM_MONITOR should be set to the -# value "eximon.bin". Comment out this setting to disable compilation of the +# value "eximon.bin". De-comment this setting to enable compilation of the # monitor. The locations of various X11 directories for libraries and include # files are defaulted in the OS/Makefile-Default file, but can be overridden in # local OS-specific make files. - +# EXIM_MONITOR=eximon.bin #------------------------------------------------------------------------------ @@ -456,9 +572,20 @@ DISABLE_MAL_MKS=yes # DISABLE_DNSSEC=yes # To disable support for Events set DISABLE_EVENT to "yes" - # DISABLE_EVENT=yes +# Uncomment this line to remove support for early pipelining, per +# https://datatracker.ietf.org/doc/draft-harris-early-pipe/ +# DISABLE_PIPE_CONNECT=yes + + +# Uncomment the following to remove the fast-ramp two-phase-queue-run support +# DISABLE_QUEUE_RAMP=yes + +# Uncomment the following lines to add SRS (Sender Rewriting Scheme) support +# using only native facilities. +SUPPORT_SRS=yes + #------------------------------------------------------------------------------ # Compiling Exim with experimental features. These are documented in @@ -471,21 +598,16 @@ DISABLE_MAL_MKS=yes # EXPERIMENTAL_DCC=yes -# Uncomment the following lines to add SRS (Sender rewriting scheme) support. -# You need to have libsrs_alt installed on your system (srs.mirtol.com). -# Depending on where it is installed you may have to edit the CFLAGS and -# LDFLAGS lines. - -EXPERIMENTAL_SRS=yes -# CFLAGS += -I/usr/local/include -LOOKUP_LIBS += -lsrs_alt - # Uncomment the following line to add DMARC checking capability, implemented # using libopendmarc libraries. You must have SPF and DKIM support enabled also. -EXPERIMENTAL_DMARC=yes -# DMARC_TLD_FILE= /etc/exim/opendmarc.tlds +# Library version libopendmarc-1.4.1-1.fc33.x86_64 (on Fedora 33) is known broken; +# 1.3.2-3 works. I seems that the OpenDMARC project broke their API. +SUPPORT_DMARC=yes # CFLAGS += -I/usr/local/include -LOOKUP_LIBS += -lopendmarc +LDFLAGS += -lopendmarc +# Uncomment the following if you need to change the default. You can +# override it at runtime (main config option dmarc_tld_file) +# DMARC_TLD_FILE=/etc/exim/opendmarc.tlds # Uncomment the following line to add ARC (Authenticated Received Chain) # support. You must have SPF and DKIM support enabled also. @@ -503,13 +625,6 @@ LOOKUP_LIBS += -lopendmarc # Uncomment the following to include extra information in fail DSN message (bounces) # EXPERIMENTAL_DSN_INFO=yes -# Uncomment the following to add LMDB lookup support -# You need to have LMDB installed on your system (https://github.com/LMDB/lmdb) -# Depending on where it is installed you may have to edit the CFLAGS and LDFLAGS lines. -# EXPERIMENTAL_LMDB=yes -# CFLAGS += -I/usr/local/include -# LDFLAGS += -llmdb - # Uncomment the following line to add queuefile transport support # EXPERIMENTAL_QUEUEFILE=yes @@ -664,6 +779,9 @@ AUTH_TLS=yes # AUTH_LIBS=-lgsasl # AUTH_LIBS=-lgssapi -lheimntlm -lkrb5 -lhx509 -lcom_err -lhcrypto -lasn1 -lwind -lroken -lcrypt +# If using AUTH_GSASL with SCRAM methods, you should also be defining +# SUPPORT_I18N to get standards-conformant support of utf8 normalization. + #------------------------------------------------------------------------------ # When Exim is decoding MIME "words" in header lines, most commonly for use @@ -752,76 +870,6 @@ HEADERS_CHARSET="ISO-8859-1" #------------------------------------------------------------------------------ -# Exim can be built to support the SMTP STARTTLS command, which implements -# Transport Layer Security using SSL (Secure Sockets Layer). To do this, you -# must install the OpenSSL library package or the GnuTLS library. Exim contains -# no cryptographic code of its own. Uncomment the following lines if you want -# to build Exim with TLS support. If you don't know what this is all about, -# leave these settings commented out. - -# This setting is required for any TLS support (either OpenSSL or GnuTLS) -SUPPORT_TLS=yes - -# Uncomment one of these settings if you are using OpenSSL; pkg-config vs not -USE_OPENSSL=yes -USE_OPENSSL_PC=openssl -# TLS_LIBS=-lssl -lcrypto - -# Uncomment the first and either the second or the third of these if you -# are using GnuTLS. If you have pkg-config, then the second, else the third. -# USE_GNUTLS=yes -# USE_GNUTLS_PC=gnutls -# TLS_LIBS=-lgnutls -ltasn1 -lgcrypt - -# If using GnuTLS older than 2.10 and using pkg-config then note that Exim's -# build process will require libgcrypt-config to exist in your $PATH. A -# version that old is likely to become unsupported by Exim in 2017. - -# The security fix we provide with the gnutls_allow_auto_pkcs11 option -# (4.82 PP/09) introduces a compatibility regression. The symbol is -# not available if GnuTLS is build without p11-kit (--without-p11-kit -# configure option). In this case use AVOID_GNUTLS_PKCS11=yes when -# building Exim. -# AVOID_GNUTLS_PKCS11=yes - -# If you are running Exim as a server, note that just building it with TLS -# support is not all you need to do. You also need to set up a suitable -# certificate, and tell Exim about it by means of the tls_certificate -# and tls_privatekey run time options. You also need to set tls_advertise_hosts -# to specify the hosts to which Exim advertises TLS support. On the other hand, -# if you are running Exim only as a client, building it with TLS support -# is all you need to do. - -# If you are using pkg-config then you should not need to worry where the -# libraries and headers are installed, as the pkg-config .pc specification -# should include all -L/-I information necessary. If not using pkg-config -# then you might need to specify the locations too. - -# Additional libraries and include files are required for both OpenSSL and -# GnuTLS. The TLS_LIBS settings above assume that the libraries are installed -# with all your other libraries. If they are in a special directory, you may -# need something like - -# TLS_LIBS=-L/usr/local/openssl/lib -lssl -lcrypto -# or -# TLS_LIBS=-L/opt/gnu/lib -lgnutls -ltasn1 -lgcrypt - -# For DANE under GnuTLS we need an additional library. -# TLS_LIBS += -lgnutls-dane - -# TLS_LIBS is included only on the command for linking Exim itself, not on any -# auxiliary programs. If the include files are not in a standard place, you can -# set TLS_INCLUDE to specify where they are, for example: - -# TLS_INCLUDE=-I/usr/local/openssl/include/ -# or -# TLS_INCLUDE=-I/opt/gnu/include - -# You don't need to set TLS_INCLUDE if the relevant directories are already -# specified in INCLUDE. - - -#------------------------------------------------------------------------------ # The default distribution of Exim contains only the plain text form of the # documentation. Other forms are available separately. If you want to install # the documentation in "info" format, first fetch the Texinfo documentation @@ -1434,6 +1482,15 @@ PID_FILE_PATH=/run/exim.pid # ENABLE_DISABLE_FSYNC=yes +#------------------------------------------------------------------------------ +# For development, add this to include code to time various stages and report. +# CFLAGS += -DMEASURE_TIMING + +# For a very slightly smaller build, for constrained systems, uncomment this. +# The feature involved is purely for debugging. + +# DISABLE_CLIENT_CMD_LOG=yes + EXTRALIBS=-ldl -lpam -lldap -llber # Fix Errors on loading modules like "undefined symbol: debug_printf_indent" |