is a combined value of both the record presence and the result of the
analysis.
+PP/02 Add new ALLOW_SYSTEM_CRYPT_BRACES option, enable by default for FreeBSD,
+ letting crypteq comparisons pass unrecognised {..} prefices through to
+ system crypt.
+
+
Exim version 4.82
-----------------
is split from the encryption operation. The default remains that a failed
verification cancels the encryption.
+ 6. If your system's crypt() supports {hashtype} prefices unknown to Exim,
+ ensure that the compile-time "ALLOW_SYSTEM_CRYPT_BRACES" is defined (it
+ might be by default for your OS). Without this, Exim rejects unrecognised
+ hashtypes, as it always has. With this, the default handling passes the
+ value onto the system crypt(). This is necessary for FreeBSD {sha512}
+ support.
+
Version 4.82
------------
Option Type Description
------------------------------------------------------------------------------
+ALLOW_SYSTEM_CRYPT_BRACES system** system crypt() can handle {hashtype}
ALT_CONFIG_PREFIX optional restricts location of -C files
APPENDFILE_MODE optional*
APPENDFILE_DIRECTORY_MODE optional*
HAVE_SA_LEN=YES
+# FreeBSD has switched to {sha512} as the default hash-type.
+ALLOW_SYSTEM_CRYPT_BRACES=YES
+
# crypt() is in a separate library
LIBS=-lcrypt -lm -lutil
#define ALT_CONFIG_PREFIX
#define TRUSTED_CONFIG_LIST
+#define ALLOW_SYSTEM_CRYPT_BRACES
+
#define APPENDFILE_MODE 0600
#define APPENDFILE_DIRECTORY_MODE 0700
#define APPENDFILE_LOCKFILE_MODE 0600
sub[1] += 9;
which = 2;
}
+#ifndef ALLOW_SYSTEM_CRYPT_BRACES
else if (sub[1][0] == '{') /* }-for-text-editors */
{
expand_string_message = string_sprintf("unknown encryption mechanism "
"in \"%s\"", sub[1]);
return NULL;
}
+#endif
switch(which)
{
git://git.exim.org / exim.git / commitdiff