From: Jeremy Harris Date: Sat, 3 Dec 2016 19:37:16 +0000 (+0000) Subject: Build: disable OCSP, AUTH_TLS and EXPERIMENTAL_CERTNAMES if SUPPORT_TLS is not enabled X-Git-Tag: exim-4_88_RC6~10 X-Git-Url: https://git.exim.org/users/heiko/exim.git/commitdiff_plain/16be7f11f59d78ce11f98cd235f6a60d9394d705 Build: disable OCSP, AUTH_TLS and EXPERIMENTAL_CERTNAMES if SUPPORT_TLS is not enabled --- diff --git a/src/src/exim.h b/src/src/exim.h index 9ae96b2a0..d03b48c66 100644 --- a/src/src/exim.h +++ b/src/src/exim.h @@ -551,10 +551,16 @@ union sockaddr_46 { }; /* If SUPPORT_TLS is not defined, ensure that USE_GNUTLS is also not defined -so that if USE_GNUTLS *is* set, we can assume SUPPORT_TLS is also set. */ +so that if USE_GNUTLS *is* set, we can assume SUPPORT_TLS is also set. +Likewise, OSCP, AUTH_TLS and CERTNAMES cannot be supported. */ #ifndef SUPPORT_TLS # undef USE_GNUTLS +# ifndef DISABLE_OCSP +# define DISABLE_OCSP +# endif +# undef EXPERIMENTAL_CERTNAMES +# undef AUTH_TLS #endif /* If SPOOL_DIRECTORY, LOG_FILE_PATH or PID_FILE_PATH have not been defined, diff --git a/src/src/smtp_in.c b/src/src/smtp_in.c index d7080168a..148486161 100644 --- a/src/src/smtp_in.c +++ b/src/src/smtp_in.c @@ -3512,7 +3512,7 @@ while (done <= 0) uschar *orcpt = NULL; int flags; -#if defined(SUPPORT_TLS) && defined(AUTH_TLS) +#ifdef AUTH_TLS /* Check once per STARTTLS or SSL-on-connect for a TLS AUTH */ if ( tls_in.active >= 0 && tls_in.peercert @@ -3928,7 +3928,7 @@ while (done <= 0) them in either case in the AUTH command. */ if ( auths -#if defined(SUPPORT_TLS) && defined(AUTH_TLS) +#ifdef AUTH_TLS && !sender_host_authenticated #endif && verify_check_host(&auth_advertise_hosts) == OK