From 16be7f11f59d78ce11f98cd235f6a60d9394d705 Mon Sep 17 00:00:00 2001 From: Jeremy Harris Date: Sat, 3 Dec 2016 19:37:16 +0000 Subject: [PATCH] Build: disable OCSP, AUTH_TLS and EXPERIMENTAL_CERTNAMES if SUPPORT_TLS is not enabled --- src/src/exim.h | 8 +++++++- src/src/smtp_in.c | 4 ++-- 2 files changed, 9 insertions(+), 3 deletions(-) diff --git a/src/src/exim.h b/src/src/exim.h index 9ae96b2a0..d03b48c66 100644 --- a/src/src/exim.h +++ b/src/src/exim.h @@ -551,10 +551,16 @@ union sockaddr_46 { }; /* If SUPPORT_TLS is not defined, ensure that USE_GNUTLS is also not defined -so that if USE_GNUTLS *is* set, we can assume SUPPORT_TLS is also set. */ +so that if USE_GNUTLS *is* set, we can assume SUPPORT_TLS is also set. +Likewise, OSCP, AUTH_TLS and CERTNAMES cannot be supported. */ #ifndef SUPPORT_TLS # undef USE_GNUTLS +# ifndef DISABLE_OCSP +# define DISABLE_OCSP +# endif +# undef EXPERIMENTAL_CERTNAMES +# undef AUTH_TLS #endif /* If SPOOL_DIRECTORY, LOG_FILE_PATH or PID_FILE_PATH have not been defined, diff --git a/src/src/smtp_in.c b/src/src/smtp_in.c index d7080168a..148486161 100644 --- a/src/src/smtp_in.c +++ b/src/src/smtp_in.c @@ -3512,7 +3512,7 @@ while (done <= 0) uschar *orcpt = NULL; int flags; -#if defined(SUPPORT_TLS) && defined(AUTH_TLS) +#ifdef AUTH_TLS /* Check once per STARTTLS or SSL-on-connect for a TLS AUTH */ if ( tls_in.active >= 0 && tls_in.peercert @@ -3928,7 +3928,7 @@ while (done <= 0) them in either case in the AUTH command. */ if ( auths -#if defined(SUPPORT_TLS) && defined(AUTH_TLS) +#ifdef AUTH_TLS && !sender_host_authenticated #endif && verify_check_host(&auth_advertise_hosts) == OK -- 2.30.2