[exim-dev] [Bug 3048] New: If SUPPORT_DANE is commented in L…

https://bugs.exim.org/show_bug.cgi?id=3048

            Bug ID: 3048
           Summary: If SUPPORT_DANE is commented in Local/Makefile,
                    compilation of exim 4.97 fails.
           Product: Exim
           Version: 4.97
          Hardware: All
                OS: Linux
            Status: NEW
          Severity: bug
          Priority: medium
         Component: TLS
          Assignee: jgh146exb@???
          Reporter: phj556@???
                CC: exim-dev@???

If SUPPORT_DANE is commented in Local/Makefile, compilation of exim
4.97 fails.

In Local/Makefile I commented SUPPORT_DANE like so:

## SUPPORT_DANE=yes

Subsequently make fails:

   .
   .
   .
cc string.c
cc tls.c
In file included from tls.c:473:
tls-openssl.c: In function ‘tls_client_stapling_cb’:
tls-openssl.c:2611:19: error: ‘tls_support’ {aka ‘struct <anonymous>’} has no
member named ‘dane_verified’; did you mean ‘certificate_verified’?
     if (  tls_out.dane_verified
                   ^~~~~~~~~~~~~
                   certificate_verified
make[1]: *** [Makefile:842: tls.o] Error 1
make[1]: Leaving directory
'/home/ballgame/src/exim/exim-4.97/build-Linux-aarch64'
make: *** [Makefile:37: all] Error 2

To me, the problem is that:

1. in globals.h, in typedef struct definition of tls_support, field:

  BOOL    dane_verified;        /* ... via DANE */

is added to the struct depending on whether SUPPORT_DANE is defined

2. but in tls_openssl.c, field dane_verified is referenced at line 2611
   depending on whether EXIM_HAVE_OPENSSL_OCSP_RESP_GET0_SIGNER is defined.
   The comment preceding line 2611 includes: “It still will for non-DANE.”
where
   “It” means, I believe, function OCSP_resp_get0_signer().

To make my compilation run to completion, in globals.h in the typedef struct
definition of tls_support, I changed:

#ifdef SUPPORT_DANE
  BOOL    dane_verified;        /* ... via DANE */
  int     tlsa_usage;         /* TLSA record(s) usage */
#endif

to:

  BOOL    dane_verified;        /* ... via DANE */
  int     tlsa_usage;         /* TLSA record(s) usage */

To me this is a fairly gentle change.  You all who maintain
the source will have to decide if the change is valid.

Thanks to all of you who work on/maintain exim source.
I wouldn't have a mail server if not for your work.

-- 
You are receiving this mail because:
You are on the CC list for the bug.

--
## subscription configuration (requires account):
## https://lists.exim.org/mailman3/postorius/lists/exim-dev.lists.exim.org/
## unsubscribe (doesn't require an account):
## exim-dev-unsubscribe@???
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/