Exim DANE support

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

Exim DANE support

Renaud Allard-2
Hello,

In the new exim version (4.91), DANE support moved from experimental to
production. I tested by modifying the port to just include
SUPPORT_DANE=yes in files/Makefile

It compiles and runs fine without any other modification.

Could you enable this in further build with 4.91+?

Thank you,
Best Regards


diff -aur exim.old/files/Makefile exim/files/Makefile
--- exim.old/files/Makefile     Mon Apr 16 11:03:36 2018
+++ exim/files/Makefile Mon Apr 16 11:04:43 2018
@@ -350,6 +350,11 @@
  PCRE_CONFIG=yes
  PCRE_LIBS=-lpcre

+#------------------------------------------------------------------------------

+# Uncomment the following line to add DANE support
+# Note: Enabling this unconditionally overrides DISABLE_DNSSEC

+# For DANE under GnuTLS we need an additional library.  See TLS_LIBS
below.
+SUPPORT_DANE=yes

 
#------------------------------------------------------------------------------
  # Additional libraries and include directories may be required for some


smime.p7s (5K) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: Exim DANE support

Stuart Henderson
On 2018/04/16 11:05, Renaud Allard wrote:
> Hello,
>
> In the new exim version (4.91), DANE support moved from experimental to
> production. I tested by modifying the port to just include
> SUPPORT_DANE=yes in files/Makefile
>
> It compiles and runs fine without any other modification.
>
> Could you enable this in further build with 4.91+?

I'm not keen on adding any new things to the exim port (especially any
which might increase attack surface) unless someone is willing to
take on maintainership.