Re: [exim] Again nested LDAP queries...

[Marco Gaiarin]

Mandi! Mike Brudenell via Exim-users
  In chel di` si favelave...

> If you're trying to get to values within a list, try using the *listextract*
> expansion item:
> https://www.exim.org/exim-html-current/doc/html/spec_html/ch-string_expansions.html#SECTexpansionitems

> There's a bit more on it in the *File and database lookups* chapter in
> the *Format
> of data returned by LDAP* section, which talks about needing to use
> *listextract* to parse returned LDAP data as it understands the doubling of
> embedded commas within values:
> https://www.exim.org/exim-html-current/doc/html/spec_html/ch-file_and_database_lookups.html#SECID71

OK, read both. But still i've no clue how to use that... 'listextract'
extract only ONE field, and DN can have a variable set of comma-separated
parts, not fixed ones...

Eg, i can do:

${listextract{'odd'}{<, 
CN=sir,,OU=Users,,OU=FVG,,DC=ad,,DC=fvg,,DC=lnf,,DC=it}{$value}}

but there's no 'odd' in listextract number field, only a integer...


Sorry, but really i don't understood how listextract can help me


Thanks.

-- 
  La BBS e' come il mio frigorifero... da tanti anni fa in silenzio un ottimo
  lavoro, al punto tale che mi accorgo della sua utilita' solo quando manca la
  corrente e tutto quello che contiene diventa inutilizzabile. (E. Margelli)



-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] Exim 4.90 RC3 uploaded

[Heiko Schlittermann via Exim-users]

Frank Elsner  (Do 30 Nov 2017 15:42:02 CET):
…
> exim-4.90_RC3/src/tlscert-openssl.c:#include 
>  exim-4.90_RC3/build-Linux-i386/tlscert-openssl.c:#include 
> 
> At this point I'm at the end of my abilities :-(

Can you give access to your build machine to Jeremy and or me?
As long as we do not need to install anything, no root access is
necessary.

-- 
Heiko


signature.asc
Description: PGP signature
-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] Exim 4.90 RC3 uploaded

[Jeremy Harris]

On 30/11/17 14:42, Frank Elsner wrote:
> exim-4.90_RC3/src/tlscert-openssl.c:#include 
>  exim-4.90_RC3/build-Linux-i386/tlscert-openssl.c:#include 
> 
> At this point I'm at the end of my abilities :-(

make FULLECHO=''

Grab the full-length compile line for tls.c

Dive into the build* directory.
Use that compile line, but replace the "-c" with "-E".
Grab the stdout to a file.  Look through the file
for markers of file locations; one is added (among others) for
every fresh #include file starting - these have line number 1.

Compare what the sequence of #included files should be from the
original source code files, with what gets done for that
bit of inclusion.

-- 
Cheers,
  Jeremy

-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] Exim 4.90 RC3 uploaded

[Frank Elsner]

On Thu, 30 Nov 2017 13:37:04 + Jeremy Harris wrote:
> On 30/11/17 12:46, Frank Elsner wrote:
> > # grep -r X509_check_host /usr/include
> > /usr/include/mysql/private/ssl_compat.h:#define HAVE_X509_check_host 1
> > /usr/include/openssl/x509v3.h:int X509_check_host(X509 *x, const char *chk, 
> > size_t chklen,
> 
> Good.  It should be included via the path
> tls.c - tlscert-openssl.c - .
> 
> You'll need to work out why that isn't working for you.

Maybe that is beyond my ability.

In tls.c I find 

| #ifdef USE_GNUTLS
| # include "tls-gnu.c"
| # include "tlscert-gnu.c"
| 
| # define ssl_xfer_buffer (state_server.xfer_buffer)
| # define ssl_xfer_buffer_lwm (state_server.xfer_buffer_lwm)
| # define ssl_xfer_buffer_hwm (state_server.xfer_buffer_hwm)
| # define ssl_xfer_eof (state_server.xfer_eof)
| # define ssl_xfer_error (state_server.xfer_error)
| 
| #else
| # include "tls-openssl.c"
| # include "tlscert-openssl.c"
| #endif

I've checkes Local/Makefile. USE_GNUTLS commented out.

openssl/x509v3.h is included 

exim-4.90_RC3/src/tlscert-openssl.c:#include 
 exim-4.90_RC3/build-Linux-i386/tlscert-openssl.c:#include 

At this point I'm at the end of my abilities :-(

--Frank Elsner

-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] Exim 4.90 RC3 uploaded

[Jeremy Harris]

On 30/11/17 12:46, Frank Elsner wrote:
> # grep -r X509_check_host /usr/include
> /usr/include/mysql/private/ssl_compat.h:#define HAVE_X509_check_host 1
> /usr/include/openssl/x509v3.h:int X509_check_host(X509 *x, const char *chk, 
> size_t chklen,

Good.  It should be included via the path
tls.c - tlscert-openssl.c - .

You'll need to work out why that isn't working for you.
-J


-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] Exim 4.90 RC3 uploaded

[Frank Elsner]

On Thu, 30 Nov 2017 12:21:42 + Jeremy Harris wrote:
> On 30/11/17 10:40, Jeremy Harris wrote:
> > On 30/11/17 10:19, Frank Elsner wrote:
> >> On Thu, 30 Nov 2017 09:44:02 + Jeremy Harris wrote:
> >>> [jgh@armadillo ~]$ uname -a
> >>> Linux armadillo.vm.dom.ain 4.13.12-200.fc26.aarch64 #1 SMP Wed Nov 8 
> >>> 16:31:35 UTC 2017 aarch64 aarch64 aarch64 GNU/Linux
> >>> [jgh@armadillo ~]$ grep -r X509_check_host /usr/include
> >>> /usr/include/openssl/x509v3.h:int X509_check_host(X509 *x, const char 
> >>> *chk, size_t chklen,
> >>> /usr/include/mysql/private/ssl_compat.h:#define HAVE_X509_check_host 1
> >>> [jgh@armadillo ~]$ 
> >>
> >> I should have scrolled more :-( Sorry.
> >>
> >> I don't have /usr/include/mysql/private/ssl_compat.h. 
> 
> But wait; what does your /usr/include/openssl/x509v3.h have in this
> regard?
> 
> The mysql thing may be a red-herring
> -J
> 
> -- 
> ## List details at https://lists.exim.org/mailman/listinfo/exim-users
> ## Exim details at http://www.exim.org/
> ## Please use the Wiki with this list - http://wiki.exim.org/

-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] Exim 4.90 RC3 uploaded

[Frank Elsner]

On Thu, 30 Nov 2017 12:21:42 + Jeremy Harris wrote:
> On 30/11/17 10:40, Jeremy Harris wrote:
> > On 30/11/17 10:19, Frank Elsner wrote:
> >> On Thu, 30 Nov 2017 09:44:02 + Jeremy Harris wrote:
> >>> [jgh@armadillo ~]$ uname -a
> >>> Linux armadillo.vm.dom.ain 4.13.12-200.fc26.aarch64 #1 SMP Wed Nov 8 
> >>> 16:31:35 UTC 2017 aarch64 aarch64 aarch64 GNU/Linux
> >>> [jgh@armadillo ~]$ grep -r X509_check_host /usr/include
> >>> /usr/include/openssl/x509v3.h:int X509_check_host(X509 *x, const char 
> >>> *chk, size_t chklen,
> >>> /usr/include/mysql/private/ssl_compat.h:#define HAVE_X509_check_host 1
> >>> [jgh@armadillo ~]$ 
> >>
> >> I should have scrolled more :-( Sorry.
> >>
> >> I don't have /usr/include/mysql/private/ssl_compat.h. 
> 
> But wait; what does your /usr/include/openssl/x509v3.h have in this
> regard?

# grep -r X509_check_host /usr/include
/usr/include/mysql/private/ssl_compat.h:#define HAVE_X509_check_host 1
/usr/include/openssl/x509v3.h:int X509_check_host(X509 *x, const char *chk, 
size_t chklen,
[root@siffux exim-4.90_RC3]#

--Frank Elsner

-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] Exim 4.90 RC3 uploaded

[Jeremy Harris]

On 30/11/17 10:40, Jeremy Harris wrote:
> On 30/11/17 10:19, Frank Elsner wrote:
>> On Thu, 30 Nov 2017 09:44:02 + Jeremy Harris wrote:
>>> [jgh@armadillo ~]$ uname -a
>>> Linux armadillo.vm.dom.ain 4.13.12-200.fc26.aarch64 #1 SMP Wed Nov 8 
>>> 16:31:35 UTC 2017 aarch64 aarch64 aarch64 GNU/Linux
>>> [jgh@armadillo ~]$ grep -r X509_check_host /usr/include
>>> /usr/include/openssl/x509v3.h:int X509_check_host(X509 *x, const char *chk, 
>>> size_t chklen,
>>> /usr/include/mysql/private/ssl_compat.h:#define HAVE_X509_check_host 1
>>> [jgh@armadillo ~]$ 
>>
>> I should have scrolled more :-( Sorry.
>>
>> I don't have /usr/include/mysql/private/ssl_compat.h. 

But wait; what does your /usr/include/openssl/x509v3.h have in this
regard?

The mysql thing may be a red-herring
-J

-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] Exim 4.90 RC3 uploaded

[Frank Elsner]

On Thu, 30 Nov 2017 12:21:55 +0100 Felix Schwarz via Exim-users wrote:
> Am 30.11.2017 um 12:03 schrieb Frank Elsner:
> > Can you please tell me to which package 
> > /usr/include/mysql/private/ssl_compat.h belongs?
> 
> mariadb-devel

Thanks.

> You can get that info very easily with dnf, e.g.:
> sudo dnf info /usr/include/mysql/private/ssl_compat.h

Another thanks.

--Frank Elsner

-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] Exim 4.90 RC3 uploaded

[Frank Elsner]

On Thu, 30 Nov 2017 11:30:37 + Jeremy Harris wrote:
> On 30/11/17 11:03, Frank Elsner wrote:
> > On Thu, 30 Nov 2017 10:40:09 + Jeremy Harris wrote:
> >> Ouch.  Sounds like a dependency on mysql has crept in, which we'd
> >> rather not have.  I take it you're building without any trace of mysql
> >> (which should be supported)?
> > 
> > No msql stuff on this system.
> > 
> > Can you please tell me to which package 
> > /usr/include/mysql/private/ssl_compat.h belongs?
> 
> 
> mariadb-devel-3:10.1.26-2.fc26.aarch64   here.  You probably have an
> x86_64 though.

mariadb-devel-10.1.26-2.fc26.i686 installed but error remains.


--Frank Elsner

-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] Exim 4.90 RC3 uploaded

[Jeremy Harris]

On 30/11/17 11:03, Frank Elsner wrote:
> On Thu, 30 Nov 2017 10:40:09 + Jeremy Harris wrote:
>> Ouch.  Sounds like a dependency on mysql has crept in, which we'd
>> rather not have.  I take it you're building without any trace of mysql
>> (which should be supported)?
> 
> No msql stuff on this system.
> 
> Can you please tell me to which package 
> /usr/include/mysql/private/ssl_compat.h belongs?


mariadb-devel-3:10.1.26-2.fc26.aarch64   here.  You probably have an
x86_64 though.

-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] Exim 4.90 RC3 uploaded

[Felix Schwarz via Exim-users]

Am 30.11.2017 um 12:03 schrieb Frank Elsner:
> Can you please tell me to which package 
> /usr/include/mysql/private/ssl_compat.h belongs?

mariadb-devel

You can get that info very easily with dnf, e.g.:
sudo dnf info /usr/include/mysql/private/ssl_compat.h

Felix

-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] Exim 4.90 RC3 uploaded

[Frank Elsner]

On Thu, 30 Nov 2017 10:40:09 + Jeremy Harris wrote:
> On 30/11/17 10:19, Frank Elsner wrote:
> > On Thu, 30 Nov 2017 09:44:02 + Jeremy Harris wrote:
> >> [jgh@armadillo ~]$ uname -a
> >> Linux armadillo.vm.dom.ain 4.13.12-200.fc26.aarch64 #1 SMP Wed Nov 8 
> >> 16:31:35 UTC 2017 aarch64 aarch64 aarch64 GNU/Linux
> >> [jgh@armadillo ~]$ grep -r X509_check_host /usr/include
> >> /usr/include/openssl/x509v3.h:int X509_check_host(X509 *x, const char 
> >> *chk, size_t chklen,
> >> /usr/include/mysql/private/ssl_compat.h:#define HAVE_X509_check_host 1
> >> [jgh@armadillo ~]$ 
> > 
> > I should have scrolled more :-( Sorry.
> > 
> > I don't have /usr/include/mysql/private/ssl_compat.h. 
> > 
> > Must I really install msql stuff?
> 
> Ouch.  Sounds like a dependency on mysql has crept in, which we'd
> rather not have.  I take it you're building without any trace of mysql
> (which should be supported)?

No msql stuff on this system.

Can you please tell me to which package /usr/include/mysql/private/ssl_compat.h 
belongs?


--Frank Elsner

-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] Exim 4.90 RC3 uploaded

[Jeremy Harris]

On 30/11/17 10:19, Frank Elsner wrote:
> On Thu, 30 Nov 2017 09:44:02 + Jeremy Harris wrote:
>> [jgh@armadillo ~]$ uname -a
>> Linux armadillo.vm.dom.ain 4.13.12-200.fc26.aarch64 #1 SMP Wed Nov 8 
>> 16:31:35 UTC 2017 aarch64 aarch64 aarch64 GNU/Linux
>> [jgh@armadillo ~]$ grep -r X509_check_host /usr/include
>> /usr/include/openssl/x509v3.h:int X509_check_host(X509 *x, const char *chk, 
>> size_t chklen,
>> /usr/include/mysql/private/ssl_compat.h:#define HAVE_X509_check_host 1
>> [jgh@armadillo ~]$ 
> 
> I should have scrolled more :-( Sorry.
> 
> I don't have /usr/include/mysql/private/ssl_compat.h. 
> 
> Must I really install msql stuff?

Ouch.  Sounds like a dependency on mysql has crept in, which we'd
rather not have.  I take it you're building without any trace of mysql
(which should be supported)?
-- 
Cheers,
  Jeremy

-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] Exim 4.90 RC3 uploaded

[Frank Elsner]

On Thu, 30 Nov 2017 09:44:02 + Jeremy Harris wrote:

  [ ... ]

> On my (VM) f26 system:
> 
> [jgh@armadillo ~]$ uname -a
> Linux armadillo.vm.dom.ain 4.13.12-200.fc26.aarch64 #1 SMP Wed Nov 8 16:31:35 
> UTC 2017 aarch64 aarch64 aarch64 GNU/Linux
> [jgh@armadillo ~]$ grep -r X509_check_host /usr/include
> /usr/include/openssl/x509v3.h:int X509_check_host(X509 *x, const char *chk, 
> size_t chklen,
> /usr/include/mysql/private/ssl_compat.h:#define HAVE_X509_check_host 1
> [jgh@armadillo ~]$ 

I should have scrolled more :-( Sorry.

I don't have /usr/include/mysql/private/ssl_compat.h. 

Must I really install msql stuff?


--Frank Elsner

-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] Again nested LDAP queries...

[Mike Brudenell via Exim-users]

If you're trying to get to values within a list, try using the *listextract*
expansion item:
https://www.exim.org/exim-html-current/doc/html/spec_html/ch-string_expansions.html#SECTexpansionitems

There's a bit more on it in the *File and database lookups* chapter in
the *Format
of data returned by LDAP* section, which talks about needing to use
*listextract* to parse returned LDAP data as it understands the doubling of
embedded commas within values:
https://www.exim.org/exim-html-current/doc/html/spec_html/ch-file_and_database_lookups.html#SECID71

(And in passing, there's also the *extract* expansion item which parses
space-separated *keyword=value* pairs, although this isn't what you need
for this situation.)

Cheers,
Mike B-)

On 29 November 2017 at 14:58, Marco Gaiarin  wrote:

>
> >>> What i'm missing?!
> >> quote_ldap_dn   ?
> > No, seems no. Same result.
>
> Boh. I've done some more tests, but insted of using:
>
> exim -be
>
> i've used:
>
> exim -d+deliver -v -bt test@domain
>
> and my LDAP query, as expected, work. The query finally is:
>
> ${lookup ldapm {user=LOCAL_AD_BIND_DN pass=LOCAL_AD_PASS
> ldap:///LOCAL_AD_BASE_DN?uid?sub?(&(|(objectClass=user)(
> objectClass=group))(memberOf=\
> ${quote_ldap:${sg {${lookup ldap {user=LOCAL_AD_BIND_DN
> pass=LOCAL_AD_PASS ldap:///LOCAL_AD_BASE_DN?distinguishedName?sub?(&(
> objectClass=group)(mail=${quote_ldap:${local_part}}@${quote_ldap:${domain}}))}}}
> {,,} {,}}}\
> ))}}
>
> and using '|(objectClass=user)(objectClass=group)' i can also ''expand''
> correctly nested group memberships; clearly exim do some loops, but finally
> get the result.
>
>
> >> Also, your sg's are problematic in the face of fields containing commas.
> > Some more hint? Thanks.
>
> Still i'm seeking feedback on 'sg', i don't see alternatives
>
>
> Thanks.
>
> --
>   Errare è umano, ma per fare veramente casino
>   ci vuole la password di root  (Zio Budda)
>
>
>
> --
> ## List details at https://lists.exim.org/mailman/listinfo/exim-users
> ## Exim details at http://www.exim.org/
> ## Please use the Wiki with this list - http://wiki.exim.org/
>



-- 
Systems Administrator & Change Manager
IT Services, University of York, Heslington, York YO10 5DD, UK
Tel: +44-(0)1904-323811

Web: www.york.ac.uk/it-services
Disclaimer: www.york.ac.uk/docs/disclaimer/email.htm
-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] Exim 4.90 RC3 uploaded

[Frank Elsner]

On Thu, 30 Nov 2017 04:29:37 -0500 Phil Pennock wrote:
> On 2017-11-30 at 08:35 +0100, Frank Elsner wrote:
> > On Wed, 29 Nov 2017 20:21:47 + Jeremy Harris wrote:
> > > -BEGIN PGP SIGNED MESSAGE-
> > > Hash: SHA256
> > > 
> > > I have built, signed and uploaded RC3 of Exim 4.90 to the ftp site:
> > 
> > Hi,
> > 
> > I've still problems to compile on an actual Fedora 26 system:
> 
> Which version of OpenSSL is this?

openssl-1.1.0g-1.fc26.i686

> Try:
>   yum -y install --allowerasing compat-openssl10-devel
> to replace openssl-devel (OpenSSL 1.1.x) with OpenSSL 1.0 stuff.

Sorry, didn't help:

Removed:
  openssl-devel.i686 1:1.1.0g-1.fc26
  

Installed:
  compat-openssl10-devel.i686 1:1.0.2m-1.fc26

A different error comes up:

gcc tls.c
In file included from tls.c:122:0:
tls-openssl.c: In function ‘verify_callback’:
tls-openssl.c:444:17: warning: implicit declaration of function 
‘X509_check_host’; did you mean ‘X509_check_trust’? 
[-Wimplicit-function-declaration]
   if ((rc = X509_check_host(cert, CCS name, 0,
 ^~~
 X509_check_trust
tls-openssl.c: In function ‘tls_expand_session_files’:
tls-openssl.c:1072:14: error: ‘tls_ext_ctx_cb {aka struct tls_ext_ctx_cb}’ has 
no member named ‘is_server’
   if (!cbinfo->is_server)  /* client */
  ^~
tls-openssl.c:1092:15: error: ‘tls_ext_ctx_cb {aka struct tls_ext_ctx_cb}’ has 
no member named ‘is_server’
 if (cbinfo->is_server)
   ^~
tls-openssl.c:1115:15: error: ‘tls_ext_ctx_cb {aka struct tls_ext_ctx_cb}’ has 
no member named ‘is_server’
 if (cbinfo->is_server)
   ^~
make[1]: *** [Makefile:797: tls.o] Error 1

--Frank Elsner

-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] Exim 4.90 RC3 uploaded

[Jeremy Harris]

On 30/11/17 07:35, Frank Elsner wrote:
> On Wed, 29 Nov 2017 20:21:47 + Jeremy Harris wrote:
>> -BEGIN PGP SIGNED MESSAGE-
>> Hash: SHA256
>>
>> I have built, signed and uploaded RC3 of Exim 4.90 to the ftp site:
> 
> Hi,
> 
> I've still problems to compile on an actual Fedora 26 system:
> 
> gcc tls.c
> In file included from tls.c:122:0:
> tls-openssl.c: In function ‘verify_callback’:
> tls-openssl.c:444:17: warning: implicit declaration of function 
> ‘X509_check_host’; did you mean ‘X509_check_trust’? 
> [-Wimplicit-function-declaration]
>if ((rc = X509_check_host(cert, CCS name, 0,
>  ^~~
>  X509_check_trust

On my f27 system, X509_check_host is defined in include/openssl/x509v3.h  :-

  File FunctionLine
0 include/openssl/x509v3.h 702 int X509_check_host(X509 *x, 
const char *chk, size_t chklen,
1 src/tls-openssl.cverify_callback 444 if ((rc = X509_check_host(cert, 
CCS name, 0,


On my (VM) f26 system:

[jgh@armadillo ~]$ uname -a
Linux armadillo.vm.dom.ain 4.13.12-200.fc26.aarch64 #1 SMP Wed Nov 8 16:31:35 
UTC 2017 aarch64 aarch64 aarch64 GNU/Linux
[jgh@armadillo ~]$ grep -r X509_check_host /usr/include
/usr/include/openssl/x509v3.h:int X509_check_host(X509 *x, const char *chk, 
size_t chklen,
/usr/include/mysql/private/ssl_compat.h:#define HAVE_X509_check_host 1
[jgh@armadillo ~]$ 



> tls-openssl.c: In function ‘tls_expand_session_files’:
> tls-openssl.c:1072:14: error: ‘tls_ext_ctx_cb {aka struct tls_ext_ctx_cb}’ 
> has no member named ‘is_server’
>if (!cbinfo->is_server)  /* client */

You must have a mismatched set of build-interim files for that.
Try "make distclean && make".

-- 
Cheers,
  Jeremy

-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] Exim 4.90 RC3 uploaded

[Phil Pennock]

On 2017-11-30 at 08:35 +0100, Frank Elsner wrote:
> On Wed, 29 Nov 2017 20:21:47 + Jeremy Harris wrote:
> > -BEGIN PGP SIGNED MESSAGE-
> > Hash: SHA256
> > 
> > I have built, signed and uploaded RC3 of Exim 4.90 to the ftp site:
> 
> Hi,
> 
> I've still problems to compile on an actual Fedora 26 system:

Which version of OpenSSL is this?

Try:
  yum -y install --allowerasing compat-openssl10-devel
to replace openssl-devel (OpenSSL 1.1.x) with OpenSSL 1.0 stuff.

We still haven't actually moved to a newer OpenSSL API, although we keep
threatening to, so we probably still build with upstream-unsupported
releases of OpenSSL.  But part of the reason for moving to "only support
the versions which upstream supports" is that it will let us switch APIs
(at some point) to use stuff which works with OpenSSL 1.1 too.

-Phil

-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/