diff options
| author | Andreas Metzler <ametzler@downhill.at.eu.org> | 2013-09-28 14:45:04 +0200 |
|---|---|---|
| committer | Andreas Metzler <ametzler@downhill.at.eu.org> | 2013-09-28 14:45:04 +0200 |
| commit | 98afafe796954627847143bc2bca03d2be2d1b48 (patch) | |
| tree | 9f5d480a7b79a8a2fdc5265be3b0f4e1b112f335 | |
| parent | 5ff5880d042ef5ebe30d0b6dd74adc87c466935a (diff) | |
| download | exim4-98afafe796954627847143bc2bca03d2be2d1b48.tar.gz | |
Use tls_in_cipher/tls_out_cipher expansion.
Appling upstream's default configuration changes to Debian change
30_exim4-config_examples to use tls_in_cipher/tls_out_cipher instead of
tls_out_cipher. - exim4-config therefore Breaks exim daemon << 4.82~rc1.
| -rw-r--r-- | debian/changelog | 3 | ||||
| -rw-r--r-- | debian/control | 2 | ||||
| -rw-r--r-- | debian/debconf/conf.d/auth/30_exim4-config_examples | 26 | ||||
| -rw-r--r-- | debian/example.conf.md5 | 2 |
4 files changed, 18 insertions, 15 deletions
diff --git a/debian/changelog b/debian/changelog index 0d902e6..1f64c50 100644 --- a/debian/changelog +++ b/debian/changelog @@ -6,6 +6,9 @@ exim4 (4.82~rc1-1) UNRELEASED; urgency=low 75_openssl_sni.diff 76_tls_dh_min_bits.diff 77_docsfortls_dh_min_bits.diff 78_pkcs11_init.diff 84_CVE-2012-5671.patch 85_server_set_id_SPA.diff 86_Dovecot-robustness.diff 87_localinjected_mimeacl.diff), unfuzz patches. + * Appling upstream's default configuration changes to Debian change + 30_exim4-config_examples to use tls_in_cipher/tls_out_cipher instead of + tls_out_cipher. - exim4-config therefore Breaks exim daemon << 4.82~rc1. -- Andreas Metzler <ametzler@debian.org> Sat, 28 Sep 2013 13:13:38 +0200 diff --git a/debian/control b/debian/control index e05bf12..9aaf9ef 100644 --- a/debian/control +++ b/debian/control @@ -57,7 +57,7 @@ Description: support files for all Exim MTA (v4) packages Package: exim4-config Architecture: all -Breaks: exim4-daemon-light (<<4.69.1), exim4-daemon-heavy (<<4.69.1) +Breaks: exim4-daemon-light (<<4.82~rc1), exim4-daemon-heavy (<<4.82~rc1) Provides: exim4-config-2 Conflicts: exim, exim-tls, exim4-config, exim4-config-2, ${MTA-Conflicts} Depends: ${shlibs:Depends}, ${misc:Depends}, adduser diff --git a/debian/debconf/conf.d/auth/30_exim4-config_examples b/debian/debconf/conf.d/auth/30_exim4-config_examples index 13853da..b3b1ce6 100644 --- a/debian/debconf/conf.d/auth/30_exim4-config_examples +++ b/debian/debconf/conf.d/auth/30_exim4-config_examples @@ -36,7 +36,7 @@ # server_set_id = $auth2 # server_prompts = : # .ifndef AUTH_SERVER_ALLOW_NOTLS_PASSWORDS -# server_advertise_condition = ${if eq{$tls_cipher}{}{}{*}} +# server_advertise_condition = ${if eq{$tls_in_cipher}{}{}{*}} # .endif # LOGIN authentication has traditional prompts and responses. There is no @@ -51,7 +51,7 @@ # server_condition = "${if crypteq{$auth2}{${extract{1}{:}{${lookup{$auth1}lsearch{CONFDIR/passwd}{$value}{*:*}}}}}{1}{0}}" # server_set_id = $auth1 # .ifndef AUTH_SERVER_ALLOW_NOTLS_PASSWORDS -# server_advertise_condition = ${if eq{$tls_cipher}{}{}{*}} +# server_advertise_condition = ${if eq{$tls_in_cipher}{}{}{*}} # .endif # # cram_md5_server: @@ -77,7 +77,7 @@ # server_set_id = $auth2 # server_prompts = : # .ifndef AUTH_SERVER_ALLOW_NOTLS_PASSWORDS -# server_advertise_condition = ${if eq{$tls_cipher}{}{}{*}} +# server_advertise_condition = ${if eq{$tls_in_cipher}{}{}{*}} # .endif # # login_saslauthd_server: @@ -88,7 +88,7 @@ # server_condition = ${if saslauthd{{$auth1}{$auth2}}{1}{0}} # server_set_id = $auth1 # .ifndef AUTH_SERVER_ALLOW_NOTLS_PASSWORDS -# server_advertise_condition = ${if eq{$tls_cipher}{}{}{*}} +# server_advertise_condition = ${if eq{$tls_in_cipher}{}{}{*}} # .endif # # ntlm_sasl_server: @@ -97,7 +97,7 @@ # server_realm = <short main hostname> # server_set_id = $auth1 # .ifndef AUTH_SERVER_ALLOW_NOTLS_PASSWORDS -# server_advertise_condition = ${if eq{$tls_cipher}{}{}{*}} +# server_advertise_condition = ${if eq{$tls_in_cipher}{}{}{*}} # .endif # # digest_md5_sasl_server: @@ -106,7 +106,7 @@ # server_realm = <short main hostname> # server_set_id = $auth1 # .ifndef AUTH_SERVER_ALLOW_NOTLS_PASSWORDS -# server_advertise_condition = ${if eq{$tls_cipher}{}{}{*}} +# server_advertise_condition = ${if eq{$tls_in_cipher}{}{}{*}} # .endif # Authentcate against cyrus-sasl @@ -124,7 +124,7 @@ # server_realm = <short main hostname> # server_set_id = $auth1 # .ifndef AUTH_SERVER_ALLOW_NOTLS_PASSWORDS -# server_advertise_condition = ${if eq{$tls_cipher}{}{}{*}} +# server_advertise_condition = ${if eq{$tls_in_cipher}{}{}{*}} # .endif # # login_sasl_server: @@ -133,7 +133,7 @@ # server_realm = <short main hostname> # server_set_id = $auth1 # .ifndef AUTH_SERVER_ALLOW_NOTLS_PASSWORDS -# server_advertise_condition = ${if eq{$tls_cipher}{}{}{*}} +# server_advertise_condition = ${if eq{$tls_in_cipher}{}{}{*}} # .endif # Authenticate against courier authdaemon @@ -152,7 +152,7 @@ # fail} # server_set_id = $auth2 # .ifndef AUTH_SERVER_ALLOW_NOTLS_PASSWORDS -# server_advertise_condition = ${if eq{$tls_cipher}{}{}{*}} +# server_advertise_condition = ${if eq{$tls_in_cipher}{}{}{*}} # .endif # login_courier_authdaemon: @@ -167,7 +167,7 @@ # fail} # server_set_id = $auth1 # .ifndef AUTH_SERVER_ALLOW_NOTLS_PASSWORDS -# server_advertise_condition = ${if eq{$tls_cipher}{}{}{*}} +# server_advertise_condition = ${if eq{$tls_in_cipher}{}{}{*}} # .endif # This one is a bad hack to support the broken version 4.xx of @@ -188,7 +188,7 @@ # server_prompts = User Name : Password # server_condition = no # .ifndef AUTH_SERVER_ALLOW_NOTLS_PASSWORDS -# server_advertise_condition = ${if eq{$tls_cipher}{}{}{*}} +# server_advertise_condition = ${if eq{$tls_in_cipher}{}{}{*}} # .endif ############## @@ -222,7 +222,7 @@ plain: driver = plaintext public_name = PLAIN .ifndef AUTH_CLIENT_ALLOW_NOTLS_PASSWORDS - client_send = "<; ${if !eq{$tls_cipher}{}\ + client_send = "<; ${if !eq{$tls_out_cipher}{}\ {^${extract{1}{:}{PASSWDLINE}}\ ^${sg{PASSWDLINE}{\\N([^:]+:)(.*)\\N}{\\$2}}\ }fail}" @@ -238,7 +238,7 @@ login: # Return empty string if not non-TLS AND looking up $host in passwd-file # yields a non-empty string; fail otherwise. client_send = "<; ${if and{\ - {!eq{$tls_cipher}{}}\ + {!eq{$tls_out_cipher}{}}\ {!eq{PASSWDLINE}{}}\ }\ {}fail}\ diff --git a/debian/example.conf.md5 b/debian/example.conf.md5 index fe55d76..ba51e3a 100644 --- a/debian/example.conf.md5 +++ b/debian/example.conf.md5 @@ -1 +1 @@ -b2257965b2f4c7300ab1ae9b3460ed54 - +c181c27925094f50dbb2f1388602cf03 - |