Package: exim4-config Version: 4.80-3 Severity: normal Tags: patch The configured (or default) TLS certificate and private key are not used for a smarthost transport.
The following patch fixes this for me, but I don't know that it is generally correct. By the point this fragment is read all the MAIN_TLS_* macros seem to become undefined. The patch defines some of them again, but I think it can only work for the default certificate and private key locations. I don't know whether the disappearing macros are a bug in exim4 itself or a subtlety of scoping in the configuration file. Either way, it's very confusing. Ben. --- a/debian/debconf/conf.d/transport/30_exim4-config_remote_smtp_smarthost +++ b/debian/debconf/conf.d/transport/30_exim4-config_remote_smtp_smarthost @@ -6,6 +6,13 @@ # to a smarthost. The local host tries to authenticate. # This transport is used for smarthost and satellite configurations. +.ifndef MAIN_TLS_CERTIFICATE +MAIN_TLS_CERTIFICATE = CONFDIR/exim.crt +.endif +.ifndef MAIN_TLS_PRIVATEKEY +MAIN_TLS_PRIVATEKEY = CONFDIR/exim.key +.endif + remote_smtp_smarthost: debug_print = "T: remote_smtp_smarthost for $local_part@$domain" driver = smtp @@ -30,3 +37,9 @@ .ifdef TLS_DH_MIN_BITS tls_dh_min_bits = TLS_DH_MIN_BITS .endif +.ifdef MAIN_TLS_CERTKEY + tls_certificate = MAIN_TLS_CERTKEY +.else + tls_certificate = MAIN_TLS_CERTIFICATE + tls_privatekey = MAIN_TLS_PRIVATEKEY +.endif --- END --- -- Package-specific info: Exim version 4.80 #3 built 08-Jun-2012 13:17:31 Copyright (c) University of Cambridge, 1995 - 2012 (c) The Exim Maintainers and contributors in ACKNOWLEDGMENTS file, 2007 - 2012 Berkeley DB: Berkeley DB 5.1.29: (October 25, 2011) Support for: crypteq iconv() IPv6 GnuTLS move_frozen_messages DKIM Lookups (built-in): lsearch wildlsearch nwildlsearch iplsearch cdb dbm dbmjz dbmnz dnsdb dsearch nis nis0 passwd Authenticators: cram_md5 plaintext Routers: accept dnslookup ipliteral manualroute queryprogram redirect Transports: appendfile/maildir/mailstore autoreply lmtp pipe smtp Fixed never_users: 0 Size of off_t: 8 Configuration file is /var/lib/exim4/config.autogenerated # /etc/exim4/update-exim4.conf.conf # # Edit this file and /etc/mailname by hand and execute update-exim4.conf # yourself or use 'dpkg-reconfigure exim4-config' dc_eximconfig_configtype='satellite' dc_other_hostnames='' dc_local_interfaces='127.0.0.1' dc_readhost='decadent.org.uk' dc_relay_domains='' dc_minimaldns='false' dc_relay_nets='' dc_smarthost='mail.decadent.org.uk::587' CFILEMODE='644' dc_use_split_config='false' dc_hide_mailname='true' dc_mailname_in_oh='true' dc_localdelivery='mail_spool' mailname:decadent.org.uk -- System Information: Debian Release: wheezy/sid APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'proposed-updates'), (500, 'unstable'), (500, 'stable'), (1, 'experimental') Architecture: i386 (x86_64) Foreign Architectures: amd64 Kernel: Linux 3.2.0-2-amd64 (SMP w/2 CPU cores) Locale: LANG=en_GB.utf8, LC_CTYPE=en_GB.utf8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages exim4-config depends on: ii adduser 3.113+nmu3 ii debconf [debconf-2.0] 1.5.43 exim4-config recommends no packages. exim4-config suggests no packages. -- debconf information: * exim4/dc_smarthost: mail.decadent.org.uk::587 exim4/dc_relay_domains: exim4/dc_relay_nets: * exim4/mailname: decadent.org.uk exim4/dc_localdelivery: mbox format in /var/mail/ * exim4/dc_local_interfaces: 127.0.0.1 * exim4/dc_minimaldns: false * exim4/dc_other_hostnames: * exim4/dc_eximconfig_configtype: mail sent by smarthost; no local mail exim4/no_config: true exim4/hide_mailname: true exim4/dc_postmaster: ben * exim4/dc_readhost: decadent.org.uk * exim4/use_split_config: false exim4/exim4-config-title: -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]
