| 1 | /************************************************* |
| 2 | * Exim - an Internet mail transport agent * |
| 3 | *************************************************/ |
| 4 | |
| 5 | /* Copyright (c) University of Cambridge 1995 - 2012, 2014 */ |
| 6 | /* See the file NOTICE for conditions of use and distribution. */ |
| 7 | |
| 8 | /* This module provides DANE (RFC6659) support for Exim. See also |
| 9 | the draft RFC for DANE-over-SMTP, "SMTP security via opportunistic DANE TLS" |
| 10 | (V. Dukhovni, W. Hardaker) - version 10, dated May 25, 2014. |
| 11 | |
| 12 | The code for DANE support with Openssl was provided by V.Dukhovni. |
| 13 | |
| 14 | No cryptographic code is included in Exim. All this module does is to call |
| 15 | functions from the OpenSSL or GNU TLS libraries. */ |
| 16 | |
| 17 | |
| 18 | #include "exim.h" |
| 19 | |
| 20 | /* This module is compiled only when it is specifically requested in the |
| 21 | build-time configuration. However, some compilers don't like compiling empty |
| 22 | modules, so keep them happy with a dummy when skipping the rest. Make it |
| 23 | reference itself to stop picky compilers complaining that it is unused, and put |
| 24 | in a dummy argument to stop even pickier compilers complaining about infinite |
| 25 | loops. */ |
| 26 | |
| 27 | #ifndef EXPERIMENTAL_DANE |
| 28 | static void dummy(int x) { dummy(x-1); } |
| 29 | #else |
| 30 | |
| 31 | /* Enabling DANE without enabling TLS cannot work. Abort the compilation. */ |
| 32 | # ifndef SUPPORT_TLS |
| 33 | # error DANE support requires that TLS support must be enabled. Abort build. |
| 34 | # endif |
| 35 | |
| 36 | /* DNSSEC support is also required */ |
| 37 | # ifndef RES_USE_DNSSEC |
| 38 | # error DANE support requires that the DNS resolver library supports DNSSEC |
| 39 | # endif |
| 40 | |
| 41 | # ifdef USE_GNUTLS |
| 42 | # include "dane-gnu.c" |
| 43 | # else |
| 44 | # include "dane-openssl.c" |
| 45 | # endif |
| 46 | |
| 47 | |
| 48 | #endif /* EXPERIMENTAL_DANE */ |
| 49 | |
| 50 | /* End of dane.c */ |