From owner-freebsd-stable@freebsd.org  Fri Aug 14 10:47:06 2020
Return-Path: <owner-freebsd-stable@freebsd.org>
Delivered-To: freebsd-stable@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id 2028C3BC227
 for <freebsd-stable@mailman.nyi.freebsd.org>;
 Fri, 14 Aug 2020 10:47:06 +0000 (UTC)
 (envelope-from bengt.ahlgren@ri.se)
Received: from mailman.nyi.freebsd.org (unknown [127.0.1.3])
 by mx1.freebsd.org (Postfix) with ESMTP id 4BSg9j58m0z4YZt
 for <freebsd-stable@freebsd.org>; Fri, 14 Aug 2020 10:47:05 +0000 (UTC)
 (envelope-from bengt.ahlgren@ri.se)
Received: by mailman.nyi.freebsd.org (Postfix)
 id AEDA73BC37E; Fri, 14 Aug 2020 10:47:05 +0000 (UTC)
Delivered-To: stable@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id AE9C23BC37D
 for <stable@mailman.nyi.freebsd.org>; Fri, 14 Aug 2020 10:47:05 +0000 (UTC)
 (envelope-from bengt.ahlgren@ri.se)
Received: from EUR04-HE1-obe.outbound.protection.outlook.com
 (mail-eopbgr70058.outbound.protection.outlook.com [40.107.7.58])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client CN "mail.protection.outlook.com",
 Issuer "GlobalSign Organization Validation CA - SHA256 - G3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 4BSg9h0W9jz4YpZ
 for <stable@freebsd.org>; Fri, 14 Aug 2020 10:47:03 +0000 (UTC)
 (envelope-from bengt.ahlgren@ri.se)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
 b=CACSo2JIpqQhDic2mh9qGpEIZ95vCM0gAwqqGI0XaC3u/GmCv0HKusyZbo6jLmSKvUsvOj9t02B2X68ZFq6LCkVVWmP/mE+KJuLJ8CdAmdVtlw/LWYI2nn9MPtogg32COcwQ6KhgbjQsrey1eiidM8GlfegS1r//aWezXZ7PJQuibzu461w5a/v6oKgNCC/UcNQ8RjbrQ9gCLLYkFqttZpF1nMDQeJxCoT8DAO2HVDXr6OkIlZWiTaBCw3pFSseEWP2aaFDsC0twg+CHClExCswm3j16nuKF7pRN5oGi/g9qWT18DpmrIrr5AaFUb8vFjgv0a02watRMJzmgZFyD6w==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; 
 s=arcselector9901;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=VgfJCJn3VO20Ywi9Pwbdd/aJD8cH3UIQhI4y12m4aj8=;
 b=btO28FwM7cmWY5W9cZMqsWdN1RcA9ZStL5bdG6QKAICFEypBYCkggetOKZAkIP0kisskVoTG9nRNklUXJT0GkiW0MeSG/3vfg+oDxNwi1hk/HzBTgzaYMdqNFZCj+ind2TqL30JlwiBVXM74zrnil1Y9t/TPZs/8hdsEEMJfVO35gqi8DScszTw/gqipMaJOPXjTmxtz7pZYwNbTtJkOBWZtWKML7SX2ow84W7HvBjGqT/jZRhUQA2pqBA8zUwmzpE+3llmc1X8xPHDBeDnFXTVLUoH5eOsN5OOzG4HrnEyfpRx9SBodHrvegISy+NEimRZk3nqR4XX+iJe/E/7+kg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass
 smtp.mailfrom=ri.se; dmarc=pass action=none header.from=ri.se; dkim=pass
 header.d=ri.se; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ri.se; s=selector1;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=VgfJCJn3VO20Ywi9Pwbdd/aJD8cH3UIQhI4y12m4aj8=;
 b=SL4QR45ajEbfo8osGlKYAieCzh8KgQNuPQ6ngQN0/A4NtwFXIjeTCoMNsdwyt0m3udTNNWp/hWB4hqClFZ51EwekEOwh8B8kKLbvBJSGq4Uir9X4fri7KGRKRdAtnAky8nwC2rebZyuR3epKUR5tTDRqjRJa7omLoUbQbb9C/Gk=
Received: from HE1P18901MB0186.EURP189.PROD.OUTLOOK.COM (2603:10a6:3:9d::7) by
 HE1P189MB0378.EURP189.PROD.OUTLOOK.COM (2603:10a6:7:5b::25) with
 Microsoft
 SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 15.20.3261.22; Fri, 14 Aug 2020 10:47:01 +0000
Received: from HE1P18901MB0186.EURP189.PROD.OUTLOOK.COM
 ([fe80::d8ad:4ee7:8ee:9b32]) by HE1P18901MB0186.EURP189.PROD.OUTLOOK.COM
 ([fe80::d8ad:4ee7:8ee:9b32%5]) with mapi id 15.20.3283.015; Fri, 14 Aug 2020
 10:47:00 +0000
X-Authentication-Warning: P142.sics.se: bengta set sender to
 bengt.ahlgren@ri.se using -f
From: Bengt Ahlgren <bengt.ahlgren@ri.se>
To: Eugene Grosbein <eugen@grosbein.net>
Cc: stable@freebsd.org
Subject: Re: 11.4 sendmail with SASL and ports openssl?
In-Reply-To: <defec58b-673f-bc10-beba-3beec146a5f4@grosbein.net> (Eugene
 Grosbein's message of "Tue, 11 Aug 2020 21:22:00 +0700")
References: <uh7lfil70nx.fsf@P142.sics.se>
 <defec58b-673f-bc10-beba-3beec146a5f4@grosbein.net>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/26.3 (berkeley-unix)
Date: Fri, 14 Aug 2020 12:46:55 +0200
Message-ID: <uh7364ppkrk.fsf@P142.sics.se>
Content-Type: text/plain
X-ClientProxiedBy: AM0PR04CA0133.eurprd04.prod.outlook.com
 (2603:10a6:208:55::38) To HE1P18901MB0186.EURP189.PROD.OUTLOOK.COM
 (2603:10a6:3:9d::7)
MIME-Version: 1.0
X-MS-Exchange-MessageSentRepresentingType: 1
Received: from P142.sics.se (2a00:801:43c:3a51:6257:18ff:fe76:2ef6) by
 AM0PR04CA0133.eurprd04.prod.outlook.com (2603:10a6:208:55::38) with Microsoft
 SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 15.20.3283.15 via Frontend Transport; Fri, 14 Aug 2020 10:47:00 +0000
Received: from P142.sics.se (localhost [127.0.0.1])	by P142.sics.se
 (8.16.1/8.16.1) with ESMTPS id 07EAku3o002250	(version=TLSv1.3
 cipher=TLS_AES_256_GCM_SHA384 bits=256 verify=NO);
 Fri, 14 Aug 2020 12:46:56 +0200 (CEST)	(envelope-from bengt.ahlgren@ri.se)
Received: (from bengta@localhost)	by P142.sics.se (8.16.1/8.16.1/Submit) id
 07EAktsE002249;
 Fri, 14 Aug 2020 12:46:55 +0200 (CEST)	(envelope-from bengt.ahlgren@ri.se)
X-Authentication-Warning: P142.sics.se: bengta set sender to
 bengt.ahlgren@ri.se using -f
X-Originating-IP: [2a00:801:43c:3a51:6257:18ff:fe76:2ef6]
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-Correlation-Id: dec387e3-079e-49c6-7838-08d8403f5f9a
X-MS-TrafficTypeDiagnostic: HE1P189MB0378:
X-MS-Exchange-Transport-Forked: True
X-Microsoft-Antispam-PRVS: <HE1P189MB037822AD69FC135F2F22DB48F6400@HE1P189MB0378.EURP189.PROD.OUTLOOK.COM>
X-MS-Oob-TLC-OOBClassifiers: OLM:10000;
X-MS-Exchange-SenderADCheck: 1
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: Gx7LPbj8iX9XScgIouYcbueTuCHcOP/quTD3rO3xY6/ICTPstQGKoGSAvRuqs6iE1DOwNjVly2w4Wb8r1DCvu6HD+UDiaAnafnEAg5vvm7OLTTvLTKyW8/QZbZXep0aDacceRcsY7nfxLBseI38eyMBH4LI5nIbeslUOJLdllBFUDSiiz/X2wgMjhfkxMbAytF4Nxb7h/d831Ud71lggsMPtWGqRTizEBl9mHuoNgtjzIk/vKmDwSc9/Oxu+5y6UKg/2Ry7gJp41RdpvmzRVWMvMmzXSuRi3V2vNDqleb/dcBQjbGPUgbBu+wg7kJGGa+GcKouwsS7m5pPwLiY5OxTnVGXwrtAfwKUvOTmW8MBFd2OGwXOM9NUp+TBX5HldNfDca1S7CkxbPpE5YodCqVg==
X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:;
 IPV:NLI; SFV:NSPM; H:HE1P18901MB0186.EURP189.PROD.OUTLOOK.COM; PTR:; CAT:NONE;
 SFTY:;
 SFS:(4636009)(136003)(346002)(376002)(396003)(366004)(39850400004)(4326008)(83380400001)(2906002)(6916009)(52116002)(186003)(86362001)(5660300002)(42186006)(8676002)(9686003)(966005)(44832011)(478600001)(66556008)(66476007)(66946007)(316002)(8936002);
 DIR:OUT; SFP:1101; 
X-MS-Exchange-AntiSpam-MessageData: r/T7WXyXGSYI39+0XObmXtMHKLZYhC1CtplN0ahufP2QxUh5vctF7POiGPdpcH0pO6pd/0PcpB/Ox0+rFaTBHUzUChZwEfLiEKTf/kGQY8K4qCZlWyPJu9BFlXxm5rMWw8hEvunKqKl0UT2v19X9c8VickAH9EEocF0cSp6274e9xdgvtlwvPgnlZozpFul5cl8Jq67GaIxRZiGctsvQocMbjOGkvzoPvwaDjzWT76C1laJCULXyr2vzGhQyzzBZJULKacncL63QcLdILQ6vx8KasFRsEk4yvmM3waZOo9/u+LPs+g4WEHwLVv+juJERWWU6Oq4IAusg9YBpuyTISalWISpLUzJz4PFcRNS2xaDaY2C4dxH1eMnQo3cLY+J7CPVuiqLF+Qdt/dgAkGMzhi1N2mGAuafmDW+l3HorDiPtLup+aHAQMcJ4BcehyNWIvwrmtRtZDuqpuYZlGTn0M0bgy0cDqpYdG9/NKn2kZJSjN9jS5a5vvmok7kuR5rXdsUh+cj7XKiUTDNw/nwTwCxLiRnBKpiLQrJr0cjFNSEctCRVPUpAXaF1wWl1BLX530T/hc3sK0JIB20XAI0hlitHTs4jhzw8/exwNajKKRsFCtbK+ReFZCO73yFAFFSoaOq1Sx43oh0RvHRH4Lfq94MkYN7I16iDJRbpFkhw1k1aeLcXVfwabhSXO0GtXPVlcz75pdEm+lotjHg26fr/KRw==
X-OriginatorOrg: ri.se
X-MS-Exchange-CrossTenant-Network-Message-Id: dec387e3-079e-49c6-7838-08d8403f5f9a
X-MS-Exchange-CrossTenant-AuthSource: HE1P18901MB0186.EURP189.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 14 Aug 2020 10:47:00.7229 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: 5a9809cf-0bcb-413a-838a-09ecc40cc9e8
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: ViXM+r3f+hgIFVDWbduXiaTJ7SMlGzlrOMtLtMzYzl7t57afr9Sz0toN0lRknHRRYpE8krTwfYqQ/GRg07O1JQ==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: HE1P189MB0378
X-Rspamd-Queue-Id: 4BSg9h0W9jz4YpZ
X-Spamd-Bar: ----
Authentication-Results: mx1.freebsd.org;
 dkim=pass header.d=ri.se header.s=selector1 header.b=SL4QR45a;
 dmarc=pass (policy=none) header.from=ri.se;
 spf=pass (mx1.freebsd.org: domain of bengt.ahlgren@ri.se designates
 40.107.7.58 as permitted sender) smtp.mailfrom=bengt.ahlgren@ri.se
X-Spamd-Result: default: False [-4.78 / 15.00];
 NEURAL_HAM_MEDIUM(-1.04)[-1.039]; RCVD_COUNT_FIVE(0.00)[5];
 HAS_XOIP(0.00)[]; FROM_HAS_DN(0.00)[]; TO_DN_SOME(0.00)[];
 R_SPF_ALLOW(-0.20)[+ip4:40.107.0.0/16];
 NEURAL_HAM_LONG(-1.02)[-1.016]; MIME_GOOD(-0.10)[text/plain];
 HAS_XAW(0.00)[];
 ARC_ALLOW(-1.00)[microsoft.com:s=arcselector9901:i=1];
 R_DKIM_ALLOW(-0.20)[ri.se:s=selector1];
 RWL_MAILSPIKE_POSSIBLE(0.00)[40.107.7.58:from];
 TO_MATCH_ENVRCPT_SOME(0.00)[]; DKIM_TRACE(0.00)[ri.se:+];
 RCPT_COUNT_TWO(0.00)[2]; DMARC_POLICY_ALLOW(-0.50)[ri.se,none];
 NEURAL_HAM_SHORT(-1.63)[-1.628]; FROM_EQ_ENVFROM(0.00)[];
 MIME_TRACE(0.00)[0:+]; SUBJECT_ENDS_QUESTION(1.00)[];
 ASN(0.00)[asn:8075, ipnet:40.104.0.0/14, country:US];
 RCVD_TLS_LAST(0.00)[];
 RCVD_IN_DNSWL_LOW(-0.10)[40.107.7.58:from]
X-BeenThere: freebsd-stable@freebsd.org
X-Mailman-Version: 2.1.33
Precedence: list
List-Id: Production branch of FreeBSD source code <freebsd-stable.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-stable>, 
 <mailto:freebsd-stable-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-stable/>
List-Post: <mailto:freebsd-stable@freebsd.org>
List-Help: <mailto:freebsd-stable-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-stable>,
 <mailto:freebsd-stable-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 14 Aug 2020 10:47:06 -0000

Eugene Grosbein <eugen@grosbein.net> writes:

> 11.08.2020 20:49, Bengt Ahlgren wrote:
>
>> I have since long compiled sendmail in base with SASL using a src.conf
>> like this:
>> 
>> # sendmail with SASL required for outgoing SMTP AUTH, see:
>> # https://www.freebsd.org/doc/en/books/handbook/SMTP-Auth.html
>> # depends on port security/cyrus-sasl2
>> SENDMAIL_CFLAGS=-I/usr/local/include/sasl -DSASL
>> SENDMAIL_LDFLAGS=-L/usr/local/lib
>> SENDMAIL_LDADD=-lsasl2
>> 
>> Since I'm still using 11.4, I had to start using openssl from ports due
>> to qt5 5.15.  Then the above didn't work anymore, so a bit reluctantly I
>> added -I/usr/local/include to the CFLAGS above, fearing that some other
>> random include file could be picked up.
>
> The Handbook was updated. Take a look to the link you have in the comment above
> for new settings.

Thanks, wasn't aware that it was updated!  Makes sense to not add
-L/usr/local/lib!  The updated settings from the handbook does build
fine also on 11.4 with the openssl port.

>> It however compiled and the
>> resulting binary is linked thus:
>> 
>> # ldd /usr/obj/usr/src/usr.sbin/sendmail/sendmail
>> /usr/obj/usr/src/usr.sbin/sendmail/sendmail:
>>         libsasl2.so.3 => /usr/local/lib/libsasl2.so.3 (0x8008db000)
>>         libutil.so.9 => /lib/libutil.so.9 (0x800af9000)
>>         libssl.so.11 => /usr/local/lib/libssl.so.11 (0x800d0d000)
>>         libcrypto.so.11 => /usr/local/lib/libcrypto.so.11 (0x801000000)
>>         libwrap.so.6 => /usr/lib/libwrap.so.6 (0x8014cb000)
>>         libc.so.7 => /lib/libc.so.7 (0x8016d4000)
>>         libdl.so.1 => /usr/lib/libdl.so.1 (0x801a8b000)
>>         libthr.so.3 => /lib/libthr.so.3 (0x801c8c000)
>> 
>> Does this look right?  Are there any know issues with this?
>
> If it's working for you, that's fine. If you like to minimize linking
> with ports libraries,
> use updated instructions from the Handbook. Sendmail will build and
> link with base system
> libssl/libcrypto and use only libsasl2 from ports/packages.

Then the question is whether I need openssl libraries from ports, when I
use that for all ports with DEFAULT_VERSIONS+=ssl=openssl due to QT5
requirements?

If I want to link with openssl from ports, it looks like I anyway need
SENDMAIL_LDFLAGS=-L/usr/local/lib, otherwise the linker will pick up
libssl and libcrypto from base.  Specifying the full path for these
libraries, like for libsasl2 in the handbook, only results in
double-linking with libraries from both ports and base.  So I ended up
with:

SENDMAIL_CFLAGS=-I/usr/local/include -I/usr/local/include/sasl -DSASL
SENDMAIL_LDFLAGS=-L/usr/local/lib
SENDMAIL_LDADD=/usr/local/lib/libsasl2.so

Bengt