Date: Tue, 27 Aug 2019 19:37:19 +0000 (UTC) From: Hiroki Sato <hrs@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-vendor@freebsd.org Subject: svn commit: r351553 - vendor/sendmail/dist/src Message-ID: <201908271937.x7RJbJh0080184@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: hrs Date: Tue Aug 27 19:37:19 2019 New Revision: 351553 URL: https://svnweb.freebsd.org/changeset/base/351553 Log: Fix a problem which prevented -OServerSSLOptions or -OClientSSLOptions specified in the command-line option from working. This patch has been accepted by the upstream. Reviewed by and discussed with: gshapiro Modified: vendor/sendmail/dist/src/conf.c vendor/sendmail/dist/src/readcf.c Modified: vendor/sendmail/dist/src/conf.c ============================================================================== --- vendor/sendmail/dist/src/conf.c Tue Aug 27 18:00:01 2019 (r351552) +++ vendor/sendmail/dist/src/conf.c Tue Aug 27 19:37:19 2019 (r351553) @@ -365,6 +365,20 @@ setdefaults(e) TLS_Srv_Opts = TLS_I_SRV; if (NULL == EVP_digest) EVP_digest = EVP_md5(); + Srv_SSL_Options = SSL_OP_ALL; + Clt_SSL_Options = SSL_OP_ALL +# ifdef SSL_OP_NO_SSLv2 + | SSL_OP_NO_SSLv2 +# endif +# ifdef SSL_OP_NO_TICKET + | SSL_OP_NO_TICKET +# endif + ; +# ifdef SSL_OP_TLSEXT_PADDING + /* SSL_OP_TLSEXT_PADDING breaks compatibility with some sites */ + Srv_SSL_Options &= ~SSL_OP_TLSEXT_PADDING; + Clt_SSL_Options &= ~SSL_OP_TLSEXT_PADDING; +# endif /* SSL_OP_TLSEXT_PADDING */ #endif /* STARTTLS */ #ifdef HESIOD_INIT HesiodContext = NULL; Modified: vendor/sendmail/dist/src/readcf.c ============================================================================== --- vendor/sendmail/dist/src/readcf.c Tue Aug 27 18:00:01 2019 (r351552) +++ vendor/sendmail/dist/src/readcf.c Tue Aug 27 19:37:19 2019 (r351553) @@ -159,22 +159,6 @@ readcf(cfname, safe, e) FileName = cfname; LineNumber = 0; -#if STARTTLS - Srv_SSL_Options = SSL_OP_ALL; - Clt_SSL_Options = SSL_OP_ALL -# ifdef SSL_OP_NO_SSLv2 - | SSL_OP_NO_SSLv2 -# endif -# ifdef SSL_OP_NO_TICKET - | SSL_OP_NO_TICKET -# endif - ; -# ifdef SSL_OP_TLSEXT_PADDING - /* SSL_OP_TLSEXT_PADDING breaks compatibility with some sites */ - Srv_SSL_Options &= ~SSL_OP_TLSEXT_PADDING; - Clt_SSL_Options &= ~SSL_OP_TLSEXT_PADDING; -# endif /* SSL_OP_TLSEXT_PADDING */ -#endif /* STARTTLS */ if (DontLockReadFiles) sff |= SFF_NOLOCK; cf = safefopen(cfname, O_RDONLY, 0444, sff);
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201908271937.x7RJbJh0080184>