From owner-freebsd-stable@FreeBSD.ORG Thu Jun 18 17:36:23 2015 Return-Path: Delivered-To: freebsd-stable@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id C9A51D5A; Thu, 18 Jun 2015 17:36:23 +0000 (UTC) (envelope-from jenkins-admin@freebsd.org) Received: from jenkins-9.freebsd.org (jenkins-9.freebsd.org [8.8.178.209]) by mx1.freebsd.org (Postfix) with ESMTP id B96CA7F9; Thu, 18 Jun 2015 17:36:23 +0000 (UTC) (envelope-from jenkins-admin@freebsd.org) Received: from jenkins-9.freebsd.org (localhost [127.0.0.1]) by jenkins-9.freebsd.org (Postfix) with ESMTP id D3F711B6; Thu, 18 Jun 2015 17:36:23 +0000 (UTC) Date: Thu, 18 Jun 2015 17:36:23 +0000 (GMT) From: jenkins-admin@freebsd.org To: jenkins-admin@FreeBSD.org, freebsd-stable@FreeBSD.org, freebsd-i386@FreeBSD.org Message-ID: <2073361883.1.1434648983671.JavaMail.jenkins@jenkins-9.freebsd.org> Subject: FreeBSD_STABLE_9-i386 - Build #68 - Failure MIME-Version: 1.0 X-Jenkins-Job: FreeBSD_STABLE_9-i386 X-Jenkins-Result: FAILURE Precedence: bulk Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit X-Content-Filtered-By: Mailman/MimeDel 2.1.20 X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.20 List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 18 Jun 2015 17:36:23 -0000 FreeBSD_STABLE_9-i386 - Build #68 - Failure: Check console output at https://jenkins.freebsd.org/job/FreeBSD_STABLE_9-i386/68/ to view the results. From owner-freebsd-stable@FreeBSD.ORG Thu Jun 18 18:37:04 2015 Return-Path: Delivered-To: freebsd-stable@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 091DBBFA; Thu, 18 Jun 2015 18:37:04 +0000 (UTC) (envelope-from list-freebsd-announce@jyborn.se) Received: from mailgate.leissner.se (mailgate.leissner.se [212.3.1.210]) by mx1.freebsd.org (Postfix) with ESMTP id 7293D8A2; Thu, 18 Jun 2015 18:37:02 +0000 (UTC) (envelope-from list-freebsd-announce@jyborn.se) Received: from mailgate.leissner.se (localhost [127.0.0.1]) by mailgate.leissner.se (8.15.1/8.15.1) with ESMTP id t5IIaxCG003585; Thu, 18 Jun 2015 20:36:59 +0200 (CEST) (envelope-from list-freebsd-announce@jyborn.se) Received: (from uucp@localhost) by mailgate.leissner.se (8.15.1/8.15.1/Submit) id t5IIaxqK003583; Thu, 18 Jun 2015 20:36:59 +0200 (CEST) (envelope-from list-freebsd-announce@jyborn.se) Received: from pol.leissner.se(192.71.29.17), claiming to be "pol-server.leissner.se" via SMTP by mailgate.leissner.se, id smtpdM2rP4x; Thu Jun 18 20:36:49 2015 Received: from localhost (pol-server.leissner.se [local]); by pol-server.leissner.se (OpenSMTPD) with ESMTPA id c8684114; Thu, 18 Jun 2015 20:36:49 +0200 (CEST) Date: Thu, 18 Jun 2015 20:36:49 +0200 From: Peter Olsson To: Gregory Shapiro Cc: FreeBSD Errata Notices , freebsd-stable Subject: Re: [FreeBSD-Announce] FreeBSD Errata Notice FreeBSD-EN-15:08.sendmail Message-ID: <20150618183649.GE3755@pol-server.leissner.se> References: <201506180553.t5I5rKlO059969@freefall.freebsd.org> <20150618112132.GD7234@pol-server.leissner.se> <20150618132211.GO7234@pol-server.leissner.se> <20150618151032.GB42082@minime.local> <20150618151608.GB3755@pol-server.leissner.se> <20150618154115.GA68153@C02N93Y5G3QT.corp.proofpoint.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20150618154115.GA68153@C02N93Y5G3QT.corp.proofpoint.com> User-Agent: Mutt/1.5.23 (2014-03-12) X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 18 Jun 2015 18:37:04 -0000 On Thu, Jun 18, 2015 at 08:41:51AM -0700, Gregory Shapiro wrote: > > I never changed or generated anything in the mail configuration > > on these servers, they use the default mc/cf files: > > > > $ grep DHParam /etc/mail/sendmail.cf > > # DHParameters (only required if DSA/DH is used) > > O DHParameters=/etc/mail/certs/dh.param > > > > $ ls -l /etc/mail/certs > > total 12 > > lrwxr-xr-x 1 root wheel 10 31 Aug 2014 4bc0b037.0 -> cacert.pem > > -rw-r--r-- 1 root wheel 1326 31 Aug 2014 cacert.pem > > -rw-r--r-- 1 root wheel 1375 31 Aug 2014 host.cert > > -rw------- 1 root wheel 1704 31 Aug 2014 host.key > > I found what is breaking it. This commit made locally to FreeBSD: > > Revision 256982 > Modified Wed Oct 23 16:55:20 2013 UTC (19 months, 3 weeks ago) by jmg > MFC r256773: > Enable the automatic creation of a certificate (if one does not exists) > and enable the usage by sendmail if sendmail is enabled. > > sets DHParameters to that file but nothing else generates that file. > We'll have to rev the Errata (and patch) to create that file. In the mean > time, generating the file will fix the problem: > > openssl dhparam -out /etc/mail/certs/dh.param 2048 > > I'll probably fix this by changing /etc/rc.d/sendmail to do the above. > > I'll also look into the sendmail source behavior when the file doesn't > exist (it should revert to it's defaults). Thanks for the investigation and explanation. I have now generated dh.param in both servers and rebooted, and the problem is gone. Thanks! Peter Olsson