From owner-freebsd-bugs  Sat Jun 23  2:20:12 2001
Delivered-To: freebsd-bugs@hub.freebsd.org
Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21])
	by hub.freebsd.org (Postfix) with ESMTP id DAECC37B407
	for <freebsd-bugs@hub.freebsd.org>; Sat, 23 Jun 2001 02:20:01 -0700 (PDT)
	(envelope-from gnats@FreeBSD.org)
Received: (from gnats@localhost)
	by freefall.freebsd.org (8.11.3/8.11.3) id f5N9K1I62492;
	Sat, 23 Jun 2001 02:20:01 -0700 (PDT)
	(envelope-from gnats)
Received: from mail.noos.fr (lafontaine.noos.net [212.198.2.72])
	by hub.freebsd.org (Postfix) with ESMTP id F230B37B406
	for <FreeBSD-gnats-submit@freebsd.org>; Sat, 23 Jun 2001 02:13:27 -0700 (PDT)
	(envelope-from root@gits.dyndns.org)
Received: (qmail 6874289 invoked by uid 0); 23 Jun 2001 09:13:26 -0000
Received: from unknown (HELO gits.dyndns.org) ([212.198.231.187]) (envelope-sender <root@gits.dyndns.org>)
          by 212.198.2.72 (qmail-ldap-1.03) with SMTP
          for <FreeBSD-gnats-submit@freebsd.org>; 23 Jun 2001 09:13:26 -0000
Received: (from root@localhost)
	by gits.dyndns.org (8.11.4/8.11.4) id f5N9DPd04939;
	Sat, 23 Jun 2001 11:13:25 +0200 (CEST)
	(envelope-from root)
Message-Id: <200106230913.f5N9DPd04939@gits.dyndns.org>
Date: Sat, 23 Jun 2001 11:13:25 +0200 (CEST)
From: Cyrille Lefevre <clefevre@redirect.to>
Reply-To: Cyrille Lefevre <clefevre@redirect.to>
To: FreeBSD-gnats-submit@freebsd.org
X-Send-Pr-Version: 3.113
Subject: conf/28361: sendmail.cf is missing some STARTTLS support
Sender: owner-freebsd-bugs@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-bugs.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo?subject=subscribe%20freebsd-bugs>
List-Unsubscribe: <mailto:majordomo?subject=unsubscribe%20freebsd-bugs>
X-Loop: FreeBSD.org


>Number:         28361
>Category:       conf
>Synopsis:       sendmail.cf is missing some STARTTLS support
>Confidential:   no
>Severity:       serious
>Priority:       high
>Responsible:    freebsd-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          change-request
>Submitter-Id:   current-users
>Arrival-Date:   Sat Jun 23 02:20:01 PDT 2001
>Closed-Date:
>Last-Modified:
>Originator:     Cyrille Lefevre
>Release:        FreeBSD 4.3-STABLE i386
>Organization:
ACME
>Environment:

System: FreeBSD gits 4.3-STABLE FreeBSD 4.3-STABLE #26: Wed May 23 12:46:38 CEST 2001 root@gits:/disk2/4.x-stable/src/sys/compile/CUSTOM i386

>Description:
	since sendmail is compiled w/ some _FFR_* options,
	sendmail.cf files have to be generated with some
	of them also (currently _FFR_TLS_O_T). see
	http://www.sendmail.org/~ca/email/tricks.html
	for details. the following patch conditionally
	add the required options to M4.

>How-To-Repeat:
	# cd /etc/mail
	# echo Try_TLS:noos.fr NO > access
	# make all install
/usr/bin/m4 -D_CF_DIR_=/usr/share/sendmail/cf/ /usr/share/sendmail/cf/m4/cf.m4  /etc/mail/gits.mc > /etc/mail/gits.cf
/usr/sbin/makemap hash access.db < access
install -C -c -m 444 /etc/mail/gits.cf /etc/mail/sendmail.cf
	# grep -E '(offer|try)_tls' sendmail.cf
	(nop)
	# sendmail -v -q
Running /var/spool/mqueue/f5MNskW76121 (sequence 1 of 4)
lefevrec@yahoo.com... Connecting to mail.noos.fr via relay...
220 mail.noos.fr ESMTP
>Fix:

Index: Makefile
===================================================================
RCS file: /home/ncvs/src/etc/mail/Makefile,v
retrieving revision 1.9.2.9
diff -u -r1.9.2.9 Makefile
--- Makefile	2001/05/24 20:51:06	1.9.2.9
+++ Makefile	2001/06/23 03:39:39
@@ -55,12 +55,21 @@
 # This is the directory where the sendmail configuration files are
 # located.
 #
+STARTTLS_SUPPORT=	false
 .if exists(/usr/share/sendmail/cf)
 SENDMAIL_CF_DIR?=	/usr/share/sendmail/cf
+.if exists(/usr/lib/libssl.so)
+STARTTLS_SUPPORT=	true
+.endif
 .elif exists(/usr/src/contrib/sendmail/cf)
 SENDMAIL_CF_DIR?=	/usr/src/contrib/sendmail/cf
+.if exists(../../secure)
+STARTTLS_SUPPORT=	true
+.endif
 .endif
 
+M4FLAGS=	-D_CF_DIR_=${SENDMAIL_CF_DIR}/
+
 #
 # The pid is used to stop and restart the running daemon.
 #
@@ -74,6 +83,13 @@
 M4?=			/usr/bin/m4
 KILL?=			/bin/kill
 
+# STARTTLS support
+.if (${STARTTLS_SUPPORT} == "true") && \
+	!defined(NOCRYPT) && !defined(NOSECURE) && \
+	!defined(NO_OPENSSL) && !defined(RELEASE_CRUNCH)
+M4FLAGS+=	-D_FFR_TLS_O_T
+.endif
+
 # Set a reasonable default
 .MAIN:	all
 
@@ -124,7 +140,7 @@
 .SUFFIXES:	.cf .mc
 
 .mc.cf:		${M4FILES}
-	${M4} -D_CF_DIR_=${SENDMAIL_CF_DIR}/ ${SENDMAIL_CF_DIR}/m4/cf.m4 \
+	${M4} ${M4FLAGS} ${SENDMAIL_CF_DIR}/m4/cf.m4 \
 		${@:R}.mc > ${.TARGET}
 
 #
>Release-Note:
>Audit-Trail:
>Unformatted:
 >>> EHLO gits.dyndns.org
 250-mail.noos.fr
 250-PIPELINING
 250-STARTTLS
 250-SIZE 10485760
 250 8BITMIME
 >>> STARTTLS
 220 ready for tls
 lefevrec@yahoo.com... Deferred: 403 4.7.0 lefevrec@yahoo.com... TLS handshake failed.
 
 	(w/ this patch)
 
 	# cd /etc/mail; make all install
 /usr/bin/m4 -D_CF_DIR_=/usr/share/sendmail/cf/ -D_FFR_TLS_O_T /usr/share/sendmail/cf/m4/cf.m4  /etc/mail/gits.mc > /etc/mail/gits.cf
 install -C -c -m 444 /etc/mail/gits.cf /etc/mail/sendmail.cf
 	# grep -E '(offer|try)_tls' sendmail.cf
 Soffer_tls
 Stry_tls
 	# sendmail -v -q
 lefevrec@yahoo.com... Connecting to mail.noos.fr via relay...
 220 mail.noos.fr ESMTP
 >>> EHLO gits.dyndns.org
 250-mail.noos.fr
 250-PIPELINING
 250-STARTTLS
 250-SIZE 10485760
 250 8BITMIME
 >>> MAIL From:<root@gits.dyndns.org> SIZE=48
 ...
 lefevrec@yahoo.com... Sent (ok 993273557 qp 6747083)
 Closing connection to mail.noos.fr
 >>> QUIT
 221 mail.noos.fr
 

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-bugs" in the body of the message