Date: Tue, 27 Aug 2019 20:11:45 +0000 (UTC) From: Hiroki Sato <hrs@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r351554 - head/contrib/sendmail/src Message-ID: <201908272011.x7RKBjpu003182@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: hrs Date: Tue Aug 27 20:11:45 2019 New Revision: 351554 URL: https://svnweb.freebsd.org/changeset/base/351554 Log: MFV r351553: Fix a problem which prevented -OServerSSLOptions or -OClientSSLOptions specified in the command-line option from working. This patch has been accepted by the upstream. Reviewed by and discussed with: gshapiro Modified: head/contrib/sendmail/src/conf.c head/contrib/sendmail/src/readcf.c Directory Properties: head/contrib/sendmail/ (props changed) Modified: head/contrib/sendmail/src/conf.c ============================================================================== --- head/contrib/sendmail/src/conf.c Tue Aug 27 19:37:19 2019 (r351553) +++ head/contrib/sendmail/src/conf.c Tue Aug 27 20:11:45 2019 (r351554) @@ -365,6 +365,20 @@ setdefaults(e) TLS_Srv_Opts = TLS_I_SRV; if (NULL == EVP_digest) EVP_digest = EVP_md5(); + Srv_SSL_Options = SSL_OP_ALL; + Clt_SSL_Options = SSL_OP_ALL +# ifdef SSL_OP_NO_SSLv2 + | SSL_OP_NO_SSLv2 +# endif +# ifdef SSL_OP_NO_TICKET + | SSL_OP_NO_TICKET +# endif + ; +# ifdef SSL_OP_TLSEXT_PADDING + /* SSL_OP_TLSEXT_PADDING breaks compatibility with some sites */ + Srv_SSL_Options &= ~SSL_OP_TLSEXT_PADDING; + Clt_SSL_Options &= ~SSL_OP_TLSEXT_PADDING; +# endif /* SSL_OP_TLSEXT_PADDING */ #endif /* STARTTLS */ #ifdef HESIOD_INIT HesiodContext = NULL; Modified: head/contrib/sendmail/src/readcf.c ============================================================================== --- head/contrib/sendmail/src/readcf.c Tue Aug 27 19:37:19 2019 (r351553) +++ head/contrib/sendmail/src/readcf.c Tue Aug 27 20:11:45 2019 (r351554) @@ -159,22 +159,6 @@ readcf(cfname, safe, e) FileName = cfname; LineNumber = 0; -#if STARTTLS - Srv_SSL_Options = SSL_OP_ALL; - Clt_SSL_Options = SSL_OP_ALL -# ifdef SSL_OP_NO_SSLv2 - | SSL_OP_NO_SSLv2 -# endif -# ifdef SSL_OP_NO_TICKET - | SSL_OP_NO_TICKET -# endif - ; -# ifdef SSL_OP_TLSEXT_PADDING - /* SSL_OP_TLSEXT_PADDING breaks compatibility with some sites */ - Srv_SSL_Options &= ~SSL_OP_TLSEXT_PADDING; - Clt_SSL_Options &= ~SSL_OP_TLSEXT_PADDING; -# endif /* SSL_OP_TLSEXT_PADDING */ -#endif /* STARTTLS */ if (DontLockReadFiles) sff |= SFF_NOLOCK; cf = safefopen(cfname, O_RDONLY, 0444, sff);
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201908272011.x7RKBjpu003182>