Author: hrs Date: Tue Aug 27 19:37:19 2019 New Revision: 351553 URL: https://svnweb.freebsd.org/changeset/base/351553
Log: Fix a problem which prevented -OServerSSLOptions or -OClientSSLOptions specified in the command-line option from working. This patch has been accepted by the upstream. Reviewed by and discussed with: gshapiro Modified: vendor/sendmail/dist/src/conf.c vendor/sendmail/dist/src/readcf.c Modified: vendor/sendmail/dist/src/conf.c ============================================================================== --- vendor/sendmail/dist/src/conf.c Tue Aug 27 18:00:01 2019 (r351552) +++ vendor/sendmail/dist/src/conf.c Tue Aug 27 19:37:19 2019 (r351553) @@ -365,6 +365,20 @@ setdefaults(e) TLS_Srv_Opts = TLS_I_SRV; if (NULL == EVP_digest) EVP_digest = EVP_md5(); + Srv_SSL_Options = SSL_OP_ALL; + Clt_SSL_Options = SSL_OP_ALL +# ifdef SSL_OP_NO_SSLv2 + | SSL_OP_NO_SSLv2 +# endif +# ifdef SSL_OP_NO_TICKET + | SSL_OP_NO_TICKET +# endif + ; +# ifdef SSL_OP_TLSEXT_PADDING + /* SSL_OP_TLSEXT_PADDING breaks compatibility with some sites */ + Srv_SSL_Options &= ~SSL_OP_TLSEXT_PADDING; + Clt_SSL_Options &= ~SSL_OP_TLSEXT_PADDING; +# endif /* SSL_OP_TLSEXT_PADDING */ #endif /* STARTTLS */ #ifdef HESIOD_INIT HesiodContext = NULL; Modified: vendor/sendmail/dist/src/readcf.c ============================================================================== --- vendor/sendmail/dist/src/readcf.c Tue Aug 27 18:00:01 2019 (r351552) +++ vendor/sendmail/dist/src/readcf.c Tue Aug 27 19:37:19 2019 (r351553) @@ -159,22 +159,6 @@ readcf(cfname, safe, e) FileName = cfname; LineNumber = 0; -#if STARTTLS - Srv_SSL_Options = SSL_OP_ALL; - Clt_SSL_Options = SSL_OP_ALL -# ifdef SSL_OP_NO_SSLv2 - | SSL_OP_NO_SSLv2 -# endif -# ifdef SSL_OP_NO_TICKET - | SSL_OP_NO_TICKET -# endif - ; -# ifdef SSL_OP_TLSEXT_PADDING - /* SSL_OP_TLSEXT_PADDING breaks compatibility with some sites */ - Srv_SSL_Options &= ~SSL_OP_TLSEXT_PADDING; - Clt_SSL_Options &= ~SSL_OP_TLSEXT_PADDING; -# endif /* SSL_OP_TLSEXT_PADDING */ -#endif /* STARTTLS */ if (DontLockReadFiles) sff |= SFF_NOLOCK; cf = safefopen(cfname, O_RDONLY, 0444, sff); _______________________________________________ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"