Bug 246259 - mail/sendmail add -D_FFR_TLS_SE_OPTS to files/site.config.m4.tls for FEATURE(`tls_session_features')
Summary: mail/sendmail add -D_FFR_TLS_SE_OPTS to files/site.config.m4.tls for FEATURE(...
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: --- Affects Only Me
Assignee: Dirk Meyer
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2020-05-06 15:35 UTC by ruben
Modified: 2020-05-10 11:37 UTC (History)
0 users

See Also:
dinoex: maintainer-feedback+

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description ruben 2020-05-06 15:35:57 UTC 
In the rapidly evolving Let's Encrypt the world it would be great to use 

FEATURE(`tls_session_features')

in Sendmail, so we have a higher granularity setting ssl options and ciphers for older clients/servers using FEATURE(`access_db') while keeping base settings strict

For that, files/site.config.m4.tls needs the following line

APPENDDEF(`conf_sendmail_ENVDEF', `-DSTARTTLS -D_FFR_TLS_EC')

To be changed into

APPENDDEF(`conf_sendmail_ENVDEF', `-DSTARTTLS -D_FFR_TLS_EC -D_FFR_TLS_SE_OPTS')

On a fbsd 12.1 system it will result in this functionality being available
Comment 1 Dirk Meyer freebsd_committer freebsd_triage 2020-05-06 23:57:03 UTC 
Thanks. patches in testing.
Comment 2 commit-hook freebsd_committer freebsd_triage 2020-05-10 11:34:20 UTC 
A commit references this bug:

Author: dinoex
Date: Sun May 10 11:33:40 UTC 2020
New revision: 534845
URL: https://svnweb.freebsd.org/changeset/ports/534845

Log:
  - enable _FFR_TLS_SE_OPTS
  246259
  PR:		246259
  Submitted by:	ruben@verweg.com

Changes:
  head/mail/sendmail/Makefile
  head/mail/sendmail/files/site.config.m4.tls
Comment 3 Dirk Meyer freebsd_committer freebsd_triage 2020-05-10 11:37:17 UTC 
Thanks. patches in testing.