247959 – sendmail SASL example in /usr/share/examples/etc/make.conf is out of date

Bug 247959 - sendmail SASL example in /usr/share/examples/etc/make.conf is out of date

Summary: sendmail SASL example in /usr/share/examples/etc/make.conf is out of date

Status:	Closed FIXED

Alias:	None

Product:	Base System
Classification:	Unclassified
Component:	misc (show other bugs)
Version:	11.3-STABLE
Hardware:	Any Any

Importance:	--- Affects Some People
Assignee:	Gregory Neil Shapiro

URL:
Keywords:

Depends on:
Blocks:

Reported:	2020-07-14 03:15 UTC by Scott Allendorf
Modified:	2020-08-11 17:54 UTC (History)
CC List:	3 users (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Scott Allendorf 2020-07-14 03:15:59 UTC

The lines in /usr/share/examples/etc/make.conf do not match those in the handbook.  Sendmail does not compile on 11-STABLE with these lines in /etc/make.conf if the security/openssl port is installed.

From /usr/share/examples/etc/make.conf:

        SENDMAIL_CFLAGS=-I/usr/local/include -DSASL=2
        SENDMAIL_LDFLAGS=-L/usr/local/lib
        SENDMAIL_LDADD=-lsasl2

From the handbook:

        SENDMAIL_CFLAGS=-I/usr/local/include/sasl -DSASL
        SENDMAIL_LDADD=/usr/local/lib/libsasl2.so

Sendmail does compile successfully when the lines from the handbook are used in /etc/make.conf.

Comment 1 commit-hook freebsd_committer

2020-08-01 04:58:12 UTC

A commit references this bug:

Author: gshapiro
Date: Sat Aug  1 04:57:31 UTC 2020
New revision: 363750
URL: https://svnweb.freebsd.org/changeset/base/363750

Log:
  Mirror recommendation from Handbook to avoid linking conflicts when
  pulling in SASL libraries.

  PR:		247959
  Reported by:	Scott Allendorf
  MFC after:	3 days

Changes:
  head/share/examples/etc/make.conf

Comment 2 Gregory Neil Shapiro freebsd_committer

2020-08-01 05:00:20 UTC

Thanks for the report.  The change will be MFC'ed to stable/11 and stable/12 in ~3 days.

Comment 3 Scott Allendorf 2020-08-01 08:05:31 UTC

On STABLE-11, the compile still fails with the SENDMAIL_CFLAGS from the revised make.conf.  I believe it needs to be changed as well.

Thanks,

Scott

Comment 4 Eugene Grosbein freebsd_committer

2020-08-01 09:21:56 UTC

(In reply to Scott Allendorf from comment #3)

Please show building log with errors.

Comment 5 Scott Allendorf 2020-08-01 19:13:01 UTC

root@sallendorf:/home/sca # grep SENDMAIL /etc/make.conf
SENDMAIL_MC=/etc/mail/local.mc
#SENDMAIL_CFLAGS=-I/usr/local/include/sasl -DSASL
SENDMAIL_CFLAGS=-I/usr/local/include -DSASL=2
SENDMAIL_LDADD=/usr/local/lib/libsasl2.so

Using the commented out line (from the handbook) in place of the new make.conf line does compile/link and work for client auth, but I have not tested server auth.

Here is the relevant (I hope) part of the build log.

==========
root@sallendorf:/usr/src/usr.sbin/sendmail # cd /usr/src/usr.sbin/sendmail
root@sallendorf:/usr/src/usr.sbin/sendmail # make cleandir && make obj
rm -f sm_os.h sendmail sendmail.full sendmail.debug alias.o arpadate.o bf.o collect.o conf.o control.o convtime.o daemon.o deliver.o domain.o envelope.o err.o headers.o macro.o main.o map.o mci.o milter.o mime.o parseaddr.o queue.o ratectrl.o readcf.o recipient.o savemail.o sasl.o sfsasl.o shmticklib.o sm_resolve.o srvrsmtp.o stab.o stats.o sysexits.o timers.o tlsh.o tls.o trace.o udb.o usersmtp.o util.o version.o mailq.1.gz newaliases.1.gz aliases.5.gz sendmail.8.gz mailq.1.cat.gz newaliases.1.cat.gz aliases.5.cat.gz sendmail.8.cat.gz
rm -f .depend .depend.* GPATH GRTAGS GSYMS GTAGS
/usr/obj/usr/src/usr.sbin/sendmail created for /usr/src/usr.sbin/sendmail
root@sallendorf:/usr/src/usr.sbin/sendmail # make
ln -sf /usr/src/contrib/sendmail/include/sm/os/sm_os_freebsd.h sm_os.h
echo sendmail.full: /usr/lib/libc.a  /usr/lib/libutil.a /usr/obj/usr/src/lib/libsm/libsm.a /usr/obj/usr/src/lib/libsmutil/libsmutil.a /usr/lib/libssl.a /usr/lib/libcrypto.a /usr/lib/libwrap.a >> .depend

...

cc -O2 -pipe -march=skylake  -I/usr/src/contrib/sendmail/src -I/usr/src/contrib/sendmail/include -I. -DNEWDB -DNIS -DMAP_REGEX -DDNSMAP -DNETINET6 -DSTARTTLS -DTLS_EC -DTCPWRAPPERS -I/usr/local/include -DSASL=2 -g -MD  -MF.depend.version.o -MTversion.o -std=gnu99 -fstack-protector-strong -Wno-pointer-sign -Wno-empty-body -Wno-string-plus-int -Wno-unused-const-variable -Wno-tautological-compare -Wno-unused-value -Wno-parentheses-equality -Wno-unused-function -Wno-enum-conversion -Wno-unused-local-typedef -Wno-address-of-packed-member -Wno-switch -Wno-switch-enum -Wno-knr-promoted-parameter -Wno-parentheses  -Qunused-arguments  -c /usr/src/contrib/sendmail/src/version.c -o version.o
cc -O2 -pipe -march=skylake -I/usr/src/contrib/sendmail/src -I/usr/src/contrib/sendmail/include -I. -DNEWDB -DNIS -DMAP_REGEX -DDNSMAP -DNETINET6 -DSTARTTLS -DTLS_EC -DTCPWRAPPERS -I/usr/local/include -DSASL=2 -g -std=gnu99 -fstack-protector-strong -Wno-pointer-sign -Wno-empty-body -Wno-string-plus-int -Wno-unused-const-variable -Wno-tautological-compare -Wno-unused-value -Wno-parentheses-equality -Wno-unused-function -Wno-enum-conversion -Wno-unused-local-typedef -Wno-address-of-packed-member -Wno-switch -Wno-switch-enum -Wno-knr-promoted-parameter -Wno-parentheses -Qunused-arguments   -o sendmail.full alias.o arpadate.o bf.o collect.o conf.o control.o convtime.o daemon.o deliver.o domain.o envelope.o err.o headers.o macro.o main.o map.o mci.o milter.o mime.o parseaddr.o queue.o ratectrl.o readcf.o recipient.o savemail.o sasl.o sfsasl.o shmticklib.o sm_resolve.o srvrsmtp.o stab.o stats.o sysexits.o timers.o tlsh.o tls.o trace.o udb.o usersmtp.o util.o version.o  /usr/local/lib/libsasl2.so  -lutil -L/usr/obj/usr/src/lib/libsm -L/usr/obj/usr/src/lib/libsm -lsm -L/usr/obj/usr/src/lib/libsmutil -lsmutil  -lssl  -lcrypto  -lwrap
main.o: In function `main':
/usr/src/contrib/sendmail/src/main.c:658: undefined reference to `OpenSSL_version_num'
readcf.o: In function `get_tls_se_options':
/usr/src/contrib/sendmail/src/readcf.c:2492: undefined reference to `SSL_set_options'
tls.o: In function `inittls':
/usr/src/contrib/sendmail/src/tls.c:1117: undefined reference to `TLS_server_method'
/usr/src/contrib/sendmail/src/tls.c:1118: undefined reference to `TLS_client_method'
/usr/src/contrib/sendmail/src/tls.c:1321: undefined reference to `OpenSSL_version_num'
tls.o: In function `sk_SSL_COMP_num':
/usr/local/include/openssl/ssl.h:959: undefined reference to `OPENSSL_sk_num'
tls.o: In function `inittls':
/usr/src/contrib/sendmail/src/tls.c:1329: undefined reference to `SSL_CTX_set_options'
/usr/src/contrib/sendmail/src/tls.c:(.text+0x1ab9): undefined reference to `DH_set0_pqg'
/usr/src/contrib/sendmail/src/tls.c:1431: undefined reference to `SSL_CTX_set_options'
/usr/src/contrib/sendmail/src/tls.c:1448: undefined reference to `SSL_CTX_set_options'
cc: error: linker command failed with exit code 1 (use -v to see invocation)
*** Error code 1

Stop.
make: stopped in /usr/src/usr.sbin/sendmail
root@sallendorf:/usr/src/usr.sbin/sendmail #
==========

Is the '-I /usr/local/include' allowing the compile to see the port openssl headers and hilarity ensues when it links against the system ssl libraries?

Please let me know if I can provide anything else.

Thanks for all of your FreeBSD efforts (and sendmail efforts too).

-Scott

Comment 6 Gregory Neil Shapiro freebsd_committer

2020-08-01 19:18:40 UTC

Yes, if you install your own OpenSSL in /usr/local add you add -I/usr/local/include, you'll get those header files but then without linking to the newer OpenSSL library in /usr/local/lib, you'll end up with the old one in /usr/lib which doesn't match the headers.

This is the same regardless of any base library that gets installed in /usr/local/ as well.

Comment 7 Gregory Neil Shapiro freebsd_committer

2020-08-11 17:54:15 UTC

Change MFC'ed to active stable branches (11 & 12)