Bug 250383

Summary: mail/sendmail: broken LDAP protocol support
Product: Ports & Packages Reporter: masamory7
Component: Individual Port(s)Assignee: Dirk Meyer <dinoex>
Status: Closed FIXED    
Severity: Affects Only Me Flags: dinoex: maintainer-feedback+
Priority: ---    
Version: Latest   
Hardware: Any   
OS: Any   

Description masamory7 2020-10-16 00:43:26 UTC
"DANE protocol support" breaks LDAP protocol support.
Comment 1 Dirk Meyer freebsd_committer 2020-10-16 18:46:14 UTC
I am unable to reproduce your problem

builds fine with:

# This file is auto-generated by 'make config'.
# Options for sendmail-ldap-8.16.1_1
_OPTIONS_READ=sendmail-ldap-8.16.1_1
_FILE_COMPLETE_OPTIONS_LIST=SHMEM SEM LA NIS IPV6 TLS SASL SASLAUTHD LDAP BDB  GDBM SOCKETMAP CYRUSLOOKUP BLACKLISTD SMTPUTF8  PICKY_HELO_CHECK MILTER DOCS
OPTIONS_FILE_SET+=SHMEM
OPTIONS_FILE_SET+=SEM
OPTIONS_FILE_SET+=LA
OPTIONS_FILE_SET+=NIS
OPTIONS_FILE_SET+=IPV6
OPTIONS_FILE_SET+=TLS
OPTIONS_FILE_SET+=SASL
OPTIONS_FILE_SET+=SASLAUTHD
OPTIONS_FILE_SET+=LDAP
OPTIONS_FILE_UNSET+=BDB
OPTIONS_FILE_UNSET+=GDBM
OPTIONS_FILE_UNSET+=SOCKETMAP
OPTIONS_FILE_UNSET+=CYRUSLOOKUP
OPTIONS_FILE_SET+=BLACKLISTD
OPTIONS_FILE_UNSET+=SMTPUTF8
OPTIONS_FILE_SET+=PICKY_HELO_CHECK
OPTIONS_FILE_SET+=MILTER
OPTIONS_FILE_SET+=DOCS
Comment 2 masamory7 2020-10-19 01:01:34 UTC
That's right. Building is successful.
Did you check that the LDAP Function works properly?

Oct 15 18:47:23 <mail.info> host sm-mta[1968]: NOQUEUE: connect from [IPv6:2001:****:****:2501:****:****:1000:e209]
Oct 15 18:47:23 <mail.info> host sm-mta[1968]: NOQUEUE: --- 451 4.3.5 ldap_init/ldap_bind failed to ldap://127.0.0.1 in map access: Invalid argument (hold)
Oct 15 18:47:23 <mail.crit> host sm-mta[1968]: NOQUEUE: SYSERR(root): ldap_init/ldap_bind failed to ldap://127.0.0.1 in map access: Invalid argument
Oct 15 18:47:23 <mail.info> host sm-mta[1968]: NOQUEUE: --- 451 4.3.0 Temporary system failure. Please try again later. (hold)
Oct 15 18:47:23 <mail.notice> host sm-mta[1968]: ruleset=check_relay, arg1=[IPv6:2001:****:****:2501:****:****:1000:e209], arg2=IPv6:2001:****:****:2501:****:****:1000:e209, relay=[IPv6:2001:****:****:2501:****:****:1000:e209], reject=451 4.3.0 Temporary system failure. Please try again later.
Oct 15 18:47:23 <mail.info> host sm-mta[1968]: AUTH: available mech=SCRAM-SHA-1 SCRAM-SHA-256 DIGEST-MD5 OTP CRAM-MD5 NTLM, allowed mech=LOGIN PLAIN
Oct 15 18:47:23 <mail.info> host sm-mta[1968]: 09F9lNdp001968: --- 220 ***.***.co.jp ESMTP Sendmail 8.16.1/8.16.1/cfver-20.08.20.73; Thu, 15 Oct 2020 18:47:23 +0900 (JST)
Oct 15 18:47:23 <mail.info> host sm-mta[1968]: 09F9lNdp001968: <-- EHLO ***
Oct 15 18:47:23 <mail.info> host sm-mta[1968]: 09F9lNdp001968: --- 250-***.***.co.jp Hello [IPv6:2001:****:****:2501:****:****:1000:e209], pleased to meet you
Oct 15 18:47:23 <mail.info> host sm-mta[1968]: 09F9lNdp001968: --- 250 ENHANCEDSTATUSCODES
Oct 15 18:47:23 <mail.info> host sm-mta[1968]: 09F9lNdp001968: <-- STARTTLS
Oct 15 18:47:23 <mail.info> host sm-mta[1968]: 09F9lNdp001968: --- 451 4.3.0 Temporary system failure. Please try again later.
Oct 15 18:47:29 <mail.info> host sm-mta[1968]: 09F9lNdp001968: Milter (amavisd-milter): quit filter
Oct 15 18:47:29 <mail.info> host sm-mta[1968]: 09F9lNdp001968: --- 421 4.4.1 ***.***.co.jp Lost input channel from [IPv6:2001:****:****:2501:****:****:1000:e209]
Oct 15 18:47:29 <mail.notice> host sm-mta[1968]: 09F9lNdp001968: lost input channel from [IPv6:2001:****:****:2501:****:****:1000:e209] to MSAv6 after starttls
Oct 15 18:47:29 <mail.info> host sm-mta[1968]: 09F9lNdp001968: Milter (amavisd-milter): quit filter

Of course, building with 8.16.1 does not cause any problems.
In the mc file:
define(`confLDAP_CLUSTER', `Servers')
define(`confLDAP_DEFAULT_SPEC', `-H "ldap://127.0.0.1" -b "dc=***,dc=***,dc=co,dc=jp" -d "cn=sendmail,dc=***,dc=***,dc=co,dc=jp" -l 5 -M simple -P /etc/mail/secret -s sub')
LDAPROUTE_DOMAIN(`***.***.co.jp')
FEATURE(`ldap_routing', `ldap -1 -T<TMPF> -v mailHost -k (&(objectClass=inetLocalMailRecipient)(mailLocalAddress=%0))', `ldap -1 -T<TMPF> -v mailRoutingAddress -k (&(objectClass=inetLocalMailRecipient)(mailLocalAddress=%0))')
define(`ALIAS_FILE', `/etc/mail/aliases,ldap:')
FEATURE(`access_db', `LDAP')
FEATURE(`virtusertable', `LDAP')
GENERICS_DOMAIN(`***.***.co.jp')
FEATURE(`genericstable', `LDAP')
Comment 3 commit-hook freebsd_committer 2020-10-19 11:57:19 UTC
A commit references this bug:

Author: dinoex
Date: Mon Oct 19 11:56:43 UTC 2020
New revision: 552735
URL: https://svnweb.freebsd.org/changeset/ports/552735

Log:
  - new option DANE
  - add PREVENTS for LDAP
  PR:		250383

Changes:
  head/mail/sendmail/Makefile
  head/mail/sendmail/files/site.config.m4.tls