This problem has been reported to the port maintainer. I have had "net/sendemail" installed on my systems for years and have usually never had a problem with it. Suddenly, one had appeared. I just updated some modules on my FreeBSD-8.3 STABLE system when this occurred. I might add that I am using "sendEmail" with SSL. I have the following modules installed: security/p5-IO-Socket-SSL -- version 1.80 security/p5-Net-SSLeay -- version 1.49 security/p5-Crypt-SSLeay -- Version 0.64 Error Message: <quote> Using the default of SSL_verify_mode of SSL_VERIFY_NONE for client is depreciated! Please set SSL_verify_mode to SSL_VERIFY_PEER together with SSL_ca_file|SSL_ca_path for verification. If you really don't want to verify the certificate and keep the connection open to Man-In-The-Middle attacks please set SSL_verify_mode explicitly to SSL_VERIFY_NONE in your application. ******************************************************************* at /usr/local/bin/sendEmail line 1906. </quote> The mail is sent however, so apparently this is a frivolous message. How-To-Repeat: Install "perl5/5.16.2" with the latest updated modules and then install "net/sendemail" with the "SSL" option checked. Then when using the program, use the SSL option.
Responsible Changed From-To: freebsd-bugs->freebsd-ports-bugs ports PR.
Responsible Changed From-To: freebsd-ports-bugs->itetcu Over to maintainer (via the GNATS Auto Assign Tool)
State Changed From-To: open->feedback Yes, the email is sent. Does your SMTP server use a self-signed certificate?
Yes, I am using Postfix with a self-signed certificate.
> > Yes, I am using Postfix with a self-signed certificate. > In which case the certificate is not "fully valid" and you get a warning, which seems the right thing to me. I'm reluctant to patch this locally (the easy way) by setting SSL_verify_mode => 0 since this would, by default, hide a potential man-in-the-middle attack. I guess this should be a command-line option (upsteam CC'ed). The other thing you mention I patched in the port some time ago a bit differently (at the time I fw'ed the commit log to the author): r298402 | itetcu | 2012-06-05 01:48:35 +0300 (Tue, 05 Jun 2012) | 14 lines Fix run-time breackage: - recent versions of p5-IO-Socket-SSL defaut to SSLv2, SSLv3 and TLSv1 support for initial protocol handshakes, with SSLv2 not be accepted, actually leaving only SSLv3 and TLSv1. So there's no need to set the SSL version explicitly when calling IO::Socket::SSL->start_SSL() anymore (and actually this way we're a bit more compatible with various server outhere). - bump PORTREVISION > m files/patch-sendEmail --- ./sendEmail.orig 2012-06-05 01:35:29.000000000 +0300 +++ ./sendEmail 2012-06-05 01:36:44.000000000 +0300 @@ -1903,7 +1903,7 @@ if ($conf{'tls_server'} == 1 and $conf{'tls_client'} == 1 and $opt{'tls'} =~ /^(yes|auto)$/) { printmsg("DEBUG => Starting TLS", 2); if (SMTPchat('STARTTLS')) { quit($conf{'error'}, 1); } - if (! IO::Socket::SSL->start_SSL($SERVER, SSL_version => 'SSLv3 TLSv1')) { + if (! IO::Socket::SSL->start_SSL($SERVER)) { quit("ERROR => TLS setup failed: " . IO::Socket::SSL::errstr(), 1); } printmsg("DEBUG => TLS: Using cipher: ". $SERVER->get_cipher(), 3); So I'll put the PR in a 'suspend' state waiting from comments from Caspian after he's back from vacation. -- IOnut - Un^d^dregistered ;) FreeBSD "user" "Intellectual Property" is nowhere near as valuable as "Intellect" FreeBSD committer -> itetcu@FreeBSD.org, PGP Key ID F0808380
State Changed From-To: feedback->suspended Suspend the PR waiting for feedback from upstream.
I know that this was suspended in Dec 2012, nearly a year ago. I was wondering if the problem was ever corrected and if so, why the PR was not closed? .
Maintainer reset.
Is this PR still relevant? Please provide "How-To-Repeat" example code, if so.
No reply since 2017-05-24. I think this could closed.
patch-sendEmail is in the port. Fixed!