From nobody Sun Jun 26 04:47:59 2022
X-Original-To: dev-commits-ports-main@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id F31BB871068;
	Sun, 26 Jun 2022 04:47:59 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4LVyz36V9rz3nBW;
	Sun, 26 Jun 2022 04:47:59 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1656218879;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=lDe+VI1Pz5RSqxaaswQTa97SuPrQCMBKBdXPM1NoRBw=;
	b=Fc4xWLqpZ1/dJzz9f3pi0y7yw4P0jv6gUyZtsGDRxf8dQcG7IazuYGsUBu+Jf+9jQK8ATc
	HNVkKH76NieQEBwe8Jr57t/yXWeSHz+AlBjkxQqtnSuKKqfSgu9kJUTW5RRvLGMu97qAPW
	m65TXbBaXBtMLIDia/48c76brDN0Xj4nrnvKHP+kC04r1vX4vGqdycnhx7bJs2oVYqYg91
	Ahdv4vrl9FSSXEu8wZxeqxBY/cluXEJbFrJAZostVyHYRUY2kRXW/3pAdukfHGBVTcCLwg
	M7LBcOdVgy8V6NvZvD8Sq2AIXP5IyaXsy9lgQTKS+npgXoh7ekGP/Gl9fDEjaQ==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id BEB6211CA3;
	Sun, 26 Jun 2022 04:47:59 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 25Q4lxU8087346;
	Sun, 26 Jun 2022 04:47:59 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 25Q4lxWx087345;
	Sun, 26 Jun 2022 04:47:59 GMT
	(envelope-from git)
Date: Sun, 26 Jun 2022 04:47:59 GMT
Message-Id: <202206260447.25Q4lxWx087345@gitrepo.freebsd.org>
To: ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org,
        dev-commits-ports-main@FreeBSD.org
From: Dirk Meyer <dinoex@FreeBSD.org>
Subject: git: 34d292c4a6a6 - main - mail/sendmail-devel: New options MTA-STS TLS_CERT_CHAIN
List-Id: Commits to the main branch of the FreeBSD ports repository <dev-commits-ports-main.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-ports-main
List-Help: <mailto:dev-commits-ports-main+help@freebsd.org>
List-Post: <mailto:dev-commits-ports-main@freebsd.org>
List-Subscribe: <mailto:dev-commits-ports-main+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-ports-main+unsubscribe@freebsd.org>
Sender: owner-dev-commits-ports-main@freebsd.org
X-BeenThere: dev-commits-ports-main@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: dinoex
X-Git-Repository: ports
X-Git-Refname: refs/heads/main
X-Git-Reftype: branch
X-Git-Commit: 34d292c4a6a6d5d0d57e1a38a5f16d2030fd9cb3
Auto-Submitted: auto-generated
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1656218879;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=lDe+VI1Pz5RSqxaaswQTa97SuPrQCMBKBdXPM1NoRBw=;
	b=I4oKZPLeW92yAP0JkKtf+1CZ2AM1+EL6IPoK1Rsf3QHeEzlHzIE4dfAIxvlO7jYjqO1B8A
	ORPOnbRSlwCqsCAcKUQ2lBpRMo1g/JjSV2E0bkH0C6fq2SUW4r5VFtmKfNRqMULHFIbKKw
	FemXp3Z2huT+1i7Uk//2NH5DxraZO9V95xg1J76RZdYqXNG8fqFj/dOBsgcybqJJxq5M9C
	xLTQ/dFFEOqEp0a9xYX4XZgVgKtbRsRfliYGaR3DZM0e4C3zGJJ6MXPN9lahNGs0nxtMoq
	2TjnnzUBomcCo3E4r54g5kbrIxr2lXlHV4Lja6VYhD9/qpnU4chrWOfiMplo3w==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1656218879; a=rsa-sha256; cv=none;
	b=y42B0X/kaw4xtwFeoancVMMGrapJLmlByLr3XRh4TviSJiwpTZFDxZJ6KteIGx9uHYQ5iV
	bikdyg7xZp6iQSm8Li4dHt8WuTRBFNF3gV2qbk+igMdUIc4O0qWxquqRlSsOp7JFhAsm2t
	Ohl3FdHTwtTnYsR5ZnVikUTmeAhTKbN4J5CDf9CIVQWgINjfWgF7EmQ3qzRRokYLJM0iGo
	nmCYx2R0VQOzQ1AbeBYp4AynlILpXxHPtQ5UgnUUgU9hcGbuntj8FFtDfK3WFyesXbectO
	i09JuRJjoSHq2pF9noCvBNLcEZascfpRaSsm7QaEaHUl1CLLMTn6IGoktaZKRA==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
X-ThisMailContainsUnwantedMimeParts: N

The branch main has been updated by dinoex:

URL: https://cgit.FreeBSD.org/ports/commit/?id=34d292c4a6a6d5d0d57e1a38a5f16d2030fd9cb3

commit 34d292c4a6a6d5d0d57e1a38a5f16d2030fd9cb3
Author:     Dirk Meyer <dinoex@FreeBSD.org>
AuthorDate: 2022-06-26 04:47:42 +0000
Commit:     Dirk Meyer <dinoex@FreeBSD.org>
CommitDate: 2022-06-26 04:47:42 +0000

    mail/sendmail-devel: New options MTA-STS TLS_CERT_CHAIN
---
 mail/sendmail-devel/Makefile                          | 19 +++++++++++++------
 mail/sendmail-devel/files/patch-cfsts.m4              |  9 +++++++++
 mail/sendmail-devel/files/site.config.m4.mta-sts      |  1 +
 mail/sendmail-devel/files/site.config.m4.tls          |  4 +++-
 .../files/site.config.m4.tls-cert-chain               |  1 +
 5 files changed, 27 insertions(+), 7 deletions(-)

diff --git a/mail/sendmail-devel/Makefile b/mail/sendmail-devel/Makefile
index 23d3569a122a..4118f7e0cd06 100644
--- a/mail/sendmail-devel/Makefile
+++ b/mail/sendmail-devel/Makefile
@@ -1,6 +1,6 @@
 PORTNAME=	sendmail
 PORTVERSION=	8.17.1.9
-PORTREVISION=	1
+PORTREVISION=	2
 CATEGORIES=	mail
 MASTER_SITES=	ftp://ftp.sendmail.org/pub/sendmail/snapshots/
 PKGNAMESUFFIX?=	-devel${PKGNAMESUFFIX2}
@@ -47,7 +47,7 @@ MILTER_SOVER?=	6
 
 OPTIONS_DEFINE?=	SHMEM SEM LA NIS IPV6 TLS DANE SASL SASLAUTHD LDAP \
 			BDB GDBM SOCKETMAP CYRUSLOOKUP BLACKLISTD SMTPUTF8 \
-			PICKY_HELO_CHECK MILTER DOCS
+			PICKY_HELO_CHECK MILTER MTA_STS TLS_CERT_CHAIN DOCS
 OPTIONS_DEFAULT?=	SHMEM SEM LA NIS TLS DANE SASL SASLAUTHD BDB1 \
 			BLACKLISTD PICKY_HELO_CHECK MILTER
 NO_OPTIONS_SORT=yes
@@ -64,6 +64,8 @@ CYRUSLOOKUP_DESC=	Enable cyruslookup feature
 PICKY_HELO_CHECK_DESC=	Enable picky HELO check
 MILTER_DESC=		Enable milter support
 SMTPUTF8_DESC=		Enable unicode address support
+MTA_STS_DESC=		Enable MTA-STS support (option SOCKETMAP and TLS needed)
+TLS_CERT_CHAIN_DESC=	Enable certificate chain file support (incompatibility)
 
 TLS_USES=	ssl
 SASL_LIB_DEPENDS=	libsasl2.so:security/cyrus-sasl2
@@ -74,7 +76,10 @@ LDAP_IMPLIES=	DANE
 BDB_USES=	bdb
 GDBM_LIB_DEPENDS=	libgdbm.so:databases/gdbm
 GDBM_CONFIGURE_WITH=	compat
+CYRUSLOOKUP_IMPLIES=	SOCKETMAP
 SMTPUTF8_LIB_DEPENDS=	libidn2.so:dns/libidn2 libicui18n.so:devel/icu
+MTA_STS_IMPLIES=	SOCKETMAP TLS
+TLS_CERT_CHAIN_IMPLIES=	TLS
 
 .include <bsd.port.options.mk>
 
@@ -98,12 +103,8 @@ SASL_SUFFIX?=	+sasl2
 CONFLICTS+=	sendmail-ldap-8.* sendmail-tls-8.*
 .endif
 .if ${PORT_OPTIONS:MCYRUSLOOKUP}
-.if ! ${PORT_OPTIONS:MSOCKETMAP}
-IGNORE=		option CYRUSLOOKUP requires option SOCKETMAP
-.else
 EXTRA_PATCHES+=	${FILESDIR}/cyruslookup.patch
 .endif
-.endif
 .if ${PORT_OPTIONS:MTLS}
 TLS_SUFFIX?=	+tls
 CONFLICTS+=	sendmail-ldap-8.* sendmail-sasl2-8.*
@@ -147,6 +148,9 @@ SITE+=	${FILESDIR}/site.config.m4.milter
 LICENSE_PERMS=	dist-mirror dist-sell no-pkg-mirror no-pkg-sell auto-accept
 SITE+=	${FILESDIR}/site.config.m4.gdbm
 .endif
+.if ${PORT_OPTIONS:MMTA_STS}
+SITE+=	${FILESDIR}/site.config.m4.mta-sts
+.endif
 
 SED_SCRIPT=	-e "s|\`-O'|\`${CFLAGS}'|" \
 		-e 's|%%CC%%|${CC}|' -e 's|%%LD%%|${LD}|'
@@ -345,6 +349,9 @@ help:
 SITE+=	${FILESDIR}/site.config.m4.ssl
 .endif
 SITE+=	${FILESDIR}/site.config.m4.tls
+.if ${PORT_OPTIONS:MTLS_CERT_CHAIN}
+SITE+=	${FILESDIR}/site.config.m4.tls-cert-chain
+.endif
 .endif
 
 .if exists(${FILESDIR}/site.config.m4.local)
diff --git a/mail/sendmail-devel/files/patch-cfsts.m4 b/mail/sendmail-devel/files/patch-cfsts.m4
new file mode 100644
index 000000000000..d72176c43a21
--- /dev/null
+++ b/mail/sendmail-devel/files/patch-cfsts.m4
@@ -0,0 +1,9 @@
+--- cf/feature/sts.m4.orig	2021-06-08 04:03:56.000000000 +0900
++++ cf/feature/sts.m4	2022-02-24 21:30:48.072162000 +0900
+@@ -15,5 +15,5 @@
+ LOCAL_CONFIG
+ O StrictTransportSecurity=true
+ ifelse(_ARG2_,`NO_SAN_TST',`',`O SetCertAltnames=true')
+-Ksts ifelse(defn(`_ARG_'), `', socket -d5 -T<TMPF> inet:5461@127.0.0.1,
++Ksts ifelse(defn(`_ARG_'), `', socket -d5 -T<TMPF> inet:8461@127.0.0.1,
+ 	       defn(`_NARG_'), `', `_ARG_', `_NARG_')
diff --git a/mail/sendmail-devel/files/site.config.m4.mta-sts b/mail/sendmail-devel/files/site.config.m4.mta-sts
new file mode 100644
index 000000000000..27167096539d
--- /dev/null
+++ b/mail/sendmail-devel/files/site.config.m4.mta-sts
@@ -0,0 +1 @@
+APPENDDEF(`conf_sendmail_ENVDEF', `-D_FFR_MTA_STS')
diff --git a/mail/sendmail-devel/files/site.config.m4.tls b/mail/sendmail-devel/files/site.config.m4.tls
index ec8a57bdbee1..e0471b3b3ff1 100644
--- a/mail/sendmail-devel/files/site.config.m4.tls
+++ b/mail/sendmail-devel/files/site.config.m4.tls
@@ -1,2 +1,4 @@
-APPENDDEF(`conf_sendmail_ENVDEF', `-DSTARTTLS -DTLS_EC')
+APPENDDEF(`conf_sendmail_ENVDEF', `-DSTARTTLS -DTLS_EC=1')
+APPENDDEF(`conf_sendmail_ENVDEF', `-D_FFR_TLS_ALTNAMES')
+APPENDDEF(`conf_sendmail_ENVDEF', `-D_FFR_VRFY_TRUSTED_FIRST')
 APPENDDEF(`conf_sendmail_LIBS', `-lssl -lcrypto')
diff --git a/mail/sendmail-devel/files/site.config.m4.tls-cert-chain b/mail/sendmail-devel/files/site.config.m4.tls-cert-chain
new file mode 100644
index 000000000000..c65889272804
--- /dev/null
+++ b/mail/sendmail-devel/files/site.config.m4.tls-cert-chain
@@ -0,0 +1 @@
+APPENDDEF(`conf_sendmail_ENVDEF', `-D_FFR_TLS_USE_CERTIFICATE_CHAIN_FILE')