[Bug 263287] mail/sendmail: 8.17.1_2 -> 8.17.1_3 upgrade breaks SMTP AUTH

Go to: [ bottom of page ] [ top of archives ] [ this month ]
From: <bugzilla-noreply_at_freebsd.org>
Date: Thu, 14 Apr 2022 23:30:00 UTC
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=263287

            Bug ID: 263287
           Summary: mail/sendmail: 8.17.1_2 -> 8.17.1_3 upgrade breaks
                    SMTP AUTH
           Product: Ports & Packages
           Version: Latest
          Hardware: amd64
                OS: Any
            Status: New
          Severity: Affects Only Me
          Priority: ---
         Component: Individual Port(s)
          Assignee: dinoex@FreeBSD.org
          Reporter: gcr@tharned.org
          Assignee: dinoex@FreeBSD.org
             Flags: maintainer-feedback?(dinoex@FreeBSD.org)

Subject upgrade via the "latest" pkg repo breaks SMTP AUTH for me on two
different systems. Testing indicates that sendmail no longer offers AUTH after
the upgrade:

Before upgrade:
$ openssl s_client -brief -connect example.org:465
CONNECTION ESTABLISHED
Protocol version: TLSv1.3
Ciphersuite: TLS_AES_256_GCM_SHA384
Requested Signature Algorithms:
ECDSA+SHA256:ECDSA+SHA384:ECDSA+SHA512:Ed25519:Ed448:RSA-PSS+SHA256:RSA-PSS+SHA384:RSA-PSS+SHA512:RSA-PSS+SHA256:RSA-PSS+SHA384:RSA-PSS+SHA512:RSA+SHA256:RSA+SHA384:RSA+SHA512:ECDSA+SHA224:ECDSA+SHA1:RSA+SHA224:RSA+SHA1
Peer certificate: CN = example.org
Hash used: SHA384
Signature type: ECDSA
Verification: OK
Server Temp Key: ECDH, P-256, 256 bits
220 example.org ESMTP Sendmail 8.17.1/8.17.1; Thu, 14 Apr 2022 17:00:48 -0500
(CDT)
ehlo localhost
250-example.org Hello [IPv6:xxxx:xxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx], pleased to
meet you
250-ENHANCEDSTATUSCODES
250-PIPELINING
250-8BITMIME
250-SIZE
250-DSN
250-AUTH LOGIN PLAIN
250-DELIVERBY
250 HELP
quit
221 2.0.0 example.org closing connection

After upgrade:
$ openssl s_client -brief -connect example.org:465
CONNECTION ESTABLISHED
Protocol version: TLSv1.3
Ciphersuite: TLS_AES_256_GCM_SHA384
Requested Signature Algorithms:
ECDSA+SHA256:ECDSA+SHA384:ECDSA+SHA512:Ed25519:Ed448:RSA-PSS+SHA256:RSA-PSS+SHA384:RSA-PSS+SHA512:RSA-PSS+SHA256:RSA-PSS+SHA384:RSA-PSS+SHA512:RSA+SHA256:RSA+SHA384:RSA+SHA512:ECDSA+SHA224:ECDSA+SHA1:RSA+SHA224:RSA+SHA1
Peer certificate: CN = example.org
Hash used: SHA384
Signature type: ECDSA
Verification: OK
Server Temp Key: ECDH, P-256, 256 bits
220 example.org ESMTP Sendmail 8.17.1/8.17.1; Thu, 14 Apr 2022 17:58:46 -0500
(CDT)
ehlo localhost
250-example.org Hello [IPv6:xxxx:xxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx], pleased to
meet you
250-ENHANCEDSTATUSCODES
250-PIPELINING
250-8BITMIME
250-SIZE
250-DSN
250-DELIVERBY
250 HELP
quit
221 2.0.0 example.org closing connection

Note the conspicuous absence of '250-AUTH LOGIN PLAIN' after the upgrade. No
configurations were touched. Restoring the /usr/local/sbin/sendmail executable
from a recent snapshot resolves the problem. Bug #262654 appears to be the the
commit that introduced the problem.

-- 
You are receiving this mail because:
You are the assignee for the bug.