sendmail patches from upstream

To: jnemeth%cue.bc.ca@localhost (John Nemeth)
Subject: sendmail patches from upstream
From: manu%netbsd.org@localhost (Emmanuel Dreyfus)
Date: Sun, 2 Feb 2014 15:24:02 +0100

Hi

I would like to have two patches from upstream available in pkgsrc. The
pkgsrc change is here:
http://ftp.espci.fr/shadow/manu/sendmail.patch

We have the ffr_tls_ec option to enable ECDH, which I already proposed
before. This helps a lot of clients negociating with PFS enabled. 

I recall we talk about enabling it uncondtionnaly with ffr_tls_1. I can
do that if it is confirmed to be the way to go. But please note it
changes the default behavior, as OpenSSL sets a high priority by default
on ECDH ciphers, which tend to be picked first if they are available.
They can be disabled with an appropriate O CipherList setting in
sendmail.cf, though.

Next, we have the getpwnam patch, which fixes a long standing bug in
sendmail, where an unreachable LDAP directory can cause a mail to be
rejected just like if there was aun unknown sender.

-- 
Emmanuel Dreyfus
http://hcpnet.free.fr/pubz
manu%netbsd.org@localhost

Follow-Ups:
- Re: sendmail patches from upstream
  - From: John Nemeth

Prev by Date: graphics/graphviz parser error
Next by Date: Re: sendmail patches from upstream
Previous by Thread: graphics/graphviz parser error
Next by Thread: Re: sendmail patches from upstream
Indexes:

Home | Main Index | Thread Index | Old Index