Re: mimedefang with LDAP-enabled sendmail

2006-10-17 Thread Jonathan McKeown 
On Monday 16 October 2006 16:54, Jonathan McKeown wrote:
> On Sunday 15 October 2006 22:19, Jonathan McKeown wrote:
> > sendmail -d0.1 -bt  >
> > Version 8.13.6
> >  Compiled with: DNSMAP LDAPMAP LOG MAP_REGEX MATCHGECOS MILTER MIME7TO8
> > MIME8TO7 NAMED_BIND NETINET NETINET6 NETUNIX NEWDB NIS
> > PIPELINING SASLv2 SCANF STARTTLS TCPWRAPPERS USERDB
> > USE_LDAP_INIT XDEBUG
> >
> > When I try to build and install mail/mimedefang from ports (version is
> > 2.57), I get (modulo wrapping)
> >
> > cc -O2 -fno-strict-aliasing -pipe  -pthread -o mimedefang mimedefang.o
> > drop_privs_threaded.o utils.o rm_r.o syslog-fac.o /usr/lib/libmilter.a
> > -lpthread
> >
> > /usr/lib/libmilter.a(errstring.o)(.text+0xd6): In function `sm_errstring':
> > : undefined reference to `ldap_err2string'
>
> The undefined reference is apparently in libmilter.a and it seems (Google
> again) that the ldap_err2string symbol comes from the openldap library. Is
> it possible that the build of libmilter is not picking up libldap
> from /usr/local/lib?

OK, this seems to be the same problem that was reported in (at least) PR 
ports/95646  and PR 
ports/95647 (both ports which would not build with an LDAP-enabled core 
sendmail).

The solution proposed in ports/95646 was to make the various Sendmail LDAP 
options in /etc/make.conf invisible to libmilter.

This certainly works - it prevents a build of libmilter passing the LDAP flags 
through to libsm at this line in the build of /usr/src/lib/libmilter:

cc -O2 -fno-strict-aliasing -pipe  
-I/usr/src/lib/libmilter/../../contrib/sendmail/src 
-I/usr/src/lib/libmilter/../../contrib/sendmail/include -I. -DNOT_SENDMAIL 
-Dsm_snprintf=snprintf -D_THREAD_SAFE -DNETINET6 -I/usr/local/include 
-DSASL=2  -c /usr/src/lib/libmilter/../../contrib/sendmail/libsm/errstring.c

libsm/errstring.c refers to ldap_err2string in a conditional testing on 
LDAPMAP. ldap_err2string is declared in the #included /usr/local/lib/ldap.h. 
(I didn't search for where it's defined).

It looks as though the problem is less with ports, and more with a subtle 
breakage of the core sendmail when built with LDAP - specifically in building 
libsm/errstring.c as part of the libmilter build.

Is pretending that LDAPMAP is not set while compiling libmilter the right 
solution?

Should the necessary changes to /etc/make.conf be documented somewhere or even 
automated in some way?

I have spent five days trying to solve this. I have rewritten 
my /etc/make.conf as follows:

WANT_OPENLDAP_SASL=true
SENDMAIL_CFLAGS  = -I/usr/local/include -DSASL=2
SENDMAIL_LDFLAGS = -L/usr/local/lib
SENDMAIL_LDADD   = -lsasl2
.if ${.CURDIR} != /usr/src/lib/libmilter
SENDMAIL_CFLAGS  += -DLDAPMAP
SENDMAIL_LDADD   += -lldap -llber
.endif

This works but it Just Feels Wrong.

Jonathan
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: mimedefang with LDAP-enabled sendmail

2006-10-16 Thread Jonathan McKeown 
On Sunday 15 October 2006 22:19, Jonathan McKeown wrote:
> sendmail -d0.1 -bt 
> Version 8.13.6
>  Compiled with: DNSMAP LDAPMAP LOG MAP_REGEX MATCHGECOS MILTER MIME7TO8
> MIME8TO7 NAMED_BIND NETINET NETINET6 NETUNIX NEWDB NIS
> PIPELINING SASLv2 SCANF STARTTLS TCPWRAPPERS USERDB
> USE_LDAP_INIT XDEBUG
>
> When I try to build and install mail/mimedefang from ports (version is
> 2.57), I get (modulo wrapping)
>
> cc -O2 -fno-strict-aliasing -pipe  -pthread -o mimedefang mimedefang.o
> drop_privs_threaded.o utils.o rm_r.o syslog-fac.o /usr/lib/libmilter.a
> -lpthread
>
> /usr/lib/libmilter.a(errstring.o)(.text+0xd6): In function `sm_errstring':
> : undefined reference to `ldap_err2string'

The undefined reference is apparently in libmilter.a and it seems (Google 
again) that the ldap_err2string symbol comes from the openldap library. Is it 
possible that the build of libmilter is not picking up libldap 
from /usr/local/lib?

Jonathan
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

mimedefang with LDAP-enabled sendmail

2006-10-15 Thread Jonathan McKeown 
I'm hoping someone can point me in the right direction. I'm running 6.1 (the 
security branch) with a recently-updated ports tree (1 September).

I have modified /etc/make.conf to change the options for the system sendmail, 
by adding these lines:

SENDMAIL_CFLAGS = -I/usr/local/include -DSASL=2 -DLDAPMAP
SENDMAIL_LDFLAGS = -L/usr/local/lib
SENDMAIL_LDADD = -lsasl2 -lldap -llber

I have added the necessary ports and rebuilt world: when I run 
ldd /usr/libexec/sendmail/sendmail, I get
libutil.so.5 => /lib/libutil.so.5 (0x28107000)
libwrap.so.4 => /usr/lib/libwrap.so.4 (0x28113000)
libssl.so.4 => /usr/lib/libssl.so.4 (0x2811a000)
libcrypto.so.4 => /lib/libcrypto.so.4 (0x28148000)
libsasl2.so.2 => /usr/local/lib/libsasl2.so.2 (0x2823a000)
libldap-2.3.so.2 => /usr/local/lib/libldap-2.3.so.2 (0x2824f000)
liblber-2.3.so.2 => /usr/local/lib/liblber-2.3.so.2 (0x2827f000)
libc.so.6 => /lib/libc.so.6 (0x2828a000)

and sendmail -d0.1 -bt http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"