Bug 232134 - mail/pop3proxy: Fix build with OpenSSL 1.1.x
Summary: mail/pop3proxy: Fix build with OpenSSL 1.1.x
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: --- Affects Some People
Assignee: Tobias Kortkamp
URL:
Keywords: needs-qa
Depends on:
Blocks: 231931
  Show dependency treegraph
 
Reported: 2018-10-09 22:48 UTC by Nathan
Modified: 2019-01-29 17:49 UTC (History)
1 user (show)

See Also:


Attachments
Fix OpenSSL 1.1.x build (1.23 KB, patch)
2018-10-09 22:48 UTC, Nathan
ndowens04: maintainer-approval+
Details | Diff
Fix openssl (4.65 KB, patch)
2018-10-11 04:49 UTC, Nathan
no flags Details | Diff
pop3proxy-fix-build-with-openssl111.patch (4.05 KB, patch)
2018-12-18 21:36 UTC, Kai Knoblich
kai: maintainer-approval+
Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Nathan 2018-10-09 22:48:13 UTC
Created attachment 197984 [details]
Fix OpenSSL 1.1.x build

mail/pop3proxy: Fix OpenSSL build
 
 PR:             231931
 Submitted by:   Nathan <ndowens@yahoo.com>
 Approved by:    portmgr (unmaintained port)
Comment 1 Antoine Brodin freebsd_committer freebsd_triage 2018-10-10 06:08:09 UTC
This doesn't look good, EVP_DigestInit is used on uninitialized memory.
Comment 2 Nathan 2018-10-10 06:10:13 UTC
(In reply to Antoine Brodin from comment #1)
I don’t understand as I haven’t changed that part of the code
Comment 3 Antoine Brodin freebsd_committer freebsd_triage 2018-10-10 08:22:45 UTC
You changed mdctx from EVP_MD_CTX to an unallocated pointer to EVP_MD_CTX
Comment 4 Nathan 2018-10-10 10:04:37 UTC
EVP_DigestInit() behaves in the same way as EVP_DigestInit_ex() except the passed context ctx does not have to be initialized, and it always uses the default digest implementation

As long as I’m not misunderstanding it seems digest init  doesn’t have to be initialized
Comment 5 Antoine Brodin freebsd_committer freebsd_triage 2018-10-10 18:04:23 UTC
:-/

The port will crash at runtime.
Comment 6 Steve Wills freebsd_committer freebsd_triage 2018-10-11 02:26:45 UTC
(In reply to Antoine Brodin from comment #5)
It does look that way, has any run time testing been done?
Comment 7 Nathan 2018-10-11 02:45:13 UTC
Sorry guys I’m no programmer. I’m still figuring out some of things and trying to be of use
Comment 8 Nathan 2018-10-11 04:49:04 UTC
Created attachment 198028 [details]
Fix openssl

I think i understand now. i hope this patch looks good. This kind of stuff is new to me.
Comment 9 Nathan 2018-10-11 04:56:44 UTC
I tried running it but I get service error with or without patch as I’m not sure exactly how this port works
Comment 10 Kubilay Kocak freebsd_committer freebsd_triage 2018-12-18 08:23:56 UTC
Unless this port is no longer failing to build, it should remain open.
Comment 11 Kai Knoblich freebsd_committer freebsd_triage 2018-12-18 21:36:51 UTC
Created attachment 200241 [details]
pop3proxy-fix-build-with-openssl111.patch

This is another try to fix the build with OpenSSL 1.11+. The patch also does following items:

- fix the wrong default location for the configuration file which prevented the start via rc script (was "/docsis/etc/pop3proxyd.conf", now: $PREFIX/etc/pop3proxyd.conf"). This resided probably a very long time in the port.

- pet portlint a bit (not all items were covered, see further below for a reason)

- fix the installation of the configuration files which were installed with the execute bit set

- improve pkg-descr a bit to inform about pop3proxy's origin

Because mail/pop3proxy is derived from an earlier version of mail/up-imapproxy the SSL patch was taken from there with some small modifications. I assume the origin of the patch would be still Debian in that case.

I also went through the code and did some runtime tests after the issue with the wrong configuration path was fixed. Interestingly pop3proxy doesn't seem to support and initiate any SSL/TLS connections, it only worked properly when the traffic was unencrypted.

Given those facts the port isn't really useful for actual use-cases because there are more modern and secure solutions to setup a POP3 proxy if required.


QA:
~~~
poudriere (11.2-, 12.-RELEASE, 13.0-CURRENT@r341993 amd64 + i386) -> OK
portlint -> OK (with some warnings)
Comment 12 commit-hook freebsd_committer freebsd_triage 2019-01-28 19:25:15 UTC
A commit references this bug:

Author: tobik
Date: Mon Jan 28 19:24:52 UTC 2019
New revision: 491513
URL: https://svnweb.freebsd.org/changeset/ports/491513

Log:
  mail/pop3proxy: Fix build with OpenSSL 1.1.1

  - Add license
  - Fix config file location
  - Reorder some things to pet portlint
  - Mark it deprecated too as it appears to have no upstream anymore
    and only works properly with unencrypted traffic

  PR:		232134
  Submitted by:	freebsd_ports@k-worx.org
  MFH:		2019Q1

Changes:
  head/mail/pop3proxy/Makefile
  head/mail/pop3proxy/files/patch-Makefile.in
  head/mail/pop3proxy/files/patch-src_imapcommon.c
  head/mail/pop3proxy/pkg-descr
Comment 13 commit-hook freebsd_committer freebsd_triage 2019-01-29 17:49:48 UTC
A commit references this bug:

Author: tobik
Date: Tue Jan 29 17:49:13 UTC 2019
New revision: 491589
URL: https://svnweb.freebsd.org/changeset/ports/491589

Log:
  MFH: r491513

  mail/pop3proxy: Fix build with OpenSSL 1.1.1

  - Add license
  - Fix config file location
  - Reorder some things to pet portlint
  - Mark it deprecated too as it appears to have no upstream anymore
    and only works properly with unencrypted traffic

  PR:		232134
  Submitted by:	freebsd_ports@k-worx.org

  Approved by:	ports-secteam (miwi)

Changes:
_U  branches/2019Q1/
  branches/2019Q1/mail/pop3proxy/Makefile
  branches/2019Q1/mail/pop3proxy/files/patch-Makefile.in
  branches/2019Q1/mail/pop3proxy/files/patch-src_imapcommon.c
  branches/2019Q1/mail/pop3proxy/pkg-descr