Recently fetchmail shows warnings like below when it accesses to gmail. fetchmail: Server certificate verification error: self signed certificate fetchmail: Missing trust anchor certificate: /OU=No SNI provided; please fix your client./CN=invalid2.invalid fetchmail: This could mean that the root CA's signing certificate is not in the trusted CA certificate location, or that c_rehash needs to be run on the certificate directory. For details, please see the documentation of --sslcertpath and --sslcertfile in the manual page. fetchmail: Warning: the connection is insecure, continuing anyways. (Better use --sslcertck!) The problem is fixed at upper stream on github below. https://gitlab.com/fetchmail/fetchmail/commit/9b8b634312f169fab872f3580c2febe5af031615
Created attachment 199373 [details] patch-fetchmail-sni I've created a patch to apply SNI fixes to the port.
Take, waiting for maintainer approval.
Comment on attachment 199373 [details] patch-fetchmail-sni Looks good to me, passes 'poudriere testport' on 11.2/amd64 both with OpenSSL from base and ports. I approve the patch. Thank you!
A commit references this bug: Author: meta Date: Thu Nov 22 01:52:40 UTC 2018 New revision: 485579 URL: https://svnweb.freebsd.org/changeset/ports/485579 Log: mail/fetchmail: backport SNI support from upstream This affects some servers such as Gmail. See also bugs on Linux distributions. * https://bugzilla.redhat.com/show_bug.cgi?id=1611815 * https://bugs.launchpad.net/ubuntu/+source/fetchmail/+bug/1798786 PR: 233078 Submitted by: fuyuhiko.maruyama@gmail.com Approved by: Corey Halpin <chalpin@cs.wisc.edu> (maintainer), mentors (implicit) Obtained from: https://gitlab.com/fetchmail/fetchmail/commit/9b8b634312f169fab872f3580c2febe5af031615 MFH: 2018Q4 Changes: head/mail/fetchmail/Makefile head/mail/fetchmail/distinfo
I'm not sure how to put multiple URLs URL field, sorry for the noise.
A commit references this bug: Author: meta Date: Thu Nov 22 04:43:52 UTC 2018 New revision: 485581 URL: https://svnweb.freebsd.org/changeset/ports/485581 Log: MFH: r485579 mail/fetchmail: backport SNI support from upstream This affects some servers such as Gmail. See also bugs on Linux distributions. * https://bugzilla.redhat.com/show_bug.cgi?id=1611815 * https://bugs.launchpad.net/ubuntu/+source/fetchmail/+bug/1798786 PR: 233078 Submitted by: fuyuhiko.maruyama@gmail.com Approved by: Corey Halpin <chalpin@cs.wisc.edu> (maintainer), mentors (implicit) Obtained from: https://gitlab.com/fetchmail/fetchmail/commit/9b8b634312f169fab872f3580c2febe5af031615 Approved by: portmgr (miwi) Changes: _U branches/2018Q4/ branches/2018Q4/mail/fetchmail/Makefile branches/2018Q4/mail/fetchmail/distinfo
Applied to head and quarterly, thanks!