Bug 242729 - mail/openwebmail generates lots of perl errors; some prevent it from working
Summary: mail/openwebmail generates lots of perl errors; some prevent it from working
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: --- Affects Many People
Assignee: Chris Rees
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2019-12-19 16:10 UTC by William F. Dudley Jr.
Modified: 2021-02-01 12:46 UTC (History)
2 users (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description William F. Dudley Jr. 2019-12-19 16:10:01 UTC 
openwebmail generates the following errors and warnings.  The first one (the error) prevents replying to an email:

.openwebmail-send.pl: Can't use an undefined value as a HASH reference at /usr/local/www/cgi-bin/openwebmail/.openwebmail-send.pl line 534.: /usr/local/www/cgi-bin/openwebmail/openwebmail-send.pl

I "fixed" this by making this change:

6,8d5
< $CGI::LIST_CONTEXT_WARN = 0;
< use File::Basename;
< use lib dirname (__FILE__);
537c534
<             if ( defined {$message{attachment}[1]} &&
---
>             if ( %{$message{attachment}[1]} &&

(I cribbed this fix from the similar fix done to .openwebmail-read.pl)


ALL of the .openwebmail*.pl files generate the following warning:

.openwebmail-main.pl: CGI::param called in list context from /usr/local/www/cgi-bin/openwebmail/.openwebmail-main.pl line 80, this can lead to vulnerabilities. See the warning in "Fetching the value or values of a single named parameter" at /usr/local/lib/perl5/site_perl/CGI.pm line 412.

.openwebmail.pl: CGI::param called in list context from /usr/local/www/cgi-bin/openwebmail/.openwebmail.pl line 569, this can lead to vulnerabilities. See the warning in "Fetching the value or values of a single named parameter" at /usr/local/lib/perl5/site_perl/CGI.pm line 412.: /usr/local/www/cgi-bin/openwebmail/openwebmail.pl, referer: https://mail.casano.com/cgi-bin/openwebmail/openwebmail.pl

etc. etc.

The fix for the warning is to add this fragment to each of the .openwebmail*.pl files somewhere near the top:

$CGI::LIST_CONTEXT_WARN = 0;

I also add these as a matter of course:

use File::Basename;
use lib dirname (__FILE__);

So that "use" of any local files will still work.
Comment 1 Chris Rees freebsd_committer freebsd_triage 2020-11-08 13:28:41 UTC 
Sorry I didn't get back to you on this.

To be honest, openwebmail hasn't had any development in fourteen years (see below).  I'm tempted to kill this port off unless anyone fancies fixing all of those instances- it's easy to do, but there are several other webmails that are just so much better now (e.g. roundcube) that I think we should probably just move on.

https://openwebmail.org/openwebmail/doc/changes.txt
Comment 2 commit-hook freebsd_committer freebsd_triage 2020-11-08 13:33:29 UTC 
A commit references this bug:

Author: crees
Date: Sun Nov  8 13:33:04 UTC 2020
New revision: 554462
URL: https://svnweb.freebsd.org/changeset/ports/554462

Log:
  This software is unfortunately no longer developed

  It throws warnings because its syntax is dated, and there are several
  alternatives.  Most other distributions no longer include openwebmail.

  Try mail/roundcube instead for a modern and high-quality experience.

  PR:		ports/242729

Changes:
  head/mail/openwebmail/Makefile
Comment 3 Rene Ladan freebsd_committer freebsd_triage 2021-02-01 12:46:22 UTC 
Expired port removed as suggested earlier.