Attachment #200631 for bug #233247

View | Details | Raw Unified | Return to bug 233247
Collapse All | Expand All





PORTNAME=	fetchmail
PORTVERSION=	6.3.26
PORTREVISION=	9
CATEGORIES=	mail ipv6
MASTER_SITES=	SF/${PORTNAME}/branch_6.3/ \
		http://mandree.home.pages.de/${PORTNAME}/

PATCH_SITES=	https://gitlab.com/fetchmail/fetchmail/commit/:gitlab
PATCH_SITES+=   https://src.fedoraproject.org/rpms/fetchmail/raw/master/f/:fedora
PATCHFILES=	9b8b634.patch:-p1:gitlab  # SNI fix
PATCHFILES+=    fetchmail-6.3.26-ssl-backport.patch:-p1:fedora


MAINTAINER=	chalpin@cs.wisc.edu
COMMENT=	Batch mail retrieval utility for IMAP/POP3/ETRN/ODMR

Lines 1-5 Link Here

(-)fetchmail/distinfo (-1 / +3 lines)
1	TIMESTAMP = 1542709974	1	TIMESTAMP = 1546191531
2	SHA256 (fetchmail-6.3.26.tar.xz) = 79b4c54cdbaf02c1a9a691d9948fcb1a77a1591a813e904283a8b614b757e850	2	SHA256 (fetchmail-6.3.26.tar.xz) = 79b4c54cdbaf02c1a9a691d9948fcb1a77a1591a813e904283a8b614b757e850
3	SIZE (fetchmail-6.3.26.tar.xz) = 1283816	3	SIZE (fetchmail-6.3.26.tar.xz) = 1283816
4	SHA256 (9b8b634.patch) = b0a9f7e28e7e6a5a16669832ad7a7a7dca47b435ce446ef10bd0421deea4a848	4	SHA256 (9b8b634.patch) = b0a9f7e28e7e6a5a16669832ad7a7a7dca47b435ce446ef10bd0421deea4a848
5	SIZE (9b8b634.patch) = 1023	5	SIZE (9b8b634.patch) = 1023
		6	SHA256 (fetchmail-6.3.26-ssl-backport.patch) = a34b1a6becf731e2ef029a1c5ee3a82a7bbb1e2487b6f3be15bbb4e7dc8b500d
		7	SIZE (fetchmail-6.3.26-ssl-backport.patch) = 31596




--- fetchmail.c.orig	2018-12-30 11:43:19.032822000 -0600
+++ fetchmail.c	2018-12-30 12:51:55.552234000 -0600
@@ -50,6 +50,10 @@
 #include <arpa/nameser.h>
 #include <resolv.h>

 #ifndef ENETUNREACH
 #define ENETUNREACH   128       /* Interactive doesn't know this */
 #endif /* ENETUNREACH */
@@ -263,10 +267,10 @@
 #ifdef SSL_ENABLE
 	"+SSL"
 #endif
-#if HAVE_DECL_SSLV2_CLIENT_METHOD + 0 == 0
+#if (HAVE_DECL_SSLV2_CLIENT_METHOD + 0 == 0) && !defined(OPENSSL_NO_SSL2)
  	"-SSLv2"
 #endif
-#if HAVE_DECL_SSLV3_CLIENT_METHOD + 0 == 0
+#if (HAVE_DECL_SSLV3_CLIENT_METHOD + 0 == 0) && !defined(OPENSSL_NO_SSL3_METHOD)
  	"-SSLv3"
 #endif
 #ifdef OPIE_ENABLE
 	"+OPIE"
 #endif /* OPIE_ENABLE */




--- socket.c.orig	2018-12-30 11:43:19.042365000 -0600
+++ socket.c	2018-12-30 12:46:39.062201000 -0600
@@ -910,7 +910,7 @@
 	_ssl_context[sock] = NULL;
 	if(myproto) {
 		if(!strcasecmp("ssl2",myproto)) {

+#if (HAVE_DECL_SSLV2_CLIENT_METHOD + 0 > 0) && !defined(OPENSSL_NO_SSL2)
 			_ctx[sock] = SSL_CTX_new(SSLv2_client_method());
 #else
 			report(stderr, GT_("Your OpenSSL version does not support SSLv2.\n"));
@@ -918,7 +918,7 @@
 			return -1;
 #endif
 			avoid_ssl_versions &= ~SSL_OP_NO_SSLv2;
 		} else if(!strcasecmp("ssl3",myproto)) {
-#if HAVE_DECL_SSLV3_CLIENT_METHOD + 0 > 0
+#if (HAVE_DECL_SSLV3_CLIENT_METHOD + 0 > 0) && !defined(OPENSSL_NO_SSL3_METHOD)
 			_ctx[sock] = SSL_CTX_new(SSLv3_client_method());
 #else
 			report(stderr, GT_("Your OpenSSL version does not support SSLv3.\n"));
+			return -1;
+#endif
 		} else if(!strcasecmp("tls1",myproto)) {
 			_ctx[sock] = SSL_CTX_new(TLSv1_client_method());
 		} else if (!strcasecmp("ssl23",myproto)) {

Return to bug 233247

Lines 3-15 Link Here

(-)fetchmail/Makefile (-3 / +6 lines)
3		3
4	PORTNAME= fetchmail	4	PORTNAME= fetchmail
5	PORTVERSION= 6.3.26	5	PORTVERSION= 6.3.26
6	PORTREVISION= 8	6	PORTREVISION= 9
7	CATEGORIES= mail ipv6	7	CATEGORIES= mail ipv6
8	MASTER_SITES= SF/${PORTNAME}/branch_6.3/ \	8	MASTER_SITES= SF/${PORTNAME}/branch_6.3/ \
9	http://mandree.home.pages.de/${PORTNAME}/	9	http://mandree.home.pages.de/${PORTNAME}/
10		10
11	PATCH_SITES= https://gitlab.com/fetchmail/fetchmail/commit/	11	PATCH_SITES= https://gitlab.com/fetchmail/fetchmail/commit/:gitlab
12	PATCHFILES= 9b8b634.patch:-p1	12	PATCH_SITES+= https://src.fedoraproject.org/rpms/fetchmail/raw/master/f/:fedora
		13	PATCHFILES= 9b8b634.patch:-p1:gitlab # SNI fix
		14	PATCHFILES+= fetchmail-6.3.26-ssl-backport.patch:-p1:fedora
		15
13		16
14	MAINTAINER= chalpin@cs.wisc.edu	17	MAINTAINER= chalpin@cs.wisc.edu
15	COMMENT= Batch mail retrieval utility for IMAP/POP3/ETRN/ODMR	18	COMMENT= Batch mail retrieval utility for IMAP/POP3/ETRN/ODMR

Lines 1-5 Link Here

(-)fetchmail/files/patch-fetchmail.c (-11 / +11 lines)
1	--- fetchmail.c.orig 2013-04-23 20:00:45 UTC	1	--- fetchmail.c.orig 2018-12-30 11:43:19.032822000 -0600
2	+++ fetchmail.c	2	+++ fetchmail.c 2018-12-30 12:51:55.552234000 -0600
3	@@ -50,6 +50,10 @@	3	@@ -50,6 +50,10 @@
4	#include <arpa/nameser.h>	4	#include <arpa/nameser.h>
5	#include <resolv.h>	5	#include <resolv.h>
Lines 11-26 Link Here
11	#ifndef ENETUNREACH	11	#ifndef ENETUNREACH
12	#define ENETUNREACH 128 /* Interactive doesn't know this */	12	#define ENETUNREACH 128 /* Interactive doesn't know this */
13	#endif /* ENETUNREACH */	13	#endif /* ENETUNREACH */
14	@@ -263,6 +267,12 @@ int main(int argc, char **argv)	14	@@ -263,10 +267,10 @@
15	#ifdef SSL_ENABLE	15	#ifdef SSL_ENABLE
16	"+SSL"	16	"+SSL"
17	#endif	17	#endif
18	+#ifdef OPENSSL_NO_SSL2	18	-#if HAVE_DECL_SSLV2_CLIENT_METHOD + 0 == 0
19	+ "-SSLv2"	19	+#if (HAVE_DECL_SSLV2_CLIENT_METHOD + 0 == 0) && !defined(OPENSSL_NO_SSL2)
20	+#endif	20	"-SSLv2"
21	+#ifdef OPENSSL_NO_SSL3_METHOD	21	#endif
22	+ "-SSLv3"	22	-#if HAVE_DECL_SSLV3_CLIENT_METHOD + 0 == 0
23	+#endif	23	+#if (HAVE_DECL_SSLV3_CLIENT_METHOD + 0 == 0) && !defined(OPENSSL_NO_SSL3_METHOD)
		24	"-SSLv3"
		25	#endif
24	#ifdef OPIE_ENABLE	26	#ifdef OPIE_ENABLE
25	"+OPIE"
26	#endif /* OPIE_ENABLE */

Lines 1-6 Link Here

(-)fetchmail/files/patch-socket.c (-14 / +10 lines)
1	--- socket.c.orig 2013-04-23 20:00:45 UTC	1	--- socket.c.orig 2018-12-30 11:43:19.042365000 -0600
2	+++ socket.c	2	+++ socket.c 2018-12-30 12:46:39.062201000 -0600
3	@@ -907,14 +907,19 @@ int SSLOpen(int sock, char *mycert, char	3	@@ -910,7 +910,7 @@
4	_ssl_context[sock] = NULL;	4	_ssl_context[sock] = NULL;
5	if(myproto) {	5	if(myproto) {
6	if(!strcasecmp("ssl2",myproto)) {	6	if(!strcasecmp("ssl2",myproto)) {
Lines 8-24 Link Here
8	+#if (HAVE_DECL_SSLV2_CLIENT_METHOD + 0 > 0) && !defined(OPENSSL_NO_SSL2)	8	+#if (HAVE_DECL_SSLV2_CLIENT_METHOD + 0 > 0) && !defined(OPENSSL_NO_SSL2)
9	_ctx[sock] = SSL_CTX_new(SSLv2_client_method());	9	_ctx[sock] = SSL_CTX_new(SSLv2_client_method());
10	#else	10	#else
11	- report(stderr, GT_("Your operating system does not support SSLv2.\n"));	11	report(stderr, GT_("Your OpenSSL version does not support SSLv2.\n"));
12	+ report(stderr, GT_("Your OpenSSL version does not support SSLv2.\n"));	12	@@ -918,7 +918,7 @@
13	return -1;
14	#endif	13	#endif
		14	avoid_ssl_versions &= ~SSL_OP_NO_SSLv2;
15	} else if(!strcasecmp("ssl3",myproto)) {	15	} else if(!strcasecmp("ssl3",myproto)) {
16	+#ifndef OPENSSL_NO_SSL3_METHOD	16	-#if HAVE_DECL_SSLV3_CLIENT_METHOD + 0 > 0
		17	+#if (HAVE_DECL_SSLV3_CLIENT_METHOD + 0 > 0) && !defined(OPENSSL_NO_SSL3_METHOD)
17	_ctx[sock] = SSL_CTX_new(SSLv3_client_method());	18	_ctx[sock] = SSL_CTX_new(SSLv3_client_method());
18	+#else	19	#else
19	+ report(stderr, GT_("Your OpenSSL version does not support SSLv3.\n"));	20	report(stderr, GT_("Your OpenSSL version does not support SSLv3.\n"));
20	+ return -1;
21	+#endif
22	} else if(!strcasecmp("tls1",myproto)) {
23	_ctx[sock] = SSL_CTX_new(TLSv1_client_method());
24	} else if (!strcasecmp("ssl23",myproto)) {