Bug 233247 - mail/fetchmail: Adapt patch to allow strict (>1.0) TLS version validation
Summary: mail/fetchmail: Adapt patch to allow strict (>1.0) TLS version validation
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: --- Affects Only Me
Assignee: Conrad Meyer
URL: https://src.fedoraproject.org/rpms/fe...
Keywords:
Depends on:
Blocks:
 
Reported: 2018-11-16 07:13 UTC by Conrad Meyer
Modified: 2019-01-06 07:21 UTC (History)
2 users (show)

See Also:
chalpin: maintainer-feedback+


Attachments
Patch adding Fedora's backported TLS handling (4.25 KB, patch)
2018-12-30 20:20 UTC, Corey Halpin
chalpin: maintainer-approval+
koobs: maintainer-approval+
Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Conrad Meyer freebsd_committer 2018-11-16 07:13:45 UTC
https://src.fedoraproject.org/rpms/fetchmail/blob/master/f/fetchmail-6.3.26-ssl-backport.patch

Allows configuring sslproto "TLS1.2+", for example.

This patch looks useful for SNI-requiring servers: https://src.fedoraproject.org/rpms/fetchmail/blob/master/f/fetchmail-6.3.26-ssl-set-sni.patch
Comment 1 Koichiro Iwao freebsd_committer 2018-11-22 04:35:00 UTC
Hi, (In reply to Conrad Meyer from comment #0)

Regarding SNI, I've already backported it. See bug 233078.
Comment 2 Conrad Meyer freebsd_committer 2018-11-22 18:02:50 UTC
(In reply to Koichiro Iwao from comment #1)
Heh, quite recently!  Thank you.
Comment 3 Corey Halpin 2018-12-30 20:20:54 UTC
Created attachment 200631 [details]
Patch adding Fedora's backported TLS handling

Attached patch integrates Fedora's backported SSL/TLS changes. Passes 'poudrierer testport' on 11.2/amd64 with ssl=base and default OPTIONS, with ssl=port and GSSAPI_MIT, and with ssl=libressl and GSSAPI_MIT. Fetches mail as expected in my testing. :)
Comment 4 Conrad Meyer freebsd_committer 2018-12-30 20:25:34 UTC
Thanks Corey!
Comment 5 Kubilay Kocak freebsd_committer freebsd_triage 2018-12-31 05:31:15 UTC
Reporter is committer, assign accordingly
Comment 6 Kubilay Kocak freebsd_committer freebsd_triage 2018-12-31 05:32:05 UTC
Comment on attachment 200631 [details]
Patch adding Fedora's backported TLS handling

Approved by: koobs (ports)

@Conrad If you're happy and confident with your own QA/testing beyond what maintainer has done (i would confirm the poudriere run), feel free to commit
Comment 7 commit-hook freebsd_committer 2019-01-06 07:21:29 UTC
A commit references this bug:

Author: cem
Date: Sun Jan  6 07:21:25 UTC 2019
New revision: 489439
URL: https://svnweb.freebsd.org/changeset/ports/489439

Log:
  mail/fetchmail: backport less-old TLS support from Fedora

  Allows options like 'sslproto "TLS1.2+"', for example.

  PR:		233247
  Submitted by:	Corey Halpin <chalpin@cs.wisc.edu> (maintainer)
  Approved by:	koobs

Changes:
  head/mail/fetchmail/Makefile
  head/mail/fetchmail/distinfo
  head/mail/fetchmail/files/patch-fetchmail.c
  head/mail/fetchmail/files/patch-socket.c