mail/fetchmail depends overhaul, new fetchmailconf port

* Bring back SNI (server name indication) support for TLS connections, lost in 6.3.26_10 (PORTREVISION=10) as a regression over _9. Pointy hat: mandree@ * Drop the X11 option, remove the Python dependency, and create a new mail/fetchmailconf slave port/package that installs the fetchmailconf configurator. Note that the _DEPENDS of the ports reflects a technical dependence (fetchmailconf needs fetchmail), and we cannot keep an X11 option that depends on fetchmailconf, since that would create a circular dependency, which we must avoid. * Patch configure instead of configure.ac with Cy's Kerberos fix, drop autoreconf from USES, and add a new configure check directly to set HAVE_DECL_SSLV3_CLIENT_METHOD to cover the various TLS providers (currently five, base, openssl, openssl111, libressl, libressl-devel) * Add -Wl,--as-needed to LDFLAGS so as not to pull in unneeded .so libraries, for instance, libcom_err when compiling under GSSAPI_NONE. * Bump PORTREVISION. Very fruitful and nice collaboration with and Approved by: chalpin@cs.wisc.edu (maintainer)
author: Matthias Andree <mandree@FreeBSD.org> 2019-01-20 11:25:07 +0000
committer: Matthias Andree <mandree@FreeBSD.org> 2019-01-20 11:25:07 +0000
commit: f7cd8bfb78a2ae011e17dbdc0d7c0b1e6eb3e653 (patch)
tree: d80d3a39788dbcfa89ba41aa7e03e22aac5ee243 /mail/fetchmail/files
parent: Update to 2.3d.r155 (diff)
3 files changed, 92 insertions, 24 deletions
diff --git a/mail/fetchmail/files/patch-SNI-Gitlab-9b8b634 b/mail/fetchmail/files/patch-SNI-Gitlab-9b8b634
new file mode 100644
index 000000000000..db96b4208bf8
--- /dev/null
+++ b/mail/fetchmail/files/patch-SNI-Gitlab-9b8b634
@@ -0,0 +1,39 @@
+Line numbers and --- line adapted.
+
+From 9b8b634312f169fab872f3580c2febe5af031615 Mon Sep 17 00:00:00 2001
+From: Matthias Andree <matthias.andree@gmx.de>
+Date: Sat, 11 Feb 2017 19:39:56 +0100
+Subject: [PATCH] TLS: set hostname for SNI.
+
+---
+ socket.c | 14 ++++++++++++++
+ 1 file changed, 14 insertions(+)
+
+diff --git a/socket.c b/socket.c
+index aec319e3..17d60cbd 100644
+--- ./socket.c
++++ b/socket.c
+@@ -1029,6 +1029,20 @@ int SSLOpen(int sock, char *mycert, char *mykey, const char *myproto, int certck
+ 	_verify_ok = 1;
+ 	_prev_err = -1;
+ 
++	/*
++	 * Support SNI, some servers (googlemail) appear to require it.
++	 */
++	{
++	    long r;
++	    r = SSL_set_tlsext_host_name(_ssl_context[sock], servercname);
++
++	    if (0 == r) {
++		/* handle error */
++		report(stderr, GT_("Warning: SSL_set_tlsext_host_name(%p, \"%s\") failed (code %#lx), trying to continue.\n"), _ssl_context[sock], servercname, r);
++		ERR_print_errors_fp(stderr);
++	    }
++	}
++
+ 	if( mycert || mykey ) {
+ 
+ 	/* Ok...  He has a certificate file defined, so lets declare it.  If
+-- 
+2.18.1
+
diff --git a/mail/fetchmail/files/patch-configure b/mail/fetchmail/files/patch-configure
new file mode 100644
index 000000000000..0ff6ec96d00a
--- /dev/null
+++ b/mail/fetchmail/files/patch-configure
@@ -0,0 +1,53 @@
+--- configure.orig	2013-04-23 21:36:55 UTC
++++ configure
+@@ -9552,11 +9552,11 @@ cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+ #ifdef __cplusplus
+ extern "C"
+ #endif
+-char krb5_des_string_to_key ();
++char krb5int_des_string_to_key ();
+ int
+ main ()
+ {
+-return krb5_des_string_to_key ();
++return krb5int_des_string_to_key ();
+   ;
+   return 0;
+ }
+@@ -9591,11 +9591,11 @@ cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+ #ifdef __cplusplus
+ extern "C"
+ #endif
+-char krb5_des_string_to_key ();
++char krb5int_des_string_to_key ();
+ int
+ main ()
+ {
+-return krb5_des_string_to_key ();
++return krb5int_des_string_to_key ();
+   ;
+   return 0;
+ }
+@@ -10131,6 +10131,22 @@ fi
+ 
+ cat >>confdefs.h <<_ACEOF
+ #define HAVE_DECL_SSLV2_CLIENT_METHOD $ac_have_decl
++_ACEOF
++
++	;;
++esac
++
++case "$LIBS" in *-lssl*)
++	ac_fn_c_check_decl "$LINENO" "SSLv3_client_method" "ac_cv_have_decl_SSLv3_client_method" "#include <openssl/ssl.h>
++"
++if test "x$ac_cv_have_decl_SSLv3_client_method" = xyes; then :
++  ac_have_decl=1
++else
++  ac_have_decl=0
++fi
++
++cat >>confdefs.h <<_ACEOF
++#define HAVE_DECL_SSLV3_CLIENT_METHOD $ac_have_decl
+ _ACEOF
+ 
+ 	;;
diff --git a/mail/fetchmail/files/patch-configure.ac b/mail/fetchmail/files/patch-configure.ac
deleted file mode 100644
index a84e3216616d..000000000000
--- a/mail/fetchmail/files/patch-configure.ac
+++ /dev/null
@@ -1,24 +0,0 @@
---- configure.ac.orig	2013-04-23 20:51:10 UTC
-+++ configure.ac
-@@ -19,7 +19,7 @@ AC_CANONICAL_HOST
- dnl automake options are in Makefile.am
- AC_PREREQ(2.60)
- dnl 2.60 required for AC_USE_SYSTEM_EXTENSIONS
--AM_INIT_AUTOMAKE([silent-rules -Wall])
-+AM_INIT_AUTOMAKE([silent-rules subdir-objects serial-tests])
- AM_SILENT_RULES
- 
- dnl python is optional
-@@ -601,10 +601,10 @@ else
-           AC_MSG_RESULT([found])
-           ac_krblibs="-lcom_err"
-            AC_CHECK_LIB(crypto,
--             krb5_des_string_to_key,
-+             krb5int_des_string_to_key,
-              libk5crypto=-lcrypto,
-                 AC_CHECK_LIB(k5crypto,
--                   krb5_des_string_to_key,
-+                   krb5int_des_string_to_key,
-                    libk5crypto=-lk5crypto,
-                       AC_MSG_ERROR([Kerberos 5 DES libraries not found]),
-                    ${LDFLAGS} ${ac_krblibs}),
author	Matthias Andree <mandree@FreeBSD.org>	2019-01-20 11:25:07 +0000
committer	Matthias Andree <mandree@FreeBSD.org>	2019-01-20 11:25:07 +0000
commit	f7cd8bfb78a2ae011e17dbdc0d7c0b1e6eb3e653 (patch)
tree	d80d3a39788dbcfa89ba41aa7e03e22aac5ee243 /mail/fetchmail/files
parent	Update to 2.3d.r155 (diff)