mail/fetchmail*: update to 6.5.0

Improve upon the prior opie handling and use the port on FreeBSD 14.
For the FreeBSD 13 base OpenSSL 1.x version, allow it by patching
socket.c, and also simplify the EVP_MD* API update check which will go
upstream.

PR:		282413
Approved by:	Corey Halpin <chalpin@cs.wisc.edu> (maintainer)

1 files changed, 24 insertions, 0 deletions

diff --git a/mail/fetchmail/files/patch-socket.c b/mail/fetchmail/files/patch-socket.c
new file mode 100644
index 000000000000..d8faa1a79534
--- /dev/null
+++ b/mail/fetchmail/files/patch-socket.c
@@ -0,0 +1,24 @@
+FreeBSD's security team needs to maintain OpenSSL 1.1.1's
+security to a sane level without upstream support... but permit the build
+for FreeBSD 13.3 and 13.4:
+
+--- socket.c.orig	2024-09-28 09:20:10 UTC
++++ socket.c
+@@ -375,7 +375,7 @@ enum { SSL_min_security_level = 2 };
+ # ifndef TLSprovider
+ #  define TLSprovider "OpenSSL"
+ # endif
+-# define fm_MIN_OPENSSL_VER 0x30000090L
++# define fm_MIN_OPENSSL_VER 0x1010117fL
+ /* do not warn about OpenSSL 3.2.0, the 3.2.1 fix is of low priority */
+ # if OPENSSL_VERSION_NUMBER >= 0x30100000L && OPENSSL_VERSION_NUMBER < 0x30200000L
+ #  if OPENSSL_VERSION_NUMBER < 0x30100040L
+@@ -402,7 +402,7 @@ enum { SSL_min_security_level = 2 };
+ #endif /* USING_WOLFSSL */
+ 
+ /* workaround for EVP_MD_fetch API - missing on wolfSSL and LibreSSL */
+-#if defined(USING_WOLFSSL) || defined(LIBRESSL_VERSION_NUMBER)
++#if OPENSSL_VERSION_NUMBER < 0x30000000L
+ # define EVP_MD_fetch(x, digest, y) (EVP_get_digestbyname(digest))
+ # define EVP_MD_free(x) /* NOOP */
+ # define fm_EVP_MD_const const // compatibility const EVP_MD* from EVP_get_digestbyname()