diff options
| author | Conrad Meyer <cem@FreeBSD.org> | 2019-01-06 07:21:24 +0000 |
|---|---|---|
| committer | Conrad Meyer <cem@FreeBSD.org> | 2019-01-06 07:21:24 +0000 |
| commit | d4148ae4d2e85148031b66eae8f8a810bd467685 (patch) | |
| tree | 8cb623c056ebdb77cdb5dbfdab0c7d1206e1cfae /mail/fetchmail/files | |
| parent | security/py-ed25519ll: update to support py3 and flavours (diff) | |
mail/fetchmail: backport less-old TLS support from Fedora
Allows options like 'sslproto "TLS1.2+"', for example.
PR: 233247
Submitted by: Corey Halpin <chalpin@cs.wisc.edu> (maintainer)
Approved by: koobs
Notes
Notes:
svn path=/head/; revision=489439
Diffstat (limited to 'mail/fetchmail/files')
| -rw-r--r-- | mail/fetchmail/files/patch-fetchmail.c | 22 | ||||
| -rw-r--r-- | mail/fetchmail/files/patch-socket.c | 24 |
2 files changed, 21 insertions, 25 deletions
diff --git a/mail/fetchmail/files/patch-fetchmail.c b/mail/fetchmail/files/patch-fetchmail.c index 03e505d44120..5e0b18eee2fa 100644 --- a/mail/fetchmail/files/patch-fetchmail.c +++ b/mail/fetchmail/files/patch-fetchmail.c @@ -1,5 +1,5 @@ ---- fetchmail.c.orig 2013-04-23 20:00:45 UTC -+++ fetchmail.c +--- fetchmail.c.orig 2018-12-30 11:43:19.032822000 -0600 ++++ fetchmail.c 2018-12-30 12:51:55.552234000 -0600 @@ -50,6 +50,10 @@ #include <arpa/nameser.h> #include <resolv.h> @@ -11,16 +11,16 @@ #ifndef ENETUNREACH #define ENETUNREACH 128 /* Interactive doesn't know this */ #endif /* ENETUNREACH */ -@@ -263,6 +267,12 @@ int main(int argc, char **argv) +@@ -263,10 +267,10 @@ #ifdef SSL_ENABLE "+SSL" #endif -+#ifdef OPENSSL_NO_SSL2 -+ "-SSLv2" -+#endif -+#ifdef OPENSSL_NO_SSL3_METHOD -+ "-SSLv3" -+#endif +-#if HAVE_DECL_SSLV2_CLIENT_METHOD + 0 == 0 ++#if (HAVE_DECL_SSLV2_CLIENT_METHOD + 0 == 0) && !defined(OPENSSL_NO_SSL2) + "-SSLv2" + #endif +-#if HAVE_DECL_SSLV3_CLIENT_METHOD + 0 == 0 ++#if (HAVE_DECL_SSLV3_CLIENT_METHOD + 0 == 0) && !defined(OPENSSL_NO_SSL3_METHOD) + "-SSLv3" + #endif #ifdef OPIE_ENABLE - "+OPIE" - #endif /* OPIE_ENABLE */ diff --git a/mail/fetchmail/files/patch-socket.c b/mail/fetchmail/files/patch-socket.c index 6bb35ccf25d1..bf82f7e20712 100644 --- a/mail/fetchmail/files/patch-socket.c +++ b/mail/fetchmail/files/patch-socket.c @@ -1,6 +1,6 @@ ---- socket.c.orig 2013-04-23 20:00:45 UTC -+++ socket.c -@@ -907,14 +907,19 @@ int SSLOpen(int sock, char *mycert, char +--- socket.c.orig 2018-12-30 11:43:19.042365000 -0600 ++++ socket.c 2018-12-30 12:46:39.062201000 -0600 +@@ -910,7 +910,7 @@ _ssl_context[sock] = NULL; if(myproto) { if(!strcasecmp("ssl2",myproto)) { @@ -8,17 +8,13 @@ +#if (HAVE_DECL_SSLV2_CLIENT_METHOD + 0 > 0) && !defined(OPENSSL_NO_SSL2) _ctx[sock] = SSL_CTX_new(SSLv2_client_method()); #else -- report(stderr, GT_("Your operating system does not support SSLv2.\n")); -+ report(stderr, GT_("Your OpenSSL version does not support SSLv2.\n")); - return -1; + report(stderr, GT_("Your OpenSSL version does not support SSLv2.\n")); +@@ -918,7 +918,7 @@ #endif + avoid_ssl_versions &= ~SSL_OP_NO_SSLv2; } else if(!strcasecmp("ssl3",myproto)) { -+#ifndef OPENSSL_NO_SSL3_METHOD +-#if HAVE_DECL_SSLV3_CLIENT_METHOD + 0 > 0 ++#if (HAVE_DECL_SSLV3_CLIENT_METHOD + 0 > 0) && !defined(OPENSSL_NO_SSL3_METHOD) _ctx[sock] = SSL_CTX_new(SSLv3_client_method()); -+#else -+ report(stderr, GT_("Your OpenSSL version does not support SSLv3.\n")); -+ return -1; -+#endif - } else if(!strcasecmp("tls1",myproto)) { - _ctx[sock] = SSL_CTX_new(TLSv1_client_method()); - } else if (!strcasecmp("ssl23",myproto)) { + #else + report(stderr, GT_("Your OpenSSL version does not support SSLv3.\n")); |