diff options
| -rw-r--r-- | NEWS | 8 | ||||
| -rw-r--r-- | configure.ac | 3 | ||||
| -rw-r--r-- | fetchmail.c | 3 | ||||
| -rw-r--r-- | socket.c | 4 |
4 files changed, 15 insertions, 3 deletions
@@ -90,6 +90,14 @@ removed from a 6.5.0 or newer release.) have required another loop through the translators. -------------------------------------------------------------------------------- +fetchmail-6.4.25 (not yet released): + +# CHANGES +* Since distributions continue patching for LibreSSL use, which cannot be + linked legally, block out LibreSSL in configure.ac and socket.c, and + refer to COPYING. + +-------------------------------------------------------------------------------- fetchmail-6.4.24 (released 2021-11-20, 30218 LoC): # OPENSSL AND LICENSING NOTE: diff --git a/configure.ac b/configure.ac index 14760f3a..ba21272d 100644 --- a/configure.ac +++ b/configure.ac @@ -813,6 +813,9 @@ fi AC_MSG_NOTICE([LIBS:] "$LIBS") case "$LIBS" in *-lssl*|*libssl*) + AC_CHECK_DECLS([LIBRESSL_VERSION_NUMBER], + AC_MSG_ERROR([fetchmail cannot legally be linked against LibreSSL for lack of GPL2 clause 2b exception. See COPYING.]),, + [#include <openssl/ssl.h>]) AC_CHECK_DECLS([TLS1_3_VERSION],, AC_MSG_WARN([Your OpenSSL version is too old and does not support TLS v1.3. Upgrade.]), [#include <openssl/ssl.h>]) diff --git a/fetchmail.c b/fetchmail.c index 71ecc1b0..060e0a9f 100644 --- a/fetchmail.c +++ b/fetchmail.c @@ -317,7 +317,8 @@ int main(int argc, char **argv) printf(GT_("WARNING: Your SSL/TLS library does not support TLS v1.3.\n")); #endif #ifdef LIBRESSL_VERSION_NUMBER - printf(GT_("WARNING: Compiled against LibreSSL, which is not a supported configuration.\n")); + printf(GT_("ERROR: Compiled against LibreSSL, which is a copyright violation for lack of GPL clause 2b exception. See COPYING. Aborting.\n")); + exit(PS_UNDEFINED); #endif #else printf(GT_("WARNING: Compiled without SSL/TLS.\n")); @@ -409,7 +409,7 @@ va_dcl { #define fm_MIN_OPENSSL_VER 0x1000200fL #ifdef LIBRESSL_VERSION_NUMBER -#pragma message "WARNING - LibreSSL is unsupported. Use at your own risk." +#error "FAILED - LibreSSL cannot be used legally, for lack of GPL clause 2b exception, see COPYING." #endif #if OPENSSL_VERSION_NUMBER < 0x1010100fL @@ -922,7 +922,7 @@ static const char *SSLCertGetCN(const char *mycert, } #if !defined(OSSL110_API) -/* ===== implementation for OpenSSL 1.0.X and LibreSSL ===== */ +/* ===== implementation for OpenSSL 1.0.X ===== */ static int OSSL10X_proto_version_logic(int sock, const char **myproto, int *avoid_ssl_versions) { if (!*myproto) { |