| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
| |
...i. e. after receiving tagged response.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
On --sslproto auto (or other nonempty values), when
receiving IMAP PREAUTH state, abort the connection,
rather than continuing with cleartext.
--ssl is unaffected because it always negotiates TLS.
See fetchmail-SA-2021-02.txt for details.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Regression in 6.4.20's security fix (Git commit c546c829).
We doubly incremented partial_message_size_used on modern systems
(stdard.h/vsnprintf), once in report_vbuild() and then again in
report_build(), so the 2nd and subsequent report_build() fragments
landed too late in the buffer. This will not cause overruns due to the
reallocation prior to the vsnprintf/sprintf, but it write starts behind
the '\0' byte, instead of right over it, so the string also gets
truncated to the first fragment written with report_vbuild().
Fix by moving the increment back into the #else...#endif part that does
not use report_vbuild().
Reported by: Jürgen Edner, Erik Christiansen
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Reported (with a different patch suggestion) by
Christian Herdtweck <christian.herdtweck@intra2net.com>.
Note that vsnprintf() calls va_arg(), and depending on operating system,
compiler, configuration, this will invalidate the va_list argument
pointer, so that va_start has to be called again before a subsequent
vsnprintf(). However, it is better to do away with the loop and the
trial-and-error, and leverage the return value of vsnprintf instead for
a direct one-off resizing, whilst taking into account that on SUSv2
systems, the return value can be useless if the size argument to
vsnprintf is 0.
|
| |
|
| |
|
| |
|
|
|
|
|
|
| |
(those with a file path).
Closes: #33
|
| |
|
| |
|
|
|
|
|
| |
the latter is deprecated in OpenSSL 3, and the user might use some
other key than RSA.
|
|
|
|
| |
to avoid compatibility issues with new OpenSSL versions later on.
|
| |
|
| |
|
| |
|
| |
|
|
|
|
|
| |
...which uses siglongjmp() so that gen_transact() will not return.
Note, just in case, this uses local static buffers and is not thread-safe.
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
|
|
| |
When Gene Heskett was updating his OpenSSL on Debian oldstable, we figured
that it might be helpful to print where OpenSSL goes look for the trusted
certificate. Add this information.
Also add documentation of OpenSSL's SSL_CERT_DIR/SSL_CERT_FILE environment
variables.
|
|
|
|
|
|
|
|
|
| |
This was found by Julian Bane debugging a situation where duplicate
suppression did not kick in (due to envelope-recording headers,
X-Original-To, Delivered-To). Historic behavior now documented in
fetchmail.man and NEWS in order to reduce confusion.
Gitlab, fixes issue #29.
|
|
|
|
| |
(cherry picked from commit 204541b6d2ccdbd2111e346f47fd69316ed3ef7d)
|
|
|
|
|
|
|
| |
Mention 6.4.3 esmtpname/esmtppassword fix.
Found while reviewing Earl Chew's same fix on 'next' branch.
Reference MDA single-quoting issue by Debian Bug#347909 id.
|
| |
|
|
|
|
| |
Cherry-picked from 'next' branch, 895b4748.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Since commit ca372c2c4fd4fa18cf035087203069e412adfa00, cross-compilation
fails on:
/data/buildroot-test/instance-0/output-1/host/bin/powerpc-linux-gcc -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 -Os -I/data/buildroot-test/instance-0/output-1/host/powerpc-buildroot-linux-uclibc/sysroot/usr/include -I/usr/kerberos/include -L/data/buildroot-test/instance-0/output-1/host/powerpc-buildroot-linux-uclibc/sysroot/usr/lib -o fetchmail socket.o getpass.o fetchmail.o env.o idle.o options.o daemon.o driver.o transact.o sink.o smtp.o idlist.o uid.o mxget.o md5ify.o cram.o gssapi.o opie.o interface.o netrc.o unmime.o conf.o checkalias.o uid_db.o lock.o rcfile_l.o rcfile_y.o ucs/norm_charmap.o fm_realpath.o pop3.o imap.o etrn.o odmr.o libfm.a -lintl -L/data/buildroot-test/instance-0/output-1/host/bin/../powerpc-buildroot-linux-uclibc/sysroot/usr/lib -lssl -lcrypto /usr/lib/libssl.so /usr/lib/libcrypto.so /usr/lib/libcrypto.so
/data/buildroot-test/instance-0/output-1/host/opt/ext-toolchain/bin/../lib/gcc/powerpc-buildroot-linux-uclibc/8.3.0/../../../../powerpc-buildroot-linux-uclibc/bin/ld: /usr/lib/libssl.so: error adding symbols: file in wrong format
This build failure is raised because pkg-config values are overriden by
AC_LIB_LINKFLAGS which can pull libraries from the host. So, don't
unconditionally call AC_LIB_LINKFLAGS when cross-compiling. It should be
noted that AC_LIB_LINKFLAGS is used as a fallback of case pkg-config
since commit c92eb3c1895f10a9a4d3229ac883071b62db3920.
Fixes:
- http://autobuild.buildroot.org/results/1b24f0ada47ca1913321d148981364ce513465ac
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Merge request !23.
|
|
|
|
| |
Reported by David McKelvie on fetchmail-users today.
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
pidfile/locking: log errors thru syslog, too
This works by replacing perror()/fprintf(stderr, ...)
by report() and strerror().
If the pidfile cannot be unlinked, truncate it.
Bump release version to 6.4.13.rc1, and move KNOWN BUGS section up in NEWS.
|
| |
|
| |
|
|
|
|
|
|
| |
When AC_LIB_LINKFLAGS came up with, for instance, /usr/lib/libssl.so,
configure.ac failed to check for TLS v1.2 and TLS v1.3 support in the
SSL library, disabling explicit TLS v1.2 and v1.3 support.
|
| |
|
| |
|