| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
| |
On OpenBSD, libressl is "normally distributed (in either source or
binary form) with the major components (compiler, kernel, and so on) of
the operating system on which the executable runs" according to Stuart
Henderson, so according to the GNU GPL v2 clause 3, we can permit
LibreSSL for OpenBSD.
|
|
|
|
|
|
| |
when using wolfSSL:
- avoid OpenSSL acknowledgment
- use +WOLFSSL as version tag instead of +SSL-SSLv2
|
| |
|
|
|
|
| |
See COPYING or NEWS.
|
|
|
|
|
|
|
|
| |
Reported by Bjørn Mork, fixes Debian Bug#992400.
Crash happens inside xstrdup() on a strlen((char *)-1) where
the argument is constant and the trigger is a local trusted
configuration file, so not deemed a vulnerability.
|
| |
|
|
|
|
|
| |
Gitlab: Closes #31.
(cherry picked from commit da6eb347af326912560f56081d603a0a78c3d56d)
|
| |
|
|
|
|
|
|
| |
(those with a file path).
Closes: #33
|
| |
|
|
|
|
|
|
|
|
|
| |
When Gene Heskett was updating his OpenSSL on Debian oldstable, we figured
that it might be helpful to print where OpenSSL goes look for the trusted
certificate. Add this information.
Also add documentation of OpenSSL's SSL_CERT_DIR/SSL_CERT_FILE environment
variables.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
pidfile/locking: log errors thru syslog, too
This works by replacing perror()/fprintf(stderr, ...)
by report() and strerror().
If the pidfile cannot be unlinked, truncate it.
Bump release version to 6.4.13.rc1, and move KNOWN BUGS section up in NEWS.
|
|
|
|
|
|
| |
if compiled against LibreSSL,
if compiled against a library that does not support TLS 1.3,
if compiled without SSL/TLS support.
|
| |
|
|
|
|
|
|
|
| |
All such uses in fetchmail stem from AC_CHECK_DECLS(),
which will always define a HAVE_DECL_ macro with either 0 or 1,
thus we must not check if that macro is defined, but we
must check its value.
|
| |
|
|
|
|
|
| |
The memory leak free fix could try to double-free fields.
Zero them out properly to avoid that.
|
|
|
|
|
|
|
|
|
|
|
| |
OpenSSL 1.0.2 is EOL since end of 2019, so warn if it is to be used
at configure and compile time.
The assumption is that 1.0.2 may still be in use by maintainers that
backport security fixes.
Also warn, at configure time, about "OpenSSL" API-compatible libraries
that do not declare TLS1_3_VERSION.
|
|
|
|
| |
Fixes #3 (Gitlab issue#).
|
|
|
|
|
|
| |
Fixes #11 (Gitlab issue).
Suggested by: Benno Schulenberg
|
|
|
|
| |
...from defaults entries, or command line.
|
| |
|
|
|
|
|
|
|
|
| |
The fix between 6.4.0-rc4 and 6.4.0 for Debian Bug#941129 caused
a regression in the default file locations, some files were looked
for without dot (.fetchmail.pid, .fetchmailrc).
Reported by Cy Schubert.
|
|
|
|
|
|
| |
* Normalize include order.
* Backport missed bug fixes.
* Remove dead code.
|
|
|
|
|
|
|
|
| |
Assume that getcwd() is present, it is required by the
Single Unix Specivication V2 (1997).
Previously, fetchmail implicitly relied on AM_HAVE_GETTEXT() to
check for getcwd().
|
| |
|
|\ |
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
If e.g. fetching with IMAP and --idle fails with a socket
error, returning PS_SOCKET, do not try fetching with a
different protocol (e.g. POP3).
POP3 might have a completely different idea of read and unread
messages than IMAP, which causes already seen messages to be re-fetched.
|
|/ |
|
| |
|
|
|
|
|
|
|
| |
Import Rainer Weikusat's code that uses Patricia trees instead of linear
lists.
Snapshot Rainer's patch 2010-05-24 19:30:42
|
|
|
|
| |
(Cherry-picked from master's 1a92b2909610096a11d26f7a7317d32819354be3.)
|
| |
|
|
|
|
|
|
|
|
|
|
| |
There are no sslcertck (rcfile) and --nosslcertck (command line) options
that can be combined with [--]sslfingerprint if so desired.
The documentation is deliberately not updated everywhere, so that
recommendations to use --sslcertck stand, this is for the benefit of
users that read fetchmail v6.4.0 manuals to configure a fetchmail v6.3.X
implementation.
|
| |
|
| |
|
|
|
|
|
| |
These are the macros OpenSSL defines when configured with no-ssl2 or no-ssl3,
the actual macro names are OPENSSL_NO_SSL2 and OPENSSL_NO_SSL3.
|
|
|
|
|
|
|
| |
providing that these also omit the declaration of SSLv3_client_method().
Related to Debian Bug#775255.
Version report lists -SSLv3 on +SSL builds that omit SSLv3_client_method().
Version report lists -SSLv2 on +SSL builds that omit SSLv2_client_method().
|
| |
|
| |
|
|
|
|
| |
reported by Heinz Diehl.
|
|
|
|
|
| |
In case logfile overrides syslog, send a message to the latter stating
where logging goes. Also revise manual page.
|
| |
|
| |
|
|
|
|
| |
Reported by Marcel Telka, marcel at telka.sk.
|
| |
|
| |
|
| |
|
|
|
|
| |
and always load the default X.509 trust stores, unless the latter is set.
|