aboutsummaryrefslogtreecommitdiffstats
path: root/fetchmail.c
Commit message (Collapse)AuthorAgeFilesLines
* fetchmail.c: Fix SIGSEGV optmerge()ing "no envelope"Matthias Andree2021-08-271-1/+1
| | | | | | | | Reported by Bjørn Mork, fixes Debian Bug#992400. Crash happens inside xstrdup() on a strlen((char *)-1) where the argument is constant and the trigger is a local trusted configuration file, so not deemed a vulnerability.
* fetchmail.c: reword port/--ssl checks to nudge user towards --sslMatthias Andree2021-08-261-2/+2
|
* sanity check well-known POP3/IMAP ports vs. SSLMatthias Andree2021-08-261-0/+10
| | | | | Gitlab: Closes #31. (cherry picked from commit da6eb347af326912560f56081d603a0a78c3d56d)
* fetchmail.c: fix typo in comment.Matthias Andree2021-08-261-1/+1
|
* fetchmail.c: LMTP don't validate "port" on UNIX-domain socketsMatthias Andree2021-03-291-3/+4
| | | | | | (those with a file path). Closes: #33
* --version: print OpenSSL versions build/run-time and directoriesMatthias Andree2021-01-301-0/+9
|
* --version: print default cert paths, and document SSL_CERT_* in manpageMatthias Andree2021-01-301-0/+2
| | | | | | | | | When Gene Heskett was updating his OpenSSL on Debian oldstable, we figured that it might be helpful to print where OpenSSL goes look for the trusted certificate. Add this information. Also add documentation of OpenSSL's SSL_CERT_DIR/SSL_CERT_FILE environment variables.
* Update copyright.Matthias Andree2021-01-031-1/+1
|
* pidfile/lockfile handling bugfixesMatthias Andree2020-10-131-3/+4
| | | | | | | | | | | pidfile/locking: log errors thru syslog, too This works by replacing perror()/fprintf(stderr, ...) by report() and strerror(). If the pidfile cannot be unlinked, truncate it. Bump release version to 6.4.13.rc1, and move KNOWN BUGS section up in NEWS.
* Make fetchmail -V print SSL/TLS library warnings...Matthias Andree2020-03-301-0/+10
| | | | | | if compiled against LibreSSL, if compiled against a library that does not support TLS 1.3, if compiled without SSL/TLS support.
* Fix -SSL/+SSL reporting in fetchmail -V output.Matthias Andree2020-03-301-4/+5
|
* Fix HAVE_DECL_ users to check value, not definition.Matthias Andree2020-03-301-2/+2
| | | | | | | All such uses in fetchmail stem from AC_CHECK_DECLS(), which will always define a HAVE_DECL_ macro with either 0 or 1, thus we must not check if that macro is defined, but we must check its value.
* Properly report if the defaults entry is not the first.Matthias Andree2020-03-301-1/+1
|
* fetchmail.c Avoid double-free in optmerge()'s STRING_MERGE macro.Matthias Andree2020-03-301-2/+2
| | | | | The memory leak free fix could try to double-free fields. Zero them out properly to avoid that.
* "Require" OpenSSL 1.1.1 and tolerate/warn 1.0.2.Matthias Andree2020-03-301-0/+6
| | | | | | | | | | | OpenSSL 1.0.2 is EOL since end of 2019, so warn if it is to be used at configure and compile time. The assumption is that 1.0.2 may still be in use by maintainers that backport security fixes. Also warn, at configure time, about "OpenSSL" API-compatible libraries that do not declare TLS1_3_VERSION.
* Properly error-check reading the idfile.Matthias Andree2020-03-301-3/+6
| | | | Fixes #3 (Gitlab issue#).
* Exclude copyright year from translatable string.Matthias Andree2020-03-301-2/+2
| | | | | | Fixes #11 (Gitlab issue). Suggested by: Benno Schulenberg
* Plug memory leak when merging/overriding options...Matthias Andree2020-03-061-29/+40
| | | | ...from defaults entries, or command line.
* Bump copyright year.Matthias Andree2020-01-111-1/+1
|
* 6.4.1, regression fix for default file locations.Matthias Andree2019-09-281-0/+1
| | | | | | | | The fix between 6.4.0-rc4 and 6.4.0 for Debian Bug#941129 caused a regression in the default file locations, some files were looked for without dot (.fetchmail.pid, .fetchmailrc). Reported by Cy Schubert.
* Align with legacy_6x.Matthias Andree2019-08-251-1/+2
| | | | | | * Normalize include order. * Backport missed bug fixes. * Remove dead code.
* Drop #ifdef HAVE_GETCWD, there never was a formal configure check.Matthias Andree2019-08-251-4/+0
| | | | | | | | Assume that getcwd() is present, it is required by the Single Unix Specivication V2 (1997). Previously, fetchmail implicitly relied on AM_HAVE_GETTEXT() to check for getcwd().
* Bump copyright.Matthias Andree2019-05-141-1/+1
|
* Merge branch 'lanurmi/fetchmail-no-autoprobe-after-socket-fail' into HEADMatthias Andree2019-05-141-1/+1
|\
| * Do not continue autoprobing other protocols after socket errorLauri Nurmi2018-03-181-1/+1
| | | | | | | | | | | | | | | | | | If e.g. fetching with IMAP and --idle fails with a socket error, returning PS_SOCKET, do not try fetching with a different protocol (e.g. POP3). POP3 might have a completely different idea of read and unread messages than IMAP, which causes already seen messages to be re-fetched.
* | Bump copyright.Matthias Andree2018-04-151-1/+1
|/
* Update copyright.Matthias Andree2017-04-221-1/+1
|
* UIDL database speedup with Patricia trees.Matthias Andree2016-12-111-10/+12
| | | | | | | Import Rainer Weikusat's code that uses Patricia trees instead of linear lists. Snapshot Rainer's patch 2010-05-24 19:30:42
* Accept more options with a running daemon.Matthias Andree2016-07-061-6/+14
| | | | (Cherry-picked from master's 1a92b2909610096a11d26f7a7317d32819354be3.)
* Update Copyright year for Matthias Andree to 2016.Matthias Andree2016-06-251-1/+1
|
* Enable --sslcertck by default.Matthias Andree2015-11-151-1/+3
| | | | | | | | | | There are no sslcertck (rcfile) and --nosslcertck (command line) options that can be combined with [--]sslfingerprint if so desired. The documentation is deliberately not updated everywhere, so that recommendations to use --sslcertck stand, this is for the benefit of users that read fetchmail v6.4.0 manuals to configure a fetchmail v6.3.X implementation.
* Unconditionally report -SSLv2 if SSL is enabled.Matthias Andree2015-04-111-2/+0
|
* Bump copyright.Matthias Andree2015-01-161-1/+1
|
* Also recognize OPENSSL_NO_SSLx.Matthias Andree2015-01-161-3/+7
| | | | | These are the macros OpenSSL defines when configured with no-ssl2 or no-ssl3, the actual macro names are OPENSSL_NO_SSL2 and OPENSSL_NO_SSL3.
* Permit build on SSLv3-disabled OpenSSL,Matthias Andree2015-01-161-0/+6
| | | | | | | providing that these also omit the declaration of SSLv3_client_method(). Related to Debian Bug#775255. Version report lists -SSLv3 on +SSL builds that omit SSLv3_client_method(). Version report lists -SSLv2 on +SSL builds that omit SSLv2_client_method().
* Error out if user combines --idle with multiple mailboxes.Matthias Andree2014-11-221-1/+12
|
* Bump copyright.Matthias Andree2013-02-191-2/+2
|
* Repair --logfile regression of 6.3.23,Matthias Andree2012-12-131-4/+6
| | | | reported by Heinz Diehl.
* Clean up logfile vs. syslog handling.Matthias Andree2012-09-231-9/+36
| | | | | In case logfile overrides syslog, send a message to the latter stating where logging goes. Also revise manual page.
* Update copyright and SecAnn' version.Matthias Andree2012-08-301-2/+2
|
* Bump copyright.Matthias Andree2011-05-271-2/+2
|
* Fix typo, CRAM-Md5 -> CRAM-MD5, in -V mode.Matthias Andree2010-10-051-1/+1
| | | | Reported by Marcel Telka, marcel at telka.sk.
* Add OpenSSL acknowledgment.Matthias Andree2010-07-081-0/+4
|
* Properly use long to map pid_t.Matthias Andree2010-04-291-12/+12
|
* Fix a few Intel C++ remarks and warnings.Matthias Andree2010-04-271-4/+1
|
* Add --sslcertfile option and FETCHMAIL_NO_DEFAULT_X509_PATHS env var,Matthias Andree2010-04-181-2/+5
| | | | and always load the default X.509 trust stores, unless the latter is set.
* Semi-plug memory leak when using default rcfile entry.Matthias Andree2010-04-131-0/+6
| | | | | Does not free all members of struct query, but just servername and the query node itself. Add a FIXME note.
* Fix lots of warnings, most around string literals...Matthias Andree2010-03-181-2/+2
| | | | | | | ...that were converted to char* when they should have been converted to const char *. Use braces for empty if/else statements.
* set global flags in a consistent mannerSunil Shetye2010-03-051-4/+4
|
* Don't assign garbage to parsetime if using - (stdin) for rcfile.Matthias Andree2010-02-281-5/+8
|