| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
| |
- fix unterminated string in .IP macro
- fix .TH date format
- properly break line after .PP
- replace .br in table (unsupported by FreeBSD 12's mandoc)
FreeBSD Bug#241032 reported by Helge Oldach
|
| |
|
|
|
|
|
|
|
|
| |
The fix between 6.4.0-rc4 and 6.4.0 for Debian Bug#941129 caused
a regression in the default file locations, some files were looked
for without dot (.fetchmail.pid, .fetchmailrc).
Reported by Cy Schubert.
|
|
|
|
|
| |
Obtained from: https://sources.debian.org/data/main/f/fetchmail/6.4.0~rc3-1/debian/patches/03_typo-manpage.diff
Obsoletes: Debian patch 03_typo_manpage.diff
|
| |
|
| |
|
|
|
|
|
|
| |
Since the addition of --nosslcertck documentation in Nov. 2015
with commit 6adcb0cc, the --sslcertfile documentation had become part of
--nosslcertck. Now --sslcertfile stands in a paragraph of its own.
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
| |
There are no sslcertck (rcfile) and --nosslcertck (command line) options
that can be combined with [--]sslfingerprint if so desired.
The documentation is deliberately not updated everywhere, so that
recommendations to use --sslcertck stand, this is for the benefit of
users that read fetchmail v6.4.0 manuals to configure a fetchmail v6.3.X
implementation.
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Removes SSLv2, enables TLSv1.1 and v1.2 more easily,
permits SSLv3 (only if specified) and newer TLSv1.1+ for STLS/STARTTLS.
Only negotiates TLSv1 and newer by default, SSLv3 must now be specified
explicitly, as a consequence of the POODLE attack.
This is meant to be a minimally upgraded version, and cannot be usefully
done as a 6.3.X release.
It is strongly recommended that users review their configuration -
especially --sslproto - per instructions in the NEWS file and manual
page. It has changed semantics and in many cases --sslproto auto or
perhaps --sslproto tls1.2+ should be used now.
|
|
|
|
| |
In response to Jeremy Chadwick's trouble 2014-11-19, fetchmail-users.
|
|
|
|
| |
Re-sign EN and SAs because that broke signatures.
|
| |
|
| |
|
|
|
|
|
| |
The fetchmail manual page now refers the user to --softbounce from the
SMTP/ESMTP ERROR HANDLING section. Reported by Anton Shterenlikht.
|
|
|
|
|
|
|
| |
The fetchmail manual page no longer claims that MD5 were the default OpenSSL
hash format (for use with --sslfingerprint).
Reported by Jakob Wilk, PARTIAL fix for Debian Bug#700266.
|
| |
|
|
|
|
| |
reported by Heinz Diehl.
|
| |
|
|
|
|
|
| |
In case logfile overrides syslog, send a message to the latter stating
where logging goes. Also revise manual page.
|
| |
|
|
|
|
|
|
|
| |
...from SSL options, unless FETCHMAIL_DISABLE_CBC_IV_COUNTERMEASURE
is a non-empty environment variable.
Suggested by Apple.
|
|
|
|
|
|
|
|
| |
On systems where SSLv2_client_method isn't defined in OpenSSL (such as newer
Debian, and Ubuntu starting with 11.10 oneiric ocelot), don't reference it (to
fix the build) and print a run-time error that the OS does not support SSLv2.
Fixes Debian Bug #622054, but note that that bug report has a more thorough
patch that does away with SSLv2 altogether.
|
| |
|
| |
|
| |
|
| |
|
| |
|
|
|
|
|
| |
Revert "Remove support for SSLv2 (fixes Debian Bug #622054)."
This reverts commit c22a3afca46c83ee6d53a6ee58deb122f309c460.
|
|
|
|
|
| |
mentioning that some MS Exchange versions send a "deleted without being read"
notification in this situation.
|
|
|
|
|
| |
Requested by Jonathan Buschmann, to suppress read-notifications on
servers such as MS Exchange or HP OpenMail.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
SSLv2 has been deprecated since 1996, and is insecure.
Remove --sslproto SSL2 support.
Set SSL_OP_NO_SSLvSSL_CTX 2 option so that the SSLv23 multi-version
client no longer negotiates SSLv2.
Note that some distributions (such as Debian) build OpenSSL 1.0.0
without SSLv2 support, so on those, the build would fail.
Fixes Debian Bug #622054
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=622054
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
| |
If at least one of --sslcertfile and --sslcertpath is given, fetchmail
skips loading the default OpenSSL X.509 trusted CA cert locations.
If the environment variable FETCHMAIL_INCLUDE_DEFAULT_X509_CA_CERTS is set
to a non-empty value, fetchmail will additionally load the default locations.
The old FETCHMAIL_NO_DEFAULT_X509_PATHS variable was dropped.
|
|
|
|
| |
and always load the default X.509 trust stores, unless the latter is set.
|
| |
|