= CRITICAL BUG FIXES:
* When an SMTP receiver refuses delivery, a message would be deleted from
the mail store in spite of a softbounce option that is enabled.
Bug report, analysis and patch by Horváth Zsolt. Gitlab, fixes#50.
= BUILD NOTE:
* If you are reusing config.cache from prior builds, this may cause
issues with finding Python or some libraries. In case of trouble,
remove config.cache and retry.
= TRANSLATIONS: language translations were updated by this fine person:
* sr: Мирослав Николић (Miroslav Nikolić) [Serbian]
As of src 0aa2700123e2 OPIE has been removed from 14-CURRENT. When
building on a 14-CURRENT machine with __FreeBSD_version > 1400071
avoid linking libopie else this will result a build failure or if
built the following runtime error:
ld-elf.so.1: Shared object "libopie.so.8" not found, required by "fetchmail"
Commit b7f05445c0 has added WWW entries to port Makefiles based on
WWW: lines in pkg-descr files.
This commit removes the WWW: lines of moved-over URLs from these
pkg-descr files.
Approved by: portmgr (tcberner)
It has been common practice to have one or more URLs at the end of the
ports' pkg-descr files, one per line and prefixed with "WWW:". These
URLs should point at a project website or other relevant resources.
Access to these URLs required processing of the pkg-descr files, and
they have often become stale over time. If more than one such URL was
present in a pkg-descr file, only the first one was tarnsfered into
the port INDEX, but for many ports only the last line did contain the
port specific URL to further information.
There have been several proposals to make a project URL available as
a macro in the ports' Makefiles, over time.
This commit implements such a proposal and moves one of the WWW: entries
of each pkg-descr file into the respective port's Makefile. A heuristic
attempts to identify the most relevant URL in case there is more than
one WWW: entry in some pkg-descr file. URLs that are not moved into the
Makefile are prefixed with "See also:" instead of "WWW:" in the pkg-descr
files in order to preserve them.
There are 1256 ports that had no WWW: entries in pkg-descr files. These
ports will not be touched in this commit.
The portlint port has been adjusted to expect a WWW entry in each port
Makefile, and to flag any remaining "WWW:" lines in pkg-descr files as
deprecated.
Approved by: portmgr (tcberner)
Since the distro was built with a newer autoconf, the patch-configure
no longer applies and has been converted to a post-patch REINPLACE_CMD,
also to avoid future breakage.
This also adds one upstream Git patch to fix the version and date tags
in the manual page.
PR: 265251
Approved by: Corey Halpin (maintainer)
BREAKING CHANGES:
* Bump wolfSSL minimum required version to 5.1.1 to pull in security fix.
FIXES:
* When using wolfSSL 5.0.0, work around a bug that appears to hit wolfSSL when
receiving handshake records while still in SSL_peek(). Workaround is to read
1 byte and cache it, then call SSL_peek() again.
This affects only some servers. https://github.com/wolfSSL/wolfssl/issues/4593
TRANSLATIONS: language translations were updated by this fine people:
* es: Cristian Othón Martínez Vera [Spanish]
* ro: Remus-Gabriel Chelu [Romanian]
* sr: Мирослав Николић (Miroslav Nikolić) [Serbian]
MFH: 2022Q1
WOLFSSL is a GPLv2+ licensed SSL library with OpenSSL compatibility
layer. This is to permit shipping fetchmail under a clean GPLv2+
license with OpenSSL 1.1.1.
Now really 6.4.24 and not a 6.4.25 WIP.
fetchmail cannot legally be linked with LibreSSL,
because there is no GPLv2 clause 2b exemption for
LibreSSL, only for OpenSSL.
Correct LICENSE and remove LICENSE_COMB.
Add comment on FSF dynamic linking dynamically
suggested by Corey Halpin in the approval.
Remove LibreSSL patch.
Related to:
PR: 259214
Update:
PR: 259945
MFH: 2021Q4
Approved by: chalpin@cs.wisc.edu (maintainer)
fetchmail cannot legally be linked with LibreSSL,
because there is no GPLv2 clause 2b exemption for
LibreSSL, only for OpenSSL.
Correct LICENSE and remove LICENSE_COMB.
Remove LibreSSL patch.
Add FSF comment suggested by Corey Halpin in PR.
Related to:
PR: 259214
Update:
PR: 259945
MFH: 2021Q4
Approved by: chalpin@cs.wisc.edu (maintainer)
This contains documentation updates, and one code change to the IMAP
client: IMAP: fix error code when LOGIN fails
This recently printed 'we've run out of authentication methods'
instead of the actual authentication failure.
This also formally adds OpenSSL 3.0.0 support.
PR: 258486
Approved by: Corey Halpin (maintainer)
This fixes an IMAP protocol issue affecting all but the first IMAP
server in a run. It also updates translations.
PR: 258146
MFH: 2021Q3
Approved by: Corey Halpin (maintainer)
* CHANGE: fetchmailconf: properly catch and report option parsing errors
* BUG FIX: LMTP: do not try to validate the last component of a
UNIX-domain LMTP socket as though it were a TCP port. Reported by
Christoph Heitkamp, Gitlab issue #33.
* TRANSLATION UPDATE: This fine person has contributed an updated
translation:
- sr: Мирослав Николић (Miroslav Nikolić) [Serbian]
PR: 256242
Approved by: Corey Halpin (maintainer)
fetchmail-6.4.18 (released 2021-03-27, 30011 LoC):
# REGRESSION FIX:
* fetchmailconf: fetchmail 6.4.16 added --sslcertfile to the configuration dump,
but fetchmailconf support was incomplete in Git 7349f124 and it could not
parse sslcertfile, thus the user settings editor came up empty with console
errors printed. Fix configuration parser in fetchmailconf.
# ROBUSTNESS FIXES:
* fetchmailconf: do not require fetchmail for -V. do not require Tk (Tkinter)
for -d option. This is to fail more gracefully on incomplete installs.
* TLS code: remove OPENSSL_NO_DEPRECATED macros to avoid portability issues
with OpenSSL v3 - these are for development purposes, not production.
* TLS futureproofing: use SSL_use_PrivateKey_file instead of
SSL_use_RSAPrivateKey_file, the latter will be deprecated with OpenSSL v3,
and the user's key file might be something else than RSA.
# TRANSLATION UPDATE:
This fine person has contributed an updated translation:
* fi: Lauri Nurmi [Finnish]
PR: 254619
Submitted by: mandree@
Approved by: Corey Halpin (maintainer)
# BUG FIXES
* IMAP client: plus memory leaks for username and password when trying
the LOGIN (password-based) authentication and encountered a timeout situation.
* dist-tools/getstats.py: also counts lines in *.py files [for NEWS file]
# CHANGES
* fetchmail.man: now mentions that you may need to add --ssl when specifying
a TLS-wrapped port.
* fetchmailconf: --version (-V) now prints the Python version in use.
# TRANSLATION UPDATE
* ja: Takeshi Hamasaki [Japanese]
PR: 254208
Approved by: Corey Halpin (maintainer)
MFH: 2021Q1
Update mail/fetchmail{,conf} to 6.4.13 and fix rc script to work correctly
when root's shell does not include /usr/local/bin in $PATH.
mail/fetchmail passes 'poudriere testport' on both i386 and amd64 under
11.4 and 12.1 for the following configurations:
- Default settings
- Default settings, build as non-root
- ssl=base, GSSAPI_MIT
- ssl=base, GSSAPI_NONE
- ssl=openssl
- ssl=openssl with SSL2 and SSL3 disabled
- ssl=openssl, GSSAPI_NONE
- ssl=libressl
- ssl=libressl, GSSAPI_NONE
mail/fetchmailconf passes 'poudriere testport' on both i386 and amd64 under
11.4 and 12.1 with default settings
Additionally, passes bulk -tC on 12.1-arm64.
PR: 250925 [1]
Submitted by: Corey Halpin (maintainer)
PR: 250691 [2, comments #14, #15]
Reported by: Brian Biskeborn [2], Andrey Kiryanov [2]
Turns out that our fetchmail_dump_config() function needs to add
one more level of quoting because it's being unquoted and word split
twice, once by su's shell, and again by sh.
While here, change sh to /bin/sh to make the intention clearer.
Bump PORTREVISION to get the fix out onto the systems.
PR: 250691
Reported by: Helmut Ritter <freebsd-ports@charlieroot.de>
Approved by: chalpin@cs.wisc.edu
MFH: 2020Q4 (blanket, one-line tested working fix, 4-eyes principle)
In a situation where fetchmail is to be started globally with the
configuration in $LOCALBASE/etc, the rc.d file would try to run
fetchmail for the wrong user.
Simplify script more, avoiding recursive call in single-user mode.
Submitted by: Corey Halpin (maintainer, direct mail to mandree@)
Reported by: Armin Tüting
Authors: CH = Corey Halpin, MA = Matthias Andree
- fetchmail's rc script now queries the daemon interval from the
configuration, and falls back to the rc.conf value if given. [CH]
- Similarly, the logging facility will be taken from the configuration [MA]
- Add documentation to the rcfile's header comments. [MA]
- Drop support for fetchmail_home_prefix in rc.conf, and query the
respective users' home directories with getent instead. [MA]
- In the rc scripts, redirect input from /dev/null so it will not ask
for passwords. [MA]
- Add support for the typical 12.1 rc.conf ${name}_... keywords. [MA]
- Make script execution easier to follow by simplifying if...else logic. [CH]
- Fix rcscript's exit code to be 1 if one of the per-user calls fails. [CH]
- Add relevant notes to UPDATING. [MA]
PR: 249860
Submitted by: Corey Halpin (maintainer)
Reported by: Chris James (on fetchmail-users mailing list)
Approved by: Corey Halpin (maintainer)
Fixes these regressions:
- Misleading false complaints that TLSv1.3 support were missing from the
system but still auto-negotiating it (broken in 6.4.9, fixed in 6.4.11).
- README contained NEWS fragments (broken since c. 1 year/c. 6.4.2,
fixed in 6.4.12) instead of the actual contents.
(This was also the reason to skip 6.4.11).
For the potential MFH 6.4.8 -> 6.4.12, 6.4.9 also
adds to the manual page which has is used for fingerprints, MD5,
and adds a Romanian-language translation by Florentina Musat.
PR: 249009
Approved by: Corey Halpin (maintainer)
MFH: 2020Q3 (manpage, README fixes, added translation)
while here, switch distfile back to xz format and update
the > 2^31 "long long" fix so it patches the right place of the NEWS file.
- adds Romanian translation
- minor manual page fix to add "MD5" hash to sslfingerprint documentation
PR: 248954
Approved by: Corey Halpin (maintainer)
Add a patch to document --sslproto tls1.3+ and tls1.3 through the manpage,
which hasn't made 6.4.3-rc2 but works since 6.4.0 assuming that the SSL library
supports TLSv1.3.
Remove fetchmailconf patch that is now part of the upstream code.
Switch to .lz downloads, a tiny bit smaller.
Upstream changelog:
## BUGFIXES:
* Plug memory leaks when parts of the configuration (defaults, rcfile, command
line) override one another.
* fetchmail terminated the placeholder command string too late and included
garbage from the heap at the end of the string. Workaround: don't use place-
holders %h or %p in the --plugin string. Bug added in 6.4.0 when merging
Gitlab merge request !5 in order to fix an input buffer overrun.
Faulty commit 418cda65f752e367fa663fd13884a45fcbc39ddd.
Reported by Stefan Thurner, Gitlab issue #16.
* Fetchmail now checks for errors when trying to read the .idfile,
Gitlab issue #3.
## CHANGES:
* Fetchmail documentation was updated to require OpenSSL 1.1.1.
OpenSSL 1.0.2 reached End Of Life status at the end of the year 2019.
Fetchmail will tolerate, but warn about, 1.0.2 for now on the assumption that
distributors backport security fixes as the need arises.
Fetchmail will also warn if another SSL library that is API-compatible
with OpenSSL lacks TLS v1.3 support.
* If the trust anchor is missing, fetchmail refers the user to README.SSL.
PR: 245187
Submitted by: mandree@
Approved by: Corey Halpin (maintainer)
Fetchmail updated to new revision 6.4.2
- one bugfix
- manual page updates
- update of Chinese (simplified) translation
- massive fetchmailconf overhaul
+ Python 3 compatible (requires py-future)
+ Supports IPv6 and SSL probing
- remove two patches for fetchmail that are in the upstream release
- add a smoke test to fetchmailconf's post-install,
and a patch to support that running without X11 $DISPLAY.
PR: 244130
Submitted by: mandree@
Reviewed by: Corey Halpin <chalpin@cs.wisc.edu> (maintainer)
Approved by: Corey Halpin <chalpin@cs.wisc.edu> (maintainer)
MFH: 2020Q1 (bugfixes and fetchmailconf update and Python3 compat.)
This is to assist with build error diagnosis,
after PRs 240914 and 241032.
Submitted by: mandree@
Approved by: Corey Halpin (maintainer)
(obtained by e-mail outside Bugzilla)
MIPS regressed in r513614 because it does not have a C11
compiler. Fetchmail 6.4.1 is C89 code, one patch we provide
makes it C99 (it requires the long long int type).
The base compiler on powerpc 11/12 does not yield an executable,
but MIPS on the other hand does not offer a C11 compiler,
so for now, revert anything but powerpc before FreeBSD 13
to use its base compiler. FreeBSD 13 is exempt and also uses
the base compiler, because the ARCH guys intend to merge LLVM 9
soon.
PR: 241031
Reviewed by: pkubaj@
Approved by: blanket (fix recent regression from r513614)
