From mboxrd@z Thu Jan  1 00:00:00 1970
From: git@ipfire.org
To: ipfire-scm@lists.ipfire.org
Subject: [git.ipfire.org] IPFire 2.x development tree branch, next, updated.
 d3cd99830a8554e8f9b4df314210cef82ef69376
Date: Tue, 27 Mar 2018 20:54:35 +0100
Message-ID: <20180327195436.2C5771081DF2@git01.ipfire.org>
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="===============7827801988781109972=="
List-Id: <ipfire-scm.lists.ipfire.org>

--===============7827801988781109972==
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "IPFire 2.x development tree".

The branch, next has been updated
       via  d3cd99830a8554e8f9b4df314210cef82ef69376 (commit)
      from  76f422025ffe1baed977b5c8e1f072e5981e46ff (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit d3cd99830a8554e8f9b4df314210cef82ef69376
Author: Michael Tremer <michael.tremer(a)ipfire.org>
Date:   Tue Mar 27 20:53:31 2018 +0100

    fetchmail: Permit building without SSLv3
   =20
    Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>

-----------------------------------------------------------------------

Summary of changes:
 lfs/fetchmail                                      |  4 +-
 ...etchmail-6.3.26-permit-build-without-ssl3.patch | 62 ++++++++++++++++++++=
++
 2 files changed, 65 insertions(+), 1 deletion(-)
 create mode 100644 src/patches/fetchmail-6.3.26-permit-build-without-ssl3.pa=
tch

Difference in files:
diff --git a/lfs/fetchmail b/lfs/fetchmail
index 33a46b6d3..7386e8fee 100644
--- a/lfs/fetchmail
+++ b/lfs/fetchmail
@@ -32,7 +32,7 @@ DL_FROM    =3D $(URL_IPFIRE)
 DIR_APP    =3D $(DIR_SRC)/$(THISAPP)
 TARGET     =3D $(DIR_INFO)/$(THISAPP)
 PROG       =3D fetchmail
-PAK_VER    =3D 8
+PAK_VER    =3D 9
=20
 DEPS       =3D ""
=20
@@ -77,6 +77,8 @@ $(subst %,%_MD5,$(objects)) :
 $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
 	@$(PREBUILD)
 	@rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar Jxf $(DIR_DL)/$(DL_FILE)
+	cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/fetchmail-6.3.26-permi=
t-build-without-ssl3.patch
+
 	cd $(DIR_APP) && ./configure \
 		--prefix=3D/usr \
 		--with-ssl \
diff --git a/src/patches/fetchmail-6.3.26-permit-build-without-ssl3.patch b/s=
rc/patches/fetchmail-6.3.26-permit-build-without-ssl3.patch
new file mode 100644
index 000000000..5f8b2772a
--- /dev/null
+++ b/src/patches/fetchmail-6.3.26-permit-build-without-ssl3.patch
@@ -0,0 +1,62 @@
+From a2ae6f8d15d7caf815d7bdd13df833fd1b2af5cc Mon Sep 17 00:00:00 2001
+From: Matthias Andree <matthias.andree(a)gmx.de>
+Date: Fri, 16 Jan 2015 20:48:46 +0100
+Subject: [PATCH] Permit build on SSLv3-disabled OpenSSL,
+
+providing that these also omit the declaration of SSLv3_client_method().
+Related to Debian Bug#775255.
+Version report lists -SSLv3 on +SSL builds that omit SSLv3_client_method().
+Version report lists -SSLv2 on +SSL builds that omit SSLv2_client_method().
+
+diff --git a/configure.ac b/configure.ac
+index bdcbb20..9248b26 100644
+--- a/configure.ac
++++ b/configure.ac
+@@ -803,6 +803,7 @@ fi
+=20
+ case "$LIBS" in *-lssl*)
+ 	AC_CHECK_DECLS([SSLv2_client_method],,,[#include <openssl/ssl.h>])
++	AC_CHECK_DECLS([SSLv3_client_method],,,[#include <openssl/ssl.h>])
+ 	;;
+ esac
+=20
+diff --git a/fetchmail.c b/fetchmail.c
+index 5f31d6e..be0e9ab 100644
+--- a/fetchmail.c
++++ b/fetchmail.c
+@@ -263,6 +263,12 @@ int main(int argc, char **argv)
+ #ifdef SSL_ENABLE
+ 	"+SSL"
+ #endif
++#if HAVE_DECL_SSLV2_CLIENT_METHOD + 0 =3D=3D 0
++	"-SSLv2"
++#endif
++#if HAVE_DECL_SSLV3_CLIENT_METHOD + 0 =3D=3D 0
++	"-SSLv3"
++#endif
+ #ifdef OPIE_ENABLE
+ 	"+OPIE"
+ #endif /* OPIE_ENABLE */
+
+diff --git a/socket.c b/socket.c
+index 58a8e15..91a21c2 100644
+--- a/socket.c
++++ b/socket.c
+@@ -910,11 +910,16 @@ int SSLOpen(int sock, char *mycert, char *mykey, const=
 char *myproto, int certck
+ #if HAVE_DECL_SSLV2_CLIENT_METHOD + 0 > 0
+ 			_ctx[sock] =3D SSL_CTX_new(SSLv2_client_method());
+ #else
+-			report(stderr, GT_("Your operating system does not support SSLv2.\n"));
++			report(stderr, GT_("Your OpenSSL version does not support SSLv2.\n"));
+ 			return -1;
+ #endif
+ 		} else if(!strcasecmp("ssl3",myproto)) {
++#if HAVE_DECL_SSLV3_CLIENT_METHOD + 0 > 0
+ 			_ctx[sock] =3D SSL_CTX_new(SSLv3_client_method());
++#else
++			report(stderr, GT_("Your OpenSSL version does not support SSLv3.\n"));
++			return -1;
++#endif
+ 		} else if(!strcasecmp("tls1",myproto)) {
+ 			_ctx[sock] =3D SSL_CTX_new(TLSv1_client_method());
+ 		} else if (!strcasecmp("ssl23",myproto)) {


hooks/post-receive
--
IPFire 2.x development tree

--===============7827801988781109972==--