Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 573352 - net-mail/fetchmail add libressl support and support openssl w/o sslv3
Summary: net-mail/fetchmail add libressl support and support openssl w/o sslv3
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: Current packages (show other bugs)
Hardware: All All
: Normal normal with 2 votes (vote)
Assignee: Net-Mail Packages
URL:
Whiteboard:
Keywords: PullRequest
Depends on:
Blocks: libressl-support openssl-1.1
  Show dependency tree
 
Reported: 2016-01-30 06:00 UTC by maurerpe
Modified: 2018-10-26 18:07 UTC (History)
4 users (show)

See Also:
Package list:
Runtime testing required: ---


Attachments
fetchmail-6.3.26-libressl.patch (fetchmail-6.3.26-libressl.patch,3.86 KB, patch)
2016-01-30 06:02 UTC, maurerpe
Details | Diff
fetchmail.ebuild.diff (fetchmail.ebuild.diff,1.17 KB, patch)
2016-01-30 06:04 UTC, maurerpe
Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description maurerpe 2016-01-30 06:00:30 UTC
The fetchmail ebuild depends on dev-libs/openssl if either the ssl or kerberos use flags are set.  Please update the ebuild to allow use with libressl.

Fetchmail works without a patch for dev-libs/libressl-2.2* however >=dev-libs/libressl-2.3.0 removed ssl3 support and requires a patch to compile.  Upstream as fixed the issue in git but has not had a release since.  Refer to commits:
   http://sourceforge.net/p/fetchmail/git/ci/a2ae6f8d15d7caf815d7bdd13df833fd1b2af5cc/
   http://sourceforge.net/p/fetchmail/git/ci/e6340bf8226c37fc35d41e69348714cba1d7baf5/

This commits also allow operation with openssl build without ssl3 support.

Reproducible: Always
Comment 1 maurerpe 2016-01-30 06:02:38 UTC
Created attachment 424202 [details, diff]
fetchmail-6.3.26-libressl.patch

I have back ported the two upstream commits to 6.3.26 (latest release) with this patch.
Comment 2 maurerpe 2016-01-30 06:04:25 UTC
Created attachment 424204 [details, diff]
fetchmail.ebuild.diff

diff of net-mail/fetchmail-6.3.26-r2.ebuild to add libressl use flag, contengent dev-libs/libressl dependancy and apply the attached patch.
Comment 3 timofonic 2016-03-03 10:22:38 UTC
Any issues about merging the patches?
Comment 4 Randy McCaskill 2017-02-05 04:27:33 UTC
I just verified that this same patch still works for 6.3.26-r3 after changing the version in the ebuild patch.
Comment 5 stephane.goujet 2017-07-22 21:41:39 UTC
Hi.

Is there any update on this, any problem?

I had to manually apply the same kind of patches discussed here on my fetchmail-6.3.26-r3 to be able to use SSL with libressl.
Comment 6 maurerpe 2017-07-23 01:45:01 UTC
Stephane,
   I am glad you were able to use my patch successfully.  Unfortunately, it does not appear that the patch has been merged into portage.  However, I was able to get it added to the libressl overlay: https://github.com/gentoo/libressl.  With that overlay you don't have to add the patches by hand.

You can add the overlay to your system by first ensuring you have layman installed:
emerge --ask layman
and then adding the overlay:
layman --add libressl

Every so often you will need to sync the overlay to get updated ebuilds with:
layman --sync libressl
or
layman --sync-all
Comment 7 stephane.goujet 2017-07-23 11:43:17 UTC
Hi maurerpe,

The patch I applied wasn't yours but a part of another one I found before finding yours, but anyway they do almost the same thing.

Fetchmail is not a very fast moving target (to say the least), so my poor man ebuild will be enough for a while, I guess :-) Now that I've learned to copy and modify ebuilds into a local tree, that's much easier than I thought it was.

My post was mostly intended to ping and wake up the maintainer, know if he encountered specific problem with the patch, and show that one more guy ran into this concern and had to find a workaround.

Thanks for your efforts.
Comment 8 Craig Andrews gentoo-dev 2018-10-24 16:41:13 UTC
Since OpenSSL 1.1 removes SSLv3, this issue now impacts users with OpenSSL >=1.1. Ttested with net-mail/fetchmail-6.3.26-r3 which fails with the error "undefined reference to `SSLv3_client_method'".
Comment 9 Larry the Git Cow gentoo-dev 2018-10-26 18:07:59 UTC
The bug has been closed via the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=b8bc9045644c9e0bb9c6a648bd491dcf8c157f9b

commit b8bc9045644c9e0bb9c6a648bd491dcf8c157f9b
Author:     Craig Andrews <candrews@gentoo.org>
AuthorDate: 2018-10-26 18:00:12 +0000
Commit:     Craig Andrews <candrews@gentoo.org>
CommitDate: 2018-10-26 18:07:51 +0000

    net-mail/fetchmail: libressl and OpenSSL 1.1 support, EAPI=7
    
    Closes: https://bugs.gentoo.org/573352
    Signed-off-by: Craig Andrews <candrews@gentoo.org>
    Package-Manager: Portage-2.3.51, Repoman-2.3.11

 net-mail/fetchmail/fetchmail-6.3.26-r4.ebuild      | 109 +++++++++++++++++++
 .../files/fetchmail-6.3.26-libressl.patch          | 117 +++++++++++++++++++++
 2 files changed, 226 insertions(+)