git: 6f60247b9b29 - main - mail/fetchmail: make OPIE and RPA optional, UPDATING info added
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Tue, 05 Nov 2024 20:24:18 UTC
The branch main has been updated by mandree: URL: https://cgit.FreeBSD.org/ports/commit/?id=6f60247b9b290857f7312e1ce3df08bc547df789 commit 6f60247b9b290857f7312e1ce3df08bc547df789 Author: Corey Halpin <chalpin@cs.wisc.edu> AuthorDate: 2024-11-05 20:19:00 +0000 Commit: Matthias Andree <mandree@FreeBSD.org> CommitDate: 2024-11-05 20:24:07 +0000 mail/fetchmail: make OPIE and RPA optional, UPDATING info added Fix a build failure on FreeBSD 14+ with OPIE (now in ports) enabled and NLS disabled, by adding ${LOCALBASE}/include to the compiler's path. OPIE and RPA have been made optional because both have significant security problems. OPIE support was not provided by the port on 14.x until the update to 6.5.0, when it was briefly re-activated. Because of its security flaws, it has now been disabled by default on both 13.x and 14.x. RPA is currently enabled by default, but this will change in a future update. PR: 282444 Reported by: Helge Oldach --- UPDATING | 11 +++++++++++ mail/fetchmail/Makefile | 19 ++++++++++++------- 2 files changed, 23 insertions(+), 7 deletions(-) diff --git a/UPDATING b/UPDATING index 654de4d90d5d..1a674317b048 100644 --- a/UPDATING +++ b/UPDATING @@ -5,6 +5,17 @@ they are unavoidable. You should get into the habit of checking this file for changes each time you update your ports collection, before attempting any port upgrades. +20241104: + AFFECTS: users of mail/fetchmail + AUTHOR: chalpin@cs.wisc.edu + + OPIE and RPA have been made optional because both have significant security + problems. OPIE support was not provided by the port on 14.x until the update + to 6.5.0, when it was briefly re-activated. Because of its security flaws, it + has now been disabled by default on both 13.x and 14.x. + + RPA is currently enabled by default, but this will change in a future update. + 20241019: AFFECTS: users of security/libressl AUTHOR: brnrd@FreeBSD.org diff --git a/mail/fetchmail/Makefile b/mail/fetchmail/Makefile index 0bcc67a95a21..3eae97f3aa3c 100644 --- a/mail/fetchmail/Makefile +++ b/mail/fetchmail/Makefile @@ -1,6 +1,6 @@ PORTNAME?= fetchmail DISTVERSION= 6.5.0 -PORTREVISION?= 0 +PORTREVISION?= 1 CATEGORIES= mail # The next line is inherited by the fetchmailconf dependent port, # do NOT replace fetchmail by ${PORTNAME} @@ -27,9 +27,7 @@ GNU_CONFIGURE_MANPREFIX=${PREFIX}/share # the added PYTHON=: suppresses python builds, # see ../../mail/fetchmailconf/ for the configuration tool -CONFIGURE_ARGS= --enable-opie \ - --enable-RPA \ - --enable-SDPS \ +CONFIGURE_ARGS= --enable-SDPS \ --without-hesiod \ PYTHON=: @@ -45,14 +43,20 @@ PORTDOCS= FAQ FEATURES NEWS NOTES OLDNEWS README README.SSL \ README.SSL-SERVER design-notes.html esrs-design-notes.html \ fetchmail-FAQ.html fetchmail-features.html todo.html -OPTIONS_DEFINE= DOCS NLS -OPTIONS_DEFAULT= GSSAPI_BASE OPENSSL +OPTIONS_DEFINE= OPIE RPA DOCS NLS +OPTIONS_DEFAULT= GSSAPI_BASE OPENSSL RPA OPTIONS_SINGLE= GSSAPI TLS OPTIONS_SINGLE_GSSAPI= GSSAPI_BASE GSSAPI_HEIMDAL GSSAPI_MIT GSSAPI_NONE OPTIONS_SINGLE_TLS= OPENSSL WOLFSSL OPTIONS_SUB= yes +OPIE_CONFIGURE_ON= --enable-opie +OPIE_DESC= Build with OPIE support (deprecated - weak/broken cryptography) + +RPA_CONFIGURE_ON= --enable-RPA +RPA_DESC= Build with RPA support (deprecated - weak/broken cryptography) + GSSAPI_BASE_USES= gssapi GSSAPI_BASE_CONFIGURE_ON= ${GSSAPI_CONFIGURE_ARGS} \ --with-gssapi=${GSSAPIBASEDIR} @@ -101,9 +105,10 @@ post-install-DOCS-on: .include <bsd.port.pre.mk> -.if ${MASTERDIR} == ${.CURDIR} && ${OPSYS} == FreeBSD +.if ${PORT_OPTIONS:MOPIE} && ${MASTERDIR} == ${.CURDIR} && ${OPSYS} == FreeBSD . if ${OSVERSION} >= 1400072 LIB_DEPENDS+= libopie.so:security/opie # moved to port (from base in 13.X) +CPPFLAGS+= -I${LOCALBASE}/include . endif .endif