From nobody Tue Nov 05 20:24:18 2024 X-Original-To: dev-commits-ports-main@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Xjfv63Wmmz5bYvl; Tue, 05 Nov 2024 20:24:18 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R10" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Xjfv630N8z4X6t; Tue, 5 Nov 2024 20:24:18 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1730838258; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=y7BvuwyNvn5lon5D/DIE2avGpf5ByCIkA1qP6KB6KPQ=; b=Wfn5B3vPNGRgXKZM2zA0KE8idqBmCPER2ertM+CdN70mak127riIk8J0TMCyXIv6nVmVCO OV2q8BbXk5610TQRuJXA1cbARLUiNf4snfn05wtjfTLUc21athxmm69xUR3BehcR3QS8Q1 6GvqoW/zEOIE4bz/YOViyoZLCXqlBJWHtDYvNrx29EmKm+LZBgmW/YhymA5G7m3C/7cwSx yv0wUIwVsWn5gGE7Y0OFEdC16NPMWyXnp5y+WYLR653wQeN1u5FFZ/criyeBiKKqx+X0fj Lg+Q/JTNtiTCLNhqB3E2D60gO4mfboayj6xc1s/ZDG9b5kaglP8dMl9uUlg0Xg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1730838258; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=y7BvuwyNvn5lon5D/DIE2avGpf5ByCIkA1qP6KB6KPQ=; b=YBh0lDNe0yoaHL/nPdcfBoeQhX9YmR9o4jEb95Q28mOlChwocRPrj6Uu+L4a5yprwADKG9 s0YOKxZx2Ypbg12iw1DeChzgPhESZmApgBvUM/2Z9K4iAj+PfhFyql4sPzNQU2UJ9MVpqU T/429wh0v0IXPkJSCAzLdBm2tVWT/yyC8YlNNVR5trJ9tJf+vUekYEbgec/iINj3VsWVC6 WifHZlhRjQAkYV4s4eYWmVQtEbhDiksqC8RrBEBL+l1ETsOoPXWhTzEKjv9nK69cidOuox 772BJ0fwIZUSk7iBhIKLLMnHZOZ/LtqXfk0IWQUS7U9RCj28QkZpzss0vKjAVg== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1730838258; a=rsa-sha256; cv=none; b=QLkrLVCWbIADysNr77KIr2fGynzkx2xe42f51u4pwU1lu30FPoXBbVcSLGkhpwpeYthJ5+ 89wpmkqFa4x3JRXkA1yk/qMZBdI/mQ/hfGyLNLD4AcYC91JvQ7nLWTGFNdd9ezot/9BoPH cwbJaGJOex7VtvcTgMJN0L6CNgi7KOGF5qzDdNfYktVgyi3nrXfMrxWnGI6iG3hLG59gKQ /um5iO/WEkn10xNYwnpaBdDYiPv8T4T8lbvvKcIrx7YLs5YyO/VYeS7W+EZin2NctyLEbL /oJ3PMfUmNAcNSR4NIz1uryZ6sniCjGJE37Qc9KmrF9AV8gtCPqFFSmB5DVa/w== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4Xjfv62bd2zXpx; Tue, 5 Nov 2024 20:24:18 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 4A5KOIAK046585; Tue, 5 Nov 2024 20:24:18 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 4A5KOI8Z046582; Tue, 5 Nov 2024 20:24:18 GMT (envelope-from git) Date: Tue, 5 Nov 2024 20:24:18 GMT Message-Id: <202411052024.4A5KOI8Z046582@gitrepo.freebsd.org> To: ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org, dev-commits-ports-main@FreeBSD.org From: Matthias Andree Subject: git: 6f60247b9b29 - main - mail/fetchmail: make OPIE and RPA optional, UPDATING info added List-Id: Commits to the main branch of the FreeBSD ports repository List-Archive: https://lists.freebsd.org/archives/dev-commits-ports-main List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-ports-main@freebsd.org Sender: owner-dev-commits-ports-main@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: mandree X-Git-Repository: ports X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: 6f60247b9b290857f7312e1ce3df08bc547df789 Auto-Submitted: auto-generated The branch main has been updated by mandree: URL: https://cgit.FreeBSD.org/ports/commit/?id=6f60247b9b290857f7312e1ce3df08bc547df789 commit 6f60247b9b290857f7312e1ce3df08bc547df789 Author: Corey Halpin AuthorDate: 2024-11-05 20:19:00 +0000 Commit: Matthias Andree CommitDate: 2024-11-05 20:24:07 +0000 mail/fetchmail: make OPIE and RPA optional, UPDATING info added Fix a build failure on FreeBSD 14+ with OPIE (now in ports) enabled and NLS disabled, by adding ${LOCALBASE}/include to the compiler's path. OPIE and RPA have been made optional because both have significant security problems. OPIE support was not provided by the port on 14.x until the update to 6.5.0, when it was briefly re-activated. Because of its security flaws, it has now been disabled by default on both 13.x and 14.x. RPA is currently enabled by default, but this will change in a future update. PR: 282444 Reported by: Helge Oldach --- UPDATING | 11 +++++++++++ mail/fetchmail/Makefile | 19 ++++++++++++------- 2 files changed, 23 insertions(+), 7 deletions(-) diff --git a/UPDATING b/UPDATING index 654de4d90d5d..1a674317b048 100644 --- a/UPDATING +++ b/UPDATING @@ -5,6 +5,17 @@ they are unavoidable. You should get into the habit of checking this file for changes each time you update your ports collection, before attempting any port upgrades. +20241104: + AFFECTS: users of mail/fetchmail + AUTHOR: chalpin@cs.wisc.edu + + OPIE and RPA have been made optional because both have significant security + problems. OPIE support was not provided by the port on 14.x until the update + to 6.5.0, when it was briefly re-activated. Because of its security flaws, it + has now been disabled by default on both 13.x and 14.x. + + RPA is currently enabled by default, but this will change in a future update. + 20241019: AFFECTS: users of security/libressl AUTHOR: brnrd@FreeBSD.org diff --git a/mail/fetchmail/Makefile b/mail/fetchmail/Makefile index 0bcc67a95a21..3eae97f3aa3c 100644 --- a/mail/fetchmail/Makefile +++ b/mail/fetchmail/Makefile @@ -1,6 +1,6 @@ PORTNAME?= fetchmail DISTVERSION= 6.5.0 -PORTREVISION?= 0 +PORTREVISION?= 1 CATEGORIES= mail # The next line is inherited by the fetchmailconf dependent port, # do NOT replace fetchmail by ${PORTNAME} @@ -27,9 +27,7 @@ GNU_CONFIGURE_MANPREFIX=${PREFIX}/share # the added PYTHON=: suppresses python builds, # see ../../mail/fetchmailconf/ for the configuration tool -CONFIGURE_ARGS= --enable-opie \ - --enable-RPA \ - --enable-SDPS \ +CONFIGURE_ARGS= --enable-SDPS \ --without-hesiod \ PYTHON=: @@ -45,14 +43,20 @@ PORTDOCS= FAQ FEATURES NEWS NOTES OLDNEWS README README.SSL \ README.SSL-SERVER design-notes.html esrs-design-notes.html \ fetchmail-FAQ.html fetchmail-features.html todo.html -OPTIONS_DEFINE= DOCS NLS -OPTIONS_DEFAULT= GSSAPI_BASE OPENSSL +OPTIONS_DEFINE= OPIE RPA DOCS NLS +OPTIONS_DEFAULT= GSSAPI_BASE OPENSSL RPA OPTIONS_SINGLE= GSSAPI TLS OPTIONS_SINGLE_GSSAPI= GSSAPI_BASE GSSAPI_HEIMDAL GSSAPI_MIT GSSAPI_NONE OPTIONS_SINGLE_TLS= OPENSSL WOLFSSL OPTIONS_SUB= yes +OPIE_CONFIGURE_ON= --enable-opie +OPIE_DESC= Build with OPIE support (deprecated - weak/broken cryptography) + +RPA_CONFIGURE_ON= --enable-RPA +RPA_DESC= Build with RPA support (deprecated - weak/broken cryptography) + GSSAPI_BASE_USES= gssapi GSSAPI_BASE_CONFIGURE_ON= ${GSSAPI_CONFIGURE_ARGS} \ --with-gssapi=${GSSAPIBASEDIR} @@ -101,9 +105,10 @@ post-install-DOCS-on: .include -.if ${MASTERDIR} == ${.CURDIR} && ${OPSYS} == FreeBSD +.if ${PORT_OPTIONS:MOPIE} && ${MASTERDIR} == ${.CURDIR} && ${OPSYS} == FreeBSD . if ${OSVERSION} >= 1400072 LIB_DEPENDS+= libopie.so:security/opie # moved to port (from base in 13.X) +CPPFLAGS+= -I${LOCALBASE}/include . endif .endif