From: Matthias Andree Date: Wed, 5 Sep 2012 00:59:05 +0000 (+0200) Subject: Fix up merge. X-Git-Url: http://pileus.org/git/?p=~andy%2Ffetchmail;a=commitdiff_plain;h=513aaf8a177b01f2c390fbd600784dd000e9509c Fix up merge. --- diff --git a/Doxyfile b/Doxyfile index 2f2422b5..a3b83278 100644 --- a/Doxyfile +++ b/Doxyfile @@ -31,7 +31,7 @@ PROJECT_NAME = fetchmail # This could be handy for archiving the generated documentation or # if some version control system is used. -PROJECT_NUMBER = legacy_63 +PROJECT_NUMBER = master # The OUTPUT_DIRECTORY tag is used to specify the (relative or absolute) # base path where the generated documentation will be put. diff --git a/Makefile.am b/Makefile.am index 42fd0890..8e494327 100644 --- a/Makefile.am +++ b/Makefile.am @@ -21,7 +21,6 @@ CFLAGS += @libpwmd_CFLAGS@ LDFLAGS += @libpwmd_LIBS@ endif -if HAVE_PYTHON nodist_bin_SCRIPTS= fetchmailconf python_PYTHON= $(pys) dist_man1_MANS+= $(pym) diff --git a/NEWS b/NEWS index a10dd50a..23984363 100644 --- a/NEWS +++ b/NEWS @@ -122,7 +122,28 @@ NOTE THIS IS AN ALPHA RELEASE THAT HAS NOT BEEN THOROUGHLY TESTED! If no authentication method is specified, APOP is automatically tried if offered by the server before we resort to sending the password as clear text. +# KNOWN BUGS AND WORKAROUNDS + (This section floats upwards through the NEWS file so it stays with the + current release information) +* Fetchmail does not handle messages without Message-ID header well + (See sourceforge.net bug #780933) +* BSMTP is mostly untested and errors can cause corrupt output. +* Sun Workshop 6 (SPARC) is known to miscompile the configuration file lexer in + 64-bit mode. Either compile 32-bit code or use GCC to compile 64-bit + fetchmail. Note that fetchmail doesn't take advantage of 64-bit code, + so compiling 32-bit SPARC code should not cause any difficulties. +* Fetchmail does not track pending deletes across crashes. +* The command line interface is sometimes a bit stubborn, for instance, + fetchmail -s doesn't work with a daemon running. +* Linux systems may return duplicates of an IP address in some circumstances if + no or no global IPv6 addresses are configured. + (No workaround. Ubuntu Bug#582585, Novell Bug#606980.) +* Kerberos 5 may be broken, particularly on Heimdal, and provide bogus error + messages. This will not be fixed, because the maintainer has no Kerberos 5 + server to test against. Use GSSAPI. + -------------------------------------------------------------------------------- + fetchmail-6.3.23 (not yet released) # NOTE THAT THE RELEASE OF FUTURE FETCHMAIL 6.3.X VERSIONS IS UNCLEAR. @@ -157,16 +178,16 @@ fetchmail-6.3.22 (released 2012-08-29, 26077 LoC): Reported by J. Porter Clark. * for CVE-2011-3389: - SSL/TLS (wrapped and STARTTLS): fetchmail used to disable a countermeasure - against a certain kind of attack against cipher block chaining initialization + SSL/TLS (wrapped and STARTTLS): fetchmail used to disable a countermeasure + against a certain kind of attack against cipher block chaining initialization vectors (SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS). - Whether this creates an exploitable situation, depends on the server and the + Whether this creates an exploitable situation, depends on the server and the negotiated ciphers. - As a precaution, fetchmail 6.3.22 enables the countermeasure, by clearing + As a precaution, fetchmail 6.3.22 enables the countermeasure, by clearing SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS. - NOTE that this can cause connections to certain non-conforming servers to - fail, in which case you can set the environment variable + NOTE that this can cause connections to certain non-conforming servers to + fail, in which case you can set the environment variable FETCHMAIL_DISABLE_CBC_IV_COUNTERMEASURE to any non-empty value when starting fetchmail to re-instate the compatibility option at the expense of security. @@ -186,8 +207,8 @@ fetchmail-6.3.22 (released 2012-08-29, 26077 LoC): # CHANGES * On systems where SSLv2_client_method isn't defined in OpenSSL (such as newer Debian, and Ubuntu starting with 11.10 oneiric ocelot), don't - reference it (to fix the build) and if configured, print a run-time error - that the OS does not support SSLv2. Fixes Debian Bug #622054, + reference it (to fix the build) and if configured, print a run-time error + that the OS does not support SSLv2. Fixes Debian Bug #622054, but note that that bug report has a more thorough patch that does away with SSLv2 altogether. @@ -220,26 +241,6 @@ fetchmail-6.3.22 (released 2012-08-29, 26077 LoC): * [sv] Swedish, by Göran Uddeborg --- NEW TRANSLATION - Thank you! * [vi] Vietnamese, by Trần Ngọc Quân -# KNOWN BUGS AND WORKAROUNDS - (This section floats upwards through the NEWS file so it stays with the - current release information) -* Fetchmail does not handle messages without Message-ID header well - (See sourceforge.net bug #780933) -* BSMTP is mostly untested and errors can cause corrupt output. -* Sun Workshop 6 (SPARC) is known to miscompile the configuration file lexer in - 64-bit mode. Either compile 32-bit code or use GCC to compile 64-bit - fetchmail. Note that fetchmail doesn't take advantage of 64-bit code, - so compiling 32-bit SPARC code should not cause any difficulties. -* Fetchmail does not track pending deletes across crashes. -* The command line interface is sometimes a bit stubborn, for instance, - fetchmail -s doesn't work with a daemon running. -* Linux systems may return duplicates of an IP address in some circumstances if - no or no global IPv6 addresses are configured. - (No workaround. Ubuntu Bug#582585, Novell Bug#606980.) -* Kerberos 5 may be broken, particularly on Heimdal, and provide bogus error - messages. This will not be fixed, because the maintainer has no Kerberos 5 - server to test against. Use GSSAPI. - fetchmail-6.3.21 (released 2011-08-21, 26011 LoC): @@ -702,8 +703,8 @@ fetchmail 6.3.10 (released 2009-07-02): termination signal properly through sys/wait.h macros. * When acquiring a body, understand NIL ("no such data item"), as returned by some MS Exchange versions. Fixes BerliOS Bug #11980 by KB Sriram. -* Make progress tickers (-v/--showdots) consistent, and update documentation - accordingly ("." for each 1024 octets read, "#" for a header written, and "*" +* Make progress tickers (-v/--showdots) consistent, and update documentation + accordingly ("." for each 1024 octets read, "#" for a header written, and "*" for each body line written.) The conditions under which these had been printed were inconsistent, illogical, and documentation hadn't matched real behaviour for long. @@ -796,7 +797,7 @@ fetchmail 6.3.9 (released 2008-11-16): random memory location (it calls va_arg() too often without resetting it with va_start()). Based on a patch (BerliOS patch #2492) by Petr Uzel, fixes Novell Bug #354291. - Note 6.3.9-rc1 did not completely fix this issue, so it was redrawn a few + Note 6.3.9-rc1 did not completely fix this issue, so it was redrawn a few hours after its release. See also fetchmail-SA-2008-01.txt. * When expunging, mark the right messages as seen to avoid message loss in "keep @@ -832,8 +833,8 @@ fetchmail 6.3.9 (released 2008-11-16): # CHANGES: * autoconf 2.60 is now required to build fetchmail; it uses AC_USE_SYSTEM_EXTENSIONS to replace AC_AIX, AC_MINIX, and the like. -* Removed dead FETCHMAIL_DEBUG code from fetchmail.h that was disabled by - default with no switches in configure to enable it. However, the macro would +* Removed dead FETCHMAIL_DEBUG code from fetchmail.h that was disabled by + default with no switches in configure to enable it. However, the macro would have been prone to a symlink attack. Found by Nico Golde. * Removed dead FORCE_STUFFING code from socket.c that was disabled by default with no switches in configure to enable it. @@ -865,10 +866,10 @@ fetchmail 6.3.9 (released 2008-11-16): # DOCUMENTATION: * Add fetchmail-SA-2007-02.txt and fetchmail-SA-2008-01.txt. -* Re-add two lines to the manual page that had accidentally become comments - to nroff. One was part of the --sslproto documentation, and one in the +* Re-add two lines to the manual page that had accidentally become comments + to nroff. One was part of the --sslproto documentation, and one in the "Awakening the background daemon" section. -* The manual page no longer asserts that .fetchids were for exclusive POP3 use, +* The manual page no longer asserts that .fetchids were for exclusive POP3 use, since it is planned to use the file with IMAP4 later. * Add grammar fixes from Dan Jacobson to fetchmail.man. Debian Bug #461642. * The manual page now mentions that user descriptions need to come before user @@ -888,7 +889,7 @@ fetchmail 6.3.9 (released 2008-11-16): silently accept additional g=x permissions for compatibility with previous 6.2.X and 6.3.X versions. Inconsistency (program 0710, manpage 0600) reported by Petr Uzel. -* The --logfile documentation is now clearer about requiring detached daemon +* The --logfile documentation is now clearer about requiring detached daemon mode. # TRANSLATION UPDATES AND ADDITIONS (ordered by language name): @@ -933,16 +934,16 @@ fetchmail 6.3.8 (released 2007-04-06): # BUG FIXES: * Fix pluralization of oversized-message warning mails. -* Fix manual page: --sslcheck -> --sslcertck, and do not set trailing +* Fix manual page: --sslcheck -> --sslcertck, and do not set trailing "recommended:" in bold. Fixes Debian Bug #413059, reported by Rafal Czlonka. -* Repoll immediately if a protocol error happens during the authentication +* Repoll immediately if a protocol error happens during the authentication attempt after a failed opportunistic TLS upgrade. Fixes comment #9 in Gentoo Bug #163782, reported by Takuto Matsuu. -* Fix rendering of the "24 - 26, 28, 29" paragraph in the exit codes section. +* Fix rendering of the "24 - 26, 28, 29" paragraph in the exit codes section. Reported by Nico Golde. * If SOCKS support was compiled in, add 'socks' to the feature_options Python list emitted in --configdump. Reported by Rob MacGregor. -* Do not crash with a null pointer dereference when opening the BSMTP file +* Do not crash with a null pointer dereference when opening the BSMTP file fails. Improve error checking and reporting. Reported by Reto Schüttel, Debian Bug#416625. Fix based on a patch by Nico Golde. * Make BSMTP output actually work, it would persistently fail with SOCKET error @@ -1526,7 +1527,7 @@ Escalated to "incompatible", 2006-01-13: Darwin. NetBSD PR#28543 (pkg/28543). Matthias Andree. * The RFC-822 parser no longer strips the last character of bare addresses. Matthias Andree -* The IP address matching code was broken and +* The IP address matching code was broken and 1. didn't search exhaustively, but matched only the first IP address of the server's queryname against the IP addresses of the server name to match. 2. didn't match IP aliases versus MX hosts. Matthias Andree @@ -1661,7 +1662,7 @@ fetchmail-6.2.5 (Wed Oct 15 18:39:22 EDT 2003), 23079 lines: * OpenSSL cleanup patches from levinedl@acm.org. * Benjamin Drieu's patch to fix Debian bug #212240, no oversized-message flushing if both "flush" and "limit" were specified. -* Benjamin Drieu's patch for Debian bug #156592, incorrect handing of +* Benjamin Drieu's patch for Debian bug #156592, incorrect handing of host/port option. * Smash all NULs out of headers right after the socket read. * Dup-killer code now keys on an MD5 hash of the raw headers. @@ -1703,7 +1704,7 @@ There are 580 people on fetchmail-friends and 750 on fetchmail-announce. fetchmail-6.2.2 (Fri Feb 28 21:34:26 EST 2003), 22345 lines: * Sunil Shetye's patch to improve behavior on empty messages. -* Conform to RFC2595; reissue capability probes after successful +* Conform to RFC2595; reissue capability probes after successful STARTTLS negotiation. * Sunil's patch to make handling of failed STARTTLS more graceful. * Sunil's JF2 fix patch for .fetchmailrc security. @@ -1720,7 +1721,7 @@ fetchmail-6.2.1 (Tue Jan 14 08:17:19 EST 2003), 22219 lines: * Updated German, Turkish, Spanish, and Danish translation files. * Integrated Sunil Shetye's patch to make mark_seen an explicit method. -* Removed FAQ warning about GMX and associated fetchmailconf check, +* Removed FAQ warning about GMX and associated fetchmailconf check, we have a report that its servers are conformant now. * Another Sunil patch to fix a minor bug in bouncemail generation. @@ -1740,7 +1741,7 @@ fetchmail-6.1.3 (Thu Nov 28 05:35:15 EST 2002), 22203 lines: * Updated Turkish, Danish, German, Spanish, Catalan po files. * Added Slovak support. -* Configure.in update for autoconf 2.5 (Art Haas). +* Configure.in update for autoconf 2.5 (Art Haas). * Be case-insensitive when looking for IMAP responses. * Fix logout-after-idle-delivery bug (Sunil Shetye). * Sunil Shetye's patch to bulletproof end-of-header detection. diff --git a/contrib/rawlog.patch b/contrib/rawlog.patch index bec08b5e..c599797d 100644 --- a/contrib/rawlog.patch +++ b/contrib/rawlog.patch @@ -23,33 +23,6 @@ index c8117a5..89847fe 100644 --- a/socket.c +++ b/socket.c @@ -362,6 +362,49 @@ static SSL *_ssl_context[FD_SETSIZE]; -======= -Note 2: non-printable characters are hex-escaped, so it is safe to use -FETCHMAIL_RAW_LOGFILE=/dev/stderr or similar. - --- Matthias Andree, August 2011 - -diff --git a/sink.c b/sink.c -index 5d92556..ff6208d 100644 ---- a/sink.c -+++ b/sink.c -@@ -649,6 +649,10 @@ int stuffline(struct query *ctl, char *buf) - while ((last += strlen(last)) && (last[-1] != '\n')) - last++; - -+ if (outlevel >= O_DEBUG && (size_t)(last - buf) != strlen(buf)) -+ report(stdout, GT_("DEBUG: stuffline shipping line with NULs, length=%lu, strlen=%lu\n"), last - buf, strlen(buf)); -+ -+ - /* fix message lines that have only \n termination (for qmail) */ - if (ctl->forcecr) - { -diff --git a/socket.c b/socket.c -index e338207..dcaf19d 100644 ---- a/socket.c -+++ b/socket.c -@@ -381,6 +381,49 @@ static SSL *_ssl_context[FD_SETSIZE]; ->>>>>>> legacy_63 static SSL *SSLGetContext( int ); #endif /* SSL_ENABLE */ diff --git a/fm_md5.h b/fm_md5.h index ea61c823..8f367dc6 100644 --- a/fm_md5.h +++ b/fm_md5.h @@ -12,7 +12,7 @@ struct MD5Context { uint32_t bits[2]; union { unsigned char in[64]; - uint32 in32[16]; + uint32_t in32[16]; } u; };