Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package fetchmail for openSUSE:Factory checked in at 2024-11-30 13:28:22 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/fetchmail (Old) and /work/SRC/openSUSE:Factory/.fetchmail.new.28523 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "fetchmail" Sat Nov 30 13:28:22 2024 rev:115 rq:1227351 version:6.5.1 Changes: -------- --- /work/SRC/openSUSE:Factory/fetchmail/fetchmail.changes 2024-04-12 17:38:30.099964996 +0200 +++ /work/SRC/openSUSE:Factory/.fetchmail.new.28523/fetchmail.changes 2024-11-30 13:29:24.629615624 +0100 @@ -1,0 +2,29 @@ +Tue Nov 26 09:22:07 UTC 2024 - Angel Yankov <[email protected]> + +- Upgrade to 6.5.1 + * Drop two wolfSSL compile-time checks that were for older 6.4 or for future + 7.0 releases and broke compilation with wolfSSL 5.7.4. + Fixes https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=282413#c4 + * Use %p instead of non-portable %#p for one wolfSSL-related diagnostic message + (FreeBSD defines %#p to be %p, on many other platforms it's undefined + behavior). + * Add regex_helper.c to list of files that contain translatable strings, + which contains two strings we missed to translate. + * Simplify EVP_MD_fetch API detection ("like OpenSSL 3" vs. "like OpenSSL 1") + for version switch and base it on the claimed OpenSSL version of the crypto + SSL, which works for LibreSSL (claims OpenSSL 2) and wolfSSL alike. + * Several translations added + - Rebased fetchmail-6.3.8-smtp_errors.patch + - Rebased fetchmail-FAQ-list-gmail-options-including-oauthbearer-and-app.patch + - Rebased fetchmail-add-contrib-fetchnmail-oauth2.py-token-acquisition-u.patch + - Rebased fetchmail-add-imap-oauthbearer-support.patch + - Rebased fetchmail-add-passwordfile-and-passwordfd-options.patch + - Rebased fetchmail-add-query_to64_outsize-utility-function.patch + - Rebased fetchmail-bump-max-passwordlen-to-1bytes.patch + - Rebased fetchmail-give-each-ctl-it-s-own-copy-of-password.patch + - Rebased fetchmail-increase-max-password-length-to-handle-oauth-tokens.patch + - Rebased fetchmail-re-read-passwordfile-on-every-poll.patch + - Rebased fetchmail-support-oauthbearer-xoauth2-with-pop3.patch + - Rebased fetchmailconf-no-more-future.patch + +------------------------------------------------------------------- Old: ---- fetchmail-6.4.38.tar.xz fetchmail-6.4.38.tar.xz.asc New: ---- fetchmail-6.5.1.tar.xz fetchmail-6.5.1.tar.xz.asc ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ fetchmail.spec ++++++ --- /var/tmp/diff_new_pack.SRnhdg/_old 2024-11-30 13:29:25.325644615 +0100 +++ /var/tmp/diff_new_pack.SRnhdg/_new 2024-11-30 13:29:25.329644781 +0100 @@ -21,13 +21,13 @@ %define _fillupdir %{_localstatedir}/adm/fillup-templates %endif Name: fetchmail -Version: 6.4.38 +Version: 6.5.1 Release: 0 Summary: Full-Featured POP and IMAP Mail Retrieval Daemon License: GPL-2.0-or-later URL: https://www.fetchmail.info/ -Source0: https://sourceforge.net/projects/%{name}/files/branch_6.4/%{name}-%{version}.tar.xz -Source1: https://sourceforge.net/projects/%{name}/files/branch_6.4/%{name}-%{version}.tar.xz.asc +Source0: https://sourceforge.net/projects/%{name}/files/branch_6.5/%{name}-%{version}.tar.xz +Source1: https://sourceforge.net/projects/%{name}/files/branch_6.5/%{name}-%{version}.tar.xz.asc Source2: %{name}.logrotate Source3: sysconfig.%{name} Source5: %{name}.keyring ++++++ fetchmail-6.3.8-smtp_errors.patch ++++++ --- /var/tmp/diff_new_pack.SRnhdg/_old 2024-11-30 13:29:25.361646114 +0100 +++ /var/tmp/diff_new_pack.SRnhdg/_new 2024-11-30 13:29:25.365646280 +0100 @@ -6,11 +6,11 @@ # be considered that important. # 2) use the 501 error code to mark spam - in such a case # the 'antispam' option should be used -Index: fetchmail-6.4.1/sink.c +Index: fetchmail-6.5.1/sink.c =================================================================== ---- fetchmail-6.4.1.orig/sink.c -+++ fetchmail-6.4.1/sink.c -@@ -536,6 +536,19 @@ static int handle_smtp_report(struct que +--- fetchmail-6.5.1.orig/sink.c ++++ fetchmail-6.5.1/sink.c +@@ -526,6 +526,19 @@ static int handle_smtp_report(struct que free(responses[0]); return(PS_TRANSIENT); @@ -30,7 +30,7 @@ default: /* bounce non-transient errors back to the sender */ if (smtperr >= 500 && smtperr <= 599) -@@ -601,7 +614,7 @@ static int handle_smtp_report_without_bo +@@ -591,7 +604,7 @@ static int handle_smtp_report_without_bo case 553: /* invalid sending domain */ return(PS_REFUSED); ++++++ fetchmail-6.4.38.tar.xz -> fetchmail-6.5.1.tar.xz ++++++ ++++ 105899 lines of diff (skipped) ++++++ fetchmail-FAQ-list-gmail-options-including-oauthbearer-and-app.patch ++++++ --- /var/tmp/diff_new_pack.SRnhdg/_old 2024-11-30 13:29:25.709660610 +0100 +++ /var/tmp/diff_new_pack.SRnhdg/_new 2024-11-30 13:29:25.713660777 +0100 @@ -8,15 +8,15 @@ fetchmail-FAQ.html | 24 +++++++++++++++++++++--- 1 file changed, 21 insertions(+), 3 deletions(-) ---- a/fetchmail-FAQ.html -+++ b/fetchmail-FAQ.html -@@ -1949,9 +1949,27 @@ sites.)</p> - <p>Google has started pushing towards more complex authentication - schemes based on OAuth 2.0 that require clients and users - to jump through quite a few hoops, and use web browsers for signing in. --If this hinders access to your account through fetchmail, you may need to turn on access for "less secure apps" at <a -- href="https://myaccount.google.com/lesssecureapps";>https://myaccount.google.com/lesssecureapps</a>.<br/> --It is disputable whether an application that does not include web +Index: fetchmail-6.5.1/fetchmail-FAQ.html +=================================================================== +--- fetchmail-6.5.1.orig/fetchmail-FAQ.html ++++ fetchmail-6.5.1/fetchmail-FAQ.html +@@ -1956,12 +1956,28 @@ authentication schemes based on OAuth 2. + users to jump through quite a few hoops, and use web browsers for + signing in, and software vendors to hand in their software for + sometimes paid reviews. Such is not going to happen for fetchmail. ++ +If this hinders access to your account through fetchmail, you have some +options:</p> +<ul> @@ -37,8 +37,13 @@ + But G-suite administrators are more likely to have disabled + this option than "App Password"s.</li> +</ul> -+<p>It is disputable whether an application that does not include web + +-If this hinders access to your account through fetchmail, you may +-need to turn on access for "less secure apps", or create an application or service specific password. +- +-For Google, this - at some point in time - used to live at <a +- href="https://myaccount.google.com/lesssecureapps";>https://myaccount.google.com/lesssecureapps</a>.<br/> + It is disputable whether an application that does not include web browsing capabilities or heavy-weight libraries is "less secure" as Google claims.</p> - ++++++ fetchmail-add-contrib-fetchnmail-oauth2.py-token-acquisition-u.patch ++++++ --- /var/tmp/diff_new_pack.SRnhdg/_old 2024-11-30 13:29:25.725661276 +0100 +++ /var/tmp/diff_new_pack.SRnhdg/_new 2024-11-30 13:29:25.729661443 +0100 @@ -11,8 +11,10 @@ 3 files changed, 575 insertions(+), 1 deletion(-) create mode 100755 contrib/fetchmail-oauth2.py ---- a/contrib/README -+++ b/contrib/README +Index: fetchmail-6.5.1/contrib/README +=================================================================== +--- fetchmail-6.5.1.orig/contrib/README ++++ fetchmail-6.5.1/contrib/README @@ -181,6 +181,12 @@ sendmail 8.11.0 with multidrop. Watchdog script to check whether fetchmail is working in daemon mode. @@ -26,8 +28,10 @@ ### mold-remover.py A short python script to remove old read mail from a pop3 mailserver. +Index: fetchmail-6.5.1/contrib/fetchmail-oauth2.py +=================================================================== --- /dev/null -+++ b/contrib/fetchmail-oauth2.py ++++ fetchmail-6.5.1/contrib/fetchmail-oauth2.py @@ -0,0 +1,567 @@ +#!/usr/bin/python +# @@ -596,9 +600,11 @@ + +if __name__ == '__main__': + main(sys.argv) ---- a/fetchmail.man -+++ b/fetchmail.man -@@ -1073,7 +1073,8 @@ External tools are necessary to obtain +Index: fetchmail-6.5.1/fetchmail.man +=================================================================== +--- fetchmail-6.5.1.orig/fetchmail.man ++++ fetchmail-6.5.1/fetchmail.man +@@ -1181,7 +1181,8 @@ External tools are necessary to obtain such tokens. Access tokens often expire fairly quickly (e.g. 1 hour), and new ones need to be generated from renewal tokens, so the "passwordfile", "passwordfd", or "pwmd_*" options may be useful. See the ++++++ fetchmail-add-imap-oauthbearer-support.patch ++++++ --- /var/tmp/diff_new_pack.SRnhdg/_old 2024-11-30 13:29:25.745662109 +0100 +++ /var/tmp/diff_new_pack.SRnhdg/_new 2024-11-30 13:29:25.749662276 +0100 @@ -17,9 +17,11 @@ rcfile_l.l | 1 8 files changed, 137 insertions(+), 5 deletions(-) ---- a/conf.c -+++ b/conf.c -@@ -288,6 +288,8 @@ void dump_config(struct runctl *runp, st +Index: fetchmail-6.5.1/conf.c +=================================================================== +--- fetchmail-6.5.1.orig/conf.c ++++ fetchmail-6.5.1/conf.c +@@ -284,6 +284,8 @@ void dump_config(struct runctl *runp, st stringdump("auth", "otp"); else if (ctl->server.authenticate == A_MSN) stringdump("auth", "msn"); @@ -28,10 +30,12 @@ #ifdef HAVE_RES_SEARCH booldump("dns", ctl->server.dns); ---- a/fetchmail.c -+++ b/fetchmail.c -@@ -1783,6 +1783,9 @@ static void dump_params (struct runctl * - case A_SSH: +Index: fetchmail-6.5.1/fetchmail.c +=================================================================== +--- fetchmail-6.5.1.orig/fetchmail.c ++++ fetchmail-6.5.1/fetchmail.c +@@ -1804,6 +1804,9 @@ static void dump_params (struct runctl * + case A_IMPLICIT: printf(GT_(" End-to-end encryption assumed.\n")); break; + case A_OAUTHBEARER: @@ -40,17 +44,19 @@ } if (ctl->server.principal != (char *) NULL) printf(GT_(" Mail service principal is: %s\n"), ctl->server.principal); ---- a/fetchmail.h -+++ b/fetchmail.h -@@ -79,6 +79,7 @@ struct addrinfo; - #define A_SSH 8 /* authentication at session level */ +Index: fetchmail-6.5.1/fetchmail.h +=================================================================== +--- fetchmail-6.5.1.orig/fetchmail.h ++++ fetchmail-6.5.1/fetchmail.h +@@ -64,6 +64,7 @@ struct addrinfo; + #define A_IMPLICIT 8 /* authentication at session level */ #define A_MSN 9 /* same as NTLM with keyword MSN */ #define A_EXTERNAL 10 /* external authentication (client cert) */ +#define A_OAUTHBEARER 11 /** oauth2 access token (not password) */ /* some protocols or authentication types (KERBEROS, GSSAPI, SSH) don't * require a password */ -@@ -114,6 +115,7 @@ struct addrinfo; +@@ -99,6 +100,7 @@ struct addrinfo; #define MSGBUFSIZE 8192 #define NAMELEN 64 /* max username length */ @@ -58,18 +64,22 @@ #define PASSWORDLEN 256 /* max password length */ #define DIGESTLEN 33 /* length of MD5 digest */ ---- a/fetchmail.man -+++ b/fetchmail.man -@@ -1006,7 +1006,7 @@ AUTHENTICATION below for details). The +Index: fetchmail-6.5.1/fetchmail.man +=================================================================== +--- fetchmail-6.5.1.orig/fetchmail.man ++++ fetchmail-6.5.1/fetchmail.man +@@ -1113,8 +1113,8 @@ AUTHENTICATION below for details). The \&\fBpassword\fP, \fBkerberos_v5\fP, \fBkerberos\fP (or, for excruciating exactness, \fBkerberos_v4\fP), \fBgssapi\fP, \fBcram\-md5\fP, \fBotp\fP, \fBntlm\fP, \fBmsn\fP (only for POP3), --\fBexternal\fP (only IMAP) and \fBssh\fP. -+\fBexternal\fP (only IMAP), \fBssh\fP and \fBoauthbearer\fP (only IMAP). +-\fBexternal\fP (only IMAP) and \fBimplicit\fP (\fBssh\fP is understood +-as alias for \fBimplicit\fP). ++\fBexternal\fP (only IMAP), \fBimplicit\fP (\fBssh\fP is understood ++as alias for \fBimplicit\fP) and \fBoauthbearer\fP (only IMAP). When \fBany\fP (the default) is specified, fetchmail tries first methods that do not require a password (EXTERNAL, GSSAPI, KERBEROS\ IV, KERBEROS\ 5); then it looks for methods that mask your password -@@ -1031,8 +1031,24 @@ authentication. This option does not wo +@@ -1139,8 +1139,24 @@ authentication. This option does not wo in line with RFC-2743 and IANA registrations, see .UR https://www.iana.org/assignments/gssapi-service-names/ Generic Security Service Application Program Interface (GSSAPI)/Kerberos/Simple @@ -96,31 +106,35 @@ .SS Miscellaneous Options .TP .B \-f <pathname> | \-\-fetchmailrc <pathname> -@@ -2325,7 +2341,9 @@ Legal protocol identifiers for use with +@@ -2475,7 +2491,9 @@ Legal protocol identifiers for use with .PP Legal authentication types are 'any', 'password', 'kerberos', \&'kerberos_v4', 'kerberos_v5' and 'gssapi', 'cram\-md5', 'otp', 'msn' --(only for POP3), 'ntlm', 'ssh', 'external' (only IMAP). -+(only for POP3), 'ntlm', 'ssh', 'external' (only IMAP), +-(only for POP3), 'ntlm', 'implicit', 'external' (only IMAP). ++(only for POP3), 'ntlm', 'implicit', 'external' (only IMAP), +'oauthbearer' (only for IMAP; requires authentication token in +place of password). The 'password' type specifies authentication by normal transmission of a password (the password may be plain text or subject to protocol-specific encryption as in CRAM-MD5); ---- a/fetchmailconf.py -+++ b/fetchmailconf.py -@@ -500,7 +500,7 @@ defaultports = {"auto":None, +Index: fetchmail-6.5.1/fetchmailconf.py +=================================================================== +--- fetchmail-6.5.1.orig/fetchmailconf.py ++++ fetchmail-6.5.1/fetchmailconf.py +@@ -499,7 +499,7 @@ defaultports = {"auto":None, "ODMR":"odmr"} - authlist = ("any", "password", "gssapi", "kerberos", "ssh", "otp", + authlist = ("any", "password", "gssapi", "kerberos", "implicit", "otp", - "msn", "ntlm") + "msn", "ntlm", "oauthbearer") listboxhelp = { 'title' : 'List Selection Help', ---- a/imap.c -+++ b/imap.c -@@ -26,6 +26,10 @@ +Index: fetchmail-6.5.1/imap.c +=================================================================== +--- fetchmail-6.5.1.orig/imap.c ++++ fetchmail-6.5.1/imap.c +@@ -24,6 +24,10 @@ #define IMAP4 0 /* IMAP4 rev 0, RFC1730 */ #define IMAP4rev1 1 /* IMAP4 rev 1, RFC2060 */ @@ -131,7 +145,7 @@ /* global variables: please reinitialize them explicitly for proper * working in daemon mode */ -@@ -51,6 +55,8 @@ static void clear_sessiondata(void) { +@@ -49,6 +53,8 @@ static void clear_sessiondata(void) { * a const initializer */ const char *const capa_begin = " [CAPABILITY "; const unsigned capa_len = 13; @@ -140,7 +154,7 @@ /* mailbox variables initialized in imap_getrange() */ static int count = 0, oldcount = 0, recentcount = 0, unseen = 0, deletions = 0; static unsigned int startcount = 1; -@@ -266,6 +272,21 @@ static int imap_response(int sock, char +@@ -262,6 +268,21 @@ static int imap_response(int sock, char if (ok != PS_SUCCESS) return(ok); @@ -162,7 +176,7 @@ /* all tokens in responses are caseblind */ for (cp = buf; *cp; cp++) if (islower((unsigned char)*cp)) -@@ -396,6 +417,69 @@ static int do_imap_ntlm(int sock, struct +@@ -394,6 +415,69 @@ static int do_imap_ntlm(int sock, struct } #endif /* NTLM */ @@ -232,7 +246,7 @@ static void imap_canonicalize(char *result, char *raw, size_t maxlen) /* encode an IMAP password as per RFC1730's quoting conventions */ { -@@ -582,6 +666,26 @@ static int imap_getauth(int sock, struct +@@ -584,6 +668,26 @@ static int imap_getauth(int sock, struct for future maintenance */ (void)ok; @@ -259,9 +273,11 @@ /* Yahoo hack - we'll just try ID if it was offered by the server, * and IGNORE errors. */ { ---- a/options.c -+++ b/options.c -@@ -421,6 +421,8 @@ int parsecmdline (int argc /** argument +Index: fetchmail-6.5.1/options.c +=================================================================== +--- fetchmail-6.5.1.orig/options.c ++++ fetchmail-6.5.1/options.c +@@ -395,6 +395,8 @@ int parsecmdline (int argc /** argument ctl->server.authenticate = A_ANY; else if (strcmp(optarg, "msn") == 0) ctl->server.authenticate = A_MSN; @@ -270,14 +286,16 @@ else { fprintf(stderr,GT_("Invalid authentication `%s' specified.\n"), optarg); errflag++; ---- a/rcfile_l.l -+++ b/rcfile_l.l -@@ -106,6 +106,7 @@ cram(-md5)? { SETSTATE(0); yylval.proto +Index: fetchmail-6.5.1/rcfile_l.l +=================================================================== +--- fetchmail-6.5.1.orig/rcfile_l.l ++++ fetchmail-6.5.1/rcfile_l.l +@@ -103,6 +103,7 @@ cram(-md5)? { SETSTATE(0); yylval.proto msn { SETSTATE(0); yylval.proto = A_MSN; return AUTHTYPE;} ntlm { SETSTATE(0); yylval.proto = A_NTLM; return AUTHTYPE;} <AUTH>password { SETSTATE(0); yylval.proto = A_PASSWORD; return AUTHTYPE;} +oauthbearer { SETSTATE(0); yylval.proto = A_OAUTHBEARER; return AUTHTYPE;} timeout { return TIMEOUT;} + idletimeout { return IDLETIMEOUT;} envelope { return ENVELOPE; } - qvirtual { return QVIRTUAL; } ++++++ fetchmail-add-passwordfile-and-passwordfd-options.patch ++++++ --- /var/tmp/diff_new_pack.SRnhdg/_old 2024-11-30 13:29:25.765662942 +0100 +++ /var/tmp/diff_new_pack.SRnhdg/_new 2024-11-30 13:29:25.769663109 +0100 @@ -13,18 +13,20 @@ rcfile_y.y | 6 ++++ 6 files changed, 145 insertions(+), 3 deletions(-) ---- a/fetchmail.c -+++ b/fetchmail.c -@@ -451,7 +451,7 @@ int main(int argc, char **argv) +Index: fetchmail-6.5.1/fetchmail.c +=================================================================== +--- fetchmail-6.5.1.orig/fetchmail.c ++++ fetchmail-6.5.1/fetchmail.c +@@ -471,7 +471,7 @@ int main(int argc, char **argv) /* Server won't care what the password is, but there must be some non-null string here. */ ctl->password = ctl->remotename; - else + else if (!ctl->passwordfile && ctl->passwordfd==-1) { - netrc_entry *p; + const netrc_entry *p; -@@ -618,8 +618,81 @@ int main(int argc, char **argv) +@@ -649,8 +649,81 @@ int main(int argc, char **argv) if (ctl->active && !(implicitmode && ctl->server.skip) && !NO_PASSWORD(ctl) && !ctl->password) { @@ -107,7 +109,7 @@ fprintf(stderr, GT_("fetchmail: can't find a password for %s@%s.\n"), ctl->remotename, ctl->server.pollname); -@@ -1035,6 +1108,10 @@ static void optmerge(struct query *h2, s +@@ -1046,6 +1119,10 @@ static void optmerge(struct query *h2, s FLAG_MERGE(wildcard); STRING_MERGE(remotename); STRING_MERGE(password); @@ -118,17 +120,19 @@ STRING_MERGE(mda); STRING_MERGE(bsmtp); FLAG_MERGE(listener); -@@ -1099,6 +1176,7 @@ static int load_params(int argc, char ** +@@ -1112,6 +1189,7 @@ static int load_params(int argc, char ** def_opts.smtp_socket = -1; def_opts.smtpaddress = (char *)0; def_opts.smtpname = (char *)0; + def_opts.passwordfd = -1; def_opts.server.protocol = P_AUTO; def_opts.server.timeout = CLIENT_TIMEOUT; - def_opts.server.esmtp_name = user; ---- a/fetchmail.h -+++ b/fetchmail.h -@@ -326,6 +326,8 @@ struct query + def_opts.server.idle_timeout = CLIENT_IDLE_TIMEOUT; +Index: fetchmail-6.5.1/fetchmail.h +=================================================================== +--- fetchmail-6.5.1.orig/fetchmail.h ++++ fetchmail-6.5.1/fetchmail.h +@@ -312,6 +312,8 @@ struct query int wildcard; /* should unmatched names be passed through */ char *remotename; /* remote login name to use */ char *password; /* remote password to use */ @@ -137,9 +141,11 @@ struct idlist *mailboxes; /* list of mailboxes to check */ /* per-forwarding-target data */ ---- a/fetchmail.man -+++ b/fetchmail.man -@@ -949,6 +949,37 @@ The default is your login name on the cl +Index: fetchmail-6.5.1/fetchmail.man +=================================================================== +--- fetchmail-6.5.1.orig/fetchmail.man ++++ fetchmail-6.5.1/fetchmail.man +@@ -1056,6 +1056,37 @@ The default is your login name on the cl \fBfetchmail\fP. See USER AUTHENTICATION below for a complete description. .TP @@ -177,7 +183,7 @@ .B \-I <specification> | \-\-interface <specification> (Keyword: interface) .br -@@ -1040,7 +1071,8 @@ setting also allows the non-standard "xo +@@ -1148,7 +1179,8 @@ setting also allows the non-standard "xo the same token) if the server only claims to support "xoauth2". External tools are necessary to obtain such tokens. Access tokens often expire fairly quickly (e.g. 1 hour), @@ -187,7 +193,7 @@ oauth2.py script from .URL https://github.com/google/gmail-oauth2-tools/wiki/OAuth2DotPyRunThrough "Google's Oauth2 Run Through" , and other oauth2 documentation. For services like gmail, an "App Password" -@@ -1953,6 +1985,12 @@ T} +@@ -2100,6 +2132,12 @@ T} pass[word] \& \& T{ Specify remote account password T} @@ -200,9 +206,11 @@ ssl \& \& T{ Connect to server over the specified base protocol using SSL encryption T} ---- a/options.c -+++ b/options.c -@@ -31,6 +31,8 @@ enum { +Index: fetchmail-6.5.1/options.c +=================================================================== +--- fetchmail-6.5.1.orig/options.c ++++ fetchmail-6.5.1/options.c +@@ -29,6 +29,8 @@ enum { LA_POSTMASTER, LA_NOBOUNCE, LA_AUTH, @@ -211,7 +219,7 @@ LA_FETCHDOMAINS, LA_BSMTP, LA_LMTP, -@@ -94,6 +96,8 @@ static const struct option longoptions[] +@@ -98,6 +100,8 @@ static const struct option longoptions[] {"port", required_argument, (int *) 0, 'P' }, {"service", required_argument, (int *) 0, 'P' }, {"auth", required_argument, (int *) 0, LA_AUTH}, @@ -220,7 +228,7 @@ {"timeout", required_argument, (int *) 0, 't' }, {"envelope", required_argument, (int *) 0, 'E' }, {"qvirtual", required_argument, (int *) 0, 'Q' }, -@@ -261,6 +265,7 @@ int parsecmdline (int argc /** argument +@@ -231,6 +235,7 @@ int parsecmdline (int argc /** argument memset(ctl, '\0', sizeof(struct query)); /* start clean */ ctl->smtp_socket = -1; @@ -228,7 +236,7 @@ while (!errflag && (c = getopt_long(argc,argv,shortoptions, -@@ -428,6 +433,17 @@ int parsecmdline (int argc /** argument +@@ -402,6 +407,17 @@ int parsecmdline (int argc /** argument errflag++; } break; @@ -246,9 +254,11 @@ case 't': ctl->server.timeout = xatoi(optarg, &errflag); if (ctl->server.timeout == 0) ---- a/rcfile_l.l -+++ b/rcfile_l.l -@@ -118,6 +118,8 @@ accept { return ACCEPT; } +Index: fetchmail-6.5.1/rcfile_l.l +=================================================================== +--- fetchmail-6.5.1.orig/rcfile_l.l ++++ fetchmail-6.5.1/rcfile_l.l +@@ -116,6 +116,8 @@ accept { return ACCEPT; } reject { return REJECT_; } user(name)? {SETSTATE(NAME); return USERNAME; } @@ -257,17 +267,19 @@ <INITIAL,NAME>pass(word)? {SETSTATE(NAME); return PASSWORD; } folder(s)? { return FOLDER; } smtp(host)? { return SMTPHOST; } ---- a/rcfile_y.y -+++ b/rcfile_y.y -@@ -63,6 +63,7 @@ extern char * yytext; +Index: fetchmail-6.5.1/rcfile_y.y +=================================================================== +--- fetchmail-6.5.1.orig/rcfile_y.y ++++ fetchmail-6.5.1/rcfile_y.y +@@ -62,6 +62,7 @@ void yyerror (const char *s) %token DEFAULTS POLL SKIP VIA AKA LOCALDOMAINS PROTOCOL - %token AUTHENTICATE TIMEOUT KPOP SDPS ENVELOPE QVIRTUAL + %token AUTHENTICATE TIMEOUT IDLETIMEOUT KPOP SDPS ENVELOPE QVIRTUAL %token USERNAME PASSWORD FOLDER SMTPHOST FETCHDOMAINS MDA BSMTP LMTP +%token PASSWORDFILE PASSWORDFD %token SMTPADDRESS SMTPNAME SPAMRESPONSE PRECONNECT POSTCONNECT LIMIT WARNINGS %token INTERFACE MONITOR PLUGIN PLUGOUT %token IS HERE THERE TO MAP -@@ -307,6 +308,8 @@ user_option : TO mapping_list HERE +@@ -314,6 +315,8 @@ user_option : TO mapping_list HERE | IS STRING THERE {current.remotename = $2;} | PASSWORD STRING {current.password = $2;} @@ -276,15 +288,15 @@ | FOLDER folder_list | SMTPHOST smtp_list | FETCHDOMAINS fetch_list -@@ -505,6 +508,7 @@ static void reset_server(const char *nam +@@ -495,6 +498,7 @@ static void reset_server(const char *nam trailer = FALSE; memset(¤t,'\0',sizeof(current)); current.smtp_socket = -1; + current.passwordfd = -1; current.server.pollname = xstrdup(name); current.server.skip = skip; - current.server.principal = (char *)NULL; -@@ -526,6 +530,7 @@ static void user_reset(void) + } +@@ -515,6 +519,7 @@ static void user_reset(void) memset(¤t, '\0', sizeof(current)); current.smtp_socket = -1; @@ -292,7 +304,7 @@ current.server = save; } -@@ -546,6 +551,7 @@ struct query *hostalloc(struct query *in +@@ -535,6 +540,7 @@ struct query *hostalloc(struct query *in { memset(node, '\0', sizeof(struct query)); node->smtp_socket = -1; ++++++ fetchmail-add-query_to64_outsize-utility-function.patch ++++++ --- /var/tmp/diff_new_pack.SRnhdg/_old 2024-11-30 13:29:25.785663775 +0100 +++ /var/tmp/diff_new_pack.SRnhdg/_new 2024-11-30 13:29:25.789663942 +0100 @@ -9,8 +9,10 @@ fetchmail.h | 1 + 2 files changed, 8 insertions(+) ---- a/base64.c -+++ b/base64.c +Index: fetchmail-6.5.1/base64.c +=================================================================== +--- fetchmail-6.5.1.orig/base64.c ++++ fetchmail-6.5.1/base64.c @@ -66,6 +66,13 @@ fail: return rc; } @@ -25,9 +27,11 @@ int from64tobits(void *out_, const char *in, int maxlen) /* base 64 to raw bytes in quasi-big-endian order, returning count of bytes */ /* maxlen limits output buffer size, set to zero to ignore */ ---- a/fetchmail.h -+++ b/fetchmail.h -@@ -642,6 +642,7 @@ int prc_filecheck(const char *, const fl +Index: fetchmail-6.5.1/fetchmail.h +=================================================================== +--- fetchmail-6.5.1.orig/fetchmail.h ++++ fetchmail-6.5.1/fetchmail.h +@@ -611,6 +611,7 @@ int prc_filecheck(const char *, const fl /* base64.c */ unsigned len64frombits(unsigned inlen); /** calculate length needed to encode inlen octets. warnings: 1. caller needs to add 1 for a trailing \0 byte himself. 2. returns 0 for inlen 0! */ int to64frombits(char *, const void *, int inlen, size_t outlen); ++++++ fetchmail-bump-max-passwordlen-to-1bytes.patch ++++++ --- /var/tmp/diff_new_pack.SRnhdg/_old 2024-11-30 13:29:25.805664608 +0100 +++ /var/tmp/diff_new_pack.SRnhdg/_new 2024-11-30 13:29:25.809664775 +0100 @@ -8,9 +8,11 @@ fetchmail.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) ---- a/fetchmail.h -+++ b/fetchmail.h -@@ -116,7 +116,7 @@ struct addrinfo; +Index: fetchmail-6.5.1/fetchmail.h +=================================================================== +--- fetchmail-6.5.1.orig/fetchmail.h ++++ fetchmail-6.5.1/fetchmail.h +@@ -101,7 +101,7 @@ struct addrinfo; #define NAMELEN 64 /* max username length */ /* oauth2 access tokens seem to be about 130 characters; make this longer: */ ++++++ fetchmail-give-each-ctl-it-s-own-copy-of-password.patch ++++++ --- /var/tmp/diff_new_pack.SRnhdg/_old 2024-11-30 13:29:25.825665442 +0100 +++ /var/tmp/diff_new_pack.SRnhdg/_new 2024-11-30 13:29:25.829665608 +0100 @@ -13,9 +13,11 @@ fetchmail.c | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) ---- a/fetchmail.c -+++ b/fetchmail.c -@@ -450,7 +450,7 @@ int main(int argc, char **argv) +Index: fetchmail-6.5.1/fetchmail.c +=================================================================== +--- fetchmail-6.5.1.orig/fetchmail.c ++++ fetchmail-6.5.1/fetchmail.c +@@ -470,7 +470,7 @@ int main(int argc, char **argv) if (NO_PASSWORD(ctl)) /* Server won't care what the password is, but there must be some non-null string here. */ @@ -23,8 +25,8 @@ + ctl->password = xstrdup(ctl->remotename); else if (!ctl->passwordfile && ctl->passwordfd==-1) { - netrc_entry *p; -@@ -1107,7 +1107,15 @@ static void optmerge(struct query *h2, s + const netrc_entry *p; +@@ -1118,7 +1118,15 @@ static void optmerge(struct query *h2, s FLAG_MERGE(wildcard); STRING_MERGE(remotename); ++++++ fetchmail-increase-max-password-length-to-handle-oauth-tokens.patch ++++++ --- /var/tmp/diff_new_pack.SRnhdg/_old 2024-11-30 13:29:25.845666275 +0100 +++ /var/tmp/diff_new_pack.SRnhdg/_new 2024-11-30 13:29:25.849666441 +0100 @@ -17,9 +17,11 @@ fetchmail.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) ---- a/fetchmail.h -+++ b/fetchmail.h -@@ -116,7 +116,7 @@ struct addrinfo; +Index: fetchmail-6.5.1/fetchmail.h +=================================================================== +--- fetchmail-6.5.1.orig/fetchmail.h ++++ fetchmail-6.5.1/fetchmail.h +@@ -101,7 +101,7 @@ struct addrinfo; #define NAMELEN 64 /* max username length */ /* oauth2 access tokens seem to be about 130 characters; make this longer: */ ++++++ fetchmail-re-read-passwordfile-on-every-poll.patch ++++++ --- /var/tmp/diff_new_pack.SRnhdg/_old 2024-11-30 13:29:25.865667108 +0100 +++ /var/tmp/diff_new_pack.SRnhdg/_new 2024-11-30 13:29:25.865667108 +0100 @@ -9,9 +9,11 @@ fetchmail.man | 9 +---- 2 files changed, 69 insertions(+), 40 deletions(-) ---- a/fetchmail.c -+++ b/fetchmail.c -@@ -650,48 +650,19 @@ int main(int argc, char **argv) +Index: fetchmail-6.5.1/fetchmail.c +=================================================================== +--- fetchmail-6.5.1.orig/fetchmail.c ++++ fetchmail-6.5.1/fetchmail.c +@@ -681,48 +681,19 @@ int main(int argc, char **argv) } ctl->password = xstrdup(msg); @@ -65,7 +67,7 @@ } else if (!isatty(0)) { fprintf(stderr, GT_("fetchmail: can't find a password for %s@%s.\n"), -@@ -707,6 +678,8 @@ int main(int argc, char **argv) +@@ -739,6 +710,8 @@ int main(int argc, char **argv) ctl->password = xstrdup((char *)fm_getpassword(tmpbuf)); free(tmpbuf); } @@ -74,7 +76,7 @@ } } -@@ -897,6 +870,65 @@ int main(int argc, char **argv) +@@ -938,6 +911,65 @@ int main(int argc, char **argv) dofastuidl = 0; /* this is reset in the driver if required */ @@ -140,9 +142,11 @@ querystatus = query_host(ctl); if (NUM_NONZERO(ctl->fastuidl)) ---- a/fetchmail.man -+++ b/fetchmail.man -@@ -954,12 +954,9 @@ See USER AUTHENTICATION below for a comp +Index: fetchmail-6.5.1/fetchmail.man +=================================================================== +--- fetchmail-6.5.1.orig/fetchmail.man ++++ fetchmail-6.5.1/fetchmail.man +@@ -1061,12 +1061,9 @@ See USER AUTHENTICATION below for a comp .br Specifies a file name from which to read the first line to use as the password. Useful if something changes the password/token often without regenerating a @@ -157,7 +161,7 @@ .TP .B \-\-passwordfd <integer> (Keyword: passwordfd) -@@ -972,7 +969,7 @@ although it could also be a redirected i +@@ -1079,7 +1076,7 @@ although it could also be a redirected i (equivalent to "fetchmail \-\-passwordfd 5 5</path/to/file"). Useful if something wants to manage password ownership more securely than files, or if the password/token changes often, ++++++ fetchmail-support-oauthbearer-xoauth2-with-pop3.patch ++++++ --- /var/tmp/diff_new_pack.SRnhdg/_old 2024-11-30 13:29:25.881667774 +0100 +++ /var/tmp/diff_new_pack.SRnhdg/_new 2024-11-30 13:29:25.885667941 +0100 @@ -16,9 +16,11 @@ create mode 100644 oauth2.c create mode 100644 oauth2.h ---- a/Makefile.am -+++ b/Makefile.am -@@ -74,7 +74,7 @@ fetchmail_SOURCES= fetchmail.h getopt.h +Index: fetchmail-6.5.1/Makefile.am +=================================================================== +--- fetchmail-6.5.1.orig/Makefile.am ++++ fetchmail-6.5.1/Makefile.am +@@ -63,7 +63,7 @@ fetchmail_SOURCES= fetchmail.h getopt.h fetchmail.c env.c idle.c options.c daemon.c \ driver.c transact.c sink.c smtp.c \ idlist.c uid.c mxget.c md5ify.c cram.c gssapi.c \ @@ -27,38 +29,42 @@ unmime.c conf.c checkalias.c uid_db.h uid_db.c\ lock.h lock.c \ rcfile_l.l rcfile_y.y \ ---- a/fetchmail.man -+++ b/fetchmail.man -@@ -1006,7 +1006,7 @@ AUTHENTICATION below for details). The - \&\fBpassword\fP, \fBkerberos_v5\fP, \fBkerberos\fP (or, for +Index: fetchmail-6.5.1/fetchmail.man +=================================================================== +--- fetchmail-6.5.1.orig/fetchmail.man ++++ fetchmail-6.5.1/fetchmail.man +@@ -1114,7 +1114,7 @@ AUTHENTICATION below for details). The excruciating exactness, \fBkerberos_v4\fP), \fBgssapi\fP, \fBcram\-md5\fP, \fBotp\fP, \fBntlm\fP, \fBmsn\fP (only for POP3), --\fBexternal\fP (only IMAP), \fBssh\fP and \fBoauthbearer\fP (only IMAP). -+\fBexternal\fP (only IMAP), \fBssh\fP and \fBoauthbearer\fP (requires token). + \fBexternal\fP (only IMAP), \fBimplicit\fP (\fBssh\fP is understood +-as alias for \fBimplicit\fP) and \fBoauthbearer\fP (only IMAP). ++as alias for \fBimplicit\fP) and \fBoauthbearer\fP (requires token). When \fBany\fP (the default) is specified, fetchmail tries first methods that do not require a password (EXTERNAL, GSSAPI, KERBEROS\ IV, KERBEROS\ 5); then it looks for methods that mask your password -@@ -2342,8 +2342,7 @@ Legal protocol identifiers for use with +@@ -2492,8 +2492,7 @@ Legal protocol identifiers for use with Legal authentication types are 'any', 'password', 'kerberos', \&'kerberos_v4', 'kerberos_v5' and 'gssapi', 'cram\-md5', 'otp', 'msn' - (only for POP3), 'ntlm', 'ssh', 'external' (only IMAP), + (only for POP3), 'ntlm', 'implicit', 'external' (only IMAP), -'oauthbearer' (only for IMAP; requires authentication token in -place of password). +'oauthbearer' (requires authentication token in place of password). The 'password' type specifies authentication by normal transmission of a password (the password may be plain text or subject to protocol-specific encryption as in CRAM-MD5); ---- a/imap.c -+++ b/imap.c -@@ -17,6 +17,7 @@ +Index: fetchmail-6.5.1/imap.c +=================================================================== +--- fetchmail-6.5.1.orig/imap.c ++++ fetchmail-6.5.1/imap.c +@@ -15,6 +15,7 @@ + #include <stdlib.h> #include <limits.h> #include <errno.h> - #endif -+#include "oauth2.h" ++#include "oauth2.h" #include "socket.h" #include "i18n.h" -@@ -419,63 +420,23 @@ static int do_imap_ntlm(int sock, struct +@@ -417,63 +418,23 @@ static int do_imap_ntlm(int sock, struct static int do_imap_oauthbearer(int sock, struct query *ctl,flag xoauth2) { @@ -128,8 +134,10 @@ return ok; } +Index: fetchmail-6.5.1/oauth2.c +=================================================================== --- /dev/null -+++ b/oauth2.c ++++ fetchmail-6.5.1/oauth2.c @@ -0,0 +1,61 @@ +/* + * oauth2.c -- oauthbearer and xoauth2 support @@ -192,8 +200,10 @@ + + return oauth2b64; +} +Index: fetchmail-6.5.1/oauth2.h +=================================================================== --- /dev/null -+++ b/oauth2.h ++++ fetchmail-6.5.1/oauth2.h @@ -0,0 +1,6 @@ +#ifndef OAUTH2_H +#define OAUTH2_H @@ -201,17 +211,19 @@ +char *get_oauth2_string(struct query *ctl,flag xoauth2); + +#endif /*OAUTH2_H*/ ---- a/pop3.c -+++ b/pop3.c -@@ -20,6 +20,7 @@ +Index: fetchmail-6.5.1/pop3.c +=================================================================== +--- fetchmail-6.5.1.orig/pop3.c ++++ fetchmail-6.5.1/pop3.c +@@ -17,6 +17,7 @@ + #include <stdlib.h> #include <errno.h> - #include "fetchmail.h" +#include "oauth2.h" #include "socket.h" #include "i18n.h" #include "uid_db.h" -@@ -52,6 +53,10 @@ static flag has_cram = FALSE; +@@ -49,6 +50,10 @@ static flag has_cram = FALSE; static flag has_otp = FALSE; static flag has_ntlm = FALSE; static flag has_stls = FALSE; @@ -222,7 +234,7 @@ static void clear_sessiondata(void) { /* must match defaults above */ -@@ -135,12 +140,65 @@ static int pop3_ok (int sock, char *argb +@@ -132,12 +137,65 @@ static int pop3_ok (int sock, char *argb char buf [POPBUFSIZE+1]; char *bufp; @@ -292,7 +304,7 @@ while (isalpha((unsigned char)*bufp)) bufp++; -@@ -209,6 +267,8 @@ static int pop3_ok (int sock, char *argb +@@ -206,6 +264,8 @@ static int pop3_ok (int sock, char *argb #endif if (argbuf != NULL) strcpy(argbuf,bufp); @@ -301,7 +313,7 @@ } return(ok); -@@ -237,11 +297,13 @@ static int capa_probe(int sock) +@@ -234,11 +294,13 @@ static int capa_probe(int sock) #ifdef NTLM_ENABLE has_ntlm = FALSE; #endif /* NTLM_ENABLE */ @@ -316,7 +328,7 @@ char *cp; /* determine what authentication methods we have available */ -@@ -256,6 +318,10 @@ static int capa_probe(int sock) +@@ -253,6 +315,10 @@ static int capa_probe(int sock) if (strstr(buffer, "STLS")) has_stls = TRUE; #endif /* SSL_ENABLE */ @@ -327,7 +339,7 @@ #if defined(GSSAPI) if (strstr(buffer, "GSSAPI")) -@@ -279,6 +345,12 @@ static int capa_probe(int sock) +@@ -276,6 +342,12 @@ static int capa_probe(int sock) if (strstr(buffer, "CRAM-MD5")) has_cram = TRUE; @@ -340,7 +352,7 @@ } } done_capa = TRUE; -@@ -295,6 +367,40 @@ static void set_peek_capable(struct quer +@@ -292,6 +364,40 @@ static void set_peek_capable(struct quer peek_capable = !ctl->fetchall && (!ctl->keep || ctl->server.uidl); } @@ -381,7 +393,7 @@ static int pop3_getauth(int sock, struct query *ctl, char *greeting) /* apply for connection authorization */ { -@@ -374,6 +480,7 @@ static int pop3_getauth(int sock, struct +@@ -371,6 +477,7 @@ static int pop3_getauth(int sock, struct (ctl->server.authenticate == A_KERBEROS_V5) || (ctl->server.authenticate == A_OTP) || (ctl->server.authenticate == A_CRAM_MD5) || @@ -389,7 +401,7 @@ maybe_starttls(ctl)) { if ((ok = capa_probe(sock)) != PS_SUCCESS) -@@ -523,6 +630,19 @@ static int pop3_getauth(int sock, struct +@@ -520,6 +627,19 @@ static int pop3_getauth(int sock, struct /* * OK, we have an authentication type now. */ ++++++ fetchmailconf-no-more-future.patch ++++++ --- /var/tmp/diff_new_pack.SRnhdg/_old 2024-11-30 13:29:25.973671606 +0100 +++ /var/tmp/diff_new_pack.SRnhdg/_new 2024-11-30 13:29:25.977671772 +0100 @@ -1,46 +1,14 @@ -Index: fetchmail-6.4.37/fetchmailconf.py +Index: fetchmail-6.5.1/fetchmailconf.py =================================================================== ---- fetchmail-6.4.37.orig/fetchmailconf.py -+++ fetchmail-6.4.37/fetchmailconf.py -@@ -3,21 +3,12 @@ +--- fetchmail-6.5.1.orig/fetchmailconf.py ++++ fetchmail-6.5.1/fetchmailconf.py +@@ -3,7 +3,7 @@ # A GUI configurator for generating fetchmail configuration files. # by Eric S. Raymond, <[email protected]>, # Matthias Andree <[email protected]> -# Requires Python with Tkinter, and the following OS-dependent services: -+# Requires Python 3.4+ with Tkinter, and the following OS-dependent services: ++# Requires Python 3.7+ with Tkinter, and the following OS-dependent services: # posix, posixpath, socket # WARNING: this needs to be updated for fetchmail 6.4's SSL options, - # and other recent new options; - --from __future__ import print_function --from __future__ import division --from past.builtins import execfile --from future import standard_library --standard_library.install_aliases() --from builtins import str --from builtins import range --from past.utils import old_div --from builtins import object - import sys - import time - import os -@@ -37,7 +28,7 @@ except: - - VERSION = "1.63.5" - --MIN_PY = (2, 7, 13) -+MIN_PY = (3, 4, 0) - if sys.version_info < MIN_PY: - sys.exit("fetchmailconf: Python %s.%s.%s or later is required.\n" % MIN_PY) - -@@ -535,7 +526,7 @@ class LabeledEntry(Frame): - def ButtonBar(frame, legend, ref, alternatives, depth, command): - # array of radio buttons, caption to left, picking from a string list - bbar = Frame(frame) -- width = old_div((len(alternatives)+1), depth) -+ width = len(alternatives)+1 // depth - Label(bbar, text=legend).pack(side=LEFT) - for column in range(width): - subframe = Frame(bbar)
