| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
|
|
Version 1.2.5:
- Support SHA256 fingerprints for tls_fingerprint, and mark both SHA1 and MD5 as
deprecated.
Version 1.2.4:
- The system default policy is used with GnuTLS instead of a hardcoded one.
Version 1.2.3:
- A bug in SOCKS support was fixed.
- Handling non-fatal errors in TLS handshakes was fixed.
Version 1.2.2:
- No significant changes.
Version 1.2.1:
- The new configure option --with-tls replaces --with-ssl.
- A new configure option --disable-gai-idn was added.
Version 1.2.0:
- Support for SOCKS proxies was added. This allows mpop to be used with Tor.
- GNOME Keyring support now uses libsecret instead of libgnome-keyring. It is
now documented how to use secret-tool to manage passwords for mpop; the
obsolete mpop-gnome-tool script is removed.
- Configuration file security is now only checked if the file actually contains
secrets such as passwords. (If you still store passwords in the configuration
file, consider using the passwordeval command or a key ring instead.)
- The GSSAPI authentication method is not chosen automatically anymore, you have
to request it manually if you really want to use it.
- Libidn is not required for IDN support anymore on systems where getaddrinfo()
supports the AI_IDN flag and the GnuTLS version is >= 3.4.0.
- SSLv3 is disabled, and the obsolete tls_force_sslv3 command and
--tls-force-sslv3 option have no effect anymore.
Version 1.0.29:
- No significant changes.
|
|
|
|
Problems found locating distfiles:
Package mutt: missing distfile patch-1.5.24.rr.compressed.gz
Package p5-Email-Valid: missing distfile Email-Valid-1.198.tar.gz
Package pine: missing distfile fancy.patch.gz
Package postgrey: missing distfile targrey-0.31-postgrey-1.34.patch
Package qmail: missing distfile badrcptto.patch
Package qmail: missing distfile outgoingip.patch
Package qmail: missing distfile qmail-1.03-realrcptto-2006.12.10.patch
Package qmail: missing distfile qmail-smtpd-viruscan-1.3.patch
Package thunderbird24: missing distfile enigmail-1.7.2.tar.gz
Package thunderbird31: missing distfile enigmail-1.7.2.tar.gz
Otherwise, existing SHA1 digests verified and found to be the same on
the machine holding the existing distfiles (morden). All existing
SHA1 digests retained for now as an audit trail.
|
|
|
|
|
|
|
|
- Always use the internal MD5 functions for the built-in CRAM-MD5
implementation; never use the ones from OpenSSL. This fixes problems with
configurations that use OpenSSL and do not use GNU SASL. Thanks to Gleydson
Soares and Moritz Wilhelmy for providing information and for testing the fix.
- Deprecate DIGEST-MD5 authentication as per RFC 6331.
- Remove unmaintained translations (es, pt_BR).
|
|
|
|
|
|
|
|
Version 1.0.23:
- No significant changes.
Version 1.0.22:
- A new command 'received_header' with a corresponding '--received-header'
option allows to disable the default Received header if required.
- A new command 'passwordeval' with a corresponding '--passwordeval' option
allows to set the password to the output of a command.
Version 1.0.21:
- No significant changes.
Version 1.0.20:
- Added support for authentication mechanism SCRAM-SHA-1 via GNU SASL.
- The new command tls_fingerprint allows one to trust one particular TLS
certificate, in case tls_trust_file cannot be used for some reason.
- The new script mpop-gnome-tool.py manages Gnome Keyring passwords for mpop.
Version 1.0.19:
- When using OpenSSL, mpop now correctly handles NUL characters in the Common
Name and Subject Alternative Name fields of certificates. This fixes a
security problem. Note that mpop is not affected by this problem if GnuTLS is
used.
- Mpop can now handle mail boxes larger than 2 GiB on 32bit systems. Previously,
this only worked on 64bit systems.
Version 1.0.18:
- Delivery to MS Exchange pickup directories is now supported, thanks to Julien
Larigaldie.
Version 1.0.17:
- No significant changes.
Version 1.0.16:
- Mpop now also reads SYSCONFDIR/netrc if the password was not found in
~/.netrc.
- Support for the GNOME keyring was added by Satoru SATOH.
Version 1.0.15:
- This version fixes two bad bugs that prevented mpop from correctly retrieving
mails under certain cicumstances.
Version 1.0.14:
- The configuration command tls_crl_file was added. This allows to use
certificate revocation lists (CRLs) during certificate verification.
- The configuration command tls_min_dh_prime_bits was added. This is needed to
use TLS/SSL with servers that use a small Diffie-Hellman (DH) prime size.
- The configuration command tls_priorities was added. This allows to fine tune
TLS/SSL session parameters.
Version 1.0.13:
- Support for the Mac OS X keychain was added by Jay Soffian.
|
|
PR#44353 by Tony Young.
|
|
|
|
|
|
block). Uncomment some commented out LICENSE lines while here.
|
|
on packages that are affected by the switch from the openssl 0.9.7
branch to the 0.9.8 branch. ok jlam@
|
|
|
|
Add commented out LICENSE line (gnu-gpl-v3).
From ChangeLog:
Version 1.0.12:
- Gnulib update to 2007-11-27.
- Don't count already retrieved messages twice. This fixes a segfault when
only_new is off and header or size filtering is on. The bug was introduced in
the previous change; no released version is affected.
- If a filter decides to delete a mail, then additionally mark it as
retrieved. This prevents to filter the mail again in a later session when
the 'keep' option is set.
- Fix default UIDLS file on the W32 platform: Use '\' as directory separator,
not '/'. Reported by Ricky Thomas.
Version 1.0.11:
- Update the license of the source code to GPLv3 or later, and change the
license of the documentation to the GFDLv1.2 or later.
- Gnulib update to 2007-07-15.
- Add new option -Q / --half-quiet to print only status information but no
progress information. Suggested by Dimitrios Apostolou.
- Set the default timeout to 180 seconds = 3 minutes. This prevents sessions
from hanging forever. Suggested by Dimitrios Apostolou.
- Make the POP3 commands UIDL, LIST, and DELE abortable. This is useful for
mailboxes with many thousand mails.
- Update the UIDL state after mail retrieval, and save this state in case of
errors in DELE or QUIT. Only update the UIDL state again after successful
DELE and QUIT, and then save this state. This prevents an incorrect UIDL
state if the DELE commands are aborted, for example. Bug reported by
Dimitrios Apostolou.
Version 1.0.10:
- Fix UIDL handling: the first character of UIDs was ignored.
- Improve APOP timestamp checks. Thanks to Carlos Martín Nieto for a
discussion of this.
- Add documentation on how to find the right CA certificate for
tls_trust_file. Thanks to Bryan Kam for suggestions.
- Improve the documentation for TLS vs. SSL and STARTTLS vs. POP3-over-TLS.
Thanks to Carlos Martín Nieto for suggestions.
- Update the spanish translation (Carlos Martín Nieto).
Version 1.0.9:
- Require either tls_trust_file or tls_certcheck=off for TLS sessions, so that
mpop is not silently vulnerable to man-in-the-middle attacks.
- Gnulib update 2007-04-07.
- Protect against the man-in-the-middle attack on APOP authentication as
described in CVE-2007-1558. This is done by doing sanity checks on the
APOP timestamp in the server greeting.
However, this probably makes attacks only harder. It will not make them
impossible. Therefore, APOP authentication is never used automatically
anymore unless TLS is active.
- Do not use NTLM authentication automatically anymore unless TLS is active.
NTLM is not an open standard and must therefore be considered broken.
Version 1.0.8:
- Move build-aux files to separate directory build-aux.
- Gnulib update 2007-03-19.
- Improve and generalize workaround for pop.gmail.com RFC violations. This
enables automatic pipelining support for pop.gmail.com and some other
servers.
- Provide a hstrerror() function for systems that lack getaddrinfo() (so that
gethostbyname() must be used instead) and that do not provide hstrerror()
themselves. Needed for Solaris 2.6. Reported and tested by Chris Green.
|
|
Changes are:
Version 1.0.7:
- Add a workaround for the Comcast.net POP3 server: allow more than one space
before the UID in an UIDL response, even though RFC 1939 says it must be
exactly one. Reported and fixed by Benji Fisher.
Version 1.0.6:
- Updated copyright info to 2007.
- Added an "auto" setting for pipelining and made it the default. "on" and
"off" now force pipelining on or off regardless of server capabilities.
Thanks to Jeremy C. Reed for suggestions on this.
- Gnulib update to 2007-01-10.
- Switch to autoconf-2.61 and automake-1.10, to avoid problems with configure
trying to run "sh /usr/bin/install" where /usr/bin/install is not a shell
script on NetBSD. Reported by Jeremy C. Reed.
- Put the POP3_PIPELINE_MIN and POP3_PIPELINE_MAX definitions into #ifndef ...
#endif so that they can easily be set via CFLAGS. Thanks to Jeremy C. Reed
for the patch.
- Remove the obsolete "extern int errno;" declaration. It does not conform to
POSIX and causes trouble. Thanks to Jeremy C. Reed for the patch.
- Added AC_SYS_LARGEFILE to configure.ac, for large file support. Removed the
unnecessary AC_C_CONST and AC_HEADER_STDC.
Version 1.0.5:
- Remove gnulib module nanosleep. This fixes more build problems.
Version 1.0.4:
- Gnulib update. Remove the gettimeofday module. There are no local changes
to the gnulib code anymore.
- Do not use the gnulib gettimeofday module anymore. Use a local replacement
in delivery.c instead.
- Do not use nanosleep() on W32 anymore. Use Sleep() instead.
Do not use nanosleep() on DJGPP anymore. Use usleep() instead.
- Update gettext files to gettext-0.16.
- Improved the configure check for the OpenSSL libraries. This fixes a build
failure on Mac OS X. Reported for msmtp by Michael Williams, who also tested
the fix. Thanks!
- Fix a bug in string_replace(). This bug did not affect mpop.
Version 1.0.3:
- Improved configuration file examples in the documentation.
- Fix GNU SASL support: replace #ifdef HAVE_GSASL with #ifdef HAVE_LIBGSASL.
The old code did not actually use GNU SASL. This bug was introduced in 1.0.2.
- Prevent to write UIDLs files that we cannot read back:
- Do not allow UIDs to start with a space.
- Allow UIDLs file lines to be long enough to hold the longest
UID that we would accept from a server.
- Added spanish translation by Carlos Martín Nieto. Thanks a lot!
- Correct the documentation of "~/.mpop_uidls" in mpop.1 and mpop.texi.
- Gnulib update. Removes the initialization of pkgdata_DATA from
gnulib/Makefile.am, thanks to a fix by Bruno Haible. 'make install' will no
longer create an empty directory $(pkgdatadir) anymore (the default for
$(pkgdatadir) is /usr/local/share/mpop). Reported by Roman Bogorodskiy.
Version 1.0.2:
- Gnulib update. The modules nanosleep and gettimeofday still differ from the
official gnulib source.
- Disable SSLv2 because it has known flaws. This only affects the OpenSSL
version because GNU TLS does not implement SSLv2.
- Add new command tls_force_sslv3 and option --tls-force-sslv3 to force
TLS/SSL version SSLv3. This might be needed to use SSL with some old and
broken servers. Closes msmtp Debian bug #374610, reported by Marko Mäkelä.
Thanks to Julien Louis for tracking this problem down and testing the patch.
- Changed detection of libgnutls so that it works with version >= 1.2.0 again.
- Improvements for the build system:
- Quote arguments of M4 macros.
- Use AC_LIB_HAVE_LINKFLAGS to detect libraries. Do not use *-config scripts
or pkg-config. This avoids problems that are reported in this thread:
http://thread.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/
1610/focus=1610 .
- Use HAVE_LIB* macros instead of USE_* or others, for consistency.
- Link with LIB_NANOSLEEP as determined by the gnulib nanosleep module. This
fixes build problems on Solaris. Reported by Daniel Rechsteiner for msmtp.
Thanks!
- Allow '+' and '/' in Return-Path mail addresses; do not replace them with '_'.
Fix documentation of which characters are allowed and which are replaced,
both in the code and in the user documentation for %F expansion.
Version 1.0.1:
- Changed the default UIDLS file from "~/.mpop_uidls" to
"~/.mpop_uidls/%U_at_%H".
- Gnulib update. The modules nanosleep and gettimeofday still differ from the
official gnulib source.
- Update to gettext-0.15.
- Improve error message if directories for the UIDLS files cannot be created.
- Allow to use special files like /dev/null to be used as an MBOX file,
by ignoring an fsync() failure if and only if (errno == EINVAL). Suggested by
Marco Ferra. Thanks!
- Make error messages of the maildir and mbox delivery methods more verbose.
- Fixed types of variables that are changed by signal handlers: they are
'volatile sig_atomic_t' now.
- Adapt --version output to the latest GNU conventions.
- Clean up #includes.
- Move check for delivery information from main() into check_account().
- Added support for %U and %H expansion in UIDLS file names. This allows to
have per-account UIDLS files with just one setting in the defaults
section.
- Automatically create directories needed to store the UIDLS file.
- Gnulib update. Added the xstrndup module. The modules nanosleep and
gettimeofday still differ from the official gnulib source.
- Move string_replace from delivery.c to tools.[ch] to make it available to
other modules.
- Renamed os_env.[ch] to tools.[ch].
- Replace __MINGW__ with W32_NATIVE in os_env.h.
- Check that the first command in the configuration file is either account or
defaults. This fixes a crash (NULL pointer dereferencing) when the first
command in the file is valid but does not belong to an account.
- W32 port: Fixed the replacements for the WIFEXITED and WEXITSTATUS macros in
delivery.c. Thanks to Gizbern for the bug report.
- Minor documentation improvements.
- Enable network connection timeouts on DJGPP/Watt32. Thanks to Gisle Vanem for
pointing out that this works just like it does with UNIX. The DJGPP/Watt32
port is now on par with the UNIX port.
- Update README.dos.
- Don't check configuration file permissions on Cygwin.
Version 1.0.0:
- Gnulib update. Added gettimeofday module.
Note that a locally modified copy of gnulib was used. It contains patches for
the getpass, nanosleep, and gettimeofday modules, plus the additional module
sys_select. All of these changes were submitted to the bug-gnulib@gnu.org
mailing list, but they are not integrated yet.
- Removed some W32 specific defines from delivery.c because they are not
necessary with current MinGW versions.
- Removed ftruncate-for-W32 hack in uidls.c, because newer MinGW versions have
ftruncate().
- Renamed README.win32 to README.w32. Updated README.w32 and README.dos.
- Replace '#ifdef _WIN32' with '#ifdef W32_NATIVE', where W32_NATIVE is defined
in config.h if the following is true:
'#if (defined _WIN32 || defined __WIN32__) && !defined __CYGWIN__'.
The reason is that Cygwin defines _WIN32 nowadays, but we want the UNIX API
on that platform.
- Include config.h in list.c.
- Fix warnings emitted for configure.ac by autoreconf.
- Added -a, --all-accounts option to query all accounts in the configuration
file (suggested by Jimmy Lolla). Changed short option for --auth-only from
-a to -A.
- Fixed handling of weird UIDs:
1. When checking for control characters, use c_iscntrl() instead of iscntrl(),
to be independent of the user's locale.
2. Use POP3_EUNAVAIL as the error code for "Server does not support the UIDL
command". All other error codes are critical.
Bug reported by Marcelo. Thanks!
- Lock the UIDLS file once and keep the lock as long as the UIDLS data is used.
This prevents loss of UIDs (and therefore multiple deliveries of the
corresponding mails) when multiple mpop processes use the same UIDLS file.
- lock_file(): If another process holds a lock on the file, then wait 1/10
second instead of 1 second before the next try.
- Gnulib update. Added nanosleep module.
- Improve error handling for file locking: differentiate between timeouts and
other errors.
Version 0.8.5:
- Improve checks for libraries in configure.ac. The ./configure options have
changed! See INSTALL for more info.
- Improve --version output.
- Add (optional) support for Internationalized Domain Names (IDN) via
GNU Libidn.
- Initialize TLS only if pop3_connect() succeeded.
- Move SSL_LIBS and GSASL_LIBS into LIBS; do not put them in Makefile.am.
- Fix memory leak in GNU SASL variant of pop3_auth().
- Fix memory leak in GnuTLS variant of tls_cert_info_get().
- mpop_serverinfo(): If auth fails and this is ignored, then reset
the error message and error string.
- Sync pop3_auth() with smtp_auth() from msmtp. Affects only comments.
- mpop_serverinfo(): Only resend CAPA if authentication succeeded.
- pop3_auth(), GNU SASL variant:
- Check if authentication data is complete before trying to start
authentication.
- Never call password_callback() when no user name is given.
- Prevent a double free if an invalid argument to the auth command is given.
- Prevent a double free if an invalid argument to --auth is given.
- Replace crypto.[ch] with gnulib hmac-md5 module.
- Gnulib update. Add hmac-md5 module.
- net.c, tls.c: allow all network operations to be interrupted with CTRL+C,
and print an appropriate error message in this case.
- tls.c: if an error occurs, clean up *after* building the error message. This
fixes a potential segfault in the OpenSSL version of tls_start().
- net_open_socket(): don't let net_close_socket() clobber errno.
- net_open_socket(): print correct error message if getaddrinfo() returns
EAI_SYSTEM.
- MDA delivery method: handle SIGPIPE. Now mpop gives a proper error message
if the MDA process dies without reading the mail data.
This also affects filtering since the filter delivery method largely reuses
the MDA delivery method code.
- delivery_method_mda_open(): flush stdout and stderr before calling the MDA,
so that its output won't be intermingled with mpop's output.
- Fixed a comment in net.h.
- net_get_canonical_hostname(): Only call freeaddrinfo() if getaddrinfo()
succeeded. Reported and fixed by Raúl Núñez de Arenas Coronado.
- Removed the simple_mbox delivery method because it is unnecessary.
- Minor documentation improvements.
Version 0.8.4:
- Minor Win32 portability/cross-compilation updates.
- Gnulib update.
- Documentation updates.
- The only_new command and --only-new option were re-added, but with slightly
different meaning and a different default value. The default behaviour is
completely compatible to all 0.8.x version.
- Fix UIDLS file handling: make sure that uids appear in ascending order.
Older versions wrote unsorted uid lists. If such a file is read, detect this
and sort the lists.
- Print --debug output to stdout instead of stderr, since it is requested
output. Noted by Aliaksandr Lakhanko.
- Changes taken from msmtp:
- configure.ac: Rely on PKG_CHECK_MODULES to find GSASL, do not fall back to
manual detection, to prevent using an incompatible version of GSASL.
Problem reported by Jari Aalto.
- Gnulibs sysexit_.h now defines EX_OK; there's no need to use a locally
modified version anymore.
- Use a locally modified version of gnulibs sysexit_.h that defines EX_OK to
0, since the gnulib maintainers apparently won't fix this file.
Include the sysexits.h header after all other system headers to override
previous definitions of EX_OK on systems that use EX_OK for other purposes.
This is needed on Interix, reported by Ben Collver.
Version 0.8.3:
- gnulib update.
- Expect sorted UIDLS files. This means that files written by versions prior
to 0.5.0 are not accepted anymore.
- Fixed -d and -P output for "delivery" when maildir is used.
- Changes taken from msmtp:
- adapted configure.ac for new pkg-config version
- Use gnulib socklen module for socklen_t.
- W32: Enable maildir delivery.
- W32/DJGPP: Use all files/streams in binary mode.
- W32: Allow %HOME% to override default user configuration directory.
- W32: Enable getpass and netrc functionality.
- Do not rely on a failing malloc setting errno in xalloc_die()
- Shut down a GnuTLS TLS session with GNUTLS_SHUT_WR instead of
GNUTLS_SHUT_RDWR. This prevents session hangs in certain situations.
It is safe to do this because we never reuse a connection when TLS was shut
down. Thanks to Jens Kammler for the problem report!
- Make the GnuTLS code accept old version 1 CA certificates when verifying
certificates.
- Renamed LOCK_(READ|WRITE) to OSENV_LOCK_(READ|WRITE) in os_env.[ch] to avoid
name clashes with <fcntl.h>
|
|
It seg faults (with some double free() it looks like) when DNS
is not working. So after the freeze I will explore this more.
I also see a new version is available -- maybe it fixes it...
|
|
PKGLOCALEDIR and which install their locale files directly under
${PREFIX}/${PKGLOCALEDIR} and sort the PLIST file entries. From now
on, pkgsrc/mk/plist/plist-locale.awk will automatically handle
transforming the PLIST to refer to the correct locale directory.
|
|
|
|
CONF_FILES and PKG_SYSCONFSUBDIR and bump revision.
(Confirmed by jlam.)
|
|
developer is officially maintaining the package.
The rationale for changing this from "tech-pkg" to "pkgsrc-users" is
that it implies that any user can try to maintain the package (by
submitting patches to the mailing list). Since the folks most likely
to care about the package are the folks that want to use it or are
already using it, this would leverage the energy of users who aren't
developers.
|
|
|
|
|
|
automatically detects whether we want the pkginstall machinery to be
used by the package Makefile.
|
|
|
|
mpop is a small, fast, and portable POP3 client. Its features include
header-based email filtering (filter junk mail before downloading it),
delivery to mbox files, maildir folders, or a mail delivery agent, a
very fast POP3 implementation, many authentication methods, and good
support for TLS/SSL.
|
