Hello community, here is the log from the commit of package libesmtp for openSUSE:Factory checked in at 2016-10-14 03:38:30 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/libesmtp (Old) and /work/SRC/openSUSE:Factory/.libesmtp.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "libesmtp" Changes: -------- --- /work/SRC/openSUSE:Factory/libesmtp/libesmtp.changes 2013-02-07 10:36:23.000000000 +0100 +++ /work/SRC/openSUSE:Factory/.libesmtp.new/libesmtp.changes 2016-10-14 03:38:31.000000000 +0200 @@ -1,0 +2,10 @@ +Fri Sep 30 14:58:41 UTC 2016 - crrodrig...@opensuse.org + +- Add libesmtp-tlsv12.patch: All TLS clients must support and use + the highest TLS version available if possible not only TLS 1.0. + Patch sent to upstream long time ago, no response. website + has also vanished from the internet. +- Pass --disable-isoc to configure, pick the compiler's default C + standard mode (currently gnu11). + +------------------------------------------------------------------- New: ---- libesmtp-tlsv12.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ libesmtp.spec ++++++ --- /var/tmp/diff_new_pack.LDLJdJ/_old 2016-10-14 03:38:32.000000000 +0200 +++ /var/tmp/diff_new_pack.LDLJdJ/_new 2016-10-14 03:38:32.000000000 +0200 @@ -1,7 +1,7 @@ # # spec file for package libesmtp # -# Copyright (c) 2013 SUSE LINUX Products GmbH, Nuernberg, Germany. +# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -28,6 +28,8 @@ Patch0: libesmtp-removedecls.diff # PATCH-MISSING-TAG -- See http://wiki.opensuse.org/Packaging/Patches Patch1: libesmtp-1.0.4-bloat.patch +# PATCH-FIX-UPSTREAM libesmtp-tlsv12.patch crrodrig...@opensuse.org -- All TLS clients must support and use the highest TLS version available +Patch2: libesmtp-tlsv12.patch BuildRequires: openssl-devel BuildRoot: %{_tmppath}/%{name}-%{version}-build @@ -54,11 +56,13 @@ %setup -q %patch0 %patch1 +%patch2 -p1 %build %configure --disable-static --with-pic \ --enable-ntlm \ - --enable-etrn + --enable-etrn \ + --disable-isoc %{__make} %{?_smp_mflags} %install ++++++ libesmtp-tlsv12.patch ++++++ Index: libesmtp-1.0.6/smtp-tls.c =================================================================== --- libesmtp-1.0.6.orig/smtp-tls.c +++ libesmtp-1.0.6/smtp-tls.c @@ -201,8 +201,13 @@ starttls_create_ctx (smtp_session_t sess 3207. Servers typically support SSL as well as TLS because some versions of Netscape do not support TLS. I am assuming that all currently deployed servers correctly support TLS. */ - ctx = SSL_CTX_new (TLSv1_client_method ()); - +#if (OPENSSL_VERSION_NUMBER >= 0x10100000L) + ctx = SSL_CTX_new (TLS_client_method()); + SSL_CTX_set_min_proto_version(ctx, TLS1_VERSION); +#else + ctx = SSL_CTX_new (SSLv23_client_method ()); + SSL_CTX_set_options(ctx, SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3); +#endif /* Load our keys and certificates. To avoid messing with configuration variables etc, use fixed paths for the certificate store. These are as follows :-
