Merge ~kstenerud/ubuntu/+source/fetchmail:disco-fetchmail-gmailssl-1798786 into ubuntu/+source/fetchmail:ubuntu/disco-devel
Status: | Merged |
---|---|
Approved by: | Andreas Hasenack |
Approved revision: | b1c6372c806e7a7c94a663469bed0a8597183ff5 |
Merge reported by: | Andreas Hasenack |
Merged at revision: | b1c6372c806e7a7c94a663469bed0a8597183ff5 |
Proposed branch: | ~kstenerud/ubuntu/+source/fetchmail:disco-fetchmail-gmailssl-1798786 |
Merge into: | ubuntu/+source/fetchmail:ubuntu/disco-devel |
Diff against target: |
61 lines (+40/-0) 3 files modified
debian/changelog (+7/-0) debian/patches/series (+1/-0) debian/patches/sni-support.patch (+32/-0) |
Related bugs: |
Reviewer | Review Type | Date Requested | Status |
---|---|---|---|
Andreas Hasenack | Approve | ||
Christian Ehrhardt (community) | Approve | ||
Canonical Server | Pending | ||
Review via email: mp+358699@code.launchpad.net |
Description of the change
Disco version of https:/
Applied upstream patch to set hostname for SNI when using TLS. Without this, fetchmail fails to verify the SSL certificate using TLS 1.2.
Upstream patch: https:/
PPA: ppa:kstenerud/
Steps to test:
# lxc launch ubuntu-daily:disco tester
# lxc exec tester bash
# apt update
# apt dist-upgrade -y
# apt install -y fetchmail
# echo "set postmaster \"root\"
poll pop.gmail.com with proto POP3
user '<email address hidden>' there with password 'any-password' is root here options ssl
" > ~/.fetchmailrc
# chmod 700 ~/.fetchmailrc
# fetchmail -d0 -vk --sslcertck pop.gmail.com
...
fetchmail: Server certificate:
fetchmail: Unknown Organization
fetchmail: Issuer CommonName: invalid2.invalid
fetchmail: Subject CommonName: invalid2.invalid
fetchmail: Server CommonName mismatch: invalid2.invalid != pop.gmail.com
fetchmail: Server certificate verification error: self signed certificate
...
# add-apt-repository -y ppa:kstenerud/
# apt update
# apt dist-upgrade -y
# fetchmail -d0 -vk --sslcertck pop.gmail.com
...
fetchmail: Server certificate:
fetchmail: Issuer Organization: Google Trust Services
fetchmail: Issuer CommonName: Google Internet Authority G3
fetchmail: Subject CommonName: pop.gmail.com
fetchmail: Subject Alternative Name: pop.gmail.com
...
Package Tests:
There are no package tests in fetchmail.
Note: I wondered if we should bug report to Debian as well.
But since the fix is upstream for a year already and Debian has 6.4 beta already they will get it once upstream finalizes 6.4
Only in case we would be afraid that this would take quite a while we'd need to ping them.
If we see this on the next cycles merge still not being droppable lets make sure to open a bug/PR with Debian.