From ba57152ddcb042e4f4ce68b1f9066ac13b92be78 Mon Sep 17 00:00:00 2001
From: Cy Schubert <cy@FreeBSD.org>
Date: Mon, 15 Oct 2018 02:56:36 +0000
Subject: Jettison SSLv2 support. Not only does this allow mail/mailx to build
 using openssl111 in base but SSLv2 is insecure.

---
 mail/heirloom-mailx/Makefile                 |  3 ++-
 mail/heirloom-mailx/files/patch-mailx.1      | 14 ++++++++++++++
 mail/heirloom-mailx/files/patch-mailx.1.html | 15 +++++++++++++++
 3 files changed, 31 insertions(+), 1 deletion(-)
 create mode 100644 mail/heirloom-mailx/files/patch-mailx.1
 create mode 100644 mail/heirloom-mailx/files/patch-mailx.1.html

(limited to 'mail/heirloom-mailx')

diff --git a/mail/heirloom-mailx/Makefile b/mail/heirloom-mailx/Makefile
index 7cca18a93deb..760172153b81 100644
--- a/mail/heirloom-mailx/Makefile
+++ b/mail/heirloom-mailx/Makefile
@@ -2,7 +2,7 @@
 
 PORTNAME=	mailx
 PORTVERSION=	12.4
-PORTREVISION=	7
+PORTREVISION=	8
 CATEGORIES=	mail ipv6
 MASTER_SITES=	SF/heirloom/heirloom-${PORTNAME}/${PORTVERSION}
 PKGNAMEPREFIX=	heirloom-
@@ -18,6 +18,7 @@ CONFLICTS=	mailx-[0-9]*
 
 MAKE_JOBS_UNSAFE=	yes
 USES=		iconv localbase ssl tar:bzip2
+CPPFLAGS+=	-DOPENSSL_NO_SSL2
 MAKE_ARGS=	PREFIX="${PREFIX}" \
 		SYSCONFDIR="${PREFIX}/etc" \
 		SENDMAIL="/usr/sbin/sendmail" \
diff --git a/mail/heirloom-mailx/files/patch-mailx.1 b/mail/heirloom-mailx/files/patch-mailx.1
new file mode 100644
index 000000000000..51b14d50260c
--- /dev/null
+++ b/mail/heirloom-mailx/files/patch-mailx.1
@@ -0,0 +1,14 @@
+--- mailx.1.orig	2007-10-01 06:00:39.000000000 -0700
++++ mailx.1	2018-10-14 19:36:55.360353000 -0700
+@@ -2683,11 +2683,6 @@
+ to verify SSL/TLS server certificates.
+ Only applicable if SSL/TLS support is built using OpenSSL.
+ .TP
+-.B ssl-v2-allow
+-Accept SSLv2 connections.
+-These are normally not allowed
+-because this protocol version is insecure.
+-.TP
+ .B stealthmua
+ Inhibits the generation of
+ the \fI`Message-Id:'\fR and \fI`User-Agent:'\fR
diff --git a/mail/heirloom-mailx/files/patch-mailx.1.html b/mail/heirloom-mailx/files/patch-mailx.1.html
new file mode 100644
index 000000000000..276cce658606
--- /dev/null
+++ b/mail/heirloom-mailx/files/patch-mailx.1.html
@@ -0,0 +1,15 @@
+--- mailx.1.html.orig	2008-07-28 15:33:37.000000000 -0700
++++ mailx.1.html	2018-10-14 19:38:44.077272000 -0700
+@@ -2953,12 +2953,6 @@
+ Only applicable if SSL/TLS support is built using OpenSSL.
+ </TD></TR>
+ <TR valign=top><TD colspan=2>
+-<B>ssl-v2-allow</B> </TD></TR><TR valign=top><TD width=6%>&nbsp;</TD><TD>
+-Accept SSLv2 connections.
+-These are normally not allowed
+-because this protocol version is insecure.
+-</TD></TR>
+-<TR valign=top><TD colspan=2>
+ <B>stealthmua</B> </TD></TR><TR valign=top><TD width=6%>&nbsp;</TD><TD>
+ Inhibits the generation of
+ the <I>&#39;Message-Id:&#39;</I> and <I>&#39;User-Agent:&#39;</I>
-- 
cgit v1.2.3