gentoo-overlay/net-mail/fetchmail/files/fetchmail-6.3.26-libressl.patch

--- a/configure.ac	2013-04-23 16:51:10.000000000 -0400
+++ b/configure.ac	2016-01-30 00:14:01.114090572 -0500
@@ -803,6 +803,7 @@
 
 case "$LIBS" in *-lssl*)
 	AC_CHECK_DECLS([SSLv2_client_method],,,[#include <openssl/ssl.h>])
+	AC_CHECK_DECLS([SSLv3_client_method],,,[#include <openssl/ssl.h>])
 	;;
 esac
 
--- a/po/de.po	2013-04-23 17:33:52.000000000 -0400
+++ b/po/de.po	2016-01-30 00:25:00.255287974 -0500
@@ -8,8 +8,8 @@
 msgstr ""
 "Project-Id-Version: fetchmail 6.3.26\n"
 "Report-Msgid-Bugs-To: fetchmail-devel@lists.berlios.de\n"
-"POT-Creation-Date: 2013-04-23 23:24+0200\n"
-"PO-Revision-Date: 2013-04-23 23:33+0200\n"
+"POT-Creation-Date: 2015-01-16 20:42+0100\n"
+"PO-Revision-Date: 2016-01-30 00:23-0500\n"
 "Last-Translator: Matthias Andree <matthias.andree@gmx.de>\n"
 "Language-Team: Deutsch <de@li.org>\n"
 "Language: \n"
@@ -3198,20 +3198,24 @@
 msgstr "Datei-Deskriptor außerhalb des Bereichs für SSL"
 
 #: socket.c:913
-msgid "Your operating system does not support SSLv2.\n"
-msgstr "Ihr Betriebssystem unterstützt SSLv2 nicht.\n"
+msgid "Your OpenSSL version does not support SSLv2.\n"
+msgstr "Ihre OpenSSL-Version unterstützt SSLv2 nicht.\n"
 
-#: socket.c:923
+#: socket.c:920
+msgid "Your OpenSSL version does not support SSLv3.\n"
+msgstr "Ihre OpenSSL-Version unterstützt SSLv3 nicht.\n"
+
+#: socket.c:928
 #, c-format
 msgid "Invalid SSL protocol '%s' specified, using default (SSLv23).\n"
 msgstr ""
 "Ungültiges SSL-Protokoll „%s“ angegeben, benutze Voreinstellung (SSLv23).\n"
 
-#: socket.c:1022
+#: socket.c:1027
 msgid "Certificate/fingerprint verification was somehow skipped!\n"
 msgstr "Zertifikat-/Fingerabdruck-Überprüfung wurde irgendwie übersprungen!\n"
 
-#: socket.c:1039
+#: socket.c:1044
 msgid ""
 "Warning: the connection is insecure, continuing anyways. (Better use --"
 "sslcertck!)\n"
@@ -3219,11 +3223,11 @@
 "Warnung: Die Verbindung ist unsicher, mache trotzdem weiter. (Nehmen Sie "
 "lieber --sslcertck!)\n"
 
-#: socket.c:1081
+#: socket.c:1086
 msgid "Cygwin socket read retry\n"
 msgstr "Cygwin-Socket-Lese-Wiederholung\n"
 
-#: socket.c:1084
+#: socket.c:1089
 msgid "Cygwin socket read retry failed!\n"
 msgstr "Cygwin-Socket-Lese-Wiederholung fehlgeschlagen!\n"
 
--- a/fetchmail.c	2013-04-23 16:00:45.000000000 -0400
+++ b/fetchmail.c	2016-01-30 00:16:26.104294447 -0500
@@ -54,6 +54,10 @@
 #define ENETUNREACH   128       /* Interactive doesn't know this */
 #endif /* ENETUNREACH */
 
+#ifdef SSL_ENABLE
+#include <openssl/ssl.h>	/* for OPENSSL_NO_SSL2 and ..._SSL3 checks */
+#endif
+
 /* prototypes for internal functions */
 static int load_params(int, char **, int);
 static void dump_params (struct runctl *runp, struct query *, flag implicit);
@@ -263,6 +267,12 @@
 #ifdef SSL_ENABLE
 	"+SSL"
 #endif
+#if HAVE_DECL_SSLV2_CLIENT_METHOD + 0 == 0
+	"-SSLv2"
+#endif
+#if HAVE_DECL_SSLV3_CLIENT_METHOD + 0 == 0
+	"-SSLv3"
+#endif
 #ifdef OPIE_ENABLE
 	"+OPIE"
 #endif /* OPIE_ENABLE */
--- a/socket.c	2013-04-23 16:00:45.000000000 -0400
+++ b/socket.c	2016-01-30 00:28:26.718678785 -0500
@@ -907,14 +907,19 @@
 	_ssl_context[sock] = NULL;
 	if(myproto) {
 		if(!strcasecmp("ssl2",myproto)) {
-#if HAVE_DECL_SSLV2_CLIENT_METHOD + 0 > 0
+#if (HAVE_DECL_SSLV2_CLIENT_METHOD + 0 > 0) && (0 == OPENSSL_NO_SSL2 + 0)
 			_ctx[sock] = SSL_CTX_new(SSLv2_client_method());
 #else
-			report(stderr, GT_("Your operating system does not support SSLv2.\n"));
+			report(stderr, GT_("Your OpenSSL version does not support SSLv2.\n"));
 			return -1;
 #endif
 		} else if(!strcasecmp("ssl3",myproto)) {
+#if (HAVE_DECL_SSLV3_CLIENT_METHOD + 0 > 0) && (0 == OPENSSL_NO_SSL3 + 0)
 			_ctx[sock] = SSL_CTX_new(SSLv3_client_method());
+#else
+			report(stderr, GT_("Your OpenSSL version does not support SSLv3.\n"));
+			return -1;
+#endif
 		} else if(!strcasecmp("tls1",myproto)) {
 			_ctx[sock] = SSL_CTX_new(TLSv1_client_method());
 		} else if (!strcasecmp("ssl23",myproto)) {