This port uses an #ifdef LIBRESSL_VERSION_NUMBER to force use of version
fixed TLS_client_methods, presumably because at some point the min/max
proto version API was not available.
Once we define LIBRESSL_HAS_TLS1_3, this port's build will break since
it will hit a code path was never even compile tested: it uses the
TLSv1_3_client_method(). This function never existed in OpenSSL and
will unlikely ever exist in LibreSSL.
We can use the OpenSSL 1.1 code path and this will do the right thing
now and continue to do the right thing once LIBRESSL_HAS_TLS1_3 will be
defined.
PS: The port is somewhat outdated, upstream has released 6.4.12 a few
days ago. I can send an update for this if there's interest.
Index: Makefile
===================================================================
RCS file: /var/cvs/ports/mail/fetchmail/Makefile,v
retrieving revision 1.156
diff -u -p -r1.156 Makefile
--- Makefile 12 Jun 2020 13:02:35 -0000 1.156
+++ Makefile 6 Sep 2020 23:05:49 -0000
@@ -4,6 +4,7 @@ COMMENT= mail retrieval utility for POP2
DISTNAME= fetchmail-6.4.6
EXTRACT_SUFX= .tar.xz
+REVISION= 0
CATEGORIES= mail
MASTER_SITES= ${MASTER_SITE_SOURCEFORGE:=fetchmail/}
Index: patches/patch-socket_c
===================================================================
RCS file: patches/patch-socket_c
diff -N patches/patch-socket_c
--- /dev/null 1 Jan 1970 00:00:00 -0000
+++ patches/patch-socket_c 6 Sep 2020 23:18:56 -0000
@@ -0,0 +1,14 @@
+$OpenBSD$
+
+Index: socket.c
+--- socket.c.orig
++++ socket.c
+@@ -902,7 +902,7 @@ static const char *SSLCertGetCN(const char *mycert,
+ return ret;
+ }
+
+-#if defined(LIBRESSL_VERSION_NUMBER) || OPENSSL_VERSION_NUMBER < 0x1010000fL
++#if OPENSSL_VERSION_NUMBER < 0x1010000fL
+ /* OSSL_proto_version_logic for OpenSSL 1.0.x and LibreSSL */
+ static int OSSL10X_proto_version_logic(int sock, const char **myproto, int
*avoid_ssl_versions)
+ {
