Bug 36608

Summary: Problem with self-signed certificates on pop.gmail.com
Product: Sisyphus Reporter: Alexey Gladkov <legion>
Component: fetchmailAssignee: Alexey Gladkov <legion>
Status: CLOSED FIXED QA Contact: qa-sisyphus
Severity: normal    
Priority: P3 CC: azol, legion, mike
Version: unstable   
Hardware: all   
OS: Linux   

Description Alexey Gladkov 2019-04-16 20:38:37 MSK 
При попытке скачать почту по POP3/IMAP с gmail.com в логах появляется сообщение:

fetchmail: Server certificate verification error: self signed certificate
fetchmail: Missing trust anchor certificate: /OU=No SNI provided; please fix your client./CN=invalid2.invalid
fetchmail: This could mean that the root CA's signing certificate is not in the trusted CA certificate location, or that c_rehash needs to be run on the
certificate directory. For details, please see the documentation of --sslcertpath and --sslcertfile in the manual page.
fetchmail: Warning: the connection is insecure, continuing anyways. (Better use --sslcertck!)

Приложите пожалуйста патч из https://bugzilla.redhat.com/show_bug.cgi?id=1611815
Comment 1 Alexey Gladkov 2019-04-16 20:40:02 MSK 
Лучше апстримный коммит: https://gitlab.com/fetchmail/fetchmail/commit/9b8b634312f169fab872f3580c2febe5af031615
Comment 2 Michael Shigorin 2019-04-16 21:24:03 MSK 
Отправил http://webery.altlinux.org/task/227248, спасибо!
Comment 3 Repository Robot 2019-04-16 22:04:58 MSK 
fetchmail-6.3.26-alt6 -> sisyphus:

Tue Apr 16 2019 Michael Shigorin <mike@altlinux> 6.3.26-alt6
- added upstream SNI support patch; thx legion@ (closes: #36608)
- avoid extra tarball compression (no reason with gear)