[fetchmail-devel] flaw concerning fetchmail 6.3.21 error message

[Oskar S. <os...@sc...>]

Use Case:
  fetching mail from a server using pop3s, port 995,
  with option "ssl" given, but no sslproto explicitely
  selected.
  Operating System: Linux, Slackware 12.2.
  Compiler: gcc 4.2.4
  Pop3 Server: qmail
  Fetchmail versions tested: 6.3.8 and 6.3.21

Problem:
  on each invocation, fetchmail states the following
  error message, which is superfluous:

Invalid SSL protocol '' specified, using default (SSLv23).

  [note: when giving some "sslproto xy", this message is
   given twice, with an empty protocol name on the second line]

Reason for Symptom:
  socket.c checks given protocol names to be one of "ssl2", "ssl3", etc,
  but fails to check against empty string "". As it checks against
  NULL string, though, the reason for the bug may be confusion in
  "no protocol given" value policy internal to fetchmail sources
  (i.e. empty string vs. null string). A better solution than the
  one given here might resolve this policy issue, instead.

Solution:
  To have the bogus error message go away, check against empty string
  additionally, patch as follows:



diff -ur fetchmail-6.3.21/socket.c fetchmail-6.3.21-patch/socket.c
--- fetchmail-6.3.21/socket.c	2011-08-21 15:34:58.000000000 +0200
+++ fetchmail-6.3.21-patch/socket.c	2011-09-29 10:34:33.777407663 +0200
@@ -881,6 +881,8 @@
 			_ctx[sock] = SSL_CTX_new(TLSv1_client_method());
 		} else if (!strcasecmp("ssl23",myproto)) {
 			myproto = NULL;
+		} else if (!strcmp("",myproto)) {
+			myproto = NULL;
 		} else {
 			fprintf(stderr,GT_("Invalid SSL protocol '%s' specified, using default (SSLv23).\n"), myproto);
 			myproto = NULL;