Hello community,
here is the log from the commit of package imap for openSUSE:Factory checked in at 2016-03-29 09:56:07
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/imap (Old)
and /work/SRC/openSUSE:Factory/.imap.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "imap"
Changes:
--------
--- /work/SRC/openSUSE:Factory/imap/imap.changes 2016-03-01 09:38:34.000000000 +0100
+++ /work/SRC/openSUSE:Factory/.imap.new/imap.changes 2016-03-29 09:56:08.000000000 +0200
@@ -1,0 +2,17 @@
+Mon Mar 14 18:25:44 UTC 2016 - crrodriguez@opensuse.org
+
+- spec: most C sources need removal of old K&R extern int errno;
+ declaration, which does not actually work with glibc where
+ errno is a macro that expands to a function call.
+- spec: build with -DOPENSSL_NO_DEPRECATED and
+ -DOPENSSL_NO_SSL_INTERN to emulate as close as possible
+ API/ABI availability of upcoming openSSL releases.
+- imap-openssl.patch: remove ephemeral RSA keys support, it is
+ considered insecure.openSSL 1.1 no longer supports this feature
+ and package will fail to build.
+- imap-openssl.patch: remove code that uses insecure tmpnam()
+ function, it is not required on linux systems.
+- imap-implicit-decls.patch: fix implicit fortify/pointer
+ declaration rpmlint warnings.
+
+-------------------------------------------------------------------
New:
----
imap-implicit-decls.patch
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ imap.spec ++++++
--- /var/tmp/diff_new_pack.Zq1Lq2/_old 2016-03-29 09:56:09.000000000 +0200
+++ /var/tmp/diff_new_pack.Zq1Lq2/_new 2016-03-29 09:56:09.000000000 +0200
@@ -44,6 +44,7 @@
#Patch6: %{name}-2006c1.diff
Patch6: %{name}-2007e.patch
Patch7: imap-openssl.patch
+Patch8: imap-implicit-decls.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-build
PreReq: bash /bin/echo /bin/mv
BuildRequires: openssl-devel
@@ -107,12 +108,17 @@
%patch5 -p1
%patch6 -p1
%patch7 -p1
+%patch8 -p1
+
+#K & R declarations of errno won't work anymore..
+#it a no longer an integer but a macro that expands to a function call
+find -type f -name "*.[h,c]" -exec sed -i -e '/extern int errno;/d' {} +
%build
-export CFLAGS="$RPM_OPT_FLAGS -DDISABLE_POP_PROXY=1 -fPIC -fno-strict-aliasing -fstack-protector"
+export CFLAGS="$RPM_OPT_FLAGS -DOPENSSL_NO_DEPRECATED -DOPENSSL_NO_SSL_INTERN -DDISABLE_POP_PROXY=1 -fPIC -fno-strict-aliasing -fstack-protector"
make lnp MYCFLAGS="$CFLAGS" SSLTYPE=nopwd IP=6
make lnp c-client
-gcc -shared -Wl,-soname,libc-client.so.%{version} -o libc-client.so.%{version} c-client/*.o -lpam
+gcc $CFLAGS -shared -Wl,-soname,libc-client.so.%{version} -o libc-client.so.%{version} c-client/*.o -lpam
%install
mkdir -p $RPM_BUILD_ROOT/usr/{sbin,share/man/man8,share/doc/packages/imap}
++++++ imap-implicit-decls.patch ++++++
Index: imap-2007e/src/osdep/unix/env_unix.c
===================================================================
--- imap-2007e.orig/src/osdep/unix/env_unix.c
+++ imap-2007e/src/osdep/unix/env_unix.c
@@ -27,6 +27,7 @@
#include
#include
#include
+#include
/* in case stat.h is ancient */
Index: imap-2007e/src/osdep/unix/unix.c
===================================================================
--- imap-2007e.orig/src/osdep/unix/unix.c
+++ imap-2007e/src/osdep/unix/unix.c
@@ -40,12 +40,12 @@
#include
#include
#include
-extern int errno; /* just in case */
#include
#include "mail.h"
#include "osdep.h"
#include
#include
+#include
#include "unix.h"
#include "pseudo.h"
#include "fdstring.h"
Index: imap-2007e/src/imapd/imapd.c
===================================================================
--- imap-2007e.orig/src/imapd/imapd.c
+++ imap-2007e/src/imapd/imapd.c
@@ -29,7 +29,6 @@
#include
#include
#include
-extern int errno; /* just in case */
#include
#include
#include
Index: imap-2007e/src/mtest/mtest.c
===================================================================
--- imap-2007e.orig/src/mtest/mtest.c
+++ imap-2007e/src/mtest/mtest.c
@@ -58,7 +58,22 @@
# define MACOS 0
# endif
#endif
-
+
+
+/* This is a local implementation of ISO9899:2011 K.3.5.4.1/4
+ * gets_s function. a quick and dirty hack */
+
+static char *mtest_gets(char *s, size_t n)
+{
+#ifdef __STDC_LIB_EXT1__
+ return gets_s(s, n);
+#else
+ char *ret = fgets(s, n, stdin);
+ if (ret && s[strlen(s)-1] == '\n') s[strlen(s)-1] = 0;
+ return ret;
+#endif
+}
+
char *curhst = NIL; /* currently connected host */
char *curusr = NIL; /* current login user */
char personalname[MAILTMPLEN]; /* user's personal name */
@@ -595,7 +610,9 @@ void status (MAILSTREAM *stream)
void prompt (char *msg,char *txt)
{
printf ("%s",msg);
- gets (txt);
+ mtest_gets(txt, sizeof txt);
+
+
}
/* Interfaces to C-client */
@@ -779,7 +796,7 @@ void smtptest (long debug)
puts (" Msg (end with a line with only a '.'):");
body->type = TYPETEXT;
*text = '\0';
- while (gets (line)) {
+ while (mtest_gets(line, sizeof line)) {
if (line[0] == '.') {
if (line[1] == '\0') break;
else strcat (text,".");
Index: imap-2007e/src/dmail/dmail.c
===================================================================
--- imap-2007e.orig/src/dmail/dmail.c
+++ imap-2007e/src/dmail/dmail.c
@@ -27,9 +27,10 @@
*/
#include
+#include
+#include
#include
#include
-extern int errno; /* just in case */
#include
#include
#include
Index: imap-2007e/src/mlock/mlock.c
===================================================================
--- imap-2007e.orig/src/mlock/mlock.c
+++ imap-2007e/src/mlock/mlock.c
@@ -41,6 +41,7 @@
#include
#include
#include
+#include
#define LOCKTIMEOUT 5 /* lock timeout in minutes */
#define LOCKPROTECTION 0664
Index: imap-2007e/src/tmail/tmail.c
===================================================================
--- imap-2007e.orig/src/tmail/tmail.c
+++ imap-2007e/src/tmail/tmail.c
@@ -29,7 +29,8 @@
#include
#include
#include
-extern int errno; /* just in case */
+#include
+#include
#include
#include
#include
++++++ imap-openssl.patch ++++++
--- /var/tmp/diff_new_pack.Zq1Lq2/_old 2016-03-29 09:56:10.000000000 +0200
+++ /var/tmp/diff_new_pack.Zq1Lq2/_new 2016-03-29 09:56:10.000000000 +0200
@@ -1,3 +1,5 @@
+Index: imap-2007e/src/osdep/unix/ssl_unix.c
+===================================================================
--- imap-2007e.orig/src/osdep/unix/ssl_unix.c
+++ imap-2007e/src/osdep/unix/ssl_unix.c
@@ -38,7 +38,7 @@
@@ -9,7 +11,43 @@
/* SSL I/O stream */
-@@ -219,11 +219,13 @@ static char *ssl_start_work (SSLSTREAM *
+@@ -93,28 +93,13 @@ static int sslonceonly = 0;
+ void ssl_onceonlyinit (void)
+ {
+ if (!sslonceonly++) { /* only need to call it once */
+- int fd;
+- char tmp[MAILTMPLEN];
+- struct stat sbuf;
+- /* if system doesn't have /dev/urandom */
+- if (stat ("/dev/urandom",&sbuf)) {
+- while ((fd = open (tmpnam (tmp),O_WRONLY|O_CREAT|O_EXCL,0600)) < 0)
+- sleep (1);
+- unlink (tmp); /* don't need the file */
+- fstat (fd,&sbuf); /* get information about the file */
+- close (fd); /* flush descriptor */
+- /* not great but it'll have to do */
+- sprintf (tmp + strlen (tmp),"%.80s%lx%.80s%lx%lx%lx%lx%lx",
+- tcp_serveraddr (),(unsigned long) tcp_serverport (),
+- tcp_clientaddr (),(unsigned long) tcp_clientport (),
+- (unsigned long) sbuf.st_ino,(unsigned long) time (0),
+- (unsigned long) gethostid (),(unsigned long) getpid ());
+- RAND_seed (tmp,strlen (tmp));
+- }
+- /* apply runtime linkage */
+- mail_parameters (NIL,SET_SSLDRIVER,(void *) &ssldriver);
+- mail_parameters (NIL,SET_SSLSTART,(void *) ssl_start);
+- SSL_library_init (); /* add all algorithms */
++ mail_parameters (NIL,SET_SSLDRIVER,(void *) &ssldriver);
++ mail_parameters (NIL,SET_SSLSTART,(void *) ssl_start);
++#if OPENSSL_VERSION_NUMBER < 0x10100000L
++ SSL_library_init();
++#else
++ OPENSSL_init_ssl(0, NULL);
++#endif
+ }
+ }
+
+@@ -219,11 +204,13 @@ static char *ssl_start_work (SSLSTREAM *
(sslclientkey_t) mail_parameters (NIL,GET_SSLCLIENTKEY,NIL);
if (ssl_last_error) fs_give ((void **) &ssl_last_error);
ssl_last_host = host;
@@ -27,7 +65,7 @@
/* disable certificate validation? */
if (flags & NET_NOVALIDATECERT)
SSL_CTX_set_verify (stream->context,SSL_VERIFY_NONE,NIL);
-@@ -702,13 +704,22 @@ void ssl_server_init (char *server)
+@@ -702,13 +689,22 @@ void ssl_server_init (char *server)
if (stat (key,&sbuf)) strcpy (key,cert);
}
/* create context */
@@ -54,3 +92,44 @@
/* set cipher list */
if (!SSL_CTX_set_cipher_list (stream->context,SSLCIPHERLIST))
syslog (LOG_ALERT,"Unable to set cipher list %.80s, host=%.80s",
+@@ -724,8 +720,6 @@ void ssl_server_init (char *server)
+ key,tcp_clienthost ());
+
+ else { /* generate key if needed */
+- if (SSL_CTX_need_tmp_RSA (stream->context))
+- SSL_CTX_set_tmp_rsa_callback (stream->context,ssl_genkey);
+ /* create new SSL connection */
+ if (!(stream->con = SSL_new (stream->context)))
+ syslog (LOG_ALERT,"Unable to create SSL connection, host=%.80s",
+@@ -760,31 +754,7 @@ void ssl_server_init (char *server)
+ ssl_close (stream); /* punt stream */
+ exit (1); /* punt this program too */
+ }
+-
+-/* Generate one-time key for server
+- * Accepts: SSL connection
+- * export flag
+- * keylength
+- * Returns: generated key, always
+- */
+
+-static RSA *ssl_genkey (SSL *con,int export,int keylength)
+-{
+- unsigned long i;
+- static RSA *key = NIL;
+- if (!key) { /* if don't have a key already */
+- /* generate key */
+- if (!(key = RSA_generate_key (export ? keylength : 1024,RSA_F4,NIL,NIL))) {
+- syslog (LOG_ALERT,"Unable to generate temp key, host=%.80s",
+- tcp_clienthost ());
+- while (i = ERR_get_error ())
+- syslog (LOG_ALERT,"SSL error status: %s",ERR_error_string (i,NIL));
+- exit (1);
+- }
+- }
+- return key;
+-}
+-
+ /* Wait for stdin input
+ * Accepts: timeout in seconds
+ * Returns: T if have input on stdin, else NIL