CVS commit: pkgsrc/mail/imap-uw

To: pkgsrc-changes%NetBSD.org@localhost
Subject: CVS commit: pkgsrc/mail/imap-uw
From: "Thomas Klausner" <wiz%netbsd.org@localhost>
Date: Sun, 15 Apr 2018 07:43:22 +0000

Module Name:    pkgsrc
Committed By:   wiz
Date:           Sun Apr 15 07:43:22 UTC 2018

Modified Files:
        pkgsrc/mail/imap-uw: Makefile distinfo
Added Files:
        pkgsrc/mail/imap-uw/patches: patch-src_osdep_unix_ssl__unix.c

Log Message:
imap-uw: use Debian patch to fix build with openssl 1.1.

Untested, except that it builds.

Bump PKGREVISION.


To generate a diff of this commit:
cvs rdiff -u -r1.145 -r1.146 pkgsrc/mail/imap-uw/Makefile
cvs rdiff -u -r1.45 -r1.46 pkgsrc/mail/imap-uw/distinfo
cvs rdiff -u -r0 -r1.1 \
    pkgsrc/mail/imap-uw/patches/patch-src_osdep_unix_ssl__unix.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: pkgsrc/mail/imap-uw/Makefile
diff -u pkgsrc/mail/imap-uw/Makefile:1.145 pkgsrc/mail/imap-uw/Makefile:1.146
--- pkgsrc/mail/imap-uw/Makefile:1.145  Fri Feb 16 22:06:58 2018
+++ pkgsrc/mail/imap-uw/Makefile        Sun Apr 15 07:43:22 2018
@@ -1,4 +1,4 @@
-# $NetBSD: Makefile,v 1.145 2018/02/16 22:06:58 jdolecek Exp $
+# $NetBSD: Makefile,v 1.146 2018/04/15 07:43:22 wiz Exp $
 #
 # ATTENTION:
 # The Kerberos support in this software is known to be problematic. If you
@@ -11,7 +11,7 @@
 
 DISTNAME=      imap-2007f
 PKGNAME=       ${DISTNAME:S/-/-uw-/}
-PKGREVISION=   5
+PKGREVISION=   6
 CATEGORIES=    mail
 MASTER_SITES=  ftp://ftp.cac.washington.edu/imap/
 EXTRACT_SUFX=  .tar.Z

Index: pkgsrc/mail/imap-uw/distinfo
diff -u pkgsrc/mail/imap-uw/distinfo:1.45 pkgsrc/mail/imap-uw/distinfo:1.46
--- pkgsrc/mail/imap-uw/distinfo:1.45   Fri Jun  2 05:35:21 2017
+++ pkgsrc/mail/imap-uw/distinfo        Sun Apr 15 07:43:22 2018
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.45 2017/06/02 05:35:21 taca Exp $
+$NetBSD: distinfo,v 1.46 2018/04/15 07:43:22 wiz Exp $
 
 SHA1 (imap-2007f.tar.Z) = 1c9935e5a261baec85dadcbc0c514b66fa3ce0a5
 RMD160 (imap-2007f.tar.Z) = 14f40284e9e164c0ed7677f1e5d8e3309c7c58c1
@@ -40,3 +40,4 @@ SHA1 (patch-src_c-client_mail.c) = fca90
 SHA1 (patch-src_c-client_misc.c) = d22ca95fb333b5234c66440faf5d6e30a148bad1
 SHA1 (patch-src_c-client_misc.h) = 5cf51d186b04ebb45c79b8042bbdcb01716dd2ce
 SHA1 (patch-src_mlock_Makefile) = 6bf652f597ad21dffa44e01d6cb89525eeaf7fc9
+SHA1 (patch-src_osdep_unix_ssl__unix.c) = c36d87ab1f10e4a07bd50db5f8222daefa441251

Added files:

Index: pkgsrc/mail/imap-uw/patches/patch-src_osdep_unix_ssl__unix.c
diff -u /dev/null pkgsrc/mail/imap-uw/patches/patch-src_osdep_unix_ssl__unix.c:1.1
--- /dev/null   Sun Apr 15 07:43:22 2018
+++ pkgsrc/mail/imap-uw/patches/patch-src_osdep_unix_ssl__unix.c        Sun Apr 15 07:43:22 2018
@@ -0,0 +1,60 @@
+$NetBSD: patch-src_osdep_unix_ssl__unix.c,v 1.1 2018/04/15 07:43:22 wiz Exp $
+
+Description: Support OpenSSL 1.1
+ When building with OpenSSL 1.1 and newer, use the new built-in
+ hostname verification instead of code that doesn't compile due to
+ structs having been made opaque.
+Bug-Debian: https://bugs.debian.org/828589
+
+--- src/osdep/unix/ssl_unix.c.orig     2011-07-23 00:20:10.000000000 +0000
++++ src/osdep/unix/ssl_unix.c
+@@ -227,8 +227,16 @@ static char *ssl_start_work (SSLSTREAM *
+                               /* disable certificate validation? */
+   if (flags & NET_NOVALIDATECERT)
+     SSL_CTX_set_verify (stream->context,SSL_VERIFY_NONE,NIL);
+-  else SSL_CTX_set_verify (stream->context,SSL_VERIFY_PEER,ssl_open_verify);
++  else {
++#if OPENSSL_VERSION_NUMBER >= 0x10100000      
++      X509_VERIFY_PARAM *param = SSL_CTX_get0_param(stream->context);
++      X509_VERIFY_PARAM_set_hostflags(param, X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS);
++      X509_VERIFY_PARAM_set1_host(param, host, 0);
++#endif
++
++      SSL_CTX_set_verify (stream->context,SSL_VERIFY_PEER,ssl_open_verify);
+                               /* set default paths to CAs... */
++  }
+   SSL_CTX_set_default_verify_paths (stream->context);
+                               /* ...unless a non-standard path desired */
+   if (s = (char *) mail_parameters (NIL,GET_SSLCAPATH,NIL))
+@@ -266,6 +274,7 @@ static char *ssl_start_work (SSLSTREAM *
+   if (SSL_write (stream->con,"",0) < 0)
+     return ssl_last_error ? ssl_last_error : "SSL negotiation failed";
+                               /* need to validate host names? */
++#if OPENSSL_VERSION_NUMBER < 0x10100000
+   if (!(flags & NET_NOVALIDATECERT) &&
+       (err = ssl_validate_cert (cert = SSL_get_peer_certificate (stream->con),
+                               host))) {
+@@ -275,6 +284,7 @@ static char *ssl_start_work (SSLSTREAM *
+     sprintf (tmp,"*%.128s: %.255s",err,cert ? cert->name : "???");
+     return ssl_last_error = cpystr (tmp);
+   }
++#endif
+   return NIL;
+ }
+ 
+@@ -313,6 +323,7 @@ static int ssl_open_verify (int ok,X509_
+  * Returns: NIL if validated, else string of error message
+  */
+ 
++#if OPENSSL_VERSION_NUMBER < 0x10100000
+ static char *ssl_validate_cert (X509 *cert,char *host)
+ {
+   int i,n;
+@@ -342,6 +353,7 @@ static char *ssl_validate_cert (X509 *ce
+   else ret = "Unable to locate common name in certificate";
+   return ret;
+ }
++#endif
+ 
+ /* Case-independent wildcard pattern match
+  * Accepts: base string

Prev by Date: CVS commit: pkgsrc/doc
Next by Date: CVS commit: pkgsrc/doc
Previous by Thread: CVS commit: pkgsrc/doc
Next by Thread: CVS commit: pkgsrc/doc
Indexes:

Home | Main Index | Thread Index | Old Index