Compare commits
No commits in common. 'c9' and 'cs10' have entirely different histories.
@ -1,2 +1,2 @@
|
||||
4673c244c6ea73ee3da0bb61d0206a1fe3d0be0e SOURCES/dovecot-2.3-pigeonhole-0.5.16.tar.gz
|
||||
b5c598ae8b9901bfabdf2c93271f57cde0bde73e SOURCES/dovecot-2.3.16.tar.gz
|
||||
e0707a46cb9e1342a74cb03803430f9198608e5e SOURCES/dovecot-2.3-pigeonhole-0.5.21.tar.gz
|
||||
20300087e8575a42dc16245d05b0905b588396f9 SOURCES/dovecot-2.3.21.tar.gz
|
||||
|
||||
@ -1,2 +1,2 @@
|
||||
SOURCES/dovecot-2.3-pigeonhole-0.5.16.tar.gz
|
||||
SOURCES/dovecot-2.3.16.tar.gz
|
||||
SOURCES/dovecot-2.3-pigeonhole-0.5.21.tar.gz
|
||||
SOURCES/dovecot-2.3.21.tar.gz
|
||||
|
||||
@ -0,0 +1,48 @@
|
||||
diff -up dovecot-2.3.21/dovecot-pigeonhole/src/lib-sieve/plugins/include/cmd-include.c.ph_optglob dovecot-2.3.21/dovecot-pigeonhole/src/lib-sieve/plugins/include/cmd-include.c
|
||||
--- dovecot-2.3.21/dovecot-pigeonhole/src/lib-sieve/plugins/include/cmd-include.c.ph_optglob 2024-06-04 09:11:28.514189662 +0200
|
||||
+++ dovecot-2.3.21/dovecot-pigeonhole/src/lib-sieve/plugins/include/cmd-include.c 2024-06-04 09:18:23.219809778 +0200
|
||||
@@ -368,11 +368,13 @@ static bool opc_include_dump
|
||||
return FALSE;
|
||||
|
||||
sieve_code_descend(denv);
|
||||
- sieve_code_dumpf(denv, "script: `%s' from %s %s%s[ID: %d, BLOCK: %d]",
|
||||
+ sieve_code_dumpf(denv, "script: `%s' from %s %s%s%s[ID: %d, BLOCK: %d]",
|
||||
sieve_script_name(included->script), sieve_script_location(included->script),
|
||||
((flags & EXT_INCLUDE_FLAG_ONCE) != 0 ? "(once) " : ""),
|
||||
((flags & EXT_INCLUDE_FLAG_OPTIONAL) != 0 ? "(optional) " : ""),
|
||||
- include_id, sieve_binary_block_get_id(included->block));
|
||||
+ (included->block == NULL ? "(missing) " : ""),
|
||||
+ include_id,
|
||||
+ (included->block == NULL ? -1 : sieve_binary_block_get_id(included->block)));
|
||||
|
||||
return TRUE;
|
||||
}
|
||||
diff -up dovecot-2.3.21/dovecot-pigeonhole/src/lib-sieve/plugins/include/ext-include-common.c.ph_optglob dovecot-2.3.21/dovecot-pigeonhole/src/lib-sieve/plugins/include/ext-include-common.c
|
||||
--- dovecot-2.3.21/dovecot-pigeonhole/src/lib-sieve/plugins/include/ext-include-common.c.ph_optglob 2023-09-14 15:18:26.000000000 +0200
|
||||
+++ dovecot-2.3.21/dovecot-pigeonhole/src/lib-sieve/plugins/include/ext-include-common.c 2024-06-04 09:10:45.187823805 +0200
|
||||
@@ -693,6 +693,25 @@ int ext_include_execute_include(const st
|
||||
}
|
||||
|
||||
ctx = ext_include_get_interpreter_context(this_ext, renv->interp);
|
||||
+ if (included->block == NULL) {
|
||||
+ if ((flags & EXT_INCLUDE_FLAG_OPTIONAL) != 0) {
|
||||
+ sieve_runtime_trace(
|
||||
+ renv, SIEVE_TRLVL_NONE,
|
||||
+ "include: skipped include for script '%s' "
|
||||
+ "[inc id: %d, block: NULL]; optional and unavailable",
|
||||
+ sieve_script_name(included->script),
|
||||
+ include_id);
|
||||
+ return result;
|
||||
+ } else {
|
||||
+ sieve_runtime_trace(
|
||||
+ renv, SIEVE_TRLVL_NONE,
|
||||
+ "include: unavailable script '%s' "
|
||||
+ "[inc id: %d, block: NULL]",
|
||||
+ sieve_script_name(included->script),
|
||||
+ include_id);
|
||||
+ return SIEVE_EXEC_BIN_CORRUPT;
|
||||
+ }
|
||||
+ }
|
||||
block_id = sieve_binary_block_get_id(included->block);
|
||||
|
||||
/* If :once modifier is specified, check for duplicate include */
|
||||
@ -0,0 +1,12 @@
|
||||
diff -up dovecot-2.3.21/dovecot-pigeonhole/src/lib-sieve/storage/file/sieve-file-script.c.testfix4 dovecot-2.3.21/dovecot-pigeonhole/src/lib-sieve/storage/file/sieve-file-script.c
|
||||
--- dovecot-2.3.21/dovecot-pigeonhole/src/lib-sieve/storage/file/sieve-file-script.c.testfix4 2024-06-03 13:35:24.408858593 +0200
|
||||
+++ dovecot-2.3.21/dovecot-pigeonhole/src/lib-sieve/storage/file/sieve-file-script.c 2024-06-03 13:35:24.434858849 +0200
|
||||
@@ -800,7 +800,7 @@ static bool sieve_file_script_equals
|
||||
(struct sieve_file_script *)other;
|
||||
|
||||
return ( CMP_DEV_T(fscript->st.st_dev, fother->st.st_dev) &&
|
||||
- fscript->st.st_ino == fother->st.st_ino );
|
||||
+ fscript->st.st_ino == fother->st.st_ino && (fscript->st.st_ino != 0 || script->location != NULL && other->location != NULL && strcmp(script->location, other->location) == 0));
|
||||
}
|
||||
|
||||
/*
|
||||
@ -0,0 +1,11 @@
|
||||
diff -up dovecot-2.3.0.1/src/auth/mycrypt.c.libxcrypt dovecot-2.3.0.1/src/auth/mycrypt.c
|
||||
--- dovecot-2.3.0.1/src/auth/mycrypt.c.libxcrypt 2018-02-28 15:28:58.000000000 +0100
|
||||
+++ dovecot-2.3.0.1/src/auth/mycrypt.c 2018-03-27 10:57:38.447769201 +0200
|
||||
@@ -14,6 +14,7 @@
|
||||
# define _XPG6 /* Some Solaris versions require this, some break with this */
|
||||
#endif
|
||||
#include <unistd.h>
|
||||
+#include <crypt.h>
|
||||
|
||||
#include "mycrypt.h"
|
||||
|
||||
@ -1,17 +0,0 @@
|
||||
diff --git a/src/lib-index/mail-index-sync.c b/src/lib-index/mail-index-sync.c
|
||||
index 6322ee1869..c847f1cc01 100644
|
||||
--- a/src/lib-index/mail-index-sync.c
|
||||
+++ b/src/lib-index/mail-index-sync.c
|
||||
@@ -544,6 +544,12 @@ static bool mail_index_sync_view_have_any(struct mail_index_view *view,
|
||||
return TRUE;
|
||||
|
||||
mail_transaction_log_get_head(view->index->log, &log_seq, &log_offset);
|
||||
+ if (log_seq < view->map->hdr.log_file_seq ||
|
||||
+ ((log_seq == view->map->hdr.log_file_seq &&
|
||||
+ log_offset < view->map->hdr.log_file_tail_offset))) {
|
||||
+ /* invalid offsets - let the syncing handle the error */
|
||||
+ return TRUE;
|
||||
+ }
|
||||
if (mail_transaction_log_view_set(view->log_view,
|
||||
view->map->hdr.log_file_seq,
|
||||
view->map->hdr.log_file_tail_offset,
|
||||
@ -1,53 +0,0 @@
|
||||
commit ec4595097067a736717ef202fe8542b1b4bc2dd5
|
||||
Author: Timo Sirainen <timo.sirainen@open-xchange.com>
|
||||
Date: Tue Aug 10 12:22:08 2021 +0300
|
||||
|
||||
lib-index: Fix storing cache fields' last_used with 64bit big endian CPUs
|
||||
|
||||
diff --git a/src/lib-index/mail-cache-fields.c b/src/lib-index/mail-cache-fields.c
|
||||
index e929fb559d..429e0d234c 100644
|
||||
--- a/src/lib-index/mail-cache-fields.c
|
||||
+++ b/src/lib-index/mail-cache-fields.c
|
||||
@@ -524,6 +524,19 @@ static void copy_to_buf_byte(struct mail_cache *cache, buffer_t *dest,
|
||||
}
|
||||
}
|
||||
|
||||
+static void
|
||||
+copy_to_buf_last_used(struct mail_cache *cache, buffer_t *dest, bool add_new)
|
||||
+{
|
||||
+ size_t offset = offsetof(struct mail_cache_field, last_used);
|
||||
+#if defined(WORDS_BIGENDIAN) && SIZEOF_VOID_P == 8
|
||||
+ /* 64bit time_t with big endian CPUs: copy the last 32 bits instead of
|
||||
+ the first 32 bits (that are always 0). The 32 bits are enough until
|
||||
+ year 2106, so we're not in a hurry to use 64 bits on disk. */
|
||||
+ offset += sizeof(uint32_t);
|
||||
+#endif
|
||||
+ copy_to_buf(cache, dest, add_new, offset, sizeof(uint32_t));
|
||||
+}
|
||||
+
|
||||
static int mail_cache_header_fields_update_locked(struct mail_cache *cache)
|
||||
{
|
||||
buffer_t *buffer;
|
||||
@@ -536,9 +549,7 @@ static int mail_cache_header_fields_update_locked(struct mail_cache *cache)
|
||||
|
||||
buffer = t_buffer_create(256);
|
||||
|
||||
- copy_to_buf(cache, buffer, FALSE,
|
||||
- offsetof(struct mail_cache_field, last_used),
|
||||
- sizeof(uint32_t));
|
||||
+ copy_to_buf_last_used(cache, buffer, FALSE);
|
||||
ret = mail_cache_write(cache, buffer->data, buffer->used,
|
||||
offset + MAIL_CACHE_FIELD_LAST_USED());
|
||||
if (ret == 0) {
|
||||
@@ -599,9 +610,7 @@ void mail_cache_header_fields_get(struct mail_cache *cache, buffer_t *dest)
|
||||
buffer_append(dest, &hdr, sizeof(hdr));
|
||||
|
||||
/* we have to keep the field order for the existing fields. */
|
||||
- copy_to_buf(cache, dest, TRUE,
|
||||
- offsetof(struct mail_cache_field, last_used),
|
||||
- sizeof(uint32_t));
|
||||
+ copy_to_buf_last_used(cache, dest, TRUE);
|
||||
copy_to_buf(cache, dest, TRUE,
|
||||
offsetof(struct mail_cache_field, field_size),
|
||||
sizeof(uint32_t));
|
||||
|
||||
@ -1,578 +0,0 @@
|
||||
From 9f3002393fe1c1fe317121d03591569dac120739 Mon Sep 17 00:00:00 2001
|
||||
From: Stephan Bosch <stephan.bosch@open-xchange.com>
|
||||
Date: Tue, 17 Aug 2021 19:09:13 +0200
|
||||
Subject: [PATCH 01/12] lib-sieve: sieve-interpreter - Fix field mixup in debug
|
||||
message.
|
||||
|
||||
---
|
||||
src/lib-sieve/sieve-interpreter.c | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/src/lib-sieve/sieve-interpreter.c b/src/lib-sieve/sieve-interpreter.c
|
||||
index 9ee6c659..274e142d 100644
|
||||
--- a/src/lib-sieve/sieve-interpreter.c
|
||||
+++ b/src/lib-sieve/sieve-interpreter.c
|
||||
@@ -1003,8 +1003,8 @@ int sieve_interpreter_continue(struct sieve_interpreter *interp,
|
||||
}
|
||||
e_debug(e->event(), "Finished running script `%s' "
|
||||
"(status=%s, resource usage: %s)",
|
||||
- sieve_execution_exitcode_to_str(ret),
|
||||
sieve_binary_source(interp->runenv.sbin),
|
||||
+ sieve_execution_exitcode_to_str(ret),
|
||||
sieve_resource_usage_get_summary(&interp->rusage));
|
||||
interp->running = FALSE;
|
||||
}
|
||||
|
||||
From 54e020c1212f626049bffc6c6fea8e606a893af2 Mon Sep 17 00:00:00 2001
|
||||
From: Stephan Bosch <stephan.bosch@open-xchange.com>
|
||||
Date: Wed, 18 Aug 2021 01:44:23 +0200
|
||||
Subject: [PATCH 02/12] lib-sieve: sieve-result - Remove success parameter from
|
||||
sieve_result_implicit_keep_execute().
|
||||
|
||||
---
|
||||
src/lib-sieve/sieve-result.c | 18 ++++++++----------
|
||||
1 file changed, 8 insertions(+), 10 deletions(-)
|
||||
|
||||
diff --git a/src/lib-sieve/sieve-result.c b/src/lib-sieve/sieve-result.c
|
||||
index 55eb9f54..d3f2f925 100644
|
||||
--- a/src/lib-sieve/sieve-result.c
|
||||
+++ b/src/lib-sieve/sieve-result.c
|
||||
@@ -1475,8 +1475,7 @@ void sieve_result_execution_destroy(struct sieve_result_execution **_rexec)
|
||||
}
|
||||
|
||||
static void
|
||||
-sieve_result_implicit_keep_execute(struct sieve_result_execution *rexec,
|
||||
- bool success)
|
||||
+sieve_result_implicit_keep_execute(struct sieve_result_execution *rexec)
|
||||
{
|
||||
const struct sieve_action_exec_env *aenv = &rexec->action_env;
|
||||
struct sieve_result *result = aenv->result;
|
||||
@@ -1486,6 +1485,7 @@ sieve_result_implicit_keep_execute(struct sieve_result_execution *rexec,
|
||||
struct sieve_action_execution *aexec_keep = &rexec->keep;
|
||||
struct sieve_result_action *ract_keep = &rexec->keep_action;
|
||||
struct sieve_action *act_keep = &ract_keep->action;
|
||||
+ bool success = (rexec->status == SIEVE_EXEC_OK);
|
||||
|
||||
if (rexec->keep_equiv_action != NULL) {
|
||||
e_debug(rexec->event, "No implicit keep needed "
|
||||
@@ -1579,8 +1579,8 @@ sieve_result_implicit_keep_execute(struct sieve_result_execution *rexec,
|
||||
}
|
||||
}
|
||||
|
||||
- e_debug(rexec->event, "Execute implicit keep (failure=%s)",
|
||||
- (!success ? "yes" : "no"));
|
||||
+ e_debug(rexec->event, "Execute implicit keep (status=%s)",
|
||||
+ sieve_execution_exitcode_to_str(rexec->status));
|
||||
|
||||
/* Initialize side effects */
|
||||
sieve_action_execution_add_side_effects(rexec, aexec_keep, ract_keep);
|
||||
@@ -1633,7 +1633,7 @@ sieve_result_implicit_keep_finalize(struct sieve_result_execution *rexec,
|
||||
/* Start keep if necessary */
|
||||
if (act_keep->def == NULL ||
|
||||
aexec_keep->state != SIEVE_ACTION_EXECUTION_STATE_EXECUTED) {
|
||||
- sieve_result_implicit_keep_execute(rexec, success);
|
||||
+ sieve_result_implicit_keep_execute(rexec);
|
||||
/* Switch to failure keep if necessary. */
|
||||
} else if (rexec->keep_success && !success){
|
||||
e_debug(rexec->event, "Switch to failure implicit keep");
|
||||
@@ -1645,7 +1645,7 @@ sieve_result_implicit_keep_finalize(struct sieve_result_execution *rexec,
|
||||
i_zero(aexec_keep);
|
||||
|
||||
/* Start failure keep action. */
|
||||
- sieve_result_implicit_keep_execute(rexec, success);
|
||||
+ sieve_result_implicit_keep_execute(rexec);
|
||||
}
|
||||
if (act_keep->def == NULL)
|
||||
return rexec->keep_status;
|
||||
@@ -1931,10 +1931,8 @@ int sieve_result_execute(struct sieve_result_execution *rexec, int status,
|
||||
/* Execute implicit keep if the transaction failed or when the
|
||||
implicit keep was not canceled during transaction.
|
||||
*/
|
||||
- if (rexec->status != SIEVE_EXEC_OK || rexec->keep_implicit) {
|
||||
- sieve_result_implicit_keep_execute(
|
||||
- rexec, (rexec->status == SIEVE_EXEC_OK));
|
||||
- }
|
||||
+ if (rexec->status != SIEVE_EXEC_OK || rexec->keep_implicit)
|
||||
+ sieve_result_implicit_keep_execute(rexec);
|
||||
}
|
||||
|
||||
/* Transaction commit/rollback */
|
||||
|
||||
From 291f2fdb77b86db566dca7c028dd93fc741f6b31 Mon Sep 17 00:00:00 2001
|
||||
From: Stephan Bosch <stephan.bosch@open-xchange.com>
|
||||
Date: Wed, 18 Aug 2021 01:40:57 +0200
|
||||
Subject: [PATCH 03/12] lib-sieve: sieve-result - Remove success parameter from
|
||||
sieve_result_implicit_keep_finalize().
|
||||
|
||||
---
|
||||
src/lib-sieve/sieve-result.c | 11 +++++------
|
||||
1 file changed, 5 insertions(+), 6 deletions(-)
|
||||
|
||||
diff --git a/src/lib-sieve/sieve-result.c b/src/lib-sieve/sieve-result.c
|
||||
index d3f2f925..3cf2c02a 100644
|
||||
--- a/src/lib-sieve/sieve-result.c
|
||||
+++ b/src/lib-sieve/sieve-result.c
|
||||
@@ -1603,8 +1603,7 @@ sieve_result_implicit_keep_execute(struct sieve_result_execution *rexec)
|
||||
}
|
||||
|
||||
static int
|
||||
-sieve_result_implicit_keep_finalize(struct sieve_result_execution *rexec,
|
||||
- bool success)
|
||||
+sieve_result_implicit_keep_finalize(struct sieve_result_execution *rexec)
|
||||
{
|
||||
const struct sieve_action_exec_env *aenv = &rexec->action_env;
|
||||
const struct sieve_execute_env *eenv = aenv->exec_env;
|
||||
@@ -1612,6 +1611,7 @@ sieve_result_implicit_keep_finalize(struct sieve_result_execution *rexec,
|
||||
struct sieve_result_action *ract_keep = &rexec->keep_action;
|
||||
struct sieve_action *act_keep = &ract_keep->action;
|
||||
int commit_status = SIEVE_EXEC_OK;
|
||||
+ bool success = (rexec->status == SIEVE_EXEC_OK);
|
||||
|
||||
if (rexec->keep_equiv_action != NULL) {
|
||||
struct sieve_action_execution *ke_aexec =
|
||||
@@ -1627,8 +1627,8 @@ sieve_result_implicit_keep_finalize(struct sieve_result_execution *rexec,
|
||||
return rexec->keep_status;
|
||||
}
|
||||
|
||||
- e_debug(rexec->event, "Finalize implicit keep (failure=%s)",
|
||||
- (!success ? "yes" : "no"));
|
||||
+ e_debug(rexec->event, "Finalize implicit keep (status=%s)",
|
||||
+ sieve_execution_exitcode_to_str(rexec->status));
|
||||
|
||||
/* Start keep if necessary */
|
||||
if (act_keep->def == NULL ||
|
||||
@@ -1950,8 +1950,7 @@ int sieve_result_execute(struct sieve_result_execution *rexec, int status,
|
||||
implicit keep was not canceled during transaction.
|
||||
*/
|
||||
if (rexec->status != SIEVE_EXEC_OK || rexec->keep_implicit) {
|
||||
- ret = sieve_result_implicit_keep_finalize(
|
||||
- rexec, (rexec->status == SIEVE_EXEC_OK));
|
||||
+ ret = sieve_result_implicit_keep_finalize(rexec);
|
||||
switch (ret) {
|
||||
case SIEVE_EXEC_OK:
|
||||
if (result_status == SIEVE_EXEC_TEMP_FAILURE)
|
||||
|
||||
From 10e347e3c9eb5e7bf5bc6f178389005357f527fe Mon Sep 17 00:00:00 2001
|
||||
From: Stephan Bosch <stephan.bosch@open-xchange.com>
|
||||
Date: Wed, 18 Aug 2021 02:07:01 +0200
|
||||
Subject: [PATCH 04/12] lib-sieve: sieve-result - Move temp failure status
|
||||
checks into sieve_result_implicit_keep_execute().
|
||||
|
||||
---
|
||||
src/lib-sieve/sieve-result.c | 38 ++++++++++++++++++++++++------------
|
||||
1 file changed, 26 insertions(+), 12 deletions(-)
|
||||
|
||||
diff --git a/src/lib-sieve/sieve-result.c b/src/lib-sieve/sieve-result.c
|
||||
index 3cf2c02a..44afeef7 100644
|
||||
--- a/src/lib-sieve/sieve-result.c
|
||||
+++ b/src/lib-sieve/sieve-result.c
|
||||
@@ -934,6 +934,7 @@ struct sieve_result_execution {
|
||||
bool keep_success:1;
|
||||
bool keep_explicit:1;
|
||||
bool keep_implicit:1;
|
||||
+ bool keep_finalizing:1;
|
||||
bool seen_delivery:1;
|
||||
bool executed:1;
|
||||
bool executed_delivery:1;
|
||||
@@ -1485,7 +1486,24 @@ sieve_result_implicit_keep_execute(struct sieve_result_execution *rexec)
|
||||
struct sieve_action_execution *aexec_keep = &rexec->keep;
|
||||
struct sieve_result_action *ract_keep = &rexec->keep_action;
|
||||
struct sieve_action *act_keep = &ract_keep->action;
|
||||
- bool success = (rexec->status == SIEVE_EXEC_OK);
|
||||
+ bool success = FALSE;
|
||||
+
|
||||
+ switch (rexec->status) {
|
||||
+ case SIEVE_EXEC_OK:
|
||||
+ success = TRUE;
|
||||
+ break;
|
||||
+ case SIEVE_EXEC_TEMP_FAILURE:
|
||||
+ case SIEVE_EXEC_RESOURCE_LIMIT:
|
||||
+ if (rexec->executed)
|
||||
+ break;
|
||||
+ if (rexec->committed)
|
||||
+ break;
|
||||
+ if (rexec->keep_finalizing)
|
||||
+ break;
|
||||
+ return;
|
||||
+ default:
|
||||
+ break;
|
||||
+ }
|
||||
|
||||
if (rexec->keep_equiv_action != NULL) {
|
||||
e_debug(rexec->event, "No implicit keep needed "
|
||||
@@ -1630,6 +1648,8 @@ sieve_result_implicit_keep_finalize(struct sieve_result_execution *rexec)
|
||||
e_debug(rexec->event, "Finalize implicit keep (status=%s)",
|
||||
sieve_execution_exitcode_to_str(rexec->status));
|
||||
|
||||
+ rexec->keep_finalizing = TRUE;
|
||||
+
|
||||
/* Start keep if necessary */
|
||||
if (act_keep->def == NULL ||
|
||||
aexec_keep->state != SIEVE_ACTION_EXECUTION_STATE_EXECUTED) {
|
||||
@@ -1923,17 +1943,11 @@ int sieve_result_execute(struct sieve_result_execution *rexec, int status,
|
||||
return rexec->status;
|
||||
}
|
||||
|
||||
- /* Execute implicit keep if necessary */
|
||||
-
|
||||
- if (rexec->executed ||
|
||||
- (rexec->status != SIEVE_EXEC_TEMP_FAILURE &&
|
||||
- rexec->status != SIEVE_EXEC_RESOURCE_LIMIT)) {
|
||||
- /* Execute implicit keep if the transaction failed or when the
|
||||
- implicit keep was not canceled during transaction.
|
||||
- */
|
||||
- if (rexec->status != SIEVE_EXEC_OK || rexec->keep_implicit)
|
||||
- sieve_result_implicit_keep_execute(rexec);
|
||||
- }
|
||||
+ /* Execute implicit keep if the transaction failed or when the
|
||||
+ implicit keep was not canceled during transaction.
|
||||
+ */
|
||||
+ if (rexec->status != SIEVE_EXEC_OK || rexec->keep_implicit)
|
||||
+ sieve_result_implicit_keep_execute(rexec);
|
||||
|
||||
/* Transaction commit/rollback */
|
||||
|
||||
|
||||
From c84e6e5d8d1d8b03a0ba5958804d200c6e1916d8 Mon Sep 17 00:00:00 2001
|
||||
From: Stephan Bosch <stephan.bosch@open-xchange.com>
|
||||
Date: Wed, 18 Aug 2021 02:26:32 +0200
|
||||
Subject: [PATCH 05/12] lib-sieve: sieve-result - Move temp failure status
|
||||
checks into sieve_result_implicit_keep_finalize().
|
||||
|
||||
---
|
||||
src/lib-sieve/sieve-result.c | 56 +++++++++++++++++++++---------------
|
||||
1 file changed, 33 insertions(+), 23 deletions(-)
|
||||
|
||||
diff --git a/src/lib-sieve/sieve-result.c b/src/lib-sieve/sieve-result.c
|
||||
index 44afeef7..10cc3b95 100644
|
||||
--- a/src/lib-sieve/sieve-result.c
|
||||
+++ b/src/lib-sieve/sieve-result.c
|
||||
@@ -1629,7 +1629,20 @@ sieve_result_implicit_keep_finalize(struct sieve_result_execution *rexec)
|
||||
struct sieve_result_action *ract_keep = &rexec->keep_action;
|
||||
struct sieve_action *act_keep = &ract_keep->action;
|
||||
int commit_status = SIEVE_EXEC_OK;
|
||||
- bool success = (rexec->status == SIEVE_EXEC_OK);
|
||||
+ bool success = FALSE;
|
||||
+
|
||||
+ switch (rexec->status) {
|
||||
+ case SIEVE_EXEC_OK:
|
||||
+ success = TRUE;
|
||||
+ break;
|
||||
+ case SIEVE_EXEC_TEMP_FAILURE:
|
||||
+ case SIEVE_EXEC_RESOURCE_LIMIT:
|
||||
+ if (rexec->committed)
|
||||
+ break;
|
||||
+ return rexec->status;
|
||||
+ default:
|
||||
+ break;
|
||||
+ }
|
||||
|
||||
if (rexec->keep_equiv_action != NULL) {
|
||||
struct sieve_action_execution *ke_aexec =
|
||||
@@ -1957,32 +1970,29 @@ int sieve_result_execute(struct sieve_result_execution *rexec, int status,
|
||||
/* Commit implicit keep if necessary */
|
||||
|
||||
result_status = rexec->status;
|
||||
- if (rexec->committed ||
|
||||
- (rexec->status != SIEVE_EXEC_TEMP_FAILURE &&
|
||||
- rexec->status != SIEVE_EXEC_RESOURCE_LIMIT)) {
|
||||
- /* Commit implicit keep if the transaction failed or when the
|
||||
- implicit keep was not canceled during transaction.
|
||||
- */
|
||||
- if (rexec->status != SIEVE_EXEC_OK || rexec->keep_implicit) {
|
||||
- ret = sieve_result_implicit_keep_finalize(rexec);
|
||||
- switch (ret) {
|
||||
- case SIEVE_EXEC_OK:
|
||||
- if (result_status == SIEVE_EXEC_TEMP_FAILURE)
|
||||
- result_status = SIEVE_EXEC_FAILURE;
|
||||
+
|
||||
+ /* Commit implicit keep if the transaction failed or when the
|
||||
+ implicit keep was not canceled during transaction.
|
||||
+ */
|
||||
+ if (rexec->status != SIEVE_EXEC_OK || rexec->keep_implicit) {
|
||||
+ ret = sieve_result_implicit_keep_finalize(rexec);
|
||||
+ switch (ret) {
|
||||
+ case SIEVE_EXEC_OK:
|
||||
+ if (result_status == SIEVE_EXEC_TEMP_FAILURE)
|
||||
+ result_status = SIEVE_EXEC_FAILURE;
|
||||
+ break;
|
||||
+ case SIEVE_EXEC_TEMP_FAILURE:
|
||||
+ if (!rexec->committed) {
|
||||
+ result_status = ret;
|
||||
break;
|
||||
- case SIEVE_EXEC_TEMP_FAILURE:
|
||||
- if (!rexec->committed) {
|
||||
- result_status = ret;
|
||||
- break;
|
||||
- }
|
||||
- /* fall through */
|
||||
- default:
|
||||
- result_status = SIEVE_EXEC_KEEP_FAILED;
|
||||
}
|
||||
+ /* fall through */
|
||||
+ default:
|
||||
+ result_status = SIEVE_EXEC_KEEP_FAILED;
|
||||
}
|
||||
- if (rexec->status == SIEVE_EXEC_OK)
|
||||
- rexec->status = result_status;
|
||||
}
|
||||
+ if (rexec->status == SIEVE_EXEC_OK)
|
||||
+ rexec->status = result_status;
|
||||
|
||||
/* Finish execution */
|
||||
|
||||
|
||||
From 92b4b06d5d8deeefdd17d5fb18d7f0d23e8e414b Mon Sep 17 00:00:00 2001
|
||||
From: Stephan Bosch <stephan.bosch@open-xchange.com>
|
||||
Date: Wed, 18 Aug 2021 02:46:18 +0200
|
||||
Subject: [PATCH 06/12] lib-sieve: sieve-result - Skip implicit keep in
|
||||
execution stage upon temp failure.
|
||||
|
||||
It will be executed in the commit phase if necessary; don't do it early; it will
|
||||
only be rolled back.
|
||||
---
|
||||
src/lib-sieve/sieve-result.c | 2 --
|
||||
1 file changed, 2 deletions(-)
|
||||
|
||||
diff --git a/src/lib-sieve/sieve-result.c b/src/lib-sieve/sieve-result.c
|
||||
index 10cc3b95..82354831 100644
|
||||
--- a/src/lib-sieve/sieve-result.c
|
||||
+++ b/src/lib-sieve/sieve-result.c
|
||||
@@ -1494,8 +1494,6 @@ sieve_result_implicit_keep_execute(struct sieve_result_execution *rexec)
|
||||
break;
|
||||
case SIEVE_EXEC_TEMP_FAILURE:
|
||||
case SIEVE_EXEC_RESOURCE_LIMIT:
|
||||
- if (rexec->executed)
|
||||
- break;
|
||||
if (rexec->committed)
|
||||
break;
|
||||
if (rexec->keep_finalizing)
|
||||
|
||||
From f2b81cc6ebaa3001bde693f7abdb990f467f7831 Mon Sep 17 00:00:00 2001
|
||||
From: Stephan Bosch <stephan.bosch@open-xchange.com>
|
||||
Date: Wed, 18 Aug 2021 02:56:32 +0200
|
||||
Subject: [PATCH 07/12] lib-sieve: sieve-result - Fix handling of resource
|
||||
limit status after implicit keep commit.
|
||||
|
||||
---
|
||||
src/lib-sieve/sieve-result.c | 1 +
|
||||
1 file changed, 1 insertion(+)
|
||||
|
||||
diff --git a/src/lib-sieve/sieve-result.c b/src/lib-sieve/sieve-result.c
|
||||
index 82354831..96582075 100644
|
||||
--- a/src/lib-sieve/sieve-result.c
|
||||
+++ b/src/lib-sieve/sieve-result.c
|
||||
@@ -1980,6 +1980,7 @@ int sieve_result_execute(struct sieve_result_execution *rexec, int status,
|
||||
result_status = SIEVE_EXEC_FAILURE;
|
||||
break;
|
||||
case SIEVE_EXEC_TEMP_FAILURE:
|
||||
+ case SIEVE_EXEC_RESOURCE_LIMIT:
|
||||
if (!rexec->committed) {
|
||||
result_status = ret;
|
||||
break;
|
||||
|
||||
From 293f0027106a725e4cbcf56b673f1eedda00c317 Mon Sep 17 00:00:00 2001
|
||||
From: Stephan Bosch <stephan.bosch@open-xchange.com>
|
||||
Date: Wed, 18 Aug 2021 02:54:25 +0200
|
||||
Subject: [PATCH 08/12] lib-sieve: sieve-result - Fix resource leak occurring
|
||||
when implicit keep is executed before temporary failure at commit.
|
||||
|
||||
In the commit phase the implicit keep was never finalized, meaning that it was
|
||||
not rolled back and thus not cleaned up properly. This leads to a memory leak
|
||||
and a mailbox reference leak. This in turn causes an assert crash at the end
|
||||
of delivery when the mail user is destroyed.
|
||||
---
|
||||
src/lib-sieve/sieve-result.c | 18 ++++++++++++++----
|
||||
1 file changed, 14 insertions(+), 4 deletions(-)
|
||||
|
||||
diff --git a/src/lib-sieve/sieve-result.c b/src/lib-sieve/sieve-result.c
|
||||
index 96582075..10ea349c 100644
|
||||
--- a/src/lib-sieve/sieve-result.c
|
||||
+++ b/src/lib-sieve/sieve-result.c
|
||||
@@ -1627,7 +1627,7 @@ sieve_result_implicit_keep_finalize(struct sieve_result_execution *rexec)
|
||||
struct sieve_result_action *ract_keep = &rexec->keep_action;
|
||||
struct sieve_action *act_keep = &ract_keep->action;
|
||||
int commit_status = SIEVE_EXEC_OK;
|
||||
- bool success = FALSE;
|
||||
+ bool success = FALSE, temp_failure = FALSE;
|
||||
|
||||
switch (rexec->status) {
|
||||
case SIEVE_EXEC_OK:
|
||||
@@ -1637,7 +1637,15 @@ sieve_result_implicit_keep_finalize(struct sieve_result_execution *rexec)
|
||||
case SIEVE_EXEC_RESOURCE_LIMIT:
|
||||
if (rexec->committed)
|
||||
break;
|
||||
- return rexec->status;
|
||||
+
|
||||
+ if (aexec_keep->state !=
|
||||
+ SIEVE_ACTION_EXECUTION_STATE_EXECUTED)
|
||||
+ return rexec->status;
|
||||
+ /* Roll back for temporary failure when no other action
|
||||
+ is committed. */
|
||||
+ commit_status = rexec->status;
|
||||
+ temp_failure = TRUE;
|
||||
+ break;
|
||||
default:
|
||||
break;
|
||||
}
|
||||
@@ -1662,8 +1670,10 @@ sieve_result_implicit_keep_finalize(struct sieve_result_execution *rexec)
|
||||
rexec->keep_finalizing = TRUE;
|
||||
|
||||
/* Start keep if necessary */
|
||||
- if (act_keep->def == NULL ||
|
||||
- aexec_keep->state != SIEVE_ACTION_EXECUTION_STATE_EXECUTED) {
|
||||
+ if (temp_failure) {
|
||||
+ rexec->keep_status = rexec->status;
|
||||
+ } else if (act_keep->def == NULL ||
|
||||
+ aexec_keep->state != SIEVE_ACTION_EXECUTION_STATE_EXECUTED) {
|
||||
sieve_result_implicit_keep_execute(rexec);
|
||||
/* Switch to failure keep if necessary. */
|
||||
} else if (rexec->keep_success && !success){
|
||||
|
||||
From 81bd53d6c9fa14fc6b32304e49dddb8fd022de91 Mon Sep 17 00:00:00 2001
|
||||
From: Stephan Bosch <stephan.bosch@open-xchange.com>
|
||||
Date: Wed, 18 Aug 2021 13:29:41 +0200
|
||||
Subject: [PATCH 09/12] lib-sieve: sieve-result - Assert that implicit keep is
|
||||
executed in sieve_result_implicit_keep_finalize().
|
||||
|
||||
---
|
||||
src/lib-sieve/sieve-result.c | 2 ++
|
||||
1 file changed, 2 insertions(+)
|
||||
|
||||
diff --git a/src/lib-sieve/sieve-result.c b/src/lib-sieve/sieve-result.c
|
||||
index 10ea349c..de97d6ae 100644
|
||||
--- a/src/lib-sieve/sieve-result.c
|
||||
+++ b/src/lib-sieve/sieve-result.c
|
||||
@@ -1691,6 +1691,8 @@ sieve_result_implicit_keep_finalize(struct sieve_result_execution *rexec)
|
||||
if (act_keep->def == NULL)
|
||||
return rexec->keep_status;
|
||||
|
||||
+ i_assert(aexec_keep->state == SIEVE_ACTION_EXECUTION_STATE_EXECUTED);
|
||||
+
|
||||
/* Finalize keep action */
|
||||
rexec->keep_status = sieve_result_action_commit_or_rollback(
|
||||
rexec, aexec_keep, rexec->keep_status, &commit_status);
|
||||
|
||||
From dbf5b62ba82766a7d824e81005b2517d96984ef0 Mon Sep 17 00:00:00 2001
|
||||
From: Stephan Bosch <stephan.bosch@open-xchange.com>
|
||||
Date: Wed, 18 Aug 2021 02:43:05 +0200
|
||||
Subject: [PATCH 10/12] lib-sieve: sieve-result - Add debug messages for temp
|
||||
failure handling.
|
||||
|
||||
---
|
||||
src/lib-sieve/sieve-result.c | 28 +++++++++++++++++++++++++---
|
||||
1 file changed, 25 insertions(+), 3 deletions(-)
|
||||
|
||||
diff --git a/src/lib-sieve/sieve-result.c b/src/lib-sieve/sieve-result.c
|
||||
index de97d6ae..c21c8017 100644
|
||||
--- a/src/lib-sieve/sieve-result.c
|
||||
+++ b/src/lib-sieve/sieve-result.c
|
||||
@@ -1494,10 +1494,21 @@ sieve_result_implicit_keep_execute(struct sieve_result_execution *rexec)
|
||||
break;
|
||||
case SIEVE_EXEC_TEMP_FAILURE:
|
||||
case SIEVE_EXEC_RESOURCE_LIMIT:
|
||||
- if (rexec->committed)
|
||||
+ if (rexec->committed) {
|
||||
+ e_debug(rexec->event,
|
||||
+ "Temporary failure occurred (status=%s), "
|
||||
+ "but other actions were already committed: "
|
||||
+ "execute failure implicit keep",
|
||||
+ sieve_execution_exitcode_to_str(rexec->status));
|
||||
break;
|
||||
+ }
|
||||
if (rexec->keep_finalizing)
|
||||
break;
|
||||
+
|
||||
+ e_debug(rexec->event,
|
||||
+ "Skip implicit keep for temporary failure "
|
||||
+ "(state=execute, status=%s)",
|
||||
+ sieve_execution_exitcode_to_str(rexec->status));
|
||||
return;
|
||||
default:
|
||||
break;
|
||||
@@ -1635,12 +1646,23 @@ sieve_result_implicit_keep_finalize(struct sieve_result_execution *rexec)
|
||||
break;
|
||||
case SIEVE_EXEC_TEMP_FAILURE:
|
||||
case SIEVE_EXEC_RESOURCE_LIMIT:
|
||||
- if (rexec->committed)
|
||||
+ if (rexec->committed) {
|
||||
+ e_debug(rexec->event,
|
||||
+ "Temporary failure occurred (status=%s), "
|
||||
+ "but other actions were already committed: "
|
||||
+ "commit failure implicit keep",
|
||||
+ sieve_execution_exitcode_to_str(rexec->status));
|
||||
break;
|
||||
+ }
|
||||
|
||||
if (aexec_keep->state !=
|
||||
- SIEVE_ACTION_EXECUTION_STATE_EXECUTED)
|
||||
+ SIEVE_ACTION_EXECUTION_STATE_EXECUTED) {
|
||||
+ e_debug(rexec->event,
|
||||
+ "Skip implicit keep for temporary failure "
|
||||
+ "(state=commit, status=%s)",
|
||||
+ sieve_execution_exitcode_to_str(rexec->status));
|
||||
return rexec->status;
|
||||
+ }
|
||||
/* Roll back for temporary failure when no other action
|
||||
is committed. */
|
||||
commit_status = rexec->status;
|
||||
|
||||
From 65d771c15bf443690580dbb0643556794106522b Mon Sep 17 00:00:00 2001
|
||||
From: Stephan Bosch <stephan.bosch@open-xchange.com>
|
||||
Date: Wed, 18 Aug 2021 13:26:26 +0200
|
||||
Subject: [PATCH 11/12] lib-sieve: sieve-result - Indicate in
|
||||
sieve_result_transaction_execute() debug message whether actions were
|
||||
executed.
|
||||
|
||||
---
|
||||
src/lib-sieve/sieve-result.c | 5 +++--
|
||||
1 file changed, 3 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/src/lib-sieve/sieve-result.c b/src/lib-sieve/sieve-result.c
|
||||
index c21c8017..6f3cb954 100644
|
||||
--- a/src/lib-sieve/sieve-result.c
|
||||
+++ b/src/lib-sieve/sieve-result.c
|
||||
@@ -1796,10 +1796,11 @@ sieve_result_transaction_execute(struct sieve_result_execution *rexec,
|
||||
}
|
||||
|
||||
e_debug(rexec->event, "Finished executing actions "
|
||||
- "(status=%s, keep=%s)",
|
||||
+ "(status=%s, keep=%s, executed=%s)",
|
||||
sieve_execution_exitcode_to_str(status),
|
||||
(rexec->keep_explicit ? "explicit" :
|
||||
- (rexec->keep_implicit ? "implicit" : "none")));
|
||||
+ (rexec->keep_implicit ? "implicit" : "none")),
|
||||
+ (rexec->executed ? "yes" : "no"));
|
||||
return status;
|
||||
}
|
||||
|
||||
|
||||
From 4596d39908a868783fae9a0c2fd264409c0aaa96 Mon Sep 17 00:00:00 2001
|
||||
From: Stephan Bosch <stephan.bosch@open-xchange.com>
|
||||
Date: Wed, 18 Aug 2021 13:27:50 +0200
|
||||
Subject: [PATCH 12/12] lib-sieve: sieve-result - Indicate in
|
||||
sieve_result_transaction_finalize() debug message whether actions were
|
||||
committed.
|
||||
|
||||
---
|
||||
src/lib-sieve/sieve-result.c | 5 +++--
|
||||
1 file changed, 3 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/src/lib-sieve/sieve-result.c b/src/lib-sieve/sieve-result.c
|
||||
index 6f3cb954..effd6f28 100644
|
||||
--- a/src/lib-sieve/sieve-result.c
|
||||
+++ b/src/lib-sieve/sieve-result.c
|
||||
@@ -1859,10 +1859,11 @@ sieve_result_transaction_commit_or_rollback(
|
||||
}
|
||||
|
||||
e_debug(rexec->event, "Finished finalizing actions "
|
||||
- "(status=%s, keep=%s)",
|
||||
+ "(status=%s, keep=%s, committed=%s)",
|
||||
sieve_execution_exitcode_to_str(status),
|
||||
(rexec->keep_explicit ? "explicit" :
|
||||
- (rexec->keep_implicit ? "implicit" : "none")));
|
||||
+ (rexec->keep_implicit ? "implicit" : "none")),
|
||||
+ (rexec->committed ? "yes" : "no"));
|
||||
|
||||
return commit_status;
|
||||
}
|
||||
@ -1,31 +0,0 @@
|
||||
From bdf4474ed82aaf964e7d94e72ca56b496e3815f9 Mon Sep 17 00:00:00 2001
|
||||
From: Timo Sirainen <timo.sirainen@open-xchange.com>
|
||||
Date: Fri, 1 Oct 2021 15:08:45 +0300
|
||||
Subject: [PATCH] virtual: Fix leaking mailboxes if virtual mailbox can't be
|
||||
opened
|
||||
|
||||
Fixes also a crash at deinit:
|
||||
Panic: file mail-user.c: line 232 (mail_user_deinit): assertion failed: ((*user)->refcount == 1)
|
||||
---
|
||||
src/plugins/virtual/virtual-storage.c | 4 ++--
|
||||
1 file changed, 2 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/src/plugins/virtual/virtual-storage.c b/src/plugins/virtual/virtual-storage.c
|
||||
index 2f31503d53..a0779cc186 100644
|
||||
--- a/src/plugins/virtual/virtual-storage.c
|
||||
+++ b/src/plugins/virtual/virtual-storage.c
|
||||
@@ -495,12 +495,12 @@ static int virtual_mailbox_open(struct mailbox *box)
|
||||
ret = virtual_mailboxes_open(mbox, box->flags);
|
||||
array_pop_back(&mbox->storage->open_stack);
|
||||
}
|
||||
+ if (ret == 0)
|
||||
+ ret = index_storage_mailbox_open(box, FALSE);
|
||||
if (ret < 0) {
|
||||
virtual_mailbox_close_internal(mbox);
|
||||
return -1;
|
||||
}
|
||||
- if (index_storage_mailbox_open(box, FALSE) < 0)
|
||||
- return -1;
|
||||
|
||||
mbox->virtual_ext_id =
|
||||
mail_index_ext_register(mbox->box.index, "virtual", 0,
|
||||
@ -0,0 +1,295 @@
|
||||
diff -up dovecot-2.3.20/configure.ac.nolibotp dovecot-2.3.20/configure.ac
|
||||
--- dovecot-2.3.20/configure.ac.nolibotp 2022-12-21 09:49:12.000000000 +0100
|
||||
+++ dovecot-2.3.20/configure.ac 2023-02-14 16:54:02.118531016 +0100
|
||||
@@ -854,7 +854,6 @@ src/lib-lua/Makefile
|
||||
src/lib-mail/Makefile
|
||||
src/lib-master/Makefile
|
||||
src/lib-program-client/Makefile
|
||||
-src/lib-otp/Makefile
|
||||
src/lib-dovecot/Makefile
|
||||
src/lib-sasl/Makefile
|
||||
src/lib-settings/Makefile
|
||||
diff -up dovecot-2.3.20/src/auth/main.c.nolibotp dovecot-2.3.20/src/auth/main.c
|
||||
--- dovecot-2.3.20/src/auth/main.c.nolibotp 2022-12-21 09:49:12.000000000 +0100
|
||||
+++ dovecot-2.3.20/src/auth/main.c 2023-02-14 16:54:02.118531016 +0100
|
||||
@@ -19,8 +19,6 @@
|
||||
#include "password-scheme.h"
|
||||
#include "passdb-cache.h"
|
||||
#include "mech.h"
|
||||
-#include "otp.h"
|
||||
-#include "mech-otp-common.h"
|
||||
#include "auth.h"
|
||||
#include "auth-penalty.h"
|
||||
#include "auth-token.h"
|
||||
@@ -283,7 +281,6 @@ static void main_deinit(void)
|
||||
|
||||
auth_policy_deinit();
|
||||
mech_register_deinit(&mech_reg);
|
||||
- mech_otp_deinit();
|
||||
mech_deinit(global_auth_settings);
|
||||
|
||||
/* allow modules to unregister their dbs/drivers/etc. before freeing
|
||||
diff -up dovecot-2.3.20/src/auth/Makefile.am.nolibotp dovecot-2.3.20/src/auth/Makefile.am
|
||||
--- dovecot-2.3.20/src/auth/Makefile.am.nolibotp 2022-12-21 09:49:12.000000000 +0100
|
||||
+++ dovecot-2.3.20/src/auth/Makefile.am 2023-02-14 16:54:02.118531016 +0100
|
||||
@@ -45,7 +45,6 @@ AM_CPPFLAGS = \
|
||||
-I$(top_srcdir)/src/lib-sql \
|
||||
-I$(top_srcdir)/src/lib-settings \
|
||||
-I$(top_srcdir)/src/lib-old-stats \
|
||||
- -I$(top_srcdir)/src/lib-otp \
|
||||
-I$(top_srcdir)/src/lib-master \
|
||||
-I$(top_srcdir)/src/lib-oauth2 \
|
||||
-I$(top_srcdir)/src/lib-ssl-iostream \
|
||||
@@ -67,7 +66,6 @@ libpassword_la_SOURCES = \
|
||||
password-scheme-crypt.c \
|
||||
password-scheme-md5crypt.c \
|
||||
password-scheme-scram.c \
|
||||
- password-scheme-otp.c \
|
||||
password-scheme-pbkdf2.c \
|
||||
password-scheme-sodium.c
|
||||
libpassword_la_CFLAGS = $(AM_CPPFLAGS) $(LIBSODIUM_CFLAGS)
|
||||
@@ -76,7 +74,6 @@ auth_libs = \
|
||||
libauth.la \
|
||||
libstats_auth.la \
|
||||
libpassword.la \
|
||||
- ../lib-otp/libotp.la \
|
||||
$(AUTH_LUA_LIBS) \
|
||||
$(LIBDOVECOT_SQL)
|
||||
|
||||
@@ -95,7 +92,6 @@ libauth_la_SOURCES = \
|
||||
auth-client-connection.c \
|
||||
auth-master-connection.c \
|
||||
auth-policy.c \
|
||||
- mech-otp-common.c \
|
||||
mech-plain-common.c \
|
||||
auth-penalty.c \
|
||||
auth-request.c \
|
||||
@@ -122,7 +118,6 @@ libauth_la_SOURCES = \
|
||||
mech-digest-md5.c \
|
||||
mech-external.c \
|
||||
mech-gssapi.c \
|
||||
- mech-otp.c \
|
||||
mech-scram.c \
|
||||
mech-apop.c \
|
||||
mech-winbind.c \
|
||||
@@ -161,7 +156,6 @@ headers = \
|
||||
auth-client-connection.h \
|
||||
auth-common.h \
|
||||
auth-master-connection.h \
|
||||
- mech-otp-common.h \
|
||||
mech-plain-common.h \
|
||||
mech-digest-md5-private.h \
|
||||
mech-scram.h \
|
||||
@@ -260,7 +254,6 @@ test_libs = \
|
||||
test_libpassword_SOURCES = test-libpassword.c
|
||||
test_libpassword_LDADD = \
|
||||
libpassword.la \
|
||||
- ../lib-otp/libotp.la \
|
||||
$(CRYPT_LIBS) \
|
||||
$(LIBDOVECOT_SQL) \
|
||||
$(LIBSODIUM_LIBS) \
|
||||
diff -up dovecot-2.3.20/src/auth/mech.c.nolibotp dovecot-2.3.20/src/auth/mech.c
|
||||
--- dovecot-2.3.20/src/auth/mech.c.nolibotp 2023-02-14 16:55:38.421231797 +0100
|
||||
+++ dovecot-2.3.20/src/auth/mech.c 2023-02-14 16:55:38.434231892 +0100
|
||||
@@ -71,7 +71,6 @@ extern const struct mech_module mech_apo
|
||||
extern const struct mech_module mech_cram_md5;
|
||||
extern const struct mech_module mech_digest_md5;
|
||||
extern const struct mech_module mech_external;
|
||||
-extern const struct mech_module mech_otp;
|
||||
extern const struct mech_module mech_scram_sha1;
|
||||
extern const struct mech_module mech_scram_sha256;
|
||||
extern const struct mech_module mech_anonymous;
|
||||
@@ -206,7 +205,6 @@ void mech_init(const struct auth_setting
|
||||
mech_register_module(&mech_gssapi_spnego);
|
||||
#endif
|
||||
}
|
||||
- mech_register_module(&mech_otp);
|
||||
mech_register_module(&mech_scram_sha1);
|
||||
mech_register_module(&mech_scram_sha256);
|
||||
mech_register_module(&mech_anonymous);
|
||||
@@ -233,7 +231,6 @@ void mech_deinit(const struct auth_setti
|
||||
mech_unregister_module(&mech_gssapi_spnego);
|
||||
#endif
|
||||
}
|
||||
- mech_unregister_module(&mech_otp);
|
||||
mech_unregister_module(&mech_scram_sha1);
|
||||
mech_unregister_module(&mech_scram_sha256);
|
||||
mech_unregister_module(&mech_anonymous);
|
||||
diff -up dovecot-2.3.20/src/auth/password-scheme.c.nolibotp dovecot-2.3.20/src/auth/password-scheme.c
|
||||
--- dovecot-2.3.20/src/auth/password-scheme.c.nolibotp 2023-02-14 16:54:02.109530950 +0100
|
||||
+++ dovecot-2.3.20/src/auth/password-scheme.c 2023-02-14 16:54:02.119531023 +0100
|
||||
@@ -13,7 +13,6 @@
|
||||
#include "randgen.h"
|
||||
#include "sha1.h"
|
||||
#include "sha2.h"
|
||||
-#include "otp.h"
|
||||
#include "str.h"
|
||||
#include "password-scheme.h"
|
||||
|
||||
@@ -709,32 +708,6 @@ plain_md5_generate(const char *plaintext
|
||||
*size_r = MD5_RESULTLEN;
|
||||
}
|
||||
|
||||
-static int otp_verify(const char *plaintext, const struct password_generate_params *params ATTR_UNUSED,
|
||||
- const unsigned char *raw_password, size_t size,
|
||||
- const char **error_r)
|
||||
-{
|
||||
- const char *password, *generated;
|
||||
-
|
||||
- password = t_strndup(raw_password, size);
|
||||
- if (password_generate_otp(plaintext, password, UINT_MAX, &generated) < 0) {
|
||||
- *error_r = "Invalid OTP data in passdb";
|
||||
- return -1;
|
||||
- }
|
||||
-
|
||||
- return strcasecmp(password, generated) == 0 ? 1 : 0;
|
||||
-}
|
||||
-
|
||||
-static void
|
||||
-otp_generate(const char *plaintext, const struct password_generate_params *params ATTR_UNUSED,
|
||||
- const unsigned char **raw_password_r, size_t *size_r)
|
||||
-{
|
||||
- const char *password;
|
||||
-
|
||||
- if (password_generate_otp(plaintext, NULL, OTP_HASH_SHA1, &password) < 0)
|
||||
- i_unreached();
|
||||
- *raw_password_r = (const unsigned char *)password;
|
||||
- *size_r = strlen(password);
|
||||
-}
|
||||
|
||||
static const struct password_scheme builtin_schemes[] = {
|
||||
{ "MD5", PW_ENCODING_NONE, 0, md5_verify, md5_crypt_generate },
|
||||
@@ -770,7 +743,6 @@ static const struct password_scheme buil
|
||||
NULL, plain_md5_generate },
|
||||
{ "LDAP-MD5", PW_ENCODING_BASE64, MD5_RESULTLEN,
|
||||
NULL, plain_md5_generate },
|
||||
- { "OTP", PW_ENCODING_NONE, 0, otp_verify, otp_generate },
|
||||
{ "PBKDF2", PW_ENCODING_NONE, 0, pbkdf2_verify, pbkdf2_generate },
|
||||
};
|
||||
|
||||
diff -up dovecot-2.3.20/src/auth/password-scheme.h.nolibotp dovecot-2.3.20/src/auth/password-scheme.h
|
||||
--- dovecot-2.3.20/src/auth/password-scheme.h.nolibotp 2023-02-14 16:56:50.929759540 +0100
|
||||
+++ dovecot-2.3.20/src/auth/password-scheme.h 2023-02-14 16:56:50.947759671 +0100
|
||||
@@ -92,9 +92,6 @@ void password_set_encryption_rounds(unsi
|
||||
/* INTERNAL: */
|
||||
const char *password_generate_salt(size_t len);
|
||||
const char *password_generate_md5_crypt(const char *pw, const char *salt);
|
||||
-int password_generate_otp(const char *pw, const char *state_data,
|
||||
- unsigned int algo, const char **result_r)
|
||||
- ATTR_NULL(2);
|
||||
|
||||
int crypt_verify(const char *plaintext,
|
||||
const struct password_generate_params *params,
|
||||
diff -up dovecot-2.3.20/src/auth/test-libpassword.c.nolibotp dovecot-2.3.20/src/auth/test-libpassword.c
|
||||
--- dovecot-2.3.20/src/auth/test-libpassword.c.nolibotp 2023-02-14 16:54:55.880922175 +0100
|
||||
+++ dovecot-2.3.20/src/auth/test-libpassword.c 2023-02-14 16:54:55.896922291 +0100
|
||||
@@ -106,7 +106,6 @@ static void test_password_schemes(void)
|
||||
test_password_scheme("SHA512", "{SHA512}7iaw3Ur350mqGo7jwQrpkj9hiYB3Lkc/iBml1JQODbJ6wYX4oOHV+E+IvIh/1nsUNzLDBMxfqa2Ob1f1ACio/w==", "test");
|
||||
test_password_scheme("SSHA", "{SSHA}H/zrDv8FXUu1JmwvVYijfrYEF34jVZcO", "test");
|
||||
test_password_scheme("MD5-CRYPT", "{MD5-CRYPT}$1$GgvxyNz8$OjZhLh4P.gF1lxYEbLZ3e/", "test");
|
||||
- test_password_scheme("OTP", "{OTP}sha1 1024 ae6b49aa481f7233 f69fc7f98b8fbf54", "test");
|
||||
test_password_scheme("PBKDF2", "{PBKDF2}$1$bUnT4Pl7yFtYX0KU$5000$50a83cafdc517b9f46519415e53c6a858908680a", "test");
|
||||
test_password_scheme("CRAM-MD5", "{CRAM-MD5}e02d374fde0dc75a17a557039a3a5338c7743304777dccd376f332bee68d2cf6", "test");
|
||||
test_password_scheme("DIGEST-MD5", "{DIGEST-MD5}77c1a8c437c9b08ba2f460fe5d58db5d", "test");
|
||||
diff -up dovecot-2.3.20/src/auth/test-mech.c.nolibotp dovecot-2.3.20/src/auth/test-mech.c
|
||||
--- dovecot-2.3.20/src/auth/test-mech.c.nolibotp 2022-12-21 09:49:12.000000000 +0100
|
||||
+++ dovecot-2.3.20/src/auth/test-mech.c 2023-02-14 16:54:02.119531023 +0100
|
||||
@@ -8,8 +8,6 @@
|
||||
#include "auth-request-handler-private.h"
|
||||
#include "auth-settings.h"
|
||||
#include "mech-digest-md5-private.h"
|
||||
-#include "otp.h"
|
||||
-#include "mech-otp-common.h"
|
||||
#include "settings-parser.h"
|
||||
#include "password-scheme.h"
|
||||
#include "auth-token.h"
|
||||
@@ -27,7 +25,6 @@ extern const struct mech_module mech_dov
|
||||
extern const struct mech_module mech_external;
|
||||
extern const struct mech_module mech_login;
|
||||
extern const struct mech_module mech_oauthbearer;
|
||||
-extern const struct mech_module mech_otp;
|
||||
extern const struct mech_module mech_plain;
|
||||
extern const struct mech_module mech_scram_sha1;
|
||||
extern const struct mech_module mech_scram_sha256;
|
||||
@@ -65,10 +62,7 @@ request_handler_reply_mock_callback(stru
|
||||
|
||||
if (request->passdb_result == PASSDB_RESULT_OK)
|
||||
request->failed = FALSE;
|
||||
- else if (request->mech == &mech_otp) {
|
||||
- if (null_strcmp(request->fields.user, "otp_phase_2") == 0)
|
||||
- request->failed = FALSE;
|
||||
- } else if (request->mech == &mech_oauthbearer) {
|
||||
+ else if (request->mech == &mech_oauthbearer) {
|
||||
}
|
||||
};
|
||||
|
||||
@@ -224,10 +218,6 @@ static void test_mechs(void)
|
||||
{&mech_plain, UCHAR_LEN("\0testuser\0testpass"), "testuser", NULL, TRUE, FALSE, FALSE},
|
||||
{&mech_plain, UCHAR_LEN("normaluser\0masteruser\0masterpass"), "masteruser", NULL, TRUE, FALSE, FALSE},
|
||||
{&mech_plain, UCHAR_LEN("normaluser\0normaluser\0masterpass"), "normaluser", NULL, TRUE, FALSE, FALSE},
|
||||
- {&mech_otp, UCHAR_LEN("hex:5Bf0 75d9 959d 036f"), "otp_phase_2", NULL, TRUE, TRUE, FALSE},
|
||||
- {&mech_otp, UCHAR_LEN("word:BOND FOGY DRAB NE RISE MART"), "otp_phase_2", NULL, TRUE, TRUE, FALSE},
|
||||
- {&mech_otp, UCHAR_LEN("init-hex:f6bd 6b33 89b8 7203:md5 499 ke6118:23d1 b253 5ae0 2b7e"), "otp_phase_2", NULL, TRUE, TRUE, FALSE},
|
||||
- {&mech_otp, UCHAR_LEN("init-word:END KERN BALM NICK EROS WAVY:md5 499 ke1235:BABY FAIN OILY NIL TIDY DADE"), "otp_phase_2", NULL , TRUE, TRUE, FALSE},
|
||||
{&mech_oauthbearer, UCHAR_LEN("n,a=testuser,p=cHJvb2Y=,f=nonstandart\x01host=server\x01port=143\x01""auth=Bearer vF9dft4qmTc2Nvb3RlckBhbHRhdmlzdGEuY29tCg==\x01\x01"), "testuser", NULL, FALSE, TRUE, FALSE},
|
||||
{&mech_scram_sha1, UCHAR_LEN("n,,n=testuser,r=rOprNGfwEbeRWgbNEkqO"), "testuser", NULL, TRUE, FALSE, FALSE},
|
||||
{&mech_scram_sha256, UCHAR_LEN("n,,n=testuser,r=rOprNGfwEbeRWgbNEkqO"), "testuser", NULL, TRUE, FALSE, FALSE},
|
||||
@@ -242,8 +232,6 @@ static void test_mechs(void)
|
||||
{&mech_external, UCHAR_LEN(""), "testuser", NULL, FALSE, TRUE, FALSE},
|
||||
{&mech_external, UCHAR_LEN(""), NULL, NULL, FALSE, FALSE, FALSE},
|
||||
{&mech_login, UCHAR_LEN(""), NULL, NULL, FALSE, FALSE, FALSE},
|
||||
- {&mech_otp, UCHAR_LEN(""), NULL, "invalid input", FALSE, FALSE, FALSE},
|
||||
- {&mech_otp, UCHAR_LEN(""), "testuser", "invalid input", FALSE, FALSE, FALSE},
|
||||
{&mech_plain, UCHAR_LEN(""), NULL, NULL, FALSE, FALSE, FALSE},
|
||||
{&mech_oauthbearer, UCHAR_LEN(""), NULL, NULL, FALSE, FALSE, FALSE},
|
||||
{&mech_xoauth2, UCHAR_LEN(""), NULL, NULL, FALSE, FALSE, FALSE},
|
||||
@@ -255,7 +243,6 @@ static void test_mechs(void)
|
||||
{&mech_apop, UCHAR_LEN("1.1.1\0testuser\0tooshort"), NULL, NULL, FALSE, FALSE, FALSE},
|
||||
{&mech_apop, UCHAR_LEN("1.1.1\0testuser\0responseoflen16-"), NULL, NULL, FALSE, FALSE, FALSE},
|
||||
{&mech_apop, UCHAR_LEN("1.1.1"), NULL, NULL, FALSE, FALSE, FALSE},
|
||||
- {&mech_otp, UCHAR_LEN("somebody\0testuser"), "testuser", "otp(testuser): unsupported response type", FALSE, TRUE, FALSE},
|
||||
{&mech_cram_md5, UCHAR_LEN("testuser\0response"), "testuser", NULL, FALSE, FALSE, FALSE},
|
||||
{&mech_plain, UCHAR_LEN("testuser\0"), "testuser", NULL, FALSE, FALSE, FALSE},
|
||||
|
||||
@@ -297,9 +284,7 @@ static void test_mechs(void)
|
||||
{&mech_plain, UCHAR_LEN("\0fa\0il\0ing\0withthis"), NULL, NULL, FALSE, FALSE, FALSE},
|
||||
{&mech_plain, UCHAR_LEN("failingwiththis"), NULL, NULL, FALSE, FALSE, FALSE},
|
||||
{&mech_plain, UCHAR_LEN("failing\0withthis"), NULL, NULL, FALSE, FALSE, FALSE},
|
||||
- {&mech_otp, UCHAR_LEN("someb\0ody\0testuser"), NULL, "invalid input", FALSE, FALSE, FALSE},
|
||||
/* phase 2 */
|
||||
- {&mech_otp, UCHAR_LEN("someb\0ody\0testuser"), "testuser", "otp(testuser): unsupported response type", FALSE, TRUE, FALSE},
|
||||
{&mech_scram_sha1, UCHAR_LEN("c=biws,r=fyko+d2lbbFgONRv9qkxdawL3rfcNHYJY1ZVvWVs7j,p=v0X8v3Bz2T0CJGbJQyF0X+HI4Ts="), NULL, NULL, FALSE, FALSE, FALSE},
|
||||
{&mech_scram_sha1, UCHAR_LEN("iws0X8v3Bz2T0CJGbJQyF0X+HI4Ts=,,,,"), NULL, NULL, FALSE, FALSE, FALSE},
|
||||
{&mech_scram_sha1, UCHAR_LEN("n,a=masteruser,,"), NULL, NULL, FALSE, FALSE, FALSE},
|
||||
@@ -387,7 +372,6 @@ static void test_mechs(void)
|
||||
|
||||
test_end();
|
||||
} T_END;
|
||||
- mech_otp_deinit();
|
||||
auths_deinit();
|
||||
auth_token_deinit();
|
||||
password_schemes_deinit();
|
||||
diff -up dovecot-2.3.20/src/doveadm/Makefile.am.nolibotp dovecot-2.3.20/src/doveadm/Makefile.am
|
||||
--- dovecot-2.3.20/src/doveadm/Makefile.am.nolibotp 2022-12-21 09:49:12.000000000 +0100
|
||||
+++ dovecot-2.3.20/src/doveadm/Makefile.am 2023-02-14 16:54:02.119531023 +0100
|
||||
@@ -36,8 +36,7 @@ AM_CPPFLAGS = \
|
||||
$(BINARY_CFLAGS)
|
||||
|
||||
cmd_pw_libs = \
|
||||
- ../auth/libpassword.la \
|
||||
- ../lib-otp/libotp.la
|
||||
+ ../auth/libpassword.la
|
||||
|
||||
libs = \
|
||||
dsync/libdsync.la \
|
||||
diff -up dovecot-2.3.20/src/Makefile.am.nolibotp dovecot-2.3.20/src/Makefile.am
|
||||
--- dovecot-2.3.20/src/Makefile.am.nolibotp 2022-12-21 09:49:12.000000000 +0100
|
||||
+++ dovecot-2.3.20/src/Makefile.am 2023-02-14 16:54:02.119531023 +0100
|
||||
@@ -40,7 +40,6 @@ SUBDIRS = \
|
||||
lib-index \
|
||||
lib-storage \
|
||||
lib-sql \
|
||||
- lib-otp \
|
||||
lib-lda \
|
||||
lib-dict-backend \
|
||||
anvil \
|
||||
@ -0,0 +1,200 @@
|
||||
diff -up dovecot-2.3.21/src/lib-dcrypt/dcrypt-openssl.c.noengine dovecot-2.3.21/src/lib-dcrypt/dcrypt-openssl.c
|
||||
--- dovecot-2.3.21/src/lib-dcrypt/dcrypt-openssl.c.noengine 2024-07-23 13:18:35.040720598 -0400
|
||||
+++ dovecot-2.3.21/src/lib-dcrypt/dcrypt-openssl.c 2024-07-23 13:20:16.250720598 -0400
|
||||
@@ -20,7 +20,6 @@
|
||||
#include <openssl/bio.h>
|
||||
#include <openssl/pem.h>
|
||||
#include <openssl/x509.h>
|
||||
-#include <openssl/engine.h>
|
||||
#include <openssl/hmac.h>
|
||||
#include <openssl/objects.h>
|
||||
#include <openssl/bn.h>
|
||||
diff -up dovecot-2.3.21/m4/ssl.m4.noengine dovecot-2.3.21/m4/ssl.m4
|
||||
--- dovecot-2.3.21/m4/ssl.m4.noengine 2024-05-06 17:39:59.362886891 +0200
|
||||
+++ dovecot-2.3.21/m4/ssl.m4 2024-05-06 17:42:17.945312656 +0200
|
||||
@@ -233,6 +233,27 @@ AC_DEFUN([DOVECOT_SSL], [
|
||||
AC_CHECK_LIB(ssl, ECDSA_SIG_set0, [
|
||||
AC_DEFINE(HAVE_ECDSA_SIG_SET0,, [Build with ECDSA_SIG_set0 support])
|
||||
],, $SSL_LIBS)
|
||||
+ AC_CHECK_LIB(ssl, OSSL_PROVIDER_try_load, [
|
||||
+ AC_DEFINE(HAVE_OSSL_PROVIDER_try_load,, [Build with OSSL_PROVIDER_try_load support])
|
||||
+ ],, $SSL_LIBS)
|
||||
+ AC_CHECK_LIB(ssl, OPENSSL_init_ssl, [
|
||||
+ AC_DEFINE(HAVE_OPENSSL_init_ssl,, [Build with OPENSSL_init_ssl support])
|
||||
+ ],, $SSL_LIBS)
|
||||
+ AC_CHECK_LIB(ssl, OPENSSL_cleanup, [
|
||||
+ AC_DEFINE(HAVE_OPENSSL_cleanup,, [OpenSSL supports OPENSSL_cleanup()])
|
||||
+ ],, $SSL_LIBS)
|
||||
+ AC_CHECK_LIB(ssl, OPENSSL_thread_stop, [
|
||||
+ AC_DEFINE(HAVE_OPENSSL_thread_stop,, [OpenSSL supports OPENSSL_thread_stop()])
|
||||
+ ],, $SSL_LIBS)
|
||||
+ AC_CHECK_LIB(ssl, ERR_remove_thread_state, [
|
||||
+ AC_DEFINE(HAVE_ERR_remove_thread_state,, [OpenSSL supports ERR_remove_thread_state()])
|
||||
+ ],, $SSL_LIBS)
|
||||
+ AC_CHECK_LIB(ssl, ERR_remove_state, [
|
||||
+ AC_DEFINE(HAVE_ERR_remove_state,, [OpenSSL supports ERR_remove_state()])
|
||||
+ ],, $SSL_LIBS)
|
||||
+ AC_CHECK_LIB(ssl, ENGINE_by_id_DISABLED, [
|
||||
+ AC_DEFINE(HAVE_ENGINE_by_id,, [OpenSSL supports ENGINE_by_id() - !!!EXPLICITELY DISABLED!!! ])
|
||||
+ ],, $SSL_LIBS)
|
||||
AC_CHECK_LIB(ssl, EC_GROUP_order_bits, [
|
||||
AC_DEFINE(HAVE_EC_GROUP_order_bits,, [Build with EC_GROUP_order_bits support])
|
||||
],, $SSL_LIBS)
|
||||
diff -up dovecot-2.3.21/src/lib-ssl-iostream/dovecot-openssl-common.c.noengine dovecot-2.3.21/src/lib-ssl-iostream/dovecot-openssl-common.c
|
||||
--- dovecot-2.3.21/src/lib-ssl-iostream/dovecot-openssl-common.c.noengine 2023-09-14 15:17:46.000000000 +0200
|
||||
+++ dovecot-2.3.21/src/lib-ssl-iostream/dovecot-openssl-common.c 2024-05-06 17:39:59.363886901 +0200
|
||||
@@ -3,13 +3,23 @@
|
||||
#include "lib.h"
|
||||
#include "randgen.h"
|
||||
#include "dovecot-openssl-common.h"
|
||||
+#include "iostream-openssl.h"
|
||||
|
||||
#include <openssl/ssl.h>
|
||||
-#include <openssl/engine.h>
|
||||
+#include <openssl/err.h>
|
||||
+#ifdef HAVE_OSSL_PROVIDER_try_load
|
||||
+# include <openssl/provider.h>
|
||||
+#else
|
||||
+# include <openssl/engine.h>
|
||||
+#endif
|
||||
#include <openssl/rand.h>
|
||||
|
||||
static int openssl_init_refcount = 0;
|
||||
-static ENGINE *dovecot_openssl_engine;
|
||||
+#ifdef HAVE_OSSL_PROVIDER_try_load
|
||||
+static OSSL_PROVIDER *dovecot_openssl_engine = NULL;
|
||||
+#else
|
||||
+static ENGINE *dovecot_openssl_engine = NULL;
|
||||
+#endif
|
||||
|
||||
#ifdef HAVE_SSL_NEW_MEM_FUNCS
|
||||
static void *dovecot_openssl_malloc(size_t size, const char *u0 ATTR_UNUSED, int u1 ATTR_UNUSED)
|
||||
@@ -17,12 +27,14 @@ static void *dovecot_openssl_malloc(size
|
||||
static void *dovecot_openssl_malloc(size_t size)
|
||||
#endif
|
||||
{
|
||||
+ if (size == 0)
|
||||
+ return NULL;
|
||||
/* this may be performance critical, so don't use
|
||||
i_malloc() or calloc() */
|
||||
void *mem = malloc(size);
|
||||
- if (mem == NULL) {
|
||||
+ if (unlikely(mem == NULL)) {
|
||||
i_fatal_status(FATAL_OUTOFMEM,
|
||||
- "OpenSSL: malloc(%zu): Out of memory", size);
|
||||
+ "OpenSSL: malloc(%zu): Out of memory", size);
|
||||
}
|
||||
return mem;
|
||||
}
|
||||
@@ -33,10 +45,14 @@ static void *dovecot_openssl_realloc(voi
|
||||
static void *dovecot_openssl_realloc(void *ptr, size_t size)
|
||||
#endif
|
||||
{
|
||||
+ if (size == 0) {
|
||||
+ free(ptr);
|
||||
+ return NULL;
|
||||
+ }
|
||||
void *mem = realloc(ptr, size);
|
||||
- if (mem == NULL) {
|
||||
+ if (unlikely(mem == NULL)) {
|
||||
i_fatal_status(FATAL_OUTOFMEM,
|
||||
- "OpenSSL: realloc(%zu): Out of memory", size);
|
||||
+ "OpenSSL: realloc(%zu): Out of memory", size);
|
||||
}
|
||||
return mem;
|
||||
}
|
||||
@@ -63,9 +79,13 @@ void dovecot_openssl_common_global_ref(v
|
||||
/*i_warning("CRYPTO_set_mem_functions() was called too late");*/
|
||||
}
|
||||
|
||||
+#ifdef HAVE_OPENSSL_init_ssl
|
||||
+ OPENSSL_init_ssl(0, NULL);
|
||||
+#else
|
||||
SSL_library_init();
|
||||
SSL_load_error_strings();
|
||||
OpenSSL_add_all_algorithms();
|
||||
+#endif
|
||||
}
|
||||
|
||||
bool dovecot_openssl_common_global_unref(void)
|
||||
@@ -76,30 +96,35 @@ bool dovecot_openssl_common_global_unref
|
||||
return TRUE;
|
||||
|
||||
if (dovecot_openssl_engine != NULL) {
|
||||
+#ifdef HAVE_OSSL_PROVIDER_try_load
|
||||
+ OSSL_PROVIDER_unload(dovecot_openssl_engine);
|
||||
+#else
|
||||
ENGINE_finish(dovecot_openssl_engine);
|
||||
+#endif
|
||||
dovecot_openssl_engine = NULL;
|
||||
}
|
||||
+#ifdef HAVE_OPENSSL_cleanup
|
||||
+ OPENSSL_cleanup();
|
||||
+#else
|
||||
/* OBJ_cleanup() is called automatically by EVP_cleanup() in
|
||||
newer versions. Doesn't hurt to call it anyway. */
|
||||
OBJ_cleanup();
|
||||
-#ifdef HAVE_SSL_COMP_FREE_COMPRESSION_METHODS
|
||||
+# if !defined(OPENSSL_NO_COMP)
|
||||
SSL_COMP_free_compression_methods();
|
||||
-#endif
|
||||
+# endif
|
||||
ENGINE_cleanup();
|
||||
EVP_cleanup();
|
||||
CRYPTO_cleanup_all_ex_data();
|
||||
-#ifdef HAVE_OPENSSL_AUTO_THREAD_DEINIT
|
||||
+# ifdef HAVE_OPENSSL_thread_stop
|
||||
/* no cleanup needed */
|
||||
-#elif defined(HAVE_OPENSSL_ERR_REMOVE_THREAD_STATE)
|
||||
+# elif defined(HAVE_ERR_remove_thread_state)
|
||||
/* This was marked as deprecated in v1.1. */
|
||||
ERR_remove_thread_state(NULL);
|
||||
-#else
|
||||
+# elif defined(HAVE_ERR_remove_state)
|
||||
/* This was deprecated by ERR_remove_thread_state(NULL) in v1.0.0. */
|
||||
ERR_remove_state(0);
|
||||
-#endif
|
||||
+# endif
|
||||
ERR_free_strings();
|
||||
-#ifdef HAVE_OPENSSL_CLEANUP
|
||||
- OPENSSL_cleanup();
|
||||
#endif
|
||||
return FALSE;
|
||||
}
|
||||
@@ -110,6 +135,7 @@ int dovecot_openssl_common_global_set_en
|
||||
if (dovecot_openssl_engine != NULL)
|
||||
return 1;
|
||||
|
||||
+#ifdef HAVE_ENGINE_by_id
|
||||
ENGINE_load_builtin_engines();
|
||||
dovecot_openssl_engine = ENGINE_by_id(engine);
|
||||
if (dovecot_openssl_engine == NULL) {
|
||||
@@ -128,5 +154,15 @@ int dovecot_openssl_common_global_set_en
|
||||
dovecot_openssl_engine = NULL;
|
||||
return -1;
|
||||
}
|
||||
+#elif defined(HAVE_OSSL_PROVIDER_try_load)
|
||||
+ if ((dovecot_openssl_engine = OSSL_PROVIDER_try_load(NULL, engine, 1)) == NULL) {
|
||||
+ *error_r = t_strdup_printf("Cannot load '%s': %s", engine,
|
||||
+ openssl_iostream_error());
|
||||
+ return 0;
|
||||
+ }
|
||||
+ return 1;
|
||||
+#else
|
||||
+ *error_r = t_strdup_printf("Cannot load '%s': No engine/provider support available", engine);
|
||||
+#endif
|
||||
return 1;
|
||||
}
|
||||
diff -up dovecot-2.3.21/src/lib-ssl-iostream/Makefile.am.noengine dovecot-2.3.21/src/lib-ssl-iostream/Makefile.am
|
||||
--- dovecot-2.3.21/src/lib-ssl-iostream/Makefile.am.noengine 2023-09-14 15:17:46.000000000 +0200
|
||||
+++ dovecot-2.3.21/src/lib-ssl-iostream/Makefile.am 2024-05-06 17:39:59.363886901 +0200
|
||||
@@ -5,7 +5,8 @@ NOPLUGIN_LDFLAGS =
|
||||
AM_CPPFLAGS = \
|
||||
-I$(top_srcdir)/src/lib \
|
||||
-I$(top_srcdir)/src/lib-test \
|
||||
- -DMODULE_DIR=\""$(moduledir)"\"
|
||||
+ -DMODULE_DIR=\""$(moduledir)"\" \
|
||||
+ $(SSL_CFLAGS)
|
||||
|
||||
if BUILD_OPENSSL
|
||||
module_LTLIBRARIES = libssl_iostream_openssl.la
|
||||
@ -0,0 +1,25 @@
|
||||
m4: crypt_xxpg6.m4: Define _DEFAULT_SOURCE for current glibc
|
||||
|
||||
Current glibc no longer implements the CRYPT extension, so it does not
|
||||
declare crypt in <unistd.h> in strict standard modes. The check
|
||||
defines _XOPEN_SOURCE, which enables one of these modes. Defining
|
||||
_DEFAULT_SOURCE as well again makes available the crypt function
|
||||
prototype.
|
||||
|
||||
This avoids a configure check result change with compilers which do
|
||||
not support implicit function declarations.
|
||||
|
||||
Submitted upstream: <https://github.com/dovecot/core/pull/193>
|
||||
|
||||
diff --git a/m4/crypt_xpg6.m4 b/m4/crypt_xpg6.m4
|
||||
index 0085b2ac76..3a288a3713 100644
|
||||
--- a/m4/crypt_xpg6.m4
|
||||
+++ b/m4/crypt_xpg6.m4
|
||||
@@ -6,6 +6,7 @@ AC_DEFUN([DOVECOT_CRYPT_XPG6], [
|
||||
#define _XOPEN_SOURCE 4
|
||||
#define _XOPEN_SOURCE_EXTENDED 1
|
||||
#define _XOPEN_VERSION 4
|
||||
+ #define _DEFAULT_SOURCE
|
||||
#define _XPG4_2
|
||||
#define _XPG6
|
||||
#include <unistd.h>
|
||||
Loading…
Reference in new issue