From 011563c0e6d7670aa2183f1e20d1457a69921b7ab4931abfd40bb4f4467fb78b Mon Sep 17 00:00:00 2001
From: Marcus Rueckert <mrueckert@suse.com>
Date: Mon, 27 Mar 2023 09:34:43 +0000
Subject: [PATCH] Accepting request 1074621 from
 home:marxin:branches:server:mail

- Add upstream fix-strict-aliasing.patch that addresses violation
  of strict aliasing.

- Enable LTO now as it works now (boo#1156301).

OBS-URL: https://build.opensuse.org/request/show/1074621
OBS-URL: https://build.opensuse.org/package/show/server:mail/dovecot23?expand=0&rev=114
---
 dovecot23.changes         |  11 ++++
 dovecot23.spec            |   3 +-
 fix-strict-aliasing.patch | 103 ++++++++++++++++++++++++++++++++++++++
 3 files changed, 115 insertions(+), 2 deletions(-)
 create mode 100644 fix-strict-aliasing.patch

diff --git a/dovecot23.changes b/dovecot23.changes
index 02a20ea..02b6707 100644
--- a/dovecot23.changes
+++ b/dovecot23.changes
@@ -1,3 +1,14 @@
+-------------------------------------------------------------------
+Mon Mar 27 09:15:10 UTC 2023 - Martin Liška <mliska@suse.cz>
+
+- Add upstream fix-strict-aliasing.patch that addresses violation
+  of strict aliasing.
+
+-------------------------------------------------------------------
+Thu Mar 23 14:45:26 UTC 2023 - Martin Liška <mliska@suse.cz>
+
+- Enable LTO now as it works now (boo#1156301).
+
 -------------------------------------------------------------------
 Sun Feb  5 16:07:02 UTC 2023 - Arjen de Korte <suse+build@de-korte.org>
 
diff --git a/dovecot23.spec b/dovecot23.spec
index 17d8fa8..6fe7d9f 100644
--- a/dovecot23.spec
+++ b/dovecot23.spec
@@ -16,8 +16,6 @@
 #
 
 
-%global _lto_cflags %{nil}
-
 Name:           dovecot23
 Version:        2.3.20
 Release:        0
@@ -164,6 +162,7 @@ Patch:          dovecot-2.3.0-dont_use_etc_ssl_certs.patch
 Patch1:         dovecot-2.3.0-better_ssl_defaults.patch
 # PATCH-FIX-OPENSUSE - boo#1207958
 Patch2:         fix-build-with-openssl-3.patch
+Patch3:         fix-strict-aliasing.patch
 Summary:        IMAP and POP3 Server Written Primarily with Security in Mind
 License:        BSD-3-Clause AND LGPL-2.1-or-later AND MIT
 Group:          Productivity/Networking/Email/Servers
diff --git a/fix-strict-aliasing.patch b/fix-strict-aliasing.patch
new file mode 100644
index 0000000..f5a86e0
--- /dev/null
+++ b/fix-strict-aliasing.patch
@@ -0,0 +1,103 @@
+From 7932dc8457c56cfde21e45a64a2494968a707c81 Mon Sep 17 00:00:00 2001
+From: Martin Liska <mliska@suse.cz>
+Date: Fri, 24 Mar 2023 13:33:13 +0100
+Subject: [PATCH] Fix violation of strict aliasing.
+
+The following issue is already reported here:
+https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=997513
+
+and the problem is in the following statement:
+*(const uint32_t *)&ptr[(n) * 4]
+
+that yields a miscompilation when LTO is enabled.
+---
+ src/lib/md4.c | 18 ------------------
+ 1 file changed, 18 deletions(-)
+
+diff --git a/src/lib/md4.c b/src/lib/md4.c
+index 06082f53c7..60413bd957 100644
+--- a/src/lib/md4.c
++++ b/src/lib/md4.c
+@@ -34,23 +34,6 @@
+ 	(a) = ((a) << (s)) | ((a) >> (32 - (s)))
+ 
+ 
+-/*
+- * SET reads 4 input bytes in little-endian byte order and stores them
+- * in a properly aligned word in host byte order.
+- *
+- * The check for little-endian architectures which tolerate unaligned
+- * memory accesses is just an optimization.  Nothing will break if it
+- * doesn't work.
+- */
+-#if defined(__i386__) || defined(__x86_64__) || defined(__vax__)
+-/* uint_fast32_t might be 64 bit, and thus may read 4 more bytes
+- * beyond the end of the buffer. So only read precisely 32 bits
+- */
+-#define SET(n)				\
+-	(*(const uint32_t *)&ptr[(n) * 4])
+-#define GET(n) \
+-	SET(n)
+-#else
+ #define SET(n) \
+ 	(ctx->block[(n)] = \
+ 	(uint_fast32_t)ptr[(n) * 4] | \
+@@ -59,7 +42,6 @@
+ 	((uint_fast32_t)ptr[(n) * 4 + 3] << 24))
+ #define GET(n) \
+ 	(ctx->block[(n)])
+-#endif
+ 
+ /*
+  * This processes one or more 64-byte data blocks, but does NOT update
+
+From d90a4e74f5fda93783c5881499b1fa38f4109362 Mon Sep 17 00:00:00 2001
+From: Sam James <sam@gentoo.org>
+Date: Mon, 27 Mar 2023 02:25:12 +0100
+Subject: [PATCH] lib: md5: Fix strict aliasing violation
+
+Followup to f0c1cf42ea78d22e2674b03fe65f0ee6545c5b99. It's exactly the
+same code as in md4, so let's rip it out here too.
+
+Thanks to sirainen for pointing this out.
+
+Bug: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=997513
+Reference: https://github.com/dovecot/core/pull/195
+---
+ src/lib/md5.c | 15 ---------------
+ 1 file changed, 15 deletions(-)
+
+diff --git a/src/lib/md5.c b/src/lib/md5.c
+index 46cffb6d12..ee946ea805 100644
+--- a/src/lib/md5.c
++++ b/src/lib/md5.c
+@@ -38,20 +38,6 @@
+ 	(a) = (((a) << (s)) | (((a) & 0xffffffff) >> (32 - (s)))); \
+ 	(a) += (b);
+ 
+-/*
+- * SET reads 4 input bytes in little-endian byte order and stores them
+- * in a properly aligned word in host byte order.
+- *
+- * The check for little-endian architectures which tolerate unaligned
+- * memory accesses is just an optimization.  Nothing will break if it
+- * doesn't work.
+- */
+-#if defined(__i386__) || defined(__x86_64__) || defined(__vax__)
+-#define SET(n) \
+-	(*(const uint32_t *)&ptr[(n) * 4])
+-#define GET(n) \
+-	SET(n)
+-#else
+ #define SET(n) \
+ 	(ctx->block[(n)] = \
+ 	(uint_fast32_t)ptr[(n) * 4] | \
+@@ -60,7 +46,6 @@
+ 	((uint_fast32_t)ptr[(n) * 4 + 3] << 24))
+ #define GET(n) \
+ 	(ctx->block[(n)])
+-#endif
+ 
+ /*
+  * This processes one or more 64-byte data blocks, but does NOT update
+