Accepting request 1074626 from server:mail

- Add upstream fix-strict-aliasing.patch that addresses violation
  of strict aliasing.

- Enable LTO now as it works now (boo#1156301).

OBS-URL: https://build.opensuse.org/request/show/1074626
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/dovecot23?expand=0&rev=51

dovecot23.changes

@@ -1,3 +1,14 @@
+-------------------------------------------------------------------
+Mon Mar 27 09:15:10 UTC 2023 - Martin Liška <mliska@suse.cz>
+
+- Add upstream fix-strict-aliasing.patch that addresses violation
+  of strict aliasing.
+
+-------------------------------------------------------------------
+Thu Mar 23 14:45:26 UTC 2023 - Martin Liška <mliska@suse.cz>
+
+- Enable LTO now as it works now (boo#1156301).
+
 -------------------------------------------------------------------
 Sun Feb  5 16:07:02 UTC 2023 - Arjen de Korte <suse+build@de-korte.org>
 

dovecot23.spec

@@ -16,8 +16,6 @@
 #
 
 
-%global _lto_cflags %{nil}
-
 Name:           dovecot23
 Version:        2.3.20
 Release:        0
@@ -164,6 +162,7 @@ Patch:          dovecot-2.3.0-dont_use_etc_ssl_certs.patch
 Patch1:         dovecot-2.3.0-better_ssl_defaults.patch
 # PATCH-FIX-OPENSUSE - boo#1207958
 Patch2:         fix-build-with-openssl-3.patch
+Patch3:         fix-strict-aliasing.patch
 Summary:        IMAP and POP3 Server Written Primarily with Security in Mind
 License:        BSD-3-Clause AND LGPL-2.1-or-later AND MIT
 Group:          Productivity/Networking/Email/Servers

fix-strict-aliasing.patch

@@ -0,0 +1,103 @@
+From 7932dc8457c56cfde21e45a64a2494968a707c81 Mon Sep 17 00:00:00 2001
+From: Martin Liska <mliska@suse.cz>
+Date: Fri, 24 Mar 2023 13:33:13 +0100
+Subject: [PATCH] Fix violation of strict aliasing.
+
+The following issue is already reported here:
+https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=997513
+
+and the problem is in the following statement:
+*(const uint32_t *)&ptr[(n) * 4]
+
+that yields a miscompilation when LTO is enabled.
+---
+ src/lib/md4.c | 18 ------------------
+ 1 file changed, 18 deletions(-)
+
+diff --git a/src/lib/md4.c b/src/lib/md4.c
+index 06082f53c7..60413bd957 100644
+--- a/src/lib/md4.c
++++ b/src/lib/md4.c
+@@ -34,23 +34,6 @@
+ 	(a) = ((a) << (s)) | ((a) >> (32 - (s)))
+ 
+ 
+-/*
+- * SET reads 4 input bytes in little-endian byte order and stores them
+- * in a properly aligned word in host byte order.
+- *
+- * The check for little-endian architectures which tolerate unaligned
+- * memory accesses is just an optimization.  Nothing will break if it
+- * doesn't work.
+- */
+-#if defined(__i386__) || defined(__x86_64__) || defined(__vax__)
+-/* uint_fast32_t might be 64 bit, and thus may read 4 more bytes
+- * beyond the end of the buffer. So only read precisely 32 bits
+- */
+-#define SET(n)				\
+-	(*(const uint32_t *)&ptr[(n) * 4])
+-#define GET(n) \
+-	SET(n)
+-#else
+ #define SET(n) \
+ 	(ctx->block[(n)] = \
+ 	(uint_fast32_t)ptr[(n) * 4] | \
+@@ -59,7 +42,6 @@
+ 	((uint_fast32_t)ptr[(n) * 4 + 3] << 24))
+ #define GET(n) \
+ 	(ctx->block[(n)])
+-#endif
+ 
+ /*
+  * This processes one or more 64-byte data blocks, but does NOT update
+
+From d90a4e74f5fda93783c5881499b1fa38f4109362 Mon Sep 17 00:00:00 2001
+From: Sam James <sam@gentoo.org>
+Date: Mon, 27 Mar 2023 02:25:12 +0100
+Subject: [PATCH] lib: md5: Fix strict aliasing violation
+
+Followup to f0c1cf42ea78d22e2674b03fe65f0ee6545c5b99. It's exactly the
+same code as in md4, so let's rip it out here too.
+
+Thanks to sirainen for pointing this out.
+
+Bug: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=997513
+Reference: https://github.com/dovecot/core/pull/195
+---
+ src/lib/md5.c | 15 ---------------
+ 1 file changed, 15 deletions(-)
+
+diff --git a/src/lib/md5.c b/src/lib/md5.c
+index 46cffb6d12..ee946ea805 100644
+--- a/src/lib/md5.c
++++ b/src/lib/md5.c
+@@ -38,20 +38,6 @@
+ 	(a) = (((a) << (s)) | (((a) & 0xffffffff) >> (32 - (s)))); \
+ 	(a) += (b);
+ 
+-/*
+- * SET reads 4 input bytes in little-endian byte order and stores them
+- * in a properly aligned word in host byte order.
+- *
+- * The check for little-endian architectures which tolerate unaligned
+- * memory accesses is just an optimization.  Nothing will break if it
+- * doesn't work.
+- */
+-#if defined(__i386__) || defined(__x86_64__) || defined(__vax__)
+-#define SET(n) \
+-	(*(const uint32_t *)&ptr[(n) * 4])
+-#define GET(n) \
+-	SET(n)
+-#else
+ #define SET(n) \
+ 	(ctx->block[(n)] = \
+ 	(uint_fast32_t)ptr[(n) * 4] | \
+@@ -60,7 +46,6 @@
+ 	((uint_fast32_t)ptr[(n) * 4 + 3] << 24))
+ #define GET(n) \
+ 	(ctx->block[(n)])
+-#endif
+ 
+ /*
+  * This processes one or more 64-byte data blocks, but does NOT update
+