OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/fetchmail?expand=0&rev=3

2007-02-06 23:28:54 +00:00 · 2007-02-06 23:28:54 +00:00 · 3789592d80
commit 3789592d80
parent 205a98b839
5 changed files with 105 additions and 18 deletions
--- a/bug-223507_fix-kpop-regression.diff
+++ b/bug-223507_fix-kpop-regression.diff
@ -0,0 +1,24 @@
+diff -u branches/BRANCH_6-3/pop3.c branches/BRANCH_6-3/pop3.c
+--- branches/BRANCH_6-3/pop3.c	2007-02-02 23:34:11 UTC (rev 5020)
+++ branches/BRANCH_6-3/pop3.c	2007-02-02 23:47:15 UTC (rev 5021)
+@@ -610,6 +610,20 @@
+ 	}
+ #endif /* OPIE_ENABLE */
+ 
+	/* KPOP uses out-of-band authentication and does not check what
+	 * we send here, so send some random fixed string, to avoid
+	 * users switching *to* KPOP accidentally revealing their
+	 * password */
+	if ((ctl->server.authenticate == A_ANY
+		    || ctl->server.authenticate == A_KERBEROS_V4
+		    || ctl->server.authenticate == A_KERBEROS_V5)
+		&& (ctl->server.service != NULL
+		    && strcmp(ctl->server.service, KPOP_PORT) == 0))
+	{
+	    ok = gen_transact(sock, "PASS krb_ticket");
+	    break;
+	}
+
+ 	/* check if we are actually allowed to send the password */
+ 	if (ctl->server.authenticate == A_ANY
+ 		|| ctl->server.authenticate == A_PASSWORD) {
--- a/bug-223507_fix-tlsfail-repoll.diff
+++ b/bug-223507_fix-tlsfail-repoll.diff
@ -0,0 +1,64 @@
+Author: m-a
+Date: 2007-02-02 18:13:12 -0600 (Fri, 02 Feb 2007)
+New Revision: 5022
+
+Modified:
+   branches/BRANCH_6-3/NEWS
+   branches/BRANCH_6-3/pop3.c
+Log:
+Fix 6.3.6 regression: repoll upon socket error after STLS failure.
+Berlios Bug #10133, reported by Andrej Kacian.
+
+# FIXES FOR REGRESSIONS IN 6.3.6
+* Fix KPOP. Patch by Miloslav Trmac.
+* Fix repoll when server disconnects after opportunistic TLS failed for POP3.
+  Berlios Bug #10133, reported by Andrej Kacian.
+
+Modified: branches/BRANCH_6-3/pop3.c
+===================================================================
+--- branches/BRANCH_6-3/pop3.c	2007-02-02 23:47:15 UTC (rev 5021)
+++ branches/BRANCH_6-3/pop3.c	2007-02-03 00:13:12 UTC (rev 5022)
+@@ -635,17 +635,6 @@
+ 	}
+ 	memset(shroud, 0x55, sizeof(shroud));
+ 	shroud[0] = '\0';
+-#ifdef SSL_ENABLE
+-	/* this is for servers which claim to support TLS, but actually
+-	 * don't! */
+-	if (connection_may_have_tls_errors && ok == PS_SOCKET)
+-	{
+-	    xfree(ctl->sslproto);
+-	    ctl->sslproto = xstrdup("");
+-	    /* repoll immediately without TLS */
+-	    ok = PS_REPOLL;
+-	}
+-#endif
+ 	break;
+ 
+     case P_APOP:
+@@ -694,6 +683,18 @@
+ 	ok = PS_ERROR;
+     }
+ 
+#ifdef SSL_ENABLE
+    /* this is for servers which claim to support TLS, but actually
+     * don't! */
+    if (connection_may_have_tls_errors && ok == PS_SOCKET)
+    {
+	xfree(ctl->sslproto);
+	ctl->sslproto = xstrdup("");
+	/* repoll immediately without TLS */
+	ok = PS_REPOLL;
+    }
+#endif
+
+     if (ok != 0)
+     {
+ 	/* maybe we detected a lock-busy condition? */
+
+_______________________________________________
+fetchmail-svn mailing list
+fetchmail-svn@lists.berlios.de
+https://lists.berlios.de/mailman/listinfo/fetchmail-svn
+
+
--- a/fetchmail-6.3.6-kpop.patch
+++ b/fetchmail-6.3.6-kpop.patch
@ -1,15 +0,0 @@
--- fetchmail-6.3.6/pop3.c.kpop	2007-01-22 23:42:14.000000000 +0100
-+++ fetchmail-6.3.6/pop3.c	2007-01-22 23:44:28.000000000 +0100
-@@ -612,7 +612,11 @@
- 
- 	/* check if we are actually allowed to send the password */
- 	if (ctl->server.authenticate == A_ANY
-		|| ctl->server.authenticate == A_PASSWORD) {
-+	    || ctl->server.authenticate == A_PASSWORD
-+	    || ((ctl->server.authenticate == A_KERBEROS_V4
-+		 || ctl->server.authenticate == A_KERBEROS_V5)
-+		&& ctl->server.service
-+		&& strcmp(ctl->server.service, KPOP_PORT) == 0)) {
- 	    strlcpy(shroud, ctl->password, sizeof(shroud));
- 	    ok = gen_transact(sock, "PASS %s", ctl->password);
- 	} else {
--- a/fetchmail.changes
+++ b/fetchmail.changes
@ -1,3 +1,10 @@
+-------------------------------------------------------------------
+Tue Feb  6 15:01:38 CET 2007 - sbrabec@suse.cz
+
+- Repair repoll after opportunistic TLS failed (#223507#c27,
+  Berlios#10133).
+- Use upstream fix of KPOP regression (#223507#c26).
+
 -------------------------------------------------------------------
 Thu Jan 25 15:57:47 CET 2007 - sbrabec@suse.cz

--- a/fetchmail.spec
+++ b/fetchmail.spec
@ -16,12 +16,14 @@ License:        GNU General Public License (GPL), Other uncritical OpenSource Li
 Group:          Productivity/Networking/Email/Utilities
 Autoreqprov:    on
 Version:        6.3.6
-Release:        1
+Release:        2
 Source:         %{name}-%{version}.tar.bz2
 Source1:        %{name}.init
 Source2:        %{name}.logrotate
 Source3:        sysconfig.%{name}
-Patch:          fetchmail-6.3.6-kpop.patch
+#Patch:          fetchmail-6.3.6-kpop.patch
+Patch:          bug-223507_fix-kpop-regression.diff
+Patch1:         bug-223507_fix-tlsfail-repoll.diff
 %if %suse_version > 800
 PreReq:         %insserv_prereq %fillup_prereq coreutils
 %endif
@ -78,7 +80,8 @@ Authors:

 %prep
 %setup -q
-%patch -p1
+%patch -p2
+%patch1 -p2
 cp -a %{S:1} %{S:2} %{S:3} .

 %build
@ -161,6 +164,10 @@ rm -rf $RPM_BUILD_ROOT
 %{py_sitedir}/fetchmailconf.*

 %changelog -n fetchmail
+* Tue Feb 06 2007 - sbrabec@suse.cz
+- Repair repoll after opportunistic TLS failed (#223507#c27,
+  Berlios#10133).
+- Use upstream fix of KPOP regression (#223507#c26).
 * Thu Jan 25 2007 - sbrabec@suse.cz
 - Fixed regression in KPOP support (#223507#c8).
  http://lists.berlios.de/pipermail/fetchmail-devel/2007-January/000857.html