+++ /dev/null
-#
-# Copyright (C) 2017 Lucian Cristian <lucian.cristian@gmail.com>
-#
-
-include $(TOPDIR)/rules.mk
-
-PKG_NAME:=uw-imap
-PKG_VERSION:=2007f
-PKG_RELEASE:=6
-
-PKG_SOURCE:=imap-$(PKG_VERSION).tar.gz
-PKG_SOURCE_URL:= \
- https://www.mirrorservice.org/sites/ftp.cac.washington.edu/imap \
- http://ftp.ntua.gr/pub/net/mail/imap \
- http://gd.tuwien.ac.at/infosys/mail/imap
-
-PKG_HASH:=53e15a2b5c1bc80161d42e9f69792a3fa18332b7b771910131004eb520004a28
-PKG_BUILD_DIR:=$(BUILD_DIR)/imap-$(PKG_VERSION)
-
-PKG_MAINTAINER:=Lucian Cristian <lucian.cristian@gmail.com>
-
-PKG_LICENSE:=Apache-2.0
-PKG_LICENSE_FILES:=LICENSE.txt
-PKG_CPE_ID:=cpe:/a:uw-imap_project:uw-imap
-
-PKG_FIXUP:=autoreconf
-
-include $(INCLUDE_DIR)/package.mk
-
-define Package/uw-imap
- SECTION:=libs
- CATEGORY:=Libraries
- TITLE:=University of Washington IMAP toolkit
- URL:=https://www.washington.edu/imap/
- DEPENDS:= +USE_GLIBC:libcrypt-compat +libpthread +libopenssl
-endef
-
-define Package/uw-imap/description
- The UW IMAP tookit includes the following:
- c-lient library : an API (application programming interface) used to build email clients and servers,
- including support for IMAP,POP3, SMTP and NNTP protocols and for local mailbox file access on Unix and Windows
-endef
-
-TARGET_CFLAGS += \
- -fPIC -DPIC -D_REENTRANT -DDISABLE_POP_PROXY -fno-strict-aliasing -Wno-pointer-sign \
- -Wno-implicit-function-declaration -Wno-incompatible-pointer-types
-
-MAKE_FLAGS += \
- SSLINCLUDE=$(STAGING_DIR)/usr/include SSLCERTS=/etc/ssl/certs GCCOPTLEVEL=" -Os" \
- SSLDIR=$(STAGING_DIR)/usr SHLIBNAME=libc-client.so.$(PKG_VERSION) $(if $(CONFIG_IPV6),IP=6,IP=4)
-
-define Build/Compile
- $(MAKE) -C $(PKG_BUILD_DIR) slx EXTRACFLAGS='$(TARGET_CFLAGS)' CC='$(TARGET_CC)' $(MAKE_FLAGS)
-endef
-
-define Build/InstallDev
- $(INSTALL_DIR) $(1)/usr/lib \
- $(1)/usr/include/c-client
- $(CP) $(PKG_BUILD_DIR)/c-client/libc-client.so.$(PKG_VERSION) $(1)/usr/lib/
- $(LN) libc-client.so.$(PKG_VERSION) $(1)/usr/lib/libc-client.so
- $(CP) $(PKG_BUILD_DIR)/c-client/linkage.{c,h} $(1)/usr/include/c-client/
- $(CP) $(PKG_BUILD_DIR)/src/c-client/*.h $(1)/usr/include/c-client/
- $(CP) $(PKG_BUILD_DIR)/src/osdep/unix/*.h $(1)/usr/include/c-client/
- $(LN) os_slx.h $(1)/usr/include/c-client/osdep.h
-endef
-
-define Package/uw-imap/install
- $(INSTALL_DIR) $(1)/usr/lib
- $(CP) $(PKG_BUILD_DIR)/c-client/libc-client.so.$(PKG_VERSION) $(1)/usr/lib/
- $(LN) libc-client.so.$(PKG_VERSION) $(1)/usr/lib/libc-client.so
-endef
-
-
-$(eval $(call BuildPackage,uw-imap))
+++ /dev/null
---- a/Makefile
-+++ b/Makefile
-@@ -638,10 +638,6 @@ ip6:
- @echo + yourself, try adding IP6=4 to the make command line.
- @echo +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
- @echo
-- @echo Do you want to build with IPv6 anyway? Type y or n please:
-- @$(SH) -c 'read x; case "$$x" in y) exit 0;; *) (make noip6;exit 1);; esac'
-- @echo OK, I will remember that you really want to build with IPv6.
-- @echo You will not see this message again.
- @$(TOUCH) ip6
-
- noip6:
-@@ -678,20 +674,18 @@ an ua:
- $(TOOLS)/$@ "$(LN)" src/tmail tmail
- $(LN) $(TOOLS)/$@ .
-
--build: OSTYPE rebuild rebuildclean bundled
-+build: OSTYPE rebuild rebuildclean
-
- OSTYPE:
- @$(MAKE) ip$(IP)
- @echo Building c-client for $(BUILDTYPE)...
- @$(TOUCH) SPECIALS
-- echo `$(CAT) SPECIALS` $(EXTRASPECIALS) > c-client/SPECIALS
- $(CD) c-client;$(MAKE) $(BUILDTYPE) EXTRACFLAGS='$(EXTRACFLAGS)'\
- EXTRALDFLAGS='$(EXTRALDFLAGS)'\
- EXTRADRIVERS='$(EXTRADRIVERS)'\
- EXTRAAUTHENTICATORS='$(EXTRAAUTHENTICATORS)'\
- PASSWDTYPE=$(PASSWDTYPE) SSLTYPE=$(SSLTYPE) IP=$(IP)\
-- $(SPECIALS) $(EXTRASPECIALS)
-- echo $(BUILDTYPE) > OSTYPE
-+ $(SPECIALS) $(EXTRASPECIALS) OSTYPE=$(BUILDTYPE)
- $(TOUCH) rebuild
-
- rebuild:
---- a/src/osdep/unix/Makefile
-+++ b/src/osdep/unix/Makefile
-@@ -96,11 +96,11 @@ CHECKPW=std
- LOGINPW=std
- SIGTYPE=bsd
- CRXTYPE=std
--ACTIVEFILE=/usr/lib/news/active
--SPOOLDIR=/usr/spool
-+ACTIVEFILE=/var/lib/news/active
-+SPOOLDIR=/var/spool
- MAILSPOOL=$(SPOOLDIR)/mail
- NEWSSPOOL=$(SPOOLDIR)/news
--RSHPATH=/usr/ucb/rsh
-+RSHPATH=/usr/bin/rsh
- MD5PWD=/etc/cram-md5.pwd
- # Tries one of the test alternatives below if not specified.
- LOCKPGM=
-@@ -154,7 +154,7 @@ BINARIES=osdep.o mail.o misc.o newsrc.o
- dummy.o pseudo.o netmsg.o flstring.o fdstring.o \
- rfc822.o nntp.o smtp.o imap4r1.o pop3.o \
- unix.o mbx.o mmdf.o tenex.o mtx.o news.o phile.o mh.o mx.o mix.o
--CFLAGS=-g
-+CFLAGS=$(BASECFLAGS) $(EXTRACFLAGS) -DCHUNKSIZE=$(CHUNKSIZE)
-
- CAT=cat
- MAKE=make
-@@ -162,6 +162,16 @@ MV=mv
- RM=rm -rf
- SH=sh
-
-+OSCFLAGS= $(SSLCFLAGS) \
-+ -DCREATEPROTO=$(CREATEPROTO) -DEMPTYPROTO=$(EMPTYPROTO) \
-+ -DMD5ENABLE=\"$(MD5PWD)\" -DMAILSPOOL=\"$(MAILSPOOL)\" \
-+ -DANONYMOUSHOME=\"$(MAILSPOOL)/anonymous\" \
-+ -DACTIVEFILE=\"$(ACTIVEFILE)\" -DNEWSSPOOL=\"$(NEWSSPOOL)\" \
-+ -DRSHPATH=\"$(RSHPATH)\" -DLOCKPGM=\"$(LOCKPGM)\" \
-+ -DLOCKPGM1=\"$(LOCKPGM1)\" -DLOCKPGM2=\"$(LOCKPGM2)\" \
-+ -DLOCKPGM3=\"$(LOCKPGM3)\"
-+
-+LDFLAGS= $(BASELDFLAGS) $(EXTRALDFLAGS) $(SSLLDFLAGS)
-
- # Primary build command
-
-@@ -174,7 +184,7 @@ BUILD=$(MAKE) build EXTRACFLAGS='$(EXTRA
- # Here if no make argument established
-
- missing: osdep.h
-- $(MAKE) all `$(CAT) SPECIALS`
-+ $(MAKE) all $(SPECIALS)
-
- osdep.h:
- @echo You must specify what type of system
-@@ -674,7 +684,7 @@ slx: # Secure Linux
- @echo You are building for libc6/glibc versions of Secure Linux
- @echo If you want libc5 versions you must use sl5 instead!
- @echo If you want libc4 versions you must use sl4 instead!
-- $(BUILD) `$(CAT) SPECIALS` OS=$@ \
-+ $(BUILD) $(SPECIALS) OS=$@ \
- SIGTYPE=psx CHECKPW=psx CRXTYPE=nfs \
- SPOOLDIR=/var/spool \
- ACTIVEFILE=/var/lib/news/active \
-@@ -863,7 +873,7 @@ $(ARCHIVE): $(BINARIES)
- @$(SH) ARCHIVE
-
- .c.o:
-- `$(CAT) CCTYPE` -c `$(CAT) CFLAGS` $*.c
-+ $(CC) -c $(CFLAGS) $*.c
-
-
- # Cleanup
-@@ -922,8 +932,8 @@ osdep.o:mail.h misc.h env.h fs.h ftl.h n
- @echo If you get No such file error messages for files x509.h, ssl.h,
- @echo pem.h, buffer.h, bio.h, and crypto.h, that means that OpenSSL
- @echo is not installed on your system. Either install OpenSSL first
-- @echo or build with command: make `$(CAT) OSTYPE` SSLTYPE=none
-- `$(CAT) CCTYPE` -c `$(CAT) CFLAGS` `$(CAT) OSCFLAGS` -c osdep.c
-+ @echo or build with command: make $(OSTYPE) SSLTYPE=none
-+ $(CC) -c $(CFLAGS) $(OSCFLAGS) -c osdep.c
-
- osdep.c: osdepbas.c osdepckp.c osdeplog.c osdepssl.c
- $(CAT) osdepbas.c osdepckp.c osdeplog.c osdepssl.c > osdep.c
-@@ -962,21 +972,14 @@ os_sol.h:
-
- # Once-only environment setup
-
--once: onceenv ckp$(PASSWDTYPE) ssl$(SSLTYPE) osdep.c
-+once: ssl$(SSLTYPE) onceenv ckp$(PASSWDTYPE) osdep.c
-
- onceenv:
- @echo Once-only environment setup...
-- echo $(CC) > CCTYPE
-- echo $(BASECFLAGS) '$(EXTRACFLAGS)' -DCHUNKSIZE=$(CHUNKSIZE) > CFLAGS
-- echo -DCREATEPROTO=$(CREATEPROTO) -DEMPTYPROTO=$(EMPTYPROTO) \
-- -DMD5ENABLE=\"$(MD5PWD)\" -DMAILSPOOL=\"$(MAILSPOOL)\" \
-- -DANONYMOUSHOME=\"$(MAILSPOOL)/anonymous\" \
-- -DACTIVEFILE=\"$(ACTIVEFILE)\" -DNEWSSPOOL=\"$(NEWSSPOOL)\" \
-- -DRSHPATH=\"$(RSHPATH)\" -DLOCKPGM=\"$(LOCKPGM)\" \
-- -DLOCKPGM1=\"$(LOCKPGM1)\" -DLOCKPGM2=\"$(LOCKPGM2)\" \
-- -DLOCKPGM3=\"$(LOCKPGM3)\" > OSCFLAGS
-- echo $(BASELDFLAGS) $(EXTRALDFLAGS) > LDFLAGS
- echo "$(ARRC) $(ARCHIVE) $(BINARIES);$(RANLIB) $(ARCHIVE)" > ARCHIVE
-+ echo "$(OSCFLAGS)" > OSCFLAGS
-+ echo "$(CC) $(CFLAGS) $(OSCFLAGS) -shared -Wl,-soname,libc-client.so \
-+ -o $(SHLIBNAME) $(BINARIES) $(LDFLAGS)" >> ARCHIVE
- echo $(OS) > OSTYPE
- ./drivers $(EXTRADRIVERS) $(DEFAULTDRIVERS) dummy
- ./mkauths $(EXTRAAUTHENTICATORS) $(DEFAULTAUTHENTICATORS)
-@@ -1055,7 +1058,6 @@ sslsco: sbasic sldsco
- sbasic: # UNIX OpenSSL
- @echo Building with SSL
- $(LN) ssl_unix.c osdepssl.c
-- echo $(SSLCFLAGS) >> OSCFLAGS
- echo " ssl_onceonlyinit ();" >> linkage.c
-
- snopwd: # Plaintext disable
-@@ -1063,13 +1065,12 @@ snopwd: # Plaintext disable
- echo " mail_parameters (NIL,SET_DISABLEPLAINTEXT,(void *) 2);" >> linkage.c
-
- sldunix:# Normal UNIX SSL load flags
-- echo $(SSLLDFLAGS) >> LDFLAGS
-+ @echo Normal UNIX SSL load flags
-
-
- sldsco: # SCO SSL load flags
- # Note: Tim Rice says that SSL has to be lunk before other libraries on SCO.
-- echo $(SSLLDFLAGS) `cat LDFLAGS` > LDFLAGS.tmp
-- mv LDFLAGS.tmp LDFLAGS
-+ @echo SCO SSL load flags
-
-
- # A monument to a hack of long ago and far away...
+++ /dev/null
-Patch by Robert Scheck <redhat@linuxnetz.de> for uw-imap >= 2004a, which corrects
-paths to imapd, ipop2d and ipop3d in the man pages.
-
-This patch is based on Red Hat Bugzilla ID #127271 and solves ID #229781.
-
---- a/src/imapd/imapd.8
-+++ b/src/imapd/imapd.8
-@@ -16,7 +16,7 @@
- .SH NAME
- IMAPd \- Internet Message Access Protocol server
- .SH SYNOPSIS
--.B /usr/etc/imapd
-+.B /usr/sbin/imapd
- .SH DESCRIPTION
- .I imapd
- is a server which supports the
---- a/src/ipopd/ipopd.8
-+++ b/src/ipopd/ipopd.8
-@@ -16,9 +16,9 @@
- .SH NAME
- IPOPd \- Post Office Protocol server
- .SH SYNOPSIS
--.B /usr/etc/ipop2d
-+.B /usr/sbin/ipop2d
- .PP
--.B /usr/etc/ipop3d
-+.B /usr/sbin/ipop3d
- .SH DESCRIPTION
- .I ipop2d
- and
+++ /dev/null
---- a/src/c-client/rfc822.c
-+++ b/src/c-client/rfc822.c
-@@ -384,6 +384,9 @@ void rfc822_parse_content (BODY *body,ST
- if (CHR (bs) == '\012'){/* following LF? */
- c = SNX (bs); i--; /* yes, slurp it */
- }
-+ if (!i) /* Make sure we don't get an overflow for */
-+ break; /* messages ending on \015 (or the following */
-+ /* i-- will cause i to be MAXINT. Not good.) */
- case '\012': /* at start of a line, start with -- ? */
- if (!(i && i-- && ((c = SNX (bs)) == '-') && i-- &&
- ((c = SNX (bs)) == '-'))) break;
+++ /dev/null
---- a/src/c-client/auth_md5.c
-+++ b/src/c-client/auth_md5.c
-@@ -42,17 +42,17 @@ typedef struct {
-
- /* Prototypes */
-
--long auth_md5_valid (void);
--long auth_md5_client (authchallenge_t challenger,authrespond_t responder,
-+static long auth_md5_valid (void);
-+static long auth_md5_client (authchallenge_t challenger,authrespond_t responder,
- char *service,NETMBX *mb,void *stream,
- unsigned long *trial,char *user);
--char *auth_md5_server (authresponse_t responder,int argc,char *argv[]);
--char *auth_md5_pwd (char *user);
-+static char *auth_md5_server (authresponse_t responder,int argc,char *argv[]);
-+static char *auth_md5_pwd (char *user);
- char *apop_login (char *chal,char *user,char *md5,int argc,char *argv[]);
--char *hmac_md5 (char *text,unsigned long tl,char *key,unsigned long kl);
--void md5_init (MD5CONTEXT *ctx);
--void md5_update (MD5CONTEXT *ctx,unsigned char *data,unsigned long len);
--void md5_final (unsigned char *digest,MD5CONTEXT *ctx);
-+static char *hmac_md5 (char *text,unsigned long tl,char *key,unsigned long kl);
-+static void md5_init (MD5CONTEXT *ctx);
-+static void md5_update (MD5CONTEXT *ctx,unsigned char *data,unsigned long len);
-+static void md5_final (unsigned char *digest,MD5CONTEXT *ctx);
- static void md5_transform (unsigned long *state,unsigned char *block);
- static void md5_encode (unsigned char *dst,unsigned long *src,int len);
- static void md5_decode (unsigned long *dst,unsigned char *src,int len);
+++ /dev/null
---- a/src/osdep/unix/flocklnx.c
-+++ b/src/osdep/unix/flocklnx.c
-@@ -57,7 +57,7 @@ int safe_flock (int fd,int op)
- case ENOLCK: /* lock table is full */
- sprintf (tmp,"File locking failure: %s",strerror (errno));
- mm_log (tmp,WARN); /* give the user a warning of what happened */
-- if (!logged++) syslog (LOG_ERR,tmp);
-+ if (!logged++) syslog (LOG_ERR, "%s", tmp);
- /* return failure if non-blocking lock */
- if (op & LOCK_NB) return -1;
- sleep (5); /* slow down in case it loops */
+++ /dev/null
-http://anonscm.debian.org/cgit/collab-maint/uw-imap.git/plain/debian/patches/1005_poll.patch
-
-Description: Use poll(2) instead of select(2) to support more than 1024 file descriptors
-Author: Ben Smithurst <ben.smithurst@gradwell.com>
-Bug-Debian: https://bugs.debian.org/478193
-
---- a/src/osdep/unix/os_lnx.c
-+++ b/src/osdep/unix/os_lnx.c
-@@ -41,6 +41,7 @@
- extern int errno; /* just in case */
- #include <pwd.h>
- #include "misc.h"
-+#include <poll.h>
-
-
- #include "fs_unix.c"
---- a/src/osdep/unix/os_slx.c
-+++ b/src/osdep/unix/os_slx.c
-@@ -42,6 +42,7 @@ extern int errno; /* just in case */
- #include <pwd.h>
- #include <shadow.h>
- #include "misc.h"
-+#include <poll.h>
-
-
- #include "fs_unix.c"
---- a/src/osdep/unix/tcp_unix.c
-+++ b/src/osdep/unix/tcp_unix.c
-@@ -235,12 +235,11 @@ TCPSTREAM *tcp_open (char *host,char *se
- int tcp_socket_open (int family,void *adr,size_t adrlen,unsigned short port,
- char *tmp,int *ctr,char *hst)
- {
-- int i,ti,sock,flgs;
-+ int i,ti,sock,flgs,tmo;
-+ struct pollfd pfd;
- size_t len;
- time_t now;
- struct protoent *pt = getprotobyname ("tcp");
-- fd_set rfds,wfds,efds;
-- struct timeval tmo;
- struct sockaddr *sadr = ip_sockaddr (family,adr,adrlen,port,&len);
- blocknotify_t bn = (blocknotify_t) mail_parameters (NIL,GET_BLOCKNOTIFY,NIL);
- /* fetid Solaris */
-@@ -252,14 +251,6 @@ int tcp_socket_open (int family,void *ad
- sprintf (tmp,"Unable to create TCP socket: %s",strerror (errno));
- (*bn) (BLOCK_NONSENSITIVE,data);
- }
-- else if (sock >= FD_SETSIZE) {/* unselectable sockets are useless */
-- sprintf (tmp,"Unable to create selectable TCP socket (%d >= %d)",
-- sock,FD_SETSIZE);
-- (*bn) (BLOCK_NONSENSITIVE,data);
-- close (sock);
-- sock = -1;
-- errno = EMFILE;
-- }
- \f
- else { /* get current socket flags */
- flgs = fcntl (sock,F_GETFL,0);
-@@ -284,16 +275,11 @@ int tcp_socket_open (int family,void *ad
- if ((sock >= 0) && ctr) { /* want open timeout? */
- now = time (0); /* open timeout */
- ti = ttmo_open ? now + ttmo_open : 0;
-- tmo.tv_usec = 0;
-- FD_ZERO (&rfds); /* initialize selection vector */
-- FD_ZERO (&wfds); /* initialize selection vector */
-- FD_ZERO (&efds); /* handle errors too */
-- FD_SET (sock,&rfds); /* block for error or readable or writable */
-- FD_SET (sock,&wfds);
-- FD_SET (sock,&efds);
-+ pfd.fd = sock;
-+ pfd.events = POLLIN | POLLOUT;
- do { /* block under timeout */
-- tmo.tv_sec = ti ? ti - now : 0;
-- i = select (sock+1,&rfds,&wfds,&efds,ti ? &tmo : NIL);
-+ tmo = ti ? ti - now : 0;
-+ i = poll (&pfd, 1, ti ? tmo * 1000 : -1);
- now = time (0); /* fake timeout if interrupt & time expired */
- if ((i < 0) && (errno == EINTR) && ti && (ti <= now)) i = 0;
- } while ((i < 0) && (errno == EINTR));
-@@ -302,7 +288,7 @@ int tcp_socket_open (int family,void *ad
- fcntl (sock,F_SETFL,flgs);
- /* This used to be a zero-byte read(), but that crashes Solaris */
- /* get socket status */
-- if(FD_ISSET(sock, &rfds)) while (((i = *ctr = read (sock,tmp,1)) < 0) && (errno == EINTR));
-+ if(pfd.revents & POLLIN) while (((i = *ctr = read (sock,tmp,1)) < 0) && (errno == EINTR));
- }
- if (i <= 0) { /* timeout or error? */
- i = i ? errno : ETIMEDOUT;/* determine error code */
-@@ -545,9 +531,8 @@ long tcp_getbuffer (TCPSTREAM *stream,un
- stream->ictr -=n;
- }
- if (size) {
-- int i;
-- fd_set fds,efds;
-- struct timeval tmo;
-+ int i, tmo;
-+ struct pollfd pfd;
- time_t t = time (0);
- blocknotify_t bn=(blocknotify_t) mail_parameters (NIL,GET_BLOCKNOTIFY,NIL);
- (*bn) (BLOCK_TCPREAD,NIL);
-@@ -556,16 +541,13 @@ long tcp_getbuffer (TCPSTREAM *stream,un
- time_t now = tl;
- time_t ti = ttmo_read ? now + ttmo_read : 0;
- if (tcpdebug) mm_log ("Reading TCP buffer",TCPDEBUG);
-- tmo.tv_usec = 0;
-- FD_ZERO (&fds); /* initialize selection vector */
-- FD_ZERO (&efds); /* handle errors too */
-- /* set bit in selection vectors */
-- FD_SET (stream->tcpsi,&fds);
-- FD_SET (stream->tcpsi,&efds);
-+
-+ pfd.events = POLLIN;
-+ pfd.fd = stream->tcpsi;
- errno = NIL; /* initially no error */
- do { /* block under timeout */
-- tmo.tv_sec = ti ? ti - now : 0;
-- i = select (stream->tcpsi+1,&fds,NIL,&efds,ti ? &tmo : NIL);
-+ tmo = ti ? ti - now : 0;
-+ i = poll (&pfd, 1, ti ? tmo * 1000 : -1);
- now = time (0); /* fake timeout if interrupt & time expired */
- if ((i < 0) && (errno == EINTR) && ti && (ti <= now)) i = 0;
- } while ((i < 0) && (errno == EINTR));
-@@ -605,9 +587,8 @@ long tcp_getbuffer (TCPSTREAM *stream,un
-
- long tcp_getdata (TCPSTREAM *stream)
- {
-- int i;
-- fd_set fds,efds;
-- struct timeval tmo;
-+ int i, tmo;
-+ struct pollfd pfd;
- time_t t = time (0);
- blocknotify_t bn = (blocknotify_t) mail_parameters (NIL,GET_BLOCKNOTIFY,NIL);
- if (stream->tcpsi < 0) return NIL;
-@@ -617,15 +598,12 @@ long tcp_getdata (TCPSTREAM *stream)
- time_t now = tl;
- time_t ti = ttmo_read ? now + ttmo_read : 0;
- if (tcpdebug) mm_log ("Reading TCP data",TCPDEBUG);
-- tmo.tv_usec = 0;
-- FD_ZERO (&fds); /* initialize selection vector */
-- FD_ZERO (&efds); /* handle errors too */
-- FD_SET (stream->tcpsi,&fds);/* set bit in selection vectors */
-- FD_SET (stream->tcpsi,&efds);
-+ pfd.fd = stream->tcpsi;
-+ pfd.events = POLLIN;
- errno = NIL; /* initially no error */
- do { /* block under timeout */
-- tmo.tv_sec = ti ? ti - now : 0;
-- i = select (stream->tcpsi+1,&fds,NIL,&efds,ti ? &tmo : NIL);
-+ tmo = ti ? ti - now : 0;
-+ i = poll (&pfd, 1, ti ? tmo * 1000 : -1);
- now = time (0); /* fake timeout if interrupt & time expired */
- if ((i < 0) && (errno == EINTR) && ti && (ti <= now)) i = 0;
- } while ((i < 0) && (errno == EINTR));
-@@ -677,9 +655,8 @@ long tcp_soutr (TCPSTREAM *stream,char *
-
- long tcp_sout (TCPSTREAM *stream,char *string,unsigned long size)
- {
-- int i;
-- fd_set fds,efds;
-- struct timeval tmo;
-+ int i, tmo;
-+ struct pollfd pfd;
- time_t t = time (0);
- blocknotify_t bn = (blocknotify_t) mail_parameters (NIL,GET_BLOCKNOTIFY,NIL);
- if (stream->tcpso < 0) return NIL;
-@@ -689,15 +666,12 @@ long tcp_sout (TCPSTREAM *stream,char *s
- time_t now = tl;
- time_t ti = ttmo_write ? now + ttmo_write : 0;
- if (tcpdebug) mm_log ("Writing to TCP",TCPDEBUG);
-- tmo.tv_usec = 0;
-- FD_ZERO (&fds); /* initialize selection vector */
-- FD_ZERO (&efds); /* handle errors too */
-- FD_SET (stream->tcpso,&fds);/* set bit in selection vector */
-- FD_SET(stream->tcpso,&efds);/* set bit in error selection vector */
-+ pfd.fd = stream->tcpso;
-+ pfd.events = POLLOUT;
- errno = NIL; /* block and write */
- do { /* block under timeout */
-- tmo.tv_sec = ti ? ti - now : 0;
-- i = select (stream->tcpso+1,NIL,&fds,&efds,ti ? &tmo : NIL);
-+ tmo = ti ? ti - now : 0;
-+ i = poll (&pfd, 1, ti ? tmo * 1000 : -1);
- now = time (0); /* fake timeout if interrupt & time expired */
- if ((i < 0) && (errno == EINTR) && ti && (ti <= now)) i = 0;
- } while ((i < 0) && (errno == EINTR));
+++ /dev/null
-From c3f68d987c00284d91ad6599a013b7111662545b Mon Sep 17 00:00:00 2001
-From: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>
-Date: Fri, 2 Sep 2016 21:33:33 +0000
-Subject: [PATCH] uw-imap: compile against openssl 1.1.0
-
-I *think* I replaced access to cert->name with certificate's subject name. I
-assume that the re-aranged C-code is doing the same thing. A double check
-wouldn't hurt :)
-
-Signed-off-by: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>
----
- src/osdep/unix/ssl_unix.c | 28 +++++++++++++++++-----------
- 1 file changed, 17 insertions(+), 11 deletions(-)
-
---- a/src/osdep/unix/ssl_unix.c
-+++ b/src/osdep/unix/ssl_unix.c
-@@ -59,7 +59,7 @@ typedef struct ssl_stream {
- static SSLSTREAM *ssl_start(TCPSTREAM *tstream,char *host,unsigned long flags);
- static char *ssl_start_work (SSLSTREAM *stream,char *host,unsigned long flags);
- static int ssl_open_verify (int ok,X509_STORE_CTX *ctx);
--static char *ssl_validate_cert (X509 *cert,char *host);
-+static char *ssl_validate_cert (X509 *cert,char *host, char *cert_subj);
- static long ssl_compare_hostnames (unsigned char *s,unsigned char *pat);
- static char *ssl_getline_work (SSLSTREAM *stream,unsigned long *size,
- long *contd);
-@@ -210,6 +210,7 @@ static char *ssl_start_work (SSLSTREAM *
- BIO *bio;
- X509 *cert;
- unsigned long sl,tl;
-+ char cert_subj[250];
- char *s,*t,*err,tmp[MAILTMPLEN];
- sslcertificatequery_t scq =
- (sslcertificatequery_t) mail_parameters (NIL,GET_SSLCERTIFICATEQUERY,NIL);
-@@ -266,14 +267,19 @@ static char *ssl_start_work (SSLSTREAM *
- if (SSL_write (stream->con,"",0) < 0)
- return ssl_last_error ? ssl_last_error : "SSL negotiation failed";
- /* need to validate host names? */
-- if (!(flags & NET_NOVALIDATECERT) &&
-- (err = ssl_validate_cert (cert = SSL_get_peer_certificate (stream->con),
-- host))) {
-- /* application callback */
-- if (scq) return (*scq) (err,host,cert ? cert->name : "???") ? NIL : "";
-+ if (!(flags & NET_NOVALIDATECERT)) {
-+
-+ cert_subj[0] = '\0';
-+ cert = SSL_get_peer_certificate(stream->con);
-+ if (cert)
-+ X509_NAME_oneline(X509_get_subject_name(cert), cert_subj, sizeof(cert_subj));
-+ err = ssl_validate_cert (cert, host, cert_subj);
-+ if (err)
-+ /* application callback */
-+ if (scq) return (*scq) (err,host,cert ? cert_subj : "???") ? NIL : "";
- /* error message to return via mm_log() */
-- sprintf (tmp,"*%.128s: %.255s",err,cert ? cert->name : "???");
-- return ssl_last_error = cpystr (tmp);
-+ sprintf (tmp,"*%.128s: %.255s",err,cert ? cert_subj : "???");
-+ return ssl_last_error = cpystr (tmp);
- }
- return NIL;
- }
-@@ -313,7 +319,7 @@ static int ssl_open_verify (int ok,X509_
- * Returns: NIL if validated, else string of error message
- */
-
--static char *ssl_validate_cert (X509 *cert,char *host)
-+static char *ssl_validate_cert (X509 *cert,char *host, char *cert_subj)
- {
- int i,n;
- char *s,*t,*ret;
-@@ -322,9 +328,9 @@ static char *ssl_validate_cert (X509 *ce
- /* make sure have a certificate */
- if (!cert) ret = "No certificate from server";
- /* and that it has a name */
-- else if (!cert->name) ret = "No name in certificate";
-+ else if (cert_subj[0] == '\0') ret = "No name in certificate";
- /* locate CN */
-- else if (s = strstr (cert->name,"/CN=")) {
-+ else if (s = strstr (cert_subj,"/CN=")) {
- if (t = strchr (s += 4,'/')) *t = '\0';
- /* host name matches pattern? */
- ret = ssl_compare_hostnames (host,s) ? NIL :
+++ /dev/null
---- a/src/osdep/unix/ssl_unix.c
-+++ b/src/osdep/unix/ssl_unix.c
-@@ -35,6 +35,7 @@
- #include <bio.h>
- #include <crypto.h>
- #include <rand.h>
-+#include <rsa.h>
- #undef crypt
-
- #define SSLBUFLEN 8192
-@@ -90,6 +91,11 @@ static char *start_tls = NIL; /* non-NIL
-
- static int sslonceonly = 0;
-
-+#if OPENSSL_API_COMPAT >= 0x10100000L
-+#define SSL_CTX_need_tmp_RSA(ctx) 0
-+#define SSL_CTX_set_tmp_rsa_callback(ctx, cb) while(0) (cb)(NULL, 0, 0)
-+#endif
-+
- void ssl_onceonlyinit (void)
- {
- if (!sslonceonly++) { /* only need to call it once */
-@@ -114,7 +120,6 @@ void ssl_onceonlyinit (void)
- /* apply runtime linkage */
- mail_parameters (NIL,SET_SSLDRIVER,(void *) &ssldriver);
- mail_parameters (NIL,SET_SSLSTART,(void *) ssl_start);
-- SSL_library_init (); /* add all algorithms */
- }
- }
- \f
-@@ -220,9 +225,7 @@ static char *ssl_start_work (SSLSTREAM *
- (sslclientkey_t) mail_parameters (NIL,GET_SSLCLIENTKEY,NIL);
- if (ssl_last_error) fs_give ((void **) &ssl_last_error);
- ssl_last_host = host;
-- if (!(stream->context = SSL_CTX_new ((flags & NET_TLSCLIENT) ?
-- TLSv1_client_method () :
-- SSLv23_client_method ())))
-+ if (!(stream->context = SSL_CTX_new (TLS_client_method())))
- return "SSL context failed";
- SSL_CTX_set_options (stream->context,0);
- /* disable certificate validation? */
-@@ -695,9 +698,6 @@ void ssl_server_init (char *server)
- SSLSTREAM *stream = (SSLSTREAM *) memset (fs_get (sizeof (SSLSTREAM)),0,
- sizeof (SSLSTREAM));
- ssl_onceonlyinit (); /* make sure algorithms added */
-- ERR_load_crypto_strings ();
-- SSL_load_error_strings ();
-- /* build specific certificate/key file names */
- sprintf (cert,"%s/%s-%s.pem",SSL_CERT_DIRECTORY,server,tcp_serveraddr ());
- sprintf (key,"%s/%s-%s.pem",SSL_KEY_DIRECTORY,server,tcp_serveraddr ());
- /* use non-specific name if no specific cert */
-@@ -708,9 +708,7 @@ void ssl_server_init (char *server)
- if (stat (key,&sbuf)) strcpy (key,cert);
- }
- /* create context */
-- if (!(stream->context = SSL_CTX_new (start_tls ?
-- TLSv1_server_method () :
-- SSLv23_server_method ())))
-+ if (!(stream->context = SSL_CTX_new (TLS_server_method())))
- syslog (LOG_ALERT,"Unable to create SSL context, host=%.80s",
- tcp_clienthost ());
- else { /* set context options */
git.99rst.org / openwrt-packages.git / commitdiff