Hello community, here is the log from the commit of package imapfilter for openSUSE:Factory checked in at 2019-09-26 20:41:36 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/imapfilter (Old) and /work/SRC/openSUSE:Factory/.imapfilter.new.2352 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "imapfilter" Thu Sep 26 20:41:36 2019 rev:42 rq:733259 version:2.6.13 Changes: -------- --- /work/SRC/openSUSE:Factory/imapfilter/imapfilter.changes 2018-11-09 07:54:49.287683516 +0100 +++ /work/SRC/openSUSE:Factory/.imapfilter.new.2352/imapfilter.changes 2019-09-26 20:41:38.922476014 +0200 @@ -1,0 +2,6 @@ +Sat Sep 21 20:25:30 UTC 2019 - Arun Persaud <[email protected]> + +- update to version 2.6.13: + * Support for SSL hostname validation. + +------------------------------------------------------------------- Old: ---- imapfilter-2.6.12.tar.gz New: ---- imapfilter-2.6.13.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ imapfilter.spec ++++++ --- /var/tmp/diff_new_pack.Bb5wzO/_old 2019-09-26 20:41:39.410474709 +0200 +++ /var/tmp/diff_new_pack.Bb5wzO/_new 2019-09-26 20:41:39.418474688 +0200 @@ -1,7 +1,7 @@ # # spec file for package imapfilter # -# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -17,7 +17,7 @@ Name: imapfilter -Version: 2.6.12 +Version: 2.6.13 Release: 0 Summary: A mail filtering utility License: MIT ++++++ imapfilter-2.6.12.tar.gz -> imapfilter-2.6.13.tar.gz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/imapfilter-2.6.12/LICENSE new/imapfilter-2.6.13/LICENSE --- old/imapfilter-2.6.12/LICENSE 2018-10-03 09:37:24.000000000 +0200 +++ new/imapfilter-2.6.13/LICENSE 2019-09-16 23:51:21.000000000 +0200 @@ -1,4 +1,4 @@ -Copyright (c) 2001-2017 Eleftherios Chatzimparmpas +Copyright (c) 2001-2019 Eleftherios Chatzimparmpas Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/imapfilter-2.6.12/NEWS new/imapfilter-2.6.13/NEWS --- old/imapfilter-2.6.12/NEWS 2018-10-03 09:37:24.000000000 +0200 +++ new/imapfilter-2.6.13/NEWS 2019-09-16 23:51:21.000000000 +0200 @@ -1,4 +1,7 @@ -IMAPFilter 2.6.12 - 03 Oct 2017 +IMAPFilter 2.6.13 - 17 Sep 2019 + - Support for SSL hostname validation. + +IMAPFilter 2.6.12 - 03 Oct 2018 - Support for Server Name Indication (SNI). - The searching methods return values are described in the config man page. - Example of using the enter_idle() function in the sample extend file. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/imapfilter-2.6.12/README new/imapfilter-2.6.13/README --- old/imapfilter-2.6.12/README 2018-10-03 09:37:24.000000000 +0200 +++ new/imapfilter-2.6.13/README 2019-09-16 23:51:21.000000000 +0200 @@ -26,7 +26,7 @@ Installation Compile time requirements are Lua (version 5.3 or 5.2 or 5.1), the PCRE - library, and the OpenSSL library. + library, and the OpenSSL library (version 1.0.2 and later). Compile and install the program: diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/imapfilter-2.6.12/src/lua.c new/imapfilter-2.6.13/src/lua.c --- old/imapfilter-2.6.12/src/lua.c 2018-10-03 09:37:24.000000000 +0200 +++ new/imapfilter-2.6.13/src/lua.c 2019-09-16 23:51:21.000000000 +0200 @@ -146,6 +146,8 @@ set_table_number("timeout", 60); set_table_boolean("wakeonany", 0); + set_table_boolean("dryrun", opts.dryrun); + lua_setglobal(lua, "options"); } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/imapfilter-2.6.12/src/request.c new/imapfilter-2.6.13/src/request.c --- old/imapfilter-2.6.12/src/request.c 2018-10-03 09:37:24.000000000 +0200 +++ new/imapfilter-2.6.13/src/request.c 2019-09-16 23:51:21.000000000 +0200 @@ -52,6 +52,7 @@ return STATUS_NONE; \ } else \ session_destroy(ssn); \ + ssn = NULL; \ return -1; \ } @@ -217,6 +218,7 @@ ssn->server); close_connection(ssn); session_destroy(ssn); + ssn = NULL; return STATUS_NO; } if (ssn->capabilities & CAPABILITY_XOAUTH2 && ssn->oauth2) { @@ -229,6 +231,7 @@ ssn->username, ssn->server); close_connection(ssn); session_destroy(ssn); + ssn = NULL; return STATUS_NO; } if (rl != STATUS_OK && ssn->password && @@ -258,6 +261,7 @@ ssn->username, ssn->server); close_connection(ssn); session_destroy(ssn); + ssn = NULL; return STATUS_NO; } } else { @@ -285,6 +289,7 @@ close_connection(ssn); fail: session_destroy(ssn); + ssn = NULL; return -1; } @@ -299,9 +304,11 @@ if (response_generic(ssn, send_request(ssn, "LOGOUT")) == -1) { session_destroy(ssn); + ssn = NULL; } else { close_connection(ssn); session_destroy(ssn); + ssn = NULL; } return STATUS_OK; } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/imapfilter-2.6.12/src/session.c new/imapfilter-2.6.13/src/session.c --- old/imapfilter-2.6.12/src/session.c 2018-10-03 09:37:24.000000000 +0200 +++ new/imapfilter-2.6.13/src/session.c 2019-09-16 23:51:21.000000000 +0200 @@ -63,9 +63,13 @@ sessions = list_remove(sessions, ssn); - if (ssn->ns.prefix) + if (ssn->ns.prefix) { xfree(ssn->ns.prefix); - if (ssn->selected) + ssn->ns.prefix = NULL; + } + if (ssn->selected) { xfree(ssn->selected); + ssn->selected = NULL; + } xfree(ssn); } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/imapfilter-2.6.12/src/socket.c new/imapfilter-2.6.13/src/socket.c --- old/imapfilter-2.6.12/src/socket.c 2018-10-03 09:37:24.000000000 +0200 +++ new/imapfilter-2.6.13/src/socket.c 2019-09-16 23:51:21.000000000 +0200 @@ -12,6 +12,7 @@ #include <openssl/ssl.h> #include <openssl/err.h> +#include <openssl/x509v3.h> #include "imapfilter.h" #include "session.h" @@ -141,15 +142,38 @@ if (!(ssn->sslconn = SSL_new(ctx))) goto fail; -#if OPENSSL_VERSION_NUMBER >= 0x1000000fL - r = SSL_set_tlsext_host_name(ssn->sslconn, ssn->server); - if (r == 0) { - error("failed setting the Server Name Indication (SNI) to " - "%s; %s\n", ssn->server, - ERR_error_string(ERR_get_error(), NULL)); - goto fail; - } + if (get_option_boolean("certificates")) { +#if OPENSSL_VERSION_NUMBER >= 0x10000010L + SSL_set_hostflags(ssn->sslconn, + X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS); + if (!SSL_set1_host(ssn->sslconn, ssn->server)) { + error("failed setting hostname validation to " + "%s; %s\n ", ssn->server, + ERR_error_string(ERR_get_error(), NULL)); + goto fail; + } + + r = SSL_set_tlsext_host_name(ssn->sslconn, ssn->server); + if (r == 0) { + error("failed setting the Server Name Indication (SNI)" + " to %s; %s\n", ssn->server, + ERR_error_string(ERR_get_error(), NULL)); + goto fail; + } +#else + X509_VERIFY_PARAM *param = SSL_get0_param(ssn->sslconn); + X509_VERIFY_PARAM_set_hostflags(param, + X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS); + if (!X509_VERIFY_PARAM_set1_host(param, ssn->server, + strlen(ssn->server))) { + error("failed setting hostname validation to " + "%s; %s\n ", ssn->server, + ERR_error_string(ERR_get_error(), NULL)); + goto fail; + } #endif + SSL_set_verify(ssn->sslconn, SSL_VERIFY_PEER, NULL); + } SSL_set_fd(ssn->sslconn, ssn->socket); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/imapfilter-2.6.12/src/version.h new/imapfilter-2.6.13/src/version.h --- old/imapfilter-2.6.12/src/version.h 2018-10-03 09:37:24.000000000 +0200 +++ new/imapfilter-2.6.13/src/version.h 2019-09-16 23:51:21.000000000 +0200 @@ -3,10 +3,10 @@ /* Program's version number. */ -#define VERSION "2.6.12" +#define VERSION "2.6.13" /* Program's copyright. */ -#define COPYRIGHT "Copyright (c) 2001-2018 Eleftherios Chatzimparmpas" +#define COPYRIGHT "Copyright (c) 2001-2019 Eleftherios Chatzimparmpas" #endif /* VERSION_H */
