Hello community, here is the log from the commit of package isync for openSUSE:Factory checked in at 2020-08-10 15:03:43 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/isync (Old) and /work/SRC/openSUSE:Factory/.isync.new.3399 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "isync" Mon Aug 10 15:03:43 2020 rev:5 rq:825268 version:1.3.3 Changes: -------- --- /work/SRC/openSUSE:Factory/isync/isync.changes 2020-07-17 20:52:34.349028088 +0200 +++ /work/SRC/openSUSE:Factory/.isync.new.3399/isync.changes 2020-08-10 15:04:39.160211288 +0200 @@ -1,0 +2,13 @@ +Tue Aug 4 17:37:51 UTC 2020 - Martin Hauke <[email protected]> + +- Update to version 1.3.3 + * Network timeout handling has been added. + * Support for proper Maildir++ and a Maildir sub-folder naming + style. + * without extra dots have been added. + * Support for TLS client certificates was added. + * Support for recovering from baseless UID validity changes was + added. + * The get-cert script was renamed to mbsync-get-cert. + +------------------------------------------------------------------- Old: ---- isync-1.3.2.tar.gz isync-1.3.2.tar.gz.asc New: ---- isync-1.3.3.tar.gz isync-1.3.3.tar.gz.asc ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ isync.spec ++++++ --- /var/tmp/diff_new_pack.AUA0bY/_old 2020-08-10 15:04:41.052212288 +0200 +++ /var/tmp/diff_new_pack.AUA0bY/_new 2020-08-10 15:04:41.052212288 +0200 @@ -17,7 +17,7 @@ Name: isync -Version: 1.3.2 +Version: 1.3.3 Release: 0 Summary: Utility to synchronize IMAP mailboxes with local maildir folders License: GPL-2.0-only ++++++ isync-1.3.2.tar.gz -> isync-1.3.3.tar.gz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/isync-1.3.2/ChangeLog new/isync-1.3.3/ChangeLog --- old/isync-1.3.2/ChangeLog 2020-07-08 11:43:10.000000000 +0200 +++ new/isync-1.3.3/ChangeLog 2020-08-04 14:44:26.000000000 +0200 @@ -1,3 +1,79 @@ +2020-08-04 12:44 Oswald Buddenhagen <[email protected]> + + * configure.ac: + + bump version + +2020-08-04 09:17 Oswald Buddenhagen <[email protected]> + + * src/socket.c: + + fix version comparison in LibreSSL conditional + + the operator was exactly inverted. that means that it actually wouldn't + compile with both older versions (that needed the aliases) and + potentially new versions (that will hide the data members - still not + the case as of 3.2). + + amends 8a40554f0. + +2020-08-04 08:10 Oswald Buddenhagen <[email protected]> + + * src/drv_imap.c: + + fix re-using server connections for new stores + + we failed to reset the box list pointer after freeing it, which would + lead to a crash. + we also failed to reset the listing status, which would lead to + malfunction if we hadn't already crashed. + + this inlines imap_cleanup_store(), as there isn't much value in keeping + it. the message list is already freed when disowning the store anyway. + +2020-08-03 10:39 Oswald Buddenhagen <[email protected]> + + * src/drv_proxy.c: + + don't crash in proxy_invoke_bad_callback() + + we need to hold a ref to the proxy store, as after the bad_callback() + it's otherwise likely gone. + +2020-07-27 20:48 Oswald Buddenhagen <[email protected]> + + * src/: socket.c, socket.h: + + fix simultaneously connecting to multiple hosts in non-IPv6 builds + + we need to deep-copy the struct hostent data, as otherwise the + concurrent connects will overwrite each other's lookup results. + + this is a rather hypothetical fix, as the bug currently affects only + channels connecting two IMAP accounts, and only if the first host's + first address asynchronously fails to connect. + +2020-07-27 22:28 Oswald Buddenhagen <[email protected]> + + * src/drv_imap.c: + + increase PassCmd output buffer even more + + apparently, some XOAUTH2 tokens are at 2.4K already, so make it 8K to be + *really* safe for a while. + + REFMAIL: <[email protected]> + +2020-08-02 18:05 Oswald Buddenhagen <[email protected]> + + * src/mbsync.1: + + unbreak CertificateFile documentation + + the file may in fact contain CA certs. + + amends 7d9d3e15. + 2020-07-08 09:42 Oswald Buddenhagen <[email protected]> * configure.ac: diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/isync-1.3.2/configure new/isync-1.3.3/configure --- old/isync-1.3.2/configure 2020-07-08 11:43:09.000000000 +0200 +++ new/isync-1.3.3/configure 2020-08-04 14:44:23.000000000 +0200 @@ -1,6 +1,6 @@ #! /bin/sh # Guess values for system-dependent variables and create Makefiles. -# Generated by GNU Autoconf 2.69 for isync 1.3.2. +# Generated by GNU Autoconf 2.69 for isync 1.3.3. # # # Copyright (C) 1992-1996, 1998-2012 Free Software Foundation, Inc. @@ -577,8 +577,8 @@ # Identity of this package. PACKAGE_NAME='isync' PACKAGE_TARNAME='isync' -PACKAGE_VERSION='1.3.2' -PACKAGE_STRING='isync 1.3.2' +PACKAGE_VERSION='1.3.3' +PACKAGE_STRING='isync 1.3.3' PACKAGE_BUGREPORT='' PACKAGE_URL='' @@ -1297,7 +1297,7 @@ # Omit some internal or obsolete options to make the list less imposing. # This message is too long to be a string in the A/UX 3.1 sh. cat <<_ACEOF -\`configure' configures isync 1.3.2 to adapt to many kinds of systems. +\`configure' configures isync 1.3.3 to adapt to many kinds of systems. Usage: $0 [OPTION]... [VAR=VALUE]... @@ -1364,7 +1364,7 @@ if test -n "$ac_init_help"; then case $ac_init_help in - short | recursive ) echo "Configuration of isync 1.3.2:";; + short | recursive ) echo "Configuration of isync 1.3.3:";; esac cat <<\_ACEOF @@ -1470,7 +1470,7 @@ test -n "$ac_init_help" && exit $ac_status if $ac_init_version; then cat <<\_ACEOF -isync configure 1.3.2 +isync configure 1.3.3 generated by GNU Autoconf 2.69 Copyright (C) 2012 Free Software Foundation, Inc. @@ -1835,7 +1835,7 @@ This file contains any messages produced by compilers while running configure, to aid debugging if configure makes a mistake. -It was created by isync $as_me 1.3.2, which was +It was created by isync $as_me 1.3.3, which was generated by GNU Autoconf 2.69. Invocation command line was $ $0 $@ @@ -2700,7 +2700,7 @@ # Define the identity of the package. PACKAGE='isync' - VERSION='1.3.2' + VERSION='1.3.3' cat >>confdefs.h <<_ACEOF @@ -5740,7 +5740,7 @@ # report actual input values of CONFIG_FILES etc. instead of their # values after options handling. ac_log=" -This file was extended by isync $as_me 1.3.2, which was +This file was extended by isync $as_me 1.3.3, which was generated by GNU Autoconf 2.69. Invocation command line was CONFIG_FILES = $CONFIG_FILES @@ -5806,7 +5806,7 @@ cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`" ac_cs_version="\\ -isync config.status 1.3.2 +isync config.status 1.3.3 configured by $0, generated by GNU Autoconf 2.69, with options \\"\$ac_cs_config\\" diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/isync-1.3.2/configure.ac new/isync-1.3.3/configure.ac --- old/isync-1.3.2/configure.ac 2020-07-08 11:42:44.000000000 +0200 +++ new/isync-1.3.3/configure.ac 2020-08-04 14:44:15.000000000 +0200 @@ -1,4 +1,4 @@ -AC_INIT([isync], [1.3.2]) +AC_INIT([isync], [1.3.3]) AC_CONFIG_HEADERS([autodefs.h]) AM_INIT_AUTOMAKE diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/isync-1.3.2/isync.spec new/isync-1.3.3/isync.spec --- old/isync-1.3.2/isync.spec 2020-07-08 11:43:10.000000000 +0200 +++ new/isync-1.3.3/isync.spec 2020-08-04 14:44:25.000000000 +0200 @@ -1,10 +1,10 @@ Summary: Utility to synchronize IMAP mailboxes with local maildir folders Name: isync -Version: 1.3.2 +Version: 1.3.3 Release: 1 License: GPL Group: Applications/Internet -Source: isync-1.3.2.tar.gz +Source: isync-1.3.3.tar.gz URL: http://isync.sf.net/ Packager: Oswald Buddenhagen <[email protected]> BuildRoot: /var/tmp/%{name}-buildroot diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/isync-1.3.2/src/drv_imap.c new/isync-1.3.3/src/drv_imap.c --- old/isync-1.3.2/src/drv_imap.c 2020-07-08 11:06:39.000000000 +0200 +++ new/isync-1.3.3/src/drv_imap.c 2020-08-04 14:42:42.000000000 +0200 @@ -1558,14 +1558,6 @@ /******************* imap_cancel_store *******************/ - -static void -imap_cleanup_store( imap_store_t *ctx ) -{ - free_generic_messages( ctx->msgs ); - free_string_list( ctx->boxes ); -} - static void imap_cancel_store( store_t *gctx ) { @@ -1581,7 +1573,8 @@ free_list( ctx->ns_other ); free_list( ctx->ns_shared ); free_string_list( ctx->auth_mechs ); - imap_cleanup_store( ctx ); + free_generic_messages( ctx->msgs ); + free_string_list( ctx->boxes ); imap_deref( ctx ); } @@ -1718,7 +1711,9 @@ for (ctxp = &unowned; (ctx = (imap_store_t *)*ctxp); ctxp = &ctx->gen.next) if (ctx->state != SST_BAD && ((imap_store_conf_t *)ctx->gen.conf)->server == srvc) { *ctxp = ctx->gen.next; - imap_cleanup_store( ctx ); + free_string_list( ctx->boxes ); + ctx->boxes = NULL; + ctx->listed = 0; /* One could ping the server here, but given that the idle timeout * is at least 30 minutes, this sounds pretty pointless. */ ctx->state = SST_HALF; @@ -1893,7 +1888,7 @@ if (cmd) { FILE *fp; int ret; - char buffer[2048]; // Hopefully more than enough room for XOAUTH2, etc. tokens + char buffer[8192]; // Hopefully more than enough room for XOAUTH2, etc. tokens if (*cmd == '+') { flushn(); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/isync-1.3.2/src/drv_proxy.c new/isync-1.3.3/src/drv_proxy.c --- old/isync-1.3.2/src/drv_proxy.c 2020-07-08 11:06:39.000000000 +0200 +++ new/isync-1.3.3/src/drv_proxy.c 2020-08-04 14:40:19.000000000 +0200 @@ -306,9 +306,11 @@ static void proxy_invoke_bad_callback( proxy_store_t *ctx ) { + ctx->ref_count++; debug( "%sCallback enter bad store\n", ctx->label ); ctx->bad_callback( ctx->bad_callback_aux ); - debug( "%sCallback leave bad store\n", ctx->label ); \ + debug( "%sCallback leave bad store\n", ctx->label ); + proxy_store_deref( ctx ); } //# EXCLUDE alloc_store diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/isync-1.3.2/src/mbsync.1 new/isync-1.3.3/src/mbsync.1 --- old/isync-1.3.2/src/mbsync.1 2020-07-08 11:06:39.000000000 +0200 +++ new/isync-1.3.3/src/mbsync.1 2020-08-04 14:28:37.000000000 +0200 @@ -379,17 +379,27 @@ \fBCertificateFile\fR \fIpath\fR File containing additional X.509 certificates used to verify server identities. -These certificates are always trusted, regardless of validity. +It may contain two types of certificates: +.RS +.IP Host +These certificates are matched only against the received server certificate +itself. +They are always trusted, regardless of validity. +A typical use case would be forcing acceptance of an expired certificate. .br -The certificates from this file are matched only against the received -server certificate itself; CA certificates are \fBnot\fR supported here. -Do \fBnot\fR specify the system's CA certificate store here; see -\fBSystemCertificates\fR instead. -.br -The contents for this file may be obtained using the -\fBmbsync-get-cert\fR tool; make sure to verify the fingerprints of the -certificates before trusting them, or transfer them securely from the -server's network (if it is trusted). +These certificates may be obtained using the \fBmbsync-get-cert\fR tool; +make sure to verify their fingerprints before trusting them, or transfer +them securely from the server's network (if it can be trusted beyond the +server itself). +.IP CA +These certificates are used as trust anchors when building the certificate +chain for the received server certificate. +They are used to supplant or supersede the system's trust store, depending +on the \fBSystemCertificates\fR setting; +it is not necessary and not recommended to specify the system's trust store +itself here. +The trust chains are fully validated. +.RE . .TP \fBClientCertificate\fR \fIpath\fR diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/isync-1.3.2/src/socket.c new/isync-1.3.3/src/socket.c --- old/isync-1.3.2/src/socket.c 2020-07-08 11:06:39.000000000 +0200 +++ new/isync-1.3.3/src/socket.c 2020-08-04 14:42:42.000000000 +0200 @@ -41,7 +41,7 @@ # include <openssl/err.h> # include <openssl/x509v3.h> # if OPENSSL_VERSION_NUMBER < 0x10100000L \ - || (defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER >= 0x2070100fL) + || (defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER < 0x2070100fL) # define X509_OBJECT_get0_X509(o) ((o)->data.x509) # define X509_STORE_get0_objects(o) ((o)->objs) # endif @@ -430,6 +430,32 @@ sock->fd = -1; } +#ifndef HAVE_IPV6 +struct addr_info { + struct addr_info *ai_next; + struct sockaddr_in ai_addr[1]; +}; + +#define freeaddrinfo(ai) free( ai ) + +static struct addr_info * +init_addrinfo( struct hostent *he ) +{ + uint naddr = 0; + for (char **addr = he->h_addr_list; *addr; addr++) + naddr++; + struct addr_info *caddr = nfcalloc( naddr * sizeof(struct addrinfo) ); + struct addr_info *ret, **caddrp = &ret; + for (char **addr = he->h_addr_list; *addr; addr++, caddr++) { + caddr->ai_addr->sin_family = AF_INET; + memcpy( &caddr->ai_addr->sin_addr.s_addr, *addr, sizeof(struct in_addr) ); + *caddrp = caddr; + caddrp = &caddr->ai_next; + } + return ret; +} +#endif + void socket_connect( conn_t *sock, void (*cb)( int ok, void *aux ) ) { @@ -479,8 +505,6 @@ return; } info( "\vok\n" ); - - sock->curr_addr = sock->addrs; #else struct hostent *he; @@ -493,8 +517,9 @@ } info( "\vok\n" ); - sock->curr_addr = he->h_addr_list; + sock->addrs = init_addrinfo( he ); #endif + sock->curr_addr = sock->addrs; socket_connect_one( sock ); } } @@ -506,16 +531,10 @@ #ifdef HAVE_IPV6 struct addrinfo *ai; #else - struct { - struct sockaddr_in ai_addr[1]; - } ai[1]; + struct addr_info *ai; #endif -#ifdef HAVE_IPV6 if (!(ai = sock->curr_addr)) { -#else - if (!*sock->curr_addr) { -#endif error( "No working address found for %s\n", sock->conf->host ); socket_connect_bail( sock ); return; @@ -532,11 +551,6 @@ #endif { struct sockaddr_in *in = ((struct sockaddr_in *)ai->ai_addr); -#ifndef HAVE_IPV6 - memset( in, 0, sizeof(*in) ); - in->sin_family = AF_INET; - in->sin_addr.s_addr = *((int *)*sock->curr_addr); -#endif in->sin_port = htons( sock->conf->port ); nfasprintf( &sock->name, "%s (%s:%hu)", sock->conf->host, inet_ntoa( in->sin_addr ), sock->conf->port ); @@ -579,11 +593,7 @@ sys_error( "Cannot connect to %s", conn->name ); free( conn->name ); conn->name = 0; -#ifdef HAVE_IPV6 conn->curr_addr = conn->curr_addr->ai_next; -#else - conn->curr_addr++; -#endif socket_connect_one( conn ); } @@ -597,12 +607,10 @@ static void socket_connected( conn_t *conn ) { -#ifdef HAVE_IPV6 if (conn->addrs) { freeaddrinfo( conn->addrs ); conn->addrs = 0; } -#endif conf_notifier( &conn->notify, 0, POLLIN ); socket_expect_read( conn, 0 ); conn->state = SCK_READY; @@ -612,12 +620,10 @@ static void socket_cleanup_names( conn_t *conn ) { -#ifdef HAVE_IPV6 if (conn->addrs) { freeaddrinfo( conn->addrs ); conn->addrs = 0; } -#endif free( conn->name ); conn->name = 0; } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/isync-1.3.2/src/socket.h new/isync-1.3.3/src/socket.h --- old/isync-1.3.2/src/socket.h 2020-07-08 11:06:39.000000000 +0200 +++ new/isync-1.3.3/src/socket.h 2020-08-04 14:34:58.000000000 +0200 @@ -73,7 +73,7 @@ #ifdef HAVE_IPV6 struct addrinfo *addrs, *curr_addr; /* needed during connect */ #else - char **curr_addr; /* needed during connect */ + struct addr_info *addrs, *curr_addr; /* needed during connect */ #endif char *name; #ifdef HAVE_LIBSSL
