diff --git a/.gitignore b/.gitignore index 1b05822..3d1e29f 100644 --- a/.gitignore +++ b/.gitignore @@ -1 +1,2 @@ /imap-2007f.tar.gz +/imap-2007f diff --git a/imap-2007e-poll.patch b/imap-2007e-poll.patch new file mode 100644 index 0000000..e25f1b6 --- /dev/null +++ b/imap-2007e-poll.patch @@ -0,0 +1,192 @@ +http://anonscm.debian.org/cgit/collab-maint/uw-imap.git/plain/debian/patches/1005_poll.patch + +Description: Use poll(2) instead of select(2) to support more than 1024 file descriptors +Author: Ben Smithurst +Bug-Debian: https://bugs.debian.org/478193 + +diff --git a/src/osdep/unix/os_lnx.c b/src/osdep/unix/os_lnx.c +index 03fd17d..671bbd6 100644 +--- a/src/osdep/unix/os_lnx.c ++++ b/src/osdep/unix/os_lnx.c +@@ -41,6 +41,7 @@ + extern int errno; /* just in case */ + #include + #include "misc.h" ++#include + + + #include "fs_unix.c" +diff --git a/src/osdep/unix/os_slx.c b/src/osdep/unix/os_slx.c +index c94d632..f6bf27d 100644 +--- a/src/osdep/unix/os_slx.c ++++ b/src/osdep/unix/os_slx.c +@@ -42,6 +42,7 @@ extern int errno; /* just in case */ + #include + #include + #include "misc.h" ++#include + + + #include "fs_unix.c" +diff --git a/src/osdep/unix/tcp_unix.c b/src/osdep/unix/tcp_unix.c +index 795fb4f..c69eaec 100644 +--- a/src/osdep/unix/tcp_unix.c ++++ b/src/osdep/unix/tcp_unix.c +@@ -235,12 +235,11 @@ TCPSTREAM *tcp_open (char *host,char *service,unsigned long port) + int tcp_socket_open (int family,void *adr,size_t adrlen,unsigned short port, + char *tmp,int *ctr,char *hst) + { +- int i,ti,sock,flgs; ++ int i,ti,sock,flgs,tmo; ++ struct pollfd pfd; + size_t len; + time_t now; + struct protoent *pt = getprotobyname ("tcp"); +- fd_set rfds,wfds,efds; +- struct timeval tmo; + struct sockaddr *sadr = ip_sockaddr (family,adr,adrlen,port,&len); + blocknotify_t bn = (blocknotify_t) mail_parameters (NIL,GET_BLOCKNOTIFY,NIL); + /* fetid Solaris */ +@@ -252,14 +251,6 @@ int tcp_socket_open (int family,void *adr,size_t adrlen,unsigned short port, + sprintf (tmp,"Unable to create TCP socket: %s",strerror (errno)); + (*bn) (BLOCK_NONSENSITIVE,data); + } +- else if (sock >= FD_SETSIZE) {/* unselectable sockets are useless */ +- sprintf (tmp,"Unable to create selectable TCP socket (%d >= %d)", +- sock,FD_SETSIZE); +- (*bn) (BLOCK_NONSENSITIVE,data); +- close (sock); +- sock = -1; +- errno = EMFILE; +- } + + else { /* get current socket flags */ + flgs = fcntl (sock,F_GETFL,0); +@@ -284,16 +275,11 @@ int tcp_socket_open (int family,void *adr,size_t adrlen,unsigned short port, + if ((sock >= 0) && ctr) { /* want open timeout? */ + now = time (0); /* open timeout */ + ti = ttmo_open ? now + ttmo_open : 0; +- tmo.tv_usec = 0; +- FD_ZERO (&rfds); /* initialize selection vector */ +- FD_ZERO (&wfds); /* initialize selection vector */ +- FD_ZERO (&efds); /* handle errors too */ +- FD_SET (sock,&rfds); /* block for error or readable or writable */ +- FD_SET (sock,&wfds); +- FD_SET (sock,&efds); ++ pfd.fd = sock; ++ pfd.events = POLLIN | POLLOUT; + do { /* block under timeout */ +- tmo.tv_sec = ti ? ti - now : 0; +- i = select (sock+1,&rfds,&wfds,&efds,ti ? &tmo : NIL); ++ tmo = ti ? ti - now : 0; ++ i = poll (&pfd, 1, ti ? tmo * 1000 : -1); + now = time (0); /* fake timeout if interrupt & time expired */ + if ((i < 0) && (errno == EINTR) && ti && (ti <= now)) i = 0; + } while ((i < 0) && (errno == EINTR)); +@@ -302,7 +288,7 @@ int tcp_socket_open (int family,void *adr,size_t adrlen,unsigned short port, + fcntl (sock,F_SETFL,flgs); + /* This used to be a zero-byte read(), but that crashes Solaris */ + /* get socket status */ +- if(FD_ISSET(sock, &rfds)) while (((i = *ctr = read (sock,tmp,1)) < 0) && (errno == EINTR)); ++ if(pfd.revents & POLLIN) while (((i = *ctr = read (sock,tmp,1)) < 0) && (errno == EINTR)); + } + if (i <= 0) { /* timeout or error? */ + i = i ? errno : ETIMEDOUT;/* determine error code */ +@@ -545,9 +531,8 @@ long tcp_getbuffer (TCPSTREAM *stream,unsigned long size,char *s) + stream->ictr -=n; + } + if (size) { +- int i; +- fd_set fds,efds; +- struct timeval tmo; ++ int i, tmo; ++ struct pollfd pfd; + time_t t = time (0); + blocknotify_t bn=(blocknotify_t) mail_parameters (NIL,GET_BLOCKNOTIFY,NIL); + (*bn) (BLOCK_TCPREAD,NIL); +@@ -556,16 +541,13 @@ long tcp_getbuffer (TCPSTREAM *stream,unsigned long size,char *s) + time_t now = tl; + time_t ti = ttmo_read ? now + ttmo_read : 0; + if (tcpdebug) mm_log ("Reading TCP buffer",TCPDEBUG); +- tmo.tv_usec = 0; +- FD_ZERO (&fds); /* initialize selection vector */ +- FD_ZERO (&efds); /* handle errors too */ +- /* set bit in selection vectors */ +- FD_SET (stream->tcpsi,&fds); +- FD_SET (stream->tcpsi,&efds); ++ ++ pfd.events = POLLIN; ++ pfd.fd = stream->tcpsi; + errno = NIL; /* initially no error */ + do { /* block under timeout */ +- tmo.tv_sec = ti ? ti - now : 0; +- i = select (stream->tcpsi+1,&fds,NIL,&efds,ti ? &tmo : NIL); ++ tmo = ti ? ti - now : 0; ++ i = poll (&pfd, 1, ti ? tmo * 1000 : -1); + now = time (0); /* fake timeout if interrupt & time expired */ + if ((i < 0) && (errno == EINTR) && ti && (ti <= now)) i = 0; + } while ((i < 0) && (errno == EINTR)); +@@ -605,9 +587,8 @@ long tcp_getbuffer (TCPSTREAM *stream,unsigned long size,char *s) + + long tcp_getdata (TCPSTREAM *stream) + { +- int i; +- fd_set fds,efds; +- struct timeval tmo; ++ int i, tmo; ++ struct pollfd pfd; + time_t t = time (0); + blocknotify_t bn = (blocknotify_t) mail_parameters (NIL,GET_BLOCKNOTIFY,NIL); + if (stream->tcpsi < 0) return NIL; +@@ -617,15 +598,12 @@ long tcp_getdata (TCPSTREAM *stream) + time_t now = tl; + time_t ti = ttmo_read ? now + ttmo_read : 0; + if (tcpdebug) mm_log ("Reading TCP data",TCPDEBUG); +- tmo.tv_usec = 0; +- FD_ZERO (&fds); /* initialize selection vector */ +- FD_ZERO (&efds); /* handle errors too */ +- FD_SET (stream->tcpsi,&fds);/* set bit in selection vectors */ +- FD_SET (stream->tcpsi,&efds); ++ pfd.fd = stream->tcpsi; ++ pfd.events = POLLIN; + errno = NIL; /* initially no error */ + do { /* block under timeout */ +- tmo.tv_sec = ti ? ti - now : 0; +- i = select (stream->tcpsi+1,&fds,NIL,&efds,ti ? &tmo : NIL); ++ tmo = ti ? ti - now : 0; ++ i = poll (&pfd, 1, ti ? tmo * 1000 : -1); + now = time (0); /* fake timeout if interrupt & time expired */ + if ((i < 0) && (errno == EINTR) && ti && (ti <= now)) i = 0; + } while ((i < 0) && (errno == EINTR)); +@@ -677,9 +655,8 @@ long tcp_soutr (TCPSTREAM *stream,char *string) + + long tcp_sout (TCPSTREAM *stream,char *string,unsigned long size) + { +- int i; +- fd_set fds,efds; +- struct timeval tmo; ++ int i, tmo; ++ struct pollfd pfd; + time_t t = time (0); + blocknotify_t bn = (blocknotify_t) mail_parameters (NIL,GET_BLOCKNOTIFY,NIL); + if (stream->tcpso < 0) return NIL; +@@ -689,15 +666,12 @@ long tcp_sout (TCPSTREAM *stream,char *string,unsigned long size) + time_t now = tl; + time_t ti = ttmo_write ? now + ttmo_write : 0; + if (tcpdebug) mm_log ("Writing to TCP",TCPDEBUG); +- tmo.tv_usec = 0; +- FD_ZERO (&fds); /* initialize selection vector */ +- FD_ZERO (&efds); /* handle errors too */ +- FD_SET (stream->tcpso,&fds);/* set bit in selection vector */ +- FD_SET(stream->tcpso,&efds);/* set bit in error selection vector */ ++ pfd.fd = stream->tcpso; ++ pfd.events = POLLOUT; + errno = NIL; /* block and write */ + do { /* block under timeout */ +- tmo.tv_sec = ti ? ti - now : 0; +- i = select (stream->tcpso+1,NIL,&fds,&efds,ti ? &tmo : NIL); ++ tmo = ti ? ti - now : 0; ++ i = poll (&pfd, 1, ti ? tmo * 1000 : -1); + now = time (0); /* fake timeout if interrupt & time expired */ + if ((i < 0) && (errno == EINTR) && ti && (ti <= now)) i = 0; + } while ((i < 0) && (errno == EINTR)); diff --git a/imap-2007f-format-security.patch b/imap-2007f-format-security.patch new file mode 100644 index 0000000..244153e --- /dev/null +++ b/imap-2007f-format-security.patch @@ -0,0 +1,12 @@ +diff -Naur imap-2007f.orig/src/osdep/unix/flocklnx.c imap-2007f/src/osdep/unix/flocklnx.c +--- imap-2007f.orig/src/osdep/unix/flocklnx.c 2011-07-23 02:20:11.000000000 +0200 ++++ imap-2007f/src/osdep/unix/flocklnx.c 2014-04-14 19:17:46.429000000 +0200 +@@ -57,7 +57,7 @@ + case ENOLCK: /* lock table is full */ + sprintf (tmp,"File locking failure: %s",strerror (errno)); + mm_log (tmp,WARN); /* give the user a warning of what happened */ +- if (!logged++) syslog (LOG_ERR,tmp); ++ if (!logged++) syslog (LOG_ERR, "%s", tmp); + /* return failure if non-blocking lock */ + if (op & LOCK_NB) return -1; + sleep (5); /* slow down in case it loops */ diff --git a/uw-imap.spec b/uw-imap.spec index 3b8b91b..6428682 100644 --- a/uw-imap.spec +++ b/uw-imap.spec @@ -6,36 +6,40 @@ # ship static lib, matches default upstream config # as convenience to users, since our hacked shlib can potentially break # abi semi-often -%define _with_static 1 +%global _with_static 1 %endif -%if 0%{?rhel} > 5 -%define _with_system_libc_client 1 +## don't use even on rhel6, due to libc-client WONTFIX, +## https://bugzilla.redhat.com/show_bug.cgi?id=736120 +#if 0%{?rhel} == 6 +%if 0 +%global _with_system_libc_client 1 %endif +# trim changelog included in binary rpms +%global _changelog_trimtime %(date +%s -d "1 year ago") + Summary: UW Server daemons for IMAP and POP network mail protocols Name: uw-imap Version: 2007f -Release: 4%{?dist} +Release: 14%{?dist} # See LICENSE.txt, http://www.apache.org/licenses/LICENSE-2.0 License: ASL 2.0 -Group: System Environment/Daemons URL: http://www.washington.edu/imap/ # Old (non-latest) releases live at ftp://ftp.cac.washington.edu/imap/old/ Source0: ftp://ftp.cac.washington.edu/imap/imap-%{version}%{?beta}%{?dev}%{?snap}.tar.gz -BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) - -%define soname c-client -#define somajor %{version} -%define somajor 2007 -%define shlibname lib%{soname}.so.%{somajor} -%if 0%{?fedora} > 2 || 0%{?rhel} > 5 -%define imap_libs lib%{soname} + +%global soname c-client +%global shlibname lib%{soname}.so.%{somajor} +%if 0%{?fedora} || 0%{?rhel} > 6 +%global somajor 2007 +%global imap_libs lib%{soname} %else -# rhel (4,5) requires parallel-installable shlib, to not conflict with +# rhel (<7) requires parallel-installable shlib, to not conflict with # os-provided libc-client -%define imap_libs lib%{soname}%{somajor} +%global somajor %{version} +%global imap_libs lib%{soname}%{somajor} %endif # FC4+ uses %%_sysconfdir/pki/tls, previous releases used %%_datadir/ssl @@ -64,6 +68,8 @@ Patch5: imap-2007e-overflow.patch Patch9: imap-2007e-shared.patch Patch10: imap-2007e-authmd5.patch Patch11: imap-2007e-system_c_client.patch +Patch12: imap-2007f-format-security.patch +Patch13: imap-2007e-poll.patch BuildRequires: krb5-devel BuildRequires: openssl-devel @@ -169,6 +175,9 @@ install -p -m644 %{SOURCE22} imap.pam %patch11 -p1 -b .system_c_client %endif +%patch12 -p1 -b .fmt-sec +%patch13 -p1 -b .poll + %build @@ -262,6 +271,10 @@ mkdir -p $RPM_BUILD_ROOT%{ssldir}/certs touch $RPM_BUILD_ROOT%{ssldir}/certs/{imapd,ipop3d}.pem +%clean +rm -rf $RPM_BUILD_ROOT + + # FIXME, do on first launch (or not at all?), not here -- Rex %post { @@ -289,17 +302,7 @@ done %postun /sbin/service xinetd reload > /dev/null 2>&1 || : -%post -n %{imap_libs} -p /sbin/ldconfig - -%postun -n %{imap_libs} -p /sbin/ldconfig - - -%clean -rm -rf $RPM_BUILD_ROOT - - %files -%defattr(-,root,root,-) %doc docs/SSLBUILD %config(noreplace) %{_sysconfdir}/pam.d/imap %config(noreplace) %{_sysconfdir}/pam.d/pop @@ -318,14 +321,15 @@ rm -rf $RPM_BUILD_ROOT %{_sbindir}/imapd %files utils -%defattr(-,root,root,-) %{_bindir}/* %attr(2755, root, mail) %{_sbindir}/mlock %{_mandir}/man1/* %if ! 0%{?_with_system_libc_client} +%post -n %{imap_libs} -p /sbin/ldconfig +%postun -n %{imap_libs} -p /sbin/ldconfig + %files -n %{imap_libs} -%defattr(-,root,root) %doc LICENSE.txt NOTICE SUPPORT %doc docs/RELNOTES docs/*.txt %ghost %config(missingok,noreplace) %{_sysconfdir}/c-client.cf @@ -334,20 +338,49 @@ rm -rf $RPM_BUILD_ROOT %if 0%{?_with_devel:1} %files devel -%defattr(-,root,root,-) %{_includedir}/imap/ %{_libdir}/lib%{soname}.so %endif %if 0%{?_with_static:1} %files static -%defattr(-,root,root,-) %{_libdir}/c-client.a %{_libdir}/libc-client.a %endif %changelog +* Tue Jul 11 2017 Rex Dieter - 2007f-14 +- .spec cosmetics, %%define -> %%global +- workaround el6 libc-client WONTFIX brokenness (#736120) + +* Sat Feb 11 2017 Fedora Release Engineering - 2007f-13 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild + +* Thu Jul 28 2016 Joe Orton - 2007f-12 +- use poll() not select, from Ben Smithusrt via Debian + +* Fri Feb 05 2016 Fedora Release Engineering - 2007f-11 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild + +* Fri Jun 19 2015 Fedora Release Engineering - 2007f-10 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild + +* Mon Aug 18 2014 Fedora Release Engineering - 2007f-9 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild + +* Mon Jul 21 2014 Rex Dieter 2007f-8 +- move scriptlets near corresponding %%files + +* Sun Jun 08 2014 Fedora Release Engineering - 2007f-7 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild + +* Mon Apr 14 2014 Jaromir Capik - 2007f-6 +- Fixing format-security flaws (#1037374) + +* Sun Aug 04 2013 Fedora Release Engineering - 2007f-5 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild + * Fri Feb 15 2013 Fedora Release Engineering - 2007f-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild