diff options
author | Ondrej Exner <ondrej.exner@ubnt.com> | 2019-09-09 13:04:58 +0200 |
---|---|---|
committer | Natanael Copa <ncopa@alpinelinux.org> | 2019-09-10 05:44:46 +0000 |
commit | 21ffc72e4201dd0cae5fdb16a1cbcc93af999817 (patch) | |
tree | 2589a39731f17c5d9e9f23651a7966fc1dae3f4b /main | |
parent | 1a12e713f81e2fef324422d5842f15ccf6713098 (diff) | |
download | aports-21ffc72e4201dd0cae5fdb16a1cbcc93af999817.tar.bz2 aports-21ffc72e4201dd0cae5fdb16a1cbcc93af999817.tar.xz |
main/imap: SNI patch required for TLS 1.3
Diffstat (limited to 'main')
-rw-r--r-- | main/imap/APKBUILD | 6 | ||||
-rw-r--r-- | main/imap/sni.patch | 24 |
2 files changed, 28 insertions, 2 deletions
diff --git a/main/imap/APKBUILD b/main/imap/APKBUILD index 37b294d476..1b34a85c73 100644 --- a/main/imap/APKBUILD +++ b/main/imap/APKBUILD @@ -5,7 +5,7 @@ # build it shared pkgname=imap pkgver=2007f -pkgrel=9 +pkgrel=10 pkgdesc="An IMAP/POP server" url="http://www.washington.edu/imap" arch="all" @@ -17,6 +17,7 @@ source="http://ftp.ntua.gr/pub/net/mail/imap/imap-$pkgver.tar.gz fix-linking.patch c-client-2006k_KOLAB_Annotations.patch 1006_openssl1.1_autoverify.patch + sni.patch " builddir="$srcdir"/$pkgname-$pkgver @@ -65,4 +66,5 @@ cclient() { sha512sums="7c3e1d9927872001e768ff2ddbcf3af74078243efe58dd70e01d966856b7611134e4b579818691a954bade9acaeeda6f2f30f40d812b8aa20990de5cb90d5d35 imap-2007f.tar.gz f8a4b5b8759b690273ec8c86db55c3c3ebf7b358321aa829341bc65e98db0f10696b1eeae922eecada668f011b0b3231ed73c3a959b47b4cba00568bf7d231c1 fix-linking.patch 871093236b3ae300968e1e200a2389566af72ed1f62ad57c1dc617dd59e8378f29175fe07e5cfc575e022f3c27769b06850cbf21567f7cc359ca204c4d87a3af c-client-2006k_KOLAB_Annotations.patch -7ecbe52adc6e3d1deee05790745642f794150ffaebf51c0cf689dc036eea9c7d80e643648aac37bf0aa83ac138b8bb63abfad3b540bc9440de3456162dfabae5 1006_openssl1.1_autoverify.patch" +7ecbe52adc6e3d1deee05790745642f794150ffaebf51c0cf689dc036eea9c7d80e643648aac37bf0aa83ac138b8bb63abfad3b540bc9440de3456162dfabae5 1006_openssl1.1_autoverify.patch +2b1ec17da5c57832f3adb30f09f4fd31f6cdfc63a696f36141b84bdc0a375f0b40a2c84cba3d11658a2895125687f49ead04ef381eed4b61564ede65f6149622 sni.patch" diff --git a/main/imap/sni.patch b/main/imap/sni.patch new file mode 100644 index 0000000000..2247f65f98 --- /dev/null +++ b/main/imap/sni.patch @@ -0,0 +1,24 @@ +Description: Google IMAP servers require SNI if client supports TLS 1.3. +Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/php-imap/+bug/1834340 + +--- a/src/osdep/unix/ssl_unix.c ++++ b/src/osdep/unix/ssl_unix.c +@@ -273,6 +273,18 @@ static char *ssl_start_work (SSLSTREAM *stream,char *host,unsigned long flags) + /* create connection */ + if (!(stream->con = (SSL *) SSL_new (stream->context))) + return "SSL connection failed"; ++#if OPENSSL_VERSION_NUMBER >= 0x10200000L ++ ASN1_OCTET_STRING *ip; ++ /* support SNI if host is not an IP address */ ++ /* per RFC 6066: */ ++ /* Literal IPv4 and IPv6 addresses are not permitted in "HostName". */ ++ /* a2i_IPADDRESS is available since OpenSSL 1.0.2 */ ++ ip = a2i_IPADDRESS(host); ++ if (ip == NULL) { ++ ERR_clear_error(); ++ SSL_set_tlsext_host_name(stream->con,host); ++ } ++#endif + bio = BIO_new_socket (stream->tcpstream->tcpsi,BIO_NOCLOSE); + SSL_set_bio (stream->con,bio,bio); + SSL_set_connect_state (stream->con); |