aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorLeo Famulari <leo@famulari.name>2017-04-11 00:36:07 -0400
committerLeo Famulari <leo@famulari.name>2017-04-11 20:35:31 -0400
commit0adb47bdc7d15e53b8c4c443ad19ebdfcc4177a0 (patch)
tree198a54210d6b0961660368e44879b132929e5f60
parent69121e95cd5568238a0f207dfab708501ec4a753 (diff)
downloadguix-0adb47bdc7d15e53b8c4c443ad19ebdfcc4177a0.tar
guix-0adb47bdc7d15e53b8c4c443ad19ebdfcc4177a0.tar.gz
gnu: dovecot: Update to 2.2.29 [fixes CVE-2017-2669].
* gnu/packages/mail.scm (dovecot): Update to 2.2.29. [source]: Use 'dovecot-fix-failing-test.patch'. * gnu/packages/patches/dovecot-fix-failing-test.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it.
-rw-r--r--gnu/local.mk1
-rw-r--r--gnu/packages/mail.scm8
-rw-r--r--gnu/packages/patches/dovecot-fix-failing-test.patch118
3 files changed, 124 insertions, 3 deletions
diff --git a/gnu/local.mk b/gnu/local.mk
index f3a4e54afa..212228d5c2 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -539,6 +539,7 @@ dist_patch_DATA = \
%D%/packages/patches/diffutils-gets-undeclared.patch \
%D%/packages/patches/doc++-include-directives.patch \
%D%/packages/patches/doc++-segfault-fix.patch \
+ %D%/packages/patches/dovecot-fix-failing-test.patch \
%D%/packages/patches/doxygen-test.patch \
%D%/packages/patches/elfutils-tests-ptrace.patch \
%D%/packages/patches/elixir-disable-failing-tests.patch \
diff --git a/gnu/packages/mail.scm b/gnu/packages/mail.scm
index 49fdb32e8d..1a6c505efd 100644
--- a/gnu/packages/mail.scm
+++ b/gnu/packages/mail.scm
@@ -1086,15 +1086,17 @@ facilities for checking incoming mail.")
(define-public dovecot
(package
(name "dovecot")
- (version "2.2.28")
+ (version "2.2.29")
(source
(origin
(method url-fetch)
(uri (string-append "https://www.dovecot.org/releases/"
(version-major+minor version) "/"
name "-" version ".tar.gz"))
- (sha256 (base32
- "098zpkmkk93372qnv6drgbfg8hp5mynspzc1735qgar6wdcqya70"))))
+ (patches (search-patches "dovecot-fix-failing-test.patch"))
+ (sha256
+ (base32
+ "19irf7b5mjqq68mrpdd38gxc0zp2nqib942kjp3aif3f2acylffr"))))
(build-system gnu-build-system)
(native-inputs
`(("pkg-config" ,pkg-config)))
diff --git a/gnu/packages/patches/dovecot-fix-failing-test.patch b/gnu/packages/patches/dovecot-fix-failing-test.patch
new file mode 100644
index 0000000000..343bab03f9
--- /dev/null
+++ b/gnu/packages/patches/dovecot-fix-failing-test.patch
@@ -0,0 +1,118 @@
+This patch fixes a test failure in dovecot 2.2.29, like this [0]:
+
+------
+Making check in lib-imap-client
+make[2]: Entering directory
+`/builddir/build/BUILD/dovecot-2.2.29/src/lib-imap-client'
+for bin in test-imapc-client; do \
+ if ! ./$bin; then exit 1; fi; \
+ done
+Warning: imapc(127.0.0.1:0): connect(127.0.0.1, 0) failed: Connection
+refused - reconnecting (delay 10 ms)
+Error: imapc(127.0.0.1:0): connect(127.0.0.1, 0) failed: Connection
+refused - disconnecting
+test: random seed #1 was 1492054294
+imapc connect failed ................................................. : ok
+Warning: imapc(127.0.0.1:42704): connect(127.0.0.1, 42704) timed out
+after 0 seconds - reconnecting (delay 0 ms)
+Error: imapc(127.0.0.1:42704): connect(127.0.0.1, 42704) timed out after
+0 seconds - disconnecting
+imapc banner hangs ................................................... : ok
+Warning: imapc(127.0.0.1:36762): Authentication timed out after 0
+seconds - reconnecting (delay 0 ms)
+Error: imapc(127.0.0.1:36762): Authentication failed: Disconnected from
+server
+imapc login hangs .................................................... : ok
+test-imapc-client.c:358: Assert failed: test_imapc_cmd_last_reply_pop()
+== IMAPC_COMMAND_STATE_OK
+imapc reconnect ...................................................... :
+FAILED
+imapc reconnect resend commands ...................................... : ok
+imapc reconnect resend commands failed ............................... : ok
+imapc reconnect mailbox .............................................. : ok
+1 / 7 tests failed
+------
+
+Patch copied from upstream source repository:
+
+https://github.com/dovecot/core/commit/3a1c64363a64cdfe9153eb6292d8923f38955d82
+
+[0]
+https://dovecot.org/pipermail/dovecot/2017-April/107751.html
+
+From 3a1c64363a64cdfe9153eb6292d8923f38955d82 Mon Sep 17 00:00:00 2001
+From: Timo Sirainen <timo.sirainen@dovecot.fi>
+Date: Mon, 10 Apr 2017 17:07:28 +0300
+Subject: [PATCH] lib-imap-client: Fix reconnection
+
+There was already code for reconnection. We just shouldn't have gone very
+far in imapc_connection_connect() if we were still waiting for reconnection
+delay to pass.
+---
+ src/lib-imap-client/imapc-connection.c | 25 +++++++++----------------
+ 1 file changed, 9 insertions(+), 16 deletions(-)
+
+diff --git a/src/lib-imap-client/imapc-connection.c b/src/lib-imap-client/imapc-connection.c
+index 95067e6..6eaf1ab 100644
+--- a/src/lib-imap-client/imapc-connection.c
++++ b/src/lib-imap-client/imapc-connection.c
+@@ -130,6 +130,7 @@ struct imapc_connection {
+ struct timeout *to_throttle, *to_throttle_shrink;
+
+ unsigned int reconnecting:1;
++ unsigned int reconnect_waiting:1;
+ unsigned int reconnect_ok:1;
+ unsigned int idling:1;
+ unsigned int idle_stopping:1;
+@@ -504,6 +505,7 @@ static bool imapc_connection_can_reconnect(struct imapc_connection *conn)
+ static void imapc_connection_reconnect(struct imapc_connection *conn)
+ {
+ conn->reconnect_ok = FALSE;
++ conn->reconnect_waiting = FALSE;
+
+ if (conn->selected_box != NULL)
+ imapc_client_mailbox_reconnect(conn->selected_box);
+@@ -536,6 +538,7 @@ imapc_connection_try_reconnect(struct imapc_connection *conn,
+ imapc_connection_disconnect_full(conn, TRUE);
+ conn->to = timeout_add(delay_msecs, imapc_connection_reconnect, conn);
+ conn->reconnect_count++;
++ conn->reconnect_waiting = TRUE;
+ }
+ }
+ }
+@@ -1785,6 +1788,12 @@ void imapc_connection_connect(struct imapc_connection *conn)
+
+ if (conn->fd != -1 || conn->dns_lookup != NULL)
+ return;
++ if (conn->reconnect_waiting) {
++ /* wait for the reconnection delay to finish before
++ doing anything. */
++ return;
++ }
++
+ conn->reconnecting = FALSE;
+ /* if we get disconnected before we've finished all the pending
+ commands, don't reconnect */
+@@ -1792,22 +1801,6 @@ void imapc_connection_connect(struct imapc_connection *conn)
+ array_count(&conn->cmd_send_queue);
+
+ imapc_connection_input_reset(conn);
+-
+- int msecs_since_last_connect =
+- timeval_diff_msecs(&ioloop_timeval, &conn->last_connect);
+- if (!conn->reconnect_ok &&
+- msecs_since_last_connect < (int)conn->client->set.connect_retry_interval_msecs) {
+- if (conn->to != NULL)
+- timeout_remove(&conn->to);
+- conn->reconnecting = TRUE;
+- imapc_connection_set_disconnected(conn);
+- /* don't wait longer than necessary */
+- unsigned int delay_msecs =
+- conn->client->set.connect_retry_interval_msecs -
+- msecs_since_last_connect;
+- conn->to = timeout_add(delay_msecs, imapc_connection_reconnect, conn);
+- return;
+- }
+ conn->last_connect = ioloop_timeval;
+
+ if (conn->client->set.debug) {