From d435a32020be6953cd7e99f94a5c6e5c45a186cc Mon Sep 17 00:00:00 2001 From: Zoltán Böszörményi Date: Thu, 9 May 2024 08:07:55 +0200 Subject: uw-imap: Add a patch to support newer than TLSv1.0 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit The patch 0001-Support-OpenSSL-1.1.patch enabled building uw-imap against OpenSSL 1.1.0 or later. However, TLSv1_client_method() and TLSv1_server_method() restricts uw-imap to TLSv1.0. These APIs, along with explicitly versioned APIs like TLSv1_1_*_method() and TLSv1_2_*_method() are deprecated in OpenSSL 1.1.0 or later. The replacements are unversioned API functions: TLS_client_method() and TLS_server_method() which support TLS version autonegotiation. This allows the PHP IMAP extension to work with IMAP servers that enforce TLSv1.2 or higher. Fixes: https://bugs.php.net/bug.php?id=76928 Signed-off-by: Zoltán Böszörményi Signed-off-by: Khem Raj --- .../uw-imap/uw-imap/uw-imap-newer-tls.patch | 29 ++++++++++++++++++++++ meta-oe/recipes-devtools/uw-imap/uw-imap_2007f.bb | 1 + 2 files changed, 30 insertions(+) create mode 100644 meta-oe/recipes-devtools/uw-imap/uw-imap/uw-imap-newer-tls.patch (limited to 'meta-oe/recipes-devtools') diff --git a/meta-oe/recipes-devtools/uw-imap/uw-imap/uw-imap-newer-tls.patch b/meta-oe/recipes-devtools/uw-imap/uw-imap/uw-imap-newer-tls.patch new file mode 100644 index 0000000000..958abc90f8 --- /dev/null +++ b/meta-oe/recipes-devtools/uw-imap/uw-imap/uw-imap-newer-tls.patch @@ -0,0 +1,29 @@ +Signed-off-by: Zoltán Böszörményi +Upstream-Status: Pending + +--- imap-2007f/src/osdep/unix/ssl_unix.c.old 2024-05-08 09:41:06.183450584 +0200 ++++ imap-2007f/src/osdep/unix/ssl_unix.c 2024-05-08 09:43:38.512931933 +0200 +@@ -220,7 +220,11 @@ + if (ssl_last_error) fs_give ((void **) &ssl_last_error); + ssl_last_host = host; + if (!(stream->context = SSL_CTX_new ((flags & NET_TLSCLIENT) ? ++#if OPENSSL_VERSION_NUMBER >= 0x10100000 ++ TLS_client_method () : ++#else + TLSv1_client_method () : ++#endif + SSLv23_client_method ()))) + return "SSL context failed"; + SSL_CTX_set_options (stream->context,0); +@@ -703,7 +707,11 @@ + } + /* create context */ + if (!(stream->context = SSL_CTX_new (start_tls ? ++#if OPENSSL_VERSION_NUMBER >= 0x10100000 ++ TLS_server_method () : ++#else + TLSv1_server_method () : ++#endif + SSLv23_server_method ()))) + syslog (LOG_ALERT,"Unable to create SSL context, host=%.80s", + tcp_clienthost ()); diff --git a/meta-oe/recipes-devtools/uw-imap/uw-imap_2007f.bb b/meta-oe/recipes-devtools/uw-imap/uw-imap_2007f.bb index dcb59f4ea0..17faa3aa6e 100644 --- a/meta-oe/recipes-devtools/uw-imap/uw-imap_2007f.bb +++ b/meta-oe/recipes-devtools/uw-imap/uw-imap_2007f.bb @@ -15,6 +15,7 @@ SRC_URI = "https://fossies.org/linux/misc/old/imap-${PV}.tar.gz \ file://0001-Do-not-build-mtest.patch \ file://0002-tmail-Include-ctype.h-for-isdigit.patch \ file://0001-Fix-Wincompatible-function-pointer-types.patch \ + file://uw-imap-newer-tls.patch \ " SRC_URI[md5sum] = "2126fd125ea26b73b20f01fcd5940369" -- cgit v1.2.3-54-g00ecf