Bug#931282: unblock: s-nail/14.9.11-3

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Bug#931282: unblock: s-nail/14.9.11-3
From: Paride Legovini <pl@ninthfloor.org>
Date: Sun, 30 Jun 2019 14:55:21 +0200
Message-id: <[🔎] 156189932112.25650.6451943803410797060.reportbug@mandragola>
Reply-to: Paride Legovini <pl@ninthfloor.org>, 931282@bugs.debian.org

Package: release.debian.org
Severity: normal
User: release.debian.org@packages.debian.org
Usertags: unblock

Please unblock package s-nail. Version 14.9.11-3 contains a targeted fix for
#930691 I've got from upstream. The debdiff between -2 and -3 is attached.

Thank you,

Paride Legovini

unblock s-nail/14.9.11-3

-- System Information:
Debian Release: 10.0
  APT prefers unstable-debug
  APT policy: (500, 'unstable-debug'), (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 4.19.0-5-amd64 (SMP w/4 CPU cores)
Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=en_IE.UTF-8, LC_CTYPE=en_IE.UTF-8 (charmap=UTF-8), LANGUAGE=en_IE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

diff -Nru s-nail-14.9.11/debian/changelog s-nail-14.9.11/debian/changelog
--- s-nail-14.9.11/debian/changelog	2018-12-07 19:16:26.000000000 +0100
+++ s-nail-14.9.11/debian/changelog	2019-06-30 13:53:46.000000000 +0200
@@ -1,3 +1,10 @@
+s-nail (14.9.11-3) unstable; urgency=medium
+
+  * New patch: 0002-fix-gssapi-authentication-930691.patch.
+    Thanks to Ivan Vučica and Steffen Nurpmeso (Closes: #930691)
+
+ -- Paride Legovini <pl@ninthfloor.org>  Sun, 30 Jun 2019 11:53:46 +0000
+
 s-nail (14.9.11-2) unstable; urgency=medium
 
   * Bump Standards-Version to 4.2.1 (no changes needed)
diff -Nru s-nail-14.9.11/debian/gbp.conf s-nail-14.9.11/debian/gbp.conf
--- s-nail-14.9.11/debian/gbp.conf	2018-12-07 19:07:04.000000000 +0100
+++ s-nail-14.9.11/debian/gbp.conf	2019-06-30 12:40:18.000000000 +0200
@@ -1,3 +1,5 @@
-[buildpackage]
+[DEFAULT]
+debian-branch = debian/buster
+upstream-branch =
 pristine-tar = True
 pristine-tar-commit = True
diff -Nru s-nail-14.9.11/debian/patches/0002-fix-gssapi-authentication-930691.patch s-nail-14.9.11/debian/patches/0002-fix-gssapi-authentication-930691.patch
--- s-nail-14.9.11/debian/patches/0002-fix-gssapi-authentication-930691.patch	1970-01-01 01:00:00.000000000 +0100
+++ s-nail-14.9.11/debian/patches/0002-fix-gssapi-authentication-930691.patch	2019-06-30 12:25:29.000000000 +0200
@@ -0,0 +1,52 @@
+diff --git a/obs-imap-gssapi.h b/obs-imap-gssapi.h
+index 5d314917..70eeca7f 100644
+--- a/obs-imap-gssapi.h
++++ b/obs-imap-gssapi.h
+@@ -162,10 +162,7 @@ _imap_gssapi(struct mailbox *mp, struct ccred *ccred)
+    ok = STOP;
+    f = a_F_NONE;
+ 
+-   {  size_t i = strlen(mp->mb_imap_account) +1;
+-      server = n_autorec_alloc(i);
+-      memcpy(server, mp->mb_imap_account, i);
+-   }
++   server = savestr(mp->mb_imap_account);
+    if (!strncmp(server, "imap://", 7))
+       server += 7;
+    else if (!strncmp(server, "imaps://", 8))
+@@ -174,9 +171,11 @@ _imap_gssapi(struct mailbox *mp, struct ccred *ccred)
+       server = &cp[1];
+    for (cp = server; *cp; cp++)
+       *cp = lowerconv(*cp);
++
+    send_tok.value = n_autorec_alloc(
+-         (send_tok.length = strlen(server) -1 + 5) +1);
+-   snprintf(send_tok.value, send_tok.length, "imap@%s", server);
++         (send_tok.length = strlen(server) + 5) +1);
++   memcpy(send_tok.value, "imap@", 5);
++   memcpy(&((char*)send_tok.value)[5], server, send_tok.length - 4);
+    maj_stat = gss_import_name(&min_stat, &send_tok, GSS_C_NT_HOSTBASED_SERVICE,
+          &target_name);
+    f |= a_F_TARGET_NAME;
+@@ -300,14 +299,13 @@ jebase64:
+    /* First octet: bit-mask with protection mechanisms (1 = no protection
+     *    mechanism).
+     * Second to fourth octet: maximum message size in network byte order.
+-    * Fifth and following octets: user name string.
+-    */
+-   o[0] = 1;
+-   o[1] = 0;
+-   o[2] = o[3] = (char)0377;
+-   snprintf(&o[4], sizeof o - 4, "%s", ccred->cc_user.s);
+-   send_tok.value = o;
+-   send_tok.length = strlen(&o[4]) -1 + 4;
++    * Fifth and following octets: user name string */
++   in.s = n_autorec_alloc((send_tok.length = 4 + ccred->cc_user.l) +1);
++   memcpy(&in.s[4], ccred->cc_user.s, ccred->cc_user.l +1);
++   in.s[0] = 1;
++   in.s[1] = 0;
++   in.s[2] = in.s[3] = (char)0xFF;
++   send_tok.value = in.s;
+    maj_stat = gss_wrap(&min_stat, gss_context, 0, GSS_C_QOP_DEFAULT, &send_tok,
+          &conf_state, &recv_tok);
+    f |= a_F_RECV_TOK;
diff -Nru s-nail-14.9.11/debian/patches/series s-nail-14.9.11/debian/patches/series
--- s-nail-14.9.11/debian/patches/series	2018-09-09 16:43:16.000000000 +0200
+++ s-nail-14.9.11/debian/patches/series	2019-06-30 12:27:09.000000000 +0200
@@ -1 +1,2 @@
 0001-Fix-spelling-errors.patch
+0002-fix-gssapi-authentication-930691.patch

Reply to:

Follow-Ups:
- Bug#931282: unblock: s-nail/14.9.11-3
  - From: Paul Gevers <elbrus@debian.org>

Prev by Date: Bug#931271: More info
Next by Date: Bug#931282: unblock: s-nail/14.9.11-3
Previous by thread: Bug#931271: More info
Next by thread: Bug#931282: unblock: s-nail/14.9.11-3
Index(es):
- Date
- Thread