diff --git a/dovecot-2.1.6-86f535375750.patch b/dovecot-2.1.6-86f535375750.patch new file mode 100644 index 0000000..14a5333 --- /dev/null +++ b/dovecot-2.1.6-86f535375750.patch @@ -0,0 +1,62 @@ + +# HG changeset patch +# User Timo Sirainen +# Date 1430213224 -7200 +# Node ID 86f5353757500a8c53aa708282bbdd77ac270011 +# Parent a2d342257b25e10e7c6c1aaade9e49d22d849c05 +*-login: Don't try to flush SSL output if SSL handshake fails. +This fixes a crash on failed handshakes on some OpenSSL builds. + +diff -r a2d342257b25 -r 86f535375750 src/login-common/ssl-proxy-openssl.c +--- a/src/login-common/ssl-proxy-openssl.c Sat Apr 25 12:16:07 2015 +0300 ++++ b/src/login-common/ssl-proxy-openssl.c Tue Apr 28 11:27:04 2015 +0200 +@@ -80,6 +80,7 @@ + unsigned int cert_broken:1; + unsigned int client_proxy:1; + unsigned int flushing:1; ++ unsigned int failed:1; + }; + + struct ssl_parameters { +@@ -131,6 +132,12 @@ + static int ssl_proxy_ctx_get_pkey_ec_curve_name(const struct master_service_ssl_settings *set); + #endif + ++static void ssl_proxy_destroy_failed(struct ssl_proxy *proxy) ++{ ++ proxy->failed = TRUE; ++ ssl_proxy_destroy(proxy); ++} ++ + static unsigned int ssl_server_context_hash(const struct ssl_server_context *ctx) + { + unsigned int i, g, h = 0; +@@ -462,7 +469,7 @@ + + if (errstr != NULL) { + proxy->last_error = i_strdup(errstr); +- ssl_proxy_destroy(proxy); ++ ssl_proxy_destroy_failed(proxy); + } + ssl_proxy_unref(proxy); + } +@@ -492,7 +499,7 @@ + + if (proxy->handshake_callback != NULL) { + if (proxy->handshake_callback(proxy->handshake_context) < 0) +- ssl_proxy_destroy(proxy); ++ ssl_proxy_destroy_failed(proxy); + } + } + +@@ -822,7 +829,8 @@ + if (proxy->destroyed || proxy->flushing) + return; + proxy->flushing = TRUE; +- ssl_proxy_flush(proxy); ++ if (!proxy->failed && proxy->handshaked) ++ ssl_proxy_flush(proxy); + proxy->destroyed = TRUE; + + ssl_proxy_count--; + diff --git a/dovecot.spec b/dovecot.spec index 87f5714..3977df4 100644 --- a/dovecot.spec +++ b/dovecot.spec @@ -5,7 +5,7 @@ Name: dovecot Epoch: 1 Version: 2.2.16 %global prever %{nil} -Release: 1%{?dist} +Release: 2%{?dist} #dovecot itself is MIT, a few sources are PD, pigeonhole is LGPLv2 License: MIT and LGPLv2 Group: System Environment/Daemons @@ -37,6 +37,9 @@ Patch5: dovecot-2.1-privatetmp.patch Patch6: dovecot-2.1.10-waitonline.patch Patch7: dovecot-2.2.13-online.patch +# for dovecot <= 2.2.16, rhbz#1216057 +Patch8: dovecot-2.1.6-86f535375750.patch + Source15: prestartscript Buildroot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) @@ -133,6 +136,7 @@ This package provides the development files for dovecot. %patch5 -p1 -b .privatetmp %patch6 -p1 -b .waitonline %patch7 -p1 -b .online +%patch8 -p1 -b .86f535375750 #pushd dovecot-2*2-pigeonhole-%{pigeonholever} #popd sed -i '/DEFAULT_INCLUDES *=/s|$| '"$(pkg-config --cflags libclucene-core)|" src/plugins/fts-lucene/Makefile.in @@ -492,6 +496,9 @@ make check %{_libdir}/%{name}/dict/libdriver_pgsql.so %changelog +* Tue Apr 28 2015 Michal Hlavinka - 1:2.2.16-2 +- fix CVE-2015-3420: SSL/TLS handshake failures leading to a crash of the login process + * Mon Mar 16 2015 Michal Hlavinka - 1:2.2.16-1 - dovecot updated to 2.2.16 - auth: Don't crash if master user login is attempted without