cherrypick mutt patch to fix a crash when polling a closed ssl connection,

issue diagnosed and original patch proposed by stsp@
2020-01-08 00:11:22 +00:00 · 2020-01-08 00:11:22 +00:00 · 15f429486f
commit 15f429486f
parent 2854a9a337
3 changed files with 67 additions and 1 deletions
--- a/mail/mutt/Makefile
+++ b/mail/mutt/Makefile
@ -1,9 +1,11 @@
-# $OpenBSD: Makefile,v 1.126 2019/12/19 13:49:44 sthen Exp $
+# $OpenBSD: Makefile,v 1.127 2020/01/08 00:11:22 sthen Exp $

 COMMENT=	tty-based e-mail client

 DISTNAME=	mutt-1.13.2
+#PGPSIGFILES=	mutt-1.13.2${EXTRACT_SUFX}.asc
 EPOCH=		3
+REVISION=	0

 CATEGORIES=	mail
 HOMEPAGE=	http://www.mutt.org/
--- a/mail/mutt/patches/patch-mutt_ssl_c
+++ b/mail/mutt/patches/patch-mutt_ssl_c
@ -0,0 +1,32 @@
+$OpenBSD: patch-mutt_ssl_c,v 1.3 2020/01/08 00:11:22 sthen Exp $
+
+From edf5699c189bf8da642297fe327e19a6c7674091 Mon Sep 17 00:00:00 2001
+From: Kevin McCarthy <kevin@8t8.us>
+Date: Sat, 28 Dec 2019 15:43:07 -0800
+Subject: [PATCH] Fix crash when polling a closed ssl connection.
+
+Commit 8353407c enabled checking for buffered OpenSSL/GnuTLS data when
+polling, but neglected to check if the connection was already closed.
+
+This can be triggered during imap_logout() if the connection write of
+"LOGOUT" fails and closes the connection, before the poll.  It's a bit
+tricky to trigger because imap_logout_all() checks for a closed
+connection, so the failure needs to take place at that last write.
+
+Thanks to Stefan Sperling for pointing out the problem, complete with
+a backtrace and patch.  (This commit takes a different approach for a
+stable-branch fix.)
+
+Index: mutt_ssl.c
+--- mutt_ssl.c.orig
+++ mutt_ssl.c
+@@ -465,6 +465,9 @@ static int ssl_socket_poll (CONNECTION* conn, time_t w
+ {
+   sslsockdata *data = conn->sockdata;
+ 
+  if (!data)
+    return -1;
+
+   if (SSL_has_pending (data->ssl))
+     return 1;
+   else
--- a/mail/mutt/patches/patch-mutt_ssl_gnutls_c
+++ b/mail/mutt/patches/patch-mutt_ssl_gnutls_c
@ -0,0 +1,32 @@
+$OpenBSD: patch-mutt_ssl_gnutls_c,v 1.1 2020/01/08 00:11:22 sthen Exp $
+
+From edf5699c189bf8da642297fe327e19a6c7674091 Mon Sep 17 00:00:00 2001
+From: Kevin McCarthy <kevin@8t8.us>
+Date: Sat, 28 Dec 2019 15:43:07 -0800
+Subject: [PATCH] Fix crash when polling a closed ssl connection.
+
+Commit 8353407c enabled checking for buffered OpenSSL/GnuTLS data when
+polling, but neglected to check if the connection was already closed.
+
+This can be triggered during imap_logout() if the connection write of
+"LOGOUT" fails and closes the connection, before the poll.  It's a bit
+tricky to trigger because imap_logout_all() checks for a closed
+connection, so the failure needs to take place at that last write.
+
+Thanks to Stefan Sperling for pointing out the problem, complete with
+a backtrace and patch.  (This commit takes a different approach for a
+stable-branch fix.)
+
+Index: mutt_ssl_gnutls.c
+--- mutt_ssl_gnutls.c.orig
+++ mutt_ssl_gnutls.c
+@@ -193,6 +193,9 @@ static int tls_socket_poll (CONNECTION* conn, time_t w
+ {
+   tlssockdata *data = conn->sockdata;
+ 
+  if (!data)
+    return -1;
+
+   if (gnutls_record_check_pending (data->state))
+     return 1;
+   else