git: b6aa231a7a47 - 2023Q4 - mail/isync: Resolve "unexpected EOF" SSL error

From: Emanuel Haupt <ehaupt_at_FreeBSD.org>
Date: Fri, 20 Oct 2023 16:23:05 UTC
The branch 2023Q4 has been updated by ehaupt:

URL: https://cgit.FreeBSD.org/ports/commit/?id=b6aa231a7a473ac3cf35a59a3beaf90023e041b2

commit b6aa231a7a473ac3cf35a59a3beaf90023e041b2
Author:     Fran├žois Charlier <fcharlier@ploup.net>
AuthorDate: 2023-10-20 16:15:41 +0000
Commit:     Emanuel Haupt <ehaupt@FreeBSD.org>
CommitDate: 2023-10-20 16:22:59 +0000

    mail/isync: Resolve "unexpected EOF" SSL error
    
    Fixes an issue where some IMAP servers, such as Gmail, do not send a
    close notification (SSL_shutdown()) before closing the TCP socket,
    leading to "unexpected EOF" errors with OpenSSL 3.0.
    
    Now mbsync gracefully handles this scenario, preventing the following
    error:
    
    Socket error: secure read from imap.gmail.com ([IPv6 Address
    Redacted]:993): error:0A000126:SSL routines::unexpected eof while
    reading
    
    PR:             274604
    (cherry picked from commit a4ef2ba2e61e3a4190f04c889ded4f6688163354)
---
 mail/isync/Makefile                    |  1 +
 mail/isync/files/patch-src_drv__imap.c | 25 +++++++++++++++++++++++++
 mail/isync/files/patch-src_socket.c    | 18 ++++++++++++++++++
 mail/isync/files/patch-src_socket.h    | 10 ++++++++++
 4 files changed, 54 insertions(+)

diff --git a/mail/isync/Makefile b/mail/isync/Makefile
index 2bc408fa5f33..9de86aec08f2 100644
--- a/mail/isync/Makefile
+++ b/mail/isync/Makefile
@@ -1,5 +1,6 @@
 PORTNAME=	isync
 PORTVERSION=	1.4.4
+PORTREVISION=	1
 CATEGORIES=	mail
 MASTER_SITES=	SF
 
diff --git a/mail/isync/files/patch-src_drv__imap.c b/mail/isync/files/patch-src_drv__imap.c
new file mode 100644
index 000000000000..bd3e044136a8
--- /dev/null
+++ b/mail/isync/files/patch-src_drv__imap.c
@@ -0,0 +1,25 @@
+--- src/drv_imap.c.orig	2021-12-03 10:56:16 UTC
++++ src/drv_imap.c
+@@ -1620,6 +1620,7 @@ imap_socket_read( void *aux )
+ 					error( "IMAP error: unexpected BYE response: %s\n", cmd );
+ 					/* We just wait for the server to close the connection now. */
+ 					ctx->expectEOF = 1;
++					socket_expect_eof( &ctx->conn );
+ 				} else {
+ 					/* We still need to wait for the LOGOUT's tagged OK. */
+ 				}
+@@ -1882,10 +1883,12 @@ imap_cleanup_p2( imap_store_t *ctx,
+ imap_cleanup_p2( imap_store_t *ctx,
+                  imap_cmd_t *cmd ATTR_UNUSED, int response )
+ {
+-	if (response == RESP_NO)
++	if (response == RESP_NO) {
+ 		imap_cancel_store( &ctx->gen );
+-	else if (response == RESP_OK)
++	} else if (response == RESP_OK) {
+ 		ctx->expectEOF = 1;
++		socket_expect_eof( &ctx->conn );
++	}
+ }
+ 
+ /******************* imap_open_store *******************/
diff --git a/mail/isync/files/patch-src_socket.c b/mail/isync/files/patch-src_socket.c
new file mode 100644
index 000000000000..61b4a1872c87
--- /dev/null
+++ b/mail/isync/files/patch-src_socket.c
@@ -0,0 +1,18 @@
+--- src/socket.c.orig	2021-12-03 10:56:16 UTC
++++ src/socket.c
+@@ -810,6 +810,15 @@ socket_expect_activity( conn_t *conn, int expect )
+ 		conf_wakeup( &conn->fd_timeout, expect ? conn->conf->timeout : -1 );
+ }
+ 
++void
++socket_expect_eof( conn_t *sock )
++{
++#ifdef SSL_OP_IGNORE_UNEXPECTED_EOF  // implies HAVE_LIBSSL
++	if (sock->ssl)
++		SSL_set_options( sock->ssl, SSL_OP_IGNORE_UNEXPECTED_EOF );
++#endif
++}
++
+ int
+ socket_read( conn_t *conn, char *buf, uint len )
+ {
diff --git a/mail/isync/files/patch-src_socket.h b/mail/isync/files/patch-src_socket.h
new file mode 100644
index 000000000000..986b52657e8e
--- /dev/null
+++ b/mail/isync/files/patch-src_socket.h
@@ -0,0 +1,10 @@
+--- src/socket.h.orig	2021-12-03 10:56:16 UTC
++++ src/socket.h
+@@ -142,6 +142,7 @@ void socket_expect_activity( conn_t *sock, int expect 
+ void socket_start_deflate( conn_t *conn );
+ void socket_close( conn_t *sock );
+ void socket_expect_activity( conn_t *sock, int expect );
++void socket_expect_eof( conn_t *sock );
+ int socket_read( conn_t *sock, char *buf, uint len ); /* never waits */
+ char *socket_read_line( conn_t *sock ); /* don't free return value; never waits */
+ typedef enum { KeepOwn = 0, GiveOwn } ownership_t;