diff -Nru isync-1.3.0/debian/changelog isync-1.3.0/debian/changelog --- isync-1.3.0/debian/changelog 2018-02-05 23:21:59.000000000 +0000 +++ isync-1.3.0/debian/changelog 2018-09-02 17:31:35.000000000 +0000 @@ -1,8 +1,13 @@ -isync (1.3.0-1build1) bionic; urgency=high +isync (1.3.0-2) unstable; urgency=medium - * No change rebuild against openssl1.1. + * Update vcs-* to point to salsa.d.o + * Bump Standards-Version to 4.2.1 (no changes needed) + * Remove myself from Uploaders + * Use SNI when connecting with SSL. + Thanks to Vincent Bernat for the patch (Closes: #906955) + * Fix insecure-copyright-format-uri - -- Dimitri John Ledkov Mon, 05 Feb 2018 23:21:59 +0000 + -- Alessandro Ghedini Sun, 02 Sep 2018 18:31:35 +0100 isync (1.3.0-1) unstable; urgency=medium diff -Nru isync-1.3.0/debian/control isync-1.3.0/debian/control --- isync-1.3.0/debian/control 2018-02-05 23:21:59.000000000 +0000 +++ isync-1.3.0/debian/control 2018-09-02 17:31:35.000000000 +0000 @@ -1,19 +1,17 @@ Source: isync Section: mail Priority: optional -Maintainer: Ubuntu Developers -XSBC-Original-Maintainer: Nicolas Boullis -Uploaders: Theodore Y. Ts'o , - Alessandro Ghedini -Standards-Version: 4.1.3 +Maintainer: Nicolas Boullis +Uploaders: Theodore Y. Ts'o +Standards-Version: 4.2.1 Build-Depends: debhelper (>= 11), libdb-dev, libsasl2-dev, libssl-dev, pkg-config, zlib1g-dev -Vcs-Git: https://anonscm.debian.org/git/collab-maint/isync.git -Vcs-Browser: https://anonscm.debian.org/gitweb/?p=collab-maint/isync.git +Vcs-Git: https://salsa.debian.org/debian/isync.git +Vcs-Browser: https://salsa.debian.org/debian/isync Homepage: http://isync.sourceforge.net/ Package: isync diff -Nru isync-1.3.0/debian/copyright isync-1.3.0/debian/copyright --- isync-1.3.0/debian/copyright 2018-01-06 14:29:45.000000000 +0000 +++ isync-1.3.0/debian/copyright 2018-09-02 17:31:35.000000000 +0000 @@ -1,4 +1,4 @@ -Format: http://www.debian.org/doc/packaging-manuals/copyright-format/1.0/ +Format: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/ Upstream-Name: isync Source: http://isync.sourceforge.net diff -Nru isync-1.3.0/debian/patches/01_sni.patch isync-1.3.0/debian/patches/01_sni.patch --- isync-1.3.0/debian/patches/01_sni.patch 1970-01-01 00:00:00.000000000 +0000 +++ isync-1.3.0/debian/patches/01_sni.patch 2018-09-02 17:31:35.000000000 +0000 @@ -0,0 +1,38 @@ +From 1086cdb8fd77a224d56033bde0825a286ba30ee2 Mon Sep 17 00:00:00 2001 +From: Vincent Bernat +Date: Wed, 22 Aug 2018 19:20:35 +0200 +Subject: [PATCH] use SNI when connecting with SSL + +imap.gmail.com doesn't accept connections without SNI anymore. Without +this extension, it returns a self-signed certificate and mbsync is +unable to complete: + + $ openssl s_client -connect imap.gmail.com:993 -noservername + CONNECTED(00000005) + depth=0 OU = "No SNI provided; please fix your client.", CN = invalid2.invalid + verify error:num=18:self signed certificate + verify return:1 + depth=0 OU = "No SNI provided; please fix your client.", CN = invalid2.invalid + verify return:1 + --- + Certificate chain + 0 s:OU = "No SNI provided; please fix your client.", CN = invalid2.invalid + i:OU = "No SNI provided; please fix your client.", CN = invalid2.invalid + +This commit configure the SSL connection to transmit the hostname +through SNI. This has been tested with both GMail (which requires SNI) +and Fastmail (which doesn't require SNI). +--- + src/socket.c | 1 + + 1 file changed, 1 insertion(+) + +--- a/src/socket.c ++++ b/src/socket.c +@@ -270,6 +270,7 @@ + + init_wakeup( &conn->ssl_fake, ssl_fake_cb, conn ); + conn->ssl = SSL_new( ((server_conf_t *)conn->conf)->SSLContext ); ++ SSL_set_tlsext_host_name( conn->ssl, conn->conf->host ); + SSL_set_fd( conn->ssl, conn->fd ); + SSL_set_mode( conn->ssl, SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER ); + socket_expect_read( conn, 1 ); diff -Nru isync-1.3.0/debian/patches/series isync-1.3.0/debian/patches/series --- isync-1.3.0/debian/patches/series 1970-01-01 00:00:00.000000000 +0000 +++ isync-1.3.0/debian/patches/series 2018-09-02 17:31:35.000000000 +0000 @@ -0,0 +1 @@ +01_sni.patch