diff --git a/.evolution-ews.metadata b/.evolution-ews.metadata new file mode 100644 index 0000000..a1d024b --- /dev/null +++ b/.evolution-ews.metadata @@ -0,0 +1 @@ +22caa0a3798f51757f88fd19c9ca74284f62b0d3 SOURCES/evolution-ews-3.28.5.tar.xz diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..87291d0 --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +SOURCES/evolution-ews-3.28.5.tar.xz diff --git a/SOURCES/evolution-ews-3.28.2-cmake-version.patch b/SOURCES/evolution-ews-3.28.2-cmake-version.patch new file mode 100644 index 0000000..e4582a5 --- /dev/null +++ b/SOURCES/evolution-ews-3.28.2-cmake-version.patch @@ -0,0 +1,36 @@ +diff -up evolution-ews-3.28.2/CMakeLists.txt.cmake-version evolution-ews-3.28.2/CMakeLists.txt +--- evolution-ews-3.28.2/CMakeLists.txt.cmake-version 2018-06-01 04:36:37.121816899 -0400 ++++ evolution-ews-3.28.2/CMakeLists.txt 2018-06-01 04:37:58.094454208 -0400 +@@ -1,11 +1,15 @@ + # Evolution-EWS build script + +-cmake_minimum_required(VERSION 3.1) +-cmake_policy(VERSION 3.1) ++cmake_minimum_required(VERSION 2.8) ++cmake_policy(VERSION 2.8) ++ ++project(evolution-ews C) ++set(PROJECT_VERSION_MAJOR 3) ++set(PROJECT_VERSION_MINOR 28) ++set(PROJECT_VERSION_PATCH 5) ++set(PROJECT_VERSION_TWEAK 0) ++set(PROJECT_VERSION ${PROJECT_VERSION_MAJOR}.${PROJECT_VERSION_MINOR}.${PROJECT_VERSION_PATCH}) + +-project(evolution-ews +- VERSION 3.28.5 +- LANGUAGES C) + set(PROJECT_BUGREPORT "https://gitlab.gnome.org/GNOME/evolution-ews/issues/") + + # Required for FindIntltool module +diff -up evolution-ews-3.28.2/cmake/modules/FindIntltool.cmake.cmake-version evolution-ews-3.28.2/cmake/modules/FindIntltool.cmake +--- evolution-ews-3.28.2/cmake/modules/FindIntltool.cmake.cmake-version 2018-05-07 04:34:12.000000000 -0400 ++++ evolution-ews-3.28.2/cmake/modules/FindIntltool.cmake 2018-06-01 04:36:37.122816894 -0400 +@@ -92,7 +92,7 @@ macro(intltool_add_pot_file_target) + endif(NOT CMAKE_CURRENT_SOURCE_DIR STREQUAL GETTEXT_PO_DIR) + + add_custom_command(OUTPUT ${CMAKE_CURRENT_BINARY_DIR}/${GETTEXT_PACKAGE}.pot +- COMMAND ${CMAKE_COMMAND} -E env INTLTOOL_EXTRACT="${INTLTOOL_EXTRACT}" XGETTEXT="${XGETTEXT}" srcdir=${CMAKE_CURRENT_SOURCE_DIR} ${INTLTOOL_UPDATE} --gettext-package ${GETTEXT_PACKAGE} --pot ++ COMMAND env INTLTOOL_EXTRACT="${INTLTOOL_EXTRACT}" XGETTEXT="${XGETTEXT}" srcdir=${CMAKE_CURRENT_SOURCE_DIR} ${INTLTOOL_UPDATE} --gettext-package ${GETTEXT_PACKAGE} --pot + ) + + add_custom_target(pot-file diff --git a/SOURCES/evolution-ews-3.28.5-contact-country-forgotten.patch b/SOURCES/evolution-ews-3.28.5-contact-country-forgotten.patch new file mode 100644 index 0000000..16b365a --- /dev/null +++ b/SOURCES/evolution-ews-3.28.5-contact-country-forgotten.patch @@ -0,0 +1,32 @@ +diff -up evolution-ews-3.28.5/src/addressbook/e-book-backend-ews.c.contact-country-forgotten evolution-ews-3.28.5/src/addressbook/e-book-backend-ews.c +--- evolution-ews-3.28.5/src/addressbook/e-book-backend-ews.c.contact-country-forgotten 2018-07-30 16:01:00.000000000 +0200 ++++ evolution-ews-3.28.5/src/addressbook/e-book-backend-ews.c 2018-09-27 18:31:47.485039155 +0200 +@@ -700,6 +700,7 @@ add_physical_address (ESoapMessage *msg, + e_ews_message_write_string_parameter (msg, "Street", NULL, contact_addr->street); + e_ews_message_write_string_parameter (msg, "City", NULL, contact_addr->locality); + e_ews_message_write_string_parameter (msg, "State", NULL, contact_addr->region); ++ e_ews_message_write_string_parameter (msg, "CountryOrRegion", NULL, contact_addr->country); + e_ews_message_write_string_parameter (msg, "PostalCode", NULL, contact_addr->code); + + e_soap_message_end_element (msg); +@@ -1191,6 +1192,8 @@ compare_address (ESoapMessage *message, + convert_indexed_contact_property_to_updatexml_physical_address (message, "PhysicalAddress", "City", new_address->locality, "contacts", "PhysicalAddresses", key); + if (set || g_strcmp0 (new_address->region, old_address->region) != 0) + convert_indexed_contact_property_to_updatexml_physical_address (message, "PhysicalAddress", "State", new_address->region, "contacts", "PhysicalAddresses", key); ++ if (set || g_strcmp0 (new_address->country, old_address->country) != 0) ++ convert_indexed_contact_property_to_updatexml_physical_address (message, "PhysicalAddress", "CountryOrRegion", new_address->country, "contacts", "PhysicalAddresses", key); + if (set || g_strcmp0 (new_address->code, old_address->code) != 0) + convert_indexed_contact_property_to_updatexml_physical_address (message, "PhysicalAddress", "PostalCode", new_address->code, "contacts", "PhysicalAddresses", key); + +diff -up evolution-ews-3.28.5/src/server/e-ews-item.c.contact-country-forgotten evolution-ews-3.28.5/src/server/e-ews-item.c +--- evolution-ews-3.28.5/src/server/e-ews-item.c.contact-country-forgotten 2018-07-30 16:01:00.000000000 +0200 ++++ evolution-ews-3.28.5/src/server/e-ews-item.c 2018-09-27 18:31:47.485039155 +0200 +@@ -686,7 +686,7 @@ ews_get_physical_address (ESoapParameter + if (subparam) + address->state = e_soap_parameter_get_string_value (subparam); + +- subparam = e_soap_parameter_get_first_child_by_name (param, "Country"); ++ subparam = e_soap_parameter_get_first_child_by_name (param, "CountryOrRegion"); + if (subparam) + address->country = e_soap_parameter_get_string_value (subparam); + diff --git a/SOURCES/evolution-ews-3.28.5-cve-2019-3890.patch b/SOURCES/evolution-ews-3.28.5-cve-2019-3890.patch new file mode 100644 index 0000000..65b055d --- /dev/null +++ b/SOURCES/evolution-ews-3.28.5-cve-2019-3890.patch @@ -0,0 +1,782 @@ +diff -up evolution-ews-3.28.5/src/addressbook/e-book-backend-ews.c.cve-2019-3890 evolution-ews-3.28.5/src/addressbook/e-book-backend-ews.c +--- evolution-ews-3.28.5/src/addressbook/e-book-backend-ews.c.cve-2019-3890 2019-04-15 09:43:49.672771516 +0200 ++++ evolution-ews-3.28.5/src/addressbook/e-book-backend-ews.c 2019-04-15 09:43:49.683771516 +0200 +@@ -2901,7 +2901,8 @@ ebb_ews_connect_sync (EBookMetaBackend * + bbews->priv->cnc, "proxy-resolver", + G_BINDING_SYNC_CREATE); + +- *out_auth_result = e_ews_connection_try_credentials_sync (bbews->priv->cnc, credentials, cancellable, error); ++ *out_auth_result = e_ews_connection_try_credentials_sync (bbews->priv->cnc, credentials, NULL, ++ out_certificate_pem, out_certificate_errors, cancellable, error); + + if (*out_auth_result == E_SOURCE_AUTHENTICATION_ACCEPTED) { + ESource *source = e_backend_get_source (E_BACKEND (bbews)); +diff -up evolution-ews-3.28.5/src/calendar/e-cal-backend-ews.c.cve-2019-3890 evolution-ews-3.28.5/src/calendar/e-cal-backend-ews.c +--- evolution-ews-3.28.5/src/calendar/e-cal-backend-ews.c.cve-2019-3890 2019-04-15 09:43:49.676771516 +0200 ++++ evolution-ews-3.28.5/src/calendar/e-cal-backend-ews.c 2019-04-15 09:43:49.684771516 +0200 +@@ -1394,7 +1394,8 @@ ecb_ews_connect_sync (ECalMetaBackend *m + cbews->priv->cnc, "proxy-resolver", + G_BINDING_SYNC_CREATE); + +- *out_auth_result = e_ews_connection_try_credentials_sync (cbews->priv->cnc, credentials, cancellable, error); ++ *out_auth_result = e_ews_connection_try_credentials_sync (cbews->priv->cnc, credentials, NULL, ++ out_certificate_pem, out_certificate_errors, cancellable, error); + + if (*out_auth_result == E_SOURCE_AUTHENTICATION_ACCEPTED) { + ESource *source = e_backend_get_source (E_BACKEND (cbews)); +diff -up evolution-ews-3.28.5/src/camel/camel-ews-store.c.cve-2019-3890 evolution-ews-3.28.5/src/camel/camel-ews-store.c +--- evolution-ews-3.28.5/src/camel/camel-ews-store.c.cve-2019-3890 2018-07-30 16:01:00.000000000 +0200 ++++ evolution-ews-3.28.5/src/camel/camel-ews-store.c 2019-04-15 09:43:49.684771516 +0200 +@@ -1831,6 +1831,8 @@ ews_authenticate_sync (CamelService *ser + const gchar *password; + gchar *hosturl; + gchar *old_sync_state = NULL, *new_sync_state = NULL; ++ gchar *certificate_pem = NULL; ++ GTlsCertificateFlags certificate_errors = 0; + GError *local_error = NULL; + + ews_store = CAMEL_EWS_STORE (service); +@@ -1959,6 +1961,18 @@ ews_authenticate_sync (CamelService *ser + + g_slist_free_full (created_folder_ids, g_free); + ++ if (g_error_matches (local_error, SOUP_HTTP_ERROR, SOUP_STATUS_SSL_FAILED) && ++ e_ews_connection_get_ssl_error_details (connection, &certificate_pem, &certificate_errors)) { ++ source = e_ews_connection_get_source (connection); ++ ++ if (source) { ++ e_source_emit_credentials_required (source, E_SOURCE_CREDENTIALS_REASON_SSL_FAILED, ++ certificate_pem, certificate_errors, local_error); ++ } ++ ++ g_free (certificate_pem); ++ } ++ + if (local_error == NULL) { + result = CAMEL_AUTHENTICATION_ACCEPTED; + } else if (g_error_matches (local_error, EWS_CONNECTION_ERROR, EWS_CONNECTION_ERROR_AUTHENTICATION_FAILED)) { +diff -up evolution-ews-3.28.5/src/collection/e-ews-backend.c.cve-2019-3890 evolution-ews-3.28.5/src/collection/e-ews-backend.c +--- evolution-ews-3.28.5/src/collection/e-ews-backend.c.cve-2019-3890 2019-04-15 09:43:49.679771516 +0200 ++++ evolution-ews-3.28.5/src/collection/e-ews-backend.c 2019-04-15 09:43:49.685771516 +0200 +@@ -727,6 +727,15 @@ ews_backend_constructed (GObject *object + /* Reset the connectable, it steals data from Authentication extension, + where is written incorrect address */ + e_backend_set_connectable (backend, NULL); ++ ++ /* Eventually unset temporary SSL trust, but only once, when the process started. ++ It might bee too often anywhere lease (like in the authenticate callback) */ ++ if (e_source_has_extension (source, E_SOURCE_EXTENSION_WEBDAV_BACKEND)) { ++ ESourceWebdav *webdav_extension; ++ ++ webdav_extension = e_source_get_extension (source, E_SOURCE_EXTENSION_WEBDAV_BACKEND); ++ e_source_webdav_unset_temporary_ssl_trust (webdav_extension); ++ } + } + + static void +@@ -930,7 +939,7 @@ ews_backend_create_resource_sync (EColle + } + + if (!success) { +- connection = e_ews_backend_ref_connection_sync (E_EWS_BACKEND (backend), NULL, cancellable, error); ++ connection = e_ews_backend_ref_connection_sync (E_EWS_BACKEND (backend), NULL, NULL, NULL, cancellable, error); + if (connection == NULL) + return FALSE; + +@@ -1037,7 +1046,7 @@ ews_backend_delete_resource_sync (EColle + const gchar *extension_name; + gboolean success = FALSE; + +- connection = e_ews_backend_ref_connection_sync (E_EWS_BACKEND (backend), NULL, cancellable, error); ++ connection = e_ews_backend_ref_connection_sync (E_EWS_BACKEND (backend), NULL, NULL, NULL, cancellable, error); + if (connection == NULL) + return FALSE; + +@@ -1142,7 +1151,7 @@ ews_backend_authenticate_sync (EBackend + ews_backend->priv->credentials = e_named_parameters_new_clone (credentials); + g_mutex_unlock (&ews_backend->priv->connection_lock); + +- connection = e_ews_backend_ref_connection_sync (ews_backend, &result, cancellable, error); ++ connection = e_ews_backend_ref_connection_sync (ews_backend, &result, out_certificate_pem, out_certificate_errors, cancellable, error); + g_clear_object (&connection); + + if (result == E_SOURCE_AUTHENTICATION_ACCEPTED) { +@@ -1223,7 +1232,7 @@ ews_backend_ref_connection_thread (GSimp + EEwsConnection *connection; + GError *error = NULL; + +- connection = e_ews_backend_ref_connection_sync (E_EWS_BACKEND (object), NULL, cancellable, &error); ++ connection = e_ews_backend_ref_connection_sync (E_EWS_BACKEND (object), NULL, NULL, NULL, cancellable, &error); + + /* Sanity check. */ + g_return_if_fail ( +@@ -1241,6 +1250,8 @@ ews_backend_ref_connection_thread (GSimp + EEwsConnection * + e_ews_backend_ref_connection_sync (EEwsBackend *backend, + ESourceAuthenticationResult *result, ++ gchar **out_certificate_pem, ++ GTlsCertificateFlags *out_certificate_errors, + GCancellable *cancellable, + GError **error) + { +@@ -1272,7 +1283,8 @@ e_ews_backend_ref_connection_sync (EEwsB + connection, "proxy-resolver", + G_BINDING_SYNC_CREATE); + +- local_result = e_ews_connection_try_credentials_sync (connection, backend->priv->credentials, cancellable, error); ++ local_result = e_ews_connection_try_credentials_sync (connection, backend->priv->credentials, NULL, ++ out_certificate_pem, out_certificate_errors, cancellable, error); + if (result) + *result = local_result; + +@@ -1413,7 +1425,7 @@ e_ews_backend_sync_folders_sync (EEwsBac + return TRUE; + } + +- connection = e_ews_backend_ref_connection_sync (backend, NULL, cancellable, error); ++ connection = e_ews_backend_ref_connection_sync (backend, NULL, NULL, NULL, cancellable, error); + + if (connection == NULL) { + backend->priv->need_update_folders = TRUE; +diff -up evolution-ews-3.28.5/src/collection/e-ews-backend.h.cve-2019-3890 evolution-ews-3.28.5/src/collection/e-ews-backend.h +--- evolution-ews-3.28.5/src/collection/e-ews-backend.h.cve-2019-3890 2018-07-30 16:01:00.000000000 +0200 ++++ evolution-ews-3.28.5/src/collection/e-ews-backend.h 2019-04-15 09:43:49.685771516 +0200 +@@ -63,6 +63,8 @@ EEwsConnection * + e_ews_backend_ref_connection_sync + (EEwsBackend *backend, + ESourceAuthenticationResult *result, ++ gchar **out_certificate_pem, ++ GTlsCertificateFlags *out_certificate_errors, + GCancellable *cancellable, + GError **error); + void e_ews_backend_ref_connection (EEwsBackend *backend, +diff -up evolution-ews-3.28.5/src/configuration/e-ews-config-lookup.c.cve-2019-3890 evolution-ews-3.28.5/src/configuration/e-ews-config-lookup.c +--- evolution-ews-3.28.5/src/configuration/e-ews-config-lookup.c.cve-2019-3890 2018-07-30 16:01:00.000000000 +0200 ++++ evolution-ews-3.28.5/src/configuration/e-ews-config-lookup.c 2019-04-15 09:43:49.685771516 +0200 +@@ -344,9 +344,54 @@ ews_config_lookup_worker_run (EConfigLoo + + if (password) { + const gchar *servers; ++ gchar *certificate_host = NULL; ++ gchar *certificate_pem = NULL; ++ GTlsCertificateFlags certificate_errors = 0; ++ GError *local_error = NULL; ++ ++ if (e_named_parameters_exists (params, E_CONFIG_LOOKUP_PARAM_CERTIFICATE_PEM) && ++ e_named_parameters_exists (params, E_CONFIG_LOOKUP_PARAM_CERTIFICATE_TRUST) && ++ e_named_parameters_exists (params, E_CONFIG_LOOKUP_PARAM_CERTIFICATE_HOST)) { ++ GTlsCertificate *certificate; ++ const gchar *param_certificate_pem; ++ ++ param_certificate_pem = e_named_parameters_get (params, E_CONFIG_LOOKUP_PARAM_CERTIFICATE_PEM); ++ certificate = g_tls_certificate_new_from_pem (param_certificate_pem, -1, NULL); ++ ++ if (certificate) { ++ ETrustPromptResponse trust_response; ++ ++ trust_response = e_config_lookup_decode_certificate_trust ( ++ e_named_parameters_get (params, E_CONFIG_LOOKUP_PARAM_CERTIFICATE_TRUST)); ++ ++ if (trust_response != E_TRUST_PROMPT_RESPONSE_UNKNOWN) { ++ ESourceWebdav *webdav_extension; ++ ++ webdav_extension = e_source_get_extension (source, E_SOURCE_EXTENSION_WEBDAV_BACKEND); ++ e_source_webdav_update_ssl_trust (webdav_extension, ++ e_named_parameters_get (params, E_CONFIG_LOOKUP_PARAM_CERTIFICATE_HOST), ++ certificate, trust_response); ++ } ++ ++ g_object_unref (certificate); ++ } ++ } + +- if (e_ews_autodiscover_ws_url_sync (source, ews_settings, email_address, password, cancellable, NULL)) { ++ if (e_ews_autodiscover_ws_url_sync (source, ews_settings, email_address, password, &certificate_pem, &certificate_errors, cancellable, &local_error)) { + ews_config_lookup_worker_result_from_settings (lookup_worker, config_lookup, email_address, ews_settings, params); ++ } else if (g_error_matches (local_error, SOUP_HTTP_ERROR, SOUP_STATUS_SSL_FAILED)) { ++ const gchar *hosturl; ++ SoupURI *suri; ++ ++ hosturl = camel_ews_settings_get_hosturl (ews_settings); ++ suri = soup_uri_new (hosturl); ++ if (suri) { ++ certificate_host = g_strdup (soup_uri_get_host (suri)); ++ ++ soup_uri_free (suri); ++ } ++ } else { ++ g_clear_error (&local_error); + } + + servers = e_named_parameters_get (params, E_CONFIG_LOOKUP_PARAM_SERVERS); +@@ -357,7 +402,7 @@ ews_config_lookup_worker_run (EConfigLoo + + servers_strv = g_strsplit (servers, ";", 0); + +- for (ii = 0; servers_strv && servers_strv[ii] && !g_cancellable_is_cancelled (cancellable); ii++) { ++ for (ii = 0; servers_strv && servers_strv[ii] && !g_cancellable_is_cancelled (cancellable) && !local_error; ii++) { + const gchar *server = servers_strv[ii]; + gchar *tmp = NULL; + +@@ -368,8 +413,21 @@ ews_config_lookup_worker_run (EConfigLoo + + camel_ews_settings_set_hosturl (ews_settings, server); + +- if (e_ews_autodiscover_ws_url_sync (source, ews_settings, email_address, password, cancellable, NULL)) { ++ if (e_ews_autodiscover_ws_url_sync (source, ews_settings, email_address, password, &certificate_pem, &certificate_errors, cancellable, &local_error)) { + ews_config_lookup_worker_result_from_settings (lookup_worker, config_lookup, email_address, ews_settings, params); ++ } else if (g_error_matches (local_error, SOUP_HTTP_ERROR, SOUP_STATUS_SSL_FAILED)) { ++ const gchar *hosturl; ++ SoupURI *suri; ++ ++ hosturl = camel_ews_settings_get_hosturl (ews_settings); ++ suri = soup_uri_new (hosturl); ++ if (suri) { ++ certificate_host = g_strdup (soup_uri_get_host (suri)); ++ ++ soup_uri_free (suri); ++ } ++ } else { ++ g_clear_error (&local_error); + } + + g_free (tmp); +@@ -378,7 +436,31 @@ ews_config_lookup_worker_run (EConfigLoo + g_strfreev (servers_strv); + } + +- if (out_restart_params) ++ if (g_error_matches (local_error, SOUP_HTTP_ERROR, SOUP_STATUS_SSL_FAILED) && ++ certificate_pem && *certificate_pem && certificate_errors) { ++ gchar *description = e_trust_prompt_describe_certificate_errors (certificate_errors); ++ ++ if (description) { ++ g_set_error_literal (error, E_CONFIG_LOOKUP_WORKER_ERROR, ++ E_CONFIG_LOOKUP_WORKER_ERROR_CERTIFICATE, description); ++ ++ g_free (description); ++ ++ if (out_restart_params) { ++ if (!*out_restart_params) ++ *out_restart_params = e_named_parameters_new_clone (params); ++ ++ e_named_parameters_set (*out_restart_params, E_CONFIG_LOOKUP_PARAM_CERTIFICATE_PEM, certificate_pem); ++ e_named_parameters_set (*out_restart_params, E_CONFIG_LOOKUP_PARAM_CERTIFICATE_HOST, certificate_host); ++ } ++ } ++ } ++ ++ g_clear_error (&local_error); ++ g_free (certificate_host); ++ g_free (certificate_pem); ++ ++ if (out_restart_params && !*out_restart_params) + *out_restart_params = e_named_parameters_new_clone (params); + } + +diff -up evolution-ews-3.28.5/src/configuration/e-ews-config-utils.c.cve-2019-3890 evolution-ews-3.28.5/src/configuration/e-ews-config-utils.c +--- evolution-ews-3.28.5/src/configuration/e-ews-config-utils.c.cve-2019-3890 2018-07-30 16:01:00.000000000 +0200 ++++ evolution-ews-3.28.5/src/configuration/e-ews-config-utils.c 2019-04-15 09:43:49.686771516 +0200 +@@ -317,7 +317,7 @@ ews_config_utils_try_credentials_sync (E + if (data->try_credentials_func) + auth_result = data->try_credentials_func (data->conn, credentials, data->user_data, cancellable, error); + else +- auth_result = e_ews_connection_try_credentials_sync (data->conn, credentials, cancellable, error); ++ auth_result = e_ews_connection_try_credentials_sync (data->conn, credentials, NULL, NULL, NULL, cancellable, error); + + if (auth_result == E_SOURCE_AUTHENTICATION_ACCEPTED) { + *out_authenticated = TRUE; +@@ -377,7 +377,7 @@ e_ews_config_utils_open_connection_for ( + if (try_credentials_func) + result = try_credentials_func (conn, NULL, user_data, cancellable, &local_error); + else +- result = e_ews_connection_try_credentials_sync (conn, NULL, cancellable, &local_error); ++ result = e_ews_connection_try_credentials_sync (conn, NULL, NULL, NULL, NULL, cancellable, &local_error); + + if (result != E_SOURCE_AUTHENTICATION_ACCEPTED) { + g_clear_object (&conn); +diff -up evolution-ews-3.28.5/src/configuration/e-mail-config-ews-autodiscover.c.cve-2019-3890 evolution-ews-3.28.5/src/configuration/e-mail-config-ews-autodiscover.c +--- evolution-ews-3.28.5/src/configuration/e-mail-config-ews-autodiscover.c.cve-2019-3890 2018-07-30 16:01:00.000000000 +0200 ++++ evolution-ews-3.28.5/src/configuration/e-mail-config-ews-autodiscover.c 2019-04-15 09:43:49.686771516 +0200 +@@ -45,6 +45,8 @@ struct _AsyncContext { + ESource *source; + CamelEwsSettings *ews_settings; + gchar *email_address; ++ gchar *certificate_pem; ++ GTlsCertificateFlags certificate_errors; + }; + + enum { +@@ -67,6 +69,7 @@ async_context_free (gpointer ptr) + g_clear_object (&async_context->source); + g_clear_object (&async_context->ews_settings); + g_free (async_context->email_address); ++ g_free (async_context->certificate_pem); + + g_slice_free (AsyncContext, async_context); + } +@@ -87,6 +90,9 @@ mail_config_ews_autodiscover_finish (EMa + } + + static void ++mail_config_ews_autodiscover_run (EMailConfigEwsAutodiscover *autodiscover); ++ ++static void + mail_config_ews_autodiscover_run_cb (GObject *source_object, + GAsyncResult *result, + gpointer user_data) +@@ -111,17 +117,62 @@ mail_config_ews_autodiscover_run_cb (GOb + g_object_thaw_notify (G_OBJECT (settings)); + + if (e_activity_handle_cancellation (async_context->activity, error)) { +- g_error_free (error); ++ /* Do nothing, just free the error below */ ++ } else if (g_error_matches (error, SOUP_HTTP_ERROR, SOUP_STATUS_SSL_FAILED) && ++ async_context->certificate_pem && *async_context->certificate_pem && async_context->certificate_errors) { ++ ETrustPromptResponse response; ++ GtkWidget *parent; ++ const gchar *host; ++ ++ parent = gtk_widget_get_toplevel (GTK_WIDGET (autodiscover)); ++ if (!GTK_IS_WINDOW (parent)) ++ parent = NULL; ++ ++ host = camel_network_settings_get_host (CAMEL_NETWORK_SETTINGS (settings)); ++ ++ response = e_trust_prompt_run_modal (parent ? GTK_WINDOW (parent) : NULL, ++ E_SOURCE_EXTENSION_COLLECTION, _("Exchange Web Services"), ++ host, async_context->certificate_pem, async_context->certificate_errors, ++ error->message); ++ ++ g_clear_error (&error); ++ ++ if (response != E_TRUST_PROMPT_RESPONSE_UNKNOWN) { ++ GTlsCertificate *certificate; ++ ++ certificate = g_tls_certificate_new_from_pem (async_context->certificate_pem, -1, &error); ++ if (certificate) { ++ ESourceWebdav *extension_webdav; ++ ++ extension_webdav = e_source_get_extension (async_context->source, E_SOURCE_EXTENSION_WEBDAV_BACKEND); ++ ++ e_source_webdav_update_ssl_trust (extension_webdav, host, certificate, response); ++ ++ g_object_unref (certificate); ++ } ++ ++ if (error) { ++ e_alert_submit ( ++ alert_sink, ++ "ews:autodiscovery-error", ++ error->message, NULL); ++ } ++ } + ++ if (response == E_TRUST_PROMPT_RESPONSE_ACCEPT || ++ response == E_TRUST_PROMPT_RESPONSE_ACCEPT_TEMPORARILY) { ++ mail_config_ews_autodiscover_run (autodiscover); ++ } + } else if (error != NULL) { + e_alert_submit ( + alert_sink, + "ews:autodiscovery-error", + error->message, NULL); +- g_error_free (error); + } + + gtk_widget_set_sensitive (GTK_WIDGET (autodiscover), TRUE); ++ ++ g_clear_error (&error); + } + + static gboolean +@@ -141,6 +192,7 @@ mail_config_ews_autodiscover_sync (ECred + async_context->ews_settings, async_context->email_address, + credentials && e_named_parameters_get (credentials, E_SOURCE_CREDENTIAL_PASSWORD) ? + e_named_parameters_get (credentials, E_SOURCE_CREDENTIAL_PASSWORD) : "", ++ &async_context->certificate_pem, &async_context->certificate_errors, + cancellable, &local_error); + + if (local_error == NULL) { +@@ -173,6 +225,7 @@ mail_config_ews_autodiscover_run_thread + if (without_password) { + success = e_ews_autodiscover_ws_url_sync (async_context->source, + async_context->ews_settings, async_context->email_address, "", ++ &async_context->certificate_pem, &async_context->certificate_errors, + cancellable, &local_error); + } + +@@ -236,6 +289,8 @@ mail_config_ews_autodiscover_run (EMailC + async_context->source = g_object_ref (source); + async_context->ews_settings = g_object_ref (settings); + async_context->email_address = g_strdup (e_mail_config_service_page_get_email_address (page)); ++ async_context->certificate_pem = NULL; ++ async_context->certificate_errors = 0; + + /* + * The GTask will be run in a new thread, which will invoke +diff -up evolution-ews-3.28.5/src/server/e-ews-connection.c.cve-2019-3890 evolution-ews-3.28.5/src/server/e-ews-connection.c +--- evolution-ews-3.28.5/src/server/e-ews-connection.c.cve-2019-3890 2018-07-30 16:01:00.000000000 +0200 ++++ evolution-ews-3.28.5/src/server/e-ews-connection.c 2019-04-15 09:43:49.689771516 +0200 +@@ -111,6 +111,10 @@ struct _EEwsConnectionPrivate { + + /* Set to TRUE when this connection had been disconnected and cannot be used anymore */ + gboolean disconnected_flag; ++ ++ gboolean ssl_info_set; ++ gchar *ssl_certificate_pem; ++ GTlsCertificateFlags ssl_certificate_errors; + }; + + enum { +@@ -836,6 +840,37 @@ ews_connection_credentials_failed (EEwsC + return expired; + } + ++static void ++ews_connection_check_ssl_error (EEwsConnection *connection, ++ SoupMessage *message) ++{ ++ g_return_if_fail (E_IS_EWS_CONNECTION (connection)); ++ g_return_if_fail (SOUP_IS_MESSAGE (message)); ++ ++ if (message->status_code == SOUP_STATUS_SSL_FAILED) { ++ GTlsCertificate *certificate = NULL; ++ ++ g_mutex_lock (&connection->priv->property_lock); ++ ++ g_clear_pointer (&connection->priv->ssl_certificate_pem, g_free); ++ connection->priv->ssl_info_set = FALSE; ++ ++ g_object_get (G_OBJECT (message), ++ "tls-certificate", &certificate, ++ "tls-errors", &connection->priv->ssl_certificate_errors, ++ NULL); ++ ++ if (certificate) { ++ g_object_get (certificate, "certificate-pem", &connection->priv->ssl_certificate_pem, NULL); ++ connection->priv->ssl_info_set = TRUE; ++ ++ g_object_unref (certificate); ++ } ++ ++ g_mutex_unlock (&connection->priv->property_lock); ++ } ++} ++ + /* Response callbacks */ + + static void +@@ -852,8 +887,15 @@ ews_response_cb (SoupSession *session, + if (g_cancellable_is_cancelled (enode->cancellable)) + goto exit; + ++ ews_connection_check_ssl_error (enode->cnc, msg); ++ + if (ews_connection_credentials_failed (enode->cnc, msg, enode->simple)) { + goto exit; ++ } else if (msg->status_code == SOUP_STATUS_SSL_FAILED) { ++ g_simple_async_result_set_error ( ++ enode->simple, SOUP_HTTP_ERROR, SOUP_STATUS_SSL_FAILED, ++ "%s", msg->reason_phrase); ++ goto exit; + } else if (msg->status_code == SOUP_STATUS_UNAUTHORIZED) { + if (msg->response_headers) { + const gchar *diagnostics; +@@ -1855,6 +1897,9 @@ ews_connection_constructed (GObject *obj + cnc->priv->soup_thread = g_thread_new (NULL, e_ews_soup_thread, cnc); + + cnc->priv->soup_session = soup_session_async_new_with_options ( ++ SOUP_SESSION_TIMEOUT, 90, ++ SOUP_SESSION_SSL_STRICT, TRUE, ++ SOUP_SESSION_SSL_USE_SYSTEM_CA_FILE, TRUE, + SOUP_SESSION_ASYNC_CONTEXT, cnc->priv->soup_context, + NULL); + +@@ -1971,6 +2016,7 @@ ews_connection_finalize (GObject *object + g_free (priv->email); + g_free (priv->hash_key); + g_free (priv->impersonate_user); ++ g_free (priv->ssl_certificate_pem); + + g_clear_object (&priv->bearer_auth); + +@@ -2557,10 +2603,15 @@ e_ews_connection_update_credentials (EEw + ESourceAuthenticationResult + e_ews_connection_try_credentials_sync (EEwsConnection *cnc, + const ENamedParameters *credentials, ++ ESource *use_source, ++ gchar **out_certificate_pem, ++ GTlsCertificateFlags *out_certificate_errors, + GCancellable *cancellable, + GError **error) + { + ESourceAuthenticationResult result; ++ ESource *source; ++ gboolean de_set_source; + EwsFolderId *fid = NULL; + GSList *ids = NULL; + GError *local_error = NULL; +@@ -2574,14 +2625,31 @@ e_ews_connection_try_credentials_sync (E + fid->is_distinguished_id = TRUE; + ids = g_slist_append (ids, fid); + ++ source = e_ews_connection_get_source (cnc); ++ if (use_source && use_source != source) { ++ cnc->priv->source = g_object_ref (use_source); ++ de_set_source = TRUE; ++ } else { ++ source = NULL; ++ de_set_source = FALSE; ++ } ++ + e_ews_connection_get_folder_sync ( + cnc, EWS_PRIORITY_MEDIUM, "Default", + NULL, ids, NULL, cancellable, &local_error); + ++ if (de_set_source) { ++ g_clear_object (&cnc->priv->source); ++ cnc->priv->source = source; ++ } ++ + g_slist_free_full (ids, (GDestroyNotify) e_ews_folder_id_free); + + if (local_error == NULL) { + result = E_SOURCE_AUTHENTICATION_ACCEPTED; ++ } else if (g_error_matches (local_error, SOUP_HTTP_ERROR, SOUP_STATUS_SSL_FAILED) && ++ e_ews_connection_get_ssl_error_details (cnc, out_certificate_pem, out_certificate_errors)) { ++ result = E_SOURCE_AUTHENTICATION_ERROR_SSL_FAILED; + } else { + gboolean auth_failed; + +@@ -2618,6 +2686,29 @@ e_ews_connection_get_source (EEwsConnect + return cnc->priv->source; + } + ++gboolean ++e_ews_connection_get_ssl_error_details (EEwsConnection *cnc, ++ gchar **out_certificate_pem, ++ GTlsCertificateFlags *out_certificate_errors) ++{ ++ g_return_val_if_fail (E_IS_EWS_CONNECTION (cnc), FALSE); ++ g_return_val_if_fail (out_certificate_pem != NULL, FALSE); ++ g_return_val_if_fail (out_certificate_errors != NULL, FALSE); ++ ++ g_mutex_lock (&cnc->priv->property_lock); ++ if (!cnc->priv->ssl_info_set) { ++ g_mutex_unlock (&cnc->priv->property_lock); ++ return FALSE; ++ } ++ ++ *out_certificate_pem = g_strdup (cnc->priv->ssl_certificate_pem); ++ *out_certificate_errors = cnc->priv->ssl_certificate_errors; ++ ++ g_mutex_unlock (&cnc->priv->property_lock); ++ ++ return TRUE; ++} ++ + const gchar * + e_ews_connection_get_uri (EEwsConnection *cnc) + { +@@ -2906,6 +2997,9 @@ autodiscover_response_cb (SoupSession *s + g_set_error ( + &error, SOUP_HTTP_ERROR, status, + "%d %s", status, msg->reason_phrase); ++ ++ if (status == SOUP_STATUS_SSL_FAILED) ++ ews_connection_check_ssl_error (ad->cnc, msg); + } + + g_free (service_url); +@@ -3056,7 +3150,8 @@ static void post_restarted (SoupMessage + } + + static SoupMessage * +-e_ews_get_msg_for_url (CamelEwsSettings *settings, ++e_ews_get_msg_for_url (EEwsConnection *cnc, ++ CamelEwsSettings *settings, + const gchar *url, + xmlOutputBuffer *buf, + GError **error) +@@ -3078,6 +3173,9 @@ e_ews_get_msg_for_url (CamelEwsSettings + return NULL; + } + ++ if (cnc->priv->source) ++ e_soup_ssl_trust_connect (msg, cnc->priv->source); ++ + e_ews_message_attach_chunk_allocator (msg); + + e_ews_message_set_user_agent_header (msg, settings); +@@ -3107,6 +3205,8 @@ e_ews_autodiscover_ws_url_sync (ESource + CamelEwsSettings *settings, + const gchar *email_address, + const gchar *password, ++ gchar **out_certificate_pem, ++ GTlsCertificateFlags *out_certificate_errors, + GCancellable *cancellable, + GError **error) + { +@@ -3125,7 +3225,7 @@ e_ews_autodiscover_ws_url_sync (ESource + + result = e_async_closure_wait (closure); + +- success = e_ews_autodiscover_ws_url_finish (settings, result, error); ++ success = e_ews_autodiscover_ws_url_finish (settings, result, out_certificate_pem, out_certificate_errors, error); + + e_async_closure_free (closure); + +@@ -3236,11 +3336,11 @@ e_ews_autodiscover_ws_url (ESource *sour + simple, ad, (GDestroyNotify) autodiscover_data_free); + + /* Passing a NULL URL string returns NULL. */ +- ad->msgs[0] = e_ews_get_msg_for_url (settings, url1, buf, &error); +- ad->msgs[1] = e_ews_get_msg_for_url (settings, url2, buf, NULL); +- ad->msgs[2] = e_ews_get_msg_for_url (settings, url3, buf, NULL); +- ad->msgs[3] = e_ews_get_msg_for_url (settings, url4, buf, NULL); +- ad->msgs[4] = e_ews_get_msg_for_url (settings, url5, buf, NULL); ++ ad->msgs[0] = e_ews_get_msg_for_url (cnc, settings, url1, buf, &error); ++ ad->msgs[1] = e_ews_get_msg_for_url (cnc, settings, url2, buf, NULL); ++ ad->msgs[2] = e_ews_get_msg_for_url (cnc, settings, url3, buf, NULL); ++ ad->msgs[3] = e_ews_get_msg_for_url (cnc, settings, url4, buf, NULL); ++ ad->msgs[4] = e_ews_get_msg_for_url (cnc, settings, url5, buf, NULL); + + /* These have to be submitted only after they're both set in ad->msgs[] + * or there will be races with fast completion */ +@@ -3300,10 +3400,13 @@ has_suffix_icmp (const gchar *text, + gboolean + e_ews_autodiscover_ws_url_finish (CamelEwsSettings *settings, + GAsyncResult *result, ++ gchar **out_certificate_pem, ++ GTlsCertificateFlags *out_certificate_errors, + GError **error) + { + GSimpleAsyncResult *simple; + struct _autodiscover_data *ad; ++ GError *local_error = NULL; + + g_return_val_if_fail ( + g_simple_async_result_is_valid ( +@@ -3313,8 +3416,20 @@ e_ews_autodiscover_ws_url_finish (CamelE + simple = G_SIMPLE_ASYNC_RESULT (result); + ad = g_simple_async_result_get_op_res_gpointer (simple); + +- if (g_simple_async_result_propagate_error (simple, error)) ++ if (g_simple_async_result_propagate_error (simple, &local_error)) { ++ if (g_error_matches (local_error, SOUP_HTTP_ERROR, SOUP_STATUS_SSL_FAILED)) { ++ if (!e_ews_connection_get_ssl_error_details (ad->cnc, out_certificate_pem, out_certificate_errors)) { ++ if (out_certificate_pem) ++ *out_certificate_pem = NULL; ++ if (out_certificate_errors) ++ *out_certificate_errors = 0; ++ } ++ } ++ ++ g_propagate_error (error, local_error); ++ + return FALSE; ++ } + + g_warn_if_fail (ad->as_url != NULL); + g_warn_if_fail (ad->oab_url != NULL); +@@ -3473,6 +3588,8 @@ oal_response_cb (SoupSession *soup_sessi + simple = G_SIMPLE_ASYNC_RESULT (user_data); + data = g_simple_async_result_get_op_res_gpointer (simple); + ++ ews_connection_check_ssl_error (data->cnc, soup_message); ++ + if (ews_connection_credentials_failed (data->cnc, soup_message, simple)) { + goto exit; + } else if (soup_message->status_code != 200) { +@@ -3618,7 +3735,7 @@ e_ews_connection_get_oal_list (EEwsConne + + g_return_if_fail (E_IS_EWS_CONNECTION (cnc)); + +- soup_message = e_ews_get_msg_for_url (cnc->priv->settings, cnc->priv->uri, NULL, &error); ++ soup_message = e_ews_get_msg_for_url (cnc, cnc->priv->settings, cnc->priv->uri, NULL, &error); + + simple = g_simple_async_result_new ( + G_OBJECT (cnc), callback, user_data, +@@ -3739,7 +3856,7 @@ e_ews_connection_get_oal_detail (EEwsCon + + g_return_if_fail (E_IS_EWS_CONNECTION (cnc)); + +- soup_message = e_ews_get_msg_for_url (cnc->priv->settings, cnc->priv->uri, NULL, &error); ++ soup_message = e_ews_get_msg_for_url (cnc, cnc->priv->settings, cnc->priv->uri, NULL, &error); + + simple = g_simple_async_result_new ( + G_OBJECT (cnc), callback, user_data, +@@ -3826,6 +3943,8 @@ oal_download_response_cb (SoupSession *s + simple = G_SIMPLE_ASYNC_RESULT (user_data); + data = g_simple_async_result_get_op_res_gpointer (simple); + ++ ews_connection_check_ssl_error (data->cnc, soup_message); ++ + if (ews_connection_credentials_failed (data->cnc, soup_message, simple)) { + g_unlink (data->cache_filename); + } else if (soup_message->status_code != 200) { +@@ -3954,7 +4073,7 @@ e_ews_connection_download_oal_file (EEws + + g_return_if_fail (E_IS_EWS_CONNECTION (cnc)); + +- soup_message = e_ews_get_msg_for_url (cnc->priv->settings, cnc->priv->uri, NULL, &error); ++ soup_message = e_ews_get_msg_for_url (cnc, cnc->priv->settings, cnc->priv->uri, NULL, &error); + + simple = g_simple_async_result_new ( + G_OBJECT (cnc), callback, user_data, +diff -up evolution-ews-3.28.5/src/server/e-ews-connection.h.cve-2019-3890 evolution-ews-3.28.5/src/server/e-ews-connection.h +--- evolution-ews-3.28.5/src/server/e-ews-connection.h.cve-2019-3890 2018-07-30 16:01:00.000000000 +0200 ++++ evolution-ews-3.28.5/src/server/e-ews-connection.h 2019-04-15 09:43:49.689771516 +0200 +@@ -426,9 +426,16 @@ ESourceAuthenticationResult + e_ews_connection_try_credentials_sync + (EEwsConnection *cnc, + const ENamedParameters *credentials, ++ ESource *use_source, ++ gchar **out_certificate_pem, ++ GTlsCertificateFlags *out_certificate_errors, + GCancellable *cancellable, + GError **error); + ESource * e_ews_connection_get_source (EEwsConnection *cnc); ++gboolean e_ews_connection_get_ssl_error_details ++ (EEwsConnection *cnc, ++ gchar **out_certificate_pem, ++ GTlsCertificateFlags *out_certificate_errors); + const gchar * e_ews_connection_get_uri (EEwsConnection *cnc); + ESoupAuthBearer * + e_ews_connection_ref_bearer_auth(EEwsConnection *cnc); +@@ -469,6 +476,8 @@ gboolean e_ews_autodiscover_ws_url_sync + CamelEwsSettings *settings, + const gchar *email_address, + const gchar *password, ++ gchar **out_certificate_pem, ++ GTlsCertificateFlags *out_certificate_errors, + GCancellable *cancellable, + GError **error); + void e_ews_autodiscover_ws_url (ESource *source, +@@ -481,6 +490,8 @@ void e_ews_autodiscover_ws_url (ESource + gboolean e_ews_autodiscover_ws_url_finish + (CamelEwsSettings *settings, + GAsyncResult *result, ++ gchar **out_certificate_pem, ++ GTlsCertificateFlags *out_certificate_errors, + GError **error); + const gchar * e_ews_connection_get_mailbox (EEwsConnection *cnc); + void e_ews_connection_set_mailbox (EEwsConnection *cnc, +diff -up evolution-ews-3.28.5/src/server/e-ews-connection-utils.c.cve-2019-3890 evolution-ews-3.28.5/src/server/e-ews-connection-utils.c +--- evolution-ews-3.28.5/src/server/e-ews-connection-utils.c.cve-2019-3890 2018-07-30 16:01:00.000000000 +0200 ++++ evolution-ews-3.28.5/src/server/e-ews-connection-utils.c 2019-04-15 09:43:49.690771516 +0200 +@@ -522,8 +522,13 @@ e_ews_connection_utils_prepare_message ( + GCancellable *cancellable) + { + ESoupAuthBearer *using_bearer_auth; ++ ESource *source; + GError *local_error = NULL; + ++ source = e_ews_connection_get_source (cnc); ++ if (source) ++ e_soup_ssl_trust_connect (message, source); ++ + if (!ews_connection_utils_maybe_prepare_bearer_auth (cnc, message, cancellable)) + return FALSE; + diff --git a/SOURCES/evolution-ews-3.28.5-disable-reminder-types.patch b/SOURCES/evolution-ews-3.28.5-disable-reminder-types.patch new file mode 100644 index 0000000..31d269d --- /dev/null +++ b/SOURCES/evolution-ews-3.28.5-disable-reminder-types.patch @@ -0,0 +1,12 @@ +diff -up evolution-ews-3.28.5/src/calendar/e-cal-backend-ews.c.disable-reminder-types evolution-ews-3.28.5/src/calendar/e-cal-backend-ews.c +--- evolution-ews-3.28.5/src/calendar/e-cal-backend-ews.c.disable-reminder-types 2018-07-30 16:01:00.000000000 +0200 ++++ evolution-ews-3.28.5/src/calendar/e-cal-backend-ews.c 2018-09-27 18:30:08.889040518 +0200 +@@ -3675,6 +3675,8 @@ ecb_ews_get_backend_property (ECalBacken + return g_strjoin ( + ",", + CAL_STATIC_CAPABILITY_NO_EMAIL_ALARMS, ++ CAL_STATIC_CAPABILITY_NO_AUDIO_ALARMS, ++ CAL_STATIC_CAPABILITY_NO_PROCEDURE_ALARMS, + CAL_STATIC_CAPABILITY_ONE_ALARM_ONLY, + CAL_STATIC_CAPABILITY_REMOVE_ALARMS, + CAL_STATIC_CAPABILITY_NO_THISANDPRIOR, diff --git a/SOURCES/evolution-ews-3.28.5-double-collection-backend-populate.patch b/SOURCES/evolution-ews-3.28.5-double-collection-backend-populate.patch new file mode 100644 index 0000000..c9e4cdb --- /dev/null +++ b/SOURCES/evolution-ews-3.28.5-double-collection-backend-populate.patch @@ -0,0 +1,66 @@ +From f50530ad101b47d461a345ff2b8b295b86c05d3a Mon Sep 17 00:00:00 2001 +From: Milan Crha +Date: Thu, 27 Sep 2018 10:51:05 +0200 +Subject: Collection backend schedules two 'populate' requests after going + online + +ECollectionBackend base class makes sure the 'populate' method is called +after the backend itself goes online, thus there is no need to schedule +it in the descendant again. + +Related to https://gitlab.gnome.org/GNOME/evolution-data-server/issues/36 + +diff --git a/src/collection/e-ews-backend.c b/src/collection/e-ews-backend.c +index 651694b7..d9a973af 100644 +--- a/src/collection/e-ews-backend.c ++++ b/src/collection/e-ews-backend.c +@@ -48,7 +48,7 @@ struct _EEwsBackendPrivate { + + gboolean need_update_folders; + +- gulong notify_online_id; ++ gulong source_changed_id; + }; + + struct _SyncFoldersClosure { +@@ -647,15 +647,21 @@ static void + ews_backend_dispose (GObject *object) + { + EEwsBackendPrivate *priv; ++ ESource *source; + + priv = E_EWS_BACKEND_GET_PRIVATE (object); + ++ source = e_backend_get_source (E_BACKEND (object)); ++ if (source && priv->source_changed_id) { ++ g_signal_handler_disconnect (source, priv->source_changed_id); ++ priv->source_changed_id = 0; ++ } ++ + g_hash_table_remove_all (priv->folders); + +- if (priv->connection != NULL) { +- g_object_unref (priv->connection); +- priv->connection = NULL; +- } ++ g_mutex_lock (&priv->connection_lock); ++ g_clear_object (&priv->connection); ++ g_mutex_unlock (&priv->connection_lock); + + /* Chain up to parent's dispose() method. */ + G_OBJECT_CLASS (e_ews_backend_parent_class)->dispose (object); +@@ -770,12 +776,8 @@ ews_backend_populate (ECollectionBackend *backend) + + ews_backend->priv->need_update_folders = TRUE; + +- if (!ews_backend->priv->notify_online_id) { +- ews_backend->priv->notify_online_id = g_signal_connect ( +- backend, "notify::online", +- G_CALLBACK (ews_backend_populate), NULL); +- +- g_signal_connect ( ++ if (!ews_backend->priv->source_changed_id) { ++ ews_backend->priv->source_changed_id = g_signal_connect ( + source, "changed", + G_CALLBACK (ews_backend_source_changed_cb), ews_backend); + } diff --git a/SOURCES/evolution-ews-3.28.5-meeting-with-attachment.patch b/SOURCES/evolution-ews-3.28.5-meeting-with-attachment.patch new file mode 100644 index 0000000..b9191c4 --- /dev/null +++ b/SOURCES/evolution-ews-3.28.5-meeting-with-attachment.patch @@ -0,0 +1,114 @@ +diff -up evolution-ews-3.28.5/src/calendar/e-cal-backend-ews.c.meeting-with-attachment evolution-ews-3.28.5/src/calendar/e-cal-backend-ews.c +--- evolution-ews-3.28.5/src/calendar/e-cal-backend-ews.c.meeting-with-attachment 2018-09-27 18:32:25.783038625 +0200 ++++ evolution-ews-3.28.5/src/calendar/e-cal-backend-ews.c 2018-09-27 18:32:25.786038625 +0200 +@@ -2598,7 +2598,7 @@ ecb_ews_save_component_sync (ECalMetaBac + GHashTable *removed_indexes; + EwsCalendarConvertData convert_data = { 0 }; + EEwsItem *item = NULL; +- const EwsId *ews_id = NULL; ++ EwsId *ews_id = NULL; + const gchar *send_meeting_invitations; + icalcomponent *icalcomp; + icalproperty *prop; +@@ -2642,7 +2642,7 @@ ecb_ews_save_component_sync (ECalMetaBac + if (item) { + g_object_ref (item); + +- ews_id = e_ews_item_get_id (item); ++ ews_id = e_ews_id_copy (e_ews_item_get_id (item)); + } + } + +@@ -2666,6 +2666,8 @@ ecb_ews_save_component_sync (ECalMetaBac + g_clear_object (&item); + + item = items_req->data; ++ ++ e_ews_id_free (ews_id); + ews_id = NULL; + + if (e_ews_item_get_item_type (item) == E_EWS_ITEM_TYPE_ERROR) { +@@ -2674,7 +2676,7 @@ ecb_ews_save_component_sync (ECalMetaBac + success = FALSE; + } else { + item = g_object_ref (item); +- ews_id = e_ews_item_get_id (item); ++ ews_id = e_ews_id_copy (e_ews_item_get_id (item)); + } + } + +@@ -2689,13 +2691,21 @@ ecb_ews_save_component_sync (ECalMetaBac + g_warn_if_fail (ews_id != NULL); + + if (ews_id && ecb_ews_extract_attachments (icalcomp, &info_attachments)) { ++ gchar *changekey = NULL; + GSList *ids = NULL; + + success = e_ews_connection_create_attachments_sync (cbews->priv->cnc, EWS_PRIORITY_MEDIUM, +- ews_id, info_attachments, FALSE, NULL, &ids, cancellable, error); ++ ews_id, info_attachments, FALSE, &changekey, &ids, cancellable, error); + + g_slist_free_full (info_attachments, (GDestroyNotify) e_ews_attachment_info_free); + g_slist_free_full (ids, g_free); ++ ++ if (success && changekey) { ++ g_free (ews_id->change_key); ++ ews_id->change_key = changekey; ++ } else { ++ g_free (changekey); ++ } + } + } + +@@ -2730,6 +2740,7 @@ ecb_ews_save_component_sync (ECalMetaBac + } + + icalcomponent_free (icalcomp); ++ e_ews_id_free (ews_id); + g_clear_object (&item); + + for (link = (GSList *) instances; link && success; link = g_slist_next (link)) { +diff -up evolution-ews-3.28.5/src/server/e-ews-item.c.meeting-with-attachment evolution-ews-3.28.5/src/server/e-ews-item.c +--- evolution-ews-3.28.5/src/server/e-ews-item.c.meeting-with-attachment 2018-09-27 18:32:25.785038625 +0200 ++++ evolution-ews-3.28.5/src/server/e-ews-item.c 2018-09-27 18:32:25.787038625 +0200 +@@ -2695,3 +2695,28 @@ e_ews_item_util_strip_ex_address (const + + return ex_address; + } ++ ++EwsId * ++e_ews_id_copy (const EwsId *ews_id) ++{ ++ EwsId *copy; ++ ++ if (!ews_id) ++ return NULL; ++ ++ copy = g_new0 (EwsId, 1); ++ copy->id = g_strdup (ews_id->id); ++ copy->change_key = g_strdup (ews_id->change_key); ++ ++ return copy; ++} ++ ++void ++e_ews_id_free (EwsId *ews_id) ++{ ++ if (ews_id) { ++ g_free (ews_id->id); ++ g_free (ews_id->change_key); ++ g_free (ews_id); ++ } ++} +diff -up evolution-ews-3.28.5/src/server/e-ews-item.h.meeting-with-attachment evolution-ews-3.28.5/src/server/e-ews-item.h +--- evolution-ews-3.28.5/src/server/e-ews-item.h.meeting-with-attachment 2018-07-30 16:01:00.000000000 +0200 ++++ evolution-ews-3.28.5/src/server/e-ews-item.h 2018-09-27 18:32:25.787038625 +0200 +@@ -384,6 +384,8 @@ void e_ews_permissions_free (GSList *pe + /* Utility functions */ + const gchar * e_ews_item_util_strip_ex_address + (const gchar *ex_address); ++EwsId * e_ews_id_copy (const EwsId *ews_id); ++void e_ews_id_free (EwsId *ews_id); + + G_END_DECLS + diff --git a/SOURCES/evolution-ews-3.28.5-unknown-responsetype-as-needs-action.patch b/SOURCES/evolution-ews-3.28.5-unknown-responsetype-as-needs-action.patch new file mode 100644 index 0000000..e127d0b --- /dev/null +++ b/SOURCES/evolution-ews-3.28.5-unknown-responsetype-as-needs-action.patch @@ -0,0 +1,22 @@ +From 6d3dc9c50be654a9e250cfd53626f8526ff9eb70 Mon Sep 17 00:00:00 2001 +From: Milan Crha +Date: Tue, 25 Sep 2018 16:20:12 +0200 +Subject: Treat 'Unknown' ResponseType as Needs-Action + +When creating a new meeting the attendees have returned by the server +an 'Unknown' ResponseType, which turned into 'Unknown' in the Evolution +UI (meeting editor). Treat it as Needs-Action instead. + +diff --git a/src/calendar/e-cal-backend-ews.c b/src/calendar/e-cal-backend-ews.c +index bf995813..06d56fa0 100644 +--- a/src/calendar/e-cal-backend-ews.c ++++ b/src/calendar/e-cal-backend-ews.c +@@ -311,7 +311,7 @@ ecb_ews_responsetype_to_partstat (const gchar *responsetype) + else if (g_ascii_strcasecmp (responsetype, "NoResponseReceived") == 0) + param = icalparameter_new_partstat (ICAL_PARTSTAT_NEEDSACTION); + else if (g_ascii_strcasecmp (responsetype, "Unknown") == 0) +- param = icalparameter_new_partstat (ICAL_PARTSTAT_NONE); ++ param = icalparameter_new_partstat (ICAL_PARTSTAT_NEEDSACTION); + + if (!param) + param = icalparameter_new_partstat (ICAL_PARTSTAT_NONE); diff --git a/SPECS/evolution-ews.spec b/SPECS/evolution-ews.spec new file mode 100644 index 0000000..7c2c50e --- /dev/null +++ b/SPECS/evolution-ews.spec @@ -0,0 +1,312 @@ +%global libmspack_version 0.4 + +Name: evolution-ews +Version: 3.28.5 +Release: 3%{?dist} +Group: Applications/Productivity +Summary: Evolution extension for Exchange Web Services +License: LGPLv2 +URL: https://wiki.gnome.org/Apps/Evolution +Source: http://download.gnome.org/sources/%{name}/3.28/%{name}-%{version}.tar.xz + +%global eds_evo_version %{version} + +Patch01: evolution-ews-3.28.2-cmake-version.patch + +# RH bug #1633711 - 1/5 - https://gitlab.gnome.org/GNOME/evolution-ews/commit/dc50ba5a50a7b74f1d2710e5f860a7e81ab60d0b +Patch02: evolution-ews-3.28.5-disable-reminder-types.patch + +# RH bug #1633711 - 2/5 - https://gitlab.gnome.org/GNOME/evolution-ews/commit/6d3dc9c50be654a9e250cfd53626f8526ff9eb70 +Patch03: evolution-ews-3.28.5-unknown-responsetype-as-needs-action.patch + +# RH bug #1633711 - 3/5 - https://gitlab.gnome.org/GNOME/evolution-ews/issues/19 +Patch04: evolution-ews-3.28.5-contact-country-forgotten.patch + +# RH bug #1633711 - 4/5 - https://gitlab.gnome.org/GNOME/evolution-ews/issues/21 +Patch05: evolution-ews-3.28.5-meeting-with-attachment.patch + +# RH bug #1633711 - 5/5 - https://gitlab.gnome.org/GNOME/evolution-ews/commit/f50530ad101b47d461a345ff2b8b295b86c05d3a +Patch06: evolution-ews-3.28.5-double-collection-backend-populate.patch + +# RH bug #1696760 +Patch07: evolution-ews-3.28.5-cve-2019-3890.patch + +Requires: evolution >= %{eds_evo_version} +Requires: evolution-data-server >= %{eds_evo_version} +Requires: %{name}-langpacks = %{version}-%{release} +Requires: libmspack >= %{libmspack_version} + +BuildRequires: cmake +BuildRequires: gcc +BuildRequires: intltool +BuildRequires: pkgconfig(camel-1.2) >= %{eds_evo_version} +BuildRequires: pkgconfig(evolution-data-server-1.2) >= %{eds_evo_version} +BuildRequires: pkgconfig(evolution-mail-3.0) >= %{eds_evo_version} +BuildRequires: pkgconfig(evolution-shell-3.0) >= %{eds_evo_version} +BuildRequires: pkgconfig(glib-2.0) +BuildRequires: pkgconfig(gtk+-3.0) +BuildRequires: pkgconfig(libebackend-1.2) >= %{eds_evo_version} +BuildRequires: pkgconfig(libebook-1.2) >= %{eds_evo_version} +BuildRequires: pkgconfig(libecal-1.2) >= %{eds_evo_version} +BuildRequires: pkgconfig(libedata-book-1.2) >= %{eds_evo_version} +BuildRequires: pkgconfig(libedata-cal-1.2) >= %{eds_evo_version} +BuildRequires: pkgconfig(libemail-engine) >= %{eds_evo_version} +BuildRequires: pkgconfig(libical) +BuildRequires: pkgconfig(libmspack) >= %{libmspack_version} +BuildRequires: pkgconfig(libsoup-2.4) + +%description +This package allows Evolution to interact with Microsoft Exchange servers, +versions 2007 and later, through its Exchange Web Services (EWS) interface. + +%package langpacks +Summary: Translations for %{name} +BuildArch: noarch +Requires: %{name} = %{version}-%{release} + +%description langpacks +This package contains translations for %{name}. + +%prep +%setup -q +%patch01 -p1 -b .cmake-version +%patch02 -p1 -b .disable-reminder-types +%patch03 -p1 -b .unknown-responsetype-as-needs-action +%patch04 -p1 -b .contact-country-forgotten +%patch05 -p1 -b .meeting-with-attachment +%patch06 -p1 -b .double-collection-backend-populate +%patch07 -p1 -b .cve-2019-3890 + +%build + +mkdir _build +cd _build + +export CFLAGS="$RPM_OPT_FLAGS -Wno-deprecated-declarations" +%cmake -G "Unix Makefiles" .. +make %{?_smp_mflags} + +%install +rm -rf $RPM_BUILD_ROOT + +cd _build +make install DESTDIR=$RPM_BUILD_ROOT + +%find_lang %{name} + +%post -p /sbin/ldconfig + +%postun -p /sbin/ldconfig + +%files +%license COPYING +%doc NEWS README +%{_libdir}/evolution/modules/module-ews-configuration.so +%{_libdir}/evolution-data-server/camel-providers/libcamelews.so +%{_libdir}/evolution-data-server/camel-providers/libcamelews.urls +%{_libdir}/evolution-data-server/addressbook-backends/libebookbackendews.so +%{_libdir}/evolution-data-server/calendar-backends/libecalbackendews.so +%{_libdir}/evolution-data-server/registry-modules/module-ews-backend.so +%{_libdir}/evolution-ews/libcamelews-priv.so +%{_libdir}/evolution-ews/libevolution-ews.so +%{_datadir}/metainfo/org.gnome.Evolution-ews.metainfo.xml +%{_datadir}/evolution/errors/module-ews-configuration.error +%{_datadir}/evolution-data-server/ews/windowsZones.xml + +%files langpacks -f _build/%{name}.lang + +%changelog +* Wed Aug 14 2019 Milan Crha - 3.28.5-3 +- Add patch for RH bug #1696760 (CVE-2019-3890 - SSL Certificates are not validated) + +* Fri Nov 09 2018 Milan Crha - 3.28.5-2 +- Add patches for RH bug #1633711 (Backport few minor regression fixes from 3.30) + +* Mon Jul 30 2018 Milan Crha - 3.28.5-1 +- Update to 3.28.5 + +* Mon Jul 16 2018 Milan Crha - 3.28.4-1 +- Update to 3.28.4 +- Remove patch for GNOME bug #796297 (fixed upstream) + +* Mon Jun 25 2018 Milan Crha - 3.28.3-2 +- Add patch for GNOME bug #796297 (Cannot modify existing meeting after fix for this bug) + +* Mon Jun 18 2018 Milan Crha - 3.28.3-1 +- Update to 3.28.3 + +* Wed May 30 2018 Milan Crha - 3.28.2-1 +- Update to 3.28.2 +- Resolves: #1575499 + +* Wed May 24 2017 Milan Crha - 3.22.6-6 +- Add patch for RH bug #1450022 (Allow adding Free/Busy as a foreign Calendar) + +* Fri Mar 24 2017 Milan Crha - 3.22.6-5 +- Add patch for RH bug #1435552 (Sources always enabled, even when their part is disabled) + +* Wed Mar 22 2017 Milan Crha - 3.22.6-4 +- Add patch for RH bug #1434758 (Truncate cache stream before resaving received message) + +* Mon Mar 20 2017 Milan Crha - 3.22.6-3 +- Build with libmspack on all arches + +* Fri Mar 17 2017 Milan Crha - 3.22.6-2 +- Add patch for RH bug #1433268 (Mail message Date header received in UTC) + +* Mon Mar 13 2017 Milan Crha - 3.22.6-1 +- Rebase to 3.22.6 upstream release + +* Thu Feb 16 2017 Milan Crha - 3.22.5-1 +- Rebase to 3.22.5 + +* Tue Jun 21 2016 Milan Crha - 3.12.11-9 +- Update patch for RH bug #1221520 (Update translations, for it and ko) + +* Fri Apr 01 2016 Milan Crha - 3.12.11-8 +- Add patch for RH bug #1322908 (Show user's meeting response in the Calendar view) + +* Tue Mar 15 2016 Milan Crha - 3.12.11-7 +- Add patch for RH bug #1221520 (Update translations) + +* Fri Mar 04 2016 Milan Crha - 3.12.11-6 +- Add dependency on libmspack 0.4+ for x86_64 + +* Wed Jul 08 2015 Milan Crha - 3.12.11-5 +- Rebuild against updated libical + +* Thu May 21 2015 Milan Crha - 3.12.11-4 +- Add patch to address some of the Coverity Scan issues + +* Fri May 15 2015 Milan Crha - 3.12.11-3 +- Add patch for RH bug #1221876 (Correct locking in e_book_backend_ews_set_locale()) + +* Thu May 14 2015 Milan Crha - 3.12.11-2 +- Add patch for RH bug #1221520 (Update translations) + +* Mon May 04 2015 Milan Crha - 3.12.11-1 +- Update to 3.12.11 + +* Fri Jan 24 2014 Daniel Mach - 3.8.5-8 +- Mass rebuild 2014-01-24 + +* Mon Jan 13 2014 Milan Crha - 3.8.5-7 +- Add patch for RH bug #1030329 (Updated translations) + +* Fri Dec 27 2013 Daniel Mach - 3.8.5-6 +- Mass rebuild 2013-12-27 + +* Tue Nov 19 2013 Milan Crha - 3.8.5-5 +- Add patch for RH bug #1029538 (Free/Busy time is shifted) + +* Tue Oct 15 2013 Milan Crha - 3.8.5-4 +- Add patch for RH bug #1018322 (fails to get Free/Busy information) + +* Tue Sep 10 2013 Milan Crha - 3.8.5-3 +- Add patch for RH bug #1005152 (fails to download attachments) + +* Fri Aug 16 2013 Milan Crha - 3.8.5-2 +- Add patch to regression of GNOME bug #702922 (Cannot create appointments) + +* Mon Aug 12 2013 Milan Crha - 3.8.5-1 +- Update to 3.8.5 + +* Wed Jul 24 2013 Milan Crha - 3.8.4-1 +- Update to 3.8.4 + +* Mon Jun 10 2013 Milan Crha - 3.8.3-1 +- Update to 3.8.3 + +* Sun May 12 2013 Matthew Barnes - 3.8.2-1 +- Update to 3.8.2 + +* Sun Apr 14 2013 Matthew Barnes - 3.8.1-1 +- Update to 3.8.1 + +* Mon Mar 25 2013 Milan Crha - 3.8.0-1 +- Update to 3.8.0 + +* Mon Mar 18 2013 Milan Crha - 3.7.92-1 +- Update to 3.7.92 + +* Mon Mar 04 2013 Milan Crha - 3.7.91-1 +- Update to 3.7.91 + +* Mon Feb 18 2013 Milan Crha - 3.7.90-1 +- Update to 3.7.90 + +* Mon Feb 04 2013 Milan Crha - 3.7.5-1 +- Update to 3.7.5 + +* Mon Jan 14 2013 Milan Crha - 3.7.4-1 +- Update to 3.7.4 + +* Thu Dec 20 2012 Matthew Barnes - 3.7.3.1-1 +- Update to 3.7.3.1 + +* Mon Nov 19 2012 Milan Crha - 3.7.2-1 +- Update to 3.7.2 + +* Mon Oct 22 2012 Milan Crha - 3.7.1-1 +- Update to 3.7.1 + +* Mon Sep 17 2012 Milan Crha - 3.5.92-1 +- Update to 3.5.92 + +* Mon Sep 03 2012 Milan Crha - 3.5.91-1 +- Update to 3.5.91 +- Remove patch for new xmlOutputBuffer API (fixed upstream) + +* Mon Aug 20 2012 Milan Crha - 3.5.90-1 +- Update to 3.5.90 +- Add patch for new xmlOutputBuffer API + +* Mon Aug 06 2012 Milan Crha - 3.5.5-1 +- Update to 3.5.5 + +* Thu Jul 19 2012 Fedora Release Engineering - 3.5.4-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild + +* Mon Jul 16 2012 Milan Crha - 3.5.4-1 +- Update to 3.5.4 + +* Mon Jun 25 2012 Matthew Barnes - 3.5.3-1 +- Update to 3.5.3 + +* Mon Jun 04 2012 Milan Crha - 3.5.2-1 +- Update to 3.5.2 + +* Sun Apr 29 2012 Matthew Barnes - 3.5.1-1 +- Update to 3.5.1 + +* Mon Mar 26 2012 Milan Crha - 3.4.0-1 +- Update to 3.4.0 + +* Mon Mar 19 2012 Milan Crha - 3.3.92-1 +- Update to 3.3.92 + +* Tue Mar 06 2012 Milan Crha - 3.3.91-1 +- Update to 3.3.91 + +* Mon Feb 20 2012 Milan Crha - 3.3.90-1 +- Update to 3.3.90 + +* Mon Feb 06 2012 Milan Crha - 3.3.5-1 +- Update to 3.3.5 + +* Mon Jan 16 2012 Milan Crha - 3.3.4-1 +- Update to 3.3.4 + +* Fri Jan 13 2012 Fedora Release Engineering - 3.3.3-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild + +* Mon Dec 19 2011 Milan Crha - 3.3.3-1 +- Update to 3.3.3 +- Removed the last patch (fixed upstream) + +* Mon Nov 21 2011 Milan Crha - 3.3.2-1 +- Update to 3.3.2 +- Removed obsolete patches (fixed upstream) + +* Mon Nov 07 2011 Matthew Barnes - 3.3.1-1 +- Initial packaging for Fedora 17.