Auto sync2gitlab import of cyrus-imapd-3.0.7-23.el8.src.rpm

This commit is contained in:
James Antill 2022-05-26 01:17:40 -04:00
parent e402678412
commit aacfa4e807
32 changed files with 3510 additions and 1 deletions

3
.gitignore vendored Normal file
View File

@ -0,0 +1,3 @@
/cassandane-00bfe01.tar.gz
/cassandane-testdata-20170523.tar.gz
/cyrus-imapd-3.0.7.tar.gz

1111
CHANGES.rpm Normal file

File diff suppressed because it is too large Load Diff

1
EMPTY
View File

@ -1 +0,0 @@

34
README.rpm Normal file
View File

@ -0,0 +1,34 @@
---------------
Cyrus IMAPd RPM
---------------
This is a _very_ 'quick and dirty' install howto.
The following steps should lead you to a running Cyrus IMAP server:
1) Install on a distribution which is supported by this RPM. Don't install
on a dirty system, where you have previously installed from source.
2) Don't install if you have a previous Cyrus IMAPd installation <=2.1.x on
your box. Upgrading any Invoca rpm based installation should be fine.
3) Make sure you understand that this RPM installs in FHS compliant
directories, like /var/lib/imap and /var/spool/imap
4) Make sure cyrus-sasl is installed.
5) Make sure saslauthd is running. If not, edit /etc/sysconfig/saslauthd as
needed and do 'chkconfig saslauthd on ; service saslauthd start'
6) Install the cyrus-imapd RPMs.
7) If it's your first install of Cyrus IMAPd, then set a password for the
cyrus user in whatever database you are using to authenticate. When
using a local account, this should be 'passwd cyrus'.
8) Make sure your MTA delivers to Cyrus IMAPd, I recommend LMTP for this.
9) Start Cyrus IMAPd with 'service cyrus-imapd start'
10) Run cyradm and create a user. Usually it's something like this:
'cyradm --user=cyrus --auth=login localhost'
11) If you're using sendmail, be aware that cyrusv2.m4 included in standard
sendmail distribution uses socket /var/imap/socket/lmtp while this rpm
uses /var/lib/imap/socket/lmtp.
12) Check your syslog configuration. This RPM uses the mail facility to log
messages. On busy sites you may want to limit the mail facility to the
info priority with something like 'mail.info /var/log/maillog' in
/etc/syslog.conf.
Enjoy!

56
cassandane.ini Normal file
View File

@ -0,0 +1,56 @@
# A basic cassandane.ini file for running cassandane as part of the Fedora
# package build process.
# The idea here is to run tests on the just-compiled version of cyrus-imapd.
# However, many of the build locations are just random temporary directories, and
# so this requires some finesse.
[cassandane]
rootdir = CASSDIR/work
pwcheck = alwaystrue # This is enabled in Fedora builds
cleanup = no
maxworkers = 1
base_port = 19100
#[valgrind]
#enabled = no
# The installed copy
[cyrus default]
prefix = /usr
destdir = BUILDROOT
quota = cyr_quota
# Replication testing disabled
# [cyrus replica]
# [cyrus murder]
# Don't enable any of the gdb options but leave them here in case someone ever
# needs to do so
#[gdb]
# imapd = yes
# sync_server = yes
# lntpd = yes
# timsieved = yes
# backupd = yes
[config]
altnamespace = no
unixhierarchysep = no
client_timeout = 60
#[caldavtalk]
#basedir = CASSDIR/cassandane/testdata
[imaptest]
# Cassandane wants this to not be installed. Don't know why. To use it we
# have to make a directory and link things into it.
basedir = imaptest
# [jmaptester]
# basedir = JMAP-Tester
# The JMAP modules end up needing JSON-Typist (which I could bundle) and CryptX (which is a bit too much to bundle)
# [caldavtester]
# XXX Would need to include the source in the cyrus package just as cassandane is, and get it built before running tests
# basedir = ...

View File

@ -0,0 +1,205 @@
diff --git a/imap/http_dav.c b/imap/http_dav.c
index 91bbc28b6b..a6fa5c8345 100644
--- a/imap/http_dav.c
+++ b/imap/http_dav.c
@@ -5494,7 +5494,7 @@ EXPORTED int meth_propfind(struct transaction_t *txn, void *params)
xmlDocPtr indoc = NULL, outdoc = NULL;
xmlNodePtr root, cur = NULL, props = NULL;
xmlNsPtr ns[NUM_NAMESPACE];
- struct hash_table ns_table = { 0, NULL, NULL };
+ struct hash_table ns_table = HASH_TABLE_INITIALIZER;
struct propfind_ctx fctx;
struct propfind_entry_list *elist = NULL;
@@ -7900,7 +7900,7 @@ int meth_report(struct transaction_t *txn, void *params)
xmlNodePtr inroot = NULL, outroot = NULL, cur, prop = NULL, props = NULL;
const struct report_type_t *report = NULL;
xmlNsPtr ns[NUM_NAMESPACE];
- struct hash_table ns_table = { 0, NULL, NULL };
+ struct hash_table ns_table = HASH_TABLE_INITIALIZER;
struct propfind_ctx fctx;
struct propfind_entry_list *elist = NULL;
diff --git a/lib/hash.c b/lib/hash.c
index 9703142c3b..84f2e80d28 100644
--- a/lib/hash.c
+++ b/lib/hash.c
@@ -43,10 +43,11 @@ EXPORTED hash_table *construct_hash_table(hash_table *table, size_t size, int us
assert(table);
assert(size);
- table->size = size;
+ table->size = size;
+ table->seed = rand(); /* might be zero, that's okay */
/* Allocate the table -- different for using memory pools and not */
- if(use_mpool) {
+ if (use_mpool) {
/* Allocate an initial memory pool for 32 byte keys + the hash table
* + the buckets themselves */
table->pool =
@@ -72,7 +73,7 @@ EXPORTED hash_table *construct_hash_table(hash_table *table, size_t size, int us
EXPORTED void *hash_insert(const char *key, void *data, hash_table *table)
{
- unsigned val = strhash(key) % table->size;
+ unsigned val = strhash_seeded(table->seed, key) % table->size;
bucket *ptr, *newptr;
bucket **prev;
@@ -153,9 +154,14 @@ EXPORTED void *hash_insert(const char *key, void *data, hash_table *table)
EXPORTED void *hash_lookup(const char *key, hash_table *table)
{
- unsigned val = strhash(key) % table->size;
+ unsigned val;
bucket *ptr;
+ if (!table->size)
+ return NULL;
+
+ val = strhash_seeded(table->seed, key) % table->size;
+
if (!(table->table)[val])
return NULL;
@@ -178,8 +184,7 @@ EXPORTED void *hash_lookup(const char *key, hash_table *table)
* since it will leak memory until you get rid of the entire hash table */
EXPORTED void *hash_del(const char *key, hash_table *table)
{
- unsigned val = strhash(key) % table->size;
- void *data;
+ unsigned val = strhash_seeded(table->seed, key) % table->size;
bucket *ptr, *last = NULL;
if (!(table->table)[val])
@@ -200,15 +205,10 @@ EXPORTED void *hash_del(const char *key, hash_table *table)
int cmpresult = strcmp(key, ptr->key);
if (!cmpresult)
{
+ void *data = ptr->data;
if (last != NULL )
{
- data = ptr -> data;
last -> next = ptr -> next;
- if(!table->pool) {
- free(ptr->key);
- free(ptr);
- }
- return data;
}
/*
@@ -221,15 +221,15 @@ EXPORTED void *hash_del(const char *key, hash_table *table)
else
{
- data = ptr->data;
(table->table)[val] = ptr->next;
- if(!table->pool) {
- free(ptr->key);
- free(ptr);
- }
- return data;
}
- } else if (cmpresult < 0) {
+ if(!table->pool) {
+ free(ptr->key);
+ free(ptr);
+ }
+ return data;
+ }
+ if (cmpresult < 0) {
/* its not here! */
return NULL;
}
diff --git a/lib/hash.h b/lib/hash.h
index 8051ac1760..cfa7da1ffa 100644
--- a/lib/hash.h
+++ b/lib/hash.h
@@ -3,10 +3,11 @@
#define HASH__H
#include <stddef.h> /* For size_t */
+#include <stdint.h>
#include "mpool.h"
#include "strarray.h"
-#define HASH_TABLE_INITIALIZER {0, NULL, NULL}
+#define HASH_TABLE_INITIALIZER {0, 0, NULL, NULL}
/*
** A hash table consists of an array of these buckets. Each bucket
@@ -32,6 +33,7 @@ typedef struct bucket {
typedef struct hash_table {
size_t size;
+ uint32_t seed;
bucket **table;
struct mpool *pool;
} hash_table;
diff --git a/lib/strhash.c b/lib/strhash.c
index d7c1741d2a..1b3251db73 100644
--- a/lib/strhash.c
+++ b/lib/strhash.c
@@ -42,17 +42,32 @@
#include "config.h"
-EXPORTED unsigned strhash(const char *string)
+#include "lib/strhash.h"
+
+/* The well-known djb2 algorithm (e.g. http://www.cse.yorku.ca/~oz/hash.html),
+ * with the addition of an optional seed to limit predictability.
+ *
+ * XXX return type 'unsigned' for back-compat to previous version, but
+ * XXX ought to be 'uint32_t'
+ */
+EXPORTED unsigned strhash_seeded_djb2(uint32_t seed, const char *string)
{
- unsigned ret_val = 0;
- int i;
+ const unsigned char *ustr = (const unsigned char *) string;
+ unsigned hash = 5381;
+ int c;
- while (*string)
- {
- i = (int) *string;
- ret_val ^= i;
- ret_val <<= 1;
- string ++;
- }
- return ret_val;
+ if (seed) {
+ /* treat the bytes of the seed as a prefix to the string */
+ unsigned i;
+ for (i = 0; i < sizeof seed; i++) {
+ c = seed & 0xff;
+ hash = ((hash << 5) + hash) ^ c;
+ seed >>= 8;
+ }
+ }
+
+ while ((c = *ustr++))
+ hash = ((hash << 5) + hash) ^ c;
+
+ return hash;
}
diff --git a/lib/strhash.h b/lib/strhash.h
index 34533fdffa..27339bb288 100644
--- a/lib/strhash.h
+++ b/lib/strhash.h
@@ -41,7 +41,11 @@
*/
#ifndef _STRHASH_H_
+#include <stdint.h>
-unsigned strhash(const char *string);
+unsigned strhash_seeded_djb2(uint32_t seed, const char *string);
+
+#define strhash(in) strhash_seeded_djb2((0), (in))
+#define strhash_seeded(sd, in) strhash_seeded_djb2((sd), (in))
#endif /* _STRHASH_H_ */

View File

@ -0,0 +1,30 @@
diff --git a/imap/httpd.c b/imap/httpd.c
index 5dcf38dc4..d2fdeb945 100644
--- a/imap/httpd.c
+++ b/imap/httpd.c
@@ -1729,6 +1729,25 @@ static int examine_request(struct transaction_t *txn)
txn->auth_chal.scheme = NULL;
}
+ /* Drop auth credentials, if not a backend in a Murder */
+ else if (!config_mupdate_server || !config_getstring(IMAPOPT_PROXYSERVERS)) {
+ syslog(LOG_DEBUG, "drop auth creds");
+
+ free(httpd_userid);
+ httpd_userid = NULL;
+
+ free(httpd_extrafolder);
+ httpd_extrafolder = NULL;
+
+ free(httpd_extradomain);
+ httpd_extradomain = NULL;
+
+ if (httpd_authstate) {
+ auth_freestate(httpd_authstate);
+ httpd_authstate = NULL;
+ }
+ }
+
/* Perform proxy authorization, if necessary */
else if (saslprops.authid &&
(hdr = spool_getheader(txn->req_hdrs, "Authorize-As")) &&

View File

@ -0,0 +1,13 @@
diff --git a/imap/lmtp_sieve.c b/imap/lmtp_sieve.c
index 4c3bbc3..d0abdd3 100644
--- a/imap/lmtp_sieve.c
+++ b/imap/lmtp_sieve.c
@@ -999,7 +999,7 @@ static int autosieve_createfolder(const char *userid, const struct auth_state *a
if (createsievefolder) {
/* Folder is already in internal namespace format */
r = mboxlist_createmailbox(internalname, 0, NULL,
- 1, userid, auth_state, 0, 0, 0, 1, NULL);
+ 0, userid, auth_state, 0, 0, 0, 1, NULL);
if (!r) {
mboxlist_changesub(internalname, userid, auth_state, 1, 1, 1);
syslog(LOG_DEBUG, "autosievefolder: User %s, folder %s creation succeeded",

View File

@ -0,0 +1,23 @@
From 725e1efbd923c6d15ba639e17bfd0baabc619daa Mon Sep 17 00:00:00 2001
From: Pavel Zhukov <pzhukov@redhat.com>
Date: Mon, 1 Oct 2018 15:55:35 +0200
Subject: [PATCH] Close file descriptior in case of error
Make static code analizers happy.
If stat() failed for some reason it may lead backup fd unclosed.
---
backup/lcb.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/backup/lcb.c b/backup/lcb.c
index 8c4a0e31a..9a04b08f2 100644
--- a/backup/lcb.c
+++ b/backup/lcb.c
@@ -182,6 +182,7 @@ HIDDEN int backup_real_open(struct backup **backupp,
if (r) {
syslog(LOG_ERR, "IOERROR: (f)stat %s: %m", backup->data_fname);
r = IMAP_IOERROR;
+ close(fd);
goto error;
}

View File

@ -0,0 +1,38 @@
From 5d00f649b4d2a599905d1b9290c91a769909741d Mon Sep 17 00:00:00 2001
From: Pavel Zhukov <pzhukov@redhat.com>
Date: Mon, 24 Sep 2018 17:24:48 +0200
Subject: [PATCH] Close backup on failure.
Static analizers report this as memory leak issue.
---
backup/ctl_backups.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/backup/ctl_backups.c b/backup/ctl_backups.c
index 3d817e743..e532eedb7 100644
--- a/backup/ctl_backups.c
+++ b/backup/ctl_backups.c
@@ -955,6 +955,7 @@ static int lock_run_pipe(const char *userid, const char *fname,
if (r) {
printf("NO failed (%s)\n", error_message(r));
+ r = backup_close(&backup);
return EC_SOFTWARE; // FIXME would something else be more appropriate?
}
@@ -993,6 +994,7 @@ static int lock_run_sqlite(const char *userid, const char *fname,
fprintf(stderr, "unable to lock %s: %s\n",
userid ? userid : fname,
error_message(r));
+ r = backup_close(&backup);
return EC_SOFTWARE;
}
@@ -1053,6 +1055,7 @@ static int lock_run_exec(const char *userid, const char *fname,
fprintf(stderr, "unable to lock %s: %s\n",
userid ? userid : fname,
error_message(r));
+ r = backup_close(&backup);
return EC_SOFTWARE;
}

View File

@ -0,0 +1,26 @@
diff --git a/imap/httpd.c b/imap/httpd.c
index dc53f8c..24b65e5 100644
--- a/imap/httpd.c
+++ b/imap/httpd.c
@@ -2202,7 +2202,7 @@ EXPORTED time_t calc_compile_time(const char *time, const char *date)
memset(&tm, 0, sizeof(struct tm));
tm.tm_isdst = -1;
sscanf(time, "%02d:%02d:%02d", &tm.tm_hour, &tm.tm_min, &tm.tm_sec);
- sscanf(date, "%s %2d %4d", month, &tm.tm_mday, &tm.tm_year);
+ sscanf(date, "%3s %2d %4d", month, &tm.tm_mday, &tm.tm_year);
tm.tm_year -= 1900;
for (tm.tm_mon = 0; tm.tm_mon < 12; tm.tm_mon++) {
if (!strcmp(month, monthname[tm.tm_mon])) break;
diff --git a/imap/ical_support.c b/imap/ical_support.c
index 1d7550a..e1bda50 100644
--- a/imap/ical_support.c
+++ b/imap/ical_support.c
@@ -458,7 +458,7 @@ const char *get_icalcomponent_errstr(icalcomponent *ical)
/* Check if this is an empty property error */
if (sscanf(errstr,
- "No value for %s property", propname) == 1) {
+ "No value for %255s property", propname) == 1) {
/* Empty LOCATION is OK */
if (!strcasecmp(propname, "LOCATION")) continue;
if (!strcasecmp(propname, "COMMENT")) continue;

12
cyrus-imapd-init.service Normal file
View File

@ -0,0 +1,12 @@
[Unit]
Description=One-time configuration for cyrus-imapd
ConditionPathExists=!/etc/pki/cyrus-imapd/cyrus-imapd.pem
ConditionPathExists=!/etc/pki/cyrus-imapd/cyrus-imapd-key.pem
ConditionPathExists=!/etc/pki/cyrus-imapd/cyrus-imapd-ca.pem
[Service]
Type=oneshot
Group=mail
RemainAfterExit=no
ExecStart=/usr/bin/sscg --package cyrus-imapd --cert-file /etc/pki/cyrus-imapd/cyrus-imapd.pem --cert-key-file /etc/pki/cyrus-imapd/cyrus-imapd-key.pem --ca-file /etc/pki/cyrus-imapd/cyrus-imapd-ca.pem --cert-key-mode=0640

View File

@ -0,0 +1,66 @@
diff --git a/Cassandane/Instance.pm b/cassandane/Cassandane/Instance.pm
index 1561143..c60396e 100644
--- a/Cassandane/Instance.pm
+++ b/Cassandane/Instance.pm
@@ -166,7 +166,7 @@ sub get_version
my $cyrus_master;
foreach my $d (qw( bin sbin libexec libexec/cyrus-imapd lib cyrus/bin ))
{
- my $try = "$cyrus_destdir$cyrus_prefix/$d/master";
+ my $try = "$cyrus_destdir$cyrus_prefix/$d/cyrus-master";
if (-x $try) {
$cyrus_master = $try;
last;
diff --git a/Cassandane/Instance.pm b/Cassandane/Instance.pm
index c60396e..7b2883a 100644
--- a/Cassandane/Instance.pm
+++ b/Cassandane/Instance.pm
@@ -546,7 +546,7 @@ sub _pid_file
{
my ($self, $name) = @_;
- $name ||= 'master';
+ $name ||= 'cyrus-master';
return $self->{basedir} . "/run/$name.pid";
}
@@ -569,7 +569,7 @@ sub _list_pid_files
closedir(RUNDIR);
@pidfiles = sort { $a cmp $b } @pidfiles;
- @pidfiles = ( 'master', grep { $_ ne 'master' } @pidfiles );
+ @pidfiles = ( 'cyrus-master', grep { $_ ne 'cyrus-master' } @pidfiles );
return @pidfiles;
}
@@ -877,7 +877,7 @@ sub _start_master
# Now start the master process.
my @cmd =
(
- 'master',
+ 'cyrus-master',
# The following is added automatically by _fork_command:
# '-C', $self->_imapd_conf(),
'-l', '255',
@@ -886,7 +886,7 @@ sub _start_master
'-M', $self->_master_conf(),
);
if (get_verbose) {
- my $logfile = $self->{basedir} . '/conf/master.log';
+ my $logfile = $self->{basedir} . '/conf/cyrus-master.log';
xlog "_start_master: logging to $logfile";
push(@cmd, '-L', $logfile);
}
diff --git a/Cassandane/Instance.pm b/Cassandane/Instance.pm
index 7b2883a..0c1e5fb 100644
--- a/Cassandane/Instance.pm
+++ b/Cassandane/Instance.pm
@@ -1301,7 +1301,7 @@ sub send_sighup
return if ($self->{_stopped});
xlog "sighup";
- my $pid = $self->_read_pid_file('master') or return;
+ my $pid = $self->_read_pid_file('cyrus-master') or return;
kill(SIGHUP, $pid) or die "Can't send signal SIGHUP to pid $pid: $!";
return 1;
}

View File

@ -0,0 +1,73 @@
From acfc393638ad1b81a4234173b060bb63907ee52c Mon Sep 17 00:00:00 2001
From: Pavel Zhukov <pzhukov@redhat.com>
Date: Mon, 1 Oct 2018 15:51:01 +0200
Subject: [PATCH] Replace simple return with cleanup flow
Make cleanup more consistence to prevent leaks of memory pointed by
filter/base/res
---
ptclient/ldap.c | 17 ++++++++++-------
1 file changed, 10 insertions(+), 7 deletions(-)
diff --git a/ptclient/ldap.c b/ptclient/ldap.c
index 0b82d2c6b..65bae7bd6 100644
--- a/ptclient/ldap.c
+++ b/ptclient/ldap.c
@@ -1388,13 +1388,14 @@ static int ptsmodule_make_authstate_group(
if (strncmp(canon_id, "group:", 6)) { // Sanity check
*reply = "not a group identifier";
- return PTSM_FAIL;
+ rc = PTSM_FAIL;
+ goto done;
}
rc = ptsmodule_connect();
if (rc != PTSM_OK) {
*reply = "ptsmodule_connect() failed";
- return rc;
+ goto done;;
}
rc = ptsmodule_expand_tokens(ptsm->group_filter, canon_id+6, NULL, &filter);
@@ -1425,17 +1426,19 @@ static int ptsmodule_make_authstate_group(
if (rc != LDAP_SUCCESS) {
syslog(LOG_DEBUG, "(groups) Result from domain query not OK");
- return rc;
+ goto done;
} else {
syslog(LOG_DEBUG, "(groups) Result from domain query OK");
}
if (ldap_count_entries(ptsm->ld, res) < 1) {
syslog(LOG_ERR, "(groups) No domain %s found", domain);
- return PTSM_FAIL;
+ rc = PTSM_FAIL;
+ goto done;
} else if (ldap_count_entries(ptsm->ld, res) > 1) {
syslog(LOG_ERR, "(groups) Multiple domains %s found", domain);
- return PTSM_FAIL;
+ rc = PTSM_FAIL;
+ goto done;
} else {
syslog(LOG_DEBUG, "(groups) Domain %s found", domain);
if ((entry = ldap_first_entry(ptsm->ld, res)) != NULL) {
@@ -1452,7 +1455,7 @@ static int ptsmodule_make_authstate_group(
}
if (rc != PTSM_OK) {
- return rc;
+ goto done;
} else {
base = xstrdup(ptsm->group_base);
syslog(LOG_DEBUG, "Continuing with ptsm->group_base: %s", ptsm->group_base);
@@ -1462,7 +1465,7 @@ static int ptsmodule_make_authstate_group(
} else {
rc = ptsmodule_expand_tokens(ptsm->group_base, canon_id, NULL, &base);
if (rc != PTSM_OK)
- return rc;
+ goto done;
}
syslog(LOG_DEBUG, "(groups) about to search %s for %s", base, filter);

View File

@ -0,0 +1,102 @@
diff --git a/ptclient/ldap.c b/ptclient/ldap.c
index 7e48879..dafa724 100644
--- a/ptclient/ldap.c
+++ b/ptclient/ldap.c
@@ -932,7 +932,7 @@ static int ptsmodule_get_dn(
{
rc = ptsmodule_expand_tokens(ptsm->filter, canon_id, NULL, &filter);
if (rc != PTSM_OK)
- return rc;
+ goto done;
if (ptsm->domain_base_dn && ptsm->domain_base_dn[0] != '\0' && (strrchr(canon_id, '@') != NULL)) {
syslog(LOG_DEBUG, "Attempting to get domain for %s from %s", canon_id, ptsm->domain_base_dn);
@@ -955,19 +955,23 @@ static int ptsmodule_get_dn(
ldap_unbind(ptsm->ld);
ptsm->ld = NULL;
syslog(LOG_ERR, "LDAP not available: %s", ldap_err2string(rc));
- return PTSM_RETRY;
+ rc = PTSM_RETRY;
+ goto done;
}
syslog(LOG_ERR, "LDAP search for domain failed: %s", ldap_err2string(rc));
- return PTSM_FAIL;
+ rc = PTSM_FAIL;
+ goto done;
}
if (ldap_count_entries(ptsm->ld, res) < 1) {
syslog(LOG_ERR, "No domain %s found", domain);
- return PTSM_FAIL;
+ rc = PTSM_FAIL;
+ goto done;
} else if (ldap_count_entries(ptsm->ld, res) > 1) {
syslog(LOG_ERR, "Multiple domains %s found", domain);
- return PTSM_FAIL;
+ rc = PTSM_FAIL;
+ goto done;
} else {
if ((entry = ldap_first_entry(ptsm->ld, res)) != NULL) {
if ((vals = ldap_get_values(ptsm->ld, entry, ptsm->domain_result_attribute)) != NULL) {
@@ -982,7 +986,7 @@ static int ptsmodule_get_dn(
}
if (rc != PTSM_OK) {
- return rc;
+ goto done;
} else {
base = xstrdup(ptsm->base);
syslog(LOG_DEBUG, "Continuing with ptsm->base: %s", ptsm->base);
@@ -993,23 +997,23 @@ static int ptsmodule_get_dn(
} else {
rc = ptsmodule_expand_tokens(ptsm->base, canon_id, NULL, &base);
if (rc != PTSM_OK)
- return rc;
+ goto done;
}
rc = ldap_search_st(ptsm->ld, base, ptsm->scope, filter, attrs, 0, &(ptsm->timeout), &res);
if (rc != LDAP_SUCCESS) {
syslog(LOG_DEBUG, "Searching %s with %s failed", base, base);
- free(filter);
- free(base);
if (rc == LDAP_SERVER_DOWN) {
ldap_unbind(ptsm->ld);
ptsm->ld = NULL;
- return PTSM_RETRY;
+ rc = PTSM_RETRY;
+ goto done;
}
- return PTSM_FAIL;
+ rc = PTSM_FAIL;
+ goto done;
}
free(filter);
@@ -1035,6 +1039,13 @@ static int ptsmodule_get_dn(
}
return (*ret ? PTSM_OK : PTSM_FAIL);
+
+ done:
+ if (filter)
+ free(filter);
+ if (base)
+ free(base);
+ return rc;
}
@@ -1344,7 +1355,7 @@ static int ptsmodule_make_authstate_group(
rc = ptsmodule_connect();
if (rc != PTSM_OK) {
*reply = "ptsmodule_connect() failed";
- goto done;;
+ goto done;
}
rc = ptsmodule_expand_tokens(ptsm->group_filter, canon_id+6, NULL, &filter);

View File

@ -0,0 +1,68 @@
diff --git a/lib/imapoptions b/lib/imapoptions
index 37f8371..898b943 100644
--- a/lib/imapoptions
+++ b/lib/imapoptions
@@ -2207,12 +2207,12 @@ product version in the capabilities
{ "tls_cert_file", NULL, STRING, "2.5.0", "tls_server_cert" }
/* Deprecated in favor of \fItls_server_cert\fR. */
-{ "tls_cipher_list", "DEFAULT", STRING, "2.5.0", "tls_ciphers" }
+{ "tls_cipher_list", "PROFILE=SYSTEM", STRING, "2.5.0", "tls_ciphers" }
/* Deprecated in favor of \fItls_ciphers\fR. */
-{ "tls_ciphers", "DEFAULT", STRING }
+{ "tls_ciphers", "PROFILE=SYSTEM", STRING }
/* The list of SSL/TLS ciphers to allow. The format of the string
- (and definition of "DEFAULT") is described in \fBciphers(1)\fR.
+ (and definition of "PROFILE=SYSTEM") is described in \fBciphers(1)\fR.
.PP
See also Mozilla's server-side TLS recommendations:
.PP
diff --git a/doc/html/_sources/imap/reference/manpages/configs/imapd.conf.txt b/doc/html/_sources/imap/reference/manpages/configs/imapd.conf.txt
index c45d94b..495a2c7 100644
--- a/doc/html/_sources/imap/reference/manpages/configs/imapd.conf.txt
+++ b/doc/html/_sources/imap/reference/manpages/configs/imapd.conf.txt
@@ -4298,7 +4298,7 @@ FIELD DESCRIPTIONS
.. startblob tls_cipher_list
- ``tls_cipher_list:`` DEFAULT
+ ``tls_cipher_list:`` PROFILE=SYSTEM
Deprecated in favor of *tls_ciphers*.
@@ -4307,10 +4307,10 @@ FIELD DESCRIPTIONS
.. startblob tls_ciphers
- ``tls_ciphers:`` DEFAULT
+ ``tls_ciphers:`` PROFILE=SYSTEM
The list of SSL/TLS ciphers to allow. The format of the string
- (and definition of "DEFAULT") is described in **ciphers(1)**.
+ (and definition of "PROFILE=SYSTEM") is described in **ciphers(1)**.
See also Mozilla's server-side TLS recommendations:
diff --git a/doc/text/imap/reference/manpages/configs/imapd.conf.txt b/doc/text/imap/reference/manpages/configs/imapd.conf.txt
index 1801cd7..7c77154 100644
--- a/doc/text/imap/reference/manpages/configs/imapd.conf.txt
+++ b/doc/text/imap/reference/manpages/configs/imapd.conf.txt
@@ -2675,14 +2675,14 @@ FIELD DESCRIPTIONS
Deprecated in favor of *tls_server_cert*.
- "tls_cipher_list:" DEFAULT
+ "tls_cipher_list:" PROFILE=SYSTEM
Deprecated in favor of *tls_ciphers*.
- "tls_ciphers:" DEFAULT
+ "tls_ciphers:" PROFILE=SYSTEM
The list of SSL/TLS ciphers to allow. The format of the string
- (and definition of "DEFAULT") is described in **ciphers(1)**.
+ (and definition of "PROFILE=SYSTEM") is described in **ciphers(1)**.
See also Mozilla's server-side TLS recommendations:

36
cyrus-imapd.cron-daily Normal file
View File

@ -0,0 +1,36 @@
#!/bin/sh
#
# This file is run on a daily basis to perform a backup of your
# mailbox list which can be used to recreate mailboxes.db from backup.
# Restore is done using ctl_mboxlist after uncompressing the file.
BACKDIR="/var/lib/imap/backup"
MBOXLIST="${BACKDIR}/mboxlist"
ROTATE=6
# fallback to su if runuser not available
if [ -x /sbin/runuser ]; then
RUNUSER=runuser
else
RUNUSER=su
fi
# source custom configuration
if [ -f /etc/sysconfig/cyrus-imapd ]; then
. /etc/sysconfig/cyrus-imapd
fi
[ -x /usr/sbin/ctl_mboxlist ] || exit 0
[ -f /var/lib/imap/db/skipstamp ] || exit 0
# rotate mailbox lists
seq $[ $ROTATE - 1 ] -1 1 | while read i; do
[ -f ${MBOXLIST}.${i}.gz ] && mv -f ${MBOXLIST}.${i}.gz ${MBOXLIST}.$[ $i + 1 ].gz
done
[ -f ${MBOXLIST}.gz ] && mv -f ${MBOXLIST}.gz ${MBOXLIST}.1.gz
# export mailboxes.db
$RUNUSER - cyrus -s /bin/sh -c "umask 077 < /dev/null ; /usr/sbin/ctl_mboxlist -d | gzip > ${MBOXLIST}.gz"
exit 0
# EOF

409
cyrus-imapd.cvt_cyrusdb_all Normal file
View File

@ -0,0 +1,409 @@
#!/bin/bash
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
# This script converts all db files of a cyrus installation from their
# existing format to the format required by the current installation.
# The format of current db files is determined using the 'file' command
# with a magic file added for skiplist db, the new format is read from
# a config file usually in /usr/share/cyrus-imapd/rpm/db.cfg, which is
# created while compiling. After converting, the db.cfg file is
# copied to a cache file usually at /var/lib/imap/rpm/db.cfg.cache to
# allow bypassing this converting script if both files are identical.
# While this is a bit less secure, it may be useful on big server where
# db converting is done automatically.
#
# This script can safely be run as root, it will reexec itself as user
# cyrus if needed.
#
# author: Simon Matter, Invoca Systems <simon.matter@invoca.ch>
# changelog
# v1.0.1, Oct 22 2002 Simon Matter <simon.matter@invoca.ch>
# - added two-step conversion method
#
# v1.0.2, Jan 10 2003 Simon Matter <simon.matter@invoca.ch>
# - fixed a bug where cvt_cyrusdb was called to convert empty or
# nonexistent files
#
# v1.0.3, Mar 14 2003 Simon Matter <simon.matter@invoca.ch>
# - fixed a problem with new versions of the file command
#
# v1.0.4
# - added GPL license
#
# v1.0.5, May 02 2003 Simon Matter <simon.matter@invoca.ch>
# - modified exec path
#
# v1.0.6, Jul 18 2003 Simon Matter <simon.matter@invoca.ch>
# - changed db3 to berkeley
# - added new db backends for 2.2
#
# v1.0.7, Jan 23 2004 Simon Matter <simon.matter@invoca.ch>
# - included some modifications from Luca Olivetti <luca@olivetti.cjb.net>
# - added masssievec functionality
#
# v1.0.8, Jan 28 2004 Simon Matter <simon.matter@invoca.ch>
# - convert sieve scripts to UTF-8 before calling masssievec
#
# v1.0.9, Jan 29 2004 Simon Matter <simon.matter@invoca.ch>
# - convert sieve scripts to UTF-8 only if sievec failed before
#
# v1.0.10, Feb 24 2004 Simon Matter <simon.matter@invoca.ch>
# - change su within init script to get input from
# /dev/null, this prevents hang when running in SELinux
#
# v1.0.11, Mar 02 2004 Simon Matter <simon.matter@invoca.ch>
# - fixed SELinux fix
#
# v1.0.12, Dec 16 2004 Simon Matter <simon.matter@invoca.ch>
# - use runuser instead of su if available
#
# v1.0.13, Jul 15 2005 Simon Matter <simon.matter@invoca.ch>
# - don't use flat in the two step conversion, use skiplist instead
#
# v1.0.14, Jul 18 2005 Simon Matter <simon.matter@invoca.ch>
# - replace the order of the magic files in the file call to make
# sure skiplist is detected correctly.
#
# v1.0.15, Aug 17 2005 Simon Matter <simon.matter@invoca.ch>
# - add functionality to export all berkeley db files to skiplist
#
# v1.1.0, Aug 18 2005 Simon Matter <simon.matter@invoca.ch>
# - fix export functionality, try to recover Berkeley databases
# as much as possible before any conversion.
#
# v1.1.1, Dec 05 2005 Simon Matter <simon.matter@invoca.ch>
# - run db_checkpoint in background with a timeout to prevent
# that cyrus-imapd doesn't start at all if it hangs.
#
# v1.1.2, Dec 06 2005 Simon Matter <simon.matter@invoca.ch>
# - make handling of db_checkpoint more robust
#
# v1.2.0, Jan 12 2006 Simon Matter <simon.matter@invoca.ch>
# - adopt for cyrus-imapd-2.3
#
# v1.2.1, Jan 13 2006 Simon Matter <simon.matter@invoca.ch>
# - code cleanup
#
# v1.2.2, Nov 29 2007 Simon Matter <simon.matter@invoca.ch>
# - add ability to handle "@include" options in imapd.conf, patch
# provided by Tim Bannister
#
# v1.2.3, Feb 07 2008 Simon Matter <simon.matter@invoca.ch>
# - add ability to handle tabs in imapd.conf, patch provided
# by Franz Knipp
# - disable default values for some config options like sievedir
#
# v1.2.4, Apr 23 2008 Simon Matter <simon.matter@invoca.ch>
# - add support for statuscache.db
#
# v1.3.0, Sep 29 2008 Simon Matter <simon.matter@invoca.ch>
# - add multi-instance support
#
# v1.3.1, Oct 09 2008 Simon Matter <simon.matter@invoca.ch>
# - improve variable handling
#
# v1.3.2, May 26 2009 Simon Matter <simon.matter@invoca.ch>
# - add some sanity checks to multi-instance support
#
# v1.3.3, May 27 2009 Simon Matter <simon.matter@invoca.ch>
# - make some cosmetic changes
#
# v1.3.4, Dec 22 2009 Simon Matter <simon.matter@invoca.ch>
# - add support for user_deny.db
VERSION=1.3.4
PIDFILE=/var/run/cyrus-master${INSTANCE}.pid
# instance config
CYRUSCONF=/etc/cyrus${INSTANCE}.conf
IMAPDCONF=/etc/imapd${INSTANCE}.conf
# make sure what we have is a valid instance
# and that config files are present
if [ -n "$INSTANCE" ]; then
[ -L /etc/rc.d/init.d/${BASENAME} ] || exit 0
fi
[ -f $CYRUSCONF ] || exit 0
[ -f $IMAPDCONF ] || exit 0
if [ -f $PIDFILE ]; then
read CYRUS_PID < $PIDFILE
if [ -n "$CYRUS_PID" ]; then
if ps -p $CYRUS_PID > /dev/null 2>&1; then
echo "ERROR: cyrus-master is running, unable to convert mailboxes!"
exit 1
fi
fi
fi
if [ ! -f $IMAPDCONF ]; then
echo "ERROR: configuration file '${IMAPDCONF}' not found, exiting!"
exit 1
fi
# fallback to su if runuser not available
if [ -x /sbin/runuser ]; then
RUNUSER=runuser
else
RUNUSER=su
fi
# force cyrus user for security reasons
if [ ! $(whoami) = "cyrus" ]; then
exec $RUNUSER - cyrus -c "cd $PWD < /dev/null ; INSTANCE=$INSTANCE $0 $*"
fi
# special function for migration
EXPORT=$1
# files get mode 0600
umask 166
# show version info in log files
echo "cvt_cyrusdb_all version: $VERSION"
# expand_config <path>
# handle "@include" sections from imapd style config file
expand_config() {
while read line; do
if printf "%s\n" "${line}" | grep -q '^@include:'; then
expand_config "$( printf "%s\n" "${line}" | cut -d : -f 2- | sed -e 's/^[\t ]*//' )"
else
printf "%s\n" "${line}"
fi
done < $1
}
# get_config <config> [<default>]
# extracts config option from config file
get_config() {
searchstr=$1
if config="$(expand_config $IMAPDCONF | egrep "^${searchstr}:")"; then
CFGVAL="$(printf "%s\n" "$config" | cut -d : -f 2- | sed -e 's/^[\t ]*//')"
else
if [ -z "$2" ]; then
echo "ERROR: config option '$1' not found in ${IMAPDCONF}, exiting!" 1>&2
return 1
fi
CFGVAL="$2"
fi
echo "get_config ${1}: $CFGVAL" 1>&2
echo "$CFGVAL"
}
# where to find files and directories
data_dir=/usr/share/cyrus-imapd/rpm
lib_dir=/usr/lib/cyrus-imapd
system_magic=$(file --version | awk '/magic file/ {print $4}')
cyrus_magic=${data_dir}/magic
cvt_cyrusdb=${lib_dir}/cvt_cyrusdb
sievec=${lib_dir}/sievec
masssievec=${lib_dir}/masssievec
imap_prefix=$(get_config configdirectory) || exit 1
sieve_dir=$(get_config sievedir) || exit 1
db_cfg=${data_dir}/db.cfg
db_current=${imap_prefix}/rpm/db.cfg.current
db_cache=${imap_prefix}/rpm/db.cfg.cache
# source default db backend config
. $db_cfg
# get configured db backend config
duplicate_db=$(get_config duplicate_db $duplicate_db) || exit 1
mboxlist_db=$(get_config mboxlist_db $mboxlist_db) || exit 1
seenstate_db=$(get_config seenstate_db $seenstate_db) || exit 1
subscription_db=$(get_config subscription_db $subscription_db) || exit 1
tlscache_db=$(get_config tlscache_db $tlscache_db) || exit 1
annotation_db=$(get_config annotation_db $annotation_db) || exit 1
mboxkey_db=$(get_config mboxkey_db $mboxkey_db) || exit 1
ptscache_db=$(get_config ptscache_db $ptscache_db) || exit 1
quota_db=$(get_config quota_db $quota_db) || exit 1
statuscache_db=$(get_config statuscache_db $statuscache_db) || exit 1
userdeny_db=$(get_config userdeny_db $userdeny_db) || exit 1
# remember current db backend config
{
echo "duplicate_db=${duplicate_db}"
echo "mboxlist_db=${mboxlist_db}"
echo "seenstate_db=${seenstate_db}"
echo "subscription_db=${subscription_db}"
echo "tlscache_db=${tlscache_db}"
echo "annotation_db=${annotation_db}"
echo "mboxkey_db=${mboxkey_db}"
echo "ptscache_db=${ptscache_db}"
echo "quota_db=${quota_db}"
echo "statuscache_db=${statuscache_db}"
echo "userdeny_db=${userdeny_db}"
echo "sieve_version=${sieve_version}"
} | sort > $db_current
# file_type <file>
file_type() {
this_type=$(file -b -m "${cyrus_magic}:${system_magic}" "$1" 2> /dev/null)
if echo "$this_type" | grep -qi skip > /dev/null 2>&1; then
echo skiplist
elif echo "$this_type" | grep -qi text > /dev/null 2>&1; then
echo flat
else
echo berkeley
fi
}
# cvt_file <file> <db>
cvt_file() {
target="$1"
new_db="$2"
if [ -s "$target" ]; then
old_db=$(file_type "$target")
if [ ! "$old_db" = "$new_db" ]; then
# The two-step conversion is paranoia against the filenames being encoded
# inside the database or logfiles (berkeley does this, for example).
rm -f "${target}.skiplist"
if [ "$old_db" = "skiplist" ]; then
cp -a "$target" "${target}.skiplist"
else
$cvt_cyrusdb -C $IMAPDCONF "$target" "$old_db" "${target}.skiplist" skiplist
fi
RETVAL=$?
ERRVAL=$(( $ERRVAL + $RETVAL ))
if [ $RETVAL -eq 0 ]; then
rm -f "$target"
if [ -s "${target}.skiplist" ]; then
if [ "$new_db" = "skiplist" ]; then
cp -a "${target}.skiplist" "$target"
else
$cvt_cyrusdb -C $IMAPDCONF "${target}.skiplist" skiplist "$target" "$new_db"
fi
fi
RETVAL=$?
ERRVAL=$(( $ERRVAL + $RETVAL ))
if [ $RETVAL -eq 0 ]; then
rm -f "${target}.skiplist"
else
echo "ERROR: unable to convert ${target}.skiplist from skiplist to $new_db"
fi
else
echo "ERROR: unable to convert $target from $old_db to skiplist"
fi
fi
fi
}
# cvt_to_utf8 <file>
cvt_to_utf8() {
target="$1"
if [ -s "$target" ]; then
if ! $sievec -C $IMAPDCONF "$target" "${target}.sievec"; then
iconv --from-code=ISO-8859-1 --to-code=UTF-8 --output="${target}.UTF-8" "$target"
if [ -s "${target}.UTF-8" ]; then
# preserve timestamp
touch --reference="${target}" "${target}.UTF-8"
mv -f "${target}.UTF-8" "$target"
else
ERRVAL=$(( $ERRVAL + 1 ))
fi
fi
rm -f "${target}.sievec"
fi
}
ERRVAL=0
# make sure our Berkeley databases are in a sane state
# wait for db_checkpoint to end successfully or kill it after a timeout
db_checkpoint -v -1 -h ${imap_prefix}/db &
DB_CHECK_PID=$!
CNT=0
while [ $CNT -lt 60 ]; do
if ! kill -0 $DB_CHECK_PID > /dev/null 2>&1; then
break
fi
sleep 1
let CNT+=1
done
if kill -0 $DB_CHECK_PID > /dev/null 2>&1; then
kill -USR1 $DB_CHECK_PID > /dev/null 2>&1
sleep 1
kill -KILL $DB_CHECK_PID > /dev/null 2>&1
wait $DB_CHECK_PID > /dev/null 2>&1
fi
# do a normal recovery
db_recover -v -h ${imap_prefix}/db
RETVAL=$?
if [ $RETVAL -ne 0 ]; then
# try a catastrophic recovery instead of normal recovery
db_recover -v -c -h ${imap_prefix}/db
RETVAL=$?
ERRVAL=$(( $ERRVAL + $RETVAL ))
if [ $RETVAL -ne 0 ]; then
echo "ERROR: catastrophic recovery of Berkeley databases failed"
fi
fi
if [ "$EXPORT" = "export" ]; then
# convert all db files to portable format for migration
# TODO: quota_db, we don't touch it for now
cvt_file ${imap_prefix}/deliver.db "skiplist"
cvt_file ${imap_prefix}/mailboxes.db "skiplist"
cvt_file ${imap_prefix}/tls_sessions.db "skiplist"
cvt_file ${imap_prefix}/annotations.db "skiplist"
cvt_file ${imap_prefix}/ptclient/ptscache.db "skiplist"
cvt_file ${imap_prefix}/statuscache.db "skiplist"
cvt_file ${imap_prefix}/user_deny.db "flat"
rm -vf ${imap_prefix}/db/log.*
rm -vf ${imap_prefix}/db/__db.*
else
# always convert db files which have been converted to skiplist
# TODO: quota_db, we don't touch it for now
cvt_file ${imap_prefix}/deliver.db "$duplicate_db"
cvt_file ${imap_prefix}/mailboxes.db "$mboxlist_db"
cvt_file ${imap_prefix}/tls_sessions.db "$tlscache_db"
cvt_file ${imap_prefix}/annotations.db "$annotation_db"
cvt_file ${imap_prefix}/ptclient/ptscache.db "$ptscache_db"
cvt_file ${imap_prefix}/statuscache.db "$statuscache_db"
cvt_file ${imap_prefix}/user_deny.db "$userdeny_db"
# do we have to convert all databases?
if ! cmp -s $db_current $db_cache; then
# we treat sieve scripts the same way like db files
find ${sieve_dir}/ -name "*.script" -type f | while read db_file trash; do
cvt_to_utf8 "$db_file"
done
$masssievec $sievec $IMAPDCONF
# convert all db files left
find ${imap_prefix}/user/ -name "*.seen" -type f | while read db_file trash; do
cvt_file "$db_file" "$seenstate_db"
done
find ${imap_prefix}/user/ -name "*.sub" -type f | while read db_file trash; do
cvt_file "$db_file" "$subscription_db"
done
find ${imap_prefix}/user/ -name "*.mboxkey" -type f | while read db_file trash; do
cvt_file "$db_file" "$mboxkey_db"
done
fi
fi
# update the config cache file so we can check whether something has changed
if [ $ERRVAL -eq 0 ]; then
mv -f $db_current $db_cache
else
rm -f $db_cache
rm -f $db_current
fi
exit $ERRVAL

7
cyrus-imapd.logrotate Normal file
View File

@ -0,0 +1,7 @@
/var/log/imapd.log /var/log/auth.log {
missingok
sharedscripts
postrotate
/bin/kill -HUP `cat /var/run/rsyslogd.pid 2> /dev/null` 2> /dev/null || true
endscript
}

9
cyrus-imapd.magic Normal file
View File

@ -0,0 +1,9 @@
# Magic
# Magic data for file(1) command.
# Format is described in magic(files), where:
# files is 5 on V7 and BSD, 4 on SV, and ?? in the SVID.
#------------------------------------------------------------------------------
# skiplist: file(1) magic Cyrus skiplist DB
#
0 string \241\002\213\015skiplist\ file\0\0\0 Cyrus skiplist DB

5
cyrus-imapd.pam-config Normal file
View File

@ -0,0 +1,5 @@
#%PAM-1.0
auth required pam_nologin.so
auth include password-auth
account include password-auth
session include password-auth

21
cyrus-imapd.service Normal file
View File

@ -0,0 +1,21 @@
[Unit]
Description=Cyrus-imapd IMAP/POP3 email server
After=local-fs.target network.target
Requires=cyrus-imapd-init.service
After=cyrus-imapd-init.service
[Service]
Type=simple
EnvironmentFile=/etc/sysconfig/cyrus-imapd
ExecStart=/usr/libexec/cyrus-imapd/cyrus-master $CYRUSOPTIONS
PrivateTmp=true
# Cyrus may spawn many processes in normal operation. These figures are higher
# than the defaults, but may still need to be tuned for your local
# configuration.
TasksMax=2048
LimitNOFILE=16384
[Install]
WantedBy=multi-user.target

950
cyrus-imapd.spec Normal file
View File

@ -0,0 +1,950 @@
%define scmt(l:) %(c=%1; echo ${c:0:%{-l:%{-l*}}%{!-l:7}})
# Cassandane commit hash. Cassandane doesn't have releases often, but it
# receives constant development. This was fetched on 20180518.
%global cocas 00bfe0109f80437ed09154aca9fbd53eef8f1b09
# Cassandane run by default. '--without cassandane' disables.
%bcond_without cassandane
Name: cyrus-imapd
Version: 3.0.7
Release: 23%{?dist}
%define ssl_pem_file_prefix /etc/pki/%name/%name
# UID/GID 76 have long been reserved for Cyrus
%define uid 76
%define gid 76
%define cyrususer cyrus
%define cyrusgroup mail
%define cyrexecdir %_libexecdir/%name
Summary: A high-performance email, contacts and calendar server
License: BSD
URL: http://www.cyrusimap.org/
Source0: http://www.cyrusimap.org/releases/%name-%version.tar.gz
Source1: CHANGES.rpm
# Adapt a timeout to handle our slower builders
Patch0: patch-cyrus-testsuite-timeout
# Upstream https://github.com/cyrusimap/cyrus-imapd/issues/2026
Patch1: patch-cyrus-managesieve-linking
# Fedora-specific patch for the default configuration file
Patch2: patch-cyrus-default-configs
# vzic uses an old makefile that needs hacks to use the proper flags
Patch3: patch-vzic-proper-cflags
Patch4: cyrus-imapd-close_backup_on_failure.patch
Patch5: cyrus-imapd-memory_leak_on_cleanup.patch
Patch6: cyrus-imapd-memory_leak_on_cleanup_2.patch
Patch7: cyrus-imapd-close_backup_fd_on_error.patch
Patch8: cyrus-imapd-cve_2019_11356.patch
Patch9: cyrus-imapd-CVE-2019-19783.patch
Patch10: cyrus-imapd-CVE-2019-18928.patch
Patch11: cyrus-imapd-use_system_ciphers.patch
Patch12: cyrus-imapd-3.0-CVE-2021-33582.patch
Source10: cyrus-imapd.logrotate
Source11: cyrus-imapd.pam-config
Source12: cyrus-imapd.sysconfig
Source13: cyrus-imapd.cvt_cyrusdb_all
Source14: cyrus-imapd.magic
# XXX A systemd timer would probably be better
Source15: cyrus-imapd.cron-daily
Source16: README.rpm
Source17: cyrus-imapd.service
Source18: cyrus-imapd-init.service
Source19: cyrus-imapd.tmpfiles.conf
# Source files for running the Cassandane test suite at build time.
Source80: https://github.com/cyrusimap/cassandane/archive/%cocas.tar.gz#/cassandane-%{scmt %cocas}.tar.gz
# The CPAN version, and hence the Fedora-packaged version, of Net::CalDAVTalk
# doesn't include the testdata directory. Cassandane can use it for testing
# calendaring, so it's included here.
# This archive was generated by running:
# svn export https://github.com/brong/Net-CalDAVTalk/trunk/testdata
# tar cfz cassandane-testdata-20170523.tar.gz testdata
# Note that this changes very rarely. See
# https://github.com/brong/Net-CalDAVTalk/tree/master/testdata
Source81: cassandane-testdata-20170523.tar.gz
# A template config file for cassandane; we will substitute in varions values.
Source82: cassandane.ini
# These are source files and not patches because you can't use autosetup to
# apply patches to secondary unpacked source files.
# Prevent cassandane from trying to syslog things
Source91: patch-cassandane-no-syslog
# Tell the annotator script to run as the current user/group
# Upstream ticket https://github.com/cyrusimap/cyrus-imapd/issues/1995
Source92: patch-cassandane-fix-annotator
Source93: cyrus-imapd-master_rename.patch
BuildRequires: autoconf automake bison flex gcc gcc-c++ git groff libtool
BuildRequires: pkgconfig systemd transfig
BuildRequires: perl-devel perl-generators perl(ExtUtils::MakeMaker)
BuildRequires: perl(Pod::Html)
BuildRequires: CUnit-devel cyrus-sasl-devel glib2-devel
BuildRequires: jansson-devel krb5-devel libical-devel libicu-devel
BuildRequires: libnghttp2-devel libxml2-devel mariadb-devel net-snmp-devel
BuildRequires: openldap-devel openssl-devel postgresql-devel
BuildRequires: sqlite-devel
BuildRequires: xapian-core-devel
# Miscellaneous modules needed for 'make check' to function:
BuildRequires: cyrus-sasl-plain cyrus-sasl-md5
%if %{with cassandane}
# Additional packages required for cassandane to function
BuildRequires: imaptest net-tools words
BuildRequires: perl(AnyEvent) perl(BSD::Resource) perl(Clone)
BuildRequires: perl(experimental) perl(File::chdir) perl(File::Slurp)
BuildRequires: perl(IO::Socket::INET6) perl(Mail::IMAPTalk)
BuildRequires: perl(Config::IniFiles) perl(Mail::JMAPTalk) perl(Math::Int64)
BuildRequires: perl(Net::CalDAVTalk) perl(Net::CardDAVTalk)
BuildRequires: perl(Net::Server) perl(News::NNTPClient) perl(Path::Tiny)
BuildRequires: perl(String::CRC32) perl(Sys::Syslog)
BuildRequires: perl(Test::Unit::TestRunner) perl(Time::HiRes)
BuildRequires: perl(Unix::Syslog) perl(XML::DOM) perl(XML::Generator)
# For tls tests
BuildRequires: sscg
# These were only for JMAP-Tester
# perl(Moo), perl(Moose), perl(MooseX::Role::Parameterized) perl(Throwable), perl(Safe::Isa)
%endif
Requires(pre): shadow-utils
Requires(post): /sbin/ldconfig
Requires(postun): /sbin/ldconfig
%{?systemd_requires}
Requires: %name-utils = %version-%release
Recommends: %name-vzic = %version-%release
Requires: file libdb-utils sscg
Requires: perl(:MODULE_COMPAT_%(eval "`%{__perl} -V:version`"; echo $version))
Requires: cyrus-imapd = %{version}-%{release}
%{?perl_default_filter}
%description
The Cyrus IMAP (Internet Message Access Protocol) server provides access to
personal mail, system-wide bulletin boards, news-feeds, calendar and contacts
through the IMAP, JMAP, NNTP, CalDAV and CardDAV protocols. The Cyrus IMAP
server is a scalable enterprise groupware system designed for use from small to
large enterprise environments using technologies based on well-established Open
Standards.
A full Cyrus IMAP implementation allows a seamless mail and bulletin board
environment to be set up across one or more nodes. It differs from other IMAP
server implementations in that it is run on sealed nodes, where users are not
normally permitted to log in. The mailbox database is stored in parts of the
filesystem that are private to the Cyrus IMAP system. All user access to mail
is through software using the IMAP, IMAPS, JMAP, POP3, POP3S, KPOP, CalDAV
and/or CardDAV protocols.
The private mailbox database design gives the Cyrus IMAP server large
advantages in efficiency, scalability, and administratability. Multiple
concurrent read/write connections to the same mailbox are permitted. The server
supports access control lists on mailboxes and storage quotas on mailbox
hierarchies.
%package devel
Summary: Cyrus IMAP server development files
Requires: %name%{?_isa} = %version-%release
Requires: pkgconfig
%description devel
The %name-devel package contains header files and libraries
necessary for developing applications which use the imclient library.
%package doc-extra
Summary: Extra documentation for the Cyrus IMAP server
BuildArch: noarch
%description doc-extra
This package contains the HTML documentation for the Cyrus IMAP server, as well
as some legacy and internal documentation not useful for normal operation of
the server.
%package utils
Summary: Cyrus IMAP server administration utilities
%description utils
The cyrus-imapd-utils package contains administrative tools for the
Cyrus IMAP server. It can be installed on systems other than the
one running the server.
%package vzic
Summary: Utilities to convert timezone database files
License: GPLv2+
Requires: %name = %version-%release
# Contains a lightly forked version of vzic. This seems to have been bundled
# into various other things and it's old, so I'm not sure where the upstream
# is. Here are a couple of possible upstreams:
# https://github.com/libical/vzic
# https://sourceforge.net/projects/vzic/
# It is probably a good idea to split it out and package it separately, but the
# code here definitely differs from that at the second link above.
Provides: bundled(vzic) = 1.3
%description vzic
vzic is a program to convert the Olson timezone database files into VTIMEZONE
files compatible with the iCalendar specification (RFC2445).
This package contains a forked version of vzic for internal use by the Cyrus
IMAP server.
# Build dir is either $PWD, $(pwd) or %
%prep
%autosetup -p1 -S git
echo %version > VERSION
# Install the Fedora-specific documentation file
install -m 644 %SOURCE1 doc/
install -m 644 %SOURCE16 doc/
# Unpack and prepare cassandane
tar xf %SOURCE80
ln -s cassandane-%cocas cassandane
pushd cassandane
mkdir work
tar xf %SOURCE81
patch -p1 < %SOURCE91
patch -p1 < %SOURCE92
patch -p1 < %SOURCE93
cp %SOURCE82 cassandane.ini
# RF rpm-buildroot-usage
sed -i \
-e "s!CASSDIR!$(pwd)!" \
-e "s!BUILDROOT!%buildroot!" \
cassandane.ini
popd
# Drop expired certificates and generate new ones
pushd cunit
rm -rf *pem
%{_bindir}/sscg --package %{name} --cert-file cert.pem --cert-key-file key.pem --ca-file cacert.pem
popd
## Modify docs master --> cyrus-master
#%{__perl} -pi -e "s@master\(8\)@cyrus-master(8)@" man/*5 man/*8 lib/imapoptions
#sed -i -e 's|\([^-]\)master|\1cyrus-master|g;s|^master|cyrus-master|g;s|Master|Cyrus-master|g;s|MASTER|CYRUS-MASTER|g' \
# man/master.8 doc/man.html
%build
# This is the test suite, which doesn't build much but does verify its dependencies.
# If this is done after the configure call, the one thing it does build fails
# because the configure macro puts some hardening flags into the environment.
%if %{with cassandane}
pushd cassandane
make
popd
%endif
# Notes about configure options:
# --enable-objectstore
# It's experimental, and it doesn't appear that either openio or caringo are
# in Fedora.
# --with-cyrus-prefix and --with-service-path went away; use --with-libexecdir=
# instead.
# Needed because of Patch4.
autoreconf -vi
%configure \
--disable-silent-rules \
\
--libexecdir=%cyrexecdir \
--with-extraident="%release Fedora" \
--with-krbimpl=mit \
--with-ldap=/usr \
--with-libwrap=no \
--with-mysql \
--with-pgsql \
--with-perl=%__perl \
--with-snmp \
--with-syslogfacility=MAIL \
\
--enable-autocreate \
--enable-backup \
--enable-calalarmd \
--enable-http \
--enable-idled \
--enable-jmap \
--enable-murder \
--enable-nntp \
--enable-replication \
--enable-unit-tests \
--enable-xapian \
%if 0%{?fedora} && 0%{?fedora} >= 0
--with-clamav \
%endif
#
# The configure script will set up the Perl makefiles, but not in the way
# Fedora needs them. So regenerate them manually.
for i in perl/annotator perl/imap perl/sieve/managesieve; do
pushd $i
rm -f Makefile
perl Makefile.PL INSTALLDIRS=vendor # NO_PERLOCAL=1 NO_PACKLIST=1
popd
done
%make_build
# This isn't built by default, but this package has always installed it.
make notifyd/notifytest
# Also not built by default, but the tools are needed for serving timezone info
make -C tools/vzic
# Modify docs master --> cyrus-master
%{__perl} -pi -e "s@master\(8\)@cyrus-master(8)@" man/*5 man/*8 lib/imapoptions
sed -i -e 's|\([^-]\)master|\1cyrus-master|g;s|^master|cyrus-master|g;s|Master|Cyrus-master|g;s|MASTER|CYRUS-MASTER|g' \
man/master.8 doc/legacy/man.html
%install
make install DESTDIR=%buildroot
# Create directories
install -d \
%buildroot/etc/{rc.d/init.d,logrotate.d,pam.d,sysconfig,cron.daily} \
%buildroot/%_libdir/sasl \
%buildroot/var/spool/imap \
%buildroot/var/lib/imap/{user,quota,proc,log,msg,socket,db,sieve,sync,md5,rpm,backup,meta} \
%buildroot/var/lib/imap/ptclient \
%buildroot/%_datadir/%name/rpm \
%buildroot/%cyrexecdir \
%buildroot/etc/pki/%name
install -d -m 0750 \
%buildroot/run/cyrus \
%buildroot/run/cyrus/socket
install -d -m 0700 \
%buildroot/run/cyrus/db \
%buildroot/run/cyrus/lock \
%buildroot/run/cyrus/proc
# Some tools which aren't installed by the makefile which we have always installed
install -m 755 notifyd/notifytest %buildroot%_bindir/
install -m 755 perl/imap/cyradm %buildroot%_bindir/
for i in arbitronsort.pl masssievec mkimap mknewsgroups rehash translatesieve; do
install -m 755 tools/$i %buildroot/%cyrexecdir/
done
for i in vzic vzic-test.pl vzic-merge.pl vzic-dump.pl; do
install -m 755 tools/vzic/$i %buildroot/%cyrexecdir/
done
# Install additional files
install -p -m 644 %SOURCE10 %buildroot/etc/logrotate.d/%name
install -p -m 644 %SOURCE11 %buildroot/etc/pam.d/pop
install -p -m 644 %SOURCE11 %buildroot/etc/pam.d/imap
install -p -m 644 %SOURCE11 %buildroot/etc/pam.d/sieve
install -p -m 644 %SOURCE11 %buildroot/etc/pam.d/mupdate
install -p -m 644 %SOURCE11 %buildroot/etc/pam.d/lmtp
install -p -m 644 %SOURCE11 %buildroot/etc/pam.d/nntp
install -p -m 644 %SOURCE11 %buildroot/etc/pam.d/csync
install -p -m 644 %SOURCE12 %buildroot/etc/sysconfig/%name
install -p -m 755 %SOURCE13 %buildroot/%cyrexecdir/cvt_cyrusdb_all
install -p -m 644 %SOURCE14 %buildroot/%_datadir/%name/rpm/magic
install -p -m 755 %SOURCE15 %buildroot/etc/cron.daily/%name
install -p -m 644 doc/examples/cyrus_conf/prefork.conf %buildroot/etc/cyrus.conf
install -p -m 644 doc/examples/imapd_conf/normal.conf %buildroot/etc/imapd.conf
install -p -D -m 644 %SOURCE17 %buildroot/%_unitdir/cyrus-imapd.service
install -p -D -m 644 %SOURCE18 %buildroot/%_unitdir/cyrus-imapd-init.service
install -p -D -m 644 %SOURCE19 %buildroot/%_tmpfilesdir/cyrus-imapd.conf
# Rename 'master' binary and manpage to avoid clash with postfix
mv -f %{buildroot}%{cyrexecdir}/master %{buildroot}%{cyrexecdir}/cyrus-master
# mv -f %{buildroot}%{_mandir}/man8/master.8 %{buildroot}%{_mandir}/man8/cyrus-master.8
# Rename 'fetchnews' binary and manpage to avoid clash with leafnode
#mv -f %{buildroot}%{cyrexecdir}/fetchnews %{buildroot}%{cyrexecdir}/cyrfetchnews
#mv -f %{buildroot}%{_mandir}/man8/fetchnews.8 %{buildroot}%{_mandir}/man8/cyrfetchnews.8
#%{__perl} -pi -e 's|fetchnews|cyrfetchnews|g;s|Fetchnews|Cyrfetchnews|g;s/FETCHNEWS/CYRFETCHNEWS/g' \
# %{buildroot}%{_mandir}/man8/cyrfetchnews.8
#remove executable bit from docs
for ddir in doc perl/imap/examples
do
find $ddir -type f -exec chmod -x {} \;
done
# Cleanup of doc dir
find doc perl -name CVS -type d -prune -exec rm -rf {} \;
find doc perl -name .cvsignore -type f -exec rm -f {} \;
rm -f doc/Makefile.dist*
rm -f doc/text/htmlstrip.c
rm -f doc/text/Makefile
rm -rf doc/man
# fix permissions on perl .so files
find %buildroot/%_libdir/perl5/ -type f -name "*.so" -exec chmod 755 {} \;
# Generate db config file
# XXX Is this still necessary?
( grep '^{' lib/imapoptions | grep _db | cut -d'"' -f 2,4 | \
sed -e 's/^ *//' -e 's/-nosync//' -e 's/ *$//' -e 's/"/=/'
echo sieve_version=2.2.3 ) | sort > %buildroot/%_datadir/%name/rpm/db.cfg
# Cyrus has various files with extremely conflicting names. Some of these are
# not unexpected ("imapd" itself) but some like "httpd" are rather surprising.
# Where there are only conflicting manpages, they have been moved to a "8cyrus"
# section. If the binary was renamed, then the manpages are renamed to match
# but a internal replacement has not been done. This may lead to more
# confusion but involves modifying fewer upstream files.
# Actual binary conflicts
# Rename 'fetchnews' binary and manpage to avoid clash with leafnode
mv %buildroot/%_sbindir/fetchnews %buildroot/%_sbindir/cyr_fetchnews
mv %buildroot/%_mandir/man8/fetchnews.8 %buildroot/%_mandir/man8/cyr_fetchnews.8
# Fix conflict with dump
mv %buildroot/%_sbindir/restore %buildroot/%_sbindir/cyr_restore
mv %buildroot/%_mandir/man8/restore.8 %buildroot/%_mandir/man8/cyr_restore.8
# Fix conceptual conflict with quota
mv %buildroot/%_sbindir/quota %buildroot/%_sbindir/cyr_quota
mv %buildroot/%_mandir/man8/quota.8 %buildroot/%_mandir/man8/cyr_quota.8
# fix conflicts with uw-imap
mv %buildroot/%_mandir/man8/imapd.8 %buildroot/%_mandir/man8/imapd.8cyrus
mv %buildroot/%_mandir/man8/pop3d.8 %buildroot/%_mandir/man8/pop3d.8cyrus
# Rename 'master' manpage
mv %buildroot/%_mandir/man8/master.8 %buildroot/%_mandir/man8/master.8cyrus
# Rename 'httpd' manpage to avoid clash with Apache
mv %buildroot/%_mandir/man8/httpd.8 %buildroot/%_mandir/man8/httpd.8cyrus
# Old cyrus packages used to keep some executables in /usr/lib/cyrus-imapd
# RF hardcoded-library-path in %%buildroot/usr/lib/cyrus-imapd
mkdir %buildroot/usr/lib/cyrus-imapd
pushd %buildroot/usr/lib/cyrus-imapd
ln -s ../../sbin/deliver
popd
#remove executable bit from docs
for ddir in doc perl/imap/examples
do
find $ddir -type f -exec chmod -x {} \;
done
# Remove pointless libtool archives
rm %buildroot/%_libdir/*.la
# Remove installed but not packaged files
rm %buildroot/%cyrexecdir/pop3proxyd
find %buildroot -name "perllocal.pod" -exec rm {} \;
find %buildroot -name ".packlist" -exec rm {} \;
%check
## First of all check if imaptest is functional at all
imaptest -h 2>&1 > /dev/null || (echo "Imaptest is not functional" && exit 1)
make %{?_smp_mflags} check || exit 1
%ifarch ppc64le %ix86
exit 0
%endif
%if %{without cassandane}
exit 0
%endif
# Run the Cassandane test suite. This will exhaustively test the various
# server components, but running it in a mock chroot is rather an exercise.
pushd cassandane
mkdir -p imaptest/src
ln -s /usr/bin/imaptest imaptest/src
ln -s /usr/share/imaptest/tests imaptest/src
export LD_LIBRARY_PATH=%buildroot/%_libdir
export CYRUS_USER=$USER
# Construct the set of excluded tests to pass to Cassandane
# ---------------------------------------------------------
exclude+=("!Master.maxforkrate") # Some builders are too slow to complete this test properly
tests=(
# This is more a test of system performance and according to upstream won't
# be reliable on shared hardware like our builders.
Metronome
# This tests coredumping and won't work on a machine where systemd
# intercepts coredumps, which includes our builders.
Cassandane::Test::Core
# Upstream recommends disabling this because it has an internal race and
# will fail randomly. https://github.com/cyrusimap/cassandane/issues/17
Master.sighup_recycling
# Fails because our Xapian is too old for proper CJK support. 1.5 will be
# OK, but it is not yet released. The alternative is to bundle.
SearchFuzzy.cjk_words
# These additionaly fail because Cyrus 3.0.7 no longer enables
# SNIPPET_EMPTY_WITHOUT_MATCH when the Cyrus-patched Xapian is not in use.
# https://github.com/cyrusimap/cyrus-imapd/commit/f008060cb53b3286fcedf7b8b4dd12c1980d665f
SearchFuzzy.normalize_snippets
SearchFuzzy.snippet_wildcard
SearchFuzzy.snippets_termcover
SearchFuzzy.snippets_escapehtml
SearchFuzzy.stem_verbs
# As of yet unexplained
# https://github.com/cyrusimap/cyrus-imapd/issues/2047
Admin.imap_admins
# Upstream on IRC indicates that these two are expected to fail on 3.0.
Carddav.sharing_contactpaths
Metadata.set_specialuse_twice
# This one needs a patch to xapian.
# https://github.com/cyrusimap/cyrus-imapd/issues/2348
SearchFuzzy.search_subjectsnippet
# this one is not working on builder machines
Conversations.xconvfetch
)
for i in ${tests[@]}; do exclude+=("!$i"); done
%if 0%{?fedora} <= 28
# imaptest on F28 has bugs which make some additional tests fail
tests=(
# Three new failures with imaptest 20170719
# https://github.com/cyrusimap/cyrus-imapd/issues/2087
ImapTest.append-binary
ImapTest.fetch-binary-mime
ImapTest.urlauth-binary
# This one seems to fail randomly.
ImapTest.urlauth2
)
for i in ${tests[@]}; do exclude+=("!$i"); done
%endif
%if 0%{?fedora} <= 26
# Some F26-specific test exclusions
tests=(
# These all fail because F26 perl doesn't support quad types in unpack.
Metadata.expunge_messages
Metadata.msg_replication_new_mas_partial_wwd
Metadata.msg_replication_new_rep
Metadata.msg_replication_new_mas
Metadata.msg_replication_exp_bot
Metadata.msg_replication_new_mas_partial_wwsw
Metadata.msg_replication_exp_mas
Metadata.msg_replication_mod_mas
Metadata.msg_replication_exp_rep
Metadata.msg_replication_mod_bot_msl
Metadata.msg_replication_new_bot_mse_gul
Metadata.msg_replication_mod_bot_msh
Metadata.msg_replication_new_bot_mse_guh
Metadata.msg_replication_mod_rep
)
for i in ${tests[@]}; do exclude+=("!$i"); done
%endif
# Add -vvv for too much output
./testrunner.pl %{?_smp_mflags} -v -f pretty ${exclude[@]} 2>&1
%pre
# Create 'cyrus' user on target host
getent group saslauth >/dev/null || /usr/sbin/groupadd -g %gid -r saslauth
getent passwd cyrus >/dev/null || /usr/sbin/useradd -c "Cyrus IMAP Server" -d /var/lib/imap -g %cyrusgroup \
-G saslauth -s /sbin/nologin -u %uid -r %cyrususer
%post
/sbin/ldconfig
%systemd_post cyrus-imapd.service
%preun
%systemd_preun cyrus-imapd.service
%postun
/sbin/ldconfig
%systemd_postun_with_restart cyrus-imapd.service
%files
%license COPYING
%doc README.md doc/README.* doc/examples doc/text doc/CHANGES.rpm
%_datadir/cyrus-imapd
%_libdir/libcyrus*.so.*
%_mandir/man5/*
%_mandir/man8/*
%dir /etc/pki/cyrus-imapd
%attr(0644,root,%cyrusgroup) %ghost %config(missingok,noreplace) %verify(not md5 size mtime) %ssl_pem_file_prefix-ca.pem
%attr(0644,root,%cyrusgroup) %ghost %config(missingok,noreplace) %verify(not md5 size mtime) %ssl_pem_file_prefix.pem
%attr(0640,root,%cyrusgroup) %ghost %config(missingok,noreplace) %verify(not md5 size mtime) %ssl_pem_file_prefix-key.pem
%config(noreplace) /etc/cyrus.conf
%config(noreplace) /etc/imapd.conf
%config(noreplace) /etc/logrotate.d/cyrus-imapd
%config(noreplace) /etc/sysconfig/cyrus-imapd
%config(noreplace) /etc/pam.d/*
/etc/cron.daily/cyrus-imapd
%_unitdir/cyrus-imapd.service
%_unitdir/cyrus-imapd-init.service
%_tmpfilesdir/cyrus-imapd.conf
%dir %cyrexecdir/
%cyrexecdir/[a-uw-z]*
# This creates some directories which in the default configuration cyrus will
# never use because they are placed under /run instead. However, old
# configurations or setup advice from the 'net might reference them, and so
# it's simpler to just leave them in the package.
%attr(0750,%cyrususer,%cyrusgroup) %dir /var/lib/imap/
%attr(0700,%cyrususer,%cyrusgroup) /var/lib/imap/backup/
%attr(0700,%cyrususer,%cyrusgroup) /var/lib/imap/db/
%attr(0700,%cyrususer,%cyrusgroup) /var/lib/imap/log/
%attr(0700,%cyrususer,%cyrusgroup) /var/lib/imap/meta/
%attr(0700,%cyrususer,%cyrusgroup) /var/lib/imap/md5/
%attr(0700,%cyrususer,%cyrusgroup) /var/lib/imap/msg/
%attr(0700,%cyrususer,%cyrusgroup) /var/lib/imap/proc/
%attr(0700,%cyrususer,%cyrusgroup) /var/lib/imap/ptclient/
%attr(0700,%cyrususer,%cyrusgroup) /var/lib/imap/quota/
%attr(0700,%cyrususer,%cyrusgroup) /var/lib/imap/rpm/
%attr(0700,%cyrususer,%cyrusgroup) /var/lib/imap/sieve/
%attr(0750,%cyrususer,%cyrusgroup) /var/lib/imap/socket
%attr(0700,%cyrususer,%cyrusgroup) /var/lib/imap/sync/
%attr(0700,%cyrususer,%cyrusgroup) /var/lib/imap/user/
%attr(0700,%cyrususer,%cyrusgroup) /var/spool/imap/
# The new locations
%attr(0750,%cyrususer,%cyrusgroup) %dir /run/cyrus/
%attr(0700,%cyrususer,%cyrusgroup) /run/cyrus/db/
%attr(0700,%cyrususer,%cyrusgroup) /run/cyrus/lock/
%attr(0700,%cyrususer,%cyrusgroup) /run/cyrus/proc/
%attr(0750,%cyrususer,%cyrusgroup) /run/cyrus/socket/
%files devel
%_includedir/cyrus/
%_libdir/libcyrus*.so
%_libdir/pkgconfig/*.pc
%_mandir/man3/imclient.3*
%files doc-extra
%doc doc/html doc/internal doc/legacy
%files utils
%license COPYING
%doc perl/imap/README
%doc perl/imap/Changes
%doc perl/imap/examples
%{_bindir}/*
%{_sbindir}/*
%{perl_vendorarch}/auto/Cyrus
%{perl_vendorarch}/Cyrus
%{perl_vendorlib}/Cyrus
%{_mandir}/man3/*.3pm*
%{_mandir}/man1/*
# RF hardcoded-library-path in /usr/lib/cyrus-imapd
/usr/lib/cyrus-imapd
%files vzic
%cyrexecdir/vzic*
%changelog
* Wed Sep 01 2021 Tomas Korbar <tkorbar@redhat.com> - 3.0.7-23
- Fix CVE-2021-33582
- Also disable unstable test
- Resolves: CVE-2021-33582
* Thu May 27 2021 Pavel Zhukov <pzhukov@redhat.com> - 3.0.7-22
- rebuild with xapian support
* Fri Nov 6 2020 Pavel Zhukov <pzhukov@redhat.com> - 3.0.7-20
- Use PROFILE=SYSTEM as default configuration for tls_ciphers
* Thu Apr 23 2020 Pavel Zhukov <pzhukov@redhat.com> - 3.0.7-19
- change ownership of pki files (#1710722)
* Thu Apr 23 2020 Pavel Zhukov <pzhukov@redhat.com> - 3.0.7-18
- Move old changelog into separate file (#1671239)
* Tue Apr 21 2020 Pavel Zhukov <pavel@desktop.zhukoff.net> - 3.0.7-17
- Add fix for CVE-2019-19783
- Add fix for CVE-2019-18928
* Fri Jun 7 2019 Pavel Zhukov <pzhukov@redhat.com> - 3.0.7-16
- Resolves: #1718195 - don't overrun buffer when parsing strings with sscanf()
* Mon Oct 8 2018 Pavel Zhukov <pzhukov@redhat.com> - 3.0.7-15
- Related: #1602472 - Fix rpmdiff warnings
* Mon Oct 8 2018 Pavel Zhukov <pzhukov@redhat.com> - 3.0.7-14
- Related: #1602472 - Fix misused syntax warning
* Tue Oct 2 2018 Pavel Zhukov <pzhukov@redhat.com> - 3.0.7-13
- Related: #1602472 - Fix few covscan warnings
* Sun Aug 12 2018 Pavel Zhukov <pzhukov@redhat.com> - 3.0.7-12
- Rename master -> cyrus-master in documentation
* Thu Aug 9 2018 Josef Ridky <jridky@redhat.com> - 3.0.7-11
- Rebuild for Net-SNMP
* Wed Aug 8 2018 Pavel Zhukov <pzhukov@redhat.com> - 3.0.7-10
- Rename master -> cyrus-master
* Wed Aug 8 2018 Pavel Zhukov <pzhukov@redhat.com> - 3.0.7-9
- Load supported modules only
* Mon Aug 6 2018 Pavel Zhukov <pzhukov@redhat.com> - 3.0.7-7
- Resolves: №1611713 - Generate SSl cerificates for starttls test
* Mon Jun 25 2018 Pavel Zhukov <pzhukov@redhat.com> - 3.0.7-6
- Drop shapelib in RHEL
* Fri Jun 22 2018 Pavel Zhukov <pzhukov@redhat.com> - 3.0.7-5
- Drop xapian support
* Tue May 22 2018 Pavel Zhukov <pzhukov@redhat.com> - 3.0.7-4
- Disable clamav support for non Fedora's
- Disable forktest due to builders slowness
* Fri May 18 2018 Jason L Tibbitts III <tibbs@math.uh.edu> - 3.0.7-2
- Really enable mysql and clamav support.
* Fri May 18 2018 Jason L Tibbitts III <tibbs@math.uh.edu> - 3.0.7-1
- Update to 3.0.7.
- Update Cassandane checkout.
- Update excluded Cassandane test list.
* Tue May 01 2018 Jason L Tibbitts III <tibbs@math.uh.edu> - 3.0.6-1
- Update to 3.0.6.
- Remove upstreamed patches and renumber the rest.
- Disable one new failing test:
https://github.com/cyrusimap/cyrus-imapd/issues/2332
* Mon Apr 30 2018 Pete Walter <pwalter@fedoraproject.org> - 3.0.5-15
- Rebuild for ICU 61.1
* Tue Apr 17 2018 Jason L Tibbitts III <tibbs@math.uh.edu> - 3.0.5-14
- Update Cassandane again, fixing a broken test.
* Fri Apr 13 2018 Jason L Tibbitts III <tibbs@math.uh.edu> - 3.0.5-13
- Update Cassandane, fixing a few tests and a class of weird random build
failures.
* Fri Apr 06 2018 Jason L Tibbitts III <tibbs@math.uh.edu> - 3.0.5-12
- Update list of excluded tests.
- Update Cassandane snapshot; use new base_port config setting. No need to
patch that in now.
- Add four new expected-to-fail tests from new Cassandane snapshot.
- Add patch to collect extra Cassandane logging in case we hit some of those
sporadic failures again.
* Tue Apr 03 2018 Jason L Tibbitts III <tibbs@math.uh.edu> - 3.0.5-11
- Re-enable imaptest on >= F29.
- F29's imaptest fixes several bugs, allowing all tests to be run there.
- Relocate cassandane base port to hopefully work better in koji.
* Mon Apr 02 2018 Jason L Tibbitts III <tibbs@math.uh.edu> - 3.0.5-10
- Update cassandane checkout to fix a test that was broken by DST.
- Add patch to fix sieve scripts for usernames containing a dot.
- Disable imaptest in cassandane until
https://bugzilla.redhat.com/show_bug.cgi?id=1562970 is fixed.
- Re-enable tests on s390; it seems to be better now.
* Thu Mar 15 2018 Jason L Tibbitts III <tibbs@math.uh.edu> - 3.0.5-9
- Re-enable clamav on ppc64.
* Thu Mar 01 2018 Jason L Tibbitts III <tibbs@math.uh.edu> - 3.0.5-8
- Bump client_timeout value in test suite.
* Thu Mar 01 2018 Jason L Tibbitts III <tibbs@math.uh.edu> - 3.0.5-7
- Add patch to fix imtest (rhbz#1543481).
- Fix vzic makefile to use proper cflags (rhbz#1550543).
* Mon Feb 26 2018 Jason L Tibbitts III <tibbs@math.uh.edu> - 3.0.5-6
- Update cassandane checkout.
- Add two new build dependencies.
- Remove all JMAP-related tests from the exclusion lists, since cassandane no
longer runs any JMAP tests on cyrus 3.0.
- Collapse unused test skip lists.
- Add ten additional skipped tests, after consultation with upstream.
* Mon Feb 26 2018 Jason L Tibbitts III <tibbs@math.uh.edu> - 3.0.5-5
- Add patch to fix segfaults in squatter.
- Exclude one test on all releases instead of just F28+.
- Remove --cleanup from cassandane invocation.
* Wed Feb 07 2018 Fedora Release Engineering <releng@fedoraproject.org> - 3.0.5-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
* Tue Jan 09 2018 Jason L Tibbitts III <tibbs@math.uh.edu> - 3.0.5-3
- Re-enable clamav and mariadb support as those are now built with openssl 1.1.
- But no clamav on ppc64 because of
https://bugzilla.redhat.com/show_bug.cgi?id=1534071
* Thu Jan 04 2018 Jason L Tibbitts III <tibbs@math.uh.edu> - 3.0.5-2
- Reorganize some test exclusions so things build on all releases.
* Thu Jan 04 2018 Jason L Tibbitts III <tibbs@math.uh.edu> - 3.0.5-1
- Update to 3.0.5.
- Add one new failing test.
- Remove one now-passing test on rawhide.
* Mon Dec 18 2017 Pavel Zhukov <pzhukov@redhat.com> - 3.0.4-6
- Rebuild with new net-snmp
* Thu Nov 30 2017 Pete Walter <pwalter@fedoraproject.org> - 3.0.4-5
- Rebuild for ICU 60.1
* Wed Nov 29 2017 Pavel Zhukov <pzhukov@redhat.com> - 3.0.4-4
- Do not require tcp_wrappers (#1518759)
* Tue Nov 14 2017 Jason L Tibbitts III <tibbs@math.uh.edu> - 3.0.4-3
- Rebuild for new libical.
- Add patch to fix compilation error with new libical.
- Disable two tests which fail due to the new libical.
* Tue Oct 24 2017 Jason L Tibbitts III <tibbs@math.uh.edu> - 3.0.4-2
- Fix typo in default config;
https://bugzilla.redhat.com/show_bug.cgi?id=1506000
* Tue Sep 05 2017 Pavel Zhukov <landgraf@fedoraproject.org> - 3.0.4-1
- Update to 3.0.4
- Patched cassandane for new behaviour. It should be updated idealy.
- Disable ImapTest.urlauth2 test; it seems to fail randomly regardless of
architecture.
* Fri Aug 11 2017 Jason L Tibbitts III <tibbs@math.uh.edu> - 3.0.3-1
- Update to 3.0.3, which contains an important security fix. The fix is not
embargoed but no CVE has been assigned yet.
- Drop patches merged upstream.
- An update of imaptest has resulted in three additional cassandane failures,
reported upstream as https://github.com/cyrusimap/cyrus-imapd/issues/2087.
In order to get the security fix out without delay, those three tests have been
disabled.
* Fri Aug 11 2017 Igor Gnatenko <ignatenko@redhat.com> - 3.0.2-9
- Rebuilt after RPM update (№ 3)
* Thu Aug 10 2017 Igor Gnatenko <ignatenko@redhat.com> - 3.0.2-8
- Rebuilt for RPM soname bump
* Wed Aug 02 2017 Fedora Release Engineering <releng@fedoraproject.org> - 3.0.2-7
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild
* Wed Jul 26 2017 Fedora Release Engineering <releng@fedoraproject.org> - 3.0.2-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
* Fri Jun 30 2017 Jason L Tibbitts III <tibbs@math.uh.edu> - 3.0.2-5
- Add two patches from upstream which fix JMAPCalendars issues on 32-bit and
big-endian architectures.
- Clean up test invocation and exclusion list. More tests pass now.
* Wed Jun 28 2017 Jason L Tibbitts III <tibbs@math.uh.edu> - 3.0.2-4
- Explicitly set specialusealways: 1 in the default config.
* Tue Jun 27 2017 Jason L Tibbitts III <tibbs@math.uh.edu> - 3.0.2-3
- Patch the provided imapd.conf and cyrus.conf to more closely match previous
Fedora defaults and directories included in this package and to enable
features which are supported by the Fedora build.
- Add tmpfiles.d configuration file for directories in /run.
* Tue Jun 27 2017 Jason L Tibbitts III <tibbs@math.uh.edu> - 3.0.2-2
- Exclude one more test from 32-bit arches. Looks like this failure crept in
with the Cassandane update.
* Thu Jun 22 2017 Jason L Tibbitts III <tibbs@math.uh.edu> - 3.0.2-1
- Update to 3.0.2.
- New Cassandane snapshot, with more tests (all of which are passing).
* Tue Jun 20 2017 Jason L Tibbitts III <tibbs@math.uh.edu> - 3.0.1-7
- Add old /usr/lib/cyrus-imapd directory to the utils package and add a symlink
there to the deliver binary. This should help a bit with migrations.
- Add upstream patch to fix reconstruct failures on 32-bit architectures.
Re-enable those five Cassandane tests.
* Thu Jun 15 2017 Jason L Tibbitts III <tibbs@math.uh.edu> - 3.0.1-6
- Rename two commands: quota -> cyr_quota, restore -> cyr_restore.
- Fix Cassandane to handle those renames.
- Fix location of cyr_fetchnews.
- Fix Perl 5.26-related module linking issue which caused a test failure.
Fixes https://bugzilla.redhat.com/show_bug.cgi?id=1461669
* Tue Jun 06 2017 Jason L Tibbitts III <tibbs@math.uh.edu> - 3.0.1-5
- Use proper path to ctl_mboxlist in cron file.
- Add patch to increase individual test timeout. Sometimes armv7hl can't
complete a single test in 20 seconds.
- Disable the Metronome tests; upstream says that they just won't reliably on
shared hardware.
- Don't bother running Cassandane on s390x for now. The machines are simply
too slow.
* Tue Jun 06 2017 Jitka Plesnikova <jplesnik@redhat.com> - 3.0.1-4
- Perl 5.26 rebuild
* Fri Jun 02 2017 Jason L Tibbitts III <tibbs@math.uh.edu> - 3.0.1-3
- Remove clamav from build requirements.
- Add --cleanup to Cassandane call to hopefully reduce build disk usage.
- Disable maxforkrate test on s390x; our builders are too slow to run it.
* Fri Jun 02 2017 Jason L Tibbitts III <tibbs@math.uh.edu> - 3.0.1-2
- Add patch to fix up some endianness issues.
- Enable both test suites on all architectures.
- Add arch-specific excludes for a few Cassandane tests.
* Thu Apr 20 2017 Jason L Tibbitts III <tibbs@math.uh.edu> - 3.0.1-1
- Initial attempt at importing 3.0. Many new dependencies.
- Use a stock sample imapd.conf file instead of a Fedora-provided one.
* Fri Feb 10 2017 Fedora Release Engineering <releng@fedoraproject.org> - 2.5.10-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild
* Mon Jan 09 2017 Jason L Tibbitts III <tibbs@math.uh.edu> - 2.5.10-2
- Rename httpd manpage to "cyrhttpd" to avoid conflict with the httpd package.
* Wed Nov 23 2016 Jason L Tibbitts III <tibbs@math.uh.edu> - 2.5.10-1
- Initial update to the 2.5 series.
- Significant spec cleanups.
- Add sscg dep and follow
https://fedoraproject.org/wiki/Packaging:Initial_Service_Setup for initial
cert generation.
- Change default conf to use the system crypto policy.
* Sat Jan 01 2000 Pavel Zhukov <pzhukov@redhat.com> - 0.0.1-1
- See /usr/share/doc/cyrus-imapd/CHANGELOG.rpm for more history

5
cyrus-imapd.sysconfig Normal file
View File

@ -0,0 +1,5 @@
# Options to cyrus-master
CYRUSOPTIONS=""
# Mailbox list dumps are rotated n times via cron.daily
#ROTATE=6

View File

@ -0,0 +1,5 @@
d /run/cyrus 0750 cyrus mail -
d /run/cyrus/db 0700 cyrus mail -
d /run/cyrus/lock 0700 cyrus mail -
d /run/cyrus/proc 0700 cyrus mail -
d /run/cyrus/socket 0750 cyrus mail -

View File

@ -0,0 +1,14 @@
diff --git a/utils/annotator.pl b/utils/annotator.pl
index 94b84a2..0208831 100755
--- a/utils/annotator.pl
+++ b/utils/annotator.pl
@@ -140,6 +140,8 @@ GetOptions(
xlog "annotator $$ starting";
Cassandane::AnnotatorDaemon->run(
pid_file => $pidfile,
- port => $port
+ port => $port,
+ user => (getpwuid($<))[0],
+ group => (getgrgid($())[0],
);
xlog "annotator $$ exiting";

View File

@ -0,0 +1,21 @@
diff --git a/Cassandane/Util/Log.pm b/Cassandane/Util/Log.pm
index 9cd93d5..8d3b3c1 100644
--- a/Cassandane/Util/Log.pm
+++ b/Cassandane/Util/Log.pm
@@ -52,16 +52,12 @@ our @EXPORT = qw(
my $verbose = 0;
-openlog('cassandane', '', LOG_LOCAL6)
- or die "Cannot openlog";
-
sub xlog
{
my ($pkg, $file, $line) = caller;
$pkg =~ s/^Cassandane:://;
my $msg = "=====> " . $pkg . "[" . $line . "] " . join(' ', @_);
print STDERR "$msg\n";
- syslog(LOG_ERR, "$msg");
}
sub set_verbose

114
patch-cyrus-default-configs Normal file
View File

@ -0,0 +1,114 @@
diff --git a/doc/examples/cyrus_conf/prefork.conf b/doc/examples/cyrus_conf/prefork.conf
index 4ce2c0f..3b1e6d7 100644
--- a/doc/examples/cyrus_conf/prefork.conf
+++ b/doc/examples/cyrus_conf/prefork.conf
@@ -19,15 +19,15 @@ SERVICES {
# nntps cmd="nntpd -s" listen="nntps" prefork=1
# these are only necessary if using HTTP for CalDAV, CardDAV, or RSS
-# http cmd="httpd" listen="http" prefork=3
-# https cmd="httpd -s" listen="https" prefork=1
+ http cmd="httpd" listen="http" prefork=3
+ https cmd="httpd -s" listen="https" prefork=1
# at least one LMTP is required for delivery
# lmtp cmd="lmtpd" listen="lmtp" prefork=0
- lmtpunix cmd="lmtpd" listen="/var/imap/socket/lmtp" prefork=1
+ lmtpunix cmd="lmtpd" listen="/run/cyrus/socket/lmtp" prefork=1
# this is only necessary if using notifications
-# notify cmd="notifyd" listen="/var/imap/socket/notify" proto="udp" prefork=1
+# notify cmd="notifyd" listen="/run/cyrus/socket/notify" proto="udp" prefork=1
}
EVENTS {
diff --git a/doc/examples/imapd_conf/normal.conf b/doc/examples/imapd_conf/normal.conf
index 95b54e9..3935b77 100644
--- a/doc/examples/imapd_conf/normal.conf
+++ b/doc/examples/imapd_conf/normal.conf
@@ -10,7 +10,7 @@ admins: cyrus
###################################################################
# Configuration directory
-configdirectory: /var/lib/cyrus
+configdirectory: /var/lib/imap
# Directories for proc and lock files
proc_path: /run/cyrus/proc
@@ -19,18 +19,18 @@ mboxname_lockpath: /run/cyrus/lock
# Locations for DB files
# The following DB are recreated upon initialization, so should live in
# ephemeral storage for best performance.
-duplicate_db_path: /run/cyrus/deliver.db
-ptscache_db_path: /run/cyrus/ptscache.db
-statuscache_db_path: /run/cyrus/statuscache.db
-tls_sessions_db_path: /run/cyrus/tls_sessions.db
+duplicate_db_path: /run/cyrus/db/deliver.db
+ptscache_db_path: /run/cyrus/db/ptscache.db
+statuscache_db_path: /run/cyrus/db/statuscache.db
+tls_sessions_db_path: /run/cyrus/db/tls_sessions.db
# Which partition to use for default mailboxes
defaultpartition: default
-partition-default: /var/spool/cyrus/mail
+partition-default: /var/spool/imap
# If sieveusehomedir is false (the default), this directory is searched
# for Sieve scripts.
-sievedir: /var/spool/sieve
+sievedir: /var/lib/imap/sieve
###################################################################
## Important: KEEP THESE IN SYNC WITH cyrus.conf
@@ -51,19 +51,16 @@ syslog_prefix: cyrus
# Space-separated list of HTTP modules that will be enabled in
# httpd(8). This option has no effect on modules that are disabled at
# compile time due to missing dependencies (e.g. libical).
-#
-# Allowed values: caldav, carddav, domainkey, ischedule, rss
-httpmodules: caldav carddav
+# Enable supported modules
+httpmodules: caldav carddav
# If enabled, the partitions will also be hashed, in addition to the
# hashing done on configuration directories. This is recommended if one
# partition has a very bushy mailbox tree.
hashimapspool: true
-# Enable virtual domains
-# and set default domain to localhost
-virtdomains: yes
-defaultdomain: localhost
+# Disable virtual domains by default
+virtdomains: off
###################################################################
## User experience settings
@@ -72,6 +69,14 @@ defaultdomain: localhost
# Minimum time between POP mail fetches in minutes
popminpoll: 1
+# Conversation support is required for jmap
+conversations: 1
+conversations_db: twoskip
+
+# This will default to on in 3.1, and improves compatibility with some Apple
+# devices. Upstream https://github.com/cyrusimap/cyrus-imapd/issues/1556
+specialusealways: 1
+
###################################################################
## User Authentication settings
###################################################################
@@ -99,6 +104,12 @@ sasl_auto_transition: no
## SSL/TLS Options
###################################################################
+# These three files will automatically be generated by the systemd unit when
+# the service starts for the first time.
+tls_server_cert: /etc/pki/cyrus-imapd/cyrus-imapd.pem
+tls_server_key: /etc/pki/cyrus-imapd/cyrus-imapd-key.pem
+tls_client_ca_file: /etc/pki/cyrus-imapd/cyrus-imapd-ca.pem
+
# File containing the global certificate used for ALL services (imap,
# pop3, lmtp, sieve)
#tls_server_cert: /etc/ssl/certs/ssl-cert-snakeoil.pem

View File

@ -0,0 +1,13 @@
diff --git a/perl/sieve/managesieve/Makefile.PL.in b/perl/sieve/managesieve/Makefile.PL.in
index 2bb715d..422504d 100644
--- a/perl/sieve/managesieve/Makefile.PL.in
+++ b/perl/sieve/managesieve/Makefile.PL.in
@@ -69,7 +69,7 @@ WriteMakefile(
'ABSTRACT' => 'Cyrus Sieve management interface',
'VERSION_FROM' => "@top_srcdir@/perl/sieve/managesieve/managesieve.pm", # finds $VERSION
'MYEXTLIB' => '../lib/.libs/libisieve.a @top_builddir@/perl/.libs/libcyrus.a @top_builddir@/perl/.libs/libcyrus_min.a',
- 'LIBS' => ["$LIB_SASL @SSL_LIBS@ @LIB_UUID@ @ZLIB@"],
+ 'LIBS' => ["$LIB_SASL @SSL_LIBS@ @LIB_UUID@ @ZLIB@ -lsqlite3 -lpq -lmariadb"],
'CCFLAGS' => '@GCOV_CFLAGS@',
'DEFINE' => '-DPERL_POLLUTE', # e.g., '-DHAVE_SOMETHING'
'INC' => "-I@top_srcdir@/lib -I@top_srcdir@/perl/sieve -I@top_srcdir@/perl/sieve/lib @SASLFLAGS@ @SSL_CPPFLAGS@",

View File

@ -0,0 +1,13 @@
diff --git a/cunit/unit.c b/cunit/unit.c
index 46dc358..ca37f22 100644
--- a/cunit/unit.c
+++ b/cunit/unit.c
@@ -97,7 +97,7 @@ EXPORTED void fatal(const char *s, int code)
}
/* Each test gets a maximum of 20 seconds. */
-#define TEST_TIMEOUT_MS (20*1000)
+#define TEST_TIMEOUT_MS (30*1000)
static jmp_buf jbuf;
static const char *code;

25
patch-vzic-proper-cflags Normal file
View File

@ -0,0 +1,25 @@
diff --git a/tools/vzic/Makefile b/tools/vzic/Makefile
index 8ae6afa..3882998 100644
--- a/tools/vzic/Makefile
+++ b/tools/vzic/Makefile
@@ -45,17 +45,17 @@ LIBICAL_LDADD = -lical
GLIB_CFLAGS = `pkg-config --cflags glib-2.0`
GLIB_LDADD = `pkg-config --libs glib-2.0`
-CFLAGS = -g -I../.. -DOLSON_DIR=\"$(OLSON_DIR)\" -DPRODUCT_ID='"$(PRODUCT_ID)"' -DTZID_PREFIX='"$(TZID_PREFIX)"' $(GLIB_CFLAGS) $(LIBICAL_CFLAGS)
+CFLAGS += -I../.. -DOLSON_DIR=\"$(OLSON_DIR)\" -DPRODUCT_ID='"$(PRODUCT_ID)"' -DTZID_PREFIX='"$(TZID_PREFIX)"' $(GLIB_CFLAGS) $(LIBICAL_CFLAGS)
OBJECTS = vzic.o vzic-parse.o vzic-dump.o vzic-output.o
all: vzic
vzic: $(OBJECTS)
- $(CC) $(OBJECTS) $(GLIB_LDADD) -o vzic
+ $(CC) $(LDFLAGS) $(OBJECTS) $(GLIB_LDADD) -o vzic
test-vzic: test-vzic.o
- $(CC) test-vzic.o $(LIBICAL_LDADD) -o test-vzic
+ $(CC) $(LDFLAGS) test-vzic.o $(LIBICAL_LDADD) -o test-vzic
# Dependencies.
$(OBJECTS): vzic.h

3
sources Normal file
View File

@ -0,0 +1,3 @@
SHA512 (cassandane-00bfe01.tar.gz) = 96f2ca6cbf36c8f9df2b4762ca572b5ba597ca305408f992d6671cba2845f990c8d3cf35ae91ea44da9ea825c9b4c6b1e5fb314b27c31cf4c63805699ab46ab6
SHA512 (cassandane-testdata-20170523.tar.gz) = 705f5af6a31fe3b8d6e8027bbddbedb2f64d65997f8a06620ec07fcd30a95d98ac3f3fbef7af5080684ee21be1c5b8bcad2374b2749f0571099e780355a04420
SHA512 (cyrus-imapd-3.0.7.tar.gz) = 6f9af658df6ae6e4463bb52c672c7e8d49482c8e5542985825f099ea8b76291d1598a2a5c92711ae642b0d053c5168792f1832eeb15d1fdeb4b8d2efcfb4d9b9