rpms/cyrus-imapd
7
0
Fork 0
Code Issues Pull Requests Releases Activity

Compare commits

merge into: rpms:c8
Branches Tags
rpms:c8
rpms:c10s
rpms:c8s
rpms:c9-beta
rpms:c9s
rpms:c9
rpms:c8-beta
rpms:imports/c10s/cyrus-imapd-3.8.3-6.el10
rpms:imports/c9-beta/cyrus-imapd-3.4.8-1.el9
rpms:imports/c8/cyrus-imapd-3.0.7-26.el8_10
rpms:imports/c10s/cyrus-imapd-3.8.3-1.el10
rpms:imports/c10s/cyrus-imapd-3.8.3-5.el10
rpms:imports/c10s/cyrus-imapd-3.8.3-4.el10
rpms:imports/c9/cyrus-imapd-3.4.1-11.el9
rpms:imports/c9-beta/cyrus-imapd-3.4.1-10.el9
rpms:imports/c9/cyrus-imapd-3.4.1-7.el9
rpms:imports/c8/cyrus-imapd-3.0.7-24.el8
rpms:imports/c9-beta/cyrus-imapd-3.4.1-7.el9
rpms:imports/c8-beta/cyrus-imapd-3.0.7-24.el8
rpms:imports/c8s/cyrus-imapd-3.0.7-24.el8
rpms:imports/c9/cyrus-imapd-3.4.1-6.el9
rpms:imports/c9-beta/cyrus-imapd-3.4.1-6.el9
rpms:imports/c9-beta/cyrus-imapd-3.4.1-4.el9
rpms:imports/c8/cyrus-imapd-3.0.7-23.el8
rpms:imports/c8-beta/cyrus-imapd-3.0.7-23.el8
rpms:imports/c8-beta/cyrus-imapd-3.0.7-20.el8
rpms:imports/c8-beta/cyrus-imapd-3.0.7-19.el8
rpms:imports/c8-beta/cyrus-imapd-3.0.7-16.el8
rpms:imports/c8/cyrus-imapd-3.0.7-20.el8_4.1
rpms:imports/c8s/cyrus-imapd-3.0.7-23.el8
rpms:imports/c8s/cyrus-imapd-3.0.7-22.el8
rpms:imports/c8s/cyrus-imapd-3.0.7-20.el8
rpms:imports/c8s/cyrus-imapd-3.0.7-19.el8
rpms:imports/c8/cyrus-imapd-3.0.7-20.el8
rpms:imports/c8/cyrus-imapd-3.0.7-19.el8
rpms:imports/c8/cyrus-imapd-3.0.7-16.el8
rpms:imports/c8/cyrus-imapd-3.0.7-15.el8_0.1
rpms:imports/c8/cyrus-imapd-3.0.7-15.el8
...
pull from: rpms:c10s
Branches Tags
rpms:c10s
rpms:c8s
rpms:c9-beta
rpms:c8
rpms:c9s
rpms:c9
rpms:c8-beta
rpms:imports/c10s/cyrus-imapd-3.8.3-6.el10
rpms:imports/c9-beta/cyrus-imapd-3.4.8-1.el9
rpms:imports/c8/cyrus-imapd-3.0.7-26.el8_10
rpms:imports/c10s/cyrus-imapd-3.8.3-1.el10
rpms:imports/c10s/cyrus-imapd-3.8.3-5.el10
rpms:imports/c10s/cyrus-imapd-3.8.3-4.el10
rpms:imports/c9/cyrus-imapd-3.4.1-11.el9
rpms:imports/c9-beta/cyrus-imapd-3.4.1-10.el9
rpms:imports/c9/cyrus-imapd-3.4.1-7.el9
rpms:imports/c8/cyrus-imapd-3.0.7-24.el8
rpms:imports/c9-beta/cyrus-imapd-3.4.1-7.el9
rpms:imports/c8-beta/cyrus-imapd-3.0.7-24.el8
rpms:imports/c8s/cyrus-imapd-3.0.7-24.el8
rpms:imports/c9/cyrus-imapd-3.4.1-6.el9
rpms:imports/c9-beta/cyrus-imapd-3.4.1-6.el9
rpms:imports/c9-beta/cyrus-imapd-3.4.1-4.el9
rpms:imports/c8/cyrus-imapd-3.0.7-23.el8
rpms:imports/c8-beta/cyrus-imapd-3.0.7-23.el8
rpms:imports/c8-beta/cyrus-imapd-3.0.7-20.el8
rpms:imports/c8-beta/cyrus-imapd-3.0.7-19.el8
rpms:imports/c8-beta/cyrus-imapd-3.0.7-16.el8
rpms:imports/c8/cyrus-imapd-3.0.7-20.el8_4.1
rpms:imports/c8s/cyrus-imapd-3.0.7-23.el8
rpms:imports/c8s/cyrus-imapd-3.0.7-22.el8
rpms:imports/c8s/cyrus-imapd-3.0.7-20.el8
rpms:imports/c8s/cyrus-imapd-3.0.7-19.el8
rpms:imports/c8/cyrus-imapd-3.0.7-20.el8
rpms:imports/c8/cyrus-imapd-3.0.7-19.el8
rpms:imports/c8/cyrus-imapd-3.0.7-16.el8
rpms:imports/c8/cyrus-imapd-3.0.7-15.el8_0.1
rpms:imports/c8/cyrus-imapd-3.0.7-15.el8

No commits in common. "c8" and "c10s" have entirely different histories.
c8 ... c10s

50 changed files with 2887 additions and 2234 deletions
Show Stats Expand all files Collapse all files

5
.cyrus-imapd.metadata
View File

@ -1,5 +0,0 @@
b537ecfca22df8a41f53d07d88d9547a1cb63d7d SOURCES/CHANGES.rpm
e39754f688d98ac0040df85e8850a2e330c6235d SOURCES/README.rpm
b3157c127c9cc404ecb2672e0eb4f18cac2a2a73 SOURCES/cassandane-00bfe01.tar.gz
fdbc28a259af65792e23ce8da16faf323039139c SOURCES/cassandane-testdata-20170523.tar.gz
49e3f8bbecd391513b81e3ccf49ea2df84be522f SOURCES/cyrus-imapd-3.0.7.tar.gz

1
.fmf/version Normal file
View File

@ -0,0 +1 @@
1

27
.gitignore vendored
View File

@ -1,5 +1,22 @@
SOURCES/CHANGES.rpm
SOURCES/README.rpm
SOURCES/cassandane-00bfe01.tar.gz
SOURCES/cassandane-testdata-20170523.tar.gz
SOURCES/cyrus-imapd-3.0.7.tar.gz
/*.src.rpm
/.build-*.log
/.*.swp
/results_cyrus-imapd/
/cyrus-imapd-*/
/cassandane-testdata-ca669d4b.tar.gz
/cassandane-17d372f.tar.gz
/cyrus-imapd-3.2.4.tar.gz
/cassandane-8d3fced.tar.gz
/cyrus-imapd-3.2.6.tar.gz
/cyrus-imapd-3.4.3.tar.gz
/cyrus-imapd-3.4.4.tar.gz
/cyrus-imapd-3.6.0.tar.gz
/cyrus-imapd-3.6.0.tar.gz.sig
/cyrus-imapd-3.8.0.tar.gz
/cyrus-imapd-3.8.0.tar.gz.sig
/cyrus-imapd-3.8.1.tar.gz
/cyrus-imapd-3.8.1.tar.gz.sig
/cyrus-imapd-3.8.2.tar.gz
/cyrus-imapd-3.8.2.tar.gz.sig
/cyrus-imapd-3.8.3.tar.gz
/cyrus-imapd-3.8.3.tar.gz.sig

34
README.rpm Normal file
View File

@ -0,0 +1,34 @@
---------------
Cyrus IMAPd RPM
---------------
This is a _very_ 'quick and dirty' install howto.
The following steps should lead you to a running Cyrus IMAP server:
1) Install on a distribution which is supported by this RPM. Don't install
on a dirty system, where you have previously installed from source.
2) Don't install if you have a previous Cyrus IMAPd installation <=2.1.x on
your box. Upgrading any Invoca rpm based installation should be fine.
3) Make sure you understand that this RPM installs in FHS compliant
directories, like /var/lib/imap and /var/spool/imap
4) Make sure cyrus-sasl is installed.
5) Make sure saslauthd is running. If not, edit /etc/sysconfig/saslauthd as
needed and do 'chkconfig saslauthd on ; service saslauthd start'
6) Install the cyrus-imapd RPMs.
7) If it's your first install of Cyrus IMAPd, then set a password for the
cyrus user in whatever database you are using to authenticate. When
using a local account, this should be 'passwd cyrus'.
8) Make sure your MTA delivers to Cyrus IMAPd, I recommend LMTP for this.
9) Start Cyrus IMAPd with 'service cyrus-imapd start'
10) Run cyradm and create a user. Usually it's something like this:
'cyradm --user=cyrus --auth=login localhost'
11) If you're using sendmail, be aware that cyrusv2.m4 included in standard
sendmail distribution uses socket /var/imap/socket/lmtp while this rpm
uses /var/lib/imap/socket/lmtp.
12) Check your syslog configuration. This RPM uses the mail facility to log
messages. On busy sites you may want to limit the mail facility to the
info priority with something like 'mail.info /var/log/maillog' in
/etc/syslog.conf.
Enjoy!

205
SOURCES/cyrus-imapd-3.0-CVE-2021-33582.patch
View File

@ -1,205 +0,0 @@
diff --git a/imap/http_dav.c b/imap/http_dav.c
index 91bbc28b6b..a6fa5c8345 100644
--- a/imap/http_dav.c
+++ b/imap/http_dav.c
@@ -5494,7 +5494,7 @@ EXPORTED int meth_propfind(struct transaction_t *txn, void *params)
xmlDocPtr indoc = NULL, outdoc = NULL;
xmlNodePtr root, cur = NULL, props = NULL;
xmlNsPtr ns[NUM_NAMESPACE];
- struct hash_table ns_table = { 0, NULL, NULL };
+ struct hash_table ns_table = HASH_TABLE_INITIALIZER;
struct propfind_ctx fctx;
struct propfind_entry_list *elist = NULL;
@@ -7900,7 +7900,7 @@ int meth_report(struct transaction_t *txn, void *params)
xmlNodePtr inroot = NULL, outroot = NULL, cur, prop = NULL, props = NULL;
const struct report_type_t *report = NULL;
xmlNsPtr ns[NUM_NAMESPACE];
- struct hash_table ns_table = { 0, NULL, NULL };
+ struct hash_table ns_table = HASH_TABLE_INITIALIZER;
struct propfind_ctx fctx;
struct propfind_entry_list *elist = NULL;
diff --git a/lib/hash.c b/lib/hash.c
index 9703142c3b..84f2e80d28 100644
--- a/lib/hash.c
+++ b/lib/hash.c
@@ -43,10 +43,11 @@ EXPORTED hash_table *construct_hash_table(hash_table *table, size_t size, int us
assert(table);
assert(size);
- table->size = size;
+ table->size = size;
+ table->seed = rand(); /* might be zero, that's okay */
/* Allocate the table -- different for using memory pools and not */
- if(use_mpool) {
+ if (use_mpool) {
/* Allocate an initial memory pool for 32 byte keys + the hash table
* + the buckets themselves */
table->pool =
@@ -72,7 +73,7 @@ EXPORTED hash_table *construct_hash_table(hash_table *table, size_t size, int us
EXPORTED void *hash_insert(const char *key, void *data, hash_table *table)
{
- unsigned val = strhash(key) % table->size;
+ unsigned val = strhash_seeded(table->seed, key) % table->size;
bucket *ptr, *newptr;
bucket **prev;
@@ -153,9 +154,14 @@ EXPORTED void *hash_insert(const char *key, void *data, hash_table *table)
EXPORTED void *hash_lookup(const char *key, hash_table *table)
{
- unsigned val = strhash(key) % table->size;
+ unsigned val;
bucket *ptr;
+ if (!table->size)
+ return NULL;
+
+ val = strhash_seeded(table->seed, key) % table->size;
+
if (!(table->table)[val])
return NULL;
@@ -178,8 +184,7 @@ EXPORTED void *hash_lookup(const char *key, hash_table *table)
* since it will leak memory until you get rid of the entire hash table */
EXPORTED void *hash_del(const char *key, hash_table *table)
{
- unsigned val = strhash(key) % table->size;
- void *data;
+ unsigned val = strhash_seeded(table->seed, key) % table->size;
bucket *ptr, *last = NULL;
if (!(table->table)[val])
@@ -200,15 +205,10 @@ EXPORTED void *hash_del(const char *key, hash_table *table)
int cmpresult = strcmp(key, ptr->key);
if (!cmpresult)
{
+ void *data = ptr->data;
if (last != NULL )
{
- data = ptr -> data;
last -> next = ptr -> next;
- if(!table->pool) {
- free(ptr->key);
- free(ptr);
- }
- return data;
}
/*
@@ -221,15 +221,15 @@ EXPORTED void *hash_del(const char *key, hash_table *table)
else
{
- data = ptr->data;
(table->table)[val] = ptr->next;
- if(!table->pool) {
- free(ptr->key);
- free(ptr);
- }
- return data;
}
- } else if (cmpresult < 0) {
+ if(!table->pool) {
+ free(ptr->key);
+ free(ptr);
+ }
+ return data;
+ }
+ if (cmpresult < 0) {
/* its not here! */
return NULL;
}
diff --git a/lib/hash.h b/lib/hash.h
index 8051ac1760..cfa7da1ffa 100644
--- a/lib/hash.h
+++ b/lib/hash.h
@@ -3,10 +3,11 @@
#define HASH__H
#include <stddef.h> /* For size_t */
+#include <stdint.h>
#include "mpool.h"
#include "strarray.h"
-#define HASH_TABLE_INITIALIZER {0, NULL, NULL}
+#define HASH_TABLE_INITIALIZER {0, 0, NULL, NULL}
/*
** A hash table consists of an array of these buckets. Each bucket
@@ -32,6 +33,7 @@ typedef struct bucket {
typedef struct hash_table {
size_t size;
+ uint32_t seed;
bucket **table;
struct mpool *pool;
} hash_table;
diff --git a/lib/strhash.c b/lib/strhash.c
index d7c1741d2a..1b3251db73 100644
--- a/lib/strhash.c
+++ b/lib/strhash.c
@@ -42,17 +42,32 @@
#include "config.h"
-EXPORTED unsigned strhash(const char *string)
+#include "lib/strhash.h"
+
+/* The well-known djb2 algorithm (e.g. http://www.cse.yorku.ca/~oz/hash.html),
+ * with the addition of an optional seed to limit predictability.
+ *
+ * XXX return type 'unsigned' for back-compat to previous version, but
+ * XXX ought to be 'uint32_t'
+ */
+EXPORTED unsigned strhash_seeded_djb2(uint32_t seed, const char *string)
{
- unsigned ret_val = 0;
- int i;
+ const unsigned char *ustr = (const unsigned char *) string;
+ unsigned hash = 5381;
+ int c;
- while (*string)
- {
- i = (int) *string;
- ret_val ^= i;
- ret_val <<= 1;
- string ++;
- }
- return ret_val;
+ if (seed) {
+ /* treat the bytes of the seed as a prefix to the string */
+ unsigned i;
+ for (i = 0; i < sizeof seed; i++) {
+ c = seed & 0xff;
+ hash = ((hash << 5) + hash) ^ c;
+ seed >>= 8;
+ }
+ }
+
+ while ((c = *ustr++))
+ hash = ((hash << 5) + hash) ^ c;
+
+ return hash;
}
diff --git a/lib/strhash.h b/lib/strhash.h
index 34533fdffa..27339bb288 100644
--- a/lib/strhash.h
+++ b/lib/strhash.h
@@ -41,7 +41,11 @@
*/
#ifndef _STRHASH_H_
+#include <stdint.h>
-unsigned strhash(const char *string);
+unsigned strhash_seeded_djb2(uint32_t seed, const char *string);
+
+#define strhash(in) strhash_seeded_djb2((0), (in))
+#define strhash_seeded(sd, in) strhash_seeded_djb2((sd), (in))
#endif /* _STRHASH_H_ */

30
SOURCES/cyrus-imapd-CVE-2019-18928.patch
View File

@ -1,30 +0,0 @@
diff --git a/imap/httpd.c b/imap/httpd.c
index 5dcf38dc4..d2fdeb945 100644
--- a/imap/httpd.c
+++ b/imap/httpd.c
@@ -1729,6 +1729,25 @@ static int examine_request(struct transaction_t *txn)
txn->auth_chal.scheme = NULL;
}
+ /* Drop auth credentials, if not a backend in a Murder */
+ else if (!config_mupdate_server || !config_getstring(IMAPOPT_PROXYSERVERS)) {
+ syslog(LOG_DEBUG, "drop auth creds");
+
+ free(httpd_userid);
+ httpd_userid = NULL;
+
+ free(httpd_extrafolder);
+ httpd_extrafolder = NULL;
+
+ free(httpd_extradomain);
+ httpd_extradomain = NULL;
+
+ if (httpd_authstate) {
+ auth_freestate(httpd_authstate);
+ httpd_authstate = NULL;
+ }
+ }
+
/* Perform proxy authorization, if necessary */
else if (saslprops.authid &&
(hdr = spool_getheader(txn->req_hdrs, "Authorize-As")) &&

13
SOURCES/cyrus-imapd-CVE-2019-19783.patch
View File

@ -1,13 +0,0 @@
diff --git a/imap/lmtp_sieve.c b/imap/lmtp_sieve.c
index 4c3bbc3..d0abdd3 100644
--- a/imap/lmtp_sieve.c
+++ b/imap/lmtp_sieve.c
@@ -999,7 +999,7 @@ static int autosieve_createfolder(const char *userid, const struct auth_state *a
if (createsievefolder) {
/* Folder is already in internal namespace format */
r = mboxlist_createmailbox(internalname, 0, NULL,
- 1, userid, auth_state, 0, 0, 0, 1, NULL);
+ 0, userid, auth_state, 0, 0, 0, 1, NULL);
if (!r) {
mboxlist_changesub(internalname, userid, auth_state, 1, 1, 1);
syslog(LOG_DEBUG, "autosievefolder: User %s, folder %s creation succeeded",

23
SOURCES/cyrus-imapd-close_backup_fd_on_error.patch
View File

@ -1,23 +0,0 @@
From 725e1efbd923c6d15ba639e17bfd0baabc619daa Mon Sep 17 00:00:00 2001
From: Pavel Zhukov <pzhukov@redhat.com>
Date: Mon, 1 Oct 2018 15:55:35 +0200
Subject: [PATCH] Close file descriptior in case of error
Make static code analizers happy.
If stat() failed for some reason it may lead backup fd unclosed.
---
backup/lcb.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/backup/lcb.c b/backup/lcb.c
index 8c4a0e31a..9a04b08f2 100644
--- a/backup/lcb.c
+++ b/backup/lcb.c
@@ -182,6 +182,7 @@ HIDDEN int backup_real_open(struct backup **backupp,
if (r) {
syslog(LOG_ERR, "IOERROR: (f)stat %s: %m", backup->data_fname);
r = IMAP_IOERROR;
+ close(fd);
goto error;
}

38
SOURCES/cyrus-imapd-close_backup_on_failure.patch
View File

@ -1,38 +0,0 @@
From 5d00f649b4d2a599905d1b9290c91a769909741d Mon Sep 17 00:00:00 2001
From: Pavel Zhukov <pzhukov@redhat.com>
Date: Mon, 24 Sep 2018 17:24:48 +0200
Subject: [PATCH] Close backup on failure.
Static analizers report this as memory leak issue.
---
backup/ctl_backups.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/backup/ctl_backups.c b/backup/ctl_backups.c
index 3d817e743..e532eedb7 100644
--- a/backup/ctl_backups.c
+++ b/backup/ctl_backups.c
@@ -955,6 +955,7 @@ static int lock_run_pipe(const char *userid, const char *fname,
if (r) {
printf("NO failed (%s)\n", error_message(r));
+ r = backup_close(&backup);
return EC_SOFTWARE; // FIXME would something else be more appropriate?
}
@@ -993,6 +994,7 @@ static int lock_run_sqlite(const char *userid, const char *fname,
fprintf(stderr, "unable to lock %s: %s\n",
userid ? userid : fname,
error_message(r));
+ r = backup_close(&backup);
return EC_SOFTWARE;
}
@@ -1053,6 +1055,7 @@ static int lock_run_exec(const char *userid, const char *fname,
fprintf(stderr, "unable to lock %s: %s\n",
userid ? userid : fname,
error_message(r));
+ r = backup_close(&backup);
return EC_SOFTWARE;
}

26
SOURCES/cyrus-imapd-cve_2019_11356.patch
View File

@ -1,26 +0,0 @@
diff --git a/imap/httpd.c b/imap/httpd.c
index dc53f8c..24b65e5 100644
--- a/imap/httpd.c
+++ b/imap/httpd.c
@@ -2202,7 +2202,7 @@ EXPORTED time_t calc_compile_time(const char *time, const char *date)
memset(&tm, 0, sizeof(struct tm));
tm.tm_isdst = -1;
sscanf(time, "%02d:%02d:%02d", &tm.tm_hour, &tm.tm_min, &tm.tm_sec);
- sscanf(date, "%s %2d %4d", month, &tm.tm_mday, &tm.tm_year);
+ sscanf(date, "%3s %2d %4d", month, &tm.tm_mday, &tm.tm_year);
tm.tm_year -= 1900;
for (tm.tm_mon = 0; tm.tm_mon < 12; tm.tm_mon++) {
if (!strcmp(month, monthname[tm.tm_mon])) break;
diff --git a/imap/ical_support.c b/imap/ical_support.c
index 1d7550a..e1bda50 100644
--- a/imap/ical_support.c
+++ b/imap/ical_support.c
@@ -458,7 +458,7 @@ const char *get_icalcomponent_errstr(icalcomponent *ical)
/* Check if this is an empty property error */
if (sscanf(errstr,
- "No value for %s property", propname) == 1) {
+ "No value for %255s property", propname) == 1) {
/* Empty LOCATION is OK */
if (!strcasecmp(propname, "LOCATION")) continue;
if (!strcasecmp(propname, "COMMENT")) continue;

17
SOURCES/cyrus-imapd-load-tombstones-for-cleanup.patch
View File

@ -1,17 +0,0 @@
diff --git a/imap/cyr_expire.c b/imap/cyr_expire.c
index bcb40ea..747414a 100644
--- a/imap/cyr_expire.c
+++ b/imap/cyr_expire.c
@@ -628,9 +628,10 @@ int main(int argc, char *argv[])
}
if (do_user)
- mboxlist_usermboxtree(do_user, expire, &erock, MBOXTREE_DELETED);
+ mboxlist_usermboxtree(do_user, expire, &erock, MBOXTREE_DELETED|MBOXTREE_TOMBSTONES);
else
- mboxlist_allmbox(find_prefix, expire, &erock, 0);
+ mboxlist_allmbox(find_prefix, expire, &erock,
+ MBOXTREE_TOMBSTONES);
syslog(LOG_NOTICE, "Expired %lu and expunged %lu out of %lu "
"messages from %lu mailboxes",

66
SOURCES/cyrus-imapd-master_rename.patch
View File

@ -1,66 +0,0 @@
diff --git a/Cassandane/Instance.pm b/cassandane/Cassandane/Instance.pm
index 1561143..c60396e 100644
--- a/Cassandane/Instance.pm
+++ b/Cassandane/Instance.pm
@@ -166,7 +166,7 @@ sub get_version
my $cyrus_master;
foreach my $d (qw( bin sbin libexec libexec/cyrus-imapd lib cyrus/bin ))
{
- my $try = "$cyrus_destdir$cyrus_prefix/$d/master";
+ my $try = "$cyrus_destdir$cyrus_prefix/$d/cyrus-master";
if (-x $try) {
$cyrus_master = $try;
last;
diff --git a/Cassandane/Instance.pm b/Cassandane/Instance.pm
index c60396e..7b2883a 100644
--- a/Cassandane/Instance.pm
+++ b/Cassandane/Instance.pm
@@ -546,7 +546,7 @@ sub _pid_file
{
my ($self, $name) = @_;
- $name ||= 'master';
+ $name ||= 'cyrus-master';
return $self->{basedir} . "/run/$name.pid";
}
@@ -569,7 +569,7 @@ sub _list_pid_files
closedir(RUNDIR);
@pidfiles = sort { $a cmp $b } @pidfiles;
- @pidfiles = ( 'master', grep { $_ ne 'master' } @pidfiles );
+ @pidfiles = ( 'cyrus-master', grep { $_ ne 'cyrus-master' } @pidfiles );
return @pidfiles;
}
@@ -877,7 +877,7 @@ sub _start_master
# Now start the master process.
my @cmd =
(
- 'master',
+ 'cyrus-master',
# The following is added automatically by _fork_command:
# '-C', $self->_imapd_conf(),
'-l', '255',
@@ -886,7 +886,7 @@ sub _start_master
'-M', $self->_master_conf(),
);
if (get_verbose) {
- my $logfile = $self->{basedir} . '/conf/master.log';
+ my $logfile = $self->{basedir} . '/conf/cyrus-master.log';
xlog "_start_master: logging to $logfile";
push(@cmd, '-L', $logfile);
}
diff --git a/Cassandane/Instance.pm b/Cassandane/Instance.pm
index 7b2883a..0c1e5fb 100644
--- a/Cassandane/Instance.pm
+++ b/Cassandane/Instance.pm
@@ -1301,7 +1301,7 @@ sub send_sighup
return if ($self->{_stopped});
xlog "sighup";
- my $pid = $self->_read_pid_file('master') or return;
+ my $pid = $self->_read_pid_file('cyrus-master') or return;
kill(SIGHUP, $pid) or die "Can't send signal SIGHUP to pid $pid: $!";
return 1;
}

73
SOURCES/cyrus-imapd-memory_leak_on_cleanup.patch
View File

@ -1,73 +0,0 @@
From acfc393638ad1b81a4234173b060bb63907ee52c Mon Sep 17 00:00:00 2001
From: Pavel Zhukov <pzhukov@redhat.com>
Date: Mon, 1 Oct 2018 15:51:01 +0200
Subject: [PATCH] Replace simple return with cleanup flow
Make cleanup more consistence to prevent leaks of memory pointed by
filter/base/res
---
ptclient/ldap.c | 17 ++++++++++-------
1 file changed, 10 insertions(+), 7 deletions(-)
diff --git a/ptclient/ldap.c b/ptclient/ldap.c
index 0b82d2c6b..65bae7bd6 100644
--- a/ptclient/ldap.c
+++ b/ptclient/ldap.c
@@ -1388,13 +1388,14 @@ static int ptsmodule_make_authstate_group(
if (strncmp(canon_id, "group:", 6)) { // Sanity check
*reply = "not a group identifier";
- return PTSM_FAIL;
+ rc = PTSM_FAIL;
+ goto done;
}
rc = ptsmodule_connect();
if (rc != PTSM_OK) {
*reply = "ptsmodule_connect() failed";
- return rc;
+ goto done;;
}
rc = ptsmodule_expand_tokens(ptsm->group_filter, canon_id+6, NULL, &filter);
@@ -1425,17 +1426,19 @@ static int ptsmodule_make_authstate_group(
if (rc != LDAP_SUCCESS) {
syslog(LOG_DEBUG, "(groups) Result from domain query not OK");
- return rc;
+ goto done;
} else {
syslog(LOG_DEBUG, "(groups) Result from domain query OK");
}
if (ldap_count_entries(ptsm->ld, res) < 1) {
syslog(LOG_ERR, "(groups) No domain %s found", domain);
- return PTSM_FAIL;
+ rc = PTSM_FAIL;
+ goto done;
} else if (ldap_count_entries(ptsm->ld, res) > 1) {
syslog(LOG_ERR, "(groups) Multiple domains %s found", domain);
- return PTSM_FAIL;
+ rc = PTSM_FAIL;
+ goto done;
} else {
syslog(LOG_DEBUG, "(groups) Domain %s found", domain);
if ((entry = ldap_first_entry(ptsm->ld, res)) != NULL) {
@@ -1452,7 +1455,7 @@ static int ptsmodule_make_authstate_group(
}
if (rc != PTSM_OK) {
- return rc;
+ goto done;
} else {
base = xstrdup(ptsm->group_base);
syslog(LOG_DEBUG, "Continuing with ptsm->group_base: %s", ptsm->group_base);
@@ -1462,7 +1465,7 @@ static int ptsmodule_make_authstate_group(
} else {
rc = ptsmodule_expand_tokens(ptsm->group_base, canon_id, NULL, &base);
if (rc != PTSM_OK)
- return rc;
+ goto done;
}
syslog(LOG_DEBUG, "(groups) about to search %s for %s", base, filter);

102
SOURCES/cyrus-imapd-memory_leak_on_cleanup_2.patch
View File

@ -1,102 +0,0 @@
diff --git a/ptclient/ldap.c b/ptclient/ldap.c
index 7e48879..dafa724 100644
--- a/ptclient/ldap.c
+++ b/ptclient/ldap.c
@@ -932,7 +932,7 @@ static int ptsmodule_get_dn(
{
rc = ptsmodule_expand_tokens(ptsm->filter, canon_id, NULL, &filter);
if (rc != PTSM_OK)
- return rc;
+ goto done;
if (ptsm->domain_base_dn && ptsm->domain_base_dn[0] != '\0' && (strrchr(canon_id, '@') != NULL)) {
syslog(LOG_DEBUG, "Attempting to get domain for %s from %s", canon_id, ptsm->domain_base_dn);
@@ -955,19 +955,23 @@ static int ptsmodule_get_dn(
ldap_unbind(ptsm->ld);
ptsm->ld = NULL;
syslog(LOG_ERR, "LDAP not available: %s", ldap_err2string(rc));
- return PTSM_RETRY;
+ rc = PTSM_RETRY;
+ goto done;
}
syslog(LOG_ERR, "LDAP search for domain failed: %s", ldap_err2string(rc));
- return PTSM_FAIL;
+ rc = PTSM_FAIL;
+ goto done;
}
if (ldap_count_entries(ptsm->ld, res) < 1) {
syslog(LOG_ERR, "No domain %s found", domain);
- return PTSM_FAIL;
+ rc = PTSM_FAIL;
+ goto done;
} else if (ldap_count_entries(ptsm->ld, res) > 1) {
syslog(LOG_ERR, "Multiple domains %s found", domain);
- return PTSM_FAIL;
+ rc = PTSM_FAIL;
+ goto done;
} else {
if ((entry = ldap_first_entry(ptsm->ld, res)) != NULL) {
if ((vals = ldap_get_values(ptsm->ld, entry, ptsm->domain_result_attribute)) != NULL) {
@@ -982,7 +986,7 @@ static int ptsmodule_get_dn(
}
if (rc != PTSM_OK) {
- return rc;
+ goto done;
} else {
base = xstrdup(ptsm->base);
syslog(LOG_DEBUG, "Continuing with ptsm->base: %s", ptsm->base);
@@ -993,23 +997,23 @@ static int ptsmodule_get_dn(
} else {
rc = ptsmodule_expand_tokens(ptsm->base, canon_id, NULL, &base);
if (rc != PTSM_OK)
- return rc;
+ goto done;
}
rc = ldap_search_st(ptsm->ld, base, ptsm->scope, filter, attrs, 0, &(ptsm->timeout), &res);
if (rc != LDAP_SUCCESS) {
syslog(LOG_DEBUG, "Searching %s with %s failed", base, base);
- free(filter);
- free(base);
if (rc == LDAP_SERVER_DOWN) {
ldap_unbind(ptsm->ld);
ptsm->ld = NULL;
- return PTSM_RETRY;
+ rc = PTSM_RETRY;
+ goto done;
}
- return PTSM_FAIL;
+ rc = PTSM_FAIL;
+ goto done;
}
free(filter);
@@ -1035,6 +1039,13 @@ static int ptsmodule_get_dn(
}
return (*ret ? PTSM_OK : PTSM_FAIL);
+
+ done:
+ if (filter)
+ free(filter);
+ if (base)
+ free(base);
+ return rc;
}
@@ -1344,7 +1355,7 @@ static int ptsmodule_make_authstate_group(
rc = ptsmodule_connect();
if (rc != PTSM_OK) {
*reply = "ptsmodule_connect() failed";
- goto done;;
+ goto done;
}
rc = ptsmodule_expand_tokens(ptsm->group_filter, canon_id+6, NULL, &filter);

64
SOURCES/cyrus-imapd-ptclient-canonification_across_multiple_domains.patch
View File

@ -1,64 +0,0 @@
diff --git a/ptclient/ldap.c b/ptclient/ldap.c
index 2fc306e..4dc9be1 100644
--- a/ptclient/ldap.c
+++ b/ptclient/ldap.c
@@ -934,7 +934,58 @@ static int ptsmodule_get_dn(
if (rc != PTSM_OK)
goto done;
- if (ptsm->domain_base_dn && ptsm->domain_base_dn[0] != '\0' && (strrchr(canon_id, '@') != NULL)) {
+ if (ptsm->domain_base_dn && ptsm->domain_base_dn[0] != '\0' && (strrchr(canon_id, '@') == NULL)) {
+ syslog(LOG_DEBUG, "collecting all domains from %s", ptsm->domain_base_dn);
+
+ snprintf(domain_filter, sizeof(domain_filter), ptsm->domain_filter, "*");
+
+ syslog(LOG_DEBUG, "Domain filter: %s", domain_filter);
+
+ rc = ldap_search_st(ptsm->ld, ptsm->domain_base_dn, ptsm->domain_scope, domain_filter, domain_attrs, 0, &(ptsm->timeout), &res);
+
+ if (rc != LDAP_SUCCESS) {
+ if (rc == LDAP_SERVER_DOWN) {
+ syslog(LOG_ERR, "LDAP not available: %s", ldap_err2string(rc));
+ ldap_unbind(ptsm->ld);
+ ptsm->ld = NULL;
+ return PTSM_RETRY;
+ }
+
+ syslog(LOG_ERR, "LDAP search for domain failed: %s", ldap_err2string(rc));
+ return PTSM_FAIL;
+ }
+ if (ldap_count_entries(ptsm->ld, res) < 1) {
+ syslog(LOG_ERR, "No domain found");
+ return PTSM_FAIL;
+ } else if (ldap_count_entries(ptsm->ld, res) >= 1) {
+ int count_matches = 0;
+ char *temp_base = NULL;
+ LDAPMessage *res2;
+ for (entry = ldap_first_entry(ptsm->ld, res); entry != NULL; entry = ldap_next_entry(ptsm->ld, entry)) {
+ if ((vals = ldap_get_values(ptsm->ld, entry, ptsm->domain_name_attribute)) != NULL) {
+ syslog(LOG_DEBUG, "we have a domain %s", vals[0]);
+ ptsmodule_standard_root_dn(vals[0], &temp_base);
+ rc = ldap_search_st(ptsm->ld, temp_base, ptsm->scope, filter, attrs, 0, &(ptsm->timeout), &res2);
+ if (rc == LDAP_SUCCESS && ldap_count_entries(ptsm->ld, res2) == 1) {
+ syslog(LOG_DEBUG, "Found %s in %s", canon_id, temp_base);
+ base = temp_base;
+ count_matches++;
+ }
+ }
+ }
+
+ if (count_matches > 1) {
+ syslog(LOG_ERR, "LDAP search for %s failed because it matches multiple accounts.", canon_id);
+ return PTSM_FAIL;
+ } else if (count_matches == 0) {
+ syslog(LOG_ERR, "LDAP search for %s failed because it does not match any account in all domains.", canon_id);
+ return PTSM_FAIL;
+ }
+
+ syslog(LOG_DEBUG, "we have found %s in %s", canon_id, base);
+ }
+ }
+ else if (ptsm->domain_base_dn && ptsm->domain_base_dn[0] != '\0' && (strrchr(canon_id, '@') != NULL)) {
syslog(LOG_DEBUG, "Attempting to get domain for %s from %s", canon_id, ptsm->domain_base_dn);
/* Get the base dn to search from domain_base_dn searched on domain_scope with

68
SOURCES/cyrus-imapd-use_system_ciphers.patch
View File

@ -1,68 +0,0 @@
diff --git a/lib/imapoptions b/lib/imapoptions
index 37f8371..898b943 100644
--- a/lib/imapoptions
+++ b/lib/imapoptions
@@ -2207,12 +2207,12 @@ product version in the capabilities
{ "tls_cert_file", NULL, STRING, "2.5.0", "tls_server_cert" }
/* Deprecated in favor of \fItls_server_cert\fR. */
-{ "tls_cipher_list", "DEFAULT", STRING, "2.5.0", "tls_ciphers" }
+{ "tls_cipher_list", "PROFILE=SYSTEM", STRING, "2.5.0", "tls_ciphers" }
/* Deprecated in favor of \fItls_ciphers\fR. */
-{ "tls_ciphers", "DEFAULT", STRING }
+{ "tls_ciphers", "PROFILE=SYSTEM", STRING }
/* The list of SSL/TLS ciphers to allow. The format of the string
- (and definition of "DEFAULT") is described in \fBciphers(1)\fR.
+ (and definition of "PROFILE=SYSTEM") is described in \fBciphers(1)\fR.
.PP
See also Mozilla's server-side TLS recommendations:
.PP
diff --git a/doc/html/_sources/imap/reference/manpages/configs/imapd.conf.txt b/doc/html/_sources/imap/reference/manpages/configs/imapd.conf.txt
index c45d94b..495a2c7 100644
--- a/doc/html/_sources/imap/reference/manpages/configs/imapd.conf.txt
+++ b/doc/html/_sources/imap/reference/manpages/configs/imapd.conf.txt
@@ -4298,7 +4298,7 @@ FIELD DESCRIPTIONS
.. startblob tls_cipher_list
- ``tls_cipher_list:`` DEFAULT
+ ``tls_cipher_list:`` PROFILE=SYSTEM
Deprecated in favor of *tls_ciphers*.
@@ -4307,10 +4307,10 @@ FIELD DESCRIPTIONS
.. startblob tls_ciphers
- ``tls_ciphers:`` DEFAULT
+ ``tls_ciphers:`` PROFILE=SYSTEM
The list of SSL/TLS ciphers to allow. The format of the string
- (and definition of "DEFAULT") is described in **ciphers(1)**.
+ (and definition of "PROFILE=SYSTEM") is described in **ciphers(1)**.
See also Mozilla's server-side TLS recommendations:
diff --git a/doc/text/imap/reference/manpages/configs/imapd.conf.txt b/doc/text/imap/reference/manpages/configs/imapd.conf.txt
index 1801cd7..7c77154 100644
--- a/doc/text/imap/reference/manpages/configs/imapd.conf.txt
+++ b/doc/text/imap/reference/manpages/configs/imapd.conf.txt
@@ -2675,14 +2675,14 @@ FIELD DESCRIPTIONS
Deprecated in favor of *tls_server_cert*.
- "tls_cipher_list:" DEFAULT
+ "tls_cipher_list:" PROFILE=SYSTEM
Deprecated in favor of *tls_ciphers*.
- "tls_ciphers:" DEFAULT
+ "tls_ciphers:" PROFILE=SYSTEM
The list of SSL/TLS ciphers to allow. The format of the string
- (and definition of "DEFAULT") is described in **ciphers(1)**.
+ (and definition of "PROFILE=SYSTEM") is described in **ciphers(1)**.
See also Mozilla's server-side TLS recommendations:

409
SOURCES/cyrus-imapd.cvt_cyrusdb_all
View File

@ -1,409 +0,0 @@
#!/bin/bash
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
# This script converts all db files of a cyrus installation from their
# existing format to the format required by the current installation.
# The format of current db files is determined using the 'file' command
# with a magic file added for skiplist db, the new format is read from
# a config file usually in /usr/share/cyrus-imapd/rpm/db.cfg, which is
# created while compiling. After converting, the db.cfg file is
# copied to a cache file usually at /var/lib/imap/rpm/db.cfg.cache to
# allow bypassing this converting script if both files are identical.
# While this is a bit less secure, it may be useful on big server where
# db converting is done automatically.
#
# This script can safely be run as root, it will reexec itself as user
# cyrus if needed.
#
# author: Simon Matter, Invoca Systems <simon.matter@invoca.ch>
# changelog
# v1.0.1, Oct 22 2002 Simon Matter <simon.matter@invoca.ch>
# - added two-step conversion method
#
# v1.0.2, Jan 10 2003 Simon Matter <simon.matter@invoca.ch>
# - fixed a bug where cvt_cyrusdb was called to convert empty or
# nonexistent files
#
# v1.0.3, Mar 14 2003 Simon Matter <simon.matter@invoca.ch>
# - fixed a problem with new versions of the file command
#
# v1.0.4
# - added GPL license
#
# v1.0.5, May 02 2003 Simon Matter <simon.matter@invoca.ch>
# - modified exec path
#
# v1.0.6, Jul 18 2003 Simon Matter <simon.matter@invoca.ch>
# - changed db3 to berkeley
# - added new db backends for 2.2
#
# v1.0.7, Jan 23 2004 Simon Matter <simon.matter@invoca.ch>
# - included some modifications from Luca Olivetti <luca@olivetti.cjb.net>
# - added masssievec functionality
#
# v1.0.8, Jan 28 2004 Simon Matter <simon.matter@invoca.ch>
# - convert sieve scripts to UTF-8 before calling masssievec
#
# v1.0.9, Jan 29 2004 Simon Matter <simon.matter@invoca.ch>
# - convert sieve scripts to UTF-8 only if sievec failed before
#
# v1.0.10, Feb 24 2004 Simon Matter <simon.matter@invoca.ch>
# - change su within init script to get input from
# /dev/null, this prevents hang when running in SELinux
#
# v1.0.11, Mar 02 2004 Simon Matter <simon.matter@invoca.ch>
# - fixed SELinux fix
#
# v1.0.12, Dec 16 2004 Simon Matter <simon.matter@invoca.ch>
# - use runuser instead of su if available
#
# v1.0.13, Jul 15 2005 Simon Matter <simon.matter@invoca.ch>
# - don't use flat in the two step conversion, use skiplist instead
#
# v1.0.14, Jul 18 2005 Simon Matter <simon.matter@invoca.ch>
# - replace the order of the magic files in the file call to make
# sure skiplist is detected correctly.
#
# v1.0.15, Aug 17 2005 Simon Matter <simon.matter@invoca.ch>
# - add functionality to export all berkeley db files to skiplist
#
# v1.1.0, Aug 18 2005 Simon Matter <simon.matter@invoca.ch>
# - fix export functionality, try to recover Berkeley databases
# as much as possible before any conversion.
#
# v1.1.1, Dec 05 2005 Simon Matter <simon.matter@invoca.ch>
# - run db_checkpoint in background with a timeout to prevent
# that cyrus-imapd doesn't start at all if it hangs.
#
# v1.1.2, Dec 06 2005 Simon Matter <simon.matter@invoca.ch>
# - make handling of db_checkpoint more robust
#
# v1.2.0, Jan 12 2006 Simon Matter <simon.matter@invoca.ch>
# - adopt for cyrus-imapd-2.3
#
# v1.2.1, Jan 13 2006 Simon Matter <simon.matter@invoca.ch>
# - code cleanup
#
# v1.2.2, Nov 29 2007 Simon Matter <simon.matter@invoca.ch>
# - add ability to handle "@include" options in imapd.conf, patch
# provided by Tim Bannister
#
# v1.2.3, Feb 07 2008 Simon Matter <simon.matter@invoca.ch>
# - add ability to handle tabs in imapd.conf, patch provided
# by Franz Knipp
# - disable default values for some config options like sievedir
#
# v1.2.4, Apr 23 2008 Simon Matter <simon.matter@invoca.ch>
# - add support for statuscache.db
#
# v1.3.0, Sep 29 2008 Simon Matter <simon.matter@invoca.ch>
# - add multi-instance support
#
# v1.3.1, Oct 09 2008 Simon Matter <simon.matter@invoca.ch>
# - improve variable handling
#
# v1.3.2, May 26 2009 Simon Matter <simon.matter@invoca.ch>
# - add some sanity checks to multi-instance support
#
# v1.3.3, May 27 2009 Simon Matter <simon.matter@invoca.ch>
# - make some cosmetic changes
#
# v1.3.4, Dec 22 2009 Simon Matter <simon.matter@invoca.ch>
# - add support for user_deny.db
VERSION=1.3.4
PIDFILE=/var/run/cyrus-master${INSTANCE}.pid
# instance config
CYRUSCONF=/etc/cyrus${INSTANCE}.conf
IMAPDCONF=/etc/imapd${INSTANCE}.conf
# make sure what we have is a valid instance
# and that config files are present
if [ -n "$INSTANCE" ]; then
[ -L /etc/rc.d/init.d/${BASENAME} ] || exit 0
fi
[ -f $CYRUSCONF ] || exit 0
[ -f $IMAPDCONF ] || exit 0
if [ -f $PIDFILE ]; then
read CYRUS_PID < $PIDFILE
if [ -n "$CYRUS_PID" ]; then
if ps -p $CYRUS_PID > /dev/null 2>&1; then
echo "ERROR: cyrus-master is running, unable to convert mailboxes!"
exit 1
fi
fi
fi
if [ ! -f $IMAPDCONF ]; then
echo "ERROR: configuration file '${IMAPDCONF}' not found, exiting!"
exit 1
fi
# fallback to su if runuser not available
if [ -x /sbin/runuser ]; then
RUNUSER=runuser
else
RUNUSER=su
fi
# force cyrus user for security reasons
if [ ! $(whoami) = "cyrus" ]; then
exec $RUNUSER - cyrus -c "cd $PWD < /dev/null ; INSTANCE=$INSTANCE $0 $*"
fi
# special function for migration
EXPORT=$1
# files get mode 0600
umask 166
# show version info in log files
echo "cvt_cyrusdb_all version: $VERSION"
# expand_config <path>
# handle "@include" sections from imapd style config file
expand_config() {
while read line; do
if printf "%s\n" "${line}" | grep -q '^@include:'; then
expand_config "$( printf "%s\n" "${line}" | cut -d : -f 2- | sed -e 's/^[\t ]*//' )"
else
printf "%s\n" "${line}"
fi
done < $1
}
# get_config <config> [<default>]
# extracts config option from config file
get_config() {
searchstr=$1
if config="$(expand_config $IMAPDCONF | egrep "^${searchstr}:")"; then
CFGVAL="$(printf "%s\n" "$config" | cut -d : -f 2- | sed -e 's/^[\t ]*//')"
else
if [ -z "$2" ]; then
echo "ERROR: config option '$1' not found in ${IMAPDCONF}, exiting!" 1>&2
return 1
fi
CFGVAL="$2"
fi
echo "get_config ${1}: $CFGVAL" 1>&2
echo "$CFGVAL"
}
# where to find files and directories
data_dir=/usr/share/cyrus-imapd/rpm
lib_dir=/usr/lib/cyrus-imapd
system_magic=$(file --version | awk '/magic file/ {print $4}')
cyrus_magic=${data_dir}/magic
cvt_cyrusdb=${lib_dir}/cvt_cyrusdb
sievec=${lib_dir}/sievec
masssievec=${lib_dir}/masssievec
imap_prefix=$(get_config configdirectory) || exit 1
sieve_dir=$(get_config sievedir) || exit 1
db_cfg=${data_dir}/db.cfg
db_current=${imap_prefix}/rpm/db.cfg.current
db_cache=${imap_prefix}/rpm/db.cfg.cache
# source default db backend config
. $db_cfg
# get configured db backend config
duplicate_db=$(get_config duplicate_db $duplicate_db) || exit 1
mboxlist_db=$(get_config mboxlist_db $mboxlist_db) || exit 1
seenstate_db=$(get_config seenstate_db $seenstate_db) || exit 1
subscription_db=$(get_config subscription_db $subscription_db) || exit 1
tlscache_db=$(get_config tlscache_db $tlscache_db) || exit 1
annotation_db=$(get_config annotation_db $annotation_db) || exit 1
mboxkey_db=$(get_config mboxkey_db $mboxkey_db) || exit 1
ptscache_db=$(get_config ptscache_db $ptscache_db) || exit 1
quota_db=$(get_config quota_db $quota_db) || exit 1
statuscache_db=$(get_config statuscache_db $statuscache_db) || exit 1
userdeny_db=$(get_config userdeny_db $userdeny_db) || exit 1
# remember current db backend config
{
echo "duplicate_db=${duplicate_db}"
echo "mboxlist_db=${mboxlist_db}"
echo "seenstate_db=${seenstate_db}"
echo "subscription_db=${subscription_db}"
echo "tlscache_db=${tlscache_db}"
echo "annotation_db=${annotation_db}"
echo "mboxkey_db=${mboxkey_db}"
echo "ptscache_db=${ptscache_db}"
echo "quota_db=${quota_db}"
echo "statuscache_db=${statuscache_db}"
echo "userdeny_db=${userdeny_db}"
echo "sieve_version=${sieve_version}"
} | sort > $db_current
# file_type <file>
file_type() {
this_type=$(file -b -m "${cyrus_magic}:${system_magic}" "$1" 2> /dev/null)
if echo "$this_type" | grep -qi skip > /dev/null 2>&1; then
echo skiplist
elif echo "$this_type" | grep -qi text > /dev/null 2>&1; then
echo flat
else
echo berkeley
fi
}
# cvt_file <file> <db>
cvt_file() {
target="$1"
new_db="$2"
if [ -s "$target" ]; then
old_db=$(file_type "$target")
if [ ! "$old_db" = "$new_db" ]; then
# The two-step conversion is paranoia against the filenames being encoded
# inside the database or logfiles (berkeley does this, for example).
rm -f "${target}.skiplist"
if [ "$old_db" = "skiplist" ]; then
cp -a "$target" "${target}.skiplist"
else
$cvt_cyrusdb -C $IMAPDCONF "$target" "$old_db" "${target}.skiplist" skiplist
fi
RETVAL=$?
ERRVAL=$(( $ERRVAL + $RETVAL ))
if [ $RETVAL -eq 0 ]; then
rm -f "$target"
if [ -s "${target}.skiplist" ]; then
if [ "$new_db" = "skiplist" ]; then
cp -a "${target}.skiplist" "$target"
else
$cvt_cyrusdb -C $IMAPDCONF "${target}.skiplist" skiplist "$target" "$new_db"
fi
fi
RETVAL=$?
ERRVAL=$(( $ERRVAL + $RETVAL ))
if [ $RETVAL -eq 0 ]; then
rm -f "${target}.skiplist"
else
echo "ERROR: unable to convert ${target}.skiplist from skiplist to $new_db"
fi
else
echo "ERROR: unable to convert $target from $old_db to skiplist"
fi
fi
fi
}
# cvt_to_utf8 <file>
cvt_to_utf8() {
target="$1"
if [ -s "$target" ]; then
if ! $sievec -C $IMAPDCONF "$target" "${target}.sievec"; then
iconv --from-code=ISO-8859-1 --to-code=UTF-8 --output="${target}.UTF-8" "$target"
if [ -s "${target}.UTF-8" ]; then
# preserve timestamp
touch --reference="${target}" "${target}.UTF-8"
mv -f "${target}.UTF-8" "$target"
else
ERRVAL=$(( $ERRVAL + 1 ))
fi
fi
rm -f "${target}.sievec"
fi
}
ERRVAL=0
# make sure our Berkeley databases are in a sane state
# wait for db_checkpoint to end successfully or kill it after a timeout
db_checkpoint -v -1 -h ${imap_prefix}/db &
DB_CHECK_PID=$!
CNT=0
while [ $CNT -lt 60 ]; do
if ! kill -0 $DB_CHECK_PID > /dev/null 2>&1; then
break
fi
sleep 1
let CNT+=1
done
if kill -0 $DB_CHECK_PID > /dev/null 2>&1; then
kill -USR1 $DB_CHECK_PID > /dev/null 2>&1
sleep 1
kill -KILL $DB_CHECK_PID > /dev/null 2>&1
wait $DB_CHECK_PID > /dev/null 2>&1
fi
# do a normal recovery
db_recover -v -h ${imap_prefix}/db
RETVAL=$?
if [ $RETVAL -ne 0 ]; then
# try a catastrophic recovery instead of normal recovery
db_recover -v -c -h ${imap_prefix}/db
RETVAL=$?
ERRVAL=$(( $ERRVAL + $RETVAL ))
if [ $RETVAL -ne 0 ]; then
echo "ERROR: catastrophic recovery of Berkeley databases failed"
fi
fi
if [ "$EXPORT" = "export" ]; then
# convert all db files to portable format for migration
# TODO: quota_db, we don't touch it for now
cvt_file ${imap_prefix}/deliver.db "skiplist"
cvt_file ${imap_prefix}/mailboxes.db "skiplist"
cvt_file ${imap_prefix}/tls_sessions.db "skiplist"
cvt_file ${imap_prefix}/annotations.db "skiplist"
cvt_file ${imap_prefix}/ptclient/ptscache.db "skiplist"
cvt_file ${imap_prefix}/statuscache.db "skiplist"
cvt_file ${imap_prefix}/user_deny.db "flat"
rm -vf ${imap_prefix}/db/log.*
rm -vf ${imap_prefix}/db/__db.*
else
# always convert db files which have been converted to skiplist
# TODO: quota_db, we don't touch it for now
cvt_file ${imap_prefix}/deliver.db "$duplicate_db"
cvt_file ${imap_prefix}/mailboxes.db "$mboxlist_db"
cvt_file ${imap_prefix}/tls_sessions.db "$tlscache_db"
cvt_file ${imap_prefix}/annotations.db "$annotation_db"
cvt_file ${imap_prefix}/ptclient/ptscache.db "$ptscache_db"
cvt_file ${imap_prefix}/statuscache.db "$statuscache_db"
cvt_file ${imap_prefix}/user_deny.db "$userdeny_db"
# do we have to convert all databases?
if ! cmp -s $db_current $db_cache; then
# we treat sieve scripts the same way like db files
find ${sieve_dir}/ -name "*.script" -type f | while read db_file trash; do
cvt_to_utf8 "$db_file"
done
$masssievec $sievec $IMAPDCONF
# convert all db files left
find ${imap_prefix}/user/ -name "*.seen" -type f | while read db_file trash; do
cvt_file "$db_file" "$seenstate_db"
done
find ${imap_prefix}/user/ -name "*.sub" -type f | while read db_file trash; do
cvt_file "$db_file" "$subscription_db"
done
find ${imap_prefix}/user/ -name "*.mboxkey" -type f | while read db_file trash; do
cvt_file "$db_file" "$mboxkey_db"
done
fi
fi
# update the config cache file so we can check whether something has changed
if [ $ERRVAL -eq 0 ]; then
mv -f $db_current $db_cache
else
rm -f $db_cache
rm -f $db_current
fi
exit $ERRVAL

20
SOURCES/cyrus-squatter-assert-crash.patch
View File

@ -1,20 +0,0 @@
diff --git a/imap/squatter.c b/imap/squatter.c
index 97daa73..d7ffbd0 100644
--- a/imap/squatter.c
+++ b/imap/squatter.c
@@ -332,8 +332,13 @@ static void expand_mboxnames(strarray_t *sa, int nmboxnames,
else {
/* Translate any separators in mailboxname */
char *intname = mboxname_from_external(mboxnames[i], &squat_namespace, NULL);
- int flags = recursive_flag ? 0 : MBOXTREE_SKIP_CHILDREN;
- mboxlist_mboxtree(intname, addmbox, sa, flags);
+ if (!intname || *intname == '\0') {
+ fprintf(stderr, "Mailbox %s: %s\n",
+ mboxnames[i], error_message(IMAP_MAILBOX_BADNAME));
+ } else {
+ int flags = recursive_flag ? 0 : MBOXTREE_SKIP_CHILDREN;
+ mboxlist_mboxtree(intname, addmbox, sa, flags);
+ }
free(intname);
}
}

14
SOURCES/patch-cassandane-fix-annotator
View File

@ -1,14 +0,0 @@
diff --git a/utils/annotator.pl b/utils/annotator.pl
index 94b84a2..0208831 100755
--- a/utils/annotator.pl
+++ b/utils/annotator.pl
@@ -140,6 +140,8 @@ GetOptions(
xlog "annotator $$ starting";
Cassandane::AnnotatorDaemon->run(
pid_file => $pidfile,
- port => $port
+ port => $port,
+ user => (getpwuid($<))[0],
+ group => (getgrgid($())[0],
);
xlog "annotator $$ exiting";

21
SOURCES/patch-cassandane-no-syslog
View File

@ -1,21 +0,0 @@
diff --git a/Cassandane/Util/Log.pm b/Cassandane/Util/Log.pm
index 9cd93d5..8d3b3c1 100644
--- a/Cassandane/Util/Log.pm
+++ b/Cassandane/Util/Log.pm
@@ -52,16 +52,12 @@ our @EXPORT = qw(
my $verbose = 0;
-openlog('cassandane', '', LOG_LOCAL6)
- or die "Cannot openlog";
-
sub xlog
{
my ($pkg, $file, $line) = caller;
$pkg =~ s/^Cassandane:://;
my $msg = "=====> " . $pkg . "[" . $line . "] " . join(' ', @_);
print STDERR "$msg\n";
- syslog(LOG_ERR, "$msg");
}
sub set_verbose

13
SOURCES/patch-cyrus-managesieve-linking
View File

@ -1,13 +0,0 @@
diff --git a/perl/sieve/managesieve/Makefile.PL.in b/perl/sieve/managesieve/Makefile.PL.in
index 2bb715d..422504d 100644
--- a/perl/sieve/managesieve/Makefile.PL.in
+++ b/perl/sieve/managesieve/Makefile.PL.in
@@ -69,7 +69,7 @@ WriteMakefile(
'ABSTRACT' => 'Cyrus Sieve management interface',
'VERSION_FROM' => "@top_srcdir@/perl/sieve/managesieve/managesieve.pm", # finds $VERSION
'MYEXTLIB' => '../lib/.libs/libisieve.a @top_builddir@/perl/.libs/libcyrus.a @top_builddir@/perl/.libs/libcyrus_min.a',
- 'LIBS' => ["$LIB_SASL @SSL_LIBS@ @LIB_UUID@ @ZLIB@"],
+ 'LIBS' => ["$LIB_SASL @SSL_LIBS@ @LIB_UUID@ @ZLIB@ -lsqlite3 -lpq -lmariadb"],
'CCFLAGS' => '@GCOV_CFLAGS@',
'DEFINE' => '-DPERL_POLLUTE', # e.g., '-DHAVE_SOMETHING'
'INC' => "-I@top_srcdir@/lib -I@top_srcdir@/perl/sieve -I@top_srcdir@/perl/sieve/lib @SASLFLAGS@ @SSL_CPPFLAGS@",

25
SOURCES/patch-vzic-proper-cflags
View File

@ -1,25 +0,0 @@
diff --git a/tools/vzic/Makefile b/tools/vzic/Makefile
index 8ae6afa..3882998 100644
--- a/tools/vzic/Makefile
+++ b/tools/vzic/Makefile
@@ -45,17 +45,17 @@ LIBICAL_LDADD = -lical
GLIB_CFLAGS = `pkg-config --cflags glib-2.0`
GLIB_LDADD = `pkg-config --libs glib-2.0`
-CFLAGS = -g -I../.. -DOLSON_DIR=\"$(OLSON_DIR)\" -DPRODUCT_ID='"$(PRODUCT_ID)"' -DTZID_PREFIX='"$(TZID_PREFIX)"' $(GLIB_CFLAGS) $(LIBICAL_CFLAGS)
+CFLAGS += -I../.. -DOLSON_DIR=\"$(OLSON_DIR)\" -DPRODUCT_ID='"$(PRODUCT_ID)"' -DTZID_PREFIX='"$(TZID_PREFIX)"' $(GLIB_CFLAGS) $(LIBICAL_CFLAGS)
OBJECTS = vzic.o vzic-parse.o vzic-dump.o vzic-output.o
all: vzic
vzic: $(OBJECTS)
- $(CC) $(OBJECTS) $(GLIB_LDADD) -o vzic
+ $(CC) $(LDFLAGS) $(OBJECTS) $(GLIB_LDADD) -o vzic
test-vzic: test-vzic.o
- $(CC) test-vzic.o $(LIBICAL_LDADD) -o test-vzic
+ $(CC) $(LDFLAGS) test-vzic.o $(LIBICAL_LDADD) -o test-vzic
# Dependencies.
$(OBJECTS): vzic.h

968
SPECS/cyrus-imapd.spec
View File

@ -1,968 +0,0 @@
%define scmt(l:) %(c=%1; echo ${c:0:%{-l:%{-l*}}%{!-l:7}})
# Cassandane commit hash. Cassandane doesn't have releases often, but it
# receives constant development. This was fetched on 20180518.
%global cocas 00bfe0109f80437ed09154aca9fbd53eef8f1b09
# Cassandane run by default. '--without cassandane' disables.
%bcond_without cassandane
Name: cyrus-imapd
Version: 3.0.7
Release: 26%{?dist}
%define ssl_pem_file_prefix /etc/pki/%name/%name
# UID/GID 76 have long been reserved for Cyrus
%define uid 76
%define gid 76
%define cyrususer cyrus
%define cyrusgroup mail
%define cyrexecdir %_libexecdir/%name
Summary: A high-performance email, contacts and calendar server
License: BSD
URL: http://www.cyrusimap.org/
Source0: http://www.cyrusimap.org/releases/%name-%version.tar.gz
Source1: CHANGES.rpm
# Adapt a timeout to handle our slower builders
Patch0: patch-cyrus-testsuite-timeout
# Upstream https://github.com/cyrusimap/cyrus-imapd/issues/2026
Patch1: patch-cyrus-managesieve-linking
# Fedora-specific patch for the default configuration file
Patch2: patch-cyrus-default-configs
# vzic uses an old makefile that needs hacks to use the proper flags
Patch3: patch-vzic-proper-cflags
Patch4: cyrus-imapd-close_backup_on_failure.patch
Patch5: cyrus-imapd-memory_leak_on_cleanup.patch
Patch6: cyrus-imapd-memory_leak_on_cleanup_2.patch
Patch7: cyrus-imapd-close_backup_fd_on_error.patch
Patch8: cyrus-imapd-cve_2019_11356.patch
Patch9: cyrus-imapd-CVE-2019-19783.patch
Patch10: cyrus-imapd-CVE-2019-18928.patch
Patch11: cyrus-imapd-use_system_ciphers.patch
Patch12: cyrus-imapd-3.0-CVE-2021-33582.patch
# https://github.com/cyrusimap/cyrus-imapd/pull/3892
Patch13: cyrus-squatter-assert-crash.patch
# https://github.com/cyrusimap/cyrus-imapd/commit/562ac9d7abd3b928315c7f0672d0f1a8995ca625
Patch14: cyrus-imapd-load-tombstones-for-cleanup.patch
# https://github.com/cyrusimap/cyrus-imapd/commit/ed1a17b09e2e03788852e122f213b88352bc24b9
Patch15: cyrus-imapd-ptclient-canonification_across_multiple_domains.patch
Source10: cyrus-imapd.logrotate
Source11: cyrus-imapd.pam-config
Source12: cyrus-imapd.sysconfig
Source13: cyrus-imapd.cvt_cyrusdb_all
Source14: cyrus-imapd.magic
# XXX A systemd timer would probably be better
Source15: cyrus-imapd.cron-daily
Source16: README.rpm
Source17: cyrus-imapd.service
Source18: cyrus-imapd-init.service
Source19: cyrus-imapd.tmpfiles.conf
# Source files for running the Cassandane test suite at build time.
Source80: https://github.com/cyrusimap/cassandane/archive/%cocas.tar.gz#/cassandane-%{scmt %cocas}.tar.gz
# The CPAN version, and hence the Fedora-packaged version, of Net::CalDAVTalk
# doesn't include the testdata directory. Cassandane can use it for testing
# calendaring, so it's included here.
# This archive was generated by running:
# svn export https://github.com/brong/Net-CalDAVTalk/trunk/testdata
# tar cfz cassandane-testdata-20170523.tar.gz testdata
# Note that this changes very rarely. See
# https://github.com/brong/Net-CalDAVTalk/tree/master/testdata
Source81: cassandane-testdata-20170523.tar.gz
# A template config file for cassandane; we will substitute in varions values.
Source82: cassandane.ini
# These are source files and not patches because you can't use autosetup to
# apply patches to secondary unpacked source files.
# Prevent cassandane from trying to syslog things
Source91: patch-cassandane-no-syslog
# Tell the annotator script to run as the current user/group
# Upstream ticket https://github.com/cyrusimap/cyrus-imapd/issues/1995
Source92: patch-cassandane-fix-annotator
Source93: cyrus-imapd-master_rename.patch
BuildRequires: autoconf automake bison flex gcc gcc-c++ git groff libtool
BuildRequires: pkgconfig systemd transfig
BuildRequires: perl-devel perl-generators perl(ExtUtils::MakeMaker)
BuildRequires: perl(Pod::Html)
BuildRequires: CUnit-devel cyrus-sasl-devel glib2-devel
BuildRequires: jansson-devel krb5-devel libical-devel libicu-devel
BuildRequires: libnghttp2-devel libxml2-devel mariadb-devel net-snmp-devel
BuildRequires: openldap-devel openssl-devel postgresql-devel
BuildRequires: sqlite-devel
BuildRequires: xapian-core-devel
# Miscellaneous modules needed for 'make check' to function:
BuildRequires: cyrus-sasl-plain cyrus-sasl-md5
%if %{with cassandane}
# Additional packages required for cassandane to function
BuildRequires: imaptest net-tools words
BuildRequires: perl(AnyEvent) perl(BSD::Resource) perl(Clone)
BuildRequires: perl(experimental) perl(File::chdir) perl(File::Slurp)
BuildRequires: perl(IO::Socket::INET6) perl(Mail::IMAPTalk)
BuildRequires: perl(Config::IniFiles) perl(Mail::JMAPTalk) perl(Math::Int64)
BuildRequires: perl(Net::CalDAVTalk) perl(Net::CardDAVTalk)
BuildRequires: perl(Net::Server) perl(News::NNTPClient) perl(Path::Tiny)
BuildRequires: perl(String::CRC32) perl(Sys::Syslog)
BuildRequires: perl(Test::Unit::TestRunner) perl(Time::HiRes)
BuildRequires: perl(Unix::Syslog) perl(XML::DOM) perl(XML::Generator)
# For tls tests
BuildRequires: sscg
# These were only for JMAP-Tester
# perl(Moo), perl(Moose), perl(MooseX::Role::Parameterized) perl(Throwable), perl(Safe::Isa)
%endif
Requires(pre): shadow-utils
Requires(post): /sbin/ldconfig
Requires(postun): /sbin/ldconfig
%{?systemd_requires}
Requires: %name-utils = %version-%release
Recommends: %name-vzic = %version-%release
Requires: file libdb-utils sscg
Requires: perl(:MODULE_COMPAT_%(eval "`%{__perl} -V:version`"; echo $version))
Requires: cyrus-imapd = %{version}-%{release}
%{?perl_default_filter}
%description
The Cyrus IMAP (Internet Message Access Protocol) server provides access to
personal mail, system-wide bulletin boards, news-feeds, calendar and contacts
through the IMAP, JMAP, NNTP, CalDAV and CardDAV protocols. The Cyrus IMAP
server is a scalable enterprise groupware system designed for use from small to
large enterprise environments using technologies based on well-established Open
Standards.
A full Cyrus IMAP implementation allows a seamless mail and bulletin board
environment to be set up across one or more nodes. It differs from other IMAP
server implementations in that it is run on sealed nodes, where users are not
normally permitted to log in. The mailbox database is stored in parts of the
filesystem that are private to the Cyrus IMAP system. All user access to mail
is through software using the IMAP, IMAPS, JMAP, POP3, POP3S, KPOP, CalDAV
and/or CardDAV protocols.
The private mailbox database design gives the Cyrus IMAP server large
advantages in efficiency, scalability, and administratability. Multiple
concurrent read/write connections to the same mailbox are permitted. The server
supports access control lists on mailboxes and storage quotas on mailbox
hierarchies.
%package devel
Summary: Cyrus IMAP server development files
Requires: %name%{?_isa} = %version-%release
Requires: pkgconfig
%description devel
The %name-devel package contains header files and libraries
necessary for developing applications which use the imclient library.
%package doc-extra
Summary: Extra documentation for the Cyrus IMAP server
BuildArch: noarch
%description doc-extra
This package contains the HTML documentation for the Cyrus IMAP server, as well
as some legacy and internal documentation not useful for normal operation of
the server.
%package utils
Summary: Cyrus IMAP server administration utilities
%description utils
The cyrus-imapd-utils package contains administrative tools for the
Cyrus IMAP server. It can be installed on systems other than the
one running the server.
%package vzic
Summary: Utilities to convert timezone database files
License: GPLv2+
Requires: %name = %version-%release
# Contains a lightly forked version of vzic. This seems to have been bundled
# into various other things and it's old, so I'm not sure where the upstream
# is. Here are a couple of possible upstreams:
# https://github.com/libical/vzic
# https://sourceforge.net/projects/vzic/
# It is probably a good idea to split it out and package it separately, but the
# code here definitely differs from that at the second link above.
Provides: bundled(vzic) = 1.3
%description vzic
vzic is a program to convert the Olson timezone database files into VTIMEZONE
files compatible with the iCalendar specification (RFC2445).
This package contains a forked version of vzic for internal use by the Cyrus
IMAP server.
# Build dir is either $PWD, $(pwd) or %
%prep
%autosetup -p1 -S git
echo %version > VERSION
# Install the Fedora-specific documentation file
install -m 644 %SOURCE1 doc/
install -m 644 %SOURCE16 doc/
# Unpack and prepare cassandane
tar xf %SOURCE80
ln -s cassandane-%cocas cassandane
pushd cassandane
mkdir work
tar xf %SOURCE81
patch -p1 < %SOURCE91
patch -p1 < %SOURCE92
patch -p1 < %SOURCE93
cp %SOURCE82 cassandane.ini
# RF rpm-buildroot-usage
sed -i \
-e "s!CASSDIR!$(pwd)!" \
-e "s!BUILDROOT!%buildroot!" \
cassandane.ini
popd
# Drop expired certificates and generate new ones
pushd cunit
rm -rf *pem
%{_bindir}/sscg --package %{name} --cert-file cert.pem --cert-key-file key.pem --ca-file cacert.pem
popd
## Modify docs master --> cyrus-master
#%{__perl} -pi -e "s@master\(8\)@cyrus-master(8)@" man/*5 man/*8 lib/imapoptions
#sed -i -e 's|\([^-]\)master|\1cyrus-master|g;s|^master|cyrus-master|g;s|Master|Cyrus-master|g;s|MASTER|CYRUS-MASTER|g' \
# man/master.8 doc/man.html
%build
# This is the test suite, which doesn't build much but does verify its dependencies.
# If this is done after the configure call, the one thing it does build fails
# because the configure macro puts some hardening flags into the environment.
%if %{with cassandane}
pushd cassandane
make
popd
%endif
# Notes about configure options:
# --enable-objectstore
# It's experimental, and it doesn't appear that either openio or caringo are
# in Fedora.
# --with-cyrus-prefix and --with-service-path went away; use --with-libexecdir=
# instead.
# Needed because of Patch4.
autoreconf -vi
%configure \
--disable-silent-rules \
\
--libexecdir=%cyrexecdir \
--with-extraident="%release Fedora" \
--with-krbimpl=mit \
--with-ldap=/usr \
--with-libwrap=no \
--with-mysql \
--with-pgsql \
--with-perl=%__perl \
--with-snmp \
--with-syslogfacility=MAIL \
\
--enable-autocreate \
--enable-backup \
--enable-calalarmd \
--enable-http \
--enable-idled \
--enable-jmap \
--enable-murder \
--enable-nntp \
--enable-replication \
--enable-unit-tests \
--enable-xapian \
%if 0%{?fedora} && 0%{?fedora} >= 0
--with-clamav \
%endif
#
# The configure script will set up the Perl makefiles, but not in the way
# Fedora needs them. So regenerate them manually.
for i in perl/annotator perl/imap perl/sieve/managesieve; do
pushd $i
rm -f Makefile
perl Makefile.PL INSTALLDIRS=vendor # NO_PERLOCAL=1 NO_PACKLIST=1
popd
done
%make_build
# This isn't built by default, but this package has always installed it.
make notifyd/notifytest
# Also not built by default, but the tools are needed for serving timezone info
make -C tools/vzic
# Modify docs master --> cyrus-master
%{__perl} -pi -e "s@master\(8\)@cyrus-master(8)@" man/*5 man/*8 lib/imapoptions
sed -i -e 's|\([^-]\)master|\1cyrus-master|g;s|^master|cyrus-master|g;s|Master|Cyrus-master|g;s|MASTER|CYRUS-MASTER|g' \
man/master.8 doc/legacy/man.html
%install
make install DESTDIR=%buildroot
# Create directories
install -d \
%buildroot/etc/{rc.d/init.d,logrotate.d,pam.d,sysconfig,cron.daily} \
%buildroot/%_libdir/sasl \
%buildroot/var/spool/imap \
%buildroot/var/lib/imap/{user,quota,proc,log,msg,socket,db,sieve,sync,md5,rpm,backup,meta} \
%buildroot/var/lib/imap/ptclient \
%buildroot/%_datadir/%name/rpm \
%buildroot/%cyrexecdir \
%buildroot/etc/pki/%name
install -d -m 0750 \
%buildroot/run/cyrus \
%buildroot/run/cyrus/socket
install -d -m 0700 \
%buildroot/run/cyrus/db \
%buildroot/run/cyrus/lock \
%buildroot/run/cyrus/proc
# Some tools which aren't installed by the makefile which we have always installed
install -m 755 notifyd/notifytest %buildroot%_bindir/
install -m 755 perl/imap/cyradm %buildroot%_bindir/
for i in arbitronsort.pl masssievec mkimap mknewsgroups rehash translatesieve; do
install -m 755 tools/$i %buildroot/%cyrexecdir/
done
for i in vzic vzic-test.pl vzic-merge.pl vzic-dump.pl; do
install -m 755 tools/vzic/$i %buildroot/%cyrexecdir/
done
# Install additional files
install -p -m 644 %SOURCE10 %buildroot/etc/logrotate.d/%name
install -p -m 644 %SOURCE11 %buildroot/etc/pam.d/pop
install -p -m 644 %SOURCE11 %buildroot/etc/pam.d/imap
install -p -m 644 %SOURCE11 %buildroot/etc/pam.d/sieve
install -p -m 644 %SOURCE11 %buildroot/etc/pam.d/mupdate
install -p -m 644 %SOURCE11 %buildroot/etc/pam.d/lmtp
install -p -m 644 %SOURCE11 %buildroot/etc/pam.d/nntp
install -p -m 644 %SOURCE11 %buildroot/etc/pam.d/csync
install -p -m 644 %SOURCE12 %buildroot/etc/sysconfig/%name
install -p -m 755 %SOURCE13 %buildroot/%cyrexecdir/cvt_cyrusdb_all
install -p -m 644 %SOURCE14 %buildroot/%_datadir/%name/rpm/magic
install -p -m 755 %SOURCE15 %buildroot/etc/cron.daily/%name
install -p -m 644 doc/examples/cyrus_conf/prefork.conf %buildroot/etc/cyrus.conf
install -p -m 644 doc/examples/imapd_conf/normal.conf %buildroot/etc/imapd.conf
install -p -D -m 644 %SOURCE17 %buildroot/%_unitdir/cyrus-imapd.service
install -p -D -m 644 %SOURCE18 %buildroot/%_unitdir/cyrus-imapd-init.service
install -p -D -m 644 %SOURCE19 %buildroot/%_tmpfilesdir/cyrus-imapd.conf
# Rename 'master' binary and manpage to avoid clash with postfix
mv -f %{buildroot}%{cyrexecdir}/master %{buildroot}%{cyrexecdir}/cyrus-master
# mv -f %{buildroot}%{_mandir}/man8/master.8 %{buildroot}%{_mandir}/man8/cyrus-master.8
# Rename 'fetchnews' binary and manpage to avoid clash with leafnode
#mv -f %{buildroot}%{cyrexecdir}/fetchnews %{buildroot}%{cyrexecdir}/cyrfetchnews
#mv -f %{buildroot}%{_mandir}/man8/fetchnews.8 %{buildroot}%{_mandir}/man8/cyrfetchnews.8
#%{__perl} -pi -e 's|fetchnews|cyrfetchnews|g;s|Fetchnews|Cyrfetchnews|g;s/FETCHNEWS/CYRFETCHNEWS/g' \
# %{buildroot}%{_mandir}/man8/cyrfetchnews.8
#remove executable bit from docs
for ddir in doc perl/imap/examples
do
find $ddir -type f -exec chmod -x {} \;
done
# Cleanup of doc dir
find doc perl -name CVS -type d -prune -exec rm -rf {} \;
find doc perl -name .cvsignore -type f -exec rm -f {} \;
rm -f doc/Makefile.dist*
rm -f doc/text/htmlstrip.c
rm -f doc/text/Makefile
rm -rf doc/man
# fix permissions on perl .so files
find %buildroot/%_libdir/perl5/ -type f -name "*.so" -exec chmod 755 {} \;
# Generate db config file
# XXX Is this still necessary?
( grep '^{' lib/imapoptions | grep _db | cut -d'"' -f 2,4 | \
sed -e 's/^ *//' -e 's/-nosync//' -e 's/ *$//' -e 's/"/=/'
echo sieve_version=2.2.3 ) | sort > %buildroot/%_datadir/%name/rpm/db.cfg
# Cyrus has various files with extremely conflicting names. Some of these are
# not unexpected ("imapd" itself) but some like "httpd" are rather surprising.
# Where there are only conflicting manpages, they have been moved to a "8cyrus"
# section. If the binary was renamed, then the manpages are renamed to match
# but a internal replacement has not been done. This may lead to more
# confusion but involves modifying fewer upstream files.
# Actual binary conflicts
# Rename 'fetchnews' binary and manpage to avoid clash with leafnode
mv %buildroot/%_sbindir/fetchnews %buildroot/%_sbindir/cyr_fetchnews
mv %buildroot/%_mandir/man8/fetchnews.8 %buildroot/%_mandir/man8/cyr_fetchnews.8
# Fix conflict with dump
mv %buildroot/%_sbindir/restore %buildroot/%_sbindir/cyr_restore
mv %buildroot/%_mandir/man8/restore.8 %buildroot/%_mandir/man8/cyr_restore.8
# Fix conceptual conflict with quota
mv %buildroot/%_sbindir/quota %buildroot/%_sbindir/cyr_quota
mv %buildroot/%_mandir/man8/quota.8 %buildroot/%_mandir/man8/cyr_quota.8
# fix conflicts with uw-imap
mv %buildroot/%_mandir/man8/imapd.8 %buildroot/%_mandir/man8/imapd.8cyrus
mv %buildroot/%_mandir/man8/pop3d.8 %buildroot/%_mandir/man8/pop3d.8cyrus
# Rename 'master' manpage
mv %buildroot/%_mandir/man8/master.8 %buildroot/%_mandir/man8/master.8cyrus
# Rename 'httpd' manpage to avoid clash with Apache
mv %buildroot/%_mandir/man8/httpd.8 %buildroot/%_mandir/man8/httpd.8cyrus
# Old cyrus packages used to keep some executables in /usr/lib/cyrus-imapd
# RF hardcoded-library-path in %%buildroot/usr/lib/cyrus-imapd
mkdir %buildroot/usr/lib/cyrus-imapd
pushd %buildroot/usr/lib/cyrus-imapd
ln -s ../../sbin/deliver
popd
#remove executable bit from docs
for ddir in doc perl/imap/examples
do
find $ddir -type f -exec chmod -x {} \;
done
# Remove pointless libtool archives
rm %buildroot/%_libdir/*.la
# Remove installed but not packaged files
rm %buildroot/%cyrexecdir/pop3proxyd
find %buildroot -name "perllocal.pod" -exec rm {} \;
find %buildroot -name ".packlist" -exec rm {} \;
%check
## First of all check if imaptest is functional at all
imaptest -h 2>&1 > /dev/null || (echo "Imaptest is not functional" && exit 1)
make %{?_smp_mflags} check || exit 1
%ifarch ppc64le %ix86
exit 0
%endif
%if %{without cassandane}
exit 0
%endif
# Run the Cassandane test suite. This will exhaustively test the various
# server components, but running it in a mock chroot is rather an exercise.
pushd cassandane
mkdir -p imaptest/src
ln -s /usr/bin/imaptest imaptest/src
ln -s /usr/share/imaptest/tests imaptest/src
export LD_LIBRARY_PATH=%buildroot/%_libdir
export CYRUS_USER=$USER
# Construct the set of excluded tests to pass to Cassandane
# ---------------------------------------------------------
exclude+=("!Master.maxforkrate") # Some builders are too slow to complete this test properly
tests=(
# This is more a test of system performance and according to upstream won't
# be reliable on shared hardware like our builders.
Metronome
# This tests coredumping and won't work on a machine where systemd
# intercepts coredumps, which includes our builders.
Cassandane::Test::Core
# Upstream recommends disabling this because it has an internal race and
# will fail randomly. https://github.com/cyrusimap/cassandane/issues/17
Master.sighup_recycling
# Fails because our Xapian is too old for proper CJK support. 1.5 will be
# OK, but it is not yet released. The alternative is to bundle.
SearchFuzzy.cjk_words
# These additionaly fail because Cyrus 3.0.7 no longer enables
# SNIPPET_EMPTY_WITHOUT_MATCH when the Cyrus-patched Xapian is not in use.
# https://github.com/cyrusimap/cyrus-imapd/commit/f008060cb53b3286fcedf7b8b4dd12c1980d665f
SearchFuzzy.normalize_snippets
SearchFuzzy.snippet_wildcard
SearchFuzzy.snippets_termcover
SearchFuzzy.snippets_escapehtml
SearchFuzzy.stem_verbs
# As of yet unexplained
# https://github.com/cyrusimap/cyrus-imapd/issues/2047
Admin.imap_admins
# Upstream on IRC indicates that these two are expected to fail on 3.0.
Carddav.sharing_contactpaths
Metadata.set_specialuse_twice
# This one needs a patch to xapian.
# https://github.com/cyrusimap/cyrus-imapd/issues/2348
SearchFuzzy.search_subjectsnippet
# this one is not working on builder machines
Conversations.xconvfetch
)
for i in ${tests[@]}; do exclude+=("!$i"); done
%if 0%{?fedora} <= 28
# imaptest on F28 has bugs which make some additional tests fail
tests=(
# Three new failures with imaptest 20170719
# https://github.com/cyrusimap/cyrus-imapd/issues/2087
ImapTest.append-binary
ImapTest.fetch-binary-mime
ImapTest.urlauth-binary
# This one seems to fail randomly.
ImapTest.urlauth2
)
for i in ${tests[@]}; do exclude+=("!$i"); done
%endif
%if 0%{?fedora} <= 26
# Some F26-specific test exclusions
tests=(
# These all fail because F26 perl doesn't support quad types in unpack.
Metadata.expunge_messages
Metadata.msg_replication_new_mas_partial_wwd
Metadata.msg_replication_new_rep
Metadata.msg_replication_new_mas
Metadata.msg_replication_exp_bot
Metadata.msg_replication_new_mas_partial_wwsw
Metadata.msg_replication_exp_mas
Metadata.msg_replication_mod_mas
Metadata.msg_replication_exp_rep
Metadata.msg_replication_mod_bot_msl
Metadata.msg_replication_new_bot_mse_gul
Metadata.msg_replication_mod_bot_msh
Metadata.msg_replication_new_bot_mse_guh
Metadata.msg_replication_mod_rep
)
for i in ${tests[@]}; do exclude+=("!$i"); done
%endif
# Add -vvv for too much output
./testrunner.pl %{?_smp_mflags} -v -f pretty ${exclude[@]} 2>&1
%pre
# Create 'cyrus' user on target host
getent group saslauth >/dev/null || /usr/sbin/groupadd -g %gid -r saslauth
getent passwd cyrus >/dev/null || /usr/sbin/useradd -c "Cyrus IMAP Server" -d /var/lib/imap -g %cyrusgroup \
-G saslauth -s /sbin/nologin -u %uid -r %cyrususer
%post
/sbin/ldconfig
%systemd_post cyrus-imapd.service
%preun
%systemd_preun cyrus-imapd.service
%postun
/sbin/ldconfig
%systemd_postun_with_restart cyrus-imapd.service
%files
%license COPYING
%doc README.md doc/README.* doc/examples doc/text doc/CHANGES.rpm
%_datadir/cyrus-imapd
%_libdir/libcyrus*.so.*
%_mandir/man5/*
%_mandir/man8/*
%dir /etc/pki/cyrus-imapd
%attr(0644,root,%cyrusgroup) %ghost %config(missingok,noreplace) %verify(not md5 size mtime) %ssl_pem_file_prefix-ca.pem
%attr(0644,root,%cyrusgroup) %ghost %config(missingok,noreplace) %verify(not md5 size mtime) %ssl_pem_file_prefix.pem
%attr(0640,root,%cyrusgroup) %ghost %config(missingok,noreplace) %verify(not md5 size mtime) %ssl_pem_file_prefix-key.pem
%config(noreplace) /etc/cyrus.conf
%config(noreplace) /etc/imapd.conf
%config(noreplace) /etc/logrotate.d/cyrus-imapd
%config(noreplace) /etc/sysconfig/cyrus-imapd
%config(noreplace) /etc/pam.d/*
/etc/cron.daily/cyrus-imapd
%_unitdir/cyrus-imapd.service
%_unitdir/cyrus-imapd-init.service
%_tmpfilesdir/cyrus-imapd.conf
%dir %cyrexecdir/
%cyrexecdir/[a-uw-z]*
# This creates some directories which in the default configuration cyrus will
# never use because they are placed under /run instead. However, old
# configurations or setup advice from the 'net might reference them, and so
# it's simpler to just leave them in the package.
%attr(0750,%cyrususer,%cyrusgroup) %dir /var/lib/imap/
%attr(0700,%cyrususer,%cyrusgroup) /var/lib/imap/backup/
%attr(0700,%cyrususer,%cyrusgroup) /var/lib/imap/db/
%attr(0700,%cyrususer,%cyrusgroup) /var/lib/imap/log/
%attr(0700,%cyrususer,%cyrusgroup) /var/lib/imap/meta/
%attr(0700,%cyrususer,%cyrusgroup) /var/lib/imap/md5/
%attr(0700,%cyrususer,%cyrusgroup) /var/lib/imap/msg/
%attr(0700,%cyrususer,%cyrusgroup) /var/lib/imap/proc/
%attr(0700,%cyrususer,%cyrusgroup) /var/lib/imap/ptclient/
%attr(0700,%cyrususer,%cyrusgroup) /var/lib/imap/quota/
%attr(0700,%cyrususer,%cyrusgroup) /var/lib/imap/rpm/
%attr(0700,%cyrususer,%cyrusgroup) /var/lib/imap/sieve/
%attr(0750,%cyrususer,%cyrusgroup) /var/lib/imap/socket
%attr(0700,%cyrususer,%cyrusgroup) /var/lib/imap/sync/
%attr(0700,%cyrususer,%cyrusgroup) /var/lib/imap/user/
%attr(0700,%cyrususer,%cyrusgroup) /var/spool/imap/
# The new locations
%attr(0750,%cyrususer,%cyrusgroup) %dir /run/cyrus/
%attr(0700,%cyrususer,%cyrusgroup) /run/cyrus/db/
%attr(0700,%cyrususer,%cyrusgroup) /run/cyrus/lock/
%attr(0700,%cyrususer,%cyrusgroup) /run/cyrus/proc/
%attr(0750,%cyrususer,%cyrusgroup) /run/cyrus/socket/
%files devel
%_includedir/cyrus/
%_libdir/libcyrus*.so
%_libdir/pkgconfig/*.pc
%_mandir/man3/imclient.3*
%files doc-extra
%doc doc/html doc/internal doc/legacy
%files utils
%license COPYING
%doc perl/imap/README
%doc perl/imap/Changes
%doc perl/imap/examples
%{_bindir}/*
%{_sbindir}/*
%{perl_vendorarch}/auto/Cyrus
%{perl_vendorarch}/Cyrus
%{perl_vendorlib}/Cyrus
%{_mandir}/man3/*.3pm*
%{_mandir}/man1/*
# RF hardcoded-library-path in /usr/lib/cyrus-imapd
/usr/lib/cyrus-imapd
%files vzic
%cyrexecdir/vzic*
%changelog
* Mon Jul 01 2024 Martin Osvald <mosvald@redhat.com> - 3.0.7-26
- Update fmf plans and gating for c8s
* Sat Jun 22 2024 Martin Osvald <mosvald@redhat.com> - 3.0.7-25
- ptclient: implement canonification across multiple domains
Resolves: RHEL-10710
* Mon Jun 13 2022 Martin Osvald <mosvald@redhat.com> - 3.0.7-24
- Resolves: #1911689 - Fatal error when running "squatter -r user"
- Resolves: #1941255 - Wait for network-online target
- Resolves: #1918780 - "(null)" partitions in ctl_mboxlist
* Wed Sep 01 2021 Tomas Korbar <tkorbar@redhat.com> - 3.0.7-23
- Fix CVE-2021-33582
- Also disable unstable test
- Resolves: CVE-2021-33582
* Thu May 27 2021 Pavel Zhukov <pzhukov@redhat.com> - 3.0.7-22
- rebuild with xapian support
* Fri Nov 6 2020 Pavel Zhukov <pzhukov@redhat.com> - 3.0.7-20
- Use PROFILE=SYSTEM as default configuration for tls_ciphers
* Thu Apr 23 2020 Pavel Zhukov <pzhukov@redhat.com> - 3.0.7-19
- change ownership of pki files (#1710722)
* Thu Apr 23 2020 Pavel Zhukov <pzhukov@redhat.com> - 3.0.7-18
- Move old changelog into separate file (#1671239)
* Tue Apr 21 2020 Pavel Zhukov <pavel@desktop.zhukoff.net> - 3.0.7-17
- Add fix for CVE-2019-19783
- Add fix for CVE-2019-18928
* Fri Jun 7 2019 Pavel Zhukov <pzhukov@redhat.com> - 3.0.7-16
- Resolves: #1718195 - don't overrun buffer when parsing strings with sscanf()
* Mon Oct 8 2018 Pavel Zhukov <pzhukov@redhat.com> - 3.0.7-15
- Related: #1602472 - Fix rpmdiff warnings
* Mon Oct 8 2018 Pavel Zhukov <pzhukov@redhat.com> - 3.0.7-14
- Related: #1602472 - Fix misused syntax warning
* Tue Oct 2 2018 Pavel Zhukov <pzhukov@redhat.com> - 3.0.7-13
- Related: #1602472 - Fix few covscan warnings
* Sun Aug 12 2018 Pavel Zhukov <pzhukov@redhat.com> - 3.0.7-12
- Rename master -> cyrus-master in documentation
* Thu Aug 9 2018 Josef Ridky <jridky@redhat.com> - 3.0.7-11
- Rebuild for Net-SNMP
* Wed Aug 8 2018 Pavel Zhukov <pzhukov@redhat.com> - 3.0.7-10
- Rename master -> cyrus-master
* Wed Aug 8 2018 Pavel Zhukov <pzhukov@redhat.com> - 3.0.7-9
- Load supported modules only
* Mon Aug 6 2018 Pavel Zhukov <pzhukov@redhat.com> - 3.0.7-7
- Resolves: №1611713 - Generate SSl cerificates for starttls test
* Mon Jun 25 2018 Pavel Zhukov <pzhukov@redhat.com> - 3.0.7-6
- Drop shapelib in RHEL
* Fri Jun 22 2018 Pavel Zhukov <pzhukov@redhat.com> - 3.0.7-5
- Drop xapian support
* Tue May 22 2018 Pavel Zhukov <pzhukov@redhat.com> - 3.0.7-4
- Disable clamav support for non Fedora's
- Disable forktest due to builders slowness
* Fri May 18 2018 Jason L Tibbitts III <tibbs@math.uh.edu> - 3.0.7-2
- Really enable mysql and clamav support.
* Fri May 18 2018 Jason L Tibbitts III <tibbs@math.uh.edu> - 3.0.7-1
- Update to 3.0.7.
- Update Cassandane checkout.
- Update excluded Cassandane test list.
* Tue May 01 2018 Jason L Tibbitts III <tibbs@math.uh.edu> - 3.0.6-1
- Update to 3.0.6.
- Remove upstreamed patches and renumber the rest.
- Disable one new failing test:
https://github.com/cyrusimap/cyrus-imapd/issues/2332
* Mon Apr 30 2018 Pete Walter <pwalter@fedoraproject.org> - 3.0.5-15
- Rebuild for ICU 61.1
* Tue Apr 17 2018 Jason L Tibbitts III <tibbs@math.uh.edu> - 3.0.5-14
- Update Cassandane again, fixing a broken test.
* Fri Apr 13 2018 Jason L Tibbitts III <tibbs@math.uh.edu> - 3.0.5-13
- Update Cassandane, fixing a few tests and a class of weird random build
failures.
* Fri Apr 06 2018 Jason L Tibbitts III <tibbs@math.uh.edu> - 3.0.5-12
- Update list of excluded tests.
- Update Cassandane snapshot; use new base_port config setting. No need to
patch that in now.
- Add four new expected-to-fail tests from new Cassandane snapshot.
- Add patch to collect extra Cassandane logging in case we hit some of those
sporadic failures again.
* Tue Apr 03 2018 Jason L Tibbitts III <tibbs@math.uh.edu> - 3.0.5-11
- Re-enable imaptest on >= F29.
- F29's imaptest fixes several bugs, allowing all tests to be run there.
- Relocate cassandane base port to hopefully work better in koji.
* Mon Apr 02 2018 Jason L Tibbitts III <tibbs@math.uh.edu> - 3.0.5-10
- Update cassandane checkout to fix a test that was broken by DST.
- Add patch to fix sieve scripts for usernames containing a dot.
- Disable imaptest in cassandane until
https://bugzilla.redhat.com/show_bug.cgi?id=1562970 is fixed.
- Re-enable tests on s390; it seems to be better now.
* Thu Mar 15 2018 Jason L Tibbitts III <tibbs@math.uh.edu> - 3.0.5-9
- Re-enable clamav on ppc64.
* Thu Mar 01 2018 Jason L Tibbitts III <tibbs@math.uh.edu> - 3.0.5-8
- Bump client_timeout value in test suite.
* Thu Mar 01 2018 Jason L Tibbitts III <tibbs@math.uh.edu> - 3.0.5-7
- Add patch to fix imtest (rhbz#1543481).
- Fix vzic makefile to use proper cflags (rhbz#1550543).
* Mon Feb 26 2018 Jason L Tibbitts III <tibbs@math.uh.edu> - 3.0.5-6
- Update cassandane checkout.
- Add two new build dependencies.
- Remove all JMAP-related tests from the exclusion lists, since cassandane no
longer runs any JMAP tests on cyrus 3.0.
- Collapse unused test skip lists.
- Add ten additional skipped tests, after consultation with upstream.
* Mon Feb 26 2018 Jason L Tibbitts III <tibbs@math.uh.edu> - 3.0.5-5
- Add patch to fix segfaults in squatter.
- Exclude one test on all releases instead of just F28+.
- Remove --cleanup from cassandane invocation.
* Wed Feb 07 2018 Fedora Release Engineering <releng@fedoraproject.org> - 3.0.5-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
* Tue Jan 09 2018 Jason L Tibbitts III <tibbs@math.uh.edu> - 3.0.5-3
- Re-enable clamav and mariadb support as those are now built with openssl 1.1.
- But no clamav on ppc64 because of
https://bugzilla.redhat.com/show_bug.cgi?id=1534071
* Thu Jan 04 2018 Jason L Tibbitts III <tibbs@math.uh.edu> - 3.0.5-2
- Reorganize some test exclusions so things build on all releases.
* Thu Jan 04 2018 Jason L Tibbitts III <tibbs@math.uh.edu> - 3.0.5-1
- Update to 3.0.5.
- Add one new failing test.
- Remove one now-passing test on rawhide.
* Mon Dec 18 2017 Pavel Zhukov <pzhukov@redhat.com> - 3.0.4-6
- Rebuild with new net-snmp
* Thu Nov 30 2017 Pete Walter <pwalter@fedoraproject.org> - 3.0.4-5
- Rebuild for ICU 60.1
* Wed Nov 29 2017 Pavel Zhukov <pzhukov@redhat.com> - 3.0.4-4
- Do not require tcp_wrappers (#1518759)
* Tue Nov 14 2017 Jason L Tibbitts III <tibbs@math.uh.edu> - 3.0.4-3
- Rebuild for new libical.
- Add patch to fix compilation error with new libical.
- Disable two tests which fail due to the new libical.
* Tue Oct 24 2017 Jason L Tibbitts III <tibbs@math.uh.edu> - 3.0.4-2
- Fix typo in default config;
https://bugzilla.redhat.com/show_bug.cgi?id=1506000
* Tue Sep 05 2017 Pavel Zhukov <landgraf@fedoraproject.org> - 3.0.4-1
- Update to 3.0.4
- Patched cassandane for new behaviour. It should be updated idealy.
- Disable ImapTest.urlauth2 test; it seems to fail randomly regardless of
architecture.
* Fri Aug 11 2017 Jason L Tibbitts III <tibbs@math.uh.edu> - 3.0.3-1
- Update to 3.0.3, which contains an important security fix. The fix is not
embargoed but no CVE has been assigned yet.
- Drop patches merged upstream.
- An update of imaptest has resulted in three additional cassandane failures,
reported upstream as https://github.com/cyrusimap/cyrus-imapd/issues/2087.
In order to get the security fix out without delay, those three tests have been
disabled.
* Fri Aug 11 2017 Igor Gnatenko <ignatenko@redhat.com> - 3.0.2-9
- Rebuilt after RPM update (№ 3)
* Thu Aug 10 2017 Igor Gnatenko <ignatenko@redhat.com> - 3.0.2-8
- Rebuilt for RPM soname bump
* Wed Aug 02 2017 Fedora Release Engineering <releng@fedoraproject.org> - 3.0.2-7
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild
* Wed Jul 26 2017 Fedora Release Engineering <releng@fedoraproject.org> - 3.0.2-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
* Fri Jun 30 2017 Jason L Tibbitts III <tibbs@math.uh.edu> - 3.0.2-5
- Add two patches from upstream which fix JMAPCalendars issues on 32-bit and
big-endian architectures.
- Clean up test invocation and exclusion list. More tests pass now.
* Wed Jun 28 2017 Jason L Tibbitts III <tibbs@math.uh.edu> - 3.0.2-4
- Explicitly set specialusealways: 1 in the default config.
* Tue Jun 27 2017 Jason L Tibbitts III <tibbs@math.uh.edu> - 3.0.2-3
- Patch the provided imapd.conf and cyrus.conf to more closely match previous
Fedora defaults and directories included in this package and to enable
features which are supported by the Fedora build.
- Add tmpfiles.d configuration file for directories in /run.
* Tue Jun 27 2017 Jason L Tibbitts III <tibbs@math.uh.edu> - 3.0.2-2
- Exclude one more test from 32-bit arches. Looks like this failure crept in
with the Cassandane update.
* Thu Jun 22 2017 Jason L Tibbitts III <tibbs@math.uh.edu> - 3.0.2-1
- Update to 3.0.2.
- New Cassandane snapshot, with more tests (all of which are passing).
* Tue Jun 20 2017 Jason L Tibbitts III <tibbs@math.uh.edu> - 3.0.1-7
- Add old /usr/lib/cyrus-imapd directory to the utils package and add a symlink
there to the deliver binary. This should help a bit with migrations.
- Add upstream patch to fix reconstruct failures on 32-bit architectures.
Re-enable those five Cassandane tests.
* Thu Jun 15 2017 Jason L Tibbitts III <tibbs@math.uh.edu> - 3.0.1-6
- Rename two commands: quota -> cyr_quota, restore -> cyr_restore.
- Fix Cassandane to handle those renames.
- Fix location of cyr_fetchnews.
- Fix Perl 5.26-related module linking issue which caused a test failure.
Fixes https://bugzilla.redhat.com/show_bug.cgi?id=1461669
* Tue Jun 06 2017 Jason L Tibbitts III <tibbs@math.uh.edu> - 3.0.1-5
- Use proper path to ctl_mboxlist in cron file.
- Add patch to increase individual test timeout. Sometimes armv7hl can't
complete a single test in 20 seconds.
- Disable the Metronome tests; upstream says that they just won't reliably on
shared hardware.
- Don't bother running Cassandane on s390x for now. The machines are simply
too slow.
* Tue Jun 06 2017 Jitka Plesnikova <jplesnik@redhat.com> - 3.0.1-4
- Perl 5.26 rebuild
* Fri Jun 02 2017 Jason L Tibbitts III <tibbs@math.uh.edu> - 3.0.1-3
- Remove clamav from build requirements.
- Add --cleanup to Cassandane call to hopefully reduce build disk usage.
- Disable maxforkrate test on s390x; our builders are too slow to run it.
* Fri Jun 02 2017 Jason L Tibbitts III <tibbs@math.uh.edu> - 3.0.1-2
- Add patch to fix up some endianness issues.
- Enable both test suites on all architectures.
- Add arch-specific excludes for a few Cassandane tests.
* Thu Apr 20 2017 Jason L Tibbitts III <tibbs@math.uh.edu> - 3.0.1-1
- Initial attempt at importing 3.0. Many new dependencies.
- Use a stock sample imapd.conf file instead of a Fedora-provided one.
* Fri Feb 10 2017 Fedora Release Engineering <releng@fedoraproject.org> - 2.5.10-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild
* Mon Jan 09 2017 Jason L Tibbitts III <tibbs@math.uh.edu> - 2.5.10-2
- Rename httpd manpage to "cyrhttpd" to avoid conflict with the httpd package.
* Wed Nov 23 2016 Jason L Tibbitts III <tibbs@math.uh.edu> - 2.5.10-1
- Initial update to the 2.5 series.
- Significant spec cleanups.
- Add sscg dep and follow
https://fedoraproject.org/wiki/Packaging:Initial_Service_Setup for initial
cert generation.
- Change default conf to use the system crypto policy.
* Sat Jan 01 2000 Pavel Zhukov <pzhukov@redhat.com> - 0.0.1-1
- See /usr/share/doc/cyrus-imapd/CHANGELOG.rpm for more history

0
SOURCES/cassandane.ini → cassandane.ini
View File

1603
changelog Normal file
View File

File diff suppressed because it is too large Load Diff

1
ci.fmf Normal file
View File

@ -0,0 +1 @@
resultsdb-testcase: separate

2
SOURCES/cyrus-imapd-init.service → cyrus-imapd-init.service
View File

@ -9,4 +9,4 @@ ConditionPathExists=!/etc/pki/cyrus-imapd/cyrus-imapd-ca.pem
Type=oneshot
Group=mail
RemainAfterExit=no
ExecStart=/usr/bin/sscg --package cyrus-imapd --cert-file /etc/pki/cyrus-imapd/cyrus-imapd.pem --cert-key-file /etc/pki/cyrus-imapd/cyrus-imapd-key.pem --ca-file /etc/pki/cyrus-imapd/cyrus-imapd-ca.pem --cert-key-mode=0640
ExecStart=/usr/bin/sscg --package cyrus-imapd --cert-file /etc/pki/cyrus-imapd/cyrus-imapd.pem --cert-key-file /etc/pki/cyrus-imapd/cyrus-imapd-key.pem --ca-file /etc/pki/cyrus-imapd/cyrus-imapd-ca.pem --cert-key-mode=0640

0
SOURCES/cyrus-imapd.cron-daily → cyrus-imapd.cron-daily
View File

0
SOURCES/cyrus-imapd.logrotate → cyrus-imapd.logrotate
View File

0
SOURCES/cyrus-imapd.magic → cyrus-imapd.magic
View File

0
SOURCES/cyrus-imapd.pam-config → cyrus-imapd.pam-config
View File

3
SOURCES/cyrus-imapd.service → cyrus-imapd.service
View File

@ -8,7 +8,8 @@ After=cyrus-imapd-init.service
[Service]
Type=simple
EnvironmentFile=/etc/sysconfig/cyrus-imapd
ExecStart=/usr/libexec/cyrus-imapd/cyrus-master $CYRUSOPTIONS
ExecStart=/usr/libexec/cyrus-imapd/master $CYRUSOPTIONS
ExecReload=/bin/kill -HUP $MAINPID
PrivateTmp=true
# Cyrus may spawn many processes in normal operation. These figures are higher

933
cyrus-imapd.spec Normal file
View File

@ -0,0 +1,933 @@
Name: cyrus-imapd
Version: 3.8.3
Release: %autorelease
Summary: A high-performance email, contacts and calendar server
License: BSD-Attribution-HPND-disclaimer
URL: http://www.cyrusimap.org/
# UID/GID 76 have long been reserved for Cyrus
%define uid 76
%define gid 76
%define cyrususer cyrus
%define cyrusgroup mail
%define cyrexecdir %_libexecdir/%name
%define ssl_pem_file_prefix /etc/pki/%name/%name
%global __provides_exclude ^perl\\(AnnotateInlinedCIDs\\)$
# Cassandane testsuite is no longer executed during build time. It is called from separate CI test:
# https://src.fedoraproject.org/tests/cyrus-imapd/blob/main/f/Sanity/cassandane
# Do not remove CASSANDANE* and CASSANDANE*_END tags - the content between them is extracted and executed inside the CI test.
# If you want to run cassandane locally:
# Run: `rpmbuild '--with cassandane'` or `echo '%%_with_cassandane 1' >> ~/.rpmmacros`.
%bcond_with cassandane
Source0: https://github.com/cyrusimap/cyrus-imapd/releases/download/cyrus-imapd-%version/cyrus-imapd-%version.tar.gz
Source1: https://github.com/cyrusimap/cyrus-imapd/releases/download/cyrus-imapd-%version/cyrus-imapd-%version.tar.gz.sig
Source2: ellie-pub.key
Source10: cyrus-imapd.logrotate
Source11: cyrus-imapd.pam-config
Source12: cyrus-imapd.sysconfig
Source13: cyrus-imapd.magic
# XXX A systemd timer would probably be better
Source14: cyrus-imapd.cron-daily
Source15: README.rpm
Source16: cyrus-imapd.service
Source17: cyrus-imapd-init.service
Source18: cyrus-imapd.tmpfiles.conf
Source19: cyrus-imapd.sysusers
# A template config file for cassandane; we will substitute in varions values.
Source81: cassandane.ini
# Adapt a timeout to handle our slower builders
Patch0: patch-cyrus-testsuite-timeout
# Fedora-specific patch for the default configuration file
Patch1: patch-cyrus-default-configs
# We rename quota to cyr_quota to avoid a conflict with /usr/bin/quota; one
# place in the source must be patched to match.
Patch2: patch-cyrus-rename-quota
# Workaround for some compiled Perl modules not being linked against
# libpcreposix, which causes them to fail to load.
# https://bugzilla.redhat.com/show_bug.cgi?id=1668723
# https://github.com/cyrusimap/cyrus-imapd/issues/2629#issuecomment-456925909
Patch3: patch-cyrus-perl-linking
# cyrus-imapd does not support LTO
# https://github.com/cyrusimap/cyrus-imapd/pull/4679
# Remove attribute always_inline to fix compilation error and keep LTO enabled:
# https://bugzilla.redhat.com/show_bug.cgi?id=2223951
Patch4: patch-cyrus-remove-always-inline-for-buf-len
Patch5: patch-cyrus-rename-imtest
# Cassandane patches:
# Prevent cassandane from trying to syslog things
Patch91: patch-cassandane-no-syslog
# Tell the annotator script to run as the current user/group
# Upstream ticket https://github.com/cyrusimap/cyrus-imapd/issues/1995
Patch92: patch-cassandane-fix-annotator
# TODO libexec/cyrus-imapd path element got into upstream:
# https://github.com/cyrusimap/cyrus-imapd/commit/9233f70bf7a2872ab0b456ea294ce36e0e01e182
# try to get fixed the below upstream to work on Fedora:
# https://github.com/cyrusimap/cyrus-imapd/commit/f10eee167313418d84e63d215310477d4fe68e94
Patch93: patch-cassandane-xapian-delve-path
BuildRequires: autoconf automake bison flex gcc gcc-c++ git glibc-langpack-en
BuildRequires: groff libtool make pkgconfig rsync systemd
BuildRequires: perl-devel perl-generators perl(ExtUtils::MakeMaker)
BuildRequires: perl(Pod::Html)
%if 0%{?fedora} || 0%{?rhel} > 8
BuildRequires: gnupg2
%endif
%if 0%{?fedora}
BuildRequires: clamav-devel shapelib-devel
%endif
BuildRequires: CUnit-devel cyrus-sasl-devel glib2-devel
BuildRequires: jansson-devel krb5-devel libical-devel libicu-devel
BuildRequires: libnghttp2-devel libxml2-devel mariadb-connector-c-devel net-snmp-devel
BuildRequires: openldap-devel openssl-devel pcre2-devel libpq-devel
BuildRequires: sqlite-devel xapian-core-devel
# Miscellaneous modules needed for 'make check' to function:
BuildRequires: cyrus-sasl-plain cyrus-sasl-md5
BuildRequires: systemd-rpm-macros
%if %{with cassandane}
# Additional packages required for cassandane to function
BuildRequires: cpan dovecot-devel file-devel net-tools words
BuildRequires: perl-interpreter
%if 0%{?fedora}
BuildRequires: cld2-devel
%endif
# Dependency list generated by this command:
# cd cassandane; grep -R -h '^[ \t]*use .*;$' | sed -e 's/.*use \([^ ]*\).*;/\1/' | sort | uniq | \
# egrep -v 'Cassandane::|Cyrus::|v5|Net::XmtpServer' | sed -e 's/\(.*\)/BuildRequires: perl(\1)/'
BuildRequires: perl(attributes)
BuildRequires: perl(base)
BuildRequires: perl(BSD::Resource)
BuildRequires: perl(bytes)
BuildRequires: perl(Carp)
BuildRequires: perl(charnames)
BuildRequires: perl(Clone)
BuildRequires: perl(Config)
BuildRequires: perl(constant)
BuildRequires: perl(Cwd)
BuildRequires: perl(Data::Dumper)
BuildRequires: perl(Data::UUID)
BuildRequires: perl(DBI)
BuildRequires: perl(Digest::file)
BuildRequires: perl(Digest::MD5)
BuildRequires: perl(Encode)
BuildRequires: perl(Errno)
BuildRequires: perl(Error)
BuildRequires: perl(experimental)
BuildRequires: perl(Exporter)
BuildRequires: perl(feature)
BuildRequires: perl(fields)
BuildRequires: perl(File::Basename)
BuildRequires: perl(File::Copy)
BuildRequires: perl(File::Find)
BuildRequires: perl(File::Path)
BuildRequires: perl(File::Slurp)
BuildRequires: perl(File::stat)
BuildRequires: perl(File::Temp)
BuildRequires: perl(Getopt::Long)
BuildRequires: perl(Getopt::Std)
BuildRequires: perl(HTTP::Daemon)
BuildRequires: perl(HTTP::Tiny)
BuildRequires: perl(IO::File)
BuildRequires: perl(IO::Handle)
BuildRequires: perl(IO::Scalar)
BuildRequires: perl(IO::Select)
BuildRequires: perl(IO::Socket)
BuildRequires: perl(IO::Socket::INET)
BuildRequires: perl(IO::Socket::INET6)
BuildRequires: perl(IO::Socket::UNIX)
BuildRequires: perl(JSON)
BuildRequires: perl(JSON::XS)
BuildRequires: perl(lib)
BuildRequires: perl(List::Util)
BuildRequires: perl(LWP::UserAgent)
BuildRequires: perl(MIME::Base64)
BuildRequires: perl(Module::Load::Conditional)
BuildRequires: perl(Net::LDAP::Filter)
BuildRequires: perl(Net::LDAP::FilterMatch)
BuildRequires: perl(Net::LDAP::LDIF)
BuildRequires: perl(Net::LDAP::Util)
BuildRequires: perl(Net::POP3)
BuildRequires: perl(Net::Server::PreForkSimple)
BuildRequires: perl(overload)
BuildRequires: perl(POSIX)
BuildRequires: perl(Scalar::Util)
BuildRequires: perl(Storable)
BuildRequires: perl(strict)
BuildRequires: perl(Sys::Hostname)
BuildRequires: perl(Sys::Syslog)
BuildRequires: perl(Time::HiRes)
BuildRequires: perl(URI)
BuildRequires: perl(URI::Escape)
BuildRequires: perl(User::pwent)
BuildRequires: perl(utf8)
BuildRequires: perl(vars)
BuildRequires: perl(version)
BuildRequires: perl(warnings)
# These were reported as missing during build itself
BuildRequires: perl(DBD::SQLite)
BuildRequires: perl(Digest::CRC)
BuildRequires: perl(Moo)
BuildRequires: perl(Unix::Syslog)
BuildRequires: perl(XML::Parser)
%endif
Requires(pre): shadow-utils
%{?systemd_requires}
%{?sysusers_requires_compat}
Requires: cyrus-imapd-libs%{?_isa} = %{version}-%{release}
Requires: cyrus-imapd-utils = %{version}-%{release}
Requires: file sscg
%{?perl_default_filter}
%description
The Cyrus IMAP (Internet Message Access Protocol) server provides access to
personal mail, system-wide bulletin boards, news-feeds, calendar and contacts
through the IMAP, JMAP, NNTP, CalDAV and CardDAV protocols. The Cyrus IMAP
server is a scalable enterprise groupware system designed for use from small to
large enterprise environments using technologies based on well-established Open
Standards.
A full Cyrus IMAP implementation allows a seamless mail and bulletin board
environment to be set up across one or more nodes. It differs from other IMAP
server implementations in that it is run on sealed nodes, where users are not
normally permitted to log in. The mailbox database is stored in parts of the
filesystem that are private to the Cyrus IMAP system. All user access to mail
is through software using the IMAP, IMAPS, JMAP, POP3, POP3S, KPOP, CalDAV
and/or CardDAV protocols.
The private mailbox database design gives the Cyrus IMAP server large
advantages in efficiency, scalability, and administratability. Multiple
concurrent read/write connections to the same mailbox are permitted. The server
supports access control lists on mailboxes and storage quotas on mailbox
hierarchies.
%package devel
Summary: Cyrus IMAP server development files
Requires: cyrus-imapd-libs%{?_isa} = %{version}-%{release}
Requires: pkgconfig
%description devel
The %name-devel package contains header files and libraries
necessary for developing applications which use the imclient library.
%package doc-extra
Summary: Extra documentation for the Cyrus IMAP server
BuildArch: noarch
%description doc-extra
This package contains the HTML documentation for the Cyrus IMAP server, as well
as some legacy and internal documentation not useful for normal operation of
the server.
%package libs
Summary: Runtime libraries for cyrus-imapd
%description libs
The cyrus-imapd-libs package contains libraries shared by the Cyrus IMAP server
and the its utilities.
%package utils
Summary: Cyrus IMAP server administration utilities
Requires: cyrus-imapd-libs%{?_isa} = %{version}-%{release}
Requires: perl-Cyrus = %{version}-%{release}
%description utils
The cyrus-imapd-utils package contains administrative tools for the
Cyrus IMAP server. It can be installed on systems other than the
one running the server.
%package virusscan
Summary: Cyrus virus scanning utility
Requires: cyrus-imapd-libs%{?_isa} = %{version}-%{release}
%description virusscan
The cyrus-imapd-virusscan package contains the cyr_virusscan utility. It
exists in a separate package so that users who do not wish to install all of
the clamav suite don't have to.
Install this package if you wish to use the internal cyrus virus scanning
utility.
%package -n perl-Cyrus
Summary: Perl libraries for interfacing with Cyrus IMAPd
%description -n perl-Cyrus
This package contains Perl libraries used to interface with Cyrus IMAPd.
%prep
%if 0%{?fedora} || 0%{?rhel} > 8
%{gpgverify} --keyring='%{SOURCE2}' --signature='%{SOURCE1}' --data='%{SOURCE0}'
%endif
%autosetup -p1
# https://github.com/cyrusimap/cyrus-imapd/commit/216934c3f4884999206715db3499fc0162e1d65c
echo %version > VERSION
# Install the Fedora-specific documentation file
install -m 644 %SOURCE15 doc/
# The pm files have shebang lines for some reason
sed -i -e '1{/usr.bin.perl/d}' perl/annotator/{Message,Daemon}.pm
# This one uses env
sed -i -e '1i#!/usr/bin/perl' -e '1d' tools/rehash
# These files have a bizarre perl-in-shell shebang setup. The exec perl bit
# sometimes comes after a long comment block. All use magic to turn on -w.
# Some of these aren't installed, but we might as well fix them all just in
# case.
sed -i \
-e '1i#!/usr/bin/perl -w' \
-e '/^#!\/usr\/bin\/perl/d' \
-e '/^exec perl/d' \
-e '/^#!perl -w/d' \
-e '/^#!perl/d' \
-e '/^#!\/bin\/sh/d' \
-e '/^#! \/bin\/sh/d' \
perl/sieve/scripts/installsieve.pl perl/imap/cyradm.sh tools/translatesieve
# TODO: let the above remnants get fixed upstream like it happened for previous occurences:
# https://github.com/cyrusimap/cyrus-imapd/commit/09fd77717044f96e900c38b1e361028ef39ba381
# https://github.com/cyrusimap/cyrus-imapd/commit/bbb7c68a6b55ffe9356d2033192fffbcafc4d73f
%if %{with cassandane}
pushd cassandane
mkdir work
cp %SOURCE81 cassandane.ini
# RF rpm-buildroot-usage
sed -i \
-e "s!CASSDIR!$(pwd)!" \
-e "s!BUILDROOT!%buildroot!" \
cassandane.ini
popd
%endif
%build
#autoreconf -vi
%if %{with cassandane} && 0%{?fedora}
# Needed for Cyrus::FastMail tests to pass
export CLD2_CFLAGS="-I/usr/include/cld2"
export CLD2_LIBS="-lcld2"
%endif
%configure \
--disable-silent-rules \
\
--libexecdir=%cyrexecdir \
--with-clamav \
%if %{with cassandane} && 0%{?fedora}
`# Needed for Cyrus::FastMail tests to pass` \
--with-cld2 \
%endif
--with-extraident="%release Fedora" \
--with-krbimpl=mit \
--with-ldap=/usr \
--with-libwrap=no \
--with-mysql \
--with-pgsql \
--with-perl=%__perl \
--with-snmp \
--with-syslogfacility=MAIL \
\
--enable-autocreate \
--enable-backup \
--enable-calalarmd \
--enable-http \
--enable-idled \
--enable-murder \
--enable-jmap \
--enable-nntp \
--enable-replication \
--enable-unit-tests \
--enable-xapian \
`# Force use of pcre2 in case pcre still available` \
--disable-pcre
# Try to get rid of RPATH....
sed -i 's|^hardcode_libdir_flag_spec=.*|hardcode_libdir_flag_spec=""|g' libtool
sed -i 's|^runpath_var=LD_RUN_PATH|runpath_var=DIE_RPATH_DIE|g' libtool
# The configure script will set up the Perl makefiles, but not in the way
# Fedora needs them. So regenerate them manually.
for i in perl/annotator perl/imap perl/sieve/managesieve; do
pushd $i
rm -f Makefile
perl Makefile.PL INSTALLDIRS=vendor # NO_PERLOCAL=1 NO_PACKLIST=1
popd
done
%make_build
# This isn't built by default, but this package has always installed it.
make notifyd/notifytest
# CASSANDANE_BUILD
%if %{with cassandane}
# This module is not available in Fedora:
yes | cpan -T IO::File::fcntl
# These are currently missing on RHEL10 (2024-06-10):
yes | cpan -T AnyEvent \
AnyEvent::Handle \
AnyEvent::Socket \
AnyEvent::Util \
Config::IniFiles \
Data::GUID \
Data::ICal \
DateTime \
DateTime::Format::ISO8601 \
File::chdir \
File::LibMagic \
Mail::IMAPTalk \
Mail::JMAPTalk \
Math::Int64 \
Net::CalDAVTalk \
Net::CardDAVTalk \
Net::CardDAVTalk::VCard \
Net::DAVTalk \
Net::LDAP::Server \
News::NNTPClient \
Plack::Loader \
Plack::Request \
Plack::Response \
String::CRC32 \
Test::TCP \
Test::Unit::Exception \
Test::Unit::Result \
Test::Unit::Runner::XML \
Text::VCardFast \
Types::Standard \
XML::DOM \
XML::Generator \
XML::Spice
# Fix cpan's version of perl-Test-Unit like it is done on Fedora:
# https://src.fedoraproject.org/rpms/perl-Test-Unit/c/c8ec65eb06f4f7059f9e4a32b5c521a26eef746b
sed -ie 's/defined(@{"$class\\::TESTS"})/@{"$class\::TESTS"}/' /usr/local/share/perl5/5.38/Test/Unit/TestCase.pm
# This is the test suite, which doesn't build much but does verify its dependencies.
pushd cassandane
export NOCYRUS=1
make
popd
%endif
# CASSANDANE_BUILD_END
%install
make install DESTDIR=%buildroot
# Create directories
install -d \
%buildroot/etc/{rc.d/init.d,logrotate.d,pam.d,sysconfig,cron.daily} \
%buildroot/%_libdir/sasl \
%buildroot/var/spool/imap \
%buildroot/var/lib/imap/{user,quota,proc,log,msg,socket,db,sieve,sync,md5,rpm,backup,meta} \
%buildroot/var/lib/imap/ptclient \
%buildroot/%_datadir/%name/rpm \
%buildroot/%cyrexecdir \
%buildroot/etc/pki/%name
install -d -m 0750 \
%buildroot/run/cyrus \
%buildroot/run/cyrus/socket
install -d -m 0700 \
%buildroot/run/cyrus/db \
%buildroot/run/cyrus/lock \
%buildroot/run/cyrus/proc
# Some tools which aren't installed by the makefile which we have always installed
install -m 755 notifyd/notifytest %buildroot%_bindir/
install -m 755 perl/imap/cyradm %buildroot%_bindir/
for i in arbitronsort.pl masssievec mkimap mknewsgroups rehash translatesieve; do
install -m 755 tools/$i %buildroot/%cyrexecdir/
done
install -p -m 644 %SOURCE10 %buildroot/etc/logrotate.d/%name
# PAM configuration files.
install -p -m 644 %SOURCE11 %buildroot/etc/pam.d/csync
install -p -m 644 %SOURCE11 %buildroot/etc/pam.d/http
install -p -m 644 %SOURCE11 %buildroot/etc/pam.d/imap
install -p -m 644 %SOURCE11 %buildroot/etc/pam.d/lmtp
install -p -m 644 %SOURCE11 %buildroot/etc/pam.d/mupdate
install -p -m 644 %SOURCE11 %buildroot/etc/pam.d/nntp
install -p -m 644 %SOURCE11 %buildroot/etc/pam.d/pop
install -p -m 644 %SOURCE11 %buildroot/etc/pam.d/sieve
install -p -m 644 %SOURCE12 %buildroot/etc/sysconfig/%name
install -p -m 644 %SOURCE13 %buildroot/%_datadir/%name/rpm/magic
install -p -m 755 %SOURCE14 %buildroot/etc/cron.daily/%name
install -p -m 644 doc/examples/cyrus_conf/prefork.conf %buildroot/etc/cyrus.conf
install -p -m 644 doc/examples/imapd_conf/normal.conf %buildroot/etc/imapd.conf
install -p -D -m 644 %SOURCE16 %buildroot/%_unitdir/cyrus-imapd.service
install -p -D -m 644 %SOURCE17 %buildroot/%_unitdir/cyrus-imapd-init.service
install -p -D -m 644 %SOURCE18 %buildroot/%_tmpfilesdir/cyrus-imapd.conf
# systemd-sysusers
install -p -D -m 644 %{SOURCE19} %{buildroot}%{_sysusersdir}/cyrus-imapd.conf
# Cleanup of doc dir
find doc perl -name CVS -type d -prune -exec rm -rf {} \;
find doc perl -name .cvsignore -type f -exec rm -f {} \;
rm -f doc/Makefile.dist*
rm -f doc/text/htmlstrip.c
rm -f doc/text/Makefile
rm -rf doc/man
# fix permissions on perl .so files
find %buildroot/%_libdir/perl5/ -type f -name "*.so" -exec chmod 755 {} \;
# Generate db config file
# XXX Is this still necessary?
( grep '^{' lib/imapoptions | grep _db | cut -d'"' -f 2,4 | \
sed -e 's/^ *//' -e 's/-nosync//' -e 's/ *$//' -e 's/"/=/'
echo sieve_version=2.2.3 ) | sort > %buildroot/%_datadir/%name/rpm/db.cfg
# Cyrus has various files with extremely conflicting names. Some of these are
# not unexpected ("imapd" itself) but some like "httpd" are rather surprising.
# Where there are only conflicting manpages, they have been moved to a "8cyrus"
# section. If the binary was renamed, then the manpages are renamed to match
# but a internal replacement has not been done. This may lead to more
# confusion but involves modifying fewer upstream files.
# Actual binary conflicts
# Rename 'fetchnews' binary and manpage to avoid clash with leafnode
mv %buildroot/%_sbindir/fetchnews %buildroot/%_sbindir/cyr_fetchnews
mv %buildroot/%_mandir/man8/fetchnews.8 %buildroot/%_mandir/man8/cyr_fetchnews.8
# Fix conflict with dump
mv %buildroot/%_sbindir/restore %buildroot/%_sbindir/cyr_restore
mv %buildroot/%_mandir/man8/restore.8 %buildroot/%_mandir/man8/cyr_restore.8
# Fix conceptual conflict with quota
mv %buildroot/%_sbindir/quota %buildroot/%_sbindir/cyr_quota
mv %buildroot/%_mandir/man8/quota.8 %buildroot/%_mandir/man8/cyr_quota.8
# fix conflicts with uw-imap
mv %buildroot/%_mandir/man8/imapd.8 %buildroot/%_mandir/man8/imapd.8cyrus
mv %buildroot/%_mandir/man8/pop3d.8 %buildroot/%_mandir/man8/pop3d.8cyrus
# Rename 'master' manpage
mv %buildroot/%_mandir/man8/master.8 %buildroot/%_mandir/man8/master.8cyrus
# Rename 'httpd' manpage to avoid clash with Apache
mv %buildroot/%_mandir/man8/httpd.8 %buildroot/%_mandir/man8/httpd.8cyrus
# Fix conflict with imtest from python-fslpy
mv %buildroot/%_bindir/imtest %buildroot/%_bindir/cyr_imtest
mv %buildroot/%_mandir/man1/imtest.1 %buildroot/%_mandir/man1/cyr_imtest.1
# Change individual symlinks to point to cyr_imtest instead of imtest
for i in httptest lmtptest mupdatetest nntptest pop3test sivtest smtptest synctest; do
ln -sfr %buildroot/%_bindir/cyr_imtest %buildroot/%_bindir/$i
done
# Old cyrus packages used to keep the deliver executable in
# /usr/lib/cyrus-imapd, and MTA configurations might rely on this.
# Remove this hack in the F30 timeframe.
# RF hardcoded-library-path in %%buildroot/usr/lib/cyrus-imapd
mkdir %buildroot/usr/lib/cyrus-imapd
pushd %buildroot/usr/lib/cyrus-imapd
ln -s ../../sbin/deliver
popd
#remove executable bit from docs and Perl modules
for ddir in doc perl/imap/examples
do
find $ddir -type f -exec chmod -x {} \;
done
# Remove pointless libtool archives
rm %buildroot/%_libdir/*.la
# Remove installed but not packaged files
rm %buildroot/%cyrexecdir/pop3proxyd
find %buildroot -name "perllocal.pod" -exec rm {} \;
find %buildroot -name ".packlist" -exec rm {} \;
# And this one gets installed with executable permission
chmod -x %buildroot/%perl_vendorlib/Cyrus/Annotator/Daemon.pm
%check
%if %{without cassandane}
exit 0
%endif
%ifarch %{ix86} armv7hl
exit 0
%endif
# TODO: The mime_boundary_extended cunit test fails due to LTO on ppc64le, skip it for now:
%ifnarch ppc64le
LD_LIBRARY_PATH=%buildroot/%_libdir make -j%{?_smp_build_ncpus} check || exit 1
%endif
# Cassandane cannot run solely as root because imap services would otherwise quit:
#$ grep -R "must run as the Cyrus user" | egrep "imapd|httpd|pop3d"
#imap/imapd.c: if (geteuid() == 0) fatal("must run as the Cyrus user", EX_USAGE);
#imap/httpd.c: if (geteuid() == 0) fatal("must run as the Cyrus user", EX_USAGE);
#imap/pop3d.c: if (geteuid() == 0) fatal("must run as the Cyrus user", EX_USAGE);
getent group saslauth >/dev/null || /usr/sbin/groupadd -g %gid -r saslauth
# Set up shell and home directory for cyrus so that debugging of failing tests is easier.
getent passwd cyrus >/dev/null && /usr/sbin/usermod -s /bin/bash cyrus
getent passwd cyrus >/dev/null || /usr/sbin/useradd -c "Cyrus IMAP Server" -d /var/lib/imap -g %cyrusgroup \
-G saslauth -s /bin/bash -u %uid -r %cyrususer -m
# Set LD_LIBRARY_PATH for cyrus so that it points to cyrus-imapd libraries we just built.
[ -z "`grep LD_LIBRARY_PATH /var/lib/imap/.bashrc`" ] && echo "export LD_LIBRARY_PATH=%buildroot/%_libdir" >> /var/lib/imap/.bashrc
# CASSANDANE
# Run the Cassandane test suite. This will exhaustively test the various
# server components, but running it in a mock chroot is rather an exercise.
pushd cassandane
# Do not depend on imaptest package (missing on RHEL10)
wget https://dovecot.org/nightly/imaptest/imaptest-20210511.tar.gz
rm -rf imaptest-src
mkdir imaptest-src
tar -xf imaptest-20210511.tar.gz --strip-components=1 -C imaptest-src
pushd imaptest-src
# Workaround for https://bugzilla.redhat.com/show_bug.cgi?id=1103927#c4 (and later)
sed -e 's@\(^LIBDOVECOT .*\)@\1 -Wl,-rpath -Wl,/usr/lib64/dovecot@' -i src/Makefile.in
./configure --with-dovecot=/usr/lib64/dovecot
make
popd
mkdir -p imaptest/src
ln -sfr ./imaptest-src/src/imaptest imaptest/src
ln -sfr ./imaptest-src/src/tests imaptest/src
chown -R cyrus:mail .
# Construct the set of excluded tests to pass to Cassandane
# ---------------------------------------------------------
exclude=()
tests=(
# This exclusion list was verified on 2024-06-10.
# This tests coredumping and won't work on a machine where systemd
# intercepts coredumps, which includes our builders.
Cassandane::Test::Core
# Can't currently be run at build time because of compiled-in paths. See
# https://github.com/cyrusimap/cyrus-imapd/issues/2386
Admin.imap_admins
# TODO currently failing
Cyrus::Flags.userflags_crash
Cyrus::JMAPCore.eventsource
Cyrus::JMAPEmail.email_query_no_guidsearch_ignore_jmapuploads
Cyrus::JMAPEmail.email_query_seen_multimbox
Cyrus::JMAPEmail.email_query_unicodefdfx
Cyrus::JMAPMailbox.mailbox_ignore_notes_subfolders
Cyrus::JMAPMailbox.mailbox_set_create_specialuse_nochildren
Cyrus::JMAPMailbox.mailbox_set_sharewith_acl
Cyrus::JMAPSieve.getmetadata
Cyrus::SearchSquat.nonincremental
Cyrus::SearchSquat.incremental
Cyrus::SearchSquat.one_doc_per_message
Cyrus::JMAPBackup.restore_calendars_batch_size_bug
Cyrus::Prometheus.connection_setup_failure_imapd
)
for i in ${tests[@]}; do exclude+=("!$i"); done
# If cyrus-imapd is built without cld2 support, the below tests are expected to fail:
if [ -z "$CLD2_CFLAGS" ]; then
exclude+=(
"!Cyrus::FastMail.cyr_expire_delete_findpaths_legacy"
"!Cyrus::FastMail.cyr_expire_delete_findpaths_nolegacy"
"!Cyrus::FastMail.relocate_legacy_domain"
"!Cyrus::FastMail.relocate_legacy_nodomain"
"!Cyrus::FastMail.relocate_legacy_nosearchdb"
"!Cyrus::FastMail.relocate_messages_still_exist"
"!Cyrus::FastMail.search_deleted_folder"
"!Cyrus::FastMail.sync_reset_legacy"
"!Cyrus::FastMail.sync_reset_nolegacy"
)
fi
%ifarch s390x
# This one test fails occasionally on s390x because the hosts are just too slow
# to complete it.D It's testing something valid (that the fork rate limiting
# settings work properly) but s390x can't fork quickly enough to exceeed the
# limits it's testing.
exclude+=("!Master.maxforkrate")
%endif
# Add -vvv for too much output
sudo -u cyrus -g mail LD_LIBRARY_PATH=%buildroot/%_libdir ./testrunner.pl -j%{?_smp_build_ncpus} -v -f pretty ${exclude[@]} 2>&1 || :
# CASSANDANE_END
if [ -s "work/failed" ]; then
cat work/failed
exit 1
fi
%pre
%sysusers_create_compat %{SOURCE19}
%post
%systemd_post cyrus-imapd.service
%preun
%systemd_preun cyrus-imapd.service
%postun
%systemd_postun_with_restart cyrus-imapd.service
%files
%license COPYING
%doc README.md doc/README.* doc/examples doc/text
%{_sbindir}/arbitron
%{_sbindir}/chk_cyrus
%{_sbindir}/ctl_backups
%{_sbindir}/ctl_conversationsdb
%{_sbindir}/ctl_cyrusdb
%{_sbindir}/ctl_deliver
%{_sbindir}/ctl_mboxlist
%{_sbindir}/ctl_zoneinfo
%{_sbindir}/cvt_cyrusdb
%{_sbindir}/cvt_xlist_specialuse
%{_sbindir}/cyr_backup
%{_sbindir}/cyr_buildinfo
%{_sbindir}/cyr_cd.sh
%{_sbindir}/cyr_dbtool
%{_sbindir}/cyr_deny
%{_sbindir}/cyr_df
%{_sbindir}/cyr_expire
%{_sbindir}/cyr_fetchnews
%{_sbindir}/cyr_info
%{_sbindir}/cyr_ls
%{_sbindir}/cyr_pwd
%{_sbindir}/cyr_quota
%{_sbindir}/cyr_restore
%{_sbindir}/cyr_synclog
%{_sbindir}/cyr_userseen
%{_sbindir}/cyrdump
%{_sbindir}/dav_reconstruct
%{_sbindir}/deliver
%{_sbindir}/ipurge
%{_sbindir}/mbexamine
%{_sbindir}/mbpath
%{_sbindir}/mbtool
%{_sbindir}/ptdump
%{_sbindir}/ptexpire
%{_sbindir}/reconstruct
%{_sbindir}/relocate_by_id
%{_sbindir}/sievec
%{_sbindir}/sieved
%{_sbindir}/squatter
%{_sbindir}/sync_client
%{_sbindir}/sync_reset
%{_sbindir}/tls_prune
%{_sbindir}/unexpunge
%{_datadir}/cyrus-imapd
%{_mandir}/man1/dav_reconstruct.1*
%{_mandir}/man5/cyrus.conf.5*
%{_mandir}/man5/imapd.conf.5*
%{_mandir}/man5/krb.equiv.5*
%{_mandir}/man8/arbitron.8*
%{_mandir}/man8/backupd.8*
%{_mandir}/man8/chk_cyrus.8*
%{_mandir}/man8/ctl_backups.8*
%{_mandir}/man8/ctl_conversationsdb.8*
%{_mandir}/man8/ctl_cyrusdb.8*
%{_mandir}/man8/ctl_deliver.8*
%{_mandir}/man8/ctl_mboxlist.8*
%{_mandir}/man8/ctl_zoneinfo.8*
%{_mandir}/man8/cvt_cyrusdb.8*
%{_mandir}/man8/cvt_xlist_specialuse.8*
%{_mandir}/man8/cyr_backup.8*
%{_mandir}/man8/cyr_buildinfo.8*
%{_mandir}/man8/cyr_dbtool.8*
%{_mandir}/man8/cyr_deny.8*
%{_mandir}/man8/cyr_df.8*
%{_mandir}/man8/cyr_expire.8*
%{_mandir}/man8/cyr_fetchnews.8*
%{_mandir}/man8/cyr_info.8*
%{_mandir}/man8/cyr_ls.8*
%{_mandir}/man8/cyr_quota.8*
%{_mandir}/man8/cyr_restore.8*
%{_mandir}/man8/cyr_synclog.8*
%{_mandir}/man8/cyr_userseen.8*
%{_mandir}/man8/cyradm.8*
%{_mandir}/man8/cyrdump.8*
%{_mandir}/man8/deliver.8*
%{_mandir}/man8/fud.8*
%{_mandir}/man8/httpd.8cyrus*
%{_mandir}/man8/idled.8*
%{_mandir}/man8/imapd.8cyrus*
%{_mandir}/man8/ipurge.8*
%{_mandir}/man8/lmtpd.8*
%{_mandir}/man8/lmtpproxyd.8*
%{_mandir}/man8/master.8cyrus*
%{_mandir}/man8/mbexamine.8*
%{_mandir}/man8/mbpath.8*
%{_mandir}/man8/mbtool.8*
%{_mandir}/man8/mupdate.8*
%{_mandir}/man8/nntpd.8*
%{_mandir}/man8/notifyd.8*
%{_mandir}/man8/pop3d.8cyrus*
%{_mandir}/man8/pop3proxyd.8*
%{_mandir}/man8/promstatsd.8*
%{_mandir}/man8/proxyd.8*
%{_mandir}/man8/ptdump.8*
%{_mandir}/man8/ptexpire.8*
%{_mandir}/man8/ptloader.8*
%{_mandir}/man8/reconstruct.8*
%{_mandir}/man8/relocate_by_id.8*
%{_mandir}/man8/sievec.8*
%{_mandir}/man8/sieved.8*
%{_mandir}/man8/smmapd.8*
%{_mandir}/man8/squatter.8*
%{_mandir}/man8/sync_client.8*
%{_mandir}/man8/sync_reset.8*
%{_mandir}/man8/sync_server.8*
%{_mandir}/man8/timsieved.8*
%{_mandir}/man8/tls_prune.8*
%{_mandir}/man8/unexpunge.8*
%exclude %{_sbindir}/cyr_virusscan
%exclude %{_mandir}/man8/cyr_virusscan.8*
# For the legacy symlink to the deliver binary
# RF hardcoded-library-path in /usr/lib/cyrus-imapd
/usr/lib/cyrus-imapd/
%dir /etc/pki/cyrus-imapd
%attr(0644,root,%cyrusgroup) %ghost %config(missingok,noreplace) %verify(not md5 size mtime) %ssl_pem_file_prefix-ca.pem
%attr(0644,root,%cyrusgroup) %ghost %config(missingok,noreplace) %verify(not md5 size mtime) %ssl_pem_file_prefix.pem
%attr(0640,root,%cyrusgroup) %ghost %config(missingok,noreplace) %verify(not md5 size mtime) %ssl_pem_file_prefix-key.pem
%config(noreplace) /etc/cyrus.conf
%config(noreplace) /etc/imapd.conf
%config(noreplace) /etc/logrotate.d/cyrus-imapd
%config(noreplace) /etc/sysconfig/cyrus-imapd
%config(noreplace) /etc/pam.d/*
/etc/cron.daily/cyrus-imapd
%_unitdir/cyrus-imapd.service
%_unitdir/cyrus-imapd-init.service
%_tmpfilesdir/cyrus-imapd.conf
%{_sysusersdir}/cyrus-imapd.conf
%dir %cyrexecdir/
%cyrexecdir/[a-uw-z]*
# This creates some directories which in the default configuration cyrus will
# never use because they are placed under /run instead. However, old
# configurations or setup advice from the 'net might reference them, and so
# it's simpler to just leave them in the package.
%attr(0750,%cyrususer,%cyrusgroup) %dir /var/lib/imap/
%attr(0700,%cyrususer,%cyrusgroup) /var/lib/imap/backup/
%attr(0700,%cyrususer,%cyrusgroup) /var/lib/imap/db/
%attr(0700,%cyrususer,%cyrusgroup) /var/lib/imap/log/
%attr(0700,%cyrususer,%cyrusgroup) /var/lib/imap/meta/
%attr(0700,%cyrususer,%cyrusgroup) /var/lib/imap/md5/
%attr(0700,%cyrususer,%cyrusgroup) /var/lib/imap/msg/
%attr(0700,%cyrususer,%cyrusgroup) /var/lib/imap/proc/
%attr(0700,%cyrususer,%cyrusgroup) /var/lib/imap/ptclient/
%attr(0700,%cyrususer,%cyrusgroup) /var/lib/imap/quota/
%attr(0700,%cyrususer,%cyrusgroup) /var/lib/imap/rpm/
%attr(0700,%cyrususer,%cyrusgroup) /var/lib/imap/sieve/
%attr(0750,%cyrususer,%cyrusgroup) /var/lib/imap/socket
%attr(0700,%cyrususer,%cyrusgroup) /var/lib/imap/sync/
%attr(0700,%cyrususer,%cyrusgroup) /var/lib/imap/user/
%attr(0700,%cyrususer,%cyrusgroup) /var/spool/imap/
# The new locations
%attr(0750,%cyrususer,%cyrusgroup) %dir /run/cyrus/
%attr(0700,%cyrususer,%cyrusgroup) /run/cyrus/db/
%attr(0700,%cyrususer,%cyrusgroup) /run/cyrus/lock/
%attr(0700,%cyrususer,%cyrusgroup) /run/cyrus/proc/
%attr(0750,%cyrususer,%cyrusgroup) /run/cyrus/socket/
%files devel
%{_includedir}/cyrus/
%{_libdir}/libcyrus.so
%{_libdir}/libcyrus_imap.so
%{_libdir}/libcyrus_min.so
%{_libdir}/libcyrus_sieve.so
%{_libdir}/pkgconfig/*.pc
%{_mandir}/man3/imclient.3*
%files doc-extra
%doc doc/html doc/internal doc/legacy
%files libs
%license COPYING
%{_libdir}/libcyrus.so.0*
%{_libdir}/libcyrus_imap.so.0*
%{_libdir}/libcyrus_min.so.0*
%{_libdir}/libcyrus_sieve.so.0*
%files utils
%{_bindir}/cyradm
%{_bindir}/httptest
%{_bindir}/cyr_imtest
%{_bindir}/installsieve
%{_bindir}/lmtptest
%{_bindir}/mupdatetest
%{_bindir}/nntptest
%{_bindir}/notifytest
%{_bindir}/pop3test
%{_bindir}/sieveshell
%{_bindir}/sivtest
%{_bindir}/smtptest
%{_bindir}/synctest
%{_mandir}/man1/cyradm.1*
%{_mandir}/man1/httptest.1*
%{_mandir}/man1/cyr_imtest.1*
%{_mandir}/man1/installsieve.1*
%{_mandir}/man1/lmtptest.1*
%{_mandir}/man1/mupdatetest.1*
%{_mandir}/man1/nntptest.1*
%{_mandir}/man1/pop3test.1*
%{_mandir}/man1/sieveshell.1*
%{_mandir}/man1/sivtest.1*
%{_mandir}/man1/smtptest.1*
%{_mandir}/man1/synctest.1*
%files virusscan
%{_sbindir}/cyr_virusscan
%{_mandir}/man8/cyr_virusscan.8*
%files -n perl-Cyrus
%license COPYING
%doc perl/imap/README
%doc perl/imap/Changes
%doc perl/imap/examples
%{perl_vendorarch}/auto/Cyrus
%{perl_vendorarch}/Cyrus
%{perl_vendorlib}/Cyrus
%{_mandir}/man3/Cyrus::Annotator::Daemon.3pm*
%{_mandir}/man3/Cyrus::Annotator::Message.3pm*
%{_mandir}/man3/Cyrus::IMAP.3pm*
%{_mandir}/man3/Cyrus::IMAP::Admin.3pm*
%{_mandir}/man3/Cyrus::IMAP::Shell.3pm*
%{_mandir}/man3/Cyrus::SIEVE::managesieve.3pm*
%changelog
%autochangelog

0
SOURCES/cyrus-imapd.sysconfig → cyrus-imapd.sysconfig
View File

4
cyrus-imapd.sysusers Normal file
View File

@ -0,0 +1,4 @@
#Type Name ID GECOS Home directory Shell
g saslauth 76
u cyrus 76:mail "Cyrus IMAP Server" /var/lib/imap /sbin/nologin
m cyrus saslauth

0
SOURCES/cyrus-imapd.tmpfiles.conf → cyrus-imapd.tmpfiles.conf
View File

17
ellie-pub.key Normal file
View File

@ -0,0 +1,17 @@
-----BEGIN PGP PUBLIC KEY BLOCK-----
mQENBFU5pZUBCAC+m05W9nJnBkrfFO9I+iimF1WCsSZNFoASJ3WEeZxIkOQO9BZj
aKf8EP/nK7nEfNGZ2m+OrAtQU/+I8Sk1ppHuwZgENLvRzLsBGbv80kDKBw31Nd1f
sCpVQs4b8zlohXjq0UN8tT5NcGJnGE7ahoOHzJk/0Ll76oVmOZvSw+WHBp1945m2
Q8CbIbfmyuv7NF6GtGDVilPeIPsDnh5w5usjpKsxjYHKpy6Rtf4MbcCLtkRbHFra
KJD+xum0PgPdCAEEbQsSXQgwOd0TZ59avRVVef674PjWqIuudUGUhJ/f9OWOj7LG
6QgJR6yvCy7Bc2eAN4RnIIzaUZGaJDKDCNozABEBAAG0ImVsbGllIHRpbW9uZXkg
PGVsbGllQGZhc3RtYWlsLmNvbT6JATgEEwECACIFAlU5pZUCGwMGCwkIBwMCBhUI
AgkKCwQWAgMBAh4BAheAAAoJEFVPBP6zY3jgb9gH/3GPDLGybo7SYZMtBmfe+Udf
tcRkTtH+o2pf2rh6KwPhhEDuOXWVCIUPWXsWIVU2K5Y8AdBIHOEoSUp3n8juV57I
u9CfDI718/WaHgEpYrq5DqyROAFr+sGahcb6C40+V/CeUSAmKVhFGniuALUSAQ+B
XVj/i2EAFNg/5ALkPYDnDYDqm7Ak6odDbktYQz987y38sg3EMC/2wi2EoOG1VWeG
twFD8HKmXZw+u6cYtFh9K1hOBZm+PhLHr3h1MHTuWYeBKkT3YqaGtXMwi704LlNr
HU8beOHSNBSsVYJ61B4kgBA7p+qnx6xIpU2KfAJl8cgjCYwrq8yo+Lm9TazagfM=
=dIwC
-----END PGP PUBLIC KEY BLOCK-----

25
gating.yaml Normal file
View File

@ -0,0 +1,25 @@
--- !Policy
product_versions:
- fedora-*
decision_context: bodhi_update_push_testing
subject_type: koji_build
rules:
- !PassingTestCaseRule {test_case_name: fedora-ci.koji-build./plans/tier1-public.functional}
#Rawhide
--- !Policy
product_versions:
- fedora-*
decision_context: bodhi_update_push_stable
subject_type: koji_build
rules:
- !PassingTestCaseRule {test_case_name: fedora-ci.koji-build./plans/tier1-public.functional}
#gating rhel
--- !Policy
product_versions:
- rhel-*
decision_context: osci_compose_gate
rules:
- !PassingTestCaseRule {test_case_name: osci.brew-build./plans/tier1-public.functional}
- !PassingTestCaseRule {test_case_name: osci.brew-build./plans/tier1-internal.functional}

14
patch-cassandane-fix-annotator Normal file
View File

@ -0,0 +1,14 @@
diff --git a/cassandane/utils/annotator.pl b/cassandane/utils/annotator.pl
index 265c73f..8af3d58 100755
--- a/cassandane/utils/annotator.pl
+++ b/cassandane/utils/annotator.pl
@@ -140,6 +140,8 @@ GetOptions(
xlog "annotator $$ starting";
Cassandane::AnnotatorDaemon->run(
pid_file => $pidfile,
- port => $port
+ port => $port,
+ user => (getpwuid($<))[0],
+ group => (getgrgid($())[0],
);
xlog "annotator $$ exiting";

57
patch-cassandane-no-syslog Normal file
View File

@ -0,0 +1,57 @@
diff --git a/cassandane/Cassandane/Util/Log.pm b/cassandane/Cassandane/Util/Log.pm
index a44005c..5bb5710 100644
--- a/cassandane/Cassandane/Util/Log.pm
+++ b/cassandane/Cassandane/Util/Log.pm
@@ -51,9 +51,6 @@ our @EXPORT = qw(
my $verbose = 0;
-openlog('cassandane', '', LOG_LOCAL6)
- or die "Cannot openlog";
-
sub xlog
{
my $id;
@@ -87,7 +84,6 @@ sub xlog
else {
print STDERR "$msg\n";
}
- syslog(LOG_ERR, "$msg");
}
sub set_verbose
diff --git a/cassandane/utils/syslog.c b/cassandane/utils/syslog.c
index 20d3763..0238d82 100644
--- a/cassandane/utils/syslog.c
+++ b/cassandane/utils/syslog.c
@@ -116,14 +116,28 @@ EXPORTED void syslog(int priority, const char *format, ...)
va_start(ap, format);
fake_vsyslog(priority, format, ap);
va_end(ap);
+}
+
+EXPORTED void
+__attribute__((format(printf, 3, 4)))
+__syslog_chk(int priority, int whatever __attribute__((unused)),
+ const char *format, ...)
+{
+ va_list ap;
va_start(ap, format);
- real_vsyslog(priority, format, ap);
+ fake_vsyslog(priority, format, ap);
va_end(ap);
}
EXPORTED void vsyslog(int priority, const char *format, va_list ap)
{
fake_vsyslog(priority, format, ap);
- real_vsyslog(priority, format, ap);
+}
+
+EXPORTED void
+__attribute__((format(printf, 3, 0)))
+__vsyslog_chk(int priority, int whatever __attribute__((unused)), const char *format, va_list ap)
+{
+ fake_vsyslog(priority, format, ap);
}

15
patch-cassandane-xapian-delve-path Normal file
View File

@ -0,0 +1,15 @@
diff --git a/cassandane/Cassandane/Instance.pm b/cassandane/Cassandane/Instance.pm
index 78e7100..edf6f5d 100644
--- a/cassandane/Cassandane/Instance.pm
+++ b/cassandane/Cassandane/Instance.pm
@@ -492,9 +492,7 @@ sub _find_binary
my $base = $self->{cyrus_destdir} . $self->{cyrus_prefix};
if ($name eq 'delve') {
- my $lib = `ldd $base/libexec/imapd` || die "can't ldd imapd";
- $lib =~ m{(/\S+)/lib/libxapian-([0-9.]+)\.so};
- return "$1/bin/xapian-delve-$2";
+ return "/bin/xapian-delve";
}
foreach (qw( bin sbin libexec libexec/cyrus-imapd lib cyrus/bin ))

43
SOURCES/patch-cyrus-default-configs → patch-cyrus-default-configs
View File

@ -1,27 +1,3 @@
diff --git a/doc/examples/cyrus_conf/prefork.conf b/doc/examples/cyrus_conf/prefork.conf
index 4ce2c0f..3b1e6d7 100644
--- a/doc/examples/cyrus_conf/prefork.conf
+++ b/doc/examples/cyrus_conf/prefork.conf
@@ -19,15 +19,15 @@ SERVICES {
# nntps cmd="nntpd -s" listen="nntps" prefork=1
# these are only necessary if using HTTP for CalDAV, CardDAV, or RSS
-# http cmd="httpd" listen="http" prefork=3
-# https cmd="httpd -s" listen="https" prefork=1
+ http cmd="httpd" listen="http" prefork=3
+ https cmd="httpd -s" listen="https" prefork=1
# at least one LMTP is required for delivery
# lmtp cmd="lmtpd" listen="lmtp" prefork=0
- lmtpunix cmd="lmtpd" listen="/var/imap/socket/lmtp" prefork=1
+ lmtpunix cmd="lmtpd" listen="/run/cyrus/socket/lmtp" prefork=1
# this is only necessary if using notifications
-# notify cmd="notifyd" listen="/var/imap/socket/notify" proto="udp" prefork=1
+# notify cmd="notifyd" listen="/run/cyrus/socket/notify" proto="udp" prefork=1
}
EVENTS {
diff --git a/doc/examples/imapd_conf/normal.conf b/doc/examples/imapd_conf/normal.conf
index 95b54e9..3935b77 100644
--- a/doc/examples/imapd_conf/normal.conf
@ -67,8 +43,8 @@ index 95b54e9..3935b77 100644
-#
-# Allowed values: caldav, carddav, domainkey, ischedule, rss
-httpmodules: caldav carddav
+# Enable supported modules
+httpmodules: caldav carddav
+# Fedora default: enable all modules besides admin and tzdist
+httpmodules: caldav carddav domainkey freebusy ischedule jmap rss webdav
# If enabled, the partitions will also be hashed, in addition to the
# hashing done on configuration directories. This is recommended if one
@ -112,3 +88,18 @@ index 95b54e9..3935b77 100644
# File containing the global certificate used for ALL services (imap,
# pop3, lmtp, sieve)
#tls_server_cert: /etc/ssl/certs/ssl-cert-snakeoil.pem
diff --git a/doc/examples/cyrus_conf/prefork.conf b/doc/examples/cyrus_conf/prefork.conf
index 186fe66..ab97848 100644
--- a/doc/examples/cyrus_conf/prefork.conf
+++ b/doc/examples/cyrus_conf/prefork.conf
@@ -19,8 +19,8 @@ SERVICES {
# nntps cmd="nntpd -s" listen="nntps" prefork=1
# these are only necessary if using HTTP for CalDAV, CardDAV, or RSS
-# http cmd="httpd" listen="http" prefork=3
-# https cmd="httpd -s" listen="https" prefork=1
+ http cmd="httpd" listen="http" prefork=3
+ https cmd="httpd -s" listen="https" prefork=1
# at least one LMTP is required for delivery
# lmtp cmd="lmtpd" listen="lmtp" prefork=0

26
patch-cyrus-perl-linking Normal file
View File

@ -0,0 +1,26 @@
diff --git a/perl/sieve/managesieve/Makefile.PL.in b/perl/sieve/managesieve/Makefile.PL.in
index 7180b98..d589ebe 100644
--- a/perl/sieve/managesieve/Makefile.PL.in
+++ b/perl/sieve/managesieve/Makefile.PL.in
@@ -69,7 +69,7 @@ WriteMakefile(
'ABSTRACT' => 'Cyrus Sieve management interface',
'VERSION_FROM' => "@top_srcdir@/perl/sieve/managesieve/managesieve.pm", # finds $VERSION
'MYEXTLIB' => '../lib/.libs/libisieve.a @top_builddir@/perl/.libs/libcyrus.a @top_builddir@/perl/.libs/libcyrus_min.a',
- 'LIBS' => ["$LIB_SASL @SSL_LIBS@ @LIB_UUID@ @LIB_REGEX@ @ZLIB@ @SQLITE_LIBADD@ @MYSQL_LIBADD@ @PGSQL_LIBADD@"],
+ 'LIBS' => ["$LIB_SASL @SSL_LIBS@ @LIB_UUID@ @LIB_REGEX@ @ZLIB@ @SQLITE_LIBADD@ @MYSQL_LIBADD@ @PGSQL_LIBADD@ -lpcre2-posix"],
'CCFLAGS' => '@GCOV_CFLAGS@',
'DEFINE' => '-DPERL_POLLUTE', # e.g., '-DHAVE_SOMETHING'
'INC' => "-I@top_srcdir@/lib -I@top_srcdir@/perl/sieve -I@top_srcdir@/perl/sieve/lib @SASLFLAGS@ @SSL_CPPFLAGS@",
diff --git a/perl/imap/Makefile.PL.in b/perl/imap/Makefile.PL.in
index 71416cc..f76cda6 100644
--- a/perl/imap/Makefile.PL.in
+++ b/perl/imap/Makefile.PL.in
@@ -91,7 +91,7 @@ WriteMakefile(
'LD' => $Config{ld} . ' @GCOV_LDFLAGS@',
'OBJECT' => 'IMAP.o',
'MYEXTLIB' => '@top_builddir@/perl/.libs/libcyrus.a @top_builddir@/perl/.libs/libcyrus_min.a',
- 'LIBS' => [ "$LIB_SASL @SSL_LIBS@ @LIB_UUID@ @ZLIB@ @GCOV_LIBS@ @LIBCAP_LIBS@"],
+ 'LIBS' => [ "$LIB_SASL @SSL_LIBS@ @LIB_UUID@ @ZLIB@ @GCOV_LIBS@ @LIBCAP_LIBS@ -lpcre2-posix"],
'DEFINE' => '-DPERL_POLLUTE', # e.g., '-DHAVE_SOMETHING'
'INC' => "-I@top_srcdir@ -I@top_srcdir@/com_err/et @SASLFLAGS@ @SSL_CPPFLAGS@ @GCOV_CFLAGS@ -I@top_srcdir@/perl/imap",
'EXE_FILES' => [cyradm],

13
patch-cyrus-remove-always-inline-for-buf-len Normal file
View File

@ -0,0 +1,13 @@
diff --git a/lib/util.c b/lib/util.c
index a2eae15..ef8c25b 100644
--- a/lib/util.c
+++ b/lib/util.c
@@ -1188,7 +1188,7 @@ EXPORTED int buf_getline(struct buf *buf, FILE *fp)
#ifdef HAVE_DECLARE_OPTIMIZE
EXPORTED inline size_t buf_len(const struct buf *buf)
- __attribute__((always_inline, optimize("-O3")));
+ __attribute__((optimize("-O3")));
#endif
EXPORTED inline size_t buf_len(const struct buf *buf)
{

40
patch-cyrus-rename-imtest Normal file
View File

@ -0,0 +1,40 @@
diff --git a/Makefile.am b/Makefile.am
index 71333b0..52317da 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -2092,14 +2092,14 @@ endif
## The @$(MKDIR_P) line is added due to a bug in Automake 1.10 and can be removed if using Automake 1.12.
@$(MKDIR_P) $(DESTDIR)$(bindir)
cd $(DESTDIR)$(bindir) && \
- $(LN_S) -f imtest httptest && \
- $(LN_S) -f imtest lmtptest && \
- $(LN_S) -f imtest mupdatetest && \
- $(LN_S) -f imtest nntptest && \
- $(LN_S) -f imtest pop3test && \
- $(LN_S) -f imtest sivtest && \
- $(LN_S) -f imtest smtptest && \
- $(LN_S) -f imtest synctest
+ $(LN_S) -f cyr_imtest httptest && \
+ $(LN_S) -f cyr_imtest lmtptest && \
+ $(LN_S) -f cyr_imtest mupdatetest && \
+ $(LN_S) -f cyr_imtest nntptest && \
+ $(LN_S) -f cyr_imtest pop3test && \
+ $(LN_S) -f cyr_imtest sivtest && \
+ $(LN_S) -f cyr_imtest smtptest && \
+ $(LN_S) -f cyr_imtest synctest
uninstall-hook: cyrus-makemaker-uninstall-workaround
if PERL
diff --git a/imtest/imtest.c b/imtest/imtest.c
index 725ff62..d9406e1 100644
--- a/imtest/imtest.c
+++ b/imtest/imtest.c
@@ -3040,7 +3040,7 @@ int main(int argc, char **argv)
}
if (!*prot) {
- if (!strcasecmp(prog, "imtest"))
+ if (!strcasecmp(prog, "cyr_imtest"))
prot = "imap";
else if (!strcasecmp(prog, "pop3test"))
prot = "pop3";

13
patch-cyrus-rename-quota Normal file
View File

@ -0,0 +1,13 @@
diff --git a/imap/imapd.c b/imap/imapd.c
index 3cc75f5..a22a356 100644
--- a/imap/imapd.c
+++ b/imap/imapd.c
@@ -8022,7 +8022,7 @@ static void cmd_reconstruct(const char *tag, const char *name, int recursive)
fclose(stdout);
fclose(stderr);
- ret = snprintf(buf, sizeof(buf), "%s/quota", SBIN_DIR);
+ ret = snprintf(buf, sizeof(buf), "%s/cyr_quota", SBIN_DIR);
if(ret < 0 || ret >= (int) sizeof(buf)) {
/* in child, so fatailing won't disconnect our user */
fatal("quota buffer not sufficiently big", EX_CONFIG);

2
SOURCES/patch-cyrus-testsuite-timeout → patch-cyrus-testsuite-timeout
View File

@ -7,7 +7,7 @@ index 46dc358..ca37f22 100644
/* Each test gets a maximum of 20 seconds. */
-#define TEST_TIMEOUT_MS (20*1000)
+#define TEST_TIMEOUT_MS (30*1000)
+#define TEST_TIMEOUT_MS (300*1000)
static jmp_buf jbuf;
static const char *code;

36
plans.fmf Normal file
View File

@ -0,0 +1,36 @@
/tier1-internal:
plan:
import:
url: https://src.fedoraproject.org/tests/cyrus-imapd.git
name: /plans/tier1/internal
/tier1-public:
plan:
import:
url: https://src.fedoraproject.org/tests/cyrus-imapd.git
name: /plans/tier1/public
/tier2-tier3-internal:
plan:
import:
url: https://src.fedoraproject.org/tests/cyrus-imapd.git
name: /plans/tier2-tier3/internal
/tier2-tier3-public:
plan:
import:
url: https://src.fedoraproject.org/tests/cyrus-imapd.git
name: /plans/tier2-tier3/public
/others-internal:
plan:
import:
url: https://src.fedoraproject.org/tests/cyrus-imapd.git
name: /plans/others/internal
/others-public:
plan:
import:
url: https://src.fedoraproject.org/tests/cyrus-imapd.git
name: /plans/others/public

10
rpminspect.yaml Normal file
View File

@ -0,0 +1,10 @@
---
badfuncs:
allowed:
# mupdate uses gethostbyname (safely) to check if the IP address
# of the given hostname is local.
/usr/libexec/cyrus-imapd/mupdate:
- gethostbyname
# smmapd uses gethostbyname (safely) to verify user's host.
/usr/libexec/cyrus-imapd/smmapd:
- gethostbyname

2
sources Normal file
View File

@ -0,0 +1,2 @@
SHA512 (cyrus-imapd-3.8.3.tar.gz) = 6af60863ae2b8491bc36c74a760c080c94fa163851877976c33c43793409723660293ad469d1547e779d39b35a36c7c2d7ae7352260a9e8af18cb9f3fa566a1a
SHA512 (cyrus-imapd-3.8.3.tar.gz.sig) = f8bc7172b9f9f70bb3533efcd9f556c6b0c9a9c0e568b0585a0d8ba790ad57a732e918f12b5711c165d3ad806bd55d1ab52e396a91255f43a7da188be1a11c43