From 180412ea2c71c957238862357271f4bfa8ef8635 Mon Sep 17 00:00:00 2001 From: Michal Hlavinka Date: Fri, 13 Nov 2009 13:52:01 +0000 Subject: [PATCH] - updated to dovecot 1.2.7 - add man pages --- .cvsignore | 2 +- dovecot-1.2.6-greetings.patch | 98 ----------------------------------- dovecot.8 | 52 +++++++++++++++++++ dovecot.conf.5 | 17 ++++++ dovecot.spec | 15 +++--- dovecotpw.1 | 46 ++++++++++++++++ sources | 4 +- 7 files changed, 126 insertions(+), 108 deletions(-) delete mode 100644 dovecot-1.2.6-greetings.patch create mode 100644 dovecot.8 create mode 100644 dovecot.conf.5 create mode 100644 dovecotpw.1 diff --git a/.cvsignore b/.cvsignore index 61f4fa1..26adec2 100644 --- a/.cvsignore +++ b/.cvsignore @@ -1,4 +1,4 @@ -dovecot-1.2.6.tar.gz +dovecot-1.2.7.tar.gz dovecot-1.2-managesieve-0.11.9.tar.gz dovecot-1.2.6-managesieve-0.11.9.diff.gz dovecot-1.2-sieve-0.1.13.tar.gz diff --git a/dovecot-1.2.6-greetings.patch b/dovecot-1.2.6-greetings.patch deleted file mode 100644 index c59d0d9..0000000 --- a/dovecot-1.2.6-greetings.patch +++ /dev/null @@ -1,98 +0,0 @@ -diff -up dovecot-1.2.6/src/imap-login/client.c.greetings dovecot-1.2.6/src/imap-login/client.c ---- dovecot-1.2.6/src/imap-login/client.c.greetings 2009-10-05 20:10:44.000000000 +0200 -+++ dovecot-1.2.6/src/imap-login/client.c 2009-10-21 12:20:03.995249615 +0200 -@@ -93,11 +93,12 @@ bool client_skip_line(struct imap_client - - static const char *get_capability(struct imap_client *client, bool full) - { -- const char *auths; -+ const char *auths, *cap_str; - -+ cap_str = full || capability_string_overridden ? capability_string : -+ CAPABILITY_BANNER_STRING; - auths = client_authenticate_get_capabilities(client->common.secured); -- return t_strconcat(full ? capability_string : CAPABILITY_BANNER_STRING, -- (ssl_initialized && !client->common.tls) ? -+ return t_strconcat(cap_str, (ssl_initialized && !client->common.tls) ? - " STARTTLS" : "", - disable_plaintext_auth && !client->common.secured ? - " LOGINDISABLED" : "", auths, NULL); -diff -up dovecot-1.2.6/src/login-common/common.h.greetings dovecot-1.2.6/src/login-common/common.h ---- dovecot-1.2.6/src/login-common/common.h.greetings 2009-01-15 21:27:26.000000000 +0100 -+++ dovecot-1.2.6/src/login-common/common.h 2009-10-21 12:20:03.996248613 +0200 -@@ -23,7 +23,7 @@ extern const char *trusted_networks; - extern unsigned int max_connections; - extern unsigned int login_process_uid; - extern struct auth_client *auth_client; --extern bool closing_down; -+extern bool closing_down, capability_string_overridden; - - void main_ref(void); - void main_unref(void); -diff -up dovecot-1.2.6/src/login-common/main.c.greetings dovecot-1.2.6/src/login-common/main.c ---- dovecot-1.2.6/src/login-common/main.c.greetings 2009-08-12 20:03:16.000000000 +0200 -+++ dovecot-1.2.6/src/login-common/main.c 2009-10-21 12:20:03.996248613 +0200 -@@ -28,7 +28,7 @@ const char *trusted_networks; - unsigned int max_connections; - unsigned int login_process_uid; - struct auth_client *auth_client; --bool closing_down; -+bool closing_down, capability_string_overridden; - - static const char *process_name; - static struct ioloop *ioloop; -@@ -354,8 +354,11 @@ static void main_init(void) - - /* capability default is set in imap/pop3-login */ - value = getenv("CAPABILITY_STRING"); -- if (value != NULL && *value != '\0') -+ if (value != NULL && *value != '\0') { - capability_string = value; -+ if (getenv("CAPABILITY_STRING_OVERRIDDEN") != NULL) -+ capability_string_overridden = TRUE; -+ } - - closing_down = FALSE; - main_refcount = 0; -diff -up dovecot-1.2.6/src/login-common/ssl-proxy-openssl.c.greetings dovecot-1.2.6/src/login-common/ssl-proxy-openssl.c ---- dovecot-1.2.6/src/login-common/ssl-proxy-openssl.c.greetings 2009-09-29 16:14:15.000000000 +0200 -+++ dovecot-1.2.6/src/login-common/ssl-proxy-openssl.c 2009-10-21 12:20:04.000248772 +0200 -@@ -715,6 +715,7 @@ static DH *ssl_tmp_dh_callback(SSL *ssl - return ssl_params.dh_1024; - } - -+#ifdef HAVE_SSL_CTX_SET_INFO_CALLBACK - static void ssl_info_callback(const SSL *ssl, int where, int ret) - { - struct ssl_proxy *proxy; -@@ -732,6 +733,7 @@ static void ssl_info_callback(const SSL - net_ip2addr(&proxy->ip)); - } - } -+#endif - - static int ssl_verify_client_cert(int preverify_ok, X509_STORE_CTX *ctx) - { -@@ -814,8 +816,10 @@ static void ssl_proxy_ctx_init(SSL_CTX * - cafile, ssl_last_error()); - } - } -+#ifdef HAVE_SSL_CTX_SET_INFO_CALLBACK - if (verbose_ssl) - SSL_CTX_set_info_callback(ssl_ctx, ssl_info_callback); -+#endif - if (SSL_CTX_need_tmp_RSA(ssl_ctx)) - SSL_CTX_set_tmp_rsa_callback(ssl_ctx, ssl_gen_rsa_key); - SSL_CTX_set_tmp_dh_callback(ssl_ctx, ssl_tmp_dh_callback); -diff -up dovecot-1.2.6/src/master/login-process.c.greetings dovecot-1.2.6/src/master/login-process.c ---- dovecot-1.2.6/src/master/login-process.c.greetings 2009-10-21 12:20:03.965978906 +0200 -+++ dovecot-1.2.6/src/master/login-process.c 2009-10-21 12:23:04.696873716 +0200 -@@ -635,6 +635,8 @@ static void login_process_init_env(struc - *set->imap_capability != '\0' ? - set->imap_capability : - set->imap_generated_capability, NULL)); -+ if (*set->imap_capability != '\0') -+ env_put("CAPABILITY_STRING_OVERRIDDEN=1"); - } else if (group->mail_process_type == PROCESS_TYPE_MANAGESIEVE) { - env_put(t_strconcat("CAPABILITY_STRING=", - set->managesieve_generated_capability, NULL)); diff --git a/dovecot.8 b/dovecot.8 new file mode 100644 index 0000000..cf156d2 --- /dev/null +++ b/dovecot.8 @@ -0,0 +1,52 @@ +.TH DOVECOT 8 2009/09/26 "dovecot" "System Administration tools and Deamons" +.SH NAME +\fBdovecot\fP \- Secure imap and pop3 server + +.SH SYNOPSIS +.B dovecot [\-F] [\-c ] [\-p] [\-n] [\-a] [\-\-version] [\-\-build-options] [\-\-exec-mail []] + +.SH FULL PATH +.B /usr/sbin/dovecot + +.SH DESCRIPTION +Dovecot is an IMAP server for Linux/UNIX-like systems, written with security +primarily in mind. It also contains a small POP3 server. It supports mail +in either of maildir or mbox formats. +.SH OPTIONS +.TP +.B \-a +Dump complete configuration and exit +.TP +.B \-\-build-options +Print build options and exit +.TP +.B \-c +Use as path to the configuration instead of default /etc/dovecot.conf +.TP +.B \-\-exec\-mail [] +Start protocol from section. If \-\-exec\-mail is used, it must be the last argument on the command line, as
is an optional parameter, otherwise if no section is given but +another parameter follows, this parameter is used as section. +.TP +.B \-F +Start dovecot as foreground process (otherwise: start as daemon) +.TP +.B --log-error +Test dovecot's logging capability and exit +.TP +.B \-n +Dump all non-default configuration items and exit +.TP +.B \-p +Ask for private SSL key password +.TP +.B \-\-version +Print version and exit + +.SH "SEE ALSO" +.BR dovecotpw(1), +.BR dovecot.conf(5), +.BR /usr/share/doc/dovecot*/wiki/ + +.SH AUTHOR +.TP +dovecotpw was written by Timo Sirainen . diff --git a/dovecot.conf.5 b/dovecot.conf.5 new file mode 100644 index 0000000..ebdfff4 --- /dev/null +++ b/dovecot.conf.5 @@ -0,0 +1,17 @@ +.TH DOVECOT.CONF 5 2009/09/26 "dovecot" "File Formats and Conventions" +.SH NAME +\fBdovecot.conf\fP \- The configuration file for dovect imap and pop3 server + +.SH FULL PATH +.B /etc/dovecot.conf + +.SH DESCRIPTION +The dovecot.conf file is a configuration file for the dovecot(8) imap and pop3 server. The dovecot.conf configuration file contains description to all available options. Some of these options are described also in offline wiki documentation placed in /usr/share/doc/dovecot*/wiki/. + +For backup purposes unmodified version of dovecot.conf can be found in /usr/share/doc/dovecot-/dovecot.conf.default + +.SH "SEE ALSO" +.BR dovecot(8), +.BR dovecotpw(1), +.BR /usr/share/doc/dovecot*/wiki/ +.BR /usr/share/doc/dovecot*/dovecot.conf.default diff --git a/dovecot.spec b/dovecot.spec index db0d03f..e565f78 100644 --- a/dovecot.spec +++ b/dovecot.spec @@ -1,8 +1,8 @@ Summary: Secure imap and pop3 server Name: dovecot Epoch: 1 -Version: 1.2.6 -Release: 5%{?dist} +Version: 1.2.7 +Release: 1%{?dist} #dovecot itself is MIT, a few sources are PD, (manage)sieve is LGPLv2, perfect_maildir.pl is GPLv2+ License: MIT and LGPLv2 and GPLv2+ Group: System Environment/Daemons @@ -15,7 +15,7 @@ Group: System Environment/Daemons %define build_sieve 1 %define build_managesieve 1 -%define ver4mansieve %{version} +%define ver4mansieve 1.2.6 %define sieve_version 0.1.13 %define sieve_name dovecot-1.2-sieve %define managesieve_version 0.11.9 @@ -40,9 +40,6 @@ Patch1: dovecot-1.1-default-settings.patch Patch2: dovecot-1.0.beta2-mkcert-permissions.patch Patch3: dovecot-1.0.rc7-mkcert-paths.patch -# taken from upstream, for dovecot <= 1.2.6 use imap_capability in greeting message, rhbz#524485 -Patch4: dovecot-1.2.6-greetings.patch - Buildroot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) BuildRequires: openssl-devel, pam-devel, zlib-devel, libcap-devel BuildRequires: libtool autoconf automake @@ -173,7 +170,6 @@ zcat %{SOURCE11} | patch -p1 --fuzz=0 -s %patch1 -p1 -b .default-settings %patch2 -p1 -b .mkcert-permissions %patch3 -p1 -b .mkcert-paths -%patch4 -p1 -b .greetings %if %{build_sieve} %setup -q -D -T -a 8 @@ -273,6 +269,7 @@ chmod 700 $RPM_BUILD_ROOT/var/run/dovecot/login # Install dovecot.conf and dovecot-openssl.cnf mkdir -p $RPM_BUILD_ROOT%{ssldir} install -p -m644 dovecot-example.conf $RPM_BUILD_ROOT%{_sysconfdir}/dovecot.conf +install -p -m644 dovecot-example.conf $RPM_BUILD_ROOT%{docdir}/dovecot.conf.default rm -f $RPM_BUILD_ROOT%{_sysconfdir}/dovecot-*example.conf # dovecot seems to install this by itself install -p -m644 doc/dovecot-openssl.cnf $RPM_BUILD_ROOT%{ssldir}/dovecot-openssl.cnf @@ -452,6 +449,10 @@ fi %changelog +* Fri Nov 13 2009 Michal Hlavinka - 1:1.2.7-1 +- updated to dovecot 1.2.7 +- add man pages + * Mon Nov 02 2009 Michal Hlavinka - 1:1.2.6-5 - spec cleanup diff --git a/dovecotpw.1 b/dovecotpw.1 new file mode 100644 index 0000000..9c7b8cc --- /dev/null +++ b/dovecotpw.1 @@ -0,0 +1,46 @@ +.\" Hey, EMACS: -*- nroff -*- +.TH "DOVECOTPW" "1" "6 November 2008" +.\" Please adjust this date whenever revising the manpage. +.\" +.SH NAME +dovecotpw \- a tool to easily generate passwords for a specified password scheme. +.SH SYNOPSIS +\fBdovecotpw\fP [\-l] [\-p ] [\-s ] [\-u ] [\-V] +.br +.SH DESCRIPTION +\fBdovecotpw\fP is a small tool to easily generate passwords for a +specified password scheme known by \fIdovecot\fR\|(1). A password scheme means +the format in which any password is stored in password databases. + +The main idea behind storing passwords in non-plaintext scheme is that +if an attacker gets access to your server, he can't easily just get +all users' passwords and start using them. With stronger schemes it +takes more time to crack the passwords. + +Currently, the password schemes supported by \fBdovecotpw\fP are: +CRYPT MD5 MD5-CRYPT SHA SHA1 SMD5 SSHA PLAIN CLEARTEXT CRAM-MD5 +HMAC-MD5 DIGEST-MD5 PLAIN-MD4 PLAIN-MD5 LDAP-MD5 LANMAN NTLM RPA. + +\fBdovecotpw\fP can be used to populate \fIdovecot\fR\|(1) password databases. +.SH OPTIONS +.TP +\fB-l\fP +List known password schemes. +.TP +\fB-p \fP +Use as the password to be encoded with the specified scheme. If this option is not used, you are prompted for one interactively. +.TP +\fB-s \fP +Specify the password scheme to be used to encrypt the password. must be one of the supported password scheme as listed here above. If you omit this option, the default scheme is used (HMAC-MD5). +.TP +\fB-u \fP +Specify the username. This can be needed by some schemes. +.TP +\fB-V\fP +Internally verify the generated hash. +.SH AUTHOR +.TP +dovecotpw was written by Timo Sirainen . +.PP +This manual page was written by Xavier Lüthi , +for the Debian project (but may be used by others). diff --git a/sources b/sources index 501e951..60c2bda 100644 --- a/sources +++ b/sources @@ -1,4 +1,4 @@ -807666f1a112e7379c4dbb57c9ce4899 dovecot-1.2.6.tar.gz +76e82536fc7010770acd9f969f845b79 dovecot-1.2.7.tar.gz 923d4965e0b357db493f3b2cb106d8d7 dovecot-1.2-managesieve-0.11.9.tar.gz -615d5d1ad843654384ca11cf523c2bbc dovecot-1.2.6-managesieve-0.11.9.diff.gz +027721d1325cc03b86ad613df01a94d7 dovecot-1.2.6-managesieve-0.11.9.diff.gz 6151ab50e24abc0384358b1618c8048f dovecot-1.2-sieve-0.1.13.tar.gz