rpms/dovecot
5
0
Fork 0
Code Issues Pull Requests Releases Activity

- update to upstream version 1.1.0

Browse Source 
- update sieve plugin to 1.1.5
- remove unnecessary patches
- enable ldap and gssapi plugins
- change ownership of dovecot.conf (Resolves: #452088)
This commit is contained in:
Dan Horák 2008-06-21 07:57:03 +00:00
parent 3312c431f5
commit 4b979e74cc
8 changed files with 64 additions and 1334 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
.cvsignore
View File

@ -1,4 +1,4 @@
dovecot-1.0.14.tar.gz
dovecot-1.0.14.tar.gz.sig
dovecot-sieve-1.0.3.tar.gz
dovecot-sieve-1.0.3.tar.gz.sig
dovecot-1.1.0.tar.gz
dovecot-1.1.0.tar.gz.sig
dovecot-sieve-1.1.5.tar.gz
dovecot-sieve-1.1.5.tar.gz.sig

536
dovecot-1.0.3-winbind.patch
View File

@ -1,536 +0,0 @@
diff -Nrbu dovecot-1.0.3/dovecot-example.conf dovecot-1.0.3-OK/dovecot-example.conf
--- dovecot-1.0.3/dovecot-example.conf 2007-09-10 18:32:06.000000000 +0400
+++ dovecot-1.0.3-OK/dovecot-example.conf 2007-09-10 17:52:37.000000000 +0400
@@ -745,6 +745,13 @@
# default (usually /etc/krb5.keytab) if not specified.
#auth_krb5_keytab =
+# Do NTLM authentication using Samba's winbind daemon and ntlm_auth helper.
+# <doc/wiki/Authentication/Mechanisms/Winbind.txt>
+#auth_ntlm_use_winbind = no
+
+# Path for Samba's ntlm_auth helper binary.
+#auth_winbind_helper_path = /usr/bin/ntlm_auth
+
auth default {
# Space separated list of wanted authentication mechanisms:
# plain login digest-md5 cram-md5 ntlm rpa apop anonymous gssapi
diff -Nrbu dovecot-1.0.3/src/auth/Makefile.am dovecot-1.0.3-OK/src/auth/Makefile.am
--- dovecot-1.0.3/src/auth/Makefile.am 2007-07-15 23:51:07.000000000 +0400
+++ dovecot-1.0.3-OK/src/auth/Makefile.am 2007-09-10 17:53:42.000000000 +0400
@@ -59,6 +59,7 @@
mech-gssapi.c \
mech-rpa.c \
mech-apop.c \
+ mech-winbind.c \
passdb.c \
passdb-blocking.c \
passdb-bsdauth.c \
diff -Nrbu dovecot-1.0.3/src/auth/Makefile.in dovecot-1.0.3-OK/src/auth/Makefile.in
--- dovecot-1.0.3/src/auth/Makefile.in 2007-07-23 09:24:08.000000000 +0400
+++ dovecot-1.0.3-OK/src/auth/Makefile.in 2007-09-10 17:49:06.000000000 +0400
@@ -78,6 +78,7 @@
mech.$(OBJEXT) mech-anonymous.$(OBJEXT) mech-plain.$(OBJEXT) \
mech-login.$(OBJEXT) mech-cram-md5.$(OBJEXT) \
mech-digest-md5.$(OBJEXT) mech-ntlm.$(OBJEXT) \
+ mech-winbind.$(OBJEXT) \
mech-gssapi.$(OBJEXT) mech-rpa.$(OBJEXT) mech-apop.$(OBJEXT) \
passdb.$(OBJEXT) passdb-blocking.$(OBJEXT) \
passdb-bsdauth.$(OBJEXT) passdb-cache.$(OBJEXT) \
@@ -326,6 +327,7 @@
mech-cram-md5.c \
mech-digest-md5.c \
mech-ntlm.c \
+ mech-winbind.c \
mech-gssapi.c \
mech-rpa.c \
mech-apop.c \
@@ -495,6 +497,7 @@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/mech-ntlm.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/mech-plain.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/mech-rpa.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/mech-winbind.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/mech.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/mycrypt.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/passdb-blocking.Po@am__quote@
diff -Nrbu dovecot-1.0.3/src/auth/mech-winbind.c dovecot-1.0.3-OK/src/auth/mech-winbind.c
--- dovecot-1.0.3/src/auth/mech-winbind.c 1970-01-01 03:00:00.000000000 +0300
+++ dovecot-1.0.3-OK/src/auth/mech-winbind.c 2007-09-10 18:31:35.000000000 +0400
@@ -0,0 +1,363 @@
+/*
+ * NTLM and Negotiate authentication mechanisms,
+ * using Samba winbind daemon
+ *
+ * Copyright (c) 2007 Dmitry Butskoy <dmitry@butskoy.name>
+ *
+ * This software is released under the MIT license.
+ */
+
+#include "common.h"
+#include "lib-signals.h"
+#include "mech.h"
+#include "str.h"
+#include "buffer.h"
+#include "safe-memset.h"
+#include "base64.h"
+#include "istream.h"
+#include "ostream.h"
+
+#include <stdlib.h>
+#include <unistd.h>
+#include <sys/wait.h>
+
+#define DEFAULT_WINBIND_HELPER_PATH "/usr/bin/ntlm_auth"
+
+enum helper_result {
+ HR_OK = 0, /* OK or continue */
+ HR_FAIL = -1, /* authentication failed */
+ HR_RESTART = -2 /* FAIL + try to restart helper */
+};
+
+struct winbind_helper {
+ const char *param;
+ pid_t pid;
+
+ struct istream *in_pipe;
+ struct ostream *out_pipe;
+};
+
+struct winbind_auth_request {
+ struct auth_request auth_request;
+
+ struct winbind_helper *winbind;
+ bool continued;
+};
+
+static struct winbind_helper winbind_ntlm_context = {
+ "--helper-protocol=squid-2.5-ntlmssp", -1, NULL, NULL
+};
+static struct winbind_helper winbind_spnego_context = {
+ "--helper-protocol=gss-spnego", -1, NULL, NULL
+};
+
+static bool sigchld_handler_set = FALSE;
+
+static void winbind_helper_disconnect(struct winbind_helper *winbind)
+{
+ if (winbind->in_pipe != NULL)
+ i_stream_destroy(&winbind->in_pipe);
+ if (winbind->out_pipe != NULL)
+ o_stream_destroy(&winbind->out_pipe);
+}
+
+static void winbind_wait_pid(struct winbind_helper *winbind)
+{
+ int status, ret;
+
+ if (winbind->pid == -1)
+ return;
+
+ if ((ret = waitpid(winbind->pid, &status, WNOHANG)) <= 0) {
+ if (ret < 0 && errno != ECHILD && errno != EINTR)
+ i_error("waitpid() failed: %m");
+ return;
+ }
+
+ if (WIFSIGNALED(status)) {
+ i_error("winbind: ntlm_auth died with signal %d",
+ WTERMSIG(status));
+ } else if (WIFEXITED(status)) {
+ i_error("winbind: ntlm_auth exited with exit code %d",
+ WEXITSTATUS(status));
+ } else {
+ /* shouldn't happen */
+ i_error("winbind: ntlm_auth exited with status %d",
+ status);
+ }
+ winbind->pid = -1;
+}
+
+static void sigchld_handler(int signo __attr_unused__,
+ void *context __attr_unused__)
+{
+ winbind_wait_pid(&winbind_ntlm_context);
+ winbind_wait_pid(&winbind_spnego_context);
+}
+
+static void winbind_helper_connect(struct winbind_helper *winbind)
+{
+ int infd[2], outfd[2];
+ pid_t pid;
+
+ if (winbind->in_pipe != NULL || winbind->pid != -1)
+ return;
+
+ if (pipe(infd) < 0) {
+ i_error("pipe() failed: %m");
+ return;
+ }
+ if (pipe(outfd) < 0) {
+ (void)close(infd[0]); (void)close(infd[1]);
+ return;
+ }
+
+ pid = fork ();
+ if (pid < 0) {
+ i_error("fork() failed: %m");
+ (void)close(infd[0]); (void)close(infd[1]);
+ (void)close(outfd[0]); (void)close(outfd[1]);
+ return;
+ }
+
+ if (pid == 0) { /* child */
+ /* child */
+ const char *helper_path, *args[3];
+
+ (void)close(infd[0]);
+ (void)close(outfd[1]);
+
+ if (dup2(outfd[0], STDIN_FILENO) < 0 ||
+ dup2(infd[1], STDOUT_FILENO) < 0)
+ i_fatal("dup2() failed: %m");
+
+ helper_path = getenv("WINBIND_HELPER_PATH");
+ if (helper_path == NULL)
+ helper_path = DEFAULT_WINBIND_HELPER_PATH;
+
+ args[0] = helper_path;
+ args[1] = winbind->param;
+ args[2] = NULL;
+ execv(args[0], (void *)args);
+ i_fatal("execv(%s) failed: %m", args[0]);
+ }
+
+ /* parent */
+ (void)close(infd[1]);
+ (void)close(outfd[0]);
+
+ winbind->pid = pid;
+ winbind->in_pipe =
+ i_stream_create_file(infd[0], default_pool,
+ AUTH_CLIENT_MAX_LINE_LENGTH, FALSE);
+ winbind->out_pipe =
+ o_stream_create_file(outfd[1], default_pool,
+ (size_t)-1, FALSE);
+
+ if (!sigchld_handler_set) {
+ sigchld_handler_set = TRUE;
+ lib_signals_set_handler(SIGCHLD, TRUE, sigchld_handler, NULL);
+ }
+}
+
+static enum helper_result
+do_auth_continue(struct auth_request *auth_request,
+ const unsigned char *data, size_t data_size)
+ {
+ struct winbind_auth_request *request =
+ (struct winbind_auth_request *)auth_request;
+ struct istream *in_pipe = request->winbind->in_pipe;
+ string_t *str;
+ char *answer;
+ const char **token;
+ bool gss_spnego = request->winbind == &winbind_spnego_context;
+
+ if (request->winbind->in_pipe == NULL)
+ return HR_RESTART;
+
+ str = t_str_new(MAX_BASE64_ENCODED_SIZE(data_size + 1) + 4);
+ str_printfa(str, "%s ", request->continued ? "KK" : "YR");
+ base64_encode(data, data_size, str);
+ str_append_c(str, '\n');
+
+ if (o_stream_send_str(request->winbind->out_pipe, str_c(str)) < 0 ||
+ o_stream_flush(request->winbind->out_pipe) < 0) {
+ auth_request_log_error(auth_request, "winbind",
+ "write(out_pipe) failed: %m");
+ return HR_RESTART;
+ }
+ request->continued = FALSE;
+
+ while ((answer = i_stream_read_next_line(in_pipe)) == NULL) {
+ if (in_pipe->stream_errno != 0)
+ break;
+ }
+ if (answer == NULL) {
+ auth_request_log_error(auth_request, "winbind",
+ "read(in_pipe) failed: %m");
+ return HR_RESTART;
+ }
+
+ token = t_strsplit_spaces(answer, " ");
+ if (!token || token[0] == NULL ||
+ (token[1] == NULL && strcmp(token[0], "BH") != 0) ||
+ (gss_spnego && token[2] == NULL)) {
+ auth_request_log_error(auth_request, "winbind",
+ "Invalid input from helper: %s", answer); return HR_RESTART;
+ }
+
+ /*
+ * NTLM:
+ * The child's reply contains 2 parts:
+ * - The code: TT, AF or NA
+ * - The argument:
+ * For TT it's the blob to send to the client, coded in base64
+ * For AF it's user or DOMAIN\user
+ * For NA it's the NT error code
+ *
+ * GSS-SPNEGO:
+ * The child's reply contains 3 parts:
+ * - The code: TT, AF or NA
+ * - The blob to send to the client, coded in base64
+ * - The argument:
+ * For TT it's a dummy '*'
+ * For AF it's DOMAIN\user
+ * For NA it's the NT error code
+ */
+
+ if (!strcmp (token[0], "TT")) {
+ buffer_t *buf;
+ size_t len = strlen (token[1]);
+
+ buf = buffer_create_dynamic (pool_datastack_create(),
+ MAX_BASE64_DECODED_SIZE (len));
+ base64_decode (token[1], len, NULL, buf);
+
+ auth_request->callback (auth_request,
+ AUTH_CLIENT_RESULT_CONTINUE,
+ buf->data, buf->used);
+ request->continued = TRUE;
+ return HR_OK;
+ }
+ else if (!strcmp (token[0], "NA")) {
+ const char *error = gss_spnego ? token[2] : token[1];
+
+ auth_request_log_info (auth_request, "winbind",
+ "user not authenticated: %s", error);
+
+ return HR_FAIL;
+ }
+ else if (!strcmp (token[0], "AF")) {
+ const char *user, *p, *error;
+
+ user = gss_spnego ? token[2] : token[1];
+
+ p = strchr (user, '\\');
+ if (p) {
+ /* change "DOMAIN\user" to uniform style "user@DOMAIN" */
+ user = t_strconcat (p+1, "@", t_strdup_until (user, p), NULL);
+ }
+
+ if (!auth_request_set_username (auth_request, user, &error)) {
+ auth_request_log_info (auth_request, "winbind", "%s", error);
+
+ return HR_FAIL;
+ }
+
+ if (gss_spnego && strcmp (token[1], "*") != 0) {
+ buffer_t *buf;
+ size_t len = strlen (token[1]);
+
+ buf = buffer_create_dynamic (pool_datastack_create(),
+ MAX_BASE64_DECODED_SIZE (len));
+ base64_decode (token[1], len, NULL, buf);
+
+ auth_request_success (&request->auth_request,
+ buf->data, buf->used);
+ } else
+ auth_request_success (&request->auth_request, NULL, 0);
+
+ return HR_OK;
+ }
+ else if (!strcmp (token[0], "BH")) {
+ auth_request_log_info (auth_request, "winbind",
+ "ntlm_auth reports broken helper: %s",
+ token[1] ? token[1] : "");
+ return HR_RESTART;
+ }
+ else {
+ auth_request_log_info (auth_request, "winbind",
+ "Invalid input from helper: %s", answer);
+ return HR_RESTART;
+ }
+
+}
+
+static void
+mech_winbind_auth_continue(struct auth_request *auth_request,
+ const unsigned char *data, size_t data_size)
+ {
+ struct winbind_auth_request *request =
+ (struct winbind_auth_request *)auth_request;
+ enum helper_result res;
+
+ res = do_auth_continue(auth_request, data, data_size);
+ if (res != HR_OK) {
+ if (res == HR_RESTART)
+ winbind_helper_disconnect(request->winbind);
+ auth_request_fail(auth_request);
+ }
+}
+
+static struct auth_request *do_auth_new(struct winbind_helper *winbind)
+{
+ struct winbind_auth_request *request;
+ pool_t pool;
+
+ pool = pool_alloconly_create("winbind_auth_request", 1024);
+ request = p_new(pool, struct winbind_auth_request, 1);
+ request->auth_request.pool = pool;
+
+ request->winbind = winbind;
+ winbind_helper_connect(request->winbind);
+ return &request->auth_request;
+}
+
+static struct auth_request *mech_winbind_ntlm_auth_new(void)
+{
+ return do_auth_new(&winbind_ntlm_context);
+}
+
+static struct auth_request *mech_winbind_spnego_auth_new(void)
+{
+ return do_auth_new(&winbind_spnego_context);
+}
+
+const struct mech_module mech_winbind_ntlm = {
+ "NTLM",
+
+ MEMBER(flags) MECH_SEC_DICTIONARY | MECH_SEC_ACTIVE,
+
+ MEMBER(passdb_need_plain) FALSE,
+ MEMBER(passdb_need_credentials) FALSE,
+
+ mech_winbind_ntlm_auth_new,
+ mech_generic_auth_initial,
+ mech_winbind_auth_continue,
+ mech_generic_auth_free
+};
+
+const struct mech_module mech_winbind_spnego = {
+ "GSS-SPNEGO",
+
+ MEMBER(flags) 0,
+
+ MEMBER(passdb_need_plain) FALSE,
+ MEMBER(passdb_need_credentials) FALSE,
+
+ mech_winbind_spnego_auth_new,
+ mech_generic_auth_initial,
+ mech_winbind_auth_continue,
+ mech_generic_auth_free
+};
+
diff -Nrbu dovecot-1.0.3/src/auth/mech.c dovecot-1.0.3-OK/src/auth/mech.c
--- dovecot-1.0.3/src/auth/mech.c 2007-05-19 15:14:04.000000000 +0400
+++ dovecot-1.0.3-OK/src/auth/mech.c 2007-09-10 17:49:06.000000000 +0400
@@ -73,6 +73,8 @@
#ifdef HAVE_GSSAPI
extern struct mech_module mech_gssapi;
#endif
+extern struct mech_module mech_winbind_ntlm;
+extern struct mech_module mech_winbind_spnego;
void mech_init(void)
{
@@ -81,12 +83,16 @@
mech_register_module(&mech_apop);
mech_register_module(&mech_cram_md5);
mech_register_module(&mech_digest_md5);
+ if (getenv("NTLM_USE_WINBIND") != NULL)
+ mech_register_module(&mech_winbind_ntlm);
+ else
mech_register_module(&mech_ntlm);
mech_register_module(&mech_rpa);
mech_register_module(&mech_anonymous);
#ifdef HAVE_GSSAPI
mech_register_module(&mech_gssapi);
#endif
+ mech_register_module(&mech_winbind_spnego);
}
void mech_deinit(void)
@@ -96,10 +102,14 @@
mech_unregister_module(&mech_apop);
mech_unregister_module(&mech_cram_md5);
mech_unregister_module(&mech_digest_md5);
+ if (getenv("NTLM_USE_WINBIND") != NULL)
+ mech_unregister_module(&mech_winbind_ntlm);
+ else
mech_unregister_module(&mech_ntlm);
mech_unregister_module(&mech_rpa);
mech_unregister_module(&mech_anonymous);
#ifdef HAVE_GSSAPI
mech_unregister_module(&mech_gssapi);
#endif
+ mech_unregister_module(&mech_winbind_spnego);
}
diff -Nrbu dovecot-1.0.3/src/master/auth-process.c dovecot-1.0.3-OK/src/master/auth-process.c
--- dovecot-1.0.3/src/master/auth-process.c 2007-07-15 23:51:07.000000000 +0400
+++ dovecot-1.0.3-OK/src/master/auth-process.c 2007-09-10 17:58:40.000000000 +0400
@@ -474,6 +474,8 @@
env_put("SSL_REQUIRE_CLIENT_CERT=1");
if (set->ssl_username_from_cert)
env_put("SSL_USERNAME_FROM_CERT=1");
+ if (set->ntlm_use_winbind)
+ env_put("NTLM_USE_WINBIND=1");
if (*set->krb5_keytab != '\0') {
/* Environment used by Kerberos 5 library directly */
env_put(t_strconcat("KRB5_KTNAME=", set->krb5_keytab, NULL));
@@ -482,6 +484,8 @@
env_put(t_strconcat("GSSAPI_HOSTNAME=",
set->gssapi_hostname, NULL));
}
+ env_put(t_strconcat("WINBIND_HELPER_PATH=",
+ set->winbind_helper_path, NULL));
restrict_process_size(set->process_size, (unsigned int)-1);
}
diff -Nrbu dovecot-1.0.3/src/master/master-settings.c dovecot-1.0.3-OK/src/master/master-settings.c
--- dovecot-1.0.3/src/master/master-settings.c 2007-09-10 18:32:06.000000000 +0400
+++ dovecot-1.0.3-OK/src/master/master-settings.c 2007-09-10 18:00:28.000000000 +0400
@@ -72,12 +72,14 @@
DEF(SET_STR, anonymous_username),
DEF(SET_STR, krb5_keytab),
DEF(SET_STR, gssapi_hostname),
+ DEF(SET_STR, winbind_helper_path),
DEF(SET_BOOL, verbose),
DEF(SET_BOOL, debug),
DEF(SET_BOOL, debug_passwords),
DEF(SET_BOOL, ssl_require_client_cert),
DEF(SET_BOOL, ssl_username_from_cert),
+ DEF(SET_BOOL, ntlm_use_winbind),
DEF(SET_INT, count),
DEF(SET_INT, worker_max_count),
@@ -291,12 +293,14 @@
MEMBER(anonymous_username) "anonymous",
MEMBER(krb5_keytab) "",
MEMBER(gssapi_hostname) "",
+ MEMBER(winbind_helper_path) "/usr/bin/ntlm_auth",
MEMBER(verbose) FALSE,
MEMBER(debug) FALSE,
MEMBER(debug_passwords) FALSE,
MEMBER(ssl_require_client_cert) FALSE,
MEMBER(ssl_username_from_cert) FALSE,
+ MEMBER(ntlm_use_winbind) FALSE,
MEMBER(count) 1,
MEMBER(worker_max_count) 30,
diff -Nrbu dovecot-1.0.3/src/master/master-settings.h dovecot-1.0.3-OK/src/master/master-settings.h
--- dovecot-1.0.3/src/master/master-settings.h 2007-07-15 23:51:07.000000000 +0400
+++ dovecot-1.0.3-OK/src/master/master-settings.h 2007-09-10 18:01:28.000000000 +0400
@@ -191,10 +191,12 @@
const char *anonymous_username;
const char *krb5_keytab;
const char *gssapi_hostname;
+ const char *winbind_helper_path;
bool verbose, debug, debug_passwords;
bool ssl_require_client_cert;
bool ssl_username_from_cert;
+ bool ntlm_use_winbind;
unsigned int count;
unsigned int worker_max_count;

107
dovecot-1.0.rc15-default-settings.patch
View File

@ -1,107 +0,0 @@
--- dovecot-1.0.rc15/src/master/master-settings.c.default-settings 2006-11-12 18:56:07.000000000 +0100
+++ dovecot-1.0.rc15/src/master/master-settings.c 2006-11-21 09:47:40.000000000 +0100
@@ -269,8 +269,8 @@
MEMBER(syslog_facility) "mail",
/* general */
- MEMBER(protocols) "imap imaps",
- MEMBER(listen) "*",
+ MEMBER(protocols) "imap imaps pop3 pop3s",
+ MEMBER(listen) "[::]",
MEMBER(ssl_listen) "",
MEMBER(ssl_disable) FALSE,
@@ -281,7 +281,7 @@
MEMBER(ssl_parameters_regenerate) 168,
MEMBER(ssl_cipher_list) "",
MEMBER(ssl_verify_client_cert) FALSE,
- MEMBER(disable_plaintext_auth) TRUE,
+ MEMBER(disable_plaintext_auth) FALSE,
MEMBER(verbose_ssl) FALSE,
MEMBER(shutdown_clients) TRUE,
MEMBER(nfs_check) TRUE,
@@ -337,7 +337,7 @@
MEMBER(maildir_stat_dirs) FALSE,
MEMBER(maildir_copy_with_hardlinks) FALSE,
MEMBER(mbox_read_locks) "fcntl",
- MEMBER(mbox_write_locks) "dotlock fcntl",
+ MEMBER(mbox_write_locks) "fcntl",
MEMBER(mbox_lock_timeout) 300,
MEMBER(mbox_dotlock_change_timeout) 120,
MEMBER(mbox_min_index_size) 0,
@@ -366,7 +366,7 @@
MEMBER(pop3_enable_last) FALSE,
MEMBER(pop3_reuse_xuidl) FALSE,
MEMBER(pop3_lock_session) FALSE,
- MEMBER(pop3_uidl_format) "",
+ MEMBER(pop3_uidl_format) "%08Xu%08Xv",
MEMBER(pop3_client_workarounds) "",
MEMBER(pop3_logout_format) "top=%t/%p, retr=%r/%b, del=%d/%m, size=%s",
--- dovecot-1.0.rc15/dovecot-example.conf.default-settings 2006-11-05 18:14:37.000000000 +0100
+++ dovecot-1.0.rc15/dovecot-example.conf 2006-11-21 09:49:06.000000000 +0100
@@ -7,17 +7,14 @@
# value inside quotes, eg.: key = "# char and trailing whitespace "
# Default values are shown for each setting, it's not required to uncomment
-# any of the lines. Exception to this are paths, they're just examples with
-# the real defaults being based on configure options. The paths listed here
-# are for configure --prefix=/usr --sysconfdir=/etc --localstatedir=/var
-# --with-ssldir=/etc/ssl
+# any of the lines.
# Base directory where to store runtime data.
#base_dir = /var/run/dovecot/
# Protocols we want to be serving: imap imaps pop3 pop3s
# If you only want to use dovecot-auth, you can set this to "none".
-#protocols = imap imaps
+#protocols = imap imaps pop3 pop3s
# IP or host address where to listen in for connections. It's not currently
# possible to specify multiple addresses. "*" listens in all IPv4 interfaces.
@@ -36,13 +33,13 @@
# listen = *:10100
# ..
# }
-#listen = *
+#listen = [::]
# Disable LOGIN command and all other plaintext authentications unless
# SSL/TLS is used (LOGINDISABLED capability). Note that if the remote IP
# matches the local IP (ie. you're connecting from the same computer), the
# connection is considered secure and plaintext authentication is allowed.
-#disable_plaintext_auth = yes
+#disable_plaintext_auth = no
# Should all IMAP and POP3 processes be killed when Dovecot master process
# shuts down. Setting this to "no" means that Dovecot can be upgraded without
@@ -87,8 +84,8 @@
# dropping root privileges, so keep the key file unreadable by anyone but
# root. Included doc/mkcert.sh can be used to easily generate self-signed
# certificate, just make sure to update the domains in dovecot-openssl.cnf
-#ssl_cert_file = /etc/ssl/certs/dovecot.pem
-#ssl_key_file = /etc/ssl/private/dovecot.pem
+#ssl_cert_file = /etc/pki/dovecot/certs/dovecot.pem
+#ssl_key_file = /etc/pki/dovecot/private/dovecot.pem
# If key file is password protected, give the password here. Alternatively
# give it when starting dovecot with -p parameter.
@@ -425,7 +422,7 @@
# locking methods as well. Some operating systems don't allow using some of
# them simultaneously.
#mbox_read_locks = fcntl
-#mbox_write_locks = dotlock fcntl
+#mbox_write_locks = fcntl
# Maximum time in seconds to wait for lock (all of them) before aborting.
#mbox_lock_timeout = 300
@@ -593,7 +590,7 @@
# installations. %08Xu%08Xv will be the new default, so use it for new
# installations.
#
- #pop3_uidl_format =
+ #pop3_uidl_format = %08Xu%08Xv
# POP3 logout format string:
# %t - number of TOP commands

41
dovecot-1.0.rc2-pam-setcred.patch
View File

@ -1,41 +0,0 @@
--- dovecot-1.0.rc2/src/auth/passdb-pam.c.pam-setcred 2006-07-13 11:59:00.000000000 +0200
+++ dovecot-1.0.rc2/src/auth/passdb-pam.c 2006-07-13 12:03:41.000000000 +0200
@@ -187,6 +187,30 @@
}
#ifdef HAVE_PAM_SETCRED
+#if 0
+/*
+ * This is to fix a bug where dovecot was leaving a lot of temporary
+ * kerberos tickets around and filling up disk space. If
+ * pam_setcred(pamh, PAM_ESTABLISH_CRED) is called, which creates the
+ * ticket, then a matching pam_setcred(pamh, PAM_DELETE_CRED) also
+ * needs to be called to clean the ticket up. But the only reason to
+ * have a cached ticket on disk is if the service is going to perform
+ * some action during the session that requires access to the ticket
+ * for validation. This implies the pam session is being held open,
+ * which would be more typical pam usage. But the usage here is to
+ * close the pam session immediately after authenticating the user
+ * with pam_end, thus there is no benefit to creating the disk copy of
+ * the ticket. So rather than finding all the early returns before
+ * pam_end is invoked and adding pam_setcred(pamh, PAM_DELETE_CRED) to
+ * each it is more sensible to not create the ticket in the first
+ * place if we're not going to use it and thus not have to worry about
+ * the clean up. Note the way the code is currently structured, with
+ * an immediate call to pam_end() after authentication it implies the
+ * code probably won't work with a file system like AFS which uses the
+ * ticket for file system permissions, but restructuring the code for
+ * this case is beyond the needs of fixing the aforementioned bug.
+ * John Dennis <jdennis@redhat.com>
+ */
if (module->pam_setcred) {
if ((status = pam_setcred(pamh, PAM_ESTABLISH_CRED)) !=
PAM_SUCCESS) {
@@ -196,6 +220,7 @@
}
}
#endif
+#endif
if ((status = pam_acct_mgmt(pamh, 0)) != PAM_SUCCESS) {
*error = t_strdup_printf("pam_acct_mgmt() failed: %s",

263
dovecot-1.0.rc27-quota-warning.patch
View File

@ -1,263 +0,0 @@
http://dovecot.org/list/dovecot/2007-April/021429.html
diff -ru dovecot-1.0.rc27.orig/src/plugins/quota/quota-plugin.c dovecot-1.0.rc27/src/plugins/quota/quota-plugin.c
--- dovecot-1.0.rc27.orig/src/plugins/quota/quota-plugin.c 2007-03-06 17:34:47.000000000 +0100
+++ dovecot-1.0.rc27/src/plugins/quota/quota-plugin.c 2007-03-31 22:18:55.000000000 +0200
@@ -21,9 +21,24 @@
env = getenv("QUOTA");
if (env != NULL) {
+ struct quota_setup *setup;
+ const char *name;
+ unsigned int i;
quota_set = quota_init();
/* Currently we support only one quota setup */
- (void)quota_setup_init(quota_set, env, TRUE);
+ setup = quota_setup_init(quota_set, env, TRUE);
+
+ name = "QUOTA_WARNING";
+ env = getenv(name);
+ i = 1;
+ t_push();
+ while (env != NULL) {
+ (void)quota_warning_init(setup, env);
+
+ name = t_strdup_printf("QUOTA_WARNING%u", ++i);
+ env = getenv(name);
+ }
+ t_pop();
quota_next_hook_mail_storage_created =
hook_mail_storage_created;
diff -ru dovecot-1.0.rc27.orig/src/plugins/quota/quota-private.h dovecot-1.0.rc27/src/plugins/quota/quota-private.h
--- dovecot-1.0.rc27.orig/src/plugins/quota/quota-private.h 2007-03-12 21:34:50.000000000 +0100
+++ dovecot-1.0.rc27/src/plugins/quota/quota-private.h 2007-03-17 00:06:23.000000000 +0100
@@ -22,6 +22,9 @@
/* List of quota roots. It's array because there shouldn't be many. */
array_t ARRAY_DEFINE(roots, struct quota_root *);
+ /* List of quota warnings. There should probably be few. */
+ array_t ARRAY_DEFINE(warnings, struct quota_warning *);
+
unsigned int user_root:1;
};
@@ -86,6 +89,21 @@
unsigned int idx;
};
+enum quota_warning_limit_kind {
+ QUOTA_WARNING_NO_LIMIT,
+ QUOTA_WARNING_PERCENT_LIMIT,
+ QUOTA_WARNING_ABSOLUTE_LIMIT
+};
+
+struct quota_warning {
+ struct quota_setup *setup;
+ uint64_t storage_limit;
+ unsigned int count_limit;
+ enum quota_warning_limit_kind storage_limit_kind:2;
+ enum quota_warning_limit_kind count_limit_kind:2;
+ char *command;
+};
+
struct quota_transaction_context {
array_t ARRAY_DEFINE(root_transactions,
struct quota_root_transaction_context *);
diff -ru dovecot-1.0.rc27.orig/src/plugins/quota/quota.c dovecot-1.0.rc27/src/plugins/quota/quota.c
--- dovecot-1.0.rc27.orig/src/plugins/quota/quota.c 2007-03-06 17:34:47.000000000 +0100
+++ dovecot-1.0.rc27/src/plugins/quota/quota.c 2007-03-31 22:35:22.000000000 +0200
@@ -6,6 +6,8 @@
#include "quota-private.h"
#include "quota-fs.h"
+#include <stdlib.h>
+
unsigned int quota_module_id = 0;
extern struct quota_backend quota_backend_dict;
@@ -59,6 +61,7 @@
setup->data = i_strdup(data);
setup->user_root = user_root;
ARRAY_CREATE(&setup->roots, default_pool, struct quota_root *, 4);
+ ARRAY_CREATE(&setup->warnings, default_pool, struct quota_warning *, 4);
t_push();
p = strchr(setup->data, ':');
@@ -107,6 +110,16 @@
}
array_free(&setup->roots);
+
+ while (array_count(&setup->warnings) > 0) {
+ struct quota_warning *const *warning;
+
+ warning = array_idx(&setup->warnings, 0);
+ quota_warning_deinit(*warning);
+ }
+
+ array_free(&setup->warnings);
+
i_free(setup->data);
i_free(setup);
}
@@ -157,6 +170,82 @@
array_free(&module_contexts);
}
+struct quota_warning *
+quota_warning_init(struct quota_setup *setup, const char *data)
+{
+ const char *p;
+ char *q;
+ const char *const *args;
+ unsigned long long val;
+ struct quota_warning *warning;
+
+ warning = i_new(struct quota_warning, 1);
+ warning->setup = setup;
+
+ p = strchr(data, ' ');
+ if (p == NULL)
+ i_fatal("quota warning: No command specified: %s", data);
+ warning->command = i_strdup(p+1);
+
+ t_push();
+
+ args = t_strsplit(t_strdup_until(data, p), ":");
+ for (; *args != '\0'; args++) {
+ if (strncmp(*args, "storage=", 8) == 0) {
+ val = strtoull(*args + 8, &q, 10);
+ if (q && (strcmp(q, "%") == 0)) {
+ warning->storage_limit = val;
+ warning->storage_limit_kind =
+ QUOTA_WARNING_PERCENT_LIMIT;
+ } else if (q && (strcmp(q, "k") == 0)) {
+ warning->storage_limit = val * 1024;
+ warning->storage_limit_kind =
+ QUOTA_WARNING_ABSOLUTE_LIMIT;
+ } else
+ i_error("quota warning: Malformed setting: %s", *args);
+ } else if (strncmp(*args, "messages=", 9) == 0) {
+ val = strtoull(*args + 8, &q, 10);
+ if (q && (strcmp(q, "%") == 0)) {
+ warning->count_limit = val;
+ warning->count_limit_kind =
+ QUOTA_WARNING_PERCENT_LIMIT;
+ } else if (q && (strcmp(q, "") == 0)) {
+ warning->count_limit = val;
+ warning->count_limit_kind =
+ QUOTA_WARNING_ABSOLUTE_LIMIT;
+ } else
+ i_error("quota warning: Malformed setting: %s", *args);
+ } else {
+ i_error("quota warning: Unknown setting: %s", *args);
+ }
+ }
+
+ t_pop();
+
+ array_append(&setup->warnings, &warning, 1);
+
+ return warning;
+}
+
+void quota_warning_deinit(struct quota_warning *warning)
+{
+ struct quota_warning *const *warnings;
+ unsigned int i, count;
+
+ /* remove from setup */
+ warnings = array_get(&warning->setup->warnings, &count);
+ for (i = 0; i < count; i++) {
+ if (warnings[i] == warning) {
+ array_delete(&warning->setup->warnings, i, 1);
+ break;
+ }
+ }
+ i_assert(i != count);
+
+ i_free(warning->command);
+ i_free(warning);
+}
+
void quota_add_user_storage(struct quota *quota, struct mail_storage *storage)
{
struct quota_setup *const *setups;
@@ -388,15 +477,62 @@
i_free(ctx);
}
+#define CHECK_PERCENT(val, cur, diff, limit) \
+ (100 * ((limit) - (cur) - (diff)) > (val) * (limit))
+#define CHECK_ABSOLUTE(val, cur, diff, limit) \
+ ((limit) - (cur) - (diff) > (val))
+
+#define CHECK2_PERCENT(val, cur, diff, size, limit) \
+ (CHECK_PERCENT(val, cur, diff, limit) \
+ && !CHECK_PERCENT(val, cur, (diff)+(size), limit))
+#define CHECK2_ABSOLUTE(val, cur, diff, size, limit) \
+ (CHECK_ABSOLUTE(val, cur, diff, limit) \
+ && !CHECK_ABSOLUTE(val, cur, (diff)+(size), limit))
+
+#define CHECK(kind, val, cur, diff, size, limit) \
+ ((((kind) == QUOTA_WARNING_PERCENT_LIMIT) \
+ && (CHECK2_PERCENT(val, cur, diff, size, limit))) \
+ || (((kind) == QUOTA_WARNING_ABSOLUTE_LIMIT) \
+ && (CHECK2_ABSOLUTE(val, cur, diff, size, limit))))
+
int quota_default_try_alloc_bytes(struct quota_root_transaction_context *ctx,
uoff_t size, bool *too_large_r)
{
+ struct quota_warning *const * warnings;
+ unsigned int i, count;
int ret;
ret = quota_default_test_alloc_bytes(ctx, size, too_large_r);
if (ret <= 0 || ctx->disabled)
return ret;
+ warnings = array_get(&ctx->root->setup->warnings, &count);
+
+ for (i = 0; i < count; i++) {
+ struct quota_warning *warning = warnings[i];
+ bool run_command = FALSE;
+
+ if (CHECK(warning->storage_limit_kind,
+ warning->storage_limit,
+ ctx->bytes_current,
+ ctx->bytes_diff,
+ size,
+ ctx->bytes_limit))
+ run_command = TRUE;
+
+ if (CHECK(warning->count_limit_kind,
+ warning->count_limit,
+ ctx->count_current,
+ ctx->count_diff,
+ 1,
+ ctx->count_limit))
+ run_command = TRUE;
+
+ if (run_command)
+ system(warning->command);
+
+ }
+
ctx->count_diff++;
ctx->bytes_diff += size;
return 1;
diff -ru dovecot-1.0.rc27.orig/src/plugins/quota/quota.h dovecot-1.0.rc27/src/plugins/quota/quota.h
--- dovecot-1.0.rc27.orig/src/plugins/quota/quota.h 2007-03-06 17:34:47.000000000 +0100
+++ dovecot-1.0.rc27/src/plugins/quota/quota.h 2007-03-16 23:21:33.000000000 +0100
@@ -31,6 +31,10 @@
quota_root_init(struct quota_setup *setup, const char *name);
void quota_root_deinit(struct quota_root *root);
+struct quota_warning *
+quota_warning_init(struct quota_setup *setup, const char *data);
+void quota_warning_deinit(struct quota_warning *warning);
+
/* List all quota roots. Returned quota roots are freed by quota_deinit(). */
struct quota_root_iter *quota_root_iter_init(struct mailbox *box);
struct quota_root *quota_root_iter_next(struct quota_root_iter *iter);

311
dovecot-1.0.rc32-split.patch
View File

@ -1,311 +0,0 @@
--- dovecot-1.0.rc32/src/dict/main.c.split 2007-02-22 15:32:11.000000000 +0100
+++ dovecot-1.0.rc32/src/dict/main.c 2007-04-13 13:56:55.000000000 +0200
@@ -22,6 +22,7 @@
static struct io *log_io;
static struct module *modules;
+static struct module *sql_modules;
static struct dict_server *dict_server;
static void sig_die(int signo, void *context __attr_unused__)
@@ -50,6 +51,8 @@
/* Load built-in SQL drivers (if any) */
sql_drivers_init();
sql_drivers_register_all();
+ sql_modules = sql_drivers_modules_load();
+ module_dir_init(sql_modules);
restrict_access_by_env(FALSE);
}
@@ -100,6 +103,7 @@
dict_sql_unregister();
dict_client_unregister();
+ module_dir_unload(&sql_modules);
sql_drivers_deinit();
random_deinit();
lib_signals_deinit();
--- dovecot-1.0.rc32/src/lib-sql/Makefile.am.split 2007-02-22 22:09:16.000000000 +0100
+++ dovecot-1.0.rc32/src/lib-sql/Makefile.am 2007-04-13 15:11:18.000000000 +0200
@@ -1,21 +1,66 @@
noinst_LIBRARIES = libsql.a
+if DYNAMIC_SQL
+if BUILD_MYSQL
+MYSQL_LIB=libdriver_mysql.la
+endif
+if BUILD_PGSQL
+PGSQL_LIB=libdriver_pgsql.la
+endif
+if BUILD_SQLITE
+SQLITE_LIB=libdriver_sqlite.la
+endif
+
+sql_module_LTLIBRARIES = \
+ $(MYSQL_LIB) \
+ $(PGSQL_LIB) \
+ $(SQLITE_LIB)
+
+sql_moduledir = $(moduledir)/sql
+endif
+
sql_drivers = @sql_drivers@
AM_CPPFLAGS = \
-I$(top_srcdir)/src/lib \
+ -DMODULEDIR=\""$(moduledir)"\" \
$(SQL_CFLAGS)
dist_sources = \
+ sql-api.c
+
+if ! DYNAMIC_SQL
+driver_sources = \
driver-mysql.c \
driver-pgsql.c \
- driver-sqlite.c \
- sql-api.c
+ driver-sqlite.c
+endif
libsql_a_SOURCES = \
$(dist_sources) \
+ $(driver_sources) \
sql-drivers-register.c
+if DYNAMIC_SQL
+libdriver_mysql_la_LDFLAGS = -module -avoid-version
+libdriver_mysql_la_LIBADD = $(MYSQL_LIBS)
+libdriver_mysql_la_CPPFLAGS = -I$(top_srcdir)/src/lib $(MYSQL_CFLAGS)
+libdriver_mysql_la_SOURCES = \
+ driver-mysql.c
+
+libdriver_pgsql_la_LDFLAGS = -module -avoid-version
+libdriver_pgsql_la_LIBADD = $(PGSQL_LIBS)
+libdriver_pgsql_la_CPPFLAGS = -I$(top_srcdir)/src/lib $(PGSQL_CFLAGS)
+libdriver_pgsql_la_SOURCES = \
+ driver-pgsql.c
+
+libdriver_sqlite_la_LDFLAGS = -module -avoid-version
+libdriver_sqlite_la_LIBADD = $(SQLITE_LIBS)
+libdriver_sqlite_la_CPPFLAGS = -I$(top_srcdir)/src/lib $(SQLITE_CFLAGS)
+libdriver_sqlite_la_SOURCES = \
+ driver-sqlite.c
+endif
+
headers = \
sql-api.h \
sql-api-private.h
@@ -32,17 +77,21 @@
echo '/* this file automatically generated by Makefile */' >$@
echo '#include "lib.h"' >>$@
echo '#include "sql-api.h"' >>$@
+if ! DYNAMIC_SQL
for i in $(sql_drivers) null; do \
if [ "$${i}" != "null" ]; then \
echo "extern struct sql_db driver_$${i}_db;" >>$@ ; \
fi \
done
+endif
echo 'void sql_drivers_register_all(void) {' >>$@
+if ! DYNAMIC_SQL
for i in $(sql_drivers) null; do \
if [ "$${i}" != "null" ]; then \
echo "sql_driver_register(&driver_$${i}_db);" >>$@ ; \
fi \
done
+endif
echo '}' >>$@
DISTFILES = $(DIST_COMMON) $(dist_sources) $(HEADERS) $(TEXINFOS) $(EXTRA_DIST)
--- dovecot-1.0.rc32/src/lib-sql/sql-api.h.split 2006-07-01 19:23:52.000000000 +0200
+++ dovecot-1.0.rc32/src/lib-sql/sql-api.h 2007-04-13 13:56:55.000000000 +0200
@@ -20,6 +20,8 @@
/* register all built-in SQL drivers */
void sql_drivers_register_all(void);
+struct module;
+struct module *sql_drivers_modules_load(void);
void sql_driver_register(const struct sql_db *driver);
void sql_driver_unregister(const struct sql_db *driver);
--- dovecot-1.0.rc32/src/lib-sql/sql-api.c.split 2006-07-01 19:23:52.000000000 +0200
+++ dovecot-1.0.rc32/src/lib-sql/sql-api.c 2007-04-13 13:56:55.000000000 +0200
@@ -2,6 +2,7 @@
#include "lib.h"
#include "array.h"
+#include "module-dir.h"
#include "sql-api-private.h"
array_t ARRAY_DEFINE(sql_drivers, const struct sql_db *);
@@ -16,6 +17,12 @@
array_free(&sql_drivers);
}
+struct module *sql_drivers_modules_load(void)
+{
+ return module_dir_load(MODULEDIR"/sql",
+ NULL, TRUE, PACKAGE_VERSION);
+}
+
void sql_driver_register(const struct sql_db *driver)
{
array_append(&sql_drivers, &driver, 1);
--- dovecot-1.0.rc32/src/auth/main.c.split 2007-03-15 16:48:13.000000000 +0100
+++ dovecot-1.0.rc32/src/auth/main.c 2007-04-13 13:56:55.000000000 +0200
@@ -10,6 +10,7 @@
#include "sql-api.h"
#include "randgen.h"
#include "password-scheme.h"
+#include "module-dir.h"
#include "mech.h"
#include "auth.h"
#include "auth-request-handler.h"
@@ -35,6 +36,8 @@
static struct auth *auth;
static struct auth_worker_client *worker_client;
+static struct module *sql_modules;
+
static void sig_die(int signo, void *context __attr_unused__)
{
/* warn about being killed because of some signal, except SIGINT (^C)
@@ -189,6 +192,8 @@
/* Load built-in SQL drivers (if any) */
sql_drivers_init();
sql_drivers_register_all();
+ sql_modules = sql_drivers_modules_load();
+ module_dir_init(sql_modules);
/* Initialize databases so their configuration files can be readable
only by root. Also load all modules here. */
@@ -287,6 +292,7 @@
mech_deinit();
password_schemes_deinit();
+ module_dir_unload(&sql_modules);
sql_drivers_deinit();
random_deinit();
--- dovecot-1.0.rc32/configure.in.split 2007-04-12 19:16:36.000000000 +0200
+++ dovecot-1.0.rc32/configure.in 2007-04-13 13:56:55.000000000 +0200
@@ -225,6 +225,15 @@
fi,
want_sqlite=no)
+AC_ARG_WITH(dynamic-sql,
+[ --with-dynamic-sql Build SQL modules as shared libs],
+ if test x$withval = xno; then
+ want_dynamic_sql=no
+ else
+ want_dynamic_sql=yes
+ fi,
+ want_dynamic_sql=no)
+
AC_ARG_WITH(ssl,
[ --with-ssl=[gnutls|openssl] Build with GNUTLS or OpenSSL (default)],
if test x$withval = xno; then
@@ -1559,12 +1568,12 @@
fi
AC_CHECK_HEADER(libpq-fe.h, [
if test "$PGSQL_INCLUDE" != ""; then
- SQL_CFLAGS="$SQL_CFLAGS -I$PGSQL_INCLUDE"
+ PGSQL_CFLAGS="$PGSQL_CFLAGS -I$PGSQL_INCLUDE"
fi
if test "$PGSQL_LIBDIR" != ""; then
- SQL_LIBS="$SQL_LIBS -L$PGSQL_LIBDIR"
+ PGSQL_LIBS="$PGSQL_LIBS -L$PGSQL_LIBDIR"
fi
- SQL_LIBS="$SQL_LIBS -lpq"
+ PGSQL_LIBS="$PGSQL_LIBS -lpq"
AC_DEFINE(HAVE_PGSQL,, Build with PostgreSQL support)
found_sql_drivers="$found_sql_drivers pgsql"
@@ -1610,12 +1619,12 @@
fi
AC_CHECK_HEADER(mysql.h, [
if test "$MYSQL_INCLUDE" != ""; then
- SQL_CFLAGS="$SQL_CFLAGS -I$MYSQL_INCLUDE"
+ MYSQL_CFLAGS="$MYSQL_CFLAGS -I$MYSQL_INCLUDE"
fi
if test "$MYSQL_LIBDIR" != ""; then
- SQL_LIBS="$SQL_LIBS -L$MYSQL_LIBDIR"
+ MYSQL_LIBS="$MYSQL_LIBS -L$MYSQL_LIBDIR"
fi
- SQL_LIBS="$SQL_LIBS $mysql_lib"
+ MYSQL_LIBS="$MYSQL_LIBS $mysql_lib"
AC_CHECK_LIB(mysqlclient, mysql_ssl_set, [
AC_DEFINE(HAVE_MYSQL_SSL,, Define if your MySQL library has SSL functions)
@@ -1646,13 +1655,18 @@
if test $want_sqlite = yes; then
AC_CHECK_LIB(sqlite3, sqlite3_open, [
AC_CHECK_HEADER(sqlite3.h, [
- SQL_LIBS="$SQL_LIBS -lsqlite3 -lz"
+ SQLITE_LIBS="$SQLITE_LIBS -lsqlite3 -lz"
AC_DEFINE(HAVE_SQLITE,, Build with SQLite3 support)
found_sql_drivers="$found_sql_drivers sqlite"
])
])
fi
+
+SQL_CFLAGS="$MYSQL_CFLAGS $PGSQL_CFLAGS $SQLITE_CFLAGS"
+if test "$want_dynamic_sql" = "no"; then
+ SQL_LIBS="$MYSQL_LIBS $PGSQL_LIBS $SQLITE_LIBS"
+fi
if test "$found_sql_drivers" != "" -o "$want_sql" = "yes"; then
if test "$all_sql_drivers" = "yes"; then
@@ -1716,6 +1730,12 @@
AC_SUBST(AUTH_LIBS)
AC_SUBST(SQL_CFLAGS)
AC_SUBST(SQL_LIBS)
+AC_SUBST(MYSQL_CFLAGS)
+AC_SUBST(MYSQL_LIBS)
+AC_SUBST(PGSQL_CFLAGS)
+AC_SUBST(PGSQL_LIBS)
+AC_SUBST(SQLITE_CFLAGS)
+AC_SUBST(SQLITE_LIBS)
dnl **
dnl ** Index file compatibility flags
@@ -1783,17 +1803,27 @@
dnl ** SQL drivers
dnl **
+build_pgsql=no
+build_mysql=no
+build_sqlite=no
for driver in $sql_drivers; do
if test "$driver" = "pgsql"; then
AC_DEFINE(BUILD_PGSQL,, Built-in PostgreSQL support)
+ build_pgsql=yes
elif test "$driver" = "mysql"; then
AC_DEFINE(BUILD_MYSQL,, Built-in MySQL support)
+ build_mysql=yes
elif test "$driver" = "sqlite"; then
AC_DEFINE(BUILD_SQLITE,, Built-in SQLite support)
+ build_sqlite=yes
fi
done
AC_SUBST(sql_drivers)
+AM_CONDITIONAL(BUILD_PGSQL, test "$build_pgsql" = "yes")
+AM_CONDITIONAL(BUILD_MYSQL, test "$build_mysql" = "yes")
+AM_CONDITIONAL(BUILD_SQLITE, test "$build_sqlite" = "yes")
+AM_CONDITIONAL(DYNAMIC_SQL, test "$want_dynamic_sql" = "yes")
dnl **
dnl ** Plugins
@@ -1873,4 +1903,8 @@
echo "Building with GSSAPI support ........ : $have_gssapi"
echo "Building with user database modules . :$userdb"
echo "Building with password lookup modules :$passdb"
-echo "Building with SQL drivers ............:$sql_drivers"
+if test "$want_dynamic_sql" = "yes"; then
+ echo "Building with SQL drivers ............:$sql_drivers (dynamic)"
+else
+ echo "Building with SQL drivers ............:$sql_drivers"
+fi

124
dovecot.spec
View File

@ -1,8 +1,8 @@
Summary: Dovecot Secure imap server
Name: dovecot
Epoch: 1
Version: 1.0.14
Release: 4%{?dist}
Version: 1.1.0
Release: 1%{?dist}
License: MIT and LGPLv2 and BSD with advertising
Group: System Environment/Daemons
@ -13,11 +13,11 @@ Group: System Environment/Daemons
%define build_gssapi 1
%define build_sieve 1
%define sieve_version 1.0.3
%define sieve_version 1.1.5
%define sieve_name dovecot-sieve
URL: http://www.dovecot.org/
Source: http://www.dovecot.org/releases/1.0/%{name}-%{version}.tar.gz
Source: http://www.dovecot.org/releases/1.1/%{name}-%{version}.tar.gz
Source1: dovecot.init
Source2: dovecot.pam
Source3: maildir-migration.txt
@ -26,18 +26,10 @@ Source5: migrate-users
Source6: perfect_maildir.pl
Source7: dovecot-REDHAT-FAQ.txt
Source8: http://dovecot.org/releases/sieve/%{sieve_name}-%{sieve_version}.tar.gz
Patch100: dovecot-1.0.rc15-default-settings.patch
Patch103: dovecot-1.0.beta2-mkcert-permissions.patch
Patch1: dovecot-1.1-default-settings.patch
Patch2: dovecot-1.0.beta2-mkcert-permissions.patch
# local filesystem rules
Patch105: dovecot-1.0.rc7-mkcert-paths.patch
# http://dovecot.org/list/dovecot/2007-April/021429.html
# will be replaced by a new quota mechanism in 1.1
Patch106: dovecot-1.0.rc27-quota-warning.patch
# RHBZ #145241
Patch200: dovecot-1.0.rc32-split.patch
# Patches 500+ from upstream fixes
Patch1000: http://www.dovecot.org/patches/1.0/dovecot-1.0.3-winbind.patch
Patch3: dovecot-1.0.rc7-mkcert-paths.patch
Buildroot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
BuildRequires: openssl-devel, pam-devel, zlib-devel
@ -123,23 +115,23 @@ Group: System Environment/Daemons
This package provides the SQLite backend for dovecot-auth etc.
%endif
#%if %{build_ldap}
#%package ldap
#Requires: %{name} = %{epoch}:%{version}-%{release}
#Summary: LDAP auth plugin for dovecot
#Group: System Environment/Daemons
#%description ldap
#This package provides the LDAP auth plugin for dovecot-auth etc.
#%endif
%if %{build_ldap}
%package ldap
Requires: %{name} = %{epoch}:%{version}-%{release}
Summary: LDAP auth plugin for dovecot
Group: System Environment/Daemons
%description ldap
This package provides the LDAP auth plugin for dovecot-auth etc.
%endif
#%if %{build_gssapi}
#%package gssapi
#Requires: %{name} = %{epoch}:%{version}-%{release}
#Summary: GSSAPI auth mechanism plugin for dovecot
#Group: System Environment/Daemons
#%description gssapi
#This package provides the GSSAPI auth mechanism plugin for dovecot-auth etc.
#%endif
%if %{build_gssapi}
%package gssapi
Requires: %{name} = %{epoch}:%{version}-%{release}
Summary: GSSAPI auth mechanism plugin for dovecot
Group: System Environment/Daemons
%description gssapi
This package provides the GSSAPI auth mechanism plugin for dovecot-auth etc.
%endif
%package devel
Requires: %{name} = %{epoch}:%{version}-%{release}
@ -153,12 +145,9 @@ This package provides the development files for dovecot.
%setup -q
%patch100 -p1 -b .default-settings
%patch103 -p1 -b .mkcert-permissions
%patch105 -p1 -b .mkcert-paths
%patch106 -p1 -b .quota-warning
%patch200 -p1 -b .split
%patch1000 -p1 -b .winbind
%patch1 -p1 -b .default-settings
%patch2 -p1 -b .mkcert-permissions
%patch3 -p1 -b .mkcert-paths
%if %{build_sieve}
%setup -q -D -T -a 8
@ -166,8 +155,7 @@ This package provides the development files for dovecot.
%build
rm -f ./configure
libtoolize -f
autoreconf -i
autoreconf -i -f
%configure \
INSTALL_DATA="install -c -p -m644" \
--enable-header-install \
@ -181,22 +169,16 @@ autoreconf -i
%if %{build_sqlite}
--with-sqlite \
%endif
--with-dynamic-sql \
--with-sql=plugin \
--with-sql-drivers \
--with-ssl=openssl \
--with-ssldir=%{ssldir} \
%if %{build_ldap}
--with-ldap \
--with-ldap=plugin \
%endif
%if %{build_gssapi}
--with-gssapi \
--with-gssapi=plugin
%endif
# --with-sql=plugin \
#%if %{build_ldap}
# --with-ldap=plugin \
#%endif
#%if %{build_gssapi}
# --with-gssapi=plugin
#%endif
make %{?_smp_mflags}
@ -204,8 +186,7 @@ make %{?_smp_mflags}
cd %{sieve_name}-%{sieve_version}
rm -f ./configure
libtoolize -f
autoreconf
autoreconf -i -f
%configure \
INSTALL_DATA="install -c -p -m644" \
--disable-static \
@ -322,7 +303,7 @@ fi
%files -f libs.filelist
%defattr(-,root,root,-)
%doc %{docdir}-%{version}
%attr(0640,root,root) %config(noreplace) %{_sysconfdir}/dovecot.conf
%attr(0640,dovecot,mail) %config(noreplace) %{_sysconfdir}/dovecot.conf
%{_initrddir}/dovecot
%config(noreplace) %{_sysconfdir}/pam.d/dovecot
%dir %{ssldir}
@ -349,37 +330,37 @@ fi
%files mysql
%defattr(-,root,root,-)
%{_libdir}/%{name}/sql/libdriver_mysql.so
#%{_libdir}/%{name}/auth/libdriver_mysql.so
#%{_libdir}/%{name}/dict/libdriver_mysql.so
%{_libdir}/%{name}/auth/libdriver_mysql.so
%{_libdir}/%{name}/dict/libdriver_mysql.so
%endif
%if %{build_postgres}
%files pgsql
%defattr(-,root,root,-)
%{_libdir}/%{name}/sql/libdriver_pgsql.so
#%{_libdir}/%{name}/auth/libdriver_pgsql.so
#%{_libdir}/%{name}/dict/libdriver_pgsql.so
%{_libdir}/%{name}/auth/libdriver_pgsql.so
%{_libdir}/%{name}/dict/libdriver_pgsql.so
%endif
%if %{build_sqlite}
%files sqlite
%defattr(-,root,root,-)
%{_libdir}/%{name}/sql/libdriver_sqlite.so
#%{_libdir}/%{name}/auth/libdriver_sqlite.so
#%{_libdir}/%{name}/dict/libdriver_sqlite.so
%{_libdir}/%{name}/auth/libdriver_sqlite.so
%{_libdir}/%{name}/dict/libdriver_sqlite.so
%endif
#%if %{build_ldap}
#%files ldap
#%defattr(-,root,root,-)
#%{_libdir}/%{name}/auth/libauthdb_ldap.so
#%endif
%if %{build_ldap}
%files ldap
%defattr(-,root,root,-)
%{_libdir}/%{name}/auth/libauthdb_ldap.so
%endif
#%if %{build_gssapi}
#%files gssapi
#%defattr(-,root,root,-)
#%{_libdir}/%{name}/auth/libmech_gssapi.so
#%endif
%if %{build_gssapi}
%files gssapi
%defattr(-,root,root,-)
%{_libdir}/%{name}/auth/libmech_gssapi.so
%endif
%files devel
%defattr(-,root,root,-)
@ -388,6 +369,13 @@ fi
%changelog
* Sat Jun 21 2008 Dan Horak <dan[at]danny.cz> - 1:1.1.0-1
- update to upstream version 1.1.0
- update sieve plugin to 1.1.5
- remove unnecessary patches
- enable ldap and gssapi plugins
- change ownership of dovecot.conf (Resolves: #452088)
* Wed Jun 18 2008 Dan Horak <dan[at]danny.cz> - 1:1.0.14-4
- update init script (Resolves: #451838)

8
sources
View File

@ -1,4 +1,4 @@
89e295832dd5c4ba93d68454e74d7ae3 dovecot-1.0.14.tar.gz
52e8ebf3de72316ae005acc3779b4c3a dovecot-1.0.14.tar.gz.sig
cbe4361899ffb4d9cb62151cb44427b6 dovecot-sieve-1.0.3.tar.gz
149fefe048496ad412b4ba0c492ba5a9 dovecot-sieve-1.0.3.tar.gz.sig
2f173eaad8ae74782bbceecaf90d1e45 dovecot-1.1.0.tar.gz
3cdade677e61cc94e489286a88b3ab60 dovecot-1.1.0.tar.gz.sig
b4362defe3fc18865db8cf8e1c940b13 dovecot-sieve-1.1.5.tar.gz
0fdb01f9fd960fbd5a8271584ac62cb8 dovecot-sieve-1.1.5.tar.gz.sig