- change the compiled-in defaults and adjust the default's configfile

commented-out example settings to match compiled-in defaults, instead of changing the defaults only in the configfile, as per #179432 - fix #179574 by providing a default uidl_format for pop3 - half-fix #179620 by having plaintext auth enabled by default... this needs more thinking (which one we really want) and documentation either way
2006-02-02 16:35:05 +00:00 · 2006-02-02 16:35:05 +00:00 · fccc5ac14c
commit fccc5ac14c
parent 43cfb74a3f
3 changed files with 138 additions and 12 deletions
--- a/dovecot-1.0.beta2-default-settings.patch
+++ b/dovecot-1.0.beta2-default-settings.patch
@ -0,0 +1,109 @@
+--- ./dovecot-1.0.beta2/src/master/master-settings.c.default-settings	2006-02-02 12:28:54.000000000 +0100
+++ ./dovecot-1.0.beta2/src/master/master-settings.c	2006-02-02 12:33:06.000000000 +0100
+@@ -254,8 +254,8 @@
+ 	MEMBER(syslog_facility) "mail",
+ 
+ 	/* general */
+-	MEMBER(protocols) "imap imaps",
+-	MEMBER(listen) "*",
+	MEMBER(protocols) "imap imaps pop3 pop3s",
+	MEMBER(listen) "[::]",
+ 	MEMBER(ssl_listen) NULL,
+ 
+ 	MEMBER(ssl_disable) FALSE,
+@@ -266,7 +266,7 @@
+ 	MEMBER(ssl_parameters_regenerate) 168,
+ 	MEMBER(ssl_cipher_list) NULL,
+ 	MEMBER(ssl_verify_client_cert) FALSE,
+-	MEMBER(disable_plaintext_auth) TRUE,
+	MEMBER(disable_plaintext_auth) FALSE,
+ 	MEMBER(verbose_ssl) FALSE,
+ 
+ 	/* login */
+@@ -318,7 +318,7 @@
+ 	MEMBER(maildir_stat_dirs) FALSE,
+ 	MEMBER(maildir_copy_with_hardlinks) FALSE,
+ 	MEMBER(mbox_read_locks) "fcntl",
+-	MEMBER(mbox_write_locks) "dotlock fcntl",
+	MEMBER(mbox_write_locks) "fcntl",
+ 	MEMBER(mbox_lock_timeout) 300,
+ 	MEMBER(mbox_dotlock_change_timeout) 30,
+ 	MEMBER(mbox_min_index_size) 0,
+@@ -346,7 +346,7 @@
+ 	MEMBER(pop3_no_flag_updates) FALSE,
+ 	MEMBER(pop3_enable_last) FALSE,
+ 	MEMBER(pop3_reuse_xuidl) FALSE,
+-	MEMBER(pop3_uidl_format) NULL,
+	MEMBER(pop3_uidl_format) "%08Xu%08Xv",
+ 	MEMBER(pop3_client_workarounds) NULL,
+ 	MEMBER(pop3_logout_format) "top=%t/%T, retr=%r/%R, del=%d/%m, size=%s",
+ 
+--- ./dovecot-1.0.beta2/dovecot-example.conf.default-settings	2006-02-02 12:31:10.000000000 +0100
+++ ./dovecot-1.0.beta2/dovecot-example.conf	2006-02-02 12:32:50.000000000 +0100
+@@ -5,17 +5,14 @@
+ # value inside quotes, eg.: key = "# char and trailing whitespace  "
+ 
+ # Default values are shown after each value, it's not required to uncomment
+-# any of the lines. Exception to this are paths, they're just examples
+-# with real defaults being based on configure options. The paths listed here
+-# are for configure --prefix=/usr --sysconfdir=/etc --localstatedir=/var
+-# --with-ssldir=/etc/ssl
+# any of the lines.
+ 
+ # Base directory where to store runtime data.
+ #base_dir = /var/run/dovecot/
+ 
+ # Protocols we want to be serving:
+ #  imap imaps pop3 pop3s
+-#protocols = imap imaps
+#protocols = imap imaps pop3 pop3s
+ 
+ # IP or host address where to listen in for connections. It's not currently
+ # possible to specify multiple addresses. "*" listens in all IPv4 interfaces.
+@@ -24,7 +21,7 @@
+ # for each service, you will need to configure these settings inside the
+ # protocol imap/pop3 { ... } section, so you can specify different ports
+ # for IMAP/POP3.
+-#listen = *
+#listen = [::]
+ 
+ # IP or host address where to listen in for SSL connections. Defaults
+ # to above if not specified.
+@@ -37,8 +34,8 @@
+ # dropping root privileges, so keep the key file unreadable by anyone but
+ # root. Included doc/mkcert.sh can be used to easily generate self-signed
+ # certificate, just make sure to update the domains in dovecot-openssl.cnf
+-#ssl_cert_file = /etc/ssl/certs/dovecot.pem
+-#ssl_key_file = /etc/ssl/private/dovecot.pem
+#ssl_cert_file = /etc/pki/dovecot/certs/dovecot.pem
+#ssl_key_file = /etc/pki/dovecot/private/dovecot.pem
+ 
+ # If key file is password protected, give the password here. Alternatively
+ # give it when starting dovecot with -p parameter.
+@@ -62,7 +59,7 @@
+ # SSL/TLS is used (LOGINDISABLED capability). Note that 127.*.*.* and
+ # IPv6 ::1 addresses are considered secure, this setting has no effect if
+ # you connect from those addresses.
+-#disable_plaintext_auth = yes
+#disable_plaintext_auth = no
+ 
+ # Use this logfile instead of syslog(). /dev/stderr can be used if you want to
+ # use stderr for logging (ONLY /dev/stderr - otherwise it is closed).
+@@ -352,7 +349,7 @@
+ # locking methods as well. Some operating systems don't allow using some of
+ # them simultaneously.
+ #mbox_read_locks = fcntl
+-#mbox_write_locks = dotlock fcntl
+#mbox_write_locks = fcntl
+ 
+ # Maximum time in seconds to wait for lock (all of them) before aborting.
+ #mbox_lock_timeout = 300
+@@ -521,7 +518,7 @@
+   # installations. %08Xu%08Xv will be the new default, so use it for new
+   # installations.
+   #
+-  #pop3_uidl_format = 
+  #pop3_uidl_format = %08Xu%08Xv
+ 
+   # POP3 logout format string:
+   #  %t - number of TOP commands
--- a/dovecot-1.0.beta2-mkcert-permissions.patch
+++ b/dovecot-1.0.beta2-mkcert-permissions.patch
@ -0,0 +1,11 @@
+--- dovecot-1.0.beta2/doc/mkcert.sh.configfile	2006-01-16 21:14:54.000000000 +0100
+++ dovecot-1.0.beta2/doc/mkcert.sh	2006-01-26 14:28:38.000000000 +0100
+@@ -29,6 +29,7 @@
+ fi
+ 
+ $OPENSSL req -new -x509 -nodes -config $OPENSSLCONFIG -out $CERTFILE -keyout $KEYFILE -days 365 || exit 2
+-chmod 0600 $KEYFILE
+chown root:root $CERTFILE $KEYFILE
+chmod 0600 $CERTFILE $KEYFILE
+ echo 
+ $OPENSSL x509 -subject -fingerprint -noout -in $CERTFILE || exit 2
--- a/dovecot.spec
+++ b/dovecot.spec
@ -1,7 +1,7 @@
 Summary: Dovecot Secure imap server
 Name: dovecot
 Version: 1.0
-Release: 0.beta2.2
+Release: 0.beta2.3
 License: LGPL
 Group: System Environment/Daemons

@ -17,11 +17,10 @@ Source4: migrate-folders
 Source5: migrate-users
 Source6: perfect_maildir.pl
 Source7: dovecot-REDHAT-FAQ.txt
-Patch100: dovecot-conf.patch
-Patch101: dovecot-configfile.patch
-Patch102: dovecot-0.99-no-literal-plus-capability.patch
-Patch103: dovecot-1.0.beta2-pam-tty.patch
-Patch104: dovecot-1.0.beta2-pam-setcred.patch
+Patch100: dovecot-1.0.beta2-default-settings.patch
+Patch101: dovecot-1.0.beta2-pam-tty.patch
+Patch102: dovecot-1.0.beta2-pam-setcred.patch
+Patch103: dovecot-1.0.beta2-mkcert-permissions.patch

 # XXX this patch needs review and forward porting
 #Patch105: dovecot-auth-log.patch
@ -62,12 +61,10 @@ in either of maildir or mbox formats.

 %setup -q -n %{name}-%{upstream}

-#%patch100 -p1 -b .config
-#cp $RPM_BUILD_DIR/dovecot-%{upstream}/dovecot-example.conf $RPM_BUILD_DIR/${RPM_PACKAGE_NAME}-%{upstream}/dovecot.conf
-%patch101 -p1 -b .configfile
-#%patch102 -p1 -b .no-literal-plus-capability
-%patch103 -p2 -b .pam-tty
-%patch104 -p2 -b .pam-setcred
+%patch100 -p2 -b .default-settings
+%patch101 -p2 -b .pam-tty
+%patch102 -p2 -b .pam-setcred
+%patch103 -p1 -b .mkcert-permissions
 #%patch105 -p1 -b .auth-log

 %build
@ -205,6 +202,15 @@ rm -rf $RPM_BUILD_ROOT


 %changelog
+* Thu Feb 02 2006 Petr Rockai <prockai@redhat.com> - 1.0-0.beta2.3
+- change the compiled-in defaults and adjust the default's configfile
+  commented-out example settings to match compiled-in defaults,
+  instead of changing the defaults only in the configfile, as per #179432
+- fix #179574 by providing a default uidl_format for pop3
+- half-fix #179620 by having plaintext auth enabled by default... this
+  needs more thinking (which one we really want) and documentation
+  either way
+
 * Tue Jan 31 2006 Petr Rockai <prockai@redhat.com> - 1.0-0.beta2.2
 - update URL in description
 - call dovecot --build-ssl-parameters in postinst as per #179430