- change the compiled-in defaults and adjust the default's configfile

commented-out example settings to match compiled-in defaults, instead
    of changing the defaults only in the configfile, as per #179432
- fix #179574 by providing a default uidl_format for pop3
- half-fix #179620 by having plaintext auth enabled by default... this
    needs more thinking (which one we really want) and documentation either
    way
This commit is contained in:
prockai 2006-02-02 16:35:05 +00:00
parent 43cfb74a3f
commit fccc5ac14c
3 changed files with 138 additions and 12 deletions

View File

@ -0,0 +1,109 @@
--- ./dovecot-1.0.beta2/src/master/master-settings.c.default-settings 2006-02-02 12:28:54.000000000 +0100
+++ ./dovecot-1.0.beta2/src/master/master-settings.c 2006-02-02 12:33:06.000000000 +0100
@@ -254,8 +254,8 @@
MEMBER(syslog_facility) "mail",
/* general */
- MEMBER(protocols) "imap imaps",
- MEMBER(listen) "*",
+ MEMBER(protocols) "imap imaps pop3 pop3s",
+ MEMBER(listen) "[::]",
MEMBER(ssl_listen) NULL,
MEMBER(ssl_disable) FALSE,
@@ -266,7 +266,7 @@
MEMBER(ssl_parameters_regenerate) 168,
MEMBER(ssl_cipher_list) NULL,
MEMBER(ssl_verify_client_cert) FALSE,
- MEMBER(disable_plaintext_auth) TRUE,
+ MEMBER(disable_plaintext_auth) FALSE,
MEMBER(verbose_ssl) FALSE,
/* login */
@@ -318,7 +318,7 @@
MEMBER(maildir_stat_dirs) FALSE,
MEMBER(maildir_copy_with_hardlinks) FALSE,
MEMBER(mbox_read_locks) "fcntl",
- MEMBER(mbox_write_locks) "dotlock fcntl",
+ MEMBER(mbox_write_locks) "fcntl",
MEMBER(mbox_lock_timeout) 300,
MEMBER(mbox_dotlock_change_timeout) 30,
MEMBER(mbox_min_index_size) 0,
@@ -346,7 +346,7 @@
MEMBER(pop3_no_flag_updates) FALSE,
MEMBER(pop3_enable_last) FALSE,
MEMBER(pop3_reuse_xuidl) FALSE,
- MEMBER(pop3_uidl_format) NULL,
+ MEMBER(pop3_uidl_format) "%08Xu%08Xv",
MEMBER(pop3_client_workarounds) NULL,
MEMBER(pop3_logout_format) "top=%t/%T, retr=%r/%R, del=%d/%m, size=%s",
--- ./dovecot-1.0.beta2/dovecot-example.conf.default-settings 2006-02-02 12:31:10.000000000 +0100
+++ ./dovecot-1.0.beta2/dovecot-example.conf 2006-02-02 12:32:50.000000000 +0100
@@ -5,17 +5,14 @@
# value inside quotes, eg.: key = "# char and trailing whitespace "
# Default values are shown after each value, it's not required to uncomment
-# any of the lines. Exception to this are paths, they're just examples
-# with real defaults being based on configure options. The paths listed here
-# are for configure --prefix=/usr --sysconfdir=/etc --localstatedir=/var
-# --with-ssldir=/etc/ssl
+# any of the lines.
# Base directory where to store runtime data.
#base_dir = /var/run/dovecot/
# Protocols we want to be serving:
# imap imaps pop3 pop3s
-#protocols = imap imaps
+#protocols = imap imaps pop3 pop3s
# IP or host address where to listen in for connections. It's not currently
# possible to specify multiple addresses. "*" listens in all IPv4 interfaces.
@@ -24,7 +21,7 @@
# for each service, you will need to configure these settings inside the
# protocol imap/pop3 { ... } section, so you can specify different ports
# for IMAP/POP3.
-#listen = *
+#listen = [::]
# IP or host address where to listen in for SSL connections. Defaults
# to above if not specified.
@@ -37,8 +34,8 @@
# dropping root privileges, so keep the key file unreadable by anyone but
# root. Included doc/mkcert.sh can be used to easily generate self-signed
# certificate, just make sure to update the domains in dovecot-openssl.cnf
-#ssl_cert_file = /etc/ssl/certs/dovecot.pem
-#ssl_key_file = /etc/ssl/private/dovecot.pem
+#ssl_cert_file = /etc/pki/dovecot/certs/dovecot.pem
+#ssl_key_file = /etc/pki/dovecot/private/dovecot.pem
# If key file is password protected, give the password here. Alternatively
# give it when starting dovecot with -p parameter.
@@ -62,7 +59,7 @@
# SSL/TLS is used (LOGINDISABLED capability). Note that 127.*.*.* and
# IPv6 ::1 addresses are considered secure, this setting has no effect if
# you connect from those addresses.
-#disable_plaintext_auth = yes
+#disable_plaintext_auth = no
# Use this logfile instead of syslog(). /dev/stderr can be used if you want to
# use stderr for logging (ONLY /dev/stderr - otherwise it is closed).
@@ -352,7 +349,7 @@
# locking methods as well. Some operating systems don't allow using some of
# them simultaneously.
#mbox_read_locks = fcntl
-#mbox_write_locks = dotlock fcntl
+#mbox_write_locks = fcntl
# Maximum time in seconds to wait for lock (all of them) before aborting.
#mbox_lock_timeout = 300
@@ -521,7 +518,7 @@
# installations. %08Xu%08Xv will be the new default, so use it for new
# installations.
#
- #pop3_uidl_format =
+ #pop3_uidl_format = %08Xu%08Xv
# POP3 logout format string:
# %t - number of TOP commands

View File

@ -0,0 +1,11 @@
--- dovecot-1.0.beta2/doc/mkcert.sh.configfile 2006-01-16 21:14:54.000000000 +0100
+++ dovecot-1.0.beta2/doc/mkcert.sh 2006-01-26 14:28:38.000000000 +0100
@@ -29,6 +29,7 @@
fi
$OPENSSL req -new -x509 -nodes -config $OPENSSLCONFIG -out $CERTFILE -keyout $KEYFILE -days 365 || exit 2
-chmod 0600 $KEYFILE
+chown root:root $CERTFILE $KEYFILE
+chmod 0600 $CERTFILE $KEYFILE
echo
$OPENSSL x509 -subject -fingerprint -noout -in $CERTFILE || exit 2

View File

@ -1,7 +1,7 @@
Summary: Dovecot Secure imap server Summary: Dovecot Secure imap server
Name: dovecot Name: dovecot
Version: 1.0 Version: 1.0
Release: 0.beta2.2 Release: 0.beta2.3
License: LGPL License: LGPL
Group: System Environment/Daemons Group: System Environment/Daemons
@ -17,11 +17,10 @@ Source4: migrate-folders
Source5: migrate-users Source5: migrate-users
Source6: perfect_maildir.pl Source6: perfect_maildir.pl
Source7: dovecot-REDHAT-FAQ.txt Source7: dovecot-REDHAT-FAQ.txt
Patch100: dovecot-conf.patch Patch100: dovecot-1.0.beta2-default-settings.patch
Patch101: dovecot-configfile.patch Patch101: dovecot-1.0.beta2-pam-tty.patch
Patch102: dovecot-0.99-no-literal-plus-capability.patch Patch102: dovecot-1.0.beta2-pam-setcred.patch
Patch103: dovecot-1.0.beta2-pam-tty.patch Patch103: dovecot-1.0.beta2-mkcert-permissions.patch
Patch104: dovecot-1.0.beta2-pam-setcred.patch
# XXX this patch needs review and forward porting # XXX this patch needs review and forward porting
#Patch105: dovecot-auth-log.patch #Patch105: dovecot-auth-log.patch
@ -62,12 +61,10 @@ in either of maildir or mbox formats.
%setup -q -n %{name}-%{upstream} %setup -q -n %{name}-%{upstream}
#%patch100 -p1 -b .config %patch100 -p2 -b .default-settings
#cp $RPM_BUILD_DIR/dovecot-%{upstream}/dovecot-example.conf $RPM_BUILD_DIR/${RPM_PACKAGE_NAME}-%{upstream}/dovecot.conf %patch101 -p2 -b .pam-tty
%patch101 -p1 -b .configfile %patch102 -p2 -b .pam-setcred
#%patch102 -p1 -b .no-literal-plus-capability %patch103 -p1 -b .mkcert-permissions
%patch103 -p2 -b .pam-tty
%patch104 -p2 -b .pam-setcred
#%patch105 -p1 -b .auth-log #%patch105 -p1 -b .auth-log
%build %build
@ -205,6 +202,15 @@ rm -rf $RPM_BUILD_ROOT
%changelog %changelog
* Thu Feb 02 2006 Petr Rockai <prockai@redhat.com> - 1.0-0.beta2.3
- change the compiled-in defaults and adjust the default's configfile
commented-out example settings to match compiled-in defaults,
instead of changing the defaults only in the configfile, as per #179432
- fix #179574 by providing a default uidl_format for pop3
- half-fix #179620 by having plaintext auth enabled by default... this
needs more thinking (which one we really want) and documentation
either way
* Tue Jan 31 2006 Petr Rockai <prockai@redhat.com> - 1.0-0.beta2.2 * Tue Jan 31 2006 Petr Rockai <prockai@redhat.com> - 1.0-0.beta2.2
- update URL in description - update URL in description
- call dovecot --build-ssl-parameters in postinst as per #179430 - call dovecot --build-ssl-parameters in postinst as per #179430