Compare commits
No commits in common. "imports/c8s/dovecot-2.3.8-3.el8" and "c8" have entirely different histories.
imports/c8
...
c8
|
@ -1,2 +0,0 @@
|
|||
b9c7290dad1ac3bc1ead11359812a137a3d173f7 SOURCES/dovecot-2.3-pigeonhole-0.5.8.tar.gz
|
||||
65b93f7fd53705b3c97f9eee141a76c5f4f3a624 SOURCES/dovecot-2.3.8.tar.gz
|
|
@ -1,2 +1,2 @@
|
|||
SOURCES/dovecot-2.3-pigeonhole-0.5.8.tar.gz
|
||||
SOURCES/dovecot-2.3.8.tar.gz
|
||||
SOURCES/dovecot-2.3-pigeonhole-0.5.16.tar.gz
|
||||
SOURCES/dovecot-2.3.16.tar.gz
|
||||
|
|
|
@ -1,11 +1,11 @@
|
|||
diff -up dovecot-2.3.0.1/dovecot.service.in.waitonline dovecot-2.3.0.1/dovecot.service.in
|
||||
--- dovecot-2.3.0.1/dovecot.service.in.waitonline 2018-03-01 10:35:39.888371078 +0100
|
||||
+++ dovecot-2.3.0.1/dovecot.service.in 2018-03-01 10:36:29.738784661 +0100
|
||||
@@ -12,6 +12,7 @@ After=local-fs.target network-online.tar
|
||||
diff -up dovecot-2.3.15/dovecot.service.in.waitonline dovecot-2.3.15/dovecot.service.in
|
||||
--- dovecot-2.3.15/dovecot.service.in.waitonline 2021-06-21 20:19:19.560494654 +0200
|
||||
+++ dovecot-2.3.15/dovecot.service.in 2021-06-21 20:21:17.443066248 +0200
|
||||
@@ -15,6 +15,7 @@ After=local-fs.target network-online.tar
|
||||
|
||||
[Service]
|
||||
Type=simple
|
||||
Type=@systemdservicetype@
|
||||
+ExecStartPre=/usr/libexec/dovecot/prestartscript
|
||||
ExecStart=@sbindir@/dovecot -F
|
||||
PIDFile=@rundir@/master.pid
|
||||
ExecReload=@bindir@/doveadm reload
|
||||
ExecStop=@bindir@/doveadm stop
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
diff -up dovecot-2.3.0.1/dovecot-init.service.initbysystemd dovecot-2.3.0.1/dovecot-init.service
|
||||
--- dovecot-2.3.0.1/dovecot-init.service.initbysystemd 2018-03-01 10:38:22.059716008 +0100
|
||||
+++ dovecot-2.3.0.1/dovecot-init.service 2018-03-01 10:38:22.059716008 +0100
|
||||
diff -up dovecot-2.3.15/dovecot-init.service.initbysystemd dovecot-2.3.15/dovecot-init.service
|
||||
--- dovecot-2.3.15/dovecot-init.service.initbysystemd 2021-06-21 20:21:49.250680889 +0200
|
||||
+++ dovecot-2.3.15/dovecot-init.service 2021-06-21 20:21:49.250680889 +0200
|
||||
@@ -0,0 +1,13 @@
|
||||
+[Unit]
|
||||
+Description=One-time Dovecot init service
|
||||
|
@ -15,32 +15,37 @@ diff -up dovecot-2.3.0.1/dovecot-init.service.initbysystemd dovecot-2.3.0.1/dove
|
|||
+ SSLDIR=/etc/pki/dovecot/ OPENSSLCONFIG=/etc/pki/dovecot/dovecot-openssl.cnf /usr/libexec/dovecot/mkcert.sh /dev/null 2>&1;\
|
||||
+fi'
|
||||
+
|
||||
diff -up dovecot-2.3.0.1/dovecot.service.in.initbysystemd dovecot-2.3.0.1/dovecot.service.in
|
||||
--- dovecot-2.3.0.1/dovecot.service.in.initbysystemd 2018-03-01 10:38:22.060716016 +0100
|
||||
+++ dovecot-2.3.0.1/dovecot.service.in 2018-03-01 10:40:45.524901319 +0100
|
||||
@@ -8,7 +8,8 @@
|
||||
diff -up dovecot-2.3.15/dovecot.service.in.initbysystemd dovecot-2.3.15/dovecot.service.in
|
||||
--- dovecot-2.3.15/dovecot.service.in.initbysystemd 2021-06-21 20:21:49.250680889 +0200
|
||||
+++ dovecot-2.3.15/dovecot.service.in 2021-06-21 20:22:46.935981920 +0200
|
||||
@@ -11,7 +11,8 @@
|
||||
Description=Dovecot IMAP/POP3 email server
|
||||
Documentation=man:dovecot(1)
|
||||
Documentation=http://wiki2.dovecot.org/
|
||||
Documentation=https://doc.dovecot.org/
|
||||
-After=local-fs.target network-online.target
|
||||
+After=local-fs.target network-online.target dovecot-init.service
|
||||
+Requires=dovecot-init.service
|
||||
|
||||
[Service]
|
||||
Type=simple
|
||||
diff -up dovecot-2.3.0.1/Makefile.am.initbysystemd dovecot-2.3.0.1/Makefile.am
|
||||
--- dovecot-2.3.0.1/Makefile.am.initbysystemd 2018-02-28 15:28:57.000000000 +0100
|
||||
+++ dovecot-2.3.0.1/Makefile.am 2018-03-01 10:38:22.060716016 +0100
|
||||
@@ -63,9 +63,10 @@ if HAVE_SYSTEMD
|
||||
Type=@systemdservicetype@
|
||||
diff -up dovecot-2.3.15/Makefile.am.initbysystemd dovecot-2.3.15/Makefile.am
|
||||
--- dovecot-2.3.15/Makefile.am.initbysystemd 2021-06-21 20:21:49.250680889 +0200
|
||||
+++ dovecot-2.3.15/Makefile.am 2021-06-21 20:24:26.676765849 +0200
|
||||
@@ -21,6 +21,7 @@ EXTRA_DIST = \
|
||||
run-test-valgrind.supp \
|
||||
dovecot.service.in \
|
||||
dovecot.socket \
|
||||
+ dovecot-init.service \
|
||||
$(conf_DATA)
|
||||
|
||||
noinst_DATA = dovecot-config
|
||||
@@ -69,7 +70,8 @@ dovecot-config: dovecot-config.in Makefi
|
||||
if WANT_SYSTEMD
|
||||
systemdsystemunit_DATA = \
|
||||
dovecot.socket \
|
||||
- dovecot.service
|
||||
+ dovecot.service \
|
||||
+ dovecot-init.service
|
||||
else
|
||||
-EXTRA_DIST += dovecot.socket dovecot.service.in
|
||||
+EXTRA_DIST += dovecot.socket dovecot.service.in dovecot-init.service
|
||||
endif
|
||||
|
||||
install-exec-hook:
|
||||
|
|
|
@ -1,9 +1,9 @@
|
|||
diff -up dovecot-2.2.36/doc/dovecot-openssl.cnf.bigkey dovecot-2.2.36/doc/dovecot-openssl.cnf
|
||||
--- dovecot-2.2.36/doc/dovecot-openssl.cnf.bigkey 2017-06-23 13:18:28.000000000 +0200
|
||||
+++ dovecot-2.2.36/doc/dovecot-openssl.cnf 2018-10-16 17:15:35.836205498 +0200
|
||||
diff -up dovecot-2.3.15/doc/dovecot-openssl.cnf.bigkey dovecot-2.3.15/doc/dovecot-openssl.cnf
|
||||
--- dovecot-2.3.15/doc/dovecot-openssl.cnf.bigkey 2021-06-21 20:24:51.913456628 +0200
|
||||
+++ dovecot-2.3.15/doc/dovecot-openssl.cnf 2021-06-21 20:25:36.352912123 +0200
|
||||
@@ -1,5 +1,5 @@
|
||||
[ req ]
|
||||
-default_bits = 1024
|
||||
-default_bits = 2048
|
||||
+default_bits = 3072
|
||||
encrypt_key = yes
|
||||
distinguished_name = req_dn
|
||||
|
|
|
@ -1,11 +0,0 @@
|
|||
diff -up dovecot-2.3.0.1/src/auth/mycrypt.c.libxcrypt dovecot-2.3.0.1/src/auth/mycrypt.c
|
||||
--- dovecot-2.3.0.1/src/auth/mycrypt.c.libxcrypt 2018-02-28 15:28:58.000000000 +0100
|
||||
+++ dovecot-2.3.0.1/src/auth/mycrypt.c 2018-03-27 10:57:38.447769201 +0200
|
||||
@@ -14,6 +14,7 @@
|
||||
# define _XPG6 /* Some Solaris versions require this, some break with this */
|
||||
#endif
|
||||
#include <unistd.h>
|
||||
+#include <crypt.h>
|
||||
|
||||
#include "mycrypt.h"
|
||||
|
File diff suppressed because it is too large
Load Diff
|
@ -1,121 +0,0 @@
|
|||
diff -up dovecot-2.3.8/src/lib-smtp/smtp-address.c.smtppre dovecot-2.3.8/src/lib-smtp/smtp-address.c
|
||||
--- dovecot-2.3.8/src/lib-smtp/smtp-address.c.smtppre 2019-10-08 10:46:18.000000000 +0200
|
||||
+++ dovecot-2.3.8/src/lib-smtp/smtp-address.c 2020-05-29 19:11:19.340621409 +0200
|
||||
@@ -467,7 +467,7 @@ void smtp_address_detail_parse(pool_t po
|
||||
*detail_r = p+1;
|
||||
}
|
||||
|
||||
- if (address->domain == NULL)
|
||||
+ if (address->domain == NULL || *address->domain == '\0')
|
||||
*username_r = user;
|
||||
else if (strchr(user, '@') == NULL ) {
|
||||
/* username is just glued to the domain... no SMTP escaping */
|
||||
@@ -548,7 +548,7 @@ void smtp_address_write(string_t *out,
|
||||
if (quoted)
|
||||
str_append_c(out, '\"');
|
||||
|
||||
- if (address->domain == NULL)
|
||||
+ if (address->domain == NULL || *address->domain == '\0')
|
||||
return;
|
||||
|
||||
str_append_c(out, '@');
|
||||
@@ -587,8 +587,12 @@ void smtp_address_init(struct smtp_addre
|
||||
const char *localpart, const char *domain)
|
||||
{
|
||||
i_zero(address);
|
||||
+ if (localpart == NULL || *localpart == '\0')
|
||||
+ return;
|
||||
+
|
||||
address->localpart = localpart;
|
||||
- address->domain = (localpart == NULL ? NULL : domain);
|
||||
+ if (domain != NULL && *domain != '\0')
|
||||
+ address->domain = domain;
|
||||
}
|
||||
|
||||
int smtp_address_init_from_msg(struct smtp_address *address,
|
||||
@@ -597,7 +601,7 @@ int smtp_address_init_from_msg(struct sm
|
||||
const char *p;
|
||||
|
||||
i_zero(address);
|
||||
- if (msg_addr->mailbox == NULL)
|
||||
+ if (msg_addr->mailbox == NULL || *msg_addr->mailbox == '\0')
|
||||
return 0;
|
||||
|
||||
/* The message_address_parse() function allows UTF-8 codepoints in
|
||||
@@ -609,7 +613,8 @@ int smtp_address_init_from_msg(struct sm
|
||||
}
|
||||
|
||||
address->localpart = msg_addr->mailbox;
|
||||
- address->domain = msg_addr->domain;
|
||||
+ if (msg_addr->domain != NULL && *msg_addr->domain != '\0')
|
||||
+ address->domain = msg_addr->domain;
|
||||
return 0;
|
||||
}
|
||||
|
||||
@@ -617,8 +622,8 @@ struct smtp_address *
|
||||
smtp_address_clone(pool_t pool, const struct smtp_address *src)
|
||||
{
|
||||
struct smtp_address *new;
|
||||
- size_t size, lpsize, dsize = 0;
|
||||
- char *data, *localpart, *domain = NULL;
|
||||
+ size_t size, lpsize = 0, dsize = 0;
|
||||
+ char *data, *localpart = NULL, *domain = NULL;
|
||||
|
||||
if (smtp_address_isnull(src))
|
||||
return NULL;
|
||||
@@ -626,17 +631,21 @@ smtp_address_clone(pool_t pool, const st
|
||||
/* @UNSAFE */
|
||||
|
||||
size = sizeof(struct smtp_address);
|
||||
- lpsize = strlen(src->localpart) + 1;
|
||||
- size = MALLOC_ADD(size, lpsize);
|
||||
- if (src->domain != NULL) {
|
||||
+ if (src->localpart != NULL && *src->localpart != '\0') {
|
||||
+ lpsize = strlen(src->localpart) + 1;
|
||||
+ size = MALLOC_ADD(size, lpsize);
|
||||
+ }
|
||||
+ if (src->domain != NULL && *src->domain != '\0') {
|
||||
dsize = strlen(src->domain) + 1;
|
||||
size = MALLOC_ADD(size, dsize);
|
||||
}
|
||||
|
||||
data = p_malloc(pool, size);
|
||||
new = (struct smtp_address *)data;
|
||||
- localpart = PTR_OFFSET(data, sizeof(*new));
|
||||
- memcpy(localpart, src->localpart, lpsize);
|
||||
+ if (lpsize > 0) {
|
||||
+ localpart = PTR_OFFSET(data, sizeof(*new));
|
||||
+ memcpy(localpart, src->localpart, lpsize);
|
||||
+ }
|
||||
if (dsize > 0) {
|
||||
domain = PTR_OFFSET(data, sizeof(*new) + lpsize);
|
||||
memcpy(domain, src->domain, dsize);
|
||||
@@ -681,8 +690,8 @@ smtp_address_clone_temp(const struct smt
|
||||
return NULL;
|
||||
|
||||
new = t_new(struct smtp_address, 1);
|
||||
- new->localpart = t_strdup(src->localpart);
|
||||
- new->domain = t_strdup(src->domain);
|
||||
+ new->localpart = t_strdup_empty(src->localpart);
|
||||
+ new->domain = t_strdup_empty(src->domain);
|
||||
return new;
|
||||
}
|
||||
|
||||
@@ -720,7 +729,7 @@ smtp_address_add_detail(pool_t pool, con
|
||||
new_addr = p_new(pool, struct smtp_address, 1);
|
||||
new_addr->localpart = p_strconcat(pool,
|
||||
address->localpart, delim, detail, NULL);
|
||||
- new_addr->domain = p_strdup(pool, address->domain);
|
||||
+ new_addr->domain = p_strdup_empty(pool, address->domain);
|
||||
|
||||
return new_addr;
|
||||
}
|
||||
@@ -737,7 +746,7 @@ smtp_address_add_detail_temp(const struc
|
||||
new_addr = t_new(struct smtp_address, 1);
|
||||
new_addr->localpart = t_strconcat(
|
||||
address->localpart, delim, detail, NULL);
|
||||
- new_addr->domain = t_strdup(address->domain);
|
||||
+ new_addr->domain = t_strdup_empty(address->domain);
|
||||
|
||||
return new_addr;
|
||||
}
|
|
@ -0,0 +1,17 @@
|
|||
diff --git a/src/lib-index/mail-index-sync.c b/src/lib-index/mail-index-sync.c
|
||||
index 6322ee1869..c847f1cc01 100644
|
||||
--- a/src/lib-index/mail-index-sync.c
|
||||
+++ b/src/lib-index/mail-index-sync.c
|
||||
@@ -544,6 +544,12 @@ static bool mail_index_sync_view_have_any(struct mail_index_view *view,
|
||||
return TRUE;
|
||||
|
||||
mail_transaction_log_get_head(view->index->log, &log_seq, &log_offset);
|
||||
+ if (log_seq < view->map->hdr.log_file_seq ||
|
||||
+ ((log_seq == view->map->hdr.log_file_seq &&
|
||||
+ log_offset < view->map->hdr.log_file_tail_offset))) {
|
||||
+ /* invalid offsets - let the syncing handle the error */
|
||||
+ return TRUE;
|
||||
+ }
|
||||
if (mail_transaction_log_view_set(view->log_view,
|
||||
view->map->hdr.log_file_seq,
|
||||
view->map->hdr.log_file_tail_offset,
|
|
@ -0,0 +1,53 @@
|
|||
commit ec4595097067a736717ef202fe8542b1b4bc2dd5
|
||||
Author: Timo Sirainen <timo.sirainen@open-xchange.com>
|
||||
Date: Tue Aug 10 12:22:08 2021 +0300
|
||||
|
||||
lib-index: Fix storing cache fields' last_used with 64bit big endian CPUs
|
||||
|
||||
diff --git a/src/lib-index/mail-cache-fields.c b/src/lib-index/mail-cache-fields.c
|
||||
index e929fb559d..429e0d234c 100644
|
||||
--- a/src/lib-index/mail-cache-fields.c
|
||||
+++ b/src/lib-index/mail-cache-fields.c
|
||||
@@ -524,6 +524,19 @@ static void copy_to_buf_byte(struct mail_cache *cache, buffer_t *dest,
|
||||
}
|
||||
}
|
||||
|
||||
+static void
|
||||
+copy_to_buf_last_used(struct mail_cache *cache, buffer_t *dest, bool add_new)
|
||||
+{
|
||||
+ size_t offset = offsetof(struct mail_cache_field, last_used);
|
||||
+#if defined(WORDS_BIGENDIAN) && SIZEOF_VOID_P == 8
|
||||
+ /* 64bit time_t with big endian CPUs: copy the last 32 bits instead of
|
||||
+ the first 32 bits (that are always 0). The 32 bits are enough until
|
||||
+ year 2106, so we're not in a hurry to use 64 bits on disk. */
|
||||
+ offset += sizeof(uint32_t);
|
||||
+#endif
|
||||
+ copy_to_buf(cache, dest, add_new, offset, sizeof(uint32_t));
|
||||
+}
|
||||
+
|
||||
static int mail_cache_header_fields_update_locked(struct mail_cache *cache)
|
||||
{
|
||||
buffer_t *buffer;
|
||||
@@ -536,9 +549,7 @@ static int mail_cache_header_fields_update_locked(struct mail_cache *cache)
|
||||
|
||||
buffer = t_buffer_create(256);
|
||||
|
||||
- copy_to_buf(cache, buffer, FALSE,
|
||||
- offsetof(struct mail_cache_field, last_used),
|
||||
- sizeof(uint32_t));
|
||||
+ copy_to_buf_last_used(cache, buffer, FALSE);
|
||||
ret = mail_cache_write(cache, buffer->data, buffer->used,
|
||||
offset + MAIL_CACHE_FIELD_LAST_USED());
|
||||
if (ret == 0) {
|
||||
@@ -599,9 +610,7 @@ void mail_cache_header_fields_get(struct mail_cache *cache, buffer_t *dest)
|
||||
buffer_append(dest, &hdr, sizeof(hdr));
|
||||
|
||||
/* we have to keep the field order for the existing fields. */
|
||||
- copy_to_buf(cache, dest, TRUE,
|
||||
- offsetof(struct mail_cache_field, last_used),
|
||||
- sizeof(uint32_t));
|
||||
+ copy_to_buf_last_used(cache, dest, TRUE);
|
||||
copy_to_buf(cache, dest, TRUE,
|
||||
offsetof(struct mail_cache_field, field_size),
|
||||
sizeof(uint32_t));
|
||||
|
|
@ -0,0 +1,353 @@
|
|||
diff -up dovecot-2.3.16/configure.ac.keeplzma dovecot-2.3.16/configure.ac
|
||||
--- dovecot-2.3.16/configure.ac.keeplzma 2021-08-06 11:25:51.000000000 +0200
|
||||
+++ dovecot-2.3.16/configure.ac 2022-02-28 13:58:02.337149927 +0100
|
||||
@@ -173,7 +173,7 @@ AS_HELP_STRING([--with-bzlib], [Build wi
|
||||
want_bzlib=auto)
|
||||
|
||||
AC_ARG_WITH(lzma,
|
||||
-AS_HELP_STRING([--with-lzma], [Build with LZMA decompression support (auto)]),
|
||||
+AS_HELP_STRING([--with-lzma], [Build with LZMA compression support (auto)]),
|
||||
TEST_WITH(lzma, $withval),
|
||||
want_lzma=auto)
|
||||
|
||||
diff -up dovecot-2.3.16/run-test-valgrind.supp.keeplzma dovecot-2.3.16/run-test-valgrind.supp
|
||||
--- dovecot-2.3.16/run-test-valgrind.supp.keeplzma 2021-08-06 11:25:51.000000000 +0200
|
||||
+++ dovecot-2.3.16/run-test-valgrind.supp 2022-02-28 13:58:02.337149927 +0100
|
||||
@@ -5,6 +5,17 @@
|
||||
obj:*/bash
|
||||
}
|
||||
{
|
||||
+ <liblzma>
|
||||
+ Memcheck:Cond
|
||||
+ obj:/lib/x86_64-linux-gnu/liblzma.so.5.*
|
||||
+ obj:/lib/x86_64-linux-gnu/liblzma.so.5.*
|
||||
+ obj:/lib/x86_64-linux-gnu/liblzma.so.5.*
|
||||
+ obj:/lib/x86_64-linux-gnu/liblzma.so.5.*
|
||||
+ obj:/lib/x86_64-linux-gnu/liblzma.so.5.*
|
||||
+ fun:lzma_stream_encoder
|
||||
+ fun:lzma_easy_encoder
|
||||
+}
|
||||
+{
|
||||
<openssl_centos6_i386_v1_0_1_compression_methods>
|
||||
Memcheck:Leak
|
||||
fun:malloc
|
||||
diff -up dovecot-2.3.16/src/lib-compression/compression.c.keeplzma dovecot-2.3.16/src/lib-compression/compression.c
|
||||
--- dovecot-2.3.16/src/lib-compression/compression.c.keeplzma 2021-08-06 11:25:51.000000000 +0200
|
||||
+++ dovecot-2.3.16/src/lib-compression/compression.c 2022-02-28 14:22:32.467944396 +0100
|
||||
@@ -25,6 +25,7 @@
|
||||
#endif
|
||||
#ifndef HAVE_LZMA
|
||||
# define i_stream_create_lzma NULL
|
||||
+# define o_stream_create_lzma NULL
|
||||
#endif
|
||||
#ifndef HAVE_LZ4
|
||||
# define i_stream_create_lz4 NULL
|
||||
@@ -216,7 +217,7 @@ const struct compression_handler compres
|
||||
.ext = ".xz",
|
||||
.is_compressed = is_compressed_xz,
|
||||
.create_istream = i_stream_create_lzma,
|
||||
- .create_ostream = NULL,
|
||||
+ .create_ostream = o_stream_create_lzma,
|
||||
.get_min_level = compression_get_min_level_unsupported,
|
||||
.get_default_level = compression_get_default_level_unsupported,
|
||||
.get_max_level = compression_get_max_level_unsupported,
|
||||
diff -up dovecot-2.3.16/src/lib-compression/Makefile.am.keeplzma dovecot-2.3.16/src/lib-compression/Makefile.am
|
||||
--- dovecot-2.3.16/src/lib-compression/Makefile.am.keeplzma 2021-08-06 11:25:51.000000000 +0200
|
||||
+++ dovecot-2.3.16/src/lib-compression/Makefile.am 2022-02-28 13:58:02.337149927 +0100
|
||||
@@ -13,6 +13,7 @@ libcompression_la_SOURCES = \
|
||||
istream-zlib.c \
|
||||
istream-bzlib.c \
|
||||
istream-zstd.c \
|
||||
+ ostream-lzma.c \
|
||||
ostream-lz4.c \
|
||||
ostream-zlib.c \
|
||||
ostream-bzlib.c \
|
||||
diff -up dovecot-2.3.16/src/lib-compression/ostream-lzma.c.keeplzma dovecot-2.3.16/src/lib-compression/ostream-lzma.c
|
||||
--- dovecot-2.3.16/src/lib-compression/ostream-lzma.c.keeplzma 2022-02-28 13:58:02.338149934 +0100
|
||||
+++ dovecot-2.3.16/src/lib-compression/ostream-lzma.c 2022-02-28 13:58:02.338149934 +0100
|
||||
@@ -0,0 +1,263 @@
|
||||
+/* Copyright (c) 2010-2018 Dovecot authors, see the included COPYING file */
|
||||
+
|
||||
+#include "lib.h"
|
||||
+
|
||||
+#ifdef HAVE_LZMA
|
||||
+
|
||||
+#include "ostream-private.h"
|
||||
+#include "ostream-zlib.h"
|
||||
+#include <lzma.h>
|
||||
+
|
||||
+#define CHUNK_SIZE (1024*64)
|
||||
+
|
||||
+struct lzma_ostream {
|
||||
+ struct ostream_private ostream;
|
||||
+ lzma_stream strm;
|
||||
+
|
||||
+ unsigned char outbuf[CHUNK_SIZE];
|
||||
+ unsigned int outbuf_offset, outbuf_used;
|
||||
+
|
||||
+ bool flushed:1;
|
||||
+};
|
||||
+
|
||||
+static void o_stream_lzma_close(struct iostream_private *stream,
|
||||
+ bool close_parent)
|
||||
+{
|
||||
+ struct lzma_ostream *zstream = (struct lzma_ostream *)stream;
|
||||
+ i_assert(zstream->ostream.finished ||
|
||||
+ zstream->ostream.ostream.stream_errno != 0 ||
|
||||
+ zstream->ostream.error_handling_disabled);
|
||||
+ lzma_end(&zstream->strm);
|
||||
+ if (close_parent)
|
||||
+ o_stream_close(zstream->ostream.parent);
|
||||
+}
|
||||
+
|
||||
+static int o_stream_zlib_send_outbuf(struct lzma_ostream *zstream)
|
||||
+{
|
||||
+ ssize_t ret;
|
||||
+ size_t size;
|
||||
+
|
||||
+ if (zstream->outbuf_used == 0)
|
||||
+ return 1;
|
||||
+
|
||||
+ size = zstream->outbuf_used - zstream->outbuf_offset;
|
||||
+ i_assert(size > 0);
|
||||
+ ret = o_stream_send(zstream->ostream.parent,
|
||||
+ zstream->outbuf + zstream->outbuf_offset, size);
|
||||
+ if (ret < 0) {
|
||||
+ o_stream_copy_error_from_parent(&zstream->ostream);
|
||||
+ return -1;
|
||||
+ }
|
||||
+ if ((size_t)ret != size) {
|
||||
+ zstream->outbuf_offset += ret;
|
||||
+ return 0;
|
||||
+ }
|
||||
+ zstream->outbuf_offset = 0;
|
||||
+ zstream->outbuf_used = 0;
|
||||
+ return 1;
|
||||
+}
|
||||
+
|
||||
+static ssize_t
|
||||
+o_stream_lzma_send_chunk(struct lzma_ostream *zstream,
|
||||
+ const void *data, size_t size)
|
||||
+{
|
||||
+ lzma_stream *zs = &zstream->strm;
|
||||
+ int ret;
|
||||
+
|
||||
+ i_assert(zstream->outbuf_used == 0);
|
||||
+
|
||||
+ zs->next_in = (void *)data;
|
||||
+ zs->avail_in = size;
|
||||
+ while (zs->avail_in > 0) {
|
||||
+ if (zs->avail_out == 0) {
|
||||
+ /* previous block was compressed. send it and start
|
||||
+ compression for a new block. */
|
||||
+ zs->next_out = zstream->outbuf;
|
||||
+ zs->avail_out = sizeof(zstream->outbuf);
|
||||
+
|
||||
+ zstream->outbuf_used = sizeof(zstream->outbuf);
|
||||
+ if ((ret = o_stream_zlib_send_outbuf(zstream)) < 0)
|
||||
+ return -1;
|
||||
+ if (ret == 0) {
|
||||
+ /* parent stream's buffer full */
|
||||
+ break;
|
||||
+ }
|
||||
+ }
|
||||
+
|
||||
+ ret = lzma_code(zs, LZMA_RUN);
|
||||
+ switch (ret) {
|
||||
+ case LZMA_OK:
|
||||
+ break;
|
||||
+ case LZMA_MEM_ERROR:
|
||||
+ i_fatal_status(FATAL_OUTOFMEM,
|
||||
+ "lzma.write(%s): Out of memory",
|
||||
+ o_stream_get_name(&zstream->ostream.ostream));
|
||||
+ default:
|
||||
+ i_panic("lzma.write(%s) failed with unexpected code %d",
|
||||
+ o_stream_get_name(&zstream->ostream.ostream), ret);
|
||||
+ }
|
||||
+ }
|
||||
+ size -= zs->avail_in;
|
||||
+
|
||||
+ return size;
|
||||
+}
|
||||
+
|
||||
+static int o_stream_lzma_send_flush(struct lzma_ostream *zstream, bool final)
|
||||
+{
|
||||
+ lzma_stream *zs = &zstream->strm;
|
||||
+ size_t len;
|
||||
+ bool done = FALSE;
|
||||
+ int ret;
|
||||
+
|
||||
+ i_assert(zs->avail_in == 0);
|
||||
+
|
||||
+ if (zstream->flushed) {
|
||||
+ i_assert(zstream->outbuf_used == 0);
|
||||
+ return 1;
|
||||
+ }
|
||||
+
|
||||
+ if ((ret = o_stream_flush_parent_if_needed(&zstream->ostream)) <= 0)
|
||||
+ return ret;
|
||||
+ if ((ret = o_stream_zlib_send_outbuf(zstream)) <= 0)
|
||||
+ return ret;
|
||||
+
|
||||
+ if (!final)
|
||||
+ return 1;
|
||||
+
|
||||
+ i_assert(zstream->outbuf_used == 0);
|
||||
+ do {
|
||||
+ len = sizeof(zstream->outbuf) - zs->avail_out;
|
||||
+ if (len != 0) {
|
||||
+ zs->next_out = zstream->outbuf;
|
||||
+ zs->avail_out = sizeof(zstream->outbuf);
|
||||
+
|
||||
+ zstream->outbuf_used = len;
|
||||
+ if ((ret = o_stream_zlib_send_outbuf(zstream)) <= 0)
|
||||
+ return ret;
|
||||
+ if (done)
|
||||
+ break;
|
||||
+ }
|
||||
+ ret = lzma_code(zs, LZMA_FINISH);
|
||||
+ switch (ret) {
|
||||
+ case LZMA_OK:
|
||||
+ /* still unfinished - need to call lzma_code() again */
|
||||
+ break;
|
||||
+ case LZMA_STREAM_END:
|
||||
+ /* output is fully finished */
|
||||
+ done = TRUE;
|
||||
+ break;
|
||||
+ case LZMA_MEM_ERROR:
|
||||
+ i_fatal_status(FATAL_OUTOFMEM,
|
||||
+ "lzma.write(%s): Out of memory",
|
||||
+ o_stream_get_name(&zstream->ostream.ostream));
|
||||
+ default:
|
||||
+ i_panic("lzma.write(%s) flush failed with unexpected code %d",
|
||||
+ o_stream_get_name(&zstream->ostream.ostream), ret);
|
||||
+ }
|
||||
+ } while (zs->avail_out != sizeof(zstream->outbuf));
|
||||
+
|
||||
+ if (final)
|
||||
+ zstream->flushed = TRUE;
|
||||
+ i_assert(zstream->outbuf_used == 0);
|
||||
+ return 1;
|
||||
+}
|
||||
+
|
||||
+static int o_stream_lzma_flush(struct ostream_private *stream)
|
||||
+{
|
||||
+ struct lzma_ostream *zstream = (struct lzma_ostream *)stream;
|
||||
+ int ret;
|
||||
+
|
||||
+ if ((ret = o_stream_lzma_send_flush(zstream, stream->finished)) < 0)
|
||||
+ return -1;
|
||||
+ else if (ret > 0)
|
||||
+ return o_stream_flush_parent(stream);
|
||||
+ return ret;
|
||||
+}
|
||||
+
|
||||
+static size_t
|
||||
+o_stream_lzma_get_buffer_used_size(const struct ostream_private *stream)
|
||||
+{
|
||||
+ const struct lzma_ostream *zstream =
|
||||
+ (const struct lzma_ostream *)stream;
|
||||
+
|
||||
+ /* outbuf has already compressed data that we're trying to send to the
|
||||
+ parent stream. We're not including lzma's internal compression
|
||||
+ buffer size. */
|
||||
+ return (zstream->outbuf_used - zstream->outbuf_offset) +
|
||||
+ o_stream_get_buffer_used_size(stream->parent);
|
||||
+}
|
||||
+
|
||||
+static size_t
|
||||
+o_stream_lzma_get_buffer_avail_size(const struct ostream_private *stream)
|
||||
+{
|
||||
+ /* FIXME: not correct - this is counting compressed size, which may be
|
||||
+ too larger than uncompressed size in some situations. Fixing would
|
||||
+ require some kind of additional buffering. */
|
||||
+ return o_stream_get_buffer_avail_size(stream->parent);
|
||||
+}
|
||||
+
|
||||
+static ssize_t
|
||||
+o_stream_lzma_sendv(struct ostream_private *stream,
|
||||
+ const struct const_iovec *iov, unsigned int iov_count)
|
||||
+{
|
||||
+ struct lzma_ostream *zstream = (struct lzma_ostream *)stream;
|
||||
+ ssize_t ret, bytes = 0;
|
||||
+ unsigned int i;
|
||||
+
|
||||
+ if ((ret = o_stream_zlib_send_outbuf(zstream)) <= 0) {
|
||||
+ /* error / we still couldn't flush existing data to
|
||||
+ parent stream. */
|
||||
+ return ret;
|
||||
+ }
|
||||
+
|
||||
+ for (i = 0; i < iov_count; i++) {
|
||||
+ ret = o_stream_lzma_send_chunk(zstream, iov[i].iov_base,
|
||||
+ iov[i].iov_len);
|
||||
+ if (ret < 0)
|
||||
+ return -1;
|
||||
+ bytes += ret;
|
||||
+ if ((size_t)ret != iov[i].iov_len)
|
||||
+ break;
|
||||
+ }
|
||||
+ stream->ostream.offset += bytes;
|
||||
+
|
||||
+ /* avail_in!=0 check is used to detect errors. if it's non-zero here
|
||||
+ it simply means we didn't send all the data */
|
||||
+ zstream->strm.avail_in = 0;
|
||||
+ return bytes;
|
||||
+}
|
||||
+
|
||||
+struct ostream *o_stream_create_lzma(struct ostream *output, int level)
|
||||
+{
|
||||
+ struct lzma_ostream *zstream;
|
||||
+ lzma_ret ret;
|
||||
+
|
||||
+ i_assert(level >= 1 && level <= 9);
|
||||
+
|
||||
+ zstream = i_new(struct lzma_ostream, 1);
|
||||
+ zstream->ostream.sendv = o_stream_lzma_sendv;
|
||||
+ zstream->ostream.flush = o_stream_lzma_flush;
|
||||
+ zstream->ostream.get_buffer_used_size =
|
||||
+ o_stream_lzma_get_buffer_used_size;
|
||||
+ zstream->ostream.get_buffer_avail_size =
|
||||
+ o_stream_lzma_get_buffer_avail_size;
|
||||
+ zstream->ostream.iostream.close = o_stream_lzma_close;
|
||||
+
|
||||
+ ret = lzma_easy_encoder(&zstream->strm, level, LZMA_CHECK_CRC64);
|
||||
+ switch (ret) {
|
||||
+ case LZMA_OK:
|
||||
+ break;
|
||||
+ case LZMA_MEM_ERROR:
|
||||
+ i_fatal_status(FATAL_OUTOFMEM, "lzma: Out of memory");
|
||||
+ case LZMA_OPTIONS_ERROR:
|
||||
+ i_fatal("lzma: Invalid level");
|
||||
+ default:
|
||||
+ i_fatal("lzma_easy_encoder() failed with %d", ret);
|
||||
+ }
|
||||
+
|
||||
+ zstream->strm.next_out = zstream->outbuf;
|
||||
+ zstream->strm.avail_out = sizeof(zstream->outbuf);
|
||||
+ return o_stream_create(&zstream->ostream, output,
|
||||
+ o_stream_get_fd(output));
|
||||
+}
|
||||
+#endif
|
||||
diff -up dovecot-2.3.16/src/lib-compression/ostream-zlib.h.keeplzma dovecot-2.3.16/src/lib-compression/ostream-zlib.h
|
||||
--- dovecot-2.3.16/src/lib-compression/ostream-zlib.h.keeplzma 2021-08-06 11:25:51.000000000 +0200
|
||||
+++ dovecot-2.3.16/src/lib-compression/ostream-zlib.h 2022-02-28 13:58:02.338149934 +0100
|
||||
@@ -4,6 +4,7 @@
|
||||
struct ostream *o_stream_create_gz(struct ostream *output, int level);
|
||||
struct ostream *o_stream_create_deflate(struct ostream *output, int level);
|
||||
struct ostream *o_stream_create_bz2(struct ostream *output, int level);
|
||||
+struct ostream *o_stream_create_lzma(struct ostream *output, int level);
|
||||
struct ostream *o_stream_create_lz4(struct ostream *output, int level);
|
||||
struct ostream *o_stream_create_zstd(struct ostream *output, int level);
|
||||
|
||||
diff -up dovecot-2.3.16/src/lib-compression/test-compression.c.keeplzma dovecot-2.3.16/src/lib-compression/test-compression.c
|
||||
--- dovecot-2.3.16/src/lib-compression/test-compression.c.keeplzma 2021-08-06 11:25:51.000000000 +0200
|
||||
+++ dovecot-2.3.16/src/lib-compression/test-compression.c 2022-02-28 13:58:02.338149934 +0100
|
||||
@@ -730,7 +730,6 @@ static void test_compression_int(bool au
|
||||
|
||||
for (i = 0; compression_handlers[i].name != NULL; i++) {
|
||||
if (compression_handlers[i].create_istream != NULL &&
|
||||
- compression_handlers[i].create_ostream != NULL &&
|
||||
(!autodetect ||
|
||||
compression_handlers[i].is_compressed != NULL)) T_BEGIN {
|
||||
if (compression_handlers[i].is_compressed != NULL &&
|
|
@ -0,0 +1,578 @@
|
|||
From 9f3002393fe1c1fe317121d03591569dac120739 Mon Sep 17 00:00:00 2001
|
||||
From: Stephan Bosch <stephan.bosch@open-xchange.com>
|
||||
Date: Tue, 17 Aug 2021 19:09:13 +0200
|
||||
Subject: [PATCH 01/12] lib-sieve: sieve-interpreter - Fix field mixup in debug
|
||||
message.
|
||||
|
||||
---
|
||||
src/lib-sieve/sieve-interpreter.c | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/src/lib-sieve/sieve-interpreter.c b/src/lib-sieve/sieve-interpreter.c
|
||||
index 9ee6c659..274e142d 100644
|
||||
--- a/src/lib-sieve/sieve-interpreter.c
|
||||
+++ b/src/lib-sieve/sieve-interpreter.c
|
||||
@@ -1003,8 +1003,8 @@ int sieve_interpreter_continue(struct sieve_interpreter *interp,
|
||||
}
|
||||
e_debug(e->event(), "Finished running script `%s' "
|
||||
"(status=%s, resource usage: %s)",
|
||||
- sieve_execution_exitcode_to_str(ret),
|
||||
sieve_binary_source(interp->runenv.sbin),
|
||||
+ sieve_execution_exitcode_to_str(ret),
|
||||
sieve_resource_usage_get_summary(&interp->rusage));
|
||||
interp->running = FALSE;
|
||||
}
|
||||
|
||||
From 54e020c1212f626049bffc6c6fea8e606a893af2 Mon Sep 17 00:00:00 2001
|
||||
From: Stephan Bosch <stephan.bosch@open-xchange.com>
|
||||
Date: Wed, 18 Aug 2021 01:44:23 +0200
|
||||
Subject: [PATCH 02/12] lib-sieve: sieve-result - Remove success parameter from
|
||||
sieve_result_implicit_keep_execute().
|
||||
|
||||
---
|
||||
src/lib-sieve/sieve-result.c | 18 ++++++++----------
|
||||
1 file changed, 8 insertions(+), 10 deletions(-)
|
||||
|
||||
diff --git a/src/lib-sieve/sieve-result.c b/src/lib-sieve/sieve-result.c
|
||||
index 55eb9f54..d3f2f925 100644
|
||||
--- a/src/lib-sieve/sieve-result.c
|
||||
+++ b/src/lib-sieve/sieve-result.c
|
||||
@@ -1475,8 +1475,7 @@ void sieve_result_execution_destroy(struct sieve_result_execution **_rexec)
|
||||
}
|
||||
|
||||
static void
|
||||
-sieve_result_implicit_keep_execute(struct sieve_result_execution *rexec,
|
||||
- bool success)
|
||||
+sieve_result_implicit_keep_execute(struct sieve_result_execution *rexec)
|
||||
{
|
||||
const struct sieve_action_exec_env *aenv = &rexec->action_env;
|
||||
struct sieve_result *result = aenv->result;
|
||||
@@ -1486,6 +1485,7 @@ sieve_result_implicit_keep_execute(struct sieve_result_execution *rexec,
|
||||
struct sieve_action_execution *aexec_keep = &rexec->keep;
|
||||
struct sieve_result_action *ract_keep = &rexec->keep_action;
|
||||
struct sieve_action *act_keep = &ract_keep->action;
|
||||
+ bool success = (rexec->status == SIEVE_EXEC_OK);
|
||||
|
||||
if (rexec->keep_equiv_action != NULL) {
|
||||
e_debug(rexec->event, "No implicit keep needed "
|
||||
@@ -1579,8 +1579,8 @@ sieve_result_implicit_keep_execute(struct sieve_result_execution *rexec,
|
||||
}
|
||||
}
|
||||
|
||||
- e_debug(rexec->event, "Execute implicit keep (failure=%s)",
|
||||
- (!success ? "yes" : "no"));
|
||||
+ e_debug(rexec->event, "Execute implicit keep (status=%s)",
|
||||
+ sieve_execution_exitcode_to_str(rexec->status));
|
||||
|
||||
/* Initialize side effects */
|
||||
sieve_action_execution_add_side_effects(rexec, aexec_keep, ract_keep);
|
||||
@@ -1633,7 +1633,7 @@ sieve_result_implicit_keep_finalize(struct sieve_result_execution *rexec,
|
||||
/* Start keep if necessary */
|
||||
if (act_keep->def == NULL ||
|
||||
aexec_keep->state != SIEVE_ACTION_EXECUTION_STATE_EXECUTED) {
|
||||
- sieve_result_implicit_keep_execute(rexec, success);
|
||||
+ sieve_result_implicit_keep_execute(rexec);
|
||||
/* Switch to failure keep if necessary. */
|
||||
} else if (rexec->keep_success && !success){
|
||||
e_debug(rexec->event, "Switch to failure implicit keep");
|
||||
@@ -1645,7 +1645,7 @@ sieve_result_implicit_keep_finalize(struct sieve_result_execution *rexec,
|
||||
i_zero(aexec_keep);
|
||||
|
||||
/* Start failure keep action. */
|
||||
- sieve_result_implicit_keep_execute(rexec, success);
|
||||
+ sieve_result_implicit_keep_execute(rexec);
|
||||
}
|
||||
if (act_keep->def == NULL)
|
||||
return rexec->keep_status;
|
||||
@@ -1931,10 +1931,8 @@ int sieve_result_execute(struct sieve_result_execution *rexec, int status,
|
||||
/* Execute implicit keep if the transaction failed or when the
|
||||
implicit keep was not canceled during transaction.
|
||||
*/
|
||||
- if (rexec->status != SIEVE_EXEC_OK || rexec->keep_implicit) {
|
||||
- sieve_result_implicit_keep_execute(
|
||||
- rexec, (rexec->status == SIEVE_EXEC_OK));
|
||||
- }
|
||||
+ if (rexec->status != SIEVE_EXEC_OK || rexec->keep_implicit)
|
||||
+ sieve_result_implicit_keep_execute(rexec);
|
||||
}
|
||||
|
||||
/* Transaction commit/rollback */
|
||||
|
||||
From 291f2fdb77b86db566dca7c028dd93fc741f6b31 Mon Sep 17 00:00:00 2001
|
||||
From: Stephan Bosch <stephan.bosch@open-xchange.com>
|
||||
Date: Wed, 18 Aug 2021 01:40:57 +0200
|
||||
Subject: [PATCH 03/12] lib-sieve: sieve-result - Remove success parameter from
|
||||
sieve_result_implicit_keep_finalize().
|
||||
|
||||
---
|
||||
src/lib-sieve/sieve-result.c | 11 +++++------
|
||||
1 file changed, 5 insertions(+), 6 deletions(-)
|
||||
|
||||
diff --git a/src/lib-sieve/sieve-result.c b/src/lib-sieve/sieve-result.c
|
||||
index d3f2f925..3cf2c02a 100644
|
||||
--- a/src/lib-sieve/sieve-result.c
|
||||
+++ b/src/lib-sieve/sieve-result.c
|
||||
@@ -1603,8 +1603,7 @@ sieve_result_implicit_keep_execute(struct sieve_result_execution *rexec)
|
||||
}
|
||||
|
||||
static int
|
||||
-sieve_result_implicit_keep_finalize(struct sieve_result_execution *rexec,
|
||||
- bool success)
|
||||
+sieve_result_implicit_keep_finalize(struct sieve_result_execution *rexec)
|
||||
{
|
||||
const struct sieve_action_exec_env *aenv = &rexec->action_env;
|
||||
const struct sieve_execute_env *eenv = aenv->exec_env;
|
||||
@@ -1612,6 +1611,7 @@ sieve_result_implicit_keep_finalize(struct sieve_result_execution *rexec,
|
||||
struct sieve_result_action *ract_keep = &rexec->keep_action;
|
||||
struct sieve_action *act_keep = &ract_keep->action;
|
||||
int commit_status = SIEVE_EXEC_OK;
|
||||
+ bool success = (rexec->status == SIEVE_EXEC_OK);
|
||||
|
||||
if (rexec->keep_equiv_action != NULL) {
|
||||
struct sieve_action_execution *ke_aexec =
|
||||
@@ -1627,8 +1627,8 @@ sieve_result_implicit_keep_finalize(struct sieve_result_execution *rexec,
|
||||
return rexec->keep_status;
|
||||
}
|
||||
|
||||
- e_debug(rexec->event, "Finalize implicit keep (failure=%s)",
|
||||
- (!success ? "yes" : "no"));
|
||||
+ e_debug(rexec->event, "Finalize implicit keep (status=%s)",
|
||||
+ sieve_execution_exitcode_to_str(rexec->status));
|
||||
|
||||
/* Start keep if necessary */
|
||||
if (act_keep->def == NULL ||
|
||||
@@ -1950,8 +1950,7 @@ int sieve_result_execute(struct sieve_result_execution *rexec, int status,
|
||||
implicit keep was not canceled during transaction.
|
||||
*/
|
||||
if (rexec->status != SIEVE_EXEC_OK || rexec->keep_implicit) {
|
||||
- ret = sieve_result_implicit_keep_finalize(
|
||||
- rexec, (rexec->status == SIEVE_EXEC_OK));
|
||||
+ ret = sieve_result_implicit_keep_finalize(rexec);
|
||||
switch (ret) {
|
||||
case SIEVE_EXEC_OK:
|
||||
if (result_status == SIEVE_EXEC_TEMP_FAILURE)
|
||||
|
||||
From 10e347e3c9eb5e7bf5bc6f178389005357f527fe Mon Sep 17 00:00:00 2001
|
||||
From: Stephan Bosch <stephan.bosch@open-xchange.com>
|
||||
Date: Wed, 18 Aug 2021 02:07:01 +0200
|
||||
Subject: [PATCH 04/12] lib-sieve: sieve-result - Move temp failure status
|
||||
checks into sieve_result_implicit_keep_execute().
|
||||
|
||||
---
|
||||
src/lib-sieve/sieve-result.c | 38 ++++++++++++++++++++++++------------
|
||||
1 file changed, 26 insertions(+), 12 deletions(-)
|
||||
|
||||
diff --git a/src/lib-sieve/sieve-result.c b/src/lib-sieve/sieve-result.c
|
||||
index 3cf2c02a..44afeef7 100644
|
||||
--- a/src/lib-sieve/sieve-result.c
|
||||
+++ b/src/lib-sieve/sieve-result.c
|
||||
@@ -934,6 +934,7 @@ struct sieve_result_execution {
|
||||
bool keep_success:1;
|
||||
bool keep_explicit:1;
|
||||
bool keep_implicit:1;
|
||||
+ bool keep_finalizing:1;
|
||||
bool seen_delivery:1;
|
||||
bool executed:1;
|
||||
bool executed_delivery:1;
|
||||
@@ -1485,7 +1486,24 @@ sieve_result_implicit_keep_execute(struct sieve_result_execution *rexec)
|
||||
struct sieve_action_execution *aexec_keep = &rexec->keep;
|
||||
struct sieve_result_action *ract_keep = &rexec->keep_action;
|
||||
struct sieve_action *act_keep = &ract_keep->action;
|
||||
- bool success = (rexec->status == SIEVE_EXEC_OK);
|
||||
+ bool success = FALSE;
|
||||
+
|
||||
+ switch (rexec->status) {
|
||||
+ case SIEVE_EXEC_OK:
|
||||
+ success = TRUE;
|
||||
+ break;
|
||||
+ case SIEVE_EXEC_TEMP_FAILURE:
|
||||
+ case SIEVE_EXEC_RESOURCE_LIMIT:
|
||||
+ if (rexec->executed)
|
||||
+ break;
|
||||
+ if (rexec->committed)
|
||||
+ break;
|
||||
+ if (rexec->keep_finalizing)
|
||||
+ break;
|
||||
+ return;
|
||||
+ default:
|
||||
+ break;
|
||||
+ }
|
||||
|
||||
if (rexec->keep_equiv_action != NULL) {
|
||||
e_debug(rexec->event, "No implicit keep needed "
|
||||
@@ -1630,6 +1648,8 @@ sieve_result_implicit_keep_finalize(struct sieve_result_execution *rexec)
|
||||
e_debug(rexec->event, "Finalize implicit keep (status=%s)",
|
||||
sieve_execution_exitcode_to_str(rexec->status));
|
||||
|
||||
+ rexec->keep_finalizing = TRUE;
|
||||
+
|
||||
/* Start keep if necessary */
|
||||
if (act_keep->def == NULL ||
|
||||
aexec_keep->state != SIEVE_ACTION_EXECUTION_STATE_EXECUTED) {
|
||||
@@ -1923,17 +1943,11 @@ int sieve_result_execute(struct sieve_result_execution *rexec, int status,
|
||||
return rexec->status;
|
||||
}
|
||||
|
||||
- /* Execute implicit keep if necessary */
|
||||
-
|
||||
- if (rexec->executed ||
|
||||
- (rexec->status != SIEVE_EXEC_TEMP_FAILURE &&
|
||||
- rexec->status != SIEVE_EXEC_RESOURCE_LIMIT)) {
|
||||
- /* Execute implicit keep if the transaction failed or when the
|
||||
- implicit keep was not canceled during transaction.
|
||||
- */
|
||||
- if (rexec->status != SIEVE_EXEC_OK || rexec->keep_implicit)
|
||||
- sieve_result_implicit_keep_execute(rexec);
|
||||
- }
|
||||
+ /* Execute implicit keep if the transaction failed or when the
|
||||
+ implicit keep was not canceled during transaction.
|
||||
+ */
|
||||
+ if (rexec->status != SIEVE_EXEC_OK || rexec->keep_implicit)
|
||||
+ sieve_result_implicit_keep_execute(rexec);
|
||||
|
||||
/* Transaction commit/rollback */
|
||||
|
||||
|
||||
From c84e6e5d8d1d8b03a0ba5958804d200c6e1916d8 Mon Sep 17 00:00:00 2001
|
||||
From: Stephan Bosch <stephan.bosch@open-xchange.com>
|
||||
Date: Wed, 18 Aug 2021 02:26:32 +0200
|
||||
Subject: [PATCH 05/12] lib-sieve: sieve-result - Move temp failure status
|
||||
checks into sieve_result_implicit_keep_finalize().
|
||||
|
||||
---
|
||||
src/lib-sieve/sieve-result.c | 56 +++++++++++++++++++++---------------
|
||||
1 file changed, 33 insertions(+), 23 deletions(-)
|
||||
|
||||
diff --git a/src/lib-sieve/sieve-result.c b/src/lib-sieve/sieve-result.c
|
||||
index 44afeef7..10cc3b95 100644
|
||||
--- a/src/lib-sieve/sieve-result.c
|
||||
+++ b/src/lib-sieve/sieve-result.c
|
||||
@@ -1629,7 +1629,20 @@ sieve_result_implicit_keep_finalize(struct sieve_result_execution *rexec)
|
||||
struct sieve_result_action *ract_keep = &rexec->keep_action;
|
||||
struct sieve_action *act_keep = &ract_keep->action;
|
||||
int commit_status = SIEVE_EXEC_OK;
|
||||
- bool success = (rexec->status == SIEVE_EXEC_OK);
|
||||
+ bool success = FALSE;
|
||||
+
|
||||
+ switch (rexec->status) {
|
||||
+ case SIEVE_EXEC_OK:
|
||||
+ success = TRUE;
|
||||
+ break;
|
||||
+ case SIEVE_EXEC_TEMP_FAILURE:
|
||||
+ case SIEVE_EXEC_RESOURCE_LIMIT:
|
||||
+ if (rexec->committed)
|
||||
+ break;
|
||||
+ return rexec->status;
|
||||
+ default:
|
||||
+ break;
|
||||
+ }
|
||||
|
||||
if (rexec->keep_equiv_action != NULL) {
|
||||
struct sieve_action_execution *ke_aexec =
|
||||
@@ -1957,32 +1970,29 @@ int sieve_result_execute(struct sieve_result_execution *rexec, int status,
|
||||
/* Commit implicit keep if necessary */
|
||||
|
||||
result_status = rexec->status;
|
||||
- if (rexec->committed ||
|
||||
- (rexec->status != SIEVE_EXEC_TEMP_FAILURE &&
|
||||
- rexec->status != SIEVE_EXEC_RESOURCE_LIMIT)) {
|
||||
- /* Commit implicit keep if the transaction failed or when the
|
||||
- implicit keep was not canceled during transaction.
|
||||
- */
|
||||
- if (rexec->status != SIEVE_EXEC_OK || rexec->keep_implicit) {
|
||||
- ret = sieve_result_implicit_keep_finalize(rexec);
|
||||
- switch (ret) {
|
||||
- case SIEVE_EXEC_OK:
|
||||
- if (result_status == SIEVE_EXEC_TEMP_FAILURE)
|
||||
- result_status = SIEVE_EXEC_FAILURE;
|
||||
+
|
||||
+ /* Commit implicit keep if the transaction failed or when the
|
||||
+ implicit keep was not canceled during transaction.
|
||||
+ */
|
||||
+ if (rexec->status != SIEVE_EXEC_OK || rexec->keep_implicit) {
|
||||
+ ret = sieve_result_implicit_keep_finalize(rexec);
|
||||
+ switch (ret) {
|
||||
+ case SIEVE_EXEC_OK:
|
||||
+ if (result_status == SIEVE_EXEC_TEMP_FAILURE)
|
||||
+ result_status = SIEVE_EXEC_FAILURE;
|
||||
+ break;
|
||||
+ case SIEVE_EXEC_TEMP_FAILURE:
|
||||
+ if (!rexec->committed) {
|
||||
+ result_status = ret;
|
||||
break;
|
||||
- case SIEVE_EXEC_TEMP_FAILURE:
|
||||
- if (!rexec->committed) {
|
||||
- result_status = ret;
|
||||
- break;
|
||||
- }
|
||||
- /* fall through */
|
||||
- default:
|
||||
- result_status = SIEVE_EXEC_KEEP_FAILED;
|
||||
}
|
||||
+ /* fall through */
|
||||
+ default:
|
||||
+ result_status = SIEVE_EXEC_KEEP_FAILED;
|
||||
}
|
||||
- if (rexec->status == SIEVE_EXEC_OK)
|
||||
- rexec->status = result_status;
|
||||
}
|
||||
+ if (rexec->status == SIEVE_EXEC_OK)
|
||||
+ rexec->status = result_status;
|
||||
|
||||
/* Finish execution */
|
||||
|
||||
|
||||
From 92b4b06d5d8deeefdd17d5fb18d7f0d23e8e414b Mon Sep 17 00:00:00 2001
|
||||
From: Stephan Bosch <stephan.bosch@open-xchange.com>
|
||||
Date: Wed, 18 Aug 2021 02:46:18 +0200
|
||||
Subject: [PATCH 06/12] lib-sieve: sieve-result - Skip implicit keep in
|
||||
execution stage upon temp failure.
|
||||
|
||||
It will be executed in the commit phase if necessary; don't do it early; it will
|
||||
only be rolled back.
|
||||
---
|
||||
src/lib-sieve/sieve-result.c | 2 --
|
||||
1 file changed, 2 deletions(-)
|
||||
|
||||
diff --git a/src/lib-sieve/sieve-result.c b/src/lib-sieve/sieve-result.c
|
||||
index 10cc3b95..82354831 100644
|
||||
--- a/src/lib-sieve/sieve-result.c
|
||||
+++ b/src/lib-sieve/sieve-result.c
|
||||
@@ -1494,8 +1494,6 @@ sieve_result_implicit_keep_execute(struct sieve_result_execution *rexec)
|
||||
break;
|
||||
case SIEVE_EXEC_TEMP_FAILURE:
|
||||
case SIEVE_EXEC_RESOURCE_LIMIT:
|
||||
- if (rexec->executed)
|
||||
- break;
|
||||
if (rexec->committed)
|
||||
break;
|
||||
if (rexec->keep_finalizing)
|
||||
|
||||
From f2b81cc6ebaa3001bde693f7abdb990f467f7831 Mon Sep 17 00:00:00 2001
|
||||
From: Stephan Bosch <stephan.bosch@open-xchange.com>
|
||||
Date: Wed, 18 Aug 2021 02:56:32 +0200
|
||||
Subject: [PATCH 07/12] lib-sieve: sieve-result - Fix handling of resource
|
||||
limit status after implicit keep commit.
|
||||
|
||||
---
|
||||
src/lib-sieve/sieve-result.c | 1 +
|
||||
1 file changed, 1 insertion(+)
|
||||
|
||||
diff --git a/src/lib-sieve/sieve-result.c b/src/lib-sieve/sieve-result.c
|
||||
index 82354831..96582075 100644
|
||||
--- a/src/lib-sieve/sieve-result.c
|
||||
+++ b/src/lib-sieve/sieve-result.c
|
||||
@@ -1980,6 +1980,7 @@ int sieve_result_execute(struct sieve_result_execution *rexec, int status,
|
||||
result_status = SIEVE_EXEC_FAILURE;
|
||||
break;
|
||||
case SIEVE_EXEC_TEMP_FAILURE:
|
||||
+ case SIEVE_EXEC_RESOURCE_LIMIT:
|
||||
if (!rexec->committed) {
|
||||
result_status = ret;
|
||||
break;
|
||||
|
||||
From 293f0027106a725e4cbcf56b673f1eedda00c317 Mon Sep 17 00:00:00 2001
|
||||
From: Stephan Bosch <stephan.bosch@open-xchange.com>
|
||||
Date: Wed, 18 Aug 2021 02:54:25 +0200
|
||||
Subject: [PATCH 08/12] lib-sieve: sieve-result - Fix resource leak occurring
|
||||
when implicit keep is executed before temporary failure at commit.
|
||||
|
||||
In the commit phase the implicit keep was never finalized, meaning that it was
|
||||
not rolled back and thus not cleaned up properly. This leads to a memory leak
|
||||
and a mailbox reference leak. This in turn causes an assert crash at the end
|
||||
of delivery when the mail user is destroyed.
|
||||
---
|
||||
src/lib-sieve/sieve-result.c | 18 ++++++++++++++----
|
||||
1 file changed, 14 insertions(+), 4 deletions(-)
|
||||
|
||||
diff --git a/src/lib-sieve/sieve-result.c b/src/lib-sieve/sieve-result.c
|
||||
index 96582075..10ea349c 100644
|
||||
--- a/src/lib-sieve/sieve-result.c
|
||||
+++ b/src/lib-sieve/sieve-result.c
|
||||
@@ -1627,7 +1627,7 @@ sieve_result_implicit_keep_finalize(struct sieve_result_execution *rexec)
|
||||
struct sieve_result_action *ract_keep = &rexec->keep_action;
|
||||
struct sieve_action *act_keep = &ract_keep->action;
|
||||
int commit_status = SIEVE_EXEC_OK;
|
||||
- bool success = FALSE;
|
||||
+ bool success = FALSE, temp_failure = FALSE;
|
||||
|
||||
switch (rexec->status) {
|
||||
case SIEVE_EXEC_OK:
|
||||
@@ -1637,7 +1637,15 @@ sieve_result_implicit_keep_finalize(struct sieve_result_execution *rexec)
|
||||
case SIEVE_EXEC_RESOURCE_LIMIT:
|
||||
if (rexec->committed)
|
||||
break;
|
||||
- return rexec->status;
|
||||
+
|
||||
+ if (aexec_keep->state !=
|
||||
+ SIEVE_ACTION_EXECUTION_STATE_EXECUTED)
|
||||
+ return rexec->status;
|
||||
+ /* Roll back for temporary failure when no other action
|
||||
+ is committed. */
|
||||
+ commit_status = rexec->status;
|
||||
+ temp_failure = TRUE;
|
||||
+ break;
|
||||
default:
|
||||
break;
|
||||
}
|
||||
@@ -1662,8 +1670,10 @@ sieve_result_implicit_keep_finalize(struct sieve_result_execution *rexec)
|
||||
rexec->keep_finalizing = TRUE;
|
||||
|
||||
/* Start keep if necessary */
|
||||
- if (act_keep->def == NULL ||
|
||||
- aexec_keep->state != SIEVE_ACTION_EXECUTION_STATE_EXECUTED) {
|
||||
+ if (temp_failure) {
|
||||
+ rexec->keep_status = rexec->status;
|
||||
+ } else if (act_keep->def == NULL ||
|
||||
+ aexec_keep->state != SIEVE_ACTION_EXECUTION_STATE_EXECUTED) {
|
||||
sieve_result_implicit_keep_execute(rexec);
|
||||
/* Switch to failure keep if necessary. */
|
||||
} else if (rexec->keep_success && !success){
|
||||
|
||||
From 81bd53d6c9fa14fc6b32304e49dddb8fd022de91 Mon Sep 17 00:00:00 2001
|
||||
From: Stephan Bosch <stephan.bosch@open-xchange.com>
|
||||
Date: Wed, 18 Aug 2021 13:29:41 +0200
|
||||
Subject: [PATCH 09/12] lib-sieve: sieve-result - Assert that implicit keep is
|
||||
executed in sieve_result_implicit_keep_finalize().
|
||||
|
||||
---
|
||||
src/lib-sieve/sieve-result.c | 2 ++
|
||||
1 file changed, 2 insertions(+)
|
||||
|
||||
diff --git a/src/lib-sieve/sieve-result.c b/src/lib-sieve/sieve-result.c
|
||||
index 10ea349c..de97d6ae 100644
|
||||
--- a/src/lib-sieve/sieve-result.c
|
||||
+++ b/src/lib-sieve/sieve-result.c
|
||||
@@ -1691,6 +1691,8 @@ sieve_result_implicit_keep_finalize(struct sieve_result_execution *rexec)
|
||||
if (act_keep->def == NULL)
|
||||
return rexec->keep_status;
|
||||
|
||||
+ i_assert(aexec_keep->state == SIEVE_ACTION_EXECUTION_STATE_EXECUTED);
|
||||
+
|
||||
/* Finalize keep action */
|
||||
rexec->keep_status = sieve_result_action_commit_or_rollback(
|
||||
rexec, aexec_keep, rexec->keep_status, &commit_status);
|
||||
|
||||
From dbf5b62ba82766a7d824e81005b2517d96984ef0 Mon Sep 17 00:00:00 2001
|
||||
From: Stephan Bosch <stephan.bosch@open-xchange.com>
|
||||
Date: Wed, 18 Aug 2021 02:43:05 +0200
|
||||
Subject: [PATCH 10/12] lib-sieve: sieve-result - Add debug messages for temp
|
||||
failure handling.
|
||||
|
||||
---
|
||||
src/lib-sieve/sieve-result.c | 28 +++++++++++++++++++++++++---
|
||||
1 file changed, 25 insertions(+), 3 deletions(-)
|
||||
|
||||
diff --git a/src/lib-sieve/sieve-result.c b/src/lib-sieve/sieve-result.c
|
||||
index de97d6ae..c21c8017 100644
|
||||
--- a/src/lib-sieve/sieve-result.c
|
||||
+++ b/src/lib-sieve/sieve-result.c
|
||||
@@ -1494,10 +1494,21 @@ sieve_result_implicit_keep_execute(struct sieve_result_execution *rexec)
|
||||
break;
|
||||
case SIEVE_EXEC_TEMP_FAILURE:
|
||||
case SIEVE_EXEC_RESOURCE_LIMIT:
|
||||
- if (rexec->committed)
|
||||
+ if (rexec->committed) {
|
||||
+ e_debug(rexec->event,
|
||||
+ "Temporary failure occurred (status=%s), "
|
||||
+ "but other actions were already committed: "
|
||||
+ "execute failure implicit keep",
|
||||
+ sieve_execution_exitcode_to_str(rexec->status));
|
||||
break;
|
||||
+ }
|
||||
if (rexec->keep_finalizing)
|
||||
break;
|
||||
+
|
||||
+ e_debug(rexec->event,
|
||||
+ "Skip implicit keep for temporary failure "
|
||||
+ "(state=execute, status=%s)",
|
||||
+ sieve_execution_exitcode_to_str(rexec->status));
|
||||
return;
|
||||
default:
|
||||
break;
|
||||
@@ -1635,12 +1646,23 @@ sieve_result_implicit_keep_finalize(struct sieve_result_execution *rexec)
|
||||
break;
|
||||
case SIEVE_EXEC_TEMP_FAILURE:
|
||||
case SIEVE_EXEC_RESOURCE_LIMIT:
|
||||
- if (rexec->committed)
|
||||
+ if (rexec->committed) {
|
||||
+ e_debug(rexec->event,
|
||||
+ "Temporary failure occurred (status=%s), "
|
||||
+ "but other actions were already committed: "
|
||||
+ "commit failure implicit keep",
|
||||
+ sieve_execution_exitcode_to_str(rexec->status));
|
||||
break;
|
||||
+ }
|
||||
|
||||
if (aexec_keep->state !=
|
||||
- SIEVE_ACTION_EXECUTION_STATE_EXECUTED)
|
||||
+ SIEVE_ACTION_EXECUTION_STATE_EXECUTED) {
|
||||
+ e_debug(rexec->event,
|
||||
+ "Skip implicit keep for temporary failure "
|
||||
+ "(state=commit, status=%s)",
|
||||
+ sieve_execution_exitcode_to_str(rexec->status));
|
||||
return rexec->status;
|
||||
+ }
|
||||
/* Roll back for temporary failure when no other action
|
||||
is committed. */
|
||||
commit_status = rexec->status;
|
||||
|
||||
From 65d771c15bf443690580dbb0643556794106522b Mon Sep 17 00:00:00 2001
|
||||
From: Stephan Bosch <stephan.bosch@open-xchange.com>
|
||||
Date: Wed, 18 Aug 2021 13:26:26 +0200
|
||||
Subject: [PATCH 11/12] lib-sieve: sieve-result - Indicate in
|
||||
sieve_result_transaction_execute() debug message whether actions were
|
||||
executed.
|
||||
|
||||
---
|
||||
src/lib-sieve/sieve-result.c | 5 +++--
|
||||
1 file changed, 3 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/src/lib-sieve/sieve-result.c b/src/lib-sieve/sieve-result.c
|
||||
index c21c8017..6f3cb954 100644
|
||||
--- a/src/lib-sieve/sieve-result.c
|
||||
+++ b/src/lib-sieve/sieve-result.c
|
||||
@@ -1796,10 +1796,11 @@ sieve_result_transaction_execute(struct sieve_result_execution *rexec,
|
||||
}
|
||||
|
||||
e_debug(rexec->event, "Finished executing actions "
|
||||
- "(status=%s, keep=%s)",
|
||||
+ "(status=%s, keep=%s, executed=%s)",
|
||||
sieve_execution_exitcode_to_str(status),
|
||||
(rexec->keep_explicit ? "explicit" :
|
||||
- (rexec->keep_implicit ? "implicit" : "none")));
|
||||
+ (rexec->keep_implicit ? "implicit" : "none")),
|
||||
+ (rexec->executed ? "yes" : "no"));
|
||||
return status;
|
||||
}
|
||||
|
||||
|
||||
From 4596d39908a868783fae9a0c2fd264409c0aaa96 Mon Sep 17 00:00:00 2001
|
||||
From: Stephan Bosch <stephan.bosch@open-xchange.com>
|
||||
Date: Wed, 18 Aug 2021 13:27:50 +0200
|
||||
Subject: [PATCH 12/12] lib-sieve: sieve-result - Indicate in
|
||||
sieve_result_transaction_finalize() debug message whether actions were
|
||||
committed.
|
||||
|
||||
---
|
||||
src/lib-sieve/sieve-result.c | 5 +++--
|
||||
1 file changed, 3 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/src/lib-sieve/sieve-result.c b/src/lib-sieve/sieve-result.c
|
||||
index 6f3cb954..effd6f28 100644
|
||||
--- a/src/lib-sieve/sieve-result.c
|
||||
+++ b/src/lib-sieve/sieve-result.c
|
||||
@@ -1859,10 +1859,11 @@ sieve_result_transaction_commit_or_rollback(
|
||||
}
|
||||
|
||||
e_debug(rexec->event, "Finished finalizing actions "
|
||||
- "(status=%s, keep=%s)",
|
||||
+ "(status=%s, keep=%s, committed=%s)",
|
||||
sieve_execution_exitcode_to_str(status),
|
||||
(rexec->keep_explicit ? "explicit" :
|
||||
- (rexec->keep_implicit ? "implicit" : "none")));
|
||||
+ (rexec->keep_implicit ? "implicit" : "none")),
|
||||
+ (rexec->committed ? "yes" : "no"));
|
||||
|
||||
return commit_status;
|
||||
}
|
|
@ -0,0 +1,31 @@
|
|||
From bdf4474ed82aaf964e7d94e72ca56b496e3815f9 Mon Sep 17 00:00:00 2001
|
||||
From: Timo Sirainen <timo.sirainen@open-xchange.com>
|
||||
Date: Fri, 1 Oct 2021 15:08:45 +0300
|
||||
Subject: [PATCH] virtual: Fix leaking mailboxes if virtual mailbox can't be
|
||||
opened
|
||||
|
||||
Fixes also a crash at deinit:
|
||||
Panic: file mail-user.c: line 232 (mail_user_deinit): assertion failed: ((*user)->refcount == 1)
|
||||
---
|
||||
src/plugins/virtual/virtual-storage.c | 4 ++--
|
||||
1 file changed, 2 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/src/plugins/virtual/virtual-storage.c b/src/plugins/virtual/virtual-storage.c
|
||||
index 2f31503d53..a0779cc186 100644
|
||||
--- a/src/plugins/virtual/virtual-storage.c
|
||||
+++ b/src/plugins/virtual/virtual-storage.c
|
||||
@@ -495,12 +495,12 @@ static int virtual_mailbox_open(struct mailbox *box)
|
||||
ret = virtual_mailboxes_open(mbox, box->flags);
|
||||
array_pop_back(&mbox->storage->open_stack);
|
||||
}
|
||||
+ if (ret == 0)
|
||||
+ ret = index_storage_mailbox_open(box, FALSE);
|
||||
if (ret < 0) {
|
||||
virtual_mailbox_close_internal(mbox);
|
||||
return -1;
|
||||
}
|
||||
- if (index_storage_mailbox_open(box, FALSE) < 0)
|
||||
- return -1;
|
||||
|
||||
mbox->virtual_ext_id =
|
||||
mail_index_ext_register(mbox->box.index, "virtual", 0,
|
|
@ -0,0 +1,131 @@
|
|||
From 7bad6a24160e34bce8f10e73dbbf9e5fbbcd1904 Mon Sep 17 00:00:00 2001
|
||||
From: Timo Sirainen <timo.sirainen@open-xchange.com>
|
||||
Date: Mon, 9 May 2022 15:23:33 +0300
|
||||
Subject: [PATCH] auth: Fix handling passdbs with identical driver/args but
|
||||
different mechanisms/username_filter
|
||||
|
||||
The passdb was wrongly deduplicated in this situation, causing wrong
|
||||
mechanisms or username_filter setting to be used. This would be a rather
|
||||
unlikely configuration though.
|
||||
|
||||
Fixed by moving mechanisms and username_filter from struct passdb_module
|
||||
to struct auth_passdb, which is where they should have been in the first
|
||||
place.
|
||||
---
|
||||
src/auth/auth-request.c | 6 +++---
|
||||
src/auth/auth.c | 18 ++++++++++++++++++
|
||||
src/auth/auth.h | 5 +++++
|
||||
src/auth/passdb.c | 15 ++-------------
|
||||
src/auth/passdb.h | 4 ----
|
||||
5 files changed, 28 insertions(+), 20 deletions(-)
|
||||
|
||||
diff --git a/src/auth/auth-request.c b/src/auth/auth-request.c
|
||||
index cd08b1fa02..0ca29f3674 100644
|
||||
--- a/src/auth/auth-request.c
|
||||
+++ b/src/auth/auth-request.c
|
||||
@@ -534,8 +534,8 @@ auth_request_want_skip_passdb(struct auth_request *request,
|
||||
struct auth_passdb *passdb)
|
||||
{
|
||||
/* if mechanism is not supported, skip */
|
||||
- const char *const *mechs = passdb->passdb->mechanisms;
|
||||
- const char *const *username_filter = passdb->passdb->username_filter;
|
||||
+ const char *const *mechs = passdb->mechanisms;
|
||||
+ const char *const *username_filter = passdb->username_filter;
|
||||
const char *username;
|
||||
|
||||
username = request->fields.user;
|
||||
@@ -548,7 +548,7 @@ auth_request_want_skip_passdb(struct auth_request *request,
|
||||
return TRUE;
|
||||
}
|
||||
|
||||
- if (passdb->passdb->username_filter != NULL &&
|
||||
+ if (passdb->username_filter != NULL &&
|
||||
!auth_request_username_accepted(username_filter, username)) {
|
||||
auth_request_log_debug(request,
|
||||
request->mech != NULL ? AUTH_SUBSYS_MECH
|
||||
diff --git a/src/auth/auth.c b/src/auth/auth.c
|
||||
index f2f3fda20c..9f6c4ba60c 100644
|
||||
--- a/src/auth/auth.c
|
||||
+++ b/src/auth/auth.c
|
||||
@@ -99,6 +99,24 @@ auth_passdb_preinit(struct auth *auth, const struct auth_passdb_settings *set,
|
||||
auth_passdb->override_fields_tmpl =
|
||||
passdb_template_build(auth->pool, set->override_fields);
|
||||
|
||||
+ if (*set->mechanisms == '\0') {
|
||||
+ auth_passdb->mechanisms = NULL;
|
||||
+ } else if (strcasecmp(set->mechanisms, "none") == 0) {
|
||||
+ auth_passdb->mechanisms = (const char *const[]){ NULL };
|
||||
+ } else {
|
||||
+ auth_passdb->mechanisms =
|
||||
+ (const char *const *)p_strsplit_spaces(auth->pool,
|
||||
+ set->mechanisms, " ,");
|
||||
+ }
|
||||
+
|
||||
+ if (*set->username_filter == '\0') {
|
||||
+ auth_passdb->username_filter = NULL;
|
||||
+ } else {
|
||||
+ auth_passdb->username_filter =
|
||||
+ (const char *const *)p_strsplit_spaces(auth->pool,
|
||||
+ set->username_filter, " ,");
|
||||
+ }
|
||||
+
|
||||
/* for backwards compatibility: */
|
||||
if (set->pass)
|
||||
auth_passdb->result_success = AUTH_DB_RULE_CONTINUE;
|
||||
diff --git a/src/auth/auth.h b/src/auth/auth.h
|
||||
index f700e29d5c..460a179765 100644
|
||||
--- a/src/auth/auth.h
|
||||
+++ b/src/auth/auth.h
|
||||
@@ -41,6 +41,11 @@ struct auth_passdb {
|
||||
struct passdb_template *default_fields_tmpl;
|
||||
struct passdb_template *override_fields_tmpl;
|
||||
|
||||
+ /* Supported authentication mechanisms, NULL is all, {NULL} is none */
|
||||
+ const char *const *mechanisms;
|
||||
+ /* Username filter, NULL is no filter */
|
||||
+ const char *const *username_filter;
|
||||
+
|
||||
enum auth_passdb_skip skip;
|
||||
enum auth_db_rule result_success;
|
||||
enum auth_db_rule result_failure;
|
||||
diff --git a/src/auth/passdb.c b/src/auth/passdb.c
|
||||
index eb4ac8ae82..f5eed1af4f 100644
|
||||
--- a/src/auth/passdb.c
|
||||
+++ b/src/auth/passdb.c
|
||||
@@ -224,19 +224,8 @@ passdb_preinit(pool_t pool, const struct auth_passdb_settings *set)
|
||||
passdb->id = ++auth_passdb_id;
|
||||
passdb->iface = *iface;
|
||||
passdb->args = p_strdup(pool, set->args);
|
||||
- if (*set->mechanisms == '\0') {
|
||||
- passdb->mechanisms = NULL;
|
||||
- } else if (strcasecmp(set->mechanisms, "none") == 0) {
|
||||
- passdb->mechanisms = (const char *const[]){NULL};
|
||||
- } else {
|
||||
- passdb->mechanisms = (const char* const*)p_strsplit_spaces(pool, set->mechanisms, " ,");
|
||||
- }
|
||||
-
|
||||
- if (*set->username_filter == '\0') {
|
||||
- passdb->username_filter = NULL;
|
||||
- } else {
|
||||
- passdb->username_filter = (const char* const*)p_strsplit_spaces(pool, set->username_filter, " ,");
|
||||
- }
|
||||
+ /* NOTE: if anything else than driver & args are added here,
|
||||
+ passdb_find() also needs to be updated. */
|
||||
array_push_back(&passdb_modules, &passdb);
|
||||
return passdb;
|
||||
}
|
||||
diff --git a/src/auth/passdb.h b/src/auth/passdb.h
|
||||
index 2e95328e5c..e466a9fdb6 100644
|
||||
--- a/src/auth/passdb.h
|
||||
+++ b/src/auth/passdb.h
|
||||
@@ -63,10 +63,6 @@ struct passdb_module {
|
||||
/* Default password scheme for this module.
|
||||
If default_cache_key is set, must not be NULL. */
|
||||
const char *default_pass_scheme;
|
||||
- /* Supported authentication mechanisms, NULL is all, [NULL] is none*/
|
||||
- const char *const *mechanisms;
|
||||
- /* Username filter, NULL is no filter */
|
||||
- const char *const *username_filter;
|
||||
|
||||
/* If blocking is set to TRUE, use child processes to access
|
||||
this passdb. */
|
|
@ -1,6 +1,6 @@
|
|||
diff -up dovecot-2.3.8/src/auth/auth-token.c.opensslhmac dovecot-2.3.8/src/auth/auth-token.c
|
||||
--- dovecot-2.3.8/src/auth/auth-token.c.opensslhmac 2019-10-08 10:46:18.000000000 +0200
|
||||
+++ dovecot-2.3.8/src/auth/auth-token.c 2019-11-19 16:34:11.338037002 +0100
|
||||
diff -up dovecot-2.3.14/src/auth/auth-token.c.opensslhmac dovecot-2.3.14/src/auth/auth-token.c
|
||||
--- dovecot-2.3.14/src/auth/auth-token.c.opensslhmac 2021-03-04 09:38:06.000000000 +0100
|
||||
+++ dovecot-2.3.14/src/auth/auth-token.c 2021-03-22 20:44:13.022912242 +0100
|
||||
@@ -161,17 +161,17 @@ void auth_token_deinit(void)
|
||||
const char *auth_token_get(const char *service, const char *session_pid,
|
||||
const char *username, const char *session_id)
|
||||
|
@ -26,9 +26,9 @@ diff -up dovecot-2.3.8/src/auth/auth-token.c.opensslhmac dovecot-2.3.8/src/auth/
|
|||
|
||||
return binary_to_hex(result, sizeof(result));
|
||||
}
|
||||
diff -up dovecot-2.3.8/src/auth/mech-cram-md5.c.opensslhmac dovecot-2.3.8/src/auth/mech-cram-md5.c
|
||||
--- dovecot-2.3.8/src/auth/mech-cram-md5.c.opensslhmac 2019-10-08 10:46:18.000000000 +0200
|
||||
+++ dovecot-2.3.8/src/auth/mech-cram-md5.c 2019-11-19 16:34:11.338037002 +0100
|
||||
diff -up dovecot-2.3.14/src/auth/mech-cram-md5.c.opensslhmac dovecot-2.3.14/src/auth/mech-cram-md5.c
|
||||
--- dovecot-2.3.14/src/auth/mech-cram-md5.c.opensslhmac 2021-03-04 09:38:06.000000000 +0100
|
||||
+++ dovecot-2.3.14/src/auth/mech-cram-md5.c 2021-03-22 20:44:13.022912242 +0100
|
||||
@@ -51,7 +51,7 @@ static bool verify_credentials(struct cr
|
||||
{
|
||||
|
||||
|
@ -52,59 +52,57 @@ diff -up dovecot-2.3.8/src/auth/mech-cram-md5.c.opensslhmac dovecot-2.3.8/src/au
|
|||
|
||||
response_hex = binary_to_hex(digest, sizeof(digest));
|
||||
|
||||
diff -up dovecot-2.3.8/src/auth/mech-scram-sha1.c.opensslhmac dovecot-2.3.8/src/auth/mech-scram-sha1.c
|
||||
--- dovecot-2.3.8/src/auth/mech-scram-sha1.c.opensslhmac 2019-10-08 10:46:18.000000000 +0200
|
||||
+++ dovecot-2.3.8/src/auth/mech-scram-sha1.c 2019-11-19 16:34:11.338037002 +0100
|
||||
@@ -71,7 +71,7 @@ static const char *get_scram_server_firs
|
||||
|
||||
diff -up dovecot-2.3.14/src/auth/mech-scram.c.opensslhmac dovecot-2.3.14/src/auth/mech-scram.c
|
||||
--- dovecot-2.3.14/src/auth/mech-scram.c.opensslhmac 2021-03-04 09:38:06.000000000 +0100
|
||||
+++ dovecot-2.3.14/src/auth/mech-scram.c 2021-03-22 20:44:13.022912242 +0100
|
||||
@@ -78,7 +78,7 @@ static const char *get_scram_server_firs
|
||||
static const char *get_scram_server_final(struct scram_auth_request *request)
|
||||
{
|
||||
const struct hash_method *hmethod = request->hash_method;
|
||||
- struct hmac_context ctx;
|
||||
+ struct openssl_hmac_context ctx;
|
||||
const char *auth_message;
|
||||
unsigned char server_signature[SHA1_RESULTLEN];
|
||||
unsigned char server_signature[hmethod->digest_size];
|
||||
string_t *str;
|
||||
@@ -80,10 +80,10 @@ static const char *get_scram_server_fina
|
||||
@@ -87,9 +87,9 @@ static const char *get_scram_server_fina
|
||||
request->server_first_message, ",",
|
||||
request->client_final_message_without_proof, NULL);
|
||||
|
||||
- hmac_init(&ctx, request->server_key, sizeof(request->server_key),
|
||||
+ openssl_hmac_init(&ctx, request->server_key, sizeof(request->server_key),
|
||||
&hash_method_sha1);
|
||||
- hmac_init(&ctx, request->server_key, hmethod->digest_size, hmethod);
|
||||
- hmac_update(&ctx, auth_message, strlen(auth_message));
|
||||
- hmac_final(&ctx, server_signature);
|
||||
+ openssl_hmac_init(&ctx, request->server_key, hmethod->digest_size, hmethod);
|
||||
+ openssl_hmac_update(&ctx, auth_message, strlen(auth_message));
|
||||
+ openssl_hmac_final(&ctx, server_signature);
|
||||
|
||||
str = t_str_new(MAX_BASE64_ENCODED_SIZE(sizeof(server_signature)));
|
||||
str_append(str, "v=");
|
||||
@@ -221,7 +221,7 @@ static bool parse_scram_client_first(str
|
||||
|
||||
@@ -228,7 +228,7 @@ static bool parse_scram_client_first(str
|
||||
static bool verify_credentials(struct scram_auth_request *request)
|
||||
{
|
||||
const struct hash_method *hmethod = request->hash_method;
|
||||
- struct hmac_context ctx;
|
||||
+ struct openssl_hmac_context ctx;
|
||||
const char *auth_message;
|
||||
unsigned char client_key[SHA1_RESULTLEN];
|
||||
unsigned char client_signature[SHA1_RESULTLEN];
|
||||
@@ -232,10 +232,10 @@ static bool verify_credentials(struct sc
|
||||
unsigned char client_key[hmethod->digest_size];
|
||||
unsigned char client_signature[hmethod->digest_size];
|
||||
@@ -239,9 +239,9 @@ static bool verify_credentials(struct sc
|
||||
request->server_first_message, ",",
|
||||
request->client_final_message_without_proof, NULL);
|
||||
|
||||
- hmac_init(&ctx, request->stored_key, sizeof(request->stored_key),
|
||||
+ openssl_hmac_init(&ctx, request->stored_key, sizeof(request->stored_key),
|
||||
&hash_method_sha1);
|
||||
- hmac_init(&ctx, request->stored_key, hmethod->digest_size, hmethod);
|
||||
- hmac_update(&ctx, auth_message, strlen(auth_message));
|
||||
- hmac_final(&ctx, client_signature);
|
||||
+ openssl_hmac_init(&ctx, request->stored_key, hmethod->digest_size, hmethod);
|
||||
+ openssl_hmac_update(&ctx, auth_message, strlen(auth_message));
|
||||
+ openssl_hmac_final(&ctx, client_signature);
|
||||
|
||||
const unsigned char *proof_data = request->proof->data;
|
||||
for (i = 0; i < sizeof(client_signature); i++)
|
||||
client_key[i] =
|
||||
diff -up dovecot-2.3.8/src/auth/password-scheme.c.opensslhmac dovecot-2.3.8/src/auth/password-scheme.c
|
||||
--- dovecot-2.3.8/src/auth/password-scheme.c.opensslhmac 2019-10-08 10:46:18.000000000 +0200
|
||||
+++ dovecot-2.3.8/src/auth/password-scheme.c 2019-11-19 16:34:11.339036998 +0100
|
||||
@@ -647,11 +647,11 @@ static void
|
||||
diff -up dovecot-2.3.14/src/auth/password-scheme.c.opensslhmac dovecot-2.3.14/src/auth/password-scheme.c
|
||||
--- dovecot-2.3.14/src/auth/password-scheme.c.opensslhmac 2021-03-04 09:38:06.000000000 +0100
|
||||
+++ dovecot-2.3.14/src/auth/password-scheme.c 2021-03-22 20:44:13.022912242 +0100
|
||||
@@ -639,11 +639,11 @@ static void
|
||||
cram_md5_generate(const char *plaintext, const struct password_generate_params *params ATTR_UNUSED,
|
||||
const unsigned char **raw_password_r, size_t *size_r)
|
||||
{
|
||||
|
@ -118,104 +116,101 @@ diff -up dovecot-2.3.8/src/auth/password-scheme.c.opensslhmac dovecot-2.3.8/src/
|
|||
strlen(plaintext), &hash_method_md5);
|
||||
hmac_md5_get_cram_context(&ctx, context_digest);
|
||||
|
||||
diff -up dovecot-2.3.8/src/auth/password-scheme-scram.c.opensslhmac dovecot-2.3.8/src/auth/password-scheme-scram.c
|
||||
--- dovecot-2.3.8/src/auth/password-scheme-scram.c.opensslhmac 2019-10-08 10:46:18.000000000 +0200
|
||||
+++ dovecot-2.3.8/src/auth/password-scheme-scram.c 2019-11-19 16:34:11.339036998 +0100
|
||||
@@ -27,23 +27,23 @@ static void Hi(const unsigned char *str,
|
||||
const unsigned char *salt, size_t salt_size, unsigned int i,
|
||||
unsigned char result[SHA1_RESULTLEN])
|
||||
diff -up dovecot-2.3.14/src/auth/password-scheme-scram.c.opensslhmac dovecot-2.3.14/src/auth/password-scheme-scram.c
|
||||
--- dovecot-2.3.14/src/auth/password-scheme-scram.c.opensslhmac 2021-03-04 09:38:06.000000000 +0100
|
||||
+++ dovecot-2.3.14/src/auth/password-scheme-scram.c 2021-03-22 20:44:13.023912229 +0100
|
||||
@@ -30,23 +30,23 @@ Hi(const struct hash_method *hmethod, co
|
||||
const unsigned char *salt, size_t salt_size, unsigned int i,
|
||||
unsigned char *result)
|
||||
{
|
||||
- struct hmac_context ctx;
|
||||
+ struct openssl_hmac_context ctx;
|
||||
unsigned char U[SHA1_RESULTLEN];
|
||||
unsigned char U[hmethod->digest_size];
|
||||
unsigned int j, k;
|
||||
|
||||
/* Calculate U1 */
|
||||
- hmac_init(&ctx, str, str_size, &hash_method_sha1);
|
||||
- hmac_init(&ctx, str, str_size, hmethod);
|
||||
- hmac_update(&ctx, salt, salt_size);
|
||||
- hmac_update(&ctx, "\0\0\0\1", 4);
|
||||
- hmac_final(&ctx, U);
|
||||
+ openssl_hmac_init(&ctx, str, str_size, &hash_method_sha1);
|
||||
+ openssl_hmac_init(&ctx, str, str_size, hmethod);
|
||||
+ openssl_hmac_update(&ctx, salt, salt_size);
|
||||
+ openssl_hmac_update(&ctx, "\0\0\0\1", 4);
|
||||
+ openssl_hmac_final(&ctx, U);
|
||||
|
||||
memcpy(result, U, SHA1_RESULTLEN);
|
||||
memcpy(result, U, hmethod->digest_size);
|
||||
|
||||
/* Calculate U2 to Ui and Hi */
|
||||
for (j = 2; j <= i; j++) {
|
||||
- hmac_init(&ctx, str, str_size, &hash_method_sha1);
|
||||
- hmac_init(&ctx, str, str_size, hmethod);
|
||||
- hmac_update(&ctx, U, sizeof(U));
|
||||
- hmac_final(&ctx, U);
|
||||
+ openssl_hmac_init(&ctx, str, str_size, &hash_method_sha1);
|
||||
+ openssl_hmac_init(&ctx, str, str_size, hmethod);
|
||||
+ openssl_hmac_update(&ctx, U, sizeof(U));
|
||||
+ openssl_hmac_final(&ctx, U);
|
||||
for (k = 0; k < SHA1_RESULTLEN; k++)
|
||||
for (k = 0; k < hmethod->digest_size; k++)
|
||||
result[k] ^= U[k];
|
||||
}
|
||||
@@ -94,7 +94,7 @@ int scram_sha1_verify(const char *plaint
|
||||
const unsigned char *raw_password, size_t size,
|
||||
const char **error_r)
|
||||
@@ -102,7 +102,7 @@ int scram_verify(const struct hash_metho
|
||||
const char *plaintext, const unsigned char *raw_password,
|
||||
size_t size, const char **error_r)
|
||||
{
|
||||
- struct hmac_context ctx;
|
||||
+ struct openssl_hmac_context ctx;
|
||||
const char *salt_base64;
|
||||
unsigned int iter_count;
|
||||
const unsigned char *salt;
|
||||
@@ -118,10 +118,10 @@ int scram_sha1_verify(const char *plaint
|
||||
iter_count, salted_password);
|
||||
@@ -126,9 +126,9 @@ int scram_verify(const struct hash_metho
|
||||
salt, salt_len, iter_count, salted_password);
|
||||
|
||||
/* Calculate ClientKey */
|
||||
- hmac_init(&ctx, salted_password, sizeof(salted_password),
|
||||
+ openssl_hmac_init(&ctx, salted_password, sizeof(salted_password),
|
||||
&hash_method_sha1);
|
||||
- hmac_init(&ctx, salted_password, sizeof(salted_password), hmethod);
|
||||
- hmac_update(&ctx, "Client Key", 10);
|
||||
- hmac_final(&ctx, client_key);
|
||||
+ openssl_hmac_init(&ctx, salted_password, sizeof(salted_password), hmethod);
|
||||
+ openssl_hmac_update(&ctx, "Client Key", 10);
|
||||
+ openssl_hmac_final(&ctx, client_key);
|
||||
|
||||
/* Calculate StoredKey */
|
||||
sha1_get_digest(client_key, sizeof(client_key), calculated_stored_key);
|
||||
@@ -139,7 +139,7 @@ void scram_sha1_generate(const char *pla
|
||||
const unsigned char **raw_password_r, size_t *size_r)
|
||||
hash_method_get_digest(hmethod, client_key, sizeof(client_key),
|
||||
@@ -147,7 +147,7 @@ void scram_generate(const struct hash_me
|
||||
const unsigned char **raw_password_r, size_t *size_r)
|
||||
{
|
||||
string_t *str;
|
||||
- struct hmac_context ctx;
|
||||
+ struct openssl_hmac_context ctx;
|
||||
unsigned char salt[16];
|
||||
unsigned char salted_password[SHA1_RESULTLEN];
|
||||
unsigned char client_key[SHA1_RESULTLEN];
|
||||
@@ -157,10 +157,10 @@ void scram_sha1_generate(const char *pla
|
||||
unsigned char salted_password[hmethod->digest_size];
|
||||
unsigned char client_key[hmethod->digest_size];
|
||||
@@ -165,9 +165,9 @@ void scram_generate(const struct hash_me
|
||||
sizeof(salt), SCRAM_DEFAULT_ITERATE_COUNT, salted_password);
|
||||
|
||||
/* Calculate ClientKey */
|
||||
- hmac_init(&ctx, salted_password, sizeof(salted_password),
|
||||
+ openssl_hmac_init(&ctx, salted_password, sizeof(salted_password),
|
||||
&hash_method_sha1);
|
||||
- hmac_init(&ctx, salted_password, sizeof(salted_password), hmethod);
|
||||
- hmac_update(&ctx, "Client Key", 10);
|
||||
- hmac_final(&ctx, client_key);
|
||||
+ openssl_hmac_init(&ctx, salted_password, sizeof(salted_password), hmethod);
|
||||
+ openssl_hmac_update(&ctx, "Client Key", 10);
|
||||
+ openssl_hmac_final(&ctx, client_key);
|
||||
|
||||
/* Calculate StoredKey */
|
||||
sha1_get_digest(client_key, sizeof(client_key), stored_key);
|
||||
@@ -168,10 +168,10 @@ void scram_sha1_generate(const char *pla
|
||||
hash_method_get_digest(hmethod, client_key, sizeof(client_key),
|
||||
@@ -176,9 +176,9 @@ void scram_generate(const struct hash_me
|
||||
base64_encode(stored_key, sizeof(stored_key), str);
|
||||
|
||||
/* Calculate ServerKey */
|
||||
- hmac_init(&ctx, salted_password, sizeof(salted_password),
|
||||
+ openssl_hmac_init(&ctx, salted_password, sizeof(salted_password),
|
||||
&hash_method_sha1);
|
||||
- hmac_init(&ctx, salted_password, sizeof(salted_password), hmethod);
|
||||
- hmac_update(&ctx, "Server Key", 10);
|
||||
- hmac_final(&ctx, server_key);
|
||||
+ openssl_hmac_init(&ctx, salted_password, sizeof(salted_password), hmethod);
|
||||
+ openssl_hmac_update(&ctx, "Server Key", 10);
|
||||
+ openssl_hmac_final(&ctx, server_key);
|
||||
str_append_c(str, ',');
|
||||
base64_encode(server_key, sizeof(server_key), str);
|
||||
|
||||
diff -up dovecot-2.3.8/src/lib/hmac.c.opensslhmac dovecot-2.3.8/src/lib/hmac.c
|
||||
--- dovecot-2.3.8/src/lib/hmac.c.opensslhmac 2019-10-08 10:46:18.000000000 +0200
|
||||
+++ dovecot-2.3.8/src/lib/hmac.c 2019-11-19 17:25:28.045716181 +0100
|
||||
diff -up dovecot-2.3.14/src/lib/hmac.c.opensslhmac dovecot-2.3.14/src/lib/hmac.c
|
||||
--- dovecot-2.3.14/src/lib/hmac.c.opensslhmac 2021-03-04 09:38:06.000000000 +0100
|
||||
+++ dovecot-2.3.14/src/lib/hmac.c 2021-03-22 20:44:13.023912229 +0100
|
||||
@@ -7,6 +7,10 @@
|
||||
* This software is released under the MIT license.
|
||||
*/
|
||||
|
@ -292,11 +287,11 @@ diff -up dovecot-2.3.8/src/lib/hmac.c.opensslhmac dovecot-2.3.8/src/lib/hmac.c
|
|||
+ }
|
||||
+ i_assert(no_fips);
|
||||
+ struct orig_hmac_context_priv *ctx = &_ctx->u.priv;
|
||||
int i;
|
||||
unsigned char k_ipad[64];
|
||||
unsigned char k_opad[64];
|
||||
unsigned int i;
|
||||
unsigned char k_ipad[meth->block_size];
|
||||
unsigned char k_opad[meth->block_size];
|
||||
@@ -53,9 +112,27 @@ void hmac_init(struct hmac_context *_ctx
|
||||
safe_memset(k_opad, 0, 64);
|
||||
safe_memset(k_opad, 0, meth->block_size);
|
||||
}
|
||||
|
||||
-void hmac_final(struct hmac_context *_ctx, unsigned char *digest)
|
||||
|
@ -453,9 +448,9 @@ diff -up dovecot-2.3.8/src/lib/hmac.c.opensslhmac dovecot-2.3.8/src/lib/hmac.c
|
|||
- safe_memset(prk, 0, sizeof(prk));
|
||||
- safe_memset(okm, 0, sizeof(okm));
|
||||
}
|
||||
diff -up dovecot-2.3.8/src/lib/hmac-cram-md5.c.opensslhmac dovecot-2.3.8/src/lib/hmac-cram-md5.c
|
||||
--- dovecot-2.3.8/src/lib/hmac-cram-md5.c.opensslhmac 2019-10-08 10:46:18.000000000 +0200
|
||||
+++ dovecot-2.3.8/src/lib/hmac-cram-md5.c 2019-11-19 16:34:11.339036998 +0100
|
||||
diff -up dovecot-2.3.14/src/lib/hmac-cram-md5.c.opensslhmac dovecot-2.3.14/src/lib/hmac-cram-md5.c
|
||||
--- dovecot-2.3.14/src/lib/hmac-cram-md5.c.opensslhmac 2021-03-04 09:38:06.000000000 +0100
|
||||
+++ dovecot-2.3.14/src/lib/hmac-cram-md5.c 2021-03-22 20:44:13.023912229 +0100
|
||||
@@ -9,10 +9,10 @@
|
||||
#include "md5.h"
|
||||
#include "hmac-cram-md5.h"
|
||||
|
@ -482,9 +477,9 @@ diff -up dovecot-2.3.8/src/lib/hmac-cram-md5.c.opensslhmac dovecot-2.3.8/src/lib
|
|||
const unsigned char *cdp;
|
||||
|
||||
struct md5_context *ctx = (void*)hmac_ctx->ctx;
|
||||
diff -up dovecot-2.3.8/src/lib/hmac-cram-md5.h.opensslhmac dovecot-2.3.8/src/lib/hmac-cram-md5.h
|
||||
--- dovecot-2.3.8/src/lib/hmac-cram-md5.h.opensslhmac 2019-10-08 10:46:18.000000000 +0200
|
||||
+++ dovecot-2.3.8/src/lib/hmac-cram-md5.h 2019-11-19 16:34:11.339036998 +0100
|
||||
diff -up dovecot-2.3.14/src/lib/hmac-cram-md5.h.opensslhmac dovecot-2.3.14/src/lib/hmac-cram-md5.h
|
||||
--- dovecot-2.3.14/src/lib/hmac-cram-md5.h.opensslhmac 2021-03-04 09:38:06.000000000 +0100
|
||||
+++ dovecot-2.3.14/src/lib/hmac-cram-md5.h 2021-03-22 20:44:13.023912229 +0100
|
||||
@@ -5,9 +5,9 @@
|
||||
|
||||
#define CRAM_MD5_CONTEXTLEN 32
|
||||
|
@ -497,19 +492,19 @@ diff -up dovecot-2.3.8/src/lib/hmac-cram-md5.h.opensslhmac dovecot-2.3.8/src/lib
|
|||
const unsigned char context_digest[CRAM_MD5_CONTEXTLEN]);
|
||||
|
||||
|
||||
diff -up dovecot-2.3.8/src/lib/hmac.h.opensslhmac dovecot-2.3.8/src/lib/hmac.h
|
||||
--- dovecot-2.3.8/src/lib/hmac.h.opensslhmac 2019-10-08 10:46:18.000000000 +0200
|
||||
+++ dovecot-2.3.8/src/lib/hmac.h 2019-11-19 16:34:11.339036998 +0100
|
||||
@@ -3,60 +3,97 @@
|
||||
|
||||
diff -up dovecot-2.3.14/src/lib/hmac.h.opensslhmac dovecot-2.3.14/src/lib/hmac.h
|
||||
--- dovecot-2.3.14/src/lib/hmac.h.opensslhmac 2021-03-04 09:38:06.000000000 +0100
|
||||
+++ dovecot-2.3.14/src/lib/hmac.h 2021-03-22 20:44:13.023912229 +0100
|
||||
@@ -4,60 +4,97 @@
|
||||
#include "hash-method.h"
|
||||
#include "sha1.h"
|
||||
#include "sha2.h"
|
||||
+#include <openssl/objects.h>
|
||||
+#include <openssl/hmac.h>
|
||||
+#include <openssl/kdf.h>
|
||||
+#include <openssl/err.h>
|
||||
|
||||
#define HMAC_MAX_CONTEXT_SIZE 256
|
||||
#define HMAC_MAX_CONTEXT_SIZE sizeof(struct sha512_ctx)
|
||||
|
||||
-struct hmac_context_priv {
|
||||
+struct openssl_hmac_context_priv {
|
||||
|
@ -611,9 +606,9 @@ diff -up dovecot-2.3.8/src/lib/hmac.h.opensslhmac dovecot-2.3.8/src/lib/hmac.h
|
|||
okm_buffer, okm_len);
|
||||
return okm_buffer;
|
||||
}
|
||||
diff -up dovecot-2.3.8/src/lib-imap-urlauth/imap-urlauth.c.opensslhmac dovecot-2.3.8/src/lib-imap-urlauth/imap-urlauth.c
|
||||
--- dovecot-2.3.8/src/lib-imap-urlauth/imap-urlauth.c.opensslhmac 2019-10-08 10:46:18.000000000 +0200
|
||||
+++ dovecot-2.3.8/src/lib-imap-urlauth/imap-urlauth.c 2019-11-19 16:34:11.339036998 +0100
|
||||
diff -up dovecot-2.3.14/src/lib-imap-urlauth/imap-urlauth.c.opensslhmac dovecot-2.3.14/src/lib-imap-urlauth/imap-urlauth.c
|
||||
--- dovecot-2.3.14/src/lib-imap-urlauth/imap-urlauth.c.opensslhmac 2021-03-04 09:38:06.000000000 +0100
|
||||
+++ dovecot-2.3.14/src/lib-imap-urlauth/imap-urlauth.c 2021-03-22 20:44:13.023912229 +0100
|
||||
@@ -85,15 +85,15 @@ imap_urlauth_internal_generate(const cha
|
||||
const unsigned char mailbox_key[IMAP_URLAUTH_KEY_LEN],
|
||||
size_t *token_len_r)
|
||||
|
@ -634,10 +629,10 @@ diff -up dovecot-2.3.8/src/lib-imap-urlauth/imap-urlauth.c.opensslhmac dovecot-2
|
|||
|
||||
*token_len_r = SHA1_RESULTLEN + 1;
|
||||
return token;
|
||||
diff -up dovecot-2.3.8/src/lib/Makefile.am.opensslhmac dovecot-2.3.8/src/lib/Makefile.am
|
||||
--- dovecot-2.3.8/src/lib/Makefile.am.opensslhmac 2019-10-08 10:46:18.000000000 +0200
|
||||
+++ dovecot-2.3.8/src/lib/Makefile.am 2019-11-19 16:34:11.340036994 +0100
|
||||
@@ -323,6 +323,9 @@ headers = \
|
||||
diff -up dovecot-2.3.14/src/lib/Makefile.am.opensslhmac dovecot-2.3.14/src/lib/Makefile.am
|
||||
--- dovecot-2.3.14/src/lib/Makefile.am.opensslhmac 2021-03-04 09:38:06.000000000 +0100
|
||||
+++ dovecot-2.3.14/src/lib/Makefile.am 2021-03-22 20:44:13.023912229 +0100
|
||||
@@ -352,6 +352,9 @@ headers = \
|
||||
wildcard-match.h \
|
||||
write-full.h
|
||||
|
||||
|
@ -647,69 +642,63 @@ diff -up dovecot-2.3.8/src/lib/Makefile.am.opensslhmac dovecot-2.3.8/src/lib/Mak
|
|||
test_programs = test-lib
|
||||
noinst_PROGRAMS = $(test_programs)
|
||||
|
||||
diff -up dovecot-2.3.8/src/lib-ntlm/ntlm-encrypt.c.opensslhmac dovecot-2.3.8/src/lib-ntlm/ntlm-encrypt.c
|
||||
--- dovecot-2.3.8/src/lib-ntlm/ntlm-encrypt.c.opensslhmac 2019-10-08 10:46:18.000000000 +0200
|
||||
+++ dovecot-2.3.8/src/lib-ntlm/ntlm-encrypt.c 2019-11-19 16:34:11.340036994 +0100
|
||||
@@ -61,12 +61,12 @@ void ntlm_v1_hash(const char *passwd, un
|
||||
}
|
||||
diff -up dovecot-2.3.14/src/lib-oauth2/oauth2-jwt.c.opensslhmac dovecot-2.3.14/src/lib-oauth2/oauth2-jwt.c
|
||||
--- dovecot-2.3.14/src/lib-oauth2/oauth2-jwt.c.opensslhmac 2021-03-04 09:38:06.000000000 +0100
|
||||
+++ dovecot-2.3.14/src/lib-oauth2/oauth2-jwt.c 2021-03-22 20:44:13.024912217 +0100
|
||||
@@ -106,14 +106,14 @@ oauth2_validate_hmac(const struct oauth2
|
||||
if (oauth2_lookup_hmac_key(set, azp, alg, key_id, &key, error_r) < 0)
|
||||
return -1;
|
||||
|
||||
static void
|
||||
-hmac_md5_ucs2le_string_ucase(struct hmac_context *ctx, const char *str)
|
||||
-{
|
||||
- size_t len;
|
||||
- unsigned char *wstr = t_unicode_str(str, TRUE, &len);
|
||||
-
|
||||
- hmac_update(ctx, wstr, len);
|
||||
+hmac_md5_ucs2le_string_ucase(struct openssl_hmac_context *ctx, const char *str)
|
||||
+ {
|
||||
+ size_t len;
|
||||
+ unsigned char *wstr = t_unicode_str(str, TRUE, &len);
|
||||
+
|
||||
+ openssl_hmac_update(ctx, wstr, len);
|
||||
}
|
||||
|
||||
static void ATTR_NULL(2)
|
||||
@@ -74,13 +74,13 @@ ntlm_v2_hash(const char *user, const cha
|
||||
const unsigned char *hash_v1,
|
||||
unsigned char hash[NTLMSSP_V2_HASH_SIZE])
|
||||
{
|
||||
- struct hmac_context ctx;
|
||||
- hmac_init(&ctx, key->data, key->used, method);
|
||||
- hmac_update(&ctx, blobs[0], strlen(blobs[0]));
|
||||
- hmac_update(&ctx, ".", 1);
|
||||
- hmac_update(&ctx, blobs[1], strlen(blobs[1]));
|
||||
+ struct openssl_hmac_context ctx;
|
||||
+ openssl_hmac_init(&ctx, key->data, key->used, method);
|
||||
+ openssl_hmac_update(&ctx, blobs[0], strlen(blobs[0]));
|
||||
+ openssl_hmac_update(&ctx, ".", 1);
|
||||
+ openssl_hmac_update(&ctx, blobs[1], strlen(blobs[1]));
|
||||
unsigned char digest[method->digest_size];
|
||||
|
||||
- hmac_init(&ctx, hash_v1, NTLMSSP_HASH_SIZE, &hash_method_md5);
|
||||
+ openssl_hmac_init(&ctx, hash_v1, NTLMSSP_HASH_SIZE, &hash_method_md5);
|
||||
hmac_md5_ucs2le_string_ucase(&ctx, user);
|
||||
if (target != NULL)
|
||||
hmac_md5_ucs2le_string_ucase(&ctx, target);
|
||||
- hmac_final(&ctx, hash);
|
||||
+ openssl_hmac_final(&ctx, hash);
|
||||
}
|
||||
- hmac_final(&ctx, digest);
|
||||
+ openssl_hmac_final(&ctx, digest);
|
||||
|
||||
void
|
||||
@@ -125,15 +125,15 @@ ntlmssp_v2_response(const char *user, co
|
||||
const unsigned char *blob, size_t blob_size,
|
||||
unsigned char response[NTLMSSP_V2_RESPONSE_SIZE])
|
||||
buffer_t *their_digest =
|
||||
t_base64url_decode_str(BASE64_DECODE_FLAG_NO_PADDING, blobs[2]);
|
||||
diff -up dovecot-2.3.14/src/lib-oauth2/test-oauth2-jwt.c.opensslhmac dovecot-2.3.14/src/lib-oauth2/test-oauth2-jwt.c
|
||||
--- dovecot-2.3.14/src/lib-oauth2/test-oauth2-jwt.c.opensslhmac 2021-03-04 09:38:06.000000000 +0100
|
||||
+++ dovecot-2.3.14/src/lib-oauth2/test-oauth2-jwt.c 2021-03-22 20:46:09.524440794 +0100
|
||||
@@ -236,7 +236,7 @@ static void save_key_to(const char *algo
|
||||
static void sign_jwt_token_hs256(buffer_t *tokenbuf, buffer_t *key)
|
||||
{
|
||||
- struct hmac_context ctx;
|
||||
+ struct openssl_hmac_context ctx;
|
||||
unsigned char hash[NTLMSSP_V2_HASH_SIZE];
|
||||
|
||||
ntlm_v2_hash(user, target, hash_v1, hash);
|
||||
|
||||
- hmac_init(&ctx, hash, NTLMSSP_V2_HASH_SIZE, &hash_method_md5);
|
||||
- hmac_update(&ctx, challenge, NTLMSSP_CHALLENGE_SIZE);
|
||||
- hmac_update(&ctx, blob, blob_size);
|
||||
- hmac_final(&ctx, response);
|
||||
+ openssl_hmac_init(&ctx, hash, NTLMSSP_V2_HASH_SIZE, &hash_method_md5);
|
||||
+ openssl_hmac_update(&ctx, challenge, NTLMSSP_CHALLENGE_SIZE);
|
||||
+ openssl_hmac_update(&ctx, blob, blob_size);
|
||||
+ openssl_hmac_final(&ctx, response);
|
||||
|
||||
safe_memset(hash, 0, sizeof(hash));
|
||||
}
|
||||
diff -up dovecot-2.3.8/src/lib/pkcs5.c.opensslhmac dovecot-2.3.8/src/lib/pkcs5.c
|
||||
--- dovecot-2.3.8/src/lib/pkcs5.c.opensslhmac 2019-10-08 10:46:18.000000000 +0200
|
||||
+++ dovecot-2.3.8/src/lib/pkcs5.c 2019-11-19 16:34:11.340036994 +0100
|
||||
i_assert(key != NULL);
|
||||
- buffer_t *sig = t_hmac_buffer(&hash_method_sha256, key->data, key->used,
|
||||
+ buffer_t *sig = openssl_t_hmac_buffer(&hash_method_sha256, key->data, key->used,
|
||||
tokenbuf);
|
||||
buffer_append(tokenbuf, ".", 1);
|
||||
base64url_encode(BASE64_ENCODE_FLAG_NO_PADDING, SIZE_MAX,
|
||||
@@ -246,7 +246,7 @@ static void sign_jwt_token_hs256(buffer_
|
||||
static void sign_jwt_token_hs384(buffer_t *tokenbuf, buffer_t *key)
|
||||
{
|
||||
i_assert(key != NULL);
|
||||
- buffer_t *sig = t_hmac_buffer(&hash_method_sha384, key->data, key->used,
|
||||
+ buffer_t *sig = openssl_t_hmac_buffer(&hash_method_sha384, key->data, key->used,
|
||||
tokenbuf);
|
||||
buffer_append(tokenbuf, ".", 1);
|
||||
base64url_encode(BASE64_ENCODE_FLAG_NO_PADDING, SIZE_MAX,
|
||||
@@ -256,7 +256,7 @@ static void sign_jwt_token_hs384(buffer_
|
||||
static void sign_jwt_token_hs512(buffer_t *tokenbuf, buffer_t *key)
|
||||
{
|
||||
i_assert(key != NULL);
|
||||
- buffer_t *sig = t_hmac_buffer(&hash_method_sha512, key->data, key->used,
|
||||
+ buffer_t *sig = openssl_t_hmac_buffer(&hash_method_sha512, key->data, key->used,
|
||||
tokenbuf);
|
||||
buffer_append(tokenbuf, ".", 1);
|
||||
base64url_encode(BASE64_ENCODE_FLAG_NO_PADDING, SIZE_MAX,
|
||||
diff -up dovecot-2.3.14/src/lib/pkcs5.c.opensslhmac dovecot-2.3.14/src/lib/pkcs5.c
|
||||
--- dovecot-2.3.14/src/lib/pkcs5.c.opensslhmac 2021-03-04 09:38:06.000000000 +0100
|
||||
+++ dovecot-2.3.14/src/lib/pkcs5.c 2021-03-22 20:44:13.024912217 +0100
|
||||
@@ -52,7 +52,7 @@ int pkcs5_pbkdf2(const struct hash_metho
|
||||
size_t l = (length + hash->digest_size - 1)/hash->digest_size; /* same as ceil(length/hash->digest_size) */
|
||||
unsigned char dk[l * hash->digest_size];
|
||||
|
@ -744,10 +733,10 @@ diff -up dovecot-2.3.8/src/lib/pkcs5.c.opensslhmac dovecot-2.3.8/src/lib/pkcs5.c
|
|||
for(i = 0; i < hash->digest_size; i++)
|
||||
block[i] ^= U_c[i];
|
||||
}
|
||||
diff -up dovecot-2.3.8/src/lib/test-hmac.c.opensslhmac dovecot-2.3.8/src/lib/test-hmac.c
|
||||
--- dovecot-2.3.8/src/lib/test-hmac.c.opensslhmac 2019-10-08 10:46:18.000000000 +0200
|
||||
+++ dovecot-2.3.8/src/lib/test-hmac.c 2019-11-19 16:34:11.340036994 +0100
|
||||
@@ -112,11 +112,11 @@ static void test_hmac_rfc(void)
|
||||
diff -up dovecot-2.3.14/src/lib/test-hmac.c.opensslhmac dovecot-2.3.14/src/lib/test-hmac.c
|
||||
--- dovecot-2.3.14/src/lib/test-hmac.c.opensslhmac 2021-03-04 09:38:06.000000000 +0100
|
||||
+++ dovecot-2.3.14/src/lib/test-hmac.c 2021-03-22 20:44:13.024912217 +0100
|
||||
@@ -206,11 +206,11 @@ static void test_hmac_rfc(void)
|
||||
test_begin("hmac sha256 rfc4231 vectors");
|
||||
for(size_t i = 0; i < N_ELEMENTS(test_vectors); i++) {
|
||||
const struct test_vector *vec = &(test_vectors[i]);
|
||||
|
@ -763,7 +752,39 @@ diff -up dovecot-2.3.8/src/lib/test-hmac.c.opensslhmac dovecot-2.3.8/src/lib/tes
|
|||
test_assert_idx(memcmp(res, vec->res, vec->res_len) == 0, i);
|
||||
}
|
||||
test_end();
|
||||
@@ -129,7 +129,7 @@ static void test_hmac_buffer(void)
|
||||
@@ -221,11 +221,11 @@ static void test_hmac384_rfc(void)
|
||||
test_begin("hmac sha384 rfc4231 vectors");
|
||||
for (size_t i = 0; i < N_ELEMENTS(test_vectors_hmac384); i++) {
|
||||
const struct test_vector *vec = &(test_vectors_hmac384[i]);
|
||||
- struct hmac_context ctx;
|
||||
- hmac_init(&ctx, vec->key, vec->key_len, hash_method_lookup(vec->prf));
|
||||
- hmac_update(&ctx, vec->data, vec->data_len);
|
||||
+ struct openssl_hmac_context ctx;
|
||||
+ openssl_hmac_init(&ctx, vec->key, vec->key_len, hash_method_lookup(vec->prf));
|
||||
+ openssl_hmac_update(&ctx, vec->data, vec->data_len);
|
||||
unsigned char res[SHA384_RESULTLEN];
|
||||
- hmac_final(&ctx, res);
|
||||
+ openssl_hmac_final(&ctx, res);
|
||||
test_assert_idx(memcmp(res, vec->res, vec->res_len) == 0, i);
|
||||
}
|
||||
test_end();
|
||||
@@ -236,11 +236,11 @@ static void test_hmac512_rfc(void)
|
||||
test_begin("hmac sha512 rfc4231 vectors");
|
||||
for (size_t i = 0; i < N_ELEMENTS(test_vectors_hmac512); i++) {
|
||||
const struct test_vector *vec = &(test_vectors_hmac512[i]);
|
||||
- struct hmac_context ctx;
|
||||
- hmac_init(&ctx, vec->key, vec->key_len, hash_method_lookup(vec->prf));
|
||||
- hmac_update(&ctx, vec->data, vec->data_len);
|
||||
+ struct openssl_hmac_context ctx;
|
||||
+ openssl_hmac_init(&ctx, vec->key, vec->key_len, hash_method_lookup(vec->prf));
|
||||
+ openssl_hmac_update(&ctx, vec->data, vec->data_len);
|
||||
unsigned char res[SHA512_RESULTLEN];
|
||||
- hmac_final(&ctx, res);
|
||||
+ openssl_hmac_final(&ctx, res);
|
||||
test_assert_idx(memcmp(res, vec->res, vec->res_len) == 0, i);
|
||||
}
|
||||
test_end();
|
||||
@@ -253,7 +253,7 @@ static void test_hmac_buffer(void)
|
||||
|
||||
buffer_t *tmp;
|
||||
|
||||
|
@ -772,7 +793,7 @@ diff -up dovecot-2.3.8/src/lib/test-hmac.c.opensslhmac dovecot-2.3.8/src/lib/tes
|
|||
vec->data, vec->data_len);
|
||||
|
||||
test_assert(tmp->used == vec->res_len &&
|
||||
@@ -146,7 +146,7 @@ static void test_hkdf_rfc(void)
|
||||
@@ -270,7 +270,7 @@ static void test_hkdf_rfc(void)
|
||||
buffer_set_used_size(res, 0);
|
||||
const struct test_vector_5869 *vec = &(test_vectors_5869[i]);
|
||||
const struct hash_method *m = hash_method_lookup(vec->prf);
|
||||
|
@ -781,7 +802,7 @@ diff -up dovecot-2.3.8/src/lib/test-hmac.c.opensslhmac dovecot-2.3.8/src/lib/tes
|
|||
vec->info, vec->info_len, res, vec->okm_len);
|
||||
test_assert_idx(memcmp(res->data, vec->okm, vec->okm_len) == 0, i);
|
||||
}
|
||||
@@ -159,7 +159,7 @@ static void test_hkdf_buffer(void)
|
||||
@@ -283,7 +283,7 @@ static void test_hkdf_buffer(void)
|
||||
test_begin("hkdf temporary buffer");
|
||||
const struct test_vector_5869 *vec = &(test_vectors_5869[0]);
|
||||
const struct hash_method *m = hash_method_lookup(vec->prf);
|
||||
|
|
|
@ -1,2 +1,2 @@
|
|||
d /var/run/dovecot 0755 root dovecot -
|
||||
d /run/dovecot 0755 root dovecot -
|
||||
|
||||
|
|
|
@ -3,9 +3,9 @@
|
|||
Summary: Secure imap and pop3 server
|
||||
Name: dovecot
|
||||
Epoch: 1
|
||||
Version: 2.3.8
|
||||
Version: 2.3.16
|
||||
%global prever %{nil}
|
||||
Release: 3%{?dist}
|
||||
Release: 5%{?dist}
|
||||
#dovecot itself is MIT, a few sources are PD, pigeonhole is LGPLv2
|
||||
License: MIT and LGPLv2
|
||||
Group: System Environment/Daemons
|
||||
|
@ -14,7 +14,7 @@ URL: http://www.dovecot.org/
|
|||
Source: http://www.dovecot.org/releases/2.3/%{name}-%{version}%{?prever}.tar.gz
|
||||
Source1: dovecot.init
|
||||
Source2: dovecot.pam
|
||||
%global pigeonholever 0.5.8
|
||||
%global pigeonholever 0.5.16
|
||||
Source8: http://pigeonhole.dovecot.org/releases/2.3/dovecot-2.3-pigeonhole-%{pigeonholever}.tar.gz
|
||||
Source9: dovecot.sysconfig
|
||||
Source10: dovecot.tmpfilesd
|
||||
|
@ -32,7 +32,6 @@ Patch6: dovecot-2.1.10-waitonline.patch
|
|||
|
||||
Patch8: dovecot-2.2.20-initbysystemd.patch
|
||||
Patch9: dovecot-2.2.22-systemd_w_protectsystem.patch
|
||||
Patch10: dovecot-2.3.0.1-libxcrypt.patch
|
||||
|
||||
# sent upstream, rhbz#1630380
|
||||
Patch11: dovecot-2.2.36-aclfix.patch
|
||||
|
@ -44,9 +43,20 @@ Patch13: dovecot-2.2.36-bigkey.patch
|
|||
# hard to break circular dependency between lib and lib-dcrypt
|
||||
Patch14: dovecot-2.3.6-opensslhmac.patch
|
||||
|
||||
# from upstream, for dovecot < 2.3.10.1
|
||||
Patch15: dovecot-2.3.10-smtppre.patch
|
||||
Patch16: dovecot-2.3.10-CVE_2020_10957,10958,10967.patch
|
||||
# from upstream, for dovecot < 2.3.17, s390x FTBFS fix
|
||||
Patch15: dovecot-2.3.16-ftbfsbigend.patch
|
||||
Patch16: dovecot-2.3.16-keeplzma.patch
|
||||
|
||||
# from upstream, for <= 2.3.19.1, rhbz#2106232
|
||||
Patch17: dovecot-2.3.19.1-7bad6a24.patch
|
||||
|
||||
# from upstream, for < 2.3.19.1, rhbz#2128857
|
||||
Patch18: dovecot-2.3.18-9f300239..4596d399.patch
|
||||
Patch19: dovecot-2.3.18-bdf447e4.patch
|
||||
|
||||
# from upstream, for < 2.3.21, RHEL-22854
|
||||
Patch20: dovecot-2.3.16-d7705bc6.patch
|
||||
|
||||
|
||||
Source15: prestartscript
|
||||
|
||||
|
@ -62,6 +72,7 @@ BuildRequires: krb5-devel
|
|||
BuildRequires: quota-devel
|
||||
BuildRequires: xz-devel
|
||||
BuildRequires: lz4-devel
|
||||
BuildRequires: multilib-rpm-config
|
||||
#BuildRequires: libsodium-devel
|
||||
#BuildRequires: libexttextcat-devel
|
||||
#BuildRequires: libstemmer-devel
|
||||
|
@ -142,19 +153,22 @@ This package provides the development files for dovecot.
|
|||
|
||||
%prep
|
||||
%setup -q -n %{name}-%{version}%{?prever} -a 8
|
||||
%patch1 -p1 -b .default-settings
|
||||
%patch2 -p1 -b .mkcert-permissions
|
||||
%patch3 -p1 -b .mkcert-paths
|
||||
%patch6 -p1 -b .waitonline
|
||||
%patch8 -p1 -b .initbysystemd
|
||||
%patch9 -p1 -b .systemd_w_protectsystem
|
||||
#%patch10 -p1 -b .libxcrypt
|
||||
%patch11 -p1 -b .aclfix
|
||||
%patch13 -p1 -b .bigkey
|
||||
%patch14 -p1 -b .opensslhmac
|
||||
%patch15 -p1 -b .smtppre
|
||||
%patch16 -p1 -b .CVE_2020_10957,10958,10967
|
||||
%patch -P 1 -p1 -b .default-settings
|
||||
%patch -P 2 -p1 -b .mkcert-permissions
|
||||
%patch -P 3 -p1 -b .mkcert-paths
|
||||
%patch -P 6 -p1 -b .waitonline
|
||||
%patch -P 8 -p1 -b .initbysystemd
|
||||
%patch -P 9 -p1 -b .systemd_w_protectsystem
|
||||
%patch -P 11 -p1 -b .aclfix
|
||||
%patch -P 13 -p1 -b .bigkey
|
||||
%patch -P 14 -p1 -b .opensslhmac
|
||||
%patch -P 15 -p1 -b .ftbfsbigend
|
||||
%patch -P 16 -p1 -b .keeplzma
|
||||
%patch -P 17 -p1 -b .7bad6a24
|
||||
%patch -P 19 -p1 -b .bdf447e4
|
||||
%patch -P 20 -p1 -b .d7705bc6
|
||||
pushd dovecot-2*3-pigeonhole-%{pigeonholever}
|
||||
%patch -P 18 -p1 -b .9f300239..4596d399
|
||||
|
||||
popd
|
||||
|
||||
|
@ -172,6 +186,8 @@ autoreconf -I . -fiv #required for aarch64 support
|
|||
%endif
|
||||
%configure \
|
||||
INSTALL_DATA="install -c -p -m644" \
|
||||
--with-rundir=%{_rundir}/%{name} \
|
||||
--with-systemd \
|
||||
--docdir=%{_docdir}/%{name} \
|
||||
--disable-static \
|
||||
--disable-rpath \
|
||||
|
@ -218,9 +234,11 @@ rm -rf $RPM_BUILD_ROOT
|
|||
|
||||
make install DESTDIR=$RPM_BUILD_ROOT
|
||||
|
||||
#move doc dir back to build dir so doc macro in files section can use it
|
||||
# move doc dir back to build dir so doc macro in files section can use it
|
||||
mv $RPM_BUILD_ROOT/%{_docdir}/%{name} %{_builddir}/%{name}-%{version}%{?prever}/docinstall
|
||||
|
||||
# fix multilib issues
|
||||
%multilib_fix_c_header --file %{_includedir}/dovecot/config.h
|
||||
|
||||
pushd dovecot-2*3-pigeonhole-%{pigeonholever}
|
||||
make install DESTDIR=$RPM_BUILD_ROOT
|
||||
|
@ -230,7 +248,6 @@ mv $RPM_BUILD_ROOT/%{_docdir}/%{name} $RPM_BUILD_ROOT/%{_docdir}/%{name}-pigeonh
|
|||
install -m 644 AUTHORS ChangeLog COPYING COPYING.LGPL INSTALL NEWS README $RPM_BUILD_ROOT/%{_docdir}/%{name}-pigeonhole
|
||||
popd
|
||||
|
||||
|
||||
%if %{?fedora}00%{?rhel} < 6
|
||||
sed -i 's|password-auth|system-auth|' %{SOURCE2}
|
||||
%endif
|
||||
|
@ -371,6 +388,7 @@ make check
|
|||
%{_bindir}/doveadm
|
||||
%{_bindir}/doveconf
|
||||
%{_bindir}/dsync
|
||||
%{_bindir}/dovecot-sysreport
|
||||
|
||||
|
||||
%if %{?fedora}0 > 140 || %{?rhel}0 > 60
|
||||
|
@ -392,6 +410,7 @@ make check
|
|||
%config(noreplace) %{_sysconfdir}/dovecot/conf.d/10-logging.conf
|
||||
%config(noreplace) %{_sysconfdir}/dovecot/conf.d/10-mail.conf
|
||||
%config(noreplace) %{_sysconfdir}/dovecot/conf.d/10-master.conf
|
||||
%config(noreplace) %{_sysconfdir}/dovecot/conf.d/10-metrics.conf
|
||||
%config(noreplace) %{_sysconfdir}/dovecot/conf.d/10-ssl.conf
|
||||
%config(noreplace) %{_sysconfdir}/dovecot/conf.d/15-lda.conf
|
||||
%config(noreplace) %{_sysconfdir}/dovecot/conf.d/15-mailboxes.conf
|
||||
|
@ -411,8 +430,6 @@ make check
|
|||
%config(noreplace) %{_sysconfdir}/dovecot/conf.d/auth-sql.conf.ext
|
||||
%config(noreplace) %{_sysconfdir}/dovecot/conf.d/auth-static.conf.ext
|
||||
%config(noreplace) %{_sysconfdir}/dovecot/conf.d/auth-system.conf.ext
|
||||
%config(noreplace) %{_sysconfdir}/dovecot/conf.d/auth-vpopmail.conf.ext
|
||||
|
||||
%config(noreplace) %{_sysconfdir}/pam.d/dovecot
|
||||
%config(noreplace) %{ssldir}/dovecot-openssl.cnf
|
||||
|
||||
|
@ -453,10 +470,11 @@ make check
|
|||
%{_libexecdir}/%{name}
|
||||
%exclude %{_libexecdir}/%{name}/managesieve*
|
||||
|
||||
%attr(0755,root,dovecot) %ghost /var/run/dovecot
|
||||
%dir %attr(0755,root,dovecot) %ghost /var/run/dovecot
|
||||
%attr(0750,root,dovenull) %ghost /var/run/dovecot/login
|
||||
%attr(0750,root,dovenull) %ghost /var/run/dovecot/token-login
|
||||
%attr(0755,root,root) %ghost /var/run/dovecot/empty
|
||||
|
||||
%attr(0750,dovecot,dovecot) /var/lib/dovecot
|
||||
|
||||
%{_datadir}/%{name}
|
||||
|
@ -513,6 +531,43 @@ make check
|
|||
%{_libdir}/%{name}/dict/libdriver_pgsql.so
|
||||
|
||||
%changelog
|
||||
* Fri Feb 16 2024 Michal Hlavinka <mhlavink@redhat.com> - 1:2.3.16-5
|
||||
- fixes assert-crash when IMAP client uses QRESYNC (#RHEL-22854)
|
||||
|
||||
* Fri Aug 04 2023 Michal Hlavinka <mhlavink@redhat.com> - 1:2.3.16-4
|
||||
- fix leaking mailboxes if virtual mailbox can't be opened (#2128857)
|
||||
|
||||
* Tue Jul 19 2022 Michal Hlavinka <mhlavink@redhat.com> - 1:2.3.16-3
|
||||
- fix possible privilege escalation when similar master and non-master passdbs are used (#2106231)
|
||||
|
||||
* Wed Dec 08 2021 Michal Hlavinka <mhlavink@redhat.com> - 1:2.3.16-2
|
||||
- do not disable xz/lzma for now despite being deprecated
|
||||
|
||||
* Wed Dec 08 2021 Michal Hlavinka <mhlavink@redhat.com> - 1:2.3.16-1
|
||||
- dovecot updated to 2.3.16, pigeonhole to 0.5.16
|
||||
- fix CVE-2021-33515 plaintext commands injection (#1980014)
|
||||
|
||||
* Wed Feb 03 2021 Michal Hlavinka <mhlavink@redhat.com> - 1:2.3.8-9
|
||||
- fix CVE-2020-24386 IMAP hibernation function allows mail access (#1913534)
|
||||
|
||||
* Tue Jan 12 2021 Michal Hlavinka <mhlavink@redhat.com> - 1:2.3.8-8
|
||||
- fix CVE-2020-25275 denial of service via mail MIME parsing (#1914019)
|
||||
|
||||
* Thu Jan 07 2021 Michal Hlavinka <mhlavink@redhat.com> - 1:2.3.8-7
|
||||
- change run directory from /var/run to /run (#1805947)
|
||||
|
||||
* Wed Dec 02 2020 Michal Hlavinka <mhlavink@redhat.com> - 1:2.3.8-6
|
||||
- fix mail storage block count parsing (#1894418)
|
||||
- MIME parser crashed when boundaries were wrong (#1888111)
|
||||
|
||||
* Mon Nov 02 2020 Michal Hlavinka <mhlavink@redhat.com> - 1:2.3.8-5
|
||||
- multilib compatibility (#1853137)
|
||||
|
||||
* Fri Aug 07 2020 Michal Hlavinka <mhlavink@redhat.com> - 1:2.3.8-4
|
||||
- fix CVE-2020-12100 resource exhaustion via deeply nested MIME parts (#1866756)
|
||||
- fix CVE-2020-12673 out of bound reads in dovecot NTLM implementation (#1866761)
|
||||
- fix CVE-2020-12674 crash due to assert in RPA implementation (#1866768)
|
||||
|
||||
* Mon Jun 01 2020 Michal Hlavinka <mhlavink@redhat.com> - 1:2.3.8-3
|
||||
- fix CVE-2020-10957 dovecot: malformed NOOP commands leads to DoS (#1840354)
|
||||
- fix CVE-2020-10958 dovecot: command followed by sufficient number of newlines
|
||||
|
|
Loading…
Reference in New Issue