Hello community,
here is the log from the commit of package cyrus-imapd.4285 for openSUSE:13.1:Update checked in at 2015-12-04 11:41:22
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:13.1:Update/cyrus-imapd.4285 (Old)
and /work/SRC/openSUSE:13.1:Update/.cyrus-imapd.4285.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "cyrus-imapd.4285"
Changes:
--------
New Changes file:
--- /dev/null 2015-11-02 12:10:47.524024255 +0100
+++ /work/SRC/openSUSE:13.1:Update/.cyrus-imapd.4285.new/cyrus-imapd.changes 2015-12-04 11:41:24.000000000 +0100
@@ -0,0 +1,1518 @@
+-------------------------------------------------------------------
+Sun Nov 15 11:48:17 UTC 2015 - aj@ajaissle.de
+
+- Added cyrus-imapd-2.3.19-CVE-2015-8077.patch:
+ boo#954200, CVE-2015-8077: Integer overflow in range checks
+
+-------------------------------------------------------------------
+Sun Aug 23 10:55:58 UTC 2015 - aj@ajaissle.de
+
+- Update to 2.3.19 [boo#945841]
+ * Security fix: handle urlfetch range starting outside message range
+ * Disable use of SSLv2/SSLv3
+ * Support for Berkeley DB 5.x (thanks Ondrej Sury)
+ * Support for newer glibc versions (thanks Thomas Jarosch)
+ * Fixed bug #3465: support for perl 5.14 (thanks hsk@imb-jena.de)
+ * Fixed bug #3640: reject NULL bytes in headers on LMTP delivery (thanks Julien Coloos)
+
+- Rebased the following patch
+ * cyrus-imapd-db6.diff as cyrus-imapd-2.3.19-db6.patch
+
+- Removed the following patches (included upstream)
+ - cyrus-imapd-perl-5.14.patch
+
+-------------------------------------------------------------------
+Thu Jun 20 09:29:07 UTC 2013 - aj@ajaissle.de
+
+- Move kolab tag from package name to version field
+
+-------------------------------------------------------------------
+Fri Jun 14 01:06:46 UTC 2013 - jengelh@inai.de
+
+- Add cyrus-imapd-db6.diff to fix compile abort with db >= 5
+
+-------------------------------------------------------------------
+Mon May 27 08:29:47 UTC 2013 - werner@suse.de
+
+- Package perl-Cyrus-SIEVE-managesieve provides the sieveshell as
+ well as the package python-managesieve, therefore make them
+ conflicting
+
+-------------------------------------------------------------------
+Tue May 21 10:39:20 UTC 2013 - aj@ajaissle.de
+
+- Added /var/lib/imap/ptclient to %files section
+
+-------------------------------------------------------------------
+Fri Feb 15 11:26:29 UTC 2013 - aj@ajaissle.de
+
+- enable --with-ldap option
+
+-------------------------------------------------------------------
+Tue Jun 19 11:24:06 UTC 2012 - meissner@suse.com
+
+- allocate the right size (reported by frerichs@rz.uni-kiel.de)
+
+-------------------------------------------------------------------
+Fri Dec 2 07:47:58 UTC 2011 - coolo@suse.com
+
+- add automake as buildrequire to avoid implicit dependency
+
+-------------------------------------------------------------------
+Wed Oct 5 07:10:08 UTC 2011 - rhafer@suse.de
+
+- Update to 2.3.18:
+ Malicious NNTP clients could bypass the authentication and
+ execute commands that normally require authentication.
+ (bnc#719998, CVE-2011-3372)
+
+-------------------------------------------------------------------
+Tue Sep 27 16:36:08 CEST 2011 - meissner@suse.de
+
+- parallel make is not possible, see openSUSE:Factory:PowerPC build failure.
+
+-------------------------------------------------------------------
+Wed Sep 21 09:34:04 UTC 2011 - rhafer@suse.de
+
+- Update to 2.3.17. Only change:
+ * includes the nntpd bufferoverflow patch
+- Refreshed KOLAB patches
+- Fixed a potential DoS bug, when server-side threading is used
+ (bnc#718428)
+
+-------------------------------------------------------------------
+Sun Sep 18 00:14:26 UTC 2011 - jengelh@medozas.de
+
+- Remove redundant tags/sections from specfile
+- Use %_smp_mflags for parallel build
+
+-------------------------------------------------------------------
+Thu Sep 1 09:08:52 UTC 2011 - rhafer@suse.de
+
+- Fixed a buffer overflow in nntpd (bnc#715251)
+
+-------------------------------------------------------------------
+Mon Jun 20 09:50:50 UTC 2011 - rhafer@suse.de
+
+- TLS initialization failures could lead to a bdb resource leak
+ resulting lmtpd to stop delivering mails. (bnc#606710,
+ cyrus-bug#3252)
+
+-------------------------------------------------------------------
+Mon May 23 14:17:33 UTC 2011 - rhafer@suse.de
+
+- Fixed STARTTLS plaintext command injection vulnerability
+ (bnc#694247, cyrus-bug#3425)
+- Fixed building against newer perl release (5.14)
+
+-------------------------------------------------------------------
+Tue Dec 7 21:56:34 UTC 2010 - coolo@novell.com
+
+- remove /var/adm/perl-modules
+
+-------------------------------------------------------------------
+Fri Nov 19 08:56:19 UTC 2010 - rhafer@novell.com
+
+- Fixed cronjob to include the correct path to ctl_mboxlist
+ (bnc#650919)
+
+-------------------------------------------------------------------
+Wed Oct 27 15:37:35 UTC 2010 - rhafer@novell.com
+
+- removed unneeded authid_normalize.patch the same functionality
+ is already available through "username_tolower" since quite some
+ time.
+
+-------------------------------------------------------------------
+Thu Sep 30 09:34:35 UTC 2010 - rhafer@novell.com
+
+- Check for libdb 4.8 presence
+
+-------------------------------------------------------------------
+Sun Jun 13 13:00:36 UTC 2010 - rbos@opensuse.org
+
+- Define and use _name because the macro expansion is not smart enough.
+ Without this construction the name definition of cyrus-imapd-kolab is
+ changed to cyrus-imapd.
+
+-------------------------------------------------------------------
+Mon May 31 12:55:18 UTC 2010 - rhafer@novell.com
+
+- Don't create unneeded /var/lib/db/deliverdb directory
+- Add a default DB_CONFIG to avoid berkely db errors for deliver.db
+ (bnc#606710)
+
+-------------------------------------------------------------------
+Wed May 19 09:07:09 UTC 2010 - rhafer@novell.com
+
+- Removed unneeded useradd call from %install section
+- Fix the package naming for kolab package again (the last sumbit
+ request broke that accidently)
+
+-------------------------------------------------------------------
+Mon May 3 12:40:46 UTC 2010 - rhafer@novell.com
+
+- Only try to open user_deny.db once upon startup (bnc#601971).
+ Backported from cvs HEAD.
+
+-------------------------------------------------------------------
+Fri Apr 30 14:37:43 UTC 2010 - rhafer@novell.com
+
+- removed some unneeded patches
+- added missing tags to init script
+
+-------------------------------------------------------------------
+Wed Apr 28 11:42:32 UTC 2010 - rhafer@novell.com
+
+- Changed cyrus' homedir to /var/lib/imap
+
+-------------------------------------------------------------------
+Tue Apr 13 18:37:45 UTC 2010 - rbos@opensuse.org
+
+- Remove the obsolete tag "AutoReqProv: on", its default value is
+ already "on".
+
+-------------------------------------------------------------------
+Mon Apr 12 19:15:58 UTC 2010 - rbos@opensuse.org
+
+- Use cyrus-imapd-kolab when the package is build with kolab enabled
+- Use the preferred Requires(pre) tag instead of PreReq
+
+-------------------------------------------------------------------
+Fri Apr 9 10:20:34 UTC 2010 - rhafer@novell.com
+
+- Adjusted documentation to reflect the correct syslog facility
+ that the packages are build with ("daemon" instead of "local6")
+
+-------------------------------------------------------------------
+Tue Mar 30 11:35:40 UTC 2010 - rbos@opensuse.org
+
+- Removed Patch101 KOLAB_cyrus-imapd-%{version}_Annotations2.patch
+- Change Source107 to Patch107
+
+
+-------------------------------------------------------------------
+Tue Mar 30 08:33:47 UTC 2010 - rhafer@novell.com
+
+- Mention KOLAB_cyrus-imapd-2.3.16_cross-domain-acls.patch in the
++++ 1321 more lines (skipped)
++++ between /dev/null
++++ and /work/SRC/openSUSE:13.1:Update/.cyrus-imapd.4285.new/cyrus-imapd.changes
New:
----
DB_CONFIG
KOLAB_cyrus-imapd-2.3.18_Cyradm_Annotations.patch
KOLAB_cyrus-imapd-2.3.18_Folder-names.patch
KOLAB_cyrus-imapd-2.3.18_Groups2.patch
KOLAB_cyrus-imapd-2.3.18_Logging.patch
KOLAB_cyrus-imapd-2.3.18_UID.patch
KOLAB_cyrus-imapd-2.3.18_cross-domain-acls.patch
KOLAB_cyrus-imapd-2.3.18_timsieved_starttls-sendcaps.patch
charset.patch
cyrus-imapd-2.3.16-autocreate-0.10-0.drac.diff
cyrus-imapd-2.3.19-CVE-2015-8077.patch
cyrus-imapd-2.3.19-db6.patch
cyrus-imapd-2.3.19.tar.gz
cyrus-imapd-openslp.patch
cyrus-imapd-perl-path.patch
cyrus-imapd-rc.tar.gz
cyrus-imapd.changes
cyrus-imapd.spec
cyrus-imapd_references_header-dos.dif
cyrus-imapd_tls-session-leak.dif
luser_relay.patch
pie.patch
syslog-facility-doc.patch
user_deny_db-once.patch
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ cyrus-imapd.spec ++++++
#
# spec file for package cyrus-imapd
#
# Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
# Please submit bugfixes or comments via http://bugs.opensuse.org/
#
%if ! %{defined with_kolab}
%global with_kolab 0
%endif
%global __version 2.3.19
%if ! %{with_kolab}
%global _version %{__version}
%else
%global _version %{__version}_kolab
%endif
Name: cyrus-imapd
Url: http://cyrusimap.web.cmu.edu/
Summary: The Cyrus IMAP and POP Mail Server
License: BSD-3-Clause
Group: Productivity/Networking/Email/Servers
Version: %{_version}
Release: 0
Source: %{name}-%{__version}.tar.gz
Source1: cyrus-imapd-rc.tar.gz
Source2: DB_CONFIG
# The autocreate Patchset is maintained at:
# http://email.uoa.gr/projects/cyrus/autocreate/
Patch1: cyrus-imapd-2.3.16-autocreate-0.10-0.drac.diff
Patch4: luser_relay.patch
Patch5: user_deny_db-once.patch
Patch7: syslog-facility-doc.patch
Patch10: cyrus-imapd-openslp.patch
Patch12: pie.patch
Patch18: cyrus-imapd-perl-path.patch
Patch22: cyrus-imapd_tls-session-leak.dif
Patch23: cyrus-imapd_references_header-dos.dif
Patch24: charset.patch
Patch25: cyrus-imapd-2.3.19-db6.patch
# PATCH-FIX-UPSTREAM -- Fix for CVE-2015-8077
Patch26: cyrus-imapd-2.3.19-CVE-2015-8077.patch
%if %{with_kolab}
# KOLAB_cyrus-imapd patches are maintained at
# http://kolab.org/cgi-bin/viewcvs-kolab.cgi/server/imapd/patches/
Patch100: KOLAB_cyrus-imapd-2.3.18_Cyradm_Annotations.patch
Patch102: KOLAB_cyrus-imapd-2.3.18_Folder-names.patch
Patch103: KOLAB_cyrus-imapd-2.3.18_Groups2.patch
Patch104: KOLAB_cyrus-imapd-2.3.18_Logging.patch
Patch105: KOLAB_cyrus-imapd-2.3.18_timsieved_starttls-sendcaps.patch
Patch106: KOLAB_cyrus-imapd-2.3.18_UID.patch
Patch107: KOLAB_cyrus-imapd-2.3.18_cross-domain-acls.patch
%endif
BuildRoot: %{_tmppath}/%{name}-%{version}-build
BuildRequires: automake
BuildRequires: bison
BuildRequires: cyrus-sasl-devel
BuildRequires: db-devel
BuildRequires: drac
BuildRequires: ed
BuildRequires: flex
BuildRequires: krb5-devel
BuildRequires: openldap2-devel
BuildRequires: openslp-devel
BuildRequires: openssl-devel
BuildRequires: opie
BuildRequires: perl-Digest-SHA1
BuildRequires: pwdutils
BuildRequires: tcpd-devel
Requires(pre): /usr/sbin/useradd /usr/sbin/usermod %insserv_prereq %fillup_prereq /bin/sed
Requires(pre): /bin/awk /bin/grep /bin/cat /usr/bin/find /usr/bin/db_verify sh-utils
Requires(pre): fileutils cyrus-sasl netcfg /usr/bin/strings
Recommends: cron
Requires: perl-Cyrus-IMAP
Requires: perl-Cyrus-SIEVE-managesieve
Recommends: perl-TermReadLine-Gnu
Conflicts: imap courier-imap
Conflicts: cyrus-imapd-kolab
%package -n perl-Cyrus-IMAP
Conflicts: perl-Cyrus-IMAP-kolab
Summary: Cyrus IMAP Perl Module
Group: Development/Libraries/Perl
Requires: perl = %{perl_version}
%package -n perl-Cyrus-SIEVE-managesieve
Conflicts: perl-Cyrus-SIEVE-managesieve-kolab
Conflicts: python-managesieve
Summary: A Perl Module for Cyrus SIEVE
Group: Development/Libraries/Perl
Requires: perl = %{perl_version}
Recommends: perl-TermReadLine-Gnu
%package -n %{name}-devel
Conflicts: cyrus-imapd-kolab
Summary: Libraries and Includes for Cyrus IMAPd
Group: Development/Libraries/C and C++
%description
Cyrus is a highly scalable enterprise mail system designed for use in
enterprise environments of various sizes using standards based
technologies. Cyrus technologies scale from independent use in email
departments to a system centrally managed in a large enterprise.
%description -n perl-Cyrus-IMAP
A Cyrus IMAP Perl module for the Cyrus IMAPD.
%description -n perl-Cyrus-SIEVE-managesieve
A Perl module for Cyrus SIEVE.
%description -n %{name}-devel
This package provides the libraries and include files for Cyrus IMAPd.
%define cyrus_uid 96
%prep
%setup -q -a 1 -n %{name}-%{__version}
patch -s -p0 < contrib/drac_auth.patch
%patch1 -p1
%patch4 -p1
%patch5 -p1
%patch7 -p1
%patch10
%patch12 -p1
%patch18
%patch22 -p1
%patch23 -p1
%patch24 -p1
%patch25 -p1
%patch26 -p1
%if %{with_kolab}
%patch100 -p1
%patch102 -p1
%patch103 -p1
%patch104 -p1
%patch105 -p1
%patch106 -p1
%patch107 -p1
%endif
%build
rm -fr aclocal.m4 configure config.h.in autom4te.cache
sh SMakefile
%if %{with_kolab}
# CONFIGURE_ARGS="--with-ldap=%%{_includedir}"
# Kolab*_UID.patch breaks the configure argument --with-ldap=%%{_includedir}. It is not
# picked up by configure, use the line below as a workaround until the
# configure --with-ldap actually works
sed -i 's;\(IMAP_LIBS="${LIB_SASL}\) \(.*"\);\1 -lldap -llber \2;g' configure
%endif
export CFLAGS="$RPM_OPT_FLAGS -fno-strict-aliasing -I/usr/include/kerberosIV -I%{_libdir}/sasl2/include"
./configure --prefix=/usr \
--mandir=%{_mandir} \
--libdir=%{_libdir} \
--localstatedir=/var/lib \
--enable-idled \
--enable-murder \
--enable-netscapehack \
--enable-nntp \
--enable-replication \
--with-com_err=yes \
--with-cyrus-user=cyrus \
--with-cyrus-group=mail \
--with-cyrus-prefix=/usr/lib/cyrus \
--with-drac=%{_libdir} \
--with-gss_impl=auto \
--with-ldap=%{_includedir} \
--with-libwrap=/usr \
--with-lock=fcntl \
--with-openslp=%{_libdir} \
--with-openssl \
--with-perl=/usr/bin/perl \
--with-syslogfacility=DAEMON \
--without-ucdsnmp $CONFIGURE_ARGS
make depend %{?_smp_mflags}
make %{?_smp_mflags}
%install
mkdir -p $RPM_BUILD_ROOT/etc/init.d
mkdir -p $RPM_BUILD_ROOT/etc/pam.d
install -m 644 SuSE/imap $RPM_BUILD_ROOT/etc/pam.d/imap
install -m 644 SuSE/pop $RPM_BUILD_ROOT/etc/pam.d/pop
install -m 644 SuSE/sieve $RPM_BUILD_ROOT/etc/pam.d/sieve
mkdir -p $RPM_BUILD_ROOT/etc/cron.daily
mkdir -p $RPM_BUILD_ROOT/sbin
mkdir -p $RPM_BUILD_ROOT/var/adm
install -m 755 SuSE/rc.cyrus $RPM_BUILD_ROOT/etc/init.d/cyrus
ln -sf ../etc/init.d/cyrus $RPM_BUILD_ROOT/sbin/rccyrus
install -m 755 SuSE/cron.daily.cyrus $RPM_BUILD_ROOT/etc/cron.daily/suse.de-cyrus-imapd
rm -f tools/config2*
rm -rf tools/CVS
rm -rf contrib
chmod 644 doc/internal/*.html
mkdir -p $RPM_BUILD_ROOT/usr/lib/cyrus/tools/
install -m 755 tools/* $RPM_BUILD_ROOT/usr/lib/cyrus/tools/
#*****************************************************************************
# SuSEfirewall2 Services
#*****************************************************************************
install -d $RPM_BUILD_ROOT/etc/sysconfig/SuSEfirewall2.d/services/
install -m 644 SuSE/SuSEfirewall2.cyrus-imapd $RPM_BUILD_ROOT/etc/sysconfig/SuSEfirewall2.d/services/cyrus-imapd
export DESTDIR=$RPM_BUILD_ROOT
make install
# make install results in make install within the perl modules subdir, so
# remove the stuff from buildroot to satisfy the picky rpm4, as we don't need
# it and use install_vendor for perl modules below
rm -rf $RPM_BUILD_ROOT/%{perl_sitelib}
rm -rf $RPM_BUILD_ROOT/%{perl_sitearch}
#*****************************************************************************
# perl modules
#*****************************************************************************
# Cyrus IMAP
#*****************************************************************************
cd perl/imap
make DESTDIR=$RPM_BUILD_ROOT install_vendor
%perl_process_packlist -n perl-Cyrus-IMAP
cd -
#*****************************************************************************
# Cyrus SIEVE managesieve
#*****************************************************************************
cd perl/sieve/managesieve
make DESTDIR=$RPM_BUILD_ROOT install_vendor
%perl_process_packlist -n perl-Cyrus-SIEVE-managesieve
cd -
#*****************************************************************************
install -m 644 SuSE/imapd.conf $RPM_BUILD_ROOT/etc/imapd.conf
install -m 644 SuSE/cyrus.conf $RPM_BUILD_ROOT/etc/cyrus.conf
install -d -m 750 $RPM_BUILD_ROOT/var/lib/imap/user
install -d -m 750 $RPM_BUILD_ROOT/var/lib/imap/quota
install -d -m 700 $RPM_BUILD_ROOT/var/lib/imap/ptclient
install -d -m 750 $RPM_BUILD_ROOT/var/lib/imap/proc
install -d -m 750 $RPM_BUILD_ROOT/var/lib/imap/log
install -d -m 750 $RPM_BUILD_ROOT/var/lib/imap/msg
install -d -m 750 $RPM_BUILD_ROOT/var/lib/imap/db
install -m 644 %{SOURCE2} $RPM_BUILD_ROOT/var/lib/imap/db
install -d -m 750 $RPM_BUILD_ROOT/var/lib/imap/socket
install -d -m 750 $RPM_BUILD_ROOT/var/lib/sieve
for i in a b c d e f g h i j k l m n o p q r s t u v w x y z; do
install -d -m 755 $RPM_BUILD_ROOT/var/lib/imap/user/$i
install -d -m 755 $RPM_BUILD_ROOT/var/lib/imap/quota/$i
install -d -m 750 $RPM_BUILD_ROOT/var/lib/sieve/$i
done
#chown -R cyrus:mail $RPM_BUILD_ROOT/var/lib/imap
#chown -R cyrus:mail $RPM_BUILD_ROOT/var/lib/sieve
install -d -m 750 $RPM_BUILD_ROOT/var/spool/imap
install -d -m 750 $RPM_BUILD_ROOT/var/adm/backup/imap
#chown cyrus:mail $RPM_BUILD_ROOT/var/spool/imap
mv $RPM_BUILD_ROOT/%{_mandir}/man8/master.8 \
$RPM_BUILD_ROOT/%{_mandir}/man8/cyrus_master.8
mv $RPM_BUILD_ROOT/%{_mandir}/man8/idled.8 \
$RPM_BUILD_ROOT/%{_mandir}/man8/cyrus_idled.8
mv $RPM_BUILD_ROOT/%{_mandir}/man8/fetchnews.8 \
$RPM_BUILD_ROOT/%{_mandir}/man8/cyrus_fetchnews.8
find . -type d -a -name CVS | xargs rm -rfv
find . -type f -a -name .cvsignore | xargs rm -rfv
%pre
/usr/sbin/useradd -r -o -g mail -u %{cyrus_uid} -s /bin/bash -c "User for cyrus-imapd" -d /var/lib/imap cyrus 2> /dev/null || :
/usr/sbin/usermod -d /var/lib/imap cyrus || :
%preun
%stop_on_removal cyrus
%post
# Is this section still needed? If so, it's not working, so it should be rewritten.
# Also, Sieve port changed to 4190 (see http://www.ietf.org/assignments/service-names-port-numbers/service-names-por...).
grep -E "^sieve" etc/services >/dev/null || {
echo "Adding sieve service to /etc/services"
CFBAK=services.`date +%Y-%m-%d`
CFNEW=services.$$
cat etc/services | awk '
BEGIN { OFS="\t"; ORS="\n"; }
/^#/ { print; next; }
/[[:space:]]+2000\/(tcp|udp)/ { printf "sieve\t\t%s\t# Cyrus SIEVE\n", $2; next; }
{ print; next; };' > etc/$CFNEW
echo "Backing up old services as $CFBAK"
cp --remove-destination etc/services etc/$CFBAK
mv etc/$CFNEW etc/services
}
# End of section in question.
SIEVEUP=
IMAPUP=
test $1 -gt 1 && test -d usr/sieve -a ! -L usr/sieve && SIEVEUP=yes
test $1 -gt 1 && test -d var/imap -a ! -L var/imap && IMAPUP=yes
test -n "`find var/lib/sieve -type f`" && {
SIEVEUP=
}
test -n "`find var/lib/imap -type f`" && {
IMAPUP=
}
test -n "$SIEVEUP" && {
echo "Creating compatibility symlink /var/lib/sieve -> /usr/sieve"
rm -rf var/lib/sieve
ln -sf ../../usr/sieve var/lib/sieve
}
test -n "$IMAPUP" && {
echo "Creating compatibility symlink /var/lib/imap -> /var/imap"
rm -rf var/lib/imap
ln -sf ../imap /var/lib/imap
}
%{fillup_and_insserv cyrus}
%postun
%restart_on_update cyrus
%insserv_cleanup
%files
%defattr(-,root,root)
%config /etc/pam.d/*
%config /etc/cron.daily/suse.de-cyrus-imapd
%config(noreplace) /etc/imapd.conf
%config(noreplace) /etc/cyrus.conf
%config /etc/sysconfig/SuSEfirewall2.d/services/cyrus-imapd
%dir %attr(0750, cyrus, mail) /var/lib/imap
%attr(0750, cyrus, mail) /var/lib/imap/log
%attr(0750, cyrus, mail) /var/lib/imap/msg
%attr(0750, cyrus, mail) /var/lib/imap/proc
%attr(0750, cyrus, mail) /var/lib/imap/quota
%attr(0700, cyrus, mail) /var/lib/imap/ptclient
%attr(0750, cyrus, mail) /var/lib/imap/user
%attr(0750, cyrus, mail) /var/lib/imap/socket
%dir %attr(0750, cyrus, mail) /var/lib/imap/db
%config(noreplace) /var/lib/imap/db/DB_CONFIG
%attr(0750, cyrus, mail) /var/lib/sieve
%attr(0750, cyrus, mail) /var/spool/imap
%attr(0750, cyrus, mail) /var/adm/backup/imap
/etc/init.d/cyrus
/sbin/rccyrus
/usr/lib/cyrus
/usr/bin/cyradm
/usr/bin/imtest
/usr/bin/lmtptest
/usr/bin/mupdatetest
/usr/bin/nntptest
/usr/bin/pop3test
/usr/bin/sivtest
/usr/bin/smtptest
/usr/bin/synctest
%doc %{_mandir}/man1/cyradm.1.gz
%doc %{_mandir}/man1/imtest.1.gz
%doc %{_mandir}/man1/lmtptest.1.gz
%doc %{_mandir}/man1/mupdatetest.1.gz
%doc %{_mandir}/man1/nntptest.1.gz
%doc %{_mandir}/man1/pop3test.1.gz
%doc %{_mandir}/man1/sivtest.1.gz
%doc %{_mandir}/man1/smtptest.1.gz
%doc %{_mandir}/man3/imclient.3.gz
%doc %{_mandir}/man5/*.gz
%doc %{_mandir}/man8/*.gz
%doc COPYRIGHT README README.andrew doc
%doc SuSE/README.SuSE
%files -n %{name}-devel
%defattr(-,root,root)
/usr/include/cyrus
%{_libdir}/libcyrus.a
%{_libdir}/libcyrus_min.a
%files -n perl-Cyrus-IMAP
%defattr(-,root,root)
%dir %{perl_vendorarch}/Cyrus
%{perl_vendorarch}/Cyrus/IMAP
%{perl_vendorarch}/Cyrus/IMAP.pm
%dir %{perl_vendorarch}/auto/Cyrus
%{perl_vendorarch}/auto/Cyrus/IMAP
%if %{suse_version} < 1140
/var/adm/perl-modules/perl-Cyrus-IMAP
%endif
%doc %{_mandir}/man3/Cyrus::IMAP*
%files -n perl-Cyrus-SIEVE-managesieve
%defattr(-,root,root)
/usr/bin/installsieve
/usr/bin/sieveshell
%doc %{_mandir}/man1/installsieve.1.gz
%doc %{_mandir}/man1/sieveshell.1.gz
%dir %{perl_vendorarch}/Cyrus
%dir %{perl_vendorarch}/Cyrus/SIEVE
%{perl_vendorarch}/Cyrus/SIEVE/managesieve.pm
%dir %{perl_vendorarch}/auto/Cyrus
%dir %{perl_vendorarch}/auto/Cyrus/SIEVE
%{perl_vendorarch}/auto/Cyrus/SIEVE/managesieve
%if %{suse_version} < 1140
/var/adm/perl-modules/perl-Cyrus-SIEVE-managesieve
%endif
%doc %{_mandir}/man3/Cyrus::SIEVE::managesieve.3pm.gz
%changelog
++++++ DB_CONFIG ++++++
set_cachesize 0 2097152 1
set_lg_regionmax 2097152
set_lg_bsize 2097152
++++++ KOLAB_cyrus-imapd-2.3.18_Cyradm_Annotations.patch ++++++
Allows to use arbitrary annotations with the cyradm tool.
diff -r 69927cac0b1b doc/man/cyradm.1.html
--- a/doc/man/cyradm.1.html Fri Dec 04 10:32:26 2009 +0100
+++ b/doc/man/cyradm.1.html Fri Dec 04 10:32:33 2009 +0100
@@ -220,6 +220,13 @@
<dd>
<p>Sets an email address to which messages injected into the server via NNTP
will be sent.</p>
+</dd>
+</li>
+<dt><strong><a NAME="item__2fexplicit_2fannotation"><code>/explicit/annotation</code></a></strong>
+
+<dd>
+<p>Sets the annotation <em>/explicit/annotation</em>
+on <em>mailbox</em> to <em>value</em>.</p>
</dd>
<dt><strong><a name="sharedseen" class="item"><code>sharedseen</code></a></strong></dt>
diff -r 69927cac0b1b perl/imap/IMAP/Admin.pm
--- a/perl/imap/IMAP/Admin.pm Fri Dec 04 10:32:26 2009 +0100
+++ b/perl/imap/IMAP/Admin.pm Fri Dec 04 10:32:33 2009 +0100
@@ -797,11 +797,11 @@
return undef;
}
- if(!exists($values{$entry})) {
- $self->{error} = "Unknown parameter $entry";
+ if(exists($values{$entry})) {
+ $entry = $values{$entry};
+ } else {
+ $self->{error} = "Unknown parameter $entry" unless substr($entry,0,1) eq "/";
}
-
- $entry = $values{$entry};
my ($rc, $msg);
diff -r 69927cac0b1b perl/imap/IMAP/Shell.pm
--- a/perl/imap/IMAP/Shell.pm Fri Dec 04 10:32:26 2009 +0100
+++ b/perl/imap/IMAP/Shell.pm Fri Dec 04 10:32:33 2009 +0100
@@ -127,7 +127,7 @@
[\&_sc_info, '[mailbox]',
'display mailbox/server metadata'],
mboxcfg =>
- [\&_sc_mboxcfg, 'mailbox [comment|condstore|expire|news2mail|sharedseen|sieve|squat] value',
+ [\&_sc_mboxcfg, 'mailbox [comment|condstore|news2mail|expire|sieve|squat|/<explicit annotation>] value',
'configure mailbox'],
mboxconfig => 'mboxcfg',
reconstruct =>
@@ -1437,7 +1437,7 @@
while (defined ($opt = shift(@argv))) {
last if $opt eq '--';
if ($opt =~ /^-/) {
- die "usage: mboxconfig mailbox [comment|condstore|expire|news2mail|sharedseen|sieve|squat] value\n";
+ die "usage: mboxconfig mailbox [comment|condstore|expire|news2mail|sharedseen|sieve|squat|/<explicit annotation>] value\n";
}
else {
push(@nargv, $opt);
@@ -1446,7 +1446,7 @@
}
push(@nargv, @argv);
if (@nargv < 2) {
- die "usage: mboxconfig mailbox [comment|condstore|expire|news2mail|sharedseen|sieve|squat] value\n";
+ die "usage: mboxconfig mailbox [comment|condstore|expire|news2mail|sharedseen|sieve|squat|/<explicit annotation>] value\n";
}
if (!$cyrref || !$$cyrref) {
die "mboxconfig: no connection to server\n";
diff -r 69927cac0b1b perl/imap/cyradm.sh
--- a/perl/imap/cyradm.sh Fri Dec 04 10:32:26 2009 +0100
+++ b/perl/imap/cyradm.sh Fri Dec 04 10:32:33 2009 +0100
@@ -241,6 +241,10 @@
Indicates that the mailbox should have a squat index created for it.
+=item C
+
+Sets the annotation I on I<mailbox> to I<value>.
+
=back
=item C<renamemailbox> [C<--partition> I<partition>] I<oldname> I<newname>
++++++ KOLAB_cyrus-imapd-2.3.18_Folder-names.patch ++++++
Modifies the set of accepted characters in folder names for the cyrus imapd server [Version: 2.3.9]
Index: cyrus-imapd-2.3.17/imap/mboxname.c
===================================================================
--- cyrus-imapd-2.3.17.orig/imap/mboxname.c
+++ cyrus-imapd-2.3.17/imap/mboxname.c
@@ -720,8 +720,10 @@ int mboxname_netnewscheck(char *name)
/*
* Apply site policy restrictions on mailbox names.
* Restrictions are hardwired for now.
- */
+ * original definition
#define GOODCHARS " #$'+,-.0123456789:=@ABCDEFGHIJKLMNOPQRSTUVWXYZ_abcdefghijklmnopqrstuvwxyz~"
+ */
+#define GOODCHARS " #$%'()*+,-.0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[]^_`abcdefghijklmnopqrstuvwxyz{|}~"
int mboxname_policycheck(char *name)
{
unsigned i;
++++++ KOLAB_cyrus-imapd-2.3.18_Groups2.patch ++++++
diff -r 37030bf2b2bb lib/auth_unix.c
--- a/lib/auth_unix.c Fri Dec 04 10:25:24 2009 +0100
+++ b/lib/auth_unix.c Fri Dec 04 10:32:19 2009 +0100
@@ -46,6 +46,7 @@
#include
#include
#include
+#include
#include
#include
@@ -54,6 +55,126 @@
#include "xmalloc.h"
#include "util.h"
+#if defined(__FreeBSD__) || defined(__NetBSD__) || defined(__OpenBSD__)
+/*
+ * __getgrent.c - This file is part of the libc-8086/grp package for ELKS,
+ * Copyright (C) 1995, 1996 Nat Friedman .
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Library General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Library General Public License for more details.
+ *
+ * You should have received a copy of the GNU Library General Public
+ * License along with this library; if not, write to the Free
+ * Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+ *
+ */
+
+#include
+#include
+#include
+
+static struct group *__getgrent(int grp_fd, char *line_buff, char **members)
+{
+ short line_index;
+ short buff_size;
+ static struct group group;
+ register char *ptr;
+ char *field_begin;
+ short member_num;
+ char *endptr;
+ int line_len;
+
+ /* We use the restart label to handle malformatted lines */
+ restart:
+ line_index = 0;
+ buff_size = 256;
+
+ line_buff = realloc(line_buff, buff_size);
+ while (1) {
+ if ((line_len = read(grp_fd, line_buff + line_index,
+ buff_size - line_index)) <= 0) {
+ return NULL;
+ }
+ field_begin = strchr(line_buff, '\n');
+ if (field_begin != NULL) {
+ lseek(grp_fd,
+ (long) (1 + field_begin -
+ (line_len + line_index + line_buff)), SEEK_CUR);
+ *field_begin = '\0';
+ if (*line_buff == '#' || *line_buff == ' '
+ || *line_buff == '\n' || *line_buff == '\t')
+ goto restart;
+ break;
+ } else {
+ /* Allocate some more space */
+ line_index = buff_size;
+ buff_size += 256;
+ line_buff = realloc(line_buff, buff_size);
+ }
+ }
+
+ /* Now parse the line */
+ group.gr_name = line_buff;
+ ptr = strchr(line_buff, ':');
+ if (ptr == NULL)
+ goto restart;
+ *ptr++ = '\0';
+
+ group.gr_passwd = ptr;
+ ptr = strchr(ptr, ':');
+ if (ptr == NULL)
+ goto restart;
+ *ptr++ = '\0';
+
+ field_begin = ptr;
+ ptr = strchr(ptr, ':');
+ if (ptr == NULL)
+ goto restart;
+ *ptr++ = '\0';
+
+ group.gr_gid = (gid_t) strtoul(field_begin, &endptr, 10);
+ if (*endptr != '\0')
+ goto restart;
+
+ member_num = 0;
+ field_begin = ptr;
+
+ if (members != NULL)
+ free(members);
+ members = (char **) malloc((member_num + 1) * sizeof(char *));
+ for ( ; field_begin && *field_begin != '\0'; field_begin = ptr) {
+ if ((ptr = strchr(field_begin, ',')) != NULL)
+ *ptr++ = '\0';
+ members[member_num++] = field_begin;
+ members = (char **) realloc(members,
+ (member_num + 1) * sizeof(char *));
+ }
+ members[member_num] = NULL;
+
+ group.gr_mem = members;
+ return &group;
+}
+
+static char *line_buff = NULL;
+static char **members = NULL;
+
+struct group *fgetgrent(FILE *file)
+{
+ if (file == NULL) {
+ errno = EINTR;
+ return NULL;
+ }
+ return __getgrent(fileno(file), line_buff, members);
+}
+#endif /* __FreeBSD__ */
+
struct auth_state {
char userid[81];
char **group;
@@ -141,6 +262,25 @@
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
};
+static struct group* fgetgrnam(const char* name)
+{
+ struct group *grp;
+ FILE *groupfile;
+
+ groupfile = fopen("/etc/imapd.group", "r");
+ if (!groupfile) groupfile = fopen("/etc/group", "r");
+ if (groupfile) {
+ while ((grp = fgetgrent(groupfile))) {
+ if (strcmp(grp->gr_name, name) == 0) {
+ fclose(groupfile);
+ return grp;
+ }
+ }
+ }
+ if (groupfile) fclose(groupfile);
+ return NULL;
+}
+
/*
* Convert 'identifier' into canonical form.
* Returns a pointer to a static buffer containing the canonical form
@@ -176,7 +316,7 @@
*/
if (!strncmp(retbuf, "group:", 6)) {
- grp = getgrnam(retbuf+6);
+ grp = fgetgrnam(retbuf+6);
if (!grp) return NULL;
if (strlen(grp->gr_name) >= sizeof(retbuf)-6)
return NULL;
@@ -224,11 +364,12 @@
struct auth_state *newstate;
struct passwd *pwd;
struct group *grp;
-#if defined(HAVE_GETGROUPLIST) && defined(__GLIBC__)
+#if 0 && defined(HAVE_GETGROUPLIST) && defined(__GLIBC__)
gid_t gid, *groupids = NULL;
int ret, ngroups = 10;
#else
char **mem;
+ FILE *groupfile;
#endif
identifier = mycanonifyid(identifier, 0);
@@ -246,7 +387,7 @@
pwd = getpwnam(identifier);
-#if defined(HAVE_GETGROUPLIST) && defined(__GLIBC__)
+#if 0 && defined(HAVE_GETGROUPLIST) && defined(__GLIBC__)
gid = pwd ? pwd->pw_gid : (gid_t) -1;
/* get the group ids */
@@ -284,20 +425,23 @@
if (groupids) free(groupids);
#else /* !HAVE_GETGROUPLIST */
- setgrent();
- while ((grp = getgrent())) {
- for (mem = grp->gr_mem; *mem; mem++) {
- if (!strcmp(*mem, identifier)) break;
- }
+ groupfile = fopen("/etc/imapd.group", "r");
+ if (!groupfile) groupfile = fopen("/etc/group", "r");
+ if (groupfile) {
+ while ((grp = fgetgrent(groupfile))) {
+ for (mem = grp->gr_mem; *mem; mem++) {
+ if (!strcmp(*mem, identifier)) break;
+ }
- if (*mem || (pwd && pwd->pw_gid == grp->gr_gid)) {
- newstate->ngroups++;
- newstate->group = (char **)xrealloc((char *)newstate->group,
- newstate->ngroups * sizeof(char *));
- newstate->group[newstate->ngroups-1] = xstrdup(grp->gr_name);
- }
- }
- endgrent();
+ if (*mem || (pwd && pwd->pw_gid == grp->gr_gid)) {
+ newstate->ngroups++;
+ newstate->group = (char **)xrealloc((char *)newstate->group,
+ newstate->ngroups * sizeof(char *));
+ newstate->group[newstate->ngroups-1] = xstrdup(grp->gr_name);
+ }
+ }
+ fclose(groupfile);
+ }
#endif /* HAVE_GETGROUPLIST */
return newstate;
++++++ KOLAB_cyrus-imapd-2.3.18_Logging.patch ++++++
Provides improved logging for the cyrus imapd server [Version: 2.3.9]
Index: cyrus-imapd-2.3.17/imap/append.c
===================================================================
--- cyrus-imapd-2.3.17.orig/imap/append.c
+++ cyrus-imapd-2.3.17/imap/append.c
@@ -654,6 +654,9 @@ int append_fromstage(struct appendstate
/* ok, we've successfully added a message */
as->quota_used += message_index.size;
+ syslog(LOG_DEBUG, "append_fromstage: message %d added to %s",
+ message_index.uid, mailbox->name );
+
return 0;
}
Index: cyrus-imapd-2.3.17/imap/imapd.c
===================================================================
--- cyrus-imapd-2.3.17.orig/imap/imapd.c
+++ cyrus-imapd-2.3.17/imap/imapd.c
@@ -3779,6 +3779,8 @@ void cmd_close(char *tag, char *cmd)
if ((cmd[0] == 'C') && (imapd_mailbox->myrights & ACL_EXPUNGE)) {
if (!mailbox_expunge(imapd_mailbox, NULL, NULL, 0)) {
sync_log_mailbox(imapd_mailbox->name);
+ syslog(LOG_DEBUG, "cmd_expunge: user %s, mailbox %s, sequence %s",
+ imapd_userid, imapd_mailbox->name, "''");
}
}
Index: cyrus-imapd-2.3.17/imap/mailbox.c
===================================================================
--- cyrus-imapd-2.3.17.orig/imap/mailbox.c
+++ cyrus-imapd-2.3.17/imap/mailbox.c
@@ -2575,6 +2575,8 @@ int mailbox_expunge(struct mailbox *mail
*(fname->tail)++ = '/';
fname->len++;
for (msgno = 0; msgno < numdeleted; msgno++) {
+ syslog(LOG_DEBUG, "mailbox_expunge: removing mail %s:%d",
+ mailbox->name, deleted[msgno]);
mailbox_message_get_fname(mailbox, deleted[msgno],
fname->tail,
sizeof(fname->buf) - fname->len);
++++++ KOLAB_cyrus-imapd-2.3.18_UID.patch ++++++
Allows login by uid rather than the mail address on the cyrus imapd server [Version: 2.3.9]
Index: cyrus-imapd-2.3.17/configure
===================================================================
--- cyrus-imapd-2.3.17.orig/configure
+++ cyrus-imapd-2.3.17/configure
@@ -10860,7 +10860,7 @@ for flag in ${ldflags} ${default_ldflags
done
IMAP_COM_ERR_LIBS="${COM_ERR_LIBS}"
-IMAP_LIBS="${LIB_SASL} ${LIBS} ${SQL_LIBS}"
+IMAP_LIBS="${LIB_SASL} -lldap -llber ${LIBS} ${SQL_LIBS}"
Index: cyrus-imapd-2.3.17/imap/global.c
===================================================================
--- cyrus-imapd-2.3.17.orig/imap/global.c
+++ cyrus-imapd-2.3.17/imap/global.c
@@ -54,6 +54,9 @@
#include
#include
+#include
+#include
+
#if HAVE_UNISTD_H
# include
#endif
@@ -383,6 +386,18 @@ char *canonify_userid(char *user, char *
char *domain = NULL;
int len = strlen(user);
char buf[81];
+ const char *uri;
+ const char *base;
+ const char *binddn;
+ const char *bindpw;
+ struct timeval timeout;
+ char filter[255];
+ LDAP *handle;
+ LDAPMessage *res;
+ LDAPMessage *entry;
+ struct berval** vals;
+
+ int rc;
/* check for domain */
if (config_virtdomains &&
@@ -401,6 +416,49 @@ char *canonify_userid(char *user, char *
}
if (config_virtdomains) {
+ if (config_virtdomains == IMAP_ENUM_VIRTDOMAINS_LDAP) {
+ uri = config_getstring(IMAPOPT_LDAP_URI);
+ base = config_getstring(IMAPOPT_LDAP_BASE);
+ binddn = config_getstring(IMAPOPT_LDAP_BIND_DN);
+ bindpw = config_getstring(IMAPOPT_LDAP_PASSWORD);
+ timeout.tv_sec = config_getint(IMAPOPT_LDAP_TIME_LIMIT);
+ timeout.tv_usec = 0;
+ sprintf(filter, "(uid=%s)", user);
+ rc = ldap_initialize(&handle, uri);
+ if (rc != LDAP_SUCCESS) {
+ syslog(LOG_ERR, "ldap_initialize failed (%s)", uri);
+ } else {
+ rc = ldap_simple_bind_s(handle, binddn, bindpw);
+ if (rc != LDAP_SUCCESS) {
+ syslog(LOG_ERR, "ldap_simple_bind() failed %d (%s)", rc, ldap_err2string(rc));
+ } else {
+ rc = ldap_search_st(handle, base, LDAP_SCOPE_SUBTREE, filter, NULL, 0, &timeout, &res);
+ if (rc != LDAP_SUCCESS) {
+ syslog(LOG_ERR, "ldap_search_st failed %d (%s)", rc, ldap_err2string(rc));
+ } else {
+ if ( (entry = ldap_first_entry(handle, res)) != NULL ) {
+ // read mail attribute from entry
+ if ( (vals = ldap_get_values_len(handle, entry, "mail")) ) {
+ if (memchr(vals[0]->bv_val, '@', vals[0]->bv_len)) {
+ static char buf[81]; /* same size as in auth_canonifyid */
+ int len = ((sizeof(buf) - 1) > vals[0]->bv_len ? vals[0]->bv_len : sizeof(buf) - 1);
+ strncpy( buf, vals[0]->bv_val, len);
+ buf[len] = '\0'; /* make sure it's null-terminated */
+ ldap_value_free_len( vals );
+ ldap_msgfree( res );
+ ldap_unbind_s(handle); /* also frees handle */
+ syslog(LOG_DEBUG, "canonify: '%s'\n", buf);
+ return auth_canonifyid( buf, 0) ;
+ }
+ ldap_value_free_len( vals );
+ }
+ }
+ ldap_msgfree( res );
+ }
+ }
+ ldap_unbind_s(handle); /* also frees handle */
+ }
+ }
if (domain) {
if (config_defdomain && !strcasecmp(config_defdomain, domain+1)) {
*domain = '\0'; /* trim the default domain */
@@ -413,7 +471,7 @@ char *canonify_userid(char *user, char *
user = buf;
}
}
- else if (config_virtdomains != IMAP_ENUM_VIRTDOMAINS_USERID) {
+ else if (config_virtdomains != IMAP_ENUM_VIRTDOMAINS_USERID && config_virtdomains != IMAP_ENUM_VIRTDOMAINS_LDAP) {
socklen_t salen;
int error;
struct sockaddr_storage localaddr;
Index: cyrus-imapd-2.3.17/lib/imapoptions
===================================================================
--- cyrus-imapd-2.3.17.orig/lib/imapoptions
+++ cyrus-imapd-2.3.17/lib/imapoptions
@@ -1265,7 +1265,7 @@ product version in the capabilities */
mailbox hierarchy. The default is to use the netnews separator
character '.'. */
-{ "virtdomains", "off", ENUM("off", "userid", "on") }
+{ "virtdomains", "off", ENUM("off", "userid", "ldap", "on") }
/* Enable virtual domain support. If enabled, the user's domain will
be determined by splitting a fully qualified userid at the last '@'
or '%' symbol. If the userid is unqualified, and the virtdomains
++++++ KOLAB_cyrus-imapd-2.3.18_cross-domain-acls.patch ++++++
Index: cyrus-imapd-2.3.17/imap/mboxlist.c
===================================================================
--- cyrus-imapd-2.3.17.orig/imap/mboxlist.c
+++ cyrus-imapd-2.3.17/imap/mboxlist.c
@@ -1618,7 +1618,7 @@ int mboxlist_setacl(const char *name, co
except for "anonymous", "anyone", the global admin
and users in the default domain */
if ((cp = strchr(identifier, '@'))) {
- if (rights &&
+ if (!config_getswitch(IMAPOPT_ALLOWCROSSDOMAINACLS) && rights &&
((domain && strncasecmp(cp+1, domain, strlen(cp+1))) ||
(!domain && (!config_defdomain ||
strcasecmp(config_defdomain, cp+1))))) {
@@ -1960,6 +1960,7 @@ struct find_rock {
int usermboxnamelen;
int checkmboxlist;
int checkshared;
+ int crossdomain;
int isadmin;
struct auth_state *auth_state;
int (*proc)(char *, int, int, void *rock);
@@ -1977,7 +1978,9 @@ static int find_p(void *rockp,
long matchlen;
/* don't list mailboxes outside of the default domain */
- if (!rock->domainlen && !rock->isadmin && memchr(key, '!', keylen)) return 0;
+ if (!rock->domainlen && !rock->isadmin && memchr(key, '!', keylen) &&
+ !config_getswitch(IMAPOPT_ALLOWCROSSDOMAINACLS))
+ return 0;
minmatch = 0;
if (rock->inboxoffset) {
@@ -2150,6 +2153,23 @@ static int find_cb(void *rockp,
}
rock->checkshared = 0;
+
+ if (rock->find_namespace == NAMESPACE_USER &&
+ config_getswitch(IMAPOPT_ALLOWCROSSDOMAINACLS) && !rock->isadmin &&
+ !rock->crossdomain) {
+ char *cp = strchr(namebuf+rock->inboxoffset, '!');
+ if (cp) {
+ int local_matchlen = (matchlen - 1 -
+ (cp - (namebuf+rock->inboxoffset)));
+ if (!strncmp(cp + 1, "user", local_matchlen)) {
+ r = (*rock->proc)(cp + 1, local_matchlen, 1,
+ rock->procrock);
+ return CYRUSDB_DONE;
+ }
+ }
+ }
+
+
r = (*rock->proc)(namebuf+rock->inboxoffset, matchlen,
1, rock->procrock);
@@ -2170,6 +2190,91 @@ static int find_cb(void *rockp,
return r;
}
+
+static void convert_cross_domain_pattern(char *domainpat, int domainpatlen,
+ char **converted_pattern,
+ const char *pattern, int *crossdomainmatch,
+ const char *domain)
+{
+ int patternlen = strlen(pattern);
+ char *domain_pattern, *local_dest;
+ char *local_pattern, *domain_dest;
+ int local_prefix_len;
+ const char *src;
+ int c;
+
+ domain_dest = domain_pattern = xmalloc(patternlen + 1);
+ local_dest = local_pattern = xmalloc(patternlen + 1);
+ src = pattern;
+
+ while ((c = *src++)) {
+ *local_dest++ = c;
+ if (c == '.' || c == '*')
+ break;
+ }
+
+ local_prefix_len = local_dest - local_pattern;
+ if (c && c != '.')
+ local_prefix_len -= 1;
+ if (strncmp(pattern, "user.", local_prefix_len) == 0) {
+ /* pattern matches "user.*". so convert the domain part of the
+ * pattern */
+
+ if (c == '*') {
+ /* the pattern can match any domain */
+ *domain_dest++ = '*';
+ }
+ else if (c == '.') {
+ while ((c = *src++)) {
+ if (c == '.')
+ break;
+ if (c == '^')
+ c = '.';
+ *domain_dest++ = (c == '%' ? '*' : c);
+ if (c == '*')
+ break;
+ }
+
+ if (c == '*') {
+ *local_dest++ = '*';
+ }
+ }
+
+ if (c) {
+ strcpy(local_dest, src);
+ }
+ else {
+ if (local_dest > local_pattern) {
+ if (local_dest[-1] == '.') {
+ local_dest--;
+ }
+ }
+ *local_dest = 0;
+ }
+
+ if (domain_dest == domain_pattern) {
+ *domain_dest++ = '*';
+ }
+ *domain_dest++ = '!';
+ *domain_dest = 0;
+
+ strncpy(domainpat, domain_pattern, domainpatlen);
+ domainpat[domainpatlen - 1] = 0;
+ strncat(domainpat, local_pattern, domainpatlen - strlen(domainpat) - 1);
+
+ *converted_pattern = xstrdup(local_pattern);
+ *crossdomainmatch = 1;
+ }
+ else {
+ /* pattern doesn't contain an explicit domain part */
+ snprintf(domainpat, domainpatlen, "*!%s", pattern);
+ *crossdomainmatch = 0;
+ }
+
+ free(domain_pattern);
+ free(local_pattern);
+}
+
/*
* Find all mailboxes that match 'pattern'.
* 'isadmin' is nonzero if user is a mailbox admin. 'userid'
@@ -2193,8 +2298,11 @@ int mboxlist_findall(struct namespace *n
char *p;
int prefixlen;
int userlen = userid ? strlen(userid) : 0, domainlen = 0;
+ int domainpat_prefixlen = 0;
char domainpat[MAX_MAILBOX_BUFFER] = ""; /* do intra-domain fetches only */
char *pat = NULL;
+ char *converted_pattern = NULL;
+ int crossdomainmatch = 0;
if (config_virtdomains) {
char *domain;
@@ -2204,8 +2312,10 @@ int mboxlist_findall(struct namespace *n
domainlen = strlen(domain); /* includes separator */
if ((p = strchr(pattern , '!'))) {
- if ((p-pattern != domainlen-1) ||
- strncmp(pattern, domain+1, domainlen-1)) {
+ if (!(config_getswitch(IMAPOPT_ALLOWCROSSDOMAINACLS) &&
+ !isadmin) &&
+ ((p-pattern != domainlen-1) ||
+ strncmp(pattern, domain+1, domainlen-1))) {
/* don't allow cross-domain access */
return IMAP_MAILBOX_BADNAME;
}
@@ -2213,7 +2323,16 @@ int mboxlist_findall(struct namespace *n
pattern = p+1;
}
- snprintf(domainpat, sizeof(domainpat), "%s!%s", domain+1, pattern);
+ if (!(config_getswitch(IMAPOPT_ALLOWCROSSDOMAINACLS) && !isadmin)) {
+ snprintf(domainpat, sizeof(domainpat), "%s!%s", domain+1, pattern);
+ }
+ else {
+ convert_cross_domain_pattern(domainpat, sizeof(domainpat),
+ &converted_pattern, pattern,
+ &crossdomainmatch, domain + 1);
+ if (converted_pattern)
+ pattern = converted_pattern;
+ }
}
if ((p = strrchr(pattern, '@'))) {
/* global admin specified mbox@domain */
@@ -2243,6 +2362,7 @@ int mboxlist_findall(struct namespace *n
cbrock.auth_state = auth_state;
cbrock.checkmboxlist = 0; /* don't duplicate work */
cbrock.checkshared = 0;
+ cbrock.crossdomain = 0;
cbrock.proc = proc;
cbrock.procrock = rock;
@@ -2302,6 +2422,12 @@ int mboxlist_findall(struct namespace *n
prefixlen = p - pattern;
*p = '\0';
+ /* Find fixed-string domain pattern prefix */
+ for (p = domainpat; *p; p++) {
+ if (*p == '*' || *p == '%' || *p == '?' || *p == '@') break;
+ }
+ domainpat_prefixlen = p - domainpat;
+
/*
* If user.X.* or INBOX.* can match pattern,
* search for those mailboxes next
@@ -2334,6 +2460,7 @@ int mboxlist_findall(struct namespace *n
glob_free(&cbrock.g);
cbrock.g = glob_init(domainpat, GLOB_HIERARCHY);
cbrock.inboxoffset = 0;
+ cbrock.crossdomain = crossdomainmatch;
if (usermboxnamelen) {
usermboxname[--usermboxnamelen] = '\0';
cbrock.usermboxname = usermboxname;
@@ -2343,7 +2470,7 @@ int mboxlist_findall(struct namespace *n
just bother looking at the ones that have the same pattern
prefix. */
r = DB->foreach(mbdb,
- domainpat, domainlen + prefixlen,
+ domainpat, domainpat_prefixlen,
&find_p, &find_cb, &cbrock,
NULL);
}
@@ -2352,6 +2479,7 @@ int mboxlist_findall(struct namespace *n
done:
glob_free(&cbrock.g);
if (pat) free(pat);
+ if (converted_pattern) free(converted_pattern);
return r;
}
@@ -2389,6 +2517,7 @@ int mboxlist_findall_alt(struct namespac
cbrock.auth_state = auth_state;
cbrock.checkmboxlist = 0; /* don't duplicate work */
cbrock.checkshared = 0;
+ cbrock.crossdomain = 0;
cbrock.proc = proc;
cbrock.procrock = rock;
@@ -3029,6 +3158,7 @@ int mboxlist_findsub(struct namespace *n
cbrock.auth_state = auth_state;
cbrock.checkmboxlist = !force;
cbrock.checkshared = 0;
+ cbrock.crossdomain = 0;
cbrock.proc = proc;
cbrock.procrock = rock;
@@ -3180,6 +3310,7 @@ int mboxlist_findsub_alt(struct namespac
cbrock.auth_state = auth_state;
cbrock.checkmboxlist = !force;
cbrock.checkshared = 0;
+ cbrock.crossdomain = 0;
cbrock.proc = proc;
cbrock.procrock = rock;
Index: cyrus-imapd-2.3.17/imap/mboxname.c
===================================================================
--- cyrus-imapd-2.3.17.orig/imap/mboxname.c
+++ cyrus-imapd-2.3.17/imap/mboxname.c
@@ -113,6 +113,8 @@ static int mboxname_tointernal(struct na
char *cp;
char *atp;
int userlen, domainlen = 0, namelen;
+ int name_has_domain = 0;
+ const char *name_local_part = NULL;
/* Blank the result, just in case */
result[0] = '\0';
@@ -163,6 +165,18 @@ static int mboxname_tointernal(struct na
}
}
+ if (config_getswitch(IMAPOPT_ALLOWCROSSDOMAINACLS) &&
+ !namespace->isadmin &&
+ !strncmp(name, "user", 4) && name[4] == namespace->hier_sep) {
+ name_local_part = strchr(name + 5, namespace->hier_sep);
+ if (!name_local_part) {
+ name_local_part = name + strlen(name);
+ }
+ domainlen = name_local_part - (name + 5) + 1;
+ sprintf(result, "%.*s!", domainlen - 1, name + 5);
+ name_has_domain = 1;
+ }
+
/* if no domain specified, we're in the default domain */
}
@@ -193,7 +207,13 @@ static int mboxname_tointernal(struct na
if (domainlen+namelen > MAX_MAILBOX_NAME) {
return IMAP_MAILBOX_BADNAME;
}
- sprintf(result, "%.*s", namelen, name);
+
+ if (name_has_domain) {
+ sprintf(result, "user%s", name_local_part ? name_local_part : "");
+ }
+ else {
+ sprintf(result, "%.*s", namelen, name);
+ }
/* Translate any separators in mailboxname */
mboxname_hiersep_tointernal(namespace, result, 0);
@@ -356,6 +376,7 @@ static int mboxname_toexternal(struct na
{
char *domain = NULL, *cp;
size_t domainlen = 0, resultlen;
+ int append_domain = 1;
/* Blank the result, just in case */
result[0] = '\0';
@@ -370,18 +391,29 @@ static int mboxname_toexternal(struct na
/* don't use the domain if it matches the user's domain */
if (userid && (cp = strchr(userid, '@')) &&
(strlen(++cp) == domainlen) && !strncmp(domain, cp, domainlen))
- domain = NULL;
+ append_domain = 0;
}
- strcpy(result, name);
-
- /* Translate any separators in mailboxname */
- mboxname_hiersep_toexternal(namespace, result, 0);
+ if (config_getswitch(IMAPOPT_ALLOWCROSSDOMAINACLS) && !namespace->isadmin
+ && domain && !strncmp(name, "user", 4) &&
+ (name[4] == 0 || name[4] == '.')) {
+ sprintf(result, "user%c%.*s", namespace->hier_sep, domainlen, domain);
+ if (name[4] != 0)
+ sprintf(result + domainlen + 5, "%c%s", namespace->hier_sep,
+ name + 5);
+ mboxname_hiersep_toexternal(namespace, result + domainlen + 6, 0);
+ append_domain = 0;
+ }
+ else {
+ strcpy(result, name);
+ /* Translate any separators in mailboxname */
+ mboxname_hiersep_toexternal(namespace, result, 0);
+ }
resultlen = strlen(result);
/* Append domain */
- if (domain) {
+ if (domain && append_domain) {
if(resultlen+domainlen+1 > MAX_MAILBOX_NAME)
return IMAP_MAILBOX_BADNAME;
Index: cyrus-imapd-2.3.17/lib/imapoptions
===================================================================
--- cyrus-imapd-2.3.17.orig/lib/imapoptions
+++ cyrus-imapd-2.3.17/lib/imapoptions
@@ -1278,6 +1278,9 @@ product version in the capabilities */
/* Send mail to mailboxes, which do not exists, to this user. NOTE: This must
be an existing local mailbox name. NOT an email address! */
+{ "allowcrossdomainacls", 0, SWITCH }
+/* Allow ACL across domain boundaries. */
+
/*
.SH SEE ALSO
.PP
++++++ KOLAB_cyrus-imapd-2.3.18_timsieved_starttls-sendcaps.patch ++++++
This patch was downloaded from https://bugzilla.andrew.cmu.edu/cgi-bin/cvsweb.cgi/src/cyrus/timsieved/parse...
(minus the CVS keywords)
It should be reverse-applied with patch -p2 -R to work around the kontact
behaviour described in kolab/issue2443 (kontact aborts sieve when imapd sends
capabilities after starttls) and can be dropped as soon as kontact has a way
to work with old and new cyrus imapd servers.
Index: cyrus-imapd-2.3.17/timsieved/parser.c
===================================================================
--- cyrus-imapd-2.3.17.orig/timsieved/parser.c
+++ cyrus-imapd-2.3.17/timsieved/parser.c
@@ -912,8 +912,7 @@ static int cmd_starttls(struct protstrea
starttls_done = 1;
- return capabilities(sieved_out, sieved_saslconn, starttls_done,
- authenticated, sasl_ssf);
+ return result;
}
#else
static int cmd_starttls(struct protstream *sieved_out, struct protstream *sieved_in)
++++++ charset.patch ++++++
Index: cyrus-imapd-2.3.18/lib/charset.c
===================================================================
--- cyrus-imapd-2.3.18.orig/lib/charset.c
+++ cyrus-imapd-2.3.18/lib/charset.c
@@ -723,7 +723,7 @@ struct convert_rock *search_init(const c
s->substr = (unsigned char *)substr;
/* allocate tracking space and initialise to "no match" */
- s->starts = xmalloc(s->max_start * sizeof(int));
+ s->starts = xmalloc(s->max_start * sizeof(size_t));
for (i = 0; i < s->max_start; i++) {
s->starts[i] = -1;
}
++++++ cyrus-imapd-2.3.16-autocreate-0.10-0.drac.diff ++++++
++++ 2429 lines (skipped)
++++++ cyrus-imapd-2.3.19-CVE-2015-8077.patch ++++++
diff -Ppru cyrus-imapd-2.3.19.orig/imap/index.c cyrus-imapd-2.3.19/imap/index.c
--- cyrus-imapd-2.3.19.orig/imap/index.c 2015-07-06 06:48:40.000000000 +0200
+++ cyrus-imapd-2.3.19/imap/index.c 2015-11-15 15:13:04.488920597 +0100
@@ -2774,7 +2774,8 @@ int index_urlfetch(struct mailbox *mailb
const char *cachestr;
int fetchmime = 0;
unsigned size, offset = 0, skip = 0;
- int n, r = 0;
+ unsigned long n;
+ int r = 0;
if (outsize) *outsize = 0;
@@ -2874,7 +2875,7 @@ int index_urlfetch(struct mailbox *mailb
start_octet = size;
n = 0;
}
- else if (start_octet + n > size) {
+ else if (start_octet + n < start_octet || start_octet + n > size) {
n = size - start_octet;
}
@@ -2887,7 +2888,7 @@ int index_urlfetch(struct mailbox *mailb
if (outsize)
*outsize = n;
else
- prot_printf(pout, "{%u}\r\n", n);
+ prot_printf(pout, "{%lu}\r\n", n);
if (n) prot_write(pout, msg_base + offset + start_octet, n);
++++++ cyrus-imapd-2.3.19-db6.patch ++++++
From: Jan Engelhardt
Date: 2013-06-14 02:52:48.129456384 +0200
src: make compilation with libdb-6.0 succeed
db-6.0 has hit the scene.
The changes for ->set_bt_compare (mbox_compar) are not yet present
in cyrus-imapd-2.4.17.
---
lib/cyrusdb_berkeley.c | 5 +++++
1 file changed, 5 insertions(+)
Index: cyrus-imapd-2.3.19/lib/cyrusdb_berkeley.c
===================================================================
--- cyrus-imapd-2.3.19.orig/lib/cyrusdb_berkeley.c
+++ cyrus-imapd-2.3.19/lib/cyrusdb_berkeley.c
@@ -388,8 +388,13 @@ static int myarchive(const char **fnames
return 0;
}
+#if DB_VERSION_MAJOR >= 6
+static int mbox_compar(DB *db __attribute__((unused)),
+ const DBT *a, const DBT *b, size_t *locp)
+#else
static int mbox_compar(DB *db __attribute__((unused)),
const DBT *a, const DBT *b)
+#endif
{
return bsearch_ncompare((const char *) a->data, a->size,
(const char *) b->data, b->size);
++++++ cyrus-imapd-openslp.patch ++++++
Index: configure.in
===================================================================
--- configure.in.orig
+++ configure.in
@@ -1194,6 +1194,19 @@ AC_ARG_WITH(drac, [ --with-drac=DIR
fi)
AC_SUBST(DRACLIBS)
+dnl
+dnl Test for OpenSLP
+dnl
+SLPLIBS=
+AC_ARG_WITH(openslp, [ --with-openslp=DIR use OpenSLP library in <DIR> [no] ],
+ if test -d "$withval"; then
+ LDFLAGS="$LDFLAGS -L${withval}"
+ AC_CHECK_LIB(slp, SLPOpen,
+ AC_DEFINE(USE_SLP,[],[Compile with OpenSLP?])
+ SLPLIBS="-lslp")
+ fi)
+AC_SUBST(SLPLIBS)
+
CMU_LIBWRAP
CMU_UCDSNMP
Index: master/Makefile.in
===================================================================
--- master/Makefile.in.orig
+++ master/Makefile.in
@@ -58,7 +58,7 @@ DEPLIBS = @DEPLIBS@
CFLAGS = @CFLAGS@
LDFLAGS = @LDFLAGS@ @COM_ERR_LDFLAGS@
-LIBS = ../lib/libcyrus_min.a @LIB_UCDSNMP@ @LIBS@ @COM_ERR_LIBS@
+LIBS = ../lib/libcyrus_min.a @LIB_UCDSNMP@ @LIBS@ @COM_ERR_LIBS@ @SLPLIBS@
SHELL = /bin/sh
MAKEDEPEND = @MAKEDEPEND@
Index: master/master.c
===================================================================
--- master/master.c.orig
+++ master/master.c
@@ -110,6 +110,10 @@
int deny_severity = LOG_ERR;
#endif
+#ifdef USE_SLP
+#include
+#endif
+
#include "masterconf.h"
#include "master.h"
@@ -119,6 +123,16 @@
#include "util.h"
#include "xmalloc.h"
+#ifdef USE_SLP
+#define URL_MAX 1024
+SLPHandle phslp;
+struct slpurl {
+ char srvurl[URL_MAX];
+ struct slpurl *next;
+};
+struct slpurl *start = NULL;
+#endif
+
enum {
become_cyrus_early = 1,
child_table_size = 10000,
@@ -181,10 +195,41 @@ static struct timeval janitor_mark; /* L
void limit_fds(rlim_t);
void schedule_event(struct event *a);
+#ifdef USE_SLP
+void SLPRegReportCB(SLPHandle hslp, SLPError errcode, void* cookie)
+{
+ /* return the error code in the cookie */
+ *(SLPError*)cookie = errcode;
+
+ /* You could do something else here like print out */
+ /* the errcode, etc. Remember, as a general rule, */
+ /* do not try to do too much in a callback because */
+ /* it is being executed by the same thread that is */
+ /* reading slp packets from the wire. */
+}
+
+void SLPshutdown(void)
+{
+ struct slpurl *ttmp,*tmp = start;
+ SLPError callbackerr;
+ while( tmp ) {
+ syslog(LOG_INFO,"SLPderegister [%s]",tmp->srvurl);
+ SLPDereg(phslp, tmp->srvurl, SLPRegReportCB, &callbackerr);
+ ttmp = tmp;
+ tmp = tmp->next;
+ free(ttmp);
+ }
+ SLPClose(&phslp);
+}
+#endif
+
void fatal(const char *msg, int code)
{
syslog(LOG_CRIT, "%s", msg);
syslog(LOG_NOTICE, "exiting");
+#ifdef USE_SLP
+ SLPshutdown();
+#endif
exit(code);
}
@@ -466,7 +511,90 @@ void service_create(struct service *s)
s->socket = 0;
continue;
}
-
+
+#ifdef USE_SLP
+ if ((!strcmp(s->proto, "tcp")) && s->listen[0] != '/' ) {
+ SLPError err;
+ SLPError callbackerr;
+ char *listen, *service;
+ char *listen_addr;
+ int port;
+ char hname[URL_MAX];
+ char dname[URL_MAX];
+ char turl[URL_MAX];
+ struct slpurl *u;
+ char registered = 0;
+
+
+ /* parse_listen() and resolve_host() are destructive,
+ * so make a work copy of s->listen
+ */
+ listen = xstrdup(s->listen);
+
+ if ((service = parse_listen(listen)) == NULL) {
+ /* listen IS the port */
+ service = listen;
+ listen_addr = NULL;
+ } else {
+ /* s->listen is now just the address */
+ listen_addr = parse_host(listen);
+ if (*listen_addr == '\0')
+ listen_addr = NULL;
+ }
+ port = ntohs(((struct sockaddr_in *)(res)->ai_addr)->sin_port);
+ gethostname(hname,URL_MAX);
+ getdomainname(dname,URL_MAX);
+
+ snprintf(turl,URL_MAX,"service:%s://%s.%s:%d",
+ service,
+ hname, dname,
+ port);
+
+ /* check, whether we already registered the service */
+ u = start;
+ while( u ) {
+ if( ! strcmp(u->srvurl,turl) ) registered = 1;
+ u = u->next;
+ }
+
+ if( ! registered ) {
+ u = (struct slpurl *)calloc(1,sizeof(struct slpurl));
+ if( ! u )
+ fatal("out of memory", EX_UNAVAILABLE);
+
+ strncpy(u->srvurl,turl,URL_MAX);
+
+ if( start == NULL ) {
+ start = u;
+ } else {
+ struct slpurl *tmp = start;
+ while( tmp->next ) tmp = tmp->next;
+ tmp->next = u;
+ }
+ syslog(LOG_INFO,"SLPRegister [%s]",u->srvurl);
+
+ err = SLPReg(phslp,
+ u->srvurl,
+ SLP_LIFETIME_MAXIMUM,
+ 0,
+ "",
+ SLP_TRUE,
+ SLPRegReportCB,
+ &callbackerr );
+
+ if(( err != SLP_OK) || (callbackerr != SLP_OK))
+ {
+ syslog(LOG_ERR,"Error registering service with slp %i",err);
+ }
+
+ if( callbackerr != SLP_OK)
+ {
+ syslog(LOG_ERR,"Error registering service with slp %i",callbackerr);
+ }
+ }
+ }
+#endif
+
s->ready_workers = 0;
s->associate = nsocket;
s->family = res->ai_family;
@@ -1015,6 +1143,9 @@ void sigterm_handler(int sig __attribute
/* tell master agent we're exiting */
snmp_shutdown("cyrusMaster");
#endif
+#ifdef USE_SLP
+ SLPshutdown();
+#endif
syslog(LOG_INFO, "exiting on SIGTERM/SIGINT");
exit(0);
@@ -1929,6 +2060,16 @@ int main(int argc, char **argv)
syslog(LOG_NOTICE, "process started");
+#ifdef USE_SLP
+ {
+ int slperr;
+ if ( (slperr = SLPOpen(NULL, SLP_FALSE, &phslp)) != SLP_OK ) {
+ syslog(LOG_ERR, "SLPOpen() failed, return code: %d", slperr);
+ }
+ }
+#endif
+
+
#if defined(HAVE_UCDSNMP) || defined(HAVE_NETSNMP)
/* initialize SNMP agent */
++++++ cyrus-imapd-perl-path.patch ++++++
--- tools/arbitronsort.pl 2007/05/23 11:53:02 1.1
+++ tools/arbitronsort.pl 2007/05/23 11:53:12
@@ -1,4 +1,4 @@
-#!/usr/local/bin/perl
+#!/usr/bin/perl
#
# This script takes the output of arbitron (run without the -o option)
++++++ cyrus-imapd_references_header-dos.dif ++++++
Index: cyrus-imapd-2.3.17/imap/index.c
===================================================================
--- cyrus-imapd-2.3.17.orig/imap/index.c
+++ cyrus-imapd-2.3.17/imap/index.c
@@ -192,6 +192,7 @@ static void index_thread_orderedsubj(uns
static void index_thread_sort(Thread *root, struct sortcrit *sortcrit);
static void index_thread_print(Thread *threads, int usinguid);
static void index_thread_ref(unsigned *msgno_list, int nmsg, int usinguid);
+static void massage_header(char *hdr);
/* NOTE: Make sure these are listed in CAPABILITY_STRING */
static const struct thread_algorithm thread_algs[] = {
@@ -4132,6 +4133,7 @@ void index_get_ids(MsgData *msgdata, cha
/* allocate some space for refs */
msgdata->ref = (char **) xmalloc(refsize * sizeof(char *));
/* find references */
+ massage_header(buf);
refstr = buf;
while ((ref = find_msgid(refstr, &refstr)) != NULL) {
/* reallocate space for this msgid if necessary */
++++++ cyrus-imapd_tls-session-leak.dif ++++++
Index: cyrus-imapd-2.3.16/imap/tls.c
===================================================================
--- cyrus-imapd-2.3.16.orig/imap/tls.c
+++ cyrus-imapd-2.3.16/imap/tls.c
@@ -714,6 +714,10 @@ int tls_init_serverengine(const char
if (!SSL_CTX_set_cipher_list(s_ctx, cipher_list)) {
syslog(LOG_ERR,"TLS server engine: cannot load cipher list '%s'",
cipher_list);
+ if ( sess_dbopen && (DB->close)(sessdb) ) {
+ syslog(LOG_ERR, "DBERROR: error closing tlsdb: %s",
+ cyrusdb_strerror(r));
+ }
return (-1);
}
@@ -731,6 +735,10 @@ int tls_init_serverengine(const char
if (!set_cert_stuff(s_ctx, s_cert_file, s_key_file)) {
syslog(LOG_ERR,"TLS server engine: cannot load cert/key data");
+ if ( sess_dbopen && (DB->close)(sessdb) ) {
+ syslog(LOG_ERR, "DBERROR: error closing tlsdb: %s",
+ cyrusdb_strerror(r));
+ }
return (-1);
}
SSL_CTX_set_tmp_rsa_callback(s_ctx, tmp_rsa_cb);
++++++ luser_relay.patch ++++++
From 197203c01da43939bc815691a2face8f9e072e03 Mon Sep 17 00:00:00 2001
From: Ralf Haferkamp
Date: Wed, 13 Jan 2010 11:12:42 +0100
Subject: [PATCH] New option lmtp_luser_relay
Send mail to non-existing mailboxes,to this user. NOTE: This
must be an existing local mailbox name. NOT an email address!
2 files changed, 23 insertions(+), 5 deletions(-)
Index: cyrus-imapd-2.3.16/imap/lmtpengine.c
===================================================================
--- cyrus-imapd-2.3.16.orig/imap/lmtpengine.c
+++ cyrus-imapd-2.3.16/imap/lmtpengine.c
@@ -819,6 +819,8 @@ static int process_recipient(char *addr,
address_data_t *ret = (address_data_t *) xmalloc(sizeof(address_data_t));
int forcedowncase = config_getswitch(IMAPOPT_LMTP_DOWNCASE_RCPT);
int quoted, detail;
+ char *luser_relay = NULL;
+ int has_luser_relay = 0;
assert(addr != NULL && msg != NULL);
@@ -875,6 +877,13 @@ static int process_recipient(char *addr,
}
*dest = '\0';
+ luser_relay = config_getstring(IMAPOPT_LMTP_LUSER_RELAY);
+ if( luser_relay ) {
+ if( !verify_user(luser_relay, NULL, NULL, ignorequota ? -1 : msg->size, msg->authstate) ) {
+ has_luser_relay = 1;
+ }
+ }
+
/* make a working copy of rcpt */
ret->user = ret->rcpt = xstrdup(rcpt);
@@ -900,12 +909,17 @@ static int process_recipient(char *addr,
r = verify_user(ret->user, ret->domain, ret->mailbox,
(quota_t) (ignorequota ? -1 : msg->size), msg->authstate);
if (r) {
- /* we lost */
- free(ret->all);
- free(ret->rcpt);
- free(ret);
- return r;
+ if( r == IMAP_MAILBOX_NONEXISTENT && has_luser_relay ) {
+ ret->user = xstrdup(luser_relay);
+ } else {
+ /* we lost */
+ free(ret->all);
+ free(ret->rcpt);
+ free(ret);
+ return r;
+ }
}
+
ret->ignorequota = ignorequota;
msg->rcpt[msg->rcpt_num] = ret;
Index: cyrus-imapd-2.3.16/lib/imapoptions
===================================================================
--- cyrus-imapd-2.3.16.orig/lib/imapoptions
+++ cyrus-imapd-2.3.16/lib/imapoptions
@@ -1274,6 +1274,10 @@ product version in the capabilities */
interface, otherwise the user is assumed to be in the default
domain (if set). */
+{ "lmtp_luser_relay", NULL, STRING }
+/* Send mail to mailboxes, which do not exists, to this user. NOTE: This must
+ be an existing local mailbox name. NOT an email address! */
+
/*
.SH SEE ALSO
.PP
++++++ pie.patch ++++++
Index: cyrus-imapd-2.3.17/configure.in
===================================================================
--- cyrus-imapd-2.3.17.orig/configure.in
+++ cyrus-imapd-2.3.17/configure.in
@@ -1257,6 +1257,27 @@ AC_SUBST(PERL_SUBDIRS)
AC_SUBST(PERL_DEPSUBDIRS)
AC_SUBST(PERL)
+AC_CACHE_CHECK(for -fpie, libc_cv_fpie, [dnl
+ cat > conftest.c <&AS_MESSAGE_LOG_FD])
+ then
+ libc_cv_fpie=yes
+ PIE_CFLAGS="-fPIE"
+ PIE_LDFLAGS="-pie"
+ else
+ libc_cv_fpie=no
+ PIE_CFLAGS=""
+ PIE_LDFLAGS=""
+ fi
+ rm -f conftest*])
+AC_SUBST(libc_cv_fpie)
+AC_SUBST(PIE_CFLAGS)
+AC_SUBST(PIE_LDFLAGS)
+
AH_TOP([
/*
* Copyright (c) 1994-2008 Carnegie Mellon University. All rights reserved.
Index: cyrus-imapd-2.3.17/imap/Makefile.in
===================================================================
--- cyrus-imapd-2.3.17.orig/imap/Makefile.in
+++ cyrus-imapd-2.3.17/imap/Makefile.in
@@ -70,8 +70,8 @@ DRAC_LIBS = @DRACLIBS@
LIBS = $(IMAP_LIBS) $(IMAP_COM_ERR_LIBS)
DEPLIBS = ../lib/libcyrus.a ../lib/libcyrus_min.a @DEPLIBS@
-CFLAGS = @CFLAGS@
-LDFLAGS = @LDFLAGS@ @COM_ERR_LDFLAGS@
+CFLAGS = @CFLAGS@ @PIE_CFLAGS@
+LDFLAGS = @LDFLAGS@ @COM_ERR_LDFLAGS@ @PIE_LDFLAGS@
SHELL = /bin/sh
MAKEDEPEND = @MAKEDEPEND@
Index: cyrus-imapd-2.3.17/lib/Makefile.in
===================================================================
--- cyrus-imapd-2.3.17.orig/lib/Makefile.in
+++ cyrus-imapd-2.3.17/lib/Makefile.in
@@ -63,8 +63,8 @@ CPPFLAGS = -I.. @CPPFLAGS@ @COM_ERR_CPPF
LIBS = @LIBS@
MAKEDEPEND_CFLAGS = @CFLAGS@
-CFLAGS = @CFLAGS@ @PERL_CCCDLFLAGS@
-LDFLAGS = @LDFLAGS@
+CFLAGS = @CFLAGS@ @PERL_CCCDLFLAGS@ -fPIC
+LDFLAGS = @LDFLAGS@ @PIE_LDFLAGS@
SHELL = /bin/sh
MAKEDEPEND = @MAKEDEPEND@
Index: cyrus-imapd-2.3.17/master/Makefile.in
===================================================================
--- cyrus-imapd-2.3.17.orig/master/Makefile.in
+++ cyrus-imapd-2.3.17/master/Makefile.in
@@ -56,8 +56,8 @@ DEFS = @DEFS@ @LOCALDEFS@
CPPFLAGS = -I.. -I$(srcdir)/../lib -I$(srcdir)/../imap @CPPFLAGS@ @COM_ERR_CPPFLAGS@
DEPLIBS = @DEPLIBS@
-CFLAGS = @CFLAGS@
-LDFLAGS = @LDFLAGS@ @COM_ERR_LDFLAGS@
+CFLAGS = @CFLAGS@ @PIE_CFLAGS@
+LDFLAGS = @LDFLAGS@ @COM_ERR_LDFLAGS@ @PIE_LDFLAGS@
LIBS = ../lib/libcyrus_min.a @LIB_UCDSNMP@ @LIBS@ @COM_ERR_LIBS@ @SLPLIBS@
SHELL = /bin/sh
Index: cyrus-imapd-2.3.17/netnews/Makefile.in
===================================================================
--- cyrus-imapd-2.3.17.orig/netnews/Makefile.in
+++ cyrus-imapd-2.3.17/netnews/Makefile.in
@@ -55,8 +55,8 @@ CPPFLAGS = -I.. -I$(srcdir) -I$(srcdir)/
LIBS = @IMAP_LIBS@ @LIB_RT@
DEPLIBS = ../lib/libcyrus.a ../lib/libcyrus_min.a @DEPLIBS@
-CFLAGS = @CFLAGS@
-LDFLAGS = @LDFLAGS@
+CFLAGS = @CFLAGS@ @PIE_CFLAGS@
+LDFLAGS = @LDFLAGS@ @PIE_LDFLAGS@
SHELL = /bin/sh
MAKEDEPEND = @MAKEDEPEND@
Index: cyrus-imapd-2.3.17/notifyd/Makefile.in
===================================================================
--- cyrus-imapd-2.3.17.orig/notifyd/Makefile.in
+++ cyrus-imapd-2.3.17/notifyd/Makefile.in
@@ -56,8 +56,8 @@ CYRUS_GROUP=@cyrus_group@
DEFS = @DEFS@ @LOCALDEFS@
CPPFLAGS = -I.. -I$(srcdir)/../sieve -I$(srcdir)/../imap -I$(srcdir)/../lib @COM_ERR_CPPFLAGS@ @CPPFLAGS@ @SASLFLAGS@
-CFLAGS = @CFLAGS@
-LDFLAGS = @LDFLAGS@
+CFLAGS = @CFLAGS@ @PIE_CFLAGS@
+LDFLAGS = @LDFLAGS@ @PIE_LDFLAGS@
prefix = @prefix@
exec_prefix = @exec_prefix@
Index: cyrus-imapd-2.3.17/perl/sieve/lib/Makefile.in
===================================================================
--- cyrus-imapd-2.3.17.orig/perl/sieve/lib/Makefile.in
+++ cyrus-imapd-2.3.17/perl/sieve/lib/Makefile.in
@@ -58,7 +58,7 @@ IMAP_LIBS = @IMAP_LIBS@
DEPLIBS = ../../../lib/libcyrus.a ../../../lib/libcyrus_min.a @DEPLIBS@
MAKEDEPEND_CFLAGS = @CFLAGS@
-CFLAGS = @CFLAGS@ @PERL_CCCDLFLAGS@
+CFLAGS = @CFLAGS@ @PERL_CCCDLFLAGS@ -fPIC
LDFLAGS = @LDFLAGS@
SHELL = /bin/sh
Index: cyrus-imapd-2.3.17/sieve/Makefile.in
===================================================================
--- cyrus-imapd-2.3.17.orig/sieve/Makefile.in
+++ cyrus-imapd-2.3.17/sieve/Makefile.in
@@ -60,8 +60,8 @@ COMPILE_ET = @COMPILE_ET@
DEFS = @DEFS@ @LOCALDEFS@
CPPFLAGS = -I.. -I$(srcdir)/../lib @COM_ERR_CPPFLAGS@ @CPPFLAGS@ @SASLFLAGS@
MAKEDEPEND_CFLAGS = @CFLAGS@
-CFLAGS = @CFLAGS@ @PERL_CCCDLFLAGS@
-LDFLAGS = @LDFLAGS@
+CFLAGS = @CFLAGS@ @PERL_CCCDLFLAGS@ @PIE_CFLAGS@
+LDFLAGS = @LDFLAGS@ @PIE_LDFLAGS@
MAKEDEPEND = @MAKEDEPEND@
Index: cyrus-imapd-2.3.17/syslog/Makefile.in
===================================================================
--- cyrus-imapd-2.3.17.orig/syslog/Makefile.in
+++ cyrus-imapd-2.3.17/syslog/Makefile.in
@@ -55,8 +55,8 @@ DEFS = @DEFS@
CPPFLAGS = @CPPFLAGS@
LIBS = @LIBS@
-CFLAGS = @CFLAGS@
-LDFLAGS = @LDFLAGS@
+CFLAGS = @CFLAGS@ @PIE_CFLAGS@
+LDFLAGS = @LDFLAGS@ @PIE_LDFLAGS@
SHELL = /bin/sh
MAKEDEPEND = @MAKEDEPEND@
Index: cyrus-imapd-2.3.17/timsieved/Makefile.in
===================================================================
--- cyrus-imapd-2.3.17.orig/timsieved/Makefile.in
+++ cyrus-imapd-2.3.17/timsieved/Makefile.in
@@ -56,8 +56,8 @@ CYRUS_GROUP=@cyrus_group@
DEFS = @DEFS@ @LOCALDEFS@
CPPFLAGS = -I.. -I$(srcdir)/../sieve -I$(srcdir)/../imap -I$(srcdir)/../lib @COM_ERR_CPPFLAGS@ @CPPFLAGS@ @SASLFLAGS@
-CFLAGS = @CFLAGS@
-LDFLAGS = @LDFLAGS@
+CFLAGS = @CFLAGS@ @PIE_CFLAGS@
+LDFLAGS = @LDFLAGS@ @PIE_LDFLAGS@
prefix = @prefix@
exec_prefix = @exec_prefix@
Index: cyrus-imapd-2.3.17/com_err/et/Makefile.in
===================================================================
--- cyrus-imapd-2.3.17.orig/com_err/et/Makefile.in
+++ cyrus-imapd-2.3.17/com_err/et/Makefile.in
@@ -58,8 +58,8 @@ DEFS = @DEFS@
CPPFLAGS = @CPPFLAGS@
LIBS = @LIBS@
-CFLAGS = @CFLAGS@
-LDFLAGS = @LDFLAGS@
+CFLAGS = @CFLAGS@ @PIE_CFLAGS@
+LDFLAGS = @LDFLAGS@ @PIE_LDFLAGS@
SHELL = /bin/sh
++++++ syslog-facility-doc.patch ++++++
From 52753d22537cc8af9dbed6a6acc5c32c78e272b0 Mon Sep 17 00:00:00 2001
From: Ralf Haferkamp
Date: Fri, 9 Apr 2010 11:49:37 +0200
Subject: [PATCH] syslog facility doc
We build with "--with-syslogfacility=DAEMON" since quite some
time
---
doc/install-configure.html | 4 ++--
doc/overview.html | 2 +-
doc/text/install-configure | 4 ++--
doc/text/overview | 2 +-
4 files changed, 6 insertions(+), 6 deletions(-)
diff --git a/doc/install-configure.html b/doc/install-configure.html
index 2b4b567..9b0a408 100644
--- a/doc/install-configure.html
+++ b/doc/install-configure.html
@@ -44,10 +44,10 @@ it does not, replace the system "<tt>syslogd</tt>" and
If you do not copy the "<tt>syslog/syslog.conf</tt>" file to the
"<tt>/etc</tt>" directory, be sure to add support for
-"<tt>local6.debug</tt>". The file should include a line like:
+"<tt>daemon.debug</tt>". The file should include a line like:
<pre>
- local6.debug /var/log/imapd.log
+ daemon.debug /var/log/imapd.log
</pre>
You probably also want to log SASL messages with a line like:
diff --git a/doc/overview.html b/doc/overview.html
index 15c351c..a63b3fd 100644
--- a/doc/overview.html
+++ b/doc/overview.html
@@ -622,7 +622,7 @@ server exports MIT's KPOP protocol instead of generic POP3.
<h3><a name="syslog">The <TT>syslog</TT> facility</a></h3>
-The Cyrus IMAP server software sends log messages to the "<TT>local6</TT>"
+The Cyrus IMAP server software sends log messages to the "<TT>daemon</TT>"
syslog facility. The severity levels used are:
<UL>
diff --git a/doc/text/install-configure b/doc/text/install-configure
index f0b88b2..0fcb597 100644
--- a/doc/text/install-configure
+++ b/doc/text/install-configure
@@ -28,10 +28,10 @@ Installing and configuring the IMAP Server
mv syslog.conf /etc/syslog.conf
If you do not copy the "syslog/syslog.conf" file to the "/etc"
- directory, be sure to add support for "local6.debug". The file
+ directory, be sure to add support for "daemon.debug". The file
should include a line like:
- local6.debug /var/log/imapd.log
+ daemon.debug /var/log/imapd.log
You probably also want to log SASL messages with a line like:
diff --git a/doc/text/overview b/doc/text/overview
index 91aa4b5..5a8c552 100644
--- a/doc/text/overview
+++ b/doc/text/overview
@@ -545,7 +545,7 @@ POP3 Server
The syslog facility
- The Cyrus IMAP server software sends log messages to the "local6"
+ The Cyrus IMAP server software sends log messages to the "daemon"
syslog facility. The severity levels used are:
* CRIT - Critical errors which probably require prompt administrator
--
1.7.0.2
++++++ user_deny_db-once.patch ++++++
++++ 634 lines (skipped)