Hello community, here is the log from the commit of package cyrus-imapd.4285 for openSUSE:13.1:Update checked in at 2015-12-04 11:41:22 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:13.1:Update/cyrus-imapd.4285 (Old) and /work/SRC/openSUSE:13.1:Update/.cyrus-imapd.4285.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "cyrus-imapd.4285" Changes: -------- New Changes file: --- /dev/null 2015-11-02 12:10:47.524024255 +0100 +++ /work/SRC/openSUSE:13.1:Update/.cyrus-imapd.4285.new/cyrus-imapd.changes 2015-12-04 11:41:24.000000000 +0100 @@ -0,0 +1,1518 @@ +------------------------------------------------------------------- +Sun Nov 15 11:48:17 UTC 2015 - [email protected] + +- Added cyrus-imapd-2.3.19-CVE-2015-8077.patch: + boo#954200, CVE-2015-8077: Integer overflow in range checks + +------------------------------------------------------------------- +Sun Aug 23 10:55:58 UTC 2015 - [email protected] + +- Update to 2.3.19 [boo#945841] + * Security fix: handle urlfetch range starting outside message range + * Disable use of SSLv2/SSLv3 + * Support for Berkeley DB 5.x (thanks Ondrej Sury) + * Support for newer glibc versions (thanks Thomas Jarosch) + * Fixed bug #3465: support for perl 5.14 (thanks [email protected]) + * Fixed bug #3640: reject NULL bytes in headers on LMTP delivery (thanks Julien Coloos) + +- Rebased the following patch + * cyrus-imapd-db6.diff as cyrus-imapd-2.3.19-db6.patch + +- Removed the following patches (included upstream) + - cyrus-imapd-perl-5.14.patch + +------------------------------------------------------------------- +Thu Jun 20 09:29:07 UTC 2013 - [email protected] + +- Move kolab tag from package name to version field + +------------------------------------------------------------------- +Fri Jun 14 01:06:46 UTC 2013 - [email protected] + +- Add cyrus-imapd-db6.diff to fix compile abort with db >= 5 + +------------------------------------------------------------------- +Mon May 27 08:29:47 UTC 2013 - [email protected] + +- Package perl-Cyrus-SIEVE-managesieve provides the sieveshell as + well as the package python-managesieve, therefore make them + conflicting + +------------------------------------------------------------------- +Tue May 21 10:39:20 UTC 2013 - [email protected] + +- Added /var/lib/imap/ptclient to %files section + +------------------------------------------------------------------- +Fri Feb 15 11:26:29 UTC 2013 - [email protected] + +- enable --with-ldap option + +------------------------------------------------------------------- +Tue Jun 19 11:24:06 UTC 2012 - [email protected] + +- allocate the right size (reported by [email protected]) + +------------------------------------------------------------------- +Fri Dec 2 07:47:58 UTC 2011 - [email protected] + +- add automake as buildrequire to avoid implicit dependency + +------------------------------------------------------------------- +Wed Oct 5 07:10:08 UTC 2011 - [email protected] + +- Update to 2.3.18: + Malicious NNTP clients could bypass the authentication and + execute commands that normally require authentication. + (bnc#719998, CVE-2011-3372) + +------------------------------------------------------------------- +Tue Sep 27 16:36:08 CEST 2011 - [email protected] + +- parallel make is not possible, see openSUSE:Factory:PowerPC build failure. + +------------------------------------------------------------------- +Wed Sep 21 09:34:04 UTC 2011 - [email protected] + +- Update to 2.3.17. Only change: + * includes the nntpd bufferoverflow patch +- Refreshed KOLAB patches +- Fixed a potential DoS bug, when server-side threading is used + (bnc#718428) + +------------------------------------------------------------------- +Sun Sep 18 00:14:26 UTC 2011 - [email protected] + +- Remove redundant tags/sections from specfile +- Use %_smp_mflags for parallel build + +------------------------------------------------------------------- +Thu Sep 1 09:08:52 UTC 2011 - [email protected] + +- Fixed a buffer overflow in nntpd (bnc#715251) + +------------------------------------------------------------------- +Mon Jun 20 09:50:50 UTC 2011 - [email protected] + +- TLS initialization failures could lead to a bdb resource leak + resulting lmtpd to stop delivering mails. (bnc#606710, + cyrus-bug#3252) + +------------------------------------------------------------------- +Mon May 23 14:17:33 UTC 2011 - [email protected] + +- Fixed STARTTLS plaintext command injection vulnerability + (bnc#694247, cyrus-bug#3425) +- Fixed building against newer perl release (5.14) + +------------------------------------------------------------------- +Tue Dec 7 21:56:34 UTC 2010 - [email protected] + +- remove /var/adm/perl-modules + +------------------------------------------------------------------- +Fri Nov 19 08:56:19 UTC 2010 - [email protected] + +- Fixed cronjob to include the correct path to ctl_mboxlist + (bnc#650919) + +------------------------------------------------------------------- +Wed Oct 27 15:37:35 UTC 2010 - [email protected] + +- removed unneeded authid_normalize.patch the same functionality + is already available through "username_tolower" since quite some + time. + +------------------------------------------------------------------- +Thu Sep 30 09:34:35 UTC 2010 - [email protected] + +- Check for libdb 4.8 presence + +------------------------------------------------------------------- +Sun Jun 13 13:00:36 UTC 2010 - [email protected] + +- Define and use _name because the macro expansion is not smart enough. + Without this construction the name definition of cyrus-imapd-kolab is + changed to cyrus-imapd. + +------------------------------------------------------------------- +Mon May 31 12:55:18 UTC 2010 - [email protected] + +- Don't create unneeded /var/lib/db/deliverdb directory +- Add a default DB_CONFIG to avoid berkely db errors for deliver.db + (bnc#606710) + +------------------------------------------------------------------- +Wed May 19 09:07:09 UTC 2010 - [email protected] + +- Removed unneeded useradd call from %install section +- Fix the package naming for kolab package again (the last sumbit + request broke that accidently) + +------------------------------------------------------------------- +Mon May 3 12:40:46 UTC 2010 - [email protected] + +- Only try to open user_deny.db once upon startup (bnc#601971). + Backported from cvs HEAD. + +------------------------------------------------------------------- +Fri Apr 30 14:37:43 UTC 2010 - [email protected] + +- removed some unneeded patches +- added missing tags to init script + +------------------------------------------------------------------- +Wed Apr 28 11:42:32 UTC 2010 - [email protected] + +- Changed cyrus' homedir to /var/lib/imap + +------------------------------------------------------------------- +Tue Apr 13 18:37:45 UTC 2010 - [email protected] + +- Remove the obsolete tag "AutoReqProv: on", its default value is + already "on". + +------------------------------------------------------------------- +Mon Apr 12 19:15:58 UTC 2010 - [email protected] + +- Use cyrus-imapd-kolab when the package is build with kolab enabled +- Use the preferred Requires(pre) tag instead of PreReq + +------------------------------------------------------------------- +Fri Apr 9 10:20:34 UTC 2010 - [email protected] + +- Adjusted documentation to reflect the correct syslog facility + that the packages are build with ("daemon" instead of "local6") + +------------------------------------------------------------------- +Tue Mar 30 11:35:40 UTC 2010 - [email protected] + +- Removed Patch101 KOLAB_cyrus-imapd-%{version}_Annotations2.patch +- Change Source107 to Patch107 + + +------------------------------------------------------------------- +Tue Mar 30 08:33:47 UTC 2010 - [email protected] + +- Mention KOLAB_cyrus-imapd-2.3.16_cross-domain-acls.patch in the ++++ 1321 more lines (skipped) ++++ between /dev/null ++++ and /work/SRC/openSUSE:13.1:Update/.cyrus-imapd.4285.new/cyrus-imapd.changes New: ---- DB_CONFIG KOLAB_cyrus-imapd-2.3.18_Cyradm_Annotations.patch KOLAB_cyrus-imapd-2.3.18_Folder-names.patch KOLAB_cyrus-imapd-2.3.18_Groups2.patch KOLAB_cyrus-imapd-2.3.18_Logging.patch KOLAB_cyrus-imapd-2.3.18_UID.patch KOLAB_cyrus-imapd-2.3.18_cross-domain-acls.patch KOLAB_cyrus-imapd-2.3.18_timsieved_starttls-sendcaps.patch charset.patch cyrus-imapd-2.3.16-autocreate-0.10-0.drac.diff cyrus-imapd-2.3.19-CVE-2015-8077.patch cyrus-imapd-2.3.19-db6.patch cyrus-imapd-2.3.19.tar.gz cyrus-imapd-openslp.patch cyrus-imapd-perl-path.patch cyrus-imapd-rc.tar.gz cyrus-imapd.changes cyrus-imapd.spec cyrus-imapd_references_header-dos.dif cyrus-imapd_tls-session-leak.dif luser_relay.patch pie.patch syslog-facility-doc.patch user_deny_db-once.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ cyrus-imapd.spec ++++++ # # spec file for package cyrus-imapd # # Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed # upon. The license for this file, and modifications and additions to the # file, is the same license as for the pristine package itself (unless the # license for the pristine package is not an Open Source License, in which # case the license is the MIT License). An "Open Source License" is a # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. # Please submit bugfixes or comments via http://bugs.opensuse.org/ # %if ! %{defined with_kolab} %global with_kolab 0 %endif %global __version 2.3.19 %if ! %{with_kolab} %global _version %{__version} %else %global _version %{__version}_kolab %endif Name: cyrus-imapd Url: http://cyrusimap.web.cmu.edu/ Summary: The Cyrus IMAP and POP Mail Server License: BSD-3-Clause Group: Productivity/Networking/Email/Servers Version: %{_version} Release: 0 Source: %{name}-%{__version}.tar.gz Source1: cyrus-imapd-rc.tar.gz Source2: DB_CONFIG # The autocreate Patchset is maintained at: # http://email.uoa.gr/projects/cyrus/autocreate/ Patch1: cyrus-imapd-2.3.16-autocreate-0.10-0.drac.diff Patch4: luser_relay.patch Patch5: user_deny_db-once.patch Patch7: syslog-facility-doc.patch Patch10: cyrus-imapd-openslp.patch Patch12: pie.patch Patch18: cyrus-imapd-perl-path.patch Patch22: cyrus-imapd_tls-session-leak.dif Patch23: cyrus-imapd_references_header-dos.dif Patch24: charset.patch Patch25: cyrus-imapd-2.3.19-db6.patch # PATCH-FIX-UPSTREAM -- Fix for CVE-2015-8077 Patch26: cyrus-imapd-2.3.19-CVE-2015-8077.patch %if %{with_kolab} # KOLAB_cyrus-imapd patches are maintained at # http://kolab.org/cgi-bin/viewcvs-kolab.cgi/server/imapd/patches/ Patch100: KOLAB_cyrus-imapd-2.3.18_Cyradm_Annotations.patch Patch102: KOLAB_cyrus-imapd-2.3.18_Folder-names.patch Patch103: KOLAB_cyrus-imapd-2.3.18_Groups2.patch Patch104: KOLAB_cyrus-imapd-2.3.18_Logging.patch Patch105: KOLAB_cyrus-imapd-2.3.18_timsieved_starttls-sendcaps.patch Patch106: KOLAB_cyrus-imapd-2.3.18_UID.patch Patch107: KOLAB_cyrus-imapd-2.3.18_cross-domain-acls.patch %endif BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildRequires: automake BuildRequires: bison BuildRequires: cyrus-sasl-devel BuildRequires: db-devel BuildRequires: drac BuildRequires: ed BuildRequires: flex BuildRequires: krb5-devel BuildRequires: openldap2-devel BuildRequires: openslp-devel BuildRequires: openssl-devel BuildRequires: opie BuildRequires: perl-Digest-SHA1 BuildRequires: pwdutils BuildRequires: tcpd-devel Requires(pre): /usr/sbin/useradd /usr/sbin/usermod %insserv_prereq %fillup_prereq /bin/sed Requires(pre): /bin/awk /bin/grep /bin/cat /usr/bin/find /usr/bin/db_verify sh-utils Requires(pre): fileutils cyrus-sasl netcfg /usr/bin/strings Recommends: cron Requires: perl-Cyrus-IMAP Requires: perl-Cyrus-SIEVE-managesieve Recommends: perl-TermReadLine-Gnu Conflicts: imap courier-imap Conflicts: cyrus-imapd-kolab %package -n perl-Cyrus-IMAP Conflicts: perl-Cyrus-IMAP-kolab Summary: Cyrus IMAP Perl Module Group: Development/Libraries/Perl Requires: perl = %{perl_version} %package -n perl-Cyrus-SIEVE-managesieve Conflicts: perl-Cyrus-SIEVE-managesieve-kolab Conflicts: python-managesieve Summary: A Perl Module for Cyrus SIEVE Group: Development/Libraries/Perl Requires: perl = %{perl_version} Recommends: perl-TermReadLine-Gnu %package -n %{name}-devel Conflicts: cyrus-imapd-kolab Summary: Libraries and Includes for Cyrus IMAPd Group: Development/Libraries/C and C++ %description Cyrus is a highly scalable enterprise mail system designed for use in enterprise environments of various sizes using standards based technologies. Cyrus technologies scale from independent use in email departments to a system centrally managed in a large enterprise. %description -n perl-Cyrus-IMAP A Cyrus IMAP Perl module for the Cyrus IMAPD. %description -n perl-Cyrus-SIEVE-managesieve A Perl module for Cyrus SIEVE. %description -n %{name}-devel This package provides the libraries and include files for Cyrus IMAPd. %define cyrus_uid 96 %prep %setup -q -a 1 -n %{name}-%{__version} patch -s -p0 < contrib/drac_auth.patch %patch1 -p1 %patch4 -p1 %patch5 -p1 %patch7 -p1 %patch10 %patch12 -p1 %patch18 %patch22 -p1 %patch23 -p1 %patch24 -p1 %patch25 -p1 %patch26 -p1 %if %{with_kolab} %patch100 -p1 %patch102 -p1 %patch103 -p1 %patch104 -p1 %patch105 -p1 %patch106 -p1 %patch107 -p1 %endif %build rm -fr aclocal.m4 configure config.h.in autom4te.cache sh SMakefile %if %{with_kolab} # CONFIGURE_ARGS="--with-ldap=%%{_includedir}" # Kolab*_UID.patch breaks the configure argument --with-ldap=%%{_includedir}. It is not # picked up by configure, use the line below as a workaround until the # configure --with-ldap actually works sed -i 's;\(IMAP_LIBS="${LIB_SASL}\) \(.*"\);\1 -lldap -llber \2;g' configure %endif export CFLAGS="$RPM_OPT_FLAGS -fno-strict-aliasing -I/usr/include/kerberosIV -I%{_libdir}/sasl2/include" ./configure --prefix=/usr \ --mandir=%{_mandir} \ --libdir=%{_libdir} \ --localstatedir=/var/lib \ --enable-idled \ --enable-murder \ --enable-netscapehack \ --enable-nntp \ --enable-replication \ --with-com_err=yes \ --with-cyrus-user=cyrus \ --with-cyrus-group=mail \ --with-cyrus-prefix=/usr/lib/cyrus \ --with-drac=%{_libdir} \ --with-gss_impl=auto \ --with-ldap=%{_includedir} \ --with-libwrap=/usr \ --with-lock=fcntl \ --with-openslp=%{_libdir} \ --with-openssl \ --with-perl=/usr/bin/perl \ --with-syslogfacility=DAEMON \ --without-ucdsnmp $CONFIGURE_ARGS make depend %{?_smp_mflags} make %{?_smp_mflags} %install mkdir -p $RPM_BUILD_ROOT/etc/init.d mkdir -p $RPM_BUILD_ROOT/etc/pam.d install -m 644 SuSE/imap $RPM_BUILD_ROOT/etc/pam.d/imap install -m 644 SuSE/pop $RPM_BUILD_ROOT/etc/pam.d/pop install -m 644 SuSE/sieve $RPM_BUILD_ROOT/etc/pam.d/sieve mkdir -p $RPM_BUILD_ROOT/etc/cron.daily mkdir -p $RPM_BUILD_ROOT/sbin mkdir -p $RPM_BUILD_ROOT/var/adm install -m 755 SuSE/rc.cyrus $RPM_BUILD_ROOT/etc/init.d/cyrus ln -sf ../etc/init.d/cyrus $RPM_BUILD_ROOT/sbin/rccyrus install -m 755 SuSE/cron.daily.cyrus $RPM_BUILD_ROOT/etc/cron.daily/suse.de-cyrus-imapd rm -f tools/config2* rm -rf tools/CVS rm -rf contrib chmod 644 doc/internal/*.html mkdir -p $RPM_BUILD_ROOT/usr/lib/cyrus/tools/ install -m 755 tools/* $RPM_BUILD_ROOT/usr/lib/cyrus/tools/ #***************************************************************************** # SuSEfirewall2 Services #***************************************************************************** install -d $RPM_BUILD_ROOT/etc/sysconfig/SuSEfirewall2.d/services/ install -m 644 SuSE/SuSEfirewall2.cyrus-imapd $RPM_BUILD_ROOT/etc/sysconfig/SuSEfirewall2.d/services/cyrus-imapd export DESTDIR=$RPM_BUILD_ROOT make install # make install results in make install within the perl modules subdir, so # remove the stuff from buildroot to satisfy the picky rpm4, as we don't need # it and use install_vendor for perl modules below rm -rf $RPM_BUILD_ROOT/%{perl_sitelib} rm -rf $RPM_BUILD_ROOT/%{perl_sitearch} #***************************************************************************** # perl modules #***************************************************************************** # Cyrus IMAP #***************************************************************************** cd perl/imap make DESTDIR=$RPM_BUILD_ROOT install_vendor %perl_process_packlist -n perl-Cyrus-IMAP cd - #***************************************************************************** # Cyrus SIEVE managesieve #***************************************************************************** cd perl/sieve/managesieve make DESTDIR=$RPM_BUILD_ROOT install_vendor %perl_process_packlist -n perl-Cyrus-SIEVE-managesieve cd - #***************************************************************************** install -m 644 SuSE/imapd.conf $RPM_BUILD_ROOT/etc/imapd.conf install -m 644 SuSE/cyrus.conf $RPM_BUILD_ROOT/etc/cyrus.conf install -d -m 750 $RPM_BUILD_ROOT/var/lib/imap/user install -d -m 750 $RPM_BUILD_ROOT/var/lib/imap/quota install -d -m 700 $RPM_BUILD_ROOT/var/lib/imap/ptclient install -d -m 750 $RPM_BUILD_ROOT/var/lib/imap/proc install -d -m 750 $RPM_BUILD_ROOT/var/lib/imap/log install -d -m 750 $RPM_BUILD_ROOT/var/lib/imap/msg install -d -m 750 $RPM_BUILD_ROOT/var/lib/imap/db install -m 644 %{SOURCE2} $RPM_BUILD_ROOT/var/lib/imap/db install -d -m 750 $RPM_BUILD_ROOT/var/lib/imap/socket install -d -m 750 $RPM_BUILD_ROOT/var/lib/sieve for i in a b c d e f g h i j k l m n o p q r s t u v w x y z; do install -d -m 755 $RPM_BUILD_ROOT/var/lib/imap/user/$i install -d -m 755 $RPM_BUILD_ROOT/var/lib/imap/quota/$i install -d -m 750 $RPM_BUILD_ROOT/var/lib/sieve/$i done #chown -R cyrus:mail $RPM_BUILD_ROOT/var/lib/imap #chown -R cyrus:mail $RPM_BUILD_ROOT/var/lib/sieve install -d -m 750 $RPM_BUILD_ROOT/var/spool/imap install -d -m 750 $RPM_BUILD_ROOT/var/adm/backup/imap #chown cyrus:mail $RPM_BUILD_ROOT/var/spool/imap mv $RPM_BUILD_ROOT/%{_mandir}/man8/master.8 \ $RPM_BUILD_ROOT/%{_mandir}/man8/cyrus_master.8 mv $RPM_BUILD_ROOT/%{_mandir}/man8/idled.8 \ $RPM_BUILD_ROOT/%{_mandir}/man8/cyrus_idled.8 mv $RPM_BUILD_ROOT/%{_mandir}/man8/fetchnews.8 \ $RPM_BUILD_ROOT/%{_mandir}/man8/cyrus_fetchnews.8 find . -type d -a -name CVS | xargs rm -rfv find . -type f -a -name .cvsignore | xargs rm -rfv %pre /usr/sbin/useradd -r -o -g mail -u %{cyrus_uid} -s /bin/bash -c "User for cyrus-imapd" -d /var/lib/imap cyrus 2> /dev/null || : /usr/sbin/usermod -d /var/lib/imap cyrus || : %preun %stop_on_removal cyrus %post # Is this section still needed? If so, it's not working, so it should be rewritten. # Also, Sieve port changed to 4190 (see http://www.ietf.org/assignments/service-names-port-numbers/service-names-port-numbers.txt). grep -E "^sieve" etc/services >/dev/null || { echo "Adding sieve service to /etc/services" CFBAK=services.`date +%Y-%m-%d` CFNEW=services.$$ cat etc/services | awk ' BEGIN { OFS="\t"; ORS="\n"; } /^#/ { print; next; } /[[:space:]]+2000\/(tcp|udp)/ { printf "sieve\t\t%s\t# Cyrus SIEVE\n", $2; next; } { print; next; };' > etc/$CFNEW echo "Backing up old services as $CFBAK" cp --remove-destination etc/services etc/$CFBAK mv etc/$CFNEW etc/services } # End of section in question. SIEVEUP= IMAPUP= test $1 -gt 1 && test -d usr/sieve -a ! -L usr/sieve && SIEVEUP=yes test $1 -gt 1 && test -d var/imap -a ! -L var/imap && IMAPUP=yes test -n "`find var/lib/sieve -type f`" && { SIEVEUP= } test -n "`find var/lib/imap -type f`" && { IMAPUP= } test -n "$SIEVEUP" && { echo "Creating compatibility symlink /var/lib/sieve -> /usr/sieve" rm -rf var/lib/sieve ln -sf ../../usr/sieve var/lib/sieve } test -n "$IMAPUP" && { echo "Creating compatibility symlink /var/lib/imap -> /var/imap" rm -rf var/lib/imap ln -sf ../imap /var/lib/imap } %{fillup_and_insserv cyrus} %postun %restart_on_update cyrus %insserv_cleanup %files %defattr(-,root,root) %config /etc/pam.d/* %config /etc/cron.daily/suse.de-cyrus-imapd %config(noreplace) /etc/imapd.conf %config(noreplace) /etc/cyrus.conf %config /etc/sysconfig/SuSEfirewall2.d/services/cyrus-imapd %dir %attr(0750, cyrus, mail) /var/lib/imap %attr(0750, cyrus, mail) /var/lib/imap/log %attr(0750, cyrus, mail) /var/lib/imap/msg %attr(0750, cyrus, mail) /var/lib/imap/proc %attr(0750, cyrus, mail) /var/lib/imap/quota %attr(0700, cyrus, mail) /var/lib/imap/ptclient %attr(0750, cyrus, mail) /var/lib/imap/user %attr(0750, cyrus, mail) /var/lib/imap/socket %dir %attr(0750, cyrus, mail) /var/lib/imap/db %config(noreplace) /var/lib/imap/db/DB_CONFIG %attr(0750, cyrus, mail) /var/lib/sieve %attr(0750, cyrus, mail) /var/spool/imap %attr(0750, cyrus, mail) /var/adm/backup/imap /etc/init.d/cyrus /sbin/rccyrus /usr/lib/cyrus /usr/bin/cyradm /usr/bin/imtest /usr/bin/lmtptest /usr/bin/mupdatetest /usr/bin/nntptest /usr/bin/pop3test /usr/bin/sivtest /usr/bin/smtptest /usr/bin/synctest %doc %{_mandir}/man1/cyradm.1.gz %doc %{_mandir}/man1/imtest.1.gz %doc %{_mandir}/man1/lmtptest.1.gz %doc %{_mandir}/man1/mupdatetest.1.gz %doc %{_mandir}/man1/nntptest.1.gz %doc %{_mandir}/man1/pop3test.1.gz %doc %{_mandir}/man1/sivtest.1.gz %doc %{_mandir}/man1/smtptest.1.gz %doc %{_mandir}/man3/imclient.3.gz %doc %{_mandir}/man5/*.gz %doc %{_mandir}/man8/*.gz %doc COPYRIGHT README README.andrew doc %doc SuSE/README.SuSE %files -n %{name}-devel %defattr(-,root,root) /usr/include/cyrus %{_libdir}/libcyrus.a %{_libdir}/libcyrus_min.a %files -n perl-Cyrus-IMAP %defattr(-,root,root) %dir %{perl_vendorarch}/Cyrus %{perl_vendorarch}/Cyrus/IMAP %{perl_vendorarch}/Cyrus/IMAP.pm %dir %{perl_vendorarch}/auto/Cyrus %{perl_vendorarch}/auto/Cyrus/IMAP %if %{suse_version} < 1140 /var/adm/perl-modules/perl-Cyrus-IMAP %endif %doc %{_mandir}/man3/Cyrus::IMAP* %files -n perl-Cyrus-SIEVE-managesieve %defattr(-,root,root) /usr/bin/installsieve /usr/bin/sieveshell %doc %{_mandir}/man1/installsieve.1.gz %doc %{_mandir}/man1/sieveshell.1.gz %dir %{perl_vendorarch}/Cyrus %dir %{perl_vendorarch}/Cyrus/SIEVE %{perl_vendorarch}/Cyrus/SIEVE/managesieve.pm %dir %{perl_vendorarch}/auto/Cyrus %dir %{perl_vendorarch}/auto/Cyrus/SIEVE %{perl_vendorarch}/auto/Cyrus/SIEVE/managesieve %if %{suse_version} < 1140 /var/adm/perl-modules/perl-Cyrus-SIEVE-managesieve %endif %doc %{_mandir}/man3/Cyrus::SIEVE::managesieve.3pm.gz %changelog ++++++ DB_CONFIG ++++++ set_cachesize 0 2097152 1 set_lg_regionmax 2097152 set_lg_bsize 2097152 ++++++ KOLAB_cyrus-imapd-2.3.18_Cyradm_Annotations.patch ++++++ Allows to use arbitrary annotations with the cyradm tool. diff -r 69927cac0b1b doc/man/cyradm.1.html --- a/doc/man/cyradm.1.html Fri Dec 04 10:32:26 2009 +0100 +++ b/doc/man/cyradm.1.html Fri Dec 04 10:32:33 2009 +0100 @@ -220,6 +220,13 @@ <dd> <p>Sets an email address to which messages injected into the server via NNTP will be sent.</p> +</dd> +</li> +<dt><strong><a NAME="item__2fexplicit_2fannotation"><code>/explicit/annotation</code></a></strong> + +<dd> +<p>Sets the annotation <em>/explicit/annotation</em> +on <em>mailbox</em> to <em>value</em>.</p> </dd> <dt><strong><a name="sharedseen" class="item"><code>sharedseen</code></a></strong></dt> diff -r 69927cac0b1b perl/imap/IMAP/Admin.pm --- a/perl/imap/IMAP/Admin.pm Fri Dec 04 10:32:26 2009 +0100 +++ b/perl/imap/IMAP/Admin.pm Fri Dec 04 10:32:33 2009 +0100 @@ -797,11 +797,11 @@ return undef; } - if(!exists($values{$entry})) { - $self->{error} = "Unknown parameter $entry"; + if(exists($values{$entry})) { + $entry = $values{$entry}; + } else { + $self->{error} = "Unknown parameter $entry" unless substr($entry,0,1) eq "/"; } - - $entry = $values{$entry}; my ($rc, $msg); diff -r 69927cac0b1b perl/imap/IMAP/Shell.pm --- a/perl/imap/IMAP/Shell.pm Fri Dec 04 10:32:26 2009 +0100 +++ b/perl/imap/IMAP/Shell.pm Fri Dec 04 10:32:33 2009 +0100 @@ -127,7 +127,7 @@ [\&_sc_info, '[mailbox]', 'display mailbox/server metadata'], mboxcfg => - [\&_sc_mboxcfg, 'mailbox [comment|condstore|expire|news2mail|sharedseen|sieve|squat] value', + [\&_sc_mboxcfg, 'mailbox [comment|condstore|news2mail|expire|sieve|squat|/<explicit annotation>] value', 'configure mailbox'], mboxconfig => 'mboxcfg', reconstruct => @@ -1437,7 +1437,7 @@ while (defined ($opt = shift(@argv))) { last if $opt eq '--'; if ($opt =~ /^-/) { - die "usage: mboxconfig mailbox [comment|condstore|expire|news2mail|sharedseen|sieve|squat] value\n"; + die "usage: mboxconfig mailbox [comment|condstore|expire|news2mail|sharedseen|sieve|squat|/<explicit annotation>] value\n"; } else { push(@nargv, $opt); @@ -1446,7 +1446,7 @@ } push(@nargv, @argv); if (@nargv < 2) { - die "usage: mboxconfig mailbox [comment|condstore|expire|news2mail|sharedseen|sieve|squat] value\n"; + die "usage: mboxconfig mailbox [comment|condstore|expire|news2mail|sharedseen|sieve|squat|/<explicit annotation>] value\n"; } if (!$cyrref || !$$cyrref) { die "mboxconfig: no connection to server\n"; diff -r 69927cac0b1b perl/imap/cyradm.sh --- a/perl/imap/cyradm.sh Fri Dec 04 10:32:26 2009 +0100 +++ b/perl/imap/cyradm.sh Fri Dec 04 10:32:33 2009 +0100 @@ -241,6 +241,10 @@ Indicates that the mailbox should have a squat index created for it. +=item C</explicit/annotation> + +Sets the annotation I</explicit/annotation> on I<mailbox> to I<value>. + =back =item C<renamemailbox> [C<--partition> I<partition>] I<oldname> I<newname> ++++++ KOLAB_cyrus-imapd-2.3.18_Folder-names.patch ++++++ Modifies the set of accepted characters in folder names for the cyrus imapd server [Version: 2.3.9] Index: cyrus-imapd-2.3.17/imap/mboxname.c =================================================================== --- cyrus-imapd-2.3.17.orig/imap/mboxname.c +++ cyrus-imapd-2.3.17/imap/mboxname.c @@ -720,8 +720,10 @@ int mboxname_netnewscheck(char *name) /* * Apply site policy restrictions on mailbox names. * Restrictions are hardwired for now. - */ + * original definition #define GOODCHARS " #$'+,-.0123456789:=@ABCDEFGHIJKLMNOPQRSTUVWXYZ_abcdefghijklmnopqrstuvwxyz~" + */ +#define GOODCHARS " #$%'()*+,-.0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[]^_`abcdefghijklmnopqrstuvwxyz{|}~" int mboxname_policycheck(char *name) { unsigned i; ++++++ KOLAB_cyrus-imapd-2.3.18_Groups2.patch ++++++ diff -r 37030bf2b2bb lib/auth_unix.c --- a/lib/auth_unix.c Fri Dec 04 10:25:24 2009 +0100 +++ b/lib/auth_unix.c Fri Dec 04 10:32:19 2009 +0100 @@ -46,6 +46,7 @@ #include <stdlib.h> #include <pwd.h> #include <grp.h> +#include <stdio.h> #include <ctype.h> #include <string.h> @@ -54,6 +55,126 @@ #include "xmalloc.h" #include "util.h" +#if defined(__FreeBSD__) || defined(__NetBSD__) || defined(__OpenBSD__) +/* + * __getgrent.c - This file is part of the libc-8086/grp package for ELKS, + * Copyright (C) 1995, 1996 Nat Friedman <[email protected]>. + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Library General Public + * License as published by the Free Software Foundation; either + * version 2 of the License, or (at your option) any later version. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Library General Public License for more details. + * + * You should have received a copy of the GNU Library General Public + * License along with this library; if not, write to the Free + * Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. + * + */ + +#include <unistd.h> +#include <string.h> +#include <errno.h> + +static struct group *__getgrent(int grp_fd, char *line_buff, char **members) +{ + short line_index; + short buff_size; + static struct group group; + register char *ptr; + char *field_begin; + short member_num; + char *endptr; + int line_len; + + /* We use the restart label to handle malformatted lines */ + restart: + line_index = 0; + buff_size = 256; + + line_buff = realloc(line_buff, buff_size); + while (1) { + if ((line_len = read(grp_fd, line_buff + line_index, + buff_size - line_index)) <= 0) { + return NULL; + } + field_begin = strchr(line_buff, '\n'); + if (field_begin != NULL) { + lseek(grp_fd, + (long) (1 + field_begin - + (line_len + line_index + line_buff)), SEEK_CUR); + *field_begin = '\0'; + if (*line_buff == '#' || *line_buff == ' ' + || *line_buff == '\n' || *line_buff == '\t') + goto restart; + break; + } else { + /* Allocate some more space */ + line_index = buff_size; + buff_size += 256; + line_buff = realloc(line_buff, buff_size); + } + } + + /* Now parse the line */ + group.gr_name = line_buff; + ptr = strchr(line_buff, ':'); + if (ptr == NULL) + goto restart; + *ptr++ = '\0'; + + group.gr_passwd = ptr; + ptr = strchr(ptr, ':'); + if (ptr == NULL) + goto restart; + *ptr++ = '\0'; + + field_begin = ptr; + ptr = strchr(ptr, ':'); + if (ptr == NULL) + goto restart; + *ptr++ = '\0'; + + group.gr_gid = (gid_t) strtoul(field_begin, &endptr, 10); + if (*endptr != '\0') + goto restart; + + member_num = 0; + field_begin = ptr; + + if (members != NULL) + free(members); + members = (char **) malloc((member_num + 1) * sizeof(char *)); + for ( ; field_begin && *field_begin != '\0'; field_begin = ptr) { + if ((ptr = strchr(field_begin, ',')) != NULL) + *ptr++ = '\0'; + members[member_num++] = field_begin; + members = (char **) realloc(members, + (member_num + 1) * sizeof(char *)); + } + members[member_num] = NULL; + + group.gr_mem = members; + return &group; +} + +static char *line_buff = NULL; +static char **members = NULL; + +struct group *fgetgrent(FILE *file) +{ + if (file == NULL) { + errno = EINTR; + return NULL; + } + return __getgrent(fileno(file), line_buff, members); +} +#endif /* __FreeBSD__ */ + struct auth_state { char userid[81]; char **group; @@ -141,6 +262,25 @@ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 }; +static struct group* fgetgrnam(const char* name) +{ + struct group *grp; + FILE *groupfile; + + groupfile = fopen("/etc/imapd.group", "r"); + if (!groupfile) groupfile = fopen("/etc/group", "r"); + if (groupfile) { + while ((grp = fgetgrent(groupfile))) { + if (strcmp(grp->gr_name, name) == 0) { + fclose(groupfile); + return grp; + } + } + } + if (groupfile) fclose(groupfile); + return NULL; +} + /* * Convert 'identifier' into canonical form. * Returns a pointer to a static buffer containing the canonical form @@ -176,7 +316,7 @@ */ if (!strncmp(retbuf, "group:", 6)) { - grp = getgrnam(retbuf+6); + grp = fgetgrnam(retbuf+6); if (!grp) return NULL; if (strlen(grp->gr_name) >= sizeof(retbuf)-6) return NULL; @@ -224,11 +364,12 @@ struct auth_state *newstate; struct passwd *pwd; struct group *grp; -#if defined(HAVE_GETGROUPLIST) && defined(__GLIBC__) +#if 0 && defined(HAVE_GETGROUPLIST) && defined(__GLIBC__) gid_t gid, *groupids = NULL; int ret, ngroups = 10; #else char **mem; + FILE *groupfile; #endif identifier = mycanonifyid(identifier, 0); @@ -246,7 +387,7 @@ pwd = getpwnam(identifier); -#if defined(HAVE_GETGROUPLIST) && defined(__GLIBC__) +#if 0 && defined(HAVE_GETGROUPLIST) && defined(__GLIBC__) gid = pwd ? pwd->pw_gid : (gid_t) -1; /* get the group ids */ @@ -284,20 +425,23 @@ if (groupids) free(groupids); #else /* !HAVE_GETGROUPLIST */ - setgrent(); - while ((grp = getgrent())) { - for (mem = grp->gr_mem; *mem; mem++) { - if (!strcmp(*mem, identifier)) break; - } + groupfile = fopen("/etc/imapd.group", "r"); + if (!groupfile) groupfile = fopen("/etc/group", "r"); + if (groupfile) { + while ((grp = fgetgrent(groupfile))) { + for (mem = grp->gr_mem; *mem; mem++) { + if (!strcmp(*mem, identifier)) break; + } - if (*mem || (pwd && pwd->pw_gid == grp->gr_gid)) { - newstate->ngroups++; - newstate->group = (char **)xrealloc((char *)newstate->group, - newstate->ngroups * sizeof(char *)); - newstate->group[newstate->ngroups-1] = xstrdup(grp->gr_name); - } - } - endgrent(); + if (*mem || (pwd && pwd->pw_gid == grp->gr_gid)) { + newstate->ngroups++; + newstate->group = (char **)xrealloc((char *)newstate->group, + newstate->ngroups * sizeof(char *)); + newstate->group[newstate->ngroups-1] = xstrdup(grp->gr_name); + } + } + fclose(groupfile); + } #endif /* HAVE_GETGROUPLIST */ return newstate; ++++++ KOLAB_cyrus-imapd-2.3.18_Logging.patch ++++++ Provides improved logging for the cyrus imapd server [Version: 2.3.9] Index: cyrus-imapd-2.3.17/imap/append.c =================================================================== --- cyrus-imapd-2.3.17.orig/imap/append.c +++ cyrus-imapd-2.3.17/imap/append.c @@ -654,6 +654,9 @@ int append_fromstage(struct appendstate /* ok, we've successfully added a message */ as->quota_used += message_index.size; + syslog(LOG_DEBUG, "append_fromstage: message %d added to %s", + message_index.uid, mailbox->name ); + return 0; } Index: cyrus-imapd-2.3.17/imap/imapd.c =================================================================== --- cyrus-imapd-2.3.17.orig/imap/imapd.c +++ cyrus-imapd-2.3.17/imap/imapd.c @@ -3779,6 +3779,8 @@ void cmd_close(char *tag, char *cmd) if ((cmd[0] == 'C') && (imapd_mailbox->myrights & ACL_EXPUNGE)) { if (!mailbox_expunge(imapd_mailbox, NULL, NULL, 0)) { sync_log_mailbox(imapd_mailbox->name); + syslog(LOG_DEBUG, "cmd_expunge: user %s, mailbox %s, sequence %s", + imapd_userid, imapd_mailbox->name, "''"); } } Index: cyrus-imapd-2.3.17/imap/mailbox.c =================================================================== --- cyrus-imapd-2.3.17.orig/imap/mailbox.c +++ cyrus-imapd-2.3.17/imap/mailbox.c @@ -2575,6 +2575,8 @@ int mailbox_expunge(struct mailbox *mail *(fname->tail)++ = '/'; fname->len++; for (msgno = 0; msgno < numdeleted; msgno++) { + syslog(LOG_DEBUG, "mailbox_expunge: removing mail %s:%d", + mailbox->name, deleted[msgno]); mailbox_message_get_fname(mailbox, deleted[msgno], fname->tail, sizeof(fname->buf) - fname->len); ++++++ KOLAB_cyrus-imapd-2.3.18_UID.patch ++++++ Allows login by uid rather than the mail address on the cyrus imapd server [Version: 2.3.9] Index: cyrus-imapd-2.3.17/configure =================================================================== --- cyrus-imapd-2.3.17.orig/configure +++ cyrus-imapd-2.3.17/configure @@ -10860,7 +10860,7 @@ for flag in ${ldflags} ${default_ldflags done IMAP_COM_ERR_LIBS="${COM_ERR_LIBS}" -IMAP_LIBS="${LIB_SASL} ${LIBS} ${SQL_LIBS}" +IMAP_LIBS="${LIB_SASL} -lldap -llber ${LIBS} ${SQL_LIBS}" Index: cyrus-imapd-2.3.17/imap/global.c =================================================================== --- cyrus-imapd-2.3.17.orig/imap/global.c +++ cyrus-imapd-2.3.17/imap/global.c @@ -54,6 +54,9 @@ #include <netinet/in.h> #include <sys/stat.h> +#include <ldap.h> +#include <lber.h> + #if HAVE_UNISTD_H # include <unistd.h> #endif @@ -383,6 +386,18 @@ char *canonify_userid(char *user, char * char *domain = NULL; int len = strlen(user); char buf[81]; + const char *uri; + const char *base; + const char *binddn; + const char *bindpw; + struct timeval timeout; + char filter[255]; + LDAP *handle; + LDAPMessage *res; + LDAPMessage *entry; + struct berval** vals; + + int rc; /* check for domain */ if (config_virtdomains && @@ -401,6 +416,49 @@ char *canonify_userid(char *user, char * } if (config_virtdomains) { + if (config_virtdomains == IMAP_ENUM_VIRTDOMAINS_LDAP) { + uri = config_getstring(IMAPOPT_LDAP_URI); + base = config_getstring(IMAPOPT_LDAP_BASE); + binddn = config_getstring(IMAPOPT_LDAP_BIND_DN); + bindpw = config_getstring(IMAPOPT_LDAP_PASSWORD); + timeout.tv_sec = config_getint(IMAPOPT_LDAP_TIME_LIMIT); + timeout.tv_usec = 0; + sprintf(filter, "(uid=%s)", user); + rc = ldap_initialize(&handle, uri); + if (rc != LDAP_SUCCESS) { + syslog(LOG_ERR, "ldap_initialize failed (%s)", uri); + } else { + rc = ldap_simple_bind_s(handle, binddn, bindpw); + if (rc != LDAP_SUCCESS) { + syslog(LOG_ERR, "ldap_simple_bind() failed %d (%s)", rc, ldap_err2string(rc)); + } else { + rc = ldap_search_st(handle, base, LDAP_SCOPE_SUBTREE, filter, NULL, 0, &timeout, &res); + if (rc != LDAP_SUCCESS) { + syslog(LOG_ERR, "ldap_search_st failed %d (%s)", rc, ldap_err2string(rc)); + } else { + if ( (entry = ldap_first_entry(handle, res)) != NULL ) { + // read mail attribute from entry + if ( (vals = ldap_get_values_len(handle, entry, "mail")) ) { + if (memchr(vals[0]->bv_val, '@', vals[0]->bv_len)) { + static char buf[81]; /* same size as in auth_canonifyid */ + int len = ((sizeof(buf) - 1) > vals[0]->bv_len ? vals[0]->bv_len : sizeof(buf) - 1); + strncpy( buf, vals[0]->bv_val, len); + buf[len] = '\0'; /* make sure it's null-terminated */ + ldap_value_free_len( vals ); + ldap_msgfree( res ); + ldap_unbind_s(handle); /* also frees handle */ + syslog(LOG_DEBUG, "canonify: '%s'\n", buf); + return auth_canonifyid( buf, 0) ; + } + ldap_value_free_len( vals ); + } + } + ldap_msgfree( res ); + } + } + ldap_unbind_s(handle); /* also frees handle */ + } + } if (domain) { if (config_defdomain && !strcasecmp(config_defdomain, domain+1)) { *domain = '\0'; /* trim the default domain */ @@ -413,7 +471,7 @@ char *canonify_userid(char *user, char * user = buf; } } - else if (config_virtdomains != IMAP_ENUM_VIRTDOMAINS_USERID) { + else if (config_virtdomains != IMAP_ENUM_VIRTDOMAINS_USERID && config_virtdomains != IMAP_ENUM_VIRTDOMAINS_LDAP) { socklen_t salen; int error; struct sockaddr_storage localaddr; Index: cyrus-imapd-2.3.17/lib/imapoptions =================================================================== --- cyrus-imapd-2.3.17.orig/lib/imapoptions +++ cyrus-imapd-2.3.17/lib/imapoptions @@ -1265,7 +1265,7 @@ product version in the capabilities */ mailbox hierarchy. The default is to use the netnews separator character '.'. */ -{ "virtdomains", "off", ENUM("off", "userid", "on") } +{ "virtdomains", "off", ENUM("off", "userid", "ldap", "on") } /* Enable virtual domain support. If enabled, the user's domain will be determined by splitting a fully qualified userid at the last '@' or '%' symbol. If the userid is unqualified, and the virtdomains ++++++ KOLAB_cyrus-imapd-2.3.18_cross-domain-acls.patch ++++++ Index: cyrus-imapd-2.3.17/imap/mboxlist.c =================================================================== --- cyrus-imapd-2.3.17.orig/imap/mboxlist.c +++ cyrus-imapd-2.3.17/imap/mboxlist.c @@ -1618,7 +1618,7 @@ int mboxlist_setacl(const char *name, co except for "anonymous", "anyone", the global admin and users in the default domain */ if ((cp = strchr(identifier, '@'))) { - if (rights && + if (!config_getswitch(IMAPOPT_ALLOWCROSSDOMAINACLS) && rights && ((domain && strncasecmp(cp+1, domain, strlen(cp+1))) || (!domain && (!config_defdomain || strcasecmp(config_defdomain, cp+1))))) { @@ -1960,6 +1960,7 @@ struct find_rock { int usermboxnamelen; int checkmboxlist; int checkshared; + int crossdomain; int isadmin; struct auth_state *auth_state; int (*proc)(char *, int, int, void *rock); @@ -1977,7 +1978,9 @@ static int find_p(void *rockp, long matchlen; /* don't list mailboxes outside of the default domain */ - if (!rock->domainlen && !rock->isadmin && memchr(key, '!', keylen)) return 0; + if (!rock->domainlen && !rock->isadmin && memchr(key, '!', keylen) && + !config_getswitch(IMAPOPT_ALLOWCROSSDOMAINACLS)) + return 0; minmatch = 0; if (rock->inboxoffset) { @@ -2150,6 +2153,23 @@ static int find_cb(void *rockp, } rock->checkshared = 0; + + if (rock->find_namespace == NAMESPACE_USER && + config_getswitch(IMAPOPT_ALLOWCROSSDOMAINACLS) && !rock->isadmin && + !rock->crossdomain) { + char *cp = strchr(namebuf+rock->inboxoffset, '!'); + if (cp) { + int local_matchlen = (matchlen - 1 - + (cp - (namebuf+rock->inboxoffset))); + if (!strncmp(cp + 1, "user", local_matchlen)) { + r = (*rock->proc)(cp + 1, local_matchlen, 1, + rock->procrock); + return CYRUSDB_DONE; + } + } + } + + r = (*rock->proc)(namebuf+rock->inboxoffset, matchlen, 1, rock->procrock); @@ -2170,6 +2190,91 @@ static int find_cb(void *rockp, return r; } + +static void convert_cross_domain_pattern(char *domainpat, int domainpatlen, + char **converted_pattern, + const char *pattern, int *crossdomainmatch, + const char *domain) +{ + int patternlen = strlen(pattern); + char *domain_pattern, *local_dest; + char *local_pattern, *domain_dest; + int local_prefix_len; + const char *src; + int c; + + domain_dest = domain_pattern = xmalloc(patternlen + 1); + local_dest = local_pattern = xmalloc(patternlen + 1); + src = pattern; + + while ((c = *src++)) { + *local_dest++ = c; + if (c == '.' || c == '*') + break; + } + + local_prefix_len = local_dest - local_pattern; + if (c && c != '.') + local_prefix_len -= 1; + if (strncmp(pattern, "user.", local_prefix_len) == 0) { + /* pattern matches "user.*". so convert the domain part of the + * pattern */ + + if (c == '*') { + /* the pattern can match any domain */ + *domain_dest++ = '*'; + } + else if (c == '.') { + while ((c = *src++)) { + if (c == '.') + break; + if (c == '^') + c = '.'; + *domain_dest++ = (c == '%' ? '*' : c); + if (c == '*') + break; + } + + if (c == '*') { + *local_dest++ = '*'; + } + } + + if (c) { + strcpy(local_dest, src); + } + else { + if (local_dest > local_pattern) { + if (local_dest[-1] == '.') { + local_dest--; + } + } + *local_dest = 0; + } + + if (domain_dest == domain_pattern) { + *domain_dest++ = '*'; + } + *domain_dest++ = '!'; + *domain_dest = 0; + + strncpy(domainpat, domain_pattern, domainpatlen); + domainpat[domainpatlen - 1] = 0; + strncat(domainpat, local_pattern, domainpatlen - strlen(domainpat) - 1); + + *converted_pattern = xstrdup(local_pattern); + *crossdomainmatch = 1; + } + else { + /* pattern doesn't contain an explicit domain part */ + snprintf(domainpat, domainpatlen, "*!%s", pattern); + *crossdomainmatch = 0; + } + + free(domain_pattern); + free(local_pattern); +} + /* * Find all mailboxes that match 'pattern'. * 'isadmin' is nonzero if user is a mailbox admin. 'userid' @@ -2193,8 +2298,11 @@ int mboxlist_findall(struct namespace *n char *p; int prefixlen; int userlen = userid ? strlen(userid) : 0, domainlen = 0; + int domainpat_prefixlen = 0; char domainpat[MAX_MAILBOX_BUFFER] = ""; /* do intra-domain fetches only */ char *pat = NULL; + char *converted_pattern = NULL; + int crossdomainmatch = 0; if (config_virtdomains) { char *domain; @@ -2204,8 +2312,10 @@ int mboxlist_findall(struct namespace *n domainlen = strlen(domain); /* includes separator */ if ((p = strchr(pattern , '!'))) { - if ((p-pattern != domainlen-1) || - strncmp(pattern, domain+1, domainlen-1)) { + if (!(config_getswitch(IMAPOPT_ALLOWCROSSDOMAINACLS) && + !isadmin) && + ((p-pattern != domainlen-1) || + strncmp(pattern, domain+1, domainlen-1))) { /* don't allow cross-domain access */ return IMAP_MAILBOX_BADNAME; } @@ -2213,7 +2323,16 @@ int mboxlist_findall(struct namespace *n pattern = p+1; } - snprintf(domainpat, sizeof(domainpat), "%s!%s", domain+1, pattern); + if (!(config_getswitch(IMAPOPT_ALLOWCROSSDOMAINACLS) && !isadmin)) { + snprintf(domainpat, sizeof(domainpat), "%s!%s", domain+1, pattern); + } + else { + convert_cross_domain_pattern(domainpat, sizeof(domainpat), + &converted_pattern, pattern, + &crossdomainmatch, domain + 1); + if (converted_pattern) + pattern = converted_pattern; + } } if ((p = strrchr(pattern, '@'))) { /* global admin specified mbox@domain */ @@ -2243,6 +2362,7 @@ int mboxlist_findall(struct namespace *n cbrock.auth_state = auth_state; cbrock.checkmboxlist = 0; /* don't duplicate work */ cbrock.checkshared = 0; + cbrock.crossdomain = 0; cbrock.proc = proc; cbrock.procrock = rock; @@ -2302,6 +2422,12 @@ int mboxlist_findall(struct namespace *n prefixlen = p - pattern; *p = '\0'; + /* Find fixed-string domain pattern prefix */ + for (p = domainpat; *p; p++) { + if (*p == '*' || *p == '%' || *p == '?' || *p == '@') break; + } + domainpat_prefixlen = p - domainpat; + /* * If user.X.* or INBOX.* can match pattern, * search for those mailboxes next @@ -2334,6 +2460,7 @@ int mboxlist_findall(struct namespace *n glob_free(&cbrock.g); cbrock.g = glob_init(domainpat, GLOB_HIERARCHY); cbrock.inboxoffset = 0; + cbrock.crossdomain = crossdomainmatch; if (usermboxnamelen) { usermboxname[--usermboxnamelen] = '\0'; cbrock.usermboxname = usermboxname; @@ -2343,7 +2470,7 @@ int mboxlist_findall(struct namespace *n just bother looking at the ones that have the same pattern prefix. */ r = DB->foreach(mbdb, - domainpat, domainlen + prefixlen, + domainpat, domainpat_prefixlen, &find_p, &find_cb, &cbrock, NULL); } @@ -2352,6 +2479,7 @@ int mboxlist_findall(struct namespace *n done: glob_free(&cbrock.g); if (pat) free(pat); + if (converted_pattern) free(converted_pattern); return r; } @@ -2389,6 +2517,7 @@ int mboxlist_findall_alt(struct namespac cbrock.auth_state = auth_state; cbrock.checkmboxlist = 0; /* don't duplicate work */ cbrock.checkshared = 0; + cbrock.crossdomain = 0; cbrock.proc = proc; cbrock.procrock = rock; @@ -3029,6 +3158,7 @@ int mboxlist_findsub(struct namespace *n cbrock.auth_state = auth_state; cbrock.checkmboxlist = !force; cbrock.checkshared = 0; + cbrock.crossdomain = 0; cbrock.proc = proc; cbrock.procrock = rock; @@ -3180,6 +3310,7 @@ int mboxlist_findsub_alt(struct namespac cbrock.auth_state = auth_state; cbrock.checkmboxlist = !force; cbrock.checkshared = 0; + cbrock.crossdomain = 0; cbrock.proc = proc; cbrock.procrock = rock; Index: cyrus-imapd-2.3.17/imap/mboxname.c =================================================================== --- cyrus-imapd-2.3.17.orig/imap/mboxname.c +++ cyrus-imapd-2.3.17/imap/mboxname.c @@ -113,6 +113,8 @@ static int mboxname_tointernal(struct na char *cp; char *atp; int userlen, domainlen = 0, namelen; + int name_has_domain = 0; + const char *name_local_part = NULL; /* Blank the result, just in case */ result[0] = '\0'; @@ -163,6 +165,18 @@ static int mboxname_tointernal(struct na } } + if (config_getswitch(IMAPOPT_ALLOWCROSSDOMAINACLS) && + !namespace->isadmin && + !strncmp(name, "user", 4) && name[4] == namespace->hier_sep) { + name_local_part = strchr(name + 5, namespace->hier_sep); + if (!name_local_part) { + name_local_part = name + strlen(name); + } + domainlen = name_local_part - (name + 5) + 1; + sprintf(result, "%.*s!", domainlen - 1, name + 5); + name_has_domain = 1; + } + /* if no domain specified, we're in the default domain */ } @@ -193,7 +207,13 @@ static int mboxname_tointernal(struct na if (domainlen+namelen > MAX_MAILBOX_NAME) { return IMAP_MAILBOX_BADNAME; } - sprintf(result, "%.*s", namelen, name); + + if (name_has_domain) { + sprintf(result, "user%s", name_local_part ? name_local_part : ""); + } + else { + sprintf(result, "%.*s", namelen, name); + } /* Translate any separators in mailboxname */ mboxname_hiersep_tointernal(namespace, result, 0); @@ -356,6 +376,7 @@ static int mboxname_toexternal(struct na { char *domain = NULL, *cp; size_t domainlen = 0, resultlen; + int append_domain = 1; /* Blank the result, just in case */ result[0] = '\0'; @@ -370,18 +391,29 @@ static int mboxname_toexternal(struct na /* don't use the domain if it matches the user's domain */ if (userid && (cp = strchr(userid, '@')) && (strlen(++cp) == domainlen) && !strncmp(domain, cp, domainlen)) - domain = NULL; + append_domain = 0; } - strcpy(result, name); - - /* Translate any separators in mailboxname */ - mboxname_hiersep_toexternal(namespace, result, 0); + if (config_getswitch(IMAPOPT_ALLOWCROSSDOMAINACLS) && !namespace->isadmin + && domain && !strncmp(name, "user", 4) && + (name[4] == 0 || name[4] == '.')) { + sprintf(result, "user%c%.*s", namespace->hier_sep, domainlen, domain); + if (name[4] != 0) + sprintf(result + domainlen + 5, "%c%s", namespace->hier_sep, + name + 5); + mboxname_hiersep_toexternal(namespace, result + domainlen + 6, 0); + append_domain = 0; + } + else { + strcpy(result, name); + /* Translate any separators in mailboxname */ + mboxname_hiersep_toexternal(namespace, result, 0); + } resultlen = strlen(result); /* Append domain */ - if (domain) { + if (domain && append_domain) { if(resultlen+domainlen+1 > MAX_MAILBOX_NAME) return IMAP_MAILBOX_BADNAME; Index: cyrus-imapd-2.3.17/lib/imapoptions =================================================================== --- cyrus-imapd-2.3.17.orig/lib/imapoptions +++ cyrus-imapd-2.3.17/lib/imapoptions @@ -1278,6 +1278,9 @@ product version in the capabilities */ /* Send mail to mailboxes, which do not exists, to this user. NOTE: This must be an existing local mailbox name. NOT an email address! */ +{ "allowcrossdomainacls", 0, SWITCH } +/* Allow ACL across domain boundaries. */ + /* .SH SEE ALSO .PP ++++++ KOLAB_cyrus-imapd-2.3.18_timsieved_starttls-sendcaps.patch ++++++ This patch was downloaded from https://bugzilla.andrew.cmu.edu/cgi-bin/cvsweb.cgi/src/cyrus/timsieved/parser.c.diff?r1=1.44;r2=1.45 (minus the CVS keywords) It should be reverse-applied with patch -p2 -R to work around the kontact behaviour described in kolab/issue2443 (kontact aborts sieve when imapd sends capabilities after starttls) and can be dropped as soon as kontact has a way to work with old and new cyrus imapd servers. Index: cyrus-imapd-2.3.17/timsieved/parser.c =================================================================== --- cyrus-imapd-2.3.17.orig/timsieved/parser.c +++ cyrus-imapd-2.3.17/timsieved/parser.c @@ -912,8 +912,7 @@ static int cmd_starttls(struct protstrea starttls_done = 1; - return capabilities(sieved_out, sieved_saslconn, starttls_done, - authenticated, sasl_ssf); + return result; } #else static int cmd_starttls(struct protstream *sieved_out, struct protstream *sieved_in) ++++++ charset.patch ++++++ Index: cyrus-imapd-2.3.18/lib/charset.c =================================================================== --- cyrus-imapd-2.3.18.orig/lib/charset.c +++ cyrus-imapd-2.3.18/lib/charset.c @@ -723,7 +723,7 @@ struct convert_rock *search_init(const c s->substr = (unsigned char *)substr; /* allocate tracking space and initialise to "no match" */ - s->starts = xmalloc(s->max_start * sizeof(int)); + s->starts = xmalloc(s->max_start * sizeof(size_t)); for (i = 0; i < s->max_start; i++) { s->starts[i] = -1; } ++++++ cyrus-imapd-2.3.16-autocreate-0.10-0.drac.diff ++++++ ++++ 2429 lines (skipped) ++++++ cyrus-imapd-2.3.19-CVE-2015-8077.patch ++++++ diff -Ppru cyrus-imapd-2.3.19.orig/imap/index.c cyrus-imapd-2.3.19/imap/index.c --- cyrus-imapd-2.3.19.orig/imap/index.c 2015-07-06 06:48:40.000000000 +0200 +++ cyrus-imapd-2.3.19/imap/index.c 2015-11-15 15:13:04.488920597 +0100 @@ -2774,7 +2774,8 @@ int index_urlfetch(struct mailbox *mailb const char *cachestr; int fetchmime = 0; unsigned size, offset = 0, skip = 0; - int n, r = 0; + unsigned long n; + int r = 0; if (outsize) *outsize = 0; @@ -2874,7 +2875,7 @@ int index_urlfetch(struct mailbox *mailb start_octet = size; n = 0; } - else if (start_octet + n > size) { + else if (start_octet + n < start_octet || start_octet + n > size) { n = size - start_octet; } @@ -2887,7 +2888,7 @@ int index_urlfetch(struct mailbox *mailb if (outsize) *outsize = n; else - prot_printf(pout, "{%u}\r\n", n); + prot_printf(pout, "{%lu}\r\n", n); if (n) prot_write(pout, msg_base + offset + start_octet, n); ++++++ cyrus-imapd-2.3.19-db6.patch ++++++ From: Jan Engelhardt <[email protected]> Date: 2013-06-14 02:52:48.129456384 +0200 src: make compilation with libdb-6.0 succeed db-6.0 has hit the scene. The changes for ->set_bt_compare (mbox_compar) are not yet present in cyrus-imapd-2.4.17. --- lib/cyrusdb_berkeley.c | 5 +++++ 1 file changed, 5 insertions(+) Index: cyrus-imapd-2.3.19/lib/cyrusdb_berkeley.c =================================================================== --- cyrus-imapd-2.3.19.orig/lib/cyrusdb_berkeley.c +++ cyrus-imapd-2.3.19/lib/cyrusdb_berkeley.c @@ -388,8 +388,13 @@ static int myarchive(const char **fnames return 0; } +#if DB_VERSION_MAJOR >= 6 +static int mbox_compar(DB *db __attribute__((unused)), + const DBT *a, const DBT *b, size_t *locp) +#else static int mbox_compar(DB *db __attribute__((unused)), const DBT *a, const DBT *b) +#endif { return bsearch_ncompare((const char *) a->data, a->size, (const char *) b->data, b->size); ++++++ cyrus-imapd-openslp.patch ++++++ Index: configure.in =================================================================== --- configure.in.orig +++ configure.in @@ -1194,6 +1194,19 @@ AC_ARG_WITH(drac, [ --with-drac=DIR fi) AC_SUBST(DRACLIBS) +dnl +dnl Test for OpenSLP +dnl +SLPLIBS= +AC_ARG_WITH(openslp, [ --with-openslp=DIR use OpenSLP library in <DIR> [no] ], + if test -d "$withval"; then + LDFLAGS="$LDFLAGS -L${withval}" + AC_CHECK_LIB(slp, SLPOpen, + AC_DEFINE(USE_SLP,[],[Compile with OpenSLP?]) + SLPLIBS="-lslp") + fi) +AC_SUBST(SLPLIBS) + CMU_LIBWRAP CMU_UCDSNMP Index: master/Makefile.in =================================================================== --- master/Makefile.in.orig +++ master/Makefile.in @@ -58,7 +58,7 @@ DEPLIBS = @DEPLIBS@ CFLAGS = @CFLAGS@ LDFLAGS = @LDFLAGS@ @COM_ERR_LDFLAGS@ -LIBS = ../lib/libcyrus_min.a @LIB_UCDSNMP@ @LIBS@ @COM_ERR_LIBS@ +LIBS = ../lib/libcyrus_min.a @LIB_UCDSNMP@ @LIBS@ @COM_ERR_LIBS@ @SLPLIBS@ SHELL = /bin/sh MAKEDEPEND = @MAKEDEPEND@ Index: master/master.c =================================================================== --- master/master.c.orig +++ master/master.c @@ -110,6 +110,10 @@ int deny_severity = LOG_ERR; #endif +#ifdef USE_SLP +#include <slp.h> +#endif + #include "masterconf.h" #include "master.h" @@ -119,6 +123,16 @@ #include "util.h" #include "xmalloc.h" +#ifdef USE_SLP +#define URL_MAX 1024 +SLPHandle phslp; +struct slpurl { + char srvurl[URL_MAX]; + struct slpurl *next; +}; +struct slpurl *start = NULL; +#endif + enum { become_cyrus_early = 1, child_table_size = 10000, @@ -181,10 +195,41 @@ static struct timeval janitor_mark; /* L void limit_fds(rlim_t); void schedule_event(struct event *a); +#ifdef USE_SLP +void SLPRegReportCB(SLPHandle hslp, SLPError errcode, void* cookie) +{ + /* return the error code in the cookie */ + *(SLPError*)cookie = errcode; + + /* You could do something else here like print out */ + /* the errcode, etc. Remember, as a general rule, */ + /* do not try to do too much in a callback because */ + /* it is being executed by the same thread that is */ + /* reading slp packets from the wire. */ +} + +void SLPshutdown(void) +{ + struct slpurl *ttmp,*tmp = start; + SLPError callbackerr; + while( tmp ) { + syslog(LOG_INFO,"SLPderegister [%s]",tmp->srvurl); + SLPDereg(phslp, tmp->srvurl, SLPRegReportCB, &callbackerr); + ttmp = tmp; + tmp = tmp->next; + free(ttmp); + } + SLPClose(&phslp); +} +#endif + void fatal(const char *msg, int code) { syslog(LOG_CRIT, "%s", msg); syslog(LOG_NOTICE, "exiting"); +#ifdef USE_SLP + SLPshutdown(); +#endif exit(code); } @@ -466,7 +511,90 @@ void service_create(struct service *s) s->socket = 0; continue; } - + +#ifdef USE_SLP + if ((!strcmp(s->proto, "tcp")) && s->listen[0] != '/' ) { + SLPError err; + SLPError callbackerr; + char *listen, *service; + char *listen_addr; + int port; + char hname[URL_MAX]; + char dname[URL_MAX]; + char turl[URL_MAX]; + struct slpurl *u; + char registered = 0; + + + /* parse_listen() and resolve_host() are destructive, + * so make a work copy of s->listen + */ + listen = xstrdup(s->listen); + + if ((service = parse_listen(listen)) == NULL) { + /* listen IS the port */ + service = listen; + listen_addr = NULL; + } else { + /* s->listen is now just the address */ + listen_addr = parse_host(listen); + if (*listen_addr == '\0') + listen_addr = NULL; + } + port = ntohs(((struct sockaddr_in *)(res)->ai_addr)->sin_port); + gethostname(hname,URL_MAX); + getdomainname(dname,URL_MAX); + + snprintf(turl,URL_MAX,"service:%s://%s.%s:%d", + service, + hname, dname, + port); + + /* check, whether we already registered the service */ + u = start; + while( u ) { + if( ! strcmp(u->srvurl,turl) ) registered = 1; + u = u->next; + } + + if( ! registered ) { + u = (struct slpurl *)calloc(1,sizeof(struct slpurl)); + if( ! u ) + fatal("out of memory", EX_UNAVAILABLE); + + strncpy(u->srvurl,turl,URL_MAX); + + if( start == NULL ) { + start = u; + } else { + struct slpurl *tmp = start; + while( tmp->next ) tmp = tmp->next; + tmp->next = u; + } + syslog(LOG_INFO,"SLPRegister [%s]",u->srvurl); + + err = SLPReg(phslp, + u->srvurl, + SLP_LIFETIME_MAXIMUM, + 0, + "", + SLP_TRUE, + SLPRegReportCB, + &callbackerr ); + + if(( err != SLP_OK) || (callbackerr != SLP_OK)) + { + syslog(LOG_ERR,"Error registering service with slp %i",err); + } + + if( callbackerr != SLP_OK) + { + syslog(LOG_ERR,"Error registering service with slp %i",callbackerr); + } + } + } +#endif + s->ready_workers = 0; s->associate = nsocket; s->family = res->ai_family; @@ -1015,6 +1143,9 @@ void sigterm_handler(int sig __attribute /* tell master agent we're exiting */ snmp_shutdown("cyrusMaster"); #endif +#ifdef USE_SLP + SLPshutdown(); +#endif syslog(LOG_INFO, "exiting on SIGTERM/SIGINT"); exit(0); @@ -1929,6 +2060,16 @@ int main(int argc, char **argv) syslog(LOG_NOTICE, "process started"); +#ifdef USE_SLP + { + int slperr; + if ( (slperr = SLPOpen(NULL, SLP_FALSE, &phslp)) != SLP_OK ) { + syslog(LOG_ERR, "SLPOpen() failed, return code: %d", slperr); + } + } +#endif + + #if defined(HAVE_UCDSNMP) || defined(HAVE_NETSNMP) /* initialize SNMP agent */ ++++++ cyrus-imapd-perl-path.patch ++++++ --- tools/arbitronsort.pl 2007/05/23 11:53:02 1.1 +++ tools/arbitronsort.pl 2007/05/23 11:53:12 @@ -1,4 +1,4 @@ -#!/usr/local/bin/perl +#!/usr/bin/perl # # This script takes the output of arbitron (run without the -o option) ++++++ cyrus-imapd_references_header-dos.dif ++++++ Index: cyrus-imapd-2.3.17/imap/index.c =================================================================== --- cyrus-imapd-2.3.17.orig/imap/index.c +++ cyrus-imapd-2.3.17/imap/index.c @@ -192,6 +192,7 @@ static void index_thread_orderedsubj(uns static void index_thread_sort(Thread *root, struct sortcrit *sortcrit); static void index_thread_print(Thread *threads, int usinguid); static void index_thread_ref(unsigned *msgno_list, int nmsg, int usinguid); +static void massage_header(char *hdr); /* NOTE: Make sure these are listed in CAPABILITY_STRING */ static const struct thread_algorithm thread_algs[] = { @@ -4132,6 +4133,7 @@ void index_get_ids(MsgData *msgdata, cha /* allocate some space for refs */ msgdata->ref = (char **) xmalloc(refsize * sizeof(char *)); /* find references */ + massage_header(buf); refstr = buf; while ((ref = find_msgid(refstr, &refstr)) != NULL) { /* reallocate space for this msgid if necessary */ ++++++ cyrus-imapd_tls-session-leak.dif ++++++ Index: cyrus-imapd-2.3.16/imap/tls.c =================================================================== --- cyrus-imapd-2.3.16.orig/imap/tls.c +++ cyrus-imapd-2.3.16/imap/tls.c @@ -714,6 +714,10 @@ int tls_init_serverengine(const char if (!SSL_CTX_set_cipher_list(s_ctx, cipher_list)) { syslog(LOG_ERR,"TLS server engine: cannot load cipher list '%s'", cipher_list); + if ( sess_dbopen && (DB->close)(sessdb) ) { + syslog(LOG_ERR, "DBERROR: error closing tlsdb: %s", + cyrusdb_strerror(r)); + } return (-1); } @@ -731,6 +735,10 @@ int tls_init_serverengine(const char if (!set_cert_stuff(s_ctx, s_cert_file, s_key_file)) { syslog(LOG_ERR,"TLS server engine: cannot load cert/key data"); + if ( sess_dbopen && (DB->close)(sessdb) ) { + syslog(LOG_ERR, "DBERROR: error closing tlsdb: %s", + cyrusdb_strerror(r)); + } return (-1); } SSL_CTX_set_tmp_rsa_callback(s_ctx, tmp_rsa_cb); ++++++ luser_relay.patch ++++++ >From 197203c01da43939bc815691a2face8f9e072e03 Mon Sep 17 00:00:00 2001 From: Ralf Haferkamp <[email protected]> Date: Wed, 13 Jan 2010 11:12:42 +0100 Subject: [PATCH] New option lmtp_luser_relay Send mail to non-existing mailboxes,to this user. NOTE: This must be an existing local mailbox name. NOT an email address! 2 files changed, 23 insertions(+), 5 deletions(-) Index: cyrus-imapd-2.3.16/imap/lmtpengine.c =================================================================== --- cyrus-imapd-2.3.16.orig/imap/lmtpengine.c +++ cyrus-imapd-2.3.16/imap/lmtpengine.c @@ -819,6 +819,8 @@ static int process_recipient(char *addr, address_data_t *ret = (address_data_t *) xmalloc(sizeof(address_data_t)); int forcedowncase = config_getswitch(IMAPOPT_LMTP_DOWNCASE_RCPT); int quoted, detail; + char *luser_relay = NULL; + int has_luser_relay = 0; assert(addr != NULL && msg != NULL); @@ -875,6 +877,13 @@ static int process_recipient(char *addr, } *dest = '\0'; + luser_relay = config_getstring(IMAPOPT_LMTP_LUSER_RELAY); + if( luser_relay ) { + if( !verify_user(luser_relay, NULL, NULL, ignorequota ? -1 : msg->size, msg->authstate) ) { + has_luser_relay = 1; + } + } + /* make a working copy of rcpt */ ret->user = ret->rcpt = xstrdup(rcpt); @@ -900,12 +909,17 @@ static int process_recipient(char *addr, r = verify_user(ret->user, ret->domain, ret->mailbox, (quota_t) (ignorequota ? -1 : msg->size), msg->authstate); if (r) { - /* we lost */ - free(ret->all); - free(ret->rcpt); - free(ret); - return r; + if( r == IMAP_MAILBOX_NONEXISTENT && has_luser_relay ) { + ret->user = xstrdup(luser_relay); + } else { + /* we lost */ + free(ret->all); + free(ret->rcpt); + free(ret); + return r; + } } + ret->ignorequota = ignorequota; msg->rcpt[msg->rcpt_num] = ret; Index: cyrus-imapd-2.3.16/lib/imapoptions =================================================================== --- cyrus-imapd-2.3.16.orig/lib/imapoptions +++ cyrus-imapd-2.3.16/lib/imapoptions @@ -1274,6 +1274,10 @@ product version in the capabilities */ interface, otherwise the user is assumed to be in the default domain (if set). */ +{ "lmtp_luser_relay", NULL, STRING } +/* Send mail to mailboxes, which do not exists, to this user. NOTE: This must + be an existing local mailbox name. NOT an email address! */ + /* .SH SEE ALSO .PP ++++++ pie.patch ++++++ Index: cyrus-imapd-2.3.17/configure.in =================================================================== --- cyrus-imapd-2.3.17.orig/configure.in +++ cyrus-imapd-2.3.17/configure.in @@ -1257,6 +1257,27 @@ AC_SUBST(PERL_SUBDIRS) AC_SUBST(PERL_DEPSUBDIRS) AC_SUBST(PERL) +AC_CACHE_CHECK(for -fpie, libc_cv_fpie, [dnl + cat > conftest.c <<EOF +int foo; +main () { return 0;} +EOF + if AC_TRY_COMMAND([${CC-cc} $CFLAGS $CPPFLAGS $LDFLAGS -pie -fpie + -o conftest conftest.c 1>&AS_MESSAGE_LOG_FD]) + then + libc_cv_fpie=yes + PIE_CFLAGS="-fPIE" + PIE_LDFLAGS="-pie" + else + libc_cv_fpie=no + PIE_CFLAGS="" + PIE_LDFLAGS="" + fi + rm -f conftest*]) +AC_SUBST(libc_cv_fpie) +AC_SUBST(PIE_CFLAGS) +AC_SUBST(PIE_LDFLAGS) + AH_TOP([ /* * Copyright (c) 1994-2008 Carnegie Mellon University. All rights reserved. Index: cyrus-imapd-2.3.17/imap/Makefile.in =================================================================== --- cyrus-imapd-2.3.17.orig/imap/Makefile.in +++ cyrus-imapd-2.3.17/imap/Makefile.in @@ -70,8 +70,8 @@ DRAC_LIBS = @DRACLIBS@ LIBS = $(IMAP_LIBS) $(IMAP_COM_ERR_LIBS) DEPLIBS = ../lib/libcyrus.a ../lib/libcyrus_min.a @DEPLIBS@ -CFLAGS = @CFLAGS@ -LDFLAGS = @LDFLAGS@ @COM_ERR_LDFLAGS@ +CFLAGS = @CFLAGS@ @PIE_CFLAGS@ +LDFLAGS = @LDFLAGS@ @COM_ERR_LDFLAGS@ @PIE_LDFLAGS@ SHELL = /bin/sh MAKEDEPEND = @MAKEDEPEND@ Index: cyrus-imapd-2.3.17/lib/Makefile.in =================================================================== --- cyrus-imapd-2.3.17.orig/lib/Makefile.in +++ cyrus-imapd-2.3.17/lib/Makefile.in @@ -63,8 +63,8 @@ CPPFLAGS = -I.. @CPPFLAGS@ @COM_ERR_CPPF LIBS = @LIBS@ MAKEDEPEND_CFLAGS = @CFLAGS@ -CFLAGS = @CFLAGS@ @PERL_CCCDLFLAGS@ -LDFLAGS = @LDFLAGS@ +CFLAGS = @CFLAGS@ @PERL_CCCDLFLAGS@ -fPIC +LDFLAGS = @LDFLAGS@ @PIE_LDFLAGS@ SHELL = /bin/sh MAKEDEPEND = @MAKEDEPEND@ Index: cyrus-imapd-2.3.17/master/Makefile.in =================================================================== --- cyrus-imapd-2.3.17.orig/master/Makefile.in +++ cyrus-imapd-2.3.17/master/Makefile.in @@ -56,8 +56,8 @@ DEFS = @DEFS@ @LOCALDEFS@ CPPFLAGS = -I.. -I$(srcdir)/../lib -I$(srcdir)/../imap @CPPFLAGS@ @COM_ERR_CPPFLAGS@ DEPLIBS = @DEPLIBS@ -CFLAGS = @CFLAGS@ -LDFLAGS = @LDFLAGS@ @COM_ERR_LDFLAGS@ +CFLAGS = @CFLAGS@ @PIE_CFLAGS@ +LDFLAGS = @LDFLAGS@ @COM_ERR_LDFLAGS@ @PIE_LDFLAGS@ LIBS = ../lib/libcyrus_min.a @LIB_UCDSNMP@ @LIBS@ @COM_ERR_LIBS@ @SLPLIBS@ SHELL = /bin/sh Index: cyrus-imapd-2.3.17/netnews/Makefile.in =================================================================== --- cyrus-imapd-2.3.17.orig/netnews/Makefile.in +++ cyrus-imapd-2.3.17/netnews/Makefile.in @@ -55,8 +55,8 @@ CPPFLAGS = -I.. -I$(srcdir) -I$(srcdir)/ LIBS = @IMAP_LIBS@ @LIB_RT@ DEPLIBS = ../lib/libcyrus.a ../lib/libcyrus_min.a @DEPLIBS@ -CFLAGS = @CFLAGS@ -LDFLAGS = @LDFLAGS@ +CFLAGS = @CFLAGS@ @PIE_CFLAGS@ +LDFLAGS = @LDFLAGS@ @PIE_LDFLAGS@ SHELL = /bin/sh MAKEDEPEND = @MAKEDEPEND@ Index: cyrus-imapd-2.3.17/notifyd/Makefile.in =================================================================== --- cyrus-imapd-2.3.17.orig/notifyd/Makefile.in +++ cyrus-imapd-2.3.17/notifyd/Makefile.in @@ -56,8 +56,8 @@ CYRUS_GROUP=@cyrus_group@ DEFS = @DEFS@ @LOCALDEFS@ CPPFLAGS = -I.. -I$(srcdir)/../sieve -I$(srcdir)/../imap -I$(srcdir)/../lib @COM_ERR_CPPFLAGS@ @CPPFLAGS@ @SASLFLAGS@ -CFLAGS = @CFLAGS@ -LDFLAGS = @LDFLAGS@ +CFLAGS = @CFLAGS@ @PIE_CFLAGS@ +LDFLAGS = @LDFLAGS@ @PIE_LDFLAGS@ prefix = @prefix@ exec_prefix = @exec_prefix@ Index: cyrus-imapd-2.3.17/perl/sieve/lib/Makefile.in =================================================================== --- cyrus-imapd-2.3.17.orig/perl/sieve/lib/Makefile.in +++ cyrus-imapd-2.3.17/perl/sieve/lib/Makefile.in @@ -58,7 +58,7 @@ IMAP_LIBS = @IMAP_LIBS@ DEPLIBS = ../../../lib/libcyrus.a ../../../lib/libcyrus_min.a @DEPLIBS@ MAKEDEPEND_CFLAGS = @CFLAGS@ -CFLAGS = @CFLAGS@ @PERL_CCCDLFLAGS@ +CFLAGS = @CFLAGS@ @PERL_CCCDLFLAGS@ -fPIC LDFLAGS = @LDFLAGS@ SHELL = /bin/sh Index: cyrus-imapd-2.3.17/sieve/Makefile.in =================================================================== --- cyrus-imapd-2.3.17.orig/sieve/Makefile.in +++ cyrus-imapd-2.3.17/sieve/Makefile.in @@ -60,8 +60,8 @@ COMPILE_ET = @COMPILE_ET@ DEFS = @DEFS@ @LOCALDEFS@ CPPFLAGS = -I.. -I$(srcdir)/../lib @COM_ERR_CPPFLAGS@ @CPPFLAGS@ @SASLFLAGS@ MAKEDEPEND_CFLAGS = @CFLAGS@ -CFLAGS = @CFLAGS@ @PERL_CCCDLFLAGS@ -LDFLAGS = @LDFLAGS@ +CFLAGS = @CFLAGS@ @PERL_CCCDLFLAGS@ @PIE_CFLAGS@ +LDFLAGS = @LDFLAGS@ @PIE_LDFLAGS@ MAKEDEPEND = @MAKEDEPEND@ Index: cyrus-imapd-2.3.17/syslog/Makefile.in =================================================================== --- cyrus-imapd-2.3.17.orig/syslog/Makefile.in +++ cyrus-imapd-2.3.17/syslog/Makefile.in @@ -55,8 +55,8 @@ DEFS = @DEFS@ CPPFLAGS = @CPPFLAGS@ LIBS = @LIBS@ -CFLAGS = @CFLAGS@ -LDFLAGS = @LDFLAGS@ +CFLAGS = @CFLAGS@ @PIE_CFLAGS@ +LDFLAGS = @LDFLAGS@ @PIE_LDFLAGS@ SHELL = /bin/sh MAKEDEPEND = @MAKEDEPEND@ Index: cyrus-imapd-2.3.17/timsieved/Makefile.in =================================================================== --- cyrus-imapd-2.3.17.orig/timsieved/Makefile.in +++ cyrus-imapd-2.3.17/timsieved/Makefile.in @@ -56,8 +56,8 @@ CYRUS_GROUP=@cyrus_group@ DEFS = @DEFS@ @LOCALDEFS@ CPPFLAGS = -I.. -I$(srcdir)/../sieve -I$(srcdir)/../imap -I$(srcdir)/../lib @COM_ERR_CPPFLAGS@ @CPPFLAGS@ @SASLFLAGS@ -CFLAGS = @CFLAGS@ -LDFLAGS = @LDFLAGS@ +CFLAGS = @CFLAGS@ @PIE_CFLAGS@ +LDFLAGS = @LDFLAGS@ @PIE_LDFLAGS@ prefix = @prefix@ exec_prefix = @exec_prefix@ Index: cyrus-imapd-2.3.17/com_err/et/Makefile.in =================================================================== --- cyrus-imapd-2.3.17.orig/com_err/et/Makefile.in +++ cyrus-imapd-2.3.17/com_err/et/Makefile.in @@ -58,8 +58,8 @@ DEFS = @DEFS@ CPPFLAGS = @CPPFLAGS@ LIBS = @LIBS@ -CFLAGS = @CFLAGS@ -LDFLAGS = @LDFLAGS@ +CFLAGS = @CFLAGS@ @PIE_CFLAGS@ +LDFLAGS = @LDFLAGS@ @PIE_LDFLAGS@ SHELL = /bin/sh ++++++ syslog-facility-doc.patch ++++++ >From 52753d22537cc8af9dbed6a6acc5c32c78e272b0 Mon Sep 17 00:00:00 2001 From: Ralf Haferkamp <[email protected]> Date: Fri, 9 Apr 2010 11:49:37 +0200 Subject: [PATCH] syslog facility doc We build with "--with-syslogfacility=DAEMON" since quite some time --- doc/install-configure.html | 4 ++-- doc/overview.html | 2 +- doc/text/install-configure | 4 ++-- doc/text/overview | 2 +- 4 files changed, 6 insertions(+), 6 deletions(-) diff --git a/doc/install-configure.html b/doc/install-configure.html index 2b4b567..9b0a408 100644 --- a/doc/install-configure.html +++ b/doc/install-configure.html @@ -44,10 +44,10 @@ it does not, replace the system "<tt>syslogd</tt>" and If you do not copy the "<tt>syslog/syslog.conf</tt>" file to the "<tt>/etc</tt>" directory, be sure to add support for -"<tt>local6.debug</tt>". The file should include a line like: +"<tt>daemon.debug</tt>". The file should include a line like: <pre> - local6.debug /var/log/imapd.log + daemon.debug /var/log/imapd.log </pre> You probably also want to log SASL messages with a line like: diff --git a/doc/overview.html b/doc/overview.html index 15c351c..a63b3fd 100644 --- a/doc/overview.html +++ b/doc/overview.html @@ -622,7 +622,7 @@ server exports MIT's KPOP protocol instead of generic POP3. <h3><a name="syslog">The <TT>syslog</TT> facility</a></h3> -The Cyrus IMAP server software sends log messages to the "<TT>local6</TT>" +The Cyrus IMAP server software sends log messages to the "<TT>daemon</TT>" syslog facility. The severity levels used are: <UL> diff --git a/doc/text/install-configure b/doc/text/install-configure index f0b88b2..0fcb597 100644 --- a/doc/text/install-configure +++ b/doc/text/install-configure @@ -28,10 +28,10 @@ Installing and configuring the IMAP Server mv syslog.conf /etc/syslog.conf If you do not copy the "syslog/syslog.conf" file to the "/etc" - directory, be sure to add support for "local6.debug". The file + directory, be sure to add support for "daemon.debug". The file should include a line like: - local6.debug /var/log/imapd.log + daemon.debug /var/log/imapd.log You probably also want to log SASL messages with a line like: diff --git a/doc/text/overview b/doc/text/overview index 91aa4b5..5a8c552 100644 --- a/doc/text/overview +++ b/doc/text/overview @@ -545,7 +545,7 @@ POP3 Server The syslog facility - The Cyrus IMAP server software sends log messages to the "local6" + The Cyrus IMAP server software sends log messages to the "daemon" syslog facility. The severity levels used are: * CRIT - Critical errors which probably require prompt administrator -- 1.7.0.2 ++++++ user_deny_db-once.patch ++++++ ++++ 634 lines (skipped)
