1 |
commit: aebf54df234b6fe8e8879adae952f7603471caae |
2 |
Author: Eray Aslan <eras <AT> gentoo <DOT> org> |
3 |
AuthorDate: Fri Mar 29 14:01:58 2019 +0000 |
4 |
Commit: Eray Aslan <eras <AT> gentoo <DOT> org> |
5 |
CommitDate: Fri Mar 29 14:01:58 2019 +0000 |
6 |
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=aebf54df |
7 |
|
8 |
net-mail/dovecot: security bump to 2.3.5.1 |
9 |
|
10 |
Bug: https://bugs.gentoo.org/681922 |
11 |
Package-Manager: Portage-2.3.62, Repoman-2.3.12 |
12 |
Signed-off-by: Eray Aslan <eras <AT> gentoo.org> |
13 |
|
14 |
net-mail/dovecot/Manifest | 1 + |
15 |
net-mail/dovecot/dovecot-2.3.5.1.ebuild | 294 ++++++++++++++++++++++++++++++++ |
16 |
2 files changed, 295 insertions(+) |
17 |
|
18 |
diff --git a/net-mail/dovecot/Manifest b/net-mail/dovecot/Manifest |
19 |
index 1afe06e1253..04e2d3f047d 100644 |
20 |
--- a/net-mail/dovecot/Manifest |
21 |
+++ b/net-mail/dovecot/Manifest |
22 |
@@ -12,4 +12,5 @@ DIST dovecot-2.3.2.1.tar.gz 6797491 BLAKE2B 92b88fd0f0cb8ed6c418bf27c2e1fc4efe13 |
23 |
DIST dovecot-2.3.3.tar.gz 6851107 BLAKE2B 87d6e11c8ff59cfe0b49d3561c307535efb09296af617530a4d5a89b4fc12055d006d1b283a4de076f27d59deb64324b96f28620958ad85c38197710c5decdf7 SHA512 8666c4f92f7df883067540f85be9d03dbe6815b58a7f5de55b4292e986e9a2a1ef52c7e0c72dde2bc781fe40d57488b78a99b6b813745b8e4683f1a2fdc1f2ff |
24 |
DIST dovecot-2.3.4.1.tar.gz 6925073 BLAKE2B d8143bad01c107b68525d0cfc110e5bf4e3ffa0af49e7cafdfef263374e146a7ef6ed7107a7c5216c4b52da3640d7a9a80931c01d125d3852fa265171e4d4e09 SHA512 ff21aa0f0cae17dfa66617291688856727412defa48bad2b6be057cb509fbec1c2e134afbfee69929d06b8692a0fcbd8451671ba02860e1673ae1c9483c2c17e |
25 |
DIST dovecot-2.3.4.tar.gz 6924178 BLAKE2B 13e52a1b04036d58e68d762c9330dd5efedbf2421d658a8b657ca59e311b899a9b4a84fd754678ee67cd5b60f47b5a5ccd6a3fa08fafca7413c8b1e6ecd2fb51 SHA512 9e97eb08c319c417e8abcb430b3e6c87ed5aa820d6288656fdfd958ff34664f67202a66e4846763bfc85b309b116cea8012e49dab98b478c57974cc178a37a5a |
26 |
+DIST dovecot-2.3.5.1.tar.gz 6953150 BLAKE2B 04484325e7b87f78c0aa6e3c769bc921e9dc62562cd8705b99166b7291b794f434b088dcf6512bc21c96d8937475cafa4d49c6ac611cb07f74a0d20e15e185c7 SHA512 e87754461fb0b065acd0ff10dc955000a2fe5baffed69efaf328ce9268f90140e9de444bc68e0bd48b565c7622885a79b1f90ff3dd2335c0c2362d05d9e73e8a |
27 |
DIST dovecot-2.3.5.tar.gz 6970480 BLAKE2B 006f64ce87e3eff04f3df7689ba9caed0b6b4f83eef28ee8fc2bafcf4a90b0255bf3d0d5d6b32571de8eb339f720a4d7b6de7dd5e3bcf6d03ecc5d6fa679799c SHA512 10513c371aeadd52184daaf8dbb9a7559c6db55e34182bbb2c9539dae0897ddcc76f6fe2ce6a81c7ce0cb94c7f79438ae3bb0e7db8ed46615feb337b4078ecc6 |
28 |
|
29 |
diff --git a/net-mail/dovecot/dovecot-2.3.5.1.ebuild b/net-mail/dovecot/dovecot-2.3.5.1.ebuild |
30 |
new file mode 100644 |
31 |
index 00000000000..96f60ebd347 |
32 |
--- /dev/null |
33 |
+++ b/net-mail/dovecot/dovecot-2.3.5.1.ebuild |
34 |
@@ -0,0 +1,294 @@ |
35 |
+# Copyright 1999-2019 Gentoo Authors |
36 |
+# Distributed under the terms of the GNU General Public License v2 |
37 |
+ |
38 |
+EAPI=6 |
39 |
+ |
40 |
+# do not add a ssl USE flag. ssl is mandatory |
41 |
+SSL_DEPS_SKIP=1 |
42 |
+inherit autotools eapi7-ver ssl-cert systemd user |
43 |
+ |
44 |
+MY_P="${P/_/.}" |
45 |
+#MY_S="${PN}-ce-${PV}" |
46 |
+major_minor="$(ver_cut 1-2)" |
47 |
+sieve_version="0.5.5" |
48 |
+if [[ ${PV} == *_rc* ]] ; then |
49 |
+ rc_dir="rc/" |
50 |
+else |
51 |
+ rc_dir="" |
52 |
+fi |
53 |
+SRC_URI="https://dovecot.org/releases/${major_minor}/${rc_dir}${MY_P}.tar.gz |
54 |
+ sieve? ( |
55 |
+ https://pigeonhole.dovecot.org/releases/${major_minor}/${rc_dir}${PN}-${major_minor}-pigeonhole-${sieve_version}.tar.gz |
56 |
+ ) |
57 |
+ managesieve? ( |
58 |
+ https://pigeonhole.dovecot.org/releases/${major_minor}/${rc_dir}${PN}-${major_minor}-pigeonhole-${sieve_version}.tar.gz |
59 |
+ ) " |
60 |
+DESCRIPTION="An IMAP and POP3 server written with security primarily in mind" |
61 |
+HOMEPAGE="https://www.dovecot.org/" |
62 |
+ |
63 |
+SLOT="0" |
64 |
+LICENSE="LGPL-2.1 MIT" |
65 |
+KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sparc ~x86" |
66 |
+ |
67 |
+IUSE_DOVECOT_AUTH="kerberos ldap lua mysql pam postgres sqlite vpopmail" |
68 |
+IUSE_DOVECOT_COMPRESS="bzip2 lzma lz4 zlib" |
69 |
+IUSE_DOVECOT_OTHER="argon2 caps doc ipv6 libressl lucene managesieve selinux sieve solr static-libs suid tcpd textcat" |
70 |
+ |
71 |
+IUSE="${IUSE_DOVECOT_AUTH} ${IUSE_DOVECOT_STORAGE} ${IUSE_DOVECOT_COMPRESS} ${IUSE_DOVECOT_OTHER}" |
72 |
+ |
73 |
+DEPEND="argon2? ( dev-libs/libsodium ) |
74 |
+ bzip2? ( app-arch/bzip2 ) |
75 |
+ caps? ( sys-libs/libcap ) |
76 |
+ kerberos? ( virtual/krb5 ) |
77 |
+ ldap? ( net-nds/openldap ) |
78 |
+ lua? ( dev-lang/lua:* ) |
79 |
+ lucene? ( >=dev-cpp/clucene-2.3 ) |
80 |
+ lzma? ( app-arch/xz-utils ) |
81 |
+ lz4? ( app-arch/lz4 ) |
82 |
+ mysql? ( dev-db/mysql-connector-c:0= ) |
83 |
+ pam? ( virtual/pam ) |
84 |
+ postgres? ( dev-db/postgresql:* !dev-db/postgresql[ldap,threads] ) |
85 |
+ selinux? ( sec-policy/selinux-dovecot ) |
86 |
+ solr? ( net-misc/curl dev-libs/expat ) |
87 |
+ sqlite? ( dev-db/sqlite:* ) |
88 |
+ !libressl? ( dev-libs/openssl:0 ) |
89 |
+ libressl? ( dev-libs/libressl ) |
90 |
+ tcpd? ( sys-apps/tcp-wrappers ) |
91 |
+ textcat? ( app-text/libexttextcat ) |
92 |
+ vpopmail? ( net-mail/vpopmail ) |
93 |
+ zlib? ( sys-libs/zlib ) |
94 |
+ virtual/libiconv |
95 |
+ dev-libs/icu:=" |
96 |
+ |
97 |
+RDEPEND="${DEPEND} |
98 |
+ net-mail/mailbase" |
99 |
+ |
100 |
+PATCHES=( |
101 |
+ "${FILESDIR}/${PN}-userdb-passwd-fix.patch" |
102 |
+) |
103 |
+ |
104 |
+pkg_setup() { |
105 |
+ if use managesieve && ! use sieve; then |
106 |
+ ewarn "managesieve USE flag selected but sieve USE flag unselected" |
107 |
+ ewarn "sieve USE flag will be turned on" |
108 |
+ fi |
109 |
+ # default internal user |
110 |
+ enewgroup dovecot 97 |
111 |
+ enewuser dovecot 97 -1 /dev/null dovecot |
112 |
+ # default login user |
113 |
+ enewuser dovenull -1 -1 /dev/null |
114 |
+ # add "mail" group for suid'ing. Better security isolation. |
115 |
+ if use suid; then |
116 |
+ enewgroup mail |
117 |
+ fi |
118 |
+} |
119 |
+ |
120 |
+src_prepare() { |
121 |
+ default |
122 |
+ # bug 657108 |
123 |
+ # elibtoolize |
124 |
+ eautoreconf |
125 |
+} |
126 |
+ |
127 |
+src_configure() { |
128 |
+ local conf="" |
129 |
+ |
130 |
+ if use postgres || use mysql || use sqlite; then |
131 |
+ conf="${conf} --with-sql" |
132 |
+ fi |
133 |
+ |
134 |
+ # turn valgrind tests off. Bug #340791 |
135 |
+ VALGRIND=no econf \ |
136 |
+ --with-rundir="${EPREFIX}/run/dovecot" \ |
137 |
+ --with-statedir="${EPREFIX}/var/lib/dovecot" \ |
138 |
+ --with-moduledir="${EPREFIX}/usr/$(get_libdir)/dovecot" \ |
139 |
+ --without-stemmer \ |
140 |
+ --disable-rpath \ |
141 |
+ --without-libbsd \ |
142 |
+ --with-icu \ |
143 |
+ --with-ssl \ |
144 |
+ --with-systemdsystemunitdir="$(systemd_get_systemunitdir)" \ |
145 |
+ $( use_with argon2 sodium ) \ |
146 |
+ $( use_with bzip2 bzlib ) \ |
147 |
+ $( use_with caps libcap ) \ |
148 |
+ $( use_with kerberos gssapi ) \ |
149 |
+ $( use_with lua ) \ |
150 |
+ $( use_with ldap ) \ |
151 |
+ $( use_with lucene ) \ |
152 |
+ $( use_with lz4 ) \ |
153 |
+ $( use_with lzma ) \ |
154 |
+ $( use_with mysql ) \ |
155 |
+ $( use_with pam ) \ |
156 |
+ $( use_with postgres pgsql ) \ |
157 |
+ $( use_with sqlite ) \ |
158 |
+ $( use_with solr ) \ |
159 |
+ $( use_with tcpd libwrap ) \ |
160 |
+ $( use_with textcat ) \ |
161 |
+ $( use_with vpopmail ) \ |
162 |
+ $( use_with zlib ) \ |
163 |
+ $( use_enable static-libs static ) \ |
164 |
+ ${conf} |
165 |
+ |
166 |
+ if use sieve || use managesieve ; then |
167 |
+ # The sieve plugin needs this file to be build to determine the plugin |
168 |
+ # directory and the list of libraries to link to. |
169 |
+ emake dovecot-config |
170 |
+ cd "../dovecot-${major_minor}-pigeonhole-${sieve_version}" || die "cd failed" |
171 |
+ econf \ |
172 |
+ $( use_enable static-libs static ) \ |
173 |
+ --localstatedir="${EPREFIX%/}/var" \ |
174 |
+ --enable-shared \ |
175 |
+ --with-dovecot="${S}" \ |
176 |
+ $( use_with managesieve ) |
177 |
+ fi |
178 |
+} |
179 |
+ |
180 |
+src_compile() { |
181 |
+ default |
182 |
+ if use sieve || use managesieve ; then |
183 |
+ cd "../dovecot-${major_minor}-pigeonhole-${sieve_version}" || die "cd failed" |
184 |
+ emake CC="$(tc-getCC)" CFLAGS="${CFLAGS}" |
185 |
+ fi |
186 |
+} |
187 |
+ |
188 |
+src_test() { |
189 |
+ default |
190 |
+ if use sieve || use managesieve ; then |
191 |
+ cd "../dovecot-${major_minor}-pigeonhole-${sieve_version}" || die "cd failed" |
192 |
+ default |
193 |
+ fi |
194 |
+} |
195 |
+ |
196 |
+src_install () { |
197 |
+ default |
198 |
+ |
199 |
+ # insecure: |
200 |
+ # use suid && fperms u+s /usr/libexec/dovecot/deliver |
201 |
+ # better: |
202 |
+ if use suid;then |
203 |
+ einfo "Changing perms to allow deliver to be suided" |
204 |
+ fowners root:mail "${EPREFIX}/usr/libexec/dovecot/dovecot-lda" |
205 |
+ fperms 4750 "${EPREFIX}/usr/libexec/dovecot/dovecot-lda" |
206 |
+ fi |
207 |
+ |
208 |
+ newinitd "${FILESDIR}"/dovecot.init-r6 dovecot |
209 |
+ |
210 |
+ rm -rf "${ED}"/usr/share/doc/dovecot |
211 |
+ |
212 |
+ dodoc AUTHORS NEWS README TODO |
213 |
+ dodoc doc/*.{txt,cnf,xml,sh} |
214 |
+ docinto example-config |
215 |
+ dodoc doc/example-config/*.{conf,ext} |
216 |
+ docinto example-config/conf.d |
217 |
+ dodoc doc/example-config/conf.d/*.{conf,ext} |
218 |
+ docinto wiki |
219 |
+ dodoc doc/wiki/* |
220 |
+ doman doc/man/*.{1,7} |
221 |
+ |
222 |
+ # Create the dovecot.conf file from the dovecot-example.conf file that |
223 |
+ # the dovecot folks nicely left for us.... |
224 |
+ local conf="${ED}/etc/dovecot/dovecot.conf" |
225 |
+ local confd="${ED}/etc/dovecot/conf.d" |
226 |
+ |
227 |
+ insinto /etc/dovecot |
228 |
+ doins doc/example-config/*.{conf,ext} |
229 |
+ insinto /etc/dovecot/conf.d |
230 |
+ doins doc/example-config/conf.d/*.{conf,ext} |
231 |
+ fperms 0600 "${EPREFIX}"/etc/dovecot/dovecot-{ldap,sql}.conf.ext |
232 |
+ rm -f "${confd}/../README" |
233 |
+ |
234 |
+ # .maildir is the Gentoo default |
235 |
+ local mail_location="maildir:~/.maildir" |
236 |
+ sed -i -e \ |
237 |
+ "s|#mail_location =|mail_location = ${mail_location}|" \ |
238 |
+ "${confd}/10-mail.conf" \ |
239 |
+ || die "failed to update mail location settings in 10-mail.conf" |
240 |
+ |
241 |
+ # We're using pam files (imap and pop3) provided by mailbase |
242 |
+ if use pam; then |
243 |
+ sed -i -e '/driver = pam/,/^[ \t]*}/ s|#args = dovecot|args = "\*"|' \ |
244 |
+ "${confd}/auth-system.conf.ext" \ |
245 |
+ || die "failed to update PAM settings in auth-system.conf.ext" |
246 |
+ # mailbase does not provide a sieve pam file |
247 |
+ use managesieve && dosym imap /etc/pam.d/sieve |
248 |
+ sed -i -e \ |
249 |
+ 's/#!include auth-system.conf.ext/!include auth-system.conf.ext/' \ |
250 |
+ "${confd}/10-auth.conf" \ |
251 |
+ || die "failed to update PAM settings in 10-auth.conf" |
252 |
+ fi |
253 |
+ |
254 |
+ # Disable ipv6 if necessary |
255 |
+ if ! use ipv6; then |
256 |
+ sed -i -e 's/^#listen = \*, ::/listen = \*/g' "${conf}" \ |
257 |
+ || die "failed to update listen settings in dovecot.conf" |
258 |
+ fi |
259 |
+ |
260 |
+ # Update ssl cert locations |
261 |
+ sed -i -e 's:^#ssl = yes:ssl = yes:' "${confd}/10-ssl.conf" \ |
262 |
+ || die "ssl conf failed" |
263 |
+ sed -i -e 's:^ssl_cert =.*:ssl_cert = </etc/ssl/dovecot/server.pem:' \ |
264 |
+ -e 's:^ssl_key =.*:ssl_key = </etc/ssl/dovecot/server.key:' \ |
265 |
+ "${confd}/10-ssl.conf" || die "failed to update SSL settings in 10-ssl.conf" |
266 |
+ |
267 |
+ # Install SQL configuration |
268 |
+ if use mysql || use postgres; then |
269 |
+ sed -i -e \ |
270 |
+ 's/#!include auth-sql.conf.ext/!include auth-sql.conf.ext/' \ |
271 |
+ "${confd}/10-auth.conf" || die "failed to update SQL settings in \ |
272 |
+ 10-auth.conf" |
273 |
+ fi |
274 |
+ |
275 |
+ # Install LDAP configuration |
276 |
+ if use ldap; then |
277 |
+ sed -i -e \ |
278 |
+ 's/#!include auth-ldap.conf.ext/!include auth-ldap.conf.ext/' \ |
279 |
+ "${confd}/10-auth.conf" \ |
280 |
+ || die "failed to update ldap settings in 10-auth.conf" |
281 |
+ fi |
282 |
+ |
283 |
+ if use vpopmail; then |
284 |
+ sed -i -e \ |
285 |
+ 's/#!include auth-vpopmail.conf.ext/!include auth-vpopmail.conf.ext/' \ |
286 |
+ "${confd}/10-auth.conf" \ |
287 |
+ || die "failed to update vpopmail settings in 10-auth.conf" |
288 |
+ fi |
289 |
+ |
290 |
+ if use sieve || use managesieve ; then |
291 |
+ cd "../dovecot-${major_minor}-pigeonhole-${sieve_version}" || die "cd failed" |
292 |
+ emake DESTDIR="${ED}" install |
293 |
+ sed -i -e \ |
294 |
+ 's/^[[:space:]]*#mail_plugins = $mail_plugins/mail_plugins = sieve/' "${confd}/15-lda.conf" \ |
295 |
+ || die "failed to update sieve settings in 15-lda.conf" |
296 |
+ rm -rf "${ED}"/usr/share/doc/dovecot |
297 |
+ docinto example-config/conf.d |
298 |
+ dodoc doc/example-config/conf.d/*.conf |
299 |
+ insinto /etc/dovecot/conf.d |
300 |
+ doins doc/example-config/conf.d/90-sieve{,-extprograms}.conf |
301 |
+ use managesieve && doins doc/example-config/conf.d/20-managesieve.conf |
302 |
+ docinto sieve/rfc |
303 |
+ dodoc doc/rfc/*.txt |
304 |
+ docinto sieve/devel |
305 |
+ dodoc doc/devel/DESIGN |
306 |
+ docinto plugins |
307 |
+ dodoc doc/plugins/*.txt |
308 |
+ docinto extensions |
309 |
+ dodoc doc/extensions/*.txt |
310 |
+ docinto locations |
311 |
+ dodoc doc/locations/*.txt |
312 |
+ doman doc/man/*.{1,7} |
313 |
+ fi |
314 |
+ |
315 |
+ use static-libs || find "${ED}"/usr/lib* -name '*.la' -delete |
316 |
+} |
317 |
+ |
318 |
+pkg_postinst() { |
319 |
+ # Let's not make a new certificate if we already have one |
320 |
+ if ! [[ -e "${ROOT}"/etc/ssl/dovecot/server.pem && \ |
321 |
+ -e "${ROOT}"/etc/ssl/dovecot/server.key ]]; then |
322 |
+ einfo "Creating SSL certificate" |
323 |
+ SSL_ORGANIZATION="${SSL_ORGANIZATION:-Dovecot IMAP Server}" |
324 |
+ install_cert /etc/ssl/dovecot/server |
325 |
+ fi |
326 |
+ |
327 |
+ elog "Please read http://wiki2.dovecot.org/Upgrading/ for upgrade notes." |
328 |
+} |