1 |
commit: 70f2fdc89da5a570aae72e37278b3c9ceed1978e |
2 |
Author: Eray Aslan <eras <AT> gentoo <DOT> org> |
3 |
AuthorDate: Thu Aug 29 05:35:39 2019 +0000 |
4 |
Commit: Eray Aslan <eras <AT> gentoo <DOT> org> |
5 |
CommitDate: Thu Aug 29 05:39:28 2019 +0000 |
6 |
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=70f2fdc8 |
7 |
|
8 |
net-mail/dovecot: security bump bug 692572 |
9 |
|
10 |
Package-Manager: Portage-2.3.73, Repoman-2.3.17 |
11 |
Signed-off-by: Eray Aslan <eras <AT> gentoo.org> |
12 |
|
13 |
net-mail/dovecot/Manifest | 2 + |
14 |
net-mail/dovecot/dovecot-2.2.36.4.ebuild | 287 +++++++++++++++++++++++++++++++ |
15 |
2 files changed, 289 insertions(+) |
16 |
|
17 |
diff --git a/net-mail/dovecot/Manifest b/net-mail/dovecot/Manifest |
18 |
index c6388399c32..0a46bd2e538 100644 |
19 |
--- a/net-mail/dovecot/Manifest |
20 |
+++ b/net-mail/dovecot/Manifest |
21 |
@@ -1,5 +1,7 @@ |
22 |
DIST dovecot-2.2-pigeonhole-0.4.24.1.tar.gz 1810959 BLAKE2B f24b28dc7422ea4f379e372adf33ebbf7cbb146d55b01dbf40580767a14adf695b0a2726f591c0c34436bd93a8b48ee8a8c4307fffc6b082d9c028ce93e29a0a SHA512 99af8a1f4588d821c7000133c5c173ab05640d3411b826a0978db2d60c9a59d5b330ca2d38aa25aa1163f6d1b669dc97b8303e2bceda554f67d0029d5d0b34fd |
23 |
+DIST dovecot-2.2-pigeonhole-0.4.24.2.tar.gz 1833284 BLAKE2B bee45fd129aee3d5126bd48b27829e7e266a5c1043411b6b23655bbf32e2f684763b82bff476a954bf7f0c7aae4e038c0892be70776726c7b324e409a8f89d78 SHA512 a51de88bcbac83ced7d314a560bd44f119dd80bf58f350da522501f072c0a4c02ff8c11152e2b858f14bb8ca9a9b665960cbe37a0c8ef4600b430e65ddbf3bf4 |
24 |
DIST dovecot-2.2.36.3.tar.gz 6270735 BLAKE2B 90bd6f7cd3769040215f574bb368c1ad835041fff54273e2477be2d2e057c1700472b08a24ed3a7cad469bd39449d94986bc6801373bb97a63975ddbb54cefa5 SHA512 47611dbde7ee854ad323dcdb726757c7172376761fa774f28fce3f9d74ed590319d812f0555abed5f8178c326c3cb7661ac0b708ca5982914e255cec60f72e35 |
25 |
+DIST dovecot-2.2.36.4.tar.gz 6257899 BLAKE2B 3260e96f369e85f2dfd5ece0d9b12902c7192d057369e8a151cc6ab7b4f2033d4e1029fb862d412f2837fd384d7fe729cf1ab15cac9ac335e943bb1fdb532b51 SHA512 e33ab2f6c5f7b4ffca3d57580329f1df8e1655c755a1a6b575a4e49d57ea94d1ab67df2419033c9d68acf5959c6edfa596815dc2bc43798e9aef3d17d271cc4d |
26 |
DIST dovecot-2.3-pigeonhole-0.5.6.tar.gz 1854287 BLAKE2B a26edf2a298d8c3de0d9977d56583bd2e0933495c5f554871a38d7b9e31701ebf3587d221c5ec398721a9c34816918c41b069de39c13f879334f9776fede1a17 SHA512 998a046d2eb5ff7bba615fd1a3efdfb1e7e1dabf191257f7fa2882074acc1735a0a4c11c5f31bab1e964b0118f1a8e9e51b3d5529b8fff6d1312c9a8257d9c20 |
27 |
DIST dovecot-2.3-pigeonhole-0.5.7.1.tar.gz 1857291 BLAKE2B 09763c87099ac50fbe86870855b100379a9b2a72d6077438bbf1f76ff3aed162ad781be27e6587a9742819137f6636f142a220f3b46d3c46115b10cbf4cb2efc SHA512 121eac4ad8bc1ddc55c554d00338bb553590b6aedffcb11e34f6cba102d59bd34580cb7218bd5fe820038c004d12db73f7a27ca135c3d4a12c4449bae3216355 |
28 |
DIST dovecot-2.3-pigeonhole-0.5.7.2.tar.gz 1857602 BLAKE2B 8de6200bb1ca99d25b48c963c007e9fda07e21f0708d4542e497985a61c07270febd8f29171d607c4025f4651c2ef17d84447a789ebad896c55aa36ec2cd876c SHA512 7fc8d89ee31c8e8c16a9aeaeffb591f4188de36fc80e3a30a9ae10bc5acd7ea5d5d91e077fda566e61d588d9221ec53044ce17a9cc0c9c219dbe6824558a1d60 |
29 |
|
30 |
diff --git a/net-mail/dovecot/dovecot-2.2.36.4.ebuild b/net-mail/dovecot/dovecot-2.2.36.4.ebuild |
31 |
new file mode 100644 |
32 |
index 00000000000..b55489b6a01 |
33 |
--- /dev/null |
34 |
+++ b/net-mail/dovecot/dovecot-2.2.36.4.ebuild |
35 |
@@ -0,0 +1,287 @@ |
36 |
+# Copyright 1999-2019 Gentoo Authors |
37 |
+# Distributed under the terms of the GNU General Public License v2 |
38 |
+ |
39 |
+EAPI=6 |
40 |
+ |
41 |
+# do not add a ssl USE flag. ssl is mandatory |
42 |
+SSL_DEPS_SKIP=1 |
43 |
+inherit autotools eapi7-ver ssl-cert systemd user versionator |
44 |
+ |
45 |
+MY_P="${P/_/.}" |
46 |
+major_minor="$(ver_cut 1-2)" |
47 |
+sieve_version="0.4.24.2" |
48 |
+if [[ ${PV} == *_rc* ]] ; then |
49 |
+ rc_dir="rc/" |
50 |
+else |
51 |
+ rc_dir="" |
52 |
+fi |
53 |
+SRC_URI="https://dovecot.org/releases/${major_minor}/${rc_dir}${MY_P}.tar.gz |
54 |
+ sieve? ( |
55 |
+ https://pigeonhole.dovecot.org/releases/${major_minor}/${PN}-${major_minor}-pigeonhole-${sieve_version}.tar.gz |
56 |
+ ) |
57 |
+ managesieve? ( |
58 |
+ https://pigeonhole.dovecot.org/releases/${major_minor}/${PN}-${major_minor}-pigeonhole-${sieve_version}.tar.gz |
59 |
+ ) " |
60 |
+DESCRIPTION="An IMAP and POP3 server written with security primarily in mind" |
61 |
+HOMEPAGE="https://www.dovecot.org/" |
62 |
+ |
63 |
+SLOT="0" |
64 |
+LICENSE="LGPL-2.1 MIT" |
65 |
+KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~ppc ~ppc64 ~s390 ~sparc ~x86" |
66 |
+ |
67 |
+IUSE_DOVECOT_AUTH="kerberos ldap mysql pam postgres sqlite vpopmail" |
68 |
+IUSE_DOVECOT_COMPRESS="bzip2 lzma lz4 zlib" |
69 |
+IUSE_DOVECOT_OTHER="caps doc ipv6 libressl lucene managesieve selinux sieve solr static-libs suid tcpd textcat" |
70 |
+ |
71 |
+IUSE="${IUSE_DOVECOT_AUTH} ${IUSE_DOVECOT_STORAGE} ${IUSE_DOVECOT_COMPRESS} ${IUSE_DOVECOT_OTHER}" |
72 |
+ |
73 |
+DEPEND="bzip2? ( app-arch/bzip2 ) |
74 |
+ caps? ( sys-libs/libcap ) |
75 |
+ kerberos? ( virtual/krb5 ) |
76 |
+ ldap? ( net-nds/openldap ) |
77 |
+ lucene? ( >=dev-cpp/clucene-2.3 ) |
78 |
+ lzma? ( app-arch/xz-utils ) |
79 |
+ lz4? ( app-arch/lz4 ) |
80 |
+ mysql? ( dev-db/mysql-connector-c:0= ) |
81 |
+ pam? ( virtual/pam ) |
82 |
+ postgres? ( dev-db/postgresql:* !dev-db/postgresql[ldap,threads] ) |
83 |
+ selinux? ( sec-policy/selinux-dovecot ) |
84 |
+ solr? ( net-misc/curl dev-libs/expat ) |
85 |
+ sqlite? ( dev-db/sqlite:* ) |
86 |
+ !libressl? ( dev-libs/openssl:0 ) |
87 |
+ libressl? ( dev-libs/libressl ) |
88 |
+ tcpd? ( sys-apps/tcp-wrappers ) |
89 |
+ textcat? ( app-text/libexttextcat ) |
90 |
+ vpopmail? ( net-mail/vpopmail ) |
91 |
+ zlib? ( sys-libs/zlib ) |
92 |
+ virtual/libiconv |
93 |
+ dev-libs/icu:=" |
94 |
+ |
95 |
+RDEPEND="${DEPEND} |
96 |
+ net-mail/mailbase" |
97 |
+ |
98 |
+PATCHES=( |
99 |
+ "${FILESDIR}/${PN}-userdb-passwd-fix.patch" |
100 |
+) |
101 |
+ |
102 |
+pkg_setup() { |
103 |
+ if use managesieve && ! use sieve; then |
104 |
+ ewarn "managesieve USE flag selected but sieve USE flag unselected" |
105 |
+ ewarn "sieve USE flag will be turned on" |
106 |
+ fi |
107 |
+ # default internal user |
108 |
+ enewgroup dovecot 97 |
109 |
+ enewuser dovecot 97 -1 /dev/null dovecot |
110 |
+ # default login user |
111 |
+ enewuser dovenull -1 -1 /dev/null |
112 |
+ # add "mail" group for suid'ing. Better security isolation. |
113 |
+ if use suid; then |
114 |
+ enewgroup mail |
115 |
+ fi |
116 |
+} |
117 |
+ |
118 |
+src_prepare() { |
119 |
+ default |
120 |
+ # bug 657108 |
121 |
+ elibtoolize |
122 |
+} |
123 |
+ |
124 |
+src_configure() { |
125 |
+ local conf="" |
126 |
+ |
127 |
+ if use postgres || use mysql || use sqlite; then |
128 |
+ conf="${conf} --with-sql" |
129 |
+ fi |
130 |
+ |
131 |
+ # turn valgrind tests off. Bug #340791 |
132 |
+ VALGRIND=no econf \ |
133 |
+ --with-statedir="${EPREFIX}/var/lib/dovecot" \ |
134 |
+ --with-rundir="${EPREFIX}/run/dovecot" \ |
135 |
+ --with-moduledir="${EPREFIX}/usr/$(get_libdir)/dovecot" \ |
136 |
+ --without-stemmer \ |
137 |
+ --disable-rpath \ |
138 |
+ --with-icu \ |
139 |
+ --with-ssl \ |
140 |
+ --with-systemdsystemunitdir="$(systemd_get_systemunitdir)" \ |
141 |
+ $( use_with bzip2 bzlib ) \ |
142 |
+ $( use_with caps libcap ) \ |
143 |
+ $( use_with kerberos gssapi ) \ |
144 |
+ $( use_with ldap ) \ |
145 |
+ $( use_with lucene ) \ |
146 |
+ $( use_with lz4 ) \ |
147 |
+ $( use_with lzma ) \ |
148 |
+ $( use_with mysql ) \ |
149 |
+ $( use_with pam ) \ |
150 |
+ $( use_with postgres pgsql ) \ |
151 |
+ $( use_with sqlite ) \ |
152 |
+ $( use_with solr ) \ |
153 |
+ $( use_with tcpd libwrap ) \ |
154 |
+ $( use_with textcat ) \ |
155 |
+ $( use_with vpopmail ) \ |
156 |
+ $( use_with zlib ) \ |
157 |
+ $( use_enable static-libs static ) \ |
158 |
+ ${conf} |
159 |
+ |
160 |
+ if use sieve || use managesieve ; then |
161 |
+ # The sieve plugin needs this file to be build to determine the plugin |
162 |
+ # directory and the list of libraries to link to. |
163 |
+ emake dovecot-config |
164 |
+ cd "../dovecot-${major_minor}-pigeonhole-${sieve_version}" || die "cd failed" |
165 |
+ econf \ |
166 |
+ $( use_enable static-libs static ) \ |
167 |
+ --localstatedir="${EPREFIX}/var" \ |
168 |
+ --enable-shared \ |
169 |
+ --with-dovecot="${S}" \ |
170 |
+ $( use_with managesieve ) |
171 |
+ fi |
172 |
+} |
173 |
+ |
174 |
+src_compile() { |
175 |
+ default |
176 |
+ if use sieve || use managesieve ; then |
177 |
+ cd "../dovecot-${major_minor}-pigeonhole-${sieve_version}" || die "cd failed" |
178 |
+ emake CC="$(tc-getCC)" CFLAGS="${CFLAGS}" |
179 |
+ fi |
180 |
+} |
181 |
+ |
182 |
+src_test() { |
183 |
+ default |
184 |
+ if use sieve || use managesieve ; then |
185 |
+ cd "../dovecot-${major_minor}-pigeonhole-${sieve_version}" || die "cd failed" |
186 |
+ default |
187 |
+ fi |
188 |
+} |
189 |
+ |
190 |
+src_install () { |
191 |
+ default |
192 |
+ |
193 |
+ # insecure: |
194 |
+ # use suid && fperms u+s /usr/libexec/dovecot/deliver |
195 |
+ # better: |
196 |
+ if use suid;then |
197 |
+ einfo "Changing perms to allow deliver to be suided" |
198 |
+ fowners root:mail "${EPREFIX}/usr/libexec/dovecot/dovecot-lda" |
199 |
+ fperms 4750 "${EPREFIX}/usr/libexec/dovecot/dovecot-lda" |
200 |
+ fi |
201 |
+ |
202 |
+ newinitd "${FILESDIR}"/dovecot.init-r6 dovecot |
203 |
+ |
204 |
+ rm -rf "${ED}"/usr/share/doc/dovecot |
205 |
+ |
206 |
+ dodoc AUTHORS NEWS README TODO |
207 |
+ dodoc doc/*.{txt,cnf,xml,sh} |
208 |
+ docinto example-config |
209 |
+ dodoc doc/example-config/*.{conf,ext} |
210 |
+ docinto example-config/conf.d |
211 |
+ dodoc doc/example-config/conf.d/*.{conf,ext} |
212 |
+ docinto wiki |
213 |
+ dodoc doc/wiki/* |
214 |
+ doman doc/man/*.{1,7} |
215 |
+ |
216 |
+ # Create the dovecot.conf file from the dovecot-example.conf file that |
217 |
+ # the dovecot folks nicely left for us.... |
218 |
+ local conf="${ED}/etc/dovecot/dovecot.conf" |
219 |
+ local confd="${ED}/etc/dovecot/conf.d" |
220 |
+ |
221 |
+ insinto /etc/dovecot |
222 |
+ doins doc/example-config/*.{conf,ext} |
223 |
+ insinto /etc/dovecot/conf.d |
224 |
+ doins doc/example-config/conf.d/*.{conf,ext} |
225 |
+ fperms 0600 "${EPREFIX}"/etc/dovecot/dovecot-{ldap,sql}.conf.ext |
226 |
+ rm -f "${confd}/../README" |
227 |
+ |
228 |
+ # .maildir is the Gentoo default |
229 |
+ local mail_location="maildir:~/.maildir" |
230 |
+ sed -i -e \ |
231 |
+ "s|#mail_location =|mail_location = ${mail_location}|" \ |
232 |
+ "${confd}/10-mail.conf" \ |
233 |
+ || die "failed to update mail location settings in 10-mail.conf" |
234 |
+ |
235 |
+ # We're using pam files (imap and pop3) provided by mailbase |
236 |
+ if use pam; then |
237 |
+ sed -i -e '/driver = pam/,/^[ \t]*}/ s|#args = dovecot|args = "\*"|' \ |
238 |
+ "${confd}/auth-system.conf.ext" \ |
239 |
+ || die "failed to update PAM settings in auth-system.conf.ext" |
240 |
+ # mailbase does not provide a sieve pam file |
241 |
+ use managesieve && dosym imap /etc/pam.d/sieve |
242 |
+ sed -i -e \ |
243 |
+ 's/#!include auth-system.conf.ext/!include auth-system.conf.ext/' \ |
244 |
+ "${confd}/10-auth.conf" \ |
245 |
+ || die "failed to update PAM settings in 10-auth.conf" |
246 |
+ fi |
247 |
+ |
248 |
+ # Disable ipv6 if necessary |
249 |
+ if ! use ipv6; then |
250 |
+ sed -i -e 's/^#listen = \*, ::/listen = \*/g' "${conf}" \ |
251 |
+ || die "failed to update listen settings in dovecot.conf" |
252 |
+ fi |
253 |
+ |
254 |
+ # Update ssl cert locations |
255 |
+ sed -i -e 's:^#ssl = yes:ssl = yes:' "${confd}/10-ssl.conf" \ |
256 |
+ || die "ssl conf failed" |
257 |
+ sed -i -e 's:^ssl_cert =.*:ssl_cert = </etc/ssl/dovecot/server.pem:' \ |
258 |
+ -e 's:^ssl_key =.*:ssl_key = </etc/ssl/dovecot/server.key:' \ |
259 |
+ "${confd}/10-ssl.conf" || die "failed to update SSL settings in 10-ssl.conf" |
260 |
+ |
261 |
+ # Install SQL configuration |
262 |
+ if use mysql || use postgres; then |
263 |
+ sed -i -e \ |
264 |
+ 's/#!include auth-sql.conf.ext/!include auth-sql.conf.ext/' \ |
265 |
+ "${confd}/10-auth.conf" || die "failed to update SQL settings in \ |
266 |
+ 10-auth.conf" |
267 |
+ fi |
268 |
+ |
269 |
+ # Install LDAP configuration |
270 |
+ if use ldap; then |
271 |
+ sed -i -e \ |
272 |
+ 's/#!include auth-ldap.conf.ext/!include auth-ldap.conf.ext/' \ |
273 |
+ "${confd}/10-auth.conf" \ |
274 |
+ || die "failed to update ldap settings in 10-auth.conf" |
275 |
+ fi |
276 |
+ |
277 |
+ if use vpopmail; then |
278 |
+ sed -i -e \ |
279 |
+ 's/#!include auth-vpopmail.conf.ext/!include auth-vpopmail.conf.ext/' \ |
280 |
+ "${confd}/10-auth.conf" \ |
281 |
+ || die "failed to update vpopmail settings in 10-auth.conf" |
282 |
+ fi |
283 |
+ |
284 |
+ if use sieve || use managesieve ; then |
285 |
+ cd "../dovecot-${major_minor}-pigeonhole-${sieve_version}" || die "cd failed" |
286 |
+ emake DESTDIR="${ED}" install |
287 |
+ sed -i -e \ |
288 |
+ 's/^[[:space:]]*#mail_plugins = $mail_plugins/mail_plugins = sieve/' "${confd}/15-lda.conf" \ |
289 |
+ || die "failed to update sieve settings in 15-lda.conf" |
290 |
+ rm -rf "${ED}"/usr/share/doc/dovecot |
291 |
+ docinto example-config/conf.d |
292 |
+ dodoc doc/example-config/conf.d/*.conf |
293 |
+ insinto /etc/dovecot/conf.d |
294 |
+ doins doc/example-config/conf.d/90-sieve{,-extprograms}.conf |
295 |
+ use managesieve && doins doc/example-config/conf.d/20-managesieve.conf |
296 |
+ docinto sieve/rfc |
297 |
+ dodoc doc/rfc/*.txt |
298 |
+ docinto sieve/devel |
299 |
+ dodoc doc/devel/DESIGN |
300 |
+ docinto plugins |
301 |
+ dodoc doc/plugins/*.txt |
302 |
+ docinto extensions |
303 |
+ dodoc doc/extensions/*.txt |
304 |
+ docinto locations |
305 |
+ dodoc doc/locations/*.txt |
306 |
+ doman doc/man/*.{1,7} |
307 |
+ fi |
308 |
+ |
309 |
+ use static-libs || find "${ED}"/usr/lib* -name '*.la' -delete |
310 |
+} |
311 |
+ |
312 |
+pkg_postinst() { |
313 |
+ # Let's not make a new certificate if we already have one |
314 |
+ if ! [[ -e "${ROOT}"/etc/ssl/dovecot/server.pem && \ |
315 |
+ -e "${ROOT}"/etc/ssl/dovecot/server.key ]]; then |
316 |
+ einfo "Creating SSL certificate" |
317 |
+ SSL_ORGANIZATION="${SSL_ORGANIZATION:-Dovecot IMAP Server}" |
318 |
+ install_cert /etc/ssl/dovecot/server |
319 |
+ fi |
320 |
+ |
321 |
+ elog "Please read http://wiki2.dovecot.org/Upgrading/ for upgrade notes." |
322 |
+} |