head 1.4; access; symbols pkgsrc-2013Q2:1.4.0.34 pkgsrc-2013Q2-base:1.4 pkgsrc-2012Q4:1.4.0.32 pkgsrc-2012Q4-base:1.4 pkgsrc-2011Q4:1.4.0.30 pkgsrc-2011Q4-base:1.4 pkgsrc-2011Q2:1.4.0.28 pkgsrc-2011Q2-base:1.4 pkgsrc-2009Q4:1.4.0.26 pkgsrc-2009Q4-base:1.4 pkgsrc-2008Q4:1.4.0.24 pkgsrc-2008Q4-base:1.4 pkgsrc-2008Q3:1.4.0.22 pkgsrc-2008Q3-base:1.4 cube-native-xorg:1.4.0.20 cube-native-xorg-base:1.4 pkgsrc-2008Q2:1.4.0.18 pkgsrc-2008Q2-base:1.4 pkgsrc-2008Q1:1.4.0.16 pkgsrc-2008Q1-base:1.4 pkgsrc-2007Q4:1.4.0.14 pkgsrc-2007Q4-base:1.4 pkgsrc-2007Q3:1.4.0.12 pkgsrc-2007Q3-base:1.4 pkgsrc-2007Q2:1.4.0.10 pkgsrc-2007Q2-base:1.4 pkgsrc-2007Q1:1.4.0.8 pkgsrc-2007Q1-base:1.4 pkgsrc-2006Q4:1.4.0.6 pkgsrc-2006Q4-base:1.4 pkgsrc-2006Q3:1.4.0.4 pkgsrc-2006Q3-base:1.4 pkgsrc-2006Q2:1.4.0.2 pkgsrc-2006Q2-base:1.4 pkgsrc-2006Q1:1.3.0.2 pkgsrc-2006Q1-base:1.3 pkgsrc-2005Q4:1.2.0.16 pkgsrc-2005Q4-base:1.2 pkgsrc-2005Q3:1.2.0.14 pkgsrc-2005Q3-base:1.2 pkgsrc-2005Q2:1.2.0.12 pkgsrc-2005Q2-base:1.2 pkgsrc-2005Q1:1.2.0.10 pkgsrc-2005Q1-base:1.2 pkgsrc-2004Q4:1.2.0.8 pkgsrc-2004Q4-base:1.2 pkgsrc-2004Q3:1.2.0.6 pkgsrc-2004Q3-base:1.2 pkgsrc-2004Q2:1.2.0.4 pkgsrc-2004Q2-base:1.2 pkgsrc-2004Q1:1.2.0.2 pkgsrc-2004Q1-base:1.2 pkgsrc-2003Q4:1.1.0.2 pkgsrc-2003Q4-base:1.1; locks; strict; comment @# @; 1.4 date 2006.04.04.09.38.46; author ghen; state dead; branches 1.4.6.1; next 1.3; 1.3 date 2006.02.12.02.47.32; author grant; state Exp; branches 1.3.2.1; next 1.2; 1.2 date 2003.12.09.04.06.37; author xtraeme; state dead; branches; next 1.1; 1.1 date 2003.11.02.17.24.07; author salo; state Exp; branches; next ; 1.4.6.1 date 2007.04.03.16.58.21; author salo; state Exp; branches; next ; 1.3.2.1 date 2006.05.15.16.08.41; author salo; state dead; branches; next ; desc @@ 1.4 log @Update Dovecot from 1.0beta3 to 1.0beta5. The beta4 release had SSL issues which were fixed again in beta5. patch-ac and patch-ad were taken from CVS and are not needed anymore. Changes in Dovecot 1.0beta4: * Changed the default lock_method back to fcntl. Apparently flock gives problems with some systems. * mbox: mailboxes beginning with '.' are now also listed * Replaced mail_use_modules and mail_modules settings with mail_plugins and mail_plugin_dir. Now instead of loading all plugins from the directory, you'll have to give a list of plugins to load. If the plugin couldn't be loaded, the process exits instead of just ignoring the problem (this is important with ACL plugin). + Added support for "master users" who can log in as other people. The master username can be given either in authorization ID string with SASL PLAIN mechanism or by setting auth_master_user_separator and giving it within the normal username string. + Added ACL plugin with ACL file backend. This however doesn't mean that there yet exists a proper shared folder support. If master user logged in as someone else, the ACLs are checked as the master user. + Added some Dovecot extensions to checkpassword passdb, see ChangeLog + Updated passwd-file format to allow specifying any key=value fields + Maildir++ quota support and several quota fixes + passdb supporting extra fields: Added "allow_nets" option which takes a comma separated list of IPs/networks where to allow user to log in. + NFS: Handle ESTALE errors the best way we can + IMAP now writes to log when client disconnects + In shared mailboxes (if dovecot-shared file exists) \Seen flags are now kept only in index files, so as long as each user has a separate index file they have separate \Seen flags. - Fixes to DIGEST-MD5 realm handling so it works with more clients - BODYSTRUCTURE -> BODY conversion from cache file was broken with mails containing message/rfc822 parts. - Fixed several memory leaks - We could have sent client FETCH notifications about messages before telling about them with EXISTS - Compiling fixes for Solaris and some other OSes - Fixed problem with internal timeout handling code, which caused eg. outlook-idle workaround to break. - If /dev/urandom didn't exist, we didn't seed OpenSSL's random number generator properly. Patch by Vilmos Nebehaj. - Maildir: Recent flags weren't always immediately removed from mails when mailbox was opened. - Several changes to SSL proxying code, hopefully making it work better. Changes in Dovecot 1.0beta5: - Beta4's SSL proxying rewrite worked worse than I thought. Reverted it back to original code. - Filesystem quota plugin now looks up the mount path correctly. @ text @$NetBSD: patch-ad,v 1.3 2006/02/12 02:47:32 grant Exp $ --- src/lib-sql/Makefile.in.orig 2006-02-08 21:13:53.000000000 +1100 +++ src/lib-sql/Makefile.in @@@@ -470,12 +470,16 @@@@ sql-drivers-register.c: Makefile echo '/* this file automatically generated by Makefile */' >$@@ echo '#include "lib.h"' >>$@@ echo '#include "sql-api.h"' >>$@@ - for i in $(sql_drivers) ; do \ + for i in $(sql_drivers) null; do \ + if [ "$${i}" != "null" ]; then \ echo "extern struct sql_db driver_$${i}_db;" >>$@@ ; \ + fi \ done echo 'void sql_drivers_register_all(void) {' >>$@@ - for i in $(sql_drivers) ; do \ + for i in $(sql_drivers) null; do \ + if [ "$${i}" != "null" ]; then \ echo "sql_driver_register(&driver_$${i}_db);" >>$@@ ; \ + fi \ done echo '}' >>$@@ @ 1.4.6.1 log @Pullup ticket 2061 - requested by ghen security fix for dovecot Updated via patch provided by the submitter. http://dovecot.org/list/dovecot-cvs/2007-March/008488.html @ text @d1 1 a1 1 $NetBSD$ d3 20 a22 20 Security fix taken from dovecot-1.0rc29: http://www.dovecot.org/list/dovecot-news/2007-March/000038.html --- src/lib-storage/index/mbox/mbox-storage.c.orig 2007-04-01 13:32:47.000000000 +0200 +++ src/lib-storage/index/mbox/mbox-storage.c @@@@ -706,6 +706,11 @@@@ mbox_mailbox_open(struct mail_storage *_ mail_storage_clear_error(_storage); + if (!mbox_is_valid_existing_name(_storage, name)) { + mail_storage_set_error(_storage, "Invalid mailbox name"); + return NULL; + } + if (input != NULL) return mbox_mailbox_open_stream(storage, name, input, flags); @@@@ -716,11 +721,6 @@@@ mbox_mailbox_open(struct mail_storage *_ return mbox_open(storage, "INBOX", flags); } a23 8 - if (!mbox_is_valid_existing_name(_storage, name)) { - mail_storage_set_error(_storage, "Invalid mailbox name"); - return NULL; - } - path = mbox_get_path(istorage, name); if (stat(path, &st) == 0) { if (S_ISDIR(st.st_mode)) { @ 1.3 log @- add kqueue option (off by default - perhaps it should be on by default at the next version bump?) - set SSL_{CFLAGS,LIBS} when calling configure script so they are found correctly on Solaris, and make the configure script do what it claims and ignore pkg-config when these are set. - add lib-sql Makefile patch from Dovecot CVS so this builds correctly when no SQL auth support is built. @ text @d1 1 a1 1 $NetBSD$ @ 1.3.2.1 log @Pullup ticket 1585 - requested by ghen security update for dovecot Revisions pulled up: - pkgsrc/mail/dovecot/Makefile 1.47, 1.48, 1.49, 1.51 - pkgsrc/mail/dovecot/PLIST 1.9, 1.10 - pkgsrc/mail/dovecot/distinfo 1.26, 1.27, 1.28, 1.29 - pkgsrc/mail/dovecot/patches/patch-aa 1.6 - pkgsrc/mail/dovecot/patches/patch-ab 1.12 - pkgsrc/mail/dovecot/patches/patch-ac removed - pkgsrc/mail/dovecot/patches/patch-ad removed - pkgsrc/mail/dovecot/patches/patch-ae removed Module Name: pkgsrc Committed By: ghen Date: Tue Apr 4 09:38:46 UTC 2006 Modified Files: pkgsrc/mail/dovecot: Makefile PLIST distinfo pkgsrc/mail/dovecot/patches: patch-aa patch-ab Removed Files: pkgsrc/mail/dovecot/patches: patch-ac patch-ad patch-ae Log Message: Update Dovecot from 1.0beta3 to 1.0beta5. The beta4 release had SSL issues which were fixed again in beta5. patch-ac and patch-ad were taken from CVS and are not needed anymore. Changes in Dovecot 1.0beta4: * Changed the default lock_method back to fcntl. Apparently flock gives problems with some systems. * mbox: mailboxes beginning with '.' are now also listed * Replaced mail_use_modules and mail_modules settings with mail_plugins and mail_plugin_dir. Now instead of loading all plugins from the directory, you'll have to give a list of plugins to load. If the plugin couldn't be loaded, the process exits instead of just ignoring the problem (this is important with ACL plugin). + Added support for "master users" who can log in as other people. The master username can be given either in authorization ID string with SASL PLAIN mechanism or by setting auth_master_user_separator and giving it within the normal username string. + Added ACL plugin with ACL file backend. This however doesn't mean that there yet exists a proper shared folder support. If master user logged in as someone else, the ACLs are checked as the master user. + Added some Dovecot extensions to checkpassword passdb, see ChangeLog + Updated passwd-file format to allow specifying any key=value fields + Maildir++ quota support and several quota fixes + passdb supporting extra fields: Added "allow_nets" option which takes a comma separated list of IPs/networks where to allow user to log in. + NFS: Handle ESTALE errors the best way we can + IMAP now writes to log when client disconnects + In shared mailboxes (if dovecot-shared file exists) \Seen flags are now kept only in index files, so as long as each user has a separate index file they have separate \Seen flags. - Fixes to DIGEST-MD5 realm handling so it works with more clients - BODYSTRUCTURE -> BODY conversion from cache file was broken with mails containing message/rfc822 parts. - Fixed several memory leaks - We could have sent client FETCH notifications about messages before telling about them with EXISTS - Compiling fixes for Solaris and some other OSes - Fixed problem with internal timeout handling code, which caused eg. outlook-idle workaround to break. - If /dev/urandom didn't exist, we didn't seed OpenSSL's random number generator properly. Patch by Vilmos Nebehaj. - Maildir: Recent flags weren't always immediately removed from mails when mailbox was opened. - Several changes to SSL proxying code, hopefully making it work better. Changes in Dovecot 1.0beta5: - Beta4's SSL proxying rewrite worked worse than I thought. Reverted it back to original code. - Filesystem quota plugin now looks up the mount path correctly. --- Module Name: pkgsrc Committed By: xtraeme Date: Wed Apr 12 18:19:16 UTC 2006 Modified Files: pkgsrc/mail/dovecot: Makefile distinfo Log Message: Update to 1.0beta6: v1.0.beta6 2006-04-12 * The login and master usernames were reversed when using master_user_separator (now the order is UW-IMAP compatible). * Killing dovecot master process now kills all IMAP and POP3 processes also. + -a parameter to dovecot prints now all settings that Dovecot uses. -n prints all settings that are different from defaults. + Added pop3_lock_session setting + %M modifier returns string's MD5 sum. Patch by Ben Winslow - PLAIN SASL authentication wasn't working properly, causing failed logins with some clients (broken in beta4) - Fixes to Maildir++ quota, should actually work now - Don't crash if passwd-file has entries without passwords (eg. deny=yes databases) - Fixed prefetch userdb to work nicely with other userdbs - If master process runs out of file descriptors, don't go to infinite loop (unlikely to have happened unless the OS's default fd limit was too low) - Fixed non-plaintext password lookups from LDAP. Patch by Lior Okman - %U modifier was actually lowercasing the string. Patch by Ben Winslow --- Module Name: pkgsrc Committed By: ghen Date: Fri Apr 14 19:01:53 UTC 2006 Modified Files: pkgsrc/mail/dovecot: Makefile distinfo Log Message: Update dovecot to 1.0beta7: + Added shutdown_clients setting to control if existing imap/pop3 processes should be killed when master is. - Master login fixes, PLAIN authentication was still broken.. --- Module Name: pkgsrc Committed By: grant Date: Fri May 12 11:02:48 UTC 2006 Modified Files: pkgsrc/mail/dovecot: Makefile distinfo Log Message: update dovecot to 1.0beta8. changes since 1.0beta7: * Fixed a security hole with mbox: "1 LIST .. *" command could list all directories and files under the mbox root directory, so if your mails were stored in eg. /var/mail/%u/ directory, the command would list everything under /var/mail. + Unless nfs_check=no or mmap_disable=yes, check for the first login if the user's index directory exists in NFS mount. If so, refuse to run. This is done only on first login to avoid constant extra overhead. + If we have plugins set and imap_capability unset, figure out the IMAP capabilities automatically by running imap binary at startup. The generated capability list isn't updated until Dovecot is restarted completely, so if you add or remove IMAP plugins you should restart. If you have problems related to this, set imap_capabilities setting manually to work around it. + Added auth_username_format setting - pop3_lock_session setting wasn't really working - Lots of fixes related to quota handling. It's still not working perfectly though. - Lots of index handling fixes, especially with mmap_disable=yes - Maildir: saving mails could have sometimes caused "Append with UID n, but next_uid = m" errors - flock() locking never timeouted because ignoring SIGALRM caused the system call just to be restarted when SIGALRM occurred (probably not with all OSes though?) - kqueue: Fixed "Unrecognized event". Patch by Vaclav Haisman --- Module Name: pkgsrc Committed By: jwise Date: Fri May 12 15:47:39 UTC 2006 Modified Files: pkgsrc/mail/dovecot: PLIST Log Message: Fix missing file (lib/dovecot/pop3/lib01_quota_plugin.so) in PLIST. @ text @d1 1 a1 1 $NetBSD: patch-ad,v 1.3 2006/02/12 02:47:32 grant Exp $ @ 1.2 log @Update to 0.99.10.4 provided by Charlie Allom in PR pkg/23696. Changes: v0.99.10.4 2003-11-24 Timo Sirainen - Fixed reference counters in imap-login and pop3-login. IMAP AUTHENTICATE and POP3 AUTH commands could have left the process stuck doing nothing forever. v0.99.10.3 2003-11-24 Timo Sirainen - FETCH RFC822.HEADER returned message body as well - SUBSCRIBE broke subscription lists - LIST code rewritten, children flags should be correct now - SORT and THREAD could have given invalid replies - Partial BODY[...] fetches might have returned wrong data or at least performed worse than was necessary v0.99.10.1 2003-11-10 Timo Sirainen * mbox: \Draft and \Deleted flags used opposite flag chars in X-Status header. We were incompatible with other mbox accessing software. WARNING: Upgrading from previous version doesn't automatically swap the flags, so be careful not to accidentally expunge messages that had their \Draft flag changed to \Deleted. * Configuration file changes: - Whitespace at end of line is stripped, use quotes if you need it - # comments are supported after key=value lines. if you need '#' character, quote the value - Both " and ' quotes are supported. If you need to use them, '\' can be used for escaping. - mbox: COPY into same mailbox didn't work and could have corrupted the mailbox - Using Dovecot without index files would crash after using a while - Partial BODY[header] or BODY[part] fetches were buggy if client requested more data than was available in the header/part. - Partial BODY[...] fetches were buggy with messages that had CRLFs - Some BODY and BODYSTRUCTURE replies missed data for message/rfc822 MIME parts causing clients to break - SORT (SUBJECT) was buggy - Timezone fixes with Date-header This also includes Joshua Goodall's patch (now in the CVS tree) for CRAM-MD5 for the -release tag. @ text @d1 1 a1 1 $NetBSD: patch-ad,v 1.1 2003/11/02 17:24:07 salo Exp $ d3 20 a22 5 --- src/imap/imap-fetch-body-section.c 21 Sep 2003 16:21:36 -0000 1.18 +++ src/imap/imap-fetch-body-section.c 3 Oct 2003 14:36:03 -0000 @@@@ -73,6 +73,18 @@@@ return cr_skipped; } a23 98 +static uoff_t get_send_size(const struct imap_fetch_body_data *body, + uoff_t max_size) +{ + uoff_t size; + + if (body->skip >= max_size) + return 0; + + size = max_size - body->skip; + return size <= body->max_size ? size : body->max_size; +} + /* fetch BODY[] or BODY[TEXT] */ static int fetch_body(struct imap_fetch_context *ctx, const struct imap_fetch_body_data *body, @@@@ -82,7 +94,7 @@@@ struct istream *stream; const char *str; int skip_cr, last_cr; - uoff_t size; + uoff_t send_size; off_t ret; stream = mail->get_stream(mail, &hdr_size, &body_size); @@@@ -92,13 +104,8 @@@@ if (fetch_header) message_size_add(&body_size, &hdr_size); - if (body->skip >= body_size.virtual_size) - size = 0; - else { - size = body_size.virtual_size - body->skip; - if (size > body->max_size) size = body->max_size; - } - str = t_strdup_printf("%s {%"PRIuUOFF_T"}\r\n", ctx->prefix, size); + send_size = get_send_size(body, body_size.virtual_size); + str = t_strdup_printf("%s {%"PRIuUOFF_T"}\r\n", ctx->prefix, send_size); if (o_stream_send_str(ctx->output, str) < 0) return FALSE; @@@@ -108,7 +115,7 @@@@ body->skip); ret = message_send(ctx->output, stream, &body_size, - skip_cr, body->max_size, &last_cr, + skip_cr, send_size, &last_cr, !mail->has_no_nuls); if (ret > 0) { partial.cr_skipped = last_cr != 0; @@@@ -297,15 +304,16 @@@@ const char *str; const void *data; size_t data_size; - uoff_t start_offset; + uoff_t start_offset, send_size; int failed; /* HEADER, MIME, HEADER.FIELDS (list), HEADER.FIELDS.NOT (list) */ if (strcmp(header_section, "HEADER") == 0) { /* all headers */ + send_size = get_send_size(body, size->virtual_size); str = t_strdup_printf("%s {%"PRIuUOFF_T"}\r\n", - ctx->prefix, size->virtual_size); + ctx->prefix, send_size); if (o_stream_send_str(ctx->output, str) < 0) return FALSE; return message_send(ctx->output, input, size, @@@@ -453,16 +461,11 @@@@ { const char *str; int skip_cr, last_cr; - uoff_t size; + uoff_t send_size; off_t ret; - if (body->skip >= part->body_size.virtual_size) - size = 0; - else { - size = part->body_size.virtual_size - body->skip; - if (size > body->max_size) size = body->max_size; - } - str = t_strdup_printf("%s {%"PRIuUOFF_T"}\r\n", ctx->prefix, size); + send_size = get_send_size(body, part->body_size.virtual_size); + str = t_strdup_printf("%s {%"PRIuUOFF_T"}\r\n", ctx->prefix, send_size); if (o_stream_send_str(ctx->output, str) < 0) return FALSE; @@@@ -470,8 +473,7 @@@@ &partial, stream, part->physical_pos + part->header_size.physical_size, body->skip); ret = message_send(ctx->output, stream, &part->body_size, - skip_cr, body->max_size, &last_cr, - !mail->has_no_nuls); + skip_cr, send_size, &last_cr, !mail->has_no_nuls); if (ret > 0) { partial.cr_skipped = last_cr != 0; partial.pos.physical_size = @ 1.1 log @PKGREVISION++ - Some partial BODY[part] fetches may have returned data incorrectly, patch-ad fixes it. @ text @d1 1 a1 1 $NetBSD$ @