dovecot23/dovecot23.spec

778 lines
27 KiB
RPMSpec
Raw Normal View History

#
# spec file for package dovecot23
#
# Copyright (c) 2023 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
# Please submit bugfixes or comments via https://bugs.opensuse.org/
#
Name: dovecot23
Version: 2.3.21
Release: 0
%define pkg_name dovecot
%define dovecot_version 2.3.21
%define dovecot_pigeonhole_version 0.5.21
%define dovecot_branch 2.3
%define dovecot_pigeonhole_source_dir %{pkg_name}-%{dovecot_branch}-pigeonhole-%{dovecot_pigeonhole_version}
%define dovecot_pigeonhole_docdir %{_docdir}/%{pkg_name}/dovecot-pigeonhole
%define restart_flag /var/run/%{pkg_name}/%{pkg_name}-restart-after-rpm-install
%if 0%{?suse_version} > 1230
%bcond_without systemd
%bcond_with textcat
%else
%bcond_with systemd
%bcond_with textcat
%endif
%bcond_without solr
%if 0%{?suse_version} > 1110
%bcond_without clucene
%bcond_without dcrypt_openssl
%bcond_without icu
%else
%bcond_with clucene
%bcond_with dcrypt_openssl
%bcond_with icu
%endif
%bcond_without sqlite
%if 0%{?suse_version} >= 1110
%bcond_without lzma
%else
%bcond_with lzma
%endif
%if 0%{?suse_version} >= 1320
%bcond_without argon
%bcond_without lz4
%else
%bcond_with argon
%bcond_with lz4
%endif
%if 0%{?suse_version} >= 1110
%bcond_without zstd
%else
%bcond_with zstd
%endif
BuildRoot: %{_tmppath}/%{name}-%{version}-build
BuildRequires: bison
BuildRequires: cyrus-sasl-devel
BuildRequires: flex
BuildRequires: libapparmor-devel
%if %{with icu}
BuildRequires: libicu-devel
%endif
BuildRequires: libtool
%if %{with lzma}
BuildRequires: xz-devel
%endif
%if %{with lz4}
BuildRequires: liblz4-devel
%endif
%if %{with zstd}
BuildRequires: libzstd-devel
%endif
%if %{with argon}
BuildRequires: libsodium-devel
%endif
%if 0%{?suse_version} >= 1520
BuildRequires: libmysqlclient-devel
%else
BuildRequires: mysql-devel
%endif
BuildRequires: openldap2-devel
BuildRequires: openssl-devel >= 1.0.1
BuildRequires: pam-devel
BuildRequires: pkgconfig
BuildRequires: postgresql-devel
BuildRequires: tcpd-devel
BuildRequires: zlib-devel
%if %{with sqlite}
BuildRequires: sqlite-devel > 3
%endif
%if %{with clucene}
BuildRequires: clucene-core-devel
BuildRequires: gcc-c++
%endif
%if 0%{?sles_version} == 9
BuildRequires: heimdal-devel
BuildRequires: libcap
%else
BuildRequires: krb5-devel
BuildRequires: libcap-devel
%endif
%if 0%{?suse_version} > 1020
BuildRequires: libbz2-devel
%endif
%if 0%{?suse_version} >= 1500
BuildRequires: lua53-devel
%else
BuildRequires: lua51-devel
%endif
%if %{with solr}
BuildRequires: curl-devel
BuildRequires: libexpat-devel
%endif
%if %{with textcat}
BuildRequires: libexttextcat-devel
%endif
%if %{with systemd}
BuildRequires: pkgconfig(systemd)
%{?systemd_ordering}
%define has_systemd 1
%endif
PreReq: %fillup_prereq
# bump requires on noarch package to the version which copies the files from /usr/share/dovecot/
Requires: dovecot >= 2.3
Conflicts: otherproviders(dovecot-implementation)
Provides: dovecot-implementation = %{version}-%{release}
%if 0%{?suse_version} >= 1010
Recommends: %{name}-backend-mysql = %{version}
Recommends: %{name}-backend-pgsql = %{version}
%if %{with sqlite}
Recommends: %{name}-backend-sqlite = %{version}
%endif
%endif
Recommends: %{name}-fts = %{version}
Recommends: %{name}-fts-squat = %{version}
Accepting request 876725 from home:stroeder:branches:server:mail - update to 2.3.14 and pigeonhole to 0.5.14 * removed obsolete fix-timeval_cmp_margin-for-32bit-systems.patch Dovecot 2.3.14 * Added new aliases for some variables. Usage of the old ones is possible, but discouraged. (These were partially added already to v2.3.13.) See https://doc.dovecot.org/configuration_manual/config_file/config_variables/ for more information. * Optimize imap/pop3/submission/managesieve proxies to use less CPU at the cost of extra memory usage. * Remove autocreate, expire, snarf and mail-filter plugins. * Remove cydir storage driver. * Remove XZ/LZMA write support. Read support will be removed in future release. * doveadm -D: Add timestamps to debug output even when LOG_STDERR_TIMESTAMP environment variable is not set. Timestamp format is taken from log_timestamp setting. * If BROKENCHAR or listescape plugin is used, the escaped folder names may be slightly different from before in some situations. This is unlikely to cause issues, although caching clients may redownload the folders. * imapc: It now enables BROKENCHAR=~ by default to escape remote folder names if necessary. This also means that if there are any '~' characters in the remote folder names, they will be visible as "~7e". * imapc: When using local index files folder names were escaped on filesystem a bit differently. This affects only if there are folder names that actually require escaping, which isn't so common. The old style folders will be automatically deleted from filesystem. * stats: Update exported metrics to be compliant with OpenMetrics standard. + doveadm: Add an optional '-p' parameter to metadata list command. If enabled, "/private", and "/shared" metadata prefixes will be prepended to the keys in the list output. + doveconf: Support environment variables in config files. See https://doc.dovecot.org/configuration_manual/config_file/config_file_syntax/#environment-variables for more details. + indexer-worker: Change indexer to disconnect from indexer-worker after each request. This allows service indexer-worker's service_count & idle_kill settings to work. These can be used to restart indexer-worker processes once in a while to reduce their memory usage. - auth: "nodelay" with various authentication mechanisms such as apop and digest-md5 crashed AUTH process if authentication failed. - auth: Auth lua script generating an error triggered an assertion failure: Panic: file db-lua.c: line 630 (auth_lua_call_password_verify): assertion failed: (lua_gettop(script->L) == 0). - configure: Fix libunwind detection to work on other than x86_64 systems. - doveadm-server: Process could crash if logging was done outside command handling. For example http-client could have done debug logging afterwards, resulting in either segfault or Panic: file http-client.c: line 642 (http_client_context_close): assertion failed: (cctx->clients_list == NULL). - dsync: Folder name escaping with BROKENCHAR didn't work completely correctly. This especially caused problems with dsync-migrations using imapc where some of the remote folder names may not have been accessible. - dsync: doveadm sync + imapc doesn't always sync all mails when doing an incremental sync (-1), which could lead to mail loss when it's used for migration. This happens only when GUIDs aren't used (i.e. imapc without imapc_features=guid-forced). - fts-tika: When tika server returns error, some mails cause Panic: file message-parser.c: line 802 (message_parser_deinit_from_parts): assertion failed: (ctx->nested_parts_count == 0 || i_stream_have_bytes_left(ctx->input)) - lib-imap: imapc parsing illegal BODYSTRUCTUREs with NILs could have resulted in crashes. This exposed that Dovecot was wrongly accepting atoms in "nstring" handling. Changed the IMAP parsing to be more strict about this now. - lib-index: If dovecot.index.cache has corrupted message size, fetching BODY/BODYSTRUCTURE may cause assert-crash: Panic: file index-mail.c: line 1140 (index_mail_parse_body_finish): assertion failed: (mail->data.parts != NULL). - lib-index: Minor error handling and race condition fixes related to rotating dovecot.index.log. These didn't usually cause problems, unless the log files were rotated rapidly. - lib-lua: Lua scripts using coroutines or lua libraries using coroutines (e.g., cqueues) panicked. - Message PREVIEW handled whitespace wrong so first space would get eaten from between words. - FTS and message PREVIEW (snippet) parsed HTML &entities case-sensitively. - lib-mail: When max nested MIME parts were reached, IMAP BODYSTRUCTURE was written in a way that may have caused confusion for IMAP clients and also Dovecot itself when parsing it. The truncated part is now written out using application/octet-stream MIME type. - lib-oauth2: HS512 and HS384 JWT token algorithms crash when you try to use them: Panic: file hmac.c: line 26 (hmac_init): assertion failed: (meth->context_size <= MAC_MAX_CONTEXT_SIZE). - event filters: NOT keyword did not have the correct associativity. NOT a AND b were getting parsed as NOT (a AND b) instead of (NOT a) AND b. - Ignore ECONNRESET when closing socket. This avoids logging useless errors on systems like FreeBSD. - event filters: event filter syntax error may lead to Panic: file event-filter.c: line 137 (event_filter_parse): assertion failed: (state.output == NULL) - lib: timeval_cmp_margin() was broken on 32-bit systems. This could potentially have caused HTTP timeouts to be handled incorrectly. - log: instance_name wasn't used as syslog ident by the log process. - master: After a service reached process_limit and client_limit, it could have taken up to 1 second to realize that more client connections became available. During this time client connections could have been unnecessarily rejected and a warning logged: Warning: service(...): process_limit (...) reached, client connections are being dropped - stats: Crash would occur when generating openmetrics data for metrics using aggregating functions. - stats: Event filters comparing against empty strings crash the stats process. Pigeonhole 0.5.14 * IMAP FILTER command: cmd-filter-sieve - Do not allow NIL as script name argument. OBS-URL: https://build.opensuse.org/request/show/876725 OBS-URL: https://build.opensuse.org/package/show/server:mail/dovecot23?expand=0&rev=92
2021-03-04 12:59:19 +01:00
URL: https://www.dovecot.org
Source: https://www.dovecot.org/releases/%{dovecot_branch}/%{pkg_name}-%{dovecot_version}.tar.gz
Source1: https://pigeonhole.dovecot.org/releases/%{dovecot_branch}/%{dovecot_pigeonhole_source_dir}.tar.gz
Source2: dovecot-rpmlintrc
Source3: dovecot-2.0.configfiles
Source4: dovecot-2.1.configfiles
Source5: dovecot-2.2.configfiles
Source6: dovecot-2.3.configfiles
Source7: dovecot-2.1-pigeonhole.configfiles
Source8: dovecot-2.2-pigeonhole.configfiles
Source9: dovecot-2.3-pigeonhole.configfiles
Accepting request 876725 from home:stroeder:branches:server:mail - update to 2.3.14 and pigeonhole to 0.5.14 * removed obsolete fix-timeval_cmp_margin-for-32bit-systems.patch Dovecot 2.3.14 * Added new aliases for some variables. Usage of the old ones is possible, but discouraged. (These were partially added already to v2.3.13.) See https://doc.dovecot.org/configuration_manual/config_file/config_variables/ for more information. * Optimize imap/pop3/submission/managesieve proxies to use less CPU at the cost of extra memory usage. * Remove autocreate, expire, snarf and mail-filter plugins. * Remove cydir storage driver. * Remove XZ/LZMA write support. Read support will be removed in future release. * doveadm -D: Add timestamps to debug output even when LOG_STDERR_TIMESTAMP environment variable is not set. Timestamp format is taken from log_timestamp setting. * If BROKENCHAR or listescape plugin is used, the escaped folder names may be slightly different from before in some situations. This is unlikely to cause issues, although caching clients may redownload the folders. * imapc: It now enables BROKENCHAR=~ by default to escape remote folder names if necessary. This also means that if there are any '~' characters in the remote folder names, they will be visible as "~7e". * imapc: When using local index files folder names were escaped on filesystem a bit differently. This affects only if there are folder names that actually require escaping, which isn't so common. The old style folders will be automatically deleted from filesystem. * stats: Update exported metrics to be compliant with OpenMetrics standard. + doveadm: Add an optional '-p' parameter to metadata list command. If enabled, "/private", and "/shared" metadata prefixes will be prepended to the keys in the list output. + doveconf: Support environment variables in config files. See https://doc.dovecot.org/configuration_manual/config_file/config_file_syntax/#environment-variables for more details. + indexer-worker: Change indexer to disconnect from indexer-worker after each request. This allows service indexer-worker's service_count & idle_kill settings to work. These can be used to restart indexer-worker processes once in a while to reduce their memory usage. - auth: "nodelay" with various authentication mechanisms such as apop and digest-md5 crashed AUTH process if authentication failed. - auth: Auth lua script generating an error triggered an assertion failure: Panic: file db-lua.c: line 630 (auth_lua_call_password_verify): assertion failed: (lua_gettop(script->L) == 0). - configure: Fix libunwind detection to work on other than x86_64 systems. - doveadm-server: Process could crash if logging was done outside command handling. For example http-client could have done debug logging afterwards, resulting in either segfault or Panic: file http-client.c: line 642 (http_client_context_close): assertion failed: (cctx->clients_list == NULL). - dsync: Folder name escaping with BROKENCHAR didn't work completely correctly. This especially caused problems with dsync-migrations using imapc where some of the remote folder names may not have been accessible. - dsync: doveadm sync + imapc doesn't always sync all mails when doing an incremental sync (-1), which could lead to mail loss when it's used for migration. This happens only when GUIDs aren't used (i.e. imapc without imapc_features=guid-forced). - fts-tika: When tika server returns error, some mails cause Panic: file message-parser.c: line 802 (message_parser_deinit_from_parts): assertion failed: (ctx->nested_parts_count == 0 || i_stream_have_bytes_left(ctx->input)) - lib-imap: imapc parsing illegal BODYSTRUCTUREs with NILs could have resulted in crashes. This exposed that Dovecot was wrongly accepting atoms in "nstring" handling. Changed the IMAP parsing to be more strict about this now. - lib-index: If dovecot.index.cache has corrupted message size, fetching BODY/BODYSTRUCTURE may cause assert-crash: Panic: file index-mail.c: line 1140 (index_mail_parse_body_finish): assertion failed: (mail->data.parts != NULL). - lib-index: Minor error handling and race condition fixes related to rotating dovecot.index.log. These didn't usually cause problems, unless the log files were rotated rapidly. - lib-lua: Lua scripts using coroutines or lua libraries using coroutines (e.g., cqueues) panicked. - Message PREVIEW handled whitespace wrong so first space would get eaten from between words. - FTS and message PREVIEW (snippet) parsed HTML &entities case-sensitively. - lib-mail: When max nested MIME parts were reached, IMAP BODYSTRUCTURE was written in a way that may have caused confusion for IMAP clients and also Dovecot itself when parsing it. The truncated part is now written out using application/octet-stream MIME type. - lib-oauth2: HS512 and HS384 JWT token algorithms crash when you try to use them: Panic: file hmac.c: line 26 (hmac_init): assertion failed: (meth->context_size <= MAC_MAX_CONTEXT_SIZE). - event filters: NOT keyword did not have the correct associativity. NOT a AND b were getting parsed as NOT (a AND b) instead of (NOT a) AND b. - Ignore ECONNRESET when closing socket. This avoids logging useless errors on systems like FreeBSD. - event filters: event filter syntax error may lead to Panic: file event-filter.c: line 137 (event_filter_parse): assertion failed: (state.output == NULL) - lib: timeval_cmp_margin() was broken on 32-bit systems. This could potentially have caused HTTP timeouts to be handled incorrectly. - log: instance_name wasn't used as syslog ident by the log process. - master: After a service reached process_limit and client_limit, it could have taken up to 1 second to realize that more client connections became available. During this time client connections could have been unnecessarily rejected and a warning logged: Warning: service(...): process_limit (...) reached, client connections are being dropped - stats: Crash would occur when generating openmetrics data for metrics using aggregating functions. - stats: Event filters comparing against empty strings crash the stats process. Pigeonhole 0.5.14 * IMAP FILTER command: cmd-filter-sieve - Do not allow NIL as script name argument. OBS-URL: https://build.opensuse.org/request/show/876725 OBS-URL: https://build.opensuse.org/package/show/server:mail/dovecot23?expand=0&rev=92
2021-03-04 12:59:19 +01:00
Source10: https://www.dovecot.org/releases/%{dovecot_branch}/%{pkg_name}-%{dovecot_version}.tar.gz.sig
Source11: https://pigeonhole.dovecot.org/releases/%{dovecot_branch}/%{dovecot_pigeonhole_source_dir}.tar.gz.sig
Source12: dovecot23.keyring
# PATCH-FIX-OPENSUSE - boo#932386
Patch0: dovecot-2.3.0-dont_use_etc_ssl_certs.patch
# PATCH-FIX-SLE - boo#854512
Patch1: dovecot-2.3.0-better_ssl_defaults.patch
# PATCH-FIX-OPENSUSE - boo#1207958
Patch2: fix-build-with-openssl-3.patch
# PATCH-FIX-UPSTREAM - https://github.com/dovecot/core/commit/f0c1cf42ea78d22e2674b03fe65f0ee6545c5b99
Patch3: fix-strict-aliasing.patch
Summary: IMAP and POP3 Server Written Primarily with Security in Mind
License: BSD-3-Clause AND LGPL-2.1-or-later AND MIT
Group: Productivity/Networking/Email/Servers
%description
Dovecot is an IMAP and POP3 server for Linux and UNIX-like systems,
written primarily with security in mind. Although it is written in C,
it uses several coding techniques to avoid most of the common pitfalls.
Dovecot can work with standard mbox and maildir formats and is fully
compatible with UW-IMAP and Courier IMAP servers as well as mail
clients accessing the mailboxes directly.
%package backend-mysql
Requires: %{name} = %{version}
Provides: dovecot-backend-mysql = %{version}-%{release}
Provides: dovecot_sql_backend = %{version}-%{release}
Conflicts: otherproviders(dovecot-backend-mysql)
Summary: MySQL support for Dovecot
Group: Productivity/Networking/Email/Servers
%description backend-mysql
Dovecot is an IMAP and POP3 server for Linux and UNIX-like systems,
written primarily with security in mind. Although it is written in C,
it uses several coding techniques to avoid most of the common pitfalls.
Dovecot can work with standard mbox and maildir formats and is fully
compatible with UW-IMAP and Courier IMAP servers as well as mail
clients accessing the mailboxes directly.
This package holds the files needed for MySQL support.
%package backend-pgsql
Requires: %{name} = %{version}
Provides: dovecot-backend-pgsql = %{version}-%{release}
Provides: dovecot_sql_backend = %{version}-%{release}
Conflicts: otherproviders(dovecot-backend-pgsql)
Summary: PostgreSQL support for Dovecot
Group: Productivity/Networking/Email/Servers
%description backend-pgsql
Dovecot is an IMAP and POP3 server for Linux and UNIX-like systems,
written primarily with security in mind. Although it is written in C,
it uses several coding techniques to avoid most of the common pitfalls.
Dovecot can work with standard mbox and maildir formats and is fully
compatible with UW-IMAP and Courier IMAP servers as well as mail
clients accessing the mailboxes directly.
This package holds the files needed for PostgreSQL support.
%if %{with sqlite}
%package backend-sqlite
Requires: %{name} = %{version}
Provides: dovecot-backend-sqlite = %{version}-%{release}
Provides: dovecot_sql_backend = %{version}-%{release}
Conflicts: otherproviders(dovecot-backend-sqlite)
Summary: SQLite support for Dovecot
Group: Productivity/Networking/Email/Servers
%description backend-sqlite
Dovecot is an IMAP and POP3 server for Linux and UNIX-like systems,
written primarily with security in mind. Although it is written in C,
it uses several coding techniques to avoid most of the common pitfalls.
Dovecot can work with standard mbox and maildir formats and is fully
compatible with UW-IMAP and Courier IMAP servers as well as mail
clients accessing the mailboxes directly.
This package holds the files needed for SQLite support.
%endif
%package fts
Requires: %{name} = %{version}
Summary: Fulltext search support base plugin
Group: Productivity/Networking/Email/Servers
%description fts
Dovecot is an IMAP and POP3 server for Linux and UNIX-like systems,
written primarily with security in mind. Although it is written in C,
it uses several coding techniques to avoid most of the common pitfalls.
Dovecot can work with standard mbox and maildir formats and is fully
compatible with UW-IMAP and Courier IMAP servers as well as mail
clients accessing the mailboxes directly.
This package holds the base plugin needed for fulltext search support
%package fts-squat
Requires: %{name} = %{version}
Requires: %{name}-fts = %{version}
Summary: Fulltext search support squat plugin
Group: Productivity/Networking/Email/Servers
%description fts-squat
Dovecot is an IMAP and POP3 server for Linux and UNIX-like systems,
written primarily with security in mind. Although it is written in C,
it uses several coding techniques to avoid most of the common pitfalls.
Dovecot can work with standard mbox and maildir formats and is fully
compatible with UW-IMAP and Courier IMAP servers as well as mail
clients accessing the mailboxes directly.
This package holds the files needed for fulltext search support squat plugin.
%if %{with clucene}
%package fts-lucene
Requires: %{name} = %{version}
Requires: %{name}-fts = %{version}
Provides: dovecot-fts-clucene = %{version}-%{release}
Provides: dovecot_fts_backend = %{version}-%{release}
Conflicts: otherproviders(dovecot-fts-clucene)
Summary: Fulltext search support via CLucene
Group: Productivity/Networking/Email/Servers
%description fts-lucene
Dovecot is an IMAP and POP3 server for Linux and UNIX-like systems,
written primarily with security in mind. Although it is written in C,
it uses several coding techniques to avoid most of the common pitfalls.
Dovecot can work with standard mbox and maildir formats and is fully
compatible with UW-IMAP and Courier IMAP servers as well as mail
clients accessing the mailboxes directly.
This package holds the files needed for fulltext search support via CLucene.
%endif
%if %{with solr}
%package fts-solr
Requires: %{name} = %{version}
Requires: %{name}-fts = %{version}
Provides: dovecot-fts-solr = %{version}-%{release}
Provides: dovecot_fts_backend = %{version}-%{release}
Conflicts: otherproviders(dovecot-fts-solr)
Summary: Fulltext search support via solr
Group: Productivity/Networking/Email/Servers
%description fts-solr
Dovecot is an IMAP and POP3 server for Linux and UNIX-like systems,
written primarily with security in mind. Although it is written in C,
it uses several coding techniques to avoid most of the common pitfalls.
Dovecot can work with standard mbox and maildir formats and is fully
compatible with UW-IMAP and Courier IMAP servers as well as mail
clients accessing the mailboxes directly.
This package holds the files needed for fulltext search support via solr.
%endif
%package devel
Requires: %{name} = %{version}
Provides: dovecot-devel = %{version}-%{release}
Conflicts: otherproviders(dovecot-devel)
Summary: Development files for Dovecot plugins
Group: Development/Libraries/C and C++
%description devel
Dovecot is an IMAP and POP3 server for Linux and UNIX-like systems,
written primarily with security in mind. Although it is written in C,
it uses several coding techniques to avoid most of the common pitfalls.
Dovecot can work with standard mbox and maildir formats and is fully
compatible with UW-IMAP and Courier IMAP servers as well as mail
clients accessing the mailboxes directly.
This package holds the file needed to compile plugins outside of the
dovecot tree.
%prep
%autosetup -p1 -n %{pkg_name}-%{dovecot_version} -a 1
gzip -9v ChangeLog
# Fix plugins dir.
sed -i 's|#mail_plugin_dir = /usr/lib/dovecot|mail_plugin_dir = %{_libdir}/dovecot/modules|' doc/example-config/conf.d/10-mail.conf
%build
export CFLAGS="%{optflags}"
%if %{with clucene}
export CFLAGS="$CFLAGS -I%{_libdir}"
export CXXFLAGS="$CFLAGS -I%{_libdir}"
%endif
export CFLAGS="$CFLAGS -fpic -DPIC"
export LIBS="-pie"
%configure \
--docdir=%{_docdir}/%{pkg_name} \
--with-moduledir=%{_libdir}/%{pkg_name}/modules \
--libexecdir=%{_prefix}/lib/ \
--with-ioloop=best \
--with-ldap=plugin \
--with-sql=plugin \
--with-gssapi=plugin \
--with-pgsql \
--with-mysql \
--with-lua=plugin \
--with-apparmor \
%if %{with sqlite}
--with-sqlite \
%endif
%if %{with clucene}
--with-lucene \
%endif
%if %{with textcat}
--with-textcat \
%endif
%if %{with icu}
--with-icu \
%endif
%if %{with solr}
--with-solr \
%endif
--with-ssl=openssl \
--with-zlib \
--with-bzlib \
%if %{with lzma}
--with-lzma \
%endif
%if %{with lz4}
--with-lz4 \
%endif
%if %{with zstd}
--with-zstd \
%endif
--with-libcap \
--with-libwrap \
--with-docs \
%if %{with systemd}
--with-systemdsystemunitdir=%{_unitdir} \
%endif
--disable-static
make %{?_smp_mflags}
pushd %{dovecot_pigeonhole_source_dir}
%configure --with-dovecot=../ \
--with-ldap=plugin \
--docdir="%{dovecot_pigeonhole_docdir}"
make %{?_smp_mflags}
popd
%check
make check
make -C %{dovecot_pigeonhole_source_dir} test
%install
%makeinstall
%makeinstall -C %{dovecot_pigeonhole_source_dir} sieve_docdir=%{dovecot_pigeonhole_docdir}
# clean up unused files, as much as I would like to use -delete ... the old find on sles9 doesnt support it
find %{buildroot}%{_libdir}/%{pkg_name}/ -type f \
'(' -name \*.la -o -name \*.a ')' -print -delete
# create /var directories
install -m 0755 -Dd \
%{buildroot}%{_var}/run/%{pkg_name}/login/ \
%{buildroot}%{_var}/lib/%{pkg_name}/
# install the script to create dummy selfsigned certs
pushd %{buildroot}%{_docdir}/%{pkg_name}/
mv -v {*.cnf,mkcert.sh,example-config} ../../../%{pkg_name}/
install -m 755 -d example-config/conf.d/
ln -sv ../../../%{pkg_name}/{*.cnf,mkcert.sh} .
cd example-config/
ln -sv \
../../../../%{pkg_name}/example-config/*conf \
../../../../%{pkg_name}/example-config/*ext \
.
cd conf.d/
ln -sv \
../../../../../%{pkg_name}/example-config/conf.d/* \
.
popd
# additional docs for the main package
install -m 0644 \
AUTHORS ChangeLog* COPYING* NEWS TODO README* \
%if %{with solr}
doc/*.xml \
%endif
%{buildroot}%{_docdir}/%{pkg_name}/
# install sieve docs
install -m 0755 -Dd %{buildroot}%{dovecot_pigeonhole_docdir}
pushd %{dovecot_pigeonhole_source_dir}
sed -i 's/\r$//' doc/rfc/*
cp -av AUTHORS COPYING* INSTALL NEWS README TODO \
examples/ doc/rfc/ doc/devel \
%{buildroot}%{dovecot_pigeonhole_docdir}/
rm %{buildroot}%{dovecot_pigeonhole_docdir}/rfc/Makefile*
popd
for i in $RPM_SOURCE_DIR/*.configfiles ; do
echo "Creating ghost files for '$i'"
for j in $(<$i) ; do
install -D -m 0644 /dev/null %{buildroot}$j
done
done
# clean up of things that are now in the unversioned package.
%if %{with systemd}
rm %{buildroot}%{_unitdir}/dovecot.{service,socket}
%endif
rm %{buildroot}%{_sysconfdir}/%{pkg_name}/README
%pre
# do not let dovecot run during upgrade rhbz#134325
if [ "$1" -ge "1" ]; then
rm -f %restart_flag
%if %{with systemd}
# we get installed before the unversioned dovecot package is installed
# in that case we dont need to restart as there was no file to start us before
if [ -x /bin/systemctl -a -e %{_unitdir}/%{pkg_name}.service ] ; then
/bin/systemctl is-active %{pkg_name}.service >/dev/null 2>&1 && touch %restart_flag ||:
/bin/systemctl stop %{pkg_name}.service >/dev/null 2>&1
fi
%else
# we get installed before the unversioned dovecot package is installed
# in that case we dont need to restart as there was no file to start us before
if [ -x /etc/init.d/%{pkg_name} ] ; then
/etc/init.d/%{pkg_name} status >/dev/null 2>&1 && touch %restart_flag ||:
/etc/init.d/%{pkg_name} stop >/dev/null 2>&1
fi
%endif
fi
# remove !SSLv2 from ssl_protocols (no longer supported in openssl-1.1.0)
if grep -s -q "ssl_protocols .*!SSLv2" /etc/dovecot/conf.d/10-ssl.conf; then
sed -i 's/^\(ssl_protocols.*\)[[:blank:]]!SSLv2\(.*\)$/\1\2/g' /etc/dovecot/conf.d/10-ssl.conf
fi
%post -p /sbin/ldconfig
%postun
/sbin/ldconfig
# do not let dovecot run during upgrade rhbz#134325
if [ "$1" -ge "1" -a -e %restart_flag ]; then
%if %{with systemd}
# we get installed before the unversioned dovecot package is installed
# in that case we dont need to restart as there was no file to start us before
if [ -x /bin/systemctl -a -e %{_unitdir}/%{pkg_name}.service ] ; then
/bin/systemctl start %{pkg_name}.service >/dev/null 2>&1 || :
fi
%else
# we get installed before the unversioned dovecot package is installed
# in that case we dont need to restart as there was no file to start us before
if [ -x /etc/init.d/%{pkg_name} ] ; then
/etc/init.d/%{pkg_name} start >/dev/null 2>&1 || :
fi
%endif
rm -f %restart_flag
fi
# do not let dovecot run during upgrade rhbz#134325
# dovecot should be started again in %%postun, but it's not executed on reinstall
# if it was already started, restart_flag won't be here, so it's ok to test it again
%posttrans
if [ -e %restart_flag ]; then
%if %{with systemd}
# we get installed before the unversioned dovecot package is installed
# in that case we dont need to restart as there was no file to start us before
if [ -x /bin/systemctl -a -e %{_unitdir}/%{pkg_name}.service ] ; then
/bin/systemctl start %{pkg_name}.service >/dev/null 2>&1 || :
fi
%else
# we get installed before the unversioned dovecot package is installed
# in that case we dont need to restart as there was no file to start us before
if [ -x /etc/init.d/%{pkg_name} ] ; then
/etc/init.d/%{pkg_name} start >/dev/null 2>&1 || :
fi
%endif
rm -f %restart_flag
fi
%files
%defattr(-,root,root)
%dir %{_sysconfdir}/%{pkg_name}/
%ghost %config(noreplace) /etc/dovecot/*
%{_sbindir}/%{pkg_name}
%{_bindir}/doveadm
%{_bindir}/doveconf
Accepting request 784360 from home:adkorte:branches:server:mail - update to 2.3.10 and pigeonhole to 0.5.10 Dovecot 2.3.10 * Disable retpoline migitations by default. These can cause severe performance regressions, so they should be only enabled when applicable. * IMAP MOVE now commits transactions in batches of 1000 mails. This helps especially with lazy_expunge when moving a lot of mails. It mainly avoids situations where multiple IMAP sessions are running the same MOVE command and duplicating the mails in the lazy_expunge folder. With this change there can still be some duplication, but the MOVE always progresses forward. Also if the MOVE fails at some point, the changes up to the last 1000 mails are still committed instead of rolled back. Note that the COPY command behavior hasn't changed, because it is required by IMAP standard to be an atomic operation. * IMAP EXPUNGE and CLOSE now expunges mails in batches of 1000 mails. This helps especially with lazy_expunge when expunging a lot of mails (e.g. millions) to make sure that the progress always moves forward even if the process is killed. * Autoexpunging now expunges mails in batches of 1000 mails. This helps especially with lazy_expunge when expunging a lot of mails (e.g. millions) to make sure that the progress always moves forward even if the process is killed. + Add tool for generating sysreport called dovecot-sysreport. This generates a bundle of information usually needed for support requests. + Add support for the new IMAP \Important SPECIAL-USE flag (RFC 8457). + Add metric { group_by } setting. This allows automatically creating new metrics based on the fields you want to group statistics by. NOTE: This feature is considered experimental and syntax is subject to change in future release. + auth: Support SCRAM-SHA-256 authentication mechanism. + imap: Support the new IMAP STATUS=SIZE extension. + Use TCP_QUICKACK to reduce latency for some TCP connections. + quota-status: Made the service more robust against erroneous use with Postfix ACL policies other than smtpd_recipient_restrictions. + Add "revision" field support to imap_id_send setting. Using "revision *" will send in IMAP ID command response the short commit hash of the Dovecot git source tree HEAD (same as in dovecot --version). + IMAP ENVELOPE includes now all addresses when there are multiple headers (From, To, Cc, etc.) The standard way of having multiple addresses is to just list them all in a single header. It's non-standard to have multiple headers. However, since MTAs allow these mails to pass through and different software may handle them in different ways, it's better from security point of view to show all the addresses. + Event filters now support using "field_name=" to match a field that doesn't exist or has an empty value. For example use "error=" to match only events that didn't fail. - acl: INBOX ACLs shouldn't apply for IMAP GETMETADATA/SETMETADATA commands. - cassandra: CASS_ERROR_SERVER_WRITE_FAILURE error should also be treated as "uncertain write failure". - dict-redis: Using quota_clone configured with dict-redis could have crashed when Redis responded slowly. - fts-solr: The XML response parser fails to parse large/chunked responses correctly. This leads to spurious parse errors, most notably: "Error: fts_solr: received invalid uid '0'". - imap-hibernate: Communication trouble with imap-master leads to segfault. - imap-hibernate: Unhibernation retrying wasn't working. - imap: Fixed auth lookup privilege problem when imap process was reused and user was being un-hibernated. - Fix potential crash when copying/moving mails within the same folder. This happened only when there were a lot of fields in dovecot.index.cache. - lib-index: Recreating dovecot.index.cache file could have crashed when merging bitmask fields. - lib-index: Using public/shared folders with INDEXPVT configured to use private \Seen flags, trying to search seen/unseen in an empty folder crashes with segfault. - lib-mail: Large base64-encoded mails weren't decoded properly. This could have affected searching/indexing mails and message snippet generation. - lib-mail: Message with only quoted text could have caused message snippet to ignore its 200 character limit and return the entire message. This was added also to dovecot.index.cache file, which increased disk space and memory usage unnecessarily. v2.3.9.2 regression (previous versions cached the quoted snippet as empty). In a large mail quoted text could have become wrongly added to the snippet, possibly mixed together with non-quoted text. - lib-smtp: client could have assert-crashed if STARTTLS handshake finished earlier than usually. - lib-ssl-iostream: remove -static flag for lib-ssl-iostream linking to prevent a compile issue. - lib-storage: Mailbox synchronization may have assert-crashed in some rare situations. - lib-storage: mdbox didn't preserve date.saved with dsync. - lib: Don't require EAI_{ADDRFAMILY,NODATA}, breaks FreeBSD - master: Some services could respawn unthrottled if they crash during startup. - push-notification: Do not send push_notification_finished event if nothing was done. This happens when mail transaction is started and ended with no changes. - quota-status: Addresses with special characters in the local part caused problems in the interaction between Postfix and Dovecot. Postfix sent its own internal representation in the recipient field, while Dovecot expected a valid RFC5321 mailbox address. - submission-login: SESSION was not correctly encoded field for the XCLIENT command. Particularly, a '+' character introduced by the session ID's Base64 encoding causes problems. - submission: Fix submission_max_mail_size to work correctly on 32-bit systems. - submission: Trusted connections crashed in second connection's EHLO if submission-login { service_count } is something else than 1 (which is the default). - submission: XCLIENT command was never used in the protocol exchange with the relay MTA when submission_backend_capabilities is configured, even when the relay MTA was properly configured to accept the XCLIENT command. Pigeonhole 0.5.10 * imap_sieve_filter: Change result action logging to include IMAP UID - vacation: Addresses were compared case-sensitively. OBS-URL: https://build.opensuse.org/request/show/784360 OBS-URL: https://build.opensuse.org/package/show/server:mail/dovecot23?expand=0&rev=67
2020-03-14 17:19:45 +01:00
%{_bindir}/dovecot-sysreport
%{_bindir}/dsync
%{_bindir}/sieve-test
%{_bindir}/sievec
%{_bindir}/sieve-dump
%{_bindir}/sieve-filter
# subprocesses
%dir %{_prefix}/lib/%{pkg_name}
%{_prefix}/lib/%{pkg_name}/aggregator
%{_prefix}/lib/%{pkg_name}/anvil
%{_prefix}/lib/%{pkg_name}/auth
%{_prefix}/lib/%{pkg_name}/checkpassword-reply
%{_prefix}/lib/%{pkg_name}/config
%{_prefix}/lib/%{pkg_name}/decode2text.sh
%{_prefix}/lib/%{pkg_name}/deliver
%{_prefix}/lib/%{pkg_name}/dict
%{_prefix}/lib/%{pkg_name}/director
%{_prefix}/lib/%{pkg_name}/dns-client
%{_prefix}/lib/%{pkg_name}/doveadm-server
%{_prefix}/lib/%{pkg_name}/dovecot-lda
%{_prefix}/lib/%{pkg_name}/gdbhelper
%{_prefix}/lib/%{pkg_name}/health-check.sh
%{_prefix}/lib/%{pkg_name}/imap
%{_prefix}/lib/%{pkg_name}/imap-hibernate
%{_prefix}/lib/%{pkg_name}/imap-login
%{_prefix}/lib/%{pkg_name}/imap-urlauth
%{_prefix}/lib/%{pkg_name}/imap-urlauth-login
%{_prefix}/lib/%{pkg_name}/imap-urlauth-worker
%{_prefix}/lib/%{pkg_name}/indexer
%{_prefix}/lib/%{pkg_name}/indexer-worker
%{_prefix}/lib/%{pkg_name}/ipc
%{_prefix}/lib/%{pkg_name}/lmtp
%{_prefix}/lib/%{pkg_name}/log
%{_prefix}/lib/%{pkg_name}/maildirlock
%{_prefix}/lib/%{pkg_name}/managesieve
%{_prefix}/lib/%{pkg_name}/managesieve-login
%{_prefix}/lib/%{pkg_name}/old-stats
%{_prefix}/lib/%{pkg_name}/pop3
%{_prefix}/lib/%{pkg_name}/pop3-login
%{_prefix}/lib/%{pkg_name}/quota-status
%{_prefix}/lib/%{pkg_name}/rawlog
%{_prefix}/lib/%{pkg_name}/replicator
%{_prefix}/lib/%{pkg_name}/script
%{_prefix}/lib/%{pkg_name}/script-login
%{_prefix}/lib/%{pkg_name}/stats
%{_prefix}/lib/%{pkg_name}/submission
%{_prefix}/lib/%{pkg_name}/submission-login
%{_prefix}/lib/%{pkg_name}/tcpwrap
%{_prefix}/lib/%{pkg_name}/xml2text
%{_libdir}/%{pkg_name}/libdovecot.so.*
%{_libdir}/%{pkg_name}/libdovecot-compression.so.*
%{_libdir}/%{pkg_name}/libdovecot-dsync.so.*
%{_libdir}/%{pkg_name}/libdovecot-fts.so.*
%{_libdir}/%{pkg_name}/libdovecot-lda.so.*
%{_libdir}/%{pkg_name}/libdovecot-ldap.so.*
%{_libdir}/%{pkg_name}/libdovecot-login.so.*
Accepting request 876725 from home:stroeder:branches:server:mail - update to 2.3.14 and pigeonhole to 0.5.14 * removed obsolete fix-timeval_cmp_margin-for-32bit-systems.patch Dovecot 2.3.14 * Added new aliases for some variables. Usage of the old ones is possible, but discouraged. (These were partially added already to v2.3.13.) See https://doc.dovecot.org/configuration_manual/config_file/config_variables/ for more information. * Optimize imap/pop3/submission/managesieve proxies to use less CPU at the cost of extra memory usage. * Remove autocreate, expire, snarf and mail-filter plugins. * Remove cydir storage driver. * Remove XZ/LZMA write support. Read support will be removed in future release. * doveadm -D: Add timestamps to debug output even when LOG_STDERR_TIMESTAMP environment variable is not set. Timestamp format is taken from log_timestamp setting. * If BROKENCHAR or listescape plugin is used, the escaped folder names may be slightly different from before in some situations. This is unlikely to cause issues, although caching clients may redownload the folders. * imapc: It now enables BROKENCHAR=~ by default to escape remote folder names if necessary. This also means that if there are any '~' characters in the remote folder names, they will be visible as "~7e". * imapc: When using local index files folder names were escaped on filesystem a bit differently. This affects only if there are folder names that actually require escaping, which isn't so common. The old style folders will be automatically deleted from filesystem. * stats: Update exported metrics to be compliant with OpenMetrics standard. + doveadm: Add an optional '-p' parameter to metadata list command. If enabled, "/private", and "/shared" metadata prefixes will be prepended to the keys in the list output. + doveconf: Support environment variables in config files. See https://doc.dovecot.org/configuration_manual/config_file/config_file_syntax/#environment-variables for more details. + indexer-worker: Change indexer to disconnect from indexer-worker after each request. This allows service indexer-worker's service_count & idle_kill settings to work. These can be used to restart indexer-worker processes once in a while to reduce their memory usage. - auth: "nodelay" with various authentication mechanisms such as apop and digest-md5 crashed AUTH process if authentication failed. - auth: Auth lua script generating an error triggered an assertion failure: Panic: file db-lua.c: line 630 (auth_lua_call_password_verify): assertion failed: (lua_gettop(script->L) == 0). - configure: Fix libunwind detection to work on other than x86_64 systems. - doveadm-server: Process could crash if logging was done outside command handling. For example http-client could have done debug logging afterwards, resulting in either segfault or Panic: file http-client.c: line 642 (http_client_context_close): assertion failed: (cctx->clients_list == NULL). - dsync: Folder name escaping with BROKENCHAR didn't work completely correctly. This especially caused problems with dsync-migrations using imapc where some of the remote folder names may not have been accessible. - dsync: doveadm sync + imapc doesn't always sync all mails when doing an incremental sync (-1), which could lead to mail loss when it's used for migration. This happens only when GUIDs aren't used (i.e. imapc without imapc_features=guid-forced). - fts-tika: When tika server returns error, some mails cause Panic: file message-parser.c: line 802 (message_parser_deinit_from_parts): assertion failed: (ctx->nested_parts_count == 0 || i_stream_have_bytes_left(ctx->input)) - lib-imap: imapc parsing illegal BODYSTRUCTUREs with NILs could have resulted in crashes. This exposed that Dovecot was wrongly accepting atoms in "nstring" handling. Changed the IMAP parsing to be more strict about this now. - lib-index: If dovecot.index.cache has corrupted message size, fetching BODY/BODYSTRUCTURE may cause assert-crash: Panic: file index-mail.c: line 1140 (index_mail_parse_body_finish): assertion failed: (mail->data.parts != NULL). - lib-index: Minor error handling and race condition fixes related to rotating dovecot.index.log. These didn't usually cause problems, unless the log files were rotated rapidly. - lib-lua: Lua scripts using coroutines or lua libraries using coroutines (e.g., cqueues) panicked. - Message PREVIEW handled whitespace wrong so first space would get eaten from between words. - FTS and message PREVIEW (snippet) parsed HTML &entities case-sensitively. - lib-mail: When max nested MIME parts were reached, IMAP BODYSTRUCTURE was written in a way that may have caused confusion for IMAP clients and also Dovecot itself when parsing it. The truncated part is now written out using application/octet-stream MIME type. - lib-oauth2: HS512 and HS384 JWT token algorithms crash when you try to use them: Panic: file hmac.c: line 26 (hmac_init): assertion failed: (meth->context_size <= MAC_MAX_CONTEXT_SIZE). - event filters: NOT keyword did not have the correct associativity. NOT a AND b were getting parsed as NOT (a AND b) instead of (NOT a) AND b. - Ignore ECONNRESET when closing socket. This avoids logging useless errors on systems like FreeBSD. - event filters: event filter syntax error may lead to Panic: file event-filter.c: line 137 (event_filter_parse): assertion failed: (state.output == NULL) - lib: timeval_cmp_margin() was broken on 32-bit systems. This could potentially have caused HTTP timeouts to be handled incorrectly. - log: instance_name wasn't used as syslog ident by the log process. - master: After a service reached process_limit and client_limit, it could have taken up to 1 second to realize that more client connections became available. During this time client connections could have been unnecessarily rejected and a warning logged: Warning: service(...): process_limit (...) reached, client connections are being dropped - stats: Crash would occur when generating openmetrics data for metrics using aggregating functions. - stats: Event filters comparing against empty strings crash the stats process. Pigeonhole 0.5.14 * IMAP FILTER command: cmd-filter-sieve - Do not allow NIL as script name argument. OBS-URL: https://build.opensuse.org/request/show/876725 OBS-URL: https://build.opensuse.org/package/show/server:mail/dovecot23?expand=0&rev=92
2021-03-04 12:59:19 +01:00
%{_libdir}/%{pkg_name}/libdovecot-lua.so.*
%{_libdir}/%{pkg_name}/libdovecot-sieve.so.*
%{_libdir}/%{pkg_name}/libdovecot-sql.so.*
%{_libdir}/%{pkg_name}/libdovecot-storage.so.*
Accepting request 876725 from home:stroeder:branches:server:mail - update to 2.3.14 and pigeonhole to 0.5.14 * removed obsolete fix-timeval_cmp_margin-for-32bit-systems.patch Dovecot 2.3.14 * Added new aliases for some variables. Usage of the old ones is possible, but discouraged. (These were partially added already to v2.3.13.) See https://doc.dovecot.org/configuration_manual/config_file/config_variables/ for more information. * Optimize imap/pop3/submission/managesieve proxies to use less CPU at the cost of extra memory usage. * Remove autocreate, expire, snarf and mail-filter plugins. * Remove cydir storage driver. * Remove XZ/LZMA write support. Read support will be removed in future release. * doveadm -D: Add timestamps to debug output even when LOG_STDERR_TIMESTAMP environment variable is not set. Timestamp format is taken from log_timestamp setting. * If BROKENCHAR or listescape plugin is used, the escaped folder names may be slightly different from before in some situations. This is unlikely to cause issues, although caching clients may redownload the folders. * imapc: It now enables BROKENCHAR=~ by default to escape remote folder names if necessary. This also means that if there are any '~' characters in the remote folder names, they will be visible as "~7e". * imapc: When using local index files folder names were escaped on filesystem a bit differently. This affects only if there are folder names that actually require escaping, which isn't so common. The old style folders will be automatically deleted from filesystem. * stats: Update exported metrics to be compliant with OpenMetrics standard. + doveadm: Add an optional '-p' parameter to metadata list command. If enabled, "/private", and "/shared" metadata prefixes will be prepended to the keys in the list output. + doveconf: Support environment variables in config files. See https://doc.dovecot.org/configuration_manual/config_file/config_file_syntax/#environment-variables for more details. + indexer-worker: Change indexer to disconnect from indexer-worker after each request. This allows service indexer-worker's service_count & idle_kill settings to work. These can be used to restart indexer-worker processes once in a while to reduce their memory usage. - auth: "nodelay" with various authentication mechanisms such as apop and digest-md5 crashed AUTH process if authentication failed. - auth: Auth lua script generating an error triggered an assertion failure: Panic: file db-lua.c: line 630 (auth_lua_call_password_verify): assertion failed: (lua_gettop(script->L) == 0). - configure: Fix libunwind detection to work on other than x86_64 systems. - doveadm-server: Process could crash if logging was done outside command handling. For example http-client could have done debug logging afterwards, resulting in either segfault or Panic: file http-client.c: line 642 (http_client_context_close): assertion failed: (cctx->clients_list == NULL). - dsync: Folder name escaping with BROKENCHAR didn't work completely correctly. This especially caused problems with dsync-migrations using imapc where some of the remote folder names may not have been accessible. - dsync: doveadm sync + imapc doesn't always sync all mails when doing an incremental sync (-1), which could lead to mail loss when it's used for migration. This happens only when GUIDs aren't used (i.e. imapc without imapc_features=guid-forced). - fts-tika: When tika server returns error, some mails cause Panic: file message-parser.c: line 802 (message_parser_deinit_from_parts): assertion failed: (ctx->nested_parts_count == 0 || i_stream_have_bytes_left(ctx->input)) - lib-imap: imapc parsing illegal BODYSTRUCTUREs with NILs could have resulted in crashes. This exposed that Dovecot was wrongly accepting atoms in "nstring" handling. Changed the IMAP parsing to be more strict about this now. - lib-index: If dovecot.index.cache has corrupted message size, fetching BODY/BODYSTRUCTURE may cause assert-crash: Panic: file index-mail.c: line 1140 (index_mail_parse_body_finish): assertion failed: (mail->data.parts != NULL). - lib-index: Minor error handling and race condition fixes related to rotating dovecot.index.log. These didn't usually cause problems, unless the log files were rotated rapidly. - lib-lua: Lua scripts using coroutines or lua libraries using coroutines (e.g., cqueues) panicked. - Message PREVIEW handled whitespace wrong so first space would get eaten from between words. - FTS and message PREVIEW (snippet) parsed HTML &entities case-sensitively. - lib-mail: When max nested MIME parts were reached, IMAP BODYSTRUCTURE was written in a way that may have caused confusion for IMAP clients and also Dovecot itself when parsing it. The truncated part is now written out using application/octet-stream MIME type. - lib-oauth2: HS512 and HS384 JWT token algorithms crash when you try to use them: Panic: file hmac.c: line 26 (hmac_init): assertion failed: (meth->context_size <= MAC_MAX_CONTEXT_SIZE). - event filters: NOT keyword did not have the correct associativity. NOT a AND b were getting parsed as NOT (a AND b) instead of (NOT a) AND b. - Ignore ECONNRESET when closing socket. This avoids logging useless errors on systems like FreeBSD. - event filters: event filter syntax error may lead to Panic: file event-filter.c: line 137 (event_filter_parse): assertion failed: (state.output == NULL) - lib: timeval_cmp_margin() was broken on 32-bit systems. This could potentially have caused HTTP timeouts to be handled incorrectly. - log: instance_name wasn't used as syslog ident by the log process. - master: After a service reached process_limit and client_limit, it could have taken up to 1 second to realize that more client connections became available. During this time client connections could have been unnecessarily rejected and a warning logged: Warning: service(...): process_limit (...) reached, client connections are being dropped - stats: Crash would occur when generating openmetrics data for metrics using aggregating functions. - stats: Event filters comparing against empty strings crash the stats process. Pigeonhole 0.5.14 * IMAP FILTER command: cmd-filter-sieve - Do not allow NIL as script name argument. OBS-URL: https://build.opensuse.org/request/show/876725 OBS-URL: https://build.opensuse.org/package/show/server:mail/dovecot23?expand=0&rev=92
2021-03-04 12:59:19 +01:00
%{_libdir}/%{pkg_name}/libdovecot-storage-lua.so.*
%if %{with dcrypt_openssl}
%{_libdir}/%{pkg_name}/libdcrypt_openssl.so
%endif
# plugins
%dir %{_libdir}/%{pkg_name}
%dir %{_libdir}/%{pkg_name}/modules/
%{_libdir}/%{pkg_name}/modules/lib01_acl_plugin.so
%{_libdir}/%{pkg_name}/modules/lib01_apparmor_plugin.so
%{_libdir}/%{pkg_name}/modules/lib02_lazy_expunge_plugin.so
%{_libdir}/%{pkg_name}/modules/lib05_mail_crypt_acl_plugin.so
%{_libdir}/%{pkg_name}/modules/lib05_pop3_migration_plugin.so
%{_libdir}/%{pkg_name}/modules/lib10_last_login_plugin.so
%{_libdir}/%{pkg_name}/modules/lib01_mail_lua_plugin.so
%{_libdir}/%{pkg_name}/modules/lib10_mail_crypt_plugin.so
%{_libdir}/%{pkg_name}/modules/lib10_quota_plugin.so
%{_libdir}/%{pkg_name}/modules/lib11_trash_plugin.so
%{_libdir}/%{pkg_name}/modules/lib15_notify_plugin.so
%{_libdir}/%{pkg_name}/modules/lib20_mail_log_plugin.so
%{_libdir}/%{pkg_name}/modules/lib20_mailbox_alias_plugin.so
%{_libdir}/%{pkg_name}/modules/lib20_notify_status_plugin.so
%{_libdir}/%{pkg_name}/modules/lib20_charset_alias_plugin.so
%{_libdir}/%{pkg_name}/modules/lib20_var_expand_crypt.so
%{_libdir}/%{pkg_name}/modules/lib20_zlib_plugin.so
%{_libdir}/%{pkg_name}/modules/lib20_push_notification_plugin.so
%{_libdir}/%{pkg_name}/modules/lib20_listescape_plugin.so
%{_libdir}/%{pkg_name}/modules/lib20_quota_clone_plugin.so
%{_libdir}/%{pkg_name}/modules/lib20_replication_plugin.so
%{_libdir}/%{pkg_name}/modules/lib20_virtual_plugin.so
%{_libdir}/%{pkg_name}/modules/lib22_push_notification_lua_plugin.so
%{_libdir}/%{pkg_name}/modules/lib30_imap_zlib_plugin.so
%{_libdir}/%{pkg_name}/modules/lib02_imap_acl_plugin.so
%{_libdir}/%{pkg_name}/modules/lib11_imap_quota_plugin.so
%{_libdir}/%{pkg_name}/modules/lib90_sieve_plugin.so
%{_libdir}/%{pkg_name}/modules/lib90_old_stats_plugin.so
%{_libdir}/%{pkg_name}/modules/lib95_imap_sieve_plugin.so
%{_libdir}/%{pkg_name}/modules/lib95_imap_filter_sieve_plugin.so
%{_libdir}/%{pkg_name}/modules/lib95_imap_old_stats_plugin.so
%{_libdir}/%{pkg_name}/modules/lib99_welcome_plugin.so
%{_libdir}/%{pkg_name}/modules/libfs_compress.so
%{_libdir}/%{pkg_name}/modules/libfs_crypt.so
%{_libdir}/%{pkg_name}/modules/libfs_mail_crypt.so
%{_libdir}/%{pkg_name}/modules/libssl_iostream_openssl.so
#
%dir %{_libdir}/%{pkg_name}/modules/auth/
%{_libdir}/%{pkg_name}/modules/auth/libauthdb_imap.so
%{_libdir}/%{pkg_name}/modules/auth/libauthdb_ldap.so
%{_libdir}/%{pkg_name}/modules/auth/libauthdb_lua.so
%{_libdir}/%{pkg_name}/modules/auth/libmech_gssapi.so
%{_libdir}/%{pkg_name}/modules/auth/lib20_auth_var_expand_crypt.so
%dir %{_libdir}/%{pkg_name}/modules/dict/
%{_libdir}/%{pkg_name}/modules/dict/libdict_ldap.so
# more dict modules are in the sql packages
#
%dir %{_libdir}/%{pkg_name}/modules/doveadm
%{_libdir}/%{pkg_name}/modules/doveadm/libdoveadm_mail_crypt_plugin.so
%{_libdir}/%{pkg_name}/modules/doveadm/lib10_doveadm_acl_plugin.so
%{_libdir}/%{pkg_name}/modules/doveadm/lib10_doveadm_quota_plugin.so*
%{_libdir}/%{pkg_name}/modules/doveadm/lib10_doveadm_sieve_plugin.so
#
%dir %{_libdir}/%{pkg_name}/modules/settings/
%{_libdir}/%{pkg_name}/modules/settings/libpigeonhole_settings.so
%{_libdir}/%{pkg_name}/modules/settings/libmanagesieve_login_settings.so
%{_libdir}/%{pkg_name}/modules/settings/libmanagesieve_settings.so
#
%dir %{_libdir}/%{pkg_name}/modules/sieve
%{_libdir}/%{pkg_name}/modules/sieve/lib10_sieve_storage_ldap_plugin.so
%{_libdir}/%{pkg_name}/modules/sieve/lib90_sieve_extprograms_plugin.so
%{_libdir}/%{pkg_name}/modules/sieve/lib90_sieve_imapsieve_plugin.so
#
%dir %{_libdir}/%{pkg_name}/modules/old-stats/
%{_libdir}/%{pkg_name}/modules/old-stats/libstats_auth.so
%{_libdir}/%{pkg_name}/modules/old-stats/libold_stats_mail.so
#
%dir %{_datadir}/%{pkg_name}/
%{_datadir}/%{pkg_name}/*.cnf
%{_datadir}/%{pkg_name}/mkcert.sh
%{_datadir}/%{pkg_name}/example-config
# doc
%{_mandir}/man1/deliver.1*
%{_mandir}/man1/doveadm*.1*
%{_mandir}/man1/doveconf.1*
%{_mandir}/man1/dovecot*.1*
%{_mandir}/man1/dsync.1*
%{_mandir}/man1/sieve-dump.1*
%{_mandir}/man1/sieve-filter.1*
%{_mandir}/man1/sieve-test.1*
%{_mandir}/man1/sievec.1*
%{_mandir}/man1/sieved.1*
%{_mandir}/man7/doveadm*.7*
%{_mandir}/man7/pigeonhole.7*
%doc %{_docdir}/%{pkg_name}
%if %{with solr}
%exclude %{_docdir}/%{pkg_name}/solr-schema.xml
%endif
# setting up permissions
%if ! %{with systemd}
%dir %attr(0755,root,root) %ghost %{_var}/run/%{pkg_name}/
%dir %attr(0750,root,%{pkg_name}) %ghost %{_var}/run/%{pkg_name}/login/
%endif
%dir %attr(0750,root,root) %{_var}/lib/%{pkg_name}/
%files fts
%defattr(-,root,root,-)
%{_libdir}/%{pkg_name}/modules/doveadm/lib20_doveadm_fts_plugin.so
%{_libdir}/%{pkg_name}/modules/lib20_fts_plugin.so
%{_datadir}/%{pkg_name}/stopwords/
%files fts-squat
%defattr(-,root,root,-)
%{_libdir}/%{pkg_name}/modules/lib21_fts_squat_plugin.so
%files backend-mysql
%defattr(-,root,root,-)
%{_libdir}/%{pkg_name}/modules/libdriver_mysql.so
%{_libdir}/%{pkg_name}/modules/auth/libdriver_mysql.so
%{_libdir}/%{pkg_name}/modules/dict/libdriver_mysql.so
%files backend-pgsql
%defattr(-,root,root,-)
%{_libdir}/%{pkg_name}/modules/libdriver_pgsql.so
%{_libdir}/%{pkg_name}/modules/auth/libdriver_pgsql.so
%{_libdir}/%{pkg_name}/modules/dict/libdriver_pgsql.so
%if %{with sqlite}
%files backend-sqlite
%defattr(-,root,root,-)
%{_libdir}/%{pkg_name}/modules/libdriver_sqlite.so
%{_libdir}/%{pkg_name}/modules/auth/libdriver_sqlite.so
%{_libdir}/%{pkg_name}/modules/dict/libdriver_sqlite.so
%endif
%if %{with clucene}
%files fts-lucene
%defattr(-,root,root,-)
%{_libdir}/%{pkg_name}/modules/lib21_fts_lucene_plugin.so
%{_libdir}/%{pkg_name}/modules/doveadm/lib20_doveadm_fts_lucene_plugin.so
%endif
%if %{with solr}
%files fts-solr
%defattr(-,root,root,-)
%{_libdir}/%{pkg_name}/modules/lib21_fts_solr_plugin.so
%{_docdir}/%{pkg_name}/solr-schema.xml
%endif
%files devel
%defattr(-,root,root,-)
%{_datadir}/aclocal/%{pkg_name}.m4
%{_datadir}/aclocal/dovecot-pigeonhole.m4
%{_includedir}/%{pkg_name}/
%{_libdir}/%{pkg_name}/dovecot-config
%{_libdir}/%{pkg_name}/libdovecot.so
%{_libdir}/%{pkg_name}/libdovecot-compression.so
%{_libdir}/%{pkg_name}/libdovecot-dsync.so
%{_libdir}/%{pkg_name}/libdovecot-fts.so
%{_libdir}/%{pkg_name}/libdovecot-lda.so
%{_libdir}/%{pkg_name}/libdovecot-ldap.so
%{_libdir}/%{pkg_name}/libdovecot-login.so
Accepting request 876725 from home:stroeder:branches:server:mail - update to 2.3.14 and pigeonhole to 0.5.14 * removed obsolete fix-timeval_cmp_margin-for-32bit-systems.patch Dovecot 2.3.14 * Added new aliases for some variables. Usage of the old ones is possible, but discouraged. (These were partially added already to v2.3.13.) See https://doc.dovecot.org/configuration_manual/config_file/config_variables/ for more information. * Optimize imap/pop3/submission/managesieve proxies to use less CPU at the cost of extra memory usage. * Remove autocreate, expire, snarf and mail-filter plugins. * Remove cydir storage driver. * Remove XZ/LZMA write support. Read support will be removed in future release. * doveadm -D: Add timestamps to debug output even when LOG_STDERR_TIMESTAMP environment variable is not set. Timestamp format is taken from log_timestamp setting. * If BROKENCHAR or listescape plugin is used, the escaped folder names may be slightly different from before in some situations. This is unlikely to cause issues, although caching clients may redownload the folders. * imapc: It now enables BROKENCHAR=~ by default to escape remote folder names if necessary. This also means that if there are any '~' characters in the remote folder names, they will be visible as "~7e". * imapc: When using local index files folder names were escaped on filesystem a bit differently. This affects only if there are folder names that actually require escaping, which isn't so common. The old style folders will be automatically deleted from filesystem. * stats: Update exported metrics to be compliant with OpenMetrics standard. + doveadm: Add an optional '-p' parameter to metadata list command. If enabled, "/private", and "/shared" metadata prefixes will be prepended to the keys in the list output. + doveconf: Support environment variables in config files. See https://doc.dovecot.org/configuration_manual/config_file/config_file_syntax/#environment-variables for more details. + indexer-worker: Change indexer to disconnect from indexer-worker after each request. This allows service indexer-worker's service_count & idle_kill settings to work. These can be used to restart indexer-worker processes once in a while to reduce their memory usage. - auth: "nodelay" with various authentication mechanisms such as apop and digest-md5 crashed AUTH process if authentication failed. - auth: Auth lua script generating an error triggered an assertion failure: Panic: file db-lua.c: line 630 (auth_lua_call_password_verify): assertion failed: (lua_gettop(script->L) == 0). - configure: Fix libunwind detection to work on other than x86_64 systems. - doveadm-server: Process could crash if logging was done outside command handling. For example http-client could have done debug logging afterwards, resulting in either segfault or Panic: file http-client.c: line 642 (http_client_context_close): assertion failed: (cctx->clients_list == NULL). - dsync: Folder name escaping with BROKENCHAR didn't work completely correctly. This especially caused problems with dsync-migrations using imapc where some of the remote folder names may not have been accessible. - dsync: doveadm sync + imapc doesn't always sync all mails when doing an incremental sync (-1), which could lead to mail loss when it's used for migration. This happens only when GUIDs aren't used (i.e. imapc without imapc_features=guid-forced). - fts-tika: When tika server returns error, some mails cause Panic: file message-parser.c: line 802 (message_parser_deinit_from_parts): assertion failed: (ctx->nested_parts_count == 0 || i_stream_have_bytes_left(ctx->input)) - lib-imap: imapc parsing illegal BODYSTRUCTUREs with NILs could have resulted in crashes. This exposed that Dovecot was wrongly accepting atoms in "nstring" handling. Changed the IMAP parsing to be more strict about this now. - lib-index: If dovecot.index.cache has corrupted message size, fetching BODY/BODYSTRUCTURE may cause assert-crash: Panic: file index-mail.c: line 1140 (index_mail_parse_body_finish): assertion failed: (mail->data.parts != NULL). - lib-index: Minor error handling and race condition fixes related to rotating dovecot.index.log. These didn't usually cause problems, unless the log files were rotated rapidly. - lib-lua: Lua scripts using coroutines or lua libraries using coroutines (e.g., cqueues) panicked. - Message PREVIEW handled whitespace wrong so first space would get eaten from between words. - FTS and message PREVIEW (snippet) parsed HTML &entities case-sensitively. - lib-mail: When max nested MIME parts were reached, IMAP BODYSTRUCTURE was written in a way that may have caused confusion for IMAP clients and also Dovecot itself when parsing it. The truncated part is now written out using application/octet-stream MIME type. - lib-oauth2: HS512 and HS384 JWT token algorithms crash when you try to use them: Panic: file hmac.c: line 26 (hmac_init): assertion failed: (meth->context_size <= MAC_MAX_CONTEXT_SIZE). - event filters: NOT keyword did not have the correct associativity. NOT a AND b were getting parsed as NOT (a AND b) instead of (NOT a) AND b. - Ignore ECONNRESET when closing socket. This avoids logging useless errors on systems like FreeBSD. - event filters: event filter syntax error may lead to Panic: file event-filter.c: line 137 (event_filter_parse): assertion failed: (state.output == NULL) - lib: timeval_cmp_margin() was broken on 32-bit systems. This could potentially have caused HTTP timeouts to be handled incorrectly. - log: instance_name wasn't used as syslog ident by the log process. - master: After a service reached process_limit and client_limit, it could have taken up to 1 second to realize that more client connections became available. During this time client connections could have been unnecessarily rejected and a warning logged: Warning: service(...): process_limit (...) reached, client connections are being dropped - stats: Crash would occur when generating openmetrics data for metrics using aggregating functions. - stats: Event filters comparing against empty strings crash the stats process. Pigeonhole 0.5.14 * IMAP FILTER command: cmd-filter-sieve - Do not allow NIL as script name argument. OBS-URL: https://build.opensuse.org/request/show/876725 OBS-URL: https://build.opensuse.org/package/show/server:mail/dovecot23?expand=0&rev=92
2021-03-04 12:59:19 +01:00
%{_libdir}/%{pkg_name}/libdovecot-lua.so
%{_libdir}/%{pkg_name}/libdovecot-sieve.so
%{_libdir}/%{pkg_name}/libdovecot-sql.so
%{_libdir}/%{pkg_name}/libdovecot-storage.so
Accepting request 876725 from home:stroeder:branches:server:mail - update to 2.3.14 and pigeonhole to 0.5.14 * removed obsolete fix-timeval_cmp_margin-for-32bit-systems.patch Dovecot 2.3.14 * Added new aliases for some variables. Usage of the old ones is possible, but discouraged. (These were partially added already to v2.3.13.) See https://doc.dovecot.org/configuration_manual/config_file/config_variables/ for more information. * Optimize imap/pop3/submission/managesieve proxies to use less CPU at the cost of extra memory usage. * Remove autocreate, expire, snarf and mail-filter plugins. * Remove cydir storage driver. * Remove XZ/LZMA write support. Read support will be removed in future release. * doveadm -D: Add timestamps to debug output even when LOG_STDERR_TIMESTAMP environment variable is not set. Timestamp format is taken from log_timestamp setting. * If BROKENCHAR or listescape plugin is used, the escaped folder names may be slightly different from before in some situations. This is unlikely to cause issues, although caching clients may redownload the folders. * imapc: It now enables BROKENCHAR=~ by default to escape remote folder names if necessary. This also means that if there are any '~' characters in the remote folder names, they will be visible as "~7e". * imapc: When using local index files folder names were escaped on filesystem a bit differently. This affects only if there are folder names that actually require escaping, which isn't so common. The old style folders will be automatically deleted from filesystem. * stats: Update exported metrics to be compliant with OpenMetrics standard. + doveadm: Add an optional '-p' parameter to metadata list command. If enabled, "/private", and "/shared" metadata prefixes will be prepended to the keys in the list output. + doveconf: Support environment variables in config files. See https://doc.dovecot.org/configuration_manual/config_file/config_file_syntax/#environment-variables for more details. + indexer-worker: Change indexer to disconnect from indexer-worker after each request. This allows service indexer-worker's service_count & idle_kill settings to work. These can be used to restart indexer-worker processes once in a while to reduce their memory usage. - auth: "nodelay" with various authentication mechanisms such as apop and digest-md5 crashed AUTH process if authentication failed. - auth: Auth lua script generating an error triggered an assertion failure: Panic: file db-lua.c: line 630 (auth_lua_call_password_verify): assertion failed: (lua_gettop(script->L) == 0). - configure: Fix libunwind detection to work on other than x86_64 systems. - doveadm-server: Process could crash if logging was done outside command handling. For example http-client could have done debug logging afterwards, resulting in either segfault or Panic: file http-client.c: line 642 (http_client_context_close): assertion failed: (cctx->clients_list == NULL). - dsync: Folder name escaping with BROKENCHAR didn't work completely correctly. This especially caused problems with dsync-migrations using imapc where some of the remote folder names may not have been accessible. - dsync: doveadm sync + imapc doesn't always sync all mails when doing an incremental sync (-1), which could lead to mail loss when it's used for migration. This happens only when GUIDs aren't used (i.e. imapc without imapc_features=guid-forced). - fts-tika: When tika server returns error, some mails cause Panic: file message-parser.c: line 802 (message_parser_deinit_from_parts): assertion failed: (ctx->nested_parts_count == 0 || i_stream_have_bytes_left(ctx->input)) - lib-imap: imapc parsing illegal BODYSTRUCTUREs with NILs could have resulted in crashes. This exposed that Dovecot was wrongly accepting atoms in "nstring" handling. Changed the IMAP parsing to be more strict about this now. - lib-index: If dovecot.index.cache has corrupted message size, fetching BODY/BODYSTRUCTURE may cause assert-crash: Panic: file index-mail.c: line 1140 (index_mail_parse_body_finish): assertion failed: (mail->data.parts != NULL). - lib-index: Minor error handling and race condition fixes related to rotating dovecot.index.log. These didn't usually cause problems, unless the log files were rotated rapidly. - lib-lua: Lua scripts using coroutines or lua libraries using coroutines (e.g., cqueues) panicked. - Message PREVIEW handled whitespace wrong so first space would get eaten from between words. - FTS and message PREVIEW (snippet) parsed HTML &entities case-sensitively. - lib-mail: When max nested MIME parts were reached, IMAP BODYSTRUCTURE was written in a way that may have caused confusion for IMAP clients and also Dovecot itself when parsing it. The truncated part is now written out using application/octet-stream MIME type. - lib-oauth2: HS512 and HS384 JWT token algorithms crash when you try to use them: Panic: file hmac.c: line 26 (hmac_init): assertion failed: (meth->context_size <= MAC_MAX_CONTEXT_SIZE). - event filters: NOT keyword did not have the correct associativity. NOT a AND b were getting parsed as NOT (a AND b) instead of (NOT a) AND b. - Ignore ECONNRESET when closing socket. This avoids logging useless errors on systems like FreeBSD. - event filters: event filter syntax error may lead to Panic: file event-filter.c: line 137 (event_filter_parse): assertion failed: (state.output == NULL) - lib: timeval_cmp_margin() was broken on 32-bit systems. This could potentially have caused HTTP timeouts to be handled incorrectly. - log: instance_name wasn't used as syslog ident by the log process. - master: After a service reached process_limit and client_limit, it could have taken up to 1 second to realize that more client connections became available. During this time client connections could have been unnecessarily rejected and a warning logged: Warning: service(...): process_limit (...) reached, client connections are being dropped - stats: Crash would occur when generating openmetrics data for metrics using aggregating functions. - stats: Event filters comparing against empty strings crash the stats process. Pigeonhole 0.5.14 * IMAP FILTER command: cmd-filter-sieve - Do not allow NIL as script name argument. OBS-URL: https://build.opensuse.org/request/show/876725 OBS-URL: https://build.opensuse.org/package/show/server:mail/dovecot23?expand=0&rev=92
2021-03-04 12:59:19 +01:00
%{_libdir}/%{pkg_name}/libdovecot-storage-lua.so
%changelog