- update to 2.3.21.1 and pigeonhole 0.5.21.1

Dovecot 2.3.21.1
  - CVE-2024-23184: A large number of address headers in email resulted
    in excessive CPU usage. [boo#1229184]
  - CVE-2024-23185: Abnormally large email headers are now truncated or
    discarded, with a limit of 10MB on a single header and 50MB for all
    the headers of all the parts of an email. [boo#1229183]
  - oauth2: Dovecot would send client_id and client_secret as POST parameters
    to introspection server. These need to be optionally in Basic auth
    instead as required by OIDC specification.
  - oauth2: JWT key type check was too strict.
  - oauth2: JWT token audience was not validated against client_id as
    required by OIDC specification.
  - oauth2: XOAUTH2 and OAUTHBEARER mechanisms were not giving out
    protocol specific error message on all errors. This broke OIDC discovery.
  - oauth2: JWT aud validation was not performed if aud was missing
    from token, but was configured on Dovecot.

OBS-URL: https://build.opensuse.org/package/show/server:mail/dovecot23?expand=0&rev=121

.gitattributes

@@ -0,0 +1,23 @@
+## Default LFS
+*.7z filter=lfs diff=lfs merge=lfs -text
+*.bsp filter=lfs diff=lfs merge=lfs -text
+*.bz2 filter=lfs diff=lfs merge=lfs -text
+*.gem filter=lfs diff=lfs merge=lfs -text
+*.gz filter=lfs diff=lfs merge=lfs -text
+*.jar filter=lfs diff=lfs merge=lfs -text
+*.lz filter=lfs diff=lfs merge=lfs -text
+*.lzma filter=lfs diff=lfs merge=lfs -text
+*.obscpio filter=lfs diff=lfs merge=lfs -text
+*.oxt filter=lfs diff=lfs merge=lfs -text
+*.pdf filter=lfs diff=lfs merge=lfs -text
+*.png filter=lfs diff=lfs merge=lfs -text
+*.rpm filter=lfs diff=lfs merge=lfs -text
+*.tbz filter=lfs diff=lfs merge=lfs -text
+*.tbz2 filter=lfs diff=lfs merge=lfs -text
+*.tgz filter=lfs diff=lfs merge=lfs -text
+*.ttf filter=lfs diff=lfs merge=lfs -text
+*.txz filter=lfs diff=lfs merge=lfs -text
+*.whl filter=lfs diff=lfs merge=lfs -text
+*.xz filter=lfs diff=lfs merge=lfs -text
+*.zip filter=lfs diff=lfs merge=lfs -text
+*.zst filter=lfs diff=lfs merge=lfs -text

.gitignore

@@ -0,0 +1 @@
+.osc

dovecot-2.0.configfiles

@@ -0,0 +1,28 @@
+/etc/dovecot/README
+/etc/dovecot/conf.d/10-auth.conf
+/etc/dovecot/conf.d/10-director.conf
+/etc/dovecot/conf.d/10-logging.conf
+/etc/dovecot/conf.d/10-mail.conf
+/etc/dovecot/conf.d/10-master.conf
+/etc/dovecot/conf.d/10-ssl.conf
+/etc/dovecot/conf.d/15-lda.conf
+/etc/dovecot/conf.d/20-imap.conf
+/etc/dovecot/conf.d/20-lmtp.conf
+/etc/dovecot/conf.d/20-pop3.conf
+/etc/dovecot/conf.d/90-acl.conf
+/etc/dovecot/conf.d/90-plugin.conf
+/etc/dovecot/conf.d/90-quota.conf
+/etc/dovecot/conf.d/auth-checkpassword.conf.ext
+/etc/dovecot/conf.d/auth-deny.conf.ext
+/etc/dovecot/conf.d/auth-ldap.conf.ext
+/etc/dovecot/conf.d/auth-master.conf.ext
+/etc/dovecot/conf.d/auth-passwdfile.conf.ext
+/etc/dovecot/conf.d/auth-sql.conf.ext
+/etc/dovecot/conf.d/auth-static.conf.ext
+/etc/dovecot/conf.d/auth-system.conf.ext
+/etc/dovecot/conf.d/auth-vpopmail.conf.ext
+/etc/dovecot/dovecot-db.conf.ext
+/etc/dovecot/dovecot-dict-sql.conf.ext
+/etc/dovecot/dovecot-ldap.conf.ext
+/etc/dovecot/dovecot-sql.conf.ext
+/etc/dovecot/dovecot.conf

dovecot-2.1-pigeonhole.configfiles

@@ -0,0 +1,2 @@
+/etc/dovecot/conf.d/20-managesieve.conf
+/etc/dovecot/conf.d/90-sieve.conf

dovecot-2.1.configfiles

@@ -0,0 +1,31 @@
+/etc/dovecot/README
+/etc/dovecot/conf.d/10-auth.conf
+/etc/dovecot/conf.d/10-director.conf
+/etc/dovecot/conf.d/10-logging.conf
+/etc/dovecot/conf.d/10-mail.conf
+/etc/dovecot/conf.d/10-master.conf
+/etc/dovecot/conf.d/10-ssl.conf
+/etc/dovecot/conf.d/15-lda.conf
+/etc/dovecot/conf.d/15-mailboxes.conf
+/etc/dovecot/conf.d/20-imap.conf
+/etc/dovecot/conf.d/20-lmtp.conf
+/etc/dovecot/conf.d/20-pop3.conf
+/etc/dovecot/conf.d/90-acl.conf
+/etc/dovecot/conf.d/90-plugin.conf
+/etc/dovecot/conf.d/90-quota.conf
+/etc/dovecot/conf.d/auth-checkpassword.conf.ext
+/etc/dovecot/conf.d/auth-deny.conf.ext
+/etc/dovecot/conf.d/auth-dict.conf.ext
+/etc/dovecot/conf.d/auth-ldap.conf.ext
+/etc/dovecot/conf.d/auth-master.conf.ext
+/etc/dovecot/conf.d/auth-passwdfile.conf.ext
+/etc/dovecot/conf.d/auth-sql.conf.ext
+/etc/dovecot/conf.d/auth-static.conf.ext
+/etc/dovecot/conf.d/auth-system.conf.ext
+/etc/dovecot/conf.d/auth-vpopmail.conf.ext
+/etc/dovecot/dovecot-db.conf.ext
+/etc/dovecot/dovecot-dict-auth.conf.ext
+/etc/dovecot/dovecot-dict-sql.conf.ext
+/etc/dovecot/dovecot-ldap.conf.ext
+/etc/dovecot/dovecot-sql.conf.ext
+/etc/dovecot/dovecot.conf

dovecot-2.2-pigeonhole.configfiles

@@ -0,0 +1,4 @@
+/etc/dovecot/conf.d/20-managesieve.conf
+/etc/dovecot/conf.d/90-sieve-extprograms.conf
+/etc/dovecot/conf.d/90-sieve.conf
+/etc/dovecot/sieve-ldap.conf

dovecot-2.2.configfiles

@@ -0,0 +1,31 @@
+/etc/dovecot/README
+/etc/dovecot/conf.d/10-auth.conf
+/etc/dovecot/conf.d/10-director.conf
+/etc/dovecot/conf.d/10-logging.conf
+/etc/dovecot/conf.d/10-mail.conf
+/etc/dovecot/conf.d/10-master.conf
+/etc/dovecot/conf.d/10-ssl.conf
+/etc/dovecot/conf.d/11-object-storage.conf
+/etc/dovecot/conf.d/15-lda.conf
+/etc/dovecot/conf.d/15-mailboxes.conf
+/etc/dovecot/conf.d/20-imap.conf
+/etc/dovecot/conf.d/20-lmtp.conf
+/etc/dovecot/conf.d/20-pop3.conf
+/etc/dovecot/conf.d/90-acl.conf
+/etc/dovecot/conf.d/90-plugin.conf
+/etc/dovecot/conf.d/90-quota.conf
+/etc/dovecot/conf.d/auth-checkpassword.conf.ext
+/etc/dovecot/conf.d/auth-deny.conf.ext
+/etc/dovecot/conf.d/auth-dict.conf.ext
+/etc/dovecot/conf.d/auth-ldap.conf.ext
+/etc/dovecot/conf.d/auth-master.conf.ext
+/etc/dovecot/conf.d/auth-passwdfile.conf.ext
+/etc/dovecot/conf.d/auth-sql.conf.ext
+/etc/dovecot/conf.d/auth-static.conf.ext
+/etc/dovecot/conf.d/auth-system.conf.ext
+/etc/dovecot/conf.d/auth-vpopmail.conf.ext
+/etc/dovecot/dovecot-dict-auth.conf.ext
+/etc/dovecot/dovecot-dict-sql.conf.ext
+/etc/dovecot/dovecot-ldap.conf.ext
+/etc/dovecot/dovecot-sql.conf.ext
+/etc/dovecot/dovecot.conf

dovecot-2.3-pigeonhole-0.5.21.1.tar.gz

@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:0377db284b620723de060431115fb2e7791e1df4321411af718201d6925c4692
+size 1956404

dovecot-2.3-pigeonhole-0.5.21.1.tar.gz.sig

@@ -0,0 +1,17 @@
+-----BEGIN PGP SIGNATURE-----
+
+iQJLBAABCgA1FiEEK+dKqz7nVN+5yA0zGKNIru1AnaEFAma8fsIXHGRvdmVjb3Qt
+Y2VAZG92ZWNvdC5vcmcACgkQGKNIru1AnaFbpA//Tdg+pLQsXCMQx6oVtk0QN/MX
+838FRT/fJZZtyCz+ldiTfCdYBxOk5FHhFHaMZV4ibZBCSmQVxr2SOAb0yEWXXort
+50XC2T0J5XOxgBuQI0Q4ltOzl++ghExYmp+aAO7I5XjWOOn4g+nOguQdmTvVbOq4
+JwIgtnK9iK/6/phMgu0bdd5SGOJsjoRsw5mBM0/CkZ0kJ9RzSKJ6mZc7g6KdZLRF
+8o+fBq/Ioo5snPNCsWx8Ms6T7hg/TTxyc2g+4PF7jMcn2zPhpWiQ3v/nGmhppPsE
+Wz2+/folqP0avgG2McGPDUXDV9D7EhVnZ87julZd+HAAAPMi7duxc6Ow2/8FvJBW
+xvtNjXs7hwUxp0kpn5JfAAohljVABzDIQgNptmr5VKA4jYtIf02F3rwfWIUaRrpl
+xnFrIWOU7+6ED7ylQew5TuUBjguQBrt0O6ppu0o2f3R0LkFelVWJfG0H5EH0HN9v
+1+91JYdbmUOVphRXfXH5qi1BSuYR267O8zg5mA/22jti0TJ+rrWUy5FVv1SVTlh2
+VBYhK2VYayUaEttzwmUTQkgbLWA7RcPLVpqCS/FlgJAwiskxiwJCxe9gZxf+qVVk
+CZOmquC26UiGXATlhmf5k8UOHBsnVCBnRzuE9w15wXUIs4OCIhNiPOct710+RcfZ
+mXkDwgI2e0uXwun3Qt8=
+=6oIY
+-----END PGP SIGNATURE-----

dovecot-2.3-pigeonhole-0.5.21.tar.gz

@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:1ca71d2659076712058a72030288f150b2b076b0306453471c5261498d3ded27
+size 1955945

dovecot-2.3-pigeonhole-0.5.21.tar.gz.sig

@@ -0,0 +1,17 @@
+-----BEGIN PGP SIGNATURE-----
+
+iQJLBAABCgA1FiEEK+dKqz7nVN+5yA0zGKNIru1AnaEFAmUD/LgXHGRvdmVjb3Qt
+Y2VAZG92ZWNvdC5vcmcACgkQGKNIru1AnaEOrw//XMtJvAS4s+6VIJ1faAQFztKS
+8lo3e6dd+EHKEMz70mXu/5tdEQS7JkiN+9O6CbjNY0+/zHmYmXXXiVCvldpSqDhe
+9c2mIOeAg0C2EVY5Qf/RJ940ByF4Kd/ulUY6exaUycJkUccNEYgBGVWOnIwNDlV/
+hCLlJy1540nApo7ys9XVh3+WO2I3a8xVm5cRug6j0FD93rhmWc7dpeCe40j7xz0q
+pMKGbGlQueRgeZ1NO7Qp+9ZIVyy9xIZIuNt13GwhD830ObpE2aGFfW6yxdmIRrgK
+/wIp+fzdMbPLNbtmCdh1NXz88zC6KbEII1rHaL/KejK7XtOkzR06yOJYr/tgJN+s
+BnWGQbCAVfBUMWdnvzgs0nTgzqattlXPqoD1v3TkMYXKYcf9Tow9RGNaDk0DXGCH
+bx3+oBkfjUEvxDU7td4F7DMVjBQZpwhNA/TiGraabtPQKfR4zFcYQUyw3T3G+Rv3
+PZ32mTmC9TTN5blTxamvsrK2SpFT3uXm1ch019228pul0DtcvjcdZFgkyWl3I0Xy
+Na/GEPlVodVVTx0cAGbUCeS6Ja3UG9Le4KjfYOEQ8gBeo5dD4/hrs0ZXHBri7XcW
+0ackeYB4JrSDALumjbHTRL+vo9d0FbtpkxBq9RMXM/xVqMpzfSo3Ac3bViBh05pX
+BXYU8Uy5LU0VjN7FpOI=
+=a386
+-----END PGP SIGNATURE-----

dovecot-2.3-pigeonhole.configfiles

@@ -0,0 +1,4 @@
+/etc/dovecot/conf.d/20-managesieve.conf
+/etc/dovecot/conf.d/90-sieve-extprograms.conf
+/etc/dovecot/conf.d/90-sieve.conf
+/etc/dovecot/sieve-ldap.conf

dovecot-2.3.0-better_ssl_defaults.patch

@@ -0,0 +1,50 @@
+Index: dovecot-2.3.17.1/doc/example-config/conf.d/10-ssl.conf
+===================================================================
+--- dovecot-2.3.17.1.orig/doc/example-config/conf.d/10-ssl.conf
++++ dovecot-2.3.17.1/doc/example-config/conf.d/10-ssl.conf
+@@ -9,8 +9,8 @@
+ # dropping root privileges, so keep the key file unreadable by anyone but
+ # root. Included doc/mkcert.sh can be used to easily generate self-signed
+ # certificate, just make sure to update the domains in dovecot-openssl.cnf
+-ssl_cert = </etc/ssl/private/dovecot.crt
+-ssl_key = </etc/ssl/private/dovecot.pem
++#ssl_cert = </etc/ssl/private/dovecot.crt
++#ssl_key = </etc/ssl/private/dovecot.pem
+ 
+ # If key file is password protected, give the password here. Alternatively
+ # give it when starting dovecot with -p parameter. Since this file is often
+@@ -64,6 +64,7 @@ ssl_key = </etc/ssl/private/dovecot.pem
+ #ssl_cipher_list = ALL:!kRSA:!SRP:!kDHd:!DSS:!aNULL:!eNULL:!EXPORT:!DES:!3DES:!MD5:!PSK:!RC4:!ADH:!LOW@STRENGTH
+ # To disable non-EC DH, use:
+ #ssl_cipher_list = ALL:!DH:!kRSA:!SRP:!kDHd:!DSS:!aNULL:!eNULL:!EXPORT:!DES:!3DES:!MD5:!PSK:!RC4:!ADH:!LOW@STRENGTH
++ssl_cipher_list = ALL:!aNULL:!eNULL:!EXPORT:!DES:!3DES:!MD5:!PSK:!RC4:!ADH:!LOW@STRENGTH
+ 
+ # Colon separated list of elliptic curves to use. Empty value (the default)
+ # means use the defaults from the SSL library. P-521:P-384:P-256 would be an
+@@ -71,7 +72,7 @@ ssl_key = </etc/ssl/private/dovecot.pem
+ #ssl_curve_list =
+ 
+ # Prefer the server's order of ciphers over client's.
+-#ssl_prefer_server_ciphers = no
++ssl_prefer_server_ciphers = yes
+ 
+ # SSL crypto device to use, for valid values run "openssl engine"
+ #ssl_crypto_device =
+@@ -80,3 +81,4 @@ ssl_key = </etc/ssl/private/dovecot.pem
+ #   compression - Enable compression.
+ #   no_ticket - Disable SSL session tickets.
+ #ssl_options =
++ssl_options = no_compression
+Index: dovecot-2.3.17.1/src/lib-master/master-service-ssl-settings.c
+===================================================================
+--- dovecot-2.3.17.1.orig/src/lib-master/master-service-ssl-settings.c
++++ dovecot-2.3.17.1/src/lib-master/master-service-ssl-settings.c
+@@ -49,7 +49,7 @@ static const struct master_service_ssl_s
+ 	.ssl_client_ca_dir = "",
+ 	.ssl_client_cert = "",
+ 	.ssl_client_key = "",
+-	.ssl_cipher_list = "ALL:!kRSA:!SRP:!kDHd:!DSS:!aNULL:!eNULL:!EXPORT:!DES:!3DES:!MD5:!PSK:!RC4:!ADH:!LOW@STRENGTH",
++	.ssl_cipher_list = "ALL:!LOW:!SSLv2:!EXP:!aNULL:!aNULL:!eNULL:!EXPORT:!DES:!3DES:!MD5:!PSK:!RC4:!ADH:!LOW@STRENGTH",
+ 	.ssl_cipher_suites = "", /* Use TLS library provided value */
+ 	.ssl_curve_list = "",
+ 	.ssl_min_protocol = "TLSv1.2",

dovecot-2.3.0-dont_use_etc_ssl_certs.patch

@@ -0,0 +1,122 @@
+Index: dovecot-2.3.17.1/doc/man/doveconf.1.in
+===================================================================
+--- dovecot-2.3.17.1.orig/doc/man/doveconf.1.in
++++ dovecot-2.3.17.1/doc/man/doveconf.1.in
+@@ -136,7 +136,7 @@ Show passwords and other sensitive value
+ .TP
+ .B \-x
+ Expand configuration variables (e.g. \(Domail_plugins \(rA quota) and show
+-file contents (from e.g. ssl_cert = </etc/ssl/certs/dovecot.pem).
++file contents (from e.g. ssl_cert = </etc/ssl/private/dovecot.crt).
+ .\"---------------------------------
+ .TP
+ .I section_name
+@@ -217,4 +217,4 @@ dict/quota = pgsql:@pkgsysconfdir@/dovec
+ .BR doveadm (1),
+ .BR dovecot (1),
+ .BR dovecot\-lda (1),
+-.BR dsync (1)
+\ No newline at end of file
++.BR dsync (1)
+Index: dovecot-2.3.17.1/doc/mkcert.sh
+===================================================================
+--- dovecot-2.3.17.1.orig/doc/mkcert.sh
++++ dovecot-2.3.17.1/doc/mkcert.sh
+@@ -8,14 +8,14 @@ OPENSSL=${OPENSSL-openssl}
+ SSLDIR=${SSLDIR-/etc/ssl}
+ OPENSSLCONFIG=${OPENSSLCONFIG-dovecot-openssl.cnf}
+ 
+-CERTDIR=$SSLDIR/certs
++CERTDIR=$SSLDIR/private
+ KEYDIR=$SSLDIR/private
+ 
+-CERTFILE=$CERTDIR/dovecot.pem
++CERTFILE=$CERTDIR/dovecot.crt
+ KEYFILE=$KEYDIR/dovecot.pem
+ 
+ if [ ! -d $CERTDIR ]; then
+-  echo "$SSLDIR/certs directory doesn't exist"
++  echo "$CERTDIR directory doesn't exist"
+   exit 1
+ fi
+ 
+Index: dovecot-2.3.17.1/doc/wiki/CompilingSource.txt
+===================================================================
+--- dovecot-2.3.17.1.orig/doc/wiki/CompilingSource.txt
++++ dovecot-2.3.17.1/doc/wiki/CompilingSource.txt
+@@ -142,7 +142,7 @@ non-standard path. Make sure you have th
+ installed, and if it is not in the standard location, set 'CPPFLAGS' and
+ 'LDFLAGS' as shown in <the first section above.> [CompilingSource.txt]
+ 
+-By default the SSL certificate is read from '/etc/ssl/certs/dovecot.pem' and
++By default the SSL certificate is read from '/etc/ssl/private/dovecot.crt' and
+ the private key from '/etc/ssl/private/dovecot.pem'. The '/etc/ssl' directory
+ can be changed using the '--with-ssldir=DIR' configure option. Both can of
+ course be overridden from the configuration file.
+Index: dovecot-2.3.17.1/doc/wiki/SSL.CertificateCreation.txt
+===================================================================
+--- dovecot-2.3.17.1.orig/doc/wiki/SSL.CertificateCreation.txt
++++ dovecot-2.3.17.1/doc/wiki/SSL.CertificateCreation.txt
+@@ -39,7 +39,7 @@ CN matches the connected host name, othe
+ invalid. It's also possible to use wildcards (eg. *.domain.com) in the host
+ name. They should work with most clients.
+ 
+-By default the certificate is created to '/etc/ssl/certs/dovecot.pem' and the
++By default the certificate is created to '/etc/ssl/private/dovecot.crt' and the
+ private key file is created to '/etc/ssl/private/dovecot.pem'. Also by default
+ the certificate will expire in 365 days. If you wish to change any of these,
+ modify the mkcert.sh script.
+Index: dovecot-2.3.17.1/doc/wiki/SSL.DovecotConfiguration.txt
+===================================================================
+--- dovecot-2.3.17.1.orig/doc/wiki/SSL.DovecotConfiguration.txt
++++ dovecot-2.3.17.1/doc/wiki/SSL.DovecotConfiguration.txt
+@@ -41,7 +41,7 @@ The most important SSL settings are (in
+ ---%<-------------------------------------------------------------------------
+ ssl = yes
+ # Preferred permissions: root:root 0444
+-ssl_cert = </etc/ssl/certs/dovecot.pem
++ssl_cert = </etc/ssl/private/dovecot.crt
+ # Preferred permissions: root:root 0400
+ ssl_key = </etc/ssl/private/dovecot.pem
+ ---%<-------------------------------------------------------------------------
+@@ -73,11 +73,11 @@ override the global setting.:
+ 
+ ---%<-------------------------------------------------------------------------
+ protocol imap {
+-  ssl_cert = </etc/ssl/certs/imap.pem
++  ssl_cert = </etc/ssl/private/imap.crt
+   ssl_key = </etc/ssl/private/imap.pem
+ }
+ protocol pop3 {
+-  ssl_cert = </etc/ssl/certs/pop3.pem
++  ssl_cert = </etc/ssl/private/pop3.crt
+   ssl_key = </etc/ssl/private/pop3.pem
+ }
+ ---%<-------------------------------------------------------------------------
+@@ -194,11 +194,11 @@ support SNI.
+ 
+ ---%<-------------------------------------------------------------------------
+ local_name imap.example.org {
+-  ssl_cert = </etc/ssl/certs/imap.example.org.crt
++  ssl_cert = </etc/ssl/private/imap.example.org.crt
+   ssl_key = </etc/ssl/private/imap.example.org.key
+ }
+ local_name imap.example2.org {
+-  ssl_cert = </etc/ssl/certs/imap.example2.org.crt
++  ssl_cert = </etc/ssl/private/imap.example2.org.crt
+   ssl_key = </etc/ssl/private/imap.example2.org.key
+ }
+ # ..etc..
+Index: dovecot-2.3.17.1/doc/example-config/conf.d/10-ssl.conf
+===================================================================
+--- dovecot-2.3.17.1.orig/doc/example-config/conf.d/10-ssl.conf
++++ dovecot-2.3.17.1/doc/example-config/conf.d/10-ssl.conf
+@@ -9,7 +9,7 @@
+ # dropping root privileges, so keep the key file unreadable by anyone but
+ # root. Included doc/mkcert.sh can be used to easily generate self-signed
+ # certificate, just make sure to update the domains in dovecot-openssl.cnf
+-ssl_cert = </etc/ssl/certs/dovecot.pem
++ssl_cert = </etc/ssl/private/dovecot.crt
+ ssl_key = </etc/ssl/private/dovecot.pem
+ 
+ # If key file is password protected, give the password here. Alternatively

dovecot-2.3.21.1.tar.gz

@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:2d90a178c4297611088bf7daae5492a3bc3d5ab6328c3a032eb425d2c249097e
+size 7842044

dovecot-2.3.21.1.tar.gz.sig

@@ -0,0 +1,17 @@
+-----BEGIN PGP SIGNATURE-----
+
+iQJLBAABCgA1FiEEK+dKqz7nVN+5yA0zGKNIru1AnaEFAma8frUXHGRvdmVjb3Qt
+Y2VAZG92ZWNvdC5vcmcACgkQGKNIru1AnaHesA//QG3U92zq5vmWLoEC7G8nKbT7
+JUYthTqG4j2wgEngdcZmylKo4dbXvbEljf9PdTfFAJJbwKDaOgKedwykQo+xIGwO
+y8Xkcs8iyB4Sv9boZp4aIPSCPr5zLE81dZrjy7UNxOyNxQKkcr092HhLxLhU3ktJ
+Kpjkr6yVdgDVmu48jvePhxTVlH/whdN/5DWxfkUjp09xZRjTwSOqBaoQTyVgTvQv
+HYVUsfzLHmeUjkasZ/piaHdZPq1fdtIMjmDVUkpyZcyQVEUABLOF1ahYCNIgQlrS
+61roI3rI58P7YQAguhoNpvBvQGUflUp8UFhv1XDTVcHpEKQzBXv/SUX+H14vHfek
+m8qX4gs/WKwIajH7dvdBC2Rz2ApVfXPrBLZRNyOxjMI3OhGNfeCLKX/bQajltHmx
+EP9eW60WYkfI3BlbnkIJDcRFFo1Wq1p97tQS/I+wct9tLtbokmOPJYGAsge/kWT3
+iywTPopD3mTtcvtcK7eVs3u9OYOJPhAsyBk6ahlcQ+3niks1LeqMpaWG2QgvNUUo
+se3zjMzVeC/FbWj5H9qJyp282xRce88CD0vzBLThRTR5OXIPujqOvsvJN7qFcpKi
+6lenb26sDXYxLHEsDkRw8oQtk6jGOJh971X8Tr4S+RLmwo3hNZ9qZtYjs7h7485x
+Iu/utjziOizSFIsy2Jk=
+=8VHs
+-----END PGP SIGNATURE-----

dovecot-2.3.21.tar.gz

@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:05b11093a71c237c2ef309ad587510721cc93bbee6828251549fc1586c36502d
+size 7837242

dovecot-2.3.21.tar.gz.sig

@@ -0,0 +1,17 @@
+-----BEGIN PGP SIGNATURE-----
+
+iQJLBAABCgA1FiEEK+dKqz7nVN+5yA0zGKNIru1AnaEFAmUD/KAXHGRvdmVjb3Qt
+Y2VAZG92ZWNvdC5vcmcACgkQGKNIru1AnaGv3Q//bB9M8lEVqTyljhPFphhNLJvj
+zxh9U08nUOpOV9X+IfVX4PcorS5SqrPU45ohVmstLhMf6+ONHLWqE9GHFJrwsvtC
+/aPdX5ZPQN7/H76hW9rD+m9ytCkKC+sH2tf4RR8IWtfVjF2cU+jRbMcGSJ2SbKS4
+APOEMJgdtmh5vZTHMYCSv0+8+pi4LNm3pth6XbbneJ8cmoLlZ3kjUn63pb8atkwF
+fhSNIMjb3ZKE4kJT+p01Q18DO5X4DQuPrjiuRPHLpe+PbsUYdu44Wuu+vsM/eSO2
+RQ3C+uoFg2DfhwkjLxiiTli+bnKONUKpBae3ckG1GO6cBqtPuDEIea2dcPOjJ3Ga
+Vpssy+iq7qvGIZDC5YPmdRH6O0k4r0ntTljFlpg2SW7afE2tC1ipadCcwOsF9dUZ
+DDF89o+k8s0kl8486YTIeTSwGBWJCQJPzmdA8hBxCcVTvvo5G+N2xxX6ZL+wqG3Y
+vV43n/Xvi4GkrOS7Rp+SOMGS5E4/+VB2udC3qm1s6cFm0bFVXMGwbzFnKqpcGaYX
+UDmbZAkKA4pCkEdNJIz1QUpNtQnf1vGHaMeW+IAW5xPjKJ15/M+GPZ0yeqv2Gt6I
+v1J0EM5ZkgNJ+9NU093QxORdXrTD7bDMa5yOv/7ih+9Cx4r9GhdgS/T/3LZIncrg
+xpKXvK/XKM7RFMhOnz4=
+=fueB
+-----END PGP SIGNATURE-----

dovecot-2.3.configfiles

@@ -0,0 +1,31 @@
+/etc/dovecot/README
+/etc/dovecot/conf.d/10-auth.conf
+/etc/dovecot/conf.d/10-director.conf
+/etc/dovecot/conf.d/10-logging.conf
+/etc/dovecot/conf.d/10-mail.conf
+/etc/dovecot/conf.d/10-master.conf
+/etc/dovecot/conf.d/10-ssl.conf
+/etc/dovecot/conf.d/15-lda.conf
+/etc/dovecot/conf.d/15-mailboxes.conf
+/etc/dovecot/conf.d/20-imap.conf
+/etc/dovecot/conf.d/20-lmtp.conf
+/etc/dovecot/conf.d/20-pop3.conf
+/etc/dovecot/conf.d/20-submission.conf
+/etc/dovecot/conf.d/90-acl.conf
+/etc/dovecot/conf.d/90-plugin.conf
+/etc/dovecot/conf.d/90-quota.conf
+/etc/dovecot/conf.d/auth-checkpassword.conf.ext
+/etc/dovecot/conf.d/auth-deny.conf.ext
+/etc/dovecot/conf.d/auth-dict.conf.ext
+/etc/dovecot/conf.d/auth-ldap.conf.ext
+/etc/dovecot/conf.d/auth-master.conf.ext
+/etc/dovecot/conf.d/auth-passwdfile.conf.ext
+/etc/dovecot/conf.d/auth-sql.conf.ext
+/etc/dovecot/conf.d/auth-static.conf.ext
+/etc/dovecot/conf.d/auth-system.conf.ext
+/etc/dovecot/conf.d/auth-vpopmail.conf.ext
+/etc/dovecot/dovecot-dict-auth.conf.ext
+/etc/dovecot/dovecot-dict-sql.conf.ext
+/etc/dovecot/dovecot-ldap.conf.ext
+/etc/dovecot/dovecot-sql.conf.ext
+/etc/dovecot/dovecot.conf

dovecot-rpmlintrc

@@ -0,0 +1,2 @@
+addFilter("incoherent-init-script-name")
+addFilter("spurious-executable-perm.*/usr/share/doc/packages/dovecot/mkcert.sh")

dovecot23.keyring

@@ -0,0 +1,68 @@
+-----BEGIN PGP PUBLIC KEY BLOCK-----
+
+mQINBFoyisIBEADXxIfb89+FkI5DKPaI9M33vV7f9PkXkCWvXszAH2R9iJEafzUQ
+JaRzb0ZhZP6XKT+2P6quRTdBseFvEiH2qT5EpXYGGRNlCHB3+4Wjv1t4EZZe0fUK
+eHHpND4b4HGn7G6FrcZKtA1NebcmNlhO7ZNBaOOJSv93+TbNdk2vrRvmj57eX8TB
+1FJure5F/wZpD64DO5apNllxXO4zsype5+zYMoFQfExn3k7HUqmI0+PAAQ2yy/Wm
+WPMSACmeyhz/gCdtpgpnW+GFn4MsNFJF+ytF64FXvBOXxC61A5UBntKN0pAqSb/N
+JzIajRnrN8i7KR50AH0e0xGz9rq+4+5K9cckoLwiIC1Z6ymjDGt9yzgZssMWMfY8
+EFfl3DhQbG2dzDChj7t2jZ7o3fGpgPor+PnKKtLosgFFlf8eU8gBgb6nKEwTBV2S
+eJvU/j6KkRk/qDZEknVIK8D4XBdiNCSaB4AATE2/V2SdTThu9bqiVJ0+Dcn4oHBa
+W/6Da34NG0wfvJlOsxDMVBCgt7XKKemeDa4zxdbEG0yleaLLdv5UgN9GqtV7a8mP
+mKzyE36hjZRhAfJNwpQwYbzT4/22aSD8jd8fBkkHY4OSE+DA3UQrTKvEIp+wfQ4v
+KgvRjYEdEH/0A3U/TxybFPjHFux26pEBwNW6D7g19fXsEmSB125ozmkUGwARAQAB
+tDJEb3ZlY290IENvbW11bml0eSBFZGl0aW9uIDxkb3ZlY290LWNlQGRvdmVjb3Qu
+b3JnPokCOAQTAQIAIgUCWjKKwgIbAwYLCQgHAwIGFQgCCQoLBBYCAwECHgECF4AA
+CgkQGKNIru1AnaG2IxAAihlcooJxXAtOMq9qzb9S6QR49jzlgO6fSJZcwa6mHsxS
+u2aaT4eDXiJOVp2I2JA9G2nEoXpnzAOcDbqsP0Bdvyz8Kse0M07xboza31li0oW8
+JGyJmuCR1f8EwjUuTK8oFPYMfJbcFlhMCFU9JFpNFLTsHTkcWVfcJhVwR7IR5Qnf
+ekf1UKukf/J245f0/ut1/BRJYKNfgOOAwC5eHEL0WY3yTPdiUoiJbxWNaGGvgW2N
+zkTyCuL52TY0J+b6us7Umilck58C9+LjtDVLfgXZssLCeErwbE/XIUmlgVqcvexq
+/eVEoE/PBkSWsMAxUuTqUYDv2JcJJJTolmYVGN9S8EVZ3FfoMvqBsWPAyE6MAayT
+G3l5gci8Hm4QFf3gKW94daUPAUMxR5fjTWhyu3Fw/t7pe6I73FPEkllGBy75gJqg
+lyvQi7TSv3P7HRWUP7YzWQXTTt9/e9OYIRM3wSn/75u3tF/3nmmaAeX1ThipCLYU
+jz+x2xixXXieRvXVPZFmBy9R2QByKK7UbuC0QvZlbJM+KjQq9TeCwpLH9TOe04jy
+I1dU5GJAqbhPs4eVD61ZAft8/fhAmXeDOEFo/bhW62R4DR50C+eBMlHkPps/eg8i
++vLzQ4SeMMnr0YBGHyPM8Tr5laYdLNX2t8MoGT/Su/htmDR43DeFt9QUddFHb4G5
+Ag0EWjKKwgEQAL3QJYywB4fLxg6MqWkCj9CK2ZOA87UvtZW4KCXYy9uZtavSKOlL
+CkS24N8bCXtZwZmRXrgjPY1auvxHofSZVgla0BBWl+zC3NsyTtLHaLBZU5FYub4w
+q81U8tkCJZYc7EogGx1IPcC9jFRN8vEbZmqSMRbPZBTIr6qVLJyqEqQY/VrkKBDx
+sZ2oY+I/uc4zY47g53SVMRWjELmYCrtuLWCRhK1haxRp0Jr7W5jj8iKoI8z5kpMz
+LKzIKoEa4VnLAdQvQI6gRKQEYZ3lKjaaWkd+2A+vP7lMURvJdn2OfnV3j5esbfLj
+vzjTkMw1Jbtq1tg/vlCEGKPmOZGN+OlpKu9pD/6/IXrt7bfaFviCrmAFNjlEDk0+
+NqtuHyxrS+gNDIu5SaFniUxDNJCoor3Hpy+qRq2x8FneR6fsh4JXXR+lNsYPF6E4
+zWhkgChxBlH9ijosieCwUADbacHznQ4kjZTbEBbFEb0Mpj34FuNbGqYNaUyQta82
+tPw82dOcM5uRXuKdJ8r9ObXRDbci8AgQrn2atOo4aTzgK5UoMehVO1/NMy2zkGmQ
+dS/KqPfOnW8TIMozgkEzTE2i/VPUZklfSKTcTcGDaEy1OLpPru7wzVhnCeO9L2z4
+JsN1AOZ4snayQ7JdgMdMqOXufYFtbonJLnKlGI3WMWRlyG1lrIHS2hTnABEBAAGJ
+Ah8EGAECAAkFAloyisICGwwACgkQGKNIru1AnaFOlg/+KQpWeTg8AqwVqGQwJ64i
+I7dutIQQIjBy8fKc0j6eiNujukBbWeQv6KSyGLxhbRo9as2iVDeSD1oqBjhT1BHz
+JZjqUL6IdkYefVpg3hjikzRr3DLFj4TVA5fGxB187bhoRchPh5uuVZ1QqZBiwnKb
+PIhwK7Imi9OEbdjmarytNZKxnsq2e095EDB+cXiiJ9IrVLLcuXDJQCLY6VVWPHTc
+pp6adN7Ve65itOPc4jIoe8SAeMl55eI6reBMt8CgMuGSJNsM3pia1CC6PwcRgWL9
+pcEr1XQO63gFLnRFkjVdcuLs9K3MLS7+aGe7ZOORCUv0E1gzmEggCXTFpk2V6uH8
+9CP0LzBGKwUVkpFhNw1Wk79tvQIpKLz5wUQEXFYhcFODqEUH407b6VO+SvDsVT8l
+YgUGUOI8Nw3GGyaw6ZOlKLu2z72mtcBF2KBrSGs3brD8Keo7GmViasniYQyVCOiP
+5LSQbgBVrNt2yLvOVNSNF6k2fmYIoOe3GPPhsQBFx6Qi9Ci8LLDadDiR5qTTxff2
+3SnkJQL1M2gwh55d7PzJdVCa3mBE5p8hr4AyoNQM9wS+NkSwfyKRuOUpotVVx9Uk
+bT1WdQKTu7HYEJ9eev5Ch0yfQV8nFkKdMfTtYl0gjsWkpKFxJvhAvd8gNYk22GDK
+BWoyZxpdESCzsL3JU8wy7TQ=
+=Z5jJ
+-----END PGP PUBLIC KEY BLOCK-----
+-----BEGIN PGP PUBLIC KEY BLOCK-----
+
+mQENBEe3MzIBCADcP+MLyAG1kuy809S9esj7HiWFIzs7qkGm1dXnCIsrVMZWfzmY
+RSSeAuDIooFXrEf4N1EJgj0m/MX5T9ok39olvwOYwN4F845hUY/cybHTha2PpcIR
+VaYsfiyc54OSq25FIITxNghz5pMKHnnIX8++fnHQfQbhBG6dkfsG0aHoTlbv6/iY
+QmcxzGjkWJ6o2lIjcGze8Jq9xLvPjmxPFUXBYE81IXtsCN37f3FCyIgQd7GxuChl
+f0KX9eln+T6dqiuyPKdSpougKvPZWNVssfPhGnC+uoQ4IeKp02hIDQtDFo2sK0Mc
+/La+GZWWoHad0fTP40yOE9XhispfX6nStQpxABEBAAG0JFN0ZXBoYW4gQm9zY2gg
+PHN0ZXBoYW5AcmVuYW1lLWl0Lm5sPokBNgQTAQIAIAUCR7czMgIbAwYLCQgHAwIE
+FQIIAwQWAgMBAh4BAheAAAoJEATWKx49+7T0xwMH/3T2AuierwGBd75UERws2x8d
+r4nvQcop229Mz4etOZZu4LFaTMVhLHY4ZVxddJWp87YVV553B3p/vVrY1Q0mku1P
+M4Im8HTla/saJlBJjgjq4BKoKRKnJDhS9tSs12UxIu2qYZlR3x78rl6IC94h+OxE
+ZrgK6EkY8LtuRHtEgAoDXt07zbOypGyZnh5DJYMr3cXmIi1FjAMT1kJiDlhbgP4F
+DUKmnaXEq9KE5dQhkXSBWBsgQg12DChabZ69jrAX2nrtvb3r9O/Hth7XnPq7F2zG
+FfbfgRH9lMCixlh40NfsWyseAKTNRDZFm1U8POn1+R5mU6enyACrkZAYDBaExR8=
+=pFc1
+-----END PGP PUBLIC KEY BLOCK-----

dovecot23.spec

@@ -0,0 +1,777 @@
+#
+# spec file for package dovecot23
+#
+# Copyright (c) 2023 SUSE LLC
+#
+# All modifications and additions to the file contributed by third parties
+# remain the property of their copyright owners, unless otherwise agreed
+# upon. The license for this file, and modifications and additions to the
+# file, is the same license as for the pristine package itself (unless the
+# license for the pristine package is not an Open Source License, in which
+# case the license is the MIT License). An "Open Source License" is a
+# license that conforms to the Open Source Definition (Version 1.9)
+# published by the Open Source Initiative.
+
+# Please submit bugfixes or comments via https://bugs.opensuse.org/
+#
+
+
+Name:           dovecot23
+Version:        2.3.21.1
+Release:        0
+%define pkg_name dovecot
+%define dovecot_version 2.3.21.1
+%define dovecot_pigeonhole_version 0.5.21.1
+%define dovecot_branch  2.3
+%define dovecot_pigeonhole_source_dir %{pkg_name}-%{dovecot_branch}-pigeonhole-%{dovecot_pigeonhole_version}
+%define dovecot_pigeonhole_docdir     %{_docdir}/%{pkg_name}/dovecot-pigeonhole
+%define restart_flag /var/run/%{pkg_name}/%{pkg_name}-restart-after-rpm-install
+%if 0%{?suse_version} > 1230
+%bcond_without systemd
+%bcond_with    textcat
+%else
+%bcond_with    systemd
+%bcond_with    textcat
+%endif
+%bcond_without solr
+%if 0%{?suse_version} > 1110
+%bcond_without clucene
+%bcond_without dcrypt_openssl
+%bcond_without icu
+%else
+%bcond_with    clucene
+%bcond_with    dcrypt_openssl
+%bcond_with    icu
+%endif
+%bcond_without sqlite
+%if 0%{?suse_version} >= 1110
+%bcond_without lzma
+%else
+%bcond_with    lzma
+%endif
+%if 0%{?suse_version} >= 1320
+%bcond_without argon
+%bcond_without lz4
+%else
+%bcond_with    argon
+%bcond_with    lz4
+%endif
+%if 0%{?suse_version} >= 1110
+%bcond_without zstd
+%else
+%bcond_with    zstd
+%endif
+BuildRoot:      %{_tmppath}/%{name}-%{version}-build
+BuildRequires:  bison
+BuildRequires:  cyrus-sasl-devel
+BuildRequires:  flex
+BuildRequires:  libapparmor-devel
+%if %{with icu}
+BuildRequires:  libicu-devel
+%endif
+BuildRequires:  libtool
+%if %{with lzma}
+BuildRequires:  xz-devel
+%endif
+%if %{with lz4}
+BuildRequires:  liblz4-devel
+%endif
+%if %{with zstd}
+BuildRequires:  libzstd-devel
+%endif
+%if %{with argon}
+BuildRequires:  libsodium-devel
+%endif
+%if 0%{?suse_version} >= 1520
+BuildRequires:  libmysqlclient-devel
+%else
+BuildRequires:  mysql-devel
+%endif
+BuildRequires:  openldap2-devel
+BuildRequires:  openssl-devel >= 1.0.1
+BuildRequires:  pam-devel
+BuildRequires:  pkgconfig
+BuildRequires:  postgresql-devel
+BuildRequires:  tcpd-devel
+BuildRequires:  zlib-devel
+%if %{with sqlite}
+BuildRequires:  sqlite-devel > 3
+%endif
+%if %{with clucene}
+BuildRequires:  clucene-core-devel
+BuildRequires:  gcc-c++
+%endif
+%if 0%{?sles_version} == 9
+BuildRequires:  heimdal-devel
+BuildRequires:  libcap
+%else
+BuildRequires:  krb5-devel
+BuildRequires:  libcap-devel
+%endif
+%if 0%{?suse_version} > 1020
+BuildRequires:  libbz2-devel
+%endif
+%if 0%{?suse_version} >= 1500
+BuildRequires:  lua53-devel
+%else
+BuildRequires:  lua51-devel
+%endif
+%if %{with solr}
+BuildRequires:  curl-devel
+BuildRequires:  libexpat-devel
+%endif
+%if %{with textcat}
+BuildRequires:  libexttextcat-devel
+%endif
+%if %{with systemd}
+BuildRequires:  pkgconfig(systemd)
+%{?systemd_ordering}
+%define has_systemd 1
+%endif
+PreReq:         %fillup_prereq
+# bump requires on noarch package to the version which copies the files from /usr/share/dovecot/
+Requires:       dovecot >= 2.3
+Conflicts:      otherproviders(dovecot-implementation)
+Provides:       dovecot-implementation = %{version}-%{release}
+%if 0%{?suse_version} >= 1010
+Recommends:     %{name}-backend-mysql = %{version}
+Recommends:     %{name}-backend-pgsql = %{version}
+%if %{with sqlite}
+Recommends:     %{name}-backend-sqlite = %{version}
+%endif
+%endif
+Recommends:     %{name}-fts = %{version}
+Recommends:     %{name}-fts-squat = %{version}
+URL:            https://www.dovecot.org
+Source:         https://www.dovecot.org/releases/%{dovecot_branch}/%{pkg_name}-%{dovecot_version}.tar.gz
+Source1:        https://pigeonhole.dovecot.org/releases/%{dovecot_branch}/%{dovecot_pigeonhole_source_dir}.tar.gz
+Source2:        dovecot-rpmlintrc
+Source3:        dovecot-2.0.configfiles
+Source4:        dovecot-2.1.configfiles
+Source5:        dovecot-2.2.configfiles
+Source6:        dovecot-2.3.configfiles
+Source7:        dovecot-2.1-pigeonhole.configfiles
+Source8:        dovecot-2.2-pigeonhole.configfiles
+Source9:        dovecot-2.3-pigeonhole.configfiles
+Source10:       https://www.dovecot.org/releases/%{dovecot_branch}/%{pkg_name}-%{dovecot_version}.tar.gz.sig
+Source11:       https://pigeonhole.dovecot.org/releases/%{dovecot_branch}/%{dovecot_pigeonhole_source_dir}.tar.gz.sig
+Source12:       dovecot23.keyring
+# PATCH-FIX-OPENSUSE - boo#932386
+Patch0:         dovecot-2.3.0-dont_use_etc_ssl_certs.patch
+# PATCH-FIX-SLE - boo#854512
+Patch1:         dovecot-2.3.0-better_ssl_defaults.patch
+# PATCH-FIX-OPENSUSE - boo#1207958
+Patch2:         fix-build-with-openssl-3.patch
+# PATCH-FIX-UPSTREAM - https://github.com/dovecot/core/commit/f0c1cf42ea78d22e2674b03fe65f0ee6545c5b99
+Patch3:         fix-strict-aliasing.patch
+Summary:        IMAP and POP3 Server Written Primarily with Security in Mind
+License:        BSD-3-Clause AND LGPL-2.1-or-later AND MIT
+Group:          Productivity/Networking/Email/Servers
+
+%description
+Dovecot is an IMAP and POP3 server for Linux and UNIX-like systems,
+written primarily with security in mind. Although it is written in C,
+it uses several coding techniques to avoid most of the common pitfalls.
+
+Dovecot can work with standard mbox and maildir formats and is fully
+compatible with UW-IMAP and Courier IMAP servers as well as mail
+clients accessing the mailboxes directly.
+
+%package backend-mysql
+Requires:       %{name} = %{version}
+Provides:       dovecot-backend-mysql = %{version}-%{release}
+Provides:       dovecot_sql_backend = %{version}-%{release}
+Conflicts:      otherproviders(dovecot-backend-mysql)
+Summary:        MySQL support for Dovecot
+Group:          Productivity/Networking/Email/Servers
+
+%description backend-mysql
+Dovecot is an IMAP and POP3 server for Linux and UNIX-like systems,
+written primarily with security in mind. Although it is written in C,
+it uses several coding techniques to avoid most of the common pitfalls.
+
+Dovecot can work with standard mbox and maildir formats and is fully
+compatible with UW-IMAP and Courier IMAP servers as well as mail
+clients accessing the mailboxes directly.
+
+This package holds the files needed for MySQL support.
+
+%package backend-pgsql
+Requires:       %{name} = %{version}
+Provides:       dovecot-backend-pgsql = %{version}-%{release}
+Provides:       dovecot_sql_backend = %{version}-%{release}
+Conflicts:      otherproviders(dovecot-backend-pgsql)
+Summary:        PostgreSQL support for Dovecot
+Group:          Productivity/Networking/Email/Servers
+
+%description backend-pgsql
+Dovecot is an IMAP and POP3 server for Linux and UNIX-like systems,
+written primarily with security in mind. Although it is written in C,
+it uses several coding techniques to avoid most of the common pitfalls.
+
+Dovecot can work with standard mbox and maildir formats and is fully
+compatible with UW-IMAP and Courier IMAP servers as well as mail
+clients accessing the mailboxes directly.
+
+This package holds the files needed for PostgreSQL support.
+
+%if %{with sqlite}
+
+%package backend-sqlite
+Requires:       %{name} = %{version}
+Provides:       dovecot-backend-sqlite = %{version}-%{release}
+Provides:       dovecot_sql_backend = %{version}-%{release}
+Conflicts:      otherproviders(dovecot-backend-sqlite)
+Summary:        SQLite support for Dovecot
+Group:          Productivity/Networking/Email/Servers
+
+%description backend-sqlite
+Dovecot is an IMAP and POP3 server for Linux and UNIX-like systems,
+written primarily with security in mind. Although it is written in C,
+it uses several coding techniques to avoid most of the common pitfalls.
+
+Dovecot can work with standard mbox and maildir formats and is fully
+compatible with UW-IMAP and Courier IMAP servers as well as mail
+clients accessing the mailboxes directly.
+
+This package holds the files needed for SQLite support.
+
+%endif
+
+%package fts
+Requires:       %{name} = %{version}
+Summary:        Fulltext search support base plugin
+Group:          Productivity/Networking/Email/Servers
+
+%description fts
+Dovecot is an IMAP and POP3 server for Linux and UNIX-like systems,
+written primarily with security in mind. Although it is written in C,
+it uses several coding techniques to avoid most of the common pitfalls.
+
+Dovecot can work with standard mbox and maildir formats and is fully
+compatible with UW-IMAP and Courier IMAP servers as well as mail
+clients accessing the mailboxes directly.
+
+This package holds the base plugin needed for fulltext search support
+
+%package fts-squat
+Requires:       %{name} = %{version}
+Requires:       %{name}-fts = %{version}
+Summary:        Fulltext search support squat plugin
+Group:          Productivity/Networking/Email/Servers
+
+%description fts-squat
+Dovecot is an IMAP and POP3 server for Linux and UNIX-like systems,
+written primarily with security in mind. Although it is written in C,
+it uses several coding techniques to avoid most of the common pitfalls.
+
+Dovecot can work with standard mbox and maildir formats and is fully
+compatible with UW-IMAP and Courier IMAP servers as well as mail
+clients accessing the mailboxes directly.
+
+This package holds the files needed for fulltext search support squat plugin.
+
+
+%if %{with clucene}
+
+%package fts-lucene
+Requires:       %{name} = %{version}
+Requires:       %{name}-fts = %{version}
+Provides:       dovecot-fts-clucene = %{version}-%{release}
+Provides:       dovecot_fts_backend = %{version}-%{release}
+Conflicts:      otherproviders(dovecot-fts-clucene)
+Summary:        Fulltext search support via CLucene
+Group:          Productivity/Networking/Email/Servers
+
+%description fts-lucene
+Dovecot is an IMAP and POP3 server for Linux and UNIX-like systems,
+written primarily with security in mind. Although it is written in C,
+it uses several coding techniques to avoid most of the common pitfalls.
+
+Dovecot can work with standard mbox and maildir formats and is fully
+compatible with UW-IMAP and Courier IMAP servers as well as mail
+clients accessing the mailboxes directly.
+
+This package holds the files needed for fulltext search support via CLucene.
+
+%endif
+
+%if %{with solr}
+
+%package fts-solr
+Requires:       %{name} = %{version}
+Requires:       %{name}-fts = %{version}
+Provides:       dovecot-fts-solr = %{version}-%{release}
+Provides:       dovecot_fts_backend = %{version}-%{release}
+Conflicts:      otherproviders(dovecot-fts-solr)
+Summary:        Fulltext search support via solr
+Group:          Productivity/Networking/Email/Servers
+
+%description fts-solr
+Dovecot is an IMAP and POP3 server for Linux and UNIX-like systems,
+written primarily with security in mind. Although it is written in C,
+it uses several coding techniques to avoid most of the common pitfalls.
+
+Dovecot can work with standard mbox and maildir formats and is fully
+compatible with UW-IMAP and Courier IMAP servers as well as mail
+clients accessing the mailboxes directly.
+
+This package holds the files needed for fulltext search support via solr.
+
+%endif
+
+%package devel
+Requires:       %{name} = %{version}
+Provides:       dovecot-devel = %{version}-%{release}
+Conflicts:      otherproviders(dovecot-devel)
+Summary:        Development files for Dovecot plugins
+Group:          Development/Libraries/C and C++
+
+%description devel
+Dovecot is an IMAP and POP3 server for Linux and UNIX-like systems,
+written primarily with security in mind. Although it is written in C,
+it uses several coding techniques to avoid most of the common pitfalls.
+
+Dovecot can work with standard mbox and maildir formats and is fully
+compatible with UW-IMAP and Courier IMAP servers as well as mail
+clients accessing the mailboxes directly.
+
+This package holds the file needed to compile plugins outside of the
+dovecot tree.
+
+%prep
+%autosetup -p1 -n %{pkg_name}-%{dovecot_version} -a 1
+
+gzip -9v ChangeLog
+# Fix plugins dir.
+sed -i 's|#mail_plugin_dir = /usr/lib/dovecot|mail_plugin_dir = %{_libdir}/dovecot/modules|' doc/example-config/conf.d/10-mail.conf
+
+%build
+export CFLAGS="%{optflags}"
+%if %{with clucene}
+export CFLAGS="$CFLAGS -I%{_libdir}"
+export CXXFLAGS="$CFLAGS -I%{_libdir}"
+%endif
+export CFLAGS="$CFLAGS -fpic -DPIC"
+export LIBS="-pie"
+%configure                                          \
+    --docdir=%{_docdir}/%{pkg_name}                 \
+    --with-moduledir=%{_libdir}/%{pkg_name}/modules \
+    --libexecdir=%{_prefix}/lib/                    \
+    --with-ioloop=best                              \
+    --with-ldap=plugin                              \
+    --with-sql=plugin                               \
+    --with-gssapi=plugin                            \
+    --with-pgsql                                    \
+    --with-mysql                                    \
+    --with-lua=plugin                               \
+    --with-apparmor                                 \
+%if %{with sqlite}
+    --with-sqlite                                   \
+%endif
+%if %{with clucene}
+    --with-lucene                                   \
+%endif
+%if %{with textcat}
+    --with-textcat                                  \
+%endif
+%if %{with icu}
+    --with-icu                                      \
+%endif
+%if %{with solr}
+    --with-solr                                     \
+%endif
+    --with-ssl=openssl                              \
+    --with-zlib                                     \
+    --with-bzlib                                    \
+%if %{with lzma}
+    --with-lzma                                     \
+%endif
+%if %{with lz4}
+    --with-lz4                                      \
+%endif
+%if %{with zstd}
+    --with-zstd                                     \
+%endif
+    --with-libcap                                   \
+    --with-libwrap                                  \
+    --with-docs                                     \
+%if %{with systemd}
+    --with-systemdsystemunitdir=%{_unitdir}         \
+%endif
+    --disable-static
+make %{?_smp_mflags}
+
+pushd %{dovecot_pigeonhole_source_dir}
+    %configure --with-dovecot=../ \
+      --with-ldap=plugin \
+      --docdir="%{dovecot_pigeonhole_docdir}"
+    make %{?_smp_mflags}
+popd
+
+%check
+make check
+make -C %{dovecot_pigeonhole_source_dir} test
+
+%install
+%makeinstall
+%makeinstall -C %{dovecot_pigeonhole_source_dir} sieve_docdir=%{dovecot_pigeonhole_docdir}
+
+# clean up unused files, as much as I would like to use -delete ... the old find on sles9 doesnt support it
+find %{buildroot}%{_libdir}/%{pkg_name}/ -type f \
+	'(' -name \*.la -o -name \*.a ')' -print -delete
+
+# create /var directories
+install -m 0755 -Dd \
+  %{buildroot}%{_var}/run/%{pkg_name}/login/ \
+  %{buildroot}%{_var}/lib/%{pkg_name}/
+
+# install the script to create dummy selfsigned certs
+pushd %{buildroot}%{_docdir}/%{pkg_name}/
+mv -v {*.cnf,mkcert.sh,example-config} ../../../%{pkg_name}/
+install -m 755 -d example-config/conf.d/
+ln -sv ../../../%{pkg_name}/{*.cnf,mkcert.sh} .
+cd example-config/
+ln -sv \
+    ../../../../%{pkg_name}/example-config/*conf \
+    ../../../../%{pkg_name}/example-config/*ext  \
+  .
+cd conf.d/
+ln -sv \
+    ../../../../../%{pkg_name}/example-config/conf.d/* \
+  .
+popd
+
+# additional docs for the main package
+install -m 0644 \
+       AUTHORS ChangeLog* COPYING* NEWS TODO README* \
+%if %{with solr}
+    doc/*.xml \
+%endif
+    %{buildroot}%{_docdir}/%{pkg_name}/
+
+# install sieve docs
+install -m 0755 -Dd %{buildroot}%{dovecot_pigeonhole_docdir}
+pushd %{dovecot_pigeonhole_source_dir}
+sed -i 's/\r$//' doc/rfc/*
+cp -av AUTHORS COPYING* INSTALL NEWS README TODO \
+       examples/ doc/rfc/ doc/devel \
+  %{buildroot}%{dovecot_pigeonhole_docdir}/
+  rm %{buildroot}%{dovecot_pigeonhole_docdir}/rfc/Makefile*
+popd
+
+for i in $RPM_SOURCE_DIR/*.configfiles ; do
+  echo "Creating ghost files for '$i'"
+  for j in $(<$i) ; do
+    install -D -m 0644 /dev/null %{buildroot}$j
+  done
+done
+
+# clean up of things that are now in the unversioned package.
+%if %{with systemd}
+rm %{buildroot}%{_unitdir}/dovecot.{service,socket}
+%endif
+rm %{buildroot}%{_sysconfdir}/%{pkg_name}/README
+
+%pre
+# do not let dovecot run during upgrade rhbz#134325
+if [ "$1" -ge "1" ]; then
+  rm -f %restart_flag
+  %if %{with systemd}
+    # we get installed before the unversioned dovecot package is installed
+    # in that case we dont need to restart as there was no file to start us before
+    if [ -x /bin/systemctl -a -e %{_unitdir}/%{pkg_name}.service ] ; then
+      /bin/systemctl is-active %{pkg_name}.service >/dev/null 2>&1 && touch %restart_flag ||:
+      /bin/systemctl stop      %{pkg_name}.service >/dev/null 2>&1
+    fi
+  %else
+    # we get installed before the unversioned dovecot package is installed
+    # in that case we dont need to restart as there was no file to start us before
+    if [ -x /etc/init.d/%{pkg_name} ] ; then
+      /etc/init.d/%{pkg_name} status >/dev/null 2>&1 && touch %restart_flag ||:
+      /etc/init.d/%{pkg_name} stop >/dev/null 2>&1
+    fi
+  %endif
+fi
+# remove !SSLv2 from ssl_protocols (no longer supported in openssl-1.1.0)
+if grep -s -q "ssl_protocols .*!SSLv2" /etc/dovecot/conf.d/10-ssl.conf; then
+  sed -i 's/^\(ssl_protocols.*\)[[:blank:]]!SSLv2\(.*\)$/\1\2/g' /etc/dovecot/conf.d/10-ssl.conf
+fi
+
+%post -p /sbin/ldconfig
+
+%postun
+/sbin/ldconfig
+# do not let dovecot run during upgrade rhbz#134325
+if [ "$1" -ge "1" -a -e %restart_flag ]; then
+  %if %{with systemd}
+    # we get installed before the unversioned dovecot package is installed
+    # in that case we dont need to restart as there was no file to start us before
+    if [ -x /bin/systemctl -a -e %{_unitdir}/%{pkg_name}.service ] ; then
+      /bin/systemctl start %{pkg_name}.service >/dev/null 2>&1 || :
+    fi
+  %else
+    # we get installed before the unversioned dovecot package is installed
+    # in that case we dont need to restart as there was no file to start us before
+    if [ -x /etc/init.d/%{pkg_name} ] ; then
+      /etc/init.d/%{pkg_name} start >/dev/null 2>&1 || :
+    fi
+  %endif
+  rm -f %restart_flag
+fi
+
+# do not let dovecot run during upgrade rhbz#134325
+# dovecot should be started again in %%postun, but it's not executed on reinstall
+# if it was already started, restart_flag won't be here, so it's ok to test it again
+%posttrans
+if [ -e %restart_flag ]; then
+  %if %{with systemd}
+    # we get installed before the unversioned dovecot package is installed
+    # in that case we dont need to restart as there was no file to start us before
+    if [ -x /bin/systemctl -a -e %{_unitdir}/%{pkg_name}.service ] ; then
+      /bin/systemctl start %{pkg_name}.service >/dev/null 2>&1 || :
+    fi
+  %else
+    # we get installed before the unversioned dovecot package is installed
+    # in that case we dont need to restart as there was no file to start us before
+    if [ -x /etc/init.d/%{pkg_name} ] ; then
+      /etc/init.d/%{pkg_name} start >/dev/null 2>&1 || :
+    fi
+  %endif
+  rm -f %restart_flag
+fi
+
+%files
+%defattr(-,root,root)
+%dir %{_sysconfdir}/%{pkg_name}/
+%ghost %config(noreplace) /etc/dovecot/*
+%{_sbindir}/%{pkg_name}
+%{_bindir}/doveadm
+%{_bindir}/doveconf
+%{_bindir}/dovecot-sysreport
+%{_bindir}/dsync
+%{_bindir}/sieve-test
+%{_bindir}/sievec
+%{_bindir}/sieve-dump
+%{_bindir}/sieve-filter
+# subprocesses
+%dir %{_prefix}/lib/%{pkg_name}
+%{_prefix}/lib/%{pkg_name}/aggregator
+%{_prefix}/lib/%{pkg_name}/anvil
+%{_prefix}/lib/%{pkg_name}/auth
+%{_prefix}/lib/%{pkg_name}/checkpassword-reply
+%{_prefix}/lib/%{pkg_name}/config
+%{_prefix}/lib/%{pkg_name}/decode2text.sh
+%{_prefix}/lib/%{pkg_name}/deliver
+%{_prefix}/lib/%{pkg_name}/dict
+%{_prefix}/lib/%{pkg_name}/director
+%{_prefix}/lib/%{pkg_name}/dns-client
+%{_prefix}/lib/%{pkg_name}/doveadm-server
+%{_prefix}/lib/%{pkg_name}/dovecot-lda
+%{_prefix}/lib/%{pkg_name}/gdbhelper
+%{_prefix}/lib/%{pkg_name}/health-check.sh
+%{_prefix}/lib/%{pkg_name}/imap
+%{_prefix}/lib/%{pkg_name}/imap-hibernate
+%{_prefix}/lib/%{pkg_name}/imap-login
+%{_prefix}/lib/%{pkg_name}/imap-urlauth
+%{_prefix}/lib/%{pkg_name}/imap-urlauth-login
+%{_prefix}/lib/%{pkg_name}/imap-urlauth-worker
+%{_prefix}/lib/%{pkg_name}/indexer
+%{_prefix}/lib/%{pkg_name}/indexer-worker
+%{_prefix}/lib/%{pkg_name}/ipc
+%{_prefix}/lib/%{pkg_name}/lmtp
+%{_prefix}/lib/%{pkg_name}/log
+%{_prefix}/lib/%{pkg_name}/maildirlock
+%{_prefix}/lib/%{pkg_name}/managesieve
+%{_prefix}/lib/%{pkg_name}/managesieve-login
+%{_prefix}/lib/%{pkg_name}/old-stats
+%{_prefix}/lib/%{pkg_name}/pop3
+%{_prefix}/lib/%{pkg_name}/pop3-login
+%{_prefix}/lib/%{pkg_name}/quota-status
+%{_prefix}/lib/%{pkg_name}/rawlog
+%{_prefix}/lib/%{pkg_name}/replicator
+%{_prefix}/lib/%{pkg_name}/script
+%{_prefix}/lib/%{pkg_name}/script-login
+%{_prefix}/lib/%{pkg_name}/stats
+%{_prefix}/lib/%{pkg_name}/submission
+%{_prefix}/lib/%{pkg_name}/submission-login
+%{_prefix}/lib/%{pkg_name}/tcpwrap
+%{_prefix}/lib/%{pkg_name}/xml2text
+%{_libdir}/%{pkg_name}/libdovecot.so.*
+%{_libdir}/%{pkg_name}/libdovecot-compression.so.*
+%{_libdir}/%{pkg_name}/libdovecot-dsync.so.*
+%{_libdir}/%{pkg_name}/libdovecot-fts.so.*
+%{_libdir}/%{pkg_name}/libdovecot-lda.so.*
+%{_libdir}/%{pkg_name}/libdovecot-ldap.so.*
+%{_libdir}/%{pkg_name}/libdovecot-login.so.*
+%{_libdir}/%{pkg_name}/libdovecot-lua.so.*
+%{_libdir}/%{pkg_name}/libdovecot-sieve.so.*
+%{_libdir}/%{pkg_name}/libdovecot-sql.so.*
+%{_libdir}/%{pkg_name}/libdovecot-storage.so.*
+%{_libdir}/%{pkg_name}/libdovecot-storage-lua.so.*
+%if %{with dcrypt_openssl}
+%{_libdir}/%{pkg_name}/libdcrypt_openssl.so
+%endif
+# plugins
+%dir %{_libdir}/%{pkg_name}
+%dir %{_libdir}/%{pkg_name}/modules/
+%{_libdir}/%{pkg_name}/modules/lib01_acl_plugin.so
+%{_libdir}/%{pkg_name}/modules/lib01_apparmor_plugin.so
+%{_libdir}/%{pkg_name}/modules/lib02_lazy_expunge_plugin.so
+%{_libdir}/%{pkg_name}/modules/lib05_mail_crypt_acl_plugin.so
+%{_libdir}/%{pkg_name}/modules/lib05_pop3_migration_plugin.so
+%{_libdir}/%{pkg_name}/modules/lib10_last_login_plugin.so
+%{_libdir}/%{pkg_name}/modules/lib01_mail_lua_plugin.so
+%{_libdir}/%{pkg_name}/modules/lib10_mail_crypt_plugin.so
+%{_libdir}/%{pkg_name}/modules/lib10_quota_plugin.so
+%{_libdir}/%{pkg_name}/modules/lib11_trash_plugin.so
+%{_libdir}/%{pkg_name}/modules/lib15_notify_plugin.so
+%{_libdir}/%{pkg_name}/modules/lib20_mail_log_plugin.so
+%{_libdir}/%{pkg_name}/modules/lib20_mailbox_alias_plugin.so
+%{_libdir}/%{pkg_name}/modules/lib20_notify_status_plugin.so
+%{_libdir}/%{pkg_name}/modules/lib20_charset_alias_plugin.so
+%{_libdir}/%{pkg_name}/modules/lib20_var_expand_crypt.so
+%{_libdir}/%{pkg_name}/modules/lib20_zlib_plugin.so
+%{_libdir}/%{pkg_name}/modules/lib20_push_notification_plugin.so
+%{_libdir}/%{pkg_name}/modules/lib20_listescape_plugin.so
+%{_libdir}/%{pkg_name}/modules/lib20_quota_clone_plugin.so
+%{_libdir}/%{pkg_name}/modules/lib20_replication_plugin.so
+%{_libdir}/%{pkg_name}/modules/lib20_virtual_plugin.so
+%{_libdir}/%{pkg_name}/modules/lib22_push_notification_lua_plugin.so
+%{_libdir}/%{pkg_name}/modules/lib30_imap_zlib_plugin.so
+%{_libdir}/%{pkg_name}/modules/lib02_imap_acl_plugin.so
+%{_libdir}/%{pkg_name}/modules/lib11_imap_quota_plugin.so
+%{_libdir}/%{pkg_name}/modules/lib90_sieve_plugin.so
+%{_libdir}/%{pkg_name}/modules/lib90_old_stats_plugin.so
+%{_libdir}/%{pkg_name}/modules/lib95_imap_sieve_plugin.so
+%{_libdir}/%{pkg_name}/modules/lib95_imap_filter_sieve_plugin.so
+%{_libdir}/%{pkg_name}/modules/lib95_imap_old_stats_plugin.so
+%{_libdir}/%{pkg_name}/modules/lib99_welcome_plugin.so
+%{_libdir}/%{pkg_name}/modules/libfs_compress.so
+%{_libdir}/%{pkg_name}/modules/libfs_crypt.so
+%{_libdir}/%{pkg_name}/modules/libfs_mail_crypt.so
+%{_libdir}/%{pkg_name}/modules/libssl_iostream_openssl.so
+
+#
+%dir %{_libdir}/%{pkg_name}/modules/auth/
+%{_libdir}/%{pkg_name}/modules/auth/libauthdb_imap.so
+%{_libdir}/%{pkg_name}/modules/auth/libauthdb_ldap.so
+%{_libdir}/%{pkg_name}/modules/auth/libauthdb_lua.so
+%{_libdir}/%{pkg_name}/modules/auth/libmech_gssapi.so
+%{_libdir}/%{pkg_name}/modules/auth/lib20_auth_var_expand_crypt.so
+%dir %{_libdir}/%{pkg_name}/modules/dict/
+%{_libdir}/%{pkg_name}/modules/dict/libdict_ldap.so
+# more dict modules are in the sql packages
+#
+%dir %{_libdir}/%{pkg_name}/modules/doveadm
+%{_libdir}/%{pkg_name}/modules/doveadm/libdoveadm_mail_crypt_plugin.so
+%{_libdir}/%{pkg_name}/modules/doveadm/lib10_doveadm_acl_plugin.so
+%{_libdir}/%{pkg_name}/modules/doveadm/lib10_doveadm_quota_plugin.so*
+%{_libdir}/%{pkg_name}/modules/doveadm/lib10_doveadm_sieve_plugin.so
+#
+%dir %{_libdir}/%{pkg_name}/modules/settings/
+%{_libdir}/%{pkg_name}/modules/settings/libpigeonhole_settings.so
+%{_libdir}/%{pkg_name}/modules/settings/libmanagesieve_login_settings.so
+%{_libdir}/%{pkg_name}/modules/settings/libmanagesieve_settings.so
+#
+%dir %{_libdir}/%{pkg_name}/modules/sieve
+%{_libdir}/%{pkg_name}/modules/sieve/lib10_sieve_storage_ldap_plugin.so
+%{_libdir}/%{pkg_name}/modules/sieve/lib90_sieve_extprograms_plugin.so
+%{_libdir}/%{pkg_name}/modules/sieve/lib90_sieve_imapsieve_plugin.so
+#
+%dir %{_libdir}/%{pkg_name}/modules/old-stats/
+%{_libdir}/%{pkg_name}/modules/old-stats/libstats_auth.so
+%{_libdir}/%{pkg_name}/modules/old-stats/libold_stats_mail.so
+#
+%dir %{_datadir}/%{pkg_name}/
+%{_datadir}/%{pkg_name}/*.cnf
+%{_datadir}/%{pkg_name}/mkcert.sh
+%{_datadir}/%{pkg_name}/example-config
+# doc
+%{_mandir}/man1/deliver.1*
+%{_mandir}/man1/doveadm*.1*
+%{_mandir}/man1/doveconf.1*
+%{_mandir}/man1/dovecot*.1*
+%{_mandir}/man1/dsync.1*
+%{_mandir}/man1/sieve-dump.1*
+%{_mandir}/man1/sieve-filter.1*
+%{_mandir}/man1/sieve-test.1*
+%{_mandir}/man1/sievec.1*
+%{_mandir}/man1/sieved.1*
+%{_mandir}/man7/doveadm*.7*
+%{_mandir}/man7/pigeonhole.7*
+%doc %{_docdir}/%{pkg_name}
+%if %{with solr}
+%exclude %{_docdir}/%{pkg_name}/solr-schema.xml
+%endif
+# setting up permissions
+%if ! %{with systemd}
+%dir %attr(0755,root,root)        %ghost %{_var}/run/%{pkg_name}/
+%dir %attr(0750,root,%{pkg_name}) %ghost %{_var}/run/%{pkg_name}/login/
+%endif
+%dir %attr(0750,root,root)        %{_var}/lib/%{pkg_name}/
+
+%files fts
+%defattr(-,root,root,-)
+%{_libdir}/%{pkg_name}/modules/doveadm/lib20_doveadm_fts_plugin.so
+%{_libdir}/%{pkg_name}/modules/lib20_fts_plugin.so
+%{_datadir}/%{pkg_name}/stopwords/
+
+%files fts-squat
+%defattr(-,root,root,-)
+%{_libdir}/%{pkg_name}/modules/lib21_fts_squat_plugin.so
+
+%files backend-mysql
+%defattr(-,root,root,-)
+%{_libdir}/%{pkg_name}/modules/libdriver_mysql.so
+%{_libdir}/%{pkg_name}/modules/auth/libdriver_mysql.so
+%{_libdir}/%{pkg_name}/modules/dict/libdriver_mysql.so
+
+%files backend-pgsql
+%defattr(-,root,root,-)
+%{_libdir}/%{pkg_name}/modules/libdriver_pgsql.so
+%{_libdir}/%{pkg_name}/modules/auth/libdriver_pgsql.so
+%{_libdir}/%{pkg_name}/modules/dict/libdriver_pgsql.so
+
+%if %{with sqlite}
+%files backend-sqlite
+%defattr(-,root,root,-)
+%{_libdir}/%{pkg_name}/modules/libdriver_sqlite.so
+%{_libdir}/%{pkg_name}/modules/auth/libdriver_sqlite.so
+%{_libdir}/%{pkg_name}/modules/dict/libdriver_sqlite.so
+%endif
+
+%if %{with clucene}
+%files fts-lucene
+%defattr(-,root,root,-)
+%{_libdir}/%{pkg_name}/modules/lib21_fts_lucene_plugin.so
+%{_libdir}/%{pkg_name}/modules/doveadm/lib20_doveadm_fts_lucene_plugin.so
+%endif
+
+%if %{with solr}
+%files fts-solr
+%defattr(-,root,root,-)
+%{_libdir}/%{pkg_name}/modules/lib21_fts_solr_plugin.so
+%{_docdir}/%{pkg_name}/solr-schema.xml
+%endif
+
+%files devel
+%defattr(-,root,root,-)
+%{_datadir}/aclocal/%{pkg_name}.m4
+%{_datadir}/aclocal/dovecot-pigeonhole.m4
+%{_includedir}/%{pkg_name}/
+%{_libdir}/%{pkg_name}/dovecot-config
+%{_libdir}/%{pkg_name}/libdovecot.so
+%{_libdir}/%{pkg_name}/libdovecot-compression.so
+%{_libdir}/%{pkg_name}/libdovecot-dsync.so
+%{_libdir}/%{pkg_name}/libdovecot-fts.so
+%{_libdir}/%{pkg_name}/libdovecot-lda.so
+%{_libdir}/%{pkg_name}/libdovecot-ldap.so
+%{_libdir}/%{pkg_name}/libdovecot-login.so
+%{_libdir}/%{pkg_name}/libdovecot-lua.so
+%{_libdir}/%{pkg_name}/libdovecot-sieve.so
+%{_libdir}/%{pkg_name}/libdovecot-sql.so
+%{_libdir}/%{pkg_name}/libdovecot-storage.so
+%{_libdir}/%{pkg_name}/libdovecot-storage-lua.so
+
+%changelog

fix-build-with-openssl-3.patch

@@ -0,0 +1,34 @@
+diff -up dovecot-2.3.14/src/lib-dcrypt/dcrypt-openssl.c.opensslv3 dovecot-2.3.14/src/lib-dcrypt/dcrypt-openssl.c
+--- dovecot-2.3.14/src/lib-dcrypt/dcrypt-openssl.c.opensslv3	2021-06-03 18:56:52.573174433 +0200
++++ dovecot-2.3.14/src/lib-dcrypt/dcrypt-openssl.c	2021-06-03 18:56:52.585174274 +0200
+@@ -73,10 +73,30 @@
+   2<tab>key algo oid<tab>1<tab>symmetric algo name<tab>salt<tab>hash algo<tab>rounds<tab>E(RSA = i2d_PrivateKey, EC=Private Point)<tab>key id
+ **/
+ 
++#if OPENSSL_VERSION_MAJOR == 3
++static EC_KEY *EVP_PKEY_get0_EC_KEYv3(EVP_PKEY *key)
++{
++  EC_KEY *eck = EVP_PKEY_get1_EC_KEY(key);
++  EVP_PKEY_set1_EC_KEY(key, eck);
++  EC_KEY_free(eck);
++  return eck;
++}
++
++static EC_KEY *EVP_PKEY_get1_EC_KEYv3(EVP_PKEY *key)
++{
++  EC_KEY *eck = EVP_PKEY_get1_EC_KEY(key);
++  EVP_PKEY_set1_EC_KEY(key, eck);
++  return eck;
++}
++
++#define EVP_PKEY_get0_EC_KEY EVP_PKEY_get0_EC_KEYv3 
++#define EVP_PKEY_get1_EC_KEY EVP_PKEY_get1_EC_KEYv3
++#else
+ #ifndef HAVE_EVP_PKEY_get0
+ #define EVP_PKEY_get0_EC_KEY(x) x->pkey.ec
+ #define EVP_PKEY_get0_RSA(x) x->pkey.rsa
+ #endif
++#endif
+ 
+ #ifndef HAVE_OBJ_LENGTH
+ #define OBJ_length(o) ((o)->length)

fix-strict-aliasing.patch

@@ -0,0 +1,103 @@
+From 7932dc8457c56cfde21e45a64a2494968a707c81 Mon Sep 17 00:00:00 2001
+From: Martin Liska <mliska@suse.cz>
+Date: Fri, 24 Mar 2023 13:33:13 +0100
+Subject: [PATCH] Fix violation of strict aliasing.
+
+The following issue is already reported here:
+https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=997513
+
+and the problem is in the following statement:
+*(const uint32_t *)&ptr[(n) * 4]
+
+that yields a miscompilation when LTO is enabled.
+---
+ src/lib/md4.c | 18 ------------------
+ 1 file changed, 18 deletions(-)
+
+diff --git a/src/lib/md4.c b/src/lib/md4.c
+index 06082f53c7..60413bd957 100644
+--- a/src/lib/md4.c
++++ b/src/lib/md4.c
+@@ -34,23 +34,6 @@
+ 	(a) = ((a) << (s)) | ((a) >> (32 - (s)))
+ 
+ 
+-/*
+- * SET reads 4 input bytes in little-endian byte order and stores them
+- * in a properly aligned word in host byte order.
+- *
+- * The check for little-endian architectures which tolerate unaligned
+- * memory accesses is just an optimization.  Nothing will break if it
+- * doesn't work.
+- */
+-#if defined(__i386__) || defined(__x86_64__) || defined(__vax__)
+-/* uint_fast32_t might be 64 bit, and thus may read 4 more bytes
+- * beyond the end of the buffer. So only read precisely 32 bits
+- */
+-#define SET(n)				\
+-	(*(const uint32_t *)&ptr[(n) * 4])
+-#define GET(n) \
+-	SET(n)
+-#else
+ #define SET(n) \
+ 	(ctx->block[(n)] = \
+ 	(uint_fast32_t)ptr[(n) * 4] | \
+@@ -59,7 +42,6 @@
+ 	((uint_fast32_t)ptr[(n) * 4 + 3] << 24))
+ #define GET(n) \
+ 	(ctx->block[(n)])
+-#endif
+ 
+ /*
+  * This processes one or more 64-byte data blocks, but does NOT update
+
+From d90a4e74f5fda93783c5881499b1fa38f4109362 Mon Sep 17 00:00:00 2001
+From: Sam James <sam@gentoo.org>
+Date: Mon, 27 Mar 2023 02:25:12 +0100
+Subject: [PATCH] lib: md5: Fix strict aliasing violation
+
+Followup to f0c1cf42ea78d22e2674b03fe65f0ee6545c5b99. It's exactly the
+same code as in md4, so let's rip it out here too.
+
+Thanks to sirainen for pointing this out.
+
+Bug: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=997513
+Reference: https://github.com/dovecot/core/pull/195
+---
+ src/lib/md5.c | 15 ---------------
+ 1 file changed, 15 deletions(-)
+
+diff --git a/src/lib/md5.c b/src/lib/md5.c
+index 46cffb6d12..ee946ea805 100644
+--- a/src/lib/md5.c
++++ b/src/lib/md5.c
+@@ -38,20 +38,6 @@
+ 	(a) = (((a) << (s)) | (((a) & 0xffffffff) >> (32 - (s)))); \
+ 	(a) += (b);
+ 
+-/*
+- * SET reads 4 input bytes in little-endian byte order and stores them
+- * in a properly aligned word in host byte order.
+- *
+- * The check for little-endian architectures which tolerate unaligned
+- * memory accesses is just an optimization.  Nothing will break if it
+- * doesn't work.
+- */
+-#if defined(__i386__) || defined(__x86_64__) || defined(__vax__)
+-#define SET(n) \
+-	(*(const uint32_t *)&ptr[(n) * 4])
+-#define GET(n) \
+-	SET(n)
+-#else
+ #define SET(n) \
+ 	(ctx->block[(n)] = \
+ 	(uint_fast32_t)ptr[(n) * 4] | \
+@@ -60,7 +46,6 @@
+ 	((uint_fast32_t)ptr[(n) * 4 + 3] << 24))
+ #define GET(n) \
+ 	(ctx->block[(n)])
+-#endif
+ 
+ /*
+  * This processes one or more 64-byte data blocks, but does NOT update
+