diff --git a/courier-imap-4.14.tar.bz2 b/courier-imap-4.14.tar.bz2 deleted file mode 100644 index 1b52e74..0000000 --- a/courier-imap-4.14.tar.bz2 +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:b8024f73fa7074cbddac6689ee799411b7269e67aa8a05838e4214ddb39a56ec -size 3262483 diff --git a/courier-imap-4.14.tar.bz2.sig b/courier-imap-4.14.tar.bz2.sig deleted file mode 100644 index aa84e2b..0000000 Binary files a/courier-imap-4.14.tar.bz2.sig and /dev/null differ diff --git a/courier-imap-4.15.tar.bz2 b/courier-imap-4.15.tar.bz2 new file mode 100644 index 0000000..f0f6a35 --- /dev/null +++ b/courier-imap-4.15.tar.bz2 @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:6c34107e7ba9e5396d50b58fb414a495806335cab7135c96ad85a3816785b109 +size 3266353 diff --git a/courier-imap-4.15.tar.bz2.sig b/courier-imap-4.15.tar.bz2.sig new file mode 100644 index 0000000..940b1ec Binary files /dev/null and b/courier-imap-4.15.tar.bz2.sig differ diff --git a/courier-imap-gencert.service b/courier-imap-gencert.service new file mode 100644 index 0000000..1d0e5bb --- /dev/null +++ b/courier-imap-gencert.service @@ -0,0 +1,8 @@ +[Unit] +Description=Courier IMAP (SSL) Cert Generation +ConditionPathExists=!/etc/ssl/private/imapd.pem + +[Service] +Type=oneshot +ExecStart=/usr/sbin/mkimapdcert +RemainAfterExit=yes diff --git a/courier-imap-ssl.service b/courier-imap-ssl.service new file mode 100644 index 0000000..8b3fc97 --- /dev/null +++ b/courier-imap-ssl.service @@ -0,0 +1,32 @@ +[Unit] +Description=Courier IMAP (SSL) +Wants=courier-authdaemon.service +Wants=courier-imap-gencert.service +After=syslog.target +After=network.target +After=courier-authdaemon.target +After=courier-authdaemon.service +After=courier-imap-gencert.service + +[Service] +EnvironmentFile=/etc/courier/imapd +EnvironmentFile=/etc/courier/imapd-ssl +Environment="SSLPIDFILE=/run/imapd-ssl.pid" "LOCKFILE=/run/imapd-ssl.pid.lock" +PIDFile=/run/imapd-ssl.pid +LimitNOFILE=65536 +ExecStart=/usr/bin/env - /bin/sh -c " set -a ; \ + . /etc/courier/imapd ; \ + . /etc/courier/imapd-ssl ; \ + IMAP_TLS=1; export IMAP_TLS; \ + PROXY_HOSTNAME=$PROXY_HOSTNAME ; \ + /usr/sbin/courierlogger -pid=$SSLPIDFILE -start $SSLLOGGEROPTS \ + /usr/lib/courier-imap/couriertcpd -address=$SSLADDRESS \ + -maxprocs=$MAXDAEMONS -maxperip=$MAXPERIP $TCPDOPTS \ + $SSLPORT $COURIERTLS -server -tcpd /usr/sbin/imaplogin \ + /usr/sbin/imapd $MAILDIRPATH" +ExecStop=/usr/sbin/courierlogger -pid=$SSLPIDFILE -stop +ExecStopPost=/usr/bin/rm $SSLPIDFILE $LOCKFILE +Restart=always + +[Install] +WantedBy=multi-user.target diff --git a/courier-imap.changes b/courier-imap.changes index 629a6b1..76fbb6d 100644 --- a/courier-imap.changes +++ b/courier-imap.changes @@ -1,3 +1,31 @@ +------------------------------------------------------------------- +Sat Mar 15 20:24:10 UTC 2014 - chris@computersalat.de + +- update to 4.15 + * pop3login.c (starttls): Clear input buffer after STARTTLS. + * imaplogin.c (starttls): Clear input buffer after STARTTLS. + * Fix various compiler warnings about unchecked results from setuid + and setgid calls. + * libs/tcpd/libcouriergnutls.c, libs/tcpd/libcouriertls.c: remove the + TLS_DHCERTFILE setting, and use TLS_CERTFILE for all functionality. + Read DH parameters from TLS_CERTFILE, or from the new TLS_DHPARAMS + environment variable. + * mkdhparams: New script that generates DH parameters into a standalone + file. + * Remove TLS_DHCERTFILE setting from imapd-ssl, pop3d-ssl, esmtpd and + esmtpd-ssl. Add TLS_DHPARAMS. + * Update imapd.cnf.openssl, pop3d.cnf.openssl, esmtpd.cnf.openssl, + set default number of bits for RSA keys to 4096. + * libs/tcpd/libcouriertls.c (tls_create): Add TLSv1_1_method() and + TLSv1_2 method(), based on patch by Rob Austein . + * pop3d-ssl.dist.in, imapd-ssl.dist.in: Fix up differences in the + documentation of TLS options in various config files. +- added systemd service files +- fix build for SLE + * fam-devel vs gamin-devel +- cleanup spec + * RPM_BUILD_ROOT -> buildroot + ------------------------------------------------------------------- Wed Jan 8 13:53:33 UTC 2014 - adrian@suse.de diff --git a/courier-imap.service b/courier-imap.service new file mode 100644 index 0000000..c6824ba --- /dev/null +++ b/courier-imap.service @@ -0,0 +1,26 @@ +[Unit] +Description=Courier IMAP +Wants=courier-authdaemon.service +After=syslog.target +After=network.target +After=courier-authdaemon.target +After=courier-authdaemon.service + +[Service] +EnvironmentFile=/etc/courier/imapd +Environment="PIDFILE=/run/imapd.pid" "LOCKFILE=/run/imapd.pid.lock" +PIDFile=/run/imapd.pid +LimitNOFILE=65536 +ExecStart=/usr/bin/env - /bin/sh -c " set -a ; \ + . /etc/courier/imapd ; \ + PROXY_HOSTNAME=$PROXY_HOSTNAME ; \ + /usr/sbin/courierlogger -pid=$PIDFILE -start $LOGGEROPTS \ + /usr/lib/courier-imap/couriertcpd -address=$ADDRESS \ + -maxprocs=$MAXDAEMONS -maxperip=$MAXPERIP $TCPDOPTS \ + $PORT /usr/sbin/imaplogin /usr/sbin/imapd $MAILDIRPATH" +ExecStop=/usr/sbin/courierlogger -pid=$PIDFILE -stop +ExecStopPost=/usr/bin/rm $PIDFILE $LOCKFILE +Restart=always + +[Install] +WantedBy=multi-user.target diff --git a/courier-imap.spec b/courier-imap.spec index cea8ece..575cc47 100644 --- a/courier-imap.spec +++ b/courier-imap.spec @@ -20,19 +20,25 @@ Name: courier-imap Summary: An IMAP and POP3 Server for Maildir MTAs License: GPL-3.0+ Group: Productivity/Networking/Email/Servers -Version: 4.14 +Version: 4.15 Release: 0 Url: http://www.courier-mta.org/imap/ Source0: %{name}-%{version}.tar.bz2 Source1: %{name}-%{version}.tar.bz2.sig Source2: pop3.pamd Source3: imap.pamd -Source4: courier-imap.init -Source5: courier-imap-ssl.init -Source6: courier-pop.init -Source7: courier-pop-ssl.init -Source8: %{name}.firewall -Source9: %{name}-ssl.firewall +Source4: %{name}.firewall +Source5: %{name}-ssl.firewall +Source11: courier-imap.init +Source12: courier-imap-ssl.init +Source13: courier-pop.init +Source14: courier-pop-ssl.init +Source15: courier-imap.service +Source16: courier-imap-ssl.service +Source17: courier-imap-gencert.service +Source18: courier-pop.service +Source19: courier-pop-ssl.service +Source20: courier-pop-gencert.service Patch0: %{name}-sbindir.patch Patch2: %{name}-ulimit_conf.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build @@ -41,7 +47,11 @@ BuildRequires: audit-libs %endif BuildRequires: courier-authlib-devel >= 0.62 BuildRequires: db-devel +%if 0%{?suse_version} >= 1220 BuildRequires: gamin-devel +%else +BuildRequires: fam-devel +%endif BuildRequires: gcc-c++ BuildRequires: gdbm-devel BuildRequires: libstdc++-devel @@ -58,6 +68,12 @@ Requires: fam-server Requires: gdbm Requires: openssl +%if 0%{?suse_version} >= 1210 +BuildRequires: systemd +%{?systemd_requires} +%define has_systemd 1 +%endif + %description Courier-IMAP is a fast, scalable, enterprise IMAP server that uses Maildirs. Many E-mail service providers use Courier-IMAP to easy handle @@ -97,68 +113,96 @@ install the entire Courier server. --datadir=%{_datadir}/%{name} \ --sysconfdir=%{_sysconfdir}/courier \ --sharedstatedir=%{_sharedstatedir}/%{name} \ +%if 0%{?has_systemd} + --with-piddir=/run \ +%else --with-piddir=%{_localstatedir}/run \ +%endif --disable-static \ --disable-root-check \ --enable-unicode \ +%if 0%{?has_systemd} + --with-authdaemonvar=/run/courier-authlib \ +%else --with-authdaemonvar=%{_localstatedir}/run/courier-authlib \ +%endif --with-certdb=%{_sysconfdir}/ssl/certs \ --with-certsdir=%{_sysconfdir}/ssl/private \ --enable-workarounds-for-imap-client-bugs %{__make} %{_smp_mflags} %install -%{__make} install DESTDIR=$RPM_BUILD_ROOT +%{__make} install DESTDIR=%{buildroot} # Move daemons into sbin -%{__mv} $RPM_BUILD_ROOT%{_prefix}/bin/{couriertls,imapd,pop3d} $RPM_BUILD_ROOT%{_prefix}/sbin/ +%{__mv} %{buildroot}%{_prefix}/bin/{couriertls,imapd,pop3d} %{buildroot}%{_prefix}/sbin/ # Rename imapd.8 to courier-imapd.8 -%{__mv} $RPM_BUILD_ROOT%{_mandir}/man8/imapd.8 $RPM_BUILD_ROOT%{_mandir}/man8/%{name}d.8 +%{__mv} %{buildroot}%{_mandir}/man8/imapd.8 %{buildroot}%{_mandir}/man8/%{name}d.8 # Install PAM config files -%{__install} -D -m 644 $RPM_SOURCE_DIR/pop3.pamd $RPM_BUILD_ROOT/etc/pam.d/pop3 -%{__install} -D -m 644 $RPM_SOURCE_DIR/imap.pamd $RPM_BUILD_ROOT/etc/pam.d/imap +%{__install} -D -m 644 $RPM_SOURCE_DIR/pop3.pamd %{buildroot}/etc/pam.d/pop3 +%{__install} -D -m 644 $RPM_SOURCE_DIR/imap.pamd %{buildroot}/etc/pam.d/imap # Install init scripts for i in imap imap-ssl pop pop-ssl ; do - %{__install} -D -m 0755 $RPM_SOURCE_DIR/courier-$i.init $RPM_BUILD_ROOT/etc/init.d/courier-$i - %{__ln_s} -f /etc/init.d/courier-$i $RPM_BUILD_ROOT%{_prefix}/sbin/rccourier-$i + %{__install} -D -m 0755 $RPM_SOURCE_DIR/courier-$i.init %{buildroot}/etc/init.d/courier-$i + %{__ln_s} -f /etc/init.d/courier-$i %{buildroot}%{_prefix}/sbin/rccourier-$i done +# Install service files +%if 0%{?has_systemd} +for j in imap imap-ssl imap-gencert pop pop-ssl pop-gencert; do + %{__install} -D -m 0644 $RPM_SOURCE_DIR/courier-$j.service %{buildroot}/%{_unitdir}/courier-$j.service +done +%endif # Remove original init scripts, will not work longer -%{__rm} $RPM_BUILD_ROOT%{_prefix}/lib/%{name}/imapd.rc -%{__rm} $RPM_BUILD_ROOT%{_prefix}/lib/%{name}/imapd-ssl.rc -%{__rm} $RPM_BUILD_ROOT%{_prefix}/lib/%{name}/pop3d.rc -%{__rm} $RPM_BUILD_ROOT%{_prefix}/lib/%{name}/pop3d-ssl.rc +%{__rm} %{buildroot}%{_prefix}/lib/%{name}/imapd.rc +%{__rm} %{buildroot}%{_prefix}/lib/%{name}/imapd-ssl.rc +%{__rm} %{buildroot}%{_prefix}/lib/%{name}/pop3d.rc +%{__rm} %{buildroot}%{_prefix}/lib/%{name}/pop3d-ssl.rc # # Fix imapd.dist # -%{__sed} -i -e 's/^IMAPDSTART=.*/IMAPDSTART=YES/' $RPM_BUILD_ROOT%{_sysconfdir}/courier/imapd.dist -%{__sed} -i -e 's/^ADDRESS=.*/ADDRESS=127.0.0.1/' $RPM_BUILD_ROOT%{_sysconfdir}/courier/imapd.dist -%{__sed} -i -e 's/^MAXPERIP=.*/MAXPERIP=20/' $RPM_BUILD_ROOT%{_sysconfdir}/courier/imapd.dist -%{__sed} -i -e 's/^IMAPDSSLSTART=.*/IMAPDSSLSTART=YES/' $RPM_BUILD_ROOT%{_sysconfdir}/courier/imapd-ssl.dist -%{__sed} -i -e 's/^#\ \+\(TLS_CIPHER_LIST=.*\)/\1/' $RPM_BUILD_ROOT%{_sysconfdir}/courier/imapd-ssl.dist -%{__sed} -i -e 's/^POP3DSTART=.*/POP3DSTART=YES/' $RPM_BUILD_ROOT%{_sysconfdir}/courier/pop3d.dist -%{__sed} -i -e 's/^POP3DSSLSTART=.*/POP3DSSLSTART=YES/' $RPM_BUILD_ROOT%{_sysconfdir}/courier/pop3d-ssl.dist -%{__sed} -i -e 's/^#\ \+\(TLS_CIPHER_LIST=.*\)/\1/' $RPM_BUILD_ROOT%{_sysconfdir}/courier/pop3d-ssl.dist +%{__sed} -i -e 's/^IMAPDSTART=.*/IMAPDSTART=YES/' %{buildroot}%{_sysconfdir}/courier/imapd.dist +%{__sed} -i -e 's/^ADDRESS=.*/ADDRESS=127.0.0.1/' %{buildroot}%{_sysconfdir}/courier/imapd.dist +%{__sed} -i -e 's/^MAXPERIP=.*/MAXPERIP=20/' %{buildroot}%{_sysconfdir}/courier/imapd.dist +%{__sed} -i -e 's/^IMAPDSSLSTART=.*/IMAPDSSLSTART=YES/' %{buildroot}%{_sysconfdir}/courier/imapd-ssl.dist +#%{__sed} -i -e 's/^#\ \+\(TLS_CIPHER_LIST=.*\)/\1/' %{buildroot}%{_sysconfdir}/courier/imapd-ssl.dist +%{__sed} -i -e 's/^POP3DSTART=.*/POP3DSTART=YES/' %{buildroot}%{_sysconfdir}/courier/pop3d.dist +%{__sed} -i -e 's/^POP3DSSLSTART=.*/POP3DSSLSTART=YES/' %{buildroot}%{_sysconfdir}/courier/pop3d-ssl.dist +#%{__sed} -i -e 's/^#\ \+\(TLS_CIPHER_LIST=.*\)/\1/' %{buildroot}%{_sysconfdir}/courier/pop3d-ssl.dist # For %doc macro %{__install} -m 0644 libs/imap/ChangeLog ChangeLog %{__install} -m 0644 libs/imap/README README.imap %{__install} -m 0644 libs/imap/README.proxy README.proxy %{__install} -m 0644 libs/maildir/README.maildirquota.txt README.maildirquota %{__install} -m 0644 libs/maildir/README.sharedfolders.txt README.sharedfolders -%{__install} -D -m 0755 sysconftool $RPM_BUILD_ROOT%{_datadir}/%{name}/sysconftool -%{__chmod} 755 $RPM_BUILD_ROOT%{_datadir}/%{name}/sysconftool -%{__cat} >$RPM_BUILD_ROOT%{_datadir}/%{name}/configlist <%{buildroot}%{_datadir}/%{name}/configlist </dev/null +%if 0%{?has_systemd} +for i in imap imap-ssl imap-gencert pop pop-ssl pop-gencert; do + %service_add_post courier-$i.service +done +%endif + %postun -for i in imap imap-ssl pop pop-ssl ; do +for i in imap imap-ssl pop pop-ssl; do %restart_on_update courier-$i done %insserv_cleanup +%if 0%{?has_systemd} +for i in imap imap-ssl imap-gencert pop pop-ssl pop-gencert; do + %service_del_postun courier-$i.service +done +%endif %clean -%{__rm} -rf $RPM_BUILD_ROOT +%{__rm} -rf %{buildroot} %files %defattr(-,root,root,755) @@ -194,17 +249,20 @@ done %config %attr(600,root,root) %{_sysconfdir}/courier/imap* %config %attr(600,root,root) %{_sysconfdir}/courier/pop3* %config %{_sysconfdir}/courier/quotawarnmsg.example -%dir %{_prefix}/lib/%{name} -%{_prefix}/lib/%{name}/makedatprog -%{_prefix}/lib/%{name}/couriertcpd -%{_bindir}/* -%{_sbindir}/* -%{_mandir}/man?/* -%dir %{_datadir}/%{name}/ -%{_datadir}/%{name}/* %dir %{_sysconfdir}/SuSEfirewall2.d %dir %{_sysconfdir}/SuSEfirewall2.d/services %config %{_sysconfdir}/SuSEfirewall2.d/services/%{name} %config %{_sysconfdir}/SuSEfirewall2.d/services/%{name}-ssl +%dir %{_prefix}/lib/%{name} +%{_prefix}/lib/%{name}/makedatprog +%{_prefix}/lib/%{name}/couriertcpd +%dir %{_datadir}/%{name}/ +%{_datadir}/%{name}/* +%{_bindir}/* +%{_sbindir}/* +%{_mandir}/man?/* +%if 0%{?has_systemd} +%{_unitdir}/courier-*.service +%endif %changelog diff --git a/courier-pop-gencert.service b/courier-pop-gencert.service new file mode 100644 index 0000000..e216c83 --- /dev/null +++ b/courier-pop-gencert.service @@ -0,0 +1,8 @@ +[Unit] +Description=Courier POP3 (SSL) Cert Generation +ConditionPathExists=!/etc/ssl/private/pop3d.pem + +[Service] +Type=oneshot +ExecStart=/usr/sbin/mkpop3dcert +RemainAfterExit=yes diff --git a/courier-pop-ssl.service b/courier-pop-ssl.service new file mode 100644 index 0000000..96a2d8e --- /dev/null +++ b/courier-pop-ssl.service @@ -0,0 +1,32 @@ +[Unit] +Description=Courier POP3 (SSL) +Wants=courier-authdaemon.service +Wants=courier-pop-gencert.service +After=syslog.target +After=network.target +After=courier-authdaemon.target +After=courier-authdaemon.service +After=courier-pop-gencert.service + +[Service] +EnvironmentFile=/etc/courier/pop3d +EnvironmentFile=/etc/courier/pop3d-ssl +Environment="SSLPIDFILE=/run/pop3d-ssl.pid" "LOCKFILE=/run/pop3d-ssl.pid.lock" +PIDFile=/run/pop3d-ssl.pid +LimitNOFILE=65536 +ExecStart=/usr/bin/env - /bin/sh -c " set -a ; \ + . /etc/courier/pop3d ; \ + . /etc/courier/pop3d-ssl ; \ + POP3_TLS=1; POP3_STARTTLS=NO; POP3_TLS_REQUIRED=0; \ + PROXY_HOSTNAME=$PROXY_HOSTNAME ; \ + /usr/sbin/courierlogger -pid=$SSLPIDFILE -start $SSLLOGGEROPTS \ + /usr/lib/courier-imap/couriertcpd -address=$SSLADDRESS \ + -maxprocs=$MAXDAEMONS -maxperip=$MAXPERIP $TCPDOPTS \ + $SSLPORT $COURIERTLS -server -tcpd /usr/sbin/pop3login \ + /usr/sbin/pop3d $MAILDIRPATH" +ExecStop=/usr/sbin/courierlogger -pid=$SSLPIDFILE -stop +ExecStopPost=/usr/bin/rm $SSLPIDFILE $LOCKFILE +Restart=always + +[Install] +WantedBy=multi-user.target diff --git a/courier-pop.service b/courier-pop.service new file mode 100644 index 0000000..c3d7759 --- /dev/null +++ b/courier-pop.service @@ -0,0 +1,26 @@ +[Unit] +Description=Courier POP3 +Wants=courier-authdaemon.service +After=syslog.target +After=network.target +After=courier-authdaemon.target +After=courier-authdaemon.service + +[Service] +EnvironmentFile=/etc/courier/pop3d +Environment="PIDFILE=/run/pop3d.pid" "LOCKFILE=/run/pop3d.pid.lock" +PIDFile=/run/pop3d.pid +LimitNOFILE=65536 +ExecStart=/usr/bin/env - /bin/sh -c " set -a ; \ + . /etc/courier/pop3d ; \ + PROXY_HOSTNAME=$PROXY_HOSTNAME ; \ + /usr/sbin/courierlogger -pid=$PIDFILE -start $LOGGEROPTS \ + /usr/lib/courier-imap/couriertcpd -address=$ADDRESS \ + -maxprocs=$MAXDAEMONS -maxperip=$MAXPERIP $TCPDOPTS \ + $PORT /usr/sbin/pop3login /usr/sbin/pop3d $MAILDIRPATH" +ExecStop=/usr/sbin/courierlogger -pid=$PIDFILE -stop +ExecStopPost=/usr/bin/rm $PIDFILE $LOCKFILE +Restart=always + +[Install] +WantedBy=multi-user.target