[arch-commits] Commit in dovecot/trunk (3 files)
Thore Bödecker
foxxx0 at archlinux.org
Wed Mar 7 08:41:08 UTC 2018
Date: Wednesday, March 7, 2018 @ 08:41:07
Author: foxxx0
Revision: 303538
upgpkg: dovecot 2.3.0.1-2
add libsodium support, backport two segfault patches
Added:
dovecot/trunk/dovecot-fix-segfault-imap-zlib.patch
dovecot/trunk/dovecot-fix-segfault-quota-exceeded.patch
Modified:
dovecot/trunk/PKGBUILD
-------------------------------------------+
PKGBUILD | 58 ++++++----
dovecot-fix-segfault-imap-zlib.patch | 28 ++++
dovecot-fix-segfault-quota-exceeded.patch | 162 ++++++++++++++++++++++++++++
3 files changed, 228 insertions(+), 20 deletions(-)
Modified: PKGBUILD
===================================================================
--- PKGBUILD 2018-03-07 08:29:54 UTC (rev 303537)
+++ PKGBUILD 2018-03-07 08:41:07 UTC (rev 303538)
@@ -1,5 +1,6 @@
# $Id$
# Maintainer: Johannes Löthberg <johannes at kyriasis.com>
+# Maintainer: Thore Bödecker <foxxx0 at archlinux.org>
# Contributor: Bartłomiej Piotrowski <bpiotrowski at archlinux.org>
# Contributor: Andreas Radke <andyrtr at archlinux.org>
# Contributor: Paul Mattal <paul at mattal.com>
@@ -10,7 +11,7 @@
pkgname=dovecot
pkgver=2.3.0.1
-pkgrel=1
+pkgrel=2
pkgdesc="An IMAP and POP3 server written with security primarily in mind"
url="http://dovecot.org/"
@@ -17,9 +18,9 @@
arch=('x86_64')
license=("LGPL")
-depends=('krb5' 'openssl' 'sqlite' 'libmariadbclient'
+depends=('krb5' 'openssl' 'sqlite' 'libmariadbclient' 'libsodium'
'postgresql-libs' 'bzip2' 'lz4' 'expat' 'curl' 'pam')
-makedepends=('libcap' 'libldap' 'clucene')
+makedepends=('libcap' 'libldap' 'clucene' 'libsodium')
optdepends=('libldap: ldap plugin'
'xz: imap zlib plugin'
'clucene: alternative FTS indexer')
@@ -26,25 +27,41 @@
provides=('imap-server' 'pop3-server')
-source=("https://dovecot.org/releases/2.3/dovecot-$pkgver.tar.gz"{,.sig}
- dovecot.sysusersd
- dovecot.tmpfilesd)
+source=("https://dovecot.org/releases/2.3/${pkgname}-${pkgver}.tar.gz"{,.sig}
+ 'dovecot.sysusersd'
+ 'dovecot.tmpfilesd'
+ # to be checked if upcoming 2.3.1 release has merged them:
+ 'dovecot-fix-segfault-quota-exceeded.patch'
+ 'dovecot-fix-segfault-imap-zlib.patch')
sha256sums=('ab772b3e214683aba347203c9391295552255c4d69afb324c7b8c8fc5ad6f153'
'SKIP'
'c5e3a8ffe23e5deb4f7893d9877d972347c2ee45c4ebf713de85c537e47cfcaf'
- 'bb7620be7fc0217d77fcac940441c2abbd9efc6ef660153288d09ba412e27e06')
-validpgpkeys=('E643F0BDFDCD04D9FFCB6279C948525140558AC9' # Timo Sirainen <tss at iki.fi>
- '2BE74AAB3EE754DFB9C80D3318A348AEED409DA1') # Dovecot Community Edition
+ 'bb7620be7fc0217d77fcac940441c2abbd9efc6ef660153288d09ba412e27e06'
+ 'e6ef27938a384a54b28c0ce57626dcd738f659465293f2cbb71712cbd5592136'
+ 'b8a7b6e324b8b03c02d1e43b700fdb21ca791699bbb046dcc0042f8e6489b2ed')
+validpgpkeys=(
+ 'E643F0BDFDCD04D9FFCB6279C948525140558AC9' # Timo Sirainen <tss at iki.fi>
+ '2BE74AAB3EE754DFB9C80D3318A348AEED409DA1' # Dovecot Community Edition
+)
prepare() {
- cd dovecot-$pkgver
+ cd "${srcdir}/${pkgname}-${pkgver}"
+
+ local filename
+ for filename in "${source[@]}"; do
+ if [[ "$filename" =~ \.patch$ ]]; then
+ msg2 "Applying patch ${filename##*/}"
+ patch -p1 -N -i "$srcdir/${filename##*/}"
+ fi
+ done
+
# fix path in helper script
sed -i 's:OPENSSLCONFIG=${OPENSSLCONFIG-dovecot-openssl.cnf}:OPENSSLCONFIG=${OPENSSLCONFIG- /etc/ssl/dovecot-openssl.cnf}:' doc/mkcert.sh
}
build() {
- cd dovecot-$pkgver
+ cd "${srcdir}/${pkgname}-${pkgver}"
./configure --prefix=/usr --sysconfdir=/etc \
--sbindir=/usr/bin \
@@ -69,6 +86,7 @@
--with-libcap \
--with-solr \
--with-lucene \
+ --with-sodium \
--with-docs
make
@@ -75,7 +93,7 @@
}
check() {
- cd dovecot-$pkgver
+ cd "${srcdir}/${pkgname}-${pkgver}"
make check
}
@@ -83,15 +101,15 @@
# system user/group dovenull - 74
# system user/group dovecot - 76
- cd dovecot-$pkgver
+ cd "${srcdir}/${pkgname}-${pkgver}"
make DESTDIR="$pkgdir" install
- install -Dm644 "$srcdir/dovecot.sysusersd" \
- "$pkgdir/usr/lib/sysusers.d/dovecot.conf"
- install -Dm644 "$srcdir/dovecot.tmpfilesd" \
- "$pkgdir/usr/lib/tmpfiles.d/dovecot.conf"
- install -d -m755 "$pkgdir/etc/dovecot/conf.d"
- rm -f $pkgdir/etc/dovecot/README
+ install -Dm644 "${srcdir}/dovecot.sysusersd" \
+ "${pkgdir}/usr/lib/sysusers.d/dovecot.conf"
+ install -Dm644 "${srcdir}/dovecot.tmpfilesd" \
+ "${pkgdir}/usr/lib/tmpfiles.d/dovecot.conf"
+ install -d -m755 "${pkgdir}/etc/dovecot/conf.d"
+ rm -f "${pkgdir}/etc/dovecot/README"
# install mkcert helper script
- install -m 755 doc/mkcert.sh "$pkgdir/usr/lib/dovecot/mkcert.sh"
+ install -m 755 doc/mkcert.sh "${pkgdir}/usr/lib/dovecot/mkcert.sh"
}
Added: dovecot-fix-segfault-imap-zlib.patch
===================================================================
--- dovecot-fix-segfault-imap-zlib.patch (rev 0)
+++ dovecot-fix-segfault-imap-zlib.patch 2018-03-07 08:41:07 UTC (rev 303538)
@@ -0,0 +1,28 @@
+From 23da0fa1b30cc11bcc1d467674a0950c527e9ff1 Mon Sep 17 00:00:00 2001
+From: Timo Sirainen <timo.sirainen at dovecot.fi>
+Date: Sat, 6 Jan 2018 21:22:11 +0200
+Subject: [PATCH] ostream-zlib: Ignore missing finish if parent stream is
+ ignoring errors
+
+This fixes panic with imap_zlib plugin when client enables the IMAP COMPRESS
+extension and disconnects:
+
+Panic: file ostream-zlib.c: line 36 (o_stream_zlib_close): assertion failed: (zstream->ostream.finished || zstream->ostream.ostream.stream_errno != 0)
+---
+ src/lib-compression/ostream-zlib.c | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/src/lib-compression/ostream-zlib.c b/src/lib-compression/ostream-zlib.c
+index 848ecb7b89..e0b9a91416 100644
+--- a/src/lib-compression/ostream-zlib.c
++++ b/src/lib-compression/ostream-zlib.c
+@@ -33,7 +33,8 @@ static void o_stream_zlib_close(struct iostream_private *stream,
+ struct zlib_ostream *zstream = (struct zlib_ostream *)stream;
+
+ i_assert(zstream->ostream.finished ||
+- zstream->ostream.ostream.stream_errno != 0);
++ zstream->ostream.ostream.stream_errno != 0 ||
++ zstream->ostream.error_handling_disabled);
+ (void)deflateEnd(&zstream->zs);
+ if (close_parent)
+ o_stream_close(zstream->ostream.parent);
Added: dovecot-fix-segfault-quota-exceeded.patch
===================================================================
--- dovecot-fix-segfault-quota-exceeded.patch (rev 0)
+++ dovecot-fix-segfault-quota-exceeded.patch 2018-03-07 08:41:07 UTC (rev 303538)
@@ -0,0 +1,162 @@
+From 2bf919786518d138cc07d9cc21e14ad5e07e5e56 Mon Sep 17 00:00:00 2001
+From: Stephan Bosch <stephan.bosch at dovecot.fi>
+Date: Wed, 17 Jan 2018 21:26:44 +0100
+Subject: [PATCH] lmtp: local: Fix segfault occurring when quota is exceeded.
+
+---
+ src/lmtp/lmtp-local.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/lmtp/lmtp-local.c b/src/lmtp/lmtp-local.c
+index fa1ce5d869..5b5fe51a95 100644
+--- a/src/lmtp/lmtp-local.c
++++ b/src/lmtp/lmtp-local.c
+@@ -133,7 +133,7 @@ static void
+ lmtp_local_rcpt_reply_overquota(struct lmtp_local_recipient *rcpt,
+ const char *error)
+ {
+- struct smtp_address *address = rcpt->rcpt.rcpt->path;
++ struct smtp_address *address = rcpt->rcpt.path;
+ struct lda_settings *lda_set =
+ mail_storage_service_user_get_set(rcpt->service_user)[2];
+
+From cdbcc8db8e0a04b2cbf6ca9f20b3ee7f7173552d Mon Sep 17 00:00:00 2001
+From: Stephan Bosch <stephan.bosch at dovecot.fi>
+Date: Wed, 31 Jan 2018 10:30:23 +0100
+Subject: [PATCH 1/3] lmtp: local: Make local variable for rcpt->rcpt.rcpt_cmd
+ in lmtp_local_rcpt_check_quota().
+
+---
+ src/lmtp/lmtp-local.c | 9 +++++----
+ 1 file changed, 5 insertions(+), 4 deletions(-)
+
+diff --git a/src/lmtp/lmtp-local.c b/src/lmtp/lmtp-local.c
+index c770e35e5b..d0ee4b312e 100644
+--- a/src/lmtp/lmtp-local.c
++++ b/src/lmtp/lmtp-local.c
+@@ -195,6 +195,7 @@ static int
+ lmtp_local_rcpt_check_quota(struct lmtp_local_recipient *rcpt)
+ {
+ struct client *client = rcpt->rcpt.client;
++ struct smtp_server_cmd_ctx *cmd = rcpt->rcpt.rcpt_cmd;
+ struct smtp_address *address = rcpt->rcpt.path;
+ struct mail_user *user;
+ struct mail_namespace *ns;
+@@ -245,10 +246,10 @@ lmtp_local_rcpt_check_quota(struct lmtp_local_recipient *rcpt)
+ }
+
+ if (ret < 0 &&
+- !smtp_server_command_is_replied(rcpt->rcpt.rcpt_cmd->cmd)) {
+- smtp_server_reply(rcpt->rcpt.rcpt_cmd,
+- 451, "4.3.0", "<%s> Temporary internal error",
+- smtp_address_encode(address));
++ !smtp_server_command_is_replied(cmd->cmd)) {
++ smtp_server_reply(cmd, 451, "4.3.0",
++ "<%s> Temporary internal error",
++ smtp_address_encode(address));
+ }
+ return ret;
+ }
+
+From c23717da4af9d3275cb45cbc67faaa8daa353ec1 Mon Sep 17 00:00:00 2001
+From: Stephan Bosch <stephan.bosch at dovecot.fi>
+Date: Wed, 31 Jan 2018 10:34:11 +0100
+Subject: [PATCH 2/3] lmtp: local: Add explicit cmd parameter to
+ lmtp_local_rcpt_reply_overquota().
+
+Using the RCPT cmd is only valid for the RCPT command and not when quota excess
+is detected during DATA. That would cause a segmentation fault, since
+rcpt->rcpt.rcpt_cmd == NULL.
+---
+ src/lmtp/lmtp-local.c | 15 +++++++--------
+ 1 file changed, 7 insertions(+), 8 deletions(-)
+
+diff --git a/src/lmtp/lmtp-local.c b/src/lmtp/lmtp-local.c
+index d0ee4b312e..c19c449e61 100644
+--- a/src/lmtp/lmtp-local.c
++++ b/src/lmtp/lmtp-local.c
+@@ -134,6 +134,7 @@ lmtp_local_rcpt_deinit(struct lmtp_local_recipient *rcpt)
+
+ static void
+ lmtp_local_rcpt_reply_overquota(struct lmtp_local_recipient *rcpt,
++ struct smtp_server_cmd_ctx *cmd,
+ const char *error)
+ {
+ struct smtp_address *address = rcpt->rcpt.path;
+@@ -141,13 +142,11 @@ lmtp_local_rcpt_reply_overquota(struct lmtp_local_recipient *rcpt,
+ mail_storage_service_user_get_set(rcpt->service_user)[2];
+
+ if (lda_set->quota_full_tempfail) {
+- smtp_server_reply(rcpt->rcpt.rcpt_cmd,
+- 452, "4.2.2", "<%s> %s",
+- smtp_address_encode(address), error);
++ smtp_server_reply(cmd, 452, "4.2.2", "<%s> %s",
++ smtp_address_encode(address), error);
+ } else {
+- smtp_server_reply(rcpt->rcpt.rcpt_cmd,
+- 552, "5.2.2", "<%s> %s",
+- smtp_address_encode(address), error);
++ smtp_server_reply(cmd, 552, "5.2.2", "<%s> %s",
++ smtp_address_encode(address), error);
+ }
+ }
+
+@@ -232,7 +231,7 @@ lmtp_local_rcpt_check_quota(struct lmtp_local_recipient *rcpt)
+ if (ret < 0) {
+ error = mailbox_get_last_error(box, &mail_error);
+ if (mail_error == MAIL_ERROR_NOQUOTA) {
+- lmtp_local_rcpt_reply_overquota(rcpt, error);
++ lmtp_local_rcpt_reply_overquota(rcpt, cmd, error);
+ } else {
+ i_error("mailbox_get_status(%s, STATUS_CHECK_OVER_QUOTA) "
+ "failed: %s",
+@@ -623,7 +622,7 @@ lmtp_local_deliver(struct lmtp_local *local,
+ } else if (storage != NULL) {
+ error = mail_storage_get_last_error(storage, &mail_error);
+ if (mail_error == MAIL_ERROR_NOQUOTA) {
+- lmtp_local_rcpt_reply_overquota(rcpt, error);
++ lmtp_local_rcpt_reply_overquota(rcpt, cmd, error);
+ } else {
+ smtp_server_reply_index(cmd, rcpt_idx,
+ 451, "4.2.0", "<%s> %s",
+
+From f8d9e6c977847a411af9986c9be62f74e4b06143 Mon Sep 17 00:00:00 2001
+From: Stephan Bosch <stephan.bosch at dovecot.fi>
+Date: Wed, 31 Jan 2018 10:27:54 +0100
+Subject: [PATCH 3/3] lmtp: local: Use recipient index in
+ lmtp_local_rcpt_reply_overquota().
+
+When used during the DATA command, it should send a reply for the correct
+recipient. During the RCPT command there is only one reply due. Added assert
+that checks this.
+---
+ src/lmtp/lmtp-local.c | 11 +++++++----
+ 1 file changed, 7 insertions(+), 4 deletions(-)
+
+diff --git a/src/lmtp/lmtp-local.c b/src/lmtp/lmtp-local.c
+index c19c449e61..0b5e7e06ec 100644
+--- a/src/lmtp/lmtp-local.c
++++ b/src/lmtp/lmtp-local.c
+@@ -138,15 +138,18 @@ lmtp_local_rcpt_reply_overquota(struct lmtp_local_recipient *rcpt,
+ const char *error)
+ {
+ struct smtp_address *address = rcpt->rcpt.path;
++ unsigned int rcpt_idx = rcpt->rcpt.index;
+ struct lda_settings *lda_set =
+ mail_storage_service_user_get_set(rcpt->service_user)[2];
+
++ i_assert(rcpt_idx == 0 || rcpt->rcpt.rcpt_cmd == NULL);
++
+ if (lda_set->quota_full_tempfail) {
+- smtp_server_reply(cmd, 452, "4.2.2", "<%s> %s",
+- smtp_address_encode(address), error);
++ smtp_server_reply_index(cmd, rcpt_idx, 452, "4.2.2", "<%s> %s",
++ smtp_address_encode(address), error);
+ } else {
+- smtp_server_reply(cmd, 552, "5.2.2", "<%s> %s",
+- smtp_address_encode(address), error);
++ smtp_server_reply_index(cmd, rcpt_idx, 552, "5.2.2", "<%s> %s",
++ smtp_address_encode(address), error);
+ }
+ }
+
More information about the arch-commits
mailing list