rpms/dovecot/FC-4 dovecot-configfile.patch, 1.5, 1.6 dovecot.spec, 1.30, 1.31

fedora-cvs-commits at redhat.com fedora-cvs-commits at redhat.com
Thu Jun 16 19:15:30 UTC 2005 

Author: jdennis

Update of /cvs/dist/rpms/dovecot/FC-4
In directory cvs.devel.redhat.com:/tmp/cvs-serv16094

Modified Files:
	dovecot-configfile.patch dovecot.spec 
Log Message:
fix bugs 160277, 160679


dovecot-configfile.patch:
 dovecot-0.99.13/dovecot.conf                 |   24 +++++++++---------------
 dovecot-0.99.14/doc/mkcert.sh                |   15 +++++++++------
 dovecot-0.99.14/src/master/master-settings.c |    2 +-
 3 files changed, 19 insertions(+), 22 deletions(-)

Index: dovecot-configfile.patch
===================================================================
RCS file: /cvs/dist/rpms/dovecot/FC-4/dovecot-configfile.patch,v
retrieving revision 1.5
retrieving revision 1.6
diff -u -r1.5 -r1.6
--- dovecot-configfile.patch	22 Apr 2005 21:01:48 -0000	1.5
+++ dovecot-configfile.patch	16 Jun 2005 19:15:27 -0000	1.6
@@ -65,10 +65,10 @@
  
  # Should we create dotlock file even when we want only a read-lock? Setting
  # this to yes hurts the performance when the mailbox is accessed simultaneously
-diff -u -r dovecot-0.99.11.orig/doc/mkcert.sh dovecot-0.99.11/doc/mkcert.sh
---- dovecot-0.99.11.orig/doc/mkcert.sh	2004-07-22 20:04:37.000000000 -0400
-+++ dovecot-0.99.11/doc/mkcert.sh	2004-12-22 16:33:20.000000000 -0500
-@@ -4,11 +4,12 @@
+diff -r -u dovecot-0.99.14.orig/doc/mkcert.sh dovecot-0.99.14/doc/mkcert.sh
+--- dovecot-0.99.14.orig/doc/mkcert.sh	2004-07-22 20:04:37.000000000 -0400
++++ dovecot-0.99.14/doc/mkcert.sh	2005-06-16 15:00:05.178544000 -0400
+@@ -4,18 +4,21 @@
  # Edit dovecot-openssl.cnf before running this.
  
  OPENSSL=${OPENSSL-openssl}
@@ -83,14 +83,28 @@
 +CERTFILE=$SSLDIR/$CERTNAME.pem
 +KEYFILE=$SSLDIR/private/$CERTNAME.pem
  
- if [ ! -d $SSLDIR/certs ]; then
-   echo "$SSLDIR/certs directory doesn't exist"
-@@ -29,6 +30,7 @@
+-if [ ! -d $SSLDIR/certs ]; then
+-  echo "$SSLDIR/certs directory doesn't exist"
++if [ ! -d $SSLDIR ]; then
++  echo "$SSLDIR directory doesn't exist"
++  exit 1
  fi
  
- $OPENSSL req -new -x509 -nodes -config $OPENSSLCONFIG -out $CERTFILE -keyout $KEYFILE -days 365 || exit 2
--chmod 0600 $KEYFILE
-+chown root:root $CERTFILE $KEYFILE
-+chmod 0600 $CERTFILE $KEYFILE
- echo 
- $OPENSSL x509 -subject -fingerprint -noout -in $CERTFILE || exit 2
+ if [ ! -d $SSLDIR/private ]; then
+   echo "$SSLDIR/private directory doesn't exist"
++  exit 1
+ fi
+ 
+ if [ -f $CERTFILE ]; then
+diff -r -u dovecot-0.99.14.orig/src/master/master-settings.c dovecot-0.99.14/src/master/master-settings.c
+--- dovecot-0.99.14.orig/src/master/master-settings.c	2004-08-09 16:10:08.000000000 -0400
++++ dovecot-0.99.14/src/master/master-settings.c	2005-06-16 14:00:47.750360000 -0400
+@@ -147,7 +147,7 @@
+ 	MEMBER(pop3s_listen) NULL,
+ 
+ 	MEMBER(ssl_disable) FALSE,
+-	MEMBER(ssl_cert_file) SSLDIR"/certs/dovecot.pem",
++	MEMBER(ssl_cert_file) SSLDIR"/dovecot.pem",
+ 	MEMBER(ssl_key_file) SSLDIR"/private/dovecot.pem",
+ 	MEMBER(ssl_parameters_file) "ssl-parameters.dat",
+ 	MEMBER(ssl_parameters_regenerate) 24,


Index: dovecot.spec
===================================================================
RCS file: /cvs/dist/rpms/dovecot/FC-4/dovecot.spec,v
retrieving revision 1.30
retrieving revision 1.31
diff -u -r1.30 -r1.31
--- dovecot.spec	28 Apr 2005 19:57:40 -0000	1.30
+++ dovecot.spec	16 Jun 2005 19:15:27 -0000	1.31
@@ -1,7 +1,7 @@
 Summary: Dovecot Secure imap server
 Name: dovecot
 Version: 0.99.14
-Release: 5.fc4
+Release: 6.fc4
 License: LGPL
 Group: System Environment/Daemons
 
@@ -160,6 +160,8 @@
 %config(noreplace) %{_sysconfdir}/dovecot.conf
 %config %{_sysconfdir}/rc.d/init.d/dovecot
 %config %{_sysconfdir}/pam.d/dovecot
+%attr(0750,root,dovecot) %dir %{ssldir}
+%attr(0750,root,dovecot) %dir %{ssldir}/private
 %config(noreplace) %{ssldir}/dovecot-openssl.cnf
 %attr(0600,root,root) %ghost %config(missingok,noreplace) %verify(not md5 size mtime) %{ssldir}/dovecot.pem
 %attr(0600,root,root) %ghost %config(missingok,noreplace) %verify(not md5 size mtime) %{ssldir}/private/dovecot.pem
@@ -168,10 +170,20 @@
 %{_sbindir}/dovecot
 %dir /var/run/dovecot
 %attr(0750,root,dovecot) %dir /var/run/dovecot-login
-%attr(0750,root,dovecot) %{docdir}/examples/mkcert.sh
+%attr(0754,root,dovecot) %{docdir}/examples/mkcert.sh
 
 
 %changelog
+* Thu Jun 16 2005 John Dennis <jdennis at redhat.com> - 0.99.14-6.fc4
+- fix bug #160277
+  default /etc/pki/dovecot/certs/dovecot.pem changed to /etc/pki/dovecot.pem
+  if ssl_cert_file was not set in dovecot.conf file (which it was by the rpm)
+  then hardcoded default was /etc/pki/certs/dovecot.pem, which didn't match
+  the new path of /etc/pki/dovecot/dovecot.pem (note subdir certs deprecated)
+- fix bug #160679
+  wrong permissions on /etc/pki/dovecot/dovecot.pem, needs to be readable by
+  more than root.
+
 * Thu Apr 28 2005 John Dennis <jdennis at redhat.com> - 0.99.14-5.fc4
 - fix bug #156159 insecure location of restart flag file

More information about the fedora-cvs-commits mailing list