rpms/dovecot/FC-4 dovecot-configfile.patch, 1.5, 1.6 dovecot.spec, 1.30, 1.31
fedora-cvs-commits at redhat.com
fedora-cvs-commits at redhat.com
Thu Jun 16 19:15:30 UTC 2005
Author: jdennis
Update of /cvs/dist/rpms/dovecot/FC-4
In directory cvs.devel.redhat.com:/tmp/cvs-serv16094
Modified Files:
dovecot-configfile.patch dovecot.spec
Log Message:
fix bugs 160277, 160679
dovecot-configfile.patch:
dovecot-0.99.13/dovecot.conf | 24 +++++++++---------------
dovecot-0.99.14/doc/mkcert.sh | 15 +++++++++------
dovecot-0.99.14/src/master/master-settings.c | 2 +-
3 files changed, 19 insertions(+), 22 deletions(-)
Index: dovecot-configfile.patch
===================================================================
RCS file: /cvs/dist/rpms/dovecot/FC-4/dovecot-configfile.patch,v
retrieving revision 1.5
retrieving revision 1.6
diff -u -r1.5 -r1.6
--- dovecot-configfile.patch 22 Apr 2005 21:01:48 -0000 1.5
+++ dovecot-configfile.patch 16 Jun 2005 19:15:27 -0000 1.6
@@ -65,10 +65,10 @@
# Should we create dotlock file even when we want only a read-lock? Setting
# this to yes hurts the performance when the mailbox is accessed simultaneously
-diff -u -r dovecot-0.99.11.orig/doc/mkcert.sh dovecot-0.99.11/doc/mkcert.sh
---- dovecot-0.99.11.orig/doc/mkcert.sh 2004-07-22 20:04:37.000000000 -0400
-+++ dovecot-0.99.11/doc/mkcert.sh 2004-12-22 16:33:20.000000000 -0500
-@@ -4,11 +4,12 @@
+diff -r -u dovecot-0.99.14.orig/doc/mkcert.sh dovecot-0.99.14/doc/mkcert.sh
+--- dovecot-0.99.14.orig/doc/mkcert.sh 2004-07-22 20:04:37.000000000 -0400
++++ dovecot-0.99.14/doc/mkcert.sh 2005-06-16 15:00:05.178544000 -0400
+@@ -4,18 +4,21 @@
# Edit dovecot-openssl.cnf before running this.
OPENSSL=${OPENSSL-openssl}
@@ -83,14 +83,28 @@
+CERTFILE=$SSLDIR/$CERTNAME.pem
+KEYFILE=$SSLDIR/private/$CERTNAME.pem
- if [ ! -d $SSLDIR/certs ]; then
- echo "$SSLDIR/certs directory doesn't exist"
-@@ -29,6 +30,7 @@
+-if [ ! -d $SSLDIR/certs ]; then
+- echo "$SSLDIR/certs directory doesn't exist"
++if [ ! -d $SSLDIR ]; then
++ echo "$SSLDIR directory doesn't exist"
++ exit 1
fi
- $OPENSSL req -new -x509 -nodes -config $OPENSSLCONFIG -out $CERTFILE -keyout $KEYFILE -days 365 || exit 2
--chmod 0600 $KEYFILE
-+chown root:root $CERTFILE $KEYFILE
-+chmod 0600 $CERTFILE $KEYFILE
- echo
- $OPENSSL x509 -subject -fingerprint -noout -in $CERTFILE || exit 2
+ if [ ! -d $SSLDIR/private ]; then
+ echo "$SSLDIR/private directory doesn't exist"
++ exit 1
+ fi
+
+ if [ -f $CERTFILE ]; then
+diff -r -u dovecot-0.99.14.orig/src/master/master-settings.c dovecot-0.99.14/src/master/master-settings.c
+--- dovecot-0.99.14.orig/src/master/master-settings.c 2004-08-09 16:10:08.000000000 -0400
++++ dovecot-0.99.14/src/master/master-settings.c 2005-06-16 14:00:47.750360000 -0400
+@@ -147,7 +147,7 @@
+ MEMBER(pop3s_listen) NULL,
+
+ MEMBER(ssl_disable) FALSE,
+- MEMBER(ssl_cert_file) SSLDIR"/certs/dovecot.pem",
++ MEMBER(ssl_cert_file) SSLDIR"/dovecot.pem",
+ MEMBER(ssl_key_file) SSLDIR"/private/dovecot.pem",
+ MEMBER(ssl_parameters_file) "ssl-parameters.dat",
+ MEMBER(ssl_parameters_regenerate) 24,
Index: dovecot.spec
===================================================================
RCS file: /cvs/dist/rpms/dovecot/FC-4/dovecot.spec,v
retrieving revision 1.30
retrieving revision 1.31
diff -u -r1.30 -r1.31
--- dovecot.spec 28 Apr 2005 19:57:40 -0000 1.30
+++ dovecot.spec 16 Jun 2005 19:15:27 -0000 1.31
@@ -1,7 +1,7 @@
Summary: Dovecot Secure imap server
Name: dovecot
Version: 0.99.14
-Release: 5.fc4
+Release: 6.fc4
License: LGPL
Group: System Environment/Daemons
@@ -160,6 +160,8 @@
%config(noreplace) %{_sysconfdir}/dovecot.conf
%config %{_sysconfdir}/rc.d/init.d/dovecot
%config %{_sysconfdir}/pam.d/dovecot
+%attr(0750,root,dovecot) %dir %{ssldir}
+%attr(0750,root,dovecot) %dir %{ssldir}/private
%config(noreplace) %{ssldir}/dovecot-openssl.cnf
%attr(0600,root,root) %ghost %config(missingok,noreplace) %verify(not md5 size mtime) %{ssldir}/dovecot.pem
%attr(0600,root,root) %ghost %config(missingok,noreplace) %verify(not md5 size mtime) %{ssldir}/private/dovecot.pem
@@ -168,10 +170,20 @@
%{_sbindir}/dovecot
%dir /var/run/dovecot
%attr(0750,root,dovecot) %dir /var/run/dovecot-login
-%attr(0750,root,dovecot) %{docdir}/examples/mkcert.sh
+%attr(0754,root,dovecot) %{docdir}/examples/mkcert.sh
%changelog
+* Thu Jun 16 2005 John Dennis <jdennis at redhat.com> - 0.99.14-6.fc4
+- fix bug #160277
+ default /etc/pki/dovecot/certs/dovecot.pem changed to /etc/pki/dovecot.pem
+ if ssl_cert_file was not set in dovecot.conf file (which it was by the rpm)
+ then hardcoded default was /etc/pki/certs/dovecot.pem, which didn't match
+ the new path of /etc/pki/dovecot/dovecot.pem (note subdir certs deprecated)
+- fix bug #160679
+ wrong permissions on /etc/pki/dovecot/dovecot.pem, needs to be readable by
+ more than root.
+
* Thu Apr 28 2005 John Dennis <jdennis at redhat.com> - 0.99.14-5.fc4
- fix bug #156159 insecure location of restart flag file
More information about the fedora-cvs-commits
mailing list