From 9860c58bbf8d4ff8f06f954bedc5e77a246522a6 Mon Sep 17 00:00:00 2001
From: Roy Marples <uberlord@gentoo.org>
Date: Sun, 19 Nov 2006 11:37:11 +0000
Subject: [PATCH] New release. Fixes a off-by-one buffer overflow in cache file
 handling. The code is executed only with mmap_disable=yes and only if index
 files are used (ie. INDEX=MEMORY is safe). Package-Manager:
 portage-2.1.2_rc1-r7

---
 net-mail/dovecot/ChangeLog                    |   9 +-
 net-mail/dovecot/Manifest                     |  16 +-
 net-mail/dovecot/dovecot-1.0_rc15.ebuild      | 178 ++++++++++++++++++
 .../dovecot/files/digest-dovecot-1.0_rc15     |   3 +
 4 files changed, 201 insertions(+), 5 deletions(-)
 create mode 100644 net-mail/dovecot/dovecot-1.0_rc15.ebuild
 create mode 100644 net-mail/dovecot/files/digest-dovecot-1.0_rc15

diff --git a/net-mail/dovecot/ChangeLog b/net-mail/dovecot/ChangeLog
index cd1fe5749e31..53f93e1accc1 100644
--- a/net-mail/dovecot/ChangeLog
+++ b/net-mail/dovecot/ChangeLog
@@ -1,6 +1,13 @@
 # ChangeLog for net-mail/dovecot
 # Copyright 2000-2006 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/net-mail/dovecot/ChangeLog,v 1.71 2006/11/12 20:35:23 uberlord Exp $
+# $Header: /var/cvsroot/gentoo-x86/net-mail/dovecot/ChangeLog,v 1.72 2006/11/19 11:37:11 uberlord Exp $
+
+*dovecot-1.0_rc15 (19 Nov 2006)
+
+  19 Nov 2006; Roy Marples <uberlord@gentoo.org> +dovecot-1.0_rc15.ebuild:
+  New release. Fixes a off-by-one buffer overflow in cache file handling.
+  The code is executed only with mmap_disable=yes and only if index files
+  are used (ie. INDEX=MEMORY is safe).
 
 *dovecot-1.0_rc14 (12 Nov 2006)
 
diff --git a/net-mail/dovecot/Manifest b/net-mail/dovecot/Manifest
index f8557559b1e9..b9e170ab010d 100644
--- a/net-mail/dovecot/Manifest
+++ b/net-mail/dovecot/Manifest
@@ -8,6 +8,7 @@ DIST dovecot-1.0.rc11.tar.gz 1457850 RMD160 08d469378639998d587e04b700c3a7398718
 DIST dovecot-1.0.rc12.tar.gz 1457955 RMD160 8b34078472b38164bfc26c675740076a43ba7af1 SHA1 a537064551f48987729bb6707db8505aa4d84978 SHA256 250085d706f978960ee501c9bf2bd01f5b3de6e6855660c1bb9a97aa5680b985
 DIST dovecot-1.0.rc13.tar.gz 1459922 RMD160 89bf059c4922ba744e29b3a077cd33b67354cd22 SHA1 2264979e131ffbec2767b4d77ca8ceee12300f46 SHA256 a653939eae55a6ddea7c97e6ddfcdafdfcbdb56727640d61761fc9bbfca62834
 DIST dovecot-1.0.rc14.tar.gz 1461773 RMD160 6147bb86afc529b1bf7826324e622b5b7347c1b8 SHA1 0ff156ef9a548a33d65aaa6aca56074788974301 SHA256 3489e5a8a0eea149e39694ee6c38c2e2509bac95fb5f174855caf28fb4234532
+DIST dovecot-1.0.rc15.tar.gz 1463069 RMD160 904ef7d1f0fbfe8055f13d9036f7107f498b522e SHA1 9b618d0c1562aa64bd1e055ffa9fe5f2412514af SHA256 e1e42e5c808301c5a709d54c5949cd8c1d3c43861e4e918548ded5841865487f
 EBUILD dovecot-1.0_beta8.ebuild 4639 RMD160 6355e1c5fd0e12eea869543ab7084e6e9acb0f44 SHA1 f6119c5d1b4ba2a93ca88da701f8c5be4d8154fd SHA256 90bb9d6833f574e16fd58da5bac9339f33fb5e2c7a8aa47d6f246b71febd547f
 MD5 5cb271c421fee4cdcac364b89eeb7148 dovecot-1.0_beta8.ebuild 4639
 RMD160 6355e1c5fd0e12eea869543ab7084e6e9acb0f44 dovecot-1.0_beta8.ebuild 4639
@@ -32,10 +33,14 @@ EBUILD dovecot-1.0_rc14.ebuild 5321 RMD160 8dcad790cf9569ca27d51fee8949f4c69a5cf
 MD5 5b3ee9e7a2e4628c8b3cd512bbc715a6 dovecot-1.0_rc14.ebuild 5321
 RMD160 8dcad790cf9569ca27d51fee8949f4c69a5cfa05 dovecot-1.0_rc14.ebuild 5321
 SHA256 9f1f4e6c774c40cf02f227ab4f7415113aae732e7e7af1844b70c945fcd478ea dovecot-1.0_rc14.ebuild 5321
-MISC ChangeLog 12574 RMD160 658452198432115449fb93686aa37ceb0db242a4 SHA1 7adf83c53bd01b274e584e9d26e378358eb6146d SHA256 15edf0bf72ce2db6e0c14d39e378059576cb68e0ea0b3e21d3e4b481f666c9f5
-MD5 600929867eb21e06d14103d9b438ea85 ChangeLog 12574
-RMD160 658452198432115449fb93686aa37ceb0db242a4 ChangeLog 12574
-SHA256 15edf0bf72ce2db6e0c14d39e378059576cb68e0ea0b3e21d3e4b481f666c9f5 ChangeLog 12574
+EBUILD dovecot-1.0_rc15.ebuild 5321 RMD160 100f9de52ba8b67d8228a5a50fc5cad27adcb7af SHA1 4c417b28f9a42c1e736776c25a46ce9d721d2016 SHA256 73d0fac9dc176d543bd077a4dd605b6fc46a15333cded73f08a06f793aab1c3f
+MD5 8bad0b8cb553ef0787d78112bbc2dcbd dovecot-1.0_rc15.ebuild 5321
+RMD160 100f9de52ba8b67d8228a5a50fc5cad27adcb7af dovecot-1.0_rc15.ebuild 5321
+SHA256 73d0fac9dc176d543bd077a4dd605b6fc46a15333cded73f08a06f793aab1c3f dovecot-1.0_rc15.ebuild 5321
+MISC ChangeLog 12870 RMD160 f0dcf635420920788b851eee488a36c30bd1e236 SHA1 dcbc28f291abb892c9975e66a5abb411945c977f SHA256 208a851d5d75f6e66f1733d0a4015a31e123f227588f781709552ef3b26eee6f
+MD5 af8653e3246e34836ce787a30bdea3a6 ChangeLog 12870
+RMD160 f0dcf635420920788b851eee488a36c30bd1e236 ChangeLog 12870
+SHA256 208a851d5d75f6e66f1733d0a4015a31e123f227588f781709552ef3b26eee6f ChangeLog 12870
 MISC metadata.xml 252 RMD160 97c0c41abc4b61586ab48653ced79067cb964aa6 SHA1 57de811cfb02936b35c4bef2108018e6b2697a99 SHA256 419ffa57f459d89a62dd42ee4bb01934f03e6913b470323f5b2b8a7c89e2dc66
 MD5 b6ff89c08602229bdd234da83a89df77 metadata.xml 252
 RMD160 97c0c41abc4b61586ab48653ced79067cb964aa6 metadata.xml 252
@@ -58,3 +63,6 @@ SHA256 37c862fa50f4cb8122e9522a8d65435638f7fa94b008e9b7b8801df2c01cb7a6 files/di
 MD5 794cd34ba1fdeecc9cea35ab0a388fd1 files/digest-dovecot-1.0_rc14 253
 RMD160 d89f70259c5b484b7c04d9878b8c8deebc92f07c files/digest-dovecot-1.0_rc14 253
 SHA256 df4c0a9ace6e85668fcb2595361f1f25faa1be98e5cae2f178f2b30d3b1b3d2d files/digest-dovecot-1.0_rc14 253
+MD5 2c27eb8bc7a2d4ac15db038e2c32f3dd files/digest-dovecot-1.0_rc15 253
+RMD160 0c75375b63a906552c7c31aabe46cf07c93492f0 files/digest-dovecot-1.0_rc15 253
+SHA256 0c0d306c2bac1ed1f287123160612db5f9c959afa54dac80c9db3794a258c197 files/digest-dovecot-1.0_rc15 253
diff --git a/net-mail/dovecot/dovecot-1.0_rc15.ebuild b/net-mail/dovecot/dovecot-1.0_rc15.ebuild
new file mode 100644
index 000000000000..af10091ea7c9
--- /dev/null
+++ b/net-mail/dovecot/dovecot-1.0_rc15.ebuild
@@ -0,0 +1,178 @@
+# Copyright 1999-2006 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/net-mail/dovecot/dovecot-1.0_rc15.ebuild,v 1.1 2006/11/19 11:37:11 uberlord Exp $
+
+inherit autotools eutils
+
+DESCRIPTION="An IMAP and POP3 server written with security primarily in mind"
+HOMEPAGE="http://dovecot.org/"
+MY_P="${P/_/.}"
+S="${WORKDIR}/${MY_P}"
+SRC_URI="http://dovecot.org/releases/${MY_P}.tar.gz"
+
+SLOT="0"
+LICENSE="LGPL-2.1"
+KEYWORDS="~alpha ~amd64 ~ppc ~sparc ~x86"
+
+IUSE="debug doc ipv6 kerberos ldap mbox mysql pop3d pam postgres ssl vpopmail"
+
+# Developer documentation, controlled by the doc USE flag
+DEVDOCS="auth-protocol index multiaccess securecoding"
+
+DEPEND=">=sys-apps/sed-4
+	kerberos? ( virtual/krb5 )
+	ldap? ( net-nds/openldap )
+	pam? ( virtual/pam )
+	ssl? ( dev-libs/openssl )
+	postgres? ( dev-db/postgresql )
+	mysql? ( dev-db/mysql )
+	vpopmail? ( net-mail/vpopmail )"
+
+RDEPEND="${DEPEND}
+	>=net-mail/mailbase-0.00-r8"
+
+pkg_setup() {
+	# Add user and group for login process (same as for fedora/redhat)
+	enewgroup dovecot 97
+	enewuser dovecot 97 -1 /dev/null dovecot
+}
+
+src_compile() {
+	local myconf="--sysconfdir=/etc/dovecot --with-ioloop=best --with-poll=best"
+	use ssl && myconf="${myconf} --with-ssl=openssl" \
+		|| myconf="${myconf} --without-ssl"
+
+	econf --localstatedir=/var \
+		$(use_enable debug) \
+		$(use_enable ipv6) \
+		$(use_with kerberos gssapi) \
+		$(use_with ldap) \
+		$(use_with mysql) \
+		$(use_with pam) \
+		$(use_with pop3d) \
+		$(use_with postgres pgsql) \
+		$(use_with vpopmail) \
+		${myconf} || die "configure failed"
+	emake || die "make failed"
+}
+
+src_install () {
+	make DESTDIR="${D}" install || die "make install failed"
+
+	newinitd "${FILESDIR}"/dovecot.init dovecot
+
+	# Documentation
+	rm -rf "${D}"/usr/share/doc/dovecot
+	dodoc AUTHORS NEWS README TODO dovecot-example.conf
+	if use doc ; then
+		dodoc doc/*.txt
+	else
+		local x= n=
+		for x in doc/*.txt ; do
+			n=$(basename "${x}" .txt)
+			[[ " ${DEVDOCS} " != *" ${n} "* ]] && dodoc "${x}"
+		done
+	fi
+
+	# Create the dovecot.conf file from the dovecot-example.conf file that
+	# the dovecot folks nicely left for us....
+	local conf="${D}/etc/dovecot/dovecot.conf"
+	mv "${D}"/etc/dovecot/dovecot-example.conf "${D}"/etc/dovecot/dovecot.conf
+	fperms 0600 /etc/dovecot/dovecot.conf
+
+	# .maildir is the Gentoo default, but we need to support mbox to
+	local mail_location="maildir:~/.maildir"
+	if use mbox ; then
+		mail_loctation="mbox:/var/spool/mail/%u:INDEX=/var/dovecot/%u"
+		keepdir /var/dovecot
+		sed -i -e 's|#mail_extra_groups =|mail_extra_groups = mail|' "${conf}"
+	fi
+	sed -i -e \
+		"s|#mail_location =|mail_location = ${mail_location}|" "${conf}" || die
+
+	# We're using pam files (imap and pop3) provided by mailbase
+	if use pam ; then
+		sed -i -e '/passdb pam/, /^[ \t]*}/ s|#args = dovecot|args = "\*"|' \
+			"${conf}" || die
+	fi
+
+	# Listen on ipv6 and ipv4
+	if use ipv6 ; then
+		sed -i -e 's/^#listen = \*/listen = \[::\]/g' "${conf}" || die
+	fi
+
+	# Install SQL configuration
+	if use mysql || use postgres ; then
+		cp doc/dovecot-sql.conf "${D}"/etc/dovecot
+		fperms 600 /etc/dovecot/dovecot-sql.conf
+		sed -i -e '/db sql/,/args/ s|=|= /etc/dovecot-sql.conf|' "${conf}"
+		dodoc doc/dovecot-sql.conf
+	fi
+
+	# Install LDAP configuration
+	if use ldap ; then
+		cp doc/dovecot-ldap.conf "${D}"/etc/dovecot
+		fperms 600 /etc/dovecot/dovecot-ldap.conf
+		sed -i -e '/db ldap/,/args/ s|=|= /etc/dovecot-ldap.conf|' "${conf}"
+		dodoc doc/dovecot-ldap.conf
+	fi
+
+
+	# Create SSL certificates
+	if use ssl ; then
+		dodir /etc/ssl/certs
+		dodir /etc/ssl/private
+		# Let's not make a new certificate if we already have one
+		if ! [[ -e /etc/ssl/certs/dovecot.pem && \
+			-e /etc/ssl/private/dovecot.pem ]]; then
+			einfo "Generating X.509 certificate for SSL"
+			pushd doc >/dev/null && \
+				SSLDIR="${D}"/etc/ssl sh mkcert.sh && \
+				popd >/dev/null
+		fi
+		dodoc doc/*.cnf doc/mkcert.sh
+	fi
+
+	dodir /var/run/dovecot
+	fowners root:0 /var/run/dovecot
+	fperms 0700 /var/run/dovecot
+	keepdir /var/run/dovecot/login
+	fowners root:dovecot /var/run/dovecot/login
+	fperms 0750 /var/run/dovecot/login
+}
+
+get_config_var() {
+	sed -n 's/^[[:space:]]\?base_dir[[:space:]]*="*\([^#"]\+\)"*/\1/p' \
+		/etc/dovecot/dovecot.conf
+}
+
+pkg_postinst() {
+	einfo "The dovecot configuration has vastly changed since 0.99."
+	einfo "You are encouraged to start afresh with a new configuration file."
+	einfo "see http://wiki.dovecot.org/ for configuration examples."
+
+	if [[ -e ${ROOT}etc/dovecot.conf ]] ; then
+		ewarn
+		ewarn "dovecot configuration is now in ${ROOT}etc/dovecot"
+	fi
+
+	local base_dir="$(get_config_var base_dir)"
+	base_dir="${basedir:-/var/run/dovecot}"
+	if use ssl \
+		&& [[ ! -e "${ROOT}/${base_dir}/login/ssl-parameters.dat" ]] ; then
+		einfo
+		einfo "Dovecot requires DH SSL Parameters if you use SSL connections"
+		einfo "These take some time to make, and dovecot will create them before"
+		einfo "it allows any SSL connections."
+		einfo "You can create them now before starting dovecot like so"
+		einfo "   emerge --config =${PF}"
+	fi
+}
+
+pkg_config() {
+	local base_dir="$(get_config_var base_dir)"
+	base_dir="${base_dir:-/var/run/dovecot}"
+
+	einfo "Regenerating SSL parameters. This will take some time."
+	/usr/libexec/dovecot/ssl-build-param "${base_dir}/login/ssl-parameters.dat"
+}
diff --git a/net-mail/dovecot/files/digest-dovecot-1.0_rc15 b/net-mail/dovecot/files/digest-dovecot-1.0_rc15
new file mode 100644
index 000000000000..22003a4f2a49
--- /dev/null
+++ b/net-mail/dovecot/files/digest-dovecot-1.0_rc15
@@ -0,0 +1,3 @@
+MD5 26f3d2b075856b1b1d180146363819e6 dovecot-1.0.rc15.tar.gz 1463069
+RMD160 904ef7d1f0fbfe8055f13d9036f7107f498b522e dovecot-1.0.rc15.tar.gz 1463069
+SHA256 e1e42e5c808301c5a709d54c5949cd8c1d3c43861e4e918548ded5841865487f dovecot-1.0.rc15.tar.gz 1463069
-- 
2.26.2