diff options
| author |   Andrej Kacian <ticho@gentoo.org> | 2005-03-03 13:52:49 +0000 |
|---|---|---|
| committer | Andrej Kacian <ticho@gentoo.org> | 2005-03-03 13:52:49 +0000 |
| commit | a0a68dee76922fe1e76f6db56c1317e931687c3a (patch) | |
| tree | 5a971d6ef144f503a6585c0ee190d8a0c13a8769 /net-mail | |
| parent | Added net-mail/vimap:clearpasswd (diff) | |
| download | historical-a0a68dee76922fe1e76f6db56c1317e931687c3a.tar.gz historical-a0a68dee76922fe1e76f6db56c1317e931687c3a.tar.bz2 historical-a0a68dee76922fe1e76f6db56c1317e931687c3a.zip | |
Do not allow cleartext logins outside of SSL sessions. Add useflag to toggle this.
Package-Manager: portage-2.0.51.17
Diffstat (limited to 'net-mail')
| -rw-r--r-- | net-mail/vimap/ChangeLog | 9 | ||||
| -rw-r--r-- | net-mail/vimap/Manifest | 23 | ||||
| -rw-r--r-- | net-mail/vimap/files/digest-vimap-2002c-r3 | 1 | ||||
| -rw-r--r-- | net-mail/vimap/vimap-2002c-r3.ebuild | 171 |
4 files changed, 193 insertions, 11 deletions
diff --git a/net-mail/vimap/ChangeLog b/net-mail/vimap/ChangeLog index 0a9ad06f790a..c1f406645f27 100644 --- a/net-mail/vimap/ChangeLog +++ b/net-mail/vimap/ChangeLog @@ -1,6 +1,13 @@ # ChangeLog for net-mail/vimap # Copyright 2002-2005 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/net-mail/vimap/ChangeLog,v 1.10 2005/02/18 22:23:50 ferdy Exp $ +# $Header: /var/cvsroot/gentoo-x86/net-mail/vimap/ChangeLog,v 1.11 2005/03/03 13:52:49 ticho Exp $ + +*vimap-2002c-r3 (03 Mar 2005) + + 03 Mar 2005; Andrej Kacian <ticho@gentoo.org> +vimap-2002c-r3.ebuild: + Disable plaintext login outside of SSL sessions, and add a USE flag to + toggle this behavior. Suggested by Tero Pelander <tpeland@tkukoulu.fi> in + bug #83979. *vimap-2002c-r2 (18 Feb 2005) diff --git a/net-mail/vimap/Manifest b/net-mail/vimap/Manifest index 65393bf86b24..24c9911caf53 100644 --- a/net-mail/vimap/Manifest +++ b/net-mail/vimap/Manifest @@ -1,26 +1,29 @@ -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 -MD5 be36d41a985ba8f1839742d888e4cd57 vimap-2002c-r1.ebuild 3631 MD5 290ee971bc40c8b98682c1eace7ec79f vimap-2002c-r2.ebuild 4110 -MD5 b388d883757f5856bf9943ee4b46846e vimap-2002c.ebuild 2687 -MD5 43aeb69a95be1ca90fdf4b65cf5c3970 ChangeLog 1729 +MD5 49e6dcad9d7ba57a9bf1288bc16ab645 ChangeLog 1996 +MD5 2b167cabef5d015604446e42b4ab18de vimap-2002c-r3.ebuild 4925 MD5 5721b86fd871bdfab77231abc6e02f68 metadata.xml 161 +MD5 b388d883757f5856bf9943ee4b46846e vimap-2002c.ebuild 2687 +MD5 be36d41a985ba8f1839742d888e4cd57 vimap-2002c-r1.ebuild 3631 +MD5 13515b055626ddee903876552c62f747 .vimap-2002c-r3.ebuild.swp 4096 MD5 2cc8deb01d6efd5a650d6fc5519289bd files/uw-ipop2.xinetd 564 +MD5 ff493c5938360a4411843914673d4a05 files/digest-vimap-2002c-r2 63 +MD5 fbd30c975d120429f29509866d292745 files/uw-ipop3.xinetd 473 MD5 c6e5f24322fad9b16d63b1e08ca3bee8 files/uw-ipop3s.xinetd 474 -MD5 b9265aebc1d378faf06199471ceabc4f files/uw-imap.xinetd 492 MD5 ff493c5938360a4411843914673d4a05 files/digest-vimap-2002c 63 MD5 28c291d52426cc5d25be57406f14e096 files/uw-imap.pam-system-auth 344 +MD5 b9265aebc1d378faf06199471ceabc4f files/uw-imap.xinetd 492 +MD5 0ec3cd52bf3e7064a3d9e60a5ac16291 files/imap-2002c-virtual.patch.bz2 10394 MD5 ff493c5938360a4411843914673d4a05 files/digest-vimap-2002c-r1 63 -MD5 ff493c5938360a4411843914673d4a05 files/digest-vimap-2002c-r2 63 -MD5 fbd30c975d120429f29509866d292745 files/uw-ipop3.xinetd 473 MD5 cde23dc2375a8c33998202c8f0c9ae0e files/vimap-2002c-amd64-so-fix.patch 675 +MD5 ff493c5938360a4411843914673d4a05 files/digest-vimap-2002c-r3 63 MD5 a801fe6d35ae75b0abeb6e410b3b6ea2 files/uw-imaps.xinetd 487 -MD5 0ec3cd52bf3e7064a3d9e60a5ac16291 files/imap-2002c-virtual.patch.bz2 10394 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.0 (GNU/Linux) -iD8DBQFCFmsDViELBEf1JB0RAjhmAJ9gTWh9NJljlYpa6Pwm59o1HbyuygCdHTs7 -oGT6hPUWt5rRM+FF8X8Sog4= -=98mi +iD8DBQFCJxa/QlM6RnzZP+IRAgjSAJ9jbF8IEEu5Di2K961z1Cf9erIMIgCdFn/2 +cGbFZp3f8dpv5AX5XnsNSXk= +=FcRZ -----END PGP SIGNATURE----- diff --git a/net-mail/vimap/files/digest-vimap-2002c-r3 b/net-mail/vimap/files/digest-vimap-2002c-r3 new file mode 100644 index 000000000000..1b9bd49be383 --- /dev/null +++ b/net-mail/vimap/files/digest-vimap-2002c-r3 @@ -0,0 +1 @@ +MD5 90c255dcf3ee373e3fb174ea5d820f4d imap-2002c1.tar.Z 2111395 diff --git a/net-mail/vimap/vimap-2002c-r3.ebuild b/net-mail/vimap/vimap-2002c-r3.ebuild new file mode 100644 index 000000000000..f9db3e30d9d9 --- /dev/null +++ b/net-mail/vimap/vimap-2002c-r3.ebuild @@ -0,0 +1,171 @@ +# Copyright 1999-2005 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/net-mail/vimap/vimap-2002c-r3.ebuild,v 1.1 2005/03/03 13:52:49 ticho Exp $ + +inherit eutils flag-o-matic + +S=${WORKDIR}/imap-2002c1 + +DESCRIPTION="Linuxconf style virtual domain patched UW server daemons for IMAP and POP network mail protocols." +SRC_URI="ftp://ftp.cac.washington.edu/imap/imap-2002c1.tar.Z" +HOMEPAGE="http://www.washington.edu/imap/ http://vimap.sf.net/" + +LICENSE="as-is" +SLOT="0" +KEYWORDS="~amd64 ~x86 ~sparc ~ppc ~hppa ~alpha" +IUSE="ssl clearpasswd" + +PROVIDE="virtual/imapd" +PROVIDE="${PROVIDE} virtual/imap-c-client" + +RDEPEND=">=net-mail/mailbase-0.00-r8" + +DEPEND=" + ${RDEPEND} + !virtual/imap-c-client + virtual/libc + >=sys-libs/pam-0.72 + ssl? ( dev-libs/openssl )" + +pkg_setup() { + echo + if use clearpasswd; then + ewarn "Building vimap with cleartext LOGIN allowed. Disable \"clearpasswd\" USE" + ewarn "flag to restrict cleartext LOGIN to SSL/TLS sessions only." + else + if use ssl; then + ewarn "Building vimap with cleartext LOGIN restricted to SSL/TLS sessions only." + ewarn "Enable \"clearpasswd\" flag to allow unrestricted cleartext LOGIN." + else + ewarn "You have disabled SSL for vimap, but want cleartext passwords restricted to" + ewarn "SSL/TLS sessions only. Either enable \"ssl\" USE flag, or \"clearpasswd\"" + ewarn "USE flag." + die "Impossible USE flag combination, see above message" + fi + fi + echo + # Warn people with pam flag deactivated. + if ! built_with_use net-mail/mailbase pam; + then + echo + ewarn "It is recommended to have the net-mail/mailbase package" + ewarn " built with the pam use flag activated. Please rebuild" + ewarn " net-mail/mailbase with pam activated." + echo + epause 3 + fi +} +src_unpack() { + unpack ${A} + # Tarball packed with bad file perms + chmod -R ug+w ${S} + cd ${S} + bzcat ${FILESDIR}/imap-2002c-virtual.patch.bz2 | patch -p0 + if use amd64; then + # Now we must make all the individual Makefiles use different CFLAGS, + # otherwise they would all use -fPIC + sed -i -e "s|\`cat \$C/CFLAGS\`|${CFLAGS}|g" src/dmail/Makefile \ + src/imapd/Makefile src/ipopd/Makefile src/mailutil/Makefile \ + src/mlock/Makefile src/mtest/Makefile src/tmail/Makefile \ + || die "sed failed patching Makefile CFLAGS." + # Now there is only c-client left, which should be built with -fPIC + append-flags -fPIC + # Apply our patch to actually build the shared library for PHP5 + epatch ${FILESDIR}/${P}-amd64-so-fix.patch + fi + cd ${S}/src/osdep/unix/ + cp Makefile Makefile.orig + sed \ + -e "s:BASECFLAGS=\".*\":BASECFLAGS=:g" \ + -e 's,SSLDIR=/usr/local/ssl,SSLDIR=/usr,g' \ + -e 's,SSLCERTS=$(SSLDIR)/certs,SSLCERTS=/etc/ssl/certs,g' \ + < Makefile.orig > Makefile + cd ${S} +} + +src_compile() { + if use ssl; then + cd ${S} + + if use clearpasswd; then + yes | make lnp ${mymake} ${ipver} SSLTYPE=unix EXTRACFLAGS="${CFLAGS}" EXTRALDFLAGS="-lcrypt" || die + else + yes | make lnp ${mymake} ${ipver} SSLTYPE=unix.nopwd EXTRACFLAGS="${CFLAGS}" EXTRALDFLAGS="-lcrypt" || die + fi + + local i + for i in imapd ipop3d; do + umask 077 + PEM1=`/bin/mktemp ${T}/openssl.XXXXXX` + PEM2=`/bin/mktemp ${T}/openssl.XXXXXX` + /usr/bin/openssl req -newkey rsa:1024 -keyout $$PEM1 \ + -nodes -x509 -days 365 -out $$PEM2 << EOF +-- +SomeState +SomeCity +SomeOrganization +SomeOrganizationalUnit +localhost.localdomain +root@localhost.localdomain +EOF + + cat $$PEM1 > ${i}.pem + echo "" >> ${i}.pem + cat $$PEM2 >> ${i}.pem + rm $$PEM1 $$PEM2 + umask 022 + done + else + yes | make lnp ${mymake} ${ipver} \ + SSLTYPE=none EXTRACFLAGS="${CFLAGS}" EXTRALDFLAGS="-lcrypt" || die + fi +} + +src_install() { + into /usr + dosbin imapd/imapd ipopd/ipop?d + + if use ssl; then + dodir /etc/ssl/certs + mv imapd.pem ${D}/etc/ssl/certs + mv ipop3d.pem ${D}/etc/ssl/certs + fi + + if use amd64; then + dolib.so c-client/libc-client.so* + cd ${D}/usr/$(get_libdir) + ln -s libc-client.so.1.0.0 libc-client.so.1 + ln -s libc-client.so.1 libc-client.so + fi + + cd ${S} + + insinto /usr/include/imap + doins c-client/{c-client,mail,imap4r1,rfc822,linkage,misc,smtp,nntp}.h + doins c-client/{osdep,env_unix,env,fs,ftl,nl,tcp}.h + dolib.a c-client/c-client.a + dosym /usr/$(get_libdir)/c-client.a /usr/$(get_libdir)/libc-client.a + + doman src/ipopd/ipopd.8c src/imapd/imapd.8c + + dodoc CPYRIGHT README docs/*.txt docs/CONFIG docs/RELNOTES + + docinto rfc + dodoc docs/rfc/*.txt + + ## pam.d files are provided by mailbase + # unless mailbase wasn't built with pam. + if ! built_with_use net-mail/mailbase pam; + then + insinto /etc/pam.d + newins ${FILESDIR}/uw-imap.pam-system-auth imap + newins ${FILESDIR}/uw-imap.pam-system-auth pop + fi + + insinto /etc/xinetd.d + newins ${FILESDIR}/uw-imap.xinetd imap + newins ${FILESDIR}/uw-ipop2.xinetd ipop2 + newins ${FILESDIR}/uw-ipop3.xinetd ipop3 + newins ${FILESDIR}/uw-ipop3s.xinetd ipop3s + newins ${FILESDIR}/uw-imaps.xinetd imaps +} |