dovecot package update

Signed-off-by: webbuilder_pel7x64builder0 <webbuilder@powerel.org>

SOURCES/dovecot-1.0.beta2-mkcert-permissions.patch

@@ -0,0 +1,11 @@
+--- dovecot-1.0.beta2/doc/mkcert.sh.configfile	2006-01-16 21:14:54.000000000 +0100
++++ dovecot-1.0.beta2/doc/mkcert.sh	2006-01-26 14:28:38.000000000 +0100
+@@ -29,6 +29,7 @@
+ fi
+
+ $OPENSSL req -new -x509 -nodes -config $OPENSSLCONFIG -out $CERTFILE -keyout $KEYFILE -days 365 || exit 2
+-chmod 0600 $KEYFILE
++chown root:root $CERTFILE $KEYFILE
++chmod 0600 $CERTFILE $KEYFILE
+ echo
+ $OPENSSL x509 -subject -fingerprint -noout -in $CERTFILE || exit 2

SOURCES/dovecot-1.0.rc7-mkcert-paths.patch

@@ -0,0 +1,14 @@
+diff -up dovecot-2.2.27/doc/mkcert.sh.mkcert-paths dovecot-2.2.27/doc/mkcert.sh
+--- dovecot-2.2.27/doc/mkcert.sh.mkcert-paths	2016-12-05 10:26:07.913515286 +0100
++++ dovecot-2.2.27/doc/mkcert.sh	2016-12-05 10:28:25.439634417 +0100
+@@ -5,8 +5,8 @@
+
+ umask 077
+ OPENSSL=${OPENSSL-openssl}
+-SSLDIR=${SSLDIR-/etc/ssl}
+-OPENSSLCONFIG=${OPENSSLCONFIG-dovecot-openssl.cnf}
++SSLDIR=${SSLDIR-/etc/pki/dovecot}
++OPENSSLCONFIG=${OPENSSLCONFIG-/etc/pki/dovecot/dovecot-openssl.cnf}
+
+ CERTDIR=$SSLDIR/certs
+ KEYDIR=$SSLDIR/private

SOURCES/dovecot-2.0-defaultconfig.patch

@@ -0,0 +1,34 @@
+diff -up dovecot-2.2.10/doc/example-config/conf.d/10-mail.conf.default-settings dovecot-2.2.10/doc/example-config/conf.d/10-mail.conf
+--- dovecot-2.2.10/doc/example-config/conf.d/10-mail.conf.default-settings	2013-04-23 12:33:55.000000000 +0200
++++ dovecot-2.2.10/doc/example-config/conf.d/10-mail.conf	2016-06-17 17:56:17.353210369 +0200
+@@ -165,7 +165,7 @@ namespace inbox {
+ # to make sure that users can't log in as daemons or other system users.
+ # Note that denying root logins is hardcoded to dovecot binary and can't
+ # be done even if first_valid_uid is set to 0.
+-#first_valid_uid = 500
++first_valid_uid = 1000
+ #last_valid_uid = 0
+
+ # Valid GID range for users, defaults to non-root/wheel. Users having
+@@ -286,6 +286,7 @@ namespace inbox {
+ # them simultaneously.
+ #mbox_read_locks = fcntl
+ #mbox_write_locks = dotlock fcntl
++mbox_write_locks = fcntl
+
+ # Maximum time to wait for lock (all of them) before aborting.
+ #mbox_lock_timeout = 5 mins
+diff -up dovecot-2.2.10/doc/example-config/conf.d/10-ssl.conf.default-settings dovecot-2.2.10/doc/example-config/conf.d/10-ssl.conf
+--- dovecot-2.2.10/doc/example-config/conf.d/10-ssl.conf.default-settings	2013-11-19 21:36:30.000000000 +0100
++++ dovecot-2.2.10/doc/example-config/conf.d/10-ssl.conf	2016-06-17 17:54:18.749626750 +0200
+@@ -3,7 +3,9 @@
+ ##
+
+ # SSL/TLS support: yes, no, required. <doc/wiki/SSL.txt>
+-#ssl = yes
++# disable plain pop3 and imap, allowed are only pop3+TLS, pop3s, imap+TLS and imaps
++# plain imap and pop3 are still allowed for local connections
++ssl = required
+
+ # PEM encoded X.509 SSL/TLS certificate and private key. They're opened before
+ # dropping root privileges, so keep the key file unreadable by anyone but

SOURCES/dovecot-2.1-privatetmp.patch

@@ -0,0 +1,11 @@
+diff -up dovecot-2.1.10/dovecot.service.in.privatetmp dovecot-2.1.10/dovecot.service.in
+--- dovecot-2.1.10/dovecot.service.in.privatetmp	2012-11-02 10:27:38.000000000 +0100
++++ dovecot-2.1.10/dovecot.service.in	2012-11-02 10:28:04.079320857 +0100
+@@ -6,6 +6,7 @@ After=local-fs.target network.target
+ Type=simple
+ ExecStart=@sbindir@/dovecot -F
+ ExecReload=/bin/kill -HUP $MAINPID
++PrivateTmp=true
+ NonBlocking=yes
+
+ [Install]

SOURCES/dovecot-2.1.10-waitonline.patch

@@ -0,0 +1,16 @@
+diff -up dovecot-2.2.36/dovecot.service.in.waitonline dovecot-2.2.36/dovecot.service.in
+--- dovecot-2.2.36/dovecot.service.in.waitonline	2018-04-30 15:52:05.000000000 +0200
++++ dovecot-2.2.36/dovecot.service.in	2018-06-12 15:34:22.459995078 +0200
+@@ -8,10 +8,11 @@
+ Description=Dovecot IMAP/POP3 email server
+ Documentation=man:dovecot(1)
+ Documentation=http://wiki2.dovecot.org/
+-After=local-fs.target network.target
++After=local-fs.target network.target network-online.target
+
+ [Service]
+ Type=forking
++ExecStartPre=/usr/libexec/dovecot/prestartscript
+ ExecStart=@sbindir@/dovecot
+ PIDFile=@rundir@/master.pid
+ ExecReload=@bindir@/doveadm reload

SOURCES/dovecot-2.2-gidcheck.patch

@@ -0,0 +1,59 @@
+From ca5b3ec5331545b46ec1f1c4ecfa1302ddb10653 Mon Sep 17 00:00:00 2001
+From: Timo Sirainen <timo.sirainen@dovecot.fi>
+Date: Wed, 29 Jun 2016 00:56:56 +0300
+Subject: [PATCH] auth: userdb passwd iteration now skips users not in
+ first/last_valid_gid range
+
+Patch by Michal Hlavinka / Red Hat
+---
+ src/auth/auth-settings.c | 4 ++++
+ src/auth/auth-settings.h | 2 ++
+ src/auth/userdb-passwd.c | 4 ++++
+ 3 files changed, 10 insertions(+)
+
+diff -up dovecot-2.2.36/src/auth/auth-settings.c.gidcheck dovecot-2.2.36/src/auth/auth-settings.c
+--- dovecot-2.2.36/src/auth/auth-settings.c.gidcheck	2018-04-30 15:52:05.000000000 +0200
++++ dovecot-2.2.36/src/auth/auth-settings.c	2018-09-17 12:17:13.132032699 +0200
+@@ -272,6 +272,8 @@ static const struct setting_define auth_
+	DEF_NOPREFIX(SET_BOOL, verbose_proctitle),
+	DEF_NOPREFIX(SET_UINT, first_valid_uid),
+	DEF_NOPREFIX(SET_UINT, last_valid_uid),
++	DEF_NOPREFIX(SET_UINT, first_valid_gid),
++	DEF_NOPREFIX(SET_UINT, last_valid_gid),
+
+	DEF_NOPREFIX(SET_STR, ssl_client_ca_dir),
+	DEF_NOPREFIX(SET_STR, ssl_client_ca_file),
+@@ -331,6 +333,8 @@ static const struct auth_settings auth_d
+	.verbose_proctitle = FALSE,
+	.first_valid_uid = 500,
+	.last_valid_uid = 0,
++	.first_valid_gid = 1,
++	.last_valid_gid = 0,
+ };
+
+ const struct setting_parser_info auth_setting_parser_info = {
+diff -up dovecot-2.2.36/src/auth/auth-settings.h.gidcheck dovecot-2.2.36/src/auth/auth-settings.h
+--- dovecot-2.2.36/src/auth/auth-settings.h.gidcheck	2018-04-30 15:52:05.000000000 +0200
++++ dovecot-2.2.36/src/auth/auth-settings.h	2018-09-17 12:13:30.540159133 +0200
+@@ -88,6 +88,8 @@ struct auth_settings {
+	bool verbose_proctitle;
+	unsigned int first_valid_uid;
+	unsigned int last_valid_uid;
++	unsigned int first_valid_gid;
++	unsigned int last_valid_gid;
+
+	/* generated: */
+	char username_chars_map[256];
+diff -up dovecot-2.2.36/src/auth/userdb-passwd.c.gidcheck dovecot-2.2.36/src/auth/userdb-passwd.c
+--- dovecot-2.2.36/src/auth/userdb-passwd.c.gidcheck	2018-04-30 15:52:05.000000000 +0200
++++ dovecot-2.2.36/src/auth/userdb-passwd.c	2018-09-17 12:13:30.540159133 +0200
+@@ -145,6 +145,10 @@ passwd_iterate_want_pw(struct passwd *pw
+		return FALSE;
+	if (pw->pw_uid > (uid_t)set->last_valid_uid && set->last_valid_uid != 0)
+		return FALSE;
++	if (pw->pw_gid < (gid_t)set->first_valid_gid)
++		return FALSE;
++	if (pw->pw_gid > (gid_t)set->last_valid_gid && set->last_valid_gid != 0)
++		return FALSE;
+	return TRUE;
+ }

SOURCES/dovecot-2.2.36-aclfix.patch

@@ -0,0 +1,13 @@
+diff -up dovecot-2.2.36/src/plugins/acl/acl-backend-vfile.c.aclfix dovecot-2.2.36/src/plugins/acl/acl-backend-vfile.c
+--- dovecot-2.2.36/src/plugins/acl/acl-backend-vfile.c.aclfix	2018-09-18 15:00:08.778823903 +0200
++++ dovecot-2.2.36/src/plugins/acl/acl-backend-vfile.c	2018-09-18 15:00:08.814823737 +0200
+@@ -161,8 +161,7 @@ acl_backend_vfile_object_init(struct acl
+	T_BEGIN {
+		if (*name == '\0' ||
+		    mailbox_list_is_valid_name(_backend->list, name, &error)) {
+-			vname = *name == '\0' ? "" :
+-				mailbox_list_get_vname(_backend->list, name);
++			vname = mailbox_list_get_vname(_backend->list, name);
+
+			dir = acl_backend_vfile_get_local_dir(_backend, name, vname);
+			aclobj->local_path = dir == NULL ? NULL :

SOURCES/dovecot-2.2.9-nodevrand.patch

@@ -0,0 +1,41 @@
+diff -up dovecot-2.2.9/src/lib-master/master-service.c.fixit dovecot-2.2.9/src/lib-master/master-service.c
+--- dovecot-2.2.9/src/lib-master/master-service.c.fixit	2013-11-24 14:37:39.000000000 +0100
++++ dovecot-2.2.9/src/lib-master/master-service.c	2013-11-27 17:52:48.802843395 +0100
+@@ -559,6 +559,11 @@ const char *master_service_get_name(stru
+	return service->name;
+ }
+
++const enum master_service_flags master_service_get_flags(struct master_service *service)
++{
++	return service->flags;
++}
++
+ void master_service_run(struct master_service *service,
+			master_service_connection_callback_t *callback)
+ {
+diff -up dovecot-2.2.9/src/lib-master/master-service.h.fixit dovecot-2.2.9/src/lib-master/master-service.h
+--- dovecot-2.2.9/src/lib-master/master-service.h.fixit	2013-11-24 14:37:39.000000000 +0100
++++ dovecot-2.2.9/src/lib-master/master-service.h	2013-11-27 17:53:05.329705614 +0100
+@@ -134,6 +134,8 @@ const char *master_service_get_version_s
+ /* Returns name of the service, as given in name parameter to _init(). */
+ const char *master_service_get_name(struct master_service *service);
+
++const enum master_service_flags master_service_get_flags(struct master_service *service);
++
+ /* Start the service. Blocks until finished */
+ void master_service_run(struct master_service *service,
+			master_service_connection_callback_t *callback)
+diff -up dovecot-2.2.9/src/ssl-params/main.c.fixit dovecot-2.2.9/src/ssl-params/main.c
+--- dovecot-2.2.9/src/ssl-params/main.c.fixit	2013-11-24 14:37:39.000000000 +0100
++++ dovecot-2.2.9/src/ssl-params/main.c	2013-11-27 17:51:06.664694558 +0100
+@@ -103,7 +103,10 @@ static void sig_chld(const siginfo_t *si
+	if (waitpid(-1, &status, WNOHANG) < 0)
+		i_error("waitpid() failed: %m");
+	else if (status != 0)
++	{
+		i_error("child process failed with status %d", status);
++		if(master_service_get_flags(master_service) & MASTER_SERVICE_FLAG_STANDALONE) exit(1);
++	}
+	else {
+		/* params should have been created now. try refreshing. */
+		ssl_params_refresh(param);

SOURCES/dovecot.conf.5

@@ -0,0 +1,19 @@
+.TH DOVECOT.CONF 5 2010/06/27 "dovecot" "File Formats and Conventions"
+.SH NAME
+\fBdovecot.conf\fP \- The configuration file for dovecot imap and pop3 server
+
+.SH FULL PATH
+.B /etc/dovecot.conf
+
+.SH DESCRIPTION
+The dovecot.conf file is a configuration file for the
+.BR dovecot (1)
+imap and pop3 server. The dovecot.conf configuration file contains description to all available options. Some of these options are described also in offline wiki documentation placed in /usr/share/doc/dovecot*/wiki/.
+
+For backup purposes unmodified version of dovecot.conf can be found in /usr/share/doc/dovecot-<version>/example-config/dovecot.conf.default
+
+.SH "SEE ALSO"
+.BR doveadm (1),
+.BR dovecot (1),
+.I /usr/share/doc/dovecot*/wiki/
+.I /usr/share/doc/dovecot*/dovecot.conf.default

SOURCES/dovecot.init

@@ -0,0 +1,107 @@
+#!/bin/bash
+#
+#	/etc/rc.d/init.d/dovecot
+#
+# Starts the dovecot daemon
+#
+# chkconfig: - 65 35
+# description: Dovecot Imap Server
+# processname: dovecot
+# config: /etc/dovecot.conf
+# config: /etc/sysconfig/dovecot
+# pidfile: /var/run/dovecot/master.pid
+
+### BEGIN INIT INFO
+# Provides: dovecot
+# Required-Start: $local_fs $network
+# Required-Stop: $local_fs $network
+# Should-Start: $remote_fs
+# Should-Stop: $remote_fs
+# Default-Start:
+# Default-Stop: 0 1 2 3 4 5 6
+# Short-Description: start and stop Dovecot Imap server
+# Description: Dovecot is an IMAP server for Linux/UNIX-like systems,
+#              written with security primarily in mind.  It also contains
+#              a small POP3 server.
+### END INIT INFO
+
+# Source function library.
+. /etc/init.d/functions
+
+if [ -f /etc/sysconfig/dovecot -a $UID -eq 0 ]; then
+    . /etc/sysconfig/dovecot
+fi
+
+RETVAL=0
+prog="Dovecot Imap"
+exec="/usr/sbin/dovecot"
+config="/etc/dovecot/dovecot.conf"
+pidfile="/var/run/dovecot/master.pid"
+lockfile="/var/lock/subsys/dovecot"
+
+start() {
+	[ $UID -eq 0 ] || exit 4
+	[ -x $exec ] || exit 5
+	[ -f $config ] || exit 6
+
+        echo -n $"Starting $prog: "
+	daemon --pidfile $pidfile $exec $OPTIONS
+	RETVAL=$?
+	[ $RETVAL -eq 0 ] && touch  $lockfile
+	echo
+}
+
+stop() {
+	[ $UID -eq 0 ] || exit 4
+	echo -n $"Stopping $prog: "
+	killproc -p $pidfile $exec
+	RETVAL=$?
+	[ $RETVAL -eq 0 ] && rm -f $lockfile
+	echo
+}
+
+reload() {
+	[ $UID -eq 0 ] || exit 4
+	echo -n $"Reloading $prog: "
+	killproc -p $pidfile $exec -HUP
+	RETVAL=$?
+	echo
+}
+
+#
+#	See how we were called.
+#
+case "$1" in
+  start)
+	start
+	;;
+  stop)
+	stop
+	;;
+  reload)
+	reload
+	;;
+  force-reload|restart)
+	stop
+	sleep 1
+	start
+	RETVAL=$?
+	;;
+  condrestart|try-restart)
+	if [ -f $lockfile ]; then
+	    stop
+	    sleep 3
+	    start
+	fi
+	;;
+  status)
+	status -p $pidfile $exec
+	RETVAL=$?
+	;;
+  *)
+	echo $"Usage: $0 {condrestart|try-restart|start|stop|restart|reload|force-reload|status}"
+	RETVAL=2
+	[ "$1" = 'usage' ] && RETVAL=0
+esac
+
+exit $RETVAL

SOURCES/dovecot.pam

@@ -0,0 +1,5 @@
+#%PAM-1.0
+auth       required     pam_nologin.so
+auth       include      password-auth
+account    include      password-auth
+session    include      password-auth

SOURCES/dovecot.sysconfig

@@ -0,0 +1,3 @@
+# Here you can specify your dovecot command line options.
+#
+#OPTIONS=""

SOURCES/dovecot.tmpfilesd

@@ -0,0 +1 @@
+d /var/run/dovecot 0755 root dovecot -