diff options
| author |   Eray Aslan <eras@gentoo.org> | 2013-06-26 16:19:02 +0000 |
|---|---|---|
| committer | Eray Aslan <eras@gentoo.org> | 2013-06-26 16:19:02 +0000 |
| commit | f5e022c003391c73645292b465edc022782ce0f3 (patch) | |
| tree | ed2e0b446c753d66fc49b3f25d71988c6f77ffa6 /net-mail | |
| parent | revbumps; add sec patches XSA-55, remove disused patches (diff) | |
| download | historical-f5e022c003391c73645292b465edc022782ce0f3.tar.gz historical-f5e022c003391c73645292b465edc022782ce0f3.tar.bz2 historical-f5e022c003391c73645292b465edc022782ce0f3.zip | |
Fix conflict with cyrus-sasl - bug #474862
Package-Manager: portage-2.2.0_alpha185/cvs/Linux x86_64
Manifest-Sign-Key: 0x77F1F175586A3B1F
Diffstat (limited to 'net-mail')
| -rw-r--r-- | net-mail/dovecot/ChangeLog | 8 | ||||
| -rw-r--r-- | net-mail/dovecot/Manifest | 30 | ||||
| -rw-r--r-- | net-mail/dovecot/dovecot-2.2.4-r1.ebuild | 284 | ||||
| -rw-r--r-- | net-mail/dovecot/files/cyrus-sasl.patch | 745 |
4 files changed, 1052 insertions, 15 deletions
diff --git a/net-mail/dovecot/ChangeLog b/net-mail/dovecot/ChangeLog index 307266d0a25f..fc8659b51cf9 100644 --- a/net-mail/dovecot/ChangeLog +++ b/net-mail/dovecot/ChangeLog @@ -1,6 +1,12 @@ # ChangeLog for net-mail/dovecot # Copyright 1999-2013 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/net-mail/dovecot/ChangeLog,v 1.436 2013/06/25 05:41:19 eras Exp $ +# $Header: /var/cvsroot/gentoo-x86/net-mail/dovecot/ChangeLog,v 1.437 2013/06/26 16:18:51 eras Exp $ + +*dovecot-2.2.4-r1 (26 Jun 2013) + + 26 Jun 2013; Eray Aslan <eras@gentoo.org> +dovecot-2.2.4-r1.ebuild, + +files/cyrus-sasl.patch: + Fix conflict with cyrus-sasl - bug #474862 *dovecot-2.2.4 (25 Jun 2013) diff --git a/net-mail/dovecot/Manifest b/net-mail/dovecot/Manifest index c9230e46f631..877baf2ca346 100644 --- a/net-mail/dovecot/Manifest +++ b/net-mail/dovecot/Manifest @@ -1,6 +1,7 @@ -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 +AUX cyrus-sasl.patch 23302 SHA256 3d6389e80bec08c2108bd930be84c71774c8bb9fb0e026213327d6fad6dd42df SHA512 67aeff6ee435f1487c2fde3dd77512be5a84cc5b8485429c6ca2618b8d22851c9b7ed6043fc1a31dc936b235c061ae1b04a50820ea67a6910ce0c95c2ae30dae WHIRLPOOL 970c9da53d2898ed0dd97cc47f211b8a0a325f2ebb2b6ee1457fa77b2b633af868a71fb817e17bd4a1b0a68195036bd2f44a7251a7e5df5c9291ff86dbd6e767 AUX dovecot-2.1.9_managesieve_gold.patch 1938 SHA256 e81efbc39b710d010a407a0f9863f3a41801bee6c4423a9c36c09c87e906cdae SHA512 17152599dda9a2d34f6a1e6a885dc0887db503d701e00d875878dfb594f3778f99e5194e98cf74c999c643b7faab314f224b9023f7e0cb038fbc25c1488aa216 WHIRLPOOL 2b125645dbd7a108c6646cf22aabb4d9695b4d7d156c7afafefffbb299ad7625aa7cf6119df81da28725f87e757da295bed8eb79e0c53ce86558ffbc8a4f3a2a AUX dovecot.init-r3 1609 SHA256 b4fb8ffb9aa7fd270d45512a657dcb5597ae5fe516b1f8e0078aa1892de8ecaa SHA512 957801c0e65153b0e0f394de8e6f6e66ae56427d64823e9937deaf98fda18ce82b2da6c4a0f42a2a46f8492923cf079b41c437b6b3558eeec0a81faa61c3c761 WHIRLPOOL 552a8333f7093727c6e67cce28abf730bb1bf3ed676895797e617308d1da133fd88636e34e080bebe81d8cadce2b9f0aa99f9e6d49ff2d69f7014a5fc6c3a499 AUX dovecot.init-r4 1609 SHA256 510ebab9dc59832502a9a23d48d12b6e81f3c51c52f5e6652b00b240f621d02e SHA512 9aa5040cd169bfa0dea382d839ef73454105d3befd1e904cef8d0a07eb260051f72f130ba250d716b9bf9b22af542907446e02c4ec92f1c229a2c0a9f560e2cc WHIRLPOOL 51726ed76100521e54470137dab9869537dcf49a58872614312295dff3efab53ac58da30b8bfaaf86677f47ef1e84019e47529226c0a736eed68cac6ce64ae40 @@ -26,23 +27,24 @@ EBUILD dovecot-2.2.1.ebuild 8563 SHA256 02723b5a19724ee045a2d0d5a06a6945038264d2 EBUILD dovecot-2.2.2-r1.ebuild 8637 SHA256 16159458a4d3ba6104c6120601b84e86069828bc1b582802237147bc870f1b97 SHA512 d2d081f70b059d43c07bd2b43cac5a8ab5be550ef71026d4bf35779cae2954244b88a348d8e4632cb192b27633a2a0be713bdfc9fcbaca37bbf42df306ed821a WHIRLPOOL 8a4b73d920e89636985302245c517ce9789dc88f30588a5d0821092746adcae4fd119613ff27edc8127cd054db78eecd7292a444a5ec3b752ebef01a3ad4bd0b EBUILD dovecot-2.2.2.ebuild 8563 SHA256 8cc32dd996b9aae9ab5d00f0d78b879ba536a60524627dd6f22c559e49b7fb93 SHA512 078f3ff658d39c4c26680c14b6efd71538d81f301b4e4e6cd40d5ddedf25f3d15aed83cd1e2b2fcac56d487e40f1f3545d9e6b04764025304f000f512650942b WHIRLPOOL 354963c06d1f9b13ddf8fa456bc015cc456e321bed6e036f2a1e8fdec8b51531c3877bc5944acfe0252c82a8c0cb09e7aa226262626a43ca7ae5d046ee22f16f EBUILD dovecot-2.2.3.ebuild 8631 SHA256 4355540dd4296ccdff76c11b35607a99200b43e666e91ae2c36b956a67a4cb4b SHA512 228ee923597ac923a14d36bc9cd09a146f1ce1ea9bea21daf26eae83360fcf6acbdbc66c740554e24bb3aae71c6d723649f228e2c07ac9782bd32dd6d0ced1f8 WHIRLPOOL d41548bc2bac191028aa0948ab07c4db5a110166040080c708e7b1c397c7b11610d019165f391dc4236e221881e29c3bacc6bcde7634da82fa2e68d825ab8856 +EBUILD dovecot-2.2.4-r1.ebuild 8772 SHA256 0ffd29103ef87de88952bb124346a6876fcb851b6b65582f00a873d5c0a49c57 SHA512 5b61facaaaac4ab9ca3ac947272c13d64fd5d388e5759c314817f58d521dfaa6694079f7333e1afeb9bea7586b8847714cf062ab85d55c27173dc6c33d25d739 WHIRLPOOL 9fbe15471ade1ac75699a4ee142d262dcff05391c90236a0cb97b0237288cc74b312a0d1d2acb4a4facecab05c831ca241c28dd65d1323c3f5b557c2020ca962 EBUILD dovecot-2.2.4.ebuild 8631 SHA256 58977abbfea2f5b989bcbbcf466ea8d1ce69e7307fbc3d63bd0b5d1ad0bf4e54 SHA512 8dca6b1714d32a4bd8cc5dd7b61b3db8f6ffe909ea6ebf9cc9e4402f6e884f683e5f073e917a76ebd16d9a9a3a75dc8fc5bc50ac24e059415062e08cc228ec9b WHIRLPOOL fa8fea3e53f32e741748b440b69126ad79823f16bc33a428ee1b30a4f974f9dab72170efb63a17113fe1b6d13c601d7285cf49af9fffe660fa432d96daee8364 -MISC ChangeLog 65085 SHA256 a998046087c27b550fd6a61a943755797b115c19ecddecdbe0e83478c697109f SHA512 a7fd46714a700fa15404171ca3a978964bed3ca5af8229ac37cfb5845bd1227057b89c1784aef75ca91236cb66cf7aa2b7b40ed3681492afd1f2dacd14e7cc49 WHIRLPOOL cbb2130f722084f3a173a8af5bf2d10370c617bf0144d9aa3b764a74f28ff9965c070a3ee0524019e2c23c3f1f6aaf70d7f0ea992af8d931e5b063d8abc5760e +MISC ChangeLog 65261 SHA256 fe50b9bbee00383725ca8c5c122e7f857972fda734f832a425bead855507cb5a SHA512 7716a235f521ad6a8e1ef76a0e5e53f81f745899301d21fcdb4e159bb951f72d494a23ba96875315a658fed782b7ee1ea24898d34794982d0066f60a7f2bac51 WHIRLPOOL 1c26324e0f94fdca5819a4f5d03ba9ee32b51b68736fef55578e77f8670c6aac23022e167aad8828496ef22e5ce2231176a720e6e6e078571b0b5915287e30c0 MISC metadata.xml 948 SHA256 ad1e5324e4ac307c9fd4acfaab4375a91399c3302c0bf7a358cc9b879953e64b SHA512 a58ed0e97a8ad182eed6a253b247a388e7e6a955ad0ec8c2c63469fa9c77d0af824bb00d959505cddda354ac434da3e22100cce7449556268ccf95fafe05f98b WHIRLPOOL c5977d6032ac360f22b723fe811e3c65988cbbc06952b222666166c074092bf4ef68465f19fe689282a74a1383c1bb99802711ff4d7b8501cb989d8989385fed -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.20 (GNU/Linux) -iQIcBAEBCAAGBQJRyS2KAAoJEHfx8XVYajsf0K0P/1Tr1QSq5WzeZhRO6jePbwUO -VtuyIgLdo1HdVeNMilN39zIstDi6mij/MVYNQejJXPzAJ86w7JrZ9jb/7HAfV+Bo -IkvNNxWQ9pnb9BIAzZ21DUQbgOh/N8kiCtaE3smuYXnYxCk98nQMevqEOAmw2fJ0 -LfA1wxtERoKm9lo/2ku9+8DX4RVILjzQtQVdMLK4Ir/q1dO5rnbt51bbRAuQvAQm -zeMe9xkIF3gq7nFl9EljlEo0F2Gobmchco1NYnizIOH3qzjhgVJqvdoL061vB2b5 -LBEc+hESuUnKVw12eBRBYi/8pFHfBAnIetFno7nS8xKgp6y3MyFXbffLz3ZftVrj -S5N+Z/3zflsHJQzCVYx5gqo2MPqkppI4CxT5kqwVu7wTGJ5NvTDW+tclORVL0po+ -LpUykJ9crpFfd6NnFHbJCFerwHkEdGHsN0/TdyyaXEokMHT+NqCtUHeY957fTCKb -Ppq0a5CwXjO7giObFnp2Pj7ZrVGUj2q3Lx07bdTUz3KjjVvn/Da97oEVBsJQoJff -K1nabgaWVp5UNriBtBhnA523aIRBl9dEb/KR/P0nRFZWtANRd4+asPH7nKWPKnD0 -Uzfftsi3zUQ8GrHA4vG0d2bKK23ruTHSCad6+/Kb0b6o3k5cD97I+frEBiMCyI9c -gVw0czxVNEyU9c6UaXBo -=usD+ +iQIcBAEBCAAGBQJRyxR4AAoJEHfx8XVYajsfI14P/3XLthiyBaXxsW5ScgUZ8OwY +GwwnOx3vqq1FxDnNuZEnahu2OnFs49eaaPVvcnLQ/0lKlP6zuL6Dk7rMQGbAWNoS +4/GsH5PtNLzhuLw/3xgQFT9cmU0EQDuiJNvAQx8bwOmr4+xG3Su0hMWcFHfAK9PX +MhZT9pKT0GtcEkTIUyKlI2CA5dtyzCycIusp5HB3oqbZ1f+QR9pw4NUnRez8ObNQ +O0aaZmybTrKancAQIfT8Xhcmambtahzsz507XWc21tqtkKNGtIRX9aN+Y9Jt1Rlm +POdT/uIJPGVeBZ6ZznZJJK4e3EmLg1Nv4pFwQRU4G/lnlN0jGmwfzOWeyF5f/nfn +61nBMYX2mMEgp+v/tAhts7XeuYflA7vZ/6hcHxQPFasQOinTNPw8wsoS5+TWaUqN +ujP9gUxJv/6Pikrp+CTuUkajV9sIwlS6dlGfzpx913oFq60r/MtMjYR9MPJ7g9X7 +OsgtPW7/pHBA3NMyMdiuC3gqYo59uyANpFh+BLArCEX29cLmaO+mFJKf8FL+zUFS +TKMH3r4SyjQvfIxm60XW9g11nvlSihMPPx9xtrriOny1IX7gCgVNvE8oztnag2yB +Bp70kWArvrR2OmqsIkptA5JdevQNfRW4Qe3dJNk0dpwurT37BkqDBAZSBQGwPcZL +v0og9nrQid8aMS4EXs3v +=fjFe -----END PGP SIGNATURE----- diff --git a/net-mail/dovecot/dovecot-2.2.4-r1.ebuild b/net-mail/dovecot/dovecot-2.2.4-r1.ebuild new file mode 100644 index 000000000000..321b417db0bb --- /dev/null +++ b/net-mail/dovecot/dovecot-2.2.4-r1.ebuild @@ -0,0 +1,284 @@ +# Copyright 1999-2013 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/net-mail/dovecot/dovecot-2.2.4-r1.ebuild,v 1.1 2013/06/26 16:18:51 eras Exp $ + +EAPI=5 +inherit autotools eutils multilib ssl-cert systemd user versionator + +MY_P="${P/_/.}" +major_minor="$(get_version_component_range 1-2)" +sieve_version="0.4.0" +SRC_URI="http://dovecot.org/releases/${major_minor}/${MY_P}.tar.gz + sieve? ( + http://www.rename-it.nl/dovecot/${major_minor}/${PN}-${major_minor}-pigeonhole-${sieve_version}.tar.gz + ) + managesieve? ( + http://www.rename-it.nl/dovecot/${major_minor}/${PN}-${major_minor}-pigeonhole-${sieve_version}.tar.gz + ) " +DESCRIPTION="An IMAP and POP3 server written with security primarily in mind" +HOMEPAGE="http://www.dovecot.org/" + +SLOT="0" +LICENSE="LGPL-2.1 MIT" +KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86" + +IUSE_DOVECOT_AUTH="kerberos ldap mysql pam postgres sqlite vpopmail" +IUSE_DOVECOT_STORAGE="cydir imapc +maildir mbox mdbox pop3c sdbox" +IUSE_DOVECOT_OTHER="bzip2 caps doc ipv6 lucene managesieve selinux sieve solr +ssl static-libs suid tcpd zlib" + +IUSE="${IUSE_DOVECOT_AUTH} ${IUSE_DOVECOT_STORAGE} ${IUSE_DOVECOT_OTHER}" + +DEPEND="caps? ( sys-libs/libcap ) + kerberos? ( virtual/krb5 ) + ldap? ( net-nds/openldap ) + lucene? ( >=dev-cpp/clucene-2.3 ) + mysql? ( virtual/mysql ) + pam? ( virtual/pam ) + postgres? ( dev-db/postgresql-base !dev-db/postgresql-base[ldap,threads] ) + selinux? ( sec-policy/selinux-dovecot ) + solr? ( net-misc/curl dev-libs/expat ) + sqlite? ( dev-db/sqlite ) + ssl? ( dev-libs/openssl ) + tcpd? ( sys-apps/tcp-wrappers ) + vpopmail? ( net-mail/vpopmail ) + virtual/libiconv" + +RDEPEND="${DEPEND} + net-mail/mailbase" + +S=${WORKDIR}/${MY_P} + +pkg_setup() { + if use managesieve && ! use sieve; then + ewarn "managesieve USE flag selected but sieve USE flag unselected" + ewarn "sieve USE flag will be turned on" + fi + # default internal user + enewgroup dovecot 97 + enewuser dovecot 97 -1 /dev/null dovecot + # default login user + enewuser dovenull -1 -1 /dev/null + # add "mail" group for suid'ing. Better security isolation. + if use suid; then + enewgroup mail + fi +} + +src_prepare() { + epatch "${FILESDIR}/cyrus-sasl.patch" + sed -i -e '1iACLOCAL_AMFLAGS = -I .' Makefile.am || die + eautoreconf +} + +src_configure() { + local conf="" + + if use postgres || use mysql || use sqlite; then + conf="${conf} --with-sql" + fi + + local storages="" + for storage in ${IUSE_DOVECOT_STORAGE//+/}; do + use ${storage} && storages="${storage} ${storages}" + done + [ "${storages}" ] || storages="maildir" + + # turn valgrind tests off. Bug #340791 + VALGRIND=no econf \ + --localstatedir="${EPREFIX}/var" \ + --with-moduledir="${EPREFIX}/usr/$(get_libdir)/dovecot" \ + --without-stemmer \ + --with-storages="${storages}" \ + --disable-rpath \ + $( systemd_with_unitdir ) \ + $( use_with bzip2 bzlib ) \ + $( use_with caps libcap ) \ + $( use_with kerberos gssapi ) \ + $( use_with ldap ) \ + $( use_with lucene ) \ + $( use_with mysql ) \ + $( use_with pam ) \ + $( use_with postgres pgsql ) \ + $( use_with sqlite ) \ + $( use_with solr ) \ + $( use_with ssl ) \ + $( use_with tcpd libwrap ) \ + $( use_with vpopmail ) \ + $( use_with zlib ) \ + $( use_enable static-libs static ) \ + ${conf} + + if use sieve || use managesieve ; then + # The sieve plugin needs this file to be build to determine the plugin + # directory and the list of libraries to link to. + emake dovecot-config + cd "../dovecot-${major_minor}-pigeonhole-${sieve_version}" || die "cd failed" + econf \ + $( use_enable static-libs static ) \ + --localstatedir="${EPREFIX}/var" \ + --enable-shared \ + --with-dovecot="../${MY_P}" \ + $( use_with managesieve ) + fi +} + +src_compile() { + default + if use sieve || use managesieve ; then + cd "../dovecot-${major_minor}-pigeonhole-${sieve_version}" || die "cd failed" + emake CC="$(tc-getCC)" CFLAGS="${CFLAGS}" + fi +} + +src_test() { + default + if use sieve || use managesieve ; then + cd "../dovecot-${major_minor}-pigeonhole-${sieve_version}" || die "cd failed" + default + fi +} + +src_install () { + default + + # insecure: + # use suid && fperms u+s /usr/libexec/dovecot/deliver + # better: + if use suid;then + einfo "Changing perms to allow deliver to be suided" + fowners root:mail "${EPREFIX}/usr/libexec/dovecot/dovecot-lda" + fperms 4750 "${EPREFIX}/usr/libexec/dovecot/dovecot-lda" + fi + + newinitd "${FILESDIR}"/dovecot.init-r4 dovecot + + rm -rf "${ED}"/usr/share/doc/dovecot + + dodoc AUTHORS NEWS README TODO + dodoc doc/*.{txt,cnf,xml,sh} + docinto example-config + dodoc doc/example-config/*.{conf,ext} + docinto example-config/conf.d + dodoc doc/example-config/conf.d/*.{conf,ext} + docinto wiki + dodoc doc/wiki/* + doman doc/man/*.{1,7} + + # Create the dovecot.conf file from the dovecot-example.conf file that + # the dovecot folks nicely left for us.... + local conf="${ED}/etc/dovecot/dovecot.conf" + local confd="${ED}/etc/dovecot/conf.d" + + insinto /etc/dovecot + doins doc/example-config/*.{conf,ext} + insinto /etc/dovecot/conf.d + doins doc/example-config/conf.d/*.{conf,ext} + fperms 0600 "${EPREFIX}"/etc/dovecot/dovecot-{ldap,sql}.conf.ext + rm -f "${confd}/../README" + + # .maildir is the Gentoo default + local mail_location="maildir:~/.maildir" + if ! use maildir; then + if use mbox; then + mail_location="mbox:/var/spool/mail/%u:INDEX=/var/dovecot/%u" + keepdir /var/dovecot + sed -i -e 's|#mail_privileged_group =|mail_privileged_group = mail|' \ + "${confd}/10-mail.conf" || die "sed failed" + elif use mdbox ; then + mail_location="mdbox:~/.mdbox" + elif use sdbox ; then + mail_location="sdbox:~/.sdbox" + fi + fi + sed -i -e \ + "s|#mail_location =|mail_location = ${mail_location}|" \ + "${confd}/10-mail.conf" \ + || die "failed to update mail location settings in 10-mail.conf" + + # We're using pam files (imap and pop3) provided by mailbase + if use pam; then + sed -i -e '/driver = pam/,/^[ \t]*}/ s|#args = dovecot|args = "\*"|' \ + "${confd}/auth-system.conf.ext" \ + || die "failed to update PAM settings in auth-system.conf.ext" + # mailbase does not provide a sieve pam file + use managesieve && dosym imap /etc/pam.d/sieve + sed -i -e \ + 's/#!include auth-system.conf.ext/!include auth-system.conf.ext/' \ + "${confd}/10-auth.conf" \ + || die "failed to update PAM settings in 10-auth.conf" + fi + + # Disable ipv6 if necessary + if ! use ipv6; then + sed -i -e 's/^#listen = \*, ::/listen = \*/g' "${conf}" \ + || die "failed to update listen settings in dovecot.conf" + fi + + # Update ssl cert locations + if use ssl; then + sed -i -e 's:^#ssl = yes:ssl = yes:' "${confd}/10-ssl.conf" \ + || die "ssl conf failed" + sed -i -e 's:^ssl_cert =.*:ssl_cert = </etc/ssl/dovecot/server.pem:' \ + -e 's:^ssl_key =.*:ssl_key = </etc/ssl/dovecot/server.key:' \ + "${confd}/10-ssl.conf" || die "failed to update SSL settings in 10-ssl.conf" + fi + + # Install SQL configuration + if use mysql || use postgres; then + sed -i -e \ + 's/#!include auth-sql.conf.ext/!include auth-sql.conf.ext/' \ + "${confd}/10-auth.conf" || die "failed to update SQL settings in \ + 10-auth.conf" + fi + + # Install LDAP configuration + if use ldap; then + sed -i -e \ + 's/#!include auth-ldap.conf.ext/!include auth-ldap.conf.ext/' \ + "${confd}/10-auth.conf" \ + || die "failed to update ldap settings in 10-auth.conf" + fi + + if use vpopmail; then + sed -i -e \ + 's/#!include auth-vpopmail.conf.ext/!include auth-vpopmail.conf.ext/' \ + "${confd}/10-auth.conf" \ + || die "failed to update vpopmail settings in 10-auth.conf" + fi + + if use sieve || use managesieve ; then + cd "../dovecot-${major_minor}-pigeonhole-${sieve_version}" || die "cd failed" + emake DESTDIR="${ED}" install + sed -i -e \ + 's/^[[:space:]]*#mail_plugins = $mail_plugins/mail_plugins = sieve/' "${confd}/15-lda.conf" \ + || die "failed to update sieve settings in 15-lda.conf" + rm -rf "${ED}"/usr/share/doc/dovecot + dodoc doc/*.txt + docinto example-config/conf.d + dodoc doc/example-config/conf.d/*.conf + insinto /etc/dovecot/conf.d + doins doc/example-config/conf.d/90-sieve{,-extprograms}.conf + use managesieve && doins doc/example-config/conf.d/20-managesieve.conf + docinto sieve/rfc + dodoc doc/rfc/*.txt + docinto sieve/devel + dodoc doc/devel/DESIGN + doman doc/man/*.{1,7} + fi + + use static-libs || find "${ED}"/usr/lib* -name '*.la' -delete +} + +pkg_postinst() { + if use ssl; then + # Let's not make a new certificate if we already have one + if ! [[ -e "${ROOT}"/etc/ssl/dovecot/server.pem && \ + -e "${ROOT}"/etc/ssl/dovecot/server.key ]]; then + einfo "Creating SSL certificate" + SSL_ORGANIZATION="${SSL_ORGANIZATION:-Dovecot IMAP Server}" + install_cert /etc/ssl/dovecot/server + fi + fi + + elog "Please read http://wiki2.dovecot.org/Upgrading/ for upgrade notes." +} diff --git a/net-mail/dovecot/files/cyrus-sasl.patch b/net-mail/dovecot/files/cyrus-sasl.patch new file mode 100644 index 000000000000..66626f8b77d3 --- /dev/null +++ b/net-mail/dovecot/files/cyrus-sasl.patch @@ -0,0 +1,745 @@ +# Gentoo Bug #474862 +# HG changeset patch +# User Timo Sirainen <tss@iki.fi> +# Date 1372246654 -10800 +# Node ID 2dd27b0e7e49785f4a2257a2b0933bc028ea9975 +# Parent d6b18c237be50b8327f068e918d297906e06ba6d +lib-sasl: Use dsasl_ prefix so we don't conflict with Cyrus SASL library. + +diff -r d6b18c237be5 -r 2dd27b0e7e49 src/imap-login/imap-proxy.c +--- a/src/imap-login/imap-proxy.c Tue Jun 25 16:03:04 2013 +0300 ++++ b/src/imap-login/imap-proxy.c Wed Jun 26 14:37:34 2013 +0300 +@@ -9,7 +9,7 @@ + #include "str.h" + #include "str-sanitize.h" + #include "safe-memset.h" +-#include "sasl-client.h" ++#include "dsasl-client.h" + #include "client.h" + #include "client-authenticate.h" + #include "imap-resp-code.h" +@@ -58,7 +58,7 @@ + + static int proxy_write_login(struct imap_client *client, string_t *str) + { +- struct sasl_client_settings sasl_set; ++ struct dsasl_client_settings sasl_set; + const unsigned char *output; + unsigned int len; + const char *mech_name, *error; +@@ -85,14 +85,14 @@ + sasl_set.authzid = client->common.proxy_user; + sasl_set.password = client->common.proxy_password; + client->common.proxy_sasl_client = +- sasl_client_new(client->common.proxy_mech, &sasl_set); +- mech_name = sasl_client_mech_get_name(client->common.proxy_mech); ++ dsasl_client_new(client->common.proxy_mech, &sasl_set); ++ mech_name = dsasl_client_mech_get_name(client->common.proxy_mech); + + str_append(str, "L AUTHENTICATE "); + str_append(str, mech_name); + if (client->proxy_sasl_ir) { +- if (sasl_client_output(client->common.proxy_sasl_client, +- &output, &len, &error) < 0) { ++ if (dsasl_client_output(client->common.proxy_sasl_client, ++ &output, &len, &error) < 0) { + client_log_err(&client->common, t_strdup_printf( + "proxy: SASL mechanism %s init failed: %s", + mech_name, error)); +@@ -226,11 +226,11 @@ + client_proxy_failed(client, TRUE); + return -1; + } +- ret = sasl_client_input(client->proxy_sasl_client, +- str_data(str), str_len(str), &error); ++ ret = dsasl_client_input(client->proxy_sasl_client, ++ str_data(str), str_len(str), &error); + if (ret == 0) { +- ret = sasl_client_output(client->proxy_sasl_client, +- &data, &data_len, &error); ++ ret = dsasl_client_output(client->proxy_sasl_client, ++ &data, &data_len, &error); + } + if (ret < 0) { + client_log_err(client, t_strdup_printf( +diff -r d6b18c237be5 -r 2dd27b0e7e49 src/lib-sasl/Makefile.am +--- a/src/lib-sasl/Makefile.am Tue Jun 25 16:03:04 2013 +0300 ++++ b/src/lib-sasl/Makefile.am Wed Jun 26 14:37:34 2013 +0300 +@@ -6,11 +6,11 @@ + libsasl_la_SOURCES = \ + mech-login.c \ + mech-plain.c \ +- sasl-client.c ++ dsasl-client.c + + headers = \ +- sasl-client.h \ +- sasl-client-private.h ++ dsasl-client.h \ ++ dsasl-client-private.h + + pkginc_libdir=$(pkgincludedir) + pkginc_lib_HEADERS = $(headers) +diff -r d6b18c237be5 -r 2dd27b0e7e49 src/lib-sasl/dsasl-client-private.h +--- /dev/null Thu Jan 01 00:00:00 1970 +0000 ++++ b/src/lib-sasl/dsasl-client-private.h Wed Jun 26 14:37:34 2013 +0300 +@@ -0,0 +1,33 @@ ++#ifndef DSASL_CLIENT_PRIVATE_H ++#define DSASL_CLIENT_PRIVATE_H ++ ++#include "dsasl-client.h" ++ ++struct dsasl_client { ++ pool_t pool; ++ struct dsasl_client_settings set; ++ char *password; ++ const struct dsasl_client_mech *mech; ++}; ++ ++struct dsasl_client_mech { ++ const char *name; ++ size_t struct_size; ++ ++ int (*input)(struct dsasl_client *client, ++ const unsigned char *input, ++ unsigned int input_len, ++ const char **error_r); ++ int (*output)(struct dsasl_client *client, ++ const unsigned char **output_r, ++ unsigned int *output_len_r, ++ const char **error_r); ++ void (*free)(struct dsasl_client *client); ++}; ++ ++extern const struct dsasl_client_mech dsasl_client_mech_login; ++ ++void dsasl_client_mech_register(const struct dsasl_client_mech *mech); ++void dsasl_client_mech_unregister(const struct dsasl_client_mech *mech); ++ ++#endif +diff -r d6b18c237be5 -r 2dd27b0e7e49 src/lib-sasl/dsasl-client.c +--- /dev/null Thu Jan 01 00:00:00 1970 +0000 ++++ b/src/lib-sasl/dsasl-client.c Wed Jun 26 14:37:34 2013 +0300 +@@ -0,0 +1,104 @@ ++/* Copyright (c) 2013 Dovecot authors, see the included COPYING file */ ++ ++#include "lib.h" ++#include "array.h" ++#include "safe-memset.h" ++#include "dsasl-client-private.h" ++ ++static ARRAY(const struct dsasl_client_mech *) dsasl_mechanisms = ARRAY_INIT; ++ ++static const struct dsasl_client_mech * ++dsasl_client_mech_find_idx(const char *name, unsigned int *idx_r) ++{ ++ const struct dsasl_client_mech *const *mechp; ++ ++ array_foreach(&dsasl_mechanisms, mechp) { ++ if (strcasecmp((*mechp)->name, name) == 0) { ++ *idx_r = array_foreach_idx(&dsasl_mechanisms, mechp); ++ return *mechp; ++ } ++ } ++ return NULL; ++} ++ ++const struct dsasl_client_mech *dsasl_client_mech_find(const char *name) ++{ ++ unsigned int idx; ++ ++ return dsasl_client_mech_find_idx(name, &idx); ++} ++ ++const char *dsasl_client_mech_get_name(const struct dsasl_client_mech *mech) ++{ ++ return mech->name; ++} ++ ++void dsasl_client_mech_register(const struct dsasl_client_mech *mech) ++{ ++ array_append(&dsasl_mechanisms, &mech, 1); ++} ++ ++void dsasl_client_mech_unregister(const struct dsasl_client_mech *mech) ++{ ++ unsigned int idx; ++ ++ if (dsasl_client_mech_find_idx(mech->name, &idx) == NULL) ++ i_panic("SASL mechanism not registered: %s", mech->name); ++ array_delete(&dsasl_mechanisms, idx, 1); ++} ++ ++struct dsasl_client *dsasl_client_new(const struct dsasl_client_mech *mech, ++ const struct dsasl_client_settings *set) ++{ ++ struct dsasl_client *client; ++ pool_t pool = pool_alloconly_create("sasl client", 512); ++ ++ client = p_malloc(pool, mech->struct_size); ++ client->pool = pool; ++ client->mech = mech; ++ client->set.authid = p_strdup(pool, set->authid); ++ client->set.authzid = p_strdup(pool, set->authzid); ++ client->password = p_strdup(pool, set->password); ++ client->set.password = client->password; ++ return client; ++} ++ ++void dsasl_client_free(struct dsasl_client **_client) ++{ ++ struct dsasl_client *client = *_client; ++ ++ *_client = NULL; ++ ++ if (client->mech->free != NULL) ++ client->mech->free(client); ++ safe_memset(client->password, 0, strlen(client->password)); ++ pool_unref(&client->pool); ++} ++ ++int dsasl_client_input(struct dsasl_client *client, ++ const unsigned char *input, ++ unsigned int input_len, ++ const char **error_r) ++{ ++ return client->mech->input(client, input, input_len, error_r); ++} ++ ++int dsasl_client_output(struct dsasl_client *client, ++ const unsigned char **output_r, ++ unsigned int *output_len_r, ++ const char **error_r) ++{ ++ return client->mech->output(client, output_r, output_len_r, error_r); ++} ++ ++void dsasl_clients_init(void) ++{ ++ i_array_init(&dsasl_mechanisms, 8); ++ dsasl_client_mech_register(&dsasl_client_mech_plain); ++ dsasl_client_mech_register(&dsasl_client_mech_login); ++} ++ ++void dsasl_clients_deinit(void) ++{ ++ array_free(&dsasl_mechanisms); ++} +diff -r d6b18c237be5 -r 2dd27b0e7e49 src/lib-sasl/dsasl-client.h +--- /dev/null Thu Jan 01 00:00:00 1970 +0000 ++++ b/src/lib-sasl/dsasl-client.h Wed Jun 26 14:37:34 2013 +0300 +@@ -0,0 +1,39 @@ ++#ifndef DSASL_CLIENT_H ++#define DSASL_CLIENT_H ++ ++struct dsasl_client_settings { ++ /* authentication ID - must be set with most mechanisms */ ++ const char *authid; ++ /* authorization ID (who to log in as, if authentication ID is a ++ master user) */ ++ const char *authzid; ++ /* password - must be set with most mechanisms */ ++ const char *password; ++}; ++ ++/* PLAIN mechanism always exists and can be accessed directly via this. */ ++extern const struct dsasl_client_mech dsasl_client_mech_plain; ++ ++const struct dsasl_client_mech *dsasl_client_mech_find(const char *name); ++const char *dsasl_client_mech_get_name(const struct dsasl_client_mech *mech); ++ ++struct dsasl_client *dsasl_client_new(const struct dsasl_client_mech *mech, ++ const struct dsasl_client_settings *set); ++void dsasl_client_free(struct dsasl_client **client); ++ ++/* Call for server input. */ ++int dsasl_client_input(struct dsasl_client *client, ++ const unsigned char *input, ++ unsigned int input_len, ++ const char **error_r); ++/* Call for getting server output. Also used to get the initial SASL response ++ if supported by the protocol. */ ++int dsasl_client_output(struct dsasl_client *client, ++ const unsigned char **output_r, ++ unsigned int *output_len_r, ++ const char **error_r); ++ ++void dsasl_clients_init(void); ++void dsasl_clients_deinit(void); ++ ++#endif +diff -r d6b18c237be5 -r 2dd27b0e7e49 src/lib-sasl/mech-login.c +--- a/src/lib-sasl/mech-login.c Tue Jun 25 16:03:04 2013 +0300 ++++ b/src/lib-sasl/mech-login.c Wed Jun 26 14:37:34 2013 +0300 +@@ -2,7 +2,7 @@ + + #include "lib.h" + #include "str.h" +-#include "sasl-client-private.h" ++#include "dsasl-client-private.h" + + enum login_state { + STATE_INIT = 0, +@@ -10,18 +10,19 @@ + STATE_PASS + }; + +-struct login_sasl_client { +- struct sasl_client client; ++struct login_dsasl_client { ++ struct dsasl_client client; + enum login_state state; + }; + + static int +-mech_login_input(struct sasl_client *_client, ++mech_login_input(struct dsasl_client *_client, + const unsigned char *input ATTR_UNUSED, + unsigned int input_len ATTR_UNUSED, + const char **error_r) + { +- struct login_sasl_client *client = (struct login_sasl_client *)_client; ++ struct login_dsasl_client *client = ++ (struct login_dsasl_client *)_client; + + if (client->state == STATE_PASS) { + *error_r = "Server didn't finish authentication"; +@@ -32,11 +33,12 @@ + } + + static int +-mech_login_output(struct sasl_client *_client, ++mech_login_output(struct dsasl_client *_client, + const unsigned char **output_r, unsigned int *output_len_r, + const char **error_r) + { +- struct login_sasl_client *client = (struct login_sasl_client *)_client; ++ struct login_dsasl_client *client = ++ (struct login_dsasl_client *)_client; + + if (_client->set.authid == NULL) { + *error_r = "authid not set"; +@@ -64,9 +66,9 @@ + i_unreached(); + } + +-const struct sasl_client_mech sasl_client_mech_login = { ++const struct dsasl_client_mech dsasl_client_mech_login = { + .name = "LOGIN", +- .struct_size = sizeof(struct login_sasl_client), ++ .struct_size = sizeof(struct login_dsasl_client), + + .input = mech_login_input, + .output = mech_login_output +diff -r d6b18c237be5 -r 2dd27b0e7e49 src/lib-sasl/mech-plain.c +--- a/src/lib-sasl/mech-plain.c Tue Jun 25 16:03:04 2013 +0300 ++++ b/src/lib-sasl/mech-plain.c Wed Jun 26 14:37:34 2013 +0300 +@@ -2,19 +2,20 @@ + + #include "lib.h" + #include "str.h" +-#include "sasl-client-private.h" ++#include "dsasl-client-private.h" + +-struct plain_sasl_client { +- struct sasl_client client; ++struct plain_dsasl_client { ++ struct dsasl_client client; + bool output_sent; + }; + + static int +-mech_plain_input(struct sasl_client *_client, ++mech_plain_input(struct dsasl_client *_client, + const unsigned char *input ATTR_UNUSED, unsigned int input_len, + const char **error_r) + { +- struct plain_sasl_client *client = (struct plain_sasl_client *)_client; ++ struct plain_dsasl_client *client = ++ (struct plain_dsasl_client *)_client; + + if (!client->output_sent) { + if (input_len > 0) { +@@ -29,11 +30,12 @@ + } + + static int +-mech_plain_output(struct sasl_client *_client, ++mech_plain_output(struct dsasl_client *_client, + const unsigned char **output_r, unsigned int *output_len_r, + const char **error_r) + { +- struct plain_sasl_client *client = (struct plain_sasl_client *)_client; ++ struct plain_dsasl_client *client = ++ (struct plain_dsasl_client *)_client; + string_t *str; + + if (_client->set.authid == NULL) { +@@ -59,9 +61,9 @@ + return 0; + } + +-const struct sasl_client_mech sasl_client_mech_plain = { ++const struct dsasl_client_mech dsasl_client_mech_plain = { + .name = "PLAIN", +- .struct_size = sizeof(struct plain_sasl_client), ++ .struct_size = sizeof(struct plain_dsasl_client), + + .input = mech_plain_input, + .output = mech_plain_output +diff -r d6b18c237be5 -r 2dd27b0e7e49 src/lib-sasl/sasl-client-private.h +--- a/src/lib-sasl/sasl-client-private.h Tue Jun 25 16:03:04 2013 +0300 ++++ /dev/null Thu Jan 01 00:00:00 1970 +0000 +@@ -1,33 +0,0 @@ +-#ifndef SASL_CLIENT_PRIVATE_H +-#define SASL_CLIENT_PRIVATE_H +- +-#include "sasl-client.h" +- +-struct sasl_client { +- pool_t pool; +- struct sasl_client_settings set; +- char *password; +- const struct sasl_client_mech *mech; +-}; +- +-struct sasl_client_mech { +- const char *name; +- size_t struct_size; +- +- int (*input)(struct sasl_client *client, +- const unsigned char *input, +- unsigned int input_len, +- const char **error_r); +- int (*output)(struct sasl_client *client, +- const unsigned char **output_r, +- unsigned int *output_len_r, +- const char **error_r); +- void (*free)(struct sasl_client *client); +-}; +- +-extern const struct sasl_client_mech sasl_client_mech_login; +- +-void sasl_client_mech_register(const struct sasl_client_mech *mech); +-void sasl_client_mech_unregister(const struct sasl_client_mech *mech); +- +-#endif +diff -r d6b18c237be5 -r 2dd27b0e7e49 src/lib-sasl/sasl-client.c +--- a/src/lib-sasl/sasl-client.c Tue Jun 25 16:03:04 2013 +0300 ++++ /dev/null Thu Jan 01 00:00:00 1970 +0000 +@@ -1,104 +0,0 @@ +-/* Copyright (c) 2013 Dovecot authors, see the included COPYING file */ +- +-#include "lib.h" +-#include "array.h" +-#include "safe-memset.h" +-#include "sasl-client-private.h" +- +-static ARRAY(const struct sasl_client_mech *) sasl_mechanisms = ARRAY_INIT; +- +-static const struct sasl_client_mech * +-sasl_client_mech_find_idx(const char *name, unsigned int *idx_r) +-{ +- const struct sasl_client_mech *const *mechp; +- +- array_foreach(&sasl_mechanisms, mechp) { +- if (strcasecmp((*mechp)->name, name) == 0) { +- *idx_r = array_foreach_idx(&sasl_mechanisms, mechp); +- return *mechp; +- } +- } +- return NULL; +-} +- +-const struct sasl_client_mech *sasl_client_mech_find(const char *name) +-{ +- unsigned int idx; +- +- return sasl_client_mech_find_idx(name, &idx); +-} +- +-const char *sasl_client_mech_get_name(const struct sasl_client_mech *mech) +-{ +- return mech->name; +-} +- +-void sasl_client_mech_register(const struct sasl_client_mech *mech) +-{ +- array_append(&sasl_mechanisms, &mech, 1); +-} +- +-void sasl_client_mech_unregister(const struct sasl_client_mech *mech) +-{ +- unsigned int idx; +- +- if (sasl_client_mech_find_idx(mech->name, &idx) == NULL) +- i_panic("SASL mechanism not registered: %s", mech->name); +- array_delete(&sasl_mechanisms, idx, 1); +-} +- +-struct sasl_client *sasl_client_new(const struct sasl_client_mech *mech, +- const struct sasl_client_settings *set) +-{ +- struct sasl_client *client; +- pool_t pool = pool_alloconly_create("sasl client", 512); +- +- client = p_malloc(pool, mech->struct_size); +- client->pool = pool; +- client->mech = mech; +- client->set.authid = p_strdup(pool, set->authid); +- client->set.authzid = p_strdup(pool, set->authzid); +- client->password = p_strdup(pool, set->password); +- client->set.password = client->password; +- return client; +-} +- +-void sasl_client_free(struct sasl_client **_client) +-{ +- struct sasl_client *client = *_client; +- +- *_client = NULL; +- +- if (client->mech->free != NULL) +- client->mech->free(client); +- safe_memset(client->password, 0, strlen(client->password)); +- pool_unref(&client->pool); +-} +- +-int sasl_client_input(struct sasl_client *client, +- const unsigned char *input, +- unsigned int input_len, +- const char **error_r) +-{ +- return client->mech->input(client, input, input_len, error_r); +-} +- +-int sasl_client_output(struct sasl_client *client, +- const unsigned char **output_r, +- unsigned int *output_len_r, +- const char **error_r) +-{ +- return client->mech->output(client, output_r, output_len_r, error_r); +-} +- +-void sasl_clients_init(void) +-{ +- i_array_init(&sasl_mechanisms, 8); +- sasl_client_mech_register(&sasl_client_mech_plain); +- sasl_client_mech_register(&sasl_client_mech_login); +-} +- +-void sasl_clients_deinit(void) +-{ +- array_free(&sasl_mechanisms); +-} +diff -r d6b18c237be5 -r 2dd27b0e7e49 src/lib-sasl/sasl-client.h +--- a/src/lib-sasl/sasl-client.h Tue Jun 25 16:03:04 2013 +0300 ++++ /dev/null Thu Jan 01 00:00:00 1970 +0000 +@@ -1,39 +0,0 @@ +-#ifndef SASL_CLIENT_H +-#define SASL_CLIENT_H +- +-struct sasl_client_settings { +- /* authentication ID - must be set with most mechanisms */ +- const char *authid; +- /* authorization ID (who to log in as, if authentication ID is a +- master user) */ +- const char *authzid; +- /* password - must be set with most mechanisms */ +- const char *password; +-}; +- +-/* PLAIN mechanism always exists and can be accessed directly via this. */ +-extern const struct sasl_client_mech sasl_client_mech_plain; +- +-const struct sasl_client_mech *sasl_client_mech_find(const char *name); +-const char *sasl_client_mech_get_name(const struct sasl_client_mech *mech); +- +-struct sasl_client *sasl_client_new(const struct sasl_client_mech *mech, +- const struct sasl_client_settings *set); +-void sasl_client_free(struct sasl_client **client); +- +-/* Call for server input. */ +-int sasl_client_input(struct sasl_client *client, +- const unsigned char *input, +- unsigned int input_len, +- const char **error_r); +-/* Call for getting server output. Also used to get the initial SASL response +- if supported by the protocol. */ +-int sasl_client_output(struct sasl_client *client, +- const unsigned char **output_r, +- unsigned int *output_len_r, +- const char **error_r); +- +-void sasl_clients_init(void); +-void sasl_clients_deinit(void); +- +-#endif +diff -r d6b18c237be5 -r 2dd27b0e7e49 src/login-common/client-common-auth.c +--- a/src/login-common/client-common-auth.c Tue Jun 25 16:03:04 2013 +0300 ++++ b/src/login-common/client-common-auth.c Wed Jun 26 14:37:34 2013 +0300 +@@ -9,7 +9,7 @@ + #include "time-util.h" + #include "login-proxy.h" + #include "auth-client.h" +-#include "sasl-client.h" ++#include "dsasl-client.h" + #include "master-service-ssl-settings.h" + #include "client-common.h" + +@@ -202,7 +202,7 @@ + } + + if (client->proxy_sasl_client != NULL) +- sasl_client_free(&client->proxy_sasl_client); ++ dsasl_client_free(&client->proxy_sasl_client); + login_proxy_free(&client->login_proxy); + proxy_free_password(client); + i_free_and_null(client->proxy_user); +@@ -275,7 +275,7 @@ + const struct client_auth_reply *reply) + { + struct login_proxy_settings proxy_set; +- const struct sasl_client_mech *sasl_mech = NULL; ++ const struct dsasl_client_mech *sasl_mech = NULL; + + i_assert(reply->destuser != NULL); + i_assert(!client->destroyed); +@@ -296,7 +296,7 @@ + } + + if (reply->proxy_mech != NULL) { +- sasl_mech = sasl_client_mech_find(reply->proxy_mech); ++ sasl_mech = dsasl_client_mech_find(reply->proxy_mech); + if (sasl_mech == NULL) { + client_log_err(client, t_strdup_printf( + "proxy: Unsupported SASL mechanism %s", +@@ -306,7 +306,7 @@ + } + } else if (reply->master_user != NULL) { + /* have to use PLAIN authentication with master user logins */ +- sasl_mech = &sasl_client_mech_plain; ++ sasl_mech = &dsasl_client_mech_plain; + } + + i_assert(client->refcount > 1); +diff -r d6b18c237be5 -r 2dd27b0e7e49 src/login-common/client-common.c +--- a/src/login-common/client-common.c Tue Jun 25 16:03:04 2013 +0300 ++++ b/src/login-common/client-common.c Wed Jun 26 14:37:34 2013 +0300 +@@ -18,7 +18,7 @@ + #include "master-service-ssl-settings.h" + #include "master-auth.h" + #include "auth-client.h" +-#include "sasl-client.h" ++#include "dsasl-client.h" + #include "login-proxy.h" + #include "ssl-proxy.h" + #include "client-common.h" +@@ -211,7 +211,7 @@ + } + + if (client->proxy_sasl_client != NULL) +- sasl_client_free(&client->proxy_sasl_client); ++ dsasl_client_free(&client->proxy_sasl_client); + if (client->login_proxy != NULL) + login_proxy_free(&client->login_proxy); + if (client->v.destroy != NULL) +diff -r d6b18c237be5 -r 2dd27b0e7e49 src/login-common/client-common.h +--- a/src/login-common/client-common.h Tue Jun 25 16:03:04 2013 +0300 ++++ b/src/login-common/client-common.h Wed Jun 26 14:37:34 2013 +0300 +@@ -122,8 +122,8 @@ + + struct login_proxy *login_proxy; + char *proxy_user, *proxy_master_user, *proxy_password; +- const struct sasl_client_mech *proxy_mech; +- struct sasl_client *proxy_sasl_client; ++ const struct dsasl_client_mech *proxy_mech; ++ struct dsasl_client *proxy_sasl_client; + unsigned int proxy_state; + unsigned int proxy_ttl; + +diff -r d6b18c237be5 -r 2dd27b0e7e49 src/login-common/main.c +--- a/src/login-common/main.c Tue Jun 25 16:03:04 2013 +0300 ++++ b/src/login-common/main.c Wed Jun 26 14:37:34 2013 +0300 +@@ -13,7 +13,7 @@ + #include "access-lookup.h" + #include "anvil-client.h" + #include "auth-client.h" +-#include "sasl-client.h" ++#include "dsasl-client.h" + #include "master-service-ssl-settings.h" + #include "ssl-proxy.h" + #include "login-proxy.h" +@@ -282,7 +282,7 @@ + /* Initialize SSL proxy so it can read certificate and private + key file. */ + ssl_proxy_init(); +- sasl_clients_init(); ++ dsasl_clients_init(); + + /* set the number of fds we want to use. it may get increased or + decreased. leave a couple of extra fds for auth sockets and such. +@@ -358,7 +358,7 @@ + anvil_client_deinit(&anvil); + if (auth_client_to != NULL) + timeout_remove(&auth_client_to); +- sasl_clients_deinit(); ++ dsasl_clients_deinit(); + login_settings_deinit(); + } + +diff -r d6b18c237be5 -r 2dd27b0e7e49 src/pop3-login/pop3-proxy.c +--- a/src/pop3-login/pop3-proxy.c Tue Jun 25 16:03:04 2013 +0300 ++++ b/src/pop3-login/pop3-proxy.c Wed Jun 26 14:37:34 2013 +0300 +@@ -8,7 +8,7 @@ + #include "safe-memset.h" + #include "str.h" + #include "str-sanitize.h" +-#include "sasl-client.h" ++#include "dsasl-client.h" + #include "client.h" + #include "pop3-proxy.h" + +@@ -23,7 +23,7 @@ + + static int proxy_send_login(struct pop3_client *client, struct ostream *output) + { +- struct sasl_client_settings sasl_set; ++ struct dsasl_client_settings sasl_set; + const unsigned char *sasl_output; + unsigned int len; + const char *mech_name, *error; +@@ -60,12 +60,12 @@ + sasl_set.authzid = client->common.proxy_user; + sasl_set.password = client->common.proxy_password; + client->common.proxy_sasl_client = +- sasl_client_new(client->common.proxy_mech, &sasl_set); +- mech_name = sasl_client_mech_get_name(client->common.proxy_mech); ++ dsasl_client_new(client->common.proxy_mech, &sasl_set); ++ mech_name = dsasl_client_mech_get_name(client->common.proxy_mech); + + str_printfa(str, "AUTH %s ", mech_name); +- if (sasl_client_output(client->common.proxy_sasl_client, +- &sasl_output, &len, &error) < 0) { ++ if (dsasl_client_output(client->common.proxy_sasl_client, ++ &sasl_output, &len, &error) < 0) { + client_log_err(&client->common, t_strdup_printf( + "proxy: SASL mechanism %s init failed: %s", + mech_name, error)); +@@ -99,11 +99,11 @@ + client_log_err(client, "proxy: Server sent invalid base64 data in AUTH response"); + return -1; + } +- ret = sasl_client_input(client->proxy_sasl_client, +- str_data(str), str_len(str), &error); ++ ret = dsasl_client_input(client->proxy_sasl_client, ++ str_data(str), str_len(str), &error); + if (ret == 0) { +- ret = sasl_client_output(client->proxy_sasl_client, +- &data, &data_len, &error); ++ ret = dsasl_client_output(client->proxy_sasl_client, ++ &data, &data_len, &error); + } + if (ret < 0) { + client_log_err(client, t_strdup_printf( + |