Projects
Kolab:16:Enterprise
guam
guam-0.8-debian-concat.patch
Log In
Username
Password
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File guam-0.8-debian-concat.patch of Package guam (Revision 8)
Currently displaying revision
8
,
Show latest
diff -ur guam-0.8.orig/apps/kolab_guam/src/kolab_guam_listener.erl guam-0.8/apps/kolab_guam/src/kolab_guam_listener.erl --- guam-0.8.orig/apps/kolab_guam/src/kolab_guam_listener.erl 2016-06-08 14:18:58.000000000 +0200 +++ guam-0.8/apps/kolab_guam/src/kolab_guam_listener.erl 2016-07-01 13:33:11.784314048 +0200 @@ -35,11 +35,12 @@ %% gen_server API init([Name, Config]) -> Host = proplists:get_value(host, Config, none), + NetIface = proplists:get_value(net_iface, Config, none), Port = proplists:get_value(port, Config, ?DEFAULT_IMAP_PORT), ImplicitTLS = proplists:get_value(implicit_tls, Config, false), TLSConfig = proplists:get_value(tls_config, Config, []), Rules = proplists:get_value(rules, Config, []), - Options = listen_options(Host, ImplicitTLS, TLSConfig), + Options = listen_options(NetIface, Host, ImplicitTLS, TLSConfig), lager:info("Starting listener \"~p\" on port ~B (~p) with ~B rules", [Name, Port, Options, length(Rules)]), { ok, ListenSocket } = listen(ImplicitTLS, Port, Options), spawn_link(?MODULE, cleanup, [ListenSocket]), @@ -55,17 +56,27 @@ imap_config(none) -> kolab_guam_sup:default_imap_server_config(); imap_config(Backend) -> kolab_guam_sup:imap_server_config(Backend). -listen_options(none, ImplicitTLS, TLSConfig) -> default_listen_options(ImplicitTLS, TLSConfig); -listen_options(Hostname, ImplicitTLS, TLSConfig) -> +-spec listen_options(Iface :: string(), Hostname :: string(), ImplicitTLS :: boolean(), TLSConfig :: list()) -> list(). +listen_options(none, none, ImplicitTLS, TLSConfig) -> default_listen_options(ImplicitTLS, TLSConfig); +listen_options(none, Hostname, ImplicitTLS, TLSConfig) -> case inet:gethostbyname(Hostname) of { ok, { hostent, _HostName, _Unused, inet, _Ver, [IP] } } -> [ { ip, IP } | default_listen_options(ImplicitTLS, TLSConfig) ]; _ -> - listen_options(none, ImplicitTLS, TLSConfig) + listen_options(none, none, ImplicitTLS, TLSConfig) + end; +listen_options(Iface, Hostname, ImplicitTLS, TLSConfig) -> + { ok, Ifaces } = inet:getifaddrs(), + case proplists:get_value(Iface, Ifaces) of + undefined -> listen_options(none, Hostname, ImplicitTLS, TLSConfig); + Info -> Addr = proplists:get_value(addr, Info, none), + %lager:info("YEAH! ~p", [Addr]), + listen_options(none, Addr, ImplicitTLS, TLSConfig) end. -default_listen_options(true, TLSConfig) -> [ { reuseaddr, true }, {active, once } | TLSConfig ]; -default_listen_options(_ImplicitTLS, _Config) -> [ { active, once }, { reuseaddr, true } ]. +default_listen_options(true, TLSConfig) -> default_listen_options() ++ TLSConfig; +default_listen_options(_ImplicitTLS, _Config) -> default_listen_options(). +default_listen_options() -> [ { reuseaddr, true }, {active, once }, inet6 ]. create_initial_listeners(PID) when is_pid(PID) -> lager:debug("Creating session pool for listener ~p", [PID]), diff -ur guam-0.8.orig/apps/kolab_guam/src/kolab_guam_session.erl guam-0.8/apps/kolab_guam/src/kolab_guam_session.erl --- guam-0.8.orig/apps/kolab_guam/src/kolab_guam_session.erl 2016-06-08 14:18:58.000000000 +0200 +++ guam-0.8/apps/kolab_guam/src/kolab_guam_session.erl 2016-07-01 13:34:12.008992665 +0200 @@ -71,10 +71,12 @@ handle_info({ ssl, Socket, Data }, State) -> %lager:debug("Data coming in from client over SSL, ~p", [Data]), process_client_data(Socket, Data, State); -handle_info({ server_hello, ServerHello }, #state{ imap_session = ImapSession, tls_config = TLSConfig, socket = Socket, client_tls_active = TLSActive, deflator = Deflator } = State) -> - CorrectedHello = correct_hello(TLSActive, TLSConfig, ServerHello), +handle_info({ server_hello, ServerHello }, #state{ imap_session = ImapSession, tls_config = TLSConfig, socket = Socket, client_implicit_tls = ImplicitTLS, client_tls_active = TLSActive, deflator = Deflator } = State) -> + CorrectedHello = correct_hello(TLSActive, ImplicitTLS, TLSConfig, ServerHello), + ServerIdent = proplists:get_value(server_id, ServerHello, <<>>), + FullGreeting = <<"* OK [CAPABILITIES ", CorrectedHello/binary, "] ", ServerIdent/binary, "\r\n">>, eimap:start_passthrough(ImapSession, self()), - relay_response(Socket, postprocess_server_data(Deflator, <<CorrectedHello/binary, "\r\n">>), TLSActive), + relay_response(Socket, postprocess_server_data(Deflator, FullGreeting), TLSActive), { noreply, State }; handle_info({ { rule_data, Module, ResponseToken }, Data }, #state{ rules_active = ActiveRules } = State) -> %lager:debug("Got back data requested by rule ~p: ~p", [Module, Data]), @@ -275,17 +277,20 @@ set_socket_active(true, Socket) -> ssl:setopts(Socket, [{ active, once }]); set_socket_active(_, Socket) -> inet:setopts(Socket, [{ active, once }]). --spec correct_hello(TLSActive :: true | false, TlSConfig :: [] | list(), ServerHello :: binary()) -> CorrectedHello :: binary(). -correct_hello(true, _TLSConfig, ServerHello) -> +-spec correct_hello(TLSActive :: true | false, ImplicitTLS :: true | false, TlSConfig :: [] | list(), ServerHello :: binary()) -> CorrectedHello :: binary(). +correct_hello(true, true, _TLSConfig, ServerResponse) -> % the connection is already secured, so don't advertise starttls to the client - ensure_hello_does_not_have_starttls(ServerHello); -correct_hello(_TLSActive, [], ServerHello) -> + ensure_hello_does_not_have_starttls(ServerResponse); +correct_hello(true, _ImplicitTLS, _TLSConfig, ServerResponse) -> + % the connection is already secured, so don't advertise starttls to the client + ensure_hello_does_not_have_starttls(ServerResponse); +correct_hello(_TLSActive, _ImplicitTLS, [], ServerResponse) -> % guam does not have a TLS config and so can not provide TLS to the client - ensure_hello_does_not_have_starttls(ServerHello); -correct_hello(_TLSAcive, _TLSConfig, ServerHello) -> + ensure_hello_does_not_have_starttls(ServerResponse); +correct_hello(_TLSActive, _ImplicitTLS, _TLSConfig, ServerResponse) -> % guam has a TLS config, and it is not currently active, so make sure to include % STARTTLS in our response regardless of what the backend says - ensure_hello_has_starttls(ServerHello). + ensure_hello_has_starttls(ServerResponse). ensure_hello_has_starttls(ServerResponse) -> ServerHello = proplists:get_value(capabilities, ServerResponse, <<>>), @@ -296,14 +301,26 @@ add_starttls_to_capabilities(ServerHello) -> case binary:match(ServerHello, <<"CAPABILITY ">>) of - nomatch -> ServerHello; + nomatch -> add_starttls_after_imap4_atom(ServerHello); + { Start, End } -> + Prefix = binary:part(ServerHello, 0, Start + End), + Suffix = binary:part(ServerHello, Start + End, size(ServerHello) - Start - End), + CorrectHello = <<Prefix/binary, "STARTTLS ", Suffix/binary>>, + remove_auth_offers(CorrectHello) + end. + +add_starttls_after_imap4_atom(ServerHello) -> + case binary:match(ServerHello, <<"IMAP4rev1 ">>) of + nomatch -> <<"STARTTLS ", ServerHello/binary>>; { Start, End } -> Prefix = binary:part(ServerHello, 0, Start + End), Suffix = binary:part(ServerHello, Start + End, size(ServerHello) - Start - End), - <<Prefix/binary, "STARTTLS ", Suffix/binary>> + CorrectHello = <<Prefix/binary, "STARTTLS ", Suffix/binary>>, + remove_auth_offers(CorrectHello) end. -ensure_hello_does_not_have_starttls(ServerHello) -> +ensure_hello_does_not_have_starttls(ServerResponse) -> + ServerHello = proplists:get_value(capabilities, ServerResponse, <<>>), case binary:match(ServerHello, <<"STARTTLS">>) of nomatch -> ServerHello; { Start, End } -> @@ -312,3 +329,25 @@ <<Prefix/binary, Suffix/binary>> end. +remove_auth_offers(ServerHello) -> + case binary:match(ServerHello, <<"AUTH=">>) of + nomatch -> ensure_advertise_login_disabled(ServerHello); + { Start, End } -> + Prefix = binary:part(ServerHello, 0, Start), + Suffix = + case binary:match(ServerHello, <<" ">>, [{ scope, { Start, size(ServerHello) - Start } }]) of + nomatch -> + %% end of the line, so no suffix + <<>>; + { SpaceStart, SpaceEnd } -> + binary:part(ServerHello, SpaceStart + SpaceEnd, size(ServerHello) - SpaceStart - SpaceEnd) + end, + remove_auth_offers(<<Prefix/binary, Suffix/binary>>) + end. + +ensure_advertise_login_disabled(ServerHello) -> + case binary:match(ServerHello, <<"LOGINDISABLED">>) of + nomatch -> <<ServerHello/binary, " LOGINDISABLED">>; + _ -> ServerHello + end. + Only in guam-0.8: CHANGELOG.md diff -ur guam-0.8.orig/contrib/guam.sysvinit guam-0.8/contrib/guam.sysvinit --- guam-0.8.orig/contrib/guam.sysvinit 2016-06-08 14:18:58.000000000 +0200 +++ guam-0.8/contrib/guam.sysvinit 2016-07-01 13:33:49.086734379 +0200 @@ -11,6 +11,8 @@ name=`basename $0` +export HOME=/opt/kolab_guam/ + start_cmd="$name start" restart_cmd="$name restart" stop_cmd="$name stop" diff -ur guam-0.8.orig/docs/deployment.md guam-0.8/docs/deployment.md --- guam-0.8.orig/docs/deployment.md 2016-06-08 14:18:58.000000000 +0200 +++ guam-0.8/docs/deployment.md 2016-07-01 13:32:52.850100693 +0200 @@ -84,14 +84,26 @@ { rules, [ { filter_groupware, [] } ] }, { tls_config, [ { certfile, "/etc/ssl/sample.pem" } ] } ] + }, + { default, [ + { net_iface, "eth0" }, + { port, 1993 }, + { imap_server, default }, + { implicit_tls, true }, + { rules, [ { filter_groupware, [] } ] }, + { tls_config, [ { certfile, "/etc/ssl/sample.pem" } ] } + ] } } The host entry is optional, and is used to bind the connection to a specific -network interface. Leaving it empty will cause Guam to bind to the port accross +network interface by ip address. Alternatively, the net_iface may be defined and +guam will attempt to bind to an address on that network device. net_iface overrides +host, though host will be used as a fallback if net_iface does not produce a network +interface. Leaving host and net_iface empty will cause Guam to bind to the port accross all network interfaces available to it. -port defines the port it is listening on. +port defines the port the listener is active on. imap_server refers to the entry in the imap_servers block. If not provided, the default entry in the imap_servers configuration is used. diff -ur guam-0.8.orig/rebar.config guam-0.8/rebar.config --- guam-0.8.orig/rebar.config 2016-06-08 14:18:58.000000000 +0200 +++ guam-0.8/rebar.config 2016-07-01 13:33:41.190645404 +0200 @@ -3,9 +3,9 @@ { deps_dir, "deps" }. { deps, [ - { lager, "(2.0|2.1|2.2).*", { git, "git://github.com/basho/lager.git", { tag, "2.2.0" } } }, + { lager, "3.*", { git, "git://github.com/basho/lager.git" } }, { lager_syslog, "2.*", { git, "git://github.com/basho/lager_syslog.git", { tag, "2.1.3" } } }, - { eimap, ".*", { git, "https://git.kolab.org/diffusion/EI/eimap.git", { tag, "0.2.2" } } } + { eimap, ".*", { git, "https://git.kolab.org/diffusion/EI/eimap.git", { tag, "0.2.4" } } } %% pull in the proper version of meck before jobs 0.3 gets around to pulling in the wrong version ] }. diff -ur guam-0.8.orig/rel/reltool.config guam-0.8/rel/reltool.config --- guam-0.8.orig/rel/reltool.config 2016-06-08 14:18:58.000000000 +0200 +++ guam-0.8/rel/reltool.config 2016-07-01 13:33:35.894585727 +0200 @@ -4,7 +4,7 @@ {lib_dirs, ["../deps"]}, {erts, [{mod_cond, derived}, {app_file, strip}]}, {app_file, strip}, - {rel, "kolab_guam", "0.9", + {rel, "kolab_guam", "0.8", [ kernel, stdlib,
Locations
Projects
Search
Status Monitor
Help
Open Build Service
OBS Manuals
API Documentation
OBS Portal
Reporting a Bug
Contact
Mailing List
Forums
Chat (IRC)
Twitter
Open Build Service (OBS)
is an
openSUSE project
.