commit dovecot22 for openSUSE:Factory

h_root Thu, 13 Oct 2016 02:33:13 -0700

Hello community,

here is the log from the commit of package dovecot22 for openSUSE:Factory 
checked in at 2016-10-13 11:32:39
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/dovecot22 (Old)
 and      /work/SRC/openSUSE:Factory/.dovecot22.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++


Package is "dovecot22"

Changes:
--------
--- /work/SRC/openSUSE:Factory/dovecot22/dovecot22.changes      2016-07-12 
23:52:22.000000000 +0200
+++ /work/SRC/openSUSE:Factory/.dovecot22.new/dovecot22.changes 2016-10-13 
11:32:41.000000000 +0200
@@ -1,0 +2,6 @@
+Wed Oct 12 10:04:04 UTC 2016 - mrueck...@suse.de
+
+- backport the diff bfef689..144e0b5 to fix the ldap bind issue
+  (bnc#1003952). adds dovecot-2.2.25_ldap_bind.patch
+
+-------------------------------------------------------------------

New:
----
  dovecot-2.2.25_ldap_bind.patch

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ dovecot22.spec ++++++
--- /var/tmp/diff_new_pack.Sf5QcI/_old  2016-10-13 11:32:43.000000000 +0200
+++ /var/tmp/diff_new_pack.Sf5QcI/_new  2016-10-13 11:32:43.000000000 +0200
@@ -126,6 +126,7 @@
 Source7:        dovecot-2.2-pigeonhole.configfiles
 Patch:          dovecot-2.2.18-dont_use_etc_ssl_certs.patch
 Patch1:         dovecot-2.2.18-better_ssl_defaults.patch
+Patch2:         dovecot-2.2.25_ldap_bind.patch
 Summary:        IMAP and POP3 Server Written Primarily with Security in Mind
 License:        BSD-3-Clause and LGPL-2.1+ and MIT
 Group:          Productivity/Networking/Email/Servers
@@ -305,6 +306,7 @@
 %setup -q -n %{pkg_name}-%{dovecot_version} -a 1
 %patch -p1
 %patch1 -p1
+%patch2 -p1
 %{__gzip} -9v ChangeLog
 # Fix plugins dir.
 %{__sed} -i 's|#mail_plugin_dir = /usr/lib/dovecot|mail_plugin_dir = 
%{_libdir}/dovecot/modules|' doc/example-config/conf.d/10-mail.conf

++++++ dovecot-2.2.25_ldap_bind.patch ++++++
diff --git a/src/auth/db-ldap.c b/src/auth/db-ldap.c
index be61e04..6a09809 100644
--- a/src/auth/db-ldap.c
+++ b/src/auth/db-ldap.c
@@ -993,7 +993,41 @@ static void ldap_connection_timeout(struct ldap_connection 
*conn)
        db_ldap_conn_close(conn);
 }
 
-static int db_ldap_bind(struct ldap_connection *conn)
+#ifdef HAVE_LDAP_SASL
+static int db_ldap_bind_sasl(struct ldap_connection *conn)
+{
+       struct db_ldap_sasl_bind_context context;
+       int ret;
+
+       memset(&context, 0, sizeof(context));
+       context.authcid = conn->set.dn;
+       context.passwd = conn->set.dnpass;
+       context.realm = conn->set.sasl_realm;
+       context.authzid = conn->set.sasl_authz_id;
+
+       /* There doesn't seem to be a way to do SASL binding
+          asynchronously.. */
+       ret = ldap_sasl_interactive_bind_s(conn->ld, NULL,
+                                          conn->set.sasl_mech,
+                                          NULL, NULL, LDAP_SASL_QUIET,
+                                          sasl_interact, &context);
+       if (db_ldap_connect_finish(conn, ret) < 0)
+               return -1;
+       
+       conn->conn_state = LDAP_CONN_STATE_BOUND_DEFAULT;
+
+       return 0;
+}
+#else
+static int db_ldap_bind_sasl(struct ldap_connection *conn ATTR_UNUSED)
+{
+       i_unreached(); /* already checked at init */
+
+       return -1;
+}
+#endif
+
+static int db_ldap_bind_simple(struct ldap_connection *conn)
 {
        int msgid;
 
@@ -1022,6 +1056,19 @@ static int db_ldap_bind(struct ldap_connection *conn)
        return 0;
 }
 
+static int db_ldap_bind(struct ldap_connection *conn)
+{
+       if (conn->set.sasl_bind) {
+               if (db_ldap_bind_sasl(conn) < 0)
+                       return -1;
+       } else {
+               if (db_ldap_bind_simple(conn) < 0)
+                       return -1;
+       }
+
+       return 0;
+}
+
 static void db_ldap_get_fd(struct ldap_connection *conn)
 {
        int ret;
@@ -1194,32 +1241,9 @@ int db_ldap_connect(struct ldap_connection *conn)
 #endif
        }
 
-       if (conn->set.sasl_bind) {
-#ifdef HAVE_LDAP_SASL
-               struct db_ldap_sasl_bind_context context;
-
-               memset(&context, 0, sizeof(context));
-               context.authcid = conn->set.dn;
-               context.passwd = conn->set.dnpass;
-               context.realm = conn->set.sasl_realm;
-               context.authzid = conn->set.sasl_authz_id;
-
-               /* There doesn't seem to be a way to do SASL binding
-                  asynchronously.. */
-               ret = ldap_sasl_interactive_bind_s(conn->ld, NULL,
-                                                  conn->set.sasl_mech,
-                                                  NULL, NULL, LDAP_SASL_QUIET,
-                                                  sasl_interact, &context);
-               if (db_ldap_connect_finish(conn, ret) < 0)
-                       return -1;
-#else
-               i_unreached(); /* already checked at init */
-#endif
-               conn->conn_state = LDAP_CONN_STATE_BOUND_DEFAULT;
-       } else {
-               if (db_ldap_bind(conn) < 0)
-                       return -1;
-       }
+       if (db_ldap_bind(conn) < 0)
+               return -1;
+
        if (debug) {
                if (gettimeofday(&end, NULL) == 0) {
                        int msecs = timeval_diff_msecs(&end, &start);

commit dovecot22 for openSUSE:Factory

Reply via email to