Commit graph

40 commits

Author SHA1 Message Date
markd
eaa58f0758 Fix build with newer heimdal. 2011-01-30 01:33:44 +00:00
tron
2e2307a013 Use "soc" target if building with Sun Studio C++ and modify that target
to use "cc" rather than an absolute path (which is no longer correct).
This fixes the build with that compiler without breaking the build
using GCC.
2010-01-25 23:04:49 +00:00
tron
dfadf1ce82 Don't remove "CC=gcc" from the Solaris GCC build target. This breaks the
build at least on setups where "cc" is not present or not GCC which is
the default under Solaris 10.
2010-01-11 09:26:01 +00:00
wiz
535692e6d0 regen patch-ap, from Sean Boudreau on tech-pkg. 2009-06-11 08:13:05 +00:00
plunky
b957a2a78e Fix a problem where file modification times were being reset to 0 by
including <utime.h> to make sure that compiler renaming was used to
select __utime50() instead of utime() as 64-bit time_t was being used.
2009-05-17 16:03:08 +00:00
tron
60f28a6083 Update "imap-uw" package to version 2007e.
This version is a maintenance release, consisting primarily of bugfixes to
problems discovered in the release that affected a small number of users
plus a security fix for users of the RFC822BUFFER routines.

Approved by Thomas Klausner.
2008-12-29 16:29:50 +00:00
tron
e1a319634a Update "imap-uw" package to imap-2007d. Changes since version 2006j2:
- security fix for users of tmail or dmail.
- bug fixes and reliability improvements.
- A new function, utf8_csvalidmap(), has been added for the benefit of
  Alpine to use in examining UTF-8 text and determining efficiently
  whether it can be downgraded to a legacy charset.  If you develop an
  MUA, this may be useful for you too, although you'll have to read the
  source code to see how to use it.  The purpose of the "not-CJK" bit is
  to prevent messages being downgraded to a CJK charset if all they have
  in that charset are some special punctuation.

This update address the security vulnerability reported in SA32483.
2008-11-06 15:27:00 +00:00
dbj
cbb672b5b2 use setpgid instead of setpgrp on darwin if __DARWIN_UNIX03
PR pkg/37490
2008-04-20 22:37:06 +00:00
obache
646a5b3c4a Update imap-uw to 2006j2. OKed by jwise@.
Updated: 14 June 2007

imap-2006j is a maintenance release, consisting primarily of bugfixes to
problems discovered in the release that affected a small number of users.


Updated: 5 June 2007

imap-2006i is a maintenance release, consisting primarily of bugfixes to
problems discovered in the release that affected a small number of users.

imapd now supports the CHILDREN and ESEARCH extensions.

imapd's attempt to return COPYUID/APPENDUID information for a traditional
UNIX (and MMDF) format mailbox when the mailbox is open by another process
has been declared to be a failure and is now revoked.  It was subject to a
timing race, loss of which involved an expensive reset of the mailbox's UID
regime.  Any imapd COPY or APPEND to a traditional UNIX or MMDF format that
is open by some other process will now no longer return COPYUID/APPEND.
Although this is technically in violation of RFC 4315, there is a loophole
in that document and the timing race/performance problem is worse.


Updated: 4 April 2007

imap-2006h is a maintenance release, consisting primarily of bugfixes to
problems discovered in the release that affected a small number of users.


Updated: 30 March 2007

imap-2006g is a maintenance release, consisting primarily of bugfixes to
problems discovered in the release that affected a small number of users.


Updated: 30 January 2007

imap-2006f is a maintenance release, consisting primarily of bugfixes to
problems discovered in the release that affected a small number of users.

For the benefit of multi-threaded applications, use of strtok() has been
abolished in the c-client library.  imapd and ipop3d stuff use it though.
The TOPS-20 and VAX/VMS ports still use strtok() since they don't use UNIX
threads.

This version has been test-built on Linux, Mac OS X, NeXT, Windows XP,
TOPS-20, and VAX/VMS.  This will probably be the last test-build on VAX/VMS
since the system I use for that purpose is being shut down.  I have no way
to test-build on DOS, legacy Mac OS (OS 9 and earlier), OS/2, or Windows CE;
and the builds on those systems are probably broken.


Updated: 26 January 2007

imap-2006e is a maintenance release, consisting primarily of bugfixes to
problems discovered in the release that affected a small number of users.


Updated: 6 December 2006

imap-2006d is a maintenance release, consisting primarily of bugfixes to
problems discovered in the release that affected a small number of users.

The decomposition mapping, title-case mapping, and character widths tables
have been updated to comply with the Unicode 5.0 standard.

Prototypes for the utf8aux.c functions have been moved to a new utf8aux.h.

The general c-client modules now include c-client.h instead of the individual
files.  Use of c-client.h instead of individual include files insulates
against future shuffling of include files.


Updated: 23 October 2006

imap-2006c is a maintenance release, consisting primarily of bugfixes to
problems discovered in the release that affected a small number of users.

By popular request, if a user has a mix (or other dual-use) format INBOX,
it will no longer be listed as \NoInferiors.  It's a bad idea to depend
upon this due to the case ambiguity issue, but it's there.


Updated: 26 September 2006

imap-2006b is a maintenance release, consisting entirely of bugfixes to
problems discovered in the release that affected a small number of users.


Updated: 15 September 2006

imap-2006a is a maintenance release, consisting entirely of bugfixes to
problems discovered in the release that affected a small number of users.

If it is necessary to build IPv4-only on one of the ports that has IPv6
preconfigured (ldb, lfd, lmd, lrh, lsu, osx, oxp), this can be done by
using IP6=4.  You can't do IP=4 in the build command directly since these
ports set IP themselves; however, now instead of setting IP=6 they now set
IP=$(IP6).


Updated: 30 August 2006

imap-2006 is a major release.  Programs written for imap-2004g should
build with this version with minor or no modification.  imap-2005 was not
released except as development snapshots.

imap-2006 contains major extensions to its Unicode support.  Searching and
sorting are now done with strings canonicalized to titlecase and decomposed
form.  Among other things, this means that Latin letters with diacriticals
will now sort with the basic Latin letter, and case-independent searching of
such letters (e.g., German umlauts) now works.  Previously, sorting was done
strictly by Unicode codepoint, and case-independence only worked with ASCII.

imapd now supports the UIDPLUS extension for mailboxes in unix, mmdf, mbx, mx,
and mix formats.  UID EXPUNGE is fully implemented.  Note that UIDPLUS is not
supported in the little-used drivers (mh, mtx, tenex) in which meaningful
APPENDUID/COPYUID data can not be returned.  Refer to bugs.txt for more
details.

The new mix format is a dual-use mailbox format designed for performance and
reliability with large mailboxes.  mix is documented in file mixfmt.txt.

SSL/TLS certificate validation on UNIX now checks the alternative names in the
certificate if the CN does not match.

The new /tls-sslv23 flag in a mailbox name causes a TLS session to use the
(incorrect) SSLv23 client method instead of the TLSv1 client method.  Some
broken servers use the SSLv23 server method, and this flag works around that
problem.  WARNING: use of this flag will cause TLS negotiation to fail with
a server which uses the proper TLSv1 server method.  Additionally, there are
known security risks in SSLv2; so users should be suspicious if this switch
suddenly becomes necesary.

The silly mailbox flag combination /ssl/tls is now rejected as an invalid
remote specification.  Previous versions tried to negotiate TLS over an SSL
session; even if the server permitted such a thing it couldn't work.

The memory management of several drivers has been redesigned to consume less
memory and hopefully be faster.

The private.data member of the MESSAGECACHE (elt) has been replaced with
a union that contains private.spare.data and private.spare.ptr, the latter
being a pointer.

A new FT_RETURNSTRINGSTRUCT flag has been added for mail_fetch_body() and
mail_fetch_text() calls.  If this flag is set, *and* if the function returns
NIL, then the requested string data is available on a stringstruct on
stream->private.string.  This is a special hack for the IMAP and POP servers
and is subject to incompatible change.  The result is a major performance
improvement in the servers with the mbx driver, particularly with large
messages.
2007-08-03 17:03:29 +00:00
tron
64b1bac974 Enable PAM support under Linux and NetBSD if available.
Bump package revision because of this change.
2006-09-11 13:44:27 +00:00
markd
df9baca7e6 Delay cat'ing the LDFLAGS file till the actual linking is happening so
that all library dependencies are picked up.  Fixes the build of pine
when imap-uw has been built with the kerberos option.  No revision bump
as doesn't change the default build.
2006-08-29 23:53:55 +00:00
jlam
25e4103cb1 * Split the MESSAGE file into two parts, one of which only shows up
if "ssl" is a package option.

* Stop the abuse of BUILD_TARGET and use MAKE_FLAGS instead.  Also,
  use OPSYSVARS to simplify the specification of the correct BUILD_TARGET
  for each platform.

* Make use of the EXTRASPECIALS variable used by imap makefiles to pass
  special MAKE_FLAGS settings through to all recursive make processes.
  This gets rid of some MAKE_ENV statements.

* Split off the special alpha-codegen hack into a hacks.mk file.

* Do man page fixups at post-build time, not post-extract time.  This
  leaves the files pristine for possible patching.

* Add back the special handling if IMAP_UW_MAILSPOOLHOME is defined.
  It was accidentally removed in patch-am when the whoson modifications
  were added.  Move the modifications to the configure phase instead
  of post-patch so that the modifications aren't accidentally picked
  up by mkpatches.

* Instead of listing each Makefile that needs the sed modification
  s/c-client.a/libc-client.la/ and modifying them at post-extract
  time, simply create patches for them.

* Instead of listing each header file to be installed, just derive
  the list from the PLIST.

* Make the libtoolification a bit more transparent by patching libtool
  references directly into the imap makefiles.

* Drop the -limapuw -> -lc-client buildlink transform that was only
  needed for much older versions of the imap-uw package, and stop
  installing libimapuw.*.  All dependents of imap-uw already correctly
  use -lc-client.

* Fix the handling of the kerberos package option so that we can use
  the pkgsrc Kerberos 5 packages instead of only using the native
  ones.

* Properly document the options.mk file.

Bump the PKGREVISION for the libimapuw.* changes and for the
IMAP_UW_MAILSPOOLHOME fixes.  The rest of the changes are all
pkgsrc-related and don't really affect the binary package.
2006-07-26 20:00:27 +00:00
minskim
51dc91185d Remove debugging and optimization options on Darwin, to be consistent with
other platforms.  No PKGREVISION bump because this package currently does
not build on Darwin.
2006-07-07 05:45:51 +00:00
adam
d29c67b2e1 Changes 2004g:
* Bug fix: quoted string handling in the mailbox name parsing routine

Changes 2004f:
* Bug fix: TCP code
* New SSL/TLS routines
2006-01-12 20:53:50 +00:00
joerg
24413d31af Do not "extern int errno;" just in case. 2005-12-03 00:52:54 +00:00
salo
66f44eb00f Security fix for SA17062:
"A vulnerability in UW-imapd can be exploited by malicious users to
 cause a DoS (Denial of Service) or compromise a vulnerable system.

 The vulnerability is caused due to a boundary error in the
 "mail_valid_net_parse_work()" function when copying the user supplied
 mailbox name to a stack buffer. This can be exploited to cause a
 stack-based buffer overflow via a specially crafted mailbox name that
 contains an single opening double-quote character, without the
 corresponding closing double-quote.

 Successful exploitation allows arbitrary code execution, but requires
 valid credentials on the IMAP server."

http://secunia.com/advisories/17062/
www.idefense.com/application/poi/display?id=313&type=vulnerabilities
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2933

Patch from 2004g.
2005-10-05 15:49:44 +00:00
tv
20c21e31b1 Update to imap-uw-2004e (downwards ABI compatible; shlib teeny version bumped).
Changes (note that relnotes say -2004d, but it is indeed -2004e):

=====
imap-2004d is a maintenance release, released concurrently with Pine
4.63, and consists primarily of bugfixes

There is now a workaround for RedHat breaking flock().  However, since
RedHat has said that they don't support flock(), there is no guarantee
that they won't break it in the future.  So you may want to consider some
other Linux distribution or BSD instead.  See:
        https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=123415
for the gruesome details.

There are no user-visible functional enhancements in this version.
=====

OTHER CHANGE: Multiple newsrc and MSA support needed by Pine 4.63.
2005-08-12 19:47:17 +00:00
tron
47c0862eac Add optional IPv6 support. Bump package revision because of this change. 2005-08-01 20:34:31 +00:00
hira
82643f2d0f Add missing RCS Id tag to patch-ab. 2005-06-17 14:49:47 +00:00
thorpej
0b9ad806b2 Use the SSLKEYS variable to determine the location of the certificate
private key.  Bump package revision to 2.
2005-03-06 17:03:06 +00:00
agc
8758983939 Add RMD160 digests. 2005-02-24 09:59:20 +00:00
abs
e5a897ba41 Update imap-uw to 2004c1
imap-2004c:
    fixes to quoted-printable encoding and CRAM-MD5 authentication.
    NNTP proxy in imapd now supports the LIST and LSUB commands.

imap-2004b:
    There are new ports for Solaris with Blastwave Community Open
    Source Software (gcs) and Mandrake Linux (lmd).

    SET_SNARFINTERVAL now controls how frequently local drivers
    will move new mail from the mail spool as well as from a
    maildrop.  Maildrops are still tied to a minimum interval of
    1 minute, but there is now no minimum for the spool file.

    Character set conversions now map non-breaking space to space
    if the destination character set doesn't have nbsp.  JIS Roman
    yen sign is now mapped to Unicode yen sign.
2005-01-24 09:03:48 +00:00
abs
dd04eda1b7 Add IMAP_UW_USE_WHOSON
No change to default build, so no version bump
2004-10-11 16:56:28 +00:00
adam
325b56a950 Changes imap-2004a:
* maintenance release, consisting primarily of critical bugfixes
* now has a supported NNTP proxy capability
* OSF/1 port (Digital UNIX, Tru64) now uses flocksim instead of flcksafe
* The unix[nt] and mmdf drivers now prevent mail_append() from writing Status:,
  X-Status:, X-UID, X-IMAP[base]:, and X-Keywords: header lines to a
  traditional UNIX or MMDF format mailbox
2004-08-12 12:13:54 +00:00
adam
221af5bbd8 Changes 2004:
* mailutil has three new commands: delete, rename, and prune
* IPv6 support now exists for UNIX and W2K
* The NNTP driver now supports NNTP SASL and TLS
* imapd now supports the LITERAL+ and SASL-IR initial-response extensions
* The IMAP driver has some additional checks to reduce the amount of network
  traffic, including executing "silly searches" (searches of sequence numbers
  only) locally
* The IMAP, POP, SMTP, and NNTP drivers now have diagnostic code to provide
  better information about servers which violate SASL's empty challenge
  requirements (e.g. with the PLAIN mechanism).
* There is a new mail_fetch_overview_sequence() function which is like
  mail_fetch_overview() but takes a sequence number string as an argument.
  There should have been a flags argument and FT_UID bit as in all the other
  mail_fetch_???() functions but compatibility with the past... :-(
* The overview_t callback (from mail_fetch_overview()) now has a fourth
  argument which contains the message sequence number (as opposed to the UID
  which is in the second argument).  It turned out that some applications were
  calling mail_msgno() (which can be moderately expensive) to get the sequence
  number, and c-client already knew it.
* Many declarations which are completely internal to a driver have been removed
  from the driver .h file, and in those cases where there are no external
  declarations left the .h file has been eliminated entirely.  As part of this,
  the mbox driver routines are now incorporated with the unix driver routines
  as opposed to being a separate file.  The mbox driver still needs to be lunk
  in order to get the mbox functionality.
2004-05-13 18:14:34 +00:00
kim
8be25ece96 Add IMAP_UW_MAILSPOOLHOME (analogous to PROCMAIL_MAILSPOOLHOME). To
default user mailboxes to their home directory, specify the name of
the mailbox file.
2003-09-13 18:31:32 +00:00
adam
d87ddfb97f Updated: 27 August 2003
imap-2002e is a minor release, released concurrently with Pine 4.57, and
contains primarily bugfixes.  Programs written for imap-2002d should build
with this version without modification.

The NNTP client code now tries to perform better with legacy NNTP servers
which do not comply with the current NNTP protocol specification draft, most
notably Netscape Collabra.

Delivery notifications now work reliably with SMTP servers that support it.

The following changes are primarily of concern to developers and power users:

There is a "limited advertise" option in env_unix.c which, if set, will only
advertise the user's own namespace and the #shared/ namespace.

It is now possible to build the IMAP toolkit with a separate SSL KEY file
from the certificate file (SSLKEYS vs. SSLCERTS).

A new BODY structure element, sparep, is available for the main program to
use as a pointer for its own purposes; as well as a SET_FREEBODYSPAREP
function, similar to SET_FREEENVELOPESPAREP, SET_FREEELTSPAREP, etc.
2003-09-10 11:54:41 +00:00
adam
6c52e431a3 Kerberos fix (thanks to tron) 2003-07-30 09:29:58 +00:00
adam
243468b0b1 Changes:
imap-2002c is a minor release, released concurrently with Pine 4.55, and
contains primarily bugfixes.  Programs written for imap-2002 will build
with this version without modification

imap-2002d is a minor release, released concurrently with Pine 4.56, and
contains primarily bugfixes.  Programs written for imap-2002 should build
with this version without modification, with one exception.  That exception
is the ngbogus envelope flag, which stopped being used in imap-2002c and is
now gone for good.

See RELNOTES for additional information
2003-07-28 14:38:05 +00:00
fredb
0fbd58035b Add "-ldes" for ${USE_KERBEROS}==YES case, on NetBSD-1.5* only. This
should close PR pkg/19430 and PR pkg/20491.
2003-04-10 14:56:21 +00:00
martti
4cb135fb6b Updated imap-uw to 2002.2
imap-2002b is a maintenace release, released concurrently with Pine 4.52,
and contains only bugfixes.  Programs written for imap-2002 will build with
this version without modification.

Drivers which do not announce new mail are now indicated by the DR_NONEWMAIL
driver flag.  Driver which do not announce new mail when read-only are now
indicated by the DR_NONEWMAILRONLY flag.

There are no user-visible functional enhancements in this version.
2003-01-23 07:37:15 +00:00
dmcmahill
64ee8c09ab obey CFLAGS and CPPFLAGS. Don't unconditionally add -O2. 2003-01-23 01:25:10 +00:00
tron
e0499550ce Update "imap-uw" package to version 2002.1rc1 (0212051126 snapshot of
version 2002a). This version fixes a buffer overflow described
in Cert Vulnerability Note VU#961489.
2002-12-11 12:21:21 +00:00
elric
2850ba98f6 In the previous commit, I broke the non-kerberos setup. This
occurred because gss_import_name() was segfaulting if /etc/krb5.conf
was not found.  To fix it, I swapped the krb5_init_context() and
the gss_import_name() calls, since krb5_init_context() will fail
if krb5 is not configured and I can fail appropriately.

I also changed slightly how the documentation is installed by the
main Makefile, because the ${CP} was relying on the non-existence
of the target directory.
2002-10-30 02:12:44 +00:00
elric
6ed2e8bc91 Adding GSSAPI support to this package. It is turned on by default for
NetBSD and off for everything else.
2002-10-28 22:21:14 +00:00
martti
c730e5e9e0 * Updated to 2001.1 (2001a).
* Updated buildlink.mk as the new version has some new #defines in the .h
  file (and e.g. pine won't build against the old version)


Updated: 2 November 2001

imap-2001a is a maintenance release, consisting primarily of bugfixes
including some critical bugfixes to crash and denial of service problems.
Programs written for imap-2001 will build with this version without
modification.

The following new facilities have also been added:

The new /norsh switch in mailbox names provides a more intuitive way of
disabling rsh-IMAP than the existing :143 or setting the rsh-timeout to 0.

Passwords are no longer returned in mm_dlog() callbacks unless the
application sets the SET_DEBUGSENSITIVE parameter.

The SET_NETFSSTATBUG parameter allows an application to force the
traditional UNIX mailbox driver to close and reopen the mailbox at ping
time.  This is EXTREMELY inefficient, and should only be used to access
files stored on AFS and old NFS systems.

The ISO 8859 and Windows conversion tables have been updated to comply
with Unicode 3.1, and the KOI8-R table has been verified as compliant with
Unicode 3.1.

The SPECIALS mechanism for passing parameters to the lowest level Makefile
has been updated to be more general.  See the next item for why you might
care.

New lrh port to build on Red Hat Linux 7.2, with pre-set definitions for
the places where Red Hat has placed Kerberos and SSL.  It's actually just
the lnp port with SPECIALS defined accordingly.  You may want to use it as
a model if your system needs such definitions.  Note that SPECIALS is
primarily for IMAP toolkit (and Pine) purposes, and that user settings
should use EXTRASPECIALS instead.
2001-12-15 08:30:26 +00:00
martti
7edddb5204 Updated imap-uw to 2001. Changes:
* Bugfixes
* SSL is now fully integrated into the IMAP toolkit
* Full client and server TLS support
* The server certificate must be signed by a trusted certificate authority
* RFC 1730 (IMAP4 as opposed to IMAP4rev1) support is turned off by default
  in imapd
2001-10-11 15:34:50 +00:00
jlam
18d3a2277c Convert to use buildlink.mk files and mark as USE_BUILDLINK_ONLY. 2001-06-22 03:31:51 +00:00
agc
b26a4eb88b Move to sha1 digests, and add distfile sizes. 2001-04-20 13:09:54 +00:00
agc
9e8d6c8b8d + move the distfile digest/checksum value from files/md5 to distinfo
+ move the patch digest/checksum values from files/patch-sum to distinfo
2001-04-17 11:33:31 +00:00