From 28c03b4555e99da9524c697f5eba3783916050c7 Mon Sep 17 00:00:00 2001 From: Tobias Geerinckx-Rice Date: Sat, 23 Dec 2017 06:58:57 +0100 Subject: [PATCH] gnu: dovecot: Update to 2.3.0. * gnu/packages/mail.scm (dovecot): Update to 2.3.0. * gnu/services/mail.scm (dovecot-configuration)[director-doveadm-port] [ssl-parameters-regenerate]: Delete fields. [ssl-protocols]: Rename to... [ssl-min-protocol]: ...this. [mail-log-prefix, mdbox-rotate-size, ssl-cipher-list, imap-logout-format]: Update default values. * doc/guix.texi (Mail Services): Reflect the above changes to the service. --- doc/guix.texi | 29 ++++++++--------------------- gnu/packages/mail.scm | 4 ++-- gnu/services/mail.scm | 30 ++++++++++-------------------- 3 files changed, 20 insertions(+), 43 deletions(-) diff --git a/doc/guix.texi b/doc/guix.texi index b8ace68ba7..21b80a6e16 100644 --- a/doc/guix.texi +++ b/doc/guix.texi @@ -13072,13 +13072,6 @@ has any connections. Defaults to @samp{"15 min"}. @end deftypevr -@deftypevr {@code{dovecot-configuration} parameter} non-negative-integer director-doveadm-port -TCP/IP port that accepts doveadm connections (instead of director -connections) If you enable this, you'll also need to add -@samp{inet-listener} for the port. -Defaults to @samp{0}. -@end deftypevr - @deftypevr {@code{dovecot-configuration} parameter} string director-username-hash How the username is translated before being hashed. Useful values include %Ln if user can log in with or without @@domain, %Ld if mailboxes @@ -13171,7 +13164,7 @@ Defaults to @samp{"%$: %s"}. @deftypevr {@code{dovecot-configuration} parameter} string mail-log-prefix Log prefix for mail processes. See doc/wiki/Variables.txt for list of possible variables you can use. -Defaults to @samp{"\"%s(%u): \""}. +Defaults to @samp{"\"%s(%u)<%{pid}><%{session}>: \""}. @end deftypevr @deftypevr {@code{dovecot-configuration} parameter} string deliver-log-format @@ -13516,7 +13509,7 @@ Defaults to @samp{0}. @deftypevr {@code{dovecot-configuration} parameter} non-negative-integer mdbox-rotate-size Maximum dbox file size until it's rotated. -Defaults to @samp{2000000}. +Defaults to @samp{10000000}. @end deftypevr @deftypevr {@code{dovecot-configuration} parameter} string mdbox-rotate-interval @@ -13654,21 +13647,14 @@ x500UniqueIdentifier are the usual choices. You'll also need to set Defaults to @samp{"commonName"}. @end deftypevr -@deftypevr {@code{dovecot-configuration} parameter} hours ssl-parameters-regenerate -How often to regenerate the SSL parameters file. Generation is -quite CPU intensive operation. The value is in hours, 0 disables -regeneration entirely. -Defaults to @samp{168}. -@end deftypevr - -@deftypevr {@code{dovecot-configuration} parameter} string ssl-protocols -SSL protocols to use. -Defaults to @samp{"!SSLv2"}. +@deftypevr {@code{dovecot-configuration} parameter} string ssl-min-protocol +Minimum SSL protocol version to accept. +Defaults to @samp{"TLSv1"}. @end deftypevr @deftypevr {@code{dovecot-configuration} parameter} string ssl-cipher-list SSL ciphers to use. -Defaults to @samp{"ALL:!LOW:!SSLv2:!EXP:!aNULL"}. +Defaults to @samp{"ALL:!kRSA:!SRP:!kDHd:!DSS:!aNULL:!eNULL:!EXPORT:!DES:!3DES:!MD5:!PSK:!RC4:!ADH:!LOW@@STRENGTH"}. @end deftypevr @deftypevr {@code{dovecot-configuration} parameter} string ssl-crypto-device @@ -13770,7 +13756,8 @@ total number of bytes read from client @item %o total number of bytes sent to client. @end table -Defaults to @samp{"in=%i out=%o"}. +See @file{doc/wiki/Variables.txt} for a list of all the variables you can use. +Defaults to @samp{"in=%i out=%o deleted=%{deleted} expunged=%{expunged} trashed=%{trashed} hdr_count=%{fetch_hdr_count} hdr_bytes=%{fetch_hdr_bytes} body_count=%{fetch_body_count} body_bytes=%{fetch_body_bytes}"}. @end deftypevr @deftypevr {@code{dovecot-configuration} parameter} string imap-capability diff --git a/gnu/packages/mail.scm b/gnu/packages/mail.scm index 6aedcf7c3a..3cfa7baebd 100644 --- a/gnu/packages/mail.scm +++ b/gnu/packages/mail.scm @@ -1137,7 +1137,7 @@ (define-public exim (define-public dovecot (package (name "dovecot") - (version "2.2.33.2") + (version "2.3.0") (source (origin (method url-fetch) @@ -1145,7 +1145,7 @@ (define-public dovecot (version-major+minor version) "/" name "-" version ".tar.gz")) (sha256 (base32 - "117f9i62liz2pm96zi2lpldzlj2knzj7g410zhifwmlsc1w3n7py")))) + "10c5myzgys866c3x6jdr1s9x9pqnjd5vpyz8z384sph21m3wnq6y")))) (build-system gnu-build-system) (native-inputs `(("pkg-config" ,pkg-config))) diff --git a/gnu/services/mail.scm b/gnu/services/mail.scm index 6305f06f85..ab90942739 100644 --- a/gnu/services/mail.scm +++ b/gnu/services/mail.scm @@ -2,6 +2,7 @@ ;;; Copyright © 2015 Andy Wingo ;;; Copyright © 2017 Clément Lassieur ;;; Copyright © 2017 Carlo Zancanaro +;;; Copyright © 2017 Tobias Geerinckx-Rice ;;; ;;; This file is part of GNU Guix. ;;; @@ -745,12 +746,6 @@ (define-configuration dovecot-configuration "How long to redirect users to a specific server after it no longer has any connections.") - (director-doveadm-port - (non-negative-integer 0) - "TCP/IP port that accepts doveadm connections (instead of director -connections) If you enable this, you'll also need to add -@samp{inet-listener} for the port.") - (director-username-hash (string "%Lu") "How the username is translated before being hashed. Useful values @@ -831,7 +826,7 @@ (define-configuration dovecot-configuration string, %$ contains the data we want to log.") (mail-log-prefix - (string "\"%s(%u): \"") + (string "\"%s(%u)<%{pid}><%{session}>: \"") "Log prefix for mail processes. See doc/wiki/Variables.txt for list of possible variables you can use.") @@ -1145,7 +1140,7 @@ (define-configuration dovecot-configuration updated.") (mdbox-rotate-size - (non-negative-integer #e2e6) + (non-negative-integer #e10e6) "Maximum dbox file size until it's rotated.") (mdbox-rotate-interval @@ -1262,18 +1257,12 @@ (define-configuration dovecot-configuration x500UniqueIdentifier are the usual choices. You'll also need to set @samp{auth-ssl-username-from-cert? #t}.") - (ssl-parameters-regenerate - (hours 168) - "How often to regenerate the SSL parameters file. Generation is -quite CPU intensive operation. The value is in hours, 0 disables -regeneration entirely.") - - (ssl-protocols - (string "!SSLv2") - "SSL protocols to use.") + (ssl-min-protocol + (string "TLSv1") + "Minimum SSL protocol version to accept.") (ssl-cipher-list - (string "ALL:!LOW:!SSLv2:!EXP:!aNULL") + (string "ALL:!kRSA:!SRP:!kDHd:!DSS:!aNULL:!eNULL:!EXPORT:!DES:!3DES:!MD5:!PSK:!RC4:!ADH:!LOW@STRENGTH") "SSL ciphers to use.") (ssl-crypto-device @@ -1356,14 +1345,15 @@ (define-configuration dovecot-configuration often.") (imap-logout-format - (string "in=%i out=%o") + (string "in=%i out=%o deleted=%{deleted} expunged=%{expunged} trashed=%{trashed} hdr_count=%{fetch_hdr_count} hdr_bytes=%{fetch_hdr_bytes} body_count=%{fetch_body_count} body_bytes=%{fetch_body_bytes}") "IMAP logout format string: @table @code @item %i total number of bytes read from client @item %o total number of bytes sent to client. -@end table") +@end table +See @file{doc/wiki/Variables.txt} for a list of all the variables you can use.") (imap-capability (string "")