head 1.2; access; symbols pkgsrc-2023Q4:1.1.0.24 pkgsrc-2023Q4-base:1.1 pkgsrc-2023Q3:1.1.0.22 pkgsrc-2023Q3-base:1.1 pkgsrc-2023Q2:1.1.0.20 pkgsrc-2023Q2-base:1.1 pkgsrc-2023Q1:1.1.0.18 pkgsrc-2023Q1-base:1.1 pkgsrc-2022Q4:1.1.0.16 pkgsrc-2022Q4-base:1.1 pkgsrc-2022Q3:1.1.0.14 pkgsrc-2022Q3-base:1.1 pkgsrc-2022Q2:1.1.0.12 pkgsrc-2022Q2-base:1.1 pkgsrc-2022Q1:1.1.0.10 pkgsrc-2022Q1-base:1.1 pkgsrc-2021Q4:1.1.0.8 pkgsrc-2021Q4-base:1.1 pkgsrc-2021Q3:1.1.0.6 pkgsrc-2021Q3-base:1.1 pkgsrc-2021Q2:1.1.0.4 pkgsrc-2021Q2-base:1.1 pkgsrc-2021Q1:1.1.0.2 pkgsrc-2021Q1-base:1.1; locks; strict; comment @# @; 1.2 date 2024.02.28.04.14.16; author schmonz; state dead; branches; next 1.1; commitid L3TVMIebUEYFz90F; 1.1 date 2021.01.15.19.50.25; author schmonz; state Exp; branches; next ; commitid eJr7D1sRfjiimRDC; desc @@ 1.2 log @bincimap: new upstream, update to 2.0.15. Changes: 2.0.15 Included logging for Operator LOGIN and display of the real auth user rather than the virtual user in the logs. Streamlined log output to be close to s/qmail's. 2.0.14 Removed gethostbyname and replaced by environment variable 'TCPLOCALHOST'. Changed default logtype to 'multilog'. 2.0.13 Logging is working now for each session at logout/disconnect/timeout. 2.0.12 CRAM-MD5 Auth should work now (given the backend allows this). Modularized auth operator for potential new methods. Improved man pages to reflect current capabilities. 2.0.11 BincInfo renamed to BincLog, added s/qmail like tags for logging. Added a LICENSE file (under ./doc). StartTLS working now after reordering reply command sequence. 2.0.10 Added CRAM-MD5 authentication. 'logged in' log includes now remote IP. 2.0.9 Added doc + man pages and finished slashpackage installation. 2.0.8 Final cleaning and integration tests. 2.0.7 Moved StartTLS support into operator-starttls.cc. 2.0.6 Added StartTLS into sesssion-initialisation-bincimap-up.cc. 2.0.5 Added operator-id.cc (RFC 2971) since Evolution requires this. 2.0.4 Removed JAIL option -> sslserver can do that as well. Trimmed log output. 2.0.3 Trimming of *.cc and *.h files. Removed StartTLS driver. 2.0.2 Integration tests successful for TLS and with new qmail-authuser. 2.0.1 Makefile working. First minor fixes. Initial working version. 2.0.0 Initial restart of Bincimap 1.3.4 without Autoconf tools. @ text @$NetBSD: patch-conf_bincimap.conf.in,v 1.1 2021/01/15 19:50:25 schmonz Exp $ By default, don't specify a cipher list, taking the OpenSSL defaults. Leave a decent commented-out list from ssl-config.mozilla.org. Let SUBST fix up users, groups, and paths. --- conf/bincimap.conf.in.orig 2005-01-05 15:53:46.000000000 +0000 +++ conf/bincimap.conf.in @@@@ -34,8 +34,8 @@@@ Authentication { //---------------------------------------------------------------------------- Security { jail path = "@@prefix@@/bin", - jail user = "nobody", - jail group = "nobody" + jail user = "@@BINCIMAP_USER@@", + jail group = "@@BINCIMAP_GROUP@@" } //---------------------------------------------------------------------------- @@@@ -100,7 +100,7 @@@@ Session { //---------------------------------------------------------------------------- SSL { - pem file = "@@sysconfdir@@/bincimap.pem", /* private key and + pem file = "/usr/share/ssl/certs/bincimap.pem",/* private key and certificate chain PEM file name */ @@@@ -108,11 +108,11 @@@@ SSL { ca file = "", /* file to use as certificate authority */ - ca path = "", /* path to search + ca path = "/usr/share/ssl/certs", /* path to search for more certificate authorities */ - cipher list = "!ADH:RC4+RSA:HIGH:MEDIUM:LOW:EXP:+SSLv2:+EXP", + //cipher list = "ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384", verify peer = "no" } @ 1.1 log @Add bincimap, an IMAP server for Maildir. Binc IMAP strives to be stable, fast, flexible, and RFC compliant. Like qmail-pop3d, it authenticates via a checkpassword program. @ text @d1 1 a1 1 $NetBSD$ @