On Mon, 25 Nov 2024 12:40:13 +0100,
Stuart Henderson <stu@spacehopper.org> wrote:
>
> p5-Authen-SASL-Authd:
>
> s/Commulitive/Cumulative/ in patch comment, then it's ok
>
>
> ejabberd-dovecot-auth:
>
> pkg-readme fixes;
>
> -ejabeerd. Following code migth be added globally to switch all vhost to
> +ejabberd. Following code might be added globally to switch all vhosts to
> - extauth_program: ${PREFIX}/share/ejabberd-dovecot-auth/check-dovecot
> + extauth_program: ${TRUEPREFIX}/share/ejabberd-dovecot-auth/check-dovecot
>
> this does nothing useful; ${WRKINST}/${SYSCONFDIR} doesn't make it into
> the package
>
> ${INSTALL_DATA_DIR} ${WRKINST}/${SYSCONFDIR}/dovecot/conf.d
>
fixed
> "Restrictions: Username or passwords may not contain some special
> characters: $'"` nor line breaks"
>
> uh oh, that sounds very bad
>
After careful reading of dovecot prototocl and the code of both new ports...
The new restrictions are:
- Username should not contain :$'"`\00\01\t\r\n
- Password should not contain \00\01\t\r\n
it was tested with passwords like: asd$'":`!!xyz
Ok?
--
wbr, Kirill
No comments:
Post a Comment