install_update_dovecot-2.4.sh: add parameter 'maildir_broken_filename_sizes = yes' and 'auth_allow_weak_schemes = yes'.
This commit is contained in:
@ -5150,6 +5150,8 @@ if [[ $dovecot_major_version -gt 2 ]] \
|
|||||||
#
|
#
|
||||||
# mailbox_list_index
|
# mailbox_list_index
|
||||||
#
|
#
|
||||||
|
# maildir_broken_filename_sizes =
|
||||||
|
#
|
||||||
echononl " Adjusting base configurations ($(basename "${_conf_file}")).."
|
echononl " Adjusting base configurations ($(basename "${_conf_file}")).."
|
||||||
:> "${log_file}"
|
:> "${log_file}"
|
||||||
|
|
||||||
@ -5366,6 +5368,31 @@ EOF
|
|||||||
mailbox_list_index = yes
|
mailbox_list_index = yes
|
||||||
EOF
|
EOF
|
||||||
|
|
||||||
|
fi
|
||||||
|
|
||||||
|
|
||||||
|
if grep -qE '^\s*maildir_broken_filename_sizes\s*=' "${_conf_file}" ; then
|
||||||
|
replace_variable \
|
||||||
|
"maildir_broken_filename_sizes" \
|
||||||
|
"yes" \
|
||||||
|
"${_conf_file}" >> "${log_file}" 2>&1
|
||||||
|
|
||||||
|
if [[ $? -gt 0 ]] ; then
|
||||||
|
_failed=true
|
||||||
|
fi
|
||||||
|
|
||||||
|
else
|
||||||
|
cat <<EOF >> "${_conf_file}" || _failed=true
|
||||||
|
|
||||||
|
# maildir_broken_filename_sizes
|
||||||
|
#
|
||||||
|
# If enabled, Dovecot doesn't use the S=<size> in the Maildir filenames for
|
||||||
|
# getting the mail's physical size, except when recalculating Maildir++ quota.
|
||||||
|
# This can be useful in systems where a lot of the Maildir filenames have a
|
||||||
|
# broken size. The performance hit for enabling this is very small.
|
||||||
|
#maildir_broken_filename_sizes = no
|
||||||
|
maildir_broken_filename_sizes = yes
|
||||||
|
EOF
|
||||||
|
|
||||||
fi
|
fi
|
||||||
|
|
||||||
@ -6169,6 +6196,7 @@ if [[ $dovecot_major_version -gt 2 ]] \
|
|||||||
# edit /usr/local/dovecot/etc/dovecot/conf.d/10-auth.conf
|
# edit /usr/local/dovecot/etc/dovecot/conf.d/10-auth.conf
|
||||||
#
|
#
|
||||||
# auth_allow_cleartext = no
|
# auth_allow_cleartext = no
|
||||||
|
# auth_allow_weak_schemes = ys
|
||||||
# auth_username_translation = "%@"
|
# auth_username_translation = "%@"
|
||||||
# auth_mechanisms = $auth_mechanisms
|
# auth_mechanisms = $auth_mechanisms
|
||||||
# !include auth-sql.conf.ext # !! comment all other includes
|
# !include auth-sql.conf.ext # !! comment all other includes
|
||||||
@ -6189,6 +6217,31 @@ auth_allow_cleartext = no
|
|||||||
EOF
|
EOF
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
if grep -qE "^\s*auth_allow_weak_schemes\s*=" "${_conf_file}"; then
|
||||||
|
|
||||||
|
replace_variable "auth_allow_weak_schemes" "yes" "${_conf_file}" || _failed=true
|
||||||
|
|
||||||
|
else
|
||||||
|
cat <<'EOF' >> "${_conf_file}" || _failed=true
|
||||||
|
|
||||||
|
# auth_allow_weak_schemes
|
||||||
|
#
|
||||||
|
# Default no
|
||||||
|
# Value boolean
|
||||||
|
# Changes Added: 2.4.0
|
||||||
|
#
|
||||||
|
# Controls whether password schemes marked as weak are allowed to be used. See
|
||||||
|
# Password Schemes for disabled by default schemes.
|
||||||
|
#
|
||||||
|
# If enabled, will emit warning to logs. If a disabled scheme is used, an error
|
||||||
|
# is logged.
|
||||||
|
#
|
||||||
|
# Notably, any explicitly cleartext schemes (such as PLAIN), CRAM-MD5, and
|
||||||
|
# DIGEST-MD5 are not affected by this setting.
|
||||||
|
auth_allow_weak_schemes = yes
|
||||||
|
EOF
|
||||||
|
fi
|
||||||
|
|
||||||
if grep -qE "^\s*auth_username_translation\s*=" "${_conf_file}"; then
|
if grep -qE "^\s*auth_username_translation\s*=" "${_conf_file}"; then
|
||||||
|
|
||||||
replace_variable "auth_username_translation" "%@" "${_conf_file}" || _failed=true
|
replace_variable "auth_username_translation" "%@" "${_conf_file}" || _failed=true
|
||||||
|
|||||||
Reference in New Issue
Block a user