guix-patches
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

bug#25898: [PATCH 1/2] gnu: Add dovecot-trees.

From: Ludovic Courtès
Subject: bug#25898: [PATCH 1/2] gnu: Add dovecot-trees.
Date: Tue, 14 Mar 2017 10:20:47 +0100
User-agent: Gnus/5.13 (Gnus v5.13) Emacs/25.1 (gnu/linux) 
address@hidden skribis:

> From: ng0 <address@hidden>
>
> * gnu/packages/mail.scm (dovecot-trees): New variable.

[...]

> +(define-public dovecot-trees
> +  (let ((commit "006059c8a47d68f14f73c09743e45b9a73014dbf")
> +        (revision "1"))
> +    (package
> +      (name "dovecot-trees")
> +      (version (string-append "2.0.0-" revision "." (string-take commit 7)))

In general there should be a comment explaining why we’re not using a
release.

> +           (replace 'install
> +             (lambda* (#:key outputs #:allow-other-keys)
> +               (let* ((out (assoc-ref outputs "out"))
> +                      (dovemod (string-append out "/lib/dovecot/modules")))
> +                 (install-file "src/.libs/lib18_trees_plugin.so"
> +                               dovemod)
> +                 #t))))))

I’ve removed this phase because it’s incorrect (it skips the relinking
stage for this .so) and unnecessary anyway (“make install” does the
right thing.)

> +      (description
> +       "@defn{Technology for Resting Email Encrypted Storage} (TREES) is a
> +NaCL-based @code{Dovecot} encryption plugin.
> +This plugin adds individually encrypted mail storage to the @code{Dovecot}
> +IMAP server.  It is inspired by Posteo's @code{scrambler} which uses
> +OpenSSL and RSA keypairs.  @code{TREES} works in a similar way, but uses
> +the @code{Sodium} crypto library (based on NaCL).
> +
> +How it works:
> address@hidden
> address@hidden On IMAP log in, the user's cleartext password is passed to the 
> plugin.
> address@hidden The plugin creates an argon2 digest from the password.
> address@hidden This password digest is used as a symmetric secret to decrypt 
> a libsodium secretbox.
> address@hidden Inside the secretbox is stored a Curve25519 private key.
> address@hidden The Curve25519 private key is used to decrypt each individual 
> message, using lidsodium sealed boxes.
> address@hidden New mail is encrypted as it arrives using the Curve25519 
> public key.
> address@hidden enumerate\n")

I’ve removed some of the @code here: @code is for code, identifiers,
etc., but not for proper nouns such as Dovecot.

Applied, thanks!

Ludo’.
reply via email to
[Prev in Thread] Current Thread [Next in Thread]