diff options
Diffstat (limited to 'dev-libs/cyrus-sasl')
-rw-r--r-- | dev-libs/cyrus-sasl/ChangeLog | 10 | ||||
-rw-r--r-- | dev-libs/cyrus-sasl/Manifest | 56 | ||||
-rw-r--r-- | dev-libs/cyrus-sasl/cyrus-sasl-2.1.20-r2.ebuild | 271 | ||||
-rw-r--r-- | dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.19-checkpw.c.patch | 170 | ||||
-rw-r--r-- | dev-libs/cyrus-sasl/files/cyrus-sasl-ntlm_impl-spnego.patch.gz | bin | 0 -> 7430 bytes | |||
-rw-r--r-- | dev-libs/cyrus-sasl/files/digest-cyrus-sasl-2.1.20-r2 | 1 |
6 files changed, 481 insertions, 27 deletions
diff --git a/dev-libs/cyrus-sasl/ChangeLog b/dev-libs/cyrus-sasl/ChangeLog index b261f767e6ba..6bbdf3290705 100644 --- a/dev-libs/cyrus-sasl/ChangeLog +++ b/dev-libs/cyrus-sasl/ChangeLog @@ -1,6 +1,14 @@ # ChangeLog for dev-libs/cyrus-sasl # Copyright 2002-2005 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/dev-libs/cyrus-sasl/ChangeLog,v 1.112 2005/02/06 21:25:28 kumba Exp $ +# $Header: /var/cvsroot/gentoo-x86/dev-libs/cyrus-sasl/ChangeLog,v 1.113 2005/02/15 19:36:27 ferdy Exp $ + +*cyrus-sasl-2.1.20-r2 (15 Feb 2005) + + 15 Feb 2005; Fernando J. Pereda <ferdy@gentoo.org> + +files/cyrus-sasl-2.1.19-checkpw.c.patch, + +files/cyrus-sasl-ntlm_impl-spnego.patch.gz, +cyrus-sasl-2.1.20-r2.ebuild: + Fix bugs #46038,#45181,#81970,#81342. Adding urandom,srp,crypt and + ntlm_unsupported_patch use flags and its patches. 06 Feb 2005; Joshua Kinard <kumba@gentoo.org> cyrus-sasl-2.1.20.ebuild: Marked stable on mips. diff --git a/dev-libs/cyrus-sasl/Manifest b/dev-libs/cyrus-sasl/Manifest index 41da8a0178a5..3d49b888a76f 100644 --- a/dev-libs/cyrus-sasl/Manifest +++ b/dev-libs/cyrus-sasl/Manifest @@ -1,40 +1,44 @@ -MD5 ebb4ace72480f1d0739fa619b8b28917 ChangeLog 20018 MD5 04c0b54fe6928e86aef07b627b88765f cyrus-sasl-2.1.18-r2.ebuild 5430 MD5 54f2bd76be47e4beec9b53b237d0e44f cyrus-sasl-2.1.19-r1.ebuild 7161 +MD5 83ab2752379073067bd4cc299aef6464 cyrus-sasl-2.1.20-r2.ebuild 9031 MD5 bba00f641b9c816375ce3571c3d8e3d1 cyrus-sasl-2.1.20-r1.ebuild 8556 -MD5 00be13f87e77be65152a9ad02d73ed94 cyrus-sasl-2.1.20.ebuild 7351 +MD5 18b76c88cd06a84927d875a470d53768 ChangeLog 20351 MD5 5721b86fd871bdfab77231abc6e02f68 metadata.xml 161 -MD5 b398dd3696347604a52a40bf1a77291b files/2.1.14-db4.patch 2032 -MD5 a445d25ebbdf18b372340d4643736941 files/2.1.14-kerberos.patch 1148 -MD5 72c9252fd0ccb3fc369c60ec233f4218 files/2.1.14-mysql.patch 730 -MD5 4c6ffed2ba584f75a0c948250f7a11b7 files/cyrus-sasl-1.5.21-des.patch 242 +MD5 00be13f87e77be65152a9ad02d73ed94 cyrus-sasl-2.1.20.ebuild 7351 +MD5 a3a8fcefa0874e1fb97787a034880d9f files/cyrus-sasl-ntlm_impl-spnego.patch.gz 7430 MD5 5d8f83e453b4f7dff5eeee74335de870 files/cyrus-sasl-1.5.24-rpath.patch 448 -MD5 5f96ab675ae2ff1da8e0ee4503340df5 files/cyrus-sasl-1.5.27-scram.patch 480 -MD5 397ec1b24d4efe6efafa4782ba0f3493 files/cyrus-sasl-2.1.17-configdir.patch 8095 -MD5 cb4a5c5160219818e04196847ba9f7a1 files/cyrus-sasl-2.1.17-db4.patch 1451 -MD5 b9ab0670db5b9b5a74de379c18e5370d files/cyrus-sasl-2.1.17-pgsql-include.patch 617 -MD5 e8b9357dba2bde4dac0b1cf38d5942eb files/cyrus-sasl-2.1.18-cvs-1.172.patch 5056 -MD5 13c15e58d2fa734adeb718e4e3dea757 files/cyrus-sasl-2.1.18-db4.patch 1604 -MD5 d6cb936d23646d9e5312d63d08f6f563 files/cyrus-sasl-2.1.18-pam_mysql.patch 1388 -MD5 4a80034f8ee3149c898aab4492d9cff8 files/cyrus-sasl-2.1.18-sasl-path-fix.patch 529 -MD5 4144a6962acfd7983cc292259375149d files/cyrus-sasl-2.1.19-configdir.patch 8231 -MD5 4a80034f8ee3149c898aab4492d9cff8 files/cyrus-sasl-2.1.19-sasl-path-fix.patch 529 MD5 4144a6962acfd7983cc292259375149d files/cyrus-sasl-2.1.20-configdir.patch 8231 -MD5 f8ad054201be2531b337375299c4c39b files/cyrus-sasl-2.1.20-gcc4.patch 462 -MD5 75aaabf38cf470bae9a928a334c3cb59 files/cyrus-sasl-configdir.patch 8510 -MD5 228579b200f0a570f9c02d222f400672 files/cyrus-sasl-gcc32.patch 426 -MD5 692a355142b7cfb937cd8a3a655c0310 files/cyrus-sasl-heimdal-deps.patch 624 -MD5 9a317f7aa562936a829574f63aefce15 files/cyrus-sasl-saslauthd.patch 4938 +MD5 13c15e58d2fa734adeb718e4e3dea757 files/cyrus-sasl-2.1.18-db4.patch 1604 MD5 fcf540108971d5aaa0bbfba381971ca7 files/digest-cyrus-sasl-2.1.18-r2 70 MD5 d6d8b3c7c3a2aacf656f970a043d3158 files/digest-cyrus-sasl-2.1.19-r1 70 -MD5 c355c365d74408c00cdaa25beea6d4f7 files/digest-cyrus-sasl-2.1.20 70 MD5 c355c365d74408c00cdaa25beea6d4f7 files/digest-cyrus-sasl-2.1.20-r1 70 -MD5 bc046561db59ed3f4d0cc417b099c2f9 files/java.README.gentoo 934 -MD5 ba1fb0a42418f5a5bcf2577fb27a136e files/pwcheck.rc6 540 +MD5 c355c365d74408c00cdaa25beea6d4f7 files/digest-cyrus-sasl-2.1.20-r2 70 +MD5 4a80034f8ee3149c898aab4492d9cff8 files/cyrus-sasl-2.1.18-sasl-path-fix.patch 529 +MD5 fc0d11e115e65597419803dad9727aa8 files/saslauthd2.conf 752 +MD5 f8ad054201be2531b337375299c4c39b files/cyrus-sasl-2.1.20-gcc4.patch 462 +MD5 d6cb936d23646d9e5312d63d08f6f563 files/cyrus-sasl-2.1.18-pam_mysql.patch 1388 +MD5 5f96ab675ae2ff1da8e0ee4503340df5 files/cyrus-sasl-1.5.27-scram.patch 480 +MD5 4c6ffed2ba584f75a0c948250f7a11b7 files/cyrus-sasl-1.5.21-des.patch 242 +MD5 72c9252fd0ccb3fc369c60ec233f4218 files/2.1.14-mysql.patch 730 +MD5 a445d25ebbdf18b372340d4643736941 files/2.1.14-kerberos.patch 1148 +MD5 b9ab0670db5b9b5a74de379c18e5370d files/cyrus-sasl-2.1.17-pgsql-include.patch 617 MD5 52645b3330ddad9ce06f2a0eebb8d345 files/saslauthd-2.1.19.conf 906 MD5 41c1024f02bc0725406a23eeff93edd5 files/saslauthd-2.1.20.conf 906 -MD5 a46ddb41677b9b08046d193d9db8a4bb files/saslauthd.conf 890 +MD5 cb4a5c5160219818e04196847ba9f7a1 files/cyrus-sasl-2.1.17-db4.patch 1451 MD5 7b24e99c21a5924543fe82cd82a1d741 files/saslauthd.pam 223 MD5 c38995773eff23cf7f05b23fe7fba6d3 files/saslauthd.rc6 525 -MD5 fc0d11e115e65597419803dad9727aa8 files/saslauthd2.conf 752 +MD5 4144a6962acfd7983cc292259375149d files/cyrus-sasl-2.1.19-configdir.patch 8231 +MD5 bc046561db59ed3f4d0cc417b099c2f9 files/java.README.gentoo 934 +MD5 228579b200f0a570f9c02d222f400672 files/cyrus-sasl-gcc32.patch 426 +MD5 ba1fb0a42418f5a5bcf2577fb27a136e files/pwcheck.rc6 540 +MD5 e27ddff076342e7a3041c4759817d04b files/cyrus-sasl-2.1.19-checkpw.c.patch 4858 +MD5 4a80034f8ee3149c898aab4492d9cff8 files/cyrus-sasl-2.1.19-sasl-path-fix.patch 529 MD5 5d79108b7b67bd3af315e3142023fef5 files/saslauthd2.rc6 527 +MD5 a46ddb41677b9b08046d193d9db8a4bb files/saslauthd.conf 890 +MD5 9a317f7aa562936a829574f63aefce15 files/cyrus-sasl-saslauthd.patch 4938 +MD5 b398dd3696347604a52a40bf1a77291b files/2.1.14-db4.patch 2032 +MD5 75aaabf38cf470bae9a928a334c3cb59 files/cyrus-sasl-configdir.patch 8510 +MD5 692a355142b7cfb937cd8a3a655c0310 files/cyrus-sasl-heimdal-deps.patch 624 +MD5 397ec1b24d4efe6efafa4782ba0f3493 files/cyrus-sasl-2.1.17-configdir.patch 8095 +MD5 e8b9357dba2bde4dac0b1cf38d5942eb files/cyrus-sasl-2.1.18-cvs-1.172.patch 5056 +MD5 c355c365d74408c00cdaa25beea6d4f7 files/digest-cyrus-sasl-2.1.20 70 diff --git a/dev-libs/cyrus-sasl/cyrus-sasl-2.1.20-r2.ebuild b/dev-libs/cyrus-sasl/cyrus-sasl-2.1.20-r2.ebuild new file mode 100644 index 000000000000..1cff3f7f4c32 --- /dev/null +++ b/dev-libs/cyrus-sasl/cyrus-sasl-2.1.20-r2.ebuild @@ -0,0 +1,271 @@ +# Copyright 1999-2005 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/dev-libs/cyrus-sasl/cyrus-sasl-2.1.20-r2.ebuild,v 1.1 2005/02/15 19:36:27 ferdy Exp $ + +inherit eutils gnuconfig flag-o-matic java-pkg + +DESCRIPTION="The Cyrus SASL (Simple Authentication and Security Layer)" +HOMEPAGE="http://asg.web.cmu.edu/sasl/" +SRC_URI="ftp://ftp.andrew.cmu.edu/pub/cyrus-mail/${P}.tar.gz" + +LICENSE="as-is" +SLOT="2" +KEYWORDS="~x86 ~ppc ~sparc ~mips ~alpha ~arm ~hppa ~amd64 ~ia64 ~s390 ~ppc64" +IUSE="berkdb crypt gdbm ldap mysql postgres kerberos static ssl java pam + authdaemond sample urandom srp ntlm_unsupported_patch" + +RDEPEND="virtual/libc + berkdb? ( >=sys-libs/db-3.2 ) + gdbm? ( >=sys-libs/gdbm-1.8.0 ) + ldap? ( >=net-nds/openldap-2.0.25 ) + mysql? ( >=dev-db/mysql-3.23.51 ) + postgres? ( >=dev-db/postgresql-7.2 ) + pam? ( >=sys-libs/pam-0.75 ) + ssl? ( >=dev-libs/openssl-0.9.6d ) + kerberos? ( virtual/krb5 ) + authdaemond? ( + || ( + >=net-mail/courier-imap-3.0.7 + >=mail-mta/courier-0.46 + )) + java? ( virtual/jdk )" +DEPEND="${RDEPEND} + >=sys-apps/sed-4 + >=sys-devel/autoconf-2.58 + sys-devel/automake + sys-devel/libtool" + +pkg_setup() { + + if use gdbm && use berkdb; then + echo + ewarn "You have both \"gdbm\" and \"berkdb\" in your USE flags." + ewarn "Will default to GNU DB as your SASLdb database backend." + ewarn "If you want to build with Berkeley DB support; hit Control-C now." + ewarn "Change your USE flag -gdbm and emerge again." + echo + has_version ">=sys-apps/portage-2.0.50" && ( + einfo "It would be best practice to add the set of USE flags that you use for this" + einfo "package to the file: /etc/portage/package.use. Example:" + einfo "\`echo \"dev-libs/cyrus-sasl -gdbm berkdb\" >> /etc/portage/package.use\`" + einfo "to build cyrus-sasl with Berkeley database as your SASLdb backend." + ) + echo + ewarn "Waiting 10 seconds before starting..." + ewarn "(Control-C to abort)..." + epause 10 + fi + + echo + einfo "This version include a "-r" option for saslauthd to instruct it to reassemble" + einfo "realm and username into a username of "user@realm" form." + echo + einfo "If you are still using postfix->sasl->saslauthd->pam->mysql for" + einfo "authentication, please edit /etc/conf.d/saslauthd to read:" + einfo "SASLAUTHD_OPTS=\"\${SASLAUTH_MECH} -a pam -r\"" + einfo "Don't forget to restart the service: \`/etc/init.d/saslauthd restart\`." + echo + einfo "Pause 10 seconds before continuing." + epause 10 +} + +src_unpack() { + unpack ${A} && cd "${S}" + + + # Fix default port name for rimap auth mechanism. + sed -e '/define DEFAULT_REMOTE_SERVICE/s:imap:imap2:' \ + -i saslauthd/auth_rimap.c || die "sed failed" + + # DB4 detection and versioned symbols. + # Fixed upstream. + # epatch "${FILESDIR}/cyrus-sasl-2.1.18-db4.patch" + + # Add configdir support. + epatch "${FILESDIR}/${P}-configdir.patch" + + # Fix include path for newer PostgreSQL versions. + epatch "${FILESDIR}/cyrus-sasl-2.1.17-pgsql-include.patch" + + # Add setuid/setgid check for SASL_PATH + # Fixed upstream. + # epatch "${FILESDIR}/${P}-sasl-path-fix.patch" + + # Fix for gcc-4.0 + epatch "${FILESDIR}/${P}-gcc4.patch" + + # UNSUPPORTED ntlm patch. Bug #81342 + use ntlm_unsupported_patch && \ + epatch "${FILESDIR}/cyrus-sasl-ntlm_impl-spnego.patch.gz" + + # Recreate configure. + export WANT_AUTOCONF="2.5" + rm -rf configure config.h.in autom4te.cache + ebegin "Recreating configure" + aclocal -I cmulocal -I config && autoheader && autoconf || \ + die "recreate configure failed" + eend $? + + # Sypport for crypted passwords. Bug #45181 + use crypt && epatch "${FILESDIR}/cyrus-sasl-2.1.19-checkpw.c.patch" +} + +src_compile() { + local myconf="--enable-login --enable-ntlm --disable-krb4 --disable-otp" + myconf="${myconf} `use_enable static`" + myconf="${myconf} `use_with ssl openssl`" + myconf="${myconf} `use_with pam`" + myconf="${myconf} `use_with ldap`" + myconf="${myconf} `use_enable sample`" + myconf="${myconf} `use_enable kerberos gssapi`" + myconf="${myconf} `use_with mysql` `use_enable mysql`" + myconf="${myconf} `use_with postgres pgsql` `use_enable postgres`" + # Add use srp. Bug #81970. + myconf="${myconf} `use_enable srp`" + myconf="${myconf} `use_enable java` `use_with java javahome ${JAVA_HOME}`" + # bug #56523. add authdaemond support. + myconf="${myconf} `use_with authdaemond`" + + # fix for bug #59634. langthang 20040810. + if ! use ssl; then + myconf="${myconf} --without-des" + fi + + if use mysql || use postgres ; then + myconf="${myconf} --enable-sql" + else + myconf="${myconf} --disable-sql" + fi + + # default to GDBM if both 'gdbm' and 'berkdb' present. + if use gdbm; then + einfo "build with GNU DB as database backend for your SASLdb." + myconf="${myconf} --with-dblib=gdbm" + elif use berkdb ; then + einfo "build with Berkeley DB as database backend for your SASLdb." + myconf="${myconf} --with-dblib=berkeley" + else + einfo "build without SASLdb support" + myconf="${myconf} --with-dblib=none" + fi + + # Use /dev/urandom instead of /dev/random. Bug #46038 + use urandom && myconf="${myconf} --with-devrandom=/dev/urandom" + + # Detect mips systems properly. + gnuconfig_update + + econf \ + --with-saslauthd=/var/lib/sasl2 \ + --with-pwcheck=/var/lib/sasl2 \ + --with-configdir=/etc/sasl2 \ + --with-plugindir=/usr/lib/sasl2 \ + --with-dbpath=/etc/sasl2/sasldb2 \ + ${myconf} || die "econf failed" + + # Fix PEBCAK in make.conf. Bug #75538. + CFLAGS="$(echo ${CFLAGS} | xargs)" + CXXFLAGS="$(echo ${CXXFLAGS} | xargs)" + LDFLAGS="$(echo ${LDFLAGS} | xargs)" + + # Parallel build doesn't work. + # Parallel build doesn't like distcc/ccache? Bug #78643. + if has distcc $FEATURES || has ccache $FEATURES; then + einfo "You have \"distcc\" or \"ccache\" enabled" + einfo "build with MAKEOPTS=-j1" + emake -j1 || die "compile problem" + else + einfo "build with MAKEOPTS=$MAKEOPTS" + emake || die "compile problem" + fi + + # Bug #60769. Default location for java classes breaks OpenOffice. + # Thanks to axxo@gentoo.org for the solution. + cd "${S}" + if use java; then + jar -cvf ${PN}.jar -C java $(find java -name "*.class") + fi + + # Bug #58768. Add testsaslauthd. + cd "${S}/saslauthd" + emake testsaslauthd || die "failed to make" +} + +src_install () { + #einstall + make DESTDIR=${D} install || die "failed to install." + keepdir /var/lib/sasl2 /etc/sasl2 + + # Install everything necessary so user can build sample client/server + # (bug #64733) + if use sample; then + insinto /usr/share/${PN}-2/examples + doins aclocal.m4 config.h config.status configure.in + dosym /usr/include/sasl /usr/share/${PN}-2/examples/include + exeinto /usr/share/${PN}-2/examples + doexe libtool + insinto /usr/share/${PN}-2/examples/sample + doins sample/*.{c,h} sample/*Makefile* + insinto /usr/share/${PN}-2/examples/sample/.deps + doins sample/.deps/* + dodir /usr/share/${PN}-2/examples/lib + dosym /usr/lib/libsasl2.la /usr/share/${PN}-2/examples/lib/libsasl2.la + dodir /usr/share/${PN}-2/examples/lib/.libs + dosym /usr/lib/libsasl2.so /usr/share/${PN}-2/examples/lib/.libs/libsasl2.so + fi + + # Bug #60769. Default location for java classes breaks OpenOffice. + if use java; then + java-pkg_dojar ${PN}.jar + #hackish, don't wanna dig though makefile + rm -rf ${D}/usr/lib/java + docinto java + dodoc ${S}/java/README ${FILESDIR}/java.README.gentoo ${S}/java/doc/* + mkdir ${D}/usr/share/doc/${PF}/java/Test/ \ + || die "failed to create ${D}/usr/share/doc/${PF}/java/Test/" + cp ${S}/java/Test/*.java ${D}/usr/share/doc/${PF}/java/Test/ \ + || die "failed to copy java files to ${D}/usr/share/doc/${PF}/java/Test/" + fi + + # Generate an empty sasldb2 with correct permissions. + LD_OLD="${LD_LIBRARY_PATH}" + export LD_LIBRARY_PATH="${D}/usr/lib" SASL_PATH="${D}/usr/lib/sasl2" + echo "p" | "${D}/usr/sbin/saslpasswd2" -f "${D}/etc/sasl2/sasldb2" -p login + "${D}/usr/sbin/saslpasswd2" -f "${D}/etc/sasl2/sasldb2" -d login + export LD_LIBRARY_PATH="${LD_OLD}" + chown root:mail "${D}/etc/sasl2/sasldb2" + chmod 0640 "${D}/etc/sasl2/sasldb2" + + docinto "" + dodoc AUTHORS COPYING ChangeLog NEWS README doc/TODO doc/*.txt + newdoc pwcheck/README README.pwcheck + dohtml doc/*.html + + docinto saslauthd + dodoc saslauthd/{AUTHORS,COPYING,ChangeLog,LDAP_SASLAUTHD,NEWS,README} + + if use pam ; then + insinto /etc/pam.d + newins "${FILESDIR}/saslauthd.pam" saslauthd + fi + + exeinto /etc/init.d + newexe "${FILESDIR}/pwcheck.rc6" pwcheck || \ + die "failed to \"newexe\" pwdcheck to /etc/init.d" + newexe "${FILESDIR}/saslauthd2.rc6" saslauthd || \ + die "failed to \"newexe\" saslauthd to /etc/init.d" + insinto /etc/conf.d + newins "${FILESDIR}/saslauthd-${PV}.conf" saslauthd || \ + die "failed to install /etc/conf/saslauthd." + exeinto ${ROOT}/usr/sbin + newexe "${S}/saslauthd/testsaslauthd" testsaslauthd || \ + die "failed to install testsaslauthd." +} + +pkg_postinst () { + if use sample; then + einfo "You have chosen to install sources for example client and server." + einfo "To build these, please type:" + einfo "\tcd /usr/share/${PN}-2/examples/sample && make" + fi +} diff --git a/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.19-checkpw.c.patch b/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.19-checkpw.c.patch new file mode 100644 index 000000000000..f7bf44b79416 --- /dev/null +++ b/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.19-checkpw.c.patch @@ -0,0 +1,170 @@ +diff -ur ../cyrus-sasl-2.1.19.orig/lib/Makefile.in ./lib/Makefile.in +--- ../cyrus-sasl-2.1.19.orig/lib/Makefile.in 2004-07-02 21:40:15.000000000 +0200 ++++ ./lib/Makefile.in 2004-09-07 13:21:22.746680576 +0200 +@@ -120,7 +120,7 @@ + JAVA_TRUE = @JAVA_TRUE@ + LDFLAGS = @LDFLAGS@ + LIBOBJS = @LIBOBJS@ +-LIBS = @LIBS@ ++LIBS = -lcrypt @LIBS@ + LIBTOOL = @LIBTOOL@ + LIB_CRYPT = @LIB_CRYPT@ + LIB_DES = @LIB_DES@ +diff -ur ../cyrus-sasl-2.1.19.orig/lib/checkpw.c ./lib/checkpw.c +--- ../cyrus-sasl-2.1.19.orig/lib/checkpw.c 2004-03-17 14:58:13.000000000 +0100 ++++ ./lib/checkpw.c 2004-09-07 13:21:12.645916147 +0200 +@@ -94,6 +94,23 @@ + # endif + #endif + ++/****************************** ++ * crypt(3) patch start * ++ ******************************/ ++char *crypt(const char *key, const char *salt); ++ ++/* cleartext password formats */ ++#define PASSWORD_FORMAT_CLEARTEXT 1 ++#define PASSWORD_FORMAT_CRYPT 2 ++#define PASSWORD_FORMAT_CRYPTTRAD 3 ++#define PASSWORD_SALT_BUF_LEN 22 ++ ++/* weeds out crypt(3) password's salt */ ++int _sasl_get_salt (char *dest, char *src, int format); ++ ++/****************************** ++ * crypt(3) patch stop * ++ ******************************/ + + /* we store the following secret to check plaintext passwords: + * +@@ -143,7 +160,51 @@ + "*cmusaslsecretPLAIN", + NULL }; + struct propval auxprop_values[3]; +- ++ ++ /****************************** ++ * crypt(3) patch start * ++ * for password format check * ++ ******************************/ ++ sasl_getopt_t *getopt; ++ void *context; ++ const char *p = NULL; ++ /** ++ * MD5: 12 char salt ++ * BLOWFISH: 16 char salt ++ */ ++ char salt[PASSWORD_SALT_BUF_LEN]; ++ int password_format; ++ ++ /* get password format from auxprop configuration */ ++ if (_sasl_getcallback(conn, SASL_CB_GETOPT, &getopt, &context) == SASL_OK) { ++ getopt(context, NULL, "password_format", &p, NULL); ++ } ++ ++ /* set password format */ ++ if (p) { ++ /* ++ memset(pass_format_str, '\0', PASSWORD_FORMAT_STR_LEN); ++ strncpy(pass_format_str, p, (PASSWORD_FORMAT_STR_LEN - 1)); ++ */ ++ /* modern, modular crypt(3) */ ++ if (strncmp(p, "crypt", 11) == 0) ++ password_format = PASSWORD_FORMAT_CRYPT; ++ /* traditional crypt(3) */ ++ else if (strncmp(p, "crypt_trad", 11) == 0) ++ password_format = PASSWORD_FORMAT_CRYPTTRAD; ++ /* cleartext password */ ++ else ++ password_format = PASSWORD_FORMAT_CLEARTEXT; ++ } else { ++ /* cleartext password */ ++ password_format = PASSWORD_FORMAT_CLEARTEXT; ++ } ++ ++ /****************************** ++ * crypt(3) patch stop * ++ * for password format check * ++ ******************************/ ++ + if (!conn || !userstr) + return SASL_BADPARAM; + +@@ -180,14 +241,31 @@ + goto done; + } + +- /* At the point this has been called, the username has been canonified +- * and we've done the auxprop lookup. This should be easy. */ +- if(auxprop_values[0].name +- && auxprop_values[0].values +- && auxprop_values[0].values[0] +- && !strcmp(auxprop_values[0].values[0], passwd)) { +- /* We have a plaintext version and it matched! */ +- return SASL_OK; ++ ++ /****************************** ++ * crypt(3) patch start * ++ ******************************/ ++ ++ /* get salt */ ++ _sasl_get_salt(salt, (char *) auxprop_values[0].values[0], password_format); ++ ++ /* crypt(3)-ed password? */ ++ if (password_format != PASSWORD_FORMAT_CLEARTEXT) { ++ /* compare password */ ++ if (auxprop_values[0].name && auxprop_values[0].values && auxprop_values[0].values[0] && strcmp(crypt(passwd, salt), auxprop_values[0].values[0]) == 0) ++ return SASL_OK; ++ else ++ ret = SASL_BADAUTH; ++ } ++ else if (password_format == PASSWORD_FORMAT_CLEARTEXT) { ++ /* compare passwords */ ++ if (auxprop_values[0].name && auxprop_values[0].values && auxprop_values[0].values[0] && strcmp(auxprop_values[0].values[0], passwd) == 0) ++ return SASL_OK; ++ else ++ ret = SASL_BADAUTH; ++ /****************************** ++ * crypt(3) patch stop * ++ ******************************/ + } else if(auxprop_values[1].name + && auxprop_values[1].values + && auxprop_values[1].values[0]) { +@@ -975,3 +1053,37 @@ + #endif + { NULL, NULL } + }; ++ ++/* weeds out crypt(3) password's salt */ ++int _sasl_get_salt (char *dest, char *src, int format) { ++ int num; /* how many characters is salt long? */ ++ switch (format) { ++ case PASSWORD_FORMAT_CRYPT: ++ /* md5 crypt */ ++ if (src[1] == '1') ++ num = 12; ++ /* blowfish crypt */ ++ else if (src[1] == '2') ++ num = (src[1] == '2' && src[2] == 'a') ? 17 : 16; ++ /* traditional crypt */ ++ else ++ num = 2; ++ break; ++ ++ case PASSWORD_FORMAT_CRYPTTRAD: ++ num = 2; ++ break; ++ ++ default: ++ return 1; ++ } ++ ++ /* destroy destination */ ++ memset(dest, '\0', (num + 1)); ++ ++ /* copy salt to destination */ ++ strncpy(dest, src, num); ++ ++ return 1; ++} ++ diff --git a/dev-libs/cyrus-sasl/files/cyrus-sasl-ntlm_impl-spnego.patch.gz b/dev-libs/cyrus-sasl/files/cyrus-sasl-ntlm_impl-spnego.patch.gz Binary files differnew file mode 100644 index 000000000000..1b9bb6849fd0 --- /dev/null +++ b/dev-libs/cyrus-sasl/files/cyrus-sasl-ntlm_impl-spnego.patch.gz diff --git a/dev-libs/cyrus-sasl/files/digest-cyrus-sasl-2.1.20-r2 b/dev-libs/cyrus-sasl/files/digest-cyrus-sasl-2.1.20-r2 new file mode 100644 index 000000000000..517d47fb2f8d --- /dev/null +++ b/dev-libs/cyrus-sasl/files/digest-cyrus-sasl-2.1.20-r2 @@ -0,0 +1 @@ +MD5 268ead27f4ac39bcfe17d9e38e0f2977 cyrus-sasl-2.1.20.tar.gz 1775163 |