diff options
| author | V3n3RiX <venerix@redcorelinux.org> | 2017-10-09 18:53:29 +0100 |
|---|---|---|
| committer | V3n3RiX <venerix@redcorelinux.org> | 2017-10-09 18:53:29 +0100 |
| commit | 4f2d7949f03e1c198bc888f2d05f421d35c57e21 (patch) | |
| tree | ba5f07bf3f9d22d82e54a462313f5d244036c768 /dev-libs/cyrus-sasl | |
reinit the tree, so we can have metadata
Diffstat (limited to 'dev-libs/cyrus-sasl')
28 files changed, 1494 insertions, 0 deletions
diff --git a/dev-libs/cyrus-sasl/Manifest b/dev-libs/cyrus-sasl/Manifest new file mode 100644 index 000000000000..d488dff7de94 --- /dev/null +++ b/dev-libs/cyrus-sasl/Manifest @@ -0,0 +1,30 @@ +AUX cyrus-sasl-2.1.23-gss_c_nt_hostbased_service.patch 782 SHA256 672fce3a1b0a45f7e91e8ed8aaad953b70118f74cf10bfb966aa65d052017b0f SHA512 524b199559b5f8f363f12bd1dd677f3354eacb68e88fa43ab8dd227465121c00841ce48ce01ba7e9e64629d5871418ed424d0c9bdda6895914c07ae7f1035595 WHIRLPOOL bd9aca1b285698ef1dff06df7c3d72f7f09dd1621a81a764ace80bb94977e394f4b3e6dadebaff34bb64e5d031d4f30aef5e7400186a29a3707f3c984e3d0bcb +AUX cyrus-sasl-2.1.25-as_needed.patch 1083 SHA256 5143036f20fdc1ff0b44b73b6d245392edc2f786d74730fc0f8f75d7b40ea5c6 SHA512 8fdc7039fda79e95ec310cd63d72871d7b5b35b5a1b6cf30b9693f6a02e265d924e375ddc65158f38de129b5da058ecd26038f988153ff0aacf2665d66f40abb WHIRLPOOL cb83b15e434c4127279a7c51f44d3a592466cbcb1591a390614b170d516be556a779e366d83ca51029626e3de706fe5c187d86491ac1b0728f2d0031ff0b5a25 +AUX cyrus-sasl-2.1.25-autotools_fixes.patch 3926 SHA256 390aef512c359ae3eee9d1c781ab9586b71b98e4b8961594de0872b09acfbea2 SHA512 d1e39d856addf6b53a278669df6e87f0fddd9a1ceadc0fadf2bdac239fcec8540c797118be642a58e65e2ec667d3c2a4b604f68f659433e64dbcd5bfe35b9a82 WHIRLPOOL b501636d42de380041acf7edcb4f571fe3f4b9642ce309c78a20fa2617990dd4bede18ed368fd3ebc194c86e2b3614ccf4b1b3cb2912451cdb24d010ebab14bb +AUX cyrus-sasl-2.1.25-auxprop.patch 552 SHA256 d9f63e60aa664f064755151fb5aa442ed52a3053057b5a63f2d88c937906dc7c SHA512 73ae914e684ae698eb56a1579ba9a477a946625a3b079e2b400d88583074f1701d8a6926ed17dea36b923050f21c04fbf746d54284568bd21c14be3d10283b6f WHIRLPOOL 899e41790b71a55983fa99c09e3b9b28667e2e7f457bdc39028ad705883676f4363bbd968c04b35fe2ce84fd08c1b5daad73b988f6e2299f1c129e59bc65f93f +AUX cyrus-sasl-2.1.25-avoid_pic_overwrite.patch 1076 SHA256 80cb9cf22b0507b503ff0cf6c5946a44eb5c3808e0a77e66d56d5a53e5e76fa7 SHA512 033e3634116e1d3b316052dbe0b671cca0fcfb6063fca1a97d990c422c2ce05109a1e424e84ed9928dc0312a325a7248f2d2e3f9547f84453b36331c01f63be5 WHIRLPOOL c5d502cf80f298771331660fd3806685cee47c128be4cdffd603c44b5cc04adccf4f459b354cb30f1e05acf8be76cb1e3b76a22c09f1b3b873cc13b683608607 +AUX cyrus-sasl-2.1.25-fix_heimdal.patch 601 SHA256 6285b2a9c0b9ab2590a4225ac1eb8d01678e6b0559141c274d4451def65b5283 SHA512 80a5181a3c324551ae64ead2d6199691ac9994653e4b86de21852d2caf201b5fccde6464af4189351edcad4b87dc60cab5f1c03148db77f90c6c52a16465045a WHIRLPOOL cc1adba84e09ef37ac4102b2da7c45eff9c496ca2cdb680e76b287a104e5ad039bca0b1bf319a6c5bfaa2e57cb6e5c8c4b93a8682ebac01bcb18a3b82cecac16 +AUX cyrus-sasl-2.1.25-missing_header.patch 292 SHA256 a83296e782a6137b0f687491314af7a82a37296729af42ca11d1f3667f7320b3 SHA512 b1dc1fa2663c5bd9b051353e6c18ece48460c2de4aff3b6f13672e0aa08e651462af4dae38a2821367728e503ade577218d2645f8c0a96c85e77226ee77ac1a6 WHIRLPOOL 859f6c1f8a864083b163f1c95431c633b9ca6d75a72bae14ce526cca0525ef2c4f0bb2760792baeb228fcb2b64126685d918012574f6a23ebc6b4a580245f77f +AUX cyrus-sasl-2.1.25-saslauthd_libtool.patch 280 SHA256 76ba2532083630a05ed0e3a5f2976eef6ec62e0fc1782bfee6147aee749e2ce8 SHA512 1e79230a3891f1492c7d6f5969f6a4890aaae2f488e9f3942cafeda574bf8810c4fb3e004836f769244db02bae663fa3ac1eeca19658e6fd3c94f2a891ed2653 WHIRLPOOL 0ac53b59da7a22e93c489e3bc62b0db83f14953cacf6c79c806feaeb33186e4b8f747c58faf49c514df2daba2580326db2c59c576bca3ae192fc210915d93aad +AUX cyrus-sasl-2.1.25-sasldb_al.patch 555 SHA256 3885246eda016e7a6d273305b2a011770465e8324d1774ef0d021e3def3008d5 SHA512 2da553298b482ca3115294de7264428925911f8d1b6a15ae1af38ee7e0a3191a0f4ad90bcbaeef599c994842a86eea5157b663cb6944f035d9a377dba91dbbf0 WHIRLPOOL d248eae3c8e0e313c0047d0bfbf6e4dd1341afdd4b525138827148517e8cc3847f4c134cd1639be1734c60c5fde922e8bd759895de55b268c2bc9fd54994bda9 +AUX cyrus-sasl-2.1.25-service_keytabs.patch 932 SHA256 6b60574c65fffd802d19b409fe9a4b043614261e59051b7b9cf51380e08cd8f3 SHA512 bd5ceebfe1b8f72d275db487a6f11bbb8e6f20f3b44c05040fd9d0bb5c72e656f2c8f22924fecaa9c268e50d54d272f25f4a5a3b72ca49d1c23ef9f178d00733 WHIRLPOOL 7b3ab47b4af7425ed619c4c6336feb74d45ab9e52d102995d13c6b013cab4c1bf2804ace0b9714066eeec8b105d09e1c267405581ae10361afd7d8762f702a3f +AUX cyrus-sasl-2.1.26-CVE-2013-4122.patch 3838 SHA256 39c3c404d6fc0da79c51157c6a3c05aeb9117cf5df87615d6a8f8086056bf94e SHA512 3df09f16dc2f4efc601339743eb6e66087977fae4e174aa82c4abb7f85a77aa9eb98629837079236446ef3b494fb48931c9dc8850362a49615749e162b4699c8 WHIRLPOOL 68a61bd075006bdde0fc7982694f8a413c4f21522b6a3a38af345c0d94e96294eb31d2f8ce05eb30ca8d228327f69bfc55f91be43f9eb1484989de4ee7aedc53 +AUX cyrus-sasl-2.1.26-canonuser-ldapdb-garbage-in-out-buffer.patch 284 SHA256 334c3a2c7f409707026136ef595845f61e971e369035c3b5e3bf284f1e7e6e1d SHA512 f3b789b7dea3f6a51fca6fd1877c81b5f5a3be342fa5c90ddae98a822e0c2a71e8fa582c6cb60c696363aa5cb99db8609cd6b3a91c5d402a0ad1e6124c726f5f WHIRLPOOL 70fb8cbddf81c3dc631c0b9df72d3255590d20ae5d7d1d0ed6ca70548aaef3c48444703821c2a5ccc3b7fec5592584bc843fe5284fa1b0ef40a3446727e0f6eb +AUX cyrus-sasl-2.1.26-fix_dovecot_authentication.patch 2603 SHA256 3edf79a6b1a03c87bef8b41f858ffe32c778288cd22ffc05460c3b8ad2f6393c SHA512 4244015451dfd41443a0cf8b56ae19a1dfb550e374fcdc37dc091a54f73ab36818c25fe96f7837e3ddfe5c7952d309a5b51bedfe0b7c7f1dec8ecf15f067acda WHIRLPOOL da1a5afb7a17e0eb3e7ca7586769a766b994794d3c24a21a88c895b17b0685a06287186b3bba6cce2daf0216ee91c89f79770f205eaa6b7ba844ade263ea134b +AUX cyrus-sasl-2.1.26-missing-size_t.patch 348 SHA256 1821e0f511a3eab2cbefba36b6538a997afad2a4892d1fcbf22847d34e06711e SHA512 026183880caa504af9dda5fb93a6f47a159c7ab6af79463bc512709681dd260489411b8b8da78a9f8cd260b77ae5d1977854a39de80bc48f3a03e3ffa1b09fb2 WHIRLPOOL c71d5e4919577b6c23b1610c3fa695ad035befa9cc1de43867c9e9c17016f681854e734275241dab60271d3bc7198fd633b079ab6f53e6b8bc8ce4c513eff6bd +AUX cyrus-sasl-2.1.26-send-imap-logout.patch 1897 SHA256 021289615c690937dacf7bd0d1f23823255d141ea0c7f81a9f98d4d2b42260d4 SHA512 b30a4faea9fb66d8fab95a27b8ec87371d3650c5d2d4475449b8cebb223631d1afe9cdebd8c9b076e77bc3d2e2f5c32b24fe9292db26523212a72754cbff9995 WHIRLPOOL b7348e5300c7584d9bf18421a703a66c348bbb926c569da618876c500c78385b5580cab98c261fb051684ed45f2fb682ca837a0d4beff789f94134801898f0fa +AUX cyrus-sasl.conf 34 SHA256 1d246914153ca86390e7c39aaa9494ce1175d783d3292a8cc5a2d867b816fb7b SHA512 67b9bb97191d091ffc2b8f450ad88a558df304a29651a9a49407c50df0a316666a96e7d1a2ca3ac8ee5e60a58a5d5b618ce963661f4f45049dc6b3ef2cf8099e WHIRLPOOL 671625830fc9df9b44fff4d7fe16a7d7e76c42e8c1cf75cc7a725586aad3f80b98aa5a07ae5dea848833aed6aa02294c2a7b9969f1e708dd6854370a62c5cd23 +AUX java.README.gentoo 934 SHA256 aeb733ab6371c1fe50e413e8469dcd11f0750b5afff489408c45f118857fc3fe SHA512 afcecb94e8e8c427b9491fc21312f4bed2a7d4ecedbbec8fec895cf8ca1e747073979f4415e12d8499eadbc29e8d74c6029f7cdfd7a2cb732454faaa19d52dd4 WHIRLPOOL d32cd2cfc9ffab9f791f48e0450c7eeff1b2203e29af8df8b96c4091ca7195cd579e41f38b857ef646eec28a11ea9e7c80aa6cee3f41a58d354b732a6ea15a92 +AUX pwcheck.rc6 409 SHA256 64f6eb6c0e1dfab8a03de9e951b710bbacac0bd806ea5d2a6d3d10f6c6ab499a SHA512 797317f0361d6d849ca35c5189ba0cb562e58d62022ce7c29229aab71e8ce4c1e3e6409cd3b092b666724a00b0b3b6071e527cc49050fc34590ef3b1a7648f8a WHIRLPOOL d930022d08bafbd17634b1f66ada0d8625ba0a35d69a154328bbc1875e2943064739bc9d884e9dacb584f3ccc6073be19d17a2441d6a1bb4c8d13ff456900827 +AUX pwcheck.service 129 SHA256 6b4dd0f703dfb4d61f24f3ba42884d83eba4a8cd06eb794cc7cd8bebc6c93da5 SHA512 73e01063bf308cbdc45400d4d0b61f81eade8453acec71b2ac0c0acf1ee458881aab2876cbd47208f87c6a9f298846eb509e14eb01b985c4f9e0ad4db1d8b751 WHIRLPOOL 04ba7e1e7ddf7f5cccfc6ffa0d2bc6b7c47eb0d933409dc85eb1176e374a8a1dc1844221c6fe30a0341487226f1f42ea0473a5cc1c3455a06d071ed7ff625b46 +AUX saslauthd-2.1.26.conf 687 SHA256 b29db7875abe6d2bff694b065a895f1a3d8c2647dff1a871282c0cb471e69455 SHA512 4859a9659f580c93bfd47cdbd997ec3c75fa829721532061bee0f1736be897b9e59478ab33e216a588d072b866e4b61f7893a16b36ceadf016bda083eee26e0f WHIRLPOOL ee3b9d822f59755cee41ed2c6bdc0fd697d90909ae2485cabae783ce73bd1d94f9ef3b0b127587bef42e0b290b93562651eb3d21623c90f404a4979776d78d13 +AUX saslauthd.pam-include 160 SHA256 97166de49d227cf5ff305168ea75ca584feda9ab87d1eb1437638861986e70ba SHA512 14fcfc0f69dacd25ac9b298cf44b0b44146d418424ef16e66edf8893353e418ef53beebb7199bd516b828c40954e4875ab5659f50a09af12ef2a371b944b45b1 WHIRLPOOL cc1c48bb92cf89ed9f29df2469823bd7bfa96b97fa8d6d33c7cfedef1e1a2ee12e66a0c34b7a992a631d4f446dfa4e9769d5b2c08dae5039115c00514f8a40e9 +AUX saslauthd.service 277 SHA256 a8157a0748269d3534ac6f01bbf61f0215c665b50dbbf94fc2399b6d3287a677 SHA512 fa318aefec6f802badd72a4baf33875bc0021fc4889578877880971470d84bf645ad3c34dd10c582d8cc06ea512e3d56984902efaf09e2806a27feade5fc971c WHIRLPOOL 18f74f1caac60b7bbf58edf41b78c5d670a6892c8c763e05b026c930565dfb2c3ac7b6763e518824fe93c560c5f1f7e42306e950c1a942b38e0ec23824b74e89 +AUX saslauthd2.rc7 411 SHA256 dea35c48fdc94e475b427cb47ff47b914a66311afbd2d8397a833a60e4c1a7a4 SHA512 1d5942a94ffbc15774443d60a88d4c89c7c3c6ea68b041d304f0110f6ec3aa2a812f59021cddc78de6f51a25bb00955e4e56d769e766a9d856f13774dd37ce83 WHIRLPOOL 30c85e257b7592fa69adcbb3e6671045c7420a6079d2db175a40a9e2ea7c8cb3c0110d1be9fb101a2da17ca2823e82dc125656a0174dfb5cb2b7b21fd7904ae8 +DIST cyrus-sasl-2.1.26.tar.gz 5220231 SHA256 8fbc5136512b59bb793657f36fadda6359cae3b08f01fd16b3d406f1345b7bc3 SHA512 78819cb9bb38bea4537d6770d309deeeef09ff44a67526177609d3e1257ff4334d2b5e5131d5a1e4dea7430d8db1918ea9d171f0dee38b5e8337f4b72ed068f0 WHIRLPOOL bcba17705d5d7ef9a03802d6a0c3a887bba0473605a3a48d2672aeac187193f2488f28ab01bdf659d7a68b94b4c74e36428ca4b5be840fbed2968f1592534b33 +EBUILD cyrus-sasl-2.1.26-r10.ebuild 7761 SHA256 ad8e0207f30d7acf60a9733a7fbc28fdf0db1298655b16a2569ce61c3ceb24e4 SHA512 4c04c188ff2eb00f700a195776be6a142b1408d74cebb111ba628f7aafd11a848b8a172d32b20ec2eb719842c490a2ecbbf018a9c8bc70f602750fd609b60818 WHIRLPOOL 301b03690ed555f8bde9d91651696f69df5eccf18769fc13d689728cf0f6b42c3be073db954fc8019a1d19694ccb142b22e3c2cf6da324a139b63f455ed53044 +EBUILD cyrus-sasl-2.1.26-r11.ebuild 8376 SHA256 607cbd13bdc75c32768071a746fb6a7e915fc4885dc2ac70250fd9c029b501e6 SHA512 d86a53e882f3e0f3e53a7e51e8f5a7f8ba92f12bf7c85e7d3f821a6861ef4c539c74ca24e17fbff28e3840f2aae16654a841812a7dca2c0505aa1da06e038ebc WHIRLPOOL 15bd7b64e2e7b44057b5a9cc8dae55e19dcc9ec78d5cf8ccad2383533dd391f43d2b01a62ee28aec569ea976172bf05a0ddbde51f7c70f60ad3b174d2f7645d2 +EBUILD cyrus-sasl-2.1.26-r9.ebuild 7667 SHA256 24fba1fc3c7cda386537dc9a2fd8ed501fac3e442135a1918ea14c460a0b0277 SHA512 4c794d4309adb644c81e9945b1f7f95d805c9ddb43f8abf369f7d2442ed88e479c37c49a17a1448e461759091ff0bd1d576691185c5835040c9ccc930df89d3d WHIRLPOOL 24c602ba06d1e463926df36d708419455bf810d05ecca43dd8a699aa969da5e74f8e84f7da4145e264d4a173d17f9e3d85d513166773d36d1957e3cb4874ff40 +MISC ChangeLog 6649 SHA256 37da725536a863c52a927b96a72e90eddc8214a9f7964b70ce7e6851e867b781 SHA512 5cc3ee958a732a45415296a4702b786ef68820e5c3e5d38de944aac70cc34b3d52284f1f4863af7dc1d5075404b5a49888be5a950e500235739b346c4cdfc3cb WHIRLPOOL 2867a0bbe17f526a8d414b11615dc424438e6598c9ab10b77580abe60b4ef9295ad88896c633647149db77811c9fbe1ed34c401bf9cc50ca0fd3d985adacbc7d +MISC ChangeLog-2015 52727 SHA256 cad5e2e4ba64d58e11617abd00f0fb1ef6c7f2edccc3b0c4df31bbd9c53d0d20 SHA512 7ace87d5f7be6e6d50367d79143688b3f0d363444b65a7440d9a5075c8d98c95bc882cd396dde521836cd05d233161727b4281db2184a00854c652e0a2be019f WHIRLPOOL e620fdbfe466b59edbba60af62089dcc9ce6a407917aedb5be3df3acacf0a963628c70cadb1684c908d7ebfc278006906f5d0abb76504ec4bf03ccb07960784f +MISC metadata.xml 706 SHA256 a20b99c5a9e2b9f98988c79cf520b26aeb4dc4fcc5ce64df4dbdf7edda1bae58 SHA512 1e7495deff4727296d29b25b7af535c0b36054b9172763ca8634b40f324dbc33697424a7e5565791c3131def3708c9ffb7e3e2362cbd8b334d650921fc2291ce WHIRLPOOL aa1f700aa5595aa60f2ad7befa95a055ca19aeeb059a3b5bd403f04e6da71d12de38d0dee7b3c4c8eb85cb454149bdbb408b7902fa38348ca0338d2396d21bfb diff --git a/dev-libs/cyrus-sasl/cyrus-sasl-2.1.26-r10.ebuild b/dev-libs/cyrus-sasl/cyrus-sasl-2.1.26-r10.ebuild new file mode 100644 index 000000000000..95c9d5337c8c --- /dev/null +++ b/dev-libs/cyrus-sasl/cyrus-sasl-2.1.26-r10.ebuild @@ -0,0 +1,245 @@ +# Copyright 1999-2015 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +EAPI=5 + +inherit eutils flag-o-matic multilib multilib-minimal autotools pam java-pkg-opt-2 db-use systemd + +SASLAUTHD_CONF_VER="2.1.26" + +DESCRIPTION="The Cyrus SASL (Simple Authentication and Security Layer)" +HOMEPAGE="http://cyrusimap.web.cmu.edu/" +SRC_URI="ftp://ftp.cyrusimap.org/cyrus-sasl/${P}.tar.gz" + +LICENSE="BSD-with-attribution" +SLOT="2" +KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~amd64-fbsd ~sparc-fbsd ~x86-fbsd" +IUSE="authdaemond berkdb gdbm kerberos ldapdb libressl openldap mysql pam postgres sample selinux sqlite +srp ssl static-libs urandom" + +DEPEND="net-mail/mailbase + authdaemond? ( || ( net-mail/courier-imap mail-mta/courier ) ) + berkdb? ( >=sys-libs/db-4.8.30-r1:=[${MULTILIB_USEDEP}] ) + gdbm? ( >=sys-libs/gdbm-1.10-r1[${MULTILIB_USEDEP}] ) + kerberos? ( >=virtual/krb5-0-r1[${MULTILIB_USEDEP}] ) + openldap? ( >=net-nds/openldap-2.4.38-r1[${MULTILIB_USEDEP}] ) + mysql? ( virtual/mysql ) + pam? ( >=virtual/pam-0-r1[${MULTILIB_USEDEP}] ) + postgres? ( dev-db/postgresql:= ) + sqlite? ( >=dev-db/sqlite-3.8.2:3[${MULTILIB_USEDEP}] ) + ssl? ( + !libressl? ( >=dev-libs/openssl-1.0.1h-r2:0[${MULTILIB_USEDEP}] ) + libressl? ( dev-libs/libressl[${MULTILIB_USEDEP}] ) + ) + java? ( >=virtual/jdk-1.4:= )" +RDEPEND="${DEPEND} + selinux? ( sec-policy/selinux-sasl )" + +MULTILIB_WRAPPED_HEADERS=( + /usr/include/sasl/md5global.h +) + +pkg_setup() { + java-pkg-opt-2_pkg_setup +} + +src_prepare() { + epatch "${FILESDIR}"/${PN}-2.1.25-sasldb_al.patch + epatch "${FILESDIR}"/${PN}-2.1.25-saslauthd_libtool.patch + epatch "${FILESDIR}"/${PN}-2.1.25-avoid_pic_overwrite.patch + epatch "${FILESDIR}"/${PN}-2.1.25-autotools_fixes.patch + epatch "${FILESDIR}"/${PN}-2.1.25-as_needed.patch + epatch "${FILESDIR}"/${PN}-2.1.25-missing_header.patch + epatch "${FILESDIR}"/${PN}-2.1.25-fix_heimdal.patch + epatch "${FILESDIR}"/${PN}-2.1.25-auxprop.patch + epatch "${FILESDIR}"/${PN}-2.1.23-gss_c_nt_hostbased_service.patch + epatch "${FILESDIR}"/${PN}-2.1.25-service_keytabs.patch + epatch "${FILESDIR}"/${PN}-2.1.26-missing-size_t.patch + epatch "${FILESDIR}"/${PN}-2.1.26-CVE-2013-4122.patch + epatch "${FILESDIR}"/${PN}-2.1.26-send-imap-logout.patch + epatch "${FILESDIR}"/${PN}-2.1.26-canonuser-ldapdb-garbage-in-out-buffer.patch + epatch "${FILESDIR}"/${PN}-2.1.26-fix_dovecot_authentication.patch + + # Get rid of the -R switch (runpath_switch for Sun) + # >=gcc-4.6 errors out with unknown option + sed -i -e '/LIB_SQLITE.*-R/s/ -R[^"]*//' \ + configure.in || die + + # Use plugindir for sasldir + sed -i '/^sasldir =/s:=.*:= $(plugindir):' \ + "${S}"/plugins/Makefile.{am,in} || die "sed failed" + + # #486740 #468556 + sed -i -e 's:AM_CONFIG_HEADER:AC_CONFIG_HEADERS:g' \ + -e 's:AC_CONFIG_MACRO_DIR:AC_CONFIG_MACRO_DIRS:g' \ + configure.in || die + sed -i -e 's:AC_CONFIG_MACRO_DIR:AC_CONFIG_MACRO_DIRS:g' \ + saslauthd/configure.in || die + + eautoreconf +} + +src_configure() { + append-flags -fno-strict-aliasing + append-cppflags -D_XOPEN_SOURCE -D_XOPEN_SOURCE_EXTENDED -D_BSD_SOURCE -DLDAP_DEPRECATED + + multilib-minimal_src_configure +} + +multilib_src_configure() { + # Java support. + multilib_is_native_abi && use java && export JAVAC="${JAVAC} ${JAVACFLAGS}" + + local myconf=() + + # Add authdaemond support (bug #56523). + if use authdaemond ; then + myconf+=( --with-authdaemond=/var/lib/courier/authdaemon/socket ) + fi + + # Fix for bug #59634. + if ! use ssl ; then + myconf+=( --without-des ) + fi + + if use sqlite || { multilib_is_native_abi && { use mysql || use postgres; }; } ; then + myconf+=( --enable-sql ) + else + myconf+=( --disable-sql ) + fi + + # Default to GDBM if both 'gdbm' and 'berkdb' are present. + if use gdbm ; then + einfo "Building with GNU DB as database backend for your SASLdb" + myconf+=( --with-dblib=gdbm ) + elif use berkdb ; then + einfo "Building with BerkeleyDB as database backend for your SASLdb" + myconf+=( + --with-dblib=berkeley + --with-bdb-incdir="$(db_includedir)" + ) + else + einfo "Building without SASLdb support" + myconf+=( --with-dblib=none ) + fi + + # Use /dev/urandom instead of /dev/random (bug #46038). + if use urandom ; then + myconf+=( --with-devrandom=/dev/urandom ) + fi + + ECONF_SOURCE=${S} \ + econf \ + --enable-login \ + --enable-ntlm \ + --enable-auth-sasldb \ + --disable-cmulocal \ + --disable-krb4 \ + --enable-otp \ + --without-sqlite \ + --with-saslauthd=/run/saslauthd \ + --with-pwcheck=/run/saslauthd \ + --with-configdir=/etc/sasl2 \ + --with-plugindir=/usr/$(get_libdir)/sasl2 \ + --with-dbpath=/etc/sasl2/sasldb2 \ + $(use_with ssl openssl) \ + $(use_with pam) \ + $(use_with openldap ldap) \ + $(use_enable ldapdb) \ + $(multilib_native_use_enable sample) \ + $(use_enable kerberos gssapi) \ + $(multilib_native_use_enable java) \ + $(multilib_native_use_with java javahome ${JAVA_HOME}) \ + $(multilib_native_use_with mysql mysql /usr) \ + $(multilib_native_use_with postgres pgsql) \ + $(use_with sqlite sqlite3 /usr/$(get_libdir)) \ + $(use_enable srp) \ + $(use_enable static-libs static) \ + "${myconf[@]}" +} + +multilib_src_compile() { + emake + + # Default location for java classes breaks OpenOffice (bug #60769). + # Thanks to axxo@gentoo.org for the solution. + if multilib_is_native_abi && use java ; then + jar -cvf ${PN}.jar -C java $(find java -name "*.class") + fi +} + +multilib_src_install() { + default + + if multilib_is_native_abi; then + if use sample ; then + docinto sample + dodoc "${S}"/sample/*.c + exeinto /usr/share/doc/${P}/sample + doexe sample/client sample/server + fi + + # Default location for java classes breaks OpenOffice (bug #60769). + if use java ; then + java-pkg_dojar ${PN}.jar + java-pkg_regso "${D}/usr/$(get_libdir)/libjavasasl.so" + # hackish, don't wanna dig through makefile + rm -Rf "${D}/usr/$(get_libdir)/java" + docinto "java" + dodoc "${S}/java/README" "${FILESDIR}/java.README.gentoo" "${S}"/java/doc/* + dodir "/usr/share/doc/${PF}/java/Test" + insinto "/usr/share/doc/${PF}/java/Test" + doins "${S}"/java/Test/*.java + fi + + dosbin saslauthd/testsaslauthd + fi +} + +multilib_src_install_all() { + keepdir /etc/sasl2 + + dodoc AUTHORS ChangeLog NEWS README doc/TODO doc/*.txt + newdoc pwcheck/README README.pwcheck + dohtml doc/*.html + + docinto "saslauthd" + dodoc saslauthd/{AUTHORS,ChangeLog,LDAP_SASLAUTHD,NEWS,README} + + newpamd "${FILESDIR}/saslauthd.pam-include" saslauthd + + newinitd "${FILESDIR}/pwcheck.rc6" pwcheck + systemd_dounit "${FILESDIR}/pwcheck.service" + + newinitd "${FILESDIR}/saslauthd2.rc7" saslauthd + newconfd "${FILESDIR}/saslauthd-${SASLAUTHD_CONF_VER}.conf" saslauthd + systemd_dounit "${FILESDIR}/saslauthd.service" + systemd_dotmpfilesd "${FILESDIR}/${PN}.conf" + + prune_libtool_files --modules +} + +pkg_postinst () { + # Generate an empty sasldb2 with correct permissions. + if ( use berkdb || use gdbm ) && [[ ! -f "${ROOT}/etc/sasl2/sasldb2" ]] ; then + einfo "Generating an empty sasldb2 with correct permissions ..." + echo "p" | "${ROOT}/usr/sbin/saslpasswd2" -f "${ROOT}/etc/sasl2/sasldb2" -p login \ + || die "Failed to generate sasldb2" + "${ROOT}/usr/sbin/saslpasswd2" -f "${ROOT}/etc/sasl2/sasldb2" -d login \ + || die "Failed to delete temp user" + chown root:mail "${ROOT}/etc/sasl2/sasldb2" \ + || die "Failed to chown ${ROOT}/etc/sasl2/sasldb2" + chmod 0640 "${ROOT}/etc/sasl2/sasldb2" \ + || die "Failed to chmod ${ROOT}/etc/sasl2/sasldb2" + fi + + if use authdaemond ; then + elog "You need to add a user running a service using Courier's" + elog "authdaemon to the 'mail' group. For example, do:" + elog " gpasswd -a postfix mail" + elog "to add the 'postfix' user to the 'mail' group." + fi + + elog "pwcheck and saslauthd home directories have moved to:" + elog " /run/saslauthd, using tmpfiles.d" +} diff --git a/dev-libs/cyrus-sasl/cyrus-sasl-2.1.26-r11.ebuild b/dev-libs/cyrus-sasl/cyrus-sasl-2.1.26-r11.ebuild new file mode 100644 index 000000000000..7c2b358104db --- /dev/null +++ b/dev-libs/cyrus-sasl/cyrus-sasl-2.1.26-r11.ebuild @@ -0,0 +1,263 @@ +# Copyright 1999-2017 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +EAPI=5 + +inherit eutils flag-o-matic multilib multilib-minimal autotools pam java-pkg-opt-2 db-use systemd + +SASLAUTHD_CONF_VER="2.1.26" + +DESCRIPTION="The Cyrus SASL (Simple Authentication and Security Layer)" +HOMEPAGE="http://cyrusimap.web.cmu.edu/" +SRC_URI="ftp://ftp.cyrusimap.org/cyrus-sasl/${P}.tar.gz" + +LICENSE="BSD-with-attribution" +SLOT="2" +KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~x64-solaris ~x86-solaris" +IUSE="authdaemond berkdb gdbm kerberos ldapdb libressl openldap mysql pam postgres sample selinux sqlite +srp ssl static-libs urandom" + +DEPEND=" + net-mail/mailbase + authdaemond? ( || ( net-mail/courier-imap mail-mta/courier ) ) + berkdb? ( >=sys-libs/db-4.8.30-r1:=[${MULTILIB_USEDEP}] ) + gdbm? ( >=sys-libs/gdbm-1.10-r1[${MULTILIB_USEDEP}] ) + kerberos? ( >=virtual/krb5-0-r1[${MULTILIB_USEDEP}] ) + openldap? ( >=net-nds/openldap-2.4.38-r1[${MULTILIB_USEDEP}] ) + mysql? ( virtual/mysql ) + pam? ( >=virtual/pam-0-r1[${MULTILIB_USEDEP}] ) + postgres? ( dev-db/postgresql:= ) + sqlite? ( >=dev-db/sqlite-3.8.2:3[${MULTILIB_USEDEP}] ) + ssl? ( + !libressl? ( >=dev-libs/openssl-1.0.1h-r2:0[${MULTILIB_USEDEP}] ) + libressl? ( dev-libs/libressl[${MULTILIB_USEDEP}] ) + ) + java? ( >=virtual/jdk-1.6:= )" + +RDEPEND=" + ${DEPEND} + selinux? ( sec-policy/selinux-sasl )" + +MULTILIB_WRAPPED_HEADERS=( + /usr/include/sasl/md5global.h +) + +PATCHES=( + "${FILESDIR}/${PN}-2.1.25-sasldb_al.patch" + "${FILESDIR}/${PN}-2.1.25-saslauthd_libtool.patch" + "${FILESDIR}/${PN}-2.1.25-avoid_pic_overwrite.patch" + "${FILESDIR}/${PN}-2.1.25-autotools_fixes.patch" + "${FILESDIR}/${PN}-2.1.25-as_needed.patch" + "${FILESDIR}/${PN}-2.1.25-missing_header.patch" + "${FILESDIR}/${PN}-2.1.25-fix_heimdal.patch" + "${FILESDIR}/${PN}-2.1.25-auxprop.patch" + "${FILESDIR}/${PN}-2.1.23-gss_c_nt_hostbased_service.patch" + "${FILESDIR}/${PN}-2.1.25-service_keytabs.patch" + "${FILESDIR}/${PN}-2.1.26-missing-size_t.patch" + "${FILESDIR}/${PN}-2.1.26-CVE-2013-4122.patch" + "${FILESDIR}/${PN}-2.1.26-send-imap-logout.patch" + "${FILESDIR}/${PN}-2.1.26-canonuser-ldapdb-garbage-in-out-buffer.patch" + "${FILESDIR}/${PN}-2.1.26-fix_dovecot_authentication.patch" +) + +pkg_setup() { + java-pkg-opt-2_pkg_setup +} + +src_prepare() { + epatch "${PATCHES[@]}" + + # Get rid of the -R switch (runpath_switch for Sun) + # >=gcc-4.6 errors out with unknown option + sed -i -e '/LIB_SQLITE.*-R/s/ -R[^"]*//' \ + configure.in || die + + # Use plugindir for sasldir + sed -i '/^sasldir =/s:=.*:= $(plugindir):' \ + "${S}"/plugins/Makefile.{am,in} || die "sed failed" + + # #486740 #468556 + sed -i -e 's:AM_CONFIG_HEADER:AC_CONFIG_HEADERS:g' \ + -e 's:AC_CONFIG_MACRO_DIR:AC_CONFIG_MACRO_DIRS:g' \ + configure.in || die + sed -i -e 's:AC_CONFIG_MACRO_DIR:AC_CONFIG_MACRO_DIRS:g' \ + saslauthd/configure.in || die + + eautoreconf +} + +src_configure() { + append-flags -fno-strict-aliasing + if [[ ${CHOST} == *-solaris* ]] ; then + # getpassphrase is defined in /usr/include/stdlib.h + append-cppflags -DHAVE_GETPASSPHRASE + else + # this horrendously breaks things on Solaris + append-cppflags -D_XOPEN_SOURCE -D_XOPEN_SOURCE_EXTENDED -D_BSD_SOURCE -DLDAP_DEPRECATED + fi + + multilib-minimal_src_configure +} + +multilib_src_configure() { + # Java support. + multilib_is_native_abi && use java && export JAVAC="${JAVAC} ${JAVACFLAGS}" + + local myconf=() + + # Add authdaemond support (bug #56523). + if use authdaemond ; then + myconf+=( --with-authdaemond="${EPREFIX}"/var/lib/courier/authdaemon/socket ) + fi + + # Fix for bug #59634. + if ! use ssl ; then + myconf+=( --without-des ) + fi + + if use sqlite || { multilib_is_native_abi && { use mysql || use postgres; }; } ; then + myconf+=( --enable-sql ) + else + myconf+=( --disable-sql ) + fi + + # Default to GDBM if both 'gdbm' and 'berkdb' are present. + if use gdbm ; then + einfo "Building with GNU DB as database backend for your SASLdb" + myconf+=( --with-dblib=gdbm ) + elif use berkdb ; then + einfo "Building with BerkeleyDB as database backend for your SASLdb" + myconf+=( + --with-dblib=berkeley + --with-bdb-incdir="$(db_includedir)" + ) + else + einfo "Building without SASLdb support" + myconf+=( --with-dblib=none ) + fi + + # Use /dev/urandom instead of /dev/random (bug #46038). + if use urandom ; then + myconf+=( --with-devrandom=/dev/urandom ) + fi + + ECONF_SOURCE=${S} \ + econf \ + --enable-login \ + --enable-ntlm \ + --enable-auth-sasldb \ + --disable-cmulocal \ + --disable-krb4 \ + --disable-macos-framework \ + --enable-otp \ + --without-sqlite \ + --with-saslauthd="${EPREFIX}"/run/saslauthd \ + --with-pwcheck="${EPREFIX}"/run/saslauthd \ + --with-configdir="${EPREFIX}"/etc/sasl2 \ + --with-plugindir="${EPREFIX}"/usr/$(get_libdir)/sasl2 \ + --with-dbpath="${EPREFIX}"/etc/sasl2/sasldb2 \ + $(use_with ssl openssl) \ + $(use_with pam) \ + $(use_with openldap ldap) \ + $(use_enable ldapdb) \ + $(multilib_native_use_enable sample) \ + $(use_enable kerberos gssapi) \ + $(multilib_native_use_enable java) \ + $(multilib_native_use_with java javahome ${JAVA_HOME}) \ + $(multilib_native_use_with mysql mysql "${EPREFIX}"/usr) \ + $(multilib_native_use_with postgres pgsql) \ + $(use_with sqlite sqlite3 "${EPREFIX}"/usr/$(get_libdir)) \ + $(use_enable srp) \ + $(use_enable static-libs static) \ + "${myconf[@]}" +} + +multilib_src_compile() { + emake + + # Default location for java classes breaks OpenOffice (bug #60769). + # Thanks to axxo@gentoo.org for the solution. + if multilib_is_native_abi && use java ; then + jar -cvf ${PN}.jar -C java $(find java -name "*.class") + fi +} + +multilib_src_install() { + default + + if multilib_is_native_abi; then + if use sample ; then + docinto sample + dodoc "${S}"/sample/*.c + exeinto /usr/share/doc/${P}/sample + doexe sample/client sample/server + fi + + # Default location for java classes breaks OpenOffice (bug #60769). + if use java; then + java-pkg_dojar ${PN}.jar + java-pkg_regso "${ED}/usr/$(get_libdir)/libjavasasl$(get_libname)" + # hackish, don't wanna dig through makefile + rm -rf "${ED}/usr/$(get_libdir)/java" || die + docinto "java" + dodoc "${S}/java/README" "${FILESDIR}/java.README.gentoo" "${S}"/java/doc/* + dodir "/usr/share/doc/${PF}/java/Test" + insinto "/usr/share/doc/${PF}/java/Test" + doins "${S}"/java/Test/*.java + fi + + dosbin saslauthd/testsaslauthd + fi +} + +multilib_src_install_all() { + keepdir /etc/sasl2 + + dodoc AUTHORS ChangeLog NEWS README doc/TODO doc/*.txt + newdoc pwcheck/README README.pwcheck + dohtml doc/*.html + + docinto "saslauthd" + dodoc saslauthd/{AUTHORS,ChangeLog,LDAP_SASLAUTHD,NEWS,README} + + newpamd "${FILESDIR}/saslauthd.pam-include" saslauthd + + newinitd "${FILESDIR}/pwcheck.rc6" pwcheck + systemd_dounit "${FILESDIR}/pwcheck.service" + + newinitd "${FILESDIR}/saslauthd2.rc7" saslauthd + newconfd "${FILESDIR}/saslauthd-${SASLAUTHD_CONF_VER}.conf" saslauthd + systemd_dounit "${FILESDIR}/saslauthd.service" + systemd_dotmpfilesd "${FILESDIR}/${PN}.conf" + + # The get_modname bit is important: do not remove the .la files on + # platforms where the lib isn't called .so for cyrus searches the .la to + # figure out what the name is supposed to be instead + use static-libs || [[ $(get_modname) != .so ]] || \ + prune_libtool_files --modules +} + +pkg_postinst () { + # Generate an empty sasldb2 with correct permissions. + if ( use berkdb || use gdbm ) && [[ ! -f "${EROOT}/etc/sasl2/sasldb2" ]] ; then + einfo "Generating an empty sasldb2 with correct permissions ..." + echo "p" | "${EROOT}/usr/sbin/saslpasswd2" -f "${EROOT}/etc/sasl2/sasldb2" -p login \ + || die "Failed to generate sasldb2" + "${EROOT}/usr/sbin/saslpasswd2" -f "${EROOT}/etc/sasl2/sasldb2" -d login \ + || die "Failed to delete temp user" + chown root:mail "${EROOT}/etc/sasl2/sasldb2" \ + || die "Failed to chown ${EROOT}/etc/sasl2/sasldb2" + chmod 0640 "${EROOT}/etc/sasl2/sasldb2" \ + || die "Failed to chmod ${EROOT}/etc/sasl2/sasldb2" + fi + + if use authdaemond ; then + elog "You need to add a user running a service using Courier's" + elog "authdaemon to the 'mail' group. For example, do:" + elog " gpasswd -a postfix mail" + elog "to add the 'postfix' user to the 'mail' group." + fi + + elog "pwcheck and saslauthd home directories have moved to:" + elog " /run/saslauthd, using tmpfiles.d" +} diff --git a/dev-libs/cyrus-sasl/cyrus-sasl-2.1.26-r9.ebuild b/dev-libs/cyrus-sasl/cyrus-sasl-2.1.26-r9.ebuild new file mode 100644 index 000000000000..7b7f169635bf --- /dev/null +++ b/dev-libs/cyrus-sasl/cyrus-sasl-2.1.26-r9.ebuild @@ -0,0 +1,242 @@ +# Copyright 1999-2015 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +EAPI=5 + +inherit eutils flag-o-matic multilib multilib-minimal autotools pam java-pkg-opt-2 db-use systemd + +SASLAUTHD_CONF_VER="2.1.26" + +DESCRIPTION="The Cyrus SASL (Simple Authentication and Security Layer)" +HOMEPAGE="http://cyrusimap.web.cmu.edu/" +SRC_URI="ftp://ftp.cyrusimap.org/cyrus-sasl/${P}.tar.gz" + +LICENSE="BSD-with-attribution" +SLOT="2" +KEYWORDS="alpha amd64 arm ~arm64 hppa ia64 ~mips ppc ppc64 s390 sh sparc x86 ~amd64-fbsd ~sparc-fbsd ~x86-fbsd" +IUSE="authdaemond berkdb gdbm kerberos ldapdb openldap mysql pam postgres sample selinux sqlite +srp ssl static-libs urandom" + +DEPEND="net-mail/mailbase + authdaemond? ( || ( net-mail/courier-imap mail-mta/courier ) ) + berkdb? ( >=sys-libs/db-4.8.30-r1:=[${MULTILIB_USEDEP}] ) + gdbm? ( >=sys-libs/gdbm-1.10-r1[${MULTILIB_USEDEP}] ) + kerberos? ( >=virtual/krb5-0-r1[${MULTILIB_USEDEP}] ) + openldap? ( >=net-nds/openldap-2.4.38-r1[${MULTILIB_USEDEP}] ) + mysql? ( virtual/mysql ) + pam? ( >=virtual/pam-0-r1[${MULTILIB_USEDEP}] ) + postgres? ( dev-db/postgresql:= ) + sqlite? ( >=dev-db/sqlite-3.8.2:3[${MULTILIB_USEDEP}] ) + ssl? ( >=dev-libs/openssl-1.0.1h-r2[${MULTILIB_USEDEP}] ) + java? ( >=virtual/jdk-1.4:= )" +RDEPEND="${DEPEND} + selinux? ( sec-policy/selinux-sasl )" + +MULTILIB_WRAPPED_HEADERS=( + /usr/include/sasl/md5global.h +) + +pkg_setup() { + java-pkg-opt-2_pkg_setup +} + +src_prepare() { + epatch "${FILESDIR}"/${PN}-2.1.25-sasldb_al.patch + epatch "${FILESDIR}"/${PN}-2.1.25-saslauthd_libtool.patch + epatch "${FILESDIR}"/${PN}-2.1.25-avoid_pic_overwrite.patch + epatch "${FILESDIR}"/${PN}-2.1.25-autotools_fixes.patch + epatch "${FILESDIR}"/${PN}-2.1.25-as_needed.patch + epatch "${FILESDIR}"/${PN}-2.1.25-missing_header.patch + epatch "${FILESDIR}"/${PN}-2.1.25-fix_heimdal.patch + epatch "${FILESDIR}"/${PN}-2.1.25-auxprop.patch + epatch "${FILESDIR}"/${PN}-2.1.23-gss_c_nt_hostbased_service.patch + epatch "${FILESDIR}"/${PN}-2.1.25-service_keytabs.patch + epatch "${FILESDIR}"/${PN}-2.1.26-missing-size_t.patch + epatch "${FILESDIR}"/${PN}-2.1.26-CVE-2013-4122.patch + epatch "${FILESDIR}"/${PN}-2.1.26-send-imap-logout.patch + epatch "${FILESDIR}"/${PN}-2.1.26-canonuser-ldapdb-garbage-in-out-buffer.patch + epatch "${FILESDIR}"/${PN}-2.1.26-fix_dovecot_authentication.patch + + # Get rid of the -R switch (runpath_switch for Sun) + # >=gcc-4.6 errors out with unknown option + sed -i -e '/LIB_SQLITE.*-R/s/ -R[^"]*//' \ + configure.in || die + + # Use plugindir for sasldir + sed -i '/^sasldir =/s:=.*:= $(plugindir):' \ + "${S}"/plugins/Makefile.{am,in} || die "sed failed" + + # #486740 #468556 + sed -i -e 's:AM_CONFIG_HEADER:AC_CONFIG_HEADERS:g' \ + -e 's:AC_CONFIG_MACRO_DIR:AC_CONFIG_MACRO_DIRS:g' \ + configure.in || die + sed -i -e 's:AC_CONFIG_MACRO_DIR:AC_CONFIG_MACRO_DIRS:g' \ + saslauthd/configure.in || die + + eautoreconf +} + +src_configure() { + append-flags -fno-strict-aliasing + append-cppflags -D_XOPEN_SOURCE -D_XOPEN_SOURCE_EXTENDED -D_BSD_SOURCE -DLDAP_DEPRECATED + + multilib-minimal_src_configure +} + +multilib_src_configure() { + # Java support. + multilib_is_native_abi && use java && export JAVAC="${JAVAC} ${JAVACFLAGS}" + + local myconf=() + + # Add authdaemond support (bug #56523). + if use authdaemond ; then + myconf+=( --with-authdaemond=/var/lib/courier/authdaemon/socket ) + fi + + # Fix for bug #59634. + if ! use ssl ; then + myconf+=( --without-des ) + fi + + if use sqlite || { multilib_is_native_abi && { use mysql || use postgres; }; } ; then + myconf+=( --enable-sql ) + else + myconf+=( --disable-sql ) + fi + + # Default to GDBM if both 'gdbm' and 'berkdb' are present. + if use gdbm ; then + einfo "Building with GNU DB as database backend for your SASLdb" + myconf+=( --with-dblib=gdbm ) + elif use berkdb ; then + einfo "Building with BerkeleyDB as database backend for your SASLdb" + myconf+=( + --with-dblib=berkeley + --with-bdb-incdir="$(db_includedir)" + ) + else + einfo "Building without SASLdb support" + myconf+=( --with-dblib=none ) + fi + + # Use /dev/urandom instead of /dev/random (bug #46038). + if use urandom ; then + myconf+=( --with-devrandom=/dev/urandom ) + fi + + ECONF_SOURCE=${S} \ + econf \ + --enable-login \ + --enable-ntlm \ + --enable-auth-sasldb \ + --disable-cmulocal \ + --disable-krb4 \ + --enable-otp \ + --without-sqlite \ + --with-saslauthd=/run/saslauthd \ + --with-pwcheck=/run/saslauthd \ + --with-configdir=/etc/sasl2 \ + --with-plugindir=/usr/$(get_libdir)/sasl2 \ + --with-dbpath=/etc/sasl2/sasldb2 \ + $(use_with ssl openssl) \ + $(use_with pam) \ + $(use_with openldap ldap) \ + $(use_enable ldapdb) \ + $(multilib_native_use_enable sample) \ + $(use_enable kerberos gssapi) \ + $(multilib_native_use_enable java) \ + $(multilib_native_use_with java javahome ${JAVA_HOME}) \ + $(multilib_native_use_with mysql mysql /usr) \ + $(multilib_native_use_with postgres pgsql) \ + $(use_with sqlite sqlite3 /usr/$(get_libdir)) \ + $(use_enable srp) \ + $(use_enable static-libs static) \ + "${myconf[@]}" +} + +multilib_src_compile() { + emake + + # Default location for java classes breaks OpenOffice (bug #60769). + # Thanks to axxo@gentoo.org for the solution. + if multilib_is_native_abi && use java ; then + jar -cvf ${PN}.jar -C java $(find java -name "*.class") + fi +} + +multilib_src_install() { + default + + if multilib_is_native_abi; then + if use sample ; then + docinto sample + dodoc "${S}"/sample/*.c + exeinto /usr/share/doc/${P}/sample + doexe sample/client sample/server + fi + + # Default location for java classes breaks OpenOffice (bug #60769). + if use java ; then + java-pkg_dojar ${PN}.jar + java-pkg_regso "${D}/usr/$(get_libdir)/libjavasasl.so" + # hackish, don't wanna dig through makefile + rm -Rf "${D}/usr/$(get_libdir)/java" + docinto "java" + dodoc "${S}/java/README" "${FILESDIR}/java.README.gentoo" "${S}"/java/doc/* + dodir "/usr/share/doc/${PF}/java/Test" + insinto "/usr/share/doc/${PF}/java/Test" + doins "${S}"/java/Test/*.java + fi + + dosbin saslauthd/testsaslauthd + fi +} + +multilib_src_install_all() { + keepdir /etc/sasl2 + + dodoc AUTHORS ChangeLog NEWS README doc/TODO doc/*.txt + newdoc pwcheck/README README.pwcheck + dohtml doc/*.html + + docinto "saslauthd" + dodoc saslauthd/{AUTHORS,ChangeLog,LDAP_SASLAUTHD,NEWS,README} + + newpamd "${FILESDIR}/saslauthd.pam-include" saslauthd + + newinitd "${FILESDIR}/pwcheck.rc6" pwcheck + systemd_dounit "${FILESDIR}/pwcheck.service" + + newinitd "${FILESDIR}/saslauthd2.rc7" saslauthd + newconfd "${FILESDIR}/saslauthd-${SASLAUTHD_CONF_VER}.conf" saslauthd + systemd_dounit "${FILESDIR}/saslauthd.service" + systemd_dotmpfilesd "${FILESDIR}/${PN}.conf" + + prune_libtool_files --modules +} + +pkg_postinst () { + # Generate an empty sasldb2 with correct permissions. + if ( use berkdb || use gdbm ) && [[ ! -f "${ROOT}/etc/sasl2/sasldb2" ]] ; then + einfo "Generating an empty sasldb2 with correct permissions ..." + echo "p" | "${ROOT}/usr/sbin/saslpasswd2" -f "${ROOT}/etc/sasl2/sasldb2" -p login \ + || die "Failed to generate sasldb2" + "${ROOT}/usr/sbin/saslpasswd2" -f "${ROOT}/etc/sasl2/sasldb2" -d login \ + || die "Failed to delete temp user" + chown root:mail "${ROOT}/etc/sasl2/sasldb2" \ + || die "Failed to chown ${ROOT}/etc/sasl2/sasldb2" + chmod 0640 "${ROOT}/etc/sasl2/sasldb2" \ + || die "Failed to chmod ${ROOT}/etc/sasl2/sasldb2" + fi + + if use authdaemond ; then + elog "You need to add a user running a service using Courier's" + elog "authdaemon to the 'mail' group. For example, do:" + elog " gpasswd -a postfix mail" + elog "to add the 'postfix' user to the 'mail' group." + fi + + elog "pwcheck and saslauthd home directories have moved to:" + elog " /run/saslauthd, using tmpfiles.d" +} diff --git a/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.23-gss_c_nt_hostbased_service.patch b/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.23-gss_c_nt_hostbased_service.patch new file mode 100644 index 000000000000..9eeab1b42ff9 --- /dev/null +++ b/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.23-gss_c_nt_hostbased_service.patch @@ -0,0 +1,16 @@ +Gentoo bug #389349 +--- cmulocal/sasl2.m4 2009-04-28 17:09:13.000000000 +0200 ++++ cmulocal/sasl2.m4 2011-11-02 17:55:24.000000000 +0100 +@@ -217,7 +217,11 @@ + [AC_WARN([Cybersafe define not found])]) + + elif test "$ac_cv_header_gssapi_h" = "yes"; then +- AC_EGREP_HEADER(GSS_C_NT_HOSTBASED_SERVICE, gssapi.h, ++ AC_EGREP_CPP(hostbased_service_gss_nt_yes, gssapi.h, ++ [#include <gssapi.h> ++ #ifdef GSS_C_NT_HOSTBASED_SERVICE ++ hostbased_service_gss_nt_yes ++ #endif], + [AC_DEFINE(HAVE_GSS_C_NT_HOSTBASED_SERVICE,, + [Define if your GSSAPI implimentation defines GSS_C_NT_HOSTBASED_SERVICE])]) + elif test "$ac_cv_header_gssapi_gssapi_h"; then diff --git a/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.25-as_needed.patch b/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.25-as_needed.patch new file mode 100644 index 000000000000..67b48b4a4993 --- /dev/null +++ b/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.25-as_needed.patch @@ -0,0 +1,27 @@ +Author: Matthias Klose <doko@ubuntu.com> +Desription: Fix FTBFS, add $(SASL_DB_LIB) as dependency to libsasldb, and use +it. +--- a/saslauthd/Makefile.am ++++ b/saslauthd/Makefile.am +@@ -16,7 +16,7 @@ EXTRA_saslauthd_sources = getaddrinfo.c + saslauthd_DEPENDENCIES = saslauthd-main.o @LTLIBOBJS@ + saslauthd_LDADD = @SASL_KRB_LIB@ \ + @GSSAPIBASE_LIBS@ @GSSAPI_LIBS@ @LIB_CRYPT@ @LIB_SIA@ \ +- @LIB_SOCKET@ @SASL_DB_LIB@ @LIB_PAM@ @LDAP_LIBS@ @LTLIBOBJS@ ++ @LIB_SOCKET@ ../sasldb/libsasldb.la @LIB_PAM@ @LDAP_LIBS@ @LTLIBOBJS@ + + testsaslauthd_SOURCES = testsaslauthd.c utils.c + testsaslauthd_LDADD = @LIB_SOCKET@ +--- a/sasldb/Makefile.am ++++ b/sasldb/Makefile.am +@@ -55,8 +55,8 @@ noinst_LIBRARIES = libsasldb.a + + libsasldb_la_SOURCES = allockey.c sasldb.h + EXTRA_libsasldb_la_SOURCES = $(extra_common_sources) +-libsasldb_la_DEPENDENCIES = $(SASL_DB_BACKEND) +-libsasldb_la_LIBADD = $(SASL_DB_BACKEND) ++libsasldb_la_DEPENDENCIES = $(SASL_DB_BACKEND) $(SASL_DB_LIB) ++libsasldb_la_LIBADD = $(SASL_DB_BACKEND) $(SASL_DB_LIB) + + # Prevent make dist stupidity + libsasldb_a_SOURCES = diff --git a/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.25-autotools_fixes.patch b/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.25-autotools_fixes.patch new file mode 100644 index 000000000000..5837921d4f7f --- /dev/null +++ b/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.25-autotools_fixes.patch @@ -0,0 +1,114 @@ +--- a/configure.in ++++ b/configure.in +@@ -44,6 +44,8 @@ dnl + AC_INIT(lib/saslint.h) + AC_PREREQ([2.54]) + ++AC_CONFIG_MACRO_DIR([cmulocal] [config]) ++ + dnl use ./config.cache as the default cache file. + dnl we require a cache file to successfully configure our build. + if test $cache_file = "/dev/null"; then +--- a/Makefile.am ++++ b/Makefile.am +@@ -43,6 +43,8 @@ AUTOMAKE_OPTIONS = 1.7 + # + ################################################################ + ++ACLOCAL_AMFLAGS = -I cmulocal -I config ++ + if SASLAUTHD + SAD = saslauthd + else +--- a/saslauthd/configure.in ++++ b/saslauthd/configure.in +@@ -1,7 +1,8 @@ + AC_INIT(mechanisms.h) + AC_PREREQ([2.54]) + +-AC_CONFIG_AUX_DIR(config) ++AC_CONFIG_MACRO_DIR([../cmulocal] [../config]) ++AC_CONFIG_AUX_DIR([config]) + AC_CANONICAL_HOST + + dnl Should we enable SASLAUTHd at all? +@@ -164,30 +165,30 @@ AC_SUBST(LTLIBOBJS) + + dnl Checks for which function macros exist + AC_MSG_CHECKING(whether $CC implements __func__) +-AC_CACHE_VAL(have_func, ++AC_CACHE_VAL(_cv_have_func, + [AC_TRY_LINK([#include <stdio.h>],[printf("%s", __func__);], +-have_func=yes, +-have_func=no)]) +-AC_MSG_RESULT($have_func) +-if test "$have_func" = yes; then ++_cv_have_func=yes, ++_cv_have_func=no)]) ++AC_MSG_RESULT($_cv_have_func) ++if test "$_cv_have_func" = yes; then + AC_DEFINE(HAVE_FUNC,[],[Does the compiler understand __func__]) + else + AC_MSG_CHECKING(whether $CC implements __PRETTY_FUNCTION__) +- AC_CACHE_VAL(have_pretty_function, ++ AC_CACHE_VAL(_cv_have_pretty_function, + [AC_TRY_LINK([#include <stdio.h>],[printf("%s", __PRETTY_FUNCTION__);], +- have_pretty_function=yes, +- have_pretty_function=no)]) +- AC_MSG_RESULT($have_pretty_function) +- if test "$have_pretty_function" = yes; then ++ _cv_have_pretty_function=yes, ++ _cv_have_pretty_function=no)]) ++ AC_MSG_RESULT($_cv_have_pretty_function) ++ if test "$_cv_have_pretty_function" = yes; then + AC_DEFINE(HAVE_PRETTY_FUNCTION,[],[Does compiler understand __PRETTY_FUNCTION__]) + else + AC_MSG_CHECKING(whether $CC implements __FUNCTION__) +- AC_CACHE_VAL(have_function, ++ AC_CACHE_VAL(_cv_have_function, + [AC_TRY_LINK([#include <stdio.h>],[printf("%s", __FUNCTION__);], +- have_function=yes, +- have_function=no)]) +- AC_MSG_RESULT($have_function) +- if test "$have_function" = yes; then ++ _cv_have_function=yes, ++ _cv_have_function=no)]) ++ AC_MSG_RESULT($_cv_have_function) ++ if test "$_cv_have_function" = yes; then + AC_DEFINE(HAVE_FUNCTION,[],[Does compiler understand __FUNCTION__]) + fi + fi +--- a/saslauthd/Makefile.am ++++ b/saslauthd/Makefile.am +@@ -1,4 +1,6 @@ + AUTOMAKE_OPTIONS = 1.7 ++ACLOCAL_AMFLAGS = -I ../cmulocal -I ../config ++ + sbin_PROGRAMS = saslauthd testsaslauthd + EXTRA_PROGRAMS = saslcache + +--- a/config/kerberos_v4.m4 ++++ b/config/kerberos_v4.m4 +@@ -89,18 +89,18 @@ AC_DEFUN([SASL_KERBEROS_V4_CHK], [ + dnl if we were ambitious, we would look more aggressively for the + dnl krb4 install + if test -d ${krb4}; then +- AC_CACHE_CHECK(for Kerberos includes, cyrus_krbinclude, [ ++ AC_CACHE_CHECK(for Kerberos includes, cyrus_cv_krbinclude, [ + for krbhloc in include/kerberosIV include/kerberos include + do + if test -f ${krb4}/${krbhloc}/krb.h ; then +- cyrus_krbinclude=${krb4}/${krbhloc} ++ cyrus_cv_krbinclude=${krb4}/${krbhloc} + break + fi + done + ]) + +- if test -n "${cyrus_krbinclude}"; then +- CPPFLAGS="$CPPFLAGS -I${cyrus_krbinclude}" ++ if test -n "${cyrus_cv_krbinclude}"; then ++ CPPFLAGS="$CPPFLAGS -I${cyrus_cv_krbinclude}" + fi + LDFLAGS="$LDFLAGS -L$krb4/lib" + fi diff --git a/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.25-auxprop.patch b/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.25-auxprop.patch new file mode 100644 index 000000000000..a9dd1476d2e6 --- /dev/null +++ b/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.25-auxprop.patch @@ -0,0 +1,16 @@ +https://bugzilla.cyrusimap.org/show_bug.cgi?id=3590 +https://bugs.gentoo.org/show_bug.cgi?id=392761 + +--- cyrus-sasl-2.1.25/lib/auxprop.c~ 2011-10-20 17:33:46.423015318 +0200 ++++ cyrus-sasl-2.1.25/lib/auxprop.c 2011-10-20 17:48:49.336348654 +0200 +@@ -971,6 +971,10 @@ + } + + if(!found) { ++ /* compatibility with <= 2.1.23, ignore the lack of auxrop plugin */ ++ if (!plist) ++ result = SASL_OK; ++ else + _sasl_log(sparams->utils->conn, SASL_LOG_DEBUG, + "could not find auxprop plugin, was searching for '%s'", + plist ? plist : "[all]"); diff --git a/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.25-avoid_pic_overwrite.patch b/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.25-avoid_pic_overwrite.patch new file mode 100644 index 000000000000..2e5b1750d00d --- /dev/null +++ b/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.25-avoid_pic_overwrite.patch @@ -0,0 +1,27 @@ +Author: Fabian Fagerholm <fabbe@debian.org> +Description: This patch makes sure the non-PIC version of libsasldb.a, which +is created out of non-PIC objects, is not going to overwrite the PIC version, +which is created out of PIC objects. The PIC version is placed in .libs, and +the non-PIC version in the current directory. This ensures that both non-PIC +and PIC versions are available in the correct locations. +--- a/lib/Makefile.am ++++ b/lib/Makefile.am +@@ -78,7 +78,7 @@ endif + + libsasl2.a: libsasl2.la $(SASL_STATIC_OBJS) + @echo adding static plugins and dependencies +- $(AR) cru .libs/$@ $(SASL_STATIC_OBJS) ++ $(AR) cru $@ $(SASL_STATIC_OBJS) + @for i in ./libsasl2.la ../sasldb/libsasldb.la ../plugins/lib*.la; do \ + if test ! -f $$i; then continue; fi; . $$i; \ + for j in $$dependency_libs foo; do \ +--- a/sasldb/Makefile.am ++++ b/sasldb/Makefile.am +@@ -63,6 +63,6 @@ libsasldb_a_SOURCES = + EXTRA_libsasldb_a_SOURCES = + + libsasldb.a: libsasldb.la $(SASL_DB_BACKEND_STATIC) +- $(AR) cru .libs/$@ $(SASL_DB_BACKEND_STATIC) ++ $(AR) cru $@ $(SASL_DB_BACKEND_STATIC) + + diff --git a/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.25-fix_heimdal.patch b/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.25-fix_heimdal.patch new file mode 100644 index 000000000000..abf0df2568c6 --- /dev/null +++ b/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.25-fix_heimdal.patch @@ -0,0 +1,27 @@ +Fix compiling against heimdal + +--- sample/server.c 2010-12-01 14:52:55.000000000 +0000 ++++ sample/server.c 2011-11-30 14:54:42.000000000 +0000 +@@ -85,8 +85,10 @@ + + #ifdef HAVE_GSS_GET_NAME_ATTRIBUTE + #include <gssapi/gssapi.h> ++#ifndef KRB5_HEIMDAL + #include <gssapi/gssapi_ext.h> + #endif ++#endif + + #include "common.h" + +--- plugins/gssapi.c 2011-05-11 19:25:55.000000000 +0000 ++++ plugins/gssapi.c 2011-11-30 14:54:33.000000000 +0000 +@@ -50,6 +50,9 @@ + #else + #include <gssapi/gssapi.h> + #endif ++#ifdef KRB5_HEIMDAL ++#include <gssapi/gssapi_krb5.h> ++#endif + + #ifdef WIN32 + # include <winsock2.h> diff --git a/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.25-missing_header.patch b/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.25-missing_header.patch new file mode 100644 index 000000000000..597d45a76795 --- /dev/null +++ b/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.25-missing_header.patch @@ -0,0 +1,10 @@ +--- pwcheck/pwcheck_getspnam.c 1999-08-26 19:22:44.000000000 +0300 ++++ pwcheck/pwcheck_getspnam.c 2011-11-30 13:22:24.601023316 +0200 +@@ -24,6 +24,7 @@ + ******************************************************************/ + + #include <shadow.h> ++#include <string.h> + + extern char *crypt(); + diff --git a/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.25-saslauthd_libtool.patch b/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.25-saslauthd_libtool.patch new file mode 100644 index 000000000000..da1a49f1dd66 --- /dev/null +++ b/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.25-saslauthd_libtool.patch @@ -0,0 +1,12 @@ +Author: Fabian Fagerholm <fabbe@debian.org> +Description: Enable libtool use. +--- a/saslauthd/configure.in ++++ b/saslauthd/configure.in +@@ -25,6 +25,7 @@ AC_PROG_AWK + AC_PROG_MAKE_SET + AC_PROG_LN_S + AC_PROG_INSTALL ++AC_PROG_LIBTOOL + + dnl Checks for build foo + CMU_C___ATTRIBUTE__ diff --git a/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.25-sasldb_al.patch b/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.25-sasldb_al.patch new file mode 100644 index 000000000000..8eff5a8bdd12 --- /dev/null +++ b/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.25-sasldb_al.patch @@ -0,0 +1,14 @@ +Author: Fabian Fagerholm <fabbe@debian.org> +Description: Fix linking with libsasldb.a when saslauthd is built with sasldb +support. +--- a/saslauthd/configure.in ++++ b/saslauthd/configure.in +@@ -77,7 +77,7 @@ if test "$authsasldb" != no; then + AC_DEFINE(AUTH_SASLDB,[],[Include SASLdb Support]) + SASL_DB_PATH_CHECK() + SASL_DB_CHECK() +- SASL_DB_LIB="$SASL_DB_LIB ../sasldb/.libs/libsasldb.al" ++ SASL_DB_LIB="$SASL_DB_LIB ../sasldb/.libs/libsasldb.a" + fi + + AC_ARG_ENABLE(httpform, [ --enable-httpform enable HTTP form authentication [[no]] ], diff --git a/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.25-service_keytabs.patch b/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.25-service_keytabs.patch new file mode 100644 index 000000000000..117e8eb88802 --- /dev/null +++ b/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.25-service_keytabs.patch @@ -0,0 +1,27 @@ +Bug #445932 +--- cmulocal/sasl2.m4 2011-09-02 12:58:00.000000000 +0000 ++++ cmulocal/sasl2.m4 2012-12-05 08:37:16.425811319 +0000 +@@ -268,7 +268,11 @@ + + cmu_save_LIBS="$LIBS" + LIBS="$LIBS $GSSAPIBASE_LIBS" +- AC_CHECK_FUNCS(gsskrb5_register_acceptor_identity) ++ AC_CHECK_FUNCS([gsskrb5_register_acceptor_identity], [], ++ [AC_CHECK_FUNCS([krb5_gss_register_acceptor_identity], ++ [AC_CHECK_HEADERS([gssapi/gssapi_krb5.h], ++ [AC_DEFINE([HAVE_GSSKRB5_REGISTER_ACCEPTOR_IDENTITY], [1])] ++ )])]) + AC_CHECK_FUNCS(gss_decapsulate_token) + AC_CHECK_FUNCS(gss_encapsulate_token) + AC_CHECK_FUNCS(gss_oid_equal) +--- plugins/gssapi.c 2012-12-05 09:03:31.000220161 +0000 ++++ plugins/gssapi.c 2012-12-05 09:01:55.043380204 +0000 +@@ -50,7 +50,7 @@ + #else + #include <gssapi/gssapi.h> + #endif +-#ifdef KRB5_HEIMDAL ++#if defined (KRB5_HEIMDAL) || defined (HAVE_GSSAPI_GSSAPI_KRB5_H) + #include <gssapi/gssapi_krb5.h> + #endif + diff --git a/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.26-CVE-2013-4122.patch b/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.26-CVE-2013-4122.patch new file mode 100644 index 000000000000..09c9ce86c9ac --- /dev/null +++ b/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.26-CVE-2013-4122.patch @@ -0,0 +1,116 @@ +From dedad73e5e7a75d01a5f3d5a6702ab8ccd2ff40d Mon Sep 17 00:00:00 2001 +From: mancha <mancha1@hush.com> +Date: Thu, 11 Jul 2013 09:08:07 +0000 +Subject: Handle NULL returns from glibc 2.17+ crypt() + +Starting with glibc 2.17 (eglibc 2.17), crypt() fails with EINVAL +(w/ NULL return) if the salt violates specifications. Additionally, +on FIPS-140 enabled Linux systems, DES/MD5-encrypted passwords +passed to crypt() fail with EPERM (w/ NULL return). + +When using glibc's crypt(), check return value to avoid a possible +NULL pointer dereference. + +Patch by mancha1@hush.com. +--- +diff --git a/pwcheck/pwcheck_getpwnam.c b/pwcheck/pwcheck_getpwnam.c +index 4b34222..400289c 100644 +--- a/pwcheck/pwcheck_getpwnam.c ++++ b/pwcheck/pwcheck_getpwnam.c +@@ -32,6 +32,7 @@ char *userid; + char *password; + { + char* r; ++ char* crpt_passwd; + struct passwd *pwd; + + pwd = getpwnam(userid); +@@ -41,7 +42,7 @@ char *password; + else if (pwd->pw_passwd[0] == '*') { + r = "Account disabled"; + } +- else if (strcmp(pwd->pw_passwd, crypt(password, pwd->pw_passwd)) != 0) { ++ else if (!(crpt_passwd = crypt(password, pwd->pw_passwd)) || strcmp(pwd->pw_passwd, (const char *)crpt_passwd) != 0) { + r = "Incorrect password"; + } + else { +diff --git a/pwcheck/pwcheck_getspnam.c b/pwcheck/pwcheck_getspnam.c +index 2b11286..6d607bb 100644 +--- a/pwcheck/pwcheck_getspnam.c ++++ b/pwcheck/pwcheck_getspnam.c +@@ -32,13 +32,15 @@ char *userid; + char *password; + { + struct spwd *pwd; ++ char *crpt_passwd; + + pwd = getspnam(userid); + if (!pwd) { + return "Userid not found"; + } + +- if (strcmp(pwd->sp_pwdp, crypt(password, pwd->sp_pwdp)) != 0) { ++ crpt_passwd = crypt(password, pwd->sp_pwdp); ++ if (!crpt_passwd || strcmp(pwd->sp_pwdp, (const char *)crpt_passwd) != 0) { + return "Incorrect password"; + } + else { +diff --git a/saslauthd/auth_getpwent.c b/saslauthd/auth_getpwent.c +index fc8029d..d4ebe54 100644 +--- a/saslauthd/auth_getpwent.c ++++ b/saslauthd/auth_getpwent.c +@@ -77,6 +77,7 @@ auth_getpwent ( + { + /* VARIABLES */ + struct passwd *pw; /* pointer to passwd file entry */ ++ char *crpt_passwd; /* encrypted password */ + int errnum; + /* END VARIABLES */ + +@@ -105,7 +106,8 @@ auth_getpwent ( + } + } + +- if (strcmp(pw->pw_passwd, (const char *)crypt(password, pw->pw_passwd))) { ++ crpt_passwd = crypt(password, pw->pw_passwd); ++ if (!crpt_passwd || strcmp(pw->pw_passwd, (const char *)crpt_passwd)) { + if (flags & VERBOSE) { + syslog(LOG_DEBUG, "DEBUG: auth_getpwent: %s: invalid password", login); + } +diff --git a/saslauthd/auth_shadow.c b/saslauthd/auth_shadow.c +index 677131b..1988afd 100644 +--- a/saslauthd/auth_shadow.c ++++ b/saslauthd/auth_shadow.c +@@ -210,8 +210,8 @@ auth_shadow ( + RETURN("NO Insufficient permission to access NIS authentication database (saslauthd)"); + } + +- cpw = strdup((const char *)crypt(password, sp->sp_pwdp)); +- if (strcmp(sp->sp_pwdp, cpw)) { ++ cpw = crypt(password, sp->sp_pwdp); ++ if (!cpw || strcmp(sp->sp_pwdp, (const char *)cpw)) { + if (flags & VERBOSE) { + /* + * This _should_ reveal the SHADOW_PW_LOCKED prefix to an +@@ -221,10 +221,8 @@ auth_shadow ( + syslog(LOG_DEBUG, "DEBUG: auth_shadow: pw mismatch: '%s' != '%s'", + sp->sp_pwdp, cpw); + } +- free(cpw); + RETURN("NO Incorrect password"); + } +- free(cpw); + + /* + * The following fields will be set to -1 if: +@@ -286,7 +284,7 @@ auth_shadow ( + RETURN("NO Invalid username"); + } + +- if (strcmp(upw->upw_passwd, crypt(password, upw->upw_passwd)) != 0) { ++ if (!(cpw = crypt(password, upw->upw_passwd)) || (strcmp(upw->upw_passwd, (const char *)cpw) != 0)) { + if (flags & VERBOSE) { + syslog(LOG_DEBUG, "auth_shadow: pw mismatch: %s != %s", + password, upw->upw_passwd); +-- +cgit v0.9.0.2 diff --git a/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.26-canonuser-ldapdb-garbage-in-out-buffer.patch b/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.26-canonuser-ldapdb-garbage-in-out-buffer.patch new file mode 100644 index 000000000000..af382181e046 --- /dev/null +++ b/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.26-canonuser-ldapdb-garbage-in-out-buffer.patch @@ -0,0 +1,10 @@ +--- cyrus-sasl2.orig/plugins/ldapdb.c ++++ cyrus-sasl2/plugins/ldapdb.c +@@ -406,6 +406,7 @@ ldapdb_canon_server(void *glob_context, + if ( len > out_max ) + len = out_max; + memcpy(out, bvals[0]->bv_val, len); ++ out[len] = '\0'; + *out_ulen = len; + ber_bvecfree(bvals); + } diff --git a/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.26-fix_dovecot_authentication.patch b/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.26-fix_dovecot_authentication.patch new file mode 100644 index 000000000000..46bbdd1ca1a0 --- /dev/null +++ b/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.26-fix_dovecot_authentication.patch @@ -0,0 +1,90 @@ +Bug #510320 +--- saslauthd/auth_rimap.c 2012-10-12 14:05:48.000000000 +0000 ++++ saslauthd/auth_rimap.c 2014-05-15 05:23:02.000000000 +0000 +@@ -371,7 +371,7 @@ + if ( rc>0 ) { + /* check if there is more to read */ + fd_set perm; +- int fds, ret; ++ int fds, ret, loopc; + struct timeval timeout; + + FD_ZERO(&perm); +@@ -380,6 +380,7 @@ + + timeout.tv_sec = 1; + timeout.tv_usec = 0; ++ loopc = 0; + while( select (fds, &perm, NULL, NULL, &timeout ) >0 ) { + if ( FD_ISSET(s, &perm) ) { + ret = read(s, rbuf+rc, sizeof(rbuf)-rc); +@@ -387,6 +388,14 @@ + rc = ret; + break; + } else { ++ if (ret == 0) { ++ loopc += 1; ++ } else { ++ loopc = 0; ++ } ++ if (loopc > sizeof(rbuf)) { // arbitrary chosen value ++ break; ++ } + rc += ret; + } + } +@@ -484,7 +493,7 @@ + if ( rc>0 ) { + /* check if there is more to read */ + fd_set perm; +- int fds, ret; ++ int fds, ret, loopc; + struct timeval timeout; + + FD_ZERO(&perm); +@@ -493,6 +502,7 @@ + + timeout.tv_sec = 1; + timeout.tv_usec = 0; ++ loopc = 0; + while( select (fds, &perm, NULL, NULL, &timeout ) >0 ) { + if ( FD_ISSET(s, &perm) ) { + ret = read(s, rbuf+rc, sizeof(rbuf)-rc); +@@ -500,6 +510,14 @@ + rc = ret; + break; + } else { ++ if (ret == 0) { ++ loopc += 1; ++ } else { ++ loopc = 0; ++ } ++ if (loopc > sizeof(rbuf)) { // arbitrary chosen value ++ break; ++ } + rc += ret; + } + } +--- lib/checkpw.c 2012-01-27 23:31:36.000000000 +0000 ++++ lib/checkpw.c 2014-05-15 05:19:35.000000000 +0000 +@@ -587,16 +587,14 @@ + /* Timeout. */ + errno = ETIMEDOUT; + return -1; +- case +1: +- if (FD_ISSET(fd, &rfds)) { +- /* Success, file descriptor is readable. */ +- return 0; +- } +- return -1; + case -1: + if (errno == EINTR || errno == EAGAIN) + continue; + default: ++ if (FD_ISSET(fd, &rfds)) { ++ /* Success, file descriptor is readable. */ ++ return 0; ++ } + /* Error catch-all. */ + return -1; + } diff --git a/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.26-missing-size_t.patch b/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.26-missing-size_t.patch new file mode 100644 index 000000000000..42f20fb8096b --- /dev/null +++ b/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.26-missing-size_t.patch @@ -0,0 +1,13 @@ +Gentoo bug #458790 +--- include/sasl.h 2012-10-12 17:05:48.000000000 +0300 ++++ include/sasl.h 2013-02-23 16:56:44.648786268 +0200 +@@ -121,6 +121,9 @@ + #ifndef SASL_H + #define SASL_H 1 + ++/* stddef.h to get size_t defined */ ++#include <stddef.h> ++ + /* Keep in sync with win32/common.mak */ + #define SASL_VERSION_MAJOR 2 + #define SASL_VERSION_MINOR 1 diff --git a/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.26-send-imap-logout.patch b/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.26-send-imap-logout.patch new file mode 100644 index 000000000000..d8b4b6efc3f8 --- /dev/null +++ b/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.26-send-imap-logout.patch @@ -0,0 +1,48 @@ +--- cyrus-sasl2.orig/saslauthd/auth_rimap.c ++++ cyrus-sasl2/saslauthd/auth_rimap.c +@@ -90,6 +90,7 @@ static struct addrinfo *ai = NULL; /* re + service we connect to. */ + #define TAG "saslauthd" /* IMAP command tag */ + #define LOGIN_CMD (TAG " LOGIN ") /* IMAP login command (with tag) */ ++#define LOGOUT_CMD (TAG " LOGOUT ") /* IMAP logout command (with tag)*/ + #define NETWORK_IO_TIMEOUT 30 /* network I/O timeout (seconds) */ + #define RESP_LEN 1000 /* size of read response buffer */ + +@@ -307,10 +308,12 @@ auth_rimap ( + int s=-1; /* socket to remote auth host */ + struct addrinfo *r; /* remote socket address info */ + struct iovec iov[5]; /* for sending LOGIN command */ ++ struct iovec iov2[2]; /* for sending LOGOUT command */ + char *qlogin; /* pointer to "quoted" login */ + char *qpass; /* pointer to "quoted" password */ + char *c; /* scratch pointer */ + int rc; /* return code scratch area */ ++ int rcl; /* return code scratch area */ + char rbuf[RESP_LEN]; /* response read buffer */ + char hbuf[NI_MAXHOST], pbuf[NI_MAXSERV]; + int saved_errno; +@@ -505,6 +508,24 @@ auth_rimap ( + } + } + } ++ ++ /* close remote imap */ ++ iov2[0].iov_base = LOGOUT_CMD; ++ iov2[0].iov_len = sizeof(LOGOUT_CMD) - 1; ++ iov2[1].iov_base = "\r\n"; ++ iov2[1].iov_len = sizeof("\r\n") - 1; ++ ++ if (flags & VERBOSE) { ++ syslog(LOG_DEBUG, "auth_rimap: sending %s%s %s", ++ LOGOUT_CMD, qlogin, qpass); ++ } ++ alarm(NETWORK_IO_TIMEOUT); ++ rcl = retry_writev(s, iov2, 2); ++ alarm(0); ++ if (rcl == -1) { ++ syslog(LOG_WARNING, "auth_rimap: writev logout: %m"); ++ } ++ + (void) close(s); /* we're done with the remote */ + if (rc == -1) { + syslog(LOG_WARNING, "auth_rimap: read (response): %m"); diff --git a/dev-libs/cyrus-sasl/files/cyrus-sasl.conf b/dev-libs/cyrus-sasl/files/cyrus-sasl.conf new file mode 100644 index 000000000000..d4809f73c8e9 --- /dev/null +++ b/dev-libs/cyrus-sasl/files/cyrus-sasl.conf @@ -0,0 +1 @@ +d /run/saslauthd 0755 root root - diff --git a/dev-libs/cyrus-sasl/files/java.README.gentoo b/dev-libs/cyrus-sasl/files/java.README.gentoo new file mode 100644 index 000000000000..fb73204ecab1 --- /dev/null +++ b/dev-libs/cyrus-sasl/files/java.README.gentoo @@ -0,0 +1,39 @@ +4-Nov-2000 + +Note: this file has been modified to adapt to Gentoo specific. + +class files are installed in + +`java-config -p cyrus-sasl-2` + +to compile programs using it, do: + +javac -classpath $JAVA_HOME/lib/tools.jar:`java-config -p cyrus-sasl-2` <file>.java + +(make sure to substitute your JDK for $JAVA_HOME/lib/tools.jar) + +to run, do + +java -classpath <same path as above> <YourProgram> + +---------------------------- +This is a java version of the SASL libraries. It supports all the +mechanisms in the C version and conforms to the internet draft in the +doc/ directory. JNI is used. + +Sample applications exist in the Test/ directory. + +They generally can be run with something like: + +java -debug -classpath +../:$JAVA_HOME/lib/tools.jar:`java-config -p cyrus-sasl-2`:. jimtest -p 2143 -m +KERBEROS_V4 cyrus-dev + +and + +java -debug -classpath +../:$JAVA_HOME/lib/tools.jar:`java-config -p cyrus-sasl-2`:. testserver + + +Any feedback is welcome. + diff --git a/dev-libs/cyrus-sasl/files/pwcheck.rc6 b/dev-libs/cyrus-sasl/files/pwcheck.rc6 new file mode 100644 index 000000000000..7b43c4ea154b --- /dev/null +++ b/dev-libs/cyrus-sasl/files/pwcheck.rc6 @@ -0,0 +1,20 @@ +#!/sbin/openrc-run +# Copyright 1999-2011 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +depend() { + need localmount + use logger +} + +start() { + ebegin "Starting sasl pwcheck daemon" + start-stop-daemon --start --quiet --exec /usr/sbin/pwcheck + eend $? +} + +stop() { + ebegin "Stopping sasl pwcheck daemon" + start-stop-daemon --stop --quiet --exec /usr/sbin/pwcheck + eend $? +} diff --git a/dev-libs/cyrus-sasl/files/pwcheck.service b/dev-libs/cyrus-sasl/files/pwcheck.service new file mode 100644 index 000000000000..74ff4859abf7 --- /dev/null +++ b/dev-libs/cyrus-sasl/files/pwcheck.service @@ -0,0 +1,9 @@ +[Unit] +Description=SASL pwcheck daemon + +[Service] +Type=forking +ExecStart=/usr/sbin/pwcheck + +[Install] +WantedBy=multi-user.target diff --git a/dev-libs/cyrus-sasl/files/saslauthd-2.1.26.conf b/dev-libs/cyrus-sasl/files/saslauthd-2.1.26.conf new file mode 100644 index 000000000000..dd487b0edaf1 --- /dev/null +++ b/dev-libs/cyrus-sasl/files/saslauthd-2.1.26.conf @@ -0,0 +1,19 @@ +# Config file for /etc/init.d/saslauthd and systemd unit + +# PLEASE READ THIS IF YOU ARE USING SYSTEMD +# Please note that systemd does not expand shell variables +# thus, something like FOO="${FOO} bar" won't work. + +# Specify the authentications mechanism. +# **NOTE** For a list see: saslauthd -v +# Since 2.1.19, add "-r" to options for old behavior, +# ie. reassemble user and realm to user@realm form. +# +# Specify the hostname for remote IMAP server using: +# "-O localhost". +# Specify the number of worker processes to create using: +# "-n <N>". +# Enable credential cache, set cache size and timeout using: +# "-c -s <cache size, like 128> -t <timeout seconds>". +# +SASLAUTHD_OPTS="-a pam" diff --git a/dev-libs/cyrus-sasl/files/saslauthd.pam-include b/dev-libs/cyrus-sasl/files/saslauthd.pam-include new file mode 100644 index 000000000000..d50a84946a78 --- /dev/null +++ b/dev-libs/cyrus-sasl/files/saslauthd.pam-include @@ -0,0 +1,8 @@ +#%PAM-1.0 + +auth required pam_nologin.so +auth include system-auth + +account include system-auth + +session include system-auth diff --git a/dev-libs/cyrus-sasl/files/saslauthd.service b/dev-libs/cyrus-sasl/files/saslauthd.service new file mode 100644 index 000000000000..1609a651e4e0 --- /dev/null +++ b/dev-libs/cyrus-sasl/files/saslauthd.service @@ -0,0 +1,13 @@ +[Unit] +Description=SASL Authentication Daemon + +[Service] +Type=forking +PIDFile=/run/saslauthd/saslauthd.pid +EnvironmentFile=/etc/conf.d/saslauthd +ExecStart=/usr/sbin/saslauthd $SASLAUTHD_OPTS +ExecStop=/bin/kill -15 $MAINPID +PrivateTmp=true + +[Install] +WantedBy=multi-user.target diff --git a/dev-libs/cyrus-sasl/files/saslauthd2.rc7 b/dev-libs/cyrus-sasl/files/saslauthd2.rc7 new file mode 100644 index 000000000000..0abeaf6f5702 --- /dev/null +++ b/dev-libs/cyrus-sasl/files/saslauthd2.rc7 @@ -0,0 +1,20 @@ +#!/sbin/openrc-run +# Copyright 1999-2013 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +depend() { + need net +} + +start() { + ebegin "Starting saslauthd" + start-stop-daemon --start --quiet --exec /usr/sbin/saslauthd \ + -- ${SASLAUTHD_OPTS} + eend $? +} + +stop() { + ebegin "Stopping saslauthd" + start-stop-daemon --stop --quiet --pidfile /run/saslauthd/saslauthd.pid + eend $? +} diff --git a/dev-libs/cyrus-sasl/metadata.xml b/dev-libs/cyrus-sasl/metadata.xml new file mode 100644 index 000000000000..d50ec8da4624 --- /dev/null +++ b/dev-libs/cyrus-sasl/metadata.xml @@ -0,0 +1,18 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> +<maintainer type="project"> + <email>net-mail@gentoo.org</email> + <name>Net-Mail</name> +</maintainer> +<use> + <flag name="authdaemond">Add Courier-IMAP authdaemond unix socket + support (<pkg>net-mail/courier-imap</pkg>, <pkg>mail-mta/courier</pkg>) + </flag> + <flag name="openldap">Add ldap support for saslauthd</flag> + <flag name="ldapdb">Enable ldapdb plugin</flag> + <flag name="sample">Enable sample client and server</flag> + <flag name="srp">Enable SRP authentication</flag> + <flag name="urandom">Use /dev/urandom instead of /dev/random</flag> +</use> +</pkgmetadata> |