# HG changeset patch # User Michael Schloh von Bennewitz # Date 1346172745 -7200 # Node ID 9d79786fbc64d23d3fc162957cb89cdae55f4f6d # Parent 240aa8fdd53864fc3bdd82e48c85ce652d839149 Remove sources as recent upstream resynchronization makes maintenance redundant. diff -r 240aa8fdd538 -r 9d79786fbc64 sasl/fsl.sasl --- a/sasl/fsl.sasl Tue Aug 28 18:52:20 2012 +0200 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,16 +0,0 @@ -## -## fsl.sasl -- OSSP fsl configuration -## - -ident (saslauthd)/.+ q{ - prefix( - prefix="%b %d %H:%M:%S %N <%L> $1[%P]: " - ) - -> { - debug: file( - path="@l_prefix@/var/sasl/log/saslauthd.log", - perm=0600 - ) - } -}; - diff -r 240aa8fdd538 -r 9d79786fbc64 sasl/rc.sasl --- a/sasl/rc.sasl Tue Aug 28 18:52:20 2012 +0200 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,60 +0,0 @@ -#!@l_prefix@/bin/openpkg rc -## -## rc.sasl -- Run-Commands -## - -%config - sasl_enable="$openpkg_rc_def" - sasl_flags="" - sasl_authmech="@l_authmech@" - sasl_threads="4" - sasl_log_prolog="true" - sasl_log_epilog="true" - sasl_log_numfiles="10" - sasl_log_minsize="1M" - sasl_log_complevel="9" - -%common - sasl_pidfile="@l_prefix@/var/sasl/run/saslauthd/saslauthd.pid" - sasl_signal () { - [ -f $sasl_pidfile ] && kill -$1 `cat $sasl_pidfile` - } - -%status -u @l_susr@ -o - sasl_usable="unknown" - sasl_active="no" - rcService sasl enable yes && \ - sasl_signal 0 && sasl_active="yes" - echo "sasl_enable=\"$sasl_enable\"" - echo "sasl_usable=\"$sasl_usable\"" - echo "sasl_active=\"$sasl_active\"" - -%start -p 400 -u @l_susr@ - rcService sasl enable yes || exit 0 - rcService sasl active yes && exit 0 - @l_prefix@/sbin/saslauthd \ - -a "${sasl_authmech}" \ - -n "${sasl_threads}" \ - ${sasl_flags} - -%stop -p 600 -u @l_susr@ - rcService sasl enable yes || exit 0 - rcService sasl active no && exit 0 - sasl_signal TERM - -%restart -u @l_susr@ - rcService sasl enable yes || exit 0 - rcService sasl active no && exit 0 - rc sasl stop - sleep 2 - rc sasl start - -%daily -u @l_susr@ - rcService sasl enable yes || exit 0 - shtool rotate -f \ - -n ${sasl_log_numfiles} -s ${sasl_log_minsize} -d \ - -z ${sasl_log_complevel} -o @l_susr@ -g @l_sgrp@ -m 600 \ - -P "${sasl_log_prolog}" \ - -E "${sasl_log_epilog}; rc sasl restart" \ - @l_prefix@/var/sasl/log/saslauthd.log - diff -r 240aa8fdd538 -r 9d79786fbc64 sasl/sasl.patch --- a/sasl/sasl.patch Tue Aug 28 18:52:20 2012 +0200 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,600 +0,0 @@ -Index: configure ---- configure.orig 2006-05-18 21:30:13 +0200 -+++ configure 2008-12-25 18:48:51 +0100 -@@ -3944,9 +3944,6 @@ - - fi - --if test "$ac_cv_c_compiler_gnu" = yes; then -- CFLAGS="-Wall -W ${CFLAGS}" --fi - - - # Check whether --with-purecov or --without-purecov was given. -@@ -5125,7 +5122,7 @@ - fi - - saved_LIBS=$LIBS -- for dbname in db-4.4 db4.4 db44 db-4.3 db4.3 db43 db-4.2 db4.2 db42 db-4.1 db4.1 db41 db-4.0 db4.0 db-4 db40 db4 db-3.3 db3.3 db33 db-3.2 db3.2 db32 db-3.1 db3.1 db31 db-3 db30 db3 db -+ for dbname in db - do - LIBS="$saved_LIBS -l$dbname" - cat >conftest.$ac_ext <<_ACEOF -@@ -5205,6 +5202,54 @@ - fi - rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext - fi -+ if test "$dblib" = "no"; then -+ cat >conftest.$ac_ext <<_ACEOF -+/* confdefs.h. */ -+_ACEOF -+cat confdefs.h >>conftest.$ac_ext -+cat >>conftest.$ac_ext <<_ACEOF -+/* end confdefs.h. */ -+#include -+int -+main () -+{ -+dbm_open(NULL, 0, 0, 0, NULL, NULL, NULL); -+ ; -+ return 0; -+} -+_ACEOF -+rm -f conftest.$ac_objext conftest$ac_exeext -+if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 -+ (eval $ac_link) 2>conftest.er1 -+ ac_status=$? -+ grep -v '^ *+' conftest.er1 >conftest.err -+ rm -f conftest.er1 -+ cat conftest.err >&5 -+ echo "$as_me:$LINENO: \$? = $ac_status" >&5 -+ (exit $ac_status); } && -+ { ac_try='test -z "$ac_c_werror_flag" -+ || test ! -s conftest.err' -+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 -+ (eval $ac_try) 2>&5 -+ ac_status=$? -+ echo "$as_me:$LINENO: \$? = $ac_status" >&5 -+ (exit $ac_status); }; } && -+ { ac_try='test -s conftest$ac_exeext' -+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 -+ (eval $ac_try) 2>&5 -+ ac_status=$? -+ echo "$as_me:$LINENO: \$? = $ac_status" >&5 -+ (exit $ac_status); }; }; then -+ BDB_LIBADD="$BDB_LIBADD -ldb"; dblib="berkeley"; dbname=db -+else -+ echo "$as_me: failed program was:" >&5 -+sed 's/^/| /' conftest.$ac_ext >&5 -+ -+dblib="no" -+fi -+rm -f conftest.err conftest.$ac_objext \ -+ conftest$ac_exeext conftest.$ac_ext -+ fi - LIBS=$saved_LIBS - - LDFLAGS=$BDB_SAVE_LDFLAGS -@@ -5882,7 +5927,7 @@ - fi - - saved_LIBS=$LIBS -- for dbname in db-4.4 db4.4 db44 db-4.3 db4.3 db43 db-4.2 db4.2 db42 db-4.1 db4.1 db41 db-4.0 db4.0 db-4 db40 db4 db-3.3 db3.3 db33 db-3.2 db3.2 db32 db-3.1 db3.1 db31 db-3 db30 db3 db -+ for dbname in db - do - LIBS="$saved_LIBS -l$dbname" - cat >conftest.$ac_ext <<_ACEOF -@@ -5962,6 +6007,54 @@ - fi - rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext - fi -+ if test "$dblib" = "no"; then -+ cat >conftest.$ac_ext <<_ACEOF -+/* confdefs.h. */ -+_ACEOF -+cat confdefs.h >>conftest.$ac_ext -+cat >>conftest.$ac_ext <<_ACEOF -+/* end confdefs.h. */ -+#include -+int -+main () -+{ -+dbm_open(NULL, 0, 0, 0, NULL, NULL, NULL); -+ ; -+ return 0; -+} -+_ACEOF -+rm -f conftest.$ac_objext conftest$ac_exeext -+if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 -+ (eval $ac_link) 2>conftest.er1 -+ ac_status=$? -+ grep -v '^ *+' conftest.er1 >conftest.err -+ rm -f conftest.er1 -+ cat conftest.err >&5 -+ echo "$as_me:$LINENO: \$? = $ac_status" >&5 -+ (exit $ac_status); } && -+ { ac_try='test -z "$ac_c_werror_flag" -+ || test ! -s conftest.err' -+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 -+ (eval $ac_try) 2>&5 -+ ac_status=$? -+ echo "$as_me:$LINENO: \$? = $ac_status" >&5 -+ (exit $ac_status); }; } && -+ { ac_try='test -s conftest$ac_exeext' -+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 -+ (eval $ac_try) 2>&5 -+ ac_status=$? -+ echo "$as_me:$LINENO: \$? = $ac_status" >&5 -+ (exit $ac_status); }; }; then -+ BDB_LIBADD="$BDB_LIBADD -ldb"; dblib="berkeley"; dbname=db -+else -+ echo "$as_me: failed program was:" >&5 -+sed 's/^/| /' conftest.$ac_ext >&5 -+ -+dblib="no" -+fi -+rm -f conftest.err conftest.$ac_objext \ -+ conftest$ac_exeext conftest.$ac_ext -+ fi - LIBS=$saved_LIBS - - LDFLAGS=$BDB_SAVE_LDFLAGS -@@ -12005,20 +12098,20 @@ - fi - - LIB_SQLITE_DIR=$LIB_SQLITE -- LIB_SQLITE="$LIB_SQLITE -lsqlite" -+ LIB_SQLITE="$LIB_SQLITE -lsqlite3" - - if test -d ${with_sqlite}/include; then - CPPFLAGS="${CPPFLAGS} -I${with_sqlite}/include" - else - CPPFLAGS="${CPPFLAGS} -I${with_sqlite}" - fi -- echo "$as_me:$LINENO: checking for sqlite_open in -lsqlite" >&5 --echo $ECHO_N "checking for sqlite_open in -lsqlite... $ECHO_C" >&6 -+ echo "$as_me:$LINENO: checking for sqlite3_open in -lsqlite3" >&5 -+echo $ECHO_N "checking for sqlite3_open in -lsqlite3... $ECHO_C" >&6 - if test "${ac_cv_lib_sqlite_sqlite_open+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 - else - ac_check_lib_save_LIBS=$LIBS --LIBS="-lsqlite $LIB_SQLITE_DIR $LIBS" -+LIBS="-lsqlite3 $LIB_SQLITE_DIR $LIBS" - cat >conftest.$ac_ext <<_ACEOF - #line $LINENO "configure" - /* confdefs.h. */ -@@ -12033,11 +12126,11 @@ - #endif - /* We use char because int might match the return type of a gcc2 - builtin and then its argument prototype would still apply. */ --char sqlite_open (); -+char sqlite3_open (); - int - main () - { --sqlite_open (); -+sqlite3_open (); - ; - return 0; - } -Index: lib/saslint.h ---- lib/saslint.h.orig 2006-04-18 22:25:45 +0200 -+++ lib/saslint.h 2008-12-25 18:48:51 +0100 -@@ -109,8 +109,6 @@ - const char *appname; - } sasl_global_callbacks_t; - --extern sasl_global_callbacks_t global_callbacks; -- - typedef struct _sasl_external_properties - { - sasl_ssf_t ssf; -Index: lib/server.c ---- lib/server.c.orig 2006-05-17 18:46:13 +0200 -+++ lib/server.c 2008-12-25 18:48:51 +0100 -@@ -95,7 +95,7 @@ - - static mech_list_t *mechlist = NULL; /* global var which holds the list */ - --sasl_global_callbacks_t global_callbacks; -+static sasl_global_callbacks_t global_callbacks; - - /* set the password for a user - * conn -- SASL connection -@@ -477,16 +477,8 @@ - return SASL_CONTINUE; - } - -- /* get the path to the config file */ -- getconfpath_cb = _sasl_find_getconfpath_callback( global_callbacks.callbacks ); -- if (getconfpath_cb == NULL) return SASL_BADPARAM; -- -- /* getconfpath_cb->proc MUST be a sasl_getconfpath_t; if only C had a type -- system */ -- result = ((sasl_getconfpath_t *)(getconfpath_cb->proc))(getconfpath_cb->context, -- &path_to_config); -- if (result != SASL_OK) goto done; -- if (path_to_config == NULL) path_to_config = ""; -+ result = SASL_OK; -+ path_to_config = "@l_sysconfdir@"; - - next = path_to_config; - -Index: plugins/sql.c ---- plugins/sql.c.orig 2006-04-07 15:42:16 +0200 -+++ plugins/sql.c 2008-12-25 21:57:47 +0100 -@@ -150,9 +150,15 @@ - return -1; - } - if (value) { -- strncpy(value, row[0], size-2); -- value[size-1] = '\0'; -- if (value_len) *value_len = strlen(value); -+ unsigned long *col_lens; -+ size_t col_len; -+ col_lens = mysql_fetch_lengths(result); -+ col_len = (size_t)col_lens[0]; -+ if (col_len > size - 1); -+ col_len = size - 1; -+ memcpy(value, row[0], col_len); -+ value[col_len] = '\0'; -+ if (value_len) *value_len = col_len; - } - - /* free result */ -@@ -277,7 +283,7 @@ - ExecStatusType status; - - /* run the query */ -- result = PQexec(conn, cmd); -+ result = PQexecParams(conn, cmd, 0, NULL, NULL, NULL, NULL, 1); - - /* check the status */ - status = PQresultStatus(result); -@@ -298,6 +304,7 @@ - row_count = PQntuples(result); - if (!row_count) { - /* umm nothing found */ -+ utils->log(NULL, SASL_LOG_DEBUG, "sql plugin: no result found for query %s", cmd); - utils->log(NULL, SASL_LOG_NOTE, "sql plugin: no result found"); - PQclear(result); - return -1; -@@ -310,9 +317,26 @@ - /* now get the result set value and value_len */ - /* we only fetch one because we don't care about the rest */ - if (value) { -- strncpy(value, PQgetvalue(result,0,0), size-2); -- value[size-1] = '\0'; -- if (value_len) *value_len = strlen(value); -+ if (PQgetisnull(result, 0, 0)) { -+ size_t col_len; -+ col_len = strlen(SQL_NULL_VALUE); -+ if (col_len > size - 1) -+ col_len = size - 1; -+ memcpy(value, SQL_NULL_VALUE, col_len); -+ value[col_len] = '\0'; -+ if (value_len) -+ *value_len = col_len; -+ } -+ else { -+ size_t col_len; -+ col_len = (size_t)PQgetlength(result, 0, 0); -+ if (col_len > size - 1); -+ col_len = size - 1; -+ memcpy(value, PQgetvalue(result, 0, 0), col_len); -+ value[col_len] = '\0'; -+ if (value_len) -+ *value_len = col_len; -+ } - } - - /* free result */ -@@ -342,7 +366,7 @@ - #endif /* HAVE_PGSQL */ - - #ifdef HAVE_SQLITE --#include -+#include - - static void *_sqlite_open(char *host __attribute__((unused)), - char *port __attribute__((unused)), -@@ -352,21 +376,23 @@ - const char *database, const sasl_utils_t *utils) - { - int rc; -- sqlite *db; -+ sqlite3 *db; - char *zErrMsg = NULL; - -- db = sqlite_open(database, 0, &zErrMsg); -- if (db == NULL) { -+ rc = sqlite3_open(database, &db); -+ if (rc != SQLITE_OK) { -+ zErrMsg = (char *)sqlite3_errmsg(db); - utils->log(NULL, SASL_LOG_ERR, "sql plugin: %s", zErrMsg); -- sqlite_freemem (zErrMsg); -+ sqlite3_free (zErrMsg); -+ sqlite3_close (db); - return NULL; - } - -- rc = sqlite_exec(db, "PRAGMA empty_result_callbacks = ON", NULL, NULL, &zErrMsg); -+ rc = sqlite3_exec(db, "PRAGMA empty_result_callbacks = ON", NULL, NULL, &zErrMsg); - if (rc != SQLITE_OK) { - utils->log(NULL, SASL_LOG_ERR, "sql plugin: %s", zErrMsg); -- sqlite_freemem (zErrMsg); -- sqlite_close(db); -+ sqlite3_free (zErrMsg); -+ sqlite3_close(db); - return NULL; - } - -@@ -388,62 +414,67 @@ - return 0; - } - --static int sqlite_my_callback(void *pArg, int argc __attribute__((unused)), -- char **argv, -- char **columnNames __attribute__((unused))) --{ -- char **result = (char**)pArg; -- -- if (argv == NULL) { -- *result = NULL; /* no record */ -- } else if (argv[0] == NULL) { -- *result = strdup(SQL_NULL_VALUE); /* NULL IS SQL_NULL_VALUE */ -- } else { -- *result = strdup(argv[0]); -- } -- -- return /*ABORT*/1; --} -- - static int _sqlite_exec(void *db, const char *cmd, char *value, size_t size, - size_t *value_len, const sasl_utils_t *utils) - { - int rc; -- char *result = NULL; -- char *zErrMsg = NULL; -+ sqlite3_stmt *stmt; -+ const char *todo; -+ size_t len; - -- rc = sqlite_exec((sqlite*)db, cmd, sqlite_my_callback, (void*)&result, &zErrMsg); -- if (rc != SQLITE_OK && rc != SQLITE_ABORT) { -- utils->log(NULL, SASL_LOG_DEBUG, "sql plugin: %s ", zErrMsg); -- sqlite_freemem (zErrMsg); -+ rc = sqlite3_prepare((sqlite3*)db, cmd, (int)strlen(cmd), &stmt, &todo); -+ if (rc != SQLITE_OK) { -+ utils->log(NULL, SASL_LOG_DEBUG, "sql plugin error: %s", sqlite3_errmsg((sqlite3*)db)); - return -1; - } -- -- if (rc == SQLITE_OK) { -+ rc = sqlite3_step(stmt); -+ if (rc != SQLITE_ROW && rc != SQLITE_DONE) { -+ utils->log(NULL, SASL_LOG_DEBUG, "sql plugin error: %s", sqlite3_errmsg((sqlite3*)db)); -+ sqlite3_finalize(stmt); -+ return -1; -+ } -+ if (sqlite3_column_count(stmt) == 0) { - /* no results (BEGIN, COMMIT, DELETE, INSERT, UPDATE) */ -+ sqlite3_finalize(stmt); - return 0; - } -- -- if (result == NULL) { -+ if (rc == SQLITE_DONE) { - /* umm nothing found */ -+ utils->log(NULL, SASL_LOG_DEBUG, "sql plugin: no result found for query %s", cmd); - utils->log(NULL, SASL_LOG_NOTE, "sql plugin: no result found"); -+ sqlite3_finalize(stmt); - return -1; - } -- -- /* XXX: Duplication cannot be found by this method. */ -- -- /* now get the result set value and value_len */ -- /* we only fetch one because we don't care about the rest */ -- if (value) { -- strncpy(value, result, size - 2); -- value[size - 1] = '\0'; -- if (value_len) { -- *value_len = strlen(value); -- } -+ rc = sqlite3_column_type(stmt, 0); -+ switch (rc) { -+ case SQLITE_NULL: { -+ len = strlen(SQL_NULL_VALUE); -+ if (len > size - 1) -+ len = size - 1; -+ memcpy(value, SQL_NULL_VALUE, len); -+ value[len] = '\0'; -+ if (value_len) -+ *value_len = len; -+ break; -+ } -+ default: { -+ const void *blob = sqlite3_column_blob(stmt, 0); -+ len = (size_t)sqlite3_column_bytes(stmt, 0); -+ if (len > size - 1) -+ len = size - 1; -+ memcpy(value, blob, len); -+ value[len] = '\0'; -+ if (value_len) -+ *value_len = len; -+ break; -+ } - } -- -- /* free result */ -- free(result); -+ rc = sqlite3_step(stmt); -+ if (rc != SQLITE_DONE) { -+ utils->log(NULL, SASL_LOG_WARN, -+ "sql plugin: found duplicate row for query %s", cmd); -+ } -+ sqlite3_finalize(stmt); - return 0; - } - -@@ -464,7 +495,7 @@ - - static void _sqlite_close(void *db) - { -- sqlite_close((sqlite*)db); -+ sqlite3_close((sqlite3 *)db); - } - #endif /* HAVE_SQLITE */ - -@@ -771,7 +802,7 @@ - settings = (sql_settings_t *) glob_context; - - sparams->utils->log(NULL, SASL_LOG_DEBUG, -- "sql plugin Parse the username %s\n", user); -+ "sql plugin parse the username %s\n", user); - - user_buf = sparams->utils->malloc(ulen + 1); - if (!user_buf) goto done; -@@ -849,7 +880,7 @@ - } - - sparams->utils->log(NULL, SASL_LOG_DEBUG, -- "sql plugin create statement from %s %s %s\n", -+ "sql plugin create statement from name=%s user=%s realm=%s\n", - realname, escap_userid, escap_realm); - - /* create a statement that we will use */ -@@ -864,9 +895,15 @@ - /* run the query */ - if (!settings->sql_engine->sql_exec(conn, query, value, sizeof(value), - &value_len, sparams->utils)) { -+ sparams->utils->log(NULL, SASL_LOG_DEBUG, -+ "sql plugin query successful\n"); - sparams->utils->prop_set(sparams->propctx, cur->name, - value, value_len); - } -+ else { -+ sparams->utils->log(NULL, SASL_LOG_DEBUG, -+ "sql plugin query failed\n"); -+ } - - sparams->utils->free(query); - } -Index: sample/client.c ---- sample/client.c.orig 2004-03-09 18:35:32 +0100 -+++ sample/client.c 2008-12-25 18:48:51 +0100 -@@ -133,13 +133,11 @@ - return SASL_OK; - } - --#ifndef HAVE_GETPASSPHRASE - static char * --getpassphrase(const char *prompt) -+my_getpassphrase(const char *prompt) - { - return getpass(prompt); - } --#endif /* ! HAVE_GETPASSPHRASE */ - - static int - getsecret(sasl_conn_t *conn, -@@ -155,7 +153,7 @@ - if (! conn || ! psecret || id != SASL_CB_PASS) - return SASL_BADPARAM; - -- password = getpassphrase("Password: "); -+ password = my_getpassphrase("Password: "); - if (! password) - return SASL_FAIL; - -Index: sample/sample-client.c ---- sample/sample-client.c.orig 2004-10-26 13:14:33 +0200 -+++ sample/sample-client.c 2008-12-25 18:48:51 +0100 -@@ -244,13 +244,11 @@ - return SASL_OK; - } - --#ifndef HAVE_GETPASSPHRASE - static char * --getpassphrase(const char *prompt) -+my_getpassphrase(const char *prompt) - { - return getpass(prompt); - } --#endif /* ! HAVE_GETPASSPHRASE */ - - static int - getsecret(sasl_conn_t *conn, -@@ -264,7 +262,7 @@ - if (! conn || ! psecret || id != SASL_CB_PASS) - return SASL_BADPARAM; - -- password = getpassphrase("Password: "); -+ password = my_getpassphrase("Password: "); - if (! password) - return SASL_FAIL; - -@@ -307,7 +305,7 @@ - fflush(stdout); - - if (id == SASL_CB_ECHOPROMPT) { -- char *original = getpassphrase(""); -+ char *original = my_getpassphrase(""); - if (! original) - return SASL_FAIL; - if (*original) -Index: saslauthd/Makefile.am ---- saslauthd/Makefile.am.orig 2006-05-17 18:46:17 +0200 -+++ saslauthd/Makefile.am 2008-12-25 18:48:51 +0100 -@@ -36,4 +36,4 @@ - - install-data-local: saslauthd.8 - $(mkinstalldirs) $(DESTDIR)$(mandir)/man8 -- $(INSTALL_DATA) $(srcdir)/saslauthd.8 $(DESTDIR)$(mandir)/man8/saslauthd.8 -+ $(INSTALL_DATA) $(srcdir)/saslauthd.mdoc $(DESTDIR)$(mandir)/man8/saslauthd.8 -Index: saslauthd/Makefile.in ---- saslauthd/Makefile.in.orig 2008-12-25 18:48:51 +0100 -+++ saslauthd/Makefile.in 2008-12-25 18:48:51 +0100 -@@ -621,7 +621,7 @@ - - install-data-local: saslauthd.8 - $(mkinstalldirs) $(DESTDIR)$(mandir)/man8 -- $(INSTALL_DATA) $(srcdir)/saslauthd.8 $(DESTDIR)$(mandir)/man8/saslauthd.8 -+ $(INSTALL_DATA) $(srcdir)/saslauthd.mdoc $(DESTDIR)$(mandir)/man8/saslauthd.8 - # Tell versions [3.59,3.63) of GNU make to not export all variables. - # Otherwise a system limit (for SysV at least) may be exceeded. - .NOEXPORT: -Index: saslauthd/lak.c ---- saslauthd/lak.c.orig 2005-05-15 07:49:51 +0200 -+++ saslauthd/lak.c 2008-12-25 18:48:51 +0100 -@@ -47,6 +47,7 @@ - #include - #endif - -+#include "saslauthd.h" /* get strlcpy macro for non-BSD; get HAVE_OPENSSL from config.h */ - #ifdef HAVE_OPENSSL - #ifndef OPENSSL_DISABLE_OLD_DES_SUPPORT - #define OPENSSL_DISABLE_OLD_DES_SUPPORT -@@ -57,7 +58,7 @@ - - #include - #include --#include -+#include "sasl.h" - #include "lak.h" - - typedef struct lak_auth_method { -Index: utils/pluginviewer.c ---- utils/pluginviewer.c.orig 2006-05-17 18:46:17 +0200 -+++ utils/pluginviewer.c 2008-12-25 18:48:51 +0100 -@@ -536,7 +536,7 @@ - fprintf(stderr, "%s: Usage: %s [-a] [-s] [-c] [-b min=N,max=N] [-e ssf=N,id=ID] [-m MECHS] [-x AUXPROP_MECH] [-f FLAGS] [-i local=IP,remote=IP] [-p PATH]\n" - "\t-a\tlist auxprop plugins\n" - "\t-s\tlist server authentication (SASL) plugins\n" -- "\t-s\tlist client authentication (SASL) plugins\n" -+ "\t-c\tlist client authentication (SASL) plugins\n" - "\t-b ...\t#bits to use for encryption\n" - "\t\tmin=N\tminumum #bits to use (1 => integrity)\n" - "\t\tmax=N\tmaximum #bits to use\n" diff -r 240aa8fdd538 -r 9d79786fbc64 sasl/sasl.pc --- a/sasl/sasl.pc Tue Aug 28 18:52:20 2012 +0200 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,10 +0,0 @@ -prefix=@l_prefix@ -exec_prefix=${prefix} -libdir=${exec_prefix}/lib -includedir=${prefix}/include - -Name: sasl -Description: SASL -Version: @version@ -Libs: -L${libdir} @libs@ -Cflags: -I${includedir} diff -r 240aa8fdd538 -r 9d79786fbc64 sasl/sasl.spec --- a/sasl/sasl.spec Tue Aug 28 18:52:20 2012 +0200 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,440 +0,0 @@ -## -## sasl.spec -- OpenPKG RPM Package Specification -## Copyright (c) 2000-2010 OpenPKG Foundation e.V. -## -## Permission to use, copy, modify, and distribute this software for -## any purpose with or without fee is hereby granted, provided that -## the above copyright notice and this permission notice appear in all -## copies. -## -## THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED -## WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF -## MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. -## IN NO EVENT SHALL THE AUTHORS AND COPYRIGHT HOLDERS AND THEIR -## CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -## SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT -## LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF -## USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND -## ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, -## OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT -## OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -## SUCH DAMAGE. -## - -# package information -Name: sasl -Summary: Simple Authentication and Security Layer (SASL) -URL: http://www.cyrusimap.org/ -Vendor: Cyrus Project, CMU -Packager: OpenPKG Foundation e.V. -Distribution: OpenPKG Community -Class: BASE -Group: Cryptography -License: BSD -Version: 2.1.23 -Release: 20101020 - -# package options -%option with_fsl yes -%option with_sasldb yes -%option with_pam no -%option with_login no -%option with_ldap no -%option with_mysql no -%option with_pgsql no -%option with_sqlite no -%option with_ntlm no -%option with_otp no -%option with_srp no -%option with_kerberos no - -# list of sources -Source0: ftp://ftp.cyrusimap.org/cyrus-sasl/cyrus-sasl-%{version}.tar.gz -Source1: rc.sasl -Source2: fsl.sasl -Source3: saslauthd.conf -Source4: sasl.pc -Patch0: sasl.patch - -# build information -BuildPreReq: OpenPKG, openpkg >= 20100101, gcc, make, groff -PreReq: OpenPKG, openpkg >= 20100101 -BuildPreReq: db >= 4.1.24, openssl -PreReq: db >= 4.1.24, openssl -%if "%{with_fsl}" == "yes" -BuildPreReq: fsl -PreReq: fsl -%endif -%if "%{with_pam}" == "yes" -BuildPreReq: PAM -PreReq: PAM -%endif -%if "%{with_ldap}" == "yes" -BuildPreReq: openldap -PreReq: openldap -%endif -%if "%{with_mysql}" == "yes" -BuildPreReq: mysql -PreReq: mysql -%endif -%if "%{with_pgsql}" == "yes" -BuildPreReq: postgresql -PreReq: postgresql -%endif -%if "%{with_sqlite}" == "yes" -BuildPreReq: sqlite -PreReq: sqlite -%endif -%if "%{with_otp}" == "yes" -BuildPreReq: opie -PreReq: opie -%endif -%if "%{with_kerberos}" == "yes" -BuildPreReq: KERBEROS -PreReq: KERBEROS -%endif - -%description - SASL is the Simple Authentication and Security Layer, a method - for adding authentication support to connection-based protocols. - To use SASL, a protocol includes a command for identifying and - authenticating a user to a server and for optionally negotiating - protection of subsequent protocol interactions. If its use is - negotiated, a security layer is inserted between the protocol and - the connection. - -%track - prog sasl = { - version = %{version} - url = ftp://ftp.cyrusimap.org/cyrus-sasl/ - regex = cyrus-sasl-(\d+\.\d+\.\d+)\.tar\.gz - } - -%prep - %setup -q -n cyrus-sasl-%{version} - %patch -p0 - -%build - # ensure the OpenPKG Berkeley-DB is picked up only - %{l_shtool} subst \ - -e 's;for dbname in db-.*db$;for dbname in db;' \ - saslauthd/configure configure - - # disable some unwanted configure checks - %{l_shtool} subst \ - -e 's;\(SASL_DB_UTILS="saslpasswd2 sasldblistusers2\);\1 dbconverter-2;' \ - -e "s;javac;javac-xxx;g" \ - -e "s;javah;javah-xxx;g" \ - -e "s;javadoc;javadoc-xxx;g" \ - configure - - # fix OpenLDAP support -%if "%{with_ldap}" == "yes" - echo 'ac_cv_lib_ldap_ldap_initialize=yes' >config.cache - %{l_shtool} subst \ - -e "s;\(\$LDAP_LIBS\) *\(-lcrypto\);\1 -lssl -lcrypto \2;" \ - saslauthd/configure -%endif - - # fix GSS/Kerberos support -%if "%{with_kerberos}" == "yes" - %{l_shtool} subst \ - -e 's;\(-lk5crypto\);\1 -lkrb5support;' \ - configure -%endif - - # enforce disabled Kerberos 5 support in saslauthd - echo 'ac_cv_header_krb5_h=no' >config.cache - - # configure path to sasl-server config files - %{l_shtool} subst \ - -e 's;@l_sysconfdir@;%{l_prefix}/etc/sasl/sasl.d;g' \ - lib/server.c - - # determine build flags - cflags="%{l_cflags -O} %{l_cppflags}" - ldflags="%{l_ldflags} %{l_fsl_ldflags}" - libs="-ldb %{l_fsl_libs}" -%if "%{with_ldap}" == "yes" - cflags="$cflags -DAUTH_LDAP" -%endif -%if "%{with_mysql}" == "yes" - libs="$libs -lz -lm" -%endif -%if "%{with_pgsql}" == "yes" - cflags="$cflags -I%{l_cppflags postgresql}" - libs="$libs -lssl -lcrypto -lcrypt" -%endif -%if "%{with_kerberos}" == "yes" - cflags="$cflags `krb5-config --cflags gssapi`" - libs="$libs `krb5-config --libs gssapi`" -%endif - case "%{l_platform -t}" in - *-sunos* ) libs="$libs -lrt" ;; - esac - - # configure package - CC="%{l_cc}" \ - CFLAGS="$cflags" \ - CPPFLAGS="%{l_cppflags}" \ - LDFLAGS="$ldflags" \ - LIBS="$libs" \ - ./configure \ - --cache-file=./config.cache \ - --prefix=%{l_prefix} \ - --sysconfdir=%{l_prefix}/etc/sasl \ - --with-configdir=%{l_prefix}/etc/sasl/sasl.d \ - --with-plugindir=%{l_prefix}/lib/sasl \ - --with-saslauthd=%{l_prefix}/var/sasl/run/saslauthd \ - --enable-digest \ - --enable-cram \ - --enable-anon \ -%if "%{with_sasldb}" == "yes" - --enable-auth-sasldb \ - --with-dbpath=%{l_prefix}/var/sasl/run/sasl.db \ - --with-dblib=berkeley \ - --with-bdb-incdir=%{l_prefix}/include \ - --with-bdb-libdir=%{l_prefix}/lib \ -%else - --with-dblib=none \ -%endif - --with-openssl=%{l_prefix} \ -%if "%{with_pam}" == "yes" - --with-pam \ -%else - --without-pam \ -%endif -%if "%{with_login}" == "yes" - --enable-login \ -%else - --disable-login \ -%endif -%if "%{with_ldap}" == "yes" - --with-ldap=%{l_prefix} \ -%else - --without-ldap \ -%endif -%if "%{with_otp}" == "yes" - --enable-otp \ - --with-opie=%{l_prefix} \ -%else - --disable-otp \ - --without-opie \ -%endif -%if "%{with_srp}" == "yes" - --enable-srp \ -%else - --disable-srp \ -%endif -%if "%{with_kerberos}" == "yes" - --enable-gssapi \ - --with-gss_impl=`if [ -d %{l_prefix}/include/heimdal ]; then echo "heimdal"; else echo "mit"; fi` \ -%else - --disable-gssapi \ - --without-gss_impl \ -%endif -%if "%{with_mysql}" == "yes" || "%{with_pgsql}" == "yes" || "%{with_sqlite}" == "yes" - --enable-sql \ -%if "%{with_mysql}" == "yes" - --with-mysql=%{l_prefix} \ -%else - --without-mysql \ -%endif -%if "%{with_pgsql}" == "yes" - --with-pgsql=%{l_prefix} \ -%else - --without-pgsql \ -%endif -%if "%{with_sqlite}" == "yes" - --with-sqlite=%{l_prefix} \ -%else - --without-sqlite \ -%endif -%endif -%if "%{with_ntlm}" == "yes" - --enable-ntlm \ -%else - --disable-ntlm \ -%endif - --enable-shared \ - --enable-static \ - --enable-staticdlopen \ - --enable-sample \ - --disable-java \ - --disable-krb4 \ - --without-des - - # post adjustment: trust me, libtool, I know what I am doing - %{l_shtool} subst \ - -e 's;^\(deplibs_check_method=\).*;\1"pass_all";' \ - -e 's/\(eval libobjs=.*$whole_archive_flag_spec.*\)$/case $archive_cmds in \\$LD* ) wl= ;; esac; \1/' \ - libtool - - # post adjustment: do not reference static plugins - %{l_shtool} subst \ - -e '58s;.*;#define PIC;' \ - lib/dlopen.c - - # post adjustment: do not pull static plugins into static library - %{l_shtool} subst \ - -e 's;-ln -s $(SASL_STATIC_SRCS) .;-ln ../sasldb/*.o ../plugins/*.o $(SASL_STATIC_SRCS) .;' \ - lib/Makefile - - # post adjustment: build utils against static library - %{l_shtool} subst \ - -e 's;\(\$(CCLD)\);\1 -static;' \ - -e 's;\(noinst.*=\) *dbconverter.*;\1;' \ - utils/Makefile \ - sample/Makefile - - # post adjustment: fix OpenLDAP support -%if "%{with_ldap}" == "yes" - %{l_shtool} subst \ - -e "s;^\(saslauthd_LDADD[ ]*=[ ]*[^\\]*\);\1 -lcrypt -lldap -llber -lssl -lcrypto ;" \ - saslauthd/Makefile -%endif - - # build package - %{l_make} %{l_mflags} - ( cd saslauthd - %{l_make} %{l_mflags} testsaslauthd - ) || exit $? - ( cd sample - %{l_make} %{l_mflags} sample-client sample-server - ) || exit $? - -%install - - # install package - %{l_make} %{l_mflags} install AM_MAKEFLAGS="DESTDIR=$RPM_BUILD_ROOT" - - # remove libtool cruft - rm -f \ - $RPM_BUILD_ROOT%{l_prefix}/lib/*.la \ - $RPM_BUILD_ROOT%{l_prefix}/lib/*.s[ol] \ - $RPM_BUILD_ROOT%{l_prefix}/lib/*.s[ol].* \ - $RPM_BUILD_ROOT%{l_prefix}/lib/sasl2/*.a - - # post-adjust installation - mv $RPM_BUILD_ROOT%{l_prefix}/lib/sasl2 \ - $RPM_BUILD_ROOT%{l_prefix}/lib/sasl - mv $RPM_BUILD_ROOT%{l_prefix}/sbin/testsaslauthd \ - $RPM_BUILD_ROOT%{l_prefix}/sbin/saslauthd-test - mv $RPM_BUILD_ROOT%{l_prefix}/sbin/pluginviewer \ - $RPM_BUILD_ROOT%{l_prefix}/sbin/sasl-pluginviewer - mv $RPM_BUILD_ROOT%{l_prefix}/man/man8/pluginviewer.8 \ - $RPM_BUILD_ROOT%{l_prefix}/man/man8/sasl-pluginviewer.8 - mv $RPM_BUILD_ROOT%{l_prefix}/sbin/saslpasswd2 \ - $RPM_BUILD_ROOT%{l_prefix}/sbin/saslpasswd - mv $RPM_BUILD_ROOT%{l_prefix}/man/man8/saslpasswd2.8 \ - $RPM_BUILD_ROOT%{l_prefix}/man/man8/saslpasswd.8 - mv $RPM_BUILD_ROOT%{l_prefix}/sbin/sasldblistusers2 \ - $RPM_BUILD_ROOT%{l_prefix}/sbin/sasldblistusers - mv $RPM_BUILD_ROOT%{l_prefix}/man/man8/sasldblistusers2.8 \ - $RPM_BUILD_ROOT%{l_prefix}/man/man8/sasldblistusers.8 - rm -f $RPM_BUILD_ROOT%{l_prefix}/sbin/dbconverter-2 - strip $RPM_BUILD_ROOT%{l_prefix}/sbin/* >/dev/null 2>&1 || true - - # install sample client/server programs - %{l_shtool} install -c -m 755 \ - sample/sample-client \ - $RPM_BUILD_ROOT%{l_prefix}/sbin/sasl-sample-client - %{l_shtool} install -c -m 755 \ - sample/sample-server \ - $RPM_BUILD_ROOT%{l_prefix}/sbin/sasl-sample-server - - # install saslauthd default configuration - %{l_shtool} mkdir -f -p -m 755 \ - $RPM_BUILD_ROOT%{l_prefix}/etc/sasl - %{l_shtool} install -c -m 755 \ - %{SOURCE saslauthd.conf} \ - $RPM_BUILD_ROOT%{l_prefix}/etc/sasl/ - - # create necessary additional directories - %{l_shtool} mkdir -f -p -m 755 \ - $RPM_BUILD_ROOT%{l_prefix}/var/sasl/log \ - $RPM_BUILD_ROOT%{l_prefix}/var/sasl/run/saslauthd \ - $RPM_BUILD_ROOT%{l_prefix}/etc/sasl/sasl.d - - # install run-command script -%if "%{with_pam}" == "yes" - l_authmech="pam" -%else - case "%{l_platform -t}" in - *-linux* | *-sunos* ) l_authmech="shadow" ;; - * ) l_authmech="getpwent" ;; - esac -%endif - %{l_shtool} mkdir -f -p -m 755 \ - $RPM_BUILD_ROOT%{l_prefix}/etc/rc.d - %{l_shtool} install -c -m 755 \ - -e "s;@l_authmech@;${l_authmech};g" %{l_value -s -a} \ - %{SOURCE rc.sasl} \ - $RPM_BUILD_ROOT%{l_prefix}/etc/rc.d/ - - # install OSSP fsl configuration - %{l_shtool} mkdir -f -p -m 755 \ - $RPM_BUILD_ROOT%{l_prefix}/etc/fsl - %{l_shtool} install -c -m 644 %{l_value -s -a} \ - %{SOURCE fsl.sasl} \ - $RPM_BUILD_ROOT%{l_prefix}/etc/fsl/ - - # install pkg-config configuration - libs="-lsasl2" - case "%{l_platform -t}" in - *-linux* ) libs="$libs -ldl" ;; - esac - %{l_shtool} mkdir -f -p -m 755 \ - $RPM_BUILD_ROOT%{l_prefix}/lib/pkgconfig - %{l_shtool} install -c -m 644 %{l_value -s -a} \ - -e "s;@version@;%{version};" \ - -e "s;@libs@;$libs;" \ - %{SOURCE sasl.pc} \ - $RPM_BUILD_ROOT%{l_prefix}/lib/pkgconfig/ - - # determine installation files - %{l_rpmtool} files -v -ofiles -r$RPM_BUILD_ROOT \ - %{l_files_std} \ - '%config %{l_prefix}/etc/fsl/fsl.sasl' \ - '%config %{l_prefix}/etc/sasl/saslauthd.conf' \ - '%dir %attr(0755,%{l_musr},%{l_rgrp}) %{l_prefix}/var/sasl' \ - '%dir %attr(0755,%{l_musr},%{l_rgrp}) %{l_prefix}/var/sasl/run' \ - '%dir %attr(0755,%{l_musr},%{l_rgrp}) %{l_prefix}/var/sasl/run/saslauthd' \ - '%dir %attr(0700,%{l_susr},%{l_sgrp}) %{l_prefix}/var/sasl/log' - -%files -f files - -%clean - -%pre - # before upgrade, save status and stop service - [ $1 -eq 2 ] || exit 0 - eval `%{l_rc} sasl status 2>/dev/null | tee %{l_tmpfile}` - %{l_rc} sasl stop 2>/dev/null - exit 0 - -%post -%if "%{with_pam}" == "yes" - if [ $1 -eq 1 ]; then - # after install, add PAM configuration entry - $RPM_INSTALL_PREFIX/sbin/pamtool --add --smart --name=sasl - fi -%endif - if [ $1 -eq 2 ]; then - # after upgrade, restore status - eval `cat %{l_tmpfile}`; rm -f %{l_tmpfile} - [ ".$sasl_active" = .yes ] && %{l_rc} sasl start - fi - exit 0 - -%preun - # before erase, stop service and remove log files - [ $1 -eq 0 ] || exit 0 - %{l_rc} sasl stop 2>/dev/null - rm -f $RPM_INSTALL_PREFIX/var/sasl/log/*.log* >/dev/null 2>&1 || true -%if "%{with_pam}" == "yes" - # remove PAM configuration entry - $RPM_INSTALL_PREFIX/sbin/pamtool --remove --smart --name=sasl -%endif - exit 0 - diff -r 240aa8fdd538 -r 9d79786fbc64 sasl/saslauthd.conf --- a/sasl/saslauthd.conf Tue Aug 28 18:52:20 2012 +0200 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,55 +0,0 @@ -## -## saslauthd.conf -- SASL Authentication Daemon Configuration -## - -# white space separated list of LDAP servers -ldap_servers: ldap://127.0.0.1 - -# authentication for restricted LDAP servers -#ldap_bind_dn: cn=operator,ou=Profile,o=example.com -#ldap_bind_pw: secret - -# LDAP version to use (2|3) -#ldap_version 3 - -# LDAP timeout -#ldap_timeout 5 - -# LDAP aliases (search|find|always|never) -ldap_deref: never - -# follow LDAP referrals ? -ldap_referrals: no - -# restart LDAP I/O operations that fail ? -ldap_restart: yes - -# search scope (sub|one|base) -#ldap_scope: sub - -# starting point for a search -ldap_search_base: MUST-SPECIFY - -# authenticate against LDAP (bind|custom|fastbind) -ldap_auth_method: bind - -# Filter LDAP records, %u = username, %r = realm -# if ldap_auth_method is 'bind' the filter searches for the DN -# otherwise the filter searches for the userPassword attribute -#ldap_filter: uid=%u - -# debugging LDAP operation -#ldap_debug 0 - -# require and verify server certificate -#ldap_tls_check_peer: no -#ldap_tls_cacert_file: -#ldap_tls_cacert_dir: - -# list of SSL/TLS ciphers to allow -#ldap_tls_ciphers: DEFAULT - -# files containing client certificate and key -#ldap_tls_cert: -#ldap_tls_key: -