Commit d79a0959 authored by AlmAck's avatar AlmAck
Browse files

cyrus-sasl 2.1.27 [skip-ci]

parent 089f0b17
Pipeline #4095 skipped
From: Debian Cyrus SASL Team
<pkg-cyrus-sasl2-debian-devel@lists.alioth.debian.org>
Date: Thu, 24 Mar 2016 11:35:03 +0100
Subject: Update saslauthd.conf location in documentation
date format (cosmetic).
---
saslauthd/saslauthd.mdoc | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/saslauthd/saslauthd.mdoc b/saslauthd/saslauthd.mdoc
index 0c2209e..17c9284 100644
--- a/saslauthd/saslauthd.mdoc
+++ b/saslauthd/saslauthd.mdoc
@@ -10,7 +10,7 @@
.\" manpage in saslauthd.8 whenever you change this source
.\" version. Only the pre-formatted manpage is installed.
.\"
-.Dd 12 12 2005
+.Dd December 12 2005
.Dt SASLAUTHD 8
.Os "CMU-SASL"
.Sh NAME
@@ -245,7 +245,7 @@ instead.
.Em (All platforms that support OpenLDAP 2.0 or higher)
.Pp
Authenticate against an ldap server. The ldap configuration parameters are
-read from /usr/local/etc/saslauthd.conf. The location of this file can be
+read from /etc/saslauthd.conf. The location of this file can be
changed with the -O parameter. See the LDAP_SASLAUTHD file included with the
distribution for the list of available parameters.
.It Li sia
@@ -278,7 +278,7 @@ was never intended to be used in this manner, anyway.)
.Bl -tag -width "/var/run/saslauthd/mux"
.It Pa /var/run/saslauthd/mux
The default communications socket.
-.It Pa /usr/local/etc/saslauthd.conf
+.It Pa /etc/saslauthd.conf
The default configuration file for ldap support.
.El
.Sh SEE ALSO
From: Debian Cyrus SASL Team
<pkg-cyrus-sasl2-debian-devel@lists.alioth.debian.org>
Date: Thu, 24 Mar 2016 11:35:03 +0100
Subject: Enable autoconf maintainer mode
---
configure.ac | 2 ++
1 file changed, 2 insertions(+)
diff --git a/configure.ac b/configure.ac
index 388f5d0..b3db52c 100644
--- a/configure.ac
+++ b/configure.ac
@@ -69,6 +69,8 @@ AC_CANONICAL_TARGET
AM_INIT_AUTOMAKE([1.11 tar-ustar dist-bzip2 foreign -Wno-portability subdir-objects])
+AM_MAINTAINER_MODE
+
DIRS=""
AC_ARG_ENABLE(cmulocal,
Author: Matthias Klose <doko@ubuntu.com>
Desription: Fix FTBFS, add $(SASL_DB_LIB) as dependency to libsasldb, and use
From: Debian Cyrus SASL Team
<pkg-cyrus-sasl2-debian-devel@lists.alioth.debian.org>
Date: Thu, 24 Mar 2016 11:35:04 +0100
Subject: Update required libraries when ld --as-needed is used
it.
---
saslauthd/Makefile.am | 2 +-
sasldb/Makefile.am | 4 ++--
2 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/saslauthd/Makefile.am b/saslauthd/Makefile.am
index 864b29b..4cf3a3d 100644
--- a/saslauthd/Makefile.am
+++ b/saslauthd/Makefile.am
@@ -16,7 +16,7 @@ EXTRA_saslauthd_sources = getaddrinfo.c
saslauthd_DEPENDENCIES = saslauthd-main.o @LTLIBOBJS@
@@ -25,7 +25,7 @@ EXTRA_saslauthd_sources = getaddrinfo.c getnameinfo.c
saslauthd_DEPENDENCIES = saslauthd-main.o $(LTLIBOBJS_FULL)
saslauthd_LDADD = @SASL_KRB_LIB@ \
@GSSAPIBASE_LIBS@ @GSSAPI_LIBS@ @LIB_CRYPT@ @LIB_SIA@ \
- @LIB_SOCKET@ @SASL_DB_LIB@ @LIB_PAM@ @LDAP_LIBS@ @LTLIBOBJS@
+ @LIB_SOCKET@ ../sasldb/libsasldb.la @LIB_PAM@ @LDAP_LIBS@ @LTLIBOBJS@
@GSSAPIBASE_LIBS@ @LIB_CRYPT@ @LIB_SIA@ \
- @LIB_SOCKET@ @SASL_DB_LIB@ @LIB_PAM@ @LDAP_LIBS@ $(LTLIBOBJS_FULL) $(CRYPTO_COMPAT_OBJS) $(LIBSASLDB_OBJS)
+ @LIB_SOCKET@ ../sasldb/libsasldb.la @LIB_PAM@ @LDAP_LIBS@ $(LTLIBOBJS_FULL) $(CRYPTO_COMPAT_OBJS) $(LIBSASLDB_OBJS)
testsaslauthd_SOURCES = testsaslauthd.c utils.c
testsaslauthd_LDADD = @LIB_SOCKET@
diff --git a/sasldb/Makefile.am b/sasldb/Makefile.am
index 497ee25..a27645f 100644
--- a/sasldb/Makefile.am
+++ b/sasldb/Makefile.am
@@ -55,8 +55,8 @@ noinst_LIBRARIES = libsasldb.a
@@ -54,6 +54,6 @@ noinst_LTLIBRARIES = libsasldb.la
libsasldb_la_SOURCES = allockey.c sasldb.h
EXTRA_libsasldb_la_SOURCES = $(extra_common_sources)
-libsasldb_la_DEPENDENCIES = $(SASL_DB_BACKEND)
-libsasldb_la_LIBADD = $(SASL_DB_BACKEND)
-libsasldb_la_LIBADD = $(SASL_DB_BACKEND)
+libsasldb_la_DEPENDENCIES = $(SASL_DB_BACKEND) $(SASL_DB_LIB)
+libsasldb_la_LIBADD = $(SASL_DB_BACKEND) $(SASL_DB_LIB)
# Prevent make dist stupidity
libsasldb_a_SOURCES =
libsasldb_la_LDFLAGS = -no-undefined
#! /bin/sh /usr/share/dpatch/dpatch-run
## 0010_maintainer_mode.dpatch by <fabbe@debian.org>
##
## All lines beginning with `## DP:' are a description of the patch.
## DP: Enable maintainer mode to avoid auto* problems.
@DPATCH@
diff -urNad trunk~/configure.in trunk/configure.in
--- trunk~/configure.in 2006-05-29 22:52:46.000000000 +0300
+++ trunk/configure.in 2006-11-01 23:24:55.000000000 +0200
@@ -62,6 +62,8 @@
AM_INIT_AUTOMAKE(cyrus-sasl, 2.1.22)
CMU_INIT_AUTOMAKE
+AM_MAINTAINER_MODE
+
# and include our config dir scripts
ACLOCAL="$ACLOCAL -I \$(top_srcdir)/config"
0011_saslauthd_ac_prog_libtool.dpatch by <fabbe@debian.org>
Enable libtool use.
diff -urNad trunk~/saslauthd/configure.in trunk/saslauthd/configure.in
--- trunk~/saslauthd/configure.in 2006-05-29 22:52:42.000000000 +0300
+++ trunk/saslauthd/configure.in 2006-11-01 23:41:51.000000000 +0200
@@ -25,6 +25,7 @@
AC_PROG_MAKE_SET
AC_PROG_LN_S
AC_PROG_INSTALL
+AC_PROG_LIBTOOL
dnl Checks for build foo
CMU_C___ATTRIBUTE__
From: Debian Cyrus SASL Team
<pkg-cyrus-sasl2-debian-devel@lists.alioth.debian.org>
Date: Thu, 24 Mar 2016 11:35:04 +0100
Subject: Don't use la files for opening plugins
---
lib/dlopen.c | 121 ++++-------------------------------------------------------
1 file changed, 7 insertions(+), 114 deletions(-)
diff --git a/lib/dlopen.c b/lib/dlopen.c
index 8284cd8..ef90b11 100644
--- a/lib/dlopen.c
+++ b/lib/dlopen.c
@@ -247,105 +247,6 @@ static int _sasl_plugin_load(char *plugi
@@ -246,113 +246,6 @@ static int _sasl_plugin_load(char *plugin, void *library,
return result;
}
......@@ -28,6 +39,8 @@
- if (strcmp(in + (length - strlen(LA_SUFFIX)), LA_SUFFIX)) {
- if(!strcmp(in + (length - strlen(SO_SUFFIX)),SO_SUFFIX)) {
- /* check for a .la file */
- if (strlen(prefix) + strlen(in) + strlen(LA_SUFFIX) + 1 >= MAX_LINE)
- return SASL_BADPARAM;
- strcpy(line, prefix);
- strcat(line, in);
- length = strlen(line);
......@@ -40,11 +53,15 @@
- return SASL_FAIL;
- }
- }
- if (strlen(prefix) + strlen(in) + 1 >= PATH_MAX)
- return SASL_BADPARAM;
- strcpy(out, prefix);
- strcat(out, in);
- return SASL_OK;
- }
-
- if (strlen(prefix) + strlen(in) + 1 >= MAX_LINE)
- return SASL_BADPARAM;
- strcpy(line, prefix);
- strcat(line, in);
-
......@@ -60,6 +77,7 @@
- if(line[strlen(line) - 1] != '\n') {
- _sasl_log(NULL, SASL_LOG_WARN,
- "LA file has too long of a line: %s", in);
- fclose(file);
- return SASL_BUFOVER;
- }
- if(line[0] == '\n' || line[0] == '#') continue;
......@@ -79,6 +97,7 @@
- if(ntmp == end) {
- _sasl_log(NULL, SASL_LOG_DEBUG,
- "dlname is empty in .la file: %s", in);
- fclose(file);
- return SASL_FAIL;
- }
- strcpy(out, prefix);
......@@ -106,7 +125,7 @@
#endif /* DO_DLOPEN */
/* loads a plugin library */
@@ -499,18 +400,18 @@ int _sasl_load_plugins(const add_plugin_
@@ -506,18 +399,18 @@ int _sasl_load_plugins(const add_plugin_list_t *entrypoints,
if (length + pos>=PATH_MAX) continue; /* too big */
if (strcmp(dir->d_name + (length - strlen(SO_SUFFIX)),
......
From 31b68a9438c24fc9e3e52f626462bf514de31757 Mon Sep 17 00:00:00 2001
From: Ryan Tandy <ryan@nardis.ca>
Date: Mon, 24 Dec 2018 15:07:02 -0800
Subject: [PATCH] Restore LIBS after checking gss_inquire_sec_context_by_oid
Fixes: 4b0306dcd76031460246b2dabcb7db766d6b04d8
---
m4/sasl2.m4 | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/m4/sasl2.m4 b/m4/sasl2.m4
index 56e0504a..17f5d081 100644
--- a/m4/sasl2.m4
+++ b/m4/sasl2.m4
@@ -311,9 +311,10 @@ if test "$gssapi" != no; then
[AC_DEFINE(HAVE_GSS_C_SEC_CONTEXT_SASL_SSF,,
[Define if your GSSAPI implementation defines GSS_C_SEC_CONTEXT_SASL_SSF])])
fi
+ LIBS="$cmu_save_LIBS"
+
cmu_save_LIBS="$LIBS"
LIBS="$LIBS $GSSAPIBASE_LIBS"
-
AC_MSG_CHECKING([for SPNEGO support in GSSAPI libraries])
AC_TRY_RUN([
#ifdef HAVE_GSSAPI_H
From: Debian Cyrus SASL Team
<pkg-cyrus-sasl2-debian-devel@lists.alioth.debian.org>
Date: Thu, 24 Mar 2016 11:35:05 +0100
Subject: Fix keytab option for MIT Kerberos
---
m4/sasl2.m4 | 1 +
plugins/gssapi.c | 11 ++++++++---
2 files changed, 9 insertions(+), 3 deletions(-)
diff --git a/m4/sasl2.m4 b/m4/sasl2.m4
index 56e0504..a90f7b4 100644
--- a/m4/sasl2.m4
+++ b/m4/sasl2.m4
@@ -282,6 +282,7 @@ if test "$gssapi" != no; then
])
fi
fi
+ AC_CHECK_FUNCS(krb5_gss_register_acceptor_identity)
AC_CHECK_FUNCS(gss_decapsulate_token)
AC_CHECK_FUNCS(gss_encapsulate_token)
AC_CHECK_FUNCS(gss_oid_equal)
diff --git a/plugins/gssapi.c b/plugins/gssapi.c
index ff663da..7c69ac2 100644
--- a/plugins/gssapi.c
+++ b/plugins/gssapi.c
@@ -1545,7 +1545,7 @@ static sasl_server_plug_t gssapi_server_plugins[] =
};
int gssapiv2_server_plug_init(
-#ifndef HAVE_GSSKRB5_REGISTER_ACCEPTOR_IDENTITY
+#if !defined(HAVE_GSSKRB5_REGISTER_ACCEPTOR_IDENTITY) && !defined(HAVE_KRB5_GSS_REGISTER_ACCEPTOR_IDENTITY)
const sasl_utils_t *utils __attribute__((unused)),
#else
const sasl_utils_t *utils,
@@ -1555,7 +1555,7 @@ int gssapiv2_server_plug_init(
sasl_server_plug_t **pluglist,
int *plugcount)
{
-#ifdef HAVE_GSSKRB5_REGISTER_ACCEPTOR_IDENTITY
+#if defined(HAVE_GSSKRB5_REGISTER_ACCEPTOR_IDENTITY) || defined(HAVE_KRB5_GSS_REGISTER_ACCEPTOR_IDENTITY)
const char *keytab = NULL;
char keytab_path[1024];
unsigned int rl;
@@ -1565,7 +1565,7 @@ int gssapiv2_server_plug_init(
return SASL_BADVERS;
}
-#ifdef HAVE_GSSKRB5_REGISTER_ACCEPTOR_IDENTITY
+#if defined(HAVE_GSSKRB5_REGISTER_ACCEPTOR_IDENTITY) || defined(HAVE_KRB5_GSS_REGISTER_ACCEPTOR_IDENTITY)
/* unfortunately, we don't check for readability of keytab if it's
the standard one, since we don't know where it is */
@@ -1587,7 +1587,12 @@ int gssapiv2_server_plug_init(
strncpy(keytab_path, keytab, 1024);
+#ifdef HAVE_GSSKRB5_REGISTER_ACCEPTOR_IDENTITY
gsskrb5_register_acceptor_identity(keytab_path);
+#endif
+#ifdef HAVE_KRB5_GSS_REGISTER_ACCEPTOR_IDENTITY
+ krb5_gss_register_acceptor_identity(keytab_path);
+#endif
}
#endif
Author: Roberto C. Sanchez <roberto@connexer.com>
Description: Drop gratuitous dependency on krb5support
--- a/cmulocal/sasl2.m4
+++ b/cmulocal/sasl2.m4
@@ -112,9 +112,6 @@ if test "$gssapi" != no; then
fi
if test "$gss_impl" = "auto" -o "$gss_impl" = "mit"; then
- # check for libkrb5support first
- AC_CHECK_LIB(krb5support,krb5int_getspecific,K5SUP=-lkrb5support K5SUPSTATIC=$gssapi_dir/libkrb5support.a,,${LIB_SOCKET})
-
gss_failed=0
AC_CHECK_LIB(gssapi_krb5,gss_unwrap,gss_impl="mit",gss_failed=1,
${GSSAPIBASE_LIBS} -lgssapi_krb5 -lkrb5 -lk5crypto -lcom_err ${K5SUP} ${LIB_SOCKET})
From: =?utf-8?b?T25kxZllaiBTdXLDvQ==?= <ondrej@sury.org>
Date: Tue, 25 Oct 2016 12:33:27 +0200
Subject: Add ${with_pgsql}include/postgresql/ to include path
---
configure.ac | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/configure.ac b/configure.ac
index fe7f0eb..1882f31 100644
--- a/configure.ac
+++ b/configure.ac
@@ -894,7 +894,9 @@ case "$with_pgsql" in
LIB_PGSQL_DIR=$LIB_PGSQL
LIB_PGSQL="$LIB_PGSQL -lpq"
- if test -d ${with_pgsql}/include/pgsql; then
+ if test -d ${with_pgsql}/include/postgresql/; then
+ CPPFLAGS="${CPPFLAGS} -I${with_pgsql}/include/postgresql"
+ elif test -d ${with_pgsql}/include/pgsql; then
CPPFLAGS="${CPPFLAGS} -I${with_pgsql}/include/pgsql"
elif test -d ${with_pgsql}/pgsql/include; then
CPPFLAGS="${CPPFLAGS} -I${with_pgsql}/pgsql/include"
From dedad73e5e7a75d01a5f3d5a6702ab8ccd2ff40d Mon Sep 17 00:00:00 2001
From: mancha <mancha1@hush.com>
Date: Thu, 11 Jul 2013 09:08:07 +0000
Subject: Handle NULL returns from glibc 2.17+ crypt()
Starting with glibc 2.17 (eglibc 2.17), crypt() fails with EINVAL
(w/ NULL return) if the salt violates specifications. Additionally,
on FIPS-140 enabled Linux systems, DES/MD5-encrypted passwords
passed to crypt() fail with EPERM (w/ NULL return).
When using glibc's crypt(), check return value to avoid a possible
NULL pointer dereference.
Patch by mancha1@hush.com.
---
diff --git a/pwcheck/pwcheck_getpwnam.c b/pwcheck/pwcheck_getpwnam.c
index 4b34222..400289c 100644
--- a/pwcheck/pwcheck_getpwnam.c
+++ b/pwcheck/pwcheck_getpwnam.c
@@ -32,6 +32,7 @@ char *userid;
char *password;
{
char* r;
+ char* crpt_passwd;
struct passwd *pwd;
pwd = getpwnam(userid);
@@ -41,7 +42,7 @@ char *password;
else if (pwd->pw_passwd[0] == '*') {
r = "Account disabled";
}
- else if (strcmp(pwd->pw_passwd, crypt(password, pwd->pw_passwd)) != 0) {
+ else if (!(crpt_passwd = crypt(password, pwd->pw_passwd)) || strcmp(pwd->pw_passwd, (const char *)crpt_passwd) != 0) {
r = "Incorrect password";
}
else {
diff --git a/pwcheck/pwcheck_getspnam.c b/pwcheck/pwcheck_getspnam.c
index 2b11286..6d607bb 100644
--- a/pwcheck/pwcheck_getspnam.c
+++ b/pwcheck/pwcheck_getspnam.c
@@ -32,13 +32,15 @@ char *userid;
char *password;
{
struct spwd *pwd;
+ char *crpt_passwd;
pwd = getspnam(userid);
if (!pwd) {
return "Userid not found";
}
- if (strcmp(pwd->sp_pwdp, crypt(password, pwd->sp_pwdp)) != 0) {
+ crpt_passwd = crypt(password, pwd->sp_pwdp);
+ if (!crpt_passwd || strcmp(pwd->sp_pwdp, (const char *)crpt_passwd) != 0) {
return "Incorrect password";
}
else {
diff --git a/saslauthd/auth_getpwent.c b/saslauthd/auth_getpwent.c
index fc8029d..d4ebe54 100644
--- a/saslauthd/auth_getpwent.c
+++ b/saslauthd/auth_getpwent.c
@@ -77,6 +77,7 @@ auth_getpwent (
{
/* VARIABLES */
struct passwd *pw; /* pointer to passwd file entry */
+ char *crpt_passwd; /* encrypted password */
int errnum;
/* END VARIABLES */
@@ -105,7 +106,8 @@ auth_getpwent (
}
}
- if (strcmp(pw->pw_passwd, (const char *)crypt(password, pw->pw_passwd))) {
+ crpt_passwd = crypt(password, pw->pw_passwd);
+ if (!crpt_passwd || strcmp(pw->pw_passwd, (const char *)crpt_passwd)) {
if (flags & VERBOSE) {
syslog(LOG_DEBUG, "DEBUG: auth_getpwent: %s: invalid password", login);
}
diff --git a/saslauthd/auth_shadow.c b/saslauthd/auth_shadow.c
index 677131b..1988afd 100644
--- a/saslauthd/auth_shadow.c
+++ b/saslauthd/auth_shadow.c
@@ -210,8 +210,8 @@ auth_shadow (
RETURN("NO Insufficient permission to access NIS authentication database (saslauthd)");
}
- cpw = strdup((const char *)crypt(password, sp->sp_pwdp));
- if (strcmp(sp->sp_pwdp, cpw)) {
+ cpw = crypt(password, sp->sp_pwdp);
+ if (!cpw || strcmp(sp->sp_pwdp, (const char *)cpw)) {
if (flags & VERBOSE) {
/*
* This _should_ reveal the SHADOW_PW_LOCKED prefix to an
@@ -221,10 +221,8 @@ auth_shadow (
syslog(LOG_DEBUG, "DEBUG: auth_shadow: pw mismatch: '%s' != '%s'",
sp->sp_pwdp, cpw);
}
- free(cpw);
RETURN("NO Incorrect password");
}
- free(cpw);
/*
* The following fields will be set to -1 if:
@@ -286,7 +284,7 @@ auth_shadow (
RETURN("NO Invalid username");
}
- if (strcmp(upw->upw_passwd, crypt(password, upw->upw_passwd)) != 0) {
+ if (!(cpw = crypt(password, upw->upw_passwd)) || (strcmp(upw->upw_passwd, (const char *)cpw) != 0)) {
if (flags & VERBOSE) {
syslog(LOG_DEBUG, "auth_shadow: pw mismatch: %s != %s",
password, upw->upw_passwd);
--
cgit v0.9.2
......@@ -2,56 +2,51 @@
pkgbase=('cyrus-sasl')
pkgname=('cyrus-sasl' 'cyrus-sasl-gssapi' 'cyrus-sasl-ldap' 'cyrus-sasl-sql' 'libsasl')
pkgver=2.1.26
pkgrel=4
pkgver=2.1.27
pkgrel=1
pkgdesc="Cyrus Simple Authentication Service Layer (SASL) library"
arch=('x86_64')
url="http://cyrusimap.web.cmu.edu/"
license=('custom')
options=('!makeflags')
makedepends=('postgresql-libs' 'libmariadbclient' 'libldap' 'krb5' 'openssl' 'sqlite3')
source=(ftp://ftp.cyrusimap.org/cyrus-sasl/cyrus-sasl-${pkgver}.tar.gz
cyrus-sasl-2.1.22-qa.patch
cyrus-sasl-2.1.26-size_t.patch
0010_maintainer_mode.patch
0011_saslauthd_ac_prog_libtool.patch
0025_ld_as_needed.patch
0026_drop_krb5support_dependency.patch
0030-dont_use_la_files_for_opening_plugins.patch
source=(https://www.cyrusimap.org/releases/cyrus-sasl-${pkgver}.tar.gz
0003-Update-saslauthd.conf-location-in-documentation.patch
0006-Enable-autoconf-maintainer-mode.patch
0010-Update-required-libraries-when-ld-as-needed-is-used.patch
0013-Don-t-use-la-files-for-opening-plugins.patch
0020-Restore-LIBS-after-checking-gss_inquire_sec_context_.patch
0022-Fix-keytab-option-for-MIT-Kerberos.patch
0032-Add-with_pgsql-include-postgresql-to-include-path.patch
gdbm-errno.patch
saslauthd.service
saslauthd.conf.d
tmpfiles.conf
CVE-2013-4122.patch
cyrus-sasl-sql.patch)
md5sums=('a7f4e5e559a0e37b3ffc438c9456e425'
'79b8a5e8689989e2afd4b7bda595a7b1'
'f45aa8c42b32e0569ab3d14a83485b37'
'f45d8b60e8f74dd7f7c2ec1665fa602a'
'9d93880514cb5ff5da969f1ceb64a661'
'62bf892fe4d1df41ff748e91a1afaf67'
'b7848957357e7c02d6490102be496bf9'
'8e7106f32e495e9ade69014fd1b3352a'
tmpfiles.conf)
md5sums=('a33820c66e0622222c5aefafa1581083'
'977fd29a750e414d725446d1acbbdb8e'
'b247182c638a088a5a8d8bf9464e0503'
'94cc999d5994b4c8ba7fa84cdc2eb31f'
'369988925370bdcf66be8850fddd3eae'
'f699940cee64492314759e0f529cb829'
'f760650e0f39c374f90fba274eb9c40d'
'223316d400379be62b7fccce9a8f984c'
'0312a37f44084b9715319910ced2c47a'
'3499dcd610ad1ad58e0faffde2aa7a23'
'49219af5641150edec288a3fdb65e7c1'
'45bb0192d2f188066240b9a66ee6365f'
'c5f0ec88c584a75c14d7f402eaeed7ef'
'82c0f66fdc5c1145eb48ea9116c27931')
'45bb0192d2f188066240b9a66ee6365f')
prepare() {
cd cyrus-sasl-$pkgver
patch -Np1 -i ../cyrus-sasl-2.1.22-qa.patch
patch -Np1 -i ../cyrus-sasl-2.1.26-size_t.patch
patch -Np1 -i ../0010_maintainer_mode.patch
patch -Np1 -i ../0011_saslauthd_ac_prog_libtool.patch
patch -Np1 -i ../0025_ld_as_needed.patch
patch -Np1 -i ../0026_drop_krb5support_dependency.patch
patch -Np1 -i ../0030-dont_use_la_files_for_opening_plugins.patch
patch -Np1 -i ../CVE-2013-4122.patch
patch -Np0 -i ../cyrus-sasl-sql.patch
sed 's/AM_CONFIG_HEADER/AC_CONFIG_HEADERS/' -i configure.in
patch -Np1 -i ../0003-Update-saslauthd.conf-location-in-documentation.patch
patch -Np1 -i ../0006-Enable-autoconf-maintainer-mode.patch
patch -Np1 -i ../0010-Update-required-libraries-when-ld-as-needed-is-used.patch
patch -Np1 -i ../0013-Don-t-use-la-files-for-opening-plugins.patch
patch -Np1 -i ../0020-Restore-LIBS-after-checking-gss_inquire_sec_context_.patch
patch -Np1 -i ../0022-Fix-keytab-option-for-MIT-Kerberos.patch
patch -Np1 -i ../0032-Add-with_pgsql-include-postgresql-to-include-path.patch
patch -Np1 -i ../gdbm-errno.patch
cp -a saslauthd/saslauthd.mdoc saslauthd/saslauthd.8
}
build() {
export CFLAGS="$CFLAGS -fPIC"
cd cyrus-sasl-$pkgver
......@@ -60,21 +55,10 @@ build() {
rm -f config/ltconfig config/ltmain.sh config/libtool.m4
rm -fr autom4te.cache
libtoolize -c
aclocal -I config -I cmulocal
automake -a -c
autoheader
autoconf
pushd saslauthd
rm -f config/config.guess config/config.sub
rm -f config/ltconfig config/ltmain.sh config/libtool.m4
rm -fr autom4te.cache
libtoolize -c
aclocal -I config -I ../cmulocal -I ../config
aclocal -I config
automake -a -c
autoheader
autoconf
popd
./configure --prefix=/usr \
--sbin=/usr/bin \
......@@ -98,7 +82,7 @@ build() {
--enable-ntlm \
--disable-passdss \
--enable-sql \
--with-mysql \
--with-mysql=/usr \
--with-pgsql=/usr/lib \
--with-sqlite3=/usr/lib \
--enable-ldapdb \
......@@ -110,6 +94,7 @@ build() {
--with-configdir=/etc/sasl2:/etc/sasl:/usr/lib/sasl2 \
--sysconfdir=/etc \
--with-devrandom=/dev/urandom
sed -i -e 's/ -shared / -Wl,-O1,--as-needed\0/g' libtool
make
}
......
--- saslauthd/configure.in.orig 2006-05-23 15:53:17.000000000 -0700
+++ saslauthd/configure.in 2006-05-23 15:53:33.000000000 -0700
@@ -77,7 +77,7 @@
AC_DEFINE(AUTH_SASLDB,[],[Include SASLdb Support])
SASL_DB_PATH_CHECK()
SASL_DB_CHECK()
- SASL_DB_LIB="$SASL_DB_LIB ../sasldb/.libs/libsasldb.al"
+ SASL_DB_LIB="../sasldb/.libs/libsasldb.a $SASL_DB_LIB"
fi
AC_ARG_ENABLE(httpform, [ --enable-httpform enable HTTP form authentication [[no]] ],
fix missing prototype warnings
--- cyrus-sasl-2.1.22/lib/auxprop.c
+++ cyrus-sasl-2.1.22/lib/auxprop.c