pool/cyrus-sasl
SHA256
2
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Accepting request 92407 from home:rhafer:branches:network

Browse Source 
Update to 2.1.25

OBS-URL: https://build.opensuse.org/request/show/92407
OBS-URL: https://build.opensuse.org/package/show/network/cyrus-sasl?expand=0&rev=22
This commit is contained in:
Ralf Haferkamp 2011-11-18 14:39:07 +00:00 committed by Git OBS Bridge
parent a218b5fb7c
commit a45425e35e
13 changed files with 266 additions and 319 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
README.Source
View File

@ -4,4 +4,4 @@ directory "dlcompat-20010505/" from the source tarball
If you want to see the original sources you can download
them from:
http://asg.web.cmu.edu/sasl/
ftp://ftp.cyrusimap.org/cyrus-sasl

22
cyrus-sasl-2.1.22-gcc44.patch
View File

@ -1,22 +0,0 @@
Index: plugins/digestmd5.c
===================================================================
--- plugins/digestmd5.c.orig 2006-05-17 18:46:17.000000000 +0200
+++ plugins/digestmd5.c 2009-03-02 21:00:49.000000000 +0100
@@ -2715,7 +2715,7 @@ static sasl_server_plug_t digestmd5_serv
"DIGEST-MD5", /* mech_name */
#ifdef WITH_RC4
128, /* max_ssf */
-#elif WITH_DES
+#elif defined(WITH_DES)
112,
#else
1,
@@ -4034,7 +4034,7 @@ static sasl_client_plug_t digestmd5_clie
"DIGEST-MD5",
#ifdef WITH_RC4 /* mech_name */
128, /* max ssf */
-#elif WITH_DES
+#elif defined(WITH_DES)
112,
#else
1,

3
cyrus-sasl-2.1.23.tar.bz2
View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:441dc9960262de54511653e4b9a7d7100443074c3540aebaa4bb552a691740f2
size 1287516

3
cyrus-sasl-2.1.25.tar.bz2 Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:eb6e66b93a1d18182905e737cbe2cbdaaa70dcfa677afc2f4cd3b0df59c16161
size 1330164

6
cyrus-sasl-gcc4.patch
View File

@ -1,6 +1,8 @@
--- lib/saslint.h
Index: lib/saslint.h
===================================================================
--- lib/saslint.h.orig
+++ lib/saslint.h
@@ -109,8 +109,6 @@
@@ -118,8 +118,6 @@ typedef struct {
const char *appname;
} sasl_global_callbacks_t;

55
cyrus-sasl-gs2-not-overwrite-minor-error-code.dif Normal file
View File

@ -0,0 +1,55 @@
From df039a4aba685990e47e5edb7bc9e09ff7daf56a Mon Sep 17 00:00:00 2001
From: Ralf Haferkamp <rhafer@suse.de>
Date: Fri, 18 Nov 2011 10:06:22 +0100
Subject: [PATCH] Don't overwrite minor error code before retrieving the error
message
---
plugins/gs2.c | 16 +++++++++-------
1 files changed, 9 insertions(+), 7 deletions(-)
Index: cyrus-sasl-2.1.25/plugins/gs2.c
===================================================================
--- cyrus-sasl-2.1.25.orig/plugins/gs2.c
+++ cyrus-sasl-2.1.25/plugins/gs2.c
@@ -531,6 +531,11 @@ fprintf(stderr,"gss_acquire_cred over an
ret = SASL_OK;
cleanup:
+ if (ret == SASL_OK && maj_stat != GSS_S_COMPLETE) {
+ sasl_gs2_seterror(text->utils, maj_stat, min_stat);
+ ret = SASL_FAIL;
+ }
+
if (initialContextToken)
gss_release_buffer(&min_stat, &input_token);
gss_release_buffer(&min_stat, &name_buf);
@@ -538,10 +543,6 @@ cleanup:
gss_release_buffer(&min_stat, &output_token);
gss_release_name(&min_stat, &without);
- if (ret == SASL_OK && maj_stat != GSS_S_COMPLETE) {
- sasl_gs2_seterror(text->utils, maj_stat, min_stat);
- ret = SASL_FAIL;
- }
if (ret < SASL_OK)
sasl_gs2_free_context_contents(text);
@@ -838,13 +839,14 @@ static int gs2_client_mech_step(void *co
oparams->doneflag = 1;
cleanup:
- gss_release_buffer(&min_stat, &output_token);
- gss_release_buffer(&min_stat, &name_buf);
-
if (ret == SASL_OK && maj_stat != GSS_S_COMPLETE) {
sasl_gs2_seterror(text->utils, maj_stat, min_stat);
ret = SASL_FAIL;
}
+
+ gss_release_buffer(&min_stat, &output_token);
+ gss_release_buffer(&min_stat, &name_buf);
+
if (ret < SASL_OK)
sasl_gs2_free_context_contents(text);

28
cyrus-sasl-implicitfunc.dif
View File

@ -1,28 +0,0 @@
Index: cyrus-sasl-2.1.22/lib/auxprop.c
===================================================================
--- cyrus-sasl-2.1.22.orig/lib/auxprop.c
+++ cyrus-sasl-2.1.22/lib/auxprop.c
@@ -41,7 +41,7 @@
* AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING
* OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
-
+#include <stdio.h>
#include <config.h>
#include <sasl.h>
#include <prop.h>
Index: cyrus-sasl-2.1.22/saslauthd/auth_shadow.c
===================================================================
--- cyrus-sasl-2.1.22.orig/saslauthd/auth_shadow.c
+++ cyrus-sasl-2.1.22/saslauthd/auth_shadow.c
@@ -63,6 +63,10 @@
# include <shadow.h>
# endif /* ! HAVE_GETUSERPW */
+#ifdef HAVE_CRYPT_H
+#include <crypt.h>
+#endif
+
# include "auth_shadow.h"
# include "globals.h"
/* END PUBLIC DEPENDENCIES */

28
cyrus-sasl-saslauthd.changes
View File

@ -1,8 +1,32 @@
-------------------------------------------------------------------
Sun Sep 18 00:16:00 UTC 2011 - jengelh@medozas.de
Wed Nov 16 09:22:32 UTC 2011 - rhafer@suse.de
- Update to 2.1.25:
* Added support for channel bindings
* Added support for ordering SASL mechanisms by strength (on
the client side), or using the "client_mech_list" option.
* Allow DIGEST-MD5 plugin to be used for client-side and
server-side HTTP Digest, including running over non-persistent
connections (RFC 2617)
* New SASL plugins: SCRAM and GS2
* Fixed a crash caused by aborted SASL authentication
and initiation of another one using the same SASL context.
* Various improvements to DIGEST-MD5 to improve interoperability
with some slightly broken clients
- cleanup
* removed old dependencies still related to cyrus-sasl2
* plugins now depend on the exact cyrus-sasl version
* use autoreconf instead of calling all tools manually
-------------------------------------------------------------------
Fri Sep 30 20:07:52 UTC 2011 - coolo@suse.com
- add libtool as buildrequire to make the spec file more reliable
-------------------------------------------------------------------
Sun Sep 18 00:16:04 UTC 2011 - jengelh@medozas.de
- Remove redundant tags/sections from specfile
- Use %_smp_mflags for parallel build
-------------------------------------------------------------------
Mon Jun 28 06:38:35 UTC 2010 - jengelh@medozas.de

88
cyrus-sasl-saslauthd.spec
View File

@ -23,18 +23,18 @@ BuildRequires: libtool
License: BSD4c(or similar)
Group: Productivity/Networking/Other
Url: http://asg.web.cmu.edu/sasl/
Provides: cyrus-sasl:/usr/sbin/saslauthd
Provides: cyrus-sasl2:/usr/sbin/saslauthd
Summary: The SASL Authentication Server
Version: 2.1.23
Version: 2.1.25
Release: 14
Source: cyrus-sasl-%{version}.tar.bz2
Source1: cyrus-sasl-rc.tar.bz2
Source2: README.Source
Source3: baselibs.conf
Patch: cyrus-sasl.dif
Patch1: shared_link_on_ppc.patch
Patch2: cyrus-sasl-gcc4.patch
Patch3: cyrus-sasl-implicitfunc.dif
Patch4: cyrus-sasl-2.1.22-gcc44.patch
Patch3: cyrus-sasl-gs2-not-overwrite-minor-error-code.dif
Patch4: gssapi-null-deref.dif
PreReq: %insserv_prereq %fillup_prereq
BuildRoot: %{_tmppath}/%{name}-%{version}-build
@ -46,7 +46,7 @@ should authenticate with PAM, for example.
License: BSD4c(or similar)
Summary: The cyrus-sasl LDAP auxprop plugin
Group: Productivity/Networking/Other
Requires: cyrus-sasl
Requires: cyrus-sasl = %{version}
%description -n cyrus-sasl-ldap-auxprop
The LDAP auxprop plugin allows for tighter application/directory
@ -56,7 +56,7 @@ integration.
License: BSD4c(or similar)
Summary: SQL auxprop plugin for cyrus-sasl
Group: Development/Libraries/C and C++
Requires: cyrus-sasl
Requires: cyrus-sasl = %{version}
%description -n cyrus-sasl-sqlauxprop
The SQL auxprop plugin supports PostgreSQL and MySQL
@ -67,57 +67,36 @@ The SQL auxprop plugin supports PostgreSQL and MySQL
%patch1
%patch2
%patch3 -p1
%patch4
%patch4 -p1
%build
find . -name \*.cvsignore -print0 | xargs -0 rm -vf
%{suse_update_config -f config}
%{suse_update_config -f saslauthd/config}
# has old libtool macros (and nothing else)
rm -f acinclude.m4
rm -f saslauthd/acinclude.m4
rm -rf autom4te.cache
rm -rf saslauthd/autom4te.cache
libtoolize --force
aclocal -I cmulocal -I config
autoheader
autoconf
automake --add-missing --include-deps
autoconf
cd saslauthd
aclocal -I ../cmulocal -I config -I ../config
autoheader
autoconf
automake --add-missing --include-deps
cd -
autoreconf -f -i
export CFLAGS="-fno-strict-aliasing $RPM_OPT_FLAGS -DLDAP_DEPRECATED"
export CPPFLAGS=-I/usr/include/heimdal
./configure --libdir=%{_libdir} \
--with-plugindir=%{_libdir}/sasl2 \
--with-configdir=/etc/sasl2/:%{_libdir}/sasl2 \
--prefix=/usr \
--sysconfdir=/etc \
--mandir=%{_mandir} \
--with-saslauthd=/var/run/sasl2/ \
--enable-checkapop=no \
--enable-cram=no \
--enable-digest=no \
--enable-otp=no \
--enable-srp=no \
--enable-plain=no \
--enable-anon=no \
--enable-ntlm=no \
--enable-passdss=no \
--enable-sample=no \
--enable-login=no \
--enable-gssapi=yes \
--enable-krb4=no \
--enable-sql \
--with-mysql=/usr/include/mysql \
--with-pgsql=/usr/include/pgsql \
--enable-ldapdb=yes \
--with-pam \
--with-ldap
%configure --with-plugindir=%{_libdir}/sasl2 \
--with-configdir=/etc/sasl2/:%{_libdir}/sasl2 \
--with-saslauthd=/var/run/sasl2/ \
--enable-checkapop=no \
--enable-cram=no \
--enable-digest=no \
--enable-otp=no \
--enable-srp=no \
--enable-plain=no \
--enable-anon=no \
--enable-ntlm=no \
--enable-passdss=no \
--enable-sample=no \
--enable-login=no \
--enable-gssapi=no \
--enable-gs2=no \
--enable-scram=no \
--enable-krb4=no \
--enable-sql \
--with-mysql=/usr/include/mysql \
--with-pgsql=/usr/include/pgsql \
--enable-ldapdb=yes \
--with-pam \
--with-ldap
make sasldir=%{_libdir}/sasl2 %{?_smp_mflags}
%install
@ -137,7 +116,6 @@ mkdir -p $RPM_BUILD_ROOT/sbin
ln -sf ../etc/init.d/saslauthd $RPM_BUILD_ROOT/sbin/rcsaslauthd
install -D -m 644 SuSE/sysconfig.saslauthd $RPM_BUILD_ROOT/var/adm/fillup-templates/sysconfig.saslauthd
rm -f $RPM_BUILD_ROOT/%{_mandir}/cat?/*
rm -f $RPM_BUILD_ROOT/%{_libdir}/sasl2/libgssapiv2.*
rm -f $RPM_BUILD_ROOT/%{_libdir}/sasl2/libsasldb*
rm -f $RPM_BUILD_ROOT/%{_libdir}/sasl2/libldapdb.la
rm -f $RPM_BUILD_ROOT/%{_libdir}/sasl2/libsql.la

20
cyrus-sasl.changes
View File

@ -1,3 +1,23 @@
-------------------------------------------------------------------
Wed Nov 16 09:22:32 UTC 2011 - rhafer@suse.de
- Update to 2.1.25:
* Added support for channel bindings
* Added support for ordering SASL mechanisms by strength (on
the client side), or using the "client_mech_list" option.
* Allow DIGEST-MD5 plugin to be used for client-side and
server-side HTTP Digest, including running over non-persistent
connections (RFC 2617)
* New SASL plugins: SCRAM and GS2
* Fixed a crash caused by aborted SASL authentication
and initiation of another one using the same SASL context.
* Various improvements to DIGEST-MD5 to improve interoperability
with some slightly broken clients
- cleanup
* removed old dependencies still related to cyrus-sasl2
* plugins now depend on the exact cyrus-sasl version
* use autoreconf instead of calling all tools manually
-------------------------------------------------------------------
Fri Sep 30 20:07:52 UTC 2011 - coolo@suse.com

170
cyrus-sasl.dif
View File

@ -1,150 +1,32 @@
Index: cmulocal/cyrus.m4
===================================================================
--- cmulocal/cyrus.m4.orig 2009-04-28 17:09:13.000000000 +0200
+++ cmulocal/cyrus.m4 2010-06-07 15:27:08.000000000 +0200
--- cmulocal/cyrus.m4.orig
+++ cmulocal/cyrus.m4
@@ -37,7 +37,7 @@ AC_DEFUN([CMU_GUESS_RUNPATH_SWITCH], [
SAVE_LDFLAGS="${LDFLAGS}"
LDFLAGS="-R /usr/lib"
AC_TRY_LINK([],[],[andrew_runpath_switch="-R"], [
AC_TRY_LINK([],[],[andrew_cv_runpath_switch="-R"], [
- LDFLAGS="-Wl,-rpath,/usr/lib"
+# LDFLAGS="-Wl,-rpath,/usr/lib"
AC_TRY_LINK([],[],[andrew_runpath_switch="-Wl,-rpath,"],
[andrew_runpath_switch="none"])
AC_TRY_LINK([],[],[andrew_cv_runpath_switch="-Wl,-rpath,"],
[andrew_cv_runpath_switch="none"])
])
Index: Makefile.am
===================================================================
--- Makefile.am.orig 2006-05-19 16:45:21.000000000 +0200
+++ Makefile.am 2010-06-07 15:27:08.000000000 +0200
--- Makefile.am.orig
+++ Makefile.am
@@ -43,6 +43,7 @@ AUTOMAKE_OPTIONS = 1.7
#
################################################################
+ACLOCAL_AMFLAGS="-I config"
+ACLOCAL_AMFLAGS=-I config -I cmulocal
if SASLAUTHD
SAD = saslauthd
else
Index: configure.in
===================================================================
--- configure.in.orig 2009-04-28 17:18:04.000000000 +0200
+++ configure.in 2010-06-07 15:27:08.000000000 +0200
@@ -52,6 +52,7 @@ AC_CACHE_LOAD
fi
AC_CONFIG_AUX_DIR(config)
+AC_CONFIG_MACRO_DIR([config])
AC_CANONICAL_HOST
AC_CANONICAL_TARGET
Index: plugins/Makefile.am
===================================================================
--- plugins/Makefile.am.orig 2009-04-28 17:09:17.000000000 +0200
+++ plugins/Makefile.am 2010-06-07 15:27:08.000000000 +0200
@@ -46,23 +46,10 @@
# Library version info - here at the top, for sanity
# CURRENT:REVISION:AGE
-anonymous_version = 2:23:0
-digestmd5_version = 2:23:0
-kerberos4_version = 2:23:0
-gssapiv2_version = 2:23:0
-crammd5_version = 2:23:0
-passdss_version = 2:23:0
-sasldb_version = 2:23:0
-login_version = 2:23:0
-plain_version = 2:23:0
-ntlm_version = 2:23:0
-otp_version = 2:23:0
-sql_version = 2:23:0
-ldapdb_version = 2:23:0
-srp_version = 2:23:0
+plugin_version = 2:23:0
INCLUDES=-I$(top_srcdir)/include -I$(top_srcdir)/lib -I$(top_srcdir)/sasldb -I$(top_builddir)/include
-AM_LDFLAGS = -module -export-dynamic -rpath $(plugindir)
+AM_LDFLAGS = -module -export-dynamic -rpath $(plugindir) -version-info $(plugin_version)
COMPAT_OBJS = @LTGETADDRINFOOBJS@ @LTGETNAMEINFOOBJS@ @LTSNPRINTFOBJS@
@@ -82,73 +69,61 @@ EXTRA_LTLIBRARIES = libplain.la libanony
libntlm.la libpassdss.la libsasldb.la libsql.la libldapdb.la
libplain_la_SOURCES = plain.c plain_init.c $(common_sources)
-libplain_la_LDFLAGS = -version-info $(plain_version)
libplain_la_DEPENDENCIES = $(COMPAT_OBJS)
libplain_la_LIBADD = $(PLAIN_LIBS) $(COMPAT_OBJS)
libanonymous_la_SOURCES = anonymous.c anonymous_init.c $(common_sources)
-libanonymous_la_LDFLAGS = -version-info $(anonymous_version)
libanonymous_la_DEPENDENCIES = $(COMPAT_OBJS)
libanonymous_la_LIBADD = $(COMPAT_OBJS)
libkerberos4_la_SOURCES = kerberos4.c kerberos4_init.c $(common_sources)
-libkerberos4_la_LDFLAGS = -version-info $(kerberos4_version)
libkerberos4_la_DEPENDENCIES = $(COMPAT_OBJS)
libkerberos4_la_LIBADD = $(SASL_KRB_LIB) $(LIB_SOCKET) $(COMPAT_OBJS)
libgssapiv2_la_SOURCES = gssapi.c gssapiv2_init.c $(common_sources)
-libgssapiv2_la_LDFLAGS = -version-info $(gssapiv2_version)
libgssapiv2_la_DEPENDENCIES = $(COMPAT_OBJS)
libgssapiv2_la_LIBADD = $(GSSAPIBASE_LIBS) $(GSSAPI_LIBS) $(LIB_SOCKET) $(COMPAT_OBJS)
libcrammd5_la_SOURCES = cram.c crammd5_init.c $(common_sources)
-libcrammd5_la_LDFLAGS = -version-info $(crammd5_version)
libcrammd5_la_DEPENDENCIES = $(COMPAT_OBJS)
libcrammd5_la_LIBADD = $(COMPAT_OBJS)
libdigestmd5_la_SOURCES = digestmd5.c digestmd5_init.c $(common_sources)
-libdigestmd5_la_LDFLAGS = -version-info $(digestmd5_version)
libdigestmd5_la_DEPENDENCIES = $(COMPAT_OBJS)
libdigestmd5_la_LIBADD = $(LIB_DES) $(LIB_SOCKET) $(COMPAT_OBJS)
liblogin_la_SOURCES = login.c login_init.c $(common_sources)
-liblogin_la_LDFLAGS = -version-info $(login_version)
liblogin_la_DEPENDENCIES = $(COMPAT_OBJS)
liblogin_la_LIBADD = $(PLAIN_LIBS) $(COMPAT_OBJS)
libsrp_la_SOURCES = srp.c srp_init.c $(common_sources)
-libsrp_la_LDFLAGS = -version-info $(srp_version)
libsrp_la_DEPENDENCIES = $(COMPAT_OBJS)
libsrp_la_LIBADD = $(SRP_LIBS) $(COMPAT_OBJS)
libotp_la_SOURCES = otp.c otp_init.c otp.h $(common_sources)
-libotp_la_LDFLAGS = -version-info $(otp_version)
libotp_la_DEPENDENCIES = $(COMPAT_OBJS)
libotp_la_LIBADD = $(OTP_LIBS) $(COMPAT_OBJS)
libntlm_la_SOURCES = ntlm.c ntlm_init.c $(common_sources)
-libntlm_la_LDFLAGS = -version-info $(ntlm_version)
libntlm_la_DEPENDENCIES = $(COMPAT_OBJS)
libntlm_la_LIBADD = $(NTLM_LIBS) $(COMPAT_OBJS)
libpassdss_la_SOURCES = passdss.c passdss_init.c $(common_sources)
-libpassdss_la_LDFLAGS = -version-info $(passdss_version)
libpassdss_la_DEPENDENCIES = $(COMPAT_OBJS)
libpassdss_la_LIBADD = $(PASSDSS_LIBS) $(COMPAT_OBJS)
# Auxprop Plugins
libsasldb_la_SOURCES = sasldb.c sasldb_init.c $(common_sources)
-libsasldb_la_LDFLAGS = -version-info $(sasldb_version)
libsasldb_la_DEPENDENCIES = $(COMPAT_OBJS)
libsasldb_la_LIBADD = ../sasldb/libsasldb.la $(SASL_DB_LIB) $(COMPAT_OBJS)
libldapdb_la_SOURCES = ldapdb.c ldapdb_init.c $(common_sources)
-libldapdb_la_LDFLAGS = $(LIB_LDAP) -version-info $(ldapdb_version)
+libldapdb_la_LDFLAGS = $(LIB_LDAP) $(AM_LDFLAGS)
libldapdb_la_DEPENDENCIES = $(COMPAT_OBJS)
libldapdb_la_LIBADD = $(COMPAT_OBJS)
libsql_la_SOURCES = sql.c sql_init.c $(common_sources)
-libsql_la_LDFLAGS = $(LIB_MYSQL) $(LIB_PGSQL) $(LIB_SQLITE) -version-info $(sql_version)
+libsql_la_LDFLAGS = $(LIB_MYSQL) $(LIB_PGSQL) $(LIB_SQLITE) $(AM_LDFLAGS)
libsql_la_DEPENDENCIES = $(COMPAT_OBJS)
libsql_la_LIBADD = $(COMPAT_OBJS)
Index: sasldb/Makefile.am
===================================================================
--- sasldb/Makefile.am.orig 2009-04-28 17:09:18.000000000 +0200
+++ sasldb/Makefile.am 2010-06-07 15:28:37.000000000 +0200
--- sasldb/Makefile.am.orig
+++ sasldb/Makefile.am
@@ -48,6 +48,7 @@ INCLUDES=-I$(top_srcdir)/include -I$(top
extra_common_sources = db_none.c db_ndbm.c db_gdbm.c db_berkeley.c
@ -162,3 +44,35 @@ Index: sasldb/Makefile.am
+db_berkeley.lo: db_berkeley.o
+allockey.lo: allockey.o
+
Index: saslauthd/Makefile.am
===================================================================
--- saslauthd/Makefile.am.orig
+++ saslauthd/Makefile.am
@@ -1,4 +1,5 @@
AUTOMAKE_OPTIONS = 1.7
+ACLOCAL_AMFLAGS=-I ../config -I ../cmulocal
sbin_PROGRAMS = saslauthd testsaslauthd
EXTRA_PROGRAMS = saslcache
Index: plugins/gs2.c
===================================================================
--- plugins/gs2.c.orig
+++ plugins/gs2.c
@@ -374,6 +374,7 @@ gs2_server_mech_step(void *conn_context,
mechs.elements = (gss_OID)text->mechanism;
if (params->gss_creds == GSS_C_NO_CREDENTIAL) {
+fprintf(stderr,"calling gss_acquire_cred\n");
maj_stat = gss_acquire_cred(&min_stat,
text->server_name,
GSS_C_INDEFINITE,
@@ -382,7 +383,9 @@ gs2_server_mech_step(void *conn_context,
&text->server_creds,
NULL,
&text->lifetime);
+fprintf(stderr,"gss_acquire_cred returned: %d\n", maj_stat);
if (GSS_ERROR(maj_stat))
+fprintf(stderr,"gss_acquire_cred over and out: %d\n", maj_stat);
goto cleanup;
}

138
cyrus-sasl.spec
View File

@ -18,12 +18,10 @@
Name: cyrus-sasl
Version: 2.1.23
Version: 2.1.25
Release: 14
BuildRequires: db-devel krb5-mini-devel openssl-devel opie pam-devel
BuildRequires: libtool
Obsoletes: cyrus-sasl2 <= %{version}
Provides: cyrus-sasl2 = %{version}
License: BSD4c(or similar)
Group: Productivity/Networking/Other
Url: http://asg.web.cmu.edu/sasl/
@ -40,76 +38,61 @@ Source3: baselibs.conf
Patch: cyrus-sasl.dif
Patch1: shared_link_on_ppc.patch
Patch2: cyrus-sasl-gcc4.patch
Patch3: cyrus-sasl-implicitfunc.dif
Patch4: cyrus-sasl-2.1.22-gcc44.patch
Patch3: cyrus-sasl-gs2-not-overwrite-minor-error-code.dif
Patch4: gssapi-null-deref.dif
PreReq: %insserv_prereq %fillup_prereq
BuildRoot: %{_tmppath}/%{name}-%{version}-build
#
%package gssapi
License: BSD4c(or similar)
Obsoletes: cyrus-sasl2-gssapi <= %{version}
Provides: cyrus-sasl2-gssapi = %{version}
Summary: cyrus-sasl plugin for the GSSAPI mechanism
Summary: Plugin for the GSSAPI SASL mechanism
Group: Development/Libraries/C and C++
Requires: cyrus-sasl
#
Requires: %{name} = %{version}
%package crammd5
License: BSD4c(or similar)
Summary: cyrus-sasl plugin for the CRAMMD5 mechanism
Summary: Plugin for the CRAMMD5 SASL mechanism
Group: Development/Libraries/C and C++
Requires: cyrus-sasl
# cyrus-sasl2 was split in to several subpackages
# after SLES8, this "Provides" should be removed after
# EndOfLife of SLES8
Provides: cyrus-sasl2:%{_libdir}/sasl2/libcrammd5.so
#
Requires: %{name} = %{version}
%package digestmd5
License: BSD4c(or similar)
Summary: cyrus-sasl plugin for the DIGESTMD5 mechanism
Summary: Plugin for the DIGESTMD5 SASL mechanism
Group: Development/Libraries/C and C++
Requires: cyrus-sasl
# cyrus-sasl2 was split in to several subpackages
# after SLES8, this "Provides" should be removed after
# EndOfLife of SLES8
Provides: cyrus-sasl2:%{_libdir}/sasl2/libdigestmd5.so
#
Requires: %{name} = %{version}
%package otp
License: BSD4c(or similar)
Summary: cyrus-sasl plugin for the OTP mechanism
Summary: Plugin for the OTP SASL mechanism
Group: Development/Libraries/C and C++
Requires: cyrus-sasl
# cyrus-sasl2 was split in to several subpackages
# after SLES8, this "Provides" should be removed after
# EndOfLife of SLES8
Provides: cyrus-sasl2:%{_libdir}/sasl2/libotp.so
#
Requires: %{name} = %{version}
%package plain
License: BSD4c(or similar)
Summary: cyrus-sasl plugin for the PLAIN mechanism
Summary: Plugin for the PLAIN SASL mechanism
Group: Development/Libraries/C and C++
Requires: cyrus-sasl
# cyrus-sasl2 was split in to several subpackages
# after SLES8, this "Provides" should be removed after
# EndOfLife of SLES8
Provides: cyrus-sasl2:%{_libdir}/sasl2/libplain.so
#
Requires: %{name} = %{version}
%package ntlm
License: BSD4c(or similar)
Summary: Implementation of Cyrus SASL API
Summary: Plugin for the NTLM SASL mechanism
Group: Productivity/Networking/Other
Requires: cyrus-sasl
#
Requires: %{name} = %{version}
%package gs2
License: BSD4c(or similar)
Summary: Plugin for the GS2 SASL mechanism
Group: Productivity/Networking/Other
Requires: %{name} = %{version}
%package scram
License: BSD4c(or similar)
Summary: Plugin for the SCRAM SASL mechanism
Group: Productivity/Networking/Other
Requires: %{name} = %{version}
%package devel
License: BSD4c(or similar)
Obsoletes: cyrus-sasl2-devel <= %{version}
Provides: cyrus-sasl2-devel = %{version}
# bug437293
%ifarch ppc64
Obsoletes: cyrus-sasl-devel-64bit
@ -117,7 +100,7 @@ Obsoletes: cyrus-sasl-devel-64bit
#
Summary: Cyrus SASL API Implementation, Libraries and Header Files
Group: Development/Libraries/C and C++
Requires: cyrus-sasl = %{version}, glibc-devel
Requires: %{name} = %{version}, glibc-devel
%description
This is the Cyrus SASL API. It can be used on the client or server side
@ -156,6 +139,16 @@ information.
This is the Cyrus SASL API. It can be used on the client or server side
to provide authentication. See RFC 2222 for more information.
%description gs2
This is the Cyrus SASL API implementation. It can be used on the client
or server side to provide authentication. See RFC 2222 for more
information.
%description scram
This is the Cyrus SASL API implementation. It can be used on the client
or server side to provide authentication. See RFC 2222 for more
information.
%prep
%setup -q -n cyrus-sasl-%{version} -a 1
if [ -e %{_builddir}/%{name}-%{version}/dlcompat-*/ ]
@ -167,43 +160,24 @@ fi
%patch1
%patch2
%patch3 -p1
%patch4
%patch4 -p1
%build
find . -name \*.cvsignore -print0 | xargs -0 rm -fv
%{suse_update_config -f config}
%{suse_update_config -f saslauthd/config}
# has old libtool macros (and nothing else)
rm -f acinclude.m4
rm -f saslauthd/acinclude.m4
rm -rf autom4te.cache
rm -rf saslauthd/autom4te.cache
libtoolize --force
aclocal -I cmulocal -I config
autoheader
autoconf
automake --add-missing --include-deps
autoconf
cd saslauthd
aclocal -I ../cmulocal -I config -I ../config
autoheader
autoconf
automake --add-missing --include-deps
cd -
autoreconf -f -i
export CFLAGS="-fno-strict-aliasing $RPM_OPT_FLAGS"
export CPPFLAGS=-I/usr/include/heimdal
%configure --with-pic \
--with-plugindir=%{_libdir}/sasl2 \
--with-plugindir=%{_libdir}/sasl2 \
--with-configdir=/etc/sasl2/:%{_libdir}/sasl2 \
--with-saslauthd=/var/run/sasl2/ \
--enable-pam \
--enable-sample \
--enable-login \
--enable-gssapi \
--enable-ntlm \
--enable-krb4=no \
--enable-sql=no \
--with-devrandom=/dev/urandom
--with-saslauthd=/var/run/sasl2/ \
--enable-pam \
--enable-sample \
--enable-login \
--enable-gssapi \
--enable-ntlm \
--enable-krb4=no \
--enable-sql=no \
--with-devrandom=/dev/urandom
%{__make} %{?_smp_mflags} sasldir=%{_libdir}/sasl2
%install
@ -236,8 +210,8 @@ find $RPM_BUILD_ROOT -type f -name "*.la" -exec %{__rm} -fv {} +
/usr/bin/*
%doc %{_mandir}/man3/sasl.*.gz
%doc %{_mandir}/man8/*.gz
%doc AUTHORS COPYING ChangeLog INSTALL NEWS README doc
%doc saslauthd/AUTHORS saslauthd/COPYING saslauthd/ChangeLog saslauthd/INSTALL saslauthd/LDAP_SASLAUTHD saslauthd/NEWS saslauthd/README
%doc AUTHORS COPYING ChangeLog NEWS README doc
%doc saslauthd/AUTHORS saslauthd/COPYING saslauthd/ChangeLog saslauthd/LDAP_SASLAUTHD saslauthd/NEWS saslauthd/README
%files gssapi
%defattr(-,root,root)
@ -263,6 +237,14 @@ find $RPM_BUILD_ROOT -type f -name "*.la" -exec %{__rm} -fv {} +
%defattr(-,root,root)
%{_libdir}/sasl2/libntlm.so*
%files gs2
%defattr(-,root,root)
%{_libdir}/sasl2/libgs2.so*
%files scram
%defattr(-,root,root)
%{_libdir}/sasl2/libscram.so*
%files devel
%defattr(-,root,root)
/usr/include/sasl

22
gssapi-null-deref.dif Normal file
View File

@ -0,0 +1,22 @@
Index: cyrus-sasl-2.1.25/plugins/gssapi.c
===================================================================
--- cyrus-sasl-2.1.25.orig/plugins/gssapi.c
+++ cyrus-sasl-2.1.25/plugins/gssapi.c
@@ -370,7 +370,7 @@ sasl_gss_encode(void *context, const str
}
if (output_token->value && output) {
- unsigned char * p = (unsigned char *) text->encode_buf;
+ unsigned char * p;
ret = _plug_buf_alloc(text->utils,
&(text->encode_buf),
@@ -384,6 +384,8 @@ sasl_gss_encode(void *context, const str
return ret;
}
+ p = (unsigned char *) text->encode_buf;
+
p[0] = (output_token->length>>24) & 0xFF;
p[1] = (output_token->length>>16) & 0xFF;
p[2] = (output_token->length>>8) & 0xFF;