diff --git a/sdk_container/src/third_party/coreos-overlay/dev-libs/cyrus-sasl/Manifest b/sdk_container/src/third_party/coreos-overlay/dev-libs/cyrus-sasl/Manifest index 843afea7db..da2a2265fd 100644 --- a/sdk_container/src/third_party/coreos-overlay/dev-libs/cyrus-sasl/Manifest +++ b/sdk_container/src/third_party/coreos-overlay/dev-libs/cyrus-sasl/Manifest @@ -1 +1,2 @@ +DIST cyrus-sasl-2.1.27-r6-patches.tar.bz2 5169 BLAKE2B 43a2f0db4a8589ec1cde7807b31a93459eacb04d27ba36751a69dd5f4e669d1b28342194b0e1a5382e281a52a35e88168877b54065cfba01b9bd33e87fbd23f1 SHA512 41c4ca7c8f7b79e03faf5d826a6ff0ed398137239b93fb0046ccbf385f6ddeab2b9fb2f51d7a263dc74626e5fdbefb28615a1ee22aabe57ed57f10a52d382797 DIST cyrus-sasl-2.1.27.tar.gz 4111249 BLAKE2B 82c9acce8534521ce5c5806f093e927f1854b4bc4b83ea7db1b32ceaa811adc1a5b6fc16d03233d729194cd603836f6e58de67f915abab2cb74561a80d03f5a8 SHA512 d11549a99b3b06af79fc62d5478dba3305d7e7cc0824f4b91f0d2638daafbe940623eab235f85af9be38dcf5d42fc131db531c177040a85187aee5096b8df63b diff --git a/sdk_container/src/third_party/coreos-overlay/dev-libs/cyrus-sasl/cyrus-sasl-2.1.27-r3.ebuild b/sdk_container/src/third_party/coreos-overlay/dev-libs/cyrus-sasl/cyrus-sasl-2.1.27-r6.ebuild similarity index 83% rename from sdk_container/src/third_party/coreos-overlay/dev-libs/cyrus-sasl/cyrus-sasl-2.1.27-r3.ebuild rename to sdk_container/src/third_party/coreos-overlay/dev-libs/cyrus-sasl/cyrus-sasl-2.1.27-r6.ebuild index 2501feed45..b3c89f5b84 100644 --- a/sdk_container/src/third_party/coreos-overlay/dev-libs/cyrus-sasl/cyrus-sasl-2.1.27-r3.ebuild +++ b/sdk_container/src/third_party/coreos-overlay/dev-libs/cyrus-sasl/cyrus-sasl-2.1.27-r6.ebuild @@ -1,22 +1,23 @@ -# Copyright 1999-2020 Gentoo Authors +# Copyright 1999-2021 Gentoo Authors # Distributed under the terms of the GNU General Public License v2 EAPI=7 TMPFILES_OPTIONAL=1 -inherit eutils flag-o-matic multilib multilib-minimal autotools pam java-pkg-opt-2 db-use systemd tmpfiles +inherit edos2unix flag-o-matic multilib multilib-minimal autotools pam java-pkg-opt-2 db-use systemd toolchain-funcs tmpfiles SASLAUTHD_CONF_VER="2.1.26" - +MY_PATCH_VER="${PN}-2.1.27-r6-patches" DESCRIPTION="The Cyrus SASL (Simple Authentication and Security Layer)" HOMEPAGE="https://www.cyrusimap.org/sasl/" #SRC_URI="ftp://ftp.cyrusimap.org/cyrus-sasl/${P}.tar.gz" SRC_URI="https://github.com/cyrusimap/${PN}/releases/download/${P}/${P}.tar.gz" +SRC_URI+=" https://dev.gentoo.org/~sam/distfiles/${CATEGORY}/${PN}/${MY_PATCH_VER}.tar.bz2" LICENSE="BSD-with-attribution" SLOT="2" -KEYWORDS="~alpha amd64 arm arm64 hppa ~ia64 ~mips ppc ppc64 s390 sparc x86 ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris" -IUSE="authdaemond berkdb gdbm kerberos ldapdb libressl openldap mysql pam postgres sample selinux sqlite srp ssl static-libs urandom" +KEYWORDS="~alpha amd64 arm arm64 hppa ~ia64 ~mips ppc ppc64 ~riscv ~s390 sparc x86 ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris" +IUSE="authdaemond berkdb gdbm kerberos ldapdb openldap mysql pam postgres sample selinux sqlite srp ssl static-libs urandom" CDEPEND=" net-mail/mailbase @@ -31,8 +32,7 @@ CDEPEND=" postgres? ( dev-db/postgresql:* ) sqlite? ( >=dev-db/sqlite-3.8.2:3[${MULTILIB_USEDEP}] ) ssl? ( - !libressl? ( >=dev-libs/openssl-1.0.1h-r2:0=[${MULTILIB_USEDEP}] ) - libressl? ( dev-libs/libressl:=[${MULTILIB_USEDEP}] ) + >=dev-libs/openssl-1.0.1h-r2:0=[${MULTILIB_USEDEP}] ) java? ( >=virtual/jdk-1.6:= )" @@ -49,17 +49,13 @@ MULTILIB_WRAPPED_HEADERS=( ) PATCHES=( - "${FILESDIR}/${PN}-2.1.27-avoid_pic_overwrite.patch" - "${FILESDIR}/${PN}-2.1.27-autotools_fixes.patch" - "${FILESDIR}/${PN}-2.1.27-as_needed.patch" - "${FILESDIR}/${PN}-2.1.25-auxprop.patch" - "${FILESDIR}/${PN}-2.1.27-gss_c_nt_hostbased_service.patch" - "${FILESDIR}/${PN}-2.1.26-missing-size_t.patch" - "${FILESDIR}/${PN}-2.1.27-doc_build_fix.patch" - "${FILESDIR}/${PN}-2.1.27-memmem.patch" - "${FILESDIR}/${PN}-2.1.27-CVE-2019-19906.patch" - # Flatcar: - "${FILESDIR}/${PN}-2.1.27-fix-cross-compiling.patch" + "${WORKDIR}"/${MY_PATCH_VER}/ + + # flatcar changes: cross compile patch from upstream + # generate between commit: b672dbec3cf11857421af526546b1c459adc02cd..6fa9efaa08555d12bf82dea39ef8f1ce533f3ef6 + # these commits are going to be released in 2.1.28 + "${FILESDIR}"/enable_cross_builds_with_SPNEGO_detection.patch + ) pkg_setup() { @@ -84,23 +80,28 @@ src_prepare() { configure.ac || die eautoreconf + + export CC_FOR_BUILD="$(tc-getBUILD_CC)" } src_configure() { append-flags -fno-strict-aliasing + if [[ ${CHOST} == *-solaris* ]] ; then # getpassphrase is defined in /usr/include/stdlib.h append-cppflags -DHAVE_GETPASSPHRASE else # this horrendously breaks things on Solaris append-cppflags -D_XOPEN_SOURCE -D_XOPEN_SOURCE_EXTENDED -D_BSD_SOURCE -DLDAP_DEPRECATED + # replaces BSD_SOURCE (bug #579218) + append-cppflags -D_DEFAULT_SOURCE fi multilib-minimal_src_configure } multilib_src_configure() { - # Java support. + # Java support multilib_is_native_abi && use java && export JAVAC="${JAVAC} ${JAVACFLAGS}" local myeconfargs=( @@ -162,6 +163,10 @@ multilib_src_configure() { myeconfargs+=( --with-dblib=none ) fi + # flatcar change - set gssapi_supports_spnego to 'yes' + # otherwise it fails to configure for cross compilation + myeconfargs+=(ac_cv_gssapi_supports_spnego=yes) + ECONF_SOURCE="${S}" econf "${myeconfargs[@]}" } @@ -194,7 +199,6 @@ multilib_src_install() { rm -rf "${ED}/usr/$(get_libdir)/java" || die docinto "java" dodoc "${S}/java/README" "${FILESDIR}/java.README.gentoo" "${S}"/java/doc/* - dodir "/usr/share/doc/${PF}/java/Test" insinto "/usr/share/doc/${PF}/java/Test" doins "${S}"/java/Test/*.java fi @@ -219,7 +223,9 @@ multilib_src_install_all() { docinto html dodoc doc/html/*.html - newpamd "${FILESDIR}/saslauthd.pam-include" saslauthd + if use pam; then + newpamd "${FILESDIR}/saslauthd.pam-include" saslauthd + fi newinitd "${FILESDIR}/pwcheck.rc6" pwcheck systemd_dounit "${FILESDIR}/pwcheck.service" @@ -238,6 +244,8 @@ multilib_src_install_all() { } pkg_postinst() { + tmpfiles_process ${PN}.conf + # Generate an empty sasldb2 with correct permissions. if ( use berkdb || use gdbm ) && [[ ! -f "${EROOT}/etc/sasl2/sasldb2" ]] ; then einfo "Generating an empty sasldb2 with correct permissions ..." diff --git a/sdk_container/src/third_party/coreos-overlay/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.27-fix-cross-compiling.patch b/sdk_container/src/third_party/coreos-overlay/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.27-fix-cross-compiling.patch deleted file mode 100644 index 86fbcad2e4..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.27-fix-cross-compiling.patch +++ /dev/null @@ -1,40 +0,0 @@ ---- cyrus-sasl-2.1.27/m4/sasl2.m4 -+++ cyrus-sasl-2.1.27/m4/sasl2.m4 -@@ -311,36 +311,7 @@ if test "$gssapi" != no; then - [AC_DEFINE(HAVE_GSS_C_SEC_CONTEXT_SASL_SSF,, - [Define if your GSSAPI implementation defines GSS_C_SEC_CONTEXT_SASL_SSF])]) - fi -- cmu_save_LIBS="$LIBS" -- LIBS="$LIBS $GSSAPIBASE_LIBS" -- -- AC_MSG_CHECKING([for SPNEGO support in GSSAPI libraries]) -- AC_TRY_RUN([ --#ifdef HAVE_GSSAPI_H --#include --#else --#include --#endif -- --int main(void) --{ -- gss_OID_desc spnego_oid = { 6, (void *) "\x2b\x06\x01\x05\x05\x02" }; -- gss_OID_set mech_set; -- OM_uint32 min_stat; -- int have_spnego = 0; -- -- if (gss_indicate_mechs(&min_stat, &mech_set) == GSS_S_COMPLETE) { -- gss_test_oid_set_member(&min_stat, &spnego_oid, mech_set, &have_spnego); -- gss_release_oid_set(&min_stat, &mech_set); -- } -- -- return (!have_spnego); // 0 = success, 1 = failure --} --], -- [ AC_DEFINE(HAVE_GSS_SPNEGO,,[Define if your GSSAPI implementation supports SPNEGO]) -- AC_MSG_RESULT(yes) ], -- AC_MSG_RESULT(no)) -- LIBS="$cmu_save_LIBS" -+ AC_DEFINE(HAVE_GSS_SPNEGO,,[1]) - - else - AC_MSG_RESULT([disabled]) diff --git a/sdk_container/src/third_party/coreos-overlay/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.27-slibtool.patch b/sdk_container/src/third_party/coreos-overlay/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.27-slibtool.patch new file mode 100644 index 0000000000..81198cb87f --- /dev/null +++ b/sdk_container/src/third_party/coreos-overlay/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.27-slibtool.patch @@ -0,0 +1,18 @@ +https://github.com/cyrusimap/cyrus-sasl/pull/623 +https://bugs.gentoo.org/775875 + +From 5b8075eeba8d0334573689450b07610c176a2618 Mon Sep 17 00:00:00 2001 +From: orbea +Date: Wed, 9 Sep 2020 07:29:38 -0700 +Subject: [PATCH] common: Define the missing crypto_compat_version version. + +--- a/common/Makefile.am ++++ b/common/Makefile.am +@@ -46,6 +46,7 @@ + # See + # CURRENT:REVISION:AGE + plugin_common_version = 3:0:0 ++crypto_compat_version = 0:0:0 + + AM_CPPFLAGS=-fPIC -I$(top_srcdir)/include -I$(top_builddir)/include + diff --git a/sdk_container/src/third_party/coreos-overlay/dev-libs/cyrus-sasl/files/enable_cross_builds_with_SPNEGO_detection.patch b/sdk_container/src/third_party/coreos-overlay/dev-libs/cyrus-sasl/files/enable_cross_builds_with_SPNEGO_detection.patch new file mode 100644 index 0000000000..809b2e81a7 --- /dev/null +++ b/sdk_container/src/third_party/coreos-overlay/dev-libs/cyrus-sasl/files/enable_cross_builds_with_SPNEGO_detection.patch @@ -0,0 +1,59 @@ +diff --git a/m4/sasl2.m4 b/m4/sasl2.m4 +index 56e0504a..098c853a 100644 +--- a/m4/sasl2.m4 ++++ b/m4/sasl2.m4 +@@ -287,6 +287,19 @@ if test "$gssapi" != no; then + AC_CHECK_FUNCS(gss_oid_equal) + LIBS="$cmu_save_LIBS" + ++ cmu_save_LIBS="$LIBS" ++ LIBS="$LIBS $GSSAPIBASE_LIBS" ++ if test "$ac_cv_header_gssapi_gssapi_krb5_h" = "yes"; then ++ AC_CHECK_DECL(GSS_KRB5_CRED_NO_CI_FLAGS_X, ++ [AC_DEFINE(HAVE_GSS_KRB5_CRED_NO_CI_FLAGS_X,1, ++ [Define if your GSSAPI implementation supports GSS_KRB5_CRED_NO_CI_FLAGS_X])],, ++ [ ++ AC_INCLUDES_DEFAULT ++ #include ++ ]) ++ fi ++ LIBS="$cmu_save_LIBS" ++ + cmu_save_LIBS="$LIBS" + LIBS="$LIBS $GSSAPIBASE_LIBS" + AC_CHECK_FUNCS(gss_get_name_attribute) +@@ -311,11 +324,12 @@ if test "$gssapi" != no; then + [AC_DEFINE(HAVE_GSS_C_SEC_CONTEXT_SASL_SSF,, + [Define if your GSSAPI implementation defines GSS_C_SEC_CONTEXT_SASL_SSF])]) + fi +- cmu_save_LIBS="$LIBS" +- LIBS="$LIBS $GSSAPIBASE_LIBS" ++ LIBS="$cmu_save_LIBS" + +- AC_MSG_CHECKING([for SPNEGO support in GSSAPI libraries]) +- AC_TRY_RUN([ ++ AC_CACHE_CHECK([for SPNEGO support in GSSAPI libraries],[ac_cv_gssapi_supports_spnego],[ ++ cmu_save_LIBS="$LIBS" ++ LIBS="$LIBS $GSSAPIBASE_LIBS" ++ AC_TRY_RUN([ + #ifdef HAVE_GSSAPI_H + #include + #else +@@ -336,11 +350,12 @@ int main(void) + + return (!have_spnego); // 0 = success, 1 = failure + } +-], +- [ AC_DEFINE(HAVE_GSS_SPNEGO,,[Define if your GSSAPI implementation supports SPNEGO]) +- AC_MSG_RESULT(yes) ], +- AC_MSG_RESULT(no)) +- LIBS="$cmu_save_LIBS" ++],[ac_cv_gssapi_supports_spnego=yes],[ac_cv_gssapi_supports_spnego=no]) ++ LIBS="$cmu_save_LIBS" ++ ]) ++ AS_IF([test "$ac_cv_gssapi_supports_spnego" = yes],[ ++ AC_DEFINE(HAVE_GSS_SPNEGO,,[Define if your GSSAPI implementation supports SPNEGO]) ++ ]) + + else + AC_MSG_RESULT([disabled]) diff --git a/sdk_container/src/third_party/coreos-overlay/dev-libs/cyrus-sasl/metadata.xml b/sdk_container/src/third_party/coreos-overlay/dev-libs/cyrus-sasl/metadata.xml index bcabb66dbd..c1d8ef119d 100644 --- a/sdk_container/src/third_party/coreos-overlay/dev-libs/cyrus-sasl/metadata.xml +++ b/sdk_container/src/third_party/coreos-overlay/dev-libs/cyrus-sasl/metadata.xml @@ -1,15 +1,19 @@ - + - - - Add Courier-IMAP authdaemond unix socket - support (net-mail/courier-imap, mail-mta/courier) - - Add ldap support for saslauthd - Enable ldapdb plugin - Enable sample client and server - Enable SRP authentication - Use /dev/urandom instead of /dev/random - + + + + Add Courier-IMAP authdaemond unix socket + support (net-mail/courier-imap, mail-mta/courier) + + Add ldap support for saslauthd + Enable ldapdb plugin + Enable sample client and server + Enable SRP authentication + Use /dev/urandom instead of /dev/random + + + cyrusimap/cyrus-imapd +