mirrors/flatcar-scripts
1
0
Fork 0
mirror of https://github.com/flatcar/scripts.git synced 2025-08-24 07:51:03 +02:00
Code Issues Packages Projects Releases Wiki Activity

dev-libs/cyrus-sasl: sync from upstream

Browse Source 
We need to modify the cyrus-sasl build, so pull in the unmodified Gentoo
ebuild as a starting point.
This commit is contained in:
Matthew Garrett 2016-04-05 17:45:36 -07:00
parent 9c2bc3d3ef
commit e38159bac3
52 changed files with 3670 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

117
sdk_container/src/third_party/coreos-overlay/dev-libs/cyrus-sasl/ChangeLog vendored Normal file
View File

@ -0,0 +1,117 @@
# ChangeLog for dev-libs/cyrus-sasl
# Copyright 1999-2016 Gentoo Foundation; Distributed under the GPL v2
# (auto-generated from git log)
*cyrus-sasl-2.1.26-r9 (09 Aug 2015)
09 Aug 2015; Robin H. Johnson <robbat2@gentoo.org>
+cyrus-sasl-2.1.26-r9.ebuild,
+files/cyrus-sasl-0001_versioned_symbols.patch,
+files/cyrus-sasl-0002_testsuite.patch,
+files/cyrus-sasl-0006_library_mutexes.patch,
+files/cyrus-sasl-0008_one_time_sasl_set_alloc.patch,
+files/cyrus-sasl-0010_maintainer_mode.patch,
+files/cyrus-sasl-0011_saslauthd_ac_prog_libtool.patch,
+files/cyrus-sasl-0012_xopen_crypt_prototype.patch,
+files/cyrus-sasl-0014_avoid_pic_overwrite.patch,
+files/cyrus-sasl-0016_pid_file_lock_creation_mask.patch,
+files/cyrus-sasl-0026_drop_krb5support_dependency.patch,
+files/cyrus-sasl-2.1.17-pgsql-include.patch,
+files/cyrus-sasl-2.1.19-checkpw.c.patch,
+files/cyrus-sasl-2.1.21-keytab.patch,
+files/cyrus-sasl-2.1.22-as-needed.patch,
+files/cyrus-sasl-2.1.22-crypt.patch, +files/cyrus-sasl-2.1.22-gcc44.patch,
+files/cyrus-sasl-2.1.22-qa.patch, +files/cyrus-sasl-2.1.23+db-5.0.patch,
+files/cyrus-sasl-2.1.23-CVE-2013-4122.patch,
+files/cyrus-sasl-2.1.23-authd-fix.patch,
+files/cyrus-sasl-2.1.23-gss_c_nt_hostbased_service.patch,
+files/cyrus-sasl-2.1.23-rimap-loop.patch,
+files/cyrus-sasl-2.1.25-as_needed.patch,
+files/cyrus-sasl-2.1.25-autotools_fixes.patch,
+files/cyrus-sasl-2.1.25-auxprop.patch,
+files/cyrus-sasl-2.1.25-avoid_pic_overwrite.patch,
+files/cyrus-sasl-2.1.25-fix_heimdal.patch,
+files/cyrus-sasl-2.1.25-missing_header.patch,
+files/cyrus-sasl-2.1.25-saslauthd_libtool.patch,
+files/cyrus-sasl-2.1.25-sasldb_al.patch,
+files/cyrus-sasl-2.1.25-service_keytabs.patch,
+files/cyrus-sasl-2.1.26-CVE-2013-4122.patch,
+files/cyrus-sasl-2.1.26-canonuser-ldapdb-garbage-in-out-buffer.patch,
+files/cyrus-sasl-2.1.26-fix_dovecot_authentication.patch,
+files/cyrus-sasl-2.1.26-missing-size_t.patch,
+files/cyrus-sasl-2.1.26-send-imap-logout.patch, +files/cyrus-sasl.conf,
+files/java.README.gentoo, +files/pwcheck.rc6, +files/pwcheck.service,
+files/saslauthd-2.1.21.conf, +files/saslauthd-2.1.26.conf,
+files/saslauthd.pam-include, +files/saslauthd.service,
+files/saslauthd2.rc6, +files/saslauthd2.rc7, +metadata.xml:
proj/gentoo: Initial commit
This commit represents a new era for Gentoo:
Storing the gentoo-x86 tree in Git, as converted from CVS.
This commit is the start of the NEW history.
Any historical data is intended to be grafted onto this point.
Creation process:
1. Take final CVS checkout snapshot
2. Remove ALL ChangeLog* files
3. Transform all Manifests to thin
4. Remove empty Manifests
5. Convert all stale $Header$/$Id$ CVS keywords to non-expanded Git $Id$
5.1. Do not touch files with -kb/-ko keyword flags.
Signed-off-by: Robin H. Johnson <robbat2@gentoo.org>
X-Thanks: Alec Warner <antarus@gentoo.org> - did the GSoC 2006 migration
tests
X-Thanks: Robin H. Johnson <robbat2@gentoo.org> - infra guy, herding this
project
X-Thanks: Nguyen Thai Ngoc Duy <pclouds@gentoo.org> - Former Gentoo
developer, wrote Git features for the migration
X-Thanks: Brian Harring <ferringb@gentoo.org> - wrote much python to improve
cvs2svn
X-Thanks: Rich Freeman <rich0@gentoo.org> - validation scripts
X-Thanks: Patrick Lauer <patrick@gentoo.org> - Gentoo dev, running new 2014
work in migration
X-Thanks: Michał Górny <mgorny@gentoo.org> - scripts, QA, nagging
X-Thanks: All of other Gentoo developers - many ideas and lots of paint on
the bikeshed
24 Aug 2015; Justin Lecher <jlec@gentoo.org> metadata.xml:
Use https by default
Convert all URLs for sites supporting encrypted connections from http to
https
Signed-off-by: Justin Lecher <jlec@gentoo.org>
24 Aug 2015; Mike Gilbert <floppym@gentoo.org> metadata.xml:
Revert DOCTYPE SYSTEM https changes in metadata.xml
repoman does not yet accept the https version.
This partially reverts eaaface92ee81f30a6ac66fe7acbcc42c00dc450.
Bug: https://bugs.gentoo.org/552720
*cyrus-sasl-2.1.26-r10 (20 Sep 2015)
20 Sep 2015; Julian Ospald <hasufell@gentoo.org>
+cyrus-sasl-2.1.26-r10.ebuild:
add libressl support
24 Jan 2016; Michał Górny <mgorny@gentoo.org> metadata.xml:
Unify quoting in metadata.xml files for machine processing
Force unified quoting in all metadata.xml files since lxml does not
preserve original use of single and double quotes. Ensuring unified
quoting before the process allows distinguishing the GLEP 67-related
metadata.xml changes from unrelated quoting changes.
24 Jan 2016; Michał Górny <mgorny@gentoo.org> metadata.xml:
Replace all herds with appropriate projects (GLEP 67)
Replace all uses of herd with appropriate project maintainers, or no
maintainers in case of herds requested to be disbanded.
24 Jan 2016; Michał Górny <mgorny@gentoo.org> metadata.xml:
Set appropriate maintainer types in metadata.xml (GLEP 67)

1434
sdk_container/src/third_party/coreos-overlay/dev-libs/cyrus-sasl/ChangeLog-2015 vendored Normal file
View File

File diff suppressed because it is too large Load Diff

52
sdk_container/src/third_party/coreos-overlay/dev-libs/cyrus-sasl/Manifest vendored Normal file
View File

@ -0,0 +1,52 @@
AUX cyrus-sasl-0001_versioned_symbols.patch 914 SHA256 d64669070f4d19d884eaeb7d2b3b66987a714c2dda462bbbc4bcf452b705c3e0 SHA512 83329417818f1a33fb013090024e15786dadfc0fc865e2c6f09addbf8ba51519f171f8d583cd558b2ec98c2ece112a5427f8a6b02b74246cc948fe196a38681c WHIRLPOOL acb76440be9cbbb671d686080ec9478c70773c7a84526f2f1ea8bf4b994b51bb8c32830ba12c4e8c8dcfc973e17a00b847e7f67c39f639c1b1ad825612c989bc
AUX cyrus-sasl-0002_testsuite.patch 1055 SHA256 d7fff57482c2a9b148296ec680327d0cbd5254ed0a0bc99f46e2dc73758a6abc SHA512 a7ea09cfb76b4c99ca8b1316c547e6168108e11495368453fbc4e4842306727c2e1aafe9d959d195d6eb5262b5e1f91668fc7ac1d24dc6b15149ae162288994e WHIRLPOOL 5b71f60005aeeea61ad403f8a7c8c8379348f22a16780a2ef35fb092ed265191638e859c9faf576e7e06dafe8357960db0b8ba8ff8d8a940731eb8de41f81a2e
AUX cyrus-sasl-0006_library_mutexes.patch 805 SHA256 c1b955a6e9873284d27a1df62cc8952d5dbca0ea729ba326aa6f8b4ed1a96c6e SHA512 cc1783f97c65a309a11ea91ddb6f4db06590af6a987acd333dbad2da880db36b8401213e8e2cbfdb48bec021ba204f63ac0ffbea7d4dd1fdfe65d1212a062963 WHIRLPOOL 3f9876cc765d5fbce3da495135bf745c6ef6f661088635d7f2f13e60e0f276d52d65bf9ca22cfb640b5bda5d7f93244c13556524056530007aa23e5f4f3a0706
AUX cyrus-sasl-0008_one_time_sasl_set_alloc.patch 2067 SHA256 2489dbd2548fb19c75c511c3b1e86077b4dc9c9218c9d0513fdb37ff06c75dad SHA512 a9d87e0746d6584141252c1c248123cd6372df81ebcfe73d2e305757cd67bb15e1796a699a17b0f8df1504c288b4cbf172d4b604430ff84d6ab59559c3334cb3 WHIRLPOOL cec7893d587caa953fdf13030b0845656a03dbba4244dc24ee820ef555d72cd82f3b26b31c3f3d623aa2d754969ae4fd59f7d96dc598a43a5a73901372a6d49e
AUX cyrus-sasl-0010_maintainer_mode.patch 340 SHA256 dfe0cbaacbe8b6b50d14c9fcd62f0bb5e69ab942bbbfd9fbc5db96c724fadd47 SHA512 dacf72e220aae0e97635415b930c5020c846192b505db7b2aef80e0322514a1bd2ed61a00fc37e24ef034c4cde91d414582a8342a62f7a7acd0cdcfba4d41b2b WHIRLPOOL 6566b5ea1a46921cd011624a7dbf3603b209015628a6e18a9b29de9fbfeca0c4b87de696533ec6f8b9626f81c4f34675b0d639f2948085f4f91a18aa8774d401
AUX cyrus-sasl-0011_saslauthd_ac_prog_libtool.patch 281 SHA256 84458e986e1d83c4ed2c2797f367ae8a36cfe73dfc3b68a3b98e64588d9e1da2 SHA512 13273364b83a10e4d19efccbbeb39a2c00830b62b9e367812ecfd9d8d1662057d6ccfefbb89f94021491d36024d85f92482678a8773476e2aa66587a0d2769d0 WHIRLPOOL 6e6d0fa475386aab9f57bed6acdd46caa6569459e68275571ea89550aec086220e851d03b56eb0945e7882d10f403c2ac763fcdcd1cb8b3d59144cdedea6de07
AUX cyrus-sasl-0012_xopen_crypt_prototype.patch 720 SHA256 1a6d1aa451c18a9ee61a1dc64a1e18a99935b3467f64a2f92e9bb70680039223 SHA512 c0cfa47bb295c7c2463d55ab370e6ed5b6515ce97a7534e68a8f0247add2d54d2593d801b6c4c5e34711f259788da44b57301781f146da5dfb066d4216e3a135 WHIRLPOOL 878688c99f9a26a6ca14147a26f412a19b61a201284f8f709ce62365712ecf39d9b5960d8c93332d4360e09225a0d0edef3a522d52eac9c0f9c30a582ebd6c22
AUX cyrus-sasl-0014_avoid_pic_overwrite.patch 1074 SHA256 b78a3456c964116e8d121e5607b6ea3dd54d7a2696a10a18d41ff08b299ad982 SHA512 44e665021c2793c25ae95e52dbad2f9e685deab808b724b3c803a02a00b7610b7792c656752b93f4627106bb3297b6181bdfde84cce04d29d70d95731da5a83d WHIRLPOOL 783e1142d9ab6f3839d4983ff22ec273cd4b6b1166e2cb8d46871d1e732c18cbb22914599d29dd7881477fca817166abca1bdaeb0e08f9c350f4942e97f5bd8a
AUX cyrus-sasl-0016_pid_file_lock_creation_mask.patch 924 SHA256 4d802c2027e3a537be50305b0648ccdcdef6c1515b07a3d5d7bef3fb8dfbf531 SHA512 dbd61df25f235580d57dc6e09d45cd1f4b444f9a864daab50acbcb8d4e398fcc4e0432c3a21133ea855031d6d525155f5d772bd1f6124ee1e691168952207e46 WHIRLPOOL 8d3cfc094365d6c351042af6575f4421f99a4f5bd9be8191de274c079b14b5d3a158a667996e0ef8048a88f9781e4a4bf1851877a3b8b6772279d11cc2b46baa
AUX cyrus-sasl-0026_drop_krb5support_dependency.patch 1625 SHA256 e0bc73fb5a8858334ff49a2fbada79369867a7d5e90e6f9655c71d30a020656f SHA512 03e80a2ef6bca27e378195f9b3454c698005b63e56c01c0e15aeec120a28cd16f0ef98dcda445a449edf0de809658b9a5f87334b5d80488d47f44c037ca121a7 WHIRLPOOL 11f5ad7437302f8109c124b581b5075836b4cd8d82d7a045ed37374ab2924c6dc39c14c4d7ae7b76d3d62ae09043db9a7a62fd9c8bff37d91e7b8b16f419e67f
AUX cyrus-sasl-2.1.17-pgsql-include.patch 588 SHA256 577b2431bb49ce8fcd9f5f864532e69e84fc6032c56fa564f9e95e25cfdfbc7e SHA512 710b2939c6350fac164f427d870dff83f03e5050ef6258e92875249b972dcd30b99e27bfb226030f59c9202301c66901d7b4d6c62333dbd6704517ae57b7312e WHIRLPOOL bb9b02563271a1b14858df672f5c635e7729c11a7c7d1eac20ba7e9ef6f06a8637e19e42efd560f65cc307148911f2d5e1a695fe5278ba77d82334ba1a2711d6
AUX cyrus-sasl-2.1.19-checkpw.c.patch 4657 SHA256 5bdb8b3525429696a391d95c89faa553c3137c442f71479bc1aa430ee5255495 SHA512 4bc6c34908bed04035f6bf77a980873df24dea51f2a836fa1e421547e230525069046b9994714375c4807b125dbcb1a417b234936db703da6423d1c3eb9dbb8d WHIRLPOOL 70d811766abdf82aa651638265164d295e07550a07a07d9679bde284a41f8032beab462c7e6d5917d48c150c10c811719e12b80cca21ef2aed94d5470607a113
AUX cyrus-sasl-2.1.21-keytab.patch 1460 SHA256 51f0098f1293981cbea57c7c8fdb0ba7622e9b26404fe1a92bdfcdbad1526269 SHA512 d178025761273fd51a3d15fea0a44a2e66b4bd764a904a2b8cde00a77b5a13a9237bab60c0848e971613f26fc394efaf1de31246f4ebcd4990326420945f88a3 WHIRLPOOL c83731aa78604025f5f56339fcbeef56e57d2b92af269facf9beb3e9cf085abb4f1a2c4791612c47e787b7643791e681f45a40d910dd8b513da9e5dc33e7045c
AUX cyrus-sasl-2.1.22-as-needed.patch 463 SHA256 bc26996cbafb59f4daf1d7acc077bae9a60e4746109a9ec4a580eaba5cb9ca78 SHA512 e6abc938ca36435bc1bc9df2b996b4533fcc16bd4ab154aec3f747bb9d383fed23617f097c9c665f53cd35067d0f74e991c867d5029f787479d6b90869ffa8fb WHIRLPOOL c3db46be4a373adcf629f41ca742e0652ab64d32db42de47c9bb9145975f93ee79a7fdd0fb191809f11ca5343e0177d8a2b8d024f2dedc2c2ca499d39405ca79
AUX cyrus-sasl-2.1.22-crypt.patch 2892 SHA256 cad92b50aabbf2bcfdbd8169949a85a75c96e12ad43fcd4aaf89d6d7482210bf SHA512 c3fc240e049e359c00077681dcaf58be1817a01d8588e161f65a5cfa65c132d7f72f5cc58c5d24747f3b7a7ead758dd2c5eb8462b72e1e3cf13f447c1bae8279 WHIRLPOOL c1dd99b303ab41c5d845c2f697222bc9a18a014cdfd8aa4fea66faf04922a8a113f785e597a408eb2b04a66a7fdfc3eb4906244acaf986c798571e78570d0c24
AUX cyrus-sasl-2.1.22-gcc44.patch 540 SHA256 d803266d96bb3b9f46bc2ce4ec280509d769bbf9c1a226e20c13803db398a113 SHA512 ffaf7d469b049a41ca776d61b945a3adaba6eebb0e7836fa913f2d6999fda1e95d6b0ec9bb0dfa8a4809a8f865c8eef64806f43627081be6d30142e96a99724d WHIRLPOOL 78f3b53da149f045a2bc51939c63f28560e8b2926e5ab8e775e4129dff367c016f1efd83d84aa4540303e884f3f32a31306796b84112bd37a14cf1f89bcb9b4f
AUX cyrus-sasl-2.1.22-qa.patch 525 SHA256 56dbdc290871f3a42e507fe0be90431de15a832da7cf99bf3c21fb5aef05c8ac SHA512 228c9e035a29f4cf82b640f0cb16d947a43d1a95445929ea866c1a39763b8eded66dccbbdcf40e9753c7ab4da1b427c5311bcd1df5b13bbd439cd21483add5aa WHIRLPOOL 88319337100ef306b91ac768306cfef4be0eeebd193f3a35c202dc554010dfa2216fb246588b5f7526d0e2ff2551f3149b8158a1bd90592eb4444921a1e62e6f
AUX cyrus-sasl-2.1.23+db-5.0.patch 1009 SHA256 6570d4ff7668a7df47b457ebf38c232bcd9b7034db37d23effa5a18b735dc38e SHA512 da52efef06b3d43c88b1edbc16609e8db3440b39f9f515c5b16e510a83b0b5764b5b79733b68ce98b8da08d0dde43ed058ccd70b6d28593ad4c881a9f223fe36 WHIRLPOOL c2e7ae6a02fde77a562d7b9bf7732829bd6b94a525b0f30c3f7fe72053f22d1fc5d26795323f224bef09d1b3d22ef43f6d3f8d11ae6bdfef5cb1251e7646fa8e
AUX cyrus-sasl-2.1.23-CVE-2013-4122.patch 3418 SHA256 fd604196fd1a51f234445bd78ebda3655175e4fa1dbe9c918f5f093b8581ad29 SHA512 a1749be201997bf8e2a7e0bbc29b60baf8d2e4b398e88698ba59f4c55f857dcaa3fd7a2a9c9d2eb48f9ca0a9ea56f3822b5a7415d07021299bd5ed161b3f4a06 WHIRLPOOL 34b04a407552be8984e83682c2f2b1103926dbaf2304b93cc7d825928406bc02a3d1b54c9f85215ca341c8cac3805e96bb7e4bb68dd5f274716f4b68e554208b
AUX cyrus-sasl-2.1.23-authd-fix.patch 829 SHA256 8732176e4a493b6b1548dc4799bf6866b9c324f5ecaafc9d9beffe0ac423d43d SHA512 0c2a675aac47a42a17caec54ce1f5561a59a7d0dd803e1046c020f5462e49485b475983db49e64b49c24b18678afc2d58fd9937d08e8fd46fc4781e7e9441606 WHIRLPOOL bb2f3e90341d7518af21f7770cbba3e17f5fd7dc186c2eada8d969c7f5961dbfc29bbb44ffdfb68a83eabb10a82f63d32e0f62d42c839cb8039ba0cbaf32719c
AUX cyrus-sasl-2.1.23-gss_c_nt_hostbased_service.patch 782 SHA256 672fce3a1b0a45f7e91e8ed8aaad953b70118f74cf10bfb966aa65d052017b0f SHA512 524b199559b5f8f363f12bd1dd677f3354eacb68e88fa43ab8dd227465121c00841ce48ce01ba7e9e64629d5871418ed424d0c9bdda6895914c07ae7f1035595 WHIRLPOOL bd9aca1b285698ef1dff06df7c3d72f7f09dd1621a81a764ace80bb94977e394f4b3e6dadebaff34bb64e5d031d4f30aef5e7400186a29a3707f3c984e3d0bcb
AUX cyrus-sasl-2.1.23-rimap-loop.patch 783 SHA256 1d07d64b79960f026bbf271222a985bbe39ad465dab157f0cd5fbffde5622a5d SHA512 bda3b0b6cbe21145b134fee58f0cc330159bca7ae59b7d3e557eb6d5e09ea00325eafe07d139b71903626010baaa08d4cfed67257ee9548374efccd516c5579c WHIRLPOOL 284e1a9ff539c6fb028c3c042c7f09703b0a876daebb2a7c5fabd293c4b0fa5dd98ac40ea6c7e37664060284ed2eb67ce013c33ba48f0875163828c64e1063ba
AUX cyrus-sasl-2.1.25-as_needed.patch 1083 SHA256 5143036f20fdc1ff0b44b73b6d245392edc2f786d74730fc0f8f75d7b40ea5c6 SHA512 8fdc7039fda79e95ec310cd63d72871d7b5b35b5a1b6cf30b9693f6a02e265d924e375ddc65158f38de129b5da058ecd26038f988153ff0aacf2665d66f40abb WHIRLPOOL cb83b15e434c4127279a7c51f44d3a592466cbcb1591a390614b170d516be556a779e366d83ca51029626e3de706fe5c187d86491ac1b0728f2d0031ff0b5a25
AUX cyrus-sasl-2.1.25-autotools_fixes.patch 3926 SHA256 390aef512c359ae3eee9d1c781ab9586b71b98e4b8961594de0872b09acfbea2 SHA512 d1e39d856addf6b53a278669df6e87f0fddd9a1ceadc0fadf2bdac239fcec8540c797118be642a58e65e2ec667d3c2a4b604f68f659433e64dbcd5bfe35b9a82 WHIRLPOOL b501636d42de380041acf7edcb4f571fe3f4b9642ce309c78a20fa2617990dd4bede18ed368fd3ebc194c86e2b3614ccf4b1b3cb2912451cdb24d010ebab14bb
AUX cyrus-sasl-2.1.25-auxprop.patch 552 SHA256 d9f63e60aa664f064755151fb5aa442ed52a3053057b5a63f2d88c937906dc7c SHA512 73ae914e684ae698eb56a1579ba9a477a946625a3b079e2b400d88583074f1701d8a6926ed17dea36b923050f21c04fbf746d54284568bd21c14be3d10283b6f WHIRLPOOL 899e41790b71a55983fa99c09e3b9b28667e2e7f457bdc39028ad705883676f4363bbd968c04b35fe2ce84fd08c1b5daad73b988f6e2299f1c129e59bc65f93f
AUX cyrus-sasl-2.1.25-avoid_pic_overwrite.patch 1076 SHA256 80cb9cf22b0507b503ff0cf6c5946a44eb5c3808e0a77e66d56d5a53e5e76fa7 SHA512 033e3634116e1d3b316052dbe0b671cca0fcfb6063fca1a97d990c422c2ce05109a1e424e84ed9928dc0312a325a7248f2d2e3f9547f84453b36331c01f63be5 WHIRLPOOL c5d502cf80f298771331660fd3806685cee47c128be4cdffd603c44b5cc04adccf4f459b354cb30f1e05acf8be76cb1e3b76a22c09f1b3b873cc13b683608607
AUX cyrus-sasl-2.1.25-fix_heimdal.patch 601 SHA256 6285b2a9c0b9ab2590a4225ac1eb8d01678e6b0559141c274d4451def65b5283 SHA512 80a5181a3c324551ae64ead2d6199691ac9994653e4b86de21852d2caf201b5fccde6464af4189351edcad4b87dc60cab5f1c03148db77f90c6c52a16465045a WHIRLPOOL cc1adba84e09ef37ac4102b2da7c45eff9c496ca2cdb680e76b287a104e5ad039bca0b1bf319a6c5bfaa2e57cb6e5c8c4b93a8682ebac01bcb18a3b82cecac16
AUX cyrus-sasl-2.1.25-missing_header.patch 292 SHA256 a83296e782a6137b0f687491314af7a82a37296729af42ca11d1f3667f7320b3 SHA512 b1dc1fa2663c5bd9b051353e6c18ece48460c2de4aff3b6f13672e0aa08e651462af4dae38a2821367728e503ade577218d2645f8c0a96c85e77226ee77ac1a6 WHIRLPOOL 859f6c1f8a864083b163f1c95431c633b9ca6d75a72bae14ce526cca0525ef2c4f0bb2760792baeb228fcb2b64126685d918012574f6a23ebc6b4a580245f77f
AUX cyrus-sasl-2.1.25-saslauthd_libtool.patch 280 SHA256 76ba2532083630a05ed0e3a5f2976eef6ec62e0fc1782bfee6147aee749e2ce8 SHA512 1e79230a3891f1492c7d6f5969f6a4890aaae2f488e9f3942cafeda574bf8810c4fb3e004836f769244db02bae663fa3ac1eeca19658e6fd3c94f2a891ed2653 WHIRLPOOL 0ac53b59da7a22e93c489e3bc62b0db83f14953cacf6c79c806feaeb33186e4b8f747c58faf49c514df2daba2580326db2c59c576bca3ae192fc210915d93aad
AUX cyrus-sasl-2.1.25-sasldb_al.patch 555 SHA256 3885246eda016e7a6d273305b2a011770465e8324d1774ef0d021e3def3008d5 SHA512 2da553298b482ca3115294de7264428925911f8d1b6a15ae1af38ee7e0a3191a0f4ad90bcbaeef599c994842a86eea5157b663cb6944f035d9a377dba91dbbf0 WHIRLPOOL d248eae3c8e0e313c0047d0bfbf6e4dd1341afdd4b525138827148517e8cc3847f4c134cd1639be1734c60c5fde922e8bd759895de55b268c2bc9fd54994bda9
AUX cyrus-sasl-2.1.25-service_keytabs.patch 932 SHA256 6b60574c65fffd802d19b409fe9a4b043614261e59051b7b9cf51380e08cd8f3 SHA512 bd5ceebfe1b8f72d275db487a6f11bbb8e6f20f3b44c05040fd9d0bb5c72e656f2c8f22924fecaa9c268e50d54d272f25f4a5a3b72ca49d1c23ef9f178d00733 WHIRLPOOL 7b3ab47b4af7425ed619c4c6336feb74d45ab9e52d102995d13c6b013cab4c1bf2804ace0b9714066eeec8b105d09e1c267405581ae10361afd7d8762f702a3f
AUX cyrus-sasl-2.1.26-CVE-2013-4122.patch 3838 SHA256 39c3c404d6fc0da79c51157c6a3c05aeb9117cf5df87615d6a8f8086056bf94e SHA512 3df09f16dc2f4efc601339743eb6e66087977fae4e174aa82c4abb7f85a77aa9eb98629837079236446ef3b494fb48931c9dc8850362a49615749e162b4699c8 WHIRLPOOL 68a61bd075006bdde0fc7982694f8a413c4f21522b6a3a38af345c0d94e96294eb31d2f8ce05eb30ca8d228327f69bfc55f91be43f9eb1484989de4ee7aedc53
AUX cyrus-sasl-2.1.26-canonuser-ldapdb-garbage-in-out-buffer.patch 284 SHA256 334c3a2c7f409707026136ef595845f61e971e369035c3b5e3bf284f1e7e6e1d SHA512 f3b789b7dea3f6a51fca6fd1877c81b5f5a3be342fa5c90ddae98a822e0c2a71e8fa582c6cb60c696363aa5cb99db8609cd6b3a91c5d402a0ad1e6124c726f5f WHIRLPOOL 70fb8cbddf81c3dc631c0b9df72d3255590d20ae5d7d1d0ed6ca70548aaef3c48444703821c2a5ccc3b7fec5592584bc843fe5284fa1b0ef40a3446727e0f6eb
AUX cyrus-sasl-2.1.26-fix_dovecot_authentication.patch 2603 SHA256 3edf79a6b1a03c87bef8b41f858ffe32c778288cd22ffc05460c3b8ad2f6393c SHA512 4244015451dfd41443a0cf8b56ae19a1dfb550e374fcdc37dc091a54f73ab36818c25fe96f7837e3ddfe5c7952d309a5b51bedfe0b7c7f1dec8ecf15f067acda WHIRLPOOL da1a5afb7a17e0eb3e7ca7586769a766b994794d3c24a21a88c895b17b0685a06287186b3bba6cce2daf0216ee91c89f79770f205eaa6b7ba844ade263ea134b
AUX cyrus-sasl-2.1.26-missing-size_t.patch 348 SHA256 1821e0f511a3eab2cbefba36b6538a997afad2a4892d1fcbf22847d34e06711e SHA512 026183880caa504af9dda5fb93a6f47a159c7ab6af79463bc512709681dd260489411b8b8da78a9f8cd260b77ae5d1977854a39de80bc48f3a03e3ffa1b09fb2 WHIRLPOOL c71d5e4919577b6c23b1610c3fa695ad035befa9cc1de43867c9e9c17016f681854e734275241dab60271d3bc7198fd633b079ab6f53e6b8bc8ce4c513eff6bd
AUX cyrus-sasl-2.1.26-send-imap-logout.patch 1897 SHA256 021289615c690937dacf7bd0d1f23823255d141ea0c7f81a9f98d4d2b42260d4 SHA512 b30a4faea9fb66d8fab95a27b8ec87371d3650c5d2d4475449b8cebb223631d1afe9cdebd8c9b076e77bc3d2e2f5c32b24fe9292db26523212a72754cbff9995 WHIRLPOOL b7348e5300c7584d9bf18421a703a66c348bbb926c569da618876c500c78385b5580cab98c261fb051684ed45f2fb682ca837a0d4beff789f94134801898f0fa
AUX cyrus-sasl.conf 34 SHA256 1d246914153ca86390e7c39aaa9494ce1175d783d3292a8cc5a2d867b816fb7b SHA512 67b9bb97191d091ffc2b8f450ad88a558df304a29651a9a49407c50df0a316666a96e7d1a2ca3ac8ee5e60a58a5d5b618ce963661f4f45049dc6b3ef2cf8099e WHIRLPOOL 671625830fc9df9b44fff4d7fe16a7d7e76c42e8c1cf75cc7a725586aad3f80b98aa5a07ae5dea848833aed6aa02294c2a7b9969f1e708dd6854370a62c5cd23
AUX java.README.gentoo 934 SHA256 aeb733ab6371c1fe50e413e8469dcd11f0750b5afff489408c45f118857fc3fe SHA512 afcecb94e8e8c427b9491fc21312f4bed2a7d4ecedbbec8fec895cf8ca1e747073979f4415e12d8499eadbc29e8d74c6029f7cdfd7a2cb732454faaa19d52dd4 WHIRLPOOL d32cd2cfc9ffab9f791f48e0450c7eeff1b2203e29af8df8b96c4091ca7195cd579e41f38b857ef646eec28a11ea9e7c80aa6cee3f41a58d354b732a6ea15a92
AUX pwcheck.rc6 415 SHA256 9f711d5c78c93da20ef92350c81abf8768a011efd4dc0f8470d94b3fee1bd86c SHA512 571af3cef1b2984127553cca8987a6638b68d260d5083d373fa28f67614ca972ebdb408da88cfc8f98c3f03cf67d3ee51bcfd4dd540499493ceed8c59d8bb999 WHIRLPOOL bafb9ff5e1bcb0e9e67367b4d05a301c03311230b60f9f7afc54477160b33a5ecb2d396626c6c9a50a539d73db8a22598e29520a37ac307fae7942b6d41c876e
AUX pwcheck.service 129 SHA256 6b4dd0f703dfb4d61f24f3ba42884d83eba4a8cd06eb794cc7cd8bebc6c93da5 SHA512 73e01063bf308cbdc45400d4d0b61f81eade8453acec71b2ac0c0acf1ee458881aab2876cbd47208f87c6a9f298846eb509e14eb01b985c4f9e0ad4db1d8b751 WHIRLPOOL 04ba7e1e7ddf7f5cccfc6ffa0d2bc6b7c47eb0d933409dc85eb1176e374a8a1dc1844221c6fe30a0341487226f1f42ea0473a5cc1c3455a06d071ed7ff625b46
AUX saslauthd-2.1.21.conf 811 SHA256 5220310b313aa826e51dc4a2c1f97b474ded6af14a5e1cd63bcaa9c2b37321db SHA512 413acaceb34d29d9945393b6df6926d51b93e6884cf72d67031e88182f18ca0a5f24c41037a2b3cf3353944acb1eeb78e30de936627c8f8cf1f5df35730b9801 WHIRLPOOL e2e42c9b8747d51650fe27245f1313a3f740f8547cd4f95cb875872d3889dd70d6b60efe119d225b8510b51d713e49e7e575219deb788fd75da676f7fef9d7cc
AUX saslauthd-2.1.26.conf 695 SHA256 645f8991051921fb351645dc73b46bab9eddf3f4599670d189fc13855047e69d SHA512 1fdd046bec05ad1745ee8ad187eaf9fa4a47976b30b58851c46077a5990c30fa9cf658e210ec93001d213b1835c1d7623a5ec9cfb3e5ac5966fb99003806a54a WHIRLPOOL d29416006442136846d4f02ab6d7c4af84ef85db2d649792f520817be9be4835d2723dd42c92dc486888b9fe27ddbf177d1c33ab39b39e4e97b7e26e68dbf6a1
AUX saslauthd.pam-include 160 SHA256 97166de49d227cf5ff305168ea75ca584feda9ab87d1eb1437638861986e70ba SHA512 14fcfc0f69dacd25ac9b298cf44b0b44146d418424ef16e66edf8893353e418ef53beebb7199bd516b828c40954e4875ab5659f50a09af12ef2a371b944b45b1 WHIRLPOOL cc1c48bb92cf89ed9f29df2469823bd7bfa96b97fa8d6d33c7cfedef1e1a2ee12e66a0c34b7a992a631d4f446dfa4e9769d5b2c08dae5039115c00514f8a40e9
AUX saslauthd.service 277 SHA256 a8157a0748269d3534ac6f01bbf61f0215c665b50dbbf94fc2399b6d3287a677 SHA512 fa318aefec6f802badd72a4baf33875bc0021fc4889578877880971470d84bf645ad3c34dd10c582d8cc06ea512e3d56984902efaf09e2806a27feade5fc971c WHIRLPOOL 18f74f1caac60b7bbf58edf41b78c5d670a6892c8c763e05b026c930565dfb2c3ac7b6763e518824fe93c560c5f1f7e42306e950c1a942b38e0ec23824b74e89
AUX saslauthd2.rc6 417 SHA256 cc74cca0202ba8b34afeb340eebb4b05ec46d4218a8b04eb9b075c781af54b53 SHA512 71ab930feebe9dec93b887f39a27219a68edc5b297777fca4e25d483f1f587e63540a867e92ca34664da8baadcaabb9c7c35637ade8301b962b273a39346c86e WHIRLPOOL 75580a6eca1d42b44994af77cf59f3b14b9f0c6a304ac43c8d1f290d0282bc1d32906aedf0df5594a3d005a55e00ce31ac37203785327eaf00454c7aa37678cf
AUX saslauthd2.rc7 417 SHA256 bb6e6867eec37bd194f3f9417bf31515a08d630d47f1ce713ad773f4551244e0 SHA512 4ec33fff39e6e21ba894a77b582a385ad54bd66f7d68733e597ba85f1b7571bf99427aad8b69ccaa5e3fd861537dd9b25fd6a1deac1d56e548f45beada6bf359 WHIRLPOOL e231f5cd8c3cd9bb7d8e51e117590ef603ec75a3f972c53987dfacc0e5f651c0d4448fe90bfd0a84ad9f53517cda5beab81ae669176d3059c8052c031e23a998
DIST cyrus-sasl-2.1.26.tar.gz 5220231 SHA256 8fbc5136512b59bb793657f36fadda6359cae3b08f01fd16b3d406f1345b7bc3 SHA512 78819cb9bb38bea4537d6770d309deeeef09ff44a67526177609d3e1257ff4334d2b5e5131d5a1e4dea7430d8db1918ea9d171f0dee38b5e8337f4b72ed068f0 WHIRLPOOL bcba17705d5d7ef9a03802d6a0c3a887bba0473605a3a48d2672aeac187193f2488f28ab01bdf659d7a68b94b4c74e36428ca4b5be840fbed2968f1592534b33
EBUILD cyrus-sasl-2.1.26-r10.ebuild 7768 SHA256 6f3bb283f5fccf5902533dc396fad6721c7caeb5dd180c11b8728f430250c4a2 SHA512 8662debc01f3d67ae6c229379e2403d17a69545749bbcb31ff18721e82b18c4ce07edcc571dae141d55c2b0fb3041acff46ec98f73cfc831d97fa424b1c5b71d WHIRLPOOL 1f1509525471d063442a7dc6ecb192d8cedd322d85b9cc3d6e72c7a8fa6658eff936cc8df1670c197a3b1ab66f814932b39e41f711fc4583af975691dd837eeb
EBUILD cyrus-sasl-2.1.26-r9.ebuild 7674 SHA256 ff694d2a857df880a545df192f6e4e6b13f52356c9249129af1e47c300ee3694 SHA512 f8871a45e4a99d3289a576f8c2e6c1d19ccd4e0ff3261b480a99b9c258c84d09b7bdce14d1d425773b051f00d2f47f5c40cae4c7758f5de6fe72c0ab9434bfec WHIRLPOOL 6e238ae9c3f7cd835b4fc6dd327f5b1240db1be28fdb707bb2baf49306efa2225c1dc3f4600e8c6734e459aced77eb5927696e196f5f42e3e4fcacbad3bf52c0
MISC ChangeLog 5018 SHA256 8134a6cfc4a34723ddde549b9cd8a8ba2eccbbb5f48d83ba8961de89e0db9886 SHA512 5546ded0ed88df92bcfec6d87650a40c423ed31b42d31cd052fef16b5a87eecf45181e1965427dc7ab92aab0f26bf44f0476860d3fdb227c5bc9bcd928f72198 WHIRLPOOL 5a5556faab64124c9748017f7b98f8be01fbfdfbe3ca8c5fb3c793ecc564404f420220442a09fc04909d0fde5967213b1517944e329ec0e5ee5fb3fb824595a9
MISC ChangeLog-2015 52727 SHA256 cad5e2e4ba64d58e11617abd00f0fb1ef6c7f2edccc3b0c4df31bbd9c53d0d20 SHA512 7ace87d5f7be6e6d50367d79143688b3f0d363444b65a7440d9a5075c8d98c95bc882cd396dde521836cd05d233161727b4281db2184a00854c652e0a2be019f WHIRLPOOL e620fdbfe466b59edbba60af62089dcc9ce6a407917aedb5be3df3acacf0a963628c70cadb1684c908d7ebfc278006906f5d0abb76504ec4bf03ccb07960784f
MISC metadata.xml 706 SHA256 a20b99c5a9e2b9f98988c79cf520b26aeb4dc4fcc5ce64df4dbdf7edda1bae58 SHA512 1e7495deff4727296d29b25b7af535c0b36054b9172763ca8634b40f324dbc33697424a7e5565791c3131def3708c9ffb7e3e2362cbd8b334d650921fc2291ce WHIRLPOOL aa1f700aa5595aa60f2ad7befa95a055ca19aeeb059a3b5bd403f04e6da71d12de38d0dee7b3c4c8eb85cb454149bdbb408b7902fa38348ca0338d2396d21bfb

246
sdk_container/src/third_party/coreos-overlay/dev-libs/cyrus-sasl/cyrus-sasl-2.1.26-r10.ebuild vendored Normal file
View File

@ -0,0 +1,246 @@
# Copyright 1999-2015 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
# $Id$
EAPI=5
inherit eutils flag-o-matic multilib multilib-minimal autotools pam java-pkg-opt-2 db-use systemd
SASLAUTHD_CONF_VER="2.1.26"
DESCRIPTION="The Cyrus SASL (Simple Authentication and Security Layer)"
HOMEPAGE="http://cyrusimap.web.cmu.edu/"
SRC_URI="ftp://ftp.cyrusimap.org/cyrus-sasl/${P}.tar.gz"
LICENSE="BSD-with-attribution"
SLOT="2"
KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~amd64-fbsd ~sparc-fbsd ~x86-fbsd"
IUSE="authdaemond berkdb gdbm kerberos ldapdb libressl openldap mysql pam postgres sample selinux sqlite
srp ssl static-libs urandom"
DEPEND="net-mail/mailbase
authdaemond? ( || ( net-mail/courier-imap mail-mta/courier ) )
berkdb? ( >=sys-libs/db-4.8.30-r1:=[${MULTILIB_USEDEP}] )
gdbm? ( >=sys-libs/gdbm-1.10-r1[${MULTILIB_USEDEP}] )
kerberos? ( >=virtual/krb5-0-r1[${MULTILIB_USEDEP}] )
openldap? ( >=net-nds/openldap-2.4.38-r1[${MULTILIB_USEDEP}] )
mysql? ( virtual/mysql )
pam? ( >=virtual/pam-0-r1[${MULTILIB_USEDEP}] )
postgres? ( dev-db/postgresql:= )
sqlite? ( >=dev-db/sqlite-3.8.2:3[${MULTILIB_USEDEP}] )
ssl? (
!libressl? ( >=dev-libs/openssl-1.0.1h-r2:0[${MULTILIB_USEDEP}] )
libressl? ( dev-libs/libressl[${MULTILIB_USEDEP}] )
)
java? ( >=virtual/jdk-1.4:= )"
RDEPEND="${DEPEND}
selinux? ( sec-policy/selinux-sasl )"
MULTILIB_WRAPPED_HEADERS=(
/usr/include/sasl/md5global.h
)
pkg_setup() {
java-pkg-opt-2_pkg_setup
}
src_prepare() {
epatch "${FILESDIR}"/${PN}-2.1.25-sasldb_al.patch
epatch "${FILESDIR}"/${PN}-2.1.25-saslauthd_libtool.patch
epatch "${FILESDIR}"/${PN}-2.1.25-avoid_pic_overwrite.patch
epatch "${FILESDIR}"/${PN}-2.1.25-autotools_fixes.patch
epatch "${FILESDIR}"/${PN}-2.1.25-as_needed.patch
epatch "${FILESDIR}"/${PN}-2.1.25-missing_header.patch
epatch "${FILESDIR}"/${PN}-2.1.25-fix_heimdal.patch
epatch "${FILESDIR}"/${PN}-2.1.25-auxprop.patch
epatch "${FILESDIR}"/${PN}-2.1.23-gss_c_nt_hostbased_service.patch
epatch "${FILESDIR}"/${PN}-2.1.25-service_keytabs.patch
epatch "${FILESDIR}"/${PN}-2.1.26-missing-size_t.patch
epatch "${FILESDIR}"/${PN}-2.1.26-CVE-2013-4122.patch
epatch "${FILESDIR}"/${PN}-2.1.26-send-imap-logout.patch
epatch "${FILESDIR}"/${PN}-2.1.26-canonuser-ldapdb-garbage-in-out-buffer.patch
epatch "${FILESDIR}"/${PN}-2.1.26-fix_dovecot_authentication.patch
# Get rid of the -R switch (runpath_switch for Sun)
# >=gcc-4.6 errors out with unknown option
sed -i -e '/LIB_SQLITE.*-R/s/ -R[^"]*//' \
configure.in || die
# Use plugindir for sasldir
sed -i '/^sasldir =/s:=.*:= $(plugindir):' \
"${S}"/plugins/Makefile.{am,in} || die "sed failed"
# #486740 #468556
sed -i -e 's:AM_CONFIG_HEADER:AC_CONFIG_HEADERS:g' \
-e 's:AC_CONFIG_MACRO_DIR:AC_CONFIG_MACRO_DIRS:g' \
configure.in || die
sed -i -e 's:AC_CONFIG_MACRO_DIR:AC_CONFIG_MACRO_DIRS:g' \
saslauthd/configure.in || die
eautoreconf
}
src_configure() {
append-flags -fno-strict-aliasing
append-cppflags -D_XOPEN_SOURCE -D_XOPEN_SOURCE_EXTENDED -D_BSD_SOURCE -DLDAP_DEPRECATED
multilib-minimal_src_configure
}
multilib_src_configure() {
# Java support.
multilib_is_native_abi && use java && export JAVAC="${JAVAC} ${JAVACFLAGS}"
local myconf=()
# Add authdaemond support (bug #56523).
if use authdaemond ; then
myconf+=( --with-authdaemond=/var/lib/courier/authdaemon/socket )
fi
# Fix for bug #59634.
if ! use ssl ; then
myconf+=( --without-des )
fi
if use sqlite || { multilib_is_native_abi && { use mysql || use postgres; }; } ; then
myconf+=( --enable-sql )
else
myconf+=( --disable-sql )
fi
# Default to GDBM if both 'gdbm' and 'berkdb' are present.
if use gdbm ; then
einfo "Building with GNU DB as database backend for your SASLdb"
myconf+=( --with-dblib=gdbm )
elif use berkdb ; then
einfo "Building with BerkeleyDB as database backend for your SASLdb"
myconf+=(
--with-dblib=berkeley
--with-bdb-incdir="$(db_includedir)"
)
else
einfo "Building without SASLdb support"
myconf+=( --with-dblib=none )
fi
# Use /dev/urandom instead of /dev/random (bug #46038).
if use urandom ; then
myconf+=( --with-devrandom=/dev/urandom )
fi
ECONF_SOURCE=${S} \
econf \
--enable-login \
--enable-ntlm \
--enable-auth-sasldb \
--disable-cmulocal \
--disable-krb4 \
--enable-otp \
--without-sqlite \
--with-saslauthd=/run/saslauthd \
--with-pwcheck=/run/saslauthd \
--with-configdir=/etc/sasl2 \
--with-plugindir=/usr/$(get_libdir)/sasl2 \
--with-dbpath=/etc/sasl2/sasldb2 \
$(use_with ssl openssl) \
$(use_with pam) \
$(use_with openldap ldap) \
$(use_enable ldapdb) \
$(multilib_native_use_enable sample) \
$(use_enable kerberos gssapi) \
$(multilib_native_use_enable java) \
$(multilib_native_use_with java javahome ${JAVA_HOME}) \
$(multilib_native_use_with mysql mysql /usr) \
$(multilib_native_use_with postgres pgsql) \
$(use_with sqlite sqlite3 /usr/$(get_libdir)) \
$(use_enable srp) \
$(use_enable static-libs static) \
"${myconf[@]}"
}
multilib_src_compile() {
emake
# Default location for java classes breaks OpenOffice (bug #60769).
# Thanks to axxo@gentoo.org for the solution.
if multilib_is_native_abi && use java ; then
jar -cvf ${PN}.jar -C java $(find java -name "*.class")
fi
}
multilib_src_install() {
default
if multilib_is_native_abi; then
if use sample ; then
docinto sample
dodoc "${S}"/sample/*.c
exeinto /usr/share/doc/${P}/sample
doexe sample/client sample/server
fi
# Default location for java classes breaks OpenOffice (bug #60769).
if use java ; then
java-pkg_dojar ${PN}.jar
java-pkg_regso "${D}/usr/$(get_libdir)/libjavasasl.so"
# hackish, don't wanna dig through makefile
rm -Rf "${D}/usr/$(get_libdir)/java"
docinto "java"
dodoc "${S}/java/README" "${FILESDIR}/java.README.gentoo" "${S}"/java/doc/*
dodir "/usr/share/doc/${PF}/java/Test"
insinto "/usr/share/doc/${PF}/java/Test"
doins "${S}"/java/Test/*.java
fi
dosbin saslauthd/testsaslauthd
fi
}
multilib_src_install_all() {
keepdir /etc/sasl2
dodoc AUTHORS ChangeLog NEWS README doc/TODO doc/*.txt
newdoc pwcheck/README README.pwcheck
dohtml doc/*.html
docinto "saslauthd"
dodoc saslauthd/{AUTHORS,ChangeLog,LDAP_SASLAUTHD,NEWS,README}
newpamd "${FILESDIR}/saslauthd.pam-include" saslauthd
newinitd "${FILESDIR}/pwcheck.rc6" pwcheck
systemd_dounit "${FILESDIR}/pwcheck.service"
newinitd "${FILESDIR}/saslauthd2.rc7" saslauthd
newconfd "${FILESDIR}/saslauthd-${SASLAUTHD_CONF_VER}.conf" saslauthd
systemd_dounit "${FILESDIR}/saslauthd.service"
systemd_dotmpfilesd "${FILESDIR}/${PN}.conf"
prune_libtool_files --modules
}
pkg_postinst () {
# Generate an empty sasldb2 with correct permissions.
if ( use berkdb || use gdbm ) && [[ ! -f "${ROOT}/etc/sasl2/sasldb2" ]] ; then
einfo "Generating an empty sasldb2 with correct permissions ..."
echo "p" | "${ROOT}/usr/sbin/saslpasswd2" -f "${ROOT}/etc/sasl2/sasldb2" -p login \
|| die "Failed to generate sasldb2"
"${ROOT}/usr/sbin/saslpasswd2" -f "${ROOT}/etc/sasl2/sasldb2" -d login \
|| die "Failed to delete temp user"
chown root:mail "${ROOT}/etc/sasl2/sasldb2" \
|| die "Failed to chown ${ROOT}/etc/sasl2/sasldb2"
chmod 0640 "${ROOT}/etc/sasl2/sasldb2" \
|| die "Failed to chmod ${ROOT}/etc/sasl2/sasldb2"
fi
if use authdaemond ; then
elog "You need to add a user running a service using Courier's"
elog "authdaemon to the 'mail' group. For example, do:"
elog " gpasswd -a postfix mail"
elog "to add the 'postfix' user to the 'mail' group."
fi
elog "pwcheck and saslauthd home directories have moved to:"
elog " /run/saslauthd, using tmpfiles.d"
}

243
sdk_container/src/third_party/coreos-overlay/dev-libs/cyrus-sasl/cyrus-sasl-2.1.26-r9.ebuild vendored Normal file
View File

@ -0,0 +1,243 @@
# Copyright 1999-2015 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
# $Id$
EAPI=5
inherit eutils flag-o-matic multilib multilib-minimal autotools pam java-pkg-opt-2 db-use systemd
SASLAUTHD_CONF_VER="2.1.26"
DESCRIPTION="The Cyrus SASL (Simple Authentication and Security Layer)"
HOMEPAGE="http://cyrusimap.web.cmu.edu/"
SRC_URI="ftp://ftp.cyrusimap.org/cyrus-sasl/${P}.tar.gz"
LICENSE="BSD-with-attribution"
SLOT="2"
KEYWORDS="alpha amd64 arm ~arm64 hppa ia64 ~mips ppc ppc64 s390 sh sparc x86 ~amd64-fbsd ~sparc-fbsd ~x86-fbsd"
IUSE="authdaemond berkdb gdbm kerberos ldapdb openldap mysql pam postgres sample selinux sqlite
srp ssl static-libs urandom"
DEPEND="net-mail/mailbase
authdaemond? ( || ( net-mail/courier-imap mail-mta/courier ) )
berkdb? ( >=sys-libs/db-4.8.30-r1:=[${MULTILIB_USEDEP}] )
gdbm? ( >=sys-libs/gdbm-1.10-r1[${MULTILIB_USEDEP}] )
kerberos? ( >=virtual/krb5-0-r1[${MULTILIB_USEDEP}] )
openldap? ( >=net-nds/openldap-2.4.38-r1[${MULTILIB_USEDEP}] )
mysql? ( virtual/mysql )
pam? ( >=virtual/pam-0-r1[${MULTILIB_USEDEP}] )
postgres? ( dev-db/postgresql:= )
sqlite? ( >=dev-db/sqlite-3.8.2:3[${MULTILIB_USEDEP}] )
ssl? ( >=dev-libs/openssl-1.0.1h-r2[${MULTILIB_USEDEP}] )
java? ( >=virtual/jdk-1.4:= )"
RDEPEND="${DEPEND}
selinux? ( sec-policy/selinux-sasl )"
MULTILIB_WRAPPED_HEADERS=(
/usr/include/sasl/md5global.h
)
pkg_setup() {
java-pkg-opt-2_pkg_setup
}
src_prepare() {
epatch "${FILESDIR}"/${PN}-2.1.25-sasldb_al.patch
epatch "${FILESDIR}"/${PN}-2.1.25-saslauthd_libtool.patch
epatch "${FILESDIR}"/${PN}-2.1.25-avoid_pic_overwrite.patch
epatch "${FILESDIR}"/${PN}-2.1.25-autotools_fixes.patch
epatch "${FILESDIR}"/${PN}-2.1.25-as_needed.patch
epatch "${FILESDIR}"/${PN}-2.1.25-missing_header.patch
epatch "${FILESDIR}"/${PN}-2.1.25-fix_heimdal.patch
epatch "${FILESDIR}"/${PN}-2.1.25-auxprop.patch
epatch "${FILESDIR}"/${PN}-2.1.23-gss_c_nt_hostbased_service.patch
epatch "${FILESDIR}"/${PN}-2.1.25-service_keytabs.patch
epatch "${FILESDIR}"/${PN}-2.1.26-missing-size_t.patch
epatch "${FILESDIR}"/${PN}-2.1.26-CVE-2013-4122.patch
epatch "${FILESDIR}"/${PN}-2.1.26-send-imap-logout.patch
epatch "${FILESDIR}"/${PN}-2.1.26-canonuser-ldapdb-garbage-in-out-buffer.patch
epatch "${FILESDIR}"/${PN}-2.1.26-fix_dovecot_authentication.patch
# Get rid of the -R switch (runpath_switch for Sun)
# >=gcc-4.6 errors out with unknown option
sed -i -e '/LIB_SQLITE.*-R/s/ -R[^"]*//' \
configure.in || die
# Use plugindir for sasldir
sed -i '/^sasldir =/s:=.*:= $(plugindir):' \
"${S}"/plugins/Makefile.{am,in} || die "sed failed"
# #486740 #468556
sed -i -e 's:AM_CONFIG_HEADER:AC_CONFIG_HEADERS:g' \
-e 's:AC_CONFIG_MACRO_DIR:AC_CONFIG_MACRO_DIRS:g' \
configure.in || die
sed -i -e 's:AC_CONFIG_MACRO_DIR:AC_CONFIG_MACRO_DIRS:g' \
saslauthd/configure.in || die
eautoreconf
}
src_configure() {
append-flags -fno-strict-aliasing
append-cppflags -D_XOPEN_SOURCE -D_XOPEN_SOURCE_EXTENDED -D_BSD_SOURCE -DLDAP_DEPRECATED
multilib-minimal_src_configure
}
multilib_src_configure() {
# Java support.
multilib_is_native_abi && use java && export JAVAC="${JAVAC} ${JAVACFLAGS}"
local myconf=()
# Add authdaemond support (bug #56523).
if use authdaemond ; then
myconf+=( --with-authdaemond=/var/lib/courier/authdaemon/socket )
fi
# Fix for bug #59634.
if ! use ssl ; then
myconf+=( --without-des )
fi
if use sqlite || { multilib_is_native_abi && { use mysql || use postgres; }; } ; then
myconf+=( --enable-sql )
else
myconf+=( --disable-sql )
fi
# Default to GDBM if both 'gdbm' and 'berkdb' are present.
if use gdbm ; then
einfo "Building with GNU DB as database backend for your SASLdb"
myconf+=( --with-dblib=gdbm )
elif use berkdb ; then
einfo "Building with BerkeleyDB as database backend for your SASLdb"
myconf+=(
--with-dblib=berkeley
--with-bdb-incdir="$(db_includedir)"
)
else
einfo "Building without SASLdb support"
myconf+=( --with-dblib=none )
fi
# Use /dev/urandom instead of /dev/random (bug #46038).
if use urandom ; then
myconf+=( --with-devrandom=/dev/urandom )
fi
ECONF_SOURCE=${S} \
econf \
--enable-login \
--enable-ntlm \
--enable-auth-sasldb \
--disable-cmulocal \
--disable-krb4 \
--enable-otp \
--without-sqlite \
--with-saslauthd=/run/saslauthd \
--with-pwcheck=/run/saslauthd \
--with-configdir=/etc/sasl2 \
--with-plugindir=/usr/$(get_libdir)/sasl2 \
--with-dbpath=/etc/sasl2/sasldb2 \
$(use_with ssl openssl) \
$(use_with pam) \
$(use_with openldap ldap) \
$(use_enable ldapdb) \
$(multilib_native_use_enable sample) \
$(use_enable kerberos gssapi) \
$(multilib_native_use_enable java) \
$(multilib_native_use_with java javahome ${JAVA_HOME}) \
$(multilib_native_use_with mysql mysql /usr) \
$(multilib_native_use_with postgres pgsql) \
$(use_with sqlite sqlite3 /usr/$(get_libdir)) \
$(use_enable srp) \
$(use_enable static-libs static) \
"${myconf[@]}"
}
multilib_src_compile() {
emake
# Default location for java classes breaks OpenOffice (bug #60769).
# Thanks to axxo@gentoo.org for the solution.
if multilib_is_native_abi && use java ; then
jar -cvf ${PN}.jar -C java $(find java -name "*.class")
fi
}
multilib_src_install() {
default
if multilib_is_native_abi; then
if use sample ; then
docinto sample
dodoc "${S}"/sample/*.c
exeinto /usr/share/doc/${P}/sample
doexe sample/client sample/server
fi
# Default location for java classes breaks OpenOffice (bug #60769).
if use java ; then
java-pkg_dojar ${PN}.jar
java-pkg_regso "${D}/usr/$(get_libdir)/libjavasasl.so"
# hackish, don't wanna dig through makefile
rm -Rf "${D}/usr/$(get_libdir)/java"
docinto "java"
dodoc "${S}/java/README" "${FILESDIR}/java.README.gentoo" "${S}"/java/doc/*
dodir "/usr/share/doc/${PF}/java/Test"
insinto "/usr/share/doc/${PF}/java/Test"
doins "${S}"/java/Test/*.java
fi
dosbin saslauthd/testsaslauthd
fi
}
multilib_src_install_all() {
keepdir /etc/sasl2
dodoc AUTHORS ChangeLog NEWS README doc/TODO doc/*.txt
newdoc pwcheck/README README.pwcheck
dohtml doc/*.html
docinto "saslauthd"
dodoc saslauthd/{AUTHORS,ChangeLog,LDAP_SASLAUTHD,NEWS,README}
newpamd "${FILESDIR}/saslauthd.pam-include" saslauthd
newinitd "${FILESDIR}/pwcheck.rc6" pwcheck
systemd_dounit "${FILESDIR}/pwcheck.service"
newinitd "${FILESDIR}/saslauthd2.rc7" saslauthd
newconfd "${FILESDIR}/saslauthd-${SASLAUTHD_CONF_VER}.conf" saslauthd
systemd_dounit "${FILESDIR}/saslauthd.service"
systemd_dotmpfilesd "${FILESDIR}/${PN}.conf"
prune_libtool_files --modules
}
pkg_postinst () {
# Generate an empty sasldb2 with correct permissions.
if ( use berkdb || use gdbm ) && [[ ! -f "${ROOT}/etc/sasl2/sasldb2" ]] ; then
einfo "Generating an empty sasldb2 with correct permissions ..."
echo "p" | "${ROOT}/usr/sbin/saslpasswd2" -f "${ROOT}/etc/sasl2/sasldb2" -p login \
|| die "Failed to generate sasldb2"
"${ROOT}/usr/sbin/saslpasswd2" -f "${ROOT}/etc/sasl2/sasldb2" -d login \
|| die "Failed to delete temp user"
chown root:mail "${ROOT}/etc/sasl2/sasldb2" \
|| die "Failed to chown ${ROOT}/etc/sasl2/sasldb2"
chmod 0640 "${ROOT}/etc/sasl2/sasldb2" \
|| die "Failed to chmod ${ROOT}/etc/sasl2/sasldb2"
fi
if use authdaemond ; then
elog "You need to add a user running a service using Courier's"
elog "authdaemon to the 'mail' group. For example, do:"
elog " gpasswd -a postfix mail"
elog "to add the 'postfix' user to the 'mail' group."
fi
elog "pwcheck and saslauthd home directories have moved to:"
elog " /run/saslauthd, using tmpfiles.d"
}

30
sdk_container/src/third_party/coreos-overlay/dev-libs/cyrus-sasl/files/cyrus-sasl-0001_versioned_symbols.patch vendored Normal file
View File

@ -0,0 +1,30 @@
Author: Fabian Fagerholm <fabbe@debian.org>
Use versioned symbols for libsasl2.
diff --git a/lib/Makefile.am b/lib/Makefile.am
index e09fe6e..e74c507 100644
--- a/lib/Makefile.am
+++ b/lib/Makefile.am
@@ -61,8 +61,8 @@ LIB_DOOR= @LIB_DOOR@
lib_LTLIBRARIES = libsasl2.la
libsasl2_la_SOURCES = $(common_sources) $(common_headers)
-libsasl2_la_LDFLAGS = -version-info $(sasl_version)
-libsasl2_la_DEPENDENCIES = $(LTLIBOBJS)
+libsasl2_la_LDFLAGS = -version-info $(sasl_version) -Wl,--version-script=$(top_srcdir)/Versions
+libsasl2_la_DEPENDENCIES = $(LTLIBOBJS) $(top_srcdir)/Versions
libsasl2_la_LIBADD = $(LTLIBOBJS) $(SASL_DL_LIB) $(LIB_SOCKET) $(LIB_DOOR) $(LIB_CRYPT)
if MACOSX
new file mode 100644
index 0000000..ff7190d
--- /dev/null
+++ b/Versions
@@ -0,0 +1,6 @@
+SASL2 {
+ global:
+ sasl_*; prop_*; auxprop_plugin_info; _sasl_MD5*;
+};
+
+HIDDEN { local: __*; _rest*; _save*; *; };

26
sdk_container/src/third_party/coreos-overlay/dev-libs/cyrus-sasl/files/cyrus-sasl-0002_testsuite.patch vendored Normal file
View File

@ -0,0 +1,26 @@
Author: Fabian Fagerholm <fabbe@debian.org>
Description: Rename the testsuite program to sasltestsuite and use /etc/sasldb2
instead of ./sasldb as default path for the sasldb database file.
--- trunk.orig/utils/testsuite.c
+++ trunk/utils/testsuite.c
@@ -464,9 +464,9 @@
*len = (unsigned) strlen("sasldb");
return SASL_OK;
} else if (!strcmp(option, "sasldb_path")) {
- *result = "./sasldb";
+ *result = "/etc/sasldb2";
if (len)
- *len = (unsigned) strlen("./sasldb");
+ *len = (unsigned) strlen("/etc/sasldb2");
return SASL_OK;
} else if (!strcmp(option, "canon_user_plugin")) {
*result = cu_plugin;
@@ -2925,7 +2925,7 @@
void usage(void)
{
printf("Usage:\n" \
- " testsuite [-g name] [-s seed] [-r tests] -a -M\n" \
+ " sasltestsuite [-g name] [-s seed] [-r tests] -a -M\n" \
" g -- gssapi service name to use (default: host)\n" \
" r -- # of random tests to do (default: 25)\n" \
" a -- do all corruption tests (and ignores random ones unless -r specified)\n" \

25
sdk_container/src/third_party/coreos-overlay/dev-libs/cyrus-sasl/files/cyrus-sasl-0006_library_mutexes.patch vendored Normal file
View File

@ -0,0 +1,25 @@
Author: Fabian Fagerholm <fabbe@debian.org>
Description: Exact description unknown; make sure mutex-related code works.
--- trunk.orig/lib/common.c
+++ trunk/lib/common.c
@@ -771,7 +771,7 @@
result = sasl_canonuser_add_plugin("INTERNAL", internal_canonuser_init);
if(result != SASL_OK) return result;
- if (!free_mutex)
+ if (!free_mutex || free_mutex == 0x1)
free_mutex = sasl_MUTEX_ALLOC();
if (!free_mutex) return SASL_FAIL;
@@ -790,6 +790,11 @@
/* serialize disposes. this is necessary because we can't
dispose of conn->mutex if someone else is locked on it */
+
+ if (!free_mutex || free_mutex == 0x1)
+ free_mutex = sasl_MUTEX_ALLOC();
+ if (!free_mutex) return SASL_FAIL;
+
result = sasl_MUTEX_LOCK(free_mutex);
if (result!=SASL_OK) return;

67
sdk_container/src/third_party/coreos-overlay/dev-libs/cyrus-sasl/files/cyrus-sasl-0008_one_time_sasl_set_alloc.patch vendored Normal file
View File

@ -0,0 +1,67 @@
Author: Fabian Fagerholm <fabbe@debian.org>
Description: Make sasl_set_alloc a one-time function.
This patch will divert all allocations to whomever called
sasl_set_alloc first, hopefully that will be the application. If
not, we sure *hope* the library doing stupid things has sane
sasl_set_alloc semantics...
It will also deny any futher tries to sasl_set_alloc after one
of the _init functions are called.
This patch was introduced and works fine in SASL 1.5, and no
applications started behaving in insane ways, so chances are it
will also work with SASL 2.1
Reference: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=139568
Reference: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=274087
Reference: https://bugzilla.andrew.cmu.edu/show_bug.cgi?id=2525
--- trunk.orig/lib/client.c
+++ trunk/lib/client.c
@@ -202,6 +202,9 @@
{ NULL, NULL }
};
+ /* lock allocation type */
+ _sasl_allocation_locked++;
+
if(_sasl_client_active) {
/* We're already active, just increase our refcount */
/* xxx do something with the callback structure? */
--- trunk.orig/lib/common.c
+++ trunk/lib/common.c
@@ -107,6 +107,7 @@
(sasl_realloc_t *) &realloc,
(sasl_free_t *) &free
};
+int _sasl_allocation_locked = 0;
#define SASL_ENCODEV_EXTRA 4096
@@ -637,6 +638,8 @@
sasl_realloc_t *r,
sasl_free_t *f)
{
+ if (_sasl_allocation_locked++) return;
+
_sasl_allocation_utils.malloc=m;
_sasl_allocation_utils.calloc=c;
_sasl_allocation_utils.realloc=r;
--- trunk.orig/lib/saslint.h
+++ trunk/lib/saslint.h
@@ -300,6 +300,7 @@
extern sasl_allocation_utils_t _sasl_allocation_utils;
extern sasl_mutex_utils_t _sasl_mutex_utils;
+extern int _sasl_allocation_locked;
/*
* checkpw.c
--- trunk.orig/lib/server.c
+++ trunk/lib/server.c
@@ -698,6 +698,9 @@
{ NULL, NULL }
};
+ /* lock allocation type */
+ _sasl_allocation_locked++;
+
/* we require the appname (if present) to be short enough to be a path */
if (appname != NULL && strlen(appname) >= PATH_MAX)
return SASL_BADPARAM;

13
sdk_container/src/third_party/coreos-overlay/dev-libs/cyrus-sasl/files/cyrus-sasl-0010_maintainer_mode.patch vendored Normal file
View File

@ -0,0 +1,13 @@
Author: Fabian Fagerholm <fabbe@debian.org>
Description: Enable maintainer mode to avoid auto* problems.
--- trunk.orig/configure.in
+++ trunk/configure.in
@@ -62,6 +62,8 @@
AM_INIT_AUTOMAKE(cyrus-sasl, 2.1.23)
CMU_INIT_AUTOMAKE
+AM_MAINTAINER_MODE
+
# and include our config dir scripts
ACLOCAL="$ACLOCAL -I \$(top_srcdir)/config"

12
sdk_container/src/third_party/coreos-overlay/dev-libs/cyrus-sasl/files/cyrus-sasl-0011_saslauthd_ac_prog_libtool.patch vendored Normal file
View File

@ -0,0 +1,12 @@
Author: Fabian Fagerholm <fabbe@debian.org>
Description: Enable libtool use.
--- trunk.orig/saslauthd/configure.in
+++ trunk/saslauthd/configure.in
@@ -25,6 +25,7 @@
AC_PROG_MAKE_SET
AC_PROG_LN_S
AC_PROG_INSTALL
+AC_PROG_LIBTOOL
dnl Checks for build foo
CMU_C___ATTRIBUTE__

15
sdk_container/src/third_party/coreos-overlay/dev-libs/cyrus-sasl/files/cyrus-sasl-0012_xopen_crypt_prototype.patch vendored Normal file
View File

@ -0,0 +1,15 @@
Author: Dann Frazier <dannf@debian.org>
Description: When _XOPEN_SOURCE is defined, the subsequent #include <unistd.h>
will define a correct function prototype for the crypt function. This avoids
segfaults on architectures where the size of a pointer is greater than the size
of an integer (ia64 and amd64 are examples). This may be detected by looking
for build log lines such as the following:
auth_shadow.c:183: warning: implicit declaration of function crypt
auth_shadow.c:183: warning: cast to pointer from integer of different size
--- trunk.orig/saslauthd/auth_shadow.c
+++ trunk/saslauthd/auth_shadow.c
@@ -1,3 +1,4 @@
+#define _XOPEN_SOURCE
#define PWBUFSZ 256 /***SWB***/
/* MODULE: auth_shadow */

27
sdk_container/src/third_party/coreos-overlay/dev-libs/cyrus-sasl/files/cyrus-sasl-0014_avoid_pic_overwrite.patch vendored Normal file
View File

@ -0,0 +1,27 @@
Author: Fabian Fagerholm <fabbe@debian.org>
Description: This patch makes sure the non-PIC version of libsasldb.a, which
is created out of non-PIC objects, is not going to overwrite the PIC version,
which is created out of PIC objects. The PIC version is placed in .libs, and
the non-PIC version in the current directory. This ensures that both non-PIC
and PIC versions are available in the correct locations.
--- trunk.orig/lib/Makefile.am
+++ trunk/lib/Makefile.am
@@ -76,7 +76,7 @@
libsasl2.a: libsasl2.la $(SASL_STATIC_OBJS)
@echo adding static plugins and dependencies
- $(AR) cru .libs/$@ $(SASL_STATIC_OBJS)
+ $(AR) cru $@ $(SASL_STATIC_OBJS)
@for i in ./libsasl2.la ../sasldb/libsasldb.la ../plugins/lib*.la; do \
if test ! -f $$i; then continue; fi; . $$i; \
for j in $$dependency_libs foo; do \
--- trunk.orig/sasldb/Makefile.am
+++ trunk/sasldb/Makefile.am
@@ -63,6 +63,6 @@
EXTRA_libsasldb_a_SOURCES =
libsasldb.a: libsasldb.la $(SASL_DB_BACKEND_STATIC)
- $(AR) cru .libs/$@ $(SASL_DB_BACKEND_STATIC)
+ $(AR) cru $@ $(SASL_DB_BACKEND_STATIC)

24
sdk_container/src/third_party/coreos-overlay/dev-libs/cyrus-sasl/files/cyrus-sasl-0016_pid_file_lock_creation_mask.patch vendored Normal file
View File

@ -0,0 +1,24 @@
Author: Sam Hocevar <sam@zoy.org>
Description: pid_file_lock is created with a mask of 644 instead of 0644. This
patch fixes this octal/decimal confusion as well as the (harmless) one in the
previous umask() call.
--- trunk.orig/saslauthd/saslauthd-main.c
+++ trunk/saslauthd/saslauthd-main.c
@@ -276,7 +276,7 @@
exit(1);
}
- umask(077);
+ umask(0077);
pid_file_size = strlen(run_path) + sizeof(PID_FILE_LOCK) + 1;
if ((pid_file_lock = malloc(pid_file_size)) == NULL) {
@@ -287,7 +287,7 @@
strlcpy(pid_file_lock, run_path, pid_file_size);
strlcat(pid_file_lock, PID_FILE_LOCK, pid_file_size);
- if ((pid_file_lock_fd = open(pid_file_lock, O_CREAT|O_TRUNC|O_RDWR, 644)) < 0) {
+ if ((pid_file_lock_fd = open(pid_file_lock, O_CREAT|O_TRUNC|O_RDWR, 0644)) < 0) {
rc = errno;
logger(L_ERR, L_FUNC, "could not open pid lock file: %s", pid_file_lock);
logger(L_ERR, L_FUNC, "open: %s", strerror(rc));

38
sdk_container/src/third_party/coreos-overlay/dev-libs/cyrus-sasl/files/cyrus-sasl-0026_drop_krb5support_dependency.patch vendored Normal file
View File

@ -0,0 +1,38 @@
Author: Roberto C. Sanchez <roberto@connexer.com>
Description: Drop gratuitous dependency on krb5support
--- trunk.orig/aclocal.m4
+++ trunk/aclocal.m4
@@ -2924,9 +2924,6 @@
fi
if test "$gss_impl" = "auto" -o "$gss_impl" = "mit"; then
- # check for libkrb5support first
- AC_CHECK_LIB(krb5support,krb5int_getspecific,K5SUP=-lkrb5support K5SUPSTATIC=$gssapi_dir/libkrb5support.a,,${LIB_SOCKET})
-
gss_failed=0
AC_CHECK_LIB(gssapi_krb5,gss_unwrap,gss_impl="mit",gss_failed=1,
${GSSAPIBASE_LIBS} -lgssapi_krb5 -lkrb5 -lk5crypto -lcom_err ${K5SUP} ${LIB_SOCKET})
--- trunk.orig/cmulocal/sasl2.m4
+++ trunk/cmulocal/sasl2.m4
@@ -110,9 +110,6 @@
fi
if test "$gss_impl" = "auto" -o "$gss_impl" = "mit"; then
- # check for libkrb5support first
- AC_CHECK_LIB(krb5support,krb5int_getspecific,K5SUP=-lkrb5support K5SUPSTATIC=$gssapi_dir/libkrb5support.a,,${LIB_SOCKET})
-
gss_failed=0
AC_CHECK_LIB(gssapi_krb5,gss_unwrap,gss_impl="mit",gss_failed=1,
${GSSAPIBASE_LIBS} -lgssapi_krb5 -lkrb5 -lk5crypto -lcom_err ${K5SUP} ${LIB_SOCKET})
--- trunk.orig/saslauthd/aclocal.m4
+++ trunk/saslauthd/aclocal.m4
@@ -1333,9 +1333,6 @@
fi
if test "$gss_impl" = "auto" -o "$gss_impl" = "mit"; then
- # check for libkrb5support first
- AC_CHECK_LIB(krb5support,krb5int_getspecific,K5SUP=-lkrb5support K5SUPSTATIC=$gssapi_dir/libkrb5support.a,,${LIB_SOCKET})
-
gss_failed=0
AC_CHECK_LIB(gssapi_krb5,gss_unwrap,gss_impl="mit",gss_failed=1,
${GSSAPIBASE_LIBS} -lgssapi_krb5 -lkrb5 -lk5crypto -lcom_err ${K5SUP} ${LIB_SOCKET})

15
sdk_container/src/third_party/coreos-overlay/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.17-pgsql-include.patch vendored Normal file
View File

@ -0,0 +1,15 @@
Fix include path for newer PostgreSQL versions
--- configure.in
+++ configure.in
@@ -674,7 +674,9 @@
LIB_PGSQL_DIR=$LIB_PGSQL
LIB_PGSQL="$LIB_PGSQL -lpq"
- if test -d ${with_pgsql}/include/pgsql; then
+ if test -d ${with_pgsql}/include/postgresql/pgsql; then
+ CPPFLAGS="${CPPFLAGS} -I${with_pgsql}/include/postgresql/pgsql"
+ elif test -d ${with_pgsql}/include/pgsql; then
CPPFLAGS="${CPPFLAGS} -I${with_pgsql}/include/pgsql"
elif test -d ${with_pgsql}/pgsql/include; then
CPPFLAGS="${CPPFLAGS} -I${with_pgsql}/pgsql/include"

172
sdk_container/src/third_party/coreos-overlay/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.19-checkpw.c.patch vendored Normal file
View File

@ -0,0 +1,172 @@
Support for crypted passwords
http://bugs.gentoo.org/45181
--- cyrus-sasl-2.1.19/lib/Makefile.in
+++ cyrus-sasl-2.1.19/lib/Makefile.in
@@ -120,7 +120,7 @@
JAVA_TRUE = @JAVA_TRUE@
LDFLAGS = @LDFLAGS@
LIBOBJS = @LIBOBJS@
-LIBS = @LIBS@
+LIBS = -lcrypt @LIBS@
LIBTOOL = @LIBTOOL@
LIB_CRYPT = @LIB_CRYPT@
LIB_DES = @LIB_DES@
--- cyrus-sasl-2.1.19/lib/checkpw.c
+++ cyrus-sasl-2.1.19/lib/checkpw.c
@@ -94,6 +94,23 @@
# endif
#endif
+/******************************
+ * crypt(3) patch start *
+ ******************************/
+char *crypt(const char *key, const char *salt);
+
+/* cleartext password formats */
+#define PASSWORD_FORMAT_CLEARTEXT 1
+#define PASSWORD_FORMAT_CRYPT 2
+#define PASSWORD_FORMAT_CRYPTTRAD 3
+#define PASSWORD_SALT_BUF_LEN 22
+
+/* weeds out crypt(3) password's salt */
+int _sasl_get_salt (char *dest, char *src, int format);
+
+/******************************
+ * crypt(3) patch stop *
+ ******************************/
/* we store the following secret to check plaintext passwords:
*
@@ -143,7 +160,51 @@
"*cmusaslsecretPLAIN",
NULL };
struct propval auxprop_values[3];
-
+
+ /******************************
+ * crypt(3) patch start *
+ * for password format check *
+ ******************************/
+ sasl_getopt_t *getopt;
+ void *context;
+ const char *p = NULL;
+ /**
+ * MD5: 12 char salt
+ * BLOWFISH: 16 char salt
+ */
+ char salt[PASSWORD_SALT_BUF_LEN];
+ int password_format;
+
+ /* get password format from auxprop configuration */
+ if (_sasl_getcallback(conn, SASL_CB_GETOPT, &getopt, &context) == SASL_OK) {
+ getopt(context, NULL, "password_format", &p, NULL);
+ }
+
+ /* set password format */
+ if (p) {
+ /*
+ memset(pass_format_str, '\0', PASSWORD_FORMAT_STR_LEN);
+ strncpy(pass_format_str, p, (PASSWORD_FORMAT_STR_LEN - 1));
+ */
+ /* modern, modular crypt(3) */
+ if (strncmp(p, "crypt", 11) == 0)
+ password_format = PASSWORD_FORMAT_CRYPT;
+ /* traditional crypt(3) */
+ else if (strncmp(p, "crypt_trad", 11) == 0)
+ password_format = PASSWORD_FORMAT_CRYPTTRAD;
+ /* cleartext password */
+ else
+ password_format = PASSWORD_FORMAT_CLEARTEXT;
+ } else {
+ /* cleartext password */
+ password_format = PASSWORD_FORMAT_CLEARTEXT;
+ }
+
+ /******************************
+ * crypt(3) patch stop *
+ * for password format check *
+ ******************************/
+
if (!conn || !userstr)
return SASL_BADPARAM;
@@ -180,14 +241,31 @@
goto done;
}
- /* At the point this has been called, the username has been canonified
- * and we've done the auxprop lookup. This should be easy. */
- if(auxprop_values[0].name
- && auxprop_values[0].values
- && auxprop_values[0].values[0]
- && !strcmp(auxprop_values[0].values[0], passwd)) {
- /* We have a plaintext version and it matched! */
- return SASL_OK;
+
+ /******************************
+ * crypt(3) patch start *
+ ******************************/
+
+ /* get salt */
+ _sasl_get_salt(salt, (char *) auxprop_values[0].values[0], password_format);
+
+ /* crypt(3)-ed password? */
+ if (password_format != PASSWORD_FORMAT_CLEARTEXT) {
+ /* compare password */
+ if (auxprop_values[0].name && auxprop_values[0].values && auxprop_values[0].values[0] && strcmp(crypt(passwd, salt), auxprop_values[0].values[0]) == 0)
+ return SASL_OK;
+ else
+ ret = SASL_BADAUTH;
+ }
+ else if (password_format == PASSWORD_FORMAT_CLEARTEXT) {
+ /* compare passwords */
+ if (auxprop_values[0].name && auxprop_values[0].values && auxprop_values[0].values[0] && strcmp(auxprop_values[0].values[0], passwd) == 0)
+ return SASL_OK;
+ else
+ ret = SASL_BADAUTH;
+ /******************************
+ * crypt(3) patch stop *
+ ******************************/
} else if(auxprop_values[1].name
&& auxprop_values[1].values
&& auxprop_values[1].values[0]) {
@@ -975,3 +1053,37 @@
#endif
{ NULL, NULL }
};
+
+/* weeds out crypt(3) password's salt */
+int _sasl_get_salt (char *dest, char *src, int format) {
+ int num; /* how many characters is salt long? */
+ switch (format) {
+ case PASSWORD_FORMAT_CRYPT:
+ /* md5 crypt */
+ if (src[1] == '1')
+ num = 12;
+ /* blowfish crypt */
+ else if (src[1] == '2')
+ num = (src[1] == '2' && src[2] == 'a') ? 17 : 16;
+ /* traditional crypt */
+ else
+ num = 2;
+ break;
+
+ case PASSWORD_FORMAT_CRYPTTRAD:
+ num = 2;
+ break;
+
+ default:
+ return 1;
+ }
+
+ /* destroy destination */
+ memset(dest, '\0', (num + 1));
+
+ /* copy salt to destination */
+ strncpy(dest, src, num);
+
+ return 1;
+}
+

39
sdk_container/src/third_party/coreos-overlay/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.21-keytab.patch vendored Normal file
View File

@ -0,0 +1,39 @@
diff -u -r cyrus-sasl-2.1.21-orig/cmulocal/sasl2.m4 cyrus-sasl-2.1.21/cmulocal/sasl2.m4
--- cyrus-sasl-2.1.21-orig/cmulocal/sasl2.m4 2006-08-01 08:29:59.000000000 +0200
+++ cyrus-sasl-2.1.21/cmulocal/sasl2.m4 2006-08-01 08:31:32.000000000 +0200
@@ -257,7 +257,21 @@
cmu_save_LIBS="$LIBS"
LIBS="$LIBS $GSSAPIBASE_LIBS"
- AC_CHECK_FUNCS(gsskrb5_register_acceptor_identity)
+ dnl AC_CHECK_FUNCS(gsskrb5_register_acceptor_identity)
+ AC_CHECK_HEADER(gssapi/gssapi_krb5.h, AC_DEFINE(HAVE_GSSAPI_GSSAPI_KRB5_H,,[Define if you have the gssapi/gssapi_krb5.h header file]))
+ AC_LINK_IFELSE([AC_LANG_PROGRAM([[
+#ifdef HAVE_GSSAPI_H
+#include <gssapi.h>
+#else
+#include <gssapi/gssapi.h>
+#endif
+#ifdef HAVE_GSSAPI_GSSAPI_KRB5_H
+#include <gssapi/gssapi_krb5.h>
+#endif
+]],[[gsskrb5_register_acceptor_identity("");]])
+],[AC_DEFINE(HAVE_GSSKRB5_REGISTER_ACCEPTOR_IDENTITY,,
+ [Define if your GSSAPI implimentation defines GSSKRB5_REGISTER_ACCEPTOR_IDENTITY])
+])
LIBS="$cmu_save_LIBS"
else
AC_MSG_RESULT([disabled])
diff -u -r cyrus-sasl-2.1.21-orig/plugins/gssapi.c cyrus-sasl-2.1.21/plugins/gssapi.c
--- cyrus-sasl-2.1.21-orig/plugins/gssapi.c 2004-07-21 16:39:06.000000000 +0200
+++ cyrus-sasl-2.1.21/plugins/gssapi.c 2006-08-01 08:30:26.000000000 +0200
@@ -50,6 +50,9 @@
#else
#include <gssapi/gssapi.h>
#endif
+#ifdef HAVE_GSSAPI_GSSAPI_KRB5_H
+#include <gssapi/gssapi_krb5.h>
+#endif
#ifdef WIN32
# include <winsock2.h>

11
sdk_container/src/third_party/coreos-overlay/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.22-as-needed.patch vendored Normal file
View File

@ -0,0 +1,11 @@
--- saslauthd/configure.in.orig 2006-05-23 15:53:17.000000000 -0700
+++ saslauthd/configure.in 2006-05-23 15:53:33.000000000 -0700
@@ -77,7 +77,7 @@
AC_DEFINE(AUTH_SASLDB,[],[Include SASLdb Support])
SASL_DB_PATH_CHECK()
SASL_DB_CHECK()
- SASL_DB_LIB="$SASL_DB_LIB ../sasldb/.libs/libsasldb.al"
+ SASL_DB_LIB="../sasldb/.libs/libsasldb.a $SASL_DB_LIB"
fi
AC_ARG_ENABLE(httpform, [ --enable-httpform enable HTTP form authentication [[no]] ],

71
sdk_container/src/third_party/coreos-overlay/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.22-crypt.patch vendored Normal file
View File

@ -0,0 +1,71 @@
http://bugs.gentoo.org/152544
--- cyrus-sasl-2.1.22/lib/Makefile.am
+++ cyrus-sasl-2.1.22/lib/Makefile.am
@@ -45,6 +45,7 @@ sasl_version = 2:22:0
INCLUDES=-I$(top_srcdir)/include -I$(top_srcdir)/plugins -I$(top_builddir)/include -I$(top_srcdir)/sasldb
+AM_CFLAGS = -fPIC
EXTRA_DIST = windlopen.c staticopen.h NTMakefile
EXTRA_LIBRARIES = libsasl2.a
noinst_LIBRARIES = @SASL_STATIC_LIBS@
--- cyrus-sasl-2.1.22/plugins/Makefile.am
+++ cyrus-sasl-2.1.22/plugins/Makefile.am
@@ -63,6 +63,7 @@ srp_version = 2:22:0
INCLUDES=-I$(top_srcdir)/include -I$(top_srcdir)/lib -I$(top_srcdir)/sasldb -I$(top_builddir)/include
AM_LDFLAGS = -module -export-dynamic -rpath $(plugindir)
+AM_CFLAGS = -fPIC
COMPAT_OBJS = @LTGETADDRINFOOBJS@ @LTGETNAMEINFOOBJS@ @LTSNPRINTFOBJS@
--- cyrus-sasl-2.1.22/sasldb/Makefile.am
+++ cyrus-sasl-2.1.22/sasldb/Makefile.am
@@ -48,6 +48,7 @@ INCLUDES=-I$(top_srcdir)/include -I$(top
extra_common_sources = db_none.c db_ndbm.c db_gdbm.c db_berkeley.c
+AM_CFLAGS = -fPIC
EXTRA_DIST = NTMakefile
noinst_LTLIBRARIES = libsasldb.la
--- cyrus-sasl-2.1.22/utils/Makefile.am
+++ cyrus-sasl-2.1.22/utils/Makefile.am
@@ -42,7 +42,7 @@
#
################################################################
-all_sasl_libs = ../lib/libsasl2.la $(SASL_DB_LIB) $(LIB_SOCKET)
+all_sasl_libs = ../lib/libsasl2.la $(SASL_DB_LIB) $(LIB_SOCKET) $(LIB_CRYPT)
all_sasl_static_libs = ../lib/.libs/libsasl2.a $(SASL_DB_LIB) $(LIB_SOCKET) $(GSSAPIBASE_LIBS) $(GSSAPI_LIBS) $(SASL_KRB_LIB) $(LIB_DES) $(PLAIN_LIBS) $(SRP_LIBS) $(LIB_MYSQL) $(LIB_PGSQL) $(LIB_SQLITE)
sbin_PROGRAMS = @SASL_DB_UTILS@ @SMTPTEST_PROGRAM@ pluginviewer
--- cyrus-sasl-2.1.22/sample/Makefile.am
+++ cyrus-sasl-2.1.22/sample/Makefile.am
@@ -54,10 +54,10 @@ sample_server_SOURCES = sample-server.c
server_SOURCES = server.c common.c common.h
client_SOURCES = client.c common.c common.h
-server_LDADD = ../lib/libsasl2.la $(LIB_SOCKET)
-client_LDADD = ../lib/libsasl2.la $(LIB_SOCKET)
+server_LDADD = ../lib/libsasl2.la $(LIB_SOCKET) $(LIB_CRYPT)
+client_LDADD = ../lib/libsasl2.la $(LIB_SOCKET) $(LIB_CRYPT)
-sample_client_LDADD = ../lib/libsasl2.la $(LIB_SOCKET)
-sample_server_LDADD = ../lib/libsasl2.la $(LIB_SOCKET)
+sample_client_LDADD = ../lib/libsasl2.la $(LIB_SOCKET) $(LIB_CRYPT)
+sample_server_LDADD = ../lib/libsasl2.la $(LIB_SOCKET) $(LIB_CRYPT)
EXTRA_DIST = NTMakefile
--- cyrus-sasl-2.1.22/lib/Makefile.am
+++ cyrus-sasl-2.1.22/lib/Makefile.am
@@ -63,7 +63,7 @@ lib_LTLIBRARIES = libsasl2.la
libsasl2_la_SOURCES = $(common_sources) $(common_headers)
libsasl2_la_LDFLAGS = -version-info $(sasl_version)
libsasl2_la_DEPENDENCIES = $(LTLIBOBJS)
-libsasl2_la_LIBADD = $(LTLIBOBJS) $(SASL_DL_LIB) $(LIB_SOCKET) $(LIB_DOOR)
+libsasl2_la_LIBADD = $(LTLIBOBJS) $(SASL_DL_LIB) $(LIB_SOCKET) $(LIB_DOOR) $(LIB_CRYPT)
if MACOSX
framedir = /Library/Frameworks/SASL2.framework

24
sdk_container/src/third_party/coreos-overlay/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.22-gcc44.patch vendored Normal file
View File

@ -0,0 +1,24 @@
fix warnings with gcc-4.4
http://bugs.gentoo.org/248738
--- cyrus-sasl-2.1.22/plugins/digestmd5.c
+++ cyrus-sasl-2.1.22/plugins/digestmd5.c
@@ -2715,7 +2715,7 @@ static sasl_server_plug_t digestmd5_serv
"DIGEST-MD5", /* mech_name */
#ifdef WITH_RC4
128, /* max_ssf */
-#elif WITH_DES
+#elif defined(WITH_DES)
112,
#else
1,
@@ -4034,7 +4034,7 @@ static sasl_client_plug_t digestmd5_clie
"DIGEST-MD5",
#ifdef WITH_RC4 /* mech_name */
128, /* max ssf */
-#elif WITH_DES
+#elif defined(WITH_DES)
112,
#else
1,

22
sdk_container/src/third_party/coreos-overlay/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.22-qa.patch vendored Normal file
View File

@ -0,0 +1,22 @@
fix missing prototype warnings
--- cyrus-sasl-2.1.22/lib/auxprop.c
+++ cyrus-sasl-2.1.22/lib/auxprop.c
@@ -43,6 +43,7 @@
*/
#include <config.h>
+#include <stdio.h>
#include <sasl.h>
#include <prop.h>
#include <ctype.h>
--- cyrus-sasl-2.1.22/pwcheck/pwcheck_getspnam.c
+++ cyrus-sasl-2.1.22/pwcheck/pwcheck_getspnam.c
@@ -24,6 +24,7 @@ OF OR IN CONNECTION WITH THE USE OR PERF
******************************************************************/
#include <shadow.h>
+#include <string.h>
extern char *crypt();

23
sdk_container/src/third_party/coreos-overlay/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.23+db-5.0.patch vendored Normal file
View File

@ -0,0 +1,23 @@
--- sasldb/db_berkeley.c.orig 2010-10-04 21:11:15.044010468 -0400
+++ sasldb/db_berkeley.c 2010-10-04 21:12:18.921998718 -0400
@@ -100,7 +100,7 @@
ret = db_create(mbdb, NULL, 0);
if (ret == 0 && *mbdb != NULL)
{
-#if DB_VERSION_MAJOR == 4 && DB_VERSION_MINOR >= 1
+#if (DB_VERSION_MAJOR == 4 && DB_VERSION_MINOR >= 1) || DB_VERSION_MAJOR >= 5
ret = (*mbdb)->open(*mbdb, NULL, path, NULL, DB_HASH, flags, 0660);
#else
ret = (*mbdb)->open(*mbdb, path, NULL, DB_HASH, flags, 0660);
--- utils/dbconverter-2.c.orig 2010-10-04 21:23:39.778000256 -0400
+++ utils/dbconverter-2.c 2010-10-04 21:24:50.384999893 -0400
@@ -214,7 +214,7 @@
ret = db_create(mbdb, NULL, 0);
if (ret == 0 && *mbdb != NULL)
{
-#if DB_VERSION_MAJOR == 4 && DB_VERSION_MINOR >= 1
+#if (DB_VERSION_MAJOR == 4 && DB_VERSION_MINOR >= 1) || DB_VERSION_MAJOR >= 5
ret = (*mbdb)->open(*mbdb, NULL, path, NULL, DB_HASH, DB_CREATE, 0664);
#else
ret = (*mbdb)->open(*mbdb, path, NULL, DB_HASH, DB_CREATE, 0664);

104
sdk_container/src/third_party/coreos-overlay/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.23-CVE-2013-4122.patch vendored Normal file
View File

@ -0,0 +1,104 @@
From 0626e86d2e1d0be63a56918371a15d98cfad19d1 Mon Sep 17 00:00:00 2001
From: mancha <mancha1@hush.com>
Date: Tue, 9 Jul 2013
Subject: Handle NULL returns from glibc 2.17+ crypt().
Starting with glibc 2.17 (eglibc 2.17), crypt() fails with EINVAL
(w/ NULL return) if the salt violates specifications. Additionally,
on FIPS-140 enabled Linux systems, DES/MD5-encrypted passwords
passed to crypt() fail with EPERM (w/ NULL return).
When using glibc's crypt(), check return value to avoid a possible
NULL pointer dereference.
---
pwcheck/pwcheck_getpwnam.c | 3 ++-
pwcheck/pwcheck_getspnam.c | 3 ++-
saslauthd/auth_getpwent.c | 3 ++-
saslauthd/auth_shadow.c | 7 ++-----
4 files changed, 8 insertions(+), 8 deletions(-)
--- a/pwcheck/pwcheck_getpwnam.c
+++ b/pwcheck/pwcheck_getpwnam.c
@@ -32,6 +32,7 @@ extern char *crypt();
char *password;
{
char* r;
+ char* crpt_passwd;
struct passwd *pwd;
pwd = getpwnam(userid);
@@ -41,7 +42,7 @@ char *password;
else if (pwd->pw_passwd[0] == '*') {
r = "Account disabled";
}
- else if (strcmp(pwd->pw_passwd, crypt(password, pwd->pw_passwd)) != 0) {
+ else if (!(crpt_passwd = crypt(password, pwd->pw_passwd)) || strcmp(pwd->pw_passwd, (const char *)crpt_passwd) != 0) {
r = "Incorrect password";
}
else {
--- a/saslauthd/auth_getpwent.c
+++ b/saslauthd/auth_getpwent.c
@@ -70,6 +70,7 @@ auth_getpwent (
{
/* VARIABLES */
struct passwd *pw; /* pointer to passwd file entry */
+ char *crpt_passwd; /* encrypted password */
/* END VARIABLES */
pw = getpwnam(login);
@@ -79,7 +80,7 @@ auth_getpwent (
RETURN("NO");
}
- if (strcmp(pw->pw_passwd, (const char *)crypt(password, pw->pw_passwd))) {
+ if (!(crpt_passwd = crypt(password, pw->pw_passwd)) || strcmp(pw->pw_passwd, (const char *)crpt_passwd)) {
RETURN("NO");
}
--- a/saslauthd/auth_shadow.c
+++ b/saslauthd/auth_shadow.c
@@ -180,16 +180,13 @@ auth_shadow (
* not returning any information about a login until we have validated
* the password.
*/
- cpw = strdup((const char *)crypt(password, sp->sp_pwdp));
- if (strcmp(sp->sp_pwdp, cpw)) {
+ if (!(cpw = crypt(password, sp->sp_pwdp)) || strcmp(sp->sp_pwdp, (const char *)cpw)) {
if (flags & VERBOSE) {
syslog(LOG_DEBUG, "DEBUG: auth_shadow: pw mismatch: '%s' != '%s'",
sp->sp_pwdp, cpw);
}
- free(cpw);
RETURN("NO");
}
- free(cpw);
/*
* The following fields will be set to -1 if:
@@ -251,7 +250,7 @@ auth_shadow (
RETURN("NO");
}
- if (strcmp(upw->upw_passwd, crypt(password, upw->upw_passwd)) != 0) {
+ if (!(cpw = crypt(password, upw->upw_passwd)) || (strcmp(upw->upw_passwd, (const char *)cpw) != 0)) {
if (flags & VERBOSE) {
syslog(LOG_DEBUG, "auth_shadow: pw mismatch: %s != %s",
password, upw->upw_passwd);
--- a/pwcheck/pwcheck_getspnam.c 2013-07-14 08:05:00.000000000 +0000
+++ b/pwcheck/pwcheck_getspnam.c 2013-07-14 08:06:10.958815179 +0000
@@ -32,13 +33,14 @@
char *password;
{
struct spwd *pwd;
+ char *crpt_passwd;
pwd = getspnam(userid);
if (!pwd) {
return "Userid not found";
}
- if (strcmp(pwd->sp_pwdp, crypt(password, pwd->sp_pwdp)) != 0) {
+ if (!(crpt_passwd = crypt(password, pwd->sp_pwdp)) || strcmp(pwd->sp_pwdp, (const char *)crpt_passwd) != 0) {
return "Incorrect password";
}
else {

28
sdk_container/src/third_party/coreos-overlay/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.23-authd-fix.patch vendored Normal file
View File

@ -0,0 +1,28 @@
fix warnings:
auth_sasldb.c: In function auth_sasldb:
auth_sasldb.c:144: warning: implicit declaration of function gethostname
auth_sasldb.c:153: warning: passing argument 8 of _sasldb_getdata from incompatible pointer type
../sasldb/sasldb.h:60: note: expected size_t * but argument is of type int *
--- saslauthd/auth_sasldb.c
+++ saslauthd/auth_sasldb.c
@@ -41,6 +41,7 @@
#include <string.h>
#include <stdlib.h>
#include <pwd.h>
+#include <unistd.h>
/* END PUBLIC DEPENDENCIES */
#define RETURN(x) return strdup(x)
@@ -131,7 +132,8 @@
/* VARIABLES */
char pw[1024]; /* pointer to passwd file entry */
sasl_utils_t utils;
- int ret, outsize;
+ int ret;
+ size_t outsize;
const char *use_realm;
char realm_buf[MAXHOSTNAMELEN];
/* END VARIABLES */

16
sdk_container/src/third_party/coreos-overlay/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.23-gss_c_nt_hostbased_service.patch vendored Normal file
View File

@ -0,0 +1,16 @@
Gentoo bug #389349
--- cmulocal/sasl2.m4 2009-04-28 17:09:13.000000000 +0200
+++ cmulocal/sasl2.m4 2011-11-02 17:55:24.000000000 +0100
@@ -217,7 +217,11 @@
[AC_WARN([Cybersafe define not found])])
elif test "$ac_cv_header_gssapi_h" = "yes"; then
- AC_EGREP_HEADER(GSS_C_NT_HOSTBASED_SERVICE, gssapi.h,
+ AC_EGREP_CPP(hostbased_service_gss_nt_yes, gssapi.h,
+ [#include <gssapi.h>
+ #ifdef GSS_C_NT_HOSTBASED_SERVICE
+ hostbased_service_gss_nt_yes
+ #endif],
[AC_DEFINE(HAVE_GSS_C_NT_HOSTBASED_SERVICE,,
[Define if your GSSAPI implimentation defines GSS_C_NT_HOSTBASED_SERVICE])])
elif test "$ac_cv_header_gssapi_gssapi_h"; then

28
sdk_container/src/third_party/coreos-overlay/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.23-rimap-loop.patch vendored Normal file
View File

@ -0,0 +1,28 @@
--- a/saslauthd/auth_rimap.c 2011-09-01 14:19:54.754622284 +0100
+++ b/saslauthd/auth_rimap.c 2011-09-01 14:19:59.410561033 +0100
@@ -162,6 +162,7 @@
num_quotes = 0;
p1 = s;
while ((p1 = strchr(p1, '"')) != NULL) {
+ p1++;
num_quotes++;
}
@@ -438,7 +439,7 @@
syslog(LOG_WARNING, "auth_rimap: writev: %m");
memset(qlogin, 0, strlen(qlogin));
free(qlogin);
- memset(qpass, 0, strlen(qlogin));
+ memset(qpass, 0, strlen(qpass));
free(qpass);
(void)close(s);
return strdup(RESP_IERROR);
@@ -447,7 +448,7 @@
/* don't need these any longer */
memset(qlogin, 0, strlen(qlogin));
free(qlogin);
- memset(qpass, 0, strlen(qlogin));
+ memset(qpass, 0, strlen(qpass));
free(qpass);
/* read and parse the LOGIN response */

27
sdk_container/src/third_party/coreos-overlay/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.25-as_needed.patch vendored Normal file
View File

@ -0,0 +1,27 @@
Author: Matthias Klose <doko@ubuntu.com>
Desription: Fix FTBFS, add $(SASL_DB_LIB) as dependency to libsasldb, and use
it.
--- a/saslauthd/Makefile.am
+++ b/saslauthd/Makefile.am
@@ -16,7 +16,7 @@ EXTRA_saslauthd_sources = getaddrinfo.c
saslauthd_DEPENDENCIES = saslauthd-main.o @LTLIBOBJS@
saslauthd_LDADD = @SASL_KRB_LIB@ \
@GSSAPIBASE_LIBS@ @GSSAPI_LIBS@ @LIB_CRYPT@ @LIB_SIA@ \
- @LIB_SOCKET@ @SASL_DB_LIB@ @LIB_PAM@ @LDAP_LIBS@ @LTLIBOBJS@
+ @LIB_SOCKET@ ../sasldb/libsasldb.la @LIB_PAM@ @LDAP_LIBS@ @LTLIBOBJS@
testsaslauthd_SOURCES = testsaslauthd.c utils.c
testsaslauthd_LDADD = @LIB_SOCKET@
--- a/sasldb/Makefile.am
+++ b/sasldb/Makefile.am
@@ -55,8 +55,8 @@ noinst_LIBRARIES = libsasldb.a
libsasldb_la_SOURCES = allockey.c sasldb.h
EXTRA_libsasldb_la_SOURCES = $(extra_common_sources)
-libsasldb_la_DEPENDENCIES = $(SASL_DB_BACKEND)
-libsasldb_la_LIBADD = $(SASL_DB_BACKEND)
+libsasldb_la_DEPENDENCIES = $(SASL_DB_BACKEND) $(SASL_DB_LIB)
+libsasldb_la_LIBADD = $(SASL_DB_BACKEND) $(SASL_DB_LIB)
# Prevent make dist stupidity
libsasldb_a_SOURCES =

114
sdk_container/src/third_party/coreos-overlay/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.25-autotools_fixes.patch vendored Normal file
View File

@ -0,0 +1,114 @@
--- a/configure.in
+++ b/configure.in
@@ -44,6 +44,8 @@ dnl
AC_INIT(lib/saslint.h)
AC_PREREQ([2.54])
+AC_CONFIG_MACRO_DIR([cmulocal] [config])
+
dnl use ./config.cache as the default cache file.
dnl we require a cache file to successfully configure our build.
if test $cache_file = "/dev/null"; then
--- a/Makefile.am
+++ b/Makefile.am
@@ -43,6 +43,8 @@ AUTOMAKE_OPTIONS = 1.7
#
################################################################
+ACLOCAL_AMFLAGS = -I cmulocal -I config
+
if SASLAUTHD
SAD = saslauthd
else
--- a/saslauthd/configure.in
+++ b/saslauthd/configure.in
@@ -1,7 +1,8 @@
AC_INIT(mechanisms.h)
AC_PREREQ([2.54])
-AC_CONFIG_AUX_DIR(config)
+AC_CONFIG_MACRO_DIR([../cmulocal] [../config])
+AC_CONFIG_AUX_DIR([config])
AC_CANONICAL_HOST
dnl Should we enable SASLAUTHd at all?
@@ -164,30 +165,30 @@ AC_SUBST(LTLIBOBJS)
dnl Checks for which function macros exist
AC_MSG_CHECKING(whether $CC implements __func__)
-AC_CACHE_VAL(have_func,
+AC_CACHE_VAL(_cv_have_func,
[AC_TRY_LINK([#include <stdio.h>],[printf("%s", __func__);],
-have_func=yes,
-have_func=no)])
-AC_MSG_RESULT($have_func)
-if test "$have_func" = yes; then
+_cv_have_func=yes,
+_cv_have_func=no)])
+AC_MSG_RESULT($_cv_have_func)
+if test "$_cv_have_func" = yes; then
AC_DEFINE(HAVE_FUNC,[],[Does the compiler understand __func__])
else
AC_MSG_CHECKING(whether $CC implements __PRETTY_FUNCTION__)
- AC_CACHE_VAL(have_pretty_function,
+ AC_CACHE_VAL(_cv_have_pretty_function,
[AC_TRY_LINK([#include <stdio.h>],[printf("%s", __PRETTY_FUNCTION__);],
- have_pretty_function=yes,
- have_pretty_function=no)])
- AC_MSG_RESULT($have_pretty_function)
- if test "$have_pretty_function" = yes; then
+ _cv_have_pretty_function=yes,
+ _cv_have_pretty_function=no)])
+ AC_MSG_RESULT($_cv_have_pretty_function)
+ if test "$_cv_have_pretty_function" = yes; then
AC_DEFINE(HAVE_PRETTY_FUNCTION,[],[Does compiler understand __PRETTY_FUNCTION__])
else
AC_MSG_CHECKING(whether $CC implements __FUNCTION__)
- AC_CACHE_VAL(have_function,
+ AC_CACHE_VAL(_cv_have_function,
[AC_TRY_LINK([#include <stdio.h>],[printf("%s", __FUNCTION__);],
- have_function=yes,
- have_function=no)])
- AC_MSG_RESULT($have_function)
- if test "$have_function" = yes; then
+ _cv_have_function=yes,
+ _cv_have_function=no)])
+ AC_MSG_RESULT($_cv_have_function)
+ if test "$_cv_have_function" = yes; then
AC_DEFINE(HAVE_FUNCTION,[],[Does compiler understand __FUNCTION__])
fi
fi
--- a/saslauthd/Makefile.am
+++ b/saslauthd/Makefile.am
@@ -1,4 +1,6 @@
AUTOMAKE_OPTIONS = 1.7
+ACLOCAL_AMFLAGS = -I ../cmulocal -I ../config
+
sbin_PROGRAMS = saslauthd testsaslauthd
EXTRA_PROGRAMS = saslcache
--- a/config/kerberos_v4.m4
+++ b/config/kerberos_v4.m4
@@ -89,18 +89,18 @@ AC_DEFUN([SASL_KERBEROS_V4_CHK], [
dnl if we were ambitious, we would look more aggressively for the
dnl krb4 install
if test -d ${krb4}; then
- AC_CACHE_CHECK(for Kerberos includes, cyrus_krbinclude, [
+ AC_CACHE_CHECK(for Kerberos includes, cyrus_cv_krbinclude, [
for krbhloc in include/kerberosIV include/kerberos include
do
if test -f ${krb4}/${krbhloc}/krb.h ; then
- cyrus_krbinclude=${krb4}/${krbhloc}
+ cyrus_cv_krbinclude=${krb4}/${krbhloc}
break
fi
done
])
- if test -n "${cyrus_krbinclude}"; then
- CPPFLAGS="$CPPFLAGS -I${cyrus_krbinclude}"
+ if test -n "${cyrus_cv_krbinclude}"; then
+ CPPFLAGS="$CPPFLAGS -I${cyrus_cv_krbinclude}"
fi
LDFLAGS="$LDFLAGS -L$krb4/lib"
fi

16
sdk_container/src/third_party/coreos-overlay/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.25-auxprop.patch vendored Normal file
View File

@ -0,0 +1,16 @@
https://bugzilla.cyrusimap.org/show_bug.cgi?id=3590
https://bugs.gentoo.org/show_bug.cgi?id=392761
--- cyrus-sasl-2.1.25/lib/auxprop.c~ 2011-10-20 17:33:46.423015318 +0200
+++ cyrus-sasl-2.1.25/lib/auxprop.c 2011-10-20 17:48:49.336348654 +0200
@@ -971,6 +971,10 @@
}
if(!found) {
+ /* compatibility with <= 2.1.23, ignore the lack of auxrop plugin */
+ if (!plist)
+ result = SASL_OK;
+ else
_sasl_log(sparams->utils->conn, SASL_LOG_DEBUG,
"could not find auxprop plugin, was searching for '%s'",
plist ? plist : "[all]");

27
sdk_container/src/third_party/coreos-overlay/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.25-avoid_pic_overwrite.patch vendored Normal file
View File

@ -0,0 +1,27 @@
Author: Fabian Fagerholm <fabbe@debian.org>
Description: This patch makes sure the non-PIC version of libsasldb.a, which
is created out of non-PIC objects, is not going to overwrite the PIC version,
which is created out of PIC objects. The PIC version is placed in .libs, and
the non-PIC version in the current directory. This ensures that both non-PIC
and PIC versions are available in the correct locations.
--- a/lib/Makefile.am
+++ b/lib/Makefile.am
@@ -78,7 +78,7 @@ endif
libsasl2.a: libsasl2.la $(SASL_STATIC_OBJS)
@echo adding static plugins and dependencies
- $(AR) cru .libs/$@ $(SASL_STATIC_OBJS)
+ $(AR) cru $@ $(SASL_STATIC_OBJS)
@for i in ./libsasl2.la ../sasldb/libsasldb.la ../plugins/lib*.la; do \
if test ! -f $$i; then continue; fi; . $$i; \
for j in $$dependency_libs foo; do \
--- a/sasldb/Makefile.am
+++ b/sasldb/Makefile.am
@@ -63,6 +63,6 @@ libsasldb_a_SOURCES =
EXTRA_libsasldb_a_SOURCES =
libsasldb.a: libsasldb.la $(SASL_DB_BACKEND_STATIC)
- $(AR) cru .libs/$@ $(SASL_DB_BACKEND_STATIC)
+ $(AR) cru $@ $(SASL_DB_BACKEND_STATIC)

27
sdk_container/src/third_party/coreos-overlay/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.25-fix_heimdal.patch vendored Normal file
View File

@ -0,0 +1,27 @@
Fix compiling against heimdal
--- sample/server.c 2010-12-01 14:52:55.000000000 +0000
+++ sample/server.c 2011-11-30 14:54:42.000000000 +0000
@@ -85,8 +85,10 @@
#ifdef HAVE_GSS_GET_NAME_ATTRIBUTE
#include <gssapi/gssapi.h>
+#ifndef KRB5_HEIMDAL
#include <gssapi/gssapi_ext.h>
#endif
+#endif
#include "common.h"
--- plugins/gssapi.c 2011-05-11 19:25:55.000000000 +0000
+++ plugins/gssapi.c 2011-11-30 14:54:33.000000000 +0000
@@ -50,6 +50,9 @@
#else
#include <gssapi/gssapi.h>
#endif
+#ifdef KRB5_HEIMDAL
+#include <gssapi/gssapi_krb5.h>
+#endif
#ifdef WIN32
# include <winsock2.h>

10
sdk_container/src/third_party/coreos-overlay/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.25-missing_header.patch vendored Normal file
View File

@ -0,0 +1,10 @@
--- pwcheck/pwcheck_getspnam.c 1999-08-26 19:22:44.000000000 +0300
+++ pwcheck/pwcheck_getspnam.c 2011-11-30 13:22:24.601023316 +0200
@@ -24,6 +24,7 @@
******************************************************************/
#include <shadow.h>
+#include <string.h>
extern char *crypt();

12
sdk_container/src/third_party/coreos-overlay/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.25-saslauthd_libtool.patch vendored Normal file
View File

@ -0,0 +1,12 @@
Author: Fabian Fagerholm <fabbe@debian.org>
Description: Enable libtool use.
--- a/saslauthd/configure.in
+++ b/saslauthd/configure.in
@@ -25,6 +25,7 @@ AC_PROG_AWK
AC_PROG_MAKE_SET
AC_PROG_LN_S
AC_PROG_INSTALL
+AC_PROG_LIBTOOL
dnl Checks for build foo
CMU_C___ATTRIBUTE__

14
sdk_container/src/third_party/coreos-overlay/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.25-sasldb_al.patch vendored Normal file
View File

@ -0,0 +1,14 @@
Author: Fabian Fagerholm <fabbe@debian.org>
Description: Fix linking with libsasldb.a when saslauthd is built with sasldb
support.
--- a/saslauthd/configure.in
+++ b/saslauthd/configure.in
@@ -77,7 +77,7 @@ if test "$authsasldb" != no; then
AC_DEFINE(AUTH_SASLDB,[],[Include SASLdb Support])
SASL_DB_PATH_CHECK()
SASL_DB_CHECK()
- SASL_DB_LIB="$SASL_DB_LIB ../sasldb/.libs/libsasldb.al"
+ SASL_DB_LIB="$SASL_DB_LIB ../sasldb/.libs/libsasldb.a"
fi
AC_ARG_ENABLE(httpform, [ --enable-httpform enable HTTP form authentication [[no]] ],

27
sdk_container/src/third_party/coreos-overlay/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.25-service_keytabs.patch vendored Normal file
View File

@ -0,0 +1,27 @@
Bug #445932
--- cmulocal/sasl2.m4 2011-09-02 12:58:00.000000000 +0000
+++ cmulocal/sasl2.m4 2012-12-05 08:37:16.425811319 +0000
@@ -268,7 +268,11 @@
cmu_save_LIBS="$LIBS"
LIBS="$LIBS $GSSAPIBASE_LIBS"
- AC_CHECK_FUNCS(gsskrb5_register_acceptor_identity)
+ AC_CHECK_FUNCS([gsskrb5_register_acceptor_identity], [],
+ [AC_CHECK_FUNCS([krb5_gss_register_acceptor_identity],
+ [AC_CHECK_HEADERS([gssapi/gssapi_krb5.h],
+ [AC_DEFINE([HAVE_GSSKRB5_REGISTER_ACCEPTOR_IDENTITY], [1])]
+ )])])
AC_CHECK_FUNCS(gss_decapsulate_token)
AC_CHECK_FUNCS(gss_encapsulate_token)
AC_CHECK_FUNCS(gss_oid_equal)
--- plugins/gssapi.c 2012-12-05 09:03:31.000220161 +0000
+++ plugins/gssapi.c 2012-12-05 09:01:55.043380204 +0000
@@ -50,7 +50,7 @@
#else
#include <gssapi/gssapi.h>
#endif
-#ifdef KRB5_HEIMDAL
+#if defined (KRB5_HEIMDAL) || defined (HAVE_GSSAPI_GSSAPI_KRB5_H)
#include <gssapi/gssapi_krb5.h>
#endif

116
sdk_container/src/third_party/coreos-overlay/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.26-CVE-2013-4122.patch vendored Normal file
View File

@ -0,0 +1,116 @@
From dedad73e5e7a75d01a5f3d5a6702ab8ccd2ff40d Mon Sep 17 00:00:00 2001
From: mancha <mancha1@hush.com>
Date: Thu, 11 Jul 2013 09:08:07 +0000
Subject: Handle NULL returns from glibc 2.17+ crypt()
Starting with glibc 2.17 (eglibc 2.17), crypt() fails with EINVAL
(w/ NULL return) if the salt violates specifications. Additionally,
on FIPS-140 enabled Linux systems, DES/MD5-encrypted passwords
passed to crypt() fail with EPERM (w/ NULL return).
When using glibc's crypt(), check return value to avoid a possible
NULL pointer dereference.
Patch by mancha1@hush.com.
---
diff --git a/pwcheck/pwcheck_getpwnam.c b/pwcheck/pwcheck_getpwnam.c
index 4b34222..400289c 100644
--- a/pwcheck/pwcheck_getpwnam.c
+++ b/pwcheck/pwcheck_getpwnam.c
@@ -32,6 +32,7 @@ char *userid;
char *password;
{
char* r;
+ char* crpt_passwd;
struct passwd *pwd;
pwd = getpwnam(userid);
@@ -41,7 +42,7 @@ char *password;
else if (pwd->pw_passwd[0] == '*') {
r = "Account disabled";
}
- else if (strcmp(pwd->pw_passwd, crypt(password, pwd->pw_passwd)) != 0) {
+ else if (!(crpt_passwd = crypt(password, pwd->pw_passwd)) || strcmp(pwd->pw_passwd, (const char *)crpt_passwd) != 0) {
r = "Incorrect password";
}
else {
diff --git a/pwcheck/pwcheck_getspnam.c b/pwcheck/pwcheck_getspnam.c
index 2b11286..6d607bb 100644
--- a/pwcheck/pwcheck_getspnam.c
+++ b/pwcheck/pwcheck_getspnam.c
@@ -32,13 +32,15 @@ char *userid;
char *password;
{
struct spwd *pwd;
+ char *crpt_passwd;
pwd = getspnam(userid);
if (!pwd) {
return "Userid not found";
}
- if (strcmp(pwd->sp_pwdp, crypt(password, pwd->sp_pwdp)) != 0) {
+ crpt_passwd = crypt(password, pwd->sp_pwdp);
+ if (!crpt_passwd || strcmp(pwd->sp_pwdp, (const char *)crpt_passwd) != 0) {
return "Incorrect password";
}
else {
diff --git a/saslauthd/auth_getpwent.c b/saslauthd/auth_getpwent.c
index fc8029d..d4ebe54 100644
--- a/saslauthd/auth_getpwent.c
+++ b/saslauthd/auth_getpwent.c
@@ -77,6 +77,7 @@ auth_getpwent (
{
/* VARIABLES */
struct passwd *pw; /* pointer to passwd file entry */
+ char *crpt_passwd; /* encrypted password */
int errnum;
/* END VARIABLES */
@@ -105,7 +106,8 @@ auth_getpwent (
}
}
- if (strcmp(pw->pw_passwd, (const char *)crypt(password, pw->pw_passwd))) {
+ crpt_passwd = crypt(password, pw->pw_passwd);
+ if (!crpt_passwd || strcmp(pw->pw_passwd, (const char *)crpt_passwd)) {
if (flags & VERBOSE) {
syslog(LOG_DEBUG, "DEBUG: auth_getpwent: %s: invalid password", login);
}
diff --git a/saslauthd/auth_shadow.c b/saslauthd/auth_shadow.c
index 677131b..1988afd 100644
--- a/saslauthd/auth_shadow.c
+++ b/saslauthd/auth_shadow.c
@@ -210,8 +210,8 @@ auth_shadow (
RETURN("NO Insufficient permission to access NIS authentication database (saslauthd)");
}
- cpw = strdup((const char *)crypt(password, sp->sp_pwdp));
- if (strcmp(sp->sp_pwdp, cpw)) {
+ cpw = crypt(password, sp->sp_pwdp);
+ if (!cpw || strcmp(sp->sp_pwdp, (const char *)cpw)) {
if (flags & VERBOSE) {
/*
* This _should_ reveal the SHADOW_PW_LOCKED prefix to an
@@ -221,10 +221,8 @@ auth_shadow (
syslog(LOG_DEBUG, "DEBUG: auth_shadow: pw mismatch: '%s' != '%s'",
sp->sp_pwdp, cpw);
}
- free(cpw);
RETURN("NO Incorrect password");
}
- free(cpw);
/*
* The following fields will be set to -1 if:
@@ -286,7 +284,7 @@ auth_shadow (
RETURN("NO Invalid username");
}
- if (strcmp(upw->upw_passwd, crypt(password, upw->upw_passwd)) != 0) {
+ if (!(cpw = crypt(password, upw->upw_passwd)) || (strcmp(upw->upw_passwd, (const char *)cpw) != 0)) {
if (flags & VERBOSE) {
syslog(LOG_DEBUG, "auth_shadow: pw mismatch: %s != %s",
password, upw->upw_passwd);
--
cgit v0.9.0.2

10
sdk_container/src/third_party/coreos-overlay/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.26-canonuser-ldapdb-garbage-in-out-buffer.patch vendored Normal file
View File

@ -0,0 +1,10 @@
--- cyrus-sasl2.orig/plugins/ldapdb.c
+++ cyrus-sasl2/plugins/ldapdb.c
@@ -406,6 +406,7 @@ ldapdb_canon_server(void *glob_context,
if ( len > out_max )
len = out_max;
memcpy(out, bvals[0]->bv_val, len);
+ out[len] = '\0';
*out_ulen = len;
ber_bvecfree(bvals);
}

90
sdk_container/src/third_party/coreos-overlay/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.26-fix_dovecot_authentication.patch vendored Normal file
View File

@ -0,0 +1,90 @@
Bug #510320
--- saslauthd/auth_rimap.c 2012-10-12 14:05:48.000000000 +0000
+++ saslauthd/auth_rimap.c 2014-05-15 05:23:02.000000000 +0000
@@ -371,7 +371,7 @@
if ( rc>0 ) {
/* check if there is more to read */
fd_set perm;
- int fds, ret;
+ int fds, ret, loopc;
struct timeval timeout;
FD_ZERO(&perm);
@@ -380,6 +380,7 @@
timeout.tv_sec = 1;
timeout.tv_usec = 0;
+ loopc = 0;
while( select (fds, &perm, NULL, NULL, &timeout ) >0 ) {
if ( FD_ISSET(s, &perm) ) {
ret = read(s, rbuf+rc, sizeof(rbuf)-rc);
@@ -387,6 +388,14 @@
rc = ret;
break;
} else {
+ if (ret == 0) {
+ loopc += 1;
+ } else {
+ loopc = 0;
+ }
+ if (loopc > sizeof(rbuf)) { // arbitrary chosen value
+ break;
+ }
rc += ret;
}
}
@@ -484,7 +493,7 @@
if ( rc>0 ) {
/* check if there is more to read */
fd_set perm;
- int fds, ret;
+ int fds, ret, loopc;
struct timeval timeout;
FD_ZERO(&perm);
@@ -493,6 +502,7 @@
timeout.tv_sec = 1;
timeout.tv_usec = 0;
+ loopc = 0;
while( select (fds, &perm, NULL, NULL, &timeout ) >0 ) {
if ( FD_ISSET(s, &perm) ) {
ret = read(s, rbuf+rc, sizeof(rbuf)-rc);
@@ -500,6 +510,14 @@
rc = ret;
break;
} else {
+ if (ret == 0) {
+ loopc += 1;
+ } else {
+ loopc = 0;
+ }
+ if (loopc > sizeof(rbuf)) { // arbitrary chosen value
+ break;
+ }
rc += ret;
}
}
--- lib/checkpw.c 2012-01-27 23:31:36.000000000 +0000
+++ lib/checkpw.c 2014-05-15 05:19:35.000000000 +0000
@@ -587,16 +587,14 @@
/* Timeout. */
errno = ETIMEDOUT;
return -1;
- case +1:
- if (FD_ISSET(fd, &rfds)) {
- /* Success, file descriptor is readable. */
- return 0;
- }
- return -1;
case -1:
if (errno == EINTR || errno == EAGAIN)
continue;
default:
+ if (FD_ISSET(fd, &rfds)) {
+ /* Success, file descriptor is readable. */
+ return 0;
+ }
/* Error catch-all. */
return -1;
}

13
sdk_container/src/third_party/coreos-overlay/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.26-missing-size_t.patch vendored Normal file
View File

@ -0,0 +1,13 @@
Gentoo bug #458790
--- include/sasl.h 2012-10-12 17:05:48.000000000 +0300
+++ include/sasl.h 2013-02-23 16:56:44.648786268 +0200
@@ -121,6 +121,9 @@
#ifndef SASL_H
#define SASL_H 1
+/* stddef.h to get size_t defined */
+#include <stddef.h>
+
/* Keep in sync with win32/common.mak */
#define SASL_VERSION_MAJOR 2
#define SASL_VERSION_MINOR 1

48
sdk_container/src/third_party/coreos-overlay/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.26-send-imap-logout.patch vendored Normal file
View File

@ -0,0 +1,48 @@
--- cyrus-sasl2.orig/saslauthd/auth_rimap.c
+++ cyrus-sasl2/saslauthd/auth_rimap.c
@@ -90,6 +90,7 @@ static struct addrinfo *ai = NULL; /* re
service we connect to. */
#define TAG "saslauthd" /* IMAP command tag */
#define LOGIN_CMD (TAG " LOGIN ") /* IMAP login command (with tag) */
+#define LOGOUT_CMD (TAG " LOGOUT ") /* IMAP logout command (with tag)*/
#define NETWORK_IO_TIMEOUT 30 /* network I/O timeout (seconds) */
#define RESP_LEN 1000 /* size of read response buffer */
@@ -307,10 +308,12 @@ auth_rimap (
int s=-1; /* socket to remote auth host */
struct addrinfo *r; /* remote socket address info */
struct iovec iov[5]; /* for sending LOGIN command */
+ struct iovec iov2[2]; /* for sending LOGOUT command */
char *qlogin; /* pointer to "quoted" login */
char *qpass; /* pointer to "quoted" password */
char *c; /* scratch pointer */
int rc; /* return code scratch area */
+ int rcl; /* return code scratch area */
char rbuf[RESP_LEN]; /* response read buffer */
char hbuf[NI_MAXHOST], pbuf[NI_MAXSERV];
int saved_errno;
@@ -505,6 +508,24 @@ auth_rimap (
}
}
}
+
+ /* close remote imap */
+ iov2[0].iov_base = LOGOUT_CMD;
+ iov2[0].iov_len = sizeof(LOGOUT_CMD) - 1;
+ iov2[1].iov_base = "\r\n";
+ iov2[1].iov_len = sizeof("\r\n") - 1;
+
+ if (flags & VERBOSE) {
+ syslog(LOG_DEBUG, "auth_rimap: sending %s%s %s",
+ LOGOUT_CMD, qlogin, qpass);
+ }
+ alarm(NETWORK_IO_TIMEOUT);
+ rcl = retry_writev(s, iov2, 2);
+ alarm(0);
+ if (rcl == -1) {
+ syslog(LOG_WARNING, "auth_rimap: writev logout: %m");
+ }
+
(void) close(s); /* we're done with the remote */
if (rc == -1) {
syslog(LOG_WARNING, "auth_rimap: read (response): %m");

1
sdk_container/src/third_party/coreos-overlay/dev-libs/cyrus-sasl/files/cyrus-sasl.conf vendored Normal file
View File

@ -0,0 +1 @@
d /run/saslauthd 0755 root root -

39
sdk_container/src/third_party/coreos-overlay/dev-libs/cyrus-sasl/files/java.README.gentoo vendored Normal file
View File

@ -0,0 +1,39 @@
4-Nov-2000
Note: this file has been modified to adapt to Gentoo specific.
class files are installed in
`java-config -p cyrus-sasl-2`
to compile programs using it, do:
javac -classpath $JAVA_HOME/lib/tools.jar:`java-config -p cyrus-sasl-2` <file>.java
(make sure to substitute your JDK for $JAVA_HOME/lib/tools.jar)
to run, do
java -classpath <same path as above> <YourProgram>
----------------------------
This is a java version of the SASL libraries. It supports all the
mechanisms in the C version and conforms to the internet draft in the
doc/ directory. JNI is used.
Sample applications exist in the Test/ directory.
They generally can be run with something like:
java -debug -classpath
../:$JAVA_HOME/lib/tools.jar:`java-config -p cyrus-sasl-2`:. jimtest -p 2143 -m
KERBEROS_V4 cyrus-dev
and
java -debug -classpath
../:$JAVA_HOME/lib/tools.jar:`java-config -p cyrus-sasl-2`:. testserver
Any feedback is welcome.

21
sdk_container/src/third_party/coreos-overlay/dev-libs/cyrus-sasl/files/pwcheck.rc6 vendored Normal file
View File

@ -0,0 +1,21 @@
#!/sbin/runscript
# Copyright 1999-2011 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
# $Id$
depend() {
need localmount
use logger
}
start() {
ebegin "Starting sasl pwcheck daemon"
start-stop-daemon --start --quiet --exec /usr/sbin/pwcheck
eend $?
}
stop() {
ebegin "Stopping sasl pwcheck daemon"
start-stop-daemon --stop --quiet --exec /usr/sbin/pwcheck
eend $?
}

9
sdk_container/src/third_party/coreos-overlay/dev-libs/cyrus-sasl/files/pwcheck.service vendored Normal file
View File

@ -0,0 +1,9 @@
[Unit]
Description=SASL pwcheck daemon
[Service]
Type=forking
ExecStart=/usr/sbin/pwcheck
[Install]
WantedBy=multi-user.target

25
sdk_container/src/third_party/coreos-overlay/dev-libs/cyrus-sasl/files/saslauthd-2.1.21.conf vendored Normal file
View File

@ -0,0 +1,25 @@
# $Id$
# Config file for /etc/init.d/saslauthd
# Initial (empty) options.
SASLAUTHD_OPTS=""
# Specify the authentications mechanism.
# **NOTE** For a list see: saslauthd -v
# Since 2.1.19, add "-r" to options for old behavior,
# ie. reassemble user and realm to user@realm form.
#SASLAUTHD_OPTS="${SASLAUTHD_OPTS} -a pam -r"
SASLAUTHD_OPTS="${SASLAUTHD_OPTS} -a pam"
# Specify the hostname for remote IMAP server.
# **NOTE** Only needed if rimap auth mechanism is used.
#SASLAUTHD_OPTS="${SASLAUTHD_OPTS} -O localhost"
# Specify the number of worker processes to create.
#SASLAUTHD_OPTS="${SASLAUTHD_OPTS} -n 5"
# Enable credential cache, set cache size and timeout.
# **NOTE** Size is measured in kilobytes.
# Timeout is measured in seconds.
#SASLAUTHD_OPTS="${SASLAUTHD_OPTS} -c -s 128 -t 30"

21
sdk_container/src/third_party/coreos-overlay/dev-libs/cyrus-sasl/files/saslauthd-2.1.26.conf vendored Normal file
View File

@ -0,0 +1,21 @@
# $Id$
# Config file for /etc/init.d/saslauthd and systemd unit
# PLEASE READ THIS IF YOU ARE USING SYSTEMD
# Please note that systemd does not expand shell variables
# thus, something like FOO="${FOO} bar" won't work.
# Specify the authentications mechanism.
# **NOTE** For a list see: saslauthd -v
# Since 2.1.19, add "-r" to options for old behavior,
# ie. reassemble user and realm to user@realm form.
#
# Specify the hostname for remote IMAP server using:
# "-O localhost".
# Specify the number of worker processes to create using:
# "-n <N>".
# Enable credential cache, set cache size and timeout using:
# "-c -s <cache size, like 128> -t <timeout seconds>".
#
SASLAUTHD_OPTS="-a pam"

8
sdk_container/src/third_party/coreos-overlay/dev-libs/cyrus-sasl/files/saslauthd.pam-include vendored Normal file
View File

@ -0,0 +1,8 @@
#%PAM-1.0
auth required pam_nologin.so
auth include system-auth
account include system-auth
session include system-auth

13
sdk_container/src/third_party/coreos-overlay/dev-libs/cyrus-sasl/files/saslauthd.service vendored Normal file
View File

@ -0,0 +1,13 @@
[Unit]
Description=SASL Authentication Daemon
[Service]
Type=forking
PIDFile=/run/saslauthd/saslauthd.pid
EnvironmentFile=/etc/conf.d/saslauthd
ExecStart=/usr/sbin/saslauthd $SASLAUTHD_OPTS
ExecStop=/bin/kill -15 $MAINPID
PrivateTmp=true
[Install]
WantedBy=multi-user.target

21
sdk_container/src/third_party/coreos-overlay/dev-libs/cyrus-sasl/files/saslauthd2.rc6 vendored Normal file
View File

@ -0,0 +1,21 @@
#!/sbin/runscript
# Copyright 1999-2007 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
# $Id$
depend() {
need net
}
start() {
ebegin "Starting saslauthd"
start-stop-daemon --start --quiet --exec /usr/sbin/saslauthd \
-- ${SASLAUTHD_OPTS}
eend $?
}
stop() {
ebegin "Stopping saslauthd"
start-stop-daemon --stop --quiet --pidfile /var/lib/sasl2/saslauthd.pid
eend $?
}

21
sdk_container/src/third_party/coreos-overlay/dev-libs/cyrus-sasl/files/saslauthd2.rc7 vendored Normal file
View File

@ -0,0 +1,21 @@
#!/sbin/runscript
# Copyright 1999-2013 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
# $Id$
depend() {
need net
}
start() {
ebegin "Starting saslauthd"
start-stop-daemon --start --quiet --exec /usr/sbin/saslauthd \
-- ${SASLAUTHD_OPTS}
eend $?
}
stop() {
ebegin "Stopping saslauthd"
start-stop-daemon --stop --quiet --pidfile /run/saslauthd/saslauthd.pid
eend $?
}

18
sdk_container/src/third_party/coreos-overlay/dev-libs/cyrus-sasl/metadata.xml vendored Normal file
View File

@ -0,0 +1,18 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
<pkgmetadata>
<maintainer type="project">
<email>net-mail@gentoo.org</email>
<name>Net-Mail</name>
</maintainer>
<use>
<flag name="authdaemond">Add Courier-IMAP authdaemond unix socket
support (<pkg>net-mail/courier-imap</pkg>, <pkg>mail-mta/courier</pkg>)
</flag>
<flag name="openldap">Add ldap support for saslauthd</flag>
<flag name="ldapdb">Enable ldapdb plugin</flag>
<flag name="sample">Enable sample client and server</flag>
<flag name="srp">Enable SRP authentication</flag>
<flag name="urandom">Use /dev/urandom instead of /dev/random</flag>
</use>
</pkgmetadata>