diff options
author | Hajimu UMEMOTO <ume@FreeBSD.org> | 2002-08-08 14:04:44 +0000 |
---|---|---|
committer | Hajimu UMEMOTO <ume@FreeBSD.org> | 2002-08-08 14:04:44 +0000 |
commit | eb3a00889985551fb39bd8cfcb577102d275d2eb (patch) | |
tree | c2d22e52abab251c5e815255b63c04a132d79b9b /security/cyrus-sasl2/files | |
parent | 5cc9878475def8bb72a645a8cada7f3ece3d95e0 (diff) | |
download | ports-eb3a00889985551fb39bd8cfcb577102d275d2eb.tar.gz ports-eb3a00889985551fb39bd8cfcb577102d275d2eb.zip |
Add cyrus-sasl-2.1.6 after repo. copy.
Notes
Notes:
svn path=/head/; revision=64222
Diffstat (limited to 'security/cyrus-sasl2/files')
-rw-r--r-- | security/cyrus-sasl2/files/Sendmail.README | 51 | ||||
-rw-r--r-- | security/cyrus-sasl2/files/patch-ab | 92 | ||||
-rw-r--r-- | security/cyrus-sasl2/files/patch-java::CyrusSasl::Makefile.am | 11 | ||||
-rw-r--r-- | security/cyrus-sasl2/files/patch-java::javax::security::auth::callback::Makefile.am | 11 | ||||
-rw-r--r-- | security/cyrus-sasl2/files/patch-lib::checkpw.c | 17 | ||||
-rw-r--r-- | security/cyrus-sasl2/files/patch-plugins::gssapi.c | 15 | ||||
-rw-r--r-- | security/cyrus-sasl2/files/patch-pwcheck::Makefile.am | 17 | ||||
-rw-r--r-- | security/cyrus-sasl2/files/patch-sample::Makefile.am | 12 | ||||
-rw-r--r-- | security/cyrus-sasl2/files/patch-utils::Makefile.am | 16 | ||||
-rw-r--r-- | security/cyrus-sasl2/files/pwcheck.sh | 66 | ||||
-rw-r--r-- | security/cyrus-sasl2/files/pwcheck_pam.c | 101 | ||||
-rw-r--r-- | security/cyrus-sasl2/files/saslauthd.sh | 75 |
12 files changed, 75 insertions, 409 deletions
diff --git a/security/cyrus-sasl2/files/Sendmail.README b/security/cyrus-sasl2/files/Sendmail.README deleted file mode 100644 index c88d2433e92e..000000000000 --- a/security/cyrus-sasl2/files/Sendmail.README +++ /dev/null @@ -1,51 +0,0 @@ -How to enable SMTP AUTH with FreeBSD default Sendmail - -1) Add the following to /etc/make.conf: - - # Add SMTP AUTH support to Sendmail - SENDMAIL_CFLAGS+= -I/usr/local/include/sasl1 -DSASL - SENDMAIL_LDFLAGS+= -L/usr/local/lib - SENDMAIL_LDADD+= -lsasl - - NOTE: Sendmail 8.10 - 8.11 needS -D_FFR_UNSAFE_SASL added - to SENDMAIL_CFLAGS, if you need the GroupReadableSASLFile option - -2) Rebuild FreeBSD (make buildworld, ...) - -3) Create /usr/local/lib/sasl/Sendmail.conf with the following. - - pwcheck_method: pwcheck - -4) Add the following to your sendmail.mc file: - - dnl The group needs to be mail in order to read the sasldb file - define(`confRUN_AS_USER',`root:mail')dnl - - TRUST_AUTH_MECH(`DIGEST-MD5 CRAM-MD5')dnl - define(`confAUTH_MECHANISMS',`DIGEST-MD5 CRAM-MD5')dnl - - dnl Use the following for Sendmail 8.12 - define(`confDONT_BLAME_SENDMAIL',`GroupReadableSASLDBFile')dnl - - dnl Use the following for Sendmail 8.10 - 8.11 - define(`confDONT_BLAME_SENDMAIL',`GroupReadableSASLFile')dnl - - ---- - - Additional AUTH Mechanisms are LOGIN, PLAIN, GSSAPI, and KERBEROS_V4. - These can be added to TRUST_AUTH_MECH and confAUTH_MECHANISMS as a space - seperated list. You may want to restrict LOGIN, and PLAIN authentication - methods for use with STARTTLS, as the password is not encrypted when - passed to sendmail. - - LOGIN is required for Outlook Express users. "My server requires - authentication" needs to be checked in the accounts properties to - use SASL Authentication. - - PLAIN is required for Netscape Communicator users. By default Netscape - Communicator will use SASL Authentication when sendmail is compiled with - SASL. - - The DONT_BLAME_SENDMAIL option GroupReadableSASL[DB]File is needed when you - are using cyrus-imapd and sendmail on the same server that requires access - to the sasldb database. diff --git a/security/cyrus-sasl2/files/patch-ab b/security/cyrus-sasl2/files/patch-ab deleted file mode 100644 index 4b1a2c357e00..000000000000 --- a/security/cyrus-sasl2/files/patch-ab +++ /dev/null @@ -1,92 +0,0 @@ ---- configure.in.orig Wed May 22 20:49:46 2002 -+++ configure.in Thu May 23 16:52:07 2002 -@@ -66,8 +66,12 @@ - dnl check for -R, etc. switch - CMU_GUESS_RUNPATH_SWITCH - dnl let's just link against local. otherwise we never find anything useful. --CPPFLAGS="-I/usr/local/include ${CPPFLAGS}" --CMU_ADD_LIBPATH("/usr/local/lib") -+CPPFLAGS="-I${OPENSSLINC}/openssl ${CPPFLAGS}" -+if test "${OPENSSLINC}" != "/usr/include" ; then -+ CPPFLAGS="-I${OPENSSLINC} ${CPPFLAGS}" -+fi -+CMU_ADD_LIBPATH("${OPENSSLLIB}") -+CMU_ADD_LIBPATH("${LOCALBASE}/lib") - - AM_DISABLE_STATIC - -@@ -122,8 +126,6 @@ - - AC_SUBST(JAVA_INCLUDES) - AC_MSG_RESULT(JAVA_INCLUDES) -- JAVAC=`echo "$JAVAC" | sed 's,.*/,,'` -- JAVAH=`echo "$JAVAH" | sed 's,.*/,,'` - fi - - AM_CONDITIONAL(SAMPLE, test "$enable_sample" = yes) -@@ -149,11 +151,13 @@ - AC_CHECK_HEADER(db.h, - AC_CHECK_LIB(db-3, db_create, SASL_DB_LIB="-ldb-3"; - dblib="berkeley", -+ AC_CHECK_LIB(db3, db_create, SASL_DB_LIB="-ldb3"; -+ dblib="berkeley", - AC_CHECK_LIB(db, db_create, SASL_DB_LIB="-ldb"; - dblib="berkeley", - AC_CHECK_LIB(db, db_open, SASL_DB_LIB="-ldb"; - dblib="berkeley", -- dblib="no"))), -+ dblib="no")))), - dblib="no") - ;; - gdbm) -@@ -175,11 +179,13 @@ - AC_CHECK_HEADER(db.h, - AC_CHECK_LIB(db-3, db_create, SASL_DB_LIB="-ldb-3"; - dblib="berkeley", -+ AC_CHECK_LIB(db3, db_create, SASL_DB_LIB="-ldb3"; -+ dblib="berkeley", - AC_CHECK_LIB(db, db_create, SASL_DB_LIB="-ldb"; - dblib="berkeley", - AC_CHECK_LIB(db, db_open, SASL_DB_LIB="-ldb"; - dblib="berkeley", -- dblib="no"))), -+ dblib="no")))), - dblib="no") - if test "$dblib" = no; then - dnl How about ndbm? -@@ -229,6 +235,13 @@ - berkeley) - SASL_DB_BACKEND="db_${dblib}.lo" - AC_DEFINE(SASL_BERKELEYDB) -+ for db3loc in ${prefix} /usr/local /usr -+ do -+ if test -d ${db3loc}/include/db3; then -+ CPPFLAGS="-I${db3loc}/include/db3 $CPPFLAGS" -+ break -+ fi -+ done - ;; - *) - AC_MSG_WARN([Disabling SASL authentication database support]) -@@ -534,12 +547,16 @@ - fi - - if test "$with_des" != no; then -+ case "$host_os" in -+ freebsd*) -+ COM_ERR="-lcom_err" -+ ;; -+ esac - AC_CHECK_HEADER(krb.h, -- AC_CHECK_LIB(krb, krb_mk_priv, COM_ERR="", -- AC_CHECK_LIB(krb, krb_mk_priv, COM_ERR="-lcom_err", -- AC_WARN(No Kerberos V4 found); krb4=no, -ldes -lcom_err), -- -ldes), -- AC_WARN(No Kerberos V4 found); krb4=no) -+ AC_CHECK_LIB(krb, krb_mk_priv,:, -+ AC_WARN(No Kerberos V4 found); krb4=no, -+ -ldes ${COM_ERR}), -+ AC_WARN(No Kerberos V4 headers found); krb4=no) - else - AC_WARN(No DES library found for Kerberos V4 support) - krb4=no diff --git a/security/cyrus-sasl2/files/patch-java::CyrusSasl::Makefile.am b/security/cyrus-sasl2/files/patch-java::CyrusSasl::Makefile.am deleted file mode 100644 index bf5be6aef933..000000000000 --- a/security/cyrus-sasl2/files/patch-java::CyrusSasl::Makefile.am +++ /dev/null @@ -1,11 +0,0 @@ ---- java/CyrusSasl/Makefile.am.orig Tue Nov 21 23:55:17 2000 -+++ java/CyrusSasl/Makefile.am Thu Jan 17 21:58:10 2002 -@@ -25,7 +25,7 @@ - - javasasl_version = 1:0:0 - --javasasldir = $(prefix)/lib/java/classes/sasl/CyrusSasl -+javasasldir = $(prefix)/share/java/classes/sasl/CyrusSasl - javahtmldir = $(prefix)/html/sasl - - INCLUDES=$(JAVA_INCLUDES) -I$(top_srcdir)/include diff --git a/security/cyrus-sasl2/files/patch-java::javax::security::auth::callback::Makefile.am b/security/cyrus-sasl2/files/patch-java::javax::security::auth::callback::Makefile.am deleted file mode 100644 index d4f02627d7a8..000000000000 --- a/security/cyrus-sasl2/files/patch-java::javax::security::auth::callback::Makefile.am +++ /dev/null @@ -1,11 +0,0 @@ ---- java/javax/security/auth/callback/Makefile.am.orig Sat Nov 4 16:55:44 2000 -+++ java/javax/security/auth/callback/Makefile.am Thu Jan 17 22:05:23 2002 -@@ -39,7 +39,7 @@ - # - ################################################################ - --javasasldir = $(prefix)/lib/java/classes/sasl/javax/security/auth/callback -+javasasldir = $(prefix)/share/java/classes/sasl/javax/security/auth/callback - javahtmldir = $(prefix)/html/sasl - - javasasl_JAVA = PasswordCallback.java \ diff --git a/security/cyrus-sasl2/files/patch-lib::checkpw.c b/security/cyrus-sasl2/files/patch-lib::checkpw.c deleted file mode 100644 index 3bc40e300107..000000000000 --- a/security/cyrus-sasl2/files/patch-lib::checkpw.c +++ /dev/null @@ -1,17 +0,0 @@ ---- lib/checkpw.c.orig Mon Jun 17 18:28:29 2002 -+++ lib/checkpw.c Mon Jun 17 18:31:44 2002 -@@ -1667,12 +1667,14 @@ - return SASL_FAIL; - } - /* setting dereferensing aliases mode */ -+#ifdef LDAP_OPT_DEREF - if (ldap_set_option(ld, LDAP_OPT_DEREF, (void *) &ldap_deref) != LDAP_OPT_SUCCESS) { - if (reply) { - *reply = "cannot set deref options"; - } - return SASL_FAIL; - } -+#endif - /* set ssl mode if needed */ - #ifdef LDAP_OPT_X_TLS - if ( ldap_ssl_flag ) { diff --git a/security/cyrus-sasl2/files/patch-plugins::gssapi.c b/security/cyrus-sasl2/files/patch-plugins::gssapi.c deleted file mode 100644 index 02273633a299..000000000000 --- a/security/cyrus-sasl2/files/patch-plugins::gssapi.c +++ /dev/null @@ -1,15 +0,0 @@ ---- plugins/gssapi.c.orig Fri Mar 9 23:56:46 2001 -+++ plugins/gssapi.c Mon Jan 21 21:03:32 2002 -@@ -71,6 +71,12 @@ - #include <saslutil.h> - #include <saslplug.h> - -+#ifdef HAVE_UNISTD_H -+#include <unistd.h> -+#endif -+ -+#include <errno.h> -+ - #ifdef WIN32 - /* This must be after sasl.h */ - # include "saslgssapi.h" diff --git a/security/cyrus-sasl2/files/patch-pwcheck::Makefile.am b/security/cyrus-sasl2/files/patch-pwcheck::Makefile.am deleted file mode 100644 index c9e94adefa82..000000000000 --- a/security/cyrus-sasl2/files/patch-pwcheck::Makefile.am +++ /dev/null @@ -1,17 +0,0 @@ ---- pwcheck/Makefile.am.orig Wed Mar 22 11:06:43 2000 -+++ pwcheck/Makefile.am Thu Jan 17 19:09:06 2002 -@@ -22,9 +22,13 @@ - # SOFTWARE. - # - --sbin_PROGRAMS = pwcheck -+sbin_PROGRAMS = pwcheck pwcheck_pam - - pwcheck_SOURCES = pwcheck.c - EXTRA_pwcheck_SOURCES = pwcheck_getpwnam.c pwcheck_getspnam.c - pwcheck_DEPENDECIES = pwcheck_@PWCHECKMETH@.lo - pwcheck_LDADD = pwcheck_@PWCHECKMETH@.lo @LIB_CRYPT@ @LIB_SOCKET@ -+ -+pwcheck_pam_SOURCES = pwcheck.c -+pwcheck_pam_DEPENDECIES = pwcheck_pam.lo -+pwcheck_pam_LDADD = pwcheck_pam.lo @LIB_CRYPT@ @LIB_SOCKET@ @LIB_PAM@ diff --git a/security/cyrus-sasl2/files/patch-sample::Makefile.am b/security/cyrus-sasl2/files/patch-sample::Makefile.am deleted file mode 100644 index 98fd62f809da..000000000000 --- a/security/cyrus-sasl2/files/patch-sample::Makefile.am +++ /dev/null @@ -1,12 +0,0 @@ ---- sample/Makefile.am.orig Tue Jan 22 21:00:24 2002 -+++ sample/Makefile.am Tue Jan 22 21:01:02 2002 -@@ -54,7 +54,9 @@ - client_SOURCES = client.c common.c common.h - - server_LDADD = ../lib/libsasl.la $(LIB_SOCKET) -+server_LDFLAGS = $(GSSAPIBASE_LIBS) - client_LDADD = ../lib/libsasl.la $(LIB_SOCKET) -+client_LDFLAGS = $(GSSAPIBASE_LIBS) - - sample_client_LDADD = ../lib/libsasl.la $(LIB_SOCKET) - sample_server_LDADD = ../lib/libsasl.la $(LIB_SOCKET) diff --git a/security/cyrus-sasl2/files/patch-utils::Makefile.am b/security/cyrus-sasl2/files/patch-utils::Makefile.am deleted file mode 100644 index f8c887ba515e..000000000000 --- a/security/cyrus-sasl2/files/patch-utils::Makefile.am +++ /dev/null @@ -1,16 +0,0 @@ ---- utils//Makefile.am.orig Tue Jan 22 21:03:43 2002 -+++ utils//Makefile.am Tue Jan 22 21:02:49 2002 -@@ -45,10 +45,13 @@ - sbin_PROGRAMS = saslpasswd sasldblistusers - man_MANS = saslpasswd.8 sasldblistusers.8 - saslpasswd_LDADD = ../lib/libsasl.la -+saslpasswd_LDFLAGS = $(GSSAPIBASE_LIBS) - sasldblistusers_LDADD = $(SASL_DB_LIB) -+sasldblistusers_LDFLAGS = $(GSSAPIBASE_LIBS) - - noinst_PROGRAMS = dbconverter-1.5.9 - dbconverter_1_5_9_LDADD = ../lib/libsasl.la $(SASL_DB_LIB) -+dbconverter_1_5_9_LDFLAGS = $(GSSAPIBASE_LIBS) - - EXTRA_PROGRAMS = testsuite - testsuite_LDADD = ../lib/libsasl.la $(SASL_DB_LIB) $(LIB_SOCKET) diff --git a/security/cyrus-sasl2/files/pwcheck.sh b/security/cyrus-sasl2/files/pwcheck.sh deleted file mode 100644 index 3f4c903817a2..000000000000 --- a/security/cyrus-sasl2/files/pwcheck.sh +++ /dev/null @@ -1,66 +0,0 @@ -#!/bin/sh -# -# $FreeBSD$ -# - -action=$1 - -PREFIX=%%PREFIX%% - -# Suck in the configuration variables. -if [ -z "${source_rc_confs_defined}" ]; then - if [ -r /etc/defaults/rc.conf ]; then - . /etc/defaults/rc.conf - source_rc_confs - elif [ -r /etc/rc.conf ]; then - . /etc/rc.conf - fi -fi - -# The following sasl_pwcheck_* variables may be defined in rc.conf -# -# sasl_pwcheck_enable - Set to YES to enable pwcheck -# Default: %%ENABLEPWCHECK%% -# -# sasl_pwcheck_program - Path to pwcheck program (pwcheck/pwcheck_pam) -# Default: ${PREFIX}/sbin/%%PWCHECK%% - -if [ -z "${sasl_pwcheck_enable}" ] ; then - sasl_pwcheck_enable=%%ENABLEPWCHECK%% -fi - -if [ -z "${sasl_pwcheck_program}" ]; then - sasl_pwcheck_program=${PREFIX}/sbin/%%PWCHECK%% -fi - -rc=0 - -case "${sasl_pwcheck_enable}" in - [Yy][Ee][Ss]) - case "${action}" in - - start) - if [ -x ${sasl_pwcheck_program} ] ; then - ${sasl_pwcheck_program} & && echo -n " pwcheck" - fi - ;; - - stop) - if [ -r /var/run/pwcheck.pid ]; then - kill `cat /var/run/pwcheck.pid` && echo -n " pwcheck" - rm /var/run/pwcheck.pid - fi - ;; - - *) - echo "usage: $0 {start|stop}" 1>&2 - rc=64 - ;; - esac - ;; - *) - rc=0 - ;; -esac - -exit $rc diff --git a/security/cyrus-sasl2/files/pwcheck_pam.c b/security/cyrus-sasl2/files/pwcheck_pam.c deleted file mode 100644 index 57e1076ca92a..000000000000 --- a/security/cyrus-sasl2/files/pwcheck_pam.c +++ /dev/null @@ -1,101 +0,0 @@ - -#include <security/pam_appl.h> -#include <stdio.h> -#include <stdlib.h> -#include <string.h> - -/* Static variables used to communicate between the conversation function - * and the server_login function - */ -static char *PAM_username; -static char *PAM_password; - -/* PAM conversation function - */ -static int PAM_conv (int num_msg, - const struct pam_message **msg, - struct pam_response **resp, - void *appdata_ptr) { - int replies = 0; - struct pam_response *reply = NULL; - - #define COPY_STRING(s) (s) ? strdup(s) : NULL - - reply = malloc(sizeof(struct pam_response) * num_msg); - if (!reply) return PAM_CONV_ERR; - - for (replies = 0; replies < num_msg; replies++) { - switch (msg[replies]->msg_style) { - case PAM_PROMPT_ECHO_ON: - reply[replies].resp_retcode = PAM_SUCCESS; - reply[replies].resp = COPY_STRING(PAM_username); - /* PAM frees resp */ - break; - case PAM_PROMPT_ECHO_OFF: - reply[replies].resp_retcode = PAM_SUCCESS; - reply[replies].resp = COPY_STRING(PAM_password); - /* PAM frees resp */ - break; - case PAM_TEXT_INFO: - /* fall through */ - case PAM_ERROR_MSG: - /* ignore it, but pam still wants a NULL response... */ - reply[replies].resp_retcode = PAM_SUCCESS; - reply[replies].resp = NULL; - break; - default: - /* Must be an error of some sort... */ - free (reply); - return PAM_CONV_ERR; - } - } - *resp = reply; - return PAM_SUCCESS; -} - -static struct pam_conv PAM_conversation = { - PAM_conv, - NULL -}; - -/* Server log in - * Accepts: user name string - * password string - * Returns: "OK" if password validated, error message otherwise - */ - -char *pwcheck(char *username, char *password) -{ - pam_handle_t *pamh; - int pam_error; - - /* PAM only handles authentication, not user information. */ - if ( !(username && password && strlen(username) && strlen(password)) ) - return "Incorrect username"; - - /* validate password */ - - PAM_password = password; - PAM_username = username; - fprintf(stderr, "checking %s\n", username); - pam_error = pam_start("cyrus", username, &PAM_conversation, &pamh); - if (pam_error == PAM_SUCCESS) - pam_error = pam_authenticate(pamh, 0); - - if (pam_error == PAM_SUCCESS) - pam_error = pam_acct_mgmt(pamh, 0); - - if ( pam_error == PAM_SUCCESS) - fprintf(stderr, "\tauthenticated %s\n", username); - else - fprintf(stderr, "\tfailed to authenticate %s\n", username); - - if(pam_end(pamh, pam_error) != PAM_SUCCESS) { - pamh = NULL; - fprintf(stderr, "pwcheck: failed to release authenticator\n"); - exit(1); - } - return ( pam_error == PAM_SUCCESS ? "OK" : "Incorrect passwd" ); -} - - diff --git a/security/cyrus-sasl2/files/saslauthd.sh b/security/cyrus-sasl2/files/saslauthd.sh new file mode 100644 index 000000000000..39bd6fc091fc --- /dev/null +++ b/security/cyrus-sasl2/files/saslauthd.sh @@ -0,0 +1,75 @@ +#!/bin/sh +# +# $FreeBSD$ +# + +action=$1 + +PREFIX=%%PREFIX%% + +# Suck in the configuration variables. +if [ -z "${source_rc_confs_defined}" ]; then + if [ -r /etc/defaults/rc.conf ]; then + . /etc/defaults/rc.conf + source_rc_confs + elif [ -r /etc/rc.conf ]; then + . /etc/rc.conf + fi +fi + +# The following sasl_saslauthd_* variables may be defined in rc.conf +# +# sasl_saslauthd_enable - Set to YES to enable saslauthd +# Default: %%ENABLEPWCHECK%% +# +# sasl_saslauthd_program - Path to saslauthd program +# Default: ${PREFIX}/sbin/%%PWCHECK%% +# +# sasl_saslauthd_flags - Flags to saslauthd program +# Default: -a pam + +if [ -z "${sasl_saslauthd_enable}" ]; then + sasl_saslauthd_enable=%%ENABLEPWCHECK%% +fi + +if [ -z "${sasl_saslauthd_program}" ]; then + sasl_saslauthd_program=${PREFIX}/sbin/%%PWCHECK%% +fi + +if [ -z "${sasl_saslauthd_flags}" ]; then + sasl_saslauthd_flags="-a pam" +fi + +rc=0 + +case "${sasl_saslauthd_enable}" in + [Yy][Ee][Ss]) + case "${action}" in + + start) + if [ -x ${sasl_saslauthd_program} ] ; then + ${sasl_saslauthd_program} ${sasl_saslauthd_flags} \ + && echo -n " saslauthd" + fi + ;; + + stop) + if [ -r /var/state/saslauthd/mux.pid ]; then + kill `cat /var/state/saslauthd/mux.pid` && \ + echo -n " saslauthd" + rm /var/state/saslauthd/mux.pid + fi + ;; + + *) + echo "usage: $0 {start|stop}" 1>&2 + rc=64 + ;; + esac + ;; + *) + rc=0 + ;; +esac + +exit $rc |