Update to 2.1.20.

* Fixes to cram plugin to avoid attempting to canonify uninitialized data. * NTLM portability fixes. * Avoid potential attack using SASL_PATH when sasl is used in a setuid environment. * A trivial number of small bugfixes.
author: Hajimu UMEMOTO <ume@FreeBSD.org> 2004-10-25 12:42:40 +0000
committer: Hajimu UMEMOTO <ume@FreeBSD.org> 2004-10-25 12:42:40 +0000
commit: 718daad6ebc27a1f91552d5927e9bdeb4be505b8 (patch)
tree: 040d74872ab3e7d98987a896102c3042e032cecd /security
parent: 3e93972cbafd6e54589502317f216979e0c7b669 (diff)
download: ports-718daad6ebc27a1f91552d5927e9bdeb4be505b8.tar.gz
ports-718daad6ebc27a1f91552d5927e9bdeb4be505b8.zip
6 files changed, 91 insertions, 98 deletions
diff --git a/security/cyrus-sasl2-saslauthd/Makefile b/security/cyrus-sasl2-saslauthd/Makefile
index 6d5e2fcc43c5..506130bd1e8b 100644
--- a/security/cyrus-sasl2-saslauthd/Makefile
+++ b/security/cyrus-sasl2-saslauthd/Makefile
@@ -6,7 +6,7 @@
 #
 
 PORTNAME=	saslauthd
-PORTVERSION=	2.1.19
+PORTVERSION=	2.1.20
 #PORTREVISION=	0
 CATEGORIES=	security ipv6
 MASTER_SITES=	ftp://ftp.andrew.cmu.edu/pub/cyrus-mail/%SUBDIR%/ \
@@ -130,6 +130,7 @@ RC_SCRIPTS_SUB=	PREFIX=${PREFIX} \
 
 do-build:
 	@${RM} -f ${WRKSRC}/saslauthd/saslauthd.8
+	cd ${WRKSRC}/include && ${MAKE}
 	cd ${WRKSRC}/sasldb && ${MAKE}
 	cd ${WRKSRC}/saslauthd && ${MAKE}
 
diff --git a/security/cyrus-sasl2/Makefile b/security/cyrus-sasl2/Makefile
index 205aadabe1c2..0b3ecaf171fb 100644
--- a/security/cyrus-sasl2/Makefile
+++ b/security/cyrus-sasl2/Makefile
@@ -6,8 +6,8 @@
 #
 
 PORTNAME=	cyrus-sasl
-PORTVERSION=	2.1.19
-PORTREVISION=	1
+PORTVERSION=	2.1.20
+#PORTREVISION=	0
 CATEGORIES=	security ipv6
 MASTER_SITES=	ftp://ftp.andrew.cmu.edu/pub/cyrus-mail/%SUBDIR%/ \
 		ftp://ftp.westbend.net/pub/cyrus-mail/%SUBDIR%/ \
diff --git a/security/cyrus-sasl2/distinfo b/security/cyrus-sasl2/distinfo
index aa2886796c3f..fedf675371a4 100644
--- a/security/cyrus-sasl2/distinfo
+++ b/security/cyrus-sasl2/distinfo
@@ -1,2 +1,2 @@
-MD5 (cyrus-sasl-2.1.19.tar.gz) = ea76410ad88fa7b6c17a6aac424382c9
-SIZE (cyrus-sasl-2.1.19.tar.gz) = 1537350
+MD5 (cyrus-sasl-2.1.20.tar.gz) = 268ead27f4ac39bcfe17d9e38e0f2977
+SIZE (cyrus-sasl-2.1.20.tar.gz) = 1775163
diff --git a/security/cyrus-sasl2/files/patch-configure b/security/cyrus-sasl2/files/patch-configure
index 2aedb1450bc6..ca1914b37c31 100644
--- a/security/cyrus-sasl2/files/patch-configure
+++ b/security/cyrus-sasl2/files/patch-configure
@@ -1,8 +1,8 @@
 Index: configure
 diff -u configure.orig configure
---- configure.orig	Sat Jul  3 04:39:54 2004
-+++ configure	Thu Jul 15 02:37:58 2004
-@@ -1577,6 +1577,7 @@
+--- configure.orig	Mon Oct 25 05:21:08 2004
++++ configure	Mon Oct 25 21:24:23 2004
+@@ -1578,6 +1578,7 @@
  fi
  echo "$as_me:$LINENO: result: yes" >&5
  echo "${ECHO_T}yes" >&6
@@ -10,53 +10,57 @@ diff -u configure.orig configure
  test "$program_prefix" != NONE &&
    program_transform_name="s,^,$program_prefix,;$program_transform_name"
  # Use a double $ so make ignores it.
-@@ -5127,7 +5128,7 @@
- 	    BDB_LIBADD=""
+@@ -5129,7 +5130,7 @@
  	fi
  
+ 	saved_LIBS=$LIBS
 -        for dbname in db-4.2 db4.2 db42 db-4.1 db4.1 db41 db-4.0 db4.0 db-4 db40 db4 db-3.3 db3.3 db33 db-3.2 db3.2 db32 db-3.1 db3.1 db31 db-3 db30 db3 db
 +        for dbname in ${with_bdb} db-4.2 db4.2 db42 db-4.1 db4.1 db41 db-4.0 db4.0 db-4 db40 db4 db-3.3 db3.3 db33 db-3.2 db3.2 db32 db-3.1 db3.1 db31 db-3 db30 db3 db
            do
-             as_ac_Lib=`echo "ac_cv_lib_$dbname''_db_create" | $as_tr_sh`
- echo "$as_me:$LINENO: checking for db_create in -l$dbname" >&5
-@@ -5151,11 +5152,11 @@
- #endif
- /* We use char because int might match the return type of a gcc2
-    builtin and then its argument prototype would still apply.  */
--char db_create ();
-+#include <db.h>
+ 	    LIBS="$saved_LIBS -l$dbname"
+ 	    cat >conftest.$ac_ext <<_ACEOF
+@@ -5139,6 +5140,7 @@
+ cat confdefs.h >>conftest.$ac_ext
+ cat >>conftest.$ac_ext <<_ACEOF
+ /* end confdefs.h.  */
++#include <stdio.h>
+ #include <db.h>
  int
  main ()
- {
--db_create ();
-+db_create (0, 0, 0);
-   ;
-   return 0;
- }
-@@ -5930,7 +5931,7 @@
- 	    BDB_LIBADD=""
+@@ -5161,6 +5163,7 @@
+   echo "$as_me:$LINENO: \$? = $ac_status" >&5
+   (exit $ac_status); }; }; then
+   BDB_LIBADD="$BDB_LIBADD -l$dbname"; dblib="berkeley"; dbname=db
++  break
+ else
+   echo "$as_me: failed program was:" >&5
+ sed 's/^/| /' conftest.$ac_ext >&5
+@@ -5885,7 +5888,7 @@
  	fi
  
+ 	saved_LIBS=$LIBS
 -        for dbname in db-4.2 db4.2 db42 db-4.1 db4.1 db41 db-4.0 db4.0 db-4 db40 db4 db-3.3 db3.3 db33 db-3.2 db3.2 db32 db-3.1 db3.1 db31 db-3 db30 db3 db
 +        for dbname in ${with_bdb} db-4.2 db4.2 db42 db-4.1 db4.1 db41 db-4.0 db4.0 db-4 db40 db4 db-3.3 db3.3 db33 db-3.2 db3.2 db32 db-3.1 db3.1 db31 db-3 db30 db3 db
            do
-             as_ac_Lib=`echo "ac_cv_lib_$dbname''_db_create" | $as_tr_sh`
- echo "$as_me:$LINENO: checking for db_create in -l$dbname" >&5
-@@ -5954,11 +5955,11 @@
- #endif
- /* We use char because int might match the return type of a gcc2
-    builtin and then its argument prototype would still apply.  */
--char db_create ();
-+#include <db.h>
+ 	    LIBS="$saved_LIBS -l$dbname"
+ 	    cat >conftest.$ac_ext <<_ACEOF
+@@ -5895,6 +5898,7 @@
+ cat confdefs.h >>conftest.$ac_ext
+ cat >>conftest.$ac_ext <<_ACEOF
+ /* end confdefs.h.  */
++#include <stdio.h>
+ #include <db.h>
  int
  main ()
- {
--db_create ();
-+db_create (0, 0, 0);
-   ;
-   return 0;
- }
-@@ -7182,6 +7183,8 @@
+@@ -5917,6 +5921,7 @@
+   echo "$as_me:$LINENO: \$? = $ac_status" >&5
+   (exit $ac_status); }; }; then
+   BDB_LIBADD="$BDB_LIBADD -l$dbname"; dblib="berkeley"; dbname=db
++  break
+ else
+   echo "$as_me: failed program was:" >&5
+ sed 's/^/| /' conftest.$ac_ext >&5
+@@ -7089,6 +7094,8 @@
    SASLAUTHD_TRUE='#'
    SASLAUTHD_FALSE=
  fi
@@ -65,7 +69,7 @@ diff -u configure.orig configure
  
  echo "$as_me:$LINENO: checking if I should include saslauthd" >&5
  echo $ECHO_N "checking if I should include saslauthd... $ECHO_C" >&6
-@@ -10170,7 +10173,7 @@
+@@ -10084,7 +10091,7 @@
    echo $ECHO_N "(cached) $ECHO_C" >&6
  else
    ac_check_lib_save_LIBS=$LIBS
@@ -74,16 +78,16 @@ diff -u configure.orig configure
  cat >conftest.$ac_ext <<_ACEOF
  #line $LINENO "configure"
  /* confdefs.h.  */
-@@ -10519,7 +10522,7 @@
-     GSSAPIBASE_LIBS="$GSSAPIBASE_LIBS -lgssapi_krb5 -lkrb5 -lk5crypto -lcom_err"
+@@ -10434,7 +10441,7 @@
      GSSAPIBASE_STATIC_LIBS="$GSSAPIBASE_LIBS $gssapi_dir/libgssapi_krb5.a $gssapi_dir/libkrb5.a $gssapi_dir/libk5crypto.a $gssapi_dir/libcom_err.a"
    elif test "$gss_impl" = "heimdal"; then
+     CPPFLAGS="$CPPFLAGS -DKRB5_HEIMDAL"
 -    GSSAPIBASE_LIBS="$GSSAPIBASE_LIBS -lgssapi -lkrb5 -lasn1 -lroken ${LIB_CRYPT} ${LIB_DES} -lcom_err"
 +    GSSAPIBASE_LIBS="$GSSAPIBASE_LIBS `krb5-config --libs gssapi`"
      GSSAPIBASE_STATIC_LIBS="$GSSAPIBASE_STATIC_LIBS $gssapi_dir/libgssapi.a $gssapi_dir/libkrb5.a $gssapi_dir/libasn1.a $gssapi_dir/libroken.a $gssapi_dir/libcom_err.a ${LIB_CRYPT}"
    elif test "$gss_impl" = "cybersafe03"; then
  # Version of CyberSafe with two libraries
-@@ -11291,7 +11294,7 @@
+@@ -11229,7 +11236,7 @@
    echo $ECHO_N "(cached) $ECHO_C" >&6
  else
    ac_check_lib_save_LIBS=$LIBS
diff --git a/security/cyrus-sasl2/files/patch-lib::common.c b/security/cyrus-sasl2/files/patch-lib::common.c
deleted file mode 100644
index 76b66e7b5e86..000000000000
--- a/security/cyrus-sasl2/files/patch-lib::common.c
+++ /dev/null
@@ -1,16 +0,0 @@
-Index: lib/common.c
-diff -u -p lib/common.c.orig lib/common.c
---- lib/common.c.orig	Wed Jul  7 01:03:05 2004
-+++ lib/common.c	Sat Oct  9 02:03:02 2004
-@@ -1838,7 +1838,10 @@ _sasl_getpath(void *context __attribute_
-   if (! path)
-     return SASL_BADPARAM;
- 
--  *path = getenv(SASL_PATH_ENV_VAR);
-+  /* Honor external variable only in a safe environment */
-+  if (getuid() == geteuid() && getgid() == getegid())
-+    *path = getenv(SASL_PATH_ENV_VAR);
-+
-   if (! *path)
-     *path = PLUGINDIR;
- 
diff --git a/security/cyrus-sasl2/files/patch-saslauthd::configure b/security/cyrus-sasl2/files/patch-saslauthd::configure
index b7418328ae40..c22cb2ab9d1b 100644
--- a/security/cyrus-sasl2/files/patch-saslauthd::configure
+++ b/security/cyrus-sasl2/files/patch-saslauthd::configure
@@ -1,7 +1,7 @@
 Index: saslauthd/configure
 diff -u saslauthd/configure.orig saslauthd/configure
---- saslauthd/configure.orig	Thu Mar 11 00:56:16 2004
-+++ saslauthd/configure	Fri Mar 12 00:28:40 2004
+--- saslauthd/configure.orig	Mon Oct 25 05:21:13 2004
++++ saslauthd/configure	Mon Oct 25 21:24:46 2004
 @@ -1523,6 +1523,7 @@
  fi
  echo "$as_me:$LINENO: result: yes" >&5
@@ -10,7 +10,7 @@ diff -u saslauthd/configure.orig saslauthd/configure
  test "$program_prefix" != NONE &&
    program_transform_name="s,^,$program_prefix,;$program_transform_name"
  # Use a double $ so make ignores it.
-@@ -6385,7 +6386,7 @@
+@@ -6392,7 +6393,7 @@
    echo $ECHO_N "(cached) $ECHO_C" >&6
  else
    ac_check_lib_save_LIBS=$LIBS
@@ -19,58 +19,62 @@ diff -u saslauthd/configure.orig saslauthd/configure
  cat >conftest.$ac_ext <<_ACEOF
  #line $LINENO "configure"
  /* confdefs.h.  */
-@@ -6734,7 +6735,7 @@
-     GSSAPIBASE_LIBS="$GSSAPIBASE_LIBS -lgssapi_krb5 -lkrb5 -lk5crypto -lcom_err"
+@@ -6742,7 +6743,7 @@
      GSSAPIBASE_STATIC_LIBS="$GSSAPIBASE_LIBS $gssapi_dir/libgssapi_krb5.a $gssapi_dir/libkrb5.a $gssapi_dir/libk5crypto.a $gssapi_dir/libcom_err.a"
    elif test "$gss_impl" = "heimdal"; then
+     CPPFLAGS="$CPPFLAGS -DKRB5_HEIMDAL"
 -    GSSAPIBASE_LIBS="$GSSAPIBASE_LIBS -lgssapi -lkrb5 -lasn1 -lroken ${LIB_CRYPT} ${LIB_DES} -lcom_err"
 +    GSSAPIBASE_LIBS="$GSSAPIBASE_LIBS `krb5-config --libs gssapi`"
      GSSAPIBASE_STATIC_LIBS="$GSSAPIBASE_STATIC_LIBS $gssapi_dir/libgssapi.a $gssapi_dir/libkrb5.a $gssapi_dir/libasn1.a $gssapi_dir/libroken.a $gssapi_dir/libcom_err.a ${LIB_CRYPT}"
    elif test "$gss_impl" = "cybersafe03"; then
  # Version of CyberSafe with two libraries
-@@ -7493,7 +7494,7 @@
- 	    BDB_LIBADD=""
+@@ -7502,7 +7503,7 @@
  	fi
  
+ 	saved_LIBS=$LIBS
 -        for dbname in db-4.2 db4.2 db42 db-4.1 db4.1 db41 db-4.0 db4.0 db-4 db40 db4 db-3.3 db3.3 db33 db-3.2 db3.2 db32 db-3.1 db3.1 db31 db-3 db30 db3 db
 +        for dbname in ${with_bdb} db-4.2 db4.2 db42 db-4.1 db4.1 db41 db-4.0 db4.0 db-4 db40 db4 db-3.3 db3.3 db33 db-3.2 db3.2 db32 db-3.1 db3.1 db31 db-3 db30 db3 db
            do
-             as_ac_Lib=`echo "ac_cv_lib_$dbname''_db_create" | $as_tr_sh`
- echo "$as_me:$LINENO: checking for db_create in -l$dbname" >&5
-@@ -7517,11 +7518,11 @@
- #endif
- /* We use char because int might match the return type of a gcc2
-    builtin and then its argument prototype would still apply.  */
--char db_create ();
-+#include <db.h>
+ 	    LIBS="$saved_LIBS -l$dbname"
+ 	    cat >conftest.$ac_ext <<_ACEOF
+@@ -7512,6 +7513,7 @@
+ cat confdefs.h >>conftest.$ac_ext
+ cat >>conftest.$ac_ext <<_ACEOF
+ /* end confdefs.h.  */
++#include <stdio.h>
+ #include <db.h>
  int
  main ()
- {
--db_create ();
-+db_create (0, 0, 0);
-   ;
-   return 0;
- }
-@@ -8296,7 +8297,7 @@
- 	    BDB_LIBADD=""
+@@ -7534,6 +7536,7 @@
+   echo "$as_me:$LINENO: \$? = $ac_status" >&5
+   (exit $ac_status); }; }; then
+   BDB_LIBADD="$BDB_LIBADD -l$dbname"; dblib="berkeley"; dbname=db
++  break
+ else
+   echo "$as_me: failed program was:" >&5
+ sed 's/^/| /' conftest.$ac_ext >&5
+@@ -8258,7 +8261,7 @@
  	fi
  
+ 	saved_LIBS=$LIBS
 -        for dbname in db-4.2 db4.2 db42 db-4.1 db4.1 db41 db-4.0 db4.0 db-4 db40 db4 db-3.3 db3.3 db33 db-3.2 db3.2 db32 db-3.1 db3.1 db31 db-3 db30 db3 db
 +        for dbname in ${with_bdb} db-4.2 db4.2 db42 db-4.1 db4.1 db41 db-4.0 db4.0 db-4 db40 db4 db-3.3 db3.3 db33 db-3.2 db3.2 db32 db-3.1 db3.1 db31 db-3 db30 db3 db
            do
-             as_ac_Lib=`echo "ac_cv_lib_$dbname''_db_create" | $as_tr_sh`
- echo "$as_me:$LINENO: checking for db_create in -l$dbname" >&5
-@@ -8320,11 +8321,11 @@
- #endif
- /* We use char because int might match the return type of a gcc2
-    builtin and then its argument prototype would still apply.  */
--char db_create ();
-+#include <db.h>
+ 	    LIBS="$saved_LIBS -l$dbname"
+ 	    cat >conftest.$ac_ext <<_ACEOF
+@@ -8268,6 +8271,7 @@
+ cat confdefs.h >>conftest.$ac_ext
+ cat >>conftest.$ac_ext <<_ACEOF
+ /* end confdefs.h.  */
++#include <stdio.h>
+ #include <db.h>
  int
  main ()
- {
--db_create ();
-+db_create (0, 0, 0);
-   ;
-   return 0;
- }
+@@ -8290,6 +8294,7 @@
+   echo "$as_me:$LINENO: \$? = $ac_status" >&5
+   (exit $ac_status); }; }; then
+   BDB_LIBADD="$BDB_LIBADD -l$dbname"; dblib="berkeley"; dbname=db
++  break
+ else
+   echo "$as_me: failed program was:" >&5
+ sed 's/^/| /' conftest.$ac_ext >&5
author	Hajimu UMEMOTO <ume@FreeBSD.org>	2004-10-25 12:42:40 +0000
committer	Hajimu UMEMOTO <ume@FreeBSD.org>	2004-10-25 12:42:40 +0000
commit	718daad6ebc27a1f91552d5927e9bdeb4be505b8 (patch)
tree	040d74872ab3e7d98987a896102c3042e032cecd /security
parent	3e93972cbafd6e54589502317f216979e0c7b669 (diff)
download	ports-718daad6ebc27a1f91552d5927e9bdeb4be505b8.tar.gz ports-718daad6ebc27a1f91552d5927e9bdeb4be505b8.zip