From 0f0cda2c52f765ce1219cf665e77ac793b43194c Mon Sep 17 00:00:00 2001 From: Petr Lautrbach Date: Fri, 7 Dec 2012 16:37:53 +0100 Subject: [PATCH] update to 2.1.25 add cyrus-sasl-scram and cyrus-sasl-gs2 packages --- cyrus-sasl-2.1.18-no_rpath.patch | 19 --- cyrus-sasl-2.1.22-bad-elif.patch | 21 --- cyrus-sasl-2.1.22-digest-commas.patch | 148 ------------------ cyrus-sasl-2.1.22-rimap.patch | 38 ----- cyrus-sasl-2.1.22-typo.patch | 12 -- cyrus-sasl-2.1.22-warnings.patch | 84 ---------- cyrus-sasl-2.1.23-ac-quote.patch | 33 ---- cyrus-sasl-2.1.23-ntlm.patch | 12 -- cyrus-sasl-2.1.23-relro.patch | 25 --- cyrus-sasl-2.1.25-no_rpath.patch | 20 +++ ...rus-sasl-2.1.25-release-server_creds.patch | 11 +- cyrus-sasl-2.1.25-relro.patch | 24 +++ cyrus-sasl-2.1.25-warnings.patch | 62 ++++++++ cyrus-sasl.spec | 59 ++++--- 14 files changed, 148 insertions(+), 420 deletions(-) delete mode 100644 cyrus-sasl-2.1.18-no_rpath.patch delete mode 100644 cyrus-sasl-2.1.22-bad-elif.patch delete mode 100644 cyrus-sasl-2.1.22-digest-commas.patch delete mode 100644 cyrus-sasl-2.1.22-rimap.patch delete mode 100644 cyrus-sasl-2.1.22-typo.patch delete mode 100644 cyrus-sasl-2.1.22-warnings.patch delete mode 100644 cyrus-sasl-2.1.23-ac-quote.patch delete mode 100644 cyrus-sasl-2.1.23-ntlm.patch delete mode 100644 cyrus-sasl-2.1.23-relro.patch create mode 100644 cyrus-sasl-2.1.25-no_rpath.patch rename cyrus-sasl-2.1.23-release-server_creds.patch => cyrus-sasl-2.1.25-release-server_creds.patch (53%) create mode 100644 cyrus-sasl-2.1.25-relro.patch create mode 100644 cyrus-sasl-2.1.25-warnings.patch diff --git a/cyrus-sasl-2.1.18-no_rpath.patch b/cyrus-sasl-2.1.18-no_rpath.patch deleted file mode 100644 index f01f7b8..0000000 --- a/cyrus-sasl-2.1.18-no_rpath.patch +++ /dev/null @@ -1,19 +0,0 @@ ---- cyrus-sasl-2.1.18/cmulocal/cyrus.m4 2004-05-13 14:32:14.341038898 +0200 -+++ cyrus-sasl-2.1.18/cmulocal/cyrus.m4 2004-05-13 14:34:18.471968788 +0200 -@@ -32,14 +32,5 @@ - dnl runpath initialization - AC_DEFUN([CMU_GUESS_RUNPATH_SWITCH], [ - # CMU GUESS RUNPATH SWITCH -- AC_CACHE_CHECK(for runpath switch, andrew_runpath_switch, [ -- # first, try -R -- SAVE_LDFLAGS="${LDFLAGS}" -- LDFLAGS="-R /usr/lib" -- AC_TRY_LINK([],[],[andrew_runpath_switch="-R"], [ -- LDFLAGS="-Wl,-rpath,/usr/lib" -- AC_TRY_LINK([],[],[andrew_runpath_switch="-Wl,-rpath,"], -- [andrew_runpath_switch="none"]) -- ]) -- LDFLAGS="${SAVE_LDFLAGS}" -- ])]) -+ andrew_runpath_switch="none" -+ ]) diff --git a/cyrus-sasl-2.1.22-bad-elif.patch b/cyrus-sasl-2.1.22-bad-elif.patch deleted file mode 100644 index 33550c4..0000000 --- a/cyrus-sasl-2.1.22-bad-elif.patch +++ /dev/null @@ -1,21 +0,0 @@ -diff -up cyrus-sasl-2.1.22/plugins/digestmd5.c.elif cyrus-sasl-2.1.22/plugins/digestmd5.c ---- cyrus-sasl-2.1.22/plugins/digestmd5.c.elif 2009-01-23 09:40:31.000000000 +0100 -+++ cyrus-sasl-2.1.22/plugins/digestmd5.c 2009-02-06 15:20:15.000000000 +0100 -@@ -2743,7 +2743,7 @@ static sasl_server_plug_t digestmd5_serv - "DIGEST-MD5", /* mech_name */ - #ifdef WITH_RC4 - 128, /* max_ssf */ --#elif WITH_DES -+#elif defined(WITH_DES) - 112, - #else - 1, -@@ -4071,7 +4071,7 @@ static sasl_client_plug_t digestmd5_clie - "DIGEST-MD5", - #ifdef WITH_RC4 /* mech_name */ - 128, /* max ssf */ --#elif WITH_DES -+#elif defined(WITH_DES) - 112, - #else - 1, diff --git a/cyrus-sasl-2.1.22-digest-commas.patch b/cyrus-sasl-2.1.22-digest-commas.patch deleted file mode 100644 index 137f987..0000000 --- a/cyrus-sasl-2.1.22-digest-commas.patch +++ /dev/null @@ -1,148 +0,0 @@ -Pulled from CVS, Ident strings removed to let the patch apply pretty cleanly. - -=================================================================== -RCS file: /afs/andrew.cmu.edu/system/cvs/src/sasl/plugins/digestmd5.c,v -retrieving revision 1.183 -retrieving revision 1.184 -diff -u -r1.183 -r1.184 ---- src/sasl/plugins/digestmd5.c 2006/11/27 20:41:55 1.183 -+++ src/sasl/plugins/digestmd5.c 2007/02/14 17:16:14 1.184 -@@ -556,12 +556,17 @@ - return SASL_OK; - } - -+static int is_lws_char (char c) -+{ -+ return (c == ' ' || c == HT || c == CR || c == LF); -+} -+ - static char *skip_lws (char *s) - { - if (!s) return NULL; - - /* skipping spaces: */ -- while (s[0] == ' ' || s[0] == HT || s[0] == CR || s[0] == LF) { -+ while (is_lws_char(s[0])) { - if (s[0] == '\0') break; - s++; - } -@@ -750,17 +755,30 @@ - static void get_pair(char **in, char **name, char **value) - { - char *endpair; -- /* int inQuotes; */ - char *curp = *in; - *name = NULL; - *value = NULL; - - if (curp == NULL) return; -- if (curp[0] == '\0') return; -- -- /* skipping spaces: */ -- curp = skip_lws(curp); -- -+ -+ while (curp[0] != '\0') { -+ /* skipping spaces: */ -+ curp = skip_lws(curp); -+ -+ /* 'LWS "," LWS "," ...' is allowed by the DIGEST-MD5 ABNF */ -+ if (curp[0] == ',') { -+ curp++; -+ } else { -+ break; -+ } -+ } -+ -+ if (curp[0] == '\0') { -+ /* End of the string is not an error */ -+ *name = ""; -+ return; -+ } -+ - *name = curp; - - curp = skip_token(curp,1); -@@ -787,22 +805,24 @@ - endpair = unquote (curp); - if (endpair == NULL) { /* Unbalanced quotes */ - *name = NULL; -+ *value = NULL; - return; - } -- if (endpair[0] != ',') { -- if (endpair[0]!='\0') { -- *endpair++ = '\0'; -- } -+ -+ /* An optional LWS is allowed after the value. Skip it. */ -+ if (is_lws_char (endpair[0])) { -+ /* Remove the trailing LWS from the value */ -+ *endpair++ = '\0'; -+ endpair = skip_lws(endpair); - } -- -- endpair = skip_lws(endpair); -- -+ - /* syntax check: MUST be '\0' or ',' */ - if (endpair[0] == ',') { - endpair[0] = '\0'; - endpair++; /* skipping <,> */ - } else if (endpair[0] != '\0') { - *name = NULL; -+ *value = NULL; - return; - } - -@@ -2090,9 +2110,17 @@ - char *name = NULL, *value = NULL; - get_pair(&in, &name, &value); - -- if (name == NULL) -- break; -+ if (name == NULL) { -+ SETERROR(sparams->utils, -+ "Parse error"); -+ result = SASL_BADAUTH; -+ goto FreeAllMem; -+ } - -+ if (*name == '\0') { -+ break; -+ } -+ - /* Extracting parameters */ - - /* -@@ -3222,10 +3250,14 @@ - /* if parse error */ - if (name == NULL) { - params->utils->seterror(params->utils->conn, 0, "Parse error"); -- result = SASL_FAIL; -+ result = SASL_BADAUTH; - goto FreeAllocatedMem; - } - -+ if (*name == '\0') { -+ break; -+ } -+ - if (strcasecmp(name, "realm") == 0) { - nrealm++; - -@@ -3887,9 +3919,14 @@ - if (name == NULL) { - params->utils->seterror(params->utils->conn, 0, - "DIGEST-MD5 Received Garbage"); -+ result = SASL_BADAUTH; - break; - } - -+ if (*name == '\0') { -+ break; -+ } -+ - if (strcasecmp(name, "rspauth") == 0) { - - if (strcmp(text->response_value, value) != 0) { diff --git a/cyrus-sasl-2.1.22-rimap.patch b/cyrus-sasl-2.1.22-rimap.patch deleted file mode 100644 index a619963..0000000 --- a/cyrus-sasl-2.1.22-rimap.patch +++ /dev/null @@ -1,38 +0,0 @@ -diff -up cyrus-sasl-2.1.22/saslauthd/auth_rimap.c.rimap cyrus-sasl-2.1.22/saslauthd/auth_rimap.c ---- cyrus-sasl-2.1.22/saslauthd/auth_rimap.c.rimap 2006-04-06 22:19:54.000000000 +0200 -+++ cyrus-sasl-2.1.22/saslauthd/auth_rimap.c 2008-07-01 22:48:09.000000000 +0200 -@@ -163,6 +163,7 @@ qstring ( - p1 = s; - while ((p1 = strchr(p1, '"')) != NULL) { - num_quotes++; -+ ++p1; - } - - if (!num_quotes) { -@@ -198,7 +199,7 @@ qstring ( - } - *p2++ = *p1++; - } -- strcat(p2, "\""); -+ strcpy(p2, "\""); - return c; - } - -@@ -438,7 +439,7 @@ auth_rimap ( - syslog(LOG_WARNING, "auth_rimap: writev: %m"); - memset(qlogin, 0, strlen(qlogin)); - free(qlogin); -- memset(qpass, 0, strlen(qlogin)); -+ memset(qpass, 0, strlen(qpass)); - free(qpass); - (void)close(s); - return strdup(RESP_IERROR); -@@ -447,7 +448,7 @@ auth_rimap ( - /* don't need these any longer */ - memset(qlogin, 0, strlen(qlogin)); - free(qlogin); -- memset(qpass, 0, strlen(qlogin)); -+ memset(qpass, 0, strlen(qpass)); - free(qpass); - - /* read and parse the LOGIN response */ diff --git a/cyrus-sasl-2.1.22-typo.patch b/cyrus-sasl-2.1.22-typo.patch deleted file mode 100644 index 20e235a..0000000 --- a/cyrus-sasl-2.1.22-typo.patch +++ /dev/null @@ -1,12 +0,0 @@ -Upstream #2848, Red Hat #196066. ---- cyrus-sasl-2.1.22/man/sasl_client_start.3 2006-06-20 15:05:35.000000000 -0400 -+++ cyrus-sasl-2.1.22/man/sasl_client_start.3 2006-06-20 15:05:28.000000000 -0400 -@@ -73,7 +73,7 @@ - - .PP - .I mechlist --is a list of mechanisms the server has available. Punctuation if ignored. -+is a list of mechanisms the server has available. Punctuation is ignored. - .PP - .I prompt_need - is filled in with a list of prompts needed to continue (if necessary). diff --git a/cyrus-sasl-2.1.22-warnings.patch b/cyrus-sasl-2.1.22-warnings.patch deleted file mode 100644 index 392da1f..0000000 --- a/cyrus-sasl-2.1.22-warnings.patch +++ /dev/null @@ -1,84 +0,0 @@ -diff -up cyrus-sasl-2.1.22/lib/auxprop.c.warnings cyrus-sasl-2.1.22/lib/auxprop.c ---- cyrus-sasl-2.1.22/lib/auxprop.c.warnings 2006-03-14 15:23:55.000000000 +0100 -+++ cyrus-sasl-2.1.22/lib/auxprop.c 2008-09-10 14:31:01.000000000 +0200 -@@ -46,6 +46,7 @@ - #include - #include - #include -+#include - #include "saslint.h" - - struct proppool -diff -up cyrus-sasl-2.1.22/lib/server.c.warnings cyrus-sasl-2.1.22/lib/server.c ---- cyrus-sasl-2.1.22/lib/server.c.warnings 2006-05-17 18:46:13.000000000 +0200 -+++ cyrus-sasl-2.1.22/lib/server.c 2008-09-10 14:39:02.000000000 +0200 -@@ -517,7 +517,7 @@ static int load_config(const sasl_callba - goto done; - } - -- snprintf(config_filename, len, "%.*s%c%s.conf", path_len, path_to_config, -+ snprintf(config_filename, len, "%.*s%c%s.conf", (int)path_len, path_to_config, - HIER_DELIMITER, global_callbacks.appname); - - /* Ask the application if it's safe to use this file */ -diff -up cyrus-sasl-2.1.22/plugins/gssapi.c.warnings cyrus-sasl-2.1.22/plugins/gssapi.c ---- cyrus-sasl-2.1.22/plugins/gssapi.c.warnings 2004-07-21 16:39:06.000000000 +0200 -+++ cyrus-sasl-2.1.22/plugins/gssapi.c 2008-09-10 14:20:59.000000000 +0200 -@@ -190,7 +190,8 @@ sasl_gss_seterror_(const sasl_utils_t *u - OM_uint32 msg_ctx; - int ret; - char *out = NULL; -- size_t len, curlen = 0; -+ size_t len; -+ unsigned curlen = 0; - const char prefix[] = "GSSAPI Error: "; - - len = sizeof(prefix); -diff -up cyrus-sasl-2.1.22/plugins/ldapdb.c.warnings cyrus-sasl-2.1.22/plugins/ldapdb.c ---- cyrus-sasl-2.1.22/plugins/ldapdb.c.warnings 2005-02-19 03:26:31.000000000 +0100 -+++ cyrus-sasl-2.1.22/plugins/ldapdb.c 2008-09-10 14:52:33.000000000 +0200 -@@ -21,6 +21,7 @@ - - #include "plugin_common.h" - -+#define LDAP_DEPRECATED 1 - #include - - static char ldapdb[] = "ldapdb"; -diff -up cyrus-sasl-2.1.22/saslauthd/lak.c.warnings cyrus-sasl-2.1.22/saslauthd/lak.c ---- cyrus-sasl-2.1.22/saslauthd/lak.c.warnings 2005-05-15 07:49:51.000000000 +0200 -+++ cyrus-sasl-2.1.22/saslauthd/lak.c 2008-09-10 14:52:51.000000000 +0200 -@@ -55,6 +55,7 @@ - #include - #endif - -+#define LDAP_DEPRECATED 1 - #include - #include - #include -diff -up cyrus-sasl-2.1.22/saslauthd/auth_httpform.c.warnings cyrus-sasl-2.1.22/saslauthd/auth_httpform.c ---- cyrus-sasl-2.1.22/saslauthd/auth_httpform.c.warnings 2006-04-19 21:51:13.000000000 +0200 -+++ cyrus-sasl-2.1.22/saslauthd/auth_httpform.c 2008-09-10 14:45:57.000000000 +0200 -@@ -552,7 +552,7 @@ auth_httpform ( - "Content-Type: application/x-www-form-urlencoded" CRLF - "Content-Length: %d" TWO_CRLF - "%s", -- r_uri, r_host, r_port, strlen(escreq), escreq); -+ r_uri, r_host, r_port, (int)strlen(escreq), escreq); - - if (flags & VERBOSE) { - syslog(LOG_DEBUG, "auth_httpform: sending %s %s %s", -diff -up cyrus-sasl-2.1.22/saslauthd/auth_shadow.c.warnings cyrus-sasl-2.1.22/saslauthd/auth_shadow.c ---- cyrus-sasl-2.1.22/saslauthd/auth_shadow.c.warnings 2006-04-19 21:36:36.000000000 +0200 -+++ cyrus-sasl-2.1.22/saslauthd/auth_shadow.c 2008-09-10 14:47:47.000000000 +0200 -@@ -63,6 +63,10 @@ - # include - # endif /* ! HAVE_GETUSERPW */ - -+# ifdef HAVE_CRYPT_H -+# include -+# endif -+ - # include "auth_shadow.h" - # include "globals.h" - /* END PUBLIC DEPENDENCIES */ diff --git a/cyrus-sasl-2.1.23-ac-quote.patch b/cyrus-sasl-2.1.23-ac-quote.patch deleted file mode 100644 index 9d7dc61..0000000 --- a/cyrus-sasl-2.1.23-ac-quote.patch +++ /dev/null @@ -1,33 +0,0 @@ -2010-02-17 Stepan Kasal - - * cmulocal/bsd_sockets.m4: better quoting of macro params - ---- cyrus-sasl-2.1.23/cmulocal/bsd_sockets.m4 2005-04-26 21:14:07.000000000 +0200 -+++ cyrus-sasl-2.1.23/cmulocal/bsd_sockets.m4 2010-02-17 15:03:34.000000000 +0100 -@@ -10,14 +10,14 @@ - save_LIBS="$LIBS" - LIB_SOCKET="" - AC_CHECK_FUNC(connect, :, -- AC_CHECK_LIB(nsl, gethostbyname, -+ [AC_CHECK_LIB(nsl, gethostbyname, - LIB_SOCKET="-lnsl $LIB_SOCKET") - AC_CHECK_LIB(socket, connect, -- LIB_SOCKET="-lsocket $LIB_SOCKET") -+ LIB_SOCKET="-lsocket $LIB_SOCKET")] - ) - LIBS="$LIB_SOCKET $save_LIBS" - AC_CHECK_FUNC(res_search, :, -- LIBS="-lresolv $LIB_SOCKET $save_LIBS" -+ [LIBS="-lresolv $LIB_SOCKET $save_LIBS" - AC_TRY_LINK([[ - #include - #include -@@ -31,7 +31,7 @@ - res_search( host, C_IN, T_MX, (u_char *)&ans, sizeof(ans)); - return 0; - ]], LIB_SOCKET="-lresolv $LIB_SOCKET") -- ) -+ ]) - LIBS="$LIB_SOCKET $save_LIBS" - AC_CHECK_FUNCS(dn_expand dns_lookup) - LIBS="$save_LIBS" diff --git a/cyrus-sasl-2.1.23-ntlm.patch b/cyrus-sasl-2.1.23-ntlm.patch deleted file mode 100644 index 44eb17d..0000000 --- a/cyrus-sasl-2.1.23-ntlm.patch +++ /dev/null @@ -1,12 +0,0 @@ -diff -up cyrus-sasl-2.1.23/plugins/ntlm.c.ntlm cyrus-sasl-2.1.23/plugins/ntlm.c ---- cyrus-sasl-2.1.23/plugins/ntlm.c.ntlm 2011-05-25 04:07:22.923341599 +0200 -+++ cyrus-sasl-2.1.23/plugins/ntlm.c 2011-05-25 04:08:02.648341353 +0200 -@@ -1572,7 +1572,7 @@ static int ntlm_server_mech_step2(server - sparams->utils->log(NULL, SASL_LOG_DEBUG, - "calculating NTv2 response"); - V2(resp, password, authid, domain, text->nonce, -- lm_resp + MD5_DIGEST_LENGTH, nt_resp_len - MD5_DIGEST_LENGTH, -+ nt_resp + MD5_DIGEST_LENGTH, nt_resp_len - MD5_DIGEST_LENGTH, - sparams->utils, &text->out_buf, &text->out_buf_len, - &result); - diff --git a/cyrus-sasl-2.1.23-relro.patch b/cyrus-sasl-2.1.23-relro.patch deleted file mode 100644 index 411e930..0000000 --- a/cyrus-sasl-2.1.23-relro.patch +++ /dev/null @@ -1,25 +0,0 @@ -diff -up cyrus-sasl-2.1.23/lib/Makefile.am.relro cyrus-sasl-2.1.23/lib/Makefile.am ---- cyrus-sasl-2.1.23/lib/Makefile.am.relro 2009-04-28 17:09:15.000000000 +0200 -+++ cyrus-sasl-2.1.23/lib/Makefile.am 2011-08-10 03:53:47.994891976 +0200 -@@ -60,7 +60,7 @@ LIB_DOOR= @LIB_DOOR@ - lib_LTLIBRARIES = libsasl2.la - - libsasl2_la_SOURCES = $(common_sources) $(common_headers) --libsasl2_la_LDFLAGS = -version-info $(sasl_version) -+libsasl2_la_LDFLAGS = -Wl,-z,relro -version-info $(sasl_version) - libsasl2_la_DEPENDENCIES = $(LTLIBOBJS) - libsasl2_la_LIBADD = $(LTLIBOBJS) $(SASL_DL_LIB) $(LIB_SOCKET) $(LIB_DOOR) - -diff -up cyrus-sasl-2.1.23/plugins/Makefile.am.relro cyrus-sasl-2.1.23/plugins/Makefile.am ---- cyrus-sasl-2.1.23/plugins/Makefile.am.relro 2011-08-10 04:01:39.725891950 +0200 -+++ cyrus-sasl-2.1.23/plugins/Makefile.am 2011-08-10 04:02:47.674892053 +0200 -@@ -62,7 +62,7 @@ ldapdb_version = 2:23:0 - srp_version = 2:23:0 - - INCLUDES=-I$(top_srcdir)/include -I$(top_srcdir)/lib -I$(top_srcdir)/sasldb -I$(top_builddir)/include --AM_LDFLAGS = -module -export-dynamic -rpath $(plugindir) -+AM_LDFLAGS = -Wl,-z,relro -module -export-dynamic -rpath $(plugindir) - - COMPAT_OBJS = @LTGETADDRINFOOBJS@ @LTGETNAMEINFOOBJS@ @LTSNPRINTFOBJS@ - -diff -up cyrus-sasl-2.1.23/sasldb/Makefile.am.relro cyrus-sasl-2.1.23/sasldb/Makefile.am diff --git a/cyrus-sasl-2.1.25-no_rpath.patch b/cyrus-sasl-2.1.25-no_rpath.patch new file mode 100644 index 0000000..33ed15d --- /dev/null +++ b/cyrus-sasl-2.1.25-no_rpath.patch @@ -0,0 +1,20 @@ +diff -up cyrus-sasl-2.1.25/cmulocal/cyrus.m4.no_rpath cyrus-sasl-2.1.25/cmulocal/cyrus.m4 +--- cyrus-sasl-2.1.25/cmulocal/cyrus.m4.no_rpath 2010-01-22 16:12:01.000000000 +0100 ++++ cyrus-sasl-2.1.25/cmulocal/cyrus.m4 2012-12-06 14:59:47.956102057 +0100 +@@ -32,14 +32,5 @@ AC_DEFUN([CMU_ADD_LIBPATH_TO], [ + dnl runpath initialization + AC_DEFUN([CMU_GUESS_RUNPATH_SWITCH], [ + # CMU GUESS RUNPATH SWITCH +- AC_CACHE_CHECK(for runpath switch, andrew_cv_runpath_switch, [ +- # first, try -R +- SAVE_LDFLAGS="${LDFLAGS}" +- LDFLAGS="-R /usr/lib" +- AC_TRY_LINK([],[],[andrew_cv_runpath_switch="-R"], [ +- LDFLAGS="-Wl,-rpath,/usr/lib" +- AC_TRY_LINK([],[],[andrew_cv_runpath_switch="-Wl,-rpath,"], +- [andrew_cv_runpath_switch="none"]) +- ]) +- LDFLAGS="${SAVE_LDFLAGS}" +- ])]) ++ andrew_runpath_switch="none" ++ ]) diff --git a/cyrus-sasl-2.1.23-release-server_creds.patch b/cyrus-sasl-2.1.25-release-server_creds.patch similarity index 53% rename from cyrus-sasl-2.1.23-release-server_creds.patch rename to cyrus-sasl-2.1.25-release-server_creds.patch index 0850725..644c0bf 100644 --- a/cyrus-sasl-2.1.23-release-server_creds.patch +++ b/cyrus-sasl-2.1.25-release-server_creds.patch @@ -1,8 +1,9 @@ ---- cyrus-sasl/plugins/gssapi.c -+++ cyrus-sasl/plugins/gssapi.c -@@ -782,6 +782,11 @@ gssapi_server_mech_step(void *conn_conte +diff -up cyrus-sasl-2.1.25/plugins/gssapi.c.release-server_creds cyrus-sasl-2.1.25/plugins/gssapi.c +--- cyrus-sasl-2.1.25/plugins/gssapi.c.release-server_creds 2012-12-07 12:57:14.000000000 +0100 ++++ cyrus-sasl-2.1.25/plugins/gssapi.c 2012-12-07 12:58:11.122533870 +0100 +@@ -829,6 +829,11 @@ gssapi_server_mech_step(void *conn_conte } - + if (maj_stat == GSS_S_COMPLETE) { + /* Release server creds which are no longer needed */ + if ( text->server_creds != GSS_C_NO_CREDENTIAL) { @@ -11,4 +12,4 @@ + } /* Switch to ssf negotiation */ text->state = SASL_GSSAPI_STATE_SSFCAP; - } + diff --git a/cyrus-sasl-2.1.25-relro.patch b/cyrus-sasl-2.1.25-relro.patch new file mode 100644 index 0000000..0a305f1 --- /dev/null +++ b/cyrus-sasl-2.1.25-relro.patch @@ -0,0 +1,24 @@ +diff -up cyrus-sasl-2.1.25/lib/Makefile.am.relro cyrus-sasl-2.1.25/lib/Makefile.am +--- cyrus-sasl-2.1.25/lib/Makefile.am.relro 2011-09-05 16:18:10.000000000 +0200 ++++ cyrus-sasl-2.1.25/lib/Makefile.am 2012-12-07 12:49:13.693026807 +0100 +@@ -62,7 +62,7 @@ LIB_DOOR= @LIB_DOOR@ + lib_LTLIBRARIES = libsasl2.la + + libsasl2_la_SOURCES = $(common_sources) $(common_headers) +-libsasl2_la_LDFLAGS = -version-info $(sasl_version) ++libsasl2_la_LDFLAGS = -Wl,-z,relro -version-info $(sasl_version) + libsasl2_la_DEPENDENCIES = $(LTLIBOBJS) + libsasl2_la_LIBADD = $(LTLIBOBJS) $(SASL_DL_LIB) $(LIB_SOCKET) $(LIB_DOOR) + +diff -up cyrus-sasl-2.1.25/plugins/Makefile.am.relro cyrus-sasl-2.1.25/plugins/Makefile.am +--- cyrus-sasl-2.1.25/plugins/Makefile.am.relro 2011-09-05 16:18:10.000000000 +0200 ++++ cyrus-sasl-2.1.25/plugins/Makefile.am 2012-12-07 12:56:16.916231903 +0100 +@@ -49,7 +49,7 @@ + plugin_version = 2:25:0 + + INCLUDES=-I$(top_srcdir)/include -I$(top_srcdir)/lib -I$(top_srcdir)/sasldb -I$(top_builddir)/include +-AM_LDFLAGS = -module -export-dynamic -rpath $(plugindir) -version-info $(plugin_version) ++AM_LDFLAGS = -Wl,-z,relro -module -export-dynamic -rpath $(plugindir) -version-info $(plugin_version) + + COMPAT_OBJS = @LTGETADDRINFOOBJS@ @LTGETNAMEINFOOBJS@ @LTSNPRINTFOBJS@ + diff --git a/cyrus-sasl-2.1.25-warnings.patch b/cyrus-sasl-2.1.25-warnings.patch new file mode 100644 index 0000000..a6fc4ee --- /dev/null +++ b/cyrus-sasl-2.1.25-warnings.patch @@ -0,0 +1,62 @@ +diff -up cyrus-sasl-2.1.25/lib/server.c.warnings cyrus-sasl-2.1.25/lib/server.c +--- cyrus-sasl-2.1.25/lib/server.c.warnings 2011-09-02 14:58:01.000000000 +0200 ++++ cyrus-sasl-2.1.25/lib/server.c 2012-12-06 16:21:07.705102996 +0100 +@@ -646,7 +646,7 @@ static int load_config(const sasl_callba + goto done; + } + +- snprintf(config_filename, len, "%.*s%c%s.conf", path_len, path_to_config, ++ snprintf(config_filename, len, "%.*s%c%s.conf", (int)path_len, path_to_config, + HIER_DELIMITER, global_callbacks.appname); + + /* Ask the application if it's safe to use this file */ +diff -up cyrus-sasl-2.1.25/plugins/gssapi.c.warnings cyrus-sasl-2.1.25/plugins/gssapi.c +--- cyrus-sasl-2.1.25/plugins/gssapi.c.warnings 2011-05-11 21:25:55.000000000 +0200 ++++ cyrus-sasl-2.1.25/plugins/gssapi.c 2012-12-06 16:24:30.223307272 +0100 +@@ -196,7 +196,8 @@ sasl_gss_seterror_(const sasl_utils_t *u + OM_uint32 msg_ctx; + int ret; + char *out = NULL; +- size_t len, curlen = 0; ++ size_t len; ++ unsigned curlen = 0; + const char prefix[] = "GSSAPI Error: "; + + if (!utils) return SASL_OK; +diff -up cyrus-sasl-2.1.25/plugins/ldapdb.c.warnings cyrus-sasl-2.1.25/plugins/ldapdb.c +--- cyrus-sasl-2.1.25/plugins/ldapdb.c.warnings 2011-05-11 21:25:55.000000000 +0200 ++++ cyrus-sasl-2.1.25/plugins/ldapdb.c 2012-12-06 16:21:07.706102988 +0100 +@@ -22,6 +22,7 @@ + + #include "plugin_common.h" + ++#define LDAP_DEPRECATED 1 + #include + + static char ldapdb[] = "ldapdb"; +diff -up cyrus-sasl-2.1.25/saslauthd/auth_httpform.c.warnings cyrus-sasl-2.1.25/saslauthd/auth_httpform.c +--- cyrus-sasl-2.1.25/saslauthd/auth_httpform.c.warnings 2006-04-20 16:30:14.000000000 +0200 ++++ cyrus-sasl-2.1.25/saslauthd/auth_httpform.c 2012-12-06 16:21:10.520091567 +0100 +@@ -552,7 +552,7 @@ auth_httpform ( + "Content-Type: application/x-www-form-urlencoded" CRLF + "Content-Length: %d" TWO_CRLF + "%s", +- r_uri, r_host, r_port, strlen(escreq), escreq); ++ r_uri, r_host, r_port, (int)strlen(escreq), escreq); + + if (flags & VERBOSE) { + syslog(LOG_DEBUG, "auth_httpform: sending %s %s %s", +diff -up cyrus-sasl-2.1.25/saslauthd/auth_shadow.c.warnings cyrus-sasl-2.1.25/saslauthd/auth_shadow.c +--- cyrus-sasl-2.1.25/saslauthd/auth_shadow.c.warnings 2009-12-03 20:07:03.000000000 +0100 ++++ cyrus-sasl-2.1.25/saslauthd/auth_shadow.c 2012-12-06 16:21:10.521091564 +0100 +@@ -68,6 +68,10 @@ + # include + # endif /* ! HAVE_GETUSERPW */ + ++# ifdef HAVE_CRYPT_H ++# include ++# endif ++ + # include "auth_shadow.h" + # include "globals.h" + /* END PUBLIC DEPENDENCIES */ diff --git a/cyrus-sasl.spec b/cyrus-sasl.spec index 6b05b4d..d4eac04 100644 --- a/cyrus-sasl.spec +++ b/cyrus-sasl.spec @@ -7,8 +7,8 @@ Summary: The Cyrus SASL library Name: cyrus-sasl -Version: 2.1.23 -Release: 36%{?dist} +Version: 2.1.25 +Release: 1%{?dist} License: BSD with advertising Group: System Environment/Libraries # Source0 originally comes from ftp://ftp.andrew.cmu.edu/pub/cyrus-mail/; @@ -24,31 +24,24 @@ Source10: make-no-dlcompatorsrp-tarball.sh Source11: saslauthd.tmpfiles URL: http://asg.web.cmu.edu/sasl/sasl-library.html Requires: %{name}-lib = %{version}-%{release} -Patch11: cyrus-sasl-2.1.18-no_rpath.patch +Patch11: cyrus-sasl-2.1.25-no_rpath.patch Patch15: cyrus-sasl-2.1.20-saslauthd.conf-path.patch Patch23: cyrus-sasl-2.1.23-man.patch Patch24: cyrus-sasl-2.1.21-sizes.patch -Patch25: cyrus-sasl-2.1.22-typo.patch -Patch26: cyrus-sasl-2.1.22-digest-commas.patch Patch27: cyrus-sasl-2.1.22-automake-1.10.patch Patch28: cyrus-sasl-2.1.21-keytab.patch -Patch30: cyrus-sasl-2.1.22-rimap.patch Patch31: cyrus-sasl-2.1.22-kerberos4.patch -Patch32: cyrus-sasl-2.1.22-warnings.patch -Patch33: cyrus-sasl-2.1.22-current-db.patch +Patch32: cyrus-sasl-2.1.25-warnings.patch Patch34: cyrus-sasl-2.1.22-ldap-timeout.patch -Patch35: cyrus-sasl-2.1.22-bad-elif.patch -Patch36: cyrus-sasl-2.1.23-ac-quote.patch Patch37: cyrus-sasl-2.1.23-race.patch # removed due to #759334 #Patch38: cyrus-sasl-2.1.23-pam_rhosts.patch -Patch39: cyrus-sasl-2.1.23-ntlm.patch Patch40: cyrus-sasl-2.1.23-rimap2.patch Patch41: cyrus-sasl-2.1.23-db5.patch -Patch42: cyrus-sasl-2.1.23-relro.patch +Patch42: cyrus-sasl-2.1.25-relro.patch # https://bugzilla.redhat.com/show_bug.cgi?id=816250 Patch43: cyrus-sasl-2.1.23-null-crypt.patch -Patch44: cyrus-sasl-2.1.23-release-server_creds.patch +Patch44: cyrus-sasl-2.1.25-release-server_creds.patch Buildroot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) BuildRequires: autoconf, automake, libtool, gdbm-devel, groff @@ -148,6 +141,24 @@ The %{name}-ldap package contains the Cyrus SASL plugin which supports using a directory server, accessed using LDAP, for storing shared secrets. %endif +%package scram +Requires: %{name}-lib = %{version}-%{release} +Group: System Environment/Libraries +Summary: SCRAM auxprop support for Cyrus SASL + +%description scram +The %{name}-scram package contains the Cyrus SASL plugin which supports +the SCRAM authentication scheme. + +%package gs2 +Requires: %{name}-lib = %{version}-%{release} +Group: System Environment/Libraries +Summary: GS2 support for Cyrus SASL + +%description gs2 +The %{name}-gs2 package contains the Cyrus SASL plugin which supports +the GS2 authentication scheme. + %package sysvinit Summary: The SysV initscript to manage the cyrus SASL authd. Group: System Environment/Daemons @@ -168,20 +179,10 @@ chmod -x include/*.h %patch15 -p1 -b .path %patch23 -p1 -b .man %patch24 -p1 -b .sizes -%patch25 -p1 -b .typo -%patch26 -p2 -b .digest-commas -%patch27 -p1 -b .automake-1.10 -%patch28 -p1 -b .keytab -%patch30 -p1 -b .rimap %patch31 -p1 -b .krb4 %patch32 -p1 -b .warnings -%patch33 -p1 -b .current-db %patch34 -p1 -b .ldap-timeout -%patch35 -p1 -b .elif -%patch36 -p1 -b .ac-quote %patch37 -p1 -b .race -#%patch38 -p1 -b .pam_rhosts -%patch39 -p1 -b .ntlm %patch40 -p1 -b .rimap2 %patch41 -p1 -b .db5 %patch42 -p1 -b .relro @@ -419,6 +420,14 @@ getent passwd %{username} >/dev/null || useradd -r -g %{username} -d %{homedir} %defattr(-,root,root) %{_plugindir2}/*gssapi*.so* +%files scram +%defattr(-,root,root) +%{_plugindir2}/libscram.so* + +%files gs2 +%defattr(-,root,root) +%{_plugindir2}/libgs2.so* + %files devel %defattr(-,root,root) %doc doc/*.txt @@ -433,6 +442,10 @@ getent passwd %{username} >/dev/null || useradd -r -g %{username} -d %{homedir} /etc/rc.d/init.d/saslauthd %changelog +* Fri Dec 07 2012 Petr Lautrbach 2.1.25-1 +- update to 2.1.25 +- add cyrus-sasl-scram and cyrus-sasl-gs2 packages + * Fri Sep 14 2012 Petr Lautrbach 2.1.23-36 - replace scriptlets with systemd macros (#856666)